Your weekly vulnerability report to keep you up-to-date with the latest vulnerabilities in the wild. – Mr. H
1. ImageMagick – A vulnerability was reported in ImageMagick. A remote user can cause arbitrary code to be executed on the target user’s system.
2. Ruby – Several vulnerabilities were reported in Ruby in the RubyGems component. A local user can cause denial of service conditions on the target system. A remote user can cause files to be overwritten on the target system. A remote user can hijack DNS session.
3. Pulse Connect Secure (formerly Juniper Pulse Secure) – A vulnerability was reported in Pulse Connect Secure. A remote user can conduct cross-site request forgery attacks.
4. Cisco Meeting Server – A vulnerability was reported in Cisco Meeting Server. A local user can obtain root privileges on the target system.
5. Red Hat Certificate Server – A vulnerability was reported in Red Hat Certificate Server. A remote authenticated user can cause the target service to crash.
6. Wireshark – Several vulnerabilities were reported in Wireshark. A remote user can cause denial of service conditions on the target system.
7. Asterisk – A vulnerability was reported in Asterisk. A remote user can hijack the target media session.
8. Asterisk – A vulnerability was reported in Asterisk. A remote user can cause the target service to crash.
9. Palo Alto PAN-OS – A vulnerability was reported in Palo Alto PAN-OS. A remote user can conduct cross-site scripting attacks.
10. Asterisk – A vulnerability was reported in Asterisk. A remote authenticated user can execute arbitrary commands on the target system.
11. Palo Alto PAN-OS – A vulnerability was reported in Palo Alto PAN-OS. A remote user can conduct XML external entity attacks to obtain information on the target system.
Add Comment