Security News

CVE-2018-11567

National Vulnerability Database - Wed, 05/30/2018 - 18:29
Prior to 2018-04-27, the reprompt feature in Amazon Echo devices could be misused by a custom Alexa skill. The reprompt feature is designed so that if Alexa does not receive an input within 8 seconds, the device can speak a reprompt, then wait an additional 8 seconds for input; if the user still does not respond, the microphone is then turned off. The vulnerability involves empty output-speech reprompts, custom wildcard ("gibberish") input slots, and logging of detected speech. If a maliciously designed skill is installed, an attacker could obtain transcripts of speech not intended for Alexa to process, but simply spoken within the device's hearing range.
Categories: Security News

CVE-2018-11568

National Vulnerability Database - Wed, 05/30/2018 - 18:29
Reflected XSS is possible in the GamePlan theme through 1.5.13.2 for WordPress because of insufficient input sanitization, as demonstrated by the s parameter. In some (but not all) cases, the '<' and '>' characters have &lt; and &gt; representations.
Categories: Security News

CVE-2015-7610

National Vulnerability Database - Wed, 05/30/2018 - 17:29
Cross-site request forgery (CSRF) vulnerability in the login form in Zimbra Collaboration Suite (aka ZCS) before 8.6.0 Patch 10, 8.7.x before 8.7.11 Patch 2, and 8.8.x before 8.8.8 Patch 1 allows remote attackers to hijack the authentication of unspecified victims by leveraging failure to use a CSRF token.
Categories: Security News

CVE-2018-10196

National Vulnerability Database - Wed, 05/30/2018 - 17:29
NULL pointer dereference vulnerability in the rebuild_vlists function in lib/dotgen/conc.c in the dotgen library in Graphviz 2.40.1 allows remote attackers to cause a denial of service (application crash) via a crafted file.
Categories: Security News

CVE-2018-10939

National Vulnerability Database - Wed, 05/30/2018 - 17:29
Zimbra Web Client (ZWC) in Zimbra Collaboration Suite 8.8 before 8.8.8.Patch4 and 8.7 before 8.7.11.Patch4 has Persistent XSS via a contact group.
Categories: Security News

CVE-2018-11476

National Vulnerability Database - Wed, 05/30/2018 - 17:29
An issue was discovered on Vgate iCar 2 Wi-Fi OBD2 Dongle devices. The dongle opens an unprotected wireless LAN that cannot be configured with encryption or a password. This enables anyone within the range of the WLAN to connect to the network without authentication.
Categories: Security News

CVE-2018-11477

National Vulnerability Database - Wed, 05/30/2018 - 17:29
An issue was discovered on Vgate iCar 2 Wi-Fi OBD2 Dongle devices. The data packets that are sent between the iOS or Android application and the OBD dongle are not encrypted. The combination of this vulnerability with the lack of wireless network protection exposes all transferred car data to the public.
Categories: Security News

CVE-2018-11478

National Vulnerability Database - Wed, 05/30/2018 - 17:29
An issue was discovered on Vgate iCar 2 Wi-Fi OBD2 Dongle devices. The OBD port is used to receive measurement data and debug information from the car. This on-board diagnostics feature can also be used to send commands to the car (different for every vendor / car product line / car). No authentication is needed, which allows attacks from the local Wi-Fi network.
Categories: Security News

CVE-2018-11481

National Vulnerability Database - Wed, 05/30/2018 - 17:29
TP-LINK IPC TL-IPC223(P)-6, TL-IPC323K-D, TL-IPC325(KP)-*, and TL-IPC40A-4 devices allow authenticated remote code execution via crafted JSON data because /usr/lib/lua/luci/torchlight/validator.lua does not block various punctuation characters.
Categories: Security News

CVE-2018-11482

National Vulnerability Database - Wed, 05/30/2018 - 17:29
/usr/lib/lua/luci/websys.lua on TP-LINK IPC TL-IPC223(P)-6, TL-IPC323K-D, TL-IPC325(KP)-*, and TL-IPC40A-4 devices has a hardcoded zMiVw8Kw0oxKXL0 password.
Categories: Security News

CVE-2018-11565

National Vulnerability Database - Wed, 05/30/2018 - 17:29
Mahara 17.04 before 17.04.8 and 17.10 before 17.10.5 and 18.04 before 18.04.1 are vulnerable to mentioning the usernames that are already taken by people registered in the system rather than masking that information.
Categories: Security News

CVE-2018-7534

National Vulnerability Database - Wed, 05/30/2018 - 17:29
In Stealth Authorization Server before 3.3.017.0 in Unisys Stealth Solution, an encryption key may be left in memory.
Categories: Security News

CVE-2018-10995

National Vulnerability Database - Wed, 05/30/2018 - 16:29
SchedMD Slurm before 17.02.11 and 17.1x.x before 17.11.7 mishandles user names (aka user_name fields) and group ids (aka gid fields).
Categories: Security News

CVE-2018-11518

National Vulnerability Database - Wed, 05/30/2018 - 16:29
A vulnerability allows a phreaking attack on HCL legacy IVR systems that do not use VoIP. These IVR systems rely on various frequencies of audio signals; based on the frequency, certain commands and functions are processed. Since these frequencies are accepted within a phone call, an attacker can record these frequencies and use them for service activations. This is a request-forgery issue when the required series of DTMF signals for a service activation is predictable (e.g., the IVR system does not speak a nonce to the caller). In this case, the IVR system accepts an activation request from a less-secure channel (any loudspeaker in the caller's physical environment) without verifying that the request was intended (it matches a nonce sent over a more-secure channel to the caller's earpiece).
Categories: Security News

CVE-2018-11562

National Vulnerability Database - Wed, 05/30/2018 - 16:29
An issue was discovered in MISP 2.4.91. A vulnerability in app/View/Elements/eventattribute.ctp allows reflected XSS if a user clicks on a malicious link for an event view and then clicks on the deleted attributes quick filter.
Categories: Security News

CVE-2018-11432

National Vulnerability Database - Wed, 05/30/2018 - 09:29
The mobi_parse_mobiheader function in read.c in Libmobi 0.3 allows remote attackers to cause information disclosure (heap-based buffer over-read) via a crafted mobi file.
Categories: Security News

CVE-2018-11433

National Vulnerability Database - Wed, 05/30/2018 - 09:29
The mobi_get_kf8boundary_seqnumber function in util.c in Libmobi 0.3 allows remote attackers to cause information disclosure (heap-based buffer over-read) via a crafted mobi file.
Categories: Security News

CVE-2018-11434

National Vulnerability Database - Wed, 05/30/2018 - 09:29
The buffer_fill64 function in compression.c in Libmobi 0.3 allows remote attackers to cause information disclosure (heap-based buffer over-read) via a crafted mobi file.
Categories: Security News

CVE-2018-11435

National Vulnerability Database - Wed, 05/30/2018 - 09:29
The mobi_decompress_huffman_internal function in compression.c in Libmobi 0.3 allows remote attackers to cause information disclosure (read access violation) via a crafted mobi file.
Categories: Security News

CVE-2018-11436

National Vulnerability Database - Wed, 05/30/2018 - 09:29
The buffer_addraw function in buffer.c in Libmobi 0.3 allows remote attackers to cause information disclosure (heap-based buffer over-read) via a crafted mobi file.
Categories: Security News

Pages