In Docker before 18.09.4, an attacker who is capable of supplying or manipulating the build path for the "docker build" command would be able to gain command execution. An issue exists in the way "docker build" processes remote git URLs, and results in command injection into the ...
CVE-2019-15325PUBLISHED: 2019-08-22In GalliumOS 3.0, CONFIG_SECURITY_YAMA is disabled but /etc/sysctl.d/10-ptrace.conf tries to set /proc/sys/kernel/yama/ptrace_scope to 1, which might increase risk because of the appearance that a protection mechanism is present when actually it is not.
CVE-2019-15326PUBLISHED: 2019-08-22The import-users-from-csv-with-meta plugin before 1.14.2.1 for WordPress has directory traversal.
CVE-2019-15327PUBLISHED: 2019-08-22The import-users-from-csv-with-meta plugin before 1.14.1.3 for WordPress has XSS via imported data.
CVE-2019-15328PUBLISHED: 2019-08-22The import-users-from-csv-with-meta plugin before 1.14.0.3 for WordPress has XSS.
Support the originator by clicking the read the rest link below.
