58 matches found
Linux Distros Unpatched Vulnerability : CVE-2018-2782
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: InnoDB. Supported versions that are affected are 5.6.39 and prior and 5.7.21 and prior...
Linux Distros Unpatched Vulnerability : CVE-2018-2758
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: Server : Security : Privileges. Supported versions that are affected are 5.6.39 and...
Linux Distros Unpatched Vulnerability : CVE-2018-2766
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: InnoDB. Supported versions that are affected are 5.6.39 and prior and 5.7.21 and prior...
SUSE CVE-2018-2758
Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: Server : Security : Privileges. Supported versions that are affected are 5.6.39 and prior and 5.7.21 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to...
SUSE CVE-2018-2782
Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: InnoDB. Supported versions that are affected are 5.6.39 and prior and 5.7.21 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server...
SUSE CVE-2018-2784
Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: InnoDB. Supported versions that are affected are 5.6.39 and prior and 5.7.21 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server...
SUSE CVE-2018-2819
Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: InnoDB. Supported versions that are affected are 5.5.59 and prior, 5.6.39 and prior and 5.7.21 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to...
CVE-2018-20783
In PHP before 5.6.39, 7.x before 7.0.33, 7.1.x before 7.1.25, and 7.2.x before 7.2.13, a buffer over-read in PHAR reading functions may allow an attacker to read allocated or unallocated memory past the actual data when trying to parse a .phar file. This is related to pharparsepharfile in...
mysql: InnoDB unspecified vulnerability (CPU Apr 2018)
Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: InnoDB. Supported versions that are affected are 5.6.39 and prior and 5.7.21 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server...
mysql: InnoDB unspecified vulnerability (CPU Apr 2018)
Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: InnoDB. Supported versions that are affected are 5.6.39 and prior and 5.7.21 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server...
mysql: InnoDB unspecified vulnerability (CPU Apr 2018)
Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: InnoDB. Supported versions that are affected are 5.6.39 and prior and 5.7.21 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server...
mysql: InnoDB unspecified vulnerability (CPU Apr 2018)
Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: InnoDB. Supported versions that are affected are 5.6.39 and prior and 5.7.21 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server...
Debian DLA-1674-1 : php5 security update
php-pear in php5 contains CWE-502 Deserialization of Untrusted Data and CWE-915 Improperly Controlled Modification of Dynamically-Determined Object Attributes vulnerabilities in its ArchiveTar class. When extract is called without a specific prefix path, can trigger unserialization by crafting a...
Locations CMS 1.5 SQL Injection
Exploit Title: Locations CMS 1.5 - SQL Injection Dork: N/A Date: 2019-01-13 Exploit Author: Ihsan Sencan Vendor Homepage: https://themerig.com/ Software Link: https://codecanyon.net/item/locations-multipurpose-cms-directory-theme/21098597 Version: 1.0 Category: Webapps Tested on:...
Find a Place CMS Directory 1.5 - SQL Injection
Find a Place CMS Directory 1.5 - SQL Injection Exploit Title: Locations CMS 1.5 - SQL Injection Dork: N/A Date: 2019-01-13 Exploit Author: Ihsan Sencan Vendor Homepage: https://themerig.com/ Software Link: https://codecanyon.net/item/locations-multipurpose-cms-directory-theme/21098597 Version: 1....
Matrix MLM Script 1.0 Information Disclosure
Exploit Title: Matrix MLM Script 1.0 - Information Leakage Dork: N/A Date: 2019-01-10 Exploit Author: Ihsan Sencan Vendor Homepage: https://royallifefoundation.org/ Software Link: https://codecanyon.net/item/mlmpro-multistage-forced-matrix-mlm-script/23050292 Version: 1.0 Category: Webapps Tested...
PHP 5.6.x < 5.6.39 Multiple vulnerabilities
According to its banner, the version of PHP running on the remote web server is 5.6.x prior to 5.6.39. It is, therefore, affected by multiple vulnerabilities: - An arbitrary command injection vulnerability exists in the imapopen function due to improper filters for mailbox names prior to passing...
PHP 5.6.x < 5.6.38, 7.x < 7.0.33, 7.1.x < 7.1.25, 7.2.x < 7.2.13 Multiple Vulnerabilities (Dec 2018) - Linux
PHP is prone to multiple security vulnerabilities. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:php:php"; if description...
[slackware-security] php
New php packages are available for Slackware 14.0, 14.1, 14.2, and -current to fix security issues. Here are the details from the Slackware 14.2 ChangeLog: Several security bugs have been fixed in this release: Segfault when using convert.quoted-printable-encode filter. Null pointer dereference i...
mysql: InnoDB unspecified vulnerability (CPU Apr 2018)
Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: InnoDB. Supported versions that are affected are 5.6.39 and prior and 5.7.21 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server...