Lucene search
K

7925 matches found

CVE
CVE
added 2018/07/17 2:0 p.m.61 views

CVE-2018-13862

The CVE-2018-13862 entry concerns Touchpad / Trivum WebTouch Setup V9 V2.53 build 13163 (FW 303). The vulnerability allows unauthorized remote attackers to reset authentication via the URL /xml/system/setAttribute.xml using a GET request with id=0&attr=protectAccess&newValue=0, which can let an a...

9.8CVSS9.5AI score0.50601EPSS
Exploits3References3Affected Software1
CVE
CVE
added 2018/07/17 2:0 p.m.46 views

CVE-2018-13861

CVE-2018-13861 concerns Touchpad / Trivum WebTouch Setup V9 with version V2.53 build 13163 (FW 303). The root cause is an unauthenticated remote access path that enables an attacker to reboot or perform other functions by issuing a GET to /xml/system/control.xml?action=reboot. The NVD entry descr...

10CVSS9.4AI score0.02274EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2018/07/17 2:0 p.m.35 views

CVE-2018-13860

CVE-2018-13860 affects MusicCenter / Trivum Multiroom Setup Tool V8.76 – SNR 8604.26 and C4 Professional before V9.34 build 13381. The vulnerability allows unauthorized remote attackers to obtain sensitive information via the /xml/menu/getObjectEditor.xml endpoint using GET requests like ?oid=sys...

7.5CVSS7.3AI score0.01405EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2018/07/17 2:0 p.m.53 views

CVE-2018-13859

CVE-2018-13859 affects MusicCenter / Trivum Multiroom Setup Tool V8.76 (SNR 8604.26) and C4 Professional prior to V9.34 build 13381. The root cause is an unauthorized reset of authentication via the GET endpoint /xml/system/setAttribute.xml with id=0&attr=protectAccess&newValue=0, allowing attack...

9.8CVSS9.5AI score0.17871EPSS
Exploits5References3Affected Software1
Citrix
Citrix
added 2018/07/13 12:0 a.m.7 views

XenDesktop Setup Wizard fails with error (UUID_INVALID)

When running the XenDesktop Setup Wizard XDSW you might receive the following error when selecting the PVS Accelerator Configuration. The error might also be shown when attempting to change the Accelerator Status of a Target Device or Enabling/Disabling the Accelerator setting on a Host Entry...

7.1AI score
Exploits0
OSV
OSV
added 2018/07/08 4:29 p.m.7 views

AZL-66249 CVE-2018-13440 affecting package audiofile 0.3.6-27

The audiofile Audio File Library 0.3.6 has a NULL pointer dereference bug in ModuleState::setup in modules/ModuleState.cpp, which allows an attacker to cause a denial of service via a crafted caf file, as demonstrated by sfconvert...

6.5CVSS6.4AI score0.03113EPSS
Exploits1References1
NVD
NVD
added 2018/07/08 4:29 p.m.17 views

CVE-2018-13440

The audiofile Audio File Library 0.3.6 has a NULL pointer dereference bug in ModuleState::setup in modules/ModuleState.cpp, which allows an attacker to cause a denial of service via a crafted caf file, as demonstrated by sfconvert...

6.5CVSS6.9AI score0.03113EPSS
Exploits1References2
Prion
Prion
added 2018/07/08 4:29 p.m.21 views

Null pointer dereference

The audiofile Audio File Library 0.3.6 has a NULL pointer dereference bug in ModuleState::setup in modules/ModuleState.cpp, which allows an attacker to cause a denial of service via a crafted caf file, as demonstrated by sfconvert...

4.3CVSS6.8AI score0.03113EPSS
Exploits1References2Affected Software2
OSV
OSV
added 2018/07/08 4:29 p.m.24 views

CVE-2018-13440

The audiofile Audio File Library 0.3.6 has a NULL pointer dereference bug in ModuleState::setup in modules/ModuleState.cpp, which allows an attacker to cause a denial of service via a crafted caf file, as demonstrated by sfconvert...

6.5CVSS6.4AI score
Exploits0References2
OSV
OSV
added 2018/07/08 4:29 p.m.8 views

AZL-44397 CVE-2018-13440 affecting package audiofile 0.3.6-27

The audiofile Audio File Library 0.3.6 has a NULL pointer dereference bug in ModuleState::setup in modules/ModuleState.cpp, which allows an attacker to cause a denial of service via a crafted caf file, as demonstrated by sfconvert...

6.5CVSS6.4AI score0.03113EPSS
Exploits1References1
OSV
OSV
added 2018/07/08 4:29 p.m.3 views

DEBIAN-CVE-2018-13440

The audiofile Audio File Library 0.3.6 has a NULL pointer dereference bug in ModuleState::setup in modules/ModuleState.cpp, which allows an attacker to cause a denial of service via a crafted caf file, as demonstrated by sfconvert...

6.5CVSS6.7AI score0.03113EPSS
Exploits1References1
Cvelist
Cvelist
added 2018/07/08 4:0 p.m.21 views

CVE-2018-13440

The audiofile Audio File Library 0.3.6 has a NULL pointer dereference bug in ModuleState::setup in modules/ModuleState.cpp, which allows an attacker to cause a denial of service via a crafted caf file, as demonstrated by sfconvert...

6.9AI score0.03113EPSS
Exploits1References2
AlpineLinux
AlpineLinux
added 2018/07/08 4:0 p.m.5 views

CVE-2018-13440

The audiofile Audio File Library 0.3.6 has a NULL pointer dereference bug in ModuleState::setup in modules/ModuleState.cpp, which allows an attacker to cause a denial of service via a crafted caf file, as demonstrated by sfconvert...

6.5CVSS7AI score0.03113EPSS
Exploits1References2
CVE
CVE
added 2018/07/08 4:0 p.m.160 views

CVE-2018-13440

The vulnerability is in audiofile (Audio File Library) 0.3.6: a NULL pointer dereference in ModuleState::setup (modules/ModuleState.cpp) allows denial of service via a crafted caf file (CVE-2018-13440). Attacks require no authentication and can be network-agnostic; impact is denial of service. Pu...

6.5CVSS6.7AI score0.03113EPSS
Exploits1References2Affected Software1
OSV
OSV
added 2018/07/08 12:0 a.m.4 views

UBUNTU-CVE-2018-13440

The audiofile Audio File Library 0.3.6 has a NULL pointer dereference bug in ModuleState::setup in modules/ModuleState.cpp, which allows an attacker to cause a denial of service via a crafted caf file, as demonstrated by sfconvert...

6.5CVSS6.5AI score0.03113EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2018/07/08 12:0 a.m.3 views

PT-2018-11825 · Audiofile +6 · Audio File Library +6

Name of the Vulnerable Software and Affected Versions: The audiofile Audio File Library version 0.3.6 Description: The issue is related to a NULL pointer dereference bug in the ModuleState::setup function, located in modules/ModuleState.cpp. This bug can be exploited by an attacker to cause a...

8.8CVSS5.6AI score0.04654EPSS
Exploits4References53
UbuntuCve
UbuntuCve
added 2018/07/08 12:0 a.m.27 views

CVE-2018-13440

The audiofile Audio File Library 0.3.6 has a NULL pointer dereference bug in ModuleState::setup in modules/ModuleState.cpp, which allows an attacker to cause a denial of service via a crafted caf file, as demonstrated by sfconvert...

6.5CVSS6.6AI score0.03113EPSS
Exploits1References3
GithubExploit
GithubExploit
added 2018/07/06 3:21 p.m.3 views

NULL pointer dereference in ModuleState::setup, in ModuleState.cpp

There exists one NULL pointer dereference bug in ModuleState::se...

7AI score
Exploits0
Prion
Prion
added 2018/07/06 1:29 p.m.27 views

Design/Logic Flaw

The skyring-setup command creates random password for mongodb skyring database but it writes password in plain text to /etc/skyring/skyring.conf file which is owned by root but read by local user. Any local user who has access to system running skyring service will be able to get password in plai...

1.9CVSS6.8AI score0.00327EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2018/07/06 1:29 p.m.18 views

CVE-2017-2665

The skyring-setup command creates random password for mongodb skyring database but it writes password in plain text to /etc/skyring/skyring.conf file which is owned by root but read by local user. Any local user who has access to system running skyring service will be able to get password in plai...

7CVSS6.8AI score0.00327EPSS
Exploits0References2
Rows per page
Query Builder