mysql: InnoDB unspecified vulnerability (CPU Apr 2018)

Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: InnoDB. Supported versions that are affected are 5.5.59 and prior, 5.6.39 and prior and 5.7.21 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to...

mysql: Server: Parser unspecified vulnerability (CPU Jan 2019)

Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: Server: Parser. Supported versions that are affected are 5.6.42 and prior, 5.7.24 and prior and 8.0.13 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to...

Security Bulletin: Invalid user group vulnerability in IBM MQ on Unix platform(CVE-2018-1551)

Summary IBM MQ could allow users to have more authority than they should have if an MQ administrator creates an invalid user group name. Vulnerability Details CVEID: CVE-2018-1551 DESCRIPTION: IBM MQ could allow users to have more authority than they should have if an MQ administrator creates an...

chromium-browser: Use after free in Blink

A race condition in Oilpan in Google Chrome prior to 68.0.3440.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...

Axis Network Camera Remote Command Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Axis Network Camera .srv to parhand RCE', 'Description' = %q This module exploits an auth bypass in .srv functionality and a command injection in...

Mozilla: Compromised IPC child process can list local filenames

A compromised IPC child process can escape the content sandbox and list the names of arbitrary files on the file system without user consent or interaction. This could result in exposure of private local files. This vulnerability affects Thunderbird 60, Thunderbird 52.9, Firefox ESR 60.1, Firefox...

CVE-2018-14589

An issue has been discovered in Bento4 1.5.1-624. AP4Mp4AudioDsiParser::ReadBits in Codecs/Ap4Mp4AudioInfo.cpp has a heap-based buffer over-read...

CVE-2018-14374

Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none...

openssl: Out-of-bounds write caused by unchecked errors in BN_bn2dec()

An out of bounds write flaw was discovered in the OpenSSL BNbn2dec function. An attacker able to make an application using OpenSSL to process a large BIGNUM could cause the application to crash or, possibly, execute arbitrary code...

openssl: certificate message OOB reads

Multiple out of bounds read flaws were found in the way OpenSSL handled certain TLS/SSL protocol handshake messages. A remote attacker could possibly use these flaws to crash a TLS/SSL server or client using OpenSSL...

Geutebruck 5.02024 G-Cam/EFD-2250 - simple_loglistjs.cgi Remote Command Execution Exploit

This Metasploit module exploits a an arbitrary command execution vulnerability. The vulnerability exists in the /uapi-cgi/viewer/simpleloglistjs.cgi page and allows an anonymous user to execute arbitrary commands with root privileges. Firmware 'Geutebruck simpleloglistjs.cgi Remote Command...

Mozilla: Invalid data handling during QCMS transformations

An invalid grid size during QCMS color profile transformations can result in the out-of-bounds read interpreted as a float value. This could leak private data into the output. This vulnerability affects Thunderbird 60, Thunderbird 52.9, Firefox ESR 60.1, Firefox ESR 52.9, and Firefox 61...

chromium-browser: Out of bounds write in V8

Type confusion in JavaScript in Google Chrome prior to 67.0.3396.87 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page...

Security Bulletin: Multiple vulnerabilities in IBM SPSS Modeler (CVE-2013-6739, CVE-2013-5372, CVE-2013-5825)

Summary Vulnerabilities have been identified in IBM SPSS Modeler which make the product vulnerable to an incorrect Single Sign On being accepted on UNIX and a denial of service attack triggered by a malicious XML data. Vulnerability Details VULNERABILITY DETAILS: CVEID: CVE-2013-6739 DESCRIPTION:...

CVE-2018-12435

Botan 2.5.0 through 2.6.0 before 2.7.0 allows a memory-cache side-channel attack on ECDSA signatures, aka the Return Of the Hidden Number Problem or ROHNP, related to dsa/dsa.cpp, ecgroup/ecgroup.cpp, and ecdsa/ecdsa.cpp. To discover an ECDSA key, the attacker needs access to either the local...

chromium-browser: Restrictions bypass in the debugger extension API

Insufficient target checks on the chrome.debugger API in DevTools in Google Chrome prior to 67.0.3396.62 allowed an attacker who convinced a user to install a malicious extension to execute arbitrary code via a crafted Chrome Extension...

chromium-browser: Out of bounds memory access in V8

Missing type check in V8 in Google Chrome prior to 67.0.3396.62 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page...

IBM WebSphere Application Server for UNIX Elevation of Privilege Vulnerability

IBM WebSphere Application Server WAS for UNIX is the United States IBM developed and released a UNIX platform based on the application server products, it is the platform for Java EE and Web services applications, but also the basis of the IBM WebSphere software platform. A security vulnerability...

IBM Tivoli Application Dependency Discovery Manager for Unix Information Disclosure Vulnerability

IBM Tivoli Application Dependency Discovery Manager for Unix TADDM is a U.S.-based IBM product in a suite of IT service management solutions for the Unix platform that provides robust automated application mapping and discovery to help administrators understand business application structure,...

libvirt: Incomplete fix for CVE-2018-5748 triggered by QEMU guest agent

An incomplete fix for CVE-2018-5748 that affects QEMU monitor leading to a resource exhaustion but now also triggered via QEMU guest agent...