Roxy Fileman version 1.4.5 for .NET suffers from a directory traversal vulnerability.
8284d1688030466bc863d4e452dcf4ffFTP Commander Pro version 8.03 suffers from a local stack overflow vulnerability.
925505483680514fa64f204f5dad0883NVMS-1000 suffers from a directory traversal vulnerability.
4faa08b0960e93093a283aeb4b7f6d71Windows Defender Antivirus version 4.18.1908.7-0 suffers from a file extension spoofing vulnerability.
bf4d6995971178b6b1ea80749698ee1fQualys discovered a local privilege escalation in OpenBSD's dynamic loader (ld.so). This vulnerability is exploitable in the default installation (via the set-user-ID executable chpass or passwd) and yields full root privileges. They developed a simple proof of concept and successfully tested it against OpenBSD 6.6 (the current release), 6.5, 6.2, and 6.1, on both amd64 and i386; other releases and architectures are probably also exploitable.
5cd25d74e467c8f83e9ece30c0c6b982This Metasploit module exploits a command injection in OpenNetAdmin versions 8.5.14 through 18.1.1.
e0125a1f3ab628006c1c5332f3a1c783Bullwark Momentum Series JAWS version 1.0 suffers from a directory traversal vulnerability.
9c13d9574ed7f6ae1ac1f4755cf23500Product Key Explorer version 4.2.0.0 suffers from a Key denial of service vulnerability.
9bbf0f88fcc147555aafba4f4e7f1811Adobe Acrobat Reader DC for Windows suffers from a heap-based memory corruption vulnerability due to malformed TTF font handling.
758f99d981b49ec41d80325c4f847006AppXSvc 17763 suffers from an arbitrary file overwrite vulnerability.
27175b4528bc6db5f32bd6d10c198699Product Key Explorer version 4.2.0.0 suffers from a Name denial of service vulnerability.
986e1dff710ea02ff435e9d06c008628Lenovo Power Management Driver suffers from buffer overflow vulnerability.
491269e11d6df59f01d64d162f95cca9This Metasploit module exploits vBulletin versions 5.x through 5.5.4 leveraging a remote command execution vulnerability via the widgetConfig[code] parameter in an ajax/render/widget_php routestring POST request.
12d01f78d7c81ffd50f6373629755cb8DAViCal CalDAV Server versions 1.1.8 and below suffer from a reflective cross site scripting vulnerability.
106d6376bfe42cd1d4a6aa71f7885eaaDAViCal CalDAV Server versions 1.1.8 and below suffer from a cross site request forgery vulnerability.
71241e8b0dd14c1b51e8708854a79e80DAViCal CalDAV Server versions 1.1.8 and below suffer from a persistent cross site scripting vulnerability.
168863215252aa9df18b7fb2768cce78Apache Olingo OData versions 4.x.x through 4.6.x suffer from an XML external entity injection vulnerability.
051e029f16764feddeb7a0590f43de8eInim Electronics Smartliving SmartLAN/G/SI versions 6.x and below suffer from a hard-coded credential vulnerability.
04f17bebbbf0986a1f927de3cebd3ef5Inim Electronics Smartliving SmartLAN/G/SI versions 6.x and below suffer from an unauthenticated server-side request forgery vulnerability.
f21751ca54479762c2e2bdb3358bab9dInim Electronics SmartLiving SmartLAN/G/SI versions 6.x and below suffer from a remote root command execution vulnerability.
fa5b04b87f4f1fdd3b909cfc78a8b51dWordPress Scoutnet Kalender plugin version 1.1.0 suffers from a cross site scripting vulnerability.
e04e112fcfa436f18ef05c4933998c2cOracle Siebel Sales version 8.1 suffers from a persistent cross site scripting vulnerability.
e51ac3fef4c785e1fff5e0fc2bd40700Alcatel-Lucent Omnivista 8770 suffers from a remote code execution vulnerability.
0f7cc26132500939004bd71ceacd597fSnipe-IT Open Source Asset Management version 4.7.5 suffers from a persistent cross site scripting vulnerability.
ab654a127618deb61eec45dcac220261PRO-7070 Hazir Profesyonel Web Sitesi version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.
791eab6baad5a9a9903848ffb987623d
© 2019 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed