Cyberthreat Blog, Author at Cyberthreat Blog from Fortify24x7 Page 28034 of 28407

CVE-2017-8879

Posted by Cyberthreat Blog | May 10, 2017 | CVE Notifications |

Dolibarr ERP/CRM 4.0.4 allows password changes without supplying the current password, which makes it easier for physically proximate attackers to obtain access via an unattended workstation.

CVE-2017-8877

Posted by Cyberthreat Blog | May 10, 2017 | CVE Notifications |

ASUS RT-AC* and RT-N* devices with firmware through 3.0.0.4.380.7378 allow JSONP Information Disclosure such as the SSID.

CVE-2017-8874

Posted by Cyberthreat Blog | May 10, 2017 | CVE Notifications |

Multiple cross-site request forgery (CSRF) vulnerabilities in Mautic 1.4.1 allow remote attackers to hijack the authentication of users for requests that (1) delete email campaigns or (2) delete contacts.

CVE-2017-5892

Posted by Cyberthreat Blog | May 10, 2017 | CVE Notifications |

ASUS RT-AC* and RT-N* devices with firmware before 3.0.0.4.380.7378 allow JSONP Information Disclosure such as a network map.

CVE-2017-8872

Posted by Cyberthreat Blog | May 10, 2017 | CVE Notifications |

The htmlParseTryOrFinish function in HTMLparser.c in libxml2 2.9.4 allows attackers to cause a denial of service (buffer over-read) or information disclosure.

Author: Cyberthreat Blog

CVE-2017-8879

CVE-2017-8877

CVE-2017-8874

CVE-2017-5892

CVE-2017-8872