OkayCMS versions 2.3.4 and below suffer from remote code execution vulnerability.
7f93ec5906c470aa01e72bae7fcea75339c5142109a918a45290242c07b24afcSiteVision suffers from an issue where attackers may execute arbitrary code as root on the target server after gaining access to a low-privilege account. All versions of SiteVision 4 until 4.5.6 and all versions of SiteVision 5 until 5.1.1 are vulnerable.
b5bbe1bd8245fd305780b9bf75996dd79069add6b41c6d6f5c03ed10cc540eefSiteVision suffers from an issue where attacker may inject non-authorized module when editing pages using a lower privileged account, which can lead to cross site scripting and remote code execution. All versions of SiteVision 4 until 4.5.6 and all versions of SiteVision 5 until 5.1.1 are vulnerable.
569aa7a3951f87f5f260db3ea1c088e5b8a42c0b4a4fa0174b6ff9408c9cc459Yachtcontrol versions dated 2019-10-06 suffer from an unauthenticated remote code execution vulnerability.
b2252962f4ffefcd60f7bc45599cdb4a32a747d57fdae0a5dda1b6d23e8a297eA malicious application can take advantage of a vulnerability in Symantec Endpoint Protection to leak privileged information and/or execute code with higher privileges, thus taking full control over the affected host. Symantec Endpoint Protection versions 14.x below 14.2 (RU1) and 12.x below 12.1 (RU6 MP10) are affected. Symantec Endpoint Protection Small Business Edition versions 12.x below 12.1 (RU6 MP10c) are affected.
ba684560b58492719e146b7962feca0b68d0d97a728a6b906962fa4a1fc92df6Trend Micro Deep Security Agent 11 suffers from an arbitrary file overwrite vulnerability.
893eaef24a4ca96041577727c07da9c8823de03e147d276420609d0067521440Integard Pro NoJs version 2.2.0.9026 suffers from a remote buffer overflow vulnerability.
13dbd1694c4d8d709cb36cc53231fcc70df54d4f9e93f4f59bd236d4407b3b9aVerot version 2.0.3 suffers from a remote code execution vulnerability.
31f187a0b61163ac4c4f1ff0c102553a6f66ef18ec631c0a805751561ea16036OpenSSL Security Advisory 20191206 - There is an overflow bug in the x64_64 Montgomery squaring procedure used in exponentiation with 512-bit moduli. No EC algorithms are affected. Analysis suggests that attacks against 2-prime RSA1024, 3-prime RSA1536, and DSA1024 as a result of this defect would be very difficult to perform and are not believed likely. Attacks against DH512 are considered just feasible. However, for an attack the target would have to re-use the DH512 private key, which is not recommended anyway. Also applications directly using the low level API BN_mod_exp may be affected if they use BN_FLG_CONSTTIME.
161cc8530c92bc02fac2a71dc79ca3638bbfaa2a59eb49517b1f72fbf38ae5e3Microsoft Skype for Business latest versions affected from external service interaction (DNS) vulnerability. A remote attacker could force the vulnerable server to send DNS request to any remote server attacker wants.
31dcf21797598a1609a11a0a94cb747057677e0445801e5894f06e082761eb09Omron PLC version 1.0.0 suffers from a denial of service vulnerability.
05a2d235fb68de1feaf216b406c28cd5ac31ad54c81705ee3096e44aec74bed4
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed