Dolibarr version 11.0.3 suffers from a cross site scripting vulnerability.
211ed7fe05f4f8e207f45b266bb828638c6e20b43074aa9139888a3ab65eeba3
Ubuntu Security Notice 4363-1 - It was discovered that the Serial CAN interface driver in the Linux kernel did not properly initialize data. A local attacker could use this to expose sensitive information. It was discovered that the linux kernel did not properly validate certain mount options to the tmpfs virtual memory file system. A local attacker with the ability to specify mount options could use this to cause a denial of service. Various other issues were also addressed.
fc9d288e93a1b9486a209f1f2b9d7e23d7cc984cfe2772b67824c80a4ad02276
Ubuntu Security Notice 4362-1 - It was discovered that DPDK incorrectly handled certain inputs. An attacker could possibly use this issue to cause a crash or execute arbitrary code.
09f5f22b07c0aa365f9be4d721c91836b6df6c53217af2a8dcdd8fcef858dfbc
Red Hat Security Advisory 2020-2136-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. Issues addressed include an information leakage vulnerability.
1a200351fb09193d57c3aca6de49406a75a2f3a4a596d292ea2aff3fb5bb0e72
This Metasploit module exploits a command execution in Pi-Hole versions 4.4 and below. A new blocklist is added, and then an update is forced (gravity) to pull in the blocklist content. PHP content is then written to a file within the webroot. Phase 1 writes a sudo pihole command to launch teleporter, effectively running a privilege escalation. Phase 2 writes our payload to teleporter.php, overwriting the content. Lastly, the phase 1 PHP file is called in the web root, which launches our payload in teleporter.php with root privileges.
e9e23eb75325d3d113b4298300162d67296d9023cbe19ae5f2709a0a7cace534
Oracle Hospitality RES 3700 versions 5.7 and below suffer from a remote code execution vulnerability.
c70d722f24def5a0fc44bda1a9629e159191429aba952c8c7803c20b5f9ec1cf
nfstream is a Python package providing fast, flexible, and expressive data structures designed to make working with online or offline network data both easy and intuitive. It aims to be the fundamental high-level building block for doing practical, real world network data analysis in Python. Additionally, it has the broader goal of becoming a common network data processing framework for researchers providing data reproducibility across experiments.
7be034e76d8a422dea27e1ecc1000b72af080fcf3fcc5de6c9aab330a90bf6c3
WordPress Ajax Load More plugin version 5.3.1 suffers from an authenticated remote SQL injection vulnerability.
b62e7993468155caf7c4a5bbff3af2c01d219ed45e79f6503ee63f9ca00ec5ac
Ubuntu Security Notice 4361-1 - Philippe Antoine discovered that Dovecot incorrectly handled certain data. An attacker could possibly use this issue to cause a denial of service. Philippe Antoine discovered that Dovecot incorrectly handled certain data. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code.
6ee8911fff03fb389c0482431869fdad5c89631e6f7a743f0768e361e278a6ba
Red Hat Security Advisory 2020-2067-01 - This release of Red Hat build of Thorntail 2.5.1 includes security updates, bug fixes, and enhancements. For more information, see the release notes page listed in the References section. Issues addressed include HTTP request smuggling, bypass, cross site request forgery, cross site scripting, denial of service, and out of bounds read vulnerabilities.
4f6b06242c907c4bb9882a9c0dd20ae51f06eb541c38e1084bc175618d6a5cbd
Online Chatting System version 1.0 suffers from a remote SQL injection vulnerability.
e94ba733c52fbbd0260a3742c9ed771a6cd4eb1c5b6eefd60063b90741bce97b
Online Healthcare Management System version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.
4ff382533d058e32a385b20a6ec9d961ea7f3a46e3d0e7ebd03527c3ac4383df
Online Healthcare Patient Record Management System version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.
0639d828a1081e369c71ca99163da888fc17e3c66874a56c8ed1b6b3f6ff0932
Online Examination System version 1.0 suffers from a remote SQL injection vulnerability.
8bfa1449ad7720e662664a0eb75b1b1de05a6f90a53e726d9b5591b8e5d95706
Forma.LMS The E-Learning Suite version 2.3.0.2 suffers from a persistent cross site scripting vulnerability.
549011bb42362fa97ce2863dbfb5fe945fdbe7c2b64f14dc43d70b41c4a50055