Security Vulnerabilities - CVEs Published In December 2017
The BrightSign Digital Signage (4k242) device (Firmware 6.2.63 and below) has XSS via the REF parameter to /network_diagnostics.html or /storage_info.html.
CVSS Score
6.1
EPSS Score
0.003
Published
2017-12-18
The BrightSign Digital Signage (4k242) device (Firmware 6.2.63 and below) allows renaming and modifying files via /tools.html.
CVSS Score
7.5
EPSS Score
0.162
Published
2017-12-18
The BrightSign Digital Signage (4k242) device (Firmware 6.2.63 and below) has directory traversal via the /storage.html rp parameter, allowing an attacker to read or write to files.
CVSS Score
9.8
EPSS Score
0.213
Published
2017-12-18
contrib/slapd-modules/nops/nops.c in OpenLDAP through 2.4.45, when both the nops module and the memberof overlay are enabled, attempts to free a buffer that was allocated on the stack, which allows remote attackers to cause a denial of service (slapd crash) via a member MODDN operation.
CVSS Score
7.5
EPSS Score
0.028
Published
2017-12-18
DedeCMS through 5.6 allows arbitrary file upload and PHP code execution by embedding the PHP code in a .jpg file, which is used in the templet parameter to member/article_edit.php.
CVSS Score
8.8
EPSS Score
0.007
Published
2017-12-18
DedeCMS through 5.7 has SQL Injection via the logo parameter to plus/flink_add.php.
CVSS Score
9.8
EPSS Score
0.003
Published
2017-12-18
DedeCMS through 5.7 has SQL Injection via the $_FILES superglobal to plus/recommend.php.
CVSS Score
9.8
EPSS Score
0.849
Published
2017-12-18
Maccms 8.x allows remote command execution via the wd parameter in an index.php?m=vod-search request.
CVSS Score
9.8
EPSS Score
0.4
Published
2017-12-18
elf/dl-load.c in the GNU C Library (aka glibc or libc6) 2.19 through 2.26 mishandles RPATH and RUNPATH containing $ORIGIN for a privileged (setuid or AT_SECURE) program, which allows local users to gain privileges via a Trojan horse library in the current working directory, related to the fillin_rpath and decompose_rpath functions. This is associated with misinterpretion of an empty RPATH/RUNPATH token as the "./" directory. NOTE: this configuration of RPATH/RUNPATH for a privileged program is apparently very uncommon; most likely, no such program is shipped with any common Linux distribution.
CVSS Score
7.8
EPSS Score
0.008
Published
2017-12-18
The Net::LDAP (aka net-ldap) gem before 0.16.0 for Ruby has Missing SSL Certificate Validation.
CVSS Score
5.9
EPSS Score
0.002
Published
2017-12-17