Drupal vulnerability CVE-2018-7600
Drupal vulnerability CVE-2018-7600. Security Advisory. Security Advisory Description. Drupal before 7.58, 8.x before 8.3 ...
More info:
https://support.f5.com/csp/article/K22854260
Drupal vulnerability CVE-2018-7600
Drupal vulnerability CVE-2018-7600. Security Advisory. Security Advisory Description. Drupal before 7.58, 8.x before 8.3 ...
More info:
https://support.f5.com/csp/article/K22854260
Drupal core – Highly critical – Remote Code Execution – SA-CORE-2018-002
Project: Drupal coreDate: 2018-March-28Security risk: Highly critical 21∕25 AC:None/A:None/CI:All/II:All/E:Theoretical/TD:DefaultVulnerability: Remote Code Execution Description: CVE: CVE-2018-7600A remote code execution vulnerability exists within multiple subsystems of Drupal 7.x and 8.x. This potentially allows attackers to exploit multiple attack vectors on a Drupal site, which could result in the site being completely compromised.The security team has written an FAQ about this
More info:
https://www.drupal.org/sa-core-2018-002
Activity Log <= 2.4.0 – Multiple Cross-Site Scripting (XSS)
More info:
https://wpvulndb.com/vulnerabilities/9049
cURL and libcurl vulnerability CVE-2017-2628
cURL and libcurl vulnerability CVE-2017-2628. Security Advisory. Security Advisory Description. cURL, as shipped in Red ...
More info:
https://support.f5.com/csp/article/K35453761
Events Manager <= 5.8.1.1 – Unauthenticated Stored XSS
More info:
https://wpvulndb.com/vulnerabilities/9047
DSA-4154 net-snmp – security update
A heap corruption vulnerability was discovered in net-snmp, a suite ofSimple Network Management Protocol applications, triggered when parsingthe PDU prior to the authentication process. A remote, unauthenticatedattacker can take advantage of this flaw to crash the snmpd process(causing a denial of service) or, potentially, execute arbitrary codewith the privileges of the user running snmpd.
More info:
https://www.debian.org/security/2018/dsa-4154
DSA-4134 util-linux – security update
Bjorn Bosselmann discovered that the umount bash completion fro
More info:
https://www.debian.org/security/2018/dsa-4134
DSA-4153 firefox-esr – security update
It was discovered that a use-after-free in the compositor of Firefoxcan result in the execution of arbitrary code.
More info:
https://www.debian.org/security/2018/dsa-4153
DSA-4152 mupdf – security update
Two vulnerabilities were discovered in MuPDF, a PDF, XPS, and e-bookviewer, which may result in denial of service or remote code execution.An attacker can craft a PDF document which, when opened in the victimhost, might consume vast amounts of memory, crash the program, or, insome cases, execute code in the context in which the application isrunning.
More info:
https://www.debian.org/security/2018/dsa-4152