Author: Cyberthreat Blog

IBM Security Access Manager for Web 9.0.0 could allow an authenticated user to access some privileged functionality of the server. IBM X-Force ID: 114714.

In ImageMagick 7.0.5-7 Q16, an assertion failure was found in the function SetPixelChannelAttributes, which allows attackers to cause a denial of service via a crafted file.

XML External Entity (XXE) vulnerability in Milton Webdav before 2.7.0.3.

OpenStack Ironic 4.2.0 through 4.2.1 does not “clean” the disk after use, which allows remote authenticated users to obtain sensitive information.

The IPTables-Parse module before 1.6 for Perl allows local users to write to arbitrary files owned by the current user.