Security News

CVE-2017-2610

National Vulnerability Database - Tue, 05/15/2018 - 17:29
jenkins before versions 2.44, 2.32.2 is vulnerable to a persisted cross-site scripting in search suggestions due to improperly escaping users with less-than and greater-than characters in their names (SECURITY-388).
Categories: Security News

CVE-2017-2600

National Vulnerability Database - Tue, 05/15/2018 - 16:29
In jenkins before versions 2.44, 2.32.2 node monitor data could be viewed by low privilege users via the remote API. These included system configuration and runtime information of these nodes (SECURITY-343).
Categories: Security News

CVE-2017-2608

National Vulnerability Database - Tue, 05/15/2018 - 16:29
Jenkins before versions 2.44, 2.32.2 is vulnerable to a remote code execution vulnerability involving the deserialization of various types in javax.imageio in XStream-based APIs (SECURITY-383).
Categories: Security News

CVE-2017-2612

National Vulnerability Database - Tue, 05/15/2018 - 16:29
In Jenkins before versions 2.44, 2.32.2 low privilege users were able to override JDK download credentials (SECURITY-392), resulting in future builds possibly failing to download a JDK.
Categories: Security News

CVE-2018-1262

National Vulnerability Database - Tue, 05/15/2018 - 16:29
Cloud Foundry Foundation UAA, versions 4.12.X and 4.13.X, introduced a feature which could allow privilege escalation across identity zones for clients performing offline validation. A zone administrator could configure their zone to issue tokens which impersonate another zone, granting up to admin privileges in the impersonated zone for clients performing offline token validation.
Categories: Security News

CVE-2018-1263

National Vulnerability Database - Tue, 05/15/2018 - 16:29
Addresses partial fix in CVE-2018-1261. Pivotal spring-integration-zip, versions prior to 1.0.2, exposes an arbitrary file write vulnerability, that can be achieved using a specially crafted zip archive (affects other archives as well, bzip2, tar, xz, war, cpio, 7z), that holds path traversal filenames. So when the filename gets concatenated to the target extraction directory, the final path ends up outside of the target folder.
Categories: Security News

CVE-2018-11094

National Vulnerability Database - Tue, 05/15/2018 - 15:29
An issue was discovered on Intelbras NCLOUD 300 1.0 devices. /cgi-bin/ExportSettings.sh, /goform/updateWPS, /goform/RebootSystem, and /goform/vpnBasicSettings do not require authentication. For example, when an HTTP POST request is made to /cgi-bin/ExportSettings.sh, the username, password, and other details are retrieved.
Categories: Security News

CVE-2017-2815

National Vulnerability Database - Tue, 05/15/2018 - 13:29
An exploitable XML entity injection vulnerability exists in OpenFire User Import Export Plugin 2.6.0. A specially crafted web request can cause the retrieval of arbitrary files or denial of service. An authenticated attacker can send a crafted web request to trigger this vulnerability.
Categories: Security News

CVE-2018-11126

National Vulnerability Database - Tue, 05/15/2018 - 13:29
dg-user/?controller=users&action=add in doorGets 7.0 has CSRF that results in adding an administrator account.
Categories: Security News

CVE-2018-11127

National Vulnerability Database - Tue, 05/15/2018 - 13:29
e107 2.1.7 has CSRF resulting in arbitrary user deletion.
Categories: Security News

CVE-2018-1087

National Vulnerability Database - Tue, 05/15/2018 - 12:29
kernel KVM before versions kernel 4.16, kernel 4.16-rc7, kernel 4.17-rc1, kernel 4.17-rc2 and kernel 4.17-rc3 is vulnerable to a flaw in the way the Linux kernel's KVM hypervisor handled exceptions delivered after a stack switch operation via Mov SS or Pop SS instructions. During the stack switch operation, the processor did not deliver interrupts and exceptions, rather they are delivered once the first instruction after the stack switch is executed. An unprivileged KVM guest user could use this flaw to crash the guest or, potentially, escalate their privileges in the guest.
Categories: Security News

CVE-2018-11125

National Vulnerability Database - Tue, 05/15/2018 - 12:29
Tencent RapidJSON 1.1.0 has a heap-based buffer over-read in the Peek function in stream.h.
Categories: Security News

CVE-2018-11105

National Vulnerability Database - Tue, 05/15/2018 - 11:29
There is stored cross site scripting in the wp-live-chat-support plugin before 8.0.08 for WordPress via the "name" (aka wplc_name) and "email" (aka wplc_email) input fields to wp-json/wp_live_chat_support/v1/start_chat whenever a malicious attacker would initiate a new chat with an administrator. NOTE: this issue exists because of an incomplete fix for CVE-2018-9864.
Categories: Security News

CVE-2018-3611

National Vulnerability Database - Tue, 05/15/2018 - 10:29
Bounds check vulnerability in User Mode Driver in Intel Graphics Driver 15.40.x.4 and 21.20.x.x allows unprivileged user to cause a denial of service via local access.
Categories: Security News

CVE-2018-3634

National Vulnerability Database - Tue, 05/15/2018 - 10:29
Parameter corruption in NDIS filter driver in Intel Online Connect Access 1.9.22.0 allows an attacker to cause a denial of service via local access.
Categories: Security News

CVE-2018-3661

National Vulnerability Database - Tue, 05/15/2018 - 10:29
Buffer overflow in Intel system Configuration utilities selview.exe and syscfg.exe before version 14 build 11 allows a local user to crash these services potentially resulting in a denial of service.
Categories: Security News

CVE-2018-1131

National Vulnerability Database - Tue, 05/15/2018 - 09:29
Infinispan permits improper deserialization of trusted data via XML and JSON transcoders under certain server configurations. A user with authenticated access to the server could send a malicious object to a cache configured to accept certain types of objects, achieving code execution and possible further attacks. Versions 9.0.3.Final, 9.1.7.Final, 8.2.10.Final, 9.2.2.Final, 9.3.0.Alpha1 are believed to be affected.
Categories: Security News

Bugtraq: CSNC-2018-003 totemomail Encryption Gateway - Cross-Site Request Forgery

SecurityFocus Vulnerabilities - Tue, 05/15/2018 - 08:20
CSNC-2018-003 totemomail Encryption Gateway - Cross-Site Request Forgery
Categories: Security News

Bugtraq: CSNC-2018-002 totemomail Encryption Gateway - JSONP hijacking

SecurityFocus Vulnerabilities - Tue, 05/15/2018 - 08:20
CSNC-2018-002 totemomail Encryption Gateway - JSONP hijacking
Categories: Security News

Bugtraq: Re: SEC Consult SA-20180514-0 :: Arbitrary File Upload & Cross-site scripting in MyBiz MyProcureNet

SecurityFocus Vulnerabilities - Tue, 05/15/2018 - 08:20
Re: SEC Consult SA-20180514-0 :: Arbitrary File Upload & Cross-site scripting in MyBiz MyProcureNet
Categories: Security News

Pages