Openfire version 3.10.2 suffers from an arbitrary local file upload vulnerability.
9bbc2cebd3d2a5c0af9f8145639a60edfc7679671c36818bea30a904f354de53Openfire version 3.10.2 suffers from a remote file inclusion vulnerability.
42d00b974b618b394bb65bef054e40ef398527d83f5473a5f341a64105097b72Openfire version Openfire 3.10.2 suffers from a privilege escalation vulnerability.
e257b8429ed4723e276b4a9b5f4b3f5dec2c2b2f76d6cb2dfb0db104e297b19dOpenfire version 3.10.2 suffers from multiple persistent and reflective cross site scripting vulnerabilities.
5e15bc6f2c51349cfedc2d25ff91bba4a25bd06fc746b9b8e10eb08cc281cbbcI2P is an anonymizing network, offering a simple layer that identity-sensitive applications can use to securely communicate. All data is wrapped with several layers of encryption, and the network is both distributed and dynamic, with no trusted parties. This is the source code release version.
91ac91f7a3e202d248f5294f4951f6b7d8b9bde32991adf7a813ae1bb9188898GnuTLS is a secure communications library implementing the SSL and TLS protocols and technologies around them. It provides a simple C language application programming interface (API) to access the secure communications protocols, as well as APIs to parse and write X.509, PKCS #12, OpenPGP, and other required structures. It is intended to be portable and efficient with a focus on security and interoperability.
7a87e7f486d1ada10007356917a412cde6c6114dac018e3569e3aa09e9f29395This Metasploit module exploits a vulnerability in Windows Media Center. By supplying an UNC path in the *.mcl file, a remote file will be automatically downloaded, which can result in arbitrary code execution.
36f8f8faabc51c32a42ca6984cb51015bf27ccf94c534e30071de84b20948429Bolt CMS contains a flaw that allows an authenticated remote attacker to execute arbitrary PHP code. This Metasploit module was tested on version 2.2.4.
15b8b9a8f469ba064abea4de1e391d737d516fe28688c908d479e5b28dde98f9HP Security Bulletin HPSBMU03392 2 - Potential security vulnerabilities have been identified with HP ArcSight Logger. These vulnerabilities could be exploited remotely to allow users to bypass certain authorization restrictions. Revision 2 of this advisory.
02ecb7683903bd243b2fe6788080935130ec21a2b15ff6c6fc8b016bc58dd000Debian Linux Security Advisory 3358-1 - Several vulnerabilities were found in PHP, a general-purpose scripting language commonly used for web application development.
096b1086b1a1d3d75329d6e4c2d3f8595e3acba94ffdbe5e8cbeee41cfdc303cDebian Linux Security Advisory 3359-1 - This update fixes an unspecified security issue in VirtualBox related to guests using bridged networking via WiFi. Oracle no longer provides information on specific security vulnerabilities in VirtualBox.
f96adf0a02b3ed9a6d42cccf01b4b757ef437a9005af3f30b469727317eed808Debian Linux Security Advisory 3357-1 - It was discovered that vzctl, a set of control tools for the OpenVZ server virtualization solution, determined the storage layout of containers based on the presence of an XML file inside the container. An attacker with local root privileges in a simfs-based container could gain control over ploop-based containers.
a5736c73d44073dc09fa91a1aec0de6a2d4fddd8f94091fc6774e6a78e013eb5Red Hat Security Advisory 2015-1772-01 - KVM is a full virtualization solution for Linux on AMD64 and Intel 64 systems. The qemu-kvm-rhev package provides the user-space component for running virtual machines using KVM. A heap-based buffer overflow issue was found in the QEMU emulator's VNC display driver. It could occur while refreshing the VNC server's display surface using the vnc_refresh_server_surface() routine. A privileged guest user could use this flaw to corrupt the heap memory and crash the QEMU process instance, or to potentially use it to execute arbitrary code on the host.
d8888c492f070c1a8971b9494b040b6a9998fbdaff29040fb9aa63f5e800db26Debian Linux Security Advisory 3356-1 - Denis Andzakovic discovered that OpenLDAP, a free implementation of the Lightweight Directory Access Protocol, does not properly handle BER data. An unauthenticated remote attacker can use this flaw to cause a denial of service (slapd daemon crash) via a specially crafted packet.
6ea26f64cefbfb2556a3754993d105f8cd15fe3aedccdcdf9a191f239a95031fHP Security Bulletin HPSBHF03408 2 - Potential security vulnerabilities have been identified in certain HP notebook PCs with the HP lt4112 LTE/HSPA+ Gobi 4G Module. The vulnerabilities could be exploited remotely to allow execution of arbitrary code. Revision 2 of this advisory.
ac6860964580e91b1d2845e814210a6cd3cc690f2525412763b1402758a55794
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed