GD bbPress Attachments <= 2.5 – Authenticated Stored XSS
https://wpvulndb.com/vulnerabilities/9082
More info:
https://wpvulndb.com/vulnerabilities/9082
Xen Security Advisories 260-262 (XSA-260, XSA-261, XSA-262)
2018/05/08 10:00AM PDT CVE Identifiers: CVE-2018-8897 The Xen Security Team has released Xen Security Advisories 260, 261 and 262 regarding the Xen hypervisor. AWS customers data and instances are not affected by this issue, and no customer action is required.
More info:
https://aws.amazon.com/security/security-bulletins/AWS-2018-014/
WP User Groups <= 2.0.0 – Cross-Site Request Forgery (CSRF)
https://wpvulndb.com/vulnerabilities/9081
More info:
https://wpvulndb.com/vulnerabilities/9081
DSA-4201 xen – security update
Multiple vulnerabilities have been discovered in the Xen hypervisor:
More info:
https://www.debian.org/security/2018/dsa-4201
WP Live Chat Support <= 8.0.07 – Cross-Site Scripting (XSS)
More info:
https://wpvulndb.com/vulnerabilities/9085
WP ULike <= 3.1 – Unauthenticated Stored XSS
https://wpvulndb.com/vulnerabilities/9083
More info:
https://wpvulndb.com/vulnerabilities/9083
Metronet Tag Manager <= 1.2.7 – Cross-Site Request Forgery (CSRF)
More info:
https://wpvulndb.com/vulnerabilities/9084
DSA-4200 kwallet-pam – security update
Fabian Vogt discovered that incorrect permission handling in the PAMmodule of the KDE Wallet could allow an unprivileged local user to gainownership of arbitrary files.
More info:
https://www.debian.org/security/2018/dsa-4200
Últimas Vulnerabilidades 1970-01-01 02:00:00
Oracle Java SE vulnerability CVE-2018-2799
Oracle Java SE vulnerability CVE-2018-2799. Security Advisory. Security Advisory Description. Vulnerability in the Java ...
More info:
https://support.f5.com/csp/article/K33924005