Security Bulletin: Multiple vulnerabilities in IBM WebSphere Real Time

Summary Java SE issues disclosed in the Oracle April 2014 Critical Patch Update, plus 1 additional vulnerability Vulnerability Details CVE IDs: CVE-2014-0878 CVE-2014-0457 CVE-2014-2421 CVE-2014-0429 CVE-2014-0461 CVE-2014-0455 CVE-2014-2428 CVE-2014-0448 CVE-2014-0454 CVE-2014-0446 CVE-2014-0452...

Security Bulletin: Multiple vulnerabilities in IBM WebSphere Real Time

Summary Java SE issues disclosed in the Oracle January 2014 Critical Patch Update Vulnerability Details CVE IDs: CVE-2014-0428 CVE-2014-0422 CVE-2013-5907 CVE-2014-0415 CVE-2014-0410 CVE-2013-5889 CVE-2014-0417 CVE-2014-0387 CVE-2014-0424 CVE-2013-5878 CVE-2014-0373 CVE-2014-0375 CVE-2014-0403...

PT-2018-17584 · Hewlett Packard · Hp Network Operations Management Ultimate +1

Name of the Vulnerable Software and Affected Versions: HP Network Operations Management Ultimate versions 2017.07 through 2018.02 HP Network Automation versions 10.00 through 10.50 Description: The issue allows for remote SQL injection, which could be exploited to gain unauthorized access...

Oracle VM VirtualBox 5.1.x < 5.1.36 / 5.2.x < 5.2.10 (April 2018 CPU)

The version of Oracle VM VirtualBox running on the remote host is 5.1.x prior to 5.1.36 or 5.2.x prior to 5.2.10. It is, therefore, affected by multiple vulnerabilities as noted in the April 2018 Critical Patch Update advisory. Please consult the CVRF details for the applicable CVEs for additiona...

openSUSE: Security Advisory for patch (openSUSE-SU-2018:1137-1)

The remote host is missing an update for the Copyright C 2018 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Oracle WebLogic Server Deserialization RCE (CVE-2018-2628)

The remote Oracle WebLogic server is affected by a remote code execution vulnerability in the Core Components subcomponent due to unsafe deserialization of Java objects by the RMI registry. An unauthenticated, remote attacker can exploit this, via a crafted Java object, to execute arbitrary Java...

patch security update

2.7.1-10 - Fixed Coverity reported issues 2.7.1-9 - Fixed CVE-2018-1000156 - Malicious patch files cause ed to execute arbitrary commands...

Debian DSA-4176-1 : mysql-5.5 - security update

Several issues have been discovered in the MySQL database server. The vulnerabilities are addressed by upgrading MySQL to the new upstream version 5.5.60, which includes additional changes. Please see the MySQL 5.5 Release Notes and Oracle's Critical Patch Update advisory for further details : C...

Oracle Solaris Critical Patch Update : apr2018_SRU11_3_29_5_0

This Solaris system is missing necessary patches to address critical security updates : - Vulnerability in the Solaris component of Oracle Sun Systems Products Suite subcomponent: Python modules. The supported version that is affected is 11.3. Difficult to exploit vulnerability allows low...

Oracle E-Business Multiple Vulnerabilities (April 2018 CPU)

The version of Oracle E-Business installed on the remote host is missing the April 2018 Oracle Critical Patch Update CPU. It is, therefore, affected by multiple vulnerabilities as noted in the April 2018 Critical Patch Update advisory. Please consult the CVRF details for the applicable CVEs for...

Oracle Solaris Critical Patch Update : apr2018_SRU11_3_30_5_0

This Solaris system is missing necessary patches to address critical security updates : - Vulnerability in the Solaris component of Oracle Sun Systems Products Suite subcomponent: NTPD. The supported version that is affected is 11.3. Easily exploitable vulnerability allows low privileged attacker...

Oracle Solaris Critical Patch Update : apr2018_SRU11_3_27_4_0

This Solaris system is missing necessary patches to address a critical security update : - Vulnerability in the Solaris component of Oracle Sun Systems Products Suite subcomponent: LDAP Library. Supported versions that are affected are 10 and 11.3. Difficult to exploit vulnerability allows low...

Oracle Database Server Java VM Unspecified Remote Code Execution (April 2018 CPU)

The remote Oracle Database Server is missing the April 2018 Critical Patch Update CPU. It is, therefore, affected by a remote code execution vulnerability as noted in the April 2018 Critical Patch Update advisory. Please consult the CVRF details for the applicable CVEs for additional information...

Oracle Solaris Critical Patch Update : apr2018_SRU11_3_31_6_0 (Spectre)

This Solaris system is missing necessary patches to address a critical security update : - Vulnerability in the Oracle Communications LSMS component of Oracle Communications Applications subcomponent: Platform Kernel. Supported versions that are affected are 13.1, 13.2 and 13.3. Difficult to...

MySQL 5.7.x < 5.7.22 Multiple Vulnerabilities (RPM Check) (April 2018 CPU)

The version of MySQL running on the remote host is 5.7.x prior to 5.7.22. It is, therefore, affected by multiple vulnerabilities as noted in the April 2018 Critical Patch Update advisory. Please consult the CVRF details for the applicable CVEs for additional information. Note that Nessus has not...

MySQL 5.5.x < 5.5.60 Multiple Vulnerabilities (RPM Check) (April 2018 CPU)

The version of MySQL running on the remote host is 5.5.x prior to 5.5.60. It is, therefore, affected by multiple vulnerabilities as noted in the April 2018 Critical Patch Update advisory. Please consult the CVRF details for the applicable CVEs for additional information. Note that Nessus has not...

Oracle Releases April 2018 Security Bulletin

Oracle has released its Critical Patch Update for April 2018 to address 254 vulnerabilities across multiple products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. NCCIC encourages users and administrators to review the Oracle April 2018...

Oracle Critical Patch Update - April 2018

A Critical Patch Update is a collection of patches for multiple security vulnerabilities. Critical Patch Update patches are usually cumulative, but each advisory describes only the security fixes added since the previous Critical Patch Update advisory. Thus, prior Critical Patch Update advisories...

MyBB Last Users Threads in Profile Plugin 1.2 - Persistent Cross-Site Scripting Vulnerability

Exploit for php platform in category web applications Exploit Title: MyBB Last User's Threads in Profile Plugin v1.2 - Persistent XSS Author: 0xB9 Contact: luxorforums.com/User-0xB9 or 0xB9atprotonmail.com Software Link: https://community.mybb.com/mods.php?action=view&pid=910 Version: v1.2 Tested...

Oracle Critical Patch Update Advisory - July 2017

A Critical Patch Update CPU is a collection of patches for multiple security vulnerabilities. Critical Patch Update patches are usually cumulative, but each advisory describes only the security fixes added since the previous Critical Patch Update advisory. Thus, prior Critical Patch Update...