OCS Inventory NG suffers from an ocsreports authenticated remote code execution vulnerability via a shell upload.
cdb899f87fd086c3c20bd02fe32b2495Red Hat Security Advisory 2018-3581-01 - Red Hat JBoss BRMS is a business rules management system for the management, storage, creation, modification, and deployment of JBoss Rules. This asynchronous patch is a security update for the RichFaces package in standalone versions of Red Hat JBoss BRMS 5.3.1. Issues addressed include a code execution vulnerability.
f4ddd3c24ada00f6a7f35e7863191fddCisco Prime Infrastructure (CPI) contains two basic flaws that when exploited allow an unauthenticated attacker to achieve remote code execution. The first flaw is a file upload vulnerability that allows the attacker to upload and execute files as the Apache Tomcat user; the second is a privilege escalation to root by bypassing execution restrictions in a SUID binary. This Metasploit module exploits these vulnerabilities to achieve unauthenticated remote code execution as root on the CPI default installation. This Metasploit module has been tested with CPI 3.2.0.0.258 and 3.4.0.0.348. Earlier and later versions might also be affected, although 3.4.0.0.348 is the latest at the time of writing. The file upload vulnerability should have been fixed in versions 3.4.1 and 3.3.1 Update 02.
2c9170145359581c4c8d1c13f564bce3Red Hat Security Advisory 2018-3541-01 - Git is a distributed revision control system with a decentralized architecture. As opposed to centralized version control systems with a client-server model, Git ensures that each working copy of a Git repository is an exact copy with complete revision history. This not only allows the user to work on and contribute to projects without the need to have permission to push the changes to their official repositories, but also makes it possible for the user to work with no network connection. Issues addressed include a code execution vulnerability.
02056a6b619ec2a8fa0aa05d6ea83471Gentoo Linux Security Advisory 201811-1 - Multiple vulnerabilities have been found in X.Org X11 library, the worst of which could allow for remote code execution. Versions less than 1.6.6 are affected.
55133b7ee4b717c649a3eb630beef5fbHP Security Bulletin MFSBGN03829 1 - A potential vulnerability has been identified in the Operations Bridge Manager capability of the Micro Focus Operations Bridge containerized suite. The vulnerability could be exploited to remote code execution and information disclosure. Revision 1 of this advisory.
129b8eb6c45a0b42e3969e743a7a99b4Red Hat Security Advisory 2018-3519-01 - Red Hat JBoss SOA Platform is the next-generation ESB and business process automation infrastructure. Red Hat JBoss SOA Platform allows IT to leverage existing, modern, and future integration methodologies to dramatically improve business process execution speed and quality. This asynchronous patch is a security update for the RichFaces package in Red Hat JBoss SOA Platform 5.3.1. Issues addressed include a code execution vulnerability.
3479ca717bf7c0d9c212c6617797d4c0Red Hat Security Advisory 2018-3518-01 - Red Hat JBoss Enterprise Application Platform is a platform for Java applications based on the JBoss Application Server. This asynchronous patch is a security update for the RichFaces package in Red Hat JBoss Enterprise Application Platform 5.2. Issues addressed include a code execution vulnerability.
35c9c612e4336ae11c1cd24410f6f816Red Hat Security Advisory 2018-3517-01 - Red Hat JBoss Enterprise Application Platform is a platform for Java applications based on the JBoss Application Server. This asynchronous patch is a security update for the RichFaces package in Red Hat JBoss Enterprise Application Platform 5.2. Issues addressed include a code execution vulnerability.
02f8174afa222a00c5a275aaaff8aa54CMS Made Simple version 2.2.7 suffers from a remote code execution vulnerability.
95bdf9a227120d10805c8f1a40f72d42CentOS Web Panel versions 0.9.8.740 and below suffer from cross site request forgery and cross site scripting vulnerabilities that can be leveraged to achieve remote root command execution.
4423810363465943242d5484d215e474Red Hat Security Advisory 2018-3466-01 - Red Hat CloudForms Management Engine delivers the insight, control, and automation needed to address the challenges of managing virtual environments. CloudForms Management Engine is built on Ruby on Rails, a model-view-controller framework for web application development. Action Pack implements the controller and the view components. Issues addressed include a code execution vulnerability.
c8fd9daeba7ca15104e6c47fe5878c20Advantech WebAccess SCADA version 8.3.2 suffers from a code execution vulnerability.
727aaf04dd2f0fb7bd5914eeb8b226cfLoadbalancer.org Enterprise VA MAX version 8.3.2 suffers from a code execution vulnerability.
3b75b6e41ec6f5f7612096db9d4dd574Apple Security Advisory 2018-10-30-11 - tvOS 12 addresses code execution and denial of service vulnerabilities.
923d8a8b10912d6e06bbdafb5c762db7Apple Security Advisory 2018-10-30-14 - macOS High Sierra 10.13.6, Security Update 2018-004 Sierra, Security Update 2018-004 El Capitan address buffer overflow, code execution, denial of service, information leakage, and null pointer vulnerabilities.
f1dbc0bc60d79fd4e3c5f0b9d2264c9eApple Security Advisory 2018-10-30-8 - iOS 12 addresses code execution and denial of service vulnerabilities.
ecc5aee44c05b11b397afe48c8e8e894Apple Security Advisory 2018-10-30-9 - macOS Mojave 10.14 addresses buffer overflow, code execution, denial of service, and information leakage vulnerabilities.
11701ebf662e62c543b6d5d6904f76fcApple Security Advisory 2018-10-30-12 - iCloud for Windows 7.7 addresses code execution vulnerabilities.
05f0fe42cb1db54ee90c71b3eee85dfaApple Security Advisory 2018-10-30-13 - iTunes 12.9 for Windows addresses code execution vulnerabilities.
fb11b00b47c2a7df74b175cfc6cf006fApple Security Advisory 2018-10-30-10 - watchOS 5 addresses code execution and denial of service vulnerabilities.
3d919dea3edb7e67040a6b28e155695bApple Security Advisory 2018-10-30-7 - iCloud for Windows 7.8 is now available and addresses code execution, cross site scripting, denial of service, and resource exhaustion vulnerabilities.
dbaa9f5688d41d9635ca398dd90b194bApple Security Advisory 2018-10-30-2 - macOS Mojave 10.14.1, Security Update 2018-001 High Sierra, and Security Update 2018-005 Sierra are now available and address buffer overflow, code execution, denial of service, and information leakage vulnerabilities.
8c8e8b2371c732c8c18cc33fbce89068Apple Security Advisory 2018-10-30-5 - tvOS 12.1 is now available and addresses code execution, denial of service, and resource exhaustion vulnerabilities.
0fd460310c2178897cd9e119d2a32418Apple Security Advisory 2018-10-30-6 - iTunes 12.9.1 is now available and addresses code execution, cross site scripting, denial of service, and resource exhaustion vulnerabilities.
76193e86c78b663ea70849814a1a81c9
© 2018 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed