[FD] [AIT-SA-20191129-01] CVE-2019-16885: Unauthenticated remote code execution in OkayCMS

# Unauthenticated remote code execution in OkayCMS ## Overview * Identifier: AIT-SA-20191129-01 * Target: OkayCMS * Vendor: OkayCMS * Version: all versions including 2.3.4 * CVE: CVE-2019-16885 * Accessibility: Local * Severity: Critical * Author: Wolfgang Hotwagner (AIT Austrian Institute of

[FD] Authentication vulnerabilities in OpenBSD

Qualys Security Advisory Authentication vulnerabilities in OpenBSD == Contents == 1. CVE-2019-19521: Authentication bypass 1.1. Analysis

[FD] SiteVision Insufficient Module Access Control

# SiteVision Insufficient Module Access Control CVE-2019-12734 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12734 https://www.cybercom.com/About-Cybercom/Blogs/Security-Advisories/high-risk-vulnerabilities-in-cms-product/ ## Summary Attackers may inject non-authorised modules when

[FD] SiteVision Remote Code Execution

# SiteVision Remote Code Execution CVE-2019-12733 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-12733 https://www.cybercom.com/About-Cybercom/Blogs/Security-Advisories/high-risk-vulnerabilities-in-cms-product/ ## Summary Attackers may execute arbitrary code as root on the target

[FD] External Service Interaction (DNS) on Skype for Business

I. VULNERABILITY - Microsoft Skype for Business External Service Interaction (DNS) Latest Version II. CVE REFERENCE - Not Assigned Yet III. VENDOR - https://www.microsoft.com IV. TIMELINE -