Security News

CVE-2017-2707

National Vulnerability Database - Wed, 11/22/2017 - 14:29
Mate 9 smartphones with software MHA-AL00AC00B125 have a privilege escalation vulnerability in Push module. An attacker tricks a user to save a rich media into message on the smart phone, which could be exploited to cause the attacker to delete message or fake user to send message.
Categories: Security News

CVE-2017-2708

National Vulnerability Database - Wed, 11/22/2017 - 14:29
The 'Find Phone' function in Nice smartphones with software versions earlier before Nice-AL00C00B0135 has an authentication bypass vulnerability. An unauthenticated attacker may wipe and factory reset the phone by special steps. Due to missing authentication of the 'Find Phone' function, an attacker may exploit the vulnerability to bypass the 'Find Phone' function in order to use the phone normally.
Categories: Security News

CVE-2017-2709

National Vulnerability Database - Wed, 11/22/2017 - 14:29
HiGame with software earlier than 7.3.0 versions, SkyTone with software earlier than 8.1.1 versions have a DoS Vulnerability. An attacker tricks a user into installing a malicious application on the smart phone, the attacker can send malformed packets to the device. Due to the lack of adequate input validation of APPs, which causes the APPs Denial of Service.
Categories: Security News

CVE-2017-2710

National Vulnerability Database - Wed, 11/22/2017 - 14:29
BTV-W09C229B002CUSTC229D005,BTV-W09C233B029, earlier than BTV-W09C100B006CUSTC100D002 versions, earlier than BTV-W09C128B003CUSTC128D002 versions, earlier than BTV-W09C199B002CUSTC199D002 versions, earlier than BTV-W09C209B005CUSTC209D001 versions, earlier than BTV-W09C331B002CUSTC331D001 versions, earlier than CRR-L09C432B390 versions, earlier than CRR-L09C605B355CUSTC605D003 versions have a Factory Reset Protection (FRP) bypass security vulnerability. When re-configuring the mobile phone using the factory reset protection (FRP) function, an attacker can perform some operations to update the Google account. As a result, the FRP function is bypassed.
Categories: Security News

CVE-2017-2711

National Vulnerability Database - Wed, 11/22/2017 - 14:29
P9 Plus smartphones with software earlier than VIE-AL10C00B352 versions have an input validation vulnerability in the touchscreen Driver. An attacker can tricks a user into installing a malicious application on the smart phone, and send given parameter to smart phone to crash the system.
Categories: Security News

CVE-2017-12190

National Vulnerability Database - Wed, 11/22/2017 - 13:29
The bio_map_user_iov and bio_unmap_user functions in block/bio.c in the Linux kernel before 4.13.8 do unbalanced refcounting when a SCSI I/O vector has small consecutive buffers belonging to the same page. The bio_add_pc_page function merges them into one, but the page reference is never dropped. This causes a memory leak and possible system lockup (exploitable against the host OS by a guest OS user, if a SCSI disk is passed through to a virtual machine) due to an out-of-memory condition.
Categories: Security News

CVE-2017-12193

National Vulnerability Database - Wed, 11/22/2017 - 13:29
The assoc_array_insert_into_terminal_node function in lib/assoc_array.c in the Linux kernel before 4.13.11 mishandles node splitting, which allows local users to cause a denial of service (NULL pointer dereference and panic) via a crafted application, as demonstrated by the keyring key type, and key addition and link creation operations.
Categories: Security News

CVE-2017-15099

National Vulnerability Database - Wed, 11/22/2017 - 13:29
INSERT ... ON CONFLICT DO UPDATE commands in PostgreSQL 10.x before 10.1, 9.6.x before 9.6.6, and 9.5.x before 9.5.10 disclose table contents that the invoker lacks privilege to read. These exploits affect only tables where the attacker lacks full read access but has both INSERT and UPDATE privileges. Exploits bypass row level security policies and lack of SELECT privilege.
Categories: Security News

CVE-2017-15528

National Vulnerability Database - Wed, 11/22/2017 - 13:29
Prior to v 7.6, the Install Norton Security (INS) product can be susceptible to a certificate spoofing vulnerability, which is a type of attack whereby a maliciously procured certificate binds the public key of an attacker to the domain name of the target.
Categories: Security News

CVE-2017-13071

National Vulnerability Database - Wed, 11/22/2017 - 12:29
QNAP has already patched this vulnerability. This security concern allows a remote attacker to run arbitrary commands on the QNAP Video Station 5.1.3 (for QTS 4.3.3), 5.2.0 (for QTS 4.3.4), and earlier.
Categories: Security News

CVE-2017-15098

National Vulnerability Database - Wed, 11/22/2017 - 12:29
Invalid json_populate_recordset or jsonb_populate_recordset function calls in PostgreSQL 10.x before 10.1, 9.6.x before 9.6.6, 9.5.x before 9.5.10, 9.4.x before 9.4.15, and 9.3.x before 9.3.20 can crash the server or disclose a few bytes of server memory.
Categories: Security News

CVE-2017-7736

National Vulnerability Database - Wed, 11/22/2017 - 12:29
A stored Cross-site Scripting (XSS) vulnerability in Fortinet FortiWeb webUI Certificate View page in 5.8.0, 5.7.1 and earlier, allows attackers to inject arbitrary web script or HTML via special crafted malicious certificate import.
Categories: Security News

CVE-2017-6166

National Vulnerability Database - Wed, 11/22/2017 - 11:29
In BIG-IP LTM, AAM, AFM, Analytics, APM, ASM, DNS, Link Controller, PEM, and WebSafe software 12.0.0 to 12.1.1, in some cases the Traffic Management Microkernel (TMM) may crash when processing fragmented packets. This vulnerability affects TMM through a virtual server configured with a FastL4 profile. Traffic processing is disrupted while TMM restarts. If the affected BIG-IP system is configured as part of a device group, it will trigger a failover to the peer device.
Categories: Security News

CVE-2017-16926

National Vulnerability Database - Wed, 11/22/2017 - 03:29
Ohcount 3.0.0 is prone to a command injection via specially crafted filenames containing shell metacharacters, which can be exploited by an attacker (providing a source tree for Ohcount processing) to execute arbitrary code as the user running Ohcount.
Categories: Security News

CVE-2017-8860

National Vulnerability Database - Wed, 11/22/2017 - 03:29
Information disclosure through directory listing on the Cohu 3960HD allows an attacker to view and download source code, log files, and other sensitive device information via a specially crafted web request with an extra / character, such as a "GET // HTTP/1.1" request.
Categories: Security News

CVE-2017-8861

National Vulnerability Database - Wed, 11/22/2017 - 03:29
Missing authentication for the remote configuration port 1236/tcp on the Cohu 3960HD allows an attacker to change configuration parameters such as IP address and username/password via specially crafted XML SOAP packets.
Categories: Security News

CVE-2017-8862

National Vulnerability Database - Wed, 11/22/2017 - 03:29
The webupgrade function on the Cohu 3960HD does not verify the firmware upgrade files or process, allowing an attacker to upload a specially crafted postinstall.sh file that will be executed with "root" privileges.
Categories: Security News

CVE-2017-8863

National Vulnerability Database - Wed, 11/22/2017 - 03:29
Information disclosure of .esp source code on the Cohu 3960 allows an attacker to view sensitive information such as application logic with a simple web browser.
Categories: Security News

CVE-2017-8864

National Vulnerability Database - Wed, 11/22/2017 - 03:29
Client-side enforcement using JavaScript of server-side security options on the Cohu 3960HD allows an attacker to manipulate options sent to the camera and cause malfunction or code execution, as demonstrated by a client-side "if (!passwordsAreEqual())" test.
Categories: Security News

Vuln: Multiple Vendor TLS Protocol Session Renegotiation Security Vulnerability

SecurityFocus Vulnerabilities - Wed, 11/22/2017 - 00:00
Multiple Vendor TLS Protocol Session Renegotiation Security Vulnerability
Categories: Security News

Pages