Cisco WebEx Meetings Server suffers from an XML external entity injection vulnerability.
39042e3cffbe45edd8d3a912b89bcc36d39e3f36f804bfcc34793db23f991d10iOS suffers from a kernel stack memory disclosure due to failure to check copyin return value.
60108b89486cb359363b2d03bb42b7169fee6f244ce5cebe800da43c4e47b46bFull write up on the unauthenticated remote code execution and privilege escalation vulnerability in Cisco Prime Infrastructure.
058c3b31f20e8b93b4afb321381169fdced8081ba43437d03d084b037fa8cc10Apple Security Advisory 2018-10-08-1 - iOS 12.0.1 is now available and addresses lock screen issues.
55511890e9f38ae0a9bad6f57089a3ede653de0774df3cbf1802daee5427cbceCisco Prime Infrastructure (CPI) contains two basic flaws that when exploited allow an unauthenticated attacker to achieve remote code execution. The first flaw is a file upload vulnerability that allows the attacker to upload and execute files as the Apache Tomcat user; the second is a privilege escalation to root by bypassing execution restrictions in a SUID binary. This Metasploit module exploits these vulnerabilities to achieve unauthenticated remote code execution as root on the CPI default installation. This Metasploit module has been tested with CPI 3.2.0.0.258 and 3.4.0.0.348. Earlier and later versions might also be affected, although 3.4.0.0.348 is the latest at the time of writing.
d4ddf2dda84d92bb39709e2fad5c269d7848c88a7bfbb904dd9732556b6c1a55Apple Security Advisory 2018-9-24-4 - APPLE-SA-2018-9-24-4 provides additional information for APPLE-SA-2018-9-17-1. iOS 12 is now available and addresses memory corruption and input validation vulnerabilities.
fe6d1b8b3958f08fadaf9feda8a759143d5d125386459a13ec51171d4098256cApple Security Advisory 2018-9-17-1 - iOS 12 is now available and addresses memory corruption and input validation vulnerabilities.
1b6195c1b83a02fbe3028b9f59a131a8da4f145af8b7404d84dce1ccca5cfae6Cisco Umbrella Roaming Client version 2.0.168 suffers from a privilege escalation vulnerability.
854cf7db0661e303d1f8f5b7c306d195ce2e38588bfe4d01a79185f9c9bd01a8Cisco AnyConnect Secure Mobility Client version 4.6.01099 suffers from a denial of service vulnerability.
c6e0c15d91b91207790a50bd4ffc241b9d7758952646e0f4bb8076175cafe939Cisco Network Assistant version 6.3.3 suffers from a denial of service vulnerability.
06bfdd27cdd81a700680df765616c42350869863b9bd88df5cddfb49c7dd691aLinkedin mobile iOS application version 9.11.8592.4 suffers from a CPU resource exhaustion vulnerability.
37fbd701edef30bae893062e35a07dcacdae7ad07a66bc9892f2375bd40db3a7This Metasploit module exploits a security vulnerability in Cisco ASA that would allow an attacker to view sensitive system information without authentication by using directory traversal techniques.
61864a496baff217e28e408c09a6a01a920370b195aa9452c866952af9c43a6cApple Security Advisory 2018-7-23-3 - iOS 11.4 addresses buffer overflow, code execution, and denial of service vulnerabilities.
857fee29a90629f33ba85af6600e36de596f303b9de4fc96e0cc80eb90fae597macOS and iOS suffer from a javascript injection bug in OfficeImporter.
e8a235449f752566cb48a2a1f6f65e02d52cbd77feb6354393a30e556c4552e2Apple Security Advisory 2018-7-9-1 - iOS 11.4.1 is now available and addresses code execution and denial of service vulnerabilities.
330261e5d69c36b100acca558de9c3f8ed059502a72a2ea02c2fbc09dc42e68bCisco Adaptive Security Appliance suffers from a path traversal vulnerability.
d1b313011029126cb865a0362620a79446da5eb04f5aec729d6ccf3667869fe9The macOS and iOS kernels suffer from a heap overflow due to a lack of lower size check in getvolattrlist.
f1c3b9023d02313f1fc1abb64c64d84e4ea581179d6b4d5a3425103544649ed7Apple Security Advisory 2018-06-01-4 - iOS 11.4 addresses buffer overflow, code execution, and denial of service vulnerabilities.
235011f8d40f10f6eefc42756667cf9730b9b7549ad68a89cec4884cef6a0e64Cisco SA520W Security Appliance suffers from a path traversal vulnerability.
afb1a6c7670d56bdc88e35d408381f90b8a962147c6db0ddc5bfc2888ed9088emacOS/iOS ReportCrash suffers from a mach port replacement due to failure to respect MIG ownership rules.
2cd4e635bdd91862b3c2bfd770e7f8bd4e4eca619058739936bbf85ce351d526Apple Security Advisory 2018-04-24-1 - iOS 11.3.1 is now available and addresses code execution vulnerabilities.
3b6b031d4de4f82dc2d6116a7e6b0e34c773b3dbdc85944cef0fa376bfd2b1b6Apple Security Advisory 2018-3-29-1 - iOS 11.3 is now available and addresses buffer overflow, code execution, and denial of service vulnerabilities.
831a5876153ae9b119aa0f3493b15456a2d1c9e01251c16931b0e56c70e84364Cisco node-jos versions prior to 0.11.0 re-sign tokens proof of concept exploit.
f7e488909b769cf6fe758f382777f08b2e3b059dea0c5b6c8ed8e7fb3e555becCompass Security discovered a design weakness in Microsoft Intune's app protection. This weakness allows a malicious user that gets hold of an employee's iOS device to access company data even without knowing the app PIN.
9eb901ef1974be004d63aa35bd969efac3bd77a0a761e1cbabb90340bf37e26cCisco ASA crash proof of concept exploit.
22410b089089e7b8ffef27f7fb0a008e7affff448aee37013b0a41335bb533a6
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed