Cimetrics BACnet Explorer version 4.0 suffers from an XML eXternal Entity vulnerability that allows for remote retrieval of arbitrary data.
962fcf4d2d09d489a6b0fd6348325345b0488968c962771c7131620480140449Cimetrics BACstac Routing Service version 6.2f suffers from a local privilege escalation vulnerability.
c1f44a76146170d4377f77099ef6a598df8c3f4d4c9cb90eef79becd71bc619eSonicDICOM PACS version 2.3.2 suffers from a remote privilege escalation vulnerability.
4302e20325a2f33c61cb09eac663e435bdf9c4c973a7adbd078cf3a3338f79f6SonicDICOM PACS version 2.3.2 suffers from a cross site request forgery vulnerability.
2e845cfa3b8d40a303690608abe56467bd6425b915b57e06dd0b672d82913620Red Hat Security Advisory 2017-0269-01 - The java-1.7.0-openjdk packages provide the OpenJDK 7 Java Runtime Environment and the OpenJDK 7 Java Software Development Kit. Security Fix: It was discovered that the RMI registry and DCG implementations in the RMI component of OpenJDK performed deserialization of untrusted inputs. A remote attacker could possibly use this flaw to execute arbitrary code with the privileges of RMI registry or a Java RMI application. This issue was addressed by introducing whitelists of classes that can be deserialized by RMI registry or DCG. These whitelists can be customized using the newly introduced sun.rmi.registry.registryFilter and sun.rmi.transport.dgcFilter security properties.
a21fd41c808b6aa885c14600c8570e57296cb524081c9778b48c723d181b5111HPE Security Bulletin HPESBGN03698 1 - Multiple security vulnerabilities in OpenSSL have been addressed in HPE DDMi. Revision 1 of this advisory.
72e0bf35dd974663c4f5f225e2511c6d4094f26138404130089e9ab9c6be4685HP Security Bulletin HPSBMU03692 1 - Multiple potential security vulnerabilities have been identified in HPE Matrix Operating Environment (MOE) on Windows. The vulnerabilities could be exploited remotely resulting in the Bypass of Security Restrictions, cross-site request forgery (CSRF), cross-site scripting (XSS), Denial of Service (DoS), Disclosure of Information, and Execution of Arbitrary Code. Revision 1 of this advisory.
d734e68989cbfbc4be512dafe6404e46d2e78c0f4363cea681f59bf053260a4dSlackware Security Advisory - New tcpdump packages are available for Slackware 13.37, 14.0, 14.1, 14.2, and -current to fix security issues. NOTE: These updates also require the updated libpcap package.
9454d9680fcc638d5ac0de8c9586334e96801a03b7486c3e6272564e49872202Slackware Security Advisory - New php packages are available for Slackware 14.0, 14.1, 14.2, and -current to fix security issues.
5054ac2d26cabfc26e61bb9b5a91e4b509c19fce4f38e23de656fbf80a92804eSlackware Security Advisory - New openssl packages are available for Slackware 14.2 and -current to fix security issues.
4b83eb4778dd1ad58130c6ca504a220795ceb3f5f3ead2b30a42ef3dbbb5de0bHPE Security Bulletin HPESBHF03704 1 - A potential security vulnerability has been identified in HPE OfficeConnect Network Switches. The vulnerability could be exploited locally to allow unauthorized data modification. Revision 1 of this advisory.
f8e12846d40a09cb55d0c3fb72ebce2ace67ce6ec656b2d1b21f60e52caec56bHPE Security Bulletin HPESBNS03702 1 - Several potential security vulnerabilities have been discovered in the Bash Shell in NonStop OSS Core Utilities. The vulnerabilities allow local users to execute arbitrary commands with root privileges. Revision 1 of this advisory.
b394c6436beea9a6bf8342eba0148f8bddd15f76db1bb124829cbda5a60ef3e9Debian Linux Security Advisory 3784-1 - Thomas Gerbet discovered that viewvc, a web interface for CVS and Subversion repositories, did not properly sanitize user input. This problem resulted in a potential Cross-Site Scripting vulnerability.
afa0fb01f3ee6704ce34146a07c85e283846d5b8bcfef8645353b5331a6f50eaNTFS-3G has an issue where modprobe is executed with an unsanitized environment.
6f1e8b33b5d299f4e998b0aa0ffe475804ed17c6ba5a9fe46e1d9b0b621f0451MailEnable suffers from multiple local privilege escalation vulnerabilities.
c330ff50e800569f44e064c515e834028711f71625438853b7b06bb3c44f4c3dWordPress Dance Studio theme version 1.0.0 suffers from a remote shell upload vulnerability.
2f46776554086b543fbd73ac451d9cdf496f19b9359dfbbe07e2d805b8638329
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed