CASAP Automated Enrollment System version 1.0 suffers from an authentication bypass vulnerability.
535ea6fc08b41bb2412140d2c69c1c19Selea Targa IP OCR-ANPR Camera has a hard-coded password for a hidden and undocumented /dev.html page that enables the vendor to enable configuration upload / overwrite to the affected device using the checkManufacturer() function through an AJAX method. Multiple versions and firmwares are affected.
214aebd00c61892818653846edb0addaSelea Targa IP OCR-ANPR Camera suffers from a persistent cross site scripting vulnerability. Multiple versions and firmwares are affected.
c96a1da8081f5c2db7459923bd5b135fOracle WebLogic Server version 14.1.1.0 authenticated remote code execution exploit.
25e9422281b5e82bb03523d889add28cOATH Toolkit attempts to collect several tools that are useful when deploying technologies related to OATH, such as HOTP one-time passwords. It is a fork of the earlier HOTP Toolkit.
7f236b591be20f8fac50752a9b66b084Ubuntu Security Notice 4689-4 - USN-4689-3 fixed vulnerabilities in the NVIDIA server graphics drivers. This update provides the corresponding updates for the NVIDIA Linux DKMS kernel modules. It was discovered that the NVIDIA GPU display driver for the Linux kernel contained a vulnerability that allowed user-mode clients to access legacy privileged APIs. A local attacker could use this to cause a denial of service or escalate privileges. Various other issues were also addressed.
67b7fedb3c56827c3051283598dae0b9This Metasploit module exploits an authenticated directory traversal vulnerability in WordPress plugin Simple JobBoard versions prior to 2.9.3 to perform an arbitrary file read with the web server privileges.
f67aec0e1808a4048efded2042ded5a9Backdoor.Win32.Xel malware suffers from a remote authentication-related buffer overflow vulnerability.
86ce28c9e275557be43957e097c1a73aAnchor CMS version 0.12.7 suffers from a cross site request forgery vulnerability.
531e88f62d5b3b0859e9fbe1287e363cBackdoor.Win32.Verify.f malware has backdoors running on TCP ports 1906 and 1907 that do not require any authentication.
ca8e4a026f7a8a413a34154343153445Nagios XI version 5.7.5 suffers from multiple persistent cross site scripting vulnerabilities.
1ccaf139e2bb7184ac85d9e6f90a280bBackdoor.Win32.WinShell.30 malware suffers from remote stack buffer overflow and missing authentication vulnerabilities.
6b603f2efdd114008cbac8105f5cc6f7Apartment Visitors Management System version 1.0 suffers from a remote SQL injection vulnerability.
0edbfc8d53295d9ce8a93390535f3dd9Online Documents Sharing Platform version 1.0 suffers from a remote SQL injection vulnerability.
bf5533f3d60deec8f36fa526ef08214bBackdoor.Win32.Onalf malware has a backdoor running on TCP/2020 that does not require any authentication.
8413023933171cccf3cf8f346fc00dc6Backdoor.Win32.Zxman malware has a backdoor running on TCP/2048 that does not require any authentication.
e59d2f563516bdcc00be9a6bd0fe9c3eRed Hat Security Advisory 2021-0079-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the RPM packages for Red Hat OpenShift Container Platform 3.11.374. Issues addressed include crlf injection and man-in-the-middle vulnerabilities.
889d390eab1057d92e07376a987128afUbuntu Security Notice 4697-2 - USN-4697-1 fixed several vulnerabilities in Pillow. This update provides the corresponding update for Ubuntu 14.04 ESM. It was discovered that Pillow incorrectly handled certain PCX image files. If a user or automated system were tricked into opening a specially-crafted PCX file, a remote attacker could possibly cause Pillow to crash, resulting in a denial of service. Various other issues were also addressed.
710757898267e7364668015c59fe295cUbuntu Security Notice 4689-3 - It was discovered that the NVIDIA GPU display driver for the Linux kernel contained a vulnerability that allowed user-mode clients to access legacy privileged APIs. A local attacker could use this to cause a denial of service or escalate privileges. It was discovered that the NVIDIA GPU display driver for the Linux kernel did not properly validate a pointer received from userspace in some situations. A local attacker could use this to cause a denial of service. Various other issues were also addressed.
770df623c2eb7e3a6a906c87fae96947Ubuntu Security Notice 4701-1 - Multiple security issues were discovered in Thunderbird. If a user were tricked in to opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, bypass the CSS sanitizer, or execute arbitrary code. It was discovered that the proxy.onRequest API did not catch view-source URLs. If a user were tricked in to installing an extension with the proxy permission and opening View Source, an attacker could potentially exploit this to obtain sensitive information. Various other issues were also addressed.
d5be7805a4212cf046f8575dfc0f5c39Red Hat Security Advisory 2021-0034-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. Issues addressed include XML injection, crlf injection, and information leakage vulnerabilities.
e62587459bb9d69e6473529a4b2a2763Backdoor.Win32.Whisper.b malware suffers from a remote stack corruption vulnerability.
4bd5113d73f55e63e170f6485cf89911Oracle Business Intelligence Enterprise Edition version 11.1.1.7.140715 suffers from a persistent cross site scripting vulnerability.
c448226654355b79bade72089c37c5baBackdoor.Win32.Whirlpool.10 malware suffers from a remote stack buffer overflow vulnerability.
c3d3b273680f8c02a4ca076c42f19836Backdoor.Win32.Zombam.geq malware suffers from a remote buffer overflow vulnerability.
0e05a63a804977c46a87862508e94e15
© 2020 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed