7925 matches found
CVE-2018-13862
The CVE-2018-13862 entry concerns Touchpad / Trivum WebTouch Setup V9 V2.53 build 13163 (FW 303). The vulnerability allows unauthorized remote attackers to reset authentication via the URL /xml/system/setAttribute.xml using a GET request with id=0&attr=protectAccess&newValue=0, which can let an a...
CVE-2018-13861
CVE-2018-13861 concerns Touchpad / Trivum WebTouch Setup V9 with version V2.53 build 13163 (FW 303). The root cause is an unauthenticated remote access path that enables an attacker to reboot or perform other functions by issuing a GET to /xml/system/control.xml?action=reboot. The NVD entry descr...
CVE-2018-13860
CVE-2018-13860 affects MusicCenter / Trivum Multiroom Setup Tool V8.76 – SNR 8604.26 and C4 Professional before V9.34 build 13381. The vulnerability allows unauthorized remote attackers to obtain sensitive information via the /xml/menu/getObjectEditor.xml endpoint using GET requests like ?oid=sys...
CVE-2018-13859
CVE-2018-13859 affects MusicCenter / Trivum Multiroom Setup Tool V8.76 (SNR 8604.26) and C4 Professional prior to V9.34 build 13381. The root cause is an unauthorized reset of authentication via the GET endpoint /xml/system/setAttribute.xml with id=0&attr=protectAccess&newValue=0, allowing attack...
XenDesktop Setup Wizard fails with error (UUID_INVALID)
When running the XenDesktop Setup Wizard XDSW you might receive the following error when selecting the PVS Accelerator Configuration. The error might also be shown when attempting to change the Accelerator Status of a Target Device or Enabling/Disabling the Accelerator setting on a Host Entry...
AZL-66249 CVE-2018-13440 affecting package audiofile 0.3.6-27
The audiofile Audio File Library 0.3.6 has a NULL pointer dereference bug in ModuleState::setup in modules/ModuleState.cpp, which allows an attacker to cause a denial of service via a crafted caf file, as demonstrated by sfconvert...
CVE-2018-13440
The audiofile Audio File Library 0.3.6 has a NULL pointer dereference bug in ModuleState::setup in modules/ModuleState.cpp, which allows an attacker to cause a denial of service via a crafted caf file, as demonstrated by sfconvert...
Null pointer dereference
The audiofile Audio File Library 0.3.6 has a NULL pointer dereference bug in ModuleState::setup in modules/ModuleState.cpp, which allows an attacker to cause a denial of service via a crafted caf file, as demonstrated by sfconvert...
CVE-2018-13440
The audiofile Audio File Library 0.3.6 has a NULL pointer dereference bug in ModuleState::setup in modules/ModuleState.cpp, which allows an attacker to cause a denial of service via a crafted caf file, as demonstrated by sfconvert...
AZL-44397 CVE-2018-13440 affecting package audiofile 0.3.6-27
The audiofile Audio File Library 0.3.6 has a NULL pointer dereference bug in ModuleState::setup in modules/ModuleState.cpp, which allows an attacker to cause a denial of service via a crafted caf file, as demonstrated by sfconvert...
DEBIAN-CVE-2018-13440
The audiofile Audio File Library 0.3.6 has a NULL pointer dereference bug in ModuleState::setup in modules/ModuleState.cpp, which allows an attacker to cause a denial of service via a crafted caf file, as demonstrated by sfconvert...
CVE-2018-13440
The audiofile Audio File Library 0.3.6 has a NULL pointer dereference bug in ModuleState::setup in modules/ModuleState.cpp, which allows an attacker to cause a denial of service via a crafted caf file, as demonstrated by sfconvert...
CVE-2018-13440
The audiofile Audio File Library 0.3.6 has a NULL pointer dereference bug in ModuleState::setup in modules/ModuleState.cpp, which allows an attacker to cause a denial of service via a crafted caf file, as demonstrated by sfconvert...
CVE-2018-13440
The vulnerability is in audiofile (Audio File Library) 0.3.6: a NULL pointer dereference in ModuleState::setup (modules/ModuleState.cpp) allows denial of service via a crafted caf file (CVE-2018-13440). Attacks require no authentication and can be network-agnostic; impact is denial of service. Pu...
UBUNTU-CVE-2018-13440
The audiofile Audio File Library 0.3.6 has a NULL pointer dereference bug in ModuleState::setup in modules/ModuleState.cpp, which allows an attacker to cause a denial of service via a crafted caf file, as demonstrated by sfconvert...
PT-2018-11825 · Audiofile +6 · Audio File Library +6
Name of the Vulnerable Software and Affected Versions: The audiofile Audio File Library version 0.3.6 Description: The issue is related to a NULL pointer dereference bug in the ModuleState::setup function, located in modules/ModuleState.cpp. This bug can be exploited by an attacker to cause a...
CVE-2018-13440
The audiofile Audio File Library 0.3.6 has a NULL pointer dereference bug in ModuleState::setup in modules/ModuleState.cpp, which allows an attacker to cause a denial of service via a crafted caf file, as demonstrated by sfconvert...
NULL pointer dereference in ModuleState::setup, in ModuleState.cpp
There exists one NULL pointer dereference bug in ModuleState::se...
Design/Logic Flaw
The skyring-setup command creates random password for mongodb skyring database but it writes password in plain text to /etc/skyring/skyring.conf file which is owned by root but read by local user. Any local user who has access to system running skyring service will be able to get password in plai...
CVE-2017-2665
The skyring-setup command creates random password for mongodb skyring database but it writes password in plain text to /etc/skyring/skyring.conf file which is owned by root but read by local user. Any local user who has access to system running skyring service will be able to get password in plai...