MiracleLinux 7 : patch-2.7.1-12.el7 (AXSA:2019-4344:02)

The remote MiracleLinux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2019-4344:02 advisory. patch: doedscript in pch.c does not block strings beginning with a ! character CVE-2018-20969 patch: OS shell command injection when processing...

MiracleLinux 7 : patch-2.7.1-10.el7 (AXSA:2018-2972:01)

The remote MiracleLinux 7 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2018-2972:01 advisory. patch: Malicious patch files cause ed to execute arbitrary commands CVE-2018-1000156 Tenable has extracted the preceding description block directly from the...

WordPress Tutor LMS Plugin <= 2.7.0 is vulnerable to SQL Injection

Software Tutor LMS Type Plugin Vulnerable versions = 2.7.0 Fixed in 2.7.1 OWASP Top 10 A1: Injection Classification SQL Injection CVE CVE-2024-4318 Patch priority Low CVSS severity Low 7.6 Developer Claim ownership PSID 529631119255 Credits Thanh Nam Tran Required privilege Instructor Published 1...

CVE-2015-1196

CVE-2015-1196 is confirmed in the provided documents as a vulnerability in GNU patch 2.7.1 where a symlink attack in a patch file allows remote attackers to write to arbitrary files. The connected advisories/feeds reference this CVE alongside other patches for GNU patch (e.g., CVE-2014-9637, CVE-...

UBUNTU-CVE-2015-1196

GNU patch 2.7.1 allows remote attackers to write to arbitrary files via a symlink attack in a patch file...