This Metasploit module exploits an authenticated command injection vulnerability in the SonicWall SMA 100 series web interface. Exploitation results in command execution as root. The affected versions are 10.2.1.2-24sv and below, 10.2.0.8-37sv and below, and 9.0.0.11-31sv and below.
0ce8774c4d2bc66ac41f71ecbff4807d4b19a6c901b562b9cc8fa6b0d492c6beClam AntiVirus is an anti-virus toolkit for Unix. The main purpose of this software is the integration with mail servers (attachment scanning). The package provides a flexible and scalable multi-threaded daemon, a command-line scanner, and a tool for automatic updating via Internet. The programs are based on a shared library distributed with the Clam AntiVirus package, which you can use in your own software.
3e45e46d9aaeb3a6956ed30376237ab7c4cd9573bc0f5d6fc15c588d30978d9dChrome suffers from a memory corruption vulnerability in IPC::ChannelAssociatedGroupController due to interface ID reuse.
23b2104d82495d408d6c49e60967e71884e4e77854a1cebb576ccad92a937b92The EFSRPC service on Microsoft Windows Server versions 2019 and 2022 does not prevent a caller specifying a local device path allowing any authenticated user to upload arbitrary files to a server.
69dcaa165fe62179a42fd16409e133c7034c05be0577fdf672a5a01f4c88b8f8Apple ColorSync suffers from out-of-bounds read vulnerabilities due to integer overflows in curve table initialization.
55736f35713879a403e9db74f555530baf0f44d465185f687162ed25742170f4RLM version 14.2 suffers from a cross site scripting vulnerability.
57ad193d561637ec4a808f6a4b45a152a2b8d6aad877e9acf2e23d71081e4d74Ubuntu Security Notice 5227-1 - It was discovered that Pillow incorrectly handled certain image files. If a user or automated system were tricked into opening a specially-crafted file, a remote attacker could cause Pillow to hang, resulting in a denial of service. It was discovered that Pillow incorrectly handled certain image files. If a user or automated system were tricked into opening a specially-crafted file, a remote attacker could cause Pillow to crash, resulting in a denial of service. This issue ony affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 21.04.
e153ce77b95ef84831e401c530f510fa66c280803862ddaf1ee1e621fa43d04fOnline Diagnostic Lab Management System version 1.0 suffers from an account takeover vulnerability.
8fb255fe4f6dca7bdf67bd7c3822520feadb1c87b5a00b1c36aaadc6d2e79817Ubuntu Security Notice 5224-2 - USN-5224-1 fixed several vulnerabilities in Ghostscript. This update provides the corresponding update for Ubuntu 16.04 ESM. It was discovered that Ghostscript incorrectly handled certain PostScript files. If a user or automated system were tricked into processing a specially crafted file, a remote attacker could possibly use this issue to cause Ghostscript to crash, resulting in a denial of service, or possibly execute arbitrary code.
fbe64140fc736f1c150a2805ede5f67e63c7be8d7633a318ce81207aaddd2183Ubuntu Security Notice 5223-1 - It was discovered that Apache Log4j 1.2 was vulnerable to deserialization of untrusted data if the configuration file was editable. An attacker could use this vulnerability to cause a DoS or possibly execute arbitrary code.
7e6ac7124cb81b224f23e6ce58a4e4ec43fbed1ad62e5886a43476ddc00824afRed Hat Security Advisory 2022-0124-04 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 91.5.0 ESR. Issues addressed include buffer overflow, bypass, spoofing, and use-after-free vulnerabilities.
4fc2ee9b8efa90a3da52ee95cc7f2493d45c7daa885d6f1bd9936371b4a5b0eeRed Hat Security Advisory 2022-0026-06 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.6.53. Issues addressed include a denial of service vulnerability.
451c409b763f0df46d3dc6e67675c9a195202dd0c8116f0345b2af81afa16600Online Diagnostic Lab Management System version 1.0 suffers from a persistent cross site scripting vulnerability.
2b9055b3579475960b1bfce7d826d4704f0a8f8285951e40f9b5ba7f6c36dae4Red Hat Security Advisory 2022-0125-03 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 91.5.0 ESR. Issues addressed include buffer overflow, bypass, spoofing, and use-after-free vulnerabilities.
6b071071b16fa74958c8b3d2e7102ec5df8f0061df267ed887ebb5659ba0835dRed Hat Security Advisory 2022-0123-02 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 91.5.0. Issues addressed include buffer overflow, bypass, spoofing, and use-after-free vulnerabilities.
0c89cbb3fde1e7b28129b7dcc3e34b0152695765bd9e524885a375f723157de6Red Hat Security Advisory 2022-0126-03 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 91.5.0 ESR. Issues addressed include buffer overflow, bypass, spoofing, and use-after-free vulnerabilities.
4940f67f07cee5589630f8b2f496da5371c0ec09c6e2b3e50326e11fb4e139a3Online Diagnostic Lab Management System version 1.0 suffers from a remote SQL injection vulnerability.
d534fae8d3ba7995cb8d2c0f931eb5e90e138b44966628271c1ceb32d3ba6f03Red Hat Security Advisory 2022-0128-02 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 91.5.0. Issues addressed include buffer overflow, bypass, spoofing, and use-after-free vulnerabilities.
a78c666842f57be8fc5e51a0fa95bd7c8a8345ca6808aaae845e341be462980dRed Hat Security Advisory 2022-0130-03 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 91.5.0 ESR. Issues addressed include buffer overflow, bypass, spoofing, and use-after-free vulnerabilities.
f5ebaacb12049b0e71eecab713d3741c143562c209cd5ee4307f953a6bbb4f57Red Hat Security Advisory 2022-0129-02 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 91.5.0. Issues addressed include buffer overflow, bypass, spoofing, and use-after-free vulnerabilities.
228a556d1428371d8e7edd4a4b2923110fb2c24419b1ba73143c70fec99fb888Red Hat Security Advisory 2022-0131-02 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 91.5.0. Issues addressed include buffer overflow, bypass, spoofing, and use-after-free vulnerabilities.
2079ca35343273aef08a5ac0d4e3aee4327dd85613331e7370a517db74996132Ubuntu Security Notice 5226-1 - It was discovered that systemd-tmpfiles employed uncontrolled recursion when removing deeply nested directory hierarchies. A local attacker could exploit this to cause systemd-tmpfiles to crash or have other unspecified impacts.
9ccdd1577468048ddb8b6be07d369ed84b6bc41eb83db2f6ba7a61c4cc93f83eUbuntu Security Notice 5210-2 - USN-5210-1 fixed vulnerabilities in the Linux kernel. Unfortunately, that update introduced a regression that caused failures to boot in environments with AMD Secure Encrypted Virtualization enabled. This update fixes the problem.
e3346a86e14d19f527583fd7bd863d075a726e9e3b106f07da844d9e99c33e20WordPress Core version 5.8.2 suffers from a remote SQL injection vulnerability.
290da5cda0c4555d189721910ddbcdad3d2627d4297306b55fc39785acd1346aRed Hat Security Advisory 2022-0132-03 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 91.5.0 ESR. Issues addressed include buffer overflow, bypass, spoofing, and use-after-free vulnerabilities.
e5608b86f0cfa7df4351cffa352109de8c259e81d0c72d0502ccbd18da613785
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed