Qualys Security Advisory
System Down: A systemd-journald exploit
Contents
Summary
CVE-2018-16864
- Analysis
- Exploitation
CVE-2018-16865
-
# [CVE-2018-10093] Remote command injection vulnerability in AudioCode
IP phones
## Description
The AudioCodes 400HD series of IP phones consists in a range of
easy-to-use, feature-rich desktop devices for the service provider
hosted services, enterprise IP telephony and contact center markets.
# [CVE-2018-10091] Stored XSS vulnerabilities in AudioCode IP phones
## Description
The AudioCodes 400HD series of IP phones is a range of easy-to-use,
feature-rich desktop devices for the service provider hosted services,
enterprise IP telephony and contact center markets.
Most of user inputs
On Tue, Jan 08, 2019 at 11:42:59AM +0100, Daniel Bishtawi wrote:
> Status: Fixed
> CVE-ID: CVE-2018-13055
Fixed in 2.15.1
https://mantisbt.org/blog/archives/mantisbt/602
https://mantisbt.org/bugs/view.php?id=24580
On Mon, Dec 03, 2018 at 03:37:25PM +0100, Daniel Bishtawi wrote:
> Name: Reflected Cross-site Scripting Vulnerability in CubeCart
> Affected Versions: 6.2.2
> Status: Fixed
> https://www.netsparker.com/web-applications-advisories/ns-18-025-reflected-cross-site-scripting-in-cubecart/
Fixed in what
Hello,
We are glad to inform you about the vulnerabilities we reported in Ampache
3.8.6
Here are the details:
Advisory by Netsparker
Name: Multiple Reflected Cross-site Scripting in Ampache 3.8.6
Affected Software: Ampache
Affected Versions: 3.8.6
Homepage: http://ampache.org
Vulnerability:
Hello,
We are glad to inform you about the vulnerabilities we reported in
BlogEngine 3.3.
Here are the details:
Advisory by Netsparker
Name: XML External Entity Injection Vulnerability in BlogEngine 3.3
Affected Software: BlogEngine
Affected Versions: 3.3
Homepage: https://blogengine.io/
Hello,
We are glad to inform you about the vulnerabilities we reported
in OrangeForum 1.4.0
Here are the details:
Advisory by Netsparker
Name: Open Redirection Vulnerabilities in OrangeForum 1.4.0
Affected Software: OrangeForum
Affected Versions: 1.4.0
Homepage:
Greetings,
We are happy to announce version 4.0.1 of Capstone disassembler framework!
This release fixes some bugs of v4.0, and introduces some improvements for
the Python binding. We encourage all users of v4.0 to upgrade.
In no particular order, we would like to thank NowSecure
[+] Credits: John Page (aka hyp3rlinx)
[+] Website: hyp3rlinx.altervista.org
[+] Source:
http://hyp3rlinx.altervista.org/advisories/MICROSOFT-WINDOWS-VCF-FILE-INSUFFICIENT-WARNING-REMOTE-CODE-EXECUTION.txt
[+] ISR: ApparitionSec
[+] Zero Day Initiative Program
[Vendor]
www.microsoft.com
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
X41 D-SEC GmbH Security Advisory: X41-2018-009
ReDoS Vulnerability in UA-Parser
Severity Rating: Medium
Confirmed Affected Versions: 2015-05-14 and newer, commit
6fd6c261274254bcbbacd77ef4b12534c7f9923d
Confirmed
11 matches
Mail list logo