Clam AntiVirus is an anti-virus toolkit for Unix. The main purpose of this software is the integration with mail servers (attachment scanning). The package provides a flexible and scalable multi-threaded daemon, a command-line scanner, and a tool for automatic updating via Internet. The programs are based on a shared library distributed with the Clam AntiVirus package, which you can use in your own software.
fa368fa9b2f57638696150c7d108b06dec284e8d8e3b8e702c784947c01fb806sqlmap is an open source command-line automatic SQL injection tool. Its goal is to detect and take advantage of SQL injection vulnerabilities in web applications. Once it detects one or more SQL injections on the target host, the user can choose among a variety of options to perform an extensive back-end database management system fingerprint, retrieve DBMS session user and database, enumerate users, password hashes, privileges, databases, dump entire or user's specified DBMS tables/columns, run his own SQL statement, read or write either text or binary files on the file system, execute arbitrary commands on the operating system, establish an out-of-band stateful connection between the attacker box and the database server via Metasploit payload stager, database stored procedure buffer overflow exploitation or SMB relay attack and more.
7ea4684e01956e411960a5fd8a6d5b74b3f5972c2a3c6553fbd1e729819190ffLeica Geosystems GR10/GR25/GR30/GR50 GNSS version 4.30.063 suffers from a stored cross site scripting vulnerability. The issue is triggered via unrestricted file upload while restoring a config file allowing the attacker to upload an html or javascript file that will be stored in /settings/poc.html. This can be exploited to execute arbitrary HTML or JS code in a user's browser session in context of an affected site.
598a926881c6e97836d593dedf16d012bf56f7039da38ead2df70ca196aa5cdfLeica Geosystems GR10/GR25/GR30/GR50 GNSS version 4.30.063 suffers from a cross site request forgery vulnerability.
b07daa3fb3a1153f65a2920ef09dec167a5e3b96ec6e718666d10d63d01b3a9acryptmount is a utility for creating and managing secure filing systems on GNU/Linux systems. After initial setup, it allows any user to mount or unmount filesystems on demand, solely by providing the decryption password, with any system devices needed to access the filing system being configured automatically. A wide variety of encryption schemes (provided by the kernel dm-crypt system and the libgcrypt library) can be used to protect both the filesystem and the access key. The protected filing systems can reside in either ordinary files or disk partitions. The package also supports encrypted swap partitions, and automatic configuration on system boot-up.
c531aa2286bbd194b71f103fb411c4821083317c0d1f2b700382328a57e99631Botan is a C++ library of cryptographic algorithms, including AES, DES, SHA-1, RSA, DSA, Diffie-Hellman, and many others. It also supports X.509 certificates and CRLs, and PKCS #10 certificate requests, and has a high level filter/pipe message processing system. The library is easily portable to most systems and compilers, and includes a substantial tutorial and API reference. This is the current stable release.
305564352334dd63ae63db039077d96ae52dfa57a3248871081719b6a9f2d119The Quick Setup component of RSA Authentication Manager versions prior to 8.4 is vulnerable to a relative path traversal vulnerability. A local attacker could potentially provide an administrator with a crafted license that if used during the quick setup deployment of the initial RSA Authentication Manager system, could allow the attacker unauthorized access to that system.
31eb5b4af089eeb2959522b4f783e63cd01a93916d91d8b697f658e3ada5eb0eAjera Timesheets versions 9.10.16 and below suffer from a vulnerability where it performs deserialization of untrusted data.
d924cc5c9d6afb43a5b35465af9212eb3910f76d71f147d9517eabf50904532fOx App Suite versions 7.8.4 and 7.8.3 suffer from cross site scripting, cross site request forgery, and information disclosure vulnerabilities.
ffdbe5e04f303db5e8ad0da091038bf8976a3f72b1e572115af58f427a4f8073Roxy Fileman version 1.4.5 suffers from remote file upload and directory traversal vulnerabilities.
436a9168298baf58a80c80d0a413d1d2bdbfe4677344354fc6cbe13a1e776811Red Hat Security Advisory 2019-0031-01 - In accordance with the Red Hat Enterprise Linux Errata Support Policy, Telco Update Service for Red Hat Enterprise Linux 6.6 was retired as of December 31, 2018, and active support will no longer be provided. Accordingly, Red Hat will no longer provide updated packages, including Critical Impact security patches or Urgent Priority bug fixes, for Red Hat Enterprise Linux 6.6 TUS after December 31, 2018.
d0af511c2b6a9f8f6a107f1cdb93670c829d5d18dd0d35c745ccc119543a9cbbKioWare Server version 4.9.6 suffers from a weak folder privilege escalation vulnerability.
286035ee9c12f7dd3c63a25e44ac396f5c837d44c2d2623db507aa97a512b042Huawei E5330 version 21.210.09.00.158 suffers from a cross site request forgery vulnerability.
12dd7814c4179b0cffb630e3ef8d2a2c67b7b22852ce245228d07fb24fae998fTWiki version 6.0.2 suffers from a cross site scripting vulnerability.
12344c33a0d166986f451979a17987cea192019740523cd407fca283dac30befThe BMC Network Automation allows authenticated users to hijack established remote sessions of other users, version v8.7.00.000 b383 u038 was confirmed to be vulnerable.
3d15c4f8be6b2d9910c5af59812a7ff1dc6e9e70f54d19034887282552279829MyT Project Management version 1.5.1 suffers from a remote SQL injection vulnerability.
aae916d20d56ea35cbcbd162ecf9b836d478d80d4f4ee7d7dd6736f365974a34WordPress UserPro plugin versions prior to 4.9.21 suffers from a user registration privilege escalation vulnerability.
e76fa90e552e7d8417464f032c86740eb2c72df2dce8fbd905761334dde7363eBMC Remedy and ITAM versions 7.1.00 and 9.1.02.003 suffer from multiple information disclosure vulnerabilities.
f91d23df9bc0097fffb3bf5213fe0b8005c3a4f47d501ca62b6106eeb36a9b3aphpMoAdmin version 1.1.5 suffers from cross site request forgery and cross site scripting vulnerabilities.
df47de4cf8d4c2091cfded5f469ec3562e0ef87756bc225a2a6a2d2db28a863bPLC Wireless Router GPN2.4P21-C-CN suffers from a cross site scripting vulnerability.
5e3eed3cc7dfe6238943eee06b1720ec305db26a66af6da527d133a5f6ff42fbBase Soundtouch iOS application version 18.1.4 suffers from a cross site scripting vulnerability.
67c8211022b176ba9ad191b333fa8db82dec6bea662fcf9aeb2fdd2a726d151cWebgalamb suffers from remote code execution, cross site request forgery, cross site scripting, information leakage, and remote SQL injection vulnerabilities.
6bc4ddc8420dcf22ab8b493f25ff520b6a53308cbe2a85df38161cbebee9fd5eMyBB OUGC Awards plugin version 1.8.3 suffers from a cross site scripting vulnerability.
5162cdbc77bd00aa82e750e0197825914dadbca8e782cb89234062fac275c701Samhain is a file system integrity checker that can be used as a client/server application for centralized monitoring of networked hosts. Databases and configuration files can be stored on the server. Databases, logs, and config files can be signed for tamper resistance. In addition to forwarding reports to the log server via authenticated TCP/IP connections, several other logging facilities (e-mail, console, and syslog) are available. Tested on Linux, AIX, HP-UX, Unixware, Sun and Solaris.
a976ba1672ed31d759268ad18b1bc8be3bcfb4c266653d0eb964c2b792004b73
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed