Security News

CVE-2018-11496

National Vulnerability Database - Sat, 05/26/2018 - 16:29
In Long Range Zip (aka lrzip) 0.631, there is a use-after-free in read_stream in stream.c, because decompress_file in lrzip.c lacks certain size validation.
Categories: Security News

CVE-2018-11498

National Vulnerability Database - Sat, 05/26/2018 - 16:29
In Lizard v1.0 and LZ5 v2.0 (the prior release, before the product was renamed), there is an unchecked buffer size during a memcpy in the Lizard_decompress_LIZv1 function (lib/lizard_decompress_liz.h). Remote attackers can leverage this vulnerability to cause a denial of service via a crafted input file, as well as achieve remote code execution.
Categories: Security News

CVE-2018-11499

National Vulnerability Database - Sat, 05/26/2018 - 16:29
A use-after-free vulnerability exists in handle_error() in sass_context.cpp in LibSass 3.4.x and 3.5.x through 3.5.4 that could be leveraged to cause a denial of service (application crash) or possibly unspecified other impact.
Categories: Security News

CVE-2018-11489

National Vulnerability Database - Sat, 05/26/2018 - 14:29
The DGifDecompressLine function in dgif_lib.c in GIFLIB (possibly version 3.0.x), as later shipped in cgif.c in sam2p 0.49.4, has a heap-based buffer overflow because a certain CrntCode array index is not checked. This will lead to a denial of service or possibly unspecified other impact.
Categories: Security News

CVE-2018-11490

National Vulnerability Database - Sat, 05/26/2018 - 14:29
The DGifDecompressLine function in dgif_lib.c in GIFLIB (possibly version 3.0.x), as later shipped in cgif.c in sam2p 0.49.4, has a heap-based buffer overflow because a certain "Private->RunningCode - 2" array index is not checked. This will lead to a denial of service or possibly unspecified other impact.
Categories: Security News

CVE-2018-11493

National Vulnerability Database - Sat, 05/26/2018 - 14:29
An issue was discovered in WUZHI CMS 4.1.0. There is a CSRF vulnerability that can add a friendship link via index.php?m=link&f=index&v=add.
Categories: Security News

CVE-2018-11487

National Vulnerability Database - Sat, 05/26/2018 - 11:29
PHPMyWind 5.5 has XSS via the cid parameter to newsshow.php, or the query string to news.php or about.php.
Categories: Security News

CVE-2018-11471

National Vulnerability Database - Fri, 05/25/2018 - 15:29
Cockpit 0.5.5 has XSS via a collection, form, or region.
Categories: Security News

CVE-2018-11472

National Vulnerability Database - Fri, 05/25/2018 - 15:29
Monstra CMS 3.0.4 has Reflected XSS during Login (i.e., the login parameter to admin/index.php).
Categories: Security News

CVE-2018-11473

National Vulnerability Database - Fri, 05/25/2018 - 15:29
Monstra CMS 3.0.4 has XSS in the registration Form (i.e., the login parameter to users/registration).
Categories: Security News

CVE-2018-11474

National Vulnerability Database - Fri, 05/25/2018 - 15:29
Monstra CMS 3.0.4 has a Session Management Issue in the Administrations Tab. A password change at admin/index.php?id=users&action=edit&user_id=1 does not invalidate a session that is open in a different browser.
Categories: Security News

CVE-2018-11475

National Vulnerability Database - Fri, 05/25/2018 - 15:29
Monstra CMS 3.0.4 has a Session Management Issue in the Users tab. A password change at users/1/edit does not invalidate a session that is open in a different browser.
Categories: Security News

CVE-2018-11479

National Vulnerability Database - Fri, 05/25/2018 - 15:29
The VPN component in Windscribe 1.81 uses the OpenVPN client for connections. Also, it creates a WindScribeService.exe system process that establishes a \\.\pipe\WindscribeService named pipe endpoint that allows the Windscribe VPN process to connect and execute an OpenVPN process or other processes (like taskkill, etc.). There is no validation of the program name before constructing the lpCommandLine argument for a CreateProcess call. An attacker can run any malicious process with SYSTEM privileges through this named pipe.
Categories: Security News

CVE-2018-9091

National Vulnerability Database - Fri, 05/25/2018 - 15:29
A critical vulnerability in the KEMP LoadMaster Operating System (LMOS) 6.0.44 through 7.2.41.2 and Long Term Support (LTS) LMOS before 7.1.35.5 related to Session Management could allow an unauthenticated, remote attacker to bypass security protections, gain system privileges, and execute elevated commands such as ls, ps, cat, etc., thereby compromising the system. Through this remote execution, in certain cases, exposure of sensitive system data such as certificates, private keys, and other information may be possible.
Categories: Security News

Bugtraq: [SECURITY] [DSA 4210-1] xen security update

SecurityFocus Vulnerabilities - Fri, 05/25/2018 - 15:20
[SECURITY] [DSA 4210-1] xen security update
Categories: Security News

Bugtraq: [SECURITY] [DSA 4209-1] thunderbird security update

SecurityFocus Vulnerabilities - Fri, 05/25/2018 - 15:20
[SECURITY] [DSA 4209-1] thunderbird security update
Categories: Security News

Bugtraq: Ruckus (Brocade) ICX7450-48 Reflected Cross Site Scripting

SecurityFocus Vulnerabilities - Fri, 05/25/2018 - 15:20
Ruckus (Brocade) ICX7450-48 Reflected Cross Site Scripting
Categories: Security News

Bugtraq: Android OS Didnt use FLAG_SECURE for Sensitive Settings [CVE-2017-13243]

SecurityFocus Vulnerabilities - Fri, 05/25/2018 - 15:20
Android OS Didnt use FLAG_SECURE for Sensitive Settings [CVE-2017-13243]
Categories: Security News

CVE-2017-14185

National Vulnerability Database - Fri, 05/25/2018 - 12:29
An Information Disclosure vulnerability in Fortinet FortiOS 5.6.0 to 5.6.2, 5.4.0 to 5.4.8 and 5.2 all versions allows SSL VPN web portal users to access internal FortiOS configuration information (eg:addresses) via specifically crafted URLs inside the SSL-VPN web portal.
Categories: Security News

CVE-2018-8862

National Vulnerability Database - Fri, 05/25/2018 - 12:29
In ATI Systems Emergency Mass Notification Systems (HPSS16, HPSS32, MHPSS, and ALERT4000) devices, an improper authentication vulnerability caused by specially crafted malicious radio transmissions may allow an attacker to remotely trigger false alarms.
Categories: Security News

Pages