Gentoo Linux Security Advisory 201710-14 - Multiple vulnerabilities have been found in WebkitGTK+, the worst of which may allow remote attackers to execute arbitrary code. Versions less than 2.16.6:4 are affected.
43af8a0df16e4463cc90e2e2043b2cd7b5b2bdc65c3a1be2521e687ee036d9baGentoo Linux Security Advisory 201710-13 - Multiple vulnerabilities have been found in Graphite, the worst of which could lead to the remote execution of arbitrary code. Versions less than 1.3.10 are affected.
1fc515997811b48f7dcb764101edd9caa941f703833a6e6b6e19790194606b3cGentoo Linux Security Advisory 201710-12 - Multiple vulnerabilities have been found in Puppet Agent, the worst of which could result in the execution of arbitrary code. Versions less than 1.7.1 are affected.
98ba217a20c5de0270877d47a6ee84b96fc1c1aa0a4a90589175211bd14fafb9Gentoo Linux Security Advisory 201710-11 - Multiple vulnerabilities have been found in GNU Libtasn1, the worst of which may allow remote attackers to execute arbitrary code. Versions less than 4.12-r1 are affected.
92685fe57fb041330c8430e99dbda671722ae6b1569e6f5a603ccc70b49f2c7dGentoo Linux Security Advisory 201710-10 - Multiple vulnerabilities have been found in elfutils, the worst of which may allow remote attackers to cause a Denial of Service condition. Versions less than 0.169-r1 are affected.
70260518685556fb869ffc6423adb02280c238fa013e7c02fbd51c084cc9df76DuckieTV CMS version 1.1.5 suffers from a local file inclusion vulnerability.
b8bb368f6c62fc060f1f6bbfef281f4bddad8964dffbdb9d6ebe0ae4c4f287b3E-Sic Software livre CMS version 1.0 suffers from authentication bypass, cross site scripting, and remote SQL injection vulnerabilities.
fd9acdc881cdf1892c664ffcfe05896106baae015910fa71fedc474e208d0908phpMyFAQ version 2.9.8 suffers from a persistent cross site scripting vulnerability where an attacker can embed malicious script code in the title of the faq.
2886abf85bb7d159d238a029d4735a38ee38240d0de808755f12e5f6b44da496macro_pack is a tool used to automate obfuscation and generation of MS Office documents for penetration testing, demo, and social engineering assessments. The goal of macro_pack is to simplify bypassing anti-malware solutions and automate the process from vba generation to final Office document generation.
c5edcba25cf4be512a120d75fc22584e2d4ff925ce78cd23d96e4c714d629695There exists an unauthenticated SEH based vulnerability in the HTTP server of Sync Breeze Enterprise version 10.1.16, when sending a GET request with an excessive length it is possible for a malicious user to overwrite the SEH record and execute a payload that would run under the Windows NT AUTHORITY\SYSTEM account. The SEH record is overwritten with a "POP,POP,RET" pointer from the application library libspp.dll. This exploit has been successfully tested on Windows XP, 7 and 10 (x86->x64). It should work against all versions of Windows and service packs.
cd660cfe17078fd46a1bde16db1b2e75840ec80024327923f3e6be7f8c826dfdTypo3 Restler extension version 1.7.0 suffers from a local file disclosure vulnerability.
3c8e62bce4fc30f456f7759aae37fe45e2da7b299b434553064137518ad99c14The BouquetEditor plugin for Dreambox 2.0.0 suffers from a cross site scripting vulnerability.
925ea65626e3e1477d516b5b0859d7e5dcbef48a3eaf357b0e370696aaf359c430 bytes small Linux/x86 polymorphic execve(/bin/sh) shellcode.
85b807d99a5c503478b74c10679b0d8fbbd59265759b08ece892f5b072154ee1
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed