CVE-2018-16831

Smarty before 3.1.33-dev-4 allows attackers to bypass the trusteddir protection mechanism via a file:./../ substring in an include statement...

CVE-2018-16831

Smarty before 3.1.33-dev-4 allows attackers to bypass the trusteddir protection mechanism via a file:./../ substring in an include statement...

CVE-2018-16831

Smarty before 3.1.33-dev-4 allows attackers to bypass the trusteddir protection mechanism via a file:./../ substring in an include statement...

Gift Voucher <= 4.1.1 - Unauthenticated Blind SQL Injection

The wpgvdoajaxfronttemplate AJAX action both authenticated and unauthenticated, defined in the front.php does not sanitised, validate or escape the templateid parameter before using it in a SQL statement, leading to a SQL Injection issue. This has been present since at least 1.0.5 v4.1.0 tried to...

CVE-2018-13446

An issue was discovered in the LINE jp.naver.line application 8.8.1 for Android. The Passcode feature allows authentication bypass via runtime manipulation that forces a certain method's return value to true. In other words, an attacker could authenticate with an arbitrary passcode. NOTE: the...

Sql injection

A SQL injection was discovered in WUZHI CMS 4.1.0 that allows remote attackers to inject a malicious SQL statement via the index.php?m=promote&f=index&v=search keywords parameter...

Security Bulletin: Hortonworks Technical Alert: CVE-2018-1284, CVE-2018-1282, CVE-2018-1315 fixes for Hive

Summary IBM Technical Support would like to make you aware of a potential issue you may encounter. Please review the details below and take action accordingly. Vulnerability Details COMPONENT : Hive/Hive2 VERSION : All HDP versions from HDP 1.0.0 to HDP 2.6.4 REFERENCE : CVE-2018-1284 PROBLEM :...

Security Bulletin: IBM® DB2® LUW contains a denial of service vulnerability using a SELECT statement with subquery containing the AVG OLAP function on Oracle compatible database (CVE-2016-0215)

Summary IBM DB2 LUW contains a denial of service vulnerability. A remote, authenticated DB2 user could exploit this vulnerability by issuing a SELECT statment with subquery containing the AVG OLAP function on an Oracle compatible database. This may cause the DB2 server to terminate abnormally...

Security Bulletin: IBM® DB2® contains a file disclosure vulnerability using a SELECT statement with XML/XSLT function (CVE-2014-8910)

Summary IBM DB2 contains a file disclosure vulnerability. A remote, authenticated DB2 user could exploit this vulnerability by executing a specially-crafted SELECT statement with XML/XSLT function to read arbitrary text files owned by the DB2 instance owner. On Windows, the attacker is able to re...

Security Bulletin: IBM® DB2® LUW contains a denial of service vulnerability in ALTER MODULE statement handling. (CVE-2014-3094)

Summary IBM DB2 is vulnerable to a stack buffer overflow, caused by improper bounds checking in the handling of the ALTER MODULE statement. Vulnerability Details CVE ID: CVE-2014-3094 DESCRIPTION: DB2 is vulnerable to a stack buffer overflow attack, caused by improper bounds checking in the...

Security Bulletin: Security vulnerabilities have been identified in IBM DB2 shipped with WebSphere Remote Server (CVE-2016-0215)

Summary IBM DB2 is shipped as a component of WebSphere Remote Server. Information about security vulnerabilities affecting IBM DB2 has been published in a security bulletin. Vulnerability Details For vulnerability details, see the security bulletin IBM DB2 LUW contains a denial of service...

Auth0 Glitch Allows Attackers to Launch Phishing Attacks

UPDATE Researchers are warning of a glitch in the Auth0 identity-as-a-service offering, which could allow bad actors to spoof a legitimate website and collect sensitive information from visitors. Researchers at Imperva on Tuesday found that the subdomain names of Auth0 are susceptible to security...

SUSE SLES12 Security Update : kernel (SUSE-SU-2018:1524-1)

This update for the Linux Kernel 4.4.74-9232 fixes several issues. The following security issues were fixed : - CVE-2017-13166: An elevation of privilege vulnerability in the kernel v4l2 video driver was fixed. bsc1085447. - CVE-2018-8897: A statement in the System Programming Guide of the Intel ...

Null pointer dereference

Espruino before 1.98 allows attackers to cause a denial of service application crash with a user crafted input file via a NULL pointer dereference during syntax parsing. This was addressed by adding validation for a debug trace print statement in jsvar.c...

CVE-2018-11591

Espruino before 1.98 allows attackers to cause a denial of service application crash with a user crafted input file via a NULL pointer dereference during syntax parsing. This was addressed by adding validation for a debug trace print statement in jsvar.c...

CVE-2018-11591

Espruino before version 1.98 is affected by a denial-of-service vulnerability caused by a NULL pointer dereference during syntax parsing when processing a crafted input file. Multiple connected sources confirm that the issue exists in Espruino 1.97 and earlier, and it was mitigated by adding vali...

MachForm 4.2.3 - SQL Injection Path Traversal Upload Bypass

MachForm 4.2.3 - SQL Injection Path Traversal Upload Bypass Vendor: Appnitro Product webpage: https://www.machform.com/ Full-Disclose: https://metalamin.github.io/MachForm-not-0-day-EN/ Fix: https://www.machform.com/blog-machform-423-security-release/ Author: Amine Taouirsa Twitter: @metalamin...

CPU hardware utilizing speculative execution may be vulnerable to cache side-channel attacks

Overview CPU hardware utilizing speculative execution may be vulnerable to cache timing side-channel analysis. Two vulnerabilities are identified, known as "Variant 3a" and "Variant 4". Description Speculative execution is a technique used by many modern processors to improve performance by...

CVE-2018-8897

CVE-2018-8897 covers a Linux kernel issue where a mishandled debug exception after MOV SS/POP SS can lead to a local privilege escalation or kernel crash. The vulnerability arises from how the kernel handles stack-switch sequencing and interrupts, potentially enabling privilege escalation in some...

“Equi-Facts”: Equifax Clarifies the Numbers for Its Massive Breach

As companies continue to install the vulnerable version of Apache Struts behind the breach, Equifax has filed a clarification statement. The number of impacted U.S. consumers from the infamous 2017 Equifax data breach now totals about 147.9 million, and the breach has touched almost every adult i...