KeystoneJS version 4.0.0-beta.5 suffers from an unauthenticated stored cross site scripting vulnerability.
881abd2d25635bf6646252976fd1a62284d08ac39e533e0472bf231f6bec2316KeystoneJS version 4.0.0-beta.5 suffers from an unauthenticated CSV injection vulnerability in admin/server/api/download.js and lib/list/getCSVData.js.
2a0d06a04621ea6257d1518d4b20206d976b94c65caac627e89f9c7e3f23cccdUnder certain circumstances a shared folder on Windows can be abused remotely to obtain the user credentials and to freeze the machine.
a3786c197d5f84764cc4238584bcbb27d4db39d6327b9a342215870ceb7ce56bSophos UTM 9 suffers from a local file inclusion vulnerability. Version 9.410 is affected.
ba17012c9d21cd3e781e366f214abfdf9faf9780535e543ae9cf3a40603af138Sophos UTM 9 suffers from a loginuser privilege escalation vulnerability via insecure directory permissions. Version 9.410 is affected.
fd8843e98bd26838d92a0d52e8d9620f3e5d6a90bc1aa8cc078996b66040699aSonicwall WXA5000 version 1.3.2-10-30 suffers from console jail escape and privilege escalation vulnerabilities.
528772153763dde340abad6b6f539c06481ea3af1b1c1bc7eda3277928a19022Infoblox NetMRI version VM-AD30-5C6CE suffers from an administration shell factory reset persistence vulnerability.
b441994193d057c810483b9cd2d4dad307269cc38772ac61db1b6c79283f9899Infoblox NetMRI versions 7.1.2 through 7.1.4 suffer from administration shell escape and privilege escalation vulnerabilities.
cf2764068642712d57bf637c469af8efd08229679a4265ceb71c2691a388b2a0Ubuntu Security Notice 3425-2 - USN-3425-1 fixed a vulnerability in Apache HTTP Server. This update provides the corresponding update for Ubuntu 12.04 ESM. Hanno Boeck discovered that the Apache HTTP Server incorrectly handled A Limit directives in .htaccess files. In certain configurations, a A remote attacker could possibly use this issue to read arbitrary server A memory, including sensitive information. This issue is known as A Optionsbleed. Various other issues were also addressed.
ec9e7c6f5d337302858cf2a0818db50e9651066e124b29ee53ae385d7ba5388cUbuntu Security Notice 3388-2 - USN-3388-1 fixed several vulnerabilities in Subversion. This update provides the corresponding update for Ubuntu 12.04 ESM. Ivan Zhakov discovered that Subversion did not properly handle some requests. A remote attacker could use this to cause a denial of service. Various other issues were also addressed.
a687e5391fa1b5969d8465cd6fe1b7abad9ba098f227067976e565ef0aebea20PHP Melody version 2.6.1 suffers from a remote SQL injection vulnerability.
a425a7ab3c7c14869cba15e86f433029050c51e41a96a88f5760ede827b8c0fcFS OLX Clone suffers from a remote SQL injection vulnerability.
c3d39648da58b9f3b01ba0d06e2355dd85b266a83c1d0bfb9f62bdc999bd190eFS Ebay Clone suffers from a remote SQL injection vulnerability.
13f64510b602c003c2efd5f84284981e2ca77d1f200b5998b39ec5fc62bcfe76Debian Linux Security Advisory 4006-1 - Multiple vulnerabilities have been found in MuPDF, a PDF file viewer, which may result in denial of service or the execution of arbitrary code.
b434341ba675edfdd0294230b93749bfaba7130b722225d87a404cf8baf4122bUbuntu Security Notice 3411-2 - USN-3411-1 fixed a vulnerability in Bazaar. This update provides the corresponding update for Ubuntu 12.04 ESM. A Adam Collard discovered that Bazaar did not properly handle host names A in 'bzr+ssh://' URLs. A remote attacker could use this to construct A a bazaar repository URL that when accessed could run arbitrary code A with the privileges of the user. Various other issues were also addressed.
d2232a8ccd4ab791bae18f23bd07111564d267f8de4f31375381fb47c7d63efdAyukov NFTP FTP Client versions prior to 2.0 suffer from a buffer overflow vulnerability.
a632bf99ff3bbdbfc9a053514ff1f6b5add7c5b91645feb0f209c26eb01b180bFS Book Store Script suffers from a remote SQL injection vulnerability.
e1f920458be0c16c31deadeef0cd520feaa4107d70158442f95cef757b35e9aaFS Amazon Clone suffers from a remote SQL injection vulnerability.
fdd74476c24b10ca62c62f6f629c0de1ff948963a052e7e6bc6bc54fc06b0196CometChat versions prior to 6.2.0 BETA 1 suffers from a local file inclusion vulnerability.
8ed60d89b947c01969d393d54572218af37662f5dcc5cc16852f537dc5f12c91FS Food Delivery Script suffers from a remote SQL injection vulnerability.
af21bab8b5dcd0eec7746fc3a17a79d9bdadde5fe704e4941e5aa8111dff1e43This Metasploit module exploits an unauthenticated OS command execution vulnerability in the setup.cgi file in Netgear DGN1000 firmware versions up to 1.1.00.48, and DGN2000v1 models.
86c53ad96211bee0a0215a95caed6678b01af806833286d61151eee772e71fa9osTicket version 1.10.1 suffers from a remote shell upload vulnerability.
ce15e751def8d93cd66218093fd5ea3fa6f5420a74a1b91f773ab1c8e8466195Easy MPEG/AVI/DIVX/WMV/RM to DVD buffer overflow proof of concept exploit.
d9e741a1d1215c8034fa2eb5337e705f28fb836d52ac8dd87c767cfcf035852dArGoSoft Mini Mail Server version 1.0.0.2 suffers from a denial of service vulnerability.
55774b4428664ba2332d7f5e4492418894bc5407fa5631fdbce8d3bd59a10650Linux Kernel version 4.14.0-rc4+ waitid() privilege escalation exploit.
ad2f7368a6b794e683035e93e709ee032d99808bca8403ed47ec0e796c474f2d
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed