Joomla! JHotelReservation component version 6.0.7 suffers from a remote SQL injection vulnerability.
71bbbd422a50115ccae68970ba8ebbb037ca2c595d01f4140f3fe66d00ab553f
SimplePress CMS version 1.0.7 suffers from a remote SQL injection vulnerability.
e91ac0660822282233ba8b9afbf5a76f5e229a4cd923cee40aa9ea396c881780
Joomla! J-CruisePortal component version 6.0.4 suffers from a remote SQL injection vulnerability.
934189203d36a345c740a8b0b0b518efbff60aad27bea4d29b6201ca662c00f9
Zyxel NBG-418N V2 suffers from a cross site request forgery vulnerability.
273ea7ce7048197b7fbc31dcebdd94bb1be4a46fc0191bdaefa68ce14fdfd2fa
Microsoft Remote Desktop version 10.2.4(134) suffers from a denial of service vulnerability.
ac0c640d52dcc258a6aa28bc43a4fe07bbdb15e0060ed37aa64a2dd1e1f34dde
This Metasploit module attempts to gain root privileges on Linux systems using setuid executables compiled with AddressSanitizer (ASan). ASan configuration related environment variables are permitted when executing setuid executables built with libasan. The log_path option can be set using the ASAN_OPTIONS environment variable, allowing clobbering of arbitrary files, with the privileges of the setuid user. This module uploads a shared object and sprays symlinks to overwrite /etc/ld.so.preload in order to create a setuid root shell.
0e6f740ce9bc200d846f84b085e1b15b388b872a85100b6499f36331dcd60d30
I2P is an anonymizing network, offering a simple layer that identity-sensitive applications can use to securely communicate. All data is wrapped with several layers of encryption, and the network is both distributed and dynamic, with no trusted parties. This is the source code release version.
65fe327fdd11272a764c9e1c6ae1f38b151cea9003216b861c7ff2b281ca2970
Ghostscript has an issue with pseudo-operators that can lead to remote code execution. Version 9.26 is affected.
6f82dc2c71113403be2f8d208d1801454419d4178873a71ecf3e7231bb75fa9f
Coppermine version 1.5.46 suffers from multiple cross site scripting vulnerabilities.
38b80db2c56e17ffeddbb0f779d6162b367b3d055203dc2936b95d756b85c455
Abantecart version 1.2.12 suffers from a cross site scripting vulnerability.
9049506bf8cac7203cc836634a13bb52cc4e386f1736d2424ed25fee79a9ef91
DNN version 9.1 suffers from a cross site scripting issue that can be achieved via an XML vulnerability.
524165c60ed031fcefc4fdd7b52e564af0f4bd3450ce057e38a1662da131284e
Microsoft Windows has a flaw where a contact file can be leveraged with a malicious mailto: link to achieve code execution.
e16184bb657aebad54ac521372498653ef4ce63d19c5b150334e57414d202fdc
Joomla! Easy Shop component version 1.2.3 suffers from a local file inclusion vulnerability.
7ebc46eaa01b10e34e0867ed6c6f2432b67a99b6479b0eb3c8bff76a57807364
Joomla! J-BusinessDirectory component version 4.9.7 suffers from a remote SQL injection vulnerability.
ece141f3f2e32a705932b56df62b4b0234b266a7330fc8e04d9aff44e0ea9060
Joomla! VMap component version 1.9.6 suffers from a remote SQL injection vulnerability.
c525825038f94674d36b285c9d73c5f076fbda61bb214bcf20d362fb12c6de74
Joomla! vBizz component version 1.0.7 suffers from a code execution vulnerability.
1b2b50d42b3ac2ded00024104a0b54e504c75ed6aabdcb25b5578d9a93412572
Joomla! vBizz component version 1.0.7 suffers from a remote SQL injection vulnerability.
1f669e3aafb97e30887d32f750562f31c9d5a8b7b760d244dc9e0a2b43f45f71
Nagios XI version 5.5.6 suffers from remote code execution and privilege escalation vulnerabilities.
24108dbb8c9c59ae34ce542303af31e1e4a7a64d3f72d47d85b85c06711c4a54
Joomla! J-ClassifiedsManager component version 3.0.5 suffers from a remote SQL injection vulnerability.
02081fc738336962e9db2c49eab0a648edbfbc8b34944da49d441167fd6e9489
Joomla! J-MultipleHotelReservation component version 6.0.7 suffers from a remote SQL injection vulnerability.
2fbae3a71241e85cb204b6ed16189ab45ad1868a7b4ceb564029b35979e38bbb
Joomla! vReview component version 1.9.11 suffers from a remote SQL injection vulnerability.
62197c373e13a2ae6e10adc85159763a86cd18c52f703c309cc22e5d1e59d642
Joomla! vAccount component version 2.0.2 suffers from a remote SQL injection vulnerability.
293a9418a9c1d355b3bc1cbfe464731a37ba3f6c93c0d71d2e9323413cf8aa68
Joomla! vWishlist component version 1.0.1 suffers from a remote SQL injection vulnerability.
855e78f7977dd5af02a00f316f65ab4ee0d843e713ed2c74e50436578065c385
Ubuntu Security Notice 3866-1 - Tavis Ormandy discovered that Ghostscript incorrectly handled certain PostScript files. If a user or automated system were tricked into processing a specially crafted file, a remote attacker could possibly use this issue to access arbitrary files, execute arbitrary code, or cause a denial of service.
39c2317129a0f2797b184193f238e6b3905f879dd65b2bd8f0ca13cd1b69f6c6
Ubuntu Security Notice 3867-1 - Multiple security issues were discovered in MySQL and this update includes a new upstream MySQL version to fix these issues. Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, and Ubuntu 18.10 have been updated to MySQL 5.7.25. In addition to security fixes, the updated packages contain bug fixes, new features, and possibly incompatible changes. Various other issues were also addressed.
e34b43d0d03263ddfe392cfad50db5716adf819a0950971ca80c57c77b8e7f20