Gentoo Linux Security Advisory 202011-19 - Multiple vulnerabilities have been found in libexif, the worst of which could result in the arbitrary execution of code. Versions less than 0.6.22_p20201105 are affected.
e9115e86f8c2b55a551de5fdfa7e19beArtworks Gallery version 1.0 suffers from multiple remote shell upload vulnerabilities.
ca2142a5ef21aa8aad9aa7013aa18a0anfstream is a Python package providing fast, flexible, and expressive data structures designed to make working with online or offline network data both easy and intuitive. It aims to be the fundamental high-level building block for doing practical, real world network data analysis in Python. Additionally, it has the broader goal of becoming a common network data processing framework for researchers providing data reproducibility across experiments.
e2f2db0ae80d4acbe5231939ad8351ffGentoo Linux Security Advisory 202011-18 - Apache Ant uses various insecure temporary files possibly allowing local code execution. Versions less than 1.10.9 are affected.
7cc68dbbc5e2a4e57e20b6c2186249bbSugarCRM version 6.5.18 suffers from a persistent cross site scripting vulnerability.
d4135f7c969a3e1b816051050078c59dRed Hat Security Advisory 2020-5112-01 - PostgreSQL is an advanced object-relational database management system. Issues addressed include an improper authorization vulnerability.
043f24f5b3d021076d89524eb646a5a3Intel NUC suffers from a local privilege escalation vulnerability.
931800d146c2676dcfdd36f0e0f77374Red Hat Security Advisory 2020-5110-01 - PostgreSQL is an advanced object-relational database management system.
1ab7db1835d37097265c65bce19b8bbaWordPress plugin Buddypress version 6.2.0 suffers from a persistent cross site scripting vulnerability.
6b8cb19f133171f730bbae75605df594Red Hat Security Advisory 2020-5111-01 - The Advanced Virtualization module provides the user-space component for running virtual machines that use KVM in environments managed by Red Hat products. Issues addressed include a double free vulnerability.
5c568060399aebfb3404542e222175d2Froxlor version 0.10.16 suffers from persistent cross site scripting vulnerabilities.
33ee2671638c2daf11facd68c5fa36dbAIX version 5.3L /usr/sbin/lquerypv local root privilege escalation exploit.
404c3fced5ca1174299093282bd7c407Machosec is a script that checks the security of Mach-O 64-bit executables and application bundles for dyld injection vulnerabilities, LC_RPATH vulnerabilities leading to dyld injection, symlinks pointing to attacker controlled locations, writable by others vulnerabilities, missing stack canaries, disabled PIE (ASLR), and disabled FORTIFY_SOURCE (keeping insecure functions such as strcpy, memcpy etc.).
616de38eab130c2b3c305a77384bb705Kaa IoT Platform version 1.2.0 suffers from a persistent cross site scripting vulnerability.
1ae0a6ea18a6e6943b02bd64558f39a7Gentoo Linux Security Advisory 202011-17 - A vulnerability in MIT Kerberos 5 could lead to a Denial of Service condition. Versions less than 1.18.2-r2 are affected.
07ff40e5741943815cf2673c08be789bFuel CMS version 1.4 suffers from a remote code execution vulnerability.
f88a78cccfead351aa11b3cbeccf039cSugarCRM version 6.5.18 suffers from a persistent cross site scripting vulnerability.
174b1efde3e13dda0e63a200ae2c6980SIGE versions 3.4.1 and 3.5.3 Pro suffer from cross site scripting and remote file inclusion vulnerabilities.
288aba0ed822e5b2856245f6549208e1MailDepot version 2033 (2.3.3022) suffers from a cross site scripting vulnerability.
1fd4f4c962bf56df0c1ae99d3b9409e2Gentoo Linux Security Advisory 202011-16 - Multiple vulnerabilities have been found in Chromium and Google Chrome, the worst of which could result in the arbitrary execution of code. Versions less than 86.0.4240.198 are affected.
88909a154d197ea2f9d2b4b80f7bd676Cisco 7937G suffers from denial of service and privilege escalation vulnerabilities.
f210efc45d545be62045827b6fd91890Car Rental Management System version 1.0 suffers from a remote shell upload vulnerability.
c42840abea293ce3967f753e3dd1cc6aRED-V Super Digital Signage System RXV-A740R is vulnerable to a sensitive information disclosure vulnerability. An unauthenticated attacker can visit several endpoints and disclose the webserver's log file list containing sensitive system resources and debug log information running on the device.
e1d1ea37410444110d5c4be18ea30b60PMB version 5.6 suffers from a local file disclosure vulnerability.
431ff9b71930385b5b2560f2e379a207Car Rental Management System version 1.0 suffers from a remote SQL injection vulnerability. This version was already found to be susceptible to SQL injection by Fortunato Lodari in November of 2020.
defd2a54dc1a181b64dd2a0814b1a9ac
© 2020 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed