Facturation System version 1.0 suffers from a remote SQL injection vulnerability.
cc739da9b1dce4e69acec65524f7f8edParoiciel version 11.20 suffers from a remote SQL injection vulnerability.
2cef56992e3bde78149d1a2a712ab38bData Center Audit version 2.6.2 suffers from a remote SQL injection vulnerability.
50743004a9d872e2e1324206cc8fb52aWordPress PeepSo plugin version 1.11.2 suffers from a remote time-based SQL injection vulnerability.
f7801a9f20acb28193e406e3e8127b11WordPress WP User Manager plugin version 2.0.8 suffers from a remote time-based SQL injection vulnerability.
b23aa52bd9caaf0ef1b7daec59bcbab1Advanced Comment System version 1.0 suffers from a remote SQL injection vulnerability.
2e410b3407ce4a5c6db3c52fa0679770Ubuntu Security Notice 3814-1 - It was discovered libmspack incorrectly handled certain malformed CAB files. A remote attacker could use this issue to cause libmspack to crash, resulting in a denial of service.
08291f8fba97ca0ed220da4aeaf4801eGentoo Linux Security Advisory 201811-9 - A vulnerability in Icecast might allow remote attackers to execute arbitrary code. Versions less than 2.4.4 are affected.
f6c49ac0f6a5d7138247ff4d411fc2bfGentoo Linux Security Advisory 201811-6 - Multiple vulnerabilities have been found in libde265, the worst of which allows remote attackers to execute arbitrary code. Versions less than 1.0.3 are affected.
42a1b84bbaf2f48f50665de5ebeadd39PacketFence is a network access control (NAC) system. It is actively maintained and has been deployed in numerous large-scale institutions. It can be used to effectively secure networks, from small to very large heterogeneous networks. PacketFence provides NAC-oriented features such as registration of new network devices, detection of abnormal network activities including from remote snort sensors, isolation of problematic devices, remediation through a captive portal, and registration-based and scheduled vulnerability scans.
0d77048b4d1f82bd42c7f8df9b218c52The FTP Server component of the D-LINK Central WifiManager can be used as a man-in-the-middle machine allowing PORT Command bounce scan attacks. This vulnerability allows remote attackers to abuse your network and discreetly conduct network port scanning. Victims will then think these scans are originating from the D-LINK network running the afflicted FTP Server and not you. Version 1.03 r0098 is affected.
83571811be19f02f54e3bf44fda47807Gentoo Linux Security Advisory 201811-3 - A vulnerability in OpenSSL might allow remote attackers to cause a Denial of Service condition. Versions less than 1.0.2o-r6 are affected.
fc3554e4ddb44a3d39e9d3767694abffGentoo Linux Security Advisory 201811-2 - A buffer overflow in Python might allow remote attackers to cause a Denial of Service condition. Versions less than 2.7.15 are affected.
ec4ccf8226c5aad66199371cedbc492fGentoo Linux Security Advisory 201811-1 - Multiple vulnerabilities have been found in X.Org X11 library, the worst of which could allow for remote code execution. Versions less than 1.6.6 are affected.
55133b7ee4b717c649a3eb630beef5fbMicro Focus Security Bulletin MFSBGN03829 1 - A potential vulnerability has been identified in the Operations Bridge Manager capability of the Micro Focus Operations Bridge containerized suite. The vulnerability could be exploited to remote code execution and information disclosure. Revision 1 of this advisory.
129b8eb6c45a0b42e3969e743a7a99b4Ubuntu Security Notice 3813-1 - It was discovered that pyOpenSSL incorrectly handled memory when handling X509 objects. A remote attacker could use this issue to cause pyOpenSSL to crash, resulting in a denial of service, or possibly execute arbitrary code. It was discovered that pyOpenSSL incorrectly handled memory when performing operations on a PKCS #12 store. A remote attacker could possibly use this issue to cause pyOpenSSL to consume resources, resulting in a denial of service. Various other issues were also addressed.
17ee1c5903a74363c12d44b59d9fe872Red Hat Security Advisory 2018-3522-01 - The Simple Protocol for Independent Computing Environments is a remote display protocol for virtual environments. SPICE users can access a virtualized desktop or server from the local system or any system with network access to the server. SPICE is used in Red Hat Enterprise Linux for viewing virtualized guests running on the Kernel-based Virtual Machine hypervisor or on Red Hat Enterprise Virtualization Hypervisors. Issues addressed include a buffer overflow vulnerability.
24eb3ab5c01cfe4fdd69858d462761c2PlayJoom version 0.10.1 suffers from a remote SQL injection vulnerability.
1fa01a64acfd8f6bd2ad5dd05780767aOpenBiz Cubi Lite version 3.0.8 suffers from a remote SQL injection vulnerability.
17e3d4a019fd764657bd670de45a9b2aOOP CMS BLOG version 1.0 suffers from a remote SQL injection vulnerability.
524c65eb1ee41cc4fd1105d9c38839ceUbuntu Security Notice 3812-1 - It was discovered that nginx incorrectly handled the HTTP/2 implementation. A remote attacker could possibly use this issue to cause excessive memory consumption, leading to a denial of service. This issue only affected Ubuntu 16.04 LTS, Ubuntu 18.04 LTS and Ubuntu 18.10. Gal Goldshtein discovered that nginx incorrectly handled the HTTP/2 implementation. A remote attacker could possibly use this issue to cause excessive CPU usage, leading to a denial of service. This issue only affected Ubuntu 16.04 LTS, Ubuntu 18.04 LTS and Ubuntu 18.10. Various other issues were also addressed.
ff9df4d865e372ebb24923ea96bc6bb2Ubuntu Security Notice 3810-1 - Ivan Gotovchits discovered that ppp incorrectly handled the EAP-TLS protocol. A remote attacker could use this issue to cause ppp to crash, resulting in a denial of service, or possibly bypass authentication.
bea0355887912e2020914ed77fd7dedfUbuntu Security Notice 3811-1 - It was discovered that SpamAssassin incorrectly handled certain unclosed tags in emails. A remote attacker could possibly use this issue to cause a denial of service. It was discovered that SpamAssassin incorrectly handled the PDFInfo plugin. A remote attacker could possibly use this issue to execute arbitrary code. It was discovered that SpamAssassin incorrectly handled meta rule syntax. A local attacker could possibly use this issue to execute arbitrary code. Various other issues were also addressed.
7fcbfde9589d7977e424e44fe80a9ea7Grocery Crud version 1.6.1 suffers from a remote SQL injection vulnerability.
3e2d4a995a8a5d0d16a266b8c6e76be1Tor is a network of virtual tunnels that allows people and groups to improve their privacy and security on the Internet. It also enables software developers to create new communication tools with built-in privacy features. It provides the foundation for a range of applications that allow organizations and individuals to share information over public networks without compromising their privacy. Individuals can use it to keep remote Websites from tracking them and their family members. They can also use it to connect to resources such as news sites or instant messaging services that are blocked by their local Internet service providers (ISPs).
8a303c7c2491cd27b1646f6efdc4a5d0
© 2018 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed