WebGlimpse 2.18.7 - Directory Traversal

A directory traversal vulnerability in wgarcmin.cgi in WebGlimpse 2.18.7 and earlier allows remote attackers to read arbitrary files via a .. dot dot in the DOC parameter. id: CVE-2009-5114 info: name: WebGlimpse 2.18.7 - Directory Traversal author: daffainfo severity: medium description: A...

Galera WebTemplate 1.0 Directory Traversal

Galera WebTemplate 1.0 is affected by a directory traversal vulnerability that could reveal information from /etc/passwd and /etc/shadow. id: CVE-2021-40960 info: name: Galera WebTemplate 1.0 Directory Traversal author: daffainfo severity: critical description: Galera WebTemplate 1.0 is affected ...

SmarterTools SmarterTrack - Cross-Site Scripting

Cross-site Scripting XSS vulnerability in SmarterTools SmarterTrack This issue affects: SmarterTools SmarterTrack 100.0.8019.14010. id: CVE-2022-24384 info: name: SmarterTools SmarterTrack - Cross-Site Scripting author: E1A severity: medium description: | Cross-site Scripting XSS vulnerability in...

rConfig 3.9.4 - SQL Injection

rConfig 3.9.4 and previous versions have unauthenticated devices.inc.php SQL injection. Because nodes' passwords are stored in cleartext by default, this vulnerability leads to lateral movement, granting an attacker access to monitored network devices. id: CVE-2020-10548 info: name: rConfig 3.9.4...

PaloAlto Networks Expedition - Remote Code Execution

An OS command injection vulnerability in Palo Alto Networks Expedition allows an unauthenticated attacker to run arbitrary OS commands as root in Expedition, resulting in disclosure of usernames, cleartext passwords, device configurations, and device API keys of PAN-OS firewalls. id: CVE-2024-946...

Actively Exploited Zero-Day Bug Patched by Microsoft

Microsoft has revealed 73 new patches for May’s monthly update of security fixes, including a patch for one flaw–a zero-day Windows LSA Spoofing Vulnerability rated as “important”—that is currently being exploited with man-in-the-middle attacks. The software giant’s monthly update of patches that...

Android 10 Security Release NotesStay organized with collectionsSave and categorize content based on your preferences.

This Android Security Release Notes contains details of security vulnerabilities affecting Android devices which are addressed as part of Android 10. Android 10 devices with a security patch level of 2019-09-01 or later are protected against these issues Android 10, as released on AOSP, has a...

Upgrade Tomcat to the latest 8.0.x release

h3. Summary We are currently on 8.0.17 and have already been bitten by a bug in it: https://bz.apache.org/bugzilla/showbug.cgi?id=57476 We should upgrade to the latest to get the latest bugfixes. Also, there have been a number of recent CVEs involving Tomcat, most of which involve SecurityManager...

RedHat Update for glibc RHSA-2014:1110-01

The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Oracle Linux 5 : java-1.6.0-openjdk (ELSA-2010-0339)

The remote Oracle Linux 5 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2010-0339 advisory. 1:1.6.0.0-1.11.b16.0.1.el5 - Add oracle-enterprise.patch 1:1.6.0.0-1.11.b16.el5 - Remove javaws alternative due to conflict with java-1.6.0-sun's...

Fedora Core 10 FEDORA-2009-8337 (java-1.6.0-openjdk)

The remote host is missing an update to java-1.6.0-openjdk announced via advisory FEDORA-2009-8337. Note: This VT has been deprecated and is therefore no longer functional. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are...

RedHat Update for ruby RHSA-2008:0562-01

Check for the Version of ruby OpenVAS Vulnerability Test RedHat Update for ruby RHSA-2008:0562-01 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms o...