NovaRad NovaPACS Diagnostics Viewer version 8.5 suffers from an XML external entity injection vulnerability that allows for file disclosure.
b8bf25dab063e2dae51eba4402af354153dd867fac3cb576749dd375a90183c1Ubuntu Security Notice 3759-2 - USN-3759-1 fixed a vulnerability in libtirpc. This update provides the corresponding update for Ubuntu 12.04 ESM. Aldy Hernandez discovered that libtirpc incorrectly handled certain inputs. An attacker could possibly use this issue to cause a denial of service. Various other issues were also addressed.
35536226974c7fe774b799664ae0331c21d7ef9b12b88831452d0d1946442c2fUbuntu Security Notice 3759-1 - Aldy Hernandez discovered that libtirpc incorrectly handled certain inputs. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 14.04 LTS and Ubuntu 16.04 LTS. It was discovered that libtirpc incorrectly handled certain inputs. An attacker could possibly use this issue to cause a denial of service. Various other issues were also addressed.
bb42ed420ac1a4099eb60922206da39be8999455162b87917730bf295851efffVMware Security Advisory 2018-0023 - AirWatch Agent and VMware Content Locker updates resolve data protection vulnerabilities.
af821aacb17f8861a5c5599c243e6687768b83bbafa4616ae3f6038a900e5d54Tenda ADSL router D152 suffers from a cross site scripting vulnerability.
2770f8b55663aa2d1c211fa9943e26ae343e47125c29b468c1eb37d037bae86fsqlmap is an open source command-line automatic SQL injection tool. Its goal is to detect and take advantage of SQL injection vulnerabilities in web applications. Once it detects one or more SQL injections on the target host, the user can choose among a variety of options to perform an extensive back-end database management system fingerprint, retrieve DBMS session user and database, enumerate users, password hashes, privileges, databases, dump entire or user's specified DBMS tables/columns, run his own SQL statement, read or write either text or binary files on the file system, execute arbitrary commands on the operating system, establish an out-of-band stateful connection between the attacker box and the database server via Metasploit payload stager, database stored procedure buffer overflow exploitation or SMB relay attack and more.
52e09b5dbcf94afad019bca68a3ba7f4a62c3ce304338578ea9049287de33a86Blue Team Training Toolkit (BT3) is an attempt to introduce improvements in current computer network defense analysis training. Based on adversary replication techniques, and with reusability in mind, BT3 allows individuals and organizations to create realistic computer attack scenarios, while reducing infrastructure costs, implementation time and risk. The Blue Team Training Toolkit is written in Python, and it includes the latest versions of Encripto's Maligno and Pcapteller.
d866f802f90d64cc210b3fe3eb026edae763c251f273321540a8e6aaab2310d1testssl.sh is a free command line tool which checks a server's service on any port for the support of TLS/SSL ciphers, protocols as well as recent cryptographic flaws, and much more. It is written in (pure) bash, makes only use of standard Unix utilities, openssl and last but not least bash sockets.
7e120408f238ed49685bed1eb1cce25fb09990e3934743bbb552d67018f5e4b7Opsview Monitor versions 5.2, 5.3, and 5.4 suffer from cross site scripting and multiple remote command execution vulnerabilities.
953c9d49a6ad47c20e9a9acc6d55ebbeea2a239ede57f492f4be332d89519ed1Debian Linux Security Advisory 4284-1 - Quang Nguyen discovered an integer overflow in the Little CMS 2 colour management library, which could in denial of service and potentially the execution of arbitrary code if a malformed IT8 calibration file is processed.
c961b12a72c7b60def07bcd5d3fcdca14d9a20ce0b8dd2ae366c8b816c05fd20Red Hat Security Advisory 2018-2561-01 - Red Hat CloudForms Management Engine delivers the insight, control, and automation needed to address the challenges of managing virtual environments. CloudForms Management Engine is built on Ruby on Rails, a model-view-controller framework for web application development. Action Pack implements the controller and the view components. Issues addressed include code execution and traversal vulnerabilities.
7f95440aa937cac0e94761f4b7e8f01a81842cfd98d9009e39aed778069e4c84Amcrest Cameras have a static SSL key embedded in their firmware.
f62a2c89683dc91ecc1009ea775d45cdd24647827f60629cd5eca7f834f8699eRed Hat Security Advisory 2018-2645-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include a denial of service vulnerability.
2ca5e83aa92183b3658a836f22c7f049b7f748ca4bf97a6d110e1bf86337fb65FUJI XEROX DocuCentre-V 3065 Printer suffers from a remote command execution vulnerability.
65f81709f7d16b5f9c3a8fe46bdf13df989657454b9dd8389df0fa3fb7516694Go Pro Fusion Studio version 1.2 suffers from a privilege escalation vulnerability.
54f08c391ceb310b302b0a6d69afa0f46da60dead416f9ec53d22072161f8948FTPShell Server version 6.80 add account name SEH buffer overflow exploit.
4cab58842e3dc112d54abc9a47321133797b42576675bf9c4eefd5ac380bcd05osCommerce version 2.3.4.1 suffers from a cross site request forgery vulnerability.
64d21e9c17ef31888252a40c93532ade2145cbbb94a130c30197fd0dc56cbc3aMicrosoft People version 10.1807.2131.0 suffers from a denial of service vulnerability.
d509968d04912f9952241dcaf620ea971932da555212e6e78532437e11bf5253
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed