Information Disclosure

catalina is vulnerable to information disclosure attacks. The vulnerability exists as an instance-variable overwrite can occur when two requests in different threads are processed concurrently, causing information disclosure attacks...

CVE-2018-9427

In CopyToOMX of OMXNodeInstance.cpp there is a possible out-of-bounds write due to an incorrect bounds check. This could lead to remote arbitrary code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android Versions: Android-8.0...

When Security Researchers Pose as Cybercrooks, Who Can Tell the Difference?

A ridiculous number of companies are exposing some or all of their proprietary and customer data by putting it in the cloud without any kind of authentication needed to read, alter or destroy it. When cybercriminals are the first to discover these missteps, usually the outcome is a demand for mon...

Double free

An exploitable double-free vulnerability exists in the Office Open XML parser of Atlantis Word Processor, version 3.2.5.0. A specially crafted document can cause a TTableRow instance to be referenced twice, resulting in a double-free vulnerability when both the references go out of scope. An...

Online upgrade of Spectrum Scale security update packages for a Db2 pureScale cluster

Summary While the best practice for upgrading Spectrum Scale package level is through the Db2 fixpack, updating Spectrum Scale security update packages outlined in Db2 Security bulletins requires a manual installation procedure. This document contains instructions on how to apply Spectrum Scale...

Qualys Cloud Platform 8.15.2 New Features

Patch release of Qualys Cloud Platform, version 8.15.2, includes new support for Apache instance auto-discovery in Qualys Policy Compliance. Policy Compliance Apache Instance Auto-Discovery – This new feature in Qualys PC enables automatic discovery of Apache during compliance scans. Once one or...

GHSA-V543-GQHH-6GWW Duplicate Advisory: Moderate severity vulnerability that affects activemodel

Duplicate advisory This advisory has been withdrawn because it is a duplicate of GHSA-543v-gj2c-r3ch. This link is maintained to preserve external references. Original Description Active Model in Ruby on Rails 4.1.x before 4.1.14.1, 4.2.x before 4.2.5.1, and 5.x before 5.0.0.beta1.1 supports the...

GitLab: Bypass of GitLab CI runner slash fix in YAML validation

Hi Gitlab Security, I notice the bug 301432 that Jobert reported earlier is could be bypassed by setting variable in environment. The reason is that the fix in place preventing url normalization is performed by doing the YAML validation, however this could be bypassed by setting the environment...

cfme: Improper access control in dRuby allows local users to execute arbitrary commands as root

CloudForms Management Engine has a vulnerability that allows local users to execute arbitrary commands as root. An attacker with SSH access to the system can use the dRuby DRb module installed on the system to execute arbitrary shell commands using instanceeval...

Authorization Bypass

phpmyfaq/phpmyfaq is vulnerable to authorization bypasses. The library does not properly handle the instance ID, allowing a malicious user with admin rights to delete a multi-site master instance...

CVE-2014-6049

phpMyFAQ before 2.8.13 allows remote authenticated users with admin privileges to bypass authorization via a crafted instance ID parameter...

Authorization

phpMyFAQ before 2.8.13 allows remote authenticated users with admin privileges to bypass authorization via a crafted instance ID parameter...

Foxit Reader Type Obfuscation Remote Code Execution Vulnerability (CNVD-2018-15091)

Foxit Reader old name: Foxit PDF Reader is a set of software used to read PDF format files, by Fujian Foxit Software developed by Foxit Reader is a set of free to use the software, the operating system is mainly based on Microsoft Windows, and as long as there is a Win32 implementation of the...

CVE-2018-14287

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.1.1049. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

DEBIAN-CVE-2018-10847

prosody before versions 0.10.2, 0.9.14 is vulnerable to an Authentication Bypass. Prosody did not verify that the virtual host associated with a user session remained the same across stream restarts. A user may authenticate to XMPP host A and migrate their authenticated session to XMPP host B of...

Shipt: Subdomain Takeover at test.shipt.com

A researcher identified a stale DNS record that pointed to an abandoned test Heroku instance. This allowed for subdomain takeover. This was not an actively used subdomain and was not linked in any of our production applications. Nonetheless, Shipt Security immediately addressed the issue and...

Amazon Linux 2 : kernel (ALAS-2018-1046)

The fs/ext4/inline.c:ext4readinlinedata function in the Linux kernel performs a memcpy with an untrusted length value in certain circumstances involving a crafted filesystem that stores the system.data extended attribute value in a dedicated inode. The unbound copy can cause memory corruption or...

CVE-2018-0369

A vulnerability in the reassembly logic for fragmented IPv4 packets of Cisco StarOS running on virtual platforms could allow an unauthenticated, remote attacker to trigger a reload of the npusim process, resulting in a denial of service DoS condition. There are four instances of the npusim proces...

Amazon Linux AMI : kernel (ALAS-2018-1044)

A NULL pointer dereference issue was found in the Linux kernel. If the close and fchownat system calls share a socket file descriptor as an argument, then the two calls can race and trigger a NULL pointer dereference leading to a system crash and a denial of service.CVE-2018-12232 C Tenable Netwo...

Security Bulletin: Potential Privilege Escalation and Information disclosure affect IBM WebSphere Application Server in IBM Cloud (CVE-2017-1731, CVE-2017-1741)

Summary There is a potential privilege escalation in WebSphere Application Server Admin Console. There is a potential information disclosure in the WebSphere Application Server Admin Console. Vulnerability Details CVEID: CVE-2017-1731 DESCRIPTION: IBM WebSphere Application Server could provide...