Security News

CVE-2018-12882

National Vulnerability Database - Mon, 06/25/2018 - 23:29
exif_read_from_impl in ext/exif/exif.c in PHP 7.2.x through 7.2.7 allows attackers to trigger a use-after-free (in exif_read_from_file) because it closes a stream that it is not responsible for closing. The vulnerable code is reachable through the PHP exif_read_data function.
Categories: Security News

CVE-2018-12603

National Vulnerability Database - Mon, 06/25/2018 - 16:29
Cross-site request forgery (CSRF) vulnerability in admin.php in LFCMS 3.7.0 allows remote attackers to hijack the authentication of unspecified users for requests that add administrator users via the s parameter, a related issue to CVE-2018-12114.
Categories: Security News

CVE-2018-11587

National Vulnerability Database - Mon, 06/25/2018 - 14:29
There is Remote Code Execution in Centreon 3.4.6 including Centreon Web 2.8.23 via the RPN value in the Virtual Metric form in centreonGraph.class.php.
Categories: Security News

CVE-2018-11588

National Vulnerability Database - Mon, 06/25/2018 - 14:29
Centreon 3.4.6 including Centreon Web 2.8.23 is vulnerable to an authenticated user injecting a payload into the username or command description, resulting in stored XSS. This is related to www/include/core/menu/menu.php and www/include/configuration/configObject/command/formArguments.php.
Categories: Security News

CVE-2018-11589

National Vulnerability Database - Mon, 06/25/2018 - 14:29
Multiple SQL injection vulnerabilities in Centreon 3.4.6 including Centreon Web 2.8.23 allow attacks via the searchU parameter in viewLogs.php, the id parameter in GetXmlHost.php, the chartId parameter in ExportCSVServiceData.php, the searchCurve parameter in listComponentTemplates.php, or the host_id parameter in makeXML_ListMetrics.php.
Categories: Security News

CVE-2018-12735

National Vulnerability Database - Mon, 06/25/2018 - 12:29
SAJ Solar Inverter allows remote attackers to obtain potentially sensitive information via a direct request for the inverter_info.htm or english_main.htm URI.
Categories: Security News

CVE-2017-9312

National Vulnerability Database - Mon, 06/25/2018 - 11:29
Improperly implemented option-field processing in the TCP/IP stack on Allen-Bradley L30ERMS safety devices v30 and earlier causes a denial of service. When a crafted TCP packet is received, the device reboots immediately.
Categories: Security News

CVE-2018-10956

National Vulnerability Database - Mon, 06/25/2018 - 11:29
IPConfigure Orchid Core VMS 2.0.5 allows Directory Traversal.
Categories: Security News

CVE-2018-11039

National Vulnerability Database - Mon, 06/25/2018 - 11:29
Spring Framework (versions 5.0.x prior to 5.0.7, versions 4.3.x prior to 4.3.18, and older unsupported versions) allow web applications to change the HTTP request method to any HTTP method (including TRACE) using the HiddenHttpMethodFilter in Spring MVC. If an application has a pre-existing XSS vulnerability, a malicious user (or attacker) can use this filter to escalate to an XST (Cross Site Tracing) attack.
Categories: Security News

CVE-2018-11040

National Vulnerability Database - Mon, 06/25/2018 - 11:29
Spring Framework, versions 5.0.x prior to 5.0.7 and 4.3.x prior to 4.3.18 and older unsupported versions, allows web applications to enable cross-domain requests via JSONP (JSON with Padding) through AbstractJsonpResponseBodyAdvice for REST controllers and MappingJackson2JsonView for browser requests. Both are not enabled by default in Spring Framework nor Spring Boot, however, when MappingJackson2JsonView is configured in an application, JSONP support is automatically ready to use through the "jsonp" and "callback" JSONP parameters, enabling cross-domain requests.
Categories: Security News

CVE-2018-11041

National Vulnerability Database - Mon, 06/25/2018 - 11:29
Cloud Foundry UAA, versions later than 4.6.0 and prior to 4.19.0 except 4.10.1 and 4.7.5 and uaa-release versions later than v48 and prior to v60 except v55.1 and v52.9, does not validate redirect URL values on a form parameter used for internal UAA redirects on the login page, allowing open redirects. A remote attacker can craft a malicious link that, when clicked, will redirect users to arbitrary websites after a successful login attempt.
Categories: Security News

CVE-2018-11046

National Vulnerability Database - Mon, 06/25/2018 - 11:29
Pivotal Operations Manager, versions 2.1.x prior to 2.1.6 and version 2.0.14, includes NGINX packages that lacks security vulnerability patches. An attacker with access to the NGINX processes and knowledge of how to exploit the unpatched vulnerabilities may be able to impact Operations Manager
Categories: Security News

CVE-2018-12602

National Vulnerability Database - Mon, 06/25/2018 - 11:29
A CSRF vulnerability exists in LFCMS 3.7.0: users can be added arbitrarily.
Categories: Security News

CVE-2018-8755

National Vulnerability Database - Mon, 06/25/2018 - 11:29
NuCom WR644GACV devices before STA006 allow an attacker to download the configuration file without credentials. By downloading this file, an attacker can access the admin password, WPA key, and any config information of the device.
Categories: Security News

Bugtraq: [SECURITY] [DSA 4234-1] lava-server security update

SecurityFocus Vulnerabilities - Mon, 06/25/2018 - 11:20
[SECURITY] [DSA 4234-1] lava-server security update
Categories: Security News

Bugtraq: [SECURITY] [DSA 4233-1] bouncycastle security update

SecurityFocus Vulnerabilities - Mon, 06/25/2018 - 11:20
[SECURITY] [DSA 4233-1] bouncycastle security update
Categories: Security News

CVE-2018-11446

National Vulnerability Database - Mon, 06/25/2018 - 07:29
The buy function of a smart contract implementation for Gold Reward (GRX), an Ethereum ERC20 token, allows a potential trap that could be used to cause financial damage to the buyer because of overflow of the multiplication of its argument amount and a manipulable variable buyPrice, aka the "tradeTrap" issue.
Categories: Security News

CVE-2018-12062

National Vulnerability Database - Mon, 06/25/2018 - 07:29
The sell function of a smart contract implementation for SwftCoin (SWFTC), a tradable Ethereum ERC20 token, allows a potential trap that could be used to cause financial damage to the seller, because of overflow of the multiplication of its argument amount and a manipulable variable sellPrice, aka the "tradeTrap" issue.
Categories: Security News

CVE-2018-12063

National Vulnerability Database - Mon, 06/25/2018 - 07:29
The sell function of a smart contract implementation for Internet Node Token (INT), a tradable Ethereum ERC20 token, allows a potential trap that could be used to cause financial damage to the seller, because of overflow of the multiplication of its argument amount and a manipulable variable sellPrice, aka the "tradeTrap" issue.
Categories: Security News

CVE-2018-12067

National Vulnerability Database - Mon, 06/25/2018 - 07:29
The sell function of a smart contract implementation for Substratum (SUB), a tradable Ethereum ERC20 token, allows a potential trap that could be used to cause financial damage to the seller, because of overflow of the multiplication of its argument amount and a manipulable variable sellPrice, aka the "tradeTrap" issue.
Categories: Security News

Pages