New vulnerabilities from the NVD: CVE-2016-10742 | | Zabbix before 2.2.21rc1, 3.x before 3.0.13rc1, 3.1.x and 3.2.x before 3.2.10rc1, and 3.3.x and 3.4.x before 3.4.4rc1 allows open redirect via the request parameter. Published at: February 17, 2019 at 06:29PM View on website February 17, 2019 at 08:44PM via National Vulnerability Database | New vulnerabilities from the NVD: CVE-2018-15380 | | A vulnerability in the cluster service manager of Cisco HyperFlex Software could allow an unauthenticated, adjacent attacker to execute commands as the root user. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by connecting to the cluster service manager and injecting commands into the bound process. A successful exploit could allow the attacker to run commands on the affected host as the root user. This vulnerability affects Cisco HyperFlex Software releases prior to 3.5(2a). Published at: February 21, 2019 at 01:29AM View on website February 21, 2019 at 04:57AM via National Vulnerability Database | New vulnerabilities from the NVD: CVE-2013-7469 | | Seafile through 6.2.11 always uses the same Initialization Vector (IV) with Cipher Block Chaining (CBC) Mode to encrypt private data, making it easier to conduct chosen-plaintext attacks or dictionary attacks. Published at: February 21, 2019 at 05:29AM View on website February 21, 2019 at 08:57AM via National Vulnerability Database | New vulnerabilities from the NVD: CVE-2013-5654 (yingzhipython) | | Vulnerability in YingZhi Python Programming Language v1.9 allows arbitrary anonymous uploads to the phone's storage Published at: February 15, 2019 at 11:29PM View on website February 21, 2019 at 10:57PM via National Vulnerability Database | New vulnerabilities from the NVD: CVE-2014-10079 | | In Vembu StoreGrid 4.4.x, the front page of the server web interface leaks the private IP address in the "ipaddress" hidden form value of the HTML source code, which is disclosed because of incorrect processing of an index.php/ trailing slash. Published at: February 23, 2019 at 04:29PM View on website February 23, 2019 at 06:42PM via National Vulnerability Database | New vulnerabilities from the NVD: CVE-2014-10078 | | Vembu StoreGrid 4.4.x has XSS in interface/registercustomer/onlineregsuccess.php, interface/registerreseller/onlineregfailure.php, interface/registerclient/onlineregfailure.php, and interface/registercustomer/onlineregfailure.php. Published at: February 23, 2019 at 04:29PM View on website February 23, 2019 at 06:42PM via National Vulnerability Database | | Manage this Applet | |
|
|
Няма коментари:
Публикуване на коментар