SUSE-SU-2019:3308-1 Security update for libssh

This update for libssh fixes the following issues: - CVE-2019-14889: Fixed an arbitrary command execution bsc1158095...

SUSE-SU-2019:3307-1 Security update for libssh

This update for libssh fixes the following issues: - CVE-2019-14889: Fixed an arbitrary command execution bsc1158095...

MGASA-2019-0378 Updated kdelibs4 packages fix security vulnerability

kdelibs: malicious desktop files and configuration files lead to code execution with minimal user interaction CVE-2019-14744...

SUSE-SU-2019:3293-1 Security update for libssh

This update for libssh fixes the following issues: - CVE-2019-14889: Fixed an arbitrary command execution bsc1158095...

Omron PLC CJ and CS Series Command Execution Vulnerability

Omron PLC CJ and CS series are PLCs from Omron. A security vulnerability exists in the Omron PLC CJ and CS Series that can be exploited by an attacker to spoof arbitrary messages or execute commands...

OPENSUSE-SU-2019:2667-1 Security update for shadowsocks-libev

This update for shadowsocks-libev fixes the following issues: - Update version to 3.3.3 Refine the handling of suspicious connections. Fix exploitable denial-of-service vulnerability exists in the UDPRelay functionality boo1158251, CVE-2019-5163 Fix code execution vulnerability in the ss-manager...

Code Execution Vulnerability in Ocean Cms v10 Version

SeaCMS is a station building system based on PHP+MYSQL architecture and supports cross-platform operation. SeaCMS v10 version of the existence of code execution vulnerabilities, attackers can exploit the vulnerability to execute arbitrary code to obtain server privileges...

Debian: Security Advisory (DLA-2025-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Critical Flaw in GoAhead Web Server Could Affect Wide Range of IoT Devices

Cybersecurity researchers today uncovered details of two new vulnerabilities in the GoAhead web server software, a tiny application widely embedded in hundreds of millions of Internet-connected smart devices. One of the two vulnerabilities, assigned as CVE-2019-5096, is a critical code execution...

74cms v4.2.111 code execution vulnerability in background Tp***.php

Knight Talent System 74cms is a PHP + MYSQL based on the core development of a set of free + open source professional recruitment system. 74cms v4.2.111 Tp.php code execution vulnerability in the background, an attacker can use the vulnerability to remotely execute code to obtain server privilege...

Command Execution Vulnerability in the Backend of JHR-N835R Router

JCG JHR-N835R with USB shared storage, shared printer and other functions. It still continues the feature of high power of King Kong series, with three external antennas for stronger signal, and you can adjust the power level of the machine as needed through three gears, which is the best choice...

CVE-2019-19275

typedast 1.3.0 and 1.3.1 has an astforarguments out-of-bounds read. An attacker with the ability to cause a Python interpreter to parse Python source but not necessarily execute it may be able to crash the interpreter process. This could be a concern, for example, in a web-based service that pars...

OPENSUSE-SU-2019:2558-1 Security update for apache2-mod_perl

This update for apache2-modperl to version 2.0.11 fixes the following issues: Security issue fixed: - CVE-2011-2767: Fixed a vulnerability which could have allowed perl code execution in the context of user account bsc1156944. Other issue addressed: - Restore process name after svsetpvmg call...

Sensio Labs Symfony Code Execution Vulnerability

Sensio Labs Symfony is a free French Sensio Labs , based on the MVC architecture of the PHP development framework . The framework provides commonly used functional components and tools , can be used to quickly create complex WEB program . A code execution vulnerability exists in Sensio Labs Symfo...

Command Execution Vulnerability in OECMS

OECMS enterprise website system is a set of enterprise building system based on the development of OEPHP architecture system development. OECMS has a command execution vulnerability that can be exploited by attackers to gain control of the web server...

FasterXML jackson-databind input validation error vulnerability (CNVD-2019-41720)

FasterXML Jackson is a U.S. FasterXML company for Java data processing tools . jackson-databind is one of the components with data binding capabilities . An input validation error vulnerability exists in FasterXML jackson-databind. An attack could exploit this vulnerability to execute malicious...

Code Execution Vulnerability in Online Titanium Article Management System (OTCMS)

Nettitanium technology is committed to article management system, article news CMS, webmaster tools class of research and development, Nettitanium article management system station adopts mainstream DIV + CSS framework layout, applicable to the news release type of website, but also applies to...

CVE-2019-15399

The Asus ZenFone 5Q Android device with a build fingerprint of asus/WWPhone/ASUSX017D2:7.1.1/NGI77B/14.0400.1809.059-20181016:user/release-keys contains a pre-installed app with a package name of com.asus.loguploaderproxy app versionCode=1570000020, versionName=7.0.0.4170901 that allows other...

hw: TSX Transaction Asynchronous Abort (TAA)

A flaw was found in the way Intel CPUs handle speculative execution of instructions when the TSX Asynchronous Abort TAA error occurs. A local authenticated attacker with the ability to monitor execution times could infer the TSX memory state by comparing abort execution times. This could allow...

Security Update for Microsoft Office 2016 (KB4484113) 64-Bit Edition

A security vulnerability exists in Microsoft Office 2016 64-Bit Edition that could allow arbitrary code to run when a maliciously modified file is opened. This update resolves that vulnerability...