CyberPower Systems PowerPanel version 3.1.2 suffers from an unauthenticated XML External Entity (XXE) vulnerability using the DTD parameter entities technique resulting in disclosure and retrieval of arbitrary data on the affected node via out-of-band (OOB) attack. The vulnerability is triggered when input passed to the xmlservice servlet using the ppbe.xml script is not sanitized while parsing the xml inquiry payload returned by the JAXB element translation.
1e199c3b2e15d4027ddc146e6a88a9f1ee1d3945b4ea75888dc58e63c773f41aGentoo Linux Security Advisory 201607-2 - Multiple vulnerabilities have been found in libpcre, the worst of which could lead to arbitrary code execution, or cause a Denial of Service condition. Versions less than 8.38-r1 are affected.
610bc68fe418743a268ef53de8330b101b2d1f80475dba23ecbd24b775cb2ca7Gentoo Linux Security Advisory 201607-1 - Multiple vulnerabilities have been found in Squid, the worst of which could lead to arbitrary code execution, or cause a Denial of Service condition. Versions less than 3.5.19 are affected.
f3ed5792a89c6aee3d29169c951a32dfbcc2492998847681a69bf92922eb71d4Microsoft WinDbg LogViewer suffers from a buffer overflow vulnerability.
1c4009ae60cc99ec2786c5b4bb9836307ec62ca9a24d5bf59d16032df030d64dMicrosoft Process Kill Utility version 6.3.9600.17298 suffers from a buffer overflow vulnerability.
fe8956579c433f72dc5914f352073030cad01f6b25eff7ecf0a383053bb2b274PacketFence is a network access control (NAC) system. It is actively maintained and has been deployed in numerous large-scale institutions. It can be used to effectively secure networks, from small to very large heterogeneous networks. PacketFence provides NAC-oriented features such as registration of new network devices, detection of abnormal network activities including from remote snort sensors, isolation of problematic devices, remediation through a captive portal, and registration-based and scheduled vulnerability scans.
084923af5dd2d7e518803e796d0b76f4b70c18a7d4b92793240557c8d761e136Streamo Online Radio and TV Streaming CMS suffers from a remote SQL injection vulnerability.
90724ca4b66665ae80cfa3cabba9d8ab62dde899fb48dfa6d60b17246dada26675 bytes small Linux/x86 TCP reverse shellcode.
ae3d45ac6d31d06f059e33038eb67ac418e8882fe1d97f735c1a7e96ded2c9b1This archive contains an images that causes heap corruption in Adobe Flash due to LMZA property decoding.
b4637f957856cf2b90fc817391db88b8ba409c89663c13b2d689553ce536952bPHP Real Estate Script version 3 suffers from a file disclosure vulnerability.
c2fcc8a1c5a074f3c3e1f1e44e117f2bf6a52d740b88f91bd1ddfc811510d0a0A session validation approval web vulnerability has been discovered in the official BMW ConnectedDrive online service web application. The vulnerability allows remote attackers to manipulate specific configured parameters to compromise the affected web application service.
a0f2afaa094545be63e2c9cbfccf597fe53b41776d709d682a12ca64dc8c840dPaX contains a mitigation for reference count overflows that is intended to prevent atomic_t variables from reaching 0x80000000 and, more importantly, wrapping around to zero. A documented special case on x86 is that, because "atomically increment unless current value is X" cannot be implemented without a cmpxchg loop, the code instead increments the counter, checks for an overflow and, if an overflow happened, immediately decrements the counter back.
5284df5f6037519b25f0428e06c97946b3a48f19baf9d92d87c82abb4a6a69efJetBrains PyCharm Professional 2016.1.4 suffers from a dll hijacking vulnerability. On 2024/10/11, Packet Storm received a notice filed by Google in conjunction with Redpoints Solutions S.L. on behalf of Jetbrains to file a DMCA violation for security research. Security research is protected from the DMCA and Google and Redpoint Solutions S.L. are illegitimately trying to use this law to suppress vulnerability disclosure. It does not work and guess who will pay our legal fees if they keep it up? Read the DMCA more closely!
4de033441e6b4df81c97cd3b729affb56fee1855258011c7cd76abc5f6de3272The installer for Notepad++ version 6.9.2 suffers from a dll hijacking vulnerability.
4cbb935ddbd423144ae24b1e4c194ad04806a6e7e10525531551118bfa532190The BMW online web application suffers from a cross site scripting vulnerability.
f0946539ccd25a8996bb2d99bc8d90e334fa5dc53b525446f83fd4d95f9b7e42There is a heap overflow in ATF image packing. The file included in this archive demonstrates the vulnerability.
75949283b275ba71dc670b094f371b7c75020394f96a47c29fb5a1af31f4c0a4This JXR file causes a heap overflow when loaded in Adobe Flash.
47641153c895e5582ce7bbe51e07e71ce0f609705b429f68ad1cbb2577d62040360 Total Security 2016 suffers from a dll hijacking vulnerability.
eb621daae5b2ac3a59384ab24af18fcf4f0cc52479b52e2e3511d4c7597af98bThis ATF file causes a heap overflow in ATF processing in Adobe Flash.
bdeb9fd0af03716c83afcdffd2dcedb61fcac2b8c16f2ae666d18b689dc5e387Joomla Topics component version 1.5.12 suffers from a remote SQL injection vulnerability.
aec0ce3cd417af7d8f302767093442d329b5f38d38c058a23b3171d614ab4218AntiRansom is a tool capable of detecting and mitigating attacks of Ransomware using honeypots.
2dd5b79b2eb9ded8d5ce5bac8fb735bba0723aafc74af31dbec7f8cca2951cadWordPress Lazy Content Slider plugin version 3.4 suffers from a cross site request forgery vulnerability.
f501b58126ada04057b2dc274decea57b4809127d8312fc8dd5583a4cb833dc2Hide.Me VPN Client version 1.2.4 suffers from a privilege escalation vulnerability.
57be48e680d74269a402aa4cf588cfe094e17c65e7a82064ae466458a88fac1b
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed