Packet Storm - Information Security Services, News, Files, Tools, Exploits, Advisories and Whitepapers
Updated: 3 hours 38 min ago
FTPShell Client version 5.24 PWD remote buffer overflow exploit.
WordPress MailChimp plugin version 4.0.l7 suffers from cross site request forgery and cross site scripting vulnerabilities.
Red Jasmin version 1.0 suffers from a remote SQL injection vulnerability.
SAP NetWeaver AS JAVA versions 7.1 through 7.5 suffer from a directory traversal vulnerability.
SAP NetWeaver AS ABAP version 7.4 suffers from a directory traversal vulnerability.
A specially crafted web-page can cause an integer underflow in Microsoft Edge. This causes CTextExtractor::GetBlockText to read data outside of the bounds of a memory block.
Palo Alto Networks PanOS suffers from a root_reboot local privilege escalation vulnerability.
Palo Alto Networks PanOS suffers from a root_trace local privilege escalation vulnerability.
A specially crafted web-page can cause the iertutil.dll module of Microsoft Internet Explorer 11 to free some memory while it still holds a reference to this memory. The module can be made to use this reference after the memory has been freed. Unlike many use-after-free bugs in MSIE, this issue, and apparently all code in this module, is not mitigated by MemGC. This issue appears to have been addressed in July 2016, as it failed to reproduce after the July security updates were installed.
Huawei Flybox B660 3G/4G router suffers from an authentication bypass vulnerability.
Habari CMS version 0.9.2 suffers from a cross site scripting vulnerability.
Teradata Studio Express version 15.12.00.00 suffers from a /tmp race condition.
Apple iOS version 1.0 suffers from multiple access permission vulnerabilities.
Teradata Virtual Machine Community Edition version 15.10 suffers from an insecure creation of files in /tmp that may lead to elevated code execution.
FUDforum version 3.0.6 suffers from a local file inclusion vulnerability.
Jaws version 1.1.1 suffers from object injection, open redirection, and cookie flag related vulnerabilities.
FUDforum version 3.0.6 suffers from cross site request forgery and cross site scripting vulnerabilities.
Lepton version 2.2.2 Stable suffers from a remote code execution vulnerability via a remote shell upload.
Lepton version 2.2.2 Stable suffers from password handling, insecure bruteforce protection, cross site request forgery, and open redirection vulnerabilities.
Lepton version 2.2.2 Stable suffers from remote SQL injection vulnerabilities.