CHERRY B.UNLIMITED AES version JD-0400EU-2/01 suffers from cryptographic issues and replay attack vulnerabilities.
3737c6b837cb5779da05eb65eeceaa868fb36d30c20fac2a630e28c5168f4313Gentoo Linux Security Advisory 201607-17 - BeanShell is vulnerable to the remote execution of arbitrary code via Java serialization or XStream from an untrusted source. Versions less than 2.0_beta6 are affected.
8cbd5347c9492cda9ad7577fe18ec401eb4bdf1aa72804764fc84bce3743dad1Debian Linux Security Advisory 3635-1 - Two use-after-free vulnerabilities were discovered in DBD::mysql, a Perl DBI driver for the MySQL database server. A remote attacker can take advantage of these flaws to cause a denial-of-service against an application using DBD::mysql (application crash), or potentially to execute arbitrary code with the privileges of the user running the application.
4cc23f574ef6aa3358542080d68a419fe0c1ffc881e7106d9f7c28022dfb4863WebKit suffers from a memory corruption vulnerability in TypedArray.copyWithin.
a1a879392edefe9000a32a0b132faa9914f660c3f5583d951b4ba36dc59d1a5bKaspersky Safe Browser suffers from a man-in-the-middle vulnerability.
a69e867e6dee8c1addf7cdbb8600769155deaea15c494c95c4cc860666908b3eFotoware Fotoweb version 8.0 suffers from a cross site scripting vulnerability.
717d348863562a3aa670199e488c82077b04fa3638d2791f2a6ab5651d0df5fcWebKit suffers from a memory corruption vulnerability in TypedArray.fill.
dd867b4d358aaa6e14a0d03112c063c2e4ef03e466614c2eb27dcbda6488c1efMicrosoft Wireless Desktop 2000 suffers from insufficient verification of data authenticity and mouse spoofing vulnerabilities.
bc89d14332c2b68a2ee9f6c37aaad16729c3eaea94ed00aa4a432e5198e87c01Perixx Computer PERIDUO-710W suffers from cryptographic issues and keystroke injection vulnerabilities.
8a417656e3f50e51e5bc8be30c76990235aac75b6972f2542d7dafd6526a1364Perixx Computer PERIDUO-710W suffers from insufficient protection of code (firmware) and data (cryptographic key).
38f937f8061cad43b21e684ff35b905293604b2bc0497e65235d623d04f62a1cPerixx Computer PERIDUO-710W suffers from cryptographic issues and replay attack vulnerabilities.
1a00902e3cc0b35718d10d3b1e91ac8b418d375cddc8f60c930a86c9a262dc22Logitech K520 keyboards suffer form cryptographic issues and insufficient protection against replay attacks.
02220b6a6fed68dae857d702f9529ab8a00d04c1577c2ca7f2ea7e090a2225d2Vicon Network Cameras suffer from an authentication bypass vulnerability.
fc41aa317247b90493da204941efdd185920d76d224fc4726d74f91720157513This Metasploit module exploits a remote command execution vulnerability in the Barracuda Web Application Firewall firmware versions 8.0.1.008 (2016-03-22) and below by exploiting a vulnerability in the web administration interface. By sending a specially crafted request it's possible to inject system commands while escalating to root do to relaxed sudo configuration on the local machine.
e629172103ae4ff6e305d3b64279d72809b63af1ee85c6af41c91df3db7d9d96CHERRY B.UNLIMITED AES version JD-0400EU-2/01 suffers from cryptographic issues and keystroke injection vulnerabilities.
8d783cf17d0aeb744bc415fcc3f5209b17a3b0f1fec084fd4a66af59968c352fThe Intel Crosswalk Project library for cross-platform mobile development did not properly handle SSL errors. This behavior could subject applications developed using this library to SSL MITM attacks.
12e89d3394051b3849153c0f41c7ede6bc49d185cecbd28616109dd2ff6c0934CHERRY B.UNLIMITED AES version JD-0400EU-2/01 suffers from insufficient protection of code (firmware) and data (cryptographic key).
f1ff00bde501a530edae9d601cb3986ee2e1274ad3e4408f7af68bf525e7d5f6ZMS CMS version 3.2 suffers from multiple client-side cross site scripting vulnerabilities.
d1689365750d4ba1f5228287f04268ec54eb4b81703581f9546445b0ab459a52This Metasploit module exploits a remote command execution vulnerability in the Barracuda Web App Firewall Firmware Version <= 8.0.1.008 and Load Balancer Firmware <= v5.4.0.004 by exploiting a vulnerability in the web administration interface. By sending a specially crafted request it's possible to inject system commands while escalating to root do to relaxed sudo configurations on the appliances.
ada1acb74888da1ee068093d1bfd8b3f3fa7cbe886c53bffebec80de7451a35eWordPress Ultimate Product Catalog plugin versions 3.9.8 and below suffer from a remote unauthenticated blind SQL injection vulnerability.
5bacab668e9242da4ccd6ac7578697bc74b3ca2afbaf088e2ffe1dba9f652000Linux ARM/ARM64 architectures suffer from an arbitrary memory read vulnerability in perf_event_open().
d93d6ea3ad561c8f7d1736c08ffd738028f0f1563210cd2723d3dd9167a9b0bcExponent CMS version 2.3.9 suffers from a cross site scripting vulnerability that allows for user account addition.
423cf5f16e0bc3e2b68f98c0ffbfb9ff0056a53477952e4c8a5336cbd334fcf1Zortam Media Studio version 20.60 suffers from a buffer overflow vulnerability.
60f4ac036146a9137d475523420c506dc7dcbe9ef06f4a36f384d1f5d5bb0db1Debian Linux Security Advisory 3633-1 - Multiple vulnerabilities have been discovered in the Xen hypervisor.
69e2b39b3913e68cc3897dadfc8422de8be200cf50452bcb270d6b48048d7d24Saveya suffers from a malicious script insertion vulnerability.
5551173a26e0ebd8d02b44aefec2da15f69c5fefb72772e0228d85ebfaa58bcc
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed