File Management System version 1.1 suffers from a persistent cross site scripting vulnerability.
6760937171e4603abd1a973f62fc8ee3f1c10c5e71c1ca89263849fb9a6ed1a3o2 Business for Android version 1.2.0 suffers from an open redirection vulnerability.
ed073540b55db066df4e43d61452b19af671d57a6dad0ef1271c98600b232356Apple iOS version 13.5.1 suffers from an issue where it is possible to circumvent the copy and paste restriction from the company profile to the private profile. Thus, it is possible to extract attachments that can be previewed ("Quick Look") in the native Mail client to any private app.
2010fb70717eed823f1bf4f1c9f8436da1844b077ea4ef32867f8306a4680a29Froala WYSIWYG HTML Editor versions 3.0.6 through 3.1.1 suffer from a cross site scripting vulnerability.
bdfe7870a6bfb2049e8c75da603ea32348be1f41280ca90de30fc97cec47171dBolt CMS versions 3.7.0 and below suffer from cross site request forgery, cross site scripting, and remote shell upload vulnerabilities that when combined can achieve remote code execution in one click.
63f82ab2668cd76e8c576715141ddcdae04ec41e73b11fc6fb4a9139a2bf5851Ubuntu Security Notice 4413-1 - Matthew Sheets discovered that the SELinux network label handling implementation in the Linux kernel could be coerced into de-referencing a NULL pointer. A remote attacker could use this to cause a denial of service. It was discovered that the SCSI generic driver in the Linux kernel did not properly handle certain error conditions correctly. A local privileged attacker could use this to cause a denial of service. Various other issues were also addressed.
7a63d1c745b27c7f807d07be0abf46a26c852cbe525f46d1aa4f51136fa76590Ubuntu Security Notice 4412-1 - Matthew Sheets discovered that the SELinux network label handling implementation in the Linux kernel could be coerced into de-referencing a NULL pointer. A remote attacker could use this to cause a denial of service. It was discovered that the SCSI generic driver in the Linux kernel did not properly handle certain error conditions correctly. A local privileged attacker could use this to cause a denial of service. Various other issues were also addressed.
4ff2368c3d486b4136ca213bbadd144700d05b48e79abfc439bdeeb2dc463585Ubuntu Security Notice 4411-1 - It was discovered that the elf handling code in the Linux kernel did not initialize memory before using it in certain situations. A local attacker could use this to possibly expose sensitive information. Matthew Sheets discovered that the SELinux network label handling implementation in the Linux kernel could be coerced into de-referencing a NULL pointer. A remote attacker could use this to cause a denial of service. Various other issues were also addressed.
77e9c423b2b22128a3f4021165dc16f0f69900cc8b3347190e6b8901fb3fdedeUbuntu Security Notice 4414-1 - It was discovered that the network block device implementation in the Linux kernel did not properly check for error conditions in some situations. An attacker could possibly use this to cause a denial of service. It was discovered that the btrfs file system implementation in the Linux kernel did not properly validate file system metadata in some situations. An attacker could use this to construct a malicious btrfs image that, when mounted, could cause a denial of service. Various other issues were also addressed.
ec1a7baec52bd131ecb393a55700b5d470ac7a5dd70696941fbd4f55b47787c4Ubuntu Security Notice 4410-1 - A double-free bug was discovered in snmpd server. An authenticated user could potentially cause a DoS by sending a crafted request to the server.
7e00938f433fc52f65dc9d7418d27840ada4961e56649b55e96b5325913cf957OCS Inventory NG version 2.7 suffers from a remote code execution vulnerability.
8db0eac32fb7a342c1daddb40e1e0d0616bf7f0bbafcb81612ed17bfba8b9129ZenTao Pro version 8.8.2 suffers from a remote command injection vulnerability.
88047021ac7e39af78404eaf3bc03d029ca987e039a286560260a125bbf65e1f
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Subscribe to an RSS Feed