Issues discovered in Joomla 3.2.0 – 3.9.12
Overview : Multiple flaws was discovered in Joomla 3.2.0 – 3.9.12 Affected Product(s) : Joomla! CMS versions 3.2.0 – 3.9.12
RHQ Mongo DB Drift Server vulnerability
Overview : An insecurity temporary file vulnerability exists in RHQ Mongo DB Drift Server through 2013-09-25 when unpacking zipped files.
Multiple vulnerabilities in TYPO3 Core
Overview : Multiple flaws was discovered in TYPO3 Core Affected Product(s) : TYPO3 versions 4.1.13 and below, 4.2.12 and below,
Attacks found in Honeywell Cameras
Overview : Multiple flaws was discovered in Honeywell equIP and Performance Series IP Cameras Affected Product(s) : Security Notification SN
IDOR vulnerability exists in Magento
Overview : An insecure direct object reference (IDOR) vulnerability exists in Magento Affected Product(s) : Magento 2.3 prior to 2.3.1,
SugarCRM CE unserialize PHP code execution in multiple files
Overview : SugarCRM CE <= 6.3.1 contains scripts that use “unserialize()” with user controlled input which allows remote attackers to
PostgreSQL security flaws
Overview : Multiple flaws was discovered in postgresql Affected Product(s) : postgresql 9.4 – 11 postgresql 11.x before 11.5 Vulnerability
Missing Authentication for Critical Function in IP-AK2
Overview : In IP-AK2 Access Control Panel Version 1.04.07 and prior, the integrated web server of the affected devices could
Potential SQL injection in PostgreSQL Zend\Db adapter
Overview : Zend Framework before 2.2.10 and 2.3.x before 2.3.5 has Potential SQL injection in PostgreSQL Zend\Db adapter. Affected Product(s)
TP-Link M7350 multiple vulnerabilities
Overview : Multiple security vulnerabilities in TP-Link M7350 devices Affected Product(s) : TP-Link M7350 devices through 1.0.16 Build 181220 Rel.1116n
IBM Security vulnerabilities released
Overview : Multiple security vulnerabilities have been updated in IBM products Affected Product(s) : IBM Maximo Asset Management 7.6 IBM
Apache Traffic Server is vulnerable to HTTP/2 setting flood attacks
Overview : Apache Traffic Server is vulnerable to HTTP/2 setting flood attacks. Earlier versions of Apache Traffic Server didn’t limit
IBM DB2 High Performance Unload load for LUW 6.1 and 6.5 is vulnerable to a buffer overflow
Overview : IBM DB2 High Performance Unload load for LUW 6.1 and 6.5 is vulnerable to a buffer overflow, caused
Authenticated SQL Injection in OpenEMR before 5.0.2.1
Overview : Authenticated SQL Injection in interface/forms/eye_mag/js/eye_base.php in OpenEMR through 5.0.2 allows a user to extract arbitrary data from the
Trend Micro Anti-Threat Toolkit (ATTK) RCE Vulnerability
Overview : Vulnerable versions of ATTK may allow an attacker to place malicious files in the same directory, potentially leading
Authentication Bypass Vulnerability in Citrix Application Delivery Controller and Citrix Gateway
Overview : An issue was discovered in Citrix Application Delivery Controller (ADC) and Gateway before 10.5 build 70.8, 11.x before
Information Disclosure Issue in Verodin Director version 3.5.3.1 and earlier
Overview : This advisory addresses a Information Disclosure vulnerability in Verodin Director affecting version 3.5.3.1 and earlier where an attacker
Etherpad-Lite 1.7.5 has an XSS Vulnerability
Overview : templates/pad.html in Etherpad-Lite 1.7.5 has XSS when the browser does not encode the path of the URL, as
Vulnerability was discovered in TOPMeeting before version 8.8
Overview : TOPMeeting security issues fixed. Affected Product(s) : TOPMeeting before version 8.8 Vulnerability Details : CVE ID : CVE-2019-13409
WordPress 5.2.4 Security Release Breakdown
Overview : WordPress released version 5.2.4 as a security release. According to WordPress, WordPress version 5.2.4 fixes 6 security issues.
Cisco Security issues released
Overview : Cisco Aironet Access Points Unauthorized Access Vulnerability CWE-284 / CVE-2019-15260 A vulnerability in Cisco Aironet Access Points (APs) Software could
SQL injection vulnerability in Zoho ManageEngine OpManager before 12.4
Overview : An issue was discovered in Zoho ManageEngine OpManager before 12.4 build 124089. The OPMDeviceDetailsServlet servlet is prone to
NETGEAR JNR1010 devices before 1.0.0.32 hacks
Overview : NETGEAR JNR1010 devices flaws Affected Product(s) : Netgear Router JNR1010 Version 1.0.0.24 Vulnerability Details : CVE ID :
IBM Maximo Anywhere root detection hack
Overview : IBM Maximo Anywhere does not have device root detection which could result in an attacker gaining sensitive information