Erim Upload version 4 suffers from a database disclosure vulnerability.
0a5d9f97ad99a2e396c97011db6206b01062091d026186ae3e3e5346edff23b4Debian Linux Security Advisory 5477-1 - Several vulnerabilities have been discovered in Samba, which could result in information disclosure, denial of service or insufficient enforcement of security-relevant config directives.
af91853d8e5f0024764f5543a8b80895c57747aa8c34de789911957203c66602eLitius version 1.0 appears to leave backups in a world accessible directory under the document root.
37a6ad9ab40e37e23d7cbfe01ee9334c417b3339776c4691b7ae872e89ddb896BookingWizz version 6.0.1 suffers from an information leakage vulnerability.
14dc808fba0c29bec381b92941a79a68db7e7dccd2b66351dfa0ae504f014329Debian Linux Security Advisory 5475-1 - Daniel Moghimi discovered Gather Data Sampling (GDS), a hardware vulnerability for Intel CPUs which allows unprivileged speculative access to data which was previously stored in vector registers. This mitigation requires updated CPU microcode provided in the intel-microcode package. Daniel Trujillo, Johannes Wikner and Kaveh Razavi discovered INCEPTION, also known as Speculative Return Stack Overflow (SRSO), a transient execution attack that leaks arbitrary data on all AMD Zen CPUs. An attacker can mis-train the CPU BTB to predict non-architectural CALL instructions in kernel space and use this to control the speculative target of a subsequent kernel RET, potentially leading to information disclosure via a speculative side-channel.
95ac8bf618237ec9a9702db5e01782fb41ac590afd3c1d06d81109f4cc731eebEasy Password Manager version 1.1 suffers from an administrative information disclosure vulnerability.
2687e8a418f8f4fc898b49f86c9caa7c95533498c6bc19add0698de463a19d32Dynamic Journal CMS version 2.5 suffers from a database disclosure vulnerability.
6116d0ba8d26a1199f0230b37e79aa84d8430cef695b9c89f015cd98d1b776efe2 Distr CMS version 2.8.5.3 appears to leave backups in a world accessible directory under the document root.
5433c74f920760e59a3889a4eb94f7621298cabe8eddf15f30585be24f026e98Data Driven CMS version 0.4.1 suffers from a database disclosure vulnerability.
289589defdc8484f203243ee6ec47da95c76138a53764f76b04f48259c2ba031Adlisting Classified Ads version 2.14.0 suffers from an information leakage vulnerability.
e58b16d7d0dfc56b18c6e198a17650093b7c6949c613c2138e4ae0a53d0605c1Web Wiz Forums version 12.06 suffers from a database disclosure vulnerability.
950e3033efbf73529e4ec869b9ebd856a39efedb35bc2fe86ed1a986bf26c9ecDebian Linux Security Advisory 5467-1 - Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure.
9746736e5ad0547769a67aa9e3341df6a9896e510c46325b72fba0be7a4965cdVoodoo Chat version 1.0RC1b suffers from an information disclosure vulnerability.
6b15ee11780c51b5e6f412f0c1afa95b81dc7baad6e21a88b8aef74d05764f80VOC++ Business Special Edition Creatiff Original version 1.3 suffers from an information disclosure vulnerability.
6b828fb27c33b74681103dbaff0d6d675a63189209fd4a32e35020a9a85585fdWEBinsta Mailing Manager version 1.3 suffers from an information disclosure vulnerability.
d12574b9d2d24c71b331ec5e3cfa01a82cb9d41372a3d1666676b6bf364d21a4mRemoteNG version 1.77.3.1784-NB exploit that extracts sensitive information that is stored in memory in the clear but encrypted at rest.
317d7c61096327e5b26547dc45e1871ea228f9b129d6c588a6ad96a624ad6231WonderCMS version 0.6-Beta suffers from a password disclosure vulnerability.
7730fce6db7c8209b7f075de09ab07291b78604414042879ee1427de2ab0f527Debian Linux Security Advisory 5458-1 - Several vulnerabilities have been discovered in the OpenJDK Java runtime, which may result in bypass of sandbox restrictions, information disclosure, reduced cryptographic strength of the AES implementation, directory traversal or denial of service.
56826eebf6a5edd1903ff8a78cf717b85576a27002c8d40f49867c4087279cf9WordPress Duplicator plugin version 3.8.7 appears to leave backups in a world accessible directory under the document root.
8f7867098777bfb7d7988fcc7cf6d15c45a7a00aa260411393d341e6ecc3e473Debian Linux Security Advisory 5456-1 - Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure.
1daff8e7c0219332defdf3bdce5b00d7219aa4d2baadfabb109bfa319c387d3dUbuntu Security Notice 6237-2 - USN-6237-1 fixed vulnerabilities in curl. The update caused a certificate wildcard handling regression on Ubuntu 22.04 LTS. This update fixes the problem. Hiroki Kurosawa discovered that curl incorrectly handled validating certain certificate wildcards. A remote attacker could possibly use this issue to spoof certain website certificates using IDN hosts. Hiroki Kurosawa discovered that curl incorrectly handled callbacks when certain options are set by applications. This could cause applications using curl to misbehave, resulting in information disclosure, or a denial of service. It was discovered that curl incorrectly handled saving cookies to files. A local attacker could possibly use this issue to create or overwrite files. This issue only affected Ubuntu 22.10, and Ubuntu 23.04.
e8dd9101762b6b8471b622e391d8e553d5793d3028a030db99705ea7fe07b3a9ABB FlowX version 4.00 suffers from a sensitive information exposure vulnerability.
51f0b2495450b9b0407ce67b986a86cf1eedbd6d6f5862a78323951ca8b7962eUbuntu Security Notice 6237-1 - Hiroki Kurosawa discovered that curl incorrectly handled validating certain certificate wildcards. A remote attacker could possibly use this issue to spoof certain website certificates using IDN hosts. Hiroki Kurosawa discovered that curl incorrectly handled callbacks when certain options are set by applications. This could cause applications using curl to misbehave, resulting in information disclosure, or a denial of service.
51f46d8ba4e11574eb483e508710565644dc207c352aed8e601c8ec28e6a4ba4BookingWizz version 5.5 leaves an install file in place that discloses administrative credentials.
3239c62fc69e4bde9d16404629a68f3d37708d438184769abf0ca4c0c3a06269Business Directory Store Finder Local version 1.6.4 suffers from an information leakage vulnerability.
11d14034dabbef618cdc6ffda8128b2ae557915573a0fcad463db20be887e7e8
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed