Azure File Sync Agent v7.1 Release – July 2019 (KB4490496)

Update for Azure File Sync agent version 7.1.0.0. For more details, see the associated Microsoft Knowledge Base article...

Azure File Sync Agent v7.1 Release – July 2019 (KB4490496)

Update for Azure File Sync agent version 7.1.0.0. For more details, see the associated Microsoft Knowledge Base article...

org.apache.storm:storm-kafka-client-examples (>=1.1.0 <=1.2.2), uk.co.gresearch.siembol:config-editor-sync (>=1.0.0 <=1.3.0) potentially affected by CVE-2018-11779 via org.apache.storm:storm-kafka-client (>=1.1.0 <=1.2.2)

org.apache.storm:storm-kafka-client MAVEN version =1.1.0, =1.1.0, =1.0.0, =1.3.0 Source cves: CVE-2018-11779 Source advisory: OSV:GHSA-25PC-85QF-6J69...

CVE-2018-20946

cPanel before 68.0.27 allows attackers to read zone information because a world-readable archive is created by the archivesynczones script SEC-355...

UBUNTU-CVE-2019-13618

In GPAC before 0.8.0, isomedia/isomread.c in libgpac.a has a heap-based buffer over-read, as demonstrated by a crash in gfm2tssync in mediatools/mpegts.c...

Command Injection

dns-sync is vulnerable to command injection. Lack of input validation allows an attacker to submit input into resolve method, whcih would allow arbitrary command injection on the system...

Couchbase Sync Gateway SQL Injection Vulnerability

Couchbase Sync Gateway is a secure Web gateway for data access and data synchronization over the Web from Couchbase Inc. in the United States. A SQL injection vulnerability exists in the REST API in Couchbase Sync Gateway version 2.1.2 Couchbase Server. An attacker could exploit the vulnerability...

Update Rollup for Azure File Sync Agent – June 2019

Update Rollup for Azure File Sync Agent – June 2019 Introduction This article describes the issues that are fixed in the Update Rollup for Azure File Sync Agent that is dated June 2019. Additionally, this article contains installation instructions for the update. Improvements and issues that are...

Azure File Sync Agent v6.3 Release – June 2019 (KB4489739)

Update for Azure File Sync agent version 6.3.0.0. For more details, see the associated Microsoft Knowledge Base article...

Azure File Sync Agent v6.3 Release – June 2019 (KB4489739)

Update for Azure File Sync agent version 6.3.0.0. For more details, see the associated Microsoft Knowledge Base article...

Azure File Sync Agent v6.3 Release – June 2019 (KB4489739)

Update for Azure File Sync agent version 6.3.0.0. For more details, see the associated Microsoft Knowledge Base article...

CVE-2019-9039

In Couchbase Sync Gateway 2.1.2, an attacker with access to the Sync Gateway’s public REST API was able to issue additional N1QL statements and extract sensitive data or call arbitrary N1QL functions through the parameters "startkey" and "endkey" on the "alldocs" endpoint. By issuing nested queri...

CVE-2019-9039

In Couchbase Sync Gateway 2.1.2, an attacker with access to the Sync Gateway’s public REST API was able to issue additional N1QL statements and extract sensitive data or call arbitrary N1QL functions through the parameters "startkey" and "endkey" on the "alldocs" endpoint. By issuing nested queri...

Design/Logic Flaw

In Couchbase Sync Gateway 2.1.2, an attacker with access to the Sync Gateway’s public REST API was able to issue additional N1QL statements and extract sensitive data or call arbitrary N1QL functions through the parameters "startkey" and "endkey" on the "alldocs" endpoint. By issuing nested queri...

CVE-2019-9039

In Couchbase Sync Gateway 2.1.2, an attacker with access to the Sync Gateway’s public REST API was able to issue additional N1QL statements and extract sensitive data or call arbitrary N1QL functions through the parameters "startkey" and "endkey" on the "alldocs" endpoint. By issuing nested queri...

CVE-2019-9039

The CVE-2019-9039 issue affects Couchbase Sync Gateway 2.1.2, where an attacker with access to the public REST API could inject additional N1QL statements via the startkey/endkey parameters on the _all_docs endpoint. The underlying vulnerability is a N1QL injection that could disclose sensitive d...

PT-2019-5178 · Imagemagick +4 · Imagemagick +4

Name of the Vulnerable Software and Affected Versions: ImageMagick version 7.0.8-34 Description: The issue is related to the use of an uninitialized value in the SyncImageSettings function in MagickCore/image.c, which is also connected to AcquireImage in magick/image.c. This could potentially all...

Azure File Sync Agent v7.0 Release – June 2019 (KB4490495)

Update for Azure File Sync agent version 7.0.0.0. For more details, see the associated Microsoft Knowledge Base article...

Azure File Sync Agent v7.0 Release – June 2019 (KB4490495)

Update for Azure File Sync agent version 7.0.0.0. For more details, see the associated Microsoft Knowledge Base article...

Azure File Sync Agent v7.0 Release – June 2019 (KB4490495)

Update for Azure File Sync agent version 7.0.0.0. For more details, see the associated Microsoft Knowledge Base article...