Vulnerability information
=
Title: phpBB Native Fulltext Search denial of service
CVE ID: CVE-2019-9826
CVSSv3 score: 8.6 (AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H)
Vulnerability description
=
Improper input validation in the Native Fulltext Search
Revive Adserver Security Advisory REVIVE-SA-2019-001
https://www.revive-adserver.com/security/revive-sa-2019-001
In the scope of academic research at Ruhr-University Bochum and Münster
University of Applied Sciences, Germany, various vulnerabilities
regarding the signature verification logic in OpenPGP and S/MIME capable
email clients have been discovered.
While neither OpenPGP nor S/MIME are directly
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
On Fri, Apr 05, 2019 at 02:02:29PM +0300, Panagiotis Vagenas wrote:
> # Exploit Title: Contact Form by WD [CSRF → LFI]
> # Date: 2019-03-17
> # Exploit Author: Panagiotis Vagenas
> # Vendor Homepage: http://web-dorado.com/
> # Software Link:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
On Fri, Apr 05, 2019 at 02:01:21PM +0300, Panagiotis Vagenas wrote:
> # Exploit Title: Form Maker by WD [CSRF → LFI]
> # Date: 2019-03-17
> # Exploit Author: Panagiotis Vagenas
> # Vendor Homepage: http://web-dorado.com/
> # Software Link:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
On Sat, Apr 20, 2019 at 07:22:25AM +0300, Panagiotis Vagenas wrote:
> # Exploit Title: Contact Form Builder [CSRF → LFI]
> # Date: 2019-03-17
> # Exploit Author: Panagiotis Vagenas
> # Vendor Homepage: http://web-dorado.com/
> # Software Link:
Dear subscribers, we have been made aware of two critical vulnerabilities in
Dovecot 2.3. Please find patches attached for 2.3.5.2.
---
Aki Tuomi
Open-Xchange oy
--
Open-Xchange Security Advisory 2019-04-30
Product: Dovecot
Vendor: OX Software GmbH
Internal reference: DOV-3212 (Bug ID)