Monthly Archive: June 2018

An issue was discovered in Joomla! 2.5.0 through 3.8.8 before 3.8.9. The autoload code checks classnames to be valid, using the "class_exists" function in PHP. In PHP 5.3, this function validates invalid names as...

An XSS issue was discovered in the language switcher module in Joomla! 1.6.0 through 3.8.8 before 3.8.9. In some cases, the link of the current language might contain unescaped HTML special characters. This may...

A vulnerability has been identified in SCALANCE M875 (All versions). An attacker with access to the local file system might obtain passwords for administrative users. Successful exploitation requires read access to files on the...

A vulnerability has been identified in SCALANCE M875 (All versions). The web interface on port 443/tcp could allow a stored Cross-Site Scripting (XSS) attack if an unsuspecting user is tricked into accessing a malicious...

A vulnerability has been identified in SCALANCE M875 (All versions). The web interface on port 443/tcp could allow a Cross-Site Request Forgery (CSRF) attack if an unsuspecting user is tricked into accessing a malicious...

Dell EMC iDRAC Service Module for all supported Linux and XenServer versions v3.0.1, v3.0.2, v3.1.0, v3.2.0, when started, changes the default file permission of the hosts file of the host operating system (/etc/hosts) to...

The UNIX pipe which sudo uses to contact SSSD and read the available sudo rules from SSSD has too wide permissions, which means that anyone who can send a message using the same raw...

ovirt-engine before version ovirt 4.2.2 is vulnerable to an information exposure through log files. When engine-backup was run with one of the options "–provision*db", the database username and password were logged in cleartext. Sharing...

An issue was discovered in the httpd process in multiple models of Axis IP Cameras. There is Memory Corruption. Date published : 2018-06-26 https://www.axis.com/files/faq/Advisory_ACV-128401.pdf https://www.axis.com/files/sales/ACV-128401_Affected_Product_List.pdf

An issue was discovered in multiple models of Axis IP Cameras. There is an Incorrect Size Calculation. Date published : 2018-06-26 https://www.axis.com/files/faq/Advisory_ACV-128401.pdf https://www.axis.com/files/sales/ACV-128401_Affected_Product_List.pdf

An issue was discovered in multiple models of Axis IP Cameras. There is an Exposed Insecure Interface. Date published : 2018-06-26 https://www.axis.com/files/faq/Advisory_ACV-128401.pdf https://www.axis.com/files/sales/ACV-128401_Affected_Product_List.pdf

An issue was discovered in multiple models of Axis IP Cameras. There is a bypass of access control. Date published : 2018-06-26 https://www.axis.com/files/faq/Advisory_ACV-128401.pdf https://www.axis.com/files/sales/ACV-128401_Affected_Product_List.pdf

An issue was discovered in multiple models of Axis IP Cameras. There is Shell Command Injection. Date published : 2018-06-26 https://www.axis.com/files/faq/Advisory_ACV-128401.pdf https://www.axis.com/files/sales/ACV-128401_Affected_Product_List.pdf

There was a Memory Corruption issue discovered in multiple models of Axis IP Cameras which allows remote attackers to cause a denial of service (crash) by sending a crafted command which will result in...