Unikrn: Non-Cloudflare IPs allowed to access origin servers

Summary: Non-Cloudflare IPs allowed to access origin servers Description: Your origin servers are not blocking access from non-Cloudflare servers. This way crawlers can find your origin servers' IPs by checking random IPs until they found your origin servers. What makes this especially easy are...

OnePlus 2 SBL1 Partition Authentication Vulnerability

OnePlus 2 is a smartphone from China's OnePlus Technology OnePlus.Primary Bootloader PBL is one of the primary bootloaders. A security vulnerability exists in the OnePlus 2 PBL. An attacker can exploit the vulnerability to disable signature verification...

CVE-2017-11133

An issue was discovered in heinekingmedia StashCat through 1.7.5 for Android, through 0.0.80w for Web, and through 0.0.86 for Desktop. To encrypt messages, AES in CBC mode is used with a pseudo-random secret. This secret and the IV are generated with math.random in previous versions and with...

HawkEye Credential Theft Malware Distributed in Recent Phishing Campaign

A wide variety of threat actors began distributing HawkEye malware through high-volume email campaigns after it became available for purchase via a public-facing website. The actors behind the phishing campaigns typically used email themes based on current events and media reports that would piqu...

WebKit - 'WebCore::RenderSearchField::addSearchResult' Heap Buffer Overflow

function go i.value = "1"; i.type = "search"; f.submit; ::buffer /Users/projectzero/webkit/webkit/WebKitBuild/Release/WebCore.framework/Versions/A/WebCore:x8664+0x2694d46 1 0x116496bed in WTF::Vector::end...

FontForge Denial of Service Vulnerability

FontForge is an open source font editing tool that supports multiple languages. A security vulnerability exists in the weight vector memcpy call to readcfftopdict in FontForge version 20161012. An attacker can exploit this vulnerability to cause a denial of service with the help of an otf file...

Vulnerability Spotlight: Multiple Vulnerabilities in CorelDRAW X8

Today, Talos is disclosing several vulnerabilities that have been identified in CorelDRAW X8. CorelDRAW X8 is graphics suite used for manipulating raster and vector images and is a common alternative to Adobe Creative Cloud. Several of the vulnerabilities being disclosed today specifically affect...

Concrete CMS: Stored XSS vulnerability in additional URLs in 'Location' dialog [Sitemap]

Intro "Transformers: Dark of the Crayons" Type of issue: Core CMS issue Level of severity: Internal Attack Vector Concrete5 version: 8.2.0 RC2 rev. 0a26b63c4a64d42e7afb36aba0a6e4d1f4c53d7d July 19th Summary There is Stored XSS vulnerability in additional URLs in 'Location' dialog. This issue can ...

The vulnerability of the getNodeSize function in the SQLite database management system allows attackers to carry out other attacks.

The vulnerability of the getNodeSize function in the SQLite database management system arises from the execution of an operation beyond the buffer boundaries in memory. Exploiting this vulnerability allows a malicious actor to exert other effects using the reduced size of RTree blobs within the...

UBUNTU-CVE-2017-11464

A SIGFPE is raised in the function boxblurline of rsvg-filter.c in GNOME librsvg 2.40.17 during an attempted parse of a crafted SVG file, because of incorrect protection against division by zero...

DEBIAN-CVE-2017-11464

A SIGFPE is raised in the function boxblurline of rsvg-filter.c in GNOME librsvg 2.40.17 during an attempted parse of a crafted SVG file, because of incorrect protection against division by zero...

Bolt CMS Cross-Site Scripting Vulnerability

Bolt CM is an open source content management system developed by the Bolt community. A cross-site scripting vulnerability exists in Bolt CMS version 3.2.14. A remote attacker can use text input to inject arbitrary web script or HTML...

CVE-2017-11346

Zoho ManageEngine Desktop Central before build 100092 allows remote attackers to execute arbitrary code via vectors involving the upload of help desk videos...

Fedora Update for libsndfile FEDORA-2017-2cfb239358

The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Concrete CMS: Stored XSS vulnerability in RSS Feeds Description field

Intro "Pirates of the Crayons" Type of issue: Core CMS issue Level of severity: Internal Attack Vector Concrete5 version: 8.2.0 RC2 rev. b54f2b451f0a0804699c4cf9f0b3a8fef0e407db July 10th Summary There is Stored XSS vulnerability in RSS Feeds Description property. Value of the textarea is not...

Concrete CMS: Stored XSS in Name field in User Groups/Group Details form

Intro "The Crayons of Madagascar" Type of issue: Core CMS issue Level of severity: Internal Attack Vector Concrete5 version: 8.2.0 RC2 rev. 32c9daf352645d4fafedb7b956e7f2de4e153ab3 Summary There is Stored XSS vulnerability in User Groups-Group Details Name field. This vulnerability might be used ...

Concrete CMS: Stored XSS in Private Messages 'Reply' allows to execute malicious JavaScript against any user while replying to the message which contains payload

Intro "Back to the Crayons" Type of issue: Core CMS issue Level of severity: External Attack Vector Concrete5 version: 8.2.0 RC2 rev. 32c9daf352645d4fafedb7b956e7f2de4e153ab3 July 8th Summary There is Stored XSS vulnerability in Private Messages 'Reply' feature, when original message is quoted in...

Devmode Remote Command Execution Vulnerability in Elevator Engineering Management System

Elevator project management system is to establish an informatization system applicable to elevator enterprises, which collects elevator business data from various departments in time, has good data communication and exchange capability, standardized management process, unified management model,...

Solarwinds LEM 6.3.1 Hardcoded Credentials Vulnerability

Exploit for linux platform in category local exploits Title: Solarwinds LEM Hardcoded Credentials Advisory ID: KL-001-2017-015 Publication Date: 2017.07.06 Publication URL: https://www.korelogic.com/Resources/Advisories/KL-001-2017-015.txt 1. Vulnerability Details Affected Vendor: Solarwinds...

Solarwinds LEM Hardcoded Credentials

Vulnerability Details Affected Vendor: Solarwinds Affected Product: Log and Event Manager Virtual Appliance Affected Version: v6.3.1 Platform: Embedded Linux CWE Classification: CWE-798: Use of Hard-coded Credentials Impact: Unintended Access Attack vector: Local 2. Vulnerability Description The...