Monthly Archive: September 2018

LavaLite 5.5 has XSS via a /edit URI, as demonstrated by client/job/job/Zy8PWBekrJ/edit. Date published : 2018-09-05 https://github.com/LavaLite/cms/issues/259

TeamViewer 10.x through 13.x allows remote attackers to bypass the brute-force authentication protection mechanism by skipping the "Cancel" step, which makes it easier to determine the correct value of the default 4-digit PIN. Date...

HScripts PHP File Browser Script v1.0 allows Directory Traversal via the index.php path parameter. Date published : 2018-09-05 https://packetstormsecurity.com/files/149204

An issue was discovered in ZZIPlib through 0.13.69. There is a memory leak triggered in the function __zzip_parse_root_directory in zip.c, which will lead to a denial of service attack. Date published : 2018-09-05 https://github.com/gdraheim/zziplib/issues/58...

Amcrest networked devices use the same hardcoded SSL private key across different customers’ installations, which allows remote attackers to defeat cryptographic protection mechanisms by leveraging knowledge of this key from another installation, as demonstrated...

Kaizen Asset Manager (Enterprise Edition) and Training Manager (Enterprise Edition) allow a remote attacker to achieve arbitrary code execution via file impersonation. For example, a malicious dynamic-link library (dll) assumed the identity of a...

In Artifex Ghostscript before 9.24, gssetresolution and gsgetresolution allow attackers to have an unspecified impact. Date published : 2018-09-05 https://www.debian.org/security/2018/dsa-4288 https://security.gentoo.org/glsa/201811-12

In Artifex Ghostscript before 9.24, attackers able to supply crafted PostScript files could use insufficient interpreter stack-size checking during error handling to crash the interpreter. Date published : 2018-09-05 http://www.securityfocus.com/bid/105337 https://www.debian.org/security/2018/dsa-4288

In Artifex Ghostscript before 9.24, attackers able to supply crafted PostScript files could use incorrect free logic in pagedevice replacement to crash the interpreter. Date published : 2018-09-05 https://www.debian.org/security/2018/dsa-4288 https://security.gentoo.org/glsa/201811-12

In Artifex Ghostscript before 9.24, attackers able to supply crafted PostScript files to the builtin PDF14 converter could use a use-after-free in copydevice handling to crash the interpreter or possibly have unspecified other impact....

In Artifex Ghostscript before 9.24, attackers able to supply crafted PostScript files could use incorrect access checking in temp file handling to disclose contents of files on the system otherwise not readable. Date published...

An XML External Entity (XXE) vulnerability exists in HTML Form Entry 3.7.0, as distributed in OpenMRS Reference Application 2.8.0. Date published : 2018-09-05 https://github.com/openmrs/openmrs-module-htmlformentry/pull/137 https://github.com/openmrs/openmrs-module-htmlformentry/pull/138

A directory traversal vulnerability with remote code execution in Prim’X Zed! FREE through 1.0 build 186 and Zed! Limited Edition through 6.1 build 2208 allows creation of arbitrary files on a user’s workstation using...

helpers.py in Flask-Admin 1.5.2 has Reflected XSS via a crafted URL. Date published : 2018-09-05 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UJIYCWIH3BRLI2QNC53CQXLKVP27X7EH/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZU2VKULURVXEU4YFTLMBQGYMPSXQ4MBN/