Horde Framework unserialize PHP code execution exploit ported from Metasploit.
04bad0cd117b528d51842d12d0392390ff0e881a1fefd2c2400c4065f7fcbcbeNagios Plugins versions 2.0.2 suffer from a race condition in check_dhcp.
34515f9830172588d1778328a6fadb3d5847b8aa2cf072dc6aece33dec8c2b8eFlussonic Media Server version 4.3.3 suffers from arbitrary file read and directory listing disclosure vulnerabilities.
323b1fc3337a1dd3bd64a5229229ef28f3d15ffc3c6d97910cf8661a9869059bThis module logs in to an Oracle GlassFish Server version 3.1 (Open Source or Commercial) instance using a default credential, uploads, and executes commands via deploying a malicious WAR.
6851a13991f49b0af3c5d0392bce666a0aa6af8ebe6ee9b821d2b10ab549425eWordPress Blogstand Smart Banner plugin version 1.0 suffers from a cross site scripting vulnerability.
cea022d55ffed5b68965595427bf03deda620745cdb218ae892f0b98c6916a58WordPress Easy Banners plugin version 1.4 suffers from a cross site scripting vulnerability.
028ce6555feac11a21c6a4c716b8bef856667894d5c2bd4171b89e010e8711c5WordPress Random Banner plugin version 1.1.2.1 suffers from a cross site scripting vulnerability.
e8a222f00b2cb3c827d697cdf2819d9c4faa1ca71c06198bca0754f355c5833dWordPress Custom Banners plugin version 1.2.2.2 suffers from a cross site scripting vulnerability.
c1385a981071b663fed344d722eddf7f5c270733c32e580c19f7c1ec13361380Wordpress Bannerman plugin version 0.2.4 suffers from a cross site scripting vulnerability.
bf0c15829a7d36b2a5e96affd7487c23503c5a385af93312ea99b95382b97dddopenSIS versions 4.5 through 5.3 suffer from a cross site request forgery vulnerability.
96832a560f3345db5869ead3d9a4399ba56b10f031249cff0743758a495d3da1openSIS versions 4.5 through 5.3 suffer from a remote SQL injection vulnerability.
8567a5a673df813aeb01e01a3d9699bcd77e17a5d47d74efa6189141886beb0cAll versions of Reportico prior to version 4.0 leak administrative credentials.
bd1450f20357956964a7bd5ecdd048add4ad38d1adb05a2e8bd7b0372ebd710aWordpress ml-slider plugin version 2.5 suffers from a cross site scripting vulnerability.
139a4937e131843a2e87109d4a988f4dbfef2b7b634e0ffe77c5a422ab9d0b2aWordpress wp-construction-mode plugin version 1.8 suffers from a cross site scripting vulnerability.
7f6290f0e295a7d51dfcfc01cc96547945dc28fd594a0d36af609195dfa4d121Suricata is a network intrusion detection and prevention engine developed by the Open Information Security Foundation and its supporting vendors. The engine is multi-threaded and has native IPv6 support. It's capable of loading existing Snort rules and signatures and supports the Barnyard and Barnyard2 tools.
09b24f75d2aed6e357578f44cf60eb8a08fc54e819aa84e768648ea4559cb539HP Security Bulletin HPSBMU03056 - Potential security vulnerabilities have been identified with HP Version Control Repository Manager (HP VCRM) running OpenSSL on Linux and Windows. The vulnerabilities could be exploited remotely to create a Denial of Service (DoS), execute code, allow unauthorized access, or disclose information. Revision 1 of this advisory.
b614877919ffd8acdaa97393db4294d3cac0f62dcd1d3c07cbb31e1f020b0139HP Security Bulletin HPSBMU03057 - Potential security vulnerabilities have been identified with HP Version Control Agent (HP VCA) running OpenSSL on Linux and Windows. The vulnerabilities could be exploited remotely to create a Denial of Service (DoS), execute code, allow unauthorized access, or disclose information. Revision 1 of this advisory.
d2900fe18279864e2d174ab252466414338a67aafa6110a5ff22a7ed7b064f41HP Security Bulletin HPSBMU03061 - A potential security vulnerability has been identified with HP Release Control. The vulnerability could be exploited remotely to allow disclosure of privileged information and elevation of privilege. Revision 1 of this advisory.
c70eb870381013491398bee0005e8a0260fd303241d869b858908d47530e5385Debian Linux Security Advisory 2969-1 - Bastian Blank reported a denial of service vulnerability in Email::Address, a Perl module for RFC 2822 address parsing and creation. Email::Address::parse used significant time on parsing empty quoted strings. A remote attacker able to supply specifically crafted input to an application using Email::Address for parsing, could use this flaw to mount a denial of service attack against the application.
a83f23287604c42c60b88d579639ae305d020bfe95bbe0985afe821df9d5acaaZeroCMS version 1.0 suffers from a cross site scripting vulnerability.
feb6f6569634fb81cbb6803d7135c6a39dc36b0b93cab1a91415bc1bedadc704The International Conference on Information Systems Security and Privacy (ICISSP) 2015 has announced its call for papers. It will take place in Loire Valley, France February 9th through the 11th, 2015.
8322efe361013b279e0f833cfde2680b2947455298e6bd5cf805ffc9527c91b8HP Security Bulletin HPSBMU03058 - A potential security vulnerability has been identified with HP BladeSystem c-Class Onboard Administrator (OA) running OpenSSL. This vulnerability could be exploited remotely to allow the disclosure of information. Revision 1 of this advisory.
5a8ab459e9c0801f07c313e0141eb38d3964109dce9b296244e7e197b23ecbc0Ubuntu Security Notice 2263-1 - Salva discovered an information leak in the Linux kernel's media- device driver. A local attacker could exploit this flaw to obtain sensitive information from kernel memory. A bounds check error was discovered in the socket filter subsystem of the Linux kernel. A local user could exploit this flaw to cause a denial of service (system crash) via crafted BPF instructions. A remainder calculation error was discovered in the socket filter subsystem of the Linux kernel. A local user could exploit this flaw to cause a denial of service (system crash) via crafted BPF instructions. Various other issues were also addressed.
c1756759393556e7f3f5ea6151c39cb7d4f78aee5b448f98be9b3580b90bbe19Ubuntu Security Notice 2262-1 - A bounds check error was discovered in the socket filter subsystem of the Linux kernel. A local user could exploit this flaw to cause a denial of service (system crash) via crafted BPF instructions. A remainder calculation error was discovered in the socket filter subsystem of the Linux kernel. A local user could exploit this flaw to cause a denial of service (system crash) via crafted BPF instructions.
e114f0a79df2dc184f86e4e1f8e322df6730085883dcbe31affbebb324233371Ubuntu Security Notice 2261-1 - Salva discovered an information leak in the Linux kernel's media- device driver. A local attacker could exploit this flaw to obtain sensitive information from kernel memory. A bounds check error was discovered in the socket filter subsystem of the Linux kernel. A local user could exploit this flaw to cause a denial of service (system crash) via crafted BPF instructions. A remainder calculation error was discovered in the socket filter subsystem of the Linux kernel. A local user could exploit this flaw to cause a denial of service (system crash) via crafted BPF instructions. Various other issues were also addressed.
05bf0bde4d4865f155ffc5c349bcbc021cacad831e176b70b78ef8aa1290dd14
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed