CVE-2018-13440

The audiofile Audio File Library 0.3.6 has a NULL pointer dereference bug in ModuleState::setup in modules/ModuleState.cpp, which allows an attacker to cause a denial of service via a crafted caf file, as demonstrated by sfconvert...

CVE-2018-13440

The audiofile Audio File Library 0.3.6 has a NULL pointer dereference bug in ModuleState::setup in modules/ModuleState.cpp, which allows an attacker to cause a denial of service via a crafted caf file, as demonstrated by sfconvert...

PT-2018-11825 · Audiofile +6 · Audio File Library +6

Name of the Vulnerable Software and Affected Versions: The audiofile Audio File Library version 0.3.6 Description: The issue is related to a NULL pointer dereference bug in the ModuleState::setup function, located in modules/ModuleState.cpp. This bug can be exploited by an attacker to cause a...

UBUNTU-CVE-2018-13440

The audiofile Audio File Library 0.3.6 has a NULL pointer dereference bug in ModuleState::setup in modules/ModuleState.cpp, which allows an attacker to cause a denial of service via a crafted caf file, as demonstrated by sfconvert...

NULL pointer dereference in ModuleState::setup, in ModuleState.cpp

There exists one NULL pointer dereference bug in ModuleState::se...

Design/Logic Flaw

The skyring-setup command creates random password for mongodb skyring database but it writes password in plain text to /etc/skyring/skyring.conf file which is owned by root but read by local user. Any local user who has access to system running skyring service will be able to get password in plai...

CVE-2017-2665

The skyring-setup command creates random password for mongodb skyring database but it writes password in plain text to /etc/skyring/skyring.conf file which is owned by root but read by local user. Any local user who has access to system running skyring service will be able to get password in plai...

CVE-2017-2665

The skyring-setup command creates random password for mongodb skyring database but it writes password in plain text to /etc/skyring/skyring.conf file which is owned by root but read by local user. Any local user who has access to system running skyring service will be able to get password in plai...

CVE-2017-2665

CVE-2017-2665 involves the skyring-setup script writing the MongoDB password to /etc/skyring/skyring.conf in plaintext, where the file is root-owned but readable by local users. This allows any local user with system access to obtain the password, exposing the Skyring database. Affected component...

CVE-2018-1113

CVE-2018-1113 summary (in provided documents): The Fedora/RHEL setup package before version 2.11.4-1.fc28 added /sbin/nologin and /usr/sbin/nologin to /etc/shells. This undermines assumptions in pam_shells and some daemons that rely on a user’s shell being listed in /etc/shells, and under certain...

Fuzzer SMB Session Setup Invalid Username - Ver2

A vulnerability exists in Fuzzer. Successful exploitation of this vulnerability could allow a remote attacker to damage users system...

Hardware Acceleration for Linux endpoints with AMD GPUs

Starting from version 2.5,HDX RTME supports hardware acceleration for video compression on Linux thin clients or fat clients with AMD GPU. Specifically, for video encoding RTME uses VCE 2.0 or higher. Video decoding has limited support because of some technical limitations, and it is disabled in...

DIGISOL DG-HR3400 Wireless Router - Cross-Site Scripting

DIGISOL DG-HR3400 Wireless Router - Cross-Site Scripting Exploit Title: DIGISOL DG-HR3400 Wireless Router - Cross-Site Scripting Date: 2018-06-25 Vendor Homepage: http://www.digisol.com Hardware Link: https://www.amazon.in/Digisol-DG-HR3400-300Mbps-Wireless-Broadband/dp/B00IL8DR6W Category:...

DIGISOL DG-HR3400 Wireless Router - Cross-Site Scripting

Exploit Title: DIGISOL DG-HR3400 Wireless Router - Cross-Site Scripting Date: 2018-06-25 Vendor Homepage: http://www.digisol.com Hardware Link: https://www.amazon.in/Digisol-DG-HR3400-300Mbps-Wireless-Broadband/dp/B00IL8DR6W Category: Hardware Exploit Author: Adipta Basu Tested on: Mac OS High...

CVE-2018-0563

Untrusted search path vulnerability in the installer of FLET'S VIRUS CLEAR Easy Setup & Application Tool ver.13.0 and earlier versions and FLET'S VIRUS CLEAR v6 Easy Setup & Application Tool ver.13.0 and earlier versions allows an attacker to gain privileges via a Trojan horse DLL in an unspecifi...

Microsoft Windows: Specify the maximum log file size (Setup)

This test checks the setting for policy OpenVAS Vulnerability Test $Id: winsetupmaxlogsize.nasl 11363 2018-09-12 13:46:05Z emoss $ Check value for Specify the maximum log file size Setup Authors: Emanuel Moss Copyright: Copyright c 2018 Greenbone Networks GmbH, http://www.greenbone.net This progr...

Microsoft Windows: BitLocker-protected removable drives recovery (wizard)

This test checks the setting for policy OpenVAS Vulnerability Test $Id: winrmbitlockerrecoverywizard.nasl 11363 2018-09-12 13:46:05Z emoss $ Check value for Choose how BitLocker-protected removable drives can be recovered: Omit recovery options from the BitLocker setup wizard Authors: Emanuel Mos...

Microsoft Windows: Event Log behavior when log file reaches its max size (Setup)

This test checks the setting for policy OpenVAS Vulnerability Test $Id: winsetupretention.nasl 10989 2018-08-15 14:57:51Z emoss $ Check value for Setup: Control Event Log behavior when the log file reaches its maximum size Authors: Emanuel Moss Copyright: Copyright c 2018 Greenbone Networks GmbH,...

TP-Link TL-WA850RE Remote Arbitrary Code Execution Vulnerability

The TP-Link TL-WA850RE is a wireless extender. A remote arbitrary code execution vulnerability exists in the TP-Link TL-WA850RE Wi-Fi Range Extender using TL-WA850RE v5 firmware. A remote attacker can exploit this vulnerability by sending the 'wpssetuppin' parameter with shell metacharacters to t...

Microsoft Windows: Prevent installation of devices also to already installed (Driver Setup Class)

This test checks the setting for policy OpenVAS Vulnerability Test $Id: windenydriversalreadyinstalled.nasl 11337 2018-09-11 14:23:53Z emoss $ Check value for Prevent installation of devices using drivers that match these device setup classes: Also apply to matching devices that are already...