Security News

Vuln: Imagick CVE-2019-11037 Denial of Service Vulnerability

Security Focus Vulnerabilities - 9 May, 2019 - 23:00
Imagick CVE-2019-11037 Denial of Service Vulnerability

Vuln: Multiple VMware Products CVE-2019-5518 Out of Bounds Read Write Local Code Execution Vulnerability

Security Focus Vulnerabilities - 9 May, 2019 - 23:00
Multiple VMware Products CVE-2019-5518 Out of Bounds Read Write Local Code Execution Vulnerability

dotCMS v5.1.1 Vulnerabilities

Bug Traq - 9 May, 2019 - 10:30

Posted by John Martinelli on May 09

Hello,

I identified several vulnerabilities in dotCMS v5.1.1 due to vulnerable
open source dependencies.

Full security write up:
http://secureli.com/dotcms-v5-1-1-vulnerable-open-source-dependencies/

The details:

----

 /ROOT/html/js/scriptaculous/prototype.js

↳ prototypejs 1.5.0
prototypejs 1.5.0 has known vulnerabilities: severity: high; CVE:
CVE-2008-7220; http://www.cvedetails.com/cve/CVE-2008-7220/...

SEC Consult SA-20190509-0 :: Multiple Vulnerabilities in Gemalto (Thales Group) DS3 Authentication Server / Ezio Server

Bug Traq - 9 May, 2019 - 10:27

Posted by SEC Consult Vulnerability Lab on May 09

SEC Consult Vulnerability Lab Security Advisory < 20190509-0 >
=======================================================================
title: Multiple Vulnerabilities
product: Gemalto (Thales Group) DS3 Authentication Server / Ezio
Server
vulnerable version: Ezio DS3 server <v3.1.0
fixed version: Ezio DS3 server v3.1.0
CVE number: CVE-2019-9156, CVE-2019-9157, CVE-2019-9158...

SEC Consult SA-20190509-0 :: Multiple Vulnerabilities in Gemalto (Thales Group) DS3 Authentication Server / Ezio Server

Full Disclosure - 9 May, 2019 - 05:55

Posted by SEC Consult Vulnerability Lab on May 09

SEC Consult Vulnerability Lab Security Advisory < 20190509-0 >
=======================================================================
title: Multiple Vulnerabilities
product: Gemalto (Thales Group) DS3 Authentication Server / Ezio
Server
vulnerable version: Ezio DS3 server <v3.1.0
fixed version: Ezio DS3 server v3.1.0
CVE number: CVE-2019-9156, CVE-2019-9157, CVE-2019-9158...

Vuln: Apache Fineract Multiple SQL Injection Vulnerabilities

Security Focus Vulnerabilities - 8 May, 2019 - 23:00
Apache Fineract Multiple SQL Injection Vulnerabilities

Vuln: SQLite CVE-2019-5018 Use After Free Remote Code Execution Vulnerability

Security Focus Vulnerabilities - 8 May, 2019 - 23:00
SQLite CVE-2019-5018 Use After Free Remote Code Execution Vulnerability

[SECURITY] [DSA 4438-1] atftp security update

Bug Traq - 8 May, 2019 - 03:39

Posted by Salvatore Bonaccorso on May 08

-------------------------------------------------------------------------
Debian Security Advisory DSA-4438-1 security () debian org
https://www.debian.org/security/ Salvatore Bonaccorso
May 07, 2019 https://www.debian.org/security/faq
-------------------------------------------------------------------------

Package : atftp
CVE ID : CVE-2019-11365 CVE-2019-11366
Debian...

Vuln: Alpine Linux Docker Image CVE-2019-5021 Hard Coded Credentials Authentication Bypass Vulnerability

Security Focus Vulnerabilities - 7 May, 2019 - 23:00
Alpine Linux Docker Image CVE-2019-5021 Hard Coded Credentials Authentication Bypass Vulnerability

Vuln: Kaspersky Antivirus Engine CVE-2019-8285 Heap Buffer Overflow Vulnerability

Security Focus Vulnerabilities - 7 May, 2019 - 23:00
Kaspersky Antivirus Engine CVE-2019-8285 Heap Buffer Overflow Vulnerability

Vuln: Linux Kernel CVE-2019-11815 Race Condition Vulnerability

Security Focus Vulnerabilities - 7 May, 2019 - 23:00
Linux Kernel CVE-2019-11815 Race Condition Vulnerability

Vuln: Symantec AV Engine CVE-2019-9698 Arbitrary File Deletion Vulnerability

Security Focus Vulnerabilities - 7 May, 2019 - 23:00
Symantec AV Engine CVE-2019-9698 Arbitrary File Deletion Vulnerability

Vuln: Multiple F5 BIG-IP Products CVE-2019-6619 Denial of Service Vulnerability

Security Focus Vulnerabilities - 7 May, 2019 - 23:00
Multiple F5 BIG-IP Products CVE-2019-6619 Denial of Service Vulnerability

Open source tool | Lets Map Your Network

Full Disclosure - 7 May, 2019 - 12:31

Posted by Pramod Rana on May 07

Let’s Map Your Network (LMYN) aims to provide an easy to use interface
to security engineer and network administrator to have their network
in graphical form with zero manual error, where a node represents a
system and relationship between nodes represent the connection.

It is utmost important for any security engineer to understand their
network first before securing it and it becomes a daunting task to
have a ‘true’ understanding of a...

Vuln: Linux Kernel CVE-2018-20836 Race Condition Vulnerability

Security Focus Vulnerabilities - 6 May, 2019 - 23:00
Linux Kernel CVE-2018-20836 Race Condition Vulnerability

Vuln: Cisco Elastic Services Controller CVE-2019-1867 Authentication Bypass Vulnerability

Security Focus Vulnerabilities - 6 May, 2019 - 23:00
Cisco Elastic Services Controller CVE-2019-1867 Authentication Bypass Vulnerability

Vuln: Cisco Firepower Threat Defense Software CVE-2019-1703 Denial of Service Vulnerability

Security Focus Vulnerabilities - 6 May, 2019 - 23:00
Cisco Firepower Threat Defense Software CVE-2019-1703 Denial of Service Vulnerability

Vuln: Jenkins Multiple Security Vulnerabilities

Security Focus Vulnerabilities - 6 May, 2019 - 23:00
Jenkins Multiple Security Vulnerabilities

Vuln: F5 BIG-IP SNMP CVE-2019-6613 Information Disclosure Vulnerability

Security Focus Vulnerabilities - 5 May, 2019 - 23:00
F5 BIG-IP SNMP CVE-2019-6613 Information Disclosure Vulnerability

Vuln: Apache Karaf CVE-2019-0226 Arbitrary File Overwrite Vulnerability

Security Focus Vulnerabilities - 5 May, 2019 - 23:00
Apache Karaf CVE-2019-0226 Arbitrary File Overwrite Vulnerability
Syndicate content