Monthly Archive: February 2018

An issue was discovered in secdrv.sys as shipped in Microsoft Windows Vista, Windows 7, Windows 8, and Windows 8.1 before KB3086255, and as shipped in Macrovision SafeDisc. Two carefully timed calls to IOCTL 0xCA002813...

The TLS implementation in the TCP/IP networking module in Unisys ClearPath MCP systems with TCP-IP-SW 58.1 before 58.160, 59.1 before 059.1a.17 (IC #17), and 60.0 before 60.044 might allow remote attackers to decrypt TLS...

IBM Security Guardium Big Data Intelligence (SonarG) 3.1 stores user credentials in plain in clear text which can be read by a local user. IBM X-Force ID: 137778. Date published : 2018-02-26 http://www.securityfocus.com/bid/103213 http://www.ibm.com/support/docview.wss?uid=swg22013596

Microsoft Identity Manager 2016 SP1 allows an attacker to gain elevated privileges when it does not properly sanitize a specially crafted attribute value being displayed to a user on an affected MIM 2016 server,...

ws.php in the Facetag extension 0.0.3 for Piwigo allows SQL injection via the imageId parameter in a facetag.changeTag or facetag.listTags action. Date published : 2018-02-25 https://www.exploit-db.com/exploits/42094/ http://touhidshaikh.com/blog/poc/facetag-extension-piwigo-sqli/

The Facetag extension 0.0.3 for Piwigo allows XSS via the name parameter to ws.php in a facetag.changeTag action. Date published : 2018-02-25 https://www.exploit-db.com/exploits/42098/ http://touhidshaikh.com/blog/poc/facetag-ext-piwigo-stored-xss/

The f2fs implementation in the Linux kernel before 4.14 mishandles reference counts associated with f2fs_wait_discard_bios calls, which allows local users to cause a denial of service (BUG), as demonstrated by fstrim. Date published :...

When an Apache Geode cluster before v1.4.0 is operating in secure mode, the Geode configuration service does not properly authorize configuration requests. This allows an unprivileged user who gains access to the Geode locator...

An issue was discovered in PureVPN through 5.19.4.0 on Windows. The client installation grants the Everyone group Full Control permission to the installation directory. In addition, the PureVPNService.exe service, which runs under NT AuthoritySYSTEM...

The blkcg_init_queue function in block/blk-cgroup.c in the Linux kernel before 4.11 allows local users to cause a denial of service (double free) or possibly have unspecified other impact by triggering a creation failure. Date...

YzmCMS 3.6 allows remote attackers to discover the full path via a direct request to application/install/templates/s1.php. Date published : 2018-02-25 https://github.com/kongxin520/YzmCMS/blob/master/YzmCMS_3.6_bug.md

controllers/admin/Linkage.php in dayrui FineCms 5.3.0 has Cross Site Scripting (XSS) via the id or lid parameter in a c=linkage,m=import request to admin.php, because the xss_clean protection mechanism is defeated by crafted input that lacks...

INVT Studio 1.2 allows remote attackers to cause a denial of service during import operations. Date published : 2018-02-25 http://www.cnvd.org.cn/flaw/show/1205913

KingView 7.5SP1 has an integer overflow during stgopenstorage API read operations. Date published : 2018-02-25 http://www.cnvd.org.cn/flaw/show/1202823