Wireshark is a GTK+-based network protocol analyzer that lets you capture and interactively browse the contents of network frames. The goal of the project is to create a commercial-quality analyzer for Unix and Win32 and to give Wireshark features that are missing from closed-source sniffers. This is the source code release.
67e4ebbd9153fc589fd67dc21b93176674c73adc3d5a43934c3ac69d8594a8aeThe Microsoft Windows Kernel Cryptography Driver (cng.sys) exposes a \Device\CNG device to user-mode programs and supports a variety of IOCTLs with non-trivial input structures. It constitutes a locally accessible attack surface that can be exploited for privilege escalation (such as sandbox escape).
dcd9bb74f157ccd45992a6aeffd77f590ad19684a1b4e9e165f72d39d919d700Simple College Website version 1.0 suffers from code execution and remote SQL injection vulnerabilities.
e376096cc757722a9a9b5bcf16b207b9a9f8c5a06614c2fffac7d004d52259f8Wondershare Dr.Fone version 3.0.0 suffers from an unquoted service path vulnerability.
26d7040b3fa2dbb8ced8f3b58bfb1ce674ab78449709550e871465d9e6e67d4fCitadel WebCit versions prior to 926 suffer from a session hijacking vulnerability.
98e86cf86cfca145e13b74edda9a1fa5f16f57a911984a2cb0932be7f86782f8Agent Tesla Botnet suffers from a cross site scripting vulnerability.
c170c4d163099300f40d75af8844855f539b42a13b5df9177ea5e5f8d09782f0DedeCMS version 5.8 suffers from a cross site scripting vulnerability.
e9495aef3d8a7055dd27be701c095038e70287427e269abcd76a29e03771c740CSE Bookstore version 1.0 suffers from a persistent cross site scripting vulnerability.
43b48eac38ffbd3edb385a455b2a2eb549a7ebfca5a7d897033f98bd7f828bf3Ubuntu Security Notice 4610-1 - It was discovered that fastd did not properly handle receive buffers under certain circumstances. A remote attacker could possibly use this issue to cause a memory leak, resulting in a denial of service.
7225f406912029ab5850aa49817a45def40c82882cd9a1c3d4b2da243bdd102cOracle WebLogic Server versions 10.3.6.0.0, 12.1.3.0.0, 12.2.1.3.0, 12.2.1.4.0, and 14.1.1.0.0 remote code execution exploit.
269998241a3473e130c36a33e8a41a91634ae92b38578c7c0fcfcf81171abc62Microsoft Edge suffers from information disclosure and remote code execution vulnerabilities. Affected builds include 85.0.564.83, 85.0.564.86, 85.0.564.70, 86.0.622.38, 86.0.622.43, 86.0.622.48, 86.0.622.51, and 86.0.622.56.
bb8cd2e39b9bd27d75181a59ceee00e3eec255d78eb18356de802e4d80798460Red Hat Security Advisory 2020-4401-01 - Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This asynchronous patch is a security update for Red Hat JBoss Enterprise Application Platform 7.3 for Red Hat Enterprise Linux 6, 7, and 8. Issues addressed include an XML injection vulnerability.
b7a02e45e46a228bef4652e4bb70313bcdbe4a054740dfa641d3a40949ec80f3Genexis Platinum-4410 version P4410-V2-1.28 suffers from a cross site request forgery vulnerability.
cd3794a1c45a5196d326376b26aa0d62abf73663d405a3b352ac105735b4a929Lot Reservation Management System version 1.0 suffers from a persistent cross site scripting vulnerability.
8fb8b5d6d2181fe1523827a17f4627a5c49aa055796b0e3e5ab5f3bc01aa3b1aLot Reservation Management System version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.
82d342e2bf7eda1f9e1546ed794e9b91d12e1025ccb9a63ba9876f781aa39c9eIcewarp WebMail version 11.4.5.0 suffers from a cross site scripting vulnerability.
bd4b225bf09ba2d23836eae6d0eef301010ef1a0c956eef8b47d2a92c566bc58Ubuntu Security Notice 4609-1 - Fabian Henneke discovered that GOsa incorrectly handled client cookies. An authenticated user could exploit this with a crafted cookie to perform file deletions in the context of the user account that runs the web server. It was discovered that GOsa incorrectly handled user access control. A remote attacker could use this issue to log into any account with a username containing the word "success". Various other issues were also addressed.
daa46d595ce73c679a0617cf76033ccd2ccb549456af6f754422eaa95cc0f686Mailman versions 1.x up through 2.1.23 suffer from a cross site scripting vulnerability.
3acd354767ea65719c08384106b042f59668c91d3587059546459b8bc4c33aa3Point of Sales version 1.0 suffers from a persistent cross site scripting vulnerability.
b1abcd5d7eb0894c7563e29ca9a278b410be32cd7afa181ae98954a8747fbcb7Red Hat Security Advisory 2020-4402-01 - Red Hat JBoss Enterprise Application Platform 7.3 is a platform for Java applications based on the WildFly application runtime. This asynchronous patch is a security update for Red Hat JBoss Enterprise Application Platform 7.3. Issues addressed include an XML injection vulnerability.
f8f28f5ec717284a1b7ad5d39c088e87cc54b36b3b01f6f0b0e3b6a38a22f0aaOnline Examination System version 1.0 suffers from a persistent cross site scripting vulnerability.
abf23d72c2354792e43130404aef9ac045c0c9a640bd817b3ac572f49386bb3cRed Hat Security Advisory 2020-4390-01 - Django is a high-level Python Web framework that encourages rapid development and a clean, pragmatic design. It focuses on automating as much as possible and adhering to the DRY principle. Issues addressed include denial of service, memory exhaustion, and remote SQL injection vulnerabilities.
4cebf7d44e31c240a760ae6facd694e9856c3d52ac9e2b2f51d8b4f4f0e24ad7Red Hat Security Advisory 2020-4391-01 - OpenStack Block Storage manages block storage mounting and the presentation of such mounted block storage to instances. The backend physical storage can consist of local disks, or Fiber Channel, iSCSI, and NFS mounts attached to Compute nodes.
fa5591d87819bf308f377e7976839eb0308369434f2c875830e243f4ee5ae53dUbuntu Security Notice 4552-3 - USN-4552-1 and USN-4552-2 fixed a vulnerability in Pam-python. The update introduced a regression which prevented PAM modules written in Python from importing python modules from site-specific directories. Malte Kraus discovered that Pam-python mishandled certain environment variables. A local attacker could potentially use this vulnerability to execute programs as root. Various other issues were also addressed.
51483cd9b602df9bae06a2d916daa0499320d343ef1be1b1afd3b143c509400aDebian Linux Security Advisory 4769-1 - Multiple vulnerabilities have been discovered in the Xen hypervisor, which could result in denial of service, guest-to-host privilege escalation or information leaks.
e6c5001c6e839fbf6f78b7b8d62d2d143bd2b61990509f9e7883301ff985de3e
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Subscribe to an RSS Feed