Description of the security update for SharePoint Server 2019: September 10, 2019

Description of the security update for SharePoint Server 2019: September 10, 2019 Summary This security update resolves a remote code execution vulnerability that exists in Microsoft SharePoint if the software does not check the source markup of an application package. To learn more about this...

Command Execution Vulnerability in Xunrui CMS (CNVD-2019-33541)

Xunrui CMS content management framework is based on PHP7 language using the latest CodeIgniter4 as a development framework for the production of web content management framework, providing "computer site + mobile site + APP interface" integrated web technology solutions. There is a command...

CVE-2019-13656

An access vulnerability in CA Common Services DIA of CA Technologies Client Automation 14 and Workload Automation AE 11.3.5, 11.3.6 allows a remote attacker to execute arbitrary code...

Command Execution Vulnerability in Weining PACS System

The PACS system developed by Weining Health Science and Technology Group Co., Ltd. is widely used as an application system in the medical industry, mainly providing functions such as case query, image processing, and labeling measurement. A command execution vulnerability exists in the Weining PA...

OPENSUSE-SU-2019:2071-1 Security update for SDL_image

This update for SDLimage fixes the following issues: Update SDLImage to new snapshot 1.2.12+hg695. Security issues fixed: TALOS-2019-0821 CVE-2019-5052: exploitable integer overflow vulnerability when loading a PCX file boo1140421 TALOS-2019-0841 CVE-2019-5057: code execution vulnerability in the...

Epignosis eFront LMS Code Issue Vulnerability

Epignosis eFront LMS is a suite of online e-learning platforms from Epignosis, Inc. in the United States. The platform provides test building, assignment management, internal messaging, forums and online chat. A code issue vulnerability exists in Epignosis eFront LMS version 5.2.12, which can be...

Command Execution Vulnerability in Xunrui CMS

Xunrui CMS content management framework is based on PHP7 language using the latest CodeIgniter4 as a development framework for the production of web content management framework, providing "computer site + mobile site + APP interface" integrated web technology solutions. A command execution...

Command Execution Vulnerability in CMS Co***.php File

Xunrui CMS content management framework is based on PHP7 language using the latest CodeIgniter4 as a development framework for the production of web content management framework, providing "computer site + mobile site + APP interface" integrated web technology solutions. A command execution...

SUSE-SU-2019:2228-1 Security update for postgresql10

This update for postgresql10 fixes the following issues: Security issue fixed: - CVE-2019-10208: Fixed arbitrary SQL execution via suitable SECURITY DEFINER function under the identity of the function owner bsc1145092...

Google Android Media Framework Code Execution Vulnerability (CNVD-2019-40853)

Android is a Linux-based open source operating system from Google and the Open Handset Alliance OHA in the U.S. Media Framework is one of the multimedia development frameworks. A code execution vulnerability exists in Media Framework in Android. An attacker can exploit this vulnerability to execu...

Google Android Code Execution Vulnerability (CNVD-2019-40998)

Android is a Linux-based open source operating system from Google and the Open Handheld Alliance OHA. A code execution vulnerability exists in System in Android. The vulnerability stems from errors such as configuration during operation of a networked system or product. An attacker could exploit...

Microsoft Word 2013 Service Pack 1 Remote Code Execution Vulnerability (KB4475547)

This host is missing an important security update according to Microsoft KB4475547 Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This...

Security Updates for Microsoft Word Products (August 2019)

A Microsoft Word product is missing security updates. It is, therefore, affected by the following vulnerability : - A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability...

Baldr Botnet Panel - Arbitrary Code Execution (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'net/http' class MetasploitModule "Baldr Botnet Panel Shell Upload Exploit", 'Description' = %q This module exploits the file upload vulnerability of baldr malwa...

Code Execution Vulnerability in DouPHP_1.5

DouPHP1.5 is a lightweight enterprise website management system, based on PHP+Mysql architecture, running on Linux, Windows, MacOSX, Solaris and other platforms. DouPHP1.5 suffers from a code execution vulnerability that can be exploited by attackers to execute arbitrary code...

cPanel Code Execution Vulnerability (CNVD-2019-26340)

cPanel is a set of Web-based automated colocation platform from the US-based cPanel. The platform is primarily used to automate the management of websites and servers. A code execution vulnerability exists in versions of cPanel prior to 64.0.21. An attacker can exploit the vulnerability to execut...

CVE-2016-10837

cPanel before 11.54.0.4 allows arbitrary code execution because of an unsafe @INC path SEC-46...

Code execution vulnerability in 74cms backend Co***.cl***.php file

Knight Talent System 74cms is based on PHP + MYSQL as the core development of a set of free + open source professional recruitment system. By Taiyuan Xunyi Technology Co., Ltd. was officially launched in 2009. 74cms background Co.cl.php file there is a code execution vulnerability. Allow attacker...

Design/Logic Flaw

An exploitable code execution vulnerability exists in the PCX image-rendering functionality of SDL2image 2.0.4. A specially crafted PCX image can cause a heap overflow, resulting in code execution. An attacker can display a specially crafted image to trigger this vulnerability...

CVE-2019-14416

The CVE concerns Veritas Resiliency Platform (VRP) prior to version 3.4 HF1. A vulnerability allows an authenticated VRP user to execute arbitrary commands with root privileges inside the VRP virtual machine, linked to resiliency plans and the custom script functionality. Affected component: VRP ...