Security
Headlines
HeadlinesLatestCVEs

Source

Packet Storm

WinterCMS 1.2.2 Cross Site Scripting

WinterCMS versions prior to 1.2.3 suffer from a persistent cross site scripting vulnerability.

Packet Storm
#xss#csrf#vulnerability#web#windows#google#linux#js#git#java#auth#firefox#ssl
Montage 1.0 Cross Site Scripting

Montage version 1.0 suffers from a persistent cross site scripting vulnerability.

Wedding Wonders 1.0 Cross Site Scripting

Wedding Wonders version 1.0 suffers from a persistent cross site scripting vulnerability.

Faraday 4.5.0

Faraday is a tool that introduces a new concept called IPE, or Integrated Penetration-Test Environment. It is a multiuser penetration test IDE designed for distribution, indexation and analysis of the generated data during the process of a security audit. The main purpose of Faraday is to re-use the available tools in the community to take advantage of them in a multiuser way.

Ubuntu Security Notice USN-6230-1

Ubuntu Security Notice 6230-1 - Alexander Lakhin discovered that PostgreSQL incorrectly handled certain CREATE privileges. An authenticated user could possibly use this issue to execute arbitrary code as the bootstrap supervisor.

Ubuntu Security Notice USN-6229-1

Ubuntu Security Notice 6229-1 - It was discovered that LibTIFF was not properly handling variables used to perform memory management operations when processing an image through tiffcrop, which could lead to a heap buffer overflow. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. It was discovered that LibTIFF was not properly processing numerical values when dealing with little-endian input data, which could lead to the execution of an invalid operation. An attacker could possibly use this issue to cause a denial of service

BloodBank 1.0 Cross Site Scripting

BloodBank version 1.0 suffers from a cross site scripting vulnerability.

Blogator 0.93 Cross Site Scripting

Blogator version 0.93 suffers from a cross site scripting vulnerability.

Bigware Shop 2.3 Cross Site Scripting

Bigware Shop version 2.3 suffers from a cross site scripting vulnerability.