338 matches found
Microsoft Graphics Components Remote Code Execution Vulnerability
A remote code execution vulnerability exists in the way that Microsoft Graphics Components handle objects in memory. An attacker who successfully exploited the vulnerability could execute arbitrary code on a target system. To exploit the vulnerability, a user would have to open a specially crafte...
[SECURITY] Fedora 32 Update: php-horde-horde-5.2.22-1.fc32
The Horde Application Framework is a flexible, modular, general-purpose web application framework written in PHP. It provides an extensive array of components that are targeted at the common problems and tasks involved in developing modern web applications. It is the basis for a large number of...
gcc-toolset-9-strace bug fix and enhancement update
GCC Toolset is a compiler toolset that provides recent versions of development tools. GCC Toolset is an Application Stream packaged as a Software Collection. For instructions on usage, see Using GCC Toolset linked from the References section. Components and specifics of this version are documente...
Microsoft Graphics Components Remote Code Execution Vulnerability
A remote code execution vulnerability exists in the way that Microsoft Graphics Components handle objects in memory. An attacker who successfully exploited the vulnerability could execute arbitrary code on a target system. To exploit the vulnerability, a user would have to open a specially crafte...
GaussDB: Access permissions to ${GSDB_HOME}/add-ons
The GSDBHOME/lib and GSDBHOME/add-ons directories store GaussDB 100 shared components. Copyright C 2020 Greenbone Networks GmbH SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as...
Sylius ResourceBundle Information Disclosure Vulnerability
Sylius is a set of Symfony framework based on open source e-commerce platform . An information disclosure vulnerability exists in Sylius ResourceBundle. The vulnerability stems from a configuration or other error in the operation of a network system or product. An unauthorized attacker can exploi...
Security Bulletin: IBM Security Guardium is affected by an Oracle MySQL vulnerabilities
Summary IBM Security Guardium has addressed the following vulnerabilities. Vulnerability Details CVEID: CVE-2019-2789 DESCRIPTION: An unspecified vulnerability in Oracle MySQL related to the Server Server: Security: Privileges component could allow an authenticated attacker to cause no...
Haaukins - A Highly Accessible And Automated Virtualization Platform For Security Education
Haaukins is a highly accessible and automated virtualization platform for security education, it has three main components Docker, Virtualbox and Golang, the communication and orchestration between the components managed using Go programming language. The main reason of having Go environment to...
Yachtcontrol 2019-10-06 Remote Code Execution Exploit #RCE
Exploit for windows platform in category remote exploits Exploit Title: Yachtcontrol Webapplication - Unauthenticated Remote Code Execution Exploit Author: Hodorsec Vendor Homepage: http://www.yachtcontrol.nl/en/ Software Link: http://download.yachtcontrol.nl/klant/Software/ &...
Authentication flaw
Huawei smartphones with versions earlier than Taurus-AL00B 10.0.0.41SP2C00E41R3P2 have an improper authentication vulnerability. Successful exploitation may cause the attacker to access specific components...
Important: Red Hat Security Advisory: mysql:8.0 security update
An update for the mysql:8.0 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...
Important: mysql:8.0 security update
MySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server daemon, mysqld, and many client programs. The following packages have been upgraded to a later upstream version: mysql 8.0.17. Security Fixes: mysql: Server: Replication multiple unspecified vulnerabilities...
CVE-2019-0298
SAP E-Commerce Business-to-Consumer application does not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting XSS vulnerability. Fixed in the following components SAP-CRMJAV SAP-CRMWEB SAP-SHRWEB SAP-SHRJAV SAP-CRMAPP SAP-SHRAPP, versions 7.30, 7.31, 7.32, 7.33, 7.54...
Fedora Update for qt5-qtwebengine FEDORA-2018-02ba093706
The remote host is missing an update for the SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Google Patches Critical Bluetooth RCE Bug
Eleven critical Android bugs were patched as part of Google’s March Security Update. Three of them were tied to Android’s media framework and core system, while the others were related to faulty Qualcomm chip components. Out of those critical bugs, Google patched three critical remote...
[SECURITY] Fedora 29 Update: jackson-parent-2.9.1.2-1.fc29
Project for parent pom for all Jackson components...
Joomla Acajoom 5.1.5 SQL Injection
Exploit Title : Joomla Acajoom Components 5.1.5 SQL Injection Author Discovered By : KingSkrupellos Team : Cyberizm Digital Security Army Date : 05/02/2019 Vendor Homepage : joobi.org Software Information Link : joobi.org/acajoom.html Software Version : 5.1.5 Tested On : Windows and Linux Categor...
[SECURITY] Fedora 29 Update: php-pear-1.10.7-2.fc29
PEAR is a framework and distribution system for reusable PHP components. This package contains the basic PEAR components...
[SECURITY] Fedora 28 Update: php-pear-1.10.7-2.fc28
PEAR is a framework and distribution system for reusable PHP components. This package contains the basic PEAR components...
Script injection of certain symbols bypass portal UI restrictions in Update Rollup 13 for Windows Azure Pack
Script injection of certain symbols bypass portal UI restrictions in Update Rollup 13 for Windows Azure Pack Symptoms A security vulnerability exists in Update Rollup 13 for Windows Azure Pack WAP that causes script injection of certain symbols to bypass portal UI restrictions. The portal UI...