Weekly Vulnerabilities Reports > February 19 to 25, 2018
Overview
239 new vulnerabilities reported during this period, including 45 critical vulnerabilities and 97 high severity vulnerabilities. This weekly summary report vulnerabilities in 206 products from 117 vendors including Debian, Wireshark, IBM, Cisco, and Google. Vulnerabilities are notably categorized as "Cross-site Scripting", "Information Exposure", "Improper Restriction of Operations within the Bounds of a Memory Buffer", "Infinite Loop", and "SQL Injection".
- 199 reported vulnerabilities are remotely exploitables.
- 64 reported vulnerabilities have public exploit available.
- 80 reported vulnerabilities are related to weaknesses in OWASP Top Ten.
- 159 reported vulnerabilities are exploitable by an anonymous user.
- Debian has the most reported vulnerabilities, with 40 reported vulnerabilities.
- Debian has the most reported critical vulnerabilities, with 5 reported vulnerabilities.
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
EXPLOITABLE
EXPLOITABLE
AVAILABLE
ANONYMOUSLY
WEB APPLICATION
Vulnerability Details
The following table list reported vulnerabilities for the period covered by this report:
45 Critical Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2018-02-24 | CVE-2017-18197 | Jgraph | XXE vulnerability in Jgraph Mxgraph In mxGraphViewImageReader.java in mxGraph before 3.7.6, the SAXParserFactory instance in convert() is missing flags to prevent XML External Entity (XXE) attacks, as demonstrated by /ServerView. | 9.8 |
2018-02-23 | CVE-2017-14910 | Qualcomm | Out-of-bounds Read vulnerability in Qualcomm products In Snapdragon Automobile, Snapdragon IoT and Snapdragon Mobile MDM9206 MDM9607, MDM9650, S820A, S820Am, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 430, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 820, SD 835, and SD 845, a buffer overread is possible if there are no newlines in an input file. | 9.8 |
2018-02-23 | CVE-2018-7440 | Leptonica Debian | OS Command Injection vulnerability in multiple products An issue was discovered in Leptonica through 1.75.3. | 9.8 |
2018-02-23 | CVE-2018-6859 | Schools Alert Management Script Project | SQL Injection vulnerability in Schools Alert Management Script Project Schools Alert Management Script 2.0.2 SQL Injection exists in PHP Scripts Mall Schools Alert Management Script 2.0.2 via the Login Parameter. | 9.8 |
2018-02-23 | CVE-2014-3206 | Seagate | Improper Input Validation vulnerability in Seagate products Seagate BlackArmor NAS allows remote attackers to execute arbitrary code via the session parameter to localhost/backupmgt/localJob.php or the auth_name parameter to localhost/backupmgmt/pre_connect_check.php. | 9.8 |
2018-02-23 | CVE-2014-3205 | Seagate | Use of Hard-coded Credentials vulnerability in Seagate products backupmgt/pre_connect_check.php in Seagate BlackArmor NAS contains a hard-coded password of '!~@##$$%FREDESWWSED' for a backdoor user. | 9.8 |
2018-02-22 | CVE-2018-6489 | Microfocus | XXE vulnerability in Microfocus Project and Portfolio Management Center 9.32 XML External Entity (XXE) vulnerability in Micro Focus Project and Portfolio Management Center, version 9.32. | 9.8 |
2018-02-22 | CVE-2018-6488 | Microfocus | Code Injection vulnerability in Microfocus Ucmdb Configuration Manager 4.10/4.11/4.12 Arbitrary Code Execution vulnerability in Micro Focus Universal CMDB, version 4.10, 4.11, 4.12. | 9.8 |
2018-02-22 | CVE-2018-7319 | OS Property Real Estate Project | SQL Injection vulnerability in OS Property Real Estate Project OS Property Real Estate 3.12.7 SQL Injection exists in the OS Property Real Estate 3.12.7 component for Joomla! via the cooling_system1, heating_system1, or laundry parameter. | 9.8 |
2018-02-22 | CVE-2018-7318 | Belitsoft Oracle | SQL Injection vulnerability in multiple products SQL Injection exists in the CheckList 1.1.1 component for Joomla! via the title_search, tag_search, name_search, description_search, or filter_order parameter. | 9.8 |
2018-02-22 | CVE-2018-7316 | Christianwebministries | Unrestricted Upload of File with Dangerous Type vulnerability in Christianwebministries Proclaim 9.1.1 Arbitrary File Upload exists in the Proclaim 9.1.1 component for Joomla! via a mediafileform action. | 9.8 |
2018-02-22 | CVE-2018-7315 | Harmistechnology | SQL Injection vulnerability in Harmistechnology EK Rishta 2.9 SQL Injection exists in the Ek Rishta 2.9 component for Joomla! via the gender, age1, age2, religion, mothertounge, caste, or country parameter. | 9.8 |
2018-02-22 | CVE-2018-7314 | Mlwebtechnologies | SQL Injection vulnerability in Mlwebtechnologies Prayercenter 3.0.2 SQL Injection exists in the PrayerCenter 3.0.2 component for Joomla! via the sessionid parameter, a different vulnerability than CVE-2008-6429. | 9.8 |
2018-02-22 | CVE-2018-7312 | Alexandriabooklibrary | SQL Injection vulnerability in Alexandriabooklibrary Alexandria Book Library 3.1.2 SQL Injection exists in the Alexandria Book Library 3.1.2 component for Joomla! via the letter parameter. | 9.8 |
2018-02-22 | CVE-2018-7301 | EQ 3 | Missing Authentication for Critical Function vulnerability in Eq-3 Homematic Central Control Unit Ccu2 Firmware 2.29.22 eQ-3 AG HomeMatic CCU2 2.29.22 devices have an open XML-RPC port without authentication. | 9.8 |
2018-02-22 | CVE-2018-7300 | EQ 3 | Path Traversal vulnerability in Eq-3 Homematic Ccu2 Firmware Directory Traversal / Arbitrary File Write / Remote Code Execution in the User.setLanguage method in eQ-3 AG Homematic CCU2 2.29.2 and earlier allows remote attackers to write arbitrary files to the device's filesystem. | 9.8 |
2018-02-22 | CVE-2018-7297 | EQ 3 | Unspecified vulnerability in Eq-3 Homematic Central Control Unit Ccu2 Firmware 2.29.22 Remote Code Execution in the TCL script interpreter in eQ-3 AG Homematic CCU2 2.29.2 and earlier allows remote attackers to obtain read/write access and execute system commands on the device. | 9.8 |
2018-02-22 | CVE-2018-7409 | Unixodbc | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Unixodbc In unixODBC before 2.3.5, there is a buffer overflow in the unicode_to_ansi_copy() function in DriverManager/__info.c. | 9.8 |
2018-02-22 | CVE-2017-5250 | Insteon | Insecure Storage of Sensitive Information vulnerability in Insteon for HUB 1.9.7 In version 1.9.7 and prior of Insteon's Insteon for Hub Android app, the OAuth token used by the app to authorize user access is not stored in an encrypted and secure manner. | 9.8 |
2018-02-22 | CVE-2017-5249 | Wink | Insecure Storage of Sensitive Information vulnerability in Wink 6.1.0.19 In version 6.1.0.19 and prior of Wink Labs's Wink - Smart Home Android app, the OAuth token used by the app to authorize user access is not stored in an encrypted and secure manner. | 9.8 |
2018-02-22 | CVE-2017-18194 | Hamayeshnegar | SQL Injection vulnerability in Hamayeshnegar CMS SQL injection vulnerability in users/signup.php in the "signup" component in HamayeshNegar CMS allows a remote attacker to execute arbitrary SQL commands via the "utype" parameter. | 9.8 |
2018-02-22 | CVE-2018-7313 | Cwjoomla | SQL Injection vulnerability in Cwjoomla CW Tags 2.0.6 SQL Injection exists in the CW Tags 2.0.6 component for Joomla! via the searchtext array parameter. | 9.8 |
2018-02-22 | CVE-2018-0130 | Cisco | Insecure Default Initialization of Resource vulnerability in Cisco Virtual Managed Services 3.0 A vulnerability in the use of JSON web tokens by the web-based service portal of Cisco Elastic Services Controller Software could allow an unauthenticated, remote attacker to gain administrative access to an affected system. | 9.8 |
2018-02-22 | CVE-2018-0124 | Cisco | Key Management Errors vulnerability in Cisco Unified Communications Domain Manager A vulnerability in Cisco Unified Communications Domain Manager could allow an unauthenticated, remote attacker to bypass security protections, gain elevated privileges, and execute arbitrary code. | 9.8 |
2018-02-22 | CVE-2018-0121 | Cisco | Improper Authentication vulnerability in Cisco products A vulnerability in the authentication functionality of the web-based service portal of Cisco Elastic Services Controller Software could allow an unauthenticated, remote attacker to bypass authentication and execute arbitrary actions with administrator privileges on an affected system. | 9.8 |
2018-02-21 | CVE-2015-5725 | Codeigniter | SQL Injection vulnerability in Codeigniter SQL injection vulnerability in the offset method in the Active Record class in CodeIgniter before 2.2.4 allows remote attackers to execute arbitrary SQL commands via vectors involving the offset variable. | 9.8 |
2018-02-21 | CVE-2018-1164 | Zyxel | Incorrect Permission Assignment for Critical Resource vulnerability in Zyxel P-870H-51 Firmware 1.00(Awg.3)D5 This vulnerability allows remote attackers to cause a denial-of-service condition on vulnerable installations of ZyXEL P-870H-51 DSL Router 1.00(AWG.3)D5. | 9.8 |
2018-02-20 | CVE-2018-7263 | Underbit | Double Free vulnerability in Underbit Libmad 0.15.0B/0.15.1B The mad_decoder_run() function in decoder.c in Underbit libmad through 0.15.1b allows remote attackers to cause a denial of service (SIGABRT because of double free or corruption) or possibly have unspecified other impact via a crafted file. | 9.8 |
2018-02-20 | CVE-2015-9254 | Datto | Use of Hard-coded Credentials vulnerability in Datto products Datto ALTO and SIRIS devices have a default VNC password. | 9.8 |
2018-02-20 | CVE-2015-2081 | Datto | Improper Input Validation vulnerability in Datto products Datto ALTO and SIRIS devices allow Remote Code Execution via unauthenticated requests to PHP scripts. | 9.8 |
2018-02-20 | CVE-2018-7259 | Flightsimlabs | Cleartext Transmission of Sensitive Information vulnerability in Flightsimlabs A320-X 2.0.1.231 The FSX / P3Dv4 installer 2.0.1.231 for Flight Sim Labs A320-X sends a user's Google account credentials to http://installLog.flightsimlabs.com/LogHandler3.ashx if a pirated serial number has been entered, which allows remote attackers to obtain sensitive information, e.g., by sniffing the network for cleartext HTTP traffic. | 9.8 |
2018-02-19 | CVE-2018-7251 | Anchorcms | Information Exposure vulnerability in Anchorcms Anchor 0.12.3 An issue was discovered in config/error.php in Anchor 0.12.3. | 9.8 |
2018-02-19 | CVE-2017-7376 | Xmlsoft Debian | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products Buffer overflow in libxml2 allows remote attackers to execute arbitrary code by leveraging an incorrect limit for port values when handling redirects. | 9.8 |
2018-02-19 | CVE-2017-7375 | Xmlsoft Debian | XXE vulnerability in multiple products A flaw in libxml2 allows remote XML entity inclusion with default parser flags (i.e., when the caller did not request entity substitution, DTD validation, external DTD subset loading, or default DTD attributes). | 9.8 |
2018-02-19 | CVE-2017-17101 | Apexis | Unspecified vulnerability in Apexis Apm-H803-Mpc Firmware 1.1.2.69 An issue was discovered in Apexis APM-H803-MPC software, as used with many different models of IP Camera. | 9.8 |
2018-02-19 | CVE-2016-9568 | Carbonblack | 7PK - Security Features vulnerability in Carbonblack Carbon Black 5.1.1.60603 A security design issue can allow an unprivileged user to interact with the Carbon Black Sensor and perform unauthorized actions. | 9.8 |
2018-02-19 | CVE-2018-7247 | Leptonica | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Leptonica An issue was discovered in pixHtmlViewer in prog/htmlviewer.c in Leptonica before 1.75.3. | 9.8 |
2018-02-19 | CVE-2018-5475 | GE | Out-of-bounds Write vulnerability in GE D60 Line Distance Relay Firmware 7.11 A Stack-based Buffer Overflow issue was discovered in GE D60 Line Distance Relay devices running firmware Version 7.11 and prior. | 9.8 |
2018-02-19 | CVE-2018-5473 | GE | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in GE D60 Line Distance Relay Firmware 7.11 An Improper Restriction of Operations within the Bounds of a Memory Buffer issue was discovered in GE D60 Line Distance Relay devices running firmware Version 7.11 and prior. | 9.8 |
2018-02-19 | CVE-2018-5439 | Nortekcontrol | Command Injection vulnerability in Nortekcontrol Emerge E3 Firmware 0.3207E A Command Injection issue was discovered in Nortek Linear eMerge E3 series Versions V0.32-07e and prior. | 9.8 |
2018-02-19 | CVE-2018-7226 | Vncterm Project | Integer Overflow or Wraparound vulnerability in Vncterm Project Vncterm 0.1/0.9.10 An issue was discovered in vcSetXCutTextProc() in VNConsole.c in LinuxVNC and VNCommand from the LibVNC/vncterm distribution through 0.9.10. | 9.8 |
2018-02-19 | CVE-2018-7225 | Libvncserver Project Debian Canonical Redhat | Integer Overflow or Wraparound vulnerability in multiple products An issue was discovered in LibVNCServer through 0.9.11. | 9.8 |
2018-02-19 | CVE-2018-5379 | Quagga Debian Canonical Redhat Siemens | Double Free vulnerability in multiple products The Quagga BGP daemon (bgpd) prior to version 1.2.3 can double-free memory when processing certain forms of UPDATE message, containing cluster-list and/or unknown attributes. | 9.8 |
2018-02-19 | CVE-2017-16924 | Zohocorp | Use of Insufficiently Random Values vulnerability in Zohocorp Manageengine Desktop Central 10.0.137 Remote Information Disclosure and Escalation of Privileges in ManageEngine Desktop Central MSP 10.0.137 allows attackers to download unencrypted XML files containing all data for configuration policies via a predictable /client-data/<client_id>/collections/##/usermgmt.xml URL, as demonstrated by passwords and Wi-Fi keys. | 9.8 |
2018-02-23 | CVE-2018-7442 | Leptonica | Path Traversal vulnerability in Leptonica An issue was discovered in Leptonica through 1.75.3. | 9.1 |
97 High Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2018-02-24 | CVE-2017-18198 | GNU | Out-of-bounds Read vulnerability in GNU Libcdio print_iso9660_recurse in iso-info.c in GNU libcdio before 1.0.0 allows remote attackers to cause a denial of service (heap-based buffer over-read) or possibly have unspecified other impact via a crafted iso file. | 8.8 |
2018-02-23 | CVE-2018-7439 | Freexl Project Debian | Out-of-bounds Read vulnerability in multiple products An issue was discovered in FreeXL before 1.0.5. | 8.8 |
2018-02-23 | CVE-2018-7438 | Freexl Project Debian | Out-of-bounds Read vulnerability in multiple products An issue was discovered in FreeXL before 1.0.5. | 8.8 |
2018-02-23 | CVE-2018-7437 | Freexl Project Debian | Out-of-bounds Read vulnerability in multiple products An issue was discovered in FreeXL before 1.0.5. | 8.8 |
2018-02-23 | CVE-2018-7436 | Freexl Project Debian | Out-of-bounds Read vulnerability in multiple products An issue was discovered in FreeXL before 1.0.5. | 8.8 |
2018-02-23 | CVE-2018-7435 | Freexl Project Debian | Out-of-bounds Read vulnerability in multiple products An issue was discovered in FreeXL before 1.0.5. | 8.8 |
2018-02-23 | CVE-2018-0520 | FSI | Cross-Site Request Forgery (CSRF) vulnerability in FSI Fs010W Firmware 1.3.0 Cross-site request forgery (CSRF) vulnerability in FS010W firmware FS010W_00_V1.3.0 and earlier allows an attacker to hijack the authentication of administrators via unspecified vectors. | 8.8 |
2018-02-23 | CVE-2018-7339 | Mp4V2 Project | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Mp4V2 Project Mp4V2 The MP4Atom class in mp4atom.cpp in MP4v2 through 2.0.0 mishandles Entry Number validation for the MP4 Table Property, which allows remote attackers to cause a denial of service (overflow, insufficient memory allocation, and segmentation fault) or possibly have unspecified other impact via a crafted mp4 file. | 8.8 |
2018-02-22 | CVE-2018-1414 | IBM | SQL Injection vulnerability in IBM products IBM Maximo Asset Management 7.5 and 7.6 is vulnerable to SQL injection. | 8.8 |
2018-02-22 | CVE-2018-0148 | Cisco | Cross-Site Request Forgery (CSRF) vulnerability in Cisco UCS Director 6.5(0.0.65832) A vulnerability in the web-based management interface of Cisco UCS Director Software and Cisco Integrated Management Controller (IMC) Supervisor Software could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack and perform arbitrary actions on an affected system. | 8.8 |
2018-02-21 | CVE-2018-7311 | Privatevpn | Incorrect Permission Assignment for Critical Resource vulnerability in Privatevpn 2.0.31 PrivateVPN 2.0.31 for macOS suffers from a root privilege escalation vulnerability. | 8.8 |
2018-02-21 | CVE-2018-7281 | Cactusvpn | Unspecified vulnerability in Cactusvpn 5.3.6 CactusVPN 5.3.6 for macOS contains a root privilege escalation vulnerability through a setuid root binary called runme. | 8.8 |
2018-02-21 | CVE-2018-7308 | Hosting Project | Cross-Site Request Forgery (CSRF) vulnerability in Hosting Project Hosting 20180211 A CSRF issue was found in var/www/html/files.php in DanWin hosting through 2018-02-11 that allows arbitrary remote users to add/delete/modify any files in any hosting account. | 8.8 |
2018-02-21 | CVE-2018-7304 | Tiki | Improper Neutralization of Formula Elements in a CSV File vulnerability in Tiki 17.1 Tiki 17.1 does not validate user input for special characters; consequently, a CSV Injection attack can open a CMD.EXE or Calculator window on the victim machine to perform malicious activity, as demonstrated by an "=cmd|' /C calc'!A0" payload during User Creation. | 8.8 |
2018-02-21 | CVE-2017-12161 | Keycloak | Weak Password Recovery Mechanism for Forgotten Password vulnerability in Keycloak It was found that keycloak before 3.4.2 final would permit misuse of a client-side /etc/hosts entry to spoof a URL in a password reset request. | 8.8 |
2018-02-21 | CVE-2013-0267 | Apache | Improper Input Validation vulnerability in Apache VCL The Privileges portion of the web GUI and the XMLRPC API in Apache VCL 2.3.x before 2.3.2, 2.2.x before 2.2.2 and 2.1 allow remote authenticated users with nodeAdmin, manageGroup, resourceGrant, or userGrant permissions to gain privileges, cause a denial of service, or conduct cross-site scripting (XSS) attacks by leveraging improper data validation. | 8.8 |
2018-02-20 | CVE-2018-6941 | Nat32 | Cross-Site Request Forgery (CSRF) vulnerability in Nat32 2.2 A /shell?cmd= CSRF issue exists in the HTTPD component of NAT32 v2.2 Build 22284 devices that can be exploited for Remote Code Execution in conjunction with XSS. | 8.8 |
2018-02-19 | CVE-2012-0771 | Adobe | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Adobe Shockwave Player Adobe Shockwave Player before 11.6.4.634 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2012-0759. | 8.8 |
2018-02-19 | CVE-2018-7219 | 5None | Cross-Site Request Forgery (CSRF) vulnerability in 5None Nonecms 1.3.0 application/admin/controller/Admin.php in NoneCms 1.3.0 has CSRF, as demonstrated by changing an admin password or adding an account via a public/index.php/admin/admin/edit.html request. | 8.8 |
2018-02-19 | CVE-2017-16756 | Userscape | Cross-Site Request Forgery (CSRF) vulnerability in Userscape Helpspot An issue was discovered in Userscape HelpSpot before 4.7.2. | 8.8 |
2018-02-22 | CVE-2018-0139 | Cisco | Unspecified vulnerability in Cisco Unified Customer Voice Portal 11.5(1)/11.6 A vulnerability in the Interactive Voice Response (IVR) management connection interface for Cisco Unified Customer Voice Portal (CVP) could allow an unauthenticated, remote attacker to cause the IVR connection to disconnect, creating a system-wide denial of service (DoS) condition. | 8.6 |
2018-02-22 | CVE-2018-7298 | EQ 3 | Cleartext Transmission of Sensitive Information vulnerability in Eq-3 Homematic Central Control Unit Ccu2 Firmware 2.29.22 In /usr/local/etc/config/addons/mh/loopupd.sh on eQ-3 AG HomeMatic CCU2 2.29.22 devices, software update packages are downloaded via the HTTP protocol, which does not provide any cryptographic protection of the downloaded contents. | 8.1 |
2018-02-22 | CVE-2018-1417 | IBM | Incorrect Permission Assignment for Critical Resource vulnerability in IBM Java SDK Under certain circumstances, a flaw in the J9 JVM (IBM SDK, Java Technology Edition 7.1 and 8.0) allows untrusted code running under a security manager to elevate its privileges. | 8.1 |
2018-02-22 | CVE-2017-5251 | Insteon | Missing Encryption of Sensitive Data vulnerability in Insteon HUB Firmware In version 1012 and prior of Insteon's Insteon Hub, the radio transmissions used for communication between the hub and connected devices are not encrypted. | 8.1 |
2018-02-21 | CVE-2018-5716 | Reprisesoftware | Path Traversal vulnerability in Reprisesoftware Reprise License Manager 11.0 An issue was discovered in Reprise License Manager 11.0. | 8.1 |
2018-02-21 | CVE-2018-7271 | Metinfo | Code Injection vulnerability in Metinfo 6.0.0 An issue was discovered in MetInfo 6.0.0. | 8.1 |
2018-02-22 | CVE-2018-7299 | EQ 3 | Unspecified vulnerability in Eq-3 Homematic Central Control Unit Ccu2 Firmware 2.29.22 Remote Code Execution in the addon installation process in eQ-3 AG Homematic CCU2 2.29.2 and earlier allows authenticated attackers to create or overwrite arbitrary files or install malicious software on the device. | 8.0 |
2018-02-21 | CVE-2016-0348 | IBM | Cross-Site Request Forgery (CSRF) vulnerability in IBM Tririga Application Platform Cross-site request forgery (CSRF) vulnerability in IBM TRIRIGA Application Platform 3.3, 3.3.1, 3.3.2, and 3.4 allows remote attackers to hijack the authentication of arbitrary users for requests that insert XSS sequences. | 8.0 |
2018-02-25 | CVE-2018-7480 | Linux Canonical Debian | Double Free vulnerability in multiple products The blkcg_init_queue function in block/blk-cgroup.c in the Linux kernel before 4.11 allows local users to cause a denial of service (double free) or possibly have unspecified other impact by triggering a creation failure. | 7.8 |
2018-02-25 | CVE-2018-7471 | BJ TCT | Integer Overflow or Wraparound vulnerability in Bj-Tct Kingview 7.5 KingView 7.5SP1 has an integer overflow during stgopenstorage API read operations. | 7.8 |
2018-02-23 | CVE-2017-17767 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android In all Qualcomm products with Android releases from CAF using the Linux kernel, the IL client may free a buffer OMX Video Encoder Component and then subsequently access the already freed buffer. | 7.8 | |
2018-02-23 | CVE-2017-17765 | Integer Overflow or Wraparound vulnerability in Google Android In all Qualcomm products with Android releases from CAF using the Linux kernel, multiple values received from firmware are not properly validated in wma_get_ll_stats_ext_buf() and are used to allocate the sizes of buffers and may be vulnerable to integer overflow leading to buffer overflow. | 7.8 | |
2018-02-23 | CVE-2017-17764 | Integer Overflow or Wraparound vulnerability in Google Android In all Qualcomm products with Android releases from CAF using the Linux kernel, the num_failure_info value from firmware is not properly validated in wma_rx_aggr_failure_event_handler() so that an integer overflow vulnerability in a buffer size calculation may potentially lead to a buffer overflow. | 7.8 | |
2018-02-23 | CVE-2017-15862 | Integer Overflow or Wraparound vulnerability in Google Android In all Qualcomm products with Android releases from CAF using the Linux kernel, in wma_unified_link_radio_stats_event_handler(), the number of radio channels coming from firmware is not properly validated, potentially leading to an integer overflow vulnerability followed by a buffer overflow. | 7.8 | |
2018-02-23 | CVE-2017-15861 | Improper Validation of Array Index vulnerability in Google Android In all Qualcomm products with Android releases from CAF using the Linux kernel, in the function wma_roam_synch_event_handler, vdev_id is received from firmware and used to access an array without validation. | 7.8 | |
2018-02-23 | CVE-2017-15860 | Type Confusion vulnerability in Google Android In all Qualcomm products with Android releases from CAF using the Linux kernel, while processing an encrypted authentication management frame, a stack buffer overflow may potentially occur. | 7.8 | |
2018-02-23 | CVE-2017-15820 | Use After Free vulnerability in Google Android In all Qualcomm products with Android releases from CAF using the Linux kernel, in a KGSL IOCTL handler, a Use After Free Condition can potentially occur. | 7.8 | |
2018-02-23 | CVE-2017-15817 | Improper Input Validation vulnerability in Google Android In all Qualcomm products with Android releases from CAF using the Linux kernel, when an access point sends a challenge text greater than 128 bytes, the host driver is unable to validate this potentially leading to authentication failure. | 7.8 | |
2018-02-23 | CVE-2017-15518 | Netapp | Information Exposure vulnerability in Netapp Oncommand API Services and Service Level Manager All versions of OnCommand API Services prior to 2.1 and NetApp Service Level Manager prior to 1.0RC4 log a privileged database user account password. | 7.8 |
2018-02-23 | CVE-2017-14884 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android In all Qualcomm products with Android releases from CAF using the Linux kernel, due to lack of bounds checking on the variable "data_len" from the function WLANQCMBR_McProcessMsg, a buffer overflow may potentially occur in WLANFTM_McProcessMsg. | 7.8 | |
2018-02-23 | CVE-2018-6764 | Redhat Debian Canonical | Origin Validation Error vulnerability in multiple products util/virlog.c in libvirt does not properly determine the hostname on LXC container startup, which allows local guest OS users to bypass an intended container protection mechanism and execute arbitrary commands via a crafted NSS module. | 7.8 |
2018-02-22 | CVE-2018-7408 | Npmjs | Incorrect Permission Assignment for Critical Resource vulnerability in Npmjs NPM 5.7.0 An issue was discovered in an npm 5.7.0 2018-02-21 pre-release (marked as "next: 5.7.0" and therefore automatically installed by an "npm upgrade -g npm" command, and also announced in the vendor's blog without mention of pre-release status). | 7.8 |
2018-02-21 | CVE-2018-1168 | Hitachienergy | Incorrect Permission Assignment for Critical Resource vulnerability in Hitachienergy Sys600 Firmware This vulnerability allows local attackers to escalate privileges on vulnerable installations of ABB MicroSCADA 9.3 with FP 1-2-3. | 7.8 |
2018-02-21 | CVE-2018-1166 | Joyent | Improper Input Validation vulnerability in Joyent Smartos 20170803 This vulnerability allows local attackers to escalate privileges on vulnerable installations of Joyent SmartOS release-20170803-20170803T064301Z. | 7.8 |
2018-02-19 | CVE-2018-7254 | Wavpack Debian | Out-of-bounds Read vulnerability in multiple products The ParseCaffHeaderConfig function of the cli/caff.c file of WavPack 5.1.0 allows a remote attacker to cause a denial-of-service (global buffer over-read), or possibly trigger a buffer overflow or incorrect memory allocation, via a maliciously crafted CAF file. | 7.8 |
2018-02-19 | CVE-2018-7253 | Wavpack Debian Canonical | Out-of-bounds Read vulnerability in multiple products The ParseDsdiffHeaderConfig function of the cli/dsdiff.c file of WavPack 5.1.0 allows a remote attacker to cause a denial-of-service (heap-based buffer over-read) or possibly overwrite the heap via a maliciously crafted DSDIFF file. | 7.8 |
2018-02-19 | CVE-2018-6592 | Unisys | Improper Resource Shutdown or Release vulnerability in Unisys Stealth 3.3 Unisys Stealth 3.3 Windows endpoints before 3.3.016.1 allow local users to gain access to Stealth-enabled devices by leveraging improper cleanup of memory used for negotiation key storage. | 7.8 |
2018-02-19 | CVE-2017-16670 | Smartbear | Code Injection vulnerability in Smartbear Soapui 5.3.0 The project import functionality in SoapUI 5.3.0 allows remote attackers to execute arbitrary Java code via a crafted request parameter in a WSDL project file. | 7.8 |
2018-02-19 | CVE-2018-1411 | IBM | Unspecified vulnerability in IBM Client Application Access and Notes IBM Notes Diagnostics (IBM Client Application Access and IBM Notes) could allow a local user to execute commands on the system. | 7.8 |
2018-02-19 | CVE-2018-1410 | IBM | Unspecified vulnerability in IBM Client Application Access and Notes IBM Notes Diagnostics (IBM Client Application Access and IBM Notes) could allow a local user to execute commands on the system. | 7.8 |
2018-02-19 | CVE-2018-1409 | IBM | Unspecified vulnerability in IBM Client Application Access and Notes IBM Notes Diagnostics (IBM Client Application Access and IBM Notes) could allow a local user to execute commands on the system. | 7.8 |
2018-02-25 | CVE-2018-7466 | Testlink | Code Injection vulnerability in Testlink install/installNewDB.php in TestLink through 1.9.16 allows remote attackers to conduct injection attacks by leveraging control over DB LOGIN NAMES data during installation to provide a long, crafted value. | 7.5 |
2018-02-23 | CVE-2018-7421 | Wireshark | Infinite Loop vulnerability in Wireshark In Wireshark 2.2.0 to 2.2.12 and 2.4.0 to 2.4.4, the DMP dissector could go into an infinite loop. | 7.5 |
2018-02-23 | CVE-2018-7420 | Wireshark Debian | In Wireshark 2.2.0 to 2.2.12 and 2.4.0 to 2.4.4, the pcapng file parser could crash. | 7.5 |
2018-02-23 | CVE-2018-7419 | Wireshark Debian | Improper Initialization vulnerability in multiple products In Wireshark 2.2.0 to 2.2.12 and 2.4.0 to 2.4.4, the NBAP dissector could crash. | 7.5 |
2018-02-23 | CVE-2018-7418 | Wireshark Debian | In Wireshark 2.2.0 to 2.2.12 and 2.4.0 to 2.4.4, the SIGCOMP dissector could crash. | 7.5 |
2018-02-23 | CVE-2018-7417 | Wireshark Debian | In Wireshark 2.2.0 to 2.2.12 and 2.4.0 to 2.4.4, the IPMI dissector could crash. | 7.5 |
2018-02-23 | CVE-2018-7337 | Wireshark Debian | In Wireshark 2.4.0 to 2.4.4, the DOCSIS protocol dissector could crash. | 7.5 |
2018-02-23 | CVE-2018-7336 | Wireshark Debian | NULL Pointer Dereference vulnerability in multiple products In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, the FCP protocol dissector could crash. | 7.5 |
2018-02-23 | CVE-2018-7335 | Wireshark Debian | In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, the IEEE 802.11 dissector could crash. | 7.5 |
2018-02-23 | CVE-2018-7334 | Wireshark Debian | In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, the UMTS MAC dissector could crash. | 7.5 |
2018-02-23 | CVE-2018-7333 | Wireshark | Infinite Loop vulnerability in Wireshark In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, epan/dissectors/packet-rpcrdma.c had an infinite loop that was addressed by validating a chunk size. | 7.5 |
2018-02-23 | CVE-2018-7332 | Wireshark Debian | Infinite Loop vulnerability in multiple products In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, epan/dissectors/packet-reload.c had an infinite loop that was addressed by validating a length. | 7.5 |
2018-02-23 | CVE-2018-7331 | Wireshark Debian | Infinite Loop vulnerability in multiple products In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, epan/dissectors/packet-ber.c had an infinite loop that was addressed by validating a length. | 7.5 |
2018-02-23 | CVE-2018-7330 | Wireshark | Infinite Loop vulnerability in Wireshark In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, epan/dissectors/packet-thread.c had an infinite loop that was addressed by using a correct integer data type. | 7.5 |
2018-02-23 | CVE-2018-7329 | Wireshark | Infinite Loop vulnerability in Wireshark In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, epan/dissectors/packet-s7comm.c had an infinite loop that was addressed by correcting off-by-one errors. | 7.5 |
2018-02-23 | CVE-2018-7328 | Wireshark | Infinite Loop vulnerability in Wireshark In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, epan/dissectors/packet-usb.c had an infinite loop that was addressed by rejecting short frame header lengths. | 7.5 |
2018-02-23 | CVE-2018-7327 | Wireshark | Infinite Loop vulnerability in Wireshark In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, epan/dissectors/packet-openflow_v6.c had an infinite loop that was addressed by validating property lengths. | 7.5 |
2018-02-23 | CVE-2018-7326 | Wireshark | Infinite Loop vulnerability in Wireshark In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, epan/dissectors/packet-lltd.c had an infinite loop that was addressed by using a correct integer data type. | 7.5 |
2018-02-23 | CVE-2018-7325 | Wireshark Debian | Infinite Loop vulnerability in multiple products In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, epan/dissectors/packet-rpki-rtr.c had an infinite loop that was addressed by validating a length field. | 7.5 |
2018-02-23 | CVE-2018-7324 | Wireshark Debian | Infinite Loop vulnerability in multiple products In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, epan/dissectors/packet-sccp.c had an infinite loop that was addressed by using a correct integer data type. | 7.5 |
2018-02-23 | CVE-2018-7323 | Wireshark Debian | Excessive Iteration vulnerability in multiple products In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, epan/dissectors/packet-wccp.c had a large loop that was addressed by ensuring that a calculated length was monotonically increasing. | 7.5 |
2018-02-23 | CVE-2018-7322 | Wireshark Debian | Infinite Loop vulnerability in multiple products In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, epan/dissectors/packet-dcm.c had an infinite loop that was addressed by checking for integer wraparound. | 7.5 |
2018-02-23 | CVE-2018-7321 | Wireshark | Excessive Iteration vulnerability in Wireshark In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, epan/dissectors/packet-thrift.c had a large loop that was addressed by not proceeding with dissection after encountering an unexpected type. | 7.5 |
2018-02-23 | CVE-2018-7320 | Wireshark Debian | In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, the SIGCOMP protocol dissector could crash. | 7.5 |
2018-02-22 | CVE-2018-0015 | Juniper | Missing Authorization vulnerability in Juniper Appformix A malicious user with unrestricted access to the AppFormix application management platform may be able to access a Python debug console and execute system commands with root privilege. | 7.5 |
2018-02-22 | CVE-2018-7317 | Christianwebministries | Information Exposure vulnerability in Christianwebministries Proclaim 9.1.1 Backup Download exists in the Proclaim 9.1.1 component for Joomla! via a direct request for a .sql file under backup/. | 7.5 |
2018-02-22 | CVE-2018-7285 | Digium | NULL Pointer Dereference vulnerability in Digium Asterisk A NULL pointer access issue was discovered in Asterisk 15.x through 15.2.1. | 7.5 |
2018-02-22 | CVE-2018-7284 | Digium Debian | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products A Buffer Overflow issue was discovered in Asterisk through 13.19.1, 14.x through 14.7.5, and 15.x through 15.2.1, and Certified Asterisk through 13.18-cert2. | 7.5 |
2018-02-22 | CVE-2018-0204 | Cisco | Weak Password Requirements vulnerability in Cisco Prime Collaboration Provisioning 12.1 A vulnerability in the web portal of the Cisco Prime Collaboration Provisioning Tool could allow an unauthenticated, remote attacker to create a denial of service (DoS) condition for individual users. | 7.5 |
2018-02-21 | CVE-2018-7276 | Lutron | Information Exposure vulnerability in Lutron Quantum Bacnet Integration Firmware 3.2.243 An issue was discovered on Lutron Quantum BACnet Integration 2.0 (firmware 3.2.243) devices. | 7.5 |
2018-02-20 | CVE-2017-14993 | Oxid Esales | Forced Browsing vulnerability in Oxid-Esales Eshop OXID eShop Community Edition before 6.0.0 RC3 (development), 4.10.x before 4.10.6 (maintenance), and 4.9.x before 4.9.11 (legacy), Enterprise Edition before 6.0.0 RC3 (development), 5.2.x before 5.2.11 (legacy), and 5.3.x before 5.3.6 (maintenance), and Professional Edition before 6.0.0 RC3 (development), 4.9.x before 4.9.11 (legacy) and 4.10.x before 4.10.6 (maintenance) allow remote attackers to crawl specially crafted URLs (aka "forced browsing") in order to overflow the database of the shop and consequently make it stop working. | 7.5 |
2018-02-20 | CVE-2017-12415 | Oxid Esales | Cross-Site Request Forgery (CSRF) vulnerability in Oxid-Esales Eshop OXID eShop Community Edition before 6.0.0 RC2 (development), 4.10.x before 4.10.5 (maintenance), and 4.9.x before 4.9.10 (legacy), Enterprise Edition before 6.0.0 RC2 (development), 5.2.x before 5.2.10 (legacy), and 5.3.x before 5.3.5 (maintenance), and Professional Edition before 6.0.0 RC2 (development), 4.9.x before 4.9.10 (legacy) and 4.10.x before 4.10.5 (maintenance) allow remote attackers to hijack the cart session of a client via Cross-Site Request Forgery (CSRF) if the following pre-conditions are met: (1) the attacker knows which shop is presently used by the client, (2) the attacker knows the exact time when the customer will add product items to the cart, (3) the attacker knows which product items are already in the cart (has to know their article IDs), and (4) the attacker would be able to trick user into clicking a button (submit form) of an e-mail or remote site within the period of visiting the shop and placing an order. | 7.5 |
2018-02-20 | CVE-2018-6487 | Microfocus | Information Exposure vulnerability in Microfocus Universal Cmdb Foundation Software Remote Disclosure of Information in Micro Focus Universal CMDB Foundation Software, version numbers 10.10, 10.11, 10.20, 10.21, 10.22, 10.30, 10.31, 4.10, 4.11. | 7.5 |
2018-02-20 | CVE-2004-2779 | Underbit | Resource Management Errors vulnerability in Underbit Libid3Tag 0.15.0B/0.15.1B id3_utf16_deserialize() in utf16.c in libid3tag through 0.15.1b misparses ID3v2 tags encoded in UTF-16 with an odd number of bytes, triggering an endless loop allocating memory until an OOM condition is reached, leading to denial-of-service (DoS). | 7.5 |
2018-02-20 | CVE-2016-6272 | Epic | XML Injection (aka Blind XPath Injection) vulnerability in Epic Mychart XPath injection vulnerability in Epic MyChart allows remote attackers to access contents of an XML document containing static display strings, such as field labels, via the topic parameter to help.asp. | 7.5 |
2018-02-20 | CVE-2017-18192 | Photo Video Locker Calculator Project | Information Exposure vulnerability in Photo,Video Locker-Calculator Project Photo,Video Locker-Calculator 12.0/18.0 smart/calculator/gallerylock/CalculatorActivity.java in the "Photo,Video Locker-Calculator" application through 18 for Android allows attackers to access files via the backdoor 17621762 PIN. | 7.5 |
2018-02-20 | CVE-2017-16835 | Photo Video Locker Calculator Project | Cleartext Storage of Sensitive Information vulnerability in Photo,Video Locker-Calculator Project Photo,Video Locker-Calculator 12.0 The "Photo,Video Locker-Calculator" application 12.0 for Android has android:allowBackup="true" in AndroidManifest.xml, which allows attackers to obtain sensitive cleartext information via an "adb backup '-f smart.calculator.gallerylock'" command. | 7.5 |
2018-02-19 | CVE-2017-18191 | Openstack Redhat | An issue was discovered in OpenStack Nova 15.x through 15.1.0 and 16.x through 16.1.1. | 7.5 |
2018-02-19 | CVE-2018-5381 | Quagga Canonical Debian Siemens | Infinite Loop vulnerability in multiple products The Quagga BGP daemon (bgpd) prior to version 1.2.3 has a bug in its parsing of "Capabilities" in BGP OPEN messages, in the bgp_packet.c:bgp_capability_msg_parse function. | 7.5 |
2018-02-20 | CVE-2018-7046 | Kentico | OS Command Injection vulnerability in Kentico CMS Arbitrary code execution vulnerability in Kentico 9 through 11 allows remote authenticated users to execute arbitrary operating system commands in a dynamic .NET code evaluation context via C# code in a "Pages -> Edit -> Template -> Edit template properties -> Layout" box. | 7.2 |
2018-02-19 | CVE-2016-10008 | Dotcms | SQL Injection vulnerability in Dotcms SQL injection vulnerability in the "Content Types > Content Types" screen in dotCMS before 3.7.2 and 4.x before 4.1.1 allows remote authenticated administrators to execute arbitrary SQL commands via the _EXT_STRUCTURE_direction parameter. | 7.2 |
2018-02-19 | CVE-2016-10007 | Dotcms | SQL Injection vulnerability in Dotcms SQL injection vulnerability in the "Marketing > Forms" screen in dotCMS before 3.7.2 and 4.x before 4.1.1 allows remote authenticated administrators to execute arbitrary SQL commands via the _EXT_FORM_HANDLER_orderBy parameter. | 7.2 |
2018-02-21 | CVE-2017-1758 | IBM | XXE vulnerability in IBM products IBM Financial Transaction Manager for ACH Services for Multi-Platform (IBM Control Center 6.0 and 6.1, IBM Financial Transaction Manager 3.0.2, 3.0.3, 3.0.4, and 3.1.0, IBM Transformation Extender Advanced 9.0) is vulnerable to a XML External Entity Injection (XXE) attack when processing XML data. | 7.1 |
2018-02-23 | CVE-2017-15829 | Race Condition vulnerability in Google Android In all Qualcomm products with Android releases from CAF using the Linux kernel, a race condition exists in a GPU Driver which can potentially lead to a Use After Free condition. | 7.0 | |
2018-02-23 | CVE-2018-7441 | Leptonica | Race Condition vulnerability in Leptonica Leptonica through 1.75.3 uses hardcoded /tmp pathnames, which might allow local users to overwrite arbitrary files or have unspecified other impact by creating files in advance or winning a race condition, as demonstrated by /tmp/junk_split_image.ps in prog/splitimage2pdf.c. | 7.0 |
2018-02-21 | CVE-2018-1165 | Joyent Oracle | Out-of-bounds Write vulnerability in multiple products This vulnerability allows local attackers to escalate privileges on vulnerable installations of Joyent SmartOS release-20170803-20170803T064301Z. | 7.0 |
91 Medium Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2018-02-25 | CVE-2018-7470 | Imagemagick | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Imagemagick 7.0.722 An issue was discovered in ImageMagick 7.0.7-22 Q16. | 6.5 |
2018-02-24 | CVE-2018-7456 | Libtiff Debian Canonical | NULL Pointer Dereference vulnerability in multiple products A NULL Pointer Dereference occurs in the function TIFFPrintDirectory in tif_print.c in LibTIFF 3.9.3, 3.9.4, 3.9.5, 3.9.6, 3.9.7, 4.0.0alpha4, 4.0.0alpha5, 4.0.0alpha6, 4.0.0beta7, 4.0.0, 4.0.1, 4.0.2, 4.0.3, 4.0.4, 4.0.4beta, 4.0.5, 4.0.6, 4.0.7, 4.0.8 and 4.0.9 when using the tiffinfo tool to print crafted TIFF information, a different vulnerability than CVE-2017-18013. | 6.5 |
2018-02-24 | CVE-2017-18199 | GNU | NULL Pointer Dereference vulnerability in GNU Libcdio realloc_symlink in rock.c in GNU libcdio before 1.0.0 allows remote attackers to cause a denial of service (NULL Pointer Dereference) via a crafted iso file. | 6.5 |
2018-02-23 | CVE-2018-1305 | Apache Debian Canonical Oracle | Security constraints defined by annotations of Servlets in Apache Tomcat 9.0.0.M1 to 9.0.4, 8.5.0 to 8.5.27, 8.0.0.RC1 to 8.0.49 and 7.0.0 to 7.0.84 were only applied once a Servlet had been loaded. | 6.5 |
2018-02-23 | CVE-2018-7443 | Imagemagick Debian Canonical | Allocation of Resources Without Limits or Throttling vulnerability in multiple products The ReadTIFFImage function in coders/tiff.c in ImageMagick 7.0.7-23 Q16 does not properly validate the amount of image data in a file, which allows remote attackers to cause a denial of service (memory allocation failure in the AcquireMagickMemory function in MagickCore/memory.c). | 6.5 |
2018-02-22 | CVE-2018-1391 | IBM | Unspecified vulnerability in IBM Financial Transaction Manager 3.0.4.0/3.1.0.0 IBM Financial Transaction Manager 3.0.4 and 3.1.0 for ACH Services for Multi-Platform could allow an authenticated user to execute a specially crafted command that could cause a denial of service. | 6.5 |
2018-02-22 | CVE-2018-7286 | Digium Debian | An issue was discovered in Asterisk through 13.19.1, 14.x through 14.7.5, and 15.x through 15.2.1, and Certified Asterisk through 13.18-cert2. | 6.5 |
2018-02-21 | CVE-2015-0203 | Apache | Data Processing Errors vulnerability in Apache Qpid The qpidd broker in Apache Qpid 0.30 and earlier allows remote authenticated users to cause a denial of service (daemon crash) via an AMQP message with (1) an invalid range in a sequence set, (2) content-bearing methods other than message-transfer, or (3) a session-gap control before a corresponding session-attach. | 6.5 |
2018-02-21 | CVE-2018-7272 | Forgerock | Information Exposure vulnerability in Forgerock Access Management 5.0.0/5.1.0/5.1.1 The REST APIs in ForgeRock AM before 5.5.0 include SSOToken IDs as part of the URL, which allows attackers to obtain sensitive information by finding an ID value in a log file. | 6.5 |
2018-02-20 | CVE-2018-6356 | Jenkins Oracle | Path Traversal vulnerability in multiple products Jenkins before 2.107 and Jenkins LTS before 2.89.4 did not properly prevent specifying relative paths that escape a base directory for URLs accessing plugin resource files. | 6.5 |
2018-02-19 | CVE-2015-9253 | PHP | Resource Exhaustion vulnerability in PHP An issue was discovered in PHP 7.3.x before 7.3.0alpha3, 7.2.x before 7.2.8, and before 7.1.20. | 6.5 |
2018-02-19 | CVE-2010-0109 | Symantec | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Symantec Altiris Deployment Solution DBManager in Symantec Altiris Deployment Solution 6.9.x before DS 6.9 SP4 allows remote attackers to cause a denial of service via a crafted request. | 6.5 |
2018-02-19 | CVE-2009-4267 | Apache | Improper Encoding or Escaping of Output vulnerability in Apache Juddi 3.0.0 The console in Apache jUDDI 3.0.0 does not properly escape line feeds, which allows remote authenticated users to spoof log entries via the numRows parameter. | 6.5 |
2018-02-19 | CVE-2016-8750 | Apache | LDAP Injection vulnerability in Apache Karaf Apache Karaf prior to 4.0.8 used the LDAPLoginModule to authenticate users to a directory via LDAP. | 6.5 |
2018-02-19 | CVE-2017-15712 | Apache | Path Traversal vulnerability in Apache Oozie Vulnerability allows a user of Apache Oozie 3.1.3-incubating to 4.3.0 and 5.0.0-beta1 to expose private files on the Oozie server process. | 6.5 |
2018-02-25 | CVE-2018-7476 | Finecms | Cross-site Scripting vulnerability in Finecms 5.3.0 controllers/admin/Linkage.php in dayrui FineCms 5.3.0 has Cross Site Scripting (XSS) via the id or lid parameter in a c=linkage,m=import request to admin.php, because the xss_clean protection mechanism is defeated by crafted input that lacks a '<' or '>' character. | 6.1 |
2018-02-22 | CVE-2018-0206 | Cisco | Cross-site Scripting vulnerability in Cisco Unified Communications Manager 11.5(1.13900.52) A vulnerability in the web-based management interface of Cisco Unified Communications Manager could allow an unauthenticated, remote attacker to conduct a reflected cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device. | 6.1 |
2018-02-22 | CVE-2018-0205 | Cisco | Cross-site Scripting vulnerability in Cisco Prime Collaboration Provisioning 12.1 A vulnerability in the User Provisioning tab in the Cisco Prime Collaboration Provisioning Tool could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack. | 6.1 |
2018-02-22 | CVE-2018-0200 | Cisco | Cross-site Scripting vulnerability in Cisco Prime Service Catalog A vulnerability in the web-based interface of Cisco Prime Service Catalog could allow an unauthenticated, remote attacker to conduct a reflected cross-site scripting (XSS) attack against a user of the web-based interface of an affected product. | 6.1 |
2018-02-22 | CVE-2018-0199 | Cisco | Cross-site Scripting vulnerability in Cisco Jabber 11.9/11.9(0) A vulnerability in Cisco Jabber Client Framework (JCF) could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of an affected device. | 6.1 |
2018-02-22 | CVE-2018-0145 | Cisco | Cross-site Scripting vulnerability in Cisco Data Center Analytics Framework 3.1 A vulnerability in the web-based management interface of the Cisco Data Center Analytics Framework application could allow an unauthenticated, remote attacker to conduct a reflected cross-site scripting (XSS) attack against a user of the interface of an affected system. | 6.1 |
2018-02-21 | CVE-2018-7280 | Ninjaforms | Cross-site Scripting vulnerability in Ninjaforms Ninja Forms The Ninja Forms plugin before 3.2.14 for WordPress has XSS. | 6.1 |
2018-02-21 | CVE-2013-4891 | Codeigniter | Cross-site Scripting vulnerability in Codeigniter The xss_clean function in CodeIgniter before 2.1.4 might allow remote attackers to bypass an intended protection mechanism and conduct cross-site scripting (XSS) attacks via an unclosed HTML tag. | 6.1 |
2018-02-21 | CVE-2018-7278 | Rletech | Cross-site Scripting vulnerability in Rletech Fds-Pc-Dp Firmware and Fds-Pc Firmware An issue was discovered on RLE Protocol Converter FDS-PC / FDS-PC-DP 2.1 devices. | 6.1 |
2018-02-21 | CVE-2018-7277 | Rletech | Cross-site Scripting vulnerability in Rletech Fds-Wi Firmware and Wi-Mgr Firmware An issue was discovered on RLE Wi-MGR/FDS-Wi 6.2 devices. | 6.1 |
2018-02-21 | CVE-2018-7274 | Quarx CMS Project | Cross-site Scripting vulnerability in Quarx CMS Project Quarx CMS Yab Quarx through 2.4.3 is prone to multiple persistent cross-site scripting vulnerabilities: Blog (Title), FAQ (Question), Pages (Title), Widgets (Name), and Menus (Name). | 6.1 |
2018-02-20 | CVE-2018-7265 | Shimmie2 Project | Cross-site Scripting vulnerability in Shimmie2 Project Shimmie2 2.6.0 Shimmie 2 2.6.0 allows an attacker to upload a crafted SVG file that enables stored XSS. | 6.1 |
2018-02-20 | CVE-2015-6544 | Combodo | Cross-site Scripting vulnerability in Combodo Itop Cross-site scripting (XSS) vulnerability in application/dashboard.class.inc.php in Combodo iTop before 2.2.0-2459 allows remote attackers to inject arbitrary web script or HTML via a dashboard title. | 6.1 |
2018-02-20 | CVE-2018-6940 | Nat32 | Cross-site Scripting vulnerability in Nat32 2.2 A /shell?cmd= XSS issue exists in the HTTPD component of NAT32 v2.2 Build 22284 devices that can be exploited for Remote Code Execution in conjunction with CSRF. | 6.1 |
2018-02-20 | CVE-2017-16356 | Kubik Rubik | Cross-site Scripting vulnerability in Kubik-Rubik Simple Image Gallery Extended Reflected XSS in Kubik-Rubik SIGE (aka Simple Image Gallery Extended) before 3.3.0 allows attackers to execute JavaScript in a victim's browser by having them visit a plugins/content/sige/plugin_sige/print.php link with a crafted img, name, or caption parameter. | 6.1 |
2018-02-19 | CVE-2017-16755 | Userscape | Cross-site Scripting vulnerability in Userscape Helpspot An issue was discovered in Userscape HelpSpot before 4.7.2. | 6.1 |
2018-02-23 | CVE-2012-6709 | Elinks Twibright | Improper Certificate Validation vulnerability in multiple products ELinks 0.12 and Twibright Links 2.3 have Missing SSL Certificate Validation. | 5.9 |
2018-02-23 | CVE-2018-0518 | Linecorp | Improper Certificate Validation vulnerability in Linecorp Line 7.1.3/7.15 LINE for iOS version 7.1.3 to 7.1.5 does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | 5.9 |
2018-02-22 | CVE-2018-7287 | Digium | Improper Check for Unusual or Exceptional Conditions vulnerability in Digium Asterisk An issue was discovered in res_http_websocket.c in Asterisk 15.x through 15.2.1. | 5.9 |
2018-02-21 | CVE-2015-5316 | W1 FI Debian | NULL Pointer Dereference vulnerability in multiple products The eap_pwd_perform_confirm_exchange function in eap_peer/eap_pwd.c in wpa_supplicant 2.x before 2.6, when EAP-pwd is enabled in a network configuration profile, allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via an EAP-pwd Confirm message followed by the Identity exchange. | 5.9 |
2018-02-21 | CVE-2015-5315 | W1 FI Debian | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products The eap_pwd_process function in eap_peer/eap_pwd.c in wpa_supplicant 2.x before 2.6 does not validate that the reassembly buffer is large enough for the final fragment when EAP-pwd is enabled in a network configuration profile, which allows remote attackers to cause a denial of service (process termination) via a large final fragment in an EAP-pwd message. | 5.9 |
2018-02-21 | CVE-2015-5314 | W1 FI Debian | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products The eap_pwd_process function in eap_server/eap_server_pwd.c in hostapd 2.x before 2.6 does not validate that the reassembly buffer is large enough for the final fragment when used with (1) an internal EAP server or (2) a RADIUS server and EAP-pwd is enabled in a runtime configuration, which allows remote attackers to cause a denial of service (process termination) via a large final fragment in an EAP-pwd message. | 5.9 |
2018-02-21 | CVE-2015-6569 | Atlassian | NULL Pointer Dereference vulnerability in Atlassian Floodlight Race condition in the LoadBalancer module in the Atlassian Floodlight Controller before 1.2 allows remote attackers to cause a denial of service (NULL pointer dereference and thread crash) via a state manipulation attack. | 5.9 |
2018-02-20 | CVE-2017-17455 | Mahara | Improper Certificate Validation vulnerability in Mahara Mahara 16.10 before 16.10.7, 17.04 before 17.04.5, and 17.10 before 17.10.2 are vulnerable to being forced, via a man-in-the-middle attack, to interact with Mahara on the HTTP protocol rather than HTTPS even when an SSL certificate is present. | 5.9 |
2018-02-20 | CVE-2017-10963 | Samsung | Injection vulnerability in Samsung products In Knox SDS IAM (Identity Access Management) and EMM (Enterprise Mobility Management) 16.11 on Samsung mobile devices, a man-in-the-middle attacker can install any application into the Knox container (without the user's knowledge) by inspecting network traffic from a Samsung server and injecting content at a certain point in the update sequence. | 5.9 |
2018-02-19 | CVE-2018-5763 | Oxid Esales | Improper Input Validation vulnerability in Oxid-Esales Eshop An issue was discovered in OXID eShop Enterprise Edition before 5.3.7 and 6.x before 6.0.1. | 5.9 |
2018-02-19 | CVE-2018-5378 | Quagga Debian Canonical | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products The Quagga BGP daemon (bgpd) prior to version 1.2.3 does not properly bounds check the data sent with a NOTIFY to a peer, if an attribute length is invalid. | 5.9 |
2018-02-20 | CVE-2018-5477 | ABB | Information Exposure vulnerability in ABB Netcadops An Information Exposure issue was discovered in ABB netCADOPS Web Application Version 3.4 and prior, netCADOPS Web Application Version 7.1 and prior, netCADOPS Web Application Version 7.2x and prior, netCADOPS Web Application Version 8.0 and prior, and netCADOPS Web Application Version 8.1 and prior. | 5.8 |
2018-02-25 | CVE-2018-7472 | Invt | Unspecified vulnerability in Invt Studio 1.2 INVT Studio 1.2 allows remote attackers to cause a denial of service during import operations. | 5.5 |
2018-02-24 | CVE-2018-7455 | Xpdfreader | Out-of-bounds Read vulnerability in Xpdfreader Xpdf 4.00 An out-of-bounds read in JPXStream::readTilePart in JPXStream.cc in xpdf 4.00 allows attackers to launch denial of service via a specific pdf file, as demonstrated by pdftohtml. | 5.5 |
2018-02-24 | CVE-2018-7454 | Xpdfreader | NULL Pointer Dereference vulnerability in Xpdfreader Xpdf 4.00 A NULL pointer dereference in XFAForm::scanFields in XFAForm.cc in xpdf 4.00 allows attackers to launch denial of service via a specific pdf file, as demonstrated by pdftohtml. | 5.5 |
2018-02-24 | CVE-2018-7453 | Xpdfreader | Infinite Loop vulnerability in Xpdfreader Xpdf 4.00 Infinite recursion in AcroForm::scanField in AcroForm.cc in xpdf 4.00 allows attackers to launch denial of service via a specific pdf file due to lack of loop checking, as demonstrated by pdftohtml. | 5.5 |
2018-02-24 | CVE-2018-7452 | Xpdfreader | NULL Pointer Dereference vulnerability in Xpdfreader Xpdf 4.00 A NULL pointer dereference in JPXStream::fillReadBuf in JPXStream.cc in xpdf 4.00 allows attackers to launch denial of service via a specific pdf file, as demonstrated by pdftohtml. | 5.5 |
2018-02-22 | CVE-2017-18193 | Linux | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Linux Kernel fs/f2fs/extent_cache.c in the Linux kernel before 4.13 mishandles extent trees, which allows local users to cause a denial of service (BUG) via an application with multiple threads. | 5.5 |
2018-02-21 | CVE-2018-7273 | Linux | Information Exposure vulnerability in Linux Kernel In the Linux kernel through 4.15.4, the floppy driver reveals the addresses of kernel functions and global variables using printk calls within the function show_floppy in drivers/block/floppy.c. | 5.5 |
2018-02-20 | CVE-2017-6193 | Apng Disassembler Project | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apng Disassembler Project Apng Disassembler Buffer overflow in APNGDis 2.8 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted image containing a malformed image size descriptor in the IHDR chunk. | 5.5 |
2018-02-20 | CVE-2017-6192 | Apng Disassembler Project | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apng Disassembler Project Apng Disassembler Buffer overflow in APNGDis 2.8 and earlier allows a remote attackers to cause denial of service and possibly execute arbitrary code via a crafted image containing a malformed chunk size descriptor. | 5.5 |
2018-02-19 | CVE-2011-3477 | Symantec | Improper Input Validation vulnerability in Symantec products GEAR Software CD DVD Filter driver (aka GEARAspiWDM.sys), as used in Symantec Backup Exec System Recovery 8.5 and BESR 2010, Symantec System Recovery 2011, Norton 360, and Norton Ghost, allows local users to cause a denial of service (system crash) via unspecified vectors. | 5.5 |
2018-02-23 | CVE-2018-6868 | Groupon Clone Script Project | Cross-site Scripting vulnerability in Groupon Clone Script Project Groupon Clone Script 3.0.2 Cross Site Scripting (XSS) exists in PHP Scripts Mall Slickdeals / DealNews / Groupon Clone Script 3.0.2 via a User Profile Field parameter. | 5.4 |
2018-02-23 | CVE-2018-6867 | Alibaba Clone Script Project | Cross-site Scripting vulnerability in Alibaba Clone Script Project Alibaba Clone Script 1.0.2 Cross Site Scripting (XSS) exists in PHP Scripts Mall Alibaba Clone Script 1.0.2 via a profile parameter. | 5.4 |
2018-02-23 | CVE-2018-6866 | Learning AND Examination Management System Script Project | Cross-site Scripting vulnerability in Learning and Examination Management System Script Project Learning and Examination Management System Script 2.3.1 Cross Site Scripting (XSS) exists in PHP Scripts Mall Learning and Examination Management System Script 2.3.1 via a crafted message. | 5.4 |
2018-02-22 | CVE-2018-1415 | IBM | Cross-site Scripting vulnerability in IBM Maximo Asset Management IBM Maximo Asset Management 7.6 is vulnerable to cross-site scripting. | 5.4 |
2018-02-22 | CVE-2018-0201 | Cisco | Cross-site Scripting vulnerability in Cisco Jabber 11.9/11.9(.0) A vulnerability in Cisco Jabber Client Framework (JCF) could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of an affected device. | 5.4 |
2018-02-22 | CVE-2018-0146 | Cisco | Cross-Site Request Forgery (CSRF) vulnerability in Cisco Data Center Analytics Framework 3.1 A vulnerability in the Cisco Data Center Analytics Framework application could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack on an affected system. | 5.4 |
2018-02-21 | CVE-2018-6936 | D Link | Cross-site Scripting vulnerability in D-Link Dir-600M C1 Firmware 3.01 Cross Site Scripting (XSS) exists on the D-Link DIR-600M C1 3.01 via the SSID or the name of a user account. | 5.4 |
2018-02-21 | CVE-2017-1604 | IBM | Cross-site Scripting vulnerability in IBM Maximo Anywhere IBM Maximo Anywhere 7.5 and 7.6 is vulnerable to cross-site scripting. | 5.4 |
2018-02-21 | CVE-2017-1462 | IBM | Cross-site Scripting vulnerability in IBM Rational Rhapsody Design Manager IBM Rhapsody DM 5.0 and 6.0 is vulnerable to cross-site scripting. | 5.4 |
2018-02-21 | CVE-2018-7303 | Tiki | Cross-site Scripting vulnerability in Tiki Tikiwiki Cms/Groupware 17.1 The Calendar component in Tiki 17.1 allows HTML injection. | 5.4 |
2018-02-21 | CVE-2018-7302 | Tiki | Cross-site Scripting vulnerability in Tiki 17.1 Tiki 17.1 allows upload of a .PNG file that actually has SVG content, leading to XSS. | 5.4 |
2018-02-21 | CVE-2018-7261 | Radiantcms | Cross-site Scripting vulnerability in Radiantcms Radiant CMS 1.1.4 There are multiple Persistent XSS vulnerabilities in Radiant CMS 1.1.4. | 5.4 |
2018-02-21 | CVE-2016-0344 | IBM | Cross-site Scripting vulnerability in IBM Tririga Application Platform Cross-site scripting (XSS) vulnerability in the My Reports component in IBM TRIRIGA Application Platform 3.3 before 3.3.2.6, 3.4 before 3.4.2.3, and 3.5 before 3.5.0.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 5.4 |
2018-02-21 | CVE-2018-7260 | Phpmyadmin | Cross-site Scripting vulnerability in PHPmyadmin Cross-site scripting (XSS) vulnerability in db_central_columns.php in phpMyAdmin before 4.7.8 allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL. | 5.4 |
2018-02-20 | CVE-2017-17454 | Mahara | Cross-site Scripting vulnerability in Mahara Mahara 16.10 before 16.10.7 and 17.04 before 17.04.5 and 17.10 before 17.10.2 have a Cross Site Scripting (XSS) vulnerability when a user enters invalid UTF-8 characters. | 5.4 |
2018-02-19 | CVE-2015-2324 | 10Web | Cross-site Scripting vulnerability in 10Web Photo Gallery Cross-site scripting (XSS) vulnerability in the filemanager in the Photo Gallery plugin before 1.2.13 for WordPress allows remote authenticated users with edit permission to inject arbitrary web script or HTML via unspecified vectors. | 5.4 |
2018-02-19 | CVE-2017-18092 | Atlassian | Cross-site Scripting vulnerability in Atlassian Crucible The print snippet resource in Atlassian Crucible before version 4.4.3 (the fixed version for 4.4.x) and before 4.5.0 allows remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability through the contents of a comment on the snippet. | 5.4 |
2018-02-24 | CVE-2018-7434 | Zzcms | Path Traversal vulnerability in Zzcms 8.2 zzcms 8.2 allows remote attackers to discover the full path via a direct request to 3/qq_connect2.0/API/class/ErrorCase.class.php or 3/ucenter_api/code/friend.php. | 5.3 |
2018-02-23 | CVE-2017-16769 | Synology | Information Exposure vulnerability in Synology Photo Station 6.8.13458 Exposure of private information vulnerability in Photo Viewer in Synology Photo Station 6.8.1-3458 allows remote attackers to obtain metadata from password-protected photographs via the map viewer mode. | 5.3 |
2018-02-22 | CVE-2018-7296 | EQ 3 | Path Traversal vulnerability in Eq-3 Homematic Central Control Unit Ccu2 Firmware 2.29.22 Directory Traversal / Arbitrary File Read in User.getLanguage method in eQ-3 AG Homematic CCU2 2.29.2 and earlier allows remote attackers to read the first line of an arbitrary file on the CCU2's filesystem. | 5.3 |
2018-02-22 | CVE-2018-0203 | Cisco | Unspecified vulnerability in Cisco Unity Connection A vulnerability in the SMTP relay of Cisco Unity Connection could allow an unauthenticated, remote attacker to send unsolicited email messages, aka a Mail Relay Vulnerability. | 5.3 |
2018-02-20 | CVE-2018-6459 | Strongswan | Improper Verification of Cryptographic Signature vulnerability in Strongswan 5.6.1 The rsa_pss_params_parse function in libstrongswan/credentials/keys/signature_params.c in strongSwan 5.6.1 allows remote attackers to cause a denial of service via a crafted RSASSA-PSS signature that lacks a mask generation function parameter. | 5.3 |
2018-02-20 | CVE-2015-9256 | Datto | Information Exposure vulnerability in Datto products Datto ALTO and SIRIS devices allow remote attackers to obtain sensitive information via access to device/VM restore mount points, because they do not have ACLs by default. | 5.3 |
2018-02-20 | CVE-2015-9255 | Datto | Information Exposure vulnerability in Datto products Datto ALTO and SIRIS devices allow remote attackers to obtain sensitive information about data, software versions, configuration, and virtual machines via a request to a Web Virtual Directory. | 5.3 |
2018-02-19 | CVE-2014-3972 | Apexis | Path Traversal vulnerability in Apexis Apm-J601-Ws Firmware Directory traversal vulnerability in Apexis APM-J601-WS cameras with firmware before 17.35.2.49 allows remote attackers to read arbitrary files via unspecified vectors. | 5.3 |
2018-02-19 | CVE-2018-6591 | Conversejs | Information Exposure vulnerability in Conversejs Converse.Js Converse.js and Inverse.js through 3.3 allow remote attackers to obtain sensitive information because it is too difficult to determine whether safe publication of private data was configured or even intended. | 5.3 |
2018-02-19 | CVE-2017-18095 | Atlassian | Incorrect Authorization vulnerability in Atlassian Crucible The SnippetRPCServiceImpl class in Atlassian Crucible before version 4.5.1 (the fixed version 4.5.x) and before 4.6.0 allows remote attackers to comment on snippets they do not have authorization to access via an improper authorization vulnerability. | 5.3 |
2018-02-24 | CVE-2018-6883 | Piwigo | SQL Injection vulnerability in Piwigo Piwigo before 2.9.3 has SQL injection in admin/tags.php in the administration panel, via the tags array parameter in an admin.php?page=tags request. | 4.9 |
2018-02-21 | CVE-2018-7305 | Mybb | Cross-Site Request Forgery (CSRF) vulnerability in Mybb 1.8.14 MyBB 1.8.14 is not checking for a valid CSRF token, leading to arbitrary deletion of user accounts. | 4.9 |
2018-02-24 | CVE-2018-7447 | Mojoportal | Cross-site Scripting vulnerability in Mojoportal mojoPortal through 2.6.0.0 is prone to multiple persistent cross-site scripting vulnerabilities because it fails to sanitize user-supplied input. | 4.8 |
2018-02-23 | CVE-2018-0519 | FSI | Cross-site Scripting vulnerability in FSI Fs010W Firmware 1.3.0 Cross-site scripting vulnerability in FS010W firmware FS010W_00_V1.3.0 and earlier allows an attacker to inject arbitrary web script or HTML via unspecified vectors. | 4.8 |
2018-02-22 | CVE-2018-6890 | Wolfcms | Cross-site Scripting vulnerability in Wolfcms Wolf CMS 0.8.3.1 Cross-site scripting (XSS) vulnerability in Wolf CMS 0.8.3.1 via the page editing feature, as demonstrated by /?/admin/page/edit/3. | 4.8 |
2018-02-20 | CVE-2018-7205 | Kentico | Cross-site Scripting vulnerability in Kentico CMS Reflected Cross-Site Scripting vulnerability in "Design" on "Edit device layout" in Kentico 9 through 11 allows remote attackers to execute malicious JavaScript via a malicious devicename parameter in a link that is entered via the "Pages -> Edit template properties -> Device Layouts -> Create device layout (and edit created device layout) -> Design" screens. | 4.8 |
2018-02-19 | CVE-2017-18093 | Atlassian | Cross-site Scripting vulnerability in Atlassian Crucible and Fisheye Various resources in Atlassian Fisheye and Crucible before version 4.4.3 (the fixed version for 4.4.x) and before 4.5.0 allow remote attackers who have permission to add or modify a repository to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability through the location setting of a configured repository. | 4.8 |
2018-02-21 | CVE-2016-0367 | IBM | Information Exposure vulnerability in IBM Security Identity Manager Virtual Appliance IBM Security Identity Manager Virtual Appliance 7.0.x before 7.0.1.3-ISS-SIM-IF0001 allows remote authenticated users to obtain sensitive information by reading an error message. | 4.3 |
2018-02-21 | CVE-2016-0345 | IBM | Information Exposure vulnerability in IBM Tririga Application Platform IBM TRIRIGA Application Platform 3.3 before 3.3.2.6, 3.4 before 3.4.2.3, and 3.5 before 3.5.0.1 allows remote authenticated users to obtain the installation path via vectors involving Birt report rendering. | 4.3 |
2018-02-21 | CVE-2016-0343 | IBM | Information Exposure vulnerability in IBM Tririga Application Platform IBM TRIRIGA Application Platform 3.3 before 3.3.2.6, 3.4 before 3.4.2.3, and 3.5 before 3.5.0.1 allows remote authenticated users to obtain sensitive information by reading an error message. | 4.3 |
2018-02-19 | CVE-2018-5380 | Quagga Debian Canonical Siemens | Out-of-bounds Read vulnerability in multiple products The Quagga BGP daemon (bgpd) prior to version 1.2.3 can overrun internal BGP code-to-string conversion tables used for debug by 1 pointer value, based on input. | 4.3 |
6 Low Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2018-02-21 | CVE-2016-0366 | IBM | Information Exposure vulnerability in IBM Security Privileged Identity Manager 2.0 IBM Security Identity Manager Virtual Appliance 7.0.x before 7.0.1.3-ISS-SIM-IF0001 might allow remote attackers to obtain sensitive information by leveraging weak encryption. | 3.7 |
2018-02-21 | CVE-2016-0351 | IBM | Information Exposure vulnerability in IBM Security Identity Manager Virtual Appliance IBM Security Identity Manager Virtual Appliance 7.0.x before 7.0.1.3-ISS-SIM-IF0001 does not set the secure flag for the session cookie in an HTTPS session, which makes it easier for remote attackers to capture this cookie by intercepting its transmission within an HTTP session. | 3.7 |
2018-02-23 | CVE-2017-18196 | Leptonica | Path Traversal vulnerability in Leptonica 1.74.4 Leptonica 1.74.4 constructs unintended pathnames (containing duplicated path components) when operating on files in /tmp subdirectories, which might allow local users to bypass intended file restrictions by leveraging access to a directory located deeper within the /tmp directory tree, as demonstrated by /tmp/ANY/PATH/ANY/PATH/input.tif. | 3.3 |
2018-02-21 | CVE-2018-7289 | Teclib Edition | Encoding Error vulnerability in Teclib-Edition Armadito Antivirus 0.12.7.2 An issue was discovered in armadito-windows-driver/src/communication.c in Armadito 0.12.7.2. | 3.3 |
2018-02-22 | CVE-2018-1392 | IBM | Information Exposure vulnerability in IBM Financial Transaction Manager 3.0.4.0/3.1.0.0 IBM Financial Transaction Manager 3.0.4 and 3.1.0 for ACH Services for Multi-Platform could allow an authenticated user to execute a specially crafted command that could obtain sensitive information. | 3.1 |
2018-02-21 | CVE-2016-0369 | IBM | XXE vulnerability in IBM Forms Experience Builder 8.5/8.5.1/8.6.0 XML external entity (XXE) vulnerability in IBM Forms Experience Builder 8.5, 8.5.1, and 8.6 allows remote authenticated users to obtain sensitive information via crafted XML data. | 2.7 |