Asterisk Project Security Advisory - AST-2018-009
ProductAsterisk
SummaryRemote crash vulnerability in HTTP websocket upgrade
Nature of Advisory Denial Of Service
I. VULNERABILITY
-
OPManager version 12.3, SQL Injection vulnerability
II. CVE REFERENCE
-
CVE-2018-17243
III. VENDOR
-
https://www.manageengine.com
IV. TIMELINE
-
10/09/18 Vulnerability discovered
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
X41 D-Sec GmbH Security Advisory: X41-2018-007
Multiple Vulnerabilities in mgetty
==
Overview
-
Confirmed Affected Versions: 1.2.0
Patched Versions: 1.2.1
Vendor: mgetty
Vendor URL:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
DSA-2018-152: RSA® Authentication Manager Multiple Vulnerabilities
Dell EMC Identifier: DSA-2018-152
CVE Identifier: CVE-2018-11073, CVE-2018-11074, CVE-2018-11075
Severity: Medium
Severity Rating: View the details below for the individual
X41 D-SEC GmbH Security Advisory: X41-2018-008
Multiple Vulnerabilities in HylaFAX
===
Overview
Confirmed Affected Versions: HylaFAX 6.0.6, HylaFAX+ 5.6.0
Confirmed Patched Versions: HylaFAX 6.0.7, HylaFAX+ 5.6.1
Vendor: Hylafax, Hylafax+
Vendor URL:
=
MGC ALERT 2018-005
- Original release date: August 31, 2018
- Last revised: September 19, 2018
- Discovered by: Manuel García Cárdenas
- Severity: 9/10 (CVSS Base Score)
- CVE-ID: CVE-2018-16283
=
I.
=
MGC ALERT 2018-006
- Original release date: August 31, 2018
- Last revised: September 19, 2018
- Discovered by: Manuel García Cárdenas
- Severity: 7/10 (CVSS Base Score)
- CVE-ID: CVE-2018-16299
=
I.