Security News

CVE-2017-3775

National Vulnerability Database - Fri, 05/04/2018 - 13:29
Some Lenovo System x server BIOS/UEFI versions, when Secure Boot mode is enabled by a system administrator, do not properly authenticate signed code before booting it. As a result, an attacker with physical access to the system could boot unsigned code.
Categories: Security News

CVE-2018-10733

National Vulnerability Database - Fri, 05/04/2018 - 13:29
There is a heap-based buffer over-read in the function ft_font_face_hash of gxps-fonts.c in libgxps through 0.3.0. A crafted input will lead to a remote denial of service attack.
Categories: Security News

CVE-2018-10739

National Vulnerability Database - Fri, 05/04/2018 - 13:29
An issue was discovered in Shanghai 2345 Security Guard 3.7.0. 2345MPCSafe.exe allows local users to bypass intended process protections, and consequently terminate process, because WM_SYSCOMMAND is not properly considered.
Categories: Security News

CVE-2018-7522

National Vulnerability Database - Fri, 05/04/2018 - 13:29
In Schneider Electric Triconex Tricon MP model 3008 firmware versions 10.0-10.4, when a system call is made, registers are stored to a fixed memory location. Modifying the data in this location could allow attackers to gain supervisor-level access and control system states.
Categories: Security News

CVE-2018-8853

National Vulnerability Database - Fri, 05/04/2018 - 13:29
Philips Brilliance CT devices operate user functions from within a contained kiosk in a Microsoft Windows operating system. Windows boots by default with elevated Windows privileges, enabling a kiosk application, user, or an attacker to potentially attain unauthorized elevated privileges in Brilliance 64 version 2.6.2 and prior, Brilliance iCT versions 4.1.6 and prior, Brillance iCT SP versions 3.2.4 and prior, and Brilliance CT Big Bore 2.3.5 and prior. Also, attackers may gain access to unauthorized resources from the underlying Windows operating system.
Categories: Security News

CVE-2018-8857

National Vulnerability Database - Fri, 05/04/2018 - 13:29
Philips Brilliance CT software (Brilliance 64 version 2.6.2 and prior, Brilliance iCT versions 4.1.6 and prior, Brillance iCT SP versions 3.2.4 and prior, and Brilliance CT Big Bore 2.3.5 and prior) contains fixed credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data. An attacker could compromise these credentials and gain access to the system.
Categories: Security News

CVE-2018-8861

National Vulnerability Database - Fri, 05/04/2018 - 13:29
Vulnerabilities within the Philips Brilliance CT kiosk environment (Brilliance 64 version 2.6.2 and prior, Brilliance iCT versions 4.1.6 and prior, Brillance iCT SP versions 3.2.4 and prior, and Brilliance CT Big Bore 2.3.5 and prior) could enable a limited-access kiosk user or an unauthorized attacker to break-out from the containment of the kiosk environment, attain elevated privileges from the underlying Windows OS, and access unauthorized resources from the operating system.
Categories: Security News

CVE-2018-8865

National Vulnerability Database - Fri, 05/04/2018 - 13:29
In Lantech IDS 2102 2.0 and prior, a stack-based buffer overflow vulnerability has been identified which may allow remote code execution. A CVSS v3 base score of 9.8 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).
Categories: Security News

CVE-2018-8869

National Vulnerability Database - Fri, 05/04/2018 - 13:29
In Lantech IDS 2102 2.0 and prior, nearly all input fields allow for arbitrary input on the device. A CVSS v3 base score of 9.8 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).
Categories: Security News

CVE-2018-8872

National Vulnerability Database - Fri, 05/04/2018 - 13:29
In Schneider Electric Triconex Tricon MP model 3008 firmware versions 10.0-10.4, system calls read directly from memory addresses within the control program area without any verification. Manipulating this data could allow attacker data to be copied anywhere within memory.
Categories: Security News

CVE-2018-9063

National Vulnerability Database - Fri, 05/04/2018 - 13:29
MapDrv (C:\Program Files\Lenovo\System Update\mapdrv.exe) In Lenovo System Update versions earlier than 5.07.0072 contains a local vulnerability where an attacker entering very large user ID or password can overrun the program's buffer, causing undefined behaviors, such as execution of arbitrary code. No additional privilege is granted to the attacker beyond what is already possessed to run MapDrv.
Categories: Security News

CVE-2018-10726

National Vulnerability Database - Fri, 05/04/2018 - 11:29
** DISPUTED ** A stored XSS vulnerability was found in Datenstrom Yellow 0.7.3 via an "Edit page" action. NOTE: the vendor disputes the relevance of this report because an installation accessible to untrusted users is supposed to have parserSafeMode=1 in system/config/config.ini to prevent XSS.
Categories: Security News

CVE-2017-1743

National Vulnerability Database - Fri, 05/04/2018 - 10:29
IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 could allow a remote attacker to obtain sensitive information caused by improper handling of Administrative Console panel fields. When exploited an attacker could browse the file system. IBM X-Force ID: 134933.
Categories: Security News

Vuln: Apple Swift CVE-2018-4220 Arbitrary Code Execution Vulnerability

SecurityFocus Vulnerabilities - Fri, 05/04/2018 - 00:00
Apple Swift CVE-2018-4220 Arbitrary Code Execution Vulnerability
Categories: Security News

Vuln: Multiple Devices Integrated GPUs CVE-2018-10229 Security Bypass Vulnerability

SecurityFocus Vulnerabilities - Fri, 05/04/2018 - 00:00
Multiple Devices Integrated GPUs CVE-2018-10229 Security Bypass Vulnerability
Categories: Security News

Vuln: Cisco Prime Service Catalog CVE-2018-0285 Denial of Service Vulnerability

SecurityFocus Vulnerabilities - Fri, 05/04/2018 - 00:00
Cisco Prime Service Catalog CVE-2018-0285 Denial of Service Vulnerability
Categories: Security News

CVE-2018-10561

National Vulnerability Database - Thu, 05/03/2018 - 23:29
An issue was discovered on Dasan GPON home routers. It is possible to bypass authentication simply by appending "?images" to any URL of the device that requires authentication, as demonstrated by the /menu.html?images/ or /GponForm/diag_FORM?images/ URI. One can then manage the device.
Categories: Security News

CVE-2018-10562

National Vulnerability Database - Thu, 05/03/2018 - 23:29
An issue was discovered on Dasan GPON home routers. Command Injection can occur via the dest_host parameter in a diag_action=ping request to a GponForm/diag_Form URI. Because the router saves ping results in /tmp and transmits them to the user when the user revisits /diag.html, it's quite simple to execute commands and retrieve their output.
Categories: Security News

CVE-2018-10641

National Vulnerability Database - Thu, 05/03/2018 - 23:29
D-Link DIR-601 A1 1.02NA devices do not require the old password for a password change, which occurs in cleartext.
Categories: Security News

CVE-2018-10722

National Vulnerability Database - Thu, 05/03/2018 - 20:29
In Cylance CylancePROTECT before 1470, an unprivileged local user can obtain SYSTEM privileges because users have Modify access to the %PROGRAMFILES%\Cylance\Desktop\log folder, the CyUpdate process grants users Modify access to new files created in this folder, and a new file can be a symlink chain to a pathname of an arbitrary DLL that CyUpdate uses.
Categories: Security News

Pages