A vulnerability was found in Leanote 2.6.1. It has been classified as problematic. This affects an unknown function of the component Blog Basic Setting Title. The manipulation with an unknown input leads to a cross site scripting vulnerability....
A vulnerability has been found in ThinkPHP 3.2.4 and classified as critical. Affected by this vulnerability is the function parseOrder of the file Library/Think/Db/Driver.class.php. The manipulation of the argument key as part of a Parameter...
A vulnerability, which was classified as problematic, was found in Fiyo CMS 2.0.7. Affected is an unknown function of the file dapur\apps\app_user\edit_user.php. The manipulation of the argument name as part of a Parameter leads to a cross site...
A vulnerability, which was classified as problematic, has been found in ImageMagick 7.0.8-13 Q16. This issue affects the function WriteMSLImage of the file coders/msl.c. The manipulation with an unknown input leads to a denial of service...
A vulnerability was found in ServersCheck Monitoring Software up to 14.3.3 and classified as critical. Affected by this issue is an unknown function. The manipulation with an unknown input leads to a sql injection vulnerability. Using CWE to...
Original release date: October 19, 2018
The United Kingdom's (UK) National Cyber Security Centre (NCSC) has released its Annual Review for 2018, which provides a snapshot of their work from September 1, 2017, to August 31, 2018. NCSC...
A vulnerability classified as problematic has been found in TeaKKi 2.7. This affects an unknown function of the component Picture URL Handler. The manipulation of the argument onerror as part of a Attribute leads to a cross site scripting...
A vulnerability classified as critical was found in Teeworlds up to 0.6.4. This vulnerability affects an unknown function of the component Connection Packet Handler. The manipulation with an unknown input leads to a spoofing vulnerability. The...
Original release date: October 19, 2018
libssh has released security updates addressing a vulnerability affecting libssh versions 0.6 and above. A remote attacker could exploit this vulnerability to take control of an affected system.NCCIC...
Original release date: October 19, 2018
Microsoft has released a security update to address a vulnerability in the Yammer desktop application. A remote attacker could exploit this vulnerability to take control of an affected system.NCCIC...
On 16th of October 2018, Oracle released a critical patch bundle that addresses several security vulnerabilities. The patch contains 301 new fixes since the last patch. The addressed vulnerabilities affect many Oracle products including among...
De multiples vulnérabilités ont été découvertes dans le noyau Linux de SUSE . Certaines d'entre elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur, une exécution de code arbitraire et un déni de...
Une vulnérabilité a été découverte dans Aruba BLE Radio. Elle permet à un attaquant de provoquer une exécution de code arbitraire à distance.
Une vulnérabilité a été découverte dans Blueimp jQuery-File-Upload. Elle permet à un attaquant de provoquer une exécution de code arbitraire à distance et un contournement de la politique de sécurité.
Original release date: October 18, 2018
Drupal has released security updates addressing multiple vulnerabilities in Drupal 7.x and 8.x. A remote attacker could exploit some of these vulnerabilities to take control of an affected...
A vulnerability was found in Splunk Enterprise 6.6.x and classified as critical. This issue affects an unknown function of the file $SPLUNK_HOME/etc/splunk-launch.conf. The manipulation with an unknown input leads to a privilege escalation...
A vulnerability was found in SV3C L-SERIES HD CAMERA V2.3.4.2103-S50-NTD-B20170508B. It has been classified as critical. Affected is an unknown function. The manipulation of the argument authLevel with the input value 255 leads to a privilege...
A vulnerability was found in LIVE555 RTSP Server 0.92. It has been rated as critical. Affected by this issue is an unknown function of the component HTTP Packet Parser. The manipulation as part of a Crafted Packet leads to a memory corruption...
A vulnerability was found in kaptcha 2.3.2. It has been declared as critical. Affected by this vulnerability is the function Random of the file text/impl/DefaultTextCreator.java of the component Captcha. The manipulation with an unknown input...
A vulnerability was found in ThinkPHP 5.1.25. It has been classified as critical. Affected is the function aggregate of the file library/think/db/Query.php. The manipulation of the argument count as part of a Parameter leads to a sql injection...
A vulnerability was found in ThinkPHP 3.2.4 and classified as critical. This issue affects the function parseKey of the file Library/Think/Db/Driver/Mysql.class.php. The manipulation of the argument key as part of a Parameter leads to a sql...
A vulnerability has been found in OwnTicket 2018-05-23 and classified as critical. This vulnerability affects an unknown function. The manipulation of the argument showTicketId/editTicketStatusId as part of a Parameter leads to a sql injection...
A vulnerability, which was classified as problematic, was found in elfutils 0.174. This affects the function arlib_add_symbols() of the file arlib.c of the component ELF File Handler. The manipulation with an unknown input leads to a denial of...
A vulnerability, which was classified as problematic, has been found in elfutils up to 0.174. Affected by this issue is the function elf_end of the file size.c of the component libelf. The manipulation with an unknown input leads to a denial of...
A vulnerability classified as critical was found in QEMU (the affected version is unknown). Affected by this vulnerability is an unknown function of the component IOReadHandler. The manipulation with an unknown input leads to a memory corruption...