287 matches found
CVE-2019-19530
CVE-2019-19530 affects the Linux kernel prior to 5.2.10, with a use-after-free in the USB CDC-ACM driver (drivers/usb/class/cdc-acm.c) triggered by a malicious USB device. The issue could lead to a denial of service through memory corruption if exploited locally via USB hardware interfaces; CVSS ...
A week in security (March 18 – 24)
Last week on Malwarebytes Labs, we touched on the susceptibility of hospitals against phishing attacks, password reuse, the risk of interactive TV shows to side-channel attacks, and Facebook's new and out-of-character plan to promote privacy in the platform. Other cybersecurity news A study...
C4G Basic Laboratory Information System (BLIS) 3.4 - SQL Injection
C4G Basic Laboratory Information System BLIS 3.4 - SQL Injection Exploit Title: C4G Basic Laboratory Information System BLIS 3.4 - Multiples SQL Injection Date: 01/31/2019 Software Links/Project: https://github.com/C4G/BLIS | http://blis.cc.gatech.edu/index.php Version: C4G Basic Laboratory...
Ubuntu: Security Advisory (USN-3822-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu 14.04 LTS : Linux kernel vulnerabilities (USN-3822-1)
The remote Ubuntu 14.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-3822-1 advisory. Jim Mattson discovered that the KVM implementation in the Linux kernel mismanages the BP and OF exceptions. A local attacker in a guest virtual machine...
Security Bulletin: Vulnerability in InstallAnywhere affects IBM InfoSphere Change Data Capture installers (CVE-2016-4560)
Summary InstallAnywhere generates installation executables on Microsoft Windows which are vulnerable to a DLL-planting exploit affecting the Change Data Capture CDC components within the IBM InfoSphere Data Replication and IBM InfoSphere Change Data Delivery families of products. Vulnerability...
cdc-niebuell.de XSS vulnerability
Open Bug Bounty ID: OBB-614604 Description| Value ---|--- Affected Website:| cdc-niebuell.de Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...
CVE-2018-9113
Centers for Disease Control and Prevention MicrobeTRACE 0.1.12 allows remote attackers to execute arbitrary code, related to code injection via a crafted CSV file with an initial 'script type="text/javascript" src=' line. Fix released on 2018-03-29...
CVE-2018-8974
Centers for Disease Control and Prevention MicrobeTRACE 0.1.11 allows remote attackers to execute arbitrary code, related to code injection via a crafted CSV file with an initial 'Sourcescript type="text/javascript" src=' line. Fix released on 2018-03-28...
Code injection
Centers for Disease Control and Prevention MicrobeTRACE 0.1.11 allows remote attackers to execute arbitrary code, related to code injection via a crafted CSV file with an initial 'Sourcescript type="text/javascript" src=' line. Fix released on 2018-03-28...
Code injection
Centers for Disease Control and Prevention MicrobeTRACE 0.1.12 allows remote attackers to execute arbitrary code, related to code injection via a crafted CSV file with an initial 'script type="text/javascript" src=' line. Fix released on 2018-03-29...
CVE-2018-8974
Centers for Disease Control and Prevention MicrobeTRACE 0.1.11 allows remote attackers to execute arbitrary code, related to code injection via a crafted CSV file with an initial 'Sourcescript type="text/javascript" src=' line. Fix released on 2018-03-28...
CVE-2018-9113
Centers for Disease Control and Prevention MicrobeTRACE 0.1.12 allows remote attackers to execute arbitrary code, related to code injection via a crafted CSV file with an initial 'script type="text/javascript" src=' line. Fix released on 2018-03-29...
CVE-2018-9113
Centers for Disease Control and Prevention MicrobeTRACE 0.1.12 allows remote attackers to execute arbitrary code, related to code injection via a crafted CSV file with an initial 'script type="text/javascript" src=' line. Fix released on 2018-03-29...
CVE-2018-9113
CVE-2018-9113 affects CDC MicrobeTRACE 0.1.12. A remote attacker could exploit a crafted CSV file containing an initial line like “>[removed]
CVE-2018-8974
CVE-2018-8974 affects CDC MicrobeTRACE 0.1.11. The issue is a remote code execution vulnerability arising from code injection via a specially crafted CSV file whose first line starts with Source[removed]
CVE-2018-8974
Centers for Disease Control and Prevention MicrobeTRACE 0.1.11 allows remote attackers to execute arbitrary code, related to code injection via a crafted CSV file with an initial 'Sourcescript type="text/javascript" src=' line. Fix released on 2018-03-28...
Unbreakable Enterprise kernel security update
4.1.12-124.14.2 - scsi: iscsitcp: set BDICAPSTABLEWRITES when data digest enabled Jianchao Wang Orabug: 27726302 - block: fix biowillgap for first bvec with offset Ming Lei Orabug: 27775588 - block: relax check on sg gap Ming Lei Orabug: 27775588 - block: don't optimize for non-cloned bio in...
Ubuntu 14.04 LTS : Linux kernel (Xenial HWE) vulnerabilities (USN-3619-2)
The remote Ubuntu 14.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-3619-2 advisory. USN-3619-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enableme...
Ubuntu 17.10 : linux-raspi2 vulnerabilities (USN-3617-3)
It was discovered that a race condition leading to a use-after-free vulnerability existed in the ALSA PCM subsystem of the Linux kernel. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2017-0861 It was discovered that a...