CE Phoenix version 1.0.8.20 remote code execution exploit written in Python.
442e8d9deeb16781dd142ed87c294e9454d90653e85fe286945812163a1c322bm-privacy TightGate-Pro suffers from code execution, insecure permissions, deletion mitigation, and outdated server vulnerabilities.
55d99668e130fe585eb26f5ac98889fe0cb5368f4185842bb3d4346adf9bd24bGentoo Linux Security Advisory 202311-15 - Multiple vulnerabilities have been discovered in LibreOffice, the worst of which could lead to code execution. Versions greater than or equal to 7.5.3.2 are affected.
8565cab1b912e7da5df400c5a54f2c932ad31b19603f377bda4e59992ce4adbdGentoo Linux Security Advisory 202311-14 - Multiple vulnerabilities have been discovered in GRUB, which may lead to secure boot circumvention or code execution. Versions greater than or equal to 2.06-r9 are affected.
e1d6f653ba430e2e99be01237986f1d5ffba3214eb646bef34b165da21e6965dGentoo Linux Security Advisory 202311-12 - Multiple vulnerabilities have been discovered in MiniDLNA, the worst of which could lead to remote code execution. Versions greater than or equal to 1.3.3 are affected.
cc83bcbe6bdba045adbde73827f2740686afd44ef103d3b118c9f8a6ea84554aGentoo Linux Security Advisory 202311-11 - Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to remote code execution. Versions greater than or equal to 5.15.10_p20230623 are affected.
a22a94578a7a21e61983f216e5af0590879d461fc663d27ad2e4fffa1e164182Gentoo Linux Security Advisory 202311-10 - Multiple vulnerabilities have been discovered in RenderDoc, the worst of which leads to remote code execution. Versions greater than or equal to 1.27 are affected.
bf84b86dc75bb921790e2af42326e3940b3c710e05cfe037fa3489aacb04b9feGentoo Linux Security Advisory 202311-9 - Multiple vulnerabilities have been discovered in Go, the worst of which could lead to remote code execution. Versions greater than or equal to 1.20.10 are affected.
7cd3fdaa4650cc67226eaaa58c1a34f9f619b6ed9f3c06868a9c23ebed7861b0Gentoo Linux Security Advisory 202311-4 - Multiple vulnerabilities have been discovered in Zeppelin, the worst of which could lead to remote code execution. Versions greater than or equal to 0.10.1 are affected.
d1bd56112e1630db39b4c5df27dc3b827f8c421bcf2c13c7926e5735f384e3b8Gentoo Linux Security Advisory 202311-3 - Multiple vulnerabilities have been discovered in SQLite, the worst of which may lead to code execution. Versions greater than or equal to 3.42.0 are affected.
1c78773ee054ae93bfcd3b4e97d0857dff73e53681e6d7e0a540acff2c260724WordPress UserPro plugin versions 5.1.1 and below suffer from an insecure password reset mechanism, information disclosure, and authentication bypass vulnerabilities. Versions 5.1.4 and below suffer from privilege escalation and shortcode execution vulnerabilities.
bfb7306b803b1acac19078db2972f3aa4724b44e3c44892d41946574771b0edaUbuntu Security Notice 6490-1 - Several security issues were discovered in the WebKitGTK Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and arbitrary code execution.
d35bfaa2f5bcc9080ab733d02c9fe09161108b6505edc3ee149515eb5f62da3aDebian Linux Security Advisory 5557-1 - WebKitGTK has vulnerabilities. Junsung Lee discovered that processing web content may lead to a denial-of-service. An anonymous researcher discovered that processing web content may lead to arbitrary code execution.
710c12a392c1608d028476cf8738b50a4006dbed3c4673fef485996272d5642cRed Hat Security Advisory 2023-7288-01 - An update for Openshift Jenkins is now available for Red Hat Product OCP Tools 4.14. Issues addressed include bypass, code execution, cross site scripting, and denial of service vulnerabilities.
2d749ef1a874df2c3d2ea1bc5b6df6559bdc02bce42e690e1738e4800b48e48dRed Hat Security Advisory 2023-7247-01 - A minor version update is now available for Red Hat Fuse. The purpose of this text-only errata is to inform you about the security issues fixed in this release. Issues addressed include bypass, code execution, denial of service, deserialization, and information leakage vulnerabilities.
a97bc56bdba02de568855d9854e71af10de6a15aaa4a18f4ce0dd012890cf36bRed Hat Security Advisory 2023-7083-01 - An update for emacs is now available for Red Hat Enterprise Linux 8. Issues addressed include a code execution vulnerability.
23d39c554c6fd82debca7063e7200e9b7237a37b543dea78812f18ceeffb3718Red Hat Security Advisory 2023-7055-01 - An update for webkit2gtk3 is now available for Red Hat Enterprise Linux 8. Issues addressed include bypass, code execution, and use-after-free vulnerabilities.
0c9bffef7baf9bec550218d430a40caa1b746a78f2b4e3b720ad6e5925cd0993This Metasploit module leverages an insecure deserialization of data to get remote code execution on the target OS in the context of the user running the website which utilized AjaxPro. To achieve code execution, the module will construct some JSON data which will be sent to the target. This data will be deserialized by the AjaxPro JsonDeserializer and will trigger the execution of the payload. All AjaxPro versions prior to 21.10.30.1 are vulnerable to this issue, and a vulnerable method which can be used to trigger the deserialization exists in the default AjaxPro namespace. AjaxPro 21.10.30.1 removed the vulnerable method, but if a custom method that accepts a parameter of type that is assignable from ObjectDataProvider (e.g. object) exists, the vulnerability can still be exploited. This module has been tested successfully against official AjaxPro on version 7.7.31.1 without any modification, and on version 21.10.30.1 with a custom vulnerable method added.
470e2135e69570b66a769eea31a8b6422e6824ca448dd2a2aa7787340d06da77Ubuntu Security Notice 6469-1 - Ashley Newson discovered that xrdp incorrectly handled memory when processing certain incoming connections. An attacker could possibly use this issue to cause a denial of service or arbitrary code execution.
27f22e8c4599953e60c42928e27a91e4846b71c55ab10ff261b55486e50e373bGentoo Linux Security Advisory 202311-2 - Multiple vulnerabilities have been discovered in Netatalk, which could lead to remote code execution Versions greater than or equal to 3.1.18 are affected.
3687fbcff94cb1bbeaceabbe41b00d5ee9b888089068ad7eb0a75654d3861d85Gentoo Linux Security Advisory 202311-1 - A vulnerability has been discovered in GitPython where crafted input to Repo.clone_from can lead to code execution. Versions greater than or equal to 3.1.30 are affected.
05ebaac3493a23639af90b15a462c88bcaa4667fbad642e7a1d42bb71ec5611cRed Hat Security Advisory 2023-6879-01 - Red Hat AMQ Broker 7.11.4 is now available from the Red Hat Customer Portal. Issues addressed include code execution and deserialization vulnerabilities.
3fd8ea446e4a612bfb47bad7c5aa3c3155e86e0ff472f905022d74bbecdd45f7Red Hat Security Advisory 2023-6878-01 - Red Hat AMQ Broker 7.10.5 is now available from the Red Hat Customer Portal. Issues addressed include code execution and deserialization vulnerabilities.
ea617a7ad7dd31d150e6f61bd936b37e004abacb1d7edf868654187c261425a5Red Hat Security Advisory 2023-6877-01 - Red Hat AMQ 6.3 container image is now available from the Red Hat Customer Portal. Issues addressed include code execution and deserialization vulnerabilities.
1300d1225e163e7fb53c6ecb2ca3f4829ac3bb4b5be0663a46961139960e4b5fRed Hat Security Advisory 2023-6866-01 - An update for jboss-amq-6-amq63-openshift-container is now available for RHEL-7 based Middleware Containers. Issues addressed include code execution and deserialization vulnerabilities.
0753769a5df0ca75540ae7e0659c897c6fcb6a61c5f66a4feca984391dc0659b
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed