Complaint Management System version 4.0 suffers from a remote code execution vulnerability.
899f0a810fb01422e2cc89623675f0fdRed Hat Security Advisory 2020-0002-01 - Git is a distributed revision control system with a decentralized architecture. As opposed to centralized version control systems with a client-server model, Git ensures that each working copy of a Git repository is an exact copy with complete revision history. This not only allows the user to work on and contribute to projects without the need to have permission to push the changes to their official repositories, but also makes it possible for the user to work with no network connection. Issues addressed include a code execution vulnerability.
cd36234c89e0c2d5402da66131bbaedfOnline Course Registration version 2.0 suffers from a remote code execution vulnerability.
ae95616c78b2c6efd75e5e2af523ba4fMicrosoft Windows suffers from a .group file code execution vulnerability that leverages the URL field.
c14d7dd530c485214547e0c84c47d3fdnostromo version 1.9.6 suffers from a remote code execution vulnerability.
ff980450eb67538bbbac656dfdf38d87This Metasploit module exploits a vulnerability in the OpenBSD ld.so dynamic loader (CVE-2019-19726). The _dl_getenv() function fails to reset the LD_LIBRARY_PATH environment variable when set with approximately ARG_MAX colons. This can be abused to load libutil.so from an untrusted path, using LD_LIBRARY_PATH in combination with the chpass set-uid executable, resulting in privileged code execution. This module has been tested successfully on OpenBSD 6.1 (amd64) and OpenBSD 6.6 (amd64).
0a972f77813616f87fc79b2ebe062ffbRed Hat Security Advisory 2019-4361-01 - A library to handle bidirectional scripts, so that the display is done in the proper way, while the text data itself is always written in logical order. Issues addressed include buffer overflow, code execution, and denial of service vulnerabilities.
69c78fe9a9b4d275979cf448d68c603eRed Hat Security Advisory 2019-4356-01 - Git is a distributed revision control system with a decentralized architecture. As opposed to centralized version control systems with a client-server model, Git ensures that each working copy of a Git repository is an exact copy with complete revision history. This not only allows the user to work on and contribute to projects without the need to have permission to push the changes to their official repositories, but also makes it possible for the user to work with no network connection. Issues addressed include a code execution vulnerability.
7efd7969752117a8580c51fefe0f7fb2Red Hat Security Advisory 2019-4326-01 - A library to handle bidirectional scripts, so that the display is done in the proper way, while the text data itself is always written in logical order. Issues addressed include buffer overflow, code execution, and denial of service vulnerabilities.
279e0aef5097c4967b1e02c46be33266Red Hat Security Advisory 2019-4352-01 - Red Hat Fuse provides a small-footprint, flexible, open source enterprise service bus and integration platform. Red Hat A-MQ is a standards compliant messaging system that is tailored for use in mission critical applications. Issues addressed include code execution, deserialization, and information leakage vulnerabilities.
940854291fffce3c45def466bab37588The Telerik UI for ASP.NET AJAX insecurely deserializes JSON objects in a manner that results in arbitrary remote code execution on the software's underlying host.
725661dfbd6f55841367cc547d0ba030Netgear R6400 suffers from a remote code execution vulnerability.
c60d99db4805cfbda0c14ac139d7217dOpenMRS is an open-source platform that supplies users with a customizable medical record system. There exists an object deserialization vulnerability in the webservices.rest module used in OpenMRS Platform. Unauthenticated remote code execution can be achieved by sending a malicious XML payload to a Rest API endpoint such as /ws/rest/v1/concept. This Metasploit module uses an XML payload generated with Marshalsec that targets the ImageIO component of the XStream library. Tested on OpenMRS Platform v2.1.2 and v2.21 with Java 8 and Java 9.
c97ba40f300b81ba6c0c682076d3217cRed Hat Security Advisory 2019-4240-01 - OpenSLP is an open source implementation of the Service Location Protocol which is an Internet Engineering Task Force standards track protocol and provides a framework to allow networking applications to discover the existence, location, and configuration of networked services in enterprise networks. Issues addressed include buffer overflow and code execution vulnerabilities.
e1eaa871e8616c730faf99b7bde88cfeSquiz Matrix CMS suffers from PHP unserialization code execution, information disclosure, and arbitrary file deletion vulnerabilities.
2a89eaa5d695460978b8a6a34c1d28bbApple Security Advisory 2019-12-10-1 - iOS 13.3 and iPadOS 13.3 is now available and addresses code execution and information leakage vulnerabilities.
63ecc57cb8f394aa7eeb808d37658946Apple Security Advisory 2019-12-10-4 - watchOS 5.3.4 is now available and addresses a code execution vulnerability.
efe2abfa605d0b9af26055148d879a1eApple Security Advisory 2019-12-10-3 - macOS Catalina 10.15.2, Security Update 2019-002 Mojave, Security Update 2019-007 High Sierra is now available and addresses buffer overflow, code execution, and denial of service vulnerabilities.
dddf2d42c70f63769a92decc6f5f8dfaApple Security Advisory 2019-12-10-2 - iOS 12.4.4 is now available and addresses a code execution vulnerability.
7ea2f15c6cb33b6ffa5c4ccb81b03eedApple Security Advisory 2019-12-10-5 - tvOS 13.3 is now available and addresses code execution vulnerabilities.
02384b0b061764b2a447d032d4fea9e3Apple Security Advisory 2019-12-10-6 - Safari 13.0.4 is now available and addresses code execution vulnerabilities.
680c79aaea9ce94fc8876e74bd2f8821Apple Security Advisory 2019-12-10-8 - watchOS 6.1.1 is now available and addresses code execution vulnerabilities.
89e0fdbafe8925445e671261927ede83Apple Security Advisory 2019-12-10-7 - Xcode 11.3 is now available and addresses an arbitrary code execution vulnerability.
c2742fa1a9d0605bfdd3999abaa92671Red Hat Security Advisory 2019-4192-01 - The jackson-databind package provides general data-binding functionality for Jackson, which works on top of Jackson core streaming API. Issues addressed include a code execution vulnerability.
54c9f9237e75238330759e67a009a2daAlcatel-Lucent Omnivista 8770 suffers from a remote code execution vulnerability.
0f7cc26132500939004bd71ceacd597f
© 2016 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed