WordPress 5.2.4 Security Release Breakdown
Overview : WordPress released version 5.2.4 as a security release. According to WordPress, WordPress version 5.2.4 fixes 6 security issues.
Cisco Security issues released
Overview : Cisco Aironet Access Points Unauthorized Access Vulnerability CWE-284 / CVE-2019-15260 A vulnerability in Cisco Aironet Access Points (APs) Software could
SQL injection vulnerability in Zoho ManageEngine OpManager before 12.4
Overview : An issue was discovered in Zoho ManageEngine OpManager before 12.4 build 124089. The OPMDeviceDetailsServlet servlet is prone to
NETGEAR JNR1010 devices before 1.0.0.32 hacks
Overview : NETGEAR JNR1010 devices flaws Affected Product(s) : Netgear Router JNR1010 Version 1.0.0.24 Vulnerability Details : CVE ID :
IBM Maximo Anywhere root detection hack
Overview : IBM Maximo Anywhere does not have device root detection which could result in an attacker gaining sensitive information
SAP Latest Security Patch released
Overview : Latest vulnerabilities discovered in SAP products Affected Product(s) : SAP Vulnerability Details : CVE ID : CVE-2019-0367 [CVE-2019-0367] Missing
Moxa EDR 810 Series vulnerabilities
Overview : Moxa EDR 810 Series Improper Input Validation and Improper Access Control vulnerabilities Affected Product(s) : EDR-810: All versions
FiberHome HG2201T Pre-Auth RCE
Overview : FiberHome HG2201T 1.00.M5007_JS_201804 devices allows pre-authentication Directory Traversal for reading arbitrary files. Affected Product(s) : FiberHome HG2201T Vulnerability
vBulletin 5.5.4 allows Two SQL Injection Vulnerabilities
Overview : vBulletin 5.5.4 allows SQL Injection via the ajax/api/hook/getHookList or ajax/api/widget/getWidgetList where parameter. Affected Product(s) : vBulletin 5.5.4 Vulnerability
SugarCRM security issues released
Overview : CVE-2019-17292 SugarCRM before 8.0.4 and 9.x before 9.0.2 allows SQL injection in the pmse_Inbox module by an Admin
ArcSight Logger Security Vulnerability
Overview : ‘External Task is undefined’ & ‘Syntax error’ errors appear on browser console after a Logger report query object
WebSphere Application Server vulnerability
Overview : There is a potential information disclosure vulnerability in IBM WebSphere Application Server. Affected Product(s) : Liberty Version 9.0
IBM Security Guardium vulnerable to a privilege escalation
Overview : IBM Security Guardium has addressed the following vulnerability. Affected Product(s) : IBM Security Guardium 9.0 – 9.5 IBM
JetBrains announces vulnerabilities
Overview : The security vulnerabilities detected in JetBrains products as follows Affected Product(s) : JetBrains 2019.2.56594 JetBrains ReSharper installers for
Cisco announces vulnerabilities
Overview : Cisco Firepower Management Center Remote Code Execution Vulnerability CWE-20 / CVE-2019-12689 A vulnerability in the web-based management interface
IBM Security Directory Server vulnerabilities
Overview : Multiple security vulnerabilities have been fixed and delivered in IBM Security Directory Server. Affected Product(s) : IBM Security
XSS / SSRF hacks in SuiteCRM
Overview : SuiteCRM Lists Latest Updates of XSS / SSRF Vulnerabilities Affected Product(s) : SuiteCRM 7.11.x and 7.10.x before 7.11.8
JetBrains Security News
Overview : The security vulnerabilities detected in JetBrains products as follows Affected Product(s) : JetBrains YouTrack versions before 2019.1.52584. JetBrains
NETGEAR SRX5308 SQL Injection Vulnerability
Overview : NETGEAR SRX5308 4.3.5-3 devices allow SQL Injection, as exploited in the wild in September 2019 to add a
IBM WebSphere could expose sensitive information
Overview : Multiple vulnerabilities in IBM WebSphere eXtreme Scale Client could expose sensitive information. Affected Product(s) : WebSphere eXtreme Scale
Dell EMC Integrated Data Protection Appliance Vulnerabilities
Overview : Integrated Data Protection Appliance 2.3 contains fixes for multiple security vulnerabilities that may potentially be exploited by malicious
Remote Code Execution in Exim from (4.92 through 4.92.2)
Overview : Exim 4.92 through 4.92.2 allows remote code execution, a different vulnerability than CVE-2019-15846. There is a heap-based buffer
Hack through XML Files while using NSA Ghidra
Overview : NSA Ghidra through 9.0.4, when experimental mode is enabled, allows arbitrary code execution if the Read XML Files
Dell EMC ECS Authentication Vulnerability
Overview : Dell EMC ECS versions prior to 3.4.0.0 contain an improper restriction of excessive authentication attempts vulnerability. An unauthenticated