Advertise

LIVE EVENTS

There are no upcoming Dark Reading events at this time. Check out what UBM Tech events are coming up here.

ONLINE EVENTS

Check out these online events that are available from the comfort of your computer! View our complete list of Upcoming Webinars so you can attend a live session or our Webinar Archives for webinars that are available On-Demand!

Upcoming Online Events

09/25

Make Your Organization's Email Safer

10/03

The Real Impact of a Data Security Breach

10/11

Cybersecurity for SMBs: 10 Steps to Success

10/23

Purple Team Tactics & TI for Effectively Training Your Cybersecurity Team

Don't forget to view our complete list of Webinar Archives for webinars that are available On-Demand!

Hot Topics

Editors' Choice

WebAuthn, FIDO2 Infuse Browsers, Platforms with Strong Authentication

John Fontana, Standards & Identity Analyst, Yubico, 9/19/2018

Turn the NIST Cybersecurity Framework into Reality: 5 Steps

Mukul Kumar & Anupam Sahai, CISO & VP of Cyber Practice and VP Product Management, Cavirin Systems, 9/20/2018

NSS Labs Files Antitrust Suit Against Symantec, CrowdStrike, ESET, AMTSO

Kelly Jackson Higgins, Executive Editor at Dark Reading, 9/19/2018

Live Events

Webinars

More UBM Tech
Live Events

Build Your Communications & Collaboration Future

Enterprise Connect Orlando 2019 Registration is Open!

White Papers

Build the Best IT Budget for 2019

2018 Security Report

Cloakware Report: Protect your software. Protect your business.

Threat Intelligence: A Guide to Selection and Use

How APIs Help Keep It Simple for Developers

More White Papers

Video

All Videos

Cartoon Contest

Write a Caption, Win a Starbucks Card! Click Here

Latest Comment: This comment is waiting for review by our moderators.

Cartoon Archive

Current Issue

The Biggest Cybersecurity Breaches of 2018 (So Far)

Download This Issue!

Back Issues | Must Reads

Flash Poll

All Polls

Reports

The Risk Management Struggle

The majority of organizations are struggling to implement a risk-based approach to security — even though risk reduction has become the primary metric for measuring the effectiveness of enterprise security strategies. Read the report and get more details today!

Download Now!

How Data Breaches Affect the Enterprise

0 comments

The State of IT and Cybersecurity

0 comments

[Strategic Security Report] Navigating the Threat Intelligence Maze

0 comments

More Reports

Twitter Feed

Tweets about "from:DarkReading OR @DarkReading OR #DarkReading"

Bug Report

Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database

CVE-2018-17300
PUBLISHED: 2018-09-21

Stored XSS exists in CuppaCMS through 2018-09-03 via an administrator/#/component/table_manager/view/cu_menus section name.

CVE-2018-17301
PUBLISHED: 2018-09-21

Reflected XSS exists in client/res/templates/global-search/name-field.tpl in EspoCRM 5.3.6 via /#Account in the search panel.

CVE-2018-17302
PUBLISHED: 2018-09-21

Stored XSS exists in views/fields/wysiwyg.js in EspoCRM 5.3.6 via a /#Email/view saved draft message.

CVE-2018-17292
PUBLISHED: 2018-09-21

An issue was discovered in WAVM before 2018-09-16. The loadModule function in Include/Inline/CLI.h lacks checking of the file length before a file magic comparison, allowing attackers to cause a Denial of Service (application crash caused by out-of-bounds read) by crafting a file that has fewer than...

CVE-2018-17293
PUBLISHED: 2018-09-21

An issue was discovered in WAVM before 2018-09-16. The run function in Programs/wavm/wavm.cpp does not check whether there is Emscripten memory to store the command-line arguments passed by the input WebAssembly file's main function, which allows attackers to cause a denial of service (application c...

Terms of Service
Privacy Statement
Legal Entities

To save this item to your list of favorite Dark Reading content so you can find it later in your Profile page, click the "Save It" button next to the item.

If you found this interesting or useful, please use the links to the services below to share it with other readers. You will need a free account with each service to share an item via that service.
Tweet This
[close this box]