LogonExpert version 8.1 suffers from an unquoted service path vulnerability.
f08c0a77cdca67f408b05cf2052a9172427f1ecd882be35ff2a62d6bbdabc3c3Backdoor.Win32.Agent.xs malware suffers from an insecure permissions vulnerability.
15c0df978a9ec7ad4ee5ab6c6a5d46c2e26fa275e8269ea57ac50b588acdb928SpotAuditor version 5.3.5 suffers from a denial of service vulnerability.
c1db34fcde5b42d1a5f0db9d815978cdb0280e3ec1043e268e97237f5a4313dbZeek is a powerful network analysis framework that is much different from the typical IDS you may know. While focusing on network security monitoring, Zeek provides a comprehensive platform for more general network traffic analysis as well. Well grounded in more than 15 years of research, Zeek has successfully bridged the traditional gap between academia and operations since its inception. Today, it is relied upon operationally in particular by many scientific environments for securing their cyber-infrastructure. Zeek's user community includes major universities, research labs, supercomputing centers, and open-science communities. This is the source code release.
d5a984d383c0cc337e18d3d65b969e8566ab8a6fc38e9c6d39ba4a101027be85This Metasploit module uses job functionality in the Apache Flink dashboard web interface to upload and execute a JAR file, leading to remote execution of arbitrary Java code as the web server user. This module has been tested successfully on Apache Flink versions: 1.9.3 on Ubuntu 18.04.4; 1.11.2 on Ubuntu 18.04.4; 1.9.3 on Windows 10; and 1.11.2 on Windows 10.
c4af5d4222df2b897758547790bace5a4fc29668737046e86bcb9bdee4ee6038The Canadian Internet Registration Authority (CIRA) Canadian Shield iOS application versions 4.0.12 and below do not validate the SSL certificate it receives when connecting to the application server.
45101c457e72359c021a13cf5308d10f34eba950e27a433202de650671c113b1Ubuntu Security Notice 4467-3 - USN-4467-1 fixed vulnerabilities in QEMU. The fix for CVE-2020-13754 introduced a regression in certain environments. This update fixes the problem. Ren Ding, Hanqing Zhao, Alexander Bulekov, and Anatoly Trosinenko discovered that the QEMU incorrectly handled certain msi-x mmio operations. An attacker inside a guest could possibly use this issue to cause QEMU to crash, resulting in a denial of service. Various other issues were also addressed.
0af9f05cea9149bfe3ca52b755be60ad5124e2d45b7d3706d47f59dfa1ef633cBatflat CMS version 1.3.6 suffers from multiple persistent cross site scripting vulnerabilities.
d607d6b6b12d1abb1b361fd3bd0fbdfd9cf588f5663e8b1bee73a35f5ad78e5cHFS (HTTP File Server) version 2.3.x remote code execution exploit.
d5259779819e2ec48d535d544c03503c184fbc5382e90d8a57b7ba07265969f1Monica version 2.19.1 suffers from a cross site scripting vulnerability.
9a749153f4cd4394f9758c02f0debd7df8c4212f83fd0ccbdfa4aa5fef9a7378eChat version 1.0 suffers from a remote SQL injection vulnerability.
ae150e4fcab44e39b6a08ed633d7b544d1982a81eea8cc0645401ff70b803c5bProduct Key Explorer version 4.2.7 suffers from a denial of service vulnerability.
44d3470f58a697d73857e77298e36651d116ac93496ef4851d39debbcd34fe99240 bytes small Windows/x86 add user Alfred to administrators/remote desktop users group shellcode.
87baea02c93852f7ff91efddf99dce46312ecdece68e0c0d68050ac306f14f2dWhitepaper called Mobile Security and Penetration Testing. Written in Turkish.
56bcdaf3cd7bc5cd83f8a5559d8985f7fe6e7e70d6985f586acb76d64834d173
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed