Microsoft Windows suffers from a double dereference in NtEnumerateKey that leads to elevation of privilege.
db58dd019b911586330159149eda8b2dc64f11da97ac17f50b0f84104e699eccMicrosoft Windows suffers from a CiSetFileCache TOCTOU CVE-2017-11830 variant WDAC security feature bypass vulnerability.
eb52dc13fee602e4f4367c0eb42d933defb5c0336c73d90ce5236346a9ec00baThe RICOH MP 2001 printer suffers from cross site scripting and html injection vulnerabilities.
25c334d3f7c18bb5dd325e01457ba93bc2ecb6028d6ebcb3a88ffa2c9520a416Ubuntu Security Notice 3766-2 - USN-3766-1 fixed a vulnerability in PHP. This update provides the corresponding update for Ubuntu 12.04 ESM. It was discovered that PHP incorrectly handled certain exif tags in JPEG images. A remote attacker could possibly use this issue to cause PHP to crash, resulting in a denial of service. Various other issues were also addressed.
d412a5e78f7e05c7922741e5c5a00c84d22a69e42a6d8888b76d586cb5c5a49fThe RICOH SP 4510SF printer suffers from cross site scripting and html injection vulnerabilities.
ad51c5cabfa96c84982f694460d4b9b4673d03fc9d37fe99f9b2a1fcb4264cb5Ubuntu Security Notice 3767-2 - USN-3767-1 fixed a vulnerability in GLib. This update provides the corresponding update for Ubuntu 12.04 ESM. It was discovered that GLib incorrectly handled certain files. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. Various other issues were also addressed.
75d0fab351c0576d41ee5ef49acb8b2023ad189e71f0d7d8f800d8e3d250f367Ubuntu Security Notice 3768-1 - Tavis Ormandy discovered multiple security issues in Ghostscript. If a user or automated system were tricked into processing a specially crafted file, a remote attacker could possibly use these issues to access arbitrary files, execute arbitrary code, or cause a denial of service.
de5e6e2ac268791112b32245e79a1edae5050186138c910f625de3a6f7a7c619ManageEngine SupportCenter Plus version 8.1.0 suffers from cross site scripting and html injection vulnerabilities.
6e0c3871f1183ae3f740723b285ea18246b9b6ba334e1142cb9158d52b3bf598LG SuperSign EZ CMS version 2.5 suffers from a local file inclusion vulnerability.
8f7ab321e613344bd548f7dc6db6dd5b8fded8947447f25c3328606a4b184663ManageEngine Desktop Central version 10.0.271 suffers from a cross site scripting vulnerability.
0f1d28ed8e054e84cdd90f7c1e9a70520b5ed9a2a745aea65ea7ec212c1f5592LimeSurvey version 3.14.7 suffers from cross site scripting and html injection vulnerabilities.
43570d66dc84a4eee1ad17a24a094bdea93d8ca6e1e5d80b27ccbb144423e567Ubuntu Security Notice 3767-1 - It was discovered that GLib incorrectly handled certain files. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. It was discovered that GLib incorrectly handled certain files. An attacker could possibly use this issue to access sensitive information.
8130359e9ecca83022423cc08f939d1ba125806fa856a1ed2e0cc845c44d1ff4WordPress Localize My Post plugin version 1.0 suffers from a local file inclusion vulnerability.
6cef85344c2e2259c242800c501a3e5f18af3c06daf51bdd202412007623bb52Debian Linux Security Advisory 4297-1 - Two vulnerabilities have been discovered in the chromium web browser. Kevin Cheung discovered an error in the WebAssembly implementation and evil1m0 discovered a URL spoofing issue.
bda7ece5f8cb09f316e695b3369f5bba7187241256943ce8e12a868e9381e94fWordPress Wechat Broadcast plugin version 1.2.0 suffers from a local file inclusion vulnerability.
cd960f090368e8d0e16f44d88a273bd4ed1c988f513fee3d7f3cd60da7d85622Roundcube rcfilters plugin version 2.1.6 suffers from a cross site scripting vulnerability.
5d5e55b142ababa9f48c19ae8d819c5b167be38bc7ff55ac40fbe2ffbf7662a4It was discovered that the Western Digital My Cloud is affected by an authentication bypass vulnerability. An unauthenticated attacker can exploit this vulnerability to authenticate as an admin user without needing to provide a password, thereby gaining full control of the My Cloud device. This vulnerability was successfully verified on a Western Digital My Cloud model WDBCTL0020HWT running firmware version 2.30.172. This issue is not limited to the model that was used to find this vulnerability since most of the products in the My Cloud series share the same (vulnerable) code.
d932fe2ac618b65b67fd2884481f4279bcc3c61802d9521bc7877fecf8dee16bDell EMC Unity Operating Environment (OE) versions prior to 4.3.1.1525703027 and Dell EMC UnityVSA Operating Environment (OE) versions prior to 4.3.1.1525703027 suffer from authorization bypass, cross site scripting, and url redirection vulnerabilities.
0ed28c30c507c2fb4fe9957e1375fabd1f4bfefb74f954dc4acdbb85d305bae3CA Release Automation NiMi version 6.5 suffers from a remote command execution vulnerability.
ee7fc2be843047e737cd1ff2e3299d09c9fbdce8e0cb96c24043007882021e48Moodle versions 3.5.2, 3.4.5, 3.3.8, and 3.1.14 suffer from a remote php unserialize code execution vulnerability.
e1192dea24bdf40a1f2a57e173fb3e080e8f325080cbf19e225ef91eda41a138Ubisoft Uplay Desktop Client version 63.0.5699.0 suffers from a remote code execution vulnerability.
b4fc52c6e2348034f140ebc81f23e2c7a420dd74989550b0b177406dce388a6eRed Hat Security Advisory 2018-2721-01 - Red Hat OpenStack Platform provides the facilities for building, deploying and monitoring a private or public infrastructure-as-a-service cloud running on commonly available physical hardware. Issues addressed include an insecure download vulnerability.
a5a7ddcefea036609f515b9887cb57ed820c994704377c75146ebab40450c72bNUUO NVRMini2 version 3.8 cgi_system buffer overflow exploit.
2b0345e406aa5762d5b5e8b4a9fd8928fea8a9d53b01a3a7edc11adbd2ae76a5Ubuntu Security Notice 3722-6 - USN-3722-1 fixed vulnerabilities in ClamAV. The new package introduced an issue which caused dpkg-reconfigure to enter an infinite loop. This update fixes the problem. It was discovered that ClamAV incorrectly handled parsing certain HWP files. A remote attacker could use this issue to cause ClamAV to hang, resulting in a denial of service. Various other issues were also addressed.
6325395b38e11aef78e86b6e436b664f9907e8d32726fc44f02f3a52a0186d47Ubuntu Security Notice 3766-1 - It was discovered that PHP incorrectly handled restarting certain child processes when php-fpm is used. A remote attacker could possibly use this issue to cause a denial of service. This issue was only addressed in Ubuntu 18.04 LTS. It was discovered that PHP incorrectly handled certain exif tags in JPEG images. A remote attacker could possibly use this issue to cause PHP to crash, resulting in a denial of service. Various other issues were also addressed.
a5c456a29b486c81739117fc6446669b41d6f3a191130112d47f694c7c58a599
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed