Duplicate Page <= 3.3 – Authenticated SQL Injection
More info:
https://wpvulndb.com/vulnerabilities/9251
Drupal core – Highly critical – Remote Code Execution – SA-CORE-2019-003
Project: Drupal coreDate: 2019-February-20Security risk: Highly critical 23∕25 AC:None/A:None/CI:All/II:All/E:Exploit/TD:UncommonVulnerability: Remote Code ExecutionCVE IDs: CVE-2019-6340Description: Some field types do not properly sanitize data from non-form sources. This can lead to arbitrary PHP code execution in some cases.A site is only affected by this if one of the following conditions is met:The site has the Drupal 8 core RESTful Web Services (rest) module enabled and allows
More info:
https://www.drupal.org/sa-core-2019-003
DSA-4425 wget – security update
Kusano Kazuhiko discovered a buffer overflow vulnerability in thehandling of Internationalized Resource Identifiers (IRI) in wget, anetwork utility to retrieve files from the web, which could result inthe execution of arbitrary code or denial of service when recursivelydownloading from an untrusted server.
More info:
https://www.debian.org/security/2019/dsa-4425