News aggregator

CVE-2018-6891

National Vulnerability Database - Sun, 02/11/2018 - 01:29
Bookly #1 WordPress Booking Plugin Lite before 14.5 has XSS via a jQuery.ajax request to ng-payment_details_dialog.js.
Categories: Security News

CVE-2018-1000056

National Vulnerability Database - Fri, 02/09/2018 - 18:29
Jenkins JUnit Plugin 1.23 and earlier processes XML external entities in files it parses as part of the build process, allowing attackers with user permissions in Jenkins to extract secrets from the Jenkins master, perform server-side request forgery, or denial-of-service attacks.
Categories: Security News

CVE-2018-1000057

National Vulnerability Database - Fri, 02/09/2018 - 18:29
Jenkins Credentials Binding Plugin 1.14 and earlier masks passwords it provides to build processes in their build logs. Jenkins however transforms provided password values, e.g. replacing environment variable references, which could result in values different from but similar to configured passwords being provided to the build. Those values are not subject to masking, and could allow unauthorized users to recover the original password.
Categories: Security News

CVE-2018-1000058

National Vulnerability Database - Fri, 02/09/2018 - 18:29
Jenkins Pipeline: Supporting APIs Plugin 2.17 and earlier have an arbitrary code execution due to incomplete sandbox protection: Methods related to Java deserialization like readResolve implemented in Pipeline scripts were not subject to sandbox protection, and could therefore execute arbitrary code. This could be exploited e.g. by regular Jenkins users with the permission to configure Pipelines in Jenkins, or by trusted committers to repositories containing Jenkinsfiles.
Categories: Security News

CVE-2018-1000059

National Vulnerability Database - Fri, 02/09/2018 - 18:29
ValidFormBuilder version 4.5.4 contains a PHP Object Injection vulnerability in Valid Form unserialize method that can result in Possible to execute unauthorised system commands remotely and disclose file contents in file system.
Categories: Security News

CVE-2018-1000060

National Vulnerability Database - Fri, 02/09/2018 - 18:29
Sensu, Inc. Sensu Core version Before 1.2.0 & before commit 46ff10023e8cbf1b6978838f47c51b20b98fe30b contains a CWE-522 vulnerability in Sensu::Utilities.redact_sensitive() that can result in sensitive configuration data (e.g. passwords) may be logged in clear-text. This attack appear to be exploitable via victims with configuration matching a specific pattern will observe sensitive data outputted in their service log files. This vulnerability appears to have been fixed in 1.2.1 and later, after commit 46ff10023e8cbf1b6978838f47c51b20b98fe30b.
Categories: Security News

CVE-2018-1000061

National Vulnerability Database - Fri, 02/09/2018 - 18:29
ARM mbedTLS version development branch, 2.7.0 and earlier contains a CWE-670, Incorrect condition control flow leading to incorrect return, leading to data loss vulnerability in ssl_write_real(), library/ssl_tls.c:7142 that can result in Leads to data loss, can be escalated to DoS and authorization bypass in application protocols. This attack appear to be exploitable via network connectivity.
Categories: Security News

CVE-2018-1000062

National Vulnerability Database - Fri, 02/09/2018 - 18:29
WonderCMS version 2.4.0 contains a Stored Cross-Site Scripting on File Upload through SVG vulnerability in uploadFileAction(), 'svg' => 'image/svg+xml' that can result in An attacker can execute arbitrary script on an unsuspecting user's browser. This attack appear to be exploitable via Crafted SVG File.
Categories: Security News

CVE-2018-1000031

National Vulnerability Database - Fri, 02/09/2018 - 18:29
A heap-based buffer overflow exists in InfoZip UnZip version 6.10c22 that allows an attacker to perform a denial of service or to possibly achieve code execution.
Categories: Security News

CVE-2018-1000032

National Vulnerability Database - Fri, 02/09/2018 - 18:29
A heap-based buffer overflow exists in InfoZip UnZip version 6.10c22 that allows an attacker to perform a denial of service or to possibly achieve code execution.
Categories: Security News

CVE-2018-1000033

National Vulnerability Database - Fri, 02/09/2018 - 18:29
An out-of-bounds read exists in InfoZip UnZip version 6.10c22 that allows an attacker to perform a denial of service and read sensitive memory.
Categories: Security News

CVE-2018-1000034

National Vulnerability Database - Fri, 02/09/2018 - 18:29
An out-of-bounds read exists in InfoZip UnZip version 6.10c22 that allows an attacker to perform a denial of service and read sensitive memory.
Categories: Security News

CVE-2018-1000035

National Vulnerability Database - Fri, 02/09/2018 - 18:29
A heap-based buffer overflow exists in InfoZip UnZip version <= 6.00 in the processing of password-protected archives that allows an attacker to perform a denial of service or to possibly achieve code execution.
Categories: Security News

CVE-2018-1000041

National Vulnerability Database - Fri, 02/09/2018 - 18:29
GNOME librsvg version before commit c6ddf2ed4d768fd88adbea2b63f575cd523022ea contains a Improper input validation vulnerability in rsvg-io.c that can result in the victim's Windows username and NTLM password hash being leaked to remote attackers through SMB. This attack appear to be exploitable via The victim must process a specially crafted SVG file containing an UNC path on Windows.
Categories: Security News

CVE-2018-1000042

National Vulnerability Database - Fri, 02/09/2018 - 18:29
Security Onion Solutions Squert version 1.3.0 through 1.6.7 contains a CWE-78: Improper Neutralization of Special Elements used in an OS Command (OS Command Injection) vulnerability in .inc/callback.php that can result in execution of OS Commands. This attack appear to be exploitable via Web request to .inc/callback.php with the payload in the data or obj parameters, used in autocat(). This vulnerability appears to have been fixed in 1.7.0.
Categories: Security News

CVE-2018-1000043

National Vulnerability Database - Fri, 02/09/2018 - 18:29
Security Onion Solutions Squert version 1.0.1 through 1.6.7 contains a CWE-78: Improper Neutralization of Special Elements used in an OS Command (OS Command Injection) vulnerability in .inc/callback.php that can result in execution of OS Commands. This attack appear to be exploitable via Web request to .inc/callback.php with the payload in the txdata parameter, used in tx()/transcript(), or the catdata parameter, used in cat(). This vulnerability appears to have been fixed in 1.7.0.
Categories: Security News

CVE-2018-1000044

National Vulnerability Database - Fri, 02/09/2018 - 18:29
Security Onion Solutions Squert version 1.1.1 through 1.6.7 contains a SQL Injection vulnerability in .inc/callback.php that can result in execution of SQL commands. This attack appear to be exploitable via Web request to .inc/callback.php with the payload in the sensors parameter, used in ec(). This vulnerability appears to have been fixed in 1.7.0.
Categories: Security News

CVE-2018-1000045

National Vulnerability Database - Fri, 02/09/2018 - 18:29
NASA Singledop version v1.0 contains a CWE-502 vulnerability in NASA Singledop library (Weather data) that can result in remote code execution. This attack appear to be exploitable via Victim opening a specially crafted radar data file. This vulnerability appears to have been fixed in v1.1.
Categories: Security News

CVE-2018-1000046

National Vulnerability Database - Fri, 02/09/2018 - 18:29
NASA Pyblock version v1.0 - v1.3 contains a CWE-502 vulnerability in Radar data parsing library that can result in remote code execution. This attack appear to be exploitable via Victim opening a specially crafted radar data file. This vulnerability appears to have been fixed in v1.4.
Categories: Security News

CVE-2018-1000047

National Vulnerability Database - Fri, 02/09/2018 - 18:29
NASA Kodiak version v1.0 contains a CWE-502 vulnerability in Kodiak library's data processing function that can result in remote code execution. This attack appear to be exploitable via Victim opens an untrusted file for optimization using Kodiak library.
Categories: Security News

Pages