Whitepaper called Disable Dynamic Code Mitigation (ACG). This is part 4 of a 5 part series of papers.
d6f9a7c37019c5bda76e8bcb2576b76d7396ed3886e915eba4a11c4457397857Whitepaper called Exploit WNF Callback. This is part 3 of a 5 part series of papers.
9664b39e787231b3245fe5981dad6081e60b1c547f615b949c49188c2fdc68acWhitepaper called Bypass Start Address Protection. This is part 2 of a 5 part series of papers.
7f1148363cdafe6c6302691edd3a5e745e18c1d0354d7e0941671b45c94136f8Whitepaper called Process PE Injection Basics. This is part 1 of a 5 part series of papers.
e3f44c53dd19c10cacae6e12195ca0fa90ddcf9a48ae331f25cacf335673f889Ubuntu Security Notice 4382-2 - It was discovered that FreeRDP incorrectly handled certain memory operations. A remote attacker could use this issue to cause FreeRDP to crash, resulting in a denial of service, or possibly execute arbitrary code.
d5860c8506b5666dc46a3a7c65cb79624aa169a1973ac4908e04ba95c1b6e6a5Heroic Knowledge Base plugin versions 3.0.1 and below suffer from persistent cross site scripting vulnerabilities.
7a4e093a939db6b56c79e6e18346713b5ddeb5c5860021e95d8bb302c85869ceRuckus IoT Controller (Ruckus vRIoT) versions 1.5.1.0.21 and below suffer from a remote code execution vulnerability.
2fc45c8213ab8a388fd2c506e46f5e8fbb43c9aeb2121714585a97c541d245b0Best Support System version 3.0.4 suffers from a persistent cross site scripting vulnerability.
68c6369d65f3e57520f196002c91f012ad8285beaa85f031f7c8d94c780c736aZTE Blade Vantage Z839 Emode.APK android.uid.system local privilege escalation exploit.
5707c5e52a89bad056708a3134f79220ebdb442a447b95cba37c95cdb026d117WonderCMS version 3.1.3 suffers from a persistent cross site scripting vulnerability. Original finding for persistent cross site scripting in this version of WonderCMS is attributed to Hemant Patidar.
5c77636e1392acaaefaad99cda395188e1f61fbc280e529b78e09a0273f56e6cWordPress Accesspress Social Icons theme version 1.7.9 suffers from a remote SQL injection vulnerability.
df164b02a712cca62c1fad6d88d073af2a72295ef861341c2f8f29ebd0a7522fWhitepaper called Polymorph 2.0: Advanced Manipulation of Network Traffic in Real Time.
e5ac8813201b9d973504c8bdc82004c4d80f9f0ea8e739a04bf232734452f850WordPress Wibar theme version 1.1.8 suffers from a persistent cross site scripting vulnerability.
73f96aeabdfa4a381657b79f0976b3d526818debc9211d2f5f20c4b775df343aWordPress Age Gate plugin versions 2.13.4 and below suffer fro an open redirection vulnerability.
1fb8756a3c916898cce344aa523ef8ae14e2114dc3665716be68892817ef0afaLaravel Administrator version 4 suffers from an unrestricted file upload vulnerability.
74c5803bba9337c9b7130818986ce55f061af3504d643ca424705c78c6549aeaMoodle version 3.8 suffers from an arbitrary file upload vulnerability.
a9cbe04e1ae5b0954fb4c068ffb620caf8091229eed4b6b20f3d1a233d82572cWhitepaper called Artificial Intelligence for Cybersecurity.
07a01465c3427f06b58156024840a1918ec9bf8ad0766ba15f59b48adcceaf95SAP Lumira version 1.31 suffers from a persistent cross site scripting vulnerability.
c48f7f72a49c57ce6321d0329d4adddebc34c81e67fb458f34e70ccba7b45db2ElkarBackup version 1.3.3 suffers from persistent cross site scripting vulnerabilities. This notes a variant attack vector for the original vulnerability discovered in this version in August of 2020 by Enes Ozeser.
85b8dd9cab007f4c219a94a6d9873e8c304ac23b448399fb72639ecae566bbaaFujitsu Eternus Storage DX200 S4 fails to set cookies for authentication allowing for replay of URLs to achieve root level privileges.
b3af4414170dbf11ae1b1458bbf73e808b24a2d1a81c195e28fd817a8d07cf3eUbuntu Security Notice 4645-1 - It was discovered that Mutt incorrectly handled certain connections. An attacker could possibly use this issue to expose sensitive information.
40974b71abc02c87ba1d7b8553d11c4a5de5c436d7883c69d6c2de50a52ab5f9Ubuntu Security Notice 4647-1 - Multiple security issues were discovered in Thunderbird. If a user were tricked in to opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information across origins, bypass security restrictions, conduct phishing attacks, conduct cross-site scripting attacks, bypass Content Security Policy restrictions, conduct DNS rebinding attacks, or execute arbitrary code.
b799a1688deb058cde3b399b85a064c0ce0fb072287f0896f20914a36207ea00libupnp version 1.6.18 stack-based buffer overflow denial of service exploit.
c665463d311c71b0bbf8b9944f268c319f51af690479e42161c8e133fef477b0BigBlueButton versions 2.2.29 and below suffer from an e-mail validation bypass vulnerability.
031d8375835a9747b86dc8685d2fd4290b1fa5a947e48f5e3c9779e9b80de1ccUbuntu Security Notice 4648-1 - A large number of security issues were discovered in the WebKitGTK Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and arbitrary code execution.
9329705a4f46887cbcf168630eb1ce7ba05d2fd29d10fb7fcff1adf2a06b2315
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed