Windows Media Player version 12.0.9600.19145 suffers from an improper synchronization vulnerability that cause a freeze or an exploitable buffer overrun crash and may potentially lead to code execution and information disclosure.
da9a5c4aab3550eab05ea63787b13b29ECOA building automation systems suffer from a configuration download information disclosure vulnerability. Many versions are affected.
9937e09846019448729171bc05c2214bCompro Technology IP Camera suffers from a screenshot disclosure vulnerability.
dacb2881899a383d1ea1137a51ce58dbCompro Technology IP Camera suffers from a stream disclosure vulnerability.
3320b3d56087430745985ec3be9d58d5Compro Technology IP Camera suffers from multiple credential disclosure vulnerabilities.
057e3f25cc663f43a17d9a78de458afcCompro Technology IP Camera suffers from an unauthenticated RTSP stream disclosure vulnerability.
4e369c7344baeed2abc83dcfdd90c56fUbuntu Security Notice 5054-1 - Felix Wilhelm discovered a buffer overflow flaw in the mod_proxy_uwsgi module. An attacker could use this vulnerability to provoke an information disclosure or potentially remote code execution.
020feed894a3c2eeaf34898ceb9a2a21Red Hat Security Advisory 2021-3317-01 - hw: Vector Register Data Sampling hw: L1D Cache Eviction Sampling hw: Special Register Buffer Data Sampling hw: Information disclosure issue in Intel SGX via RAPL interface hw: Vector Register Leakage-Active. Issues addressed include information leakage and privilege escalation vulnerabilities.
5ebdc84d4bbc06f7f89a56625f95ccf8Xiaomi browser version 10.2.4.g suffers from a browser search history disclosure vulnerability.
9dea490704dc2785ee1fa573e8494850qdPM version 9.2 discloses the password and connection string for the database in an internet-accessible file.
f3957d07a12110793ec90acf6b553c7eDenver IP Camera SHO-110 suffers from an unauthenticated disclosure of a snapshot.
9c56c41fd6c84e6025c78a7ea70f8fc2Elasticsearch ECE version 7.13.3 anonymous database dumping exploit.
4ac1b7bc67c52c5c05cd6ea91a56b7e3ElasticSearch version 7.13.3 memory disclosure exploit.
128e0970c644272d608d5ebe1bafc7e5Gentoo Linux Security Advisory 202107-22 - An information disclosure vulnerability in InspIRCd may allow remote attackers to obtain sensitive information. Versions less than 3.10.0 are affected.
f20b3cc67bfcb1803c8fd7c4f01f7c6aGentoo Linux Security Advisory 202107-10 - A bug in TCG TPM2 Software Stack may result in information disclosure to a local attacker. Versions less than 2.4.3 are affected.
ace381835ae63e109ca33eb3f4bd88d7WordPress Modern Events Calendar plugin version 5.16.2 suffers from an issue where unauthenticated parties can export all event data.
6efc8a4724dc0a980761c66c25d05189This ruby script is a 4-in-1 exploit that leverages shell upload, bypass, and information disclosure vulnerabilities in Monitorr version 1.7.6m.
5113f4119e78d0b0c1dcb46bad362104Solar-Log 500 version 2.8.2 suffers from password disclosure vulnerabilities.
8429dfd70a2f5fd9d8a8d713f0d13163GetSimple CMS version 3.3.4 suffers from an information disclosure vulnerability.
954698df1ae195237a6d1a9f005c0f3fGentoo Linux Security Advisory 202105-32 - Multiple vulnerabilities have been found in PostgreSQL, the worst of which could result in information disclosure. Versions less than 13.2 are affected.
d2bf39298285d297fffa6b1526de8daeThis Metasploit module scan for a vulnerability on Microsoft Exchange Server that allows an attacker bypassing the authentication and impersonating as the admin by chaining this bug with another post-auth arbitrary-file-write vulnerability to get code execution. As a result, an unauthenticated attacker can execute arbitrary commands on Microsoft Exchange Server. This vulnerability affects Exchange 2013 versions below 15.00.1497.012, Exchange 2016 CU18 below 15.01.2106.013, Exchange 2016 CU19 below 15.01.2176.009, Exchange 2019 CU7 below 15.02.0721.013, and Exchange 2019 CU8 below 15.02.0792.010 . All components are vulnerable by default.
dc11b2a7355d1a3002d6afb260c6975fMicrosoft Exchange 2019 unauthenticated email download exploit.
38fb98664e2b38a6b3aea74819d024c1Shenzhen Skyworth RN510 suffers from an unauthenticated sensitive information disclosure vulnerability.
0b53bad554735a88788e329a6adbf84dTenda versions D151 and D301 configuration downloading exploit.
8d28e121fdd0868219658db48e414798Novel Boutique House-plus version 3.5.1 suffers from an arbitrary file download vulnerability.
42bb6ab8fbb22d1d6e432d8387e96e18
© 2020 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed