News aggregator

CVE-2017-5729

National Vulnerability Database - Tue, 11/21/2017 - 09:29
Frame replay vulnerability in Wi-Fi subsystem in Intel Dual-Band and Tri-Band Wireless-AC Products allows remote attacker to replay frames via channel-based man-in-the-middle.
Categories: Security News

CVE-2017-15044

National Vulnerability Database - Tue, 11/21/2017 - 08:29
The default installation of DocuWare Fulltext Search server through 6.11 allows remote users to connect to and download searchable text from the embedded Solr service, bypassing DocuWare's access control features of the DocuWare user interfaces and API. An attacker can also gain privileges by modifying text. The default installation is unsafe because the server listens on the network interface, not the localhost interface.
Categories: Security News

CVE-2017-16613

National Vulnerability Database - Tue, 11/21/2017 - 08:29
An issue was discovered in middleware.py in OpenStack Swauth through 1.2.0 when used with OpenStack Swift through 2.15.1. The Swift object store and proxy server are saving (unhashed) tokens retrieved from the Swauth middleware authentication mechanism to a log file as part of a GET URI. This allows attackers to bypass authentication by inserting a token into an X-Auth-Token header of a new request. NOTE: github.com/openstack/swauth URLs do not mean that Swauth is maintained by an official OpenStack project team.
Categories: Security News

CVE-2017-16920

National Vulnerability Database - Tue, 11/21/2017 - 08:29
v5/config/system.php in dayrui FineCms 5.2.0 has a default SYS_KEY value and does not require key regeneration for each installation, which allows remote attackers to upload arbitrary .php files via a member api swfupload action to index.php.
Categories: Security News

CVE-2017-16840

National Vulnerability Database - Tue, 11/21/2017 - 03:29
The VC-2 Video Compression encoder in FFmpeg 3.4 allows remote attackers to cause a denial of service (out-of-bounds read) because of incorrect buffer padding for non-Haar wavelets, related to libavcodec/vc2enc.c and libavcodec/vc2enc_dwt.c.
Categories: Security News

CVE-2017-16919

National Vulnerability Database - Tue, 11/21/2017 - 03:29
MapOS 3.1.11 and earlier has a Stored Cross-site Scripting (XSS) vulnerability in /clientes/visualizar, which allows remote attackers to inject arbitrary web script or HTML via a crafted description parameter.
Categories: Security News

Vuln: OpenSAML CVE-2017-16853 Multipal Security Bypass Vulnerabilites

SecurityFocus Vulnerabilities - Tue, 11/21/2017 - 00:00
OpenSAML CVE-2017-16853 Multipal Security Bypass Vulnerabilites
Categories: Security News

Vuln: IBM Business Process Manager CVE-2017-1628 Denial of Service Vulnerability

SecurityFocus Vulnerabilities - Tue, 11/21/2017 - 00:00
IBM Business Process Manager CVE-2017-1628 Denial of Service Vulnerability
Categories: Security News

Vuln: Node.js ejs Package 'ejs.renderFile()' Function Remote Code Execution Vulnerability

SecurityFocus Vulnerabilities - Tue, 11/21/2017 - 00:00
Node.js ejs Package 'ejs.renderFile()' Function Remote Code Execution Vulnerability
Categories: Security News

Vuln: Cisco FindIT Discovery Utility DLL Loading Local Arbitrary Code Execution Vulnerability

SecurityFocus Vulnerabilities - Tue, 11/21/2017 - 00:00
Cisco FindIT Discovery Utility DLL Loading Local Arbitrary Code Execution Vulnerability
Categories: Security News

CVE-2017-12110

National Vulnerability Database - Mon, 11/20/2017 - 17:29
An exploitable integer overflow vulnerability exists in the xls_appendSST function of libxls 1.4.A specially crafted XLS file can cause memory corruption resulting in remote code execution.
Categories: Security News

CVE-2017-12111

National Vulnerability Database - Mon, 11/20/2017 - 17:29
An exploitable out-of-bounds vulnerability exists in the xls_addCell function of libxls 1.4. A specially crafted XLS file with a formula record can cause memory corruption resulting in remote code execution. An attacker can send a malicious XLS file to trigger this vulnerability.
Categories: Security News

CVE-2017-2896

National Vulnerability Database - Mon, 11/20/2017 - 17:29
An exploitable out-of-bounds write vulnerability exists in the xls_mergedCells function of libxls 1.4. . A specially crafted XLS file can cause a memory corruption resulting in remote code execution. An attacker can send malicious XLS file to trigger this vulnerability.
Categories: Security News

CVE-2017-2897

National Vulnerability Database - Mon, 11/20/2017 - 17:29
An exploitable out-of-bounds write vulnerability exists in the read_MSAT function of libxls 1.4. A specially crafted XLS file can cause a memory corruption resulting in remote code execution. An attacker can send malicious XLS file to trigger this vulnerability.
Categories: Security News

CVE-2017-2919

National Vulnerability Database - Mon, 11/20/2017 - 17:29
An exploitable stack based buffer overflow vulnerability exists in the xls_getfcell function of libxls 1.3.4. A specially crafted XLS file can cause a memory corruption resulting in remote code execution. An attacker can send malicious XLS file to trigger this vulnerability
Categories: Security News

CVE-2017-12608

National Vulnerability Database - Mon, 11/20/2017 - 15:29
A vulnerability in Apache OpenOffice Writer DOC file parser before 4.1.4, and specifically in ImportOldFormatStyles, allows attackers to craft malicious documents that cause denial of service (memory corruption and application crash) potentially resulting in arbitrary code execution.
Categories: Security News

CVE-2017-16906

National Vulnerability Database - Mon, 11/20/2017 - 15:29
In Horde Groupware 5.2.19, there is XSS via the URL field in a "Calendar -> New Event" action.
Categories: Security News

CVE-2017-16907

National Vulnerability Database - Mon, 11/20/2017 - 15:29
In Horde Groupware 5.2.19, there is XSS via the Color field in a Create Task List action.
Categories: Security News

CVE-2017-16908

National Vulnerability Database - Mon, 11/20/2017 - 15:29
In Horde Groupware 5.2.19, there is XSS via the Name field during creation of a new Resource. This can be leveraged for remote code execution after compromising an administrator account, because the CVE-2015-7984 CSRF protection mechanism can then be bypassed.
Categories: Security News

CVE-2017-3157

National Vulnerability Database - Mon, 11/20/2017 - 15:29
By exploiting the way Apache OpenOffice before 4.1.4 renders embedded objects, an attacker could craft a document that allows reading in a file from the user's filesystem. Information could be retrieved by the attacker by, e.g., using hidden sections to store the information, tricking the user into saving the document and convincing the user to send the document back to the attacker. The vulnerability is mitigated by the need for the attacker to know the precise file path in the target system, and the need to trick the user into saving the document and sending it back.
Categories: Security News

Pages