Joomla! Jobs Factory component version 2.0.4 suffers from a remote SQL injection vulnerability.
aacf9d12b790a10ffc2585e9fecf2a974e62e207c8747faffcda3d8097e84eb0
Joomla! Questions component version 1.4.3 suffers from a remote SQL injection vulnerability.
84915635355b08b3308912270cd914b1005a5dbd25e18a7e39b10a4d50db05ac
Joomla! Penny Auction Factory component version 2.0.4 suffers from a remote SQL injection vulnerability.
7371788698e24a9a87febc1b00008383c630af3875fcbdd14d74fb779732c906
Joomla! Music Collection component version 3.0.3 suffers from a remote SQL injection vulnerability.
da6f9a050b57452ea2cca0e7368e2f8a78090c98b28a6789bb03a787669dea57
Joomla! Raffle Factory component version 3.5.2 suffers from a remote SQL injection vulnerability.
40c872e82e09227ca22a0b808940425518574b282e1c57209d8a3f8dc18d79fb
Super Cms Blog Pro version 1.0 suffers from a remote SQL injection vulnerability.
9f837708bf52b023bd550037febbbddd4b114c10583dc1d34f47e6fc568a4ed6
Joomla! Responsive Portfolio component version 1.6.1 suffers from a remote SQL injection vulnerability.
4ec74108ac65de2a043c84ce9fc055e69eda0ba11b49bf46acf5a82314313f48
Samhain is a file system integrity checker that can be used as a client/server application for centralized monitoring of networked hosts. Databases and configuration files can be stored on the server. Databases, logs, and config files can be signed for tamper resistance. In addition to forwarding reports to the log server via authenticated TCP/IP connections, several other logging facilities (e-mail, console, and syslog) are available. Tested on Linux, AIX, HP-UX, Unixware, Sun and Solaris.
c691f28e57cbe9c032ae7dc01fb18deffd393ee5720f10637d2b4648f8f22a70
Dell EMC ESRS Policy Manager requires a workaround to address a remote code execution vulnerability that could potentially be exploited by malicious users to compromise the affected system.
9c9f2adff24c1ebd8eb68143f2becd69784ea53a955cb2aa61d57dc5b62eb7ba
Apple Security Advisory 2018-9-24-6 - APPLE-SA-2018-9-24-6 provides additional information for APPLE-SA-2018-9-17-3. tvOS 12 is now available and addresses interception issues.
1569303fb0a927bc8e23ba48fd80806e35a0e5c6e52d9e0bfcc3c4921929c22c
Apple Security Advisory 2018-9-24-5 - APPLE-SA-2018-9-24-5 provides additional information for APPLE-SA-2018-9-17-2. watchOS 5 is now available and addresses validation issues.
d094dbbbfb6765337f5e8e2519acbcb8ba389473da3df254ef33db12d4630cb3
Apple Security Advisory 2018-9-24-4 - APPLE-SA-2018-9-24-4 provides additional information for APPLE-SA-2018-9-17-1. iOS 12 is now available and addresses memory corruption and input validation vulnerabilities.
fe6d1b8b3958f08fadaf9feda8a759143d5d125386459a13ec51171d4098256c
Apple Security Advisory 2018-9-24-3 - APPLE-SA-2018-9-24-3 provides dditional information for APPLE-SA-2018-9-17-4. Safari 12 is now available and addresses browser history deletion and user interface spoofing vulnerabilities.
3ee8bc953d34224647e894922d3a74c6686f024b24a90150518c76f7ddb1da16
Ubuntu Security Notice 3771-1 - It was discovered that strongSwan incorrectly handled IKEv2 key derivation. A remote attacker could possibly use this issue to cause strongSwan to crash, resulting in a denial of service. Sze Yiu Chau discovered that strongSwan incorrectly handled parsing OIDs in the gmp plugin. A remote attacker could possibly use this issue to bypass authorization. Sze Yiu Chau discovered that strongSwan incorrectly handled certain parameters fields in the gmp plugin. A remote attacker could possibly use this issue to bypass authorization. Various other issues were also addressed.
e17f096815ff5bd42d4ea76068f61f20c3869354f1a3c2c88ea7118d853351da
Apple Security Advisory 2018-9-24-2 - iTunes 12.9 for Windows addresses code execution and memory corruption vulnerabilities.
42d9b5e310c3b61a259d697f44aedf0f8944ed2e2369510e87c6fc5f0b7c9153
Apple Security Advisory 2018-9-24-1 - macOS Mojave 10.14 is now available and addresses memory corruption and input validation vulnerabilities.
61fcfff5885e60f7213b3f70197aa6be0c3e910caed6dbc533d2e3f88fc67869
This Metasploit module exploits a directory traversal vulnerability in the dtappgather executable included with Common Desktop Environment (CDE) on unpatched Solaris systems prior to Solaris 10u11 which allows users to gain root privileges. dtappgather allows users to create a user-owned directory at any location on the filesystem using the DTUSERSESSION environment variable. This Metasploit module creates a directory in /usr/lib/locale, writes a shared object to the directory, and runs the specified SUID binary with the shared object loaded using the LC_TIME environment variable. This Metasploit module has been tested successfully on: Solaris 9u7 (09/04) (x86); Solaris 10u1 (01/06) (x86); Solaris 10u2 (06/06) (x86); Solaris 10u4 (08/07) (x86); Solaris 10u8 (10/09) (x86); Solaris 10u9 (09/10) (x86).
6f75827f24c9c71623ec21ea18e8644185262819fb0757d5169bc8b6020326ac
Faraday is a tool that introduces a new concept called IPE, or Integrated Penetration-Test Environment. It is a multiuser penetration test IDE designed for distribution, indexation and analysis of the generated data during the process of a security audit. The main purpose of Faraday is to re-use the available tools in the community to take advantage of them in a multiuser way.
07ad9e3fbf8f57d6ac1224313fe2be2422673b297a921b513932019354373599
Lynis is an auditing tool for Unix (specialists). It scans the system and available software to detect security issues. Beside security related information it will also scan for general system information, installed packages and configuration mistakes. This software aims in assisting automated auditing, software patch management, vulnerability and malware scanning of Unix based systems.
8fc68ef7f643327cbe0eb3616015d59225649ee4eccc2a632707857a573eb468
Debian Linux Security Advisory 4305-1 - Sze Yiu Chau and his team from Purdue University and The University of Iowa found several issues in the gmp plugin for strongSwan, an IKE/IPsec suite.
3600f91c663ea865ce9da23457277830706c0b7bfd18f2204a59509fb92beb1a
The RICOH MP C6003 printer suffers from cross site scripting and html injection vulnerabilities.
964f506e2a947534e09f4b563aa2d0a244814b24929f588f260f704e8314890f
Red Hat Security Advisory 2018-2743-01 - Red Hat JBoss Enterprise Application Platform is a platform for Java applications based on the JBoss Application Server. This release of Red Hat JBoss Enterprise Application Platform 6.4.21 serves as a replacement for Red Hat JBoss Enterprise Application Platform 6.4.20, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include a denial of service vulnerability.
37eda32cb7a191a1c6736b12f198f553328de5c123f33beb2d638d6d58a35666
Joomla! AMGallery component version 1.2.3 suffers from a remote SQL injection vulnerability.
0d6325ae2fe3bcb68ef307662c8493efc3fcdda8d8f5be776f84762d6e433119
The RICOH MP C2003 printer suffers from cross site scripting and html injection vulnerabilities.
9f1122b8f6d9dcd05266b232e0329ff0e06c0dad4e963d25aee8bd600f103613
The RICOH MP 305+ printer suffers from cross site scripting and html injection vulnerabilities.
fe3fcd47f89282e12b4f7f04156c82c656e3d18b555040ec9954cf13966f9817