Monthly Archive: December 2017

K7Sentry.sys 15.1.0.59 in K7 Antivirus 15.1.0309 has a NULL pointer dereference via a 0x950025a4 DeviceIoControl request. Date published : 2017-12-15 https://github.com/mmmxny/K7-Antivirus/tree/master/cve1

K7Sentry.sys 15.1.0.59 in K7 Antivirus 15.1.0309 has a NULL pointer dereference via a 0x950025ac DeviceIoControl request. Date published : 2017-12-15 https://github.com/mmmxny/K7-Antivirus/tree/master/cve3

Zoho ManageEngine Password Manager Pro 9 before 9.4 (9400) has reflected XSS in SearchResult.ec and BulkAccessControlView.ec. Date published : 2017-12-15 https://www.manageengine.com/products/passwordmanagerpro/release-notes.html

The Ping() function in ui/api/target.go in Harbor through 1.3.0-rc4 has SSRF via the endpoint parameter to /api/targets/ping. Date published : 2017-12-15 https://github.com/vmware/harbor/issues/3755

Techno – Portfolio Management Panel through 2017-11-16 allows full path disclosure via an invalid s parameter to panel/search.php. Date published : 2017-12-15 https://github.com/d4wner/Vulnerabilities-Report/blob/master/Techno-Portfolio-Management-Panel.md

Techno – Portfolio Management Panel through 2017-11-16 allows SQL Injection via the panel/search.php s parameter. Date published : 2017-12-15 https://github.com/d4wner/Vulnerabilities-Report/blob/master/Techno-Portfolio-Management-Panel.md

Techno – Portfolio Management Panel through 2017-11-16 allows XSS via the panel/search.php s parameter. Date published : 2017-12-15 https://github.com/d4wner/Vulnerabilities-Report/blob/master/Techno-Portfolio-Management-Panel.md

Techno – Portfolio Management Panel through 2017-11-16 does not check authorization for panel/portfolio.php?action=delete requests that remove feedback. Date published : 2017-12-15 https://github.com/d4wner/Vulnerabilities-Report/blob/master/Techno-Portfolio-Management-Panel.md

In VideoLAN VLC media player through 2.2.8, there is a type conversion vulnerability in modules/demux/mp4/libmp4.c in the MP4 demux module leading to a invalid free, because the type of a box may be changed...

A debug tool in Synaptics TouchPad drivers allows local users with administrative access to obtain sensitive information about keyboard scan codes by modifying registry keys. Date published : 2017-12-15 https://www.synaptics.com/company/blog/touchpad-security-brief https://support.hp.com/us-en/document/c05827409

Ruby before 2.4.3 allows Net::FTP command injection. Net::FTP#get, getbinaryfile, gettextfile, put, putbinaryfile, and puttextfile use Kernel#open to open a local file. If the localfile argument starts with the "|" pipe character, the command following...

Directory traversal vulnerability in the "Upload Groupkey" functionality in the Web Configuration Utility in Meinberg LANTIME devices with firmware before 6.24.004 allows remote authenticated users with Admin-User access to write to arbitrary files and...

The Web Configuration Utility in Meinberg LANTIME devices with firmware before 6.24.004 allows remote attackers to read arbitrary files by leveraging failure to restrict URL access. Date published : 2017-12-15 https://www.exploit-db.com/exploits/43332/ http://seclists.org/fulldisclosure/2017/Dec/33

Security researchers discovered an authentication bypass vulnerability in version 2.0.2 of the Conserus Workflow Intelligence application by McKesson Medical Imaging Company, which is now a Change Healthcare company. The attacker must send a malicious...