Vulnerability Summary for the Week of January 8, 2018 | CISA
adobe — flash An Out-of-bounds Read issue was discovered in Adobe Flash Player before 28.0.0.137. This vulnerability occurs because of computation that reads data that is past the end of…
Security Information and News
adobe — flash An Out-of-bounds Read issue was discovered in Adobe Flash Player before 28.0.0.137. This vulnerability occurs because of computation that reads data that is past the end of…
3par — service_processor A security vulnerability was identified in 3PAR Service Processor (SP) prior to SP-4.4.0.GA-110(MU7). The vulnerability may be exploited remotely to allow cross-site request forgery. 2018-08-14 not yet…
apache — hive In Apache Hive 2.3.3, 3.1.0 and earlier, local resources on HiveServer2 machines are not properly protected against malicious user if ranger, sentry or sql standard authorizer is…
afian — filerun FileRun 2019.05.21 allows XSS via the filename to the ?module=fileman§ion=do&page=up URI. 2019-06-20 4.3 CVE-2019-12905MISC alpinelinux — abuild Alpine Linux abuild through 3.4.0 allows an unprivileged member of…
3s-smart — multiple_codesys_products 3S-Smart CODESYS SP Realtime NT before V2.3.7.28, CODESYS Runtime Toolkit 32 bit full before V2.4.7.54, and CODESYS PLCWinNT before V2.4.7.54 allow a NULL pointer dereference. 2019-12-20 not…
oracle — graalvm_enterprise_edition Vulnerability in the Oracle GraalVM Enterprise Edition product of Oracle GraalVM (component: Tools). Supported versions that are affected are 19.3.1 and 20.0.0. Difficult to exploit vulnerability allows…
PrimaryVendor — Product Description Discovered Published CVSS Score Source & Patch Info Apache Software Foundation — Apache HTTP Server Cross-site scripting (XSS) vulnerability in the (1) mod_imap module in the…
apple — mac_os_x Directory Service in Apple Mac OS X through 10.6.8 allows remote attackers to execute arbitrary code or cause a denial of service (daemon crash) via a crafted…
PrimaryVendor — Product Description Discovered Published CVSS Score Source & Patch Info alain_barbet — filesys_smbclientparser The Filesys::SmbClientParser module 2.7 and earlier for Perl allows remote SMB servers to execute arbitrary…
adtran — netvanta_7060 Cross-site scripting (XSS) vulnerability in the GUI login page in ADTRAN AOS before R10.8.1 on the NetVanta 7100 allows remote attackers to inject arbitrary web script or…