AVE DOMINAplus versions 1.10.x and below suffer from a credential disclosure vulnerability.
fb23f97bb7a796b24603f52ab2b6237866cb0d5e5d1fcbe46e9cb2975bf4d6cd
AVE DOMINAplus versions 1.10.x and below suffer from an authentication bypass vulnerability.
f4c090245182d4f6d5c066262ce9a85e46956fbae937da321ffabb01e83bb924
AVE DOMINAplus versions 1.10.x and below suffer from an unauthenticated remote reboot vulnerability.
a9ed27231fe14524b9a83ea6aec6bd283fc0d8952d4f7d92cb016a614a545fbf
AVE DOMINAplus versions 1.10.x and below suffer from cross site request forgery and cross site scripting vulnerabilities.
6dbdb199228eb07a4d22d2601beb616d58332dc982ea7ad25070d0a60cc50f85
Debian Linux Security Advisory 4593-1 - It was found that freeimage, a graphics library, was affected by the heap buffer overflow and stack exhaustion vulnerabilities.
4ebdd4858626576870687736dfb6bbf6dc59bf2ac9dcf517ef5a2dd786183e7b
Debian Linux Security Advisory 4592-1 - It was discovered that the Title blacklist functionality in MediaWiki, a website engine for collaborative work, could by bypassed.
bb20c7cf79bcabae820f69665eb8d16f0f0eb6ff267718a901d2578df8890394
Microsoft Exchange Server 2013 CU22 and previous versions suffer from an external service interaction issue.
97ae1cdfb14b6b4713dcecd41c04b196d03d7a204cae20790fa60f8db0e26eaa
Debian Linux Security Advisory 4591-1 - Stephan Zeisberg reported an out-of-bounds write vulnerability in the _sasl_add_string() function in cyrus-sasl2, a library implementing the Simple Authentication and Security Layer. A remote attacker can take advantage of this issue to cause denial-of-service conditions for applications using the library.
4db92c809e74e626ad26cbe38cd7f796e781962de618ac889bc9c491e03a3624
Slackware Security Advisory - New tigervnc packages are available for Slackware 14.2 and -current to fix security issues.
3761322629c9c5cd98ffac11bc9c7d21c77149de443b8fc3a1a74626a8aca9e2
Slackware Security Advisory - New openssl packages are available for Slackware 14.2 and -current to fix a security issue.
ac183b8e752e5f00b1fc5cc6180eb2594a11d4d02915f3992ca665a26a46e860
Domain Quester Pro version 6.02 suffers from a stack overflow vulnerability.
73039072ad383a4d73b3992138c7fcd16c858b30ebd3ef28e5287f2590cb2c90
RICOH Web Image Monitor version 1.09 suffers from an html injection vulnerability.
8180640735b664e85f8a594c65145568ddb2f0c241577fe3aa04fc5bf43cfb49
Heatmiser Netmonitor version 3.03 suffers from an html injection vulnerability.
d7b591bcf03744af35693fba3356137a4e003ba42419844a9812bbe7f8bc480d
XEROX WorkCentre 6655 Printer suffers from a cross site request forgery vulnerability.
d5f3095808c02e6ca61f02cd21215c35e1a9f78fc566355963fa1e13d8ebbe86
XEROX WorkCentre 7855 Printer suffers from a cross site request forgery vulnerability.
77612bad456f1d37fe3057a6a4ecdc4f10cb1375b19fd8806b790dfe3624e621
XEROX WorkCentre 7830 Printer suffers from a cross site request forgery vulnerability.
722ddad24a74446b88461671c5e4dc983e78cbc0412958c4505fc5c3cd41415a
117 bytes small Linux/x86 encoding of random bytes + XOR/SUB/NOT/ROR and also decodes ROL/NOT/ADD/XOR execve(/bin/sh) shellcode.
b82dfb8d4d91af3595f567041ee05b15504b8214cc59b1d265373db0258eb1ba
This whitepaper covers a new technique that utilizes DLL injection to inject a custom DLL into a running vulnerable process to add a POP POP RET sequence in the scenario that the vulnerable program does not include any null byte free sequences. This is a useful technique to exploit SEH buffer overflow attacks successfully.
74df8ee5ae7f9410a55a3ced1546454f896ed3cdd356c8ffd56a51dee01fc0db
A vulnerability exists in CA Client Automation that can allow a local attacker to gain escalated privileges. CA published solutions to address the vulnerability and recommends that all affected customers implement the applicable solution. The vulnerability, CVE-2019-19231, occurs due to insecure file access by the agent services. A local attacker may exploit this vulnerability to execute arbitrary commands with escalated privileges on an installation of the Client Automation agent. The Windows agent in CA Client Automation versions 14.0, 14.1, 14.2, and 14.3 are affected.
f83b28b09c7c76554eda487fcb8f48e6c31754eb1815d5deca6571ca3cc74d47
Prime95 version 29.8 build 6 SEH buffer overflow exploit.
40e427bd212ab4a7abfeab0080a1cb64d1d519cd8464b3d962d69e93abc61d4c
This Metasploit module uses Reptile rootkit's reptile_cmd backdoor executable to gain root privileges using the root command. This module has been tested successfully with Reptile from master branch (2019-03-04) on Ubuntu 18.04.3 (x64) and Linux Mint 19 (x64).
8186f5f11335f41fb98ec8db0d3d1fb55357e44c311a504e72b4a26781481cf4
This Metasploit module exploits a vulnerability in the rds_page_copy_user function in net/rds/page.c (RDS) in Linux kernel versions 2.6.30 to 2.6.36-rc8 to execute code as root (CVE-2010-3904). This module has been tested successfully on Fedora 13 (i686) kernel version 2.6.33.3-85.fc13.i686.PAE and Ubuntu 10.04 (x86_64) with kernel version 2.6.32-21-generic.
bc46d127784cc25a8eebe3568a7dc33efb953a22d3a6de8a44f9394b892ee0c6
Red Hat Security Advisory 2019-4361-01 - A library to handle bidirectional scripts, so that the display is done in the proper way, while the text data itself is always written in logical order. Issues addressed include buffer overflow, code execution, and denial of service vulnerabilities.
8fb50e20295bd9ecc4cbcc8d48352c1e7358fa6fbaaf0d25dbdbee7024c335c5
Red Hat Security Advisory 2019-4360-01 - The libyang package provides a library for YANG data modeling language. libyang is a YANG data modelling language parser and toolkit written in C. The library is used e.g. in libnetconf2, Netopeer2, sysrepo and FRRouting projects. Issues addressed include a buffer overflow vulnerability.
be3166a5b5988a969e5b240bb3ab3ef561a9e2a0ed082e45d7449b9601d02f95
FreeSWITCH version 1.10.1 suffers from a command execution vulnerability.
cf5fac441e8fe1dc7aaac84e56a66ed60a726d5a5793daf6ad13450b79035913