Weekly Vulnerabilities Reports > January 8 to 14, 2018

Overview

408 new vulnerabilities reported during this period, including 61 critical vulnerabilities and 60 high severity vulnerabilities. This weekly summary report vulnerabilities in 483 products from 144 vendors including Google, TP Link, Microsoft, IBM, and Debian. Vulnerabilities are notably categorized as "Cross-site Scripting", "Information Exposure", "Improper Restriction of Operations within the Bounds of a Memory Buffer", "Improper Input Validation", and "SQL Injection".

  • 323 reported vulnerabilities are remotely exploitables.
  • 26 reported vulnerabilities have public exploit available.
  • 133 reported vulnerabilities are related to weaknesses in OWASP Top Ten.
  • 307 reported vulnerabilities are exploitable by an anonymous user.
  • Google has the most reported vulnerabilities, with 74 reported vulnerabilities.
  • TP Link has the most reported critical vulnerabilities, with 25 reported vulnerabilities.

TOTAL
VULNERABILITIES
CRITICAL RISK
VULNERABILITIES
HIGH RISK
VULNERABILITIES
MEDIUM RISK
VULNERABILITIES
LOW RISK
VULNERABILITIES
REMOTELY
EXPLOITABLE
LOCALLY
EXPLOITABLE
EXPLOIT
AVAILABLE
EXPLOITABLE
ANONYMOUSLY
AFFECTING
WEB APPLICATION

Vulnerability Details

The following table list reported vulnerabilities for the period covered by this report:

Expand/Hide

61 Critical Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2018-01-12 CVE-2017-13208 Google Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android

In receive_packet of libnetutils/packet.c, there is a possible out-of-bounds write due to a missing bounds check on the DHCP response.

10.0
2018-01-12 CVE-2017-13179 Google Use After Free vulnerability in Google Android

In the ihevcd_allocate_static_bufs and ihevcd_create functions of SoftHEVC, there is a possible out-of-bounds write due to a use after free.

10.0
2018-01-12 CVE-2017-13178 Google Use After Free vulnerability in Google Android

In the initDecoder function of SoftAVCDec, there is a possible out-of-bounds write to mCodecCtx due to a use after free when buffer allocation fails.

10.0
2018-01-12 CVE-2017-13177 Google Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android

In several functions of libhevc, NEON registers are not preserved.

10.0
2018-01-12 CVE-2015-9246 Skyboxsecurity Improper Input Validation vulnerability in Skyboxsecurity Skybox Platform

An issue was discovered in Skybox Platform before 7.5.201.

10.0
2018-01-12 CVE-2017-16743 Phoenixcontact Incorrect Authorization vulnerability in Phoenixcontact products

An Improper Authorization issue was discovered in PHOENIX CONTACT FL SWITCH 3xxx, 4xxx, and 48xxx Series products running firmware Version 1.0 to 1.32.

10.0
2018-01-12 CVE-2018-5262 Flexense Out-of-bounds Write vulnerability in Flexense Diskboss

A stack-based buffer overflow in Flexense DiskBoss 8.8.16 and earlier allows unauthenticated remote attackers to execute arbitrary code in the context of a highly privileged account.

10.0
2018-01-12 CVE-2014-6436 Aztech Improper Authentication vulnerability in Aztech products

Aztech ADSL DSL5018EN (1T1R), DSL705E, and DSL705EU devices improperly manage sessions, which allows remote attackers to bypass authentication in opportunistic circumstances and execute arbitrary commands with administrator privileges by leveraging an existing web portal login.

10.0
2018-01-12 CVE-2018-5347 Seagate OS Command Injection vulnerability in Seagate Personal Cloud Firmware

Seagate Media Server in Seagate Personal Cloud has unauthenticated command injection in the uploadTelemetry and getLogs functions in views.py because .psp URLs are handled by the fastcgi.server component and shell metacharacters are mishandled.

10.0
2018-01-10 CVE-2018-0007 Juniper Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Juniper Junos

An unauthenticated network-based attacker able to send a maliciously crafted LLDP packet to the local segment, through a local segment broadcast, may be able to cause a Junos device to enter an improper boundary check condition allowing a memory corruption to occur, leading to a denial of service.

10.0
2018-01-09 CVE-2017-18025 Innotube OS Command Injection vulnerability in Innotube Itguard Manager 0.0.0.1

cgi-bin/drknow.cgi in Innotube ITGuard-Manager 0.0.0.1 allows remote attackers to execute arbitrary OS commands via shell metacharacters in the username field, as demonstrated by a username beginning with "admin|" to use the '|' metacharacter.

10.0
2018-01-08 CVE-2014-5334 Freenas 7PK - Security Features vulnerability in Freenas 9.3

FreeNAS before 9.3-M3 has a blank admin password, which allows remote attackers to gain root privileges by leveraging a WebGui login.

10.0
2018-01-14 CVE-2017-15126 Linux Use After Free vulnerability in Linux Kernel 4.13.6

A use-after-free flaw was found in fs/userfaultfd.c in the Linux kernel before 4.13.6.

9.3
2018-01-12 CVE-2017-13225 Google Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android

In libMtkOmxVdec.so there is a possible heap buffer overflow.

9.3
2018-01-12 CVE-2017-13176 Google Improper Input Validation vulnerability in Google Android

In the parseURL function of URLStreamHandler, there is improper input validation of the host field.

9.3
2018-01-10 CVE-2017-15849 Google Use After Free vulnerability in Google Android

In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, a LayerStack can be destroyed in between Validate and Commit by the application resulting in a Use After Free condition.

9.3
2018-01-10 CVE-2017-11069 Google Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android

In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, manipulation of SafeSwitch Image data can result in Heap overflow.

9.3
2018-01-10 CVE-2018-0812 Microsoft Out-of-bounds Write vulnerability in Microsoft Office, Office Compatibility Pack and Word

Equation Editor in Microsoft Office 2003, Microsoft Office 2007, Microsoft Office 2010, Microsoft Office 2013, and Microsoft Office 2016 allows a remote code execution vulnerability due to the way objects are handled in memory, aka "Microsoft Word Memory Corruption Vulnerability".

9.3
2018-01-10 CVE-2018-0807 Microsoft Unspecified vulnerability in Microsoft Office, Office Compatibility Pack and Word

Equation Editor in Microsoft Office 2003, Microsoft Office 2007, Microsoft Office 2010, Microsoft Office 2013, and Microsoft Office 2016 allows a remote code execution vulnerability due to the way objects are handled in memory, aka "Microsoft Word Remote Code Execution Vulnerability".

9.3
2018-01-10 CVE-2018-0806 Microsoft Unspecified vulnerability in Microsoft Office, Office Compatibility Pack and Word

Equation Editor in Microsoft Office 2003, Microsoft Office 2007, Microsoft Office 2010, Microsoft Office 2013, and Microsoft Office 2016 allows a remote code execution vulnerability due to the way objects are handled in memory, aka "Microsoft Word Remote Code Execution Vulnerability".

9.3
2018-01-10 CVE-2018-0805 Microsoft Unspecified vulnerability in Microsoft Office, Office Compatibility Pack and Word

Equation Editor in Microsoft Office 2003, Microsoft Office 2007, Microsoft Office 2010, Microsoft Office 2013, and Microsoft Office 2016 allows a remote code execution vulnerability due to the way objects are handled in memory, aka "Microsoft Word Remote Code Execution Vulnerability".

9.3
2018-01-10 CVE-2018-0804 Microsoft Unspecified vulnerability in Microsoft Office, Office Compatibility Pack and Word

Equation Editor in Microsoft Office 2003, Microsoft Office 2007, Microsoft Office 2010, Microsoft Office 2013, and Microsoft Office 2016 allows a remote code execution vulnerability due to the way objects are handled in memory, aka "Microsoft Word Remote Code Execution Vulnerability".

9.3
2018-01-10 CVE-2018-0802 Microsoft Out-of-bounds Write vulnerability in Microsoft Office, Office Compatibility Pack and Word

Equation Editor in Microsoft Office 2007, Microsoft Office 2010, Microsoft Office 2013, and Microsoft Office 2016 allow a remote code execution vulnerability due to the way objects are handled in memory, aka "Microsoft Office Memory Corruption Vulnerability".

9.3
2018-01-10 CVE-2018-0801 Microsoft Unspecified vulnerability in Microsoft Office, Office Compatibility Pack and Word

Equation Editor in Microsoft Office 2007, Microsoft Office 2010, Microsoft Office 2013, and Microsoft Office 2016 allows a remote code execution vulnerability due to the way objects are handled in memory, aka "Microsoft Office Remote Code Execution Vulnerability".

9.3
2018-01-10 CVE-2018-0798 Microsoft Out-of-bounds Write vulnerability in Microsoft Office, Office Compatibility Pack and Word

Equation Editor in Microsoft Office 2007, Microsoft Office 2010, Microsoft Office 2013, and Microsoft Office 2016 allows a remote code execution vulnerability due to the way objects are handled in memory, aka "Microsoft Office Memory Corruption Vulnerability".

9.3
2018-01-10 CVE-2018-0797 Microsoft Out-of-bounds Write vulnerability in Microsoft products

Microsoft Office 2010, Microsoft Office 2013, and Microsoft Office 2016 allow a remote code execution vulnerability due to the way RTF content is handled, aka "Microsoft Word Memory Corruption Vulnerability".

9.3
2018-01-10 CVE-2018-0796 Microsoft Unspecified vulnerability in Microsoft products

Microsoft Excel in Microsoft Office 2007, Microsoft Office 2010, Microsoft Office 2013, and Microsoft Office 2016 allows a remote code execution vulnerability due to the way objects are handled in memory, aka "Microsoft Excel Remote Code Execution Vulnerability".

9.3
2018-01-10 CVE-2018-0795 Microsoft Unspecified vulnerability in Microsoft Office and Word

Microsoft Office 2010, Microsoft Office 2013, and Microsoft Office 2016 allow a remote code execution vulnerability due to the way objects are handled in memory, aka "Microsoft Office Remote Code Execution Vulnerability".

9.3
2018-01-10 CVE-2018-0794 Microsoft Unspecified vulnerability in Microsoft Office, Office Compatibility Pack and Word

Microsoft Word in Microsoft Office 2007, Microsoft Office 2010, Microsoft Office 2013, and Microsoft Office 2016 allows a remote code execution vulnerability due to the way objects are handled in memory, aka "Microsoft Word Remote Code Execution Vulnerability".

9.3
2018-01-10 CVE-2018-0793 Microsoft Unspecified vulnerability in Microsoft Office, Office Compatibility Pack and Word

Microsoft Outlook 2007, Microsoft Outlook 2010 and Microsoft Outlook 2013 allow a remote code execution vulnerability due to the way email messages are parsed, aka "Microsoft Outlook Remote Code Execution Vulnerability".

9.3
2018-01-10 CVE-2018-0792 Microsoft Out-of-bounds Write vulnerability in Microsoft products

Microsoft Word 2016 in Microsoft Office 2016 allows a remote code execution vulnerability due to the way objects are handled in memory, aka "Microsoft Word Remote Code Execution Vulnerability".

9.3
2018-01-10 CVE-2018-0791 Microsoft Unspecified vulnerability in Microsoft Office and Outlook

Microsoft Outlook 2007, Microsoft Outlook 2010, Microsoft Outlook 2013, and Microsoft Outlook 2016 allow a remote code execution vulnerability due to the way email messages are parsed, aka "Microsoft Outlook Remote Code Execution Vulnerability".

9.3
2018-01-09 CVE-2015-1290 Google
QT
Opensuse
Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Chrome

The Google V8 engine, as used in Google Chrome before 44.0.2403.89 and QtWebEngineCore in Qt before 5.5.1, allows remote attackers to cause a denial of service (memory corruption) or execute arbitrary code via a crafted web site.

9.3
2018-01-12 CVE-2016-0324 IBM Command Injection vulnerability in IBM Security Identity Manager Virtual Appliance

IBM Security Identity Manager (ISIM) Virtual Appliance 7.0.0.0 through 7.0.1.0 before 7.0.1-ISS-SIM-FP0001 allows remote authenticated users to execute arbitrary code with administrator privileges via unspecified vectors.

9.0
2018-01-12 CVE-2018-5371 D Link OS Command Injection vulnerability in D-Link Dsl-2540U Firmware and Dsl-2640U Firmware

diag_ping.cmd on D-Link DSL-2640U devices with firmware IM_1.00 and ME_1.00, and DSL-2540U devices with firmware ME_1.00, allows authenticated remote attackers to execute arbitrary OS commands via shell metacharacters in the ipaddr field of an HTTP GET request.

9.0
2018-01-11 CVE-2017-15637 TP Link Unspecified vulnerability in Tp-Link products

TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the pptphellointerval variable in the pptp_server.lua file.

9.0
2018-01-11 CVE-2017-15636 TP Link Unspecified vulnerability in Tp-Link products

TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-time variable in the webfilter.lua file.

9.0
2018-01-11 CVE-2017-15635 TP Link Unspecified vulnerability in Tp-Link products

TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the max_conn variable in the session_limits.lua file.

9.0
2018-01-11 CVE-2017-15634 TP Link Unspecified vulnerability in Tp-Link products

TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the name variable in the wportal.lua file.

9.0
2018-01-11 CVE-2017-15633 TP Link Unspecified vulnerability in Tp-Link products

TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-ipgroup variable in the session_limits.lua file.

9.0
2018-01-11 CVE-2017-15632 TP Link Unspecified vulnerability in Tp-Link products

TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-mppeencryption variable in the pptp_server.lua file.

9.0
2018-01-11 CVE-2017-15631 TP Link Unspecified vulnerability in Tp-Link products

TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-workmode variable in the pptp_client.lua file.

9.0
2018-01-11 CVE-2017-15630 TP Link Unspecified vulnerability in Tp-Link products

TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-remotesubnet variable in the pptp_client.lua file.

9.0
2018-01-11 CVE-2017-15629 TP Link Unspecified vulnerability in Tp-Link products

TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-tunnelname variable in the pptp_client.lua file.

9.0
2018-01-11 CVE-2017-15628 TP Link Unspecified vulnerability in Tp-Link products

TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the lcpechointerval variable in the pptp_server.lua file.

9.0
2018-01-11 CVE-2017-15627 TP Link Unspecified vulnerability in Tp-Link products

TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-pns variable in the pptp_client.lua file.

9.0
2018-01-11 CVE-2017-15626 TP Link Unspecified vulnerability in Tp-Link products

TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-bindif variable in the pptp_server.lua file.

9.0
2018-01-11 CVE-2017-15625 TP Link Unspecified vulnerability in Tp-Link products

TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-olmode variable in the pptp_client.lua file.

9.0
2018-01-11 CVE-2017-15624 TP Link Unspecified vulnerability in Tp-Link products

TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-authtype variable in the pptp_server.lua file.

9.0
2018-01-11 CVE-2017-15623 TP Link Unspecified vulnerability in Tp-Link products

TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-enable variable in the pptp_server.lua file.

9.0
2018-01-11 CVE-2017-15622 TP Link Unspecified vulnerability in Tp-Link products

TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-mppeencryption variable in the pptp_client.lua file.

9.0
2018-01-11 CVE-2017-15621 TP Link Unspecified vulnerability in Tp-Link products

TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the olmode variable in the interface_wan.lua file.

9.0
2018-01-11 CVE-2017-15620 TP Link Unspecified vulnerability in Tp-Link products

TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-zone variable in the ipmac_import.lua file.

9.0
2018-01-11 CVE-2017-15619 TP Link Unspecified vulnerability in Tp-Link products

TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the pptphellointerval variable in the pptp_client.lua file.

9.0
2018-01-11 CVE-2017-15618 TP Link Unspecified vulnerability in Tp-Link products

TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-enable variable in the pptp_client.lua file.

9.0
2018-01-11 CVE-2017-15617 TP Link Unspecified vulnerability in Tp-Link products

TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the iface variable in the interface_wan.lua file.

9.0
2018-01-11 CVE-2017-15616 TP Link Unspecified vulnerability in Tp-Link products

TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-interface variable in the phddns.lua file.

9.0
2018-01-11 CVE-2017-15615 TP Link Unspecified vulnerability in Tp-Link products

TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the lcpechointerval variable in the pptp_client.lua file.

9.0
2018-01-11 CVE-2017-15614 TP Link Unspecified vulnerability in Tp-Link products

TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-outif variable in the pptp_client.lua file.

9.0
2018-01-11 CVE-2017-15613 TP Link Unspecified vulnerability in Tp-Link products

TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-interface variable in the cmxddns.lua file.

9.0
2018-01-10 CVE-2018-0789 Microsoft Unspecified vulnerability in Microsoft Sharepoint Enterprise Server and Sharepoint Server

Microsoft SharePoint Foundation 2010, Microsoft SharePoint Server 2013 and Microsoft SharePoint Server 2016 allow an elevation of privilege vulnerability due to the way web requests are handled, aka "Microsoft SharePoint Elevation of Privilege Vulnerability".

9.0

60 High Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2018-01-12 CVE-2017-13205 Google Information Exposure vulnerability in Google Android

An information disclosure vulnerability in the Android media framework (libmpeg2).

8.5
2018-01-12 CVE-2017-13204 Google Information Exposure vulnerability in Google Android

An information disclosure vulnerability in the Android media framework (libavc).

8.5
2018-01-12 CVE-2017-13203 Google Information Exposure vulnerability in Google Android

An information disclosure vulnerability in the Android media framework (libavc).

8.5
2018-01-12 CVE-2017-13188 Google Information Exposure vulnerability in Google Android

An information disclosure vulnerability in the Android media framework (aac).

8.5
2018-01-12 CVE-2017-13187 Google Information Exposure vulnerability in Google Android

An information disclosure vulnerability in the Android media framework (libhevc).

8.5
2018-01-12 CVE-2017-13185 Google Information Exposure vulnerability in Google Android

An information disclosure vulnerability in the Android media framework (libhevc).

8.5
2018-01-10 CVE-2018-0818 Microsoft Unspecified vulnerability in Microsoft Chakracore

Microsoft ChakraCore allows an attacker to bypass Control Flow Guard (CFG) in conjunction with another vulnerability to run arbitrary code on a target system, due to how the Chakra scripting engine handles accessing memory, aka "Scripting Engine Security Feature Bypass".

8.5
2018-01-12 CVE-2017-13214 Google Improper Input Validation vulnerability in Google Android

In the hardware HEVC decoder, some media files could cause a page fault.

7.8
2018-01-12 CVE-2017-13211 Google Resource Exhaustion vulnerability in Google Android 8.0

In bta_scan_results_cb_impl of btif_ble_scanner.cc, there is possible resource exhaustion if a large number of repeated BLE scan results are received.

7.8
2018-01-12 CVE-2017-13199 Google Improper Handling of Exceptional Conditions vulnerability in Google Android 8.0/8.1

In Bitmap.ccp if Bitmap.nativeCreate fails an out of memory exception is not thrown leading to a java.io.IOException later on.

7.8
2018-01-12 CVE-2017-13198 Google Improper Input Validation vulnerability in Google Android

A vulnerability in the Android media framework (ex) related to composition of frames lacking a color map.

7.8
2018-01-12 CVE-2017-13197 Google Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android

In the ihevcd_parse_slice.c function, slave threads are not joined if there is an error.

7.8
2018-01-12 CVE-2017-13196 Google Missing Release of Resource after Effective Lifetime vulnerability in Google Android

In several places in ihevcd_decode.c, a dead loop could occur due to incomplete frames which could lead to memory leaks.

7.8
2018-01-12 CVE-2017-13195 Google Infinite Loop vulnerability in Google Android

In the ihevcd_parse_sps function of ihevcd_parse_headers.c, several parameter values could be negative which could lead to negative indexes which could lead to an infinite loop.

7.8
2018-01-12 CVE-2017-13194 Google
Debian
Improper Input Validation vulnerability in multiple products

A vulnerability in the Android media framework (libvpx) related to odd frame width.

7.8
2018-01-12 CVE-2017-13193 Google Infinite Loop vulnerability in Google Android

In ihevcd_decode.c there is a possible infinite loop due to bytes for an sps of unsupported resolution resulting in the same sps being fed in over and over.

7.8
2018-01-12 CVE-2017-13192 Google Infinite Loop vulnerability in Google Android

In the ihevcd_parse_slice_header function of ihevcd_parse_slice_header.c a slice address of zero after the first slice could result in an infinite loop.

7.8
2018-01-12 CVE-2017-13191 Google Infinite Loop vulnerability in Google Android

In the ihevcd_decode function of ihevcd_decode.c, there is an infinite loop due to an incomplete frame error.

7.8
2018-01-12 CVE-2017-13190 Google Allocation of Resources Without Limits or Throttling vulnerability in Google Android

A vulnerability in the Android media framework (libhevc) related to handling ps_codec_obj memory allocation failures.

7.8
2018-01-12 CVE-2017-13189 Google Allocation of Resources Without Limits or Throttling vulnerability in Google Android

A vulnerability in the Android media framework (libavc) related to handling dec_hdl memory allocation failures.

7.8
2018-01-12 CVE-2017-13186 Google Improper Input Validation vulnerability in Google Android

A vulnerability in the Android media framework (libavc) related to incorrect use of mmco parameters.

7.8
2018-01-12 CVE-2017-0855 Google Missing Release of Resource after Effective Lifetime vulnerability in Google Android

In MPEG4Extractor.cpp, there are several places where functions return early without cleaning up internal buffers which could lead to memory leaks.

7.8
2018-01-09 CVE-2017-15124 Qemu Improper Input Validation vulnerability in Qemu

VNC server implementation in Quick Emulator (QEMU) 2.11.0 and older was found to be vulnerable to an unbounded memory allocation issue, as it did not throttle the framebuffer updates sent to its client.

7.8
2018-01-14 CVE-2018-5696 Ijoomla SQL Injection vulnerability in Ijoomla COM Adagency 6.0.9

The iJoomla com_adagency plugin 6.0.9 for Joomla! allows SQL injection via the `advertiser_status` and `status_select` parameters to index.php.

7.5
2018-01-12 CVE-2015-9249 Skyboxsecurity SQL Injection vulnerability in Skyboxsecurity Skybox Platform

An issue was discovered in Skybox Platform before 7.5.201.

7.5
2018-01-12 CVE-2018-5315 WP Events Calendar Project SQL Injection vulnerability in WP Events Calendar Project WP Events Calendar 1.0

The Wachipi WP Events Calendar plugin 1.0 for WordPress has SQL Injection via the event_id parameter to event.php.

7.5
2018-01-12 CVE-2017-17970 Muvikoscript SQL Injection vulnerability in Muvikoscript Muviko 1.1

Multiple SQL injection vulnerabilities in Muviko 1.1 allow remote attackers to execute arbitrary SQL commands via the (1) email parameter to login.php; the (2) season_id parameter to themes/flixer/ajax/load_season.php; the (3) movie_id parameter to themes/flixer/ajax/get_rating.php; the (4) rating or (5) movie_id parameter to themes/flixer/ajax/update_rating.php; or the (6) id parameter to themes/flixer/ajax/set_player_source.php.

7.5
2018-01-12 CVE-2018-5377 Discuz Missing Authorization vulnerability in Discuz Discuzx X3.4

Discuz! DiscuzX X3.4 allows remote attackers to bypass intended access restrictions via the archiver\index.php action parameter.

7.5
2018-01-10 CVE-2018-0001 Juniper Use After Free vulnerability in Juniper Junos

A remote, unauthenticated attacker may be able to execute code by exploiting a use-after-free defect found in older versions of PHP through injection of crafted data via specific PHP URLs within the context of the J-Web process.

7.5
2018-01-10 CVE-2017-11079 Google Information Exposure vulnerability in Google Android

In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, while processing sparse image, uninitialized heap memory can potentially be flashed due to the lack of validation of sparse image block header size.

7.5
2018-01-10 CVE-2017-17946 Novosoft Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Novosoft Handy Password 4.9.3

A buffer overflow in Handy Password 4.9.3 allows remote attackers to execute arbitrary code via a long "Title name" field in "mail box" data that is mishandled in an "Open from mail box" action.

7.5
2018-01-10 CVE-2017-17485 Fasterxml
Debian
Redhat
Netapp
Deserialization of Untrusted Data vulnerability in multiple products

FasterXML jackson-databind through 2.8.10 and 2.9.x through 2.9.3 allows unauthenticated remote code execution because of an incomplete fix for the CVE-2017-7525 deserialization flaw.

7.5
2018-01-09 CVE-2017-16740 Rockwellautomation Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Rockwellautomation products

A Buffer Overflow issue was discovered in Rockwell Automation Allen-Bradley MicroLogix 1400 Controllers, Series B and C Versions 21.002 and earlier.

7.5
2018-01-09 CVE-2017-1670 IBM SQL Injection vulnerability in IBM Security KEY Lifecycle Manager

IBM Tivoli Key Lifecycle Manager 2.5, 2.6, and 2.7 is vulnerable to SQL injection.

7.5
2018-01-09 CVE-2018-5211 Phpsugar SQL Injection vulnerability in PHPsugar PHP Melody 2.7.1

PHP Melody version 2.7.1 suffer from SQL Injection Time-based attack on the page ajax.php with the parameter playlist.

7.5
2018-01-08 CVE-2017-7997 Gespage SQL Injection vulnerability in Gespage

Multiple SQL injection vulnerabilities in Gespage before 7.4.9 allow remote attackers to execute arbitrary SQL commands via the (1) show_prn parameter to webapp/users/prnow.jsp or show_month parameter to (2) webapp/users/blhistory.jsp or (3) webapp/users/prhistory.jsp.

7.5
2018-01-08 CVE-2017-15883 Progress Improper Authentication vulnerability in Progress Sitefinity

Sitefinity 5.1, 5.2, 5.3, 5.4, 6.x, 7.x, 8.x, 9.x, and 10.x allow remote attackers to bypass authentication and consequently cause a denial of service on load balanced sites or gain privileges via vectors related to weak cryptography.

7.5
2018-01-08 CVE-2015-2320 Mono Project
Debian
Improper Certificate Validation vulnerability in multiple products

The TLS stack in Mono before 3.12.1 allows remote attackers to have unspecified impact via vectors related to client-side SSLv2 fallback.

7.5
2018-01-08 CVE-2014-5071 Microsemi SQL Injection vulnerability in Microsemi S350I Firmware 2.70.15

SQL injection vulnerability in the checkPassword function in Symmetricom s350i 2.70.15 allows remote attackers to execute arbitrary SQL commands via vectors involving a username.

7.5
2018-01-08 CVE-2014-4972 Ajax Upload FOR Gravity Forms Project Unrestricted Upload of File with Dangerous Type vulnerability in Ajax Upload FOR Gravity Forms Project Ajax Upload FOR Gravity Forms 1.0/1.1

Unrestricted file upload vulnerability in the Gravity Upload Ajax plugin 1.1 and earlier for WordPress allows remote attackers to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file under wp-content/uploads/gravity_forms.

7.5
2018-01-08 CVE-2017-5971 Newsbee Project SQL Injection vulnerability in Newsbee Project Newsbee

SQL injection vulnerability in NewsBee CMS allow remote attackers to execute arbitrary SQL commands.

7.5
2018-01-08 CVE-2018-5267 Cobham Unspecified vulnerability in Cobham SEA TEL 121 Firmware 222701

Cobham Sea Tel 121 build 222701 devices allow remote attackers to bypass authentication via a direct request to MenuDealerGx.html, MenuDealer.html, MenuEuNCGx.html, MenuEuNC.html, MenuSysGx.html, or MenuSys.html.

7.5
2018-01-12 CVE-2017-13217 Google Out-of-bounds Write vulnerability in Google Android

In DisplayFtmItem in the bootloader, there is an out-of-bounds write due to reading a string without verifying that it's null-terminated.

7.2
2018-01-12 CVE-2017-13216 Google Out-of-bounds Write vulnerability in Google Android

In ashmem_ioctl of ashmem.c, there is an out-of-bounds write due to insufficient locking when accessing asma.

7.2
2018-01-12 CVE-2017-13215 Google Unspecified vulnerability in Google Android

A elevation of privilege vulnerability in the Upstream kernel skcipher.

7.2
2018-01-12 CVE-2017-13210 Google Out-of-bounds Write vulnerability in Google Android

In CameraDeviceClient::submitRequestList of CameraDeviceClient.cpp, there is an out-of-bounds write if metadataSize is too small.

7.2
2018-01-12 CVE-2017-13209 Google Missing Authorization vulnerability in Google Android 8.0/8.1

In the ServiceManager::add function in the hardware service manager, there is an insecure permissions check based on the PID of the caller which could allow an application or service to replace a HAL service with its own service.

7.2
2018-01-12 CVE-2017-13184 Google Use After Free vulnerability in Google Android 8.0/8.1

In the enableVSyncInjections function of SurfaceFlinger, there is a possible use after free of mVSyncInjector.

7.2
2018-01-12 CVE-2017-13182 Google Integer Overflow or Wraparound vulnerability in Google Android 8.0/8.1

In the sendFormatChange function of ACodec, there is a possible integer overflow which could lead to an out-of-bounds write.

7.2
2018-01-12 CVE-2017-13181 Google Double Free vulnerability in Google Android

In the doGetThumb and getThumbnail functions of MtpServer, there is a possible double free due to not NULLing out a freed pointer.

7.2
2018-01-12 CVE-2017-13180 Google Use After Free vulnerability in Google Android

In the onQueueFilled function of SoftAVCDec, there is a possible out-of-bounds write due to a use after free if a bad header causes the decoder to get caught in a loop while another thread frees the memory it's accessing.

7.2
2018-01-12 CVE-2017-0869 Google Use After Free vulnerability in Google Android

NVIDIA driver contains an integer overflow vulnerability which could cause a use after free and possibly lead to an elevation of privilege enabling code execution as a privileged process.

7.2
2018-01-11 CVE-2018-5189 Jungo Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Jungo Windriver

Race condition in Jungo Windriver 12.5.1 allows local users to cause a denial of service (buffer overflow) or gain system privileges by flipping pool buffer size, aka a "double fetch" vulnerability.

7.2
2018-01-11 CVE-2018-5332 Linux
Debian
Canonical
Out-of-bounds Write vulnerability in multiple products

In the Linux kernel through 3.2, the rds_message_alloc_sgs() function does not validate a value that is used during DMA page allocation, leading to a heap-based out-of-bounds write (related to the rds_rdma_extra_size function in net/rds/rdma.c).

7.2
2018-01-10 CVE-2018-0012 Juniper Unspecified vulnerability in Juniper Junos Space 15.1/15.2/17.2

Junos Space is affected by a privilege escalation vulnerability that may allow a local authenticated attacker to gain root privileges.

7.2
2018-01-10 CVE-2018-0008 Juniper Improper Authentication vulnerability in Juniper Junos

An unauthenticated root login may allow upon reboot when a commit script is used.

7.2
2018-01-08 CVE-2013-4364 Redhat Link Following vulnerability in Redhat Openshift 1.0/2.0

(1) oo-analytics-export and (2) oo-analytics-import in the openshift-origin-broker-util package in Red Hat OpenShift Enterprise 1 and 2 allow local users to have unspecified impact via a symlink attack on an unspecified file in /tmp.

7.2
2018-01-08 CVE-2018-5282 Kentico Out-of-bounds Write vulnerability in Kentico CMS

** DISPUTED ** Kentico 9.0 through 11.0 has a stack-based buffer overflow via the SqlName, SqlPswd, Database, UserName, or Password field in a SilentInstall XML document.

7.2
2018-01-12 CVE-2017-18028 Imagemagick
Canonical
Allocation of Resources Without Limits or Throttling vulnerability in multiple products

In ImageMagick 7.0.7-1 Q16, a memory exhaustion vulnerability was found in the function ReadTIFFImage in coders/tiff.c, which allow remote attackers to cause a denial of service via a crafted file.

7.1
2018-01-10 CVE-2018-0004 Juniper Resource Exhaustion vulnerability in Juniper Junos

A sustained sequence of different types of normal transit traffic can trigger a high CPU consumption denial of service condition in the Junos OS register and schedule software interrupt handler subsystem when a specific command is issued to the device.

7.1

218 Medium Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2018-01-11 CVE-2017-4950 Vmware
Apple
Integer Overflow or Wraparound vulnerability in VMWare Fusion and Workstation

VMware Workstation and Fusion contain an integer overflow vulnerability in VMware NAT service when IPv6 mode is enabled.

6.9
2018-01-11 CVE-2017-4949 Vmware
Apple
Use After Free vulnerability in VMWare Fusion and Workstation

VMware Workstation and Fusion contain a use-after-free vulnerability in VMware NAT service when IPv6 mode is enabled.

6.9
2018-01-14 CVE-2018-5698 Wizardmac Out-of-bounds Read vulnerability in Wizardmac Readstat 0.1.1

libreadstat.a in WizardMac ReadStat 0.1.1 has a heap-based buffer over-read via an unterminated string.

6.8
2018-01-14 CVE-2018-5684 Libav Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Libav

In Libav through 12.2, there is an invalid memcpy call in the ff_mov_read_stsd_entries function of libavformat/mov.c.

6.8
2018-01-14 CVE-2018-5360 Libtiff
Graphicsmagick
Out-of-bounds Read vulnerability in multiple products

LibTIFF before 4.0.6 mishandles the reading of TIFF files, as demonstrated by a heap-based buffer over-read in the ReadTIFFImage function in coders/tiff.c in GraphicsMagick 1.3.27.

6.8
2018-01-13 CVE-2018-5673 Booking Calendar Project Cross-Site Request Forgery (CSRF) vulnerability in Booking Calendar Project Booking Calendar 2.1.7

An issue was discovered in the booking-calendar plugin 2.1.7 for WordPress.

6.8
2018-01-13 CVE-2018-5669 Read AND Understood Project Cross-Site Request Forgery (CSRF) vulnerability in Read and Understood Project Read and Understood 2.1

An issue was discovered in the read-and-understood plugin 2.1 for WordPress.

6.8
2018-01-13 CVE-2018-5658 Responsive Coming Soon Page Project Cross-Site Request Forgery (CSRF) vulnerability in Responsive Coming Soon Page Project Responsive Coming Soon Page 1.1.18

An issue was discovered in the responsive-coming-soon-page plugin 1.1.18 for WordPress.

6.8
2018-01-13 CVE-2018-5656 Weblizar Cross-Site Request Forgery (CSRF) vulnerability in Weblizar Pinterest-Feeds 1.1.1

An issue was discovered in the weblizar-pinterest-feeds plugin 1.1.1 for WordPress.

6.8
2018-01-12 CVE-2017-16739 WE CON Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in We-Con Levistudio HMI Editor Firmware

An issue was discovered in WECON Technology LEVI Studio HMI Editor v1.8.29 and prior.

6.8
2018-01-12 CVE-2017-16737 WE CON Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in We-Con Levistudio HMI Editor Firmware

An issue was discovered in WECON Technology LEVI Studio HMI Editor v1.8.29 and prior.

6.8
2018-01-12 CVE-2017-16886 Fiberhome Cross-Site Request Forgery (CSRF) vulnerability in Fiberhome Lm53Q1 Firmware Vh519R05C01S38

The portal on FiberHome Mobile WIFI Device Model LM53Q1 VH519R05C01S38 uses SOAP based web services in order to interact with the portal.

6.8
2018-01-12 CVE-2016-0335 IBM Cross-Site Request Forgery (CSRF) vulnerability in IBM Security Identity Manager

Cross-site request forgery (CSRF) vulnerability in IBM Security Identity Manager (ISIM) Virtual Appliance 7.0.0.0 through 7.0.1.0 before 7.0.1-ISS-SIM-FP0001 allows remote attackers to hijack the authentication of users for requests that have unspecified impact via unknown vectors.

6.8
2018-01-12 CVE-2018-5368 Srbtranslatin Project Cross-Site Request Forgery (CSRF) vulnerability in Srbtranslatin Project Srbtranslatin 1.46

The SrbTransLatin plugin 1.46 for WordPress has CSRF via an srbtranslatoptions action to wp-admin/options-general.php.

6.8
2018-01-12 CVE-2018-5361 Wpglobus Cross-Site Request Forgery (CSRF) vulnerability in Wpglobus 1.9.6

The WPGlobus plugin 1.9.6 for WordPress has CSRF via wp-admin/options.php.

6.8
2018-01-12 CVE-2018-5345 Fedoraproject
Gnome
Canonical
Debian
Redhat
Out-of-bounds Write vulnerability in multiple products

A stack-based buffer overflow within GNOME gcab through 0.7.4 can be exploited by malicious attackers to cause a crash or, potentially, execute arbitrary code via a crafted .cab file.

6.8
2018-01-11 CVE-2012-0699 Haudenschilt Cross-Site Request Forgery (CSRF) vulnerability in Haudenschilt Family Connections CMS

Multiple cross-site request forgery (CSRF) vulnerabilities in Family Connections CMS (aka FCMS) 2.9 and earlier allow remote attackers to hijack the authentication of arbitrary users for requests that (1) add news via an add action to familynews.php or (2) add a prayer via an add action to prayers.php.

6.8
2018-01-10 CVE-2017-18026 Redmine
Debian
Redmine before 3.2.9, 3.3.x before 3.3.6, and 3.4.x before 3.4.4 does not block the --config and --debugger flags to the Mercurial hg program, which allows remote attackers to execute arbitrary commands (through the Mercurial adapter) via vectors involving a branch whose name begins with a --config= or --debugger= substring, a related issue to CVE-2017-17536.
6.8
2018-01-10 CVE-2018-0784 Microsoft Unspecified vulnerability in Microsoft Asp.Net Core 2.0

ASP.NET Core 1.0.

6.8
2018-01-09 CVE-2018-5221 Barcodewiz Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Barcodewiz Barcode Activex Control 2.0/2.52/3.29

Multiple buffer overflows in BarCodeWiz BarCode before 6.7 ActiveX control (BarcodeWiz.DLL) allow remote attackers to execute arbitrary code via a long argument to the (1) BottomText or (2) TopText property.

6.8
2018-01-09 CVE-2018-5308 Podofo Project NULL Pointer Dereference vulnerability in Podofo Project Podofo 0.9.5

PoDoFo 0.9.5 does not properly validate memcpy arguments in the PdfMemoryOutputStream::Write function (base/PdfOutputStream.cpp).

6.8
2018-01-08 CVE-2015-2318 Mono Project
Debian
Improper Certificate Validation vulnerability in multiple products

The TLS stack in Mono before 3.12.1 allows man-in-the-middle attackers to conduct message skipping attacks and consequently impersonate clients by leveraging missing handshake state validation, aka a "SMACK SKIP-TLS" issue.

6.8
2018-01-08 CVE-2018-5285 Wpscoop Cross-Site Request Forgery (CSRF) vulnerability in Wpscoop Imageinject 1.15

The ImageInject plugin 1.15 for WordPress has CSRF via wp-admin/options-general.php.

6.8
2018-01-08 CVE-2017-15913 Navercorp Untrusted Search Path vulnerability in Navercorp Whale

The Installer in Whale allows DLL hijacking.

6.8
2018-01-14 CVE-2018-5700 Magicwinmail Path Traversal vulnerability in Magicwinmail Winmail Server 6.2

Winmail Server through 6.2 allows remote code execution by authenticated users who leverage directory traversal in a netdisk.php copy_folder_file call (in inc/class.ftpfolder.php) to move a .php file from the FTP folder into a web folder.

6.5
2018-01-14 CVE-2018-5697 Icyphoenix SQL Injection vulnerability in Icyphoenix 2.2.0.105

Icy Phoenix 2.2.0.105 allows SQL injection via an unapprove request to admin_kb_art.php or the order parameter to admin_jr_admin.php, related to functions_kb.php.

6.5
2018-01-14 CVE-2018-5695 Wpjobboard SQL Injection vulnerability in Wpjobboard 4.4.4

The WpJobBoard plugin 4.4.4 for WordPress allows SQL injection via the order or sort parameter to the wpjb-job or wpjb-alerts module, with a request to wp-admin/admin.php.

6.5
2018-01-14 CVE-2018-5694 Fop2 Unspecified vulnerability in Fop2 Flash Operator Panel 2.31.03

The callforward module in User Control Panel (UCP) in Nicolas Gudino (aka Asternic) Flash Operator Panel (FOP) 2.31.03 allows remote authenticated users to execute arbitrary commands via the command parameter.

6.5
2018-01-12 CVE-2018-5374 Slidervilla SQL Injection vulnerability in Slidervilla Dbox Slider

The Dbox 3D Slider Lite plugin through 1.2.2 for WordPress has SQL Injection via settings\sliders.php (current_slider_id parameter).

6.5
2018-01-12 CVE-2018-5373 Slidervilla SQL Injection vulnerability in Slidervilla Smooth Slider

The Smooth Slider plugin through 2.8.6 for WordPress has SQL Injection via smooth-slider.php (trid parameter).

6.5
2018-01-12 CVE-2018-5372 Slidervilla SQL Injection vulnerability in Slidervilla Testimonial Slider

The Testimonial Slider plugin through 1.2.4 for WordPress has SQL Injection via settings\sliders.php (current_slider_id parameter).

6.5
2018-01-11 CVE-2014-5070 Microsemi Permissions, Privileges, and Access Controls vulnerability in Microsemi S350I Firmware 2.70.15

Symmetricom s350i 2.70.15 allows remote authenticated users to gain privileges via vectors related to pushing unauthenticated users to the login page.

6.5
2018-01-11 CVE-2014-0087 Redhat Permissions, Privileges, and Access Controls vulnerability in Redhat Cloudforms Management Engine

The check_privileges method in vmdb/app/controllers/application_controller.rb in ManageIQ, as used in Red Hat CloudForms Management Engine (CFME), allows remote authenticated users to bypass authorization and gain privileges by leveraging improper RBAC checking, related to the rbac_user_edit action.

6.5
2018-01-10 CVE-2018-0790 Microsoft Unspecified vulnerability in Microsoft products

Microsoft SharePoint Foundation 2010, Microsoft SharePoint Server 2013 and Microsoft SharePoint Server 2016 allow an elevation of privilege vulnerability due to the way web requests are handled, aka "Microsoft SharePoint Elevation of Privilege Vulnerability".

6.5
2018-01-09 CVE-2018-2363 SAP Code Injection vulnerability in SAP products

SAP NetWeaver, SAP BASIS from 7.00 to 7.02, from 7.10 to 7.11, 7.30, 7.31, 7.40, from 7.50 to 7.52, contains code that allows you to execute arbitrary program code of the user's choice.

6.5
2018-01-09 CVE-2018-2361 SAP Incorrect Authorization vulnerability in SAP Solution Manager 7.20

In SAP Solution Manager 7.20, the role SAP_BPO_CONFIG gives the Business Process Operations (BPO) configuration user more authorization than required for configuring the BPO tools.

6.5
2018-01-08 CVE-2018-5259 Discuz Unspecified vulnerability in Discuz Discuzx X3.4

Discuz! DiscuzX X3.4 allows remote authenticated users to bypass intended attachment-deletion restrictions via a modified aid parameter.

6.5
2018-01-13 CVE-2018-0486 Shibboleth
Debian
Improper Verification of Cryptographic Signature vulnerability in multiple products

Shibboleth XMLTooling-C before 1.6.3, as used in Shibboleth Service Provider before 2.6.0 on Windows and other products, mishandles digital signatures of user attribute data, which allows remote attackers to obtain sensitive information or conduct impersonation attacks via a crafted DTD.

6.4
2018-01-12 CVE-2017-16732 Advantech Use After Free vulnerability in Advantech Webaccess

A use-after-free issue was discovered in Advantech WebAccess versions prior to 8.3.

6.4
2018-01-12 CVE-2017-13183 Google Race Condition vulnerability in Google Android 8.1

In the OMXNodeInstance::useBuffer and IOMX::freeBuffer functions, there is a possible use after free due to a race condition if the user frees the buffer while it's being used in another thread.

6.2
2018-01-10 CVE-2017-3765 Lenovo
IBM
Improper Authentication vulnerability in Lenovo Enterprise Network Operating System

In Enterprise Networking Operating System (ENOS) in Lenovo and IBM RackSwitch and BladeCenter products, an authentication bypass known as "HP Backdoor" was discovered during a Lenovo security audit in the serial console, Telnet, SSH, and Web interfaces.

6.2
2018-01-10 CVE-2018-0003 Juniper Unspecified vulnerability in Juniper Junos

A specially crafted MPLS packet received or processed by the system, on an interface configured with MPLS, will store information in the system memory.

6.1
2018-01-08 CVE-2018-5279 Malwarebytes Improper Input Validation vulnerability in Malwarebytes 3.3.1.2183

** DISPUTED ** In Malwarebytes Premium 3.3.1.2183, the driver file (FARFLT.SYS) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x9c40e02c.

6.1
2018-01-08 CVE-2018-5278 Malwarebytes Improper Input Validation vulnerability in Malwarebytes 3.3.1.2183

** DISPUTED ** In Malwarebytes Premium 3.3.1.2183, the driver file (FARFLT.SYS) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x9c40e00c.

6.1
2018-01-08 CVE-2018-5277 Malwarebytes Improper Input Validation vulnerability in Malwarebytes 3.3.1.2183

** DISPUTED ** In Malwarebytes Premium 3.3.1.2183, the driver file (FARFLT.SYS) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x9c40e000.

6.1
2018-01-08 CVE-2018-5276 Malwarebytes Improper Input Validation vulnerability in Malwarebytes 3.3.1.2183

** DISPUTED ** In Malwarebytes Premium 3.3.1.2183, the driver file (FARFLT.SYS) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x9c40e018.

6.1
2018-01-08 CVE-2018-5275 Malwarebytes Improper Input Validation vulnerability in Malwarebytes 3.3.1.2183

** DISPUTED ** In Malwarebytes Premium 3.3.1.2183, the driver file (FARFLT.SYS) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x9C40E020.

6.1
2018-01-08 CVE-2018-5274 Malwarebytes Improper Input Validation vulnerability in Malwarebytes 3.3.1.2183

** DISPUTED ** In Malwarebytes Premium 3.3.1.2183, the driver file (FARFLT.SYS) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x9C40E024.

6.1
2018-01-08 CVE-2018-5273 Malwarebytes Improper Input Validation vulnerability in Malwarebytes 3.3.1.2183

** DISPUTED ** In Malwarebytes Premium 3.3.1.2183, the driver file (FARFLT.SYS) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x9c40e014.

6.1
2018-01-08 CVE-2018-5272 Malwarebytes Improper Input Validation vulnerability in Malwarebytes 3.3.1.2183

** DISPUTED ** In Malwarebytes Premium 3.3.1.2183, the driver file (FARFLT.SYS) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x9c40e004.

6.1
2018-01-08 CVE-2018-5271 Malwarebytes Improper Input Validation vulnerability in Malwarebytes 3.3.1.2183

** DISPUTED ** In Malwarebytes Premium 3.3.1.2183, the driver file (FARFLT.SYS) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x9c40e008.

6.1
2018-01-08 CVE-2018-5270 Malwarebytes Improper Input Validation vulnerability in Malwarebytes 3.3.1.2183

** DISPUTED ** In Malwarebytes Premium 3.3.1.2183, the driver file (FARFLT.SYS) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x9c40e010.

6.1
2018-01-10 CVE-2017-9795 Apache Information Exposure vulnerability in Apache Geode

When an Apache Geode cluster before v1.3.0 is operating in secure mode, a user with read access to specific regions within a Geode cluster may execute OQL queries that allow read and write access to objects within unauthorized regions.

6.0
2018-01-10 CVE-2018-0005 Juniper Improper Check for Unusual or Exceptional Conditions vulnerability in Juniper Junos 14.1X53/15.1/15.1X53

QFX and EX Series switches configured to drop traffic when the MAC move limit is exceeded will forward traffic instead of dropping traffic.

5.8
2018-01-10 CVE-2017-1534 IBM Open Redirect vulnerability in IBM products

IBM Security Access Manager Appliance 8.0.0 and 9.0.0 could allow a remote attacker to conduct phishing attacks, using an open redirect attack.

5.8
2018-01-10 CVE-2017-7559 Redhat HTTP Request Smuggling vulnerability in Redhat Undertow

In Undertow 2.x before 2.0.0.Alpha2, 1.4.x before 1.4.17.Final, and 1.3.x before 1.3.31.Final, it was found that the fix for CVE-2017-2666 was incomplete and invalid characters are still allowed in the query string and path parameters.

5.8
2018-01-09 CVE-2017-1668 IBM Open Redirect vulnerability in IBM Security KEY Lifecycle Manager

IBM Tivoli Key Lifecycle Manager 2.5, 2.6, and 2.7 could allow a remote attacker to conduct phishing attacks, using an open redirect attack.

5.8
2018-01-08 CVE-2018-5301 Magento Cross-Site Request Forgery (CSRF) vulnerability in Magento

Magento Community Edition and Enterprise Edition before 2.0.10 and 2.1.x before 2.1.2 have CSRF resulting in deletion of a customer address from an address book, aka APPSEC-1433.

5.8
2018-01-10 CVE-2017-12622 Apache Information Exposure vulnerability in Apache Geode

When an Apache Geode cluster before v1.3.0 is operating in secure mode and an authenticated user connects to a Geode cluster using the gfsh tool with HTTP, the user is able to obtain status information and control cluster members even without CLUSTER:MANAGE privileges.

5.5
2018-01-09 CVE-2017-1666 IBM XXE vulnerability in IBM Security KEY Lifecycle Manager

IBM Tivoli Key Lifecycle Manager 2.5, 2.6, and 2.7 is vulnerable to a XML External Entity Injection (XXE) attack when processing XML data.

5.5
2018-01-09 CVE-2017-1493 IBM Improper Privilege Management vulnerability in IBM Urbancode Deploy

IBM UrbanCode Deploy (UCD) 6.1 and 6.2 could allow an authenticated user to edit objects that they should not have access to due to improper access controls.

5.5
2018-01-12 CVE-2014-8166 Cups Improper Input Validation vulnerability in Cups

The browsing feature in the server in CUPS does not filter ANSI escape sequences from shared printer names, which might allow remote attackers to execute arbitrary code via a crafted printer name.

5.1
2018-01-13 CVE-2018-5682 Prestashop Information Exposure vulnerability in Prestashop 1.7.2.4

PrestaShop 1.7.2.4 allows user enumeration via the Reset Password feature, by noticing which reset attempts do not produce a "This account does not exist" error message.

5.0
2018-01-12 CVE-2017-13222 Google Information Exposure vulnerability in Google Android

An information disclosure vulnerability in the Upstream kernel kernel.

5.0
2018-01-12 CVE-2017-13219 Google Unspecified vulnerability in Google Android

A denial of service vulnerability in the Upstream kernel synaptics touchscreen controller.

5.0
2018-01-12 CVE-2017-13207 Google Information Exposure vulnerability in Google Android

An information disclosure vulnerability in the Android media framework (stagefright mpeg4writer).

5.0
2018-01-12 CVE-2017-13206 Google Information Exposure vulnerability in Google Android

An information disclosure vulnerability in the Android media framework (aacdec).

5.0
2018-01-12 CVE-2017-13202 Google Information Exposure vulnerability in Google Android

An information disclosure vulnerability in the Android media framework (libeffects).

5.0
2018-01-12 CVE-2017-13201 Google Information Exposure vulnerability in Google Android

An information disclosure vulnerability in the Android media framework (mediadrm).

5.0
2018-01-12 CVE-2017-13200 Google Information Exposure vulnerability in Google Android

An information disclosure vulnerability in the Android media framework (av) related to id3 unsynchronization.

5.0
2018-01-12 CVE-2017-0846 Google Information Exposure vulnerability in Google Android

An information disclosure vulnerability in the Android framework (clipboardservice).

5.0
2018-01-12 CVE-2015-9250 Skyboxsecurity Path Traversal vulnerability in Skyboxsecurity Skybox Platform

An issue was discovered in Skybox Platform before 7.5.201.

5.0
2018-01-12 CVE-2017-16741 Phoenixcontact Information Exposure vulnerability in Phoenixcontact products

An Information Exposure issue was discovered in PHOENIX CONTACT FL SWITCH 3xxx, 4xxx, and 48xxx Series products running firmware Version 1.0 to 1.32.

5.0
2018-01-12 CVE-2017-16887 Fiberhome Permission Issues vulnerability in Fiberhome Lm53Q1 Firmware Vh519R05C01S38

The portal on FiberHome Mobile WIFI Device Model LM53Q1 VH519R05C01S38 uses SOAP based web services in order to interact with the portal.

5.0
2018-01-12 CVE-2017-16885 Fiberhome Incorrect Permission Assignment for Critical Resource vulnerability in Fiberhome Lm53Q1 Firmware Vh519R05C01S38

Improper Permissions Handling in the Portal on FiberHome LM53Q1 VH519R05C01S38 devices (intended for obtaining information about Internet Usage, Changing Passwords, etc.) allows remote attackers to look for the information without authenticating.

5.0
2018-01-12 CVE-2016-0332 IBM 7PK - Security Features vulnerability in IBM Security Identity Manager Virtual Appliance

IBM Security Identity Manager (ISIM) Virtual Appliance 7.0.0.0 through 7.0.1.0 before 7.0.1-ISS-SIM-FP0001 do not properly restrict failed login attempts, which makes it easier for remote attackers to obtain access via a brute-force approach.

5.0
2018-01-12 CVE-2015-3888 Jolla Improper Access Control vulnerability in Jolla Sailfish OS

Jolla Sailfish OS before 1.1.2.16 allows remote attackers to spoof phone numbers and trigger calls to arbitrary numbers via spaces in a tel: URL.

5.0
2018-01-12 CVE-2015-2298 Etherpad Information Exposure vulnerability in Etherpad 1.5.0/1.5.1

node/utils/ExportEtherpad.js in Etherpad 1.5.x before 1.5.2 might allow remote attackers to obtain sensitive information by leveraging an improper substring check when exporting a padID.

5.0
2018-01-12 CVE-2014-6437 Aztech Information Exposure vulnerability in Aztech products

Aztech ADSL DSL5018EN (1T1R), DSL705E, and DSL705EU devices allow remote attackers to obtain sensitive device configuration information via vectors involving the ROM file.

5.0
2018-01-12 CVE-2014-6435 Aztech Improper Authentication vulnerability in Aztech products

cgi-bin/AZ_Retrain.cgi in Aztech ADSL DSL5018EN (1T1R), DSL705E, and DSL705EU devices does not check for authentication, which allows remote attackers to cause a denial of service (WAN connectivity reset) via a direct request.

5.0
2018-01-12 CVE-2018-5327 Cmcm
Google
Unspecified vulnerability in Cmcm Armorfly Browser & Downloader 1.1.05.0010

Cheetah Mobile Armorfly Browser & Downloader 1.1.05.0010, when installed on unspecified "older" Android platforms, allows Same Origin Policy Bypass.

5.0
2018-01-12 CVE-2018-5326 Cmcm
Google
Unspecified vulnerability in Cmcm CM Browser 5.22.06.0012

Cheetah Mobile CM Browser 5.22.06.0012, when installed on unspecified "older" Android platforms, allows Same Origin Policy Bypass.

5.0
2018-01-12 CVE-2017-16736 Advantech Unrestricted Upload of File with Dangerous Type vulnerability in Advantech Webaccess

An Unrestricted Upload Of File With Dangerous Type issue was discovered in Advantech WebAccess versions prior to 8.3.

5.0
2018-01-11 CVE-2018-5336 Wireshark
Debian
Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products

In Wireshark 2.4.0 to 2.4.3 and 2.2.0 to 2.2.11, the JSON, XML, NTP, XMPP, and GDB dissectors could crash.

5.0
2018-01-11 CVE-2017-18016 Parity Origin Validation Error vulnerability in Parity Browser 1.6.10

Parity Browser 1.6.10 and earlier allows remote attackers to bypass the Same Origin Policy and obtain sensitive information by requesting other websites via the Parity web proxy engine (reusing the current website's token, which is not bound to an origin).

5.0
2018-01-11 CVE-2014-5068 Microsemi Path Traversal vulnerability in Microsemi S350I Firmware 2.70.15

Directory traversal vulnerability in the web application in Symmetricom s350i 2.70.15 allows remote attackers to read arbitrary files via a (1) ../ (dot dot slash) or (2) ..\ (dot dot forward slash) before a file name.

5.0
2018-01-10 CVE-2017-9712 Google Out-of-bounds Read vulnerability in Google Android

In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, if userspace provides a too-large IE length in wlan_hdd_cfg80211_set_ie, a buffer over-read occurs.

5.0
2018-01-10 CVE-2017-15850 Google Information Exposure vulnerability in Google Android

In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, userspace can read values from audio codec registers.

5.0
2018-01-10 CVE-2017-14870 Google Information Exposure vulnerability in Google Android

In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, while updating the recovery message for eMMC devices, 1088 bytes of stack memory can potentially be leaked.

5.0
2018-01-10 CVE-2017-14869 Google Information Exposure vulnerability in Google Android

In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, while performing update of FOTA partition, uninitialized data can be pushed to storage.

5.0
2018-01-10 CVE-2017-11066 Google Information Exposure vulnerability in Google Android

In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, while flashing ubi image an uninitialized memory could be accessed.

5.0
2018-01-10 CVE-2017-17662 Yawcam Path Traversal vulnerability in Yawcam

Directory traversal in the HTTP server on Yawcam 0.2.6 through 0.6.0 devices allows attackers to read arbitrary files through a sequence of the form '.x./' or '....\x/' where x is a pattern composed of one or more (zero or more for the second pattern) of either \ or ..\ -- for example a '.\./', '....\/' or '...\./' sequence.

5.0
2018-01-10 CVE-2017-15665 Flexense Improperly Implemented Security Check for Standard vulnerability in Flexense Diskboss 8.5.12

In Flexense DiskBoss Enterprise 8.5.12, the Control Protocol suffers from a denial of service vulnerability.

5.0
2018-01-10 CVE-2017-15664 Flexense Improperly Implemented Security Check for Standard vulnerability in Flexense Syncbreeze 10.1.16

In Flexense Sync Breeze Enterprise v10.1.16, the Control Protocol suffers from a denial of service vulnerability.

5.0
2018-01-10 CVE-2017-15663 Flexense Improperly Implemented Security Check for Standard vulnerability in Flexense Disk Pulse 10.1.18

In Flexense Disk Pulse Enterprise v10.1.18, the Control Protocol suffers from a denial of service vulnerability.

5.0
2018-01-10 CVE-2017-15662 Flexense Improperly Implemented Security Check for Standard vulnerability in Flexense VX Search 10.1.12

In Flexense VX Search Enterprise v10.1.12, the Control Protocol suffers from a denial of service vulnerability.

5.0
2018-01-10 CVE-2018-0786 Microsoft Improper Certificate Validation vulnerability in Microsoft .Net Core, .Net Framework and Powershell Core

Microsoft .NET Framework 2.0 SP2, 3.0 SP2, 3.5, 3.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, .NET Core 1.0 and 2.0, and PowerShell Core 6.0.0 allow a security feature bypass vulnerability due to the way certificates are validated, aka ".NET Security Feature Bypass Vulnerability."

5.0
2018-01-10 CVE-2018-0764 Microsoft Unspecified vulnerability in Microsoft .Net Core, .Net Framework and Powershell Core

Microsoft .NET Framework 1.1, 2.0, 3.0, 3.5, 3.5.1, 4, 4.5, 4.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2 and 5.7 and .NET Core 1.0.

5.0
2018-01-09 CVE-2018-4871 Redhat
Adobe
Out-of-bounds Read vulnerability in multiple products

An Out-of-bounds Read issue was discovered in Adobe Flash Player before 28.0.0.137.

5.0
2018-01-09 CVE-2017-9663 GM Cleartext Storage of Sensitive Information vulnerability in GM Shanghai Onstar 7.1

An Cleartext Storage of Sensitive Information issue was discovered in General Motors (GM) and Shanghai OnStar (SOS) SOS iOS Client 7.1.

5.0
2018-01-09 CVE-2017-1671 IBM Path Traversal vulnerability in IBM Security KEY Lifecycle Manager

IBM Tivoli Key Lifecycle Manager 2.5, 2.6, and 2.7 could allow a remote attacker to traverse directories on the system.

5.0
2018-01-09 CVE-2018-2362 SAP Unspecified vulnerability in SAP Hana 1.00/2.00

A remote unauthenticated attacker, SAP HANA 1.00 and 2.00, could send specially crafted SOAP requests to the SAP Startup Service and disclose information such as the platform's hostname.

5.0
2018-01-09 CVE-2018-2360 SAP Missing Authentication for Critical Function vulnerability in SAP Kernel 7.45/7.49/7.52

SAP Startup Service, SAP KERNEL 7.45, 7.49, and 7.52, is missing an authentication check for functionalities that require user identity and cause consumption of file system storage.

5.0
2018-01-09 CVE-2012-3353 Apache Information Exposure vulnerability in Apache Sling JCR Contentloader 2.1.4

The Apache Sling JCR ContentLoader 2.1.4 XmlReader used in the Sling JCR content loader module makes it possible to import arbitrary files in the content repository, including local files, causing potential information leaks.

5.0
2018-01-08 CVE-2015-2319 Mono Project Improper Certificate Validation vulnerability in Mono-Project Mono

The TLS stack in Mono before 3.12.1 makes it easier for remote attackers to conduct cipher-downgrade attacks to EXPORT_RSA ciphers via crafted TLS traffic, related to the "FREAK" issue, a different vulnerability than CVE-2015-0204.

5.0
2018-01-08 CVE-2018-5283 Photos IN Wifi Project Path Traversal vulnerability in Wifi 1.0.1

The Photos in Wifi application 1.0.1 for iOS has directory traversal via the ext parameter to assets-library://asset/asset.php.

5.0
2018-01-08 CVE-2018-5298 PG Inadequate Encryption Strength vulnerability in PG Oral-B APP 5.0.0

In the Procter & Gamble "Oral-B App" (aka com.pg.oralb.oralbapp) application 5.0.0 for Android, AES encryption with static parameters is used to secure the locally stored shared preferences.

5.0
2018-01-08 CVE-2018-5291 GD Rating System Project Path Traversal vulnerability in GD Rating System Project GD Rating System 2.3

The GD Rating System plugin 2.3 for WordPress has Directory Traversal in the wp-admin/admin.php panel parameter for the gd-rating-system-tools page.

5.0
2018-01-08 CVE-2018-5290 GD Rating System Project Path Traversal vulnerability in GD Rating System Project GD Rating System 2.3

The GD Rating System plugin 2.3 for WordPress has Directory Traversal in the wp-admin/admin.php panel parameter for the gd-rating-system-transfer page.

5.0
2018-01-08 CVE-2018-5289 GD Rating System Project Path Traversal vulnerability in GD Rating System Project GD Rating System 2.3

The GD Rating System plugin 2.3 for WordPress has Directory Traversal in the wp-admin/admin.php panel parameter for the gd-rating-system-information page.

5.0
2018-01-08 CVE-2018-5287 GD Rating System Project Path Traversal vulnerability in GD Rating System Project GD Rating System 2.3

The GD Rating System plugin 2.3 for WordPress has Directory Traversal in the wp-admin/admin.php panel parameter for the gd-rating-system-about page.

5.0
2018-01-08 CVE-2018-5266 Cobham Information Exposure vulnerability in Cobham SEA TEL 121 Firmware 222701

Cobham Sea Tel 121 build 222701 devices allow remote attackers to obtain potentially sensitive information about valid usernames by reading the loginName lines at the js/userLogin.js URI.

5.0
2018-01-14 CVE-2017-15128 Linux
Redhat
Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products

A flaw was found in the hugetlb_mcopy_atomic_pte function in mm/hugetlb.c in the Linux kernel before 4.13.12.

4.9
2018-01-14 CVE-2017-15127 Linux
Redhat
A flaw was found in the hugetlb_mcopy_atomic_pte function in mm/hugetlb.c in the Linux kernel before 4.13.
4.9
2018-01-11 CVE-2018-5333 Linux
Debian
Canonical
NULL Pointer Dereference vulnerability in Linux Kernel

In the Linux kernel through 4.14.13, the rds_cmsg_atomic function in net/rds/rdma.c mishandles cases where page pinning fails or an invalid address is supplied, leading to an rds_atomic_free_op NULL pointer dereference.

4.9
2018-01-10 CVE-2017-1459 IBM Incorrect Permission Assignment for Critical Resource vulnerability in IBM products

IBM Security Access Manager Appliance 8.0.0 and 9.0.0 specifies permissions for a security-critical resource in a way that allows that resource to be read or modified by unintended actors.

4.9
2018-01-10 CVE-2016-9722 IBM Improper Access Control vulnerability in IBM Qradar Security Information and Event Manager

IBM QRadar 7.2 and 7.3 specifies permissions for a security-critical resource in a way that allows that resource to be read or modified by unintended actors.

4.9
2018-01-09 CVE-2017-15129 Linux Use After Free vulnerability in Linux Kernel

A use-after-free vulnerability was found in network namespaces code affecting the Linux kernel before 4.14.11.

4.9
2018-01-08 CVE-2014-2071 Arubanetworks Permissions, Privileges, and Access Controls vulnerability in Arubanetworks Clearpass 6.1/6.2/6.3

Aruba Networks ClearPass Policy Manager 6.1.x, 6.2.x before 6.2.5.61640 and 6.3.x before 6.3.0.61712, when configured to use tunneled and non-tunneled EAP methods in a single policy construct, allows remote authenticated users to gain privileges by advertising independent inner and outer identities within a tunneled EAP method.

4.9
2018-01-12 CVE-2017-13218 Google Information Exposure vulnerability in Google Android

Access to CNTVCT_EL0 in Small Cell SoC, Snapdragon Automobile, Snapdragon Mobile and Snapdragon Wear could be used for side channel attacks and this could lead to local information disclosure with no additional execution privileges needed in FSM9055, IPQ4019, IPQ8064, MDM9206, MDM9607, MDM9635M, MDM9640, MDM9650, MSM8909W, QCA4531, QCA9980, QCN5502, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 810, SD 820, SD 820A, SD 835, SD 845.

4.7
2018-01-12 CVE-2017-13226 Google Unspecified vulnerability in Google Android

An elevation of privilege vulnerability in the MediaTek mtk.

4.6
2018-01-12 CVE-2017-13221 Google Unspecified vulnerability in Google Android

An elevation of privilege vulnerability in the Upstream kernel wifi driver.

4.6
2018-01-12 CVE-2017-13220 Google Type Confusion vulnerability in Google Android

An elevation of privilege vulnerability in the Upstream kernel bluez.

4.6
2018-01-12 CVE-2017-13213 Google Unspecified vulnerability in Google Android

An elevation of privilege vulnerability in the Broadcom bcmdhd driver.

4.6
2018-01-12 CVE-2017-13212 Google Unspecified vulnerability in Google Android

An elevation of privilege vulnerability in the Android system (systemui).

4.6
2018-01-12 CVE-2017-14030 Moxa Unquoted Search Path or Element vulnerability in Moxa Mxview 2.8

An issue was discovered in Moxa MXview v2.8 and prior.

4.6
2018-01-12 CVE-2016-0327 IBM Permissions, Privileges, and Access Controls vulnerability in IBM Security Identity Manager Virtual Appliance

IBM Security Identity Manager (ISIM) Virtual Appliance 7.0.0.0 through 7.0.1.0 before 7.0.1-ISS-SIM-FP0001 allows local users to gain administrator privileges via unspecified vectors.

4.6
2018-01-12 CVE-2014-7952 Google Injection vulnerability in Google Android

The backup mechanism in the adb tool in Android might allow attackers to inject additional applications (APKs) and execute arbitrary code by leveraging failure to filter application data streams.

4.6
2018-01-12 CVE-2018-5344 Linux
Canonical
Redhat
Use After Free vulnerability in multiple products

In the Linux kernel through 4.14.13, drivers/block/loop.c mishandles lo_release serialization, which allows attackers to cause a denial of service (__lock_acquire use-after-free) or possibly have unspecified other impact.

4.6
2018-01-10 CVE-2017-9705 Google Double Free vulnerability in Google Android

In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, concurrent rx notifications and read() operations in the G-Link PKT driver can result in a double free condition due to missing locking resulting in list_del() and list_add() overlapping and corrupting the next and previous pointers.

4.6
2018-01-10 CVE-2017-9689 Google Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android

In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, a specially-crafted HDMI CEC message can be used to cause stack memory corruption.

4.6
2018-01-10 CVE-2017-15848 Google Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android

In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, in the fastrpc kernel driver, a buffer overflow vulnerability from userspace may potentially exist.

4.6
2018-01-10 CVE-2017-15845 Google Improper Input Validation vulnerability in Google Android

In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, an invalid input of firmware size (negative value) from user space can potentially lead to the memory leak or buffer overflow during the WLAN cal data store operation.

4.6
2018-01-10 CVE-2017-14879 Google Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android

In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, by calling an IPA ioctl and searching for routing/filer/hdr rule handle from ipa_idr pointer using ipa_idr_find() function, the wrong structure pointer can be returned resulting in a slab out of bound access in the IPA driver.

4.6
2018-01-10 CVE-2017-14873 Google Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android

In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, in the pp_pgc_get_config() graphics driver function, a kernel memory overwrite can potentially occur.

4.6
2018-01-10 CVE-2017-11081 Google Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android

In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, there is a potential buffer overflow vulnerability in hdd_parse_setrmcenable_command and hdd_parse_setrmcactionperiod_command APIs as buffers defined in this API can hold maximum 32 bytes but data more than 32 bytes can get copied.

4.6
2018-01-10 CVE-2017-11080 Google Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android

In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, while processing a user supplied sparse image, a buffer overflow vulnerability could occur if the sparse header block size is equal to 4294967296.

4.6
2018-01-10 CVE-2017-11003 Google Classic Buffer Overflow vulnerability in Google Android

In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, while updating a firmware image, data is read from flash into RAM without checking that the data fits into allotted RAM size.

4.6
2018-01-10 CVE-2017-12189 Redhat Unspecified vulnerability in Redhat products

It was discovered that the jboss init script as used in Red Hat JBoss Enterprise Application Platform 7.0.7.GA performed unsafe file handling which could result in local privilege escalation.

4.6
2018-01-09 CVE-2017-15131 Freedesktop
Redhat
Improper Access Control vulnerability in multiple products

It was found that system umask policy is not being honored when creating XDG user directories, since Xsession sources xdg-user-dirs.sh before setting umask policy.

4.6
2018-01-09 CVE-2017-1612 IBM Unspecified vulnerability in IBM Websphere MQ

IBM WebSphere MQ 7.0, 7.1, 7.5, 8.0, and 9.0 service trace module could be used to execute untrusted code under 'mqm' user.

4.6
2018-01-10 CVE-2017-15847 Google Race Condition vulnerability in Google Android

In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, in the SPCom kernel driver, a race condition exists when creating a channel.

4.4
2018-01-10 CVE-2017-7536 Redhat Unsafe Reflection vulnerability in Redhat Hibernate Validator

In Hibernate Validator 5.2.x before 5.2.5 final, 5.3.x, and 5.4.x, it was found that when the security manager's reflective permissions, which allows it to access the private members of the class, are granted to Hibernate Validator, a potential privilege escalation can occur.

4.4
2018-01-14 CVE-2018-5688 Ilias Cross-site Scripting vulnerability in Ilias

ILIAS before 5.2.4 has XSS via the cmd parameter to the displayHeader function in setup/classes/class.ilSetupGUI.php in the Setup component.

4.3
2018-01-14 CVE-2018-5692 Piwigo Cross-site Scripting vulnerability in Piwigo 2.8.2

Piwigo v2.8.2 has XSS via the `tab`, `to`, `section`, `mode`, `installstatus`, and `display` parameters of the `admin.php` file.

4.3
2018-01-14 CVE-2018-5686 Artifex
Debian
Infinite Loop vulnerability in multiple products

In MuPDF 1.12.0, there is an infinite loop vulnerability and application hang in the pdf_parse_array function (pdf/pdf-parse.c) because EOF is not considered.

4.3
2018-01-14 CVE-2018-5685 Graphicsmagick
Debian
Infinite Loop vulnerability in multiple products

In GraphicsMagick 1.3.27, there is an infinite loop and application hang in the ReadBMPImage function (coders/bmp.c).

4.3
2018-01-13 CVE-2018-5655 Weblizar Cross-site Scripting vulnerability in Weblizar Pinterest-Feeds 1.1.1

An issue was discovered in the weblizar-pinterest-feeds plugin 1.1.1 for WordPress.

4.3
2018-01-13 CVE-2018-5654 Weblizar Cross-site Scripting vulnerability in Weblizar Pinterest-Feeds 1.1.1

An issue was discovered in the weblizar-pinterest-feeds plugin 1.1.1 for WordPress.

4.3
2018-01-13 CVE-2018-5653 Weblizar Cross-site Scripting vulnerability in Weblizar Pinterest-Feeds 1.1.1

An issue was discovered in the weblizar-pinterest-feeds plugin 1.1.1 for WordPress.

4.3
2018-01-12 CVE-2018-5650 Long Range ZIP Project Infinite Loop vulnerability in Long Range ZIP Project Long Range ZIP 0.631

In Long Range Zip (aka lrzip) 0.631, there is an infinite loop and application hang in the unzip_match function in runzip.c.

4.3
2018-01-12 CVE-2017-18029 Imagemagick
Canonical
Missing Release of Resource after Effective Lifetime vulnerability in multiple products

In ImageMagick 7.0.6-10 Q16, a memory leak vulnerability was found in the function ReadMATImage in coders/mat.c, which allow remote attackers to cause a denial of service via a crafted file.

4.3
2018-01-12 CVE-2017-18027 Imagemagick
Canonical
Missing Release of Resource after Effective Lifetime vulnerability in multiple products

In ImageMagick 7.0.7-1 Q16, a memory leak vulnerability was found in the function ReadMATImage in coders/mat.c, which allow remote attackers to cause a denial of service via a crafted file.

4.3
2018-01-12 CVE-2016-10706 Automattic Cross-site Scripting vulnerability in Automattic Jetpack

The Jetpack plugin before 4.0.3 for WordPress has XSS via a crafted Vimeo link.

4.3
2018-01-12 CVE-2016-10705 Automattic Cross-site Scripting vulnerability in Automattic Jetpack

The Jetpack plugin before 4.0.4 for WordPress has XSS via the Likes module.

4.3
2018-01-12 CVE-2017-18014 Sophos Cross-site Scripting vulnerability in Sophos Sfos 17.0

An NC-25986 issue was discovered in the Logging subsystem of Sophos XG Firewall with SFOS before 17.0.3 MR3.

4.3
2018-01-12 CVE-2015-2981 Yodobashi Improper Certificate Validation vulnerability in Yodobashi 1.2.1.0

The Yodobashi App for Android 1.2.1.0 and earlier does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.

4.3
2018-01-12 CVE-2017-2158 Lhaplus Project Improper Input Validation vulnerability in Lhaplus Project Lhaplus

Improper verification when expanding ZIP64 archives in Lhaplus versions 1.73 and earlier may lead to unintended contents to be extracted from a specially crafted ZIP64 archive.

4.3
2018-01-12 CVE-2017-16864 Atlassian Cross-site Scripting vulnerability in Atlassian Jira

The issue search resource in Atlassian Jira before version 7.4.2 allows remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability in the orderby parameter.

4.3
2018-01-12 CVE-2017-16862 Atlassian Cross-Site Request Forgery (CSRF) vulnerability in Atlassian Jira

The IncomingMailServers resource in Atlassian Jira before version 7.6.2 allows remote attackers to modify the "incoming mail" whitelist setting via a Cross-site request forgery (CSRF) vulnerability.

4.3
2018-01-12 CVE-2017-14594 Atlassian Cross-site Scripting vulnerability in Atlassian Jira

The printable searchrequest issue resource in Atlassian Jira before version 7.2.12 and from version 7.3.0 before 7.6.1 allows remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability in the jqlQuery query parameter.

4.3
2018-01-12 CVE-2018-5376 Discuz Cross-site Scripting vulnerability in Discuz Discuzx 3.4

Discuz! DiscuzX X3.4 has XSS via the include\spacecp\spacecp_upload.php op parameter.

4.3
2018-01-12 CVE-2018-5375 Discuz Cross-site Scripting vulnerability in Discuz Discuzx X3.4

Discuz! DiscuzX X3.4 has XSS via the include\spacecp\spacecp_space.php appid parameter in a delete action.

4.3
2018-01-12 CVE-2018-5358 Imagemagick
Canonical
Missing Release of Resource after Effective Lifetime vulnerability in multiple products

ImageMagick 7.0.7-22 Q16 has memory leaks in the EncodeImageAttributes function in coders/json.c, as demonstrated by the ReadPSDLayersInternal function in coders/psd.c.

4.3
2018-01-12 CVE-2018-5357 Imagemagick
Canonical
Missing Release of Resource after Effective Lifetime vulnerability in multiple products

ImageMagick 7.0.7-22 Q16 has memory leaks in the ReadDCMImage function in coders/dcm.c.

4.3
2018-01-11 CVE-2018-5335 Wireshark
Debian
Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products

In Wireshark 2.4.0 to 2.4.3 and 2.2.0 to 2.2.11, the WCP dissector could crash.

4.3
2018-01-11 CVE-2018-5334 Wireshark
Debian
Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products

In Wireshark 2.4.0 to 2.4.3 and 2.2.0 to 2.2.11, the IxVeriWave file parser could crash.

4.3
2018-01-11 CVE-2012-6682 Dragonbyte Tech Cross-site Scripting vulnerability in Dragonbyte-Tech Vbdownloads Module 1.3.2

Cross-site scripting (XSS) vulnerability in downloads/actions/editdownload.php in the DragonByte Technologies vBDownloads module 1.3.2 and earlier for vBulletin allows remote attackers to inject arbitrary web script or HTML via the mirrors[] parameter.

4.3
2018-01-11 CVE-2012-6671 Dragonbyte Tech Cross-site Scripting vulnerability in Dragonbyte-Tech Forumon RPG Module

Multiple cross-site scripting (XSS) vulnerabilities in actions/main.php in the DragonByte Technologies Forumon RPG module before 1.0.8 for vBulletin when creating a new monster, allow remote attackers to inject arbitrary web script or HTML via the (1) monster[title] or (2) monster[description] parameters.

4.3
2018-01-11 CVE-2012-6670 Dragonbyte Tech Cross-site Scripting vulnerability in Dragonbyte-Tech Vbactivity Module

Multiple cross-site scripting (XSS) vulnerabilities in the DragonByte Technologies vbActivity module before 3.0.1 for vBulletin allow remote attackers to inject arbitrary web script or HTML via the reason parameter in (1) actions/nominatemedal.php or (2) actions/requestmedal.php.

4.3
2018-01-11 CVE-2012-6668 Dragonbyte Tech Cross-site Scripting vulnerability in Dragonbyte-Tech Vbshout Module

Multiple cross-site scripting (XSS) vulnerabilities in the Shout Reports in the DragonByte Technologies vBShout module before 6.0.6 for vBulletin allow remote attackers to inject arbitrary web script or HTML via the (1) reportreason parameter in actions/doreport.php or (2) modnotes parameter in actions/updatereport.php.

4.3
2018-01-11 CVE-2018-1361 IBM Cross-site Scripting vulnerability in IBM Websphere Portal 8.5.0.0/9.0.0.0

IBM WebSphere Portal 8.5 and 9.0 is vulnerable to cross-site scripting.

4.3
2018-01-11 CVE-2012-6667 Dragonbyte Tech Cross-site Scripting vulnerability in Dragonbyte-Tech Vbshout

Cross-site scripting (XSS) vulnerability in vbshout.php in DragonByte Technologies vBShout module for vBulletin allows remote attackers to inject arbitrary web script or HTML via the shout parameter in a shout action.

4.3
2018-01-11 CVE-2018-0118 Cisco Cross-site Scripting vulnerability in Cisco Unified Communications Manager

A vulnerability in the web-based management interface of Cisco Unified Communications Manager could allow an unauthenticated, remote attacker to perform a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device.

4.3
2018-01-10 CVE-2018-0009 Juniper Unspecified vulnerability in Juniper Junos 12.1X46/12.3X48/15.1X49

On Juniper Networks SRX series devices, firewall rules configured to match custom application UUIDs starting with zeros can match all TCP traffic.

4.3
2018-01-10 CVE-2018-0002 Juniper Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Juniper Junos

On SRX Series and MX Series devices with a Service PIC with any ALG enabled, a crafted TCP/IP response packet processed through the device results in memory corruption leading to a flowd daemon crash.

4.3
2018-01-10 CVE-2017-18024 Avantfax Cross-site Scripting vulnerability in Avantfax 3.3.3

AvantFAX 3.3.3 has XSS via an arbitrary parameter name to the default URI, as demonstrated by a parameter whose name contains a SCRIPT element and whose value is 1.

4.3
2018-01-10 CVE-2017-18023 Officetracker Cross-site Scripting vulnerability in Officetracker 11.2.5

Office Tracker 11.2.5 has XSS via the logincount parameter to the /otweb/OTPClientLogin URI.

4.3
2018-01-10 CVE-2017-17841 Paloaltonetworks Unspecified vulnerability in Paloaltonetworks Pan-Os

Palo Alto Networks PAN-OS 6.1, 7.1, and 8.0.x before 8.0.7, when an interface implements SSL decryption with RSA enabled or hosts a GlobalProtect portal or gateway, might allow remote attackers to decrypt TLS ciphertext data by leveraging a Bleichenbacher RSA padding oracle, aka a ROBOT attack.

4.3
2018-01-10 CVE-2017-16878 Paloaltonetworks Cross-site Scripting vulnerability in Paloaltonetworks Pan-Os

Cross-site scripting (XSS) vulnerability in the Captive Portal function in Palo Alto Networks PAN-OS before 8.0.7 allows remote attackers to inject arbitrary web script or HTML by leveraging an unspecified configuration.

4.3
2018-01-10 CVE-2017-15941 Paloaltonetworks Cross-site Scripting vulnerability in Paloaltonetworks Pan-Os

Cross-site scripting (XSS) vulnerability in Palo Alto Networks PAN-OS before 6.1.19, 7.0.x before 7.0.19, 7.1.x before 7.1.14, and 8.0.x before 8.0.7, when the GlobalProtect gateway or portal is configured, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

4.3
2018-01-10 CVE-2017-16514 Websitebaker Cross-site Scripting vulnerability in Websitebaker 2.10.0

Multiple persistent stored Cross-Site-Scripting (XSS) vulnerabilities in the files /wb/admin/admintools/tool.php (Droplet Description) and /install/index.php (Site Title) in WebsiteBaker 2.10.0 allow attackers to insert persistent JavaScript code that gets reflected back to users in multiple areas in the application.

4.3
2018-01-10 CVE-2017-1623 IBM Cross-site Scripting vulnerability in IBM Qradar Security Information and Event Manager

IBM QRadar 7.2 and 7.3 is vulnerable to cross-site scripting.

4.3
2018-01-10 CVE-2017-1533 IBM Cross-site Scripting vulnerability in IBM Security Access Manager 9.0 Firmware

IBM Security Access Manager Appliance 9.0.3 is vulnerable to cross-site scripting.

4.3
2018-01-10 CVE-2016-6810 Apache Cross-site Scripting vulnerability in Apache Activemq

In Apache ActiveMQ 5.x before 5.14.2, an instance of a cross-site scripting vulnerability was identified to be present in the web based administration console.

4.3
2018-01-10 CVE-2017-15717 Apache Cross-site Scripting vulnerability in Apache products

A flaw in the way URLs are escaped and encoded in the org.apache.sling.xss.impl.XSSAPIImpl#getValidHref and org.apache.sling.xss.impl.XSSFilterImpl#isValidHref allows special crafted URLs to pass as valid, although they carry XSS payloads.

4.3
2018-01-10 CVE-2017-1000428 Flatcore Cross-site Scripting vulnerability in Flatcore Flatcore-Cms 1.4.6

flatCore-CMS 1.4.6 is vulnerable to reflected XSS in user_management.php due to the use of $_SERVER['PHP_SELF'] to build links and a stored XSS in the admin log panel by specifying a malformed User-Agent string.

4.3
2018-01-10 CVE-2016-10257 Broadcom Cross-site Scripting vulnerability in Broadcom Advanced Secure Gateway and Symantec Proxysg

The Symantec Advanced Secure Gateway (ASG) 6.6, ASG 6.7 (prior to 6.7.2.1), ProxySG 6.5 (prior to 6.5.10.6), ProxySG 6.6, and ProxySG 6.7 (prior to 6.7.2.1) management console is susceptible to a reflected XSS vulnerability.

4.3
2018-01-10 CVE-2016-10256 Broadcom Cross-site Scripting vulnerability in Broadcom Symantec Proxysg

The Symantec ProxySG 6.5 (prior to 6.5.10.6), 6.6, and 6.7 (prior to 6.7.2.1) management console is susceptible to a reflected XSS vulnerability.

4.3
2018-01-10 CVE-2018-0819 Microsoft Unspecified vulnerability in Microsoft Office 2016

Microsoft Office 2016 for Mac allows an attacker to send a specially crafted email attachment to a user in an attempt to launch a social engineering attack, such as phishing, due to how Outlook for Mac displays encoded email addresses, aka "Spoofing Vulnerability in Microsoft Office for Mac."

4.3
2018-01-10 CVE-2018-0799 Microsoft Cross-site Scripting vulnerability in Microsoft Sharepoint Enterprise Server 2013/2016

Microsoft Access in Microsoft SharePoint Enterprise Server 2013 and Microsoft SharePoint Enterprise Server 2016 allows a cross-site-scripting (XSS) vulnerability due to the way image field values are handled, aka "Microsoft Access Tampering Vulnerability".

4.3
2018-01-10 CVE-2018-0785 Microsoft Cross-Site Request Forgery (CSRF) vulnerability in Microsoft Asp.Net Core 2.0

ASP.NET Core 1.0.

4.3
2018-01-09 CVE-2018-5316 Patsatech Cross-site Scripting vulnerability in Patsatech Sagepay Server Gateway FOR Woocommerce

The "SagePay Server Gateway for WooCommerce" plugin before 1.0.9 for WordPress has XSS via the includes/pages/redirect.php page parameter.

4.3
2018-01-09 CVE-2017-12697 GM Information Exposure vulnerability in GM Shanghai Onstar 7.1

A Man-in-the-Middle issue was discovered in General Motors (GM) and Shanghai OnStar (SOS) SOS iOS Client 7.1.

4.3
2018-01-09 CVE-2017-1000429 Finecms Project Cross-site Scripting vulnerability in Finecms Project Finecms 5.0.10

rui Li finecms 5.0.10 is vulnerable to a reflected XSS in the file Weixin.php.

4.3
2018-01-09 CVE-2017-1000415 Matrixssl Improper Certificate Validation vulnerability in Matrixssl 3.7.2

MatrixSSL version 3.7.2 has an incorrect UTCTime date range validation in its X.509 certificate validation process resulting in some certificates have their expiration (beginning) year extended (delayed) by 100 years.

4.3
2018-01-09 CVE-2015-1208 Ffmpeg Integer Underflow (Wrap or Wraparound) vulnerability in Ffmpeg

Integer underflow in the mov_read_default function in libavformat/mov.c in FFmpeg before 2.4.6 allows remote attackers to obtain sensitive information from heap and/or stack memory via a crafted MP4 file.

4.3
2018-01-09 CVE-2018-5309 Podofo Project Integer Overflow or Wraparound vulnerability in Podofo Project Podofo 0.9.5

In PoDoFo 0.9.5, there is an integer overflow in the PdfObjectStreamParserObject::ReadObjectsFromStream function (base/PdfObjectStreamParserObject.cpp).

4.3
2018-01-08 CVE-2017-7998 Gespage Cross-site Scripting vulnerability in Gespage

Multiple cross-site scripting (XSS) vulnerabilities in Gespage before 7.4.9 allow remote attackers to inject arbitrary web script or HTML via the (1) printer name when adding a printer in the admin panel or (2) username parameter to webapp/users/user_reg.jsp.

4.3
2018-01-08 CVE-2014-5394 Huawei Information Exposure vulnerability in Huawei products

Multiple Huawei Campus switches allow remote attackers to enumerate usernames via vectors involving use of SSH by the maintenance terminal.

4.3
2018-01-08 CVE-2014-5069 Microsemi Cross-site Scripting vulnerability in Microsemi S350I Firmware 2.70.15

Cross-site scripting (XSS) vulnerability in Symmetricom s350i 2.70.15 allows remote attackers to inject arbitrary web script or HTML via vectors involving system logs.

4.3
2018-01-08 CVE-2014-3607 Ldaptive Improper Certificate Validation vulnerability in Ldaptive and Vt-Ldap

DefaultHostnameVerifier in Ldaptive (formerly vt-ldap) does not properly verify that the server hostname matches a domain name in the subject's Common Name (CN) field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate.

4.3
2018-01-08 CVE-2018-5296 Podofo Project Allocation of Resources Without Limits or Throttling vulnerability in Podofo Project Podofo 0.9.5

In PoDoFo 0.9.5, there is an uncontrolled memory allocation in the PdfParser::ReadXRefSubsection function (base/PdfParser.cpp).

4.3
2018-01-08 CVE-2018-5295 Podofo Project Integer Overflow or Wraparound vulnerability in Podofo Project Podofo 0.9.5

In PoDoFo 0.9.5, there is an integer overflow in the PdfXRefStreamParserObject::ParseStream function (base/PdfXRefStreamParserObject.cpp).

4.3
2018-01-08 CVE-2018-5294 Libming
Debian
Integer Overflow or Wraparound vulnerability in multiple products

In libming 0.4.8, there is an integer overflow (caused by an out-of-range left shift) in the readUInt32 function (util/read.c).

4.3
2018-01-08 CVE-2018-5293 GD Rating System Project Cross-site Scripting vulnerability in GD Rating System Project GD Rating System 2.3

The GD Rating System plugin 2.3 for WordPress has XSS via the wp-admin/admin.php panel parameter for the gd-rating-system-tools page.

4.3
2018-01-08 CVE-2018-5292 GD Rating System Project Cross-site Scripting vulnerability in GD Rating System Project GD Rating System 2.3

The GD Rating System plugin 2.3 for WordPress has XSS via the wp-admin/admin.php panel parameter for the gd-rating-system-information page.

4.3
2018-01-08 CVE-2018-5288 GD Rating System Project Cross-site Scripting vulnerability in GD Rating System Project GD Rating System 2.3

The GD Rating System plugin 2.3 for WordPress has XSS via the wp-admin/admin.php panel parameter for the gd-rating-system-transfer page.

4.3
2018-01-08 CVE-2018-5286 GD Rating System Project Cross-site Scripting vulnerability in GD Rating System Project GD Rating System 2.3

The GD Rating System plugin 2.3 for WordPress has XSS via the wp-admin/admin.php panel parameter for the gd-rating-system-about page.

4.3
2018-01-08 CVE-2018-5269 Opencv
Debian
Reachable Assertion vulnerability in multiple products

In OpenCV 3.3.1, an assertion failure happens in cv::RBaseStream::setPos in modules/imgcodecs/src/bitstrm.cpp because of an incorrect integer cast.

4.3
2018-01-08 CVE-2018-5268 Opencv
Debian
Out-of-bounds Write vulnerability in multiple products

In OpenCV 3.3.1, a heap-based buffer overflow happens in cv::Jpeg2KDecoder::readComponent8u in modules/imgcodecs/src/grfmt_jpeg2000.cpp when parsing a crafted image file.

4.3
2018-01-10 CVE-2018-0013 Juniper Information Exposure vulnerability in Juniper Junos Space

A local file inclusion vulnerability in Juniper Networks Junos Space Network Management Platform may allow an authenticated user to retrieve files from the system.

4.0
2018-01-10 CVE-2018-0010 Juniper Improper Privilege Management vulnerability in Juniper Junos Space

A vulnerability in the Juniper Networks Junos Space Security Director allows a user who does not have SSH access to a device to reuse the URL that was created for another user to perform SSH access.

4.0
2018-01-10 CVE-2017-12169 Freeipa Information Exposure vulnerability in Freeipa

It was found that FreeIPA 4.2.0 and later could disclose password hashes to users having the 'System: Read Stage Users' permission.

4.0
2018-01-09 CVE-2017-12695 GM Improper Authentication vulnerability in GM Shanghai Onstar 7.1

An Improper Authentication issue was discovered in General Motors (GM) and Shanghai OnStar (SOS) SOS iOS Client 7.1.

4.0
2018-01-09 CVE-2018-5310 Media From FTP Project Path Traversal vulnerability in Media From FTP Project Media From FTP

In the "Media from FTP" plugin before 9.85 for WordPress, Directory Traversal exists via the searchdir parameter to the wp-admin/admin.php?page=mediafromftp-search-register URI.

4.0
2018-01-08 CVE-2014-7222 Teamspeak Improper Input Validation vulnerability in Teamspeak Teamspeak3

Buffer overflow in TeamSpeak Client 3.0.14 and earlier allows remote authenticated users to cause a denial of service (application crash) by connecting to a channel with a different client instance, and placing crafted data in the Chat/Server tab with two \\ (backslash) characters, a digit, a \ (backslash) character, and "z" in a series of nested img BBCODE tags.

4.0
2018-01-08 CVE-2014-7221 Teamspeak Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Teamspeak Teamspeak3

TeamSpeak Client 3.0.14 and earlier allows remote authenticated users to cause a denial of service (buffer overflow and application crash) by connecting to a channel with a different client instance, and placing crafted data in the Chat/Server tab containing [img]//http:// substrings.

4.0

69 Low Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2018-01-09 CVE-2018-3610 Intel Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Intel Driver & Support Assistant

SEMA driver in Intel Driver and Support Assistant before version 3.1.1 allows a local attacker the ability to read and writing to Memory Status registers potentially allowing information disclosure or a denial of service condition.

3.6
2018-01-08 CVE-2014-5509 Clipboard Project Link Following vulnerability in Clipboard Project Clipboard

clipedit in the Clipboard module for Perl allows local users to delete arbitrary files via a symlink attack on /tmp/clipedit$$.

3.6
2018-01-14 CVE-2018-5691 Sonicwall Cross-site Scripting vulnerability in Sonicwall Analyzer and Global Management System

SonicWall Global Management System (GMS) 8.1 has XSS via the `newName` and `Name` values of the `/sgms/TreeControl` module.

3.5
2018-01-14 CVE-2018-5690 Dotclear Cross-site Scripting vulnerability in Dotclear 2.12.1

Cross-site scripting (XSS) vulnerability in admin/users.php in Dotclear 2.12.1 allows remote authenticated users to inject arbitrary web script or HTML via the nb parameter (aka the page limit number).

3.5
2018-01-14 CVE-2018-5689 Dotclear Cross-site Scripting vulnerability in Dotclear 2.12.1

Cross-site scripting (XSS) vulnerability in admin/auth.php in Dotclear 2.12.1 allows remote authenticated users to inject arbitrary web script or HTML via the malicious user's email.

3.5
2018-01-14 CVE-2018-5687 Newsbee Project Cross-site Scripting vulnerability in Newsbee Project Newsbee

NewsBee allows XSS via the Company Name field in the Settings under admin/admin.php.

3.5
2018-01-13 CVE-2018-5681 Prestashop Cross-site Scripting vulnerability in Prestashop 1.7.2.4

PrestaShop 1.7.2.4 has XSS via source-code editing on the "Pages > Edit page" screen.

3.5
2018-01-13 CVE-2018-5672 Booking Calendar Project Cross-site Scripting vulnerability in Booking Calendar Project Booking Calendar 2.1.7

An issue was discovered in the booking-calendar plugin 2.1.7 for WordPress.

3.5
2018-01-13 CVE-2018-5671 Booking Calendar Project Cross-site Scripting vulnerability in Booking Calendar Project Booking Calendar 2.1.7

An issue was discovered in the booking-calendar plugin 2.1.7 for WordPress.

3.5
2018-01-13 CVE-2018-5670 Booking Calendar Project Cross-site Scripting vulnerability in Booking Calendar Project Booking Calendar 2.1.7

An issue was discovered in the booking-calendar plugin 2.1.7 for WordPress.

3.5
2018-01-13 CVE-2018-5668 Read AND Understood Project Cross-site Scripting vulnerability in Read and Understood Project Read and Understood 2.1

An issue was discovered in the read-and-understood plugin 2.1 for WordPress.

3.5
2018-01-13 CVE-2018-5667 Read AND Understood Project Cross-site Scripting vulnerability in Read and Understood Project Read and Understood 2.1

An issue was discovered in the read-and-understood plugin 2.1 for WordPress.

3.5
2018-01-13 CVE-2018-5666 Responsive Coming Soon Page Project Cross-site Scripting vulnerability in Responsive Coming Soon Page Project Responsive Coming Soon Page 1.1.18

An issue was discovered in the responsive-coming-soon-page plugin 1.1.18 for WordPress.

3.5
2018-01-13 CVE-2018-5665 Responsive Coming Soon Page Project Cross-site Scripting vulnerability in Responsive Coming Soon Page Project Responsive Coming Soon Page 1.1.18

An issue was discovered in the responsive-coming-soon-page plugin 1.1.18 for WordPress.

3.5
2018-01-13 CVE-2018-5664 Responsive Coming Soon Page Project Cross-site Scripting vulnerability in Responsive Coming Soon Page Project Responsive Coming Soon Page 1.1.18

An issue was discovered in the responsive-coming-soon-page plugin 1.1.18 for WordPress.

3.5
2018-01-13 CVE-2018-5663 Responsive Coming Soon Page Project Cross-site Scripting vulnerability in Responsive Coming Soon Page Project Responsive Coming Soon Page 1.1.18

An issue was discovered in the responsive-coming-soon-page plugin 1.1.18 for WordPress.

3.5
2018-01-13 CVE-2018-5662 Responsive Coming Soon Page Project Cross-site Scripting vulnerability in Responsive Coming Soon Page Project Responsive Coming Soon Page 1.1.18

An issue was discovered in the responsive-coming-soon-page plugin 1.1.18 for WordPress.

3.5
2018-01-13 CVE-2018-5661 Responsive Coming Soon Page Project Cross-site Scripting vulnerability in Responsive Coming Soon Page Project Responsive Coming Soon Page 1.1.18

An issue was discovered in the responsive-coming-soon-page plugin 1.1.18 for WordPress.

3.5
2018-01-13 CVE-2018-5660 Responsive Coming Soon Page Project Cross-site Scripting vulnerability in Responsive Coming Soon Page Project Responsive Coming Soon Page 1.1.18

An issue was discovered in the responsive-coming-soon-page plugin 1.1.18 for WordPress.

3.5
2018-01-13 CVE-2018-5659 Responsive Coming Soon Page Project Cross-site Scripting vulnerability in Responsive Coming Soon Page Project Responsive Coming Soon Page 1.1.18

An issue was discovered in the responsive-coming-soon-page plugin 1.1.18 for WordPress.

3.5
2018-01-13 CVE-2018-5657 Responsive Coming Soon Page Project Cross-site Scripting vulnerability in Responsive Coming Soon Page Project Responsive Coming Soon Page 1.1.18

An issue was discovered in the responsive-coming-soon-page plugin 1.1.18 for WordPress.

3.5
2018-01-13 CVE-2018-5652 Dark Mode Project Cross-site Scripting vulnerability in Dark Mode Project Dark Mode 1.6

An issue was discovered in the dark-mode plugin 1.6 for WordPress.

3.5
2018-01-13 CVE-2018-5651 Dark Mode Project Cross-site Scripting vulnerability in Dark Mode Project Dark Mode 1.6

An issue was discovered in the dark-mode plugin 1.6 for WordPress.

3.5
2018-01-12 CVE-2015-9248 Skyboxsecurity Cross-site Scripting vulnerability in Skyboxsecurity Skybox Platform

An issue was discovered in Skybox Platform before 7.5.201.

3.5
2018-01-12 CVE-2015-9247 Skyboxsecurity Cross-site Scripting vulnerability in Skyboxsecurity Skybox Platform 7.5.201

An issue was discovered in Skybox Platform before 7.5.401.

3.5
2018-01-12 CVE-2016-0336 IBM Cross-site Scripting vulnerability in IBM Security Identity Manager

Cross-site scripting (XSS) vulnerability in IBM Security Identity Manager (ISIM) Virtual Appliance 7.0.0.0 through 7.0.1.0 before 7.0.1-ISS-SIM-FP0001 allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.

3.5
2018-01-12 CVE-2018-5369 Srbtranslatin Project Cross-site Scripting vulnerability in Srbtranslatin Project Srbtranslatin 1.46

The SrbTransLatin plugin 1.46 for WordPress has XSS via an srbtranslatoptions action to wp-admin/options-general.php with a lang_identificator parameter.

3.5
2018-01-12 CVE-2018-5367 Wpglobus Cross-site Scripting vulnerability in Wpglobus 1.9.6

The WPGlobus plugin 1.9.6 for WordPress has XSS via the wpglobus_option[post_type][post] parameter to wp-admin/options.php.

3.5
2018-01-12 CVE-2018-5366 Wpglobus Cross-site Scripting vulnerability in Wpglobus 1.9.6

The WPGlobus plugin 1.9.6 for WordPress has XSS via the wpglobus_option[more_languages] parameter to wp-admin/options.php.

3.5
2018-01-12 CVE-2018-5365 Wpglobus Cross-site Scripting vulnerability in Wpglobus 1.9.6

The WPGlobus plugin 1.9.6 for WordPress has XSS via the wpglobus_option[selector_wp_list_pages][show_selector] parameter to wp-admin/options.php.

3.5
2018-01-12 CVE-2018-5364 Wpglobus Cross-site Scripting vulnerability in Wpglobus 1.9.6

The WPGlobus plugin 1.9.6 for WordPress has XSS via the wpglobus_option[browser_redirect][redirect_by_language] parameter to wp-admin/options.php.

3.5
2018-01-12 CVE-2018-5363 Wpglobus Cross-site Scripting vulnerability in Wpglobus 1.9.6

The WPGlobus plugin 1.9.6 for WordPress has XSS via the wpglobus_option[enabled_languages][en] or wpglobus_option[enabled_languages][fr] (or any other language) parameter to wp-admin/options.php.

3.5
2018-01-12 CVE-2018-5362 Wpglobus Cross-site Scripting vulnerability in Wpglobus 1.9.6

The WPGlobus plugin 1.9.6 for WordPress has XSS via the wpglobus_option[post_type][page] parameter to wp-admin/options.php.

3.5
2018-01-11 CVE-2017-1740 IBM Cross-site Scripting vulnerability in IBM Curam Social Program Management

IBM Curam Social Program Management 6.0.5, 6.1.1, 6.2.0, 7.0.1, and 7.0.2 is vulnerable to cross-site scripting.

3.5
2018-01-11 CVE-2017-1739 IBM Cross-site Scripting vulnerability in IBM Curam Social Program Management

IBM Curam Social Program Management 6.0.5, 6.1.1, 6.2.0, and 7.0.1 is vulnerable to cross-site scripting.

3.5
2018-01-10 CVE-2018-0011 Juniper Cross-site Scripting vulnerability in Juniper Junos Space

A reflected cross site scripting (XSS) vulnerability in Junos Space may potentially allow a remote authenticated user to inject web script or HTML and steal sensitive data and credentials from a session, and to perform administrative actions on the Junos Space network management device.

3.5
2018-01-10 CVE-2018-5331 Discuz Cross-site Scripting vulnerability in Discuz Discuzx X3.4

Discuz! DiscuzX X3.4 has XSS via the view parameter to include/space/space_poll.php, as demonstrated by a mod=space do=poll request to home.php.

3.5
2018-01-10 CVE-2017-9796 Apache Information Exposure vulnerability in Apache Geode

When an Apache Geode cluster before v1.3.0 is operating in secure mode, a user with read access to specific regions within a Geode cluster may execute OQL queries containing a region name as a bind parameter that allow read access to objects within unauthorized regions.

3.5
2018-01-09 CVE-2017-1000465 Sulu Cross-site Scripting vulnerability in Sulu Sulu-Standard 1.6.6

Sulu-standard version 1.6.6 is vulnerable to stored cross-site scripting vulnerability, within the page creation page, which can result in disruption of service and execution of javascript code.

3.5
2018-01-09 CVE-2018-5312 Wpshopmart Cross-site Scripting vulnerability in Wpshopmart Tabs Responsive 1.8.0

The tabs-responsive plugin 1.8.0 for WordPress has XSS via the post_title parameter to wp-admin/post.php.

3.5
2018-01-09 CVE-2018-5311 Tonjoostudio Cross-site Scripting vulnerability in Tonjoostudio Easy Custom Auto Excerpt 2.4.6

The Easy Custom Auto Excerpt plugin 2.4.6 for WordPress has XSS via the tonjoo_ecae_options[custom_css] parameter to the wp-admin/admin.php?page=tonjoo_excerpt URI.

3.5
2018-01-08 CVE-2018-5263 Stackideas Cross-site Scripting vulnerability in Stackideas Easydiscuss

The StackIdeas EasyDiscuss (aka com_easydiscuss) extension before 4.0.21 for Joomla! allows XSS.

3.5
2018-01-08 CVE-2018-5281 Dell Cross-site Scripting vulnerability in Dell Sonicwall Sonicos

SonicWall SonicOS on Network Security Appliance (NSA) 2017 Q4 devices has XSS via the CFS Custom Category and Cloud AV DB Exclusion Settings screens.

3.5
2018-01-08 CVE-2018-5280 Dell Cross-site Scripting vulnerability in Dell Sonicwall Sonicos

SonicWall SonicOS on Network Security Appliance (NSA) 2016 Q4 devices has XSS via the Configure SSO screens.

3.5
2018-01-08 CVE-2018-5284 Wpscoop Cross-site Scripting vulnerability in Wpscoop Imageinject 1.15

The ImageInject plugin 1.15 for WordPress has XSS via the flickr_appid parameter to wp-admin/options-general.php.

3.5
2018-01-08 CVE-2018-3815 Stalker Improper Authentication vulnerability in Stalker Communigate PRO 6.2

The "XML Interface to Messaging, Scheduling, and Signaling" (XIMSS) protocol implementation in CommuniGate Pro (CGP) 6.2 suffers from a Missing XIMSS Protocol Validation attack that leads to an email spoofing attack, allowing a malicious authenticated attacker to send a message from any source email address.

3.5
2018-01-08 CVE-2018-5071 Cobham Cross-site Scripting vulnerability in Cobham SEA TEL 116 Firmware 222429

Persistent XSS exists in the web server on Cobham Sea Tel 116 build 222429 satellite communication system devices: remote attackers can inject malicious JavaScript code using the device's TELNET shell built-in commands, as demonstrated by the "set ship name" command.

3.5
2018-01-10 CVE-2018-0014 Juniper Information Exposure vulnerability in Juniper Screenos

Juniper Networks ScreenOS devices do not pad Ethernet packets with zeros, and thus some packets can contain fragments of system memory or data from previous packets.

3.3
2018-01-10 CVE-2018-0006 Juniper Allocation of Resources Without Limits or Throttling vulnerability in Juniper Junos

A high rate of VLAN authentication attempts sent from an adjacent host on the local broadcast domain can trigger high memory utilization by the BBE subscriber management daemon (bbe-smgd), and lead to a denial of service condition.

2.9
2018-01-14 CVE-2018-5693 Linuxmagic Information Exposure Through Log Files vulnerability in Linuxmagic Magicspam

The LinuxMagic MagicSpam extension before 2.0.14-1 for Plesk allows local users to discover mailbox names by reading /var/log/magicspam/mslog.

2.1
2018-01-12 CVE-2014-3471 Qemu Use After Free vulnerability in Qemu

Use-after-free vulnerability in hw/pci/pcie.c in QEMU (aka Quick Emulator) allows local guest OS users to cause a denial of service (QEMU instance crash) via hotplug and hotunplug operations of Virtio block devices.

2.1
2018-01-11 CVE-2017-1681 IBM Information Exposure vulnerability in IBM Liberty

IBM WebSphere Application Server (IBM Liberty for Java for Bluemix 3.15) could allow a local attacker to obtain sensitive information, caused by improper handling of application requests, which could allow unauthorized access to read a file.

2.1
2018-01-11 CVE-2017-1478 IBM Information Exposure vulnerability in IBM Security Access Manager 9.0 Firmware

IBM Security Access Manager Appliance 9.0.0 allows web pages to be stored locally which can be read by another user on the system.

2.1
2018-01-10 CVE-2014-5004 Brbackup Project Information Exposure vulnerability in Brbackup Project Brbackup 0.1.1

lib/brbackup.rb in the brbackup gem 0.1.1 for Ruby places the database password on the mysql command line, which allows local users to obtain sensitive information by listing the process.

2.1
2018-01-10 CVE-2014-5003 Ciborg Project Improper Input Validation vulnerability in Ciborg Project Ciborg 3.0.0

chef/travis-cookbooks/ci_environment/perlbrew/recipes/default.rb in the ciborg gem 3.0.0 for Ruby allows local users to write to arbitrary files and gain privileges via a symlink attack on /tmp/perlbrew-installer.

2.1
2018-01-10 CVE-2014-5002 Lynx Project Credentials Management vulnerability in Lynx Project Lynx

The lynx gem before 1.0.0 for Ruby places the configured password on command lines, which allows local users to obtain sensitive information by listing processes.

2.1
2018-01-10 CVE-2014-5001 Kcapifony Project Information Exposure vulnerability in Kcapifony Project Kcapifony 2.1.6

lib/ksymfony1.rb in the kcapifony gem 2.1.6 for Ruby places database user passwords on the (1) mysqldump, (2) pg_dump, (3) mysql, and (4) psql command lines, which allows local users to obtain sensitive information by listing the processes.

2.1
2018-01-10 CVE-2014-5000 Lawn Login Project Information Exposure vulnerability in Lawn-Login Project Lawn-Login 0.0.7

The login function in lib/lawn.rb in the lawn-login gem 0.0.7 for Ruby places credentials on the curl command line, which allows local users to obtain sensitive information by listing the process.

2.1
2018-01-10 CVE-2014-4999 Kajam Project Information Exposure vulnerability in Kajam Project Kajam 1.0.3

vendor/plugins/dataset/lib/dataset/database/mysql.rb in the kajam gem 1.0.3.rc2 for Ruby places the mysql user password on the (1) mysqldump command line in the capture function and (2) mysql command line in the restore function, which allows local users to obtain sensitive information by listing the process.

2.1
2018-01-10 CVE-2014-4998 Lean Ruport Project Information Exposure vulnerability in Lean-Ruport Project Lean-Ruport 0.3.8

test/tc_database.rb in the lean-ruport gem 0.3.8 for Ruby places the mysql user password on the mysqldump command line, which allows local users to obtain sensitive information by listing the process.

2.1
2018-01-10 CVE-2014-4997 Point CLI Project Information Exposure vulnerability in Point-Cli Project Point-Cli 0.0.1

lib/commands/setup.rb in the point-cli gem 0.0.1 for Ruby places credentials on the curl command line, which allows local users to obtain sensitive information by listing the process.

2.1
2018-01-10 CVE-2014-4996 Vladtheenterprising Project Link Following vulnerability in Vladtheenterprising Project Vladtheenterprising 0.2.0

lib/vlad/dba/mysql.rb in the VladTheEnterprising gem 0.2 for Ruby allows local users to write to arbitrary files via a symlink attack on /tmp/my.cnf.#{target_host}.

2.1
2018-01-10 CVE-2014-4994 Gyazo Project Improper Input Validation vulnerability in Gyazo Project Gyazo 1.0.0

lib/gyazo/client.rb in the gyazo gem 1.0.0 for Ruby allows local users to write to arbitrary files via a symlink attack on a temporary file, related to time-based filenames.

2.1
2018-01-10 CVE-2014-4993 Backup Agoddard Project
Backup Checksum Project
Information Exposure vulnerability in multiple products

(1) lib/backup/cli/utility.rb in the backup-agoddard gem 3.0.28 and (2) lib/backup/cli/utility.rb in the backup_checksum gem 3.0.23 for Ruby place credentials on the openssl command line, which allows local users to obtain sensitive information by listing the process.

2.1
2018-01-10 CVE-2014-4992 CAP Strap Project Information Exposure vulnerability in Cap-Strap Project Cap-Strap 0.1.5

lib/cap-strap/helpers.rb in the cap-strap gem 0.1.5 for Ruby places credentials on the useradd command line, which allows local users to obtain sensitive information by listing the process.

2.1
2018-01-10 CVE-2014-4991 Codders Dataset Project Information Exposure vulnerability in Codders-Dataset Project Codders-Dataset 1.3.2.1

(1) lib/dataset/database/mysql.rb and (2) lib/dataset/database/postgresql.rb in the codders-dataset gem 1.3.2.1 for Ruby place credentials on the mysqldump command line, which allows local users to obtain sensitive information by listing the process.

2.1
2018-01-08 CVE-2014-1859 Numpy
Fedoraproject
Redhat
Link Following vulnerability in multiple products

(1) core/tests/test_memmap.py, (2) core/tests/test_multiarray.py, (3) f2py/f2py2e.py, and (4) lib/tests/test_io.py in NumPy before 1.8.1 allow local users to write to arbitrary files via a symlink attack on a temporary file.

2.1
2018-01-08 CVE-2014-1858 Numpy Improper Input Validation vulnerability in Numpy

__init__.py in f2py in NumPy before 1.8.1 allows local users to write to arbitrary files via a symlink attack on a temporary file.

2.1
2018-01-10 CVE-2014-4995 Vladtheenterprising Project Race Condition vulnerability in Vladtheenterprising Project Vladtheenterprising 0.2.0

Race condition in lib/vlad/dba/mysql.rb in the VladTheEnterprising gem 0.2 for Ruby allows local users to obtain sensitive information by reading the MySQL root password from a temporary file before it is removed.

1.9