Cyberthreat Blog, Author at Cyberthreat Blog from Fortify24x7 Page 28242 of 28407

CVE-2016-6143

Posted by Cyberthreat Blog | Apr 13, 2017 | CVE Notifications |

SAP HANA DB 1.00.73.00.389160 allows remote attackers to execute arbitrary code via vectors involving the audit logs, aka SAP Security Note 2170806.

CVE-2016-10120

Posted by Cyberthreat Blog | Apr 13, 2017 | CVE Notifications |

Firejail uses 0777 permissions when mounting (1) /dev, (2) /dev/shm, (3) /var/tmp, or (4) /var/lock, which allows local users to gain privileges.

CVE-2016-10123

Posted by Cyberthreat Blog | Apr 13, 2017 | CVE Notifications |

Firejail allows –chroot when seccomp is not supported, which might allow local users to gain privileges.

CVE-2016-10121

Posted by Cyberthreat Blog | Apr 13, 2017 | CVE Notifications |

Firejail uses weak permissions for /dev/shm/firejail and possibly other files, which allows local users to gain privileges.

CVE-2016-2555

Posted by Cyberthreat Blog | Apr 13, 2017 | CVE Notifications |

SQL injection vulnerability in include/lib/mysql_connect.inc.php in ATutor 2.2.1 allows remote attackers to execute arbitrary SQL commands via the searchFriends function to friends.inc.php.

Author: Cyberthreat Blog

CVE-2016-6143

CVE-2016-10120

CVE-2016-10123

CVE-2016-10121

CVE-2016-2555