CVE-2018-3180

Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE subcomponent: JSSE. Supported versions that are affected are Java SE: 6u201, 7u191, 8u182 and 11; Java SE Embedded: 8u181; JRockit: R28.3.19. Difficult to exploit vulnerability allows unauthenticated attacker with...

CVE-2018-3214

Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE subcomponent: Sound. Supported versions that are affected are Java SE: 6u201, 7u191 and 8u182; Java SE Embedded: 8u181; JRockit: R28.3.19. Easily exploitable vulnerability allows unauthenticated attacker with...

UBUNTU-CVE-2018-3214

Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE subcomponent: Sound. Supported versions that are affected are Java SE: 6u201, 7u191 and 8u182; Java SE Embedded: 8u181; JRockit: R28.3.19. Easily exploitable vulnerability allows unauthenticated attacker with...

UBUNTU-CVE-2018-3180

Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE subcomponent: JSSE. Supported versions that are affected are Java SE: 6u201, 7u191, 8u182 and 11; Java SE Embedded: 8u181; JRockit: R28.3.19. Difficult to exploit vulnerability allows unauthenticated attacker with...

CVE-2018-16738

tinc 1.0.30 through 1.0.34 has a broken authentication protocol, although there is a partial mitigation. This is fixed in 1.1...

GHSA-PGV6-JRVV-75JP Moderate severity vulnerability that affects send

Withdrawn, accidental duplicate publish. visionmedia send before 0.8.4 for Node.js uses a partial comparison for verifying whether a directory is within the document root, which allows remote attackers to access restricted directories, as demonstrated using "public-restricted" under a "public"...

SUSE-SU-2018:3064-1 Security update for java-1_8_0-openjdk

This update for java-180-openjdk to the jdk8u181 icedtea 3.9.0 release fixes the following issues: These security issues were fixed: - CVE-2018-2938: Difficult to exploit vulnerability allowed unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful...

EulerOS 2.0 SP2 : java-1.8.0-openjdk (EulerOS-SA-2018-1294)

According to the version of the java-1.8.0-openjdk packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE subcomponent: Concurrency. Supported versions that...

UBUNTU-CVE-2018-14642

An information leak vulnerability was found in Undertow. If all headers are not written out in the first write call then the code that handles flushing the buffer will always write out the full contents of the writevBuffer buffer, which may contain data from previous requests...

Synametrics SynaMan Cross-Site Scripting Vulnerability

Synametrics SynaMan is a remote file manager from Synametrics Technologies, USA. A cross-site scripting vulnerability in Synametrics SynaMan version 4.0 build 1488 can be exploited by a remote attacker to inject arbitrary web script or HTML via the Main heading or Sub heading fields in the Partia...

OpenJDK: insufficient index validation in PatternSyntaxException getMessage() (Concurrency, 8199547)

Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE subcomponent: Concurrency. Supported versions that are affected are Java SE: 6u191, 7u181, 8u172 and 10.0.1; Java SE Embedded: 8u171; JRockit: R28.3.18. Difficult to exploit vulnerability allows unauthenticated...

CVE-2018-10763

Multiple cross-site scripting XSS vulnerabilities in Synametrics SynaMan 4.0 build 1488 via the 1 Main heading or 2 Sub heading fields in the Partial Branding configuration page...

SynaMan 4.0 build 1488 - (Authenticated) Cross-Site Scripting

SynaMan 4.0 build 1488 - Authenticated Cross-Site Scripting Exploit Author: bzyo CVE: CVE-2018-10763 Twitter: @bzyo Exploit Title: SynaMan 4.0 - Authenticated Cross Site Scripting XSS Date: 09-12-18 Vulnerable Software: SynaMan 4.0 build 1488 Vendor Homepage: http://web.synametrics.com/SynaMan.ht...

CVE-2016-7068

An issue has been found in PowerDNS before 3.4.11 and 4.0.2, and PowerDNS recursor before 3.7.4 and 4.0.4, allowing a remote, unauthenticated attacker to cause an abnormal CPU usage load on the PowerDNS server by sending crafted DNS queries, which might result in a partial denial of service if th...

UBUNTU-CVE-2017-1000600

WordPress version 4.9 contains a CWE-20 Input Validation vulnerability in thumbnail processing that can result in remote code execution. This attack appears to be exploitable via thumbnail upload by an authenticated user and may require additional plugins in order to be exploited however this has...

Huawei B315s-22 Information Disclosure Vulnerability

The Huawei B315s-22 is a home 4G router. The Huawei B315s-22 suffers from an information disclosure vulnerability that can be exploited by an unauthenticated LAN attacker to obtain partial device information...

OpenJDK: insufficient index validation in PatternSyntaxException getMessage() (Concurrency, 8199547)

Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE subcomponent: Concurrency. Supported versions that are affected are Java SE: 6u191, 7u181, 8u172 and 10.0.1; Java SE Embedded: 8u171; JRockit: R28.3.18. Difficult to exploit vulnerability allows unauthenticated...

CVE-2018-1157

creationtimestamp| type| source ---|---|--- 2018-08-23 06:17:37+00:00| seen| https://t.me/mikrotikninja/245 2018-10-08 11:49:42+00:00| seen| https://t.me/sysodmins/3832 2018-10-23 21:02:39+00:00| seen| https://t.me/mtikpro/97 2018-11-01 16:03:49+00:00| seen|...

mysql: Client programs unspecified vulnerability (CPU Jul 2017)

Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: Client programs. Supported versions that are affected are 5.5.56 and earlier and 5.6.36 and earlier. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where MySQL Server execut...

Medium: java-1.8.0-openjdk

Issue Overview: Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE subcomponent: Concurrency. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful...