File Manager <= 2.9 – Authenticated Cross-Site Scripting (XSS)
More info:
https://wpvulndb.com/vulnerabilities/9126
FV Flowplayer Video Player 6.1.2-6.6.4 – Unspecified Cross-Site Scripting (XSS)
More info:
https://wpvulndb.com/vulnerabilities/9125
DSA-4287 firefox-esr – security update
Several security issues have been found in the Mozilla Firefox webbrowser: Multiple memory safety errors and use-after-frees may lead tothe execution of arbitrary code or denial of service.
More info:
https://www.debian.org/security/2018/dsa-4287
DSA-4287 firefox-esr – security update
Several security issues have been found in the Mozilla Firefox webbrowser: Multiple memory safety errors and use-after-frees may lead tothe execution of arbitrary code or denial of service.
More info:
https://www.debian.org/security/2018/dsa-4287
Linux Kernel Updates to address SegmentSmack & FragmentSmack
August 21, 2018 4:00 AM PDT CVE Identifiers: CVE-2018-5390 (SegmentSmack), CVE-2018-5391 (FragmentSmack) AWS is aware of two recently-disclosed security issues, commonly referred to as SegmentSmack and FragmentSmack, both of which affect the TCP and IP processing subsystem of several popular operating systems including Linux. With the exception of the AWS services listed below, no customer action is required to address these issues. Customers not using Amazon Linux should contact their
More info:
https://aws.amazon.com/security/security-bulletins/AWS-2018-018/
DSA-4288 ghostscript – security update
Tavis Ormandy discovered multiple vulnerabilites in Ghostscript, aninterpreter for the PostScript language, which could result in denial ofservice, the creation of files or the execution of arbitrary code if amalformed Postscript file is processed (despite the dSAFER sandbox beingenabled).
More info:
https://www.debian.org/security/2018/dsa-4288
DSA-4289 chromium-browser – security update
Several vulnerabilities have been discovered in the chromium web browser.
More info:
https://www.debian.org/security/2018/dsa-4289
BIG-IP Configuration utility vulnerability CVE-2015-4040
BIG-IP Configuration utility vulnerability CVE-2015-4040. Security Advisory. Security Advisory Description. Directory traversal ...
More info:
https://support.f5.com/csp/article/K17253
Linux Kernel Updates to address SegmentSmack & FragmentSmack
August 21, 2018 4:00 AM PDT CVE Identifiers: CVE-2018-5390 (SegmentSmack), CVE-2018-5391 (FragmentSmack) AWS is aware of two recently-disclosed security issues, commonly referred to as SegmentSmack and FragmentSmack, both of which affect the TCP and IP processing subsystem of several popular operating systems including Linux. With the exception of the AWS services listed below, no customer action is required to address these issues. Customers not using Amazon Linux should contact their
More info:
https://aws.amazon.com/security/security-bulletins/AWS-2018-018/
UserPro <= 4.9.23 – Cross-Site Scripting (XSS)
More info:
https://wpvulndb.com/vulnerabilities/9124