- dr staff 125x125 - Enterprise IT Juggling 20-Plus SecOps Tools

Enterprise Vulnerabilities
From DHS/US-CERT’s National Vulnerability Database

CVE-2018-12085
PUBLISHED: 2018-06-09

Liblouis 3.6.0 has a stack-based Buffer Overflow in the function parseChars in compileTranslationTable.c, a different vulnerability than CVE-2018-11440.

CVE-2018-12020
PUBLISHED: 2018-06-08


mainproc.c in GnuPG before 2.2.8 mishandles the original filename during decryption and verification actions, which allows remote attackers to spoof the output that GnuPG sends on file descriptor 2 to other programs that use the "–status-fd 2" option. For example, the OpenPGP might r…

CVE-2018-0225
PUBLISHED: 2018-06-08

The Enterprise Console in Cisco AppDynamics App iQ Platform before 4.4.3.10598 (HF4) allows SQL , aka the Advisory 2089 issue.

CVE-2018-1281
PUBLISHED: 2018-06-08


The clustered setup of Apache MXNet allows users to specify which IP address and port the scheduler will listen on via the DMLC_PS_ROOT_URI and DMLC_PS_ROOT_PORT env variables. In versions older than 1.0.0, however, the MXNet framework will listen on 0.0.0.0 rather than user specified DMLC_PS_ROOT_U…

CVE-2018-4233
PUBLISHED: 2018-06-08


An issue was discovered in certain Apple products. iOS before 11.4 is affected. Safari before 11.1.1 is affected. iCloud before 7.5 on Windows is affected. iTunes before 12.7.5 on Windows is affected. tvOS before 11.4 is affected. watchOS before 4.3.1 is affected. The issue involves the "WebKit…



Source link

No tags for this post.

LEAVE A REPLY

Please enter your comment!
Please enter your name here