Ubuntu Security Notice 3564-1 - It was discovered that PostgreSQL incorrectly handled certain temp files. An attacker could possibly use this to access sensitive information.
8582d3bff62772a8c4a3e02107d9fa2f05fe789440ea9347b4b65ec83282c468Trend Micro IMSVA Management Portal version 9.1.0.1600 suffers from an authentication bypass vulnerability.
c7a07a038914e37b8bfa9c05e6db471f4711c61717d34ae44ed1f91e9397d82cNetEx HyperIP version 6.1.0 suffers from a local file inclusion vulnerability.
fb130f6f8457644d60ce69b933c8c0f2f4d3daf7e1620fb59e66f170ae55d898NetEx HyperIP version 6.1.0 suffers from a privilege escalation vulnerability.
b6b3f5ba58facfba2eb1750f336aa647a91315ae13af6f460253387be0c2135fNetEx HyperIP version 6.1.0 suffers from a post-authentication command execution vulnerability.
89fd3d5488d7653bb4f6d11f9248ebdc5bc0f4879c689f426770de2762eafd88NetEx HyperIP version 6.1.0 suffers from an authentication bypass vulnerability.
d733aa8090655285b530947e6da39649927c222f511db1714d856155388a8a84Bitcoin MLM Software version 1.0.2 suffers from a persistent cross site scripting vulnerability.
0eb330a38873238814966a4c29bec014976e98b498c0cf1b7d49d6020218090eLawyer Search Script version 1.0.2 suffers from a persistent cross site scripting vulnerability.
27fb991ee45700ab920e57f70e1d6c2aefe4cc12fa7a18e7dfddb5c567bd1c5dRed Hat Security Advisory 2018-0292-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix: An industry-wide issue was found in the way many modern microprocessor designs have implemented speculative execution of instructions. There are three primary variants of the issue which differ in the way the speculative execution can be exploited. Note: This issue is present in hardware and cannot be fully fixed via software update. The updated kernel packages provide software mitigation for this hardware issue at a cost of potential performance penalty.
3ba7536b16c6918a15061bf1675150269a2b2ead9b1aae5bff49d61efc0bf261Debian Linux Security Advisory 4108-1 - Calum Hutton and the Mailman team discovered a cross site scripting and information leak vulnerability in the user options page. A remote attacker could use a crafted URL to steal cookie information or to fish for whether a user is subscribed to a list with a private roster.
9d35d5ad565bca8c1f75bbba0777b61cfc5cb238a65a157dc896ba52dd6acfffDebian Linux Security Advisory 4105-2 - A regression was detected in the previously issued fix for CVE-2018-6360. The patch released with DSA 4105-1 broke the feature of invoking mpv with raw YouTube ids. This update fixes this functionality issue.
e149e9c257505c1e884d8289d5b40537f299c12305def2f628b19cc3e5834d61Naukri Clone Script version 3.0.3 suffers from a remote SQL injection vulnerability.
b9359ca24a6a480bd8bfa4d39ebb45e4e681ba0605e1846ca98dec913a3e7136Schools Alert Management Script version 2.0.2 suffers from code execution and remote file upload vulnerabilities.
bbf3f03121d02da4d72cd3a43a3a5446e566b1bb67a15e570b4e6789cbd01059Facebook Clone Script version 1.0.5 suffers from a persistent cross site scripting vulnerability.
a9823b96babcc899d563750f0b73ce9b8c393872e205e25b025c2db8ec19d089JBoss versions 4.2.x and 4.3.x suffer from an information disclosure vulnerability.
0e2fd33b9f9bd5f397c52b4c3a3eccf448b390c0e0b66ee20c5f079cb3803bd6Microsoft's Skype home-grown updater suffers from a dll hijacking vulnerability.
216eae84a9fa62444079df49cbfe75e118c010a069585d13c866dc34ddeb3837Fisheye and Crucible suffer from a remote code execution vulnerability through OGNL double evaluation. Versions of Fisheye and Crucible before 4.4.5 (the fixed version for 4.4.x) and from 4.5.0 before 4.5.2 (the fixed version for 4.5.x) are affected by this vulnerability.
35ef4535e3daa3e68378bcdc040495f7a74cf8f45f2407bd08ca9a68199b42e0Formstack's outbound webhook implementation fails to not print the HMAC secretin every request.
64b04b21668f9971f5a41a9697cb62fefe5ba5895d2aa607900430bd54a9b710
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed