News aggregator

CVE-2017-18043

National Vulnerability Database - Wed, 01/31/2018 - 15:29
Integer overflow in the macro ROUND_UP (n, d) in Quick Emulator (Qemu) allows a user to cause a denial of service (Qemu process crash).
Categories: Security News

CVE-2018-0136

National Vulnerability Database - Wed, 01/31/2018 - 15:29
A vulnerability in the IPv6 subsystem of Cisco IOS XR Software Release 5.3.4 for the Cisco Aggregation Services Router (ASR) 9000 Series could allow an unauthenticated, remote attacker to trigger a reload of one or more Trident-based line cards, resulting in a denial of service (DoS) condition. The vulnerability is due to incorrect handling of IPv6 packets with a fragment header extension. An attacker could exploit this vulnerability by sending IPv6 packets designed to trigger the issue either to or through the Trident-based line card. A successful exploit could allow the attacker to trigger a reload of Trident-based line cards, resulting in a DoS during the period of time the line card takes to restart. This vulnerability affects Cisco Aggregation Services Router (ASR) 9000 Series when the following conditions are met: The router is running Cisco IOS XR Software Release 5.3.4, and the router has installed Trident-based line cards that have IPv6 configured. A software maintenance upgrade (SMU) has been made available that addresses this vulnerability. The fix has also been incorporated into service pack 7 for Cisco IOS XR Software Release 5.3.4. Cisco Bug IDs: CSCvg46800.
Categories: Security News

CVE-2018-6479

National Vulnerability Database - Wed, 01/31/2018 - 15:29
An issue was discovered on Netwave IP Camera devices. An unauthenticated attacker can crash a device by sending a POST request with a huge body size to the / URI.
Categories: Security News

CVE-2018-6480

National Vulnerability Database - Wed, 01/31/2018 - 15:29
A type confusion issue was discovered in CCN-lite 2, leading to a memory access violation and a failure of the nonce feature (which, for example, helped with loop prevention). ccnl_fwd_handleInterest assumes that the union member s is of type ccnl_pktdetail_ndntlv_s. However, if the type is in fact struct ccnl_pktdetail_ccntlv_s or struct ccnl_pktdetail_iottlv_s, the memory at that point is either uninitialised or points to data that is not a nonce, which renders the code using the local variable nonce pointless. A later nonce check is insufficient.
Categories: Security News

CVE-2018-6471

National Vulnerability Database - Wed, 01/31/2018 - 14:29
In SUPERAntiSpyware Professional Trial 6.0.1254, the driver file (SASKUTIL.SYS) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x9C402078.
Categories: Security News

CVE-2018-6472

National Vulnerability Database - Wed, 01/31/2018 - 14:29
In SUPERAntiSpyware Professional Trial 6.0.1254, the driver file (SASKUTIL.SYS) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x9C40204c.
Categories: Security News

CVE-2018-6473

National Vulnerability Database - Wed, 01/31/2018 - 14:29
In SUPERAntiSpyware Professional Trial 6.0.1254, the driver file (SASKUTIL.SYS) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x9C402080.
Categories: Security News

CVE-2018-6474

National Vulnerability Database - Wed, 01/31/2018 - 14:29
In SUPERAntiSpyware Professional Trial 6.0.1254, the driver file (SASKUTIL.SYS) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x9C402148.
Categories: Security News

CVE-2018-6475

National Vulnerability Database - Wed, 01/31/2018 - 14:29
In SUPERAntiSpyware Professional Trial 6.0.1254, SUPERAntiSpyware.exe allows DLL hijacking, leading to Escalation of Privileges.
Categories: Security News

CVE-2018-6476

National Vulnerability Database - Wed, 01/31/2018 - 14:29
In SUPERAntiSpyware Professional Trial 6.0.1254, the SASKUTIL.SYS driver allows privilege escalation to NT AUTHORITY\SYSTEM because of not validating input values from IOCtl 0x9C402114 or 0x9C402124 or 0x9C40207c.
Categories: Security News

CVE-2014-1631

National Vulnerability Database - Wed, 01/31/2018 - 13:29
Eventum before 2.3.5 allows remote attackers to reinstall the application via direct request to /setup/index.php.
Categories: Security News

CVE-2014-1632

National Vulnerability Database - Wed, 01/31/2018 - 13:29
htdocs/setup/index.php in Eventum before 2.3.5 allows remote attackers to inject and execute arbitrary PHP code via the hostname parameter.
Categories: Security News

CVE-2018-5701

National Vulnerability Database - Wed, 01/31/2018 - 13:29
In Iolo System Shield AntiVirus and AntiSpyware 5.0.0.136, the amp.sys driver file contains an Arbitrary Write vulnerability due to not validating input values from IOCtl 0x00226003.
Categories: Security News

CVE-2018-5996

National Vulnerability Database - Wed, 01/31/2018 - 13:29
Insufficient exception handling in the method NCompress::NRar3::CDecoder::Code of 7-Zip before 18.00 and p7zip can lead to multiple memory corruptions within the PPMd code, allows remote attackers to cause a denial of service (segmentation fault) or execute arbitrary code via a crafted RAR archive.
Categories: Security News

CVE-2018-6462

National Vulnerability Database - Wed, 01/31/2018 - 13:29
Tracker PDF-XChange Viewer and Viewer AX SDK before 2.5.322.8 mishandle conversion from YCC to RGB colour spaces by calculating on the basis of 1 bpc instead of 8 bpc, which might allow remote attackers to execute arbitrary code via a crafted PDF document.
Categories: Security News

CVE-2018-6464

National Vulnerability Database - Wed, 01/31/2018 - 13:29
Simditor v2.3.11 allows XSS via crafted use of svg/onload=alert in a TEXTAREA element, as demonstrated by Firefox 54.0.1.
Categories: Security News

CVE-2018-6465

National Vulnerability Database - Wed, 01/31/2018 - 13:29
The PropertyHive plugin before 1.4.15 for WordPress has XSS via the body parameter to includes/admin/views/html-preview-applicant-matches-email.php.
Categories: Security News

CVE-2018-6460

National Vulnerability Database - Wed, 01/31/2018 - 12:29
Hotspot Shield runs a webserver with a static IP address 127.0.0.1 and port 895. The web server uses JSONP and hosts sensitive information including configuration. User controlled input is not sufficiently filtered: an unauthenticated attacker can send a POST request to /status.js with the parameter func=$_APPLOG.Rfunc and extract sensitive information about the machine, including whether the user is connected to a VPN, to which VPN he/she is connected, and what is their real IP address.
Categories: Security News

CVE-2017-8916

National Vulnerability Database - Wed, 01/31/2018 - 11:29
In Center for Internet Security CIS-CAT Pro Dashboard before 1.0.4, an authenticated user is able to change an administrative user's e-mail address and send a forgot password email to themselves, thereby gaining administrative access.
Categories: Security News

CVE-2018-6384

National Vulnerability Database - Wed, 01/31/2018 - 11:29
Unquoted Windows search path vulnerability in NSClient++ before 0.4.1.73 allows non-privileged local users to execute arbitrary code with elevated privileges on the system via a malicious program.exe executable in the %SYSTEMDRIVE% folder.
Categories: Security News

Pages