CASAP Automated Enrollment System version 1.0 suffers from an authentication bypass vulnerability.
535ea6fc08b41bb2412140d2c69c1c19
Selea Targa IP OCR-ANPR Camera has a hard-coded password for a hidden and undocumented /dev.html page that enables the vendor to enable configuration upload / overwrite to the affected device using the checkManufacturer() function through an AJAX method. Multiple versions and firmwares are affected.
214aebd00c61892818653846edb0adda
Selea Targa IP OCR-ANPR Camera suffers from a persistent cross site scripting vulnerability. Multiple versions and firmwares are affected.
c96a1da8081f5c2db7459923bd5b135f
Oracle WebLogic Server version 14.1.1.0 authenticated remote code execution exploit.
25e9422281b5e82bb03523d889add28c
OATH Toolkit attempts to collect several tools that are useful when deploying technologies related to OATH, such as HOTP one-time passwords. It is a fork of the earlier HOTP Toolkit.
7f236b591be20f8fac50752a9b66b084
Ubuntu Security Notice 4689-4 - USN-4689-3 fixed vulnerabilities in the NVIDIA server graphics drivers. This update provides the corresponding updates for the NVIDIA Linux DKMS kernel modules. It was discovered that the NVIDIA GPU display driver for the Linux kernel contained a vulnerability that allowed user-mode clients to access legacy privileged APIs. A local attacker could use this to cause a denial of service or escalate privileges. Various other issues were also addressed.
67b7fedb3c56827c3051283598dae0b9
This Metasploit module exploits an authenticated directory traversal vulnerability in WordPress plugin Simple JobBoard versions prior to 2.9.3 to perform an arbitrary file read with the web server privileges.
f67aec0e1808a4048efded2042ded5a9
Backdoor.Win32.Xel malware suffers from a remote authentication-related buffer overflow vulnerability.
86ce28c9e275557be43957e097c1a73a
Anchor CMS version 0.12.7 suffers from a cross site request forgery vulnerability.
531e88f62d5b3b0859e9fbe1287e363c
Backdoor.Win32.Verify.f malware has backdoors running on TCP ports 1906 and 1907 that do not require any authentication.
ca8e4a026f7a8a413a34154343153445
Nagios XI version 5.7.5 suffers from multiple persistent cross site scripting vulnerabilities.
1ccaf139e2bb7184ac85d9e6f90a280b
Backdoor.Win32.WinShell.30 malware suffers from remote stack buffer overflow and missing authentication vulnerabilities.
6b603f2efdd114008cbac8105f5cc6f7
Apartment Visitors Management System version 1.0 suffers from a remote SQL injection vulnerability.
0edbfc8d53295d9ce8a93390535f3dd9
Online Documents Sharing Platform version 1.0 suffers from a remote SQL injection vulnerability.
bf5533f3d60deec8f36fa526ef08214b
Backdoor.Win32.Onalf malware has a backdoor running on TCP/2020 that does not require any authentication.
8413023933171cccf3cf8f346fc00dc6
Backdoor.Win32.Zxman malware has a backdoor running on TCP/2048 that does not require any authentication.
e59d2f563516bdcc00be9a6bd0fe9c3e
Red Hat Security Advisory 2021-0079-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the RPM packages for Red Hat OpenShift Container Platform 3.11.374. Issues addressed include crlf injection and man-in-the-middle vulnerabilities.
889d390eab1057d92e07376a987128af
Ubuntu Security Notice 4697-2 - USN-4697-1 fixed several vulnerabilities in Pillow. This update provides the corresponding update for Ubuntu 14.04 ESM. It was discovered that Pillow incorrectly handled certain PCX image files. If a user or automated system were tricked into opening a specially-crafted PCX file, a remote attacker could possibly cause Pillow to crash, resulting in a denial of service. Various other issues were also addressed.
710757898267e7364668015c59fe295c
Ubuntu Security Notice 4689-3 - It was discovered that the NVIDIA GPU display driver for the Linux kernel contained a vulnerability that allowed user-mode clients to access legacy privileged APIs. A local attacker could use this to cause a denial of service or escalate privileges. It was discovered that the NVIDIA GPU display driver for the Linux kernel did not properly validate a pointer received from userspace in some situations. A local attacker could use this to cause a denial of service. Various other issues were also addressed.
770df623c2eb7e3a6a906c87fae96947
Ubuntu Security Notice 4701-1 - Multiple security issues were discovered in Thunderbird. If a user were tricked in to opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, bypass the CSS sanitizer, or execute arbitrary code. It was discovered that the proxy.onRequest API did not catch view-source URLs. If a user were tricked in to installing an extension with the proxy permission and opening View Source, an attacker could potentially exploit this to obtain sensitive information. Various other issues were also addressed.
d5be7805a4212cf046f8575dfc0f5c39
Red Hat Security Advisory 2021-0034-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. Issues addressed include XML injection, crlf injection, and information leakage vulnerabilities.
e62587459bb9d69e6473529a4b2a2763
Backdoor.Win32.Whisper.b malware suffers from a remote stack corruption vulnerability.
4bd5113d73f55e63e170f6485cf89911
Oracle Business Intelligence Enterprise Edition version 11.1.1.7.140715 suffers from a persistent cross site scripting vulnerability.
c448226654355b79bade72089c37c5ba
Backdoor.Win32.Whirlpool.10 malware suffers from a remote stack buffer overflow vulnerability.
c3d3b273680f8c02a4ca076c42f19836
Backdoor.Win32.Zombam.geq malware suffers from a remote buffer overflow vulnerability.
0e05a63a804977c46a87862508e94e15