Apache Traffic Server is vulnerable to HTTP/2 setting flood attacks
Overview : Apache Traffic Server is vulnerable to HTTP/2 setting flood attacks. Earlier versions of Apache Traffic Server didn’t limit
IBM DB2 High Performance Unload load for LUW 6.1 and 6.5 is vulnerable to a buffer overflow
Overview : IBM DB2 High Performance Unload load for LUW 6.1 and 6.5 is vulnerable to a buffer overflow, caused
Authenticated SQL Injection in OpenEMR before 5.0.2.1
Overview : Authenticated SQL Injection in interface/forms/eye_mag/js/eye_base.php in OpenEMR through 5.0.2 allows a user to extract arbitrary data from the
Trend Micro Anti-Threat Toolkit (ATTK) RCE Vulnerability
Overview : Vulnerable versions of ATTK may allow an attacker to place malicious files in the same directory, potentially leading
Authentication Bypass Vulnerability in Citrix Application Delivery Controller and Citrix Gateway
Overview : An issue was discovered in Citrix Application Delivery Controller (ADC) and Gateway before 10.5 build 70.8, 11.x before
Information Disclosure Issue in Verodin Director version 3.5.3.1 and earlier
Overview : This advisory addresses a Information Disclosure vulnerability in Verodin Director affecting version 3.5.3.1 and earlier where an attacker
Etherpad-Lite 1.7.5 has an XSS Vulnerability
Overview : templates/pad.html in Etherpad-Lite 1.7.5 has XSS when the browser does not encode the path of the URL, as
WordPress 5.2.4 Security Release Breakdown
Overview : WordPress released version 5.2.4 as a security release. According to WordPress, WordPress version 5.2.4 fixes 6 security issues.
SQL injection vulnerability in Zoho ManageEngine OpManager before 12.4
Overview : An issue was discovered in Zoho ManageEngine OpManager before 12.4 build 124089. The OPMDeviceDetailsServlet servlet is prone to
NETGEAR JNR1010 devices before 1.0.0.32 hacks
Overview : NETGEAR JNR1010 devices flaws Affected Product(s) : Netgear Router JNR1010 Version 1.0.0.24 Vulnerability Details : CVE ID :
SAP Latest Security Patch released
Overview : Latest vulnerabilities discovered in SAP products Affected Product(s) : SAP Vulnerability Details : CVE ID : CVE-2019-0367 [CVE-2019-0367] Missing
Moxa EDR 810 Series vulnerabilities
Overview : Moxa EDR 810 Series Improper Input Validation and Improper Access Control vulnerabilities Affected Product(s) : EDR-810: All versions
FiberHome HG2201T Pre-Auth RCE
Overview : FiberHome HG2201T 1.00.M5007_JS_201804 devices allows pre-authentication Directory Traversal for reading arbitrary files. Affected Product(s) : FiberHome HG2201T Vulnerability
Sugarcrm security issues released
Overview : CVE-2019-17292 SugarCRM before 8.0.4 and 9.x before 9.0.2 allows SQL injection in the pmse_Inbox module by an Admin
ArcSight Logger Security Vulnerability
Overview : ‘External Task is undefined’ & ‘Syntax error’ errors appear on browser console after a Logger report query object
WebSphere Application Server vulnerability
Overview : There is a potential information disclosure vulnerability in IBM WebSphere Application Server. Affected Product(s) : Liberty Version 9.0
IBM Security Guardium vulnerable to a privilege escalation
Overview : IBM Security Guardium has addressed the following vulnerability. Affected Product(s) : IBM Security Guardium 9.0 – 9.5 IBM
JetBrains announces vulnerabilities
Overview : The security vulnerabilities detected in JetBrains products as follows Affected Product(s) : JetBrains 2019.2.56594 JetBrains ReSharper installers for
Cisco announces vulnerabilities
Overview : Cisco Firepower Management Center Remote Code Execution Vulnerability CWE-20 / CVE-2019-12689 A vulnerability in the web-based management interface
IBM Security Directory Server vulnerabilities
Overview : Multiple security vulnerabilities have been fixed and delivered in IBM Security Directory Server. Affected Product(s) : IBM Security
XSS / SSRF hacks in SuiteCRM
Overview : SuiteCRM Lists Latest Updates of XSS / SSRF Vulnerabilities Affected Product(s) : SuiteCRM 7.11.x and 7.10.x before 7.11.8
JetBrains Security News
Overview : The security vulnerabilities detected in JetBrains products as follows Affected Product(s) : JetBrains YouTrack versions before 2019.1.52584. JetBrains
NETGEAR SRX5308 SQL Injection Vulnerability
Overview : NETGEAR SRX5308 4.3.5-3 devices allow SQL Injection, as exploited in the wild in September 2019 to add a
IBM WebSphere could expose sensitive information
Overview : Multiple vulnerabilities in IBM WebSphere eXtreme Scale Client could expose sensitive information. Affected Product(s) : WebSphere eXtreme Scale