Red Hat Security Advisory 2022-0520-01 - Red Hat Data Grid is an in-memory, distributed, NoSQL datastore solution. It increases application response times and allows for dramatically improving performance while providing availability, reliability, and elastic scale. Data Grid 8.3.0 replaces Data Grid 8.2.3 and includes bug fixes and enhancements. Issues addressed include HTTP request smuggling, code execution, denial of service, and deserialization vulnerabilities.
851e7d90129974b5aef9a1685ad0e47b2b5241fbd8c1cb7d5f745cf0ca63a06bUbuntu Security Notice 5284-1 - Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, bypass security restrictions, obtain sensitive information, or execute arbitrary code. It was discovered that extensions of a particular type could auto-update themselves and bypass the prompt that requests permissions. If a user were tricked into installing a specially crafted extension, an attacker could potentially exploit this to bypass security restrictions.
d7fd2247717631be4147210e0cf211ef14bf116df25a6272b18eba23465edabdThis Metasploit module exploits a path traversal issue in Nagios XI before version 5.8.5. The path traversal allows a remote and authenticated administrator to upload a PHP web shell and execute code as www-data. The module achieves this by creating an autodiscovery job with an id field containing a path traversal to a writable and remotely accessible directory, and custom_ports field containing the web shell. A cron file will be created using the chosen path and file name, and the web shell is embedded in the file. After the web shell has been written to the victim, this module will then use the web shell to establish a Meterpreter session or a reverse shell. By default, the web shell is deleted by the module, and the autodiscovery job is removed as well.
056c02dbc5e575c5155e8c34f4766dcc9830256d1bc589d898d599d7f0e9dc4dH3C SSL VPN suffers from a username enumeration vulnerability during the login sequence.
dfee4cf29211a5243ad88690480fda707d2c3e7a7d71e2ad687f07a80c49882eRed Hat Security Advisory 2022-0514-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 91.6.0 ESR. Issues addressed include a bypass vulnerability.
bfee63368d86f38cdb7027ecbc936ab76558404aa981af9cc9da651f3eeba8abRed Hat Security Advisory 2022-0513-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 91.6.0 ESR. Issues addressed include a bypass vulnerability.
781070b741a4ecdcb634e687ce9bad7641aece2ad8039d83b4775668466b7993Simple Bakery Shop Management System version 1.0 suffers from a remote SQL injection vulnerability.
5749606b95b21841d0505918ca9de1baca438dc4a47f924470d69614792d3669Red Hat Security Advisory 2022-0511-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 91.6.0 ESR. Issues addressed include a bypass vulnerability.
b0508e0bab4bc89e2b45730aed201f99d13c61d4b233000730280ee49f121fc7Slurp version 1.10.2 suffers from a format string vulnerability.
0c96e9b13a77d9304d469e6855e18fd2f688754dea358bb1daaa7eaaa9212d4fRed Hat Security Advisory 2022-0510-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 91.6.0 ESR. Issues addressed include a bypass vulnerability.
1cfcf89b9152d198bfb32b57d9dbdcb99020ec4ae7f0fd8858637501a68f5ec5Red Hat Security Advisory 2022-0512-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 91.6.0 ESR. Issues addressed include a bypass vulnerability.
38f8821e4cf2dfc48036d74b50c49e4ce55415a1c35817e3a40afb1a6c91e809WordPress International SMS for Contact Form 7 Integration plugin version 1.2 suffers from a cross site request forgery vulnerability.
b50975f0704d7bf70b7511e322377ed3d6f8b2eb3ac192570c38870e35ced098
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed