Navicat version 12.0.29 denial of service proof of concept exploit.
231a26c8ddf8d51e24d21c34c2162be365afa17b01ffef4cad7713c384d4744d
Paramiko version 2.4.1 suffers from an authentication bypass vulnerability.
8fdbbce25bd59a254eeb170eef568cb4827b7c0fac06fec6764692bcc9747b33
Chrome OS runs an ancient unrar in CAP_SYS_ADMIN context.
6c47eeec17a92a7dddd947efe20d6c35cea27233a2be3ccff4e2ac591c94d089
OpenSSL Security Advisory 20181029 - The OpenSSL ECDSA signature algorithm has been shown to be vulnerable to a timing side channel attack. An attacker could use variations in the signing algorithm to recover the private key.
d3257f8219f6941e73bfa831feb954aeecb4cb0fda9593faa095d53b72dbd884
MyBB Downloads version 2.0.3 suffers from a remote SQL injection vulnerability.
6cced91677e082741b71dffd50b61869f745148c3a40e235aca795fd43a8af7c
Webiness Inventory version 2.9 suffers from a remote shell upload vulnerability.
40336d3af53a8ba585646fbedc4366f3618af0f92e4e24bfa7992e3b7063a57d
WordPress Arforms plugin versions 3.5.1 and below suffer from an arbitrary file deletion vulnerability.
eec5913d7e98c93148a427b5533b2edf6c4b543e9e8fc4ce4b3f0fd2e675535c
ASRock offers several utilities designed to give the user with an ASRock motherboard more control over certain settings and functions. These utilities include various features like the RGB LED control, hardware monitor, fan controls, and overclocking/voltage options. Multiple vulnerabilities were found in AsrDrv101.sys and AsrDrv102.sys low level drivers, installed by ASRock RGBLED and other ASRock branded utilities, which could allow a local attacker to elevate privileges. Vulnerable packages include ASRock RGBLED before version 1.0.35.1, A-Tuning before version 3.0.210, F-Stream before version 3.0.210, and RestartToUEFI before version 1.0.6.2.
3b57e1d843a64059edf1200acba22a276913db2838fb449328d307badda0ce0e
Ubuntu Security Notice 3802-1 - Narendra Shinde discovered that the X.Org X server incorrectly handled certain command line parameters when running as root with the legacy wrapper. When certain graphics drivers are being used, a local attacker could possibly use this issue to overwrite arbitrary files and escalate privileges.
3e1800b73c06b9c5d9e9432c23ff8f3942aa93d0c796d9685eac915ed9e32c29
Shell In A Box versions 2.2.0 and below suffer from an infinite loop denial of service vulnerability.
cf504b640b61a6a0ad0b121dbbe3f7bee85c6e61335a525740f2aa402cebc279
HID ActivID ActivClient version 7.1.0.202 may not enforce upper bounds on the size of data received from a smart card, which can lead to attacks such as memory exhaustion, or serve as a heap spraying primitive for other attacks against the software, albeit slowly.
8f152ff2c4f8e62b07f2d5b2c106633d4aa5a263ab60b54c6da64427b460e860
EpiCentro firmware version 7.3.2+ suffers from buffer overflow and script insertion vulnerabilities.
bb7af97769973fe7ea4a938d8083e550a0b3c214f844e4b46936537ed8d7afa2
Lynis is an auditing tool for Unix (specialists). It scans the system and available software to detect security issues. Beside security related information it will also scan for general system information, installed packages and configuration mistakes. This software aims in assisting automated auditing, software patch management, vulnerability and malware scanning of Unix based systems.
c9cb9b77dcdc782decbf06ddca30c0e853605b99029d8e86ade8449a0959be3b
Debian Linux Security Advisory 4328-1 - Narendra Shinde discovered that incorrect command-line parameter validation in the Xorg X server may result in arbitrary file overwrite, which can result in privilege escalation.
ff2d18b1e14df09f902ec8b06d02f0b9342bf4aeb06bcfc17a2725b769fef697
Debian Linux Security Advisory 4327-1 - Multiple memory safety errors and use-after-frees in Thunderbird may lead to the execution of arbitrary code or denial of service.
b8e9888995dd121b5a52e5b325f620018e65bb80ce0d368243634ad49d060edf
Veterinary Clinic Management version 00.02 suffers from a remote SQL injection vulnerability.
825e79b3e2256ca55c996cbeff3c5b16afafdb082902dbed545562762440ebee
Delta Sql version 1.8.2 suffers from a remote SQL injection vulnerability.
2bfe118de20017e4635cc94e80b2bd9459d6029b2400cbd71fea09640e8695b4
Oracle Hyperion Planning version 11.1.2.4 suffers from a cross site scripting vulnerability.
f1e4246f1facceb265fb6db192bb8778e2c6cf895f1800708a650565fa3c0b4f
Debian Linux Security Advisory 4326-1 - Several vulnerabilities have been discovered in OpenJDK, an implementation of the Oracle Java platform, resulting in denial of service, sandbox bypass, incomplete TLS identity verification, information disclosure or the execution of arbitrary code.
f65b0ae142b8e0d015848815c046f57b0298bdcd73ccef2bb8ebd095c347bdda
PHPTPoint Mailing Server Using File Handling version 1.0 suffers from an arbitrary file read vulnerability.
e02f2013b71c60f2a80ccd5a9984a80a1cbfe95a3f23088757c3b8ecb0e3270f
MPS Box version 0.1.8.0 suffers from an arbitrary file upload vulnerability.
02a41fee1c5c3b7bc1d08e27ca2488fc87b8e85d754671bb370588bffb6f8153
Quick Count version 2.0 suffers from a remote SQL injection vulnerability.
cbbedef9662c5f980cf3ca7dba6c9ffe8ff823ac5f0865a45fe3e3627ea82188
Open STA Manager version 2.3 suffers from an arbitrary file download vulnerability.
bea74447089de7d4bfb0e5b9689ece1013ab468f352e4547bc68e8f2e9b65335
libtiff up to and including 4.0.9 decodes arbitrarily-sized JBIG into a buffer, ignoring the buffer size.
2add576a08028a74562995e308d683181780cd67773254393cf326582e328c29
Linux suffers from an issue with systemd where chown_one() can dereference symlinks.
d697c36e79f99a67f9cd338b7bd29e048c68c6bb76813a6a4825722f969d23a4