School ERP Ultimate version 2018 suffers from an arbitrary file download vulnerability.
d3378cbdf6bc9b661f042cd45fa13e4b05c606e5d8bd44c24325254104a96a2bMySQL Edit Table version 1.0 suffers from a remote SQL injection vulnerability.
8a3456c75957395a22a2a8ae80d668ad8b82507421bd39c72b28a4451650a93eModbus Poll version 7.2.2 suffers from a denial of service vulnerability.
9ad84d566a67041600a87c7ba57361924f3dde7551b9296f72542cc385cef813AudaCity version 2.3 suffers from a denial of service vulnerability.
c5901bb84c7c732496da846f99d21f5b3385bcd92fd834772a289f2684bd986bThis exploit permits an attacker to bypass UAC by hijacking a registry key during computerSecurity.exe (auto elevate windows binary) execution.
21b288f1176d274ff81831600b08bc360a27850b835d8b11afeb4c8176e4c76bThis Metasploit module exploits an elevation of privilege vulnerability that exists in Windows 7 and 2008 R2 when the Win32k component fails to properly handle objects in memory. An attacker who successfully exploits this vulnerability could run arbitrary code in kernel mode. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. This Metasploit module is tested against windows 7 x86, windows 7 x64 and windows server 2008 R2 standard x64.
79eca834aca76d7c9dcfa923affa9994710ca886d5626b9d0a2674dfb96f1d76This is a Linux/portable port of OpenBSD's excellent OpenSSH. OpenSSH is based on the last free version of Tatu Ylonen's SSH with all patent-encumbered algorithms removed, all known security bugs fixed, new features reintroduced, and many other clean-ups.
6b4b3ba2253d84ed3771c8050728d597c91cfce898713beb7b64a305b6f11aadThis Microsoft bulletin summary lists a new CVE that has been added to the October advisory.
29a8949cb9ba72f136a4c3d52c21fbc74b121f4f5701451e5310ff34caa73a37Viprinet VPN Hub Router suffers from a persistent cross site scripting vulnerability.
52bc57a1b9cf99352f7f193f1e7f5d546ad57fca447fffb65f78855a2d95b210WiFiRanger version 7.0.8rc3 suffers from an incorrect access control that allows for ftp retrieval of an RSA identity that an attacker can use to ssh in as root.
0dac8dc00687d4ade56ce5c6d6ea523fcc5dd99ea0a15c17eee3efc370c56302CA Technologies Support is alerting customers to a low risk issue with CA Identity Governance. In a certain product configuration, an attacker can gain sensitive information. CA published solutions to address the vulnerability. The vulnerability occurs due to how CA Identity Governance responds to login requests. An attacker may exploit the vulnerability to enumerate account names. Affected products include CA Identity Suite Virtual Appliance 14.0, 14.1, and 14.2 and CA Identity Governance 12.6, 14.0, 14.1, and 14.2.
77fb382be97c445901464a21707cba72f39427d270744ebfe38f59cd2119ab24libSSH suffers from an authentication bypass vulnerability.
6bcffb74a9c2f6e6896ef61d538f794814156c05eda4456a642ba4d74d440fe2Zoho ManageEngine OpManager version 12.3 suffers from an arbitrary file upload vulnerability.
b33e29926189ccf274c11a2f500355455426ce1a4b36d07449efbf681fa210abThe Apple Intel GPU driver suffers from use-after-free and double-delete issues due to bad locking.
4d6791432618061cb975059371e237f9a46d82d2bec01d12172ccd55d321b85diOS and macOS suffers from a sandbox escape due to trusted length field in shared memory used by the HID event subsystem.
9f92e17a4bc90ee3be401ed5757d7b0662a8fcc83025305c4d6a1dcfb6c4d537iOS suffers from a kernel stack memory disclosure due to failure to check copyin return value.
60108b89486cb359363b2d03bb42b7169fee6f244ce5cebe800da43c4e47b46biOS and macOS suffer from a sandbox escape vulnerability due to failure to comply with MIG object lifetime semantics in the iohideventsystem_client subsystem.
ff9f40b9c0d00a8ee0be928d095a2be9b2f36e3eb4f05ff0773213385268c2abiOS and macOS suffer from sandbox escape vulnerabilities due to MIG failing to use correct out-of-line descriptor lengths when parsing reply messages.
5091c4468fab2e2a1470f04489a28ba0db8e5cf1a82d942ae755cb6a186288b4iOS and macOS suffers from a kernel memory corruption vulnerability due to integer overflow in IOHIDResourceQueue::enqueueReport.
0dbe4b20474f95c05693ec94926bd5cf5da65a1cbf559520b14b1deda15e2456iOS and macOS suffers from a sandbox escape vulnerability due to mach message sent from shared memory.
a3d215b3dcbb576bdd541af3b90d6ce149694fdd4b79be4354ec9f8a117ca103The iOS kernel suffers from a use-after-free vulnerability due to bad error handling in personas.
aa2e893e44b3383afac1e9706aeb1eb72350ea667bfc363aae18388d5c8a4888Red Hat Security Advisory 2018-2949-01 - Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Issues addressed include out-of-bounds write vulnerability.
f241453ffa163d40dd81258a5862a82222959a75a2cbbe5df63dc0fa6673d22dRed Hat Security Advisory 2018-2946-01 - Red Hat Openshift Application Runtimes provides an application platform that reduces the complexity of developing and operating applications for OpenShift as a containerized platform. The RHOAR Eclipse Vert.x 3.5.4 release serves as a replacement for RHOAR Eclipse Vert.x 3.5.3, and includes bug fixes and enhancements. For a detailed list of issues resolved in the community Eclipse Vert.x 3.5.4 release, see the release notes in the References section. Issues addressed include an API validation flaw and a problem where the WebSocket HTTP upgrade implementation holds the entire http request in memory before the handshake.
e29c6150ae8d0030a070aada9327816802a5882ebb9954d037d9af034d62e61cRed Hat Security Advisory 2018-2944-01 - Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Issues addressed include an out-of-bounds write vulnerability.
fbd71887a969f803ba77744adb4f3767ff5ac3ced19975e9e474b78bfdce39c6Red Hat Security Advisory 2018-2945-01 - Red Hat Openshift Application Runtimes provides an application platform that reduces the complexity of developing and operating applications for OpenShift as a containerized platform. This release of RHOAR Spring Boot 1.5.16 serves as a replacement for RHOAR Spring Boot 1.5.15, and includes bug fixes and enhancements. For further information, refer to the Release Notes linked to in the References section. Issues addressed include a denial of service vulnerability.
ddfaf8bb4cf6423bb14ed2a6d7fa6bb022af219eab477c44382342e63413890f
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed