Important: Red Hat Security Advisory: rh-mysql57-mysql security update

An update for rh-mysql57-mysql is now available for Red Hat Software Collections. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

Emergency Oracle Patch Closes Bug Rated 10 in Severity

Oracle pushed out an emergency update for a bug in Oracle Identity Manager that is as bad as it gets. Scoring a 10 on the CVSS scale, the vulnerability, CVE-2017-10151, enables an attacker to remotely take over the software without the need for authentication. “While the vulnerability is in Oracl...

MySQL 5.5.x < 5.5.58 Multiple Vulnerabilities (October 2017 CPU)

The version of MySQL running on the remote host is 5.5.x prior to 5.5.58. It is, therefore, affected by multiple vulnerabilities as noted in the October 2017 Critical Patch Update advisory. Please consult the CVRF details for the applicable CVEs for additional information. Note that Nessus has no...

Oracle E-Business Multiple Vulnerabilities (October 2017 CPU)

The version of Oracle E-Business installed on the remote host is 12.x.x prior to 12.2.8. It is, therefore, affected by multiple vulnerabilities as noted in the October 2017 Critical Patch Update advisory. Please consult the CVRF details for the applicable CVEs for additional information. Note tha...

MySQL 5.7.x < 5.7.20 Multiple Vulnerabilities (October 2017 CPU)

The version of MySQL running on the remote host is 5.7.x prior to 5.7.20. It is, therefore, affected by multiple vulnerabilities as noted in the October 2017 Critical Patch Update advisory. Please consult the CVRF details for the applicable CVEs for additional information. Note that Nessus has no...

Debian DSA-4002-1 : mysql-5.5 - security update

Several issues have been discovered in the MySQL database server. The vulnerabilities are addressed by upgrading MySQL to the new upstream version 5.5.58, which includes additional changes, such as performance improvements, bug fixes, new features, and possibly incompatible changes. Please see th...

Oracle Database Multiple Vulnerabilities (October 2017 CPU)

The remote Oracle Database Server is missing the October 2017 Critical Patch Update CPU. It is, therefore, affected by multiple vulnerabilities as noted in the October 2017 Critical Patch Update advisory. Please consult the CVRF details for the applicable CVEs for additional information. Note tha...

MySQL 5.5.x < 5.5.58 Multiple Vulnerabilities (RPM Check) (October 2017 CPU)

The version of MySQL running on the remote host is 5.5.x prior to 5.5.58. It is, therefore, affected by multiple vulnerabilities as noted in the October 2017 Critical Patch Update advisory. Please consult the CVRF details for the applicable CVEs for additional information. Note that Nessus has no...

MySQL 5.6.x < 5.6.38 Multiple Vulnerabilities (RPM Check) (October 2017 CPU)

The version of MySQL running on the remote host is 5.6.x prior to 5.6.38. It is, therefore, affected by multiple vulnerabilities as noted in the October 2017 Critical Patch Update advisory. Please consult the CVRF details for the applicable CVEs for additional information. Note that Nessus has no...

Critical Code Execution Flaw Patched in PeopleSoft Core Engine

Organizations that have their PeopleSoft installations exposed to the internet should pay special attention to a remote code execution vulnerability patched on Tuesday as part of Oracle’s massive quarterly Critical Patch Update. The flaw, CVE-2017-10366, allows an attacker to gain remote code...

Oracle Patches 250 Bugs in Quarterly Critical Patch Update

Oracle patched 250 vulnerabilities across hundreds of different products as part of its quarterly Critical Patch Update released today. Rounding out the list of products with the most patches is Oracle Fusion Middleware with 38, Oracle Hospitality Applications with 37 and Oracle MySQL with 25. Of...

Oracle Critical Patch Update - October 2017

A Critical Patch Update CPU is a collection of patches for multiple security vulnerabilities. Critical Patch Update patches are usually cumulative, but each advisory describes only the security fixes added since the previous Critical Patch Update advisory. Thus, prior Critical Patch Update...

Oracle Releases Security Bulletin

Oracle has released its Critical Patch Update for October 2017 to address 252 vulnerabilities across multiple products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. Users and administrators are encouraged to review the Oracle October 2017...

PT-2017-4168

Name of the Vulnerable Software and Affected Versions Roundcube Webmail versions prior to 1.1.10 Roundcube Webmail versions 1.2.x prior to 1.2.7 Roundcube Webmail versions 1.3.x prior to 1.3.3 Description The issue is related to file-based attachment plugins and allows unauthorized access to...

Apache Struts2–052 vulnerability research alert-vulnerability warning-the black bar safety net

The REST Plugin is using a XStreamHandler with an instance of XStream for deserialization without any type of filtering and this can lead to Remote Code Execution when deserializing XML payloads. - The Apache Struts civil peace Bulletinreference 1 2017 9 5 March, the Apache Struts announcement of...

CVE–2017–8543 Windows Search remote code execution vulnerability alerts-a vulnerability alert-the black bar safety net

Recently, 360CERT confirm the number CVE-2017-8543 Microsoft Windows Search serious vulnerability there is a remote attack the viability of the vulnerability being successfully exploited on Windows users have a serious security threat, this is again warning the use of Windows platform users...

Oracle Database Multiple Vulnerabilities (July 2017 CPU) (POODLE) (SWEET32)

The remote Oracle Database Server is missing the July 2017 Critical Patch Update CPU. It is, therefore, affected by multiple vulnerabilities : - A man-in-the-middle MitM information disclosure vulnerability, known as POODLE, exists due to the way SSL 3.0 handles padding bytes when decrypting...

Oracle Solaris Critical Patch Update : jul2017_SRU11_3_0_0_0

This Solaris system is missing necessary patches to address a critical security update : - Vulnerability in the Solaris component of Oracle Sun Systems Products Suite subcomponent: Network Services Library. The supported version that is affected is 10. Difficult to exploit vulnerability allows lo...

Oracle Solaris Critical Patch Update : jul2017_SRU11_3_2_4_0

This Solaris system is missing necessary patches to address a critical security update : - Vulnerability in the Solaris component of Oracle Sun Systems Products Suite subcomponent: NFSv4. Supported versions that are affected are 10 and 11. Easily exploitable vulnerability allows unauthenticated...

Oracle Solaris Critical Patch Update : jul2017_SRU11_3_20_6_0

This Solaris system is missing necessary patches to address a critical security update : - Vulnerability in the Solaris component of Oracle Sun Systems Products Suite subcomponent: Kernel. The supported version that is affected is 11. Easily exploitable vulnerability allows unauthenticated attack...