NETGEAR ADSL router WNR500 with firmware version 1.0.7.2 suffers from a file disclosure vulnerability.
37be78c42c3b55a3b819038c95ab826cabf382a3f2e995c0d63f525d10469092WordPress WassUp Real Time Analytics plugin version 1.9 suffers from a persistent cross site scripting vulnerability.
e8137223a57a625cf51649d12b64986a673655e47a6295721338115351eeeda2D-Link ADSL router DSL-2750E with firmware version SEA_1.01 suffers from a file disclosure vulnerability.
b5cc0cb35b840c6c2c8438b5a60b7406a7e537060a74b65c8afb79b6db75e0daD-Link ADSL router DSL-2750U with firmware version IN_1.02 suffers from a file disclosure vulnerability.
17a33f87025c815f104a5eaf2901d637b55e392eedc1676d79ed751ba87abf30D-Link ADSL router DSL-2750E with firmware version SEA_1.04 suffers from a file disclosure vulnerability.
4c263e7e84c9a03874186180d8c6e97f6a4c6172c73172bd76477eb821290289PLANET ADSL router AND-4101 version 1.8 suffers from a file disclosure vulnerability.
0291af77aa2080fa30afc81376a583d98c46f724faff946aa572825c0d428aacNETGEAR ADSL router JNR1010 with firmware version 1.0.0.16 suffers from a file disclosure vulnerability.
24bd17b9494c941c6add9f7baaa6d068169f297fc8c99dcffdf45aad02b0f418D-Link ADSL router DSL-2730U with firmware version IN_1.02 suffers from a file disclosure vulnerability.
7a59fc02fabba5e5c37b8d049bb3e36936533505c8239de1363d5d407955d4bbMOVISTAR ADSL router BHS_RTA BHS_RTA_C0_019 suffers from a file disclosure vulnerability.
3109144c6c4063c6fbf2fb1f5dfd651b9ae5c7c7825cf67c068e8b464f5352a8WordPress Caldera Forms plugin version 1.3.5.3 suffers from a cross site scripting vulnerability.
5fe319cfc0582676fbf3df11ae0eedd99b8dcaba165bf4d04951d75ab931d4e3WordPress Quotes Collection plugin version 2.0.5 suffers from a cross site scripting vulnerability.
3e714101167947eb893acf037ef84d9ed96b9fc784119af58b4e11c5506a768aWordPress YITH WooCommerce Compare plugin version 2.0.9 suffers from a PHP object injection vulnerability.
0db04c264f42b23b55cb4613767ded49fab18d10ff1bb03155469fb2bb5d9b85This report explains the ability to change the code of Bart. An attacker can edit the code and seamlessly put their own dark website with a different Bitcoin account.
235979bd4239144dac76322065de02f0e43ecad6b1af8f34cf9b75dd3c4fb090Android devices can be crashed forcing a halt and then a soft reboot by downloading a large proxy auto config (PAC) file when adjusting the Android networking settings. This can also be exploited by an MITM attacker that can intercept and replace the PAC file. However, the bug is mitigated by multiple factors and the likelihood of exploitation is low.
9a6a1af684f67a60cc245b0a7841aeca5cc4c686f0d9b20cffcd532b0d7b75f1Verint Impact 360 version 11.1 suffers from a cross site scripting vulnerability.
54466b5060b6fd427f94d75478de5e4cab2d71ef2d0fa9d482daec21fc337374A stack buffer overflow affects several D-Link routers and can be exploited by an unauthenticated attacker. The interesting thing about this vulnerability is that it affects both ARM and MIPS devices, so exploitation is slightly different for each type.
cb979ec54ab67f3c6ce43a8df2d9651d4f4b33a1511fd13e636ea603d7c292d6Debian Linux Security Advisory 3707-1 - Several vulnerabilities have been discovered in OpenJDK, an implementation of the Oracle Java platform, resulting in breakouts of the Java sandbox or denial of service.
26c1328e5eb986a17476cf821d7021bb648a48216dc71e92833317634cdaccadHP Security Bulletin HPSBGN03643 1 - Potential security vulnerabilities have been identified in the Filter SDK component of HPE KeyView. These vulnerabilities could be exploited remotely to allow code execution. Revision 1 of this advisory.
5fcf168a5e11f3ffa6c1e51ce1fa0dd0bfe6ab355c1e3756e5301a956e6c100aRed Hat Security Advisory 2016-2675-01 - The Pacemaker cluster resource manager is a collection of technologies working together to provide data integrity and the ability to maintain application availability in the event of a failure. Security Fix: An authorization flaw was found in Pacemaker, where it did not properly guard its IPC interface. An attacker with an unprivileged account on a Pacemaker node could use this flaw to, for example, force the Local Resource Manager daemon to execute a script as root and thereby gain root access on the machine.
a68cb6d8e8b31bf59042cd3b25b599310ecfc4572219f094534586a9d3317e8dHP Security Bulletin HPSBGN03656 1 - Several vulnerabilities are addressed in this security bulletin: * Potential security vulnerabilities were identified in HPE Network Node Manager i (NNMi) Software. The vulnerability could result in cross-site scripting (XSS). * A vulnerability in Apache Commons Collections for handling Java object deserialization was addressed by HPE Network Node Manager i (NNMi) Software. The vulnerability could be remotely exploited to allow remote code execution. Revision 1 of this advisory.
725b923c074674fa9ab362f651b92f45fa124a6151253c8521f25e8694d74589HP Security Bulletin HPSBGN03657 1 - A potential security vulnerability was identified in HPE Network Node Manager i (NNMi) Software. The vulnerability could result in local code execution. Revision 1 of this advisory.
735c2d5a6677c1c934bdb6c3e7dc60d42aa3c2aa0c3349e08df85047d41419daRed Hat Security Advisory 2016-2674-01 - The libgcrypt library provides general-purpose implementations of various cryptographic algorithms. Security Fix: A design flaw was found in the libgcrypt PRNG. An attacker able to obtain the first 580 bytes of the PRNG output could predict the following 20 bytes.
caf6d9e673258d4b82393cbb762f5437eca9d415345b9281588f106dbc75a521Faraznet CMS version 4.x suffers from a cross site scripting vulnerability.
520ccc53a04695dad61179d8d1abfc4f2fd58d47fbf5984487eb12e2a76925f1NodCMS suffers from a code execution vulnerability by leveraging a cross site request forgery vulnerability.
b385bfd2e1ed36be02d3dff98b02b6ed9703d813d2d8545b1bcff69187d57dedNodCMS suffers from a cross site scripting vulnerability.
67b9df9da3297615f3801c6acfb5b496dfb68103df20d1aa24dcbeeec602ee60
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed