September 13, 2016 — KB3185611 (OS Build 10240.17113)

September 13, 2016 — KB3185611 OS Build 10240.17113 This update includes quality improvements and security fixes. No new operating system features are being introduced in this update. Key changes include: Improved reliability of Internet Explorer 11, .NET Framework, and Windows Kernel. Addressed...

CVE-2018-1000650

LibreHealthIO lh-ehr version REL-2.0.0 contains a SQL Injection vulnerability in Show Groups Popup SQL query functions that can result in Ability to perform malicious database queries. This attack appear to be exploitable via User controlled parameters...

CVE-2018-1000650

LibreHealthIO lh-ehr version REL-2.0.0 contains a SQL Injection vulnerability in Show Groups Popup SQL query functions that can result in Ability to perform malicious database queries. This attack appear to be exploitable via User controlled parameters...

Sql injection

LibreHealthIO lh-ehr version REL-2.0.0 contains a SQL Injection vulnerability in Show Groups Popup SQL query functions that can result in Ability to perform malicious database queries. This attack appear to be exploitable via User controlled parameters...

CVE-2018-1000650

CVE-2018-1000650 affects LibreHealthIO lh-ehr REL-2.0.0. The connected documents describe a SQL Injection vulnerability in the Show Groups Popup SQL query functions that can allow a remote attacker to execute malicious database queries through parameters under user control. No remediation details...

SUSE SLES12 Security Update : samba (SUSE-SU-2018:2321-1)

This update for samba fixes the following issues: Security issues fixed : - CVE-2018-1050: Fixed denial of service vulnerability when SPOOLSS is run externally bsc1081741. - CVE-2017-14746: Fixed use-after-free vulnerability bsc1060427. - CVE-2017-15275: Fixed server heap memory information leak...

[SECURITY] Fedora 28 Update: libcgroup-0.41-20.fc28

Control groups infrastructure. The library helps manipulate, control, administrate and monitor control groups and the associated controllers...

CVE-2018-14836

Subrion 4.2.1 is vulnerable to Improper Access control because user groups not having access to the Admin panel are able to access it but not perform actions if the Guests user group has access to the Admin panel...

CVE-2018-14836

Subrion 4.2.1 is vulnerable to Improper Access control because user groups not having access to the Admin panel are able to access it but not perform actions if the Guests user group has access to the Admin panel...

Design/Logic Flaw

An issue was discovered in the Linux kernel through 4.17.10. There is out-of-bounds access in writeextentbuffer when mounting and operating a crafted btrfs image, because of a lack of verification that each block group has a corresponding chunk at mount time, within btrfsreadblockgroups in...

DEBIAN-CVE-2018-14610

An issue was discovered in the Linux kernel through 4.17.10. There is out-of-bounds access in writeextentbuffer when mounting and operating a crafted btrfs image, because of a lack of verification that each block group has a corresponding chunk at mount time, within btrfsreadblockgroups in...

Open-AudIT Community 'Groups Page' Cross Site Scripting Vulnerability

Open-AudIT is prone to a cross-site scripting XSS vulnerability. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

UBUNTU-CVE-2018-14610

An issue was discovered in the Linux kernel through 4.17.10. There is out-of-bounds access in writeextentbuffer when mounting and operating a crafted btrfs image, because of a lack of verification that each block group has a corresponding chunk at mount time, within btrfsreadblockgroups in...

CVE-2017-7543

A race-condition flaw was discovered in openstack-neutron before 7.2.0-12.1, 8.x before 8.3.0-11.1, 9.x before 9.3.1-2.1, and 10.x before 10.0.2-1.1, where, following a minor overcloud update, neutron security groups were disabled. Specifically, the following were reset to 0:...

Race condition

A race-condition flaw was discovered in openstack-neutron before 7.2.0-12.1, 8.x before 8.3.0-11.1, 9.x before 9.3.1-2.1, and 10.x before 10.0.2-1.1, where, following a minor overcloud update, neutron security groups were disabled. Specifically, the following were reset to 0:...

CVE-2017-7543

A race-condition flaw was discovered in openstack-neutron before 7.2.0-12.1, 8.x before 8.3.0-11.1, 9.x before 9.3.1-2.1, and 10.x before 10.0.2-1.1, where, following a minor overcloud update, neutron security groups were disabled. Specifically, the following were reset to 0:...

CVE-2017-7543

A race-condition flaw was discovered in openstack-neutron before 7.2.0-12.1, 8.x before 8.3.0-11.1, 9.x before 9.3.1-2.1, and 10.x before 10.0.2-1.1, where, following a minor overcloud update, neutron security groups were disabled. Specifically, the following were reset to 0:...

CVE-2017-7543

A race-condition flaw was discovered in openstack-neutron before 7.2.0-12.1, 8.x before 8.3.0-11.1, 9.x before 9.3.1-2.1, and 10.x before 10.0.2-1.1, where, following a minor overcloud update, neutron security groups were disabled. Specifically, the following were reset to 0:...

PT-2018-8404 · Openstack · Openstack Neutron

Name of the Vulnerable Software and Affected Versions: openstack-neutron versions prior to 7.2.0-12.1 openstack-neutron versions 8.x prior to 8.3.0-11.1 openstack-neutron versions 9.x prior to 9.3.1-2.1 openstack-neutron versions 10.x prior to 10.0.2-1.1 Description: A race-condition flaw was...

Open-Audit Cross-Site Scripting Vulnerability (CNVD-2018-14230)

Open-AudIT is a network discovery and auditing program. The program intelligently scans networks and network devices and provides status reports.Open-AudIT Community is its community version. A cross-site scripting vulnerability exists in the Groups page in Open-Audit Community version 2.2.6. A...