Monthly Archive: April 2019

A memory corruption issue was addressed with improved memory handling. This issue affected versions prior to iOS 12, macOS Mojave 10.14, tvOS 12, watchOS 5, iTunes 12.9 for Windows, iCloud for Windows 7.7. Date...

SQLite before 3.25.3, when the FTS3 extension is enabled, encounters an integer overflow (and resultant buffer overflow) for FTS3 queries in a "merge" operation that occurs after crafted changes to FTS3 shadow tables, allowing...

SQLite 3.25.2, when queries are run on a table with a malformed PRIMARY KEY, allows remote attackers to cause a denial of service (application crash) by leveraging the ability to run arbitrary SQL statements...

IBM DB2 9.7, 10.1, 10.5, and 11.1 libdb2e.so.1 is vulnerable to a stack based buffer overflow, caused by improper bounds checking which could allow an attacker to execute arbitrary code. IBM X-Force ID: 153316....

IBM DOORS Next Generation (DNG/RRC) 5.0 through 5.0.3 and 6.0 through 6.0.6 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended...

IBM DOORS Next Generation (DNG/RRC) 5.0 through 5.0.3 and 6.0 through 6.0.6 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended...

Path traversal vulnerability in http-live-simulator npm package version 1.0.5 allows arbitrary path to be accessed on the file system by a remote attacker. Date published : 2019-04-03 https://hackerone.com/reports/384939

XSS in buttle npm package version 0.2.0 causes execution of attacker-provided code in the victim’s browser when an attacker creates an arbitrary file on the server. Date published : 2019-04-03 https://hackerone.com/reports/331110

Plataformatec Devise version 4.5.0 and earlier, using the lockable module contains a CWE-367 vulnerability in The `Devise::Models::Lockable` class, more specifically at the `#increment_failed_attempts` method. File location: lib/devise/models/lockable.rb that can result in Multiple concurrent requests...

IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, and 11.1 is vulnerable to a buffer overflow, which could allow an authenticated local attacker to execute arbitrary code on...

Arbitrary code execution (via backdoor code) was discovered in bootstrap-sass 3.2.0.3, when downloaded from rubygems.org. An unauthenticated attacker can craft the ___cfduid cookie value with base64 arbitrary code to be executed via eval(), which...

An issue was discovered in PoDoFo 0.9.6. The PdfPagesTreeCache class in doc/PdfPagesTreeCache.cpp has an attempted excessive memory allocation because nInitialSize is not validated. Date published : 2019-04-03 https://sourceforge.net/p/podofo/tickets/46/

A CSRF vulnerability in a logged-in user’s profile edit form in the Ultimate Member plugin before 2.0.40 for WordPress allows attackers to become admin and subsequently extract sensitive information and execute arbitrary code. This...

CentOS Web Panel (CWP) 0.9.8.789 is vulnerable to Stored/Persistent XSS for the "Name Server 1" and "Name Server 2" fields via a "DNS Functions" "Edit Nameservers IPs" action. Date published : 2019-04-03 http://www.securityfocus.com/bid/107769 https://www.exploit-db.com/exploits/46629