CVE-2017-2799

An exploitable heap corruption vulnerability exists in the AddSst functionality of Antenna House DMC HTMLFilter as used by MarkLogic 8.0-6. A specially crafted XLS file can cause a heap corruption resulting in arbitrary code execution. An attacker can send or provide a malicious XLS file to trigg...

Heap overflow

An exploitable heap corruption vulnerability exists in the FillRowFormat functionality of Antenna House DMC HTMLFilter that is shipped with MarkLogic 8.0-6. A specially crafted xls file can cause a heap corruption resulting in arbitrary code execution. An attacker can send/provide malicious xls...

CVE-2017-2783

An exploitable heap corruption vulnerability exists in the FillRowFormat functionality of Antenna House DMC HTMLFilter that is shipped with MarkLogic 8.0-6. A specially crafted xls file can cause a heap corruption resulting in arbitrary code execution. An attacker can send/provide malicious xls...

CVE-2017-2793

An exploitable heap corruption vulnerability exists in the UnCompressUnicode functionality of Antenna House DMC HTMLFilter used by MarkLogic 8.0-6. A specially crafted xls file can cause a heap corruption resulting in arbitrary code execution. An attacker can send/provide malicious XLS file to...

Heap overflow

An exploitable heap overflow vulnerability exists in the ParseEnvironment functionality of AntennaHouse DMC HTMLFilter as used by MarkLogic 8.0-6...

CVE-2017-2794

An exploitable stack-based buffer overflow vulnerability exists in the DHFSummary functionality of AntennaHouse DMC HTMLFilter as used by MarkLogic 8.0-6. A specially crafted PPT file can cause a stack corruption resulting in arbitrary code execution. An attacker can send/provide malicious PPT fi...

CVE-2017-2797

CVE-2017-2797 affects AntennaHouse DMC HTMLFilter (ParseEnvironment) as used by MarkLogic 8.0-6. A heap-based buffer overflow occurs due to inconsistent sizing between allocated buffer (textMasterStyleAtom.size) and the subsequent read size (fontEntityAtom.size) in the PPT parsing flow. Specifica...

Cisco FirePOWER System Software Denial of Service Vulnerability

Cisco Firepower System Software is a next-generation firewall product NGFW from Cisco. A denial of service vulnerability exists in the login configuration of the Secure Sockets Layer SSL policy in Cisco FirePOWER System Software versions 5.3.0 through 6.2.2. A remote attacker could exploit this...

WordPress: [mercantile.wordpress.org] Reflected XSS via AngularJS Template Injection

Hi, By injecting a crafted AngularJS payload into the search endpoint on the WordPress Swag Store, it was possible to achieve reflected XSS further to resolved report 221893. I came across a potential exploitation vector after noticing that a search query for 22 returned 4 in the site title...

ManageEngine ServiceDesk Plus 9.0 - Authentication Bypass Vulnerability

Exploit for java platform in category web applications Title: ManageEngine ServiceDesk Plus Application Compromise Date: 19 May 2017 Researcher: Steven Lackey ByteM3 Product: ServiceDesk Plus http://www.manageengine.com/ Affected Version: 9.0 Other versions could also be affected Fixed Version:...

Medium: mysql55

Issue Overview: Server: Security: Privileges unspecified vulnerability CPU Apr 2017: Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: Server: Security: Privileges. Supported versions that are affected are 5.5.54 and earlier, 5.6.35 and earlier and 5.7.17 and earlier. Easi...

Amazon Linux AMI : mysql56 (ALAS-2017-830)

Server: Security: Privileges unspecified vulnerability CPU Apr 2017 : Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: Server: Security: Privileges. Supported versions that are affected are 5.5.54 and earlier, 5.6.35 and earlier and 5.7.17 and earlier. Easily 'exploitable...

Important: mysql56

Issue Overview: Server: Security: Privileges unspecified vulnerability CPU Apr 2017: Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: Server: Security: Privileges. Supported versions that are affected are 5.5.54 and earlier, 5.6.35 and earlier and 5.7.17 and earlier. Easi...

SAP POS Missing Authentication in XpressServer

Application: SAP POS Xpress Server Vendor URL: SAP Bug: Missing Authentication Check Reported: 15.05.2017 Vendor response: 16.05.2017 Date of Public Advisory: 11.07.2017 Reference: SAP Security Note 2520064 Author: Vladimir Egorov ERPScan VULNERABILITY INFORMATION Class: Missing Authentication...

Cordova-Android MiTM Remote Code Execution(CVE-2017-3160)

Product Apache Cordova Vulnerable Version 6.1.1 and below Technical Details When adding an Android project for the first time: ‘cordova platform add Android’ Cordova requires Gradle build tool to be installed in the local development environment. If the developer had not pre-installed Gradle, the...

SAP Java P4 SLD SSRF

Application: SAP NetWeaver Versions Affected: SAP Netweaver 7.4, 7.5 Vendor URL: SAP Bug: SSRF Reported: 05.10.2017 Vendor response: 06.10.2017 Date of Public Advisory: 13.02.2018 Reference: SAP Security Note 2565622 Author: Mathieu Geli ERPScan VULNERABILITY INFORMATION Class: Missing...

RCE via path Traversal using CSRF in SAP CRM

Application: SAP NetWeaver Versions Affected: SAP CRM 13676083 Vendor URL: SAP Bugs: CSRF, Path Traversal Reported: 05.10.2017 Vendor response: 06.10.2017 Date of Public Advisory: 13.02.2018 Reference: SAP Security Note 2547431 Author: Vahagn Vardanyan ERPScan, Vladimir Egorov ERPScan VULNERABILI...

Siemens devices using the PROFINET Discovery and Configuration Protocol (Update J)

CVSS v3 6.5 ATTENTION: Exploitable from an adjacent network/low skill level to exploit. Vendor: Siemens Equipment: Devices using the PROFINET Discovery and Configuration Protocol DCP Vulnerability: Improper Input Validation UPDATE INFORMATION This updated advisory is a follow-up to the updated...

Siemens devices using the PROFINET Discovery and Configuration Protocol (Update B)

CVSS v3 6.5 ATTENTION: Exploitable from an adjacent network/low skill level to exploit. Vendor: Siemens Equipment: Devices using the PROFINET Discovery and Configuration Protocol DCP Vulnerability: Denial of Service UPDATE INFORMATION This updated advisory is a follow-up to the updated advisory...

Siemens devices using the PROFINET Discovery and Configuration Protocol (Update K)

CVSS v3 6.5 ATTENTION: Exploitable from an adjacent network/low skill level to exploit. Vendor: Siemens Equipment: Devices using the PROFINET Discovery and Configuration Protocol DCP Vulnerabilities: Improper Input Validation UPDATE INFORMATION This updated advisory is a follow-up to the updated...