CVE-2017-12419
If, after successful installation of MantisBT through 2.5.2 on MySQL/MariaDB, the administrator does not remove the ‘admin’ directory (as recommended in the “Post-installation and upgrade tasks” section...
Read MoreAuthor: Cyberthreat Blog
Use of the Open Graph Protocol to Disguise Malicious Facebook Links, (Fri, Aug 4th)
Whenever a link is posted to Facebook or other social media sites, the site will likely scan the destination page for Open Graph tags [1]. These tags may provide a link to an image to be displayed, or alternate URLs to be...
Read MoreCVE-2017-12481
The find_option function in option.cc in Ledger 3.1.1 allows remote attackers to cause a denial of service (stack-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted file.
Read MoreCVE-2017-12482
The ledger::parse_date_mask_routine function in times.cc in Ledger 3.1.1 allows remote attackers to cause a denial of service (stack-based buffer overflow and application crash) or possibly have unspecified other impact via a...
Read MoreCVE-2017-1331
IBM Content Navigator 2.0.3 and 3.0.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to...
Read More