ShoreTel / Mitel Connect ONSITE ST14.2 suffers from a remote code execution vulnerability.
d6775f8fba2dee0067eb79a6bbafd88fRed Hat Security Advisory 2019-0094-01 - Redis is an advanced key-value store. It is often referred to as a data-structure server since keys can contain strings, hashes, lists, sets, and sorted sets. For performance, Redis works with an in-memory data set. You can persist it either by dumping the data set to disk every once in a while, or by appending each command to a log. Issues addressed include a code execution vulnerability.
0a8a34ac5fe8d795c162ea49204c9741Red Hat Security Advisory 2019-0054-01 - Ansible is a simple model-driven configuration management, multi-node deployment, and remote-task execution system. Ansible works over SSH and does not require any software or daemons to be installed on remote nodes. Extension modules can be written in any language and are transferred to managed machines automatically. Issues addressed include code execution and information leakage vulnerabilities.
ce0ec5ec5a1a30a4008850c12fe6b6beRed Hat Security Advisory 2019-0052-01 - Redis is an advanced key-value store. It is often referred to as a data-structure server since keys can contain strings, hashes, lists, sets, and sorted sets. For performance, Redis works with an in-memory data set. You can persist it either by dumping the data set to disk every once in a while, or by appending each command to a log. Issues addressed include a code execution vulnerability.
4ed5922b512c77f35fe4d1fa21fbdcefThis Metasploit module attempts to gain root privileges by exploiting a Python code injection vulnerability in blueman versions prior to 2.0.3. The org.blueman.Mechanism.EnableNetwork D-Bus interface exposes the set_dhcp_handler function which uses user input in a call to eval, without sanitization, resulting in arbitrary code execution as root. This module has been tested successfully with blueman version 1.23 on Debian 8 Jessie (x64).
733a4a54285c7ff07e42208a0ada25beRed Hat Security Advisory 2019-0059-01 - LibVNCServer is a C library that enables you to implement VNC server functionality into own programs. Issues addressed include a code execution vulnerability.
a92366eae97b49f94841d75837489282This Metasploit module is a Hootoo HT-05 remote code execution exploit.
fa059b2b46b435fe2cf3c134fddcbcaaWordPress topcsstools plugin version 1.0 suffers from open redirection and remote file inclusion vulnerabilities.
57f3ec1ca1ef194d2015913289b096f7Live Call Support version 1.5 suffers from code execution and remote SQL injection vulnerabilities.
b31903a1c6a7d1145659736655dd9fd6Umbraco CMS version 7.12.4 suffers from an authenticated remote code execution vulnerability.
9a9b815939910aa3497a6e6924e3d30eUbuntu Security Notice 3854-1 - A large number of security issues were discovered in the WebKitGTK+ Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and arbitrary code execution.
f8474b7b46329623febcb7514c73d299Wifi-soft Unibox Controllers versions 0.x through 0.2 suffer from code execution and command injection vulnerabilities.
37a9a3ae4b24d98cdbdcb798c75e9851Webgalamb suffers from remote code execution, cross site request forgery, cross site scripting, information leakage, and remote SQL injection vulnerabilities.
1c993ff1caf37847e75ec6a54088c49aRed Hat Security Advisory 2019-0022-01 - The keepalived utility provides simple and robust facilities for load balancing and high availability. The load balancing framework relies on the well-known and widely used IP Virtual Server kernel module providing layer-4 load balancing. Keepalived implements a set of checkers to dynamically and adaptively maintain and manage a load balanced server pool according to the health of the servers. Keepalived also implements the Virtual Router Redundancy Protocol to achieve high availability with director failover. Issues addressed include buffer overflow, code execution, and denial of service vulnerabilities.
b861d262ff7dc8c96c64b2ee9162c62aMarvell Avastar Wi-Fi chips used in Playstation, Xbox, Surfaces, and more suffer from an unauthenticated remote code execution vulnerability.
c954691b21daaf16dfadcb951b2c9668Vtiger CRM version 7.1.0 suffers from a remote code execution vulnerability.
3869808788ebfde77989dc318b32b0aeAdobe Flash Active-X plugin version 28.0.0.137 remote code execution proof of concept exploit.
745099c5c9dfdfabd731bfd2b7bb7138XMPlay version 3.8.3 local stack overflow exploit that results in code execution.
5146784259b886d41113810fd0991effFreeBSD Security Advisory - Due to insufficient validation of network-provided data it may be possible for a malicious attacker to craft a bootp packet which could cause a stack buffer overflow. It is possible that the buffer overflow could lead to a Denial of Service or remote code execution.
88112b48fbe7ec1d8945f0322a19ff3fThe erlang port mapper daemon is used to coordinate distributed erlang instances. Should an attacker get the authentication cookie, remote code execution is trivial. Usually, this cookie is named ".erlang.cookie" and varies on location.
ea980adef717ce0ec6960332056abbb6Red Hat Security Advisory 2018-3854-01 - The Network Time Protocol is used to synchronize a computer's time with another referenced time source. These packages include the ntpd service which continuously adjusts system time and utilities used to query and configure the ntpd service. Issues addressed include buffer overflow, code execution, and denial of service vulnerabilities.
b2f856e34366cabe69e4a0386ef0f418Red Hat Security Advisory 2018-3853-01 - The Network Time Protocol is used to synchronize a computer's time with another referenced time source. These packages include the ntpd service which continuously adjusts system time and utilities used to query and configure the ntpd service. Issues addressed include buffer overflow, code execution, and denial of service vulnerabilities.
00170d48cd3b41bc9014faed4c824124Rukovoditel Project Management CRM version 2.3.1 suffers from a remote code execution vulnerability.
bb4b1c852f4c2f4e19fe1e4a27ed7cb5Gentoo Linux Security Advisory 201812-7 - Multiple vulnerabilities have been found in SpamAssassin, the worst of which may lead to remote code execution. Versions prior to 3.4.2-r2 are affected.
2bdae83b43f64a7a41f342bfc8c7b2d2Facebook And Google Reviews System For Businesses version 1.1 suffers from a code execution vulnerability.
27b25a71e7b37c82f8af9b94139ec222
© 2019 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed