Pie Register <= 3.0.9 – Authenticated Blind SQL Injection
More info:
https://wpvulndb.com/vulnerabilities/9094
Node.js vulnerability CVE-2018-7162
Node.js vulnerability CVE-2018-7162. Security Advisory. Security Advisory Description. All versions of Node.js 9.x and 10 ...
More info:
https://support.f5.com/csp/article/K15131064
RHSA-2018:1852-1: Moderate: kernel security update
Red Hat Enterprise Linux: An update for kernel is now available for Red Hat Enterprise Linux 7.Red Hat Product Security has rated this update as having a security impact ofModerate. A Common Vulnerability Scoring System (CVSS) base score, which gives adetailed severity rating, is available for each vulnerability from the CVElink(s) in the References section. CVE-2018-3665
More info:
http://rhn.redhat.com/errata/RHSA-2018-1852.html
Xen Security Advisory 267 (XSA-267)
June 13, 2018 2:00 PM PDT CVE Identifiers: CVE-2018-3665 A new speculative execution side-channel issue concerning Intel processors was discovered by AWS in collaboration with Cyberus Technology. We reported this issue immediately to Intel, which has been working closely with a group of companies to prepare software updates addressing the issue. Intel has assigned CVE-2018-3665 to this issue and has released Intel Security Advisory INTEL-SA-00145. In parallel, the Xen Security Team has
More info:
https://aws.amazon.com/security/security-bulletins/AWS-2018-017/
Pie Register – Authenticated Blind SQL Injection
More info:
https://wpvulndb.com/vulnerabilities/9094
Tooltipy (tooltips for WP) <= 5.0 – Cross-Site Request Forgery (CSRF)
More info:
https://wpvulndb.com/vulnerabilities/9093
DSA-4227 plexus-archiver – security update
Danny Grander discovered a directory traversal flaw in plexus-archiver,an Archiver plugin for the Plexus compiler system, allowing an attackerto overwrite any file writable by the extracting user via a speciallycrafted Zip archive.
More info:
https://www.debian.org/security/2018/dsa-4227
Tooltipy (tooltips for WP) <= 5.0 – Unauthenticated Cross-Site Scripting (XSS)
More info:
https://wpvulndb.com/vulnerabilities/9092
Xen Security Advisory 267 (XSA-267)
June 13, 2018 2:00 PM PDT CVE Identifiers: CVE-2018-3665 A new speculative execution side-channel issue concerning Intel processors was discovered by AWS in collaboration with Cyberus Technology. We reported this issue immediately to Intel, which has been working closely with a group of companies to prepare software updates addressing the issue. Intel has assigned CVE-2018-3665 to this issue and has released Intel Security Advisory INTEL-SA-00145. In parallel, the Xen Security Team has
More info:
https://aws.amazon.com/security/security-bulletins/AWS-2018-017/
Redirection <= 2.7.3 – Authenticated Local File Inclusion
More info:
https://wpvulndb.com/vulnerabilities/9091