IPFire, a free linux based open source firewall distribution, version prior to 2.19 Update Core 110 contains a remote command execution vulnerability in the ids.cgi page in the OINKCODE field.
1f8ebd286acb009b1e30960495f5b74dGentoo Linux Security Advisory 201707-15 - Multiple vulnerabilities have been found in Adobe Flash Player, the worst of which allows remote attackers to execute arbitrary code. Versions less than 26.0.0.137 are affected.
45afa64a6b1c6faf4e76710b92a00baaNEC Universe UM4730 versions prior to 11.8 suffers from a remote SQL injection vulnerability.
bd6afe493c6cb60bbef4cc206749064aVirtual Postage (VPA) version 1.0 suffers from a remote code execution vulnerability via man-in-the-middle attacks.
8369a81037615f726ea8562ceb9f8e70SKILLS.com.au Industry App version 1.0 suffers from a remote code execution vulnerability via man-in-the-middle attacks.
4fd64fa016fa5e25eb328a8cf4cbe71dRed Hat Security Advisory 2017-1789-01 - The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Security Fix: It was discovered that the DCG implementation in the RMI component of OpenJDK failed to correctly handle references. A remote attacker could possibly use this flaw to execute arbitrary code with the privileges of RMI registry or a Java RMI application. Multiple flaws were discovered in the RMI, JAXP, ImageIO, Libraries, AWT, Hotspot, and Security components in OpenJDK. An untrusted Java application or applet could use these flaws to completely bypass Java sandbox restrictions.
90fc7883aa9067bf9f49ed06e8ab701cJoomla JoomRecipe component version 1.0.4 suffers from a remote SQL injection vulnerability in search_author.
8e221f04a1069e35f5027530227e087bSonicwall Secure Remote Access (SRA) version 8.1.0.2-14sv suffers from a remote command injection vulnerability.
3e9b87e20111ec904389983baa4b9646Ubuntu Security Notice 3356-2 - USN-3356-1 fix a vulnerability in Expat. This update provides the corresponding update for Ubuntu 12.04 ESM. A It was discovered that Expat incorrectly handled certain external A entities. A remote attacker could possibly use this issue to cause A Expat to hang, resulting in a denial of service. Various other issues were also addressed.
defc3a37143ef73163722d9af3b69529Ubuntu Security Notice 3356-1 - It was discovered that Expat incorrectly handled certain external entities. A remote attacker could possibly use this issue to cause Expat to hang, resulting in a denial of service.
c3ce5df50a741dfe4e6b0991d01ed1f5Ubuntu Security Notice 3355-1 - Frediano Ziglio discovered that Spice incorrectly handled certain invalid monitor configurations. A remote attacker could use this issue to cause Spice to crash, resulting in a denial of service, or possibly execute arbitrary code.
b2fe1779bf56d12df6827bde9585ed5fUbuntu Security Notice 3212-3 - USN-3212-1 and USN-3212-2 fixed a vulnerability in LibTIFF. This update provides a subset of corresponding update for Ubuntu 12.04 ESM. A It was discovered that LibTIFF incorrectly handled certain malformed A images. If a user or automated system were tricked into opening a A specially crafted image, a remote attacker could crash the A application, leading to a denial of service, or possibly execute A arbitrary code with user privileges. Various other issues were also addressed.
67e2591ccaa87a47c374822f1bc3b660Ubuntu Security Notice 3307-2 - USN-3307-1 fixed a vulnerability in OpenLDAP. This update provides the corresponding update for ubuntu 12.04 ESM. A Karsten Heymann discovered that OpenLDAP incorrectly handled certain A search requests. A remote attacker could use this issue to cause slapd A to crash, resulting in a denial of service. Various other issues were also addressed.
65a74670ba8afce1cf5caf902adf4fd4Citrix CloudBridge suffers from a CAKEPHP pre-authentication remote root cookie command injection vulnerability.
c2ccb69375ec5cc51c43f5d8342cbe14Sonicwall version 8.1.0.2-14sv importlogo/sitecustomization remote command execution exploit.
f4bad59c7c3ffd31bf7c765213c2fc43Citrix SD-WAN version 9.1.2.26.561201 logout cookie pre-authentication remote command injection exploit.
ef406c56f17330fc66b94fbd4fbe376aSonicwall SRA version 8.1.0.2-14sv gencsr.cgi remote command injection exploit.
1b8a31b46825c7465b2937b76b39b411Ubuntu Security Notice 3309-2 - Jakub Jirasek discovered that GnuTLS incorrectly handled certain assignments files. If a user were tricked into processing a specially crafted assignments file, a remote attacker could possibly execute arbitrary code.
d9adc4a5e568efdb1a578bb72c43a3d3Barracuda Load Balancer Firmware versions 6.0.1.006 (2016-08-19) and below post-authentication remote root exploit.
dd9661cd7ce5c9e5b97ed4caa71a55d1Various GPC Sanitization bypasses exist in Cisco WebEx that can permit from arbitrary remote command execution.
d813975ef580e832e44c2ebb87aba929Ubuntu Security Notice 3274-2 - USN-3274-1 fixed a vulnerability in icu. This update provides the corresponding update for Ubuntu 12.04 ESM. A It was discovered that ICU incorrectly handled certain memory A operations when processing data. If an application using ICU processed A crafted data, a remote attacker could possibly cause it to crash or A potentially execute arbitrary code with the privileges of the user A invoking the program. Various other issues were also addressed.
0fddf9f1f82d4364c67f177a04c66787Red Hat Security Advisory 2017-1766-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: The NFSv2 and NFSv3 server implementations in the Linux kernel through 4.10.13 lacked certain checks for the end of a buffer. A remote attacker could trigger a pointer-arithmetic error or possibly cause other unspecified impacts using crafted requests related to fs/nfsd/nfs3xdr.c and fs/nfsd/nfsxdr.c.
004d8b9ce9aee29117bfca0aee696e94Sophos Web Appliance version 4.3.0.2 reporting JSON trafficType remote command injection exploit.
6d5a691d22205e8d640310d8376287ceRed Hat Security Advisory 2017-1759-01 - FreeRADIUS is a high-performance and highly configurable free Remote Authentication Dial In User Service server, designed to allow centralized authentication and authorization for a network. Security Fix: An out-of-bounds write flaw was found in the way FreeRADIUS server handled certain attributes in request packets. A remote attacker could use this flaw to crash the FreeRADIUS server or to execute arbitrary code in the context of the FreeRADIUS server process by sending a specially crafted request packet.
2047dbaee96de03766442f03225456fdDotCMS version 4.1.1 suffers from a remote shell upload vulnerability.
6662f3bad9f3f62ed6c7151df589bba6
© 2016 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed