News aggregator

CVE-2018-9497

National Vulnerability Database - Tue, 10/02/2018 - 15:29
In impeg2_fmt_conv_yuv420p_to_yuv420sp_uv_av8 of impeg2_format_conv.s there is a possible out of bounds write due to missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android Versions: Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android-9.0 Android ID: A-74078669
Categories: Security News

CVE-2018-9498

National Vulnerability Database - Tue, 10/02/2018 - 15:29
In SkSampler::Fill of SkSampler.cpp, there is a possible out of bounds write due to an integer overflow. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android Versions: Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android ID: A-78354855
Categories: Security News

CVE-2018-9493

National Vulnerability Database - Tue, 10/02/2018 - 15:29
In the content provider of the download manager, there is a possible SQL injection due to improper input validation. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android-9.0 Android ID: A-111085900
Categories: Security News

CVE-2018-9496

National Vulnerability Database - Tue, 10/02/2018 - 15:29
In ixheaacd_real_synth_fft_p3 of ixheaacd_esbr_fft.c there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android Versions: Android-9.0 Android ID: A-110769924
Categories: Security News

CVE-2018-9491

National Vulnerability Database - Tue, 10/02/2018 - 15:29
In AMediaCodecCryptoInfo_new of NdkMediaCodec.cpp, there is a possible out-of-bounds write due to an integer overflow. This could lead to remote code execution in external apps with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android Versions: Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android-9.0 Android ID: A-111603051
Categories: Security News

CVE-2018-9492

National Vulnerability Database - Tue, 10/02/2018 - 15:29
In checkGrantUriPermissionLocked of ActivityManagerService.java, there is a possible permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-8.0 Android-8.1 Android-9.0 Android ID: A-111934948
Categories: Security News

CVE-2018-9490

National Vulnerability Database - Tue, 10/02/2018 - 15:29
In CollectValuesOrEntriesImpl of elements.cc, there is possible remote code execution due to type confusion. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android-9.0 Android ID: A-111274046
Categories: Security News

CVE-2018-9473

National Vulnerability Database - Tue, 10/02/2018 - 15:29
In ihevcd_parse_sei_payload of ihevcd_parse_headers.c, there is a possible out-of-bounds write due to an integer overflow. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android Versions: Android-8.0 Android ID: A-65484460
Categories: Security News

CVE-2018-9476

National Vulnerability Database - Tue, 10/02/2018 - 15:29
In avrc_pars_browsing_cmd of avrc_pars_tg.cc, there is a possible use-after-free due to improper locking. This could lead to remote escalation of privilege in the Bluetooth service with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-8.0 Android-8.1 Android ID: A-109699112
Categories: Security News

CVE-2018-11752

National Vulnerability Database - Tue, 10/02/2018 - 15:29
Previous releases of the Puppet cisco_ios module output SSH session debug information including login credentials to a world readable file on every run. These issues have been resolved in the 0.4.0 release.
Categories: Security News

CVE-2018-9452

National Vulnerability Database - Tue, 10/02/2018 - 15:29
In getOffsetForHorizontal of Layout.java, there is a possible application hang due to a slow width calculation. This could lead to remote denial of service if a contact with many hidden unicode characters were sent to the device and used by a local app, with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android Versions: Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android-9.0 Android ID: A-78464361
Categories: Security News

CVE-2018-11748

National Vulnerability Database - Tue, 10/02/2018 - 15:29
Previous releases of the Puppet device_manager module creates configuration files containing credentials that are world readable. This issue has been resolved as of device_manager 2.7.0.
Categories: Security News

CVE-2018-11750

National Vulnerability Database - Tue, 10/02/2018 - 15:29
Previous releases of the Puppet cisco_ios module did not validate a host's identity before starting a SSH connection. As of the 0.4.0 release of cisco_ios, host key checking is enabled by default.
Categories: Security News

CVE-2018-17593

National Vulnerability Database - Tue, 10/02/2018 - 14:29
AirTies Air 5453 devices with software 1.0.0.18 have XSS via the top.html productboardtype parameter.
Categories: Security News

CVE-2018-17594

National Vulnerability Database - Tue, 10/02/2018 - 14:29
AirTies Air 5443v2 devices with software 1.0.0.18 have XSS via the top.html productboardtype parameter.
Categories: Security News

CVE-2018-17595

National Vulnerability Database - Tue, 10/02/2018 - 14:29
In the 5.4.0 version of the Fork CMS software, HTML Injection and Stored XSS vulnerabilities were discovered via the /backend/ajax URI.
Categories: Security News

CVE-2018-17596

National Vulnerability Database - Tue, 10/02/2018 - 14:29
In Zoho ManageEngine AssetExplorer, a Stored XSS vulnerability was discovered in the 6.2.0 version via the /AssetDef.do ciName or assetName parameter.
Categories: Security News

CVE-2018-17786

National Vulnerability Database - Tue, 10/02/2018 - 14:29
On D-Link DIR-823G devices, ExportSettings.sh, upload_settings.cgi, GetDownLoadSyslog.sh, and upload_firmware.cgi do not require authentication, which allows remote attackers to execute arbitrary code.
Categories: Security News

CVE-2018-17787

National Vulnerability Database - Tue, 10/02/2018 - 14:29
On D-Link DIR-823G devices, the GoAhead configuration allows /HNAP1 Command Injection via shell metacharacters in the POST data, because this data is sent directly to the "system" library function.
Categories: Security News

CVE-2018-17884

National Vulnerability Database - Tue, 10/02/2018 - 14:29
XSS exists in admin/gb-dashboard-widget.php in the Gwolle Guestbook (gwolle-gb) plugin before 2.5.4 for WordPress via the PATH_INFO to wp-admin/index.php
Categories: Security News

Pages