Weekly Vulnerabilities Reports > April 16 to 22, 2018

Overview

629 new vulnerabilities reported during this period, including 198 critical vulnerabilities and 87 high severity vulnerabilities. This weekly summary report vulnerabilities in 683 products from 138 vendors including Qualcomm, Oracle, Canonical, Debian, and Redhat. Vulnerabilities are notably categorized as "Improper Restriction of Operations within the Bounds of a Memory Buffer", "Cross-site Scripting", "Improper Input Validation", "Information Exposure", and "NULL Pointer Dereference".

  • 576 reported vulnerabilities are remotely exploitables.
  • 33 reported vulnerabilities have public exploit available.
  • 118 reported vulnerabilities are related to weaknesses in OWASP Top Ten.
  • 505 reported vulnerabilities are exploitable by an anonymous user.
  • Qualcomm has the most reported vulnerabilities, with 229 reported vulnerabilities.
  • Qualcomm has the most reported critical vulnerabilities, with 172 reported vulnerabilities.

TOTAL
VULNERABILITIES
CRITICAL RISK
VULNERABILITIES
HIGH RISK
VULNERABILITIES
MEDIUM RISK
VULNERABILITIES
LOW RISK
VULNERABILITIES
REMOTELY
EXPLOITABLE
LOCALLY
EXPLOITABLE
EXPLOIT
AVAILABLE
EXPLOITABLE
ANONYMOUSLY
AFFECTING
WEB APPLICATION

Vulnerability Details

The following table list reported vulnerabilities for the period covered by this report:

Expand/Hide

198 Critical Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2018-04-22 CVE-2018-9245 Ericssonlg SQL Injection vulnerability in Ericssonlg Ipecs NMS A.1Ac

The Ericsson-LG iPECS NMS A.1Ac login portal has a SQL injection vulnerability in the User ID and password fields that allows users to bypass the login page and execute remote code on the operating system.

10.0
2018-04-19 CVE-2018-1144 Belkin OS Command Injection vulnerability in Belkin N750 Firmware 1.10.22

A remote unauthenticated user can execute commands as root in the Belkin N750 using firmware version 1.10.22 by sending a crafted HTTP request to proxy.cgi.

10.0
2018-04-19 CVE-2018-1143 Belkin OS Command Injection vulnerability in Belkin N750 Firmware 1.10.22

A remote unauthenticated user can execute commands as root in the Belkin N750 using firmware version 1.10.22 by sending a crafted HTTP request to twonky_command.cgi.

10.0
2018-04-18 CVE-2018-8840 Indusoft
Industrial Software
Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products

A remote attacker could send a carefully crafted packet in InduSoft Web Studio v8.1 and prior versions, and/or InTouch Machine Edition 2017 v8.1 and prior versions during a tag, alarm, or event related action such as read and write, which may allow remote code execution.

10.0
2018-04-18 CVE-2018-7243 Schneider Electric Unspecified vulnerability in Schneider-Electric 66074 MGE Network Management Card Transverse

An authorization bypass vulnerability exists In Schneider Electric's 66074 MGE Network Management Card Transverse installed in MGE UPS and MGE STS.

10.0
2018-04-18 CVE-2016-10501 Qualcomm Improper Input Validation vulnerability in Qualcomm products

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile, Snapdragon Wear, and Small Cell SoC FSM9055, MDM9206, MDM9607, MDM9635M, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, and SD 835, improper input validation can occur while parsing an image.

10.0
2018-04-18 CVE-2016-10498 Qualcomm Injection vulnerability in Qualcomm products

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile MDM9635M, MDM9645, MDM9650, MDM9655, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 810, SDM630, SDM636, SDM660, and Snapdragon_High_Med_2016, stopping of the DTR prematurely causes micro kernel to be stuck.

10.0
2018-04-18 CVE-2016-10496 Qualcomm NULL Pointer Dereference vulnerability in Qualcomm products

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile MDM9635M, SD 210/SD 212/SD 205, SD 410/12, SD 450, SD 615/16/SD 415, SD 625, SD 650/52, SD 808, and SD 810, A NULL pointer dereference can occur during an SSL handshake.

10.0
2018-04-18 CVE-2016-10495 Qualcomm Range Error vulnerability in Qualcomm Mdm9635M Firmware

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile MDM9635M, made changes to map the scan type value to an index value that is in range.

10.0
2018-04-18 CVE-2016-10494 Qualcomm Integer Overflow or Wraparound vulnerability in Qualcomm products

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear MDM9206, MDM9607, MDM9625, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 425, SD 430, SD 450, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 820A, SD 835, SD 845, SD 850, and SDX20, integer overflow may lead to buffer overflows in IPC router Root-PD driver.

10.0
2018-04-18 CVE-2016-10493 Qualcomm Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Qualcomm products

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear MDM9206, MDM9607, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 425, SD 430, SD 450, SD 617, SD 625, SD 650/52, SD 808, SD 810, SD 820, SD 820A, SD 835, SD 845, SD 850, and SDX20, NPA routines on the rootPD that handle resource requests remoted over QDI may not validate pointers passed from user space which may result in guest OS memory corruption.

10.0
2018-04-18 CVE-2016-10491 Qualcomm Integer Overflow or Wraparound vulnerability in Qualcomm products

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9607, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 835, SD 845, SD 850, and SDX20, an integer overflow leading to buffer overflow can occur in a QuRT API function.

10.0
2018-04-18 CVE-2016-10490 Qualcomm Numeric Errors vulnerability in Qualcomm products

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear MDM9206, MDM9607, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 820A, SD 835, SD 845, SD 850, and SDX20, if a negative value is passed as argument "max" to qurt_qdi_state_local_new_handle_from_obj, an buffer overflow occurs, due to typecasting the signed integer to unsigned.

10.0
2018-04-18 CVE-2016-10489 Qualcomm NULL Pointer Dereference vulnerability in Qualcomm SD 400 Firmware

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile SD 400, lack of address argument validation in qsee_get_tz_app_name() may lead to an untrusted pointer dereference.

10.0
2018-04-18 CVE-2016-10487 Qualcomm NULL Pointer Dereference vulnerability in Qualcomm products

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear MDM9206, MDM9607, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 425, SD 430, SD 450, SD 617, SD 625, SD 650/52, SD 808, SD 810, SD 820, SD 820A, SD 835, SD 845, SD 850, and SDX20, in a QuRT API function, an untrusted pointer dereference can occur.

10.0
2018-04-18 CVE-2016-10486 Qualcomm Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Qualcomm products

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile and Snapdragon Mobile MDM9640, MDM9645, SD 210/SD 212/SD 205, SD 450, SD 617, SD 625, SD 650/52, SD 808, SD 810, SD 820, and SD 820A, PD failure reason string from user PD is used directly in root PD, so if the buffer parameter is non-NULL terminated in Diag F3 APIs, a buffer overread occurs.

10.0
2018-04-18 CVE-2016-10485 Qualcomm Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Qualcomm products

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear IPQ4019, MDM9206, MDM9607, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 615/16/SD 415, SD 617, SD 650/52, SD 800, SD 808, SD 810, and SDX20, lack of proper bounds checking may lead to a buffer overflow.

10.0
2018-04-18 CVE-2016-10484 Qualcomm Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Qualcomm products

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear IPQ4019, MDM9206, MDM9607, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 820A, SD 835, and SDX20, if a RPMB listener is registered with a very small buffer size, the calculation of the maximum transfer size for read and write operations may underflow, resulting in buffer overflow.

10.0
2018-04-18 CVE-2016-10482 Qualcomm Improper Input Validation vulnerability in Qualcomm products

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9607, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 835, SD 845, SD 850, and SDX20, while processing downlink information, an assert can be reached.

10.0
2018-04-18 CVE-2016-10481 Qualcomm Code vulnerability in Qualcomm products

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9607, MDM9635M, MDM9640, MDM9650, QCA4531, QCA6174A, QCA6574AU, QCA6584, QCA6584AU, QCA9377, QCA9378, QCA9379, SD 210/SD 212/SD 205, SD 425, SD 600, SD 625, SD 650/52, SD 808, SD 810, SD 820, SD 835, SD 845, SD 850, and SDX20, if WLAN FW receives the WMI_STA_SMPS_PARAM_CMDID ioctl in not-associated state, when the virtual channel handle is not assigned, the code doesn't check for NULL virtual channel handle, so an assert occurs.

10.0
2018-04-18 CVE-2016-10480 Qualcomm Integer Overflow or Wraparound vulnerability in Qualcomm products

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9607, MDM9650, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 835, and SDX20, possible memory corruption due to invalid integer overflow checks in exif parsing.

10.0
2018-04-18 CVE-2016-10479 Qualcomm Out-of-bounds Write vulnerability in Qualcomm products

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile MDM9607, MDM9615, MDM9635M, MDM9640, SD 210/SD 212/SD 205, SD 400, SD 600, SD 615/16/SD 415, SD 617, SD 650/52, SD 800, SD 810, and SD 820, an arbitrary length value from an incoming message to QMI Proxy can lead to an out-of-bounds write in the stack variable message.

10.0
2018-04-18 CVE-2016-10478 Qualcomm Integer Overflow or Wraparound vulnerability in Qualcomm SD 617 Firmware

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile SD 617, incorrect size calculation in QCRIL SCWS processing have Integer overflow which will lead to a buffer overflow.

10.0
2018-04-18 CVE-2016-10477 Qualcomm Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Qualcomm products

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile SD 210/SD 212/SD 205, SD 400, SD 430, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, and SD 820, while processing smart card requests, a buffer overflow can occur.

10.0
2018-04-18 CVE-2016-10476 Qualcomm Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Qualcomm products

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9607, MDM9650, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 835, and SDX20, missing array index checks on app index in function qcril_uim_clear_encrypted_pin results in accessing addresses outside the bounds of the buffer when app index is too large.

10.0
2018-04-18 CVE-2016-10475 Qualcomm Integer Overflow or Wraparound vulnerability in Qualcomm products

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile SD 210/SD 212/SD 205, SD 400, SD 430, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, and SD 820, lack input validation may lead to a integer overflow that could potentially lead to a buffer overflow.

10.0
2018-04-18 CVE-2016-10474 Qualcomm Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Qualcomm products

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear IPQ4019, MDM9206, MDM9607, MDM9650, MSM8909W, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 808, SD 810, SD 820, SD 820A, SD 835, SD 845, and SD 850, if the buffer length passed to the RIL interface is too large, the buffer size calculation may overflow, resulting in an undersize allocation for the buffer, and subsequently buffer overwrite.

10.0
2018-04-18 CVE-2016-10473 Qualcomm Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Qualcomm products

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9607, MDM9650, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 600, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 835, and SDX20, in a supplementary services function, a buffer overflow can occur.

10.0
2018-04-18 CVE-2016-10472 Qualcomm Improper Access Control vulnerability in Qualcomm products

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9607, MDM9650, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 600, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 835, and SDX20, address and size passed to SCM command 'TZ_INFO_GET_SECURE_STATE_LEGACY_ID' from HLOS Kernel were not being checked, so access outside DDR would occur.

10.0
2018-04-18 CVE-2016-10471 Qualcomm Unspecified vulnerability in Qualcomm products

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile and Snapdragon Mobile SD 425, SD 430, SD 450, SD 625, SD 650/52, SD 820, and SD 820A, an unsigned RTIC health report susceptible to tampering by malware executing in the context of the HLOS may be requested.

10.0
2018-04-18 CVE-2016-10467 Qualcomm Key Management Errors vulnerability in Qualcomm products

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile and Snapdragon Mobile SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 615/16/SD 415, SD 617, SD 650/52, SD 800, SD 808, SD 820, and SD 820A, function ce_pkcs1_pss_padding_verify_auto_recover_saltlen assumes that the size of the encoded message is equal to the size of the RSA modulus.

10.0
2018-04-18 CVE-2016-10466 Qualcomm 7PK - Errors vulnerability in Qualcomm products

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9607, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 835, SD 845, SD 850, and SDX20, during SSL handshake, if RNG function (crypto API) returns error, SSL uses hard-coded random value.

10.0
2018-04-18 CVE-2016-10462 Qualcomm Improper Access Control vulnerability in Qualcomm products

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile and Snapdragon Mobile SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 450, SD 615/16/SD 415, SD 625, SD 650/52, SD 808, SD 810, SD 820, SD 820A, SD 835, SDM630, SDM636, SDM660, and Snapdragon_High_Med_2016, the Access Control policy for HLOS allows access to Slimbus, GPU, GIC resources.

10.0
2018-04-18 CVE-2016-10461 Qualcomm Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Qualcomm products

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile MDM9650, SD 650/52, SD 808, SD 810, SD 820, and SDX20, lack of proper bounds checking may lead to a buffer overread.

10.0
2018-04-18 CVE-2016-10460 Qualcomm Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Qualcomm SD 835 Firmware, SD 845 Firmware and SD 850 Firmware

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile SD 835, SD 845, and SD 850, vendor specific opcodes may not have any packet length validation leading to buffer over-reads.

10.0
2018-04-18 CVE-2016-10458 Qualcomm Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Qualcomm products

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 808, SD 810, SD 820, SD 835, SD 845, SDM630, SDM636, SDM660, SDX20, and Snapdragon_High_Med_2016, the 'proper' solution for this will be to ensure that any users of qsee_log in the bootchain (before Linux boots) unallocate their buffers and clear the qsee_log pointer.

10.0
2018-04-18 CVE-2016-10457 Qualcomm Permissions, Privileges, and Access Controls vulnerability in Qualcomm products

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9607, MDM9650, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 835, and SDX20, app is requesting more permissions than required.

10.0
2018-04-18 CVE-2016-10454 Qualcomm Improper Validation of Array Index vulnerability in Qualcomm products

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile SD 425, SD 430, SD 450, and SD 625, in a QTEE API function, an array out-of-bounds index can occur.

10.0
2018-04-18 CVE-2016-10452 Qualcomm Improper Input Validation vulnerability in Qualcomm products

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile and Snapdragon Mobile SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 808, SD 810, SD 820, SD 820A, and SD 835, memory protection assertion happens after invoking TA termination out of order.

10.0
2018-04-18 CVE-2016-10450 Qualcomm Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Qualcomm products

In Android before 2018-04-05 or earlier security patch level on Qualcomm Small Cell SoC, Snapdragon Mobile, and Snapdragon Wear FSM9055, MDM9206, MDM9607, MDM9635M, MDM9640, MDM9650, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 835, and SDX20, potential stack-based buffer overflow exist in thermal service leading to root compromise.

10.0
2018-04-18 CVE-2016-10449 Qualcomm NULL Pointer Dereference vulnerability in Qualcomm products

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9607, MDM9640, MDM9650, MSM8909W, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 625, SD 650/52, SD 800, SD 810, SD 820, and SD 835, in a GNSS API function, a NULL pointer dereference can occur.

10.0
2018-04-18 CVE-2016-10445 Qualcomm Improper Input Validation vulnerability in Qualcomm products

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile and Snapdragon Mobile SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 450, SD 615/16/SD 415, SD 625, SD 820, SD 820A, SD 835, SD 845, SD 850, SDM630, SDM636, SDM660, and Snapdragon_High_Med_2016, input is not properly validated in a QTEE API function.

10.0
2018-04-18 CVE-2016-10444 Qualcomm Improper Access Control vulnerability in Qualcomm products

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear MDM9206, SD 210/SD 212/SD 205, SD 425, SD 430, SD 450, SD 625, SD 820, SD 820A, and SD 835, SMMU Access Control Policy was updated to block HLOS from accessing BLSP and BAM resources.

10.0
2018-04-18 CVE-2016-10442 Qualcomm Improper Access Control vulnerability in Qualcomm products

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile MDM9640, SDM630, MSM8976, MSM8937, SDM845, MSM8976, and MSM8952, when running module or kernel code with improper access control allowing writing to arbitrary regions of memory, the user may utilize this vector to alter module executable code.

10.0
2018-04-18 CVE-2016-10441 Qualcomm Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Qualcomm products

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9607, MDM9650, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 600, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 835, and SDX20, improper offset validation leads to buffer overflow in video parser.

10.0
2018-04-18 CVE-2016-10440 Qualcomm Improper Access Control vulnerability in Qualcomm products

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile SD 425, SD 430, SD 450, SD 625, and SD 650/52, there is improper access control to a bus.

10.0
2018-04-18 CVE-2016-10436 Qualcomm Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Qualcomm products

In Android before 2018-04-05 or earlier security patch level on Qualcomm Small Cell SoC, Snapdragon Mobile, and Snapdragon Wear FSM9055, IPQ4019, IPQ8064, MDM9206, MDM9607, MDM9635M, MDM9640, MDM9650, MSM8909W, QCA4531, QCA9980, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 808, SD 810, SD 820, SD 835, and SDX20, improper input validation infuse read request leads to memory corruption.

10.0
2018-04-18 CVE-2016-10431 Qualcomm Improper Input Validation vulnerability in Qualcomm products

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear MDM9206, MDM9650, SD 210/SD 212/SD 205, SD 425, SD 430, SD 450, SD 625, SD 650/52, SD 820, SD 820A, SD 835, SD 845, and SD 850, TZ applications are not properly validated.

10.0
2018-04-18 CVE-2016-10426 Qualcomm Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Qualcomm products

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile and Snapdragon Mobile SD 410/12, SD 425, SD 430, SD 450, SD 617, SD 625, SD 650/52, SD 810, SD 820, and SD 820A, a buffer overflow can occur in SafeSwitch.

10.0
2018-04-18 CVE-2016-10425 Qualcomm Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Qualcomm products

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear MDM9206, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 820A, and SD 835, if GPT listener response is passed a large buffer offset, a buffer overflow occurs.

10.0
2018-04-18 CVE-2016-10424 Qualcomm Unspecified vulnerability in Qualcomm products

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear MDM9206, MDM9650, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 820, SD 820A, SD 835, SD 845, and SD 850, upgrading LibPNG from 1.6.12 to 1.6.21 fixes multiple issues with different CWEs.

10.0
2018-04-18 CVE-2016-10421 Qualcomm Key Management Errors vulnerability in Qualcomm products

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 835, SD 845, SD 850, and SDX20, key material is not always cleared properly.

10.0
2018-04-18 CVE-2016-10419 Qualcomm Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Qualcomm products

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile MDM9640, MDM9645, MDM9650, MDM9655, SD 450, SD 625, SD 650/52, SD 820, SD 835, SD 845, SD 850, and SDX20, when initializing scheduler object service request, an out of bounds access could occur due to uninitialized object number.

10.0
2018-04-18 CVE-2016-10414 Qualcomm 7PK - Errors vulnerability in Qualcomm products

In Android before 2018-04-05 or earlier security patch level on Qualcomm Small Cell SoC, Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear FSM9055, IPQ4019, MDM9206, MDM9607, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 820A, SD 835, SD 845, SD 850, and SDX20, when a hash is passed with zero datalength, the code returns an error, even though zero data length is valid.

10.0
2018-04-18 CVE-2016-10410 Qualcomm Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Qualcomm products

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 835, SD 845, SD 850, and SDX20, buffer overflow vulnerability in RTP during Volte call.

10.0
2018-04-18 CVE-2016-10407 Qualcomm Integer Overflow or Wraparound vulnerability in Qualcomm products

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, and SD 835, an integer overflow leading to buffer overflow can occur during a VT call.

10.0
2018-04-18 CVE-2015-9224 Qualcomm Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Qualcomm products

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear, and Small Cell SoC FSM9055, MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 600, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 820A, SD 835, SD 845, SD 850, and SDX20, lack of input Validation in QURTK_write() can cause potential buffer overflow.

10.0
2018-04-18 CVE-2015-9223 Qualcomm Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Qualcomm products

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile MDM9615, MDM9625, MDM9635M, SD 400, SD 600, and SD 800, a buffer overflow can occur when processing an audio buffer.

10.0
2018-04-18 CVE-2015-9221 Qualcomm NULL Pointer Dereference vulnerability in Qualcomm SD 400 Firmware, SD 800 Firmware and SD 810 Firmware

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile SD 400, SD 800, and SD 810, lack of validation of pointers passed by secure apps could lead to an untrusted pointer dereference.

10.0
2018-04-18 CVE-2015-9220 Qualcomm Integer Overflow or Wraparound vulnerability in Qualcomm products

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear IPQ4019, IPQ8064, MDM9206, MDM9607, MDM9640, MDM9650, QCA4531, QCA6174A, QCA6574AU, QCA6584, QCA6584AU, QCA9377, QCA9378, QCA9379, QCA9558, QCA9880, QCA9886, QCA9980, SD 210/SD 212/SD 205, SD 425, SD 625, SD 810, SD 820, and SDX20, integer overflow occurs when the size of the firmware section is incorrectly encoded in the firmware image.

10.0
2018-04-18 CVE-2015-9219 Qualcomm Integer Overflow or Wraparound vulnerability in Qualcomm SD 400 Firmware and SD 800 Firmware

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile SD 400 and SD 800, an integer overflow to buffer overflow can occur in a DRM API.

10.0
2018-04-18 CVE-2015-9216 Qualcomm Unspecified vulnerability in Qualcomm products

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9607, MDM9625, MDM9635M, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 625, SD 650/52, SD 808, and SD 810, improper handling of simultaneous interrupt in USB module during USB RESET and EP COMPLETE.

10.0
2018-04-18 CVE-2015-9215 Qualcomm NULL Pointer Dereference vulnerability in Qualcomm products

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile MDM9615, MDM9625, MDM9635M, and SD 810, improper input validation can cause a null pointer dereference in USB bootloader find_ep() function.

10.0
2018-04-18 CVE-2015-9212 Qualcomm Improper Input Validation vulnerability in Qualcomm products

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, and SD 800, lack of input validation while processing TZ_PR_CMD_SAVE_KEY command could lead to a buffer overread.

10.0
2018-04-18 CVE-2015-9211 Qualcomm Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Qualcomm products

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear MDM9206, MDM9650, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 820A, SD 835, SD 845, and SD 850, while provising the Playready module, a buffer overread may occur if the message passed is large.

10.0
2018-04-18 CVE-2015-9210 Qualcomm Improper Input Validation vulnerability in Qualcomm products

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear MDM9206, MDM9650, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 820A, SD 835, SD 845, and SD 850, lack of input validation in playready_licacq_process_response() can lead to memory over read.

10.0
2018-04-18 CVE-2015-9209 Qualcomm Improper Access Control vulnerability in Qualcomm products

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 600, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 835, SD 845, SD 850, and SDX20, there is improper access control in a file storage API.

10.0
2018-04-18 CVE-2015-9208 Qualcomm Improper Input Validation vulnerability in Qualcomm products

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear IPQ4019, MDM9206, MDM9607, MDM9635M, MDM9640, MDM9645, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 615/16/SD 415, SD 800, and SD 810, the function tzbsp_pil_verify_sig() does not strictly check that the pointer to ELF and program headers and hash segment is within secure memory.

10.0
2018-04-18 CVE-2015-9207 Qualcomm Improper Input Validation vulnerability in Qualcomm products

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 615/16/SD 415, SD 617, SD 650/52, SD 800, SD 808, and SD 810, lack of input validation in playready_getadditional_responsedata could lead to a buffer overread.

10.0
2018-04-18 CVE-2015-9206 Qualcomm Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Qualcomm products

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 615/16/SD 415, SD 617, SD 650/52, SD 808, and SD 810, during XML encoding of a message in the Playready module, a buffer overread may occur if the message passed is large.

10.0
2018-04-18 CVE-2015-9205 Qualcomm Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Qualcomm products

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MSM8909W, SD 210/SD 212/SD 205, SD 410/12, SD 615/16/SD 415, SD 808, and SD 810, in a PlayReady API function, a buffer over-read can occur.

10.0
2018-04-18 CVE-2015-9204 Qualcomm Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Qualcomm products

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MSM8909W, SD 210/SD 212/SD 205, SD 410/12, SD 615/16/SD 415, SD 808, and SD 810, if cchFriendlyName is greater than TZ_PR_MAX_NAME_LEN in function playready_leavedomain_generate_challenge(), a buffer overread occurs.

10.0
2018-04-18 CVE-2015-9203 Qualcomm Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Qualcomm products

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear MDM9206, MDM9650, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 820A, SD 835, SD 845, and SD 850, lack of input validation in playready_set_domainid could lead to a buffer overread.

10.0
2018-04-18 CVE-2015-9202 Qualcomm Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Qualcomm products

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear MDM9206, MDM9650, MSM8909W, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 808, SD 810, SD 820, SD 820A, SD 835, SD 845, and SD 850, while processing the content headers in the Playready module, a buffer overread may occur if the header count exceeds the expected value.

10.0
2018-04-18 CVE-2015-9201 Qualcomm Integer Overflow or Wraparound vulnerability in Qualcomm products

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear IPQ4019, MDM9206, MDM9607, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 600, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 820A, SD 835, and SDX20, integer overflow in tzbsp can lead to privilege escalation.

10.0
2018-04-18 CVE-2015-9200 Qualcomm NULL Pointer Dereference vulnerability in Qualcomm products

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9650, SD 210/SD 212/SD 205, SD 425, SD 430, SD 450, SD 625, SD 650/52, and SD 835, in some TrustZone API functions, untrusted pointers can be dereferenced.

10.0
2018-04-18 CVE-2015-9199 Qualcomm Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Qualcomm products

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile and Snapdragon Mobile IPQ4019, MDM9625, MDM9635M, MDM9640, MDM9650, MDM9655, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 615/16/SD 415, SD 800, SD 808, SD 810, SD 820, and SD 820A, A non-secure region check is done while registering QSEE buffer address which is passed by HLOS but not while logging in the QSEE buffer, so corruption of dynamically protected secure region can occur if the non-secure buffer is changed between the time it's checked and when it's used.

10.0
2018-04-18 CVE-2015-9198 Qualcomm Integer Underflow (Wrap or Wraparound) vulnerability in Qualcomm products

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear IPQ4019, MDM9206, MDM9607, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 820A, SD 835, SD 845, SD 850, and SDX20, integer underflow vulnerability in function qsee_register_log_buff may lead to arbitrary writing of secure memory.

10.0
2018-04-18 CVE-2015-9197 Qualcomm Configuration vulnerability in Qualcomm products

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9607, MDM9635M, MDM9640, MDM9645, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 615/16/SD 415, SD 617, SD 650/52, SD 808, and SD 810, when enabling XPUs for SMEM partitions, if configuration values are out of range, memory access outside the SMEM may occur and set incorrect XPU configurations.

10.0
2018-04-18 CVE-2015-9196 Qualcomm Improper Input Validation vulnerability in Qualcomm products

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Small Cell SoC FSM9055, MDM9635M, SD 400, and SD 800, improper input validation in tzbsp_ocmem can cause privilege escalation.

10.0
2018-04-18 CVE-2015-9195 Qualcomm Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Qualcomm products

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile MDM9625, MDM9635M, MDM9650, MDM9655, SD 400, SD 410/12, SD 615/16/SD 415, SD 617, SD 650/52, SD 808, SD 810, and SDX20, in a QTEE syscall handler, HLOS can cause a buffer overflow to occur.

10.0
2018-04-18 CVE-2015-9192 Qualcomm Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Qualcomm products

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear MDM9206, MDM9650, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 820A, SD 835, SD 845, and SD 850, out of bounds memory access vulnerability may occur in the content protection manager due to improper validation of incoming messages.

10.0
2018-04-18 CVE-2015-9191 Qualcomm NULL Pointer Dereference vulnerability in Qualcomm products

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9607, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 617, SD 650/52, SD 808, SD 810, and SDX20, in a QTEE syscall handler, an untrusted pointer dereference can occur.

10.0
2018-04-18 CVE-2015-9190 Qualcomm Integer Overflow or Wraparound vulnerability in Qualcomm products

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear IPQ4019, MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 600, SD 615/16/SD 415, SD 808, and SD 810, if start_addr + size is too large in boot_clobber_check_local_address_range(), an integer overflow occurs, resulting in clobber protection check being bypassed and SBL memory corruption.

10.0
2018-04-18 CVE-2015-9188 Qualcomm Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Qualcomm products

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear MDM9206, MDM9650, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 430, SD 450, SD 600, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 820A, SD 835, SD 845, and SD 850, in Secure DEMUX command handler, when parameter validation fails, an error code is written into a response buffer without checking that response buffer length, passed from HLOS, which may result in memory corruption.

10.0
2018-04-18 CVE-2015-9187 Qualcomm Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Qualcomm products

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear MDM9206, MDM9650, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 820A, SD 835, SD 845, and SD 850, lack of buffer length validation in pvr_cmd_handler leads to unauthorized access to secure memory.

10.0
2018-04-18 CVE-2015-9186 Qualcomm Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Qualcomm products

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear MDM9206, MDM9650, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 820A, SD 835, SD 845, and SD 850, in a PlayReady API function, a buffer over-read can occur.

10.0
2018-04-18 CVE-2015-9185 Qualcomm Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Qualcomm products

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear MDM9206, MDM9650, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 430, SD 450, SD 600, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 820A, SD 835, SD 845, and SD 850, in multiple Secure DEMUX functions (e.g., SDMX_open_session, SDMX_close_session, SDMX_set_session_cfg), when parameter validation fails, an error code is written into a response buffer, without checking that response buffer length (rsplen) passed from HLOS is large enough to hold the response.

10.0
2018-04-18 CVE-2015-9184 Qualcomm Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Qualcomm products

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 820A, and SD 835, lack of length checking in wv_dash_core_load_keys_v8() could lead to a buffer overflow vulnerability.

10.0
2018-04-18 CVE-2015-9183 Qualcomm Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Qualcomm products

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile SD 410/12, SD 617, SD 650/52, SD 800, SD 808, and SD 810, in TQS QSEE application, while parsing "Set Certificates" command an integer overflow may result in buffer overflow.

10.0
2018-04-18 CVE-2015-9182 Qualcomm Improper Input Validation vulnerability in Qualcomm products

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear MDM9206, MDM9650, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 820A, SD 835, SD 845, and SD 850, lack of input validation in OEMCrypto_GenerateSignature() can cause buffer over read.

10.0
2018-04-18 CVE-2015-9181 Qualcomm Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Qualcomm products

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 820A, and SD 835, in a crypto API function, a buffer over-read can occur.

10.0
2018-04-18 CVE-2015-9180 Qualcomm Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Qualcomm products

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear MDM9206, MDM9650, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 430, SD 450, SD 600, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 820A, SD 835, SD 845, and SD 850, the response pointer passed from user space to SDMX_process is not checked before it is used.

10.0
2018-04-18 CVE-2015-9179 Qualcomm Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Qualcomm Msm8974 Firmware

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile MSM8974, lack of length checking in OEMCrypto_DeriveKeysFromSessionKey() could lead to a buffer overflow vulnerability.

10.0
2018-04-18 CVE-2015-9178 Qualcomm Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Qualcomm products

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear MDM9206, MDM9650, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 820A, SD 835, SD 845, and SD 850, while processing the rmp secure command, memory corruption may result if the response buffer is smaller than the expected size.

10.0
2018-04-18 CVE-2015-9177 Qualcomm Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Qualcomm products

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear MDM9206, MDM9650, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 820A, SD 835, SD 845, and SD 850, in a crypto API function, a buffer over-read can occur.

10.0
2018-04-18 CVE-2015-9175 Qualcomm NULL Pointer Dereference vulnerability in Qualcomm products

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear MDM9206, MDM9650, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 820A, SD 835, SD 845, and SD 850, lack of input validation could lead to an untrusted pointer dereference in wv_dash_core_generic_verify().

10.0
2018-04-18 CVE-2015-9174 Qualcomm Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Qualcomm products

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile SD 410/12, SD 617, SD 650/52, SD 800, SD 808, and SD 810, lack of validation of the return value prior to using for buffer allocation in QSEE application, TQS, may result in memory overwrite.

10.0
2018-04-18 CVE-2015-9173 Qualcomm Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Qualcomm products

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile SD 410/12, SD 617, SD 650/52, SD 800, SD 808, and SD 810, missing of return value check in memscpy can cause memory corruption in TQS App.

10.0
2018-04-18 CVE-2015-9172 Qualcomm Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Qualcomm products

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear MDM9206, MDM9650, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 820A, SD 835, SD 845, and SD 850, in a WideVine API function, a buffer over-read can occur.

10.0
2018-04-18 CVE-2015-9171 Qualcomm Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Qualcomm products

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear MDM9206, MDM9650, MSM8909W, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 808, SD 810, SD 820, SD 820A, SD 835, SD 845, and SD 850, if OEMCrypto_Dash_InstallEncapKeybox() is called with keyBoxLength set to a value higher than TZ_WV_MAX_DATA_LEN (20k), a buffer over-read occurs.

10.0
2018-04-18 CVE-2015-9170 Qualcomm Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Qualcomm products

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear MDM9206, MDM9650, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 820A, SD 835, SD 845, and SD 850, incorrect offset check in wv_dash_core_refresh_keys() may lead to a buffer overread.

10.0
2018-04-18 CVE-2015-9167 Qualcomm Integer Underflow (Wrap or Wraparound) vulnerability in Qualcomm products

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile and Snapdragon Mobile SD 410/12, SD 425, SD 430, SD 450, SD 600, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, and SD 820A, in an EMM command, an integer underflow can occur.

10.0
2018-04-18 CVE-2015-9165 Qualcomm Double Free vulnerability in Qualcomm products

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear IPQ4019, MDM9206, MDM9607, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 615/16/SD 415, SD 617, SD 650/52, SD 808, and SD 810, incorrect error handling could lead to a double free in QTEE file service API.

10.0
2018-04-18 CVE-2015-9164 Qualcomm Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Qualcomm products

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, and SD 820A, a buffer overread in Playready may occur due to lack of input validation of the buffer size provided by HLOS.

10.0
2018-04-18 CVE-2015-9162 Qualcomm NULL Pointer Dereference vulnerability in Qualcomm products

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile SD 410/12, SD 617, SD 650/52, SD 800, SD 808, and SD 810, in the function "Certificate_CreateWithBuffer" in the QSEE app TQS, in case of memory allocation failure, we free the memory and return the pointer without setting it to NULL.

10.0
2018-04-18 CVE-2015-9161 Qualcomm Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Qualcomm products

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 615/16/SD 415, SD 617, SD 650/52, SD 800, SD 808, and SD 810, TOCTOU condition could lead to a buffer overflow in function playready_reader_bind().

10.0
2018-04-18 CVE-2015-9160 Qualcomm Integer Overflow or Wraparound vulnerability in Qualcomm products

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear MDM9206, MDM9607, MDM9635M, MDM9650, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 820A, SD 835, SD 845, and SD 850, integer overflow may occur when values passed from HLOS (graphics driver busy time, and total time) in TZBSP_GFX_DCVS_UPDATE_ID are very large.

10.0
2018-04-18 CVE-2015-9159 Qualcomm Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Qualcomm products

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear MDM9206, MDM9650, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 820A, SD 835, SD 845, and SD 850, lack of input validation OEMCrypto_GetRandom can cause potential buffer overflow.

10.0
2018-04-18 CVE-2015-9158 Qualcomm Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Qualcomm products

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear MDM9206, MDM9650, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 820A, SD 835, SD 845, and SD 850, in a QTEE crypto function, a buffer overflow can occur.

10.0
2018-04-18 CVE-2015-9157 Qualcomm Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Qualcomm products

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear IPQ4019, MDM9206, MDM9607, MDM9625, MDM9635M, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 600, SD 615/16/SD 415, SD 617, SD 650/52, SD 800, SD 808, and SD 810, in widevine_dash_cmd_handler(), rsp buffers are passed off to widevine commands.

10.0
2018-04-18 CVE-2015-9156 Qualcomm Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Qualcomm products

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9607, MDM9635M, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 615/16/SD 415, SD 617, SD 800, SD 808, and SD 810, when making a high speed Dual Carrier Downlink Data call in a multicell environment, a buffer overflow may occur.

10.0
2018-04-18 CVE-2015-9153 Qualcomm Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Qualcomm products

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear IPQ4019, MDM9206, MDM9607, MDM9650, MSM8909W, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 808, SD 810, SD 820, SD 820A, SD 835, SD 845, and SD 850, in a DRM function, a buffer over-read can occur.

10.0
2018-04-18 CVE-2015-9152 Qualcomm Improper Access Control vulnerability in Qualcomm products

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile and Snapdragon Mobile IPQ4019, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 450, SD 615/16/SD 415, SD 625, SD 800, SD 810, SD 820, SD 820A, SD 835, and Snapdragon_High_Med_2016, modem owned regions are accessible from secure side.

10.0
2018-04-18 CVE-2015-9151 Qualcomm Improper Input Validation vulnerability in Qualcomm products

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile MDM9625, MDM9635M, SD 400, and SD 800, userspace-provided pointer arguments are not validated.

10.0
2018-04-18 CVE-2015-9150 Qualcomm Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Qualcomm products

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile MDM9625, MDM9635M, SD 400, and SD 800, while computing the length of memory allocated for a Diag event, if the buffer length is very small or greater than the maximum, an integer overflow may occur, which later results in a buffer overflow.

10.0
2018-04-18 CVE-2015-9149 Qualcomm NULL Pointer Dereference vulnerability in Qualcomm products

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear MDM9206, MDM9650, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 820A, SD 835, SD 845, and SD 850, in a DIAG ioctl handler, an untrusted pointer dereference can occur.

10.0
2018-04-18 CVE-2015-9148 Qualcomm Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Qualcomm products

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile and Snapdragon Mobile MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, SD 400, SD 425, SD 430, SD 450, SD 600, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 820A, SD 835, SD 845, SD 850, and SDX20, in the Diag User-PD command registration function, a length variable used during buffer allocation is not checked, so if it is very large, an integer overflow followed by a buffer overflow occurs.

10.0
2018-04-18 CVE-2015-9147 Qualcomm Improper Input Validation vulnerability in Qualcomm products

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile MDM9625, MDM9635M, SD 400, and SD 800, userspace-provided pointer arguments are not validated.

10.0
2018-04-18 CVE-2015-9146 Qualcomm Improper Input Validation vulnerability in Qualcomm products

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile MDM9625, MDM9635M, MDM9645, MDM9650, MDM9655, SD 400, SD 800, SD 835, SD 845, SD 850, and SDX20, when QDI read, write, or ioctl are called, the passed-in pointer is not properly validated before accessing it for the delayed response.

10.0
2018-04-18 CVE-2015-9145 Qualcomm NULL Pointer Dereference vulnerability in Qualcomm products

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear MDM9206, MDM9607, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 425, SD 430, SD 450, SD 617, SD 625, SD 650/52, SD 808, SD 810, SD 820, SD 820A, SD 835, SD 845, SD 850, and SDX20, lack of input validation in NPA driver functions leads to null pointer dereference.

10.0
2018-04-18 CVE-2015-9144 Qualcomm Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Qualcomm products

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 835, SD 845, SD 850, and SDX20, while processing scheduling message information, a buffer overflow can occur.

10.0
2018-04-18 CVE-2015-9143 Qualcomm Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Qualcomm products

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear IPQ4019, MDM9206, MDM9607, MDM9615, MDM9625, MDM9640, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 600, SD 615/16/SD 415, and SDX20, when reading CDT from eMMC with a very large meta offset (>size of default CDT-array compiled in bootloader) for one of the CDBs, a buffer overflow occurs.

10.0
2018-04-18 CVE-2015-9142 Qualcomm Range Error vulnerability in Qualcomm products

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile MDM9645, MDM9650, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 450, SD 615/16/SD 415, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SDM630, SDM636, SDM660, and Snapdragon_High_Med_2016, bounds check is missing for vtable index in DAL-TO-QDI conversion framework.

10.0
2018-04-18 CVE-2015-9141 Qualcomm Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Qualcomm products

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9607, MDM9635M, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 615/16/SD 415, SD 617, SD 800, SD 808, and SD 810, in HHO scenarios, during the ACQ procedure, there are possible instances where the search database is incorrectly updated resulting in memory corruption due to buffer overflow.

10.0
2018-04-18 CVE-2015-9139 Qualcomm Improper Input Validation vulnerability in Qualcomm products

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 615/16/SD 415, SD 617, SD 650/52, SD 800, SD 808, SD 810, and SD 820, improper input validation can occur while negotiating an SSL handshake.

10.0
2018-04-18 CVE-2015-9138 Qualcomm Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Qualcomm products

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear, and Small Cell SoC FSM9055, IPQ4019, MDM9206, MDM9607, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 600, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 820A, SD 835, SD 845, SD 850, and SDX20, when an RSA encryption operation is called, the ce_util_to_unsigned_bin is invoked to convert the input buffer to unsigned binary.

10.0
2018-04-18 CVE-2015-9136 Qualcomm Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Qualcomm products

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9607, MDM9640, MDM9650, SD 210/SD 212/SD 205, SD 425, SD 430, SD 450, SD 600, SD 625, SD 650/52, SD 808, SD 810, SD 820, SD 835, and SDX20, in pre-auth request, Host driver uses FT IEs sent by the supplicant.

10.0
2018-04-18 CVE-2015-9135 Qualcomm NULL Pointer Dereference vulnerability in Qualcomm products

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9625, MDM9635M, MDM9640, MDM9645, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 615/16/SD 415, SD 617, SD 650/52, SD 800, SD 808, and SD 810, in a QTEE syscall handler, an untrusted pointer dereference can occur.

10.0
2018-04-18 CVE-2015-9133 Qualcomm Integer Overflow or Wraparound vulnerability in Qualcomm products

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile SD 400, SD 410/12, SD 617, SD 650/52, SD 800, and SD 810, if Widevine App TZ_WV_CMD_DECRYPT_VIDEO is called with a size too large, an integer overflow may occur.

10.0
2018-04-18 CVE-2015-9130 Qualcomm NULL Pointer Dereference vulnerability in Qualcomm products

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 615/16/SD 415, SD 617, SD 650/52, SD 808, and SD 810, in a PlayReady function, a NULL pointer dereference can occur.

10.0
2018-04-18 CVE-2015-9129 Qualcomm Integer Underflow (Wrap or Wraparound) vulnerability in Qualcomm products

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear MDM9206, MDM9650, MSM8909W, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 808, SD 810, SD 820, SD 820A, SD 835, SD 845, and SD 850, if the size parameter passed to TZ_PR_CMD_CONTENT_SET_PROP is small, an integer underflow occurs.

10.0
2018-04-18 CVE-2015-9128 Qualcomm Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Qualcomm products

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear MDM9206, MDM9650, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 820A, and SD 835, lack of validation of the buffer size could lead to a buffer overread.

10.0
2018-04-18 CVE-2015-9127 Qualcomm NULL Pointer Dereference vulnerability in Qualcomm products

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 615/16/SD 415, and SD 810, possible null pointer dereference occurs due to failure of memory allocation when a large value is passed for buffer allocation in the Playready App.

10.0
2018-04-18 CVE-2015-9126 Qualcomm Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Qualcomm products

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9607, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 425, SD 430, SD 450, SD 617, SD 625, SD 650/52, SD 808, SD 810, SD 820, SD 835, SD 845, SD 850, and SDX20, possible buffer overflow when processing 1X circuit service message.

10.0
2018-04-18 CVE-2015-9122 Qualcomm Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Qualcomm products

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9607, MDM9635M, MDM9640, MDM9645, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, and SD 835, possible buffer overflow if SIM card sends a response greater than 64KB of data for stream APDU command.

10.0
2018-04-18 CVE-2015-9120 Qualcomm 7PK - Errors vulnerability in Qualcomm products

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear IPQ4019, MDM9206, MDM9607, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 600, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 820A, and SD 835, detection of Error Condition Without Action in Core.

10.0
2018-04-18 CVE-2015-9118 Qualcomm Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Qualcomm products

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile MDM9615, MDM9625, MDM9635M, SD 400, SD 410/12, SD 615/16/SD 415, SD 800, SD 808, and SD 810, in ADSP's QDI Root-PD driver, untrusted arguments from User PD may cause integer overflow resulting in buffer overflow.

10.0
2018-04-18 CVE-2015-9116 Qualcomm Improper Input Validation vulnerability in Qualcomm products

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile and Snapdragon Mobile MDM9625, SD 425, SD 430, SD 450, SD 625, SD 650/52, SD 810, SD 820, and SD 820A, in a QTEE syscall handler, an untrusted pointer dereference can occur.

10.0
2018-04-18 CVE-2015-9115 Qualcomm Improper Input Validation vulnerability in Qualcomm products

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile and Snapdragon Mobile MDM9625, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 820, and SD 820A, no address argument validation is performed on calls to the qsee_prng_getdata syscall.

10.0
2018-04-18 CVE-2015-9114 Qualcomm NULL Pointer Dereference vulnerability in Qualcomm products

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile and Snapdragon Mobile SD 425, SD 430, SD 450, SD 625, SD 650/52, SD 820, and SD 820A, lack of address argument validation in qsee_query_counter syscall could lead to untrusted pointer dereference.

10.0
2018-04-18 CVE-2015-9113 Qualcomm NULL Pointer Dereference vulnerability in Qualcomm products

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile and Snapdragon Mobile MDM9625, SD 425, SD 430, SD 450, SD 625, SD 650/52, SD 810, SD 820, and SD 820A, untrusted pointer dereference in QSEE Syscall without proper validation can lead to access of blacklisted memory.

10.0
2018-04-18 CVE-2015-9112 Qualcomm Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Qualcomm products

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile and Snapdragon Mobile MDM9625, SD 400, SD 800, SD 820, and SD 820A, lack of input validation in QSEE can cause potential buffer overflow.

10.0
2018-04-18 CVE-2015-9111 Qualcomm NULL Pointer Dereference vulnerability in Qualcomm products

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile and Snapdragon Mobile MDM9625, SD 425, SD 430, SD 450, SD 625, SD 650/52, SD 820, and SD 820A, in a QTEE syscall handler, an untrusted pointer dereference can occur.

10.0
2018-04-18 CVE-2015-9110 Qualcomm Improper Input Validation vulnerability in Qualcomm products

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile and Snapdragon Mobile SD 425, SD 430, SD 450, SD 625, SD 650/52, SD 820, and SD 820A, no address argument validation is performed on calls to the qsee_get_secure_state syscall.

10.0
2018-04-18 CVE-2015-9109 Qualcomm NULL Pointer Dereference vulnerability in Qualcomm products

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile and Snapdragon Mobile MDM9625, SD 425, SD 430, SD 450, SD 625, SD 650/52, SD 820, and SD 820A, lack of address argument validation inqsee_fuse_write could lead to untrusted pointer dereference.

10.0
2018-04-18 CVE-2015-9108 Qualcomm Improper Input Validation vulnerability in Qualcomm products

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile and Snapdragon Mobile MDM9625, SD 425, SD 430, SD 450, SD 625, SD 650/52, SD 820, and SD 820A, no address argument validation performed on calls to a QSEE syscall may lead to arbitrary read/write or NULL Pointer exception when calling a downstream function.

10.0
2018-04-18 CVE-2014-9998 Qualcomm Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Qualcomm products

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear IPQ4019, IPQ8064, MDM9206, MDM9607, MDM9635M, MDM9640, MDM9650, QCA4531, QCA6174A, QCA6574AU, QCA6584, QCA6584AU, QCA9377, QCA9378, QCA9379, QCA9558, QCA9880, QCA9886, QCA9980, SD 210/SD 212/SD 205, SD 425, SD 625, SD 808, SD 810, SD 820, and SDX20, while processing firmware image signature, the internal buffer may overflow if the firmware signature size is large.

10.0
2018-04-18 CVE-2014-9997 Qualcomm Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Qualcomm products

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9625, MDM9635M, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 615/16/SD 415, SD 450, SD 625, SD 650/52, SD 808, and SD 810, lack of input validation in PRDiagMaintenanceHandler can leads to buffer over read.

10.0
2018-04-18 CVE-2014-9996 Qualcomm Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Qualcomm SD 400 Firmware and SD 800 Firmware

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile SD 400 and SD 800, while verifying provisioning, a buffer overflow can occur.

10.0
2018-04-18 CVE-2014-9995 Qualcomm Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Qualcomm SD 400 Firmware and SD 800 Firmware

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile SD 400 and SD 800, in drmprov_cmd_verify_key(), the variable feature_name_length is not validated.

10.0
2018-04-18 CVE-2014-9994 Qualcomm Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Qualcomm SD 400 Firmware and SD 800 Firmware

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile SD 400 and SD 800, lack of validation of input could cause a integer overflow that could subsequently lead to a buffer overflow.

10.0
2018-04-18 CVE-2014-9993 Qualcomm Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Qualcomm products

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear MDM9206, MDM9607, MDM9650, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 820A, SD 835, SD 845, SD 450, and SD 850, buffer overread vulnerability may occur while provisioning a content with a large message.

10.0
2018-04-18 CVE-2014-9991 Qualcomm Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Qualcomm products

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9625, MDM9635M, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 615/16/SD 415, SD 625, SD 650/52, SD 808, SD 810, and SD 450, if a client or host sends more than 16k bytes of USB mass storage transfer, a buffer overflow occurs.

10.0
2018-04-18 CVE-2014-9990 Qualcomm Improper Validation of Array Index vulnerability in Qualcomm products

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MSM8909W, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 430, SD 600, SD 615/16/SD 415, SD 625, SD 650/52, SD 808, SD 810, and SD 450, lack of input validation could lead to an out of bound array access.

10.0
2018-04-18 CVE-2014-9989 Qualcomm Improper Validation of Array Index vulnerability in Qualcomm products

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 600, SD 615/16/SD 415, SD 625, SD 650/52, SD 808, SD 810, and SD 450, if an incorrect endpoint number or direction is passed, an out of bounds array access may occur in the USB management module.

10.0
2018-04-18 CVE-2014-9988 Qualcomm Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Qualcomm products

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear SD 820A, IPQ4019, MDM9206, MDM9607, MDM9650, MSM8909W, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 430, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 808, SD 810, SD 820, SD 835, SD 845, SD 450, and SD 850, lack of input validation for message length causes buffer over read in drm_app_encapsulate_save_keys.

10.0
2018-04-18 CVE-2014-9987 Qualcomm Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Qualcomm products

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear MDM9206, MDM9650, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 808, SD 810, SD 820, SD 820A, SD 835, SD 845, and SD 850, a buffer over-read can occur in a DRM API.

10.0
2018-04-18 CVE-2014-9985 Qualcomm 7PK - Errors vulnerability in Qualcomm Mdm9635M Firmware, SD 400 Firmware and SD 800 Firmware

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile MDM9635M, SD 400, and SD 800, TOCTOU condition may result in bypassing error condition checks, leading to undefined behavior.

10.0
2018-04-18 CVE-2014-10059 Qualcomm Improper Access Control vulnerability in Qualcomm products

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile MDM9615, MDM9625, SD 210/SD 212/SD 205, SD 400, and SD 800, improper access control on ATCMD service allows third party services to access without user knowledge.

10.0
2018-04-18 CVE-2014-10057 Qualcomm Permissions, Privileges, and Access Controls vulnerability in Qualcomm products

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile MDM9615, MDM9625, MDM9635M, MDM9640, MDM9650, SD 210/SD 212/SD 205, SD 400, SD 425, SD 430, SD 435, SD 617, SD 625, and Snapdragon_High_Med_2016, binary Calibration files under data/misc/audio have 777 permissions.

10.0
2018-04-18 CVE-2014-10056 Qualcomm Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Qualcomm SD 205 Firmware, SD 210 Firmware and SD 212 Firmware

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile SD 210/SD 212/SD 205, A buffer overflow can potentially occur in any OpenCL application that calls clBuildProgram() with a device of type CL_DEVICE_TYPE_CPU in its device_list argument.

10.0
2018-04-18 CVE-2014-10054 Qualcomm Permissions, Privileges, and Access Controls vulnerability in Qualcomm products

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear MDM9206, MDM9607, MDM9635M, MDM9640, MDM9650, MSM8909W, QCA6174A, QCA6574AU, QCA9377, QCA9379, SD 210/SD 212/SD 205, SD 400, SD 450, SD 410/12, SD 425, SD 430, SD 600, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, and SDX20, lack of input validation on BT HCI commands processing allows privilege escalation.

10.0
2018-04-18 CVE-2014-10053 Qualcomm Improper Access Control vulnerability in Qualcomm products

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear MDM9206, MDM9650, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 615/16/SD 415, SD 450, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 820A, SD 835, SD 845, and SD 850, data access is not properly validated in the Widevine secure application.

10.0
2018-04-18 CVE-2014-10052 Qualcomm Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Qualcomm products

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile, Snapdragon Wear, and Small Cell SoC FSM9055, IPQ4019, MDM9206, MDM9607, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 600, SD 615/16/SD 415, SD 617, SD 650/52, SD 800, SD 808, SD 810, SD 835, and SDX20, the reserved memory of TZ subsystem (like TZ apps and some PIL image subsystem) is not cleared after being used.

10.0
2018-04-18 CVE-2014-10051 Qualcomm Improper Input Validation vulnerability in Qualcomm products

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9607, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, and SDX20, after loading a dynamically loaded code section, I-Cache is not invalidated, which could lead to executing code from stale cache lines.

10.0
2018-04-18 CVE-2014-10050 Qualcomm Improper Access Control vulnerability in Qualcomm products

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile MSM8996, MSM8939, MSM8976, MSM8917, SDM845, and SDM660, access control collision vulnerability when accessing the replay protected memory block.

10.0
2018-04-18 CVE-2014-10048 Qualcomm Improper Validation of Array Index vulnerability in Qualcomm products

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9607, MDM9650, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 600, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 835, and SDX20, while setting the offsets, time-services allows the user to set bases greater than valid base value which will lead to array index out-of-bound.

10.0
2018-04-18 CVE-2014-10046 Qualcomm Use After Free vulnerability in Qualcomm products

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile MDM9615, MDM9625, MDM9635M, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 615/16/SD 415, SD 800, SD 808, and SD 810, use after free vulnerability when the PDN throttle info block is freed without clearing the corresponding active timer.

10.0
2018-04-18 CVE-2014-10045 Qualcomm Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Qualcomm products

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear IPQ4019, MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 615/16/SD 415, SD 820, and SDX20, buffer overflow vulnerability exist in Sahara boot when program header are parsing.

10.0
2018-04-18 CVE-2014-10039 Qualcomm Data Processing Errors vulnerability in Qualcomm Mdm9625 Firmware, SD 400 Firmware and SD 800 Firmware

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile MDM9625, SD 400, and SD 800, calling qsee_app_entry_return() without first calling qsee_app_entry() will cause the stack to be restored to an older state resulting in a return to an unexpected location.

10.0
2018-04-17 CVE-2018-10192 Ipvanish Unspecified vulnerability in Ipvanish 3.0.11

IPVanish 3.0.11 for macOS suffers from a root privilege escalation vulnerability.

10.0
2018-04-17 CVE-2017-9638 Mitsubishielectric Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Mitsubishielectric E-Designer 7.52

Mitsubishi E-Designer, Version 7.52 Build 344 contains six code sections which may be exploited to overwrite the stack.

10.0
2018-04-17 CVE-2017-9636 Mitsubishielectric Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Mitsubishielectric E-Designer 7.52

Mitsubishi E-Designer, Version 7.52 Build 344 contains five code sections which may be exploited to overwrite the heap.

10.0
2018-04-17 CVE-2017-9634 Mitsubishielectric Out-of-bounds Write vulnerability in Mitsubishielectric E-Designer 7.52

Mitsubishi E-Designer, Version 7.52 Build 344 contains two code sections which may be exploited to allow an attacker to overwrite arbitrary memory locations.

10.0
2018-04-16 CVE-2018-10170 Nordvpn Incorrect Permission Assignment for Critical Resource vulnerability in Nordvpn 6.12.7.0

NordVPN 6.12.7.0 for Windows suffers from a SYSTEM privilege escalation vulnerability through the "nordvpn-service" service.

10.0
2018-04-16 CVE-2018-10169 Protonmail Incorrect Permission Assignment for Critical Resource vulnerability in Protonmail Protonvpn 1.3.3

ProtonVPN 1.3.3 for Windows suffers from a SYSTEM privilege escalation vulnerability through the "ProtonVPN Service" service.

10.0
2018-04-20 CVE-2018-1290 Apache SQL Injection vulnerability in Apache Fineract

In Apache Fineract versions 1.0.0, 0.6.0-incubating, 0.5.0-incubating, 0.4.0-incubating, Using a single quotation escape with two continuous SQL parameters can cause a SQL injection.

9.8
2018-04-19 CVE-2018-2628 Oracle Deserialization of Untrusted Data vulnerability in Oracle Weblogic Server

Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: WLS Core Components).

9.8
2018-04-18 CVE-2018-7761 Schneider Electric Improper Input Validation vulnerability in Schneider-Electric products

A vulnerability exists in the HTTP request parser in Schneider Electric's Modicon M340, Modicon Premium, Modicon Quantum PLC, BMXNOR0200 which could allow arbitrary code execution.

9.8
2018-04-18 CVE-2018-7760 Schneider Electric Improper Authentication vulnerability in Schneider-Electric products

An authorization bypass vulnerability exists in Schneider Electric's Modicon M340, Modicon Premium, Modicon Quantum PLC, BMXNOR0200.

9.8
2018-04-18 CVE-2018-7242 Schneider Electric Inadequate Encryption Strength vulnerability in Schneider-Electric products

Vulnerable hash algorithms exists in Schneider Electric's Modicon Premium, Modicon Quantum, Modicon M340, and BMXNOR0200 controllers in all versions of the communication modules.

9.8
2018-04-18 CVE-2018-7241 Schneider Electric Use of Hard-coded Credentials vulnerability in Schneider-Electric products

Hard coded accounts exist in Schneider Electric's Modicon Premium, Modicon Quantum, Modicon M340, and BMXNOR0200 controllers in all versions of the communication modules.

9.8
2018-04-16 CVE-2018-10106 Dlink Information Exposure vulnerability in Dlink Dir-815 Firmware

D-Link DIR-815 REV.

9.8
2018-04-18 CVE-2018-1000167 Oisf Deserialization of Untrusted Data vulnerability in Oisf Suricata-Update 1.0.0A1

OISF suricata-update version 1.0.0a1 contains an Insecure Deserialization vulnerability in the insecure yaml.load-Function as used in the following files: config.py:136, config.py:142, sources.py:99 and sources.py:131.

9.3
2018-04-18 CVE-2016-10439 Qualcomm Race Condition vulnerability in Qualcomm products

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile and Snapdragon Mobile SD 425, SD 430, SD 450, SD 625, SD 650/52, SD 820, and SD 820A, there is a TOCTOU vulnerability in the input validation for bulletin_board_read syscall.

9.3
2018-04-18 CVE-2016-10435 Qualcomm Race Condition vulnerability in Qualcomm products

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear MDM9206, MDM9625, MDM9635M, MDM9640, MDM9645, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 820, and SD 820A, in some QTEE syscall handlers, a TOCTOU vulnerability exists.

9.3
2018-04-18 CVE-2016-10433 Qualcomm Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Qualcomm products

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear MDM9635M, MDM9640, MDM9645, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 820, and SD 820A, TOCTOU vulnerability during SSD image decryption may cause memory corruption.

9.3
2018-04-18 CVE-2016-10432 Qualcomm Race Condition vulnerability in Qualcomm products

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile and Snapdragon Mobile SD 410/12, SD 425, SD 430, SD 450, SD 617, SD 625, SD 650/52, SD 820, and SD 820A, TOCTOU vulnerabilities may occur while sanitizing userspace values passed to tQSEE system call.

9.3
2018-04-18 CVE-2016-10417 Qualcomm Improper Access Control vulnerability in Qualcomm products

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear IPQ4019, MDM9206, MDM9607, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 820A, and SDX20, in QTEE, a TOCTOU vulnerability exists due to improper access control.

9.3
2018-04-18 CVE-2016-10409 Qualcomm Race Condition vulnerability in Qualcomm products

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile and Snapdragon Mobile SD 425, SD 430, SD 450, SD 625, SD 650/52, SD 820, SD 820A, and SD 835, TOCTOU vulnerability may occur while composing the RPMB request using HLOS controlled buffers.

9.3
2018-04-16 CVE-2018-0562 Coderium Untrusted Search Path vulnerability in Coderium Soundengine 5.21

Untrusted search path vulnerability in Installer of SoundEngine Free ver.5.21 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.

9.3
2018-04-16 CVE-2018-0561 Securebrain Untrusted Search Path vulnerability in Securebrain Phishwall 3.7.15

Untrusted search path vulnerability in The installer of PhishWall Client Internet Explorer edition Ver.

9.3
2018-04-20 CVE-2018-10173 Digitalguardian Unrestricted Upload of File with Dangerous Type vulnerability in Digitalguardian Management Console 7.1.2.0015

Digital Guardian Management Console 7.1.2.0015 allows authenticated remote code execution because of Arbitrary File Upload functionality.

9.0
2018-04-19 CVE-2018-0238 Cisco Improper Authentication vulnerability in Cisco Unified Computing System Director 6.5(0.0)/6.5(0.1)

A vulnerability in the role-based resource checking functionality of the Cisco Unified Computing System (UCS) Director could allow an authenticated, remote attacker to view unauthorized information for any virtual machine in the UCS Director end-user portal and perform any permitted operations on any virtual machine.

9.0
2018-04-18 CVE-2018-10204 Purevpn Incorrect Permission Assignment for Critical Resource vulnerability in Purevpn 6.0.1

PureVPN 6.0.1 for Windows suffers from a SYSTEM privilege escalation vulnerability in its "sevpnclient" service.

9.0
2018-04-18 CVE-2018-8736 Nagios Unspecified vulnerability in Nagios XI

A privilege escalation vulnerability in Nagios XI 5.2.x through 5.4.x before 5.4.13 allows an attacker to leverage an RCE vulnerability escalating to root.

9.0
2018-04-18 CVE-2018-8735 Nagios OS Command Injection vulnerability in Nagios XI

Remote command execution (RCE) vulnerability in Nagios XI 5.2.x through 5.4.x before 5.4.13 allows an attacker to execute arbitrary commands on the target system, aka OS command injection.

9.0

87 High Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2018-04-22 CVE-2018-10267 Wtcms Project Cross-Site Request Forgery (CSRF) vulnerability in Wtcms Project Wtcms 1.0

WTCMS 1.0 has a CSRF vulnerability to add an administrator account via the index.php?admin&m=user&a=add_post URI.

8.8
2018-04-20 CVE-2018-1289 Apache SQL Injection vulnerability in Apache Fineract

In Apache Fineract versions 1.0.0, 0.6.0-incubating, 0.5.0-incubating, 0.4.0-incubating, the system exposes different REST end points to query domain specific entities with a Query Parameter 'orderBy' and 'sortOrder' which are appended directly with SQL statements.

8.8
2018-04-19 CVE-2018-3843 Foxitsoftware Incorrect Type Conversion or Cast vulnerability in Foxitsoftware Foxit Reader 9.0.1.1049

An exploitable type confusion vulnerability exists in the way Foxit PDF Reader version 9.0.1.1049 parses files with associated file annotations.

8.8
2018-04-19 CVE-2018-3842 Foxitsoftware Access of Uninitialized Pointer vulnerability in Foxitsoftware Foxit Reader 9.0.1.1049

An exploitable use of an uninitialized pointer vulnerability exists in the JavaScript engine in Foxit PDF Reader version 9.0.1.1049.

8.8
2018-04-19 CVE-2018-10220 Mushmush Server-Side Request Forgery (SSRF) vulnerability in Mushmush Glastopf 3.1.3

Glastopf 3.1.3-dev has SSRF, as demonstrated by the abc.php a parameter.

8.8
2018-04-19 CVE-2018-2844 Oracle Unspecified vulnerability in Oracle VM Virtualbox

Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core).

8.8
2018-04-17 CVE-2018-5430 Tibco Path Traversal vulnerability in Tibco products

The Spring web flows of TIBCO Software Inc.'s TIBCO JasperReports Server, TIBCO JasperReports Server Community Edition, TIBCO JasperReports Server for ActiveMatrix BPM, TIBCO Jaspersoft for AWS with Multi-Tenancy, and TIBCO Jaspersoft Reporting and Analytics for AWS contain a vulnerability which may allow any authenticated user read-only access to the contents of the web application, including key configuration files.

8.8
2018-04-16 CVE-2018-10172 7 ZIP Improper Privilege Management vulnerability in 7-Zip

7-Zip through 18.01 on Windows implements the "Large memory pages" option by calling the LsaAddAccountRights function to add the SeLockMemoryPrivilege privilege to the user's account, which makes it easier for attackers to bypass intended access restrictions by using this privilege in the context of a sandboxed process.

8.8
2018-04-16 CVE-2018-3849 Nasa
Fedoraproject
Out-of-bounds Write vulnerability in multiple products

In the ffghtb function in NASA CFITSIO 3.42, specially crafted images parsed via the library can cause a stack-based buffer overflow overwriting arbitrary data.

8.8
2018-04-16 CVE-2018-3848 Nasa
Fedoraproject
Out-of-bounds Write vulnerability in multiple products

In the ffghbn function in NASA CFITSIO 3.42, specially crafted images parsed via the library can cause a stack-based buffer overflow overwriting arbitrary data.

8.8
2018-04-16 CVE-2018-3846 Nasa
Fedoraproject
Out-of-bounds Write vulnerability in multiple products

In the ffgphd and ffgtkn functions in NASA CFITSIO 3.42, specially crafted images parsed via the library can cause a stack-based buffer overflow overwriting arbitrary data.

8.8
2018-04-16 CVE-2016-9593 Theforeman
Redhat
Credentials Management vulnerability in multiple products

foreman-debug before version 1.15.0 is vulnerable to a flaw in foreman-debug's logging.

8.8
2018-04-19 CVE-2018-0240 Cisco Unspecified vulnerability in Cisco products

Multiple vulnerabilities in the Application Layer Protocol Inspection feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to trigger a reload of an affected device, resulting in a denial of service (DoS) condition.

8.6
2018-04-19 CVE-2018-0231 Cisco Out-of-bounds Write vulnerability in Cisco products

A vulnerability in the Transport Layer Security (TLS) library of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to trigger a reload of the affected device, resulting in a denial of service (DoS) condition.

8.6
2018-04-19 CVE-2018-0230 Cisco Resource Exhaustion vulnerability in Cisco products

A vulnerability in the internal packet-processing functionality of Cisco Firepower Threat Defense (FTD) Software for Cisco Firepower 2100 Series Security Appliances could allow an unauthenticated, remote attacker to cause an affected device to stop processing traffic, resulting in a denial of service (DoS) condition.

8.6
2018-04-19 CVE-2018-0228 Cisco Improper Locking vulnerability in Cisco Adaptive Security Appliance Software

A vulnerability in the ingress flow creation functionality of Cisco Adaptive Security Appliance (ASA) could allow an unauthenticated, remote attacker to cause the CPU to increase upwards of 100% utilization, causing a denial of service (DoS) condition on an affected system.

8.6
2018-04-18 CVE-2015-9124 Qualcomm NULL Pointer Dereference vulnerability in Qualcomm products

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile MDM9625, MDM9635M, MDM9640, MDM9645, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 615/16/SD 415, SD 800, SD 808, and SD 810, the device may crash while accessing an invalid pointer or expose otherwise inaccessible memory contents.

8.5
2018-04-19 CVE-2018-2826 Oracle
Canonical
Netapp
Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Libraries).
8.3
2018-04-19 CVE-2018-2825 Oracle
Canonical
Netapp
Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Libraries).
8.3
2018-04-19 CVE-2018-2814 Oracle
Redhat
Debian
Canonical
Schneider Electric
HP
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Hotspot).
8.3
2018-04-20 CVE-2018-1292 Apache SQL Injection vulnerability in Apache Fineract

Within the 'getReportType' method in Apache Fineract 1.0.0, 0.6.0-incubating, 0.5.0-incubating, 0.4.0-incubating, a hacker could inject SQL to read/update data for which he doesn't have authorization for by way of the 'reportName' parameter.

8.1
2018-04-20 CVE-2018-1291 Apache SQL Injection vulnerability in Apache Fineract

Apache Fineract 1.0.0, 0.6.0-incubating, 0.5.0-incubating, 0.4.0-incubating exposes different REST end points to query domain specific entities with a Query Parameter 'orderBy' which are appended directly with SQL statements.

8.1
2018-04-18 CVE-2018-1088 Redhat
Opensuse
Debian
Incorrect Privilege Assignment vulnerability in multiple products

A privilege escalation flaw was found in gluster 3.x snapshot scheduler.

8.1
2018-04-20 CVE-2017-8315 Eclipse XXE vulnerability in Eclipse IDE 2017.2.5

Eclipse XML parser for the Eclipse IDE versions 2017.2.5 and earlier was found vulnerable to an XML External Entity attack.

7.8
2018-04-19 CVE-2018-0233 Cisco Resource Exhaustion vulnerability in Cisco Firepower Management Center

A vulnerability in the Secure Sockets Layer (SSL) packet reassembly functionality of the detection engine in Cisco Firepower System Software could allow an unauthenticated, remote attacker to cause the detection engine to consume excessive system memory on an affected device, which could cause a denial of service (DoS) condition.

7.8
2018-04-19 CVE-2018-2764 Oracle Unspecified vulnerability in Oracle Solaris 10/11.3

Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: Kernel).

7.8
2018-04-19 CVE-2018-2718 Oracle Unspecified vulnerability in Oracle Solaris 10.0/11.3

Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: RPC).

7.8
2018-04-18 CVE-2018-10194 Artifex
Canonical
Debian
Redhat
Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products

The set_text_distance function in devices/vector/gdevpdts.c in the pdfwrite component in Artifex Ghostscript through 9.22 does not prevent overflows in text-positioning calculation, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted PDF document.

7.8
2018-04-18 CVE-2016-10499 Qualcomm Resource Management Errors vulnerability in Qualcomm products

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 835, SD 845, SD 850, and SDX20, memory leak may occur in the IPSecurity module when repeating IKE-Rekey.

7.8
2018-04-18 CVE-2016-10497 Qualcomm Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Qualcomm products

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 835, SD 845, SD 850, and SDX20, improper CFG allocation can cause heap leak.

7.8
2018-04-18 CVE-2016-10464 Qualcomm Improper Input Validation vulnerability in Qualcomm products

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9607, MDM9640, MDM9650, QCA6174A, QCA6574AU, QCA9377, SD 210/SD 212/SD 205, SD 425, SD 600, SD 650/52, SD 808, SD 810, SD 820, and SDX20, lack of input validation for HCI H4 UART packet ID cause system denial of service.

7.8
2018-04-18 CVE-2016-10459 Qualcomm Resource Management Errors vulnerability in Qualcomm products

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9645, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 615/16/SD 415, SD 617, SD 800, SD 810, and SD 820, during a call, memory exhaustion can occur.

7.8
2018-04-18 CVE-2016-10455 Qualcomm Data Processing Errors vulnerability in Qualcomm products

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 835, SD 845, SD 850, and SDX20, improper initialization of ike_sa_handle_ptr in IPSEC leads to system denial of service.

7.8
2018-04-18 CVE-2016-10427 Qualcomm Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Qualcomm products

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 835, SD 845, SD 850, and SDX20, improper boundary check in RLC AM module leads to denial of service by reaching assertion.

7.8
2018-04-18 CVE-2016-10416 Qualcomm Resource Management Errors vulnerability in Qualcomm products

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9645, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 600, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, and SD 820, UE crash is seen due to IPCMem exhaustion, when UDP data is pumped to UE's ULP (UserPlane Location protocol) UDP port 7275.

7.8
2018-04-18 CVE-2016-10411 Qualcomm Resource Management Errors vulnerability in Qualcomm products

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, and SD 835, RTP daemon crashes and terminates VT call when UE receives RTCP unknown APP packet report which caused the parser to miss an end of RTCP packet length and go on forever looking for it, even going beyond the limits of the RTCP Packet length.

7.8
2018-04-18 CVE-2015-9222 Qualcomm Resource Management Errors vulnerability in Qualcomm products

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 450, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 835, SD 845, SDM630, SDM636, SDM660, and Snapdragon_High_Med_2016, processing erroneous bitstreams may result in a HW freeze.

7.8
2018-04-17 CVE-2018-7539 Appeartv Path Traversal vulnerability in Appeartv Xc5000 Firmware and Xc5100 Firmware

On Appear TV XC5000 and XC5100 devices with firmware 3.26.217, it is possible to read OS files with a specially crafted HTTP request (such as GET /../../../../../../../../../../../../etc/passwd) to the web server (fuzzd/0.1.1) running the Maintenance Center on port TCP/8088.

7.8
2018-04-16 CVE-2018-10070 Mikrotik Resource Exhaustion vulnerability in Mikrotik Router Firmware 6.41.4

A vulnerability in MikroTik Version 6.41.4 could allow an unauthenticated remote attacker to exhaust all available CPU and all available RAM by sending a crafted FTP request on port 21 that begins with many '\0' characters, preventing the affected router from accepting new FTP connections.

7.8
2018-04-16 CVE-2018-10120 Debian
Libreoffice
Redhat
Canonical
Improper Validation of Array Index vulnerability in multiple products

The SwCTBWrapper::Read function in sw/source/filter/ww8/ww8toolbar.cxx in LibreOffice before 5.4.6.1 and 6.x before 6.0.2.1 does not validate a customizations index, which allows remote attackers to cause a denial of service (heap-based buffer overflow with write access) or possibly have unspecified other impact via a crafted document that contains a certain Microsoft Word record.

7.8
2018-04-16 CVE-2018-10119 Libreoffice
Debian
Redhat
Canonical
Use After Free vulnerability in multiple products

sot/source/sdstor/stgstrms.cxx in LibreOffice before 5.4.5.1 and 6.x before 6.0.1.1 uses an incorrect integer data type in the StgSmallStrm class, which allows remote attackers to cause a denial of service (use-after-free with write access) or possibly have unspecified other impact via a crafted document that uses the structured storage ole2 wrapper file format.

7.8
2018-04-19 CVE-2018-2811 Oracle
Redhat
Schneider Electric
Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Install).
7.7
2018-04-19 CVE-2018-2794 Oracle
Redhat
Debian
Canonical
HP
Schneider Electric
Vulnerability in the Java SE, JRockit component of Oracle Java SE (subcomponent: Security).
7.7
2018-04-19 CVE-2018-8118 Microsoft Out-of-bounds Write vulnerability in Microsoft Internet Explorer 10/11

A remote code execution vulnerability exists when Internet Explorer improperly accesses objects in memory, aka "Internet Explorer Memory Corruption Vulnerability." This affects Internet Explorer 11, Internet Explorer 10.

7.6
2018-04-22 CVE-2017-17902 Kliqqi SQL Injection vulnerability in Kliqqi CMS 3.5.2

SQL Injection exists in Kliqqi CMS 3.5.2 via the randkey parameter of a new story at the pligg/story.php?title= URI.

7.5
2018-04-22 CVE-2018-10285 Ericssonlg Incorrect Permission Assignment for Critical Resource vulnerability in Ericssonlg Ipecs NMS A.1Ac

The Ericsson-LG iPECS NMS A.1Ac web application uses incorrect access control mechanisms.

7.5
2018-04-21 CVE-2018-10284 Adaltech SQL Injection vulnerability in Adaltech G-Ticket 70

Adaltech G-Ticket v70 EME104 has SQL Injection via the mobile-loja/mensagem.asp eve_cod parameter.

7.5
2018-04-21 CVE-2018-10283 Cliquemania SQL Injection vulnerability in Cliquemania Loja Virtual 14

CliqueMania loja virtual 14 has SQL Injection via the patch/remote.php id parameter in a recomendar action.

7.5
2018-04-20 CVE-2018-9059 Sharing File Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Sharing-File Easy File Sharing web Server 7.2

Stack-based buffer overflow in Easy File Sharing (EFS) Web Server 7.2 allows remote attackers to execute arbitrary code via a malicious login request to forum.ghp.

7.5
2018-04-20 CVE-2018-8826 Asus Improper Input Validation vulnerability in Asus products

ASUS RT-AC51U, RT-AC58U, RT-AC66U, RT-AC1750, RT-ACRH13, and RT-N12 D1 routers with firmware before 3.0.0.4.380.8228; RT-AC52U B1, RT-AC1200 and RT-N600 routers with firmware before 3.0.0.4.380.10446; RT-AC55U and RT-AC55UHP routers with firmware before 3.0.0.4.382.50276; RT-AC86U and RT-AC2900 routers with firmware before 3.0.0.4.384.20648; and possibly other RT-series routers allow remote attackers to execute arbitrary code via unspecified vectors.

7.5
2018-04-20 CVE-2014-10073 Wpitchoune
Debian
Path Traversal vulnerability in multiple products

The create_response function in server/server.c in Psensor before 1.1.4 allows Directory Traversal because it lacks a check for whether a file is under the webserver directory.

7.5
2018-04-20 CVE-2018-10238 Bacnet Protocol Stack Project Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Bacnet Protocol Stack Project Bacnet Protocol Stack 0.8.5

bvlc.c in skarg BACnet Protocol Stack bacserv 0.9.1 and 0.8.5 is affected by a Buffer Overflow because of a lack of packet-size validation.

7.5
2018-04-19 CVE-2017-3774 Lenovo
IBM
Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Lenovo Integrated Management Module 2

A stack overflow vulnerability was discovered within the web administration service in Integrated Management Module 2 (IMM2) earlier than version 4.70 used in some Lenovo servers and earlier than version 6.60 used in some IBM servers.

7.5
2018-04-19 CVE-2018-1145 Belkin Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Belkin N750 Firmware 1.10.22

A remote unauthenticated user can overflow a stack buffer in the Belkin N750 using firmware version 1.10.22 by sending a crafted HTTP request to proxy.cgi.

7.5
2018-04-19 CVE-2018-10225 Thinkphp SQL Injection vulnerability in Thinkphp 3.1.3

thinkphp 3.1.3 has SQL Injection via the index.php s parameter.

7.5
2018-04-19 CVE-2018-2850 Oracle Unspecified vulnerability in Oracle Hospitality Cruise Fleet Management 9.0/9.0.2.0/9.0.4.0

Vulnerability in the Oracle Hospitality Cruise Fleet Management System component of Oracle Hospitality Applications (subcomponent: Fleet Management System Suite).

7.5
2018-04-19 CVE-2018-2829 Oracle Unspecified vulnerability in Oracle Hospitality Simphony 2.10

Vulnerability in the Oracle Hospitality Simphony component of Oracle Hospitality Applications (subcomponent: Enterprise Management Console).

7.5
2018-04-19 CVE-2018-2774 Oracle Unspecified vulnerability in Oracle Peoplesoft Enterprise Peopletools 8.54/8.55/8.56

Vulnerability in the PeopleSoft Enterprise PT PeopleTools component of Oracle PeopleSoft Products (subcomponent: SQR).

7.5
2018-04-19 CVE-2018-2742 Oracle Unspecified vulnerability in Oracle Enterprise Manager OPS Center 12.2.2/12.3.3

Vulnerability in the Enterprise Manager Ops Center component of Oracle Enterprise Manager Products Suite (subcomponent: Framework).

7.5
2018-04-18 CVE-2018-7762 Schneider Electric Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Schneider-Electric products

A vulnerability exists in the web services to process SOAP requests in Schneider Electric's Modicon M340, Modicon Premium, Modicon Quantum PLC, BMXNOR0200 which could allow result in a buffer overflow.

7.5
2018-04-18 CVE-2018-7759 Schneider Electric Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Schneider-Electric products

A buffer overflow vulnerability exists in Schneider Electric's Modicon M340, Modicon Premium, Modicon Quantum PLC, BMXNOR0200.

7.5
2018-04-18 CVE-2018-10199 Mruby Use After Free vulnerability in Mruby

In versions of mruby up to and including 1.4.0, a use-after-free vulnerability exists in src/io.c::File#initilialize_copy().

7.5
2018-04-18 CVE-2016-10456 Qualcomm Improper Input Validation vulnerability in Qualcomm products

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9607, MDM9615, MDM9635M, MDM9640, MDM9650, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 600, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 835, and SDX20, if radish is executed with an interface name set to an invalid interface name, an arbitrary command of 15 characters or less may be executed as a system call.

7.5
2018-04-18 CVE-2016-10448 Qualcomm Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Qualcomm products

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 835, SD 845, SD 850, and SDX20, a simultaneous command post for addSA or updateSA on same SA leads to memory corruption.

7.5
2018-04-18 CVE-2016-10430 Qualcomm Information Exposure vulnerability in Qualcomm products

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile and Snapdragon Mobile SD 425, SD 430, SD 450, SD 625, SD 650/52, SD 820, and SD 820A, when executing a TA which has been granted privileges to the CPVC MINK class it is possible for the TA to access methods exposed by the CPVC interface.

7.5
2018-04-18 CVE-2016-10422 Qualcomm Improper Access Control vulnerability in Qualcomm products

In Android before 2018-04-05 or earlier security patch level on Qualcomm Small Cell SoC, Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear FSM9055, IPQ4019, MDM9206, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 820A, SD 835, SD 845, SD 850, and SDX20, improper access control in system call leads to unauthorized access.

7.5
2018-04-18 CVE-2016-10412 Qualcomm Integer Overflow or Wraparound vulnerability in Qualcomm products

In Android before 2018-04-05 or earlier security patch level on Qualcomm Small Cell SoC, Snapdragon Mobile, and Snapdragon Wear FSM9055, MDM9206, MDM9607, MDM9615, MDM9635M, MDM9640, MDM9650, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 600, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 835, and SDX20, an integer overflow leading to buffer overflow can potentially occur in a memory API function.

7.5
2018-04-18 CVE-2018-8092 Mautic Improper Neutralization of Formula Elements in a CSV File vulnerability in Mautic

Mautic before 2.13.0 allows CSV injection.

7.5
2018-04-18 CVE-2018-5341 Zohocorp Improper Input Validation vulnerability in Zohocorp Manageengine Desktop Central 10.0.124/10.0.184

An issue was discovered in Zoho ManageEngine Desktop Central 10.0.124 and 10.0.184: a missing server-side check on the file type/extension when uploading and modifying scripts.

7.5
2018-04-18 CVE-2018-5339 Zohocorp Missing Authentication for Critical Function vulnerability in Zohocorp Manageengine Desktop Central 10.0.124/10.0.184

An issue was discovered in Zoho ManageEngine Desktop Central 10.0.124 and 10.0.184: insufficient enforcement of database query type restrictions.

7.5
2018-04-18 CVE-2018-5338 Zohocorp Missing Authentication for Critical Function vulnerability in Zohocorp Manageengine Desktop Central 10.0.124/10.0.184

An issue was discovered in Zoho ManageEngine Desktop Central 10.0.124 and 10.0.184: missing authentication/authorization for a database query mechanism.

7.5
2018-04-18 CVE-2018-5337 Zohocorp Path Traversal vulnerability in Zohocorp Manageengine Desktop Central 10.0.124/10.0.184

An issue was discovered in Zoho ManageEngine Desktop Central 10.0.124 and 10.0.184: directory traversal in the SCRIPT_NAME field when modifying existing scripts.

7.5
2018-04-18 CVE-2018-8734 Nagios SQL Injection vulnerability in Nagios XI

SQL injection vulnerability in the core config manager in Nagios XI 5.2.x through 5.4.x before 5.4.13 allows an attacker to execute arbitrary SQL commands via the selInfoKey1 parameter.

7.5
2018-04-18 CVE-2018-8733 Nagios SQL Injection vulnerability in Nagios XI

Authentication bypass vulnerability in the core config manager in Nagios XI 5.2.x through 5.4.x before 5.4.13 allows an unauthenticated attacker to make configuration changes and leverage an authenticated SQL injection vulnerability.

7.5
2018-04-17 CVE-2018-10191 Mruby
Debian
Integer Overflow or Wraparound vulnerability in multiple products

In versions of mruby up to and including 1.4.0, an integer overflow exists in src/vm.c::mrb_vm_exec() when handling OP_GETUPVAR in the presence of deep scope nesting, resulting in a use-after-free.

7.5
2018-04-17 CVE-2018-6913 Debian
Perl
Canonical
Out-of-bounds Write vulnerability in multiple products

Heap-based buffer overflow in the pack function in Perl before 5.26.2 allows context-dependent attackers to execute arbitrary code via a large item count.

7.5
2018-04-17 CVE-2018-6797 Debian
Perl
Canonical
Redhat
Out-of-bounds Write vulnerability in multiple products

An issue was discovered in Perl 5.18 through 5.26.

7.5
2018-04-17 CVE-2014-2294 Openwebanalytics Injection vulnerability in Openwebanalytics Open web Analytics

Open Web Analytics (OWA) before 1.5.7 allows remote attackers to conduct PHP object injection attacks via a crafted serialized object in the owa_event parameter to queue.php.

7.5
2018-04-16 CVE-2018-10133 Pbootcms Code Injection vulnerability in Pbootcms 0.9.8

PbootCMS v0.9.8 allows PHP code injection via an IF label in index.php/About/6.html or admin.php/Site/index.html, related to the parserIfLabel function in \apps\home\controller\ParserController.php.

7.5
2018-04-19 CVE-2018-2783 Oracle
Redhat
Canonical
HP
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Security).
7.4
2018-04-19 CVE-2018-0275 Cisco Unspecified vulnerability in Cisco Identity Services Engine

A vulnerability in the support tunnel feature of Cisco Identity Services Engine (ISE) could allow an authenticated, local attacker to access the device's shell.

7.2
2018-04-18 CVE-2016-10451 Qualcomm Permissions, Privileges, and Access Controls vulnerability in Qualcomm products

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9607, MDM9635M, MDM9640, MDM9650, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 835, and SDX20, privilege escalation may occur due to inherently insecure treatment of local files.

7.2
2018-04-18 CVE-2015-9217 Qualcomm Unspecified vulnerability in Qualcomm products

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 450, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 835, SD 845, SDM630, SDM636, SDM660, and Snapdragon_High_Med_2016, certain malformed HVEC clips could cause an assertion to fail.

7.2
2018-04-17 CVE-2018-10190 Londontrustmedia Improper Privilege Management vulnerability in Londontrustmedia Private Internet Access 77

A vulnerability in London Trust Media Private Internet Access (PIA) VPN Client v77 for Windows could allow an unauthenticated, local attacker to run executable files with elevated privileges.

7.2
2018-04-19 CVE-2018-7899 Huawei Double Free vulnerability in Huawei Berkeley-Al20 Firmware and Berkeley-Bd Firmware

The Mali Driver of Huawei Berkeley-AL20 and Berkeley-BD smart phones with software Berkeley-AL20 8.0.0.105(C00), 8.0.0.111(C00), 8.0.0.112D(C00), 8.0.0.116(C00), 8.0.0.119(C00), 8.0.0.119D(C00), 8.0.0.122(C00), 8.0.0.132(C00), 8.0.0.132D(C00), 8.0.0.142(C00), 8.0.0.151(C00), Berkeley-BD 1.0.0.21, 1.0.0.22, 1.0.0.23, 1.0.0.24, 1.0.0.26, 1.0.0.29 has a double free vulnerability.

7.1
2018-04-19 CVE-2017-17313 Huawei Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Huawei P9 Lite Firmware

The inputhub driver of HUAWEI P9 Lite mobile phones with Versions earlier than VNS-L21C02B341, Versions earlier than VNS-L21C22B380, Versions earlier than VNS-L31C02B341, Versions earlier than VNS-L31C440B390, Versions earlier than VNS-L31C636B396 has a buffer overflow vulnerability due to the lack of parameter validation.

7.1
2018-04-18 CVE-2016-10420 Qualcomm Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Qualcomm products

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9607, MDM9650, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 600, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 835, and SDX20, while playing back a .flv clip which doesn't have an inbuilt seek table, a dynamic index table access is out of bounds and leads to crash.

7.1

300 Medium Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2018-04-16 CVE-2016-9093 Symantec Improper Input Validation vulnerability in Symantec Endpoint Protection

A version of the SymEvent Driver that shipped with Symantec Endpoint Protection 12.1 RU6 MP6 and earlier fails to properly sanitize logged-in user input.

6.9
2018-04-22 CVE-2018-10295 Chemcms Project Cross-Site Request Forgery (CSRF) vulnerability in Chemcms Project Chemcms 1.0.6

ChemCMS v1.0.6 has CSRF by using public/admin/user/addpost.html to add an administrator account.

6.8
2018-04-22 CVE-2018-10266 Beescms Cross-Site Request Forgery (CSRF) vulnerability in Beescms 4.0

BEESCMS 4.0 has a CSRF vulnerability to add an administrator account via the admin/admin_admin.php?nav=list_admin_user&admin_p_nav=user URI.

6.8
2018-04-22 CVE-2018-10265 Hongcms Project Cross-Site Request Forgery (CSRF) vulnerability in Hongcms Project Hongcms 3.0.0

An issue was discovered in HongCMS v3.0.0.

6.8
2018-04-21 CVE-2018-10254 Nasm Out-of-bounds Read vulnerability in Nasm Netwide Assembler 2.13

Netwide Assembler (NASM) 2.13 has a stack-based buffer over-read in the disasm function of the disasm/disasm.c file.

6.8
2018-04-20 CVE-2017-2825 Zabbix
Debian
Man in the Middle Security Bypass vulnerability in Zabbix Proxy Server

In the trapper functionality of Zabbix Server 2.4.x, specifically crafted trapper packets can pass database logic checks, resulting in database writes.

6.8
2018-04-20 CVE-2018-10249 Baijiacms Project Cross-Site Request Forgery (CSRF) vulnerability in Baijiacms Project Baijiacms 3.0

baijiacms V3 has CSRF via index.php?mod=site&op=edituser&name=manager&do=user to add an administrator account.

6.8
2018-04-19 CVE-2018-0259 Cisco Cross-Site Request Forgery (CSRF) vulnerability in Cisco Mate Collector 7.1

A vulnerability in the web-based management interface of Cisco MATE Collector could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack and perform arbitrary actions on an affected device.

6.8
2018-04-19 CVE-2018-0255 Cisco Cross-Site Request Forgery (CSRF) vulnerability in Cisco IOS 15.2(5)E

A vulnerability in the device manager web interface of Cisco Industrial Ethernet Switches could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack against a user of an affected system.

6.8
2018-04-19 CVE-2018-10188 Phpmyadmin Cross-Site Request Forgery (CSRF) vulnerability in PHPmyadmin 4.8.0

phpMyAdmin 4.8.0 before 4.8.0-1 has CSRF, allowing an attacker to execute arbitrary SQL statements, related to js/db_operations.js, js/tbl_operations.js, libraries/classes/Operations.php, and sql.php.

6.8
2018-04-19 CVE-2018-6306 Kaspersky Untrusted Search Path vulnerability in Kaspersky Password Manager

Unauthorized code execution from specific DLL and is known as DLL Hijacking attack in Kaspersky Password Manager versions before 8.0.6.538.

6.8
2018-04-19 CVE-2018-10222 Icmsdev Cross-Site Request Forgery (CSRF) vulnerability in Icmsdev Icms 7.0

An issue was discovered in idreamsoft iCMS V7.0.

6.8
2018-04-19 CVE-2018-2879 Oracle Unspecified vulnerability in Oracle Access Manager 11.1.2.3.0/12.2.1.3.0

Vulnerability in the Oracle Access Manager component of Oracle Fusion Middleware (subcomponent: Authentication Engine).

6.8
2018-04-19 CVE-2018-2876 Oracle Unspecified vulnerability in Oracle Retail Integration BUS 13.2

Vulnerability in the Oracle Retail Integration Bus component of Oracle Retail Applications (subcomponent: RIB Kernal(Apache Commons Collections)).

6.8
2018-04-19 CVE-2018-2840 Oracle Unspecified vulnerability in Oracle Retail Xstore Point of Service

Vulnerability in the Oracle Retail Xstore Point of Service component of Oracle Retail Applications (subcomponent: Xstore Office).

6.8
2018-04-19 CVE-2018-2766 Oracle
Canonical
Mariadb
Debian
Netapp
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB).
6.8
2018-04-19 CVE-2018-2750 Oracle Unspecified vulnerability in Oracle Enterprise Manager Base Platform 12.1.0.5

Vulnerability in the Enterprise Manager Base Platform component of Oracle Enterprise Manager Products Suite (subcomponent: UI Framework).

6.8
2018-04-19 CVE-2018-1167 Spotify OS Command Injection vulnerability in Spotify 1.0.69.336

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Spotify Music Player 1.0.69.336.

6.8
2018-04-17 CVE-2018-10185 Tuzicms Cross-Site Request Forgery (CSRF) vulnerability in Tuzicms 2.0.6

An issue was discovered in TuziCMS v2.0.6.

6.8
2018-04-16 CVE-2016-9094 Symantec Improper Input Validation vulnerability in Symantec Endpoint Protection

Symantec Endpoint Protection clients place detected malware in quarantine as part of the intended product functionality.

6.8
2018-04-16 CVE-2018-10137 Iscripts Cross-Site Request Forgery (CSRF) vulnerability in Iscripts Uberforx 2.2

iScripts UberforX 2.2 has CSRF in the "manage_settings" section of the Admin Panel via the /cms?section=manage_settings&action=edit URI.

6.8
2018-04-16 CVE-2018-10132 Pbootcms Cross-Site Request Forgery (CSRF) vulnerability in Pbootcms 0.9.8

PbootCMS v0.9.8 has CSRF via an admin.php/Message/mod/id/19.html?backurl=/index.php request, resulting in PHP code injection in the recontent parameter.

6.8
2018-04-16 CVE-2018-10127 Xyhcms Project Cross-Site Request Forgery (CSRF) vulnerability in Xyhcms Project Xyhcms 3.5

An issue was discovered in XYHCMS 3.5.

6.8
2018-04-16 CVE-2018-10117 Icmsdev Cross-Site Request Forgery (CSRF) vulnerability in Icmsdev Icms 7.0.7

An issue was discovered in idreamsoft iCMS V7.0.7.

6.8
2018-04-16 CVE-2018-10114 Gegl Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Gegl 0.2.0

An issue was discovered in GEGL through 0.3.32.

6.8
2018-04-16 CVE-2018-10112 Gegl Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Gegl 0.2.0

An issue was discovered in GEGL through 0.3.32.

6.8
2018-04-21 CVE-2018-10126 Libtiff NULL Pointer Dereference vulnerability in Libtiff 4.0.9

ijg-libjpeg before 9d, as used in tiff2pdf (from LibTIFF) and other products, does not check for a NULL pointer at a certain place in jpeg_fdct_16x16 in jfdctint.c.

6.5
2018-04-20 CVE-2014-0900 Google Improper Input Validation vulnerability in Google Android

The Device Administrator code in Android before 4.4.1_r1 might allow attackers to spoof device administrators and consequently bypass MDM restrictions by leveraging failure to update the mAdminMap data structure.

6.5
2018-04-20 CVE-2018-6960 Vmware Improper Authentication vulnerability in VMWare Horizon Daas

VMware Horizon DaaS (7.x before 8.0.0) contains a broken authentication vulnerability that may allow an attacker to bypass two-factor authentication.

6.5
2018-04-19 CVE-2018-0229 Cisco Session Fixation vulnerability in Cisco products

A vulnerability in the implementation of Security Assertion Markup Language (SAML) Single Sign-On (SSO) authentication for Cisco AnyConnect Secure Mobility Client for Desktop Platforms, Cisco Adaptive Security Appliance (ASA) Software, and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to establish an authenticated AnyConnect session through an affected device running ASA or FTD Software.

6.5
2018-04-19 CVE-2018-10236 Poscms Code Injection vulnerability in Poscms 3.2.18

POSCMS 3.2.18 allows remote attackers to execute arbitrary PHP code via the diy\dayrui\controllers\admin\Syscontroller.php 'add' function because an attacker can control the value of $data['name'] with no restrictions, and this value is written to the FCPATH.$file file.

6.5
2018-04-19 CVE-2018-10235 Poscms Code Injection vulnerability in Poscms 3.2.10

POSCMS 3.2.10 allows remote attackers to execute arbitrary PHP code via the diy\module\member\controllers\admin\Setting.php 'index' function because an attacker can control the value of $cache['setting']['ucssocfg'] in diy\module\member\models\Member_model.php and write this code into the api/ucsso/config.php file.

6.5
2018-04-19 CVE-2018-2857 Oracle Unspecified vulnerability in Oracle SUN ZFS Storage Appliance KIT 8.7.13

Vulnerability in the Sun ZFS Storage Appliance Kit (AK) component of Oracle Sun Systems Products Suite (subcomponent: HTTP data path subsystems).

6.5
2018-04-19 CVE-2018-2772 Oracle Unspecified vulnerability in Oracle Peoplesoft Enterprise Peopletools 8.54/8.55/8.56

Vulnerability in the PeopleSoft Enterprise PeopleTools component of Oracle PeopleSoft Products (subcomponent: Rich Text Editor).

6.5
2018-04-18 CVE-2018-7240 Schneider Electric Out-of-bounds Write vulnerability in Schneider-Electric products

A vulnerability exists in Schneider Electric's Modicon Quantum in all versions of the communication modules which could allow arbitrary code execution.

6.5
2018-04-18 CVE-2018-5342 Zohocorp Incorrect Permission Assignment for Critical Resource vulnerability in Zohocorp Manageengine Desktop Central 10.0.124/10.0.184

An issue was discovered in Zoho ManageEngine Desktop Central 10.0.124 and 10.0.184: network services (Desktop Central and PostgreSQL) running with a superuser account.

6.5
2018-04-18 CVE-2018-5340 Zohocorp Unspecified vulnerability in Zohocorp Manageengine Desktop Central 10.0.124/10.0.184

An issue was discovered in Zoho ManageEngine Desktop Central 10.0.124 and 10.0.184: database access using a superuser account (specifically, an account with permission to write to the filesystem via SQL queries).

6.5
2018-04-17 CVE-2018-5429 Tibco Unspecified vulnerability in Tibco products

A vulnerability in the report scripting component of TIBCO Software Inc.'s TIBCO JasperReports Server, TIBCO JasperReports Server Community Edition, TIBCO JasperReports Server for ActiveMatrix BPM, TIBCO JasperReports Library, TIBCO JasperReports Library Community Edition, TIBCO JasperReports Library for ActiveMatrix BPM, TIBCO Jaspersoft for AWS with Multi-Tenancy, TIBCO Jaspersoft Reporting and Analytics for AWS, TIBCO Jaspersoft Studio, TIBCO Jaspersoft Studio Community Edition, and TIBCO Jaspersoft Studio for ActiveMatrix BPM may allow analytic reports that contain scripting to perform arbitrary code execution.

6.5
2018-04-16 CVE-2018-0530 Cybozu SQL Injection vulnerability in Cybozu Garoon

SQL injection vulnerability in the Cybozu Garoon 3.5.0 to 4.2.6 allows remote authenticated attackers to execute arbitrary SQL commands via unspecified vectors.

6.5
2018-04-16 CVE-2018-9153 Zblogcn Unrestricted Upload of File with Dangerous Type vulnerability in Zblogcn Z-Blogphp 1.5.1

The plugin upload component in Z-BlogPHP 1.5.1 allows remote attackers to execute arbitrary PHP code via the app_id parameter to zb_users/plugin/AppCentre/plugin_edit.php because of an unanchored regular expression, a different vulnerability than CVE-2018-8893.

6.5
2018-04-20 CVE-2014-0931 IBM XXE vulnerability in IBM Rational Clearcase

Multiple XML external entity (XXE) vulnerabilities in the (1) CCRC WAN Server / CM Server, (2) Perl CC/CQ integration trigger scripts, (3) CMAPI Java interface, (4) ClearCase remote client, and (5) CMI and OSLC-based ClearQuest integrations components in IBM Rational ClearCase 7.1.0.x, 7.1.1.x, 7.1.2 through 7.1.2.13, 8.0 through 8.0.0.10, and 8.0.1 through 8.0.1.3 allow remote attackers to cause a denial of service or access other servers via crafted XML data.

6.4
2018-04-19 CVE-2018-2871 Oracle Unspecified vulnerability in Oracle Human Resources

Vulnerability in the Oracle Human Resources component of Oracle E-Business Suite (subcomponent: General Utilities).

6.4
2018-04-19 CVE-2018-2870 Oracle Unspecified vulnerability in Oracle Human Resources

Vulnerability in the Oracle Human Resources component of Oracle E-Business Suite (subcomponent: General Utilities).

6.4
2018-04-19 CVE-2018-2861 Oracle Unspecified vulnerability in Oracle Retail Back Office 13.4.9/14.0.4/14.1.3

Vulnerability in the Oracle Retail Back Office component of Oracle Retail Applications (subcomponent: Security).

6.4
2018-04-19 CVE-2018-2738 Oracle Unspecified vulnerability in Oracle Retail Central Office 13.4.9/14.0.4/14.1.3

Vulnerability in the Oracle Retail Central Office component of Oracle Retail Applications (subcomponent: Security).

6.4
2018-04-19 CVE-2018-2737 Oracle Unspecified vulnerability in Oracle Retail Returns Management

Vulnerability in the Oracle Retail Returns Management component of Oracle Retail Applications (subcomponent: Security).

6.4
2018-04-18 CVE-2018-7245 Schneider Electric Incorrect Authorization vulnerability in Schneider-Electric 66074 MGE Network Management Card Transverse

An improper authorization vulnerability exists In Schneider Electric's 66074 MGE Network Management Card Transverse installed in MGE UPS and MGE STS.

6.4
2018-04-18 CVE-2016-10492 Qualcomm Improper Input Validation vulnerability in Qualcomm products

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9607, MDM9615, MDM9635M, MDM9640, MDM9645, MDM9650, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 835, SD 845, SD 850, and SDX20, improper ciphersuite validation leads SecSSL accept an unadvertised ciphersuite.

6.4
2018-04-20 CVE-2014-0883 IBM Cross-site Scripting vulnerability in IBM Power Hardware Management Console

IBM Power HMC 7.1.0 through 7.8.0 and 7.3.5 is vulnerable to cross-site scripting.

6.1
2018-04-19 CVE-2018-0251 Cisco Cross-site Scripting vulnerability in Cisco Adaptive Security Appliance Software 9.8(2.15)/9.9(1)

A vulnerability in the Web Server Authentication Required screen of the Clientless Secure Sockets Layer (SSL) VPN portal of Cisco Adaptive Security Appliance (ASA) Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of that portal on an affected device.

6.1
2018-04-19 CVE-2018-0242 Cisco Cross-site Scripting vulnerability in Cisco Adaptive Security Appliance Software

A vulnerability in the WebVPN web-based management interface of Cisco Adaptive Security Appliance could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device.

6.1
2018-04-19 CVE-2018-0241 Cisco Unspecified vulnerability in Cisco IOS XR

A vulnerability in the UDP broadcast forwarding function of Cisco IOS XR Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on the affected device.

6.1
2018-04-16 CVE-2018-10108 Dlink Cross-site Scripting vulnerability in Dlink Dir-815 Firmware

D-Link DIR-815 REV.

6.1
2018-04-16 CVE-2018-10107 Dlink Cross-site Scripting vulnerability in Dlink Dir-815 Firmware

D-Link DIR-815 REV.

6.1
2018-04-19 CVE-2018-0112 Cisco Improper Input Validation vulnerability in Cisco products

A vulnerability in Cisco WebEx Business Suite clients, Cisco WebEx Meetings, and Cisco WebEx Meetings Server could allow an authenticated, remote attacker to execute arbitrary code on a targeted system.

6.0
2018-04-19 CVE-2018-10224 Yzmcms Cross-Site Request Forgery (CSRF) vulnerability in Yzmcms 3.8

An issue was discovered in YzmCMS 3.8.

6.0
2018-04-19 CVE-2018-10223 Yzmcms Cross-Site Request Forgery (CSRF) vulnerability in Yzmcms 3.8

An issue was discovered in YzmCMS 3.8.

6.0
2018-04-19 CVE-2018-2841 Oracle Unspecified vulnerability in Oracle Database Server

Vulnerability in the Java VM component of Oracle Database Server.

6.0
2018-04-19 CVE-2018-2828 Oracle Unspecified vulnerability in Oracle Webcenter Content 11.1.1.9.0/12.2.1.2.0/12.2.1.3.0

Vulnerability in the Oracle WebCenter Content component of Oracle Fusion Middleware (subcomponent: Content Server).

6.0
2018-04-19 CVE-2018-2827 Oracle Unspecified vulnerability in Oracle Hospitality Suite8

Vulnerability in the Oracle Hospitality Suite8 component of Oracle Hospitality Applications (subcomponent: Profile).

6.0
2018-04-16 CVE-2018-0737 Openssl
Canonical
Use of a Broken or Risky Cryptographic Algorithm vulnerability in multiple products

The OpenSSL RSA Key generation algorithm has been shown to be vulnerable to a cache timing side channel attack.

5.9
2018-04-20 CVE-2018-10248 Wuzhicms Cross-Site Request Forgery (CSRF) vulnerability in Wuzhicms Wuzhi CMS 4.1.0

An issue was discovered in WUZHI CMS 4.1.0.

5.8
2018-04-20 CVE-2018-0564 Lockon Session Fixation vulnerability in Lockon Ec-Cube

Session fixation vulnerability in EC-CUBE (EC-CUBE 3.0.0, EC-CUBE 3.0.1, EC-CUBE 3.0.2, EC-CUBE 3.0.3, EC-CUBE 3..4, EC-CUBE 3.0.5, EC-CUBE 3.0.6, EC-CUBE 3.0.7, EC-CUBE 3.0.8, EC-CUBE 3.0.9, EC-CUBE 3.0.10, EC-CUBE 3.0.11, EC-CUBE 3.0.12, EC-CUBE 3.0.12-p1, EC-CUBE 3.0.13, EC-CUBE 3.0.14, EC-CUBE 3.0.15) allows remote attackers to perform arbitrary operations via unspecified vectors.

5.8
2018-04-19 CVE-2018-2878 Oracle Unspecified vulnerability in Oracle Peoplesoft Enterprise Human Capital Management Shared Components 9.2

Vulnerability in the PeopleSoft Enterprise HCM Shared Components component of Oracle PeopleSoft Products (subcomponent: Notepad).

5.8
2018-04-19 CVE-2018-2859 Oracle Unspecified vulnerability in Oracle Financial Services Basel Regulatory Capital Internal Ratings Based Approach 8.0.0.0.0

Vulnerability in the Oracle Financial Services Basel Regulatory Capital Internal Ratings Based Approach component of Oracle Financial Services Applications (subcomponent: Portfolio, Attribution).

5.8
2018-04-19 CVE-2018-2854 Oracle Unspecified vulnerability in Oracle Financial Services Basel Regulatory Capital Basic 8.0.0.0.0/8.0.2.0.0

Vulnerability in the Oracle Financial Services Basel Regulatory Capital Basic component of Oracle Financial Services Applications (subcomponent: Portfolio, Attribution).

5.8
2018-04-19 CVE-2018-2838 Oracle Unspecified vulnerability in Oracle Peoplesoft Enterprise Prtl Interaction HUB 9.1

Vulnerability in the PeopleSoft Enterprise PRTL Interaction Hub component of Oracle PeopleSoft Products (subcomponent: EPPCM_HIER_TOP).

5.8
2018-04-19 CVE-2018-2821 Oracle Unspecified vulnerability in Oracle Peoplesoft Enterprise Peopletools 8.54/8.55/8.56

Vulnerability in the PeopleSoft Enterprise PeopleTools component of Oracle PeopleSoft Products (subcomponent: Rich Text Editor).

5.8
2018-04-19 CVE-2018-2807 Oracle Unspecified vulnerability in Oracle Flexcube Core Banking 11.5.0/11.6.0/11.7.0

Vulnerability in the Oracle FLEXCUBE Core Banking component of Oracle Financial Services Applications (subcomponent: Securities).

5.8
2018-04-19 CVE-2018-2806 Oracle Unspecified vulnerability in Oracle Outside in Technology 8.5.3

Vulnerability in the Oracle Outside In Technology component of Oracle Fusion Middleware (subcomponent: Outside In Filters).

5.8
2018-04-19 CVE-2018-2804 Oracle Unspecified vulnerability in Oracle E-Business Suite

Vulnerability in the Oracle Application Object Library component of Oracle E-Business Suite (subcomponent: DB Privileges).

5.8
2018-04-19 CVE-2018-2801 Oracle Unspecified vulnerability in Oracle Outside in Technology 8.5.3

Vulnerability in the Oracle Outside In Technology component of Oracle Fusion Middleware (subcomponent: Outside In Image Export SDK).

5.8
2018-04-19 CVE-2018-2791 Oracle Unspecified vulnerability in Oracle Webcenter Sites 11.1.1.8.0/12.2.1.2.0/12.2.1.3.0

Vulnerability in the Oracle WebCenter Sites component of Oracle Fusion Middleware (subcomponent: Advanced UI).

5.8
2018-04-19 CVE-2018-2788 Oracle Unspecified vulnerability in Oracle Peoplesoft Enterprise Peopletools 8.55/8.56

Vulnerability in the PeopleSoft Enterprise PeopleTools component of Oracle PeopleSoft Products (subcomponent: Fluid Core).

5.8
2018-04-19 CVE-2018-2768 Oracle Unspecified vulnerability in Oracle Outside in Technology 8.5.3

Vulnerability in the Oracle Outside In Technology component of Oracle Fusion Middleware (subcomponent: Outside In Filters).

5.8
2018-04-19 CVE-2018-2748 Oracle Unspecified vulnerability in Oracle products

Vulnerability in the Oracle Banking Corporate Lending component of Oracle Financial Services Applications (subcomponent: Core module).

5.8
2018-04-19 CVE-2018-2739 Oracle Unspecified vulnerability in Oracle Access Manager 10.1.4.3.0/11.1.2.3.0/12.2.1.3.0

Vulnerability in the Oracle Access Manager component of Oracle Fusion Middleware (subcomponent: Web Server Plugin).

5.8
2018-04-19 CVE-2018-2587 Oracle Unspecified vulnerability in Oracle Access Manager and Adaptive Access Manager

Vulnerability in the Oracle Access Manager component of Oracle Fusion Middleware (subcomponent: Web Server Plugin).

5.8
2018-04-19 CVE-2018-2572 Oracle Unspecified vulnerability in Oracle Agile Product Lifecycle Management for Process 6.1.1.6/6.2.0.0/6.2.1.0

Vulnerability in the Oracle Agile Product Lifecycle Management for Process component of Oracle Supply Chain Products Suite (subcomponent: Installation).

5.8
2018-04-17 CVE-2017-2871 Foscam Improper Authentication vulnerability in Foscam C1 Firmware 2.52.2.43

Insufficient security checks exist in the recovery procedure used by the Foscam C1 Indoor HD Camera running application firmware 2.52.2.43.

5.8
2018-04-16 CVE-2018-10101 Wordpress
Debian
Open Redirect vulnerability in Wordpress

Before WordPress 4.9.5, the URL validator assumed URLs with the hostname localhost were on the same host as the WordPress server.

5.8
2018-04-16 CVE-2018-10100 Wordpress
Debian
Open Redirect vulnerability in Wordpress

Before WordPress 4.9.5, the redirection URL for the login page was not validated or sanitized if forced to use HTTPS.

5.8
2018-04-22 CVE-2018-10289 Artifex
Debian
Infinite Loop vulnerability in multiple products

In MuPDF 1.13.0, there is an infinite loop in the fz_skip_space function of the pdf/pdf-xref.c file.

5.5
2018-04-20 CVE-2014-0950 IBM XXE vulnerability in IBM Rational Clearquest

Multiple XML external entity (XXE) vulnerabilities in (1) CQWeb / CM Server, (2) ClearQuest Native client, (3) ClearQuest Eclipse client, and (4) ClearQuest Eclipse Designer components in IBM Rational ClearQuest 7.1.1 through 7.1.1.9, 7.1.2 through 7.1.2.13, 8.0.0 through 8.0.0.10, and 8.0.1 through 8.0.1.3 allow remote attackers to cause a denial of service or access other servers via crafted XML data.

5.5
2018-04-19 CVE-2018-2862 Oracle Unspecified vulnerability in Oracle Retail Point-Of-Service

Vulnerability in the Oracle Retail Point-of-Service component of Oracle Retail Applications (subcomponent: User Interface).

5.5
2018-04-19 CVE-2018-2856 Oracle Unspecified vulnerability in Oracle Financial Services Basel Regulatory Capital Internal Ratings Based Approach 8.0.0.0.0

Vulnerability in the Oracle Financial Services Basel Regulatory Capital Internal Ratings Based Approach component of Oracle Financial Services Applications (subcomponent: Portfolio, Attribution).

5.5
2018-04-19 CVE-2018-2855 Oracle Unspecified vulnerability in Oracle Financial Services Basel Regulatory Capital Basic 8.0.0.0.0/8.0.2.0.0

Vulnerability in the Oracle Financial Services Basel Regulatory Capital Basic component of Oracle Financial Services Applications (subcomponent: Portfolio, Attribution).

5.5
2018-04-19 CVE-2018-2853 Oracle Unspecified vulnerability in Oracle Hospitality Simphony 1.6/1.7

Vulnerability in the Oracle Hospitality Simphony First Edition component of Oracle Hospitality Applications (subcomponent: Operations, Client Application Loader).

5.5
2018-04-19 CVE-2018-2852 Oracle Unspecified vulnerability in Oracle Hospitality Guest Access 4.2.0/4.2.1

Vulnerability in the Oracle Hospitality Guest Access component of Oracle Hospitality Applications (subcomponent: Base).

5.5
2018-04-19 CVE-2018-2851 Oracle Unspecified vulnerability in Oracle Hospitality Simphony 1.6/1.7

Vulnerability in the Oracle Hospitality Simphony First Edition component of Oracle Hospitality Applications (subcomponent: Enterprise Management Console).

5.5
2018-04-19 CVE-2018-2833 Oracle Unspecified vulnerability in Oracle Hospitality Simphony

Vulnerability in the Oracle Hospitality Simphony component of Oracle Hospitality Applications (subcomponent: Enterprise Management Console).

5.5
2018-04-19 CVE-2018-2812 Oracle
Canonical
Netapp
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer).
5.5
2018-04-19 CVE-2018-2803 Oracle Unspecified vulnerability in Oracle Hospitality Reporting and Analytics 9.0

Vulnerability in the Oracle Hospitality Reporting and Analytics component of Oracle Hospitality Applications (subcomponent: Report).

5.5
2018-04-19 CVE-2018-2802 Oracle Unspecified vulnerability in Oracle Hospitality Simphony 2.8/2.9

Vulnerability in the Oracle Hospitality Simphony component of Oracle Hospitality Applications (subcomponent: Client Application Loader).

5.5
2018-04-19 CVE-2018-2792 Oracle Unspecified vulnerability in Oracle Hardware Management Pack

Vulnerability in the Hardware Management Pack component of Oracle Sun Systems Products Suite (subcomponent: Ipmitool).

5.5
2018-04-19 CVE-2018-2787 Oracle
Canonical
Mariadb
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB).
5.5
2018-04-19 CVE-2018-2786 Oracle
Canonical
Mariadb
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB).
5.5
2018-04-19 CVE-2018-2746 Oracle Unspecified vulnerability in Oracle products

Vulnerability in the Oracle Banking Corporate Lending component of Oracle Financial Services Applications (subcomponent: Core module).

5.5
2018-04-19 CVE-2018-2815 Oracle
Redhat
Debian
Canonical
Schneider Electric
HP
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Serialization).
5.3
2018-04-19 CVE-2018-2799 Oracle
Redhat
Debian
Canonical
HP
Schneider Electric
Apache
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JAXP).
5.3
2018-04-19 CVE-2018-2798 Oracle
Redhat
Debian
Canonical
HP
Schneider Electric
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: AWT).
5.3
2018-04-19 CVE-2018-2797 Oracle
Redhat
Debian
Canonical
HP
Schneider Electric
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JMX).
5.3
2018-04-19 CVE-2018-2796 Oracle
Redhat
Debian
Canonical
HP
Schneider Electric
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Concurrency).
5.3
2018-04-19 CVE-2018-2795 Oracle
Redhat
Debian
Canonical
HP
Schneider Electric
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Security).
5.3
2018-04-16 CVE-2017-6323 Symantec XXE vulnerability in Symantec Management Console 7.6/8.0

The Symantec Management Console prior to ITMS 8.1 RU1, ITMS 8.0_POST_HF6, and ITMS 7.6_POST_HF7 has an issue whereby XML input containing a reference to an external entity is processed by a weakly configured XML parser.

5.2
2018-04-21 CVE-2018-10253 Paessler Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Paessler Prtg Network Monitor

Paessler PRTG Network Monitor before 18.1.39.1648 mishandles stack memory during unspecified API calls.

5.0
2018-04-20 CVE-2014-0912 IBM Information Exposure vulnerability in IBM Sterling B2B Integrator and Sterling File Gateway

IBM Sterling B2B Integrator 5.1 and 5.2 and Sterling File Gateway 2.1 and 2.2 allow remote attackers to obtain sensitive product information via vectors related to an error page.

5.0
2018-04-20 CVE-2018-10245 Awstats Information Exposure vulnerability in Awstats

A Full Path Disclosure vulnerability in AWStats through 7.6 allows remote attackers to know where the config file is allocated, obtaining the full path of the server, a similar issue to CVE-2006-3682.

5.0
2018-04-20 CVE-2018-10201 Ncomputing Path Traversal vulnerability in Ncomputing Vspace PRO 10/11

An issue was discovered in NcMonitorServer.exe in NC Monitor Server in NComputing vSpace Pro 10 and 11.

5.0
2018-04-19 CVE-2018-0273 Cisco Unspecified vulnerability in Cisco Staros

A vulnerability in the IPsec Manager of Cisco StarOS for Cisco Aggregation Services Router (ASR) 5000 Series Routers and Virtualized Packet Core (VPC) System Software could allow an unauthenticated, remote attacker to terminate all active IPsec VPN tunnels and prevent new tunnels from being established, resulting in a denial of service (DoS) condition.

5.0
2018-04-19 CVE-2018-0260 Cisco Improper Input Validation vulnerability in Cisco Mate Live 1.3

A vulnerability in the web interface of Cisco MATE Live could allow an unauthenticated, remote attacker to view and download the contents of certain web application virtual directories.

5.0
2018-04-19 CVE-2018-0256 Cisco Improper Input Validation vulnerability in Cisco ASR 5000 Series Software 20.3.0.66671/P2P2.16.879

A vulnerability in the peer-to-peer message processing functionality of Cisco Packet Data Network Gateway could allow an unauthenticated, remote attacker to cause the Session Manager (SESSMGR) process on an affected device to restart, resulting in a denial of service (DoS) condition.

5.0
2018-04-19 CVE-2018-0254 Cisco Protection Mechanism Failure vulnerability in Cisco Firepower Threat Defense

A vulnerability in the detection engine of Cisco Firepower System Software could allow an unauthenticated, remote attacker to bypass configured file action policies if an Intelligent Application Bypass (IAB) with a drop percentage threshold is also configured.

5.0
2018-04-19 CVE-2018-0244 Cisco Protection Mechanism Failure vulnerability in Cisco Firepower Threat Defense

A vulnerability in the detection engine of Cisco Firepower System Software could allow an unauthenticated, remote attacker to bypass a configured file action policy to drop the Server Message Block (SMB) protocol if a malware file is detected.

5.0
2018-04-19 CVE-2018-0243 Cisco Protection Mechanism Failure vulnerability in Cisco Firepower Threat Defense

A vulnerability in the detection engine of Cisco Firepower System Software could allow an unauthenticated, remote attacker to bypass a configured file action policy that is intended to drop the Server Message Block Version 2 (SMB2) and SMB Version 3 (SMB3) protocols if malware is detected.

5.0
2018-04-19 CVE-2018-0239 Cisco Allocation of Resources Without Limits or Throttling vulnerability in Cisco Staros

A vulnerability in the egress packet processing functionality of the Cisco StarOS operating system for Cisco Aggregation Services Router (ASR) 5700 Series devices and Virtualized Packet Core (VPC) System Software could allow an unauthenticated, remote attacker to cause an interface on the device to cease forwarding packets.

5.0
2018-04-19 CVE-2018-0237 Cisco Use of Incorrectly-Resolved Name or Reference vulnerability in Cisco Advanced Malware Protection FOR Endpoints 1.4(5)

A vulnerability in the file type detection mechanism of the Cisco Advanced Malware Protection (AMP) for Endpoints macOS Connector could allow an unauthenticated, remote attacker to bypass malware detection.

5.0
2018-04-19 CVE-2018-0227 Cisco Improper Certificate Validation vulnerability in Cisco products

A vulnerability in the Secure Sockets Layer (SSL) Virtual Private Network (VPN) Client Certificate Authentication feature for Cisco Adaptive Security Appliance (ASA) could allow an unauthenticated, remote attacker to establish an SSL VPN connection and bypass certain SSL certificate verification steps.

5.0
2018-04-19 CVE-2018-7920 Huawei Resource Exhaustion vulnerability in Huawei products

Huawei AR1200 V200R006C10SPC300, AR160 V200R006C10SPC300, AR200 V200R006C10SPC300, AR2200 V200R006C10SPC300, AR3200 V200R006C10SPC300 devices have an improper resource management vulnerability.

5.0
2018-04-19 CVE-2017-3776 Lenovo Information Exposure vulnerability in Lenovo Help

Lenovo Help Android mobile app versions earlier than 6.1.2.0327 allowed information to be transmitted over an HTTP channel, permitting others observing the channel to potentially see this information.

5.0
2018-04-19 CVE-2017-17310 Huawei Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Huawei products

Electronic Numbers to URI Mapping (ENUM) module in some Huawei products DP300 V500R002C00, RP200 V600R006C00, TE30 V100R001C10, V500R002C00, V600R006C00, TE40 V500R002C00, V600R006C00, TE50 V500R002C00, V600R006C00, TE60 V100R001C10, V500R002C00, V600R006C00 have a buffer error vulnerability.

5.0
2018-04-19 CVE-2018-1146 Belkin Unspecified vulnerability in Belkin N750 Firmware 1.10.22

A remote unauthenticated user can enable telnet on the Belkin N750 using firmware version 1.10.22 by sending a crafted HTTP request to set.cgi.

5.0
2018-04-19 CVE-2018-10219 Baijiacms Project Information Exposure vulnerability in Baijiacms Project Baijiacms 3.0

baijiacms V3 has physical path leakage via an index.php?mod=mobile&name=member&do=index request.

5.0
2018-04-19 CVE-2018-10205 Hyper Missing Release of Resource after Effective Lifetime vulnerability in Hyper Hyperstart 1.0.0

hyperstart 1.0.0 in HyperHQ Hyper has memory leaks in the container_setup_modules and hyper_rescan_scsi functions in container.c, related to runV 1.0.0 for Docker.

5.0
2018-04-19 CVE-2018-2873 Oracle Unspecified vulnerability in Oracle E-Business Suite

Vulnerability in the Oracle General Ledger component of Oracle E-Business Suite (subcomponent: Account Hierarchy Manager).

5.0
2018-04-19 CVE-2018-2872 Oracle Unspecified vulnerability in Oracle E-Business Suite

Vulnerability in the Oracle General Ledger component of Oracle E-Business Suite (subcomponent: Account Hierarchy Manager).

5.0
2018-04-19 CVE-2018-2869 Oracle Unspecified vulnerability in Oracle Human Resources

Vulnerability in the Oracle Human Resources component of Oracle E-Business Suite (subcomponent: General Utilities).

5.0
2018-04-19 CVE-2018-2868 Oracle Unspecified vulnerability in Oracle Human Resources

Vulnerability in the Oracle Human Resources component of Oracle E-Business Suite (subcomponent: General Utilities).

5.0
2018-04-19 CVE-2018-2867 Oracle Unspecified vulnerability in Oracle E-Business Suite

Vulnerability in the Oracle Application Object Library component of Oracle E-Business Suite (subcomponent: Diagnostics).

5.0
2018-04-19 CVE-2018-2866 Oracle Unspecified vulnerability in Oracle E-Business Suite

Vulnerability in the Oracle General Ledger component of Oracle E-Business Suite (subcomponent: Consolidation Hierarchy Viewer).

5.0
2018-04-19 CVE-2018-2865 Oracle Unspecified vulnerability in Oracle E-Business Suite

Vulnerability in the Oracle General Ledger component of Oracle E-Business Suite (subcomponent: Consolidation Hierarchy Viewer).

5.0
2018-04-19 CVE-2018-2864 Oracle Unspecified vulnerability in Oracle E-Business Suite

Vulnerability in the Oracle Application Object Library component of Oracle E-Business Suite (subcomponent: Diagnostics).

5.0
2018-04-19 CVE-2018-2858 Oracle Unspecified vulnerability in Oracle SUN ZFS Storage Appliance KIT 8.7.13

Vulnerability in the Sun ZFS Storage Appliance Kit (AK) component of Oracle Sun Systems Products Suite (subcomponent: HTTP data path subsystems).

5.0
2018-04-19 CVE-2018-2848 Oracle Unspecified vulnerability in Oracle Hospitality Simphony 1.6/1.7

Vulnerability in the Oracle Hospitality Simphony First Edition component of Oracle Hospitality Applications (subcomponent: Client Application Loader).

5.0
2018-04-19 CVE-2018-2832 Oracle Unspecified vulnerability in Oracle Goldengate 12.2.0.1

Vulnerability in the Oracle GoldenGate component of Oracle GoldenGate.

5.0
2018-04-19 CVE-2018-2765 Oracle Unspecified vulnerability in Oracle Security Service

Vulnerability in the Oracle Security Service component of Oracle Fusion Middleware (subcomponent: Oracle SSL API).

5.0
2018-04-18 CVE-2018-7246 Schneider Electric Cleartext Transmission of Sensitive Information vulnerability in Schneider-Electric 66074 MGE Network Management Card Transverse

A cleartext transmission of sensitive information vulnerability exists in Schneider Electric's 66074 MGE Network Management Card Transverse installed in MGE UPS and MGE STS.

5.0
2018-04-18 CVE-2018-7244 Schneider Electric Information Exposure vulnerability in Schneider-Electric 66074 MGE Network Management Card Transverse

An information disclosure vulnerability exists In Schneider Electric's 66074 MGE Network Management Card Transverse installed in MGE UPS and MGE STS.

5.0
2018-04-18 CVE-2018-1000165 Lightsaml Incorrect Permission Assignment for Critical Resource vulnerability in Lightsaml

LightSAML version prior to 1.3.5 contains a Incorrect Access Control vulnerability in signature validation in readers in src/LightSaml/Model/XmlDSig/ that can result in impersonation of any user from Identity Provider.

5.0
2018-04-18 CVE-2018-1000164 Gunicorn
Debian
CRLF Injection vulnerability in multiple products

gunicorn version 19.4.5 contains a CWE-113: Improper Neutralization of CRLF Sequences in HTTP Headers vulnerability in "process_headers" function in "gunicorn/http/wsgi.py" that can result in an attacker causing the server to return arbitrary HTTP headers.

5.0
2018-04-18 CVE-2018-1274 Pivotal Software Allocation of Resources Without Limits or Throttling vulnerability in Pivotal Software Spring Data Commons and Spring Data Rest

Spring Data Commons, versions 1.13 to 1.13.10, 2.0 to 2.0.5, and older unsupported versions, contain a property path parser vulnerability caused by unlimited resource allocation.

5.0
2018-04-18 CVE-2016-8220 Pivotal Software Information Exposure vulnerability in Pivotal Software Gemfire

Pivotal Gemfire for PCF, versions 1.6.x prior to 1.6.5.0 and 1.7.x prior to 1.7.1.0, contain an information disclosure vulnerability.

5.0
2018-04-18 CVE-2016-2169 Cloudfoundry Code vulnerability in Cloudfoundry Capi-Release and Cf-Release

Cloud Foundry Cloud Controller, capi-release versions prior to 1.0.0 and cf-release versions prior to v237, contain a business logic flaw.

5.0
2018-04-18 CVE-2018-6413 Hikvision Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Hikvision Ds-2Cd9111-S Firmware

There is a buffer overflow in the Hikvision Camera DS-2CD9111-S of V4.1.2 build 160203 and before, and this vulnerability allows remote attackers to launch a denial of service attack (service interruption) via a crafted network setting interface request.

5.0
2018-04-18 CVE-2016-10483 Qualcomm Improper Input Validation vulnerability in Qualcomm products

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile SD 410/12, SD 615/16/SD 415, SD 808, and SD 810, improper input validation while processing SCM Command can lead to unauthorized memory access.

5.0
2018-04-18 CVE-2016-10469 Qualcomm Improper Input Validation vulnerability in Qualcomm products

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear MDM9206, MDM9607, MDM9650, MSM8909W, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 808, SD 810, SD 820, SD 820A, SD 835, SD 845, and SD 850, incorrect implementation of RSA padding functions in CORE.

5.0
2018-04-18 CVE-2016-10447 Qualcomm Access of Uninitialized Pointer vulnerability in Qualcomm products

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9607, MDM9650, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 625, SD 650/52, SD 820, SD 835, and SDX20, secure UI crash due to uninitialized link list entry in dynamic font module.

5.0
2018-04-18 CVE-2016-10446 Qualcomm Configuration vulnerability in Qualcomm products

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear MDM9206, MDM9650, SD 210/SD 212/SD 205, SD 820, SD 820A, and SD 835, incorrect configuration of the OCIMEM MPU may provide NonSecure Software access to OCIMEM memory used by TZ.

5.0
2018-04-18 CVE-2016-10438 Qualcomm Information Exposure vulnerability in Qualcomm products

In Android before 2018-04-05 or earlier security patch level on Qualcomm Small Cell SoC, Snapdragon Mobile, and Snapdragon Wear FSM9055, IPQ4019, IPQ8064, MDM9206, MDM9607, MDM9635M, MDM9640, MDM9650, MSM8909W, QCA4531, QCA9980, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 808, SD 810, SD 820, SD 835, and SDX20, information exposure vulnerability when logging debug statement due to %p usage.

5.0
2018-04-18 CVE-2016-10437 Qualcomm Information Exposure vulnerability in Qualcomm products

In Android before 2018-04-05 or earlier security patch level on Qualcomm Small Cell SoC, Snapdragon Mobile, and Snapdragon Wear FSM9055, MDM9206, MDM9607, MDM9635M, MDM9640, MDM9650, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 808, SD 810, SD 820, SD 835, and SDX20, while logging debug statements or ftrace events from rmnet_data, the socket buffer function uses normal format specifiers which may result in information exposure.

5.0
2018-04-18 CVE-2016-10434 Qualcomm Improper Authentication vulnerability in Qualcomm SD 820 Firmware and SD 820A Firmware

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile and Snapdragon Mobile SD 820 and SD 820A, the input to RPMB write response function is a buffer from HLOS that needs to be authenticated (using HMAC) and then processed.

5.0
2018-04-18 CVE-2016-10429 Qualcomm Data Processing Errors vulnerability in Qualcomm products

In Android before 2018-04-05 or earlier security patch level on Qualcomm Small Cell SoC, Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear FSM9055, IPQ4019, MDM9206, MDM9607, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 820A, and SDX20, three image types are loaded in the same manner without distinguishing them.

5.0
2018-04-18 CVE-2016-10428 Qualcomm Information Exposure vulnerability in Qualcomm products

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile and Snapdragon Mobile SD 425, SD 430, SD 450, SD 625, SD 650/52, SD 820, and SD 820A, HMAC verification in counter file uses an insecure memcmp which may assist a timing attack.

5.0
2018-04-18 CVE-2016-10423 Qualcomm Information Exposure vulnerability in Qualcomm products

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile and Snapdragon Mobile SD 425, SD 430, SD 450, SD 625, SD 650/52, SD 820, and SD 820A, when a Trusted Application has opened the SPI interface to a particular device, it is possible for another Trusted Application to read the data on this open interface due to non-exclusive access of the SPI bus.

5.0
2018-04-18 CVE-2016-10418 Qualcomm Improper Access Control vulnerability in Qualcomm products

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear MDM9206, MDM9650, SD 210/SD 212/SD 205, SD 425, SD 430, SD 450, SD 625, SD 650/52, SD 820, SD 820A, and SD 835, HLOS can enable PMIC debug through TCSR_QPDI_DISABLE_CFG due to improper access control.

5.0
2018-04-18 CVE-2016-10415 Qualcomm NULL Pointer Dereference vulnerability in Qualcomm products

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9607, MDM9640, MDM9650, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 600, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 835, and SDX20, dereference of an invalid input parameter could cause a denial of service.

5.0
2018-04-18 CVE-2016-10406 Qualcomm Information Exposure vulnerability in Qualcomm products

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile MDM9650, SD 210/SD 212/SD 205, SD 410/12, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 808, SD 810, SD 820, and SD 835, while printing debug message of a pointer in wlan_qmi_err_cb, the real kernel address will be printed regardless of the kptr_restrict system settings.

5.0
2018-04-18 CVE-2015-9213 Qualcomm Code vulnerability in Qualcomm products

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 600, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 835, SD 845, SD 850, and SDX20, the DIAG-EFS command EFS2_DIAG_DELTREE, which is handled by the function fs_diag_deltree_handler(), is used to delete files and directories only inside the /public folder.

5.0
2018-04-18 CVE-2015-9194 Qualcomm Information Exposure vulnerability in Qualcomm products

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile SD 210/SD 212/SD 205, SD 400, SD 425, SD 427, SD 430, SD 435, SD 450, SD 617, SD 625, SD 650/52, SD 800, SD 845, and Snapdragon_High_Med_2016, during module load at TZ Startup, memory statically allocated by modules was not being properly set to zero first.

5.0
2018-04-18 CVE-2015-9193 Qualcomm Improper Input Validation vulnerability in Qualcomm products

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear MDM9206, MDM9650, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 820A, SD 835, SD 845, and SD 850, improper input validation could cause a memory overread and cause the app to crash.

5.0
2018-04-18 CVE-2015-9189 Qualcomm Information Exposure vulnerability in Qualcomm products

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear IPQ4019, MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 600, SD 615/16/SD 415, SD 808, and SD 810, processing of TZ application command in tz_app_cmd_handler function could lead to potential content disclosure of secure memory.

5.0
2018-04-18 CVE-2015-9176 Qualcomm Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Qualcomm products

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear MDM9206, MDM9650, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 820A, SD 835, SD 845, and SD 850, Input_address is registered as a shared buffer and is not properly checked before use in OEMCrypto_Generic_Sign().

5.0
2018-04-18 CVE-2015-9169 Qualcomm Information Exposure vulnerability in Qualcomm products

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 615/16/SD 415, SD 617, SD 650/52, SD 800, SD 808, and SD 810, buffer over-read in QSEE app may cause confidential information to be leaked.

5.0
2018-04-18 CVE-2015-9166 Qualcomm Data Processing Errors vulnerability in Qualcomm products

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear IPQ4019, MDM9206, MDM9607, MDM9650, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 808, SD 810, SD 820, SD 820A, SD 835, SD 845, and SD 850, DRM provisioning mechanisms used in QSEE applications have a feature to prevent further provisioning.

5.0
2018-04-18 CVE-2015-9163 Qualcomm Information Exposure vulnerability in Qualcomm products

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear MDM9206, MDM9650, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 820A, SD 835, SD 845, and SD 850, in a PlayReady function, information exposure can occur.

5.0
2018-04-18 CVE-2015-9140 Qualcomm Improper Access Control vulnerability in Qualcomm products

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile, Snapdragon Wear, and Small Cell SoC FSM9055, MDM9206, MDM9607, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 600, SD 615/16/SD 415, SD 617, SD 650/52, SD 800, SD 808, SD 810, and SDX20, unauthorized memory access possible in online memory dump feature.

5.0
2018-04-18 CVE-2015-9137 Qualcomm Data Processing Errors vulnerability in Qualcomm products

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 600, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 835, SD 845, SD 850, and SDX20, several EFS2 DIAG command handlers are not calling fs_diag_access_check().

5.0
2018-04-18 CVE-2015-9134 Qualcomm NULL Pointer Dereference vulnerability in Qualcomm products

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile SD 410/12, SD 615/16/SD 415, and SD 810, while processing QSEE Syscall 'qsee_macc_gen_ecc_privkey', untrusted pointer dereference occurs, which could result in arbitrary write.

5.0
2018-04-18 CVE-2015-9132 Qualcomm NULL Pointer Dereference vulnerability in Qualcomm products

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Small Cell SoC FSM9055, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 615/16/SD 415, SD 800, and SD 810, possible arbitrary memory read due to untrusted pointer dereference when handling HLOS controlled values passed to the QSEE syscall helper.

5.0
2018-04-18 CVE-2015-9131 Qualcomm Improper Input Validation vulnerability in Qualcomm products

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile SD 400, SD 410/12, SD 615/16/SD 415, SD 800, SD 808, and SD 810, lack of input validation in qsee can lead to unauthorized memory access.

5.0
2018-04-18 CVE-2015-9123 Qualcomm Information Exposure vulnerability in Qualcomm products

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile, Snapdragon Wear, and Small Cell SoC FSM9055, IPQ4019, MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 600, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 835, SD 845, SD 850, and SDX20, code to zeroize AES key could be compiled out by compiler which could potentially result in information disclosure.

5.0
2018-04-18 CVE-2015-9119 Qualcomm Information Exposure vulnerability in Qualcomm products

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 835, SD 845, SD 850, and SDX20, sensitive information may be returned to the QMI client as a response.

5.0
2018-04-18 CVE-2014-9986 Qualcomm Improper Input Validation vulnerability in Qualcomm products

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, and SD 820A, in playready_licacq_process_response(), 'cbResponse' value is controlled by HLOS, and there is no validation on this length.

5.0
2018-04-18 CVE-2014-10063 Qualcomm 7PK - Security Features vulnerability in Qualcomm Mdm9625 Firmware and SD 800 Firmware

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile MDM9625 and SD 800, a fuse is not correctly blown on a secure device.

5.0
2018-04-18 CVE-2014-10062 Qualcomm Information Exposure vulnerability in Qualcomm products

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9607, MDM9640, MDM9650, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 600, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 835, and SDX20, LocationService is being exported, which is a way for a service to expose its methods to other services.

5.0
2018-04-18 CVE-2014-10058 Qualcomm Permissions, Privileges, and Access Controls vulnerability in Qualcomm products

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile SD 210/SD 212/SD 205, SD 400, SD 425, SD 427, SD 430, SD 435, SD 450, SD 617, SD 625, SD 650/52, SD 800, SD 845, and Snapdragon_High_Med_2016, unauthorized users can potentially modify system time.

5.0
2018-04-18 CVE-2014-10055 Qualcomm Information Exposure vulnerability in Qualcomm SD 400 Firmware and SD 800 Firmware

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile SD 400 and SD 800, there could be leakage of protected contents if HLOS doesn't request for security restoration for OCMEM xPU's.

5.0
2018-04-18 CVE-2014-10047 Qualcomm Information Exposure vulnerability in Qualcomm SD 400 Firmware and SD 800 Firmware

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile SD 400 and SD 800, when writing the Full Disk Encryption key to crypto engine, information leak could occur.

5.0
2018-04-18 CVE-2014-10044 Qualcomm Improper Validation of Array Index vulnerability in Qualcomm products

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile MDM9615, MDM9625, MDM9635M, SD 210/SD 212/SD 205, SD 400, SD 617, SD 800, and SD 820, in the time daemon, unauthorized users can potentially modify system time and cause an array index to be out-of-bound.

5.0
2018-04-18 CVE-2014-10043 Qualcomm Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Qualcomm products

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, and SD 800, while reading PlayReady rights string information from command buffer (which is sent from non-secure side), if length of rights string is very large, a buffer over read occurs, exposing TZ App memory to non-secure side.

5.0
2018-04-18 CVE-2018-10193 Logmein Resource Exhaustion vulnerability in Logmein Lastpass

LogMeIn LastPass through 4.15.0 allows remote attackers to cause a denial of service (browser hang) via an HTML document because the resource consumption of onloadwff.js grows with the number of INPUT elements.

5.0
2018-04-17 CVE-2018-6798 Debian
Perl
Canonical
Redhat
Out-of-bounds Read vulnerability in multiple products

An issue was discovered in Perl 5.22 through 5.26.

5.0
2018-04-17 CVE-2018-10189 Mautic Information Exposure vulnerability in Mautic

An issue was discovered in Mautic 1.x and 2.x before 2.13.0.

5.0
2018-04-17 CVE-2018-5190 Picturespro Reliance on Cookies without Validation and Integrity Checking vulnerability in Picturespro 7.1.0

PicturesPro Photo Cart 6 and 7 before Security-Patch-2018-B allows remote attackers to access arbitrary customer accounts via a modified cookie, related to pc_head.php, pc_login.php, and pc_login_page.php.

5.0
2018-04-17 CVE-2018-10178 Iacapps Information Exposure vulnerability in IAC Fromdoctopdf

The FromDocToPDF extension before 13.611.13.2303 for Chrome allows remote attackers to discover visited web sites via vectors involving a mostVisitedSites command.

5.0
2018-04-16 CVE-2018-0548 Cybozu Unspecified vulnerability in Cybozu Garoon

Cybozu Garoon 4.0.0 to 4.6.0 allows remote authenticated attackers to bypass access restriction to view the closed title of "Space" via unspecified vectors.

5.0
2018-04-16 CVE-2018-10122 Chanzhi Path Traversal vulnerability in Chanzhi Pro1.6

QingDao Nature Easy Soft Chanzhi Enterprise Portal System (aka chanzhieps) pro1.6 allows remote attackers to read arbitrary files via directory traversal sequences in the pathname parameter to www/file.php.

5.0
2018-04-16 CVE-2018-10113 Gegl Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Gegl Generic Graphics Library

An issue was discovered in GEGL through 0.3.32.

5.0
2018-04-16 CVE-2018-10111 Gegl Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Gegl 0.2.0

An issue was discovered in GEGL through 0.3.32.

5.0
2018-04-16 CVE-2018-1000169 Jenkins Information Exposure vulnerability in Jenkins

An exposure of sensitive information vulnerability exists in Jenkins 2.115 and older, LTS 2.107.1 and older, in CLICommand.java and ViewOptionHandler.java that allows unauthorized attackers to confirm the existence of agents or views with an attacker-specified name by sending a CLI command to Jenkins.

5.0
2018-04-16 CVE-2014-2069 Eshtery She7Ata Path Traversal vulnerability in Eshtery.She7Ata Eshtery CMS

Absolute path traversal vulnerability in Eshtery CMS allows remote attackers to read arbitrary files via a full pathname in the file parameter to FileManager.aspx.

5.0
2018-04-16 CVE-2014-1686 Mediawiki Information Exposure vulnerability in Mediawiki 1.18.0

MediaWiki 1.18.0 allows remote attackers to obtain the installation path via vectors related to thumbnail creation.

5.0
2018-04-19 CVE-2017-18261 Linux Infinite Loop vulnerability in Linux Kernel

The arch_timer_reg_read_stable macro in arch/arm64/include/asm/arch_timer.h in the Linux kernel before 4.13 allows local users to cause a denial of service (infinite recursion) by writing to a file under /sys/kernel/debug in certain circumstances, as demonstrated by a scenario involving debugfs, ftrace, PREEMPT_TRACER, and FUNCTION_GRAPH_TRACER.

4.9
2018-04-19 CVE-2018-2770 Oracle Unspecified vulnerability in Oracle Adaptive Access Manager 11.1.2.3.0

Vulnerability in the Oracle Adaptive Access Manager component of Oracle Fusion Middleware (subcomponent: OAAM Admin).

4.9
2018-04-19 CVE-2018-2756 Oracle Unspecified vulnerability in Oracle Communications Order and Service Management

Vulnerability in the Oracle Communications Order and Service Management component of Oracle Communications Applications (subcomponent: WebUI).

4.9
2018-04-19 CVE-2018-2752 Oracle Unspecified vulnerability in Oracle Peoplesoft Enterprise Human Capital Management 9.2

Vulnerability in the PeopleSoft Enterprise HCM component of Oracle PeopleSoft Products (subcomponent: Security).

4.9
2018-04-19 CVE-2018-2749 Oracle Unspecified vulnerability in Oracle products

Vulnerability in the Oracle Banking Corporate Lending component of Oracle Financial Services Applications (subcomponent: Core module).

4.9
2018-04-19 CVE-2018-2563 Oracle Unspecified vulnerability in Oracle Solaris 10.0/11.3

Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: LDAP Library).

4.9
2018-04-18 CVE-2015-9218 Qualcomm 7PK - Errors vulnerability in Qualcomm products

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 450, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 835, SD 845, SDM630, SDM636, SDM660, and Snapdragon_High_Med_2016, when processing bad HEVC clips, the DPB fills, and with no error handling for DPB being full, a hang occurs.

4.9
2018-04-18 CVE-2018-10110 D Link Cross-site Scripting vulnerability in D-Link Dir-615 T1 Firmware 20.07

D-Link DIR-615 T1 devices allow XSS via the Add User feature.

4.8
2018-04-19 CVE-2018-2808 Oracle Unspecified vulnerability in Oracle Solaris 11.3

Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: Kernel).

4.7
2018-04-19 CVE-2018-2860 Oracle Unspecified vulnerability in Oracle VM Virtualbox

Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core).

4.6
2018-04-19 CVE-2018-2845 Oracle Unspecified vulnerability in Oracle VM Virtualbox

Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core).

4.6
2018-04-19 CVE-2018-2843 Oracle Unspecified vulnerability in Oracle VM Virtualbox

Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core).

4.6
2018-04-19 CVE-2018-2842 Oracle Unspecified vulnerability in Oracle VM Virtualbox

Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core).

4.6
2018-04-19 CVE-2018-2822 Oracle Unspecified vulnerability in Oracle Solaris Cluster 4.3

Vulnerability in the Solaris Cluster component of Oracle Sun Systems Products Suite (subcomponent: Cluster Geo).

4.6
2018-04-19 CVE-2018-1035 Microsoft Unspecified vulnerability in Microsoft Windows 10 and Windows Server 2016

A security feature bypass vulnerability exists in Windows which could allow an attacker to bypass Device Guard, aka "Windows Security Feature Bypass Vulnerability." This affects Windows 10, Windows 10 Servers.

4.6
2018-04-17 CVE-2018-8834 Omron Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Omron products

Parsing malformed project files in Omron CX-One versions 4.42 and prior, including the following applications: CX-FLnet versions 1.00 and prior, CX-Protocol versions 1.992 and prior, CX-Programmer versions 9.65 and prior, CX-Server versions 5.0.22 and prior, Network Configurator versions 3.63 and prior, and Switch Box Utility versions 1.68 and prior, may cause a heap-based buffer overflow.

4.6
2018-04-17 CVE-2018-7530 Omron Range Error vulnerability in Omron products

Parsing malformed project files in Omron CX-One versions 4.42 and prior, including the following applications: CX-FLnet versions 1.00 and prior, CX-Protocol versions 1.992 and prior, CX-Programmer versions 9.65 and prior, CX-Server versions 5.0.22 and prior, Network Configurator versions 3.63 and prior, and Switch Box Utility versions 1.68 and prior, may allow the pointer to call an incorrect object resulting in an access of resource using incompatible type condition.

4.6
2018-04-17 CVE-2018-7514 Omron Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Omron products

Parsing malformed project files in Omron CX-One versions 4.42 and prior, including the following applications: CX-FLnet versions 1.00 and prior, CX-Protocol versions 1.992 and prior, CX-Programmer versions 9.65 and prior, CX-Server versions 5.0.22 and prior, Network Configurator versions 3.63 and prior, and Switch Box Utility versions 1.68 and prior, may cause a stack-based buffer overflow.

4.6
2018-04-16 CVE-2017-10140 Postfix Unspecified vulnerability in Postfix

Postfix before 2.11.10, 3.0.x before 3.0.10, 3.1.x before 3.1.6, and 3.2.x before 3.2.2 might allow local users to gain privileges by leveraging undocumented functionality in Berkeley DB 2.x and later, related to reading settings from DB_CONFIG in the current directory.

4.6
2018-04-19 CVE-2018-2837 Oracle Unspecified vulnerability in Oracle VM Virtualbox

Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core).

4.4
2018-04-19 CVE-2018-2836 Oracle Unspecified vulnerability in Oracle VM Virtualbox

Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core).

4.4
2018-04-19 CVE-2018-2835 Oracle Unspecified vulnerability in Oracle VM Virtualbox

Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core).

4.4
2018-04-19 CVE-2018-2834 Oracle Unspecified vulnerability in Oracle Data Visualization Desktop 12.2.4.1.1

Vulnerability in the Oracle Data Visualization Desktop component of Oracle Fusion Middleware (subcomponent: Security).

4.4
2018-04-19 CVE-2018-2830 Oracle Unspecified vulnerability in Oracle VM Virtualbox

Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core).

4.4
2018-04-19 CVE-2018-2771 Oracle
Debian
Canonical
Mariadb
Redhat
Netapp
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Locking).
4.4
2018-04-17 CVE-2018-8838 Yokogawa Unspecified vulnerability in Yokogawa products

A weakness in access controls in CENTUM CS 1000 all versions, CENTUM CS 3000 versions R3.09.50 and earlier, CENTUM CS 3000 Small versions R3.09.50 and earlier, CENTUM VP versions R6.03.10 and earlier, CENTUM VP Small versions R6.03.10 and earlier, CENTUM VP Basic versions R6.03.10 and earlier, Exaopc versions R3.75.00 and earlier, B/M9000 CS all versions, and B/M9000 VP versions R8.01.01 and earlier may allow a local attacker to exploit the message management function of the system.

4.4
2018-04-22 CVE-2018-10296 1234N Cross-site Scripting vulnerability in 1234N Minicms 1.10

MiniCMS V1.10 has XSS via the mc-admin/post-edit.php title parameter.

4.3
2018-04-20 CVE-2014-0927 IBM Improper Authentication vulnerability in IBM Sterling B2B Integrator and Sterling File Gateway

The ActiveMQ admin user interface in IBM Sterling B2B Integrator 5.1 and 5.2 and Sterling File Gateway 2.1 and 2.2 allows remote attackers to bypass authentication by leveraging knowledge of the port number and webapp path.

4.3
2018-04-20 CVE-2014-6112 IBM Information Exposure vulnerability in IBM Security Identity Manager and Tivoli Identity Manager

IBM Tivoli Identity Manager 5.1.x before 5.1.0.15-ISS-TIM-IF0057 and Security Identity Manager 6.0.x before 6.0.0.4-ISS-SIM-IF0001 and 7.0.x before 7.0.0.0-ISS-SIM-IF0003 make it easier for remote attackers to obtain sensitive information by leveraging support for weak SSL ciphers.

4.3
2018-04-20 CVE-2014-6108 IBM Information Exposure vulnerability in IBM Security Identity Manager and Tivoli Identity Manager

IBM Tivoli Identity Manager 5.1.x before 5.1.0.15-ISS-TIM-IF0057 and Security Identity Manager 6.0.x before 6.0.0.4-ISS-SIM-IF0001 and 7.0.x before 7.0.0.0-ISS-SIM-IF0003 might allow man-in-the-middle attackers to obtain sensitive information by leveraging an unencrypted connection for interfaces.

4.3
2018-04-19 CVE-2018-0276 Cisco Cross-site Scripting vulnerability in Cisco Webex Connect IM

A vulnerability in Cisco WebEx Connect IM could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of an affected system.

4.3
2018-04-19 CVE-2018-0272 Cisco Improper Handling of Exceptional Conditions vulnerability in Cisco Firepower 6.2.1/6.2.2.1

A vulnerability in the Secure Sockets Layer (SSL) Engine of Cisco Firepower System Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition.

4.3
2018-04-19 CVE-2018-0269 Cisco Incorrect Authorization vulnerability in Cisco Digital Network Architecture Center 1.1

A vulnerability in the web framework of the Cisco Digital Network Architecture Center (DNA Center) could allow an unauthenticated, remote attacker to communicate with the Kong API server without restriction.

4.3
2018-04-19 CVE-2018-9861 Ckeditor
Drupal
Cross-site Scripting vulnerability in multiple products

Cross-site scripting (XSS) vulnerability in the Enhanced Image (aka image2) plugin for CKEditor (in versions 4.5.10 through 4.9.1; fixed in 4.9.2), as used in Drupal 8 before 8.4.7 and 8.5.x before 8.5.2 and other products, allows remote attackers to inject arbitrary web script through a crafted IMG element.

4.3
2018-04-19 CVE-2018-10230 Zend Cross-site Scripting vulnerability in Zend Server 5.1.0/8.5/9.0

Zend Debugger in Zend Server before 9.1.3 has XSS, aka ZSR-2455.

4.3
2018-04-19 CVE-2018-2809 Oracle Unspecified vulnerability in Oracle Peoplesoft Enterprise Peopletools 8.54/8.55/8.56

Vulnerability in the PeopleSoft Enterprise PeopleTools component of Oracle PeopleSoft Products (subcomponent: Fluid Homepage & Navigation).

4.3
2018-04-19 CVE-2018-2785 Oracle Unspecified vulnerability in Oracle Peoplesoft Enterprise Peopletools 8.54/8.55/8.56

Vulnerability in the PeopleSoft Enterprise PeopleTools component of Oracle PeopleSoft Products (subcomponent: Stylesheet).

4.3
2018-04-19 CVE-2018-2761 Oracle
Debian
Canonical
Mariadb
Netapp
Redhat
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Client programs).
4.3
2018-04-19 CVE-2018-2760 Oracle Unspecified vulnerability in Oracle Http Server 12.1.3/12.2.1.2

Vulnerability in the Oracle HTTP Server component of Oracle Fusion Middleware (subcomponent: OSSL Module).

4.3
2018-04-18 CVE-2018-1325 Wicket Jquery UI Project Cross-site Scripting vulnerability in Wicket-Jquery-Ui Project Wicket-Jquery-Ui

In Apache wicket-jquery-ui <= 6.29.0, <= 7.10.1, <= 8.0.0-M9.1, JS code created in WYSIWYG editor will be executed on display.

4.3
2018-04-18 CVE-2018-1000163 Projectfloodlight Cross-site Scripting vulnerability in Projectfloodlight Floodlight 1.2

Floodlight version 1.2 and earlier contains a Cross Site Scripting (XSS) vulnerability in the web console that can result in javascript injections into the web page.

4.3
2018-04-18 CVE-2018-1000162 Parsedown Cross-site Scripting vulnerability in Parsedown

Parsedown version prior to 1.7.0 contains a Cross Site Scripting (XSS) vulnerability in `setMarkupEscaped` for escaping HTML that can result in JavaScript code execution.

4.3
2018-04-18 CVE-2018-1000160 Risingstack Cross-site Scripting vulnerability in Risingstack Protect 1.1.0/1.2.0

RisingStack protect version 1.2.0 and earlier contains a Cross Site Scripting (XSS) vulnerability in isXss() function in lib/rules/xss.js that can result in dangerous XSS strings being validated as safe.

4.3
2018-04-18 CVE-2018-1000159 Tlslite NG Project Improper Validation of Integrity Check Value vulnerability in Tlslite-Ng Project Tlslite-Ng

tlslite-ng version 0.7.3 and earlier, since commit d7b288316bca7bcdd082e6ccff5491e241305233 contains a CWE-354: Improper Validation of Integrity Check Value vulnerability in TLS implementation, tlslite/utils/constanttime.py: ct_check_cbc_mac_and_pad(); line "end_pos = data_len - 1 - mac.digest_size" that can result in an attacker manipulating the TLS ciphertext which will not be detected by receiving tlslite-ng.

4.3
2018-04-18 CVE-2018-1000158 Cmsmadesimple Incorrect Permission Assignment for Critical Resource vulnerability in Cmsmadesimple CMS Made Simple 2.2.7

cmsmadesimple version 2.2.7 contains a Incorrect Access Control vulnerability in the function of send_recovery_email in the line "$url = $config['admin_url'] .

4.3
2018-04-18 CVE-2018-8831 Kodi Cross-site Scripting vulnerability in Kodi

A Persistent XSS vulnerability exists in Kodi (formerly XBMC) through 17.6 that allows the execution of arbitrary HTML/script code in the context of the victim user's browser via a playlist.

4.3
2018-04-18 CVE-2018-9990 Zulip Cross-site Scripting vulnerability in Zulip Server

In Zulip Server versions before 1.7.2, there was an XSS issue with stream names in topic typeahead.

4.3
2018-04-18 CVE-2018-9987 Zulip Cross-site Scripting vulnerability in Zulip Server

In Zulip Server versions 1.5.x, 1.6.x, and 1.7.x before 1.7.2, there was an XSS issue with muting notifications.

4.3
2018-04-18 CVE-2018-9986 Zulip Cross-site Scripting vulnerability in Zulip Server

In Zulip Server versions before 1.7.2, there were XSS issues with the frontend markdown processor.

4.3
2018-04-18 CVE-2018-8071 Mautic Cross-site Scripting vulnerability in Mautic

Mautic before v2.13.0 has stored XSS via a theme config file.

4.3
2018-04-18 CVE-2017-12196 Redhat Incorrect Authorization vulnerability in Redhat products

undertow before versions 1.4.18.SP1, 2.0.2.Final, 1.4.24.Final was found vulnerable when using Digest authentication, the server does not ensure that the value of URI in the Authorization header matches the URI in HTTP request line.

4.3
2018-04-17 CVE-2018-10187 Radare Out-of-bounds Read vulnerability in Radare Radare2 2.5.0

In radare2 2.5.0, there is a heap-based buffer over-read in the dalvik_op function (libr/anal/p/anal_dalvik.c).

4.3
2018-04-17 CVE-2018-10186 Radare Out-of-bounds Read vulnerability in Radare Radare2 2.5.0

In radare2 2.5.0, there is a heap-based buffer over-read in the r_hex_bin2str function (libr/util/hex.c).

4.3
2018-04-17 CVE-2018-10183 Bigtreecms Cross-site Scripting vulnerability in Bigtreecms Bigtree CMS 4.2.22

An issue was discovered in BigTree 4.2.22.

4.3
2018-04-16 CVE-2018-10177 Imagemagick
Canonical
Infinite Loop vulnerability in multiple products

In ImageMagick 7.0.7-28, there is an infinite loop in the ReadOneMNGImage function of the coders/png.c file.

4.3
2018-04-16 CVE-2018-10138 Catalooksupport Cross-site Scripting vulnerability in Catalooksupport .Netstore

The CATALooK.netStore module through 7.2.8 for DNN (formerly DotNetNuke) allows XSS via the /ViewEditGoogleMaps.aspx PortalID or CATSkin parameter, or the /ImageViewer.aspx link or desc parameter.

4.3
2018-04-16 CVE-2018-10136 Iscripts Cross-site Scripting vulnerability in Iscripts Uberforx 2.2

iScripts UberforX 2.2 has Stored XSS in the "manage_settings" section of the Admin Panel via a value field to the /cms?section=manage_settings&action=edit URI.

4.3
2018-04-16 CVE-2018-10135 Iscripts Cross-site Scripting vulnerability in Iscripts Eswap 2.4

iScripts eSwap v2.4 has Reflected XSS via the "catwiseproducts.php" catid parameter in the User Panel.

4.3
2018-04-16 CVE-2018-10128 Xyhcms Project Cross-site Scripting vulnerability in Xyhcms Project Xyhcms 3.5

An issue was discovered in XYHCMS 3.5.

4.3
2018-04-16 CVE-2016-9592 Redhat Resource Management Errors vulnerability in Redhat Openshift 3.2.1.23/3.3.1.11/3.4

openshift before versions 3.3.1.11, 3.2.1.23, 3.4 is vulnerable to a flaw when a volume fails to detach, which causes the delete operation to fail with 'VolumeInUse' error.

4.3
2018-04-16 CVE-2018-0560 Hatena Improper Input Validation vulnerability in Hatena Bookmark 3.0/3.70

Hatena Bookmark App for iOS Version 3.0 to 3.70 allows remote attackers to spoof the address bar via vectors related to URL display.

4.3
2018-04-16 CVE-2018-10102 Wordpress
Debian
Cross-site Scripting vulnerability in Wordpress

Before WordPress 4.9.5, the version string was not escaped in the get_the_generator function, and could lead to XSS in a generator tag.

4.3
2018-04-16 CVE-2018-10097 Smartscriptsolutions Cross-site Scripting vulnerability in Smartscriptsolutions Domain Trader 2.5.3

XSS exists in Domain Trader 2.5.3 via the recoverlogin.php email_address parameter.

4.3
2018-04-22 CVE-2018-10286 Ericssonlg Insufficiently Protected Credentials vulnerability in Ericssonlg Ipecs NMS A.1Ac

The Ericsson-LG iPECS NMS A.1Ac web application discloses sensitive information such as the NMS admin credentials and the PostgreSQL database credentials to logged-in users via the responses to certain HTTP POST requests.

4.0
2018-04-20 CVE-2018-10176 Digitalguardian Path Traversal vulnerability in Digitalguardian Management Console 7.1.2.0015

Digital Guardian Management Console 7.1.2.0015 has a Directory Traversal issue.

4.0
2018-04-20 CVE-2018-10175 Digitalguardian XXE vulnerability in Digitalguardian Management Console 7.1.2.0015

Digital Guardian Management Console 7.1.2.0015 has an XXE issue.

4.0
2018-04-20 CVE-2018-10174 Digitalguardian Server-Side Request Forgery (SSRF) vulnerability in Digitalguardian Management Console 7.1.2.0015

Digital Guardian Management Console 7.1.2.0015 has an SSRF issue that allows remote attackers to read arbitrary files via file:// URLs, send TCP traffic to intranet hosts, or obtain an NTLM hash.

4.0
2018-04-20 CVE-2018-10077 Vertiv XXE vulnerability in Vertiv Watchdog Console 3.2.2

XML external entity (XXE) vulnerability in Geist WatchDog Console 3.2.2 allows remote authenticated administrators to read arbitrary files via crafted XML data.

4.0
2018-04-20 CVE-2014-4782 IBM Information Exposure vulnerability in IBM Infosphere Biginsights 2.1.2

IBM InfoSphere BigInsights 2.1.2 allows remote authenticated users to discover SMTP server credentials via vectors related to the Alert management service.

4.0
2018-04-19 CVE-2018-0266 Cisco Forced Browsing vulnerability in Cisco Unified Communications Manager

A vulnerability in the web framework of Cisco Unified Communications Manager could allow an authenticated, remote attacker to view sensitive data.

4.0
2018-04-19 CVE-2018-2863 Oracle Unspecified vulnerability in Oracle SUN ZFS Storage Appliance KIT 8.7.13

Vulnerability in the Sun ZFS Storage Appliance Kit (AK) component of Oracle Sun Systems Products Suite (subcomponent: API frameworks).

4.0
2018-04-19 CVE-2018-2849 Oracle Unspecified vulnerability in Oracle Primavera P6 Enterprise Project Portfolio Management

Vulnerability in the Primavera P6 Enterprise Project Portfolio Management component of Oracle Construction and Engineering Suite (subcomponent: Web Access).

4.0
2018-04-19 CVE-2018-2847 Oracle Unspecified vulnerability in Oracle Hospitality Simphony 1.6/1.7

Vulnerability in the Oracle Hospitality Simphony First Edition component of Oracle Hospitality Applications (subcomponent: Operations).

4.0
2018-04-19 CVE-2018-2846 Oracle
Canonical
Netapp
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Performance Schema).
4.0
2018-04-19 CVE-2018-2839 Oracle
Canonical
Netapp
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML).
4.0
2018-04-19 CVE-2018-2824 Oracle Unspecified vulnerability in Oracle Hospitality Simphony 2.10/2.8/2.9

Vulnerability in the Oracle Hospitality Simphony component of Oracle Hospitality Applications (subcomponent: Enterprise Management Console).

4.0
2018-04-19 CVE-2018-2823 Oracle Unspecified vulnerability in Oracle Transportation Management 6.4.3

Vulnerability in the Oracle Transportation Management component of Oracle Supply Chain Products Suite (subcomponent: Database).

4.0
2018-04-19 CVE-2018-2820 Oracle Unspecified vulnerability in Oracle Peoplesoft Enterprise Peopletools 8.54/8.55/8.56

Vulnerability in the PeopleSoft Enterprise PeopleTools component of Oracle PeopleSoft Products (subcomponent: Fluid Core).

4.0
2018-04-19 CVE-2018-2819 Oracle
Mariadb
Canonical
Debian
Redhat
Netapp
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB).
4.0
2018-04-19 CVE-2018-2818 Oracle
Canonical
Debian
Netapp
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server : Security : Privileges).
4.0
2018-04-19 CVE-2018-2817 Oracle
Canonical
Debian
Redhat
Mariadb
Netapp
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL).
4.0
2018-04-19 CVE-2018-2816 Oracle
Canonical
Netapp
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer).
4.0
2018-04-19 CVE-2018-2813 Oracle
Debian
Canonical
Redhat
Netapp
Mariadb
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL).
4.0
2018-04-19 CVE-2018-2810 Oracle
Netapp
Canonical
Mariadb
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB).
4.0
2018-04-19 CVE-2018-2805 Oracle Unspecified vulnerability in Oracle Mysql

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: GIS Extension).

4.0
2018-04-19 CVE-2018-2800 Oracle
Redhat
Debian
Canonical
Schneider Electric
HP
Vulnerability in the Java SE, JRockit component of Oracle Java SE (subcomponent: RMI).
4.0
2018-04-19 CVE-2018-2789 Oracle Unspecified vulnerability in Oracle Siebel Core-Server Framework 17.0

Vulnerability in the Siebel Core - Server Framework component of Oracle Siebel CRM (subcomponent: Services).

4.0
2018-04-19 CVE-2018-2784 Oracle
Canonical
Mariadb
Debian
Netapp
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB).
4.0
2018-04-19 CVE-2018-2782 Oracle
Canonical
Mariadb
Debian
Netapp
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB).
4.0
2018-04-19 CVE-2018-2781 Debian
Netapp
Canonical
Mariadb
Oracle
Redhat
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer).
4.0
2018-04-19 CVE-2018-2780 Oracle
Canonical
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer).
4.0
2018-04-19 CVE-2018-2779 Oracle
Canonical
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer).
4.0
2018-04-19 CVE-2018-2778 Oracle
Canonical
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer).
4.0
2018-04-19 CVE-2018-2777 Oracle
Netapp
Canonical
Mariadb
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB).
4.0
2018-04-19 CVE-2018-2776 Oracle
Canonical
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Group Replication GCS).
4.0
2018-04-19 CVE-2018-2775 Oracle
Canonical
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer).
4.0
2018-04-19 CVE-2018-2769 Oracle
Canonical
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Pluggable Auth).
4.0
2018-04-19 CVE-2018-2759 Oracle
Netapp
Canonical
Mariadb
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB).
4.0
2018-04-19 CVE-2018-2758 Oracle Unspecified vulnerability in Oracle Mysql

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server : Security : Privileges).

4.0
2018-04-19 CVE-2018-2747 Oracle Unspecified vulnerability in Oracle products

Vulnerability in the Oracle Banking Corporate Lending component of Oracle Financial Services Applications (subcomponent: Core module).

4.0
2018-04-18 CVE-2016-10443 Qualcomm 7PK - Security Features vulnerability in Qualcomm products

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear MDM9206, MDM9607, MDM9635M, MDM9640, MDM9645, MDM9650, MSM8909W, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 808, SD 810, SD 820, SD 820A, SD 835, SD 845, and SD 850, packet replay may be possible.

4.0
2018-04-17 CVE-2018-1371 IBM Unspecified vulnerability in IBM Websphere MQ 8.0.0.8/9.0.0.2/9.0.4

An IBM WebSphere MQ 8.0.0.8, 9.0.0.2, and 9.0.4 Client connecting to a MQ Queue Manager can cause a SIGSEGV in the AMQRMPPA channel process terminating it.

4.0
2018-04-17 CVE-2017-6020 Lcds Path Traversal vulnerability in Lcds Laquis Scada

Leao Consultoria e Desenvolvimento de Sistemas (LCDS) LTDA ME LAquis SCADA software versions prior to version 4.1.0.3237 do not neutralize external input to ensure that users are not calling for absolute path sequences outside of their privilege level.

4.0
2018-04-17 CVE-2017-12701 Cpap Improper Input Validation vulnerability in Cpap Luna Cpap Machine Firmware

BMC Medical Luna CPAP Machines released prior to July 1, 2017, contain an improper input validation vulnerability which may allow an authenticated attacker to crash the CPAP's Wi-Fi module resulting in a denial-of-service condition.

4.0
2018-04-16 CVE-2018-0550 Cybozu Unspecified vulnerability in Cybozu Garoon

Cybozu Garoon 3.5.0 to 4.6.1 allows remote authenticated attackers to bypass access restriction to view the closed title of "Cabinet" via unspecified vectors.

4.0
2018-04-16 CVE-2018-0533 Cybozu Unspecified vulnerability in Cybozu Garoon

Cybozu Garoon 3.0.0 to 4.2.6 allows remote authenticated attackers to bypass access restriction to alter setting data of session authentication via unspecified vectors.

4.0
2018-04-16 CVE-2018-0532 Cybozu Cross-site Scripting vulnerability in Cybozu Garoon

Cybozu Garoon 3.0.0 to 4.2.6 allows remote authenticated attackers to bypass access restriction to alter setting data of the Standard database via unspecified vectors.

4.0
2018-04-16 CVE-2018-0531 Cybozu Unspecified vulnerability in Cybozu Garoon

Cybozu Garoon 3.0.0 to 4.2.6 allows remote authenticated attackers to bypass access restriction to view or alter an access privilege of a folder and/or notification settings via unspecified vectors.

4.0

44 Low Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2018-04-19 CVE-2018-2755 Oracle
Debian
Canonical
Mariadb
Netapp
Redhat
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Replication).
3.7
2018-04-19 CVE-2018-2754 Oracle Unspecified vulnerability in Oracle Solaris 11.3

Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: ZVNET Driver).

3.6
2018-04-16 CVE-2018-5382 Bouncycastle
Redhat
Improper Validation of Integrity Check Value vulnerability in multiple products

The default BKS keystore use an HMAC that is only 16 bits long, which can allow an attacker to compromise the integrity of a BKS keystore.

3.6
2018-04-22 CVE-2018-10298 Discuz Cross-site Scripting vulnerability in Discuz Discuzx 3.4

Discuz! DiscuzX through X3.4 has reflected XSS via forum.php?mod=post&action=newthread because data/template/1_diy_portal_view.tpl.php does not restrict the content.

3.5
2018-04-22 CVE-2018-10297 Discuz Cross-site Scripting vulnerability in Discuz Discuzx 3.4

Discuz! DiscuzX through X3.4 has stored XSS via the portal.php?mod=portalcp&ac=article URI, related to mishandling of IMG elements associated with remote images.

3.5
2018-04-22 CVE-2017-17889 Kliqqi Cross-site Scripting vulnerability in Kliqqi CMS 3.5.2

Kliqqi CMS 3.5.2 has XSS via a crafted group name in pligg/groups.php, a crafted Homepage string in a profile, or a crafted string in Tags or Description within pligg/submit.php.

3.5
2018-04-22 CVE-2018-10268 Fastadmin Cross-site Scripting vulnerability in Fastadmin 1.0.0.20180417

An issue was discovered in FastAdmin V1.0.0.20180417_beta.

3.5
2018-04-21 CVE-2017-15640 Phpipam Cross-site Scripting vulnerability in PHPipam

app/sections/user-menu.php in phpIPAM before 1.3.1 has XSS via the ip parameter.

3.5
2018-04-20 CVE-2018-7747 Calderalabs Cross-site Scripting vulnerability in Calderalabs Caldera Forms

Multiple cross-site scripting (XSS) vulnerabilities in the Caldera Forms plugin before 1.6.0-rc.1 for WordPress allow remote attackers to inject arbitrary web script or HTML via vectors involving (1) a greeting message, (2) the email transaction log, or (3) an imported form.

3.5
2018-04-20 CVE-2018-10078 Vertiv Cross-site Scripting vulnerability in Vertiv Watchdog Console 3.2.2

Cross-site scripting (XSS) vulnerability in Geist WatchDog Console 3.2.2 allows remote authenticated administrators to inject arbitrary web script or HTML via a server description.

3.5
2018-04-20 CVE-2014-6109 IBM Improper Access Control vulnerability in IBM Security Identity Manager and Tivoli Identity Manager

IBM Tivoli Identity Manager 5.1.x before 5.1.0.15-ISS-TIM-IF0057 and Security Identity Manager 6.0.x before 6.0.0.4-ISS-SIM-IF0001 and 7.0.x before 7.0.0.0-ISS-SIM-IF0003 allow remote authenticated users to bypass intended access restrictions and obtain sensitive information via vectors related to server side LDAP queries.

3.5
2018-04-20 CVE-2018-10250 Icmsdev Cross-site Scripting vulnerability in Icmsdev Icms 7.0.8

iCMS V7.0.8 has XSS via the admincp.php keywords parameter in a weixin_category action, aka a WeChat Classified Management keyword search.

3.5
2018-04-19 CVE-2018-9137 Open Audit Improper Neutralization of Formula Elements in a CSV File vulnerability in Open-Audit 2.1

Open-AudIT before 2.2 has CSV Injection.

3.5
2018-04-19 CVE-2018-10227 1234N Cross-site Scripting vulnerability in 1234N Minicms 1.10

MiniCMS v1.10 has XSS via the mc-admin/conf.php site_link parameter.

3.5
2018-04-19 CVE-2018-10221 Wuzhicms Cross-site Scripting vulnerability in Wuzhicms 4.1.0

An issue was discovered in WUZHI CMS V4.1.0.

3.5
2018-04-18 CVE-2018-1000161 Nmap Path Traversal vulnerability in Nmap

nmap version 6.49BETA6 through 7.60, up to and including SVN revision 37147 contains a Directory Traversal vulnerability in NSE script http-fetch that can result in file overwrite as the user is running it.

3.5
2018-04-18 CVE-2018-9999 Zulip Cross-site Scripting vulnerability in Zulip Server

In Zulip Server versions before 1.7.2, there was an XSS issue with user uploads and the (default) LOCAL_UPLOADS_DIR storage backend.

3.5
2018-04-17 CVE-2018-5431 Tibco Cross-site Scripting vulnerability in Tibco products

The domain designer component of TIBCO Software Inc.'s TIBCO JasperReports Server, TIBCO JasperReports Server Community Edition, TIBCO JasperReports Server for ActiveMatrix BPM, TIBCO Jaspersoft for AWS with Multi-Tenancy, and TIBCO Jaspersoft Reporting and Analytics for AWS contains a vulnerability which may allow, in the context of a non-default permissions configuration, persisted cross-site scripting (XSS) attacks.

3.5
2018-04-17 CVE-2018-1445 IBM Cross-site Scripting vulnerability in IBM Websphere Portal

IBM WebSphere Portal 8.0.0 through 8.0.0.1, 8.5, and 9.0 is vulnerable to cross-site scripting.

3.5
2018-04-17 CVE-2017-18102 Atlassian Cross-site Scripting vulnerability in Atlassian Jira Server

The wiki markup component of atlassian-renderer from version 8.0.0 before version 8.0.22 allows remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability in nested wiki markup.

3.5
2018-04-16 CVE-2015-1952 IBM Cross-site Scripting vulnerability in IBM Security Appscan

Cross-site scripting (XSS) vulnerability in IBM AppScan Enterprise Edition 9.0.x before 9.0.2 iFix 001 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

3.5
2018-04-16 CVE-2018-0551 Cybozu Cross-site Scripting vulnerability in Cybozu Garoon

Cross-site scripting vulnerability in Cybozu Garoon 3.0.0 to 4.6.1 allows remote authenticated attackers to inject arbitrary web script or HTML via unspecified vectors.

3.5
2018-04-16 CVE-2018-0549 Cybozu Cross-site Scripting vulnerability in Cybozu Garoon

Cross-site scripting vulnerability in Cybozu Garoon 3.0.0 to 4.6.0 allows remote authenticated attackers to inject arbitrary web script or HTML via unspecified vectors.

3.5
2018-04-16 CVE-2018-9169 Zblogcn Cross-site Scripting vulnerability in Zblogcn Z-Blogphp 1.5.1

Z-BlogPHP 1.5.1 has XSS via the zb_users/plugin/AppCentre/plugin_edit.php app_id parameter.

3.5
2018-04-16 CVE-2018-10121 Monstra Cross-site Scripting vulnerability in Monstra 3.0.4

plugins/box/pages/pages.admin.php in Monstra CMS 3.0.4 has a stored XSS vulnerability when an attacker has access to the editor role, and enters the payload in the title section of an admin/index.php?id=pages&action=edit_page&name=error404 (aka Edit 404 page) action.

3.5
2018-04-16 CVE-2018-10118 Monstra Cross-site Scripting vulnerability in Monstra 3.0.4

Monstra CMS 3.0.4 has Stored XSS via the Name field on the Create New Page screen under the admin/index.php?id=pages URI, related to plugins/box/pages/pages.admin.php.

3.5
2018-04-16 CVE-2018-10109 Monstra Cross-site Scripting vulnerability in Monstra 3.0.4

Monstra CMS 3.0.4 has a stored XSS vulnerability when an attacker has access to the editor role, and enters the payload in the content section of a new page in the blog catalog.

3.5
2018-04-16 CVE-2018-1000170 Jenkins Cross-site Scripting vulnerability in Jenkins

A cross-site scripting vulnerability exists in Jenkins 2.115 and older, LTS 2.107.1 and older, in confirmationList.jelly and stopButton.jelly that allows attackers with Job/Configure and/or Job/Create permission to create an item name containing JavaScript that would be executed in another user's browser when that other user performs some UI actions.

3.5
2018-04-19 CVE-2018-0257 Cisco Unspecified vulnerability in Cisco IOS XE

A vulnerability in Cisco IOS XE Software running on Cisco cBR Series Converged Broadband Routers could allow an unauthenticated, adjacent attacker to cause high CPU usage on an affected device, resulting in a denial of service (DoS) condition.

3.3
2018-04-18 CVE-2018-7758 Schneider Electric Insufficient Session Expiration vulnerability in Schneider-Electric products

A denial of service vulnerability exists in Schneider Electric's MiCOM Px4x (P540 range excluded) with legacy Ethernet board, MiCOM P540D Range with Legacy Ethernet Board, and MiCOM Px4x Rejuvenated could lose network communication in case of TCP/IP open requests on port 20000 (DNP3oE) if an older TCI/IP session is still open with identical IP address and port number.

3.3
2018-04-19 CVE-2018-2790 Oracle
Redhat
Debian
Canonical
HP
Schneider Electric
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Security).
3.1
2018-04-18 CVE-2018-1240 EMC Information Exposure vulnerability in EMC Vipr Controller 3.0.0.39

Dell EMC ViPR Controller, versions after 3.0.0.38, contain an information exposure vulnerability in the VRRP.

2.7
2018-04-19 CVE-2018-2753 Oracle Unspecified vulnerability in Oracle Solaris 11.3

Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: Python modules).

2.6
2018-04-20 CVE-2018-10079 Vertiv Improper Privilege Management vulnerability in Vertiv Watchdog Console 3.2.2

Geist WatchDog Console 3.2.2 uses a weak ACL for the C:\ProgramData\WatchDog Console directory, which allows local users to modify configuration data by updating (1) config.xml or (2) servers.xml.

2.1
2018-04-20 CVE-2014-6111 IBM Credentials Management vulnerability in IBM Security Identity Manager and Tivoli Identity Manager

IBM Tivoli Identity Manager 5.1.x before 5.1.0.15-ISS-TIM-IF0057 and Security Identity Manager 6.0.x before 6.0.0.4-ISS-SIM-IF0001 and 7.0.x before 7.0.0.0-ISS-SIM-IF0003 store encrypted user credentials and the keystore password in cleartext in configuration files, which allows local users to decrypt SIM credentials via unspecified vectors.

2.1
2018-04-19 CVE-2018-0267 Cisco Forced Browsing vulnerability in Cisco Unified Communications Manager

A vulnerability in the web framework of Cisco Unified Communications Manager could allow an authenticated, local attacker to view sensitive data that should be restricted.

2.1
2018-04-19 CVE-2018-2831 Oracle Unspecified vulnerability in Oracle VM Virtualbox

Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core).

2.1
2018-04-19 CVE-2018-2793 Oracle Unspecified vulnerability in Oracle Peoplesoft Enterprise PT Peopletools 8.54/8.55/8.56

Vulnerability in the PeopleSoft Enterprise PT PeopleTools component of Oracle PeopleSoft Products (subcomponent: PsAdmin).

2.1
2018-04-19 CVE-2018-2763 Oracle Unspecified vulnerability in Oracle Solaris 11.3

Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: NTPD).

2.1
2018-04-19 CVE-2018-2762 Oracle
Canonical
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Connection).
2.1
2018-04-16 CVE-2018-10124 Linux
Debian
Canonical
Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Linux Kernel

The kill_something_info function in kernel/signal.c in the Linux kernel before 4.13, when an unspecified architecture and compiler is used, might allow local users to cause a denial of service via an INT_MIN argument.

2.1
2018-04-19 CVE-2018-2877 Oracle Unspecified vulnerability in Oracle Mysql Cluster

Vulnerability in the MySQL Cluster component of Oracle MySQL (subcomponent: Cluster: ndbcluster/plugin).

1.9
2018-04-19 CVE-2018-2874 Oracle Unspecified vulnerability in Oracle E-Business Suite 12.1.3

Vulnerability in the Oracle Application Object Library component of Oracle E-Business Suite (subcomponent: Logging).

1.9
2018-04-19 CVE-2018-2773 Oracle
Debian
Canonical
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Client programs).
1.9