Adiscon LogAnalyzer versions 4.1.6 and below suffer from a cross site scripting vulnerability.
36ef98c76471a644865e446737971955ff178937bc2b4c534e33a7ce2c3cf88aVistaPortal SE version 5.1 build 51029 suffers from multiple cross site scripting vulnerabilities.
f59d7577f26cbbecae2b1018571826aaba20798e7d44c6ce40b3d5c9b1d55316MiniShare version 1.4.1 suffers from multiple buffer overflow vulnerabilities.
cd171d371dfc334daf7a4bd58219e877b05dfef66427e66d56aed9d0bae9df5cTextpad version 8.1.2 suffers from a denial of service vulnerability.
063128f3cdd7bf8b7e4090e126c97e60253d950e7a1a1baf4837ede0ab53eb90sqlmap is an open source command-line automatic SQL injection tool. Its goal is to detect and take advantage of SQL injection vulnerabilities in web applications. Once it detects one or more SQL injections on the target host, the user can choose among a variety of options to perform an extensive back-end database management system fingerprint, retrieve DBMS session user and database, enumerate users, password hashes, privileges, databases, dump entire or user's specified DBMS tables/columns, run his own SQL statement, read or write either text or binary files on the file system, execute arbitrary commands on the operating system, establish an out-of-band stateful connection between the attacker box and the database server via Metasploit payload stager, database stored procedure buffer overflow exploitation or SMB relay attack and more.
c8f4e911fa70b3b70cb22645f2433500026a2af7e254f03e7ea8c64af67c4b84FutureNet NXR-G240 Series remote shellshock command injection exploit.
f78dbb3e60f1c9d3724509318e7a6186453a1ba3aa5bffb1f8e6b9d5aa925d7bDebian Linux Security Advisory 4350-1 - It was discovered that incorrect processing of very high UIDs in Policykit, a framework for managing administrative policies and privileges, could result in authentication bypass.
4c66302ebf9cfd15b8dd32b77d31e4b78565f776f1eb9f3a42dc3930008b7f0cApple Security Advisory 2018-12-06-1 - watchOS 5.1.2 is now available and addresses code execution and denial of service vulnerabilities.
b31b5d84275ab86d5de6eb64f823d4d4f2c737351a2aae11e07b65eb769ee838i-doit CMDB version 1.11.2 suffers from a remote code execution vulnerability.
c327a4a163af025237485ea13548e3cff8dc829b3cc79f956575dedf9d462c09Gentoo Linux Security Advisory 201812-5 - A vulnerability in EDE could result in privilege escalation. Versions less than 1.07 are affected.
b75b278290000e1676de892d54261e3697d2b3d0149574eab25d95baeed21d0bUbuntu Security Notice 3840-1 - Samuel Weiser discovered that OpenSSL incorrectly handled DSA signing. An attacker could possibly use this issue to perform a timing side-channel attack and recover private DSA keys. Samuel Weiser discovered that OpenSSL incorrectly handled ECDSA signing. An attacker could possibly use this issue to perform a timing side-channel attack and recover private ECDSA keys. This issue only affected Ubuntu 18.04 LTS and Ubuntu 18.10. Various other issues were also addressed.
aa103792855188068858eb462036ea647e15c0cef998d6eb2bb4336601fef0fbUbuntu Security Notice 3831-2 - USN-3831-1 fixed vulnerabilities in Ghostscript. Ghostscript 9.26 introduced a regression when used with certain options. This update fixes the problem. It was discovered that Ghostscript contained multiple security issues. If a user or automated system were tricked into processing a specially crafted file, a remote attacker could possibly use these issues to access arbitrary files, execute arbitrary code, or cause a denial of service. Various other issues were also addressed.
4078de7e809b9174b8466f17de73d6fe0ed134771f89affcebc8dde4e800480f
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed