Fiyo CMS version 2.0.2.1 suffers from multiple persistent cross site scripting vulnerabilities.
5732fdfc5011b9dc19c8c8eaf3c4b3828bf0fc3780fe9b88c196adbe676b6107
When accessing resources via the ServletContext methods getResource() getResourceAsStream() and getResourcePaths() the paths should be limited to the current web application. The validation was not correct and paths of the form "/.." were not rejected. Note that paths starting with "/../" were correctly rejected. Apache Tomcat versions 6.0.0 through 6.0.44, 7.0.0 through 7.0.64, and 8.0.0.RC1 through 8.0.26.
b1f753e54e5215e5b5e3807834777c09565ba6a20e0a2b3c9fb5433a181e671a
The index page of the Manager and Host Manager applications included a valid CSRF token when issuing a redirect as a result of an unauthenticated request to the root of the web application. This token could then be used by an attacker to construct a CSRF attack. Apache Tomcat versions 7.0.1 through 7.0.67, 8.0.0.RC1 through 8.0.31, and 9.0.0.M1 are affected.
cac499db9a90243eb7e3a3ae64996e75bfc026156676e4f5e2b513a78ec60214
The StatusManagerServlet could be loaded by a web application when a security manager was configured. This servlet would then provide the web application with a list of all deployed applications and a list of the HTTP request lines for all requests currently being processed. This could have exposed sensitive information from other web applications such as session IDs to the web application. Apache Tomcat versions 6.0.0 through 6.0.44, 7.0.0 through 7.0.67, 8.0.0.RC1 through 8.0.30, and 9.0.0.M1 are affected.
881ae95f3222d34f23b6f66acf5f6fe6bc505df9c7afff2901307b8b3b3a741f
Dell OpenManage Server Administrator version 8.2 suffers from an authenticated directory traversal vulnerability.
f79a0b4fd92e8976403bd4b3878b355070b977051c0ec9f4ffe8fe936a2be51d
When recycling the Request object to use for a new request, the requestedSessionSSL field was not recycled. This meant that a session ID provided in the next request to be processed using the recycled Request object could be used when it should not have been. This gave the client the ability to control the session ID. In theory, this could have been used as part of a session fixation attack but it would have been hard to achieve as the attacker would not have been able to force the victim to use the 'correct' Request object. It was also necessary for at least one web application to be configured to use the SSL session ID as the HTTP session ID. This is not a common configuration. Apache Tomcat versions 7.0.5 through 7.0.65, 8.0.0.RC1 through 8.0.30, and 9.0.0.M1 are affected.
f04a5470641204db89ec17e9b80c496ffce8bd8aae7f2efd4bc0229158a89b21
Apache Tomcat provides several session persistence mechanisms. The StandardManager persists session over a restart. The PersistentManager is able to persist sessions to files, a database or a custom Store. The Cluster implementation persists sessions to one or more additional nodes in the cluster. All of these mechanisms could be exploited to bypass a security manager. Session persistence is performed by Tomcat code with the permissions assigned to Tomcat internal code. By placing a carefully crafted object into a session, a malicious web application could trigger the execution of arbitrary code. Apache Tomcat versions 6.0.0 through 6.0.44, 7.0.0 through 7.0.67, 8.0.0.RC1 through 8.0.30, and 9.0.0.M1 are affected.
d8b973e72649ee49a60e92929010021e4dfc8736401a1288bdb928d8309d8597
ManageEngine Firewall Analyzer version 8.5 suffers from a remote SQL injection vulnerability.
203b6cdf8a8826ec7dc6dc08b58ffe98cd59dcd74b8ded9ec3ce4969545c2a02
PLANET IP surveillance camera model ICA-5350V suffers from authentication bypass, cross site request forgery, cross site scripting, arbitrary file read, hardcoded credential, and local file inclusion vulnerabilities.
9760b0ddcfb05af2b4f17976ad5b7b98e7d7ce2e5fee368b40236d57d5e5a7b7
SOLIDserver versions 5.0.4 and below suffer from a local file inclusion vulnerability.
01fe2fec29a6447d363278aed3981ba0efe470dabc0e35b81ca17d0daae55ab6
SamenBlog Weblog Service suffers from cross site request forgery and cross site scripting vulnerabilities.
68b5084457f76fb3532f45c3afce9726fa50bde054a8ae2bf5a8047cfa6d3a81
E-Cidade suffers from a path traversal vulnerability.
627a5e737562ff52b9fcd20e8d27159fb5a876854f062d1aa3897b98a610fd5a
Thru Managed File Transfer Portal version 9.0.2 suffers from an insecure direct object reference vulnerability in the contacts list functionality.
04bf2eec97770c7bbdcc28f9522714c4b0542d404957116ca9741cfcd118f04a
Thru Managed File Transfer Portal version 9.0.2 suffers from an insecure direct object reference vulnerability in the upload functionality.
f0fc879814ce1f79dd42f81a3bfde9648a14d4d21f9c544a934eff7660ae4c39
The Thru Managed File Transfer application version 9.0.2 allows both unauthenticated and authenticated users to upload files, including viruses.
178fc60f24aa280af3d976a9ac3ef913d89f1c7872bc906e522d80c60a97306b
Thru Managed File Transfer Portal version 9.0.2 suffers from an insecure direct object reference vulnerability that references log data.
2147fd1a7ff3b5ec34b6336e5ee66f68da4bfc155effb2b3a760db009af938d9
Avast versions 11.1.2245 and below suffer from a heap overflow bug in the Avast Virtualization kernel mode driver (aswSnx.sys).
2c796139cc9e2722f6b6c01834bdd5bbb89e28eec134eb6c447b41be2bb893a4
BlackBerry Enterprise Service 12 (BES12) Self-Service suffers from cross site scripting and remote SQL injection vulnerabilities.
bccb524b4e8c8a2a544b1ac425471a5dfdcadc43ccf9ad6bad80a14bece9af97
Drupal version 8.0.x-dev suffers from a cross site scripting vulnerability on IE8 and older versions.
6033651a038afbdd206da94672f053201eacaf29cd9cdb3888fc615957ea8087
Novell Filr version 1.2.0 build 846 suffers from a cross site scripting vulnerability.
86b28f39cecdb7be563acb8a2f24c7e992a2c156cabd954c2ee3d4d4d3b8da2d
Thru Managed File Transfer Portal version 9.0.2 suffers from a remote SQL injection vulnerability.
e5c2bd00a93ce0b886ab5d27c5ecc5d879763a1889a4729da8faf34af093fd77
Red Hat Security Advisory 2016-0277-01 - The rhev-hypervisor package provides a Red Hat Enterprise Virtualization Hypervisor ISO disk image. The Red Hat Enterprise Virtualization Hypervisor is a dedicated Kernel-based Virtual Machine hypervisor. It includes everything necessary to run and manage virtual machines: A subset of the Red Hat Enterprise Linux operating environment and the Red Hat Enterprise Virtualization Agent. Note: Red Hat Enterprise Virtualization Hypervisor is only available for the Intel 64 and AMD64 architectures with virtualization extensions. A stack-based buffer overflow was found in the way the libresolv library performed dual A/AAAA DNS queries. A remote attacker could create a specially crafted DNS response which could cause libresolv to crash or, potentially, execute code with the permissions of the user running the library. Note: this issue is only exposed when libresolv is called from the nss_dns NSS service module.
16f8193295d41539b260186af779c496a1c336c7b0b9f4d88547042401772ac9
Thru Managed File Transfer Portal version 9.0.2 suffers from a cross site scripting vulnerability.
e0c6c0e9ba1dfbb79a77ae2d57381ec098b0846532313373f1f0ef0c0886b5c6
Debian Linux Security Advisory 3484-1 - Stepan Golosunov discovered that xdelta3, a diff utility which works with binary files, is affected by a buffer overflow vulnerability within the main_get_appheader function, which may lead to the execution of arbitrary code.
092897d5c817b1aa740e90a25d1710b333227949f37d0ba18586704e0de5f3ad
Debian Linux Security Advisory 3483-1 - Gustavo Grieco discovered an out-of-bounds write vulnerability in cpio, a tool for creating and extracting cpio archive files, leading to a denial of service (application crash).
982b4436bbc04685bb4ec3b4e6989b7d0ec39eca9cd6ba847333f9b2f46a73ea