Monthly Archive: May 2018

TIFFClientOpen in tif_unix.c in LibTIFF 3.8.2 has memory leaks, as demonstrated by bmp2tiff. Date published : 2018-05-08 http://bugzilla.maptools.org/show_bug.cgi?id=2790

KONGTOP DVR devices A303, A403, D303, D305, and D403 contain a backdoor that prints the login password via a Print_Password function call in certain circumstances. Date published : 2018-05-08 https://github.com/hucmosin/MyBook/blob/master/KONGTOP_DVR_devices_vulnerability_report-CVE-2018-10734.pdf https://github.com/hucmosin/MyBook/blob/master/fu/DVR.pdf

The Owned smart contract implementation for Aurora DAO (AURA), an Ethereum ERC20 token, allows attackers to acquire contract ownership because the setOwner function is declared as public. An attacker can then conduct a lockBalances()...

kwallet-pam in KDE KWallet before 5.12.6 allows local users to obtain ownership of arbitrary files via a symlink attack. Date published : 2018-05-08 https://bugzilla.suse.com/show_bug.cgi?id=1090863 https://commits.kde.org/kwallet-pam/01d4143fda5bddb6dca37b23304dc239a5fb38b5

A NULL Pointer Dereference of CWE-476 exists in quassel version 0.12.4 in the quasselcore void CoreAuthHandler::handle(const Login &msg) coreauthhandler.cpp line 235 that allows an attacker to cause a denial of service. Date published :...

A heap corruption of type CWE-120 exists in quassel version 0.12.4 in quasselcore in void DataStreamPeer::processMessage(const QByteArray &msg) datastreampeer.cpp line 62 that allows an attacker to execute code remotely. Date published : 2018-05-08 https://github.com/quassel/quassel/blob/master/src/common/protocols/datastream/datastreampeer.cpp#L62...

A cross-site scripting vulnerability exists in Jenkins S3 Plugin 0.10.12 and older in src/main/resources/hudson/plugins/s3/S3ArtifactsProjectAction/jobMain.jelly that allows attackers able to control file names of uploaded files to define file names containing JavaScript that would be...

An exposure of sensitive information vulnerability exists in Jenkins Email Extension Plugin 2.61 and older in src/main/resources/hudson/plugins/emailext/ExtendedEmailPublisher/global.groovy and ExtendedEmailPublisherDescriptor.java that allows attackers with control of a Jenkins administrator’s web browser (e.g. malicious extension) to...

A path traversal vulnerability exists in Jenkins HTML Publisher Plugin 1.15 and older in HtmlPublisherTarget.java that allows attackers able to configure the HTML Publisher build step to override arbitrary files on the Jenkins master....

An open redirect vulnerability exists in Jenkins Google Login Plugin 1.3 and older in GoogleOAuth2SecurityRealm.java that allows attackers to redirect users to an arbitrary URL after successful login. Date published : 2018-05-08 http://www.securityfocus.com/bid/104211 https://jenkins.io/security/advisory/2018-04-16/

A session fixaction vulnerability exists in Jenkins Google Login Plugin 1.3 and older in GoogleOAuth2SecurityRealm.java that allows unauthorized attackers to impersonate another user if they can control the pre-authentication session. Date published : 2018-05-08...

nghttp2 version >= 1.10.0 and nghttp2 = 1.31.1. Date published : 2018-05-08 http://www.securityfocus.com/bid/103952 https://nghttp2.org/blog/2018/04/12/nghttp2-v1-31-1/

The presence of a hardcoded account in Fortinet FortiWLC 8.3.3 allows attackers to gain unauthorized read/write access via a remote shell. Date published : 2018-05-07 http://www.securityfocus.com/bid/104119 https://fortiguard.com/advisory/FG-IR-17-274

The presence of a hardcoded account in Fortinet FortiWLC 7.0.11 and earlier allows attackers to gain unauthorized read/write access via a remote shell. Date published : 2018-05-07 http://www.securityfocus.com/bid/104119 https://fortiguard.com/advisory/FG-IR-17-274