Cyberthreat Blog, Author at Cyberthreat Blog from Fortify24x7 Page 28117 of 28407

CVE-2017-8109

Posted by Cyberthreat Blog | Apr 25, 2017 | CVE Notifications |

The salt-ssh minion code in SaltStack Salt before 2016.11.4 copied over configuration from the Salt Master without adjusting permissions, which might leak credentials to local attackers on configured minions (clients).

CVE-2017-8110

Posted by Cyberthreat Blog | Apr 25, 2017 | CVE Notifications |

www.modified-shop.org modified eCommerce Shopsoftware 2.0.2.2 rev 10690 has XXE in api/it-recht-kanzlei/api-it-recht-kanzlei.php.

VU#219739: Portrait Displays SDK applications are vulnerable to arbitrary code execution and privilege escalation

Posted by Cyberthreat Blog | Apr 25, 2017 | CERT-Vulnerabilities |

Vulnerability Note VU#219739 <h2>Portrait Displays SDK applications are vulnerable to arbitrary code execution and privilege escalation</h2> <p class=”meta-text”>Original Release date: 25 Apr 2017 |...

CVE-2017-7221

Posted by Cyberthreat Blog | Apr 25, 2017 | CVE Notifications |

OpenText Documentum Content Server has an inadequate protection mechanism against SQL injection, which allows remote authenticated users to execute arbitrary code with super-user privileges by leveraging the availability of the...

CVE-2017-7477

Posted by Cyberthreat Blog | Apr 25, 2017 | CVE Notifications |

Heap-based buffer overflow in drivers/net/macsec.c in the MACsec module in the Linux kernel through 4.10.12 allows attackers to cause a denial of service or possibly have unspecified other impact by leveraging the use of a...

Author: Cyberthreat Blog

CVE-2017-8109

CVE-2017-8110

VU#219739: Portrait Displays SDK applications are vulnerable to arbitrary code execution and privilege escalation

CVE-2017-7221

CVE-2017-7477