GIMP CVE-2017-17786 Heap Buffer Overflow Vulnerability
Multiple Huawei Products CVE-2017-17167 Information Disclosure Vulnerability
FasterXML Jackson-databind CVE-2017-15095 Incomplete Fix Remote Code Execution Vulnerability
An issue has been found in LuPng through 2017-03-10. It is a heap-based buffer over-read in internalPrintf in miniz/lupng.c.
An issue has been found in LuPng through 2017-03-10. It is a heap-based buffer overflow in insertByte in miniz/lupng.c during a write operation for data obtained from a palette.
An issue has been found in LuPng through 2017-03-10. It is a heap-based buffer overflow in insertByte in miniz/lupng.c during a write operation for data obtained from a swap.
DedeCMS 5.7 SP2 allows XSS via the plus/qrcode.php type parameter.
Reflected XSS exists in DedeCMS 5.7 SP2 via the /member/pm.php folder parameter.
Missing authentication and improper input validation in KERUI Wifi Endoscope Camera (YPC99) allow an attacker to execute arbitrary commands (with a length limit of 19 characters) via the "ssid" value, as demonstrated by ssid:;ping 192.168.1.2 in the body of a SETSSID command.
Lack of an authentication mechanism in KERUI Wifi Endoscope Camera (YPC99) allows an attacker to watch or block the camera stream. The RTSP server on port 7070 accepts the command STOP to stop streaming, and the command SETSSID to disconnect a user.
Advantech WebAccess 8.3.2 and below is vulnerable to a stack buffer overflow vulnerability. A remote authenticated attacker could potentially exploit this vulnerability by sending a crafted HTTP request to broadweb/system/opcImg.asp.
LibTIFF 4.0.9 (with JBIG enabled) decodes arbitrarily-sized JBIG into a buffer, ignoring the buffer size, which leads to a tif_jbig.c JBIGDecode out-of-bounds write.
In the Linux kernel through 4.19, a use-after-free can occur due to a race condition between fanout_add from setsockopt and bind on an AF_PACKET socket. This issue exists because of the 15fe076edea787807a7cdc168df832544b58eba6 incomplete fix for a race condition. The code mishandles a certain multithreaded case involving a packet_do_bind unregister action followed by a packet_notifier register action. Later, packet_release operates on only one of the two applicable linked lists. The attacker can achieve Program Counter control.
IBM Security Access Manager Appliance 220.127.116.11, 18.104.22.168 and 22.214.171.124 could allow unauthorized administration operations when Advanced Access Control services are running. IBM X-Force ID: 150998.
Splunk Multiple Local Privilege Escalation Vulnerabilities
Libssh CVE-2018-10933 Authentication Bypass Vulnerability
Leanote 2.6.1 has XSS via the Blog Basic Setting title field, which is mishandled during rendering of the "likes" page.
ServersCheck Monitoring Software before 14.3.4 allows SQL Injection by an authenticated user.