Joomla EkRishta component version 2.10 suffers from cross site scripting and remote SQL injection vulnerabilities.
bbb01327012f75900dff9c4486d2bd9bGentoo Linux Security Advisory 201805-6 - Multiple vulnerabilities have been found in Chromium and Google Chrome, the worst of which could result in privilege escalation. Versions less than 66.0.3359.170 are affected.
2bcb893351d0198f15d907469c8c2718Ubuntu Security Notice 3645-2 - USN-3645-1 fixed vulnerabilities in Firefox. The update caused an issue where users experienced long UI pauses in some circumstances. This update fixes the problem. Multiple security issues were discovered in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service via application crash, bypass same-origin restrictions, conduct cross-site scripting attacks, install lightweight themes without user interaction, spoof the filename in the downloads panel, or execute arbitrary code. Various other issues were also addressed.
d79a2b390689ee5da50dd49ae53da56cHealwire Online Pharmacy version 3.0 suffers from cross site request forgery and cross site scripting vulnerabilities.
9196695291014c0d67db9bdd80d678ffThis Metasploit module exploits an expression language injection vulnerability, along with an authentication bypass vulnerability in Hewlett Packard Enterprise Intelligent Management Center before version 7.3 E0504P04 to achieve remote code execution. The HP iMC server suffers from multiple vulnerabilities allows unauthenticated attacker to execute arbitrary Expression Language via the beanName parameter, allowing execution of arbitrary operating system commands as SYSTEM. This service listens on TCP port 8080 and 8443 by default. This Metasploit module has been tested successfully on iMC PLAT v7.3(E0504P02) on Windows 2k12r2 x64 (EN).
409c199dae62513789f6016cba7903bdMultiple Siemens SIMATIC panels suffer from cross site request forgery and cross site scripting vulnerabilities.
52fd7f7488e289fc4a42c19a2bd6d53bSuperCom Online Shopping Ecommerce Cart 1 suffers from remote SQL injection, cross site request forgery, and cross site scripting vulnerabilities.
eee904a60e89110b7191ba2d167bbfb3NodAPS version 4.0 suffers from cross site request forgery and remote SQL injection vulnerabilities.
c44435ac73194c9205c2e0f6fdab2a8bRS Authentication Manager versions prior to 8.3 P1 suffer from cross site scripting and XML external entity injection vulnerabilities.
64f46f62982ecef4ac4dd6fbab721205vcftools version 0.1.15 suffers from out-of-bounds read, denial of service, buffer overflow, and use-after-free vulnerabilities.
2651784ca5ca6bc6e1c40cc6eaf3dd7eDebian Linux Security Advisory 4201-1 - Multiple vulnerabilities have been discovered in the Xen hypervisor.
6a2925f0955d67772df80c9d7b10ff00Red Hat Security Advisory 2018-1525-01 - The RHV-M Virtual Appliance automates the process of installing and configuring the Red Hat Virtualization Manager. The appliance is available to download as an OVA file from the Customer Portal. The following packages have been upgraded to a later upstream version: rhvm-appliance. Issues addressed include bypass and code execution vulnerabilities.
0a05e52d54d6e6975a672c08b36e4f98Red Hat Security Advisory 2018-1523-01 - The redhat-virtualization-host packages provide the Red Hat Virtualization Host. These packages include redhat-release-virtualization-host, ovirt-node, and rhev-hypervisor. Red Hat Virtualization Hosts are installed using a special build of Red Hat Enterprise Linux with only the packages required to host virtual machines. RHVH features a Cockpit user interface for monitoring the host's resources and performing administrative tasks. Includes GlusterFS fixes for CVE-2018-1088, dhcp fixes for CVE-2018-1111, kernel fixes for CVE-2018-1087, and kernel fixes for CVE-2018-8897. Issues addressed include code execution and denial of service vulnerabilities.
7a5512991eb1a7076173fd951d1ada6fRed Hat Security Advisory 2018-1415-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 52.8.0 ESR. Issues addressed include buffer overflow, bypass, and use-after-free vulnerabilities.
a0941f737fbe0c2b91741a8ecdee350dRed Hat Security Advisory 2018-1448-01 - Red Hat JBoss Enterprise Application Platform is a platform for Java applications based on the JBoss Application Server. This release of Red Hat JBoss Enterprise Application Platform 6.4.20 serves as a replacement for Red Hat JBoss Enterprise Application Platform 6.4.19, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include code execution and traversal vulnerabilities.
4ca97990ced77ecf6f01f01cd81358c9Red Hat Security Advisory 2018-1374-01 - The kernel-alt packages provide the Linux kernel version 4.x. Issues addressed include denial of service and remote file inclusion vulnerabilities.
2af19f541100be346b9ed63fdc5ce4d3Red Hat Security Advisory 2018-1372-01 - HAProxy is a TCP/HTTP reverse proxy which is particularly suited for high availability environments. Issues addressed include buffer overflow and denial of service vulnerabilities.
73567ccdb0af5ca9e37e65140bbb02e5Red Hat Security Advisory 2018-1463-01 - IBM Java SE version 8 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IBM Java SE 8 to version 8 SR5-FP10. Issues addressed include insecure handling, randomization, and use-after-free vulnerabilities.
d564ca176d83bac59993b789f3f5d1ddRed Hat Security Advisory 2018-1449-01 - Red Hat JBoss Enterprise Application Platform is a platform for Java applications based on the JBoss Application Server. This release of Red Hat JBoss Enterprise Application Platform 6.4.20 serves as a replacement for Red Hat JBoss Enterprise Application Platform 6.4.19, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include code execution and traversal vulnerabilities.
d5bb8747d4963a9701bc9fea6846f0d9Red Hat Security Advisory 2018-1447-01 - Red Hat JBoss Enterprise Application Platform is a platform for Java applications based on the JBoss Application Server. This release of Red Hat JBoss Enterprise Application Platform 6.4.20 serves as a replacement for Red Hat JBoss Enterprise Application Platform 6.4.19, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include code execution and traversal vulnerabilities.
d37c865055b7dd8040b85ffd00a62245Red Hat Security Advisory 2018-1451-01 - The jboss-ec2-eap packages provide scripts for Red Hat JBoss Enterprise Application Platform running on the Amazon Web Services Elastic Compute Cloud. With this update, the jboss-ec2-eap package has been updated to ensure compatibility with Red Hat JBoss Enterprise Application Platform 6.4.19. Issues addressed include code execution and traversal vulnerabilities.
b4e07cd6ac11bfc12b0a9880e1b8381dRed Hat Security Advisory 2018-1450-01 - Red Hat JBoss Enterprise Application Platform is a platform for Java applications based on the JBoss Application Server. This release of Red Hat JBoss Enterprise Application Platform 6.4.20 serves as a replacement for Red Hat JBoss Enterprise Application Platform 6.4.19, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include code execution and traversal vulnerabilities.
ca717b364a62b6d3779e6d65af3a3bceRed Hat Security Advisory 2018-1414-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 52.8.0 ESR. Issues addressed include buffer overflow, bypass, and use-after-free vulnerabilities.
b3aa86111adf63a7c2fae43dc3437fb8Arris Touchstone Telephony Gateway suffers from denial of service, information disclosure, and various other vulnerabilities.
a20ffa38bd85d063281f1d047f628875MyBiz MyProcureNet version 5.0.0 suffers from remote file upload and cross site scripting vulnerabilities.
9d259792840d984bdc75e2b482b86e96
© 2018 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed