Security News

CVE-2018-18777

National Vulnerability Database - Thu, 11/01/2018 - 13:29
Directory traversal vulnerability in Microstrategy Web, version 7, in "/WebMstr7/servlet/mstrWeb" (in the parameter subpage) allows remote authenticated users to bypass intended SecurityManager restrictions and list a parent directory via a /.. (slash dot dot) in a pathname used by a web application. NOTE: this is a deprecated product.
Categories: Security News

CVE-2018-6011

National Vulnerability Database - Thu, 11/01/2018 - 13:29
The time-based one-time-password (TOTP) function in the application logic of the Green Electronics RainMachine Mini-8 (2nd generation) uses the administrator's password hash to generate a 6-digit temporary passcode that can be used for remote and local access, aka a "Use of Password Hash Instead of Password for Authentication" issue. This is exploitable by an attacker who discovers a hash value in the rainmachine-settings.sqlite file.
Categories: Security News

CVE-2018-6012

National Vulnerability Database - Thu, 11/01/2018 - 13:29
The 'Weather Service' feature of the Green Electronics RainMachine Mini-8 (2nd generation) allows an attacker to inject arbitrary Python code via the 'Add new weather data source' upload function.
Categories: Security News

CVE-2018-6906

National Vulnerability Database - Thu, 11/01/2018 - 13:29
A persistent Cross Site Scripting (XSS) vulnerability in the Green Electronics RainMachine Mini-8 (2nd Generation) and Touch HD 12 web application allows an attacker to inject arbitrary JavaScript via the REST API.
Categories: Security News

CVE-2018-3900

National Vulnerability Database - Thu, 11/01/2018 - 11:29
An exploitable code execution vulnerability exists in the QR code scanning functionality of Yi Home Camera 27US 1.8.7.0D. A specially crafted QR Code can cause a buffer overflow, resulting in code execution. An attacker can make the camera scan a QR code to trigger this vulnerability. Alternatively, a user could be convinced to display a QR code from the internet to their camera, which could exploit this vulnerability.
Categories: Security News

CVE-2018-3910

National Vulnerability Database - Thu, 11/01/2018 - 11:29
An exploitable code execution vulnerability exists in the cloud OTA setup functionality of Yi Home Camera 27US 1.8.7.0D. A specially crafted SSID can cause a command injection, resulting in code execution. An attacker can cause a camera to connect to this SSID to trigger this vulnerability. Alternatively, an attacker can convince a user to connect their camera to this SSID.
Categories: Security News

CVE-2018-3928

National Vulnerability Database - Thu, 11/01/2018 - 11:29
An exploitable code execution vulnerability exists in the firmware update functionality of Yi Home Camera 27US 1.8.7.0D. A specially crafted set of UDP packets can cause a settings change, resulting in denial of service. An attacker can send a set of packets to trigger this vulnerability.
Categories: Security News

CVE-2018-3947

National Vulnerability Database - Thu, 11/01/2018 - 11:29
An exploitable information disclosure vulnerability exists in the phone-to-camera communications of Yi Home Camera 27US 1.8.7.0D. An attacker can sniff network traffic to exploit this vulnerability.
Categories: Security News

CVE-2018-3977

National Vulnerability Database - Thu, 11/01/2018 - 11:29
An exploitable code execution vulnerability exists in the XCF image rendering functionality of SDL2_image-2.0.3. A specially crafted XCF image can cause a heap overflow, resulting in code execution. An attacker can display a specially crafted image to trigger this vulnerability.
Categories: Security News

CVE-2018-14660

National Vulnerability Database - Thu, 11/01/2018 - 10:29
A flaw was found in glusterfs server through versions 4.1.4 and 3.1.2 which allowed repeated usage of GF_META_LOCK_KEY xattr. A remote, authenticated attacker could use this flaw to create multiple locks for single inode by using setxattr repetitively resulting in memory exhaustion of glusterfs server node.
Categories: Security News

CVE-2016-2120

National Vulnerability Database - Thu, 11/01/2018 - 09:29
An issue has been found in PowerDNS Authoritative Server versions up to and including 3.4.10, 4.0.1 allowing an authorized user to crash the server by inserting a specially crafted record in a zone under their control then sending a DNS query for that record. The issue is due to an integer overflow when checking if the content of the record matches the expected size, allowing an attacker to cause a read past the buffer boundary.
Categories: Security News

CVE-2016-2123

National Vulnerability Database - Thu, 11/01/2018 - 09:29
A flaw was found in samba versions 4.0.0 to 4.5.2. The Samba routine ndr_pull_dnsp_name contains an integer wrap problem, leading to an attacker-controlled memory overwrite. ndr_pull_dnsp_name parses data from the Samba Active Directory ldb database. Any user who can write to the dnsRecord attribute over LDAP can trigger this memory corruption. By default, all authenticated LDAP users can write to the dnsRecord attribute on new DNS objects. This makes the defect a remote privilege escalation.
Categories: Security News

CVE-2018-7356

National Vulnerability Database - Thu, 11/01/2018 - 09:29
All versions up to V3.03.10.B23P2 of ZTE ZXR10 8905E product are impacted by TCP Initial Sequence Number (ISN) reuse vulnerability, which can generate easily predictable ISN, and allows remote attackers to spoof connections.
Categories: Security News

CVE-2018-15454

National Vulnerability Database - Thu, 11/01/2018 - 08:29
A vulnerability in the Session Initiation Protocol (SIP) inspection engine of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause an affected device to reload or trigger high CPU, resulting in a denial of service (DoS) condition. The vulnerability is due to improper handling of SIP traffic. An attacker could exploit this vulnerability by sending SIP requests designed to specifically trigger this issue at a high rate across an affected device. Software updates that address this vulnerability are not yet available.
Categories: Security News

Vuln: Circontrol CirCarLife ICSA-18-305-03 Multiple Security Vulnerabilities

SecurityFocus Vulnerabilities - Thu, 11/01/2018 - 00:00
Circontrol CirCarLife ICSA-18-305-03 Multiple Security Vulnerabilities
Categories: Security News

Vuln: Microsoft Edge Unspecfied Remote Code Execution Vulnerability

SecurityFocus Vulnerabilities - Thu, 11/01/2018 - 00:00
Microsoft Edge Unspecfied Remote Code Execution Vulnerability
Categories: Security News

Vuln: Texas Instruments Bluetooth Low Energy Chips CVE-2018-7080 Remote Code Execution Vulnerability

SecurityFocus Vulnerabilities - Thu, 11/01/2018 - 00:00
Texas Instruments Bluetooth Low Energy Chips CVE-2018-7080 Remote Code Execution Vulnerability
Categories: Security News

Vuln: Texas Instruments BLE-Stack CVE-2018-16986 Remote Code Execution Vulnerability

SecurityFocus Vulnerabilities - Thu, 11/01/2018 - 00:00
Texas Instruments BLE-Stack CVE-2018-16986 Remote Code Execution Vulnerability
Categories: Security News

CVE-2018-18887

National Vulnerability Database - Wed, 10/31/2018 - 21:29
S-CMS PHP 1.0 has SQL injection in member/member_news.php via the type parameter (aka the $N_type field).
Categories: Security News

CVE-2018-18888

National Vulnerability Database - Wed, 10/31/2018 - 21:29
An issue was discovered in laravelCMS through 2018-04-02. \app\Http\Controllers\Backend\ProfileController.php allows upload of arbitrary PHP files because the file extension is not properly checked and uploaded files are not properly renamed.
Categories: Security News

Pages