stevejennings - Dark Reading

Network Computing Dark Reading

Advertise

About Us

Member Since: September 8, 2016

Strategist

Posts: 4

Profile for stevejennings
Content by stevejennings
Saved by stevejennings

Hot Topics

Editors' Choice

12 Free, Ready-to-Use Security Tools

Steve Zurier, Freelance Writer, 10/12/2018

Pair of Reports Paint Picture of Enterprise Security Struggling to Keep Up

Curtis Franklin Jr., Senior Editor at Dark Reading, 10/11/2018

New Domains: A Wide-Open Playing Field for Cybercrime

Ben April, CTO, Farsight Security, 10/9/2018

Webinars

Effective Cyber Risk Assessment

The Network of the Future is Powered by AI

Make Your Organization's Email Safer

Webinar Archives

White Papers

Mobile Devices: The New Support Frontier for IT (IDG Report)

The Forrester Tech Tide on Everything You Need to Implement a Zero Trust Strategy

The State of App Development, 2018

How CIOs Can Adapt Their App Dev & Delivery Practices to Increase Time to Market

Massively Scaling Mobile Apps

More White Papers

Video

All Videos

Cartoon Contest

Write a Caption, Win a Starbucks Card! Click Here

Latest Comment: John has always been trying creative ways to solve the pebcak issue...

Cartoon Archive

Current Issue

The Biggest Cybersecurity Breaches of 2018 (So Far)

Download This Issue!

Back Issues | Must Reads

Flash Poll

All Polls

Reports

The Risk Management Struggle

The majority of organizations are struggling to implement a risk-based approach to security — even though risk reduction has become the primary metric for measuring the effectiveness of enterprise security strategies. Read the report and get more details today!

Download Now!

How Data Breaches Affect the Enterprise

0 comments

The State of IT and Cybersecurity

0 comments

[Strategic Security Report] Navigating the Threat Intelligence Maze

0 comments

More Reports

Twitter Feed

Tweets about "from:DarkReading OR @DarkReading OR #DarkReading"

Bug Report

Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database

CVE-2018-18315
PUBLISHED: 2018-10-15

com/mossle/cdn/CdnController.java in lemon 1.9.0 allows attackers to upload arbitrary files because the copyMultipartFileToFile method in CdnUtils only checks for a ../ substring, and does not validate the file type and spaceName parameter.

CVE-2018-18316
PUBLISHED: 2018-10-15

emlog v6.0.0 has CSRF via the admin/user.php?action=new URI.

CVE-2018-18317
PUBLISHED: 2018-10-15

DESHANG DSCMS 1.1 has CSRF via the public/index.php/admin/admin/add.html URI.

CVE-2018-18296
PUBLISHED: 2018-10-15

MetInfo 6.1.2 has XSS via the /admin/index.php bigclass parameter in an n=column&a=doadd action.

CVE-2018-18309
PUBLISHED: 2018-10-15

An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31. An invalid memory address dereference was discovered in read_reloc in reloc.c. The vulnerability causes a segmentation fault and application crash, which leads to denial of service,...

Terms of Service
Privacy Statement
Legal Entities