![]() IBM MQ 8.0.0.4 - 8.0.0.12, 9.0.0.0 - 9.0.0.6, 9.1.0.0 - 9.1.0.2, and 9.1.0 - 9.1.2 AMQP Listeners could allow an unauthorized user to conduct a session fixation attack due to clients not being disconnected as they should. Libsoup from versions 2.65.1 until 2.68.1 have a heap-based buffer over-read because soup_ntlm_parse_challenge() in soup-auth-ntlm.c does not properly check an NTLM message's length before proceeding with a memcpy. If this vulnerability is exploited, FON routers may be leveraged for DNS amplification attacks to some other entities. It is related to net.sf.įON2601E-SE, FON2601E-RE, FON2601E-FSW-S, and FON2601E-FSW-B with firmware versions 1.1.7 and earlier contain an issue where they may behave as open resolvers. In Centreon VM through 19.04.3, allows attackers to become root via a crafted script, due to incorrect rights of sourced configuration files.Ī Polymorphic Typing issue was discovered in FasterXML jackson-databind before 2.9.10. The new-contact-form-widget (aka Contact Form Widget - Contact Query, Form Maker) plugin 1.0.9 for WordPress has SQL Injection via all-query-page.php. ![]() Please note that some of the information in the bulletin is compiled from external, open-source reports and is not a direct result of CISA analysis.Īdhouma CMS through has SQL Injection via the post.php p_id parameter. Patch information is provided when available. This information may include identifying information, values, definitions, and related links.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |