CVE-2018-20368

The Master Slider plugin 3.2.7 and 3.5.1 for WordPress has XSS via the wp-admin/admin-ajax.php Name input field of the MSPanel.Settings value on Callback...

VBScript - VbsErase Reference Leak Use-After-Free Exploit

There is an reference leak in Microsoft VBScript that can be turned into an use-after-free given sufficient time. The vulnerability has been confirmed in Internet Explorer on various Windows versions with the latest patches applied. Details: VbsErase function is used to reset and free the content...

VBScript - VbsErase Reference Leak Use-After-Free

VBScript - VbsErase Reference Leak Use-After-Free There is an reference leak in Microsoft VBScript that can be turned into an use-after-free given sufficient time. The vulnerability has been confirmed in Internet Explorer on various Windows versions with the latest patches applied. Details:...

accountsservice: insufficient path check in user_change_icon_file_authorized_cb() in user.c

Directory Traversal with ../ sequences occurs in AccountsService before 0.6.50 because of an insufficient path check in userchangeiconfileauthorizedcb in user.c...

kernel: Information leak when handling NM entries containing NUL

A vulnerability was found in the Linux kernel. Payloads of NM entries are not supposed to contain NUL. When such entry is processed, only the part prior to the first NUL goes into the concatenation i.e. the directory entry name being encoded by a bunch of NM entries. The process stops when the...

The vulnerability of the avrc_msg_cback function in the Android operating system, allowing a hacker to disclose protected information

The vulnerability of the avrcmsgcback function in the Android operating system is related to reading data beyond the buffer boundaries in memory. Exploiting this vulnerability can allow a remote attacker to disclose sensitive information using Bluetooth...

CVE-2018-15543

An issue was discovered in the org.telegram.messenger application 4.8.11 for Android. The FingerprintManager class for Biometric validation allows authentication bypass through the callback method from onAuthenticationFailed to onAuthenticationSucceeded with null, because the fingerprint API in...

Authentication flaw

DISPUTED An issue was discovered in the org.telegram.messenger application 4.8.11 for Android. The FingerprintManager class for Biometric validation allows authentication bypass through the callback method from onAuthenticationFailed to onAuthenticationSucceeded with null, because the fingerprint...

PT-2018-13079 · Telegram · Org.Telegram.Messenger

Name of the Vulnerable Software and Affected Versions: org.telegram.messenger application version 4.8.11 Description: An issue in the FingerprintManager class for Biometric validation allows authentication bypass through the callback method from onAuthenticationFailed to onAuthenticationSucceeded...

Commerce Klarna Checkout - Moderately critical - Access bypass - SA-CONTRIB-2018-062

The Commerce Klarna Checkout module enables you to accept payments from the Klarna Checkout payment provider The module doesn't sufficiently validate the payment callback made by Klarna. An attacker could bypass the payment step...

Null pointer dereference

In all android releases Android for MSM, Firefox OS for MSM, QRD Android from CAF using the linux kernel, asynchronous callbacks received a pointer to a callers local variable. Should the caller return early e.g., timeout, the callback will dereference an invalid pointer...

CVE-2018-11300

In all android releases Android for MSM, Firefox OS for MSM, QRD Android from CAF using the linux kernel, callback executed from the other thread has freed memory which is also used in wlan function and may result in to a "Use after free" scenario...

Design/Logic Flaw

In all android releases Android for MSM, Firefox OS for MSM, QRD Android from CAF using the linux kernel, callback executed from the other thread has freed memory which is also used in wlan function and may result in to a "Use after free" scenario...

CVE-2018-11300

In all android releases Android for MSM, Firefox OS for MSM, QRD Android from CAF using the linux kernel, callback executed from the other thread has freed memory which is also used in wlan function and may result in to a "Use after free" scenario...

CQU-LANKERS Cross-Site Scripting Vulnerability

CQU-LANKERS is a system of university community services. A cross-site scripting vulnerability exists in the public/api.php file in CQU-LANKERS 2017-11-02 and earlier versions, which can be exploited by remote attackers to bypass the Web Application Protection System with the help of the 'callbac...

CVE-2018-17049

CQU-LANKERS through 2017-11-02 has XSS via the public/api.php callback parameter in an uploadpic action...

CVE-2018-3897

An exploitable buffer overflow vulnerabilities exist in the /cameras/XXXX/clips handler of video-core's HTTP server of Samsung SmartThings Hub with Firmware version 0.20.17. The video-core process incorrectly extracts fields from a user-controlled JSON payload, leading to a buffer overflow on the...

CVE-2018-3908

An exploitable vulnerability exists in the REST parser of video-core's HTTP server of the Samsung SmartThings Hub STH-ETH-250-Firmware version 0.20.17. The video-core process incorrectly handles pipelined HTTP requests, which allows successive requests to overwrite the previously parsed HTTP...

PT-2018-16300 · Samsung · Samsung Smartthings Hub

Name of the Vulnerable Software and Affected Versions: Samsung SmartThings Hub STH-ETH-250-Firmware version 0.20.17 Description: An issue exists in the REST parser of the video-core's HTTP server, where it incorrectly handles pipelined HTTP requests. This allows successive requests to overwrite t...

CVE-2018-15885

Ovation FindMe 1.4-1083-1 is intended to support transmission of network traffic from covert video recorders but does not properly disrupt binary analysis for discovering the product's capabilities or purpose. This makes it easier for adversaries to detect the covert operation. Specifically, the...