Security News

CVE-2018-1062

National Vulnerability Database - Tue, 03/06/2018 - 10:29
A vulnerability was discovered in oVirt 4.1.x before 4.1.9, where the combination of Enable Discard and Wipe After Delete flags for VM disks managed by oVirt, could cause a disk to be incompletely zeroed when removed from a VM. If the same storage blocks happen to be later allocated to a new disk attached to another VM, potentially sensitive data could be revealed to privileged users of that VM.
Categories: Security News

CVE-2018-7307

National Vulnerability Database - Tue, 03/06/2018 - 10:29
The Auth0 Auth0.js library before 9.3 has CSRF because it mishandles the case where the authorization response lacks the state parameter.
Categories: Security News

CVE-2018-7650

National Vulnerability Database - Tue, 03/06/2018 - 10:29
PHP Scripts Mall Hot Scripts Clone:Script Classified Version 3.1 Application is vulnerable to stored XSS within the "Add New" function for a Management User. Within the "Add New" section, the application does not sanitize user supplied input to the name parameter, and renders injected JavaScript code to the user's browser. This is different from CVE-2018-6878.
Categories: Security News

Bugtraq: [SECURITY] [DSA 4132-1] libvpx security update

SecurityFocus Vulnerabilities - Tue, 03/06/2018 - 07:20
[SECURITY] [DSA 4132-1] libvpx security update
Categories: Security News

Bugtraq: [SECURITY] [DSA 4131-1] xen security update

SecurityFocus Vulnerabilities - Tue, 03/06/2018 - 07:20
[SECURITY] [DSA 4131-1] xen security update
Categories: Security News

Bugtraq: [SECURITY] [DSA 4120-2] linux regression update

SecurityFocus Vulnerabilities - Tue, 03/06/2018 - 07:20
[SECURITY] [DSA 4120-2] linux regression update
Categories: Security News

Bugtraq: [SECURITY] [DSA 4130-1] dovecot security update

SecurityFocus Vulnerabilities - Tue, 03/06/2018 - 07:20
[SECURITY] [DSA 4130-1] dovecot security update
Categories: Security News

CVE-2018-7712

National Vulnerability Database - Mon, 03/05/2018 - 18:29
The validateInputImageSize function in modules/imgcodecs/src/loadsave.cpp in OpenCV 3.4.1 allows remote attackers to cause a denial of service (assertion failure) because (size.height <= (1<<20)) may be false.
Categories: Security News

CVE-2018-7713

National Vulnerability Database - Mon, 03/05/2018 - 18:29
The validateInputImageSize function in modules/imgcodecs/src/loadsave.cpp in OpenCV 3.4.1 allows remote attackers to cause a denial of service (assertion failure) because (size.width <= (1<<20)) may be false.
Categories: Security News

CVE-2018-7714

National Vulnerability Database - Mon, 03/05/2018 - 18:29
The validateInputImageSize function in modules/imgcodecs/src/loadsave.cpp in OpenCV 3.4.1 allows remote attackers to cause a denial of service (assertion failure) because (pixels <= (1<<30)) may be false.
Categories: Security News

CVE-2018-7715

National Vulnerability Database - Mon, 03/05/2018 - 18:29
PrivateVPN 2.0.31 for macOS suffers from a root privilege escalation vulnerability with its com.privat.vpn.helper privileged helper tool. This privileged helper tool implements an XPC service that allows arbitrary installed applications to connect and send messages. The XPC service extracts the path string from the corresponding XPC message. This string is supposed to point to PrivateVPN's internal openvpn binary. If a new connection has not already been established, an attacker can send the XPC service a malicious XPC message with the path string pointing at a binary that he or she controls. This results in the execution of arbitrary code as the root user.
Categories: Security News

CVE-2018-7716

National Vulnerability Database - Mon, 03/05/2018 - 18:29
PrivateVPN 2.0.31 for macOS suffers from a root privilege escalation vulnerability with its com.privat.vpn.helper privileged helper tool. This privileged helper tool implements an XPC service that allows arbitrary installed applications to connect and send messages. The XPC service extracts the config string from the corresponding XPC message. This string is supposed to point to an internal OpenVPN configuration file. If a new connection has not already been established, an attacker can send the XPC service a malicious XPC message with the config string pointing at an OpenVPN configuration file that he or she controls. In the configuration file, an attacker can specify a dynamic library plugin that should run for every new VPN connection. This plugin will execute code in the context of the root user.
Categories: Security News

CVE-2018-7717

National Vulnerability Database - Mon, 03/05/2018 - 18:29
The htmlImageAddTitleAttribute function in sige.php in the Kubik-Rubik Simple Image Gallery Extended (SIGE) extension 3.2.3 for Joomla! has XSS via a crafted image header, as demonstrated by the Caption-Abstract header object in a JPEG file. This is fixed in 3.3.1.
Categories: Security News

CVE-2017-18219

National Vulnerability Database - Mon, 03/05/2018 - 17:29
An issue was discovered in GraphicsMagick 1.3.26. An allocation failure vulnerability was found in the function ReadOnePNGImage in coders/png.c, which allows attackers to cause a denial of service via a crafted file that triggers an attempt at a large png_pixels array allocation.
Categories: Security News

CVE-2017-18220

National Vulnerability Database - Mon, 03/05/2018 - 17:29
The ReadOneJNGImage and ReadJNGImage functions in coders/png.c in GraphicsMagick 1.3.26 allow remote attackers to cause a denial of service (magick/blob.c CloseBlob use-after-free) or possibly have unspecified other impact via a crafted file, a related issue to CVE-2017-11403.
Categories: Security News

CVE-2018-7711

National Vulnerability Database - Mon, 03/05/2018 - 17:29
HTTPRedirect.php in the saml2 library in SimpleSAMLphp before 1.15.4 has an incorrect check of return values in the signature validation utilities, allowing an attacker to get invalid signatures accepted as valid by forcing an error during validation. This occurs because of a dependency on PHP functionality that interprets a -1 error code as a true boolean value.
Categories: Security News

CVE-2017-18217

National Vulnerability Database - Mon, 03/05/2018 - 15:29
An issue was discovered in InvoicePlane before 1.5.5. It was observed that the Email address and Web address parameters are vulnerable to Cross Site Scripting, related to application/modules/clients/views/view.php, application/modules/invoices/views/view.php, and application/modules/quotes/views/view.php.
Categories: Security News

CVE-2017-18218

National Vulnerability Database - Mon, 03/05/2018 - 15:29
In drivers/net/ethernet/hisilicon/hns/hns_enet.c in the Linux kernel before 4.13, local users can cause a denial of service (use-after-free and BUG) or possibly have unspecified other impact by leveraging differences in skb handling between hns_nic_net_xmit_hw and hns_nic_net_xmit.
Categories: Security News

CVE-2018-7493

National Vulnerability Database - Mon, 03/05/2018 - 15:29
CactusVPN through 6.0 for macOS suffers from a root privilege escalation vulnerability in its privileged helper tool. The privileged helper tool implements an XPC interface, which allows arbitrary applications to execute system commands as root.
Categories: Security News

CVE-2017-8165

National Vulnerability Database - Mon, 03/05/2018 - 14:29
Mate 9 Huawei smart phones with versions earlier than MHA-AL00BC00B233 have a sensitive information leak vulnerability. An attacker can trick a user to install a malicious application to exploit this vulnerability. Successful exploitation may cause sensitive information leak.
Categories: Security News

Pages