Open Bugtraq


2017-03-30
Med.
2017-03-29
Low
Low
Low
High
Med.
2017-03-28
High
Med.
High
Med.
High
Med.
Med.


The latest CVEs

2017-03-29
CVE-2017-7298 Moodle Moodle
In Moodle 3.2.2+, there is XSS in the Course summary filter of the "Add a new course" page, as demonstrated by a crafted attribute of an SVG element.

2017-03-28
CVE-2017-2686 Siemens Ruggedcom rox i
Siemens RUGGEDCOM ROX I (all versions) contain a vulnerability that could allow an authenticated user to read arbitrary files through the web interface at port 10000/TCP and access sensitive information.

CVE-2017-2687 Siemens Ruggedcom rox i
Siemens RUGGEDCOM ROX I (all versions) contain a vulnerability in the integrated web server at port 10000/TCP which is prone to reflected Cross-Site Scripting attacks if an unsuspecting user is induced to click on a malicious link.

2017-03-27
CVE-2015-8309 Fomori Cherrymusic
Directory traversal vulnerability in Cherry Music before 0.36.0 allows remote authenticated users to read arbitrary files via the "value" parameter to "download."

CVE-2015-8310 Fomori Cherrymusic
Cross-site scripting (XSS) vulnerability in Cherry Music before 0.36.0 allows remote authenticated users to inject arbitrary web script or HTML via the playlistname field when creating a new playlist.

CVE-2017-6878 Metinfo Metinfo
Cross-site scripting (XSS) vulnerability in MetInfo 5.3.15 allows remote authenticated users to inject arbitrary web script or HTML via the name_2 parameter to admin/column/delete.php.

CVE-2015-8010 Opensuse project LEAP
Cross-site scripting (XSS) vulnerability in the Classic-UI with the CSV export link and pagination feature in Icinga before 1.14 allows remote attackers to inject arbitrary web script or HTML via the query string to cgi-bin/status.cgi.

CVE-2015-8762 Freeradius Freeradius
The EAP-PWD module in FreeRADIUS 3.0 through 3.0.8 allows remote attackers to cause a denial of service (NULL pointer dereference and server crash) via a zero-length EAP-PWD packet.

CVE-2015-8763 Freeradius Freeradius
The EAP-PWD module in FreeRADIUS 3.0 through 3.0.8 allows remote attackers to have unspecified impact via a crafted (1) commit or (2) confirm message, which triggers an out-of-bounds read.

CVE-2015-8764 Freeradius Freeradius
Off-by-one error in the EAP-PWD module in FreeRADIUS 3.0 through 3.0.8, which triggers a buffer overflow.


Dorks


2017-03-29
Low
Zero Security Group
High
Turk@Xtra
Med.
Turk@Xtra
2017-03-28
High
Turk@Xtra
2017-03-27
Low
Turk@Xtra

Copyright 2017, cxsecurity.com