Monthly Archive: September 2018

A Pektron Passive Keyless Entry and Start (PKES) system, as used on the Tesla Model S and possibly other vehicles, relies on the DST40 cipher, which makes it easier for attackers to obtain access...

In b3log Solo 2.9.3, XSS in the Input page under the Publish Articles menu, with an ID of linkAddress stored in the link JSON field, allows remote attackers to inject arbitrary Web scripts or...

An issue was discovered in Artifex Ghostscript before 9.25. Incorrect "restoration of privilege" checking when running out of stack during exception handling could be used by attackers able to supply crafted PostScript to execute...

A heap-based buffer overflow in PotPlayerMini.exe in PotPlayer 1.7.8556 allows remote attackers to execute arbitrary code via a .wav file with large BytesPerSec and SamplesPerSec values, and a small Data_Chunk_Size value. Date published :...

_bson_iter_next_internal in bson-iter.c in libbson 1.12.0, as used in MongoDB mongo-c-driver and other products, has a heap-based buffer over-read via a crafted bson buffer. Date published : 2018-09-10 https://bugzilla.redhat.com/show_bug.cgi?id=1627923#c3 https://github.com/mongodb/mongo-c-driver/commit/0d9a4d98bfdf4acd2c0138d4aaeb4e2e0934bd84

libimageworsener.a in ImageWorsener 1.3.2 has a buffer overflow in the bmpr_read_rle_internal function in imagew-bmp.c. Date published : 2018-09-10 https://github.com/jsummers/imageworsener/issues/35

ffjpeg.dll in ffjpeg before 2018-08-22 allows remote attackers to cause a denial of service (FPE signal) via a progressive JPEG file that lacks an AC Huffman table. Date published : 2018-09-10 https://github.com/rockcarry/ffjpeg/issues/6

Complete Responsive CMS Blog through 2018-05-20 has XSS via a comment. Date published : 2018-09-10 https://github.com/dusaurabh/PHP/issues/1

BlogCMS through 2016-10-25 has XSS via a comment. Date published : 2018-09-10 https://github.com/hukouhome/blogCMS/issues/1

wityCMS 0.6.2 has XSS via the "Site Name" field found in the "Contact" "Configuration" page. Date published : 2018-09-10 https://github.com/Creatiwity/wityCMS/issues/154

An issue was discovered in Victor CMS through 2018-05-10. There is XSS via the site name in the "Categories" menu. Date published : 2018-09-10 https://github.com/VictorAlagwu/CMSsite/issues/3

HongCMS 3.0.0 allows arbitrary file deletion via a ../ in the file parameter to admin/index.php/language/ajax?action=delete. Date published : 2018-09-10 https://github.com/Neeke/HongCMS/issues/6

EasyCMS 1.5 allows XSS via the index.php?s=/admin/fields/update/navTabId/listfields/callbackType/closeCurrent content field. Date published : 2018-09-10 https://github.com/teameasy/EasyCMS/issues/6

Hoosk v1.7.0 allows XSS via the Navigation Title of a new page entered at admin/pages/new. Date published : 2018-09-10 https://github.com/havok89/Hoosk/issues/47