An issue has been found in jpeg_encoder through 2015-11-27. It is a SEGV in the function readFromBMP in jpeg_encoder.cpp. The signal is caused by an out-of-bounds write. Date published : 2018-08-05 https://github.com/fouzhe/security/tree/master/jpeg_encoder#segv-in-function-readfrombmp https://github.com/thejinchao/jpeg_encoder/issues/4
Harmonic NSG 9000 devices have a default password of nsgadmin for the admin account, a default password of nsgguest for the guest account, and a default password of nsgconfig for the config account. Date...
Harmonic NSG 9000 devices allow remote authenticated users to conduct directory traversal attacks, as demonstrated by "POST /PY/EMULATION_GET_FILE" or "POST /PY/EMULATION_EXPORT" with FileName=../../../passwd in the POST data. Date published : 2018-08-05 https://github.com/pudding2/NSG9000/blob/master/exp.txt
Harmonic NSG 9000 devices allow remote authenticated users to read the webapp.py source code via a direct request for the /webapp.py URI. Date published : 2018-08-05 https://github.com/pudding2/NSG9000/blob/master/exp.txt
PHPCMS 9 allows remote attackers to cause a denial of service (resource consumption) via large font_size, height, and width parameters in an api.php?op=checkcode request. Date published : 2018-08-05 https://github.com/m0us3Sun/PHPCMS-v9/issues/1
The get_app_path function in desktop/unx/source/start.c in LibreOffice through 6.0.5 mishandles the realpath function in certain environments such as FreeBSD libc, which might allow attackers to cause a denial of service (buffer overflow and application...
An issue was discovered in wifipcap/wifipcap.cpp in TCPFLOW through 1.5.0-alpha. There is an integer overflow in the function handle_prism during caplen processing. If the caplen is less than 144, one can cause an integer...
The Add page option in my little forum 2.4.12 allows XSS via the Menu Link field. Date published : 2018-08-04 http://owendarlene.com/stored-xss-my-little-forum/
The Add page option in my little forum 2.4.12 allows XSS via the Title field. Date published : 2018-08-04 http://owendarlene.com/stored-xss-my-little-forum/
upgrade_handle.php on NUUO NVRmini devices allows Remote Command Execution via shell metacharacters in the uploaddir parameter for a writeuploaddir command. Date published : 2018-08-04 https://www.exploit-db.com/exploits/45070/ https://www.exploit-db.com/exploits/46340/
IntelliJ IDEA XML parser was found vulnerable to XML External Entity attack, an attacker can exploit the vulnerability by implementing malicious code on both Androidmanifest.xml. Date published : 2018-08-03 http://git.jetbrains.org/?p=idea/adt-tools-base.git;a=commit;h=a778b2b88515513654e002cd51cbe8eb8226e96b https://research.checkpoint.com/parsedroid-targeting-android-development-research-community/
Race condition in the Charles Proxy Settings suid binary in Charles Proxy before 4.2.1 allows local users to gain privileges via vectors involving the –self-repair option. Date published : 2018-08-03 https://www.exploit-db.com/exploits/45107/ https://m4.rkw.io/blog/cve201715358-local-root-privesc-in-charles-proxy-42.html
A vulnerability in lack of validation of user-supplied parameters pass to XML-RPC calls on SonicWall Global Management System (GMS) virtual appliance’s, allow remote user to execute arbitrary code. This vulnerability affected GMS version 8.1...
report_viewer.do in ServiceNow Release Jakarta Patch 8 and earlier allows remote attackers to execute arbitrary code via ‘${xyz}’ Glide Scripting Injection in the sysparm_media parameter. Date published : 2018-08-03 https://telekomsecurity.github.io/2018/07/servicenow-privilege-escalation.html https://telekomsecurity.github.io/assets/advisories/20180104_ServiceNow_GlideInjection.txt