The TagLib::Ogg::FLAC::File::scan function in oggflacfile.cpp in TagLib version 1.11.1 allows remote attackers to cause information disclosure (heap-based buffer over-read) via a crafted audio file.
aef2419e47ea6d4026994bdeff4c305d9c04fb5575c81572288b93ee7047ba9dSharePoint's site suffers from a user enumeration vulnerability.
24ce31e9a1cea55db20cb989a10a97c36be95ad8fbf72555a29aa25450019f81Facebook Clone Script version 1.0.5 suffers from a cross site request forgery vulnerability.
713fbbd8917fddae9ea239ee0a3276b6d7ba12bd756c57d466a91c5252a13eadMyBB ChangUonDyU plugin version 1.0.2 suffers from a cross site scripting vulnerability.
db660fadda2a119edbccee069b8d76ba56d3a76d9c6f00380d446b380afc52a6Sitemakin SLAC version 1.0 suffers from a remote SQL injection vulnerability.
000e4a7ab2c787f0454025c539c614e17c828a17a6e7a011d636caf1172c0666IssueTrak version 7.0 suffers from a remote SQL injection vulnerability.
1ca72af0c55484ccd608194909c3cef48db5fddab1d068ca70b153fac71f0cc2Facebook Graph OpenSearch Phone Number metadata crosswalk mapping proof of concept exploit.
3288c37864ed6e59af01c3711e7fc6081753fd947b8690f6f28b12547b3a6fedAppnitro MachForm suffers from remote file upload, remote SQL injection, and path traversal vulnerabilities.
29ad09f6e7112cceddfe216c07e3423ff01d9605ecbdf939deff018b09bb2832The mobi_parse_mobiheader function in read.c in libmobi version 0.3 allows remote attackers to cause an information disclosure (heap-buffer-overflow out-of-bounds read) via a crafted mobi file.
babc700fdfbf7569414cc4b5cc9368b9e9d4a00a0985a70e4dbb9bbe3dcd9824WordPress Events Calendar plugin version 1.0 suffers from a remote SQL injection vulnerability.
806a1b2edbf1e1dfb95044f6dd57692fb5902dbab18b558d5ea9eb4b23cc7703Ubuntu Security Notice 3586-2 - USN-3586-1 fixed a vulnerability in DHCP. This update provides the corresponding update for Ubuntu 12.04 ESM. Felix Wilhelm discovered that the DHCP client incorrectly handled certain malformed responses. A remote attacker could use this issue to cause the DHCP client to crash, resulting in a denial of service, or possibly execute arbitrary code. In the default installation, attackers would be isolated by the dhclient AppArmor profile. Various other issues were also addressed.
87bf0b43aecf798e53a7ec0e8497cf38db7e719785f0c2616c8cddec7692bcc1Joomla Full Social extension version 1.1.0 suffers from a remote SQL injection vulnerability.
ce93df768137fac4a7b861712045a2aa41187528bd67fe5cda4b8f73befa87cbJoomla JoomOCShop component version 1.0 suffers from a cross site request forgery vulnerability.
066af939a7670d681433259ae5b324a01af7318181811d3d4496b384fa8445c0DomainMod version 4.09.03 suffers from multiple cross site scripting vulnerabilities.
abc27fba0510717d1a5f7a087b7da4cdf65dd561e3b0c927fd6ad6c5a9cc2713TP-Link TL-WR840N and TL-WR841N suffer from an authentication bypass vulnerability.
9bc6863b7767effc424671cde611c90b951d22eb5f197625c4189947f30737dfwww.engelvoelkers.com suffers from a cross site scripting vulnerability.
ca63dd8900bc530bb28fd2119fb867c60f4e129331a7b454bbec9119b07f1f5dJoomla jCart for OpenCart component version 2.3.0.2 suffers from a cross site request forgery vulnerability.
114563506afd2b68b276ae85037c5e86677c9c3d1888697553baf7f13e4d2a43Alexei Starovoitov discovered that the Berkeley Packet Filter (BPF) implementation in the Linux kernel contained a branch-pruning logic issue around unreachable code. A local attacker could use this to cause a denial of service. The ext4_iget function in fs/ext4/inode.c in the Linux kernel through 4.15.15 mishandles the case of a root directory with a zero i_links_count, which allows attackers to cause a denial of service (ext4_process_freed_data NULL pointer dereference and OOPS) via a crafted ext4 image. Various other issues were also addressed.
0e3788ff5b92bdb81c16b39e96e620f55d7e00317265a10546173540afa06d71CloudMe Sync versions prior to 1.11.0 SEH buffer overflow exploit with DEP bypass.
f0e35b18cc3b45a2f7245397a9807fa2574cce43e052d6507bbce428f8230e1fwityCMS version 0.6.1 suffers from a cross site scripting vulnerability.
cf35f62293a5c896e129d0813de47e7e5cdcf4189cc5ad8ec259e3deaca5879498 bytes small Linux/x86 TCP/5555 bindshell shellcode.
2695862019edfec544f315d7be17d3f2bf86d2f43cc665a7c5133f3db8244852Dell EMC RecoverPoint versions prior to 5.1.2 and Dell EMC RecoverPoint Virtual Machine (VM) versions prior to 5.1.1.3 suffer from command injection, LDAP password leak, and arbitrary file read vulnerabilities.
a32f56f16886245544fb248cad14e2e09e7d117b2031783004120f837bd910e0ALFTP version 5.31 suffers from a local buffer overflow vulnerability.
dd60385cff880c4348304843c3efe5d0c745d73e9510506c9db9ff1f9fa6ae92Software Advice version 1.0 suffers from a cross site scripting vulnerability.
7bc406a8580de28cdfb85b1124b94292bb3c70c3821030fa776315ab32a88bfbJDA Connect suffers from cross site request forgery, JMX interface exposure, and command execution vulnerabilities.
9208639b230a277236982d9d21e65b17c68509bc2d0a40672ac22f324f504dfb
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed