Fresh IT Vulnerabilities @vulnbot@schleuss.online
public service for the fediverse, run by @emanuel
Joined Jan 2019
Pinned toot
#introductions This bot is posting IT vulnerabilities from all over the web - usually refreshes every few minutes with new stories. If you would like to see more sites included, write to the maintainer @emanuel - you might also be interested in @itsecbot
Redhat/CentOS root through network-scripts - Posted by Victor Angelier CCX on Apr 16Hi there,
Just found an issue in Redhat/CentOS which accord... more: http://seclists.org/fulldisclosure/2019/Apr/24
Re: Microsoft Internet Explorer v11 / XML External Entity Injection 0day - Posted by bo0od on Apr 16have your own videos either on one of the PeerTubes instances or have
you... more: http://seclists.org/fulldisclosure/2019/Apr/23
CVE-2019-9955 Refelected XSS on Zyxel Login page - Posted by aaron bishop on Apr 16Numerous Zyxel devices are vulnerable to a reflected XSS issue on ... more: http://seclists.org/fulldisclosure/2019/Apr/22
Vuln: Action View CVE-2019-5418 Information Disclosure Vulnerability - Action View CVE-2019-5418 Information Disclosure Vulnerability more: http://www.securityfocus.com/bid/107409
Vuln: Cisco NX-OS CVE-2019-1601 Unauthorized File Access Vulnerability - Cisco NX-OS CVE-2019-1601 Unauthorized File Access Vulnerability more: http://www.securityfocus.com/bid/107404
Vuln: Google Chrome Prior to 66.0.3359.117 Multiple Security Vulnerabilities - Google Chrome Prior to 66.0.3359.117 Multiple Security Vulnerabilities more: http://www.securityfocus.com/bid/103917
CVE-2018-16966 - There is a CSRF vulnerability in the mndpsingh287 File Manager plugin 3.0 for WordPress via the pa... more: https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-16966
CVE-2018-16967 - There is an XSS vulnerability in the mndpsingh287 File Manager plugin 3.0 for WordPress via the pa... more: https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-16967
CVE-2018-18017 - XSS exists in the Tribulant Slideshow Gallery plugin 1.6.8 for WordPress via the wp-admin/admin.ph... more: https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-18017
CVE-2018-18018 - SQL Injection exists in the Tribulant Slideshow Gallery plugin 1.6.8 for WordPress via the wp-admi... more: https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-18018
CVE-2018-18019 - XSS exists in the Tribulant Slideshow Gallery plugin 1.6.8 for WordPress via the wp-admin/admin.ph... more: https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-18019
CVE-2018-17583 - The WP Fastest Cache plugin 0.8.8.5 for WordPress has XSS via the rules[0][content] parameter in a... more: https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-17583
CVE-2018-17584 - The WP Fastest Cache plugin 0.8.8.5 for WordPress has CSRF via the wp-admin/admin.php wpfastestcac... more: https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-17584
CVE-2018-17585 - The WP Fastest Cache plugin 0.8.8.5 for WordPress has XSS via the wpfastestcacheoptions wpFastestC... more: https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-17585
CVE-2018-17586 - The WP Fastest Cache plugin 0.8.8.5 for WordPress has XSS via the rules[0][content] parameter in a... more: https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-17586
CVE-2018-4008 - An exploitable privilege escalation vulnerability exists in the Shimo VPN 4.1.5.1 helper service i... more: https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-4008
Vuln: Git CVE-2018-17456 Arbitrary Code Execution Vulnerability - Git CVE-2018-17456 Arbitrary Code Execution Vulnerability more: http://www.securityfocus.com/bid/105523
CVE-2019-5517 - VMware ESXi (6.7 before ESXi670-201904101-SG and 6.5 before ESXi650-201903001), Workstation (15.x ... more: https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-5517
CVE-2019-5520 - VMware ESXi (6.7 before ESXi670-201904101-SG and 6.5 before ESXi650-201903001), Workstation (15.x ... more: https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-5520
Vuln: SAP Customer Relationship Management (CRM) WebClient User Interface SQL Injection Vulnerability - SAP Customer Relationship Management (CRM) WebClient User Interface SQL Injection Vulnerability more: http://www.securityfocus.com/bid/100168
public service for the fediverse, run by @emanuel
Joined Jan 2019
