ZEIT: [Fix Bypass #541631] Open redirect on Signup

Some signup and login paths did not verify the ?next= query param properly and allowed an open redirect with a carefully crafted invalid URL. It is standard practise to use a redirect query param in login and signup endpoints but the value should be carefully validated before accepting to redirec...

Denial Of Service (DoS)

libkrb5.so is vulnerable to denial of service DoS through buffer overflow attacks. The vulnerability exists in the getmatchingdata function of krb5 that includes certauth plugin, and subsequently allowing both the CA certificate and the user's certificate to have long subjects, causing a denial o...

CVE-2018-1000160

RisingStack protect version 1.2.0 and earlier contains a Cross Site Scripting XSS vulnerability in isXss function in lib/rules/xss.js that can result in dangerous XSS strings being validated as safe. This attack appears to be exploitable via A number of XSS strings26 detailed in the GitHub issue ...

Multiple AMD product design vulnerabilities

AMD EPYC Server, etc. are central processing unit CPU products of AMD, USA. A security vulnerability exists in a number of AMD products that stems from a program failing to adequately enforce the Hardware Validated Boot.An attacker could use this vulnerability to install malicious software that...

Code injection

The AMD EPYC Server, Ryzen, Ryzen Pro, and Ryzen Mobile processor chips have insufficient enforcement of Hardware Validated Boot, aka MASTERKEY-1, MASTERKEY-2, and MASTERKEY-3...

CVE-2018-8930

The AMD EPYC Server, Ryzen, Ryzen Pro, and Ryzen Mobile processor chips have insufficient enforcement of Hardware Validated Boot, aka MASTERKEY-1, MASTERKEY-2, and MASTERKEY-3...

CVE-2018-8930

The AMD EPYC Server, Ryzen, Ryzen Pro, and Ryzen Mobile processor chips have insufficient enforcement of Hardware Validated Boot, aka MASTERKEY-1, MASTERKEY-2, and MASTERKEY-3...

CVE-2018-8930

CVE-2018-8930 concerns AMD EPYC Server, Ryzen, Ryzen Pro and Ryzen Mobile processors with insufficient enforcement of Hardware Validated Boot (MASTERKEY-1/MASTERKEY-2/MASTERKEY-3). Public sources consistently identify the affected products and the root cause as weak validation of boot hardware, e...

CVE-2018-6633

In Micropoint proactive defense software 2.0.20266.0146, the driver file mp110005.sys allows local users to cause a denial of service BSOD or possibly have unspecified other impact because of not validating input values from IOCtl 0x80000038...

Ubiquiti Inc.: Reflected XSS

Due to the lack of sanitisation in the commend area, with a especially crafted message, is possible to execute a XSS with the "preview" function. If a draft is save, is possible to exploit this bug using as and stored-XSS. The "New Discussion" page on the Spanish and Portuguese forums have a...

CVE-2017-17819

In Netwide Assembler NASM 2.14rc0, there is an illegal address access in the function findcc in asm/preproc.c that will cause a remote denial of service attack, because pointers associated with skipwhite calls are not validated...

Updated krb5 packages fix security vulnerabilities

An authentication bypass flaw was found in the way krb5's certauth interface handled the validation of client certificates. A remote attacker able to communicate with the KDC could potentially use this flaw to impersonate arbitrary principals under rare and erroneous circumstances CVE-2017-7562...

Null pointer dereference

In Watchdog Anti-Malware 2.74.186.150 and Online Security Pro 2.74.186.150, the zam32.sys driver contains a NULL pointer dereference vulnerability that gets triggered when sending an operation to ioctl 0x80002010. This is due to the input buffer being NULL or the input buffer size being 0 as they...

CVE-2017-15921

In Watchdog Anti-Malware 2.74.186.150 and Online Security Pro 2.74.186.150, the zam32.sys driver contains a NULL pointer dereference vulnerability that gets triggered when sending an operation to ioctl 0x80002010. This is due to the input buffer being NULL or the input buffer size being 0 as they...

CVE-2015-7225

Tinfoil Devise-two-factor before 2.0.0 does not strictly follow section 5.2 of RFC 6238 and does not "burn" a successfully validated one-time password aka OTP, which allows remote or physically proximate attackers with a target user's login credentials to log in as said user by obtaining the OTP...

CVE-2017-11379

Configuration and database backup archives are not signed or validated in Trend Micro Deep Discovery Director 1.1...

CVE-2017-7664

Uploaded XML documents were not correctly validated in Apache OpenMeetings 3.1.0...

Debian DSA-3876-1 : otrs2 - security update

Joerg-Thomas Vogt discovered that the SecureMode was insufficiently validated in the OTRS ticket system, which could allow agents to escalate their privileges. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Debian...

Unspecified Vulnerabilities in Quick Heal Internet Security, Total Security and AntiVirus Pro

Quick Heal Internet Security, Total Security and AntiVirus Pro are all antivirus programs. Quick Heal Internet Security 10.1.0.316, Quick Heal Total Security 10.1.0.316 and Quick Heal AntiVirus Pro 10.1.0.316 have a security vulnerability due to Microsoft WIM Header The dwCompressionSize of...

CVE-2016-8376

Summary of CVE-2016-8376 : A non-validated redirect/forward (OPEN REDIRECT) vulnerability in Kabona AB WebDatorCentral (WDC) prior to version 3.4.0. The issue allows an attacker to chain with authenticated vulnerabilities, potentially affecting users via crafted URLs that redirect to a malicious ...