Security News

CVE-2018-14884

National Vulnerability Database - Fri, 08/03/2018 - 09:29
An issue was discovered in PHP 7.0.x before 7.0.27, 7.1.x before 7.1.13, and 7.2.x before 7.2.1. Inappropriately parsing an HTTP response leads to a segmentation fault because http_header_value in ext/standard/http_fopen_wrapper.c can be a NULL value that is mishandled in an atoi call.
Categories: Security News

CVE-2018-5489

National Vulnerability Database - Fri, 08/03/2018 - 09:29
NetApp 7-Mode Transition Tool allows users with valid credentials to access functions and information which may have been intended to be restricted to administrators or privileged users. 7MTT versions below 2.0 do not enforce user authorization rules on file information and status that it has previously collected. The released version of 7MTT has been updated to maintain and verify authorization rules for file information, status and utilities.
Categories: Security News

Vuln: Apache OpenWhisk CVE-2018-11757 Serverless Function Remote Code Execution Vulnerability

SecurityFocus Vulnerabilities - Fri, 08/03/2018 - 00:00
Apache OpenWhisk CVE-2018-11757 Serverless Function Remote Code Execution Vulnerability
Categories: Security News

Vuln: Apache OpenWhisk CVE-2018-11756 Remote Code Execution Vulnerability

SecurityFocus Vulnerabilities - Fri, 08/03/2018 - 00:00
Apache OpenWhisk CVE-2018-11756 Remote Code Execution Vulnerability
Categories: Security News

Vuln: SuSE openSUSE Build Service CVE-2018-12466 Security Bypass Vulnerability

SecurityFocus Vulnerabilities - Fri, 08/03/2018 - 00:00
SuSE openSUSE Build Service CVE-2018-12466 Security Bypass Vulnerability
Categories: Security News

CVE-2018-14872

National Vulnerability Database - Thu, 08/02/2018 - 20:29
An issue was discovered in Rincewind 0.1. A reinstall vulnerability exists because the parameter p of index.php and another file named commonPages.php allows an attacker to reinstall the product, with all data reset.
Categories: Security News

CVE-2018-14873

National Vulnerability Database - Thu, 08/02/2018 - 20:29
An issue was discovered in Rincewind 0.1. There is a cross-site scripting (XSS) vulnerability involving a p=account request to index.php and another file named commonPages.php.
Categories: Security News

CVE-2018-14876

National Vulnerability Database - Thu, 08/02/2018 - 20:29
An issue was discovered in image_save_png in image/image-png.cpp in Free Lossless Image Format (FLIF) 0.3. Attackers can trigger a longjmp that leads to an uninitialized stack frame after a libpng error concerning the IHDR image width.
Categories: Security News

CVE-2018-14877

National Vulnerability Database - Thu, 08/02/2018 - 20:29
An issue was discovered in WeaselCMS v0.3.5. XSS exists via Site Language, Site Title, Site Description, and Site Keywords on the SETTINGS page.
Categories: Security News

CVE-2017-6213

National Vulnerability Database - Thu, 08/02/2018 - 17:29
paypal/invoice-sdk-php is vulnerable to reflected XSS in samples/permissions.php via the permToken parameter, resulting in code execution.
Categories: Security News

CVE-2017-6215

National Vulnerability Database - Thu, 08/02/2018 - 17:29
paypal/permissions-sdk-php is vulnerable to reflected XSS in the samples/GetAccessToken.php verification_code parameter, resulting in code execution.
Categories: Security News

CVE-2018-14858

National Vulnerability Database - Thu, 08/02/2018 - 16:29
An SSRF vulnerability was discovered in idreamsoft iCMS before V7.0.11 because the remote function in app/spider/spider_tools.class.php does not block private and reserved IP addresses such as 10.0.0.0/8. NOTE: this vulnerability exists because of an incomplete fix for CVE-2018-14514.
Categories: Security News

CVE-2017-14444

National Vulnerability Database - Thu, 08/02/2018 - 15:29
An exploitable buffer overflow vulnerability exists in Insteon Hub running firmware version 1012. The HTTP server implementation incorrectly handles the URL parameter during a firmware update request, leading to a buffer overflow on a global section. An attacker can send an HTTP GET request to trigger this vulnerability.
Categories: Security News

CVE-2017-14445

National Vulnerability Database - Thu, 08/02/2018 - 15:29
An exploitable buffer overflow vulnerability exists in Insteon Hub running firmware version 1012. The HTTP server implementation incorrectly handles the host parameter during a firmware update request, leading to a buffer overflow on a global section. An attacker can send an HTTP GET request to trigger this vulnerability.
Categories: Security News

CVE-2017-14446

National Vulnerability Database - Thu, 08/02/2018 - 15:29
An exploitable stack-based buffer overflow vulnerability exists in Insteon Hub running firmware version 1012. The HTTP server implementation unsafely extracts parameters from the query string, leading to a buffer overflow on the stack. An attacker can send an HTTP GET request to trigger this vulnerability.
Categories: Security News

CVE-2017-16338

National Vulnerability Database - Thu, 08/02/2018 - 15:29
An attacker could send an authenticated HTTP request to trigger this vulnerability in Insteon Hub running firmware version 1012. At 0x9d01bad0 the value for the host key is copied using strcpy to the buffer at 0xa00016e0. This buffer is 32 bytes large, sending anything longer will cause a buffer overflow.
Categories: Security News

CVE-2017-16339

National Vulnerability Database - Thu, 08/02/2018 - 15:29
An attacker could send an authenticated HTTP request to trigger this vulnerability in Insteon Hub running firmware version 1012. At 0x9d01bb1c the value for the uri key is copied using strcpy to the buffer at 0xa00016a0. This buffer is 64 bytes large, sending anything longer will cause a buffer overflow.
Categories: Security News

CVE-2017-16340

National Vulnerability Database - Thu, 08/02/2018 - 15:29
An attacker could send an authenticated HTTP request to trigger this vulnerability in Insteon Hub running firmware version 1012. At 0x9d01c0e8 the value for the s_dport key is copied using strcpy to the buffer at 0xa000180c. This buffer is 6 bytes large, sending anything longer will cause a buffer overflow.
Categories: Security News

CVE-2017-16341

National Vulnerability Database - Thu, 08/02/2018 - 15:29
An attacker could send an authenticated HTTP request to trigger this vulnerability in Insteon Hub running firmware version 1012. At 0x9d01c224 the value for the s_vol_play key is copied using strcpy to the buffer at 0xa0000418. This buffer is maximum 8 bytes large (this is the maximum size it could be, it is possible other global variables are stored between this variable and the next one that we could identify), sending anything longer will cause a buffer overflow.
Categories: Security News

CVE-2017-16342

National Vulnerability Database - Thu, 08/02/2018 - 15:29
An attacker could send an authenticated HTTP request to trigger this vulnerability in Insteon Hub running firmware version 1012. At 0x9d01c254 the value for the s_vol_dim_delta key is copied using strcpy to the buffer at 0xa0000514. This buffer is 4 bytes large, sending anything longer will cause a buffer overflow.
Categories: Security News

Pages