Discourse up to 2.7.12/2.8.0.beta10 Group Member information disclosure

A vulnerability was found in Discourse up to 2.7.12/2.8.0.beta10. It has been declared as problematic. This vulnerability affects an unknown function of the component Group Member Handler. Upgrading to version 2.7.13 or 2.8.0.beta11 eliminates this vulnerability. Applying the patch fff8b98485561b12d070c0a8c39f4e503813ab44 is able to eliminate this problem. The bugfix is ready for download at github.com. The best possible mitigation is suggested to be upgrading to the latest version.

Common Vulnerabilityies and Exposures

Contact us to get started

TightVNC 1.3.10 vncviewer rfbproto.c InitialiseRFBConnection heap-based overflow

A vulnerability was found in TightVNC 1.3.10. It has been declared as critical. This vulnerability affects the function InitialiseRFBConnection of the file rfbproto.c of the component vncviewer. There is no information about possible countermeasures known. It may be suggested to replace the affected object with an alternative product.

PJSIP up to 2.11.1 RTP/RTCP out-of-bounds read

A vulnerability was found in PJSIP up to 2.11.1. It has been rated as critical. This issue affects an unknown code of the component RTP/RTCP. Applying the patch 22af44e68a0c7d190ac1e25075e1382f77e9397a is able to eliminate this problem. The bugfix is ready for download at github.com.

PJSIP up to 2.11.1 SIP Message out-of-bounds read

A vulnerability classified as critical has been found in PJSIP up to 2.11.1. Affected is an unknown code block of the component SIP Message. Applying the patch 077b465c33f0aec05a49cd2ca456f9a1b112e896 is able to eliminate this problem. The bugfix is ready for download at github.com.