Cyberthreat Blog, Author at Cyberthreat Blog from Fortify24x7 Page 27834 of 28407

CVE-2017-9518

Posted by Cyberthreat Blog | Jun 8, 2017 | CVE Notifications |

atmail before 7.8.0.2 has CSRF, allowing an attacker to change the SMTP hostname and hijack all emails.

CVE-2017-9520

Posted by Cyberthreat Blog | Jun 8, 2017 | CVE Notifications |

The r_config_set function in libr/config/config.c in radare2 1.5.0 allows remote attackers to cause a denial of service (use-after-free and application crash) via a crafted DEX file.

CVE-2017-9517

Posted by Cyberthreat Blog | Jun 8, 2017 | CVE Notifications |

atmail before 7.8.0.2 has CSRF, allowing an attacker to upload and import users via CSV.

CVE-2017-9519

Posted by Cyberthreat Blog | Jun 8, 2017 | CVE Notifications |

atmail before 7.8.0.2 has CSRF, allowing an attacker to create a user account.

CVE-2017-7180

Posted by Cyberthreat Blog | Jun 8, 2017 | CVE Notifications |

Net Monitor for Employees Pro through 5.3.4 has an unquoted service path, which allows a Security Feature Bypass of its documented “Block applications” design goal. The local attacker must have privileges to write to...

Author: Cyberthreat Blog

CVE-2017-9518

CVE-2017-9520

CVE-2017-9517

CVE-2017-9519

CVE-2017-7180