Oracle Security Alert for CVE-2017-10151 – 27 October 2017

Oct27
by Ike on October 27, 2017 at 7:30 pm
Posted In: Community, MYSQL, Releases
 Comment 

Oracle Critical Patch Update Advisory – October 2017

Oct17
by Ike on October 17, 2017 at 7:30 pm
Posted In: Community, MYSQL, Releases
 Comment 

Oracle Security Alert for CVE-2017-9805 – 22 September 2017

Sep22
by Ike on September 22, 2017 at 7:30 pm
Posted In: Community, MYSQL, Releases
 Comment 

[20170902] – Core – LDAP Information Disclosure

Sep19
by Ike on September 19, 2017 at 2:00 pm
Posted In: CMS, Joomla, security, Security Centre
  • Project: Joomla!
  • SubProject: CMS
  • Severity: Medium
  • Versions: 1.5.0 through 3.7.5
  • Exploit type: Information Disclosure
  • Reported Date: 2017-July-27
  • Fixed Date: 2017-September-19
  • CVE Number: CVE-2017-14596

Description

Inadequate escaping in the LDAP authentication plugin can result into a disclosure of username and password.

Affected Installs

Joomla! CMS versions 1.5.0 through 3.7.5

Solution

Upgrade to version 3.8.0

Contact

The JSST at the Joomla! Security Centre.

Reported By: Dr. Johannes Dahse, RIPS Technologies GmbH

└ Tags:
 Comment 

[20170901] – Core – Information Disclosure

Sep19
by Ike on September 19, 2017 at 2:00 pm
Posted In: CMS, Joomla, security, Security Centre
  • Project: Joomla!
  • SubProject: CMS
  • Severity: Low
  • Versions: 3.7.0 through 3.7.5
  • Exploit type: Information Disclosure
  • Reported Date: 2017-August-4
  • Fixed Date: 2017-September-19
  • CVE Number: CVE-2017-14595

Description

A logic bug in a SQL query could lead to the disclosure of article intro texts when these articles are in the archived state.

Affected Installs

Joomla! CMS versions 3.7.0 through 3.7.5

Solution

Upgrade to version 3.8.0

Contact

The JSST at the Joomla! Security Centre.

Reported By: Michal Prochaczek

└ Tags:
 Comment 

50 queries. 8.5 mb Memory usage. 0.247 seconds.