Computrols CBAS 18.0.0 allows unprotected Subversion (SVN) directory / source code disclosure. Date published : 2019-05-23 http://packetstormsecurity.com/files/155248/Computrols-CBAS-Web-19.0.0-Information-Disclosure.html https://applied-risk.com/index.php/download_file/view/196/165
Computrols CBAS 18.0.0 allows Unauthenticated Reflected Cross-Site Scripting vulnerabilities in the login page and password reset page via the username GET parameter. Date published : 2019-05-23 http://packetstormsecurity.com/files/155257/Computrols-CBAS-Web-19.0.0-Cross-Site-Scripting.html https://applied-risk.com/index.php/download_file/view/196/165
An issue is present in Apache ZooKeeper 1.0.0 to 3.4.13 and 3.5.0-alpha to 3.5.4-beta. ZooKeeper’s getACL() command doesn’t check any permission when retrieves the ACLs of the requested node and returns all information contained...
In Hazelcast before 3.11, the cluster join procedure is vulnerable to remote code execution via Java deserialization. If an attacker can reach a listening Hazelcast instance with a crafted JoinRequest, and vulnerable classes exist...
OX Software GmbH OX App Suite 7.8.4 and earlier is affected by: Information Exposure. Date published : 2019-05-22 https://documentation.open-xchange.com/7.8.3/release-notes/release-notes.html http://ox.com
OX Software GmbH OX App Suite 7.8.4 and earlier is affected by: Cross Site Scripting (XSS). Date published : 2019-05-22 https://documentation.open-xchange.com/7.8.3/release-notes/release-notes.html http://ox.com
Open-Xchange GmbH OX Cloud Plugins 1.4.0 and earlier is affected by: Missing Authorization. Date published : 2019-05-22 https://software.open-xchange.com/products/appsuite/doc/Release_Notes_for_Patch_Release_4137_1.2.2_2017-05-12.pdf http://open-xchange.com
Open-Xchange GmbH OX App Suite 7.8.3 and earlier is affected by: Content Spoofing. Date published : 2019-05-22 https://documentation.open-xchange.com/7.10.0/release-notes/release-notes.html http://open-xchange.com
Open-Xchange GmbH OX App Suite 7.8.3 and earlier is affected by: Incorrect Access Control. Date published : 2019-05-22 https://documentation.open-xchange.com/7.10.0/release-notes/release-notes.html http://open-xchange.com
Open-Xchange GmbH OX App Suite 7.8.3 and earlier is affected by: Incorrect Access Control. Date published : 2019-05-22 https://documentation.open-xchange.com/7.10.0/release-notes/release-notes.html http://open-xchange.com
WordPress 4.7.2 mishandles listings of post authors, which allows remote attackers to obtain sensitive information (Path Disclosure) via a /wp-json/oembed/1.0/embed?url= request, related to the "author_name":" substring. Date published : 2019-05-22 http://www.securityfocus.com/bid/108459 https://github.com/CFSECURITE/wordpress
In libavcodec in Libav 9.21, ff_h264_execute_ref_pic_marking() has a heap-based buffer over-read. Date published : 2019-05-22 https://bugzilla.libav.org/show_bug.cgi?id=1019 https://patches.libav.org/patch/62534/
Odoo Version
Open-Xchange GmbH OX App Suite 7.8.3 and earlier is affected by: Cross Site Scripting (XSS). Date published : 2019-05-22 https://documentation.open-xchange.com/7.8.4/release-notes/release-notes.html http://open-xchange.com