Weekly Vulnerabilities Reports > February 26 to March 4, 2018

Overview

246 new vulnerabilities reported during this period, including 16 critical vulnerabilities and 60 high severity vulnerabilities. This weekly summary report vulnerabilities in 175 products from 98 vendors including Adobe, Debian, Netiq, Canonical, and Redhat. Vulnerabilities are notably categorized as "Out-of-bounds Read", "Cross-site Scripting", "Improper Input Validation", "Out-of-bounds Write", and "NULL Pointer Dereference".

  • 206 reported vulnerabilities are remotely exploitables.
  • 22 reported vulnerabilities have public exploit available.
  • 56 reported vulnerabilities are related to weaknesses in OWASP Top Ten.
  • 208 reported vulnerabilities are exploitable by an anonymous user.
  • Adobe has the most reported vulnerabilities, with 41 reported vulnerabilities.
  • Netiq has the most reported critical vulnerabilities, with 4 reported vulnerabilities.

TOTAL
VULNERABILITIES
CRITICAL RISK
VULNERABILITIES
HIGH RISK
VULNERABILITIES
MEDIUM RISK
VULNERABILITIES
LOW RISK
VULNERABILITIES
REMOTELY
EXPLOITABLE
LOCALLY
EXPLOITABLE
EXPLOIT
AVAILABLE
EXPLOITABLE
ANONYMOUSLY
AFFECTING
WEB APPLICATION

Vulnerability Details

The following table list reported vulnerabilities for the period covered by this report:

Expand/Hide

16 Critical Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2018-03-01 CVE-2018-7573 Ftpshell Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Ftpshell Client 6.70

An issue was discovered in FTPShell Client 6.7.

10.0
2018-02-27 CVE-2018-4895 Adobe Out-of-bounds Write vulnerability in Adobe products

An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and earlier versions, 2017.011.30070 and earlier versions, 2015.006.30394 and earlier versions.

10.0
2018-02-27 CVE-2018-4879 Adobe Out-of-bounds Write vulnerability in Adobe products

An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and earlier versions, 2017.011.30070 and earlier versions, 2015.006.30394 and earlier versions.

10.0
2018-02-27 CVE-2018-4872 Adobe Unspecified vulnerability in Adobe products

An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and earlier versions, 2017.011.30070 and earlier versions, 2015.006.30394 and earlier versions.

10.0
2018-02-26 CVE-2017-11634 Use of Hard-coded Credentials vulnerability in - Wireless IP Camera 360

An issue was discovered on Wireless IP Camera 360 devices.

10.0
2018-02-26 CVE-2017-11632 Use of Hard-coded Credentials vulnerability in - Wireless IP Camera 360

An issue was discovered on Wireless IP Camera 360 devices.

10.0
2018-03-02 CVE-2017-9285 Netiq
Microfocus
Improper Authentication vulnerability in multiple products

NetIQ eDirectory before 9.0 SP4 did not enforce login restrictions when "ebaclient" was used, allowing unpermitted access to eDirectory services.

9.8
2018-03-02 CVE-2017-9278 Netiq Information Exposure Through Log Files vulnerability in Netiq Identity Manager

The NetIQ Identity Manager Oracle EBS driver before 4.0.2.0 sent EBS logs containing the driver authentication password, potentially disclosing this to attackers able to read the EBS tables.

9.8
2018-03-02 CVE-2017-7434 Netiq Information Exposure Through Log Files vulnerability in Netiq Identity Manager 4.5

In the JDBC driver of NetIQ Identity Manager before 4.6 sending out incorrect XML configurations could result in passwords being logged into exception logfiles.

9.8
2018-03-01 CVE-2017-9269 Opensuse Improper Input Validation vulnerability in Opensuse Libzypp

In libzypp before August 2018 GPG keys attached to YUM repositories were not correctly pinned, allowing malicious repository mirrors to silently downgrade to unsigned repositories with potential malicious content.

9.8
2018-02-27 CVE-2017-15692 Apache Deserialization of Untrusted Data vulnerability in Apache Geode

In Apache Geode before v1.4.0, the TcpServer within the Geode locator opens a network port that deserializes data.

9.8
2018-02-26 CVE-2018-7489 Fasterxml
Debian
Oracle
Redhat
Deserialization of Untrusted Data vulnerability in multiple products

FasterXML jackson-databind before 2.7.9.3, 2.8.x before 2.8.11.1 and 2.9.x before 2.9.5 allows unauthenticated remote code execution because of an incomplete fix for the CVE-2017-7525 deserialization flaw.

9.8
2018-02-26 CVE-2018-7484 Purevpn Untrusted Search Path vulnerability in Purevpn 5.19.4.0

An issue was discovered in PureVPN through 5.19.4.0 on Windows.

9.3
2018-03-01 CVE-2017-9270 Opensuse Improper Input Validation vulnerability in Opensuse Cryptctl 2.0

In cryptctl before version 2.0 a malicious server could send RPC requests that could overwrite files outside of the cryptctl key database.

9.1
2018-03-01 CVE-2017-7426 Netiq XXE vulnerability in Netiq Identity Manager 4.5/4.6

The NetIQ Identity Manager Plugins before 4.6.1 contained various XML External XML Entity (XXE) handling flaws that could be used by attackers to leak information or cause denial of service attacks.

9.1
2018-02-28 CVE-2016-0291 IBM OS Command Injection vulnerability in IBM Bigfix Platform

IBM BigFix Platform 9.0, 9.1 before 9.1.8, and 9.2 before 9.2.8 allow remote authenticated users to execute arbitrary commands by leveraging report server access.

9.0

60 High Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2018-03-02 CVE-2017-7429 Netiq
Microfocus
Improper Certificate Validation vulnerability in multiple products

The certificate upload in NetIQ eDirectory PKI plugin before 8.8.8 Patch 10 Hotfix 1 could be abused to upload JSP code which could be used by authenticated attackers to execute JSP applets on the iManager server.

8.8
2018-03-02 CVE-2018-1058 Postgresql
Canonical
Redhat
A flaw was found in the way Postgresql allowed a user to modify the behavior of a query for other users.
8.8
2018-03-01 CVE-2017-9286 Opensuse Unspecified vulnerability in Opensuse Leap 42.3

The packaging of NextCloud in openSUSE used /srv/www/htdocs in an unsafe manner, which could have allowed scripts running as wwwrun user to escalate privileges to root during nextcloud package upgrade.

8.8
2018-03-01 CVE-2018-7550 Qemu
Debian
Canonical
Redhat
Out-of-bounds Write vulnerability in multiple products

The load_multiboot function in hw/i386/multiboot.c in Quick Emulator (aka QEMU) allows local guest OS users to execute arbitrary code on the QEMU host via a mh_load_end_addr value greater than mh_bss_end_addr, which triggers an out-of-bounds read or write memory access.

8.8
2018-02-27 CVE-2017-5660 Apache
Debian
Improper Input Validation vulnerability in multiple products

There is a vulnerability in Apache Traffic Server (ATS) 6.2.0 and prior and 7.0.0 and prior with the Host header and line folding.

8.6
2018-02-26 CVE-2018-7448 Cmsmadesimple OS Command Injection vulnerability in Cmsmadesimple CMS Made Simple 2.1.6

Remote code execution vulnerability in /cmsms-2.1.6-install.php/index.php in CMS Made Simple version 2.1.6 allows remote attackers to inject arbitrary PHP code via the "timezone" parameter in step 4 of a fresh installation procedure.

8.5
2018-03-02 CVE-2018-1170 HTC
Volkswagen
This vulnerability allows adjacent attackers to inject arbitrary Controller Area Network messages on vulnerable installations of Volkswagen Customer-Link App 1.30 and HTC Customer-Link Bridge.
8.3
2018-03-01 CVE-2017-7436 Opensuse Improper Input Validation vulnerability in Opensuse Libzypp

In libzypp before 20170803 it was possible to retrieve unsigned packages without a warning to the user which could lead to man in the middle or malicious servers to inject malicious RPM packages into a users system.

8.1
2018-03-01 CVE-2017-7435 Opensuse Improper Input Validation vulnerability in Opensuse Libzypp

In libzypp before 20170803 it was possible to add unsigned YUM repositories without warning to the user that could lead to man in the middle or malicious servers to inject malicious RPM packages into a users system.

8.1
2018-03-02 CVE-2015-0796 Opensuse Link Following vulnerability in Opensuse Open Buildservice

In open buildservice 2.6 before 2.6.3, 2.5 before 2.5.7 and 2.4 before 2.4.8 the source service patch application could generate non-standard files like symlinks or device nodes, which could allow buildservice users to break of confinement or cause denial of service attacks on the source service.

7.8
2018-03-01 CVE-2017-9274 Opensuse OS Command Injection vulnerability in Opensuse Obs-Service-Source Validator

A shell command injection in the obs-service-source_validator before 0.7 could be used to execute code as the packager when checking RPM SPEC files with specific macro constructs.

7.8
2018-03-01 CVE-2017-6150 F5 Improper Input Validation vulnerability in F5 products

Under certain conditions for F5 BIG-IP systems 13.0.0 or 12.1.0 - 12.1.3.1, using FastL4 profiles, when the Reassemble IP Fragments option is disabled (default), some specific large fragmented packets may restart the Traffic Management Microkernel (TMM).

7.8
2018-03-02 CVE-2017-9280 Netiq Information Exposure vulnerability in Netiq Identity Manager 4.5

Some NetIQ Identity Manager Applications before Identity Manager 4.5.6.1 included the session token in GET URLs, potentially allowing exposure of user sessions to untrusted third parties via proxies, referer urls or similar.

7.5
2018-03-02 CVE-2017-9277 Novell Unspecified vulnerability in Novell Edirectory

The LDAP backend in Novell eDirectory before 9.0 SP4 when switched to EBA (Enhanced Background Authentication) kept open connections without EBA.

7.5
2018-03-02 CVE-2017-9267 Novell Unspecified vulnerability in Novell Edirectory

In Novell eDirectory before 9.0.3.1 the LDAP interface was not strictly enforcing cipher restrictions allowing weaker ciphers to be used during SSL BIND operations.

7.5
2018-03-02 CVE-2017-5189 Netiq Improper Authentication vulnerability in Netiq Imanager

NetIQ iManager before 3.0.3 delivered a SSL private key in a Java application (JAR file) for authentication to Sentinel, allowing attackers to extract and establish their own connections to the Sentinel appliance.

7.5
2018-03-02 CVE-2018-7648 Uclouvain Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Uclouvain Openjpeg 2.3.0

An issue was discovered in mj2/opj_mj2_extract.c in OpenJPEG 2.3.0.

7.5
2018-03-02 CVE-2018-6490 HP Improper Input Validation vulnerability in HP Operations Orchestration 10.0

Denial of Service vulnerability in Micro Focus Operations Orchestration Software, version 10.x.

7.5
2018-03-01 CVE-2017-18212 Jerryscript Out-of-bounds Read vulnerability in Jerryscript 1.0

An issue was discovered in JerryScript 1.0.

7.5
2018-03-01 CVE-2018-7047 Wowza Use of Hard-coded Credentials vulnerability in Wowza Streaming Engine

An issue was discovered in the MBeans Server in Wowza Streaming Engine before 4.7.1.

7.5
2018-03-01 CVE-2017-18211 Imagemagick
Canonical
NULL Pointer Dereference vulnerability in multiple products

In ImageMagick 7.0.7, a NULL pointer dereference vulnerability was found in the function saveBinaryCLProgram in magick/opencl.c because a program-lookup result is not checked, related to CacheOpenCLKernel.

7.5
2018-03-01 CVE-2017-18210 Imagemagick NULL Pointer Dereference vulnerability in Imagemagick

In ImageMagick 7.0.7, a NULL pointer dereference vulnerability was found in the function BenchmarkOpenCLDevices in MagickCore/opencl.c because a memory allocation result is not checked.

7.5
2018-03-01 CVE-2017-5188 Opensuse Link Following vulnerability in Opensuse Open Build Service

The bs_worker code in open build service before 20170320 followed relative symlinks, allowing reading of files outside of the package source directory during build, allowing leakage of private information.

7.5
2018-03-01 CVE-2018-7584 PHP
Canonical
Debian
Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in PHP

In PHP through 5.6.33, 7.0.x before 7.0.28, 7.1.x through 7.1.14, and 7.2.x through 7.2.2, there is a stack-based buffer under-read while parsing an HTTP response in the php_stream_url_wrap_http_ex function in ext/standard/http_fopen_wrapper.c.

7.5
2018-03-01 CVE-2018-2368 SAP Missing Authentication for Critical Function vulnerability in SAP Netweaver System Landscape Directory

SAP NetWeaver System Landscape Directory, LM-CORE 7.10, 7.20, 7.30, 7.31, 7.40, does not perform any authentication checks for functionalities that require user identity.

7.5
2018-03-01 CVE-2018-7561 Tendacn
Tenda
Out-of-bounds Write vulnerability in Tendacn AC9 Firmware 15.03.05.14En

Stack-based Buffer Overflow in httpd on Tenda AC9 devices V15.03.05.14_EN allows remote attackers to cause a denial of service or possibly have unspecified other impact.

7.5
2018-03-01 CVE-2017-12627 Apache NULL Pointer Dereference vulnerability in Apache Xerces-C++

In Apache Xerces-C XML Parser library before 3.2.1, processing of external DTD paths can result in a null pointer dereference under certain conditions.

7.5
2018-02-28 CVE-2018-7264 Activepdf Out-of-bounds Write vulnerability in Activepdf Toolkit

The Pictview image processing library embedded in the ActivePDF toolkit through 2018.1.0.18321 is prone to multiple out of bounds write and sign errors, allowing a remote attacker to execute arbitrary code on vulnerable applications using the ActivePDF Toolkit to process untrusted images.

7.5
2018-02-28 CVE-2018-7482 Joomlaworks Path Traversal vulnerability in Joomlaworks K2 2.8.0

The K2 component 2.8.0 for Joomla! has Incorrect Access Control with directory traversal, allowing an attacker to download arbitrary files, as demonstrated by a view=media&task=connector&cmd=file&target=l1_../configuration.php&download=1 request.

7.5
2018-02-28 CVE-2018-7477 School Management Script Project SQL Injection vulnerability in School Management Script Project School Management Script 3.0.4

SQL Injection exists in PHP Scripts Mall School Management Script 3.0.4 via the Username and Password fields to parents/Parent_module/parent_login.php.

7.5
2018-02-28 CVE-2018-7554 Sam2P Project
Debian
Use After Free vulnerability in multiple products

There is an invalid free in ReadImage in input-bmp.ci that leads to a Segmentation fault in sam2p 0.49.4.

7.5
2018-02-28 CVE-2018-7553 Sam2P Project
Debian
Out-of-bounds Write vulnerability in multiple products

There is a heap-based buffer overflow in the pcxLoadRaster function of in_pcx.cpp in sam2p 0.49.4.

7.5
2018-02-28 CVE-2018-7552 Sam2P Project
Debian
Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products

There is an invalid free in Mapping::DoubleHash::clear in mapping.cpp that leads to a Segmentation fault in sam2p 0.49.4.

7.5
2018-02-28 CVE-2018-7551 Sam2P Project
Debian
Use After Free vulnerability in multiple products

There is an invalid free in MiniPS::delete0 in minips.cpp that leads to a Segmentation fault in sam2p 0.49.4.

7.5
2018-02-28 CVE-2018-6641 Wiris Use After Free vulnerability in Wiris Mathtype 6.9C

An Arbitrary Free (Remote Code Execution) issue was discovered in Design Science MathType 6.9c.

7.5
2018-02-28 CVE-2018-6640 Wiris Out-of-bounds Write vulnerability in Wiris Mathtype 6.9C

A Heap Overflow (Remote Code Execution) issue was discovered in Design Science MathType 6.9c.

7.5
2018-02-28 CVE-2018-6639 Wiris Out-of-bounds Write vulnerability in Wiris Mathtype 6.9C

An out-of-bounds write (Remote Code Execution) issue was discovered in Design Science MathType 6.9c.

7.5
2018-02-28 CVE-2018-6638 Wiris Out-of-bounds Write vulnerability in Wiris Mathtype 6.9C

A stack-based buffer overflow (Remote Code Execution) issue was discovered in Design Science MathType 6.9c.

7.5
2018-02-27 CVE-2018-7548 ZSH
Canonical
NULL Pointer Dereference vulnerability in multiple products

In subst.c in zsh through 5.4.2, there is a NULL pointer dereference when using ${(PA)...} on an empty array result.

7.5
2018-02-27 CVE-2017-18206 ZSH
Canonical
Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products

In utils.c in zsh before 5.4, symlink expansion had a buffer overflow.

7.5
2018-02-27 CVE-2016-10714 ZSH
Canonical
Numeric Errors vulnerability in multiple products

In zsh before 5.3, an off-by-one error resulted in undersized buffers that were intended to support PATH_MAX characters.

7.5
2018-02-27 CVE-2014-10072 ZSH Project Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in ZSH Project ZSH

In utils.c in zsh before 5.0.6, there is a buffer overflow when scanning very long directory paths for symbolic links.

7.5
2018-02-27 CVE-2014-10071 ZSH
Canonical
Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products

In exec.c in zsh before 5.0.7, there is a buffer overflow for very long fds in the ">& fd" syntax.

7.5
2018-02-27 CVE-2018-7467 Axxonsoft Path Traversal vulnerability in Axxonsoft Next

AxxonSoft Axxon Next has Directory Traversal via an initial /css//..%2f substring in a URI.

7.5
2018-02-27 CVE-2017-7671 Apache
Debian
Improper Input Validation vulnerability in multiple products

There is a DOS attack vulnerability in Apache Traffic Server (ATS) 5.2.0 to 5.3.2, 6.0.0 to 6.2.0, and 7.0.0 with the TLS handshake.

7.5
2018-02-27 CVE-2018-6481 Flexense Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Flexense Disksavvy Enterprise 10.4.18

A buffer overflow vulnerability in the control protocol of Disk Savvy Enterprise v10.4.18 allows remote attackers to execute arbitrary code by sending a crafted packet to TCP port 9124.

7.5
2018-02-27 CVE-2017-15693 Apache Deserialization of Untrusted Data vulnerability in Apache Geode

In Apache Geode before v1.4.0, the Geode server stores application objects in serialized form.

7.5
2018-02-26 CVE-2018-7485 Unixodbc Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Unixodbc 2.3.5

The SQLWriteFileDSN function in odbcinst/SQLWriteFileDSN.c in unixODBC 2.3.5 has strncpy arguments in the wrong order, which allows attackers to cause a denial of service or possibly have unspecified other impact.

7.5
2018-02-26 CVE-2017-18201 GNU Double Free vulnerability in GNU Libcdio

An issue was discovered in GNU libcdio before 2.0.0.

7.5
2018-02-26 CVE-2018-7463 Asanhamayesh SQL Injection vulnerability in Asanhamayesh CMS 3.4.6

SQL injection vulnerability in files.php in the "files" component in ASANHAMAYESH CMS 3.4.6 allows a remote attacker to execute arbitrary SQL commands via the "id" parameter.

7.5
2018-02-26 CVE-2017-9426 Facetag Project SQL Injection vulnerability in Facetag Project Facetag 0.0.3

ws.php in the Facetag extension 0.0.3 for Piwigo allows SQL injection via the imageId parameter in a facetag.changeTag or facetag.listTags action.

7.5
2018-02-26 CVE-2017-15696 Apache Information Exposure vulnerability in Apache Geode

When an Apache Geode cluster before v1.4.0 is operating in secure mode, the Geode configuration service does not properly authorize configuration requests.

7.5
2018-02-28 CVE-2017-12191 Redhat Improper Access Control vulnerability in Redhat Cloudforms 4.5

A flaw was found in the CloudForms account configuration when using VMware.

7.4
2018-03-04 CVE-2018-7567 Otrs Unrestricted Upload of File with Dangerous Type vulnerability in Otrs

In the Admin Package Manager in Open Ticket Request System (OTRS) 5.0.0 through 5.0.24 and 6.0.0 through 6.0.1, authenticated admins are able to exploit a Blind Remote Code Execution vulnerability by loading a crafted opm file with an embedded CodeInstall element to execute a command on the server during package installation.

7.2
2018-03-02 CVE-2017-9279 Netiq Improper Input Validation vulnerability in Netiq Identity Manager 4.5

NetIQ Identity Manager before 4.5.6.1 allowed uploading files with double extensions or non-image content in the Themes handling of the User Application Administration, allowing malicious user administrators to potentially execute code or mislead users.

7.2
2018-02-28 CVE-2018-6947 Nomachine
Microsoft
Improper Initialization vulnerability in multiple products

An uninitialised stack variable in the nxfuse component that is part of the Open Source DokanFS library shipped with NoMachine 6.0.66_2 and earlier allows a local low privileged user to gain elevation of privileges on Windows 7 (32 and 64bit), and denial of service for Windows 8 and 10.

7.2
2018-02-27 CVE-2018-6533 Icinga Unspecified vulnerability in Icinga

An issue was discovered in Icinga 2.x through 2.8.1.

7.2
2018-03-02 CVE-2018-1066 Linux
Debian
Canonical
NULL Pointer Dereference vulnerability in Linux Kernel

The Linux kernel before version 4.11 is vulnerable to a NULL pointer dereference in fs/cifs/cifsencrypt.c:setup_ntlmv2_rsp() that allows an attacker controlling a CIFS server to kernel panic a client that has this server mounted, because an empty TargetInfo field in an NTLMSSP setup negotiation response is mishandled during session recovery.

7.1
2018-03-01 CVE-2017-14798 Postgresql
Suse
Race Condition vulnerability in multiple products

A race condition in the postgresql init script could be used by attackers able to access the postgresql account to escalate their privileges to root.

7.0
2018-02-27 CVE-2017-18202 Linux Use After Free vulnerability in Linux Kernel

The __oom_reap_task_mm function in mm/oom_kill.c in the Linux kernel before 4.14.4 mishandles gather operations, which allows attackers to cause a denial of service (TLB entry leak or use-after-free) or possibly have unspecified other impact by triggering a copy_to_user call within a certain time window.

7.0

154 Medium Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2018-02-26 CVE-2018-7249 Microsoft
Tivo
Use After Free vulnerability in multiple products

An issue was discovered in secdrv.sys as shipped in Microsoft Windows Vista, Windows 7, Windows 8, and Windows 8.1 before KB3086255, and as shipped in Macrovision SafeDisc.

6.9
2018-03-02 CVE-2018-7643 GNU
Redhat
Integer Overflow or Wraparound vulnerability in multiple products

The display_debug_ranges function in dwarf.c in GNU Binutils 2.30 allows remote attackers to cause a denial of service (integer overflow and application crash) or possibly have unspecified other impact via a crafted ELF file, as demonstrated by objdump.

6.8
2018-03-02 CVE-2018-7641 Cimg Out-of-bounds Read vulnerability in Cimg .220

An issue was discovered in CImg v.220.

6.8
2018-03-02 CVE-2018-7640 Cimg Out-of-bounds Read vulnerability in Cimg .220

An issue was discovered in CImg v.220.

6.8
2018-03-02 CVE-2018-7639 Cimg Out-of-bounds Read vulnerability in Cimg .220

An issue was discovered in CImg v.220.

6.8
2018-03-02 CVE-2018-7638 Cimg Out-of-bounds Read vulnerability in Cimg .220

An issue was discovered in CImg v.220.

6.8
2018-03-02 CVE-2018-7637 Cimg Out-of-bounds Read vulnerability in Cimg .220

An issue was discovered in CImg v.220.

6.8
2018-03-02 CVE-2018-1169 Amazon Improper Input Validation vulnerability in Amazon Music 6.1.5.1213

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Amazon Music Player 6.1.5.1213.

6.8
2018-03-01 CVE-2018-7634 Enalean Cross-Site Request Forgery (CSRF) vulnerability in Enalean Tuleap 9.17

An issue was discovered in Enalean Tuleap 9.17.

6.8
2018-03-01 CVE-2017-6930 Drupal Unspecified vulnerability in Drupal

In Drupal versions 8.4.x versions before 8.4.5 when using node access controls with a multilingual site, Drupal marks the untranslated version of a node as the default fallback for access queries.

6.8
2018-03-01 CVE-2018-7590 Hoosk Cross-Site Request Forgery (CSRF) vulnerability in Hoosk 1.7.0

CSRF exists in Hoosk 1.7.0 via /admin/users/new/add, resulting in account creation.

6.8
2018-03-01 CVE-2018-7589 Cimg Double Free vulnerability in Cimg .220

An issue was discovered in CImg v.220.

6.8
2018-03-01 CVE-2018-7588 Cimg Out-of-bounds Read vulnerability in Cimg .220

An issue was discovered in CImg v.220.

6.8
2018-03-01 CVE-2018-7587 Cimg Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Cimg .220

An issue was discovered in CImg v.220.

6.8
2018-03-01 CVE-2017-18209 Imagemagick
Canonical
NULL Pointer Dereference vulnerability in multiple products

In the GetOpenCLCachedFilesDirectory function in magick/opencl.c in ImageMagick 7.0.7, a NULL pointer dereference vulnerability occurs because a memory allocation result is not checked, related to GetOpenCLCacheDirectory.

6.8
2018-02-28 CVE-2016-0295 IBM Cross-Site Request Forgery (CSRF) vulnerability in IBM Bigfix Platform

Cross-site request forgery (CSRF) vulnerability in the IBM BigFix Platform 9.0, 9.1, 9.2, and 9.5 before 9.5.2 allows remote attackers to hijack the authentication of arbitrary users for requests that insert XSS sequences.

6.8
2018-02-27 CVE-2017-18205 ZSH Project NULL Pointer Dereference vulnerability in ZSH Project ZSH

In builtin.c in zsh before 5.4, when sh compatibility mode is used, there is a NULL pointer dereference during processing of the cd command with no argument if HOME is not set.

6.8
2018-02-27 CVE-2018-4916 Adobe Out-of-bounds Write vulnerability in Adobe products

An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and earlier versions, 2017.011.30070 and earlier versions, 2015.006.30394 and earlier versions.

6.8
2018-02-27 CVE-2018-4915 Adobe Out-of-bounds Write vulnerability in Adobe products

An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and earlier versions, 2017.011.30070 and earlier versions, 2015.006.30394 and earlier versions.

6.8
2018-02-27 CVE-2018-4913 Adobe Use After Free vulnerability in Adobe products

An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and earlier versions, 2017.011.30070 and earlier versions, 2015.006.30394 and earlier versions.

6.8
2018-02-27 CVE-2018-4911 Adobe Use After Free vulnerability in Adobe products

An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and earlier versions, 2017.011.30070 and earlier versions, 2015.006.30394 and earlier versions.

6.8
2018-02-27 CVE-2018-4910 Adobe Out-of-bounds Write vulnerability in Adobe products

An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and earlier versions, 2017.011.30070 and earlier versions, 2015.006.30394 and earlier versions.

6.8
2018-02-27 CVE-2018-4904 Adobe Out-of-bounds Write vulnerability in Adobe products

An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and earlier versions, 2017.011.30070 and earlier versions, 2015.006.30394 and earlier versions.

6.8
2018-02-27 CVE-2018-4902 Adobe Use After Free vulnerability in Adobe products

An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and earlier versions, 2017.011.30070 and earlier versions, 2015.006.30394 and earlier versions.

6.8
2018-02-27 CVE-2018-4901 Adobe Out-of-bounds Write vulnerability in Adobe products

An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and earlier versions, 2017.011.30070 and earlier versions, 2015.006.30394 and earlier versions.

6.8
2018-02-27 CVE-2018-4898 Adobe Out-of-bounds Write vulnerability in Adobe products

An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and earlier versions, 2017.011.30070 and earlier versions, 2015.006.30394 and earlier versions.

6.8
2018-02-27 CVE-2018-4892 Adobe Use After Free vulnerability in Adobe products

An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and earlier versions, 2017.011.30070 and earlier versions, 2015.006.30394 and earlier versions.

6.8
2018-02-27 CVE-2018-4890 Adobe Out-of-bounds Write vulnerability in Adobe products

An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and earlier versions, 2017.011.30070 and earlier versions, 2015.006.30394 and earlier versions.

6.8
2018-02-27 CVE-2018-4888 Adobe Use After Free vulnerability in Adobe products

An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and earlier versions, 2017.011.30070 and earlier versions, 2015.006.30394 and earlier versions.

6.8
2018-02-26 CVE-2018-7487 Sam2P Project
Debian
Out-of-bounds Write vulnerability in multiple products

There is a heap-based buffer overflow in the LoadPCX function of in_pcx.cpp in sam2p 0.49.4.

6.8
2018-03-04 CVE-2017-18213 Exponentcms Unspecified vulnerability in Exponentcms Exponent CMS

In Exponent CMS before 2.4.1 Patch #6, certain admin users can elevate their privileges.

6.5
2018-03-01 CVE-2017-9268 Opensuse Incorrect Permission Assignment for Critical Resource vulnerability in Opensuse Open Build Service

In the open build service before 201707022 the wipetrigger and rebuild actions checked the wrong project for permissions, allowing authenticated users to cause operations on projects where they did not have permissions leading to denial of service (resource consumption).

6.5
2018-03-01 CVE-2018-7579 Yzmcms SQL Injection vulnerability in Yzmcms 3.6

\application\admin\controller\update_urls.class.php in YzmCMS 3.6 has SQL Injection via the catids array parameter to admin/update_urls/update_category_url.html.

6.5
2018-03-01 CVE-2018-2380 SAP Path Traversal vulnerability in SAP Customer Relationship Management

SAP CRM, 7.01, 7.02,7.30, 7.31, 7.33, 7.54, allows an attacker to exploit insufficient validation of path information provided by users, thus characters representing "traverse to parent directory" are passed through to the file APIs.

6.5
2018-03-01 CVE-2018-2367 SAP Path Traversal vulnerability in SAP Business Application Software Integrated Solution

ABAP File Interface in, SAP BASIS, from 7.00 to 7.02, from 7.10 to 7.11, 7.30, 7.31, 7.40, from 7.50 to 7.52, allows an attacker to exploit insufficient validation of path information provided by users, thus characters representing "traverse to parent directory" are passed through to the file APIs.

6.5
2018-03-01 CVE-2017-18207 Python Divide By Zero vulnerability in Python

The Wave_read._read_fmt_chunk function in Lib/wave.py in Python through 3.6.4 does not ensure a nonzero channel value, which allows attackers to cause a denial of service (divide-by-zero and exception) via a crafted wav format audio file.

6.5
2018-02-28 CVE-2015-4117 Vestacp OS Command Injection vulnerability in Vestacp Control Panel

Vesta Control Panel before 0.9.8-14 allows remote authenticated users to execute arbitrary commands via shell metacharacters in the backup parameter to list/backup/index.php.

6.5
2018-02-28 CVE-2018-1286 Apache Improper Authentication vulnerability in Apache Openmeetings

In Apache OpenMeetings 3.0.0 - 4.0.1, CRUD operations on privileged users are not password protected allowing an authenticated attacker to deny service for privileged users.

6.5
2018-02-28 CVE-2018-7557 Ffmpeg
Debian
Out-of-bounds Read vulnerability in multiple products

The decode_init function in libavcodec/utvideodec.c in FFmpeg 2.8 through 3.4.2 allows remote attackers to cause a denial of service (Out of array read) via an AVI file with crafted dimensions within chroma subsampling data.

6.5
2018-02-26 CVE-2018-7486 Blueriver Path Traversal vulnerability in Blueriver Muracms

Blue River Mura CMS before v7.0.7029 supports inline function calls with an [m] tag and [/m] end tag, without proper restrictions on file types or pathnames, which allows remote attackers to execute arbitrary code via an [m]$.dspinclude("../pathname/executable.jpeg")[/m] approach, where executable.jpeg contains ColdFusion Markup Language code.

6.5
2018-02-28 CVE-2018-7556 Limesurvey
Debian
Information Exposure vulnerability in multiple products

LimeSurvey 2.6.x before 2.6.7, 2.7x.x before 2.73.1, and 3.x before 3.4.2 mishandles application/controller/InstallerController.php after installation, which allows remote attackers to access the configuration file.

6.4
2018-02-27 CVE-2018-0489 Shibboleth
Debian
Arubanetworks
Improper Verification of Cryptographic Signature vulnerability in multiple products

Shibboleth XMLTooling-C before 1.6.4, as used in Shibboleth Service Provider before 2.6.1.4 on Windows and other products, mishandles digital signatures of user data, which allows remote attackers to obtain sensitive information or conduct impersonation attacks via crafted XML data.

6.4
2018-03-02 CVE-2017-9276 Netiq Cross-site Scripting vulnerability in Netiq Access Manager

Novell Access Manager iManager before 4.3.3 did not validate parameters so that cross site scripting content could be reflected back into the result page using the "a" parameter.

6.1
2018-03-02 CVE-2017-7438 Netiq Cross-site Scripting vulnerability in Netiq Privileged Account Manager 3.1

NetIQ Privileged Account Manager before 3.1 Patch Update 3 allowed cross site scripting attacks via javascript DOM modification using the supplied cookie parameter.

6.1
2018-03-02 CVE-2017-7419 Netiq Cross-site Scripting vulnerability in Netiq Access Manager 4.2/4.3

A OAuth application in NetIQ Access Manager 4.3 before 4.3.2 and 4.2 before 4.2.4 allowed cross site scripting attacks due to unescaped "description" field that could be specified by the provider.

6.1
2018-03-02 CVE-2017-14802 Netiq Open Redirect vulnerability in Netiq Access Manager

Novell Access Manager Admin Console and IDP servers before 4.3.3 have a URL that could be used by remote attackers to trigger unvalidated redirects to third party sites.

6.1
2018-03-02 CVE-2017-14801 Netiq Cross-site Scripting vulnerability in Netiq Access Manager

Reflected XSS in the NetIQ Access Manager before 4.3.3 allowed attackers to reflect back xss into the called page using the url parameter.

6.1
2018-03-01 CVE-2017-14800 Netiq Cross-site Scripting vulnerability in Netiq Access Manager

A reflected cross site scripting attack in the NetIQ Access Manager before 4.3.3 using the "typecontainerid" parameter of the policy editor could allowed code injection into pages of authenticated users.

6.1
2018-03-01 CVE-2017-14799 Netiq Cross-site Scripting vulnerability in Netiq Access Manager

A cross site scripting attack in handling the ESP login parameter handling in NetIQ Access Manager before 4.3.3 could be used to inject javascript code into the login page.

6.1
2018-02-27 CVE-2018-7541 XEN
Debian
An issue was discovered in Xen through 4.10.x allowing guest OS users to cause a denial of service (hypervisor crash) or gain privileges by triggering a grant-table transition from v2 to v1.
6.1
2018-02-28 CVE-2018-1304 Apache
Redhat
Debian
Canonical
Oracle
The URL pattern of "" (the empty string) which exactly maps to the context root was not correctly handled in Apache Tomcat 9.0.0.M1 to 9.0.4, 8.5.0 to 8.5.27, 8.0.0.RC1 to 8.0.49 and 7.0.0 to 7.0.84 when used as part of a security constraint definition.
5.9
2018-03-01 CVE-2017-6932 Drupal
Debian
Open Redirect vulnerability in multiple products

Drupal core 7.x versions before 7.57 has an external link injection vulnerability when the language switcher block is used.

5.8
2018-02-28 CVE-2015-3898 Bonitasoft Open Redirect vulnerability in Bonitasoft Bonita BPM Portal

Multiple open redirect vulnerabilities in Bonita BPM Portal before 6.5.3 allow remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via vectors involving the redirectUrl parameter to (1) bonita/login.jsp or (2) bonita/loginservice.

5.8
2018-03-02 CVE-2018-7642 GNU
Redhat
NULL Pointer Dereference vulnerability in multiple products

The swap_std_reloc_in function in aoutx.h in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.30, allows remote attackers to cause a denial of service (aout_32_swap_std_reloc_out NULL pointer dereference and application crash) via a crafted ELF file, as demonstrated by objcopy.

5.5
2018-03-02 CVE-2017-14461 Dovecot
Debian
Ubuntu
Out-of-bounds Read vulnerability in multiple products

A specially crafted email delivered over SMTP and passed on to Dovecot by MTA can trigger an out of bounds read resulting in potential sensitive information disclosure and denial of service.

5.5
2018-03-01 CVE-2017-6926 Drupal Information Exposure vulnerability in Drupal

In Drupal versions 8.4.x versions before 8.4.5 users with permission to post comments are able to view content and comments they do not have access to, and are also able to add comments to this content.

5.5
2018-02-28 CVE-2018-7570 GNU NULL Pointer Dereference vulnerability in GNU Binutils 2.30

The assign_file_positions_for_non_load_sections function in elf.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.30, allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via an ELF file with a RELRO segment that lacks a matching LOAD segment, as demonstrated by objcopy.

5.5
2018-02-27 CVE-2018-7172 Wondercms Path Traversal vulnerability in Wondercms

In index.php in WonderCMS before 2.4.1, remote attackers can delete arbitrary files via directory traversal.

5.5
2018-03-01 CVE-2017-14804 Suse
Opensuse
Improper Input Validation vulnerability in multiple products

The build package before 20171128 did not check directory names during extraction of build results that allowed untrusted builds to write outside of the target system,allowing escape out of buildroots.

5.3
2018-03-04 CVE-2018-7662 Couchcms Information Exposure vulnerability in Couchcms Couch

Couch through 2.0 allows remote attackers to discover the full path via a direct request to includes/mysql2i/mysql2i.func.php or addons/phpmailer/phpmailer.php.

5.0
2018-03-04 CVE-2017-18214 Momentjs
Tenable
Resource Exhaustion vulnerability in multiple products

The moment module before 2.19.3 for Node.js is prone to a regular expression denial of service via a crafted date string, a different vulnerability than CVE-2016-4055.

5.0
2018-03-04 CVE-2018-7560 AWS Lambda Multipart Parser Project Improper Input Validation vulnerability in Aws-Lambda-Multipart-Parser Project Aws-Lambda-Multipart-Parser

index.js in the Anton Myshenin aws-lambda-multipart-parser NPM package before 0.1.2 has a Regular Expression Denial of Service (ReDoS) issue via a crafted multipart/form-data boundary string.

5.0
2018-03-04 CVE-2018-7583 Advantig Improper Input Validation vulnerability in Advantig Dualdesk 20

Proxy.exe in DualDesk 20 allows Remote Denial Of Service (daemon crash) via a long string to TCP port 5500.

5.0
2018-03-04 CVE-2018-7449 Segger
Microsoft
Improper Input Validation vulnerability in Segger Embos/Ip FTP Server 3.22

SEGGER FTP Server for Windows before 3.22a allows remote attackers to cause a denial of service (daemon crash) via an invalid LIST, STOR, or RETR command.

5.0
2018-03-02 CVE-2018-7433 Ithemes Information Exposure Through Log Files vulnerability in Ithemes Security

The iThemes Security plugin before 6.9.1 for WordPress does not properly perform data escaping for the logs page.

5.0
2018-03-02 CVE-2018-1373 IBM Improper Restriction of Excessive Authentication Attempts vulnerability in IBM Security Guardium BIG Data Intelligence 3.1

IBM Security Guardium Big Data Intelligence (SonarG) 3.1 uses an inadequate account lockout setting that could allow a remote attacker to brute force account credentials.

5.0
2018-03-01 CVE-2018-7586 Imagely Path Traversal vulnerability in Imagely Nextgen Gallery

In the nextgen-gallery plugin before 2.2.50 for WordPress, gallery paths are not secured.

5.0
2018-03-01 CVE-2017-15134 Fedoraproject
Redhat
Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products

A stack buffer overflow flaw was found in the way 389-ds-base 1.3.6.x before 1.3.6.13, 1.3.7.x before 1.3.7.9, 1.4.x before 1.4.0.5 handled certain LDAP search filters.

5.0
2018-03-01 CVE-2018-7048 Wowza Resource Exhaustion vulnerability in Wowza Streaming Engine

An issue was discovered in Wowza Streaming Engine before 4.7.1.

5.0
2018-03-01 CVE-2018-5314 Citrix Improper Authentication vulnerability in Citrix products

Command injection vulnerability in Citrix NetScaler ADC and NetScaler Gateway 11.0 before build 70.16, 11.1 before build 55.13, and 12.0 before build 53.13; and the NetScaler Load Balancing instance distributed with NetScaler SD-WAN/CloudBridge 4000, 4100, 5000 and 5100 WAN Optimization Edition 9.3.0 allows remote attackers to execute a system command or read arbitrary files via an SSH login prompt.

5.0
2018-03-01 CVE-2017-6154 F5 Improper Input Validation vulnerability in F5 Big-Ip Application Security Manager

On F5 BIG-IP systems running 13.0.0, 12.1.0 - 12.1.3.1, or 11.6.1 - 11.6.2, the BIG-IP ASM bd daemon may core dump memory under some circumstances when processing undisclosed types of data on systems with 48 or more CPU cores.

5.0
2018-03-01 CVE-2018-6653 Comforte
HP
Inadequate Encryption Strength vulnerability in Comforte Swap

comforte SWAP 1049 through 1069 and 20.0.0 through 21.5.3 (as used in SSLOBJ on HPE NonStop SSL T0910, and in the comforte SecurCS, SecurFTP, SecurLib/SSL-AT, and SecurTN products), after executing the RELOAD CERTIFICATES command, does not ensure that clients use a strong TLS cipher suite, which makes it easier for remote attackers to defeat intended cryptographic protection mechanisms by sniffing the network.

5.0
2018-02-28 CVE-2015-5079 Blackcat CMS Path Traversal vulnerability in Blackcat-Cms Blackcat CMS

Directory traversal vulnerability in widgets/logs.php in BlackCat CMS before 1.1.2 allows remote attackers to read arbitrary files via a ..

5.0
2018-02-28 CVE-2016-0299 IBM Information Exposure vulnerability in IBM Tririga Application Platform

IBM TRIRIGA Application Platform 3.3 before 3.3.2.6, 3.4 before 3.4.2.3, and 3.5 before 3.5.0.1 allows remote attackers to obtain sensitive information via vectors involving a database query.

5.0
2018-02-28 CVE-2017-9447 Parallels Path Traversal vulnerability in Parallels Remote Application Server 15.5

In the web interface of Parallels Remote Application Server (RAS) 15.5 Build 16140, a vulnerability exists due to improper validation of the file path when requesting a resource under the "RASHTML5Gateway" directory.

5.0
2018-02-27 CVE-2018-7549 ZSH
Redhat
Canonical
Improper Input Validation vulnerability in multiple products

In params.c in zsh through 5.4.2, there is a crash during a copy of an empty hash table, as demonstrated by typeset -p.

5.0
2018-02-27 CVE-2018-6532 Icinga Resource Exhaustion vulnerability in Icinga

An issue was discovered in Icinga 2.x through 2.8.1.

5.0
2018-02-27 CVE-2018-1372 IBM Weak Password Requirements vulnerability in IBM Security Guardium BIG Data Intelligence 3.1

IBM Security Guardium Big Data Intelligence (SonarG) 3.1 does not require that users should have strong passwords by default, which makes it easier for attackers to compromise user accounts.

5.0
2018-02-26 CVE-2018-7490 Unbit
Debian
Path Traversal vulnerability in multiple products

uWSGI before 2.0.17 mishandles a DOCUMENT_ROOT check during use of the --php-docroot option, allowing directory traversal.

5.0
2018-02-26 CVE-2017-11635 Information Exposure vulnerability in - Wireless IP Camera 360

An issue was discovered on Wireless IP Camera 360 devices.

5.0
2018-02-26 CVE-2017-11633 Unspecified vulnerability in - Wireless IP Camera 360

An issue was discovered on Wireless IP Camera 360 devices.

5.0
2018-02-26 CVE-2018-7491 Prestashop Improper Restriction of Rendered UI Layers or Frames vulnerability in Prestashop

In PrestaShop through 1.7.2.5, a UI-Redressing/Clickjacking vulnerability was found that might lead to state-changing impact in the context of a user or an admin, because the generateHtaccess function in classes/Tools.php sets neither X-Frame-Options nor 'Content-Security-Policy "frame-ancestors' values.

5.0
2018-02-26 CVE-2017-18195 Concretecms Unspecified vulnerability in Concretecms Concrete CMS

An issue was discovered in tools/conversations/view_ajax.php in Concrete5 before 8.3.0.

5.0
2018-02-26 CVE-2017-1774 IBM Information Exposure vulnerability in IBM Security Guardium BIG Data Intelligence 3.1

IBM Security Guardium Big Data Intelligence (SonarG) 3.1 discloses sensitive information to unauthorized users.

5.0
2018-02-26 CVE-2018-7479 Yzmcms Exposure of Resource to Wrong Sphere vulnerability in Yzmcms 3.6

YzmCMS 3.6 allows remote attackers to discover the full path via a direct request to application/install/templates/s1.php.

5.0
2018-03-01 CVE-2017-18208 Linux Infinite Loop vulnerability in Linux Kernel

The madvise_willneed function in mm/madvise.c in the Linux kernel before 4.14.4 allows local users to cause a denial of service (infinite loop) by triggering use of MADVISE_WILLNEED for a DAX mapping.

4.9
2018-02-27 CVE-2018-7542 XEN
Debian
NULL Pointer Dereference vulnerability in multiple products

An issue was discovered in Xen 4.8.x through 4.10.x allowing x86 PVH guest OS users to cause a denial of service (NULL pointer dereference and hypervisor crash) by leveraging the mishandling of configurations that lack a Local APIC.

4.9
2018-02-27 CVE-2018-7540 XEN
Debian
Resource Exhaustion vulnerability in multiple products

An issue was discovered in Xen through 4.10.x allowing x86 PV guest OS users to cause a denial of service (host OS CPU hang) via non-preemptable L3/L4 pagetable freeing.

4.9
2018-02-26 CVE-2018-7492 Linux
Debian
Canonical
NULL Pointer Dereference vulnerability in Linux Kernel

A NULL pointer dereference was found in the net/rds/rdma.c __rds_rdma_map() function in the Linux kernel before 4.14.7 allowing local attackers to cause a system panic and a denial-of-service, related to RDS_GET_MR and RDS_GET_MR_FOR_DEST.

4.9
2018-02-26 CVE-2017-18200 Linux Improper Input Validation vulnerability in Linux Kernel

The f2fs implementation in the Linux kernel before 4.14 mishandles reference counts associated with f2fs_wait_discard_bios calls, which allows local users to cause a denial of service (BUG), as demonstrated by fstrim.

4.9
2018-03-02 CVE-2018-1065 Linux NULL Pointer Dereference vulnerability in Linux Kernel

The netfilter subsystem in the Linux kernel through 4.15.7 mishandles the case of a rule blob that contains a jump but lacks a user-defined chain, which allows local users to cause a denial of service (NULL pointer dereference) by leveraging the CAP_NET_RAW or CAP_NET_ADMIN capability, related to arpt_do_table in net/ipv4/netfilter/arp_tables.c, ipt_do_table in net/ipv4/netfilter/ip_tables.c, and ip6t_do_table in net/ipv6/netfilter/ip6_tables.c.

4.7
2018-03-02 CVE-2015-7967 Gemalto Permissions, Privileges, and Access Controls vulnerability in Gemalto Safenet Authentication Service for Citrix web Interface Agent

SafeNet Authentication Service for Citrix Web Interface Agent uses a weak ACL for unspecified installation directories and executable modules, which allows local users to gain privileges by modifying an executable module.

4.6
2018-03-02 CVE-2015-7966 Gemalto Permissions, Privileges, and Access Controls vulnerability in Gemalto Safenet Authentication Service Windows Logon Agent

SafeNet Authentication Service Windows Logon Agent uses a weak ACL for unspecified installation directories and executable modules, which allows local users to gain privileges by modifying an executable module, a different vulnerability than CVE-2015-7965.

4.6
2018-03-02 CVE-2015-7965 Gemalto Permissions, Privileges, and Access Controls vulnerability in Gemalto Safenet Authentication Service Windows Logon Agent

SafeNet Authentication Service Windows Logon Agent uses a weak ACL for unspecified installation directories and executable modules, which allows local users to gain privileges by modifying an executable module, a different vulnerability than CVE-2015-7966.

4.6
2018-03-02 CVE-2015-7964 Gemalto Permissions, Privileges, and Access Controls vulnerability in Gemalto Safenet Authentication Service for NPS Agent

SafeNet Authentication Service for NPS Agent uses a weak ACL for unspecified installation directories and executable modules, which allows local users to gain privileges by modifying an executable module.

4.6
2018-03-02 CVE-2015-7963 Gemalto Permissions, Privileges, and Access Controls vulnerability in Gemalto Safenet Authentication Service for AD FS Agent

SafeNet Authentication Service for AD FS Agent uses a weak ACL for unspecified installation directories and executable modules, which allows local users to gain privileges by modifying an executable module.

4.6
2018-03-02 CVE-2015-7962 Gemalto Permissions, Privileges, and Access Controls vulnerability in Gemalto Safenet Authentication Service for Outlook web APP Agent

SafeNet Authentication Service for Outlook Web App Agent uses a weak ACL for unspecified installation directories and executable modules, which allows local users to gain privileges by modifying an executable module.

4.6
2018-03-02 CVE-2015-7961 Gemalto Permissions, Privileges, and Access Controls vulnerability in Gemalto Safenet Authentication Service Remote web Workplace Agent

SafeNet Authentication Service Remote Web Workplace Agent uses a weak ACL for unspecified installation directories and executable modules, which allows local users to gain privileges by modifying an executable module.

4.6
2018-03-02 CVE-2015-7598 Gemalto Permissions, Privileges, and Access Controls vulnerability in Gemalto Safenet Authentication Service Tokenvalidator Proxy Agent

SafeNet Authentication Service TokenValidator Proxy Agent uses a weak ACL for unspecified installation directories and executable modules, which allows local users to gain privileges by modifying an executable module.

4.6
2018-03-02 CVE-2015-7597 Gemalto Permissions, Privileges, and Access Controls vulnerability in Gemalto Safenet Authentication Service IIS Agent

SafeNet Authentication Service IIS Agent uses a weak ACL for unspecified installation directories and executable modules, which allows local users to gain privileges by modifying an executable module.

4.6
2018-03-02 CVE-2015-7596 Gemalto Permissions, Privileges, and Access Controls vulnerability in Gemalto Safenet Authentication Service END User Software Tools for Windows

SafeNet Authentication Service End User Software Tools for Windows uses a weak ACL for unspecified installation directories and executable modules, which allows local users to gain privileges by modifying an executable module.

4.6
2018-02-27 CVE-2014-10070 ZSH Project Permissions, Privileges, and Access Controls vulnerability in ZSH Project ZSH

zsh before 5.0.7 allows evaluation of the initial values of integer variables imported from the environment (instead of treating them as literal numbers).

4.6
2018-03-02 CVE-2018-1063 Redhat
Selinux Project
Link Following vulnerability in multiple products

Context relabeling of filesystems is vulnerable to symbolic link attack, allowing a local, unprivileged malicious entity to change the SELinux context of an arbitrary file to a context with few restrictions.

4.4
2018-03-04 CVE-2018-7653 Yzmcms Cross-site Scripting vulnerability in Yzmcms 3.6

In YzmCMS 3.6, index.php has XSS via the a, c, or m parameter.

4.3
2018-03-04 CVE-2018-7652 Zonemaster Cross-site Scripting vulnerability in Zonemaster web GUI

lib/Zonemaster/GUI/Dancer/Export.pm in Zonemaster Web GUI before 1.0.11 has XSS.

4.3
2018-03-04 CVE-2018-7651 Ssri Project Resource Exhaustion vulnerability in Ssri Project Ssri

index.js in the ssri module before 5.2.2 for Node.js is prone to a regular expression denial of service vulnerability in strict mode functionality via a long base64 hash string.

4.3
2018-03-02 CVE-2017-15130 Dovecot
Debian
Canonical
A denial of service flaw was found in dovecot before 2.2.34.
4.3
2018-03-01 CVE-2017-6929 Drupal
Debian
Cross-site Scripting vulnerability in multiple products

A jQuery cross site scripting vulnerability is present when making Ajax requests to untrusted domains.

4.3
2018-03-01 CVE-2017-6927 Drupal
Debian
Cross-site Scripting vulnerability in multiple products

Drupal 8.4.x versions before 8.4.5 and Drupal 7.x versions before 7.57 has a Drupal.checkPlain() JavaScript function which is used to escape potentially dangerous text before outputting it to HTML (as JavaScript output does not typically go through Twig autoescaping).

4.3
2018-03-01 CVE-2018-7049 Wowza Cross-site Scripting vulnerability in Wowza Streaming Engine

An issue was discovered in Wowza Streaming Engine before 4.7.1.

4.3
2018-03-01 CVE-2018-2365 SAP Cross-site Scripting vulnerability in SAP Netweaver Portal

SAP NetWeaver Portal, WebDynpro Java, 7.30, 7.31, 7.40, 7.50, does not sufficiently encode user controlled inputs, resulting in Cross-Site Scripting (XSS) vulnerability.

4.3
2018-03-01 CVE-2018-5501 F5 Resource Exhaustion vulnerability in F5 products

In some circumstances, on F5 BIG-IP systems running 13.0.0, 12.1.0 - 12.1.3.1, any 11.6.x or 11.5.x release, or 11.2.1, TCP DNS profile allows excessive buffering due to lack of flow control.

4.3
2018-03-01 CVE-2018-5500 F5 Resource Exhaustion vulnerability in F5 products

On F5 BIG-IP systems running 13.0.0, 12.1.0 - 12.1.3.1, or 11.6.1 - 11.6.2, every Multipath TCP (MCTCP) connection established leaks a small amount of memory.

4.3
2018-02-28 CVE-2018-7569 GNU
Redhat
Integer Underflow (Wrap or Wraparound) vulnerability in multiple products

dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.30, allows remote attackers to cause a denial of service (integer underflow or overflow, and application crash) via an ELF file with a corrupt DWARF FORM block, as demonstrated by nm.

4.3
2018-02-28 CVE-2018-7568 GNU
Redhat
Integer Overflow or Wraparound vulnerability in multiple products

The parse_die function in dwarf1.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.30, allows remote attackers to cause a denial of service (integer overflow and application crash) via an ELF file with corrupt dwarf1 debug information, as demonstrated by nm.

4.3
2018-02-27 CVE-2018-6535 Icinga Unspecified vulnerability in Icinga

An issue was discovered in Icinga 2.x through 2.8.1.

4.3
2018-02-27 CVE-2018-6534 Icinga NULL Pointer Dereference vulnerability in Icinga

An issue was discovered in Icinga 2.x through 2.8.1.

4.3
2018-02-27 CVE-2012-3536 Apache Cross-site Scripting vulnerability in Apache Hupa

Two XSS vulnerabilities were fixed in message list and view in the Hupa Webmail application from the Apache James project.

4.3
2018-02-27 CVE-2018-1425 IBM Inadequate Encryption Strength vulnerability in IBM Security Guardium BIG Data Intelligence 3.1

IBM Security Guardium Big Data Intelligence (SonarG) 3.1 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information.

4.3
2018-02-27 CVE-2018-1416 IBM Cross-site Scripting vulnerability in IBM Websphere Portal

IBM WebSphere Portal 7.0, 8.0, 8.5, and 9.0 is vulnerable to cross-site scripting.

4.3
2018-02-27 CVE-2018-4914 Adobe Out-of-bounds Read vulnerability in Adobe products

An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and earlier versions, 2017.011.30070 and earlier versions, 2015.006.30394 and earlier versions.

4.3
2018-02-27 CVE-2018-4912 Adobe Out-of-bounds Read vulnerability in Adobe products

An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and earlier versions, 2017.011.30070 and earlier versions, 2015.006.30394 and earlier versions.

4.3
2018-02-27 CVE-2018-4909 Adobe Out-of-bounds Read vulnerability in Adobe products

An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and earlier versions, 2017.011.30070 and earlier versions, 2015.006.30394 and earlier versions.

4.3
2018-02-27 CVE-2018-4908 Adobe Out-of-bounds Read vulnerability in Adobe products

An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and earlier versions, 2017.011.30070 and earlier versions, 2015.006.30394 and earlier versions.

4.3
2018-02-27 CVE-2018-4907 Adobe Out-of-bounds Read vulnerability in Adobe products

An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and earlier versions, 2017.011.30070 and earlier versions, 2015.006.30394 and earlier versions.

4.3
2018-02-27 CVE-2018-4906 Adobe Out-of-bounds Read vulnerability in Adobe products

An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and earlier versions, 2017.011.30070 and earlier versions, 2015.006.30394 and earlier versions.

4.3
2018-02-27 CVE-2018-4905 Adobe Out-of-bounds Read vulnerability in Adobe products

An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and earlier versions, 2017.011.30070 and earlier versions, 2015.006.30394 and earlier versions.

4.3
2018-02-27 CVE-2018-4903 Adobe Out-of-bounds Read vulnerability in Adobe products

An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and earlier versions, 2017.011.30070 and earlier versions, 2015.006.30394 and earlier versions.

4.3
2018-02-27 CVE-2018-4900 Adobe Out-of-bounds Read vulnerability in Adobe products

An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and earlier versions, 2017.011.30070 and earlier versions, 2015.006.30394 and earlier versions.

4.3
2018-02-27 CVE-2018-4899 Adobe Out-of-bounds Read vulnerability in Adobe products

An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and earlier versions, 2017.011.30070 and earlier versions, 2015.006.30394 and earlier versions.

4.3
2018-02-27 CVE-2018-4897 Adobe Out-of-bounds Read vulnerability in Adobe products

An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and earlier versions, 2017.011.30070 and earlier versions, 2015.006.30394 and earlier versions.

4.3
2018-02-27 CVE-2018-4896 Adobe Out-of-bounds Read vulnerability in Adobe products

An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and earlier versions, 2017.011.30070 and earlier versions, 2015.006.30394 and earlier versions.

4.3
2018-02-27 CVE-2018-4894 Adobe Out-of-bounds Read vulnerability in Adobe products

An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and earlier versions, 2017.011.30070 and earlier versions, 2015.006.30394 and earlier versions.

4.3
2018-02-27 CVE-2018-4893 Adobe Out-of-bounds Read vulnerability in Adobe products

An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and earlier versions, 2017.011.30070 and earlier versions, 2015.006.30394 and earlier versions.

4.3
2018-02-27 CVE-2018-4891 Adobe Out-of-bounds Read vulnerability in Adobe products

An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and earlier versions, 2017.011.30070 and earlier versions, 2015.006.30394 and earlier versions.

4.3
2018-02-27 CVE-2018-4889 Adobe Out-of-bounds Read vulnerability in Adobe products

An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and earlier versions, 2017.011.30070 and earlier versions, 2015.006.30394 and earlier versions.

4.3
2018-02-27 CVE-2018-4887 Adobe Out-of-bounds Read vulnerability in Adobe products

An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and earlier versions, 2017.011.30070 and earlier versions, 2015.006.30394 and earlier versions.

4.3
2018-02-27 CVE-2018-4886 Adobe Out-of-bounds Read vulnerability in Adobe products

An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and earlier versions, 2017.011.30070 and earlier versions, 2015.006.30394 and earlier versions.

4.3
2018-02-27 CVE-2018-4885 Adobe Out-of-bounds Read vulnerability in Adobe products

An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and earlier versions, 2017.011.30070 and earlier versions, 2015.006.30394 and earlier versions.

4.3
2018-02-27 CVE-2018-4884 Adobe Out-of-bounds Read vulnerability in Adobe products

An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and earlier versions, 2017.011.30070 and earlier versions, 2015.006.30394 and earlier versions.

4.3
2018-02-27 CVE-2018-4883 Adobe Out-of-bounds Read vulnerability in Adobe products

An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and earlier versions, 2017.011.30070 and earlier versions, 2015.006.30394 and earlier versions.

4.3
2018-02-27 CVE-2018-4882 Adobe Out-of-bounds Read vulnerability in Adobe products

An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and earlier versions, 2017.011.30070 and earlier versions, 2015.006.30394 and earlier versions.

4.3
2018-02-27 CVE-2018-4881 Adobe Out-of-bounds Read vulnerability in Adobe products

An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and earlier versions, 2017.011.30070 and earlier versions, 2015.006.30394 and earlier versions.

4.3
2018-02-27 CVE-2018-4880 Adobe Out-of-bounds Read vulnerability in Adobe products

An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and earlier versions, 2017.011.30070 and earlier versions, 2015.006.30394 and earlier versions.

4.3
2018-02-27 CVE-2018-4876 Adobe Cross-site Scripting vulnerability in Adobe Experience Manager 6.1.0/6.2.0/6.3.0

Adobe Experience Manager versions 6.3, 6.2, and 6.1 are vulnerable to cross-site scripting via a bypass of the Sling XSSAPI#getValidHref function.

4.3
2018-02-27 CVE-2018-4875 Adobe Cross-site Scripting vulnerability in Adobe Experience Manager 6.0.0/6.1.0

Adobe Experience Manager versions 6.1 and 6.0 are vulnerable to a reflected cross-site scripting vulnerability related to the handling of malicious content embedded in image files uploaded to the DAM.

4.3
2018-02-26 CVE-2018-0908 Microsoft Cross-site Scripting vulnerability in Microsoft Identity Manager 2016

Microsoft Identity Manager 2016 SP1 allows an attacker to gain elevated privileges when it does not properly sanitize a specially crafted attribute value being displayed to a user on an affected MIM 2016 server, aka "Microsoft Identity Manager XSS Elevation of Privilege Vulnerability."

4.3
2018-02-26 CVE-2017-16229 OX Project Out-of-bounds Read vulnerability in OX Project OX 2.8.1

In the Ox gem 2.8.1 for Ruby, the process crashes with a stack-based buffer over-read in the read_from_str function in sax_buf.c when a crafted input is supplied to sax_parse.

4.3
2018-02-26 CVE-2018-5762 Unisys Unspecified vulnerability in Unisys Clearpath MCP 58.1/59.1

The TLS implementation in the TCP/IP networking module in Unisys ClearPath MCP systems with TCP-IP-SW 58.1 before 58.160, 59.1 before 059.1a.17 (IC #17), and 60.0 before 60.044 might allow remote attackers to decrypt TLS ciphertext data by leveraging a Bleichenbacher RSA padding oracle, aka a ROBOT attack.

4.3
2018-02-26 CVE-2017-9425 Facetag Project Cross-site Scripting vulnerability in Facetag Project Facetag 0.0.3

The Facetag extension 0.0.3 for Piwigo allows XSS via the name parameter to ws.php in a facetag.changeTag action.

4.3
2018-03-04 CVE-2018-7654 3CX Path Traversal vulnerability in 3CX 15.5.6354.2

On 3CX 15.5.6354.2 devices, the parameter "file" in the request "/api/RecordingList/download?file=" allows full access to files on the server via path traversal.

4.0
2018-03-01 CVE-2017-6931 Drupal Unrestricted Upload of File with Dangerous Type vulnerability in Drupal

In Drupal versions 8.4.x versions before 8.4.5 the Settings Tray module has a vulnerability that allows users to update certain data that they do not have the permissions for.

4.0
2018-02-27 CVE-2017-15136 Redhat Unspecified vulnerability in Redhat Satellite 6.0

When registering and activating a new system with Red Hat Satellite 6 if the new systems hostname is then reset to the hostname of a previously registered system the previously registered system will lose access to updates including security updates.

4.0
2018-02-27 CVE-2017-16770 Synology Information Exposure vulnerability in Synology Surveillance Station

File and directory information exposure vulnerability in SYNO.SurveillanceStation.PersonalSettings.Photo in Synology Surveillance Station before 8.1.2-5469 allows remote authenticated users to obtain other user's sensitive files via the filename parameter.

4.0

16 Low Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2018-03-01 CVE-2017-6928 Drupal
Debian
Incorrect Permission Assignment for Critical Resource vulnerability in multiple products

Drupal core 7.x versions before 7.57 when using Drupal's private file system, Drupal will check to make sure a user has access to a file before allowing the user to view or download it.

3.5
2018-02-28 CVE-2018-7469 Entrepreneur JOB Portal Script Project Cross-site Scripting vulnerability in Entrepreneur JOB Portal Script Project Entrepreneur JOB Portal Script 2.0.9

PHP Scripts Mall Entrepreneur Job Portal Script 2.0.9 has XSS via the p_name (aka Edit Category Name) field to admin/categories_industry.php (aka Categories - Industry Type).

3.5
2018-02-27 CVE-2018-7547 Lingyun Cross-site Scripting vulnerability in Lingyun Lyadmin

lyadmin 1.x has XSS via the config[WEB_SITE_TITLE] parameter to the /admin.php?s=/admin/config/groupsave.html URI.

3.5
2018-02-27 CVE-2018-1399 IBM Cross-site Scripting vulnerability in IBM Daeja Viewone

IBM Daeja ViewONE Professional, Standard & Virtual 4.1.5 and 5.0 is vulnerable to cross-site scripting.

3.5
2018-02-27 CVE-2017-17478 Pega Cross-site Scripting vulnerability in Pega Platform

An XSS issue was discovered in Designer Studio in Pegasystems Pega Platform 7.1.7, 7.1.8, 7.1.9, 7.1.10, 7.2, 7.2.1, and 7.2.2.

3.5
2018-02-27 CVE-2017-16767 Synology Cross-site Scripting vulnerability in Synology Surveillance Station

Cross-site scripting (XSS) vulnerability in User Profile in Synology Surveillance Station before 8.1.2-5469 allows remote authenticated users to inject arbitrary web script or HTML via the userDesc parameter.

3.5
2018-03-01 CVE-2017-9271 Opensuse
Fedoraproject
Information Exposure Through Log Files vulnerability in multiple products

The commandline package update tool zypper writes HTTP proxy credentials into its logfile, allowing local attackers to gain access to proxies used.

3.3
2018-02-26 CVE-2017-16814 Foxitsoftware Path Traversal vulnerability in Foxitsoftware Mobilepdf

A Directory Traversal issue was discovered in the Foxit MobilePDF app before 6.1 for iOS.

3.3
2018-03-04 CVE-2018-7661 Babyphonemobile Information Exposure vulnerability in Babyphonemobile Wifi Baby Monitor

Papenmeier WiFi Baby Monitor Free & Lite before 2.02.2 allows remote attackers to obtain audio data via certain requests to TCP ports 8258 and 8257.

2.9
2018-02-26 CVE-2017-16813 Foxitsoftware Improper Input Validation vulnerability in Foxitsoftware Mobilepdf

A denial-of-service issue was discovered in the Foxit MobilePDF app before 6.1 for iOS.

2.9
2018-03-02 CVE-2017-1787 IBM Use of Hard-coded Credentials vulnerability in IBM Rational Publishing Engine 2.1.2/6.0.5

IBM Publishing Engine 2.1.2 and 6.0.5 contains an undisclosed vulnerability that could allow a local user with administrative privileges to obtain hard coded user credentials.

2.1
2018-03-02 CVE-2017-1654 IBM Information Exposure vulnerability in IBM General Parallel File System and Spectrum Scale

IBM Spectrum Scale 4.1.1 and 4.2.0 - 4.2.3 could allow a local unprivileged user access to information located in dump files.

2.1
2018-02-27 CVE-2017-18204 Linux Unspecified vulnerability in Linux Kernel

The ocfs2_setattr function in fs/ocfs2/file.c in the Linux kernel before 4.14.2 allows local users to cause a denial of service (deadlock) via DIO requests.

2.1
2018-02-26 CVE-2018-7250 Microsoft
Tivo
Information Exposure vulnerability in multiple products

An issue was discovered in secdrv.sys as shipped in Microsoft Windows Vista, Windows 7, Windows 8, and Windows 8.1 before KB3086255, and as shipped in Macrovision SafeDisc.

2.1
2018-02-26 CVE-2018-1377 IBM Insufficiently Protected Credentials vulnerability in IBM Security Guardium BIG Data Intelligence 3.1

IBM Security Guardium Big Data Intelligence (SonarG) 3.1 stores user credentials in plain in clear text which can be read by a local user.

2.1
2018-02-27 CVE-2017-18203 Linux Race Condition vulnerability in Linux Kernel

The dm_get_from_kobject function in drivers/md/dm.c in the Linux kernel before 4.14.3 allow local users to cause a denial of service (BUG) by leveraging a race condition with __dm_destroy during creation and removal of DM devices.

1.9