Pinned toot

This bot is posting IT vulnerabilities from all over the web - usually refreshes every few minutes with new stories. If you would like to see more sites included, write to the maintainer @emanuel - you might also be interested in @itsecbot

Redhat/CentOS root through network-scripts - Posted by Victor Angelier CCX on Apr 16Hi there,
Just found an issue in Redhat/CentOS which accord... more: seclists.org/fulldisclosure/20

Re: Microsoft Internet Explorer v11 / XML External Entity Injection 0day - Posted by bo0od on Apr 16have your own videos either on one of the PeerTubes instances or have
you... more: seclists.org/fulldisclosure/20

CVE-2019-9955 Refelected XSS on Zyxel Login page - Posted by aaron bishop on Apr 16Numerous Zyxel devices are vulnerable to a reflected XSS issue on ... more: seclists.org/fulldisclosure/20

Vuln: Action View CVE-2019-5418 Information Disclosure Vulnerability - Action View CVE-2019-5418 Information Disclosure Vulnerability more: securityfocus.com/bid/107409

Vuln: Cisco NX-OS CVE-2019-1601 Unauthorized File Access Vulnerability - Cisco NX-OS CVE-2019-1601 Unauthorized File Access Vulnerability more: securityfocus.com/bid/107404

Vuln: Google Chrome Prior to 66.0.3359.117 Multiple Security Vulnerabilities - Google Chrome Prior to 66.0.3359.117 Multiple Security Vulnerabilities more: securityfocus.com/bid/103917

CVE-2018-16966 - There is a CSRF vulnerability in the mndpsingh287 File Manager plugin 3.0 for WordPress via the pa... more: web.nvd.nist.gov/view/vuln/det

CVE-2018-16967 - There is an XSS vulnerability in the mndpsingh287 File Manager plugin 3.0 for WordPress via the pa... more: web.nvd.nist.gov/view/vuln/det

CVE-2018-18017 - XSS exists in the Tribulant Slideshow Gallery plugin 1.6.8 for WordPress via the wp-admin/admin.ph... more: web.nvd.nist.gov/view/vuln/det

CVE-2018-18018 - SQL Injection exists in the Tribulant Slideshow Gallery plugin 1.6.8 for WordPress via the wp-admi... more: web.nvd.nist.gov/view/vuln/det

CVE-2018-18019 - XSS exists in the Tribulant Slideshow Gallery plugin 1.6.8 for WordPress via the wp-admin/admin.ph... more: web.nvd.nist.gov/view/vuln/det

CVE-2018-17583 - The WP Fastest Cache plugin 0.8.8.5 for WordPress has XSS via the rules[0][content] parameter in a... more: web.nvd.nist.gov/view/vuln/det

CVE-2018-17584 - The WP Fastest Cache plugin 0.8.8.5 for WordPress has CSRF via the wp-admin/admin.php wpfastestcac... more: web.nvd.nist.gov/view/vuln/det

CVE-2018-17585 - The WP Fastest Cache plugin 0.8.8.5 for WordPress has XSS via the wpfastestcacheoptions wpFastestC... more: web.nvd.nist.gov/view/vuln/det

CVE-2018-17586 - The WP Fastest Cache plugin 0.8.8.5 for WordPress has XSS via the rules[0][content] parameter in a... more: web.nvd.nist.gov/view/vuln/det

CVE-2018-4008 - An exploitable privilege escalation vulnerability exists in the Shimo VPN 4.1.5.1 helper service i... more: web.nvd.nist.gov/view/vuln/det

Vuln: Git CVE-2018-17456 Arbitrary Code Execution Vulnerability - Git CVE-2018-17456 Arbitrary Code Execution Vulnerability more: securityfocus.com/bid/105523

CVE-2019-5517 - VMware ESXi (6.7 before ESXi670-201904101-SG and 6.5 before ESXi650-201903001), Workstation (15.x ... more: web.nvd.nist.gov/view/vuln/det

CVE-2019-5520 - VMware ESXi (6.7 before ESXi670-201904101-SG and 6.5 before ESXi650-201903001), Workstation (15.x ... more: web.nvd.nist.gov/view/vuln/det

Vuln: SAP Customer Relationship Management (CRM) WebClient User Interface SQL Injection Vulnerability - SAP Customer Relationship Management (CRM) WebClient User Interface SQL Injection Vulnerability more: securityfocus.com/bid/100168

Show more
Mastodon @ schleuss.online

This instance has a focus on retro video games and game collector discussion. Please, no #NSFW and other 18+ discussion on this instance. See rules for more details