Cyberthreat Blog, Author at Cyberthreat Blog from Fortify24x7 Page 27712 of 28129

CVE-2017-8934

Posted by Cyberthreat Blog | May 15, 2017 | CVE Notifications |

PCManFM 1.2.5 insecurely uses /tmp for a socket file, allowing a local user to cause a denial of service (application unavailability).

CVE-2017-7491

Posted by Cyberthreat Blog | May 15, 2017 | CVE Notifications |

In Moodle 2.x and 3.x, a CSRF attack is possible that allows attackers to change the “number of courses displayed in the course overview block” configuration setting.

CVE-2017-7213

Posted by Cyberthreat Blog | May 15, 2017 | CVE Notifications |

Zoho ManageEngine Desktop Central before build 100082 allows remote attackers to obtain control over all connected active desktops via unspecified vectors.

CVE-2017-8930

Posted by Cyberthreat Blog | May 14, 2017 | CVE Notifications |

Multiple cross-site request forgery (CSRF) vulnerabilities in Simple Invoices 2013.1.beta.8 allow remote attackers to hijack the authentication of admins for requests that can (1) create new administrator user accounts and take...

CVE-2017-8928

Posted by Cyberthreat Blog | May 14, 2017 | CVE Notifications |

mailcow 0.14, as used in “mailcow: dockerized” and other products, has CSRF.

Author: Cyberthreat Blog

CVE-2017-8934

CVE-2017-7491

CVE-2017-7213

CVE-2017-8930

CVE-2017-8928