Citrix XenMobile Server CVE-2018-10654 – Java Deserialization

Authors:DXW Cyber Risk:Medium CVE:CVE-2018-10654 0day:Java Deserialization 0day -id:0DAY-176245 Date:2018-05-23 Description There is a Hazelcast Library Java Deserialization Vulnerability in Citrix XenMobile Server 10.8 before RP2 and 10.7 before RP3. Mitigating Factors Hazelcast Library Java Deserialization Vulnerability in Citrix XenMobile Server This issue is only exposed if XenMobile Clustering has been enabled. What Customers Should Do…

Adobe Acrobat JPEG 2000 CVE-2018-4990 – Double-Free Memory Corruption

Authors:Multiple Risk:High CVE:CVE-2018-4990 0day:Double-Free Memory Corruption 0day -id:0DAY-176244 Date:2018-05-23 Description A vulnerability in the image conversion module for JPEG 2000 data streams in Adobe Acrobat DC and Adobe Acrobat Reader DC could allow an unauthenticated, remote attacker to execute arbitrary code on the targeted system. The vulnerability is due to improper memory operations that are…

procps-ng config_file() Function CVE-2018-1122 – Local Privilege Escalation

Authors:Patches.tar.gz.b64 Risk:High CVE:CVE-2018-1122 0day:Local Privilege Escalation 0day -id:0DAY-176243 Date:2018-05-23 Description procps-ng before version 3.3.15 is vulnerable to a local privilege escalation in top. If a user runs top with HOME unset in an attacker-controlled directory, the attacker could achieve privilege escalation by exploiting one of several vulnerabilities in the config_file() function. Analysis If a/ an…

Apache ZooKeeper Quorum Peer CVE-2018-8012 – Mutual Authentication

Authors:FöldiTamás – Eugene Koontz Risk:Critical CVE:CVE-2018-8012 0day:Mutual Authentication 0day -id:0DAY-176242 Date:2018-05-23 Description No authentication/authorization is enforced when a server attempts to join a quorum in Apache ZooKeeper before 3.4.10, and 3.5.0-alpha through 3.5.3-beta. As a result an arbitrary end point could join the cluster and begin propagating counterfeit changes to the leader. Vendor The Apache…

WordPress Plugin Peugeot Music – Arbitrary File Upload

Authors:Matteo Malvica Risk:High CVE:N/A 0day:Arbitrary File Upload 0day -id:0DAY-176241 Date:2018-05-23 Description WordPress Plugin Peugeot Music allows any page or post to play a background music while it is displayed. Having a home page or any other page playing a background music greatly improves your website visitor’s experience. By choosing a music in adequacy with your…

Linux/x86 – Bind (4444/TCP) Shell (/bin/sh) + IPv6 Shellcode (113 bytes)

Authors:Matteo Malvica Risk:High CVE:N/A 0day:Shellcode 0day -id:0DAY-176240 Date:2018-05-23 Introduction Linux is a family of free and open-source software operating systems built around the Linux kernel. Typically, Linux is packaged in a form known as a Linux distribution(or distro for short) for both desktop and server use. The defining component of a Linux distribution is the Linux kernel, an operating system kernel first released on September 17, 1991, by Linus Torvalds….

Samsung Galaxy S7 Edge CVE-2018-10751- Overflow in OMACP WbXml String Extension Processing

Authors:Project Zero Bugs Risk:High CVE:CVE-2018-10751 0day:Overflow 0day -id:0DAY-176239 Date:2018-05-23 Description OMACP is a protocol supported by many mobile devices which allows them to receive provisioning information over the mobile network. One way to provision a device is via a WAP push SMS message containing provisioning information in WbXML. A malformed OMACP WAP push message can…

Apache Solr 6.0.0 to 7.3.0 CVE-2018-8010 – XXE

Authors:Ananthesh Risk:High CVE:CVE-2018-8010 0day:XXE 0day -id:0DAY-176238 Date:2018-05-23 Description This vulnerability in Apache Solr 6.0.0 to 6.6.3, 7.0.0 to 7.3.0 relates to an XML external entity expansion (XXE) in Solr config files (solrconfig.xml, schema.xml, managed-schema). In addition, Xinclude functionality provided in these config files is also affected in a similar way. The vulnerability can be used…

AMD ARM Intel CVE-2018-3639 – Speculative Execution Variant 4 Speculative Store Bypass

Authors:Google Project Zero Risk:Critical CVE:CVE-2018-0953 0day:Information Disclosure 0day -id:0DAY-176237 Date:2018-05-23 Description Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of all prior memory writes are known may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis, aka Speculative Store Bypass (SSB),…

Microsoft Edge Chakra JIT CVE-2018-0953 – Memory Corruption Exploit

Authors:Google Project Zero Risk:High CVE:CVE-2018-0953 0day:Memory Corruption 0day -id:0DAY-176236 Date:2018-05-23 Description A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An…