NETGEAR ADSL router WNR500 with firmware version 1.0.7.2 suffers from a file disclosure vulnerability.
37be78c42c3b55a3b819038c95ab826cabf382a3f2e995c0d63f525d10469092
WordPress WassUp Real Time Analytics plugin version 1.9 suffers from a persistent cross site scripting vulnerability.
e8137223a57a625cf51649d12b64986a673655e47a6295721338115351eeeda2
D-Link ADSL router DSL-2750E with firmware version SEA_1.01 suffers from a file disclosure vulnerability.
b5cc0cb35b840c6c2c8438b5a60b7406a7e537060a74b65c8afb79b6db75e0da
D-Link ADSL router DSL-2750U with firmware version IN_1.02 suffers from a file disclosure vulnerability.
17a33f87025c815f104a5eaf2901d637b55e392eedc1676d79ed751ba87abf30
D-Link ADSL router DSL-2750E with firmware version SEA_1.04 suffers from a file disclosure vulnerability.
4c263e7e84c9a03874186180d8c6e97f6a4c6172c73172bd76477eb821290289
PLANET ADSL router AND-4101 version 1.8 suffers from a file disclosure vulnerability.
0291af77aa2080fa30afc81376a583d98c46f724faff946aa572825c0d428aac
NETGEAR ADSL router JNR1010 with firmware version 1.0.0.16 suffers from a file disclosure vulnerability.
24bd17b9494c941c6add9f7baaa6d068169f297fc8c99dcffdf45aad02b0f418
D-Link ADSL router DSL-2730U with firmware version IN_1.02 suffers from a file disclosure vulnerability.
7a59fc02fabba5e5c37b8d049bb3e36936533505c8239de1363d5d407955d4bb
MOVISTAR ADSL router BHS_RTA BHS_RTA_C0_019 suffers from a file disclosure vulnerability.
3109144c6c4063c6fbf2fb1f5dfd651b9ae5c7c7825cf67c068e8b464f5352a8
WordPress Caldera Forms plugin version 1.3.5.3 suffers from a cross site scripting vulnerability.
5fe319cfc0582676fbf3df11ae0eedd99b8dcaba165bf4d04951d75ab931d4e3
WordPress Quotes Collection plugin version 2.0.5 suffers from a cross site scripting vulnerability.
3e714101167947eb893acf037ef84d9ed96b9fc784119af58b4e11c5506a768a
WordPress YITH WooCommerce Compare plugin version 2.0.9 suffers from a PHP object injection vulnerability.
0db04c264f42b23b55cb4613767ded49fab18d10ff1bb03155469fb2bb5d9b85
This report explains the ability to change the code of Bart. An attacker can edit the code and seamlessly put their own dark website with a different Bitcoin account.
235979bd4239144dac76322065de02f0e43ecad6b1af8f34cf9b75dd3c4fb090
Android devices can be crashed forcing a halt and then a soft reboot by downloading a large proxy auto config (PAC) file when adjusting the Android networking settings. This can also be exploited by an MITM attacker that can intercept and replace the PAC file. However, the bug is mitigated by multiple factors and the likelihood of exploitation is low.
9a6a1af684f67a60cc245b0a7841aeca5cc4c686f0d9b20cffcd532b0d7b75f1
Verint Impact 360 version 11.1 suffers from a cross site scripting vulnerability.
54466b5060b6fd427f94d75478de5e4cab2d71ef2d0fa9d482daec21fc337374
A stack buffer overflow affects several D-Link routers and can be exploited by an unauthenticated attacker. The interesting thing about this vulnerability is that it affects both ARM and MIPS devices, so exploitation is slightly different for each type.
cb979ec54ab67f3c6ce43a8df2d9651d4f4b33a1511fd13e636ea603d7c292d6
Debian Linux Security Advisory 3707-1 - Several vulnerabilities have been discovered in OpenJDK, an implementation of the Oracle Java platform, resulting in breakouts of the Java sandbox or denial of service.
26c1328e5eb986a17476cf821d7021bb648a48216dc71e92833317634cdaccad
HP Security Bulletin HPSBGN03643 1 - Potential security vulnerabilities have been identified in the Filter SDK component of HPE KeyView. These vulnerabilities could be exploited remotely to allow code execution. Revision 1 of this advisory.
5fcf168a5e11f3ffa6c1e51ce1fa0dd0bfe6ab355c1e3756e5301a956e6c100a
Red Hat Security Advisory 2016-2675-01 - The Pacemaker cluster resource manager is a collection of technologies working together to provide data integrity and the ability to maintain application availability in the event of a failure. Security Fix: An authorization flaw was found in Pacemaker, where it did not properly guard its IPC interface. An attacker with an unprivileged account on a Pacemaker node could use this flaw to, for example, force the Local Resource Manager daemon to execute a script as root and thereby gain root access on the machine.
a68cb6d8e8b31bf59042cd3b25b599310ecfc4572219f094534586a9d3317e8d
HP Security Bulletin HPSBGN03656 1 - Several vulnerabilities are addressed in this security bulletin: * Potential security vulnerabilities were identified in HPE Network Node Manager i (NNMi) Software. The vulnerability could result in cross-site scripting (XSS). * A vulnerability in Apache Commons Collections for handling Java object deserialization was addressed by HPE Network Node Manager i (NNMi) Software. The vulnerability could be remotely exploited to allow remote code execution. Revision 1 of this advisory.
725b923c074674fa9ab362f651b92f45fa124a6151253c8521f25e8694d74589
HP Security Bulletin HPSBGN03657 1 - A potential security vulnerability was identified in HPE Network Node Manager i (NNMi) Software. The vulnerability could result in local code execution. Revision 1 of this advisory.
735c2d5a6677c1c934bdb6c3e7dc60d42aa3c2aa0c3349e08df85047d41419da
Red Hat Security Advisory 2016-2674-01 - The libgcrypt library provides general-purpose implementations of various cryptographic algorithms. Security Fix: A design flaw was found in the libgcrypt PRNG. An attacker able to obtain the first 580 bytes of the PRNG output could predict the following 20 bytes.
caf6d9e673258d4b82393cbb762f5437eca9d415345b9281588f106dbc75a521
Faraznet CMS version 4.x suffers from a cross site scripting vulnerability.
520ccc53a04695dad61179d8d1abfc4f2fd58d47fbf5984487eb12e2a76925f1
NodCMS suffers from a code execution vulnerability by leveraging a cross site request forgery vulnerability.
b385bfd2e1ed36be02d3dff98b02b6ed9703d813d2d8545b1bcff69187d57ded
NodCMS suffers from a cross site scripting vulnerability.
67b9df9da3297615f3801c6acfb5b496dfb68103df20d1aa24dcbeeec602ee60