Vuldb Updates

A vulnerability has been found in Michael Kohn vb2c 0.02 and classified as critical. This affects the function parse of the file vb2c.c. Performing manipulation results in memory corruption. This vulnerability is reported as CVE-2004-1298. The attack is possible to be carried out remotely. Moreover, an exploit is present.

A vulnerability categorized as critical has been discovered in Apple WebKit up to 5.1.1. Affected by this vulnerability is an unknown functionality of the component Browser Cache. Executing manipulation can lead to improper access controls. This vulnerability is registered as CVE-2011-4692. It is possible to launch the attack remotely. No exploit is available.

A vulnerability labeled as problematic has been found in Google Android 6.0. Affected by this vulnerability is an unknown functionality of the component Mediaserver. Such manipulation leads to encoding error. This vulnerability is traded as CVE-2016-3829. An attack has to be approached locally. There is no exploit available. The affected component should be upgraded.

A vulnerability was found in DotClear up to 2.8.1. It has been rated as critical. This affects an unknown part of the file inc/core/class.dc.core.php. Performing manipulation results in improper access controls. This vulnerability is reported as CVE-2015-8832. The attack is possible to be carried out remotely. No exploit exists. Upgrading the affected component is advised.

A vulnerability labeled as problematic has been found in Google Android up to 4.4.3/5.0.1/5.1.0/6.x. The affected element is the function print_maps of the file toolbox/lsof.c. Such manipulation leads to improper input validation. This vulnerability is uniquely identified as CVE-2016-3757. Local access is required to approach this attack. No exploit exists. The affected component should be upgraded.

A vulnerability has been found in Google Android 6.0/6.0.1/7.0 and classified as problematic. This issue affects some unknown processing of the component Mediaserver. The manipulation leads to information disclosure. This vulnerability is documented as CVE-2016-6773. The attack needs to be performed locally. There is not any exploit available.

A vulnerability described as problematic has been identified in Linux Kernel up to 4.15.7. This affects an unknown part of the file net/ipv4/netfilter/arp_tables.c of the component Netfilter Subsystem. Executing manipulation can lead to null pointer dereference. This vulnerability appears as CVE-2018-1065. The attack requires local access. There is no available exploit. Upgrading the affected component is recommended.

A vulnerability classified as problematic has been found in Linux Kernel up to 4.10. This vulnerability affects the function setup_ntlmv2_rsp of the file fs/cifs/cifsencrypt.c of the component CIFS. The manipulation of the argument TargetInfo leads to null pointer dereference. This vulnerability is traded as CVE-2018-1066. It is possible to initiate the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability labeled as critical has been found in Linux Kernel 4.x. This issue affects some unknown processing of the component 32-bit Syscall Interface. Executing manipulation can lead to out-of-bounds write (Kernel Memory). This vulnerability is tracked as CVE-2018-1068. The attack is restricted to local execution. No exploit exists. The affected component should be upgraded.

A vulnerability was found in Linux Kernel up to 4.16.3 and classified as problematic. Affected is the function xfs_bmap_extents_to_btree in the library fs/xfs/libxfs/xfs_bmap.c. The manipulation results in null pointer dereference. This vulnerability is reported as CVE-2018-10323. The attack requires a local approach. No exploit exists. It is suggested to upgrade the affected component.

A vulnerability categorized as critical has been discovered in Linux Kernel 3.18. The affected element is the function modify_user_hw_breakpoint. Executing manipulation can lead to 7pk error. This vulnerability appears as CVE-2018-1000199. The attack requires local access. There is no available exploit. It is advisable to upgrade the affected component.

A vulnerability identified as problematic has been detected in Linux Kernel 2.6/3.10/4.12. Affected by this vulnerability is an unknown functionality of the component Sound System. This manipulation causes race condition. This vulnerability is registered as CVE-2018-1000004. Remote exploitation of the attack is possible. No exploit is available. You should upgrade the affected component.

A vulnerability identified as critical has been detected in Oracle Communications LSMS 13.1/13.2/13.3. The affected element is an unknown function of the component Kernel. This manipulation causes information disclosure. This vulnerability appears as CVE-2017-5753. The attack requires local access. In addition, an exploit is available. You should upgrade the affected component.

A vulnerability marked as critical has been reported in CPU on Intel/AMD/ARM. Impacted is an unknown function of the component Speculative Execution. This manipulation causes information disclosure (Spectre). This vulnerability is registered as CVE-2017-5753. Remote exploitation of the attack is possible. Furthermore, an exploit is available. This vulnerability is historically significant due to its background and the way it was received. It is suggested to update the configuration settings.

A vulnerability classified as critical was found in Oracle Solaris 10/11.3. The impacted element is an unknown function of the component Kernel. Such manipulation leads to information disclosure. This vulnerability is documented as CVE-2017-5753. The attack needs to be performed locally. Additionally, an exploit exists. Upgrading the affected component is advised.

A vulnerability, which was classified as critical, was found in Oracle MICROS Workstation 6 up to BIOS 1.3.0.x. This impacts an unknown function of the component Workstation 650. The manipulation results in information disclosure. This vulnerability is identified as CVE-2017-5715. The attack is only possible with local access. Additionally, an exploit exists. You should upgrade the affected component.

A vulnerability identified as critical has been detected in Oracle MICROS PC Workstation 2015 up to BIOS 01.3.0.1. Affected is an unknown function of the component BIOS. Performing manipulation results in information disclosure. This vulnerability is identified as CVE-2017-5715. The attack is only possible with local access. Additionally, an exploit exists. You should upgrade the affected component.

A vulnerability described as critical has been identified in Oracle Diameter Signaling Router (DSR) 8.0/8.1/8.2/8.3. This affects an unknown part of the component jackson-databind. The manipulation results in information disclosure. This vulnerability was named CVE-2017-5715. The attack needs to be approached locally. In addition, an exploit is available. Upgrading the affected component is recommended.

A vulnerability described as critical has been identified in Oracle MICROS Kitchen Display Controller. Impacted is an unknown function of the component Kitchen Display System 210. Such manipulation leads to information disclosure. This vulnerability is uniquely identified as CVE-2017-5715. Local access is required to approach this attack. Moreover, an exploit is present. Upgrading the affected component is recommended.

A vulnerability classified as critical has been found in Oracle MICROS Workstation 6 up to BIOS 1.5.1.x. The affected element is an unknown function of the component Workstation 610. Performing manipulation results in information disclosure. This vulnerability was named CVE-2017-5715. The attack needs to be approached locally. In addition, an exploit is available. It is recommended to upgrade the affected component.