OPENSUSE-SU-2019:1159-1 Security update for sqlite3

This update for sqlite3 to version 3.27.2 fixes the following issue: Security issue fixed: - CVE-2018-20346: Fixed a remote code execution vulnerability in FTS3 Magellan bsc1119687. Release notes: https://www.sqlite.org/releaselog/3272.html This update was imported from the SUSE:SLE-15:Update...

SUSE-SU-2019:14003-1 Security update for sqlite3

This update for sqlite3 fixes the following issue: Security issue fixed: - CVE-2018-20346: Fixed a remote code execution vulnerability in FTS3 Magellan bsc1119687...

Description of the security update for SharePoint Server 2010: March 12, 2019

Description of the security update for SharePoint Server 2010: March 12, 2019 Summary This security update resolves a remote code execution vulnerability that exists in Microsoft SharePoint if the software does not check the source markup of an application package. To learn more about the...

CVE-2018-20773

Frog CMS 0.9.5 allows PHP code execution by visiting admin/?/page/edit/1 and inserting additional ?php lines...

SUSE-SU-2019:0241-1 Security update for spice

This update for spice fixes the following issues: Security issue fixed: - CVE-2019-3813: Fixed a out-of-bounds read in the memslotgetvirt function that could lead to denial-of-service or code-execution bsc1122706...

Code Execution Vulnerability in Qtouch Cross-Platform Technology Configuration Software

Qtouch cross-platform technology configuration software with cross-platform and unified work platform features, can be across multiple operating systems at the same time on multiple operations to achieve a unified work platform. A code execution vulnerability exists in Qtouch Cross-Platform...

CVE-2019-1641

A vulnerability in the Cisco Webex Network Recording Player for Microsoft Windows and the Cisco Webex Player for Microsoft Windows could allow an attacker to execute arbitrary code on an affected system. The vulnerability exist because the affected software improperly validates Advanced Recording...

drupal -- Drupal core - Arbitrary PHP code execution

Drupal Security Team reports: A remote code execution vulnerability exists in PHP's built-in phar stream wrapper when performing file operations on an untrusted phar:// URI. Some Drupal code core, contrib, and custom may be performing file operations on insufficiently validated user input, thereb...

Debian: Security Advisory (DSA-4368-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2019-0583

A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka "Jet Database Engine Remote Code Execution Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2019, Windows...

FasterXML Jackson-databind code issue vulnerability (CNVD-2019-37152)

FasterXML Jackson is a U.S. FasterXML company for Java data processing tools . Jackson-databind is one of the components with data binding capabilities . A security vulnerability exists in FasterXML Jackson-databind version 2.x prior to 2.9.8. An attacker can exploit the vulnerability to execute...

Code Execution Vulnerability in CIM City Information Aggregation System

CIM is a city information aggregation CMS that is easy to operate, powerful, data standardized, flexible in settings, and can easily realize various website types and style interfaces. A code execution vulnerability exists in CIM City Information Aggregation System, which can be exploited by...

Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server shipped with Tivoli Netcool/OMNIbus WebGUI (CVE-2018-1904)

Summary Websphere Application Server WAS is shipped as a component of Tivoli Netcool/OMNIbus WebGUI. Information about a security vulnerability affecting WAS has been published in a security bulletin. Vulnerability Details Please consult the security bulletin Potential Remote code execution...

Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server shipped with IBM Case Manager (CVE-2018-1904)

Summary IBM WebSphere Application Server is shipped as a component of IBM Case Manager. Information about a security vulnerability affecting IBM WebSphere Application Server has been published in a security bulletin. Vulnerability Details Please consult the security bulletin Security Bulletin:...

Deserialization of untrusted data

FasterXML jackson-databind 2.x before 2.9.7 might allow remote attackers to execute arbitrary code by leveraging failure to block the slf4j-ext class from polymorphic deserialization...

Code Execution Vulnerability in HOLLiAS_MACS Distributed Control System by HOLLiAS

HOLLIS Group is a professional automation company integrating R&D, production, sales and technical service. A code execution vulnerability exists in the HOLLiASMACS distributed control system of HOLLiS, which can be exploited by attackers to execute arbitrary code...

IBM WebSphere Application Server Code Execution Vulnerability (CNVD-2018-26213)

IBM WebSphere Application Server WAS is an application server product developed and distributed by IBM in the U.S. It is a platform for Java EE and Web services applications, and is the foundation of the IBM WebSphere software platform. A code execution vulnerability exists in IBM WAS, which can ...

TwoThink has a code execution vulnerability

TwoThink is an open source content management framework developed using the latest ThinkPHP version 5.0.2 to provide a more convenient and secure WEB application development experience. TwoThink code execution vulnerability , an attacker can exploit the vulnerability to execute arbitrary code...

Code execution vulnerability in welive v5.0.0 (CNVD-2018-26245)

WeLive v5.0.0 is an enterprise level customer service system. A code execution vulnerability exists in the welive v5.0.0 file. An attacker can exploit the vulnerability to execute commands...

Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server shipped with Tivoli Business Service Manager (CVE-2018-1567)

Summary IBM WebSphere Application Server is shipped as a component of Tivoli Business Service Manager. Information about a security vulnerability affecting IBM WebSphere Application Server has been published in a security bulletin. Vulnerability Details Please consult the Security Bulletin: Code...