News aggregator

CVE-2018-14907

National Vulnerability Database - Fri, 08/03/2018 - 14:29
The Web server in 3CX version 15.5.8801.3 is vulnerable to Information Leakage, because of improper error handling in Stack traces, as demonstrated by discovering a full pathname.
Categories: Security News

CVE-2018-14908

National Vulnerability Database - Fri, 08/03/2018 - 14:29
Samsung Syncthru Web Service V4.05.61 is vulnerable to CSRF on every request, as demonstrated by sws.application/printinformation/printReportSetupView.sws for a "Print emails sent" action.
Categories: Security News

CVE-2018-7748

National Vulnerability Database - Fri, 08/03/2018 - 14:29
report_viewer.do in ServiceNow Release Jakarta Patch 8 and earlier allows remote attackers to execute arbitrary code via '${xyz}' Glide Scripting Injection in the sysparm_media parameter.
Categories: Security News

Bugtraq: [slackware-security] lftp (SSA:2018-214-01)

SecurityFocus Vulnerabilities - Fri, 08/03/2018 - 14:20
[slackware-security] lftp (SSA:2018-214-01)
Categories: Security News

Bugtraq: [SECURITY] [DSA 4260-1] libmspack security update

SecurityFocus Vulnerabilities - Fri, 08/03/2018 - 14:20
[SECURITY] [DSA 4260-1] libmspack security update
Categories: Security News

CVE-2018-13416

National Vulnerability Database - Fri, 08/03/2018 - 13:29
In Universal Media Server (UMS) 7.1.0, the XML parsing engine for SSDP/UPnP functionality is vulnerable to an XML External Entity Processing (XXE) attack. Remote, unauthenticated attackers can use this vulnerability to: (1) Access arbitrary files from the filesystem with the same permission as the user account running UMS, (2) Initiate SMB connections to capture a NetNTLM challenge/response and crack to cleartext password, or (3) Initiate SMB connections to relay a NetNTLM challenge/response and achieve Remote Command Execution in Windows domains.
Categories: Security News

CVE-2018-14574

National Vulnerability Database - Fri, 08/03/2018 - 13:29
django.middleware.common.CommonMiddleware in Django 1.11.x before 1.11.15 and 2.0.x before 2.0.8 has an Open Redirect.
Categories: Security News

CVE-2018-14773

National Vulnerability Database - Fri, 08/03/2018 - 13:29
An issue was discovered in Http Foundation in Symfony 2.7.0 through 2.7.48, 2.8.0 through 2.8.43, 3.3.0 through 3.3.17, 3.4.0 through 3.4.13, 4.0.0 through 4.0.13, and 4.1.0 through 4.1.2. It arises from support for a (legacy) IIS header that lets users override the path in the request URL via the X-Original-URL or X-Rewrite-URL HTTP request header. These headers are designed for IIS support, but it's not verified that the server is in fact running IIS, which means anybody who can send these requests to an application can trigger this. This affects \Symfony\Component\HttpFoundation\Request::prepareRequestUri() where X-Original-URL and X_REWRITE_URL are both used. The fix drops support for these methods so that they cannot be used as attack vectors such as web cache poisoning.
Categories: Security News

CVE-2018-14774

National Vulnerability Database - Fri, 08/03/2018 - 13:29
An issue was discovered in HttpKernel in Symfony 2.7.0 through 2.7.48, 2.8.0 through 2.8.43, 3.3.0 through 3.3.17, 3.4.0 through 3.4.13, 4.0.0 through 4.0.13, and 4.1.0 through 4.1.2. When using HttpCache, the values of the X-Forwarded-Host headers are implicitly set as trusted while this should be forbidden, leading to potential host header injection.
Categories: Security News

CVE-2017-8316

National Vulnerability Database - Fri, 08/03/2018 - 11:29
IntelliJ IDEA XML parser was found vulnerable to XML External Entity attack, an attacker can exploit the vulnerability by implementing malicious code on both Androidmanifest.xml.
Categories: Security News

CVE-2018-1524

National Vulnerability Database - Fri, 08/03/2018 - 11:29
IBM Maximo Asset Management 7.6 through 7.6.3 installs with a default administator account that a remote intruder could use to gain administrator access to the system. This vulnerability is due to an incomplete fix for CVE-2015-4966. IBM X-Force ID: 142116.
Categories: Security News

CVE-2018-6590

National Vulnerability Database - Fri, 08/03/2018 - 10:29
CA API Developer Portal 4.x, prior to v4.2.5.3 and v4.2.7.1, has an unspecified reflected cross-site scripting vulnerability.
Categories: Security News

CVE-2018-14883

National Vulnerability Database - Fri, 08/03/2018 - 09:29
An issue was discovered in PHP before 5.6.37, 7.0.x before 7.0.31, 7.1.x before 7.1.20, and 7.2.x before 7.2.8. An Integer Overflow leads to a heap-based buffer over-read in exif_thumbnail_extract of exif.c.
Categories: Security News

CVE-2018-14884

National Vulnerability Database - Fri, 08/03/2018 - 09:29
An issue was discovered in PHP 7.0.x before 7.0.27, 7.1.x before 7.1.13, and 7.2.x before 7.2.1. Inappropriately parsing an HTTP response leads to a segmentation fault because http_header_value in ext/standard/http_fopen_wrapper.c can be a NULL value that is mishandled in an atoi call.
Categories: Security News

CVE-2018-5489

National Vulnerability Database - Fri, 08/03/2018 - 09:29
NetApp 7-Mode Transition Tool allows users with valid credentials to access functions and information which may have been intended to be restricted to administrators or privileged users. 7MTT versions below 2.0 do not enforce user authorization rules on file information and status that it has previously collected. The released version of 7MTT has been updated to maintain and verify authorization rules for file information, status and utilities.
Categories: Security News

Vuln: Apache OpenWhisk CVE-2018-11757 Serverless Function Remote Code Execution Vulnerability

SecurityFocus Vulnerabilities - Fri, 08/03/2018 - 00:00
Apache OpenWhisk CVE-2018-11757 Serverless Function Remote Code Execution Vulnerability
Categories: Security News

Vuln: Apache OpenWhisk CVE-2018-11756 Remote Code Execution Vulnerability

SecurityFocus Vulnerabilities - Fri, 08/03/2018 - 00:00
Apache OpenWhisk CVE-2018-11756 Remote Code Execution Vulnerability
Categories: Security News

Vuln: SuSE openSUSE Build Service CVE-2018-12466 Security Bypass Vulnerability

SecurityFocus Vulnerabilities - Fri, 08/03/2018 - 00:00
SuSE openSUSE Build Service CVE-2018-12466 Security Bypass Vulnerability
Categories: Security News

CVE-2018-14872

National Vulnerability Database - Thu, 08/02/2018 - 20:29
An issue was discovered in Rincewind 0.1. A reinstall vulnerability exists because the parameter p of index.php and another file named commonPages.php allows an attacker to reinstall the product, with all data reset.
Categories: Security News

CVE-2018-14873

National Vulnerability Database - Thu, 08/02/2018 - 20:29
An issue was discovered in Rincewind 0.1. There is a cross-site scripting (XSS) vulnerability involving a p=account request to index.php and another file named commonPages.php.
Categories: Security News

Pages