Databáze Hot News 2019 July - 2019 January February March April May June July August September October November December
31.7.2019
Bugtraq
Malware
Phishing
Vulnerebility
Exploint
Oracle Hyperion Planning 11.1.2.3 - XML External Entity
Redis 4.x / 5.x - Unauthenticated Code Execution (Metasploit)
30.7.2019
Bugtraq
Malware
Phishing
Vulnerebility
Exploint
iMessage - NSKeyedUnarchiver Deserialization Allows file Backed NSData Objects
iMessage - Memory Corruption when Decoding NSKnownKeysDictionary1
iMessage - NSArray Deserialization can Invoke Subclass that does not Retain References
macOS / iOS JavaScriptCore - JSValue Use-After-Free in ValueProfiles
Amcrest Cameras 2.520.AC00.18.R - Unauthenticated Audio Streaming
Amcrest Cameras 2.520.AC00.18.R - Unauthenticated Audio Streaming
29.7.2019
Bugtraq
Malware
Phishing
ApplelD | 29th July 2019 |
Reminder: your information has | |
Vulnerebility
Exploint
WP Database Backup < 5.2 - Remote Code Execution (Metasploit)
Schneider Electric Pelco Endura NET55XX Encoder - Authentication Bypass (Metasploit)
GigToDo 1.3 - Cross-Site Scripting
WordPress Theme Real Estate 2.8.9 - Cross-Site Scripting
WordPress Plugin Simple Membership 3.8.4 - Cross-Site Request Forgery
26.7.2019
Bugtraq
Malware
Phishing
Vulnerebility
Jenkins Credentials Binding Plugin CVE-2019-1010241 Information Disclosure Vulnerability
2019-07-26
http://www.securityfocus.com/bid/109320
Qualcomm Components CVE-2019-2307 Integer Underflow Vulnerability
2019-07-26
http://www.securityfocus.com/bid/109383
LibreOffice Remote Code Execution and Unauthorized Access Vulnerabilities
2019-07-26
http://www.securityfocus.com/bid/109374
Exploint
Ahsay Backup 7.x - 8.1.1.50 - XML External Entity Injection
Ahsay Backup 7.x - 8.1.1.50 - Authenticated Arbitrary File Upload / Remote Code Execution
pdfresurrect 0.15 - Buffer Overflow
Moodle Filepicker 3.5.2 - Server Side Request Forgery
Microsoft Windows 7 build 7601 (x86) - Local Privilege Escalation
25.7.2019
Bugtraq
Malware
Phishing
Aol. Aol. | 25th July 2019 |
2019 AOL OATH PRIVACY POLICY | | |
Vulnerebility
KDE KAuth CVE-2017-8422 Local Privilege Escalation Vulnerability
2019-07-25
http://www.securityfocus.com/bid/98412
FreeBSD CVE-2019-5604 Out of Bounds Read Denial of Service Vulnerability
2019-07-25
http://www.securityfocus.com/bid/109369
Exploint
WebKit - Universal Cross-Site Scripting due to Synchronous Page Loads
Ovidentia 8.4.3 - Cross-Site Scripting
Ovidentia 8.4.3 - SQL Injection
24.7.2019
Bugtraq
Malware
Phishing
Vulnerebility
Exim CVE-2019-13917 Privilege Escalation Vulnerability
2019-07-24
http://www.securityfocus.com/bid/109338
Exploint
Android 7-9 - Remote Code Execution
Apple iMessage - DigitalTouch tap Message Processing Out-of-Bounds Read
Trend Micro Deep Discovery Inspector IDS - Security Bypass
WordPress Plugin Hybrid Composer 1.4.6 - Improper Access Restrictions
Cisco Wireless Controller 3.6.10E - Cross-Site Request Forgery
23.7.2019
Bugtraq
Malware
Phishing
Microsoft Outlook | 23rd July 2019 |
Vulnerebility
Scapy '_RADIUSAttrPacketListField' Class Remote Denial of Service Vulnerability
2019-07-23
http://www.securityfocus.com/bid/106674
FFmpeg CVE-2019-12730 Security Bypass Vulnerability
2019-07-23
http://www.securityfocus.com/bid/109317
Exploint
22.7.2019
Bugtraq
Malware
Phishing
Vulnerebility
Linux Kernel CVE-2019-11811 Local Arbitrary Code Execution Vulnerability
2019-07-22
http://www.securityfocus.com/bid/108410
Exploint
Comtrend-AR-5310 - Restricted Shell Escape
BACnet Stack 0.8.6 - Denial of Service
Axway SecureTransport 5 - Unauthenticated XML Injection
19.7.2019
Bugtraq
Malware
Phishing
Vulnerebility
GNOME gvfs CVE-2019-12795 Local Authorization Bypass Vulnerability
2019-07-19
http://www.securityfocus.com/bid/108741
Mozilla Firefox Multiple Security Vulnerabilities
2019-07-19
http://www.securityfocus.com/bid/109085
Mozilla Firefox and Firefox ESR Multiple Security Vulnerabilities
2019-07-19
http://www.securityfocus.com/bid/109086
Squid CVE-2019-13345 Multiple Cross Site Scripting Vulnerabilities
2019-07-19
http://www.securityfocus.com/bid/109095
Exploint
Web Ofisi Firma Rehberi 1 - 'il' SQL Injection
Web Ofisi Emlak 3 - 'emlak_durumu' SQL Injection
Web Ofisi Emlak 2 - 'ara' SQL Injection
Web Ofisi Platinum E-Ticaret 5 - 'q' SQL Injection
Web Ofisi E-Ticaret 3 - 'a' SQL Injection
fuelCMS 1.4.1 - Remote Code Execution
MAPLE Computer WBT SNMP Administrator 2.0.195.15 - Remote Buffer Overflow (EggHunter)
18.7.2019
Bugtraq
Malware
Phishing
ICloud Inc.. | 18th July 2019 |
Vulnerebility
CKEditor CVE-2018-9861 Cross Site Scripting Vulnerability
2019-07-18
http://www.securityfocus.com/bid/103924
Exploint
Microsoft Windows 10 1903/1809 - RPCSS Activation Kernel Security Callback Privilege Escalation
WordPress Plugin OneSignal 1.17.5 - 'subdomain' Persistent Cross-Site Scripting
17.7.2019
Bugtraq
Malware
Phishing
Vulnerebility
Apache Struts CVE-2016-1181 Remote Code Execution Vulnerability
2019-07-17
http://www.securityfocus.com/bid/91068
Apache Tomcat CVE-2018-1305 Security Bypass Vulnerability
2019-07-17
http://www.securityfocus.com/bid/103144
Apache HTTP Server CVE-2019-0190 Denial of Service Vulnerability
2019-07-17
http://www.securityfocus.com/bid/106743
Spring Security and Spring Framework CVE-2018-1258 Authorization Bypass Vulnerability
2019-07-17
http://www.securityfocus.com/bid/104222
Apache Tomcat CVE-2019-0199 Denial of Service Vulnerability
2019-07-17
http://www.securityfocus.com/bid/107674
Oracle Hospitality Simphony Multiple Local Security Vulnerabilities
2019-07-17
http://www.securityfocus.com/bid/109196
OpenSSL CVE-2017-3736 Information Disclosure Vulnerability
2019-07-17
http://www.securityfocus.com/bid/101666
FasterXML Jackson-databind CVE-2018-7489 Incomplete Fix Remote Code Execution Vulnerability
2019-07-17
http://www.securityfocus.com/bid/103203
Apache Tomcat CVE-2017-5664 Security Bypass Vulnerability
2019-07-17
http://www.securityfocus.com/bid/98888
Multiple CPU Hardware CVE-2017-5715 Information Disclosure Vulnerability
2019-07-17
http://www.securityfocus.com/bid/102376
Apache Solr CVE-2019-0192 Deserialization Remote Code Execution Vulnerability
2019-07-17
http://www.securityfocus.com/bid/107318
OpenSSL CVE-2018-0732 Denial of Service Vulnerability
2019-07-17
http://www.securityfocus.com/bid/104442
Apache ActiveMQ CVE-2018-11775 Man in the Middle Security Bypass Vulnerability
2019-07-17
http://www.securityfocus.com/bid/105335
FreeBSD Multiple Security Bypass Vulnerabilities
2019-07-17
http://www.securityfocus.com/bid/108395
cURL/libcURL CVE-2018-1000120 Buffer Overflow Vulnerability
2019-07-17
http://www.securityfocus.com/bid/103414
Apache CXF CVE-2018-8039 TLS Hostname Verification Security Bypass Vulnerability
2019-07-17
http://www.securityfocus.com/bid/106357
Perl Multiple Buffer Overflow Vulnerabilities
2019-07-17
http://www.securityfocus.com/bid/106145
Apache Batik CVE-2018-8013 Information Disclosure Vulnerability
2019-07-17
http://www.securityfocus.com/bid/104252
Oracle MySQL Server Cpujul2019 Multiple Security Vulnerabilities
2019-07-17
http://www.securityfocus.com/bid/109234
Multiple Dell EMC Products CVE-2018-11058 Buffer Overflow Vulnerability
2019-07-17
http://www.securityfocus.com/bid/108106
cURL/libcURL CVE-2018-16890 Heap Buffer Overflow Vulnerability
2019-07-17
http://www.securityfocus.com/bid/106947
Apache Tomcat CVE-2018-11784 Open Redirection Vulnerability
2019-07-17
http://www.securityfocus.com/bid/105524
OpenSSL CVE-2018-0734 Side Channel Attack Information Disclosure Vulnerability
2019-07-17
http://www.securityfocus.com/bid/105758
Apache Tika CVE-2018-17197 Denial of Service Vulnerability
2019-07-17
http://www.securityfocus.com/bid/106293
OWASP AntiSamy CVE-2017-14735 Cross Site Scripting Vulnerability
2019-07-17
http://www.securityfocus.com/bid/105656
FasterXML Jackson-databind CVE-2018-12023 Remote Code Execution Vulnerability
2019-07-17
http://www.securityfocus.com/bid/105659
FasterXML Jackson-databind Deserialization Multiple Remote Code Execution Vulnerabilities
2019-07-17
http://www.securityfocus.com/bid/107985
Apache Struts ClassLoader Manipulation CVE-2014-0114 Security Bypass Vulnerability
2019-07-17
http://www.securityfocus.com/bid/67121
Oracle Primavera Unifier Multiple Security Vulnerabilities
2019-07-17
http://www.securityfocus.com/bid/104823
Apache Tomcat CVE-2019-0232 Remote Code Execution Vulnerability
2019-07-17
http://www.securityfocus.com/bid/107906
Exploint
Windows - NtUserSetWindowFNID Win32k User Callback Privilege Escalation (Metasploit)
Linux - Broken Permission and Object Lifetime Handling for PTRACE_TRACEME
Oracle Siebel CRM 19.0 - Persistent Cross-Site Scripting
WinMPG iPod Convert 3.0 - 'Register' Denial of Service
MAPLE Computer WBT SNMP Administrator 2.0.195.15 - Remote Buffer Overflow
16.7.2019
Bugtraq
Malware
Phishing
Vulnerebility
Cisco IOS and IOS XE Software CVE-2018-0197 Denial of Service Vulnerability
2019-07-16
http://www.securityfocus.com/bid/105424
Symantec Norton Password Manager CVE-2019-9700 IP Address Spoofing Vulnerability
2019-07-16
http://www.securityfocus.com/bid/108676
Multiple TLS And DTLS Implementations CVE-2013-0169 Information Disclosure Vulnerability
2019-07-16
http://www.securityfocus.com/bid/57778
OpenVPN CVE-2016-6329 Information Disclosure Vulnerability
2019-07-16
http://www.securityfocus.com/bid/92631
SSL/TLS Protocol Initialization Vector Implementation Information Disclosure Vulnerability
2019-07-16
http://www.securityfocus.com/bid/49778
Pivotal Spring Security CVE-2019-11272 Authentication Bypass Vulnerability
2019-07-16
http://www.securityfocus.com/bid/108877
Linux Kernel 'crypto/af_alg.c' Use After Free Arbitrary Code Execution Vulnerability
2019-07-16
http://www.securityfocus.com/bid/107063
Schneider Electric Floating License Manager ICSA-19-192-07 Multiple Security Vulnerabilities
2019-07-16
http://www.securityfocus.com/bid/109155
Mozilla Firefox and Firefox ESR Multiple Security Vulnerabilities
2019-07-16
http://www.securityfocus.com/bid/109086
Moodle CVE-2019-10188 Security Bypass Vulnerability
2019-07-16
http://www.securityfocus.com/bid/109178
Moodle CVE-2019-10187 Security Bypass Vulnerability
2019-07-16
http://www.securityfocus.com/bid/109174
Exploint
Microsoft Windows 10 < build 17763 - AppXSvc Hard Link Privilege Escalation (Metasploit)
Microsoft Compiled HTML Help / Uncompiled .chm File - XML External Entity Injection
DameWare Remote Support 12.0.0.509 - 'Host' Buffer Overflow (SEH)
CentOS Control Web Panel 0.9.8.838 - User Enumeration
CentOS Control Web Panel 0.9.8.836 - Privilege Escalation
CentOS Control Web Panel 0.9.8.836 - Authentication Bypass
R 3.4.4 (Windows 10 x64) - Buffer Overflow SEH (DEP/ASLR Bypass)
15.7.2019
Bugtraq
Malware
Win32/TrojanDownloader.
Small.PET
Phishing
Vulnerebility
VideoLAN VLC CVE-2019-13602 Heap Based Buffer Overflow Vulnerability
2019-07-14
http://www.securityfocus.com/bid/109158
Exploint
FlightPath < 4.8.2 / < 5.0-rc2 - Local File Inclusion
Microsoft Windows Remote Desktop - 'BlueKeep' Denial of Service (Metasploit)
Android 7 - 9 VideoPlayer - 'ihevcd_parse_pps' Out-of-Bounds Write
CISCO Small Business 200 / 300 / 500 Switches - Multiple Vulnerabilities
NETGEAR WiFi Router JWNR2010v5 / R6080 - Authentication Bypass
Streamripper 2.6 - 'Song Pattern' Buffer Overflow
14.7.2019
Bugtraq
Malware
Phishing
Vulnerebility
Exploint
Microsoft Windows 10.0.17134.648 - HTTP -> SMB NTLM Reflection Leads to Privilege Elevation
11.7.2019
Bugtraq
Malware
Phishing
Vulnerebility
Linux Kernel CVE-2019-11477 Integer Overflow Vulnerability
2019-07-12
http://www.securityfocus.com/bid/108801
Symantec Messaging Gateway CVE-2019-12751 Privilege Escalation Vulnerability
2019-07-12
http://www.securityfocus.com/bid/108925
Oracle July 2019 Critical Patch Update Multiple Vulnerabilities
2019-07-12
http://www.securityfocus.com/bid/109125
Exploint
Xymon 4.3.25 - useradm Command Execution (Metasploit)
Microsoft Font Subsetting - DLL Heap Corruption in ComputeFormat4CmapData
Citrix SD-WAN Appliance 10.2.2 - Authentication Bypass / Remote Command Execution
Jenkins Dependency Graph View Plugin 0.13 - Persistent Cross-Site Scripting
Sahi Pro 8.0.0 - Remote Command Execution
MyT Project Management 1.5.1 - User[username] Persistent Cross-Site Scripting
Tenda D301 v2 Modem Router - Persistent Cross-Site Scripting
11.7.2019
Bugtraq
Malware
Phishing
PayPal | 11th July 2019 |
Vulnerebility
Multiple F5 BIG-IP Products CVE-2019-6631 Denial of Service Vulnerability
2019-07-11
http://www.securityfocus.com/bid/109119
Exploint
Sitecore 9.0 rev 171002 - Persistent Cross-Site Scripting
SNMPc Enterprise Edition 9/10 - Mapping Filename Buffer Overflow
10.7.2019
Bugtraq
Malware
Phishing
Chase Alerts | 9th July 2019 |
Vulnerebility
Symantec Messaging Gateway CVE-2019-12751 Privilege Escalation Vulnerability
2019-07-10
http://www.securityfocus.com/bid/108925s
Exploint
Microsoft DirectWrite / AFDKO - Multiple Bugs in OpenType Font Handling Related to the "post" Table
Microsoft DirectWrite / AFDKO - Heap-Based Buffer Overflow in OpenType Font Handling in readStrings
Microsoft DirectWrite / AFDKO - Heap-Based Buffer Overflow in OpenType Font Handling in readCharset
Microsoft DirectWrite / AFDKO - Heap-Based Buffer Overflow in OpenType Font Handling in readFDSelect
Microsoft DirectWrite / AFDKO - Heap-Based Buffer Overflow in OpenType Font Handling in readEncoding
Microsoft DirectWrite / AFDKO - Use of Uninitialized Memory While Freeing Resources in var_loadavar
Microsoft DirectWrite / AFDKO - Stack Corruption in OpenType Font Handling Due to Negative nAxes
Mozilla Spidermonkey - Unboxed Objects Uninitialized Memory Access
Microsoft Windows - Font Subsetting DLL Heap-Based Out-of-Bounds Read in MergeFonts
9.7.2019
Bugtraq
Malware
Phishing
Vulnerebility
SAP Commerce Cloud CVE-2019-0322 Unspecified Denial of Service Vulnerability
2019-07-09
http://www.securityfocus.com/bid/109076
SAP ERP HCM CVE-2019-0325 Remote Authorization Bypass Vulnerability
2019-07-09
http://www.securityfocus.com/bid/109075
SAP Gateway CVE-2019-0319 Content Injection Vulnerability
2019-07-09
http://www.securityfocus.com/bid/109074
SAP BusinessObjects Business Intelligence Platform CVE-2019-0326 Cross Site Scripting Vulnerability
2019-07-09
http://www.securityfocus.com/bid/109072
SAP NetWeaver AS Java CVE-2019-0327 Arbitrary File Upload Vulnerability
2019-07-09
http://www.securityfocus.com/bid/109071
SAP Information Steward CVE-2019-0329 Cross Site Scripting Vulnerability
2019-07-09
http://www.securityfocus.com/bid/109070
SAP Netweaver Application Server Java CVE-2019-0318 Information Disclosure Vulnerability
2019-07-09
http://www.securityfocus.com/bid/109069
SAP Diagnostics Agent CVE-2019-0330 OS Command Injection Vulnerability
2019-07-09
http://www.securityfocus.com/bid/109068
SAP NetWeaver Process Integration CVE-2019-0328 Code Injection Vulnerability
2019-07-09
http://www.securityfocus.com/bid/109067
Exploint
Firefox 67.0.4 - Denial of Service
Apache mod_ssl < 2.8.7 OpenSSL - 'OpenFuckV2.c' Remote Buffer Overflow (2)
8.7.2019
Bugtraq
Malware
Phishing
Microsoft Hotmail | 8th July 2019 |
Vulnerebility
Redhat Openshift Container Platform CVE-2019-3889 Cross Site Scripting Vulnerability
2019-07-08
http://www.securityfocus.com/bid/109062
Exploint
WordPress Plugin Like Button 1.6.0 - Authentication Bypass
Karenderia Multiple Restaurant System 5.3 - SQL Injection
5.7.2019
Bugtraq
Malware
Phishing
Chase Online | 5th July 2019 |
Vulnerebility
Red Hat Undertow CVE-2019-3888 Information Disclosure Vulnerability
2019-07-05
http://www.securityfocus.com/bid/108739
Exploint
Microsoft Exchange 2003 - base64-MIME Remote Code Execution
Karenderia Multiple Restaurant System 5.3 - Local File Inclusion
4.7.2019
Bugtraq
Malware
Phishing
Microsoft Hotmail | 4th July 2019 |
Vulnerebility
Linux Kernel CVE-2019-11478 Denial of Service Vulnerability
2019-07-04
http://www.securityfocus.com/bid/108798
Linux Kernel CVE-2019-11477 Integer Overflow Vulnerability
2019-07-04
http://www.securityfocus.com/bid/108801
Exploint
3.7.2019
Bugtraq
Malware
Phishing
Vulnerebility
IBM Spectrum Protect Plus Multiple Security Vulnerabilities
2019-07-03
http://www.securityfocus.com/bid/109003
Exploint
Apache Tomcat - CGIServlet enableCmdLineArguments Remote Code Execution (Metasploit)
Serv-U FTP Server - prepareinstallation Privilege Escalation (Metasploit)
Symantec DLP 15.5 MP1 - Cross-Site Scripting
2.7.2019
Bugtraq
Malware
Phishing
Vulnerebility
Exploint
Mac OS X TimeMachine - 'tmdiagnose' Command Injection Privilege Escalation (Metasploit)
Centreon 19.04 - Remote Code Execution
1.7.2019
Bugtraq
Malware
Phishing
Vulnerebility
Linux Kernel CVE-2019-11479 Denial of Service Vulnerability
2019-07-01
http://www.securityfocus.com/bid/108818
Linux Kernel CVE-2019-11478 Denial of Service Vulnerability
2019-07-01
http://www.securityfocus.com/bid/108798
Linux Kernel CVE-2019-11477 Integer Overflow Vulnerability
2019-07-01
http://www.securityfocus.com/bid/108801
ABB PB610 Multiple Security Vulnerabilities
2019-07-01
http://www.securityfocus.com/bid/108886
Multiple ABB Products CVE-2019-7225 Hardcoded Credentials Vulnerability
2019-07-01
http://www.securityfocus.com/bid/108922
Exploint
FaceSentry Access Control System 6.4.8 - Remote SSH Root
FaceSentry Access Control System 6.4.8 - Remote Root Exploit
FaceSentry Access Control System 6.4.8 - Cross-Site Request Forgery
FaceSentry Access Control System 6.4.8 - Remote Command Injection
CyberPanel 1.8.4 - Cross-Site Request Forgery
Sahi pro 8.x - Directory Traversal
SAP Crystal Reports - Information Disclosure
ZoneMinder 1.32.3 - Cross-Site Scripting
PowerPanel Business Edition - Cross-Site Scripting
Linux Mint 18.3-19.1 - 'yelp' Command Injection