Gentoo Linux Security Advisory 201805-12 - Multiple vulnerabilities have been found in NTP, the worst of which could lead to remote code execution. Versions less than 4.2.8_p11 are affected.
77259e372a957bcaf1ac3604bddef1b9
Gentoo Linux Security Advisory 201805-11 - A vulnerability has been found in Rootkit Hunter that allows a remote attacker to execute arbitrary code. Versions less than 1.4.6 are affected.
25dc1e1eb7f667dae828d298c41e6d84
Sharetronix CMS version 3.6.2 suffers from cross site scripting and cross site request forgery vulnerabilities.
0f553bdb3c7a079d92840e27630087ea
Ubuntu Security Notice 3660-1 - Multiple security issues were discovered in Thunderbird. If a user were tricked in to opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service via application crash, install lightweight themes without user interaction, or execute arbitrary code. An issue was discovered when processing message headers in Thunderbird. If a user were tricked in to opening a specially crafted message, an attacker could potentially exploit this to cause a denial of service via application hang. Various other issues were also addressed.
11fa09669977d60b25439b9cb7f6291a
Gentoo Linux Security Advisory 201805-10 - Multiple vulnerabilities have been found in Zsh, the worst of which could allow local attackers to execute arbitrary code. Versions less than 5.5 are affected.
54ba950c21714a4e2cb2d0c8b4983b27
EasyService Billing version 1.0 suffers from cross site request forgery, cross site scripting, and remote SQL injection vulnerabilities.
da7567ad85c691f1f5c557bfe9b3712b
Employee Work Schedule version 5.9 suffers from a remote SQL injection vulnerability.
0e487ba225e5e9ca82af08c96d357d81
Red Hat Security Advisory 2018-1726-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 52.8.0. Issues addressed include buffer overflow and use-after-free vulnerabilities.
af5881b3089abaaa69679e94452f5de1
easyLetters version 1.0 suffers from a remote SQL injection vulnerability.
ae48f7315baee15c1bda23fde5295516
Red Hat Security Advisory 2018-1725-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 52.8.0. Issues addressed include buffer overflow and use-after-free vulnerabilities.
c700c004277e21f6a06fc8974f1d766c
Red Hat Security Advisory 2018-1724-01 - IBM Java SE version 7 Release 1 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IBM Java SE 7 to version 7R1 SR4-FP25. Issues addressed include a deserialization vulnerability.
cddcbd7f7bbacef798aed07c26754dcc
mySurvey version 1.0 suffers from a remote SQL injection vulnerability.
83eb8766d9dd3803a926c6e401f1a76d
Ajax Full Featured Calendar version 2.0 suffers from a remote SQL injection vulnerability.
75b279d2e0d3be7ee8c19f76d7bc94e5
Red Hat Security Advisory 2018-1723-01 - IBM Java SE version 7 Release 1 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IBM Java SE 7 to version 7R1 SR4-FP25. Issues addressed include a deserialization vulnerability.
49ce14a8122aa4132d279a4b515ebe7e
Red Hat Security Advisory 2018-1722-01 - IBM Java SE version 8 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IBM Java SE 8 to version 8 SR5-FP15. Issues addressed include a deserialization vulnerability.
0e9825466889a5290e54c98ed4fb9514
Red Hat Security Advisory 2018-1721-01 - IBM Java SE version 8 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IBM Java SE 8 to version 8 SR5-FP15. Issues addressed include deserialization vulnerabilities.
c1bc0e1e2dce9bb64085c20e861e6b93
This whitepaper explains deserialization vulnerabilities in Java, Python, PHP, and Ruby.
003eecb39455d3d75ab4d3f37d2cb166