Microsoft Edge Chakra ParseCatch Type Confusion (CVE-2017-11764)

A type confusion vulnerability exists in Microsoft Edge Chakra JavaScript Engine. The vulnerability is due to a lack of validation in the ParseCatch method which results in the generation on a malformed Abstract Syntax Tree AST. A remote attacker could exploit this vulnerability by enticing the...

Database Creation Error when creating a new WEM database using a hyphen ("-") in the database name

When attempting to create a new WEM database when using a hyphen '-'in the name, an error appears saying "Database Creation Error". The Citrix WEM Database Management Utility Debug Log contains the following Exception: Exception - CreateVuemdb.Run : SqlDatabaseHelper. connection Error : 102 |...

Flyspray Stored Cross-Site Scripting Vulnerability

Flyspray is a lightweight, web-based, bug tracking system written in PHP to assist in software development and project management. Flyspray suffers from a stored cross-site scripting vulnerability, which allows an authenticated user to gain administrator privileges by injecting JavaScript via the...

RubyGems: Request Hijacking Vulnerability in RubyGems 2.6.13 and earlier

We received this report via security@ from [email protected], I'm filing here for tracking and visibility purposes... "I was looking at commit 8d91516fb7037ecfb27622f605dc40245e0f8d32, which was the fix for the DNS hijacking issue CVE-2017-0902. The function still handles the DNS response in ...

Microsoft Edge - Chakra Incorrectly Parses Object Patterns

Microsoft Edge - Chakra Incorrectly Parses Object Patterns function f a: b = 0x1111, c = 0x2222, .c = 0x3333 = ; f;...

perl -- multiple vulnerabilities

Meta CPAN reports: CVE-2017-12814: $ENV$key stack buffer overflow on Windows A possible stack buffer overflow in the %ENV code on Windows has been fixed by removing the buffer completely since it was superfluous anyway. CVE-2017-12837: Heap buffer overflow in regular expression compiler Compiling...

The vulnerability of the syntax analysis module of PCX files and the PDF editing programs like Adobe Acrobat, Adobe Acrobat Document Cloud, as well as PDF viewing programs like Foxit Reader, Adobe Reader Document Cloud, and Adobe Reader allows attackers to execute arbitrary code.

The vulnerability of the syntax analysis module of PCX files and the PDF editing programs such as Adobe Acrobat, Adobe Acrobat Document Cloud, as well as PDF viewing programs like Foxit Reader and Adobe Reader Document Cloud/Adobe Reader arises from an operation that goes beyond the buffer...

ASN1C 'asn1f_lookup_symbol_impl' function denial of service vulnerability

ASN1C is an open source ASN.1 Abstract Syntax Notation compiler that enables a variety of codecs such as BER, DER and PER. A security vulnerability exists in the 'asn1flookupsymbolimpl' function in the asn1fixretrieve.c file of libasn1fix.a in ASN1C version 0.9.28. A remote attacker can exploit...

[SECURITY] Fedora 25 Update: nasm-2.13.01-3.fc25

NASM is the Netwide Assembler, a free portable assembler for the Intel 80x86 microprocessor series, using primarily the traditional Intel instruction mnemonics and syntax...

[SECURITY] Fedora 26 Update: nasm-2.13.01-3.fc26

NASM is the Netwide Assembler, a free portable assembler for the Intel 80x86 microprocessor series, using primarily the traditional Intel instruction mnemonics and syntax...

CVE-2017-11628

In PHP before 5.6.31, 7.x before 7.0.21, and 7.1.x before 7.1.7, a stack-based buffer overflow in the zendinidoop function in Zend/zendiniparser.c could cause a denial of service or potentially allow executing code. NOTE: this is only relevant for PHP applications that accept untrusted input...

Privilege escalation

rubygem-safemode, as used in Foreman, versions 1.3.2 and earlier are vulnerable to bypassing safe mode limitations via special Ruby syntax. This can lead to deletion of objects for which the user does not have delete permissions or possibly to privilege escalation...

CVE-2017-7540

rubygem-safemode, as used in Foreman, versions 1.3.2 and earlier are vulnerable to bypassing safe mode limitations via special Ruby syntax. This can lead to deletion of objects for which the user does not have delete permissions or possibly to privilege escalation...

openSUSE Security Update : vim (openSUSE-2017-788)

This update for vim fixes the following issues : Security issues fixed : - CVE-2017-5953: Fixed a possible overflow with corrupted spell file bsc1024724 - CVE-2017-6350: Fixed a possible overflow when reading a corrupted undo file bsc1027053 - CVE-2017-6349: Fixed a possible overflow when reading...

SUSE SLES11 Security Update : freeradius-server (SUSE-SU-2017:1777-1)

This update for freeradius-server fixes the following issues : - CVE-2017-9148: Disable OpenSSL's internal session cache to mitigate authentication bypass. bnc1041445 - CVE-2015-4680: Add a configuration option to allow checking of all intermediate certificates for revocations. bnc935573 The...

GNU Libtasn1 '_asn1_check_identifier' Denial of Service Vulnerability

Libtasn1 is the ASN.1 library used by GnuTLS. A denial of service vulnerability exists in GNU Libtasn1 'asn1checkidentifier'. The vulnerability stems from the asn1checkidentifier function reading specially designed input, which can be exploited by an attacker to cause a remote denial of service...

DEBIAN-CVE-2017-10790

The asn1checkidentifier function in GNU Libtasn1 through 4.12 causes a NULL pointer dereference and crash when reading crafted input that triggers assignment of a NULL value within an asn1node structure. It may lead to a remote denial of service attack...

UBUNTU-CVE-2017-10790

The asn1checkidentifier function in GNU Libtasn1 through 4.12 causes a NULL pointer dereference and crash when reading crafted input that triggers assignment of a NULL value within an asn1node structure. It may lead to a remote denial of service attack...

SUSE SLED12 / SLES12 Security Update : vim (SUSE-SU-2017:1712-1)

This update for vim fixes the following issues: Security issues fixed : - CVE-2017-5953: Fixed a possible overflow with corrupted spell file bsc1024724 - CVE-2017-6350: Fixed a possible overflow when reading a corrupted undo file bsc1027053 - CVE-2017-6349: Fixed a possible overflow when reading ...

Directory Traversal

serve is vulnerable to directory traversal attacks. Attackers are able to access file outside of the intended directory through the use of .. in a request...