Botan is a C++ library of cryptographic algorithms, including AES, DES, SHA-1, RSA, DSA, Diffie-Hellman, and many others. It also supports X.509 certificates and CRLs, and PKCS #10 certificate requests, and has a high level filter/pipe message processing system. The library is easily portable to most systems and compilers, and includes a substantial tutorial and API reference.
460f2d7205aed113f898df4947b1f66ccf8d080eec7dac229ef0b754c9ad6294ntfs-3g mount helper in Ubuntu 16.04, 16.10, Debian 7, 8, and possibly 9 does not properly sanitize the environment when executing modprobe. This can be abused to load a kernel module and execute a binary payload as the root user.
2ca15f26f7b775b7c9e764235153327a7035b9b299e27a2b52603944e606c8c3This Metasploit module exploits the default credentials of SolarWind LEM. A menu system is encountered when the SSH service is accessed with the default username and password which is "cmc" and "password". By exploiting a vulnerability that exist on the menuing script, an attacker can escape from restricted shell. This Metasploit module was tested against SolarWinds LEM v6.3.1.
38c9a347de106f708a89c8ce2d154e8a0699cc4ed9c612954b9310a28b9b7379Airwatch versions 6.1.x and 6.4.x suffer from an ldap injection vulnerability.
de63a8e1e53104e08f13950e374edc66f2fd33fd0b373e7bbf041d5891287eb4Avaya Radvision SCOPIA Desktop versions 7.7.000.042 and 8.2.101.046 suffer from a blind SQL injection vulnerability.
9df3a8763b4d5e5041c60ed04a57311756f2452722710236a1bec7035997445bLanternCMS suffers from cross site scripting and remote SQL injection vulnerabilities.
10d7e8a5a9ae21aa469a8adb55db9076be8af353719bd4c575e7a05d73cca228SilverStripe CMS versions 3.1.9 suffers from a path disclosure vulnerability.
add33c249921191d92637723848b95bc133583d1c0e290741c752d7043e43c6dSmartJobBoard version 5.0.9 suffers from cross site scripting and information disclosure vulnerabilities.
c79e0d8f6a1f8afcd1cdbe7ed6730c17027d52772fefbc91a7eebe1dc62521f4Computer Associates API Gateway versions 7, 8, and 9 suffer from CRLF response splitting and directory traversal vulnerabilities.
c3dd3bb5978a20a8fe51af9fbf3170c7d9624fcb5b17a87073c4c2abded21d2bManageEngine Applications Manager versions 12 and 13 suffers from code execution, cross site scripting, XXE injection, and remote SQL injection vulnerabilities.
e1e13048508f4633fd462aa20cb03dbf93dfb087461802ac1eb799e30684ba4eKaseya VSA version 9.02.00.04 suffers from an information disclosure vulnerability.
5a59d2ffedded5fe54949dd29511e3205fb1e3caac953287dc781deab3742ac4Trimble / Manhattan Software IWMS version 9.x suffers from an XML external entity injection vulnerability.
034d6c464fd8dfb280cc2231b57e61e57db6af0250f94c9a8ef2fd8e71db6e52Tweek!DM Document Management suffers from bypass and remote SQL injection vulnerabilities.
990171f149c1422942f3130de220f72cd20ac33b6f5a833745b2d53902b4acdbInchoo Facebook Connect plugin suffers from a cross site scripting vulnerability.
3b57827980094611b40d59abdcc9cf5477a6100b8983ee3cadbc5ac782f744d0Red Hat Security Advisory 2017-0869-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: A flaw was found in the Linux networking subsystem where a local attacker with CAP_NET_ADMIN capabilities could cause an out-of-bounds memory access by creating a smaller-than-expected ICMP header and sending to its destination via sendto(). Enhancement:
c7b5eaf57adbad1eed998d1a79c4920ea877082a5e42528c470ee450b22b4b7bHPE Security Bulletin HPESBGN03721 1 - A potential vulnerability has been identified in HPE Operations Bridge Analytics. The vulnerability could be exploited to allow remote cross-site scripting (XSS). Revision 1 of this advisory.
cc75e14e24e91487e125a1a448e29db239a06453cf8b6d08d66d024f7d747e7eAcoraCMS version 7.0.0.6 suffers from arbitrary browser redirect and cross site scripting vulnerabilities.
b87426ec9fff88fdce255750542faa9c5b3eef962346cece91f55d16975ad4b2Kaseya VSA version 6.5.0.0 suffers from cross site scripting and brute forcing vulnerabilities.
7fe218cd1c415fe7ecf706fc430277ad0a16b68a9d7aa68e327097eb8897004bMaian Survey version 1.1 suffers from a remote SQL injection vulnerability.
135643f1f5cf111b556e74c6a07c97400359b992d68b9de6fc965f8fcfe720c0Maian Greetings version 2.1 suffers from a remote SQL injection vulnerability.
d3577d5114f7cfd0b2637e700cafa78f065d0f9ae7e24019f660d9ec472b7ce6Botan is a C++ library of cryptographic algorithms, including AES, DES, SHA-1, RSA, DSA, Diffie-Hellman, and many others. It also supports X.509 certificates and CRLs, and PKCS #10 certificate requests, and has a high level filter/pipe message processing system. The library is easily portable to most systems and compilers, and includes a substantial tutorial and API reference.
6c5472401d06527e87adcb53dd270f3c9b1fb688703b04dd7a7cfb86289efe52Maian Uploader version 4.0 suffers from a remote SQL injection vulnerability.
c8fd181fafea3f932cda69cd7c8b127b538ab5ca638746c5e0c391c76b34c8ffApache Tomcat versions 6, 7, 8, and 9 suffer from an information disclosure vulnerability.
731c512de3b9572b0d268461b83f563c6dac151dc2be51647331b04ca2296ad2
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed