SAPControl Web Service Interface (sapstartsrv) suffers from a privilege escalation vulnerability via a race condition.
5f21a47194e596c49a31455b6731ab60cd1e4e77d9094e16a002d5a7d296e114This Metasploit module exploits an OS command injection vulnerability in the PAN-OS management interface that allows authenticated administrators to execute arbitrary OS commands with root privileges. This issue impacts PAN-OS versions prior to 10.0.1, 9.1.4 and 9.0.10.
bd8da0b51bb49981c02de534b677f79ab91e97edd6c6f772d526bed01cfe7f69PacketFence is a network access control (NAC) system. It is actively maintained and has been deployed in numerous large-scale institutions. It can be used to effectively secure networks, from small to very large heterogeneous networks. PacketFence provides NAC-oriented features such as registration of new network devices, detection of abnormal network activities including from remote snort sensors, isolation of problematic devices, remediation through a captive portal, and registration-based and scheduled vulnerability scans.
58275977606c1d2971491560348e08abe448043ba4cbe4670612a9f7fd02bce0SAP SAProuter suffers from an improper access control vulnerability where permitting loopback traffic can lead to unexpected behavior.
91240243e7e61439bb89c02bbb4588f61e70077ca27fc537904e51613f2c8bd3Ubuntu Security Notice 5615-1 - It was discovered that SQLite incorrectly handled INTERSEC query processing. An attacker could use this issue to cause SQLite to crash, resulting in a denial of service, or possibly execute arbitrary code. It was discovered that SQLite incorrectly handled ALTER TABLE for views that have a nested FROM clause. An attacker could use this issue to cause SQLite to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue was only addressed in Ubuntu 20.04 LTS.
0a1703f5ce2199a67b12a051081405528c9c13c99cee6f6c919040b70488b5e2Ubuntu Security Notice 5614-1 - It was discovered that Wayland incorrectly handled reference counting certain objects. An attacker could use this issue to cause Wayland to crash, resulting in a denial of service, or possibly execute arbitrary code.
bb11f2b39f39d3efa6b1b372c101161078bd4937bfbf50baa0a65f2cf890229fSocial Share Buttons version 2.2.3 suffers from a remote SQL injection vulnerability.
edba387a26274cddcb2a94613095db446c2d09af44f88ad54797136ae0a59e31Rocket LMS version 1.6 suffers from a remote SQL injection vulnerability.
821ae94a2aa85e87e1c3dba2d4d30132a1eb29d3a4a4e465c8a74cbe3661d06fA use-after-free issue exists in Chrome 104 and earlier versions. Processing maliciously crafted web content may lead to arbitrary code execution in the browser process. LinkToTextMenuObserver holds a raw pointer to a RenderFrameHost object, but is not owned by the frame host and does not watch for frame host destruction events. Therefore, if an attacker manages to destroy the frame host right after the observer is created but before the timeout task posted in StartLinkGenerationRequestWithTimeout() is executed, use-after-free will occur.
071c2f32b441a15bf0f0c6db3397a3899a646938aeb7df15abb5fc345c9589e8
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed