[SECURITY] Fedora 28 Update: kio-extras-18.08.3-1.fc28

Additional components to increase the functionality of KIO Framework...

[SECURITY] Fedora 29 Update: kio-extras-18.08.3-1.fc29

Additional components to increase the functionality of KIO Framework...

CVE-2018-8553

CVE-2018-8553 is a remote code execution vulnerability in how Microsoft Graphics Components handle memory objects. The flaw, affecting multiple Windows versions (Windows 7, Windows Server 2008/2012 family, Windows 8.1, Windows 10, Windows RT 8.1, and Windows Server 2016/2012 R2), stems from memor...

[SECURITY] Fedora 29 Update: php-horde-horde-5.2.20-1.fc29

The Horde Application Framework is a flexible, modular, general-purpose web application framework written in PHP. It provides an extensive array of components that are targeted at the common problems and tasks involved in developing modern web applications. It is the basis for a large number of...

JoomScan 0.0.7 - OWASP Joomla Vulnerability Scanner Project

OWASP Joomla! Vulnerability Scanner JoomScan is an open source project, developed with the aim of automating the task of vulnerability detection and reliability assurance in Joomla CMS deployments. Implemented in Perl, this tool enables seamless and effortless scanning of Joomla installations,...

Design/Logic Flaw

In Graylog before 2.4.6, XSS was possible in typeahead components, related to components/common/TypeAheadInput.jsx and components/search/QueryInput.ts...

CVE-2018-14380

CVE-2018-14380 affects Graylog before 2.4.6, where XSS was possible in typeahead components (TypeAheadInput.jsx and QueryInput.ts). The vulnerability is tied to the typeahead UI paths and could allow inline script execution. A fix is available in Graylog 2.4.6; upgrading to this version is the re...

Memory leak in different components

MITRE reports: bsixel 1.8.1 has a memory leak in sixeldecoderdecode in decoder.c, imagebufferresize in fromsixel.c, sixeldecoderaw in fromsixel.c and sixelallocatornew in allocator.c...

[SECURITY] Fedora 28 Update: libgpg-error-1.31-1.fc28

This is a library that defines common error values for all GnuPG components. Among these are GPG, GPGSM, GPGME, GPG-Agent, libgcrypt, pinentry, SmartCard Daemon and possibly more in the future...

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM eDiscovery Analyzer

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Version 6 and IBM® Runtime Environment Java™ Version 7 used by Content Classification.These issues were disclosed as part of the IBM Java SDK updates in October 2016. Vulnerability Details CVEID: CVE-2016-5582...

Security Bulletin: Multiple vulnerabilities in IBM Java SDK affects Rational Insight

Summary There are vulnerabilities in IBM® SDK Java™ Technology Edition, Version 6 that is used by Rational Insight. The issues were disclosed as part of the IBM Java SDK updates in October 2016 and January 2017. Vulnerability Details CVEID: CVE-2016-5597 DESCRIPTION: An unspecified vulnerability ...

Security Bulletin: Multiple vulnerabilities in IBM Java SDK and IBM Java Runtime affect IBM Security Access Manager for Mobile

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, Versions 7 and 8 and IBM® Runtime Environment Java™ Versions 7 and 8 that are used by IBM Security Access Manager for Mobile. These issues were disclosed as part of the IBM Java SDK updates in April 2016. Vulnerabili...

Cross site scripting

Graylog before v2.4.4 has an XSS security issue with unescaped text in dashboard names, related to components/dashboard/Dashboard.jsx, components/dashboard/EditDashboardModal.jsx, and pages/ShowDashboardPage.jsx...

CVE-2018-11651

Graylog before v2.4.4 has an XSS security issue with unescaped text in dashboard names, related to components/dashboard/Dashboard.jsx, components/dashboard/EditDashboardModal.jsx, and pages/ShowDashboardPage.jsx...

MySQL -- multiple vulnerabilities

Oracle reports: MySQL Multiple Flaws Let Remote Authenticated Users Access and Modify Data, Remote and Local Users Deny Service, and Local Users Access Data and Gain Elevated Privileges A local user can exploit a flaw in the Replication component to gain elevated privileges CVE-2018-2755. A remot...

JoomlaScan - Tool To Find The Components Installed In Joomla CMS, Built Out Of The Ashes Of Joomscan

A free and open source software to find the components installed in Joomla CMS, built out of the ashes of Joomscan. Features Scanning the Joomla CMS sites in search of components/extensions database of more than 600 components; Locate the browsable folders of component Index of ...; Locate the...

CVE-2016-8484

An elevation of privilege vulnerability in Qualcomm closed source components. Product: Android. Versions: Android kernel. Android ID: A-28823575...

Information disclosure

An information disclosure vulnerability in Qualcomm closed source components. Product: Android. Versions: Android kernel. Android ID: A-28823691...

Privilege escalation

An elevation of privilege vulnerability in Qualcomm closed source components. Product: Android. Versions: Android kernel. Android ID: A-36384689...

CVE-2015-9011

An elevation of privilege vulnerability in Qualcomm closed source components. Product: Android. Versions: Android kernel. Android ID: A-36714882...