Tor is a network of virtual tunnels that allows people and groups to improve their privacy and security on the Internet. It also enables software developers to create new communication tools with built-in privacy features. It provides the foundation for a range of applications that allow organizations and individuals to share information over public networks without compromising their privacy. Individuals can use it to keep remote Websites from tracking them and their family members. They can also use it to connect to resources such as news sites or instant messaging services that are blocked by their local Internet service providers (ISPs).
99bc59f6dbf395894de12f3a83b3251a82dfd93dc7f6d3afcbbd80f6111433b7This Metasploit module exploits a remote command injection vulnerability in D-Link DSL-2750B devices. Vulnerability can be exploited through "cli" parameter that is directly used to invoke "ayecli" binary. Vulnerable firmwares are from 1.01 up to 1.03.
7cf7e6a9370862148d53fd85566a178ffcef9370005515e69583c6302f892ef1Ubuntu Security Notice 3598-2 - USN-3598-1 fixed a vulnerability in curl. This update provides the corresponding update for Ubuntu 12.04 ESM. Phan Thanh discovered that curl incorrectly handled certain FTP paths. An attacker could use this to cause a denial of service or possibly execute arbitrary code. Various other issues were also addressed.
c5d6344504a7945abbf4776b4bf8a96624a9b4f396644b64ae184261943023f6Ubuntu Security Notice 3659-1 - Frediano Ziglio discovered that Spice incorrectly handled certain client messages. An attacker could possibly use this to cause Spice to crash, resulting in a denial of service, or possibly execute arbitrary code.
d52663890c0d8cb6a4bdb3c8644adaab7e7444d362b40550e58a32bfee78867aRed Hat Security Advisory 2018-1713-01 - The UnboundID LDAP SDK for Java is a free Java library for communicating with LDAP directory servers and performing related tasks like reading and writing LDIF, encoding and decoding data using base64 and ASN.1 BER, and performing secure communications. The following packages have been upgraded to a later upstream version: unboundid-ldapsdk. Issues addressed include an access control vulnerability.
dd9272d56b56f15f86ef19e47196e64305150b7aefbf41d2eea04acc78fe1e15PHP Login and User Management versions 4.1.0 and below suffers from a remote shell upload vulnerability.
118f27e91f83c0bf5c886ce61f1c84f12f812e5ff1f27ae88d5738ffe6f299ddMicrosoft Internet Explorer 11 on Windows 7 x64/x86 suffers from a vbscript code execution vulnerability.
5ea819396cd5fb910aa32e5974bd278e3661029f3b11021d68c0ae940bbf7285Ubuntu Security Notice 3658-1 - It was discovered that the procps-ng top utility incorrectly read its configuration file from the current working directory. A local attacker could possibly use this issue to escalate privileges. It was discovered that the procps-ng ps tool incorrectly handled memory. A local user could possibly use this issue to cause a denial of service. It was discovered that libprocps incorrectly handled the file2strvec function. A local attacker could possibly use this to execute arbitrary code. Various other issues were also addressed.
6c482ce89fc0489037c921eae41b9c5bf25503ef49a7c0170a3d43294c052ca3PaulNews version 1.0 suffers from cross site scripting and remote SQL injection vulnerabilities.
9305dd447cb777e0976c371e92771715b0201fe1d9284cd2493d3921facffc76LikeSoftware CMS suffers from cross site request forgery and remote shell upload vulnerabilities.
da38e6a76d6acf6d74cadc55bef94abab216e0374bf1e027a3d7d49761780a0cRed Hat Security Advisory 2018-1711-01 - The rhev-hypervisor7 package provides a Red Hat Enterprise Virtualization Hypervisor ISO disk image. The Red Hat Enterprise Virtualization Hypervisor is a dedicated Kernel-based Virtual Machine hypervisor. It includes everything necessary to run and manage virtual machines: A subset of the Red Hat Enterprise Linux operating environment and the Red Hat Enterprise Virtualization Agent. Issues addressed include a bypass vulnerability.
e886f234d79b87efe7f7cd426d7cc08c09c97dad7766beefc21e061a21abae82GNU glibc versions prior to 2.27 suffer from a buffer overflow vulnerability.
b343af88553f32eaebef15dc533583e14be83f18b64bb6bc38800f729025d2e4NewsBee CMS version 1.4 suffers from a cross site request forgery vulnerability.
d4dbbcb4302888ff0af174e212129542cbdefac9073b74f2a3977d0b7714e526Micro Focus Security Bulletin MFSBGN03808 1 - A potential security vulnerability has been identified in Micro Focus Universal CMDB/CMS and Micro Focus UCMDB Browser. The vulnerability could be remotely exploited to allow Cross-Site Scripting (XSS). Revision 1 of this advisory.
fe9d3155cabe6bc0073c518cb04078e48b150412142865699dc7da98aaabdc46EU MRV Regulatory Complete Solution version 1 suffers from a remote SQL injection vulnerability.
3a6a1cc01b1e0f0afe0d8136bd9098728c054cfc256eb650d1f6a45e2a8eefb0Red Hat Security Advisory 2018-1710-01 - The ovirt-node-ng packages provide the Red Hat Virtualization Host. These packages include redhat-release-virtualization-host, ovirt-node, and rhev-hypervisor. Red Hat Virtualization Hosts are installed using a special build of Red Hat Enterprise Linux with only the packages required to host virtual machines. RHVH features a Cockpit user interface for monitoring the host's resources and performing administrative tasks. Issues addressed include a bypass vulnerability.
23297ab3f872b67103644c028bcad01fbd7c1f3a2d71e75c2861b3cbf8b52a33Red Hat Security Advisory 2018-1707-01 - Librelp is an easy-to-use library for the Reliable Event Logging Protocol protocol. RELP is a general-purpose, extensible logging protocol. Issues addressed include a buffer overflow vulnerability.
e95cbdad63d316bb454bef620f4b4a3928f2291a0df072f9632346ff168b799fRed Hat Security Advisory 2018-1703-01 - Librelp is an easy-to-use library for the Reliable Event Logging Protocol protocol. RELP is a general-purpose, extensible logging protocol. Issues addressed include a buffer overflow vulnerability.
e6da746e4377db7b862e8fd5e37c602aecb374ccbbb1aa4a0d07724a751939c5Honeywell XL Web Controller suffers from cross site scripting and remote SQL injection vulnerabilities.
84c96e927f1d9f4a4db0f819b9d00762694fa62b9c41bd7450bbf2c5e56e8a93Timber version 1.1 suffers from a cross site request forgery vulnerability.
98125c64ad8f40b05398adc5800e2dcda0ab9d8c496cb8cbce6e95222d1a2bafEasy File Uploader version 1.7 suffers from a remote shell upload vulnerability.
ee8720840c5ab06ce21c9605205b8d6f58881eafe02c6f39625c4e1b8c21fe16Red Hat Security Advisory 2018-1702-01 - Librelp is an easy-to-use library for the Reliable Event Logging Protocol protocol. RELP is a general-purpose, extensible logging protocol. Issues addressed include a buffer overflow vulnerability.
4cc397327257299a1496198d18c44da3721840f1b4815298d76c0e80f995e86aOpenDaylight suffers from a remote SQL injection vulnerability.
43255904a087721be0857057b2ec5652bb0704796a76fd5486ba3a6e54e048c5ASP.NET jVideo Kit version 1.0 suffers from a remote SQL injection vulnerability.
eb792f18f1f53dbfb6b5c50d9878dc053d894293efeeb4b0f55522c1f6d55849WordPress Peugeot Music plugin version 1.0 suffers from cross site request forgery and remote shell upload vulnerabilities.
0265470eee421e7152351b838d957203ae7a76360be0f3eb87db1138e333d266
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed