» 2018 » 9월

CVE-2018-17315

Posted on 2018년 9월 27일2018년 9월 27일 by admin

CVE-2018-17315

On the RICOH MP C2003 printer, HTML Injection and Stored XSS vulnerabilities have been discovered in the area of adding addresses via the entryNameIn parameter to /web/entry/en/address/adrsSetUserWizard.cgi.

Source: CVE-2018-17315

CVE-2018-17316

Posted on 2018년 9월 27일2018년 9월 27일 by admin

CVE-2018-17316

On the RICOH MP C6003 printer, HTML Injection and Stored XSS vulnerabilities have been discovered in the area of adding addresses via the entryNameIn parameter to /web/entry/en/address/adrsSetUserWizard.cgi.

Source: CVE-2018-17316

CVE-2018-17568

Posted on 2018년 9월 27일2018년 9월 27일 by admin

CVE-2018-17568

utils/ut_rpc.c in ViaBTC Exchange Server before 2018-08-21 has an integer overflow leading to memory corruption.

Source: CVE-2018-17568

CVE-2018-17411

Posted on 2018년 9월 27일2018년 9월 27일 by admin

CVE-2018-17411

An XML External Entity (XXE) vulnerability exists in iWay Data Quality Suite Web Console 10.6.1.ga-2016-11-20.

Source: CVE-2018-17411

CVE-2018-17569

Posted on 2018년 9월 27일2018년 9월 27일 by admin

CVE-2018-17569

network/nw_buf.c in ViaBTC Exchange Server before 2018-08-21 has an integer overflow leading to memory corruption.

Source: CVE-2018-17569

CVE-2018-17570

Posted on 2018년 9월 27일2018년 9월 27일 by admin

CVE-2018-17570

utils/ut_ws_svr.c in ViaBTC Exchange Server before 2018-08-21 has an integer overflow leading to memory corruption.

Source: CVE-2018-17570

CVE-2018-16711

Posted on 2018년 9월 27일2018년 9월 27일 by admin

CVE-2018-16711

IObit Advanced SystemCare, which includes Monitor_win10_x64.sys or Monitor_win7_x64.sys, 1.2.0.5 (and possibly earlier versions) allows a user to send an IOCTL (0x9C402088) with a buffer containing user defined content. The driver’s subroutine will execute a wrmsr instruction with the user’s buffer for input.

Source: CVE-2018-16711

CVE-2018-17309

Posted on 2018년 9월 27일2018년 9월 27일 by admin

CVE-2018-17309

On the RICOH MP C406Z printer, HTML Injection and Stored XSS vulnerabilities have been discovered in the area of adding addresses via the entryNameIn parameter to /web/entry/en/address/adrsSetUserWizard.cgi.

Source: CVE-2018-17309

CVE-2018-17310

Posted on 2018년 9월 27일2018년 9월 27일 by admin

CVE-2018-17310

On the RICOH MP C1803 JPN printer, HTML Injection and Stored XSS vulnerabilities have been discovered in the area of adding addresses via the entryNameIn parameter to /web/entry/en/address/adrsSetUserWizard.cgi.

Source: CVE-2018-17310

CVE-2018-17311

Posted on 2018년 9월 27일2018년 9월 27일 by admin

CVE-2018-17311

On the RICOH MP C6503 Plus printer, HTML Injection and Stored XSS vulnerabilities have been discovered in the area of adding addresses via the entryNameIn parameter to /web/entry/en/address/adrsSetUserWizard.cgi.

Source: CVE-2018-17311