Security News

CVE-2019-14813 (enterprise_linux, enterprise_linux_desktop, enterprise_linux_server, enterprise_linux_server_aus, enterprise_linux_server_eus, enterprise_linux_server_tus, enterprise_linux_workstation, ghostscript)

National Vulnerability Database - Fri, 09/06/2019 - 10:15
A flaw was found in ghostscript, versions 9.x before 9.28, in the setsystemparams procedure where it did not properly secure its privileged calls, enabling scripts to bypass `-dSAFER` restrictions. A specially crafted PostScript file could disable security protection and then have access to the file system, or execute arbitrary commands.
Categories: Security News

CVE-2019-15846

National Vulnerability Database - Fri, 09/06/2019 - 07:15
Exim before 4.92.2 allows remote attackers to execute arbitrary code as root via a trailing backslash.
Categories: Security News

CVE-2019-2175

National Vulnerability Database - Thu, 09/05/2019 - 18:15
In checkAccess of SliceManagerService.java in Android 9, there is a possible permissions check bypass due to incorrect order of arguments. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.
Categories: Security News

CVE-2019-2176

National Vulnerability Database - Thu, 09/05/2019 - 18:15
In ihevcd_parse_buffering_period_sei of ihevcd_parse_headers.c in Android 8.0, 8.1 and 9, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation.
Categories: Security News

CVE-2019-2177

National Vulnerability Database - Thu, 09/05/2019 - 18:15
In isPreferred of HidProfile.java in Android 7.1.1, 7.1.2, 8.0, 8.1 and 9, there is a possible device type confusion due to a permissions bypass. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation.
Categories: Security News

CVE-2019-2178

National Vulnerability Database - Thu, 09/05/2019 - 18:15
In rw_t4t_sm_read_ndef of rw_t4t in Android 7.1.1, 7.1.2, 8.0, 8.1 and 9, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege in the NFC service with no additional execution privileges needed. User interaction is not needed for exploitation.
Categories: Security News

CVE-2019-2179

National Vulnerability Database - Thu, 09/05/2019 - 18:15
In NDEF_MsgValidate of ndef_utils in Android 7.1.1, 7.1.2, 8.0, 8.1 and 9, there is a possible out of bounds read due to an integer overflow. This could lead to local information disclosure with no additional execution privileges needed. User interaction is needed for exploitation.
Categories: Security News

CVE-2019-2180

National Vulnerability Database - Thu, 09/05/2019 - 18:15
In ippSetValueTag of ipp.c in Android 8.0, 8.1 and 9, there is a possible out of bounds read due to improper input validation. This could lead to local information disclosure from the printer service with no additional execution privileges needed. User interaction is not needed for exploitation.
Categories: Security News

CVE-2019-2181

National Vulnerability Database - Thu, 09/05/2019 - 18:15
In binder_transaction of binder.c in the Android kernel, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation.
Categories: Security News

CVE-2019-9254

National Vulnerability Database - Thu, 09/05/2019 - 18:15
In readArgumentList of zygote.java in Android 10, there is a possible command injection due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
Categories: Security News

CVE-2019-14222

National Vulnerability Database - Thu, 09/05/2019 - 18:15
An issue was discovered in Alfresco Community Edition versions 6.0 and lower. An unauthenticated, remote attacker could authenticate to Alfresco's Solr Web Admin Interface. The vulnerability is due to the presence of a default private key that is present in all default installations. An attacker could exploit this vulnerability by using the extracted private key and bundling it into a PKCS12. A successful exploit could allow the attacker to gain information about the target system (e.g., OS type, system file locations, Java version, Solr version, etc.) as well as the ability to launch further attacks by leveraging the access to Alfresco's Solr Web Admin Interface.
Categories: Security News

CVE-2019-14224

National Vulnerability Database - Thu, 09/05/2019 - 18:15
An issue was discovered in Alfresco Community Edition 5.2 201707. By leveraging multiple components in the Alfresco Software applications, an exploit chain was observed that allows an attacker to achieve remote code execution on the victim machine. The attacker must upload malicious Solr configuration files and then receive a JMX connection from the victim, and serve a Java object that results in deserialization and code execution.
Categories: Security News

CVE-2019-2103

National Vulnerability Database - Thu, 09/05/2019 - 18:15
In Google Assistant in Android 9, there is a possible permissions bypass that allows the Assistant to take a screenshot of apps with FLAG_SECURE. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.
Categories: Security News

CVE-2019-2108

National Vulnerability Database - Thu, 09/05/2019 - 18:15
In ihevcd_ref_list of ihevcd_ref_list.c in Android 10, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation.
Categories: Security News

CVE-2019-2115

National Vulnerability Database - Thu, 09/05/2019 - 18:15
In GateKeeper::MintAuthToken of gatekeeper.cpp in Android 7.1.1, 7.1.2, 8.0, 8.1 and 9, there is possible memory corruption due to a double free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.
Categories: Security News

CVE-2019-2123

National Vulnerability Database - Thu, 09/05/2019 - 18:15
In execTransact of Binder.java in Android 7.1.1, 7.1.2, 8.0, 8.1, and 9, there is a possible local execution of arbitrary code in a privileged process due to a memory overwrite. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
Categories: Security News

CVE-2019-2124

National Vulnerability Database - Thu, 09/05/2019 - 18:15
In ComposeActivityEmailExternal of ComposeActivityEmailExternal.java in Android 7.1.1, 7.1.2, 8.0, 8.1 and 9, there is a possible way to silently attach files to an email due to a confused deputy. This could lead to local information disclosure.
Categories: Security News

CVE-2019-2174

National Vulnerability Database - Thu, 09/05/2019 - 18:15
In SensorManager::assertStateLocked of SensorManager.cpp in Android 7.1.1, 7.1.2, 8.0, 8.1, and 9, there is a possible use after free due to improper locking. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
Categories: Security News

CVE-2019-15029

National Vulnerability Database - Thu, 09/05/2019 - 17:15
FusionPBX 4.4.8 allows an attacker to execute arbitrary system commands by submitting a malicious command to the service_edit.php file (which will insert the malicious command into the database). To trigger the command, one needs to call the services.php file via a GET request with the service id followed by the parameter a=start to execute the stored command.
Categories: Security News

CVE-2019-11380

National Vulnerability Database - Thu, 09/05/2019 - 17:15
The master-password feature in the ES File Explorer File Manager application 4.2.0.1.3 for Android can be bypassed via a com.estrongs.android.pop.ftp.ESFtpShortcut intent, leading to remote FTP access to the entirety of local storage.
Categories: Security News

Pages