Appnitro MachForm suffers from remote file upload, remote SQL injection, and path traversal vulnerabilities.
29ad09f6e7112cceddfe216c07e3423ff01d9605ecbdf939deff018b09bb2832The mobi_parse_mobiheader function in read.c in libmobi version 0.3 allows remote attackers to cause an information disclosure (heap-buffer-overflow out-of-bounds read) via a crafted mobi file.
babc700fdfbf7569414cc4b5cc9368b9e9d4a00a0985a70e4dbb9bbe3dcd9824WordPress Events Calendar plugin version 1.0 suffers from a remote SQL injection vulnerability.
806a1b2edbf1e1dfb95044f6dd57692fb5902dbab18b558d5ea9eb4b23cc7703Ubuntu Security Notice 3586-2 - USN-3586-1 fixed a vulnerability in DHCP. This update provides the corresponding update for Ubuntu 12.04 ESM. Felix Wilhelm discovered that the DHCP client incorrectly handled certain malformed responses. A remote attacker could use this issue to cause the DHCP client to crash, resulting in a denial of service, or possibly execute arbitrary code. In the default installation, attackers would be isolated by the dhclient AppArmor profile. Various other issues were also addressed.
87bf0b43aecf798e53a7ec0e8497cf38db7e719785f0c2616c8cddec7692bcc1Joomla Full Social extension version 1.1.0 suffers from a remote SQL injection vulnerability.
ce93df768137fac4a7b861712045a2aa41187528bd67fe5cda4b8f73befa87cbJoomla JoomOCShop component version 1.0 suffers from a cross site request forgery vulnerability.
066af939a7670d681433259ae5b324a01af7318181811d3d4496b384fa8445c0DomainMod version 4.09.03 suffers from multiple cross site scripting vulnerabilities.
abc27fba0510717d1a5f7a087b7da4cdf65dd561e3b0c927fd6ad6c5a9cc2713TP-Link TL-WR840N and TL-WR841N suffer from an authentication bypass vulnerability.
9bc6863b7767effc424671cde611c90b951d22eb5f197625c4189947f30737dfwww.engelvoelkers.com suffers from a cross site scripting vulnerability.
ca63dd8900bc530bb28fd2119fb867c60f4e129331a7b454bbec9119b07f1f5dJoomla jCart for OpenCart component version 2.3.0.2 suffers from a cross site request forgery vulnerability.
114563506afd2b68b276ae85037c5e86677c9c3d1888697553baf7f13e4d2a43Alexei Starovoitov discovered that the Berkeley Packet Filter (BPF) implementation in the Linux kernel contained a branch-pruning logic issue around unreachable code. A local attacker could use this to cause a denial of service. The ext4_iget function in fs/ext4/inode.c in the Linux kernel through 4.15.15 mishandles the case of a root directory with a zero i_links_count, which allows attackers to cause a denial of service (ext4_process_freed_data NULL pointer dereference and OOPS) via a crafted ext4 image. Various other issues were also addressed.
0e3788ff5b92bdb81c16b39e96e620f55d7e00317265a10546173540afa06d71CloudMe Sync versions prior to 1.11.0 SEH buffer overflow exploit with DEP bypass.
f0e35b18cc3b45a2f7245397a9807fa2574cce43e052d6507bbce428f8230e1fwityCMS version 0.6.1 suffers from a cross site scripting vulnerability.
cf35f62293a5c896e129d0813de47e7e5cdcf4189cc5ad8ec259e3deaca5879498 bytes small Linux/x86 TCP/5555 bindshell shellcode.
2695862019edfec544f315d7be17d3f2bf86d2f43cc665a7c5133f3db8244852Dell EMC RecoverPoint versions prior to 5.1.2 and Dell EMC RecoverPoint Virtual Machine (VM) versions prior to 5.1.1.3 suffer from command injection, LDAP password leak, and arbitrary file read vulnerabilities.
a32f56f16886245544fb248cad14e2e09e7d117b2031783004120f837bd910e0ALFTP version 5.31 suffers from a local buffer overflow vulnerability.
dd60385cff880c4348304843c3efe5d0c745d73e9510506c9db9ff1f9fa6ae92Software Advice version 1.0 suffers from a cross site scripting vulnerability.
7bc406a8580de28cdfb85b1124b94292bb3c70c3821030fa776315ab32a88bfbJDA Connect suffers from cross site request forgery, JMX interface exposure, and command execution vulnerabilities.
9208639b230a277236982d9d21e65b17c68509bc2d0a40672ac22f324f504dfbAccellion Kiteworks versions prior to 2017.01.00 suffer from an authentication bypass vulnerability.
d347dee5b223a51f0bdd3cd6f19b767f912e1d12f4d86c8a16314862e8c9b919JDA Warehouse Management System suffers from buffer overflow, code execution, cross site request forgery, XML external entity injection, file disclosure, remote SQL injection, and various other vulnerabilities.
80c3d8cda05b3dd2c84304a7b43325ab0b1c8a0d9a228f7465df525ab144814c
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed