WordPress Apartment Management System extension suffers from a remote SQL injection vulnerability.
002a3736f35165f27d436158d977314b06faa829c566c2756ff55f4fee8ccbd6Fibaro Home Center 2 suffers from a remote command execution vulnerability.
11548002a8f3c0fd1ddc06f983086682510f784d6894bcba3fc8b83307255164WordPress Hospital Management System extension suffers from a remote SQL injection vulnerability.
40ead3ade91d7b615cce1d3227bd3c3f2d4c2bc405783359380f4cd69e3108d8WordPress School Management System extension suffers from a remote SQL injection vulnerability.
e817b43e8ca7655a2629e011082235e6601d28c409eba2796ca264fb95cca9c8WordPress Gym Management System extension suffers from a remote SQL injection vulnerability.
052d648adb46fd7ba11ffd9d1a782e432d4de85708492539e0ec408c2bf20df1This Microsoft bulletin summary lists a CVE that has undergone a major revision increment.
e281f889a7a07b745c1b41488515c3f3c2cd6505cb30f5abdb08ebf86166cbf7Red Hat Security Advisory 2017-2810-01 - Red Hat JBoss Enterprise Application Platform is a platform for Java applications based on the JBoss Application Server. This release of Red Hat JBoss Enterprise Application Platform 7.0.8 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.0.7, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Security Fix: It was found that when using remote logging with log4j socket server the log4j server would deserialize any log event received via TCP or UDP. An attacker could use this flaw to send a specially crafted log event that, during deserialization, would execute arbitrary code in the context of the logger application.
188d12c115cdf70acf53a8c6c015857d0f7f729f6e285cf3d06172bf9b1241d9Red Hat Security Advisory 2017-2800-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: A flaw was found in the way the Linux kernel loaded ELF executables. Provided that an application was built as Position Independent Executable, the loader could allow part of that application's data segment to map over the memory area reserved for its stack, potentially resulting in memory corruption. An unprivileged local user with access to SUID PIE binary could use this flaw to escalate their privileges on the system.
d8a9d0afd413fd3cff47b4b91f265b4ff434e1f1031486cfd195ab8aa5e4cf4dGentoo Linux Security Advisory 201709-26 - A vulnerability in libsoup might allow remote attackers to execute arbitrary code. Versions less than 2.56.1 are affected.
90b31b9d9cea9f8cbe8007c69e4741b088a4bd68896e32121610f754014b02caPhrack: Attacking JavaScript Engines: A case study of JavaScriptCore and CVE-2016-4622.
a2a651765bcc685814d2b564c3c669f0395802f26c4a1113472d38c2118c52fdRed Hat Security Advisory 2017-2799-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: A flaw was found in the way the Linux kernel loaded ELF executables. Provided that an application was built as Position Independent Executable, the loader could allow part of that application's data segment to map over the memory area reserved for its stack, potentially resulting in memory corruption. An unprivileged local user with access to SUID PIE binary could use this flaw to escalate their privileges on the system.
6e410605a90e5ae5dac226f1c1596223ce521c47926efe91a44e62dae507a90fHPE Security Bulletin HPESBGN03773 1 - A potential security vulnerability has been identified in Application Performance Management (BSM) Platform. The vulnerability could be remotely exploited to allow code execution. Revision 1 of this advisory.
e9c0d18cf651d50a4dee299bf48dc290afb61e9ac7f068fd772a3553a46b4e76This Metasploit module uses the "evaluate" request type of the NodeJS V8 debugger protocol (version 1) to evaluate arbitrary JS and call out to other system commands. The port (default 5858) is not exposed non-locally in default configurations, but may be exposed either intentionally or via misconfiguration.
adadef46d17f23a8273875e47105d4c982677c671f4c6a529a53ced4c60f4c7aAdobe Flash suffers from an out-of-bounds read in applyToRange.
5e0bd97867ee024b64d5b21e7b16d1b5b79eb64bc8157ffbfb7124ffb02f80c2Adobe Flash suffers from an out-of-bounds write vulnerability in MP4 Edge Processing.
6a0ec7b291326f89c01175887700ac01309acd9de42118c3db6c61b84cbe77fcAdobe Flash suffers from an out-of-bounds memory read vulnerability in MP4 parsing.
f7d793f8cf0aa2a5d67b77d14544b392ce57bd7068e9f531d5568ffdd3041d83Broadcom suffers from multiple overflow vulnerabilities when handling 802.11r (FT) Reassociation Response.
4e4363e0afff7c0a8c3e6b53d804a1172c36d104c17e2a3b7c6eebe8edf51451Broadcom suffers from an out-of-bounds write when handling 802.11k Neighbor Report Response.
82fc971e12c2491131ffec544a1ec8c4c1c02697141d693f357d4951ceab15ceBroadcom suffers from a heap overflow vulnerability when handling 802.11v WNM Sleep Mode Response.
bfafe6c08335222f164c3154a1ec33d8b038b473faa28bc94fc7946a6d0e9bbaCyberLink LabelPrint versions prior to 2.5 SEH unicode buffer overflow exploit.
38a22e671f25d00ad5c85db271ec90594e8f7dfbb16305379d99e2185f8a26cdJitBit Helpdesk versions 9.0.2 and below suffer from a broken authentication vulnerability.
5a8b981a7137a51ecb068371a6339f09239659eb8f9f9c8e7c532a66e9e3bc4bSoftware updates for Solarwinds products are packaged and delivered insecurely, leading to root compromise of Solarwinds devices.
2a9df79c742962870c74939e16e4499331d3b9dcdf53b4c3fe83b8d82173b94eOracle 9i XDB version 9.2.0.1 HTTP PASS buffer overflow exploit.
c3cbbb2ab10205e64ab02e00aa07202452c7cff903104fa689d7c7cb11d92a46Disk Pulse Enterprise version 10.0.12 GET buffer overflow SEH exploit.
2ec52d52a2d7920391601670f498eac12a8d4246552fdb38dcfc0a43511bb00a
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed