Debian Linux Security Advisory 4669-1 - Multiple vulnerabilities were discovered in Node.js, which could result in denial of service or HTTP request smuggling.
6f962b4fe577287f2ccb2224302c35d90acb45019bf2b11ea4da941e04961852Debian Linux Security Advisory 4670-1 - Several vulnerabilities have been found in the TIFF library, which may result in denial of service or the execution of arbitrary code if malformed image files are processed.
c1a1ebb800f6eea3aa3c362bdcbbdcb9cabe3c24343edfae3ba875a383aaefabDebian Linux Security Advisory 4671-1 - Multiple security issues were discovered in the microdns plugin of the VLC media player, which could result in denial of service or potentially the execution of arbitrary code via malicious mDNS packets.
ef9df0bd2be4dedf52d06e6a738551173e591d33d7bf4295bffdcb2548c9f31fChrome suffers from an out-of-bounds access vulnerability in ReadableStream::Close.
0c4354e2d883e9008f418c20b53a6697d384f98bd55b8f13e5cac05115930417Ubuntu Security Notice 4338-2 - USN-4338-1 fixed vulnerabilities in re2c. This update provides the corresponding update for Ubuntu 20.04 LTS. Agostino Sarubbo discovered that re2c incorrectly handled certain files. An attacker could possibly use this issue to execute arbitrary code.
111314c54b9b0198e6000babc7ca755e61ae2e0c40eb58e4f903b959ee643c63File Explorer version 1.4 for iOS suffers from an information disclosure vulnerability.
ea14301d1a375382b614cf4695eb405fac6da803f565cb546fa482ea056bcd0dTransfer Master version 3.3 for iOS suffers from a denial of service vulnerability.
b9a6596f4343d975491387b6c0efd8201358ab2d43217453fd2b457c61b63294Suricata is a network intrusion detection and prevention engine developed by the Open Information Security Foundation and its supporting vendors. The engine is multi-threaded and has native IPv6 support. It's capable of loading existing Snort rules and signatures and supports the Barnyard and Barnyard2 tools.
34413ecdad2ff2452526dbcd22f1279afd0935151916c0ff9cface4b0b5665dbInternet Download Manager version 6.37.11.1 suffers from multiple stack buffer overflow vulnerabilities.
bf2fbd139c8279731a36484b54ed8b9dfec5b99d1a3463612d1cff48e2e54c22File Sharing and Chat version 1.0 for iOS suffers from a denial of service vulnerability.
c66a7b587e5d56766ddbffc738da93fb383a62c08ea701cd5be6321bcf2549eaEasy Transfer version 1.7 for iOS suffers from cross site scripting and directory traversal vulnerabilities.
e1d1fd4ef3b5d9a2ecd4486677c8c2bdaa9be2ff977e3a1ce3b6718426fcbd30POS PHP version 17.5 suffers from a persistent cross site scripting vulnerability.
a24c577a1837fe0e01c8f850e815ccb6880ac3cc82183ecb01fba5cc4d24c170Project Open CMS version 5.0.3 suffers from cross site scripting and remote SQL injection vulnerabilities.
1a14c43e8e776ffb0cdf4814275e7f3eee3b30b80b2c854c7de80565a739e301Ubuntu Security Notice 4340-1 - It was discovered that CUPS incorrectly handled certain language values. A local attacker could possibly use this issue to cause CUPS to crash, leading to a denial of service, or possibly obtain sensitive information. This issue only applied to Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, and Ubuntu 19.10. Stephan Zeisberg discovered that CUPS incorrectly handled certain malformed ppd files. A local attacker could possibly use this issue to execute arbitrary code. Various other issues were also addressed.
ccfd27d16a20c2accb7df3037e5f1940fecb8a018bc426b2324a65ea0a940d99Ubuntu Security Notice 4332-2 - USN-4332-1 fixed vulnerabilities in File Roller. This update provides the corresponding update for Ubuntu 20.04 LTS. It was discovered that File Roller incorrectly handled symlinks. An attacker could possibly use this issue to expose sensitive information.
4788ccc8c468f49f1ab170252efde183c81d0510664b3538867867134fb4f7dcSource Engine CS:GO BuildID: 4937372 arbitrary code execution exploit.
ffd749992e5cb493cb63add16c6e88efcfea4c67c1c4ca5e4e2fc218d45b13acCloudMe version 1.11.2 buffer overflow proof of concept exploit. Original vulnerability discovered by hyp3rlinx.
ed65bed8b662b7e2d11fe184fc29b26b92fddd08fc3a706685a4125ca60acc16This tool enumerates hostnames from Bing.com for an IP address. Bing.com is Microsoft's search engine which has an IP: search parameter. Written in Bash for Linux. Requires wget.
1edf0c378bb51329cb87cf581499ceb5bf11db8419e73a8fb388b9e4cee169fcThis Metasploit module exploit leverages a vulnerability in Docker Desktop Community Edition versions prior to 2.1.0.1 where an attacker can write a payload to a lower-privileged area to be executed automatically by the docker user at login.
eaa66458a1be58495d72ac8518ba2b5c7ce4adda66caa2a735da2834489bbc19Ubuntu Security Notice 4339-1 - Brandon Perry discovered that OpenEXR incorrectly handled certain malformed EXR image files. If a user were tricked into opening a crafted EXR image file, a remote attacker could cause a denial of service, or possibly execute arbitrary code. This issue only applied to Ubuntu 20.04 LTS. Tan Jie discovered that OpenEXR incorrectly handled certain malformed EXR image files. If a user were tricked into opening a crafted EXR image file, a remote attacker could cause a denial of service, or possibly execute arbitrary code. This issue only applied to Ubuntu 20.04 LTS. Various other issues were also addressed.
e426962a70c8b7a825343e78d2aa05c9659d4fa3b96aadd08d37b33f414c786eGeeklog version 2.2.1 suffers from a remote SQL injection vulnerability.
3987cd81d2356bb96e526b3ae6284b3627084e01a5b51be5398a58f8623f4271Maian Support Helpdesk version 4.3 suffers from a cross site request forgery vulnerability.
f732247ccd77724c59068dc011d5274b4885e3e2c6c70dc88526101f88b9bf95Online Course Registration 2.0 suffers from authentication bypass and remote SQL injection vulnerabilities.
26afb62846a4c92f004b9a7cac3b03d936d7e88b0188192473b7c8520d10e860Online Shopping System Advanced version 1.0 suffers from a remote SQL injection vulnerability.
efd5a9f3f1e40344af3a00a4925ab9ad0d45b69728c9be5f76f013c50f4795fbGeeklog version 2.2.1 suffers from a cross site scripting vulnerability.
f09b4321392d46cac96cfb38a413370b837f5d321c2ff8238902c285c9a2ac84
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed