WordPress Apartment Management System extension suffers from a remote SQL injection vulnerability.
002a3736f35165f27d436158d977314b06faa829c566c2756ff55f4fee8ccbd6
Fibaro Home Center 2 suffers from a remote command execution vulnerability.
11548002a8f3c0fd1ddc06f983086682510f784d6894bcba3fc8b83307255164
WordPress Hospital Management System extension suffers from a remote SQL injection vulnerability.
40ead3ade91d7b615cce1d3227bd3c3f2d4c2bc405783359380f4cd69e3108d8
WordPress School Management System extension suffers from a remote SQL injection vulnerability.
e817b43e8ca7655a2629e011082235e6601d28c409eba2796ca264fb95cca9c8
WordPress Gym Management System extension suffers from a remote SQL injection vulnerability.
052d648adb46fd7ba11ffd9d1a782e432d4de85708492539e0ec408c2bf20df1
This Microsoft bulletin summary lists a CVE that has undergone a major revision increment.
e281f889a7a07b745c1b41488515c3f3c2cd6505cb30f5abdb08ebf86166cbf7
Red Hat Security Advisory 2017-2810-01 - Red Hat JBoss Enterprise Application Platform is a platform for Java applications based on the JBoss Application Server. This release of Red Hat JBoss Enterprise Application Platform 7.0.8 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.0.7, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Security Fix: It was found that when using remote logging with log4j socket server the log4j server would deserialize any log event received via TCP or UDP. An attacker could use this flaw to send a specially crafted log event that, during deserialization, would execute arbitrary code in the context of the logger application.
188d12c115cdf70acf53a8c6c015857d0f7f729f6e285cf3d06172bf9b1241d9
Red Hat Security Advisory 2017-2800-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: A flaw was found in the way the Linux kernel loaded ELF executables. Provided that an application was built as Position Independent Executable, the loader could allow part of that application's data segment to map over the memory area reserved for its stack, potentially resulting in memory corruption. An unprivileged local user with access to SUID PIE binary could use this flaw to escalate their privileges on the system.
d8a9d0afd413fd3cff47b4b91f265b4ff434e1f1031486cfd195ab8aa5e4cf4d
Gentoo Linux Security Advisory 201709-26 - A vulnerability in libsoup might allow remote attackers to execute arbitrary code. Versions less than 2.56.1 are affected.
90b31b9d9cea9f8cbe8007c69e4741b088a4bd68896e32121610f754014b02ca
Phrack: Attacking JavaScript Engines: A case study of JavaScriptCore and CVE-2016-4622.
a2a651765bcc685814d2b564c3c669f0395802f26c4a1113472d38c2118c52fd
Red Hat Security Advisory 2017-2799-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: A flaw was found in the way the Linux kernel loaded ELF executables. Provided that an application was built as Position Independent Executable, the loader could allow part of that application's data segment to map over the memory area reserved for its stack, potentially resulting in memory corruption. An unprivileged local user with access to SUID PIE binary could use this flaw to escalate their privileges on the system.
6e410605a90e5ae5dac226f1c1596223ce521c47926efe91a44e62dae507a90f
HPE Security Bulletin HPESBGN03773 1 - A potential security vulnerability has been identified in Application Performance Management (BSM) Platform. The vulnerability could be remotely exploited to allow code execution. Revision 1 of this advisory.
e9c0d18cf651d50a4dee299bf48dc290afb61e9ac7f068fd772a3553a46b4e76
This Metasploit module uses the "evaluate" request type of the NodeJS V8 debugger protocol (version 1) to evaluate arbitrary JS and call out to other system commands. The port (default 5858) is not exposed non-locally in default configurations, but may be exposed either intentionally or via misconfiguration.
adadef46d17f23a8273875e47105d4c982677c671f4c6a529a53ced4c60f4c7a
Adobe Flash suffers from an out-of-bounds read in applyToRange.
5e0bd97867ee024b64d5b21e7b16d1b5b79eb64bc8157ffbfb7124ffb02f80c2
Adobe Flash suffers from an out-of-bounds write vulnerability in MP4 Edge Processing.
6a0ec7b291326f89c01175887700ac01309acd9de42118c3db6c61b84cbe77fc
Adobe Flash suffers from an out-of-bounds memory read vulnerability in MP4 parsing.
f7d793f8cf0aa2a5d67b77d14544b392ce57bd7068e9f531d5568ffdd3041d83
Broadcom suffers from multiple overflow vulnerabilities when handling 802.11r (FT) Reassociation Response.
4e4363e0afff7c0a8c3e6b53d804a1172c36d104c17e2a3b7c6eebe8edf51451
Broadcom suffers from an out-of-bounds write when handling 802.11k Neighbor Report Response.
82fc971e12c2491131ffec544a1ec8c4c1c02697141d693f357d4951ceab15ce
Broadcom suffers from a heap overflow vulnerability when handling 802.11v WNM Sleep Mode Response.
bfafe6c08335222f164c3154a1ec33d8b038b473faa28bc94fc7946a6d0e9bba
CyberLink LabelPrint versions prior to 2.5 SEH unicode buffer overflow exploit.
38a22e671f25d00ad5c85db271ec90594e8f7dfbb16305379d99e2185f8a26cd
JitBit Helpdesk versions 9.0.2 and below suffer from a broken authentication vulnerability.
5a8b981a7137a51ecb068371a6339f09239659eb8f9f9c8e7c532a66e9e3bc4b
Software updates for Solarwinds products are packaged and delivered insecurely, leading to root compromise of Solarwinds devices.
2a9df79c742962870c74939e16e4499331d3b9dcdf53b4c3fe83b8d82173b94e
Oracle 9i XDB version 9.2.0.1 HTTP PASS buffer overflow exploit.
c3cbbb2ab10205e64ab02e00aa07202452c7cff903104fa689d7c7cb11d92a46
Disk Pulse Enterprise version 10.0.12 GET buffer overflow SEH exploit.
2ec52d52a2d7920391601670f498eac12a8d4246552fdb38dcfc0a43511bb00a