Weekly Vulnerabilities Reports > April 9 to 15, 2018

Overview

305 new vulnerabilities reported during this period, including 50 critical vulnerabilities and 47 high severity vulnerabilities. This weekly summary report vulnerabilities in 368 products from 107 vendors including Microsoft, Qualcomm, Debian, Mediawiki, and Cmsmadesimple. Vulnerabilities are notably categorized as "Cross-site Scripting", "Out-of-bounds Write", "Improper Input Validation", "Information Exposure", and "Improper Restriction of Operations within the Bounds of a Memory Buffer".

  • 270 reported vulnerabilities are remotely exploitables.
  • 30 reported vulnerabilities have public exploit available.
  • 94 reported vulnerabilities are related to weaknesses in OWASP Top Ten.
  • 229 reported vulnerabilities are exploitable by an anonymous user.
  • Microsoft has the most reported vulnerabilities, with 66 reported vulnerabilities.
  • Qualcomm has the most reported critical vulnerabilities, with 27 reported vulnerabilities.

TOTAL
VULNERABILITIES
CRITICAL RISK
VULNERABILITIES
HIGH RISK
VULNERABILITIES
MEDIUM RISK
VULNERABILITIES
LOW RISK
VULNERABILITIES
REMOTELY
EXPLOITABLE
LOCALLY
EXPLOITABLE
EXPLOIT
AVAILABLE
EXPLOITABLE
ANONYMOUSLY
AFFECTING
WEB APPLICATION

Vulnerability Details

The following table list reported vulnerabilities for the period covered by this report:

Expand/Hide

50 Critical Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2018-04-13 CVE-2018-6546 Plays TV Improper Authentication vulnerability in Plays.Tv

plays_service.exe in the plays.tv service before 1.27.7.0, as distributed in AMD driver-installation packages and Gaming Evolved products, executes code at a user-defined (local or SMB) path as SYSTEM when the execute_installer parameter is used in an HTTP message.

10.0
2018-04-13 CVE-2017-0359 Reproducible Builds
Debian
diffoscope before 77 writes to arbitrary locations on disk based on the contents of an untrusted archive.
10.0
2018-04-12 CVE-2014-8888 D Link Command Injection vulnerability in D-Link Dir-815 Firmware 2.03.B02

The remote administration interface in D-Link DIR-815 devices with firmware before 2.03.B02 allows remote attackers to execute arbitrary commands via vectors related to an "HTTP command injection issue."

10.0
2018-04-12 CVE-2014-6120 IBM Command Injection vulnerability in IBM Rational Appscan Source and Security Appscan Source

IBM Rational AppScan Source 8.0 through 8.0.0.2 and 8.5 through 8.5.0.1 and Security AppScan Source 8.6 through 8.6.0.2, 8.7 through 8.7.0.1, 8.8, 9.0 through 9.0.0.1, and 9.0.1 allow remote attackers to execute arbitrary commands on the installation server via unspecified vectors.

10.0
2018-04-11 CVE-2017-14459 Moxa OS Command Injection vulnerability in Moxa Awk-3131A Firmware

An exploitable OS Command Injection vulnerability exists in the Telnet, SSH, and console login functionality of Moxa AWK-3131A Industrial IEEE 802.11a/b/g/n wireless AP/bridge/client in firmware versions 1.4 to 1.7 (current).

10.0
2018-04-11 CVE-2018-3594 Qualcomm Out-of-bounds Read vulnerability in Qualcomm products

In Android before security patch level 2018-04-05 on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear MDM9206, MDM9607, MDM9650, SD 210/SD 212/SD 205, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 808, SD 820, SD 820A, SD 835, SD 845, while parsing a private frame in an ID3 tag, a buffer over-read can occur when comparing frame data with predefined owner identifier strings.

10.0
2018-04-11 CVE-2018-3593 Qualcomm Double Free vulnerability in Qualcomm products

In Android before security patch level 2018-04-05 on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear MDM9206, MDM9607, MDM9650, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 808, SD 810, SD 820, SD 820A, SD 835, SD 845, repeated enable/disable eMBMS requests may result in a double free condition.

10.0
2018-04-11 CVE-2018-3592 Qualcomm NULL Pointer Dereference vulnerability in Qualcomm products

In Android before security patch level 2018-04-05 on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9607, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 425, SD 430, SD 450, SD 625, SD 650/52, SD 820, SD 835, SD 845, SD 850, added a change to check if the pointer has been reset to NULL or not, before writing to the memory pointed by the pointer.

10.0
2018-04-11 CVE-2018-3591 Qualcomm Insecure Default Initialization of Resource vulnerability in Qualcomm products

In Android before security patch level 2018-04-05 on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9607, MDM9635M, MDM9650, MDM9655, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 450, SD 615/16/SD 415, SD 625, SD 650/52, SD 820, SD 835, SD 845, SDM630, SDM636, SDM660, Snapdragon_High_Med_2016, the default build configuration of deviceprogrammer in BOOT.BF.3.0 enables the flag SKIP_SECBOOT_CHECK_NOT_RECOMMENDED_BY_QUALCOMM which will open up the peek and poke commands to any memory location on the target.

10.0
2018-04-11 CVE-2018-3590 Qualcomm Use After Free vulnerability in Qualcomm products

In Android before security patch level 2018-04-05 on Qualcomm Snapdragon Mobile and Snapdragon Wear MSM8909W, SD 210/SD 212/SD 205, SD 450, SD 615/16/SD 415, SD 625, SD 650/52, SD 820, SD 835, SD 845, a Use After Free condition can occur in RIL while handling requests from Android.

10.0
2018-04-11 CVE-2018-3589 Qualcomm Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Qualcomm products

In Android before security patch level 2018-04-05 on Qualcomm Snapdragon Mobile MDM9650, MDM9655, SD 835, SD 845, SD 850, the vswr capture size is larger than the maximum size of a diag logPacket, which can lead to a buffer overflow when the sample buffer is copied to the logPacket buffer.

10.0
2018-04-11 CVE-2017-8275 Qualcomm Integer Overflow or Wraparound vulnerability in Qualcomm products

In Android before security patch level 2018-04-05 on Qualcomm Snapdragon Mobile SD 210/SD 212/SD 205, SD 400, SD 430, SD 450, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 820, SD 835, an integer overflow vulnerability exists in a video library.

10.0
2018-04-11 CVE-2017-8274 Qualcomm Unspecified vulnerability in Qualcomm products

In Android before security patch level 2018-04-05 on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9607, MSM8909W, SD 210/SD 212/SD 205, SD 425, SD 430, SD 450, SD 625, SD 650/52, an access control vulnerability exists in Core.

10.0
2018-04-11 CVE-2017-18146 Qualcomm Improper Verification of Cryptographic Signature vulnerability in Qualcomm products

In Android before security patch level 2018-04-05 on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear MDM9206, MDM9607, MDM9650, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 820A, SD 835, SD 845, SD 850, in some corner cases, ECDSA signature verification can fail.

10.0
2018-04-11 CVE-2017-18145 Qualcomm Use After Free vulnerability in Qualcomm products

In Android before security patch level 2018-04-05 on Qualcomm Snapdragon Mobile and Snapdragon Wear MSM8909W, SD 210/SD 212/SD 205, SD 450, SD 615/16/SD 415, SD 625, SD 650/52, SD 820, SD 835, SD 845, while the DPM native process is processing framework events, the iterator pointer is deleted after processing an event.

10.0
2018-04-11 CVE-2017-18144 Qualcomm Use After Free vulnerability in Qualcomm products

In Android before security patch level 2018-04-05 on Qualcomm Snapdragon Mobile and Snapdragon Wear MSM8909W, SD 210/SD 212/SD 205, SD 450, SD 615/16/SD 415, SD 625, SD 650/52, SD 820, SD 835, SD 845, while processing the retransmission of WPA supplicant command send failures, there is a make after break of the connection to WPA supplicant where the local pointer is not properly updated.

10.0
2018-04-11 CVE-2017-18142 Qualcomm Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Qualcomm products

In Android before security patch level 2018-04-05 on Qualcomm Snapdragon Mobile MDM9650, MDM9655, SD 835, SD 845, SD 850, while processing the IMS SIP username, a buffer overflow can occur.

10.0
2018-04-11 CVE-2017-18140 Qualcomm Use After Free vulnerability in Qualcomm products

In Android before security patch level 2018-04-05 on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear MDM9206, MDM9607, MDM9650, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 808, SD 810, SD 820, SD 820A, SD 835, SD 845, when processing a call disconnection, there is an attempt to print the RIL token-id to the debug log.

10.0
2018-04-11 CVE-2017-18139 Qualcomm Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Qualcomm products

In Android before security patch level 2018-04-05 on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9607, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 808, SD 810, SD 820, SD 835, SD 845, SD 850, a buffer overflow vulnerability may potentially exist while making an IMS call.

10.0
2018-04-11 CVE-2017-18138 Qualcomm Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Qualcomm products

In Android before security patch level 2018-04-05 on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9607, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 808, SD 810, SD 820, SD 835, SD 845, SD 850, in GERAN, a buffer overflow may potentially occur.

10.0
2018-04-11 CVE-2017-18137 Qualcomm Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Qualcomm products

In Android before security patch level 2018-04-05 on Qualcomm Snapdragon Mobile MDM9640, MDM9645, MDM9650, MDM9655, SD 450, SD 625, SD 650/52, SD 810, SD 820, SD 835, while processing the IPv6 pdp address of the pdp context, a buffer overflow can occur.

10.0
2018-04-11 CVE-2017-18136 Qualcomm Use After Free vulnerability in Qualcomm products

In Android before security patch level 2018-04-05 on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear MDM9206, MDM9607, MDM9615, MDM9635M, MDM9640, MDM9650, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 808, SD 820, SD 820A, SD 835, SD 845, in the omx aac component, a Use After Free condition may potentially occur.

10.0
2018-04-11 CVE-2017-18135 Qualcomm Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Qualcomm products

In Android before security patch level 2018-04-05 on Qualcomm Snapdragon Mobile MDM9650, MDM9655, SD 450, SD 625, SD 650/52, SD 835, SD 845, SD 850, in the Wireless Data Service (WDS) module, a buffer overflow can occur.

10.0
2018-04-11 CVE-2017-18134 Qualcomm Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Qualcomm SD 845 Firmware and SD 850 Firmware

In Android before security patch level 2018-04-05 on Qualcomm Snapdragon Mobile SD 845, SD 850, a buffer overflow may potentially occur while processing a response from the SIM card.

10.0
2018-04-11 CVE-2017-18133 Qualcomm Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Qualcomm products

In Android before security patch level 2018-04-05 on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9607, MDM9650, SD 210/SD 212/SD 205, SD 835, an out of bound access for ebi channel array can potentially occur.

10.0
2018-04-11 CVE-2017-18132 Qualcomm Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Qualcomm products

In Android before security patch level 2018-04-05 on Qualcomm Snapdragon Automobile and Snapdragon Mobile MDM9206, MDM9607, MDM8996, an out-of-bounds access can potentially occur in tz_assign().

10.0
2018-04-11 CVE-2017-18130 Qualcomm Out-of-bounds Read vulnerability in Qualcomm products

In Android before security patch level 2018-04-05 on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear MDM9206, MDM9607, MDM9650, SD 210/SD 212/SD 205, SD 400, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 808, SD 820, SD 820A, SD 835, SD 845, while playing an ASF file, a buffer over-read can potentially occur.

10.0
2018-04-11 CVE-2017-18129 Qualcomm Exposure of Resource to Wrong Sphere vulnerability in Qualcomm products

In Android before security patch level 2018-04-05 on Qualcomm Snapdragon Automobile and Snapdragon Mobile MDM9206, MDM9607, SD 845, MSM8996, MSM8998, it is possible for IPA (internet protocol accelerator) channels owned by one security domain to be controlled from other domains.

10.0
2018-04-11 CVE-2017-18127 Qualcomm Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Qualcomm products

In Android before security patch level 2018-04-05 on Qualcomm Snapdragon Mobile and Snapdragon Wear MSM8909W, SD 210/SD 212/SD 205, SD 430, SD 450, SD 625, SD 650/52, SD 820, SD 835, SD 845, while processing a SetParam command packet in the VR service, the extracted name_len and value_len values are not checked and could potentially cause a buffer overflow in subsequent calls to memcpy().

10.0
2018-04-11 CVE-2017-18074 Qualcomm Improper Input Validation vulnerability in Qualcomm products

In Android before security patch level 2018-04-05 on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9607, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 615/16/SD 415, SD 800, SD 808, SD 810, SD 820, SD 835, while playing a .wma file with modified media header with non-standard bytes per second parameter value, a reachable assert occurs.

10.0
2018-04-11 CVE-2017-18071 Qualcomm Unspecified vulnerability in Qualcomm products

In Android before security patch level 2018-04-05 on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9607, MSM8909W, SD 210/SD 212/SD 205, SD 425, SD 430, SD 450, SD 625, SD 650/52, debug policy can potentially be bypassed.

10.0
2018-04-11 CVE-2017-11011 Qualcomm Use After Free vulnerability in Qualcomm products

In Android before security patch level 2018-04-05 on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9607, SD 210/SD 212/SD 205, SD 425, SD 430, SD 450, SD 625, SD 820, SD 835, a Use After Free condition can occur in a communication API.

10.0
2018-04-09 CVE-2018-0545 LXR Project OS Command Injection vulnerability in LXR Project LXR

LXR version 1.0.0 to 2.3.0 allows remote attackers to execute arbitrary OS commands via unspecified vectors.

10.0
2018-04-13 CVE-2018-6547 Plays TV Improper Authentication vulnerability in Plays.Tv

plays_service.exe in the plays.tv service before 1.27.7.0, as distributed in AMD driver-installation packages and Gaming Evolved products, contains an HTTP message parsing function that takes a user-defined path and writes non-user controlled data as SYSTEM to the file when the extract_files parameter is used.

9.4
2018-04-12 CVE-2018-1030 Microsoft Unspecified vulnerability in Microsoft Office 2013/2016

A remote code execution vulnerability exists in Microsoft Office software when the software fails to properly handle objects in memory, aka "Microsoft Office Remote Code Execution Vulnerability." This affects Microsoft Office.

9.3
2018-04-12 CVE-2018-1029 Microsoft Unspecified vulnerability in Microsoft products

A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory, aka "Microsoft Excel Remote Code Execution Vulnerability." This affects Microsoft Excel Viewer, Microsoft Office, Microsoft Excel.

9.3
2018-04-12 CVE-2018-1028 Microsoft Code Injection vulnerability in Microsoft products

A remote code execution vulnerability exists when the Office graphics component improperly handles specially crafted embedded fonts, aka "Microsoft Office Graphics Remote Code Execution Vulnerability." This affects Word, Microsoft Office, Microsoft SharePoint, Excel, Microsoft SharePoint Server.

9.3
2018-04-12 CVE-2018-1027 Microsoft Unspecified vulnerability in Microsoft products

A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory, aka "Microsoft Excel Remote Code Execution Vulnerability." This affects Microsoft Excel, Microsoft Office.

9.3
2018-04-12 CVE-2018-1026 Microsoft Unspecified vulnerability in Microsoft Office 2013/2016

A remote code execution vulnerability exists in Microsoft Office software when the software fails to properly handle objects in memory, aka "Microsoft Office Remote Code Execution Vulnerability." This affects Microsoft Office.

9.3
2018-04-12 CVE-2018-1016 Microsoft Improper Input Validation vulnerability in Microsoft products

A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted embedded fonts, aka "Microsoft Graphics Remote Code Execution Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers.

9.3
2018-04-12 CVE-2018-1015 Microsoft Improper Input Validation vulnerability in Microsoft products

A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted embedded fonts, aka "Microsoft Graphics Remote Code Execution Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers.

9.3
2018-04-12 CVE-2018-1013 Microsoft Improper Input Validation vulnerability in Microsoft products

A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted embedded fonts, aka "Microsoft Graphics Remote Code Execution Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers.

9.3
2018-04-12 CVE-2018-1012 Microsoft Improper Input Validation vulnerability in Microsoft products

A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted embedded fonts, aka "Microsoft Graphics Remote Code Execution Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers.

9.3
2018-04-12 CVE-2018-1011 Microsoft Unspecified vulnerability in Microsoft Excel and Excel RT

A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory, aka "Microsoft Excel Remote Code Execution Vulnerability." This affects Microsoft Excel.

9.3
2018-04-12 CVE-2018-1010 Microsoft Improper Input Validation vulnerability in Microsoft products

A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted embedded fonts, aka "Microsoft Graphics Remote Code Execution Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers.

9.3
2018-04-12 CVE-2018-1004 Microsoft Out-of-bounds Write vulnerability in Microsoft products

A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory, aka "Windows VBScript Engine Remote Code Execution Vulnerability." This affects Windows 7, Windows Server 2012 R2, Internet Explorer 9, Windows RT 8.1, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10.

9.3
2018-04-12 CVE-2018-1003 Microsoft Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Microsoft products

A buffer overflow vulnerability exists in the Microsoft JET Database Engine that could allow remote code execution on an affected system, aka "Microsoft JET Database Engine Remote Code Execution Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10.

9.3
2018-04-12 CVE-2018-0920 Microsoft Unspecified vulnerability in Microsoft Excel 2010

A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory, aka "Microsoft Excel Remote Code Execution Vulnerability." This affects Microsoft Excel.

9.3
2018-04-09 CVE-2018-0555 Buffalo Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Buffalo Wzr-1750Dhp2 Firmware

Buffer overflow in Buffalo WZR-1750DHP2 Ver.2.30 and earlier allows an attacker to execute arbitrary code via a specially crafted file.

9.3
2018-04-12 CVE-2014-6633 Tryton Command Injection vulnerability in Tryton

The safe_eval function in trytond in Tryton before 2.4.15, 2.6.x before 2.6.14, 2.8.x before 2.8.11, 3.0.x before 3.0.7, and 3.2.x before 3.2.3 allows remote authenticated users to execute arbitrary commands via shell metacharacters in (1) the collection.domain in the webdav module or (2) the formula field in the price_list module.

9.0

47 High Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2018-04-12 CVE-2014-8421 Unify Permissions, Privileges, and Access Controls vulnerability in Unify Openscape Desk Phone IP SIP and Openstage SIP

Unify (former Siemens) OpenStage SIP and OpenScape Desk Phone IP V3 devices before R3.32.0 allow remote attackers to gain super-user privileges by leveraging SSH access and incorrect ownership of (1) ConfigureCoreFile.sh, (2) Traceroute.sh, (3) apps.sh, (4) conversion_java2native.sh, (5) coreCompression.sh, (6) deletePasswd.sh, (7) findHealthSvcFDs.sh, (8) fw_printenv.sh, (9) fw_setenv.sh, (10) hw_wd_kicker.sh, (11) new_rootfs.sh, (12) opera_killSnmpd.sh, (13) opera_startSnmpd.sh, (14) rebootOperaSoftware.sh, (15) removeLogFiles.sh, (16) runOperaServices.sh, (17) setPasswd.sh, (18) startAccTestSvcs.sh, (19) usbNotification.sh, or (20) appWeb in /Opera_Deploy.

8.5
2018-04-11 CVE-2018-0016 Juniper Unspecified vulnerability in Juniper Junos

Receipt of a specially crafted Connectionless Network Protocol (CLNP) datagram destined to an interface of a Junos OS device may result in a kernel crash or lead to remote code execution.

8.5
2018-04-09 CVE-2018-0556 Buffalo OS Command Injection vulnerability in Buffalo Wzr-1750Dhp2 Firmware

Buffalo WZR-1750DHP2 Ver.2.30 and earlier allows an attacker to execute arbitrary OS commands via unspecified vectors.

8.3
2018-04-09 CVE-2018-0554 Buffalo Missing Authentication for Critical Function vulnerability in Buffalo Wzr-1750Dhp2 Firmware

Buffalo WZR-1750DHP2 Ver.2.30 and earlier allows an attacker to bypass authentication and execute arbitrary commands on the device via unspecified vectors.

8.3
2018-04-12 CVE-2018-0956 Microsoft Unspecified vulnerability in Microsoft Windows 10 and Windows Server 2016

A denial of service vulnerability exists in the HTTP 2.0 protocol stack (HTTP.sys) when HTTP.sys improperly parses specially crafted HTTP 2.0 requests, aka "HTTP.sys Denial of Service Vulnerability." This affects Windows Server 2016, Windows 10, Windows 10 Servers.

7.8
2018-04-11 CVE-2018-0022 Juniper Resource Exhaustion vulnerability in Juniper Junos

A Junos device with VPLS routing-instances configured on one or more interfaces may be susceptible to an mbuf leak when processing a specific MPLS packet.

7.8
2018-04-11 CVE-2018-0020 Juniper Improper Input Validation vulnerability in Juniper Junos

Junos OS may be impacted by the receipt of a malformed BGP UPDATE which can lead to a routing process daemon (rpd) crash and restart.

7.8
2018-04-11 CVE-2017-18128 Qualcomm Unspecified vulnerability in Qualcomm SD 845 Firmware and SD 850 Firmware

In Android before security patch level 2018-04-05 on Qualcomm Snapdragon Mobile SD 845, SD 850, improper access control while configuring MPU protecting error correction registers may potentially lead to exposure of related secured data.

7.8
2018-04-10 CVE-2017-1081 Freebsd Improper Input Validation vulnerability in Freebsd

In FreeBSD before 11.0-STABLE, 11.0-RELEASE-p10, 10.3-STABLE, and 10.3-RELEASE-p19, ipfilter using "keep state" or "keep frags" options can cause a kernel panic when fed specially crafted packet fragments due to incorrect memory handling.

7.8
2018-04-12 CVE-2018-1023 Microsoft Out-of-bounds Write vulnerability in Microsoft Chakracore and Edge

A remote code execution vulnerability exists in the way that Microsoft browsers access objects in memory, aka "Microsoft Browser Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore.

7.6
2018-04-12 CVE-2018-1020 Microsoft Out-of-bounds Write vulnerability in Microsoft Internet Explorer 10/11/9

A remote code execution vulnerability exists when Internet Explorer improperly accesses objects in memory, aka "Internet Explorer Memory Corruption Vulnerability." This affects Internet Explorer 9, Internet Explorer 11, Internet Explorer 10.

7.6
2018-04-12 CVE-2018-1019 Microsoft Out-of-bounds Write vulnerability in Microsoft Edge

A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore.

7.6
2018-04-12 CVE-2018-1018 Microsoft Out-of-bounds Write vulnerability in Microsoft Internet Explorer 11

A remote code execution vulnerability exists when Internet Explorer improperly accesses objects in memory, aka "Internet Explorer Memory Corruption Vulnerability." This affects Internet Explorer 11.

7.6
2018-04-12 CVE-2018-1001 Microsoft Out-of-bounds Write vulnerability in Microsoft Internet Explorer 10/11/9

A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer, aka "Scripting Engine Memory Corruption Vulnerability." This affects Internet Explorer 9, Internet Explorer 11, Internet Explorer 10.

7.6
2018-04-12 CVE-2018-0997 Microsoft Out-of-bounds Write vulnerability in Microsoft Internet Explorer 11

A remote code execution vulnerability exists when Internet Explorer improperly accesses objects in memory, aka "Internet Explorer Memory Corruption Vulnerability." This affects Internet Explorer 11.

7.6
2018-04-12 CVE-2018-0996 Microsoft Out-of-bounds Write vulnerability in Microsoft Internet Explorer 10/11/9

A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer, aka "Scripting Engine Memory Corruption Vulnerability." This affects Internet Explorer 9, Internet Explorer 11, Internet Explorer 10.

7.6
2018-04-12 CVE-2018-0995 Microsoft Out-of-bounds Write vulnerability in Microsoft Edge

A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore.

7.6
2018-04-12 CVE-2018-0994 Microsoft Out-of-bounds Write vulnerability in Microsoft Edge

A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore.

7.6
2018-04-12 CVE-2018-0993 Microsoft Out-of-bounds Write vulnerability in Microsoft Edge

A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore.

7.6
2018-04-12 CVE-2018-0991 Microsoft Out-of-bounds Write vulnerability in Microsoft Internet Explorer 10/11

A remote code execution vulnerability exists when Internet Explorer improperly accesses objects in memory, aka "Internet Explorer Memory Corruption Vulnerability." This affects Internet Explorer 11, Internet Explorer 10.

7.6
2018-04-12 CVE-2018-0990 Microsoft Out-of-bounds Write vulnerability in Microsoft Edge

A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore.

7.6
2018-04-12 CVE-2018-0988 Microsoft Out-of-bounds Write vulnerability in Microsoft Internet Explorer 10/11/9

A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer, aka "Scripting Engine Memory Corruption Vulnerability." This affects Internet Explorer 9, Internet Explorer 11, Internet Explorer 10.

7.6
2018-04-12 CVE-2018-0980 Microsoft Out-of-bounds Write vulnerability in Microsoft Chakracore and Edge

A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore.

7.6
2018-04-12 CVE-2018-0979 Microsoft Out-of-bounds Write vulnerability in Microsoft Edge

A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore.

7.6
2018-04-12 CVE-2018-0870 Microsoft Out-of-bounds Write vulnerability in Microsoft Internet Explorer 11

A remote code execution vulnerability exists when Internet Explorer improperly accesses objects in memory, aka "Internet Explorer Memory Corruption Vulnerability." This affects Internet Explorer 11.

7.6
2018-04-13 CVE-2017-0372 Mediawiki
Debian
Injection vulnerability in multiple products

Parameters injection in the SyntaxHighlight extension of Mediawiki before 1.23.16, 1.27.3 and 1.28.2 might result in multiple vulnerabilities.

7.5
2018-04-13 CVE-2017-0357 Iucode Tool Project
Debian
Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products

A heap-overflow flaw exists in the -tr loader of iucode-tool starting with v1.4 and before v2.1.1, potentially leading to SIGSEGV, or heap corruption.

7.5
2018-04-13 CVE-2017-0356 Ikiwiki
Debian
Improper Authentication vulnerability in multiple products

A flaw, similar to to CVE-2016-9646, exists in ikiwiki before 3.20170111, in the passwordauth plugin's use of CGI::FormBuilder, allowing an attacker to bypass authentication via repeated parameters.

7.5
2018-04-13 CVE-2018-6959 Vmware Session Fixation vulnerability in VMWare Vrealize Automation

VMware vRealize Automation (vRA) prior to 7.4.0 contains a vulnerability in the handling of session IDs.

7.5
2018-04-13 CVE-2018-10085 Cmsmadesimple Deserialization of Untrusted Data vulnerability in Cmsmadesimple CMS Made Simple

CMS Made Simple (CMSMS) through 2.2.6 allows PHP object injection because of an unserialize call in the _get_data function of \lib\classes\internal\class.LoginOperations.php.

7.5
2018-04-12 CVE-2015-0150 D Link Improper Access Control vulnerability in D-Link Dir-815 Firmware

The remote administration UI in D-Link DIR-815 devices with firmware before 2.07.B01 allows remote attackers to bypass intended access restrictions via unspecified vectors.

7.5
2018-04-12 CVE-2018-1084 Corosync
Debian
Redhat
Canonical
Integer Overflow or Wraparound vulnerability in multiple products

corosync before version 2.4.4 is vulnerable to an integer overflow in exec/totemcrypto.c.

7.5
2018-04-12 CVE-2018-9843 Cyberark Deserialization of Untrusted Data vulnerability in Cyberark Password Vault 10.0

The REST API in CyberArk Password Vault Web Access before 9.9.5 and 10.x before 10.1 allows remote attackers to execute arbitrary code via a serialized .NET object in an Authorization HTTP header.

7.5
2018-04-11 CVE-2018-8954 CA Improper Input Validation vulnerability in CA Workload Control Center

CA Workload Control Center before r11.4 SP6 allows remote attackers to execute arbitrary code via a crafted HTTP request.

7.5
2018-04-11 CVE-2018-1275 Pivotal Software
Oracle
Code Injection vulnerability in multiple products

Spring Framework, versions 5.0 prior to 5.0.5 and versions 4.3 prior to 4.3.16 and older unsupported versions, allow applications to expose STOMP over WebSocket endpoints with a simple, in-memory STOMP broker through the spring-messaging module.

7.5
2018-04-11 CVE-2018-1273 Pivotal Software
Apache
Improper Input Validation vulnerability in multiple products

Spring Data Commons, versions prior to 1.13 to 1.13.10, 2.0 to 2.0.5, and older unsupported versions, contain a property binder vulnerability caused by improper neutralization of special elements.

7.5
2018-04-10 CVE-2018-2408 SAP Session Fixation vulnerability in SAP Businessobjects

Improper Session Management in SAP Business Objects, 4.0, from 4.10, from 4.20, 4.30, CMC/BI Launchpad/Fiorified BI Launchpad.

7.5
2018-04-10 CVE-2018-2404 SAP Unrestricted Upload of File with Dangerous Type vulnerability in SAP Disclosure Management 10.1

SAP Disclosure Management 10.1 allows an attacker to upload any file without proper file format validation.

7.5
2018-04-10 CVE-2017-14323 Onethink Server-Side Request Forgery (SSRF) vulnerability in Onethink 1.0/1.1

SSRF (Server Side Request Forgery) in getRemoteImage.php in Ueditor in Onethink V1.0 and V1.1 allows remote attackers to obtain sensitive information, attack intranet hosts, or possibly trigger remote command execution via the upfile parameter.

7.5
2018-04-10 CVE-2014-3114 Ezpz ONE Click Backup Project Command Injection vulnerability in Ezpz-One-Click-Backup Project Ezpz-One-Click-Backup

The EZPZ One Click Backup (ezpz-one-click-backup) plugin 12.03.10 and earlier for WordPress allows remote attackers to execute arbitrary commands via the cmd parameter to functions/ezpz-archive-cmd.php.

7.5
2018-04-10 CVE-2014-2073 3DS Out-of-bounds Write vulnerability in 3DS Catia V56R2013

Stack-based buffer overflow in Dassault Systemes CATIA V5-6R2013 allows remote attackers to execute arbitrary code via a crafted packet, related to "CATV5_Backbone_Bus."

7.5
2018-04-10 CVE-2018-9924 Icmsdev SQL Injection vulnerability in Icmsdev Icms

An issue was discovered in idreamsoft iCMS through 7.0.7.

7.5
2018-04-12 CVE-2018-8117 Microsoft Unspecified vulnerability in Microsoft Wireless Keyboard 850

A security feature bypass vulnerability exists in the Microsoft Wireless Keyboard 850 which could allow an attacker to reuse an AES encryption key to send keystrokes to other keyboard devices or to read keystrokes sent by other keyboards for the affected devices, aka "Microsoft Wireless Keyboard 850 Security Feature Bypass Vulnerability." This affects Microsoft Wireless Keyboard 850.

7.3
2018-04-13 CVE-2017-0358 Tuxera
Debian
Improper Privilege Management vulnerability in multiple products

Jann Horn of Google Project Zero discovered that NTFS-3G, a read-write NTFS driver for FUSE, does not scrub the environment before executing modprobe with elevated privileges.

7.2
2018-04-12 CVE-2018-1009 Microsoft Unspecified vulnerability in Microsoft products

An elevation of privilege vulnerability exists when Windows improperly handles objects in memory and incorrectly maps kernel memory, aka "Microsoft DirectX Graphics Kernel Subsystem Elevation of Privilege Vulnerability." This affects Windows Server 2012 R2, Windows RT 8.1, Windows Server 2012, Windows Server 2016, Windows 8.1, Windows 10, Windows 10 Servers.

7.2
2018-04-11 CVE-2018-1100 ZSH
Canonical
Redhat
Out-of-bounds Write vulnerability in multiple products

zsh through version 5.4.2 is vulnerable to a stack-based buffer overflow in the utils.c:checkmailpath function.

7.2
2018-04-09 CVE-2018-9862 Hyper Inappropriate Encoding for Output Context vulnerability in Hyper Runv 1.0.0

util.c in runV 1.0.0 for Docker mishandles a numeric username, which allows attackers to obtain root access by leveraging the presence of an initial numeric value on an /etc/passwd line, and then issuing a "docker exec" command with that value in the -u argument, a similar issue to CVE-2016-3697.

7.2

145 Medium Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2018-04-12 CVE-2018-1008 Microsoft Unspecified vulnerability in Microsoft products

An elevation of privilege vulnerability exists in Windows Adobe Type Manager Font Driver (ATMFD.dll) when it fails to properly handle objects in memory, aka "OpenType Font Driver Elevation of Privilege Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers.

6.9
2018-04-13 CVE-2017-0362 Mediawiki
Debian
Cross-Site Request Forgery (CSRF) vulnerability in multiple products

Mediawiki before 1.28.1 / 1.27.2 / 1.23.16 contains a flaw where the "Mark all pages visited" on the watchlist does not require a CSRF token.

6.8
2018-04-13 CVE-2018-10066 Mikrotik Improper Certificate Validation vulnerability in Mikrotik Routeros 6.41.4

An issue was discovered in MikroTik RouterOS 6.41.4.

6.8
2018-04-12 CVE-2018-6934 Ordermanagementscript Cross-Site Request Forgery (CSRF) vulnerability in Ordermanagementscript Online Tutoring Script 2.0.3

CSRF exists in student/personal-info in PHP Scripts Mall Online Tutoring Script 2.0.3.

6.8
2018-04-12 CVE-2015-0151 D Link Cross-Site Request Forgery (CSRF) vulnerability in D-Link Dir-815 Firmware

Cross-site request forgery (CSRF) vulnerability in D-Link DIR-815 devices with firmware before 2.07.B01 allows remote attackers to hijack the authentication of arbitrary users for requests that insert XSS sequences.

6.8
2018-04-12 CVE-2014-8422 Unify Insufficient Entropy vulnerability in Unify Openscape Desk Phone IP SIP and Openstage SIP

The web-based management (WBM) interface in Unify (former Siemens) OpenStage SIP and OpenScape Desk Phone IP V3 devices before R3.32.0 generates session cookies with insufficient entropy, which makes it easier for remote attackers to hijack sessions via a brute-force attack.

6.8
2018-04-12 CVE-2018-3889 Pl32 Out-of-bounds Write vulnerability in Pl32 Photoline 20.53

A specially crafted PCX image processed via the application can lead to an out-of-bounds write, overwriting arbitrary data.

6.8
2018-04-12 CVE-2018-3868 Computer Insel Out-of-bounds Write vulnerability in Computer-Insel Photoline 20.53

A specially crafted TIFF image processed via the application can lead to an out-of-bounds write, overwriting arbitrary data.

6.8
2018-04-12 CVE-2018-3862 Computer Insel Out-of-bounds Write vulnerability in Computer-Insel Photoline 20.53

A specially crafted TIFF image processed via the application can lead to an out-of-bounds write, overwriting

6.8
2018-04-12 CVE-2018-3861 Computer Insel Out-of-bounds Write vulnerability in Computer-Insel Photoline 20.53

A specially crafted TIFF image processed via the application can lead to an out-of-bounds write, overwriting arbitrary data.

6.8
2018-04-12 CVE-2018-10063 Convert Forms Project Unspecified vulnerability in Convert Forms Project Convert Forms 2.0.3

The Convert Forms extension before 2.0.4 for Joomla! is vulnerable to Remote Command Execution using CSV Injection that is mishandled when exporting a Leads file.

6.8
2018-04-11 CVE-2018-3888 Pl32 Out-of-bounds Write vulnerability in Pl32 Photoline 20.53

A memory corruption vulnerability exists in the PCX-parsing functionality of Computerinsel Photoline 20.53.

6.8
2018-04-11 CVE-2018-3887 Pl32 Out-of-bounds Write vulnerability in Pl32 Photoline 20.53

A memory corruption vulnerability exists in the PCX-parsing functionality of Computerinsel Photoline 20.53.

6.8
2018-04-11 CVE-2018-3886 Pl32 Out-of-bounds Write vulnerability in Pl32 Photoline 20.53

A memory corruption vulnerability exists in the PCX-parsing functionality of Computerinsel Photoline 20.53.

6.8
2018-04-11 CVE-2018-10048 Iscripts Cross-Site Request Forgery (CSRF) vulnerability in Iscripts Eswap 2.4

iScripts eSwap v2.4 has CSRF via "registration_settings.php" in the Admin Panel.

6.8
2018-04-11 CVE-2018-10031 Cmsmadesimple Cross-Site Request Forgery (CSRF) vulnerability in Cmsmadesimple CMS Made Simple

CMS Made Simple (aka CMSMS) 2.2.7 has CSRF in admin/moduleinterface.php.

6.8
2018-04-11 CVE-2018-10030 Cmsmadesimple Cross-Site Request Forgery (CSRF) vulnerability in Cmsmadesimple CMS Made Simple

CMS Made Simple (aka CMSMS) 2.2.7 has CSRF in admin/siteprefs.php.

6.8
2018-04-11 CVE-2018-0017 Juniper Improper Input Validation vulnerability in Juniper Junos

A vulnerability in the Network Address Translation - Protocol Translation (NAT-PT) feature of Junos OS on SRX series devices may allow a certain valid IPv6 packet to crash the flowd daemon.

6.8
2018-04-10 CVE-2018-3839 Libsdl
Debian
Out-of-bounds Write vulnerability in multiple products

An exploitable code execution vulnerability exists in the XCF image rendering functionality of Simple DirectMedia Layer SDL2_image-2.0.2.

6.8
2018-04-10 CVE-2018-9918 Qpdf Project
Canonical
Uncontrolled Recursion vulnerability in multiple products

libqpdf.a in QPDF through 8.0.2 mishandles certain "expected dictionary key but found non-name object" cases, allowing remote attackers to cause a denial of service (stack exhaustion), related to the QPDFObjectHandle and QPDF_Dictionary classes, because nesting in direct objects is not restricted.

6.8
2018-04-10 CVE-2014-3999 Horde Improper Authentication vulnerability in Horde Ldap

The Horde_Ldap library before 2.0.6 for Horde allows remote attackers to bypass authentication by leveraging knowledge of the LDAP bind user DN.

6.8
2018-04-10 CVE-2014-0158 Uclouvain
Opensuse
Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products

Heap-based buffer overflow in the JPEG2000 image tile decoder in OpenJPEG before 1.5.2 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted file because of incorrect j2k_decode, j2k_read_eoc, and tcd_decode_tile interaction, a related issue to CVE-2013-6045.

6.8
2018-04-10 CVE-2018-9927 Wuzhicms Cross-Site Request Forgery (CSRF) vulnerability in Wuzhicms 4.1.0

An issue was discovered in WUZHI CMS 4.1.0.

6.8
2018-04-10 CVE-2018-9926 Wuzhicms Cross-Site Request Forgery (CSRF) vulnerability in Wuzhicms 4.1.0

An issue was discovered in WUZHI CMS 4.1.0.

6.8
2018-04-10 CVE-2018-9923 Icmsdev Cross-Site Request Forgery (CSRF) vulnerability in Icmsdev Icms

An issue was discovered in idreamsoft iCMS through 7.0.7.

6.8
2018-04-09 CVE-2018-9856 Kotti Project Cross-Site Request Forgery (CSRF) vulnerability in Kotti Project Kotti

Kotti before 1.3.2 and 2.x before 2.0.0b2 has CSRF in the local roles implementation, as demonstrated by triggering a permission change via a /admin-document/@@share request.

6.8
2018-04-13 CVE-2017-0367 Mediawiki
Debian
Exposure of Resource to Wrong Sphere vulnerability in multiple products

Mediawiki before 1.28.1 / 1.27.2 contains an unsafe use of temporary directory, where having LocalisationCache directory default to system tmp directory is insecure.

6.5
2018-04-13 CVE-2018-5511 F5
Vmware
Microsoft
Unsafe Reflection vulnerability in multiple products

On F5 BIG-IP 13.1.0-13.1.0.3 or 13.0.0, when authenticated administrative users execute commands in the Traffic Management User Interface (TMUI), also referred to as the BIG-IP Configuration utility, restrictions on allowed commands may not be enforced.

6.5
2018-04-13 CVE-2018-10086 Cmsmadesimple Code Injection vulnerability in Cmsmadesimple CMS Made Simple

CMS Made Simple (CMSMS) through 2.2.7 contains an arbitrary code execution vulnerability in the admin dashboard because the implementation uses "eval('function testfunction'.rand()" and it is possible to bypass certain restrictions on these "testfunction" functions.

6.5
2018-04-13 CVE-2018-10084 Cmsmadesimple Use of a Broken or Risky Cryptographic Algorithm vulnerability in Cmsmadesimple CMS Made Simple

CMS Made Simple (CMSMS) through 2.2.6 contains a privilege escalation vulnerability from ordinary user to admin user by arranging for the eff_uid value within $_COOKIE[$this->_loginkey] to equal 1, because an SHA-1 cryptographic protection mechanism can be bypassed.

6.5
2018-04-11 CVE-2018-10054 Cognitect
H2Database
Improper Input Validation vulnerability in multiple products

H2 1.4.197, as used in Datomic before 0.9.5697 and other products, allows remote code execution because CREATE ALIAS can execute arbitrary Java code.

6.5
2018-04-11 CVE-2018-10050 Iscripts SQL Injection vulnerability in Iscripts Eswap 2.4

iScripts eSwap v2.4 has SQL injection via the "registration_settings.php" ddlFree parameter in the Admin Panel.

6.5
2018-04-11 CVE-2018-8953 CA SQL Injection vulnerability in CA Workload Automation AE

CA Workload Automation AE before r11.3.6 SP7 allows remote attackers to a perform SQL injection via a crafted HTTP request.

6.5
2018-04-11 CVE-2017-9839 Dolibarr SQL Injection vulnerability in Dolibarr Erp/Crm

Dolibarr ERP/CRM is affected by SQL injection in versions before 5.0.4 via product/stats/card.php (type parameter).

6.5
2018-04-11 CVE-2017-18260 Dolibarr SQL Injection vulnerability in Dolibarr Erp/Crm

Dolibarr ERP/CRM is affected by multiple SQL injection vulnerabilities in versions through 7.0.0 via comm/propal/list.php (viewstatut parameter) or comm/propal/list.php (propal_statut parameter, aka search_statut parameter).

6.5
2018-04-10 CVE-2018-9037 Monstra Unrestricted Upload of File with Dangerous Type vulnerability in Monstra 3.0.4

Monstra CMS 3.0.4 allows remote code execution via an upload_file request for a .zip file, which is automatically extracted and may contain .php files.

6.5
2018-04-10 CVE-2018-2413 SAP Missing Authorization vulnerability in SAP Disclosure Management 10.1

SAP Disclosure Management 10.1 does not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges.

6.5
2018-04-10 CVE-2018-2412 SAP Missing Authorization vulnerability in SAP Disclosure Management 10.1

SAP Disclosure Management 10.1 does not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges.

6.5
2018-04-10 CVE-2018-2409 SAP Session Fixation vulnerability in SAP Cloud Platform 2.0

Improper session management when using SAP Cloud Platform 2.0 (Connectivity Service and Cloud Connector).

6.5
2018-04-10 CVE-2014-1946 Opendocman Permissions, Privileges, and Access Controls vulnerability in Opendocman

OpenDocMan 1.2.7 and earlier does not properly validate allowed actions, which allows remote authenticated users to bypass an intended access restrictions and assign administrative privileges to themselves via a crafted request to signup.php.

6.5
2018-04-13 CVE-2017-6158 F5 Unspecified vulnerability in F5 products

In F5 BIG-IP 12.0.0-12.1.2, 11.6.0-11.6.1, 11.5.1-11.5.5, or 11.2.1 there is a vulnerability in TMM related to handling of invalid IP addresses.

6.4
2018-04-13 CVE-2018-10083 Cmsmadesimple Path Traversal vulnerability in Cmsmadesimple CMS Made Simple

CMS Made Simple (CMSMS) through 2.2.7 contains an arbitrary file deletion vulnerability in the admin dashboard via directory traversal sequences in the val parameter within a cmd=del request, because code under modules\FilePicker does not restrict the val parameter.

6.4
2018-04-10 CVE-2017-14611 Getcockpit Server-Side Request Forgery (SSRF) vulnerability in Getcockpit Cockpit 0.13.0

SSRF (Server Side Request Forgery) in Cockpit 0.13.0 allows remote attackers to read arbitrary files or send TCP traffic to intranet hosts via the url parameter, related to use of the discontinued aheinze/fetch_url_contents component.

6.4
2018-04-10 CVE-2017-18101 Atlassian Missing Authorization vulnerability in Atlassian Jira

Various administrative external system import resources in Atlassian JIRA Server (including JIRA Core) before version 7.6.5, from version 7.7.0 before version 7.7.3, from version 7.8.0 before version 7.8.3 and before version 7.9.0 allow remote attackers to run import operations and to determine if an internal service exists through missing permission checks.

6.4
2018-04-12 CVE-2018-0967 Microsoft Unspecified vulnerability in Microsoft products

A denial of service vulnerability exists in the way that Windows SNMP Service handles malformed SNMP traps, aka "Windows SNMP Service Denial of Service Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers.

6.3
2018-04-13 CVE-2017-6156 F5 Unspecified vulnerability in F5 products

When the F5 BIG-IP 12.1.0-12.1.1, 11.6.0-11.6.1, 11.5.1-11.5.5, or 11.2.1 system is configured with a wildcard IPSec tunnel endpoint, it may allow a remote attacker to disrupt or impersonate the tunnels that have completed phase 1 IPSec negotiations.

6.0
2018-04-11 CVE-2016-10258 Broadcom Unrestricted Upload of File with Dangerous Type vulnerability in Broadcom Advanced Secure Gateway and Symantec Proxysg

Unrestricted file upload vulnerability in the Symantec Advanced Secure Gateway (ASG) and ProxySG management consoles.

6.0
2018-04-13 CVE-2017-0364 Mediawiki
Debian
Open Redirect vulnerability in multiple products

Mediawiki before 1.28.1 / 1.27.2 / 1.23.16 contains a flaw where Special:Search allows redirects to any interwiki link.

5.8
2018-04-13 CVE-2017-0363 Mediawiki
Debian
Open Redirect vulnerability in multiple products

Mediawiki before 1.28.1 / 1.27.2 / 1.23.16 has a flaw where Special:UserLogin?returnto=interwiki:foo will redirect to external sites.

5.8
2018-04-13 CVE-2017-6143 F5 Improper Certificate Validation vulnerability in F5 products

X509 certificate verification was not correctly implemented in the IP Intelligence Subscription and IP Intelligence feed-list features, and thus the remote server's identity is not properly validated in F5 BIG-IP 12.0.0-12.1.2, 11.6.0-11.6.2, or 11.5.0-11.5.5.

5.8
2018-04-09 CVE-2018-0553 Glamo Improper Certificate Validation vulnerability in Glamo Iremocon Wifi 4.1.7

The iRemoconWiFi App for Android version 4.1.7 and earlier does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.

5.8
2018-04-11 CVE-2017-2599 Jenkins Incorrect Authorization vulnerability in Jenkins

Jenkins before versions 2.44 and 2.32.2 is vulnerable to an insufficient permission check.

5.5
2018-04-10 CVE-2018-9038 Monstra Path Traversal vulnerability in Monstra 3.0.4

Monstra CMS 3.0.4 allows remote attackers to delete files via an admin/index.php?id=filesmanager&delete_dir=./&path=uploads/ request.

5.5
2018-04-13 CVE-2017-0370 Mediawiki
Debian
Improper Input Validation vulnerability in multiple products

Mediawiki before 1.28.1 / 1.27.2 / 1.23.16 contains a flaw were Spam blacklist is ineffective on encoded URLs inside file inclusion syntax's link parameter.

5.0
2018-04-13 CVE-2017-0368 Mediawiki
Debian
Improper Input Validation vulnerability in multiple products

Mediawiki before 1.28.1 / 1.27.2 / 1.23.16 contains a flaw making rawHTML mode apply to system messages.

5.0
2018-04-13 CVE-2016-9646 Ikiwiki
Debian
Improper Authentication vulnerability in multiple products

ikiwiki before 3.20161229 incorrectly called the CGI::FormBuilder->field method (similar to the CGI->param API that led to Bugzilla's CVE-2014-1572), which can be abused to lead to commit metadata forgery.

5.0
2018-04-13 CVE-2018-5510 F5 Improper Input Validation vulnerability in F5 products

On F5 BIG-IP 11.5.4 HF4-11.5.5, the Traffic Management Microkernel (TMM) may restart when processing a specific sequence of packets on IPv6 virtual servers.

5.0
2018-04-13 CVE-2018-5507 F5 Unspecified vulnerability in F5 products

On F5 BIG-IP versions 13.0.0, 12.1.0-12.1.3.1, 11.6.1-11.6.2, or 11.5.1-11.5.5, vCMP guests running on VIPRION 2100, 4200 and 4300 series blades cannot correctly decrypt ciphertext from established SSL sessions with small MTU.

5.0
2018-04-13 CVE-2018-5506 F5 Unspecified vulnerability in F5 products

In F5 BIG-IP 13.0.0, 12.1.0-12.1.2, 11.6.1, 11.5.1-11.5.5, or 11.2.1 the Apache modules apache_auth_token_mod and mod_auth_f5_auth_token.cpp allow possible unauthenticated bruteforce on the em_server_ip authorization parameter to obtain which SSL client certificates used for mutual authentication between BIG-IQ or Enterprise Manager (EM) and managed BIG-IP devices.

5.0
2018-04-13 CVE-2017-6155 F5 Unspecified vulnerability in F5 products

On F5 BIG-IP 13.0.0, 12.0.0-12.1.3.1, 11.6.0-11.6.2, 11.4.1-11.5.5, or 11.2.1, malformed SPDY or HTTP/2 requests may result in a disruption of service to TMM.

5.0
2018-04-13 CVE-2017-6148 F5 Improper Input Validation vulnerability in F5 products

Responses to SOCKS proxy requests made through F5 BIG-IP version 13.0.0, 12.0.0-12.1.3.1, 11.6.1-11.6.2, or 11.5.1-11.5.5 may cause a disruption of services provided by TMM.

5.0
2018-04-13 CVE-2018-10082 Cmsmadesimple Information Exposure vulnerability in Cmsmadesimple CMS Made Simple

CMS Made Simple (CMSMS) through 2.2.7 allows physical path leakage via an invalid /index.php?page= value, a crafted URI starting with /index.php?mact=Search, or a direct request to /admin/header.php, /admin/footer.php, /lib/tasks/class.ClearCache.task.php, or /lib/tasks/class.CmsSecurityCheck.task.php.

5.0
2018-04-13 CVE-2018-10081 Cmsmadesimple Weak Password Recovery Mechanism for Forgotten Password vulnerability in Cmsmadesimple CMS Made Simple

CMS Made Simple (CMSMS) through 2.2.6 contains an admin password reset vulnerability because data values are improperly compared, as demonstrated by a hash beginning with the "0e" substring.

5.0
2018-04-13 CVE-2018-10080 Secutech Project Insufficient Verification of Data Authenticity vulnerability in Secutech Project Ris-11 Firmware, Ris-22 Firmware and Ris-33 Firmware

Secutech RiS-11, RiS-22, and RiS-33 devices with firmware V5.07.52_es_FRI01 allow DNS settings changes via a goform/AdvSetDns?GO=wan_dns.asp request in conjunction with a crafted admin cookie.

5.0
2018-04-12 CVE-2018-5254 Arista Channel and Path Errors vulnerability in Arista EOS

Arista EOS before 4.20.2F allows remote BGP peers to cause a denial of service (Rib agent restart) via a malformed path attribute in an UPDATE message.

5.0
2018-04-12 CVE-2015-0153 D Link Key Management Errors vulnerability in D-Link Dir-815 Firmware

D-Link DIR-815 devices with firmware before 2.07.B01 allow remote attackers to obtain sensitive information by leveraging cleartext storage of the wireless key.

5.0
2018-04-12 CVE-2015-0152 D Link Information Exposure vulnerability in D-Link Dir-815 Firmware

D-Link DIR-815 devices with firmware before 2.07.B01 allow remote attackers to obtain sensitive information by leveraging cleartext storage of the administrative password.

5.0
2018-04-12 CVE-2014-6412 Wordpress Weak Password Recovery Mechanism for Forgotten Password vulnerability in Wordpress

WordPress before 4.4 makes it easier for remote attackers to predict password-recovery tokens via a brute-force approach.

5.0
2018-04-12 CVE-2018-1086 Clusterlabs
Debian
Redhat
Information Exposure vulnerability in multiple products

pcs before versions 0.9.164 and 0.10 is vulnerable to a debug parameter removal bypass.

5.0
2018-04-12 CVE-2018-9842 Cyberark Information Exposure vulnerability in Cyberark Password Vault

CyberArk Password Vault before 9.7 allows remote attackers to obtain sensitive information from process memory by replaying a logon message.

5.0
2018-04-12 CVE-2018-9118 99Robots Path Traversal vulnerability in 99Robots WP Background Takeover Advertisements

exports/download.php in the 99 Robots WP Background Takeover Advertisements plugin before 4.1.5 for WordPress has Directory Traversal via a ..

5.0
2018-04-12 CVE-2017-6910 Kaazing Information Exposure vulnerability in Kaazing Gateway

The HTTP and WebSocket engine components in the server in Kaazing Gateway before 4.5.3 hotfix-1, Gateway - JMS Edition before 4.0.5 hotfix-15, 4.0.6 before hotfix-4, 4.0.7, 4.0.9 before hotfix-19, 4.4.x before 4.4.2 hotfix-1, 4.5.x before 4.5.3 hotfix-1, and Gateway Community and Enterprise Editions before 5.6.0 allow remote attackers to bypass intended access restrictions and obtain sensitive information via vectors related to HTTP request handling.

5.0
2018-04-12 CVE-2014-6309 Kaazing Information Exposure vulnerability in Kaazing Gateway 4.0.2/4.0.3/4.0.4

The HTTP and WebSocket engine components in the server in Kaazing Gateway 4.0.2, 4.0.3, and 4.0.4 and Gateway - JMS Edition 4.0.2, 4.0.3, and 4.0.4 allow remote attackers to obtain sensitive information via vectors related to HTTP request handling.

5.0
2018-04-12 CVE-2018-9860 Botan Project Off-by-one Error vulnerability in Botan Project Botan

An issue was discovered in Botan 1.11.32 through 2.x before 2.6.0.

5.0
2018-04-11 CVE-2018-10028 Joyplus CMS Project Information Exposure vulnerability in Joyplus-Cms Project Joyplus-Cms 1.6.0

joyplus-cms 1.6.0 allows remote attackers to obtain sensitive information via a direct request to the install/ or log/ URI.

5.0
2018-04-11 CVE-2018-10024 Ubiquoss Insufficiently Protected Credentials vulnerability in Ubiquoss Vp5208A Firmware

ubiQuoss Switch VP5208A creates a bcm_password file at /cgi-bin/ with the user credentials in cleartext when a failed login attempt occurs.

5.0
2018-04-11 CVE-2017-17308 Huawei Improper Input Validation vulnerability in Huawei products

SCCPX module in Huawei DP300 V500R002C00, RP200 V500R002C00, V600R006C00, TE30 V100R001C10, V500R002C00, V600R006C00, TE40 V500R002C00, V600R006C00, TE50 V500R002C00, V600R006C00, TE60 V100R001C10, V500R002C00, V600R006C00 has an invalid memory access vulnerability.

5.0
2018-04-11 CVE-2017-18143 Qualcomm Unspecified vulnerability in Qualcomm SD 845 Firmware and SD 850 Firmware

In Android before security patch level 2018-04-05 on Qualcomm Snapdragon Mobile SD 845, SD 850, on a secure device, PD dumps are collected when debugging is not enabled.

5.0
2018-04-11 CVE-2017-18126 Qualcomm Unspecified vulnerability in Qualcomm products

In Android before security patch level 2018-04-05 on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9607, MDM9640, MDM9650, QCA6174A, QCA6574, QCA6574AU, QCA6584, QCA6584AU, QCA9377, QCA9379, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 450, SD 615/16/SD 415, SD 625, SD 650/52, SD 808, SD 810, SD 820, SD 835, SD 845, SDM630, SDM636, SDM660, Snapdragon_High_Med_2016, the original mac spoofing feature does not use the following in probe request frames: (a) randomized sequence numbers and (b) randomized source address for cfg80211 scan, vendor scan and pno scan which may affect user privacy.

5.0
2018-04-11 CVE-2017-18125 Qualcomm Session Fixation vulnerability in Qualcomm products

In Android before security patch level 2018-04-05 on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9607, MDM9650, SD 210/SD 212/SD 205, SD 835, SD 845, SD 850, when secure camera is activated it stores captured data in protected buffers.

5.0
2018-04-11 CVE-2017-18073 Qualcomm Exposure of Resource to Wrong Sphere vulnerability in Qualcomm products

In Android before security patch level 2018-04-05 on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear MDM9206, MDM9607, MDM9650, SD 210/SD 212/SD 205, SD 820, SD 820A, SD 835, the HLOS can gain access to unauthorized memory.

5.0
2018-04-11 CVE-2017-18072 Qualcomm Information Exposure vulnerability in Qualcomm products

In Android before security patch level 2018-04-05 on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9607, MDM9640, MDM9650, QCA4531, QCA6174A, QCA6564, QCA6574, QCA6574AU, QCA6584, QCA6584AU, QCA9377, QCA9378, QCA9379, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 450, SD 615/16/SD 415, SD 625, SD 650/52, SD 808, SD 810, SD 820, SD 835, SD 845, SDM630, SDM636, SDM660, Snapdragon_High_Med_2016, the probe requests originated from user's phone contains the information elements which specifies the supported wifi features.

5.0
2018-04-11 CVE-2017-13677 Broadcom Unspecified vulnerability in Broadcom Advanced Secure Gateway and Symantec Proxysg

Denial-of-service (DoS) vulnerability in the Symantec Advanced Secure Gateway (ASG) and ProxySG management consoles.

5.0
2018-04-10 CVE-2018-9995 Tbkvision Unspecified vulnerability in Tbkvision Tbk-Dvr4104 Firmware and Tbk-Dvr4216 Firmware

TBK DVR4104 and DVR4216 devices, as well as Novo, CeNova, QSee, Pulnix, XVR 5 in 1, Securus, Night OWL, DVR Login, HVR Login, and MDVR Login, which run re-branded versions of the original TBK DVR4104 and DVR4216 series, allow remote attackers to bypass authentication via a "Cookie: uid=admin" header, as demonstrated by a device.rsp?opt=user&cmd=list request that provides credentials within JSON data in a response.

5.0
2018-04-10 CVE-2018-9989 ARM
Debian
Out-of-bounds Read vulnerability in multiple products

ARM mbed TLS before 2.1.11, before 2.7.2, and before 2.8.0 has a buffer over-read in ssl_parse_server_psk_hint() that could cause a crash on invalid input.

5.0
2018-04-10 CVE-2018-9988 ARM
Debian
Out-of-bounds Read vulnerability in multiple products

ARM mbed TLS before 2.1.11, before 2.7.2, and before 2.8.0 has a buffer over-read in ssl_parse_server_key_exchange() that could cause a crash on invalid input.

5.0
2018-04-10 CVE-2015-0172 IBM Information Exposure vulnerability in IBM Security Siteprotector System 3.0/3.1.0.0/3.1.1.0

IBM Security SiteProtector System 3.0, 3.1.0 and 3.1.1 allows remote attackers to bypass intended security restrictions and consequently execute unspecified commands and obtain sensitive information via unknown vectors.

5.0
2018-04-10 CVE-2014-2078 Open Xchange Information Exposure vulnerability in Open-Xchange Appsuite 7.4.2

The backend in Open-Xchange (OX) AppSuite 7.4.2 before 7.4.2-rev9 allows remote attackers to obtain sensitive information about user email addresses in opportunistic circumstances by leveraging a failure in e-mail auto configuration for external accounts.

5.0
2018-04-10 CVE-2018-9922 Icmsdev Information Exposure vulnerability in Icmsdev Icms

An issue was discovered in idreamsoft iCMS through 7.0.7.

5.0
2018-04-09 CVE-2018-1217 Dell Unspecified vulnerability in Dell products

Avamar Installation Manager in Dell EMC Avamar Server 7.3.1, 7.4.1, and 7.5.0, and Dell EMC Integrated Data Protection Appliance 2.0 and 2.1, is affected by a missing access control check vulnerability which could potentially allow a remote unauthenticated attacker to read or change the Local Download Service (LDLS) credentials.

5.0
2018-04-09 CVE-2018-1308 Apache
Debian
XXE vulnerability in multiple products

This vulnerability in Apache Solr 1.2 to 6.6.2 and 7.0.0 to 7.2.1 relates to an XML external entity expansion (XXE) in the `&dataConfig=<inlinexml>` parameter of Solr's DataImportHandler.

5.0
2018-04-12 CVE-2018-10074 Linux NULL Pointer Dereference vulnerability in Linux Kernel

The hi3660_stub_clk_probe function in drivers/clk/hisilicon/clk-hi3660-stub.c in the Linux kernel before 4.16 allows local users to cause a denial of service (NULL pointer dereference) by triggering a failure of resource retrieval.

4.9
2018-04-12 CVE-2018-10072 Jungo Improper Input Validation vulnerability in Jungo Windriver

windrvr1260.sys in Jungo DriverWizard WinDriver 12.6.0 allows attackers to cause a denial of service (BSOD) via a 0x953827bf DeviceIoControl call.

4.9
2018-04-12 CVE-2018-10071 Jungo Improper Input Validation vulnerability in Jungo Windriver

windrvr1260.sys in Jungo DriverWizard WinDriver 12.6.0 allows attackers to cause a denial of service (BSOD) via a 0x953826DB DeviceIoControl call.

4.9
2018-04-12 CVE-2018-1014 Microsoft Cross-site Scripting vulnerability in Microsoft Sharepoint Enterprise Server 2013/2016

An elevation of privilege vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka "Microsoft SharePoint Elevation of Privilege Vulnerability." This affects Microsoft SharePoint.

4.9
2018-04-11 CVE-2018-10021 Linux Unspecified vulnerability in Linux Kernel

** DISPUTED ** drivers/scsi/libsas/sas_scsi_host.c in the Linux kernel before 4.16 allows local users to cause a denial of service (ata qc leak) by triggering certain failure conditions.

4.9
2018-04-12 CVE-2018-0963 Microsoft Unspecified vulnerability in Microsoft Windows 10 and Windows Server 2016

An elevation of privilege vulnerability exists in the way that the Windows Kernel handles objects in memory, aka "Windows Kernel Elevation of Privilege Vulnerability." This affects Windows Server 2016, Windows 10, Windows 10 Servers.

4.6
2018-04-10 CVE-2018-2406 SAP Unquoted Search Path or Element vulnerability in SAP Crystal Reports Server

Unquoted windows search path (directory/path traversal) vulnerability in Crystal Reports Server, OEM Edition (CRSE), 4.0, 4.10, 4.20, 4.30, startup path.

4.6
2018-04-10 CVE-2018-9840 Signal Unspecified vulnerability in Signal

The Open Whisper Signal app before 2.23.2 for iOS allows physically proximate attackers to bypass the screen locker feature via certain rapid sequences of actions that include app opening, clicking on cancel, and using the home button.

4.6
2018-04-09 CVE-2018-5463 Lcds Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Lcds Laquis Scada

A structured exception handler overflow vulnerability in Leao Consultoria e Desenvolvimento de Sistemas (LCDS) LTDA ME LAquis SCADA 4.1.0.3391 and earlier may allow code execution.

4.6
2018-04-13 CVE-2018-4173 Apple Improper Privilege Management vulnerability in Apple Iphone OS and mac OS X

An issue was discovered in certain Apple products.

4.3
2018-04-13 CVE-2018-6958 Vmware Cross-site Scripting vulnerability in VMWare Vrealize Automation

VMware vRealize Automation (vRA) prior to 7.3.1 contains a vulnerability that may allow for a DOM-based cross-site scripting (XSS) attack.

4.3
2018-04-13 CVE-2018-5508 F5 Unspecified vulnerability in F5 Big-Ip Policy Enforcement Manager

On F5 BIG-IP PEM versions 13.0.0, 12.0.0-12.1.3.1, 11.6.0-11.6.2, 11.5.1-11.5.5, or 11.2.1, under certain conditions, TMM may crash when processing compressed data though a Virtual Server with an associated PEM profile using the content insertion option.

4.3
2018-04-12 CVE-2018-6870 Website Seller Script Project Cross-site Scripting vulnerability in Website Seller Script Project Website Seller Script 2.0.3

Reflected XSS exists in PHP Scripts Mall Website Seller Script 2.0.3 via the Listings Search feature.

4.3
2018-04-12 CVE-2018-10068 Jdownloads Cross-site Scripting vulnerability in Jdownloads

The jDownloads extension before 3.2.59 for Joomla! has XSS.

4.3
2018-04-12 CVE-2015-4557 Nextendweb Cross-site Scripting vulnerability in Nextendweb Nextend Twitter Connect

Cross-site scripting (XSS) vulnerability in the new_Twitter_sign_button function in nextend-Twitter-connect.php in the Nextend Twitter Connect plugin before 1.5.2 for WordPress allows remote attackers to inject arbitrary web script or HTML via the redirect_to parameter.

4.3
2018-04-12 CVE-2015-1777 Redhat Improper Certificate Validation vulnerability in Redhat Rhn-Client-Tools

rhnreg_ks in Red Hat Network Client Tools (aka rhn-client-tools) on Red Hat Gluster Storage 2.1 and Enterprise Linux (RHEL) 5, 6, and 7 does not properly validate hostnames in X.509 certificates from SSL servers, which allows remote attackers to prevent system registration via a man-in-the-middle attack.

4.3
2018-04-12 CVE-2018-1037 Microsoft Use of Uninitialized Resource vulnerability in Microsoft Visual Studio and Visual Studio 2017

An information disclosure vulnerability exists when Visual Studio improperly discloses limited contents of uninitialized memory while compiling program database (PDB) files, aka "Microsoft Visual Studio Information Disclosure Vulnerability." This affects Microsoft Visual Studio.

4.3
2018-04-12 CVE-2018-0998 Microsoft Unspecified vulnerability in Microsoft Edge

An information disclosure vulnerability exists when Microsoft Edge PDF Reader improperly handles objects in memory, aka "Microsoft Edge Information Disclosure Vulnerability." This affects Microsoft Edge.

4.3
2018-04-12 CVE-2018-0989 Microsoft Out-of-bounds Write vulnerability in Microsoft Internet Explorer 10/11/9

An information disclosure vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer, aka "Scripting Engine Information Disclosure Vulnerability." This affects Internet Explorer 9, Internet Explorer 11, Internet Explorer 10.

4.3
2018-04-12 CVE-2018-0987 Microsoft Unspecified vulnerability in Microsoft Internet Explorer 10/11/9

An information disclosure vulnerability exists when the scripting engine does not properly handle objects in memory in Internet Explorer, aka "Scripting Engine Information Disclosure Vulnerability." This affects Internet Explorer 9, Internet Explorer 11, Internet Explorer 10.

4.3
2018-04-12 CVE-2018-0950 Microsoft Unspecified vulnerability in Microsoft Office, Office Compatibility Pack and Word

An information disclosure vulnerability exists when Office renders Rich Text Format (RTF) email messages containing OLE objects when a message is opened or previewed, aka "Microsoft Office Information Disclosure Vulnerability." This affects Microsoft Word, Microsoft Office.

4.3
2018-04-12 CVE-2018-0892 Microsoft Information Exposure vulnerability in Microsoft Edge

An information disclosure vulnerability exists when Microsoft Edge improperly handles objects in memory, aka "Microsoft Edge Information Disclosure Vulnerability." This affects Microsoft Edge.

4.3
2018-04-11 CVE-2018-0019 Juniper Improper Input Validation vulnerability in Juniper Junos

A vulnerability in Junos OS SNMP MIB-II subagent daemon (mib2d) may allow a remote network based attacker to cause the mib2d process to crash resulting in a denial of service condition (DoS) for the SNMP subsystem.

4.3
2018-04-11 CVE-2018-0018 Juniper Information Exposure vulnerability in Juniper Junos 12.1X46/12.3X48/15.1X49

On SRX Series devices during compilation of IDP policies, an attacker sending specially crafted packets may be able to bypass firewall rules, leading to information disclosure which an attacker may use to gain control of the target device or other internal devices, systems or services protected by the SRX Series device.

4.3
2018-04-11 CVE-2018-1483 IBM Cross-site Scripting vulnerability in IBM Websphere Portal 8.5.0.0/9.0

IBM WebSphere Portal 8.5 and 9.0 is vulnerable to cross-site scripting.

4.3
2018-04-11 CVE-2018-10017 Openmpt Out-of-bounds Read vulnerability in Openmpt Libopenmpt and Openmpt

soundlib/Snd_fx.cpp in OpenMPT before 1.27.07.00 and libopenmpt before 0.3.8 allows remote attackers to cause a denial of service (out-of-bounds read) via an IT or MO3 file with many nested pattern loops.

4.3
2018-04-11 CVE-2018-10016 Nasm Divide By Zero vulnerability in Nasm Netwide Assembler 2.14

Netwide Assembler (NASM) 2.14rc0 has a division-by-zero vulnerability in the expr5 function in asm/eval.c via a malformed input file.

4.3
2018-04-11 CVE-2018-10001 Ffmpeg
Debian
Out-of-bounds Read vulnerability in multiple products

The decode_init function in libavcodec/utvideodec.c in FFmpeg through 3.4.2 allows remote attackers to cause a denial of service (out of array read) via an AVI file.

4.3
2018-04-11 CVE-2018-10000 Videodownloaderultimate Cross-site Scripting vulnerability in Videodownloaderultimate Video Downloader

The Video Downloader professional extension before 2018-04-05 for Chrome has Universal XSS (UXSS) via vectors related to a link64_msgAddLinks event.

4.3
2018-04-10 CVE-2018-9996 GNU Uncontrolled Recursion vulnerability in GNU Binutils 2.30

An issue was discovered in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.30.

4.3
2018-04-10 CVE-2018-3838 Libsdl
Debian
Information Exposure vulnerability in multiple products

An exploitable information vulnerability exists in the XCF image rendering functionality of Simple DirectMedia Layer SDL2_image-2.0.2.

4.3
2018-04-10 CVE-2018-3837 Libsdl
Debian
Information Exposure vulnerability in multiple products

An exploitable information disclosure vulnerability exists in the PCX image rendering functionality of Simple DirectMedia Layer SDL2_image-2.0.2.

4.3
2018-04-10 CVE-2018-9985 Metinfo Cross-site Scripting vulnerability in Metinfo 6.0.0

The front page of MetInfo 6.0 allows XSS by sending a feedback message to an administrator.

4.3
2018-04-10 CVE-2018-8772 Coship Cross-site Scripting vulnerability in Coship Rt3052 Firmware 4.0.0.48

Coship RT3052 4.0.0.48 devices allow XSS via a crafted SSID field on the "Wireless Setting - Basic" screen.

4.3
2018-04-10 CVE-2017-18100 Atlassian Cross-site Scripting vulnerability in Atlassian Jira

The agile wallboard gadget in Atlassian Jira before version 7.8.1 allows remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability in the name of quick filters.

4.3
2018-04-10 CVE-2018-9934 Metinfo Unspecified vulnerability in Metinfo 6.0.0

The reset-password feature in MetInfo 6.0 allows remote attackers to change arbitrary passwords via vectors involving a Host HTTP header that is modified to specify a web server under the attacker's control.

4.3
2018-04-10 CVE-2018-9928 Metinfo Cross-site Scripting vulnerability in Metinfo 6.0.0

Cross-site scripting (XSS) vulnerability in save.php in MetInfo 6.0 allows remote attackers to inject arbitrary web script or HTML via the webname or weburl parameter.

4.3
2018-04-09 CVE-2018-6182 Mahara Cross-site Scripting vulnerability in Mahara

Mahara 16.10 before 16.10.9 and 17.04 before 17.04.7 and 17.10 before 17.10.4 are vulnerable to bad input when TinyMCE is bypassed by POST packages.

4.3
2018-04-09 CVE-2017-2826 Zabbix
Debian
Information Exposure vulnerability in multiple products

An information disclosure vulnerability exists in the iConfig proxy request of Zabbix server 2.4.X.

4.3
2018-04-09 CVE-2018-9864 WP Livechat Cross-site Scripting vulnerability in Wp-Livechat WP Live Chat Support

The WP Live Chat Support plugin before 8.0.06 for WordPress has stored XSS via the Name field.

4.3
2018-04-09 CVE-2018-9857 Match Clone Script Project Cross-site Scripting vulnerability in Match Clone Script Project Match Clone Script 1.0.4

PHP Scripts Mall Match Clone Script 1.0.4 has XSS via the search field to searchbyid.php (aka the "View Search By Id" screen).

4.3
2018-04-13 CVE-2017-0369 Mediawiki
Debian
Incorrect Default Permissions vulnerability in multiple products

Mediawiki before 1.28.1 / 1.27.2 / 1.23.16 contains a flaw, allowing a sysops to undelete pages, although the page is protected against it.

4.0
2018-04-13 CVE-2017-0366 Mediawiki
Debian
Improper Input Validation vulnerability in multiple products

Mediawiki before 1.28.1 / 1.27.2 / 1.23.16 contains a flaw allowing to evade SVG filter using default attribute values in DTD declaration.

4.0
2018-04-12 CVE-2018-6903 HOT Scripts Clone Project Improper Input Validation vulnerability in HOT Scripts Clone Project HOT Scripts Clone 3.1

PHP Scripts Mall Hot Scripts Clone Script Classified v3.1 uses the client side to enforce validation of an e-mail address, which allows remote attackers to modify a registered e-mail address by removing the validation code.

4.0
2018-04-12 CVE-2018-6879 Website Seller Script Project Improper Input Validation vulnerability in Website Seller Script Project Website Seller Script 2.0.3

PHP Scripts Mall Website Seller Script 2.0.3 uses the client side to enforce validation of an e-mail address, which allows remote attackers to modify a registered e-mail address by removing the validation code.

4.0
2018-04-12 CVE-2014-9563 Unify CRLF Injection vulnerability in Unify Openscape Desk Phone IP SIP and Openstage SIP

CRLF injection vulnerability in the web-based management (WBM) interface in Unify (former Siemens) OpenStage SIP and OpenScape Desk Phone IP V3 devices before R3.32.0 allows remote authenticated users to modify the root password and consequently access the debug port using the serial interface via the ssh-password parameter to page.cmd.

4.0
2018-04-12 CVE-2018-1079 Clusterlabs
Redhat
Path Traversal vulnerability in multiple products

pcs before version 0.9.164 and 0.10 is vulnerable to a privilege escalation via authorized user malicious REST call.

4.0
2018-04-11 CVE-2017-15327 Huawei Information Exposure vulnerability in Huawei S12700 Firmware, S7700 Firmware and S9700 Firmware

S12700 V200R005C00, V200R006C00, V200R006C01, V200R007C00, V200R007C01, V200R007C20, V200R008C00, V200R008C06, V200R009C00, V200R010C00, S7700 V200R001C00, V200R001C01, V200R002C00, V200R003C00, V200R005C00, V200R006C00, V200R006C01, V200R007C00, V200R007C01, V200R008C00, V200R008C06, V200R009C00, V200R010C00, S9700 V200R001C00, V200R001C01, V200R002C00, V200R003C00, V200R005C00, V200R006C00, V200R006C01, V200R007C00, V200R007C01, V200R008C00, V200R009C00, V200R010C00 have an improper authorization vulnerability on Huawei switch products.

4.0
2018-04-10 CVE-2016-9645 Ikiwiki Improper Access Control vulnerability in Ikiwiki

The fix for ikiwiki for CVE-2016-10026 was incomplete resulting in editing restriction bypass for git revert when using git versions older than 2.8.0.

4.0
2018-04-10 CVE-2018-2403 SAP Unspecified vulnerability in SAP Disclosure Management 10.1

Under certain conditions, SAP Disclosure Management 10.1 allows an attacker to access information which would otherwise be restricted.

4.0
2018-04-10 CVE-2014-1889 Buddypress Permissions, Privileges, and Access Controls vulnerability in Buddypress

The Group creation process in the Buddypress plugin before 1.9.2 for WordPress allows remote authenticated users to gain control of arbitrary groups by leveraging a missing permissions check.

4.0
2018-04-10 CVE-2014-1400 Entity API Project
Fedoraproject
Improper Access Control vulnerability in multiple products

The entity_access API in the Entity API module 7.x-1.x before 7.x-1.3 for Drupal might allow remote authenticated users to bypass intended access restrictions and read unpublished comments via unspecified vectors.

4.0
2018-04-10 CVE-2014-1399 Entity API Project
Fedoraproject
Improper Access Control vulnerability in multiple products

The entity wrapper access API in the Entity API module 7.x-1.x before 7.x-1.3 for Drupal might allow remote authenticated users to bypass intended access restrictions on referenced entities via unspecified vectors.

4.0
2018-04-10 CVE-2014-1398 Entity API Project
Fedoraproject
Improper Access Control vulnerability in multiple products

The entity wrapper access API in the Entity API module 7.x-1.x before 7.x-1.3 for Drupal might allow remote authenticated users to bypass intended access restrictions on comment, user and node statistics properties via unspecified vectors.

4.0

63 Low Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2018-04-13 CVE-2018-10096 Joyplus CMS Project Cross-site Scripting vulnerability in Joyplus-Cms Project Joyplus-Cms 1.6.0

joyplus-cms 1.6.0 has XSS via the device_name parameter in a manager/admin_ajax.php?action=save flag=add request.

3.5
2018-04-12 CVE-2018-6935 Student Profile Management System Script Project Cross-site Scripting vulnerability in Student Profile Management System Script Project Student Profile Management System Script 2.0.6

PHP Scripts Mall Student Profile Management System Script v2.0.6 has XSS via the Name field to list_student.php.

3.5
2018-04-12 CVE-2018-6904 CAR Rental Script Project Cross-site Scripting vulnerability in CAR Rental Script Project CAR Rental Script 2.0.8

PHP Scripts Mall Car Rental Script 2.0.8 has XSS via the User Name field in an Edit Profile action.

3.5
2018-04-12 CVE-2018-6902 Image Sharing Script Project Cross-site Scripting vulnerability in Image Sharing Script Project Image Sharing Script 1.3.3

PHP Scripts Mall Image Sharing Script 1.3.3 has XSS via the Full Name field in an Edit Profile action.

3.5
2018-04-12 CVE-2018-6900 Website Broker Script Project Cross-site Scripting vulnerability in Website Broker Script Project Website Broker Script 3.0.6

PHP Scripts Mall Website Broker Script 3.0.6 has XSS via the Last Name field on the My Profile page.

3.5
2018-04-12 CVE-2014-6169 IBM Cross-site Scripting vulnerability in IBM Forms Experience Builder 8.5/8.5.1

Cross-site scripting (XSS) vulnerability in IBM Forms Experience Builder 8.5.0 and 8.5.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

3.5
2018-04-12 CVE-2018-10073 Joyplus CMS Project Cross-site Scripting vulnerability in Joyplus-Cms Project Joyplus-Cms 1.6.0

joyplus-cms 1.6.0 has XSS in manager/admin_vod.php via the keyword parameter.

3.5
2018-04-12 CVE-2018-10061 Cacti Cross-site Scripting vulnerability in Cacti

Cacti before 1.1.37 has XSS because it makes certain htmlspecialchars calls without the ENT_QUOTES flag (these calls occur when the html_escape function in lib/html.php is not used).

3.5
2018-04-12 CVE-2018-10060 Cacti Cross-site Scripting vulnerability in Cacti

Cacti before 1.1.37 has XSS because it does not properly reject unintended characters, related to use of the sanitize_uri function in lib/functions.php.

3.5
2018-04-12 CVE-2018-10059 Cacti Cross-site Scripting vulnerability in Cacti

Cacti before 1.1.37 has XSS because the get_current_page function in lib/functions.php relies on $_SERVER['PHP_SELF'] instead of $_SERVER['SCRIPT_NAME'] to determine a page name.

3.5
2018-04-12 CVE-2018-9155 Open Audit Cross-site Scripting vulnerability in Open-Audit 2.1.1

Cross-site scripting (XSS) vulnerability in Open-AudIT Professional 2.1.1 allows remote attackers to inject arbitrary web script or HTML via a crafted name of a component, as demonstrated by the Admin->Logs section (with a logs?logs.type= URI) and the Manage->Attributes section (via the "Name (display)" field to the attributes/create URI).

3.5
2018-04-12 CVE-2017-1790 IBM Cross-site Scripting vulnerability in IBM products

IBM DOORS Next Generation (DNG/RRC) 5.0, 5.0.1, 5.0.2, and 6.0 through 6.0.5 is vulnerable to cross-site scripting.

3.5
2018-04-12 CVE-2018-1034 Microsoft Cross-site Scripting vulnerability in Microsoft Sharepoint Enterprise Server 2016

An elevation of privilege vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka "Microsoft SharePoint Elevation of Privilege Vulnerability." This affects Microsoft SharePoint.

3.5
2018-04-12 CVE-2018-1032 Microsoft Cross-site Scripting vulnerability in Microsoft Sharepoint Enterprise Server 2010/2013/2016

An elevation of privilege vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka "Microsoft SharePoint Elevation of Privilege Vulnerability." This affects Microsoft SharePoint Server, Microsoft SharePoint.

3.5
2018-04-12 CVE-2018-1005 Microsoft Cross-site Scripting vulnerability in Microsoft Sharepoint Enterprise Server 2013/2016

An elevation of privilege vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka "Microsoft SharePoint Elevation of Privilege Vulnerability." This affects Microsoft SharePoint.

3.5
2018-04-12 CVE-2018-0976 Microsoft Unspecified vulnerability in Microsoft products

A denial of service vulnerability exists in Remote Desktop Protocol (RDP) when an attacker connects to the target system using RDP and sends specially crafted requests, aka "Windows Remote Desktop Protocol (RDP) Denial of Service Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers.

3.5
2018-04-12 CVE-2018-0890 Microsoft Unspecified vulnerability in Microsoft Windows 10 and Windows Server 2016

A security feature bypass vulnerability exists when Active Directory incorrectly applies Network Isolation settings, aka "Active Directory Security Feature Bypass Vulnerability." This affects Windows Server 2016, Windows 10, Windows 10 Servers.

3.5
2018-04-11 CVE-2018-10052 Iscripts Cross-site Scripting vulnerability in Iscripts Supportdesk 4.3

iScripts SupportDesk v4.3 has XSS via the admin/inteligentsearchresult.php txtinteligentsearch parameter.

3.5
2018-04-11 CVE-2018-10051 Iscripts Cross-site Scripting vulnerability in Iscripts Supportdesk 4.3

iScripts SupportDesk v4.3 has XSS via the staff/inteligentsearchresult.php txtinteligentsearch parameter.

3.5
2018-04-11 CVE-2018-10049 Iscripts Cross-site Scripting vulnerability in Iscripts Eswap 2.4

iScripts eSwap v2.4 has XSS via the "registration_settings.php" txtDate parameter in the Admin Panel.

3.5
2018-04-11 CVE-2018-10033 Cmsmadesimple Cross-site Scripting vulnerability in Cmsmadesimple CMS Made Simple

CMS Made Simple (aka CMSMS) 2.2.7 has Stored XSS in admin/siteprefs.php via the metadata parameter.

3.5
2018-04-11 CVE-2018-10032 Cmsmadesimple Cross-site Scripting vulnerability in Cmsmadesimple CMS Made Simple

CMS Made Simple (aka CMSMS) 2.2.7 has Reflected XSS in admin/moduleinterface.php via the m1_version parameter.

3.5
2018-04-11 CVE-2018-10029 Cmsmadesimple Cross-site Scripting vulnerability in Cmsmadesimple CMS Made Simple

CMS Made Simple (aka CMSMS) 2.2.7 has Reflected XSS in admin/moduleinterface.php via the m1_name parameter, related to moduledepends, a different vulnerability than CVE-2017-16799.

3.5
2018-04-11 CVE-2017-7534 Redhat Cross-site Scripting vulnerability in Redhat Openshift

OpenShift Enterprise version 3.x is vulnerable to a stored XSS via the log viewer for pods.

3.5
2018-04-11 CVE-2018-10026 Yzmcms Cross-site Scripting vulnerability in Yzmcms 3.7.1

The WeChat module in YzmCMS 3.7.1 has reflected XSS via the admin/module/init.html echostr parameter, related to the valid function in application/wechat/controller/index.class.php.

3.5
2018-04-11 CVE-2018-10023 Catfish CMS Cross-site Scripting vulnerability in Catfish-Cms Catfish CMS 4.7.21

Catfish CMS V4.7.21 allows XSS via the pinglun parameter to cat/index/index/pinglun (aka an authenticated comment).

3.5
2018-04-11 CVE-2017-13678 Broadcom Cross-site Scripting vulnerability in Broadcom Advanced Secure Gateway and Symantec Proxysg

Stored XSS vulnerability in the Symantec Advanced Secure Gateway (ASG) and ProxySG management consoles.

3.5
2018-04-11 CVE-2018-9992 Frog CMS Project Cross-site Scripting vulnerability in Frog CMS Project Frog CMS 0.9.5

Frog CMS 0.9.5 has XSS via the name field of a new "File" or "Directory" on the admin/?/plugin/file_manager/browse/ screen.

3.5
2018-04-11 CVE-2018-9991 Frog CMS Project Cross-site Scripting vulnerability in Frog CMS Project Frog CMS 0.9.5

Frog CMS 0.9.5 has XSS via the /admin/?/user/add Name or Username parameter.

3.5
2018-04-11 CVE-2018-7660 Opentext Cross-site Scripting vulnerability in Opentext Documentum D2 4.6.0030

In OpenText Documentum D2 Webtop v4.6.0030 build 059, a Reflected Cross-Site Scripting Vulnerability could potentially be exploited by malicious users to compromise the affected system via the servlet/Download _docbase or _username parameter.

3.5
2018-04-11 CVE-2018-7659 Opentext Cross-site Scripting vulnerability in Opentext Documentum D2 4.6.0030

In OpenText Documentum D2 Webtop v4.6.0030 build 059, a Stored Cross-Site Scripting Vulnerability could potentially be exploited by malicious users to compromise the affected system via a filename of an uploaded image file.

3.5
2018-04-11 CVE-2017-9838 Dolibarr Cross-site Scripting vulnerability in Dolibarr Erp/Crm

Dolibarr ERP/CRM is affected by multiple reflected Cross-Site Scripting (XSS) vulnerabilities in versions before 5.0.4: index.php (leftmenu parameter), core/ajax/box.php (PATH_INFO), product/stats/card.php (type parameter), holiday/list.php (month_create, month_start, and month_end parameters), and don/card.php (societe, lastname, firstname, address, zipcode, town, and email parameters).

3.5
2018-04-11 CVE-2017-18259 Dolibarr Cross-site Scripting vulnerability in Dolibarr Erp/Crm

Dolibarr ERP/CRM is affected by stored Cross-Site Scripting (XSS) in versions through 7.0.0.

3.5
2018-04-10 CVE-2018-9993 Yunucms Cross-site Scripting vulnerability in Yunucms 1.0.7

YUNUCMS 1.0.7 has XSS via the content title on an admin/content/addcontent/cid/## page (aka a news center page).

3.5
2018-04-10 CVE-2018-2410 SAP Cross-site Scripting vulnerability in SAP Business ONE 9.2/9.3

SAP Business One, 9.2, 9.3, browser access does not sufficiently encode user controlled inputs, which results in a Cross-Site Scripting (XSS) vulnerability.

3.5
2018-04-10 CVE-2018-2405 SAP Cross-site Scripting vulnerability in SAP Solution Manager 7.10/7.20

SAP Solution Manager, 7.10, 7.20, Incident Management Work Center allows an attacker to upload a malicious script as an attachment and this could lead to possible Cross-Site Scripting.

3.5
2018-04-10 CVE-2015-1957 IBM Information Exposure vulnerability in IBM Websphere MQ

IBM WebSphere MQ 7.5.x before 7.5.0.6 and 8.0.x before 8.0.0.3 allows remote authenticated users to obtain sensitive information via a man-in-the-middle attack, related to duplication of message data in cleartext outside the protected payload.

3.5
2018-04-10 CVE-2018-5227 Atlassian Cross-site Scripting vulnerability in Atlassian Application Links

Various administrative application link resources in Atlassian Application Links before version 5.4.4 allow remote attackers with administration rights to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability in the display url of a configured application link.

3.5
2018-04-10 CVE-2018-9925 Icmsdev Cross-site Scripting vulnerability in Icmsdev Icms

An issue was discovered in idreamsoft iCMS through 7.0.7.

3.5
2018-04-11 CVE-2018-0021 Juniper Unspecified vulnerability in Juniper Junos

If all 64 digits of the connectivity association name (CKN) key or all 32 digits of the connectivity association key (CAK) key are not configured, all remaining digits will be auto-configured to 0.

3.3
2018-04-11 CVE-2018-7930 Huawei Information Exposure vulnerability in Huawei Mate 9 Firmware

The Near Field Communication (NFC) module in Mate 9 Huawei mobile phones with the versions before MHA-L29B 8.0.0.366(C567) has an information leak vulnerability due to insufficient validation on data transfer requests.

2.9
2018-04-13 CVE-2017-0365 Mediawiki
Debian
Cross-site Scripting vulnerability in multiple products

Mediawiki before 1.28.1 / 1.27.2 / 1.23.16 contains a XSS vulnerability in SearchHighlighter::highlightText() with non-default configurations.

2.6
2018-04-12 CVE-2018-1007 Microsoft Unspecified vulnerability in Microsoft Office 2016

An information disclosure vulnerability exists when Microsoft Office improperly discloses the contents of its memory, aka "Microsoft Office Information Disclosure Vulnerability." This affects Microsoft Office.

2.6
2018-04-12 CVE-2018-1000 Microsoft Out-of-bounds Write vulnerability in Microsoft Internet Explorer 10/11/9

An information disclosure vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer, aka "Scripting Engine Information Disclosure Vulnerability." This affects Internet Explorer 9, Internet Explorer 11, Internet Explorer 10.

2.6
2018-04-12 CVE-2018-0981 Microsoft Out-of-bounds Write vulnerability in Microsoft Internet Explorer 10/11/9

An information disclosure vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer, aka "Scripting Engine Information Disclosure Vulnerability." This affects Internet Explorer 9, Internet Explorer 11, Internet Explorer 10.

2.6
2018-04-11 CVE-2017-8154 Huawei Cleartext Transmission of Sensitive Information vulnerability in Huawei Honor 8 Lite Firmware

The Themes App Honor 8 Lite Huawei mobile phones with software of versions before Prague-L31C576B172, versions before Prague-L31C530B160, versions before Prague-L31C432B180 has a man-in-the-middle (MITM) vulnerability due to the use of the insecure HTTP protocol for theme download.

2.6
2018-04-13 CVE-2017-0361 Mediawiki
Debian
Information Exposure vulnerability in multiple products

Mediawiki before 1.28.1 / 1.27.2 / 1.23.16 contains an information disclosure flaw, where the api.log might contain passwords in plaintext.

2.1
2018-04-13 CVE-2018-10087 Linux
Debian
Canonical
Improper Input Validation vulnerability in Linux Kernel

The kernel_wait4 function in kernel/exit.c in the Linux kernel before 4.13, when an unspecified architecture and compiler is used, might allow local users to cause a denial of service by triggering an attempted use of the -INT_MIN value.

2.1
2018-04-12 CVE-2018-8116 Microsoft Unspecified vulnerability in Microsoft products

A denial of service vulnerability exists in the way that Windows handles objects in memory, aka "Microsoft Graphics Component Denial of Service Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers.

2.1
2018-04-12 CVE-2018-0975 Microsoft Unspecified vulnerability in Microsoft products

An information disclosure vulnerability exists in the Windows kernel that could allow an attacker to retrieve information that could lead to a Kernel Address Space Layout Randomization (ASLR) bypass, aka "Windows Kernel Information Disclosure Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers.

2.1
2018-04-12 CVE-2018-0974 Microsoft Unspecified vulnerability in Microsoft products

An information disclosure vulnerability exists in the Windows kernel that could allow an attacker to retrieve information that could lead to a Kernel Address Space Layout Randomization (ASLR) bypass, aka "Windows Kernel Information Disclosure Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers.

2.1
2018-04-12 CVE-2018-0973 Microsoft Unspecified vulnerability in Microsoft products

An information disclosure vulnerability exists in the Windows kernel that could allow an attacker to retrieve information that could lead to a Kernel Address Space Layout Randomization (ASLR) bypass, aka "Windows Kernel Information Disclosure Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers.

2.1
2018-04-12 CVE-2018-0972 Microsoft Unspecified vulnerability in Microsoft products

An information disclosure vulnerability exists in the Windows kernel that could allow an attacker to retrieve information that could lead to a Kernel Address Space Layout Randomization (ASLR) bypass, aka "Windows Kernel Information Disclosure Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers.

2.1
2018-04-12 CVE-2018-0971 Microsoft Unspecified vulnerability in Microsoft products

An information disclosure vulnerability exists in the Windows kernel that could allow an attacker to retrieve information that could lead to a Kernel Address Space Layout Randomization (ASLR) bypass, aka "Windows Kernel Information Disclosure Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers.

2.1
2018-04-12 CVE-2018-0970 Microsoft Unspecified vulnerability in Microsoft products

An information disclosure vulnerability exists in the Windows kernel that could allow an attacker to retrieve information that could lead to a Kernel Address Space Layout Randomization (ASLR) bypass, aka "Windows Kernel Information Disclosure Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers.

2.1
2018-04-12 CVE-2018-0969 Microsoft Unspecified vulnerability in Microsoft products

An information disclosure vulnerability exists in the Windows kernel that could allow an attacker to retrieve information that could lead to a Kernel Address Space Layout Randomization (ASLR) bypass, aka "Windows Kernel Information Disclosure Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers.

2.1
2018-04-12 CVE-2018-0968 Microsoft Unspecified vulnerability in Microsoft products

An information disclosure vulnerability exists in the Windows kernel that could allow an attacker to retrieve information that could lead to a Kernel Address Space Layout Randomization (ASLR) bypass, aka "Windows Kernel Information Disclosure Vulnerability." This affects Windows Server 2012 R2, Windows RT 8.1, Windows Server 2016, Windows 8.1, Windows 10, Windows 10 Servers.

2.1
2018-04-12 CVE-2018-0966 Microsoft Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Microsoft Windows 10 and Windows Server 2016

A security feature bypass exists when Device Guard incorrectly validates an untrusted file, aka "Device Guard Security Feature Bypass Vulnerability." This affects Windows Server 2016, Windows 10, Windows 10 Servers.

2.1
2018-04-12 CVE-2018-0960 Microsoft Unspecified vulnerability in Microsoft products

An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory, aka "Windows Kernel Information Disclosure Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers.

2.1
2018-04-12 CVE-2018-0887 Microsoft Improper Initialization vulnerability in Microsoft products

An information disclosure vulnerability exists when the Windows kernel fails to properly initialize a memory address, aka "Windows Kernel Information Disclosure Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers.

2.1
2018-04-11 CVE-2018-0023 Juniper Incorrect Default Permissions vulnerability in Juniper Jsnapy

JSNAPy is an open source python version of Junos Snapshot Administrator developed by Juniper available through github.

2.1
2018-04-12 CVE-2018-0964 Microsoft Unspecified vulnerability in Microsoft Windows 10 and Windows Server 2016

An information disclosure vulnerability exists when Windows Hyper-V on a host operating system fails to properly validate input from an authenticated user on a guest operating system, aka "Hyper-V Information Disclosure Vulnerability." This affects Windows 10, Windows 10 Servers.

1.9
2018-04-12 CVE-2018-0957 Microsoft Improper Input Validation vulnerability in Microsoft products

An information disclosure vulnerability exists when Windows Hyper-V on a host operating system fails to properly validate input from an authenticated user on a guest operating system, aka "Hyper-V Information Disclosure Vulnerability." This affects Windows Server 2012 R2, Windows RT 8.1, Windows Server 2016, Windows 8.1, Windows 10, Windows 10 Servers.

1.9