Gentoo Linux Security Advisory 201903-23 - Multiple vulnerabilities have been found in Chromium, the worst of which could result in the remote execution of code. Versions less than 73.0.3683.75 are affected.
0d758e392119bc08e7cd6fc9d8eb0febf9dc6149e7e5fd26f8a4b2a5e96d918fGentoo Linux Security Advisory 201903-22 - An overflow was discovered in ZeroMQ which could lead to arbitrary code execution. Versions less than 4.3.1 are affected.
369fd084812b4a33195bab4ed061f4af8ecfca25a6f5c4e5d440330adf785501Gentoo Linux Security Advisory 201903-21 - Multiple vulnerabilities have been found in Apache Web Server, the worst of which could result in a Denial of Service condition. Versions less than 2.4.38-r1 are affected.
3369fcf2fa83fa333a273a54c49a32700989b254b926ea600e23ca5cfd2463c4Gentoo Linux Security Advisory 201903-20 - Multiple vulnerabilities have been found in cabextract and libmspack, the worst of which could result in a Denial of Service. Versions less than 1.8 are affected.
f6cc6c4509246d480adeaa1577b14cf69fbde2f3438f43221621f90493f9137aGentoo Linux Security Advisory 201903-19 - Multiple vulnerabilities have been found in NASM, the worst of which could result in the remote execution of arbitrary code. Versions less than 2.14.02 are affected.
5169c28e2886caf3cf570b40fff2a4af5a5f2a94b75b57715fb66994435e9c20Gentoo Linux Security Advisory 201903-18 - Multiple vulnerabilities have been found in GD, the worst of which could result in the remote execution of arbitrary code. Versions less than 2.2.5-r2 are affected.
1d37ab9ca2e7fff5ccebddafafb28ae0b10fe4c7a72c0a7ba6a91459db606e08Gentoo Linux Security Advisory 201903-17 - Multiple vulnerabilities have been found in the image loading library for Simple DirectMedia Layer, the worst of which could result in the remote execution of arbitrary code. Versions less than 2.0.4 are affected.
5cb36cfcb59a08e2b10834307d984823deaeb727c2f5b6ca3f78cfe7dd717c50i-doit version 1.12 suffers from a cross site scripting vulnerability.
fb0838c0400c022ec5221479543a20086b1cb21bd268d29ad3df0f1b3da1d936Airbnb Clone Script (Homeybnb) suffers from multiple remote SQL injection vulnerabilities.
390b42dab050f6e5f04aee1de6edf47ec084ab7326d7e902c8e4720bb52cc08dMasch CMStudio Banners module version 8.6.1 suffers from an open redirection vulnerability.
2e6d19111da91575e68eade23f7674f6a28022210ce2cbcd0e0204c5e0a9646cWordPress Form Builder plugin version 1.0 suffers from a database disclosure vulnerability.
d1d6727947d55142fd467d2f62a81b7197288fba1340846e6676ea5b07c4e6ffThis Metasploit module exploits a file upload vulnerability that allows for remote command execution in Showtime2 module versions 3.6.2 and below in CMS Made Simple (CMSMS). An authenticated user with "Use Showtime2" privilege could exploit the vulnerability. The vulnerability exists in the Showtime2 module, where the class "class.showtime2_image.php" does not ensure that a watermark file has a standard image file extension (GIF, JPG, JPEG, or PNG). Tested on Showtime2 3.6.2, 3.6.1, 3.6.0, 3.5.4, 3.5.3, 3.5.2, 3.5.1, 3.5.0, 3.4.5, 3.4.3, 3.4.2 on CMS Made Simple (CMSMS) 2.2.9.1.
1df098a0e8333fb97bab3cd80dd2de6a5ea4a18a6d09b8daa9ff38cd10e5965aThis Metasploit module demonstrates that an unauthenticated attacker with network access to the Oracle Weblogic Server T3 interface can send a serialized object (weblogic.jms.common.StreamMessag eImpl) to the interface to execute code on vulnerable hosts.
e9fa1048c7115283a85c77ab6fc28657f1c314f5367d3be58cd22dda512105d6A bug in IonMonkeys type inference system when JIT compiling and entering a constructor function via on-stack replacement (OSR) allows the compilation of JITed functions that cause type confusions between arbitrary objects.
69137aa1448d0433945fde8e7e4340601a30cc89d0f1611dc9c4960de77a3759This is a critical memory corruption vulnerability in any API backed by verify_crt(), including gnutls_x509_trust_list_verify_crt() and related routines in GnuTLS.
533f01efe3a32a400eae85ee0cf901c9f9719f4ada7f40836cc2938e024c4866Clam AntiVirus is an anti-virus toolkit for Unix. The main purpose of this software is the integration with mail servers (attachment scanning). The package provides a flexible and scalable multi-threaded daemon, a command-line scanner, and a tool for automatic updating via Internet. The programs are based on a shared library distributed with the Clam AntiVirus package, which you can use in your own software.
0a12ebdf6ff7a74c0bde2bdc2b55cae33449e6dd953ec90824a9e01291277634Fat Free CRM version 0.19.0 suffers from an html injection vulnerability.
df06e72549fffc50f5424d1db04c2b934ef5ad16747d4a3c950bb915e38af30fRedTeam Pentesting discovered a command injection vulnerability in the web-based certificate generator feature of the Cisco RV320 router which was inadequately patched by the vendor.
fa1fddffe139a0d576a787664aa6b3b1d1207ed373110904ad3b88fa8d1e4370RedTeam Pentesting discovered that the Cisco RV320 router still exposes sensitive diagnostic data without authentication via the device's web interface due to an inadequate fix by the vendor.
2b7e66ad19b6068e6af38b37416a2c3c4c1dbb9a1a959f50323d828c81b0520eRedTeam Pentesting discovered that the configuration of a Cisco RV320 router can still be exported without authentication via the device's web interface due to an inadequate fix by the vendor.
aa2ffadd37f8b53f7521b5331aff0f56f21b08999e7e3839a9709f9b42d32d19Ubuntu Security Notice 3923-1 - Michael Hanselmann discovered that QEMU incorrectly handled the Media Transfer Protocol. An attacker inside the guest could use this issue to read or write arbitrary files and cause a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 18.10. Michael Hanselmann discovered that QEMU incorrectly handled the Media Transfer Protocol. An attacker inside the guest could use this issue to read arbitrary files, contrary to expectations. This issue only affected Ubuntu 18.04 LTS and Ubuntu 18.10. Various other issues were also addressed.
bd50cf4e3724dde4eca89acd01b984093f41b59050ef6cddd19b55a916c3b163Red Hat Security Advisory 2019-0672-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 60.6.1 ESR.
a66e07d0056a772de65564f6604eb67706b5f09c2226b7789a271c9c481ea630Red Hat Security Advisory 2019-0671-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 60.6.1 ESR.
5384e9fcb533149326a741c9c1a106aee3dd186a89e17054dc29950e438e6d53Joomla ARI Image Slider component version 2.2.0 suffers from cross site request forgery and remote shell upload vulnerabilities.
d51451d6dc114e1ed2871c58739b811223f60d0185fd6c98d0b0d5bd3b628d0dRazer laptops ship with SPI flash set to full read/write and the Intel CPU is left in ME Manufacturing Mode.
7d678619ab5a9fdf0463c198c9e4b917336b325215c49776175af01fad3b75d0
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed