exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 9 of 9 RSS Feed

CVE-2018-1107

Status Candidate

Overview

It was discovered that the is-my-json-valid JavaScript library used an inefficient regular expression to validate JSON fields defined to have email format. A specially crafted JSON file could cause it to consume an excessive amount of CPU time when validated.

Related Files

Red Hat Security Advisory 2021-3917-01
Posted Oct 19, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-3917-01 - Quay 3.6.0 release. Issues addressed include buffer over-read, buffer overflow, denial of service, out of bounds read, and spoofing vulnerabilities.

tags | advisory, denial of service, overflow, spoof, vulnerability
systems | linux, redhat
advisories | CVE-2017-16137, CVE-2017-16138, CVE-2018-1107, CVE-2018-1109, CVE-2018-16492, CVE-2018-21270, CVE-2018-3721, CVE-2018-3728, CVE-2018-3774, CVE-2019-1010266, CVE-2019-20920, CVE-2019-20922, CVE-2020-15366, CVE-2020-25648, CVE-2020-26237, CVE-2020-26291, CVE-2020-35653, CVE-2020-35654, CVE-2020-7608, CVE-2020-8203, CVE-2021-22922, CVE-2021-22923, CVE-2021-22924, CVE-2021-23364, CVE-2021-23368, CVE-2021-23382, CVE-2021-25289
SHA-256 | cd92891e50d6ccba7c7561d838bb19ca1093549c2001d772fd5a4bb9e4fc7fa0
Dell EMC Avamar / IDPA Command Injection
Posted Nov 21, 2018
Site emc.com

Dell EMC Avamar and Integrated Data Protection Appliance (IDPA) suffer from a command injection vulnerability. Affected versions include Dell EMC Avamar Server versions 7.2.0, 7.2.1, 7.3.0, 7.3.1, 7.4.0, 7.4.1, 7.5.0, 7.5.1 and 18.1, Dell EMC Integrated Data Protection Appliance (IDPA) versions 2.0, 2.1 and 2.2.

tags | advisory
advisories | CVE-2018-11077
SHA-256 | e91a4b5adacabddf553d673763a0de8bbd43bf53cd6e4cc7669866c7d8dd18d5
Dell EMC Avamar / IDPA Information Exposure
Posted Nov 21, 2018
Site emc.com

Dell EMC Avamar and Integrated Data Protection Appliance (IDPA) suffer from an information exposure vulnerability. Affected versions include Dell EMC Avamar Server 7.2.0 and 7.2.1, Dell EMC Avamar Server 7.3.0 and 7.3.1, Dell EMC Avamar Server 7.4.0 and 7.4.1, and Dell EMC Integrated Data Protection Appliance (IDPA) 2.0.

tags | advisory
advisories | CVE-2018-11076
SHA-256 | 51c0fd129f391efd132a30f5c7d9b7c7eeff4304a86ef8eb192552466d3d5a3a
VMware Security Advisory 2018-0029
Posted Nov 20, 2018
Authored by VMware | Site vmware.com

VMware Security Advisory 2018-0029 - vSphere Data Protection (VDP) updates address multiple security issues.

tags | advisory
advisories | CVE-2018-11066, CVE-2018-11067, CVE-2018-11076, CVE-2018-11077
SHA-256 | aacb4dd9106cc15bfa2907b119b7dd2200b2ee1142ba0840d5ada8a616b19fea
Dell EMC ESRS Virtual Edition Information Handling
Posted Oct 17, 2018
Authored by Dell Product Security Incident Response Team

Dell EMC Secure Remote Services Virtual Edition versions prior to 3.32.00.08 suffer from improper file permission, plaintext password storage, and information exposure vulnerabilities.

tags | advisory, remote, vulnerability
advisories | CVE-2018-11079, CVE-2018-11080, CVE-2018-15765
SHA-256 | 84264bc2bf7265926ed83dcdaa2077e007732aa634829e2bdaf8b2daba109bbc
RSA Authentication Manager Cross Site Scripting
Posted Sep 21, 2018
Site emc.com

RSA Authentication Manager versions prior to 8.3 Patch 3 suffer from multiple cross site scripting vulnerabilities.

tags | advisory, vulnerability, xss
advisories | CVE-2018-11073, CVE-2018-11074, CVE-2018-11075
SHA-256 | fc9472fb611a7b6e6f330ff8c4d700773799edd40279f2614ff72dde3d29a1e6
Dell EMC VPlex GeoSynchrony 5.4 / 5.5 / 6.0 Insecure File Permissions
Posted Sep 7, 2018
Site emc.com

Dell EMC VPlex GeoSynchrony, versions prior to 6.1, contain an insecure file permissions vulnerability. A remote authenticated malicious user could read from VPN configuration files on and potentially author a man-in-the-middle attack on the VPN traffic.

tags | advisory, remote
advisories | CVE-2018-11078
SHA-256 | 61685abfda52cbfe34ab599da26d62776e3c243f5fe467d66cfe2e326b577e81
Dell EMC Isilon OneFS / IsilonSD Edge Remote Kernel Crash
Posted Sep 7, 2018
Site emc.com

Dell EMC Isilon OneFS versions 7.1.1.x, 7.2.1.x, 8.0.0.x, 8.0.1.x, 8.1.0.x and 8.1.x prior to 8.1.2 and Dell EMC IsilonSD Edge versions 8.0.0.x, 8.0.1.x, 8.1.0.x and 8.1.x prior to 8.1.2 contain a remote kernel crash vulnerability in the isi_drive_d process. An unauthenticated attacker may potentially exploit this vulnerability to crash the server operating system by sending specially crafted input data to the affected system.

tags | advisory, remote, kernel
advisories | CVE-2018-11071
SHA-256 | 73b9f201cb28fbeddb6e452c427449c628770a38dc61496947a024292e9fc08c
RSA BSAFE SSL-J / Crypto-J Heap Clearing / Timing Channel
Posted Sep 7, 2018
Site emc.com

RSA BSAFE SSL-J versions prior to 6.2.4 contain a heap inspection vulnerability that could allow an attacker with physical access to the system to recover sensitive key material. RSA BSAFE SSL-J versions prior to 6.2.4 contain a covert timing channel vulnerability during RSA decryption, also known as a Bleichenbacher attack on RSA decryption. A remote attacker may be able to recover a RSA key. RSA BSAFE Crypto-J versions prior to 6.2.4 and RSA BSAFE SSL-J versions prior to 6.2.4 contain a covert timing channel vulnerability during PKCS #1 unpadding operations, also known as a Bleichenbacher attack. A remote attacker may be able to recover a RSA key.

tags | advisory, remote, cryptography
advisories | CVE-2018-11068, CVE-2018-11069, CVE-2018-11070
SHA-256 | 1d4172c4c86ce8ccc2a9a8e1b830a45d85684dcdd0d15f64044487bd617a938e
Page 1 of 1
Back1Next

File Archive:

April 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Apr 1st
    10 Files
  • 2
    Apr 2nd
    26 Files
  • 3
    Apr 3rd
    40 Files
  • 4
    Apr 4th
    6 Files
  • 5
    Apr 5th
    26 Files
  • 6
    Apr 6th
    0 Files
  • 7
    Apr 7th
    0 Files
  • 8
    Apr 8th
    22 Files
  • 9
    Apr 9th
    14 Files
  • 10
    Apr 10th
    10 Files
  • 11
    Apr 11th
    13 Files
  • 12
    Apr 12th
    14 Files
  • 13
    Apr 13th
    0 Files
  • 14
    Apr 14th
    0 Files
  • 15
    Apr 15th
    30 Files
  • 16
    Apr 16th
    10 Files
  • 17
    Apr 17th
    0 Files
  • 18
    Apr 18th
    0 Files
  • 19
    Apr 19th
    0 Files
  • 20
    Apr 20th
    0 Files
  • 21
    Apr 21st
    0 Files
  • 22
    Apr 22nd
    0 Files
  • 23
    Apr 23rd
    0 Files
  • 24
    Apr 24th
    0 Files
  • 25
    Apr 25th
    0 Files
  • 26
    Apr 26th
    0 Files
  • 27
    Apr 27th
    0 Files
  • 28
    Apr 28th
    0 Files
  • 29
    Apr 29th
    0 Files
  • 30
    Apr 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close