» 2018 » 3월

CVE-2018-8903

Posted on 2018년 3월 23일2018년 3월 23일 by admin

CVE-2018-8903

Open-AudIT Professional 2.1 allows XSS via the Name or Description field on the Credentials screen.

Source: CVE-2018-8903

CVE-2018-8942

Posted on 2018년 3월 23일2018년 3월 23일 by admin

CVE-2018-8942

Xiuno BBS 4.0.0 has XSS in the adminpage sitename parameter.

Source: CVE-2018-8942

CVE-2017-18244

Posted on 2018년 3월 23일2018년 3월 23일 by admin

CVE-2017-18244

The stereo_processing function in libavcodec/aacps.c in Libav 12.2 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted aac file, related to ff_ps_apply.

Source: CVE-2017-18244

CVE-2017-18242

Posted on 2018년 3월 23일2018년 3월 23일 by admin

CVE-2017-18242

The apply_dependent_coupling function in libavcodec/aacdec.c in Libav 12.2 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted aac file.

Source: CVE-2017-18242

CVE-2018-7528

Posted on 2018년 3월 23일2018년 3월 23일 by admin

CVE-2018-7528

An SQL injection vulnerability has been identified in Geutebruck G-Cam/EFD-2250 Version 1.12.0.4 and Topline TopFD-2125 Version 3.15.1 IP cameras, which may allow an attacker to alter stored data.

Source: CVE-2018-7528

CVE-2018-7524

Posted on 2018년 3월 23일2018년 3월 23일 by admin

CVE-2018-7524

A cross-site request forgery vulnerability has been identified in Geutebruck G-Cam/EFD-2250 Version 1.12.0.4 and Topline TopFD-2125 Version 3.15.1 IP cameras, which may allow an unauthorized user to be added to the system.

Source: CVE-2018-7524

CVE-2018-7532

Posted on 2018년 3월 23일2018년 3월 23일 by admin

CVE-2018-7532

Unauthentication vulnerabilities have been identified in Geutebruck G-Cam/EFD-2250 Version 1.12.0.4 and Topline TopFD-2125 Version 3.15.1 IP cameras, which may allow remote code execution.

Source: CVE-2018-7532

CVE-2018-5509

Posted on 2018년 3월 23일2018년 3월 23일 by admin

CVE-2018-5509

On F5 BIG-IP versions 13.0.0 or 12.1.0 – 12.1.3.1, when a specifically configured virtual server receives traffic of an undisclosed nature, TMM will crash and take the configured failover action, potentially causing a denial of service. The configuration which exposes this issue is not common and in general does not work when enabled in previous versions of BIG-IP. Starting in 12.1.0, BIG-IP will crash if the configuration which exposes this issue is enabled and the virtual server receives non TCP traffic. With the fix of this issue, additional configuration validation logic has been added to prevent this configuration from being applied to a virtual server. There is only data plane exposure to this issue with a non-standard configuration. There is no control plane exposure.

Source: CVE-2018-5509

CVE-2018-7520

Posted on 2018년 3월 23일2018년 3월 23일 by admin

CVE-2018-7520

An improper access control vulnerability has been identified in Geutebruck G-Cam/EFD-2250 Version 1.12.0.4 and Topline TopFD-2125 Version 3.15.1 IP cameras, which could allow a full configuration download, including passwords.

Source: CVE-2018-7520

CVE-2018-7516

Posted on 2018년 3월 23일2018년 3월 23일 by admin

CVE-2018-7516

A server-side request forgery vulnerability has been identified in Geutebruck G-Cam/EFD-2250 Version 1.12.0.4 and Topline TopFD-2125 Version 3.15.1 IP cameras, which could lead to proxied network scans.

Source: CVE-2018-7516