Nagios Network Analyzer version 2.2.1 suffers from a cross site request forgery vulnerability.
99b17f8facb69e3b9eca94cb91e53dcd1bd32f49c3a32850d75530b6550d6f9cNagios Network Analyzer version 2.2.1 suffers from a cross site scripting vulnerability.
01fe7e869773bb1643216bf8041553402cbd6d14d43ba909eecadd58a0506661Debian Linux Security Advisory 3645-1 - Several vulnerabilities have been discovered in the chromium web browser.
dbfb8e97d5d1c0913c9b9713f214890e85611126f518d500900d2c3ba18eb23dNavis WebAccess Express version suffers from a remote SQL injection vulnerability.
e899d00245120e747625fd30545843a978d667c1473a63886f8676872038a3e8Ubuntu Security Notice 3048-1 - Bru Rom discovered that curl incorrectly handled client certificates when resuming a TLS session. It was discovered that curl incorrectly handled client certificates when reusing TLS connections. Marcelo Echeverria and Fernando Munoz discovered that curl incorrectly reused a connection struct, contrary to expectations. This issue only applied to Ubuntu 14.04 LTS and Ubuntu 16.04 LTS. Various other issues were also addressed.
8ee3fb48b7adc731def079b1e3c45d9ade172bb87d565756b2eb899f2c16762dWebNMS Framework versions 5.2 and 5.2 SP1 suffer from directory traversal, code execution, weak obfuscation, and user impersonation vulnerabilities.
9dac125470dd3174093290f26e3dd75ee6cf75cba7fee3ad35151a45855d5c0aRSA AM Prime Self-Service Portal could allow a malicious authenticated user (attacker) to replace his/her token serial number in a PIN change request with the token serial number of a victim user, which may change the PIN of the victim user to the PIN value specified by the attacker in the PIN change request. This may also deny victim?s access to the system. Versions 3.0 and 3.1 prior to build version 1915 are affected.
e4b587fc929e99c40943704d1e48d72544d2b5e89ff4beb76fa5d193ca13555dDebian Linux Security Advisory 3644-1 - Tobias Stoeckmann discovered that cache files are insufficiently validated in fontconfig, a generic font configuration library. An attacker can trigger arbitrary free() calls, which in turn allows double free attacks and therefore arbitrary code execution. In combination with setuid binaries using crafted cache files, this could allow privilege escalation.
000cb9fd32aae09b27f1aa25c7b206d1852d92f35bde68b197699c3748653b2cWordPress Add From Server plugin version 6.2 suffers from a cross site request forgery vulnerability.
6c0c972a52a28a8103eab4912adf199d89faffb156826a7e339ae465f7789ef8Microsoft Windows 7 (x32/x64) suffers from a group policy privilege escalation vulnerability as described in MS16-072.
2ab30a58cdc968d44eaef9a40e6fa883cf7a80fc535361bba990a6e2e7958c85vBulletin versions 5.2.2 and below, 4.2.3 and below, and 3.8.9 and below suffer from a pre-auth server side request forgery vulnerability.
2399e0f10243e428aec1ae8502b9ebad331ccfb7745a1e7561bbf4566c53fd7aSlackware Security Advisory - New stunnel packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1, 14.2, and -current to fix security issues.
65a8d65c9336995cd0a9cdc89690ba2fdc0ea1eec68d519f2339e7fc58d922faSlackware Security Advisory - New openssh packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1, 14.2, and -current to fix security issues.
a62b75c0b98708df6b67b42ecd69a4b38ea282554348408eaa42acff94fc34c5Slackware Security Advisory - New mozilla-firefox packages are available for Slackware 14.1 and 14.2 to fix security issues.
699784ce3858dad84c61fe6f4a9349be96282ec640125e93b49bd2cc3d2a4927Slackware Security Advisory - New curl packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1, 14.2, and -current to fix security issues.
5693aa89ea5da65762d9d22ad391e75c64eb5a352d4ed11267605e036c849f0dphpCollab CMS version 2.5 suffers from a remote SQL injection vulnerability.
43b648645b26b3230959e93601c4a555c9c5df4d3ae856a1879667e515dca3a6
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed