kernel: filesystem corruption due to an unchecked error condition during an xfs attribute change

In the Linux kernel before 4.17, a local attacker able to set attributes on an xfs filesystem could make this filesystem non-operational until the next mount by triggering an unchecked error condition during an xfs attribute change, because xfsattrshortformaddname in fs/xfs/libxfs/xfsattr.c...

UBUNTU-CVE-2018-18407

A heap-based buffer over-read was discovered in the tcpreplay-edit binary of Tcpreplay 4.3.0 beta1, during the incremental checksum operation. The issue gets triggered in the function csumreplace4 in incrementalchecksum.h, causing a denial of service...

CVE-2018-17776

PCProtect Anti-Virus v4.8.35 has "Everyone: F" permission for %PROGRAMFILESX86%\PCProtect, which allows local users to gain privileges by replacing an executable file with a Trojan horse...

Security Bulletin: Public disclosed vulnerability from Apache Struts affects IBM Platform Application Center

Summary Public disclosed vulnerability CVE-2018-11776 from Apache Struts affects IBM Platform Application Center. Vulnerability Details CVEID: CVE-2018-11776 DESCRIPTION: Apache Struts namespace code execution CVSS Base Score: 9.8 CVSS Temporal Score: See for the current score CVSS Environmental...

PHPMailer < 5.2.10 'html2text' Library RCE Vulnerability

PHPMailer is prone to a remote code execution RCE vulnerability within the shipped Copyright C 2018 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This...

Adobe Flash Player End of Life (EOL) Detection - Mac OS X

The Adobe Flash Player on the remote host has reached the end of life EOL / is discontinued and should not be used anymore. This VT has been deprecated and replaced by the VT SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are...

CVE-2018-17183

Artifex Ghostscript before 9.25 allowed a user-writable error exception table, which could be used by remote attackers able to supply crafted PostScript to potentially overwrite or replace error handlers to inject code...

CVE-2018-17183

Artifex Ghostscript before 9.25 allowed a user-writable error exception table, which could be used by remote attackers able to supply crafted PostScript to potentially overwrite or replace error handlers to inject code...

Microsoft Windows Subsystem for Linux Security Bypass Vulnerability

Microsoft Windows 10 and Windows Server Version 1803 are both operating systems released by Microsoft Corporation in the U.S. Microsoft Windows 10 is an operating system for personal computers.Windows Server Version 1709 is a server operating system.Windows Subsystem for Linux is one of the Linux...

BTITeam XBTIT cross-site scripting vulnerability (CNVD-2018-19430)

BTITeam XBTIT is an open source bittorrent tracking system. A cross-site scripting vulnerability exists in BTITeam XBTIT. Attackers can use the 'String.replace' function and 'eval' function to exploit the vulnerability to bypass the includes/crkprotection.php script of the anti-cross-site scripti...

CVE-2018-15676

An issue was discovered in BTITeam XBTIT. By using String.replace and eval, it is possible to bypass the includes/crkprotection.php anti-XSS mechanism that looks for a number of dangerous fingerprints...

SMBetray - SMB MiTM Tool With A Focus On Attacking Clients Through File Content Swapping, Lnk Swapping, As Well As Compromising Any Data Passed Over The Wire In Cleartext

Version 1.0.0. This tool is a PoC to demonstrate the ability of an attacker to intercept and modify insecure SMB connections, as well as compromise some secured SMB connections if credentials are known. Background Released at Defcon26 at "SMBetray - Backdooring and Breaking Signatures" In SMB...

CVE-2018-3902

An exploitable buffer overflow vulnerability exists in the camera "replace" feature of video-core's HTTP server of Samsung SmartThings Hub STH-ETH-250 devices with firmware version 0.20.17. The video-core process incorrectly extracts the URL field from a user-controlled JSON payload, leading to a...

PT-2018-16294 · Samsung · Samsung Smartthings Hub

Name of the Vulnerable Software and Affected Versions: Samsung SmartThings Hub STH-ETH-250 version 0.20.17 Description: A buffer overflow issue exists in the camera "replace" feature of the video-core's HTTP server. This occurs because the video-core process incorrectly extracts the URL field fro...

Security Bulletin: Public disclosed vulnerability from Apache Struts affects IBM Spectrum LSF Explorer

Summary Public disclosed vulnerability from Apache Struts affects IBM Spectrum LSF Explorer. Vulnerability Details CVEID: CVE-2018-1327 DESCRIPTION: Apache Struts is vulnerable to a denial of service. By sending a specially crafted XML request using the XStream handler with the Struts REST plugin...

Canon PrintMe / EFI XSS Vulnerability

Canon PrintMe / EFI software is prone to a cross-site scripting XSS vulnerability. Copyright C 2018 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This...

CVE-2018-5164

Content Security Policy CSP is not applied correctly to all parts of multipart content sent with the "multipart/x-mixed-replace" MIME type. This could allow for script to run where CSP should block it, allowing for cross-site scripting XSS and other attacks. This vulnerability affects Firefox 60...

Mozilla Firefox Cross-Site Scripting Vulnerability (CNVD-2018-10239)

Mozilla Firefox browser Firefox is a free and open source browser for Windows, Linux and MacOSX platforms. A cross-site scripting vulnerability exists in Mozilla Firefox. The vulnerability arises because the Content Security Policy CSP is not properly applied to all parts of multipart content sen...

Gemalto SafeNet Authentication Service Windows Logon Agent elevation of privilege vulnerability (CNVD-2018-04633)

Gemalto SafeNet Authentication Service Windows Logon Agent is a SafeNet Authentication Service Windows Logon Agent from Gemalto USA. A security vulnerability exists in the Gemalto SafeNet Authentication Service Windows Logon Agent that stems from the program's use of weak access control lists for...

CVE-2017-1233

IBM Remote Control v9 could allow a local user to use the component to replace files to which he does not have write access and which he can cause to be executed with Local System or root privileges. IBM X-Force ID: 123912...