WOOF WooCommerce Products Filter from PluginUs.Net version 1.1.9 suffers from shortcode execution and local file inclusion vulnerabilities.
20403a264b5473118a85d5699ea5b70fMikroTik RouterOS versions prior to 6.38.4 (MIPSBE) Chimay Red stack clash remote code execution exploit.
f3f5dcd2d2e5f242462e44acb2fc45aeSony Playstation 4 (PS4) versions 4.55 up to 5.50 WebKit code execution proof of concept exploit.
be722966f2a039f227ac24c90436ab4eMikroTik RouterOS versions prior to 6.38.4 (x86) Chimay Red stack clash remote code execution exploit.
fa75bb56a5777825b631d7238931d52bACL Analytics versions 11.x through 13.0.0.579 suffer from a code execution vulnerability.
370a580d896af04875904ff83aa58c20Advantech WebAccess versions less than 8.3 suffer from directory traversal and remote code execution vulnerabilities.
e67eb41a2e88e0a2d0c8cb8b0a15388bRed Hat Security Advisory 2018-0469-01 - The Dynamic Host Configuration Protocol is a protocol that allows individual devices on an IP network to get their own network configuration information, including an IP address, a subnet mask, and a broadcast address. The dhcp packages provide a relay agent and ISC DHCP service required to enable and administer DHCP on a network. Security Fix: dhcp: Buffer overflow in dhclient possibly allowing code execution triggered by malicious server.
a73856966bf4f50cab1efc1ce7e973afOTRS versions 5.0.0 through 5.0.24 and 6.0.0 through 6.0.1 suffer from remote code execution vulnerabilities.
ac1bc6a06bf339a083573a1b4efc681cTestLink Open Source Test Management versions prior to 1.9.16 suffer from a remote code execution vulnerability.
40910cbcf1e8ab75e88a90a24e42fce2Sony Playstation 4 (PS4) 5.01 through 5.04 webkit code execution proof of concept exploit.
a43934fa8d5e7b94f0eaaf0e4f5fb50fActivePDF Toolkit versions prior to 8.1.0 suffer from multiple code execution vulnerabilities.
63ce9599e9a3f793133d10673c89b97bSony Playstation 4 (PS4) versions 4.07 up to but not including 4.55 bpf local kernel code execution proof of concept exploit.
559cc86e3a21ec5fe15bbb6df9150f23Red Hat Security Advisory 2018-0350-01 - The gcab package contains a utility for managing the Cabinet archives. It can list, extract, and create Microsoft cabinet files. Security Fix: gcab: Extracting malformed .cab files causes stack smashing potentially leading to arbitrary code execution.
e9bc1efaea17dedddb77265c803136d2CMS Made Simple version 2.1.6 suffers from a remote code execution vulnerability during install time.
374dbe5800d06fa2269f4be2af82aedbHP Security Bulletin MFSBGN03798 1 - A potential security vulnerability has been identified in Micro Focus Universal CMDB. The vulnerability could be remotely exploited to allow Arbitrary Code Execution. Revision 1 of this advisory.
9927f063eece0b7821df444cd7ac81cbRed Hat Security Advisory 2018-0342-01 - The jackson-databind package provides general data-binding functionality for Jackson, which works on top of Jackson core streaming API. Security Fix: A deserialization flaw was discovered in the jackson-databind which could allow an unauthenticated user to perform code execution by sending the maliciously crafted input to the readValue method of the ObjectMapper. Further classes that an attacker could use to achieve code execution through deserialisation were discovered, and added to the blacklist introduced by CVE-2017-7525.
d7783e178d0505caf8949d037b739bcbMonstra CMS versions 3.0.4 and below could suffer from a PHP7 remote code execution vulnerability if certain server conditions are met.
53fbf36a7e179014b9b4c9ef9e798b53Kentico CMS versions 9 through 11 suffer from a remote code execution vulnerability.
8f9a02fa5a2bdcf8d8bbc0c276ac0f8cTenda AC15 suffers from a buffer overflow vulnerability that allows for code execution.
72acd8ec6104f2a685fa1d83a2a72be2Debian Linux Security Advisory 4114-1 - It was discovered that jackson-databind, a Java library used to parse JSON and other data formats, did not properly validate user input before attempting deserialization. This allowed an attacker to perform code execution by providing maliciously crafted input.
ca2602db7870b61fbdcb3dfd1df31f02Dell EMC Isilon OneFS suffers from code execution, cross site request forgery, and cross site scripting vulnerabilities.
035ddfcb8a7d024e325b9f233a3d9bcfNAT32 build 22284 suffers from code execution and cross site request forgery vulnerabilities.
49c0a8a084c7998bc4e286750e176f76HP Security Bulletin MFSBGN03800 1 - A potential vulnerability has been identified in Micro Focus Performance Center. The vulnerability could be exploited to Remote Arbitrary File Modification or Remote Arbitrary Code Execution. Revision 1 of this advisory.
c9065438dcac9c12fa86b0dc97d95af0Red Hat Security Advisory 2018-0294-01 - Red Hat JBoss Data Grid is a distributed in-memory data grid, based on Infinispan. This release of Red Hat JBoss Data Grid 7.1.2 serves as a replacement for Red Hat JBoss Data Grid 7.1.1, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Security Fix: A deserialization flaw was discovered in the jackson-databind which could allow an unauthenticated user to perform code execution by sending the maliciously crafted input to the readValue method of the ObjectMapper.
9dde4661f9f6e3785fd5b9f5cc17a6e9Advantech WebAccess Node version 8.3.0 suffers from an AspVBObj.dll code execution dll hijacking vulnerability.
d399329ffa7fecc776e24fe1316f6ea9
© 2018 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed