DEBIAN-CVE-2018-16413

ImageMagick 7.0.8-11 Q16 has a heap-based buffer over-read in the MagickCore/quantum-private.h PushShortPixel function when called from the coders/psd.c ParseImageResourceBlocks function...

Samsung Galaxy Apps Privilege Access Control Vulnerability

Samsung Galaxy Apps is an application store program from Samsung South Korea that is used in Samsung cell phones. A privilege access control vulnerability exists in the handling of push messages in Samsung Galaxy Apps. A local attacker could exploit this vulnerability by obtaining execute...

Mozilla Firefox < 59 Multiple Vulnerabilities

Binary data 700328.prm...

Microsoft Edge Chakra JIT - InlineArrayPush Type Confusion

Microsoft Edge Chakra JIT - InlineArrayPush Type Confusion / This is similar to issue 1531 . The patch seems to prevent type confusion triggered from StElemIA instructions. But the SetItem method can also be invoked through the Array.prototype.push method which can be inlineed. We can achieve typ...

dotCMS path traversal vulnerability (CNVD-2019-21131)

dotCMS is a content management system CMS from the American company dotCMS. A path traversal vulnerability exists in the Push Publishing feature of the admin panel in dotCMS 3.7.1 and earlier versions, which stems from the failure of the program to properly validate the 'Bundle' tar.gz archive fi...

dotCMS arbitrary file upload vulnerability (CNVD-2019-21130)

dotCMS is a content management system CMS from the American company dotCMS. An arbitrary file upload vulnerability exists in the Push Publishing feature in the administration panel of dotCMS 3.7.1 and prior versions, which originates when extracting the 'Bundle' tar.gz archive file uploaded to th...

Path traversal

The dotCMS administration panel, versions 3.7.1 and earlier, "Push Publishing" feature in Enterprise Pro is vulnerable to path traversal. When "Bundle" tar.gz archives uploaded to the Push Publishing feature are decompressed, the filenames of its contents are not properly checked, allowing for...

CVE-2017-3188

The dotCMS administration panel, versions 3.7.1 and earlier, "Push Publishing" feature in Enterprise Pro is vulnerable to path traversal. When "Bundle" tar.gz archives uploaded to the Push Publishing feature are decompressed, the filenames of its contents are not properly checked, allowing for...

CVE-2017-3188 The dotCMS administration panel, versions 3.7.1 and earlier, "Push Publishing" feature in Enterprise Pro is vulnerable to path traversal

The dotCMS administration panel, versions 3.7.1 and earlier, "Push Publishing" feature in Enterprise Pro is vulnerable to path traversal. When "Bundle" tar.gz archives uploaded to the Push Publishing feature are decompressed, the filenames of its contents are not properly checked, allowing for...

CVE-2017-3188

The CVE-2017-3188 entry concerns dotCMS administration panel versions 3.7.1 and earlier, where the Push Publishing feature (Enterprise Pro) is vulnerable to path traversal. When tar.gz bundles are decompressed, filenames aren’t properly validated, allowing writing files to arbitrary directories o...

CVE-2017-3189

dotCMS 3.7.1 and earlier, in Enterprise Pro, is vulnerable in the Push Publishing feature where uploaded Bundle tar.gz archives are decompressed without validation of file types. This leads to a path traversal issue (CVE-2017-3188) and, when combined, enables remote command execution with the per...

CVE-2017-3189 The dotCMS administration panel, versions 3.7.1 and earlier, "Push Publishing" feature in Enterprise Pro is vulnerable to arbitrary file upload

The dotCMS administration panel, versions 3.7.1 and earlier, "Push Publishing" feature in Enterprise Pro is vulnerable to arbitrary file upload. When "Bundle" tar.gz archives uploaded to the Push Publishing feature are decompressed, there are no checks on the types of files which the bundle...

Hackers Used Malicious MDM Solution to Spy On 'Highly Targeted' iPhone Users

Security researchers have uncovered a "highly targeted" mobile malware campaign that has been operating since August 2015 and found spying on 13 selected iPhones in India. The attackers, who are also believed to be operating from India, were found abusing mobile device management MDM protocol—a...

CVE-2018-13850

The "Firebase Cloud Messaging FCM + Advance Admin Panel" component supporting Firebase Push Notification on iOS through 2017-10-26 allows SQL injection via the /advancepush/public/login username parameter...

Security Bulletin: Security vulnerability in Apache Commons FileUpload used by Liberty for Java for IBM Cloud (CVE-2016-1000031)

Summary There is a potential vulnerability in the Apache Commons FileUpload used by WebSphere Application Server traditional and WebSphere Application Server Liberty. Vulnerability Details CVEID: CVE-2016-1000031 DESCRIPTION: Apache Commons FileUpload, as used in several products, could allow a...

Security Bulletin: Multiple security vulnerabilities affect Liberty for Java for IBM Bluemix (CVE-2017-1583, CVE-2011-4343)

Summary There is a potential infomation disclosure vulnerability that affects the Java Server Faces JSF component used by WebSphere Application Server. There is a potential infomation disclosure vulnerability that affects the MyFaces component used by JSF in WebSphere Application Server...

Security Bulletin: Multiple security vulnerabilities affect Liberty for Java for IBM Bluemix (CVE-2016-5573, CVE-2016-5597, CVE-2016-5983)

Summary There are multiple vulnerabiltities in the IBM® SDK Java™ Technology Edition that is shipped with IBM WebSphere Application Server. These issues were disclosed as part of the IBM SDK for Java updates in October 2016. These may affect some configurations of IBM WebSphere Application Server...

Security Bulletin: Vulnerability in Apache Standard Taglibs affects Liberty for Java for IBM Bluemix (CVE-2015-0254)

Summary There is an XML External Entity Injection XXE vulnerability in the Apache Standard Taglibs that affects IBM WebSphere Application Server. Vulnerability Details CVEID: CVE-2015-0254 DESCRIPTION: Apache Standard Taglibs could allow a remote attacker to execute arbitrary code on the system,...

Security Bulletin: Cross-site scripting vulnerability in Liberty for Java for IBM Bluemix (CVE-2015-7417)

Summary There is a cross-site scripting vulnerability in WebSphere Application Server which affects Liberty for Java for IBM Bluemix for any consumers of the OAuth provider output. Vulnerability Details CVEID: CVE-2015-7417 DESCRIPTION: WebSphere Application Server is vulnerable to cross-site...

Microsoft Windows 10: Service: Windows Push Notifications System Service

This service runs in session 0 and hosts the notification platform and connection provider which handles the connection between the device and WNS server. C 2019 Service Defaults. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and ar...