News aggregator

Vuln: Ansible CVE-2018-16837 Local Information Disclosure Vulnerability

SecurityFocus Vulnerabilities - Tue, 10/23/2018 - 00:00
Ansible CVE-2018-16837 Local Information Disclosure Vulnerability
Categories: Security News

CVE-2018-18584

National Vulnerability Database - Mon, 10/22/2018 - 22:29
In mspack/cab.h in libmspack before 0.8alpha and cabextract before 1.8, the CAB block input buffer is one byte too small for the maximal Quantum block, leading to an out-of-bounds write.
Categories: Security News

CVE-2018-18585

National Vulnerability Database - Mon, 10/22/2018 - 22:29
chmd_read_headers in mspack/chmd.c in libmspack before 0.8alpha accepts a filename that has '\0' as its first or second character (such as the "/\0" name).
Categories: Security News

CVE-2018-18586

National Vulnerability Database - Mon, 10/22/2018 - 22:29
** DISPUTED ** chmextract.c in the chmextract sample program, as distributed with libmspack before 0.8alpha, does not protect against absolute/relative pathnames in CHM files, leading to Directory Traversal. NOTE: the vendor disputes that this is a libmspack vulnerability, because chmextract.c was only intended as a source-code example, not a supported application.
Categories: Security News

CVE-2018-18581

National Vulnerability Database - Mon, 10/22/2018 - 18:29
An issue has been found in LuPng through 2017-03-10. It is a heap-based buffer over-read in internalPrintf in miniz/lupng.c.
Categories: Security News

CVE-2018-18582

National Vulnerability Database - Mon, 10/22/2018 - 18:29
An issue has been found in LuPng through 2017-03-10. It is a heap-based buffer overflow in insertByte in miniz/lupng.c during a write operation for data obtained from a palette.
Categories: Security News

CVE-2018-18583

National Vulnerability Database - Mon, 10/22/2018 - 18:29
An issue has been found in LuPng through 2017-03-10. It is a heap-based buffer overflow in insertByte in miniz/lupng.c during a write operation for data obtained from a swap.
Categories: Security News

CVE-2018-18578

National Vulnerability Database - Mon, 10/22/2018 - 17:29
DedeCMS 5.7 SP2 allows XSS via the plus/qrcode.php type parameter.
Categories: Security News

CVE-2018-18579

National Vulnerability Database - Mon, 10/22/2018 - 17:29
Reflected XSS exists in DedeCMS 5.7 SP2 via the /member/pm.php folder parameter.
Categories: Security News

CVE-2018-13114

National Vulnerability Database - Mon, 10/22/2018 - 16:29
Missing authentication and improper input validation in KERUI Wifi Endoscope Camera (YPC99) allow an attacker to execute arbitrary commands (with a length limit of 19 characters) via the "ssid" value, as demonstrated by ssid:;ping 192.168.1.2 in the body of a SETSSID command.
Categories: Security News

CVE-2018-13115

National Vulnerability Database - Mon, 10/22/2018 - 16:29
Lack of an authentication mechanism in KERUI Wifi Endoscope Camera (YPC99) allows an attacker to watch or block the camera stream. The RTSP server on port 7070 accepts the command STOP to stop streaming, and the command SETSSID to disconnect a user.
Categories: Security News

CVE-2018-12246

National Vulnerability Database - Mon, 10/22/2018 - 15:29
Symantec Web Isolation (WI) 1.11 prior to 1.11.21 is susceptible to a reflected cross-site scripting (XSS) vulnerability. A remote attacker can target end users protected by WI with social engineering attacks using crafted URLs for legitimate web sites. A successful attack allows injecting malicious JavaScript code into the website's rendered copy running inside the end user's web browser. It does not allow injecting code into the real (isolated) copy of the website running on the WI Threat Isolation Engine.
Categories: Security News

CVE-2018-15703

National Vulnerability Database - Mon, 10/22/2018 - 15:29
Advantech WebAccess 8.3.2 and below is vulnerable to multiple reflected cross site scripting vulnerabilities. A remote unauthenticated attacker could potentially exploit this vulnerability by tricking a victim to supply malicious HTML or JavaScript code to WebAccess, which is then reflected back to the victim and executed by the web browser.
Categories: Security News

CVE-2018-15704

National Vulnerability Database - Mon, 10/22/2018 - 15:29
Advantech WebAccess 8.3.2 and below is vulnerable to a stack buffer overflow vulnerability. A remote authenticated attacker could potentially exploit this vulnerability by sending a crafted HTTP request to broadweb/system/opcImg.asp.
Categories: Security News

CVE-2018-18557

National Vulnerability Database - Mon, 10/22/2018 - 12:29
LibTIFF 4.0.9 (with JBIG enabled) decodes arbitrarily-sized JBIG into a buffer, ignoring the buffer size, which leads to a tif_jbig.c JBIGDecode out-of-bounds write.
Categories: Security News

CVE-2018-18559

National Vulnerability Database - Mon, 10/22/2018 - 12:29
In the Linux kernel through 4.19, a use-after-free can occur due to a race condition between fanout_add from setsockopt and bind on an AF_PACKET socket. This issue exists because of the 15fe076edea787807a7cdc168df832544b58eba6 incomplete fix for a race condition. The code mishandles a certain multithreaded case involving a packet_do_bind unregister action followed by a packet_notifier register action. Later, packet_release operates on only one of the two applicable linked lists. The attacker can achieve Program Counter control.
Categories: Security News

CVE-2018-1850

National Vulnerability Database - Mon, 10/22/2018 - 08:29
IBM Security Access Manager Appliance 9.0.3.1, 9.0.4.0 and 9.0.5.0 could allow unauthorized administration operations when Advanced Access Control services are running. IBM X-Force ID: 150998.
Categories: Security News

Vuln: Splunk Multiple Local Privilege Escalation Vulnerabilities

SecurityFocus Vulnerabilities - Mon, 10/22/2018 - 00:00
Splunk Multiple Local Privilege Escalation Vulnerabilities
Categories: Security News

Vuln: Libssh CVE-2018-10933 Authentication Bypass Vulnerability

SecurityFocus Vulnerabilities - Mon, 10/22/2018 - 00:00
Libssh CVE-2018-10933 Authentication Bypass Vulnerability
Categories: Security News

CVE-2018-18553

National Vulnerability Database - Sun, 10/21/2018 - 21:29
Leanote 2.6.1 has XSS via the Blog Basic Setting title field, which is mishandled during rendering of the "likes" page.
Categories: Security News

Pages