Ubuntu Security Notice 4677-1 - David Cook discovered that p11-kit incorrectly handled certain memory operations. An attacker could use this issue to cause p11-kit to crash, resulting in a denial of service, or possibly execute arbitrary code.
7cdd2fb4df94ac94c2773c43856730bb74870535269257d9636adf519cee4cb3
This Metasploit module exploits an improper input sanitization in SpamTitan versions 7.01, 7.02, 7.03 and 7.07 to inject command directives into the SNMP configuration file and get remote code execution as root. Note that only version 7.03 needs authentication and no authentication is required for versions 7.01, 7.02 and 7.07.
cc011f3d97e6e780eac9a8ecaf045f486a51374234b82311aea352d9a57efef0
Node version 14.11.0 is vulnerable to a use-after-free bug in its TLS implementation.
1f513e648d5b8f3a7fbacd8992a272057c993baa2d4402fc73136e7984a51276
Ubuntu Security Notice 4676-1 - It was discovered that OpenEXR incorrectly handled certain malformed EXR image files. If a user were tricked into opening a crafted EXR image file, a remote attacker could cause a denial of service, or possibly execute arbitrary code.
1988feb5edea2e463ec15dc77d3dcd292ce3dc6744a2deff06da2ff799e10635
PLANEX CS-QP50F-ING2 security surveillance smart camera remote configuration disclosure exploit.
3726f2fc1651bd0eeed4b2842077106b9266fafd2395f49bfb65b2d0d32d68f0
Online Movie Streaming version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.
a0949187217a27e15ca4363c06a4c7b895ea92b903e40b9028799d0067528810
zyHell is a perl script that scans for the ZyXEL godmode backdoor account.
7b324658204795efdfa737a1dcc7189645442e801087b1adfb16a65ba9784029
Online Learning Management System 1.0 remote command execution exploit. Remote shell upload was already discovered in this version in October of 2020 by Jyotsna Adhana.
a1727471b39047398a8e3b77406ad2990468c0c143c7bed74bb24dffadb3baf0
Red Hat Security Advisory 2021-0024-01 - ImageMagick is an image display and manipulation tool for the X Window System that can read and write multiple image formats. Issues addressed include a code execution vulnerability.
54cf3d212c8904ce22d97eb9790716305372dd6204192d4a7d1b9cf5604d0cb4
WordPress WP-Paginate plugin version 2.1.3 suffers from a persistent cross site scripting vulnerability.
3e5a7700d8820decbb36099d03d8d861d4b9a580772e107b9e9e50a1d5822aa2
WordPress Stripe Payments plugin version 2.0.39 suffers from a persistent cross site scripting vulnerability.
dfe92e58a9306f92924dc28686e0dbb61305769ebf49747157b4f026ecf280f6
Klog Server version 2.4.1 suffers from a remote command injection vulnerability.
c4d49bbb6aa298ab790e96bc0bed872c2d9c52390ea9e2f22b668c5bb074580e
Ubuntu Security Notice 4675-1 - Pritam Singh discovered that OpenStack Horizon incorrectly validated certain parameters. An attacker could possibly use this issue to cause OpenStack Horizon to redirect to a malicious URL.
ff5ce8003f2e61e5233d4e6f3e0558bb7911837b0c1febff0441e908956334bd
Resumes Management and Job Application Website version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.
20e91fdc96738c8fb87124d69ec14adbf144bc99bcfef774386fefb62587c817
Responsive ELearning System version 1.0 suffers from a remote SQL injection vulnerability.
250300a91ed60f2e2b9d34d0bdf04cc6a4b79ecc8337ad4c69144b953a99f27a
Baby Care System version 1.0 suffers from a persistent cross site scripting vulnerability.
78873598cff4cc0d76cd22d17ae6e5c3ac48cc7362e7a2cc67c5a6b3694d8218
Red Hat Security Advisory 2021-0019-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include out of bounds write and use-after-free vulnerabilities.
4b70a080e6c7a9900e97aa333277cca0b89e0f48ace7e7ad9e951896bae1a07a
Responsive FileManager version 9.13.4 path traversal exploit. Original discovery of this finding is attributed to farisv in December of 2018.
e60dde7a6fb3e57f25bc60645a9e6b12692e86e856f5127f0306b5a233418882
Fluentd TD-agent plugin version 4.0.1 suffers from an insecure folder permission vulnerability.
32c1afd2e9cf2721e7982eeebbb999f4f3c5ef833c094b88b0085f3fa6fc4c8b
URLCrazy is a tool that can generate and test domain typos and variations to detect and perform typo squatting, URL hijacking, phishing, and corporate espionage. It generates 15 types of domain variants, knows over 8000 common misspellings, supports multiple keyboard layouts, can check if a typo is a valid domain, tests if domain typos are in use, and estimates the popularity of a typo.
abf6014c2578e1ae5a4c8e69728d1a8219ca02ec17fc8be82f354c8560d0f4a5
Ubuntu Security Notice 4674-2 - USN-4674-1 fixed a vulnerability in Dovecot. This update provides the corresponding update for Ubuntu 14.04 ESM. Innokentii Sennovskiy discovered that Dovecot incorrectly handled MIME parsing. A remote attacker could possibly use this issue to cause Dovecot to crash, resulting in a denial of service. Various other issues were also addressed.
e94c080f6b1bc1a3086714f53bcfea59c6d596accad785d27bbc52b1a533a04d
CSZ CMS version 1.2.9 suffers from multiple cross site scripting vulnerabilities.
79f1df60bfb3aadd09240d3b2f1db88b5dd5c450c8c2e5cd822fcbfb3e1d4cbb
EgavilanMedia User Registration and Login System with Admin Panel version 1.0 suffers from multiple persistent cross site scripting vulnerabilities. Original discovery of persistent cross site scripting in this version is attributed to Soushikta Chowdhury in December of 2020.
fe7e9842f5b2514b37c22746304bed97be526f4209d8d9285838688c7dfb9e35
Click2Magic version 1.1.5 suffers from a persistent cross site scripting vulnerability.
ef04d41901220d76865329a2feee9ed509dbc4650d77eccb93ace642975dd335
Intel Matrix Storage Event Monitor x86 version 8.0.0.1039 suffers from an IAANTMON unquoted service path vulnerability.
53a6ec5e6199676d3685d5babcf43c618caa8d1dbff3b3ae796deb36a20a2cab