Debian Linux Security Advisory 4508-1 - Three vulnerabilities were discovered in the HTTP/2 code of the H2O HTTP server, which could result in denial of service.
76fb0e4122080bc139ebee645c30819fe3573ab5a085d5f2008858e042069625
Webmin version 1.890 (based on 1.920 research) expired remote root exploit.
a6a036a769a8e7b287b106998aecc0d0606fab73f1bcd56db60804eebb9820a9
Django CRM version 0.2.1 suffers from multiple cross site request forgery vulnerabilities.
72f9f9a34a620b71f3ca6c75a8db1a9a38b3efcd26f65af797819b59d697faf1
tinc is a Virtual Private Network (VPN) daemon that uses tunneling and encryption to create a secure private network between multiple hosts on the Internet. This tunneling allows VPN sites to share information with each other over the Internet without exposing any information.
40f73bb3facc480effe0e771442a706ff0488edea7a5f2505d4ccb2aa8163108
haveged is a daemon that feeds the /dev/random pool on Linux using an adaptation of the HArdware Volatile Entropy Gathering and Expansion algorithm invented at IRISA. The algorithm is self-tuning on machines with cpuid support, and has been tested in both 32-bit and 64-bit environments. The tarball uses the GNU build mechanism, and includes self test targets and a spec file for those who want to build an RPM.
4d4c046755476d3734ffb78772c242c25913ff0eb7509c143671dae6ec9d1189
CentOS version 7.6.1810 with Control Web Panel version 0.9.8.837 suffers from a cross site request forgery vulnerability.
ac74f5f7b06a995d875030245867e034334374afc0f014487faf49f644264983
CentOS version 7.6.1810 with Control Web Panel version 0.9.8.837 suffers from a persistent cross site scripting vulnerability.
75c43595c2ca8facaf005e68f433a5fb50f881898e16454e23e33907ffc28ffc
Plexo Torresoft Alex Torres Software version 2.0 suffers from cross site scripting and remote SQL injection vulnerabilities.
722f9c3eaa3d8b522543f41484a8670a88a5076220141614a2ffe3bef2561153
Debian Linux Security Advisory 4507-1 - Several vulnerabilities were discovered in Squid, a fully featured web proxy cache. The flaws in the HTTP Digest Authentication processing, the HTTP Basic Authentication processing and in the cachemgr.cgi allowed remote attackers to perform denial of service and cross-site scripting attacks, and potentially the execution of arbitrary code.
102dff8cdfc700c7a5976e0e1116143994d1ce59068df780c80abd9cf39dc312
Debian Linux Security Advisory 4506-1 - Multiple security issues were discovered in QEMU, a fast processor emulator, which could result in denial of service, the execution of arbitrary code or bypass of ACLs.
0a9a1b1a0cab98c6651b1d4d4ea0820c2dfe3abacd74c28f7e84a1abd8362147
openITCOCKPIT version 3.6.1-2 suffers from a cross site request forgery vulnerability.
cd8f018132601492c9039f8b48c44521cfef46e4288883b098d8018582a2e42e
Joomla version 1.5.26 with EstateAgent component version 3.x suffers from a remote SQL injection vulnerability.
f7570538cd1338ffc96ca5f0edda227eba2222617437ebe728f0f96c2b5f136e
Joomla version 1.5.26 with OrgChart component version 1.0.0 suffers from cross site scripting and remote SQL injection vulnerabilities.
b64254fbbce2c2fc4169e3cfde923448d12ea251398ca0cc215640d95be1d1c3
Joomla version 1.5.26 with FireBoard component version 1.1.3 suffers from a remote SQL injection vulnerability.
78321e2b6dba443445bbc1515bc3f5f911e72c841799d051bb960dc4a25041c5
Joomla version 1.5.26 with AlphaContent component 3.x suffers from a remote SQL injection vulnerability.
f6dc25da7af6ecb5198ac056f7c2db5af2917b692ab1f6ffb797a66b46633087
Apache Tapestry version 5.3.6 suffers from a timing attack vulnerability during HMAC verification.
2b8427db67e3d329acc8cb4dfc1895672828a371a3235ea047dedb0c4abe8079
WordPress UserPro versions 4.9.32 and below suffer from a cross site scripting vulnerability.
4e3d7ad441551b0b5e4a6cec1ebb421d4817843f9730abde7ea297949ef18a1a
ProGrade/Lierda Grill Temperature version 1.00_50006 suffers from having hard-coded credentials that allow for denial of service and information disclosure attacks.
7bcfdcb77f709ae35ff2e89f98e029bf7aef605975fd373de4d3f1ca74c07bc9