Fresh IT Vulnerabilities @vulnbot@schleuss.online

#introductions This bot is posting IT vulnerabilities from all over the web - usually refreshes every few minutes with new stories. If you would like to see more sites included, write to the maintainer @emanuel - you might also be interested in @itsecbot

CVE-2019-8354 - An issue was discovered in SoX 14.4.2. lsx_make_lpf in effect_i_dsp.c has an integer overflow on t... more: https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-8354

CVE-2019-8355 - An issue was discovered in SoX 14.4.2. In xmalloc.h, there is an integer overflow on the result of... more: https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-8355

CVE-2019-8356 - An issue was discovered in SoX 14.4.2. One of the arguments to bitrv2 in fft4g.c is not guarded, s... more: https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-8356

CVE-2019-8357 - An issue was discovered in SoX 14.4.2. lsx_make_lpf in effect_i_dsp.c allows a NULL pointer derefe... more: https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-8357

CVE-2013-2516 - Vulnerability in FileUtils v0.7, Ruby Gem Fileutils <= v0.7 Command Injection vulnerability in ... more: https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-2516

CVE-2013-2565 - A vulnerability in Mambo CMS v4.6.5 where the scripts thumbs.php, editorFrame.php, editor.php, ima... more: https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-2565

CVE-2013-5654 - Vulnerability in YingZhi Python Programming Language v1.9 allows arbitrary anonymous uploads to th... more: https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-5654

CVE-2015-4615 - Vulnerability in Easy2map-photos WordPress Plugin v1.09 allows SQL Injection via unsanitized mapTe... more: https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-4615

CVE-2015-4617 - Vulnerability in Easy2map-photos WordPress Plugin v1.09 MapPinImageUpload.php and MapPinIconSave.p... more: https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-4617

CVE-2017-1695 - IBM QRadar SIEM 7.2 and 7.3 uses weaker than expected cryptographic algorithms that could allow an... more: https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-1695

CVE-2018-1701 - IBM InfoSphere Information Server 11.7 could allow an authenciated user under specialized conditio... more: https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-1701

CVE-2018-1727 - IBM InfoSphere Information Server 9.1, 11.3, 11.5, and 11.7 is vulnerable to a XML External Entity... more: https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-1727

CVE-2018-1895 - IBM InfoSphere Information Server 11.3, 11.5, and 11.7 is vulnerable to cross-site scripting. This... more: https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-1895

CVE-2019-4059 - IBM Rational ClearCase 1.0.0.0 GIT connector does not sufficiently protect the document database p... more: https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-4059

CVE-2019-0266 - Under certain conditions SAP HANA Extended Application Services, version 1.0, advanced model (XS a... more: https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-0266

CVE-2019-0267 - SAP Manufacturing Integration and Intelligence, versions 15.0, 15.1 and 15.2, (Illuminator Servlet... more: https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-0267

CVE-2019-0257 - Customizing functionality of SAP NetWeaver AS ABAP Platform (fixed in versions from 7.0 to 7.02, f... more: https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-0257

CVE-2019-0258 - SAP Disclosure Management, version 10.01, does not perform necessary authorization checks for an a... more: https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-0258

CVE-2019-0259 - SAP BusinessObjects, versions 4.2 and 4.3, (Visual Difference) allows an attacker to upload any fi... more: https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-0259

CVE-2019-0261 - Under certain circumstances, SAP HANA Extended Application Services, advanced model (XS advanced) ... more: https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-0261