Security News

CVE-2018-17082

National Vulnerability Database - Sun, 09/16/2018 - 11:29
The Apache2 component in PHP before 5.6.38, 7.0.x before 7.0.32, 7.1.x before 7.1.22, and 7.2.x before 7.2.10 allows XSS via the body of a "Transfer-Encoding: chunked" request, because the bucket brigade is mishandled in the php_handler function in sapi/apache2handler/sapi_apache2.c.
Categories: Security News

Vuln: Oracle WebCenter Interaction Multiple Security Vulnerabilities

SecurityFocus Vulnerabilities - Sun, 09/16/2018 - 00:00
Oracle WebCenter Interaction Multiple Security Vulnerabilities
Categories: Security News

CVE-2018-17076

National Vulnerability Database - Sat, 09/15/2018 - 22:29
GPP through 2.25 will try to use more memory space than is available on the stack, leading to a segmentation fault or possibly unspecified other impact via a crafted file.
Categories: Security News

CVE-2018-17077

National Vulnerability Database - Sat, 09/15/2018 - 22:29
An issue was discovered in yiqicms through 2016-11-20. There is stored XSS in comment.php because a length limit can be bypassed.
Categories: Security News

CVE-2018-16554

National Vulnerability Database - Sat, 09/15/2018 - 22:29
The ProcessGpsInfo function of the gpsinfo.c file of jhead 3.00 may allow a remote attacker to cause a denial-of-service attack or unspecified other impact via a malicious JPEG file, because of inconsistency between float and double in a sprintf format string during TAG_GPS_ALT handling.
Categories: Security News

CVE-2018-17072

National Vulnerability Database - Sat, 09/15/2018 - 22:29
JSON++ through 2016-06-15 has a buffer over-read in yyparse() in json.y.
Categories: Security News

CVE-2018-17073

National Vulnerability Database - Sat, 09/15/2018 - 22:29
wernsey/bitmap before 2018-08-18 allows a NULL pointer dereference via a 4-bit image.
Categories: Security News

CVE-2018-17074

National Vulnerability Database - Sat, 09/15/2018 - 22:29
The Feed Statistics plugin before 4.0 for WordPress has an Open Redirect via the feed-stats-url parameter.
Categories: Security News

CVE-2018-17075

National Vulnerability Database - Sat, 09/15/2018 - 22:29
The html package (aka x/net/html) before 2018-07-13 in Go mishandles "in frameset" insertion mode, leading to a "panic: runtime error" for html.Parse of <template><object>, <template><applet>, or <template><marquee>. This is related to HTMLTreeBuilder.cpp in WebKit.
Categories: Security News

CVE-2018-17069

National Vulnerability Database - Sat, 09/15/2018 - 17:29
An issue was discovered in UNL-CMS 7.59. A CSRF attack can create new content via ?q=node%2Fadd%2Farticle&render=overlay&render=overlay.
Categories: Security News

CVE-2018-17070

National Vulnerability Database - Sat, 09/15/2018 - 17:29
An issue was discovered in UNL-CMS 7.59. A CSRF attack can update the website settings via ?q=admin%2Fconfig%2Fsystem%2Fsite-information&render=overlay&render=overlay.
Categories: Security News

CVE-2018-17063

National Vulnerability Database - Sat, 09/15/2018 - 17:29
An issue was discovered on D-Link DIR-816 A2 1.10 B05 devices. An HTTP request parameter is used in command string construction within the handler function of the /goform/NTPSyncWithHost route. This could lead to command injection via shell metacharacters.
Categories: Security News

CVE-2018-17064

National Vulnerability Database - Sat, 09/15/2018 - 17:29
An issue was discovered on D-Link DIR-816 A2 1.10 B05 devices. An HTTP request parameter is used in command string construction within the handler function of the /goform/sylogapply route. This could lead to command injection via the syslogIp parameter after /goform/clearlog is invoked.
Categories: Security News

CVE-2018-17065

National Vulnerability Database - Sat, 09/15/2018 - 17:29
An issue was discovered on D-Link DIR-816 A2 1.10 B05 devices. Within the handler function of the /goform/DDNS route, a very long password could lead to a stack-based buffer overflow and overwrite the return address.
Categories: Security News

CVE-2018-17066

National Vulnerability Database - Sat, 09/15/2018 - 17:29
An issue was discovered on D-Link DIR-816 A2 1.10 B05 devices. An HTTP request parameter is used in command string construction in the handler function of the /goform/form2systime.cgi route. This could lead to command injection via shell metacharacters in the datetime parameter.
Categories: Security News

CVE-2018-17067

National Vulnerability Database - Sat, 09/15/2018 - 17:29
An issue was discovered on D-Link DIR-816 A2 1.10 B05 devices. A very long password to /goform/formLogin could lead to a stack-based buffer overflow and overwrite the return address.
Categories: Security News

CVE-2018-17068

National Vulnerability Database - Sat, 09/15/2018 - 17:29
An issue was discovered on D-Link DIR-816 A2 1.10 B05 devices. An HTTP request parameter is used in command string construction in the handler function of the /goform/Diagnosis route. This could lead to command injection via shell metacharacters in the sendNum parameter.
Categories: Security News

CVE-2018-17061

National Vulnerability Database - Sat, 09/15/2018 - 15:29
BullGuard Safe Browsing 18.1.355 allows XSS on Google, Bing, and Yahoo! pages via domains indexed in search results.
Categories: Security News

Vuln: WebKit '-webkit-backdrop-filter CSS' Property Denial of Service Vulnerability

SecurityFocus Vulnerabilities - Sat, 09/15/2018 - 00:00
WebKit '-webkit-backdrop-filter CSS' Property Denial of Service Vulnerability
Categories: Security News

CVE-2018-16287

National Vulnerability Database - Fri, 09/14/2018 - 17:29
LG SuperSign CMS allows file upload via signEzUI/playlist/edit/upload/..%2f URIs.
Categories: Security News

Pages