This Metasploit module exploits an unauthenticated remote code execution vulnerability in Craft CMS versions 4.0.0-RC1 through 4.4.14.
09b5c0daee44baa94e38827531c7e5e3a16030ad3bd658700d439138930a1243Hospital Management System versions 4.0 and below suffer from cross site scripting, remote shell upload, and remote SQL injection vulnerabilities.
4c4cb4162e1a493a04ab18896d55ef8649d628f41d3426944382f8e72a0ea4f9GilaCMS versions 1.15.4 and below suffer from multiple remote SQL injection vulnerabilities.
73c5a34456c9dc83524cdea6fd790c6eac1c9f507a29917a6b2476535df6f2a6Gentoo Linux Security Advisory 202312-9 - Multiple vulnerabilities have been discovered in NASM, the worst of which could lead to arbitrary code execution. Versions greater than or equal to 2.16.01 are affected.
6c8abaff0e71ae8e95b4a8c44f57bcad513a93fc3d2495d0c5507fb13359884dGentoo Linux Security Advisory 202312-8 - A vulnerability has been found in LibRaw where a heap buffer overflow may lead to an application crash. Versions greater than or equal to 0.21.1-r1 are affected.
06e868d02c6df3bd10c1a22492d4d300885f803e0ee7c3135a6df46242f5ad36Gentoo Linux Security Advisory 202312-7 - Multiple vulnerabilities have been discovered in QtWebEngine, the worst of which could lead to remote code execution. Versions greater than or equal to 5.15.11_p20231120 are affected.
4ce37672fbc344b59f915cd65c49d81e0b681fcec017a4c4ce0cd3b0272f7493Gentoo Linux Security Advisory 202312-6 - Multiple vulnerabilities have been discovered in Exiv2, the worst of which can lead to remote code execution. Versions greater than or equal to 0.28.1 are affected.
f888940d72449dc879a248db24d5ec9cdaffc0d3c26b45ab9d9b623f5c707e27Gentoo Linux Security Advisory 202312-5 - Multiple vulnerabilities have been discovered in libssh, the worst of which could lead to remote code execution. Versions greater than or equal to 0.10.5 are affected.
afb44d6bcb45170dbbdafae00a799179936a89de10e52757ec95db57ded898b2Debian Linux Security Advisory 5586-1 - Several vulnerabilities have been discovered in OpenSSH, an implementation of the SSH protocol suite.
eb54a28b3d95ad19c4329f6295f24f93dcd4b5a934d6c9ce761901a356063b87Gentoo Linux Security Advisory 202312-4 - A vulnerability has been found in Arduino which bundled a vulnerable version of log4j. Versions greater than or equal to 1.8.19 are affected.
e4428c05137adffbade83bd759fdfe5d40fde795984ac72eea694343c5ca0031Debian Linux Security Advisory 5585-1 - An important security issue was discovered in Chromium, which could result in the execution of arbitrary code.
6bdc57ba62dca405ff912bfb253ff159c0424aaec22f42f0393fca58b622688aDebian Linux Security Advisory 5584-1 - It was reported that the BlueZ's HID profile implementation is not inline with the HID specification which mandates the use of Security Mode 4. The HID profile configuration option ClassicBondedOnly now defaults to "true" to make sure that input connections only come from bonded device connections.
c60c03d128a6806b3f8d0e7cf027c5d53155058c8e252594daf8af61d204802dDebian Linux Security Advisory 5583-1 - A buffer overflow was discovered in the AV1 video plugin for the GStreamer media framework, which may result in denial of service or potentially the execution of arbitrary code if a malformed media file is opened.
5dfda49306d8cfe3611973e08f1100d7a0e73e95687e4f98225625e819254d99Debian Linux Security Advisory 5582-1 - Multiple security issues were discovered in Thunderbird, which could result in denial of service, the execution of arbitrary code or spoofing of signed PGP/MIME and SMIME emails.
b3f70726ef2fae015527060cb4b5e5d13980592e40aae2e78d1c509408fdb9b4
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed