» 2018 » 5월

CVE-2018-10092

Posted on 2018년 5월 23일2018년 5월 23일 by admin

CVE-2018-10092

The admin panel in Dolibarr before 7.0.2 might allow remote attackers to execute arbitrary commands by leveraging support for updating the antivirus command and parameters used to scan file uploads.

Source: CVE-2018-10092

CVE-2018-10094

Posted on 2018년 5월 23일2018년 5월 23일 by admin

CVE-2018-10094

SQL injection vulnerability in Dolibarr before 7.0.2 allows remote attackers to execute arbitrary SQL commands via vectors involving integer parameters without quotes.

Source: CVE-2018-10094

CVE-2018-11375

Posted on 2018년 5월 23일2018년 5월 23일 by admin

CVE-2018-11375

The _inst__lds() function in radare2 2.5.0 allows remote attackers to cause a denial of service (heap-based out-of-bounds read and application crash) via a crafted binary file.

Source: CVE-2018-11375

CVE-2018-6493

Posted on 2018년 5월 23일2018년 5월 23일 by admin

CVE-2018-6493

SQL Injection in HP Network Operations Management Ultimate, version 2017.07, 2017.11, 2018.02 and in Network Automation, version 10.00, 10.10, 10.11, 10.20, 10.30, 10.40, 10.50. This vulnerability could be remotely exploited to allow Remote SQL Injection.

Source: CVE-2018-6493

CVE-2018-6492

Posted on 2018년 5월 23일2018년 5월 23일 by admin

CVE-2018-6492

Persistent Cross-Site Scripting, and non-persistent HTML Injection in HP Network Operations Management Ultimate, version 2017.07, 2017.11, 2018.02 and in Network Automation, version 10.00, 10.10, 10.11, 10.20, 10.30, 10.40, 10.50. This vulnerability could be remotely exploited to allow persistent cross-site scripting, and non-persistent HTML Injection.

Source: CVE-2018-6492

CVE-2018-11384

Posted on 2018년 5월 23일2018년 5월 23일 by admin

CVE-2018-11384

The sh_op() function in radare2 2.5.0 allows remote attackers to cause a denial of service (heap-based out-of-bounds read and application crash) via a crafted ELF file.

Source: CVE-2018-11384

CVE-2018-11382

Posted on 2018년 5월 23일2018년 5월 23일 by admin

CVE-2018-11382

The _inst__sts() function in radare2 2.5.0 allows remote attackers to cause a denial of service (heap-based out-of-bounds read and application crash) via a crafted binary file.

Source: CVE-2018-11382

CVE-2018-11383

Posted on 2018년 5월 23일2018년 5월 23일 by admin

CVE-2018-11383

The r_strbuf_fini() function in radare2 2.5.0 allows remote attackers to cause a denial of service (invalid free and application crash) via a crafted ELF file because of an uninitialized variable in the CPSE handler in libr/anal/p/anal_avr.c.

Source: CVE-2018-11383

CVE-2018-11380

Posted on 2018년 5월 23일2018년 5월 23일 by admin

CVE-2018-11380

The parse_import_ptr() function in radare2 2.5.0 allows remote attackers to cause a denial of service (heap-based out-of-bounds read and application crash) via a crafted Mach-O file.

Source: CVE-2018-11380

CVE-2018-11381

Posted on 2018년 5월 23일2018년 5월 23일 by admin

CVE-2018-11381

The string_scan_range() function in radare2 2.5.0 allows remote attackers to cause a denial of service (heap-based out-of-bounds read and application crash) via a crafted binary file.

Source: CVE-2018-11381