AVE DOMINAplus versions 1.10.x and below suffer from a credential disclosure vulnerability.
fb23f97bb7a796b24603f52ab2b6237866cb0d5e5d1fcbe46e9cb2975bf4d6cdAVE DOMINAplus versions 1.10.x and below suffer from an authentication bypass vulnerability.
f4c090245182d4f6d5c066262ce9a85e46956fbae937da321ffabb01e83bb924AVE DOMINAplus versions 1.10.x and below suffer from an unauthenticated remote reboot vulnerability.
a9ed27231fe14524b9a83ea6aec6bd283fc0d8952d4f7d92cb016a614a545fbfAVE DOMINAplus versions 1.10.x and below suffer from cross site request forgery and cross site scripting vulnerabilities.
6dbdb199228eb07a4d22d2601beb616d58332dc982ea7ad25070d0a60cc50f85Debian Linux Security Advisory 4593-1 - It was found that freeimage, a graphics library, was affected by the heap buffer overflow and stack exhaustion vulnerabilities.
4ebdd4858626576870687736dfb6bbf6dc59bf2ac9dcf517ef5a2dd786183e7bDebian Linux Security Advisory 4592-1 - It was discovered that the Title blacklist functionality in MediaWiki, a website engine for collaborative work, could by bypassed.
bb20c7cf79bcabae820f69665eb8d16f0f0eb6ff267718a901d2578df8890394Microsoft Exchange Server 2013 CU22 and previous versions suffer from an external service interaction issue.
97ae1cdfb14b6b4713dcecd41c04b196d03d7a204cae20790fa60f8db0e26eaaDebian Linux Security Advisory 4591-1 - Stephan Zeisberg reported an out-of-bounds write vulnerability in the _sasl_add_string() function in cyrus-sasl2, a library implementing the Simple Authentication and Security Layer. A remote attacker can take advantage of this issue to cause denial-of-service conditions for applications using the library.
4db92c809e74e626ad26cbe38cd7f796e781962de618ac889bc9c491e03a3624Slackware Security Advisory - New tigervnc packages are available for Slackware 14.2 and -current to fix security issues.
3761322629c9c5cd98ffac11bc9c7d21c77149de443b8fc3a1a74626a8aca9e2Slackware Security Advisory - New openssl packages are available for Slackware 14.2 and -current to fix a security issue.
ac183b8e752e5f00b1fc5cc6180eb2594a11d4d02915f3992ca665a26a46e860Domain Quester Pro version 6.02 suffers from a stack overflow vulnerability.
73039072ad383a4d73b3992138c7fcd16c858b30ebd3ef28e5287f2590cb2c90RICOH Web Image Monitor version 1.09 suffers from an html injection vulnerability.
8180640735b664e85f8a594c65145568ddb2f0c241577fe3aa04fc5bf43cfb49Heatmiser Netmonitor version 3.03 suffers from an html injection vulnerability.
d7b591bcf03744af35693fba3356137a4e003ba42419844a9812bbe7f8bc480dXEROX WorkCentre 6655 Printer suffers from a cross site request forgery vulnerability.
d5f3095808c02e6ca61f02cd21215c35e1a9f78fc566355963fa1e13d8ebbe86XEROX WorkCentre 7855 Printer suffers from a cross site request forgery vulnerability.
77612bad456f1d37fe3057a6a4ecdc4f10cb1375b19fd8806b790dfe3624e621XEROX WorkCentre 7830 Printer suffers from a cross site request forgery vulnerability.
722ddad24a74446b88461671c5e4dc983e78cbc0412958c4505fc5c3cd41415a117 bytes small Linux/x86 encoding of random bytes + XOR/SUB/NOT/ROR and also decodes ROL/NOT/ADD/XOR execve(/bin/sh) shellcode.
b82dfb8d4d91af3595f567041ee05b15504b8214cc59b1d265373db0258eb1baThis whitepaper covers a new technique that utilizes DLL injection to inject a custom DLL into a running vulnerable process to add a POP POP RET sequence in the scenario that the vulnerable program does not include any null byte free sequences. This is a useful technique to exploit SEH buffer overflow attacks successfully.
74df8ee5ae7f9410a55a3ced1546454f896ed3cdd356c8ffd56a51dee01fc0dbA vulnerability exists in CA Client Automation that can allow a local attacker to gain escalated privileges. CA published solutions to address the vulnerability and recommends that all affected customers implement the applicable solution. The vulnerability, CVE-2019-19231, occurs due to insecure file access by the agent services. A local attacker may exploit this vulnerability to execute arbitrary commands with escalated privileges on an installation of the Client Automation agent. The Windows agent in CA Client Automation versions 14.0, 14.1, 14.2, and 14.3 are affected.
f83b28b09c7c76554eda487fcb8f48e6c31754eb1815d5deca6571ca3cc74d47Prime95 version 29.8 build 6 SEH buffer overflow exploit.
40e427bd212ab4a7abfeab0080a1cb64d1d519cd8464b3d962d69e93abc61d4cThis Metasploit module uses Reptile rootkit's reptile_cmd backdoor executable to gain root privileges using the root command. This module has been tested successfully with Reptile from master branch (2019-03-04) on Ubuntu 18.04.3 (x64) and Linux Mint 19 (x64).
8186f5f11335f41fb98ec8db0d3d1fb55357e44c311a504e72b4a26781481cf4This Metasploit module exploits a vulnerability in the rds_page_copy_user function in net/rds/page.c (RDS) in Linux kernel versions 2.6.30 to 2.6.36-rc8 to execute code as root (CVE-2010-3904). This module has been tested successfully on Fedora 13 (i686) kernel version 2.6.33.3-85.fc13.i686.PAE and Ubuntu 10.04 (x86_64) with kernel version 2.6.32-21-generic.
bc46d127784cc25a8eebe3568a7dc33efb953a22d3a6de8a44f9394b892ee0c6Red Hat Security Advisory 2019-4361-01 - A library to handle bidirectional scripts, so that the display is done in the proper way, while the text data itself is always written in logical order. Issues addressed include buffer overflow, code execution, and denial of service vulnerabilities.
8fb50e20295bd9ecc4cbcc8d48352c1e7358fa6fbaaf0d25dbdbee7024c335c5Red Hat Security Advisory 2019-4360-01 - The libyang package provides a library for YANG data modeling language. libyang is a YANG data modelling language parser and toolkit written in C. The library is used e.g. in libnetconf2, Netopeer2, sysrepo and FRRouting projects. Issues addressed include a buffer overflow vulnerability.
be3166a5b5988a969e5b240bb3ab3ef561a9e2a0ed082e45d7449b9601d02f95FreeSWITCH version 1.10.1 suffers from a command execution vulnerability.
cf5fac441e8fe1dc7aaac84e56a66ed60a726d5a5793daf6ad13450b79035913
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed