Feed aggregator

  • warning: date(): It is not safe to rely on the system's timezone settings. You are *required* to use the date.timezone setting or the date_default_timezone_set() function. In case you used any of those methods and you are still getting this warning, you most likely misspelled the timezone identifier. We selected the timezone 'UTC' for now, but please set date.timezone to select your timezone. in /var/www/vhosts/wayhorn.com/httpdocs/modules/aggregator/aggregator.pages.inc on line 260.
  • warning: date(): It is not safe to rely on the system's timezone settings. You are *required* to use the date.timezone setting or the date_default_timezone_set() function. In case you used any of those methods and you are still getting this warning, you most likely misspelled the timezone identifier. We selected the timezone 'UTC' for now, but please set date.timezone to select your timezone. in /var/www/vhosts/wayhorn.com/httpdocs/modules/aggregator/aggregator.pages.inc on line 260.
  • warning: date(): It is not safe to rely on the system's timezone settings. You are *required* to use the date.timezone setting or the date_default_timezone_set() function. In case you used any of those methods and you are still getting this warning, you most likely misspelled the timezone identifier. We selected the timezone 'UTC' for now, but please set date.timezone to select your timezone. in /var/www/vhosts/wayhorn.com/httpdocs/modules/aggregator/aggregator.pages.inc on line 260.
  • warning: date(): It is not safe to rely on the system's timezone settings. You are *required* to use the date.timezone setting or the date_default_timezone_set() function. In case you used any of those methods and you are still getting this warning, you most likely misspelled the timezone identifier. We selected the timezone 'UTC' for now, but please set date.timezone to select your timezone. in /var/www/vhosts/wayhorn.com/httpdocs/modules/aggregator/aggregator.pages.inc on line 260.
  • warning: date(): It is not safe to rely on the system's timezone settings. You are *required* to use the date.timezone setting or the date_default_timezone_set() function. In case you used any of those methods and you are still getting this warning, you most likely misspelled the timezone identifier. We selected the timezone 'UTC' for now, but please set date.timezone to select your timezone. in /var/www/vhosts/wayhorn.com/httpdocs/modules/aggregator/aggregator.pages.inc on line 260.
  • warning: date(): It is not safe to rely on the system's timezone settings. You are *required* to use the date.timezone setting or the date_default_timezone_set() function. In case you used any of those methods and you are still getting this warning, you most likely misspelled the timezone identifier. We selected the timezone 'UTC' for now, but please set date.timezone to select your timezone. in /var/www/vhosts/wayhorn.com/httpdocs/modules/aggregator/aggregator.pages.inc on line 260.
  • warning: date(): It is not safe to rely on the system's timezone settings. You are *required* to use the date.timezone setting or the date_default_timezone_set() function. In case you used any of those methods and you are still getting this warning, you most likely misspelled the timezone identifier. We selected the timezone 'UTC' for now, but please set date.timezone to select your timezone. in /var/www/vhosts/wayhorn.com/httpdocs/modules/aggregator/aggregator.pages.inc on line 260.
  • warning: date(): It is not safe to rely on the system's timezone settings. You are *required* to use the date.timezone setting or the date_default_timezone_set() function. In case you used any of those methods and you are still getting this warning, you most likely misspelled the timezone identifier. We selected the timezone 'UTC' for now, but please set date.timezone to select your timezone. in /var/www/vhosts/wayhorn.com/httpdocs/modules/aggregator/aggregator.pages.inc on line 260.
  • warning: date(): It is not safe to rely on the system's timezone settings. You are *required* to use the date.timezone setting or the date_default_timezone_set() function. In case you used any of those methods and you are still getting this warning, you most likely misspelled the timezone identifier. We selected the timezone 'UTC' for now, but please set date.timezone to select your timezone. in /var/www/vhosts/wayhorn.com/httpdocs/modules/aggregator/aggregator.pages.inc on line 260.
  • warning: date(): It is not safe to rely on the system's timezone settings. You are *required* to use the date.timezone setting or the date_default_timezone_set() function. In case you used any of those methods and you are still getting this warning, you most likely misspelled the timezone identifier. We selected the timezone 'UTC' for now, but please set date.timezone to select your timezone. in /var/www/vhosts/wayhorn.com/httpdocs/modules/aggregator/aggregator.pages.inc on line 260.
  • warning: date(): It is not safe to rely on the system's timezone settings. You are *required* to use the date.timezone setting or the date_default_timezone_set() function. In case you used any of those methods and you are still getting this warning, you most likely misspelled the timezone identifier. We selected the timezone 'UTC' for now, but please set date.timezone to select your timezone. in /var/www/vhosts/wayhorn.com/httpdocs/modules/aggregator/aggregator.pages.inc on line 260.
  • warning: date(): It is not safe to rely on the system's timezone settings. You are *required* to use the date.timezone setting or the date_default_timezone_set() function. In case you used any of those methods and you are still getting this warning, you most likely misspelled the timezone identifier. We selected the timezone 'UTC' for now, but please set date.timezone to select your timezone. in /var/www/vhosts/wayhorn.com/httpdocs/modules/aggregator/aggregator.pages.inc on line 260.
  • warning: date(): It is not safe to rely on the system's timezone settings. You are *required* to use the date.timezone setting or the date_default_timezone_set() function. In case you used any of those methods and you are still getting this warning, you most likely misspelled the timezone identifier. We selected the timezone 'UTC' for now, but please set date.timezone to select your timezone. in /var/www/vhosts/wayhorn.com/httpdocs/modules/aggregator/aggregator.pages.inc on line 260.
  • warning: date(): It is not safe to rely on the system's timezone settings. You are *required* to use the date.timezone setting or the date_default_timezone_set() function. In case you used any of those methods and you are still getting this warning, you most likely misspelled the timezone identifier. We selected the timezone 'UTC' for now, but please set date.timezone to select your timezone. in /var/www/vhosts/wayhorn.com/httpdocs/modules/aggregator/aggregator.pages.inc on line 260.
  • warning: date(): It is not safe to rely on the system's timezone settings. You are *required* to use the date.timezone setting or the date_default_timezone_set() function. In case you used any of those methods and you are still getting this warning, you most likely misspelled the timezone identifier. We selected the timezone 'UTC' for now, but please set date.timezone to select your timezone. in /var/www/vhosts/wayhorn.com/httpdocs/modules/aggregator/aggregator.pages.inc on line 260.
  • warning: date(): It is not safe to rely on the system's timezone settings. You are *required* to use the date.timezone setting or the date_default_timezone_set() function. In case you used any of those methods and you are still getting this warning, you most likely misspelled the timezone identifier. We selected the timezone 'UTC' for now, but please set date.timezone to select your timezone. in /var/www/vhosts/wayhorn.com/httpdocs/modules/aggregator/aggregator.pages.inc on line 260.
  • warning: date(): It is not safe to rely on the system's timezone settings. You are *required* to use the date.timezone setting or the date_default_timezone_set() function. In case you used any of those methods and you are still getting this warning, you most likely misspelled the timezone identifier. We selected the timezone 'UTC' for now, but please set date.timezone to select your timezone. in /var/www/vhosts/wayhorn.com/httpdocs/modules/aggregator/aggregator.pages.inc on line 260.
  • warning: date(): It is not safe to rely on the system's timezone settings. You are *required* to use the date.timezone setting or the date_default_timezone_set() function. In case you used any of those methods and you are still getting this warning, you most likely misspelled the timezone identifier. We selected the timezone 'UTC' for now, but please set date.timezone to select your timezone. in /var/www/vhosts/wayhorn.com/httpdocs/modules/aggregator/aggregator.pages.inc on line 260.
  • warning: date(): It is not safe to rely on the system's timezone settings. You are *required* to use the date.timezone setting or the date_default_timezone_set() function. In case you used any of those methods and you are still getting this warning, you most likely misspelled the timezone identifier. We selected the timezone 'UTC' for now, but please set date.timezone to select your timezone. in /var/www/vhosts/wayhorn.com/httpdocs/modules/aggregator/aggregator.pages.inc on line 260.
  • warning: date(): It is not safe to rely on the system's timezone settings. You are *required* to use the date.timezone setting or the date_default_timezone_set() function. In case you used any of those methods and you are still getting this warning, you most likely misspelled the timezone identifier. We selected the timezone 'UTC' for now, but please set date.timezone to select your timezone. in /var/www/vhosts/wayhorn.com/httpdocs/modules/aggregator/aggregator.pages.inc on line 260.
  • warning: date(): It is not safe to rely on the system's timezone settings. You are *required* to use the date.timezone setting or the date_default_timezone_set() function. In case you used any of those methods and you are still getting this warning, you most likely misspelled the timezone identifier. We selected the timezone 'UTC' for now, but please set date.timezone to select your timezone. in /var/www/vhosts/wayhorn.com/httpdocs/modules/aggregator/aggregator.pages.inc on line 260.
  • warning: date(): It is not safe to rely on the system's timezone settings. You are *required* to use the date.timezone setting or the date_default_timezone_set() function. In case you used any of those methods and you are still getting this warning, you most likely misspelled the timezone identifier. We selected the timezone 'UTC' for now, but please set date.timezone to select your timezone. in /var/www/vhosts/wayhorn.com/httpdocs/modules/aggregator/aggregator.pages.inc on line 260.
  • warning: date(): It is not safe to rely on the system's timezone settings. You are *required* to use the date.timezone setting or the date_default_timezone_set() function. In case you used any of those methods and you are still getting this warning, you most likely misspelled the timezone identifier. We selected the timezone 'UTC' for now, but please set date.timezone to select your timezone. in /var/www/vhosts/wayhorn.com/httpdocs/modules/aggregator/aggregator.pages.inc on line 260.
  • warning: date(): It is not safe to rely on the system's timezone settings. You are *required* to use the date.timezone setting or the date_default_timezone_set() function. In case you used any of those methods and you are still getting this warning, you most likely misspelled the timezone identifier. We selected the timezone 'UTC' for now, but please set date.timezone to select your timezone. in /var/www/vhosts/wayhorn.com/httpdocs/modules/aggregator/aggregator.pages.inc on line 260.
  • warning: date(): It is not safe to rely on the system's timezone settings. You are *required* to use the date.timezone setting or the date_default_timezone_set() function. In case you used any of those methods and you are still getting this warning, you most likely misspelled the timezone identifier. We selected the timezone 'UTC' for now, but please set date.timezone to select your timezone. in /var/www/vhosts/wayhorn.com/httpdocs/modules/aggregator/aggregator.pages.inc on line 260.
  • warning: date(): It is not safe to rely on the system's timezone settings. You are *required* to use the date.timezone setting or the date_default_timezone_set() function. In case you used any of those methods and you are still getting this warning, you most likely misspelled the timezone identifier. We selected the timezone 'UTC' for now, but please set date.timezone to select your timezone. in /var/www/vhosts/wayhorn.com/httpdocs/modules/aggregator/aggregator.pages.inc on line 260.
  • warning: date(): It is not safe to rely on the system's timezone settings. You are *required* to use the date.timezone setting or the date_default_timezone_set() function. In case you used any of those methods and you are still getting this warning, you most likely misspelled the timezone identifier. We selected the timezone 'UTC' for now, but please set date.timezone to select your timezone. in /var/www/vhosts/wayhorn.com/httpdocs/modules/aggregator/aggregator.pages.inc on line 260.
  • warning: date(): It is not safe to rely on the system's timezone settings. You are *required* to use the date.timezone setting or the date_default_timezone_set() function. In case you used any of those methods and you are still getting this warning, you most likely misspelled the timezone identifier. We selected the timezone 'UTC' for now, but please set date.timezone to select your timezone. in /var/www/vhosts/wayhorn.com/httpdocs/modules/aggregator/aggregator.pages.inc on line 260.
  • warning: date(): It is not safe to rely on the system's timezone settings. You are *required* to use the date.timezone setting or the date_default_timezone_set() function. In case you used any of those methods and you are still getting this warning, you most likely misspelled the timezone identifier. We selected the timezone 'UTC' for now, but please set date.timezone to select your timezone. in /var/www/vhosts/wayhorn.com/httpdocs/modules/aggregator/aggregator.pages.inc on line 260.
  • warning: date(): It is not safe to rely on the system's timezone settings. You are *required* to use the date.timezone setting or the date_default_timezone_set() function. In case you used any of those methods and you are still getting this warning, you most likely misspelled the timezone identifier. We selected the timezone 'UTC' for now, but please set date.timezone to select your timezone. in /var/www/vhosts/wayhorn.com/httpdocs/modules/aggregator/aggregator.pages.inc on line 260.
  • warning: date(): It is not safe to rely on the system's timezone settings. You are *required* to use the date.timezone setting or the date_default_timezone_set() function. In case you used any of those methods and you are still getting this warning, you most likely misspelled the timezone identifier. We selected the timezone 'UTC' for now, but please set date.timezone to select your timezone. in /var/www/vhosts/wayhorn.com/httpdocs/modules/aggregator/aggregator.pages.inc on line 260.
  • warning: date(): It is not safe to rely on the system's timezone settings. You are *required* to use the date.timezone setting or the date_default_timezone_set() function. In case you used any of those methods and you are still getting this warning, you most likely misspelled the timezone identifier. We selected the timezone 'UTC' for now, but please set date.timezone to select your timezone. in /var/www/vhosts/wayhorn.com/httpdocs/modules/aggregator/aggregator.pages.inc on line 260.
  • warning: date(): It is not safe to rely on the system's timezone settings. You are *required* to use the date.timezone setting or the date_default_timezone_set() function. In case you used any of those methods and you are still getting this warning, you most likely misspelled the timezone identifier. We selected the timezone 'UTC' for now, but please set date.timezone to select your timezone. in /var/www/vhosts/wayhorn.com/httpdocs/modules/aggregator/aggregator.pages.inc on line 260.
  • warning: date(): It is not safe to rely on the system's timezone settings. You are *required* to use the date.timezone setting or the date_default_timezone_set() function. In case you used any of those methods and you are still getting this warning, you most likely misspelled the timezone identifier. We selected the timezone 'UTC' for now, but please set date.timezone to select your timezone. in /var/www/vhosts/wayhorn.com/httpdocs/modules/aggregator/aggregator.pages.inc on line 260.
  • warning: date(): It is not safe to rely on the system's timezone settings. You are *required* to use the date.timezone setting or the date_default_timezone_set() function. In case you used any of those methods and you are still getting this warning, you most likely misspelled the timezone identifier. We selected the timezone 'UTC' for now, but please set date.timezone to select your timezone. in /var/www/vhosts/wayhorn.com/httpdocs/modules/aggregator/aggregator.pages.inc on line 260.
  • warning: date(): It is not safe to rely on the system's timezone settings. You are *required* to use the date.timezone setting or the date_default_timezone_set() function. In case you used any of those methods and you are still getting this warning, you most likely misspelled the timezone identifier. We selected the timezone 'UTC' for now, but please set date.timezone to select your timezone. in /var/www/vhosts/wayhorn.com/httpdocs/modules/aggregator/aggregator.pages.inc on line 260.
  • warning: date(): It is not safe to rely on the system's timezone settings. You are *required* to use the date.timezone setting or the date_default_timezone_set() function. In case you used any of those methods and you are still getting this warning, you most likely misspelled the timezone identifier. We selected the timezone 'UTC' for now, but please set date.timezone to select your timezone. in /var/www/vhosts/wayhorn.com/httpdocs/modules/aggregator/aggregator.pages.inc on line 260.
  • warning: date(): It is not safe to rely on the system's timezone settings. You are *required* to use the date.timezone setting or the date_default_timezone_set() function. In case you used any of those methods and you are still getting this warning, you most likely misspelled the timezone identifier. We selected the timezone 'UTC' for now, but please set date.timezone to select your timezone. in /var/www/vhosts/wayhorn.com/httpdocs/modules/aggregator/aggregator.pages.inc on line 260.
  • warning: date(): It is not safe to rely on the system's timezone settings. You are *required* to use the date.timezone setting or the date_default_timezone_set() function. In case you used any of those methods and you are still getting this warning, you most likely misspelled the timezone identifier. We selected the timezone 'UTC' for now, but please set date.timezone to select your timezone. in /var/www/vhosts/wayhorn.com/httpdocs/modules/aggregator/aggregator.pages.inc on line 260.
  • warning: date(): It is not safe to rely on the system's timezone settings. You are *required* to use the date.timezone setting or the date_default_timezone_set() function. In case you used any of those methods and you are still getting this warning, you most likely misspelled the timezone identifier. We selected the timezone 'UTC' for now, but please set date.timezone to select your timezone. in /var/www/vhosts/wayhorn.com/httpdocs/modules/aggregator/aggregator.pages.inc on line 260.

Vuln: SAP BusinessObjects Business Intelligence CVE-2018-2483 Security Bypass Vulnerability

SecurityFocus Vulnerabilities/Bugtraq - Tue, 11/13/2018 - 08:00
SAP BusinessObjects Business Intelligence CVE-2018-2483 Security Bypass Vulnerability

Vuln: SAP NetWeaver CVE-2018-2476 Open Redirection Vulnerability

SecurityFocus Vulnerabilities/Bugtraq - Tue, 11/13/2018 - 08:00
SAP NetWeaver CVE-2018-2476 Open Redirection Vulnerability

Drive-By Shooting Suspect Remotely Wipes iPhone X, Catches Extra Charges

Slashdot - Tue, 11/13/2018 - 07:20
schwit1 shares a report from Apple Insider: A woman from Schenectady, N.Y. accused of being the driver in a shooting used Apple's remote wipe feature to destroy evidence on her iPhone X that might have been related to the event. The iPhone was seized as evidence in the case, but police say that shortly after she triggered the remote wipe, an option available via Find My iPhone in iCloud. Normally the tool is intended for people with lost or stolen devices. The suspected driver, Juelle Grant, was arrested on November 2nd and charged with two counts of tampering with physical evidence, and one count of hindering prosecution. As Apple Insider notes, only one of the tampering counts is connected to the iPhone.

Read more of this story at Slashdot.

US Chip Cards Are Being Compromised In the Millions

Slashdot - Tue, 11/13/2018 - 06:40
According to a study from Gemini Advisory, some 60 million U.S. cards were compromised in the past 12 months. "Of those, 93 percent were EMV chip-enabled," reports Threatpost. "Also, crucially, 75 percent, or 45.8 million, were records stolen from in-person transactions." From the report: These were likely compromised through card-skimming malware and point-of-sale (POS) breaches at establishments like retailers, hotels and restaurants, the likes of which continue to make headlines. Further results show that the U.S. leads the rest of the world in the total amount of compromised EMV payment cards by a massive 37.3 million records. In the past 12 months, about 15.9 million compromised non-U.S. payment cards were posted for sale on the underground, split between 11.3 million card-not-present (online transaction) records and 4.6 million card-present records, of which 4.3 million were EMV enabled. This means that the theft level of EMV-enabled card data in the U.S. is 868 percent higher than the rest of the world combined. The reason for this state of affairs, according to Gemini, is the lack of U.S. merchant compliance -- too many of them still use the mag-stripe function at PoS terminals. Gemini also said that card-present data "is also collected via a more manual method by skimmer groups, who are utilizing custom made hardware known as 'shimmers' to record and exfiltrate data from ATMs and POS systems. The firm also found that while most large U.S. merchants have fully transitioned to EMV, gas pump terminals and small/medium size businesses are emerging as the main targets for cybercriminals going forward.

Read more of this story at Slashdot.

Apple Confirms Its T2 Security Chip Blocks Some Third-Party Repairs of New Macs

Slashdot - Tue, 11/13/2018 - 06:03
An anonymous reader shares a report from The Verge about Apple's new security-focused T2 chip found in the newest Mac computers. The introduction of the chip "has renewed concerns that Apple is trying to further lock down its devices from third-party repair services," The Verge reports. From the report: The T2 is "a guillotine that [Apple is] holding over" product owners, iFixit CEO Kyle Wiens told The Verge over email. That's because it's the key to locking down Mac products by only allowing select replacement parts into the machine when they've come from an authorized source -- a process that the T2 chip now checks for during post-repair reboot. "It's very possible the goal is to exert more control over who can perform repairs by limiting access to parts," Wiens said. "This could be an attempt to grab more market share from the independent repair providers. Or it could be a threat to keep their authorized network in line. We just don't know." Apple confirmed to The Verge that this is the case for repairs involving certain components on newer Macs, like the logic board and Touch ID sensor, which is the first time the company has publicly acknowledged the tool's use. But Apple could not provide a list of repairs that required this or what devices were affected. It also couldn't say whether it began this protocol with the iMac Pro's introduction last year or if it's a new policy instituted recently. First revealed last month by MacRumors and Motherboard, both of which got their hands on an internal Apple document, the T2 chip could render a computer inoperable if, say, the logic board is replaced, unless the chip recognizes a special piece of diagnostic software has been run. That means if you wanted to repair certain key parts of your MacBook, iMac, or Mac mini, you would need to go to an official Apple Store or a repair shop that's part of the company's Authorized Service Provider (ASP) network. If you want to repair or rebuild portions of those devices on your own, you simply can't -- at least, according to this document. The parts affected, according to the document, are the display assembly, logic board, top case, and Touch ID board for the MacBook Pro, and the logic board and flash storage on the iMac Pro. It is also likely that logic board repairs on the new MacBook Air and Mac mini are affected, as well as the Mac mini's flash storage. Yet, the document, which is believed to have been distributed earlier this year, does not mention those products because they were unannounced at the time. Regardless, to replace those parts, a technician would need to run what's known as the AST 2 System Configuration suite, which Apple only distributes to Apple Stores and certified ASPs. So DIY shops and those out of the Apple network would be out of luck.

Read more of this story at Slashdot.

More Than 50 Nations Launch 'Paris Call' To Fix Hate Speech and Cyberattacks; China and Russia Not Among Signatories, Trump Administration Reluctant To Sign

Slashdot - Tue, 11/13/2018 - 05:25
French President Emmanuel Macron on Monday launched a push to regulate the internet. France and U.S. technology giants, including Microsoft, are pushing for governments and companies worldwide to sign up for a new initiative aimed at establishing regulations for the internet, to fight such online threats as cyber attacks, hate speech and online censorship. A report adds: With the launch of a declaration entitled the 'Paris call for trust and security in cyberspace,' French President Emmanuel Macron is hoping to revive efforts to regulate cyberspace after the last round of United Nations negotiations failed in 2017. In the document, which is supported by many European countries but, crucially, not China or Russia, the signatories urge governments to beef up protections against cyber meddling in elections and prevent the theft of trade secrets. The Paris call was initially pushed for by tech companies but was redrafted by French officials to include work done by U.N. experts in recent years. [...] In another sign of the Trump administration's reluctance to join international initiatives it sees as a bid to encroach on U.S. sovereignty, French officials said Washington might not become a signatory, though talks are continuing.

Read more of this story at Slashdot.

Rocket Lab's Modest Launch Is Giant Leap For Small Rocket Business

Slashdot - Mon, 11/12/2018 - 23:47
Reader Iwastheone shares a report: A small rocket from a little-known company lifted off Sunday from the east coast of New Zealand, carrying a clutch of tiny satellites. That modest event -- the first commercial launch by a U.S.-New Zealand company known as Rocket Lab -- could mark the beginning of a new era in the space business, where countless small rockets pop off from spaceports around the world. This miniaturization of rockets and spacecraft places outer space within reach of a broader swath of the economy. The rocket, called the Electron, is a mere sliver compared to the giant rockets that Elon Musk, of SpaceX, and Jeffrey P. Bezos, of Blue Origin, envisage using to send people into the solar system. It is just 56 feet tall and can carry only 500 pounds into space. But Rocket Lab is aiming for markets closer to home. "We're FedEx," said Peter Beck, the New Zealand-born founder and chief executive of Rocket Lab. "We're a little man that delivers a parcel to your door." Behind Rocket Lab, a host of start-up companies are also jockeying to provide transportation to space for a growing number of small satellites. The payloads include constellations of telecommunications satellites that would provide the world with ubiquitous internet access. The payload of this mission, which Rocket Lab whimsically named "It's Business Time," offered a glimpse of this future: two ship-tracking satellites for Spire Global; a small climate- and environment-monitoring satellite for GeoOptics; a small probe built by high school students in Irvine, Calif., and a demonstration version of a drag sail that would pull defunct satellites out of orbit.

Read more of this story at Slashdot.

'Why PC Builders Should Stock Up on Components Now'

Slashdot - Mon, 11/12/2018 - 22:47
Michael Kan, writing for PCMag: NZXT is a popular PC desktop case vendor, but the California-based company recently had to raise its prices. The reason? The new US tariffs on Chinese imports includes PC cases. In September, the Trump administration imposed the 10 percent duty, which also cover motherboards, graphics cards, and CPU coolers from the country. As a result, NZXT had to introduce a 10 percent price increase on PC cases to deal with the added costs, VP Jim Carlton told PCMag in an interview. And building a PC could get even more expensive in 2019; US tariffs on Chinese-made goods will rise from 10 percent to 25 percent in January. "If I needed to build a system in the next six months, I'd definitely build it before the end of the year," Carlton told us. For PC builders, the tariffs risk adding a few hundred dollars to the total cost of components for a custom desktop. "If it's a $2,000 purchase on 25 percent tariffs, it's going to be a $2,500 purchase," Carlton said. "So we are very concerned with the direction of where this is going. I don't have a 10 percent [profit] margin I can just throw away and absorb the tariffs," he added. "And certainly no one has a margin for 25 percent."

Read more of this story at Slashdot.

Netflix Says It Will Test Lower-Price Subscription Plans

Slashdot - Mon, 11/12/2018 - 22:00
Netflix says it plans to begin testing lower-priced subscription in some markets in a bid to see if it will help the company boost the number of subscribers, CEO Reed Hastings told Bloomberg. The company has not identified the markets where it will be testing the lower-priced subscription, and has not clarified how soon it intends to conduct these tests. The company will likely consider Asian markets where it is having a tough time gaining the market share against local services that are much aggressively priced.

Read more of this story at Slashdot.

The Problem Behind a Viral Video of a Persistent Baby Bear

Slashdot - Mon, 11/12/2018 - 19:38
Ed Yong, writing for The Atlantic: For many people, a two-and-a-half-minute video of a baby brown bear trying to scale a snow-covered mountain was a life-affirming testament to the power of persistence. As it begins, the cub is standing with its mother on the side of a perilously steep ridge. The mother begins walking across, and despite slipping a few times on the loose snow, she soon reaches the top. Her cub, following tentatively after her, isn't so fortunate. It loses its footing and slides several feet. It pulls itself together and reattempts the ascent, before slipping again. Finally, the cub nears the top. But as the footage zooms in to focus on the moment of reunion, the mother inexplicably swipes at the youngster with her paw, sending it hurtling downward again. It slides a long way, scrabbling for purchase and finding some just before it hits a patch of bare rock. Once again, it starts to climb, and after what seems like a nail-biting eternity for anyone watching, it reaches its mother. The two walk away. The video was uploaded to the ViralHog YouTube channel on Friday, and after being shared on Twitter, it rapidly went viral. At the time of this writing, it has been watched 17 million times. The cub's exploits were equal parts gif, nature documentary, and motivational poster. It had all the elements of an incredible story: the most adorable of protagonists, rising and falling action (literally), and a happy ending. It was a tale of tenacity in the face of adversity, triumph against the odds. But when biologists started watching the video, they saw a very different story. The video, they say, was clearly captured by a drone. And in it, they saw the work of an irresponsible drone operator who, in trying to film the bears, drove them into a dangerous situation that almost cost the cub its life. "I found it really hard to watch," says Sophie Gilbert, an ecologist at the University of Idaho who studies, among other things, how drones affect wildlife. "It showed a pretty stark lack of understanding from the drone operator of the effects that his actions were having on the bears." (It wasn't just scientists, either; several drone pilots were also dismayed by the footage.)

Read more of this story at Slashdot.

Twitter CEO Jack Dorsey Says Follower Count is Meaningless

Slashdot - Mon, 11/12/2018 - 16:19
In a fireside chat in New Delhi, India, Twitter CEO Jack Dorsey said Monday the "follower count" metric on the social platform is meaningless. Talking in front of a live audience, the Twitter co-founder said it was probably unwise to include and emphasize on the follower count on his social network, a move he said the company did not realize while implementing it back in the day. "Back then, we were not really thinking about all the dynamics that could ensue afterwards," he said. "One of the things we did was we had people follow each other -- so you can be a follower of someone," Dorsey said, explaining the thinking that went into carving some of the core features of Twitter. The company listed the number of people you had, and "made the font size a little bit bigger than everything else on the page. We did not really think much about it and moved on to the next problem to solve. What that has done is we put all the emphasis, not intending to, on that number of how many people follow me. So if that number is big and bold, what do people want to do with it? They want to make it go up." "So when you open Twitter and you see that number is five. It is actually incentivizing you to increase that number. That may have been right 12 years ago, but I don't think it is right today. I don't think that's the number you should be focused on. I think what is more important is the number of meaningful conversations you're having on the platform. How many times do you receive a reply?" Dorsey's remarks comes as he has publicly acknowledged that the company is rethinking about some of the core features of Twitter. late last month, a report claimed that Twitter was also thinking about discontinuing the "likes" feature -- Twitter neither confirmed nor denied it. On Monday, Dorsey reaffirmed that focusing on number of likes and retweets is not healthy. Dorsey is not the only Twitter co-founder who has, of late, shown disdain for the follower count. Last week, Ev Williams expressed a similar sentiment. "I think showing follower counts was probably ultimately detrimental. It really put in your face that the game was popularity," he said at a conference.

Read more of this story at Slashdot.

SB18-316: Vulnerability Summary for the Week of November 5, 2018

US-CERT - Mon, 11/12/2018 - 15:43
Original release date: November 12, 2018

The US-CERT Cyber Security Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD) in the past week. The NVD is sponsored by the Department of Homeland Security (DHS) National Cybersecurity and Communications Integration Center (NCCIC) / United States Computer Emergency Readiness Team (US-CERT). For modified or updated entries, please visit the NVD, which contains historical vulnerability information.

The vulnerabilities are based on the CVE vulnerability naming standard and are organized according to severity, determined by the Common Vulnerability Scoring System (CVSS) standard. The division of high, medium, and low severities correspond to the following scores:

  • High - Vulnerabilities will be labeled High severity if they have a CVSS base score of 7.0 - 10.0

  • Medium - Vulnerabilities will be labeled Medium severity if they have a CVSS base score of 4.0 - 6.9

  • Low - Vulnerabilities will be labeled Low severity if they have a CVSS base score of 0.0 - 3.9

Entries may include additional information provided by organizations and efforts sponsored by US-CERT. This information may include identifying information, values, definitions, and related links. Patch information is provided when available. Please note that some of the information in the bulletins is compiled from external, open source reports and is not a direct result of US-CERT analysis.

The NCCIC Weekly Vulnerability Summary Bulletin is created using information from the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD). In some cases, the vulnerabilities in the Bulletin may not yet have assigned CVSS scores. Please visit NVD for updated vulnerability entries, which include CVSS scores once they are available.

 

High VulnerabilitiesPrimary
Vendor -- ProductDescriptionPublishedCVSS ScoreSource & Patch InfoThere were no high vulnerabilities recorded this week.Back to top

 

Medium VulnerabilitiesPrimary
Vendor -- ProductDescriptionPublishedCVSS ScoreSource & Patch InfoThere were no medium vulnerabilities recorded this week.Back to top

 

Low VulnerabilitiesPrimary
Vendor -- ProductDescriptionPublishedCVSS ScoreSource & Patch InfoThere were no low vulnerabilities recorded this week.Back to top

 

Severity Not Yet AssignedPrimary
Vendor -- ProductDescriptionPublishedCVSS ScoreSource & Patch Infoapache -- hiveIn Apache Hive 2.3.3, 3.1.0 and earlier, local resources on HiveServer2 machines are not properly protected against malicious user if ranger, sentry or sql standard authorizer is not in use.2018-11-08not yet calculatedCVE-2018-11777
MISCapache -- hiveIn Apache Hive 2.3.3, 3.1.0 and earlier, Hive "EXPLAIN" operation does not check for necessary authorization of involved entities in a query. An unauthorized user can do "EXPLAIN" on arbitrary table or view and expose table metadata and statistics.2018-11-08not yet calculatedCVE-2018-1314
MISCapache -- syncopeAn administrator with workflow definition entitlements can use DTD to perform malicious operations, including but not limited to file read, file write, and code execution.2018-11-06not yet calculatedCVE-2018-17186
MISCapache-- supersetVersions of Superset prior to 0.23 used an unsafe load method from the pickle library to deserialize data leading to possible remote code execution. Note Superset 0.23 was released prior to any Superset release under the Apache Software Foundation.2018-11-07not yet calculatedCVE-2018-8021
MISCatlassian -- sourcetree_for_macosThere was an argument injection vulnerability in Sourcetree for macOS from version 1.0b2 before version 3.0.0 via Git subrepositories in Mercurial repositories. An attacker with permission to commit to a Mercurial repository linked in Sourcetree for macOS is able to exploit this issue to gain code execution on the system.2018-11-05not yet calculatedCVE-2018-13396
CONFIRMatlassian -- sourcetree_for_windowsThere was an argument injection vulnerability in Sourcetree for Windows from version 0.5.1.0 before version 3.0.0 via Git subrepositories in Mercurial repositories. An attacker with permission to commit to a Mercurial repository linked in Sourcetree for Windows is able to exploit this issue to gain code execution on the system.2018-11-05not yet calculatedCVE-2018-13397
CONFIRMaxtls -- axtlsIn sig_verify() in x509.c in axTLS version 2.1.3 and before, the PKCS#1 v1.5 signature verification blindly trusts the declared lengths in the ASN.1 structure. Consequently, when small public exponents are being used, a remote attacker can generate purposefully crafted signatures (and put them on X.509 certificates) to induce illegal memory access and crash the verifier.2018-11-07not yet calculatedCVE-2018-16149
CONFIRM
MLISTaxtls -- axtlsIn sig_verify() in x509.c in axTLS version 2.1.3 and before, the PKCS#1 v1.5 signature verification does not reject excess data after the hash value. Consequently, a remote attacker can forge signatures when small public exponents are being used, which could lead to impersonation through fake X.509 certificates. This is a variant of CVE-2006-4340.2018-11-07not yet calculatedCVE-2018-16150
CONFIRM
MLISTaxtls -- axtlsIn sig_verify() in x509.c in axTLS version 2.1.3 and before, the PKCS#1 v1.5 signature verification does not properly verify the ASN.1 metadata. Consequently, a remote attacker can forge signatures when small public exponents are being used, which could lead to impersonation through fake X.509 certificates. This is an even more permissive variant of CVE-2006-4790 and CVE-2014-1568.2018-11-07not yet calculatedCVE-2018-16253
CONFIRM
MLISTbagesoft/bagecms -- bagesoft/bagecmsIn BageCMS 3.1.3, upload/index.php has a CSRF vulnerability that can be used to upload arbitrary files and get server privileges.2018-11-08not yet calculatedCVE-2018-19104
MISCbasercms -- basercmsAn issue was discovered in baserCMS before 4.1.4. In the Register New Category feature of the Upload menu, the category name can be used for XSS via the data[UploaderCategory][name] parameter to an admin/uploader/uploader_categories/edit URI.2018-11-05not yet calculatedCVE-2018-18943
MISC
MISCbasercms -- basercmsIn baserCMS before 4.1.4, lib\Baser\Model\ThemeConfig.php allows remote attackers to execute arbitrary PHP code via the admin/theme_configs/form data[ThemeConfig][logo] parameter.2018-11-05not yet calculatedCVE-2018-18942
MISC
MISC
MISCbrocade_communication_systems -- fabricA Vulnerability in the help command of Brocade Fabric OS command line interface (CLI) versions before 8.2.1, 8.1.2f, 8.0.2f, 7.4.2d could allow a local attacker to escape the restricted shell and, gain root access.2018-11-08not yet calculatedCVE-2018-6437
CONFIRMbrocade_communication_systems -- fabricA Vulnerability in the firmwaredownload command of Brocade Fabric OS command line interface (CLI) versions before 8.2.1, 8.1.2f, 8.0.2f, 7.4.2d could allow a local attacker to escape the restricted shell and, gain root access.2018-11-08not yet calculatedCVE-2018-6436
CONFIRMbrocade_communication_systems -- fabricA Vulnerability in the supportsave command of Brocade Fabric OS command line interface (CLI) versions before 8.2.1, 8.1.2f, 8.0.2f, 7.4.2d could allow a local attacker to escape the restricted shell and, gain root access.2018-11-08not yet calculatedCVE-2018-6438
CONFIRMbrocade_communication_systems -- fabricA vulnerability in the Brocade Webtools firmware update section of Brocade Fabric OS before 8.2.1, 8.1.2f, 8.0.2f, 7.4.2d could allow remote authenticated attackers to execute arbitrary commands.2018-11-08not yet calculatedCVE-2018-6442
CONFIRMbrocade_communication_systems -- fabricA vulnerability in Secure Shell implementation of Brocade Fabric OS versions before 8.2.1, 8.1.2f, 8.0.2f, 7.4.2d could allow a local attacker to provide arbitrary environment variables, and bypass the restricted configuration shell.2018-11-08not yet calculatedCVE-2018-6441
CONFIRMbrocade_communication_systems -- fabricA Vulnerability in the secryptocfg command of Brocade Fabric OS command line interface (CLI) versions before 8.2.1, 8.1.2f, 8.0.2f, 7.4.2d could allow a local attacker to escape the restricted shell and, and gain root access.2018-11-08not yet calculatedCVE-2018-6435
CONFIRMbrocade_communication_systems -- fabricA vulnerability in the secryptocfg export command of Brocade Fabric OS versions before 8.2.1, 8.1.2f, 8.0.2f, 7.4.2d could allow a local attacker to bypass the export file access restrictions and initiate a file copy from the source to a remote system.2018-11-08not yet calculatedCVE-2018-6433
CONFIRMbrocade_communication_systems -- fabricA vulnerability in the web management interface of Brocade Fabric OS versions before 8.2.1, 8.1.2f, 8.0.2f, 7.4.2d could allow attackers to intercept or manipulate a user's session ID.2018-11-08not yet calculatedCVE-2018-6434
CONFIRMcircontrol -- circarlifeCircontrol CirCarLife all versions prior to 4.3.1, authentication to the device can be bypassed by entering the URL of a specific page.2018-11-02not yet calculatedCVE-2018-17918
BID
MISCcircontrol -- circarlifeCircontrol CirCarLife all versions prior to 4.3.1, the PAP credentials of the device are stored in clear text in a log file that is accessible without authentication.2018-11-02not yet calculatedCVE-2018-17922
BID
MISCcisco -- content_security_management_applianceA vulnerability in the web-based management interface of Cisco Content Security Management Appliance (SMA) Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface. The vulnerability is due to insufficient validation of user-supplied input by the web-based management interface of an affected device. An attacker could exploit this vulnerability by persuading a user of the interface to click a maliciously crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information.2018-11-08not yet calculatedCVE-2018-15393
BID
CISCOcisco -- energy_management_suite_softwareA vulnerability in the web-based management interface of Cisco Energy Management Suite Software could allow an authenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack and perform arbitrary actions on an affected device. The vulnerability is due to insufficient CSRF protections for the web-based management interface of an affected device. An attacker could exploit this vulnerability by persuading an authenticated user of the interface to follow a crafted link. A successful exploit could allow the attacker to perform arbitrary actions on a targeted device via a web browser and with the privileges of the user.2018-11-08not yet calculatedCVE-2018-15445
BID
CISCO
MISCcisco -- energy_management_suite_softwareA vulnerability in the web-based user interface of Cisco Energy Management Suite Software could allow an authenticated, remote attacker to gain read and write access to information that is stored on an affected system. The vulnerability is due to improper handling of XML External Entity (XXE) entries when parsing certain XML files. An attacker could exploit this vulnerability by convincing a user of an affected system to import a crafted XML file with malicious entries, which could allow the attacker to read and write files within the affected application.2018-11-08not yet calculatedCVE-2018-15444
BID
CISCO
MISCcisco -- firepower_system_softwareA vulnerability in the detection engine of Cisco Firepower System Software could allow an unauthenticated, remote attacker to bypass a configured Intrusion Prevention System (IPS) rule that inspects certain types of TCP traffic. The vulnerability is due to incorrect TCP retransmission handling. An attacker could exploit this vulnerability by sending a crafted TCP connection request through an affected device. A successful exploit could allow the attacker to bypass configured IPS rules and allow uninspected traffic onto the network.2018-11-08not yet calculatedCVE-2018-15443
BID
CISCOcisco -- immunet_and_advanced_malware_protection_for_endpointsA vulnerability in the system scanning component of Cisco Immunet and Cisco Advanced Malware Protection (AMP) for Endpoints running on Microsoft Windows could allow a local attacker to disable the scanning functionality of the product. This could allow executable files to be launched on the system without being analyzed for threats. The vulnerability is due to improper process resource handling. An attacker could exploit this vulnerability by gaining local access to a system running Microsoft Windows and protected by Cisco Immunet or Cisco AMP for Endpoints and executing a malicious file. A successful exploit could allow the attacker to prevent the scanning services from functioning properly and ultimately prevent the system from being protected from further intrusion.2018-11-08not yet calculatedCVE-2018-15437
BID
CISCOcisco -- integrated_management_controller_supervisorA vulnerability in the web framework code of Cisco Integrated Management Controller (IMC) Supervisor could allow an unauthenticated, remote attacker to execute arbitrary SQL queries. The vulnerability is due to a lack of proper validation of user-supplied input in SQL queries. An attacker could exploit this vulnerability by sending crafted URLs that contain malicious SQL statements to the affected application.2018-11-08not yet calculatedCVE-2018-15447
BID
CISCOcisco -- meeting_serverA vulnerability in Cisco Meeting Server could allow an unauthenticated, remote attacker to gain access to sensitive information. The vulnerability is due to improper protections on data that is returned from user meeting requests when the Guest access via ID and passcode option is set to Legacy mode. An attacker could exploit this vulnerability by sending meeting requests to an affected system. A successful exploit could allow the attacker to determine the values of meeting room unique identifiers, possibly allowing the attacker to conduct further exploits.2018-11-08not yet calculatedCVE-2018-15446
BID
CISCOcisco -- meraki_product_linesA vulnerability in the local status page functionality of the Cisco Meraki MR, MS, MX, Z1, and Z3 product lines could allow an authenticated, remote attacker to modify device configuration files. The vulnerability occurs when handling requests to the local status page. An exploit could allow the attacker to establish an interactive session to the device with elevated privileges. The attacker could then use the elevated privileges to further compromise the device or obtain additional configuration data from the device that is being exploited.2018-11-08not yet calculatedCVE-2018-0284
CISCOcisco -- prime_collaboration_assuranceA vulnerability in the web-based UI of Cisco Prime Collaboration Assurance could allow an authenticated, remote attacker to overwrite files on the file system. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by using a specific UI input field to provide a custom path location. A successful exploit could allow the attacker to overwrite files on the file system.2018-11-08not yet calculatedCVE-2018-15450
BID
CISCOcisco -- prime_service_catalogA vulnerability in the web-based management interface of Cisco Prime Service Catalog could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface. The vulnerability is due to insufficient validation of user-supplied input that is processed by the web-based management interface. An attacker could exploit this vulnerability by persuading a user of the interface to click a maliciously crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the interface or access sensitive browser-based information.2018-11-08not yet calculatedCVE-2018-15451
BID
CISCOcisco -- registered_envelope_serviceA vulnerability in the user management functions of Cisco Registered Envelope Service could allow an unauthenticated, remote attacker to discover sensitive user information. The attacker could use this information to conduct additional reconnaissance attacks. The vulnerability is due to an insecure configuration that allows improper indexing. An attacker could exploit this vulnerability by using a search engine to look for specific data strings. A successful exploit could allow the attacker to discover certain sensitive information about the application, including usernames.2018-11-08not yet calculatedCVE-2018-15448
BID
CISCOcisco -- small_business_switchesA vulnerability in the Cisco Small Business Switches software could allow an unauthenticated, remote attacker to bypass the user authentication mechanism of an affected device. The vulnerability exists because under specific circumstances, the affected software enables a privileged user account without notifying administrators of the system. An attacker could exploit this vulnerability by using this account to log in to an affected device and execute commands with full admin rights. Cisco has not released software updates that address this vulnerability. This advisory will be updated with fixed software information once fixed software becomes available. There is a workaround to address this vulnerability.2018-11-08not yet calculatedCVE-2018-15439
CISCOcisco -- stealthwatch_management_consoleA vulnerability in the Stealthwatch Management Console (SMC) of Cisco Stealthwatch Enterprise could allow an unauthenticated, remote attacker to bypass authentication and execute arbitrary actions with administrative privileges on an affected system. The vulnerability is due to an insecure system configuration. An attacker could exploit this vulnerability by sending a crafted HTTP request to the targeted application. An exploit could allow the attacker to gain unauthenticated access, resulting in elevated privileges in the SMC.2018-11-08not yet calculatedCVE-2018-15394
BID
CISCOcisco -- unity_expressA Java deserialization vulnerability in Cisco Unity Express (CUE) could allow an unauthenticated, remote attacker to execute arbitrary shell commands with the privileges of the root user. The vulnerability is due to insecure deserialization of user-supplied content by the affected software. An attacker could exploit this vulnerability by sending a malicious serialized Java object to the listening Java Remote Method Invocation (RMI) service. A successful exploit could allow the attacker to execute arbitrary commands on the device with root privileges.2018-11-08not yet calculatedCVE-2018-15381
CISCOcisco -- video_surveillance_media_serverA vulnerability in the web-based management interface of Cisco Video Surveillance Media Server could allow an unauthenticated, remote attacker to cause a denial of service (DoS) of the web-based management interface of an affected system. The vulnerability is due to insufficient validation of user-supplied input by the web-based management interface of the affected service. An attacker could exploit this vulnerability by persuading a user of the interface to click a malicious link. A successful exploit could allow the attacker to cause the web-based management interface to become unreachable, resulting in a DoS condition.2018-11-08not yet calculatedCVE-2018-15449
BID
CISCOclippercms -- clippercmsClipperCMS 1.3.3 does not have CSRF protection on its kcfinder file upload (enabled by default). This can be used by an attacker to perform actions for an admin (or any user with the file upload capability). With this vulnerability, one can automatically upload files (by default, it allows html, pdf, xml, zip, and many other file types). A file can be accessed publicly under the "/assets/files" directory.2018-11-10not yet calculatedCVE-2018-19135
MISCcloud_foundry -- bits-service_releaseCloud Foundry Bits-Service Release, versions prior to 2.14.0, uses an insecure hashing algorithm to sign URLs. A remote malicious user may obtain a signed URL and extract the signing key, allowing them complete read and write access to the the Bits Service storage.2018-11-09not yet calculatedCVE-2018-15796
CONFIRMdedecms -- dedecmsDedeCMS 5.7 SP2 has SQL Injection via the dede\co_do.php ids parameter.2018-11-07not yet calculatedCVE-2018-19061
MISC
MISCdegrau_publicidade_e_internet_plataforma_de_e-commerce -- busca.aspx.csBusca.aspx.cs in Degrau Publicidade e Internet Plataforma de E-commerce allows SQL Injection via the busca/ URI.2018-11-06not yet calculatedCVE-2018-18963
MISCdomainmod -- domainmodDomainMOD through 4.11.01 has XSS via the assets/edit/registrar-account.php raid parameter.2018-11-09not yet calculatedCVE-2018-19136
MISCdomainmod -- domainmodDomainMOD through 4.11.01 has XSS via the assets/edit/ip-address.php ipid parameter.2018-11-09not yet calculatedCVE-2018-19137
MISCexiv2 -- exiv2In Exiv2 0.26, Exiv2::PsdImage::readMetadata in psdimage.cpp in the PSD image reader may suffer from a denial of service (infinite loop) caused by an integer overflow via a crafted PSD image file.2018-11-08not yet calculatedCVE-2018-19108
MISC
MISCexiv2 -- exiv2
 In Exiv2 0.26, Exiv2::IptcParser::decode in iptc.cpp (called from psdimage.cpp in the PSD image reader) may suffer from a denial of service (heap-based buffer over-read) caused by an integer overflow via a crafted PSD image file.2018-11-08not yet calculatedCVE-2018-19107
MISC
MISCflarum -- flarum_coreIn Flarum Core 0.1.0-beta.7.1, a serious leak can get everyone's email address.2018-11-09not yet calculatedCVE-2018-19133
MISCfoscam -- c2_and_opticam_i5_devicesAn issue was discovered on Foscam C2 devices with System Firmware 1.11.1.8 and Application Firmware 2.72.1.32, and Opticam i5 devices with System Firmware 1.5.2.11 and Application Firmware 2.21.1.128. The exported device configuration is encrypted with the hardcoded Pxift* password in some cases.2018-11-07not yet calculatedCVE-2018-19066
MISCfoscam -- c2_and_opticam_i5_devicesAn issue was discovered on Foscam C2 devices with System Firmware 1.11.1.8 and Application Firmware 2.72.1.32, and Opticam i5 devices with System Firmware 1.5.2.11 and Application Firmware 2.21.1.128. They allow remote attackers to execute arbitrary OS commands via shell metacharacters in the usrName parameter of a CGIProxy.fcgi addAccount action.2018-11-07not yet calculatedCVE-2018-19070
MISCfoscam -- c2_and_opticam_i5_devicesAn issue was discovered on Foscam C2 devices with System Firmware 1.11.1.8 and Application Firmware 2.72.1.32, and Opticam i5 devices with System Firmware 1.5.2.11 and Application Firmware 2.21.1.128. /mnt/mtd/boot.sh has 0777 permissions, allowing local users to control the commands executed at system start-up.2018-11-07not yet calculatedCVE-2018-19071
MISCfoscam -- c2_and_opticam_i5_devicesAn issue was discovered on Foscam C2 devices with System Firmware 1.11.1.8 and Application Firmware 2.72.1.32, and Opticam i5 devices with System Firmware 1.5.2.11 and Application Firmware 2.21.1.128. The exported device configuration is encrypted with the hardcoded BpP+2R9*Q password in some cases.2018-11-07not yet calculatedCVE-2018-19065
MISCfoscam -- c2_and_opticam_i5_devicesAn issue was discovered on Foscam C2 devices with System Firmware 1.11.1.8 and Application Firmware 2.72.1.32, and Opticam i5 devices with System Firmware 1.5.2.11 and Application Firmware 2.21.1.128. The CGIProxy.fcgi?cmd=setTelnetSwitch feature is authorized for the root user with a password of toor.2018-11-07not yet calculatedCVE-2018-19069
MISCfoscam -- c2_and_opticam_i5_devicesAn issue was discovered on Foscam C2 devices with System Firmware 1.11.1.8 and Application Firmware 2.72.1.32, and Opticam i5 devices with System Firmware 1.5.2.11 and Application Firmware 2.21.1.128. The admin account has a blank password.2018-11-07not yet calculatedCVE-2018-19063
MISCfoscam -- c2_and_opticam_i5_devicesAn issue was discovered on Foscam C2 devices with System Firmware 1.11.1.8 and Application Firmware 2.72.1.32, and Opticam i5 devices with System Firmware 1.5.2.11 and Application Firmware 2.21.1.128. The firewall has no effect except for blocking port 443 and partially blocking port 88.2018-11-07not yet calculatedCVE-2018-19074
MISCfoscam -- c2_and_opticam_i5_devicesAn issue was discovered on Foscam C2 devices with System Firmware 1.11.1.8 and Application Firmware 2.72.1.32, and Opticam i5 devices with System Firmware 1.5.2.11 and Application Firmware 2.21.1.128. There is a hardcoded Ak47@99 password for the factory~ account.2018-11-07not yet calculatedCVE-2018-19067
MISCfoscam -- c2_and_opticam_i5_devicesAn issue was discovered on Foscam C2 devices with System Firmware 1.11.1.8 and Application Firmware 2.72.1.32, and Opticam i5 devices with System Firmware 1.5.2.11 and Application Firmware 2.21.1.128. /mnt/mtd/app has 0777 permissions, allowing local users to replace an archive file (within that directory) to control what is extracted to RAM at boot time.2018-11-07not yet calculatedCVE-2018-19072
MISCfoscam -- c2_and_opticam_i5_devicesAn issue was discovered on Foscam C2 devices with System Firmware 1.11.1.8 and Application Firmware 2.72.1.32, and Opticam i5 devices with System Firmware 1.5.2.11 and Application Firmware 2.21.1.128. The FTP and RTSP services make it easier for attackers to conduct brute-force authentication attacks, because failed-authentication limits apply only to HTTP (not FTP or RTSP).2018-11-07not yet calculatedCVE-2018-19076
MISCfoscam -- c2_and_opticam_i5_devicesAn issue was discovered on Foscam C2 devices with System Firmware 1.11.1.8 and Application Firmware 2.72.1.32, and Opticam i5 devices with System Firmware 1.5.2.11 and Application Firmware 2.21.1.128. The ftpuser1 account has a blank password, which cannot be changed.2018-11-07not yet calculatedCVE-2018-19064
MISCfoscam -- c2_and_opticam_i5_devicesAn issue was discovered on Foscam C2 devices with System Firmware 1.11.1.8 and Application Firmware 2.72.1.32, and Opticam i5 devices with System Firmware 1.5.2.11 and Application Firmware 2.21.1.128. The firewall feature makes it easier for remote attackers to ascertain credentials and firewall rules because invalid credentials lead to error -2, whereas rule-based blocking leads to error -8.2018-11-07not yet calculatedCVE-2018-19075
MISCfoscam -- c2_and_opticam_i5_devicesAn issue was discovered on Foscam C2 devices with System Firmware 1.11.1.8 and Application Firmware 2.72.1.32, and Opticam i5 devices with System Firmware 1.5.2.11 and Application Firmware 2.21.1.128. They allow attackers to execute arbitrary OS commands via shell metacharacters in the modelName, by leveraging /mnt/mtd/app/config/ProductConfig.xml write access.2018-11-07not yet calculatedCVE-2018-19073
MISCfoscam -- opticam_i5_devicesAn issue was discovered on Foscam Opticam i5 devices with System Firmware 1.5.2.11 and Application Firmware 2.21.1.128. The ONVIF devicemgmt SetDNS method allows remote attackers to conduct stack-based buffer overflow attacks via the IPv4Address field.2018-11-07not yet calculatedCVE-2018-19082
MISCfoscam -- opticam_i5_devicesAn issue was discovered on Foscam Opticam i5 devices with System Firmware 1.5.2.11 and Application Firmware 2.21.1.128. The ONVIF devicemgmt SetHostname method allows unauthenticated persistent XSS.2018-11-07not yet calculatedCVE-2018-19080
MISCfoscam -- opticam_i5_devicesAn issue was discovered on Foscam Opticam i5 devices with System Firmware 1.5.2.11 and Application Firmware 2.21.1.128. The CGIProxy.fcgi?cmd=setTelnetSwitch feature is authorized for hidden factory credentials.2018-11-07not yet calculatedCVE-2018-19068
MISCfoscam -- opticam_i5_devicesAn issue was discovered on Foscam Opticam i5 devices with System Firmware 1.5.2.11 and Application Firmware 2.21.1.128. The response to an ONVIF media GetStreamUri request contains the administrator username and password.2018-11-07not yet calculatedCVE-2018-19078
MISCfoscam -- opticam_i5_devicesAn issue was discovered on Foscam Opticam i5 devices with System Firmware 1.5.2.11 and Application Firmware 2.21.1.128. The ONVIF devicemgmt SystemReboot method allows unauthenticated reboot.2018-11-07not yet calculatedCVE-2018-19079
MISCfoscam -- opticam_i5_devicesAn issue was discovered on Foscam Opticam i5 devices with System Firmware 1.5.2.11 and Application Firmware 2.21.1.128. The ONVIF devicemgmt SetDNS method allows remote attackers to execute arbitrary OS commands via the IPv4Address field.2018-11-07not yet calculatedCVE-2018-19081
MISCfoscam -- opticam_i5_devicesAn issue was discovered on Foscam Opticam i5 devices with System Firmware 1.5.2.11 and Application Firmware 2.21.1.128. RtspServer allows remote attackers to cause a denial of service (daemon hang or restart) via a negative integer in the RTSP Content-Length header.2018-11-07not yet calculatedCVE-2018-19077
MISCfoxit_software -- foxit_readerThe u3d plugin 9.3.0.10809 (aka plugins\U3DBrowser.fpi) in FoxitReader.exe in Foxit Reader 9.3.0.10826 allows remote attackers to cause a denial of service (out-of-bounds read) or obtain sensitive information via a U3D sample.2018-11-05not yet calculatedCVE-2018-18933
MISC
MISCfruitywifi -- fruitywifiShell Metacharacter Injection in www/modules/save.php in FruityWifi (aka PatatasFritas/PatataWifi) through 2.4 allows remote attackers to execute arbitrary code with root privileges via a crafted mod_name parameter in a POST request. NOTE: unlike in CVE-2018-17317, the attacker does not need a valid session.2018-11-10not yet calculatedCVE-2018-19168
MISCgitea -- giteaGitea before 1.5.4 allows remote code execution because it does not properly validate session IDs. This is related to session ID handling in the go-macaron/session code for Macaron.2018-11-04not yet calculatedCVE-2018-18926
MISCgogs -- gogsGogs 0.11.66 allows remote code execution because it does not properly validate session IDs, as demonstrated by a ".." session-file forgery in the file session provider in file.go. This is related to session ID handling in the go-macaron/session code for Macaron.2018-11-04not yet calculatedCVE-2018-18925
MISCgoogle -- androidIn the SELinux permissions of crash_dump.te, there is a permissions bypass due to a missing restriction. This could lead to a local escalation of privilege, with System privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-8.0 Android-8.1 Android-9.0 Android ID: A-110107376.2018-11-06not yet calculatedCVE-2018-9488
CONFIRM
EXPLOIT-DBgoogle -- androidIn CopyToOMX of OMXNodeInstance.cpp there is a possible out-of-bounds write due to an incorrect bounds check. This could lead to remote arbitrary code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android Versions: Android-8.0 Android-8.1 Android ID: A-77486542.2018-11-06not yet calculatedCVE-2018-9427
SECTRACK
CONFIRMgoogle -- androidIn get_futex_key of futex.c, there is a use-after-free due to improper locking. This could lead to local escalation of privilege with no additional privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android kernel Android ID: A-74250718 References: Upstream kernel.2018-11-06not yet calculatedCVE-2018-9422
MLIST
MLIST
CONFIRMgoogle -- androidIn driver_override_store and driver_override_show of bus.c, there is a possible double free due to improper locking. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android kernel Android ID: A-69129004 References: Upstream kernel.2018-11-06not yet calculatedCVE-2018-9415
CONFIRM
UBUNTU
UBUNTU
UBUNTUgoogle -- androidIn driver_override_store of bus.c, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android kernel Android ID: A-74128061 References: Upstream kernel.2018-11-06not yet calculatedCVE-2018-9385
CONFIRMgoogle -- androidIn processMessagePart of InboundSmsHandler.java, there is a possible remote denial of service due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-6.0 Android-6.0.1 Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android ID: A-72298611.2018-11-06not yet calculatedCVE-2018-9362
BID
CONFIRMgoogle -- androidIn getstring of ID3.cpp there is a possible out-of-bounds read due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android Versions: Android-6.0 Android-6.0.1 Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android ID: A-78656554.2018-11-06not yet calculatedCVE-2018-9437
SECTRACK
CONFIRMgoogle -- androidIn BNEP_Write of bnep_api.cc, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-6.0 Android-6.0.1 Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android ID: A-74947856.2018-11-06not yet calculatedCVE-2018-9357
BID
CONFIRMgoogle -- androidIn the hidp_process_report in bluetooth, there is an integer overflow. This could lead to an out of bounds write with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android kernel Android ID: A-65853588 References: Upstream kernel.2018-11-06not yet calculatedCVE-2018-9363
REDHAT
MLIST
CONFIRM
UBUNTU
UBUNTU
DEBIANgoogle -- androidIn gatts_process_attribute_req of gatt_sc.cc, there is a possible read of uninitialized data due to a missing bounds check. This could lead to remote information disclosure in the Bluetooth process with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-6.0 Android-6.0.1 Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android ID: A-73172115.2018-11-06not yet calculatedCVE-2018-9358
BID
CONFIRMgoogle -- androidIn readMetadata of Utils.cpp, there is a possible path traversal bug due to a confused deputy. This could lead to local escalation of privilege when mounting a USB device with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-6.0 Android-6.0.1 Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android ID: A-80436257.2018-11-06not yet calculatedCVE-2018-9445
SECTRACK
CONFIRM
EXPLOIT-DBgoogle -- androidIn bnep_data_ind of bnep_main.c, there is a possible remote code execution due to a double free. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-6.0 Android-6.0.1 Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android ID: A-74950468.2018-11-06not yet calculatedCVE-2018-9356
BID
CONFIRMgoogle -- androidWhen wifi is switched, function sendNetworkStateChangeBroadcast of WifiStateMachine.java broadcasts an intent including detailed wifi network information. This could lead to information disclosure with no execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android-9.0 Android ID: A-77286245.2018-11-06not yet calculatedCVE-2018-9489
SECTRACK
MISCgoogle -- androidIn process_l2cap_cmd of l2c_main.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-6.0 Android-6.0.1 Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android ID: A-74201143.2018-11-06not yet calculatedCVE-2018-9360
BID
CONFIRMgoogle -- androidIn bnep_data_ind of bnep_main.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-6.0 Android-6.0.1 Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android ID: A-79164722.2018-11-06not yet calculatedCVE-2018-9436
SECTRACK
CONFIRMgoogle -- androidIn hid_debug_events_read of drivers/hid/hid-debug.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android kernel Android ID: A-71361580.2018-11-06not yet calculatedCVE-2018-9516
MLIST
CONFIRM
DEBIANgoogle -- androidIn bnep_data_ind of bnep_main.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-6.0 Android-6.0.1 Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android ID: A-78286118.2018-11-06not yet calculatedCVE-2018-9454
SECTRACK
CONFIRMgoogle -- androidWhen a device connects only over WiFi VPN, the device may not receive security updates due to some incorrect checks. This could lead to a local denial of service of security updates with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android Versions: Android-8.1 Android ID: A-78644887.2018-11-06not yet calculatedCVE-2018-9438
SECTRACK
CONFIRMgoogle -- androidIn computeFocusedWindow of RootWindowContainer.java, and related functions, there is possible interception of keypresses due to focus being on the wrong window. This could lead to local escalation of privilege revealing the user's keypresses while the screen was locked with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android Versions: Android-8.0 Android-8.1 Android ID: A-71786287.2018-11-06not yet calculatedCVE-2018-9458
SECTRACK
CONFIRMgoogle -- androidIn avrc_proc_vendor_command of avrc_api.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-6.0 Android-6.0.1 Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android ID: A-79541338.2018-11-06not yet calculatedCVE-2018-9450
SECTRACK
CONFIRMgoogle -- androidIn DynamicRefTable::load of ResourceTypes.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-6.0 Android-6.0.1 Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android ID: A-79488511.2018-11-06not yet calculatedCVE-2018-9451
SECTRACK
CONFIRMgoogle -- androidIn avct_bcb_msg_ind of avct_bcb_act.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-8.0 Android-8.1 Android ID: A-79944113.2018-11-06not yet calculatedCVE-2018-9448
SECTRACK
CONFIRMgoogle -- androidIn avdt_msg_prs_cfg of avdt_msg.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-6.0 Android-6.0.1 Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android ID: A-78288378.2018-11-06not yet calculatedCVE-2018-9453
SECTRACK
CONFIRMgoogle -- androidIn sdpu_extract_attr_seq of sdp_utils.cc, there is a possible out of bounds read due to an incorrect bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-6.0 Android-6.0.1 Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android ID: A-78136677.2018-11-06not yet calculatedCVE-2018-9455
SECTRACK
CONFIRMgoogle -- androidIn task_get_unused_fd_flags of binder.c, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android kernel Android ID: A-69164715 References: Upstream kernel.2018-11-06not yet calculatedCVE-2018-9465
SECTRACK
CONFIRMgoogle -- androidIn Attachment of Attachment.java and getFilePath of EmlAttachmentProvider.java, there is a possible Elevation of Privilege due to a path traversal error. This could lead to a remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-6.0 Android-6.0.1 Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android ID: A-66230183.2018-11-06not yet calculatedCVE-2018-9459
SECTRACK
CONFIRMgoogle -- androidIn process_l2cap_cmd of l2c_main.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-6.0 Android-6.0.1 Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android ID: A-74202041.2018-11-06not yet calculatedCVE-2018-9361
BID
CONFIRMgoogle -- androidIn ih264d_video_decode of ih264d_api.c there is a possible resource exhaustion due to an infinite loop. This could lead to remote temporary device denial of service (remote hang or reboot) with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android Versions: Android-6.0 Android-6.0.1 Android-7.0 Android-7.1.1 Android-7.1.2 Android ID: A-63521984.2018-11-06not yet calculatedCVE-2018-9444
SECTRACK
CONFIRMgoogle -- androidIn process_l2cap_cmd of l2c_main.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-6.0 Android-6.0.1 Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android ID: A-74196706.2018-11-06not yet calculatedCVE-2018-9359
BID
CONFIRMgoogle -- androidIn bta_dm_sdp_result of bta_dm_act.cc, there is a possible out of bounds stack write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-6.0 Android-6.0.1 Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android ID: A-74016921.2018-11-06not yet calculatedCVE-2018-9355
BID
CONFIRMgoogle -- androidIn smp_br_state_machine_event of smp_br_main.cc, there is a possible out of bounds write due to memory corruption. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-6.0 Android-6.0.1 Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android ID: A-80145946.2018-11-06not yet calculatedCVE-2018-9446
SECTRACK
CONFIRMgoogle -- cardboard_application_for_android_and_iosThe Google Cardboard application 1.8 for Android and 1.2 for iOS sends potentially private cleartext information to the Unity 3D Stats web site, as demonstrated by device make, model, and OS.2018-11-08not yet calculatedCVE-2018-19111
MISChunan_jinyun_network_technology_co -- pbootcmsPbootCMS 1.2.2 allows remote attackers to execute arbitrary PHP code by specifying a .php filename in a "SET GLOBAL general_log_file" statement, followed by a SELECT statement containing this PHP code.2018-11-07not yet calculatedCVE-2018-19053
MISCi18n_gem_for_ruby_on_rails -- i18n_gem_for_ruby_on_railsHash#slice in lib/i18n/core_ext/hash.rb in the i18n gem before 0.8.0 for Ruby allows remote attackers to cause a denial of service (application crash) via a call in a situation where :some_key is present in keep_keys but not present in the hash.2018-11-06not yet calculatedCVE-2014-10077
MISC
MISC
MISCibm -- api_connectIBM API Connect 5.0.0.0, 5.0.8.4, 2018.1 and 2018.3.6 is vulnerable to CSV injection via the developer portal and analytics that could contain malicious commands that would be executed once opened by an administrator. IBM X-Force ID: 148692.2018-11-08not yet calculatedCVE-2018-1774
XF
CONFIRMibm -- campaignIBM Campaign 9.1.0, 9.1.2, 10.0, and 10.1 could allow an authenticated user with access to the local network to bypass security due to lack of input validation. IBM X-Force ID: 120206.2018-11-08not yet calculatedCVE-2016-9749
CONFIRM
XFibm -- cognos_analyticsIBM Cognos Analytics 11 Configuration tool, under certain circumstances, will bypass OIDC namespace signature verification on its id_token. IBM X-Force ID: 150902.2018-11-08not yet calculatedCVE-2018-1842
SECTRACK
XF
CONFIRMibm -- db2_for_linux_and_unix_and_windowsIBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, and 11.1 contains a vulnerability that could allow a local user to escalate their privileges to root through a symbolic link attack. IBM X-Force ID: 150511.2018-11-08not yet calculatedCVE-2018-1834
CONFIRM
XFibm -- db2_for_linux_and_unix_and_windowsIBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, and 11.1 could allow a local user to obtain root access by exploiting a symbolic link attack to read/write/corrupt a file that they originally did not have permission to access. IBM X-Force ID: 148804.2018-11-08not yet calculatedCVE-2018-1781
CONFIRM
XFibm -- db2_for_linux_and_unix_and_windowsIBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, and 11.1 binaries load shared libraries from an untrusted path potentially giving low privilege user full access to the DB2 instance account by loading a malicious shared library. IBM X-Force ID: 149640.2018-11-08not yet calculatedCVE-2018-1802
CONFIRM
XFibm -- db2_for_linux_and_unix_and_windowsIBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, and 11.1 could allow a local unprivileged user to overwrite files on the system which could cause damage to the database. IBM X-Force ID: 149429.2018-11-08not yet calculatedCVE-2018-1799
CONFIRM
XFibm -- db2_for_linux_and_unix_and_windowsIBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 11.1 could allow a user to bypass FGAC control and gain access to data they shouldn't be able to see. IBM X-Force ID: 151155.2018-11-08not yet calculatedCVE-2018-1857
CONFIRM
XFibm -- db2_for_linux_and_unix_and_windowsIBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, and 11.1 could allow a local db2 instance owner to obtain root access by exploiting a symbolic link attack to read/write/corrupt a file that they originally did not have permission to access. IBM X-Force ID: 148803.2018-11-08not yet calculatedCVE-2018-1780
CONFIRM
XFibm -- marketing_operationsIBM Marketing Operations 9.1.0, 9.1.2, and 10.1 could allow a remote attacker to obtain sensitive information. An attacker could send a specially-crafted request to cause an error message to be returned containing the full root path. An attacker could use this information to launch further attacks against the affected system. IBM X-Force ID: 121171.2018-11-08not yet calculatedCVE-2017-1119
CONFIRM
XFibm -- maximo_asset_managementIBM Maximo Asset Management 7.6 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 151330.2018-11-09not yet calculatedCVE-2018-1872
XF
CONFIRMibm -- multiple_productsIBM Jazz applications (IBM Rational Collaborative Lifecycle Management 5.0 through 5.02 and 6.0 through 6.0.6, IBM Rational DOORS Next Generation 5.0 through 5.02 and 6.0 through 6.0.6, IBM Rational Engineering Lifecycle Manager 5.0 through 5.02 and 6.0 through 6.0.6, IBM Rational Quality Manager 5.0 through 5.02 and 6.0 through 6.0.6, IBM Rational Rhapsody Design Manager 5.0 through 5.02 and 6.0 through 6.0.6, IBM Rational Software Architect Design Manager 5.0 through 5.02 and 6.0 through 6.0.1, IBM Rational Team Concert 5.0 through 5.02 and 6.0 through 6.0.6) could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security. An attacker could exploit this vulnerability to obtain sensitive information using man in the middle techniques. IBM X-Force ID: 145609.2018-11-06not yet calculatedCVE-2018-1694
CONFIRM
XFibm -- multiple_productsIBM Jazz based applications (IBM Rational Collaborative Lifecycle Management 5.0 through 5.02 and 6.0 through 6.0.6, IBM Rational DOORS Next Generation 5.0 through 5.02 and 6.0 through 6.0.6, IBM Rational Engineering Lifecycle Manager 5.0 through 5.02 and 6.0 through 6.0.6, IBM Rational Quality Manager 5.0 through 5.02 and 6.0 through 6.0.6, IBM Rational Rhapsody Design Manager 5.0 through 5.02 and 6.0 through 6.0.6, IBM Rational Software Architect Design Manager 5.0 through 5.02 and 6.0 through 6.0.1, IBM Rational Team Concert 5.0 through 5.02 and 6.0 through 6.0.6) could allow an authenticated user to obtain sensitive information from an error message that could be used in further attacks against the system. IBM X-Force ID: 143796.2018-11-06not yet calculatedCVE-2018-1606
CONFIRM
XFibm -- spectrum_protect_serverIBM Spectrum Protect Server 7.1 and 8.1 could disclose highly sensitive information via trace logs to a local privileged user. IBM X-Force ID: 148873.2018-11-02not yet calculatedCVE-2018-1788
CONFIRM
BID
SECTRACK
XFibm -- websphere_mqIBM WebSphere MQ 8.0 through 9.1 is vulnerable to a error with MQTT topic string publishing that can cause a denial of service attack. IBM X-Force ID: 145456.2018-11-08not yet calculatedCVE-2018-1684
XF
CONFIRMinternational_components_for_unicode -- international_components_for_unicodeInternational Components for Unicode (ICU) for C/C++ 63.1 has an integer overflow in number::impl::DecimalQuantity::toScientificString() in i18n/number_decimalquantity.cpp.2018-11-04not yet calculatedCVE-2018-18928
MISC
MISC
MISCiobit -- malware_fighterRegFilter.sys in IOBit Malware Fighter 6.2 is susceptible to a stack-based buffer overflow when an attacker uses IOCTL 0x8006E040 with a size larger than 8 bytes. This can lead to denial of service or code execution with root privileges.2018-11-09not yet calculatedCVE-2018-19086
MISCiobit -- malware_fighterRegFilter.sys in IOBit Malware Fighter 6.2 is susceptible to a stack-based buffer overflow when an attacker uses IOCTL 0x8006E048 with a size larger than 8 bytes. This can lead to denial of service or code execution with root privileges.2018-11-09not yet calculatedCVE-2018-19085
MISCiobit -- malware_fighterRegFilter.sys in IOBit Malware Fighter 6.2 is susceptible to a stack-based buffer overflow when an attacker uses IOCTL 0x8006E05C with a size larger than 8 bytes. This can lead to denial of service or code execution with root privileges.2018-11-09not yet calculatedCVE-2018-19084
MISCiobit -- malware_fighterRegFilter.sys in IOBit Malware Fighter 6.2 is susceptible to a stack-based buffer overflow when an attacker uses IOCTL 0x8006E044 with a size larger than 8 bytes. This can lead to denial of service or code execution with root privileges.2018-11-09not yet calculatedCVE-2018-19087
MISCjasper -- jasperAn issue has been found in JasPer 2.0.14. There is a memory leak in jas_malloc.c when called from jpc_unk_getparms in jpc_cs.c.2018-11-09not yet calculatedCVE-2018-19139
MISCjeecms -- jeecmsJEECMS 9.3 has XSS via an index.do#/content/update?type=update URI.2018-11-05not yet calculatedCVE-2018-18952
MISCjquery -- jqueryUnauthenticated arbitrary file upload vulnerability in jQuery Picture Cut <= v1.1Beta2018-11-05not yet calculatedCVE-2018-9208
MISCkeepalived -- keepalivedkeepalived 2.0.8 used mode 0666 when creating new temporary files upon a call to PrintData or PrintStats, potentially leaking sensitive information.2018-11-08not yet calculatedCVE-2018-19045
MISC
MISC
MISC
MISCkeepalived -- keepalivedkeepalived 2.0.8 didn't check for pathnames with symlinks when writing data to a temporary file upon a call to PrintData or PrintStats. This allowed local users to overwrite arbitrary files if fs.protected_symlinks is set to 0, as demonstrated by a symlink from /tmp/keepalived.data or /tmp/keepalived.stats to /etc/passwd.2018-11-08not yet calculatedCVE-2018-19044
MISC
MISC
MISCkeepalived -- keepalived
 keepalived 2.0.8 didn't check for existing plain files when writing data to a temporary file upon a call to PrintData or PrintStats. If a local attacker had previously created a file with the expected name (e.g., /tmp/keepalived.data or /tmp/keepalived.stats), with read access for the attacker and write access for the keepalived process, then this potentially leaked sensitive information.2018-11-08not yet calculatedCVE-2018-19046
MISC
MISCkeepalived -- keepalived
 keepalived before 2.0.7 has a heap-based buffer overflow when parsing HTTP status codes resulting in DoS or possibly unspecified other impact, because extract_status_code in lib/html.c has no validation of the status code and instead writes an unlimited amount of data to the heap.2018-11-08not yet calculatedCVE-2018-19115
MISC
MISC
MISCkindeditor -- kindeditorKindEditor through 4.1.11 has a path traversal vulnerability in php/upload_json.php. Anyone can browse a file or directory in the kindeditor/attached/ folder via the path parameter without authentication.2018-11-05not yet calculatedCVE-2018-18950
MISCknightjs -- knightjsA Path Traversal in Knightjs versions <= 0.0.1 allows an attacker to read content of arbitrary files on a remote server.2018-11-06not yet calculatedCVE-2018-16475
MISClibav -- libavIn Libav 12.3, there is a heap-based buffer over-read in decode_frame in libavcodec/lcldec.c that allows an attacker to cause denial-of-service via a crafted avi file.2018-11-09not yet calculatedCVE-2018-19128
MISClibav -- libavIn Libav 12.3, there is an invalid memory access in vc1_decode_frame in libavcodec/vc1dec.c that allows attackers to cause a denial-of-service via a crafted aac file.2018-11-09not yet calculatedCVE-2018-19130
MISClibav -- libavIn Libav 12.3, a NULL pointer dereference (RIP points to zero) issue in ff_mpa_synth_filter_float in libavcodec/mpegaudiodsp_template.c can cause a segmentation fault (application crash) via a crafted mov file.2018-11-09not yet calculatedCVE-2018-19129
MISClibiec61850 -- libiec61850An issue has been found in libIEC61850 v1.3. It is a NULL pointer dereference in Ethernet_sendPacket in ethernet_bsd.c.2018-11-09not yet calculatedCVE-2018-19122
MISC
MISClibiec61850 -- libiec61850An issue has been found in libIEC61850 v1.3. It is a NULL pointer dereference in ClientDataSet_getValues in client/ied_connection.c.2018-11-05not yet calculatedCVE-2018-18937
MISC
MISClibiec61850 -- libiec61850An issue has been found in libIEC61850 v1.3. It is a SEGV in Ethernet_receivePacket in ethernet_bsd.c.2018-11-09not yet calculatedCVE-2018-19121
MISC
MISClibiec61850 -- libiec61850
 An issue has been found in libIEC61850 v1.3. It is a stack-based buffer overflow in prepareGooseBuffer in goose/goose_publisher.c.2018-11-05not yet calculatedCVE-2018-18957
MISC
EXPLOIT-DBlibrecad -- librecadLibreCAD 2.1.3 allows remote attackers to cause a denial of service (0x89C04589 write access violation and application crash) or possibly have unspecified other impact via a crafted file.2018-11-08not yet calculatedCVE-2018-19105
MISClight_code_labs -- caddyCaddy through 0.11.0 sends incorrect certificates for certain invalid requests, making it easier for attackers to enumerate hostnames. Specifically, when unable to match a Host header with a vhost in its configuration, it serves the X.509 certificate for a randomly selected vhost in its configuration. Repeated requests (with a nonexistent hostname in the Host header) permit full enumeration of all certificates on the server. This generally permits an attacker to easily and accurately discover the existence of and relationships among hostnames that weren't meant to be public, though this information could likely have been discovered via other methods with additional effort.2018-11-10not yet calculatedCVE-2018-19148
MISC
MISC
MISClighttpd -- lighttpdAn issue was discovered in mod_alias_physical_handler in mod_alias.c in lighttpd before 1.4.50. There is potential ../ path traversal of a single directory above an alias target, with a specific mod_alias configuration where the matched alias lacks a trailing '/' character, but the alias target filesystem path does have a trailing '/' character.2018-11-07not yet calculatedCVE-2018-19052
MISCmetinfo -- metinfoMetInfo 6.1.3 has XSS via the admin/index.php?a=dogetpassword abt_type parameter.2018-11-06not yet calculatedCVE-2018-19051
MISCmetinfo -- metinfoMetInfo 6.1.3 has XSS via the admin/index.php?a=dogetpassword langset parameter.2018-11-06not yet calculatedCVE-2018-19050
MISCmicro_focus -- operations_bridgeA potential remote code execution and information disclosure vulnerability exists in Micro Focus Operations Bridge containerized suite versions 2017.11, 2018.02, 2018.05, 2018.08. This vulnerability could allow for information disclosure.2018-11-07not yet calculatedCVE-2018-18590
CONFIRMmindoc -- mindocAn issue was discovered in MinDoc through v1.0.2. It allows attackers to gain privileges by uploading an image file with contents that represent an admin session, and then sending a Cookie: header with a mindoc_id value containing the relative pathname of this uploaded file. For example, the mindoc_id (aka session ID) could be of the form aa/../../uploads/blog/201811/attach_#.jpg where '#' is a hex value displayed in the upload field of a manage/blogs/edit/ screen.2018-11-08not yet calculatedCVE-2018-19114
MISCnginx - nginxnginx before versions 1.15.6 and 1.14.1 has a vulnerability in the implementation of HTTP/2 that can allow for excessive CPU usage. This issue affects nginx compiled with the ngx_http_v2_module (not compiled by default) if the 'http2' option of the 'listen' directive is used in a configuration file.2018-11-07not yet calculatedCVE-2018-16844
MISC
BID
SECTRACK
CONFIRM
UBUNTU
DEBIANnginx -- nginxnginx before versions 1.15.6, 1.14.1 has a vulnerability in the ngx_http_mp4_module, which might allow an attacker to cause infinite loop in a worker process, cause a worker process crash, or might result in worker process memory disclosure by using a specially crafted mp4 file. The issue only affects nginx if it is built with the ngx_http_mp4_module (the module is not built by default) and the .mp4. directive is used in the configuration file. Further, the attack is only possible if an attacker is able to trigger processing of a specially crafted mp4 file with the ngx_http_mp4_module.2018-11-07not yet calculatedCVE-2018-16845
MISC
BID
SECTRACK
CONFIRM
MLIST
UBUNTU
DEBIANnginx -- nginxnginx before versions 1.15.6 and 1.14.1 has a vulnerability in the implementation of HTTP/2 that can allow for excessive memory consumption. This issue affects nginx compiled with the ngx_http_v2_module (not compiled by default) if the 'http2' option of the 'listen' directive is used in a configuration file.2018-11-07not yet calculatedCVE-2018-16843
MISC
BID
SECTRACK
CONFIRM
UBUNTU
DEBIANnode.js -- node.jsA path traversal in takeapeek module versions <=0.2.2 allows an attacker to list directory and files.2018-11-06not yet calculatedCVE-2018-16473
MISCnode.js -- node.jsA stored xss in tianma-static module versions <=1.0.4 allows an attacker to execute arbitrary javascript.2018-11-06not yet calculatedCVE-2018-16474
MISCnode.js -- node.jsA prototype pollution attack in cached-path-relative versions <=1.0.1 allows an attacker to inject properties on Object.prototype which are then inherited by all the JS objects through the prototype chain causing a DoS attack.2018-11-06not yet calculatedCVE-2018-16472
MISComron -- cx-supervisorWhen processing project files in Omron CX-Supervisor versions 3.4.1.0 and prior, the application fails to check if it is referencing freed memory, which may allow an attacker to execute code under the context of the application.2018-11-05not yet calculatedCVE-2018-17909
BID
MISComron -- cx-supervisorWhen processing project files in Omron CX-Supervisor versions 3.4.1.0 and prior and tampering with the value of an offset, an attacker can force the application to read a value outside of an array.2018-11-05not yet calculatedCVE-2018-17907
BID
MISComron -- cx-supervisorA type confusion vulnerability exists when processing project files in Omron CX-Supervisor versions 3.4.1.0 and prior, which may allow an attacker to execute code in the context of the application.2018-11-05not yet calculatedCVE-2018-17913
BID
MISComron -- cx-supervisorWhen processing project files in Omron CX-Supervisor versions 3.4.1.0 and prior and tampering with a specific byte, memory corruption may occur within a specific object.2018-11-05not yet calculatedCVE-2018-17905
BID
MISCopen_information _security _foundation -- suricataThe ProcessMimeEntity function in util-decode-mime.c in Suricata 4.x before 4.0.6 allows remote attackers to cause a denial of service (segfault and daemon crash) via crafted input to the SMTP parser, as exploited in the wild in November 2018.2018-11-05not yet calculatedCVE-2018-18956
CONFIRM
MISC
MISCoscommerce -- oscommerceosCommerce 2.3.4.1 has an incomplete '.htaccess' for blacklist filtering in the "product" page. The .htaccess file in catalog/images/ bans the html extension, but there are several extensions in which contained HTML can be executed, such as the svg extension.2018-11-05not yet calculatedCVE-2018-18964
MISCoscommerce -- oscommerceosCommerce 2.3.4.1 has an incomplete '.htaccess' for blacklist filtering in the "product" page. The .htaccess file in catalog/images/ bans the html extension, but Internet Explorer render HTML elements in a .eml file.2018-11-05not yet calculatedCVE-2018-18966
MISCoscommerce -- oscommerceosCommerce 2.3.4.1 has an incomplete '.htaccess' for blacklist filtering in the "product" page. The .htaccess file in catalog/images/ bans the html extension, but there are several alternative cases in which HTML can be executed, such as a file with no extension or an unrecognized extension (e.g., the test or test.asdf filename).2018-11-05not yet calculatedCVE-2018-18965
MISCpandao -- editor.mdpandao Editor.md 1.5.0 has DOM XSS via input starting with a "<<" substring, which is mishandled during construction of an A element.2018-11-07not yet calculatedCVE-2018-19056
MISCpdfforge -- pdf_architectMemory corruption in PDMODELProvidePDModelHFT in pdmodel.dll in pdfforge PDF Architect 6 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact because of a "Data from Faulting Address controls Code Flow" issue.2018-11-10not yet calculatedCVE-2018-19150
MISC
MISCpluralsight-- javascriptA malicious user with enough administration entitlements can inject html-like elements containing JavaScript statements into Connector names, Report names, AnyTypeClass keys and Policy descriptions. When another user with enough administration entitlements edits one of the Entities above via Admin Console, the injected JavaScript code is executed.2018-11-06not yet calculatedCVE-2018-17184
MISCpopojicms -- popojicmisAn issue was discovered in PopojiCMS v2.0.1. It has CSRF via the po-admin/route.php?mod=component&act=addnew URI, as demonstrated by adding a level=1 account.2018-11-05not yet calculatedCVE-2018-18935
MISCpopojicms -- popojicmsAn issue was discovered in PopojiCMS v2.0.1. admin_component.php is exploitable via the po-admin/route.php?mod=component&act=addnew URI by using the fupload parameter to upload a ZIP file containing arbitrary PHP code (that is extracted and can be executed). This can also be exploited via CSRF.2018-11-05not yet calculatedCVE-2018-18934
MISC
MISCpopojicms -- popojicmsAn issue was discovered in PopojiCMS v2.0.1. admin_library.php allows remote attackers to delete arbitrary files via directory traversal in the po-admin/route.php?mod=library&act=delete id parameter.2018-11-05not yet calculatedCVE-2018-18936
MISCpoppler -- popplerAn issue was discovered in Poppler 0.71.0. There is a NULL pointer dereference in goo/GooString.h, will lead to denial of service, as demonstrated by utils/pdfdetach.cc not validating a filename of an embedded file before constructing a save path.2018-11-07not yet calculatedCVE-2018-19060
MISCpoppler -- popplerAn issue was discovered in Poppler 0.71.0. There is a out-of-bounds read in EmbFile::save2 in FileSpec.cc, will lead to denial of service, as demonstrated by utils/pdfdetach.cc not validating embedded files before save attempts.2018-11-07not yet calculatedCVE-2018-19059
MISCpoppler -- popplerPoppler before 0.70.0 has a NULL pointer dereference in _poppler_attachment_new when called from poppler_annot_file_attachment_get_attachment.2018-11-10not yet calculatedCVE-2018-19149
MISCpoppler -- popplerAn issue was discovered in Poppler 0.71.0. There is a reachable abort in Object.h, will lead to denial of service because EmbFile::save2 in FileSpec.cc lacks a stream check before saving an embedded file.2018-11-07not yet calculatedCVE-2018-19058
MISCpowerdns -- recursorAn issue has been found in PowerDNS Recursor from 4.0.0 up to and including 4.1.4. A remote attacker sending a DNS query for a meta-type like OPT can lead to a zone being wrongly cached as failing DNSSEC validation. It only arises if the parent zone is signed, and all the authoritative servers for that parent zone answer with FORMERR to a query for at least one of the meta-types. As a result, subsequent queries from clients requesting DNSSEC validation will be answered with a ServFail.2018-11-09not yet calculatedCVE-2018-14644
CONFIRM
CONFIRMprestashop -- prestashopPrestaShop 1.6.x before 1.6.1.23 and 1.7.x before 1.7.4.4 allows remote attackers to execute arbitrary code via a file upload.2018-11-09not yet calculatedCVE-2018-19126
MISC
MISC
MISCprestashop -- prestashopPrestaShop 1.6.x before 1.6.1.23 and 1.7.x before 1.7.4.4 on Windows allows remote attackers to write to arbitrary image files.2018-11-09not yet calculatedCVE-2018-19124
MISC
MISC
MISCprestashop -- prestashopPrestaShop 1.6.x before 1.6.1.23 and 1.7.x before 1.7.4.4 allows remote attackers to delete an image directory.2018-11-09not yet calculatedCVE-2018-19125
MISC
MISC
MISCprojeqtor -- projeqtorThe image-upload feature in ProjeQtOr 7.2.5 allows remote attackers to execute arbitrary code by uploading a .shtml file with "#exec cmd" because rejected files remain on the server, with predictable filenames, after a "This file is not a valid image" error message.2018-11-04not yet calculatedCVE-2018-18924
MISC
EXPLOIT-DBpubliccms -- publiccmsAn issue was discovered in PublicCMS V4.0. It allows XSS by modifying the page_list "attached" attribute (which typically has 'class="icon-globe icon-large"' in its value), as demonstrated by an 'UPDATE sys_module SET attached = "[XSS]" WHERE id="page_list"' statement.2018-11-04not yet calculatedCVE-2018-18927
MISCqemu -- qemuAn OOB heap buffer r/w access issue was found in the NVM Express Controller emulation in QEMU. It could occur in nvme_cmb_ops routines in nvme device. A guest user/process could use this flaw to crash the QEMU process resulting in DoS or potentially run arbitrary code with privileges of the QEMU process.2018-11-02not yet calculatedCVE-2018-16847
BID
CONFIRM
MISC
MLISTrichfaces -- richfacesThe RichFaces Framework 3.X through 3.3.4 is vulnerable to Expression Language (EL) injection via the UserResource resource. A remote, unauthenticated attacker could exploit this to execute arbitrary code using a chain of java serialized objects via org.ajax4jsf.resource.UserResource$UriData.2018-11-06not yet calculatedCVE-2018-14667
SECTRACK
REDHAT
REDHAT
REDHAT
CONFIRMs-cms -- s-cmsAn issue was discovered in S-CMS v1.5. There is an XSS vulnerability in search.php via the keyword parameter.2018-11-09not yet calculatedCVE-2018-19145
MISCsauter -- case_suiteAn XXE vulnerability exists in CASE Suite Versions 3.10 and prior when processing parameter entities, which may allow remote file disclosure.2018-11-02not yet calculatedCVE-2018-17912
BID
MISCsennheiser -- headsetupSennheiser HeadSetup 7.3.4903 places Certification Authority (CA) certificates into the Trusted Root CA store of the local system, and publishes the private key in the SennComCCKey.pem file within the public software distribution, which allows remote attackers to spoof arbitrary web sites or software publishers for several years, even if the HeadSetup product is uninstalled. NOTE: a vulnerability-assessment approach must check all Windows systems for CA certificates with a CN of 127.0.0.1 or SennComRootCA, and determine whether those certificates are unwanted.2018-11-09not yet calculatedCVE-2018-17612
MISCshanghai_shengda_network_development_co -- phpcmsA code injection vulnerability in /type.php in PHPCMS 2008 allows attackers to write arbitrary content to a website cache file with a controllable filename, leading to arbitrary code execution. The PHP code is sent via the template parameter, and is written to a data/cache_template/*.tpl.php file along with a "<?php function " substring.2018-11-09not yet calculatedCVE-2018-19127
MISCshangtao_information_technology_co -- wstmartWSTMart 2.0.7 has CSRF via the index.php/admin/staffs/add.html URI.2018-11-09not yet calculatedCVE-2018-19138
MISCsparksuite -- simplemdeSimpleMDE 1.11.2 has XSS via an onerror attribute of a crafted IMG element, or via certain input with [ and ( characters, which is mishandled during construction of an A element.2018-11-07not yet calculatedCVE-2018-19057
MISCsquid -- squidSquid before 4.4, when SNMP is enabled, allows a denial of service (Memory Leak) via an SNMP packet.2018-11-09not yet calculatedCVE-2018-19132
MISC
MISC
MISCsquid -- squid
 Squid before 4.4 has XSS via a crafted X.509 certificate during HTTP(S) error page generation for certificate errors.2018-11-09not yet calculatedCVE-2018-19131
MISC
MISC
MISCtelexy -- qpathAn issue was discovered in Telexy QPath 5.4.462. A low privileged authenticated user supplying a specially crafted serialized request to AdanitDataService.svc may modify user information, including but not limited to email address, username, and password, of other user accounts. The simplest attack approach is for the attacker to intercept their own password-change request and modify the username before the request reaches the server. Also, changing a victim's email address can have a similar account-takeover consequence.2018-11-08not yet calculatedCVE-2018-7718
MISCtexas_instruments -- multiple_devicesTexas Instruments BLE-STACK v2.2.1 for SimpleLink CC2640 and CC2650 devices allows remote attackers to execute arbitrary code via a malformed packet that triggers a buffer overflow.2018-11-06not yet calculatedCVE-2018-16986
CONFIRM
BID
SECTRACK
MISC
CISCO
CERT-VNtianti -- tiantitianti 2.3 has reflected XSS in the user management module via the tianti-module-admin/user/list userName parameter.2018-11-07not yet calculatedCVE-2018-19091
MISCtianti -- tiantitianti 2.3 allows remote authenticated users to bypass intended permission restrictions by visiting tianti-module-admin/cms/column/list directly to read the column list page or edit a column.2018-11-08not yet calculatedCVE-2018-19109
MISCtianti -- tiantiThe skin-management feature in tianti 2.3 allows remote authenticated users to bypass intended permission restrictions by visiting tianti-module-admin/user/skin/list directly because controller\usercontroller.java maps a /skin/list request to the function skinList, and lacks an authorization check.2018-11-08not yet calculatedCVE-2018-19110
MISCtianti -- tiantitianti 2.3 has stored XSS in the article management module via an article title.2018-11-07not yet calculatedCVE-2018-19090
MISCtianti -- tiantitianti 2.3 has stored XSS in the userlist module via the tianti-module-admin/user/ajax/save_role name parameter, which is mishandled in tianti-module-admin\src\main\webapp\WEB-INF\views\user\user_list.jsp.2018-11-07not yet calculatedCVE-2018-19089
MISCtibco -- active_spacesThe administrative daemon (tibdgadmind) of TIBCO Software Inc.'s TIBCO ActiveSpaces - Community Edition, TIBCO ActiveSpaces - Developer Edition, and TIBCO ActiveSpaces - Enterprise Edition contains a vulnerability which may allow an attacker to perform cross-site request forgery (CSRF) attacks. Affected releases are TIBCO Software Inc.'s TIBCO ActiveSpaces - Community Edition: 3.3.0; 3.4.0; 3.5.0, TIBCO ActiveSpaces - Developer Edition: 3.0.0; 3.1.0; 3.3.0; 3.4.0; 3.5.0, and TIBCO ActiveSpaces - Enterprise Edition: 3.0.0; 3.1.0; 3.2.0; 3.3.0; 3.4.0; 3.5.0.2018-11-06not yet calculatedCVE-2018-12411
BID
MISC
CONFIRMtibco -- enterprise_messaging_serviceThe Central Administration server (emsca) component of TIBCO Software Inc.'s TIBCO Enterprise Messaging Service, TIBCO Enterprise Messaging Service - Community Edition, and TIBCO Enterprise Messaging Service - Developer Edition contains a vulnerability which may allow an attacker to perform cross-site request forgery (CSRF) attacks. Affected releases are TIBCO Software Inc.'s TIBCO Enterprise Messaging Service: versions up to and including 8.4.0, TIBCO Enterprise Messaging Service - Community Edition: versions up to and including 8.4.0, and TIBCO Enterprise Messaging Service - Developer Edition versions up to and including 8.4.0.2018-11-06not yet calculatedCVE-2018-12415
BID
MISC
CONFIRMtibco -- ftl
 The realm server (tibrealmserver) component of TIBCO Software Inc. TIBCO FTL - Community Edition, TIBCO FTL - Developer Edition, and TIBCO FTL - Enterprise Edition contains a vulnerability which may allow an attacker to perform cross-site request forgery (CSRF) attacks. Affected releases are TIBCO Software Inc. TIBCO FTL - Community Edition: versions up to and including 5.4.0, TIBCO FTL - Developer Edition: versions up to and including 5.4.0, TIBCO FTL - Enterprise Edition: versions up to and including 5.4.0.2018-11-06not yet calculatedCVE-2018-12412
BID
MISC
CONFIRMtibco -- messagingThe Schema repository server (tibschemad) component of TIBCO Software Inc.'s TIBCO Messaging - Apache Kafka Distribution - Schema Repository - Community Edition, and TIBCO Messaging - Apache Kafka Distribution - Schema Repository - Enterprise Edition contains a vulnerability which may allow an attacker to perform cross-site request forgery (CSRF) attacks. Affected releases are TIBCO Software Inc. TIBCO Messaging - Apache Kafka Distribution - Schema Repository - Community Edition: 1.0.0, and TIBCO Messaging - Apache Kafka Distribution - Schema Repository - Enterprise Edition: 1.0.0.2018-11-06not yet calculatedCVE-2018-12413
MISC
CONFIRMtibco -- multiple_productsThe Rendezvous Routing Daemon (rvrd), Rendezvous Secure Routing Daemon (rvrsd), Rendezvous Secure Daemon (rvsd), Rendezvous Cache (rvcache), and Rendezvous Daemon Manager (rvdm) components of TIBCO Software Inc.'s TIBCO Rendezvous, TIBCO Rendezvous Developer Edition, TIBCO Rendezvous for z/Linux, TIBCO Rendezvous for z/OS, TIBCO Rendezvous Network Server, TIBCO Substation ES contain vulnerabilities which may allow an attacker to perform cross-site request forgery (CSRF) attacks. Affected releases are TIBCO Software Inc.'s TIBCO Rendezvous: versions up to and including 8.4.5, TIBCO Rendezvous Developer Edition: versions up to and including 8.4.5, TIBCO Rendezvous for z/Linux: versions up to and including 8.4.5, TIBCO Rendezvous for z/OS: versions up to and including 8.4.5, TIBCO Rendezvous Network Server: versions up to and including 1.1.2, and TIBCO Substation ES: versions up to and including 2.12.2.2018-11-06not yet calculatedCVE-2018-12414
BID
MISC
CONFIRMvanilla -- vanillaVanilla 2.6.x before 2.6.4 allows remote code execution.2018-11-03not yet calculatedCVE-2018-18903
MISC
MISC
MISCwecenter -- wecenterWeCenter 3.2.0 through 3.2.2 has XSS in the views/default/question/index.tpl.html htmlspecialchars_decode function via the /?/publish/ajax/publish_question/ question_content parameter.2018-11-07not yet calculatedCVE-2018-19083
MISCwordpress -- wordpressThe WP Editor.md plugin 10.0.1 for WordPress allows XSS via the comment area.2018-11-04not yet calculatedCVE-2018-18919
MISCwuzhicms -- wuzhicmsAn issue was discovered in WUZHI CMS 4.1.0. There is stored XSS in index.php?m=core&f=index via an ontoggle attribute to details/open/ within a second input field.2018-11-05not yet calculatedCVE-2018-18938
MISCwuzhicms -- wuzhicmsAn issue was discovered in WUZHI CMS 4.1.0. There is stored XSS in index.php?m=core&f=index via a seventh input field.2018-11-05not yet calculatedCVE-2018-18939
MISCxiph -- icecast
 A buffer overflow was discovered in the URL-authentication backend of the Icecast before 2.4.4. If the backend is enabled, then any malicious HTTP client can send a request for that specific resource including a crafted header, leading to denial of service and potentially remote code execution.2018-11-05not yet calculatedCVE-2018-18820
MLIST
SECTRACK
GENTOO
DEBIANyzmcms -- yzmcmsAn issue was discovered in YzmCMS v5.2. It has XSS via a search/index/archives/pubtime/ query string, as demonstrated by the search/index/archives/pubtime/1526387722/page/1.html URI. NOTE: this does not obtain a user's cookie.2018-11-07not yet calculatedCVE-2018-19092
MISCzoho_manageengine -- network_configuration_manager_and_opmanagerAn XML External Entity injection (XXE) vulnerability exists in Zoho ManageEngine Network Configuration Manager and OpManager before 12.3.214 via the RequestXML parameter in a /devices/ProcessRequest.do GET request. For example, the attacker can trigger the transmission of local files to an arbitrary remote FTP server.2018-11-05not yet calculatedCVE-2018-18980
MISC
MISCzoho_manageengine -- opmanagerZoho ManageEngine OpManager 12.3 before 123222 has SQL Injection via Mail Server settings.2018-11-05not yet calculatedCVE-2018-18949
MISCzyxel -- zywall_usg_devicesZyXEL ZyWALL USG 2.12 AQQ.2 and 3.30 AQQ.7 devices are affected by a CSRF vulnerability via a cgi-bin/zysh-cgi cmd action to add a user account. This account's access could, for example, subsequently be used for stored XSS.2018-11-10not yet calculatedCVE-2017-17550
MISCBack to top

This product is provided subject to this Notification and this Privacy & Use policy.


Attacks on the Media Are a Threat To Democracy, Justin Trudeau Says

Slashdot - Mon, 11/12/2018 - 15:40
Prime Minister Justin Trudeau told a press freedom event in Paris Sunday that one of the bulwarks protecting democratic governments from being undermined is also an institution under stress -- a free-thinking, robust media. From a report: "If a democracy is to function you need an educated populace, and you need to have an informed populace, ready to make judicious decisions about who to grant power to and when to take it away," Trudeau said. "When citizens cannot have rigorous analysis of the exercise of the power that is in their name and they have granted, the rest of the foundation of our democracies start to erode at the same time as cynicism arises." The press freedom advocacy organization Reporters Without Borders has developed a six-page international declaration on information and democracy to establish basic principles for the "common good of mankind." The organization hosted a small event on the sidelines of the Paris Peace Forum late Sunday afternoon where five presidents and prime ministers, including Trudeau, offered endorsements for this declaration. The Paris Peace Forum, intended to be an annual gathering of political, business and civil society leaders to explore peaceful solutions to the world's problems, was hosted by French President Emmanuel Macron to coincide with this weekend's events marking the centenary of the armistice agreement that ended the First World War. Trudeau, addressing the audience at the press freedom event without a prepared text, also talked about the risk if too many citizens become too cynical about public institutions. "Attacks on the media are not just about getting your preferred political candidate elected," he said. "They're about increasing the level of cynicism that citizens have toward all authorities, toward all of the institutions that are there to protect us as citizens." Citizens are feeling "very real anxiety," Trudeau said, because their jobs are transforming as globalization increases competition around the world. When that anxiety is exacerbated, it undermines trust in institutions and increases cynicism. "One of the bulwarks against that, and one of the institutions that is most under stress right now, is a free-thinking, independent, rigorous, robust, respected media," the prime minister said.

Read more of this story at Slashdot.

Tencent Has Access To China's National Citizen Database

Slashdot - Mon, 11/12/2018 - 13:50
The Chinese government doesn't want children playing games for several hours every day. It said as much in a public notice from August. Now, Tencent is going along with that recommendation. The world's biggest gaming company started pushing out its new "real name identity system" (RNIS) across China on November 1, according to market intelligence firm Niko Partners. From a report: This program aims to mitigate concerns about addiction and myopia in children. It limits people 12 and younger to an hour of gaming per day. And it forces every player to register themselves in the game with their real name and government ID. Of course, this program isn't new. Tencent introduced a version of its RNIS in May 2017. That also required players to register their age, but it was easy to fool. In September, however, the publisher revised and strengthened the program. And the government also stepped in to help. Regulators are providing Tencent with access to a massive list of every person who lives in China.

Read more of this story at Slashdot.

Switzerland Remains 'Extremely Attractive' For Pirate Sites, MPAA Says

Slashdot - Mon, 11/12/2018 - 10:00
While the European Union has worked hard to strengthen its copyright laws in recent years, one country in the heart of the continent chooses its own path. Switzerland is not part of the EU, which means that its policies deviate quite a bit from its neighbors. According to Hollywood, that's not helping creators. From a report: Responding to recent submission to the United States Trade Representative (USTR), the MPAA has identified several foreign "trade barriers" around the world. In Hollywood's case, many of these are related to piracy. One of the countries that's highlighted, in rather harsh terms, is Switzerland. According to the MPAA, the country's copyright law is "wholly inadequate" which, among other things, makes it "extremely attractive" to host illegal sites. "Switzerland's copyright law is wholly inadequate, lacking crucial mechanisms needed for enforcement in the digital era," MPAA writes. [...] The European country has plans to update its laws, but the proposed changes are not significant improvements, Hollywood's trade group notes.

Read more of this story at Slashdot.

Vuln: FreeBSD TCP Reassembly CVE-2018-6922 Denial Of Service Vulnerability

SecurityFocus Vulnerabilities/Bugtraq - Mon, 11/12/2018 - 08:00
FreeBSD TCP Reassembly CVE-2018-6922 Denial Of Service Vulnerability

Vuln: Google Chrome V8 Out of Bounds Memory Access Vulnerability

SecurityFocus Vulnerabilities/Bugtraq - Mon, 11/12/2018 - 08:00
Google Chrome V8 Out of Bounds Memory Access Vulnerability

What Your Phone is Telling Wall Street

Slashdot - Mon, 11/12/2018 - 06:10
Your phone knows where you shop, where you work and where you sleep. Hedge funds are very interested in such data, so they are buying it. From a report: When Tesla Chief Executive Elon Musk said the car maker would work around the clock to boost production of its Model 3 sedan, the number crunchers at Thasos Group decided to watch. They circled Tesla's 370 acres in Fremont, Calif., on an online map, creating a digital corral to isolate smartphone location signals that emanated from within it. Thasos, which leases databases of trillions of geographic coordinates collected by smartphone apps, set its computers to find the pings created at Tesla's factory, then shared the data with its hedge-fund clients [Editor's note: the link may be paywalled; alternative source], showing the overnight shift swelled 30% from June to October. Last month, many on Wall Street were surprised when Tesla disclosed a rare quarterly profit, the result of Model 3 production that had nearly doubled in three months. Shares shot up 9.1% the next day. Thasos is at the vanguard of companies trying to help traders get ahead of stock moves like that using so-called alternative data. Such suppliers might examine mine slag heaps from outer space, analyze credit-card spending data or sort through construction permits. Thasos's specialty is spewing out of your smartphone. Thasos gets data from about 1,000 apps, many of which need to know a phone's location to be effective, like those providing weather forecasts, driving directions or the whereabouts of the nearest ATM. Smartphone users, wittingly or not, share their location when they use such apps. Before Thasos gets the data, suppliers scrub it of personally identifiable information, Mr. Skibiski said. It is just time-stamped strings of longitude and latitude. But with more than 100 million phones providing such coordinates, Thasos says it can paint detailed pictures of the ebb and flow of people, and thus their money.

Read more of this story at Slashdot.

When No One Retires

Slashdot - Mon, 11/12/2018 - 05:02
More and more Americans want to work longer -- or have to, given that many aren't saving adequately for retirement. From a report: Before our eyes, the world is undergoing a massive demographic transformation. In many countries, the population is getting old. Very old. Globally, the number of people age 60 and over is projected to double to more than 2 billion by 2050 and those 60 and over will outnumber children under the age of 5. In the United States, about 10,000 people turn 65 each day, and one in five Americans will be 65 or older by 2030. By 2035, Americans of retirement age will eclipse the number of people aged 18 and under for the first time in U.S. history. [...] Soon, the workforce will include people from as many as five generations ranging in age from teenagers to 80-somethings. Are companies prepared? The short answer is "no." Aging will affect every aspect of business operations -- whether it's talent recruitment, the structure of compensation and benefits, the development of products and services, how innovation is unlocked, how offices and factories are designed, and even how work is structured -- but for some reason, the message just hasn't gotten through. In general, corporate leaders have yet to invest the time and resources necessary to fully grasp the unprecedented ways that aging will change the rules of the game. What's more, those who do think about the impacts of an aging population typically see a looming crisis -- not an opportunity. They fail to appreciate the potential that older adults present as workers and consumers. The reality, however, is that increasing longevity contributes to global economic growth. Today's older adults are generally healthier and more active than those of generations past, and they are changing the nature of retirement as they continue to learn, work, and contribute. In the workplace, they provide emotional stability, complex problem-solving skills, nuanced thinking, and institutional know-how. Their talents complement those of younger workers, and their guidance and support enhance performance and intergenerational collaboration. In encore careers, volunteering, and civic and social settings, their experience and problem-solving abilities contribute to society's well-being.

Read more of this story at Slashdot.

How Nature Defies Math in Keeping Ecosystems Stable

Slashdot - Mon, 11/12/2018 - 04:02
Paradoxically, the abundance of tight interactions among living species usually leads to disasters in ecological models. New analyses hint at how nature seemingly defies the math. Veronique Greenwood, writing for Quantamagazine: Behind the beautiful facade of a rainforest, a savanna or a placid lake is a world teeming with contests and partnerships. Species are competing for space, consuming one another for resources, taking advantage of one another's talents, and brokering trades of nutrients. But there's something funny about this picture. When ecologists try to model ecosystems using math, they tend to find that the more interactions there are among species, the more unstable the system. For a simple ecosystem model to be stable, all the interactions among its species must be in perfect harmony. Maintaining that balancing act gets much harder, however, as the number of coupled species and the strengths of their interactions rise: Any disturbance or imbalance for one couple ripples outward and sows chaos throughout the network. Bring in mutualisms, relationships in which species contribute directly to each other's survival, and things can really fly off the handle. Pairs of organisms that live off each other sometimes do so well in the mathematical simulations -- thriving exponentially in extreme cases, in what Robert May, the theoretical ecology pioneer, once called "an orgy of mutual benefaction" -- that everything else can go extinct. It seems unlikely that real ecosystems are quite this flimsy. In a new paper in Nature Communications, a pair of theoretical ecologists at the University of Illinois explored more precisely how the give-and-take in mutualism affects ecosystem stability and how, under the right conditions, it might contribute to it. Their result joins previous work in suggesting how real-world communities manage to be more resilient than the models imply.

Read more of this story at Slashdot.

Syndicate content