Joomla! Jobs Factory component version 2.0.4 suffers from a remote SQL injection vulnerability.
aacf9d12b790a10ffc2585e9fecf2a974e62e207c8747faffcda3d8097e84eb0Joomla! Questions component version 1.4.3 suffers from a remote SQL injection vulnerability.
84915635355b08b3308912270cd914b1005a5dbd25e18a7e39b10a4d50db05acJoomla! Penny Auction Factory component version 2.0.4 suffers from a remote SQL injection vulnerability.
7371788698e24a9a87febc1b00008383c630af3875fcbdd14d74fb779732c906Joomla! Music Collection component version 3.0.3 suffers from a remote SQL injection vulnerability.
da6f9a050b57452ea2cca0e7368e2f8a78090c98b28a6789bb03a787669dea57Joomla! Raffle Factory component version 3.5.2 suffers from a remote SQL injection vulnerability.
40c872e82e09227ca22a0b808940425518574b282e1c57209d8a3f8dc18d79fbSuper Cms Blog Pro version 1.0 suffers from a remote SQL injection vulnerability.
9f837708bf52b023bd550037febbbddd4b114c10583dc1d34f47e6fc568a4ed6Joomla! Responsive Portfolio component version 1.6.1 suffers from a remote SQL injection vulnerability.
4ec74108ac65de2a043c84ce9fc055e69eda0ba11b49bf46acf5a82314313f48Samhain is a file system integrity checker that can be used as a client/server application for centralized monitoring of networked hosts. Databases and configuration files can be stored on the server. Databases, logs, and config files can be signed for tamper resistance. In addition to forwarding reports to the log server via authenticated TCP/IP connections, several other logging facilities (e-mail, console, and syslog) are available. Tested on Linux, AIX, HP-UX, Unixware, Sun and Solaris.
c691f28e57cbe9c032ae7dc01fb18deffd393ee5720f10637d2b4648f8f22a70Dell EMC ESRS Policy Manager requires a workaround to address a remote code execution vulnerability that could potentially be exploited by malicious users to compromise the affected system.
9c9f2adff24c1ebd8eb68143f2becd69784ea53a955cb2aa61d57dc5b62eb7baApple Security Advisory 2018-9-24-6 - APPLE-SA-2018-9-24-6 provides additional information for APPLE-SA-2018-9-17-3. tvOS 12 is now available and addresses interception issues.
1569303fb0a927bc8e23ba48fd80806e35a0e5c6e52d9e0bfcc3c4921929c22cApple Security Advisory 2018-9-24-5 - APPLE-SA-2018-9-24-5 provides additional information for APPLE-SA-2018-9-17-2. watchOS 5 is now available and addresses validation issues.
d094dbbbfb6765337f5e8e2519acbcb8ba389473da3df254ef33db12d4630cb3Apple Security Advisory 2018-9-24-4 - APPLE-SA-2018-9-24-4 provides additional information for APPLE-SA-2018-9-17-1. iOS 12 is now available and addresses memory corruption and input validation vulnerabilities.
fe6d1b8b3958f08fadaf9feda8a759143d5d125386459a13ec51171d4098256cApple Security Advisory 2018-9-24-3 - APPLE-SA-2018-9-24-3 provides dditional information for APPLE-SA-2018-9-17-4. Safari 12 is now available and addresses browser history deletion and user interface spoofing vulnerabilities.
3ee8bc953d34224647e894922d3a74c6686f024b24a90150518c76f7ddb1da16Ubuntu Security Notice 3771-1 - It was discovered that strongSwan incorrectly handled IKEv2 key derivation. A remote attacker could possibly use this issue to cause strongSwan to crash, resulting in a denial of service. Sze Yiu Chau discovered that strongSwan incorrectly handled parsing OIDs in the gmp plugin. A remote attacker could possibly use this issue to bypass authorization. Sze Yiu Chau discovered that strongSwan incorrectly handled certain parameters fields in the gmp plugin. A remote attacker could possibly use this issue to bypass authorization. Various other issues were also addressed.
e17f096815ff5bd42d4ea76068f61f20c3869354f1a3c2c88ea7118d853351daApple Security Advisory 2018-9-24-2 - iTunes 12.9 for Windows addresses code execution and memory corruption vulnerabilities.
42d9b5e310c3b61a259d697f44aedf0f8944ed2e2369510e87c6fc5f0b7c9153Apple Security Advisory 2018-9-24-1 - macOS Mojave 10.14 is now available and addresses memory corruption and input validation vulnerabilities.
61fcfff5885e60f7213b3f70197aa6be0c3e910caed6dbc533d2e3f88fc67869This Metasploit module exploits a directory traversal vulnerability in the dtappgather executable included with Common Desktop Environment (CDE) on unpatched Solaris systems prior to Solaris 10u11 which allows users to gain root privileges. dtappgather allows users to create a user-owned directory at any location on the filesystem using the DTUSERSESSION environment variable. This Metasploit module creates a directory in /usr/lib/locale, writes a shared object to the directory, and runs the specified SUID binary with the shared object loaded using the LC_TIME environment variable. This Metasploit module has been tested successfully on: Solaris 9u7 (09/04) (x86); Solaris 10u1 (01/06) (x86); Solaris 10u2 (06/06) (x86); Solaris 10u4 (08/07) (x86); Solaris 10u8 (10/09) (x86); Solaris 10u9 (09/10) (x86).
6f75827f24c9c71623ec21ea18e8644185262819fb0757d5169bc8b6020326acFaraday is a tool that introduces a new concept called IPE, or Integrated Penetration-Test Environment. It is a multiuser penetration test IDE designed for distribution, indexation and analysis of the generated data during the process of a security audit. The main purpose of Faraday is to re-use the available tools in the community to take advantage of them in a multiuser way.
07ad9e3fbf8f57d6ac1224313fe2be2422673b297a921b513932019354373599Lynis is an auditing tool for Unix (specialists). It scans the system and available software to detect security issues. Beside security related information it will also scan for general system information, installed packages and configuration mistakes. This software aims in assisting automated auditing, software patch management, vulnerability and malware scanning of Unix based systems.
8fc68ef7f643327cbe0eb3616015d59225649ee4eccc2a632707857a573eb468Debian Linux Security Advisory 4305-1 - Sze Yiu Chau and his team from Purdue University and The University of Iowa found several issues in the gmp plugin for strongSwan, an IKE/IPsec suite.
3600f91c663ea865ce9da23457277830706c0b7bfd18f2204a59509fb92beb1aThe RICOH MP C6003 printer suffers from cross site scripting and html injection vulnerabilities.
964f506e2a947534e09f4b563aa2d0a244814b24929f588f260f704e8314890fRed Hat Security Advisory 2018-2743-01 - Red Hat JBoss Enterprise Application Platform is a platform for Java applications based on the JBoss Application Server. This release of Red Hat JBoss Enterprise Application Platform 6.4.21 serves as a replacement for Red Hat JBoss Enterprise Application Platform 6.4.20, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include a denial of service vulnerability.
37eda32cb7a191a1c6736b12f198f553328de5c123f33beb2d638d6d58a35666Joomla! AMGallery component version 1.2.3 suffers from a remote SQL injection vulnerability.
0d6325ae2fe3bcb68ef307662c8493efc3fcdda8d8f5be776f84762d6e433119The RICOH MP C2003 printer suffers from cross site scripting and html injection vulnerabilities.
9f1122b8f6d9dcd05266b232e0329ff0e06c0dad4e963d25aee8bd600f103613The RICOH MP 305+ printer suffers from cross site scripting and html injection vulnerabilities.
fe3fcd47f89282e12b4f7f04156c82c656e3d18b555040ec9954cf13966f9817
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed