WOOF WooCommerce Products Filter from PluginUs.Net version 1.1.9 suffers from shortcode execution and local file inclusion vulnerabilities.
db9202a8da5aa2909e34f4403c0a9c986c396b3e680d0d4711f5f12c4360f0a0Ubuntu Security Notice 3596-1 - Multiple security issues were discovered in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service via application crash or opening new tabs, escape the sandbox, bypass same-origin restrictions, obtain sensitive information, confuse the user with misleading permission requests, or execute arbitrary code. Various other issues were also addressed.
7fbc7840a2c7212ddb76bc5bfc07a289e367f1f00153eaf6cc47a353ca7e2a80Debian Linux Security Advisory 4137-1 - Several vulnerabilities were discovered in Libvirt, a virtualisation abstraction library.
2e28cb54079712a1c15c0369a23af4ed15a476264ecf631fe44b7482bc005d57Debian Linux Security Advisory 4136-1 - Multiple vulnerabilities were discovered in cURL, an URL transfer library.
047b3e52e057d0a2753657681025942a2baaf7fa252b08dbeaa19c405010db20Secunia Research has discovered multiple vulnerabilities in LibRaw, which can be exploited by malicious people to cause a DoS (Denial of Service). LibRaw versions prior to 0.18.8 are affected.
b5c03c6b07fb1998c8c86a816369959648583565dcf35f7ecdbee8c37dd0fc3cSAP NetWeaver AS JAVA CRM log injection remote command execution exploit.
3e099354c4a0cc48ef5abaf2930e91c0e1bb6616e3ff003040ac00c3e5138384On a Samba 4 AD DC any authenticated user can change other users' passwords over LDAP, including the passwords of administrative users and service accounts.
78cfd2ac47806aa2bbd492960129da59d4d087d0428c2be85a7021f0d8d2b335FreeBSD Security Advisory - A number of issues relating to speculative execution were found last year and publicly announced January 3rd. Two of these, known as Meltdown and Spectre V2, are addressed here.
64e40208fb8f828b69a524f8d55fae8ef0a49e50ff59ebe4b5a0f73e1dd0d4dbSlackware Security Advisory - New mozilla-firefox packages are available for Slackware 14.2 and -current to fix security issues.
d4f461fcd72851e484f97a4402ab693924cffeae5cfea84d374a33f88c70b31aSlackware Security Advisory - New samba packages are available for Slackware 14.0, 14.1, 14.2, and -current to fix security a issue.
aed5629296e3d11294572e212dcbfac1a6e2c5636752a477a01c8dbbef276233Gentoo Linux Security Advisory 201803-5 - Multiple vulnerabilities have been found in Chromium and Google Chrome, the worst of which could result in the execution of arbitrary code. Versions less than 65.0.3325.146 are affected.
b07d4188a3e47e5034d219c4c4e17285d3461739a6f4ce0605b371ecff6c3256Red Hat Security Advisory 2018-0512-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Injection and bounds checking bypass issues were addressed.
1d18c9249ed20f5dd991a1c280d8013ed634bbfd0ad41c3c980e282888adf5f2This Metasploit module exploits command injection vulnerability in the ManageEngine Application Manager product. An unauthenticated user can execute a operating system command under the context of privileged user. Publicly accessible testCredential.do endpoint takes multiple user inputs and validates supplied credentials by accessing given system. This endpoint calls a several internal classes and then executes powershell script without validating user supplied parameter when the given system is OfficeSharePointServer.
d4f871c5887f7ee0122aef5bca04d405628413f3c4bf84245c1d860683f61f1fRed Hat Security Advisory 2018-0515-01 - 389 Directory Server is an LDAP version 3 compliant server. The base packages include the Lightweight Directory Access Protocol server and command-line utilities for server administration. Denial of service and authentication bypass vulnerabilities have been addressed.
63f57e12d1ff6e6de3caf8c2bbeab7c6f4e7a8c198e6a649dcc661d86b579252
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed