Rockwell Automation Allen-Bradley 1752-EN2T/C and 1769-L33ER/A LOGIX5333ER suffer from a cross site scripting vulnerability.
0ccc507114c5605ced5af2476b8253fc4633b6603957b61297cdc78484bc624cThis Microsoft advisory notification includes advisories released or updated on December 5, 2018.
5a25a0b59773b465ede6e605c58557cdec12c33457553abe118959473c09027aHasan MWB version 1.0 suffers from multiple time-based remote SQL injection vulnerabilities.
b69653cf54982d6f2bcc028d440b588272a8a3957bce38c465c46fb7980eb03aRed Hat Security Advisory 2018-3792-01 - OpenStack Networking is a pluggable, scalable, and API-driven system that provisions networking services to virtual machines. Its main function is to manage connectivity to and from virtual machines. Issues addressed include a denial of service vulnerability.
6d233833884a2da2ec3b329f9e78cbbf2c14ad276462cb133a16eb14f93ceb0aUbuntu Security Notice 3811-3 - USN-3811-1 fixed a vulnerability in spamassassin. This update provides the corresponding update for Ubuntu 12.04 ESM. It was discovered that SpamAssassin incorrectly handled the PDFInfo plugin. A remote attacker could possibly use this issue to execute arbitrary code. Various other issues were also addressed.
e3da6b076aedc33ab130290d32e7c4daa17bd215d0b895e799ccdf798fae84ebRed Hat Security Advisory 2018-3779-01 - IBM Java SE version 7 Release 1 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IBM Java SE 7 to version 7R1 SR4-FP35. Issues addressed include a denial of service vulnerability.
b0b5339ee3d473201818a39d93de9bbc73b8fe97cc4c222cdf87a24afbecd344FreeBSD Security Advisory - Insufficient bounds checking in one of the device models provided by bhyve(8) can permit a guest operating system to overwrite memory in the bhyve(8) processing possibly permitting arbitrary code execution. A guest OS using a firmware image can cause the bhyve process to crash, or possibly execute arbitrary code on the host as root.
71b98c82206083a2417dbe32f786c2f87d53bf1da55a9b730d6093f5565c2c24Red Hat Security Advisory 2018-3773-01 - Ansible is a simple model-driven configuration management, multi-node deployment, and remote-task execution system. Ansible works over SSH and does not require any software or daemons to be installed on remote nodes. Extension modules can be written in any language and are transferred to managed machines automatically. Issues addressed include cleartext password logging.
6d60c9c81d0d709539144af89d5dae22e68c51868f9fb44e9103ad6426d671c3Red Hat Security Advisory 2018-3771-01 - Ansible is a simple model-driven configuration management, multi-node deployment, and remote-task execution system. Ansible works over SSH and does not require any software or daemons to be installed on remote nodes. Extension modules can be written in any language and are transferred to managed machines automatically. Issues addressed include cleartext password logging.
500f1c91f9f994e55ecc3e45148c1a8087d5f9a6b8641c7b98369e1dcaa79aedRed Hat Security Advisory 2018-3770-01 - Ansible is a simple model-driven configuration management, multi-node deployment, and remote-task execution system. Ansible works over SSH and does not require any software or daemons to be installed on remote nodes. Extension modules can be written in any language and are transferred to managed machines automatically. Issues addressed include cleartext password logging.
1eb3464ba40407eb671b28601bbd620347d402739faf7bb7e11f9facdbbbb639Red Hat Security Advisory 2018-3772-01 - Ansible is a simple model-driven configuration management, multi-node deployment, and remote-task execution system. Ansible works over SSH and does not require any software or daemons to be installed on remote nodes. Extension modules can be written in any language and are transferred to managed machines automatically. Issues addressed include cleartext password logging.
8fd853d9ee02911f6b2fd7d5d34ddac4d36534bf7d941e0bcc73ff9fdd84770aRed Hat Security Advisory 2018-3768-01 - Red Hat Fuse enables integration experts, application developers, and business users to collaborate and independently develop connected solutions. Fuse is part of an agile integration solution. Its distributed approach allows teams to deploy integrated services where required. The API-centric, container-based architecture decouples services so they can be created, extended, and deployed independently. This release of Red Hat Fuse 7.2 serves as a replacement for Red Hat Fuse 7.1, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include code execution, denial of service, deserialization, and traversal vulnerabilities.
c506280a0a265d8483cea4a2aa6dfd844cda7e1186db77546a2434f9dc9c79cbUbuntu Security Notice 3837-1 - It was discovered that poppler incorrectly handled certain PDF files. An attacker could possibly use this issue to cause a denial of service. It was discovered that poppler incorrectly handled certain PDF files. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 14.04 LTS and Ubuntu 16.04 LTS. Various other issues were also addressed.
1fbaa0cfb99281d009faa4fd1831b0c78f1f6637a79d43d0c0abc366f2073d57OSclass version 3.7.4 suffers from multiple cross site scripting vulnerabilities.
acc22392b7fdd32550b5d6c2887d1240597215a38b32b3c9f0b0e3589feefb35Chamilo version 1.11.6 suffers from multiple remote SQL injection vulnerabilities.
783ec79ab6223d46f2d714ec1b2e4edbb9cd5de7100d62e752c00912c39622fbChamilo version 1.11.6 suffers from multiple cross site scripting vulnerabilities.
76cd65c91e81be2ab55bb67d406208f68efa3c9a16852fe887c8fc328170f33aWordPress Search-Engine plugin version 0.5.9 suffers from a database disclosure vulnerability.
6b29ade36e894b3f59e8320800fb15cb519bb5609893bcb503c79b4a98b648b1WordPress BatchMove plugin version 1.5 suffers from a database disclosure vulnerability.
8c80a84c526d9ee9493301aba4fb6bc99cdc29d6dc987263e9b1591c5a2c4810WordPress Simple-Forum plugin version 4.0 suffers from a database disclosure vulnerability.
4d2ac873f1ce24e4002e9b4828fd9189f0a7ea96df8f22ed1a8e0688ff954683WordPress Caldera Forms plugin version 1.7.4 suffers from a database disclosure vulnerability.
c03cd268b11306ce21b1564667098e12c060c9291dbab0a36590f21fe0a0de1fWordPress newwpml plugin version 3.0 suffers from a database disclosure vulnerability.
4e836f0ca0e6ccb2eacc7939b168e56216c953c4d3ed4b6d00ee99fae967bbbdWordPress Events Made Easy plugin version 2.0.68 suffers from a database disclosure vulnerability.
42c1f93aa471d5bfa93cda0cbd8a52e96e8119c68a6a4b02df4d022c2493272fUbuntu Security Notice 3836-2 - USN-3836-1 fixed vulnerabilities in the Linux kernel for Ubuntu 18.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement kernel from Ubuntu 18.04 LTS for Ubuntu 16.04 LTS. Jann Horn discovered that the Linux kernel mishandles mapping UID or GID ranges inside nested user namespaces in some situations. A local attacker could use this to bypass access controls on resources outside the namespace. Various other issues were also addressed.
a16f0a83e02d3a223fa194bb6e8753f511a0439bdb62c486b7cff7d861d45961Wireshark suffers from a stack corruption vulnerability in cdma2k_message_ACTIVE_SET_RECORD_FIELDS.
648aebeecb465b2b3cc78d44d54466abadfa3a8a23706779212035ef37b1e1cfHasanMWB version 1.0 suffers from a remote SQL injection vulnerability.
62771baeff702773954dfe7646149a017aad6490ed9a3d87f8ff7d3c28c3c48e
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed