Security News

CVE-2017-16898

National Vulnerability Database - Mon, 11/20/2017 - 12:29
The printMP3Headers function in util/listmp3.c in libming v0.4.8 or earlier is vulnerable to a global buffer overflow, which may allow attackers to cause a denial of service via a crafted file, a different vulnerability than CVE-2016-9264.
Categories: Security News

CVE-2017-9806

National Vulnerability Database - Mon, 11/20/2017 - 12:29
A vulnerability in the OpenOffice Writer DOC file parser before 4.1.4, and specifically in the WW8Fonts Constructor, allows attackers to craft malicious documents that cause denial of service (memory corruption and application crash) potentially resulting in arbitrary code execution.
Categories: Security News

CVE-2017-16896

National Vulnerability Database - Mon, 11/20/2017 - 11:29
A SQL injection in classes/handler/public.php in the forgotpass component of Tiny Tiny RSS 17.4 exists via the login parameter.
Categories: Security News

CVE-2016-6804

National Vulnerability Database - Mon, 11/20/2017 - 10:29
The Apache OpenOffice installer (versions prior to 4.1.3, including some branded as OpenOffice.org) for Windows contains a defective operation that allows execution of arbitrary code with elevated privileges. This requires that the location in which the installer is run has been previously poisoned by a file that impersonates a dynamic-link library that the installer depends upon.
Categories: Security News

CVE-2017-11400

National Vulnerability Database - Mon, 11/20/2017 - 10:29
An issue has been discovered on the Belden Hirschmann Tofino Xenon Security Appliance before 03.2.00. An incomplete firmware signature allows a local attacker to upgrade the equipment (kernel, file system) with unsigned, attacker-controlled, data. This occurs because the appliance_config file is signed but the .tar.sec file is unsigned.
Categories: Security News

CVE-2017-11401

National Vulnerability Database - Mon, 11/20/2017 - 10:29
An issue has been discovered on the Belden Hirschmann Tofino Xenon Security Appliance before 03.2.00. Improper handling of the mbap.length field of ModBus packets in the ModBus DPI filter allows an attacker to send malformed/crafted packets to a protected asset, bypassing function code filtering.
Categories: Security News

CVE-2017-11402

National Vulnerability Database - Mon, 11/20/2017 - 10:29
An issue has been discovered on the Belden Hirschmann Tofino Xenon Security Appliance before 03.2.00. Design flaws in OPC classic and in custom netfilter modules allow an attacker to remotely activate rules on the firewall and to connect to any TCP port of a protected asset, thus bypassing the firewall. The attack methodology is a crafted OPC dynamic port shift.
Categories: Security News

CVE-2017-16544

National Vulnerability Database - Mon, 11/20/2017 - 10:29
In the add_match function in libbb/lineedit.c in BusyBox through 1.27.2, the tab autocomplete feature of the shell, used to get a list of filenames in a directory, does not sanitize filenames and results in executing any escape sequence in the terminal. This could potentially result in code execution, arbitrary file writes, or other attacks.
Categories: Security News

CVE-2017-15110

National Vulnerability Database - Mon, 11/20/2017 - 09:29
In Moodle 3.x, students can find out email addresses of other students in the same course. Using search on the Participants page, students could search email addresses of all participants regardless of email visibility. This allows enumerating and guessing emails of other students.
Categories: Security News

Vuln: Google Android NVIDIA Components CVE-2017-6264 Privilege Escalation Vulnerability

SecurityFocus Vulnerabilities - Mon, 11/20/2017 - 00:00
Google Android NVIDIA Components CVE-2017-6264 Privilege Escalation Vulnerability
Categories: Security News

CVE-2017-16894

National Vulnerability Database - Sun, 11/19/2017 - 20:29
In Laravel framework through 5.5.21, remote attackers can obtain sensitive information (such as externally usable passwords) via a direct request for the /.env URI. The writeNewEnvironmentFileWith function in src/Illuminate/Foundation/Console/KeyGenerateCommand.php does not restrict the .env permissions.
Categories: Security News

CVE-2017-16892

National Vulnerability Database - Sun, 11/19/2017 - 12:29
In Bftpd before 4.7, there is a memory leak in the file rename function.
Categories: Security News

CVE-2017-16882

National Vulnerability Database - Sat, 11/18/2017 - 13:29
Icinga Core through 1.14.0 initially executes bin/icinga as root but supports configuration options in which this file is owned by a non-root account (and similarly can have etc/icinga.cfg owned by a non-root account), which allows local users to gain privileges by leveraging access to this non-root account, a related issue to CVE-2017-14312. This also affects bin/icingastats, bin/ido2db, and bin/log2ido.
Categories: Security News

CVE-2017-16883

National Vulnerability Database - Sat, 11/18/2017 - 13:29
The outputSWF_TEXT_RECORD function in util/outputscript.c in libming <= 0.4.8 is vulnerable to a NULL pointer dereference, which may allow attackers to cause a denial of service via a crafted swf file.
Categories: Security News

CVE-2017-16881

National Vulnerability Database - Sat, 11/18/2017 - 08:29
b3log Symphony (aka Sym) 2.2.0 does not properly address XSS in JSON objects, as demonstrated by a crafted userAvatarURL value to /settings/avatar, related to processor/AdminProcessor.java, processor/ArticleProcessor.java, processor/UserProcessor.java, service/ArticleQueryService.java, service/AvatarQueryService.java, and service/CommentQueryService.java.
Categories: Security News

Vuln: Node.js CVE-2017-14919 Denial of Service Vulnerability

SecurityFocus Vulnerabilities - Sat, 11/18/2017 - 00:00
Node.js CVE-2017-14919 Denial of Service Vulnerability
Categories: Security News

Vuln: Libav CVE-2017-16803 Denial of Service Vulnerability

SecurityFocus Vulnerabilities - Sat, 11/18/2017 - 00:00
Libav CVE-2017-16803 Denial of Service Vulnerability
Categories: Security News

Vuln: Multiple TIBCO Products CVE-2017-5533 Information Disclosure Vulnerability

SecurityFocus Vulnerabilities - Sat, 11/18/2017 - 00:00
Multiple TIBCO Products CVE-2017-5533 Information Disclosure Vulnerability
Categories: Security News

Vuln: IBM Jazz Reporting Service CVE-2017-1340 Information Disclosure Vulnerability

SecurityFocus Vulnerabilities - Sat, 11/18/2017 - 00:00
IBM Jazz Reporting Service CVE-2017-1340 Information Disclosure Vulnerability
Categories: Security News

CVE-2017-14077

National Vulnerability Database - Fri, 11/17/2017 - 20:29
HTML Injection in Securimage 3.6.4 and earlier allows remote attackers to inject arbitrary HTML into an e-mail message body via the $_SERVER['HTTP_USER_AGENT'] parameter to example_form.ajax.php or example_form.php.
Categories: Security News

Pages