Security News

CVE-2018-18707

National Vulnerability Database - Mon, 10/29/2018 - 08:29
An issue was discovered on Tenda AC7 V15.03.06.44_CN, AC9 V15.03.05.19(6318)_CN, AC10 V15.03.06.23_CN, AC15 V15.03.05.19_CN, and AC18 V15.03.05.19(6318)_CN devices. It is a buffer overflow vulnerability in the router's web server -- httpd. When processing the "ssid" parameter for a post request, the value is directly used in a strcpy to a local variable placed on the stack, which overrides the return address of the function.
Categories: Security News

CVE-2018-18708

National Vulnerability Database - Mon, 10/29/2018 - 08:29
An issue was discovered on Tenda AC7 V15.03.06.44_CN, AC9 V15.03.05.19(6318)_CN, AC10 V15.03.06.23_CN, AC15 V15.03.05.19_CN, and AC18 V15.03.05.19(6318)_CN devices. It is a buffer overflow vulnerability in the router's web server -- httpd. When processing the "page" parameter of the function "fromAddressNat" for a post request, the value is directly used in a sprintf to a local variable placed on the stack, which overrides the return address of the function.
Categories: Security News

CVE-2018-18709

National Vulnerability Database - Mon, 10/29/2018 - 08:29
An issue was discovered on Tenda AC7 V15.03.06.44_CN, AC9 V15.03.05.19(6318)_CN, AC10 V15.03.06.23_CN, AC15 V15.03.05.19_CN, and AC18 V15.03.05.19(6318)_CN devices. It is a buffer overflow vulnerability in the router's web server -- httpd. When processing the "firewallEn" parameter for a post request, the value is directly used in a strcpy to a local variable placed on the stack, which overrides the return address of the function.
Categories: Security News

CVE-2018-18710

National Vulnerability Database - Mon, 10/29/2018 - 08:29
An issue was discovered in the Linux kernel through 4.19. An information leak in cdrom_ioctl_select_disc in drivers/cdrom/cdrom.c could be used by local attackers to read kernel memory because a cast from unsigned long to int interferes with bounds checking. This is similar to CVE-2018-10940 and CVE-2018-16658.
Categories: Security News

CVE-2018-18711

National Vulnerability Database - Mon, 10/29/2018 - 08:29
An issue was discovered in WUZHI CMS 4.1.0. There is a CSRF vulnerability that can change the super administrator's password via index.php?m=core&f=panel&v=edit_info.
Categories: Security News

CVE-2018-18694

National Vulnerability Database - Mon, 10/29/2018 - 08:29
admin/index.php?id=filesmanager in Monstra CMS 3.0.4 allows remote authenticated administrators to trigger stored XSS via JavaScript content in a file whose name lacks an extension. Such a file is interpreted as text/html in certain cases.
Categories: Security News

CVE-2018-18699

National Vulnerability Database - Mon, 10/29/2018 - 08:29
An issue was discovered in GoPro gpmf-parser 1.2.1. There is an out-of-bounds write in OpenMP4Source in GPMF_mp4reader.c.
Categories: Security News

CVE-2018-18700

National Vulnerability Database - Mon, 10/29/2018 - 08:29
An issue was discovered in cp-demangle.c in GNU libiberty, as distributed in GNU Binutils 2.31. There is a stack consumption vulnerability resulting from infinite recursion in the functions d_name(), d_encoding(), and d_local_name() in cp-demangle.c. Remote attackers could leverage this vulnerability to cause a denial-of-service via an ELF file, as demonstrated by nm.
Categories: Security News

CVE-2018-18701

National Vulnerability Database - Mon, 10/29/2018 - 08:29
An issue was discovered in cp-demangle.c in GNU libiberty, as distributed in GNU Binutils 2.31. There is a stack consumption vulnerability resulting from infinite recursion in the functions next_is_type_qual() and cplus_demangle_type() in cp-demangle.c. Remote attackers could leverage this vulnerability to cause a denial-of-service via an ELF file, as demonstrated by nm.
Categories: Security News

CVE-2018-18702

National Vulnerability Database - Mon, 10/29/2018 - 08:29
spider.admincp.php in iCMS v7.0.11 allows SQL injection via admincp.php?app=spider&do=import_rule because the upfile content is base64 decoded, deserialized, and used for database insertion.
Categories: Security News

CVE-2016-10732

National Vulnerability Database - Mon, 10/29/2018 - 08:29
ProjectSend (formerly cFTP) r582 allows authentication bypass via a direct request for users.php, home.php, edit-file.php?file_id=1, or process-zip-download.php, or add_user_form_* parameters to users-add.php.
Categories: Security News

CVE-2016-10733

National Vulnerability Database - Mon, 10/29/2018 - 08:29
ProjectSend (formerly cFTP) r582 allows directory traversal via file=../ in the process-zip-download.php query string.
Categories: Security News

CVE-2016-10734

National Vulnerability Database - Mon, 10/29/2018 - 08:29
ProjectSend (formerly cFTP) r582 allows Insecure Direct Object Reference via includes/actions.log.export.php.
Categories: Security News

CVE-2016-10731

National Vulnerability Database - Mon, 10/29/2018 - 08:29
ProjectSend (formerly cFTP) r582 allows SQL injection via manage-files.php with the request parameter status, manage-files.php with the request parameter files, clients.php with the request parameter selected_clients, clients.php with the request parameter status, process-zip-download.php with the request parameter file, or home-log.php with the request parameter action.
Categories: Security News

Vuln: Apache 'mod_perl' CVE-2011-2767 Arbitrary Code Execution Vulnerability

SecurityFocus Vulnerabilities - Mon, 10/29/2018 - 00:00
Apache 'mod_perl' CVE-2011-2767 Arbitrary Code Execution Vulnerability
Categories: Security News

Vuln: Mozilla Firefox and Firefox ESR Multiple Security Vulnerabilities

SecurityFocus Vulnerabilities - Mon, 10/29/2018 - 00:00
Mozilla Firefox and Firefox ESR Multiple Security Vulnerabilities
Categories: Security News

Vuln: Mozilla Firefox ESR CVE-2018-12389 Multiple Memory Corruption Vulnerabilities

SecurityFocus Vulnerabilities - Mon, 10/29/2018 - 00:00
Mozilla Firefox ESR CVE-2018-12389 Multiple Memory Corruption Vulnerabilities
Categories: Security News

Vuln: Linux Kernel 'mm/vmacache.c' Local Privilege Escalation Vulnerability

SecurityFocus Vulnerabilities - Mon, 10/29/2018 - 00:00
Linux Kernel 'mm/vmacache.c' Local Privilege Escalation Vulnerability
Categories: Security News

Pages