Security News

CVE-2019-15892

National Vulnerability Database - Tue, 09/03/2019 - 17:15
An issue was discovered in Varnish Cache before 6.0.4 LTS, and 6.1.x and 6.2.x before 6.2.1. An HTTP/1 parsing failure allows a remote attacker to trigger an assert by sending crafted HTTP/1 requests. The assert will cause an automatic restart with a clean cache, which makes it a Denial of Service attack.
Categories: Security News

CVE-2019-5475

National Vulnerability Database - Tue, 09/03/2019 - 16:15
The Nexus Yum Repository Plugin in v2 is vulnerable to Remote Code Execution when instances using CommandLineExecutor.java are supplied vulnerable data, such as the Yum Configuration Capability.
Categories: Security News

CVE-2019-5478

National Vulnerability Database - Tue, 09/03/2019 - 16:15
A weakness was found in Encrypt Only boot mode in Zynq UltraScale+ devices. This could lead to an adversary being able to modify the control fields of the boot image leading to an incorrect secure boot behavior.
Categories: Security News

CVE-2019-5479

National Vulnerability Database - Tue, 09/03/2019 - 16:15
An unintended require vulnerability in <v0.5.5 larvitbase-api may allow an attacker to load arbitrary non-production code (JavaScript file).
Categories: Security News

CVE-2019-5480

National Vulnerability Database - Tue, 09/03/2019 - 16:15
A path traversal vulnerability in <= v0.9.7 of statichttpserver npm module allows attackers to list files in arbitrary folders.
Categories: Security News

Acquiring a VHD to Investigate

Security Research & Defense - Tue, 09/03/2019 - 15:30
In a previous post we described some of the differences between on-premises/physical forensics and cyber investigations and those performed in the cloud, and how this can make cloud forensics challenging. That blog post described a method of creating and maintaining a VM image which can be distributed to multiple regions, allowing you to deploy this …

Acquiring a VHD to Investigate Read More »

Categories: Security News

CVE-2019-6179

National Vulnerability Database - Tue, 09/03/2019 - 15:15
An XML External Entity (XXE) processing vulnerability was reported in Lenovo XClarity Administrator (LXCA) prior to version 2.5.0 , Lenovo XClarity Integrator (LXCI) for Microsoft System Center prior to version 7.7.0, and Lenovo XClarity Integrator (LXCI) for VMWare vCenter prior to version 6.1.0 that could allow information disclosure.
Categories: Security News

CVE-2019-6180 (xclarity_administrator)

National Vulnerability Database - Tue, 09/03/2019 - 15:15
A stored cross-site scripting (XSS) vulnerability was reported in Lenovo XClarity Administrator (LXCA) versions prior to 2.5.0 that could allow an administrative user to cause JavaScript code to be stored in LXCA which may then be executed in the user's web browser. The JavaScript code is not executed on LXCA itself.
Categories: Security News

CVE-2019-6181 (xclarity_administrator)

National Vulnerability Database - Tue, 09/03/2019 - 15:15
A reflected cross-site scripting (XSS) vulnerability was reported in Lenovo XClarity Administrator (LXCA) versions prior to 2.5.0 that could allow a crafted URL, if visited, to cause JavaScript code to be executed in the user's web browser. The JavaScript code is not executed on LXCA itself.
Categories: Security News

CVE-2019-6182

National Vulnerability Database - Tue, 09/03/2019 - 15:15
A stored CSV Injection vulnerability was reported in Lenovo XClarity Administrator (LXCA) versions prior to 2.5.0 that could allow an administrative user to store malformed data in LXCA Jobs and Event Log data, that could result in crafted formulas stored in an exported CSV file. The crafted formula is not executed on LXCA itself.
Categories: Security News

CVE-2019-1125

National Vulnerability Database - Tue, 09/03/2019 - 14:15
An information disclosure vulnerability exists when certain central processing units (CPU) speculatively access memory, aka 'Windows Kernel Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-1071, CVE-2019-1073.
Categories: Security News

CVE-2019-14261

National Vulnerability Database - Tue, 09/03/2019 - 14:15
An issue was discovered on ABUS Secvest FUAA50000 3.01.01 devices. Due to an insufficient implementation of jamming detection, an attacker is able to suppress correctly received RF messages sent between wireless peripheral components, e.g., wireless detectors or remote controls, and the ABUS Secvest alarm central. An attacker is able to perform a "reactive jamming" attack. The reactive jamming simply detects the start of a RF message sent by a component of the ABUS Secvest wireless alarm system, for instance a wireless motion detector (FUBW50000) or a remote control (FUBE50014 or FUBE50015), and overlays it with random data before the original RF message ends. Thereby, the receiver (alarm central) is not able to properly decode the original transmitted signal. This enables an attacker to suppress correctly received RF messages of the wireless alarm system in an unauthorized manner, for instance status messages sent by a detector indicating an intrusion.
Categories: Security News

CVE-2019-15889

National Vulnerability Database - Tue, 09/03/2019 - 14:15
The download-manager plugin before 2.9.94 for WordPress has XSS via the category shortcode feature, as demonstrated by the orderby or search[publish_date] parameter.
Categories: Security News

CVE-2019-3751

National Vulnerability Database - Tue, 09/03/2019 - 13:15
Dell EMC Enterprise Copy Data Management (eCDM) versions 1.0, 1.1, 2.0, 2.1, and 3.0 contain a certificate validation vulnerability. An unauthenticated remote attacker may potentially exploit this vulnerability to carry out a man-in-the-middle attack by supplying a crafted certificate and intercepting the victim's traffic to view or modify a victim?s data in transit.
Categories: Security News

CVE-2019-3754

National Vulnerability Database - Tue, 09/03/2019 - 13:15
Dell EMC Unity Operating Environment versions prior to 5.0.0.0.5.116, Dell EMC UnityVSA versions prior to 5.0.0.0.5.116 and Dell EMC VNXe3200 versions prior to 3.1.10.9946299 contain a reflected cross-site scripting vulnerability on the cas/logout page. A remote unauthenticated attacker could potentially exploit this vulnerability by tricking a victim application user to supply malicious HTML or Java Script code to Unisphere, which is then reflected back to the victim and executed by the web browser.
Categories: Security News

CVE-2019-14811

National Vulnerability Database - Tue, 09/03/2019 - 12:15
A flaw was found in, ghostscript versions prior to 9.28, in the .pdf_hook_DSC_Creator procedure where it did not properly secure its privileged calls, enabling scripts to bypass `-dSAFER` restrictions. A specially crafted PostScript file could disable security protection and then have access to the file system, or execute arbitrary commands.
Categories: Security News

CVE-2019-14817

National Vulnerability Database - Tue, 09/03/2019 - 12:15
A flaw was found in, ghostscript versions prior to 9.28, in the .pdfexectoken and other procedures where it did not properly secure its privileged calls, enabling scripts to bypass `-dSAFER` restrictions. A specially crafted PostScript file could disable security protection and then have access to the file system, or execute arbitrary commands.
Categories: Security News

CVE-2019-10197

National Vulnerability Database - Tue, 09/03/2019 - 11:15
A flaw was found in samba versions 4.9.x up to 4.9.13, samba 4.10.x up to 4.10.8 and samba 4.11.x up to 4.11.0rc3, when certain parameters were set in the samba configuration file. An unauthenticated attacker could use this flaw to escape the shared directory and access the contents of directories outside the share.
Categories: Security News

CVE-2019-13156

National Vulnerability Database - Tue, 09/03/2019 - 11:15
NDrive(1.2.2).sys in Naver Cloud Explorer has a stack-based buffer overflow, which allows attackers to cause a denial of service when reading data from IOCTL handle.
Categories: Security News

CVE-2019-15872

National Vulnerability Database - Tue, 09/03/2019 - 09:15
The LoginPress plugin before 1.1.4 for WordPress has SQL injection via an import of settings.
Categories: Security News

Pages