Proof of concept remote code execution exploit for Ivanti EPM versions prior to 2022 SU6 or the 2024 September update.
aae283a6cefb5b56bdc7a70bc3a56e323ee785291fa82aaf40d1ff35d8e2d1e0Proof of concept remote code execution exploit for GeoServer versions prior 2.23.6, 2.24.4, and 2.25.2.
89efe87af55cddb0baaa46de1bab5d58c270e280ff489d9b19f578e9bf29121eThe Mandos system allows computers to have encrypted root file systems and at the same time be capable of remote or unattended reboots. The computers run a small client program in the initial RAM disk environment which will communicate with a server over a network. All network communication is encrypted using TLS. The clients are identified by the server using an OpenPGP key that is unique to each client. The server sends the clients an encrypted password. The encrypted password is decrypted by the clients using the same OpenPGP key, and the password is then used to unlock the root file system.
63f47f1c490485524cd3ea6e610e16e4d175881a59f4e8a8ab58f1b216d150eeUbuntu Security Notice 7009-1 - Chenyuan Yang discovered that the CEC driver driver in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Chenyuan Yang discovered that the USB Gadget subsystem in the Linux kernel did not properly check for the device to be enabled before writing. A local attacker could possibly use this to cause a denial of service.
5b612a46c804c77ac14a7809a47fec0de9fff4a8a6439f91a0d5ad4c32a28058Ubuntu Security Notice 7005-2 - Chenyuan Yang discovered that the CEC driver driver in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that the JFS file system contained an out-of-bounds read vulnerability when printing xattr debug information. A local attacker could use this to cause a denial of service.
6722bd323d2134b55a3539166e919fdb46c6f0337a2763dd47aa0a93f5ff8e0fUbuntu Security Notice 7008-1 - Chenyuan Yang discovered that the CEC driver driver in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that the JFS file system contained an out-of-bounds read vulnerability when printing xattr debug information. A local attacker could use this to cause a denial of service.
4d06037efff1b22fc4a25ee26edfc4fbdfa3522a94c990b7f8761e4399d65123Ubuntu Security Notice 7007-1 - Chenyuan Yang discovered that the CEC driver driver in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Chenyuan Yang discovered that the USB Gadget subsystem in the Linux kernel did not properly check for the device to be enabled before writing. A local attacker could possibly use this to cause a denial of service.
75288876207886b7f55abdb86b7b5aacd443455c1c45a71b584458933c8c5632Ubuntu Security Notice 7003-3 - It was discovered that the JFS file system contained an out-of-bounds read vulnerability when printing xattr debug information. A local attacker could use this to cause a denial of service. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system.
67a8e70c37141ad551107083f7f1ccc236a35da5fef412d966bd74b44f5a1985Webpay E-Commerce version 1.0 suffers from a cross site scripting vulnerability.
269d533402c514d2fa7b9aa27f69033e41752dd8a0147a6db754ff6c0fc28addMen Salon Management System version 2.0 suffers from a php code injection vulnerability.
16f109978dab4dd654ee4cf808111eef9a65cfb018b4dd430500f6c941a7322cEmergency Ambulance Hiring Portal version 1.0 suffers from an ignored default credential vulnerability.
9d6c6678b135b65bbda25413c2e1c64964ee62d37717fa518ada55cae19e749cCar Washing Management System version 1.0 suffers from an ignored default credential vulnerability.
3c016fd9274336475f334ab07ed2940609eda0663a3e6076ce48b45acfe154d0Bus Pass Management System version 1.0 suffers from an ignored default credential vulnerability.
94ddc658a9d1db8843a49a609fff1b631cea4c20eebd8367f5852db5d0effe60BP Monitoring Management System version 1.0 suffers from an ignored default credential vulnerability.
a2b530b3e0a28bb00c704b528988d03e386681ffd62bb38b63be53c8ac992818Beauty Parlour and Saloon Management System version 1.1 suffers from an insecure cooking handling vulnerability.
4c0788f43b5ea94beac369a15563afe012375eb20121975b115510c93def998eAuto/Taxi Stand Management System version 1.0 suffers from a php code injection vulnerability.
1e0b4094b37e8533f3a72e374f0e297723b05a67a6a446f3a2c4f4ba0aa4bdb2Art Gallery Management System version 1.0 suffers from an ignored default credential vulnerability.
0f7f1aa9e4f981852ee373789274269e831db81cb9f4a1894cd07c39e52fa2b3Red Hat Security Advisory 2024-6657-03 - Migration Toolkit for Runtimes 1.2.7 release Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link in the References section.
e932c0dea6896c5ed879f397e371077a0ceb801385c9c43b5c563739774bcc0c
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed