Ubuntu Security Notice 4755-1 - It was discovered that LibTIFF incorrectly handled certain malformed images. If a user or automated system were tricked into opening a specially crafted image, a remote attacker could crash the application, leading to a denial of service, or possibly execute arbitrary code with user privileges.
ce4c73d9700060bb9e46ed6eac083e16Trojan-Dropper.Win32.Daws.etlm malware suffers from a remote unauthenticated system reboot vulnerability.
f4fa7dd89d017221e4cde0c1b8849836Online Catering Reservation System version 1.0 suffers from a remote SQL injection vulnerability.
53624ef7c395d83227fd97f6182a148dVisualWare MyConnection Server version 11.x suffers from a remote code execution vulnerability.
cf188679c13163fa44bbfe617632fcd1Zenphoto CMS versions 1.5.7 and below suffer from a remote shell upload vulnerability.
a2953bf434e2c790793df43f6311240fRemote Desktop Web Access suffers form an authentication timing attack vulnerability.
d7a6d2ac9acd853edd93517eab0a4f55Trojan-Dropper.Win32.Daws.etlm malware suffers from a remote unauthenticated system reboot vulnerability.
68c57accbf9d176f0f232920d6f0c18fNagios XI version 5.7.5 suffers from a cross site scripting and multiple remote code execution vulnerabilities.
71be6646a42cd835a80a6f3fe4eefae8Simple Employee Records System version 1.0 suffers from an unauthenticated remote shell upload vulnerability.
d0eef29666b46dd7390d7081cb53a6e9Ubuntu Security Notice 4747-2 - USN-4747-1 fixed a vulnerability in screen. This update provides the corresponding update for Ubuntu 14.04 ESM. Felix Weinmann discovered that GNU Screen incorrectly handled certain character sequences. A remote attacker could use this issue to cause GNU Screen to crash, resulting in a denial of service, or possibly execute arbitrary code. Various other issues were also addressed.
51106d68ba3d0aa06c100023b37ce617Red Hat Security Advisory 2021-0664-01 - Ansible is a simple model-driven configuration management, multi-node deployment, and remote-task execution system. Ansible works over SSH and does not require any software or daemons to be installed on remote nodes. Extension modules can be written in any language and are transferred to managed machines automatically.
f71ec03e296f56d7d0e2e7e91e4a8bdbUbuntu Security Notice 4698-2 - USN-4698-1 fixed vulnerabilities in Dnsmasq. The updates introduced regressions in certain environments related to issues with multiple queries, and issues with retries. This update fixes the problem. Moshe Kol and Shlomi Oberman discovered that Dnsmasq incorrectly handled memory when sorting RRsets. A remote attacker could use this issue to cause Dnsmasq to hang, resulting in a denial of service, or possibly execute arbitrary code. Moshe Kol and Shlomi Oberman discovered that Dnsmasq incorrectly handled extracting certain names. A remote attacker could use this issue to cause Dnsmasq to hang, resulting in a denial of service, or possibly execute arbitrary code. Moshe Kol and Shlomi Oberman discovered that Dnsmasq incorrectly implemented address/port checks. A remote attacker could use this issue to perform a cache poisoning attack. Moshe Kol and Shlomi Oberman discovered that Dnsmasq incorrectly implemented query resource name checks. A remote attacker could use this issue to perform a cache poisoning attack. Moshe Kol and Shlomi Oberman discovered that Dnsmasq incorrectly handled multiple query requests for the same resource name. A remote attacker could use this issue to perform a cache poisoning attack. It was discovered that Dnsmasq incorrectly handled memory during DHCP response creation. A remote attacker could possibly use this issue to cause Dnsmasq to consume resources, leading to a denial of service. This issue only affected Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, and Ubuntu 20.04 LTS. Various other issues were also addressed.
d9480652e5dc691b11f3f1725a0b37f0Ubuntu Security Notice 4746-1 - Tavis Ormandy discovered that xterm incorrectly handled certain character sequences. A remote attacker could use this issue to cause xterm to crash, resulting in a denial of service, or possibly execute arbitrary code.
019fb5c1e160e7e47bdc8cabc31aac80Ubuntu Security Notice 4747-1 - Felix Weinmann discovered that GNU Screen incorrectly handled certain character sequences. A remote attacker could use this issue to cause GNU Screen to crash, resulting in a denial of service, or possibly execute arbitrary code.
c88959542941690d285357a3da9b35ebASUS Remote Link version 1.1.2.13 suffers from a remote code execution vulnerability.
df59e5b6f100354f333701b14da5fa2dUbuntu Security Notice 4745-1 - David Benjamin discovered that OpenSSL incorrectly handled comparing certificates containing a EDIPartyName name type. A remote attacker could possibly use this issue to cause OpenSSL to crash, resulting in a denial of service. Tavis Ormandy discovered that OpenSSL incorrectly handled parsing issuer fields. A remote attacker could possibly use this issue to cause OpenSSL to crash, resulting in a denial of service. Various other issues were also addressed.
1a7f63d15153eb9e27d7797b79124c6aUnified Remote version 3.9.0.2463 suffers from a remote code execution vulnerability.
240c6cd2b7dc24499bf8b9041b110f77LayerBB version 1.1.4 suffers from a remote SQL injection vulnerability.
6de2f87bd092a51c9d7160d359e7ae0ePython jsonpickle version 2.0.0 suffers from a remote code execution vulnerability.
7f823e00e2ad92c744d0d31059e24f72VMware vCenter version 6.5 and 7.0 remote code execution proof of concept exploit.
0e2cd531bc599d8832ac0d628c3d1aeaSLMail version 5.1.0.4420 remote code execution exploit.
fb80ef2495dd59e60f4f343bd7cf02a2This Metasploit module uses job functionality in the Apache Flink dashboard web interface to upload and execute a JAR file, leading to remote execution of arbitrary Java code as the web server user. This module has been tested successfully on Apache Flink versions: 1.9.3 on Ubuntu 18.04.4; 1.11.2 on Ubuntu 18.04.4; 1.9.3 on Windows 10; and 1.11.2 on Windows 10.
df5b84ceecc3ad0a0dd97aadca7fdd1aHFS (HTTP File Server) version 2.3.x remote code execution exploit.
b595e576c62f3f8fe99679ec1f65cc13eChat version 1.0 suffers from a remote SQL injection vulnerability.
7601ab56af8150320041155a410557b4240 bytes small Windows/x86 add user Alfred to administrators/remote desktop users group shellcode.
444c0277c03e6f66fefa718118a17499
© 2020 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed