ManageEngine Security Manager Plus versions 5.5 build 5505 remote SYSTEM/root SQL injection exploit that spawns a shell.
6d2a8bcbddb1c5a2fce72265db430d93c35c4e46841e736af9eb65ee5db7fa47ManageEngine Security Manager Plus versions 5.5 build 5505 and below suffer from a path traversal vulnerability.
fa2c630e11d919d9d1b121504583b9b23aae97d94b41855b33e036271a53318bThis Metasploit module exploits a SQL injection found in ManageEngine Security Manager Plus advanced search page. It will send a malicious SQL query to create a JSP file under the web root directory, and then let it download and execute our malicious executable under the context of SYSTEM. No authentication is necessary to exploit this.
e2984c80e9b18bcfe0bf36c7deb7a463e4967710e4784d8a20eb3c7da32c323bJoomla Commedia component version 3.1 suffers from a remote SQL injection vulnerability.
770a367b7480f324da5c7b2384c0f9976eb34880bfcc80a40d8be7b9a89c5974ccrypt is a command line utility for encrypting and decrypting files and streams. It was designed as a replacement for the standard Unix crypt utility, which is notorious for using a very weak encryption algorithm. ccrypt is based on the Rijndael cipher, which is the U.S. government's chosen candidate for the Advanced Encryption Standard (AES). This cipher is believed to provide very strong security. A compatibility mode is included for decrypting legacy "unix crypt" files.
87d66da2170facabf6f2fc073586ae2c7320d4689980cfca415c74688e499ba0Whitepaper called Before We Knew It - An Empirical Study of Zero-Day Attacks in the Real World. Little is known about the duration and prevalence of zero- day attacks, which exploit vulnerabilities that have not been disclosed publicly. Knowledge of new vulnerabilities gives cyber criminals a free pass to attack any target of their choosing, while remaining undetected. Unfortunately, these serious threats are difficult to analyze, because, in general, data is not available until after an attack is discovered. Moreover, zero-day attacks are rare events that are unlikely to be observed in honeypots or in lab experiments.
875340efc98130f5d6030b38d6b55785d579d8ed9efe58da591760856f6d59ceThis patch is for openssh-6.0p1 source which combines a known openssh backdoor and Sebastian Krahmer's openssh.reverse capabilities.
77795e61b1faaed272981f2e590710ad4ed211619c986900dce34613dd61bca5Joomla Freestyle Support component version 1.9.1.1447 suffers from a remote SQL injection vulnerability.
f435492e3f19abf07fe1c8d0509f446005f9930040bdd4c5203fed8c6a03ce2bJoomla Tag component suffers from a remote SQL injection vulnerability.
875f404515cc1703d07d6e1a0aa5738d22364d54f7524668ebfc08b3b5ea72e950 bytes small novelty Happy B-day HKM shellcode.
d3fd68cf8cf5f083dcba30cf495843ea1bdc136f3ec361aa1a4bb9fbd81c8bfaSecunia Security Advisory - Gentoo has issued an update for w3m. This fixes a vulnerability, which can be exploited by malicious people to conduct spoofing attacks.
b60444c1dab4f7af62548a47344ed8c133f5759649193409b2d8ee4a3f9b8bdfSecunia Security Advisory - Some vulnerabilities have been reported in IBM XIV Storage System, which can be exploited by malicious people to bypass certain security restrictions, disclose certain sensitive information, and cause a DoS (Denial of Service).
38ad0c5928d1dad33168ef8da12520ba831090989e4d65b9475fcae6c1d1309bSecunia Security Advisory - A vulnerability has been reported in IBM WebSphere Message Broker, which can be exploited by malicious users to bypass certain security restrictions.
f28fe121ded208c1903b18f60a7094678337a386fa0c07725ab47cad1228c4b2Secunia Security Advisory - SUSE has issued an update for hostapd. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service).
b4eee896d0e818672f5188e10ded950ce65f30bd542bdf7f3a5404504ce18e74Secunia Security Advisory - Ken Sager has reported a vulnerability in Campaign Enterprise, which can be exploited by malicious people to conduct SQL injection attacks.
5bce59f94c7eae4cd373d363c3f74f97bc2e4a5790bf93b55f6a57f4feb83812Secunia Security Advisory - A weakness has been reported in Django, which can be exploited by malicious people to disclose potentially sensitive information.
64c795c384636d194c3b020c0c3372accaf5660aacd1d6346d532f9fcd18c48bSecunia Security Advisory - SUSE has issued an update for bind. This fixes a vulnerability, which can be exploited by malicious people to cause a DoS (Denial of Service).
247ff2bfbb0e0a96cbced2620506ea6494bb85fde0f4b4fde1e696fcd22c6d64Secunia Security Advisory - Andrea Fabrizi has reported two vulnerabilities in Visual Tools VS, which can be exploited by malicious people to disclose sensitive information and potentially compromise a vulnerable system.
3f83fd4c5fdd95ef54dbbd33eaea33eae25800c61f6962aec0df61867218242aSecunia Security Advisory - A vulnerability has been reported in the Profile Albums plugin for MyBB, which can be exploited by malicious users to conduct SQL injection attacks.
6d8a0d53f6bd23bd4f3c8e04000fdd5a7918700015c19da4fb2d48ab72dbea5bSecunia Security Advisory - IBM has acknowledged multiple vulnerabilities in IBM DB2 Query Management Facility for Workstation, which can be exploited by malicious, local users to disclose potentially sensitive information, manipulate certain data, and cause a DoS (Denial of Service) and by malicious people to disclose potentially sensitive information, manipulate certain data, cause a DoS (Denial of Service), and compromise a vulnerable system.
97d27c91b240dc61a310ce0187c2c09ada0f1048689dab1e7ffe1b5bd641647bSecunia Security Advisory - Some vulnerabilities has been reported in gpEasy CMS, which can be exploited by malicious people to conduct cross-site scripting attacks.
285f65b4095e7c1b79d4c09baa7bec8a4c33bf2b22821eda387826310c315068Secunia Security Advisory - Ken Sager has discovered a vulnerability in Campaign Enterprise, which can be exploited by malicious people to disclose sensitive information.
22e3b9730869b2ff15887674f6f02ce45b58dd11c02e66dd34d8a5745bc8be2eSecunia Security Advisory - Multiple vulnerabilities have been reported in Oracle Database, which can be exploited by malicious, local users to manipulate certain data and cause a DoS (Denial of Service), by malicious users to disclose potentially sensitive information, manipulate certain data, and potentially compromise a vulnerable system, and by malicious people to disclose potentially sensitive information, manipulate certain data, and potentially compromise a vulnerable system.
ded331aaaed524a62cecfca52e4bf18ddc0a1c54c85669ac272f0ebe213e5beaSecunia Security Advisory - A vulnerability has been reported in Oracle VM VirtualBox, which can be exploited by malicious, local users to cause a Denial of Service (DoS).
9d13d457829f6e07ac37139fb0cc541c2208474aeda9445445f23738171a21a2Secunia Security Advisory - Two vulnerabilities have been reported in Oracle Outside In Technology, which can be exploited by malicious people to cause a DoS (Denial of Service).
4cb544459b28f88b61400ba9f9ff3555cced96eabdeac5421d91f7e15f4e2e85
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed