SmarterTools SmarterTrack 7922 suffers from an information disclosure vulnerability.
564c797e38fa833974261ede68689cfae36db29795b123007e157526bbfc8f56Zeek is a powerful network analysis framework that is much different from the typical IDS you may know. While focusing on network security monitoring, Zeek provides a comprehensive platform for more general network traffic analysis as well. Well grounded in more than 15 years of research, Zeek has successfully bridged the traditional gap between academia and operations since its inception. Today, it is relied upon operationally in particular by many scientific environments for securing their cyber-infrastructure. Zeek's user community includes major universities, research labs, supercomputing centers, and open-science communities. This is the source code release.
d9991de344fa8ed8c92d130837309655dc9e22c4f5e53c141dce6deee5c0505cUbuntu Security Notice 5089-2 - USN-5089-1 updated ca-certificates. This update provides the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. The ca-certificates package contained a CA certificate that will expire on 2021-09-30 and will cause connectivity issues. This update removes the “DST Root CA X3” CA. Various other issues were also addressed.
6699ce47b07d1cd0ee48d5175e525e4af30c8e0ffb9499cf3c8888d15f971087Ubuntu Security Notice 5089-1 - The ca-certificates package contained a CA certificate that will expire on 2021-09-30 and will cause connectivity issues. This update removes the “DST Root CA X3” CA.
284f407d98d37fcac4344b7bcc6e6a8b44afc901dcb3271fdc32e1afa9c3d129WordPress 3DPrint Lite plugin version 1.9.1.4 suffers from a remote shell upload vulnerability.
72d286026efcf28235200cd59fbdc8cb4d2ac182d6a16c3fec3eceb85052778dPharmacy Point of Sale System version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.
8def95a1849d6f7b78b9b7244b3dd353e34b46912085bda4b229bc64f204de2eUbuntu Security Notice 5088-1 - It was discovered that EDK II incorrectly handled input validation in MdeModulePkg. A local user could possibly use this issue to cause EDK II to crash, resulting in a denial of service, obtain sensitive information or execute arbitrary code. Paul Kehrer discovered that OpenSSL used in EDK II incorrectly handled certain input lengths in EVP functions. An attacker could possibly use this issue to cause EDK II to crash, resulting in a denial of service. Various other issues were also addressed.
364506777cba9ac853135b7f75877b1504446feea3f08770e812fad58981b8b6Police Crime Record Management Project version 1.0 suffers from a remote SQL injection vulnerability.
ca2c34013469aa8d5570c71580b9ef5d22bb690f4ab3d85eefa1c617859fb283Redragon Gaming Mouse suffers from a denial of service vulnerability.
0c154cb7f30e1bd757b91b47d4741e4cbf763361b57a96d500d5562f6d92abc2WordPress Advanced Order Export For WooCommerce plugin version 3.1.7 suffers from a cross site scripting vulnerability.
f0630e08c1327131f4976c413261bcd8d258b32e58b44360fcbb40d96ecae5a6Ubuntu Security Notice 5087-1 - A large number of security issues were discovered in the WebKitGTK Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and arbitrary code execution.
9cc69084dd08afb757dc1fd685e2412d02f64ee88ec4166bda357cb3cb01effaWordPress Fitness Calculators plugin version 1.9.5 suffers from a cross site request forgery vulnerability.
d98f7bece9083eaddb26bd624c829967f736f30e927d68f33fefce05c524fcccBackdrop CMS version 1.20.0 suffers from cross site request forgery vulnerabilities that can assist an attacker in achieving command execution.
83f2c2540b4e545354939b0ed9b2d43a41e2854821c3ae85e8eb3277dbf64132Gurock Testrail version 7.2.0.3014 suffers from an improper access control vulnerability.
7bba00b51d41b2b65a23473a45e1f268fd17d33d0a245f0ae9d5ca532c688d3eChrome suffers from a HRTFDatabaseLoader::WaitForLoaderThreadCompletion data race condition.
cbbb7af067da8a18782b6edada6db9b1b563f5bccf566cd7d4b1fd025dae8f61Ubuntu Security Notice 5085-1 - It was discovered that SQL parse incorrectly handled certain regular expression. An attacker could possibly use this issue to cause a denial of service.
5fe7c3d7d05a36ab58f67129d65fc13380433a15c95ce07ca0061984054f5ed2Red Hat Security Advisory 2021-3638-01 - Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Issues addressed include denial of service, information leakage, out of bounds read, path sanitization, and use-after-free vulnerabilities.
2704f7d7f7834855254af3a08e31e1875339714538305d2b82dba5cf156dfce7Apple Security Advisory 2021-09-20-10 - iTunes 12.12 for Windows addresses code execution vulnerabilities.
08f2003d8951f0c201309a7f8087e5aeef94b339affd03af4ae0b1d73e36ee76Ubuntu Security Notice 5086-1 - Johan Almbladh discovered that the eBPF JIT implementation for IBM s390x systems in the Linux kernel miscompiled operations in some situations, allowing circumvention of the BPF verifier. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.
d2a74f8984e5fde4745aecedd98ea9dfb3d111cb733f58ed437bf13e0649d113OpenCats version 0.9.4-2 suffers from an XML external entity injection vulnerability.
0c41b4f8b44d8bbbada0f821ae499c79622fe446c1143134a57ed92d2b3a4164Apple Security Advisory 2021-09-20-9 - iTunes U 3.8.3 addresses a code execution vulnerability.
16919b5b479796f5c99801f855bd2c74a6a87624ed2f59e1b37210dd28c1f873E-Negosyo System version 1.0 suffers from a remote shell upload vulnerability.
d5ce3db7579101a4d8dc1ae965c1799655b8e02395c4450606eb36f1f430b2f4E-Negosyo System version 1.0 suffers from a remote time-based blind SQL injection vulnerability.
230aba72f8107f8555be48d76537b1f6c27a1b36b213bf98f58c7f7c6b9baf2cApple Security Advisory 2021-09-20-8 - Security Update 2021-005 Catalina addresses buffer overflow, bypass, code execution, denial of service, integer overflow, and out of bounds read vulnerabilities.
79bf45f74bddb8486f12ed4c29b3e71e76e1ff0dc36d435c9b6adc6c23122cc0e107 CMS version 2.3.0 authenticated remote shell upload exploit.
503caef30c7aa6c3437f98cfc0ba2025433c35ec41208ba247fce01ab84eb4a3
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed