Gentoo Linux Security Advisory 201903-23 - Multiple vulnerabilities have been found in Chromium, the worst of which could result in the remote execution of code. Versions less than 73.0.3683.75 are affected.
0d758e392119bc08e7cd6fc9d8eb0febf9dc6149e7e5fd26f8a4b2a5e96d918f
Gentoo Linux Security Advisory 201903-22 - An overflow was discovered in ZeroMQ which could lead to arbitrary code execution. Versions less than 4.3.1 are affected.
369fd084812b4a33195bab4ed061f4af8ecfca25a6f5c4e5d440330adf785501
Gentoo Linux Security Advisory 201903-21 - Multiple vulnerabilities have been found in Apache Web Server, the worst of which could result in a Denial of Service condition. Versions less than 2.4.38-r1 are affected.
3369fcf2fa83fa333a273a54c49a32700989b254b926ea600e23ca5cfd2463c4
Gentoo Linux Security Advisory 201903-20 - Multiple vulnerabilities have been found in cabextract and libmspack, the worst of which could result in a Denial of Service. Versions less than 1.8 are affected.
f6cc6c4509246d480adeaa1577b14cf69fbde2f3438f43221621f90493f9137a
Gentoo Linux Security Advisory 201903-19 - Multiple vulnerabilities have been found in NASM, the worst of which could result in the remote execution of arbitrary code. Versions less than 2.14.02 are affected.
5169c28e2886caf3cf570b40fff2a4af5a5f2a94b75b57715fb66994435e9c20
Gentoo Linux Security Advisory 201903-18 - Multiple vulnerabilities have been found in GD, the worst of which could result in the remote execution of arbitrary code. Versions less than 2.2.5-r2 are affected.
1d37ab9ca2e7fff5ccebddafafb28ae0b10fe4c7a72c0a7ba6a91459db606e08
Gentoo Linux Security Advisory 201903-17 - Multiple vulnerabilities have been found in the image loading library for Simple DirectMedia Layer, the worst of which could result in the remote execution of arbitrary code. Versions less than 2.0.4 are affected.
5cb36cfcb59a08e2b10834307d984823deaeb727c2f5b6ca3f78cfe7dd717c50
i-doit version 1.12 suffers from a cross site scripting vulnerability.
fb0838c0400c022ec5221479543a20086b1cb21bd268d29ad3df0f1b3da1d936
Airbnb Clone Script (Homeybnb) suffers from multiple remote SQL injection vulnerabilities.
390b42dab050f6e5f04aee1de6edf47ec084ab7326d7e902c8e4720bb52cc08d
Masch CMStudio Banners module version 8.6.1 suffers from an open redirection vulnerability.
2e6d19111da91575e68eade23f7674f6a28022210ce2cbcd0e0204c5e0a9646c
WordPress Form Builder plugin version 1.0 suffers from a database disclosure vulnerability.
d1d6727947d55142fd467d2f62a81b7197288fba1340846e6676ea5b07c4e6ff
This Metasploit module exploits a file upload vulnerability that allows for remote command execution in Showtime2 module versions 3.6.2 and below in CMS Made Simple (CMSMS). An authenticated user with "Use Showtime2" privilege could exploit the vulnerability. The vulnerability exists in the Showtime2 module, where the class "class.showtime2_image.php" does not ensure that a watermark file has a standard image file extension (GIF, JPG, JPEG, or PNG). Tested on Showtime2 3.6.2, 3.6.1, 3.6.0, 3.5.4, 3.5.3, 3.5.2, 3.5.1, 3.5.0, 3.4.5, 3.4.3, 3.4.2 on CMS Made Simple (CMSMS) 2.2.9.1.
1df098a0e8333fb97bab3cd80dd2de6a5ea4a18a6d09b8daa9ff38cd10e5965a
This Metasploit module demonstrates that an unauthenticated attacker with network access to the Oracle Weblogic Server T3 interface can send a serialized object (weblogic.jms.common.StreamMessag eImpl) to the interface to execute code on vulnerable hosts.
e9fa1048c7115283a85c77ab6fc28657f1c314f5367d3be58cd22dda512105d6
A bug in IonMonkeys type inference system when JIT compiling and entering a constructor function via on-stack replacement (OSR) allows the compilation of JITed functions that cause type confusions between arbitrary objects.
69137aa1448d0433945fde8e7e4340601a30cc89d0f1611dc9c4960de77a3759
This is a critical memory corruption vulnerability in any API backed by verify_crt(), including gnutls_x509_trust_list_verify_crt() and related routines in GnuTLS.
533f01efe3a32a400eae85ee0cf901c9f9719f4ada7f40836cc2938e024c4866
Clam AntiVirus is an anti-virus toolkit for Unix. The main purpose of this software is the integration with mail servers (attachment scanning). The package provides a flexible and scalable multi-threaded daemon, a command-line scanner, and a tool for automatic updating via Internet. The programs are based on a shared library distributed with the Clam AntiVirus package, which you can use in your own software.
0a12ebdf6ff7a74c0bde2bdc2b55cae33449e6dd953ec90824a9e01291277634
Fat Free CRM version 0.19.0 suffers from an html injection vulnerability.
df06e72549fffc50f5424d1db04c2b934ef5ad16747d4a3c950bb915e38af30f
RedTeam Pentesting discovered a command injection vulnerability in the web-based certificate generator feature of the Cisco RV320 router which was inadequately patched by the vendor.
fa1fddffe139a0d576a787664aa6b3b1d1207ed373110904ad3b88fa8d1e4370
RedTeam Pentesting discovered that the Cisco RV320 router still exposes sensitive diagnostic data without authentication via the device's web interface due to an inadequate fix by the vendor.
2b7e66ad19b6068e6af38b37416a2c3c4c1dbb9a1a959f50323d828c81b0520e
RedTeam Pentesting discovered that the configuration of a Cisco RV320 router can still be exported without authentication via the device's web interface due to an inadequate fix by the vendor.
aa2ffadd37f8b53f7521b5331aff0f56f21b08999e7e3839a9709f9b42d32d19
Ubuntu Security Notice 3923-1 - Michael Hanselmann discovered that QEMU incorrectly handled the Media Transfer Protocol. An attacker inside the guest could use this issue to read or write arbitrary files and cause a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 18.10. Michael Hanselmann discovered that QEMU incorrectly handled the Media Transfer Protocol. An attacker inside the guest could use this issue to read arbitrary files, contrary to expectations. This issue only affected Ubuntu 18.04 LTS and Ubuntu 18.10. Various other issues were also addressed.
bd50cf4e3724dde4eca89acd01b984093f41b59050ef6cddd19b55a916c3b163
Red Hat Security Advisory 2019-0672-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 60.6.1 ESR.
a66e07d0056a772de65564f6604eb67706b5f09c2226b7789a271c9c481ea630
Red Hat Security Advisory 2019-0671-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 60.6.1 ESR.
5384e9fcb533149326a741c9c1a106aee3dd186a89e17054dc29950e438e6d53
Joomla ARI Image Slider component version 2.2.0 suffers from cross site request forgery and remote shell upload vulnerabilities.
d51451d6dc114e1ed2871c58739b811223f60d0185fd6c98d0b0d5bd3b628d0d
Razer laptops ship with SPI flash set to full read/write and the Intel CPU is left in ME Manufacturing Mode.
7d678619ab5a9fdf0463c198c9e4b917336b325215c49776175af01fad3b75d0