Debian Linux Security Advisory 4021-1 - It was discovered that missing input validation in the Open Ticket Request System could result in privilege escalation by an agent with write permissions for statistics.
46174041eee2ab2c43cd5885c840d69d62fef65fc810d9e85c8870196855c110Red Hat Security Advisory 2017-3151-01 - Chromium is an open-source web browser, powered by WebKit. This update upgrades Chromium to version 62.0.3202.89. Security Fix: Multiple flaws were found in the processing of malformed web content. A web page containing malicious content could cause Chromium to crash, execute arbitrary code, or disclose sensitive information when visited by the victim.
01a5863bdb2e1c83676085b05c2e32e883f7c18af516054412fc293fef77f422Red Hat Security Advisory 2017-3141-01 - The RHV-M Virtual Appliance automates the process of installing and configuring the Red Hat Virtualization Manager. The appliance is available to download as an OVA file from the Customer Portal. The following packages have been upgraded to a later upstream version: rhvm-appliance. Security Fix: A deserialization flaw was discovered in the jackson-databind which could allow an unauthenticated user to perform code execution by sending the maliciously crafted input to the readValue method of the ObjectMapper.
34b7a30b3589da9e4a51385d7d803316680ee92e4b1e7452e88463f111d44d8cWordPress Duplicator Migration plugin version 1.2.28 suffers from a cross site scripting vulnerability.
9407fb8b897caafc5e1b8e9977cf4d7b4309b166ac940c38c84ee0fac03fa419Hashcat is an advanced GPU hash cracking utility that includes the World's fastest md5crypt, phpass, mscash2 and WPA / WPA2 cracker. It also has the first and only GPGPU-based rule engine, focuses on highly iterated modern hashes, single dictionary-based attacks, and more. This is the source code release.
7fa24447eb9798f6926093a6d52ce77b34d8883866b23cf473d4dfbb22974eddHashcat is an advanced GPU hash cracking utility that includes the World's fastest md5crypt, phpass, mscash2 and WPA / WPA2 cracker. It also has the first and only GPGPU-based rule engine, focuses on highly iterated modern hashes, single dictionary-based attacks, and more. This is the binary release.
48246eeaf682060c34a42e7e8fbfbd2e9315d0442eda35bf0aa8f81796184facThis is a proof of concept exploit for the waitid bug introduced in version 4.13 of the Linux kernel. It can be used to break out of sandboxes such as that in Google Chrome.
854cb1ce85981606e24a931ab89249e09b5fa308d5a78568be232d6518a25db0The Actiontec C1000A modem has a hard-coded backdoor admin account.
7aa04dfc9b9663ddbe61642784f332a3eb456374919d4f245ff02f79ec4020b1Debian Linux Security Advisory 4020-1 - Several vulnerabilities have been discovered in the chromium web browser.
51d8534707215b9fcfcea8f5f7f99697967bc9bc5dc70ff0de5b08501d62f900pfSense versions 2.3.1_1 and below suffers from a post authentication command execution vulnerability.
38bd905e4f39ebc728fa322253ee554cfc343e8e8ca0434b0a367fb01c15667aLogitech Media Server version 7.9.0 suffers from multiple cross site scripting vulnerabilities.
b1bfdb8ccec705460c6f34a4c22e3f5d8cbb7d14f586b50b59fe43c388abf285mkvalidator version 0.5.1 suffers from multiple denial of service vulnerabilities leveraging libebml2 and mkclean.
0bdf141bdfb7de47a639d251451705eb395327dbf7663d76b912272f735689ecThis is the sixteenth issue of POC || GTFO.
10f0cb977f03824737a413079ded14b237b7ee155a5397e804586ab7151ed0a3WordPress Userpro plugin versions 4.9.17 and below suffer from an authentication bypass vulnerability.
1e3fc1792990d89b365e5eb74600cf679a077e06015dad3fee9f573618e25bccThe Debut embedded http server contains a remotely exploitable denial of service where a single malformed HTTP POST request can cause the server to hang until eventually replying with an HTTP 500 error. While the server is hung, print jobs over the network are blocked and the web interface is inaccessible. An attacker can continuously send this malformed request to keep the device inaccessible to legitimate traffic. Version 1.20 is affected.
33b51d9203941cb12d9921c3219f8a481b8821ca9ff20c985b0a30b00156a38f
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed