Lending and Borrowing suffers from a remote SQL injection vulnerability.
bfc529ecd9f3494e70c90ecf08732a82Multi Level Marketing suffers from a remote SQL injection vulnerability.
4294e24c5aa30a65514390827fd857f0Red Hat Security Advisory 2017-2787-01 - MySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server daemon, mysqld, and many client programs. The following packages have been upgraded to a later upstream version: rh-mysql56-mysql. Security Fix: An integer overflow flaw leading to a buffer overflow was found in the way MySQL parsed connection handshake packets. An unauthenticated remote attacker with access to the MySQL port could use this flaw to crash the mysqld daemon.
4a5b74dd1133da4dc8dd48f82d747670Red Hat Security Advisory 2017-2791-01 - Samba is an open-source implementation of the Server Message Block or Common Internet File System protocol, which allows PC-compatible machines to share files, printers, and other information. Security Fix: It was found that samba did not enforce "SMB signing" when certain configuration options were enabled. A remote attacker could launch a man-in-the-middle attack and retrieve information in plain-text.
48157316bb57da5482376daa7dbb1bb4Red Hat Security Advisory 2017-2790-01 - Samba is an open-source implementation of the Server Message Block protocol and the related Common Internet File System protocol, which allow PC-compatible machines to share files, printers, and various information. Security Fix: It was found that samba did not enforce "SMB signing" when certain configuration options were enabled. A remote attacker could launch a man-in-the-middle attack and retrieve information in plain-text.
d4cd7c1e7b87af03b00efb105c06a969WordPress Responsive Image Gallery plugin version 1.1.8 suffers from a remote SQL injection vulnerability.
fb882fae7dbe8d7978e4631e09eda175Ubuntu Security Notice 3426-1 - Stefan Metzmacher discovered that Samba incorrectly enforced SMB signing in certain situations. A remote attacker could use this issue to perform a man in the middle attack. Stefan Metzmacher discovered that Samba incorrectly handled encryption across DFS redirects. A remote attacker could use this issue to perform a man in the middle attack. Yihan Lian and Zhibin Hu discovered that Samba incorrectly handled memory when SMB1 is being used. A remote attacker could possibly use this issue to obtain server memory contents. Various other issues were also addressed.
e2078333b00028eb10dbb8aa6c2c164fUbuntu Security Notice 3425-1 - Hanno Boeck discovered that the Apache HTTP Server incorrectly handled Limit directives in .htaccess files. In certain configurations, a remote attacker could possibly use this issue to read arbitrary server memory, including sensitive information. This issue is known as Optionsbleed.
bfa83093442c8cb0223e5a49b009a8b1Red Hat Security Advisory 2017-2771-01 - GNU Emacs is a powerful, customizable, self-documenting text editor. It provides special code editing features, a scripting language, and the capability to read e-mail and news. Security Fix: A command injection flaw within the Emacs "enriched mode" handling has been discovered. By tricking an unsuspecting user into opening a specially crafted file using Emacs, a remote attacker could exploit this flaw to execute arbitrary commands with the privileges of the Emacs user.
cb35a154f38364f0cf86d57de243546bDlxSpot Player4 LED video wall suffers from a remote shell upload vulnerability. Versions greater than 1.5.10 are affected.
9af7a881088ecdf7ad4e03ae9466faebDlxSpot Player4 LED video wall suffers from a remote SQL injection vulnerability that allows for authentication bypass. Versions greater than 1.5.10 are affected.
2d94a5f031c7d5b9085cc566f159b20bThere is an out-of-bounds read issue in Microsoft Edge that could potentially be turned into remote code execution. The vulnerability has been confirmed on Microsoft Edge 38.14393.1066.0 (Microsoft EdgeHTML 14.14393) as well as Microsoft Edge 40.15063.0.0 (Microsoft EdgeHTML 15.15063).
f8f0367a62a7c9dadd43f0e6c52c13e5Tor is a network of virtual tunnels that allows people and groups to improve their privacy and security on the Internet. It also enables software developers to create new communication tools with built-in privacy features. It provides the foundation for a range of applications that allow organizations and individuals to share information over public networks without compromising their privacy. Individuals can use it to keep remote Websites from tracking them and their family members. They can also use it to connect to resources such as news sites or instant messaging services that are blocked by their local Internet service providers (ISPs).
ec7c9f588c9e1a42c09bcc097a1e55ebGentoo Linux Security Advisory 201709-9 - A command injection vulnerability in Subversion may allow remote attackers to execute arbitrary code. Versions less than 1.9.7 are affected.
1f318f458012ed3bb2fb04bcb5c3a084Gentoo Linux Security Advisory 201709-10 - A command injection vulnerability in Git may allow remote attackers to execute arbitrary code. Versions less than 2.13.5 are affected.
87c2e76385269538182e57e567c19ac7Gentoo Linux Security Advisory 201709-13 - A vulnerability in SquirrelMail might allow remote attackers to execute arbitrary code. Versions less than 1.4.23_pre20140426 are affected.
cb232401734b30b4a34acc080d281ec5Ubuntu Security Notice 3418-1 - It was discovered that the GDK-PixBuf library did not properly handle certain jpeg images. If an user or automated system were tricked into opening a specially crafted jpeg file, a remote attacker could use this flaw to cause GDK-PixBuf to crash, resulting in a denial of service, or possibly execute arbitrary code. It was discovered that the GDK-PixBuf library did not properly handle certain tiff images. If an user or automated system were tricked into opening a specially crafted tiff file, a remote attacker could use this flaw to cause GDK-PixBuf to crash, resulting in a denial of service, or possibly execute arbitrary code. Various other issues were also addressed.
6ea24115becec07c142c0e43fe654aceUbuntu Security Notice 3421-1 - It was discovered that Libidn2 incorrectly handled certain input. A remote attacker could possibly use this issue to cause Libidn2 to crash, resulting in a denial of service.
3bed95d5ea26f28c5276b97bdec3ac22Gentoo Linux Security Advisory 201709-7 - A vulnerability in Kpathsea allows remote attackers to execute arbitrary commands by manipulating the -tex option from mpost program. Versions less than 6.2.2_p20160523 are affected.
281547b29dde2859058350726bca042bGentoo Linux Security Advisory 201709-6 - A vulnerability in Supervisor might allow remote attackers to execute arbitrary code. Versions less than 3.1.4 are affected.
9eaf02e97bea5c4a5ab2bcea2e8014caGentoo Linux Security Advisory 201709-4 - A vulnerability in mod_gnutls allows remote attackers to spoof clients via crafted certificates. Versions less than 0.7.3 are affected.
8eb192ea905cac5222a46fbb920b8a8fGentoo Linux Security Advisory 201709-3 - Multiple vulnerabilities have been found in WebkitGTK+, the worst of which may allow remote attackers to execute arbitrary code. Versions less than 2.16.5 are affected.
d251d74223cbe558439a3039173afde9Gentoo Linux Security Advisory 201709-2 - Multiple vulnerabilities have been found in Binutils, the worst of which may allow remote attackers to cause a Denial of Service condition. Versions less than 2.28.1 are affected.
f1936ee853c46afad6ba02b59f393c46Astaro Security Gateway 7 suffers from a remote code execution vulnerability.
593db61c13a32607441358ca66907051XYZ Auto Classifieds version 1.0 suffers from a remote SQL injection vulnerability.
a59c025d364f6d4da15216c1550a1164
© 2016 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed