Title Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect Identity Governance and Intelligence 5.2

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Version1.7 that is used by Identity Governance and Intelligence 5.2. These issues were disclosed as part of the IBM Java SDK updates in January 2016 and includes the vulnerability commonly referred to as “SLOTH”...

Security Bulletin: Multiple vulnerabilities in IBM Java SD affect Guardium Data Redaction

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition version 6 that is used by Guardium Data Redaction. These issues were disclosed as part of the IBM Java SDK updates for October 2015. Vulnerability Details CVEID: CVE-2015-4844 DESCRIPTION: An unspecified vulnerability...

Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect IBM Security Network Protection

Summary There are multiple vulnerabilities in IBM Runtime Environment Java Technology Edition, Version 7 that is used by IBM Security Network Protection. These issues were disclosed as part of the IBM Java SDK updates in October 2015. Vulnerability Details CVEID: CVE-2015-4734 DESCRIPTION: An...

Security Bulletin: CICS Transaction Gateway for Multiplatforms

Summary Multiple security vulnerablilities exist in the JREs shipped with CICS TG for client applications. CICS TG itself is not vulnerable to all these risks but client side applications using the CICS TG supplied JREs might be. Vulnerability Details CVEID:CVE-2014-6513 DESCRIPTION: An unspecifi...

completecareshop.co.uk XSS vulnerability

Open Bug Bounty ID: OBB-632504 Description| Value ---|--- Affected Website:| completecareshop.co.uk Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

Error: "Cannot Complete Your Request" When Connecting to StoreFront Through Proxy

The following error is displayed when connecting to StoreFront through proxy due to proxy configuration: Cannot Complete Your Request...

CVE-2018-1265

Cloud Foundry Diego, release versions prior to 2.8.0, does not properly sanitize file paths in tar and zip files headers. A remote attacker with CF admin privileges can upload a malicious buildpack that will allow a complete takeover of a Diego Cell VM and access to all apps running on that Diego...

CVE-2018-1265

Cloud Foundry Diego, release versions prior to 2.8.0, does not properly sanitize file paths in tar and zip files headers. A remote attacker with CF admin privileges can upload a malicious buildpack that will allow a complete takeover of a Diego Cell VM and access to all apps running on that Diego...

EU MRV Regulatory Complete Solution 1 SQL Injection

Exploit Title: EU MRV Regulatory Complete Solution 1 - Authentication Bypass Date: 2018-05-24 Exploit Author: Veyselxan Vendor Homepage: https://codecanyon.net/item/eu-mrv-regulatory-complete-solution/21680923?srank=11 Version: v1 REQUIRED Tested on: Windows...

[SECURITY] Fedora 27 Update: perl-Dancer2-0.206000-1.fc27

Dancer2 is the new generation of Dancer, the lightweight web-framework for Perl. It is a complete rewrite based on Moo and is meant to be easy and fun...

[SECURITY] Fedora 28 Update: perl-Dancer2-0.206000-1.fc28

Dancer2 is the new generation of Dancer, the lightweight web-framework for Perl. It is a complete rewrite based on Moo and is meant to be easy and fun...

GPON Routers Multiple Vulnerabilities

GPON Home Routers are prone to multiple vulnerabilities. Those vulnerabilities where known to be exploited by the Mettle, Muhstik, Mirai, Hajime, and Satori Botnets in 2018. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are...

CVE-2018-2817

Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: Server: DDL. Supported versions that are affected are 5.5.59 and prior, 5.6.39 and prior and 5.7.21 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to...

CVE-2018-2818

Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: Server : Security : Privileges. Supported versions that are affected are 5.5.59 and prior, 5.6.39 and prior and 5.7.21 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via...

CVE-2018-2776

Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: Group Replication GCS. Supported versions that are affected are 5.7.21 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via XCom to compromise MySQL Server. Successful attacks ...

CVE-2018-2779

Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: Server: Optimizer. Supported versions that are affected are 5.7.21 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successfu...

CVE-2018-2758

Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: Server : Security : Privileges. Supported versions that are affected are 5.6.39 and prior and 5.7.21 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to...

CVE-2018-2718

Vulnerability in the Solaris component of Oracle Sun Systems Products Suite subcomponent: RPC. Supported versions that are affected are 10 and 11.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via NFS to compromise Solaris. Successful attacks of this...

CVE-2018-2769

Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: Server: Pluggable Auth. Supported versions that are affected are 5.7.21 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server...

Vulnerability Spotlight: Foscam IP Video Camera Firmware Recovery Unsigned Image Vulnerability

This vulnerability was discovered by Claudio Bozzato of Cisco Talos. Executive Summary The Foscam C1 Indoor HD Camera is a network-based camera that is marketed for a variety of uses, including as a home security monitoring device. Talos recently identified 32 vulnerabilities present in these...