Ticketly version 1.0 suffers from a remote SQL injection vulnerability.
7e5a0bf82d71f83ed84aa8ccf6311d9e4e3a9a7120fc8b08839e3bed699c8d7cOpenSSL is a robust, fully featured Open Source toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols with full-strength cryptography world-wide.
fc20130f8b7cbd2fb918b2f14e2f429e109c31ddd0fb38fc5d71d9ffed3f9f41Dell EMC Avamar and Integrated Data Protection Appliance (IDPA) suffer from a command injection vulnerability. Affected versions include Dell EMC Avamar Server versions 7.2.0, 7.2.1, 7.3.0, 7.3.1, 7.4.0, 7.4.1, 7.5.0, 7.5.1 and 18.1, Dell EMC Integrated Data Protection Appliance (IDPA) versions 2.0, 2.1 and 2.2.
e91a4b5adacabddf553d673763a0de8bbd43bf53cd6e4cc7669866c7d8dd18d5Dell EMC Avamar and Integrated Data Protection Appliance (IDPA) suffer from an information exposure vulnerability. Affected versions include Dell EMC Avamar Server 7.2.0 and 7.2.1, Dell EMC Avamar Server 7.3.0 and 7.3.1, Dell EMC Avamar Server 7.4.0 and 7.4.1, and Dell EMC Integrated Data Protection Appliance (IDPA) 2.0.
51c0fd129f391efd132a30f5c7d9b7c7eeff4304a86ef8eb192552466d3d5a3aThis Microsoft summary lists Microsoft security updates released for November 20, 2018.
80b9eb1b72abfe730e2cae06f779f05f7be8b632bbbe73f47319be13e685f960Dell EMC Avamar and IDPA suffer from remote code execution and open redirection vulnerabilities. Dell EMC Avamar Server versions 7.2.0, 7.2.1, 7.3.0, 7.3.1, 7.4.0, 7.4.1, 7.5.0, 7.5.1 and 18.1and Dell EMC Integrated Data Protection Appliance (IDPA) versions 2.0, 2.1 and 2.2 are affected.
15cbf37afa0b2a7fcb1c42bebfcbe6cd5096b494d352554298114052d555f07dRed Hat Security Advisory 2018-3643-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include an integer overflow vulnerability.
173945eca7ad527001ac027c9e4312830edb314be2e89234410ad71891918584Red Hat Security Advisory 2018-3644-01 - The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in. This update upgrades Flash Player to version 31.0.0.153. Issues addressed include a code execution vulnerability.
04af5473e127fe99346ab662f65a0caa395806ac053fda53996a935042bc040fVMware Security Advisory 2018-0029 - vSphere Data Protection (VDP) updates address multiple security issues.
aacb4dd9106cc15bfa2907b119b7dd2200b2ee1142ba0840d5ada8a616b19feaThe 15th CarolinaCon will be hosted in Charlotte at the Renaissance Charlotte Suites April 26th through the 28th in 2019.
e03558c7fde29e8024e19e5ad9431825afdf3cb6342d6760a24a89515bbf78cbRichfaces version 3.x suffers from a remote code execution vulnerability.
5dfbb32d43674a8fbcf00a8b17109c6edc2aa21bc7c6922d64c36ba5c89fcce7Debian Linux Security Advisory 4341-1 - Several issues have been discovered in the MariaDB database server. The vulnerabilities are addressed by upgrading MariaDB to the new upstream version 10.1.37.
6012d6608a8e39d63c4780f2f51b5e411e53300f77e36d5d48c2b03f21fd8505Red Hat Security Advisory 2018-2908-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the RPM packages for Red Hat OpenShift Container Platform 3.9.51. Issues addressed include a crash vulnerability.
25b280602b240ceeef62c7dae530b2f48bab0276848c0915c3be3852168acec8The 26th ACM Conference on Computer and Communications Security will take place in London, UK, November 11th through the 15th, 2019. The Conference on Computer and Communications Security (CCS) seeks submissions presenting novel contributions related to all real-world aspects of computer security and privacy. Theoretical papers must make a convincing case for the relevance of their results to practice. Authors are encouraged to write the abstract and introduction of their paper in a way that makes the results accessible and compelling to a general computer-security researcher. In particular, authors should bear in mind that anyone on the program committee may be asked to give an opinion about any paper.
93cbddcc9c0541fe52d6729e094adee59128be4ab071d1d3bae6c3ae9887ad3bZoho ManageEngine OpManager versions 12.3 before build 123223 have a cross site scripting vulnerability via the updateWidget API.
4f3c08804393e70f710c96815caa8549c3dc5e71017eeb4012d2c44a6bb278d1Debian Linux Security Advisory 4340-1 - An out-of-bounds bounds memory access issue was discovered in chromium's v8 javascript library by cloudfuzzer.
3ead61ae2113a5574f5818ccb7a00c49dbd911e5317b2b6ffca4c438cd77e3c1ELBA5 Network Installation versions prior to 5.8.1 suffer from a remote code execution vulnerability.
2f87672da6e269f7bb6d0be7c8df2890794563b177a0b3ec39152e33c0cfe1e7Microsoft Windows 10 1803 and 1809 have an issue with unnamed kernel object creation. It's possible to default the security descriptor owner or mandatory label to the value from an Identification level impersonation token leading to elevation of privilege.
fb9584f4d9fbcd0538fdc2a5adb39ca01034b95d7ea2db9584cbde35e0f112aeMicrosoft Windows 10 1803 suffers from a DfMarshal unsafe unmarshaling elevation of privilege vulnerability.
f3d8b80ceebd239ef1a439cec5530651178de5ea0d7a4a0abe71c74e48185b64macOS version 10.13 workq_kernreturn denial of service proof of concept exploit.
c0d719627a62bd9c9a802343bdd5548be3f38127a565a13b3f7be80e85fae7caImageMagick versions prior to 7.0.8-9 suffers from a memory leak vulnerability.
0c129a7d0e1c74e1dec309a8b8bd9775dfd645ba0275f583fdec9c5ac60f5392Ticketly version 1.0 suffers from a cross site request forgery vulnerability.
735484e28b65b8a20cedc6bbdcd7daaeb7b21e1f2b3e42deede05f8211ad32b9Ubuntu Security Notice 3816-2 - USN-3816-1 fixed several vulnerabilities in systemd. However, the fix for CVE-2018-6954 was not sufficient. This update provides the remaining fixes. Jann Horn discovered that unit_deserialize incorrectly handled status messages above a certain length. A local attacker could potentially exploit this via NotifyAccess to inject arbitrary state across re-execution and obtain root privileges. Jann Horn discovered a race condition in chown_one. A local attacker could potentially exploit this by setting arbitrary permissions on certain files to obtain root privileges. This issue only affected Ubuntu 18.04 LTS and Ubuntu 18.10. It was discovered that systemd-tmpfiles mishandled symlinks in non-terminal path components. A local attacker could potentially exploit this by gaining ownership of certain files to obtain root privileges. This issue only affected Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. Various other issues were also addressed.
eb71de28a7d0a6a7812f411191e7266a1699b349c54bd396dd6e5120e7f392c4Ricoh myPrint suffers from hardcoded application credential and information disclosure vulnerabilities. The myPrint windows client version 2.9.2.4 and myPrint android client version 2.2.7 are both affected.
ecf580b9a434a73107f0ba5a72c008e086a0dd48d9c43c99626d47b2773c9b0dSynaccess netBooter NP-0801DU version 7.4 suffers from a cross site request forgery vulnerability.
51165dc49c8b4adc6fa1b8f096b07c086864dfa90c7505b714aa7155b9aceb9d
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed