PHP-SHOP Master version 1.0 suffers from a cross site request forgery vulnerability.
8a78b5651bd99ac517bc63e491f64913Learning with Texts version 1.6.2 suffers from a remote SQL injection vulnerability.
e369d05342f296346bcb78320742e5e8Time and Expense Management System version 3.0 suffers from a remote SQL injection vulnerability.
a86c2de37553ce740ad519f2189592dbThis Microsoft bulletin summary lists a CVE that has undergone a major revision increment.
a5d7f33da98d9ecacf9bdb120ede2b25Zenar Content Management System version 8.3 suffers from a cross site request forgery vulnerability.
1ca21d4ea7dad9557ab0feb02503c410User Management version 1.1 suffers from a cross site scripting vulnerability.
1c7ef1551d6511f2e501320c44b58849Red Hat Security Advisory 2018-2942-01 - The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Issues addressed include improper access controls.
4d669cadc844d32d5b8e87a44dbba212Red Hat Security Advisory 2018-2943-01 - The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Issues addressed include improper access checks.
1a4266da7dcb32436f5115e0d947c3f1Red Hat Security Advisory 2018-2939-01 - Red Hat Fuse Integration Services provides a set of tools and containerized xPaaS images that enable development, deployment, and management of integration microservices within OpenShift. Security fix: jackson-databind: incomplete fix for CVE-2017-7525 permits unsafe serialization via c3p0 libraries spring-framework: Address partial fix for CVE-2018-1270 Issues addressed include bypass, code execution, denial of service, and traversal vulnerabilities.
a81bee41629f0971103daec531920d5cUbuntu Security Notice 3796-2 - USN-3796-1 fixed a vulnerability in paramiko. This update provides the corresponding update for Ubuntu 12.04 ESM. Daniel Hoffman discovered that Paramiko incorrectly handled authentication when being used as a server. A remote attacker could use this issue to bypass authentication without any credentials. Various other issues were also addressed.
eeeaa8c000eef211a5eee310a1781232WordPress Wordfence plugin version 7.1.12 suffers from bypass, cross site scripting, and path disclosure vulnerabilities.
f85a44d7b6147f2f25a667a27e0309f9Multiple D-Link router models suffer from code execution, plain-text password storage, and directory traversal vulnerabilities.
af2cd1ac0b397da3a62f3d04d972086cTP-Link TL-SC3130 version 1.6.18 suffers from an unauthenticated and unauthorized live RTSP stream disclosure.
e029e95c170246483700a76a5b7644d8Ekushey Project Manager CRM version 3.1 suffers from a persistent cross site scripting vulnerability.
0b81df122dfedd99e1fcc0e7cbc76cadLANGO Codeigniter Multilingual Script version 1.0 suffers from html injection and cross site scripting vulnerabilities.
2964fdd5821fffe13a66f8562db17cfaDell EMC Secure Remote Services Virtual Edition versions prior to 3.32.00.08 suffer from improper file permission, plaintext password storage, and information exposure vulnerabilities.
8f160751ece08d6712da5b33a8d87a36This write up provides a proof of concept with technical details for the git submodule arbitrary code execution vulnerability.
8b90c70cc560ce019f65408cbaa40ac8Ubuntu Security Notice 3796-1 - Daniel Hoffman discovered that Paramiko incorrectly handled authentication when being used as a server. A remote attacker could use this issue to bypass authentication without any credentials.
d5067a79d01993a7f40de7ec1a88689eUbuntu Security Notice 3795-1 - Peter Winter-Smith discovered that libssh incorrectly handled authentication when being used as a server. A remote attacker could use this issue to bypass authentication without any credentials.
1dcc29f274ef1d151985494c2d04c5d4Red Hat Security Advisory 2018-2938-01 - Red Hat OpenShift Application Runtimes provides an application platform that reduces the complexity of developing and operating applications for OpenShift as a containerized platform. This release of RHOAR Thorntail 2.2.0 serves as a replacement for RHOAR WildFly Swarm 7.1.0, and includes security and bug fixes and enhancements. For further information, refer to the release notes linked to in the References section. Issues addressed include a traversal vulnerability.
f2b8cd2a90e4cf90e18d17597f36476aRed Hat Security Advisory 2018-2925-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include bypass, denial of service, and use-after-free vulnerabilities.
b6a8bd1163aa820ea7c74585ab22776eUbuntu Security Notice 3789-2 - USN-3789-1 fixed a vulnerability in ClamAV. This update provides the corresponding update for Ubuntu 12.04 ESM. It was discovered that ClamAV incorrectly handled unpacking MEW executables. A remote attacker could possibly use this issue to cause ClamAV to crash, resulting in a denial of service. Various other issues were also addressed.
fde2b8334433786ac95fc46db3f82541Red Hat Security Advisory 2018-2933-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include denial of service and use-after-free vulnerabilities.
a97ccc6aaeca9a83d1973ad6a2eed767VMware Security Advisory 2018-0026 - VMware ESXi, Workstation, and Fusion updates address an out-of- bounds read vulnerability.
74edba10b62e5341c33bfb5f5e683ec4Red Hat Security Advisory 2018-2930-01 - Red Hat JBoss Operations Network is a Middleware management solution that provides a single point of control to deploy, manage, and monitor JBoss Enterprise Middleware, applications, and services. This JBoss Operations Network 3.3.11 release serves as a replacement for JBoss Operations Network 3.3.10, and includes several bug fixes. Issues addressed include code execution, denial of service, and deserialization vulnerabilities.
7f44f8a54ec3fcefaa6f8a25aa193dba
© 2018 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed