News aggregator

CVE-2017-9271

National Vulnerability Database - Thu, 03/01/2018 - 15:29
The commandline package update tool zypper writes HTTP proxy credentials into its logfile, allowing local attackers to gain access to proxies used.
Categories: Security News

CVE-2018-7579

National Vulnerability Database - Thu, 03/01/2018 - 14:29
\application\admin\controller\update_urls.class.php in YzmCMS 3.6 has SQL Injection via the catids array parameter to admin/update_urls/update_category_url.html.
Categories: Security News

CVE-2018-7584

National Vulnerability Database - Thu, 03/01/2018 - 14:29
In PHP through 5.6.33, 7.0.x before 7.0.28, 7.1.x through 7.1.14, and 7.2.x through 7.2.2, there is a stack-based buffer under-read while parsing an HTTP response in the php_stream_url_wrap_http_ex function in ext/standard/http_fopen_wrapper.c. This subsequently results in copying a large string.
Categories: Security News

CVE-2018-2365

National Vulnerability Database - Thu, 03/01/2018 - 12:29
SAP NetWeaver Portal, WebDynpro Java, 7.30, 7.31, 7.40, 7.50, does not sufficiently encode user controlled inputs, resulting in Cross-Site Scripting (XSS) vulnerability.
Categories: Security News

CVE-2018-2367

National Vulnerability Database - Thu, 03/01/2018 - 12:29
ABAP File Interface in, SAP BASIS, from 7.00 to 7.02, from 7.10 to 7.11, 7.30, 7.31, 7.40, from 7.50 to 7.52, allows an attacker to exploit insufficient validation of path information provided by users, thus characters representing "traverse to parent directory" are passed through to the file APIs.
Categories: Security News

CVE-2018-2368

National Vulnerability Database - Thu, 03/01/2018 - 12:29
SAP NetWeaver System Landscape Directory, LM-CORE 7.10, 7.20, 7.30, 7.31, 7.40, does not perform any authentication checks for functionalities that require user identity.
Categories: Security News

CVE-2018-2380

National Vulnerability Database - Thu, 03/01/2018 - 12:29
SAP CRM, 7.01, 7.02,7.30, 7.31, 7.33, 7.54, allows an attacker to exploit insufficient validation of path information provided by users, thus characters representing "traverse to parent directory" are passed through to the file APIs.
Categories: Security News

CVE-2018-5314

National Vulnerability Database - Thu, 03/01/2018 - 12:29
Command injection vulnerability in Citrix NetScaler ADC and NetScaler Gateway 11.0 before build 70.16, 11.1 before build 55.13, and 12.0 before build 53.13; and the NetScaler Load Balancing instance distributed with NetScaler SD-WAN/CloudBridge 4000, 4100, 5000 and 5100 WAN Optimization Edition 9.3.0 allows remote attackers to execute a system command or read arbitrary files via an SSH login prompt.
Categories: Security News

CVE-2018-7550

National Vulnerability Database - Thu, 03/01/2018 - 12:29
The load_multiboot function in hw/i386/multiboot.c in Quick Emulator (aka QEMU) allows local guest OS users to execute arbitrary code on the QEMU host via a mh_load_end_addr value greater than mh_bss_end_addr, which triggers an out-of-bounds read or write memory access.
Categories: Security News

CVE-2018-7573

National Vulnerability Database - Thu, 03/01/2018 - 12:29
An issue was discovered in FTPShell Client 6.7. A remote FTP server can send 400 characters of 'F' in conjunction with the FTP 220 response code to crash the application; after this overflow, one can run arbitrary code on the victim machine. This is similar to CVE-2009-3364 and CVE-2017-6465.
Categories: Security News

CVE-2017-6150

National Vulnerability Database - Thu, 03/01/2018 - 11:29
Under certain conditions for F5 BIG-IP systems 13.0.0 or 12.1.0 - 12.1.3.1, using FastL4 profiles, when the Reassemble IP Fragments option is disabled (default), some specific large fragmented packets may restart the Traffic Management Microkernel (TMM).
Categories: Security News

CVE-2017-6154

National Vulnerability Database - Thu, 03/01/2018 - 11:29
On F5 BIG-IP systems running 13.0.0, 12.1.0 - 12.1.3.1, or 11.6.1 - 11.6.2, the BIG-IP ASM bd daemon may core dump memory under some circumstances when processing undisclosed types of data on systems with 48 or more CPU cores.
Categories: Security News

CVE-2018-5500

National Vulnerability Database - Thu, 03/01/2018 - 11:29
On F5 BIG-IP systems running 13.0.0, 12.1.0 - 12.1.3.1, or 11.6.1 - 11.6.2, every Multipath TCP (MCTCP) connection established leaks a small amount of memory. Virtual server using TCP profile with Multipath TCP (MCTCP) feature enabled will be affected by this issue.
Categories: Security News

CVE-2018-5501

National Vulnerability Database - Thu, 03/01/2018 - 11:29
In some circumstances, on F5 BIG-IP systems running 13.0.0, 12.1.0 - 12.1.3.1, any 11.6.x or 11.5.x release, or 11.2.1, TCP DNS profile allows excessive buffering due to lack of flow control.
Categories: Security News

CVE-2018-7561

National Vulnerability Database - Thu, 03/01/2018 - 10:29
Stack-based Buffer Overflow in httpd on Tenda AC9 devices V15.03.05.14_EN allows remote attackers to cause a denial of service or possibly have unspecified other impact.
Categories: Security News

CVE-2017-12627

National Vulnerability Database - Thu, 03/01/2018 - 09:29
In Apache Xerces-C XML Parser library before 3.2.1, processing of external DTD paths can result in a null pointer dereference under certain conditions.
Categories: Security News

Bugtraq: [security bulletin] MFSBGN03794 rev.2 - Micro Focus Operations Agent Multiple vulnerabilities

SecurityFocus Vulnerabilities - Thu, 03/01/2018 - 03:20
[security bulletin] MFSBGN03794 rev.2 - Micro Focus Operations Agent Multiple vulnerabilities
Categories: Security News

Bugtraq: Secunia Research: Linux Kernel "_sctp_make_chunk()" Denial of Service Vulnerability

SecurityFocus Vulnerabilities - Thu, 03/01/2018 - 03:20
Secunia Research: Linux Kernel "_sctp_make_chunk()" Denial of Service Vulnerability
Categories: Security News

Bugtraq: SEC Consult SA-20180228-0 :: Insecure Direct Object Reference vulnerability in TestLink Open Source Test Management

SecurityFocus Vulnerabilities - Thu, 03/01/2018 - 03:20
SEC Consult SA-20180228-0 :: Insecure Direct Object Reference vulnerability in TestLink Open Source Test Management
Categories: Security News

CVE-2017-18207

National Vulnerability Database - Thu, 03/01/2018 - 00:29
The Wave_read._read_fmt_chunk function in Lib/wave.py in Python through 3.6.4 does not ensure a nonzero channel value, which allows attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted wav format audio file.
Categories: Security News

Pages