Red Hat Security Advisory 2018-0275-01 - The jboss-ec2-eap packages provide scripts for Red Hat JBoss Enterprise Application Platform running on the Amazon Web Services Elastic Compute Cloud. With this update, the jboss-ec2-eap package has been updated to ensure compatibility with Red Hat JBoss Enterprise Application Platform 6.4.19. Security Fix: It was found that when Artemis and HornetQ are configured with UDP discovery and JGroups discovery a huge byte array is created when receiving an unexpected multicast message. This may result in a heap memory exhaustion, full GC, or OutOfMemoryError.
704cde8578542bd6c80bc0bf2f1990b2Student Profile Management System Script version 2.0.6 suffers from a remote SQL injection vulnerability that allows for authentication bypass.
332e0b050d04f559fbaa98c95175c35aJoomla! jLike component version 1.0 suffers from an information leak vulnerability.
1daea42e8a4802fdc0e94cebeee33480Matrimonial Website Script version 2.1.6 suffers from a remote SQL injection vulnerability.
4aa70d56717943403f434f5ff148bc57Online Voting System suffers from an authentication bypass vulnerability.
96768320438db2bc12f82ff2cd29b070Wonder CMS version 2.3.1 suffers from a host header injection vulnerability.
c9c26c533f1dc04d32915285ad6639b9NixCMS version 1.0 suffers from a remote SQL injection vulnerability.
0cd0a526b16561e3567bfcc7e6e41a41Ubuntu Security Notice 3557-1 - Mathias Fischer discovered that Squid incorrectly handled certain long strings in headers. A malicious remote server could possibly cause Squid to crash, resulting in a denial of service. This issue was only addressed in Ubuntu 16.04 LTS. William Lima discovered that Squid incorrectly handled XML parsing when processing Edge Side Includes. A malicious remote server could possibly cause Squid to crash, resulting in a denial of service. This issue was only addressed in Ubuntu 16.04 LTS. Various other issues were also addressed.
25c1bdc970b03d48bda07647da4cf61cRed Hat Security Advisory 2018-0273-01 - Red Hat Satellite is a system management solution that allows organizations to configure and maintain their systems without the necessity to provide public Internet access to their servers or other client systems. It performs provisioning and configuration management of predefined standard operating environments. Twisted is an event-based framework for internet applications. Twisted Web is a complete web server, aimed at hosting web applications using Twisted and Python, but fully able to serve static pages too. Multiple security issues have been addressed.
049337486b2638f35b5bbf37deb9cdffBOCHS version 2.6-5 suffers from a local buffer overflow vulnerability.
ef2db4986d49397d9379bd42918b2da5Red Hat Security Advisory 2018-0270-01 - Red Hat JBoss Enterprise Application Platform is a platform for Java applications based on the JBoss Application Server. This release of Red Hat JBoss Enterprise Application Platform 6.4.19 serves as a replacement for Red Hat JBoss Enterprise Application Platform 6.4.18, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Security Fix: It was found that when Artemis and HornetQ are configured with UDP discovery and JGroups discovery a huge byte array is created when receiving an unexpected multicast message. This may result in a heap memory exhaustion, full GC, or OutOfMemoryError.
31f6cc1b55cfd784cd0fd8bb72d82b05Red Hat Security Advisory 2018-0271-01 - Red Hat JBoss Enterprise Application Platform is a platform for Java applications based on the JBoss Application Server. This release of Red Hat JBoss Enterprise Application Platform 6.4.19 serves as a replacement for Red Hat JBoss Enterprise Application Platform 6.4.18, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Security Fix: It was found that when Artemis and HornetQ are configured with UDP discovery and JGroups discovery a huge byte array is created when receiving an unexpected multicast message. This may result in a heap memory exhaustion, full GC, or OutOfMemoryError.
a7e8d0a59c2b3f56e1c26bd9489d974cWonder CMS version 2.3.1 suffers from an unrestricted file upload vulnerability.
8d2b27458a39cb4be078a61a6a808cf9Red Hat Security Advisory 2018-0268-01 - Red Hat JBoss Enterprise Application Platform is a platform for Java applications based on the JBoss Application Server. This release of Red Hat JBoss Enterprise Application Platform 6.4.19 serves as a replacement for Red Hat JBoss Enterprise Application Platform 6.4.18, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Security Fix: It was found that when Artemis and HornetQ are configured with UDP discovery and JGroups discovery a huge byte array is created when receiving an unexpected multicast message. This may result in a heap memory exhaustion, full GC, or OutOfMemoryError.
1864c745e9cd4fb315956c0fd65f0a23WordPress Core suffers from a load-scripts.php denial of service vulnerability.
7fb9f333287d6bceb67916a30184fc61Red Hat Security Advisory 2018-0269-01 - Red Hat JBoss Enterprise Application Platform is a platform for Java applications based on the JBoss Application Server. This release of Red Hat JBoss Enterprise Application Platform 6.4.19 serves as a replacement for Red Hat JBoss Enterprise Application Platform 6.4.18, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Security Fix: It was found that when Artemis and HornetQ are configured with UDP discovery and JGroups discovery a huge byte array is created when receiving an unexpected multicast message. This may result in a heap memory exhaustion, full GC, or OutOfMemoryError.
0dd13483ae719167f8b059c499e84155
© 2018 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed