Microsoft Dynamics CRM 2011 Update Rollup 16
Microsoft Dynamics CRM 2011 Update Rollup 16 INTRODUCTION Update Rollup 16 for Microsoft Dynamics CRM 2011 is available. This article describes the hotfixes and updates that are included in this update rollup. This rollup is available for all languages that are supported by Microsoft Dynamics...
6.9AI Score
MediaWiki 1.31.x < 1.31.7, 1.33.x < 1.33.3 and 1.34.0 Multiple Vulnerabilities - Linux
MediaWiki is prone to multiple...
6.1CVSS
5.5AI Score
0.002EPSS
MediaWiki 1.31.x < 1.31.7, 1.33.x < 1.33.3 and 1.34.0 Multiple Vulnerabilities - Windows
MediaWiki is prone to multiple...
6.1CVSS
5.5AI Score
0.002EPSS
In MediaWiki before 1.34.1, users can add various Cascading Style Sheets (CSS) classes (which can affect what content is shown or hidden in the user interface) to arbitrary DOM nodes via HTML content within a MediaWiki page. This occurs because jquery.makeCollapsible allows applying an event...
5.3CVSS
5.2AI Score
0.001EPSS
In MediaWiki before 1.34.1, users can add various Cascading Style Sheets (CSS) classes (which can affect what content is shown or hidden in the user interface) to arbitrary DOM nodes via HTML content within a MediaWiki page. This occurs because jquery.makeCollapsible allows applying an event...
5.3CVSS
5AI Score
0.001EPSS
In MediaWiki before 1.34.1, users can add various Cascading Style Sheets (CSS) classes (which can affect what content is shown or hidden in the user interface) to arbitrary DOM nodes via HTML content within a MediaWiki page. This occurs because jquery.makeCollapsible allows applying an event...
5.3CVSS
5AI Score
0.001EPSS
In MediaWiki before 1.34.1, users can add various Cascading Style Sheets (CSS) classes (which can affect what content is shown or hidden in the user interface) to arbitrary DOM nodes via HTML content within a MediaWiki page. This occurs because jquery.makeCollapsible allows applying an event...
5.3CVSS
5AI Score
0.001EPSS
In MediaWiki before 1.34.1, users can add various Cascading Style Sheets (CSS) classes (which can affect what content is shown or hidden in the user interface) to arbitrary DOM nodes via HTML content within a MediaWiki page. This occurs because jquery.makeCollapsible allows applying an event...
5.3CVSS
5AI Score
0.001EPSS
In MediaWiki before 1.34.1, users can add various Cascading Style Sheets (CSS) classes (which can affect what content is shown or hidden in the user interface) to arbitrary DOM nodes via HTML content within a MediaWiki page. This occurs because jquery.makeCollapsible allows applying an event...
5.1AI Score
0.001EPSS
In MediaWiki before 1.34.1, users can add various Cascading Style Sheets (CSS) classes (which can affect what content is shown or hidden in the user interface) to arbitrary DOM nodes via HTML content within a MediaWiki page. This occurs because jquery.makeCollapsible allows applying an event...
5.3CVSS
5.2AI Score
0.001EPSS
Scripts in Sling CMS before 0.16.0 do not property escape the Sling Selector from URLs when generating navigational elements for the administrative consoles and are vulnerable to reflected XSS...
6.1CVSS
6.1AI Score
0.002EPSS
Scripts in Sling CMS before 0.16.0 do not property escape the Sling Selector from URLs when generating navigational elements for the administrative consoles and are vulnerable to reflected XSS...
6.1CVSS
6AI Score
0.002EPSS
Scripts in Sling CMS before 0.16.0 do not property escape the Sling Selector from URLs when generating navigational elements for the administrative consoles and are vulnerable to reflected XSS...
6.1CVSS
6AI Score
0.002EPSS
Scripts in Sling CMS before 0.16.0 do not property escape the Sling Selector from URLs when generating navigational elements for the administrative consoles and are vulnerable to reflected XSS...
6.1CVSS
6AI Score
0.002EPSS
Scripts in Sling CMS before 0.16.0 do not property escape the Sling Selector from URLs when generating navigational elements for the administrative consoles and are vulnerable to reflected XSS...
6.1AI Score
0.002EPSS
FreeBSD : mediawiki -- multiple vulnerabilities (090763f6-7030-11ea-93dd-080027846a02)
MediaWiki reports : Security fixes : T246602:jquery.makeCollapsible allows applying event handler to any CSS...
0.2AI Score
openSUSE Security Update : strongswan (openSUSE-2020-403)
This update for strongswan fixes the following issues : Strongswan was updated to version 5.8.2 (jsc#SLE-11370). Security issue fixed : CVE-2018-6459: Fixed a DoS vulnerability in the parser for PKCS#1 RSASSA-PSS signatures that was caused by insufficient input validation (bsc#1079548). ...
7.5CVSS
7.3AI Score
0.088EPSS
Security update for strongswan (moderate)
An update that fixes one vulnerability is now available. Description: This update for strongswan fixes the following issues: Strongswan was updated to version 5.8.2 (jsc#SLE-11370). Security issue fixed: CVE-2018-6459: Fixed a DoS vulnerability in the parser for PKCS#1 RSASSA-PSS signatures...
7.5CVSS
-0.1AI Score
0.088EPSS
5.3CVSS
7.2AI Score
0.001EPSS
SUSE SLED15 / SLES15 Security Update : strongswan (SUSE-SU-2020:0743-1)
This update for strongswan fixes the following issues : Strongswan was updated to version 5.8.2 (jsc#SLE-11370). Security issue fixed : CVE-2018-6459: Fixed a DoS vulnerability in the parser for PKCS#1 RSASSA-PSS signatures that was caused by insufficient input validation (bsc#1079548). Full...
7.5CVSS
7.5AI Score
0.088EPSS
RHEL 6 : Red Hat JBoss Enterprise Application Platform 7.2.7 on RHEL 6 (RHSA-2020:0804)
The remote Redhat Enterprise Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:0804 advisory. This release of Red Hat JBoss Enterprise Application Platform 7.2.7 serves as a replacement for Red Hat JBoss Enterprise Application...
9.1CVSS
7.9AI Score
0.009EPSS
RHEL 7 : Red Hat JBoss Enterprise Application Platform 7.2.7 on RHEL 7 (RHSA-2020:0805)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:0805 advisory. This release of Red Hat JBoss Enterprise Application Platform 7.2.7 serves as a replacement for Red Hat JBoss Enterprise Application...
9.1CVSS
7.9AI Score
0.009EPSS
RHEL 8 : Red Hat JBoss Enterprise Application Platform 7.2.7 on RHEL 8 (RHSA-2020:0806)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:0806 advisory. This release of Red Hat JBoss Enterprise Application Platform 7.2.7 serves as a replacement for Red Hat JBoss Enterprise Application...
9.1CVSS
7.9AI Score
0.009EPSS
This release of Red Hat JBoss Enterprise Application Platform 7.2.7 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.2.6, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.2.7 Release Notes for information about the most...
AI Score
0.009EPSS
This release of Red Hat JBoss Enterprise Application Platform 7.2.7 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.2.6, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.2.7 Release Notes for information about the most...
AI Score
0.009EPSS
This release of Red Hat JBoss Enterprise Application Platform 7.2.7 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.2.6, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.2.7 Release Notes for information about the most...
AI Score
0.009EPSS
mediawiki -- multiple vulnerabilities
Mediawiki reports: Security fixes: T246602:jquery.makeCollapsible allows applying event handler to any CSS ...
2.4AI Score
Active PayPal Phishing Scam Targets SSNs, Passport Photos
A recently uncovered phishing campaign, targeting PayPal users, pulls out all the stops and asks victims for the complete spectrum of personal data – even going so far as to ask for social security numbers and uploaded photos of their passports. The campaign starts with a fairly run-of-the-mill...
-0.5AI Score
Security Bulletin: Multiple Security Vulnerabilities in ActiveMQ Affect IBM Sterling B2B Integrator
Summary There are multiple security vulnerabilities in ActiveMQ that affect IBM Sterling B2B Integrator Vulnerability Details CVEID: CVE-2011-4905 DESCRIPTION: Apache ActiveMQ is vulnerable to a denial of service, caused by an error in the failover mechanism when handling an openwire connection...
9.8CVSS
1.4AI Score
0.722EPSS
Huawei EulerOS: Security Advisory for kvm (EulerOS-SA-2019-1450)
The remote host is missing an update for the Huawei...
8.1CVSS
8.6AI Score
0.975EPSS
Posted by Samuel Groß, Project Zero This is the third and last post in a series about a remote, interactionless iPhone exploit over iMessage. The first blog post introduced the exploited vulnerability, and the second blog post described a way to perform a heapspray, leaking the shared cache base...
9.8CVSS
9.4AI Score
0.072EPSS
Kubernetes: Man in the middle using LoadBalancer or ExternalIPs services
I rated this vulnerability as high because trying to rate it with CVSS v3.0 Calculator gives me 9.9 which seems way too high as you do require to be able to create services in the K8S cluster. Summary: This report details 2 ways to man in the middle traffic by: a) creating a LoadBalancer service...
5CVSS
5.6AI Score
0.002EPSS
openSUSE Security Update : the Linux Kernel (openSUSE-2019-2675)
The openSUSE Leap 15.1 kernel was updated to receive various security and bugfixes. The following security bugs were fixed : CVE-2019-15211: There was a use-after-free caused by a malicious USB device in drivers/media/v4l2-core/v4l2-dev.c (bnc#1146519). CVE-2019-15213: There was a...
9.8CVSS
9.4AI Score
0.024EPSS
Security update for the Linux Kernel (important)
An update that solves 38 vulnerabilities and has 92 fixes is now available. Description: The openSUSE Leap 15.1 kernel was updated to receive various security and bugfixes. The following security bugs were fixed: CVE-2019-15211: There was a use-after-free caused by a malicious USB ...
9.8CVSS
3.6AI Score
0.024EPSS
8.1CVSS
6.5AI Score
0.009EPSS
Fedora 31 : php-symfony3 (2019-8b0ba02338)
Version 3.4.35 (2019-11-13) bug #34344 [Console] Constant STDOUT might be undefined (nicolas-grekas) security #cve-2019-18889 [Cache] forbid serializing AbstractAdapter and TagAwareAdapter instances (nicolas-grekas) security #cve-2019-18888 [HttpFoundation] fix guessing ...
9.8CVSS
8.1AI Score
0.009EPSS
Debian DLA-1999-1 : symfony security update
Multiple vulnerabilities have been found in the Symfony PHP framework which could lead to a timing attack/information leak, argument injection and code execution via unserialization. For Debian 8 'Jessie', these problems have been fixed in version 2.3.21+dfsg-4+deb8u6. We recommend that you...
8.1CVSS
7.8AI Score
0.009EPSS
8.1CVSS
7.8AI Score
0.009EPSS
Debian DSA-4573-1 : symfony - security update
Multiple vulnerabilities have been found in the Symfony PHP framework which could lead to a timing attack/information leak, argument injection and code execution via...
9.8CVSS
8.6AI Score
0.009EPSS
[SECURITY] [DLA 1999-1] symfony security update
Package : symfony Version : 2.3.21+dfsg-4+deb8u6 CVE ID : CVE-2019-18886 CVE-2019-18887 CVE-2019-18888 Multiple vulnerabilities have been found in the Symfony PHP framework which could lead to a timing attack/information leak, argument injection and code execution via...
8.1CVSS
7.9AI Score
0.009EPSS
[SECURITY] [DSA 4573-1] symfony security update
Debian Security Advisory DSA-4573-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff November 18, 2019 https://www.debian.org/security/faq Package : symfony CVE ID : CVE-2019-18887 CVE-2019-18888...
9.8CVSS
8.8AI Score
0.009EPSS
kernel security, bug fix, and enhancement update
[4.18.0-147.OL8] - Oracle Linux certificates (Alexey Petrenko) - Oracle Linux RHCK Module Signing Key was added to the kernel trusted keys list (olkmod_signing_key.pem) [Orabug: 29539237] - Update x509.genkey [Orabug: 24817676] [4.18.0-147] - [x86] perf/x86/intel: Fix spurious NMI on fixed counter....
9.8CVSS
0.4AI Score
0.014EPSS
0.1AI Score
0.007EPSS
Linux kernel built with the Kernel-based Virtual Machine (CONFIG_KVM) support was vulnerable to an incorrect segment selector(SS) value error. The error could occur while loading values into the SS register in long mode. A user or process inside a guest could use this flaw to crash the guest,...
8.4CVSS
2.5AI Score
0.002EPSS
RHEL 7 : Red Hat JBoss Enterprise Application Platform 7.2.4 on RHEL 7 (RHSA-2019:2936)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2019:2936 advisory. This release of Red Hat JBoss Enterprise Application Platform 7.2.4 serves as a replacement for Red Hat JBoss Enterprise Application...
9.8CVSS
9.3AI Score
0.533EPSS
The remote Redhat Enterprise Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2019:2935 advisory. This release of Red Hat JBoss Enterprise Application Platform 7.2.4 serves as a replacement for Red Hat JBoss Enterprise Application...
9.8CVSS
9.1AI Score
0.533EPSS
RHEL 8 : Red Hat JBoss Enterprise Application Platform 7.2.4 on RHEL 8 (RHSA-2019:2937)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2019:2937 advisory. This release of Red Hat JBoss Enterprise Application Platform 7.2.4 serves as a replacement for Red Hat JBoss Enterprise Application...
9.8CVSS
9.3AI Score
0.533EPSS
Exploit for XML Injection (aka Blind XPath Injection) in Nsa Ghidra
CVE-2019-16941 Proof-of-Concept: The vulnerability...
9.8CVSS
9.5AI Score
0.014EPSS
This release of Red Hat JBoss Enterprise Application Platform 7.2.4 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.2.3, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.2.4 Release Notes for information about the most...
2.6AI Score
0.533EPSS
This release of Red Hat JBoss Enterprise Application Platform 7.2.4 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.2.3, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.2.4 Release Notes for information about the most...
2.6AI Score
0.533EPSS