NewMark CMS version 2.1 suffers from a remote SQL injection vulnerability.
a5b67070527e71e465576be26504e0d9507657ba7e3b0708cf062bffc4464459LFCMS version 3.7.0 suffers from an add user cross site request forgery vulnerability.
019a98515e52316e1ebaf9556bf4b8652ba3786998863ba5cdf80457643c1520Orchid Core VMS is vulnerable to a directory traversal attack. This affects Linux and Windows operating systems. This allows a remote, unauthenticated attacker to send crafted GET requests to the application, which results in the ability to read arbitrary files outside of the applications web directory. This issue is further compounded as the Linux version of Orchid Core VMS application is running in context of a user in the sudoers group. As such, any file on the underlying system, for which the location is known, can be read. This Metasploit module was tested against 2.0.5. This has been fixed in 2.0.6.
88fb47c426ab72726184cd69a9d07190839101e253c7eeff53954ee9a10a4136Apache CouchDB versions prior to 2.1.0 remote code execution proof of concept exploit.
ab8707eb0c1362d2ee6b04feda50214c30fb3a36f58e891f9b7dd244982cac5fTP-Link TL-WA850RE suffers from a remote command execution vulnerability.
ccb2009f0451acde9490c9456c9222a9add7de7982cb06e53258577c0be8f60dDell EMC RecoverPoint versions prior to 5.1.2 suffer from a local root command execution vulnerability.
dba01fd50ccc998756cc8244a767c12352f600e2ebd9dbbb32b2a494b95eb2dfLFCMS version 3.7.0 suffers from an add administrator cross site request forgery vulnerability.
4eef414314be16a2167f9c6cdf9b031cbe15fd327d47acab666e4f2d5eb0c19dMirasys DVMS Workstation versions 5.12.6 and below suffer from a path traversal vulnerability.
276399a7dae0018cdefcd90802c9ecfcd7094d1a8afa4eed20c96841f110911bDell EMC RecoverPoint versions prior to 5.1.2 suffer from a remote root command execution vulnerability.
b3959182a01a1aa9519f51835810ba1223553cdd3266080ea2086fb66b9d35d5FreeBSD Security Advisory - A subset of Intel processors can allow a local thread to infer data from another thread through a speculative execution side channel when Lazy FPU state restore is used. Any local thread can potentially read FPU state information from other threads running on the host. This could include cryptographic keys when the AES-NI CPU feature is present.
bbc335e62d9fb843edc9e54c223a5d3d9662b7778c54fc3d4e4e9662fe4d3afaOpencart versions 3.0.2.0 and below suffer from a google_sitemap remote denial of service vulnerability.
4bcb11866439437a152baef9778aa9a5bf734c12c458b1c3546efdca87b8e168ntp version 4.2.8p11 local buffer overflow proof of concept exploit.
58d5c2c09ae2ac283406b95eb42578ca0e011963836a1df819f9e248cdc7984bVideoInsight WebClient version 5 suffers from a remote SQL injection vulnerability.
9907f69768133f69c06803d85d78103cab370c48d29f7950a6b06091abb211c9Redis version 5.0 suffers from a denial of service vulnerability.
b9083d6a3754d8b70668b2647c1527f54eb1ff6f6c59aab67e247696efd33b11MaDDash version 2.0.2 suffers from a directory listing disclosure vulnerability.
86348794655ae19dc86ddba6ebfe73f8999ff9be39d3b7532ad22ccd8050fa97
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed