EMC VPLEX GeoSynchrony versions 4.0 through 5.2.1 suffer from path traversal, timeout validity, session fixation, and various other vulnerabilities.
865ebcefce882874598ff43ecc2a95087b307183385a9a725bb5ad0baf892e95Lynis is an auditing tool for Unix (specialists). It scans the system and available software to detect security issues. Beside security related information it will also scan for general system information, installed packages and configuration mistakes. This software aims in assisting automated auditing, software patch management, vulnerability and malware scanning of Unix based systems.
f219bc254464ef8993fb659f9292a4727fd23f7a0e3d6eb13f379ebdd70464f4RedTeam Pentesting discovered a cross site scripting vulnerability in rexx Recruitment's user registration page during a penetration test. If attackers can persuade users to click on a prepared link or redirected them to such a link from an attacker-controlled website, they are able to run arbitrary JavaScript code in the context of the rexx Recruitment installation's domain.
2b99dd93bd3ef7fa35d56eedd30ce42a17be27a43d0080a86eaa47f243c72d0bUbuntu Security Notice 2157-1 - This updates ClamAV to a new major version in order to gain new detection technologies and maintain proper compatibility with the virus signature database.
e939e10d723485fa7d87d05fd414e3c150f24977ecd1d8c5f7f892a15c5d3e57ePhone Disk version 1.0.2 for iOS suffers from denial of service, command injection, and local file inclusion vulnerabilities.
876448f07c5c05553462fd3177290aada26c9cd5919baeae2680fd062cfff2f7Gentoo Linux Security Advisory 201403-8 - PlRPC uses Storable which allows for code execution prior to Authentication. Versions less than 0.202.0-r2 are affected.
543d28c7468a493b70182a4dead709907d9e78d7845ca1422846ad3dfd04faceEasy FileManager version 1.1 for iOS suffers from local file inclusion and remote shell upload vulnerabilities.
4b5d69b0cae3c7cd9e89f17f629e2e25283338e269c0c4155401deba8739d35bJoomla Kunena component version 3.0.4 suffers from a cross site scripting vulnerability.
5824c2fb1d088d434657130d4759d89055357306437bfbb01644799d4d520267My Photo Wifi Share & PS 1.1 for iOS suffers from a local command injection vulnerability.
e53e7d5c9f0ee9f794d19da2f54e4d471361b0256775259c8d71dc2f551e08dfNCC Group Research Director Andy Davis presented 'USB Attacks Need Physical Access Right? Not Any More...' at this year's BlackHat Asia in Singapore. Due to recent advances in a number of remoting technologies, USB attacks can now be launched over a network. The talk went into detail about how these technologies work, the resulting impact on the world of USB bugs and included a live demo remotely triggering a USB kernel bug in Windows 2012 server.
6b69c9ca16bc7b4b25c8eaf51bdad117771585a02daec7c27db6c045043dfa9cLazybone Studios WiFi Music 1.0 for iOS suffers from local file inclusion and remote shell upload vulnerabilities.
11ad45715114d7c206751facff6d0a7e57d0ce6d720031cf785b958467b939edDell SonicWall EMail Security Appliance version 7.4.5 suffers from persistent cross site scripting vulnerabilities.
0cfbd724c69d47de7c17ff8278ec80b9408046b5efab05889637c9e367bece9dGummy Bear Studios FTP Drive + HTTP Server version 1.0.4 for iOS suffers from a code execution vulnerability.
b239f066427e1022589e0ecbdd1ac1858155184f9aae8a056e457651de06e2ebMonoprice.com suffers from a shopping cart enumeration and arbitrary modification vulnerability.
7b9f5cdc8364d0860d1cf8260917384a3a43ecb7c6e7ba1fc99e01b8224f6e12LinEx suffers from a remote password reset vulnerability.
569bcb618840b33281332aff7f027c187d8587d4ff30e0e14d3c71181a5ecbc3
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed