News aggregator

CVE-2018-1563

National Vulnerability Database - Fri, 07/20/2018 - 12:29
IBM Sterling B2B Integrator Standard Edition (IBM Sterling File Gateway 2.2.0 through 2.2.6) is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 142967.
Categories: Security News

CVE-2018-1564

National Vulnerability Database - Fri, 07/20/2018 - 12:29
IBM Sterling B2B Integrator Standard Edition 5.2 through 5.2.6 could allow a local user with administrator privileges to obtain user passwords found in debugging messages. IBM X-Force ID: 142968.
Categories: Security News

CVE-2018-1679

National Vulnerability Database - Fri, 07/20/2018 - 12:29
IBM Sterling B2B Integrator Standard Edition 5.2 through 5.2.6 could allow an unauthenticated user to obtain sensitive information that could be used in further attacks against the system. IBM X-Force ID: 145180.
Categories: Security News

CVE-2018-14449

National Vulnerability Database - Fri, 07/20/2018 - 11:29
An issue was discovered in libgig 4.1.0. There is an out of bounds read in gig::File::UpdateChunks in gig.cpp.
Categories: Security News

CVE-2018-14450

National Vulnerability Database - Fri, 07/20/2018 - 11:29
An issue was discovered in libgig 4.1.0. There is an out-of-bounds read in the "update dimension region's chunks" feature of the function gig::Region::UpdateChunks in gig.cpp.
Categories: Security News

CVE-2018-14451

National Vulnerability Database - Fri, 07/20/2018 - 11:29
An issue was discovered in libgig 4.1.0. There is a heap-based buffer overflow in the function RIFF::Chunk::Read in RIFF.cpp.
Categories: Security News

CVE-2018-14452

National Vulnerability Database - Fri, 07/20/2018 - 11:29
An issue was discovered in libgig 4.1.0. There is an out-of-bounds read in the "always assign the sample of the first dimension region of this region" feature of the function gig::Region::UpdateChunks in gig.cpp.
Categories: Security News

CVE-2018-14453

National Vulnerability Database - Fri, 07/20/2018 - 11:29
An issue was discovered in libgig 4.1.0. There is a heap-based buffer overflow in pData[1] access in the function store16 in helper.h.
Categories: Security News

CVE-2018-14454

National Vulnerability Database - Fri, 07/20/2018 - 11:29
An issue was discovered in libgig 4.1.0. There is an out-of-bounds read in the function RIFF::Chunk::Read in RIFF.cpp.
Categories: Security News

CVE-2018-14455

National Vulnerability Database - Fri, 07/20/2018 - 11:29
An issue was discovered in libgig 4.1.0. There is an out-of-bounds write in pData[0] access in the function store32 in helper.h.
Categories: Security News

CVE-2018-14456

National Vulnerability Database - Fri, 07/20/2018 - 11:29
An issue was discovered in libgig 4.1.0. There is an out-of-bounds write in the function DLS::Info::SaveString in DLS.cpp.
Categories: Security News

CVE-2018-14457

National Vulnerability Database - Fri, 07/20/2018 - 11:29
An issue was discovered in libgig 4.1.0. There is an out-of-bounds write in the function DLS::Info::UpdateChunks in DLS.cpp.
Categories: Security News

CVE-2018-14458

National Vulnerability Database - Fri, 07/20/2018 - 11:29
An issue was discovered in libgig 4.1.0. There is a heap-based buffer overflow in pData[1] access in the function store32 in helper.h.
Categories: Security News

CVE-2018-14459

National Vulnerability Database - Fri, 07/20/2018 - 11:29
An issue was discovered in libgig 4.1.0. There is an out-of-bounds write in pData[0] access in the function store16 in helper.h.
Categories: Security News

CVE-2018-14460

National Vulnerability Database - Fri, 07/20/2018 - 11:29
An issue was discovered in the HDF HDF5 1.8.20 library. There is a heap-based buffer over-read in the function H5O_sdspace_decode in H5Osdspace.c.
Categories: Security News

CVE-2018-14443

National Vulnerability Database - Fri, 07/20/2018 - 09:29
get_first_owned_object in dwg.c in GNU LibreDWG 0.5.1036 allows remote attackers to cause a denial of service (SEGV).
Categories: Security News

CVE-2018-14444

National Vulnerability Database - Fri, 07/20/2018 - 09:29
libdxfrw 0.6.3 has an Integer Overflow in dwgCompressor::decompress18 in dwgutil.cpp, leading to an out-of-bounds read and application crash.
Categories: Security News

CVE-2018-14445

National Vulnerability Database - Fri, 07/20/2018 - 09:29
In Bento4 v1.5.1-624, AP4_File::ParseStream in Ap4File.cpp allows remote attackers to cause a denial of service (infinite loop) via a crafted MP4 file.
Categories: Security News

CVE-2018-14446

National Vulnerability Database - Fri, 07/20/2018 - 09:29
MP4Integer32Property::Read in atom_avcC.cpp in MP4v2 2.1.0 allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted MP4 file.
Categories: Security News

CVE-2018-14447

National Vulnerability Database - Fri, 07/20/2018 - 09:29
trim_whitespace in lexer.l in libConfuse v3.2.1 has an out-of-bounds read.
Categories: Security News

Pages