Security News

CVE-2018-12762

National Vulnerability Database - Fri, 07/20/2018 - 15:29
Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have an Out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.
Categories: Security News

CVE-2018-12763

National Vulnerability Database - Fri, 07/20/2018 - 15:29
Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have an Out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.
Categories: Security News

CVE-2018-12764

National Vulnerability Database - Fri, 07/20/2018 - 15:29
Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have an Out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.
Categories: Security News

CVE-2018-12765

National Vulnerability Database - Fri, 07/20/2018 - 15:29
Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have an Out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.
Categories: Security News

CVE-2018-12766

National Vulnerability Database - Fri, 07/20/2018 - 15:29
Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have an Out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.
Categories: Security News

CVE-2018-12767

National Vulnerability Database - Fri, 07/20/2018 - 15:29
Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have an Out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.
Categories: Security News

CVE-2018-12768

National Vulnerability Database - Fri, 07/20/2018 - 15:29
Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have an Out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.
Categories: Security News

CVE-2018-12770

National Vulnerability Database - Fri, 07/20/2018 - 15:29
Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have a Use-after-free vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user.
Categories: Security News

CVE-2018-12771

National Vulnerability Database - Fri, 07/20/2018 - 15:29
Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have an Out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user.
Categories: Security News

CVE-2018-12772

National Vulnerability Database - Fri, 07/20/2018 - 15:29
Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have a Use-after-free vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user.
Categories: Security News

CVE-2018-14474

National Vulnerability Database - Fri, 07/20/2018 - 14:29
views/auth.go in Orange Forum 1.4.0 allows Open Redirection via the next parameter to /login or /signup.
Categories: Security News

CVE-2014-2296

National Vulnerability Database - Fri, 07/20/2018 - 13:29
XML external entity (XXE) vulnerability in java/org/jasig/cas/util/SamlUtils.java in Jasig CAS server before 3.4.12.1 and 3.5.x before 3.5.2.1, when Google Accounts Integration is enabled, allows remote unauthenticated users to bypass authentication via crafted XML data.
Categories: Security News

CVE-2014-4150

National Vulnerability Database - Fri, 07/20/2018 - 13:29
The scheme48-send-definition function in cmuscheme48.el in Scheme 48 allows local users to write to arbitrary files via a symlink attack on /tmp/s48lose.tmp.
Categories: Security News

CVE-2017-1544

National Vulnerability Database - Fri, 07/20/2018 - 12:29
IBM Sterling B2B Integrator Standard Edition (IBM Sterling File Gateway 2.2.0 through 2.2.6) caches usernames and passwords in browsers that could be used by a local attacker to obtain sensitive information. IBM X-Force ID: 130812.
Categories: Security News

CVE-2017-1575

National Vulnerability Database - Fri, 07/20/2018 - 12:29
IBM Sterling B2B Integrator Standard Edition (IBM Sterling File Gateway 2.2.0 through 2.2.6) uses weaker than expected cryptographic algorithms that could allow a local attacker to decrypt highly sensitive information. IBM X-Force ID: 132032.
Categories: Security News

CVE-2017-1633

National Vulnerability Database - Fri, 07/20/2018 - 12:29
IBM Sterling B2B Integrator 5.2 through 5.2.6 could allow an authenticated attacker to obtain sensitive variable name information using specially crafted HTTP requests. IBM X-Force ID: 133180.
Categories: Security News

CVE-2018-1398

National Vulnerability Database - Fri, 07/20/2018 - 12:29
IBM Sterling File Gateway 2.2.0 through 2.2.6 could allow a remote attacker to download certain files that could contain sensitive information. IBM X-Force ID: 138434.
Categories: Security News

CVE-2018-14471

National Vulnerability Database - Fri, 07/20/2018 - 12:29
dwg_obj_block_control_get_block_headers in dwg_api.c in GNU LibreDWG 0.5.1048 allows remote attackers to cause a denial of service (NULL pointer dereference and SEGV) via a crafted dwg file.
Categories: Security News

CVE-2018-14472

National Vulnerability Database - Fri, 07/20/2018 - 12:29
An issue was discovered in WUZHI CMS 4.1.0. The vulnerable file is coreframe/app/order/admin/goods.php. The $keywords parameter is taken directly into execution without any filtering, leading to SQL injection.
Categories: Security News

CVE-2018-1470

National Vulnerability Database - Fri, 07/20/2018 - 12:29
IBM Sterling File Gateway 2.2.0 through 2.2.6 could allow a remote authenticated attacker to obtain sensitive information displayed in the URL that could lead to further attacks against the system. IBM X-Force ID: 140688.
Categories: Security News

Pages