» 2018 » 4월

CVE-2018-9115

Posted on 2018년 4월 5일2018년 4월 5일 by admin

CVE-2018-9115

Systematic SitaWare 6.4 SP2 does not validate input from other sources sufficiently. e.g., information utilizing the NVG interface. An attacker can freeze the Situational Layer, which means that the Situational Picture is no longer updated. Unfortunately, the user cannot notice until he tries to work with that layer.

Source: CVE-2018-9115

CVE-2018-9126

Posted on 2018년 4월 5일2018년 4월 5일 by admin

CVE-2018-9126

The DNNArticle module 11 for DNN (formerly DotNetNuke) allows remote attackers to read the web.config file, and consequently discover database credentials, via the /GetCSS.ashx/?CP=%2fweb.config URI.

Source: CVE-2018-9126

CVE-2018-9035

Posted on 2018년 4월 5일2018년 4월 5일 by admin

CVE-2018-9035

CSV Injection vulnerability in ExportToCsvUtf8.php of the Contact Form 7 to Database Extension plugin 2.10.32 for WordPress allows remote attackers to inject spreadsheet formulas into CSV files via the contact form.

Source: CVE-2018-9035

CVE-2017-6426 (android)

Posted on 2018년 4월 5일2018년 5월 8일 by admin

CVE-2017-6426 (android)

An information disclosure vulnerability in the Qualcomm SPMI driver. Product: Android. Versions: Android kernel. Android ID: A-33644474. References: QC-CR#1106842.

Source: CVE-2017-6426 (android)

CVE-2017-6425 (android)

Posted on 2018년 4월 5일2018년 5월 8일 by admin

CVE-2017-6425 (android)

An information disclosure vulnerability in the Qualcomm video driver. Product: Android. Versions: Android kernel. Android ID: A-32577085. References: QC-CR#1103689.

Source: CVE-2017-6425 (android)

CVE-2017-6424 (android)

Posted on 2018년 4월 5일2018년 5월 8일 by admin

CVE-2017-6424 (android)

An elevation of privilege vulnerability in the Qualcomm WiFi driver. Product: Android. Versions: Android kernel. Android ID: A-32086742. References: QC-CR#1102648.

Source: CVE-2017-6424 (android)

CVE-2018-9275

Posted on 2018년 4월 5일2018년 4월 5일 by admin

CVE-2018-9275

In check_user_token in util.c in the Yubico PAM module (aka pam_yubico) 2.18 through 2.25, successful logins can leak file descriptors to the auth mapping file, which can lead to information disclosure (serial number of a device) and/or DoS (reaching the maximum number of file descriptors).

Source: CVE-2018-9275

CVE-2017-6424

Posted on 2018년 4월 5일2018년 4월 5일 by admin

CVE-2017-6424

An elevation of privilege vulnerability in the Qualcomm WiFi driver. Product: Android. Versions: Android kernel. Android ID: A-32086742. References: QC-CR#1102648.

Source: CVE-2017-6424

CVE-2017-6425

Posted on 2018년 4월 5일2018년 4월 5일 by admin

CVE-2017-6425

An information disclosure vulnerability in the Qualcomm video driver. Product: Android. Versions: Android kernel. Android ID: A-32577085. References: QC-CR#1103689.

Source: CVE-2017-6425

CVE-2017-6426

Posted on 2018년 4월 5일2018년 4월 5일 by admin

CVE-2017-6426

An information disclosure vulnerability in the Qualcomm SPMI driver. Product: Android. Versions: Android kernel. Android ID: A-33644474. References: QC-CR#1106842.

Source: CVE-2017-6426