Atlassian Fisheye and Crucible versions 4.5.0 through 4.5.2 suffer from a code execution vulnerability.
cc12264137c403adf94d352e2dd1eef5Adobe Flash versions 28.0.0.137 and below remote code execution proof of concept exploit.
d2fd29c4f918f11dabd7bb253cc87a3fRed Hat Security Advisory 2018-0627-01 - Red Hat JBoss Enterprise Application Platform is a platform for Java applications based on the JBoss Application Server. This asynchronous patch is a security update for slf4j package in Red Hat JBoss Enterprise Application Platform 6.4. Issues addressed include a code execution vulnerability.
428bcf1a0a010f5a3ead3ec63c5029a5Red Hat Security Advisory 2018-0628-01 - Red Hat JBoss Enterprise Application Platform is a platform for Java applications based on WildFly. This asynchronous patch is a security update for slf4j package in Red Hat JBoss Enterprise Application Platform 7.1. Issues addressed include a code execution vulnerability.
e1d67fdcd01f4ba9fb1c3c5049f971c3Red Hat Security Advisory 2018-0630-01 - Red Hat JBoss Enterprise Application Platform is a platform for Java applications based on the JBoss Application Server. This asynchronous patch is a security update for slf4j package in Red Hat JBoss Enterprise Application Platform 6.4. Issues addressed include a code execution vulnerability.
e3e4359b66403d866b5f8acee8ca0e16Red Hat Security Advisory 2018-0629-01 - Red Hat JBoss Enterprise Application Platform is a platform for Java applications based on WildFly. This asynchronous patch is a security update for slf4j package in Red Hat JBoss Enterprise Application Platform 7.1. Issues addressed include a code execution vulnerability.
e4524e76320f4a722ea9570e595d4473VideoFlow Digital Video Protection DVP 10 version 2.10 suffers from authenticated remote code execution vulnerability. Including a cross site request forgery vulnerability, a remote attacker can exploit this issue and execute arbitrary system commands granting her system access with root privileges.
96e1a3c362090e4832e802711f4bbb2aosCommerce version 2.3.4.1 suffers from a code execution vulnerability.
6f7265771c718c685efc486888ad79f0Apple Security Advisory 2018-3-29-8 - iCloud for Windows 7.4 is now available and addresses buffer overflow, code execution, and denial of service vulnerabilities.
5159368594b492a7a1fa30f912b8bb64Apple Security Advisory 2018-3-29-7 - iTunes 12.7.4 for Windows is now available and addresses buffer overflow, code execution, and denial of service vulnerabilities.
0b10f3fc739228ad2a5ae93a2ff0fa41Apple Security Advisory 2018-3-29-6 - Safari 11.1 is now available and addresses code execution and denial of service vulnerabilities.
fa287f9616cd902e6ae803074263bb14Apple Security Advisory 2018-3-29-3 - tvOS 11.3 is now available and addresses buffer overflow, code execution, and denial of service vulnerabilities.
49e690c94aa097210c07843e80cb86caApple Security Advisory 2018-3-29-2 - watchOS 4.3 is now available and addresses buffer overflow, code execution, and denial of service vulnerabilities.
296e3f458cbf5f44d50ba3eb77b4d1e5Apple Security Advisory 2018-3-29-1 - iOS 11.3 is now available and addresses buffer overflow, code execution, and denial of service vulnerabilities.
5b92704b509fc3379df8205091238791CA Technologies Support is alerting customers to two potential risks with CA Workload Automation AE and CA Workload Control Center. Two vulnerabilities exist that can allow a remote attacker to conduct SQL injection attacks or execute code remotely. The first vulnerability in CA Workload Automation AE has a medium risk rating and concerns insufficient data validation that can allow an authenticated remote attacker to conduct SQL injection attacks. The second vulnerability in CA Workload Control Center has a high risk rating and concerns an Apache MyFaces configuration that can allow an authenticated remote attacker to conduct remote code execution attacks.
935c0394f16b00a60479a80993828ceeAdvantech WebAccess versions prior to 8.1 webvrpcs DrawSrv.dll path BwBuildPath stack-based buffer overflow remote code execution exploit.
d00ffd5fd32ca5259aff391734a6ec46Debian Linux Security Advisory 4156-1 - A remote code execution vulnerability has been found in Drupal, a fully-featured content management framework.
5c7eb9e82a3ad090341dc8f2e2914e62This Metasploit module exploits a remote code execution vulnerability that exists in GitStack versions through 2.3.10, caused by an unsanitized argument being passed to an exec function call. This Metasploit module has been tested on GitStack version 2.3.10.
49755cb9eaacfa1dd03551ad9d5a3b70This Metasploit module exploits a remote code execution vulnerability in Exodus Wallet. A vulnerability in the ElectronJS Framework protocol handler can be used to get arbitrary command execution if the user clicks on a specially crafted URL.
0e247465a8b7beba07ea27e4cb0057e7Debian Linux Security Advisory 4152-1 - Two vulnerabilities were discovered in MuPDF, a PDF, XPS, and e-book viewer, which may result in denial of service or remote code execution. An attacker can craft a PDF document which, when opened in the victim host, might consume vast amounts of memory, crash the program, or, in some cases, execute code in the context in which the application is running.
612aecfb7e7d14f07f6a2298f6f1fc5bTestLink Open Source Test Management versions prior to 1.9.16 remote proof of concept code execution exploit.
f90fdf250474d1a15abda8d3c859b51eDebian Linux Security Advisory 4151-1 - Bas van Schaik and Kevin Backhouse discovered a stack-based buffer overflow vulnerability in librelp, a library providing reliable event logging over the network, triggered while checking x509 certificates from a peer. A remote attacker able to connect to rsyslog can take advantage of this flaw for remote code execution by sending a specially crafted x509 certificate.
52a24650c3f259d56ee6b6f2a99a993fRed Hat Security Advisory 2018-0592-01 - The Simple Logging Facade for Java or is a simple facade for various logging APIs allowing the end-user to plug in the desired implementation at deployment time. SLF4J also allows for a gradual migration path away from Jakarta Commons Logging. Issues addressed include a code execution vulnerability.
82d022dbe0958505599d8cdce8695e3aRed Hat Security Advisory 2018-0585-01 - Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. The following packages have been upgraded to a later upstream version: rh-ruby23-ruby, rh-ruby23-rubygems, rh-ruby23-rubygem-json, rh-ruby23-rubygem-minitest, rh-ruby23-rubygem-psych. Issues addressed include a code execution vulnerability.
f0e2fe1165cabe24a29facc339a343b4Red Hat Security Advisory 2018-0584-01 - Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. The following packages have been upgraded to a later upstream version: rh-ruby24-ruby. Issues addressed include a code execution vulnerability.
21450526fb1cba04008746315895fd07
© 2018 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed