Joomla! Proclaim component version 9.1.1 suffers from a remote shell upload vulnerability.
d3b42aaa935a602216f97367a67d5d5b6e3b1969c555ea94c199e20b378e888dJoomla! CheckList component version 1.1.1 suffers from a remote SQL injection vulnerability.
eaf5e0233f4ffa866d363218ecb74330e94ba0f9e76ac4f11c1aea57cdbea862Joomla! Alexandria Book Library component version 3.1.2 suffers from a remote SQL injection vulnerability.
0c4a5560666446e8e35e424c4526fc6910a2fde6cdfc5a13bff3ecf0c08b9a7eJoomla! Ek Rishta component version 2.9 suffers from a remote SQL injection vulnerability.
b6997acc9145dcfa4761c77d8c9e451de71ec7326b4c4e1161b759da35d7f6d7Joomla! PrayerCenter component version 3.0.2 suffers from a remote SQL injection vulnerability.
476e66115641917c493d8bb111d9fa9fa7e61b3fad74a7392c2809c85f209af9Joomla! Proclaim component version 9.1.1 suffers from a backup disclosure vulnerability.
8d8fa03d56de3952240f153b75360b96780bb2cfd04cb0f4ff396259c7507ff9Joomla! CW Tags component version 2.0.6 suffers from a remote SQL injection vulnerability.
ace504ca4e70303c687d36116a9cb7bd94365938298748fc06abf227a4fb2293NoMachine versions prior to 6.0.80 (x64) suffer from an nxfuse privilege escalation vulnerability.
3f84d30a64a0b65edd648d59774c17780e9ca1c4062f2b18efa2c18e9c851e22Armadito Antivirus version 0.12.7.2 suffers from a detection bypass vulnerability.
9e8a4402af43db4c792e85a002c8ab2b85674ffd06feb1b9c84f33cbe2a44ddbDisk Pulse Enterprise version 10.4.18 suffers from an import command buffer overflow vulnerability.
e307de6489283b8b1af2c0fffeb4c6bc4cd2451976ad9a55965eb047eda2f56cDisk Savvy Enterprise version 10.4.18 suffers from a buffer overflow vulnerability.
dd90908461a70ffb033221b05079a153d313a0f457e111ed680c67fc2c96cec1Wavpack version 5.1.0 suffers from a denial of service vulnerability.
3b6f7db32cf7bfe1affc114a011eb1154963dbd10687688830a645a53a63b94eAsterisk Project Security Advisory - A crash occurs when a number of authenticated INVITE messages are sent over TCP or TLS and then the connection is suddenly closed. This issue leads to a segmentation fault.
a4a7459638ce3f3a2f66643377d5f17ef2db0d79f31570e23b023b87b15030c9Asterisk Project Security Advisory - When processing a SUBSCRIBE request the res_pjsip_pubsub module stores the accepted formats present in the Accept headers of the request. This code did not limit the number of headers it processed despite having a fixed limit of 32. If more than 32 Accept headers were present the code would write outside of its memory and cause a crash.
2ca83ced6bedaa74703ffe260735d9b6a5f8e6d560c01ef31601708735e0b831Asterisk Project Security Advisory - By crafting an SDP message body with an invalid fmtp attribute Asterisk crashes when using the pjsip channel driver because pjproject's fmtp retrieval function fails to check if fmtp value is empty (set empty if previously parsed as invalid). The severity of this vulnerability is lessened since an endpoint must be authenticated prior to reaching the crash point, or it's configured with no authentication.
9b8ed54f40c2eeeb8b0438fcc1f181112a56783842de914688edfeee94da5652Ubuntu Security Notice 3583-2 - USN-3583-1 fixed vulnerabilities in the Linux kernel for Ubuntu 14.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement kernel from Ubuntu 14.04 LTS for Ubuntu 12.04 ESM. It was discovered that an out-of-bounds write vulnerability existed in the Flash-Friendly File System in the Linux kernel. An attacker could construct a malicious file system that, when mounted, could cause a denial of service or possibly execute arbitrary code. Various other issues were also addressed.
25ede7de1d2b86456063e72f35df6f1394e7346ba13182c33a91a7d898707f22Ubuntu Security Notice 3583-1 - It was discovered that an out-of-bounds write vulnerability existed in the Flash-Friendly File System in the Linux kernel. An attacker could construct a malicious file system that, when mounted, could cause a denial of service or possibly execute arbitrary code. It was discovered that a race condition leading to a use-after-free vulnerability existed in the ALSA PCM subsystem of the Linux kernel. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Various other issues were also addressed.
c97e450d76e9b8840d64e1081483c6c94471a1697c00daa71cb7174818ece0d4Ubuntu Security Notice 3581-3 - Mohamed Ghannam discovered that the IPv4 raw socket implementation in the Linux kernel contained a race condition leading to uninitialized pointer usage. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. ChunYu Wang discovered that a use-after-free vulnerability existed in the SCTP protocol implementation in the Linux kernel. A local attacker could use this to cause a denial of service or possibly execute arbitrary code, Various other issues were also addressed.
8d80408460bbc40d25f6a1d98f8717ca75509cb7af39ccd535c19d991b9786ebDebian Linux Security Advisory 4122-1 - Several vulnerabilities have been discovered in Squid3, a fully featured web proxy cache.
413a77af9890c71c08bf0762f9364b899f3ba82b45ae04876760d0ea2af27ee3NTCrackPipe is a basic local Windows account cracking tool.
a741c49971df18dea0349f47a6b35981ee7662566883c2a7af13e7c8cbd581f6Micro Focus Security Bulletin MFSBGN03798 1 - A potential security vulnerability has been identified in Micro Focus Universal CMDB. The vulnerability could be remotely exploited to allow Arbitrary Code Execution. Revision 1 of this advisory.
ef656714eb766f4da9920fcb4a9bd2827d80e3782688917d45e50599af3aa1fcDebian Linux Security Advisory 4120-1 - Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks.
a3ad2e617997e88d89ce295b5ac578ee9ff2374ed457833cbc29838bab220a36Ubuntu Security Notice 3578-1 - It was discovered that WavPack incorrectly handled certain DSDIFF files. An attacker could possibly use this to execute arbitrary code or cause a denial of service. It was discovered that WavPack incorrectly handled certain CAF files. An attacker could possibly use this to cause a denial of service.
fb13b38146725c5c5fd257cc3e8744b5c27c09e4a580a2bb1eb8ac425bf50e20Debian Linux Security Advisory 4121-1 - This update doesn't fix a vulnerability in GCC itself, but instead provides support for building retpoline-enabled Linux kernel updates.
3bbb62982b5848237a966c9a6da4fbdf339539dd7c8d552a64ee86eac064387aUbuntu Security Notice 3582-2 - USN-3582-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement kernel from Ubuntu 16.04 LTS for Ubuntu 14.04 LTS. Mohamed Ghannam discovered that the IPv4 raw socket implementation in the Linux kernel contained a race condition leading to uninitialized pointer usage. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Various other issues were also addressed.
daa9be69cc0ac61cf74de6fe2e6ae8532732593d73b9cc8f758d6d65ec8f7b0f
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed