Collaborate Disseminate
Microsoft OLE uses the URL Moniker to open application data based on the server-provided MIME type,which can allow an unauthenticated remote attacker to execute arbitrary code on a vulnerable system. Continue reading VU#921560: Microsoft OLE URL Moniker improperly handles remotely-linked HTA data
Several Java implementations of AMF3 are vulnerable to insecure deserialization and XML external entities references. Continue reading VU#307983: Action Message Format (AMF3) Java implementations are vulnerable to insecure deserialization and XML external entities references
GIGABYTE BRIX UEFI firmware for the GB-BSi7H-6500 and GB-BXi7-5775 platforms,versions vF6 and vF2 respectively,fails to properly set the BIOSWE,BLE,SMM_BWP,and PRx bits to enforce write protection. It also is not cryptographically signed. These issues may permit an attacker to write arbitrary code to the platform firmware,potentially allowing for persistent firmware level rootkits or the creation of a permanent denial of service condition in the platform. Continue reading VU#507496: GIGABYTE BRIX UEFI firmware fails to implement write protection and is not cryptographically signed
The Pandora iOS app fails to properly validate SSL certificates provided by HTTPS connections,which may enable an attacker to conduct man-in-the-middle(MITM)attacks. Continue reading VU#342303: Pandora iOS app does not properly validate SSL certificates
PCAUSA’s Rawether framework does not properly validate BPF data,allowing a crafted malicious BPF program to perform operations on memory outside of its typical bounds on the driver’s receipt of network packets. This vulnerability may be exploited to perform local privilege escalation on Windows systems. Continue reading VU#600671: PCAUSA Rawether for Windows local privilege escalation
Commvault Edge,version 11 SP6(11.80.50.0),is vulnerable to a stack-based buffer overflow vulnerability. Continue reading VU#214283: Commvault Edge contains a buffer overflow vulnerability
The D-Link DIR-130 and DIR-330 are vulnerable to authentication bypass of the remote login page,and do not sufficiently protect administrator credentials. Continue reading VU#553503: D-Link DIR-130 and DIR-330 are vulnerable to authentication bypass and do not protect credentials
Apache Struts,versions 2.3.5 – 2.3.31 and 2.5 – 2.5.10,is vulnerable to code injection leading to remote code execution(RCE). Continue reading VU#834067: Apache Struts 2 is vulnerable to remote code execution
D-Link DIR-850L,firmware versions 1.14B07,2.07.B05,and possibly others,contains a stack-based buffer overflow vulnerability in the web administration interface HNAP service. Other models may also be affected. Continue reading VU#305448: D-Link DIR-850L web admin interface contains a stack-based buffer overflow vulnerability
D-Link DIR-850L,firmware versions 1.14B07,2.07.B05,and possibly others,contains a stack-based buffer overflow vulnerability in the web administration interface HNAP service. Other models may also be affected. Continue reading VU#305448: D-Link DIR-850L web admin interface contains a stack-based buffer overflow vulnerability