Security News

CVE-2018-14504

National Vulnerability Database - Fri, 08/03/2018 - 14:29
An issue was discovered in manage_filter_edit_page.php in MantisBT 2.x through 2.15.0. A cross-site scripting (XSS) vulnerability in the Edit Filter page allows execution of arbitrary code (if CSP settings permit it) when displaying a filter with a crafted name (e.g., 'foobar" onclick="alert(1)').
Categories: Security News

CVE-2018-14576

National Vulnerability Database - Fri, 08/03/2018 - 14:29
The mintToken function of a smart contract implementation for SunContract, an Ethereum token, has an integer overflow via the _amount variable.
Categories: Security News

CVE-2018-14715

National Vulnerability Database - Fri, 08/03/2018 - 14:29
The endCoinFlip function and throwSlammer function of the smart contract implementations for Cryptogs, an Ethereum game, generate random numbers with an old block's hash. Therefore, attackers can predict the random number and always win the game.
Categories: Security News

CVE-2018-14728

National Vulnerability Database - Fri, 08/03/2018 - 14:29
upload.php in Responsive FileManager 9.13.1 allows SSRF via the url parameter.
Categories: Security News

CVE-2018-14904

National Vulnerability Database - Fri, 08/03/2018 - 14:29
Samsung Syncthru Web Service V4.05.61 is vulnerable to Multiple unauthenticated XSS attacks on several parameters, as demonstrated by ruiFw_pid.
Categories: Security News

CVE-2018-14905

National Vulnerability Database - Fri, 08/03/2018 - 14:29
The Web server in 3CX version 15.5.8801.3 is vulnerable to Reflected XSS on the api/CallLog TimeZoneName parameter.
Categories: Security News

CVE-2018-14906

National Vulnerability Database - Fri, 08/03/2018 - 14:29
The Web server in 3CX version 15.5.8801.3 is vulnerable to Reflected XSS on all stack traces' propertyPath parameters.
Categories: Security News

CVE-2018-14907

National Vulnerability Database - Fri, 08/03/2018 - 14:29
The Web server in 3CX version 15.5.8801.3 is vulnerable to Information Leakage, because of improper error handling in Stack traces, as demonstrated by discovering a full pathname.
Categories: Security News

CVE-2018-14908

National Vulnerability Database - Fri, 08/03/2018 - 14:29
Samsung Syncthru Web Service V4.05.61 is vulnerable to CSRF on every request, as demonstrated by sws.application/printinformation/printReportSetupView.sws for a "Print emails sent" action.
Categories: Security News

CVE-2018-7748

National Vulnerability Database - Fri, 08/03/2018 - 14:29
report_viewer.do in ServiceNow Release Jakarta Patch 8 and earlier allows remote attackers to execute arbitrary code via '${xyz}' Glide Scripting Injection in the sysparm_media parameter.
Categories: Security News

Bugtraq: [slackware-security] lftp (SSA:2018-214-01)

SecurityFocus Vulnerabilities - Fri, 08/03/2018 - 14:20
[slackware-security] lftp (SSA:2018-214-01)
Categories: Security News

Bugtraq: [SECURITY] [DSA 4260-1] libmspack security update

SecurityFocus Vulnerabilities - Fri, 08/03/2018 - 14:20
[SECURITY] [DSA 4260-1] libmspack security update
Categories: Security News

CVE-2018-13416

National Vulnerability Database - Fri, 08/03/2018 - 13:29
In Universal Media Server (UMS) 7.1.0, the XML parsing engine for SSDP/UPnP functionality is vulnerable to an XML External Entity Processing (XXE) attack. Remote, unauthenticated attackers can use this vulnerability to: (1) Access arbitrary files from the filesystem with the same permission as the user account running UMS, (2) Initiate SMB connections to capture a NetNTLM challenge/response and crack to cleartext password, or (3) Initiate SMB connections to relay a NetNTLM challenge/response and achieve Remote Command Execution in Windows domains.
Categories: Security News

CVE-2018-14574

National Vulnerability Database - Fri, 08/03/2018 - 13:29
django.middleware.common.CommonMiddleware in Django 1.11.x before 1.11.15 and 2.0.x before 2.0.8 has an Open Redirect.
Categories: Security News

CVE-2018-14773

National Vulnerability Database - Fri, 08/03/2018 - 13:29
An issue was discovered in Http Foundation in Symfony 2.7.0 through 2.7.48, 2.8.0 through 2.8.43, 3.3.0 through 3.3.17, 3.4.0 through 3.4.13, 4.0.0 through 4.0.13, and 4.1.0 through 4.1.2. It arises from support for a (legacy) IIS header that lets users override the path in the request URL via the X-Original-URL or X-Rewrite-URL HTTP request header. These headers are designed for IIS support, but it's not verified that the server is in fact running IIS, which means anybody who can send these requests to an application can trigger this. This affects \Symfony\Component\HttpFoundation\Request::prepareRequestUri() where X-Original-URL and X_REWRITE_URL are both used. The fix drops support for these methods so that they cannot be used as attack vectors such as web cache poisoning.
Categories: Security News

CVE-2018-14774

National Vulnerability Database - Fri, 08/03/2018 - 13:29
An issue was discovered in HttpKernel in Symfony 2.7.0 through 2.7.48, 2.8.0 through 2.8.43, 3.3.0 through 3.3.17, 3.4.0 through 3.4.13, 4.0.0 through 4.0.13, and 4.1.0 through 4.1.2. When using HttpCache, the values of the X-Forwarded-Host headers are implicitly set as trusted while this should be forbidden, leading to potential host header injection.
Categories: Security News

CVE-2017-8316

National Vulnerability Database - Fri, 08/03/2018 - 11:29
IntelliJ IDEA XML parser was found vulnerable to XML External Entity attack, an attacker can exploit the vulnerability by implementing malicious code on both Androidmanifest.xml.
Categories: Security News

CVE-2018-1524

National Vulnerability Database - Fri, 08/03/2018 - 11:29
IBM Maximo Asset Management 7.6 through 7.6.3 installs with a default administator account that a remote intruder could use to gain administrator access to the system. This vulnerability is due to an incomplete fix for CVE-2015-4966. IBM X-Force ID: 142116.
Categories: Security News

CVE-2018-6590

National Vulnerability Database - Fri, 08/03/2018 - 10:29
CA API Developer Portal 4.x, prior to v4.2.5.3 and v4.2.7.1, has an unspecified reflected cross-site scripting vulnerability.
Categories: Security News

CVE-2018-14883

National Vulnerability Database - Fri, 08/03/2018 - 09:29
An issue was discovered in PHP before 5.6.37, 7.0.x before 7.0.31, 7.1.x before 7.1.20, and 7.2.x before 7.2.8. An Integer Overflow leads to a heap-based buffer over-read in exif_thumbnail_extract of exif.c.
Categories: Security News

Pages