'Highly Critical' Unpatched Zero-Day Flaw Discovered In Oracle WebLogic

A team of cybersecurity researchers today published a post warning enterprises of an unpatched, highly critical zero-day vulnerability in Oracle WebLogic server application that some attackers might have already started exploiting in the wild. Oracle WebLogic is a scalable, Java-based multi-tier...

MySQL 5.6.x < 5.6.44 Multiple Vulnerabilities (Apr 2019 CPU)

Binary data 700632.prm...

MySQL 8.0.x < 8.0.15 Multiple Vulnerabilities (Jan 2019 CPU)

Binary data 700631.prm...

Oracle Database Server Multiple Vulnerabilities (Apr 2019 CPU)

The remote Oracle Database Server is missing the April 2019 Critical Patch Update CPU. It is, therefore, affected by multiple vulnerabilities : - An authenticated local Portable Clusterware takeover vulnerability exists in the Oracle RDBMS. An authenticated, local attacker with the Grid...

Oracle VM VirtualBox 5.2.x < 5.2.28 / 6.0.x < 6.0.6 (Apr 2019 CPU)

The version of Oracle VM VirtualBox running on the remote host is 5.2.x prior to 5.2.28 or 6.0.x prior to 6.0.6. It is, therefore, affected by multiple vulnerabilities as noted in the April 2019 Critical Patch Update advisory : - Multiple unspecified vulnerabilities in the Core component of Oracl...

Oracle Solaris Critical Patch Update : apr2019_SRU11_4_8_5_0

This Solaris system is missing necessary patches to address a critical security update : - Vulnerability in the Oracle Solaris component of Oracle Sun Systems Products Suite subcomponent: IPS Package Manager. The supported version that is affected is 11. Easily exploitable vulnerability allows...

Oracle Releases April 2019 Security Bulletin

Oracle has released its Critical Patch Update for April 2019 to address 297 vulnerabilities across multiple products. A remote attacker could exploit some of these vulnerabilities to take control of an affected system. The Cybersecurity and Infrastructure Security Agency CISA encourages users and...

Oracle Access Manager Multiple Vulnerabilities (Jan 2018 CPU)

The version of Oracle Access Manager installed on the remote host is 10.1.4.3.x prior to 10.1.4.3.13 or 11.1.2.3.x prior to 11.1.2.3.180116. It is, therefore, affected by multiple vulnerabilities as noted in the October 2018 Critical Patch Update advisory: - A Vulnerability in the Oracle Access...

FreeBSD : MySQL -- multiple vulnerabilities (4e1997e8-5de0-11e9-b95c-b499baebfeaf)

Oracle reports : Critical Patch Update Oracle MySQL Executive Summary This Critical Patch Update contains 44 new security fixes for Oracle MySQL. 3 of these vulnerabilities may be remotely exploitable without authentication, i.e., may be exploited over a network without requiring user credentials...

Fedora 28 : php-twig2 (2019-e86155be6e)

Version 2.7.2 2019-03-12 - added TemplateWrapper::getTemplateName ---- Version 2.7.1 2019-03-12 - fixed class aliases ---- Version 2.7.0 2019-03-12 - fixed sandbox security issue under some circumstances, calling the toString method on an object was possible even if not allowed by the security...

PT-2019-6447 · Zimbra · Zimbra Collaboration Suite

Name of the Vulnerable Software and Affected Versions: Zimbra Collaboration Suite versions 8.6 before patch 13 Zimbra Collaboration Suite versions 8.7.x before 8.7.11 patch 10 Zimbra Collaboration Suite versions 8.8.x before 8.8.10 patch 7 Zimbra Collaboration Suite versions 8.8.x before 8.8.11...

Security Bulletin: Multiple vulnerabilities in Oracle Java SE affect IBM Spectrum Protect Plus (CVE-2018-3136, CVE-2018-3139, CVE-2018-3149, CVE-2018-3169, CVE-2018-3180, CVE-2018-3183, CVE-2018-3214, CVE-2018-13785)

Summary There are multiple vulnerabilities in Oracle Java SE which is used by IBM Spectrum Protect™ Plus. These issues were disclosed as part of the Oracle Critical Patch Update CPU in October 2018. Vulnerability Details CVEID: CVE-2018-3136 DESCRIPTION: An unspecified vulnerability in Oracle Jav...

PT-2019-4926

Name of the Vulnerable Software and Affected Versions libmspack version 0.9.1alpha Description The issue is caused by a buffer overflow in the chmd read headers function in the libmspack library, which can allow a remote attacker to disclose protected information using a specially crafted chm fil...

February 2019 Oracle Outside In Library Security Update

Microsoft Exchange Server contains some elements of the Oracle Outside In libraries. The February 12, 2019 releases of Microsoft Exchange Server contain fixes to vulnerabilities which are described in: Oracle Critical Patch Update Advisory - October 2018 The following software releases include...

Photon OS 1.0: Patch PHSA-2018-1.0-0126

An update of the patch package has been released. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2018-1.0-0126. The text itself is copyright C VMware, Inc. include'compat.inc'; if description scriptid121826...

Security update for mysql-community-server (important)

openSUSE Security Update: Security update for mysql-community-server Announcement ID: openSUSE-SU-2019:0138-1 Rating: important References: 1113652 1122198 Cross-References: CVE-2018-0734 CVE-2019-2455 CVE-2019-2481 CVE-2019-2482 CVE-2019-2503 CVE-2019-2507 CVE-2019-2529 CVE-2019-2531 CVE-2019-25...

Kernel security update: Virtuozzo ReadyKernel patch 70.0 for Virtuozzo 7.0.8 and 7.0.8 HF1

The cumulative Virtuozzo ReadyKernel patch was updated with security and stability fixes. The patch applies to Virtuozzo kernels 3.10.0-862.9.1.vz7.63.3 7.0.8 and 3.10.0-862.11.6.vz7.64.7 7.0.8 HF1. Vulnerability id: PSBM-90803 A flaw was found in the implementation of ebtables in the Linux kerne...

Oracle E-Business Multiple Vulnerabilities (Jan 2019 CPU)

The version of Oracle E-Business installed on the remote host is missing the January 2019 Oracle Critical Patch Update CPU. It is, therefore, affected by multiple vulnerabilities as noted in the January 2019 Critical Patch Update advisory : - Oracle CRM Technical Foundation Messages component is...

Oracle VM VirtualBox 5.2.x < 5.2.24 / 6.0.x < 6.0.2 (Jan 2019 CPU)

The version of Oracle VM VirtualBox running on the remote host is 5.2.x prior to 5.2.24 or 6.0.x prior to 6.0.2. It is, therefore, affected by multiple vulnerabilities as noted in the January 2018 Critical Patch Update advisory : - A denial of service vulnerability in the bundled third-party...

MySQL 8.0.x < 8.0.14 Multiple Vulnerabilities (Jan 2019 CPU)

The version of MySQL running on the remote host is 8.0.x prior to 8.0.14. It is, therefore, affected by multiple vulnerabilities, including three of the top vulnerabilities below, as noted in the January 2019 Critical Patch Update advisory: - An unspecified vulnerability in MySQL in the 'Server:...