PT-2019-12715 · Qemu +2 · Qemu +2

Name of the Vulnerable Software and Affected Versions: QEMU version 3.0.0 Description: The issue is related to an Integer Overflow in QEMU 3.0.0, caused by the qga/commands.c files not checking the length of the argument list or the number of environment variables. However, it has been disputed a...

CVE-2018-18249

Icinga Web 2 before 2.6.2 allows injection of PHP ini-file directives via vectors involving environment variables as the channel to send information to the attacker, such as a name=$PATH$APACHERUNDIR$APACHERUNUSER parameter to /icingaweb2/navigation/add or /icingaweb2/dashboard/new-dashlet...

UBUNTU-CVE-2018-18249

Icinga Web 2 before 2.6.2 allows injection of PHP ini-file directives via vectors involving environment variables as the channel to send information to the attacker, such as a name=$PATH$APACHERUNDIR$APACHERUNUSER parameter to /icingaweb2/navigation/add or /icingaweb2/dashboard/new-dashlet...

Code injection

Icinga Web 2 before 2.6.2 allows injection of PHP ini-file directives via vectors involving environment variables as the channel to send information to the attacker, such as a name=$PATH$APACHERUNDIR$APACHERUNUSER parameter to /icingaweb2/navigation/add or /icingaweb2/dashboard/new-dashlet...

CVE-2018-18249

Icinga Web 2 before 2.6.2 allows injection of PHP ini-file directives via vectors involving environment variables as the channel to send information to the attacker, such as a name=$PATH$APACHERUNDIR$APACHERUNUSER parameter to /icingaweb2/navigation/add or /icingaweb2/dashboard/new-dashlet...

CVE-2018-18249

Icinga Web 2 before 2.6.2 allows injection of PHP ini-file directives via vectors involving environment variables as the channel to send information to the attacker, such as a name=$PATH$APACHERUNDIR$APACHERUNUSER parameter to /icingaweb2/navigation/add or /icingaweb2/dashboard/new-dashlet...

DEBIAN-CVE-2018-18249

Icinga Web 2 before 2.6.2 allows injection of PHP ini-file directives via vectors involving environment variables as the channel to send information to the attacker, such as a name=$PATH$APACHERUNDIR$APACHERUNUSER parameter to /icingaweb2/navigation/add or /icingaweb2/dashboard/new-dashlet...

CVE-2018-18249

Icinga Web 2 before 2.6.2 allows injection of PHP ini-file directives via vectors involving environment variables as the channel to send information to the attacker, such as a name=$PATH$APACHERUNDIR$APACHERUNUSER parameter to /icingaweb2/navigation/add or /icingaweb2/dashboard/new-dashlet...

CVE-2018-18249

Icinga Web 2 before 2.6.2 is vulnerable to injection of PHP ini-file directives via environment-variable-based channels used as a conduit to exfiltrate information against endpoints such as /icingaweb2/navigation/add and /icingaweb2/dashboard/new-dashlet. Root cause: lack of input validation for ...

SUSE-SU-2018:4130-1 Security update for ansible

This update for ansible fixes the following issues: Ansible was updated to ansible 2.4.6.0. The full release notes can be found on: https://github.com/ansible/ansible/blob/stable-2.4/CHANGELOG.md Security issues fixed: - CVE-2018-10875: ansible.cfg is read from the current working directory which...

CVE-2018-20136

XSS exists in FUEL CMS 1.4.3 via the Header or Body in the Layout Variables during new-page creation, as demonstrated by the pages/edit/1?lang=english URI...

Cross site scripting

XSS exists in FUEL CMS 1.4.3 via the Header or Body in the Layout Variables during new-page creation, as demonstrated by the pages/edit/1?lang=english URI...

CVE-2018-20136

CVE-2018-20136 affects FUEL CMS 1.4.3, where an XSS flaw exists in the Header or Body within Layout Variables during new-page creation (demonstrated via pages/edit/1?lang=english). The root cause is input reflected in layout variables, enabling script injection. Impact is cross-site scripting; ex...

CVE-2018-20136

XSS exists in FUEL CMS 1.4.3 via the Header or Body in the Layout Variables during new-page creation, as demonstrated by the pages/edit/1?lang=english URI...

GNU inetutils 1.9.4 - telnet.c Multiple Overflows (PoC)

GNU inetutils 1.9.4 - telnet.c Multiple Overflows PoC GNU inetutils = 1.9.4 telnet.c multiple overflows ================================================== GNU inetutils is vulnerable to a stack overflow vulnerability in the client-side environment variable handling which can be exploited to escap...

GNU inetutils < 1.9.4 - 'telnet.c' Multiple Overflows (PoC)

GNU inetutils = 1.9.4 telnet.c multiple overflows ================================================== GNU inetutils is vulnerable to a stack overflow vulnerability in the client-side environment variable handling which can be exploited to escape restricted shells on embedded devices. Most modern...

Memory corruption

The Bluetooth subsystem in QEMU mishandles negative values for length variables, leading to memory corruption...

ansible: Inventory variables are loaded from current working directory when running ad-hoc command that can lead to code execution

In ansible it was found that inventory variables are loaded from current working directory when running ad-hoc command which are under attacker's control, allowing to run arbitrary code as a result...

CVE-2018-19836

In Metinfo 6.1.3, include/interface/applogin.php allows setting arbitrary HTTP headers including the Cookie header, and common.inc.php allows registering variables from the $COOKIE value. This issue can, for example, be exploited in conjunction with CVE-2018-19835 to bypass many XSS filters such ...

Critical: Red Hat Security Advisory: OpenShift Container Platform 3.5 security update

An update is now available for Red Hat OpenShift Container Platform release 3.5. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerabili...