Monthly Archive: June 2018

** DISPUTED ** cryptlib through 3.4.4 allows a memory-cache side-channel attack on DSA and ECDSA signatures, aka the Return Of the Hidden Number Problem or ROHNP. To discover a key, the attacker needs access...

JavaMelody through 1.60.0 has XSS via the counter parameter in a clear_counter action to the /monitoring URI. Date published : 2018-06-14 https://github.com/Hurdano/JavaMelody-XSS/wiki/Attack-Vector—JavaMelody

SeaCMS V6.61 has XSS via the site name parameter on an adm1n/admin_config.php page (aka a system management page). Date published : 2018-06-14 https://github.com/MichaelWayneLIU/seacms/blob/master/seacms.md

In Synapse before 0.31.2, unauthorised users can hijack rooms when there is no m.room.power_levels event in force. Date published : 2018-06-14 https://bugs.debian.org/901549 https://github.com/matrix-org/matrix-doc/issues/1304

LTB (aka LDAP Tool Box) Self Service Password before 1.3 allows a change to a user password (without knowing the old password) via a crafted POST request, because the ldap_bind return value is mishandled...

IceHrm before 23.0.1.OS has a risky usage of a hashed password in a request. Date published : 2018-06-14 https://github.com/gamonoid/icehrm/commit/025a8283ab5d679ff99a6b82398e4c8efed1ad9d https://github.com/gamonoid/icehrm/releases/tag/v23.0.1.OS

Archive.java in Junrar before 1.0.1, as used in Apache Tika and other products, is affected by a denial of service vulnerability due to an infinite loop when handling corrupt RAR files. Date published :...

An issue was discovered in password-store.sh in pass in Simple Password Store 1.7.x before 1.7.2. The signature verification routine parses the output of GnuPG with an incomplete regular expression, which allows remote attackers to...

Maccms 10 allows CSRF via admin.php/admin/admin/info.html to add user accounts. Date published : 2018-06-14 https://www.exploit-db.com/exploits/44887/ http://www.iwantacve.cn/index.php/archives/42/

The Balbooa Gridbox extension version 2.4.0 and previous versions for Joomla! is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A remote attacker could exploit this vulnerability via a crafted URL...

Smart Viewer in Samsung Web Viewer for Samsung DVR is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A remote attacker could exploit this vulnerability via a crafted URL to execute...

Improper input validation together with an integer overflow in the EAP-TLS protocol implementation in PPPD may cause a crash, information disclosure, or authentication bypass. This implementation is distributed as a patch for PPPD 0.91,...

Cross-site scripting (XSS) vulnerability in backend/pages/modify.php in BlackCatCMS 1.3 allows remote authenticated users with the Admin role to inject arbitrary web script or HTML via the search panel. Date published : 2018-06-14 https://github.com/BlackCatDevelopment/BlackCatCMS/commit/a817755828cd0bfd4b87b0eb5cec59ffe57d3c3e https://github.com/BlackCatDevelopment/BlackCatCMS/issues/384

A denial of service vulnerability exists in the way that the Windows Code Integrity Module performs hashing, aka "Windows Code Integrity Module Denial of Service Vulnerability." This affects Windows 7, Windows Server 2012 R2,...