Security News

CVE-2018-18224

National Vulnerability Database - Fri, 10/19/2018 - 18:29
A vulnerability exists in the file reading procedure in Open Design Alliance Drawings SDK 2019Update1 on non-Windows platforms in which attackers could perform read operations past the end, or before the beginning, of the intended buffer. This can allow attackers to obtain sensitive information from process memory or cause a crash.
Categories: Security News

CVE-2018-18284

National Vulnerability Database - Fri, 10/19/2018 - 18:29
Artifex Ghostscript 9.25 and earlier allows attackers to bypass a sandbox protection mechanism via vectors involving the 1Policy operator.
Categories: Security News

CVE-2018-18398

National Vulnerability Database - Fri, 10/19/2018 - 18:29
Xfce Thunar 1.6.15, when Xfce 4.12 is used, mishandles the IBus-Unikey input method for file searches within File Manager, leading to an out-of-bounds read and SEGV. This could potentially be exploited by an arbitrary local user who creates files in /tmp before the victim uses this input method.
Categories: Security News

CVE-2018-18416

National Vulnerability Database - Fri, 10/19/2018 - 18:29
LANGO Codeigniter Multilingual Script 1.0 has XSS in the input and upload sections, as demonstrated by the site_name parameter to the admin/settings/update URI.
Categories: Security News

CVE-2018-18417

National Vulnerability Database - Fri, 10/19/2018 - 18:29
In the 3.1 version of Ekushey Project Manager CRM, Stored XSS has been discovered in the input and upload sections, as demonstrated by the name parameter to the index.php/admin/client/create URI.
Categories: Security News

CVE-2018-18419

National Vulnerability Database - Fri, 10/19/2018 - 18:29
Stored XSS has been discovered in the upload section of ARDAWAN.COM User Management 1.1, as demonstrated by a .jpg filename to the /account URI.
Categories: Security News

CVE-2018-12666

National Vulnerability Database - Fri, 10/19/2018 - 18:29
SV3C L-SERIES HD CAMERA V2.3.4.2103-S50-NTD-B20170508B devices improperly identifies users only by the authentication level sent in the cookies, which allow remote attackers to bypass authentication and gain administrator access by setting the authLevel cookie to 255.
Categories: Security News

CVE-2018-12667

National Vulnerability Database - Fri, 10/19/2018 - 18:29
The SV3C HD Camera (L-SERIES V2.3.4.2103-S50-NTD-B20170508B and V2.3.4.2103-S50-NTD-B20170823B) is affected by an improper authentication vulnerability that allows requests to be made to back-end CGI scripts without a valid session. This vulnerability could be used to read and modify the configuration. The vulnerability affects all versions.
Categories: Security News

CVE-2018-12668

National Vulnerability Database - Fri, 10/19/2018 - 18:29
SV3C L-SERIES HD CAMERA V2.3.4.2103-S50-NTD-B20170508B and V2.3.4.2103-S50-NTD-B20170823B devices have a Hard-coded Password.
Categories: Security News

CVE-2018-12669

National Vulnerability Database - Fri, 10/19/2018 - 18:29
SV3C L-SERIES HD CAMERA V2.3.4.2103-S50-NTD-B20170508B and V2.3.4.2103-S50-NTD-B20170823B devices allow remote authenticated users to reset arbitrary accounts via a request to web/cgi-bin/hi3510/param.cgi.
Categories: Security News

CVE-2018-12670

National Vulnerability Database - Fri, 10/19/2018 - 18:29
SV3C L-SERIES HD CAMERA V2.3.4.2103-S50-NTD-B20170508B and V2.3.4.2103-S50-NTD-B20170823B devices allow OS Command Injection.
Categories: Security News

CVE-2018-12671

National Vulnerability Database - Fri, 10/19/2018 - 18:29
An attacker with remote access to the SV3C HD Camera (L-SERIES V2.3.4.2103-S50-NTD-B20170508B and V2.3.4.2103-S50-NTD-B20170823B) web interface can disclose information about the camera including all password sets set within the camera. This information can then be used to gain access to the web interface.
Categories: Security News

CVE-2018-12672

National Vulnerability Database - Fri, 10/19/2018 - 18:29
The SV3C HD Camera (L-SERIES V2.3.4.2103-S50-NTD-B20170508B) does not perform proper validation on user-supplied input and is vulnerable to cross-site scripting attacks. If proper authorization was implemented, this vulnerability could be leveraged to perform actions on behalf of another user or the administrator.
Categories: Security News

CVE-2018-12673

National Vulnerability Database - Fri, 10/19/2018 - 18:29
An attacker with remote access to the SV3C HD Camera (L-SERIES V2.3.4.2103-S50-NTD-B20170508B and V2.3.4.2103-S50-NTD-B20170823B) web interface can disclose information about the camera including camera hardware, wireless network, and local area network information.
Categories: Security News

CVE-2018-18380

National Vulnerability Database - Fri, 10/19/2018 - 16:29
A Session Fixation issue was discovered in Bigtree. admin.php accepts a user-provided PHP session ID instead of regenerating a new one after a user has logged in to the application. The Session Fixation could allow an attacker to hijack an admin session.
Categories: Security News

CVE-2018-18529

National Vulnerability Database - Fri, 10/19/2018 - 16:29
ThinkPHP 3.2.4 has SQL Injection via the count parameter because the Library/Think/Db/Driver/Mysql.class.php parseKey function mishandles the key variable. NOTE: a backquote character is not required in the attack URI.
Categories: Security News

CVE-2018-18530

National Vulnerability Database - Fri, 10/19/2018 - 16:29
ThinkPHP 5.1.25 has SQL Injection via the count parameter because the library/think/db/Query.php aggregate function mishandles the aggregate variable. NOTE: a backquote character is required in the attack URI.
Categories: Security News

CVE-2018-18531

National Vulnerability Database - Fri, 10/19/2018 - 16:29
text/impl/DefaultTextCreator.java, text/impl/ChineseTextProducer.java, and text/impl/FiveLetterFirstNameTextCreator.java in kaptcha 2.3.2 use the Random (rather than SecureRandom) function for generating CAPTCHA values, which makes it easier for remote attackers to bypass intended access restrictions via a brute-force approach.
Categories: Security News

CVE-2018-18527

National Vulnerability Database - Fri, 10/19/2018 - 15:29
OwnTicket 2018-05-23 allows SQL Injection via the showTicketId or editTicketStatusId parameter.
Categories: Security News

CVE-2018-18520

National Vulnerability Database - Fri, 10/19/2018 - 13:29
An Invalid Memory Address Dereference exists in the function elf_end in libelf in elfutils through v0.174. Although eu-size is intended to support ar files inside ar files, handle_ar in size.c closes the outer ar file before handling all inner entries. The vulnerability allows attackers to cause a denial of service (application crash) with a crafted ELF file.
Categories: Security News

Pages