OkayCMS versions 2.3.4 and below suffer from remote code execution vulnerability.
ac48925812fe6df9cf4011ec5409f36dSiteVision suffers from an issue where attacker may inject non-authorized module when editing pages using a lower privileged account, which can lead to cross site scripting and remote code execution. All versions of SiteVision 4 until 4.5.6 and all versions of SiteVision 5 until 5.1.1 are vulnerable.
e1039e826a6e95e90bc983b83ebc51feYachtcontrol versions dated 2019-10-06 suffer from an unauthenticated remote code execution vulnerability.
ca74a5272a744f07e91607ab0200e00aVerot version 2.0.3 suffers from a remote code execution vulnerability.
6739d5e2efeb9ae98d493066bae7aa08Revive Adserver version 4.2 suffers from a code execution vulnerability.
798dbf2fc1184deffa0d4ee3b26e6156Red Hat Security Advisory 2019-4061-01 - The patch program applies diff files to originals. The diff command is used to compare an original to a changed file. Diff lists the changes made to the file. A person who has the original file can then use the patch command with the diff file to add the changes to their original file. Issues addressed include a code execution vulnerability.
fe7ae1e2aa3a47e5754b1dfab10a4699Red Hat Security Advisory 2019-4037-01 - Red Hat Data Grid is a distributed, in-memory, NoSQL datastore based on the Infinispan project. This release of Red Hat Data Grid 7.3.2 serves as a replacement for Red Hat Data Grid 7.3.1 and includes bug fixes and enhancements, which are described in the Release Notes, linked to in the References section of this erratum. Issues addressed include code execution and deserialization vulnerabilities.
f0a4e6733749d33c3f0d9b2d9ff97c12Mersive Solstice version 2.8.0 suffers from a remote code execution vulnerability.
f3903fc24965899d871de9de55475185pari/gp versions 2.9.1 on Debian Stretch and 2.11 on Debian Buster allow arbitrary file write and hence arbitrary code execution.
0ecadd450355ff88db28e7b58b63b32aOpenNetAdmin version 18.1.1 suffers from a remote code execution vulnerability.
b78ce6ccdab3eb00a716398e6fcf7e4fDebian Linux Security Advisory 4573-1 - Multiple vulnerabilities have been found in the Symfony PHP framework which could lead to a timing attack/information leak, argument injection and code execution via unserialization.
acccbf4720ec0e008144ea8d17fd7c82Red Hat Security Advisory 2019-3901-01 - Red Hat OpenShift Application Runtimes provide an application platform that reduces the complexity of developing and operating applications for OpenShift as a containerized platform. This release of RHOAR Vert.x 3.8.3 includes security updates, bug fixes, and enhancements. For more information, see the release notes linked to in the References section. Issues addressed include code execution and deserialization vulnerabilities.
38c505a5371b1bcf8db927756e67ce46WordPress Social Gallery plugin version 1.0 suffers from a remote code execution vulnerability.
1bb9591e3cec19df6dd4e98eaea723afRed Hat Security Advisory 2019-3892-01 - This release of Red Hat Fuse 7.5.0 serves as a replacement for Red Hat Fuse 7.4, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include code execution, denial of service, deserialization, information leakage, and traversal vulnerabilities.
caca5850ecb30715635fef3da933c44fFastweb Fastgate version 0.00.81 suffers from a remote code execution vulnerability.
999a060c1d84fa002cedc9b1c27c3876This Metasploit module exploits a vulnerability in Bludit. A remote user could abuse the uuid parameter in the image upload feature in order to save a malicious payload anywhere onto the server, and then use a custom .htaccess file to bypass the file extension check to finally get remote code execution.
44b13fc33bc85981452f45311edc6929Ubuntu Security Notice 4181-1 - A large number of security issues were discovered in the WebKitGTK+ Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and arbitrary code execution.
d2ed637960fd61223d19e006ebfa327bPrima Access Control version 2.3.35 authenticated python script upload remote root code execution exploit.
117f749e7f2c75221ff5de44fb05a88aOptergy versions 2.3.0a and below authenticated file upload remote root code execution exploit.
f65d6a3bb4f0613c29b924c18b98dc3dFUDForum version 3.0.9 suffers from remote code execution and stored cross site scripting vulnerabilities.
85fcbef86c0f69e85d73a2d8f71402a2Linear eMerge E3 versions 1.00-06 and below arbitrary file upload remote root code execution exploit.
7cb54d49b3539c9a3b2258832481a863Linear eMerge50P/5000P 4.6.07 remote code execution exploit.
2789c6b2f40bbe8a15601a4c42957f1dWebKitGTK+ and WPE WebKit suffer from code execution, universal cross site scripting, and memory corruption vulnerabilities. Multiple versions are affected.
0bf496eb9a2459aaeda0b426f3ef0edbUbuntu Security Notice 4178-1 - A large number of security issues were discovered in the WebKitGTK+ Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and arbitrary code execution.
306c8955c2f273afb8b953e5c146c877This Metasploit module exploits the SNMP write access configuration ability of SNMP-EXTEND-MIB to configure MIB extensions and lead to remote code execution.
7bbcbcc6643285e6383d196644e39589
© 2019 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed