CA Technologies, A Broadcom Company, is alerting customers to a potential risk with CA Common Services in the Distributed Intelligence Architecture (DIA) component. A vulnerability exists, CVE-2019-13656, that can allow a remote attacker to execute arbitrary code. CA published solutions to address the vulnerabilities and recommends that all affected customers implement these solutions immediately.
3a354eedf811cb8771a38e75f0e9fc7bf8d567bb792642529124339c33c4def1The Rifatron Intelligent Digital Security System DVR suffers from an unauthenticated and unauthorized live stream disclosure when animate.cgi script is called through Mobile Web Viewer module.
0ac770f479e014f7c5b8c6027c620e27b00efd876208dd79b63187fd39efe9dfCore FTP LE version 2.2 build 1935 suffers from buffer overflow vulnerability.
2b347f042a2ee7a96ebba7c78aeb582f058f85fdaf4466b5097f76b87cc59fc9Tibco JasperSoft suffers from a path traversal vulnerability.
3d5803f45be81659caf4f3bffb04cadddfd4a598bf1a1150dafa4203a2d45984Cisco Content Security Virtual Appliance M380 IronPort remote cross site host modification demo exploit.
73c9d99009b7401255bba6a1f56507939d40908be4130273b2c562c5a4a3adb6WordPress Qwiz Online Quizzes and Flashcards plugin version 3.36 suffers from a cross site scripting vulnerability.
634c7369106c5e8fe42529b05f448cc52e6022665ac665f210efa6c734e5fed6Red Hat Security Advisory 2019-2692-01 - libnghttp2 is a library implementing the Hypertext Transfer Protocol version 2 protocol in C. Issues addressed include a denial of service vulnerability.
1f6c6050d085a41dc46ff9e4941e354e9054892ef169792bef49ce1f632e1907Ubuntu Security Notice 4126-2 - USN-4126-1 fixed a vulnerability in FreeType. This update provides the corresponding update for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM. It was discovered that FreeType incorrectly handled certain font files. An attacker could possibly use this issue to access sensitive information. Various other issues were also addressed.
08c0cc85cdc27328cd60c64819de9943f2a4a0e44f048dd996384d891bbcab74Ubuntu Security Notice 4127-1 - It was discovered that Python incorrectly handled certain pickle files. An attacker could possibly use this issue to consume memory, leading to a denial of service. This issue only affected Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. It was discovered that Python incorrectly validated the domain when handling cookies. An attacker could possibly trick Python into sending cookies to the wrong domain. Various other issues were also addressed.
a6121ec027f70b67f345f5ad6c6c486f26a08b03eb27501881124c6501bc32ceUbuntu Security Notice 4126-1 - It was discovered that FreeType incorrectly handled certain font files. An attacker could possibly use this issue to access sensitive information.
9c75db99eeaf814107d076b9ad7366c3d65e14e6b7556f7538ca29dd30f4202cUbuntu Security Notice 4125-1 - It was discovered that Memcached incorrectly handled certain UNIX sockets. An attacker could possibly use this issue to access sensitive information.
117d159d74f124edd2fb01722b866c6d15791debda993e0fac84590974e1bed5Red Hat Security Advisory 2019-2682-01 - Go Toolset provides the Go programming language tools and libraries. Go is alternatively known as golang. Unbounded memory growth issues have been addressed.
4266f60f3b60d7e2ce9d60d48c9bacc740fe2898224b46d8e9ccf7f2aea71272Gentoo Linux Security Advisory 201909-8 - An authentication bypass was discovered in D-Bus. Versions less than 1.12.16 are affected.
1925cdbaeb816788d77465f7461559356deb4b1a026fceb7a80a818304c9fb70Gentoo Linux Security Advisory 201909-7 - Multiple vulnerabilities have been found in Simple DirectMedia Layer, the worst of which could result in the arbitrary execution of code. Versions less than 2.0.10 are affected.
99fa8eec10c2e6b0bffb1e4f011f9e3bbf24b9c05c6bd40223cdf8ebb2f39f20Dabman and Imperial Web Radio Devices suffers from undocumented telnet backdoor and command execution vulnerabilities.
6e28c900f138b4c227460279ef44595a12f751de44f3a06844fa9e9ce1c87e2aDolibarr ERP-CRM version 10.0.1 suffers from a remote SQL injection vulnerability.
6826dc0ef459539b9dbd73ad177cbaf6ed9ed2ece658f77e4b7715a8c0b04c36Enigma NMS version 65.0.0 suffers from a remote SQL injection vulnerability.
4cc7a0a98cea7b8dd397f89ccfa2628dded3cba0ac317b141cc5f674ab88b466Dolibarr ERP-CRM version 10.0.1 suffers from a remote SQL injection vulnerability.
bab53fc3d093813545a41360b16744c1c7a3723c574c2a429a2b935572a6e1beWordPress Sell Downloads plugin version 1.0.86 suffers from a cross site scripting vulnerability.
80bf1de2f84d01152cf1f1e148a4f06f841d64ab769243729c202382f8261cb6Enigma NMS version 65.0.0 suffers from a remote OS command injection vulnerability.
94d553521c579cd88477fa7b91ca989a5e20acf2fd7a70f9296ce41de7a88a15Dolibarr ERP-CRM version 10.0.1 suffers from a remote SQL injection vulnerability.
6826dc0ef459539b9dbd73ad177cbaf6ed9ed2ece658f77e4b7715a8c0b04c36Enigma NMS version 65.0.0 suffers from a cross site request forgery vulnerability.
eb90e11fddf0d538221bafa5663c47a404d5c2e5cd852b619227449d8706b7a7Whitepaper called Optimization Method For The Exploitation Times of Blind SQL injections.
634b3d481b66b17aed89de1173320f1af4685784567ef6234c51d0457853fe46Control Web Panel version 0.9.8.851 suffers from multiple privilege escalation vulnerabilities.
e6ce381103bbd4b17c04a857140df6e826e521130a7f2572cbafc0f30e42b80c
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed