Ultimate Member <= 2.0.32 – Cross-Site Request Forgery (CSRF)
More info:
https://wpvulndb.com/vulnerabilities/9152
X.Org X server vulnerability CVE-2018-14665
X.Org X server vulnerability CVE-2018-14665. Security Advisory. Security Advisory Description. A flaw was found in xorg ...
More info:
https://support.f5.com/csp/article/K03073656
RHSA-2018:3676-1: Moderate: .NET Core on Red Hat Enterprise Linux security update
Red Hat Enterprise Linux: An update for rh-dotnet21-dotnet is now available for .NET Core on Red HatEnterprise Linux.Red Hat Product Security has rated this update as having a security impact ofModerate. A Common Vulnerability Scoring System (CVSS) base score, which gives adetailed severity rating, is available for each vulnerability from the CVElink(s) in the References section. CVE-2018-8416
More info:
http://rhn.redhat.com/errata/RHSA-2018-3676.html
RHSA-2018:3676-1: Moderate: .NET Core on Red Hat Enterprise Linux security update
Red Hat Enterprise Linux: An update for rh-dotnet21-dotnet is now available for .NET Core on Red HatEnterprise Linux.Red Hat Product Security has rated this update as having a security impact ofModerate. A Common Vulnerability Scoring System (CVSS) base score, which gives adetailed severity rating, is available for each vulnerability from the CVElink(s) in the References section. CVE-2018-8416
More info:
http://rhn.redhat.com/errata/RHSA-2018-3676.html
Navigating Data Responsibility
http://feedproxy.google.com/~r/sucuri/blog/~3/LBF_N8CwTY4/navigating-data-responsibility.html As we take a step back and think about how much the Internet has grown over the past 20 years, we realize how much content/data has been made available to everyone. Moving forward, there’s no reason to expect data availability to slow down. In fact, insideBIGDATA claims: There are many sources that predict exponential […]
More info:
http://feedproxy.google.com/~r/sucuri/blog/~3/LBF_N8CwTY4/navigating-data-responsibility.html
DSA-4344 roundcube – security update
Aidan Marlin discovered that roundcube, a skinnable AJAX based webmailsolution for IMAP servers, is prone to a cross-site scriptingvulnerability in handling invalid style tag content.
More info:
https://www.debian.org/security/2018/dsa-4344
DSA-4343 liblivemedia – security update
It was discovered that a buffer overflow in liveMedia, a set of C++libraries for multimedia streaming could result in the execution ofarbitrary code when parsing a malformed RTSP stream.
More info:
https://www.debian.org/security/2018/dsa-4343
Download WP-DBManager <= 2.79.1 – Arbitrary File Delete
https://wpvulndb.com/vulnerabilities/9151
More info:
https://wpvulndb.com/vulnerabilities/9151
VMware and the Tianfu Cup PWN Contest
Update November 22, 2018 – Release of VMware Security Advisory VMSA-2018-0030 Today VMware has released the following new security advisory: VMSA-2018-0030 – VMware Workstation and Fusion updates address an integer overflow issue. The advisory documents the remediation of the critical severity vulnerability which was demonstrated at the Tianfu Cup PWN Contest. This issue affects VMware […]The post VMware and the Tianfu Cup PWN Contest appeared first on VMware Security &
More info:
https://blogs.vmware.com/security/2018/11/vmware-and-the-tianfu-cup-pwn-contest.html
Download WP-DBManager <= 2.79.1 – Arbitrary File Delete
More info:
https://wpvulndb.com/vulnerabilities/9151