Moderate: Red Hat Security Advisory: OpenShift Container Platform 4.1.38 skopeo security update

An update for skopeo is now available for Red Hat OpenShift Container Platform 4.1. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

Important: Red Hat Security Advisory: Red Hat JBoss Enterprise Application Platform 7.2.7 security update

An update is now available for Red Hat JBoss Enterprise Application Platform 7.2. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

Low: Red Hat Security Advisory: OpenShift Container Platform 4.3.5 podman security update

An update for podman is now available for Red Hat OpenShift Container Platform 4.3. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...

PT-2020-2442 · Sinvr · Sinvr 3 Central Control Server +1

Name of the Vulnerable Software and Affected Versions: SiNVR 3 Central Control Server CCS versions prior to V1.5.0 SiNVR 3 Video Server all versions Description: A path traversal vulnerability exists in the DOWNLOADS section of the web interface of the Control Center Server CCS. This vulnerabilit...

Important: Red Hat Security Advisory: http-parser security update

An update for http-parser is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability fr...

Moderate: Red Hat Security Advisory: OpenShift Container Platform 4.3.3 jenkins-slave-base-rhel7-container security update

An update for jenkins-slave-base-rhel7-container is now available for Red Hat OpenShift Container Platform 4.3. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

Fruitful Theme < 3.8.1 - Unauthenticated Reflected Cross-Site Scripting (XSS)

The Fruitful WordPress theme, version 3.8 and possibly below, was affected by an unauthenticated Reflected Cross-Site Scripting XSS vulnerability. The vulnerability was patched in version 3.8.1 of the Theme, although the changelog file only mentions: "Bug fix: Fixed issues on comment form" Add a...

Vanilla Forums 2.6.3 - Persistent Cross-Site Scripting

Vanilla Forums 2.6.3 - Persistent Cross-Site Scripting Exploit Title: Vanilla Forums 2.6.3 - Persistent Cross-Site Scripting Google Dork: N/A Date: 2020-02-10 Exploit Author: Sayak Naskar Vendor Homepage: https://vanillaforums.com/en/ Version: 2.6.3 Tested on: Windows, Linux CVE : CVE-2020-8825 A...

Important: Red Hat Security Advisory: 389-ds:1.4 security update

An update for the 389-ds:1.4 module is now available for Red Hat Enterprise Linux 8.0 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...

Kibana 6.6.1 - CSV Injection

Exploit Title: Kibana 6.6.1 - CSV Injection Google Dork: inurl:"/app/kibana" intitle:"Kibana" Date: 2020-01-15 Exploit Author: Aamir Rehman Vendor Homepage: https://www.elastic.co/kibana Software Link: https://www.elastic.co/downloads/ Version: v6.6.1 possibly latest versions Tested on: Kibana...

New Bill Proposes NSA Surveillance Reforms

A newly-introduced bill is proposing sweeping privacy reforms to a controversial government surveillance program, which has been previously used by the National Security Agency NSA to vacuum up the call records of millions of Americans. The “Safeguarding Americans’ Private Records Act” was...

Huawei EulerOS: Security Advisory for binutils (EulerOS-SA-2019-1270)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Stack overflow

UHP UHP-100 3.4.1.15, 3.4.2.4, and 3.4.3 devices allow XSS via cw2?td= Site Name field of the Site Setup section...

CVE-2019-12819

A use-after-free flaw was found in the Linux kernel's MDIO section of the network management subsystem. An attacker who is able to hot-plug a network device can trigger the mdiobusregister function in drivers/net/phy/mdiobus.c, which can cause a use-after-free condition causing a memory corruptio...

Microsoft Windows Multiple Vulnerabilities (KB4534273)

This host is missing a critical security update according to Microsoft KB4534273 SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Microsoft Windows Multiple Vulnerabilities (KB4528760)

This host is missing a critical security update according to Microsoft KB4528760 SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2020-0644

An elevation of privilege vulnerability exists when Microsoft Windows implements predictable memory section names, aka 'Windows Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0635...

CVE-2020-0644

An elevation of privilege vulnerability exists when Microsoft Windows implements predictable memory section names, aka 'Windows Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0635...

CVE-2020-0644

An elevation of privilege vulnerability exists when Microsoft Windows implements predictable memory section names, aka 'Windows Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0635...

Windows Elevation of Privilege Vulnerability

An elevation of privilege vulnerability exists when Microsoft Windows implements predictable memory section names. An attacker who successfully exploited this vulnerability could run arbitrary code as system. An attacker could then install programs; view, change, or delete data; or create new...