News aggregator

CVE-2019-9752

National Vulnerability Database - Wed, 03/13/2019 - 18:29
An issue was discovered in Open Ticket Request System (OTRS) 5.x before 5.0.34, 6.x before 6.0.16, and 7.x before 7.0.4. An attacker who is logged into OTRS as an agent or a customer user may upload a carefully crafted resource in order to cause execution of JavaScript in the context of OTRS. This is related to Content-type mishandling in Kernel/Modules/PictureUpload.pm.
Categories: Security News

CVE-2019-9754 (tinycc)

National Vulnerability Database - Wed, 03/13/2019 - 18:29
An issue was discovered in Tiny C Compiler (aka TinyCC or TCC) 0.9.27. Compiling a crafted source file leads to an 1 byte out of bounds write in the end_macro function in tccpp.c.
Categories: Security News

CVE-2018-0389

National Vulnerability Database - Wed, 03/13/2019 - 17:29
A vulnerability in the implementation of Session Initiation Protocol (SIP) processing in Cisco Small Business SPA514G IP Phones could allow an unauthenticated, remote attacker to cause an affected device to become unresponsive, resulting in a denial of service (DoS) condition. The vulnerability is due to improper processing of SIP request messages by an affected device. An attacker could exploit this vulnerability by sending crafted SIP messages to an affected device. A successful exploit could allow the attacker to cause the affected device to become unresponsive, resulting in a DoS condition that persists until the device is restarted manually. Cisco has not released software updates that address this vulnerability. This vulnerability affects Cisco Small Business SPA514G IP Phones that are running firmware release 7.6.2SR2 or earlier.
Categories: Security News

CVE-2019-1723

National Vulnerability Database - Wed, 03/13/2019 - 17:29
A vulnerability in the Cisco Common Services Platform Collector (CSPC) could allow an unauthenticated, remote attacker to access an affected device by using an account that has a default, static password. This account does not have administrator privileges. The vulnerability exists because the affected software has a user account with a default, static password. An attacker could exploit this vulnerability by remotely connecting to the affected system using this account. A successful exploit could allow the attacker to log in to the CSPC using the default account. For Cisco CSPC 2.7.x, Cisco fixed this vulnerability in Release 2.7.4.6. For Cisco CSPC 2.8.x, Cisco fixed this vulnerability in Release 2.8.1.2.
Categories: Security News

CVE-2019-3711

National Vulnerability Database - Wed, 03/13/2019 - 17:29
RSA Authentication Manager versions prior to 8.4 P1 contain an Insecure Credential Management Vulnerability. A malicious Operations Console administrator may be able to obtain the value of a domain password that another Operations Console administrator had set previously and use it for attacks.
Categories: Security News

CVE-2019-3715

National Vulnerability Database - Wed, 03/13/2019 - 17:29
RSA Archer versions, prior to 6.5 SP1, contain an information exposure vulnerability. Users' session information is logged in plain text in the RSA Archer log files. An authenticated malicious local user with access to the log files may obtain the exposed information to use it in further attacks.
Categories: Security News

CVE-2019-3716

National Vulnerability Database - Wed, 03/13/2019 - 17:29
RSA Archer versions, prior to 6.5 SP2, contain an information exposure vulnerability. The database connection password may get logged in plain text in the RSA Archer log files. An authenticated malicious local user with access to the log files may obtain the exposed password to use it in further attacks.
Categories: Security News

CVE-2019-3785

National Vulnerability Database - Wed, 03/13/2019 - 17:29
Cloud Foundry Cloud Controller, versions prior to 1.78.0, contain an endpoint with improper authorization. A remote authenticated malicious user with read permissions can request package information and receive a signed bit-service url that grants the user write permissions to the bit-service.
Categories: Security News

CVE-2019-9747

National Vulnerability Database - Wed, 03/13/2019 - 15:29
In tinysvcmdns through 2018-01-16, a maliciously crafted mDNS (Multicast DNS) packet triggers an infinite loop while parsing an mDNS query. When mDNS compressed labels point to each other, the function uncompress_nlabel goes into an infinite loop trying to analyze the packet with an mDNS query. As a result, the mDNS server hangs after receiving the malicious mDNS packet. NOTE: the product's web site states "This project is un-maintained, and has been since 2013. ... There are known vulnerabilities ... You are advised to NOT use this library for any new projects / products."
Categories: Security News

CVE-2019-9748

National Vulnerability Database - Wed, 03/13/2019 - 15:29
In tinysvcmdns through 2018-01-16, an mDNS server processing a crafted packet can perform arbitrary data read operations up to 16383 bytes from the start of the buffer. This can lead to a segmentation fault in uncompress_nlabel in mdns.c and a crash of the server (depending on the memory protection of the CPU and the operating system), or disclosure of memory content via error messages or a server response. NOTE: the product's web site states "This project is un-maintained, and has been since 2013. ... There are known vulnerabilities ... You are advised to NOT use this library for any new projects / products."
Categories: Security News

CVE-2019-9749

National Vulnerability Database - Wed, 03/13/2019 - 15:29
An issue was discovered in the MQTT input plugin in Fluent Bit through 1.0.4. When this plugin acts as an MQTT broker (server), it mishandles incoming network messages. After processing a crafted packet, the plugin's mqtt_packet_drop function (in /plugins/in_mqtt/mqtt_prot.c) executes the memmove() function with a negative size parameter. That leads to a crash of the whole Fluent Bit server via a SIGSEGV signal.
Categories: Security News

CVE-2019-9750

National Vulnerability Database - Wed, 03/13/2019 - 15:29
In IoTivity through 1.3.1, the CoAP server interface can be used for Distributed Denial of Service attacks using source IP address spoofing and UDP-based traffic amplification. The reflected traffic is 6 times bigger than spoofed requests. This occurs because the construction of a "4.01 Unauthorized" response is mishandled. NOTE: the vendor states "While this is an interesting attack, there is no plan for maintainer to fix, as we are migrating to IoTivity Lite."
Categories: Security News

CVE-2018-17937

National Vulnerability Database - Wed, 03/13/2019 - 13:29
gpsd versions 2.90 to 3.17 and microjson versions 1.0 to 1.3, an open source project, allow a stack-based buffer overflow, which may allow remote attackers to execute arbitrary code on embedded platforms via traffic on Port 2947/TCP or crafted JSON inputs.
Categories: Security News

CVE-2015-2254

National Vulnerability Database - Wed, 03/13/2019 - 12:29
Huawei OceanStor UDS devices with software before V100R002C01SPC102 might allow remote attackers to capture and change patch loading information resulting in the deletion of directory files and compromise of system functions when loading a patch.
Categories: Security News

CVE-2019-9746 (libwebm)

National Vulnerability Database - Wed, 03/13/2019 - 12:29
In libwebm before 2019-03-08, a NULL pointer dereference caused by the functions OutputCluster and OutputTracks in webm_info.cc will trigger an abort, which allows a DoS attack, a similar issue to CVE-2018-19212.
Categories: Security News

CVE-2019-9742 (total_security)

National Vulnerability Database - Wed, 03/13/2019 - 10:29
gdwfpcd.sys in G Data Total Security before 2019-02-22 allows an attacker to bypass ACLs because Interpreted Device Characteristics lacks FILE_DEVICE_SECURE_OPEN and therefore files and directories "inside" the \\.\gdwfpcd device are not properly protected, leading to unintended impersonation or object creation.
Categories: Security News

CVE-2018-20621 (memu)

National Vulnerability Database - Wed, 03/13/2019 - 04:29
An issue was discovered in Microvirt MEmu 6.0.6. The MemuService.exe service binary is vulnerable to local privilege escalation through binary planting due to insecure permissions set at install time. This allows code to be run as NT AUTHORITY/SYSTEM.
Categories: Security News

CVE-2019-9741 (go)

National Vulnerability Database - Wed, 03/13/2019 - 04:29
An issue was discovered in net/http in Go 1.11.5. CRLF injection is possible if the attacker controls a url parameter, as demonstrated by the second argument to http.NewRequest with \r\n followed by an HTTP header or a Redis command.
Categories: Security News

Vuln: Wibu Systems WibuKey DRM Multiple Input Validation Vulnerabilities

SecurityFocus Vulnerabilities - Wed, 03/13/2019 - 00:00
Wibu Systems WibuKey DRM Multiple Input Validation Vulnerabilities
Categories: Security News

Vuln: Microsoft NuGet Package Manager CVE-2019-0757 Tampering Security Bypass Vulnerability

SecurityFocus Vulnerabilities - Wed, 03/13/2019 - 00:00
Microsoft NuGet Package Manager CVE-2019-0757 Tampering Security Bypass Vulnerability
Categories: Security News

Pages