Security Vulnerabilities, CVEs, Published In October 2016

A vulnerability exists in gauge.php of AlienVault OSSIM and USM before 5.3.2 that allows an attacker to execute an arbitrary SQL query and retrieve database information or read local system files via MySQL's LOAD_FILE.

A persistent XSS vulnerability exists in the User-Agent header of the login process of AlienVault OSSIM and USM before 5.3.2 that allows an attacker to steal session IDs of logged in users when the current sessions are viewed by an administrator.

The web console in Cisco Firepower Management Center 6.0.1 allows remote authenticated users to read arbitrary files via crafted parameters, aka Bug ID CSCva30376.

The Threat Management Console in Cisco Firepower Management Center 5.2.0 through 6.0.1 allows remote authenticated users to execute arbitrary commands via crafted web-application parameters, aka Bug ID CSCva30872.

The Tomcat package on Red Hat Enterprise Linux (RHEL) 7, Fedora, CentOS, Oracle Linux, and possibly other Linux distributions uses weak permissions for /usr/lib/tmpfiles.d/tomcat.conf, which allows local users to gain root privileges by leveraging membership in the tomcat group.

The Tomcat init script in the tomcat7 package before 7.0.56-3+deb8u4 and tomcat8 package before 8.0.14-1+deb8u3 on Debian jessie and the tomcat6 and libtomcat6-java packages before 6.0.35-1ubuntu3.8 on Ubuntu 12.04 LTS, the tomcat7 and libtomcat7-java packages before 7.0.52-1ubuntu0.7 on Ubuntu 14.04 LTS, and tomcat8 and libtomcat8-java packages before 8.0.32-1ubuntu1.2 on Ubuntu 16.04 LTS allows local users with access to the tomcat account to gain root privileges via a symlink attack on the Catalina log file, as demonstrated by /var/log/tomcat7/catalina.out.

Zotpress plugin for WordPress SQLi in zp_get_account()

Ruckus Wireless H500 web management interface authenticated command injection

Ruckus Wireless H500 web management interface denial of service

Ruckus Wireless H500 web management interface authentication bypass

Ruckus Wireless H500 web management interface CSRF

Reflected XSS in wordpress plugin wpsolr-search-engine v7.6

Reflected XSS in wordpress plugin whizz v1.0.7

Reflected XSS in wordpress plugin tidio-gallery v1.1

Reflected XSS in wordpress plugin tidio-form v1.0

Reflected XSS in wordpress plugin tera-charts v1.0

Reflected XSS in wordpress plugin simplified-content v1.0.0

Reflected XSS in wordpress plugin simpel-reserveren v3.5.2

Reflected XSS in wordpress plugin s3-video v0.983

Reflected XSS in wordpress plugin recipes-writer v1.0.4

Reflected XSS in wordpress plugin pondol-formmail v1.1

Reflected XSS in wordpress plugin pondol-carousel v1.0

Reflected XSS in wordpress plugin photoxhibit v2.1.8

Reflected XSS in wordpress plugin photoxhibit v2.1.8

Reflected XSS in wordpress plugin parsi-font v4.2.5