Red Lion N-Tron 702-W and 702M12-W versions 2.0.26 and below suffer from cross site request forgery, hidden shell interface, cross site scripting and busybox vulnerabilities.
e25651886495730ba652afb5121baaf7e7f37336a3e296f81df774de5fa1a7b8GnuPG (the GNU Privacy Guard or GPG) is GNU's tool for secure communication and data storage. It can be used to encrypt data and to create digital signatures. It includes an advanced key management facility and is compliant with the proposed OpenPGP Internet standard as described in RFC2440. As such, it is meant to be compatible with PGP from NAI, Inc. Because it does not use any patented algorithms, it can be used without any restrictions.
10b55e49d78b3e49f1edb58d7541ecbdad92ddaeeb885b6f486ed23d1cd1da5cFaraday is a tool that introduces a new concept called IPE, or Integrated Penetration-Test Environment. It is a multiuser penetration test IDE designed for distribution, indexation and analysis of the generated data during the process of a security audit. The main purpose of Faraday is to re-use the available tools in the community to take advantage of them in a multiuser way.
3ef9e44fac1906a556cf29af0fd8811f4bdcae0f1c06591cdabaaf2648a9a3c2Ubuntu Security Notice 4474-2 - USN-4474-1 fixed vulnerabilities in Firefox. The update introduced various minor regressions. This update fixes the problem. Multiple security issues were discovered in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, trick the user in to installing a malicious extension, spoof the URL bar, leak sensitive information between origins, or execute arbitrary code. It was discovered that NSS incorrectly handled certain signatures. An attacker could possibly use this issue to expose sensitive information. A data race was discovered when importing certificate information in to the trust store. An attacker could potentially exploit this to cause an unspecified impact. Various other issues were also addressed.
584112a39c0d75a49b8d4f20934eaf3084c31ce2908581ce5f37a18faf5e8871Red Hat Security Advisory 2020-3626-01 - Red Hat Data Grid is a distributed, in-memory datastore. This release of Red Hat Data Grid 8.1.0 replaces Red Hat Data Grid 8.0, and includes bug fixes and enhancements, which are documented in the Release Notes, linked to in the References section.
637a3a27735c2ee5f9135aa2dd799bd97e2069af5df9dd68a49e84031a462ca7Red Hat Security Advisory 2020-3623-01 - Squid is a high-performance proxy caching server for web clients, supporting FTP, Gopher, and HTTP data objects. Issues addressed include a HTTP request smuggling vulnerability.
354a925e6a668ec118e434a366b4c1593bf3c280b02cbf02cd6f9d5d1d303110Red Hat Security Advisory 2020-3617-01 - Dovecot is an IMAP server for Linux and other UNIX-like systems, written primarily with security in mind. It also contains a small POP3 server, and supports e-mail in either the maildir or mbox format. The SQL drivers and authentication plug-ins are provided as subpackages. Issues addressed include a resource exhaustion vulnerability.
3e7cf4227b43d701bce0f2c45f34690a4bc28657983ceb7b548761524b3dd143Ubuntu Security Notice 4449-2 - USN-4449-1 fixed several vulnerabilities in Apport. This update provides the corresponding update for Ubuntu 14.04 ESM. Ryota Shiga working with Trend Micro
ffb793bfff3a1b4e66e77c6a248277ad735ccb9ec98a034dab9dd52fc0c58890Noise-Java suffers from an issue located in the ChaChaPolyCipherState.encryptWithAd() method defined in ChaChaPolyCipherState.java, where multiple boundary checks are performed to prevent invalid length or offsets from being specified for the encrypt or copy operation. However, some checks were found to be either incomplete or missing.
f3994b64ff5442dca9b210aa3ea273c585602af6661380803b314457b75427d5Noise-Java suffers from an issue located in the AESGCMFallbackCipherState.encryptWithAd() method defined in AESGCMFallbackCipherState.java, where multiple boundary checks are performed to prevent invalid length or offsets from being specified for the encrypt or copy operation. However, some checks were found to be either incomplete or missing.
4e410b9fd9e7aa4bb4aa52ef1b488bee68cddf57081ac0029713f8e54a1eba53All versions up to and prior to Hyland OnBase Foundation EP1 (tested: 19.8.9.1000) and OnBase 18 (tested: 18.0.0.32) suffer from cross site request forgery vulnerabilities.
b83e315aa3cdcb74476b6676b4b10d4f8fe0564ad863af190cc764e742051d47All versions up to and prior to Hyland OnBase Foundation EP1 (tested: 19.8.9.1000) and OnBase 18 (tested: 18.0.0.32) suffer from an insufficient logging vulnerability due to client-side enforcement.
e2e4ea911a0df0f9d26138b96ced126c65fbab9a191f866f72aaa2ebe7f277f3SiteMagic CMS version 4.4.2 suffers from a remote shell upload vulnerability.
52ab8d8d0f4bc273bb44e5ff8db49c6bda3e718093e522b514d74f09130db8eeNord VPN version 6.31.13.0 suffers from an unquoted service path vulnerability.
c9d19cc32d38b92b47d1cab674bfa4141e7f47c611b8f1c3d5637a6c626cbe98All versions up to and prior to Hyland OnBase Foundation EP1 (tested: 19.8.9.1000) and OnBase 18 (tested: 18.0.0.32) suffer from a multitude of remote SQL injection vulnerabilities.
c0b7adf784ee96968a327fe89aa2b4c947205685d73dfef19a6b729e6c80f341
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed