News aggregator

CVE-2018-11994

National Vulnerability Database - Wed, 11/28/2018 - 10:29
SMMU secure camera logic allows secure camera controllers to access HLOS memory during session in Snapdragon Automobile, Snapdragon Mobile and Snapdragon Wear in versions MDM9206, MDM9607, MDM9650, MSM8996AU, SD 210/SD 212/SD 205, SD 425, SD 430, SD 450, SD 625, SD 820, SD 820A, SD 835, SD 845, SD 850, SDA660, SDA845, SDX24, SXR1130.
Categories: Security News

CVE-2018-11996

National Vulnerability Database - Wed, 11/28/2018 - 10:29
When a malformed command is sent to the device programmer, an out-of-bounds access can occur in Snapdragon Automobile, Snapdragon Mobile and Snapdragon Wear in versions MDM9206, MDM9607, MDM9650, MDM9655, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 600, SD 820, SD 820A, SD 835, SDA660, SDX20, SDX24.
Categories: Security News

CVE-2018-5870

National Vulnerability Database - Wed, 11/28/2018 - 10:29
While loading a service image, an untrusted pointer dereference can occur in Snapdragon Mobile in versions SD 835, SDA660, SDX24.
Categories: Security News

CVE-2018-5877

National Vulnerability Database - Wed, 11/28/2018 - 10:29
In the device programmer target-side code for firehose, a string may not be properly NULL terminated can lead to a incorrect buffer size in Snapdragon Automobile, Snapdragon Mobile and Snapdragon Wear in versions MDM9206, MDM9607, MDM9640, MDM9650, MDM9655, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 600, SD 820, SD 820A, SD 835, SDA660, SDX20.
Categories: Security News

CVE-2018-5912

National Vulnerability Database - Wed, 11/28/2018 - 10:29
Potential buffer overflow in Video due to lack of input validation in input and output values in Snapdragon Automobile, Snapdragon Mobile in versions MSM8996AU, SD 450, SD 625, SD 820, SD 820A, SD 835, SD 845, SD 850, SDA660.
Categories: Security News

CVE-2018-5916

National Vulnerability Database - Wed, 11/28/2018 - 10:29
Buffer overread while decoding PDP modify request or network initiated secondary PDP activation in Snapdragon Automobile, Snapdragon Mobile and Snapdragon Wear in versions MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 625, SD 650/52, SD 810, SD 820, SD 820A, SD 835, SD 845, SD 850, SDA660, SDA845, SDX20, SXR1130.
Categories: Security News

CVE-2018-5917

National Vulnerability Database - Wed, 11/28/2018 - 10:29
Possible buffer overflow in OEM crypto function due to improper input validation in Snapdragon Automobile, Snapdragon Mobile in versions MSM8996AU, SD 425, SD 430, SD 450, SD 625, SD 820, SD 820A, SD 835, SD 845, SD 850, SDA660, SDA845, SDX24, SXR1130.
Categories: Security News

CVE-2018-5918

National Vulnerability Database - Wed, 11/28/2018 - 10:29
Possible buffer overflow in DRM Trusted application due to lack of check function return values in Snapdragon Automobile, Snapdragon Mobile and Snapdragon Wear in versions MDM9206, MDM9607, MDM9650, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 625, SD 650/52, SD 800, SD 810, SD 820, SD 820A, SD 835, SD 845, SD 850, SDA660, SDA845, SDX24, SXR1130.
Categories: Security News

CVE-2018-14629

National Vulnerability Database - Wed, 11/28/2018 - 09:29
A denial of service vulnerability was discovered in Samba's LDAP server before versions 4.7.12, 4.8.7, and 4.9.3. A CNAME loop could lead to infinite recursion in the server. An unprivileged local attacker could create such an entry, leading to denial of service.
Categories: Security News

CVE-2018-16841

National Vulnerability Database - Wed, 11/28/2018 - 09:29
Samba from version 4.3.0 and before versions 4.7.12, 4.8.7 and 4.9.3 are vulnerable to a denial of service. When configured to accept smart-card authentication, Samba's KDC will call talloc_free() twice on the same memory if the principal in a validly signed certificate does not match the principal in the AS-REQ. This is only possible after authentication with a trusted certificate. talloc is robust against further corruption from a double-free with talloc_free() and directly calls abort(), terminating the KDC process.
Categories: Security News

CVE-2018-16851

National Vulnerability Database - Wed, 11/28/2018 - 09:29
Samba from version 4.0.0 and before versions 4.7.12, 4.8.7, 4.9.3 is vulnerable to a denial of service. During the processing of an LDAP search before Samba's AD DC returns the LDAP entries to the client, the entries are cached in a single memory object with a maximum size of 256MB. When this size is reached, the Samba process providing the LDAP service will follow the NULL pointer, terminating the process. There is no further vulnerability associated with this issue, merely a denial of service.
Categories: Security News

CVE-2018-16852

National Vulnerability Database - Wed, 11/28/2018 - 09:29
Samba from version 4.9.0 and before version 4.9.3 is vulnerable to a NULL pointer de-reference. During the processing of an DNS zone in the DNS management DCE/RPC server, the internal DNS server or the Samba DLZ plugin for BIND9, if the DSPROPERTY_ZONE_MASTER_SERVERS property or DSPROPERTY_ZONE_SCAVENGING_SERVERS property is set, the server will follow a NULL pointer and terminate. There is no further vulnerability associated with this issue, merely a denial of service.
Categories: Security News

CVE-2018-16853

National Vulnerability Database - Wed, 11/28/2018 - 09:29
Samba from version 4.7.0 has a vulnerability that allows a user in a Samba AD domain to crash the KDC when Samba is built in the non-default MIT Kerberos configuration. With this advisory the Samba Team clarify that the MIT Kerberos build of the Samba AD DC is considered experimental. Therefore the Samba Team will not issue security patches for this configuration. Additionally, Samba 4.7.12, 4.8.7 and 4.9.3 have been issued as security releases to prevent building of the AD DC with MIT Kerberos unless --with-experimental-mit-ad-dc is specified to the configure command.
Categories: Security News

CVE-2018-16857

National Vulnerability Database - Wed, 11/28/2018 - 09:29
Samba from version 4.9.0 and before version 4.9.3 that have AD DC configurations watching for bad passwords (to restrict brute forcing of passwords) in a window of more than 3 minutes may not watch for bad passwords at all. The primary risk from this issue is with regards to domains that have been upgraded from Samba 4.8 and earlier. In these cases the manual testing done to confirm an organisation's password policies apply as expected may not have been re-done after the upgrade.
Categories: Security News

CVE-2018-19630

National Vulnerability Database - Wed, 11/28/2018 - 05:29
cgi_handle_request in uhttpd in OpenWrt through 18.06.1 and LEDE through 17.01 has unauthenticated reflected XSS via the URI, as demonstrated by a cgi-bin/?[XSS] URI.
Categories: Security News

CVE-2018-19620

National Vulnerability Database - Wed, 11/28/2018 - 03:29
ShowDoc 2.4.1 allows remote attackers to edit other users' notes by navigating with a modified page_id.
Categories: Security News

CVE-2018-19621

National Vulnerability Database - Wed, 11/28/2018 - 03:29
server/index.php?s=/api/teamMember/save in ShowDoc 2.4.2 has a CSRF that can add members to a team.
Categories: Security News

Vuln: Schneider Electric Software Update CVE-2018-7799 DLL Loading Local Code Execution Vulnerability

SecurityFocus Vulnerabilities - Wed, 11/28/2018 - 00:00
Schneider Electric Software Update CVE-2018-7799 DLL Loading Local Code Execution Vulnerability
Categories: Security News

CVE-2018-0721

National Vulnerability Database - Tue, 11/27/2018 - 18:29
Buffer Overflow vulnerability in QNAP QTS 4.2.6 build 20180711 and earlier versions, 4.3.3 build 20180725 and earlier versions, and 4.3.4 build 20180710 and earlier versions could allow remote attackers to run arbitrary code on NAS devices.
Categories: Security News

CVE-2018-7946

National Vulnerability Database - Tue, 11/27/2018 - 17:29
There is an information leak vulnerability in some Huawei smartphones. An attacker may do some specific configuration in the smartphone and trick a user into inputting some sensitive information. Due to improper design, successful exploit may cause some information leak.
Categories: Security News

Pages