pgpdump version 0.29 suffers from an endless loop parsing issue that can lead to a denial of service.
ca2cebf5bbc203a10cddb4380a1efb60238193332dfe72831f57c0aef4db21f2G-Data security products suffer from a DLL hijacking vulnerability.
29c328336f7c955d9cb79a397d3a0fdbdb4936d0cfcc3774ef65a1fcb51f5029TH692 Outdoor P2P HD waterproof IP camera version 16.1.16.1.1.4 has hard-coded static credentials.
141e6fc8fa6f27193da146b37b4fad682409c18fe27a6bf277802c640bf96ffcmodified eCommerce version 2.0.0.0 revision 9678 suffers from a remote blind SQL injection vulnerability.
898d196aa6856b4b29222a4cf125a7129f1b35d9d6a0fabeb0d692ba81d58813WordPress Kento Post View Counter plugin version 2.8 suffers from cross site request forgery and cross site scripting vulnerabilities.
c6f47f562012073725028c93b65d759d102f93f5ecb06b28f3e4ff0ba57bc4d0WordPress leenk.me plugin version 2.5.0 suffers from cross site request forgery and cross site scripting vulnerabilities.
eca102ef78770490471423f7dd6c4747ffdabb9b064c2ad32f5dd476ec500b4cThis Metasploit module exploits an authenticated arbitrary file upload via directory traversal to execute code on the target. It has been tested on versions 6.5 and 7.1.0, in Windows and Linux installations of Novell ServiceDesk, as well as the Virtual Appliance provided by Novell.
afb4d4be28fcad92ea6a38d635b3b06845a31d2df0ef58120226aa7d288d0c15Ubuntu Security Notice 2950-1 - Jouni Knuutinen discovered that Samba contained multiple flaws in the DCE/RPC implementation. A remote attacker could use this issue to perform a denial of service, downgrade secure connections by performing a man in the middle attack, or possibly execute arbitrary code. Stefan Metzmacher discovered that Samba contained multiple flaws in the NTLMSSP authentication implementation. A remote attacker could use this issue to downgrade connections to plain text by performing a man in the middle attack. Various other issues were also addressed.
7e7ea9fcd4b1fd06b83c16d90cf9d03bcaa1f0afa52f3c19687b2dd2577594b2Ubuntu Security Notice 2951-1 - Gustavo Grieco discovered that OptiPNG incorrectly handled memory. A remote attacker could use this issue with a specially crafted image file to cause OptiPNG to crash, resulting in a denial of service. Gustavo Grieco discovered that OptiPNG incorrectly handled memory. A remote attacker could use this issue with a specially crafted image file to cause OptiPNG to crash, resulting in a denial of service. Hans Jerry Illikainen discovered that OptiPNG incorrectly handled memory. A remote attacker could use this issue with a specially crafted image file to cause OptiPNG to crash, resulting in a denial of service, or possibly execute arbitrary code. Various other issues were also addressed.
f520a8832a32ec2cc81ded387c5e63c900d74f0cc05dce5dc9b80ba00db439ebRed Hat Security Advisory 2016-0638-01 - Chromium is an open-source web browser, powered by WebKit. This update upgrades Chromium to version 50.0.2661.75. Security Fix: Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Chromium to crash, execute arbitrary code, or disclose sensitive information when visited by the victim.
0110fc0bd75ec112fdfde6dcd668bac14f69bcb0954d2d4de12aa637092fce57Debian Linux Security Advisory 3552-1 - Multiple security vulnerabilities have been discovered in the Tomcat servlet and JSP engine, which may result in information disclosure, the bypass of CSRF protections and bypass of the SecurityManager.
1b018da117488b19261b9d974ed2fe2088c108c4c83626583134bb1f11f147c8Debian Linux Security Advisory 3551-1 - It was discovered that fuseiso, a user-space implementation of the ISO 9660 file system based on FUSE, contains several vulnerabilities.
4543e4617d7c112434980fbe6976b5d975b8192992ac0f0ec3c02bd6aa1d02abAnsvif is "A Not So Very Intelligent Fuzzer". It feeds garbage arguments and data into programs trying to induce a fault.
03aa7a13bfdfe21bdfb285637110b79d655dcbc30dbd9e6d2f05684fd284ab98This is bash programmable completion for the conntrack-tools from netfilter.org. The package contains completions for conntrack, conntrackd, and nfct.
10cd00bae635aff9f1e26ca613dfbd4bc422cf0bbf97df3b86b2a3956a86dffeThis is bash programmable completion for the netfilter.org accounting tool nfacct.
94dc1ff29888d37ceb6141d112be3eaf78c5b9f8ab96323f16440796cca2a2d3Zarafe.net CMS version 1.0 suffers from a remote SQL injection vulnerability.
e3345b31b6f1ea138abf617578aa72c6ecba8aa0faec9735f214e7f72d3f7a47ipset_list is a wrapper script written in bash for listing sets of the netfilter ipset program. It allows you to match and display sets, headers, and elements in various ways. The output can optionally be colorized. An interactive mode allows to select the query options in a wizard based manner.
8ddb1a945ada9b3f2ebf3b8e336bdc88bf5149693c808df3c19f3707231f2f4dKNOX versions 1.0 through 2.3 on Android suffer from a clipboard data disclosure vulnerability.
a7a3fc37dbd8a7af8e282177066142c6a552f92d788ad7e147aad0c8516323e5Slackware Security Advisory - New samba packages are available for Slackware 14.0, 14.1, and -current to fix security issues.
2e1f520115dc0ce156ad8eafcb817bb0a5e79dc89363864cf265e0979131fc8aSlackware Security Advisory - New mozilla-thunderbird packages are available for Slackware 14.1 and -current to fix security issues.
ada13069916cf30f9ba40168bc484d5f3570073943d56347b0b28908cc548cbaWebnet CMS version 1.2 suffers from cross site scripting, file disclosure, and remote SQL injection vulnerabilities.
c5a7ce234114c1027ecef248a17823db5c62230936fcd70c73b45c71b8f63e18SAP NetWeaver J2EE Engine version 7.40 suffers from a cryptographic issue that can lead to information disclosure.
4a8752f48a5fa73baa980c9abecb1d2a2c71088e4ae41dc5af67c4faa1a59f5bAnonymous attackers can use a special HTTP request to inject logs in the xsengine trace file without size restriction. The vulnerability is triggered when the username sent to the /sap/hana/xs/debugger/grantAccess.xscfunc page is longer than 256 characters.
c8c5dd5a2c2a55cdafe1f8d473df9812f164b0f46f07d0a934fb5fc0b3a066f0SAP NetWeaver J2EE engine version 7.40 suffers from a cross site scripting vulnerability.
4d45bc8c91a6d3d36af7f90ad4341ee0314fc7fffe6fbc4ec7d2cfe5c83dab9fDebian Linux Security Advisory 3550-1 - enabled and the sshd PAM configuration is configured to read user- specified environment variables and the "UseLogin" option is enabled, a local user may escalate her privileges to root.
374089592e1cd2eb80c2dec50b28b14a5c1a6f12066de2e2c148453d945875cf
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed