EUVD-2019-4195

Malware in sbrugna...

Oracle Siebel CRM SEoL (7.8.x)

According to its version, Oracle Siebel CRM is 7.8.x. It is, therefore, no longer maintained by its vendor or provider. Lack of support implies that no new security patches for the product will be released by the vendor. As a result, it may contain security vulnerabilities. %NASLMINLEVEL 80900 C...

Red Hat Enterprise Linux SEoL (7.8.x <= x <= 7.9.x)

According to its version, Red Hat Enterprise Linux is between 7.8.x and 7.9.x. It is, therefore, no longer maintained by its vendor or provider. Lack of support implies that no new security patches for the product will be released by the vendor. As a result, it may contain security vulnerabilitie...

CVE-2012-3490

The 1 mypopenvimpl and 2 myspawnv functions in src/condorutils/mypopen.cpp and the 3 systemCommand function in condorvm-gahp/vmgahpcommon.cpp in Condor 7.6.x before 7.6.10 and 7.8.x before 7.8.4 does not properly check the return value of setuid calls, which might cause a subprocess to be created...

Code injection

The 1 mypopenvimpl and 2 myspawnv functions in src/condorutils/mypopen.cpp and the 3 systemCommand function in condorvm-gahp/vmgahpcommon.cpp in Condor 7.6.x before 7.6.10 and 7.8.x before 7.8.4 does not properly check the return value of setuid calls, which might cause a subprocess to be created...

CVE-2012-3490

The 1 mypopenvimpl and 2 myspawnv functions in src/condorutils/mypopen.cpp and the 3 systemCommand function in condorvm-gahp/vmgahpcommon.cpp in Condor 7.6.x before 7.6.10 and 7.8.x before 7.8.4 does not properly check the return value of setuid calls, which might cause a subprocess to be created...

CVE-2012-3490

The 1 mypopenvimpl and 2 myspawnv functions in src/condorutils/mypopen.cpp and the 3 systemCommand function in condorvm-gahp/vmgahpcommon.cpp in Condor 7.6.x before 7.6.10 and 7.8.x before 7.8.4 does not properly check the return value of setuid calls, which might cause a subprocess to be created...

PT-2019-16643 · Mcafee · Mcafee Web Gateway

Name of the Vulnerable Software and Affected Versions: McAfee Web Gateway versions 7.8.x prior to 7.8.2.13 Description: The issue allows remote attackers to collect sensitive information or execute commands with the administrator's credentials by tricking the administrator into clicking on a...

Sql injection

SuiteCRM 7.8.x before 7.8.30, 7.10.x before 7.10.17, and 7.11.x before 7.11.5 allows SQL Injection issue 1 of 3...

CVE-2019-12598

SuiteCRM 7.8.x before 7.8.30, 7.10.x before 7.10.17, and 7.11.x before 7.11.5 allows SQL Injection issue 1 of 3...

Symantec Protection Engine 7.0.x < 7.0.5 HF02 / 7.5.x < 7.5.5 HF01 / 7.8.x < 7.8.0 HF03 Multiple DoS (SYM16-015) (Linux)

The version of Symantec Protection Engine SPE installed on the remote Linux host is 7.0.x prior to 7.0.5 hotfix 02, 7.5.x prior to 7.5.5 hotifx 01, or 7.8.x prior to 7.8.0 hotifx 03. It is, therefore, affected by multiple denial of service vulnerabilities : - A denial of service vulnerability...

CVE-2012-3492

The filesystem authentication condorio/condorauthfs.cpp in Condor 7.6.x before 7.6.10 and 7.8.x before 7.8.4 uses authentication directories even when they have weak permissions, which allows remote attackers to impersonate users by renaming a user's authentication directory...