OMICARD EDM 's SMS Security Vulnerabilities

Lost And Found Information System 1.0 SQL Injection

...

Mozilla Firefox Security Update (mfsa_2024-23_2024-26) - Windows

Mozilla Firefox is prone to multiple ...

RHEL 8 : dnsmasq (RHSA-2024:3929)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:3929 advisory. The dnsmasq packages contain Dnsmasq, a lightweight DNS (Domain Name Server) forwarder and DHCP (Dynamic Host Configuration Protocol)...

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : cups (SUSE-SU-2024:2003-1)

The remote SUSE Linux SLED15 / SLED_SAP15 / SLES15 / SLES_SAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2024:2003-1 advisory. - CVE-2024-35235: Fixed a bug in cupsd that could allow an attacker to change the permissions of...

Mozilla Firefox Security Update (mfsa_2024-23_2024-26) - Mac OS X

Mozilla Firefox is prone to multiple ...

RHEL 8 : dnsmasq (RHSA-2024:3877)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:3877 advisory. The dnsmasq packages contain Dnsmasq, a lightweight DNS (Domain Name Server) forwarder and DHCP (Dynamic Host Configuration Protocol)...

SUSE: Security Advisory (SUSE-SU-2024:2003-1)

The remote host is missing an update for...

SUSE SLES12 Security Update : cups (SUSE-SU-2024:2002-1)

The remote SUSE Linux SLES12 / SLES_SAP12 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2024:2002-1 advisory. - CVE-2024-35235: Fixed a bug in cupsd that could allow an attacker to change the permissions of other files in the system....

Fedora 39 : php (2024-52c23ef1ec)

The remote Fedora 39 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-52c23ef1ec advisory. PHP version 8.2.20 (06 Jun 2024) CGI: * Fixed buffer limit on Windows, replacing read call usage by _read. (David Carlier) * Fixed bug...

RHEL 9 : expat (RHSA-2024:3926)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:3926 advisory. Expat is a C library for parsing XML documents. Security Fix(es): * expat: parsing large tokens can trigger a denial of service...

Microsoft Edge (Chromium) < 126.0.2592.56 Multiple Vulnerabilities

The version of Microsoft Edge installed on the remote Windows host is prior to 126.0.2592.56. It is, therefore, affected by multiple vulnerabilities as referenced in the June 13, 2024 advisory. Microsoft Edge (Chromium-based) Spoofing Vulnerability (CVE-2024-30058, CVE-2024-38083) Type...

Google Chrome Security Update (stable-channel-update-for-desktop-2024-06) - Linux

Google Chrome is prone to multiple ...

SUSE: Security Advisory (SUSE-SU-2024:2005-1)

The remote host is missing an update for...

Ubuntu: Security Advisory (USN-6831-1)

The remote host is missing an update for...

SUSE: Security Advisory (SUSE-SU-2024:2002-1)

The remote host is missing an update for...

Fedora: Security Advisory for php (FEDORA-2024-52c23ef1ec)

The remote host is missing an update for...

Mozilla Firefox ESR Security Update (mfsa_2024-23_2024-26) - Mac OS X

Firefox ESR is prone to multiple ...

Adobe Photoshop Arbitrary Code Execution Vulnerability (APSB24-27) - Windows

Adobe Photoshop is prone to an arbitrary code execution...

Adobe Media Encoder Memory Leak Vulnerability (APSB24-34) - Windows

Adobe Media Encoder is prone to a memory leak...

Lost And Found Information System 1.0 SQL Injection

...

SUSE SLES15 Security Update : kernel-firmware-nvidia-gspx-G06, nvidia-open-driver-G06-signed (SUSE-SU-2024:2005-1)

The remote SUSE Linux SLES15 / SLES_SAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:2005-1 advisory. Security Update 550.90.07: - CVE-2024-0090: Fixed out of bounds write (bsc#1223356). - CVE-2024-0092: Fixed incorrect exception...

Fedora: Security Advisory for tomcat (FEDORA-2024-2bf73514cd)

The remote host is missing an update for...

Creative Cloud Desktop Application Arbitrary Code Execution Vulnerability APSB24-44 (Windows)

Adobe Creative Cloud Desktop Application is prone to an arbitrary code execution...

SUSE: Security Advisory (SUSE-SU-2024:2012-1)

The remote host is missing an update for...

Ubuntu: Security Advisory (USN-6829-1)

The remote host is missing an update for...

Slackware: Security Advisory (SSA:2024-164-01)

The remote host is missing an update for...

RHEL 8 / 9 : OpenShift Container Platform 4.14.29 (RHSA-2024:3700)

The remote Redhat Enterprise Linux 8 / 9 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2024:3700 advisory. Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private...

SUSE SLES12 Security Update : MozillaFirefox (SUSE-SU-2024:2012-1)

The remote SUSE Linux SLES12 / SLES_SAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:2012-1 advisory. - Update to version 115.12.0 ESR (bsc#1226027) - CVE-2024-5702: Use-after-free in networking - CVE-2024-5688: Use-after-free in...

Ubuntu: Security Advisory (USN-6830-1)

The remote host is missing an update for...

Google Chrome Security Update (stable-channel-update-for-desktop-2024-06) - Windows

Google Chrome is prone to multiple ...

Adobe Audition Multiple Vulnerabilities (APSB24-32) - Windows

Adobe Audition is prone to multiple ...

SUSE SLES15 / openSUSE 15 Security Update : kernel (SUSE-SU-2024:2008-1)

The remote SUSE Linux SLES15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:2008-1 advisory. The SUSE Linux Enterprise 15 SP5 RT kernel was updated to receive various security bugfixes. The following security bugs were...

Adobe Photoshop Arbitrary Code Execution Vulnerability (APSB24-27) - Mac OS X

Adobe Photoshop is prone to an arbitrary code execution...

Security Bulletin: IBM Maximo Asset Management - There is a vulnerability in Java on z/OS used by IBM Maximo Asset Management application (CVE-2024-3933)

Summary There is a vulnerability in Java on z/OS used by IBM Maximo Asset Management application. Vulnerability Details ** CVEID: CVE-2024-3933 DESCRIPTION: **Eclipse Openj9 could allow a local authenticated attacker to bypass security restrictions, caused by the failure to restrict access to a...

Ivanti EPM - Remote Code Execution

An unspecified SQL Injection vulnerability in Core server of Ivanti EPM 2022 SU5 and prior allows an unauthenticated attacker within the same network to execute arbitrary...

Security Bulletin: IBM Maximo Asset Management - There is a vulnerability in tinymce-6.7.3.min.js used by IBM Maximo Asset Management application (CVE-2024-29203)

Summary There is a vulnerability in tinymce-6.7.3.min.js used by IBM Maximo Asset Management application. Vulnerability Details ** CVEID: CVE-2024-29203 DESCRIPTION: **TinyMCE is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the iframe elements. A...

Security Bulletin: Maximo Asset Management - There is a vulnerability in tinymce-6.7.3.min.js used by IBM Maximo Asset Management application (CVE-2024-29881)

Summary There is a vulnerability in tinymce-6.7.3.min.js used by IBM Maximo Asset Management application. (CVE-2024-29881). Vulnerability Details ** CVEID: CVE-2024-29881 DESCRIPTION: **TinyMCE is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by the...

Security Bulletin: IBM Maximo Asset Management application is vulnerable to sensitive information disclosure (CVE-2024-22333)

Summary IBM Maximo Asset Management application is vulnerable to sensitive information disclosure. Vulnerability Details ** CVEID: CVE-2024-22333 DESCRIPTION: **IBM Maximo Asset Management allows web pages to be stored locally which can be read by another user on the system. CVSS Base score: 4...

Security Bulletin: IBM Maximo Manage application in IBM Maximo Application Suite is vulnerable to sensitive information disclosure (CVE-2024-22333)

Summary IBM Maximo Manage application in IBM Maximo Application Suite is vulnerable to sensitive information disclosure. Vulnerability Details ** CVEID: CVE-2024-22333 DESCRIPTION: **IBM Maximo Asset Management allows web pages to be stored locally which can be read by another user on the system......

SolarWinds Serv-U Unauthenticated Arbitrary File Read

This module exploits an unauthenticated file read vulnerability, due to directory traversal, affecting SolarWinds Serv-U FTP Server 15.4, Serv-U Gateway 15.4, and Serv-U MFT Server 15.4. All versions prior to the vendor supplied hotfix "15.4.2 Hotfix 2" (version 15.4.2.157) are...

Introducing the 0-day Threat Hunt Bug Bounty Promo Through July 11th, 2024!

At Wordfence our mission is to Secure The Web. WordPress powers over 40% of the Web, and Wordfence secures over 5 million WordPress websites. That's why we’ve decided to run another exciting and new promotion for our Bug Bounty Program. With this promotion, our goal is to get more of the highest...

Security Bulletin: IBM Maximo Application Suite uses bcprov-jdk18on-1.74.jar which is vulnerable to CVE-2024-30171

Summary IBM Maximo Application Suite uses bcprov-jdk18on-1.74.jar which is vulnerable to CVE-2024-30171.This bulletin contains information regarding the vulnerability and its fixture. Vulnerability Details ** CVEID: CVE-2024-30171 DESCRIPTION: **The Bouncy Castle Crypto Package For Java could...

Security Bulletin: IBM Maximo Application Suite Predict Component uses IBM WebSphere Application Server Liberty is vulnerable to a denial of service which is vulnerable to CVE-2024-25026

Summary IBM Maximo Application Suite Predict Component IBM WebSphere Application Server Liberty is vulnerable to a denial of service which is vulnerable toCVE-2024-25026 .This bulletin contains information regarding the vulnerability and its fixture. Vulnerability Details ** CVEID: CVE-2024-25026 ....

Security Bulletin: IBM Maximo Application Suite Predict Component uses IBM WebSphere Application Server Liberty is vulnerable to an XML External Entity (XXE) injection vulnerability (CVE-2024-22354).

Summary IBM Maximo Application Suite Predict Component uses IBM WebSphere Application Server Liberty is vulnerable to an XML External Entity (XXE) injection vulnerability (CVE-2024-22354).This bulletin contains information regarding the vulnerability and its fixture. Vulnerability Details **...

Security Bulletin: IBM Maximo Application Suite Predict Component uses: webSphere Application Server Liberty is vulnerable to a server-side request forgery (SSRF) vulnerability which is vulnerable to CVE-2024-22329

Summary IBM Maximo Application Suite Predict Component uses: webSphere Application Server Liberty is vulnerable to a server-side request forgery (SSRF) vulnerability which is vulnerable to CVE-2024-22329. This bulletin contains information regarding the vulnerability and its fixture. Vulnerability....

Security Bulletin: IBM Maximo Application Suite Predict Component uses :IBM WebSphere Application Server Liberty is vulnerable to a denial of service due to jose4j which is vulnerable to CVE-2023-51775

Summary IBM Maximo Application Suite Predict Component uses :IBM WebSphere Application Server Liberty is vulnerable to a denial of service due to jose4j which is vulnerable to CVE-2023-51775. This bulletin contains information regarding the vulnerability and its fixture. Vulnerability Details **...

Security Bulletin: IBM Maximo Application Suite Predict Component uses IBM WebSphere Application Server Liberty is vulnerable to a denial of service which is vulnerable to CVE-2024-27268

Summary IBM Maximo Application Suite Predict Component uses IBM WebSphere Application Server Liberty is vulnerable to a denial of service which is vulnerable to CVE-2024-27268 .This bulletin contains information regarding the vulnerability and its fixture. Vulnerability Details ** CVEID:...

Security Bulletin: IBM Maximo Application Suite Predict Component uses IBM WebSphere Application Server Liberty is vulnerable to a denial of service when using the openidConnectClient-1.0 or socialLogin-1.0 feature which is vulnerable to CVE-2024-22353

Summary IBM Maximo Application Suite Predict Component uses IBM WebSphere Application Server Liberty is vulnerable to a denial of service when using the openidConnectClient-1.0 or socialLogin-1.0 feature which is vulnerable toCVE-2024-22353.This bulletin contains information regarding the...

Security Bulletin: IBM Maximo Application Suite Predict Component uses IBM WebSphere Application Server Liberty is vulnerable to cross-site scripting (CVE-2024-27270).

Summary IBM Maximo Application Suite Predict Component uses IBM WebSphere Application Server Liberty is vulnerable to cross-site scripting (CVE-2024-27270). This bulletin contains information regarding the vulnerability and its fixture. Vulnerability Details ** CVEID: CVE-2024-27270 DESCRIPTION:...

Security Bulletin: IBM Maximo Application Suite Predict Component uses IBM WebSphere Application Server Liberty could provide weaker than expected security which is vulnerable to CVE-2023-50312

Summary IBM Maximo Application Suite Predict Component uses IBM WebSphere Application Server Liberty which is vulnerable to CVE-2023-50312.This bulletin contains information regarding the vulnerability and its fixture. Vulnerability Details ** CVEID: CVE-2023-50312 DESCRIPTION: **IBM WebSphere...