Monthly Archive: May 2018

Espruino before 1.99 allows attackers to cause a denial of service (application crash) with a user crafted input file via a Buffer Overflow during syntax parsing because of a missing check for stack exhaustion...

Espruino before 1.99 allows attackers to cause a denial of service (application crash) with a user crafted input file via a Buffer Overflow during syntax parsing because a check for ‘’ is made for...

Espruino before 1.99 allows attackers to cause a denial of service (application crash) and a potential Escalation of Privileges with a user crafted input file via a Buffer Overflow during syntax parsing, because strncat...

Espruino before 1.99 allows attackers to cause a denial of service (application crash) with a user crafted input file via a Buffer Overflow during syntax parsing of "VOID" tokens in jsparse.c. Date published :...

Espruino before 1.99 allows attackers to cause a denial of service (application crash) and potential Information Disclosure with a user crafted input file via a Buffer Overflow during syntax parsing because strncpy is misused...

Espruino before 1.98 allows attackers to cause a denial of service (application crash) with a user crafted input file via an Out-of-bounds Read during syntax parsing in which certain height validation is missing in...

Espruino before 1.98 allows attackers to cause a denial of service (application crash) with a user crafted input file via a NULL pointer dereference during syntax parsing. This was addressed by adding validation for...

Espruino before 1.99 allows attackers to cause a denial of service (application crash) with a user crafted input file via an integer overflow during syntax parsing. This was addressed by fixing stack size detection...

Bitmain Antminer D3, L3+, and S9 devices allow Remote Command Execution via the system restore function. Date published : 2018-05-31 https://www.exploit-db.com/exploits/44779/

The ‘systemui/settings_network.php’ and ‘systemui/settings_patching.php’ scripts in the Quest KACE System Management Appliance 8.0.318 are accessible only from localhost. This restriction can be bypassed by modifying the ‘Host’ and ‘X_Forwarded_For’ HTTP headers in a POST...

The ‘IMAGES_JSON’ and ‘attachments_to_remove[]’ parameters of the ‘/adminui/advisory.php’ script in the Quest KACE System Management Virtual Appliance 8.0.318 can be abused to write and delete files respectively via Directory Traversal. Files can be at...

The ‘reportID’ parameter received by the ‘/common/run_report.php’ script in the Quest KACE System Management Appliance 8.0.318 is not sanitized, leading to SQL injection (in particular, an error-based type). Date published : 2018-05-31 https://www.coresecurity.com/advisories/quest-kace-system-management-appliance-multiple-vulnerabilities

The ‘/common/ajax_email_connection_test.php’ script in the Quest KACE System Management Appliance 8.0.318 is accessible by any authenticated user and can be abused to execute arbitrary commands on the system. This script is vulnerable to command...

The ‘/common/download_agent_installer.php’ script in the Quest KACE System Management Appliance 8.0.318 is accessible by anonymous users and can be abused to execute arbitrary commands on the system. Date published : 2018-05-31 https://www.exploit-db.com/exploits/44950/ https://www.coresecurity.com/advisories/quest-kace-system-management-appliance-multiple-vulnerabilities