This Metasploit module exploits a command injection vulnerability in MajorDoMo versions before 0662e5e.
a64c3d5f624bfad203f1e2566417514a7d618f792becc950fdc3d537aaa74a64
This Metasploit module chains an authentication bypass vulnerability and a command injection vulnerability to exploit vulnerable instances of either Ivanti Connect Secure or Ivanti Policy Secure, to achieve unauthenticated remote code execution. All currently supported versions 9.x and 22.x prior to the vendor mitigation are vulnerable. It is unknown if unsupported versions 8.x and below are also vulnerable.
235751e74f9357d3f5aa7ff467bad9f4d651f9abdd57e2b7b20c332ee6e579fa
PacketFence is a network access control (NAC) system. It is actively maintained and has been deployed in numerous large-scale institutions. It can be used to effectively secure networks, from small to very large heterogeneous networks. PacketFence provides NAC-oriented features such as registration of new network devices, detection of abnormal network activities including from remote snort sensors, isolation of problematic devices, remediation through a captive portal, and registration-based and scheduled vulnerability scans.
a94047116abd15e4d8424e3d8efb27871ba3c8e9f0d4426d64137bef92318a8d
Gentoo Linux Security Advisory 202401-26 - Multiple vulnerabilities have been found in Apache XML-RPC, the worst of which could result in arbitrary code execution. Versions less than or equal to 3.1.3 are affected.
e5a4b01ce01a0da4be625d294152099c16e3fe042a0e485ff40acb81e736e82a
Ubuntu Security Notice 6587-2 - USN-6587-1 fixed several vulnerabilities in X.Org. This update provides the corresponding update for Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. Jan-Niklas Sohn discovered that the X.Org X Server incorrectly handled memory when processing the DeviceFocusEvent and ProcXIQueryPointer APIs. An attacker could possibly use this issue to cause the X Server to crash, obtain sensitive information, or execute arbitrary code.
a2f2ac645eb8776253c7cf930c98b38768999c8680aec52b641d1aada93ccae6
Ubuntu Security Notice 6591-1 - Timo Longin discovered that Postfix incorrectly handled certain email line endings. A remote attacker could possibly use this issue to bypass an email authentication mechanism, allowing domain spoofing and potential spamming. Please note that certain configuration changes are required to address this issue. They are not enabled by default for backward compatibility.
cd5cc57d32efc49d552e07491f59c17b34bb117d5119591cdbe4d6acf87220b6
EzServer version 6.4.017 remote denial of service exploit.
40ce8670718260143aeca22be1ac711053e5e38099e4a63a2f3ae0d2e32e8784
xbtitFM versions 4.1.18 and below suffer from remote shell upload, remote SQL injection, and path traversal vulnerabilities.
ef1507c81f76ecec6734de5bc13c14f9dd0d27fd26b16cae52e43d8b56f7e84b
Golden FTP Server version 2.02b remote denial of service exploit.
db9661030d63a67fedd89939619feabe045fe616d1085e8aebb060bf84a876d1
In Traceroute versions 2.0.12 through to 2.1.2, the wrapper scripts mishandle shell metacharacters, which can lead to privilege escalation if the wrapper scripts are executed via sudo. The affected wrapper scripts include tcptraceroute, tracepath, traceproto, and traceroute-nanog. Version 2.1.3 addresses this issue.
eee3332e9c084609d76f6804cef55683b3ac0269232445ffe0616c2e821e1a45
TrojanSpy Win32 Nivdort malware suffers from an insecure permissions vulnerability.
07b40fbb6021397864a451ae058f9ce4a25bc6a349ce285a033ab5429f0d1070
ProSysInfo TFTP Server TFTPDWIN version 0.4.2 remote denial of service exploit.
66e786abe148913defa36dbcbc0f63c2c1443710ace4366f5ef9f1c49191452c
Red Hat Security Advisory 2024-0310-03 - An update for openssl is now available for Red Hat Enterprise Linux 9.
d0396378dbfbc86737348e88da6a5be9ca8812adb6f269f14e35deccf3f3cee5
Red Hat Security Advisory 2024-0273-03 - Red Hat OpenShift Virtualization release 4.12.9 is now available with updates to packages and images that fix several bugs and add enhancements.
7d6dc48a300a56764286234cc29b8a38012a8f5f7ce3342fa362205027d419fe
Red Hat Security Advisory 2024-0271-03 - There is a moderate update for the the Logging Subsystem 5.8.2. Red Hat OpenShift security update.
c46cb48839bc4c6e2164b921ecb268f81706c37c46db59aa937e72ac6858f6c8
Red Hat OpenShift security update. Issues addressed include a file disclosure vulnerability.
ee60938615c80cda4549885ca7b9234cdff737ddeef22c46e29e5b027a2f4ad5
Red Hat Security Advisory 2024-0204-03 - Red Hat OpenShift Container Platform release 4.14.9 is now available with updates to packages and images that fix several bugs and add enhancements. Issues addressed include a denial of service vulnerability.
13c452422b7d390cd40733ec7dd5ef03b1bcdc41397d15a90f041d64ae8f0ae5
Red Hat Security Advisory 2024-0198-03 - Red Hat OpenShift Container Platform release 4.12.47 is now available with updates to packages and images that fix several bugs and add enhancements.
a50f43d5a01136740b2ffd6b0cd23e289f41546ac9d11ca66a3284f5669554a5
Red Hat Security Advisory 2024-0193-03 - An update is now available for Red Hat OpenShift Container Platform 4.13.
7d73569ecbfbdf3744880535a156eae4437e33c9a0cb07c053342f205027bf56