Ubuntu Security Notice 3623-1 - It was discovered that ubuntu-release-upgrader did not correctly drop permissions before opening a browser to view the release notes. This update fixes the issue.
6f8b65e19fb96d10e827c0035b49b7c1f5143df10fe7479aa81f9f51b399cd98DELL EMC Avamar fails to restrict access to Configuration section that let Administrators set up Installation Manager configurations, or check for new packages from the Online Support site. An unauthenticated, remote attacker could add an Online Support Account for DELL EMC without any user interaction.
42f6942fd19142aaa2470d8266c6f9ada3b65f0227f43fd6c4a0fce736e249c1OCS Inventory NG ocsreports versions 2.4 and 2.3.1 suffer from remote SQL injection vulnerabilities.
e7fc54d755c00801636a6217329e667a3c538290ff2ad25a1fe2d5f5a446d2f5OCS Inventory NG ocsreports version 2.4 suffers from a cross site scripting vulnerability.
927f922342cae04cf72a1791db35f1d83533db1be55191b9a64f59848621cba9Red Hat Security Advisory 2018-1055-01 - LibVNCServer is a C library that enables you to implement VNC server functionality into own programs. Issues addressed include improper input sanitization.
dda51983cd9a4884ff6dc8297409339b53e655b7d7b106cd9793f7621796d807Shazam on Android versions 8.3.1-180206 and below disclose potentially sensitive information to third party analytics.
7aaf8adbd9808cffa95f5a4202d80e89e9007773eb5a1b5f9c776ba84c92fe36WordPress File Upload plugin version 4.3.3 suffers from a persistent cross site scripting vulnerability.
5b72ac9f5dabad9812935c187696eeffc35654a5775eace7fe05cb99d643dbbeWordPress Activity Log plugin version 2.4.0 suffers from a persistent cross site scripting vulnerability.
2660696296883cc6fbd399035e25af5af0c6c60db815f14393c255b75ba9861eWooCommerce CSV-Importer-Plugin version 3.3.6 suffers from a remote code execution vulnerability.
d68633cf764d40473408108bf32cf7fbc472d85ba3b787c1f4f02fff51fbf8b4DVD X Player Standard version 5.5.3.9 suffers from a buffer overflow vulnerability.
a553dbb0c356d8ba08ec93b96daa478625475df82c30c0b73b63fd061080f1cciScripts Easycreate version 3.2.1 suffers from a stored cross site scripting vulnerability.
af60ff72243a858d37d685f720bfbd5ef7994ed8a90aeced6869a461e78e66f1WordPress Google Drive plugin version 2.2 suffers from a remote code execution vulnerability.
6c7d9a04d6d706393e2ed8319de7a19028527c6a7e04be6abc6ada47a5a9aa37Debian Linux Security Advisory 4170-1 - Multiple vulnerabilities have been discovered in the PJSIP/PJProject multimedia communication which may result in denial of service during the processing of SIP and SDP messages and ioqueue keys.
b6c01dccc6aabdb9e54539841847eea5d0fcf05582b3ddb61dc4e386f1479f62Ubuntu Security Notice 3622-1 - It was discovered that the Wayland Xcursor support incorrectly handled certain files. An attacker could use these issues to cause Wayland to crash, resulting in a denial of service, or possibly execute arbitrary code.
704f973b015acf2993ea6a3936ef0327b2d900b1629af216a5a954248d89b18bGentoo Linux Security Advisory 201804-10 - Multiple vulnerabilities have been found in Zend Framework, the worst of which could allow attackers to remotely execute arbitrary commands. Versions less than or equal to 1.12.9 are affected.
49bd0928a66e9707e2184ac42e70b38b10becfccb984fb5c189e3fbf00076b93WordPress File Upload plugin version 4.3.2 suffers from a persistent cross site scripting vulnerability.
9dfa3ed54a632e24b7353289c7781d0852c438ad471eba15c01b3e0fd99c8719Script to perform basic XOR file encryption / decryption.
e53a5f633a233a7e6732ebfb0ed6886e0da3233f59dd01a67fee767426182fd6iScripts SonicBB version 1.0 suffers from a cross site scripting vulnerability.
5eb3869763f59d089cdf6b6b6104c02596ea14eac764d40d5aa8a2a70952f677
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed