» 2018 » 5월

CVE-2018-11404

Posted on 2018년 5월 24일2018년 5월 24일 by admin

CVE-2018-11404

DomainMod v4.09.03 has XSS via the assets/edit/ssl-provider-account.php sslpaid parameter.

Source: CVE-2018-11404

CVE-2018-11410

Posted on 2018년 5월 24일2018년 5월 24일 by admin

CVE-2018-11410

An issue was discovered in Liblouis 3.5.0. A invalid free in the compileRule function in compileTranslationTable.c allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact.

Source: CVE-2018-11410

CVE-2018-11403

Posted on 2018년 5월 24일2018년 5월 24일 by admin

CVE-2018-11403

DomainMod v4.09.03 has XSS via the assets/edit/account-owner.php oid parameter.

Source: CVE-2018-11403

CVE-2018-11400

Posted on 2018년 5월 24일2018년 5월 24일 by admin

CVE-2018-11400

In SimpliSafe Original, the Base Station fails to detect tamper attempts: it does not send a notification if a physically proximate attacker removes the battery and external power.

Source: CVE-2018-11400

CVE-2018-11402

Posted on 2018년 5월 24일2018년 5월 24일 by admin

CVE-2018-11402

SimpliSafe Original has Unencrypted Keypad Transmissions, which allows physically proximate attackers to discover the PIN.

Source: CVE-2018-11402

CVE-2018-11401

Posted on 2018년 5월 24일2018년 5월 24일 by admin

CVE-2018-11401

In SimpliSafe Original, RF Interference (e.g., an extremely strong 433.92 MHz signal) by a physically proximate attacker does not cause a notification.

Source: CVE-2018-11401

CVE-2018-11399

Posted on 2018년 5월 24일2018년 5월 24일 by admin

CVE-2018-11399

SimpliSafe Original has Unencrypted Sensor Transmissions, which allows physically proximate attackers to obtain potentially sensitive information about the specific times when alarm-system events occur.

Source: CVE-2018-11399

CVE-2018-10428

Posted on 2018년 5월 24일2018년 5월 24일 by admin

CVE-2018-10428

ILIAS before 5.1.26, 5.2.x before 5.2.15, and 5.3.x before 5.3.4, due to inconsistencies in parameter handling, is vulnerable to various instances of reflected cross-site-scripting.

Source: CVE-2018-10428

CVE-2018-6495

Posted on 2018년 5월 24일2018년 5월 24일 by admin

CVE-2018-6495

Cross-Site Scripting (XSS) in Micro Focus Universal CMDB, version 10.20, 10.21, 10.22, 10.30, 10.31, 10.32, 10.33, 11.0, CMS, version 4.10, 4.11, 4.12, 4.13, 4.14, 4.15.1 and Micro Focus UCMDB Browser, version 4.10, 4.11, 4.12, 4.13, 4.14, 4.15.1. This vulnerability could be remotely exploited to allow Cross-Site Scripting (XSS).

Source: CVE-2018-6495

CVE-2018-10653

Posted on 2018년 5월 24일2018년 5월 24일 by admin

CVE-2018-10653

There is an XML External Entity (XXE) Processing Vulnerability in Citrix XenMobile Server 10.8 before RP2 and 10.7 before RP3.

Source: CVE-2018-10653