A cross site scripting vulnerability has been discovered in the AIR5750 modem of the AirTies manufacturer. AirTies Air 5750 devices have XSS via the top.html productboardtype parameter.
aa072c06e33a6a98cbf6061b5cc299755e773a597416a05a3180fd2a6747fe2a
A cross site scripting vulnerability has been discovered in the AIR5650 modem of the AirTies manufacturer. AirTies Air 5650 devices have XSS via the top.html productboardtype parameter.
ae7a47a646c5b766f6a8ea0193d0c6960a0a6d602b13fa5c6e2f3c29fc855026
A cross site scripting vulnerability has been discovered in the AIR5342 modem of the AirTies manufacturer. AirTies Air 5750 devices have XSS via the top.html productboardtype parameter.
d928a068921536f6de4773d37161559e0b6365e4f407d217256e220e7918e9e2
In Zoho ManageEngine AssetExplorer, a Stored XSS vulnerability was discovered in the 6.2.0 version via the /AssetDef.do ciName or assetName parameter.
8485fed583c4e65ccc4d672399a912ef264a318b1f96d650351ed0e1f33ec332
In the 5.4.0 version of the Fork CMS software, HTML Injection and Stored XSS vulnerabilities were discovered via the /backend/ajax URI.
29da562924cd8cfdda35434de4b485eb1e9a4f10d6c156a8931e187fac6ed7c5
A cross site scripting vulnerability has been discovered in the AIR5453 modem of the AirTies manufacturer. AirTies Air 5453 devices have XSS via the top.html productboardtype parameter.
393b737fd7a25508f9edc5e3efe749fa0960e81881445fc0f13a1bea40a28b3a
A cross site scripting vulnerability has been discovered in the AIR5442 modem of the AirTies manufacturer. AirTies Air 5442 devices have XSS via the top.html productboardtype parameter.
636d1cfd7ed475f37b99be771d004787619c4fc93c05caa778fd1dab5870df15
A cross site scripting vulnerability has been discovered in the AIR5443v2 modem of the AirTies manufacturer. AirTies Air 5443v2 devices have XSS via the top.html productboardtype parameter.
043e1c94267d9f9f0d5c8f26d15ced6582ef4a03c102d5c8a5c6b31931a32fe8
A cross site scripting vulnerability has been discovered in the AIR5343v2 modem of the AirTies manufacturer. AirTies Air 5343v2 devices have XSS via the top.html productboardtype parameter.
498099c1f82d3b9fbc9fe0f0eeabba2302ada762200700cd38d0154b342e5ed8
Dell EMC Unity requires an update to address an Incorrect File Permissions vulnerability with multiple files. This vulnerability may potentially be exploited by malicious local users to compromise the affected system. Dell EMC Unity Operating Environment (OE) versions 4.3.0.x and 4.3.1.x and Dell EMC UnityVSA Operating Environment (OE) versions 4.3.0.x and 4.3.1.x are affected.
116d324fb76e3037193d2d9934e1d6a69f043d23dbda365eec2cf81b23d2b544
Debian Linux Security Advisory 4306-1 - Multiple security issues were discovered in Python: ElementTree failed to initialize Expat's hash salt, two denial of service issues were found in difflib and poplib and the shutil module was affected by a command injection vulnerability.
604fe730fa592031cb2dd69abc6480e03447d486f7f09768b5d9c55234af836d
Ubuntu Security Notice 3719-3 - USN-3719-1 fixed vulnerabilities in Mutt. Unfortunately, the fixes were not correctly applied to the packaging for Mutt in Ubuntu 16.04 LTS. This update corrects the oversight. It was discovered that Mutt incorrectly handled certain requests. An attacker could possibly use this to execute arbitrary code. Various other issues were also addressed.
91be266304502d5c04ac733dedab7d8f9bd9292cac8ae233e1edd20b79901b1a
Seqrite End Point Security version 7.4 suffers from a weak file permission privilege escalation vulnerability.
338307d4c9e3a2614f93b604c77e4eeaa79b3ac9c2b8190f3b9d896115f06e2f
Skype on Debian automatically installs apt configuration that adds Microsoft's apt repo to the system's package sources. That way, Microsoft (or anybody holding their repo's private key) can easily inject malicious packages via regular update and replace distro packages w/ their own manipulated ones.
1af0ce7e985b6e6fa65956ab99747246fc9ef0fec3fb8d2b6a3f4313086f54c4
Intel Extreme Tuning Utility version 6.4.1.23 suffers from code execution, privilege escalation, and denial of service vulnerabilities.
8ee640f811b6221313c74122f57a246a37deeed23bca3a80d265d6c2180dfcda
Red Hat Security Advisory 2018-2835-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 60.2.1 ESR. Issues addressed include a crash.
80ff187b2df61c699663bb15ce53928b394f62572e3fb2cc571a9a9b5593d95b
Red Hat Security Advisory 2018-2834-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 60.2.1 ESR. Issues addressed include a crash.
368165b65635e6cd55b2ff023acfe7a01b41cbdac7daee1974dc6d97fb5849dc
Red Hat Security Advisory 2018-2822-01 - KVM is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm-rhev packages provide the user-space component for running virtual machines that use KVM in environments managed by Red Hat products. Issues addressed include a buffer overflow vulnerability.
611faf21c8abfde8e5056c1277af106b5c2ba1a9003bd65cb55301f689d0d12c
AppArmor has an issue where filesystem blacklisting can be bypassed by moving parents.
b2024aa06da618d87af0a264562f40bcd8ebfa1535eb007f2251a6df21367000
PCProtect 4 version 8.35 suffers from a weak file permission privilege escalation vulnerability.
1a3f9f98779877970807ab97138ae5d81df5de87bf4360b2b951f311a288ac81
Rausoft ID.prove version 2.95 suffers from a remote SQL injection vulnerability.
e2528102866a52d493d80ef903b6833bfc2afec275eb5ddc60bc42bc4450abf4
ManageEngine Desktop Central version 10.0.271 suffers from a cross site scripting vulnerability.
b98475c7c1086afe41c236113ea38e1a2b485100d865ef19d96b91e77c7aeec3
iWay Data Quality Suite Web Console version 10.6.1.ga suffers from an XML external entity injection vulnerability.
cd2ba04d9848a473c28202f68204338199eb8e5285f94b0ea6d14d308671ad8b
Microsoft Edge suffers from a sandbox escape vulnerability.
53dae687e4a4409c81987ce450a88ac52d2a2a51eac4971e2a0712be2ba423d2
Red Hat Security Advisory 2018-2826-01 - Mod_perl incorporates a Perl interpreter into the Apache web server, such that the Apache HTTP server can directly execute Perl code. Issues addressed include a code execution vulnerability.
ac9aa4c6261769c2d22dbde4257dfbf26f2c23a34a9237188e0837eec6dda572