IceWarp Mail Server versions prior to 11.1.1 suffer from a directory traversal vulnerability.
5911d51dee37f8df32f9b659025bd3a0f60768e3a9c4462df3001541903d19d9WordPress WF Cookie Consent plugin version 1.1.3 suffers from a cross site scripting vulnerability.
ef66d0fe07a12e0ac012509c9187ea4a01937a7f4a73fdbd6f3f0d3017c74b47Red Hat Security Advisory 2018-1323-01 - Red Hat Single Sign-On 7.2 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications. This release of Red Hat Single Sign-On 7.2.2 serves as a replacement for Red Hat Single Sign-On 7.2.1, and includes several bug fixes and enhancements. For further information, refer to the Release Notes linked to in the References section. Issues addressed include a code execution vulnerability.
3abecc8e646ad3ee39089a87f83615fc351ad8ede93009e382a7e7358bdf6749RSA Authentication Manager versions prior to 8.3 P1 suffer from XML external entity injection and host header injection vulnerabilities.
54af7045cb6ecd5f3d0f3331ec31935e82e31bafa913bb41069a18c69ae3fe80CSP MySQL User Manager version 2.3.1 suffers from a remote SQL injection vulnerability that allows for authentication bypass.
12bdbcee2a4866bdd5b4383fd5062380dc30f6f5e1993028604ee8d80cdefe53Slackware Security Advisory - New seamonkey packages are available for Slackware 14.2 and -current to fix security issues.
9ac8f2e05154bfbe5a8936b4367457ac0a2e4ef121aea18ac9d4510103477d6bD-Link DIR-601 A1 1.02NA devices do not require the old password for a password change, which occurs in cleartext.
c2f677dc653a79692726bbccff8050f283ad34e84c33c202f140624c41984b88This Metasploit module exploits an uninitialized stack variable in the WMI subsystem of ntoskrnl. This Metasploit module has been tested on vulnerable builds of Windows 7 SP0 x64 and Windows 7 SP1 x64.
21e9d7b3e380f6d3538fe9a780b502fd48f46f47c33e65a13d1012158b0d5136TP-Link EAP suffers from hard-coded credential, cross site request forgery, cross site scripting, and other vulnerabilities.
c5187235d9542ea658539bfb88cc9cb5ce9f82fc8cafd49e9eb8cb63664932dbDell EMC Unity Operating Environment (OE) versions prior to 4.3.0.1522077968 are affected by multiple OS command injection vulnerabilities. A remote application admin user could potentially exploit the vulnerabilities to execute arbitrary OS commands as system root on the system where Dell EMC Unity is installed.
7fab6a2de70667057b3c38a3370a081105809c6c850820b3173c5e54c53be6daRed Hat Security Advisory 2018-1322-01 - Red Hat JBoss Fuse, based on Apache ServiceMix, provides a small-footprint, flexible, open source enterprise service bus and integration platform. Red Hat JBoss A-MQ, based on Apache ActiveMQ, is a standards compliant messaging system that is tailored for use in mission critical applications. This patch is an update to Red Hat JBoss Fuse 6.3 and Red Hat JBoss A-MQ 6.3. It includes bug fixes and enhancements, which are documented in the readme.txt file included with the patch files. Issues addressed include a denial of service vulnerability.
37fa1db478b76c81add822f8159bbcd782bf5a67fd414e5147f7dd37e4d16dfdOracle Access Manager versions 11.1.2.3.0 and 12.2.1.3.0 suffer from an authentication bypass vulnerability.
3ff8e4e5227e1b994da2325be7ed9d86085196020a85edbd2fa518450b3a1236Whitepaper called Windows Kernel Exploitation Tutorial Part 8: Use After Free.
f2598e4b4d62f5cf90e32aca7b671330db49e562ff55234992d445256a3d1490Red Hat Security Advisory 2018-1321-01 - Chromium is an open-source web browser, powered by WebKit. This update upgrades Chromium to version 66.0.3359.139. Issues addressed include a use-after-free vulnerability.
783305928a9849373bbb2d70211335a275b5db6d1c0e2a0b658eecf89e8943aaRed Hat Security Advisory 2018-1320-01 - Red Hat Openshift Application Runtimes provides an application platform that reduces the complexity of developing and operating applications for OpenShift as a containerized platform. This release of RHOAR Spring Boot 1.5.12 serves as a replacement for RHOAR Spring Boot 1.5.10, and includes bug fixes and enhancements. For further information, refer to the Release Notes linked to in the References section. Issues addressed include a traversal vulnerability.
dda23c55eb322f14c521610d328717d78eddc9f5c5d9cbcd1faa007d32bb490fAdobe Reader PDF suffers from a client-side request injection vulnerability.
44b8a5051b8634c8d11d453cb169b97d6279be2c16d54e704bc8f109dc767a76Debian Linux Security Advisory 4191-1 - Multiple vulnerabilities were discovered in Redmine, a project management web application. They could lead to remote code execution, information disclosure or cross-site scripting attacks.
84a1275dbc13e5b89f98dc4bbfc5e21828f0e443a4574e1d9a44448af407e448Debian Linux Security Advisory 4190-1 - It was discovered that jackson-databind, a Java library used to parse JSON and other data formats, improperly validated user input prior to deserializing because of an incomplete fix for CVE-2017-7525.
1090563f3dea361b89c7b318f5116822254650fbc24a52bdbe7a40672715bf18Red Hat Security Advisory 2018-1296-01 - PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. The following packages have been upgraded to a later upstream version: rh-php70-php. Issues addressed include buffer overflow, cross site scripting, denial of service, heap overflow, remote file inclusion, and use-after-free vulnerabilities.
7d3b1f62dd47f6ccce2cd1aa1495159b5a0ec53d7009c7657d7a8518e489c754Call Of Duty Modern Warfare 2 buffer overflow proof of concept exploit.
bfef1377d9de792500db782d09fc4c9cd6f5a22b26697966467e741c1944dbdfRed Hat Security Advisory 2018-1304-01 - Go Toolset provides the Go programming language tools and libraries. Go is alternatively known as golang. The following packages have been upgraded to a later upstream version: go-toolset-7-golang. Go Toolset is provided as a Technology Preview. Issues addressed include a code execution vulnerability.
2f8817cd02824ff2316547bf62600055b975cf40fbb83882901aaf31bb3fabedDebian Linux Security Advisory 4189-1 - Two vulnerabilities were found in the Quassel IRC client, which could result in the execution of arbitrary code or denial of service.
05f4d30c6e557b9a10e26e9b2e120f736ff6442d8ee27bf46bbe9af1641f6be5TBK DVR4104 and DVR4216 suffer from a credential disclosure vulnerability.
332240b12a3af3cba5b8e90a990438e0ddb78ba79a43d0fe883dddca9109c2b3Norton Core Secure WiFi Router BLE command injection proof of concept exploit.
44a51a397edef339a1e78f1a786367cd6fd6807c6c08f40a9ae86cbe09383622Chrome V8 suffers from an integer overflow vulnerability in object allocation size.
ff8f6ea3f286a12d25b238442f6fc1ab337a443b0622cd2b2f518a85f646b577
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed