Javier García

27 febrero, 2020

Juniper Junos CVE-2020-1606 Directory Traversal Vulnerability

Type: Vulnerability. Juniper Junos is prone to a directory traversal vulnerability; fixes are available. More info: http://www.symantec.com/security_response/vulnerability.jsp?bid=112014&om_rssid=sr-advisories

27 febrero, 2020

Undertow CVE-2020-1745 Arbitrary File Inclusion Vulnerability

Type: Vulnerability. Undertow is prone to an arbitrary file-inclusion vulnerability. More info: http://www.symantec.com/security_response/vulnerability.jsp?bid=112017&om_rssid=sr-advisories

27 febrero, 2020

IBM WebSphere Application Server Liberty CVE-2019-4663 Cross Site Scripting Vulnerability

Type: Vulnerability. IBM WebSphere Application Server Liberty is prone to a cross-site scripting vulnerability; fixes are available. More info: http://www.symantec.com/security_response/vulnerability.jsp?bid=112008&om_rssid=sr-advisories

27 febrero, 2020

Connect2id Nimbus JOSE+JWT CVE-2019-17195 Multiple Security Vulnerabilities

Type: Vulnerability. Connect2id Nimbus JOSE+JWT is prone to multiple security vulnerabilities; fixes are available. More info: http://www.symantec.com/security_response/vulnerability.jsp?bid=112015&om_rssid=sr-advisories

27 febrero, 2020

Multiple Vulnerabilities Patched in Pricing Table by Supsystic Plugin

https://www.wordfence.com/blog/2020/02/multiple-vulnerabilities-patched-in-pricing-table-by-supsystic-plugin/ On January 17th, our Threat Intelligence Team discovered several vulnerabilities in Pricing Table by Supsystic, a WordPress plugin installed on over 40,000 sites. These flaws allowed an unauthenticated user to execute several AJAX actions due to an insecure permissions weakness. Attackers were also able to inject malicious Javascript due to a Cross-Site Scripting (XSS) […] More info: https://www.wordfence.com/blog/2020/02/multiple-vulnerabilities-patched-in-pricing-table-by-supsystic-plugin/

27 febrero, 2020

HP LinuxKI CVE-2020-7209 Multiple Unspecified Remote Code Execution Vulnerabilities

Type: Vulnerability. HP LinuxKI is prone to multiple unspecified remote code-execution vulnerabilities; fixes are available. More info: http://www.symantec.com/security_response/vulnerability.jsp?bid=112010&om_rssid=sr-advisories

27 febrero, 2020

Pricing Table by Supsystic < 1.8.2 – Insecure Permissions on AJAX Actions

https://wpvulndb.com/vulnerabilities/10090 More info: https://wpvulndb.com/vulnerabilities/10090

26 febrero, 2020

HP System Event Utility CVE-2019-18915 Arbitrary Code Execution Vulnerability

Type: Vulnerability. HP System Event Utility is prone to an arbitrary code-execution vulnerability; fixes are available. More info: http://www.symantec.com/security_response/vulnerability.jsp?bid=112005&om_rssid=sr-advisories

26 febrero, 2020

Apache Kylin CVE-2020-1937 SQL Injection Vulnerability

Type: Vulnerability. Apache Kylin is prone to an SQL-injection vulnerability; fixes are available. More info: http://www.symantec.com/security_response/vulnerability.jsp?bid=112006&om_rssid=sr-advisories

26 febrero, 2020

Webkit CVE-2019-8762 Cross Site Scripting Vulnerability

Type: Vulnerability. Webkit is prone to a cross-site scripting vulnerability; fixes are available. More info: http://www.symantec.com/security_response/vulnerability.jsp?bid=112007&om_rssid=sr-advisories