Rmedia SMS version 1.0 suffers from a remote SQL injection vulnerability.
69b61489537815a9bc0f6f3b834adfe3Debian Linux Security Advisory 4339-1 - Multiple vulnerabilities were discovered in Ceph, a distributed storage replay attacks and calculated signatures incorrectly, "ceph mon" did not validate capabilities for pool operations (resulting in potential corruption or deletion of snapshot images) and a format string vulnerability in libradosstriper could result in denial of service.
7d33268d994527eabee05d8428f919cbVMware Security Advisory 2018-0028 - VMware vRealize Log Insight updates address an authorization bypass vulnerability.
2f99ece85e71d427276816027fbcb32eIn this article, the author explores ways to bypass protection methods using the PHP Stream Wrappers, which are responsible for handling protocol related tasks like downloading data from a web or ftp server and exposing it in a way in that it can be handled with PHP's stream related functions.
a947e8c1cb30f07e7cee7d234092661eNotepad3 version 1.0.2.350 suffers from a denial of service vulnerability.
cc2e1400dc9c8cc01e4c98b83443c900Bosch Video Management System version 8.0 suffers from a denial of service vulnerability.
c64d359d394005dfe72e150b6b1393ccAMPPS version 2.7 suffers from a denial of service vulnerability.
5a662a2e27f5bddb9aaddc384334645entpd version 4.2.8p10 out-of-bounds read proof of concept exploit.
a3796c56972d661561564cb59bda9084PHP version 5.2.3 (Debian) suffers from an imap imap_open disable functions bypass vulnerability.
aa9bfde85a72aab2622a5ce32e492d2aEdTv version 2 suffers from a remote SQL injection vulnerability.
e966aab7a8fdd341d84896fcf2babdaeElectricks eCommerce version 1.0 suffers from a cross site request forgery vulnerability.
bcbec16be799a5e30c3796e451952ee6Helpdezk version 1.1.1 suffers from a remote SQL injection vulnerability.
9665621c8f06fb02864833dbae7f9d1aiServiceOnline version 1.0 suffers from a remote SQL injection vulnerability.
2c873210bdc05287e1551418ab2db6afThis Metasploit module can be used to execute a payload on Atlassian Jira via the Universal Plugin Manager(UPM). The module requires valid login credentials to an account that has access to the plugin manager. The payload is uploaded as a JAR archive containing a servlet using a POST request against the UPM component. The check command will test the validity of user supplied credentials and test for access to the plugin manager.
cf80c47ca31e937db6c99f242138638cUbuntu Security Notice 3817-1 - It was discovered that Python incorrectly handled large amounts of data. A remote attacker could use this issue to cause Python to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 14.04 LTS and Ubuntu 16.04 LTS. It was discovered that Python incorrectly handled running external commands in the shutil module. A remote attacker could use this issue to cause Python to crash, resulting in a denial of service, or possibly execute arbitrary code. Various other issues were also addressed.
bda0cfe521f33d1b63239f522962f9bdSwitchVPN for MacOS and Windows version 2.1012.03 suffers from a man-in-the-middle vulnerability.
153eca5a67151dfcc54cf29537fdf8d8This Microsoft bulletin summary lists a new CVE that has been added to the November advisory.
028ffe1734d1def1f3922da99ade75baRed Hat Security Advisory 2018-3601-01 - OpenStack Block Storage manages block storage mounting and the presentation of such mounted block storage to instances. The backend physical storage can consist of local disks, or Fiber Channel, iSCSI, and NFS mounts attached to Compute nodes. Issues addressed include a failure to delete data.
f5ed118fdc0a9adac8fd4edb6a26fd32OCS Inventory NG suffers from an ocsreports authenticated remote code execution vulnerability via a shell upload.
cdb899f87fd086c3c20bd02fe32b2495Red Hat Security Advisory 2018-3600-01 - The python-cryptography packages contain a Python Cryptographic Authority's cryptography library, which provides cryptographic primitives and recipes to Python developers. Issues addressed include a tag forgery vulnerability.
a79c131ad67e1fec236a2fb4689f7047Alive Parish version 2.0.4 suffers from remote file upload and remote SQL injection vulnerabilities.
d2b89a0fba49d3310072b02564c19b23Maitra Mail Tracking System version 1.7.2 suffers from remote SQL injection and database file download vulnerabilities.
86aba8317aa0330247caef28b3a1085eThis Microsoft summary lists Microsoft security updates released for November 13, 2018.
3c58076581e35e0c6653b47e13026c27This Microsoft advisory notification includes advisories released or updated on November 13, 2018.
ab2b6a3b5c94db84e6fb92d37be5fbd1SIPve version 0.0.2-R19 suffers from a remote SQL injection vulnerability.
a352d2c6c1b7eb37ff5d978338811fe6
© 2018 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed