CVE-2017-9658

CVE-2017-9658 affects Philips IntelliVue MX40 WLAN monitors (Version B.06.18 and prior) under certain 802.11 network conditions. The root causes are described as improper cleanup on thrown exception (CWE-460) and improper handling of exceptional conditions (CWE-755). Under these conditions, the M...

CVE-2017-9657

The CVE-2017-9657 entry describes an 802.11 WLAN issue in Philips IntelliVue MX40 (Version B.06.18) where partial re-association to the central monitor can leave the MX40 in telemetry mode while the central station expects local monitoring, potentially delaying alarms. Root causes cited include I...

DEBIAN-CVE-2017-12086

An exploitable integer overflow exists in the 'BKEmeshcalcnormalstessface' functionality of the Blender open-source 3d creation suite. A specially crafted .blend file can cause an integer overflow resulting in a buffer overflow which can allow for code execution under the context of the...

CVE-2017-9654

The Philips DoseWise Portal web-based application versions 1.1.7.333 and 2.1.1.3069 stores login credentials in clear text within backend system files. CVSS v3 base score: 6.5, CVSS vector string: AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N...

DEBIAN-CVE-2018-7751

The svgprobe function in libavformat/img2dec.c in FFmpeg through 3.4.2 allows remote attackers to cause a denial of service Infinite Loop via a crafted XML file...

Buffer overflow

bvlc.c in skarg BACnet Protocol Stack bacserv 0.9.1 and 0.8.5 is affected by a Buffer Overflow because of a lack of packet-size validation. The affected component is bacserv BACnet/IP BVLC forwarded NPDU. The function bvlcbdtforwardnpdu calls bvlcencodeforwardednpdu which copies the content from...

CVE-2018-2737

Vulnerability in the Oracle Retail Returns Management component of Oracle Retail Applications subcomponent: Security. Supported versions that are affected are 2.3.8, 2.4.9, 14.0.4 and 14.1.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromi...

shershegoes.com XSS vulnerability

Open Bug Bounty ID: OBB-603986 Description| Value ---|--- Affected Website:| shershegoes.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

Buffer overflow

The settextdistance function in devices/vector/gdevpdts.c in the pdfwrite component in Artifex Ghostscript through 9.22 does not prevent overflows in text-positioning calculation, which allows remote attackers to cause a denial of service application crash or possibly have unspecified other impac...

CVE-2018-2755

Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: Server: Replication. Supported versions that are affected are 5.5.59 and prior, 5.6.39 and prior and 5.7.21 and prior. Difficult to exploit vulnerability allows unauthenticated attacker with logon to the infrastructure wher...

Code injection

A weakness in access controls in CENTUM CS 1000 all versions, CENTUM CS 3000 versions R3.09.50 and earlier, CENTUM CS 3000 Small versions R3.09.50 and earlier, CENTUM VP versions R6.03.10 and earlier, CENTUM VP Small versions R6.03.10 and earlier, CENTUM VP Basic versions R6.03.10 and earlier,...

UBUNTU-CVE-2017-0366

Mediawiki before 1.28.1 / 1.27.2 / 1.23.16 contains a flaw allowing to evade SVG filter using default attribute values in DTD declaration...

Microsoft Windows Kernel Information Disclosure Vulnerability (CNVD-2018-08762)

Microsoft Windows 10 and others are a series of operating systems released by Microsoft Corporation in the U.S. Windows kernel is one of the Windows system kernels. An information disclosure vulnerability exists in Microsoft Windows kernel. An attacker can exploit this vulnerability by logging on...

Directory Traversal Vulnerability in GxlcmsQY System

GxlcmsQY system is a simple program tailored for business users. A directory traversal vulnerability exists in GxlcmsQY System\Lib\Lib\Action\Admin\PicAction.class.php. An attacker can exploit this vulnerability to obtain sensitive information...

Design/Logic Flaw

In M3UParser::parse of M3UParser.cpp, there is a memory resource exhaustion due to a large loop of pushing items into a vector. This could lead to remote denial of service with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android. Versions: 6.0,...

gdal/gdal_vector_translate_fuzzer: Bad-cast to OGRMultiPolygon from OGRGeometryCollection in OGRMultiPolygon* cpl::down_cast<OGRMultiPolygon*, OGRGeometry>

Project: https://github.com/OSGeo/gdal.git Detailed report: https://oss-fuzz.com/testcase?key=4755222246195200 Project: gdal Fuzzer: libFuzzergdalvectortranslatefuzzer Fuzz target binary: gdalvectortranslatefuzzer Job Type: libfuzzerubsangdal Platform Id: linux Crash Type: Bad-cast Crash Address:...

osCommerce 2.3.4.1 - Remote Code Execution

Exploit Title: osCommerce 2.3.4.1 Remote Code Execution Date: 29.0.3.2018 Exploit Author: Simon Scannell - https://scannell-infosec.net Version: 2.3.4.1, 2.3.4 - Other versions have not been tested but are likely to be vulnerable Tested on: Linux, Windows If an Admin has not removed the /install/...

Drupal core Remote Code Execution(CVE-2018-7600) (Drupalgeddon2)

Two weeks ago, a highly critical 21/25 NIST rank vulnerability, nicknamed Drupalgeddon 2 SA-CORE-2018-002 / CVE-2018-7600, was disclosed by the Drupal security team. This vulnerability allowed an unauthenticated attacker to perform remote code execution on default or common Drupal installations...

Open-AuditIT Professional 2.1 - Cross-Site Scripting Vulnerability

Exploit for php platform in category web applications Exploit Title: Open-AuditIT Professional 2.1 - Stored Cross site scripting XSS Exploit Author: Nilesh Sapariya Contact: https://twitter.com/nileshloganx Website: https://nileshsapariya.blogspot.com Vendor Homepage: https://www.open-audit.org/...

GoScanSSH Malware Targets SSH Servers, But Avoids Military and .GOV Systems

Researchers have identified a new malware family, dubbed GoScanSSH, that targets public facing SSH servers, but avoids those linked to government and military IP addresses. The malware has been in the wild since June 2017 and exhibits a number of unique characteristics, such as being written in t...