NationBuilder suffers from multiple persistent cross site scripting vulnerabilities.
605c2c3c1032d340f16cd0038f39dd85e6364f17892b876b71724d47ac764bf9Red Hat Security Advisory 2016-0684-01 - Network Security Services is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. Netscape Portable Runtime provides platform independence for non-GUI operating system facilities. The following packages have been upgraded to a newer upstream version: nss 3.21.0, nspr 4.11.0. Security Fix: A use-after-free flaw was found in the way NSS handled DHE and ECDHE handshake messages. A remote attacker could send a specially crafted handshake message that, when parsed by an application linked against NSS, would cause that application to crash or, under certain special conditions, execute arbitrary code using the permissions of the user running the application.
5a2666975f30ed4ef9d32a6c94c6c7ee9af784cd8b1cb74c9e6c0bbd94cde00eDebian Linux Security Advisory 3556-1 - Hans Jerry Illikainen discovered that libgd2, a library for programmatic graphics creation and manipulation, suffers of a signedness vulnerability which may result in a heap overflow when processing specially crafted compressed gd2 data. A remote attacker can take advantage of this flaw to cause an application using the libgd2 library to crash, or potentially, to execute arbitrary code with the privileges of the user running the application.
4fb5df9dace3303fe13802ffbddb4d7d85114c9f5c087fdb4b2bd8891d489403Debian Linux Security Advisory 3555-1 - Several vulnerabilities were discovered in imlib2, an image manipulation library.
1ee5e61be52ed3b6800246af5250019695e3d62af4fd4f0bf75056031c465e3cRed Hat Security Advisory 2016-0685-01 - Network Security Services is a set of libraries designed to support the cross-platform development of security-enabled client and server applications. A use-after-free flaw was found in the way NSS handled DHE (Diffie-Hellman key exchange) and ECDHE (Elliptic Curve Diffie-Hellman key exchange) handshake messages. A use-after-free flaw was found in the way NSS processed certain DER (Distinguished Encoding Rules) encoded cryptographic keys.
7142359029ecb55b91f8740bcc308885a4ca03d05377044d0945c59945dbfdaaIrIran Shopping Script version 4.1 suffers from a cross site scripting vulnerability.
828edab3e7924d0f81c1fce38155f8638c3e73f0a9314ba81f3edfc6c8485c69i-Tech Nepal Radio CMS version 2.0 suffers from a remote SQL injection vulnerability.
d1025bd4c1202de1ad50de8a8a3ce98318bb2d479a1f19446a1bf6463fed0877CompuSource Systems Real Time Home Banking suffers from a local privilege escalation vulnerability.
eb1e66983b629065e937bcc9d3f4d042428232857116f37391fd6d668cdf8fdcCyberoam Central Console version 02.03.1 suffers from cross site scripting vulnerabilities.
25723eb7a1086e2370f53a54fa6647c9acdf0499d3a3aba9295cb297b783c6fdTotemomail versions 4.x and 5.x suffer from filter bypass and script insertion vulnerabilities.
347ed963a8f8484f164328a3c14f97f30cce1083e75ae2e5b8613af5d9932d20Rough Auditing Tool for Security (RATS) version 2.3 crash proof of concept code that results in a denial of service.
12d7b29ab56ac354a7a7bb73a02be8eab943b3498e0f538c356807a4c3766040Django CMS version 3.2.3 suffers from a cross site scripting vulnerability.
cd0d8627e3d4f429c5205644da8cc99c824b6ba06df465b5a3f2d52c570dc592Texas Instruments Calculators Emulator version 3.03 buffer overflow exploit that can use custom offsets.
0261e280ea524d7c2831dd9bd565f7a419d891b1642208d0fe44afae9bd4d78dTelisca IPS Lock 2 suffers from a bypass vulnerability that allows the locking of any phone with only a mac address. Metasploit module included.
b6003d594cc09a8801ce447a82f3c84e8fedad95171104c449337ea0d019a587The Ubiquiti Networks web application suffered from an XXE injection vulnerability.
d645f5c22a117c00797ef6ddd30973f63867c5fa0aab82f98789a422cbf5aa34Negin Group CMS suffers from a remote SQL injection vulnerability.
ad141442ab12e00b67e2cf9ec428556e760a92c6d787be756cace677a1597514C and C++ for OS suffers from filter bypass and script insertion vulnerabilities.
329b1aa3f14ffa8cc34a901452d00ed59a2075257c1f02e7647ba5dab1f0ebd8
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed