Employees Share Average of 6 Passwords With Co-Workers
From DHS/US-CERT’s National Vulnerability Database CVE-2018-14804
PUBLISHED: 2018-10-01
AMS Device Manager v12.0 to v13.5. A specially crafted script may be run that allows arbitrary remote code execution.
CVE-2018-14808
PUBLISHED: 2018-10-01
AMS Device Manager v12.0 to v13.5. Non-administrative users are able to change executable and library files on the affected products.
CVE-2018-1420
PUBLISHED: 2018-10-01
IBM WebSphere Portal 7.0, 8.0, 8.5, and 9.0 resets access control settings to the out of the box configuration during Combined Cumulative Fix (CF) installation. This can lead to security miss-configuration of the installation. IBM X-Force ID: 138950.
CVE-2018-1672
PUBLISHED: 2018-10-01
IBM WebSphere Portal 7.0, 8.0, 8.5, and 9.0 may fail to set the correct user context in certain impersonation scenarios, which can allow a user to act with the identity of a different user. IBM X-Force ID: 144958.
CVE-2018-14788
PUBLISHED: 2018-10-01
Fuji Electric Alpha5 Smart Loader Versions 3.7 and prior. A buffer overflow information disclosure vulnerability occurs when parsing certain file types.
Read More HERE