Weekly Vulnerabilities Reports > March 26 to April 1, 2018

Overview

294 new vulnerabilities reported during this period, including 18 critical vulnerabilities and 69 high severity vulnerabilities. This weekly summary report vulnerabilities in 737 products from 114 vendors including Cisco, Google, IBM, Debian, and Canonical. Vulnerabilities are notably categorized as "Cross-site Scripting", "Improper Input Validation", "Information Exposure", "Improper Restriction of Operations within the Bounds of a Memory Buffer", and "Improper Authentication".

  • 227 reported vulnerabilities are remotely exploitables.
  • 31 reported vulnerabilities have public exploit available.
  • 93 reported vulnerabilities are related to weaknesses in OWASP Top Ten.
  • 241 reported vulnerabilities are exploitable by an anonymous user.
  • Cisco has the most reported vulnerabilities, with 40 reported vulnerabilities.
  • Cisco has the most reported critical vulnerabilities, with 4 reported vulnerabilities.

TOTAL
VULNERABILITIES
CRITICAL RISK
VULNERABILITIES
HIGH RISK
VULNERABILITIES
MEDIUM RISK
VULNERABILITIES
LOW RISK
VULNERABILITIES
REMOTELY
EXPLOITABLE
LOCALLY
EXPLOITABLE
EXPLOIT
AVAILABLE
EXPLOITABLE
ANONYMOUSLY
AFFECTING
WEB APPLICATION

Vulnerability Details

The following table list reported vulnerabilities for the period covered by this report:

Expand/Hide

18 Critical Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2018-03-30 CVE-2017-14915 Qualcomm Use After Free vulnerability in Qualcomm products

In Android before 2018-01-05 on Qualcomm Snapdragon Mobile SD 625, SD 650/52, SD 835, accessing SPCOM functions with a compromised client structure can result in a Use After Free condition.

10.0
2018-03-30 CVE-2017-14913 Qualcomm Improper Input Validation vulnerability in Qualcomm products

In Android before 2018-01-05 on Qualcomm Snapdragon IoT, Snapdragon Mobile MDM9206, SD 625, SD 650/52, SD 835, SD 845, DDR address input validation is being improperly truncated.

10.0
2018-03-30 CVE-2017-14912 Qualcomm Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Qualcomm products

In Android before 2018-01-05 on Qualcomm Snapdragon IoT, Snapdragon Mobile [VERSION]: MDM9206, MDM9607, MDM9650, MSM8909W, SD 200, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 835, the attributes of buffers in Secure Display were not marked properly.

10.0
2018-03-30 CVE-2017-14911 Qualcomm Improper Authentication vulnerability in Qualcomm products

In Android before 2018-01-05 on Qualcomm Snapdragon IoT, Snapdragon Mobile, Snapdragon Automobile APQ8096AU, MDM9206, MDM9650, MSM8996AU, SD 210/SD 212/SD 205, SD 425, SD 430, SD 625, SD 650/52, SD 820, SD 835, it is possible for the XBL loader to skip the authentication of device config.

10.0
2018-03-30 CVE-2017-14906 Google Unspecified vulnerability in Google Android

In Android before 2018-01-05 on Qualcomm Snapdragon IoT, Snapdragon Mobile MDM9206, MDM9607, MSM8909W, SD 210/SD 212/SD 205, SD 410/12, PKCS7 padding is not supported by the crypto storage APIs.

10.0
2018-03-30 CVE-2017-11010 Google Unspecified vulnerability in Google Android

In Android before 2018-01-05 on Qualcomm Snapdragon IoT, Snapdragon Mobile MDM9206, MDM9650, SD 210/SD 212/SD 205, SD 625, SD 650/52, SD 835, access control left a configuration space unprotected.

10.0
2018-03-30 CVE-2018-9143 Samsung Out-of-bounds Write vulnerability in Samsung Mobile

On Samsung mobile devices with M(6.0) and N(7.x) software, a heap overflow in the sensorhub binder service leads to code execution in a privileged process, aka SVE-2017-10991.

10.0
2018-03-30 CVE-2018-9139 Samsung Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Samsung Mobile

On Samsung mobile devices with N(7.x) software, a buffer overflow in the vision service allows code execution in a privileged process via a large frame size, aka SVE-2017-11165.

10.0
2018-03-29 CVE-2018-4841 Siemens Improper Authentication vulnerability in Siemens TIM 1531 IRC Firmware

A vulnerability has been identified in TIM 1531 IRC (All versions < V1.1).

10.0
2018-03-28 CVE-2018-0171 Cisco Out-of-bounds Write vulnerability in Cisco IOS 15.2(5)E

A vulnerability in the Smart Install feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to trigger a reload of an affected device, resulting in a denial of service (DoS) condition, or to execute arbitrary code on an affected device.

10.0
2018-03-28 CVE-2018-0151 Cisco Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Cisco IOS XE 16.5.1

A vulnerability in the quality of service (QoS) subsystem of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition or execute arbitrary code with elevated privileges.

10.0
2018-03-28 CVE-2018-0150 Cisco Use of Hard-coded Credentials vulnerability in Cisco IOS XE 16.5.1

A vulnerability in Cisco IOS XE Software could allow an unauthenticated, remote attacker to log in to a device running an affected release of Cisco IOS XE Software with the default username and password that are used at initial boot, aka a Static Credential Vulnerability.

10.0
2018-03-26 CVE-2017-12815 Bomgar Path Traversal vulnerability in Bomgar Remote Support

Analysis of the Bomgar Remote Support Portal JavaStart.jar Applet 52790 and earlier revealed that it is vulnerable to a path traversal vulnerability.

10.0
2018-03-30 CVE-2018-9141 Samsung Improper Input Validation vulnerability in Samsung Mobile

On Samsung mobile devices with L(5.x), M(6.0), and N(7.x) software, Gallery allows remote attackers to execute arbitrary code via a BMP file with a crafted resolution, aka SVE-2017-11105.

9.3
2018-03-29 CVE-2018-5224 Atlassian
Microsoft
Improper Input Validation vulnerability in Atlassian Bamboo

Bamboo did not correctly check if a configured Mercurial repository URI contained values that the Windows operating system may consider argument parameters.

9.0
2018-03-28 CVE-2018-0152 Cisco Insufficient Session Expiration vulnerability in Cisco IOS XE 16.1.1

A vulnerability in the web-based user interface (web UI) of Cisco IOS XE Software could allow an authenticated, remote attacker to gain elevated privileges on an affected device.

9.0
2018-03-28 CVE-2017-11509 Firebirdsql
Debian
SQL Injection vulnerability in multiple products

An authenticated remote attacker can execute arbitrary code in Firebird SQL Server versions 2.5.7 and 3.0.2 by executing a malformed SQL statement.

9.0
2018-03-27 CVE-2018-9105 Nordvpn Improper Authentication vulnerability in Nordvpn 3.3.10

NordVPN 3.3.10 for macOS suffers from a root privilege escalation vulnerability.

9.0

69 High Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2018-03-27 CVE-2018-1238 Dell OS Command Injection vulnerability in Dell EMC Scaleio

Dell EMC ScaleIO versions prior to 2.5, contain a command injection vulnerability in the Light Installation Agent (LIA).

8.5
2018-03-28 CVE-2018-0167 Cisco
Rockwellautomation
Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Cisco Ios, IOS XE and IOS XR

Multiple Buffer Overflow vulnerabilities in the Link Layer Discovery Protocol (LLDP) subsystem of Cisco IOS Software, Cisco IOS XE Software, and Cisco IOS XR Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition or execute arbitrary code with elevated privileges on an affected device.

8.3
2018-03-28 CVE-2018-0175 Cisco
Rockwellautomation
Use of Externally-Controlled Format String vulnerability in Cisco Ios, IOS XE and IOS XR

Format String vulnerability in the Link Layer Discovery Protocol (LLDP) subsystem of Cisco IOS Software, Cisco IOS XE Software, and Cisco IOS XR Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition or execute arbitrary code with elevated privileges on an affected device.

7.9
2018-03-28 CVE-2018-0177 Cisco Unspecified vulnerability in Cisco IOS XE Denali16.3.1/Denali16.3.3

A vulnerability in the IP Version 4 (IPv4) processing code of Cisco IOS XE Software running on Cisco Catalyst 3850 and Cisco Catalyst 3650 Series Switches could allow an unauthenticated, remote attacker to cause high CPU utilization, traceback messages, or a reload of an affected device that leads to a denial of service (DoS) condition.

7.8
2018-03-28 CVE-2018-0174 Cisco
Rockwellautomation
Improper Input Validation vulnerability in Cisco IOS and IOS XE

A vulnerability in the DHCP option 82 encapsulation functionality of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service (DoS) condition.

7.8
2018-03-28 CVE-2018-0173 Cisco
Rockwellautomation
Improper Input Validation vulnerability in Cisco IOS and IOS XE

A vulnerability in the Cisco IOS Software and Cisco IOS XE Software function that restores encapsulated option 82 information in DHCP Version 4 (DHCPv4) packets could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a Relay Reply denial of service (DoS) condition.

7.8
2018-03-28 CVE-2018-0172 Cisco
Rockwellautomation
Out-of-bounds Write vulnerability in Cisco IOS and IOS XE

A vulnerability in the DHCP option 82 encapsulation functionality of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service (DoS) condition.

7.8
2018-03-28 CVE-2018-0170 Cisco Use After Free vulnerability in Cisco IOS XE 16.4.1

A vulnerability in the Cisco Umbrella Integration feature of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition, related to the OpenDNS software.

7.8
2018-03-28 CVE-2018-0164 Cisco Unspecified vulnerability in Cisco IOS XE 15.6(2)Sp

A vulnerability in the Switch Integrated Security Features of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an interface queue wedge.

7.8
2018-03-28 CVE-2018-0159 Cisco Improper Input Validation vulnerability in Cisco IOS and IOS XE

A vulnerability in the implementation of Internet Key Exchange Version 1 (IKEv1) functionality in Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service (DoS) condition.

7.8
2018-03-28 CVE-2018-0158 Cisco
Rockwellautomation
Missing Release of Resource after Effective Lifetime vulnerability in Cisco IOS and IOS XE

A vulnerability in the Internet Key Exchange Version 2 (IKEv2) module of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a memory leak or a reload of an affected device that leads to a denial of service (DoS) condition.

7.8
2018-03-28 CVE-2018-0157 Cisco Unspecified vulnerability in Cisco IOS XE

A vulnerability in the Zone-Based Firewall code of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a device to reload.

7.8
2018-03-28 CVE-2018-0156 Cisco Improper Input Validation vulnerability in Cisco IOS and IOS XE

A vulnerability in the Smart Install feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to trigger a reload of an affected device, resulting in a denial of service (DoS) condition.

7.8
2018-03-28 CVE-2018-0155 Cisco
Rockwellautomation
Improper Handling of Exceptional Conditions vulnerability in Cisco IOS and IOS XE

A vulnerability in the Bidirectional Forwarding Detection (BFD) offload implementation of Cisco Catalyst 4500 Series Switches and Cisco Catalyst 4500-X Series Switches could allow an unauthenticated, remote attacker to cause a crash of the iosd process, causing a denial of service (DoS) condition.

7.8
2018-03-28 CVE-2018-0154 Cisco Unspecified vulnerability in Cisco IOS

A vulnerability in the crypto engine of the Cisco Integrated Services Module for VPN (ISM-VPN) running Cisco IOS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device.

7.8
2018-04-01 CVE-2018-9157 Axis Unrestricted Upload of File with Dangerous Type vulnerability in Axis M1033-W Firmware 5.40.5.1

** DISPUTED ** An issue was discovered on AXIS M1033-W (IP camera) Firmware version 5.40.5.1 devices.

7.6
2018-04-01 CVE-2018-9156 Axis Unrestricted Upload of File with Dangerous Type vulnerability in Axis P1354 Firmware 5.90.1.1

** DISPUTED ** An issue was discovered on AXIS P1354 (IP camera) Firmware version 5.90.1.1 devices.

7.6
2018-03-30 CVE-2018-9142 Samsung Improper Input Validation vulnerability in Samsung Mobile

On Samsung mobile devices with N(7.x) software, attackers can install an arbitrary APK in the Secure Folder SD Card area because of faulty validation of a package signature and package name, aka SVE-2017-10932.

7.6
2018-03-31 CVE-2018-9162 Contec Touch Missing Authentication for Critical Function vulnerability in Contec-Touch Smart Home Firmware 4.15

Contec Smart Home 4.15 devices do not require authentication for new_user.php, edit_user.php, delete_user.php, and user.php, as demonstrated by changing the admin password and then obtaining control over doors.

7.5
2018-03-31 CVE-2018-9161 Prismaindustriale Use of Hard-coded Credentials vulnerability in Prismaindustriale Checkweigher Prismaweb 1.21

Prisma Industriale Checkweigher PrismaWEB 1.21 allows remote attackers to discover the hardcoded prisma password for the prismaweb account by reading user/scripts/login_par.js.

7.5
2018-03-31 CVE-2015-9259 Docker Unrestricted Upload of File with Dangerous Type vulnerability in Docker Notary

In Docker Notary before 0.1, the checkRoot function in gotuf/client/client.go does not check expiry of root.json files, despite a comment stating that it does.

7.5
2018-03-30 CVE-2017-17766 Google Integer Overflow or Wraparound vulnerability in Google Android

In wma_peer_info_event_handler() in Android for MSM, Firefox OS for MSM, and QRD Android before 2017-10-03, the value of num_peers received from firmware is not properly validated so that an integer overflow vulnerability in the size of a buffer allocation may potentially lead to a buffer overflow.

7.5
2018-03-30 CVE-2017-16614 TP Shop Server-Side Request Forgery (SSRF) vulnerability in Tp-Shop Tpshop 2.0.5/2.0.6

SSRF (Server Side Request Forgery) in tpshop 2.0.5 and 2.0.6 allows remote attackers to obtain sensitive information, attack intranet hosts, or possibly trigger remote command execution via the plugins/payment/weixin/lib/WxPay.tedatac.php fBill parameter.

7.5
2018-03-30 CVE-2017-14883 Google Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android

In the function wma_unified_power_debug_stats_event_handler() in Android for MSM, Firefox OS for MSM, and QRD Android before 2017-10-18, if the value param_buf->num_debug_register received from the FW command buffer is close to max of uint32, then the computation performed using this variable to calculate stats_registers_len may overflow to a smaller value leading to less than required memory allocated for power_stats_results and potentially a buffer overflow while copying the FW buffer to local buffer.

7.5
2018-03-30 CVE-2017-14881 Google Use After Free vulnerability in Google Android

While calling the IPA IOCTL handler for IPA_IOC_ADD_HDR_PROC_CTX in Android for MSM, Firefox OS for MSM, and QRD Android before 2017-10-13, a use-after-free condition may potentially occur.

7.5
2018-03-30 CVE-2017-14877 Google Use After Free vulnerability in Google Android

While the IPA driver in Android for MSM, Firefox OS for MSM, and QRD Android before 2017-08-31 is processing IOCTL commands there is no mutex lock of allocated memory.

7.5
2018-03-30 CVE-2017-14876 Google Out-of-bounds Write vulnerability in Google Android

In msm_ispif_config_stereo() in Android for MSM, Firefox OS for MSM, and QRD Android before 2017-06-21, the parameter params->entries[i].vfe_intf comes from userspace without any bounds check which could potentially result in a kernel out-of-bounds write.

7.5
2018-03-30 CVE-2018-3822 Elastic Path Traversal vulnerability in Elastic X-Pack 6.2.0/6.2.1/6.2.2

X-Pack Security versions 6.2.0, 6.2.1, and 6.2.2 are vulnerable to a user impersonation attack via incorrect XML canonicalization and DOM traversal.

7.5
2018-03-29 CVE-2015-2020 Myscript Deserialization of Untrusted Data vulnerability in Myscript

The MyScript SDK before 1.3 for Android might allow attackers to execute arbitrary code by leveraging a finalize method in a Serializable class that improperly passes an attacker-controlled pointer to a native function.

7.5
2018-03-29 CVE-2015-2004 Gracenote Range Error vulnerability in Gracenote Gnsdk

The GraceNote GNSDK SDK before SVN Changeset 1.1.7 for Android might allow attackers to execute arbitrary code by leveraging a finalize method in a Serializable class that improperly passes an attacker-controlled pointer to a native function.

7.5
2018-03-29 CVE-2015-2003 Pjsip Range Error vulnerability in Pjsip Pjsua2 SDK

The PJSIP PJSUA2 SDK before SVN Changeset 51322 for Android might allow attackers to execute arbitrary code by leveraging a finalize method in a Serializable class that improperly passes an attacker-controlled pointer to a native function.

7.5
2018-03-29 CVE-2015-2002 Esri Range Error vulnerability in Esri Arcgisruntime SDK

The ESRI ArcGis Runtime SDK before 10.2.6-2 for Android might allow attackers to execute arbitrary code by leveraging a finalize method in a Serializable class that improperly passes an attacker-controlled pointer to a native function.

7.5
2018-03-29 CVE-2015-2001 Metaio Range Error vulnerability in Metaio SDK

The MetaIO SDK before 6.0.2.1 for Android might allow attackers to execute arbitrary code by leveraging a finalize method in a Serializable class that improperly passes an attacker-controlled pointer to a native function.

7.5
2018-03-29 CVE-2015-2000 Jumio Range Error vulnerability in Jumio SDK

The Jumio SDK before 1.5.0 for Android might allow attackers to execute arbitrary code by leveraging a finalize method in a Serializable class that improperly passes an attacker-controlled pointer to a native function.

7.5
2018-03-29 CVE-2014-5170 Drupal Improper Input Validation vulnerability in Drupal Storage API

The Storage API module 7.x before 7.x-1.6 for Drupal might allow remote attackers to execute arbitrary code by leveraging failure to update .htaccess file contents after SA-CORE-2013-003.

7.5
2018-03-29 CVE-2018-7600 Drupal
Debian
Improper Input Validation vulnerability in multiple products

Drupal before 7.58, 8.x before 8.3.9, 8.4.x before 8.4.6, and 8.5.x before 8.5.1 allows remote attackers to execute arbitrary code because of an issue affecting multiple subsystems with default or common module configurations.

7.5
2018-03-28 CVE-2018-5451 Philips Improper Authentication vulnerability in Philips Alice 6 Firmware

In Philips Alice 6 System version R8.0.2 or prior, when an actor claims to have a given identity, the software does not prove or insufficiently proves that the claim is correct.

7.5
2018-03-28 CVE-2018-9110 Std42 Path Traversal vulnerability in Std42 Elfinder

Studio 42 elFinder before 2.1.37 has a directory traversal vulnerability in elFinder.class.php with the zipdl() function that can allow a remote attacker to download files accessible by the web server process and delete files owned by the account running the web server process.

7.5
2018-03-28 CVE-2018-9109 Std42 Path Traversal vulnerability in Std42 Elfinder

Studio 42 elFinder before 2.1.36 has a directory traversal vulnerability in elFinder.class.php with the zipdl() function that can allow a remote attacker to download files accessible by the web server process and delete files owned by the account running the web server process.

7.5
2018-03-28 CVE-2018-8823 Responsive Mega Menu PRO Project
Prestashop
Code Injection vulnerability in multiple products

modules/bamegamenu/ajax_phpcode.php in the Responsive Mega Menu (Horizontal+Vertical+Dropdown) Pro module 1.0.32 for PrestaShop 1.5.5.0 through 1.7.2.5 allows remote attackers to execute arbitrary PHP code via the code parameter.

7.5
2018-03-27 CVE-2014-4959 Google SQL Injection vulnerability in Google Android

**DISPUTED** SQL injection vulnerability in SQLiteDatabase.java in the SQLi Api in Android allows remote attackers to execute arbitrary SQL commands via the delete method.

7.5
2018-03-27 CVE-2018-9032 Dlink Improper Authentication vulnerability in Dlink Dir-850L Firmware

An authentication bypass vulnerability on D-Link DIR-850L Wireless AC1200 Dual Band Gigabit Cloud Router (Hardware Version : A1, B1; Firmware Version : 1.02-2.06) devices potentially allows attackers to bypass SharePort Web Access Portal by directly visiting /category_view.php or /folder_view.php.

7.5
2018-03-26 CVE-2014-2293 Zikula Code Injection vulnerability in Zikula Application Framework

Zikula Application Framework before 1.3.7 build 11 allows remote attackers to conduct PHP object injection attacks and delete arbitrary files or execute arbitrary PHP code via crafted serialized data in the (1) authentication_method_ser or (2) authentication_info_ser parameter to index.php, or (3) zikulaMobileTheme parameter to index.php.

7.5
2018-03-26 CVE-2014-2048 Owncloud Improper Access Control vulnerability in Owncloud

The user_openid app in ownCloud Server before 5.0.15 allows remote attackers to obtain access by leveraging an insecure OpenID implementation.

7.5
2018-03-26 CVE-2018-5474 Philips Improper Input Validation vulnerability in Philips Intellispace Portal 8.0/9.0

Philips Intellispace Portal all versions 7.0.x and 8.0.x have an input validation vulnerability that could allow a remote attacker to execute arbitrary code or cause the application to crash.

7.5
2018-03-26 CVE-2018-5472 Philips Unspecified vulnerability in Philips Intellispace Portal 8.0/9.0

Philips Intellispace Portal all versions 7.0.x and 8.0.x have an insecure windows permissions vulnerability that could allow an attacker to gain unauthorized access and in some cases escalate their level of privilege or execute arbitrary code.

7.5
2018-03-26 CVE-2018-5468 Philips Unspecified vulnerability in Philips Intellispace Portal 8.0/9.0

Philips Intellispace Portal all versions 7.0.x and 8.0.x have a remote desktop access vulnerability that could allow an attacker to gain unauthorized access and in some cases escalate their level of privilege or execute arbitrary code

7.5
2018-04-01 CVE-2018-9149 Zyxel Use of Hard-coded Credentials vulnerability in Zyxel Ac3000 Firmware

The Zyxel Multy X (AC3000 Tri-Band WiFi System) device doesn't use a suitable mechanism to protect the UART.

7.2
2018-03-29 CVE-2017-16873 Hashicorp Unspecified vulnerability in Hashicorp Vagrant VMWare Fusion

It is possible to exploit an unsanitized PATH in the suid binary that ships with vagrant-vmware-fusion 4.0.25 through 5.0.4 in order to escalate to root privileges.

7.2
2018-03-29 CVE-2017-16512 Hashicorp Race Condition vulnerability in Hashicorp Vagrant VMWare Fusion 5.0.2/5.0.3/5.0.4

The vagrant update process in Hashicorp vagrant-vmware-fusion 5.0.2 through 5.0.4 allows local users to steal root privileges via a crafted update request when no updates are available.

7.2
2018-03-28 CVE-2018-0193 Cisco OS Command Injection vulnerability in Cisco IOS XE

Multiple vulnerabilities in the CLI parser of Cisco IOS XE Software could allow an authenticated, local attacker to inject arbitrary commands into the CLI of the affected software, which could allow the attacker to gain access to the underlying Linux shell of an affected device and execute commands with root privileges on the device.

7.2
2018-03-28 CVE-2018-0185 Cisco OS Command Injection vulnerability in Cisco IOS XE

Multiple vulnerabilities in the CLI parser of Cisco IOS XE Software could allow an authenticated, local attacker to inject arbitrary commands into the CLI of the affected software, which could allow the attacker to gain access to the underlying Linux shell of an affected device and execute commands with root privileges on the device.

7.2
2018-03-28 CVE-2018-0184 Cisco OS Command Injection vulnerability in Cisco IOS XE

A vulnerability in the CLI parser of Cisco IOS XE Software could allow an authenticated, local attacker to gain access to the underlying Linux shell of an affected device and execute arbitrary commands with root privileges on the device.

7.2
2018-03-28 CVE-2018-0183 Cisco OS Command Injection vulnerability in Cisco IOS XE

A vulnerability in the CLI parser of Cisco IOS XE Software could allow an authenticated, local attacker to gain access to the underlying Linux shell of an affected device and execute arbitrary commands with root privileges on the device.

7.2
2018-03-28 CVE-2018-0182 Cisco OS Command Injection vulnerability in Cisco IOS XE

Multiple vulnerabilities in the CLI parser of Cisco IOS XE Software could allow an authenticated, local attacker to inject arbitrary commands into the CLI of the affected software, which could allow the attacker to gain access to the underlying Linux shell of an affected device and execute commands with root privileges on the device.

7.2
2018-03-28 CVE-2018-0176 Cisco OS Command Injection vulnerability in Cisco IOS XE 15.0(5.59)Emd/16.1(0)/16.2(0)

Multiple vulnerabilities in the CLI parser of Cisco IOS XE Software could allow an authenticated, local attacker to gain access to the underlying Linux shell of an affected device and execute arbitrary commands with root privileges on the device.

7.2
2018-03-28 CVE-2018-0169 Cisco OS Command Injection vulnerability in Cisco IOS 15.0(5.59)Emd

Multiple vulnerabilities in the CLI parser of Cisco IOS XE Software could allow an authenticated, local attacker to gain access to the underlying Linux shell of an affected device and execute arbitrary commands with root privileges on the device.

7.2
2018-03-28 CVE-2018-1083 ZSH
Canonical
Debian
Redhat
Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products

Zsh before version 5.4.2-test-1 is vulnerable to a buffer overflow in the shell autocomplete functionality.

7.2
2018-03-27 CVE-2018-6766 Swisscom Uncontrolled Search Path Element vulnerability in Swisscom Tvmediahelper 1.1.0.50

Swisscom TVMediaHelper 1.1.0.50 contains a vulnerability that could allow an unauthenticated, remote attacker to execute arbitrary code on the targeted system.

7.2
2018-03-27 CVE-2018-6765 Swisscom Uncontrolled Search Path Element vulnerability in Swisscom Myswisscomassistant 2.17.1.1065

Swisscom MySwisscomAssistant 2.17.1.1065 contains a vulnerability that could allow an unauthenticated, remote attacker to execute arbitrary code on the targeted system.

7.2
2018-03-26 CVE-2018-1204 Dell Path Traversal vulnerability in Dell EMC Isilon Onefs

Dell EMC Isilon OneFS versions between 8.1.0.0 - 8.1.0.1, 8.0.1.0 - 8.0.1.2, and 8.0.0.0 - 8.0.0.6, versions 7.2.1.x, and version 7.1.1.11 is affected by a path traversal vulnerability in the isi_phone_home tool.

7.2
2018-03-26 CVE-2018-1203 Dell Incorrect Permission Assignment for Critical Resource vulnerability in Dell EMC Isilon Onefs

In Dell EMC Isilon OneFS, the compadmin is able to run tcpdump binary with root privileges.

7.2
2018-03-26 CVE-2017-15534 Symantec Improper Authentication vulnerability in Symantec Norton APP Lock

The Norton App Lock prior to version 1.3.0.13 can be susceptible to an authentication bypass exploit.

7.2
2018-03-26 CVE-2018-5470 Philips Untrusted Search Path vulnerability in Philips Intellispace Portal 8.0/9.0

Philips IntelliSpace Portal all versions of 8.0.x, and 7.0.x have an unquoted search path or element vulnerability that has been identified, which may allow an authorized local user to execute arbitrary code and escalate their level of privileges.

7.2
2018-03-30 CVE-2018-9136 Jungo Improper Input Validation vulnerability in Jungo Windriver

windrvr1260.sys in Jungo DriverWizard WinDriver 12.6.0 allows attackers to cause a denial of service (BSOD) via a crafted .exe file, a different vulnerability than CVE-2018-8821.

7.1
2018-03-28 CVE-2018-0189 Cisco Unspecified vulnerability in Cisco IOS XE

A vulnerability in the Forwarding Information Base (FIB) code of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, network attacker to cause a denial of service (DoS) condition.

7.1
2018-03-28 CVE-2018-0180 Cisco Unspecified vulnerability in Cisco IOS

Multiple vulnerabilities in the Login Enhancements (Login Block) feature of Cisco IOS Software could allow an unauthenticated, remote attacker to trigger a reload of an affected system, resulting in a denial of service (DoS) condition.

7.1
2018-03-28 CVE-2018-0179 Cisco Unspecified vulnerability in Cisco IOS

Multiple vulnerabilities in the Login Enhancements (Login Block) feature of Cisco IOS Software could allow an unauthenticated, remote attacker to trigger a reload of an affected system, resulting in a denial of service (DoS) condition.

7.1
2018-03-27 CVE-2017-12319 Cisco Improper Input Validation vulnerability in Cisco IOS and IOS XE

A vulnerability in the Border Gateway Protocol (BGP) over an Ethernet Virtual Private Network (EVPN) for Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause the device to reload, resulting in a denial of service (DoS) condition, or potentially corrupt the BGP routing table, which could result in network instability.

7.1

177 Medium Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2018-03-29 CVE-2017-16839 Hashicorp Unspecified vulnerability in Hashicorp Vagrant VMWare Fusion 5.0.4

Hashicorp vagrant-vmware-fusion 5.0.4 allows local users to steal root privileges if VMware Fusion is not installed.

6.9
2018-03-26 CVE-2017-12410 Kaseya Race Condition vulnerability in Kaseya Virtual System Administrator

It is possible to exploit a Time of Check & Time of Use (TOCTOU) vulnerability by winning a race condition when Kaseya Virtual System Administrator agent 9.3.0.11 and earlier tries to execute its binaries from working and/or temporary folders.

6.9
2018-04-01 CVE-2018-9128 DVD X Player Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Dvd-X-Player DVD X Player 5.5.3.9

DVD X Player Standard 5.5.3.9 has a Buffer Overflow via a crafted .plf file, a related issue to CVE-2007-3068.

6.8
2018-03-31 CVE-2018-8908 Frog CMS Project Cross-Site Request Forgery (CSRF) vulnerability in Frog CMS Project Frog CMS 0.9.5

An issue was discovered in /admin/?/user/add in Frog CMS 0.9.5.

6.8
2018-03-31 CVE-2018-8893 Zblogcn Cross-Site Request Forgery (CSRF) vulnerability in Zblogcn Z-Blogphp 1.5.1

Z-BlogPHP 1.5.1 Zero has CSRF in plugin_edit.php, resulting in the ability to execute arbitrary PHP code.

6.8
2018-03-30 CVE-2018-9134 Dedecms Cross-Site Request Forgery (CSRF) vulnerability in Dedecms 5.7

file_manage_control.php in DedeCMS 5.7 has CSRF in an fmdo=rename action, as demonstrated by renaming an arbitrary file under uploads/userup to a .php file under the web root to achieve PHP code execution.

6.8
2018-03-30 CVE-2018-9135 Imagemagick Out-of-bounds Read vulnerability in Imagemagick 7.0.724

In ImageMagick 7.0.7-24 Q16, there is a heap-based buffer over-read in IsWEBPImageLossless in coders/webp.c.

6.8
2018-03-29 CVE-2015-4952 IBM Unspecified vulnerability in IBM Endpoint Manager for Remote Control 9.0.1/9.1.0

The on-demand plugin in IBM Endpoint Manager for Remote Control 9.0.1 and 9.1.0 allows user-assisted remote attackers to execute arbitrary code via unspecified vectors.

6.8
2018-03-29 CVE-2015-2009 IBM Cross-Site Request Forgery (CSRF) vulnerability in IBM Qradar Security Information and Event Manager

Cross-site request forgery (CSRF) vulnerability in the xmlrpc.cgi service in IBM QRadar SIEM 7.1 before MR2 Patch 11 Interim Fix 02 and 7.2.x before 7.2.5 Patch 4 allows remote attackers to hijack the authentication of arbitrary users for requests that insert XSS sequences via vectors related to webmin.

6.8
2018-03-28 CVE-2018-9108 Quickappscms Cross-Site Request Forgery (CSRF) vulnerability in Quickappscms Quickapps CMS 2.0.0

CSRF in /admin/user/manage/add in QuickAppsCMS 2.0.0-beta2 allows an unauthorized remote attacker to create an account with admin privileges.

6.8
2018-03-28 CVE-2018-9107 Acyba Improper Neutralization of Formula Elements in a CSV File vulnerability in Acyba Acymailing

CSV Injection (aka Excel Macro Injection or Formula Injection) exists in the export feature in the Acyba AcyMailing extension before 5.9.6 for Joomla! via a value that is mishandled in a CSV export.

6.8
2018-03-28 CVE-2018-9106 Acyba Improper Neutralization of Formula Elements in a CSV File vulnerability in Acyba Acysms

CSV Injection (aka Excel Macro Injection or Formula Injection) exists in the export feature in the Acyba AcySMS extension before 3.5.1 for Joomla! via a value that is mishandled in a CSV export.

6.8
2018-03-27 CVE-2018-9092 1234N Cross-Site Request Forgery (CSRF) vulnerability in 1234N Minicms 1.10

There is a CSRF vulnerability in mc-admin/conf.php in MiniCMS 1.10 that can change the administrator account password.

6.8
2018-03-27 CVE-2018-7700 Dedecms Cross-Site Request Forgery (CSRF) vulnerability in Dedecms 5.7

DedeCMS 5.7 has CSRF with an impact of arbitrary code execution, because the partcode parameter in a tag_test_action.php request can specify a runphp field in conjunction with PHP code.

6.8
2018-03-27 CVE-2018-8764 Debian
Ldap Account Manager
Cross-Site Request Forgery (CSRF) vulnerability in multiple products

Roland Gruber Softwareentwicklung LDAP Account Manager before 6.3 places a CSRF token in the sec_token parameter of a URI, which makes it easier for remote attackers to defeat a CSRF protection mechanism by leveraging logging.

6.8
2018-03-27 CVE-2018-1267 Cloudfoundry Incorrect Permission Assignment for Critical Resource vulnerability in Cloudfoundry Silk-Release 0.1.0

Cloud Foundry Silk CNI plugin, versions prior to 0.2.0, contains an improper access control vulnerability.

6.8
2018-03-26 CVE-2018-1213 Dell Cross-Site Request Forgery (CSRF) vulnerability in Dell EMC Isilon Onefs

Dell EMC Isilon OneFS versions between 8.1.0.0 - 8.1.0.1, 8.0.1.0 - 8.0.1.2, and 8.0.0.0 - 8.0.0.6, versions 7.2.1.x, and version 7.1.1.11 and 8.1.0.2 is affected by a cross-site request forgery vulnerability.

6.8
2018-03-26 CVE-2018-1312 Apache
Canonical
Debian
Netapp
Redhat
Improper Authentication vulnerability in multiple products

In Apache httpd 2.2.0 to 2.4.29, when generating an HTTP Digest authentication challenge, the nonce sent to prevent reply attacks was not correctly generated using a pseudo-random seed.

6.8
2018-03-26 CVE-2017-15715 Apache
Debian
Canonical
Netapp
Redhat
Improper Input Validation vulnerability in multiple products

In Apache httpd 2.4.0 to 2.4.29, the expression specified in <FilesMatch> could match '$' to a newline character in a malicious filename, rather than matching only the end of the filename.

6.8
2018-03-26 CVE-2018-5454 Philips Unspecified vulnerability in Philips Intellispace Portal 8.0/9.0

Philips IntelliSpace Portal all versions of 8.0.x, and 7.0.x have a vulnerability where code debugging methods are enabled, which could allow an attacker to remotely execute arbitrary code during runtime.

6.8
2018-03-26 CVE-2014-2312 Intel Link Following vulnerability in Intel Thermald

The main function in android_main.cpp in thermald allows local users to write to arbitrary files via a symlink attack on /tmp/thermald.pid.

6.6
2018-03-30 CVE-2018-3728 Hapijs Modification of Assumed-Immutable Data (MAID) vulnerability in Hapijs Hoek

hoek node module before 4.2.0 and 5.0.x before 5.0.3 suffers from a Modification of Assumed-Immutable Data (MAID) vulnerability via 'merge' and 'applyToDefaults' functions, which allows a malicious user to modify the prototype of "Object" via __proto__, causing the addition or modification of an existing property that will exist on all objects.

6.5
2018-03-29 CVE-2018-5223 Atlassian Improper Input Validation vulnerability in Atlassian Crucible and Fisheye

Fisheye and Crucible did not correctly check if a configured Mercurial repository URI contained values that the Windows operating system may consider argument parameters.

6.5
2018-03-28 CVE-2018-0195 Cisco Improper Authentication vulnerability in Cisco IOS XE

A vulnerability in the Cisco IOS XE Software REST API could allow an authenticated, remote attacker to bypass API authorization checks and use the API to perform privileged actions on an affected device.

6.5
2018-03-27 CVE-2018-1266 Cloudfoundry Use of Insufficiently Random Values vulnerability in Cloudfoundry Capi-Release

Cloud Foundry Cloud Controller, versions prior to 1.52.0, contains information disclosure and path traversal vulnerabilities.

6.5
2018-03-27 CVE-2018-1231 Pivotal Software Incorrect Permission Assignment for Critical Resource vulnerability in Pivotal Software Bosh CLI

Cloud Foundry BOSH CLI, versions prior to v3.0.1, contains an improper access control vulnerability.

6.5
2018-03-26 CVE-2018-8802 Unisys SQL Injection vulnerability in Unisys Clearpath Eportal Manager and Eportal-2200

SQL injection vulnerability in the management interface in ePortal Manager allows remote attackers to execute arbitrary SQL commands via unspecified parameters.

6.5
2018-03-29 CVE-2018-9116 Wiremock XXE vulnerability in Wiremock

An XXE vulnerability within WireMock before 2.16.0 allows a remote unauthenticated attacker to access local files and internal resources and potentially cause a Denial of Service.

6.4
2018-03-27 CVE-2015-4987 IBM Improper Authentication vulnerability in IBM Tealeaf Customer Experience

The search and replay servers in IBM Tealeaf Customer Experience 8.0 through 9.0.2 allow remote attackers to bypass authentication via unspecified vectors.

6.4
2018-03-28 CVE-2018-0161 Cisco Unspecified vulnerability in Cisco IOS 15.2(5)E

A vulnerability in the Simple Network Management Protocol (SNMP) subsystem of Cisco IOS Software running on certain models of Cisco Catalyst Switches could allow an authenticated, remote attacker to cause a denial of service (DoS) condition, aka a GET MIB Object ID Denial of Service Vulnerability.

6.3
2018-03-28 CVE-2018-0160 Cisco Double Free vulnerability in Cisco IOS XE 15.5(3)S

A vulnerability in Simple Network Management Protocol (SNMP) subsystem of Cisco IOS XE Software could allow an authenticated, remote attacker to cause a denial of service (DoS) condition.

6.3
2018-03-30 CVE-2018-5708 Dlink Insufficiently Protected Credentials vulnerability in Dlink Dir-601 Firmware 2.02Na

An issue was discovered on D-Link DIR-601 B1 2.02NA devices.

6.1
2018-03-28 CVE-2018-0165 Cisco Missing Release of Resource after Effective Lifetime vulnerability in Cisco IOS XE 15.2(3)E/Denali16.3.3

A vulnerability in the Internet Group Management Protocol (IGMP) packet-processing functionality of Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to exhaust buffers on an affected device, resulting in a denial of service (DoS) condition, aka a Memory Leak.

6.1
2018-03-27 CVE-2018-9054 Windows Optimization Master Project Improper Input Validation vulnerability in Windows Optimization Master Project Windows Optimization Master 7.99.13.604

In Windows Master (aka Windows Optimization Master) 7.99.13.604, the driver file (WoptiHWDetect.SYS) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0xf100284c.

6.1
2018-03-27 CVE-2018-9053 Windows Optimization Master Project Improper Input Validation vulnerability in Windows Optimization Master Project Windows Optimization Master 7.99.13.604

In Windows Master (aka Windows Optimization Master) 7.99.13.604, the driver file (WoptiHWDetect.SYS) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0xf10026cc.

6.1
2018-03-27 CVE-2018-9052 Windows Optimization Master Project Improper Input Validation vulnerability in Windows Optimization Master Project Windows Optimization Master 7.99.13.604

In Windows Master (aka Windows Optimization Master) 7.99.13.604, the driver file (WoptiHWDetect.SYS) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0xf100283c.

6.1
2018-03-27 CVE-2018-9051 Windows Optimization Master Project Improper Input Validation vulnerability in Windows Optimization Master Project Windows Optimization Master 7.99.13.604

In Windows Master (aka Windows Optimization Master) 7.99.13.604, the driver file (WoptiHWDetect.SYS) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0xf1002021.

6.1
2018-03-27 CVE-2018-9050 Windows Optimization Master Project Improper Input Validation vulnerability in Windows Optimization Master Project Windows Optimization Master 7.99.13.604

In Windows Master (aka Windows Optimization Master) 7.99.13.604, the driver file (WoptiHWDetect.SYS) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0xf100202d.

6.1
2018-03-27 CVE-2018-9049 Windows Optimization Master Project Improper Input Validation vulnerability in Windows Optimization Master Project Windows Optimization Master 7.99.13.604

In Windows Master (aka Windows Optimization Master) 7.99.13.604, the driver file (WoptiHWDetect.SYS) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0xf1002833.

6.1
2018-03-27 CVE-2018-9048 Windows Optimization Master Project Improper Input Validation vulnerability in Windows Optimization Master Project Windows Optimization Master 7.99.13.604

In Windows Master (aka Windows Optimization Master) 7.99.13.604, the driver file (WoptiHWDetect.SYS) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0xf100282c.

6.1
2018-03-27 CVE-2018-9047 Windows Optimization Master Project Improper Input Validation vulnerability in Windows Optimization Master Project Windows Optimization Master 7.99.13.604

In Windows Master (aka Windows Optimization Master) 7.99.13.604, the driver file (WoptiHWDetect.SYS) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0xf1002841.

6.1
2018-03-27 CVE-2018-9046 Windows Optimization Master Project Improper Input Validation vulnerability in Windows Optimization Master Project Windows Optimization Master 7.99.13.604

In Windows Master (aka Windows Optimization Master) 7.99.13.604, the driver file (WoptiHWDetect.SYS) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0xf100282d.

6.1
2018-03-27 CVE-2018-9045 Windows Optimization Master Project Improper Input Validation vulnerability in Windows Optimization Master Project Windows Optimization Master 7.99.13.604

In Windows Master (aka Windows Optimization Master) 7.99.13.604, the driver file (WoptiHWDetect.SYS) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0xf1002849.

6.1
2018-03-27 CVE-2018-9044 Iobit Improper Input Validation vulnerability in Iobit Advanced Systemcare Ultimate 11.0.1.58

In Advanced SystemCare Ultimate 11.0.1.58, the driver file (Monitor_win10_x64.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x9c4060cc.

6.1
2018-03-27 CVE-2018-9043 Iobit Improper Input Validation vulnerability in Iobit Advanced Systemcare Ultimate 11.0.1.58

In Advanced SystemCare Ultimate 11.0.1.58, the driver file (Monitor_win10_x64.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x9c4060d0.

6.1
2018-03-27 CVE-2018-9042 Iobit Improper Input Validation vulnerability in Iobit Advanced Systemcare Ultimate 11.0.1.58

In Advanced SystemCare Ultimate 11.0.1.58, the driver file (Monitor_win10_x64.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x9c402000.

6.1
2018-03-27 CVE-2018-9041 Iobit Improper Input Validation vulnerability in Iobit Advanced Systemcare Ultimate 11.0.1.58

In Advanced SystemCare Ultimate 11.0.1.58, the driver file (Monitor_win10_x64.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x9c402004.

6.1
2018-03-27 CVE-2018-9040 Iobit Improper Input Validation vulnerability in Iobit Advanced Systemcare Ultimate 11.0.1.58

In Advanced SystemCare Ultimate 11.0.1.58, the driver file (Monitor_win10_x64.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x9c4060c4.

6.1
2018-03-28 CVE-2018-8820 Square 9 SQL Injection vulnerability in Square-9 Globalforms

An issue was discovered in Square 9 GlobalForms 6.2.x.

6.0
2018-03-27 CVE-2018-8718 Jenkins Cross-Site Request Forgery (CSRF) vulnerability in Jenkins Mailer

Cross-site request forgery (CSRF) vulnerability in the Mailer Plugin 1.20 for Jenkins 2.111 allows remote authenticated users to send unauthorized mail as an arbitrary user via a /descriptorByName/hudson.tasks.Mailer/sendTestMail request.

6.0
2018-03-30 CVE-2018-3819 Elastic Open Redirect vulnerability in Elastic Kibana

The fix in Kibana for ESA-2017-23 was incomplete.

5.8
2018-03-30 CVE-2018-9144 Exiv2 Out-of-bounds Read vulnerability in Exiv2

In Exiv2 0.26, there is an out-of-bounds read in Exiv2::Internal::binaryToString in image.cpp.

5.8
2018-03-29 CVE-2015-4953 IBM Inadequate Encryption Strength vulnerability in IBM Bigfix Remote Control 9.1.2

IBM BigFix Remote Control before Interim Fix pack 9.1.2-TIV-IBRC912-IF0001 makes it easier for man-in-the-middle attackers to decrypt traffic by leveraging a weakness in its encryption protocol.

5.8
2018-03-28 CVE-2018-7674 Netiq Open Redirect vulnerability in Netiq Identity Manager

The NetIQ Identity Manager user console, in versions prior to 4.7, is susceptible to URL redirection.

5.8
2018-03-26 CVE-2018-1348 Netiq Unspecified vulnerability in Netiq Identity Manager

NetIQ Identity Manager driver, in versions prior to 4.7, allows for an SSL handshake renegotiation which could result in a MITM attack.

5.8
2018-03-26 CVE-2015-5039 IBM Cryptographic Issues vulnerability in IBM Rational Clearcase

The Remote Client and change management integrations in IBM Rational ClearCase 7.1.x, 8.0.0.x before 8.0.0.18, and 8.0.1.x before 8.0.1.11 do not properly validate hostnames in X.509 certificates from SSL servers, which allows remote attackers to spoof servers and obtain sensitive information or modify network traffic via a crafted certificate.

5.8
2018-03-26 CVE-2018-8937 Open Audit Open Redirect vulnerability in Open-Audit 2.1

An issue was discovered in Open-AudIT Professional 2.1.

5.8
2018-04-01 CVE-2018-9158 Axis Improper Input Validation vulnerability in Axis M1033-W Firmware 5.40.5.1

An issue was discovered on AXIS M1033-W (IP camera) Firmware version 5.40.5.1 devices.

5.0
2018-03-31 CVE-2018-9160 Sickrage Insufficiently Protected Credentials vulnerability in Sickrage

SickRage before v2018.03.09-1 includes cleartext credentials in HTTP responses.

5.0
2018-03-31 CVE-2018-9159 Sparkjava Path Traversal vulnerability in Sparkjava Spark

In Spark before 2.7.2, a remote attacker can read unintended static files via various representations of absolute or relative pathnames, as demonstrated by file: URLs and directory traversal sequences.

5.0
2018-03-31 CVE-2015-9258 Docker Cryptographic Issues vulnerability in Docker Notary

In Docker Notary before 0.1, gotuf/signed/verify.go has a Signature Algorithm Not Matched to Key vulnerability.

5.0
2018-03-30 CVE-2018-7171 Lynxtechnology Path Traversal vulnerability in Lynxtechnology Twonky Server

Directory traversal vulnerability in Twonky Server 7.0.11 through 8.5 allows remote attackers to share the contents of arbitrary directories via a ..

5.0
2018-03-30 CVE-2018-1232 RSA Out-of-bounds Write vulnerability in RSA Authentication Agent FOR web

RSA Authentication Agent version 8.0.1 and earlier for Web for both IIS and Apache Web Server are impacted by a stack-based buffer overflow which may occur when handling certain malicious web cookies that have invalid formats.

5.0
2018-03-30 CVE-2017-15859 Google Out-of-bounds Write vulnerability in Google Android

While processing the QCA_NL80211_VENDOR_SUBCMD_SET_TXPOWER_SCALE_DECR_DB vendor command, in which attribute QCA_WLAN_VENDOR_ATTR_TXPOWER_SCALE_DECR_DB contains fewer than 1 byte, in Android for MSM, Firefox OS for MSM, and QRD Android before 2017-08-11 a buffer overrun occurs.

5.0
2018-03-30 CVE-2017-14891 Google Information Exposure vulnerability in Google Android

In the KGSL driver function _gpuobj_map_useraddr() in Android for MSM, Firefox OS for MSM, and QRD Android before 2017-10-12, the contents of the stack can get leaked due to an uninitialized variable.

5.0
2018-03-30 CVE-2017-14875 Google Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android

In the handler for the ioctl command VIDIOC_MSM_ISP_DUAL_HW_LPM_MODE in Android for MSM, Firefox OS for MSM, and QRD Android before 2017-05-23, a heap overread vulnerability exists.

5.0
2018-03-30 CVE-2017-11087 Google Information Exposure vulnerability in Google Android

libOmxVenc in Android for MSM, Firefox OS for MSM, and QRD Android copies the output buffer to an application with the "filled length", which is larger than the output buffer's actual size, leading to an information disclosure problem in the context of mediaserver.

5.0
2018-03-30 CVE-2018-9148 Westerndigital Improper Authentication vulnerability in Westerndigital MY Cloud Firmware 04.05.00320

Western Digital WD My Cloud v04.05.00-320 devices embed the session token (aka PHPSESSID) in filenames, which makes it easier for attackers to bypass authentication by listing a directory.

5.0
2018-03-30 CVE-2018-3740 Sanitize Project Improper Input Validation vulnerability in Sanitize Project Sanitize

A specially crafted HTML fragment can cause Sanitize gem for Ruby to allow non-whitelisted attributes to be used on a whitelisted HTML element.

5.0
2018-03-29 CVE-2016-0898 Vmware Information Exposure Through Log Files vulnerability in VMWare Pivotal Software Mysql

MySQL for PCF tiles 1.7.x before 1.7.10 were discovered to log the AWS access key in plaintext.

5.0
2018-03-29 CVE-2018-9031 Tnlsoftsolutions Insufficiently Protected Credentials vulnerability in Tnlsoftsolutions Sentry Vision 3.0/3.1/3.2

The login interface on TNLSoftSolutions Sentry Vision 3.x devices provides password disclosure by reading an "if(pwd ==" line in the HTML source code.

5.0
2018-03-29 CVE-2018-9117 Wiremock Path Traversal vulnerability in Wiremock

WireMock before 2.16.0 contains a vulnerability that allows a remote unauthenticated attacker to access local files beyond the application directory via a specially crafted XML request, aka Directory Traversal.

5.0
2018-03-28 CVE-2018-1064 Debian
Redhat
Resource Exhaustion vulnerability in multiple products

libvirt version before 4.2.0-rc1 is vulnerable to a resource exhaustion as a result of an incomplete fix for CVE-2018-5748 that affects QEMU monitor but now also triggered via QEMU guest agent.

5.0
2018-03-28 CVE-2018-7498 Philips Missing Encryption of Sensitive Data vulnerability in Philips Alice 6 Firmware

In Philips Alice 6 System version R8.0.2 or prior, the lack of proper data encryption passes up the guarantees of confidentiality, integrity, and accountability that properly implemented encryption conveys.

5.0
2018-03-28 CVE-2017-11510 Wanscam Insufficiently Protected Credentials vulnerability in Wanscam Hw0021 Firmware 11.6.5.1.120161213

An information leak exists in Wanscam's HW0021 network camera that allows an unauthenticated remote attacker to recover the administrator username and password via an ONVIF GetSnapshotUri request.

5.0
2018-03-27 CVE-2018-1327 Apache Unspecified vulnerability in Apache Struts

The Apache Struts REST Plugin is using XStream library which is vulnerable and allow perform a DoS attack when using a malicious request with specially crafted XML payload.

5.0
2018-03-27 CVE-2018-1237 Dell Improper Authentication vulnerability in Dell EMC Scaleio

Dell EMC ScaleIO versions prior to 2.5, contain improper restriction of excessive authentication attempts on the Light installation Agent (LIA).

5.0
2018-03-27 CVE-2018-1205 Dell Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Dell EMC Scaleio

Dell EMC ScaleIO, versions prior to 2.5, do not properly handle some packet data in the MDM service.

5.0
2018-03-27 CVE-2017-7630 Qnap Information Exposure vulnerability in Qnap QTS 4.2.6/4.3.3

QNAP QTS 4.2.6 build 20171026, QTS 4.3.3 build 20170727 and earlier allows remote attackers to obtain potentially sensitive information (firmware version and running services) via a request to sysinfoReq.cgi.

5.0
2018-03-27 CVE-2018-9057 Hashicorp Insufficient Entropy in PRNG vulnerability in Hashicorp Terraform

aws/resource_aws_iam_user_login_profile.go in the HashiCorp Terraform Amazon Web Services (AWS) provider through v1.12.0 has an inappropriate PRNG algorithm and seeding, which makes it easier for remote attackers to obtain access by leveraging an IAM account that was provisioned with a weak password.

5.0
2018-03-27 CVE-2014-0486 NIC Improper Input Validation vulnerability in NIC Knot CMS

Knot DNS before 1.5.2 allows remote attackers to cause a denial of service (application crash) via a crafted DNS message.

5.0
2018-03-27 CVE-2018-0198 Cisco Forced Browsing vulnerability in Cisco Unified Communications Manager

A vulnerability in the web framework of Cisco Unified Communications Manager could allow an unauthenticated, remote attacker to view sensitive data.

5.0
2018-03-27 CVE-2017-12310 Cisco Cleartext Transmission of Sensitive Information vulnerability in Cisco Spark Hybrid Calendar Service

A vulnerability in the auto discovery phase of Cisco Spark Hybrid Calendar Service could allow an unauthenticated, remote attacker to view sensitive information in the unencrypted headers of an HTTP method request.

5.0
2018-03-26 CVE-2018-7658 Softros Improper Input Validation vulnerability in Softros Network Time System 2.3.4

NTSServerSvc.exe in the server in Softros Network Time System 2.3.4 allows remote attackers to cause a denial of service (daemon crash) by sending exactly 11 bytes.

5.0
2018-03-26 CVE-2018-7673 Netiq Unspecified vulnerability in Netiq Identity Manager

The NetIQ Identity Manager communication channel, in versions prior to 4.7, is susceptible to a DoS attack.

5.0
2018-03-26 CVE-2018-1350 Netiq Information Exposure Through Log Files vulnerability in Netiq Identity Manager

The NetIQ Identity Manager driver log file, in versions prior to 4.7, provides details that could aid in system enumeration.

5.0
2018-03-26 CVE-2018-1349 Netiq Information Exposure Through Log Files vulnerability in Netiq Identity Manager

The NetIQ Identity Manager driver log file, in versions prior to 4.7, provides details that could aid in system or configuration enumeration.

5.0
2018-03-26 CVE-2018-1303 Apache
Debian
Canonical
Netapp
Out-of-bounds Read vulnerability in multiple products

A specially crafted HTTP request header could have crashed the Apache HTTP Server prior to version 2.4.30 due to an out of bound read while preparing data to be cached in shared memory.

5.0
2018-03-26 CVE-2017-15710 Apache
Debian
Canonical
Netapp
Redhat
Out-of-bounds Write vulnerability in multiple products

In Apache httpd 2.0.23 to 2.0.65, 2.2.0 to 2.2.34, and 2.4.0 to 2.4.29, mod_authnz_ldap, if configured with AuthLDAPCharsetConfig, uses the Accept-Language header value to lookup the right charset encoding when verifying the user's credentials.

5.0
2018-03-26 CVE-2018-5466 Philips Improper Certificate Validation vulnerability in Philips Intellispace Portal 8.0/9.0

Philips IntelliSpace Portal all versions of 8.0.x, and 7.0.x have a self-signed SSL certificate vulnerability this could allow an attacker to gain unauthorized access to resources and information.

5.0
2018-03-26 CVE-2018-5464 Philips Improper Certificate Validation vulnerability in Philips Intellispace Portal 8.0/9.0

Philips IntelliSpace Portal all versions of 8.0.x, and 7.0.x have an untrusted SSL certificate vulnerability this could allow an attacker to gain unauthorized access to resources and information.

5.0
2018-03-26 CVE-2018-5462 Philips Improper Certificate Validation vulnerability in Philips Intellispace Portal 8.0/9.0

Philips IntelliSpace Portal all versions of 8.0.x, and 7.0.x have an SSL incorrect hostname certificate vulnerability this could allow an attacker to gain unauthorized access to resources and information.

5.0
2018-03-26 CVE-2018-5458 Philips Use of a Broken or Risky Cryptographic Algorithm vulnerability in Philips Intellispace Portal 8.0/9.0

Philips IntelliSpace Portal all versions of 8.0.x, and 7.0.x have a vulnerability using SSL legacy encryption that could allow an attacker to gain unauthorized access to resources and information.

5.0
2018-03-30 CVE-2018-9151 Kingsoft NULL Pointer Dereference vulnerability in Kingsoft Internet Security 9 Plus 2010.06.23.247

A NULL pointer dereference bug in the function ObReferenceObjectByHandle in the Kingsoft Internet Security 9+ kernel driver KWatch3.sys allows local non-privileged users to crash the system via IOCTL 0x80030030.

4.9
2018-03-28 CVE-2017-0936 Nextcloud Authorization Bypass Through User-Controlled Key vulnerability in Nextcloud Server

Nextcloud Server before 11.0.7 and 12.0.5 suffers from an Authorization Bypass Through User-Controlled Key vulnerability.

4.9
2018-03-27 CVE-2018-1091 Linux Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Linux Kernel

In the flush_tmregs_to_thread function in arch/powerpc/kernel/ptrace.c in the Linux kernel before 4.13.5, a guest kernel crash can be triggered from unprivileged userspace during a core dump on a POWER host due to a missing processor feature check and an erroneous use of transactional memory (TM) instructions in the core dump path, leading to a denial of service.

4.9
2018-03-27 CVE-2018-9056 Intel
ARM
Information Exposure vulnerability in Intel products

Systems with microprocessors utilizing speculative execution may allow unauthorized disclosure of information to an attacker with local user access via a side-channel attack on the directional branch predictor, as demonstrated by a pattern history table (PHT), aka BranchScope.

4.7
2018-03-31 CVE-2017-18255 Linux Integer Overflow or Wraparound vulnerability in Linux Kernel

The perf_cpu_time_max_percent_handler function in kernel/events/core.c in the Linux kernel before 4.11 allows local users to cause a denial of service (integer overflow) or possibly have unspecified other impact via a large value, as demonstrated by an incorrect sample-rate calculation.

4.6
2018-03-30 CVE-2018-7566 Linux
Suse
Canonical
Debian
Redhat
Oracle
Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products

The Linux kernel 4.15 has a Buffer Overflow via an SNDRV_SEQ_IOCTL_SET_CLIENT_POOL ioctl write operation to /dev/snd/seq by a local user.

4.6
2018-03-30 CVE-2017-9723 Google Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android

The touchscreen driver synaptics_dsx in Android for MSM, Firefox OS for MSM, and QRD Android before 2017-06-05, the size of a stack-allocated buffer can be set to a value which exceeds the size of the stack.

4.6
2018-03-30 CVE-2017-9694 Qcacld 2 0 Project Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Qcacld 2.0 Project Qcacld 2.0

While parsing Netlink attributes in QCA_WLAN_VENDOR_ATTR_EXTSCAN_BSSID_HOTLIST_PARAMS_LOST_AP_SAMPLE_SIZE in qcacld 2.0 before 2017-05-16, a buffer overread could occur.

4.6
2018-03-30 CVE-2017-9692 Google NULL Pointer Dereference vulnerability in Google Android

When an atomic commit is issued on a writeback panel with a NULL output_layer parameter in Android for MSM, Firefox OS for MSM, and QRD Android before 2017-06-03, a NULL pointer dereference may potentially occur.

4.6
2018-03-30 CVE-2017-17771 Google Classic Buffer Overflow vulnerability in Google Android

In msm_isp_prepare_v4l2_buf in Android for MSM, Firefox OS for MSM, and QRD Android before 2017-02-12, an array out of bounds can occur.

4.6
2018-03-30 CVE-2017-15852 Google Information Exposure vulnerability in Google Android

Information leak of the ISPIF base address in Android for MSM, Firefox OS for MSM, and QRD Android can occur in the camera driver.

4.6
2018-03-30 CVE-2017-15846 Google NULL Pointer Dereference vulnerability in Google Android

In the video_ioctl2() function in the camera driver in Android for MSM, Firefox OS for MSM, and QRD Android before 2017-09-16, an untrusted pointer dereference may potentially occur.

4.6
2018-03-30 CVE-2017-15823 Google Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android

In spectral_create_samp_msg() in Android for MSM, Firefox OS for MSM, and QRD Android before 2017-10-11, some values from firmware are not properly validated potentially leading to a buffer overflow.

4.6
2018-03-30 CVE-2017-14892 Google Improper Input Validation vulnerability in Google Android

In the function msm_pcm_hw_params() in Android for MSM, Firefox OS for MSM, and QRD Android before 2017-09-19, the return value of q6asm_open_shared_io() is not checked properly potentially leading to a possible dangling pointer access.

4.6
2018-03-29 CVE-2017-5947 Oneplus Unspecified vulnerability in Oneplus Oxygenos

An issue was discovered in OnePlus One, X, 2, 3, 3T, and 5 devices with OxygenOS 5.0 and earlier.

4.6
2018-03-26 CVE-2017-6278 Nvidia Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Nvidia products

NVIDIA Tegra kernel contains a vulnerability in the CORE DVFS Thermal driver where there is the potential to read or write a buffer using an index or pointer that references a memory location after the end of the buffer, which may lead to a denial of service or possible escalation of privileges.

4.6
2018-03-30 CVE-2017-15826 Google Race Condition vulnerability in Google Android

Due to a race condition in MDSS rotator in Android for MSM, Firefox OS for MSM, and QRD Android before 2017-10-20, a double free vulnerability may potentially exist when two threads free the same perf structures.

4.4
2018-03-28 CVE-2018-8885 Canonical Race Condition vulnerability in Canonical Screen-Resolution-Extra and Ubuntu Linux

screenresolution-mechanism in screen-resolution-extra 0.17.2 does not properly use the PolicyKit D-Bus API, which allows local users to bypass intended access restrictions by leveraging a race condition via a setuid or pkexec process that is mishandled in a PolicyKitService._check_permission call.

4.4
2018-03-26 CVE-2017-18249 Linux
Debian
Race Condition vulnerability in Linux Kernel

The add_free_nid function in fs/f2fs/node.c in the Linux kernel before 4.12 does not properly track an allocated nid, which allows local users to cause a denial of service (race condition) or possibly have unspecified other impact via concurrent threads.

4.4
2018-04-01 CVE-2018-9165 Libming NULL Pointer Dereference vulnerability in Libming

The pushdup function in util/decompile.c in libming through 0.4.8 does not recognize the need for ActionPushDuplicate to perform a deep copy when a String is at the top of the stack, making the library vulnerable to a util/decompile.c getName NULL pointer dereference, which may allow attackers to cause a denial of service via a crafted SWF file.

4.3
2018-04-01 CVE-2018-6849 Duckduckgo Information Exposure vulnerability in Duckduckgo 4.2.0

In the WebRTC component in DuckDuckGo 4.2.0, after visiting a web site that attempts to gather complete client information (such as https://ip.voidsec.com), the browser can disclose a private IP address in a STUN request.

4.3
2018-03-30 CVE-2018-7203 Lynxtechnology Cross-site Scripting vulnerability in Lynxtechnology Twonky Server

Cross-site scripting (XSS) vulnerability in Twonky Server 7.0.11 through 8.5 allows remote attackers to inject arbitrary web script or HTML via the friendlyname parameter to rpc/set_all.

4.3
2018-03-30 CVE-2018-1233 RSA Cross-site Scripting vulnerability in RSA Authentication Agent FOR web

RSA Authentication Agent version 8.0.1 and earlier for Web for both IIS and Apache Web Server are affected by a cross-site scripting vulnerability.

4.3
2018-03-30 CVE-2018-3821 Elastic Cross-site Scripting vulnerability in Elastic Kibana

Kibana versions after 5.1.1 and before 5.6.7 and 6.1.3 had a cross-site scripting (XSS) vulnerability in the tag cloud visualization that could allow an attacker to obtain sensitive information from or perform destructive actions on behalf of other Kibana users.

4.3
2018-03-30 CVE-2018-3820 Elastic Cross-site Scripting vulnerability in Elastic Kibana 6.1.1/6.1.2

Kibana versions after 6.1.0 and before 6.1.3 had a cross-site scripting (XSS) vulnerability in labs visualizations that could allow an attacker to obtain sensitive information from or perform destructive actions on behalf of other Kibana users.

4.3
2018-03-30 CVE-2018-3818 Elastic Cross-site Scripting vulnerability in Elastic Kibana

Kibana versions 5.1.1 to 6.1.2 and 5.6.6 had a cross-site scripting (XSS) vulnerability via the colored fields formatter that could allow an attacker to obtain sensitive information from or perform destructive actions on behalf of other Kibana users.

4.3
2018-03-30 CVE-2018-3741 Rubyonrails Cross-site Scripting vulnerability in Rubyonrails Html Sanitizer

There is a possible XSS vulnerability in all rails-html-sanitizer gem versions below 1.0.4 for Ruby.

4.3
2018-03-30 CVE-2018-9147 Gespage Cross-site Scripting vulnerability in Gespage 7.5.7

Cross-site scripting (XSS) vulnerabilities in version 7.5.7 of Gespage software allow remote attackers to inject arbitrary web script or HTML via the email, passwd, and repasswd parameters to webapp/users/user_reg.jsp.

4.3
2018-03-30 CVE-2018-5799 Zohocorp Cross-site Scripting vulnerability in Zohocorp Manageengine Servicedesk Plus

In Zoho ManageEngine ServiceDesk Plus before 9403, an XSS issue allows an attacker to run arbitrary JavaScript via a /api/request/?OPERATION_NAME= URI, aka SD-69139.

4.3
2018-03-30 CVE-2018-9145 Exiv2 Improper Input Validation vulnerability in Exiv2 0.26

In the DataBuf class in include/exiv2/types.hpp in Exiv2 0.26, an issue exists in the constructor with an initial buffer size.

4.3
2018-03-30 CVE-2018-9140 Samsung Cross-site Scripting vulnerability in Samsung Mobile 6.0

On Samsung mobile devices with M(6.0) software, the Email application allows XSS via an event attribute and arbitrary file loading via a src attribute, aka SVE-2017-10747.

4.3
2018-03-30 CVE-2018-9138 GNU Uncontrolled Recursion vulnerability in GNU Binutils 2.29/2.30

An issue was discovered in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.29 and 2.30.

4.3
2018-03-30 CVE-2018-9133 Imagemagick
Canonical
Excessive Iteration vulnerability in multiple products

ImageMagick 7.0.7-26 Q16 has excessive iteration in the DecodeLabImage and EncodeLabImage functions (coders/tiff.c), which results in a hang (tens of minutes) with a tiny PoC file.

4.3
2018-03-30 CVE-2018-9132 Libming
Debian
NULL Pointer Dereference vulnerability in multiple products

libming 0.4.8 has a NULL pointer dereference in the getInt function of the decompile.c file.

4.3
2018-03-30 CVE-2018-9130 Ibos Cross-site Scripting vulnerability in Ibos 4.4.3

IBOS 4.4.3 has XSS via a company full name.

4.3
2018-03-29 CVE-2014-6604 Subscribe2 Project Cross-site Scripting vulnerability in Subscribe2 Project Subscribe2

Cross-site scripting (XSS) vulnerability in class-s2-list-table.php in the Subscribe2 plugin before 10.16 for WordPress allows remote attackers to inject arbitrary web script or HTML via the ip parameter.

4.3
2018-03-29 CVE-2018-6588 CA Cross-site Scripting vulnerability in CA API Developer Portal 3.5

CA API Developer Portal 3.5 up to and including 3.5 CR5 has a reflected cross-site scripting vulnerability related to the apiExplorer.

4.3
2018-03-29 CVE-2018-6587 CA Cross-site Scripting vulnerability in CA API Developer Portal 3.5

CA API Developer Portal 3.5 up to and including 3.5 CR6 has a reflected cross-site scripting vulnerability related to the widgetID variable.

4.3
2018-03-29 CVE-2018-6586 CA Cross-site Scripting vulnerability in CA API Developer Portal 3.5

CA API Developer Portal 3.5 up to and including 3.5 CR6 has a stored cross-site scripting vulnerability related to profile picture processing.

4.3
2018-03-28 CVE-2018-0190 Cisco Cross-site Scripting vulnerability in Cisco IOS XE

Multiple vulnerabilities in the web-based user interface (web UI) of Cisco IOS XE Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web UI of the affected software.

4.3
2018-03-28 CVE-2018-0188 Cisco Cross-site Scripting vulnerability in Cisco IOS XE

Multiple vulnerabilities in the web-based user interface (web UI) of Cisco IOS XE Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web UI of the affected software.

4.3
2018-03-28 CVE-2018-0186 Cisco Cross-site Scripting vulnerability in Cisco IOS XE

Multiple vulnerabilities in the web-based user interface (web UI) of Cisco IOS XE Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web UI of the affected software.

4.3
2018-03-28 CVE-2018-6608 Opera Information Exposure vulnerability in Opera Browser 51.0.2830.55

In the WebRTC component in Opera 51.0.2830.55, after visiting a web site that attempts to gather complete client information (such as https://ip.voidsec.com), the browser can disclose a private IP address in a STUN request.

4.3
2018-03-28 CVE-2018-7676 Netiq Information Exposure vulnerability in Netiq Identity Manager

The NetIQ Identity Manager, in versions prior to 4.7, userapp with log / trace enabled may leak sensitive information.

4.3
2018-03-27 CVE-2018-9058 Long Range ZIP Project Infinite Loop vulnerability in Long Range ZIP Project Long Range ZIP 0.631

In Long Range Zip (aka lrzip) 0.631, there is an infinite loop in the runzip_fd function of runzip.c.

4.3
2018-03-27 CVE-2018-0739 Openssl
Debian
Canonical
Uncontrolled Recursion vulnerability in multiple products

Constructed ASN.1 types with a recursive definition (such as can be found in PKCS7) could eventually exceed the stack given malicious input with excessive recursion.

4.3
2018-03-27 CVE-2018-0733 Openssl Unspecified vulnerability in Openssl

Because of an implementation bug the PA-RISC CRYPTO_memcmp function is effectively reduced to only comparing the least significant bit of each byte.

4.3
2018-03-27 CVE-2017-7632 Qnap Cross-site Scripting vulnerability in Qnap QTS 4.2.6/4.3.3

Cross-site scripting (XSS) vulnerability in File Station of QNAP QTS 4.2.6 build 20171026, QTS 4.3.3 build 20170727 and earlier allows remote attackers to inject arbitrary web script or HTML.

4.3
2018-03-27 CVE-2017-7631 Qnap Cross-site Scripting vulnerability in Qnap QTS 4.2.6/4.3.3

Cross-site scripting (XSS) vulnerability in the share link function of File Station of QNAP 4.2.6 build 20171026, QTS 4.3.3 build 20170727 and earlier allows remote attackers to inject arbitrary web script or HTML.

4.3
2018-03-27 CVE-2018-8048 Debian
Loofah Project
Cross-site Scripting vulnerability in multiple products

In the Loofah gem through 2.2.0 for Ruby, non-whitelisted HTML attributes may occur in sanitized output by republishing a crafted HTML fragment.

4.3
2018-03-27 CVE-2018-7196 Osticket Cross-site Scripting vulnerability in Osticket

Cross-site scripting (XSS) vulnerability in /scp/index.php in Enhancesoft osTicket before 1.10.2 allows remote attackers to inject arbitrary web script or HTML via the "sort" parameter.

4.3
2018-03-27 CVE-2018-7195 Osticket Unspecified vulnerability in Osticket

Enhancesoft osTicket before 1.10.2 allows remote attackers to reset arbitrary passwords (when an associated e-mail address is known) by leveraging guest access and guessing a 6-digit number.

4.3
2018-03-27 CVE-2018-7193 Osticket Cross-site Scripting vulnerability in Osticket

Cross-site scripting (XSS) vulnerability in /scp/directory.php in Enhancesoft osTicket before 1.10.2 allows remote attackers to inject arbitrary web script or HTML via the "order" parameter.

4.3
2018-03-27 CVE-2018-7192 Osticket Cross-site Scripting vulnerability in Osticket

Cross-site scripting (XSS) vulnerability in /ajax.php/form/help-topic in Enhancesoft osTicket before 1.10.2 allows remote attackers to inject arbitrary web script or HTML via the "message" parameter.

4.3
2018-03-27 CVE-2015-4954 IBM Improper Certificate Validation vulnerability in IBM Bigfix Remote Control 9.1.2

IBM BigFix Remote Control before Interim Fix pack 9.1.2-TIV-IBRC912-IF0001 improperly allows self-signed certificates, which might allow remote attackers to conduct spoofing attacks via unspecified vectors.

4.3
2018-03-27 CVE-2018-8763 Debian
Ldap Account Manager
Cross-site Scripting vulnerability in multiple products

Roland Gruber Softwareentwicklung LDAP Account Manager before 6.3 has XSS via the dn parameter to the templates/3rdParty/pla/htdocs/cmd.php URI or the template parameter to the templates/3rdParty/pla/htdocs/cmd.php?cmd=rename_form URI.

4.3
2018-03-27 CVE-2018-6882 Synacor Cross-site Scripting vulnerability in Synacor Zimbra Collaboration Suite

Cross-site scripting (XSS) vulnerability in the ZmMailMsgView.getAttachmentLinkHtml function in Zimbra Collaboration Suite (ZCS) before 8.7 Patch 1 and 8.8.x before 8.8.7 might allow remote attackers to inject arbitrary web script or HTML via a Content-Location header in an email attachment.

4.3
2018-03-27 CVE-2018-0202 Clamav
Canonical
Debian
Out-of-bounds Read vulnerability in multiple products

clamscan in ClamAV before 0.99.4 contains a vulnerability that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device.

4.3
2018-03-27 CVE-2018-9055 Jasper Project Reachable Assertion vulnerability in Jasper Project Jasper 2.0.14

JasPer 2.0.14 allows denial of service via a reachable assertion in the function jpc_firstone in libjasper/jpc/jpc_math.c.

4.3
2018-03-27 CVE-2017-18254 Imagemagick
Canonical
Missing Release of Resource after Effective Lifetime vulnerability in multiple products

An issue was discovered in ImageMagick 7.0.7.

4.3
2018-03-27 CVE-2017-18253 Imagemagick NULL Pointer Dereference vulnerability in Imagemagick 7.0.7

An issue was discovered in ImageMagick 7.0.7.

4.3
2018-03-27 CVE-2017-18252 Imagemagick
Canonical
Reachable Assertion vulnerability in multiple products

An issue was discovered in ImageMagick 7.0.7.

4.3
2018-03-27 CVE-2017-18251 Imagemagick
Canonical
Missing Release of Resource after Effective Lifetime vulnerability in multiple products

An issue was discovered in ImageMagick 7.0.7.

4.3
2018-03-27 CVE-2017-18250 Imagemagick NULL Pointer Dereference vulnerability in Imagemagick 7.0.70

An issue was discovered in ImageMagick 7.0.7.

4.3
2018-03-26 CVE-2018-7543 Snapcreek Cross-site Scripting vulnerability in Snapcreek Duplicator 1.2.32

Cross-site scripting (XSS) vulnerability in installer/build/view.step4.php of the SnapCreek Duplicator plugin 1.2.32 for WordPress allows remote attackers to inject arbitrary JavaScript or HTML via the json parameter.

4.3
2018-03-26 CVE-2018-1302 Apache
Canonical
Netapp
NULL Pointer Dereference vulnerability in multiple products

When an HTTP/2 stream was destroyed after being handled, the Apache HTTP Server prior to version 2.4.30 could have written a NULL pointer potentially to an already freed memory.

4.3
2018-03-26 CVE-2018-1301 Apache
Debian
Canonical
Netapp
Redhat
Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products

A specially crafted request could have crashed the Apache HTTP Server prior to version 2.4.30, due to an out of bound access after a size limit is reached by reading the HTTP header.

4.3
2018-03-30 CVE-2018-3817 Elastic Information Exposure vulnerability in Elastic Logstash

When logging warnings regarding deprecated settings, Logstash before 5.6.6 and 6.x before 6.1.2 could inadvertently log sensitive information.

4.0
2018-03-30 CVE-2017-1766 IBM Incorrect Authorization vulnerability in IBM Business Process Manager

Due to incorrect authorization in IBM Business Process Manager 8.6 an attacker can claim and work on ad hoc tasks he is not assigned to.

4.0
2018-03-30 CVE-2017-1765 IBM Information Exposure vulnerability in IBM products

IBM Business Process Manager 8.6 could allow an authenticated user with special privileges to reveal sensitive information about the application server.

4.0
2018-03-30 CVE-2017-1747 IBM Improper Input Validation vulnerability in IBM Websphere MQ

A specially crafted message could cause a denial of service in IBM WebSphere MQ 9.0, 9.0.0.1, 9.0.0.2, 9.0.1, 9.0.2, 9.0.3, and 9.0.4 applications consuming messages that it needs to perform data conversion on.

4.0
2018-03-30 CVE-2017-1705 IBM Information Exposure vulnerability in IBM Security Privileged Identity Manager 2.1.0

IBM Security Privileged Identity Manager 2.1.0 contains left-over, sensitive information in page comments.

4.0
2018-03-30 CVE-2017-9681 Google Information Exposure vulnerability in Google Android

In Android before 2017-08-05 on Qualcomm MSM, Firefox OS for MSM, QRD Android, and all Android releases from CAF using the Linux kernel, if kernel memory address is passed from userspace through iris_vidioc_s_ext_ctrls ioctl, it will print kernel address data.

4.0
2018-03-29 CVE-2016-6658 Cloudfoundry
Pivotal Software
Information Exposure vulnerability in multiple products

Applications in cf-release before 245 can be configured and pushed with a user-provided custom buildpack using a URL pointing to the buildpack.

4.0
2018-03-29 CVE-2014-5028 Reviewboard Information Exposure vulnerability in Reviewboard Review Board

The Original File and Patched File resources in Review Board 1.7.x before 1.7.27 and 2.0.x before 2.0.4 allow remote authenticated users to bypass intended access restrictions and obtain sensitive information from repository files by leveraging knowledge of database ids.

4.0
2018-03-28 CVE-2018-0196 Cisco Unspecified vulnerability in Cisco IOS XE 16.1.2/16.2.0/16.3(1)

A vulnerability in the web-based user interface (web UI) of Cisco IOS XE Software could allow an authenticated, remote attacker to write arbitrary files to the operating system of an affected device.

4.0
2018-03-27 CVE-2014-5132 Avolvesoftware Information Exposure vulnerability in Avolvesoftware Projectdox 8.1

Avolve Software ProjectDox 8.1 allows remote attackers to enumerate users via vectors related to email addresses.

4.0
2018-03-27 CVE-2014-5131 Avolvesoftware Information Exposure vulnerability in Avolvesoftware Projectdox 8.1

Avolve Software ProjectDox 8.1 makes it easier for remote authenticated users to obtain sensitive information by leveraging ciphertext reuse.

4.0
2018-03-27 CVE-2014-5130 Avolvesoftware Information Exposure vulnerability in Avolvesoftware Projectdox 8.1

Avolve Software ProjectDox 8.1 allows remote authenticated users to obtain sensitive information from other users via vectors involving a direct access token.

4.0
2018-03-27 CVE-2018-7194 Osticket Integer Overflow or Wraparound vulnerability in Osticket

Integer format vulnerability in the ticket number generator in Enhancesoft osTicket before 1.10.2 allows remote attackers to cause a denial-of-service (preventing the creation of new tickets) via a large number of digits in the ticket number format setting.

4.0
2018-03-27 CVE-2015-5016 IBM Information Exposure vulnerability in IBM products

IBM Maximo Asset Management 7.1, 7.5, and 7.6; Maximo Asset Management Essentials 7.1 and 7.5; Control Desk 7.5 and 7.6; Tivoli Asset Management for IT 7.1 and 7.2; and certain other IBM products allow remote authenticated users to bypass intended access restrictions and read arbitrary ticket worklog entries via unspecified vectors.

4.0
2018-03-27 CVE-2018-9039 Octopus Missing Authorization vulnerability in Octopus Deploy

In Octopus Deploy 2.0 and later before 2018.3.7, an authenticated user, with variable edit permissions, can scope some variables to targets greater than their permissions should allow.

4.0
2018-03-26 CVE-2015-7424 IBM Information Exposure vulnerability in IBM Infosphere Master Data Management

IBM InfoSphere Master Data Management (MDM) - Collaborative Edition 9.1, 10.1, 11.0, 11.3, 11.4, and 11.5 allow remote authenticated users to bypass intended access restrictions and obtain sensitive information by leveraging Catalogs access.

4.0
2018-03-26 CVE-2015-7401 IBM Information Exposure vulnerability in IBM Curam Social Program Management

IBM Curam Social Program Management 6.1.x before 6.1.1.1 allows remote authenticated users to bypass intended access restrictions and obtain sensitive document information by guessing the document id.

4.0

30 Low Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2018-04-01 CVE-2018-9172 Iptanus Cross-site Scripting vulnerability in Iptanus Wordpress File Upload

The Iptanus WordPress File Upload plugin before 4.3.3 for WordPress mishandles shortcode attributes.

3.5
2018-03-30 CVE-2018-1390 IBM Cross-site Scripting vulnerability in IBM Financial Transaction Manager

IBM Financial Transaction Manager for Check Services for Multi-Platform 3.0, 3.0.2, and 3.0.2.1 is vulnerable to cross-site scripting.

3.5
2018-03-30 CVE-2018-1384 IBM Cross-site Scripting vulnerability in IBM products

IBM Business Process Manager 8.6 is vulnerable to cross-site scripting.

3.5
2018-03-30 CVE-2017-1767 IBM Cross-site Scripting vulnerability in IBM Business Process Manager

IBM Business Process Manager 8.6 is vulnerable to cross-site scripting.

3.5
2018-03-29 CVE-2018-1191 Cloudfoundry Information Exposure vulnerability in Cloudfoundry Cf-Deployment and Garden-Runc-Release

Cloud Foundry Garden-runC, versions prior to 1.11.0, contains an information exposure vulnerability.

3.5
2018-03-29 CVE-2018-9123 Crea8Social Cross-site Scripting vulnerability in Crea8Social 2018.2

In Crea8social 2018.2, there is Stored Cross-Site Scripting via a User Profile.

3.5
2018-03-29 CVE-2018-9122 Crea8Social Cross-site Scripting vulnerability in Crea8Social 2018.2

In Crea8social 2018.2, there is Reflected Cross-Site Scripting via the term parameter to the /search URI.

3.5
2018-03-29 CVE-2018-9121 Crea8Social Cross-site Scripting vulnerability in Crea8Social 2018.2

In Crea8social 2018.2, there is Stored Cross-Site Scripting via a post comment.

3.5
2018-03-29 CVE-2018-9120 Crea8Social Cross-site Scripting vulnerability in Crea8Social 2018.2

In Crea8social 2018.2, there is Stored Cross-Site Scripting via a post.

3.5
2018-03-28 CVE-2018-1142 Tenable Cross-site Scripting vulnerability in Tenable Appliance

Tenable Appliance versions 4.6.1 and earlier have been found to contain a single XSS vulnerability.

3.5
2018-03-26 CVE-2018-1202 Dell Cross-site Scripting vulnerability in Dell EMC Isilon 7.1.1.11

Dell EMC Isilon versions between 8.1.0.0 - 8.1.0.1, 8.0.1.0 - 8.0.1.2, and 8.0.0.0 - 8.0.0.6, and version 7.1.1.11 is affected by a cross-site scripting vulnerability in the NDMP Page within the OneFS web administration interface.

3.5
2018-03-26 CVE-2018-1201 Dell Cross-site Scripting vulnerability in Dell EMC Isilon 7.1.1.11

Dell EMC Isilon versions between 8.1.0.0 - 8.1.0.1, 8.0.1.0 - 8.0.1.2, and 8.0.0.0 - 8.0.0.6, versions 7.2.1.x, and version 7.1.1.11 is affected by a cross-site scripting vulnerability in the Job Operations Page within the OneFS web administration interface.

3.5
2018-03-26 CVE-2018-1189 Dell Cross-site Scripting vulnerability in Dell EMC Isilon

Dell EMC Isilon versions between 8.1.0.0 - 8.1.0.1, 8.0.1.0 - 8.0.1.2, and 8.0.0.0 - 8.0.0.6, versions 7.2.1.x, and version 7.1.1.11 is affected by a cross-site scripting vulnerability in the Antivirus Page within the OneFS web administration interface.

3.5
2018-03-26 CVE-2018-1188 Dell Cross-site Scripting vulnerability in Dell EMC Isilon

Dell EMC Isilon versions between 8.1.0.0 - 8.1.0.1, 8.0.1.0 - 8.0.1.2, and 8.0.0.0 - 8.0.0.6, and versions 7.2.1.x is affected by a cross-site scripting vulnerability in the Authorization Providers page within the OneFS web administration interface.

3.5
2018-03-26 CVE-2018-1187 Dell Cross-site Scripting vulnerability in Dell EMC Isilon

Dell EMC Isilon versions between 8.1.0.0 - 8.1.0.1, 8.0.1.0 - 8.0.1.2, and 8.0.0.0 - 8.0.0.6 is affected by a cross-site scripting vulnerability in the Network Configuration page within the OneFS web administration interface.

3.5
2018-03-26 CVE-2018-1186 Dell Cross-site Scripting vulnerability in Dell EMC Isilon

Dell EMC Isilon versions between 8.1.0.0 - 8.1.0.1, 8.0.1.0 - 8.0.1.2, and 8.0.0.0 - 8.0.0.6, versions 7.2.1.x, and version 7.1.1.11 is affected by a cross-site scripting vulnerability in the Cluster description of the OneFS web administration interface.

3.5
2018-03-26 CVE-2015-7423 IBM Cross-site Scripting vulnerability in IBM Infosphere Master Data Management

Multiple cross-site scripting (XSS) vulnerabilities in IBM InfoSphere Master Data Management (MDM) - Collaborative Edition 9.1, 10.1, 11.0, 11.3, and 11.4 allow remote authenticated users to inject arbitrary web script or HTML via unspecified vectors.

3.5
2018-03-26 CVE-2017-18248 Apple Improper Input Validation vulnerability in Apple Cups

The add_job function in scheduler/ipp.c in CUPS before 2.2.6, when D-Bus support is enabled, can be crashed by remote attackers by sending print jobs with an invalid username, related to a D-Bus notification.

3.5
2018-03-26 CVE-2018-1283 Apache
Debian
Canonical
Netapp
Redhat
In Apache httpd 2.4.0 to 2.4.29, when mod_session is configured to forward its session data to CGI applications (SessionEnv on, not the default), a remote user may influence their content by using a "Session" header.
3.5
2018-03-26 CVE-2018-9020 Events Manager Project Cross-site Scripting vulnerability in Events Manager Project Events Manager

The Events Manager plugin before 5.8.1.2 for WordPress allows XSS via the events-manager.js mapTitle parameter in the Google Maps miniature.

3.5
2018-03-28 CVE-2018-0163 Cisco Improper Authentication vulnerability in Cisco IOS

A vulnerability in the 802.1x multiple-authentication (multi-auth) feature of Cisco IOS Software could allow an unauthenticated, adjacent attacker to bypass the authentication phase on an 802.1x multi-auth port.

3.3
2018-03-30 CVE-2018-1234 RSA Information Exposure vulnerability in RSA Authentication Agent FOR web

RSA Authentication Agent version 8.0.1 and earlier for Web for IIS is affected by a problem where access control list (ACL) permissions on a Windows Named Pipe were not sufficient to prevent access by unauthorized users.

2.1
2018-03-30 CVE-2017-9693 Google Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android

The length of attribute value for STA_EXT_CAPABILITY in __wlan_hdd_change_station in Android for MSM, Firefox OS for MSM, and QRD Android before 2017-06-06 being less than the actual lenth of StaParams.extn_capability results in a read for extra bytes when a memcpy is done from params->ext_capab to StaParams.extn_capability using the sizeof(StaParams.extn_capability).

2.1
2018-03-30 CVE-2017-17769 Google Information Exposure vulnerability in Google Android

Information leakage in Android for MSM, Firefox OS for MSM, and QRD Android can occur in the audio driver.

2.1
2018-03-30 CVE-2017-1756 IBM Information Exposure vulnerability in IBM products

IBM Business Process Manager 8.6 allows web pages to be stored locally which can be read by another user on the system.

2.1
2018-03-26 CVE-2015-7434 IBM Information Exposure vulnerability in IBM Capacity Management Analytics 2.1.0.0

IBM Capacity Management Analytics 2.1.0.0 allows local users to discover encrypted usernames and passwords by leveraging access to the CMA install machine.

2.1
2018-03-26 CVE-2015-7433 IBM Information Exposure vulnerability in IBM Capacity Management Analytics 2.1.0.0

IBM Capacity Management Analytics 2.1.0.0 allows local users to discover cleartext usernames and passwords by leveraging access to the CMA install machine.

2.1
2018-03-26 CVE-2015-7432 IBM Information Exposure vulnerability in IBM Capacity Management Analytics 2.1.0.0

IBM Capacity Management Analytics 2.1.0.0 allows local users to decrypt usernames and passwords by leveraging access to setenv.sh and parameter.txt.

2.1
2018-03-26 CVE-2015-5045 IBM Information Exposure vulnerability in IBM Rational License KEY Server

The Administration and Reporting tool in IBM Rational License Key Server (RLKS) before 8.1.4.9 iFix 04 allows local users to obtain sensitive information via unspecified vectors.

2.1
2018-03-30 CVE-2017-9691 Google Race Condition vulnerability in Google Android

There is a race condition in Android for MSM, Firefox OS for MSM, and QRD Android that allows to access to already free'd memory in the debug message output functionality contained within the mobicore driver.

1.9