Weekly Vulnerabilities Reports > March 26 to April 1, 2018
Overview
294 new vulnerabilities reported during this period, including 21 critical vulnerabilities and 72 high severity vulnerabilities. This weekly summary report vulnerabilities in 680 products from 114 vendors including Cisco, Google, IBM, Debian, and Canonical. Vulnerabilities are notably categorized as "Cross-site Scripting", "Improper Input Validation", "Information Exposure", "Improper Restriction of Operations within the Bounds of a Memory Buffer", and "Improper Authentication".
- 227 reported vulnerabilities are remotely exploitables.
- 31 reported vulnerabilities have public exploit available.
- 93 reported vulnerabilities are related to weaknesses in OWASP Top Ten.
- 240 reported vulnerabilities are exploitable by an anonymous user.
- Cisco has the most reported vulnerabilities, with 40 reported vulnerabilities.
- Cisco has the most reported critical vulnerabilities, with 4 reported vulnerabilities.
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
EXPLOITABLE
EXPLOITABLE
AVAILABLE
ANONYMOUSLY
WEB APPLICATION
Vulnerability Details
The following table list reported vulnerabilities for the period covered by this report:
21 Critical Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2018-03-30 | CVE-2017-14915 | Qualcomm | Use After Free vulnerability in Qualcomm products In Android before 2018-01-05 on Qualcomm Snapdragon Mobile SD 625, SD 650/52, SD 835, accessing SPCOM functions with a compromised client structure can result in a Use After Free condition. | 10.0 |
2018-03-30 | CVE-2017-14913 | Qualcomm | Improper Input Validation vulnerability in Qualcomm products In Android before 2018-01-05 on Qualcomm Snapdragon IoT, Snapdragon Mobile MDM9206, SD 625, SD 650/52, SD 835, SD 845, DDR address input validation is being improperly truncated. | 10.0 |
2018-03-30 | CVE-2017-14912 | Qualcomm | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Qualcomm products In Android before 2018-01-05 on Qualcomm Snapdragon IoT, Snapdragon Mobile [VERSION]: MDM9206, MDM9607, MDM9650, MSM8909W, SD 200, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 835, the attributes of buffers in Secure Display were not marked properly. | 10.0 |
2018-03-30 | CVE-2017-14911 | Qualcomm | Improper Authentication vulnerability in Qualcomm products In Android before 2018-01-05 on Qualcomm Snapdragon IoT, Snapdragon Mobile, Snapdragon Automobile APQ8096AU, MDM9206, MDM9650, MSM8996AU, SD 210/SD 212/SD 205, SD 425, SD 430, SD 625, SD 650/52, SD 820, SD 835, it is possible for the XBL loader to skip the authentication of device config. | 10.0 |
2018-03-30 | CVE-2017-14906 | Unspecified vulnerability in Google Android In Android before 2018-01-05 on Qualcomm Snapdragon IoT, Snapdragon Mobile MDM9206, MDM9607, MSM8909W, SD 210/SD 212/SD 205, SD 410/12, PKCS7 padding is not supported by the crypto storage APIs. | 10.0 | |
2018-03-30 | CVE-2017-11010 | Unspecified vulnerability in Google Android In Android before 2018-01-05 on Qualcomm Snapdragon IoT, Snapdragon Mobile MDM9206, MDM9650, SD 210/SD 212/SD 205, SD 625, SD 650/52, SD 835, access control left a configuration space unprotected. | 10.0 | |
2018-03-30 | CVE-2018-9143 | Samsung | Out-of-bounds Write vulnerability in Samsung Mobile On Samsung mobile devices with M(6.0) and N(7.x) software, a heap overflow in the sensorhub binder service leads to code execution in a privileged process, aka SVE-2017-10991. | 10.0 |
2018-03-30 | CVE-2018-9139 | Samsung | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Samsung Mobile On Samsung mobile devices with N(7.x) software, a buffer overflow in the vision service allows code execution in a privileged process via a large frame size, aka SVE-2017-11165. | 10.0 |
2018-03-28 | CVE-2018-0171 | Cisco | Out-of-bounds Write vulnerability in Cisco IOS 15.2(5)E A vulnerability in the Smart Install feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to trigger a reload of an affected device, resulting in a denial of service (DoS) condition, or to execute arbitrary code on an affected device. | 10.0 |
2018-03-28 | CVE-2018-0151 | Cisco | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Cisco IOS XE 16.5.1 A vulnerability in the quality of service (QoS) subsystem of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition or execute arbitrary code with elevated privileges. | 10.0 |
2018-03-26 | CVE-2017-12815 | Bomgar | Path Traversal vulnerability in Bomgar Remote Support Analysis of the Bomgar Remote Support Portal JavaStart.jar Applet 52790 and earlier revealed that it is vulnerable to a path traversal vulnerability. | 10.0 |
2018-03-30 | CVE-2018-3822 | Elastic | Path Traversal vulnerability in Elastic X-Pack 6.2.0/6.2.1/6.2.2 X-Pack Security versions 6.2.0, 6.2.1, and 6.2.2 are vulnerable to a user impersonation attack via incorrect XML canonicalization and DOM traversal. | 9.8 |
2018-03-29 | CVE-2018-4841 | Siemens | Improper Authentication vulnerability in Siemens TIM 1531 IRC Firmware A vulnerability has been identified in TIM 1531 IRC (All versions < V1.1). | 9.8 |
2018-03-28 | CVE-2018-0150 | Cisco | Use of Hard-coded Credentials vulnerability in Cisco IOS XE 16.5.1 A vulnerability in Cisco IOS XE Software could allow an unauthenticated, remote attacker to log in to a device running an affected release of Cisco IOS XE Software with the default username and password that are used at initial boot, aka a Static Credential Vulnerability. | 9.8 |
2018-03-26 | CVE-2018-1312 | Apache Canonical Debian Netapp Redhat | Improper Authentication vulnerability in multiple products In Apache httpd 2.2.0 to 2.4.29, when generating an HTTP Digest authentication challenge, the nonce sent to prevent reply attacks was not correctly generated using a pseudo-random seed. | 9.8 |
2018-03-30 | CVE-2018-9141 | Samsung | Improper Input Validation vulnerability in Samsung Mobile On Samsung mobile devices with L(5.x), M(6.0), and N(7.x) software, Gallery allows remote attackers to execute arbitrary code via a BMP file with a crafted resolution, aka SVE-2017-11105. | 9.3 |
2018-03-29 | CVE-2018-9116 | Wiremock | XXE vulnerability in Wiremock An XXE vulnerability within WireMock before 2.16.0 allows a remote unauthenticated attacker to access local files and internal resources and potentially cause a Denial of Service. | 9.1 |
2018-03-29 | CVE-2018-5224 | Atlassian Microsoft | Improper Input Validation vulnerability in Atlassian Bamboo Bamboo did not correctly check if a configured Mercurial repository URI contained values that the Windows operating system may consider argument parameters. | 9.0 |
2018-03-28 | CVE-2018-0152 | Cisco | Insufficient Session Expiration vulnerability in Cisco IOS XE 16.1.1 A vulnerability in the web-based user interface (web UI) of Cisco IOS XE Software could allow an authenticated, remote attacker to gain elevated privileges on an affected device. | 9.0 |
2018-03-28 | CVE-2017-11509 | Firebirdsql Debian | SQL Injection vulnerability in multiple products An authenticated remote attacker can execute arbitrary code in Firebird SQL Server versions 2.5.7 and 3.0.2 by executing a malformed SQL statement. | 9.0 |
2018-03-27 | CVE-2018-9105 | Nordvpn | Improper Authentication vulnerability in Nordvpn 3.3.10 NordVPN 3.3.10 for macOS suffers from a root privilege escalation vulnerability. | 9.0 |
72 High Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2018-03-28 | CVE-2018-0167 | Cisco | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Cisco Ios, IOS XE and IOS XR Multiple Buffer Overflow vulnerabilities in the Link Layer Discovery Protocol (LLDP) subsystem of Cisco IOS Software, Cisco IOS XE Software, and Cisco IOS XR Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition or execute arbitrary code with elevated privileges on an affected device. | 8.8 |
2018-03-28 | CVE-2018-0174 | Cisco | Improper Input Validation vulnerability in Cisco IOS and IOS XE A vulnerability in the DHCP option 82 encapsulation functionality of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service (DoS) condition. | 8.6 |
2018-03-28 | CVE-2018-0173 | Cisco | Improper Input Validation vulnerability in Cisco IOS and IOS XE A vulnerability in the Cisco IOS Software and Cisco IOS XE Software function that restores encapsulated option 82 information in DHCP Version 4 (DHCPv4) packets could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a Relay Reply denial of service (DoS) condition. | 8.6 |
2018-03-28 | CVE-2018-0158 | Cisco | Memory Leak vulnerability in Cisco IOS and IOS XE A vulnerability in the Internet Key Exchange Version 2 (IKEv2) module of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a memory leak or a reload of an affected device that leads to a denial of service (DoS) condition. | 8.6 |
2018-03-27 | CVE-2018-1238 | Dell | OS Command Injection vulnerability in Dell EMC Scaleio Dell EMC ScaleIO versions prior to 2.5, contain a command injection vulnerability in the Light Installation Agent (LIA). | 8.5 |
2018-03-26 | CVE-2017-15715 | Apache Debian Canonical Netapp Redhat | Improper Input Validation vulnerability in multiple products In Apache httpd 2.4.0 to 2.4.29, the expression specified in <FilesMatch> could match '$' to a newline character in a malicious filename, rather than matching only the end of the filename. | 8.1 |
2018-03-28 | CVE-2018-0175 | Cisco | Use of Externally-Controlled Format String vulnerability in Cisco Ios, IOS XE and IOS XR Format String vulnerability in the Link Layer Discovery Protocol (LLDP) subsystem of Cisco IOS Software, Cisco IOS XE Software, and Cisco IOS XR Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition or execute arbitrary code with elevated privileges on an affected device. | 8.0 |
2018-03-28 | CVE-2018-0177 | Cisco | Unspecified vulnerability in Cisco IOS XE Denali16.3.1/Denali16.3.3 A vulnerability in the IP Version 4 (IPv4) processing code of Cisco IOS XE Software running on Cisco Catalyst 3850 and Cisco Catalyst 3650 Series Switches could allow an unauthenticated, remote attacker to cause high CPU utilization, traceback messages, or a reload of an affected device that leads to a denial of service (DoS) condition. | 7.8 |
2018-03-28 | CVE-2018-0172 | Cisco Rockwellautomation | Out-of-bounds Write vulnerability in Cisco IOS and IOS XE A vulnerability in the DHCP option 82 encapsulation functionality of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service (DoS) condition. | 7.8 |
2018-03-28 | CVE-2018-0170 | Cisco | Use After Free vulnerability in Cisco IOS XE 16.4.1 A vulnerability in the Cisco Umbrella Integration feature of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition, related to the OpenDNS software. | 7.8 |
2018-03-28 | CVE-2018-0164 | Cisco | Unspecified vulnerability in Cisco IOS XE 15.6(2)Sp A vulnerability in the Switch Integrated Security Features of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an interface queue wedge. | 7.8 |
2018-03-28 | CVE-2018-0157 | Cisco | Unspecified vulnerability in Cisco IOS XE A vulnerability in the Zone-Based Firewall code of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a device to reload. | 7.8 |
2018-03-28 | CVE-2018-0156 | Cisco | Improper Input Validation vulnerability in Cisco IOS and IOS XE A vulnerability in the Smart Install feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to trigger a reload of an affected device, resulting in a denial of service (DoS) condition. | 7.8 |
2018-03-28 | CVE-2018-0155 | Cisco Rockwellautomation | Improper Handling of Exceptional Conditions vulnerability in Cisco IOS and IOS XE A vulnerability in the Bidirectional Forwarding Detection (BFD) offload implementation of Cisco Catalyst 4500 Series Switches and Cisco Catalyst 4500-X Series Switches could allow an unauthenticated, remote attacker to cause a crash of the iosd process, causing a denial of service (DoS) condition. | 7.8 |
2018-03-28 | CVE-2018-1083 | ZSH Canonical Debian Redhat | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products Zsh before version 5.4.2-test-1 is vulnerable to a buffer overflow in the shell autocomplete functionality. | 7.8 |
2018-03-30 | CVE-2018-9142 | Samsung | Improper Input Validation vulnerability in Samsung Mobile On Samsung mobile devices with N(7.x) software, attackers can install an arbitrary APK in the Secure Folder SD Card area because of faulty validation of a package signature and package name, aka SVE-2017-10932. | 7.6 |
2018-04-01 | CVE-2018-9157 | Axis | Unrestricted Upload of File with Dangerous Type vulnerability in Axis M1033-W Firmware 5.40.5.1 An issue was discovered on AXIS M1033-W (IP camera) Firmware version 5.40.5.1 devices. | 7.5 |
2018-04-01 | CVE-2018-9156 | Axis | Unrestricted Upload of File with Dangerous Type vulnerability in Axis P1354 Firmware 5.90.1.1 An issue was discovered on AXIS P1354 (IP camera) Firmware version 5.90.1.1 devices. | 7.5 |
2018-03-31 | CVE-2018-9162 | Contec Touch | Missing Authentication for Critical Function vulnerability in Contec-Touch Smart Home Firmware 4.15 Contec Smart Home 4.15 devices do not require authentication for new_user.php, edit_user.php, delete_user.php, and user.php, as demonstrated by changing the admin password and then obtaining control over doors. | 7.5 |
2018-03-31 | CVE-2018-9161 | Prismaindustriale | Use of Hard-coded Credentials vulnerability in Prismaindustriale Checkweigher Prismaweb 1.21 Prisma Industriale Checkweigher PrismaWEB 1.21 allows remote attackers to discover the hardcoded prisma password for the prismaweb account by reading user/scripts/login_par.js. | 7.5 |
2018-03-31 | CVE-2015-9259 | Docker | Unrestricted Upload of File with Dangerous Type vulnerability in Docker Notary In Docker Notary before 0.1, the checkRoot function in gotuf/client/client.go does not check expiry of root.json files, despite a comment stating that it does. | 7.5 |
2018-03-30 | CVE-2017-17766 | Integer Overflow or Wraparound vulnerability in Google Android In wma_peer_info_event_handler() in Android for MSM, Firefox OS for MSM, and QRD Android before 2017-10-03, the value of num_peers received from firmware is not properly validated so that an integer overflow vulnerability in the size of a buffer allocation may potentially lead to a buffer overflow. | 7.5 | |
2018-03-30 | CVE-2017-16614 | TP Shop | Server-Side Request Forgery (SSRF) vulnerability in Tp-Shop Tpshop 2.0.5/2.0.6 SSRF (Server Side Request Forgery) in tpshop 2.0.5 and 2.0.6 allows remote attackers to obtain sensitive information, attack intranet hosts, or possibly trigger remote command execution via the plugins/payment/weixin/lib/WxPay.tedatac.php fBill parameter. | 7.5 |
2018-03-30 | CVE-2017-14883 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android In the function wma_unified_power_debug_stats_event_handler() in Android for MSM, Firefox OS for MSM, and QRD Android before 2017-10-18, if the value param_buf->num_debug_register received from the FW command buffer is close to max of uint32, then the computation performed using this variable to calculate stats_registers_len may overflow to a smaller value leading to less than required memory allocated for power_stats_results and potentially a buffer overflow while copying the FW buffer to local buffer. | 7.5 | |
2018-03-30 | CVE-2017-14881 | Use After Free vulnerability in Google Android While calling the IPA IOCTL handler for IPA_IOC_ADD_HDR_PROC_CTX in Android for MSM, Firefox OS for MSM, and QRD Android before 2017-10-13, a use-after-free condition may potentially occur. | 7.5 | |
2018-03-30 | CVE-2017-14877 | Use After Free vulnerability in Google Android While the IPA driver in Android for MSM, Firefox OS for MSM, and QRD Android before 2017-08-31 is processing IOCTL commands there is no mutex lock of allocated memory. | 7.5 | |
2018-03-30 | CVE-2017-14876 | Out-of-bounds Write vulnerability in Google Android In msm_ispif_config_stereo() in Android for MSM, Firefox OS for MSM, and QRD Android before 2017-06-21, the parameter params->entries[i].vfe_intf comes from userspace without any bounds check which could potentially result in a kernel out-of-bounds write. | 7.5 | |
2018-03-29 | CVE-2015-2020 | Myscript | Deserialization of Untrusted Data vulnerability in Myscript The MyScript SDK before 1.3 for Android might allow attackers to execute arbitrary code by leveraging a finalize method in a Serializable class that improperly passes an attacker-controlled pointer to a native function. | 7.5 |
2018-03-29 | CVE-2015-2004 | Gracenote | Range Error vulnerability in Gracenote Gnsdk The GraceNote GNSDK SDK before SVN Changeset 1.1.7 for Android might allow attackers to execute arbitrary code by leveraging a finalize method in a Serializable class that improperly passes an attacker-controlled pointer to a native function. | 7.5 |
2018-03-29 | CVE-2015-2003 | Pjsip | Range Error vulnerability in Pjsip Pjsua2 SDK The PJSIP PJSUA2 SDK before SVN Changeset 51322 for Android might allow attackers to execute arbitrary code by leveraging a finalize method in a Serializable class that improperly passes an attacker-controlled pointer to a native function. | 7.5 |
2018-03-29 | CVE-2015-2002 | Esri | Range Error vulnerability in Esri Arcgisruntime SDK The ESRI ArcGis Runtime SDK before 10.2.6-2 for Android might allow attackers to execute arbitrary code by leveraging a finalize method in a Serializable class that improperly passes an attacker-controlled pointer to a native function. | 7.5 |
2018-03-29 | CVE-2015-2001 | Metaio | Range Error vulnerability in Metaio SDK The MetaIO SDK before 6.0.2.1 for Android might allow attackers to execute arbitrary code by leveraging a finalize method in a Serializable class that improperly passes an attacker-controlled pointer to a native function. | 7.5 |
2018-03-29 | CVE-2015-2000 | Jumio | Range Error vulnerability in Jumio SDK The Jumio SDK before 1.5.0 for Android might allow attackers to execute arbitrary code by leveraging a finalize method in a Serializable class that improperly passes an attacker-controlled pointer to a native function. | 7.5 |
2018-03-29 | CVE-2014-5170 | Drupal | Improper Input Validation vulnerability in Drupal Storage API The Storage API module 7.x before 7.x-1.6 for Drupal might allow remote attackers to execute arbitrary code by leveraging failure to update .htaccess file contents after SA-CORE-2013-003. | 7.5 |
2018-03-29 | CVE-2018-7600 | Drupal Debian | Improper Input Validation vulnerability in multiple products Drupal before 7.58, 8.x before 8.3.9, 8.4.x before 8.4.6, and 8.5.x before 8.5.1 allows remote attackers to execute arbitrary code because of an issue affecting multiple subsystems with default or common module configurations. | 7.5 |
2018-03-28 | CVE-2018-0159 | Cisco | Unspecified vulnerability in Cisco IOS and IOS XE A vulnerability in the implementation of Internet Key Exchange Version 1 (IKEv1) functionality in Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service (DoS) condition. | 7.5 |
2018-03-28 | CVE-2018-0154 | Cisco | Unspecified vulnerability in Cisco IOS A vulnerability in the crypto engine of the Cisco Integrated Services Module for VPN (ISM-VPN) running Cisco IOS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. | 7.5 |
2018-03-28 | CVE-2018-1064 | Debian Redhat | Resource Exhaustion vulnerability in multiple products libvirt version before 4.2.0-rc1 is vulnerable to a resource exhaustion as a result of an incomplete fix for CVE-2018-5748 that affects QEMU monitor but now also triggered via QEMU guest agent. | 7.5 |
2018-03-28 | CVE-2018-5451 | Philips | Improper Authentication vulnerability in Philips Alice 6 Firmware In Philips Alice 6 System version R8.0.2 or prior, when an actor claims to have a given identity, the software does not prove or insufficiently proves that the claim is correct. | 7.5 |
2018-03-28 | CVE-2018-9110 | Std42 | Path Traversal vulnerability in Std42 Elfinder Studio 42 elFinder before 2.1.37 has a directory traversal vulnerability in elFinder.class.php with the zipdl() function that can allow a remote attacker to download files accessible by the web server process and delete files owned by the account running the web server process. | 7.5 |
2018-03-28 | CVE-2018-9109 | Std42 | Path Traversal vulnerability in Std42 Elfinder Studio 42 elFinder before 2.1.36 has a directory traversal vulnerability in elFinder.class.php with the zipdl() function that can allow a remote attacker to download files accessible by the web server process and delete files owned by the account running the web server process. | 7.5 |
2018-03-28 | CVE-2018-8823 | Responsive Mega Menu PRO Project Prestashop | Code Injection vulnerability in multiple products modules/bamegamenu/ajax_phpcode.php in the Responsive Mega Menu (Horizontal+Vertical+Dropdown) Pro module 1.0.32 for PrestaShop 1.5.5.0 through 1.7.2.5 allows remote attackers to execute arbitrary PHP code via the code parameter. | 7.5 |
2018-03-27 | CVE-2018-1327 | Apache | Unspecified vulnerability in Apache Struts The Apache Struts REST Plugin is using XStream library which is vulnerable and allow perform a DoS attack when using a malicious request with specially crafted XML payload. | 7.5 |
2018-03-27 | CVE-2014-4959 | SQL Injection vulnerability in Google Android **DISPUTED** SQL injection vulnerability in SQLiteDatabase.java in the SQLi Api in Android allows remote attackers to execute arbitrary SQL commands via the delete method. | 7.5 | |
2018-03-27 | CVE-2018-9032 | Dlink | Improper Authentication vulnerability in Dlink Dir-850L Firmware An authentication bypass vulnerability on D-Link DIR-850L Wireless AC1200 Dual Band Gigabit Cloud Router (Hardware Version : A1, B1; Firmware Version : 1.02-2.06) devices potentially allows attackers to bypass SharePort Web Access Portal by directly visiting /category_view.php or /folder_view.php. | 7.5 |
2018-03-26 | CVE-2018-7673 | Netiq | Unspecified vulnerability in Netiq Identity Manager 4.5 The NetIQ Identity Manager communication channel, in versions prior to 4.7, is susceptible to a DoS attack. | 7.5 |
2018-03-26 | CVE-2014-2293 | Zikula | Code Injection vulnerability in Zikula Application Framework Zikula Application Framework before 1.3.7 build 11 allows remote attackers to conduct PHP object injection attacks and delete arbitrary files or execute arbitrary PHP code via crafted serialized data in the (1) authentication_method_ser or (2) authentication_info_ser parameter to index.php, or (3) zikulaMobileTheme parameter to index.php. | 7.5 |
2018-03-26 | CVE-2014-2048 | Owncloud | Improper Access Control vulnerability in Owncloud The user_openid app in ownCloud Server before 5.0.15 allows remote attackers to obtain access by leveraging an insecure OpenID implementation. | 7.5 |
2018-03-26 | CVE-2018-1303 | Apache Debian Canonical Netapp | Out-of-bounds Read vulnerability in multiple products A specially crafted HTTP request header could have crashed the Apache HTTP Server prior to version 2.4.30 due to an out of bound read while preparing data to be cached in shared memory. | 7.5 |
2018-03-26 | CVE-2017-15710 | Apache Debian Canonical Netapp Redhat | Out-of-bounds Write vulnerability in multiple products In Apache httpd 2.0.23 to 2.0.65, 2.2.0 to 2.2.34, and 2.4.0 to 2.4.29, mod_authnz_ldap, if configured with AuthLDAPCharsetConfig, uses the Accept-Language header value to lookup the right charset encoding when verifying the user's credentials. | 7.5 |
2018-03-26 | CVE-2018-5474 | Philips | Improper Input Validation vulnerability in Philips Intellispace Portal 8.0/9.0 Philips Intellispace Portal all versions 7.0.x and 8.0.x have an input validation vulnerability that could allow a remote attacker to execute arbitrary code or cause the application to crash. | 7.5 |
2018-03-26 | CVE-2018-5472 | Philips | Unspecified vulnerability in Philips Intellispace Portal 8.0/9.0 Philips Intellispace Portal all versions 7.0.x and 8.0.x have an insecure windows permissions vulnerability that could allow an attacker to gain unauthorized access and in some cases escalate their level of privilege or execute arbitrary code. | 7.5 |
2018-03-26 | CVE-2018-5468 | Philips | Unspecified vulnerability in Philips Intellispace Portal 8.0/9.0 Philips Intellispace Portal all versions 7.0.x and 8.0.x have a remote desktop access vulnerability that could allow an attacker to gain unauthorized access and in some cases escalate their level of privilege or execute arbitrary code | 7.5 |
2018-03-26 | CVE-2018-1348 | Netiq | Unspecified vulnerability in Netiq Identity Manager 4.5 NetIQ Identity Manager driver, in versions prior to 4.7, allows for an SSL handshake renegotiation which could result in a MITM attack. | 7.4 |
2018-04-01 | CVE-2018-9149 | Zyxel | Use of Hard-coded Credentials vulnerability in Zyxel Ac3000 Firmware The Zyxel Multy X (AC3000 Tri-Band WiFi System) device doesn't use a suitable mechanism to protect the UART. | 7.2 |
2018-03-29 | CVE-2017-16873 | Hashicorp | Unspecified vulnerability in Hashicorp Vagrant VMWare Fusion It is possible to exploit an unsanitized PATH in the suid binary that ships with vagrant-vmware-fusion 4.0.25 through 5.0.4 in order to escalate to root privileges. | 7.2 |
2018-03-29 | CVE-2017-16512 | Hashicorp | Race Condition vulnerability in Hashicorp Vagrant VMWare Fusion 5.0.2/5.0.3/5.0.4 The vagrant update process in Hashicorp vagrant-vmware-fusion 5.0.2 through 5.0.4 allows local users to steal root privileges via a crafted update request when no updates are available. | 7.2 |
2018-03-28 | CVE-2018-0193 | Cisco | OS Command Injection vulnerability in Cisco IOS XE Multiple vulnerabilities in the CLI parser of Cisco IOS XE Software could allow an authenticated, local attacker to inject arbitrary commands into the CLI of the affected software, which could allow the attacker to gain access to the underlying Linux shell of an affected device and execute commands with root privileges on the device. | 7.2 |
2018-03-28 | CVE-2018-0185 | Cisco | OS Command Injection vulnerability in Cisco IOS XE Multiple vulnerabilities in the CLI parser of Cisco IOS XE Software could allow an authenticated, local attacker to inject arbitrary commands into the CLI of the affected software, which could allow the attacker to gain access to the underlying Linux shell of an affected device and execute commands with root privileges on the device. | 7.2 |
2018-03-28 | CVE-2018-0184 | Cisco | OS Command Injection vulnerability in Cisco IOS XE A vulnerability in the CLI parser of Cisco IOS XE Software could allow an authenticated, local attacker to gain access to the underlying Linux shell of an affected device and execute arbitrary commands with root privileges on the device. | 7.2 |
2018-03-28 | CVE-2018-0183 | Cisco | OS Command Injection vulnerability in Cisco IOS XE A vulnerability in the CLI parser of Cisco IOS XE Software could allow an authenticated, local attacker to gain access to the underlying Linux shell of an affected device and execute arbitrary commands with root privileges on the device. | 7.2 |
2018-03-28 | CVE-2018-0182 | Cisco | OS Command Injection vulnerability in Cisco IOS XE Multiple vulnerabilities in the CLI parser of Cisco IOS XE Software could allow an authenticated, local attacker to inject arbitrary commands into the CLI of the affected software, which could allow the attacker to gain access to the underlying Linux shell of an affected device and execute commands with root privileges on the device. | 7.2 |
2018-03-28 | CVE-2018-0176 | Cisco | OS Command Injection vulnerability in Cisco IOS XE 15.0(5.59)Emd/16.1(0)/16.2(0) Multiple vulnerabilities in the CLI parser of Cisco IOS XE Software could allow an authenticated, local attacker to gain access to the underlying Linux shell of an affected device and execute arbitrary commands with root privileges on the device. | 7.2 |
2018-03-28 | CVE-2018-0169 | Cisco | OS Command Injection vulnerability in Cisco IOS 15.0(5.59)Emd Multiple vulnerabilities in the CLI parser of Cisco IOS XE Software could allow an authenticated, local attacker to gain access to the underlying Linux shell of an affected device and execute arbitrary commands with root privileges on the device. | 7.2 |
2018-03-27 | CVE-2018-6766 | Swisscom | Uncontrolled Search Path Element vulnerability in Swisscom Tvmediahelper 1.1.0.50 Swisscom TVMediaHelper 1.1.0.50 contains a vulnerability that could allow an unauthenticated, remote attacker to execute arbitrary code on the targeted system. | 7.2 |
2018-03-27 | CVE-2018-6765 | Swisscom | Uncontrolled Search Path Element vulnerability in Swisscom Myswisscomassistant 2.17.1.1065 Swisscom MySwisscomAssistant 2.17.1.1065 contains a vulnerability that could allow an unauthenticated, remote attacker to execute arbitrary code on the targeted system. | 7.2 |
2018-03-26 | CVE-2018-1204 | Dell | Path Traversal vulnerability in Dell EMC Isilon Onefs Dell EMC Isilon OneFS versions between 8.1.0.0 - 8.1.0.1, 8.0.1.0 - 8.0.1.2, and 8.0.0.0 - 8.0.0.6, versions 7.2.1.x, and version 7.1.1.11 is affected by a path traversal vulnerability in the isi_phone_home tool. | 7.2 |
2018-03-26 | CVE-2018-1203 | Dell | Incorrect Permission Assignment for Critical Resource vulnerability in Dell EMC Isilon Onefs In Dell EMC Isilon OneFS, the compadmin is able to run tcpdump binary with root privileges. | 7.2 |
2018-03-26 | CVE-2017-15534 | Symantec | Improper Authentication vulnerability in Symantec Norton APP Lock The Norton App Lock prior to version 1.3.0.13 can be susceptible to an authentication bypass exploit. | 7.2 |
2018-03-26 | CVE-2018-5470 | Philips | Untrusted Search Path vulnerability in Philips Intellispace Portal 8.0/9.0 Philips IntelliSpace Portal all versions of 8.0.x, and 7.0.x have an unquoted search path or element vulnerability that has been identified, which may allow an authorized local user to execute arbitrary code and escalate their level of privileges. | 7.2 |
2018-03-30 | CVE-2018-9136 | Jungo | Improper Input Validation vulnerability in Jungo Windriver windrvr1260.sys in Jungo DriverWizard WinDriver 12.6.0 allows attackers to cause a denial of service (BSOD) via a crafted .exe file, a different vulnerability than CVE-2018-8821. | 7.1 |
2018-03-28 | CVE-2018-0189 | Cisco | Unspecified vulnerability in Cisco IOS XE A vulnerability in the Forwarding Information Base (FIB) code of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, network attacker to cause a denial of service (DoS) condition. | 7.1 |
173 Medium Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2018-03-29 | CVE-2017-16839 | Hashicorp | Unspecified vulnerability in Hashicorp Vagrant VMWare Fusion 5.0.4 Hashicorp vagrant-vmware-fusion 5.0.4 allows local users to steal root privileges if VMware Fusion is not installed. | 6.9 |
2018-03-26 | CVE-2017-12410 | Kaseya | Race Condition vulnerability in Kaseya Virtual System Administrator It is possible to exploit a Time of Check & Time of Use (TOCTOU) vulnerability by winning a race condition when Kaseya Virtual System Administrator agent 9.3.0.11 and earlier tries to execute its binaries from working and/or temporary folders. | 6.9 |
2018-04-01 | CVE-2018-9128 | DVD X Player | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Dvd-X-Player DVD X Player 5.5.3.9 DVD X Player Standard 5.5.3.9 has a Buffer Overflow via a crafted .plf file, a related issue to CVE-2007-3068. | 6.8 |
2018-03-31 | CVE-2018-8908 | Frog CMS Project | Cross-Site Request Forgery (CSRF) vulnerability in Frog CMS Project Frog CMS 0.9.5 An issue was discovered in /admin/?/user/add in Frog CMS 0.9.5. | 6.8 |
2018-03-31 | CVE-2018-8893 | Zblogcn | Cross-Site Request Forgery (CSRF) vulnerability in Zblogcn Z-Blogphp 1.5.1 Z-BlogPHP 1.5.1 Zero has CSRF in plugin_edit.php, resulting in the ability to execute arbitrary PHP code. | 6.8 |
2018-03-30 | CVE-2018-9134 | Dedecms | Cross-Site Request Forgery (CSRF) vulnerability in Dedecms 5.7 file_manage_control.php in DedeCMS 5.7 has CSRF in an fmdo=rename action, as demonstrated by renaming an arbitrary file under uploads/userup to a .php file under the web root to achieve PHP code execution. | 6.8 |
2018-03-30 | CVE-2018-9135 | Imagemagick | Out-of-bounds Read vulnerability in Imagemagick 7.0.724 In ImageMagick 7.0.7-24 Q16, there is a heap-based buffer over-read in IsWEBPImageLossless in coders/webp.c. | 6.8 |
2018-03-29 | CVE-2015-4952 | IBM | Unspecified vulnerability in IBM Endpoint Manager for Remote Control 9.0.1/9.1.0 The on-demand plugin in IBM Endpoint Manager for Remote Control 9.0.1 and 9.1.0 allows user-assisted remote attackers to execute arbitrary code via unspecified vectors. | 6.8 |
2018-03-29 | CVE-2015-2009 | IBM | Cross-Site Request Forgery (CSRF) vulnerability in IBM Qradar Security Information and Event Manager Cross-site request forgery (CSRF) vulnerability in the xmlrpc.cgi service in IBM QRadar SIEM 7.1 before MR2 Patch 11 Interim Fix 02 and 7.2.x before 7.2.5 Patch 4 allows remote attackers to hijack the authentication of arbitrary users for requests that insert XSS sequences via vectors related to webmin. | 6.8 |
2018-03-28 | CVE-2018-9108 | Quickappscms | Cross-Site Request Forgery (CSRF) vulnerability in Quickappscms Quickapps CMS 2.0.0 CSRF in /admin/user/manage/add in QuickAppsCMS 2.0.0-beta2 allows an unauthorized remote attacker to create an account with admin privileges. | 6.8 |
2018-03-28 | CVE-2018-9107 | Acyba | Improper Neutralization of Formula Elements in a CSV File vulnerability in Acyba Acymailing CSV Injection (aka Excel Macro Injection or Formula Injection) exists in the export feature in the Acyba AcyMailing extension before 5.9.6 for Joomla! via a value that is mishandled in a CSV export. | 6.8 |
2018-03-28 | CVE-2018-9106 | Acyba | Improper Neutralization of Formula Elements in a CSV File vulnerability in Acyba Acysms CSV Injection (aka Excel Macro Injection or Formula Injection) exists in the export feature in the Acyba AcySMS extension before 3.5.1 for Joomla! via a value that is mishandled in a CSV export. | 6.8 |
2018-03-27 | CVE-2018-9092 | 1234N | Cross-Site Request Forgery (CSRF) vulnerability in 1234N Minicms 1.10 There is a CSRF vulnerability in mc-admin/conf.php in MiniCMS 1.10 that can change the administrator account password. | 6.8 |
2018-03-27 | CVE-2018-7700 | Dedecms | Cross-Site Request Forgery (CSRF) vulnerability in Dedecms 5.7 DedeCMS 5.7 has CSRF with an impact of arbitrary code execution, because the partcode parameter in a tag_test_action.php request can specify a runphp field in conjunction with PHP code. | 6.8 |
2018-03-27 | CVE-2018-8764 | Debian Ldap Account Manager | Cross-Site Request Forgery (CSRF) vulnerability in multiple products Roland Gruber Softwareentwicklung LDAP Account Manager before 6.3 places a CSRF token in the sec_token parameter of a URI, which makes it easier for remote attackers to defeat a CSRF protection mechanism by leveraging logging. | 6.8 |
2018-03-27 | CVE-2018-1267 | Cloudfoundry | Incorrect Permission Assignment for Critical Resource vulnerability in Cloudfoundry Silk-Release 0.1.0 Cloud Foundry Silk CNI plugin, versions prior to 0.2.0, contains an improper access control vulnerability. | 6.8 |
2018-03-26 | CVE-2018-1213 | Dell | Cross-Site Request Forgery (CSRF) vulnerability in Dell EMC Isilon Onefs Dell EMC Isilon OneFS versions between 8.1.0.0 - 8.1.0.1, 8.0.1.0 - 8.0.1.2, and 8.0.0.0 - 8.0.0.6, versions 7.2.1.x, and version 7.1.1.11 and 8.1.0.2 is affected by a cross-site request forgery vulnerability. | 6.8 |
2018-03-26 | CVE-2018-5454 | Philips | Unspecified vulnerability in Philips Intellispace Portal 8.0/9.0 Philips IntelliSpace Portal all versions of 8.0.x, and 7.0.x have a vulnerability where code debugging methods are enabled, which could allow an attacker to remotely execute arbitrary code during runtime. | 6.8 |
2018-03-26 | CVE-2014-2312 | Intel | Link Following vulnerability in Intel Thermald The main function in android_main.cpp in thermald allows local users to write to arbitrary files via a symlink attack on /tmp/thermald.pid. | 6.6 |
2018-03-30 | CVE-2018-3728 | Hapijs | Modification of Assumed-Immutable Data (MAID) vulnerability in Hapijs Hoek hoek node module before 4.2.0 and 5.0.x before 5.0.3 suffers from a Modification of Assumed-Immutable Data (MAID) vulnerability via 'merge' and 'applyToDefaults' functions, which allows a malicious user to modify the prototype of "Object" via __proto__, causing the addition or modification of an existing property that will exist on all objects. | 6.5 |
2018-03-30 | CVE-2018-9132 | Libming Debian | NULL Pointer Dereference vulnerability in multiple products libming 0.4.8 has a NULL pointer dereference in the getInt function of the decompile.c file. | 6.5 |
2018-03-29 | CVE-2018-5223 | Atlassian | Improper Input Validation vulnerability in Atlassian Crucible and Fisheye Fisheye and Crucible did not correctly check if a configured Mercurial repository URI contained values that the Windows operating system may consider argument parameters. | 6.5 |
2018-03-28 | CVE-2018-0195 | Cisco | Improper Authentication vulnerability in Cisco IOS XE A vulnerability in the Cisco IOS XE Software REST API could allow an authenticated, remote attacker to bypass API authorization checks and use the API to perform privileged actions on an affected device. | 6.5 |
2018-03-27 | CVE-2018-0739 | Openssl Debian Canonical | Uncontrolled Recursion vulnerability in multiple products Constructed ASN.1 types with a recursive definition (such as can be found in PKCS7) could eventually exceed the stack given malicious input with excessive recursion. | 6.5 |
2018-03-27 | CVE-2018-1266 | Cloudfoundry | Use of Insufficiently Random Values vulnerability in Cloudfoundry Capi-Release Cloud Foundry Cloud Controller, versions prior to 1.52.0, contains information disclosure and path traversal vulnerabilities. | 6.5 |
2018-03-27 | CVE-2018-1231 | Pivotal Software | Incorrect Permission Assignment for Critical Resource vulnerability in Pivotal Software Bosh CLI Cloud Foundry BOSH CLI, versions prior to v3.0.1, contains an improper access control vulnerability. | 6.5 |
2018-03-26 | CVE-2018-8802 | Unisys | SQL Injection vulnerability in Unisys Clearpath Eportal Manager and Eportal-2200 SQL injection vulnerability in the management interface in ePortal Manager allows remote attackers to execute arbitrary SQL commands via unspecified parameters. | 6.5 |
2018-03-27 | CVE-2015-4987 | IBM | Improper Authentication vulnerability in IBM Tealeaf Customer Experience The search and replay servers in IBM Tealeaf Customer Experience 8.0 through 9.0.2 allow remote attackers to bypass authentication via unspecified vectors. | 6.4 |
2018-03-28 | CVE-2018-0161 | Cisco | Unspecified vulnerability in Cisco IOS 15.2(5)E A vulnerability in the Simple Network Management Protocol (SNMP) subsystem of Cisco IOS Software running on certain models of Cisco Catalyst Switches could allow an authenticated, remote attacker to cause a denial of service (DoS) condition, aka a GET MIB Object ID Denial of Service Vulnerability. | 6.3 |
2018-03-28 | CVE-2018-0160 | Cisco | Double Free vulnerability in Cisco IOS XE 15.5(3)S A vulnerability in Simple Network Management Protocol (SNMP) subsystem of Cisco IOS XE Software could allow an authenticated, remote attacker to cause a denial of service (DoS) condition. | 6.3 |
2018-03-30 | CVE-2018-5708 | Dlink | Insufficiently Protected Credentials vulnerability in Dlink Dir-601 Firmware 2.02Na An issue was discovered on D-Link DIR-601 B1 2.02NA devices. | 6.1 |
2018-03-30 | CVE-2018-3821 | Elastic | Cross-site Scripting vulnerability in Elastic Kibana Kibana versions after 5.1.1 and before 5.6.7 and 6.1.3 had a cross-site scripting (XSS) vulnerability in the tag cloud visualization that could allow an attacker to obtain sensitive information from or perform destructive actions on behalf of other Kibana users. | 6.1 |
2018-03-30 | CVE-2018-3820 | Elastic | Cross-site Scripting vulnerability in Elastic Kibana 6.1.1/6.1.2 Kibana versions after 6.1.0 and before 6.1.3 had a cross-site scripting (XSS) vulnerability in labs visualizations that could allow an attacker to obtain sensitive information from or perform destructive actions on behalf of other Kibana users. | 6.1 |
2018-03-30 | CVE-2018-3741 | Rubyonrails | Cross-site Scripting vulnerability in Rubyonrails Html Sanitizer There is a possible XSS vulnerability in all rails-html-sanitizer gem versions below 1.0.4 for Ruby. | 6.1 |
2018-03-29 | CVE-2018-6588 | CA | Cross-site Scripting vulnerability in CA API Developer Portal 3.5 CA API Developer Portal 3.5 up to and including 3.5 CR5 has a reflected cross-site scripting vulnerability related to the apiExplorer. | 6.1 |
2018-03-29 | CVE-2018-6587 | CA | Cross-site Scripting vulnerability in CA API Developer Portal 3.5 CA API Developer Portal 3.5 up to and including 3.5 CR6 has a reflected cross-site scripting vulnerability related to the widgetID variable. | 6.1 |
2018-03-29 | CVE-2018-6586 | CA | Cross-site Scripting vulnerability in CA API Developer Portal 3.5 CA API Developer Portal 3.5 up to and including 3.5 CR6 has a stored cross-site scripting vulnerability related to profile picture processing. | 6.1 |
2018-03-28 | CVE-2018-0165 | Cisco | Missing Release of Resource after Effective Lifetime vulnerability in Cisco IOS XE 15.2(3)E/Denali16.3.3 A vulnerability in the Internet Group Management Protocol (IGMP) packet-processing functionality of Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to exhaust buffers on an affected device, resulting in a denial of service (DoS) condition, aka a Memory Leak. | 6.1 |
2018-03-28 | CVE-2018-7674 | Netiq | Open Redirect vulnerability in Netiq Identity Manager 4.5 The NetIQ Identity Manager user console, in versions prior to 4.7, is susceptible to URL redirection. | 6.1 |
2018-03-27 | CVE-2018-9054 | Windows Optimization Master Project | Improper Input Validation vulnerability in Windows Optimization Master Project Windows Optimization Master 7.99.13.604 In Windows Master (aka Windows Optimization Master) 7.99.13.604, the driver file (WoptiHWDetect.SYS) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0xf100284c. | 6.1 |
2018-03-27 | CVE-2018-9053 | Windows Optimization Master Project | Improper Input Validation vulnerability in Windows Optimization Master Project Windows Optimization Master 7.99.13.604 In Windows Master (aka Windows Optimization Master) 7.99.13.604, the driver file (WoptiHWDetect.SYS) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0xf10026cc. | 6.1 |
2018-03-27 | CVE-2018-9052 | Windows Optimization Master Project | Improper Input Validation vulnerability in Windows Optimization Master Project Windows Optimization Master 7.99.13.604 In Windows Master (aka Windows Optimization Master) 7.99.13.604, the driver file (WoptiHWDetect.SYS) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0xf100283c. | 6.1 |
2018-03-27 | CVE-2018-9051 | Windows Optimization Master Project | Improper Input Validation vulnerability in Windows Optimization Master Project Windows Optimization Master 7.99.13.604 In Windows Master (aka Windows Optimization Master) 7.99.13.604, the driver file (WoptiHWDetect.SYS) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0xf1002021. | 6.1 |
2018-03-27 | CVE-2018-9050 | Windows Optimization Master Project | Improper Input Validation vulnerability in Windows Optimization Master Project Windows Optimization Master 7.99.13.604 In Windows Master (aka Windows Optimization Master) 7.99.13.604, the driver file (WoptiHWDetect.SYS) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0xf100202d. | 6.1 |
2018-03-27 | CVE-2018-9049 | Windows Optimization Master Project | Improper Input Validation vulnerability in Windows Optimization Master Project Windows Optimization Master 7.99.13.604 In Windows Master (aka Windows Optimization Master) 7.99.13.604, the driver file (WoptiHWDetect.SYS) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0xf1002833. | 6.1 |
2018-03-27 | CVE-2018-9048 | Windows Optimization Master Project | Improper Input Validation vulnerability in Windows Optimization Master Project Windows Optimization Master 7.99.13.604 In Windows Master (aka Windows Optimization Master) 7.99.13.604, the driver file (WoptiHWDetect.SYS) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0xf100282c. | 6.1 |
2018-03-27 | CVE-2018-9047 | Windows Optimization Master Project | Improper Input Validation vulnerability in Windows Optimization Master Project Windows Optimization Master 7.99.13.604 In Windows Master (aka Windows Optimization Master) 7.99.13.604, the driver file (WoptiHWDetect.SYS) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0xf1002841. | 6.1 |
2018-03-27 | CVE-2018-9046 | Windows Optimization Master Project | Improper Input Validation vulnerability in Windows Optimization Master Project Windows Optimization Master 7.99.13.604 In Windows Master (aka Windows Optimization Master) 7.99.13.604, the driver file (WoptiHWDetect.SYS) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0xf100282d. | 6.1 |
2018-03-27 | CVE-2018-9045 | Windows Optimization Master Project | Improper Input Validation vulnerability in Windows Optimization Master Project Windows Optimization Master 7.99.13.604 In Windows Master (aka Windows Optimization Master) 7.99.13.604, the driver file (WoptiHWDetect.SYS) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0xf1002849. | 6.1 |
2018-03-27 | CVE-2018-9044 | Iobit | Improper Input Validation vulnerability in Iobit Advanced Systemcare Ultimate 11.0.1.58 In Advanced SystemCare Ultimate 11.0.1.58, the driver file (Monitor_win10_x64.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x9c4060cc. | 6.1 |
2018-03-27 | CVE-2018-9043 | Iobit | Improper Input Validation vulnerability in Iobit Advanced Systemcare Ultimate 11.0.1.58 In Advanced SystemCare Ultimate 11.0.1.58, the driver file (Monitor_win10_x64.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x9c4060d0. | 6.1 |
2018-03-27 | CVE-2018-9042 | Iobit | Improper Input Validation vulnerability in Iobit Advanced Systemcare Ultimate 11.0.1.58 In Advanced SystemCare Ultimate 11.0.1.58, the driver file (Monitor_win10_x64.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x9c402000. | 6.1 |
2018-03-27 | CVE-2018-9041 | Iobit | Improper Input Validation vulnerability in Iobit Advanced Systemcare Ultimate 11.0.1.58 In Advanced SystemCare Ultimate 11.0.1.58, the driver file (Monitor_win10_x64.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x9c402004. | 6.1 |
2018-03-27 | CVE-2018-9040 | Iobit | Improper Input Validation vulnerability in Iobit Advanced Systemcare Ultimate 11.0.1.58 In Advanced SystemCare Ultimate 11.0.1.58, the driver file (Monitor_win10_x64.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x9c4060c4. | 6.1 |
2018-03-28 | CVE-2018-8820 | Square 9 | SQL Injection vulnerability in Square-9 Globalforms An issue was discovered in Square 9 GlobalForms 6.2.x. | 6.0 |
2018-03-27 | CVE-2018-8718 | Jenkins | Cross-Site Request Forgery (CSRF) vulnerability in Jenkins Mailer Cross-site request forgery (CSRF) vulnerability in the Mailer Plugin 1.20 for Jenkins 2.111 allows remote authenticated users to send unauthorized mail as an arbitrary user via a /descriptorByName/hudson.tasks.Mailer/sendTestMail request. | 6.0 |
2018-03-28 | CVE-2018-0180 | Cisco | Unspecified vulnerability in Cisco IOS Multiple vulnerabilities in the Login Enhancements (Login Block) feature of Cisco IOS Software could allow an unauthenticated, remote attacker to trigger a reload of an affected system, resulting in a denial of service (DoS) condition. | 5.9 |
2018-03-28 | CVE-2018-0179 | Cisco | Unspecified vulnerability in Cisco IOS Multiple vulnerabilities in the Login Enhancements (Login Block) feature of Cisco IOS Software could allow an unauthenticated, remote attacker to trigger a reload of an affected system, resulting in a denial of service (DoS) condition. | 5.9 |
2018-03-28 | CVE-2018-7676 | Netiq | Information Exposure vulnerability in Netiq Identity Manager 4.5 The NetIQ Identity Manager, in versions prior to 4.7, userapp with log / trace enabled may leak sensitive information. | 5.9 |
2018-03-27 | CVE-2018-0733 | Openssl | Unspecified vulnerability in Openssl Because of an implementation bug the PA-RISC CRYPTO_memcmp function is effectively reduced to only comparing the least significant bit of each byte. | 5.9 |
2018-03-27 | CVE-2017-12319 | Cisco | Unspecified vulnerability in Cisco IOS and IOS XE A vulnerability in the Border Gateway Protocol (BGP) over an Ethernet Virtual Private Network (EVPN) for Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause the device to reload, resulting in a denial of service (DoS) condition, or potentially corrupt the BGP routing table, which could result in network instability. | 5.9 |
2018-03-26 | CVE-2018-1302 | Apache Canonical Netapp | NULL Pointer Dereference vulnerability in multiple products When an HTTP/2 stream was destroyed after being handled, the Apache HTTP Server prior to version 2.4.30 could have written a NULL pointer potentially to an already freed memory. | 5.9 |
2018-03-26 | CVE-2018-1301 | Apache Debian Canonical Netapp Redhat | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products A specially crafted request could have crashed the Apache HTTP Server prior to version 2.4.30, due to an out of bound access after a size limit is reached by reading the HTTP header. | 5.9 |
2018-03-30 | CVE-2018-3819 | Elastic | Open Redirect vulnerability in Elastic Kibana The fix in Kibana for ESA-2017-23 was incomplete. | 5.8 |
2018-03-30 | CVE-2018-9144 | Exiv2 | Out-of-bounds Read vulnerability in Exiv2 In Exiv2 0.26, there is an out-of-bounds read in Exiv2::Internal::binaryToString in image.cpp. | 5.8 |
2018-03-29 | CVE-2015-4953 | IBM | Inadequate Encryption Strength vulnerability in IBM Bigfix Remote Control 9.1.2 IBM BigFix Remote Control before Interim Fix pack 9.1.2-TIV-IBRC912-IF0001 makes it easier for man-in-the-middle attackers to decrypt traffic by leveraging a weakness in its encryption protocol. | 5.8 |
2018-03-26 | CVE-2015-5039 | IBM | Cryptographic Issues vulnerability in IBM Rational Clearcase The Remote Client and change management integrations in IBM Rational ClearCase 7.1.x, 8.0.0.x before 8.0.0.18, and 8.0.1.x before 8.0.1.11 do not properly validate hostnames in X.509 certificates from SSL servers, which allows remote attackers to spoof servers and obtain sensitive information or modify network traffic via a crafted certificate. | 5.8 |
2018-03-26 | CVE-2018-8937 | Open Audit | Open Redirect vulnerability in Open-Audit 2.1 An issue was discovered in Open-AudIT Professional 2.1. | 5.8 |
2018-03-26 | CVE-2018-9020 | Pixelite | Cross-site Scripting vulnerability in Pixelite Events Manager The Events Manager plugin before 5.8.1.2 for WordPress allows XSS via the events-manager.js mapTitle parameter in the Google Maps miniature. | 5.4 |
2018-03-29 | CVE-2018-9117 | Wiremock | Path Traversal vulnerability in Wiremock WireMock before 2.16.0 contains a vulnerability that allows a remote unauthenticated attacker to access local files beyond the application directory via a specially crafted XML request, aka Directory Traversal. | 5.3 |
2018-03-26 | CVE-2018-1350 | Netiq | Information Exposure Through Log Files vulnerability in Netiq Identity Manager 4.5 The NetIQ Identity Manager driver log file, in versions prior to 4.7, provides details that could aid in system enumeration. | 5.3 |
2018-03-26 | CVE-2018-1349 | Netiq | Information Exposure Through Log Files vulnerability in Netiq Identity Manager 4.5 The NetIQ Identity Manager driver log file, in versions prior to 4.7, provides details that could aid in system or configuration enumeration. | 5.3 |
2018-03-26 | CVE-2018-1283 | Apache Debian Canonical Netapp Redhat | In Apache httpd 2.4.0 to 2.4.29, when mod_session is configured to forward its session data to CGI applications (SessionEnv on, not the default), a remote user may influence their content by using a "Session" header. | 5.3 |
2018-04-01 | CVE-2018-9158 | Axis | Improper Input Validation vulnerability in Axis M1033-W Firmware 5.40.5.1 An issue was discovered on AXIS M1033-W (IP camera) Firmware version 5.40.5.1 devices. | 5.0 |
2018-03-31 | CVE-2018-9160 | Sickrage | Insufficiently Protected Credentials vulnerability in Sickrage SickRage before v2018.03.09-1 includes cleartext credentials in HTTP responses. | 5.0 |
2018-03-31 | CVE-2018-9159 | Sparkjava | Path Traversal vulnerability in Sparkjava Spark In Spark before 2.7.2, a remote attacker can read unintended static files via various representations of absolute or relative pathnames, as demonstrated by file: URLs and directory traversal sequences. | 5.0 |
2018-03-31 | CVE-2015-9258 | Docker | Cryptographic Issues vulnerability in Docker Notary In Docker Notary before 0.1, gotuf/signed/verify.go has a Signature Algorithm Not Matched to Key vulnerability. | 5.0 |
2018-03-30 | CVE-2018-7171 | Lynxtechnology | Path Traversal vulnerability in Lynxtechnology Twonky Server Directory traversal vulnerability in Twonky Server 7.0.11 through 8.5 allows remote attackers to share the contents of arbitrary directories via a .. | 5.0 |
2018-03-30 | CVE-2018-1232 | RSA | Out-of-bounds Write vulnerability in RSA Authentication Agent FOR web RSA Authentication Agent version 8.0.1 and earlier for Web for both IIS and Apache Web Server are impacted by a stack-based buffer overflow which may occur when handling certain malicious web cookies that have invalid formats. | 5.0 |
2018-03-30 | CVE-2017-15859 | Out-of-bounds Write vulnerability in Google Android While processing the QCA_NL80211_VENDOR_SUBCMD_SET_TXPOWER_SCALE_DECR_DB vendor command, in which attribute QCA_WLAN_VENDOR_ATTR_TXPOWER_SCALE_DECR_DB contains fewer than 1 byte, in Android for MSM, Firefox OS for MSM, and QRD Android before 2017-08-11 a buffer overrun occurs. | 5.0 | |
2018-03-30 | CVE-2017-14891 | Information Exposure vulnerability in Google Android In the KGSL driver function _gpuobj_map_useraddr() in Android for MSM, Firefox OS for MSM, and QRD Android before 2017-10-12, the contents of the stack can get leaked due to an uninitialized variable. | 5.0 | |
2018-03-30 | CVE-2017-14875 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android In the handler for the ioctl command VIDIOC_MSM_ISP_DUAL_HW_LPM_MODE in Android for MSM, Firefox OS for MSM, and QRD Android before 2017-05-23, a heap overread vulnerability exists. | 5.0 | |
2018-03-30 | CVE-2017-11087 | Information Exposure vulnerability in Google Android libOmxVenc in Android for MSM, Firefox OS for MSM, and QRD Android copies the output buffer to an application with the "filled length", which is larger than the output buffer's actual size, leading to an information disclosure problem in the context of mediaserver. | 5.0 | |
2018-03-30 | CVE-2018-9148 | Westerndigital | Improper Authentication vulnerability in Westerndigital MY Cloud Firmware 04.05.00320 Western Digital WD My Cloud v04.05.00-320 devices embed the session token (aka PHPSESSID) in filenames, which makes it easier for attackers to bypass authentication by listing a directory. | 5.0 |
2018-03-30 | CVE-2018-3740 | Sanitize Project | Improper Input Validation vulnerability in Sanitize Project Sanitize A specially crafted HTML fragment can cause Sanitize gem for Ruby to allow non-whitelisted attributes to be used on a whitelisted HTML element. | 5.0 |
2018-03-29 | CVE-2016-0898 | Vmware | Information Exposure Through Log Files vulnerability in VMWare Pivotal Software Mysql MySQL for PCF tiles 1.7.x before 1.7.10 were discovered to log the AWS access key in plaintext. | 5.0 |
2018-03-29 | CVE-2018-9031 | Tnlsoftsolutions | Insufficiently Protected Credentials vulnerability in Tnlsoftsolutions Sentry Vision 3.0/3.1/3.2 The login interface on TNLSoftSolutions Sentry Vision 3.x devices provides password disclosure by reading an "if(pwd ==" line in the HTML source code. | 5.0 |
2018-03-28 | CVE-2018-7498 | Philips | Missing Encryption of Sensitive Data vulnerability in Philips Alice 6 Firmware In Philips Alice 6 System version R8.0.2 or prior, the lack of proper data encryption passes up the guarantees of confidentiality, integrity, and accountability that properly implemented encryption conveys. | 5.0 |
2018-03-28 | CVE-2017-11510 | Wanscam | Insufficiently Protected Credentials vulnerability in Wanscam Hw0021 Firmware 11.6.5.1.120161213 An information leak exists in Wanscam's HW0021 network camera that allows an unauthenticated remote attacker to recover the administrator username and password via an ONVIF GetSnapshotUri request. | 5.0 |
2018-03-27 | CVE-2018-1237 | Dell | Improper Authentication vulnerability in Dell EMC Scaleio Dell EMC ScaleIO versions prior to 2.5, contain improper restriction of excessive authentication attempts on the Light installation Agent (LIA). | 5.0 |
2018-03-27 | CVE-2018-1205 | Dell | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Dell EMC Scaleio Dell EMC ScaleIO, versions prior to 2.5, do not properly handle some packet data in the MDM service. | 5.0 |
2018-03-27 | CVE-2017-7630 | Qnap | Information Exposure vulnerability in Qnap QTS 4.2.6/4.3.3 QNAP QTS 4.2.6 build 20171026, QTS 4.3.3 build 20170727 and earlier allows remote attackers to obtain potentially sensitive information (firmware version and running services) via a request to sysinfoReq.cgi. | 5.0 |
2018-03-27 | CVE-2018-9057 | Hashicorp | Insufficient Entropy in PRNG vulnerability in Hashicorp Terraform aws/resource_aws_iam_user_login_profile.go in the HashiCorp Terraform Amazon Web Services (AWS) provider through v1.12.0 has an inappropriate PRNG algorithm and seeding, which makes it easier for remote attackers to obtain access by leveraging an IAM account that was provisioned with a weak password. | 5.0 |
2018-03-27 | CVE-2014-0486 | NIC | Improper Input Validation vulnerability in NIC Knot CMS Knot DNS before 1.5.2 allows remote attackers to cause a denial of service (application crash) via a crafted DNS message. | 5.0 |
2018-03-27 | CVE-2018-0198 | Cisco | Forced Browsing vulnerability in Cisco Unified Communications Manager A vulnerability in the web framework of Cisco Unified Communications Manager could allow an unauthenticated, remote attacker to view sensitive data. | 5.0 |
2018-03-27 | CVE-2017-12310 | Cisco | Cleartext Transmission of Sensitive Information vulnerability in Cisco Spark Hybrid Calendar Service A vulnerability in the auto discovery phase of Cisco Spark Hybrid Calendar Service could allow an unauthenticated, remote attacker to view sensitive information in the unencrypted headers of an HTTP method request. | 5.0 |
2018-03-26 | CVE-2018-7658 | Softros | Improper Input Validation vulnerability in Softros Network Time System 2.3.4 NTSServerSvc.exe in the server in Softros Network Time System 2.3.4 allows remote attackers to cause a denial of service (daemon crash) by sending exactly 11 bytes. | 5.0 |
2018-03-26 | CVE-2018-5466 | Philips | Improper Certificate Validation vulnerability in Philips Intellispace Portal 8.0/9.0 Philips IntelliSpace Portal all versions of 8.0.x, and 7.0.x have a self-signed SSL certificate vulnerability this could allow an attacker to gain unauthorized access to resources and information. | 5.0 |
2018-03-26 | CVE-2018-5464 | Philips | Improper Certificate Validation vulnerability in Philips Intellispace Portal 8.0/9.0 Philips IntelliSpace Portal all versions of 8.0.x, and 7.0.x have an untrusted SSL certificate vulnerability this could allow an attacker to gain unauthorized access to resources and information. | 5.0 |
2018-03-26 | CVE-2018-5462 | Philips | Improper Certificate Validation vulnerability in Philips Intellispace Portal 8.0/9.0 Philips IntelliSpace Portal all versions of 8.0.x, and 7.0.x have an SSL incorrect hostname certificate vulnerability this could allow an attacker to gain unauthorized access to resources and information. | 5.0 |
2018-03-26 | CVE-2018-5458 | Philips | Use of a Broken or Risky Cryptographic Algorithm vulnerability in Philips Intellispace Portal 8.0/9.0 Philips IntelliSpace Portal all versions of 8.0.x, and 7.0.x have a vulnerability using SSL legacy encryption that could allow an attacker to gain unauthorized access to resources and information. | 5.0 |
2018-03-30 | CVE-2018-9151 | Kingsoft | NULL Pointer Dereference vulnerability in Kingsoft Internet Security 9 Plus 2010.06.23.247 A NULL pointer dereference bug in the function ObReferenceObjectByHandle in the Kingsoft Internet Security 9+ kernel driver KWatch3.sys allows local non-privileged users to crash the system via IOCTL 0x80030030. | 4.9 |
2018-03-28 | CVE-2017-0936 | Nextcloud | Authorization Bypass Through User-Controlled Key vulnerability in Nextcloud Server Nextcloud Server before 11.0.7 and 12.0.5 suffers from an Authorization Bypass Through User-Controlled Key vulnerability. | 4.9 |
2018-03-27 | CVE-2018-1091 | Linux | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Linux Kernel In the flush_tmregs_to_thread function in arch/powerpc/kernel/ptrace.c in the Linux kernel before 4.13.5, a guest kernel crash can be triggered from unprivileged userspace during a core dump on a POWER host due to a missing processor feature check and an erroneous use of transactional memory (TM) instructions in the core dump path, leading to a denial of service. | 4.9 |
2018-03-27 | CVE-2018-9056 | Intel ARM | Information Exposure vulnerability in Intel products Systems with microprocessors utilizing speculative execution may allow unauthorized disclosure of information to an attacker with local user access via a side-channel attack on the directional branch predictor, as demonstrated by a pattern history table (PHT), aka BranchScope. | 4.7 |
2018-03-31 | CVE-2017-18255 | Linux | Integer Overflow or Wraparound vulnerability in Linux Kernel The perf_cpu_time_max_percent_handler function in kernel/events/core.c in the Linux kernel before 4.11 allows local users to cause a denial of service (integer overflow) or possibly have unspecified other impact via a large value, as demonstrated by an incorrect sample-rate calculation. | 4.6 |
2018-03-30 | CVE-2018-7566 | Linux Suse Canonical Debian Redhat Oracle | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products The Linux kernel 4.15 has a Buffer Overflow via an SNDRV_SEQ_IOCTL_SET_CLIENT_POOL ioctl write operation to /dev/snd/seq by a local user. | 4.6 |
2018-03-30 | CVE-2017-9723 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android The touchscreen driver synaptics_dsx in Android for MSM, Firefox OS for MSM, and QRD Android before 2017-06-05, the size of a stack-allocated buffer can be set to a value which exceeds the size of the stack. | 4.6 | |
2018-03-30 | CVE-2017-9694 | Qcacld 2 0 Project | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Qcacld 2.0 Project Qcacld 2.0 While parsing Netlink attributes in QCA_WLAN_VENDOR_ATTR_EXTSCAN_BSSID_HOTLIST_PARAMS_LOST_AP_SAMPLE_SIZE in qcacld 2.0 before 2017-05-16, a buffer overread could occur. | 4.6 |
2018-03-30 | CVE-2017-9692 | NULL Pointer Dereference vulnerability in Google Android When an atomic commit is issued on a writeback panel with a NULL output_layer parameter in Android for MSM, Firefox OS for MSM, and QRD Android before 2017-06-03, a NULL pointer dereference may potentially occur. | 4.6 | |
2018-03-30 | CVE-2017-17771 | Classic Buffer Overflow vulnerability in Google Android In msm_isp_prepare_v4l2_buf in Android for MSM, Firefox OS for MSM, and QRD Android before 2017-02-12, an array out of bounds can occur. | 4.6 | |
2018-03-30 | CVE-2017-15852 | Information Exposure vulnerability in Google Android Information leak of the ISPIF base address in Android for MSM, Firefox OS for MSM, and QRD Android can occur in the camera driver. | 4.6 | |
2018-03-30 | CVE-2017-15846 | NULL Pointer Dereference vulnerability in Google Android In the video_ioctl2() function in the camera driver in Android for MSM, Firefox OS for MSM, and QRD Android before 2017-09-16, an untrusted pointer dereference may potentially occur. | 4.6 | |
2018-03-30 | CVE-2017-15823 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android In spectral_create_samp_msg() in Android for MSM, Firefox OS for MSM, and QRD Android before 2017-10-11, some values from firmware are not properly validated potentially leading to a buffer overflow. | 4.6 | |
2018-03-30 | CVE-2017-14892 | Improper Input Validation vulnerability in Google Android In the function msm_pcm_hw_params() in Android for MSM, Firefox OS for MSM, and QRD Android before 2017-09-19, the return value of q6asm_open_shared_io() is not checked properly potentially leading to a possible dangling pointer access. | 4.6 | |
2018-03-29 | CVE-2017-5947 | Oneplus | Unspecified vulnerability in Oneplus Oxygenos An issue was discovered in OnePlus One, X, 2, 3, 3T, and 5 devices with OxygenOS 5.0 and earlier. | 4.6 |
2018-03-26 | CVE-2017-6278 | Nvidia | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Nvidia products NVIDIA Tegra kernel contains a vulnerability in the CORE DVFS Thermal driver where there is the potential to read or write a buffer using an index or pointer that references a memory location after the end of the buffer, which may lead to a denial of service or possible escalation of privileges. | 4.6 |
2018-03-30 | CVE-2017-15826 | Race Condition vulnerability in Google Android Due to a race condition in MDSS rotator in Android for MSM, Firefox OS for MSM, and QRD Android before 2017-10-20, a double free vulnerability may potentially exist when two threads free the same perf structures. | 4.4 | |
2018-03-28 | CVE-2018-8885 | Canonical | Race Condition vulnerability in Canonical Screen-Resolution-Extra and Ubuntu Linux screenresolution-mechanism in screen-resolution-extra 0.17.2 does not properly use the PolicyKit D-Bus API, which allows local users to bypass intended access restrictions by leveraging a race condition via a setuid or pkexec process that is mishandled in a PolicyKitService._check_permission call. | 4.4 |
2018-03-26 | CVE-2017-18249 | Linux Debian | Race Condition vulnerability in Linux Kernel The add_free_nid function in fs/f2fs/node.c in the Linux kernel before 4.12 does not properly track an allocated nid, which allows local users to cause a denial of service (race condition) or possibly have unspecified other impact via concurrent threads. | 4.4 |
2018-04-01 | CVE-2018-9165 | Libming | NULL Pointer Dereference vulnerability in Libming The pushdup function in util/decompile.c in libming through 0.4.8 does not recognize the need for ActionPushDuplicate to perform a deep copy when a String is at the top of the stack, making the library vulnerable to a util/decompile.c getName NULL pointer dereference, which may allow attackers to cause a denial of service via a crafted SWF file. | 4.3 |
2018-04-01 | CVE-2018-6849 | Duckduckgo | Information Exposure vulnerability in Duckduckgo 4.2.0 In the WebRTC component in DuckDuckGo 4.2.0, after visiting a web site that attempts to gather complete client information (such as https://ip.voidsec.com), the browser can disclose a private IP address in a STUN request. | 4.3 |
2018-03-30 | CVE-2018-7203 | Lynxtechnology | Cross-site Scripting vulnerability in Lynxtechnology Twonky Server Cross-site scripting (XSS) vulnerability in Twonky Server 7.0.11 through 8.5 allows remote attackers to inject arbitrary web script or HTML via the friendlyname parameter to rpc/set_all. | 4.3 |
2018-03-30 | CVE-2018-1233 | RSA | Cross-site Scripting vulnerability in RSA Authentication Agent FOR web RSA Authentication Agent version 8.0.1 and earlier for Web for both IIS and Apache Web Server are affected by a cross-site scripting vulnerability. | 4.3 |
2018-03-30 | CVE-2018-3818 | Elastic | Cross-site Scripting vulnerability in Elastic Kibana Kibana versions 5.1.1 to 6.1.2 and 5.6.6 had a cross-site scripting (XSS) vulnerability via the colored fields formatter that could allow an attacker to obtain sensitive information from or perform destructive actions on behalf of other Kibana users. | 4.3 |
2018-03-30 | CVE-2018-9147 | Gespage | Cross-site Scripting vulnerability in Gespage 7.5.7 Cross-site scripting (XSS) vulnerabilities in version 7.5.7 of Gespage software allow remote attackers to inject arbitrary web script or HTML via the email, passwd, and repasswd parameters to webapp/users/user_reg.jsp. | 4.3 |
2018-03-30 | CVE-2018-5799 | Zohocorp | Cross-site Scripting vulnerability in Zohocorp Manageengine Servicedesk Plus In Zoho ManageEngine ServiceDesk Plus before 9403, an XSS issue allows an attacker to run arbitrary JavaScript via a /api/request/?OPERATION_NAME= URI, aka SD-69139. | 4.3 |
2018-03-30 | CVE-2018-9145 | Exiv2 | Improper Input Validation vulnerability in Exiv2 0.26 In the DataBuf class in include/exiv2/types.hpp in Exiv2 0.26, an issue exists in the constructor with an initial buffer size. | 4.3 |
2018-03-30 | CVE-2018-9140 | Samsung | Cross-site Scripting vulnerability in Samsung Mobile 6.0 On Samsung mobile devices with M(6.0) software, the Email application allows XSS via an event attribute and arbitrary file loading via a src attribute, aka SVE-2017-10747. | 4.3 |
2018-03-30 | CVE-2018-9138 | GNU | Uncontrolled Recursion vulnerability in GNU Binutils 2.29/2.30 An issue was discovered in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.29 and 2.30. | 4.3 |
2018-03-30 | CVE-2018-9133 | Imagemagick Canonical | Excessive Iteration vulnerability in multiple products ImageMagick 7.0.7-26 Q16 has excessive iteration in the DecodeLabImage and EncodeLabImage functions (coders/tiff.c), which results in a hang (tens of minutes) with a tiny PoC file. | 4.3 |
2018-03-30 | CVE-2018-9130 | Ibos | Cross-site Scripting vulnerability in Ibos 4.4.3 IBOS 4.4.3 has XSS via a company full name. | 4.3 |
2018-03-29 | CVE-2014-6604 | Subscribe2 Project | Cross-site Scripting vulnerability in Subscribe2 Project Subscribe2 Cross-site scripting (XSS) vulnerability in class-s2-list-table.php in the Subscribe2 plugin before 10.16 for WordPress allows remote attackers to inject arbitrary web script or HTML via the ip parameter. | 4.3 |
2018-03-28 | CVE-2018-0190 | Cisco | Cross-site Scripting vulnerability in Cisco IOS XE Multiple vulnerabilities in the web-based user interface (web UI) of Cisco IOS XE Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web UI of the affected software. | 4.3 |
2018-03-28 | CVE-2018-0188 | Cisco | Cross-site Scripting vulnerability in Cisco IOS XE Multiple vulnerabilities in the web-based user interface (web UI) of Cisco IOS XE Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web UI of the affected software. | 4.3 |
2018-03-28 | CVE-2018-0186 | Cisco | Cross-site Scripting vulnerability in Cisco IOS XE Multiple vulnerabilities in the web-based user interface (web UI) of Cisco IOS XE Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web UI of the affected software. | 4.3 |
2018-03-28 | CVE-2018-6608 | Opera | Information Exposure vulnerability in Opera Browser 51.0.2830.55 In the WebRTC component in Opera 51.0.2830.55, after visiting a web site that attempts to gather complete client information (such as https://ip.voidsec.com), the browser can disclose a private IP address in a STUN request. | 4.3 |
2018-03-27 | CVE-2018-9058 | Long Range ZIP Project | Infinite Loop vulnerability in Long Range ZIP Project Long Range ZIP 0.631 In Long Range Zip (aka lrzip) 0.631, there is an infinite loop in the runzip_fd function of runzip.c. | 4.3 |
2018-03-27 | CVE-2017-7632 | Qnap | Cross-site Scripting vulnerability in Qnap QTS 4.2.6/4.3.3 Cross-site scripting (XSS) vulnerability in File Station of QNAP QTS 4.2.6 build 20171026, QTS 4.3.3 build 20170727 and earlier allows remote attackers to inject arbitrary web script or HTML. | 4.3 |
2018-03-27 | CVE-2017-7631 | Qnap | Cross-site Scripting vulnerability in Qnap QTS 4.2.6/4.3.3 Cross-site scripting (XSS) vulnerability in the share link function of File Station of QNAP 4.2.6 build 20171026, QTS 4.3.3 build 20170727 and earlier allows remote attackers to inject arbitrary web script or HTML. | 4.3 |
2018-03-27 | CVE-2018-8048 | Debian Loofah Project | Cross-site Scripting vulnerability in multiple products In the Loofah gem through 2.2.0 for Ruby, non-whitelisted HTML attributes may occur in sanitized output by republishing a crafted HTML fragment. | 4.3 |
2018-03-27 | CVE-2018-7196 | Osticket | Cross-site Scripting vulnerability in Osticket Cross-site scripting (XSS) vulnerability in /scp/index.php in Enhancesoft osTicket before 1.10.2 allows remote attackers to inject arbitrary web script or HTML via the "sort" parameter. | 4.3 |
2018-03-27 | CVE-2018-7195 | Osticket | Unspecified vulnerability in Osticket Enhancesoft osTicket before 1.10.2 allows remote attackers to reset arbitrary passwords (when an associated e-mail address is known) by leveraging guest access and guessing a 6-digit number. | 4.3 |
2018-03-27 | CVE-2018-7193 | Osticket | Cross-site Scripting vulnerability in Osticket Cross-site scripting (XSS) vulnerability in /scp/directory.php in Enhancesoft osTicket before 1.10.2 allows remote attackers to inject arbitrary web script or HTML via the "order" parameter. | 4.3 |
2018-03-27 | CVE-2018-7192 | Osticket | Cross-site Scripting vulnerability in Osticket Cross-site scripting (XSS) vulnerability in /ajax.php/form/help-topic in Enhancesoft osTicket before 1.10.2 allows remote attackers to inject arbitrary web script or HTML via the "message" parameter. | 4.3 |
2018-03-27 | CVE-2015-4954 | IBM | Improper Certificate Validation vulnerability in IBM Bigfix Remote Control 9.1.2 IBM BigFix Remote Control before Interim Fix pack 9.1.2-TIV-IBRC912-IF0001 improperly allows self-signed certificates, which might allow remote attackers to conduct spoofing attacks via unspecified vectors. | 4.3 |
2018-03-27 | CVE-2018-8763 | Debian Ldap Account Manager | Cross-site Scripting vulnerability in multiple products Roland Gruber Softwareentwicklung LDAP Account Manager before 6.3 has XSS via the dn parameter to the templates/3rdParty/pla/htdocs/cmd.php URI or the template parameter to the templates/3rdParty/pla/htdocs/cmd.php?cmd=rename_form URI. | 4.3 |
2018-03-27 | CVE-2018-6882 | Synacor | Cross-site Scripting vulnerability in Synacor Zimbra Collaboration Suite Cross-site scripting (XSS) vulnerability in the ZmMailMsgView.getAttachmentLinkHtml function in Zimbra Collaboration Suite (ZCS) before 8.7 Patch 1 and 8.8.x before 8.8.7 might allow remote attackers to inject arbitrary web script or HTML via a Content-Location header in an email attachment. | 4.3 |
2018-03-27 | CVE-2018-0202 | Clamav Canonical Debian | Out-of-bounds Read vulnerability in multiple products clamscan in ClamAV before 0.99.4 contains a vulnerability that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. | 4.3 |
2018-03-27 | CVE-2018-9055 | Jasper Project | Reachable Assertion vulnerability in Jasper Project Jasper 2.0.14 JasPer 2.0.14 allows denial of service via a reachable assertion in the function jpc_firstone in libjasper/jpc/jpc_math.c. | 4.3 |
2018-03-27 | CVE-2017-18254 | Imagemagick Canonical | Missing Release of Resource after Effective Lifetime vulnerability in multiple products An issue was discovered in ImageMagick 7.0.7. | 4.3 |
2018-03-27 | CVE-2017-18253 | Imagemagick | NULL Pointer Dereference vulnerability in Imagemagick 7.0.7 An issue was discovered in ImageMagick 7.0.7. | 4.3 |
2018-03-27 | CVE-2017-18252 | Imagemagick Canonical | Reachable Assertion vulnerability in multiple products An issue was discovered in ImageMagick 7.0.7. | 4.3 |
2018-03-27 | CVE-2017-18251 | Imagemagick Canonical | Missing Release of Resource after Effective Lifetime vulnerability in multiple products An issue was discovered in ImageMagick 7.0.7. | 4.3 |
2018-03-27 | CVE-2017-18250 | Imagemagick | NULL Pointer Dereference vulnerability in Imagemagick 7.0.70 An issue was discovered in ImageMagick 7.0.7. | 4.3 |
2018-03-26 | CVE-2018-7543 | Snapcreek | Cross-site Scripting vulnerability in Snapcreek Duplicator 1.2.32 Cross-site scripting (XSS) vulnerability in installer/build/view.step4.php of the SnapCreek Duplicator plugin 1.2.32 for WordPress allows remote attackers to inject arbitrary JavaScript or HTML via the json parameter. | 4.3 |
2018-03-30 | CVE-2018-3817 | Elastic | Information Exposure vulnerability in Elastic Logstash When logging warnings regarding deprecated settings, Logstash before 5.6.6 and 6.x before 6.1.2 could inadvertently log sensitive information. | 4.0 |
2018-03-30 | CVE-2017-1766 | IBM | Incorrect Authorization vulnerability in IBM Business Process Manager Due to incorrect authorization in IBM Business Process Manager 8.6 an attacker can claim and work on ad hoc tasks he is not assigned to. | 4.0 |
2018-03-30 | CVE-2017-1765 | IBM | Information Exposure vulnerability in IBM products IBM Business Process Manager 8.6 could allow an authenticated user with special privileges to reveal sensitive information about the application server. | 4.0 |
2018-03-30 | CVE-2017-1747 | IBM | Improper Input Validation vulnerability in IBM Websphere MQ A specially crafted message could cause a denial of service in IBM WebSphere MQ 9.0, 9.0.0.1, 9.0.0.2, 9.0.1, 9.0.2, 9.0.3, and 9.0.4 applications consuming messages that it needs to perform data conversion on. | 4.0 |
2018-03-30 | CVE-2017-1705 | IBM | Information Exposure vulnerability in IBM Security Privileged Identity Manager 2.1.0 IBM Security Privileged Identity Manager 2.1.0 contains left-over, sensitive information in page comments. | 4.0 |
2018-03-30 | CVE-2017-9681 | Information Exposure vulnerability in Google Android In Android before 2017-08-05 on Qualcomm MSM, Firefox OS for MSM, QRD Android, and all Android releases from CAF using the Linux kernel, if kernel memory address is passed from userspace through iris_vidioc_s_ext_ctrls ioctl, it will print kernel address data. | 4.0 | |
2018-03-29 | CVE-2016-6658 | Cloudfoundry Pivotal Software | Information Exposure vulnerability in multiple products Applications in cf-release before 245 can be configured and pushed with a user-provided custom buildpack using a URL pointing to the buildpack. | 4.0 |
2018-03-29 | CVE-2014-5028 | Reviewboard | Information Exposure vulnerability in Reviewboard Review Board The Original File and Patched File resources in Review Board 1.7.x before 1.7.27 and 2.0.x before 2.0.4 allow remote authenticated users to bypass intended access restrictions and obtain sensitive information from repository files by leveraging knowledge of database ids. | 4.0 |
2018-03-28 | CVE-2018-0196 | Cisco | Unspecified vulnerability in Cisco IOS XE 16.1.2/16.2.0/16.3(1) A vulnerability in the web-based user interface (web UI) of Cisco IOS XE Software could allow an authenticated, remote attacker to write arbitrary files to the operating system of an affected device. | 4.0 |
2018-03-27 | CVE-2014-5132 | Avolvesoftware | Information Exposure vulnerability in Avolvesoftware Projectdox 8.1 Avolve Software ProjectDox 8.1 allows remote attackers to enumerate users via vectors related to email addresses. | 4.0 |
2018-03-27 | CVE-2014-5131 | Avolvesoftware | Information Exposure vulnerability in Avolvesoftware Projectdox 8.1 Avolve Software ProjectDox 8.1 makes it easier for remote authenticated users to obtain sensitive information by leveraging ciphertext reuse. | 4.0 |
2018-03-27 | CVE-2014-5130 | Avolvesoftware | Information Exposure vulnerability in Avolvesoftware Projectdox 8.1 Avolve Software ProjectDox 8.1 allows remote authenticated users to obtain sensitive information from other users via vectors involving a direct access token. | 4.0 |
2018-03-27 | CVE-2018-7194 | Osticket | Integer Overflow or Wraparound vulnerability in Osticket Integer format vulnerability in the ticket number generator in Enhancesoft osTicket before 1.10.2 allows remote attackers to cause a denial-of-service (preventing the creation of new tickets) via a large number of digits in the ticket number format setting. | 4.0 |
2018-03-27 | CVE-2015-5016 | IBM | Information Exposure vulnerability in IBM products IBM Maximo Asset Management 7.1, 7.5, and 7.6; Maximo Asset Management Essentials 7.1 and 7.5; Control Desk 7.5 and 7.6; Tivoli Asset Management for IT 7.1 and 7.2; and certain other IBM products allow remote authenticated users to bypass intended access restrictions and read arbitrary ticket worklog entries via unspecified vectors. | 4.0 |
2018-03-27 | CVE-2018-9039 | Octopus | Missing Authorization vulnerability in Octopus Deploy In Octopus Deploy 2.0 and later before 2018.3.7, an authenticated user, with variable edit permissions, can scope some variables to targets greater than their permissions should allow. | 4.0 |
2018-03-26 | CVE-2015-7424 | IBM | Information Exposure vulnerability in IBM Infosphere Master Data Management IBM InfoSphere Master Data Management (MDM) - Collaborative Edition 9.1, 10.1, 11.0, 11.3, 11.4, and 11.5 allow remote authenticated users to bypass intended access restrictions and obtain sensitive information by leveraging Catalogs access. | 4.0 |
2018-03-26 | CVE-2015-7401 | IBM | Information Exposure vulnerability in IBM Curam Social Program Management IBM Curam Social Program Management 6.1.x before 6.1.1.1 allows remote authenticated users to bypass intended access restrictions and obtain sensitive document information by guessing the document id. | 4.0 |
28 Low Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2018-04-01 | CVE-2018-9172 | Iptanus | Cross-site Scripting vulnerability in Iptanus Wordpress File Upload The Iptanus WordPress File Upload plugin before 4.3.3 for WordPress mishandles shortcode attributes. | 3.5 |
2018-03-30 | CVE-2018-1390 | IBM | Cross-site Scripting vulnerability in IBM Financial Transaction Manager IBM Financial Transaction Manager for Check Services for Multi-Platform 3.0, 3.0.2, and 3.0.2.1 is vulnerable to cross-site scripting. | 3.5 |
2018-03-30 | CVE-2018-1384 | IBM | Cross-site Scripting vulnerability in IBM products IBM Business Process Manager 8.6 is vulnerable to cross-site scripting. | 3.5 |
2018-03-30 | CVE-2017-1767 | IBM | Cross-site Scripting vulnerability in IBM Business Process Manager IBM Business Process Manager 8.6 is vulnerable to cross-site scripting. | 3.5 |
2018-03-29 | CVE-2018-1191 | Cloudfoundry | Information Exposure vulnerability in Cloudfoundry Cf-Deployment and Garden-Runc-Release Cloud Foundry Garden-runC, versions prior to 1.11.0, contains an information exposure vulnerability. | 3.5 |
2018-03-29 | CVE-2018-9123 | Crea8Social | Cross-site Scripting vulnerability in Crea8Social 2018.2 In Crea8social 2018.2, there is Stored Cross-Site Scripting via a User Profile. | 3.5 |
2018-03-29 | CVE-2018-9122 | Crea8Social | Cross-site Scripting vulnerability in Crea8Social 2018.2 In Crea8social 2018.2, there is Reflected Cross-Site Scripting via the term parameter to the /search URI. | 3.5 |
2018-03-29 | CVE-2018-9121 | Crea8Social | Cross-site Scripting vulnerability in Crea8Social 2018.2 In Crea8social 2018.2, there is Stored Cross-Site Scripting via a post comment. | 3.5 |
2018-03-29 | CVE-2018-9120 | Crea8Social | Cross-site Scripting vulnerability in Crea8Social 2018.2 In Crea8social 2018.2, there is Stored Cross-Site Scripting via a post. | 3.5 |
2018-03-28 | CVE-2018-1142 | Tenable | Cross-site Scripting vulnerability in Tenable Appliance Tenable Appliance versions 4.6.1 and earlier have been found to contain a single XSS vulnerability. | 3.5 |
2018-03-26 | CVE-2018-1202 | Dell | Cross-site Scripting vulnerability in Dell EMC Isilon 7.1.1.11 Dell EMC Isilon versions between 8.1.0.0 - 8.1.0.1, 8.0.1.0 - 8.0.1.2, and 8.0.0.0 - 8.0.0.6, and version 7.1.1.11 is affected by a cross-site scripting vulnerability in the NDMP Page within the OneFS web administration interface. | 3.5 |
2018-03-26 | CVE-2018-1201 | Dell | Cross-site Scripting vulnerability in Dell EMC Isilon 7.1.1.11 Dell EMC Isilon versions between 8.1.0.0 - 8.1.0.1, 8.0.1.0 - 8.0.1.2, and 8.0.0.0 - 8.0.0.6, versions 7.2.1.x, and version 7.1.1.11 is affected by a cross-site scripting vulnerability in the Job Operations Page within the OneFS web administration interface. | 3.5 |
2018-03-26 | CVE-2018-1189 | Dell | Cross-site Scripting vulnerability in Dell EMC Isilon Dell EMC Isilon versions between 8.1.0.0 - 8.1.0.1, 8.0.1.0 - 8.0.1.2, and 8.0.0.0 - 8.0.0.6, versions 7.2.1.x, and version 7.1.1.11 is affected by a cross-site scripting vulnerability in the Antivirus Page within the OneFS web administration interface. | 3.5 |
2018-03-26 | CVE-2018-1188 | Dell | Cross-site Scripting vulnerability in Dell EMC Isilon Dell EMC Isilon versions between 8.1.0.0 - 8.1.0.1, 8.0.1.0 - 8.0.1.2, and 8.0.0.0 - 8.0.0.6, and versions 7.2.1.x is affected by a cross-site scripting vulnerability in the Authorization Providers page within the OneFS web administration interface. | 3.5 |
2018-03-26 | CVE-2018-1187 | Dell | Cross-site Scripting vulnerability in Dell EMC Isilon Dell EMC Isilon versions between 8.1.0.0 - 8.1.0.1, 8.0.1.0 - 8.0.1.2, and 8.0.0.0 - 8.0.0.6 is affected by a cross-site scripting vulnerability in the Network Configuration page within the OneFS web administration interface. | 3.5 |
2018-03-26 | CVE-2018-1186 | Dell | Cross-site Scripting vulnerability in Dell EMC Isilon Dell EMC Isilon versions between 8.1.0.0 - 8.1.0.1, 8.0.1.0 - 8.0.1.2, and 8.0.0.0 - 8.0.0.6, versions 7.2.1.x, and version 7.1.1.11 is affected by a cross-site scripting vulnerability in the Cluster description of the OneFS web administration interface. | 3.5 |
2018-03-26 | CVE-2015-7423 | IBM | Cross-site Scripting vulnerability in IBM Infosphere Master Data Management Multiple cross-site scripting (XSS) vulnerabilities in IBM InfoSphere Master Data Management (MDM) - Collaborative Edition 9.1, 10.1, 11.0, 11.3, and 11.4 allow remote authenticated users to inject arbitrary web script or HTML via unspecified vectors. | 3.5 |
2018-03-26 | CVE-2017-18248 | Apple | Improper Input Validation vulnerability in Apple Cups The add_job function in scheduler/ipp.c in CUPS before 2.2.6, when D-Bus support is enabled, can be crashed by remote attackers by sending print jobs with an invalid username, related to a D-Bus notification. | 3.5 |
2018-03-28 | CVE-2018-0163 | Cisco | Improper Authentication vulnerability in Cisco IOS A vulnerability in the 802.1x multiple-authentication (multi-auth) feature of Cisco IOS Software could allow an unauthenticated, adjacent attacker to bypass the authentication phase on an 802.1x multi-auth port. | 3.3 |
2018-03-30 | CVE-2018-1234 | RSA | Information Exposure vulnerability in RSA Authentication Agent FOR web RSA Authentication Agent version 8.0.1 and earlier for Web for IIS is affected by a problem where access control list (ACL) permissions on a Windows Named Pipe were not sufficient to prevent access by unauthorized users. | 2.1 |
2018-03-30 | CVE-2017-9693 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android The length of attribute value for STA_EXT_CAPABILITY in __wlan_hdd_change_station in Android for MSM, Firefox OS for MSM, and QRD Android before 2017-06-06 being less than the actual lenth of StaParams.extn_capability results in a read for extra bytes when a memcpy is done from params->ext_capab to StaParams.extn_capability using the sizeof(StaParams.extn_capability). | 2.1 | |
2018-03-30 | CVE-2017-17769 | Information Exposure vulnerability in Google Android Information leakage in Android for MSM, Firefox OS for MSM, and QRD Android can occur in the audio driver. | 2.1 | |
2018-03-30 | CVE-2017-1756 | IBM | Information Exposure vulnerability in IBM products IBM Business Process Manager 8.6 allows web pages to be stored locally which can be read by another user on the system. | 2.1 |
2018-03-26 | CVE-2015-7434 | IBM | Information Exposure vulnerability in IBM Capacity Management Analytics 2.1.0.0 IBM Capacity Management Analytics 2.1.0.0 allows local users to discover encrypted usernames and passwords by leveraging access to the CMA install machine. | 2.1 |
2018-03-26 | CVE-2015-7433 | IBM | Information Exposure vulnerability in IBM Capacity Management Analytics 2.1.0.0 IBM Capacity Management Analytics 2.1.0.0 allows local users to discover cleartext usernames and passwords by leveraging access to the CMA install machine. | 2.1 |
2018-03-26 | CVE-2015-7432 | IBM | Information Exposure vulnerability in IBM Capacity Management Analytics 2.1.0.0 IBM Capacity Management Analytics 2.1.0.0 allows local users to decrypt usernames and passwords by leveraging access to setenv.sh and parameter.txt. | 2.1 |
2018-03-26 | CVE-2015-5045 | IBM | Information Exposure vulnerability in IBM Rational License KEY Server The Administration and Reporting tool in IBM Rational License Key Server (RLKS) before 8.1.4.9 iFix 04 allows local users to obtain sensitive information via unspecified vectors. | 2.1 |
2018-03-30 | CVE-2017-9691 | Race Condition vulnerability in Google Android There is a race condition in Android for MSM, Firefox OS for MSM, and QRD Android that allows to access to already free'd memory in the debug message output functionality contained within the mobicore driver. | 1.9 |