Security News

CVE-2018-3781

National Vulnerability Database - Mon, 08/13/2018 - 15:29
A missing sanitization of search results for an autocomplete field in NextCloud Talk <3.2.5 could lead to a stored XSS requiring user-interaction. The missing sanitization only affected user names, hence malicious search results could only be crafted by authenticated users.
Categories: Security News

CVE-2018-3780

National Vulnerability Database - Mon, 08/13/2018 - 15:29
A missing sanitization of search results for an autocomplete field in NextCloud Server <13.0.5 could lead to a stored XSS requiring user-interaction. The missing sanitization only affected user names, hence malicious search results could only be crafted by authenticated users.
Categories: Security News

CVE-2018-15145

National Vulnerability Database - Mon, 08/13/2018 - 14:29
Multiple SQL injection vulnerabilities in portal/add_edit_event_user.php in versions of OpenEMR before 5.0.1.4 allow a remote attacker to execute arbitrary SQL commands via the (1) eid, (2) userid, or (3) pid parameter.
Categories: Security News

CVE-2018-15139

National Vulnerability Database - Mon, 08/13/2018 - 14:29
Unrestricted file upload in interface/super/manage_site_files.php in versions of OpenEMR before 5.0.1.4 allows a remote authenticated attacker to execute arbitrary PHP code by uploading a file with a PHP extension via the images upload form and accessing it in the images directory.
Categories: Security News

CVE-2018-15140

National Vulnerability Database - Mon, 08/13/2018 - 14:29
Directory traversal in portal/import_template.php in versions of OpenEMR before 5.0.1.4 allows a remote attacker authenticated in the patient portal to read arbitrary files via the "docid" parameter when the mode is set to get.
Categories: Security News

CVE-2018-15141

National Vulnerability Database - Mon, 08/13/2018 - 14:29
Directory traversal in portal/import_template.php in versions of OpenEMR before 5.0.1.4 allows a remote attacker authenticated in the patient portal to delete arbitrary files via the "docid" parameter when the mode is set to delete.
Categories: Security News

CVE-2018-15142

National Vulnerability Database - Mon, 08/13/2018 - 14:29
Directory traversal in portal/import_template.php in versions of OpenEMR before 5.0.1.4 allows a remote attacker authenticated in the patient portal to execute arbitrary PHP code by writing a file with a PHP extension via the "docid" and "content" parameters and accessing it in the traversed directory.
Categories: Security News

CVE-2018-15143

National Vulnerability Database - Mon, 08/13/2018 - 14:29
Multiple SQL injection vulnerabilities in portal/find_appt_popup_user.php in versions of OpenEMR before 5.0.1.4 allow a remote attacker to execute arbitrary SQL commands via the (1) catid or (2) providerid parameter.
Categories: Security News

CVE-2018-15144

National Vulnerability Database - Mon, 08/13/2018 - 14:29
SQL injection vulnerability in interface/de_identification_forms/find_drug_popup.php in versions of OpenEMR before 5.0.1.4 allows a remote authenticated attacker to execute arbitrary SQL commands via the search_term parameter.
Categories: Security News

CVE-2018-13417

National Vulnerability Database - Mon, 08/13/2018 - 13:29
In Vuze Bittorrent Client 5.7.6.0, the XML parsing engine for SSDP/UPnP functionality is vulnerable to an XML External Entity Processing (XXE) attack. Remote, unauthenticated attackers can use this vulnerability to: (1) Access arbitrary files from the filesystem with the same permission as the user account running Vuze, (2) Initiate SMB connections to capture a NetNTLM challenge/response and crack to cleartext password, or (3) Initiate SMB connections to relay a NetNTLM challenge/response and achieve Remote Command Execution in Windows domains.
Categories: Security News

CVE-2018-14849

National Vulnerability Database - Mon, 08/13/2018 - 13:29
Tiki before 18.2, 15.7 and 12.14 has XSS via link attributes, related to lib/core/WikiParser/OutputLink.php and lib/parser/parserlib.php.
Categories: Security News

CVE-2018-14850

National Vulnerability Database - Mon, 08/13/2018 - 13:29
Stored XSS vulnerabilities in Tiki before 18.2, 15.7 and 12.14 allow an authenticated user injecting JavaScript to gain administrator privileges if an administrator opens a wiki page and moves the mouse pointer over a modified link or thumb image.
Categories: Security News

CVE-2018-14878

National Vulnerability Database - Mon, 08/13/2018 - 13:29
JetBrains dotPeek before 2018.2 and ReSharper Ultimate before 2018.1.4 allow attackers to execute code by decompiling a compiled .NET object (such as a DLL or EXE file) with a specific file, because of Deserialization of Untrusted Data.
Categories: Security News

CVE-2017-15138

National Vulnerability Database - Mon, 08/13/2018 - 13:29
The OpenShift Enterprise cluster-read can access webhook tokens which would allow an attacker with sufficient privileges to view confidential webhook tokens.
Categories: Security News

CVE-2017-7500

National Vulnerability Database - Mon, 08/13/2018 - 13:29
It was found that rpm did not properly handle RPM installations when a destination path was a symbolic link to a directory, possibly changing ownership and permissions of an arbitrary directory, and RPM files being placed in an arbitrary destination. An attacker, with write access to a directory in which a subdirectory will be installed, could redirect that directory to an arbitrary location and gain root privilege.
Categories: Security News

CVE-2018-10569

National Vulnerability Database - Mon, 08/13/2018 - 13:29
An issue was discovered in Edimax EW-7438RPn Mini v2 before version 1.26. There is XSS in an SSID field.
Categories: Security News

CVE-2018-10842

National Vulnerability Database - Mon, 08/13/2018 - 13:29
It was found that an authenticated user could manipulate user session information to trigger an infinite loop in keycloak. A malicious user could use this flaw to conduct a denial of service attack against the server.
Categories: Security News

CVE-2018-10864

National Vulnerability Database - Mon, 08/13/2018 - 13:29
An uncontrolled resource consumption flaw has been discovered in redhat-certification in the way documents are loaded. A remote attacker may provide an existing but invalid XML file which would be opened and never closed, possibly producing a Denial of Service.
Categories: Security News

CVE-2018-12587

National Vulnerability Database - Mon, 08/13/2018 - 13:29
A cross-site scripting (XSS) vulnerability was found in valeuraddons German Spelling Dictionary v1.3 (an Opera Browser add-on). Instead of providing text for a spelling check, remote attackers may inject arbitrary web script or HTML via the ajax query parameter in the URL Address Bar.
Categories: Security News

CVE-2018-13415

National Vulnerability Database - Mon, 08/13/2018 - 13:29
In Plex Media Server 1.13.2.5154, the XML parsing engine for SSDP/UPnP functionality is vulnerable to an XML External Entity Processing (XXE) attack. Remote, unauthenticated attackers can use this vulnerability to: (1) Access arbitrary files from the filesystem with the same permission as the user account running Plex, (2) Initiate SMB connections to capture a NetNTLM challenge/response and crack to cleartext password, or (3) Initiate SMB connections to relay a NetNTLM challenge/response and achieve Remote Command Execution in Windows domains.
Categories: Security News

Pages