Security News

CVE-2018-6514

National Vulnerability Database - Mon, 06/11/2018 - 16:29
In Puppet Agent 1.10.x prior to 1.10.13, Puppet Agent 5.3.x prior to 5.3.7, Puppet Agent 5.5.x prior to 5.5.2, Facter on Windows is vulnerable to a DLL preloading attack, which could lead to a privilege escalation.
Categories: Security News

CVE-2018-6515

National Vulnerability Database - Mon, 06/11/2018 - 16:29
Puppet Agent 1.10.x prior to 1.10.13, Puppet Agent 5.3.x prior to 5.3.7, and Puppet Agent 5.5.x prior to 5.5.2 on Windows only, with a specially crafted configuration file an attacker could get pxp-agent to load arbitrary code with privilege escalation.
Categories: Security News

CVE-2017-3199

National Vulnerability Database - Mon, 06/11/2018 - 13:29
The Java implementation of GraniteDS, version 3.1.1.GA, AMF3 deserializers derives class instances from java.io.Externalizable rather than the AMF3 specification's recommendation of flash.utils.IExternalizable. A remote attacker with the ability to spoof or control an RMI server connection may be able to send serialized Java objects that execute arbitrary code when deserialized.
Categories: Security News

CVE-2017-3200

National Vulnerability Database - Mon, 06/11/2018 - 13:29
The Java implementation of AMF3 deserializers used in GraniteDS, version 3.1.1.G, may allow instantiation of arbitrary classes via their public parameter-less constructor and subsequently call arbitrary Java Beans setter methods. The ability to exploit this vulnerability depends on the availability of classes in the class path that make use of deserialization. A remote attacker with the ability to spoof or control information may be able to send serialized Java objects with pre-set properties that result in arbitrary code execution when deserialized.
Categories: Security News

CVE-2017-3201

National Vulnerability Database - Mon, 06/11/2018 - 13:29
The Java implementation of AMF3 deserializers used in Flamingo amf-serializer by Exadel, version 2.2.0 derives class instances from java.io.Externalizable rather than the AMF3 specification's recommendation of flash.utils.IExternalizable. A remote attacker with the ability to spoof or control an RMI server connection may be able to send serialized Java objects that execute arbitrary code when deserialized.
Categories: Security News

CVE-2017-3202

National Vulnerability Database - Mon, 06/11/2018 - 13:29
The Java implementation of AMF3 deserializers used in Flamingo amf-serializer by Exadel, version 2.2.0, may allow instantiation of arbitrary classes via their public parameter-less constructor and subsequently call arbitrary Java Beans setter methods. The ability to exploit this vulnerability depends on the availability of classes in the class path that make use of deserialization. A remote attacker with the ability to spoof or control information may be able to send serialized Java objects with pre-set properties that result in arbitrary code execution when deserialized.
Categories: Security News

CVE-2017-3203

National Vulnerability Database - Mon, 06/11/2018 - 13:29
The Java implementations of AMF3 deserializers in Pivotal/Spring Spring-flex derive class instances from java.io.Externalizable rather than the AMF3 specification's recommendation of flash.utils.IExternalizable. A remote attacker with the ability to spoof or control an RMI server connection may be able to send serialized Java objects that execute arbitrary code when deserialized.
Categories: Security News

CVE-2017-3206

National Vulnerability Database - Mon, 06/11/2018 - 13:29
The Java implementation of AMF3 deserializers used by Flamingo amf-serializer by Exadel, version 2.2.0, allows external entity references (XXEs) from XML documents embedded within AMF3 messages. If the XML parsing is handled incorrectly it could potentially expose sensitive data on the server, denial of service, or server side request forgery.
Categories: Security News

CVE-2017-3207

National Vulnerability Database - Mon, 06/11/2018 - 13:29
The Java implementations of AMF3 deserializers in WebORB for Java by Midnight Coders, version 5.1.1.0, derive class instances from java.io.Externalizable rather than the AMF3 specification's recommendation of flash.utils.IExternalizable. A remote attacker with the ability to spoof or control an RMI server connection may be able to send serialized Java objects that execute arbitrary code when deserialized.
Categories: Security News

CVE-2017-3208

National Vulnerability Database - Mon, 06/11/2018 - 13:29
The Java implementation of AMF3 deserializers used by Flamingo amf-serializer by Exadel, version 2.2.0, allows external entity references (XXEs) from XML documents embedded within AMF3 messages. If the XML parsing is handled incorrectly it could potentially expose sensitive data on the server, denial of service, or server side request forgery.
Categories: Security News

CVE-2011-4181

National Vulnerability Database - Mon, 06/11/2018 - 11:29
A vulnerability in open build service allows remote attackers to gain access to source files even though source access is disabled. Affected releases are SUSE open build service up to and including version 2.1.15 (for 2.1) and before version 2.3.
Categories: Security News

CVE-2018-12112

National Vulnerability Database - Mon, 06/11/2018 - 10:29
md_build_attribute in md4c.c in md4c 0.2.6 allows remote attackers to cause a denial of service (Segmentation fault and application crash) or possibly have unspecified other impact via a crafted file.
Categories: Security News

CVE-2018-12102

National Vulnerability Database - Mon, 06/11/2018 - 09:29
md4c 0.2.6 has a NULL pointer dereference in the function md_process_line in md4c.c, related to ctx->current_block.
Categories: Security News

CVE-2018-12108

National Vulnerability Database - Mon, 06/11/2018 - 09:29
An issue was discovered in Dropbox Lepton 1.2.1. The validateAndCompress function in validation.cc allows remote attackers to cause a denial of service (SIGFPE and application crash) via a malformed file.
Categories: Security News

CVE-2018-12109

National Vulnerability Database - Mon, 06/11/2018 - 09:29
An issue was discovered in Free Lossless Image Format (FLIF) 0.3. The TransformPaletteC<FileIO>::process function in transform/palette_C.hpp allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted PAM image file.
Categories: Security News

CVE-2018-12110

National Vulnerability Database - Mon, 06/11/2018 - 09:29
portfolioCMS 1.0.5 has SQL Injection via the admin/portfolio.php preview parameter.
Categories: Security News

CVE-2018-12111

National Vulnerability Database - Mon, 06/11/2018 - 09:29
Cross-site scripting (XSS) vulnerability in the Canon PrintMe EFI webinterface allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO to the /wt3/mydocs.php URI.
Categories: Security News

CVE-2018-12092

National Vulnerability Database - Mon, 06/11/2018 - 07:29
tinyexr 0.9.5 has a heap-based buffer over-read in tinyexr::DecodePixelData in tinyexr.h, related to OpenEXR code.
Categories: Security News

CVE-2018-12093

National Vulnerability Database - Mon, 06/11/2018 - 07:29
tinyexr 0.9.5 has a memory leak in ParseEXRHeaderFromMemory in tinyexr.h.
Categories: Security News

CVE-2018-12094

National Vulnerability Database - Mon, 06/11/2018 - 07:29
Cross-site scripting (XSS) vulnerability in news.php in Dimofinf CMS Version 3.0.0 allows remote attackers to inject arbitrary web script or HTML via the id parameter.
Categories: Security News

Pages