Weekly Vulnerabilities Reports > April 2 to 8, 2018

Overview

444 new vulnerabilities reported during this period, including 83 critical vulnerabilities and 118 high severity vulnerabilities. This weekly summary report vulnerabilities in 518 products from 87 vendors including Apple, Google, Microsoft, Canonical, and Debian. Vulnerabilities are notably categorized as "Improper Restriction of Operations within the Bounds of a Memory Buffer", "Information Exposure", "Improper Input Validation", "Permissions, Privileges, and Access Controls", and "Cross-site Scripting".

  • 371 reported vulnerabilities are remotely exploitables.
  • 45 reported vulnerabilities have public exploit available.
  • 59 reported vulnerabilities are related to weaknesses in OWASP Top Ten.
  • 415 reported vulnerabilities are exploitable by an anonymous user.
  • Apple has the most reported vulnerabilities, with 122 reported vulnerabilities.
  • Google has the most reported critical vulnerabilities, with 40 reported vulnerabilities.

TOTAL
VULNERABILITIES
CRITICAL RISK
VULNERABILITIES
HIGH RISK
VULNERABILITIES
MEDIUM RISK
VULNERABILITIES
LOW RISK
VULNERABILITIES
REMOTELY
EXPLOITABLE
LOCALLY
EXPLOITABLE
EXPLOIT
AVAILABLE
EXPLOITABLE
ANONYMOUSLY
AFFECTING
WEB APPLICATION

Vulnerability Details

The following table list reported vulnerabilities for the period covered by this report:

Expand/Hide

83 Critical Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2018-04-05 CVE-2014-3413 Juniper Use of Hard-coded Credentials vulnerability in Juniper Junos Space 13.3

The MySQL server in Juniper Networks Junos Space before 13.3R1.8 has an unspecified account with a hardcoded password, which allows remote attackers to obtain sensitive information and consequently obtain administrative control by leveraging database access.

10.0
2018-04-04 CVE-2018-9285 Asus OS Command Injection vulnerability in Asus products

Main_Analysis_Content.asp in /apply.cgi on ASUS RT-AC66U, RT-AC68U, RT-AC86U, RT-AC88U, RT-AC1900, RT-AC2900, and RT-AC3100 devices before 3.0.0.4.384_10007; RT-N18U devices before 3.0.0.4.382.39935; RT-AC87U and RT-AC3200 devices before 3.0.0.4.382.50010; and RT-AC5300 devices before 3.0.0.4.384.20287 allows OS command injection via the pingCNT and destIP fields of the SystemCmd variable.

10.0
2018-04-04 CVE-2018-1469 IBM Unspecified vulnerability in IBM API Connect

IBM API Connect Developer Portal 5.0.0.0 through 5.0.8.2 could allow an unauthenticated attacker to execute system commands using specially crafted HTTP requests.

10.0
2018-04-04 CVE-2016-8488 Google Permissions, Privileges, and Access Controls vulnerability in Google Android

An elevation of privilege vulnerability in Qualcomm closed source components.

10.0
2018-04-04 CVE-2016-8487 Google Permissions, Privileges, and Access Controls vulnerability in Google Android

An elevation of privilege vulnerability in Qualcomm closed source components.

10.0
2018-04-04 CVE-2016-8484 Google Permissions, Privileges, and Access Controls vulnerability in Google Android

An elevation of privilege vulnerability in Qualcomm closed source components.

10.0
2018-04-04 CVE-2016-10299 Google Permissions, Privileges, and Access Controls vulnerability in Google Android

An elevation of privilege vulnerability in Qualcomm closed source components.

10.0
2018-04-04 CVE-2016-10298 Google Permissions, Privileges, and Access Controls vulnerability in Google Android

An elevation of privilege vulnerability in Qualcomm closed source components.

10.0
2018-04-04 CVE-2016-10233 Google Permissions, Privileges, and Access Controls vulnerability in Google Android

An elevation of privilege vulnerability in the Qualcomm video driver.

10.0
2018-04-04 CVE-2016-10230 Google Permissions, Privileges, and Access Controls vulnerability in Google Android

A remote code execution vulnerability in the Qualcomm crypto driver.

10.0
2018-04-04 CVE-2015-9014 Google Permissions, Privileges, and Access Controls vulnerability in Google Android

An elevation of privilege vulnerability in Qualcomm closed source components.

10.0
2018-04-04 CVE-2015-9013 Google Permissions, Privileges, and Access Controls vulnerability in Google Android

An elevation of privilege vulnerability in Qualcomm closed source components.

10.0
2018-04-04 CVE-2015-9012 Google Permissions, Privileges, and Access Controls vulnerability in Google Android

An elevation of privilege vulnerability in Qualcomm closed source components.

10.0
2018-04-04 CVE-2015-9011 Google Permissions, Privileges, and Access Controls vulnerability in Google Android

An elevation of privilege vulnerability in Qualcomm closed source components.

10.0
2018-04-04 CVE-2015-9010 Google Permissions, Privileges, and Access Controls vulnerability in Google Android

An elevation of privilege vulnerability in Qualcomm closed source components.

10.0
2018-04-04 CVE-2015-9009 Google Permissions, Privileges, and Access Controls vulnerability in Google Android

An elevation of privilege vulnerability in Qualcomm closed source components.

10.0
2018-04-04 CVE-2015-9008 Google Permissions, Privileges, and Access Controls vulnerability in Google Android

An elevation of privilege vulnerability in Qualcomm closed source components.

10.0
2018-04-04 CVE-2014-9959 Google Permissions, Privileges, and Access Controls vulnerability in Google Android

An elevation of privilege vulnerability in Qualcomm closed source components.

10.0
2018-04-04 CVE-2014-9958 Google Permissions, Privileges, and Access Controls vulnerability in Google Android

An elevation of privilege vulnerability in Qualcomm closed source components.

10.0
2018-04-04 CVE-2014-9957 Google Permissions, Privileges, and Access Controls vulnerability in Google Android

An elevation of privilege vulnerability in Qualcomm closed source components.

10.0
2018-04-04 CVE-2014-9956 Google Permissions, Privileges, and Access Controls vulnerability in Google Android

An elevation of privilege vulnerability in Qualcomm closed source components.

10.0
2018-04-04 CVE-2014-9955 Google Permissions, Privileges, and Access Controls vulnerability in Google Android

An elevation of privilege vulnerability in Qualcomm closed source components.

10.0
2018-04-04 CVE-2014-9954 Google Permissions, Privileges, and Access Controls vulnerability in Google Android

An elevation of privilege vulnerability in Qualcomm closed source components.

10.0
2018-04-04 CVE-2014-9953 Google Permissions, Privileges, and Access Controls vulnerability in Google Android

An elevation of privilege vulnerability in Qualcomm closed source components.

10.0
2018-04-04 CVE-2017-13272 Google Use After Free vulnerability in Google Android

In alarm_ready_generic of alarm.cc, there is a possible out of bounds write due to a use after free.

10.0
2018-04-04 CVE-2017-13266 Google Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android

In avrc_pars_vendor_cmd of avrc_pars_tg.cc, there is a possible stack corruption due to a missing bounds check.

10.0
2018-04-04 CVE-2017-13292 Google Out-of-bounds Write vulnerability in Google Android

In wl_get_assoc_ies of wl_cfg80211.c, there is a possible out of bounds write due to an incorrect bounds check.

10.0
2018-04-04 CVE-2017-13285 Google Out-of-bounds Write vulnerability in Google Android

In SvoxSsmlParser and startElement of svox_ssml_parser.cpp, there is a possible out of bounds write due to an uninitialized buffer.

10.0
2018-04-04 CVE-2017-13284 Google Improper Input Validation vulnerability in Google Android

In config_set_string of config.cc, it is possible to pair a second BT keyboard without user approval due to improper input validation.

10.0
2018-04-04 CVE-2017-13283 Google Out-of-bounds Write vulnerability in Google Android

In avrc_ctrl_pars_vendor_rsp of bluetooth avrcp_ctrl, there is a possible out of bounds write on the stack due to a missing bounds check.

10.0
2018-04-04 CVE-2017-13282 Google Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android

In avrc_ctrl_pars_vendor_rsp of avrc_pars_ct.cc, there is a possible stack buffer overflow due to a missing bounds check.

10.0
2018-04-04 CVE-2017-13281 Google Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android 8.0/8.1

In avrc_pars_browsing_cmd of avrc_pars_tg.cc, there is a possible stack buffer overflow due to an incorrect bounds check.

10.0
2018-04-04 CVE-2017-13267 Google Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android

In avrc_pars_vendor_cmd of avrc_pars_tg.cc, there is a possible stack corruption due to a missing bounds check.

10.0
2018-04-03 CVE-2018-4164 Apple Unspecified vulnerability in Apple Xcode

An issue was discovered in certain Apple products.

10.0
2018-04-06 CVE-2018-1270 Vmware
Oracle
Redhat
Debian
Code Injection vulnerability in multiple products

Spring Framework, versions 5.0 prior to 5.0.5 and versions 4.3 prior to 4.3.15 and older unsupported versions, allow applications to expose STOMP over WebSocket endpoints with a simple, in-memory STOMP broker through the spring-messaging module.

9.8
2018-04-05 CVE-2017-14468 Rockwellautomation Unspecified vulnerability in Rockwellautomation Micrologix 1400 B Firmware

An exploitable access control vulnerability exists in the data, program, and function file permissions functionality of Allen Bradley Micrologix 1400 Series B FRN 21.2 and before.

9.8
2018-04-05 CVE-2017-14467 Rockwellautomation Unspecified vulnerability in Rockwellautomation Micrologix 1400 B Firmware

An exploitable access control vulnerability exists in the data, program, and function file permissions functionality of Allen Bradley Micrologix 1400 Series B FRN 21.2 and before.

9.8
2018-04-05 CVE-2017-14466 Rockwellautomation Unspecified vulnerability in Rockwellautomation Micrologix 1400 B Firmware

An exploitable access control vulnerability exists in the data, program, and function file permissions functionality of Allen Bradley Micrologix 1400 Series B FRN 21.2 and before.

9.8
2018-04-05 CVE-2017-14465 Rockwellautomation Unspecified vulnerability in Rockwellautomation Micrologix 1400 B Firmware

An exploitable access control vulnerability exists in the data, program, and function file permissions functionality of Allen Bradley Micrologix 1400 Series B FRN 21.2 and before.

9.8
2018-04-05 CVE-2017-14464 Rockwellautomation Unspecified vulnerability in Rockwellautomation Micrologix 1400 B Firmware

An exploitable access control vulnerability exists in the data, program, and function file permissions functionality of Allen Bradley Micrologix 1400 Series B FRN 21.2 and before.

9.8
2018-04-05 CVE-2017-14463 Rockwellautomation Unspecified vulnerability in Rockwellautomation Micrologix 1400 B Firmware

An exploitable access control vulnerability exists in the data, program, and function file permissions functionality of Allen Bradley Micrologix 1400 Series B FRN 21.2 and before.

9.8
2018-04-05 CVE-2017-14462 Rockwellautomation Unspecified vulnerability in Rockwellautomation Micrologix 1400 B Firmware

An exploitable access control vulnerability exists in the data, program, and function file permissions functionality of Allen Bradley Micrologix 1400 Series B FRN 21.2 and before.

9.8
2018-04-05 CVE-2018-9309 Zzcms SQL Injection vulnerability in Zzcms 8.2

An issue was discovered in zzcms 8.2.

9.8
2018-04-04 CVE-2018-9284 Dlink Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Dlink Singapore Starhub Firmware

authentication.cgi on D-Link DIR-868L devices with Singapore StarHub firmware before v1.21SHCb03 allows remote attackers to execute arbitrary code.

9.8
2018-04-03 CVE-2017-3972 Mcafee Information Exposure vulnerability in Mcafee Network Security Manager

Infrastructure-based foot printing vulnerability in the web interface in McAfee Network Security Management (NSM) before 8.2.7.42.2 allows attackers to execute arbitrary code via the server banner leaking potentially sensitive or security relevant information.

9.8
2018-04-02 CVE-2018-9230 Openresty SQL Injection vulnerability in Openresty

In OpenResty through 1.13.6.1, URI parameters are obtained using the ngx.req.get_uri_args and ngx.req.get_post_args functions that ignore parameters beyond the hundredth one, which might allow remote attackers to bypass intended access restrictions or interfere with certain Web Application Firewall (ngx_lua_waf or X-WAF) products.

9.8
2018-04-02 CVE-2018-1295 Apache Deserialization of Untrusted Data vulnerability in Apache Ignite

In Apache Ignite 2.3 or earlier, the serialization mechanism does not have a list of classes allowed for serialization/deserialization, which makes it possible to run arbitrary code when 3-rd party vulnerable classes are present in Ignite classpath.

9.8
2018-04-02 CVE-2016-8717 Moxa Use of Hard-coded Credentials vulnerability in Moxa Awk-3131A Firmware 1.1

An exploitable Use of Hard-coded Credentials vulnerability exists in the Moxa AWK-3131A Wireless Access Point running firmware 1.1.

9.8
2018-04-04 CVE-2016-10232 Google Permissions, Privileges, and Access Controls vulnerability in Google Android

An elevation of privilege vulnerability in the Qualcomm video driver.

9.3
2018-04-04 CVE-2016-10231 Google Permissions, Privileges, and Access Controls vulnerability in Google Android

An elevation of privilege vulnerability in the Qualcomm sound codec driver.

9.3
2018-04-04 CVE-2018-0986 Microsoft Out-of-bounds Write vulnerability in Microsoft products

A remote code execution vulnerability exists when the Microsoft Malware Protection Engine does not properly scan a specially crafted file, leading to memory corruption, aka "Microsoft Malware Protection Engine Remote Code Execution Vulnerability." This affects Windows Defender, Windows Intune Endpoint Protection, Microsoft Security Essentials, Microsoft System Center Endpoint Protection, Microsoft Exchange Server, Microsoft System Center, Microsoft Forefront Endpoint Protection.

9.3
2018-04-04 CVE-2017-13253 Google Out-of-bounds Write vulnerability in Google Android 8.0/8.1

In CryptoPlugin::decrypt of CryptoPlugin.cpp, there is a possible out of bounds write due to a missing bounds check.

9.3
2018-04-04 CVE-2017-13252 Google Out-of-bounds Write vulnerability in Google Android 8.0/8.1

In CryptoHal::decrypt of CryptoHal.cpp, there is an out of bounds write due to improper input validation that results in a read from uninitialized memory.

9.3
2018-04-04 CVE-2017-13251 Google Out-of-bounds Write vulnerability in Google Android

In impeg2d_dec_pic_data_thread of impeg2d_dec_hdr.c, there is a possible out of bounds write due to a missing bounds check.

9.3
2018-04-04 CVE-2017-13250 Google Out-of-bounds Write vulnerability in Google Android

In ih264d_fmt_conv_420sp_to_420p of ih264d_utils.c, there is an out of bound write due to a missing out of bounds check because of a multiplication error.

9.3
2018-04-04 CVE-2017-13249 Google Out-of-bounds Write vulnerability in Google Android

In impeg2d_api_set_display_frame of impeg2d_api_main.c, there is an out of bound write due to a missing bounds check.

9.3
2018-04-04 CVE-2017-13248 Google Out-of-bounds Write vulnerability in Google Android

In impeg2_idct_recon_sse42() of impeg2_idct_recon_sse42_intr.c, there is an out of bound write due to a missing bounds check.

9.3
2018-04-04 CVE-2017-13277 Google Out-of-bounds Write vulnerability in Google Android

In ihevcd_fmt_conv of ihevcd_fmt_conv.c, there is a possible out of bounds write due to a missing bounds check.

9.3
2018-04-03 CVE-2017-17770 Google NULL Pointer Dereference vulnerability in Google Android

In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with all Android releases from CAF using the Linux kernel before security patch level 2018-04-05, in a power driver ioctl handler, an Untrusted Pointer Dereference may potentially occur.

9.3
2018-04-03 CVE-2018-4160 Apple Out-of-bounds Read vulnerability in Apple mac OS X

An issue was discovered in certain Apple products.

9.3
2018-04-03 CVE-2018-4150 Apple Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple products

An issue was discovered in certain Apple products.

9.3
2018-04-03 CVE-2018-4144 Apple
Microsoft
Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple products

An issue was discovered in certain Apple products.

9.3
2018-04-03 CVE-2018-4143 Apple Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple products

An issue was discovered in certain Apple products.

9.3
2018-04-03 CVE-2018-4139 Apple Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple mac OS X

An issue was discovered in certain Apple products.

9.3
2018-04-03 CVE-2018-4136 Apple Out-of-bounds Read vulnerability in Apple mac OS X

An issue was discovered in certain Apple products.

9.3
2018-04-03 CVE-2018-4135 Apple Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple mac OS X

An issue was discovered in certain Apple products.

9.3
2018-04-03 CVE-2018-4132 Apple Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple mac OS X

An issue was discovered in certain Apple products.

9.3
2018-04-03 CVE-2018-4109 Apple Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple TV, Iphone OS and Watchos

An issue was discovered in certain Apple products.

9.3
2018-04-03 CVE-2018-4098 Apple Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple mac OS X

An issue was discovered in certain Apple products.

9.3
2018-04-03 CVE-2018-4097 Apple Improper Input Validation vulnerability in Apple mac OS X

An issue was discovered in certain Apple products.

9.3
2018-04-03 CVE-2018-4095 Apple Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple TV, Iphone OS and Watchos

An issue was discovered in certain Apple products.

9.3
2018-04-03 CVE-2018-4087 Apple Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple TV, Iphone OS and Watchos

An issue was discovered in certain Apple products.

9.3
2018-04-03 CVE-2018-4083 Apple Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple mac OS X

An issue was discovered in certain Apple products.

9.3
2018-04-03 CVE-2018-4082 Apple Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple products

An issue was discovered in certain Apple products.

9.3
2018-04-03 CVE-2017-7172 Apple
Microsoft
Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple products

An issue was discovered in certain Apple products.

9.3
2018-04-03 CVE-2017-7171 Apple Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple products

An issue was discovered in certain Apple products.

9.3
2018-04-03 CVE-2017-7170 Apple Improper Input Validation vulnerability in Apple mac OS X

An issue was discovered in certain Apple products.

9.3
2018-04-03 CVE-2017-13854 Apple Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple products

An issue was discovered in certain Apple products.

9.3
2018-04-03 CVE-2017-13853 Apple Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple mac OS X

An issue was discovered in certain Apple products.

9.3
2018-04-03 CVE-2017-13827 Apple Unspecified vulnerability in Apple mac OS X 10.13.0

An issue was discovered in certain Apple products.

9.3
2018-04-05 CVE-2018-1282 Apache SQL Injection vulnerability in Apache Hive

This vulnerability in Apache Hive JDBC driver 0.7.1 to 2.3.2 allows carefully crafted arguments to be used to bypass the argument escaping/cleanup that JDBC driver does in PreparedStatement implementation.

9.1
2018-04-04 CVE-2018-1002150 Koji Project Incorrect Permission Assignment for Critical Resource vulnerability in Koji Project Koji

Koji version 1.12, 1.13, 1.14 and 1.15 contain an incorrect access control vulnerability resulting in arbitrary filesystem read/write access.

9.1
2018-04-03 CVE-2018-4124 Apple Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple products

An issue was discovered in certain Apple products.

9.0

118 High Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2018-04-07 CVE-2018-9846 Roundcube
Debian
Improper Input Validation vulnerability in multiple products

In Roundcube from versions 1.2.0 to 1.3.5, with the archive plugin enabled and configured, it's possible to exploit the unsanitized, user-controlled "_uid" parameter (in an archive.php _task=mail&_mbox=INBOX&_action=plugin.move2archive request) to perform an MX (IMAP) injection attack by placing an IMAP command after a %0d%0a sequence.

8.8
2018-04-07 CVE-2018-9841 Ffmpeg Out-of-bounds Read vulnerability in Ffmpeg

The export function in libavfilter/vf_signature.c in FFmpeg through 3.4.2 allows remote attackers to cause a denial of service (out-of-array access) or possibly have unspecified other impact via a long filename.

8.8
2018-04-04 CVE-2018-1097 Theforeman
Redhat
Information Exposure vulnerability in multiple products

A flaw was found in foreman before 1.16.1.

8.8
2018-04-04 CVE-2017-3965 Mcafee Cross-Site Request Forgery (CSRF) vulnerability in Mcafee Network Security Manager

Cross-Site Request Forgery (CSRF) (aka Session Riding) vulnerability in the web interface in McAfee Network Security Management (NSM) before 8.2.7.42.2 allows remote attackers to perform unauthorized tasks such as retrieving internal system information or manipulating the database via specially crafted URLs.

8.8
2018-04-03 CVE-2018-8941 D Link Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in D-Link Dsl-3782 Firmware 1.01

Diagnostics functionality on D-Link DSL-3782 devices with firmware EU v.

8.8
2018-04-03 CVE-2018-1098 Redhat
Fedoraproject
Cross-Site Request Forgery (CSRF) vulnerability in multiple products

A cross-site request forgery flaw was found in etcd 3.3.1 and earlier.

8.8
2018-04-04 CVE-2017-13256 Google Out-of-bounds Write vulnerability in Google Android

In process_service_search_attr_req of sdp_server.cc, there is an out of bounds write due to a missing bounds check.

8.3
2018-04-04 CVE-2017-13255 Google Out-of-bounds Write vulnerability in Google Android

In process_service_attr_req of sdp_server.c, there is an out of bounds write due to a missing bounds check.

8.3
2018-04-03 CVE-2017-15822 Google Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android

In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with all Android releases from CAF using the Linux kernel before security patch level 2018-04-05, while processing a 802.11 management frame, a buffer overflow may potentially occur.

8.3
2018-04-05 CVE-2017-12090 Rockwellautomation Resource Exhaustion vulnerability in Rockwellautomation Micrologix 1400 B Firmware

An exploitable denial of service vulnerability exists in the processing of snmp-set commands of the Allen Bradley Micrologix 1400 Series B FRN 21.2 and below.

7.8
2018-04-05 CVE-2017-12089 Rockwellautomation Unspecified vulnerability in Rockwellautomation Micrologix 1400 B Firmware

An exploitable denial of service vulnerability exists in the program download functionality of Allen Bradley Micrologix 1400 Series B FRN 21.2 and before.

7.8
2018-04-05 CVE-2017-12088 Rockwellautomation Improper Input Validation vulnerability in Rockwellautomation Micrologix 1400 B Firmware

An exploitable denial of service vulnerability exists in the Ethernet functionality of the Allen Bradley Micrologix 1400 Series B FRN 21.2 and below.

7.8
2018-04-04 CVE-2017-13254 Google Unspecified vulnerability in Google Android

A other vulnerability in the Android media framework (AACExtractor).

7.8
2018-04-04 CVE-2017-13302 Google Improper Input Validation vulnerability in Google Android 8.0

A denial of service vulnerability in the Android system (system ui).

7.8
2018-04-04 CVE-2017-13301 Google Improper Input Validation vulnerability in Google Android 8.0

A denial of service vulnerability in the Android system (system ui).

7.8
2018-04-04 CVE-2017-13291 Google NULL Pointer Dereference vulnerability in Google Android

In avrc_ctrl_pars_vendor_rsp of avrc_pars_ct.cc, there is a possible NULL pointer dereference due to missing bounds checks.

7.8
2018-04-04 CVE-2018-6918 Freebsd Infinite Loop vulnerability in Freebsd

In FreeBSD before 11.1-STABLE, 11.1-RELEASE-p9, 10.4-STABLE, 10.4-RELEASE-p8 and 10.3-RELEASE-p28, the length field of the ipsec option header does not count the size of the option header itself, causing an infinite loop when the length is zero.

7.8
2018-04-03 CVE-2018-4140 Apple NULL Pointer Dereference vulnerability in Apple Iphone OS

An issue was discovered in certain Apple products.

7.8
2018-04-03 CVE-2017-13904 Apple Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple products

An issue was discovered in certain Apple products.

7.8
2018-04-02 CVE-2018-6661 Mcafee Untrusted Search Path vulnerability in Mcafee True KEY 3.1.9211.0/4.0.0.0/4.20

DLL Side-Loading vulnerability in Microsoft Windows Client in McAfee True Key before 4.20.110 allows local users to gain privilege elevation via not verifying a particular DLL file signature.

7.8
2018-04-03 CVE-2018-4167 Apple Race Condition vulnerability in Apple products

An issue was discovered in certain Apple products.

7.6
2018-04-03 CVE-2018-4166 Apple Race Condition vulnerability in Apple products

An issue was discovered in certain Apple products.

7.6
2018-04-03 CVE-2018-4158 Apple Race Condition vulnerability in Apple Iphone OS, mac OS X and Watchos

An issue was discovered in certain Apple products.

7.6
2018-04-03 CVE-2018-4157 Apple Race Condition vulnerability in Apple products

An issue was discovered in certain Apple products.

7.6
2018-04-03 CVE-2018-4156 Apple Race Condition vulnerability in Apple Iphone OS and mac OS X

An issue was discovered in certain Apple products.

7.6
2018-04-03 CVE-2018-4155 Apple Race Condition vulnerability in Apple products

An issue was discovered in certain Apple products.

7.6
2018-04-03 CVE-2018-4154 Apple Race Condition vulnerability in Apple Iphone OS and mac OS X

An issue was discovered in certain Apple products.

7.6
2018-04-03 CVE-2018-4152 Apple Race Condition vulnerability in Apple mac OS X

An issue was discovered in certain Apple products.

7.6
2018-04-03 CVE-2018-4151 Apple Race Condition vulnerability in Apple Iphone OS and mac OS X

An issue was discovered in certain Apple products.

7.6
2018-04-07 CVE-2018-9848 Gxlcms Code Injection vulnerability in Gxlcms QY 1.0.0713

In Gxlcms QY v1.0.0713, the upload function in Lib\Lib\Action\Admin\UploadAction.class.php allows remote attackers to execute arbitrary PHP code by first using an Admin-Admin-Configsave request to change the config[upload_class] value from jpg,gif,png,jpeg to jpg,gif,png,jpeg,php and then making an Admin-Upload-Upload request.

7.5
2018-04-07 CVE-2018-9847 Gxlcms Code Injection vulnerability in Gxlcms QY 1.0.0713

In Gxlcms QY v1.0.0713, the update function in Lib\Lib\Action\Admin\TplAction.class.php allows remote attackers to execute arbitrary PHP code by placing this code into a template.

7.5
2018-04-07 CVE-2018-9326 Etherpad Unspecified vulnerability in Etherpad 1.6.3

Etherpad 1.6.3 before 1.6.4 allows an attacker to execute arbitrary code.

7.5
2018-04-07 CVE-2018-9331 Zzcms Path Traversal vulnerability in Zzcms 8.2

An issue was discovered in zzcms 8.2.

7.5
2018-04-06 CVE-2018-9838 Ocaml Integer Overflow or Wraparound vulnerability in Ocaml 4.06.0

The caml_ba_deserialize function in byterun/bigarray.c in the standard library in OCaml 4.06.0 has an integer overflow which, in situations where marshalled data is accepted from an untrusted source, allows remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via a crafted object.

7.5
2018-04-06 CVE-2014-3539 Rope Project Unspecified vulnerability in Rope Project Rope

base/oi/doa.py in the Rope library in CPython (aka Python) allows remote attackers to execute arbitrary code by leveraging an unsafe call to pickle.load.

7.5
2018-04-05 CVE-2017-14473 Rockwellautomation Unspecified vulnerability in Rockwellautomation Micrologix 1400 B Firmware

An exploitable access control vulnerability exists in the data, program, and function file permissions functionality of Allen Bradley Micrologix 1400 Series B FRN 21.2 and before.

7.5
2018-04-05 CVE-2017-14472 Rockwellautomation Unspecified vulnerability in Rockwellautomation Micrologix 1400 B Firmware

An exploitable access control vulnerability exists in the data, program, and function file permissions functionality of Allen Bradley Micrologix 1400 Series B FRN 21.2 and before.

7.5
2018-04-05 CVE-2017-14471 Rockwellautomation Unspecified vulnerability in Rockwellautomation Micrologix 1400 B Firmware

An exploitable access control vulnerability exists in the data, program, and function file permissions functionality of Allen Bradley Micrologix 1400 Series B FRN 21.2 and before.

7.5
2018-04-05 CVE-2017-14470 Rockwellautomation Unspecified vulnerability in Rockwellautomation Micrologix 1400 B Firmware

An exploitable access control vulnerability exists in the data, program, and function file permissions functionality of Allen Bradley Micrologix 1400 Series B FRN 21.2 and before.

7.5
2018-04-05 CVE-2017-14469 Rockwellautomation Unspecified vulnerability in Rockwellautomation Micrologix 1400 B Firmware

An exploitable access control vulnerability exists in the data, program, and function file permissions functionality of Allen Bradley Micrologix 1400 Series B FRN 21.2 and before.

7.5
2018-04-05 CVE-2017-2869 Natus Out-of-bounds Write vulnerability in Natus Xltek Neuroworks 8

An exploitable code execution vulnerability exists in the OpenProducer functionality of Natus Xltek NeuroWorks 8.

7.5
2018-04-05 CVE-2017-2868 Natus Out-of-bounds Write vulnerability in Natus Xltek Neuroworks 8

An exploitable code execution vulnerability exists in the NewProducerStream functionality of Natus Xltek NeuroWorks 8.

7.5
2018-04-05 CVE-2017-2867 Natus Out-of-bounds Write vulnerability in Natus Xltek Neuroworks 8

An exploitable code execution vulnerability exists in the SavePatientMontage functionality of Natus Xltek NeuroWorks 8.

7.5
2018-04-05 CVE-2017-2853 Natus Out-of-bounds Write vulnerability in Natus Xltek Neuroworks 8

An exploitable Code Execution vulnerability exists in the RequestForPatientInfoEEGfile functionality of Natus Xltek NeuroWorks 8.

7.5
2018-04-05 CVE-2016-8380 Phoenixcontact Improper Authentication vulnerability in Phoenixcontact ILC Plcs Firmware

The web server in Phoenix Contact ILC PLCs allows access to read and write PLC variables without authentication.

7.5
2018-04-05 CVE-2016-8371 Phoenixcontact Improper Authentication vulnerability in Phoenixcontact ILC Plcs Firmware

The web server in Phoenix Contact ILC PLCs can be accessed without authenticating even if the authentication mechanism is enabled.

7.5
2018-04-04 CVE-2018-6873 Auth0 Improper Authentication vulnerability in Auth0 Auth0.Js

The Auth0 authentication service before 2017-10-15 allows privilege escalation because the JWT audience is not validated.

7.5
2018-04-04 CVE-2017-13271 Google Unspecified vulnerability in Google Android

A elevation of privilege vulnerability in the upstream kernel mnh_sm driver.

7.5
2018-04-04 CVE-2017-13270 Google Unspecified vulnerability in Google Android

A elevation of privilege vulnerability in the upstream kernel mnh_sm driver.

7.5
2018-04-04 CVE-2017-13265 Google Unspecified vulnerability in Google Android

A elevation of privilege vulnerability in the Android system (OTA updates).

7.5
2018-04-04 CVE-2017-13263 Google Unspecified vulnerability in Google Android 8.0/8.1

A elevation of privilege vulnerability in the Android framework.

7.5
2018-04-04 CVE-2017-13307 Google Unspecified vulnerability in Google Android

A elevation of privilege vulnerability in the Upstream kernel pci sysfs.

7.5
2018-04-04 CVE-2017-13306 Google Unspecified vulnerability in Google Android

A elevation of privilege vulnerability in the Upstream kernel mnh driver.

7.5
2018-04-04 CVE-2017-13278 Google Use After Free vulnerability in Google Android

In MediaPlayerService::Client::notify of MediaPlayerService.cpp, there is a possible use after free.

7.5
2018-04-04 CVE-2017-13274 Google Origin Validation Error vulnerability in Google Android

In the getHost() function of UriTest.java, there is the possibility of incorrect web origin determination.

7.5
2018-04-04 CVE-2018-9249 Fiberhome Improper Authentication vulnerability in Fiberhome Vdsl2 Modem HG 150-Ub Firmware

FiberHome VDSL2 Modem HG 150-UB devices allow authentication bypass by ignoring the parent.location='login.html' JavaScript code in the response to an unauthenticated request.

7.5
2018-04-04 CVE-2018-9248 Fiberhome Improper Authentication vulnerability in Fiberhome Vdsl2 Modem HG 150-Ub Firmware

FiberHome VDSL2 Modem HG 150-UB devices allow authentication bypass via a "Cookie: Name=0admin" header.

7.5
2018-04-04 CVE-2018-9274 Wireshark Missing Release of Resource after Effective Lifetime vulnerability in Wireshark

In Wireshark 2.4.0 to 2.4.5 and 2.2.0 to 2.2.13, ui/failure_message.c has a memory leak.

7.5
2018-04-04 CVE-2018-9273 Wireshark
Debian
Missing Release of Resource after Effective Lifetime vulnerability in multiple products

In Wireshark 2.4.0 to 2.4.5 and 2.2.0 to 2.2.13, epan/dissectors/packet-pcp.c has a memory leak.

7.5
2018-04-04 CVE-2018-9272 Wireshark Missing Release of Resource after Effective Lifetime vulnerability in Wireshark

In Wireshark 2.4.0 to 2.4.5 and 2.2.0 to 2.2.13, epan/dissectors/packet-h223.c has a memory leak.

7.5
2018-04-04 CVE-2018-9271 Wireshark Missing Release of Resource after Effective Lifetime vulnerability in Wireshark

In Wireshark 2.4.0 to 2.4.5 and 2.2.0 to 2.2.13, epan/dissectors/packet-multipart.c has a memory leak.

7.5
2018-04-04 CVE-2018-9270 Wireshark
Debian
Missing Release of Resource after Effective Lifetime vulnerability in multiple products

In Wireshark 2.4.0 to 2.4.5 and 2.2.0 to 2.2.13, epan/oids.c has a memory leak.

7.5
2018-04-04 CVE-2018-9269 Wireshark
Debian
Missing Release of Resource after Effective Lifetime vulnerability in multiple products

In Wireshark 2.4.0 to 2.4.5 and 2.2.0 to 2.2.13, epan/dissectors/packet-giop.c has a memory leak.

7.5
2018-04-04 CVE-2018-9268 Wireshark
Debian
Missing Release of Resource after Effective Lifetime vulnerability in multiple products

In Wireshark 2.4.0 to 2.4.5 and 2.2.0 to 2.2.13, epan/dissectors/packet-smb2.c has a memory leak.

7.5
2018-04-04 CVE-2018-9267 Wireshark
Debian
Missing Release of Resource after Effective Lifetime vulnerability in multiple products

In Wireshark 2.4.0 to 2.4.5 and 2.2.0 to 2.2.13, epan/dissectors/packet-lapd.c has a memory leak.

7.5
2018-04-04 CVE-2018-9266 Wireshark Missing Release of Resource after Effective Lifetime vulnerability in Wireshark

In Wireshark 2.4.0 to 2.4.5 and 2.2.0 to 2.2.13, epan/dissectors/packet-isup.c has a memory leak.

7.5
2018-04-04 CVE-2018-9265 Wireshark
Debian
Missing Release of Resource after Effective Lifetime vulnerability in multiple products

In Wireshark 2.4.0 to 2.4.5 and 2.2.0 to 2.2.13, epan/dissectors/packet-tn3270.c has a memory leak.

7.5
2018-04-04 CVE-2018-9264 Wireshark
Debian
Out-of-bounds Write vulnerability in multiple products

In Wireshark 2.4.0 to 2.4.5 and 2.2.0 to 2.2.13, the ADB dissector could crash with a heap-based buffer overflow.

7.5
2018-04-04 CVE-2018-9263 Wireshark
Debian
In Wireshark 2.4.0 to 2.4.5 and 2.2.0 to 2.2.13, the Kerberos dissector could crash.
7.5
2018-04-04 CVE-2018-9262 Wireshark
Debian
Improper Input Validation vulnerability in multiple products

In Wireshark 2.4.0 to 2.4.5 and 2.2.0 to 2.2.13, the VLAN dissector could crash.

7.5
2018-04-04 CVE-2018-9261 Wireshark
Debian
Excessive Iteration vulnerability in multiple products

In Wireshark 2.4.0 to 2.4.5 and 2.2.0 to 2.2.13, the NBAP dissector could crash with a large loop that ends with a heap-based buffer overflow.

7.5
2018-04-04 CVE-2018-9260 Wireshark
Debian
Improper Input Validation vulnerability in multiple products

In Wireshark 2.4.0 to 2.4.5 and 2.2.0 to 2.2.13, the IEEE 802.15.4 dissector could crash.

7.5
2018-04-04 CVE-2018-9259 Wireshark
Debian
Improper Input Validation vulnerability in multiple products

In Wireshark 2.4.0 to 2.4.5 and 2.2.0 to 2.2.13, the MP4 dissector could crash.

7.5
2018-04-04 CVE-2018-9258 Wireshark
Debian
Improper Input Validation vulnerability in multiple products

In Wireshark 2.4.0 to 2.4.5, the TCP dissector could crash.

7.5
2018-04-04 CVE-2018-9257 Wireshark Infinite Loop vulnerability in Wireshark

In Wireshark 2.4.0 to 2.4.5, the CQL dissector could go into an infinite loop.

7.5
2018-04-04 CVE-2018-9256 Wireshark
Debian
Improper Input Validation vulnerability in multiple products

In Wireshark 2.4.0 to 2.4.5 and 2.2.0 to 2.2.13, the LWAPP dissector could crash.

7.5
2018-04-04 CVE-2018-9247 Gxlcms SQL Injection vulnerability in Gxlcms QY 1.0.0713

The upsql function in \Lib\Lib\Action\Admin\DataAction.class.php in Gxlcms QY v1.0.0713 allows remote attackers to execute arbitrary SQL statements via the sql parameter.

7.5
2018-04-03 CVE-2018-9240 Ncmpc Project
Debian
Canonical
NULL Pointer Dereference vulnerability in multiple products

ncmpc through 0.29 is prone to a NULL pointer dereference flaw.

7.5
2018-04-03 CVE-2018-8780 Ruby Lang
Canonical
Debian
Path Traversal vulnerability in Ruby-Lang Ruby

In Ruby before 2.2.10, 2.3.x before 2.3.7, 2.4.x before 2.4.4, 2.5.x before 2.5.1, and 2.6.0-preview1, the Dir.open, Dir.new, Dir.entries and Dir.empty? methods do not check NULL characters.

7.5
2018-04-03 CVE-2018-3641 Intel Unspecified vulnerability in Intel Remote Keyboard Mobile APP

Escalation of privilege in all versions of the Intel Remote Keyboard allows a network attacker to inject keystrokes as a local user.

7.5
2018-04-03 CVE-2018-5822 Google Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android

In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with all Android releases from CAF using the Linux kernel before security patch level 2018-04-05, compromised WLAN FW can potentially cause a buffer overwrite.

7.5
2018-04-03 CVE-2018-5821 Google Out-of-bounds Read vulnerability in Google Android

In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with all Android releases from CAF using the Linux kernel before security patch level 2018-04-05, in function wma_wow_wakeup_host_event(), wake_info->vdev_id is received from FW and is used directly as array index to access wma->interfaces whose max index should be (max_bssid-1).

7.5
2018-04-03 CVE-2018-5820 Google Integer Overflow or Wraparound vulnerability in Google Android

In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with all Android releases from CAF using the Linux kernel before security patch level 2018-04-05, in the function wma_tbttoffset_update_event_handler(), a parameter received from firmware is used to allocate memory for a local buffer and is not properly validated.

7.5
2018-04-03 CVE-2018-3599 Google Use After Free vulnerability in Google Android

In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with all Android releases from CAF using the Linux kernel before security patch level 2018-04-05, while notifying a DCI client, a Use After Free condition can occur.

7.5
2018-04-03 CVE-2018-3596 Google Unspecified vulnerability in Google Android

In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with all Android releases from CAF using the Linux kernel before security patch level 2018-04-05, legacy code vulnerable after migration has been removed.

7.5
2018-04-03 CVE-2017-18147 Google Improper Input Validation vulnerability in Google Android

In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with all Android releases from CAF using the Linux kernel before security patch level 2018-04-05, in MMCP, a downlink message is not being properly validated.

7.5
2018-04-03 CVE-2017-15836 Google Integer Overflow or Wraparound vulnerability in Google Android

In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with all Android releases from CAF using the Linux kernel before security patch level 2018-04-05, if the firmware sends a service ready event to the host with a large number in the num_hw_modes or num_phy, then it could result in an integer overflow which may potentially lead to a buffer overflow.

7.5
2018-04-03 CVE-2017-14894 Google Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android

In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with all Android releases from CAF using the Linux kernel before security patch level 2018-04-05, in wma_vdev_start_resp_handler(), vdev id is received from firmware as part of WMI_VDEV_START_RESP_EVENTID.

7.5
2018-04-03 CVE-2017-14890 Google Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android

In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with all Android releases from CAF using the Linux kernel before security patch level 2018-04-05, in the processing of an SWBA event, the vdev_map value is not properly validated leading to a potential buffer overwrite in function wma_send_bcn_buf_ll().

7.5
2018-04-03 CVE-2018-4148 Apple Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple Iphone OS

An issue was discovered in certain Apple products.

7.5
2018-04-03 CVE-2018-4115 Apple Improper Preservation of Permissions vulnerability in Apple products

An issue was discovered in certain Apple products.

7.5
2018-04-03 CVE-2018-4110 Apple Unspecified vulnerability in Apple Iphone OS

An issue was discovered in certain Apple products.

7.5
2018-04-03 CVE-2018-4108 Apple Improper Input Validation vulnerability in Apple mac OS X

An issue was discovered in certain Apple products.

7.5
2018-04-03 CVE-2018-4105 Apple Improper Input Validation vulnerability in Apple mac OS X

An issue was discovered in certain Apple products.

7.5
2018-04-03 CVE-2018-4091 Apple Unspecified vulnerability in Apple mac OS X

An issue was discovered in certain Apple products.

7.5
2018-04-02 CVE-2018-9127 Botan Project Improper Certificate Validation vulnerability in Botan Project Botan 2.2.0/2.3.0/2.4.0

Botan 2.2.0 - 2.4.0 (fixed in 2.5.0) improperly handled wildcard certificates and could accept certain certificates as valid for hostnames when, under RFC 6125 rules, they should not match.

7.5
2018-04-02 CVE-2018-9175 Dedecms Code Injection vulnerability in Dedecms 5.7

DedeCMS 5.7 allows remote attackers to execute arbitrary PHP code via the egroup parameter to uploads/dede/stepselect_main.php because code within the database is accessible to uploads/dede/sys_cache_up.php.

7.5
2018-04-02 CVE-2018-9174 Dedecms Code Injection vulnerability in Dedecms 5.7

sys_verifies.php in DedeCMS 5.7 allows remote attackers to execute arbitrary PHP code via the refiles array parameter, because the contents of modifytmp.inc are under an attacker's control.

7.5
2018-04-06 CVE-2014-1226 S3Dvt Project Permissions, Privileges, and Access Controls vulnerability in S3Dvt Project S3Dvt 0.2.2

The pipe_init_terminal function in main.c in s3dvt allows local users to gain privileges by leveraging setuid permissions and usage of bash 4.3 and earlier.

7.2
2018-04-06 CVE-2013-6876 S3Dvt Project Permissions, Privileges, and Access Controls vulnerability in S3Dvt Project S3Dvt 0.2.2

The (1) pty_init_terminal and (2) pipe_init_terminal functions in main.c in s3dvt 0.2.2 and earlier allows local users to gain privileges by leveraging setuid permissions and usage of bash 4.3 and earlier.

7.2
2018-04-05 CVE-2017-0431 Google Security vulnerability in Google Android Qualcomm components

An elevation of privilege vulnerability in Qualcomm closed source components.

7.2
2018-04-05 CVE-2016-8482 Google Permissions, Privileges, and Access Controls vulnerability in Google Android

An elevation of privilege vulnerability in the NVIDIA GPU driver.

7.2
2018-04-04 CVE-2015-9015 Google Permissions, Privileges, and Access Controls vulnerability in Google Android

An elevation of privilege vulnerability in Qualcomm closed source components.

7.2
2018-04-04 CVE-2017-13293 Google Out-of-bounds Write vulnerability in Google Android

In the nfc_hci_cmd_received() function of core.c, there is a possible out of bounds write due to a missing bounds check.

7.2
2018-04-04 CVE-2017-13289 Google Incorrect Calculation of Buffer Size vulnerability in Google Android

In writeToParcel and createFromParcel of RttManager.java, there is a permission bypass due to a write size mismatch.

7.2
2018-04-04 CVE-2017-13288 Google Incorrect Calculation vulnerability in Google Android 8.0/8.1

In writeToParcel and readFromParcel of PeriodicAdvertisingReport.java, there is a permission bypass due to a 64/32bit int mismatch.

7.2
2018-04-04 CVE-2017-13287 Google Improper Input Validation vulnerability in Google Android

In createFromParcel of VerifyCredentialResponse.java, there is a possible invalid parcel read due to improper input validation.

7.2
2018-04-04 CVE-2017-13286 Google Deserialization of Untrusted Data vulnerability in Google Android 8.0/8.1

In writeToParcel and readFromParcel of OutputConfiguration.java, there is a permission bypass due to mismatched serialization.

7.2
2018-04-03 CVE-2018-3638 Intel Unspecified vulnerability in Intel Remote Keyboard Mobile APP

Escalation of privilege in all versions of the Intel Remote Keyboard allows an authorized local attacker to execute arbitrary code as a privileged user.

7.2
2018-04-03 CVE-2018-0493 Eyrie
Debian
Use After Free vulnerability in multiple products

remctld in remctl before 3.14, when an attacker is authorized to execute a command that uses the sudo option, has a use-after-free that leads to a daemon crash, memory corruption, or arbitrary command execution.

7.2
2018-04-02 CVE-2018-6251 Nvidia
Microsoft
Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Nvidia GPU Driver

NVIDIA Windows GPU Display Driver contains a vulnerability in the DirectX 10 Usermode driver, where a specially crafted pixel shader can cause writing to unallocated memory, leading to denial of service or potential code execution.

7.2
2018-04-02 CVE-2018-6250 Nvidia
Microsoft
NULL Pointer Dereference vulnerability in Nvidia GPU Driver

NVIDIA Windows GPU Display Driver contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape where a NULL pointer dereference occurs which may lead to denial of service or possible escalation of privileges.

7.2
2018-04-02 CVE-2018-6249 Nvidia
Freebsd
Linux
Microsoft
Oracle
NULL Pointer Dereference vulnerability in Nvidia GPU Driver

NVIDIA GPU Display Driver contains a vulnerability in kernel mode layer handler where a NULL pointer dereference may lead to denial of service or potential escalation of privileges.

7.2
2018-04-02 CVE-2018-6248 Nvidia
Microsoft
Out-of-bounds Read vulnerability in Nvidia GPU Driver

NVIDIA Windows GPU Display Driver contains a vulnerability in the kernel mode layer handler for DxgkDdiEscape where the software uses a sequential operation to read or write a buffer, but it uses an incorrect length value that causes it to access memory that is outside of the bounds of the buffer which may lead to denial of service or possible escalation of privileges.

7.2
2018-04-02 CVE-2018-6247 Nvidia
Microsoft
NULL Pointer Dereference vulnerability in Nvidia GPU Driver

NVIDIA Windows GPU Display Driver contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape where a NULL pointer dereference may lead to denial of service or possible escalation of privileges.

7.2
2018-04-02 CVE-2018-0194 Cisco OS Command Injection vulnerability in Cisco IOS XE

Multiple vulnerabilities in the CLI parser of Cisco IOS XE Software could allow an authenticated, local attacker to inject arbitrary commands into the CLI of the affected software, which could allow the attacker to gain access to the underlying Linux shell of an affected device and execute commands with root privileges on the device.

7.2
2018-04-02 CVE-2018-1038 Microsoft Unspecified vulnerability in Microsoft Windows 7 and Windows Server 2008

The Windows kernel in Windows 7 SP1 and Windows Server 2008 R2 SP1 allows an elevation of privilege vulnerability due to the way it handles objects in memory, aka "Windows Kernel Elevation of Privilege Vulnerability."

7.2
2018-04-02 CVE-2018-1093 Linux Out-of-bounds Read vulnerability in Linux Kernel

The ext4_valid_block_bitmap function in fs/ext4/balloc.c in the Linux kernel through 4.15.15 allows attackers to cause a denial of service (out-of-bounds read and system crash) via a crafted ext4 image because balloc.c and ialloc.c do not validate bitmap block numbers.

7.1

206 Medium Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2018-04-05 CVE-2015-9016 Google Permissions, Privileges, and Access Controls vulnerability in Google Android

In blk_mq_tag_to_rq in blk-mq.c in the upstream kernel, there is a possible use after free due to a race condition when a request has been previously freed by blk_mq_complete_request.

6.9
2018-04-04 CVE-2017-6424 Google Privilege Escalation vulnerability in Google Android Qualcomm Wi-Fi Driver

An elevation of privilege vulnerability in the Qualcomm WiFi driver.

6.9
2018-04-04 CVE-2017-6423 Google Privilege Escalation vulnerability in Google Android Qualcomm Kyro L2 Driver

An elevation of privilege vulnerability in the Qualcomm kyro L2 driver.

6.9
2018-04-07 CVE-2018-9327 Etherpad Improper Input Validation vulnerability in Etherpad

Etherpad 1.5.x and 1.6.x before 1.6.4 allows an attacker to execute arbitrary code on the server.

6.8
2018-04-06 CVE-2014-5072 Wpsecurityauditlog Cross-Site Request Forgery (CSRF) vulnerability in Wpsecurityauditlog WP Security Audit LOG

Cross-site request forgery (CSRF) vulnerability in WP Security Audit Log plugin before 1.2.5 for WordPress allows remote attackers to hijack the authentication of unspecified victims via unknown vectors.

6.8
2018-04-06 CVE-2014-5034 Fresh Media Cross-Site Request Forgery (CSRF) vulnerability in Fresh-Media Brute Force Login Protection 1.3

Cross-site request forgery (CSRF) vulnerability in the Brute Force Login Protection module 1.3 for WordPress allows remote attackers to hijack the authentication of unspecified users for requests that have unknown impact via a crafted request to the brute-force-login-protection page to wp-admin/options-general.php.

6.8
2018-04-06 CVE-2018-1000156 GNU
Canonical
Debian
Redhat
Improper Input Validation vulnerability in multiple products

GNU Patch version 2.7.6 contains an input validation vulnerability when processing patch files, specifically the EDITOR_PROGRAM invocation (using ed) can result in code execution.

6.8
2018-04-05 CVE-2018-1000153 Jenkins Cross-Site Request Forgery (CSRF) vulnerability in Jenkins Vsphere

A cross-site request forgery vulnerability exists in Jenkins vSphere Plugin 2.16 and older in Clone.java, CloudSelectorParameter.java, ConvertToTemplate.java, ConvertToVm.java, Delete.java, DeleteSnapshot.java, Deploy.java, ExposeGuestInfo.java, FolderVSphereCloudProperty.java, PowerOff.java, PowerOn.java, Reconfigure.java, Rename.java, RenameSnapshot.java, RevertToSnapshot.java, SuspendVm.java, TakeSnapshot.java, VSphereBuildStepContainer.java, vSphereCloudProvisionedSlave.java, vSphereCloudSlave.java, vSphereCloudSlaveTemplate.java, VSphereConnectionConfig.java, vSphereStep.java that allows attackers to perform form validation related actions, including sending numerous requests to the configured vSphere server, potentially resulting in denial of service, or send credentials stored in Jenkins with known ID to an attacker-specified server ("test connection").

6.8
2018-04-05 CVE-2018-1000151 Jenkins Improper Certificate Validation vulnerability in Jenkins Vsphere

A man in the middle vulnerability exists in Jenkins vSphere Plugin 2.16 and older in VSphere.java that disables SSL/TLS certificate validation by default.

6.8
2018-04-05 CVE-2018-1000149 Jenkins Unspecified vulnerability in Jenkins Ansible

A man in the middle vulnerability exists in Jenkins Ansible Plugin 0.8 and older in AbstractAnsibleInvocation.java, AnsibleAdHocCommandBuilder.java, AnsibleAdHocCommandInvocationTest.java, AnsibleContext.java, AnsibleJobDslExtension.java, AnsiblePlaybookBuilder.java, AnsiblePlaybookStep.java that disables host key verification by default.

6.8
2018-04-04 CVE-2018-1082 Moodle Improper Authentication vulnerability in Moodle

A flaw was found in Moodle 3.4 to 3.4.1, and 3.3 to 3.3.4.

6.8
2018-04-04 CVE-2018-9035 Contact Form 7 TO Database Extension Project Improper Neutralization of Formula Elements in a CSV File vulnerability in Contact-Form-7-To-Database-Extension Project Contact-Form-7-To-Database-Extension

CSV Injection vulnerability in ExportToCsvUtf8.php of the Contact Form 7 to Database Extension plugin 2.10.32 for WordPress allows remote attackers to inject spreadsheet formulas into CSV files via the contact form.

6.8
2018-04-04 CVE-2018-6874 Auth0 Cross-Site Request Forgery (CSRF) vulnerability in Auth0 Auth0.Js

CSRF exists in the Auth0 authentication service through 14591 if the Legacy Lock API flag is enabled.

6.8
2018-04-04 CVE-2017-13276 Google Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android

In CProgramConfig_ReadHeightExt of tpdec_asc.cpp, there is a possible stack buffer overflow due to a missing bounds check.

6.8
2018-04-03 CVE-2018-3566 Google Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android

In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with all Android releases from CAF using the Linux kernel before security patch level 2018-04-05, a buffer overwrite may occur in ProcSetReqInternal() due to missing length check.

6.8
2018-04-03 CVE-2018-3563 Google NULL Pointer Dereference vulnerability in Google Android

In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with all Android releases from CAF using the Linux kernel before security patch level 2018-04-05, untrusted pointer dereference in apr_cb_func can lead to an arbitrary code execution.

6.8
2018-04-03 CVE-2018-4175 Apple Improper Input Validation vulnerability in Apple mac OS X

An issue was discovered in certain Apple products.

6.8
2018-04-03 CVE-2018-4165 Apple
Microsoft
Webkitgtk
Canonical
Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple products

An issue was discovered in certain Apple products.

6.8
2018-04-03 CVE-2018-4163 Apple
Microsoft
Webkitgtk
Canonical
Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple products

An issue was discovered in certain Apple products.

6.8
2018-04-03 CVE-2018-4162 Apple
Microsoft
Canonical
Webkitgtk
Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products

An issue was discovered in certain Apple products.

6.8
2018-04-03 CVE-2018-4161 Apple
Microsoft
Canonical
Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple products

An issue was discovered in certain Apple products.

6.8
2018-04-03 CVE-2018-4149 Apple Improper Input Validation vulnerability in Apple Iphone OS

An issue was discovered in certain Apple products.

6.8
2018-04-03 CVE-2018-4134 Apple Improper Input Validation vulnerability in Apple Iphone OS

An issue was discovered in certain Apple products.

6.8
2018-04-03 CVE-2018-4130 Apple
Microsoft
Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple products

An issue was discovered in certain Apple products.

6.8
2018-04-03 CVE-2018-4129 Apple
Microsoft
Webkitgtk
Canonical
Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple products

An issue was discovered in certain Apple products.

6.8
2018-04-03 CVE-2018-4128 Apple
Microsoft
Webkitgtk
Canonical
Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple products

An issue was discovered in certain Apple products.

6.8
2018-04-03 CVE-2018-4127 Apple
Microsoft
Canonical
Webkitgtk
Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple products

An issue was discovered in certain Apple products.

6.8
2018-04-03 CVE-2018-4125 Apple
Microsoft
Canonical
Webkitgtk
Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple products

An issue was discovered in certain Apple products.

6.8
2018-04-03 CVE-2018-4122 Apple
Microsoft
Webkitgtk
Canonical
Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple products

An issue was discovered in certain Apple products.

6.8
2018-04-03 CVE-2018-4121 Apple
Microsoft
Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple products

An issue was discovered in certain Apple products.

6.8
2018-04-03 CVE-2018-4120 Apple
Microsoft
Canonical
Webkitgtk
Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple products

An issue was discovered in certain Apple products.

6.8
2018-04-03 CVE-2018-4119 Apple
Microsoft
Webkitgtk
Canonical
Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple products

An issue was discovered in certain Apple products.

6.8
2018-04-03 CVE-2018-4118 Apple
Microsoft
Canonical
Webkitgtk
Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple products

An issue was discovered in certain Apple products.

6.8
2018-04-03 CVE-2018-4114 Apple
Microsoft
Canonical
Webkitgtk
Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple products

An issue was discovered in certain Apple products.

6.8
2018-04-03 CVE-2018-4106 Apple Injection vulnerability in Apple mac OS X

An issue was discovered in certain Apple products.

6.8
2018-04-03 CVE-2018-4101 Apple
Microsoft
Canonical
Webkitgtk
Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple products

An issue was discovered in certain Apple products.

6.8
2018-04-03 CVE-2018-4096 Apple
Microsoft
Canonical
Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple products

An issue was discovered in certain Apple products.

6.8
2018-04-03 CVE-2018-4094 Apple Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple products

An issue was discovered in certain Apple products.

6.8
2018-04-03 CVE-2018-4089 Apple Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple products

An issue was discovered in certain Apple products.

6.8
2018-04-03 CVE-2018-4088 Apple
Microsoft
Canonical
Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple products

An issue was discovered in certain Apple products.

6.8
2018-04-03 CVE-2018-4085 Apple Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple products

An issue was discovered in certain Apple products.

6.8
2018-04-03 CVE-2017-7167 Apple Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple Xcode

An issue was discovered in certain Apple products.

6.8
2018-04-03 CVE-2017-7165 Apple
Microsoft
Canonical
Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple products

An issue was discovered in certain Apple products.

6.8
2018-04-03 CVE-2017-7161 Apple
Canonical
Command Injection vulnerability in multiple products

An issue was discovered in certain Apple products.

6.8
2018-04-03 CVE-2017-7071 Apple Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple Safari

An issue was discovered in certain Apple products.

6.8
2018-04-03 CVE-2017-7005 Apple Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple Iphone OS, Safari and Tvos

An issue was discovered in certain Apple products.

6.8
2018-04-03 CVE-2017-7002 Apple Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple Iphone OS and mac OS X

An issue was discovered in certain Apple products.

6.8
2018-04-03 CVE-2017-7001 Apple Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple Iphone OS and mac OS X

An issue was discovered in certain Apple products.

6.8
2018-04-03 CVE-2017-7000 Apple
Chromium
Debian
Redhat
Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products

An issue was discovered in certain Apple products.

6.8
2018-04-03 CVE-2017-13885 Apple
Microsoft
Canonical
Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple products

An issue was discovered in certain Apple products.

6.8
2018-04-03 CVE-2017-13884 Apple
Microsoft
Canonical
Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple products

An issue was discovered in certain Apple products.

6.8
2018-04-05 CVE-2018-1000152 Jenkins Incorrect Authorization vulnerability in Jenkins Vsphere

An improper authorization vulnerability exists in Jenkins vSphere Plugin 2.16 and older in Clone.java, CloudSelectorParameter.java, ConvertToTemplate.java, ConvertToVm.java, Delete.java, DeleteSnapshot.java, Deploy.java, ExposeGuestInfo.java, FolderVSphereCloudProperty.java, PowerOff.java, PowerOn.java, Reconfigure.java, Rename.java, RenameSnapshot.java, RevertToSnapshot.java, SuspendVm.java, TakeSnapshot.java, VSphereBuildStepContainer.java, vSphereCloudProvisionedSlave.java, vSphereCloudSlave.java, vSphereCloudSlaveTemplate.java, VSphereConnectionConfig.java, vSphereStep.java that allows attackers to perform form validation related actions, including sending numerous requests to the configured vSphere server, potentially resulting in denial of service, or send credentials stored in Jenkins with known ID to an attacker-specified server ("test connection").

6.5
2018-04-05 CVE-2018-1000146 Jenkins Unspecified vulnerability in Jenkins Liquibase Runner

An arbitrary code execution vulnerability exists in Liquibase Runner Plugin version 1.3.0 and older that allows an attacker with permission to configure jobs to load and execute arbitrary code on the Jenkins master JVM.

6.5
2018-04-04 CVE-2017-3971 Mcafee Inadequate Encryption Strength vulnerability in Mcafee Network Security Manager

Cryptanalysis vulnerability in the web interface in McAfee Network Security Management (NSM) before 8.2.7.42.2 allows attackers to view confidential information via insecure use of RC4 encryption cyphers.

6.5
2018-04-08 CVE-2018-9850 Gxlcms Path Traversal vulnerability in Gxlcms QY 1.0.0713

In Gxlcms QY v1.0.0713, Lib\Lib\Action\Admin\DataAction.class.php allows remote attackers to delete any file via directory traversal sequences in the id parameter of an Admin-Data-del request.

6.4
2018-04-04 CVE-2018-9275 Yubico Information Exposure vulnerability in Yubico PAM

In check_user_token in util.c in the Yubico PAM module (aka pam_yubico) 2.18 through 2.25, successful logins can leak file descriptors to the auth mapping file, which can lead to information disclosure (serial number of a device) and/or DoS (reaching the maximum number of file descriptors).

6.4
2018-04-04 CVE-2017-3966 Mcafee Insufficient Session Expiration vulnerability in Mcafee Network Security Manager

Exploitation of session variables, resource IDs and other trusted credentials vulnerability in the web interface in McAfee Network Security Management (NSM) before 8.2.7.42.2 allows remote attackers to exploit or harm a user's browser via reusing the exposed session token in the application URL.

6.3
2018-04-04 CVE-2018-9119 Brilliantts Missing Authentication for Critical Function vulnerability in Brilliantts Fuze Card BLE Firmware and Fuze Card MCU Firmware

An attacker with physical access to a BrilliantTS FUZE card (MCU firmware 0.1.73, BLE firmware 0.7.4) can unlock the card, extract credit card numbers, and tamper with data on the card via Bluetooth because no authentication is needed, as demonstrated by gatttool.

6.1
2018-04-04 CVE-2017-3967 Mcafee Code Injection vulnerability in Mcafee Network Security Manager

Target influence via framing vulnerability in the web interface in McAfee Network Security Management (NSM) before 8.2.7.42.2 allows remote attackers to inject arbitrary web script or HTML via application pages inability to break out of 3rd party HTML frames.

6.1
2018-04-06 CVE-2018-1272 Vmware
Oracle
Spring Framework, versions 5.0 prior to 5.0.5 and versions 4.3 prior to 4.3.15 and older unsupported versions, provide client-side support for multipart requests.
6.0
2018-04-04 CVE-2017-3969 Mcafee Channel and Path Errors vulnerability in Mcafee Network Security Manager

Abuse of communication channels vulnerability in the server in McAfee Network Security Management (NSM) before 8.2.7.42.2 allows man-in-the-middle attackers to decrypt messages via an inadequate implementation of SSL.

5.9
2018-04-04 CVE-2018-9305 Exiv2 Out-of-bounds Read vulnerability in Exiv2

In Exiv2 0.26, an out-of-bounds read in IptcData::printStructure in iptc.c could result in a crash or information leak, related to the "== 0x1c" case.

5.8
2018-04-04 CVE-2018-8814 Wolfcms Cross-Site Request Forgery (CSRF) vulnerability in Wolfcms Wolf CMS 0.8.3.1

Cross-site request forgery (CSRF) vulnerability in WolfCMS 0.8.3.1 allows remote attackers to hijack the authentication of users for requests that modify plugin/[pluginname]/settings by crafting a malicious request.

5.8
2018-04-03 CVE-2017-7153 Apple
Microsoft
Canonical
Open Redirect vulnerability in Apple products

An issue was discovered in certain Apple products.

5.8
2018-04-03 CVE-2017-7065 Apple Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple Iphone OS, mac OS X and Tvos

An issue was discovered in certain Apple products.

5.8
2018-04-03 CVE-2017-13850 Apple Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple mac OS X

An issue was discovered in certain Apple products.

5.8
2018-04-04 CVE-2018-1421 IBM XXE vulnerability in IBM Datapower Gateway

IBM WebSphere DataPower Appliances 7.1, 7.2, 7.5, 7.5.1, 7.5.2, and 7.6 is vulnerable to a XML External Entity Injection (XXE) attack when processing XML data.

5.5
2018-04-04 CVE-2017-1624 IBM Incorrect Permission Assignment for Critical Resource vulnerability in IBM Qradar Security Information and Event Manager 7.3.0/7.3.1

IBM QRadar 7.3 and 7.3.1 specifies permissions for a security-critical resource in a way that allows that resource to be read or modified by unintended actors.

5.5
2018-04-03 CVE-2018-1099 Redhat
Fedoraproject
Improper Input Validation vulnerability in multiple products

DNS rebinding vulnerability found in etcd 3.3.1 and earlier.

5.5
2018-04-02 CVE-2018-1095 Linux NULL Pointer Dereference vulnerability in Linux Kernel

The ext4_xattr_check_entries function in fs/ext4/xattr.c in the Linux kernel through 4.15.15 does not properly validate xattr sizes, which causes misinterpretation of a size as an error code, and consequently allows attackers to cause a denial of service (get_acl NULL pointer dereference and system crash) via a crafted ext4 image.

5.5
2018-04-02 CVE-2018-1094 Linux
Redhat
Canonical
NULL Pointer Dereference vulnerability in multiple products

The ext4_fill_super function in fs/ext4/super.c in the Linux kernel through 4.15.15 does not always initialize the crc32c checksum driver, which allows attackers to cause a denial of service (ext4_xattr_inode_hash NULL pointer dereference and system crash) via a crafted ext4 image.

5.5
2018-04-02 CVE-2018-1092 Linux NULL Pointer Dereference vulnerability in Linux Kernel

The ext4_iget function in fs/ext4/inode.c in the Linux kernel through 4.15.15 mishandles the case of a root directory with a zero i_links_count, which allows attackers to cause a denial of service (ext4_process_freed_data NULL pointer dereference and OOPS) via a crafted ext4 image.

5.5
2018-04-05 CVE-2018-3624 Intel Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Intel 2G Modem Firmware

Buffer overflow in ETWS processing module Intel XMM71xx, XMM72xx, XMM73xx, XMM74xx and Sofia 3G/R allows remote attacker to potentially execute arbitrary code via an adjacent network.

5.4
2018-04-04 CVE-2017-3964 Mcafee Cross-site Scripting vulnerability in Mcafee Network Security Manager

Reflective Cross-Site Scripting (XSS) vulnerability in the web interface in McAfee Network Security Management (NSM) before 8.2.7.42.2 allows attackers to inject arbitrary web script or HTML via a URL parameter.

5.4
2018-04-02 CVE-2018-6659 Mcafee Cross-site Scripting vulnerability in Mcafee Epolicy Orchestrator

Reflected Cross-Site Scripting vulnerability in McAfee ePolicy Orchestrator (ePO) 5.3.2, 5.3.1, 5.3.0 and 5.9.0 allows remote authenticated users to exploit an XSS issue via not sanitizing the user input.

5.4
2018-04-05 CVE-2017-12093 Rockwellautomation Resource Exhaustion vulnerability in Rockwellautomation Micrologix 1400 B Firmware

An exploitable insufficient resource pool vulnerability exists in the session communication functionality of Allen Bradley Micrologix 1400 Series B Firmware 21.2 and before.

5.3
2018-04-03 CVE-2017-17742 Ruby Lang
Debian
HTTP Response Splitting vulnerability in multiple products

Ruby before 2.2.10, 2.3.x before 2.3.7, 2.4.x before 2.4.4, 2.5.x before 2.5.1, and 2.6.0-preview1 allows an HTTP Response Splitting attack.

5.3
2018-04-03 CVE-2017-7004 Apple Race Condition vulnerability in Apple Iphone OS and mac OS X

An issue was discovered in certain Apple products.

5.1
2018-04-08 CVE-2018-9852 Gxlcms Information Exposure vulnerability in Gxlcms QY 1.0.0713

In Gxlcms QY v1.0.0713, Lib\Lib\Action\Home\HitsAction.class.php allows remote attackers to read data from a database by embedding a FROM clause in a query string within a Home-Hits request, as demonstrated hy sid=user,password%20from%20mysql.user%23.

5.0
2018-04-08 CVE-2018-9851 Gxlcms Path Traversal vulnerability in Gxlcms QY 1.0.0713

In Gxlcms QY v1.0.0713, Lib\Lib\Action\Admin\TplAction.class.php allows remote attackers to read any file via a modified pathname in an Admin-Tpl request, as demonstrated by use of '|' instead of '/' as a directory separator, in conjunction with a ".." sequence.

5.0
2018-04-07 CVE-2018-9325 Etherpad Information Exposure vulnerability in Etherpad

Etherpad 1.5.x and 1.6.x before 1.6.4 allows an attacker to export all the existing pads of an instance without knowledge of pad names.

5.0
2018-04-06 CVE-2018-7506 Moxa Information Exposure vulnerability in Moxa Mxview 2.8

The private key of the web server in Moxa MXview versions 2.8 and prior is able to be read and accessed via an HTTP GET request, which may allow a remote attacker to decrypt encrypted information.

5.0
2018-04-05 CVE-2017-2861 Natus Out-of-bounds Read vulnerability in Natus Xltek Neuroworks 8

An exploitable Denial of Service vulnerability exists in the use of a return value in the NewProducerStream command in Natus Xltek NeuroWorks 8.

5.0
2018-04-05 CVE-2017-0748 Google Information Exposure vulnerability in Google Android

An information disclosure vulnerability in the Qualcomm audio driver.

5.0
2018-04-05 CVE-2016-8366 Phoenixcontact Credentials Management vulnerability in Phoenixcontact ILC Plcs Firmware

Webvisit in Phoenix Contact ILC PLCs offers a password macro to protect HMI pages on the PLC against casual or coincidental opening of HMI pages by the user.

5.0
2018-04-05 CVE-2018-1000145 Jenkins Information Exposure vulnerability in Jenkins Perforce

An exposure of sensitive information vulnerability exists in Jenkins Perforce Plugin version 1.3.36 and older in PerforcePasswordEncryptor.java that allows attackers with local file system access to obtain encrypted Perforce passwords and decrypt them.

5.0
2018-04-04 CVE-2018-1081 Moodle Unspecified vulnerability in Moodle

A flaw was found in Moodle 3.4 to 3.4.1, 3.3 to 3.3.4, 3.2 to 3.2.7, 3.1 to 3.1.10 and earlier unsupported versions.

5.0
2018-04-04 CVE-2018-9126 Zldnn Information Exposure vulnerability in Zldnn Dnnarticle 11

The DNNArticle module 11 for DNN (formerly DotNetNuke) allows remote attackers to read the web.config file, and consequently discover database credentials, via the /GetCSS.ashx/?CP=%2fweb.config URI.

5.0
2018-04-04 CVE-2018-9115 Systematicinc Improper Input Validation vulnerability in Systematicinc Sitaware 6.4

Systematic SitaWare 6.4 SP2 does not validate input from other sources sufficiently.

5.0
2018-04-04 CVE-2018-8719 Wpsecurityauditlog Information Exposure Through Log Files vulnerability in Wpsecurityauditlog WP Security Audit LOG 3.1.1

An issue was discovered in the WP Security Audit Log plugin 3.1.1 for WordPress.

5.0
2018-04-04 CVE-2018-1447 IBM Use of Password Hash With Insufficient Computational Effort vulnerability in IBM products

The GSKit (IBM Spectrum Protect 7.1 and 7.2) and (IBM Spectrum Protect Snapshot 4.1.3, 4.1.4, and 4.1.6) CMS KDB logic fails to salt the hash function resulting in weaker than expected protection of passwords.

5.0
2018-04-04 CVE-2016-8486 Google Information Exposure vulnerability in Google Android

An information disclosure vulnerability in Qualcomm closed source components.

5.0
2018-04-04 CVE-2016-8485 Google Information Exposure vulnerability in Google Android

An information disclosure vulnerability in Qualcomm closed source components.

5.0
2018-04-04 CVE-2016-10235 Google Improper Input Validation vulnerability in Google Android

A denial of service vulnerability in the Qualcomm WiFi driver.

5.0
2018-04-04 CVE-2017-13264 Google Unspecified vulnerability in Google Android

A other vulnerability in the Android media framework (Avcdec).

5.0
2018-04-04 CVE-2017-13261 Google Out-of-bounds Read vulnerability in Google Android

In bnep_process_control_packet of bnep_utils.cc, there is a possible out of bounds read due to a missing bounds check.

5.0
2018-04-04 CVE-2017-13260 Google Out-of-bounds Read vulnerability in Google Android

In bnep_data_ind of bnep_main.cc, there is a possible out of bounds read due to a missing bounds check.

5.0
2018-04-04 CVE-2017-13259 Google Out-of-bounds Read vulnerability in Google Android

In functionality implemented in sdp_discovery.cc, there are possible out of bounds reads due to missing bounds checks.

5.0
2018-04-04 CVE-2017-13258 Google Out-of-bounds Read vulnerability in Google Android

In bnep_data_ind of bnep_main.cc, there is a possible out of bounds read due to a missing bounds check.

5.0
2018-04-04 CVE-2017-13304 Google Information Exposure vulnerability in Google Android

A information disclosure vulnerability in the Upstream kernel mnh_sm driver.

5.0
2018-04-04 CVE-2017-13303 Google Information Exposure vulnerability in Google Android

A information disclosure vulnerability in the Broadcom bcmdhd driver.

5.0
2018-04-04 CVE-2017-13300 Google Improper Input Validation vulnerability in Google Android 6.0/6.0.1

A denial of service vulnerability in the Android media framework (libhevc).

5.0
2018-04-04 CVE-2017-13299 Google Unspecified vulnerability in Google Android

A other vulnerability in the Android media framework (libavc).

5.0
2018-04-04 CVE-2017-13298 Google Information Exposure vulnerability in Google Android

A information disclosure vulnerability in the Android media framework (libhavc).

5.0
2018-04-04 CVE-2017-13297 Google Information Exposure vulnerability in Google Android

A information disclosure vulnerability in the Android media framework (libhevc).

5.0
2018-04-04 CVE-2017-13296 Google Information Exposure vulnerability in Google Android

A information disclosure vulnerability in the Android media framework (libavc).

5.0
2018-04-04 CVE-2017-13295 Google Improper Input Validation vulnerability in Google Android

A denial of service vulnerability in the Android framework (package installer).

5.0
2018-04-04 CVE-2017-13294 Google Information Exposure vulnerability in Google Android

A information disclosure vulnerability in the Android framework (aosp email application).

5.0
2018-04-04 CVE-2017-13280 Google Out-of-bounds Read vulnerability in Google Android

In the FrameSequence_gif::FrameSequence_gif function of libframesequence, there is a out of bounds read due to a missing bounds check.

5.0
2018-04-04 CVE-2018-9205 Drupal Path Traversal vulnerability in Drupal Avatar Uploader 7.X1.0

Vulnerability in avatar_uploader v7.x-1.0-beta8 , The code in view.php doesn't verify users or sanitize the file path.

5.0
2018-04-04 CVE-2018-6919 Freebsd Information Exposure vulnerability in Freebsd

In FreeBSD before 11.1-STABLE, 11.1-RELEASE-p9, 10.4-STABLE, 10.4-RELEASE-p8 and 10.3-RELEASE-p28, due to insufficient initialization of memory copied to userland, small amounts of kernel memory may be disclosed to userland processes.

5.0
2018-04-04 CVE-2018-6917 Freebsd Integer Overflow or Wraparound vulnerability in Freebsd

In FreeBSD before 11.1-STABLE, 11.1-RELEASE-p9, 10.4-STABLE, 10.4-RELEASE-p8 and 10.3-RELEASE-p28, insufficient validation of user-provided font parameters can result in an integer overflow, leading to the use of arbitrary kernel memory as glyph data.

5.0
2018-04-04 CVE-2016-10718 Brave Improper Input Validation vulnerability in Brave Browser

Brave Browser before 0.13.0 allows a tab to close itself even if the tab was not opened by a script, resulting in denial of service.

5.0
2018-04-04 CVE-2018-9234 Gnupg
Canonical
Key Management Errors vulnerability in multiple products

GnuPG 2.2.4 and 2.2.5 does not enforce a configuration in which key certification requires an offline master Certify key, which results in apparently valid certifications that occurred only with access to a signing subkey.

5.0
2018-04-03 CVE-2018-8779 Ruby Lang
Canonical
Debian
Improper Input Validation vulnerability in multiple products

In Ruby before 2.2.10, 2.3.x before 2.3.7, 2.4.x before 2.4.4, 2.5.x before 2.5.1, and 2.6.0-preview1, the UNIXServer.open and UNIXSocket.open methods are not checked for null characters.

5.0
2018-04-03 CVE-2018-8778 Ruby Lang
Canonical
Debian
Redhat
Use of Externally-Controlled Format String vulnerability in multiple products

In Ruby before 2.2.10, 2.3.x before 2.3.7, 2.4.x before 2.4.4, 2.5.x before 2.5.1, and 2.6.0-preview1, an attacker controlling the unpacking format (similar to format string vulnerabilities) can trigger a buffer under-read in the String#unpack method, resulting in a massive and controlled information disclosure.

5.0
2018-04-03 CVE-2018-8777 Ruby Lang
Debian
Canonical
Redhat
Resource Exhaustion vulnerability in multiple products

In Ruby before 2.2.10, 2.3.x before 2.3.7, 2.4.x before 2.4.4, 2.5.x before 2.5.1, and 2.6.0-preview1, an attacker can pass a large HTTP request with a crafted header to WEBrick server or a crafted body to WEBrick server/handler and cause a denial of service (memory consumption).

5.0
2018-04-03 CVE-2018-8049 Unisys
IBM
Linux
Improper Input Validation vulnerability in Unisys Stealth SVG 2.8

The Stealth endpoint in Unisys Stealth SVG 2.8.x, 3.0.x before 3.0.1999, 3.1.x, 3.2.x before 3.2.030, and 3.3.x before 3.3.016, when running on Linux and AIX, allows remote attackers to cause a denial of service (crash) via crafted packets.

5.0
2018-04-03 CVE-2018-6914 Ruby Lang
Canonical
Debian
Redhat
Path Traversal vulnerability in multiple products

Directory traversal vulnerability in the Dir.mktmpdir method in the tmpdir library in Ruby before 2.2.10, 2.3.x before 2.3.7, 2.4.x before 2.4.4, 2.5.x before 2.5.1, and 2.6.0-preview1 might allow attackers to create arbitrary directories or files via a ..

5.0
2018-04-03 CVE-2018-3598 Google Information Exposure vulnerability in Google Android

In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with all Android releases from CAF using the Linux kernel before security patch level 2018-04-05, insufficient validation of parameters from userspace in the camera driver can lead to information leak and out-of-bounds access.

5.0
2018-04-03 CVE-2018-3584 Google Use After Free vulnerability in Google Android

In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with all Android releases from CAF using the Linux kernel before security patch level 2018-04-05, a Use After Free condition can occur in the function rmnet_usb_ctrl_init().

5.0
2018-04-03 CVE-2017-15853 Google Out-of-bounds Read vulnerability in Google Android

In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with all Android releases from CAF using the Linux kernel before security patch level 2018-04-05, while processing PTT commands, ptt_sock_send_msg_to_app() is invoked without validating the packet length.

5.0
2018-04-03 CVE-2017-15837 Google Out-of-bounds Read vulnerability in Google Android

In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with all Android releases from CAF using the Linux kernel before security patch level 2018-04-05, a policy for the packet pattern attribute NL80211_PKTPAT_OFFSET is not defined which can lead to a buffer over-read in nla_get_u32().

5.0
2018-04-03 CVE-2018-8836 Wago Improper Resource Shutdown or Release vulnerability in Wago products

Wago 750 Series PLCs with firmware version 10 and prior include a remote attack may take advantage of an improper implementation of the 3 way handshake during a TCP connection affecting the communications with commission and service tools.

5.0
2018-04-03 CVE-2016-7472 F5 Improper Input Validation vulnerability in F5 Big-Ip Application Security Manager 12.1.0/12.1.1

F5 BIG-IP ASM version 12.1.0 - 12.1.1 may allow remote attackers to cause a denial of service (DoS) via a crafted HTTP request.

5.0
2018-04-03 CVE-2018-4142 Apple Improper Input Validation vulnerability in Apple products

An issue was discovered in certain Apple products.

5.0
2018-04-03 CVE-2018-4137 Apple Information Exposure vulnerability in Apple Iphone OS and Safari

An issue was discovered in certain Apple products.

5.0
2018-04-03 CVE-2018-4100 Apple Resource Exhaustion vulnerability in Apple Iphone OS, mac OS X and Watchos

An issue was discovered in certain Apple products.

5.0
2018-04-03 CVE-2017-13837 Apple Unspecified vulnerability in Apple mac OS X 10.13.0

An issue was discovered in certain Apple products.

5.0
2018-04-04 CVE-2017-18257 Linux
Debian
Integer Overflow or Wraparound vulnerability in Linux Kernel

The __get_data_block function in fs/f2fs/data.c in the Linux kernel before 4.11 allows local users to cause a denial of service (integer overflow and loop) via crafted use of the open and fallocate system calls with an FS_IOC_FIEMAP ioctl.

4.9
2018-04-04 CVE-2018-8813 Wolfcms Open Redirect vulnerability in Wolfcms Wolf CMS 0.8.3.1

Open redirect vulnerability in the login[redirect] parameter login functionality in WolfCMS 0.8.3.1 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a malformed URL.

4.9
2018-04-02 CVE-2018-6253 Nvidia
Freebsd
Linux
Microsoft
Oracle
Infinite Loop vulnerability in Nvidia GPU Driver

NVIDIA GPU Display Driver contains a vulnerability in the DirectX and OpenGL Usermode drivers where a specially crafted pixel shader can cause infinite recursion leading to denial of service.

4.9
2018-04-02 CVE-2018-6252 Nvidia
Microsoft
Unspecified vulnerability in Nvidia GPU Driver

NVIDIA Windows GPU Display Driver contains a vulnerability in the kernel mode layer handler for DxgkDdiEscape where the software allows an actor access to restricted functionality that is unnecessary to production usage, and which may result in denial of service.

4.9
2018-04-02 CVE-2018-6660 Mcafee Path Traversal vulnerability in Mcafee Epolicy Orchestrator

Directory Traversal vulnerability in McAfee ePolicy Orchestrator (ePO) 5.3.2, 5.3.1, 5.3.0 and 5.9.0 allows administrators to use Windows alternate data streams, which could be used to bypass the file extensions, via not properly validating the path when exporting a particular XML file.

4.9
2018-04-05 CVE-2017-0751 Google Unspecified vulnerability in Google Android

An elevation of privilege vulnerability in the Qualcomm QCE driver.

4.6
2018-04-05 CVE-2017-0744 Google Unspecified vulnerability in Google Android

An elevation of privilege vulnerability in the NVIDIA firmware processing code.

4.6
2018-04-03 CVE-2015-1975 IBM Injection vulnerability in IBM Tivoli Directory Server

The web administration tool in IBM Tivoli Security Directory Server 6.0 before iFix 75, 6.1 before iFix 68, 6.2 before iFix 44, and 6.3 before iFix 37 and IBM Security Directory Server 6.3.1 before iFix 11 and 6.4 before iFix 2 allows local users to gain privileges via vectors related to argument injection.

4.6
2018-04-03 CVE-2018-3645 Intel Unspecified vulnerability in Intel Remote Keyboard Mobile APP

Escalation of privilege in all versions of the Intel Remote Keyboard allows a local attacker to inject keystrokes into another remote keyboard session.

4.6
2018-04-03 CVE-2018-5828 Google Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android

In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with all Android releases from CAF using the Linux kernel before security patch level 2018-04-05, in function wma_extscan_start_stop_event_handler(), vdev_id comes from the variable event from firmware and is not properly validated potentially leading to a buffer overwrite.

4.6
2018-04-03 CVE-2018-5825 Google Use After Free vulnerability in Google Android

In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with all Android releases from CAF using the Linux kernel before security patch level 2018-04-05, in the kernel IPA driver, a Use After Free condition can occur.

4.6
2018-04-03 CVE-2018-5824 Google Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android

In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with all Android releases from CAF using the Linux kernel before security patch level 2018-04-05, while processing HTT_T2H_MSG_TYPE_RX_FLUSH or HTT_T2H_MSG_TYPE_RX_PN_IND messages, a buffer overflow can occur if the tid value obtained from the firmware is out of range.

4.6
2018-04-03 CVE-2018-5823 Google Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android

In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with all Android releases from CAF using the Linux kernel before security patch level 2018-04-05, improper buffer length validation in extscan hotlist event can lead to potential buffer overflow.

4.6
2018-04-03 CVE-2017-14880 Google Race Condition vulnerability in Google Android

In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with all Android releases from CAF using the Linux kernel before security patch level 2018-04-05, while IPA WAN-driver is processing multiple requests from modem/user-space module, the global variable "num_q6_rule" does not have a mutex lock and thus can be accessed and modified by multiple threads.

4.6
2018-04-03 CVE-2017-11075 Google Use After Free vulnerability in Google Android

In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with all Android releases from CAF using the Linux kernel before security patch level 2018-04-05, if cmd_pkt and reg_pkt are called from different userspace threads, a use after free condition can potentially occur in wdsp_glink_write().

4.6
2018-04-03 CVE-2017-7070 Apple Unspecified vulnerability in Apple mac OS X

An issue was discovered in certain Apple products.

4.6
2018-04-03 CVE-2017-4028 Mcafee Injection vulnerability in Mcafee products

Maliciously misconfigured registry vulnerability in all Microsoft Windows products in McAfee consumer and corporate products allows an administrator to inject arbitrary code into a debugged McAfee process via manipulation of registry parameters.

4.4
2018-04-03 CVE-2018-0492 Beep Project
Debian
Race Condition vulnerability in multiple products

Johnathan Nightingale beep through 1.3.4, if setuid, has a race condition that allows local privilege escalation.

4.4
2018-04-08 CVE-2017-18258 Xmlsoft Allocation of Resources Without Limits or Throttling vulnerability in Xmlsoft Libxml2

The xz_head function in xzlib.c in libxml2 before 2.9.6 allows remote attackers to cause a denial of service (memory consumption) via a crafted LZMA file, because the decoder functionality does not restrict memory usage to what is required for a legitimate file.

4.3
2018-04-07 CVE-2018-9844 Iptanus Cross-site Scripting vulnerability in Iptanus Wordpress File Upload

The Iptanus WordPress File Upload plugin before 4.3.4 for WordPress mishandles Settings attributes, leading to XSS.

4.3
2018-04-06 CVE-2014-2359 Oleumtech Information Exposure vulnerability in Oleumtech AD1 Firmware and FT1 Firmware

OleumTech Wireless Sensor Network devices allow remote attackers to obtain sensitive information about sensor nodes or spoof devices by reading cleartext protocol data.

4.3
2018-04-06 CVE-2018-1271 Vmware
Oracle
Path Traversal vulnerability in multiple products

Spring Framework, versions 5.0 prior to 5.0.5 and versions 4.3 prior to 4.3.15 and older unsupported versions, allow applications to configure Spring MVC to serve static resources (e.g.

4.3
2018-04-06 CVE-2017-18098 Atlassian Cross-site Scripting vulnerability in Atlassian Jira

The searchrequest-xml resource in Atlassian Jira before version 7.6.1 allows remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability through various fields.

4.3
2018-04-05 CVE-2018-9328 Redbus Clone Script Project Cross-site Scripting vulnerability in Redbus Clone Script Project Redbus Clone Script 3.0.6

PHP Scripts Mall Redbus Clone Script 3.0.6 has XSS via the ter_from or tag parameter to results.php.

4.3
2018-04-05 CVE-2018-9244 Gitlab Cross-site Scripting vulnerability in Gitlab

GitLab Community and Enterprise Editions version 9.2 up to 10.4 are vulnerable to XSS because a lack of input validation in the milestones component leads to cross site scripting (specifically, data-milestone-id in the milestone dropdown feature).

4.3
2018-04-05 CVE-2018-9243 Gitlab Cross-site Scripting vulnerability in Gitlab

GitLab Community and Enterprise Editions version 8.4 up to 10.4 are vulnerable to XSS because a lack of input validation in the merge request component leads to cross site scripting (specifically, filenames in changes tabs of merge requests).

4.3
2018-04-05 CVE-2018-1000154 Zammad Cross-site Scripting vulnerability in Zammad

Zammad GmbH Zammad version 2.3.0 and earlier contains a Improper Neutralization of Script-Related HTML Tags in a Web Page (CWE-80) vulnerability in the subject of emails which are not html quoted in certain cases.

4.3
2018-04-05 CVE-2018-1000144 Jenkins Cross-site Scripting vulnerability in Jenkins Cucumber Living Documentation

A cross site scripting vulnerability exists in Jenkins Cucumber Living Documentation Plugin 1.0.12 and older in CukedoctorBaseAction#doDynamic that disables the Content-Security-Policy protection for archived artifacts and workspace files, allowing attackers able to control the content of these files to attack Jenkins users.

4.3
2018-04-04 CVE-2018-9307 Dsmall Project Cross-site Scripting vulnerability in Dsmall Project Dsmall 20180320

dsmall v20180320 allows XSS via the pdr_sn parameter to public/index.php/home/predeposit/index.html.

4.3
2018-04-04 CVE-2018-9304 Exiv2 Divide By Zero vulnerability in Exiv2

In Exiv2 0.26, a divide by zero in BigTiffImage::printIFD in bigtiffimage.cpp could result in denial of service.

4.3
2018-04-04 CVE-2018-9303 Exiv2 Reachable Assertion vulnerability in Exiv2

In Exiv2 0.26, an assertion failure in BigTiffImage::readData in bigtiffimage.cpp results in an abort.

4.3
2018-04-04 CVE-2017-6426 Google Information Exposure vulnerability in Google Android

An information disclosure vulnerability in the Qualcomm SPMI driver.

4.3
2018-04-04 CVE-2017-6425 Google Information Exposure vulnerability in Google Android

An information disclosure vulnerability in the Qualcomm video driver.

4.3
2018-04-04 CVE-2017-1772 IBM Cross-site Scripting vulnerability in IBM Mobilefirst Platform Foundation

IBM Worklight (IBM MobileFirst Platform Foundation 6.3, 7.0, 7.1, and 8.0) is vulnerable to cross-site scripting.

4.3
2018-04-04 CVE-2016-10236 Google Information Exposure vulnerability in Google Android

An information disclosure vulnerability in the Qualcomm USB driver.

4.3
2018-04-04 CVE-2016-10234 Google Information Exposure vulnerability in Google Android

An information disclosure vulnerability in the Qualcomm IPA driver.

4.3
2018-04-04 CVE-2017-13257 Google Use After Free vulnerability in Google Android

In bta_pan_data_buf_ind_cback of bta_pan_act.cc there is a use after free that can result in an out of bounds read of memory allocated via malloc.

4.3
2018-04-04 CVE-2017-13279 Google Excessive Iteration vulnerability in Google Android

In M3UParser::parse of M3UParser.cpp, there is a memory resource exhaustion due to a large loop of pushing items into a vector.

4.3
2018-04-04 CVE-2018-9238 Yahei Cross-site Scripting vulnerability in Yahei PHP Prober 0.4.7

proberv.php in Yahei-PHP Proberv 0.4.7 has XSS via the funName parameter.

4.3
2018-04-04 CVE-2018-9235 Iscripts Cross-site Scripting vulnerability in Iscripts Sonicbb 1.0

iScripts SonicBB 1.0 has Reflected Cross-Site Scripting via the query parameter to search.php.

4.3
2018-04-04 CVE-2018-9252 Jasper Project Reachable Assertion vulnerability in Jasper Project Jasper 2.0.14

JasPer 2.0.14 allows denial of service via a reachable assertion in the function jpc_abstorelstepsize in libjasper/jpc/jpc_enc.c.

4.3
2018-04-04 CVE-2017-18256 Brave Unspecified vulnerability in Brave Browser

Brave Browser before 0.13.0 allows remote attackers to cause a denial of service (resource consumption) via a long alert() argument in JavaScript code, because window dialogs are mishandled.

4.3
2018-04-03 CVE-2018-5826 Google Use After Free vulnerability in Google Android

In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with all Android releases from CAF using the Linux kernel before security patch level 2018-04-05, due to a race condition, a Use After Free condition can occur in the WLAN driver.

4.3
2018-04-03 CVE-2018-4176 Apple Improper Input Validation vulnerability in Apple mac OS X

An issue was discovered in certain Apple products.

4.3
2018-04-03 CVE-2018-4174 Apple Unspecified vulnerability in Apple Iphone OS and mac OS X

An issue was discovered in certain Apple products.

4.3
2018-04-03 CVE-2018-4146 Apple
Microsoft
Canonical
Webkitgtk
Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple products

An issue was discovered in certain Apple products.

4.3
2018-04-03 CVE-2018-4138 Apple Information Exposure vulnerability in Apple mac OS X

An issue was discovered in certain Apple products.

4.3
2018-04-03 CVE-2018-4133 Apple
Canonical
Webkitgtk
Cross-site Scripting vulnerability in multiple products

An issue was discovered in certain Apple products.

4.3
2018-04-03 CVE-2018-4131 Apple Unspecified vulnerability in Apple Iphone OS and mac OS X

An issue was discovered in certain Apple products.

4.3
2018-04-03 CVE-2018-4117 Apple
Microsoft
Webkitgtk
Canonical
Debian
Redhat
Information Exposure vulnerability in Apple products

An issue was discovered in certain Apple products.

4.3
2018-04-03 CVE-2018-4116 Apple Improper Input Validation vulnerability in Apple Safari

An issue was discovered in certain Apple products.

4.3
2018-04-03 CVE-2018-4113 Apple
Microsoft
Webkitgtk
Canonical
Reachable Assertion vulnerability in Apple products

An issue was discovered in certain Apple products.

4.3
2018-04-03 CVE-2018-4112 Apple Link Following vulnerability in Apple mac OS X

An issue was discovered in certain Apple products.

4.3
2018-04-03 CVE-2018-4111 Apple Improper Verification of Cryptographic Signature vulnerability in Apple mac OS X

An issue was discovered in certain Apple products.

4.3
2018-04-03 CVE-2018-4107 Apple Improper Input Validation vulnerability in Apple mac OS X

An issue was discovered in certain Apple products.

4.3
2018-04-03 CVE-2018-4104 Apple Information Exposure vulnerability in Apple products

An issue was discovered in certain Apple products.

4.3
2018-04-03 CVE-2018-4102 Apple Improper Input Validation vulnerability in Apple Safari

An issue was discovered in certain Apple products.

4.3
2018-04-03 CVE-2018-4093 Apple Information Exposure vulnerability in Apple products

An issue was discovered in certain Apple products.

4.3
2018-04-03 CVE-2018-4090 Apple Information Exposure vulnerability in Apple products

An issue was discovered in certain Apple products.

4.3
2018-04-03 CVE-2018-4086 Apple Improper Certificate Validation vulnerability in Apple products

An issue was discovered in certain Apple products.

4.3
2018-04-03 CVE-2018-4084 Apple Information Exposure vulnerability in Apple mac OS X

An issue was discovered in certain Apple products.

4.3
2018-04-03 CVE-2017-7173 Apple Information Exposure vulnerability in Apple mac OS X

An issue was discovered in certain Apple products.

4.3
2018-04-03 CVE-2017-7164 Apple Improper Input Validation vulnerability in Apple Iphone OS and Tvos

An issue was discovered in certain Apple products.

4.3
2018-04-03 CVE-2017-7003 Apple Improper Input Validation vulnerability in Apple products

An issue was discovered in certain Apple products.

4.3
2018-04-03 CVE-2017-6976 Apple Unspecified vulnerability in Apple Iphone OS

An issue was discovered in certain Apple products.

4.3
2018-04-03 CVE-2017-2493 Apple
Microsoft
Information Exposure vulnerability in Apple products

An issue was discovered in certain Apple products.

4.3
2018-04-03 CVE-2017-2492 Apple Cross-site Scripting vulnerability in Apple Iphone OS, Safari and Tvos

An issue was discovered in certain Apple products.

4.3
2018-04-03 CVE-2017-13890 Apple Improper Input Validation vulnerability in Apple mac OS X

An issue was discovered in certain Apple products.

4.3
2018-04-03 CVE-2017-13877 Apple Information Exposure vulnerability in Apple Iphone OS

An issue was discovered in certain Apple products.

4.3
2018-04-03 CVE-2017-13873 Apple Information Exposure vulnerability in Apple products

An issue was discovered in certain Apple products.

4.3
2018-04-03 CVE-2017-13863 Apple Improper Certificate Validation vulnerability in Apple Iphone OS

An issue was discovered in certain Apple products.

4.3
2018-04-03 CVE-2017-13806 Apple Unspecified vulnerability in Apple Iphone OS

An issue was discovered in certain Apple products.

4.3
2018-04-02 CVE-2018-9173 GET Simple Cross-site Scripting vulnerability in Get-Simple Getsimple CMS 3.3.13

Cross-site scripting (XSS) vulnerability in admin/template/js/uploadify/uploadify.swf in GetSimple CMS 3.3.13 allows remote attackers to inject arbitrary web script or HTML, as demonstrated by the movieName parameter.

4.3
2018-04-05 CVE-2018-1096 Theforeman
Redhat
SQL Injection vulnerability in multiple products

An input sanitization flaw was found in the id field in the dashboard controller of Foreman before 1.16.1.

4.0
2018-04-05 CVE-2018-1000148 Jenkins Information Exposure vulnerability in Jenkins Copy TO Slave

An exposure of sensitive information vulnerability exists in Jenkins Copy To Slave Plugin version 1.4.4 and older in CopyToSlaveBuildWrapper.java that allows attackers with permission to configure jobs to read arbitrary files from the Jenkins master file system.

4.0
2018-04-05 CVE-2018-1000147 Perforce Information Exposure vulnerability in Perforce

An exposure of sensitive information vulnerability exists in Jenkins Perforce Plugin version 1.3.36 and older in PerforcePasswordEncryptor.java that allows attackers with insufficient permission to obtain Perforce passwords configured in jobs to obtain them

4.0
2018-04-04 CVE-2017-18096 Atlassian Server-Side Request Forgery (SSRF) vulnerability in Atlassian Application Links

The OAuth status rest resource in Atlassian Application Links before version 5.2.7, from 5.3.0 before 5.3.4 and from 5.4.0 before 5.4.3 allows remote attackers with administrative rights to access the content of internal network resources via a Server Side Request Forgery (SSRF) by creating an OAuth application link to a location they control and then redirecting access from the linked location's OAuth status rest resource to an internal location.

4.0

37 Low Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2018-04-05 CVE-2018-1315 Apache Incorrect Permission Assignment for Critical Resource vulnerability in Apache Hive

In Apache Hive 2.1.0 to 2.3.2, when 'COPY FROM FTP' statement is run using HPL/SQL extension to Hive, a compromised/malicious FTP server can cause the file to be written to an arbitrary location on the cluster where the command is run from.

3.7
2018-04-05 CVE-2018-1284 Apache Information Exposure vulnerability in Apache Hive

In Apache Hive 0.6.0 to 2.3.2, malicious user might use any xpath UDFs (xpath/xpath_string/xpath_boolean/xpath_number/xpath_double/xpath_float/xpath_long/xpath_int/xpath_short) to expose the content of a file on the machine running HiveServer2 owned by HiveServer2 user (usually hive) if hive.server2.enable.doAs=false.

3.7
2018-04-04 CVE-2017-13305 Google
Canonical
Debian
Out-of-bounds Read vulnerability in multiple products

A information disclosure vulnerability in the Upstream kernel encrypted-keys.

3.6
2018-04-03 CVE-2017-5703 Intel Improper Privilege Management vulnerability in Intel products

Configuration of SPI Flash in platforms based on multiple Intel platforms allow a local attacker to alter the behavior of the SPI flash potentially leading to a Denial of Service.

3.6
2018-04-08 CVE-2018-6905 Typo3 Cross-site Scripting vulnerability in Typo3

The page module in TYPO3 before 8.7.11, and 9.1.0, has XSS via $GLOBALS['TYPO3_CONF_VARS']['SYS']['sitename'], as demonstrated by an admin entering a crafted site name during the installation process.

3.5
2018-04-07 CVE-2018-9330 Coremail Cross-site Scripting vulnerability in Coremail XT 3.0

register.jsp in Coremail XT3.0 allows stored XSS, as demonstrated by the third form field to a URI under register/, a different vulnerability than CVE-2015-6942.

3.5
2018-04-06 CVE-2017-18097 Atlassian Cross-site Scripting vulnerability in Atlassian Jira

The Trello board importer resource in Atlassian Jira before version 7.6.1 allows remote attackers who can convince a Jira administrator to import their Trello board to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability in the title of a Trello card.

3.5
2018-04-05 CVE-2018-7035 Gleezcms Cross-site Scripting vulnerability in Gleezcms Gleez CMS 1.2.0/2.0

Cross-site scripting (XSS) vulnerability in Gleez CMS 1.2.0 and 2.0 might allow remote attackers (users) to inject JavaScript via HTML content in an editor, which will result in Stored XSS when an Administrator tries to edit the same content, as demonstrated by use of the source editor for HTML mode in an Add Blog action.

3.5
2018-04-04 CVE-2018-9034 Relevanssi Cross-site Scripting vulnerability in Relevanssi

Cross-site scripting (XSS) vulnerability in lib/interface.php of the Relevanssi plugin 4.0.4 for WordPress allows remote attackers to inject arbitrary JavaScript or HTML via the tab GET parameter.

3.5
2018-04-04 CVE-2018-9237 Iscripts Cross-site Scripting vulnerability in Iscripts Easycreate 3.2.1

iScripts EasyCreate 3.2.1 has Stored Cross-Site Scripting in the "Site Description" field.

3.5
2018-04-04 CVE-2018-9236 Iscripts Cross-site Scripting vulnerability in Iscripts Easycreate 3.2.1

iScripts EasyCreate 3.2.1 has Stored Cross-Site Scripting in the "Site title" field.

3.5
2018-04-02 CVE-2018-9183 Joomsky Cross-site Scripting vulnerability in Joomsky JS Jobs

The Joom Sky JS Jobs extension before 1.2.1 for Joomla! has XSS.

3.5
2018-04-02 CVE-2018-9163 Zohocorp Cross-site Scripting vulnerability in Zohocorp Manageengine Recovery Manager Plus

A stored Cross-site scripting (XSS) vulnerability in Zoho ManageEngine Recovery Manager Plus before 5.3 (Build 5350) allows remote authenticated users (with Add New Technician permissions) to inject arbitrary web script or HTML via the loginName field to technicianAction.do.

3.5
2018-04-05 CVE-2017-12095 Meetcircle Authentication Bypass by Spoofing vulnerability in Meetcircle Circle With Disney Firmware 2.0.1

An exploitable vulnerability exists in the WiFi Access Point feature of Circle with Disney running firmware 2.0.1.

3.3
2018-04-04 CVE-2017-13269 Google Information Exposure vulnerability in Google Android

A information disclosure vulnerability in the Android system (bluetooth).

3.3
2018-04-04 CVE-2017-13268 Google Information Exposure vulnerability in Google Android

A information disclosure vulnerability in the Android system (bluetooth).

3.3
2018-04-04 CVE-2017-13262 Google Out-of-bounds Read vulnerability in Google Android

In bnep_data_ind of bnep_main.cc, there is a possible out of bounds read due to a missing length decrement operation.

3.3
2018-04-03 CVE-2017-7066 Apple Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple Iphone OS and Tvos

An issue was discovered in certain Apple products.

3.3
2018-04-04 CVE-2018-9251 Xmlsoft
Debian
Infinite Loop vulnerability in multiple products

The xz_decomp function in xzlib.c in libxml2 2.9.8, if --with-lzma is used, allows remote attackers to cause a denial of service (infinite loop) via a crafted XML file that triggers LZMA_MEMLIMIT_ERROR, as demonstrated by xmllint, a different vulnerability than CVE-2015-8035.

2.6
2018-04-03 CVE-2018-4092 Apple Race Condition vulnerability in Apple products

An issue was discovered in certain Apple products.

2.6
2018-04-05 CVE-2018-9233 Sophos Use of Password Hash With Insufficient Computational Effort vulnerability in Sophos Endpoint Protection 10.7

Sophos Endpoint Protection 10.7 uses an unsalted SHA-1 hash for password storage in %PROGRAMDATA%\Sophos\Sophos Anti-Virus\Config\machine.xml, which makes it easier for attackers to determine a cleartext password, and subsequently choose unsafe malware settings, via rainbow tables or other approaches.

2.1
2018-04-05 CVE-2018-4863 Sophos 7PK - Security Features vulnerability in Sophos Endpoint Protection 10.7

Sophos Endpoint Protection 10.7 allows local users to bypass an intended tamper protection mechanism by deleting the HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\Sophos Endpoint Defense\ registry key.

2.1
2018-04-05 CVE-2018-1000150 Jenkins Information Exposure vulnerability in Jenkins Reverse Proxy Auth

An exposure of sensitive information vulnerability exists in Jenkins Reverse Proxy Auth Plugin 1.5 and older in ReverseProxySecurityRealm#authContext that allows attackers with local file system access to obtain a list of authorities for logged in users.

2.1
2018-04-05 CVE-2018-1000143 Jenkins Information Exposure vulnerability in Jenkins Github Pull Request Builder

An exposure of sensitive information vulnerability exists in Jenkins GitHub Pull Request Builder Plugin version 1.39.0 and older in GhprbCause.java that allows an attacker with local file system access to obtain GitHub credentials.

2.1
2018-04-05 CVE-2018-1000142 Jenkins Information Exposure vulnerability in Jenkins Github Pull Request Builder

An exposure of sensitive information vulnerability exists in Jenkins GitHub Pull Request Builder Plugin version 1.39.0 and older in GhprbCause.java that allows an attacker with local file system access to obtain GitHub credentials.

2.1
2018-04-04 CVE-2017-1733 IBM Information Exposure Through Log Files vulnerability in IBM Qradar Security Information and Event Manager 7.3.0/7.3.1

IBM QRadar 7.3 stores potentially sensitive information in log files that could be read by a local user.

2.1
2018-04-04 CVE-2017-13290 Google Out-of-bounds Read vulnerability in Google Android

In sdp_server_handle_client_req of sdp_server.cc, there is an out of bounds read due to a missing bounds check.

2.1
2018-04-03 CVE-2018-3689 Intel Unspecified vulnerability in Intel Software Guard Extensions

AESM daemon in Intel Software Guard Extensions Platform Software Component for Linux before 2.1.102 can effectively be disabled by a local attacker creating a denial of services like remote attestation provided by the AESM.

2.1
2018-04-03 CVE-2016-8365 Osisoft Improper Access Control vulnerability in Osisoft products

OSIsoft PI System software (Applications using PI Asset Framework (AF) Client versions prior to PI AF Client 2016, Version 2.8.0; Applications using PI Software Development Kit (SDK) versions prior to PI SDK 2016, Version 1.4.6; PI Buffer Subsystem, versions prior to and including, Version 4.4; and PI Data Archive versions prior to PI Data Archive 2015, Version 3.4.395.64) operates between endpoints without a complete model of endpoint features potentially causing the product to perform actions based on this incomplete model, which could result in a denial of service.

2.1
2018-04-03 CVE-2018-4172 Apple Unspecified vulnerability in Apple Iphone OS

An issue was discovered in certain Apple products.

2.1
2018-04-03 CVE-2018-4170 Apple Insufficiently Protected Credentials vulnerability in Apple mac OS X

An issue was discovered in certain Apple products.

2.1
2018-04-03 CVE-2018-4168 Apple Information Exposure vulnerability in Apple Iphone OS

An issue was discovered in certain Apple products.

2.1
2018-04-03 CVE-2018-4123 Apple Information Exposure vulnerability in Apple Iphone OS

An issue was discovered in certain Apple products.

2.1
2018-04-03 CVE-2017-7075 Apple Information Exposure vulnerability in Apple Iphone OS

An issue was discovered in certain Apple products.

2.1
2018-04-03 CVE-2017-13851 Apple Unspecified vulnerability in Apple mac OS X 10.13.0

An issue was discovered in certain Apple products.

2.1
2018-04-03 CVE-2017-13839 Apple Information Exposure vulnerability in Apple mac OS X 10.13.0

An issue was discovered in certain Apple products.

2.1
2018-04-04 CVE-2017-13275 Google Out-of-bounds Read vulnerability in Google Android 8.0/8.1

In getVSCoverage of CmapCoverage.cpp, there is a possible out of bounds read due to an incorrect bounds check.

1.9