News aggregator

CVE-2018-8015

National Vulnerability Database - Fri, 05/18/2018 - 13:29
In Apache ORC 1.0.0 to 1.4.3 a malformed ORC file can trigger an endlessly recursive function call in the C++ or Java parser. The impact of this bug is most likely denial-of-service against software that uses the ORC file parser. With the C++ parser, the stack overflow might possibly corrupt the stack.
Categories: Security News

CVE-2017-18269

National Vulnerability Database - Fri, 05/18/2018 - 12:29
An SSE2-optimized memmove implementation for i386 in sysdeps/i386/i686/multiarch/memcpy-sse2-unaligned.S in the GNU C Library (aka glibc or libc6) 2.21 through 2.27 does not correctly perform the overlapping memory check if the source memory range spans the middle of the address space, resulting in corrupt data being produced by the copy operation. This may disclose information to context-dependent attackers, or result in a denial of service, or, possibly, code execution.
Categories: Security News

CVE-2017-18270

National Vulnerability Database - Fri, 05/18/2018 - 12:29
In the Linux kernel before 4.13.5, a local user could create keyrings for other users via keyctl commands, setting unwanted defaults or causing a denial of service.
Categories: Security News

CVE-2018-11236

National Vulnerability Database - Fri, 05/18/2018 - 12:29
stdlib/canonicalize.c in the GNU C Library (aka glibc or libc6) 2.27 and earlier, when processing very long pathname arguments to the realpath function, could encounter an integer overflow on 32-bit architectures, leading to a stack-based buffer overflow and, potentially, arbitrary code execution.
Categories: Security News

CVE-2018-11237

National Vulnerability Database - Fri, 05/18/2018 - 12:29
An AVX-512-optimized implementation of the mempcpy function in the GNU C Library (aka glibc or libc6) 2.27 and earlier may write data beyond the target buffer, leading to a buffer overflow in __mempcpy_avx512_no_vzeroupper.
Categories: Security News

CVE-2018-5256

National Vulnerability Database - Fri, 05/18/2018 - 11:29
CoreOS Tectonic 1.7.x before 1.7.9-tectonic.4 and 1.8.x before 1.8.4-tectonic.3 mounts a direct proxy to the kubernetes cluster at /api/kubernetes/ which is accessible without authentication to Tectonic and allows an attacker to directly connect to the kubernetes API server. Unauthenticated users are able to list all Namespaces through the Console, resulting in an information disclosure. Tectonic's exposure of an unauthenticated API endpoint containing information regarding the internal state of the cluster can provide an attacker with information that may assist in other attacks against the cluster. For example, an attacker may not have the permissions required to list all namespaces in the cluster but can instead leverage this vulnerability to enumerate the namespaces and then begin to check each namespace for weak authorization policies that may allow further escalation of privileges.
Categories: Security News

CVE-2018-10967

National Vulnerability Database - Fri, 05/18/2018 - 10:29
On D-Link DIR-550A and DIR-604M devices through v2.10KR, a malicious user can forge an HTTP request to inject operating system commands that can be executed on the device with higher privileges, aka remote code execution.
Categories: Security News

CVE-2018-10968

National Vulnerability Database - Fri, 05/18/2018 - 10:29
On D-Link DIR-550A and DIR-604M devices through v2.10KR, a malicious user can use a default TELNET account to get unauthorized access to vulnerable devices, aka a backdoor access vulnerability.
Categories: Security News

CVE-2018-9250

National Vulnerability Database - Fri, 05/18/2018 - 10:29
interface\super\edit_list.php in OpenEMR before v5_0_1_1 allows remote authenticated users to execute arbitrary SQL commands via the newlistname parameter.
Categories: Security News

Bugtraq: MagniComp SysInfo Information Exposure [CVE-2018-7268]

SecurityFocus Vulnerabilities - Fri, 05/18/2018 - 10:20
MagniComp SysInfo Information Exposure [CVE-2018-7268]
Categories: Security News

Bugtraq: [SECURITY] [DSA 4203-1] vlc security update

SecurityFocus Vulnerabilities - Fri, 05/18/2018 - 10:20
[SECURITY] [DSA 4203-1] vlc security update
Categories: Security News

CVE-2017-9635

National Vulnerability Database - Fri, 05/18/2018 - 09:29
Schneider Electric Ampla MES 6.4 provides capability to configure users and their privileges. When Ampla MES users are configured to use Simple Security, a weakness in the password hashing algorithm could be exploited to reverse the user's password. Schneider Electric recommends that users of Ampla MES versions 6.4 and prior should upgrade to Ampla MES version 6.5 as soon as possible.
Categories: Security News

CVE-2017-9637

National Vulnerability Database - Fri, 05/18/2018 - 09:29
Schneider Electric Ampla MES 6.4 provides capability to interact with data from third party databases. When connectivity to those databases is configured to use a SQL user name and password, an attacker may be able to sniff details from the connection string. Schneider Electric recommends that users of Ampla MES versions 6.4 and prior should upgrade to Ampla MES version 6.5 as soon as possible.
Categories: Security News

CVE-2018-10306

National Vulnerability Database - Fri, 05/18/2018 - 09:29
Services/Form/classes/class.ilDateDurationInputGUI.php and Services/Form/classes/class.ilDateTimeInputGUI.php in ILIAS 5.1.x through 5.3.x before 5.3.4 allow XSS via an invalid date.
Categories: Security News

CVE-2018-10307

National Vulnerability Database - Fri, 05/18/2018 - 09:29
error.php in ILIAS 5.2.x through 5.3.x before 5.3.4 allows XSS via the text of a PDO exception.
Categories: Security News

CVE-2018-8849

National Vulnerability Database - Fri, 05/18/2018 - 09:29
Medtronic N'Vision Clinician Programmer 8840 N'Vision Clinician Programmer, all versions, and 8870 N'Vision removable Application Card, all versions does not encrypt PII and PHI while at rest.
Categories: Security News

CVE-2018-11232

National Vulnerability Database - Fri, 05/18/2018 - 00:29
The etm_setup_aux function in drivers/hwtracing/coresight/coresight-etm-perf.c in the Linux kernel before 4.10.2 allows attackers to cause a denial of service (panic) because a parameter is incorrectly used as a local variable.
Categories: Security News

CVE-2017-15855

National Vulnerability Database - Thu, 05/17/2018 - 18:29
In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with all Android releases from CAF using the Linux kernel, the camera application triggers "user-memory-access" issue as the Camera CPP module Linux driver directly accesses the application provided buffer, which resides in user space. An unchecked userspace value (ioctl_ptr->len) is used to copy contents to a kernel buffer which can lead to kernel buffer overflow.
Categories: Security News

CVE-2018-3567

National Vulnerability Database - Thu, 05/17/2018 - 18:29
In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with all Android releases from CAF using the Linux kernel, a buffer overflow vulnerability exists in WLAN while processing the HTT_T2H_MSG_TYPE_PEER_MAP or HTT_T2H_MSG_TYPE_PEER_UNMAP messages.
Categories: Security News

CVE-2018-3568

National Vulnerability Database - Thu, 05/17/2018 - 18:29
In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with all Android releases from CAF using the Linux kernel, in __wlan_hdd_cfg80211_vendor_scan(), a buffer overwrite can potentially occur.
Categories: Security News

Pages