Enterprise
From DHS/US-CERT’s National Vulnerability Database

CVE-2018-10018
PUBLISHED: 2018-07-13

The GDASPAMLib.AntiSpam ActiveX control ASKGDASpam.dll in G Total 25.4.0.3 has a via a long IsBlackListed argument.

CVE-2018-10098
PUBLISHED: 2018-07-13

In MicroWorld eScan Internet Security Suite (ISS) for Business 14.0.1400.20, the driver econceal.sys allows a non-privileged user to send a 0x830020E0 IOCTL request to \.econceal to cause a denial of service (BSOD).

CVE-2018-1245
PUBLISHED: 2018-07-13


RSA Identity Lifecycle and Governance versions 7.0.1, 7.0.2 and 7.1.0 contains an authorization bypass vulnerability within the workflow architect component (ACM). A remote authenticated malicious user with non-admin privileges could potentially bypass the Java Security Policies. Once bypassed, a ma…

CVE-2018-1255
PUBLISHED: 2018-07-13


RSA Identity Lifecycle and Governance versions 7.0.1, 7.0.2 and 7.1.0 contains a reflected cross-site scripting vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability by tricking a application user to supply malicious HTML or JavaScript code to a vulnera…

CVE-2018-14054
PUBLISHED: 2018-07-13

A double free exists in the MP4StringProperty class in mp4property.cpp in MP4v2 2.0.0. A dangling pointer is freed again in the destructor once an exception is triggered.



Source link

No tags for this post.

LEAVE A REPLY

Please enter your comment!
Please enter your name here