A cross site scripting vulnerability has been discovered in the AIR5750 modem of the AirTies manufacturer. AirTies Air 5750 devices have XSS via the top.html productboardtype parameter.
aa072c06e33a6a98cbf6061b5cc299755e773a597416a05a3180fd2a6747fe2aA cross site scripting vulnerability has been discovered in the AIR5650 modem of the AirTies manufacturer. AirTies Air 5650 devices have XSS via the top.html productboardtype parameter.
ae7a47a646c5b766f6a8ea0193d0c6960a0a6d602b13fa5c6e2f3c29fc855026A cross site scripting vulnerability has been discovered in the AIR5342 modem of the AirTies manufacturer. AirTies Air 5750 devices have XSS via the top.html productboardtype parameter.
d928a068921536f6de4773d37161559e0b6365e4f407d217256e220e7918e9e2In Zoho ManageEngine AssetExplorer, a Stored XSS vulnerability was discovered in the 6.2.0 version via the /AssetDef.do ciName or assetName parameter.
8485fed583c4e65ccc4d672399a912ef264a318b1f96d650351ed0e1f33ec332In the 5.4.0 version of the Fork CMS software, HTML Injection and Stored XSS vulnerabilities were discovered via the /backend/ajax URI.
29da562924cd8cfdda35434de4b485eb1e9a4f10d6c156a8931e187fac6ed7c5A cross site scripting vulnerability has been discovered in the AIR5453 modem of the AirTies manufacturer. AirTies Air 5453 devices have XSS via the top.html productboardtype parameter.
393b737fd7a25508f9edc5e3efe749fa0960e81881445fc0f13a1bea40a28b3aA cross site scripting vulnerability has been discovered in the AIR5442 modem of the AirTies manufacturer. AirTies Air 5442 devices have XSS via the top.html productboardtype parameter.
636d1cfd7ed475f37b99be771d004787619c4fc93c05caa778fd1dab5870df15A cross site scripting vulnerability has been discovered in the AIR5443v2 modem of the AirTies manufacturer. AirTies Air 5443v2 devices have XSS via the top.html productboardtype parameter.
043e1c94267d9f9f0d5c8f26d15ced6582ef4a03c102d5c8a5c6b31931a32fe8A cross site scripting vulnerability has been discovered in the AIR5343v2 modem of the AirTies manufacturer. AirTies Air 5343v2 devices have XSS via the top.html productboardtype parameter.
498099c1f82d3b9fbc9fe0f0eeabba2302ada762200700cd38d0154b342e5ed8Dell EMC Unity requires an update to address an Incorrect File Permissions vulnerability with multiple files. This vulnerability may potentially be exploited by malicious local users to compromise the affected system. Dell EMC Unity Operating Environment (OE) versions 4.3.0.x and 4.3.1.x and Dell EMC UnityVSA Operating Environment (OE) versions 4.3.0.x and 4.3.1.x are affected.
116d324fb76e3037193d2d9934e1d6a69f043d23dbda365eec2cf81b23d2b544Debian Linux Security Advisory 4306-1 - Multiple security issues were discovered in Python: ElementTree failed to initialize Expat's hash salt, two denial of service issues were found in difflib and poplib and the shutil module was affected by a command injection vulnerability.
604fe730fa592031cb2dd69abc6480e03447d486f7f09768b5d9c55234af836dUbuntu Security Notice 3719-3 - USN-3719-1 fixed vulnerabilities in Mutt. Unfortunately, the fixes were not correctly applied to the packaging for Mutt in Ubuntu 16.04 LTS. This update corrects the oversight. It was discovered that Mutt incorrectly handled certain requests. An attacker could possibly use this to execute arbitrary code. Various other issues were also addressed.
91be266304502d5c04ac733dedab7d8f9bd9292cac8ae233e1edd20b79901b1aSeqrite End Point Security version 7.4 suffers from a weak file permission privilege escalation vulnerability.
338307d4c9e3a2614f93b604c77e4eeaa79b3ac9c2b8190f3b9d896115f06e2fSkype on Debian automatically installs apt configuration that adds Microsoft's apt repo to the system's package sources. That way, Microsoft (or anybody holding their repo's private key) can easily inject malicious packages via regular update and replace distro packages w/ their own manipulated ones.
1af0ce7e985b6e6fa65956ab99747246fc9ef0fec3fb8d2b6a3f4313086f54c4Intel Extreme Tuning Utility version 6.4.1.23 suffers from code execution, privilege escalation, and denial of service vulnerabilities.
8ee640f811b6221313c74122f57a246a37deeed23bca3a80d265d6c2180dfcdaRed Hat Security Advisory 2018-2835-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 60.2.1 ESR. Issues addressed include a crash.
80ff187b2df61c699663bb15ce53928b394f62572e3fb2cc571a9a9b5593d95bRed Hat Security Advisory 2018-2834-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 60.2.1 ESR. Issues addressed include a crash.
368165b65635e6cd55b2ff023acfe7a01b41cbdac7daee1974dc6d97fb5849dcRed Hat Security Advisory 2018-2822-01 - KVM is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm-rhev packages provide the user-space component for running virtual machines that use KVM in environments managed by Red Hat products. Issues addressed include a buffer overflow vulnerability.
611faf21c8abfde8e5056c1277af106b5c2ba1a9003bd65cb55301f689d0d12cAppArmor has an issue where filesystem blacklisting can be bypassed by moving parents.
b2024aa06da618d87af0a264562f40bcd8ebfa1535eb007f2251a6df21367000PCProtect 4 version 8.35 suffers from a weak file permission privilege escalation vulnerability.
1a3f9f98779877970807ab97138ae5d81df5de87bf4360b2b951f311a288ac81Rausoft ID.prove version 2.95 suffers from a remote SQL injection vulnerability.
e2528102866a52d493d80ef903b6833bfc2afec275eb5ddc60bc42bc4450abf4ManageEngine Desktop Central version 10.0.271 suffers from a cross site scripting vulnerability.
b98475c7c1086afe41c236113ea38e1a2b485100d865ef19d96b91e77c7aeec3iWay Data Quality Suite Web Console version 10.6.1.ga suffers from an XML external entity injection vulnerability.
cd2ba04d9848a473c28202f68204338199eb8e5285f94b0ea6d14d308671ad8bMicrosoft Edge suffers from a sandbox escape vulnerability.
53dae687e4a4409c81987ce450a88ac52d2a2a51eac4971e2a0712be2ba423d2Red Hat Security Advisory 2018-2826-01 - Mod_perl incorporates a Perl interpreter into the Apache web server, such that the Apache HTTP server can directly execute Perl code. Issues addressed include a code execution vulnerability.
ac9aa4c6261769c2d22dbde4257dfbf26f2c23a34a9237188e0837eec6dda572
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed