News aggregator

CVE-2018-0958

National Vulnerability Database - Wed, 05/09/2018 - 15:29
A security feature bypass vulnerability exists in Windows which could allow an attacker to bypass Device Guard, aka "Windows Security Feature Bypass Vulnerability." This affects Windows Server 2016, Windows 10, Windows 10 Servers. This CVE ID is unique from CVE-2018-0854, CVE-2018-8129, CVE-2018-8132.
Categories: Security News

CVE-2018-0959

National Vulnerability Database - Wed, 05/09/2018 - 15:29
A remote code execution vulnerability exists when Windows Hyper-V on a host server fails to properly validate input from an authenticated user on a guest operating system, aka "Hyper-V Remote Code Execution Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers.
Categories: Security News

CVE-2018-0961

National Vulnerability Database - Wed, 05/09/2018 - 15:29
A remote code execution vulnerability exists when Windows Hyper-V on a host server fails to properly validate vSMB packet data, aka "Hyper-V vSMB Remote Code Execution Vulnerability." This affects Windows Server 2016, Windows 10, Windows 10 Servers.
Categories: Security News

CVE-2018-1021

National Vulnerability Database - Wed, 05/09/2018 - 15:29
An information disclosure vulnerability exists when Microsoft Edge improperly handles objects in memory, aka "Microsoft Edge Information Disclosure Vulnerability." This affects Microsoft Edge. This CVE ID is unique from CVE-2018-8123.
Categories: Security News

CVE-2018-1022

National Vulnerability Database - Wed, 05/09/2018 - 15:29
A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers, aka "Scripting Engine Memory Corruption Vulnerability." This affects ChakraCore, Internet Explorer 11, Microsoft Edge. This CVE ID is unique from CVE-2018-0945, CVE-2018-0946, CVE-2018-0951, CVE-2018-0953, CVE-2018-0954, CVE-2018-0955, CVE-2018-8114, CVE-2018-8122, CVE-2018-8128, CVE-2018-8137, CVE-2018-8139.
Categories: Security News

CVE-2018-10770

National Vulnerability Database - Wed, 05/09/2018 - 14:29
download.rsp on ShenZhen Anni "5 in 1 XVR" devices allows remote attackers to download the configuration (without a login) to discover the password.
Categories: Security News

CVE-2018-10828

National Vulnerability Database - Wed, 05/09/2018 - 14:29
An issue was discovered in Alps Pointing-device Driver 10.1.101.207. ApMsgFwd.exe allows the current user to map and write to the "ApMsgFwd File Mapping Object" section. ApMsgFwd.exe uses the data written to this section as arguments to functions. This causes a denial of service condition when invalid pointers are written to the mapped section. This driver has been used with Dell, ThinkPad, and VAIO devices.
Categories: Security News

CVE-2017-18265

National Vulnerability Database - Wed, 05/09/2018 - 13:29
Prosody before 0.10.0 allows remote attackers to cause a denial of service (application crash), related to an incompatibility with certain versions of the LuaSocket library, such as the lua-socket package from Debian stretch. The attacker needs to trigger a stream error. A crash can be observed in, for example, the c2s module.
Categories: Security News

CVE-2018-10940

National Vulnerability Database - Wed, 05/09/2018 - 13:29
The cdrom_ioctl_media_changed function in drivers/cdrom/cdrom.c in the Linux kernel before 4.16.6 allows local attackers to use a incorrect bounds check in the CDROM driver CDROM_MEDIA_CHANGED ioctl to read out kernel memory.
Categories: Security News

CVE-2018-1089

National Vulnerability Database - Wed, 05/09/2018 - 11:29
389-ds-base before versions 1.4.0.9, 1.3.8.1, 1.3.6.15 did not properly handle long search filters with characters needing escapes, possibly leading to buffer overflows. A remote, unauthenticated attacker could potentially use this flaw to make ns-slapd crash via a specially crafted LDAP request, thus resulting in denial of service.
Categories: Security News

CVE-2016-9335

National Vulnerability Database - Wed, 05/09/2018 - 09:29
A hard-coded cryptographic key vulnerability was identified in Red Lion Controls Sixnet-Managed Industrial Switches running firmware Version 5.0.196 and Stride-Managed Ethernet Switches running firmware Version 5.0.190. Vulnerable versions of Stride-Managed Ethernet switches and Sixnet-Managed Industrial switches use hard-coded HTTP SSL/SSH keys for secure communication. Because these keys cannot be regenerated by users, all products use the same key. The attacker could disrupt communication or compromise the system. CVSS v3 base score: 10, CVSS vector string: (AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H). Red Lion Controls recommends updating to SLX firmware Version 5.3.174.
Categories: Security News

CVE-2018-8911

National Vulnerability Database - Wed, 05/09/2018 - 09:29
Cross-site scripting (XSS) vulnerability in Attachment Preview in Synology Note Station before 2.5.1-0844 allows remote authenticated users to inject arbitrary web script or HTML via malicious attachments.
Categories: Security News

CVE-2018-8912

National Vulnerability Database - Wed, 05/09/2018 - 09:29
Cross-site scripting (XSS) vulnerability in SYNO.NoteStation.Note in Synology Note Station before 2.5.1-0844 allows remote authenticated users to inject arbitrary web script or HTML via the commit_msg parameter.
Categories: Security News

CVE-2018-10682

National Vulnerability Database - Wed, 05/09/2018 - 04:29
An issue was discovered in WildFly 10.1.2.Final. It is possible for an attacker to access the administration panel on TCP port 9990 without any authentication using "anonymous" access that is automatically created. Once logged in, a misconfiguration present by default (auto-deployment) permits an anonymous user to deploy a malicious .war file, leading to remote code execution.
Categories: Security News

CVE-2018-10683

National Vulnerability Database - Wed, 05/09/2018 - 04:29
** DISPUTED ** An issue was discovered in WildFly 10.1.2.Final. In the case of a default installation without a security realm reference, an attacker can successfully access the server without authentication. NOTE: the Security Realms documentation in the product's Admin Guide indicates that "without a security realm reference" implies "effectively unsecured."
Categories: Security News

Bugtraq: [ADV170017] Defense in depth -- the Microsoft way (part 54): escalation of privilege during installation of Microsoft Office 20xy

SecurityFocus Vulnerabilities - Wed, 05/09/2018 - 04:20
[ADV170017] Defense in depth -- the Microsoft way (part 54): escalation of privilege during installation of Microsoft Office 20xy
Categories: Security News

Bugtraq: [SECURITY] [DSA 4196-1] linux security update

SecurityFocus Vulnerabilities - Wed, 05/09/2018 - 04:20
[SECURITY] [DSA 4196-1] linux security update
Categories: Security News

Bugtraq: FreeBSD Security Advisory FreeBSD-SA-18:06.debugreg

SecurityFocus Vulnerabilities - Wed, 05/09/2018 - 04:20
FreeBSD Security Advisory FreeBSD-SA-18:06.debugreg
Categories: Security News

Bugtraq: APPLE-SA-2018-05-08-1 Additional information for APPLE-SA-2018-04-24-2 Security Update 2018-001

SecurityFocus Vulnerabilities - Wed, 05/09/2018 - 04:20
APPLE-SA-2018-05-08-1 Additional information for APPLE-SA-2018-04-24-2 Security Update 2018-001
Categories: Security News

CVE-2018-10184

National Vulnerability Database - Wed, 05/09/2018 - 03:29
An issue was discovered in HAProxy before 1.8.8. The incoming H2 frame length was checked against the max_frame_size setting instead of being checked against the bufsize. The max_frame_size only applies to outgoing traffic and not to incoming, so if a large enough frame size is advertised in the SETTINGS frame, a wrapped frame will be defragmented into a temporary allocated buffer where the second fragment may overflow the heap by up to 16 kB. It is very unlikely that this can be exploited for code execution given that buffers are very short lived and their addresses not realistically predictable in production, but the likelihood of an immediate crash is absolutely certain.
Categories: Security News

Pages