WordPress Canvas - Shortcodes plugin version 1.92 suffers from a persistent cross site scripting vulnerability.
df2444b47f4a472964932e55ac22ed373bde66c7f0329b98e3a724aa42845768WordPress Instagram Feed plugin version 1.4.6.2 suffers from cross site request forgery and cross site scripting vulnerabilities.
8c232c763429aed63e5b28b16fa33e0f73a8715bf58d2dc309b8f4d2b55e9e39WordPress Huge IT Portfolio Gallery plugin version 2.0.77 suffers from a cross site scripting vulnerability.
4a873701d99ad10e859208f48cd91f7b0f74705e5e6ab575559ba46bf5c767b8WordPress Easy Facebook Like Box plugin version 4.3.0 suffers from cross site request forgery and cross site scripting vulnerabilities.
825c5e968c2264642e788c379c36fd6a9b6fbc7609dbf8e07e00f7d7b1d6472dWordPress Check Email plugin version 0.3 suffers from a cross site scripting vulnerability.
063154870774d2d61ea0560efe97056df2a3d78625a3957b081ed145a8c443dbThis is a piece of software that tries to login to Magento administrative panels using a list of websites, logins, and passwords. Written in C++.
084ff1803c63eac0a6875fa94140fee427f36799ed0e2a39ee9a4fa8c565d48cFTPShell Client version 5.24 PWD remote buffer overflow exploit.
653a0cfcaf08d0d926db3c3bb800a392dd99d7d9fd069c512c99dae3e0747f0aRed Jasmin version 1.0 suffers from a remote SQL injection vulnerability.
3827c6102941e9b224129db3726300d764d480942d04e67f01301d768ca7b628Faraday is a tool that introduces a new concept called IPE, or Integrated Penetration-Test Environment. It is a multiuser penetration test IDE designed for distribution, indexation and analysis of the generated data during the process of a security audit. The main purpose of Faraday is to re-use the available tools in the community to take advantage of them in a multiuser way.
4b057abad3704dddd9861058718b2764c379deefac39b188c5f99478318f2462Ubuntu Security Notice 3124-1 - Christian Holler, Andrew McCreight, Dan Minor, Tyson Smith, Jon Coppeard, Jan-Ivar Bruaroey, Jesse Ruderman, Markus Stange, Olli Pettay, Ehsan Akhgari, Gary Kwong, Tooru Fujisawa, and Randell Jesup discovered multiple memory safety issues in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service via application crash, or execute arbitrary code. A same-origin policy bypass was discovered with local HTML files in some circumstances. An attacker could potentially exploit this to obtain sensitive information. Various other issues were also addressed.
186fc72529bc55503b5bee038a51d2256f957a0adfbd4fa065e59591da446ee3Gentoo Linux Security Advisory 201611-11 - Multiple vulnerabilities have been found in QEMU, the worst of which could cause a Denial of Service condition. Versions less than 2.7.0-r6 are affected.
f65df48e99a50acb2abf2cd6d8af4cac73a92399ae257cbb493db0dd555963e0SAP NetWeaver AS JAVA versions 7.1 through 7.5 suffer from a directory traversal vulnerability.
62cc4d036331589bf67b67e77af5807e4474a073efb99c6620b5006901f5230bSAP NetWeaver AS ABAP version 7.4 suffers from a directory traversal vulnerability.
84ff922450ca8f53eaea6f84e5101ea1a2bb7652412f540755f0c5b78015f1e1A specially crafted web-page can cause an integer underflow in Microsoft Edge. This causes CTextExtractor::GetBlockText to read data outside of the bounds of a memory block.
a984d8735416e8243d6142b60aab6cfce17d75a9759a5602e935e16a782f911ePalo Alto Networks PanOS suffers from a root_reboot local privilege escalation vulnerability.
77b90d6716d58a4f8b814a7d51d68c8130edeff0b31b29a1ae4d36ee5932035cPalo Alto Networks PanOS suffers from a root_trace local privilege escalation vulnerability.
fa9287845339b7532fe00af817e6a9f334b941965b54b7b6772bb41d07ad920dA specially crafted web-page can cause the iertutil.dll module of Microsoft Internet Explorer 11 to free some memory while it still holds a reference to this memory. The module can be made to use this reference after the memory has been freed. Unlike many use-after-free bugs in MSIE, this issue, and apparently all code in this module, is not mitigated by MemGC. This issue appears to have been addressed in July 2016, as it failed to reproduce after the July security updates were installed.
01af43626269ff73fc6b2ea76ed5f2d57b9d1846e598b777c8690711208858f4Relevanssi Premium version 1.14.4 suffers from a remote SQL injection vulnerability.
679c29060b65dc84d082552b03e799104a81dfec85db097aec556548b1eac5f6An unserialization vulnerability in Relevanssi Premium version 1.14.4 could allow for code execution.
6927b4ab7d5885556bd754c2ad01701b0d593da38e2a88a2428cccf5bb0216fcHuawei Flybox B660 3G/4G router suffers from an authentication bypass vulnerability.
ce58a278dfaa72cd2defb07b73ca0a656ab89651fb916c124e23668738c7977aHabari CMS version 0.9.2 suffers from a cross site scripting vulnerability.
5bb8887354a1174390325a4d811786b9db49c94b97aafe970f995fca834927b7Post Indexer version 3.0.6.1 suffers from a man-in-the-middle vulnerability that may allow for arbitrary code execution.
ae251345f938c977f6f946b8a67e335ec898d22c843c43fc210bb0cdd04d4b34Post Indexer version 3.0.6.1 suffers from a remote SQL injection vulnerability.
29834485d983a58f496acf14a03989b41aa447ba1ef4b268ba5ec7b3d8676a83Teradata Studio Express version 15.12.00.00 suffers from a /tmp race condition.
583918d299382692f75adf180be7fce3356ec3b11412eae6360e55551f4db194Palo Alto Networks PanOS suffers from a stack buffer overflow in the appweb3 embedded webserver.
46316d54fe0b1eaeb6e793d9de3a88060515fc612e68480aff0ecc2569c52c70
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed