Tor is a network of virtual tunnels that allows people and groups to improve their privacy and security on the Internet. It also enables software developers to create new communication tools with built-in privacy features. It provides the foundation for a range of applications that allow organizations and individuals to share information over public networks without compromising their privacy. Individuals can use it to keep remote Websites from tracking them and their family members. They can also use it to connect to resources such as news sites or instant messaging services that are blocked by their local Internet service providers (ISPs).
ccc51747cbcbf98f658c34d5c693ff8a868698da0349d056e98287ef2e294d9fEMC Replication Manager allows a user to create scripts with unquoted element such as whitespace or other separators. This may allow local malicious users to access resources in a parent path and execute them. EMC Replication Manager versions prior to 5.5 are affected.
b948dc0ad5ffaaf7eb0f66688230f5dc850f3397c4b4081ed6c53a672c07ae19EMC Watch4Net stores passwords of devices polled during monitoring in clear text in Watch4Net installation repository. This could allow a malicious user with access to Watch4Net installation repository to view those passwords. EMC Watch4Net versions prior to 6.3 are affected.
dd223f7be190cfe700a37714a67484eaa394ab4b6e2dd082260c0c252209f106The WinAppDbg python module allows developers to quickly add Windows application debugging facilities to your Python scripts.
3ab478ea867b1109d65d3d8148d1cd5eb0f21ae6374036fec6fed7179a773ce4Hook Analyser is a hook tool which can be potentially helpful in reversing applications and analyzing malware. It can hook to an API in a process and search for a pattern in memory or dump the buffer.
60cd90856b59ffce547be69abf79b3ae7284db2920b97586609cbbea07708739Debian Linux Security Advisory 2827-1 - It was discovered that Apache Commons FileUpload, a package to make it easy to add robust, high-performance, file upload capability to servlets and web applications, incorrectly handled file names with NULL bytes in serialized instances. A remote attacker able to supply a serialized instance of the DiskFileItem class, which will be deserialized on a server, could use this flaw to write arbitrary content to any location on the server that is accessible to the user running the application server process.
b144c83429845a0742d8eec386e2ad9aa7daae1d23198f019d146d224192183aGentoo Linux Security Advisory 201312-15 - A vulnerability has been found in Tinyproxy, allows remote attackers to cause a Denial of Service condition. Versions less than 1.8.3-r3 are affected.
85e01c27ae6ec0be5839386a9a96c871dca2dac77124a868264c5fd63d9bae9eDewplayer version 2.2.2 suffers from cross site scripting and content spoofing vulnerabilities.
5a1f3f71d04579c9bfde14b30a8e91bf8855a69002dd690629da538ec4ef6754Fat Free CRM suffers from cross site request forgery, known session secret, and remote SQL injection vulnerabilities.
e36735d125c4d5e421f622b4448eb7831f1aded7c14c184b6ede1eee0bf01c06Android/ARM elf infector proof of concept ASM code.
e1f47e3bd06cf037a03e50006494b0019715653b42c24b8ac39715c24ae83f42This is a paper detailing the rcrypt packer. This packer makes use of timelock puzzles and anti-analysis methods to frustrate AV detection via sandboxes and reverse engineering.
ae703a2dec1c36e2768a99763fb1d003bad26b40c5330330b3c665e204bc66ebxBoard versions 5.0, 5.5, and 6.0 suffer from a local file inclusion vulnerability.
ea65a2314d43263c2ca2e1369ceedc90166a109931b14ab99de74043e36f9ae7booking.qatarairways.com suffers from a Struts vulnerability that allows for remote code execution. The authors have contacted Qatar but no one has responded nor fixed the issue. It is being published publicly to help convince them to remediate the issue.
b48a16f763565d8b3796254051c67ef4cb6a511edc1d30e0f634b8ccf3e6a90aWebPagetest version 2.7 suffers from a local file disclosure vulnerability.
57435b59f5fada7cf0b2b28770fccde94dfbd2552c0c550f09c2f9f521d61efaWordPress Recommend plugin suffers from a cross site scripting vulnerability. Note that these findings house site-specific data.
84b4c1e890f3ce3a47c8b869c6f834bc2675ceec8fe10b8a9976a8f6b0467086Zen-Cart version 1.5.1 suffers from a database backup disclosure vulnerability.
9061996cb9f8621ef614cb8cbdc9fe4527baec1b037503862ea03d28f3bad283
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed