Debian Linux Security Advisory 3604-1 - A privilege escalation vulnerability has been found in the User module of the Drupal content management framework.
8f79d23f66f6e046a4caf4392ad8e9054d091240e38bd46fc6c498783c860d7cRed Hat Security Advisory 2016-1237-01 - ImageMagick is an image display and manipulation tool for the X Window System that can read and write multiple image formats. Security Fix: It was discovered that ImageMagick did not properly sanitize certain input before using it to invoke processes. A remote attacker could create a specially crafted image that, when processed by an application using ImageMagick or an unsuspecting user using the ImageMagick utilities, would lead to arbitrary execution of shell commands with the privileges of the user running the application.
dd956fe375193ac7d12e484e761baab83a6050e459ddac505b9bdadb473df483Gentoo Linux Security Advisory 201606-6 - Multiple vulnerabilities have been found in nginx, the worst of which may allow a remote attacker to cause a Denial of Service. Versions less than 1.10.1 are affected.
349be5f178a7ffd3a0cdb33c99ffc6c5cd0d4399feee2ba5f8af5d80fe024bb6Red Hat Security Advisory 2016-1238-01 - The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in. This update upgrades Flash Player to version 11.2.202.626. Security Fix: This update fixes multiple vulnerabilities in Adobe Flash Player. These vulnerabilities, detailed in the Adobe Security Bulletin listed in the References section, could allow an attacker to create a specially crafted SWF file that would cause flash-plugin to crash, execute arbitrary code, or disclose sensitive information when the victim loaded a page containing the malicious SWF content.
c0c9fbef4ec7a269fa643ac58d395d29ca13045fcab606f33211d418abde9278Vicidial version 2.11 suffers from a persistent cross site scripting vulnerability.
c154000fe038c38e5a527c576851756b894d34262d4f6ca5d1577383530115acSAP NetWeaver AS JAVA versions 7.1 through 7.5 suffer from an XML external entity injection vulnerability.
44897fd3de22b74e679203c9cb11f3fb82fcf5325291f376823810d3b828f093Squid version 0.4.16_2 running on pfSense version 2.3.1-RELEASE-p1 suffers from cross site scripting and log manipulation vulnerabilities.
9a1e23727f0bd75e3599c55ec0df330eb1089ffd1fe5614a09bdf57d070f6540SAP NetWeaver AS JAVA versions 7.1 through 7.5 suffer from a cross site scripting vulnerability.
20052cfd6741d7dfcf904514b3be697e271bc2041eeead1cb9b3ca48a8d8d899SAP NetWeaver AS JAVA versions 7.1 through 7.5 suffer from a directory traversal vulnerability.
790e576e203d8d6179e7abc17a655e8165edc85deda7e8a80645173db2db72a8WordPress Ultimate Product Catalog plugin versions 3.8.1 and below suffer from a privilege escalation vulnerability.
26e16b8111d6776a483b80f13ec222d56319239cdae60821e333d1e54f5b61b3Skype for Business 2013 suffers from a user enumeration timing attack vulnerability.
dedc70fffc5ea2d07f68d69fbe8ae570b34e97daacc51b72c8224705bb509cbcphpATM versions 1.32 and below suffers from cross site request forgery and path disclosure vulnerabilities.
df0c2e8cdde4cef425a90d37b3280ca2ab7ba7b73bf71860018c5dd1ad11740fWordPress Gravity Forms plugin version 1.8.19 suffers from a remote shell upload vulnerability.
08f28d9eb0582588c81b63481ca58e5db3c64a1f7c6546c4b854f69d5d88da51With MS16-063, Microsoft has patched CVE-2016-0199 which relates to a memory corruption bug in the garbage collector of the JavaScript engine used in Internet Explorer 11.
8d60da32ba3ba0db4a0f218c7ca375ed14206761ebd4594a313e25dd2ebe4eaephpATM version 1.32 suffers from a remote shell upload vulnerability.
bd06692dea631ae0422f2ca3b556ff56ffbb8f5f6d8db4dccba08d74b62429d9Tiki Wiki CMS Calendar versions 14.2, 12.5 LTS, 9.11 LTS, and 6.15 suffer from a remote code execution vulnerability.
4685c3289b13b709e9edc89b3d6c123f6e13f0a8d27d431dac59b8798f51c5d0Adobe Flash Player versions prior to 22.0.0.192 and 18.0.0.360 suffer from a DLL hijacking vulnerability.
f6c1e0db1cf0414a2c4e623656746bf18311c21d232ce0247945fb82f69047edSolarwinds Virtualization Manager versions 6.3.1 and below use weak cryptography in /etc/shadow.
a117ac64d0e6467644e089addb1236c0f9a9beae0263d71706ae7d3b857fa245
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed