exploit the possibilities
Showing 1 - 9 of 9 RSS Feed

CVE-2018-1107

Status Candidate

Overview

It was discovered that the is-my-json-valid JavaScript library used an inefficient regular expression to validate JSON fields defined to have email format. A specially crafted JSON file could cause it to consume an excessive amount of CPU time when validated.

Related Files

Red Hat Security Advisory 2021-3917-01
Posted Oct 19, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-3917-01 - Quay 3.6.0 release. Issues addressed include buffer over-read, buffer overflow, denial of service, out of bounds read, and spoofing vulnerabilities.

tags | advisory, denial of service, overflow, spoof, vulnerability
systems | linux, redhat
advisories | CVE-2017-16137, CVE-2017-16138, CVE-2018-1107, CVE-2018-1109, CVE-2018-16492, CVE-2018-21270, CVE-2018-3721, CVE-2018-3728, CVE-2018-3774, CVE-2019-1010266, CVE-2019-20920, CVE-2019-20922, CVE-2020-15366, CVE-2020-25648, CVE-2020-26237, CVE-2020-26291, CVE-2020-35653, CVE-2020-35654, CVE-2020-7608, CVE-2020-8203, CVE-2021-22922, CVE-2021-22923, CVE-2021-22924, CVE-2021-23364, CVE-2021-23368, CVE-2021-23382, CVE-2021-25289
MD5 | 3ff5862607840258ebc66493e88f525a
Dell EMC Avamar / IDPA Command Injection
Posted Nov 21, 2018
Site emc.com

Dell EMC Avamar and Integrated Data Protection Appliance (IDPA) suffer from a command injection vulnerability. Affected versions include Dell EMC Avamar Server versions 7.2.0, 7.2.1, 7.3.0, 7.3.1, 7.4.0, 7.4.1, 7.5.0, 7.5.1 and 18.1, Dell EMC Integrated Data Protection Appliance (IDPA) versions 2.0, 2.1 and 2.2.

tags | advisory
advisories | CVE-2018-11077
MD5 | 3b0110cc3a978fcc65325ceb59fed789
Dell EMC Avamar / IDPA Information Exposure
Posted Nov 21, 2018
Site emc.com

Dell EMC Avamar and Integrated Data Protection Appliance (IDPA) suffer from an information exposure vulnerability. Affected versions include Dell EMC Avamar Server 7.2.0 and 7.2.1, Dell EMC Avamar Server 7.3.0 and 7.3.1, Dell EMC Avamar Server 7.4.0 and 7.4.1, and Dell EMC Integrated Data Protection Appliance (IDPA) 2.0.

tags | advisory
advisories | CVE-2018-11076
MD5 | e17d04b72932a55dcc499bfc40b8b1f6
VMware Security Advisory 2018-0029
Posted Nov 20, 2018
Authored by VMware | Site vmware.com

VMware Security Advisory 2018-0029 - vSphere Data Protection (VDP) updates address multiple security issues.

tags | advisory
advisories | CVE-2018-11066, CVE-2018-11067, CVE-2018-11076, CVE-2018-11077
MD5 | a13b05da406af20fd576764026e2c0d7
Dell EMC ESRS Virtual Edition Information Handling
Posted Oct 17, 2018
Authored by Dell Product Security Incident Response Team

Dell EMC Secure Remote Services Virtual Edition versions prior to 3.32.00.08 suffer from improper file permission, plaintext password storage, and information exposure vulnerabilities.

tags | advisory, remote, vulnerability
advisories | CVE-2018-11079, CVE-2018-11080, CVE-2018-15765
MD5 | 8f160751ece08d6712da5b33a8d87a36
RSA Authentication Manager Cross Site Scripting
Posted Sep 21, 2018
Site emc.com

RSA Authentication Manager versions prior to 8.3 Patch 3 suffer from multiple cross site scripting vulnerabilities.

tags | advisory, vulnerability, xss
advisories | CVE-2018-11073, CVE-2018-11074, CVE-2018-11075
MD5 | 7bf3615a61ab427227e065ee65a79499
Dell EMC VPlex GeoSynchrony 5.4 / 5.5 / 6.0 Insecure File Permissions
Posted Sep 7, 2018
Site emc.com

Dell EMC VPlex GeoSynchrony, versions prior to 6.1, contain an insecure file permissions vulnerability. A remote authenticated malicious user could read from VPN configuration files on and potentially author a man-in-the-middle attack on the VPN traffic.

tags | advisory, remote
advisories | CVE-2018-11078
MD5 | f614d3163f5919775b7a5876ee2cb5da
Dell EMC Isilon OneFS / IsilonSD Edge Remote Kernel Crash
Posted Sep 7, 2018
Site emc.com

Dell EMC Isilon OneFS versions 7.1.1.x, 7.2.1.x, 8.0.0.x, 8.0.1.x, 8.1.0.x and 8.1.x prior to 8.1.2 and Dell EMC IsilonSD Edge versions 8.0.0.x, 8.0.1.x, 8.1.0.x and 8.1.x prior to 8.1.2 contain a remote kernel crash vulnerability in the isi_drive_d process. An unauthenticated attacker may potentially exploit this vulnerability to crash the server operating system by sending specially crafted input data to the affected system.

tags | advisory, remote, kernel
advisories | CVE-2018-11071
MD5 | 76674481981fd7070d6d3eacf2efea03
RSA BSAFE SSL-J / Crypto-J Heap Clearing / Timing Channel
Posted Sep 7, 2018
Site emc.com

RSA BSAFE SSL-J versions prior to 6.2.4 contain a heap inspection vulnerability that could allow an attacker with physical access to the system to recover sensitive key material. RSA BSAFE SSL-J versions prior to 6.2.4 contain a covert timing channel vulnerability during RSA decryption, also known as a Bleichenbacher attack on RSA decryption. A remote attacker may be able to recover a RSA key. RSA BSAFE Crypto-J versions prior to 6.2.4 and RSA BSAFE SSL-J versions prior to 6.2.4 contain a covert timing channel vulnerability during PKCS #1 unpadding operations, also known as a Bleichenbacher attack. A remote attacker may be able to recover a RSA key.

tags | advisory, remote, crypto
advisories | CVE-2018-11068, CVE-2018-11069, CVE-2018-11070
MD5 | 65bd17cba7e1cb8b4a7d5f9f32cb3a8e
Page 1 of 1
Back1Next

File Archive:

January 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jan 1st
    2 Files
  • 2
    Jan 2nd
    0 Files
  • 3
    Jan 3rd
    20 Files
  • 4
    Jan 4th
    4 Files
  • 5
    Jan 5th
    37 Files
  • 6
    Jan 6th
    20 Files
  • 7
    Jan 7th
    4 Files
  • 8
    Jan 8th
    0 Files
  • 9
    Jan 9th
    0 Files
  • 10
    Jan 10th
    18 Files
  • 11
    Jan 11th
    8 Files
  • 12
    Jan 12th
    19 Files
  • 13
    Jan 13th
    31 Files
  • 14
    Jan 14th
    2 Files
  • 15
    Jan 15th
    2 Files
  • 16
    Jan 16th
    2 Files
  • 17
    Jan 17th
    18 Files
  • 18
    Jan 18th
    13 Files
  • 19
    Jan 19th
    15 Files
  • 20
    Jan 20th
    29 Files
  • 21
    Jan 21st
    12 Files
  • 22
    Jan 22nd
    0 Files
  • 23
    Jan 23rd
    0 Files
  • 24
    Jan 24th
    17 Files
  • 25
    Jan 25th
    34 Files
  • 26
    Jan 26th
    0 Files
  • 27
    Jan 27th
    0 Files
  • 28
    Jan 28th
    0 Files
  • 29
    Jan 29th
    0 Files
  • 30
    Jan 30th
    0 Files
  • 31
    Jan 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close