HPE Security Bulletin HPESBHF03716 1 - A potential security vulnerability has been identified in IMC PLAT. The vulnerability could be remotely exploited to bypass authentication. Revision 1 of this advisory.
be2937ab892b775936764652d288a4e4ffad829430d3a74d8057b4f7accba69eApache Struts 2 versions 2.3.x before 2.3.32 and 2.5.x before 2.5.10.1 remote code execution exploit that provides a reverse shell.
4249528b5e1ce3828e6c7e9ef9bd8ccc0bce85f9d2c31917b250f9169e585612e107 versions 2.1.4 and below keyword remote blind SQL injection exploit.
214559933faeecb5ba4596529712f3f7d1c4bd7f12b672f78b843f83b25c2c90Debian Linux Security Advisory 3805-1 - Multiple security issues have been found in the Mozilla Firefox web implementation errors may lead to the execution of arbitrary code, ASLR bypass, information disclosure or denial of service.
1665d697b0ebfdd67478c42d0618266c969b3cdd0d6dbb3244e9bfdec29385bcdnaLIMS DNA sequencing application suffers from an improperly protected web shell, a directory traversal, insecure password storage, session hijacking, cross site scripting, and improperly protected content vulnerabilities.
2c765d1002998d2516a62972d8bae6e5afe2348f1e7d3cf6ef351c942e91a44chardwear is seeking innovative research on hardware security. If you have done interesting research on attacks or mitigation on any Hardware and want to showcase it to the security community, just submit your research paper. It will take place September 21st through the 22nd, 2017 in The Hague, Netherlands.
a823795d4d401ae65c510553a7c2326dd1c5a8795234f5f4352c8ccfacad94dcSICUNET Access Controller version 0.32-05z suffers from code execution, file disclosure, lack of software updates, and poor credential handling vulnerabilities.
6e474fae00aedafec56d961b76d675134bb02b644bccab7d3ef2cd787d38f355FTP Voyager Scheduler version 16.2.0 suffers from cross site request forgery and denial of service vulnerabilities.
c250c29068b52f653617aca259b87be4598e18f76d16ecb57f65037613ae14a6Tiki Wiki CMS version 15.2 suffers from an arbitrary file read vulnerability.
1380e76aab94abf6d09ffb449ca85837242ccc2f189dd3fb0a7f9b8848a528b5F-Secure AV suffers from an issue where remote code execution under SYSTEM can take place due to a man-in-the-middle vulnerability.
c573c0561d7186ee1f6213ffb825479e8678f2c6a81ffc7ed854bfd47db8d5f9Kinsey's Infor-Lawson (formerly ESBUS) suffers from a remote SQL injection vulnerability.
85152340b28b395715e734e2a556531ee9b468cc00ef4193ee190eed3669ba8eDAVOSET is a tool for committing distributed denial of service attacks using execution on other sites.
ff9e928c831867f6e2a747591afa04fa267a03c4d6f6233c0507eab5b8f40b0bUbuntu Security Notice 3225-1 - It was discovered that libarchive incorrectly handled hardlink entries when extracting archives. A remote attacker could possibly use this issue to overwrite arbitrary files. Christian Wressnegger, Alwin Maier, and Fabian Yamaguchi discovered that libarchive incorrectly handled filename lengths when writing ISO9660 archives. A remote attacker could use this issue to cause libarchive to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only applied to Ubuntu 12.04 LTS, Ubuntu 14.04 LTS and Ubuntu 16.04 LTS. Various other issues were also addressed.
2390e963ac7b47dd561295e3663b96519c842fadf463ee74b2d1f962d126476eUbuntu Security Notice 3224-1 - Jann Horn discovered that LXC incorrectly verified permissions when creating virtual network interfaces. A local attacker could possibly use this issue to create virtual network interfaces in network namespaces that they do not own.
ad4cb6b6ac15049736b7e80ea58dab1983351119674b6d635daded290ce085a2WTServer version 17.02 suffers from a dll hijacking vulnerability.
42f354f701a039d4b1f5f143f56c2b0fa06cd43c86ae75c3e5c03fa139903414
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed