* [7.x-1.0-alpha9](https://www.drupal.org/project/title/releases/7.x-1.0-alpha9)
* [7.x-1.0-alpha8](https://www.drupal.org/project/title/releases/7.x-1.0-alpha8)
Monthly Archives: January 2017
CVE-2017-5570 (patient_portal)
An issue was discovered in eClinicalWorks Patient Portal 7.0 build 13. This is a blind SQL injection within the messageJson.jsp, which can only be exploited by authenticated users via an HTTP POST request and which can be used to dump database data out to a malicious server, using an out-of-band technique such as select_loadfile().
CVE-2017-5569 (patient_portal)
An issue was discovered in eClinicalWorks Patient Portal 7.0 build 13. This is a blind SQL injection within the template.jsp, which can be exploited without the need of authentication and via an HTTP POST request, and which can be used to dump database data out to a malicious server, using an out-of-band technique such as select_loadfile().
EMC Avamar Data Store / Virtual Edition 7.3.1 / 7.3.0 Privilege Escalation
EMC Avamar Data Store and Avamar Virtual Edition versions 7.3.0 and 7.3.1 suffer from a privilege escalation vulnerability due to incorrect file ownership.
RVAsec 2017 Call For Papers
RVAsec is a Richmond, VA based security convention that brings top industry speakers to the mid-Atlantic region. It will be held June 8th through the 9th, 2017, in Richmond, VA, USA.
Oracle OpenJDK Runtime Environment Build 1.8.0_112-b15 Denial Of Service
Oracle OpenJDK Runtime Environment build 1.8.0_112-b15 suffers from a java serialization denial of service vulnerability.
Oracle PeopleSoft HCM 9.2 Cross Site Scripting
Oracle PeopleSoft HCM version 9.2 suffers from a cross site scripting vulnerability.
Microsoft Remote Desktop Client For Mac 8.0.36 Remote Code Execution
Microsoft Remote Desktop Client for Mac version 8.0.36 suffers from a remote code execution vulnerability.
Gentoo Linux Security Advisory 201701-49
Gentoo Linux Security Advisory 201701-49 – Multiple vulnerabilities have been found in QEMU, the worst of which could cause a Denial of Service condition. Versions less than 2.8.0 are affected.
Gentoo Linux Security Advisory 201701-50
Gentoo Linux Security Advisory 201701-50 – A buffer overflow in PPP might allow remote attackers to cause a Denial of Service condition. Versions less than 2.4.7-r3 are affected.