Mouse Media Script version 1.6.0 suffers from a stored cross site scripting vulnerability.
9bd45d892cefca1ccd97f12064adcdccdc46d6ba039a2cfc0cb41b78b22fe4e5Esotalk CMS suffers from a cross site scripting vulnerability.
426b2a3130a36ea5b3de2f2855da80f068e88fd9e639135153ea7097754de135Serenity Client Management Portal version 1.0.1 suffers from a stored cross site scripting vulnerability.
1782a2875c2b21cc946c66f6e5cb34da9592b5108bffec951aaa36b484595522phpSound Music Sharing Platform version 1.0.5 suffers from multiple cross site scripting vulnerabilities
1ae73d636017b49c679573513259adb0882c02129b5d8004898e8ae43f7829f1WordPress SupportEzzy Ticket System plugin version 1.2.5 suffers from a stored cross site scripting vulnerability.
2f89b65717afb33161b3fa89fe8224f3f1ba65b3f2e38c1b28f79f9277acbb1fWho's Who Script suffers from a cross site request forgery vulnerability.
47f9a3f742cf238fe2b35e17df618c2251aafa10b62f1517868c27f5feaa4662This Metasploit module exploits a vulnerability found in Windows Object Linking and Embedding (OLE) allowing arbitrary code execution, publicly exploited in the wild as MS14-060 patch bypass. The Microsoft update tried to fix the vulnerability publicly known as "Sandworm". Platforms such as Windows Vista SP2 all the way to Windows 8, Windows Server 2008 and 2012 are known to be vulnerable. However, based on our testing, the most reliable setup is on Windows platforms running Office 2013 and Office 2010 SP2. And please keep in mind that some other setups such as using Office 2010 SP1 might be less stable, and sometimes may end up with a crash due to a failure in the CPackage::CreateTempFileName function.
22d50e4cf87dbb4ac9f6d51a9b1c21edb0ba7405f489b927842967eda685d577This Metasploit module exploits the Windows OLE automation array remote code execution vulnerability. The vulnerability exists in Internet Explorer 3.0 until version 11 within Windows 95 up to Windows 10.
9f3d76c6deb7093d4abe28ad57a0baaa94e5d5aac7b91cda94946db86e90b217Joomla HD FLV component version 2.1.0.1 suffers from a remote SQL injection vulnerability.
733162606ba1c6d3ad296a0f60b1de5ca10abf359fa141da227db38f94650974Prey Anti-Theft for Android is missing proper SSL certification validation that can allow for denial of service and security bypass.
375e740eb82da36272b867f9bfc8c337d55e13acb3c92f8a3fedba233524ef52Ubuntu Security Notice 2409-1 - Laszlo Ersek discovered that QEMU incorrectly handled memory in the vga device. A malicious guest could possibly use this issue to read arbitrary host memory. This issue only affected Ubuntu 14.04 LTS and Ubuntu 14.10. Xavier Mehrenberger and Stephane Duverger discovered that QEMU incorrectly handled certain udp packets when using guest networking. A malicious guest could possibly use this issue to cause a denial of service. Various other issues were also addressed.
0560bed7a0207b09b9eee574c086a9c96540723b7c21d6b2f08c965ea0f7d038HP Security Bulletin HPSBMU03182 1 - A potential security vulnerability has been identified with HP Server Automation. This is the Bash Shell vulnerability known as "ShellShock" which could be exploited remotely to allow execution of code. Revision 1 of this advisory.
2c7547ad37486e13bbfb803f26b54786b2666a0d9a0dc7130cbe590247c0434cDebian Linux Security Advisory 3050-3 - The previous update for iceweasel in DSA-3050-1 did not contain builds for the armhf architecture due to an error in the Debian packaging specific to the armhf build.
986330d8176213258f8f3743d8240fb7636c9b4790c5253b82d1a1459945dddaRed Hat Security Advisory 2014-1852-01 - The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in. This update fixes multiple vulnerabilities in Adobe Flash Player. Multiple flaws were found in the way flash-plugin displayed certain SWF content. An attacker could use these flaws to create a specially crafted SWF file that would cause flash-plugin to crash or, potentially, execute arbitrary code when the victim loaded a page containing the malicious SWF content.
4a006d215c9cae80f1a876b8cc5b0bf08bb44cf658e02ad3743299595a33e101The Joomla Eventbooking component suffers from a cross site scripting vulnerability.
9b50f14aee44e44f20b0a4a6c605e2468e48bfe13ddce60537854cd9cb83ea26
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed