Open Bugtraq


2018-01-17
Low
Med.
Med.
Med.
Low
Med.
Low
Med.
2018-01-16
Med.
Med.
Med.
Med.
Med.


The latest CVEs

2018-01-06
CVE-2016-10002 Squid-cache Squid
Incorrect processing of responses to If-None-Modified HTTP conditional requests in Squid HTTP Proxy 3.1.10 through 3.1.23, 3.2.0.3 through 3.5.22, and 4.0.1 through 4.0.16 leads to client-specific Cookie data being leaked to other clients. Attack requests can easily be crafted by a client to probe a cache for this information.

2018-01-05
CVE-2018-5253 Axiosys Bento4
The AP4_FtypAtom class in Core/Ap4FtypAtom.cpp in Bento4 1.5.1.0 has an Infinite loop via a crafted MP4 file that triggers size mishandling.

CVE-2018-5251 Libming Libming
In libming 0.4.8, there is an integer signedness error vulnerability (left shift of a negative value) in the readSBits function (util/read.c). Remote attackers can leverage this vulnerability to cause a denial of service via a crafted swf file.

CVE-2018-5248 Imagemagick Imagemagick
In ImageMagick 7.0.7-17 Q16, there is a heap-based buffer over-read in coders/sixel.c in the ReadSIXELImage function, related to the sixel_decode function.

CVE-2018-5247 Imagemagick Imagemagick
In ImageMagick 7.0.7-17 Q16, there are memory leaks in ReadRLAImage in coders/rla.c.

CVE-2018-5246 Imagemagick Imagemagick
In ImageMagick 7.0.7-17 Q16, there are memory leaks in ReadPATTERNImage in coders/pattern.c.

CVE-2017-18022 Imagemagick Imagemagick
In ImageMagick 7.0.7-12 Q16, there are memory leaks in MontageImageCommand in MagickWand/montage.c.

CVE-2017-1746 IBM Jazz for service management
IBM Jazz for Service Management (IBM Tivoli Components 1.1.3) is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 135519.

CVE-2017-1696 IBM Qradar security information an...
IBM QRadar 7.2 and 7.3 could allow a remote authenticated attacker to execute arbitrary commands on the system. By sending a specially-crafted request, an attacker could exploit this vulnerability to execute arbitrary commands on the system. IBM X-Force ID: 134178.

CVE-2017-1423 IBM Websphere portal
IBM WebSphere Portal 8.5 and 9.0 exposes backend server URLs that are configured for usage by the Web Application Bridge component. IBM X-Force ID: 127476.


Dorks


2018-01-17
Med.
IRANIAN ETHICAL HACKERS
Low
indoushka
2018-01-16
Med.
IRANIAN ETHICAL HACKERS
Med.
indoushka
Med.
indoushka

Copyright 2018, cxsecurity.com

 

Back to Top