News aggregator

CVE-2018-6625

National Vulnerability Database - Mon, 02/05/2018 - 13:29
In WatchDog Anti-Malware 2.74.186.150, the driver file (ZAMGUARD32.SYS) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x80002010.
Categories: Security News

CVE-2018-6626

National Vulnerability Database - Mon, 02/05/2018 - 13:29
In Micropoint proactive defense software 2.0.20266.0146, the driver file (mp110005.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x80000035.
Categories: Security News

CVE-2018-6627

National Vulnerability Database - Mon, 02/05/2018 - 13:29
In WatchDog Anti-Malware 2.74.186.150, the driver file (ZAMGUARD32.SYS) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x80002054.
Categories: Security News

CVE-2018-6628

National Vulnerability Database - Mon, 02/05/2018 - 13:29
In Micropoint proactive defense software 2.0.20266.0146, the driver file (mp110005.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x8000010c.
Categories: Security News

CVE-2018-6629

National Vulnerability Database - Mon, 02/05/2018 - 13:29
In Micropoint proactive defense software 2.0.20266.0146, the driver file (mp110005.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x80000118.
Categories: Security News

CVE-2018-6630

National Vulnerability Database - Mon, 02/05/2018 - 13:29
In Micropoint proactive defense software 2.0.20266.0146, the driver file (mp110005.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x8000014c.
Categories: Security News

CVE-2018-6631

National Vulnerability Database - Mon, 02/05/2018 - 13:29
In Micropoint proactive defense software 2.0.20266.0146, the driver file (mp110009.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x80000170.
Categories: Security News

CVE-2018-6632

National Vulnerability Database - Mon, 02/05/2018 - 13:29
In Micropoint proactive defense software 2.0.20266.0146, the driver file (mp110005.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x80000110.
Categories: Security News

CVE-2018-6633

National Vulnerability Database - Mon, 02/05/2018 - 13:29
In Micropoint proactive defense software 2.0.20266.0146, the driver file (mp110005.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x80000038.
Categories: Security News

CVE-2015-1416

National Vulnerability Database - Mon, 02/05/2018 - 11:29
Larry Wall's patch; patch in FreeBSD 10.2-RC1 before 10.2-RC1-p1, 10.2 before 10.2-BETA2-p2, and 10.1 before 10.1-RELEASE-p16; Bitrig; GNU patch before 2.2.5; and possibly other patch variants allow remote attackers to execute arbitrary shell commands via a crafted patch file.
Categories: Security News

CVE-2015-1418

National Vulnerability Database - Mon, 02/05/2018 - 11:29
patch in FreeBSD 10.1 before 10.1-RELEASE-p17, 10.2 before 10.2-BETA2-p3, 10.2-RC1 before 10.2-RC1-p2, and 0.2-RC2 before 10.2-RC2-p1 allows remote attackers to execute arbitrary commands via a crafted patch file.
Categories: Security News

CVE-2015-4179

National Vulnerability Database - Mon, 02/05/2018 - 11:29
Multiple cross-site request forgery (CSRF) vulnerabilities in the Codestyling Localization plugin 1.99.30 and earlier for Wordpress.
Categories: Security News

CVE-2015-4412

National Vulnerability Database - Mon, 02/05/2018 - 11:29
BSON injection vulnerability in the legal? function in BSON (bson-ruby) gem before 3.0.4 for Ruby allows remote attackers to cause a denial of service (resource consumption) or inject arbitrary data via a crafted string.
Categories: Security News

CVE-2015-4461

National Vulnerability Database - Mon, 02/05/2018 - 11:29
Absolute path traversal vulnerability in eFront CMS 3.6.15.4 and earlier allows remote Professor users to obtain sensitive information via a full pathname in the other parameter.
Categories: Security News

CVE-2015-5674

National Vulnerability Database - Mon, 02/05/2018 - 11:29
The routed daemon in FreeBSD 9.3 before 9.3-RELEASE-p22, 10.2-RC2 before 10.2-RC2-p1, 10.2-RC1 before 10.2-RC1-p2, 10.2 before 10.2-BETA2-p3, and 10.1 before 10.1-RELEASE-p17 allows remote authenticated users to cause a denial of service (assertion failure and daemon exit) via a query from a network that is not directly connected.
Categories: Security News

CVE-2017-9414

National Vulnerability Database - Mon, 02/05/2018 - 11:29
Cross-site request forgery (CSRF) vulnerability in the Subscribe to Podcast feature in Subsonic 6.1.1 allows remote attackers to hijack the authentication of unspecified victims for requests that conduct cross-site scripting (XSS) attacks or possibly have unspecified other impact via the name parameter to playerSettings.view.
Categories: Security News

Bugtraq: [SECURITY] [DSA 4104-1] p7zip security update

SecurityFocus Vulnerabilities - Mon, 02/05/2018 - 07:20
[SECURITY] [DSA 4104-1] p7zip security update
Categories: Security News

Bugtraq: [slackware-security] php (SSA:2018-034-01)

SecurityFocus Vulnerabilities - Mon, 02/05/2018 - 07:20
[slackware-security] php (SSA:2018-034-01)
Categories: Security News

CVE-2018-6461

National Vulnerability Database - Mon, 02/05/2018 - 02:29
March Hare WINCVS before 2.8.01 build 6610, and CVS Suite before 2009R2 build 6610, contains an Insecure Library Loading vulnerability in the wincvs2.exe or wincvs.exe file, which may allow local users to gain privileges via a Trojan horse Python or TCL DLL file in the current working directory.
Categories: Security News

Vuln: RETIRED: Siemens TeleControl Server Basic Multiple Security Vulnerabilities

SecurityFocus Vulnerabilities - Mon, 02/05/2018 - 00:00
RETIRED: Siemens TeleControl Server Basic Multiple Security Vulnerabilities
Categories: Security News

Pages