Ubuntu Security Notice 3818-1 - It was discovered that PostgreSQL incorrectly handled certain trigger definitions when running pg_upgrade or pg_dump. A remote attacker could possibly use this issue to execute arbitrary SQL statements with superuser privileges.
52ce5bc340aafe105e554cf1294034e3d1b9d8d710cc9ca73192ced1ce6c377fPrecurio Intranet Portal version 2.0 suffers from a cross site request forgery vulnerability.
75835f56fce61d371e7184ad5671bdc7ab8b387e6307d73f084a2214854f18c1DoceboLMS version 1.2 suffers from remote shell upload and remote SQL injection vulnerabilities.
1942dc719390f093bb247872434c6692200916c4e176aa316a1173b88d721671Ubuntu Security Notice 3820-1 - Felix Wilhelm discovered that the Xen netback driver in the Linux kernel did not properly perform input validation in some situations. An attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that the generic SCSI driver in the Linux kernel did not properly enforce permissions on kernel memory access. A local attacker could use this to expose sensitive information or possibly elevate privileges. Various other issues were also addressed.
33d95214e519f77560280b735b814c81a899f8a9f824d8f38c685c13950636c8Ubuntu Security Notice 3819-1 - Felix Wilhelm discovered that the Xen netback driver in the Linux kernel did not properly perform input validation in some situations. An attacker could use this to cause a denial of service or possibly execute arbitrary code.
bcf564aa62d3ac4b93ddf052ffaa8f0b083bbffadf362edb33538b52ea5a5474Electricks eCommerce version 1.0 suffers from a persistent cross site scripting vulnerability.
adfff7d4faa6354ac38b82b4a1d79cfea6b4092a8abf26e61b77468b3517e750Pedidos version 1.0 suffers from a remote SQL injection vulnerability.
2adb71049b745c1e9bb57310dd7c0c139e445155ed04bb3c9e7bce7a136429ebRmedia SMS version 1.0 suffers from a remote SQL injection vulnerability.
3fbb2425bceaf71e6ec798974bd932ee4a593f8009677e30c2cfd88c95a4e561Debian Linux Security Advisory 4339-1 - Multiple vulnerabilities were discovered in Ceph, a distributed storage replay attacks and calculated signatures incorrectly, "ceph mon" did not validate capabilities for pool operations (resulting in potential corruption or deletion of snapshot images) and a format string vulnerability in libradosstriper could result in denial of service.
c7019432346c7f81c0a0665e9d626906d42c2b89e4a3f57a8aca378822cf9293VMware Security Advisory 2018-0028 - VMware vRealize Log Insight updates address an authorization bypass vulnerability.
dfcf464e77f748c4151376c197f02fdba0c45af7029dd0c42cc83963fd6091c5In this article, the author explores ways to bypass protection methods using the PHP Stream Wrappers, which are responsible for handling protocol related tasks like downloading data from a web or ftp server and exposing it in a way in that it can be handled with PHP's stream related functions.
eb1b419125c1b9aa31bd933a42cb8186ad467dc3e63433095d4ed7b2fb2a7128Notepad3 version 1.0.2.350 suffers from a denial of service vulnerability.
fbd43f0355ea1beb5557f1bbc441ea7cdb62e938e8598fc499949f0914db5cccBosch Video Management System version 8.0 suffers from a denial of service vulnerability.
ea6fe85e0e33a8264b66e52a0d687ee95adcdfa12599bcb096627b9aae38f250AMPPS version 2.7 suffers from a denial of service vulnerability.
1e1e97d3c65498b163b7baf16e6c6ff4d82fdc29fd8a6052ba024bf2f226a99bntpd version 4.2.8p10 out-of-bounds read proof of concept exploit.
c94133fbdc5e07edf27c450f7e6252957fb711ed61fe71c545825bb55d48fbd4PHP version 5.2.3 (Debian) suffers from an imap imap_open disable functions bypass vulnerability.
f3077433d35bbf09cf3807636e75caadfb921ddd29a972fba2ba434bba9137a0EdTv version 2 suffers from a remote SQL injection vulnerability.
de24a773930d6856c0d75f7ec8c81902a2b16e07bb38bd8257b89a3398bfa6c7Electricks eCommerce version 1.0 suffers from a cross site request forgery vulnerability.
0d7e8fb8424c8cfc85f770bef55ab554cb9654ecaf3d937cb78aec3e744be30fHelpdezk version 1.1.1 suffers from a remote SQL injection vulnerability.
014985a20ce46b6a80623639696c630532eb63a163fdc1ea526ba07d74d3f697iServiceOnline version 1.0 suffers from a remote SQL injection vulnerability.
fc556c6153f509bf9925337e2efca62605147e5ccd68a9a02ae0ca33316acc1c
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed