11231 matches found
CVE-2018-17191
Apache NetBeans incubating 9.0 NetBeans Proxy Auto-Configuration PAC interpretation is vulnerable for remote command execution RCE. Using the nashorn script engine the environment of the javascript execution for the Proxy Auto-Configuration leaks privileged objects, that can be used to circumvent...
CVE-2018-17191
The vulnerability concerns Apache NetBeans (incubating) 9.0 with NetBeans Proxy Auto-Configuration (PAC) interpretation, which is vulnerable to remote command execution (RCE). The root cause, as described in the sources, is the use of the Nashorn JavaScript engine during PAC processing, which lea...
CVE-2018-17191
Apache NetBeans incubating 9.0 NetBeans Proxy Auto-Configuration PAC interpretation is vulnerable for remote command execution RCE. Using the nashorn script engine the environment of the javascript execution for the Proxy Auto-Configuration leaks privileged objects, that can be used to circumvent...
CVE-2018-1000889
Logisim Evolution version 2.14.3 and earlier contains an XML External Entity XXE vulnerability in Circuit file loading functionality loadXmlFrom in src/com/cburch/logisim/file/XmlReader.java that can result in information leak, possible RCE depending on system configuration. This attack appears t...
Xxe
Logisim Evolution version 2.14.3 and earlier contains an XML External Entity XXE vulnerability in Circuit file loading functionality loadXmlFrom in src/com/cburch/logisim/file/XmlReader.java that can result in information leak, possible RCE depending on system configuration. This attack appears t...
CVE-2018-1000889
Logisim Evolution version 2.14.3 and earlier contains an XML External Entity XXE vulnerability in Circuit file loading functionality loadXmlFrom in src/com/cburch/logisim/file/XmlReader.java that can result in information leak, possible RCE depending on system configuration. This attack appears t...
CVE-2018-1000889
CVE-2018-1000889 affects Logisim Evolution versions 2.14.3 and earlier, due to an XML External Entity (XXE) vulnerability in the circuit file loading path (loadXmlFrom in XmlReader.java). The issue can lead to information disclosure and, depending on system configuration, potential remote code ex...
Slack: User-assisted RCE in Slack for macOS (from official site) due to improper quarantine meta-attribute handling for downloaded files
Summary GateKeeper/Quarantine bypass for downloaded files Lack of com.apple.quarantine meta-attribute for downloaded files allows a remote attacker to send an executable file that won't be checked by Gatekeeper . File opening doesn't trigger native alerts from GateKeeper/Quarantine Downloaded...
Valve: RCE on Steam Client via buffer overflow in Server Info
Introduction In Steam and other valve games CSGO, Half-Life, TF2 there is a functionality to find game servers called the server browser. In order to retrieve the information about these servers the server browser communicates with a specific UDP protocol called server queries. The protocol is we...
Potential RCE if filename starts with phar://
More info at https://pear.php.net/bugs/bug.php?id=23782...
Potential RCE if filename starts with phar://
More info at https://pear.php.net/bugs/bug.php?id=23782...
CVE-2018-1000878
libarchive version commit 416694915449219d505531b1096384f3237dd6cc onwards release v3.1.0 onwards contains a CWE-416: Use After Free vulnerability in RAR decoder - libarchive/archivereadsupportformatrar.c that can result in Crash/DoS - it is unknown if RCE is possible. This attack appear to be...
Design/Logic Flaw
libarchive version commit 416694915449219d505531b1096384f3237dd6cc onwards release v3.1.0 onwards contains a CWE-416: Use After Free vulnerability in RAR decoder - libarchive/archivereadsupportformatrar.c that can result in Crash/DoS - it is unknown if RCE is possible. This attack appear to be...
CVE-2018-1000878
libarchive version commit 416694915449219d505531b1096384f3237dd6cc onwards release v3.1.0 onwards contains a CWE-416: Use After Free vulnerability in RAR decoder - libarchive/archivereadsupportformatrar.c that can result in Crash/DoS - it is unknown if RCE is possible. This attack appear to be...
CVE-2018-1000878
The CVE-2018-1000878 entry concerns libarchive’s RAR decoder. A Use After Free in archive_read_support_format_rar.c can crash the process or enable denial-of-service when opening a specially crafted RAR file; exploitation appears to require user interaction (opening the archive). Affected upstrea...
CVE-2018-1000878
libarchive version commit 416694915449219d505531b1096384f3237dd6cc onwards release v3.1.0 onwards contains a CWE-416: Use After Free vulnerability in RAR decoder - libarchive/archivereadsupportformatrar.c that can result in Crash/DoS - it is unknown if RCE is possible. This attack appear to be...
CVE-2018-1000832
CVE-2018-1000832 affects ZoneMinder versions
CVE-2018-1000839
The CVE-2018-1000839 entry concerns LH-EHR REL-2_0_0, which has an Arbitrary File Upload flaw in the Profile picture upload feature that can lead to Remote Code Execution. The exploit path is described as uploading a PHP file with an image MIME type, enabling code execution on the server. Public ...
Microsoft Issues Emergency Patch For Under-Attack IE Zero Day
Microsoft today issued an out-of-band security update to patch a critical zero-day vulnerability in Internet Explorer IE Web browser that attackers are already exploiting in the wild to hack into Windows computers. Discovered by security researcher Clement Lecigne of Google's Threat Analysis Grou...
CVE-2018-1000878
libarchive version commit 416694915449219d505531b1096384f3237dd6cc onwards release v3.1.0 onwards contains a CWE-416: Use After Free vulnerability in RAR decoder - libarchive/archivereadsupportformatrar.c that can result in Crash/DoS - it is unknown if RCE is possible. This attack appear to be...