Home | Latest News | Popular News | Our Network | About | Contact
Latest Exploits | www.SecurityPhresh.com
Latest Exploits
Showing 'Latest Exploits' from 81 to 90
Joomla DJ Image Slider 3.2.3 Database Disclosure
28th Nov 2018 [11 days ago] from PacketStormSecurity
Joomla DJ Image Slider component version 3.2.3 suffers from a database disclosure vulnerability.
Joomla Fabrik 3.9 CSRF / LFI / Shell Upload
28th Nov 2018 [11 days ago] from PacketStormSecurity
Joomla Fabrik component version 3.9 suffers from cross site request forgery, local file inclusion, and remote shell upload vulnerabilities.
Unitrends Enterprise Backup Bpserverd Privilege Escalation
28th Nov 2018 [11 days ago] from PacketStormSecurity
It was discovered that the Unitrends bpserverd proprietary protocol, as exposed via xinetd, has an issue in which its authentication can be bypassed. A remote attacker could use this issue to execute arbitrary commands with root privilege...
WordPress SEO (Yoast SEO) 9.1 Race Condition / Command Execution
28th Nov 2018 [11 days ago] from PacketStormSecurity
WordPress SEO (Yoast SEO) plugin versions 9.1 and below suffer from a race condition that allows for command execution.
Cisco WebEx Meetings Privilege Escalation
28th Nov 2018 [11 days ago] from PacketStormSecurity
A vulnerability in the update service of Cisco Webex Meetings Desktop App for Windows could allow a local attacker to elevate privileges. This vulnerability is related to a previous security issue fixed by Cisco in October. Affected versions...
Avahi 0.7 Denial Of Service
28th Nov 2018 [11 days ago] from PacketStormSecurity
Avahi-daemon in Avahi version through 0.7 inadvertently sends Legacy Unicast Responses to IPv4 unicast queries with source addresses that are not link-local, which allows remote attackers to cause a denial of service (traffic amplification)...
BMC Remedy 7.1 User Impersonation
28th Nov 2018 [11 days ago] from PacketStormSecurity
An impersonation issue in BMC Remedy version 7.1 may lead to incorrect user context in Remedy AR System Server.
PHP Imap_open Remote Code Execution
28th Nov 2018 [11 days ago] from PacketStormSecurity
The imap_open function within PHP, if called without the /norsh flag, will attempt to preauthenticate an IMAP session. On Debian based systems, including Ubuntu, rsh is mapped to the ssh binary. Sshs ProxyCommand option can be passed from...
Linux Nested User Namespace Idmap Limit Local Privilege Escalation
28th Nov 2018 [11 days ago] from PacketStormSecurity
This Metasploit module exploits a vulnerability in Linux kernels 4.15.0 to 4.18.18, and 4.19.0 to 4.19.1, where broken uid/gid mappings between nested user namespaces and kernel uid/gid mappings allow elevation to root (CVE-2018-18955)....
Mac OS X Libxpc MITM Privilege Escalation
28th Nov 2018 [11 days ago] from PacketStormSecurity
This Metasploit module exploits a vulnerability in libxpc on macOS versions 10.13.3 and below. The task_set_special_port API allows callers to overwrite their bootstrap port, which is used to communicate with launchd. This port is inherited...
« Newer 4 5 6 7 8 9 10 11 12 13 Older »