» 2019 » 5월

CVE-2019-12480

Posted on 2019년 5월 31일2019년 5월 31일 by admin

CVE-2019-12480

BACnet Protocol Stack through 0.8.6 could allow an unauthenticated, remote attacker to cause a denial of service (bacserv daemon crash) because there is an invalid read in bacdcode.c during parsing of alarm tag numbers.

Source: CVE-2019-12480

CVE-2015-2230

Posted on 2019년 5월 31일2019년 5월 31일 by admin

CVE-2015-2230

Synacor Zimbra Collaboration Server 8.x before 8.7.0 has Reflected XSS in admin console.

Source: CVE-2015-2230

CVE-2015-7609

Posted on 2019년 5월 31일2019년 5월 31일 by admin

CVE-2015-7609

Synacor Zimbra Mail Client 8.6 before 8.6.0 Patch 5 has XSS via the error/warning dialog and email body content in Zimbra.

Source: CVE-2015-7609

CVE-2019-9723

Posted on 2019년 5월 31일2019년 5월 31일 by admin

CVE-2019-9723

LogicalDOC Community Edition 8.x before 8.2.1 has a path traversal vulnerability that allows reading arbitrary files and the creation of directories, in the class PluginRegistry.

Source: CVE-2019-9723

CVE-2018-10948

Posted on 2019년 5월 31일2019년 5월 31일 by admin

CVE-2018-10948

Synacor Zimbra Admin UI in Zimbra Collaboration Suite before 8.8.0 beta 2 has Persistent XSS via mail addrs.

Source: CVE-2018-10948

CVE-2018-14425

Posted on 2019년 5월 31일2019년 5월 31일 by admin

CVE-2018-14425

There is a Persistent XSS vulnerability in the briefcase component of Synacor Zimbra Collaboration Suite (ZCS) Zimbra Web Client (ZWC) 8.8.8 before 8.8.8 Patch 7 and 8.8.9 before 8.8.9 Patch 1.

Source: CVE-2018-14425

CVE-2018-9193

Posted on 2019년 5월 31일2019년 5월 31일 by admin

CVE-2018-9193

A local privilege escalation in Fortinet FortiClient for Windows 6.0.4 and earlier allows attacker to execute unauthorized code or commands via the parsing of the file.

Source: CVE-2018-9193

CVE-2018-4048

Posted on 2019년 5월 31일2019년 5월 31일 by admin

CVE-2018-4048

An exploitable local privilege elevation vulnerability exists in the file system permissions of the `Temp` directory in GOG Galaxy 1.2.48.36 (Windows 64-bit Installer). An attacker can overwrite executables of the Desktop Galaxy Updater to exploit this vulnerability and execute arbitrary code with SYSTEM privileges.

Source: CVE-2018-4048

CVE-2018-13368

Posted on 2019년 5월 31일2019년 5월 31일 by admin

CVE-2018-13368

A local privilege escalation in Fortinet FortiClient for Windows 6.0.4 and earlier allows attacker to execute unauthorized code or commands via the command injection.

Source: CVE-2018-13368

CVE-2018-9191

Posted on 2019년 5월 31일2019년 5월 31일 by admin

CVE-2018-9191

A local privilege escalation in Fortinet FortiClient for Windows 6.0.4 and earlier allows attackers to execute unauthorized code or commands via the named pipe responsible for Forticlient updates.

Source: CVE-2018-9191