MAPLE Computer WBT SNMP Administrator version 2.0.195.15 remote buffer overflow exploit with egghunter.
264d4bba8bff62a4e99bb6090af82f9bfuelCMS versions 1.4.1 and below suffer from a remote code execution vulnerability.
a5a4dc9ae500263d43df8a50510e2e75Web Ofisi E-Ticaret version 3 suffers from a remote SQL injection vulnerability.
7437ac5aa2847a7b983ed6607274391bWeb Ofisi Emlak version 3 suffers from a remote SQL injection vulnerability.
bbaf456b027e33df396413601723412bWeb Ofisi Emlak version 2 suffers from a remote SQL injection vulnerability.
acb2c38c14f06b7981c22fc021efba3dWeb Ofisi Platinum E-Ticaret version 5 suffers from a remote SQL injection vulnerability.
e955a8dea20f701a89460c42b02c090eWeb Ofisi Firma version 13 suffers from a remote SQL injection vulnerability.
2f9e04f372779e233112abf19aebb546Web Ofisi Rent a Car version 3 suffers from a remote SQL injection vulnerability.
a5d470c60fe210d7fc74f1549a7e6e81Web Ofisi Firma Rehberi version 1 suffers from a remote SQL injection vulnerability.
f92543b358ec74c2815f6389befe02b0Ubuntu Security Notice 4066-1 - It was discovered that libmspack incorrectly handled certain CHM files. A remote attacker could possibly use this issue to access sensitive information.
6800260250ac2328cef66a5e824412f6Ubuntu Security Notice 4065-1 - It was discovered that Squid incorrectly handled Digest authentication. A remote attacker could possibly use this issue to cause Squid to crash, resulting in a denial of service. It was discovered that Squid incorrectly handled Basic authentication. A remote attacker could use this issue to cause Squid to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 19.04. Various other issues were also addressed.
4f76b96ab8a7b06f1886fa584c06000cUbuntu Security Notice 4063-1 - Nils Emmerich discovered that LibreOffice incorrectly handled LibreLogo scripts. If a user were tricked into opening a specially crafted document, a remote attacker could cause LibreOffice to execute arbitrary code. Matei "Mal" Badanoiu discovered that LibreOffice incorrectly handled stealth mode. Contrary to expectations, bullet graphics could be retrieved from remote locations when running in stealth mode. Various other issues were also addressed.
5c4a3cb496c551255388e2750ed2e624Ubuntu Security Notice 4059-2 - USN-4059-1 and USN-3557-1 fixed several vulnerabilities in Squid. This update provides the corresponding update for Ubuntu 12.04 ESM. Louis Dion-Marcil discovered that Squid incorrectly handled certain Edge Side Includes responses. A malicious remote server could possibly cause Squid to crash, resulting in a denial of service. Various other issues were also addressed.
d94434b55f2ed5a67ffc830571769e16Huawei HG530 suffers from unauthenticated remote reboot and restore vulnerabilities.
960066e7bdcc835fbc6e47444eb6a973Ubuntu Security Notice 4059-1 - It was discovered that Squid incorrectly handled certain SNMP packets. A remote attacker could possibly use this issue to cause memory consumption, leading to a denial of service. This issue only affected Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. It was discovered that Squid incorrectly handled the cachemgr.cgi web module. A remote attacker could possibly use this issue to conduct cross-site scripting attacks. Various other issues were also addressed.
bf7b4c06d599e5f9a96a8cba60efc48bDameWare Remote Support version 12.0.0.509 Host SEH buffer overflow exploit.
a51904aa9c36feff235373043d90d66aThis Metasploit module exploits a vulnerability in the PHP Laravel Framework for versions 5.5.40, 5.6.x up to 5.6.29. Remote command execution is possible via a correctly formatted HTTP X-XSRF-TOKEN header, due to an insecure unserialize call of the decrypt method in Illuminate/Encryption/Encrypter.php. Authentication is not required, however exploitation requires knowledge of the Laravel APP_KEY. Similar vulnerabilities appear to exist within Laravel cookie tokens based on the code fix. In some cases the APP_KEY is leaked which allows for discovery and exploitation.
7094c48d642dbb2c66067663c6ef39d9Citrix SD-WAN Appliance version 10.2.2 suffers from authentication bypass and remote command execution vulnerabilities.
1c552352db4cb01f5841843a21926509Microsoft Windows Remote Desktop BlueKeep denial of service exploit.
03ea74e7a141e90ebbfc356da5c86bfdPCMan FTP Server 2 ALLO remote buffer overflow exploit.
01605b000736cd3698aa2c0a77b919b8Debian Linux Security Advisory 4481-1 - Harsh Jaiswal discovered a remote shell execution vulnerability in ruby-mini-magick, a Ruby library providing a wrapper around ImageMagick or GraphicsMagick, exploitable when using MiniMagick::Image.open with specially crafted URLs coming from unsanitized user input.
d13f864cfef099af22088b79edee68a4Red Hat Security Advisory 2019-1734-01 - ironic-inspector is an auxiliary service for discovering hardware properties for a node managed by Ironic. Hardware introspection or hardware properties discovery is a process of getting hardware parameters required for scheduling from a bare metal node, given its power management credentials. Issues addressed include a remote SQL injection vulnerability.
f14a4783841d7f70b8405d02f25fb3b2Red Hat Security Advisory 2019-1722-01 - OpenStack Bare Metal is a tool used to provision bare metal machines. It leverages common technologies such as PXE boot and IPMI to cover a wide range of hardware. It also supports pluggable drivers to allow added, vendor-specific, functionality. Issues addressed include a remote SQL injection vulnerability.
19f6f48945ac32596aaaeaa96d41d2a5Red Hat Security Advisory 2019-1707-01 - Ansible is a simple model-driven configuration management, multi-node deployment, and remote-task execution system. Ansible works over SSH and does not require any software or daemons to be installed on remote nodes. Extension modules can be written in any language and are transferred to managed machines automatically. Issues addressed include an information leakage vulnerability.
3c3b82256b1a6a3a1bc79ff64d8a7ec2Red Hat Security Advisory 2019-1708-01 - Ansible is a simple model-driven configuration management, multi-node deployment, and remote-task execution system. Ansible works over SSH and does not require any software or daemons to be installed on remote nodes. Extension modules can be written in any language and are transferred to managed machines automatically. Issues addressed include an information leakage vulnerability.
a125bcefadc690a6bf55abfe64f5810b
© 2019 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed