This Microsoft advisory notification includes advisories released or updated on July 26, 2018.
35a049ea6e21911bf22ccf3333cf87a197c717531e4d3d0322045c4ebff9954bThis Metasploit module exploits an arbitrary file upload vulnerability in Responsive Thumbnail Slider Plugin v1.0 for WordPress post authentication.
8ee01269b9ed74a3a7ab070775e8793353cb3fbec90f61759ae14ae92e25bdfaDebian Linux Security Advisory 4256-1 - Several vulnerabilities have been discovered in the chromium web browser.
b37c2f37b7d2cc256391b4cbdfc0701d5bdb60add7642c0eba9fa126b255b5ccThis Microsoft bulletin summary holds a CVE update for CVE-2018-8202.
d711a2912b947865bc4e6a6c596bb87a47a588684e75b6c65b74d11197146979Symfony versions prior to 2.7.13 suffer from a remote information disclosure vulnerability when app_dev is enabled.
baa4cb71d8a7e687f3f227e5d3b231e472d19e18576f68e684b2fa07658110b1QNap QVR Client version 5.1.1.30070 Password denial of service proof of concept exploit.
344266a6610d9fb0b8af67ee0364c8582222e5c2c5b279a1ff7c99858b7373b3NetScanTools Basic Edition version 2.5 Hostname denial of service proof of concept exploit.
792e6842f6cc2cb1b7aa4155d87d7e9828717fae9e9df0341583619885054295Online Trade version 1 suffers from an information leakage vulnerability.
a91f5b0e4cfa752730c67a58f8a10dcd191b2f0472451320697abfd0f4be2e53Faraday is a tool that introduces a new concept called IPE, or Integrated Penetration-Test Environment. It is a multiuser penetration test IDE designed for distribution, indexation and analysis of the generated data during the process of a security audit. The main purpose of Faraday is to re-use the available tools in the community to take advantage of them in a multiuser way.
4cf5f05dae8f184bfb038300d37032c108f0fb932ebd4282e6797a15946a0d23Sysdig falco is a behavioral activity monitoring agent that is open source and comes with native support for containers. Falco lets you define highly granular rules to check for activities involving file and network activity, process execution, IPC, and much more, using a flexible syntax. Falco will notify you when these rules are violated. You can think about falco as a mix between snort, ossec and strace.
1d28957e10932b98295c0ef284cd9bb45ce286f9a62fc41a6bfeb51910c4c914SoftNAS Cloud versions prior to 4.0.3 suffers from an OS command injection vulnerability.
b79184adec75f473b47197947faff63cfba84edcfe7f5a771347dd49fb829b26WordPress Gwolle Guestbook plugin version 2.5.3 suffers from a cross site scripting vulnerability.
0102adc89a526756f71376d8ca8b12e0af203e535a067eed6ad082c80015d2a0WordPress Strong Testimonials plugin version 2.31.4 suffers from a cross site scripting vulnerability.
29e3e61c5bb4cc522ae61f3fdbf89e035d73bfa6c4c7ed5ee78b79874121d335Super CMS Blog Pro PHP Script version 1.0 suffers from shell upload and remote SQL injection vulnerabilities.
1426e8a1d4ce750b316b81e96cba271080be1dc72b6b5272f6b2e0a9e01bbbf9FTPShell Client version 5.22 suffers from a remote buffer overflow vulnerability.
93f19384fadcce430aec104a42aacbbffaeb61937eec9731334566047aea5368This Metasploit module exploits an authentication bypass in .srv functionality and a command injection in parhand to execute code as the root user.
c10f9b22f833b812b5b5320ea587dedf77fe8a60a4a58ddec5548a2ea5fb202dTrivum Multiroom Setup Tool version 8.76 suffers from a cross site request forgery vulnerability.
089d519a68650f17e77aeb208817d089d6ad194b453eccac690b71c2ff37c3a1There is a heap overflow in Skia when drawing paths with anti-aliasing turned off. This issue can be triggered in both Google Chrome and Mozilla Firefox by rendering a specially crafted SVG image. Proof of concepts included.
3f160181c8497dc4cf1f1145b96c07f641ce5f7ac700a9824ddcbbf59315795bCore FTP version 2.0 XRMD denial of service proof of concept exploit.
66307a4890821f1325509963fa3a88fdd06110613682aa0ae6983a65634cc93fThis Microsoft bulletin summary holds CVE updates for CVE-2018-8308.
dea63ee770752757f3393bac9560688ed9ae6dbfb0eca27e531bdc642cfdcaa5CleanMyMac3 suffers from a local privilege escalation vulnerability.
6744052aebb52d3e899c7d82463ec8086571011160b1cf1d11510bcdd6c0949fWordPress Snazzy Maps plugin versions 1.1.3 and below suffer from a cross site scripting vulnerability.
69d9372e1f11eb13779812a45773c8c5799eb581c2d4f0a43fdac8c63bc11aacRed Hat Security Advisory 2018-2251-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 52.9.1. Issues addressed include buffer overflow, cross site request forgery, and use-after-free vulnerabilities.
cfab7a998bd27c1e4a1a0e65a6b7bd19bed1aba4d0504b8ee9a31d57643744bfRed Hat Security Advisory 2018-2252-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 52.9.1. Issues addressed include buffer overflow, cross site request forgery, and use-after-free vulnerabilities.
710bbfbe7f1c6bbad567e4d6df96227243d295254c8df4498a8b7b3a8cd14173Red Hat Security Advisory 2018-2255-01 - Oracle Java SE version 7 includes the Oracle Java Runtime Environment and the Oracle Java Software Development Kit. This update upgrades Oracle Java SE 7 to version 7 Update 191. Issues addressed include an insufficient validation vulnerability.
7f56d6d295c0b9904a9d164fe4d5c455c5008ad4d1e65d4ab50bb02cf2ac133d
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed