News aggregator

CVE-2018-18365

National Vulnerability Database - Tue, 04/09/2019 - 16:29
Norton Password Manager may be susceptible to an address spoofing issue. This type of issue may allow an attacker to disguise their origin IP address in order to obfuscate the source of network traffic.
Categories: Security News

CVE-2018-7117

National Vulnerability Database - Tue, 04/09/2019 - 15:29
A remote Cross-Site Scripting in HPE iLO 5 Web User Interface vulnerability was identified in HPE Integrated Lights-Out 5 (iLO 5) for Gen10 ProLiant Servers earlier than version v1.40.
Categories: Security News

CVE-2018-7118

National Vulnerability Database - Tue, 04/09/2019 - 15:29
A local access restriction bypass vulnerability was identified in HPE Service Pack for ProLiant (SPP) Bundled Software earlier than version 2018.09.0.
Categories: Security News

CVE-2018-16530

National Vulnerability Database - Tue, 04/09/2019 - 15:29
A stack-based buffer overflow in Forcepoint Email Security version 8.5 allows an attacker to craft malicious input and potentially crash a process creating a denial-of-service. While no known Remote Code Execution (RCE) vulnerabilities exist, as with all buffer overflows, the possibility of RCE cannot be completely ruled out. Data Execution Protection (DEP) is already enabled on the Email appliance as a risk mitigation.
Categories: Security News

CVE-2019-9133

National Vulnerability Database - Tue, 04/09/2019 - 14:29
When processing subtitles format media file, KMPlayer version 2018.12.24.14 or lower doesn't check object size correctly, which leads to integer underflow then to memory out-of-bound read/write. An attacker can exploit this issue by enticing an unsuspecting user to open a malicious file.
Categories: Security News

CVE-2019-9134 (architectural_information_system)

National Vulnerability Database - Tue, 04/09/2019 - 14:29
Architectural Information System 1.0 and earlier versions have a Stack-based buffer overflow, allows remote attackers to execute arbitrary code.
Categories: Security News

CVE-2017-17023

National Vulnerability Database - Tue, 04/09/2019 - 14:29
The Sophos UTM VPN endpoint interacts with client software provided by NPC Engineering (www.ncp-e.com). The affected client software, "Sophos IPSec Client" 11.04 is a rebranded version of NCP "Secure Entry Client" 10.11 r32792. A vulnerability in the software update feature of the VPN client allows a man-in-the-middle (MITM) or man-on-the-side (MOTS) attacker to execute arbitrary, malicious software on a target user's computer. This is related to SIC_V11.04-64.exe (Sophos), NCP_EntryCl_Windows_x86_1004_31799.exe (NCP), and ncpmon.exe (both Sophos and NCP). The vulnerability exists because: (1) the VPN client requests update metadata over an insecure HTTP connection; and (2) the client software does not check if the software update is signed before running it.
Categories: Security News

CVE-2017-3139

National Vulnerability Database - Tue, 04/09/2019 - 14:29
A denial of service flaw was found in the way BIND handled DNSSEC validation. A remote attacker could use this flaw to make named exit unexpectedly with an assertion failure via a specially crafted DNS response.
Categories: Security News

CVE-2018-14894

National Vulnerability Database - Tue, 04/09/2019 - 14:29
CyberArk Endpoint Privilege Manager 10.2.1.603 and earlier allows an attacker (who is able to edit permissions of a file) to bypass intended access restrictions and execute blocked applications.
Categories: Security News

CVE-2018-19586

National Vulnerability Database - Tue, 04/09/2019 - 14:29
Silverpeas 5.15 through 6.0.2 is affected by an authenticated Directory Traversal vulnerability that can be triggered during file uploads because core/webapi/upload/FileUploadData.java mishandles a StringUtil.java call. This vulnerability enables regular users to write arbitrary files on the underlying system with privileges of the user running the application. Especially, an attacker may leverage the vulnerability to write an executable JSP file in an exposed web directory to execute commands on the underlying system.
Categories: Security News

CVE-2018-20698

National Vulnerability Database - Tue, 04/09/2019 - 14:29
The floragunn Search Guard plugin before 6.x-16 for Kibana allows URL injection for login redirects on the login page when basePath is set.
Categories: Security News

CVE-2019-6117

National Vulnerability Database - Tue, 04/09/2019 - 14:29
The wpape APE GALLERY plugin 1.6.14 for WordPress has stored XSS via the classGallery.php getCategories function.
Categories: Security News

CVE-2019-7174

National Vulnerability Database - Tue, 04/09/2019 - 14:29
Roxy Fileman 1.4.5 allows attackers to execute renamefile.php (aka Rename File), createdir.php (aka Create Directory), fileslist.php (aka Echo File List), and movefile.php (aka Move File) operations.
Categories: Security News

CVE-2019-8990

National Vulnerability Database - Tue, 04/09/2019 - 14:29
The HTTP Connector component of TIBCO Software Inc.'s TIBCO ActiveMatrix BusinessWorks contains a vulnerability that theoretically allows unauthenticated HTTP requests to be processed by the BusinessWorks engine even when authentication is required. This possibility is restricted to circumstances where HTTP "Basic Authentication" policy is used in conjunction with an XML Authentication resource. The BusinessWorks engine might instead use credentials from a prior HTTP request for authorization purposes. Affected releases are TIBCO Software Inc. TIBCO ActiveMatrix BusinessWorks: versions up to and including 6.4.2.
Categories: Security News

CVE-2018-13366 (fortios)

National Vulnerability Database - Tue, 04/09/2019 - 13:29
An information disclosure vulnerability in Fortinet FortiOS 6.0.1, 5.6.7 and below allows attacker to reveals serial number of FortiGate via hostname field defined in connection control setup packets of PPTP protocol.
Categories: Security News

CVE-2018-19589

National Vulnerability Database - Tue, 04/09/2019 - 13:29
Incorrect Access Controls of Security Officer (SO) in PKCS11 R2 provider that ships with the Utimaco CryptoServer HSM product package allows an SO authenticated to a slot to retrieve attributes of keys marked as private keys in external key storage, and also delete keys marked as private keys in external key storage. This compromises the availability of all keys configured with external key storage and may result in an economic attack in which the attacker denies legitimate users access to keys while maintaining possession of an encrypted copy (blob) of the external key store for ransom. This attack has been dubbed reverse ransomware attack and may be executed via a physical connection to the CryptoServer or remote connection if SSH or remote access to LAN CryptoServer has been compromised. The Confidentiality and Integrity of the affected keys, however, remain untarnished.
Categories: Security News

CVE-2019-3893

National Vulnerability Database - Tue, 04/09/2019 - 12:29
In Foreman it was discovered that the delete compute resource operation, when executed from the Foreman API, leads to the disclosure of the plaintext password or token for the affected compute resource. A malicious user with the "delete_compute_resource" permission can use this flaw to take control over compute resources managed by foreman. Versions before 1.20.3, 1.21.1, 1.22.0 are vulnerable.
Categories: Security News

CVE-2019-3940

National Vulnerability Database - Tue, 04/09/2019 - 12:29
Advantech WebAccess 8.3.4 is vulnerable to file upload attacks via unauthenticated RPC call. An unauthenticated, remote attacker can use this vulnerability to execute arbitrary code.
Categories: Security News

CVE-2019-3941 (webaccess)

National Vulnerability Database - Tue, 04/09/2019 - 12:29
Advantech WebAccess 8.3.4 allows unauthenticated, remote attackers to delete arbitrary files via IOCTL 10005 RPC.
Categories: Security News

CVE-2019-5615

National Vulnerability Database - Tue, 04/09/2019 - 12:29
Users with Site-level permissions can access files containing the username-encrypted passwords of Security Console Global Administrators and clear-text passwords for restoring backups, as well as the salt for those passwords. Valid credentials are required to access these files and malicious users would still need to perform additional work to decrypt the credentials and escalate privileges. This issue affects: Rapid7 InsightVM versions 6.5.11 through 6.5.49.
Categories: Security News

Pages