Weekly Vulnerabilities Reports > April 16 to 22, 2018
Overview
629 new vulnerabilities reported during this period, including 198 critical vulnerabilities and 87 high severity vulnerabilities. This weekly summary report vulnerabilities in 683 products from 138 vendors including Qualcomm, Oracle, Canonical, Debian, and Redhat. Vulnerabilities are notably categorized as "Improper Restriction of Operations within the Bounds of a Memory Buffer", "Cross-site Scripting", "Improper Input Validation", "Information Exposure", and "NULL Pointer Dereference".
- 576 reported vulnerabilities are remotely exploitables.
- 33 reported vulnerabilities have public exploit available.
- 118 reported vulnerabilities are related to weaknesses in OWASP Top Ten.
- 505 reported vulnerabilities are exploitable by an anonymous user.
- Qualcomm has the most reported vulnerabilities, with 229 reported vulnerabilities.
- Qualcomm has the most reported critical vulnerabilities, with 172 reported vulnerabilities.
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
EXPLOITABLE
EXPLOITABLE
AVAILABLE
ANONYMOUSLY
WEB APPLICATION
Vulnerability Details
The following table list reported vulnerabilities for the period covered by this report:
198 Critical Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2018-04-22 | CVE-2018-9245 | Ericssonlg | SQL Injection vulnerability in Ericssonlg Ipecs NMS A.1Ac The Ericsson-LG iPECS NMS A.1Ac login portal has a SQL injection vulnerability in the User ID and password fields that allows users to bypass the login page and execute remote code on the operating system. | 10.0 |
2018-04-19 | CVE-2018-1144 | Belkin | OS Command Injection vulnerability in Belkin N750 Firmware 1.10.22 A remote unauthenticated user can execute commands as root in the Belkin N750 using firmware version 1.10.22 by sending a crafted HTTP request to proxy.cgi. | 10.0 |
2018-04-19 | CVE-2018-1143 | Belkin | OS Command Injection vulnerability in Belkin N750 Firmware 1.10.22 A remote unauthenticated user can execute commands as root in the Belkin N750 using firmware version 1.10.22 by sending a crafted HTTP request to twonky_command.cgi. | 10.0 |
2018-04-18 | CVE-2018-8840 | Indusoft Industrial Software | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products A remote attacker could send a carefully crafted packet in InduSoft Web Studio v8.1 and prior versions, and/or InTouch Machine Edition 2017 v8.1 and prior versions during a tag, alarm, or event related action such as read and write, which may allow remote code execution. | 10.0 |
2018-04-18 | CVE-2018-7243 | Schneider Electric | Unspecified vulnerability in Schneider-Electric 66074 MGE Network Management Card Transverse An authorization bypass vulnerability exists In Schneider Electric's 66074 MGE Network Management Card Transverse installed in MGE UPS and MGE STS. | 10.0 |
2018-04-18 | CVE-2016-10501 | Qualcomm | Improper Input Validation vulnerability in Qualcomm products In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile, Snapdragon Wear, and Small Cell SoC FSM9055, MDM9206, MDM9607, MDM9635M, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, and SD 835, improper input validation can occur while parsing an image. | 10.0 |
2018-04-18 | CVE-2016-10498 | Qualcomm | Injection vulnerability in Qualcomm products In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile MDM9635M, MDM9645, MDM9650, MDM9655, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 810, SDM630, SDM636, SDM660, and Snapdragon_High_Med_2016, stopping of the DTR prematurely causes micro kernel to be stuck. | 10.0 |
2018-04-18 | CVE-2016-10496 | Qualcomm | NULL Pointer Dereference vulnerability in Qualcomm products In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile MDM9635M, SD 210/SD 212/SD 205, SD 410/12, SD 450, SD 615/16/SD 415, SD 625, SD 650/52, SD 808, and SD 810, A NULL pointer dereference can occur during an SSL handshake. | 10.0 |
2018-04-18 | CVE-2016-10495 | Qualcomm | Range Error vulnerability in Qualcomm Mdm9635M Firmware In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile MDM9635M, made changes to map the scan type value to an index value that is in range. | 10.0 |
2018-04-18 | CVE-2016-10494 | Qualcomm | Integer Overflow or Wraparound vulnerability in Qualcomm products In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear MDM9206, MDM9607, MDM9625, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 425, SD 430, SD 450, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 820A, SD 835, SD 845, SD 850, and SDX20, integer overflow may lead to buffer overflows in IPC router Root-PD driver. | 10.0 |
2018-04-18 | CVE-2016-10493 | Qualcomm | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Qualcomm products In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear MDM9206, MDM9607, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 425, SD 430, SD 450, SD 617, SD 625, SD 650/52, SD 808, SD 810, SD 820, SD 820A, SD 835, SD 845, SD 850, and SDX20, NPA routines on the rootPD that handle resource requests remoted over QDI may not validate pointers passed from user space which may result in guest OS memory corruption. | 10.0 |
2018-04-18 | CVE-2016-10491 | Qualcomm | Integer Overflow or Wraparound vulnerability in Qualcomm products In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9607, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 835, SD 845, SD 850, and SDX20, an integer overflow leading to buffer overflow can occur in a QuRT API function. | 10.0 |
2018-04-18 | CVE-2016-10490 | Qualcomm | Numeric Errors vulnerability in Qualcomm products In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear MDM9206, MDM9607, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 820A, SD 835, SD 845, SD 850, and SDX20, if a negative value is passed as argument "max" to qurt_qdi_state_local_new_handle_from_obj, an buffer overflow occurs, due to typecasting the signed integer to unsigned. | 10.0 |
2018-04-18 | CVE-2016-10489 | Qualcomm | NULL Pointer Dereference vulnerability in Qualcomm SD 400 Firmware In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile SD 400, lack of address argument validation in qsee_get_tz_app_name() may lead to an untrusted pointer dereference. | 10.0 |
2018-04-18 | CVE-2016-10487 | Qualcomm | NULL Pointer Dereference vulnerability in Qualcomm products In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear MDM9206, MDM9607, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 425, SD 430, SD 450, SD 617, SD 625, SD 650/52, SD 808, SD 810, SD 820, SD 820A, SD 835, SD 845, SD 850, and SDX20, in a QuRT API function, an untrusted pointer dereference can occur. | 10.0 |
2018-04-18 | CVE-2016-10486 | Qualcomm | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Qualcomm products In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile and Snapdragon Mobile MDM9640, MDM9645, SD 210/SD 212/SD 205, SD 450, SD 617, SD 625, SD 650/52, SD 808, SD 810, SD 820, and SD 820A, PD failure reason string from user PD is used directly in root PD, so if the buffer parameter is non-NULL terminated in Diag F3 APIs, a buffer overread occurs. | 10.0 |
2018-04-18 | CVE-2016-10485 | Qualcomm | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Qualcomm products In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear IPQ4019, MDM9206, MDM9607, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 615/16/SD 415, SD 617, SD 650/52, SD 800, SD 808, SD 810, and SDX20, lack of proper bounds checking may lead to a buffer overflow. | 10.0 |
2018-04-18 | CVE-2016-10484 | Qualcomm | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Qualcomm products In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear IPQ4019, MDM9206, MDM9607, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 820A, SD 835, and SDX20, if a RPMB listener is registered with a very small buffer size, the calculation of the maximum transfer size for read and write operations may underflow, resulting in buffer overflow. | 10.0 |
2018-04-18 | CVE-2016-10482 | Qualcomm | Improper Input Validation vulnerability in Qualcomm products In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9607, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 835, SD 845, SD 850, and SDX20, while processing downlink information, an assert can be reached. | 10.0 |
2018-04-18 | CVE-2016-10481 | Qualcomm | Code vulnerability in Qualcomm products In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9607, MDM9635M, MDM9640, MDM9650, QCA4531, QCA6174A, QCA6574AU, QCA6584, QCA6584AU, QCA9377, QCA9378, QCA9379, SD 210/SD 212/SD 205, SD 425, SD 600, SD 625, SD 650/52, SD 808, SD 810, SD 820, SD 835, SD 845, SD 850, and SDX20, if WLAN FW receives the WMI_STA_SMPS_PARAM_CMDID ioctl in not-associated state, when the virtual channel handle is not assigned, the code doesn't check for NULL virtual channel handle, so an assert occurs. | 10.0 |
2018-04-18 | CVE-2016-10480 | Qualcomm | Integer Overflow or Wraparound vulnerability in Qualcomm products In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9607, MDM9650, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 835, and SDX20, possible memory corruption due to invalid integer overflow checks in exif parsing. | 10.0 |
2018-04-18 | CVE-2016-10479 | Qualcomm | Out-of-bounds Write vulnerability in Qualcomm products In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile MDM9607, MDM9615, MDM9635M, MDM9640, SD 210/SD 212/SD 205, SD 400, SD 600, SD 615/16/SD 415, SD 617, SD 650/52, SD 800, SD 810, and SD 820, an arbitrary length value from an incoming message to QMI Proxy can lead to an out-of-bounds write in the stack variable message. | 10.0 |
2018-04-18 | CVE-2016-10478 | Qualcomm | Integer Overflow or Wraparound vulnerability in Qualcomm SD 617 Firmware In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile SD 617, incorrect size calculation in QCRIL SCWS processing have Integer overflow which will lead to a buffer overflow. | 10.0 |
2018-04-18 | CVE-2016-10477 | Qualcomm | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Qualcomm products In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile SD 210/SD 212/SD 205, SD 400, SD 430, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, and SD 820, while processing smart card requests, a buffer overflow can occur. | 10.0 |
2018-04-18 | CVE-2016-10476 | Qualcomm | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Qualcomm products In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9607, MDM9650, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 835, and SDX20, missing array index checks on app index in function qcril_uim_clear_encrypted_pin results in accessing addresses outside the bounds of the buffer when app index is too large. | 10.0 |
2018-04-18 | CVE-2016-10475 | Qualcomm | Integer Overflow or Wraparound vulnerability in Qualcomm products In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile SD 210/SD 212/SD 205, SD 400, SD 430, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, and SD 820, lack input validation may lead to a integer overflow that could potentially lead to a buffer overflow. | 10.0 |
2018-04-18 | CVE-2016-10474 | Qualcomm | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Qualcomm products In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear IPQ4019, MDM9206, MDM9607, MDM9650, MSM8909W, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 808, SD 810, SD 820, SD 820A, SD 835, SD 845, and SD 850, if the buffer length passed to the RIL interface is too large, the buffer size calculation may overflow, resulting in an undersize allocation for the buffer, and subsequently buffer overwrite. | 10.0 |
2018-04-18 | CVE-2016-10473 | Qualcomm | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Qualcomm products In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9607, MDM9650, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 600, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 835, and SDX20, in a supplementary services function, a buffer overflow can occur. | 10.0 |
2018-04-18 | CVE-2016-10472 | Qualcomm | Improper Access Control vulnerability in Qualcomm products In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9607, MDM9650, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 600, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 835, and SDX20, address and size passed to SCM command 'TZ_INFO_GET_SECURE_STATE_LEGACY_ID' from HLOS Kernel were not being checked, so access outside DDR would occur. | 10.0 |
2018-04-18 | CVE-2016-10471 | Qualcomm | Unspecified vulnerability in Qualcomm products In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile and Snapdragon Mobile SD 425, SD 430, SD 450, SD 625, SD 650/52, SD 820, and SD 820A, an unsigned RTIC health report susceptible to tampering by malware executing in the context of the HLOS may be requested. | 10.0 |
2018-04-18 | CVE-2016-10467 | Qualcomm | Key Management Errors vulnerability in Qualcomm products In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile and Snapdragon Mobile SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 615/16/SD 415, SD 617, SD 650/52, SD 800, SD 808, SD 820, and SD 820A, function ce_pkcs1_pss_padding_verify_auto_recover_saltlen assumes that the size of the encoded message is equal to the size of the RSA modulus. | 10.0 |
2018-04-18 | CVE-2016-10466 | Qualcomm | 7PK - Errors vulnerability in Qualcomm products In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9607, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 835, SD 845, SD 850, and SDX20, during SSL handshake, if RNG function (crypto API) returns error, SSL uses hard-coded random value. | 10.0 |
2018-04-18 | CVE-2016-10462 | Qualcomm | Improper Access Control vulnerability in Qualcomm products In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile and Snapdragon Mobile SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 450, SD 615/16/SD 415, SD 625, SD 650/52, SD 808, SD 810, SD 820, SD 820A, SD 835, SDM630, SDM636, SDM660, and Snapdragon_High_Med_2016, the Access Control policy for HLOS allows access to Slimbus, GPU, GIC resources. | 10.0 |
2018-04-18 | CVE-2016-10461 | Qualcomm | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Qualcomm products In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile MDM9650, SD 650/52, SD 808, SD 810, SD 820, and SDX20, lack of proper bounds checking may lead to a buffer overread. | 10.0 |
2018-04-18 | CVE-2016-10460 | Qualcomm | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Qualcomm SD 835 Firmware, SD 845 Firmware and SD 850 Firmware In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile SD 835, SD 845, and SD 850, vendor specific opcodes may not have any packet length validation leading to buffer over-reads. | 10.0 |
2018-04-18 | CVE-2016-10458 | Qualcomm | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Qualcomm products In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 808, SD 810, SD 820, SD 835, SD 845, SDM630, SDM636, SDM660, SDX20, and Snapdragon_High_Med_2016, the 'proper' solution for this will be to ensure that any users of qsee_log in the bootchain (before Linux boots) unallocate their buffers and clear the qsee_log pointer. | 10.0 |
2018-04-18 | CVE-2016-10457 | Qualcomm | Permissions, Privileges, and Access Controls vulnerability in Qualcomm products In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9607, MDM9650, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 835, and SDX20, app is requesting more permissions than required. | 10.0 |
2018-04-18 | CVE-2016-10454 | Qualcomm | Improper Validation of Array Index vulnerability in Qualcomm products In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile SD 425, SD 430, SD 450, and SD 625, in a QTEE API function, an array out-of-bounds index can occur. | 10.0 |
2018-04-18 | CVE-2016-10452 | Qualcomm | Improper Input Validation vulnerability in Qualcomm products In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile and Snapdragon Mobile SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 808, SD 810, SD 820, SD 820A, and SD 835, memory protection assertion happens after invoking TA termination out of order. | 10.0 |
2018-04-18 | CVE-2016-10450 | Qualcomm | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Qualcomm products In Android before 2018-04-05 or earlier security patch level on Qualcomm Small Cell SoC, Snapdragon Mobile, and Snapdragon Wear FSM9055, MDM9206, MDM9607, MDM9635M, MDM9640, MDM9650, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 835, and SDX20, potential stack-based buffer overflow exist in thermal service leading to root compromise. | 10.0 |
2018-04-18 | CVE-2016-10449 | Qualcomm | NULL Pointer Dereference vulnerability in Qualcomm products In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9607, MDM9640, MDM9650, MSM8909W, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 625, SD 650/52, SD 800, SD 810, SD 820, and SD 835, in a GNSS API function, a NULL pointer dereference can occur. | 10.0 |
2018-04-18 | CVE-2016-10445 | Qualcomm | Improper Input Validation vulnerability in Qualcomm products In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile and Snapdragon Mobile SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 450, SD 615/16/SD 415, SD 625, SD 820, SD 820A, SD 835, SD 845, SD 850, SDM630, SDM636, SDM660, and Snapdragon_High_Med_2016, input is not properly validated in a QTEE API function. | 10.0 |
2018-04-18 | CVE-2016-10444 | Qualcomm | Improper Access Control vulnerability in Qualcomm products In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear MDM9206, SD 210/SD 212/SD 205, SD 425, SD 430, SD 450, SD 625, SD 820, SD 820A, and SD 835, SMMU Access Control Policy was updated to block HLOS from accessing BLSP and BAM resources. | 10.0 |
2018-04-18 | CVE-2016-10442 | Qualcomm | Improper Access Control vulnerability in Qualcomm products In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile MDM9640, SDM630, MSM8976, MSM8937, SDM845, MSM8976, and MSM8952, when running module or kernel code with improper access control allowing writing to arbitrary regions of memory, the user may utilize this vector to alter module executable code. | 10.0 |
2018-04-18 | CVE-2016-10441 | Qualcomm | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Qualcomm products In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9607, MDM9650, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 600, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 835, and SDX20, improper offset validation leads to buffer overflow in video parser. | 10.0 |
2018-04-18 | CVE-2016-10440 | Qualcomm | Improper Access Control vulnerability in Qualcomm products In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile SD 425, SD 430, SD 450, SD 625, and SD 650/52, there is improper access control to a bus. | 10.0 |
2018-04-18 | CVE-2016-10436 | Qualcomm | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Qualcomm products In Android before 2018-04-05 or earlier security patch level on Qualcomm Small Cell SoC, Snapdragon Mobile, and Snapdragon Wear FSM9055, IPQ4019, IPQ8064, MDM9206, MDM9607, MDM9635M, MDM9640, MDM9650, MSM8909W, QCA4531, QCA9980, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 808, SD 810, SD 820, SD 835, and SDX20, improper input validation infuse read request leads to memory corruption. | 10.0 |
2018-04-18 | CVE-2016-10431 | Qualcomm | Improper Input Validation vulnerability in Qualcomm products In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear MDM9206, MDM9650, SD 210/SD 212/SD 205, SD 425, SD 430, SD 450, SD 625, SD 650/52, SD 820, SD 820A, SD 835, SD 845, and SD 850, TZ applications are not properly validated. | 10.0 |
2018-04-18 | CVE-2016-10426 | Qualcomm | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Qualcomm products In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile and Snapdragon Mobile SD 410/12, SD 425, SD 430, SD 450, SD 617, SD 625, SD 650/52, SD 810, SD 820, and SD 820A, a buffer overflow can occur in SafeSwitch. | 10.0 |
2018-04-18 | CVE-2016-10425 | Qualcomm | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Qualcomm products In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear MDM9206, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 820A, and SD 835, if GPT listener response is passed a large buffer offset, a buffer overflow occurs. | 10.0 |
2018-04-18 | CVE-2016-10424 | Qualcomm | Unspecified vulnerability in Qualcomm products In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear MDM9206, MDM9650, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 820, SD 820A, SD 835, SD 845, and SD 850, upgrading LibPNG from 1.6.12 to 1.6.21 fixes multiple issues with different CWEs. | 10.0 |
2018-04-18 | CVE-2016-10421 | Qualcomm | Key Management Errors vulnerability in Qualcomm products In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 835, SD 845, SD 850, and SDX20, key material is not always cleared properly. | 10.0 |
2018-04-18 | CVE-2016-10419 | Qualcomm | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Qualcomm products In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile MDM9640, MDM9645, MDM9650, MDM9655, SD 450, SD 625, SD 650/52, SD 820, SD 835, SD 845, SD 850, and SDX20, when initializing scheduler object service request, an out of bounds access could occur due to uninitialized object number. | 10.0 |
2018-04-18 | CVE-2016-10414 | Qualcomm | 7PK - Errors vulnerability in Qualcomm products In Android before 2018-04-05 or earlier security patch level on Qualcomm Small Cell SoC, Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear FSM9055, IPQ4019, MDM9206, MDM9607, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 820A, SD 835, SD 845, SD 850, and SDX20, when a hash is passed with zero datalength, the code returns an error, even though zero data length is valid. | 10.0 |
2018-04-18 | CVE-2016-10410 | Qualcomm | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Qualcomm products In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 835, SD 845, SD 850, and SDX20, buffer overflow vulnerability in RTP during Volte call. | 10.0 |
2018-04-18 | CVE-2016-10407 | Qualcomm | Integer Overflow or Wraparound vulnerability in Qualcomm products In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, and SD 835, an integer overflow leading to buffer overflow can occur during a VT call. | 10.0 |
2018-04-18 | CVE-2015-9224 | Qualcomm | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Qualcomm products In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear, and Small Cell SoC FSM9055, MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 600, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 820A, SD 835, SD 845, SD 850, and SDX20, lack of input Validation in QURTK_write() can cause potential buffer overflow. | 10.0 |
2018-04-18 | CVE-2015-9223 | Qualcomm | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Qualcomm products In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile MDM9615, MDM9625, MDM9635M, SD 400, SD 600, and SD 800, a buffer overflow can occur when processing an audio buffer. | 10.0 |
2018-04-18 | CVE-2015-9221 | Qualcomm | NULL Pointer Dereference vulnerability in Qualcomm SD 400 Firmware, SD 800 Firmware and SD 810 Firmware In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile SD 400, SD 800, and SD 810, lack of validation of pointers passed by secure apps could lead to an untrusted pointer dereference. | 10.0 |
2018-04-18 | CVE-2015-9220 | Qualcomm | Integer Overflow or Wraparound vulnerability in Qualcomm products In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear IPQ4019, IPQ8064, MDM9206, MDM9607, MDM9640, MDM9650, QCA4531, QCA6174A, QCA6574AU, QCA6584, QCA6584AU, QCA9377, QCA9378, QCA9379, QCA9558, QCA9880, QCA9886, QCA9980, SD 210/SD 212/SD 205, SD 425, SD 625, SD 810, SD 820, and SDX20, integer overflow occurs when the size of the firmware section is incorrectly encoded in the firmware image. | 10.0 |
2018-04-18 | CVE-2015-9219 | Qualcomm | Integer Overflow or Wraparound vulnerability in Qualcomm SD 400 Firmware and SD 800 Firmware In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile SD 400 and SD 800, an integer overflow to buffer overflow can occur in a DRM API. | 10.0 |
2018-04-18 | CVE-2015-9216 | Qualcomm | Unspecified vulnerability in Qualcomm products In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9607, MDM9625, MDM9635M, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 625, SD 650/52, SD 808, and SD 810, improper handling of simultaneous interrupt in USB module during USB RESET and EP COMPLETE. | 10.0 |
2018-04-18 | CVE-2015-9215 | Qualcomm | NULL Pointer Dereference vulnerability in Qualcomm products In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile MDM9615, MDM9625, MDM9635M, and SD 810, improper input validation can cause a null pointer dereference in USB bootloader find_ep() function. | 10.0 |
2018-04-18 | CVE-2015-9212 | Qualcomm | Improper Input Validation vulnerability in Qualcomm products In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, and SD 800, lack of input validation while processing TZ_PR_CMD_SAVE_KEY command could lead to a buffer overread. | 10.0 |
2018-04-18 | CVE-2015-9211 | Qualcomm | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Qualcomm products In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear MDM9206, MDM9650, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 820A, SD 835, SD 845, and SD 850, while provising the Playready module, a buffer overread may occur if the message passed is large. | 10.0 |
2018-04-18 | CVE-2015-9210 | Qualcomm | Improper Input Validation vulnerability in Qualcomm products In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear MDM9206, MDM9650, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 820A, SD 835, SD 845, and SD 850, lack of input validation in playready_licacq_process_response() can lead to memory over read. | 10.0 |
2018-04-18 | CVE-2015-9209 | Qualcomm | Improper Access Control vulnerability in Qualcomm products In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 600, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 835, SD 845, SD 850, and SDX20, there is improper access control in a file storage API. | 10.0 |
2018-04-18 | CVE-2015-9208 | Qualcomm | Improper Input Validation vulnerability in Qualcomm products In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear IPQ4019, MDM9206, MDM9607, MDM9635M, MDM9640, MDM9645, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 615/16/SD 415, SD 800, and SD 810, the function tzbsp_pil_verify_sig() does not strictly check that the pointer to ELF and program headers and hash segment is within secure memory. | 10.0 |
2018-04-18 | CVE-2015-9207 | Qualcomm | Improper Input Validation vulnerability in Qualcomm products In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 615/16/SD 415, SD 617, SD 650/52, SD 800, SD 808, and SD 810, lack of input validation in playready_getadditional_responsedata could lead to a buffer overread. | 10.0 |
2018-04-18 | CVE-2015-9206 | Qualcomm | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Qualcomm products In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 615/16/SD 415, SD 617, SD 650/52, SD 808, and SD 810, during XML encoding of a message in the Playready module, a buffer overread may occur if the message passed is large. | 10.0 |
2018-04-18 | CVE-2015-9205 | Qualcomm | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Qualcomm products In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MSM8909W, SD 210/SD 212/SD 205, SD 410/12, SD 615/16/SD 415, SD 808, and SD 810, in a PlayReady API function, a buffer over-read can occur. | 10.0 |
2018-04-18 | CVE-2015-9204 | Qualcomm | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Qualcomm products In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MSM8909W, SD 210/SD 212/SD 205, SD 410/12, SD 615/16/SD 415, SD 808, and SD 810, if cchFriendlyName is greater than TZ_PR_MAX_NAME_LEN in function playready_leavedomain_generate_challenge(), a buffer overread occurs. | 10.0 |
2018-04-18 | CVE-2015-9203 | Qualcomm | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Qualcomm products In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear MDM9206, MDM9650, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 820A, SD 835, SD 845, and SD 850, lack of input validation in playready_set_domainid could lead to a buffer overread. | 10.0 |
2018-04-18 | CVE-2015-9202 | Qualcomm | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Qualcomm products In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear MDM9206, MDM9650, MSM8909W, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 808, SD 810, SD 820, SD 820A, SD 835, SD 845, and SD 850, while processing the content headers in the Playready module, a buffer overread may occur if the header count exceeds the expected value. | 10.0 |
2018-04-18 | CVE-2015-9201 | Qualcomm | Integer Overflow or Wraparound vulnerability in Qualcomm products In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear IPQ4019, MDM9206, MDM9607, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 600, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 820A, SD 835, and SDX20, integer overflow in tzbsp can lead to privilege escalation. | 10.0 |
2018-04-18 | CVE-2015-9200 | Qualcomm | NULL Pointer Dereference vulnerability in Qualcomm products In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9650, SD 210/SD 212/SD 205, SD 425, SD 430, SD 450, SD 625, SD 650/52, and SD 835, in some TrustZone API functions, untrusted pointers can be dereferenced. | 10.0 |
2018-04-18 | CVE-2015-9199 | Qualcomm | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Qualcomm products In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile and Snapdragon Mobile IPQ4019, MDM9625, MDM9635M, MDM9640, MDM9650, MDM9655, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 615/16/SD 415, SD 800, SD 808, SD 810, SD 820, and SD 820A, A non-secure region check is done while registering QSEE buffer address which is passed by HLOS but not while logging in the QSEE buffer, so corruption of dynamically protected secure region can occur if the non-secure buffer is changed between the time it's checked and when it's used. | 10.0 |
2018-04-18 | CVE-2015-9198 | Qualcomm | Integer Underflow (Wrap or Wraparound) vulnerability in Qualcomm products In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear IPQ4019, MDM9206, MDM9607, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 820A, SD 835, SD 845, SD 850, and SDX20, integer underflow vulnerability in function qsee_register_log_buff may lead to arbitrary writing of secure memory. | 10.0 |
2018-04-18 | CVE-2015-9197 | Qualcomm | Configuration vulnerability in Qualcomm products In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9607, MDM9635M, MDM9640, MDM9645, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 615/16/SD 415, SD 617, SD 650/52, SD 808, and SD 810, when enabling XPUs for SMEM partitions, if configuration values are out of range, memory access outside the SMEM may occur and set incorrect XPU configurations. | 10.0 |
2018-04-18 | CVE-2015-9196 | Qualcomm | Improper Input Validation vulnerability in Qualcomm products In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Small Cell SoC FSM9055, MDM9635M, SD 400, and SD 800, improper input validation in tzbsp_ocmem can cause privilege escalation. | 10.0 |
2018-04-18 | CVE-2015-9195 | Qualcomm | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Qualcomm products In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile MDM9625, MDM9635M, MDM9650, MDM9655, SD 400, SD 410/12, SD 615/16/SD 415, SD 617, SD 650/52, SD 808, SD 810, and SDX20, in a QTEE syscall handler, HLOS can cause a buffer overflow to occur. | 10.0 |
2018-04-18 | CVE-2015-9192 | Qualcomm | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Qualcomm products In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear MDM9206, MDM9650, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 820A, SD 835, SD 845, and SD 850, out of bounds memory access vulnerability may occur in the content protection manager due to improper validation of incoming messages. | 10.0 |
2018-04-18 | CVE-2015-9191 | Qualcomm | NULL Pointer Dereference vulnerability in Qualcomm products In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9607, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 617, SD 650/52, SD 808, SD 810, and SDX20, in a QTEE syscall handler, an untrusted pointer dereference can occur. | 10.0 |
2018-04-18 | CVE-2015-9190 | Qualcomm | Integer Overflow or Wraparound vulnerability in Qualcomm products In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear IPQ4019, MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 600, SD 615/16/SD 415, SD 808, and SD 810, if start_addr + size is too large in boot_clobber_check_local_address_range(), an integer overflow occurs, resulting in clobber protection check being bypassed and SBL memory corruption. | 10.0 |
2018-04-18 | CVE-2015-9188 | Qualcomm | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Qualcomm products In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear MDM9206, MDM9650, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 430, SD 450, SD 600, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 820A, SD 835, SD 845, and SD 850, in Secure DEMUX command handler, when parameter validation fails, an error code is written into a response buffer without checking that response buffer length, passed from HLOS, which may result in memory corruption. | 10.0 |
2018-04-18 | CVE-2015-9187 | Qualcomm | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Qualcomm products In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear MDM9206, MDM9650, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 820A, SD 835, SD 845, and SD 850, lack of buffer length validation in pvr_cmd_handler leads to unauthorized access to secure memory. | 10.0 |
2018-04-18 | CVE-2015-9186 | Qualcomm | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Qualcomm products In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear MDM9206, MDM9650, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 820A, SD 835, SD 845, and SD 850, in a PlayReady API function, a buffer over-read can occur. | 10.0 |
2018-04-18 | CVE-2015-9185 | Qualcomm | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Qualcomm products In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear MDM9206, MDM9650, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 430, SD 450, SD 600, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 820A, SD 835, SD 845, and SD 850, in multiple Secure DEMUX functions (e.g., SDMX_open_session, SDMX_close_session, SDMX_set_session_cfg), when parameter validation fails, an error code is written into a response buffer, without checking that response buffer length (rsplen) passed from HLOS is large enough to hold the response. | 10.0 |
2018-04-18 | CVE-2015-9184 | Qualcomm | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Qualcomm products In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 820A, and SD 835, lack of length checking in wv_dash_core_load_keys_v8() could lead to a buffer overflow vulnerability. | 10.0 |
2018-04-18 | CVE-2015-9183 | Qualcomm | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Qualcomm products In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile SD 410/12, SD 617, SD 650/52, SD 800, SD 808, and SD 810, in TQS QSEE application, while parsing "Set Certificates" command an integer overflow may result in buffer overflow. | 10.0 |
2018-04-18 | CVE-2015-9182 | Qualcomm | Improper Input Validation vulnerability in Qualcomm products In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear MDM9206, MDM9650, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 820A, SD 835, SD 845, and SD 850, lack of input validation in OEMCrypto_GenerateSignature() can cause buffer over read. | 10.0 |
2018-04-18 | CVE-2015-9181 | Qualcomm | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Qualcomm products In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 820A, and SD 835, in a crypto API function, a buffer over-read can occur. | 10.0 |
2018-04-18 | CVE-2015-9180 | Qualcomm | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Qualcomm products In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear MDM9206, MDM9650, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 430, SD 450, SD 600, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 820A, SD 835, SD 845, and SD 850, the response pointer passed from user space to SDMX_process is not checked before it is used. | 10.0 |
2018-04-18 | CVE-2015-9179 | Qualcomm | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Qualcomm Msm8974 Firmware In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile MSM8974, lack of length checking in OEMCrypto_DeriveKeysFromSessionKey() could lead to a buffer overflow vulnerability. | 10.0 |
2018-04-18 | CVE-2015-9178 | Qualcomm | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Qualcomm products In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear MDM9206, MDM9650, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 820A, SD 835, SD 845, and SD 850, while processing the rmp secure command, memory corruption may result if the response buffer is smaller than the expected size. | 10.0 |
2018-04-18 | CVE-2015-9177 | Qualcomm | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Qualcomm products In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear MDM9206, MDM9650, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 820A, SD 835, SD 845, and SD 850, in a crypto API function, a buffer over-read can occur. | 10.0 |
2018-04-18 | CVE-2015-9175 | Qualcomm | NULL Pointer Dereference vulnerability in Qualcomm products In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear MDM9206, MDM9650, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 820A, SD 835, SD 845, and SD 850, lack of input validation could lead to an untrusted pointer dereference in wv_dash_core_generic_verify(). | 10.0 |
2018-04-18 | CVE-2015-9174 | Qualcomm | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Qualcomm products In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile SD 410/12, SD 617, SD 650/52, SD 800, SD 808, and SD 810, lack of validation of the return value prior to using for buffer allocation in QSEE application, TQS, may result in memory overwrite. | 10.0 |
2018-04-18 | CVE-2015-9173 | Qualcomm | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Qualcomm products In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile SD 410/12, SD 617, SD 650/52, SD 800, SD 808, and SD 810, missing of return value check in memscpy can cause memory corruption in TQS App. | 10.0 |
2018-04-18 | CVE-2015-9172 | Qualcomm | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Qualcomm products In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear MDM9206, MDM9650, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 820A, SD 835, SD 845, and SD 850, in a WideVine API function, a buffer over-read can occur. | 10.0 |
2018-04-18 | CVE-2015-9171 | Qualcomm | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Qualcomm products In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear MDM9206, MDM9650, MSM8909W, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 808, SD 810, SD 820, SD 820A, SD 835, SD 845, and SD 850, if OEMCrypto_Dash_InstallEncapKeybox() is called with keyBoxLength set to a value higher than TZ_WV_MAX_DATA_LEN (20k), a buffer over-read occurs. | 10.0 |
2018-04-18 | CVE-2015-9170 | Qualcomm | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Qualcomm products In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear MDM9206, MDM9650, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 820A, SD 835, SD 845, and SD 850, incorrect offset check in wv_dash_core_refresh_keys() may lead to a buffer overread. | 10.0 |
2018-04-18 | CVE-2015-9167 | Qualcomm | Integer Underflow (Wrap or Wraparound) vulnerability in Qualcomm products In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile and Snapdragon Mobile SD 410/12, SD 425, SD 430, SD 450, SD 600, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, and SD 820A, in an EMM command, an integer underflow can occur. | 10.0 |
2018-04-18 | CVE-2015-9165 | Qualcomm | Double Free vulnerability in Qualcomm products In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear IPQ4019, MDM9206, MDM9607, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 615/16/SD 415, SD 617, SD 650/52, SD 808, and SD 810, incorrect error handling could lead to a double free in QTEE file service API. | 10.0 |
2018-04-18 | CVE-2015-9164 | Qualcomm | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Qualcomm products In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, and SD 820A, a buffer overread in Playready may occur due to lack of input validation of the buffer size provided by HLOS. | 10.0 |
2018-04-18 | CVE-2015-9162 | Qualcomm | NULL Pointer Dereference vulnerability in Qualcomm products In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile SD 410/12, SD 617, SD 650/52, SD 800, SD 808, and SD 810, in the function "Certificate_CreateWithBuffer" in the QSEE app TQS, in case of memory allocation failure, we free the memory and return the pointer without setting it to NULL. | 10.0 |
2018-04-18 | CVE-2015-9161 | Qualcomm | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Qualcomm products In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 615/16/SD 415, SD 617, SD 650/52, SD 800, SD 808, and SD 810, TOCTOU condition could lead to a buffer overflow in function playready_reader_bind(). | 10.0 |
2018-04-18 | CVE-2015-9160 | Qualcomm | Integer Overflow or Wraparound vulnerability in Qualcomm products In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear MDM9206, MDM9607, MDM9635M, MDM9650, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 820A, SD 835, SD 845, and SD 850, integer overflow may occur when values passed from HLOS (graphics driver busy time, and total time) in TZBSP_GFX_DCVS_UPDATE_ID are very large. | 10.0 |
2018-04-18 | CVE-2015-9159 | Qualcomm | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Qualcomm products In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear MDM9206, MDM9650, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 820A, SD 835, SD 845, and SD 850, lack of input validation OEMCrypto_GetRandom can cause potential buffer overflow. | 10.0 |
2018-04-18 | CVE-2015-9158 | Qualcomm | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Qualcomm products In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear MDM9206, MDM9650, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 820A, SD 835, SD 845, and SD 850, in a QTEE crypto function, a buffer overflow can occur. | 10.0 |
2018-04-18 | CVE-2015-9157 | Qualcomm | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Qualcomm products In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear IPQ4019, MDM9206, MDM9607, MDM9625, MDM9635M, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 600, SD 615/16/SD 415, SD 617, SD 650/52, SD 800, SD 808, and SD 810, in widevine_dash_cmd_handler(), rsp buffers are passed off to widevine commands. | 10.0 |
2018-04-18 | CVE-2015-9156 | Qualcomm | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Qualcomm products In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9607, MDM9635M, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 615/16/SD 415, SD 617, SD 800, SD 808, and SD 810, when making a high speed Dual Carrier Downlink Data call in a multicell environment, a buffer overflow may occur. | 10.0 |
2018-04-18 | CVE-2015-9153 | Qualcomm | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Qualcomm products In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear IPQ4019, MDM9206, MDM9607, MDM9650, MSM8909W, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 808, SD 810, SD 820, SD 820A, SD 835, SD 845, and SD 850, in a DRM function, a buffer over-read can occur. | 10.0 |
2018-04-18 | CVE-2015-9152 | Qualcomm | Improper Access Control vulnerability in Qualcomm products In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile and Snapdragon Mobile IPQ4019, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 450, SD 615/16/SD 415, SD 625, SD 800, SD 810, SD 820, SD 820A, SD 835, and Snapdragon_High_Med_2016, modem owned regions are accessible from secure side. | 10.0 |
2018-04-18 | CVE-2015-9151 | Qualcomm | Improper Input Validation vulnerability in Qualcomm products In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile MDM9625, MDM9635M, SD 400, and SD 800, userspace-provided pointer arguments are not validated. | 10.0 |
2018-04-18 | CVE-2015-9150 | Qualcomm | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Qualcomm products In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile MDM9625, MDM9635M, SD 400, and SD 800, while computing the length of memory allocated for a Diag event, if the buffer length is very small or greater than the maximum, an integer overflow may occur, which later results in a buffer overflow. | 10.0 |
2018-04-18 | CVE-2015-9149 | Qualcomm | NULL Pointer Dereference vulnerability in Qualcomm products In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear MDM9206, MDM9650, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 820A, SD 835, SD 845, and SD 850, in a DIAG ioctl handler, an untrusted pointer dereference can occur. | 10.0 |
2018-04-18 | CVE-2015-9148 | Qualcomm | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Qualcomm products In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile and Snapdragon Mobile MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, SD 400, SD 425, SD 430, SD 450, SD 600, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 820A, SD 835, SD 845, SD 850, and SDX20, in the Diag User-PD command registration function, a length variable used during buffer allocation is not checked, so if it is very large, an integer overflow followed by a buffer overflow occurs. | 10.0 |
2018-04-18 | CVE-2015-9147 | Qualcomm | Improper Input Validation vulnerability in Qualcomm products In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile MDM9625, MDM9635M, SD 400, and SD 800, userspace-provided pointer arguments are not validated. | 10.0 |
2018-04-18 | CVE-2015-9146 | Qualcomm | Improper Input Validation vulnerability in Qualcomm products In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile MDM9625, MDM9635M, MDM9645, MDM9650, MDM9655, SD 400, SD 800, SD 835, SD 845, SD 850, and SDX20, when QDI read, write, or ioctl are called, the passed-in pointer is not properly validated before accessing it for the delayed response. | 10.0 |
2018-04-18 | CVE-2015-9145 | Qualcomm | NULL Pointer Dereference vulnerability in Qualcomm products In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear MDM9206, MDM9607, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 425, SD 430, SD 450, SD 617, SD 625, SD 650/52, SD 808, SD 810, SD 820, SD 820A, SD 835, SD 845, SD 850, and SDX20, lack of input validation in NPA driver functions leads to null pointer dereference. | 10.0 |
2018-04-18 | CVE-2015-9144 | Qualcomm | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Qualcomm products In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 835, SD 845, SD 850, and SDX20, while processing scheduling message information, a buffer overflow can occur. | 10.0 |
2018-04-18 | CVE-2015-9143 | Qualcomm | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Qualcomm products In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear IPQ4019, MDM9206, MDM9607, MDM9615, MDM9625, MDM9640, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 600, SD 615/16/SD 415, and SDX20, when reading CDT from eMMC with a very large meta offset (>size of default CDT-array compiled in bootloader) for one of the CDBs, a buffer overflow occurs. | 10.0 |
2018-04-18 | CVE-2015-9142 | Qualcomm | Range Error vulnerability in Qualcomm products In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile MDM9645, MDM9650, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 450, SD 615/16/SD 415, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SDM630, SDM636, SDM660, and Snapdragon_High_Med_2016, bounds check is missing for vtable index in DAL-TO-QDI conversion framework. | 10.0 |
2018-04-18 | CVE-2015-9141 | Qualcomm | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Qualcomm products In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9607, MDM9635M, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 615/16/SD 415, SD 617, SD 800, SD 808, and SD 810, in HHO scenarios, during the ACQ procedure, there are possible instances where the search database is incorrectly updated resulting in memory corruption due to buffer overflow. | 10.0 |
2018-04-18 | CVE-2015-9139 | Qualcomm | Improper Input Validation vulnerability in Qualcomm products In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 615/16/SD 415, SD 617, SD 650/52, SD 800, SD 808, SD 810, and SD 820, improper input validation can occur while negotiating an SSL handshake. | 10.0 |
2018-04-18 | CVE-2015-9138 | Qualcomm | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Qualcomm products In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear, and Small Cell SoC FSM9055, IPQ4019, MDM9206, MDM9607, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 600, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 820A, SD 835, SD 845, SD 850, and SDX20, when an RSA encryption operation is called, the ce_util_to_unsigned_bin is invoked to convert the input buffer to unsigned binary. | 10.0 |
2018-04-18 | CVE-2015-9136 | Qualcomm | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Qualcomm products In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9607, MDM9640, MDM9650, SD 210/SD 212/SD 205, SD 425, SD 430, SD 450, SD 600, SD 625, SD 650/52, SD 808, SD 810, SD 820, SD 835, and SDX20, in pre-auth request, Host driver uses FT IEs sent by the supplicant. | 10.0 |
2018-04-18 | CVE-2015-9135 | Qualcomm | NULL Pointer Dereference vulnerability in Qualcomm products In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9625, MDM9635M, MDM9640, MDM9645, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 615/16/SD 415, SD 617, SD 650/52, SD 800, SD 808, and SD 810, in a QTEE syscall handler, an untrusted pointer dereference can occur. | 10.0 |
2018-04-18 | CVE-2015-9133 | Qualcomm | Integer Overflow or Wraparound vulnerability in Qualcomm products In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile SD 400, SD 410/12, SD 617, SD 650/52, SD 800, and SD 810, if Widevine App TZ_WV_CMD_DECRYPT_VIDEO is called with a size too large, an integer overflow may occur. | 10.0 |
2018-04-18 | CVE-2015-9130 | Qualcomm | NULL Pointer Dereference vulnerability in Qualcomm products In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 615/16/SD 415, SD 617, SD 650/52, SD 808, and SD 810, in a PlayReady function, a NULL pointer dereference can occur. | 10.0 |
2018-04-18 | CVE-2015-9129 | Qualcomm | Integer Underflow (Wrap or Wraparound) vulnerability in Qualcomm products In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear MDM9206, MDM9650, MSM8909W, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 808, SD 810, SD 820, SD 820A, SD 835, SD 845, and SD 850, if the size parameter passed to TZ_PR_CMD_CONTENT_SET_PROP is small, an integer underflow occurs. | 10.0 |
2018-04-18 | CVE-2015-9128 | Qualcomm | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Qualcomm products In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear MDM9206, MDM9650, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 820A, and SD 835, lack of validation of the buffer size could lead to a buffer overread. | 10.0 |
2018-04-18 | CVE-2015-9127 | Qualcomm | NULL Pointer Dereference vulnerability in Qualcomm products In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 615/16/SD 415, and SD 810, possible null pointer dereference occurs due to failure of memory allocation when a large value is passed for buffer allocation in the Playready App. | 10.0 |
2018-04-18 | CVE-2015-9126 | Qualcomm | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Qualcomm products In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9607, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 425, SD 430, SD 450, SD 617, SD 625, SD 650/52, SD 808, SD 810, SD 820, SD 835, SD 845, SD 850, and SDX20, possible buffer overflow when processing 1X circuit service message. | 10.0 |
2018-04-18 | CVE-2015-9122 | Qualcomm | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Qualcomm products In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9607, MDM9635M, MDM9640, MDM9645, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, and SD 835, possible buffer overflow if SIM card sends a response greater than 64KB of data for stream APDU command. | 10.0 |
2018-04-18 | CVE-2015-9120 | Qualcomm | 7PK - Errors vulnerability in Qualcomm products In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear IPQ4019, MDM9206, MDM9607, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 600, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 820A, and SD 835, detection of Error Condition Without Action in Core. | 10.0 |
2018-04-18 | CVE-2015-9118 | Qualcomm | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Qualcomm products In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile MDM9615, MDM9625, MDM9635M, SD 400, SD 410/12, SD 615/16/SD 415, SD 800, SD 808, and SD 810, in ADSP's QDI Root-PD driver, untrusted arguments from User PD may cause integer overflow resulting in buffer overflow. | 10.0 |
2018-04-18 | CVE-2015-9116 | Qualcomm | Improper Input Validation vulnerability in Qualcomm products In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile and Snapdragon Mobile MDM9625, SD 425, SD 430, SD 450, SD 625, SD 650/52, SD 810, SD 820, and SD 820A, in a QTEE syscall handler, an untrusted pointer dereference can occur. | 10.0 |
2018-04-18 | CVE-2015-9115 | Qualcomm | Improper Input Validation vulnerability in Qualcomm products In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile and Snapdragon Mobile MDM9625, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 820, and SD 820A, no address argument validation is performed on calls to the qsee_prng_getdata syscall. | 10.0 |
2018-04-18 | CVE-2015-9114 | Qualcomm | NULL Pointer Dereference vulnerability in Qualcomm products In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile and Snapdragon Mobile SD 425, SD 430, SD 450, SD 625, SD 650/52, SD 820, and SD 820A, lack of address argument validation in qsee_query_counter syscall could lead to untrusted pointer dereference. | 10.0 |
2018-04-18 | CVE-2015-9113 | Qualcomm | NULL Pointer Dereference vulnerability in Qualcomm products In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile and Snapdragon Mobile MDM9625, SD 425, SD 430, SD 450, SD 625, SD 650/52, SD 810, SD 820, and SD 820A, untrusted pointer dereference in QSEE Syscall without proper validation can lead to access of blacklisted memory. | 10.0 |
2018-04-18 | CVE-2015-9112 | Qualcomm | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Qualcomm products In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile and Snapdragon Mobile MDM9625, SD 400, SD 800, SD 820, and SD 820A, lack of input validation in QSEE can cause potential buffer overflow. | 10.0 |
2018-04-18 | CVE-2015-9111 | Qualcomm | NULL Pointer Dereference vulnerability in Qualcomm products In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile and Snapdragon Mobile MDM9625, SD 425, SD 430, SD 450, SD 625, SD 650/52, SD 820, and SD 820A, in a QTEE syscall handler, an untrusted pointer dereference can occur. | 10.0 |
2018-04-18 | CVE-2015-9110 | Qualcomm | Improper Input Validation vulnerability in Qualcomm products In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile and Snapdragon Mobile SD 425, SD 430, SD 450, SD 625, SD 650/52, SD 820, and SD 820A, no address argument validation is performed on calls to the qsee_get_secure_state syscall. | 10.0 |
2018-04-18 | CVE-2015-9109 | Qualcomm | NULL Pointer Dereference vulnerability in Qualcomm products In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile and Snapdragon Mobile MDM9625, SD 425, SD 430, SD 450, SD 625, SD 650/52, SD 820, and SD 820A, lack of address argument validation inqsee_fuse_write could lead to untrusted pointer dereference. | 10.0 |
2018-04-18 | CVE-2015-9108 | Qualcomm | Improper Input Validation vulnerability in Qualcomm products In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile and Snapdragon Mobile MDM9625, SD 425, SD 430, SD 450, SD 625, SD 650/52, SD 820, and SD 820A, no address argument validation performed on calls to a QSEE syscall may lead to arbitrary read/write or NULL Pointer exception when calling a downstream function. | 10.0 |
2018-04-18 | CVE-2014-9998 | Qualcomm | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Qualcomm products In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear IPQ4019, IPQ8064, MDM9206, MDM9607, MDM9635M, MDM9640, MDM9650, QCA4531, QCA6174A, QCA6574AU, QCA6584, QCA6584AU, QCA9377, QCA9378, QCA9379, QCA9558, QCA9880, QCA9886, QCA9980, SD 210/SD 212/SD 205, SD 425, SD 625, SD 808, SD 810, SD 820, and SDX20, while processing firmware image signature, the internal buffer may overflow if the firmware signature size is large. | 10.0 |
2018-04-18 | CVE-2014-9997 | Qualcomm | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Qualcomm products In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9625, MDM9635M, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 615/16/SD 415, SD 450, SD 625, SD 650/52, SD 808, and SD 810, lack of input validation in PRDiagMaintenanceHandler can leads to buffer over read. | 10.0 |
2018-04-18 | CVE-2014-9996 | Qualcomm | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Qualcomm SD 400 Firmware and SD 800 Firmware In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile SD 400 and SD 800, while verifying provisioning, a buffer overflow can occur. | 10.0 |
2018-04-18 | CVE-2014-9995 | Qualcomm | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Qualcomm SD 400 Firmware and SD 800 Firmware In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile SD 400 and SD 800, in drmprov_cmd_verify_key(), the variable feature_name_length is not validated. | 10.0 |
2018-04-18 | CVE-2014-9994 | Qualcomm | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Qualcomm SD 400 Firmware and SD 800 Firmware In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile SD 400 and SD 800, lack of validation of input could cause a integer overflow that could subsequently lead to a buffer overflow. | 10.0 |
2018-04-18 | CVE-2014-9993 | Qualcomm | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Qualcomm products In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear MDM9206, MDM9607, MDM9650, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 820A, SD 835, SD 845, SD 450, and SD 850, buffer overread vulnerability may occur while provisioning a content with a large message. | 10.0 |
2018-04-18 | CVE-2014-9991 | Qualcomm | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Qualcomm products In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9625, MDM9635M, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 615/16/SD 415, SD 625, SD 650/52, SD 808, SD 810, and SD 450, if a client or host sends more than 16k bytes of USB mass storage transfer, a buffer overflow occurs. | 10.0 |
2018-04-18 | CVE-2014-9990 | Qualcomm | Improper Validation of Array Index vulnerability in Qualcomm products In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MSM8909W, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 430, SD 600, SD 615/16/SD 415, SD 625, SD 650/52, SD 808, SD 810, and SD 450, lack of input validation could lead to an out of bound array access. | 10.0 |
2018-04-18 | CVE-2014-9989 | Qualcomm | Improper Validation of Array Index vulnerability in Qualcomm products In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 600, SD 615/16/SD 415, SD 625, SD 650/52, SD 808, SD 810, and SD 450, if an incorrect endpoint number or direction is passed, an out of bounds array access may occur in the USB management module. | 10.0 |
2018-04-18 | CVE-2014-9988 | Qualcomm | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Qualcomm products In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear SD 820A, IPQ4019, MDM9206, MDM9607, MDM9650, MSM8909W, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 430, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 808, SD 810, SD 820, SD 835, SD 845, SD 450, and SD 850, lack of input validation for message length causes buffer over read in drm_app_encapsulate_save_keys. | 10.0 |
2018-04-18 | CVE-2014-9987 | Qualcomm | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Qualcomm products In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear MDM9206, MDM9650, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 808, SD 810, SD 820, SD 820A, SD 835, SD 845, and SD 850, a buffer over-read can occur in a DRM API. | 10.0 |
2018-04-18 | CVE-2014-9985 | Qualcomm | 7PK - Errors vulnerability in Qualcomm Mdm9635M Firmware, SD 400 Firmware and SD 800 Firmware In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile MDM9635M, SD 400, and SD 800, TOCTOU condition may result in bypassing error condition checks, leading to undefined behavior. | 10.0 |
2018-04-18 | CVE-2014-10059 | Qualcomm | Improper Access Control vulnerability in Qualcomm products In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile MDM9615, MDM9625, SD 210/SD 212/SD 205, SD 400, and SD 800, improper access control on ATCMD service allows third party services to access without user knowledge. | 10.0 |
2018-04-18 | CVE-2014-10057 | Qualcomm | Permissions, Privileges, and Access Controls vulnerability in Qualcomm products In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile MDM9615, MDM9625, MDM9635M, MDM9640, MDM9650, SD 210/SD 212/SD 205, SD 400, SD 425, SD 430, SD 435, SD 617, SD 625, and Snapdragon_High_Med_2016, binary Calibration files under data/misc/audio have 777 permissions. | 10.0 |
2018-04-18 | CVE-2014-10056 | Qualcomm | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Qualcomm SD 205 Firmware, SD 210 Firmware and SD 212 Firmware In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile SD 210/SD 212/SD 205, A buffer overflow can potentially occur in any OpenCL application that calls clBuildProgram() with a device of type CL_DEVICE_TYPE_CPU in its device_list argument. | 10.0 |
2018-04-18 | CVE-2014-10054 | Qualcomm | Permissions, Privileges, and Access Controls vulnerability in Qualcomm products In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear MDM9206, MDM9607, MDM9635M, MDM9640, MDM9650, MSM8909W, QCA6174A, QCA6574AU, QCA9377, QCA9379, SD 210/SD 212/SD 205, SD 400, SD 450, SD 410/12, SD 425, SD 430, SD 600, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, and SDX20, lack of input validation on BT HCI commands processing allows privilege escalation. | 10.0 |
2018-04-18 | CVE-2014-10053 | Qualcomm | Improper Access Control vulnerability in Qualcomm products In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear MDM9206, MDM9650, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 615/16/SD 415, SD 450, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 820A, SD 835, SD 845, and SD 850, data access is not properly validated in the Widevine secure application. | 10.0 |
2018-04-18 | CVE-2014-10052 | Qualcomm | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Qualcomm products In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile, Snapdragon Wear, and Small Cell SoC FSM9055, IPQ4019, MDM9206, MDM9607, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 600, SD 615/16/SD 415, SD 617, SD 650/52, SD 800, SD 808, SD 810, SD 835, and SDX20, the reserved memory of TZ subsystem (like TZ apps and some PIL image subsystem) is not cleared after being used. | 10.0 |
2018-04-18 | CVE-2014-10051 | Qualcomm | Improper Input Validation vulnerability in Qualcomm products In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9607, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, and SDX20, after loading a dynamically loaded code section, I-Cache is not invalidated, which could lead to executing code from stale cache lines. | 10.0 |
2018-04-18 | CVE-2014-10050 | Qualcomm | Improper Access Control vulnerability in Qualcomm products In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile MSM8996, MSM8939, MSM8976, MSM8917, SDM845, and SDM660, access control collision vulnerability when accessing the replay protected memory block. | 10.0 |
2018-04-18 | CVE-2014-10048 | Qualcomm | Improper Validation of Array Index vulnerability in Qualcomm products In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9607, MDM9650, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 600, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 835, and SDX20, while setting the offsets, time-services allows the user to set bases greater than valid base value which will lead to array index out-of-bound. | 10.0 |
2018-04-18 | CVE-2014-10046 | Qualcomm | Use After Free vulnerability in Qualcomm products In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile MDM9615, MDM9625, MDM9635M, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 615/16/SD 415, SD 800, SD 808, and SD 810, use after free vulnerability when the PDN throttle info block is freed without clearing the corresponding active timer. | 10.0 |
2018-04-18 | CVE-2014-10045 | Qualcomm | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Qualcomm products In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear IPQ4019, MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 615/16/SD 415, SD 820, and SDX20, buffer overflow vulnerability exist in Sahara boot when program header are parsing. | 10.0 |
2018-04-18 | CVE-2014-10039 | Qualcomm | Data Processing Errors vulnerability in Qualcomm Mdm9625 Firmware, SD 400 Firmware and SD 800 Firmware In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile MDM9625, SD 400, and SD 800, calling qsee_app_entry_return() without first calling qsee_app_entry() will cause the stack to be restored to an older state resulting in a return to an unexpected location. | 10.0 |
2018-04-17 | CVE-2018-10192 | Ipvanish | Unspecified vulnerability in Ipvanish 3.0.11 IPVanish 3.0.11 for macOS suffers from a root privilege escalation vulnerability. | 10.0 |
2018-04-17 | CVE-2017-9638 | Mitsubishielectric | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Mitsubishielectric E-Designer 7.52 Mitsubishi E-Designer, Version 7.52 Build 344 contains six code sections which may be exploited to overwrite the stack. | 10.0 |
2018-04-17 | CVE-2017-9636 | Mitsubishielectric | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Mitsubishielectric E-Designer 7.52 Mitsubishi E-Designer, Version 7.52 Build 344 contains five code sections which may be exploited to overwrite the heap. | 10.0 |
2018-04-17 | CVE-2017-9634 | Mitsubishielectric | Out-of-bounds Write vulnerability in Mitsubishielectric E-Designer 7.52 Mitsubishi E-Designer, Version 7.52 Build 344 contains two code sections which may be exploited to allow an attacker to overwrite arbitrary memory locations. | 10.0 |
2018-04-16 | CVE-2018-10170 | Nordvpn | Incorrect Permission Assignment for Critical Resource vulnerability in Nordvpn 6.12.7.0 NordVPN 6.12.7.0 for Windows suffers from a SYSTEM privilege escalation vulnerability through the "nordvpn-service" service. | 10.0 |
2018-04-16 | CVE-2018-10169 | Protonmail | Incorrect Permission Assignment for Critical Resource vulnerability in Protonmail Protonvpn 1.3.3 ProtonVPN 1.3.3 for Windows suffers from a SYSTEM privilege escalation vulnerability through the "ProtonVPN Service" service. | 10.0 |
2018-04-20 | CVE-2018-1290 | Apache | SQL Injection vulnerability in Apache Fineract In Apache Fineract versions 1.0.0, 0.6.0-incubating, 0.5.0-incubating, 0.4.0-incubating, Using a single quotation escape with two continuous SQL parameters can cause a SQL injection. | 9.8 |
2018-04-19 | CVE-2018-2628 | Oracle | Deserialization of Untrusted Data vulnerability in Oracle Weblogic Server Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: WLS Core Components). | 9.8 |
2018-04-18 | CVE-2018-7761 | Schneider Electric | Improper Input Validation vulnerability in Schneider-Electric products A vulnerability exists in the HTTP request parser in Schneider Electric's Modicon M340, Modicon Premium, Modicon Quantum PLC, BMXNOR0200 which could allow arbitrary code execution. | 9.8 |
2018-04-18 | CVE-2018-7760 | Schneider Electric | Improper Authentication vulnerability in Schneider-Electric products An authorization bypass vulnerability exists in Schneider Electric's Modicon M340, Modicon Premium, Modicon Quantum PLC, BMXNOR0200. | 9.8 |
2018-04-18 | CVE-2018-7242 | Schneider Electric | Inadequate Encryption Strength vulnerability in Schneider-Electric products Vulnerable hash algorithms exists in Schneider Electric's Modicon Premium, Modicon Quantum, Modicon M340, and BMXNOR0200 controllers in all versions of the communication modules. | 9.8 |
2018-04-18 | CVE-2018-7241 | Schneider Electric | Use of Hard-coded Credentials vulnerability in Schneider-Electric products Hard coded accounts exist in Schneider Electric's Modicon Premium, Modicon Quantum, Modicon M340, and BMXNOR0200 controllers in all versions of the communication modules. | 9.8 |
2018-04-16 | CVE-2018-10106 | Dlink | Information Exposure vulnerability in Dlink Dir-815 Firmware D-Link DIR-815 REV. | 9.8 |
2018-04-18 | CVE-2018-1000167 | Oisf | Deserialization of Untrusted Data vulnerability in Oisf Suricata-Update 1.0.0A1 OISF suricata-update version 1.0.0a1 contains an Insecure Deserialization vulnerability in the insecure yaml.load-Function as used in the following files: config.py:136, config.py:142, sources.py:99 and sources.py:131. | 9.3 |
2018-04-18 | CVE-2016-10439 | Qualcomm | Race Condition vulnerability in Qualcomm products In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile and Snapdragon Mobile SD 425, SD 430, SD 450, SD 625, SD 650/52, SD 820, and SD 820A, there is a TOCTOU vulnerability in the input validation for bulletin_board_read syscall. | 9.3 |
2018-04-18 | CVE-2016-10435 | Qualcomm | Race Condition vulnerability in Qualcomm products In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear MDM9206, MDM9625, MDM9635M, MDM9640, MDM9645, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 820, and SD 820A, in some QTEE syscall handlers, a TOCTOU vulnerability exists. | 9.3 |
2018-04-18 | CVE-2016-10433 | Qualcomm | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Qualcomm products In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear MDM9635M, MDM9640, MDM9645, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 820, and SD 820A, TOCTOU vulnerability during SSD image decryption may cause memory corruption. | 9.3 |
2018-04-18 | CVE-2016-10432 | Qualcomm | Race Condition vulnerability in Qualcomm products In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile and Snapdragon Mobile SD 410/12, SD 425, SD 430, SD 450, SD 617, SD 625, SD 650/52, SD 820, and SD 820A, TOCTOU vulnerabilities may occur while sanitizing userspace values passed to tQSEE system call. | 9.3 |
2018-04-18 | CVE-2016-10417 | Qualcomm | Improper Access Control vulnerability in Qualcomm products In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear IPQ4019, MDM9206, MDM9607, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 820A, and SDX20, in QTEE, a TOCTOU vulnerability exists due to improper access control. | 9.3 |
2018-04-18 | CVE-2016-10409 | Qualcomm | Race Condition vulnerability in Qualcomm products In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile and Snapdragon Mobile SD 425, SD 430, SD 450, SD 625, SD 650/52, SD 820, SD 820A, and SD 835, TOCTOU vulnerability may occur while composing the RPMB request using HLOS controlled buffers. | 9.3 |
2018-04-16 | CVE-2018-0562 | Coderium | Untrusted Search Path vulnerability in Coderium Soundengine 5.21 Untrusted search path vulnerability in Installer of SoundEngine Free ver.5.21 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. | 9.3 |
2018-04-16 | CVE-2018-0561 | Securebrain | Untrusted Search Path vulnerability in Securebrain Phishwall 3.7.15 Untrusted search path vulnerability in The installer of PhishWall Client Internet Explorer edition Ver. | 9.3 |
2018-04-20 | CVE-2018-10173 | Digitalguardian | Unrestricted Upload of File with Dangerous Type vulnerability in Digitalguardian Management Console 7.1.2.0015 Digital Guardian Management Console 7.1.2.0015 allows authenticated remote code execution because of Arbitrary File Upload functionality. | 9.0 |
2018-04-19 | CVE-2018-0238 | Cisco | Improper Authentication vulnerability in Cisco Unified Computing System Director 6.5(0.0)/6.5(0.1) A vulnerability in the role-based resource checking functionality of the Cisco Unified Computing System (UCS) Director could allow an authenticated, remote attacker to view unauthorized information for any virtual machine in the UCS Director end-user portal and perform any permitted operations on any virtual machine. | 9.0 |
2018-04-18 | CVE-2018-10204 | Purevpn | Incorrect Permission Assignment for Critical Resource vulnerability in Purevpn 6.0.1 PureVPN 6.0.1 for Windows suffers from a SYSTEM privilege escalation vulnerability in its "sevpnclient" service. | 9.0 |
2018-04-18 | CVE-2018-8736 | Nagios | Unspecified vulnerability in Nagios XI A privilege escalation vulnerability in Nagios XI 5.2.x through 5.4.x before 5.4.13 allows an attacker to leverage an RCE vulnerability escalating to root. | 9.0 |
2018-04-18 | CVE-2018-8735 | Nagios | OS Command Injection vulnerability in Nagios XI Remote command execution (RCE) vulnerability in Nagios XI 5.2.x through 5.4.x before 5.4.13 allows an attacker to execute arbitrary commands on the target system, aka OS command injection. | 9.0 |
87 High Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2018-04-22 | CVE-2018-10267 | Wtcms Project | Cross-Site Request Forgery (CSRF) vulnerability in Wtcms Project Wtcms 1.0 WTCMS 1.0 has a CSRF vulnerability to add an administrator account via the index.php?admin&m=user&a=add_post URI. | 8.8 |
2018-04-20 | CVE-2018-1289 | Apache | SQL Injection vulnerability in Apache Fineract In Apache Fineract versions 1.0.0, 0.6.0-incubating, 0.5.0-incubating, 0.4.0-incubating, the system exposes different REST end points to query domain specific entities with a Query Parameter 'orderBy' and 'sortOrder' which are appended directly with SQL statements. | 8.8 |
2018-04-19 | CVE-2018-3843 | Foxitsoftware | Incorrect Type Conversion or Cast vulnerability in Foxitsoftware Foxit Reader 9.0.1.1049 An exploitable type confusion vulnerability exists in the way Foxit PDF Reader version 9.0.1.1049 parses files with associated file annotations. | 8.8 |
2018-04-19 | CVE-2018-3842 | Foxitsoftware | Access of Uninitialized Pointer vulnerability in Foxitsoftware Foxit Reader 9.0.1.1049 An exploitable use of an uninitialized pointer vulnerability exists in the JavaScript engine in Foxit PDF Reader version 9.0.1.1049. | 8.8 |
2018-04-19 | CVE-2018-10220 | Mushmush | Server-Side Request Forgery (SSRF) vulnerability in Mushmush Glastopf 3.1.3 Glastopf 3.1.3-dev has SSRF, as demonstrated by the abc.php a parameter. | 8.8 |
2018-04-19 | CVE-2018-2844 | Oracle | Unspecified vulnerability in Oracle VM Virtualbox Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). | 8.8 |
2018-04-17 | CVE-2018-5430 | Tibco | Path Traversal vulnerability in Tibco products The Spring web flows of TIBCO Software Inc.'s TIBCO JasperReports Server, TIBCO JasperReports Server Community Edition, TIBCO JasperReports Server for ActiveMatrix BPM, TIBCO Jaspersoft for AWS with Multi-Tenancy, and TIBCO Jaspersoft Reporting and Analytics for AWS contain a vulnerability which may allow any authenticated user read-only access to the contents of the web application, including key configuration files. | 8.8 |
2018-04-16 | CVE-2018-10172 | 7 ZIP | Improper Privilege Management vulnerability in 7-Zip 7-Zip through 18.01 on Windows implements the "Large memory pages" option by calling the LsaAddAccountRights function to add the SeLockMemoryPrivilege privilege to the user's account, which makes it easier for attackers to bypass intended access restrictions by using this privilege in the context of a sandboxed process. | 8.8 |
2018-04-16 | CVE-2018-3849 | Nasa Fedoraproject | Out-of-bounds Write vulnerability in multiple products In the ffghtb function in NASA CFITSIO 3.42, specially crafted images parsed via the library can cause a stack-based buffer overflow overwriting arbitrary data. | 8.8 |
2018-04-16 | CVE-2018-3848 | Nasa Fedoraproject | Out-of-bounds Write vulnerability in multiple products In the ffghbn function in NASA CFITSIO 3.42, specially crafted images parsed via the library can cause a stack-based buffer overflow overwriting arbitrary data. | 8.8 |
2018-04-16 | CVE-2018-3846 | Nasa Fedoraproject | Out-of-bounds Write vulnerability in multiple products In the ffgphd and ffgtkn functions in NASA CFITSIO 3.42, specially crafted images parsed via the library can cause a stack-based buffer overflow overwriting arbitrary data. | 8.8 |
2018-04-16 | CVE-2016-9593 | Theforeman Redhat | Credentials Management vulnerability in multiple products foreman-debug before version 1.15.0 is vulnerable to a flaw in foreman-debug's logging. | 8.8 |
2018-04-19 | CVE-2018-0240 | Cisco | Unspecified vulnerability in Cisco products Multiple vulnerabilities in the Application Layer Protocol Inspection feature of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to trigger a reload of an affected device, resulting in a denial of service (DoS) condition. | 8.6 |
2018-04-19 | CVE-2018-0231 | Cisco | Out-of-bounds Write vulnerability in Cisco products A vulnerability in the Transport Layer Security (TLS) library of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to trigger a reload of the affected device, resulting in a denial of service (DoS) condition. | 8.6 |
2018-04-19 | CVE-2018-0230 | Cisco | Resource Exhaustion vulnerability in Cisco products A vulnerability in the internal packet-processing functionality of Cisco Firepower Threat Defense (FTD) Software for Cisco Firepower 2100 Series Security Appliances could allow an unauthenticated, remote attacker to cause an affected device to stop processing traffic, resulting in a denial of service (DoS) condition. | 8.6 |
2018-04-19 | CVE-2018-0228 | Cisco | Improper Locking vulnerability in Cisco Adaptive Security Appliance Software A vulnerability in the ingress flow creation functionality of Cisco Adaptive Security Appliance (ASA) could allow an unauthenticated, remote attacker to cause the CPU to increase upwards of 100% utilization, causing a denial of service (DoS) condition on an affected system. | 8.6 |
2018-04-18 | CVE-2015-9124 | Qualcomm | NULL Pointer Dereference vulnerability in Qualcomm products In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile MDM9625, MDM9635M, MDM9640, MDM9645, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 615/16/SD 415, SD 800, SD 808, and SD 810, the device may crash while accessing an invalid pointer or expose otherwise inaccessible memory contents. | 8.5 |
2018-04-19 | CVE-2018-2826 | Oracle Canonical Netapp | Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Libraries). | 8.3 |
2018-04-19 | CVE-2018-2825 | Oracle Canonical Netapp | Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Libraries). | 8.3 |
2018-04-19 | CVE-2018-2814 | Oracle Redhat Debian Canonical Schneider Electric HP | Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Hotspot). | 8.3 |
2018-04-20 | CVE-2018-1292 | Apache | SQL Injection vulnerability in Apache Fineract Within the 'getReportType' method in Apache Fineract 1.0.0, 0.6.0-incubating, 0.5.0-incubating, 0.4.0-incubating, a hacker could inject SQL to read/update data for which he doesn't have authorization for by way of the 'reportName' parameter. | 8.1 |
2018-04-20 | CVE-2018-1291 | Apache | SQL Injection vulnerability in Apache Fineract Apache Fineract 1.0.0, 0.6.0-incubating, 0.5.0-incubating, 0.4.0-incubating exposes different REST end points to query domain specific entities with a Query Parameter 'orderBy' which are appended directly with SQL statements. | 8.1 |
2018-04-18 | CVE-2018-1088 | Redhat Opensuse Debian | Incorrect Privilege Assignment vulnerability in multiple products A privilege escalation flaw was found in gluster 3.x snapshot scheduler. | 8.1 |
2018-04-20 | CVE-2017-8315 | Eclipse | XXE vulnerability in Eclipse IDE 2017.2.5 Eclipse XML parser for the Eclipse IDE versions 2017.2.5 and earlier was found vulnerable to an XML External Entity attack. | 7.8 |
2018-04-19 | CVE-2018-0233 | Cisco | Resource Exhaustion vulnerability in Cisco Firepower Management Center A vulnerability in the Secure Sockets Layer (SSL) packet reassembly functionality of the detection engine in Cisco Firepower System Software could allow an unauthenticated, remote attacker to cause the detection engine to consume excessive system memory on an affected device, which could cause a denial of service (DoS) condition. | 7.8 |
2018-04-19 | CVE-2018-2764 | Oracle | Unspecified vulnerability in Oracle Solaris 10/11.3 Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: Kernel). | 7.8 |
2018-04-19 | CVE-2018-2718 | Oracle | Unspecified vulnerability in Oracle Solaris 10.0/11.3 Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: RPC). | 7.8 |
2018-04-18 | CVE-2018-10194 | Artifex Canonical Debian Redhat | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products The set_text_distance function in devices/vector/gdevpdts.c in the pdfwrite component in Artifex Ghostscript through 9.22 does not prevent overflows in text-positioning calculation, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted PDF document. | 7.8 |
2018-04-18 | CVE-2016-10499 | Qualcomm | Resource Management Errors vulnerability in Qualcomm products In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 835, SD 845, SD 850, and SDX20, memory leak may occur in the IPSecurity module when repeating IKE-Rekey. | 7.8 |
2018-04-18 | CVE-2016-10497 | Qualcomm | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Qualcomm products In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 835, SD 845, SD 850, and SDX20, improper CFG allocation can cause heap leak. | 7.8 |
2018-04-18 | CVE-2016-10464 | Qualcomm | Improper Input Validation vulnerability in Qualcomm products In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9607, MDM9640, MDM9650, QCA6174A, QCA6574AU, QCA9377, SD 210/SD 212/SD 205, SD 425, SD 600, SD 650/52, SD 808, SD 810, SD 820, and SDX20, lack of input validation for HCI H4 UART packet ID cause system denial of service. | 7.8 |
2018-04-18 | CVE-2016-10459 | Qualcomm | Resource Management Errors vulnerability in Qualcomm products In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9645, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 615/16/SD 415, SD 617, SD 800, SD 810, and SD 820, during a call, memory exhaustion can occur. | 7.8 |
2018-04-18 | CVE-2016-10455 | Qualcomm | Data Processing Errors vulnerability in Qualcomm products In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 835, SD 845, SD 850, and SDX20, improper initialization of ike_sa_handle_ptr in IPSEC leads to system denial of service. | 7.8 |
2018-04-18 | CVE-2016-10427 | Qualcomm | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Qualcomm products In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 835, SD 845, SD 850, and SDX20, improper boundary check in RLC AM module leads to denial of service by reaching assertion. | 7.8 |
2018-04-18 | CVE-2016-10416 | Qualcomm | Resource Management Errors vulnerability in Qualcomm products In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9645, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 600, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, and SD 820, UE crash is seen due to IPCMem exhaustion, when UDP data is pumped to UE's ULP (UserPlane Location protocol) UDP port 7275. | 7.8 |
2018-04-18 | CVE-2016-10411 | Qualcomm | Resource Management Errors vulnerability in Qualcomm products In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, and SD 835, RTP daemon crashes and terminates VT call when UE receives RTCP unknown APP packet report which caused the parser to miss an end of RTCP packet length and go on forever looking for it, even going beyond the limits of the RTCP Packet length. | 7.8 |
2018-04-18 | CVE-2015-9222 | Qualcomm | Resource Management Errors vulnerability in Qualcomm products In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 450, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 835, SD 845, SDM630, SDM636, SDM660, and Snapdragon_High_Med_2016, processing erroneous bitstreams may result in a HW freeze. | 7.8 |
2018-04-17 | CVE-2018-7539 | Appeartv | Path Traversal vulnerability in Appeartv Xc5000 Firmware and Xc5100 Firmware On Appear TV XC5000 and XC5100 devices with firmware 3.26.217, it is possible to read OS files with a specially crafted HTTP request (such as GET /../../../../../../../../../../../../etc/passwd) to the web server (fuzzd/0.1.1) running the Maintenance Center on port TCP/8088. | 7.8 |
2018-04-16 | CVE-2018-10070 | Mikrotik | Resource Exhaustion vulnerability in Mikrotik Router Firmware 6.41.4 A vulnerability in MikroTik Version 6.41.4 could allow an unauthenticated remote attacker to exhaust all available CPU and all available RAM by sending a crafted FTP request on port 21 that begins with many '\0' characters, preventing the affected router from accepting new FTP connections. | 7.8 |
2018-04-16 | CVE-2018-10120 | Debian Libreoffice Redhat Canonical | Improper Validation of Array Index vulnerability in multiple products The SwCTBWrapper::Read function in sw/source/filter/ww8/ww8toolbar.cxx in LibreOffice before 5.4.6.1 and 6.x before 6.0.2.1 does not validate a customizations index, which allows remote attackers to cause a denial of service (heap-based buffer overflow with write access) or possibly have unspecified other impact via a crafted document that contains a certain Microsoft Word record. | 7.8 |
2018-04-16 | CVE-2018-10119 | Libreoffice Debian Redhat Canonical | Use After Free vulnerability in multiple products sot/source/sdstor/stgstrms.cxx in LibreOffice before 5.4.5.1 and 6.x before 6.0.1.1 uses an incorrect integer data type in the StgSmallStrm class, which allows remote attackers to cause a denial of service (use-after-free with write access) or possibly have unspecified other impact via a crafted document that uses the structured storage ole2 wrapper file format. | 7.8 |
2018-04-19 | CVE-2018-2811 | Oracle Redhat Schneider Electric | Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Install). | 7.7 |
2018-04-19 | CVE-2018-2794 | Oracle Redhat Debian Canonical HP Schneider Electric | Vulnerability in the Java SE, JRockit component of Oracle Java SE (subcomponent: Security). | 7.7 |
2018-04-19 | CVE-2018-8118 | Microsoft | Out-of-bounds Write vulnerability in Microsoft Internet Explorer 10/11 A remote code execution vulnerability exists when Internet Explorer improperly accesses objects in memory, aka "Internet Explorer Memory Corruption Vulnerability." This affects Internet Explorer 11, Internet Explorer 10. | 7.6 |
2018-04-22 | CVE-2017-17902 | Kliqqi | SQL Injection vulnerability in Kliqqi CMS 3.5.2 SQL Injection exists in Kliqqi CMS 3.5.2 via the randkey parameter of a new story at the pligg/story.php?title= URI. | 7.5 |
2018-04-22 | CVE-2018-10285 | Ericssonlg | Incorrect Permission Assignment for Critical Resource vulnerability in Ericssonlg Ipecs NMS A.1Ac The Ericsson-LG iPECS NMS A.1Ac web application uses incorrect access control mechanisms. | 7.5 |
2018-04-21 | CVE-2018-10284 | Adaltech | SQL Injection vulnerability in Adaltech G-Ticket 70 Adaltech G-Ticket v70 EME104 has SQL Injection via the mobile-loja/mensagem.asp eve_cod parameter. | 7.5 |
2018-04-21 | CVE-2018-10283 | Cliquemania | SQL Injection vulnerability in Cliquemania Loja Virtual 14 CliqueMania loja virtual 14 has SQL Injection via the patch/remote.php id parameter in a recomendar action. | 7.5 |
2018-04-20 | CVE-2018-9059 | Sharing File | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Sharing-File Easy File Sharing web Server 7.2 Stack-based buffer overflow in Easy File Sharing (EFS) Web Server 7.2 allows remote attackers to execute arbitrary code via a malicious login request to forum.ghp. | 7.5 |
2018-04-20 | CVE-2018-8826 | Asus | Improper Input Validation vulnerability in Asus products ASUS RT-AC51U, RT-AC58U, RT-AC66U, RT-AC1750, RT-ACRH13, and RT-N12 D1 routers with firmware before 3.0.0.4.380.8228; RT-AC52U B1, RT-AC1200 and RT-N600 routers with firmware before 3.0.0.4.380.10446; RT-AC55U and RT-AC55UHP routers with firmware before 3.0.0.4.382.50276; RT-AC86U and RT-AC2900 routers with firmware before 3.0.0.4.384.20648; and possibly other RT-series routers allow remote attackers to execute arbitrary code via unspecified vectors. | 7.5 |
2018-04-20 | CVE-2014-10073 | Wpitchoune Debian | Path Traversal vulnerability in multiple products The create_response function in server/server.c in Psensor before 1.1.4 allows Directory Traversal because it lacks a check for whether a file is under the webserver directory. | 7.5 |
2018-04-20 | CVE-2018-10238 | Bacnet Protocol Stack Project | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Bacnet Protocol Stack Project Bacnet Protocol Stack 0.8.5 bvlc.c in skarg BACnet Protocol Stack bacserv 0.9.1 and 0.8.5 is affected by a Buffer Overflow because of a lack of packet-size validation. | 7.5 |
2018-04-19 | CVE-2017-3774 | Lenovo IBM | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Lenovo Integrated Management Module 2 A stack overflow vulnerability was discovered within the web administration service in Integrated Management Module 2 (IMM2) earlier than version 4.70 used in some Lenovo servers and earlier than version 6.60 used in some IBM servers. | 7.5 |
2018-04-19 | CVE-2018-1145 | Belkin | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Belkin N750 Firmware 1.10.22 A remote unauthenticated user can overflow a stack buffer in the Belkin N750 using firmware version 1.10.22 by sending a crafted HTTP request to proxy.cgi. | 7.5 |
2018-04-19 | CVE-2018-10225 | Thinkphp | SQL Injection vulnerability in Thinkphp 3.1.3 thinkphp 3.1.3 has SQL Injection via the index.php s parameter. | 7.5 |
2018-04-19 | CVE-2018-2850 | Oracle | Unspecified vulnerability in Oracle Hospitality Cruise Fleet Management 9.0/9.0.2.0/9.0.4.0 Vulnerability in the Oracle Hospitality Cruise Fleet Management System component of Oracle Hospitality Applications (subcomponent: Fleet Management System Suite). | 7.5 |
2018-04-19 | CVE-2018-2829 | Oracle | Unspecified vulnerability in Oracle Hospitality Simphony 2.10 Vulnerability in the Oracle Hospitality Simphony component of Oracle Hospitality Applications (subcomponent: Enterprise Management Console). | 7.5 |
2018-04-19 | CVE-2018-2774 | Oracle | Unspecified vulnerability in Oracle Peoplesoft Enterprise Peopletools 8.54/8.55/8.56 Vulnerability in the PeopleSoft Enterprise PT PeopleTools component of Oracle PeopleSoft Products (subcomponent: SQR). | 7.5 |
2018-04-19 | CVE-2018-2742 | Oracle | Unspecified vulnerability in Oracle Enterprise Manager OPS Center 12.2.2/12.3.3 Vulnerability in the Enterprise Manager Ops Center component of Oracle Enterprise Manager Products Suite (subcomponent: Framework). | 7.5 |
2018-04-18 | CVE-2018-7762 | Schneider Electric | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Schneider-Electric products A vulnerability exists in the web services to process SOAP requests in Schneider Electric's Modicon M340, Modicon Premium, Modicon Quantum PLC, BMXNOR0200 which could allow result in a buffer overflow. | 7.5 |
2018-04-18 | CVE-2018-7759 | Schneider Electric | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Schneider-Electric products A buffer overflow vulnerability exists in Schneider Electric's Modicon M340, Modicon Premium, Modicon Quantum PLC, BMXNOR0200. | 7.5 |
2018-04-18 | CVE-2018-10199 | Mruby | Use After Free vulnerability in Mruby In versions of mruby up to and including 1.4.0, a use-after-free vulnerability exists in src/io.c::File#initilialize_copy(). | 7.5 |
2018-04-18 | CVE-2016-10456 | Qualcomm | Improper Input Validation vulnerability in Qualcomm products In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9607, MDM9615, MDM9635M, MDM9640, MDM9650, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 600, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 835, and SDX20, if radish is executed with an interface name set to an invalid interface name, an arbitrary command of 15 characters or less may be executed as a system call. | 7.5 |
2018-04-18 | CVE-2016-10448 | Qualcomm | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Qualcomm products In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 835, SD 845, SD 850, and SDX20, a simultaneous command post for addSA or updateSA on same SA leads to memory corruption. | 7.5 |
2018-04-18 | CVE-2016-10430 | Qualcomm | Information Exposure vulnerability in Qualcomm products In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile and Snapdragon Mobile SD 425, SD 430, SD 450, SD 625, SD 650/52, SD 820, and SD 820A, when executing a TA which has been granted privileges to the CPVC MINK class it is possible for the TA to access methods exposed by the CPVC interface. | 7.5 |
2018-04-18 | CVE-2016-10422 | Qualcomm | Improper Access Control vulnerability in Qualcomm products In Android before 2018-04-05 or earlier security patch level on Qualcomm Small Cell SoC, Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear FSM9055, IPQ4019, MDM9206, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 820A, SD 835, SD 845, SD 850, and SDX20, improper access control in system call leads to unauthorized access. | 7.5 |
2018-04-18 | CVE-2016-10412 | Qualcomm | Integer Overflow or Wraparound vulnerability in Qualcomm products In Android before 2018-04-05 or earlier security patch level on Qualcomm Small Cell SoC, Snapdragon Mobile, and Snapdragon Wear FSM9055, MDM9206, MDM9607, MDM9615, MDM9635M, MDM9640, MDM9650, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 600, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 835, and SDX20, an integer overflow leading to buffer overflow can potentially occur in a memory API function. | 7.5 |
2018-04-18 | CVE-2018-8092 | Mautic | Improper Neutralization of Formula Elements in a CSV File vulnerability in Mautic Mautic before 2.13.0 allows CSV injection. | 7.5 |
2018-04-18 | CVE-2018-5341 | Zohocorp | Improper Input Validation vulnerability in Zohocorp Manageengine Desktop Central 10.0.124/10.0.184 An issue was discovered in Zoho ManageEngine Desktop Central 10.0.124 and 10.0.184: a missing server-side check on the file type/extension when uploading and modifying scripts. | 7.5 |
2018-04-18 | CVE-2018-5339 | Zohocorp | Missing Authentication for Critical Function vulnerability in Zohocorp Manageengine Desktop Central 10.0.124/10.0.184 An issue was discovered in Zoho ManageEngine Desktop Central 10.0.124 and 10.0.184: insufficient enforcement of database query type restrictions. | 7.5 |
2018-04-18 | CVE-2018-5338 | Zohocorp | Missing Authentication for Critical Function vulnerability in Zohocorp Manageengine Desktop Central 10.0.124/10.0.184 An issue was discovered in Zoho ManageEngine Desktop Central 10.0.124 and 10.0.184: missing authentication/authorization for a database query mechanism. | 7.5 |
2018-04-18 | CVE-2018-5337 | Zohocorp | Path Traversal vulnerability in Zohocorp Manageengine Desktop Central 10.0.124/10.0.184 An issue was discovered in Zoho ManageEngine Desktop Central 10.0.124 and 10.0.184: directory traversal in the SCRIPT_NAME field when modifying existing scripts. | 7.5 |
2018-04-18 | CVE-2018-8734 | Nagios | SQL Injection vulnerability in Nagios XI SQL injection vulnerability in the core config manager in Nagios XI 5.2.x through 5.4.x before 5.4.13 allows an attacker to execute arbitrary SQL commands via the selInfoKey1 parameter. | 7.5 |
2018-04-18 | CVE-2018-8733 | Nagios | SQL Injection vulnerability in Nagios XI Authentication bypass vulnerability in the core config manager in Nagios XI 5.2.x through 5.4.x before 5.4.13 allows an unauthenticated attacker to make configuration changes and leverage an authenticated SQL injection vulnerability. | 7.5 |
2018-04-17 | CVE-2018-10191 | Mruby Debian | Integer Overflow or Wraparound vulnerability in multiple products In versions of mruby up to and including 1.4.0, an integer overflow exists in src/vm.c::mrb_vm_exec() when handling OP_GETUPVAR in the presence of deep scope nesting, resulting in a use-after-free. | 7.5 |
2018-04-17 | CVE-2018-6913 | Debian Perl Canonical | Out-of-bounds Write vulnerability in multiple products Heap-based buffer overflow in the pack function in Perl before 5.26.2 allows context-dependent attackers to execute arbitrary code via a large item count. | 7.5 |
2018-04-17 | CVE-2018-6797 | Debian Perl Canonical Redhat | Out-of-bounds Write vulnerability in multiple products An issue was discovered in Perl 5.18 through 5.26. | 7.5 |
2018-04-17 | CVE-2014-2294 | Openwebanalytics | Injection vulnerability in Openwebanalytics Open web Analytics Open Web Analytics (OWA) before 1.5.7 allows remote attackers to conduct PHP object injection attacks via a crafted serialized object in the owa_event parameter to queue.php. | 7.5 |
2018-04-16 | CVE-2018-10133 | Pbootcms | Code Injection vulnerability in Pbootcms 0.9.8 PbootCMS v0.9.8 allows PHP code injection via an IF label in index.php/About/6.html or admin.php/Site/index.html, related to the parserIfLabel function in \apps\home\controller\ParserController.php. | 7.5 |
2018-04-19 | CVE-2018-2783 | Oracle Redhat Canonical HP | Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Security). | 7.4 |
2018-04-19 | CVE-2018-0275 | Cisco | Unspecified vulnerability in Cisco Identity Services Engine A vulnerability in the support tunnel feature of Cisco Identity Services Engine (ISE) could allow an authenticated, local attacker to access the device's shell. | 7.2 |
2018-04-18 | CVE-2016-10451 | Qualcomm | Permissions, Privileges, and Access Controls vulnerability in Qualcomm products In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9607, MDM9635M, MDM9640, MDM9650, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 835, and SDX20, privilege escalation may occur due to inherently insecure treatment of local files. | 7.2 |
2018-04-18 | CVE-2015-9217 | Qualcomm | Unspecified vulnerability in Qualcomm products In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 450, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 835, SD 845, SDM630, SDM636, SDM660, and Snapdragon_High_Med_2016, certain malformed HVEC clips could cause an assertion to fail. | 7.2 |
2018-04-17 | CVE-2018-10190 | Londontrustmedia | Improper Privilege Management vulnerability in Londontrustmedia Private Internet Access 77 A vulnerability in London Trust Media Private Internet Access (PIA) VPN Client v77 for Windows could allow an unauthenticated, local attacker to run executable files with elevated privileges. | 7.2 |
2018-04-19 | CVE-2018-7899 | Huawei | Double Free vulnerability in Huawei Berkeley-Al20 Firmware and Berkeley-Bd Firmware The Mali Driver of Huawei Berkeley-AL20 and Berkeley-BD smart phones with software Berkeley-AL20 8.0.0.105(C00), 8.0.0.111(C00), 8.0.0.112D(C00), 8.0.0.116(C00), 8.0.0.119(C00), 8.0.0.119D(C00), 8.0.0.122(C00), 8.0.0.132(C00), 8.0.0.132D(C00), 8.0.0.142(C00), 8.0.0.151(C00), Berkeley-BD 1.0.0.21, 1.0.0.22, 1.0.0.23, 1.0.0.24, 1.0.0.26, 1.0.0.29 has a double free vulnerability. | 7.1 |
2018-04-19 | CVE-2017-17313 | Huawei | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Huawei P9 Lite Firmware The inputhub driver of HUAWEI P9 Lite mobile phones with Versions earlier than VNS-L21C02B341, Versions earlier than VNS-L21C22B380, Versions earlier than VNS-L31C02B341, Versions earlier than VNS-L31C440B390, Versions earlier than VNS-L31C636B396 has a buffer overflow vulnerability due to the lack of parameter validation. | 7.1 |
2018-04-18 | CVE-2016-10420 | Qualcomm | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Qualcomm products In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9607, MDM9650, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 600, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 835, and SDX20, while playing back a .flv clip which doesn't have an inbuilt seek table, a dynamic index table access is out of bounds and leads to crash. | 7.1 |
300 Medium Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2018-04-16 | CVE-2016-9093 | Symantec | Improper Input Validation vulnerability in Symantec Endpoint Protection A version of the SymEvent Driver that shipped with Symantec Endpoint Protection 12.1 RU6 MP6 and earlier fails to properly sanitize logged-in user input. | 6.9 |
2018-04-22 | CVE-2018-10295 | Chemcms Project | Cross-Site Request Forgery (CSRF) vulnerability in Chemcms Project Chemcms 1.0.6 ChemCMS v1.0.6 has CSRF by using public/admin/user/addpost.html to add an administrator account. | 6.8 |
2018-04-22 | CVE-2018-10266 | Beescms | Cross-Site Request Forgery (CSRF) vulnerability in Beescms 4.0 BEESCMS 4.0 has a CSRF vulnerability to add an administrator account via the admin/admin_admin.php?nav=list_admin_user&admin_p_nav=user URI. | 6.8 |
2018-04-22 | CVE-2018-10265 | Hongcms Project | Cross-Site Request Forgery (CSRF) vulnerability in Hongcms Project Hongcms 3.0.0 An issue was discovered in HongCMS v3.0.0. | 6.8 |
2018-04-21 | CVE-2018-10254 | Nasm | Out-of-bounds Read vulnerability in Nasm Netwide Assembler 2.13 Netwide Assembler (NASM) 2.13 has a stack-based buffer over-read in the disasm function of the disasm/disasm.c file. | 6.8 |
2018-04-20 | CVE-2017-2825 | Zabbix Debian | Man in the Middle Security Bypass vulnerability in Zabbix Proxy Server In the trapper functionality of Zabbix Server 2.4.x, specifically crafted trapper packets can pass database logic checks, resulting in database writes. | 6.8 |
2018-04-20 | CVE-2018-10249 | Baijiacms Project | Cross-Site Request Forgery (CSRF) vulnerability in Baijiacms Project Baijiacms 3.0 baijiacms V3 has CSRF via index.php?mod=site&op=edituser&name=manager&do=user to add an administrator account. | 6.8 |
2018-04-19 | CVE-2018-0259 | Cisco | Cross-Site Request Forgery (CSRF) vulnerability in Cisco Mate Collector 7.1 A vulnerability in the web-based management interface of Cisco MATE Collector could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack and perform arbitrary actions on an affected device. | 6.8 |
2018-04-19 | CVE-2018-0255 | Cisco | Cross-Site Request Forgery (CSRF) vulnerability in Cisco IOS 15.2(5)E A vulnerability in the device manager web interface of Cisco Industrial Ethernet Switches could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack against a user of an affected system. | 6.8 |
2018-04-19 | CVE-2018-10188 | Phpmyadmin | Cross-Site Request Forgery (CSRF) vulnerability in PHPmyadmin 4.8.0 phpMyAdmin 4.8.0 before 4.8.0-1 has CSRF, allowing an attacker to execute arbitrary SQL statements, related to js/db_operations.js, js/tbl_operations.js, libraries/classes/Operations.php, and sql.php. | 6.8 |
2018-04-19 | CVE-2018-6306 | Kaspersky | Untrusted Search Path vulnerability in Kaspersky Password Manager Unauthorized code execution from specific DLL and is known as DLL Hijacking attack in Kaspersky Password Manager versions before 8.0.6.538. | 6.8 |
2018-04-19 | CVE-2018-10222 | Icmsdev | Cross-Site Request Forgery (CSRF) vulnerability in Icmsdev Icms 7.0 An issue was discovered in idreamsoft iCMS V7.0. | 6.8 |
2018-04-19 | CVE-2018-2879 | Oracle | Unspecified vulnerability in Oracle Access Manager 11.1.2.3.0/12.2.1.3.0 Vulnerability in the Oracle Access Manager component of Oracle Fusion Middleware (subcomponent: Authentication Engine). | 6.8 |
2018-04-19 | CVE-2018-2876 | Oracle | Unspecified vulnerability in Oracle Retail Integration BUS 13.2 Vulnerability in the Oracle Retail Integration Bus component of Oracle Retail Applications (subcomponent: RIB Kernal(Apache Commons Collections)). | 6.8 |
2018-04-19 | CVE-2018-2840 | Oracle | Unspecified vulnerability in Oracle Retail Xstore Point of Service Vulnerability in the Oracle Retail Xstore Point of Service component of Oracle Retail Applications (subcomponent: Xstore Office). | 6.8 |
2018-04-19 | CVE-2018-2766 | Oracle Canonical Mariadb Debian Netapp | Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). | 6.8 |
2018-04-19 | CVE-2018-2750 | Oracle | Unspecified vulnerability in Oracle Enterprise Manager Base Platform 12.1.0.5 Vulnerability in the Enterprise Manager Base Platform component of Oracle Enterprise Manager Products Suite (subcomponent: UI Framework). | 6.8 |
2018-04-19 | CVE-2018-1167 | Spotify | OS Command Injection vulnerability in Spotify 1.0.69.336 This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Spotify Music Player 1.0.69.336. | 6.8 |
2018-04-17 | CVE-2018-10185 | Tuzicms | Cross-Site Request Forgery (CSRF) vulnerability in Tuzicms 2.0.6 An issue was discovered in TuziCMS v2.0.6. | 6.8 |
2018-04-16 | CVE-2016-9094 | Symantec | Improper Input Validation vulnerability in Symantec Endpoint Protection Symantec Endpoint Protection clients place detected malware in quarantine as part of the intended product functionality. | 6.8 |
2018-04-16 | CVE-2018-10137 | Iscripts | Cross-Site Request Forgery (CSRF) vulnerability in Iscripts Uberforx 2.2 iScripts UberforX 2.2 has CSRF in the "manage_settings" section of the Admin Panel via the /cms?section=manage_settings&action=edit URI. | 6.8 |
2018-04-16 | CVE-2018-10132 | Pbootcms | Cross-Site Request Forgery (CSRF) vulnerability in Pbootcms 0.9.8 PbootCMS v0.9.8 has CSRF via an admin.php/Message/mod/id/19.html?backurl=/index.php request, resulting in PHP code injection in the recontent parameter. | 6.8 |
2018-04-16 | CVE-2018-10127 | Xyhcms Project | Cross-Site Request Forgery (CSRF) vulnerability in Xyhcms Project Xyhcms 3.5 An issue was discovered in XYHCMS 3.5. | 6.8 |
2018-04-16 | CVE-2018-10117 | Icmsdev | Cross-Site Request Forgery (CSRF) vulnerability in Icmsdev Icms 7.0.7 An issue was discovered in idreamsoft iCMS V7.0.7. | 6.8 |
2018-04-16 | CVE-2018-10114 | Gegl | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Gegl 0.2.0 An issue was discovered in GEGL through 0.3.32. | 6.8 |
2018-04-16 | CVE-2018-10112 | Gegl | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Gegl 0.2.0 An issue was discovered in GEGL through 0.3.32. | 6.8 |
2018-04-21 | CVE-2018-10126 | Libtiff | NULL Pointer Dereference vulnerability in Libtiff 4.0.9 ijg-libjpeg before 9d, as used in tiff2pdf (from LibTIFF) and other products, does not check for a NULL pointer at a certain place in jpeg_fdct_16x16 in jfdctint.c. | 6.5 |
2018-04-20 | CVE-2014-0900 | Improper Input Validation vulnerability in Google Android The Device Administrator code in Android before 4.4.1_r1 might allow attackers to spoof device administrators and consequently bypass MDM restrictions by leveraging failure to update the mAdminMap data structure. | 6.5 | |
2018-04-20 | CVE-2018-6960 | Vmware | Improper Authentication vulnerability in VMWare Horizon Daas VMware Horizon DaaS (7.x before 8.0.0) contains a broken authentication vulnerability that may allow an attacker to bypass two-factor authentication. | 6.5 |
2018-04-19 | CVE-2018-0229 | Cisco | Session Fixation vulnerability in Cisco products A vulnerability in the implementation of Security Assertion Markup Language (SAML) Single Sign-On (SSO) authentication for Cisco AnyConnect Secure Mobility Client for Desktop Platforms, Cisco Adaptive Security Appliance (ASA) Software, and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to establish an authenticated AnyConnect session through an affected device running ASA or FTD Software. | 6.5 |
2018-04-19 | CVE-2018-10236 | Poscms | Code Injection vulnerability in Poscms 3.2.18 POSCMS 3.2.18 allows remote attackers to execute arbitrary PHP code via the diy\dayrui\controllers\admin\Syscontroller.php 'add' function because an attacker can control the value of $data['name'] with no restrictions, and this value is written to the FCPATH.$file file. | 6.5 |
2018-04-19 | CVE-2018-10235 | Poscms | Code Injection vulnerability in Poscms 3.2.10 POSCMS 3.2.10 allows remote attackers to execute arbitrary PHP code via the diy\module\member\controllers\admin\Setting.php 'index' function because an attacker can control the value of $cache['setting']['ucssocfg'] in diy\module\member\models\Member_model.php and write this code into the api/ucsso/config.php file. | 6.5 |
2018-04-19 | CVE-2018-2857 | Oracle | Unspecified vulnerability in Oracle SUN ZFS Storage Appliance KIT 8.7.13 Vulnerability in the Sun ZFS Storage Appliance Kit (AK) component of Oracle Sun Systems Products Suite (subcomponent: HTTP data path subsystems). | 6.5 |
2018-04-19 | CVE-2018-2772 | Oracle | Unspecified vulnerability in Oracle Peoplesoft Enterprise Peopletools 8.54/8.55/8.56 Vulnerability in the PeopleSoft Enterprise PeopleTools component of Oracle PeopleSoft Products (subcomponent: Rich Text Editor). | 6.5 |
2018-04-18 | CVE-2018-7240 | Schneider Electric | Out-of-bounds Write vulnerability in Schneider-Electric products A vulnerability exists in Schneider Electric's Modicon Quantum in all versions of the communication modules which could allow arbitrary code execution. | 6.5 |
2018-04-18 | CVE-2018-5342 | Zohocorp | Incorrect Permission Assignment for Critical Resource vulnerability in Zohocorp Manageengine Desktop Central 10.0.124/10.0.184 An issue was discovered in Zoho ManageEngine Desktop Central 10.0.124 and 10.0.184: network services (Desktop Central and PostgreSQL) running with a superuser account. | 6.5 |
2018-04-18 | CVE-2018-5340 | Zohocorp | Unspecified vulnerability in Zohocorp Manageengine Desktop Central 10.0.124/10.0.184 An issue was discovered in Zoho ManageEngine Desktop Central 10.0.124 and 10.0.184: database access using a superuser account (specifically, an account with permission to write to the filesystem via SQL queries). | 6.5 |
2018-04-17 | CVE-2018-5429 | Tibco | Unspecified vulnerability in Tibco products A vulnerability in the report scripting component of TIBCO Software Inc.'s TIBCO JasperReports Server, TIBCO JasperReports Server Community Edition, TIBCO JasperReports Server for ActiveMatrix BPM, TIBCO JasperReports Library, TIBCO JasperReports Library Community Edition, TIBCO JasperReports Library for ActiveMatrix BPM, TIBCO Jaspersoft for AWS with Multi-Tenancy, TIBCO Jaspersoft Reporting and Analytics for AWS, TIBCO Jaspersoft Studio, TIBCO Jaspersoft Studio Community Edition, and TIBCO Jaspersoft Studio for ActiveMatrix BPM may allow analytic reports that contain scripting to perform arbitrary code execution. | 6.5 |
2018-04-16 | CVE-2018-0530 | Cybozu | SQL Injection vulnerability in Cybozu Garoon SQL injection vulnerability in the Cybozu Garoon 3.5.0 to 4.2.6 allows remote authenticated attackers to execute arbitrary SQL commands via unspecified vectors. | 6.5 |
2018-04-16 | CVE-2018-9153 | Zblogcn | Unrestricted Upload of File with Dangerous Type vulnerability in Zblogcn Z-Blogphp 1.5.1 The plugin upload component in Z-BlogPHP 1.5.1 allows remote attackers to execute arbitrary PHP code via the app_id parameter to zb_users/plugin/AppCentre/plugin_edit.php because of an unanchored regular expression, a different vulnerability than CVE-2018-8893. | 6.5 |
2018-04-20 | CVE-2014-0931 | IBM | XXE vulnerability in IBM Rational Clearcase Multiple XML external entity (XXE) vulnerabilities in the (1) CCRC WAN Server / CM Server, (2) Perl CC/CQ integration trigger scripts, (3) CMAPI Java interface, (4) ClearCase remote client, and (5) CMI and OSLC-based ClearQuest integrations components in IBM Rational ClearCase 7.1.0.x, 7.1.1.x, 7.1.2 through 7.1.2.13, 8.0 through 8.0.0.10, and 8.0.1 through 8.0.1.3 allow remote attackers to cause a denial of service or access other servers via crafted XML data. | 6.4 |
2018-04-19 | CVE-2018-2871 | Oracle | Unspecified vulnerability in Oracle Human Resources Vulnerability in the Oracle Human Resources component of Oracle E-Business Suite (subcomponent: General Utilities). | 6.4 |
2018-04-19 | CVE-2018-2870 | Oracle | Unspecified vulnerability in Oracle Human Resources Vulnerability in the Oracle Human Resources component of Oracle E-Business Suite (subcomponent: General Utilities). | 6.4 |
2018-04-19 | CVE-2018-2861 | Oracle | Unspecified vulnerability in Oracle Retail Back Office 13.4.9/14.0.4/14.1.3 Vulnerability in the Oracle Retail Back Office component of Oracle Retail Applications (subcomponent: Security). | 6.4 |
2018-04-19 | CVE-2018-2738 | Oracle | Unspecified vulnerability in Oracle Retail Central Office 13.4.9/14.0.4/14.1.3 Vulnerability in the Oracle Retail Central Office component of Oracle Retail Applications (subcomponent: Security). | 6.4 |
2018-04-19 | CVE-2018-2737 | Oracle | Unspecified vulnerability in Oracle Retail Returns Management Vulnerability in the Oracle Retail Returns Management component of Oracle Retail Applications (subcomponent: Security). | 6.4 |
2018-04-18 | CVE-2018-7245 | Schneider Electric | Incorrect Authorization vulnerability in Schneider-Electric 66074 MGE Network Management Card Transverse An improper authorization vulnerability exists In Schneider Electric's 66074 MGE Network Management Card Transverse installed in MGE UPS and MGE STS. | 6.4 |
2018-04-18 | CVE-2016-10492 | Qualcomm | Improper Input Validation vulnerability in Qualcomm products In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9607, MDM9615, MDM9635M, MDM9640, MDM9645, MDM9650, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 835, SD 845, SD 850, and SDX20, improper ciphersuite validation leads SecSSL accept an unadvertised ciphersuite. | 6.4 |
2018-04-20 | CVE-2014-0883 | IBM | Cross-site Scripting vulnerability in IBM Power Hardware Management Console IBM Power HMC 7.1.0 through 7.8.0 and 7.3.5 is vulnerable to cross-site scripting. | 6.1 |
2018-04-19 | CVE-2018-0251 | Cisco | Cross-site Scripting vulnerability in Cisco Adaptive Security Appliance Software 9.8(2.15)/9.9(1) A vulnerability in the Web Server Authentication Required screen of the Clientless Secure Sockets Layer (SSL) VPN portal of Cisco Adaptive Security Appliance (ASA) Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of that portal on an affected device. | 6.1 |
2018-04-19 | CVE-2018-0242 | Cisco | Cross-site Scripting vulnerability in Cisco Adaptive Security Appliance Software A vulnerability in the WebVPN web-based management interface of Cisco Adaptive Security Appliance could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device. | 6.1 |
2018-04-19 | CVE-2018-0241 | Cisco | Unspecified vulnerability in Cisco IOS XR A vulnerability in the UDP broadcast forwarding function of Cisco IOS XR Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on the affected device. | 6.1 |
2018-04-16 | CVE-2018-10108 | Dlink | Cross-site Scripting vulnerability in Dlink Dir-815 Firmware D-Link DIR-815 REV. | 6.1 |
2018-04-16 | CVE-2018-10107 | Dlink | Cross-site Scripting vulnerability in Dlink Dir-815 Firmware D-Link DIR-815 REV. | 6.1 |
2018-04-19 | CVE-2018-0112 | Cisco | Improper Input Validation vulnerability in Cisco products A vulnerability in Cisco WebEx Business Suite clients, Cisco WebEx Meetings, and Cisco WebEx Meetings Server could allow an authenticated, remote attacker to execute arbitrary code on a targeted system. | 6.0 |
2018-04-19 | CVE-2018-10224 | Yzmcms | Cross-Site Request Forgery (CSRF) vulnerability in Yzmcms 3.8 An issue was discovered in YzmCMS 3.8. | 6.0 |
2018-04-19 | CVE-2018-10223 | Yzmcms | Cross-Site Request Forgery (CSRF) vulnerability in Yzmcms 3.8 An issue was discovered in YzmCMS 3.8. | 6.0 |
2018-04-19 | CVE-2018-2841 | Oracle | Unspecified vulnerability in Oracle Database Server Vulnerability in the Java VM component of Oracle Database Server. | 6.0 |
2018-04-19 | CVE-2018-2828 | Oracle | Unspecified vulnerability in Oracle Webcenter Content 11.1.1.9.0/12.2.1.2.0/12.2.1.3.0 Vulnerability in the Oracle WebCenter Content component of Oracle Fusion Middleware (subcomponent: Content Server). | 6.0 |
2018-04-19 | CVE-2018-2827 | Oracle | Unspecified vulnerability in Oracle Hospitality Suite8 Vulnerability in the Oracle Hospitality Suite8 component of Oracle Hospitality Applications (subcomponent: Profile). | 6.0 |
2018-04-16 | CVE-2018-0737 | Openssl Canonical | Use of a Broken or Risky Cryptographic Algorithm vulnerability in multiple products The OpenSSL RSA Key generation algorithm has been shown to be vulnerable to a cache timing side channel attack. | 5.9 |
2018-04-20 | CVE-2018-10248 | Wuzhicms | Cross-Site Request Forgery (CSRF) vulnerability in Wuzhicms Wuzhi CMS 4.1.0 An issue was discovered in WUZHI CMS 4.1.0. | 5.8 |
2018-04-20 | CVE-2018-0564 | Lockon | Session Fixation vulnerability in Lockon Ec-Cube Session fixation vulnerability in EC-CUBE (EC-CUBE 3.0.0, EC-CUBE 3.0.1, EC-CUBE 3.0.2, EC-CUBE 3.0.3, EC-CUBE 3..4, EC-CUBE 3.0.5, EC-CUBE 3.0.6, EC-CUBE 3.0.7, EC-CUBE 3.0.8, EC-CUBE 3.0.9, EC-CUBE 3.0.10, EC-CUBE 3.0.11, EC-CUBE 3.0.12, EC-CUBE 3.0.12-p1, EC-CUBE 3.0.13, EC-CUBE 3.0.14, EC-CUBE 3.0.15) allows remote attackers to perform arbitrary operations via unspecified vectors. | 5.8 |
2018-04-19 | CVE-2018-2878 | Oracle | Unspecified vulnerability in Oracle Peoplesoft Enterprise Human Capital Management Shared Components 9.2 Vulnerability in the PeopleSoft Enterprise HCM Shared Components component of Oracle PeopleSoft Products (subcomponent: Notepad). | 5.8 |
2018-04-19 | CVE-2018-2859 | Oracle | Unspecified vulnerability in Oracle Financial Services Basel Regulatory Capital Internal Ratings Based Approach 8.0.0.0.0 Vulnerability in the Oracle Financial Services Basel Regulatory Capital Internal Ratings Based Approach component of Oracle Financial Services Applications (subcomponent: Portfolio, Attribution). | 5.8 |
2018-04-19 | CVE-2018-2854 | Oracle | Unspecified vulnerability in Oracle Financial Services Basel Regulatory Capital Basic 8.0.0.0.0/8.0.2.0.0 Vulnerability in the Oracle Financial Services Basel Regulatory Capital Basic component of Oracle Financial Services Applications (subcomponent: Portfolio, Attribution). | 5.8 |
2018-04-19 | CVE-2018-2838 | Oracle | Unspecified vulnerability in Oracle Peoplesoft Enterprise Prtl Interaction HUB 9.1 Vulnerability in the PeopleSoft Enterprise PRTL Interaction Hub component of Oracle PeopleSoft Products (subcomponent: EPPCM_HIER_TOP). | 5.8 |
2018-04-19 | CVE-2018-2821 | Oracle | Unspecified vulnerability in Oracle Peoplesoft Enterprise Peopletools 8.54/8.55/8.56 Vulnerability in the PeopleSoft Enterprise PeopleTools component of Oracle PeopleSoft Products (subcomponent: Rich Text Editor). | 5.8 |
2018-04-19 | CVE-2018-2807 | Oracle | Unspecified vulnerability in Oracle Flexcube Core Banking 11.5.0/11.6.0/11.7.0 Vulnerability in the Oracle FLEXCUBE Core Banking component of Oracle Financial Services Applications (subcomponent: Securities). | 5.8 |
2018-04-19 | CVE-2018-2806 | Oracle | Unspecified vulnerability in Oracle Outside in Technology 8.5.3 Vulnerability in the Oracle Outside In Technology component of Oracle Fusion Middleware (subcomponent: Outside In Filters). | 5.8 |
2018-04-19 | CVE-2018-2804 | Oracle | Unspecified vulnerability in Oracle E-Business Suite Vulnerability in the Oracle Application Object Library component of Oracle E-Business Suite (subcomponent: DB Privileges). | 5.8 |
2018-04-19 | CVE-2018-2801 | Oracle | Unspecified vulnerability in Oracle Outside in Technology 8.5.3 Vulnerability in the Oracle Outside In Technology component of Oracle Fusion Middleware (subcomponent: Outside In Image Export SDK). | 5.8 |
2018-04-19 | CVE-2018-2791 | Oracle | Unspecified vulnerability in Oracle Webcenter Sites 11.1.1.8.0/12.2.1.2.0/12.2.1.3.0 Vulnerability in the Oracle WebCenter Sites component of Oracle Fusion Middleware (subcomponent: Advanced UI). | 5.8 |
2018-04-19 | CVE-2018-2788 | Oracle | Unspecified vulnerability in Oracle Peoplesoft Enterprise Peopletools 8.55/8.56 Vulnerability in the PeopleSoft Enterprise PeopleTools component of Oracle PeopleSoft Products (subcomponent: Fluid Core). | 5.8 |
2018-04-19 | CVE-2018-2768 | Oracle | Unspecified vulnerability in Oracle Outside in Technology 8.5.3 Vulnerability in the Oracle Outside In Technology component of Oracle Fusion Middleware (subcomponent: Outside In Filters). | 5.8 |
2018-04-19 | CVE-2018-2748 | Oracle | Unspecified vulnerability in Oracle products Vulnerability in the Oracle Banking Corporate Lending component of Oracle Financial Services Applications (subcomponent: Core module). | 5.8 |
2018-04-19 | CVE-2018-2739 | Oracle | Unspecified vulnerability in Oracle Access Manager 10.1.4.3.0/11.1.2.3.0/12.2.1.3.0 Vulnerability in the Oracle Access Manager component of Oracle Fusion Middleware (subcomponent: Web Server Plugin). | 5.8 |
2018-04-19 | CVE-2018-2587 | Oracle | Unspecified vulnerability in Oracle Access Manager and Adaptive Access Manager Vulnerability in the Oracle Access Manager component of Oracle Fusion Middleware (subcomponent: Web Server Plugin). | 5.8 |
2018-04-19 | CVE-2018-2572 | Oracle | Unspecified vulnerability in Oracle Agile Product Lifecycle Management for Process 6.1.1.6/6.2.0.0/6.2.1.0 Vulnerability in the Oracle Agile Product Lifecycle Management for Process component of Oracle Supply Chain Products Suite (subcomponent: Installation). | 5.8 |
2018-04-17 | CVE-2017-2871 | Foscam | Improper Authentication vulnerability in Foscam C1 Firmware 2.52.2.43 Insufficient security checks exist in the recovery procedure used by the Foscam C1 Indoor HD Camera running application firmware 2.52.2.43. | 5.8 |
2018-04-16 | CVE-2018-10101 | Wordpress Debian | Open Redirect vulnerability in Wordpress Before WordPress 4.9.5, the URL validator assumed URLs with the hostname localhost were on the same host as the WordPress server. | 5.8 |
2018-04-16 | CVE-2018-10100 | Wordpress Debian | Open Redirect vulnerability in Wordpress Before WordPress 4.9.5, the redirection URL for the login page was not validated or sanitized if forced to use HTTPS. | 5.8 |
2018-04-22 | CVE-2018-10289 | Artifex Debian | Infinite Loop vulnerability in multiple products In MuPDF 1.13.0, there is an infinite loop in the fz_skip_space function of the pdf/pdf-xref.c file. | 5.5 |
2018-04-20 | CVE-2014-0950 | IBM | XXE vulnerability in IBM Rational Clearquest Multiple XML external entity (XXE) vulnerabilities in (1) CQWeb / CM Server, (2) ClearQuest Native client, (3) ClearQuest Eclipse client, and (4) ClearQuest Eclipse Designer components in IBM Rational ClearQuest 7.1.1 through 7.1.1.9, 7.1.2 through 7.1.2.13, 8.0.0 through 8.0.0.10, and 8.0.1 through 8.0.1.3 allow remote attackers to cause a denial of service or access other servers via crafted XML data. | 5.5 |
2018-04-19 | CVE-2018-2862 | Oracle | Unspecified vulnerability in Oracle Retail Point-Of-Service Vulnerability in the Oracle Retail Point-of-Service component of Oracle Retail Applications (subcomponent: User Interface). | 5.5 |
2018-04-19 | CVE-2018-2856 | Oracle | Unspecified vulnerability in Oracle Financial Services Basel Regulatory Capital Internal Ratings Based Approach 8.0.0.0.0 Vulnerability in the Oracle Financial Services Basel Regulatory Capital Internal Ratings Based Approach component of Oracle Financial Services Applications (subcomponent: Portfolio, Attribution). | 5.5 |
2018-04-19 | CVE-2018-2855 | Oracle | Unspecified vulnerability in Oracle Financial Services Basel Regulatory Capital Basic 8.0.0.0.0/8.0.2.0.0 Vulnerability in the Oracle Financial Services Basel Regulatory Capital Basic component of Oracle Financial Services Applications (subcomponent: Portfolio, Attribution). | 5.5 |
2018-04-19 | CVE-2018-2853 | Oracle | Unspecified vulnerability in Oracle Hospitality Simphony 1.6/1.7 Vulnerability in the Oracle Hospitality Simphony First Edition component of Oracle Hospitality Applications (subcomponent: Operations, Client Application Loader). | 5.5 |
2018-04-19 | CVE-2018-2852 | Oracle | Unspecified vulnerability in Oracle Hospitality Guest Access 4.2.0/4.2.1 Vulnerability in the Oracle Hospitality Guest Access component of Oracle Hospitality Applications (subcomponent: Base). | 5.5 |
2018-04-19 | CVE-2018-2851 | Oracle | Unspecified vulnerability in Oracle Hospitality Simphony 1.6/1.7 Vulnerability in the Oracle Hospitality Simphony First Edition component of Oracle Hospitality Applications (subcomponent: Enterprise Management Console). | 5.5 |
2018-04-19 | CVE-2018-2833 | Oracle | Unspecified vulnerability in Oracle Hospitality Simphony Vulnerability in the Oracle Hospitality Simphony component of Oracle Hospitality Applications (subcomponent: Enterprise Management Console). | 5.5 |
2018-04-19 | CVE-2018-2812 | Oracle Canonical Netapp | Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). | 5.5 |
2018-04-19 | CVE-2018-2803 | Oracle | Unspecified vulnerability in Oracle Hospitality Reporting and Analytics 9.0 Vulnerability in the Oracle Hospitality Reporting and Analytics component of Oracle Hospitality Applications (subcomponent: Report). | 5.5 |
2018-04-19 | CVE-2018-2802 | Oracle | Unspecified vulnerability in Oracle Hospitality Simphony 2.8/2.9 Vulnerability in the Oracle Hospitality Simphony component of Oracle Hospitality Applications (subcomponent: Client Application Loader). | 5.5 |
2018-04-19 | CVE-2018-2792 | Oracle | Unspecified vulnerability in Oracle Hardware Management Pack Vulnerability in the Hardware Management Pack component of Oracle Sun Systems Products Suite (subcomponent: Ipmitool). | 5.5 |
2018-04-19 | CVE-2018-2787 | Oracle Canonical Mariadb | Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). | 5.5 |
2018-04-19 | CVE-2018-2786 | Oracle Canonical Mariadb | Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). | 5.5 |
2018-04-19 | CVE-2018-2746 | Oracle | Unspecified vulnerability in Oracle products Vulnerability in the Oracle Banking Corporate Lending component of Oracle Financial Services Applications (subcomponent: Core module). | 5.5 |
2018-04-19 | CVE-2018-2815 | Oracle Redhat Debian Canonical Schneider Electric HP | Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Serialization). | 5.3 |
2018-04-19 | CVE-2018-2799 | Oracle Redhat Debian Canonical HP Schneider Electric Apache | Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JAXP). | 5.3 |
2018-04-19 | CVE-2018-2798 | Oracle Redhat Debian Canonical HP Schneider Electric | Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: AWT). | 5.3 |
2018-04-19 | CVE-2018-2797 | Oracle Redhat Debian Canonical HP Schneider Electric | Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JMX). | 5.3 |
2018-04-19 | CVE-2018-2796 | Oracle Redhat Debian Canonical HP Schneider Electric | Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Concurrency). | 5.3 |
2018-04-19 | CVE-2018-2795 | Oracle Redhat Debian Canonical HP Schneider Electric | Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Security). | 5.3 |
2018-04-16 | CVE-2017-6323 | Symantec | XXE vulnerability in Symantec Management Console 7.6/8.0 The Symantec Management Console prior to ITMS 8.1 RU1, ITMS 8.0_POST_HF6, and ITMS 7.6_POST_HF7 has an issue whereby XML input containing a reference to an external entity is processed by a weakly configured XML parser. | 5.2 |
2018-04-21 | CVE-2018-10253 | Paessler | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Paessler Prtg Network Monitor Paessler PRTG Network Monitor before 18.1.39.1648 mishandles stack memory during unspecified API calls. | 5.0 |
2018-04-20 | CVE-2014-0912 | IBM | Information Exposure vulnerability in IBM Sterling B2B Integrator and Sterling File Gateway IBM Sterling B2B Integrator 5.1 and 5.2 and Sterling File Gateway 2.1 and 2.2 allow remote attackers to obtain sensitive product information via vectors related to an error page. | 5.0 |
2018-04-20 | CVE-2018-10245 | Awstats | Information Exposure vulnerability in Awstats A Full Path Disclosure vulnerability in AWStats through 7.6 allows remote attackers to know where the config file is allocated, obtaining the full path of the server, a similar issue to CVE-2006-3682. | 5.0 |
2018-04-20 | CVE-2018-10201 | Ncomputing | Path Traversal vulnerability in Ncomputing Vspace PRO 10/11 An issue was discovered in NcMonitorServer.exe in NC Monitor Server in NComputing vSpace Pro 10 and 11. | 5.0 |
2018-04-19 | CVE-2018-0273 | Cisco | Unspecified vulnerability in Cisco Staros A vulnerability in the IPsec Manager of Cisco StarOS for Cisco Aggregation Services Router (ASR) 5000 Series Routers and Virtualized Packet Core (VPC) System Software could allow an unauthenticated, remote attacker to terminate all active IPsec VPN tunnels and prevent new tunnels from being established, resulting in a denial of service (DoS) condition. | 5.0 |
2018-04-19 | CVE-2018-0260 | Cisco | Improper Input Validation vulnerability in Cisco Mate Live 1.3 A vulnerability in the web interface of Cisco MATE Live could allow an unauthenticated, remote attacker to view and download the contents of certain web application virtual directories. | 5.0 |
2018-04-19 | CVE-2018-0256 | Cisco | Improper Input Validation vulnerability in Cisco ASR 5000 Series Software 20.3.0.66671/P2P2.16.879 A vulnerability in the peer-to-peer message processing functionality of Cisco Packet Data Network Gateway could allow an unauthenticated, remote attacker to cause the Session Manager (SESSMGR) process on an affected device to restart, resulting in a denial of service (DoS) condition. | 5.0 |
2018-04-19 | CVE-2018-0254 | Cisco | Protection Mechanism Failure vulnerability in Cisco Firepower Threat Defense A vulnerability in the detection engine of Cisco Firepower System Software could allow an unauthenticated, remote attacker to bypass configured file action policies if an Intelligent Application Bypass (IAB) with a drop percentage threshold is also configured. | 5.0 |
2018-04-19 | CVE-2018-0244 | Cisco | Protection Mechanism Failure vulnerability in Cisco Firepower Threat Defense A vulnerability in the detection engine of Cisco Firepower System Software could allow an unauthenticated, remote attacker to bypass a configured file action policy to drop the Server Message Block (SMB) protocol if a malware file is detected. | 5.0 |
2018-04-19 | CVE-2018-0243 | Cisco | Protection Mechanism Failure vulnerability in Cisco Firepower Threat Defense A vulnerability in the detection engine of Cisco Firepower System Software could allow an unauthenticated, remote attacker to bypass a configured file action policy that is intended to drop the Server Message Block Version 2 (SMB2) and SMB Version 3 (SMB3) protocols if malware is detected. | 5.0 |
2018-04-19 | CVE-2018-0239 | Cisco | Allocation of Resources Without Limits or Throttling vulnerability in Cisco Staros A vulnerability in the egress packet processing functionality of the Cisco StarOS operating system for Cisco Aggregation Services Router (ASR) 5700 Series devices and Virtualized Packet Core (VPC) System Software could allow an unauthenticated, remote attacker to cause an interface on the device to cease forwarding packets. | 5.0 |
2018-04-19 | CVE-2018-0237 | Cisco | Use of Incorrectly-Resolved Name or Reference vulnerability in Cisco Advanced Malware Protection FOR Endpoints 1.4(5) A vulnerability in the file type detection mechanism of the Cisco Advanced Malware Protection (AMP) for Endpoints macOS Connector could allow an unauthenticated, remote attacker to bypass malware detection. | 5.0 |
2018-04-19 | CVE-2018-0227 | Cisco | Improper Certificate Validation vulnerability in Cisco products A vulnerability in the Secure Sockets Layer (SSL) Virtual Private Network (VPN) Client Certificate Authentication feature for Cisco Adaptive Security Appliance (ASA) could allow an unauthenticated, remote attacker to establish an SSL VPN connection and bypass certain SSL certificate verification steps. | 5.0 |
2018-04-19 | CVE-2018-7920 | Huawei | Resource Exhaustion vulnerability in Huawei products Huawei AR1200 V200R006C10SPC300, AR160 V200R006C10SPC300, AR200 V200R006C10SPC300, AR2200 V200R006C10SPC300, AR3200 V200R006C10SPC300 devices have an improper resource management vulnerability. | 5.0 |
2018-04-19 | CVE-2017-3776 | Lenovo | Information Exposure vulnerability in Lenovo Help Lenovo Help Android mobile app versions earlier than 6.1.2.0327 allowed information to be transmitted over an HTTP channel, permitting others observing the channel to potentially see this information. | 5.0 |
2018-04-19 | CVE-2017-17310 | Huawei | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Huawei products Electronic Numbers to URI Mapping (ENUM) module in some Huawei products DP300 V500R002C00, RP200 V600R006C00, TE30 V100R001C10, V500R002C00, V600R006C00, TE40 V500R002C00, V600R006C00, TE50 V500R002C00, V600R006C00, TE60 V100R001C10, V500R002C00, V600R006C00 have a buffer error vulnerability. | 5.0 |
2018-04-19 | CVE-2018-1146 | Belkin | Unspecified vulnerability in Belkin N750 Firmware 1.10.22 A remote unauthenticated user can enable telnet on the Belkin N750 using firmware version 1.10.22 by sending a crafted HTTP request to set.cgi. | 5.0 |
2018-04-19 | CVE-2018-10219 | Baijiacms Project | Information Exposure vulnerability in Baijiacms Project Baijiacms 3.0 baijiacms V3 has physical path leakage via an index.php?mod=mobile&name=member&do=index request. | 5.0 |
2018-04-19 | CVE-2018-10205 | Hyper | Missing Release of Resource after Effective Lifetime vulnerability in Hyper Hyperstart 1.0.0 hyperstart 1.0.0 in HyperHQ Hyper has memory leaks in the container_setup_modules and hyper_rescan_scsi functions in container.c, related to runV 1.0.0 for Docker. | 5.0 |
2018-04-19 | CVE-2018-2873 | Oracle | Unspecified vulnerability in Oracle E-Business Suite Vulnerability in the Oracle General Ledger component of Oracle E-Business Suite (subcomponent: Account Hierarchy Manager). | 5.0 |
2018-04-19 | CVE-2018-2872 | Oracle | Unspecified vulnerability in Oracle E-Business Suite Vulnerability in the Oracle General Ledger component of Oracle E-Business Suite (subcomponent: Account Hierarchy Manager). | 5.0 |
2018-04-19 | CVE-2018-2869 | Oracle | Unspecified vulnerability in Oracle Human Resources Vulnerability in the Oracle Human Resources component of Oracle E-Business Suite (subcomponent: General Utilities). | 5.0 |
2018-04-19 | CVE-2018-2868 | Oracle | Unspecified vulnerability in Oracle Human Resources Vulnerability in the Oracle Human Resources component of Oracle E-Business Suite (subcomponent: General Utilities). | 5.0 |
2018-04-19 | CVE-2018-2867 | Oracle | Unspecified vulnerability in Oracle E-Business Suite Vulnerability in the Oracle Application Object Library component of Oracle E-Business Suite (subcomponent: Diagnostics). | 5.0 |
2018-04-19 | CVE-2018-2866 | Oracle | Unspecified vulnerability in Oracle E-Business Suite Vulnerability in the Oracle General Ledger component of Oracle E-Business Suite (subcomponent: Consolidation Hierarchy Viewer). | 5.0 |
2018-04-19 | CVE-2018-2865 | Oracle | Unspecified vulnerability in Oracle E-Business Suite Vulnerability in the Oracle General Ledger component of Oracle E-Business Suite (subcomponent: Consolidation Hierarchy Viewer). | 5.0 |
2018-04-19 | CVE-2018-2864 | Oracle | Unspecified vulnerability in Oracle E-Business Suite Vulnerability in the Oracle Application Object Library component of Oracle E-Business Suite (subcomponent: Diagnostics). | 5.0 |
2018-04-19 | CVE-2018-2858 | Oracle | Unspecified vulnerability in Oracle SUN ZFS Storage Appliance KIT 8.7.13 Vulnerability in the Sun ZFS Storage Appliance Kit (AK) component of Oracle Sun Systems Products Suite (subcomponent: HTTP data path subsystems). | 5.0 |
2018-04-19 | CVE-2018-2848 | Oracle | Unspecified vulnerability in Oracle Hospitality Simphony 1.6/1.7 Vulnerability in the Oracle Hospitality Simphony First Edition component of Oracle Hospitality Applications (subcomponent: Client Application Loader). | 5.0 |
2018-04-19 | CVE-2018-2832 | Oracle | Unspecified vulnerability in Oracle Goldengate 12.2.0.1 Vulnerability in the Oracle GoldenGate component of Oracle GoldenGate. | 5.0 |
2018-04-19 | CVE-2018-2765 | Oracle | Unspecified vulnerability in Oracle Security Service Vulnerability in the Oracle Security Service component of Oracle Fusion Middleware (subcomponent: Oracle SSL API). | 5.0 |
2018-04-18 | CVE-2018-7246 | Schneider Electric | Cleartext Transmission of Sensitive Information vulnerability in Schneider-Electric 66074 MGE Network Management Card Transverse A cleartext transmission of sensitive information vulnerability exists in Schneider Electric's 66074 MGE Network Management Card Transverse installed in MGE UPS and MGE STS. | 5.0 |
2018-04-18 | CVE-2018-7244 | Schneider Electric | Information Exposure vulnerability in Schneider-Electric 66074 MGE Network Management Card Transverse An information disclosure vulnerability exists In Schneider Electric's 66074 MGE Network Management Card Transverse installed in MGE UPS and MGE STS. | 5.0 |
2018-04-18 | CVE-2018-1000165 | Lightsaml | Incorrect Permission Assignment for Critical Resource vulnerability in Lightsaml LightSAML version prior to 1.3.5 contains a Incorrect Access Control vulnerability in signature validation in readers in src/LightSaml/Model/XmlDSig/ that can result in impersonation of any user from Identity Provider. | 5.0 |
2018-04-18 | CVE-2018-1000164 | Gunicorn Debian | CRLF Injection vulnerability in multiple products gunicorn version 19.4.5 contains a CWE-113: Improper Neutralization of CRLF Sequences in HTTP Headers vulnerability in "process_headers" function in "gunicorn/http/wsgi.py" that can result in an attacker causing the server to return arbitrary HTTP headers. | 5.0 |
2018-04-18 | CVE-2018-1274 | Pivotal Software | Allocation of Resources Without Limits or Throttling vulnerability in Pivotal Software Spring Data Commons and Spring Data Rest Spring Data Commons, versions 1.13 to 1.13.10, 2.0 to 2.0.5, and older unsupported versions, contain a property path parser vulnerability caused by unlimited resource allocation. | 5.0 |
2018-04-18 | CVE-2016-8220 | Pivotal Software | Information Exposure vulnerability in Pivotal Software Gemfire Pivotal Gemfire for PCF, versions 1.6.x prior to 1.6.5.0 and 1.7.x prior to 1.7.1.0, contain an information disclosure vulnerability. | 5.0 |
2018-04-18 | CVE-2016-2169 | Cloudfoundry | Code vulnerability in Cloudfoundry Capi-Release and Cf-Release Cloud Foundry Cloud Controller, capi-release versions prior to 1.0.0 and cf-release versions prior to v237, contain a business logic flaw. | 5.0 |
2018-04-18 | CVE-2018-6413 | Hikvision | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Hikvision Ds-2Cd9111-S Firmware There is a buffer overflow in the Hikvision Camera DS-2CD9111-S of V4.1.2 build 160203 and before, and this vulnerability allows remote attackers to launch a denial of service attack (service interruption) via a crafted network setting interface request. | 5.0 |
2018-04-18 | CVE-2016-10483 | Qualcomm | Improper Input Validation vulnerability in Qualcomm products In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile SD 410/12, SD 615/16/SD 415, SD 808, and SD 810, improper input validation while processing SCM Command can lead to unauthorized memory access. | 5.0 |
2018-04-18 | CVE-2016-10469 | Qualcomm | Improper Input Validation vulnerability in Qualcomm products In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear MDM9206, MDM9607, MDM9650, MSM8909W, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 808, SD 810, SD 820, SD 820A, SD 835, SD 845, and SD 850, incorrect implementation of RSA padding functions in CORE. | 5.0 |
2018-04-18 | CVE-2016-10447 | Qualcomm | Access of Uninitialized Pointer vulnerability in Qualcomm products In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9607, MDM9650, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 625, SD 650/52, SD 820, SD 835, and SDX20, secure UI crash due to uninitialized link list entry in dynamic font module. | 5.0 |
2018-04-18 | CVE-2016-10446 | Qualcomm | Configuration vulnerability in Qualcomm products In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear MDM9206, MDM9650, SD 210/SD 212/SD 205, SD 820, SD 820A, and SD 835, incorrect configuration of the OCIMEM MPU may provide NonSecure Software access to OCIMEM memory used by TZ. | 5.0 |
2018-04-18 | CVE-2016-10438 | Qualcomm | Information Exposure vulnerability in Qualcomm products In Android before 2018-04-05 or earlier security patch level on Qualcomm Small Cell SoC, Snapdragon Mobile, and Snapdragon Wear FSM9055, IPQ4019, IPQ8064, MDM9206, MDM9607, MDM9635M, MDM9640, MDM9650, MSM8909W, QCA4531, QCA9980, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 808, SD 810, SD 820, SD 835, and SDX20, information exposure vulnerability when logging debug statement due to %p usage. | 5.0 |
2018-04-18 | CVE-2016-10437 | Qualcomm | Information Exposure vulnerability in Qualcomm products In Android before 2018-04-05 or earlier security patch level on Qualcomm Small Cell SoC, Snapdragon Mobile, and Snapdragon Wear FSM9055, MDM9206, MDM9607, MDM9635M, MDM9640, MDM9650, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 808, SD 810, SD 820, SD 835, and SDX20, while logging debug statements or ftrace events from rmnet_data, the socket buffer function uses normal format specifiers which may result in information exposure. | 5.0 |
2018-04-18 | CVE-2016-10434 | Qualcomm | Improper Authentication vulnerability in Qualcomm SD 820 Firmware and SD 820A Firmware In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile and Snapdragon Mobile SD 820 and SD 820A, the input to RPMB write response function is a buffer from HLOS that needs to be authenticated (using HMAC) and then processed. | 5.0 |
2018-04-18 | CVE-2016-10429 | Qualcomm | Data Processing Errors vulnerability in Qualcomm products In Android before 2018-04-05 or earlier security patch level on Qualcomm Small Cell SoC, Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear FSM9055, IPQ4019, MDM9206, MDM9607, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 820A, and SDX20, three image types are loaded in the same manner without distinguishing them. | 5.0 |
2018-04-18 | CVE-2016-10428 | Qualcomm | Information Exposure vulnerability in Qualcomm products In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile and Snapdragon Mobile SD 425, SD 430, SD 450, SD 625, SD 650/52, SD 820, and SD 820A, HMAC verification in counter file uses an insecure memcmp which may assist a timing attack. | 5.0 |
2018-04-18 | CVE-2016-10423 | Qualcomm | Information Exposure vulnerability in Qualcomm products In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile and Snapdragon Mobile SD 425, SD 430, SD 450, SD 625, SD 650/52, SD 820, and SD 820A, when a Trusted Application has opened the SPI interface to a particular device, it is possible for another Trusted Application to read the data on this open interface due to non-exclusive access of the SPI bus. | 5.0 |
2018-04-18 | CVE-2016-10418 | Qualcomm | Improper Access Control vulnerability in Qualcomm products In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear MDM9206, MDM9650, SD 210/SD 212/SD 205, SD 425, SD 430, SD 450, SD 625, SD 650/52, SD 820, SD 820A, and SD 835, HLOS can enable PMIC debug through TCSR_QPDI_DISABLE_CFG due to improper access control. | 5.0 |
2018-04-18 | CVE-2016-10415 | Qualcomm | NULL Pointer Dereference vulnerability in Qualcomm products In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9607, MDM9640, MDM9650, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 600, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 835, and SDX20, dereference of an invalid input parameter could cause a denial of service. | 5.0 |
2018-04-18 | CVE-2016-10406 | Qualcomm | Information Exposure vulnerability in Qualcomm products In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile MDM9650, SD 210/SD 212/SD 205, SD 410/12, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 808, SD 810, SD 820, and SD 835, while printing debug message of a pointer in wlan_qmi_err_cb, the real kernel address will be printed regardless of the kptr_restrict system settings. | 5.0 |
2018-04-18 | CVE-2015-9213 | Qualcomm | Code vulnerability in Qualcomm products In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 600, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 835, SD 845, SD 850, and SDX20, the DIAG-EFS command EFS2_DIAG_DELTREE, which is handled by the function fs_diag_deltree_handler(), is used to delete files and directories only inside the /public folder. | 5.0 |
2018-04-18 | CVE-2015-9194 | Qualcomm | Information Exposure vulnerability in Qualcomm products In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile SD 210/SD 212/SD 205, SD 400, SD 425, SD 427, SD 430, SD 435, SD 450, SD 617, SD 625, SD 650/52, SD 800, SD 845, and Snapdragon_High_Med_2016, during module load at TZ Startup, memory statically allocated by modules was not being properly set to zero first. | 5.0 |
2018-04-18 | CVE-2015-9193 | Qualcomm | Improper Input Validation vulnerability in Qualcomm products In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear MDM9206, MDM9650, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 820A, SD 835, SD 845, and SD 850, improper input validation could cause a memory overread and cause the app to crash. | 5.0 |
2018-04-18 | CVE-2015-9189 | Qualcomm | Information Exposure vulnerability in Qualcomm products In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear IPQ4019, MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 600, SD 615/16/SD 415, SD 808, and SD 810, processing of TZ application command in tz_app_cmd_handler function could lead to potential content disclosure of secure memory. | 5.0 |
2018-04-18 | CVE-2015-9176 | Qualcomm | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Qualcomm products In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear MDM9206, MDM9650, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 820A, SD 835, SD 845, and SD 850, Input_address is registered as a shared buffer and is not properly checked before use in OEMCrypto_Generic_Sign(). | 5.0 |
2018-04-18 | CVE-2015-9169 | Qualcomm | Information Exposure vulnerability in Qualcomm products In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 615/16/SD 415, SD 617, SD 650/52, SD 800, SD 808, and SD 810, buffer over-read in QSEE app may cause confidential information to be leaked. | 5.0 |
2018-04-18 | CVE-2015-9166 | Qualcomm | Data Processing Errors vulnerability in Qualcomm products In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear IPQ4019, MDM9206, MDM9607, MDM9650, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 808, SD 810, SD 820, SD 820A, SD 835, SD 845, and SD 850, DRM provisioning mechanisms used in QSEE applications have a feature to prevent further provisioning. | 5.0 |
2018-04-18 | CVE-2015-9163 | Qualcomm | Information Exposure vulnerability in Qualcomm products In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear MDM9206, MDM9650, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 820A, SD 835, SD 845, and SD 850, in a PlayReady function, information exposure can occur. | 5.0 |
2018-04-18 | CVE-2015-9140 | Qualcomm | Improper Access Control vulnerability in Qualcomm products In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile, Snapdragon Wear, and Small Cell SoC FSM9055, MDM9206, MDM9607, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 600, SD 615/16/SD 415, SD 617, SD 650/52, SD 800, SD 808, SD 810, and SDX20, unauthorized memory access possible in online memory dump feature. | 5.0 |
2018-04-18 | CVE-2015-9137 | Qualcomm | Data Processing Errors vulnerability in Qualcomm products In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 600, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 835, SD 845, SD 850, and SDX20, several EFS2 DIAG command handlers are not calling fs_diag_access_check(). | 5.0 |
2018-04-18 | CVE-2015-9134 | Qualcomm | NULL Pointer Dereference vulnerability in Qualcomm products In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile SD 410/12, SD 615/16/SD 415, and SD 810, while processing QSEE Syscall 'qsee_macc_gen_ecc_privkey', untrusted pointer dereference occurs, which could result in arbitrary write. | 5.0 |
2018-04-18 | CVE-2015-9132 | Qualcomm | NULL Pointer Dereference vulnerability in Qualcomm products In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Small Cell SoC FSM9055, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 615/16/SD 415, SD 800, and SD 810, possible arbitrary memory read due to untrusted pointer dereference when handling HLOS controlled values passed to the QSEE syscall helper. | 5.0 |
2018-04-18 | CVE-2015-9131 | Qualcomm | Improper Input Validation vulnerability in Qualcomm products In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile SD 400, SD 410/12, SD 615/16/SD 415, SD 800, SD 808, and SD 810, lack of input validation in qsee can lead to unauthorized memory access. | 5.0 |
2018-04-18 | CVE-2015-9123 | Qualcomm | Information Exposure vulnerability in Qualcomm products In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile, Snapdragon Wear, and Small Cell SoC FSM9055, IPQ4019, MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 600, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 835, SD 845, SD 850, and SDX20, code to zeroize AES key could be compiled out by compiler which could potentially result in information disclosure. | 5.0 |
2018-04-18 | CVE-2015-9119 | Qualcomm | Information Exposure vulnerability in Qualcomm products In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 835, SD 845, SD 850, and SDX20, sensitive information may be returned to the QMI client as a response. | 5.0 |
2018-04-18 | CVE-2014-9986 | Qualcomm | Improper Input Validation vulnerability in Qualcomm products In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, and SD 820A, in playready_licacq_process_response(), 'cbResponse' value is controlled by HLOS, and there is no validation on this length. | 5.0 |
2018-04-18 | CVE-2014-10063 | Qualcomm | 7PK - Security Features vulnerability in Qualcomm Mdm9625 Firmware and SD 800 Firmware In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile MDM9625 and SD 800, a fuse is not correctly blown on a secure device. | 5.0 |
2018-04-18 | CVE-2014-10062 | Qualcomm | Information Exposure vulnerability in Qualcomm products In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MDM9206, MDM9607, MDM9640, MDM9650, MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 430, SD 450, SD 600, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 835, and SDX20, LocationService is being exported, which is a way for a service to expose its methods to other services. | 5.0 |
2018-04-18 | CVE-2014-10058 | Qualcomm | Permissions, Privileges, and Access Controls vulnerability in Qualcomm products In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile SD 210/SD 212/SD 205, SD 400, SD 425, SD 427, SD 430, SD 435, SD 450, SD 617, SD 625, SD 650/52, SD 800, SD 845, and Snapdragon_High_Med_2016, unauthorized users can potentially modify system time. | 5.0 |
2018-04-18 | CVE-2014-10055 | Qualcomm | Information Exposure vulnerability in Qualcomm SD 400 Firmware and SD 800 Firmware In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile SD 400 and SD 800, there could be leakage of protected contents if HLOS doesn't request for security restoration for OCMEM xPU's. | 5.0 |
2018-04-18 | CVE-2014-10047 | Qualcomm | Information Exposure vulnerability in Qualcomm SD 400 Firmware and SD 800 Firmware In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile SD 400 and SD 800, when writing the Full Disk Encryption key to crypto engine, information leak could occur. | 5.0 |
2018-04-18 | CVE-2014-10044 | Qualcomm | Improper Validation of Array Index vulnerability in Qualcomm products In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile MDM9615, MDM9625, MDM9635M, SD 210/SD 212/SD 205, SD 400, SD 617, SD 800, and SD 820, in the time daemon, unauthorized users can potentially modify system time and cause an array index to be out-of-bound. | 5.0 |
2018-04-18 | CVE-2014-10043 | Qualcomm | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Qualcomm products In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, and SD 800, while reading PlayReady rights string information from command buffer (which is sent from non-secure side), if length of rights string is very large, a buffer over read occurs, exposing TZ App memory to non-secure side. | 5.0 |
2018-04-18 | CVE-2018-10193 | Logmein | Resource Exhaustion vulnerability in Logmein Lastpass LogMeIn LastPass through 4.15.0 allows remote attackers to cause a denial of service (browser hang) via an HTML document because the resource consumption of onloadwff.js grows with the number of INPUT elements. | 5.0 |
2018-04-17 | CVE-2018-6798 | Debian Perl Canonical Redhat | Out-of-bounds Read vulnerability in multiple products An issue was discovered in Perl 5.22 through 5.26. | 5.0 |
2018-04-17 | CVE-2018-10189 | Mautic | Information Exposure vulnerability in Mautic An issue was discovered in Mautic 1.x and 2.x before 2.13.0. | 5.0 |
2018-04-17 | CVE-2018-5190 | Picturespro | Reliance on Cookies without Validation and Integrity Checking vulnerability in Picturespro 7.1.0 PicturesPro Photo Cart 6 and 7 before Security-Patch-2018-B allows remote attackers to access arbitrary customer accounts via a modified cookie, related to pc_head.php, pc_login.php, and pc_login_page.php. | 5.0 |
2018-04-17 | CVE-2018-10178 | Iacapps | Information Exposure vulnerability in IAC Fromdoctopdf The FromDocToPDF extension before 13.611.13.2303 for Chrome allows remote attackers to discover visited web sites via vectors involving a mostVisitedSites command. | 5.0 |
2018-04-16 | CVE-2018-0548 | Cybozu | Unspecified vulnerability in Cybozu Garoon Cybozu Garoon 4.0.0 to 4.6.0 allows remote authenticated attackers to bypass access restriction to view the closed title of "Space" via unspecified vectors. | 5.0 |
2018-04-16 | CVE-2018-10122 | Chanzhi | Path Traversal vulnerability in Chanzhi Pro1.6 QingDao Nature Easy Soft Chanzhi Enterprise Portal System (aka chanzhieps) pro1.6 allows remote attackers to read arbitrary files via directory traversal sequences in the pathname parameter to www/file.php. | 5.0 |
2018-04-16 | CVE-2018-10113 | Gegl | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Gegl Generic Graphics Library An issue was discovered in GEGL through 0.3.32. | 5.0 |
2018-04-16 | CVE-2018-10111 | Gegl | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Gegl 0.2.0 An issue was discovered in GEGL through 0.3.32. | 5.0 |
2018-04-16 | CVE-2018-1000169 | Jenkins | Information Exposure vulnerability in Jenkins An exposure of sensitive information vulnerability exists in Jenkins 2.115 and older, LTS 2.107.1 and older, in CLICommand.java and ViewOptionHandler.java that allows unauthorized attackers to confirm the existence of agents or views with an attacker-specified name by sending a CLI command to Jenkins. | 5.0 |
2018-04-16 | CVE-2014-2069 | Eshtery She7Ata | Path Traversal vulnerability in Eshtery.She7Ata Eshtery CMS Absolute path traversal vulnerability in Eshtery CMS allows remote attackers to read arbitrary files via a full pathname in the file parameter to FileManager.aspx. | 5.0 |
2018-04-16 | CVE-2014-1686 | Mediawiki | Information Exposure vulnerability in Mediawiki 1.18.0 MediaWiki 1.18.0 allows remote attackers to obtain the installation path via vectors related to thumbnail creation. | 5.0 |
2018-04-19 | CVE-2017-18261 | Linux | Infinite Loop vulnerability in Linux Kernel The arch_timer_reg_read_stable macro in arch/arm64/include/asm/arch_timer.h in the Linux kernel before 4.13 allows local users to cause a denial of service (infinite recursion) by writing to a file under /sys/kernel/debug in certain circumstances, as demonstrated by a scenario involving debugfs, ftrace, PREEMPT_TRACER, and FUNCTION_GRAPH_TRACER. | 4.9 |
2018-04-19 | CVE-2018-2770 | Oracle | Unspecified vulnerability in Oracle Adaptive Access Manager 11.1.2.3.0 Vulnerability in the Oracle Adaptive Access Manager component of Oracle Fusion Middleware (subcomponent: OAAM Admin). | 4.9 |
2018-04-19 | CVE-2018-2756 | Oracle | Unspecified vulnerability in Oracle Communications Order and Service Management Vulnerability in the Oracle Communications Order and Service Management component of Oracle Communications Applications (subcomponent: WebUI). | 4.9 |
2018-04-19 | CVE-2018-2752 | Oracle | Unspecified vulnerability in Oracle Peoplesoft Enterprise Human Capital Management 9.2 Vulnerability in the PeopleSoft Enterprise HCM component of Oracle PeopleSoft Products (subcomponent: Security). | 4.9 |
2018-04-19 | CVE-2018-2749 | Oracle | Unspecified vulnerability in Oracle products Vulnerability in the Oracle Banking Corporate Lending component of Oracle Financial Services Applications (subcomponent: Core module). | 4.9 |
2018-04-19 | CVE-2018-2563 | Oracle | Unspecified vulnerability in Oracle Solaris 10.0/11.3 Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: LDAP Library). | 4.9 |
2018-04-18 | CVE-2015-9218 | Qualcomm | 7PK - Errors vulnerability in Qualcomm products In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile and Snapdragon Wear MSM8909W, SD 210/SD 212/SD 205, SD 400, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 450, SD 625, SD 650/52, SD 800, SD 808, SD 810, SD 820, SD 835, SD 845, SDM630, SDM636, SDM660, and Snapdragon_High_Med_2016, when processing bad HEVC clips, the DPB fills, and with no error handling for DPB being full, a hang occurs. | 4.9 |
2018-04-18 | CVE-2018-10110 | D Link | Cross-site Scripting vulnerability in D-Link Dir-615 T1 Firmware 20.07 D-Link DIR-615 T1 devices allow XSS via the Add User feature. | 4.8 |
2018-04-19 | CVE-2018-2808 | Oracle | Unspecified vulnerability in Oracle Solaris 11.3 Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: Kernel). | 4.7 |
2018-04-19 | CVE-2018-2860 | Oracle | Unspecified vulnerability in Oracle VM Virtualbox Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). | 4.6 |
2018-04-19 | CVE-2018-2845 | Oracle | Unspecified vulnerability in Oracle VM Virtualbox Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). | 4.6 |
2018-04-19 | CVE-2018-2843 | Oracle | Unspecified vulnerability in Oracle VM Virtualbox Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). | 4.6 |
2018-04-19 | CVE-2018-2842 | Oracle | Unspecified vulnerability in Oracle VM Virtualbox Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). | 4.6 |
2018-04-19 | CVE-2018-2822 | Oracle | Unspecified vulnerability in Oracle Solaris Cluster 4.3 Vulnerability in the Solaris Cluster component of Oracle Sun Systems Products Suite (subcomponent: Cluster Geo). | 4.6 |
2018-04-19 | CVE-2018-1035 | Microsoft | Unspecified vulnerability in Microsoft Windows 10 and Windows Server 2016 A security feature bypass vulnerability exists in Windows which could allow an attacker to bypass Device Guard, aka "Windows Security Feature Bypass Vulnerability." This affects Windows 10, Windows 10 Servers. | 4.6 |
2018-04-17 | CVE-2018-8834 | Omron | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Omron products Parsing malformed project files in Omron CX-One versions 4.42 and prior, including the following applications: CX-FLnet versions 1.00 and prior, CX-Protocol versions 1.992 and prior, CX-Programmer versions 9.65 and prior, CX-Server versions 5.0.22 and prior, Network Configurator versions 3.63 and prior, and Switch Box Utility versions 1.68 and prior, may cause a heap-based buffer overflow. | 4.6 |
2018-04-17 | CVE-2018-7530 | Omron | Range Error vulnerability in Omron products Parsing malformed project files in Omron CX-One versions 4.42 and prior, including the following applications: CX-FLnet versions 1.00 and prior, CX-Protocol versions 1.992 and prior, CX-Programmer versions 9.65 and prior, CX-Server versions 5.0.22 and prior, Network Configurator versions 3.63 and prior, and Switch Box Utility versions 1.68 and prior, may allow the pointer to call an incorrect object resulting in an access of resource using incompatible type condition. | 4.6 |
2018-04-17 | CVE-2018-7514 | Omron | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Omron products Parsing malformed project files in Omron CX-One versions 4.42 and prior, including the following applications: CX-FLnet versions 1.00 and prior, CX-Protocol versions 1.992 and prior, CX-Programmer versions 9.65 and prior, CX-Server versions 5.0.22 and prior, Network Configurator versions 3.63 and prior, and Switch Box Utility versions 1.68 and prior, may cause a stack-based buffer overflow. | 4.6 |
2018-04-16 | CVE-2017-10140 | Postfix | Unspecified vulnerability in Postfix Postfix before 2.11.10, 3.0.x before 3.0.10, 3.1.x before 3.1.6, and 3.2.x before 3.2.2 might allow local users to gain privileges by leveraging undocumented functionality in Berkeley DB 2.x and later, related to reading settings from DB_CONFIG in the current directory. | 4.6 |
2018-04-19 | CVE-2018-2837 | Oracle | Unspecified vulnerability in Oracle VM Virtualbox Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). | 4.4 |
2018-04-19 | CVE-2018-2836 | Oracle | Unspecified vulnerability in Oracle VM Virtualbox Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). | 4.4 |
2018-04-19 | CVE-2018-2835 | Oracle | Unspecified vulnerability in Oracle VM Virtualbox Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). | 4.4 |
2018-04-19 | CVE-2018-2834 | Oracle | Unspecified vulnerability in Oracle Data Visualization Desktop 12.2.4.1.1 Vulnerability in the Oracle Data Visualization Desktop component of Oracle Fusion Middleware (subcomponent: Security). | 4.4 |
2018-04-19 | CVE-2018-2830 | Oracle | Unspecified vulnerability in Oracle VM Virtualbox Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). | 4.4 |
2018-04-19 | CVE-2018-2771 | Oracle Debian Canonical Mariadb Redhat Netapp | Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Locking). | 4.4 |
2018-04-17 | CVE-2018-8838 | Yokogawa | Unspecified vulnerability in Yokogawa products A weakness in access controls in CENTUM CS 1000 all versions, CENTUM CS 3000 versions R3.09.50 and earlier, CENTUM CS 3000 Small versions R3.09.50 and earlier, CENTUM VP versions R6.03.10 and earlier, CENTUM VP Small versions R6.03.10 and earlier, CENTUM VP Basic versions R6.03.10 and earlier, Exaopc versions R3.75.00 and earlier, B/M9000 CS all versions, and B/M9000 VP versions R8.01.01 and earlier may allow a local attacker to exploit the message management function of the system. | 4.4 |
2018-04-22 | CVE-2018-10296 | 1234N | Cross-site Scripting vulnerability in 1234N Minicms 1.10 MiniCMS V1.10 has XSS via the mc-admin/post-edit.php title parameter. | 4.3 |
2018-04-20 | CVE-2014-0927 | IBM | Improper Authentication vulnerability in IBM Sterling B2B Integrator and Sterling File Gateway The ActiveMQ admin user interface in IBM Sterling B2B Integrator 5.1 and 5.2 and Sterling File Gateway 2.1 and 2.2 allows remote attackers to bypass authentication by leveraging knowledge of the port number and webapp path. | 4.3 |
2018-04-20 | CVE-2014-6112 | IBM | Information Exposure vulnerability in IBM Security Identity Manager and Tivoli Identity Manager IBM Tivoli Identity Manager 5.1.x before 5.1.0.15-ISS-TIM-IF0057 and Security Identity Manager 6.0.x before 6.0.0.4-ISS-SIM-IF0001 and 7.0.x before 7.0.0.0-ISS-SIM-IF0003 make it easier for remote attackers to obtain sensitive information by leveraging support for weak SSL ciphers. | 4.3 |
2018-04-20 | CVE-2014-6108 | IBM | Information Exposure vulnerability in IBM Security Identity Manager and Tivoli Identity Manager IBM Tivoli Identity Manager 5.1.x before 5.1.0.15-ISS-TIM-IF0057 and Security Identity Manager 6.0.x before 6.0.0.4-ISS-SIM-IF0001 and 7.0.x before 7.0.0.0-ISS-SIM-IF0003 might allow man-in-the-middle attackers to obtain sensitive information by leveraging an unencrypted connection for interfaces. | 4.3 |
2018-04-19 | CVE-2018-0276 | Cisco | Cross-site Scripting vulnerability in Cisco Webex Connect IM A vulnerability in Cisco WebEx Connect IM could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of an affected system. | 4.3 |
2018-04-19 | CVE-2018-0272 | Cisco | Improper Handling of Exceptional Conditions vulnerability in Cisco Firepower 6.2.1/6.2.2.1 A vulnerability in the Secure Sockets Layer (SSL) Engine of Cisco Firepower System Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. | 4.3 |
2018-04-19 | CVE-2018-0269 | Cisco | Incorrect Authorization vulnerability in Cisco Digital Network Architecture Center 1.1 A vulnerability in the web framework of the Cisco Digital Network Architecture Center (DNA Center) could allow an unauthenticated, remote attacker to communicate with the Kong API server without restriction. | 4.3 |
2018-04-19 | CVE-2018-9861 | Ckeditor Drupal | Cross-site Scripting vulnerability in multiple products Cross-site scripting (XSS) vulnerability in the Enhanced Image (aka image2) plugin for CKEditor (in versions 4.5.10 through 4.9.1; fixed in 4.9.2), as used in Drupal 8 before 8.4.7 and 8.5.x before 8.5.2 and other products, allows remote attackers to inject arbitrary web script through a crafted IMG element. | 4.3 |
2018-04-19 | CVE-2018-10230 | Zend | Cross-site Scripting vulnerability in Zend Server 5.1.0/8.5/9.0 Zend Debugger in Zend Server before 9.1.3 has XSS, aka ZSR-2455. | 4.3 |
2018-04-19 | CVE-2018-2809 | Oracle | Unspecified vulnerability in Oracle Peoplesoft Enterprise Peopletools 8.54/8.55/8.56 Vulnerability in the PeopleSoft Enterprise PeopleTools component of Oracle PeopleSoft Products (subcomponent: Fluid Homepage & Navigation). | 4.3 |
2018-04-19 | CVE-2018-2785 | Oracle | Unspecified vulnerability in Oracle Peoplesoft Enterprise Peopletools 8.54/8.55/8.56 Vulnerability in the PeopleSoft Enterprise PeopleTools component of Oracle PeopleSoft Products (subcomponent: Stylesheet). | 4.3 |
2018-04-19 | CVE-2018-2761 | Oracle Debian Canonical Mariadb Netapp Redhat | Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Client programs). | 4.3 |
2018-04-19 | CVE-2018-2760 | Oracle | Unspecified vulnerability in Oracle Http Server 12.1.3/12.2.1.2 Vulnerability in the Oracle HTTP Server component of Oracle Fusion Middleware (subcomponent: OSSL Module). | 4.3 |
2018-04-18 | CVE-2018-1325 | Wicket Jquery UI Project | Cross-site Scripting vulnerability in Wicket-Jquery-Ui Project Wicket-Jquery-Ui In Apache wicket-jquery-ui <= 6.29.0, <= 7.10.1, <= 8.0.0-M9.1, JS code created in WYSIWYG editor will be executed on display. | 4.3 |
2018-04-18 | CVE-2018-1000163 | Projectfloodlight | Cross-site Scripting vulnerability in Projectfloodlight Floodlight 1.2 Floodlight version 1.2 and earlier contains a Cross Site Scripting (XSS) vulnerability in the web console that can result in javascript injections into the web page. | 4.3 |
2018-04-18 | CVE-2018-1000162 | Parsedown | Cross-site Scripting vulnerability in Parsedown Parsedown version prior to 1.7.0 contains a Cross Site Scripting (XSS) vulnerability in `setMarkupEscaped` for escaping HTML that can result in JavaScript code execution. | 4.3 |
2018-04-18 | CVE-2018-1000160 | Risingstack | Cross-site Scripting vulnerability in Risingstack Protect 1.1.0/1.2.0 RisingStack protect version 1.2.0 and earlier contains a Cross Site Scripting (XSS) vulnerability in isXss() function in lib/rules/xss.js that can result in dangerous XSS strings being validated as safe. | 4.3 |
2018-04-18 | CVE-2018-1000159 | Tlslite NG Project | Improper Validation of Integrity Check Value vulnerability in Tlslite-Ng Project Tlslite-Ng tlslite-ng version 0.7.3 and earlier, since commit d7b288316bca7bcdd082e6ccff5491e241305233 contains a CWE-354: Improper Validation of Integrity Check Value vulnerability in TLS implementation, tlslite/utils/constanttime.py: ct_check_cbc_mac_and_pad(); line "end_pos = data_len - 1 - mac.digest_size" that can result in an attacker manipulating the TLS ciphertext which will not be detected by receiving tlslite-ng. | 4.3 |
2018-04-18 | CVE-2018-1000158 | Cmsmadesimple | Incorrect Permission Assignment for Critical Resource vulnerability in Cmsmadesimple CMS Made Simple 2.2.7 cmsmadesimple version 2.2.7 contains a Incorrect Access Control vulnerability in the function of send_recovery_email in the line "$url = $config['admin_url'] . | 4.3 |
2018-04-18 | CVE-2018-8831 | Kodi | Cross-site Scripting vulnerability in Kodi A Persistent XSS vulnerability exists in Kodi (formerly XBMC) through 17.6 that allows the execution of arbitrary HTML/script code in the context of the victim user's browser via a playlist. | 4.3 |
2018-04-18 | CVE-2018-9990 | Zulip | Cross-site Scripting vulnerability in Zulip Server In Zulip Server versions before 1.7.2, there was an XSS issue with stream names in topic typeahead. | 4.3 |
2018-04-18 | CVE-2018-9987 | Zulip | Cross-site Scripting vulnerability in Zulip Server In Zulip Server versions 1.5.x, 1.6.x, and 1.7.x before 1.7.2, there was an XSS issue with muting notifications. | 4.3 |
2018-04-18 | CVE-2018-9986 | Zulip | Cross-site Scripting vulnerability in Zulip Server In Zulip Server versions before 1.7.2, there were XSS issues with the frontend markdown processor. | 4.3 |
2018-04-18 | CVE-2018-8071 | Mautic | Cross-site Scripting vulnerability in Mautic Mautic before v2.13.0 has stored XSS via a theme config file. | 4.3 |
2018-04-18 | CVE-2017-12196 | Redhat | Incorrect Authorization vulnerability in Redhat products undertow before versions 1.4.18.SP1, 2.0.2.Final, 1.4.24.Final was found vulnerable when using Digest authentication, the server does not ensure that the value of URI in the Authorization header matches the URI in HTTP request line. | 4.3 |
2018-04-17 | CVE-2018-10187 | Radare | Out-of-bounds Read vulnerability in Radare Radare2 2.5.0 In radare2 2.5.0, there is a heap-based buffer over-read in the dalvik_op function (libr/anal/p/anal_dalvik.c). | 4.3 |
2018-04-17 | CVE-2018-10186 | Radare | Out-of-bounds Read vulnerability in Radare Radare2 2.5.0 In radare2 2.5.0, there is a heap-based buffer over-read in the r_hex_bin2str function (libr/util/hex.c). | 4.3 |
2018-04-17 | CVE-2018-10183 | Bigtreecms | Cross-site Scripting vulnerability in Bigtreecms Bigtree CMS 4.2.22 An issue was discovered in BigTree 4.2.22. | 4.3 |
2018-04-16 | CVE-2018-10177 | Imagemagick Canonical | Infinite Loop vulnerability in multiple products In ImageMagick 7.0.7-28, there is an infinite loop in the ReadOneMNGImage function of the coders/png.c file. | 4.3 |
2018-04-16 | CVE-2018-10138 | Catalooksupport | Cross-site Scripting vulnerability in Catalooksupport .Netstore The CATALooK.netStore module through 7.2.8 for DNN (formerly DotNetNuke) allows XSS via the /ViewEditGoogleMaps.aspx PortalID or CATSkin parameter, or the /ImageViewer.aspx link or desc parameter. | 4.3 |
2018-04-16 | CVE-2018-10136 | Iscripts | Cross-site Scripting vulnerability in Iscripts Uberforx 2.2 iScripts UberforX 2.2 has Stored XSS in the "manage_settings" section of the Admin Panel via a value field to the /cms?section=manage_settings&action=edit URI. | 4.3 |
2018-04-16 | CVE-2018-10135 | Iscripts | Cross-site Scripting vulnerability in Iscripts Eswap 2.4 iScripts eSwap v2.4 has Reflected XSS via the "catwiseproducts.php" catid parameter in the User Panel. | 4.3 |
2018-04-16 | CVE-2018-10128 | Xyhcms Project | Cross-site Scripting vulnerability in Xyhcms Project Xyhcms 3.5 An issue was discovered in XYHCMS 3.5. | 4.3 |
2018-04-16 | CVE-2016-9592 | Redhat | Resource Management Errors vulnerability in Redhat Openshift 3.2.1.23/3.3.1.11/3.4 openshift before versions 3.3.1.11, 3.2.1.23, 3.4 is vulnerable to a flaw when a volume fails to detach, which causes the delete operation to fail with 'VolumeInUse' error. | 4.3 |
2018-04-16 | CVE-2018-0560 | Hatena | Improper Input Validation vulnerability in Hatena Bookmark 3.0/3.70 Hatena Bookmark App for iOS Version 3.0 to 3.70 allows remote attackers to spoof the address bar via vectors related to URL display. | 4.3 |
2018-04-16 | CVE-2018-10102 | Wordpress Debian | Cross-site Scripting vulnerability in Wordpress Before WordPress 4.9.5, the version string was not escaped in the get_the_generator function, and could lead to XSS in a generator tag. | 4.3 |
2018-04-16 | CVE-2018-10097 | Smartscriptsolutions | Cross-site Scripting vulnerability in Smartscriptsolutions Domain Trader 2.5.3 XSS exists in Domain Trader 2.5.3 via the recoverlogin.php email_address parameter. | 4.3 |
2018-04-22 | CVE-2018-10286 | Ericssonlg | Insufficiently Protected Credentials vulnerability in Ericssonlg Ipecs NMS A.1Ac The Ericsson-LG iPECS NMS A.1Ac web application discloses sensitive information such as the NMS admin credentials and the PostgreSQL database credentials to logged-in users via the responses to certain HTTP POST requests. | 4.0 |
2018-04-20 | CVE-2018-10176 | Digitalguardian | Path Traversal vulnerability in Digitalguardian Management Console 7.1.2.0015 Digital Guardian Management Console 7.1.2.0015 has a Directory Traversal issue. | 4.0 |
2018-04-20 | CVE-2018-10175 | Digitalguardian | XXE vulnerability in Digitalguardian Management Console 7.1.2.0015 Digital Guardian Management Console 7.1.2.0015 has an XXE issue. | 4.0 |
2018-04-20 | CVE-2018-10174 | Digitalguardian | Server-Side Request Forgery (SSRF) vulnerability in Digitalguardian Management Console 7.1.2.0015 Digital Guardian Management Console 7.1.2.0015 has an SSRF issue that allows remote attackers to read arbitrary files via file:// URLs, send TCP traffic to intranet hosts, or obtain an NTLM hash. | 4.0 |
2018-04-20 | CVE-2018-10077 | Vertiv | XXE vulnerability in Vertiv Watchdog Console 3.2.2 XML external entity (XXE) vulnerability in Geist WatchDog Console 3.2.2 allows remote authenticated administrators to read arbitrary files via crafted XML data. | 4.0 |
2018-04-20 | CVE-2014-4782 | IBM | Information Exposure vulnerability in IBM Infosphere Biginsights 2.1.2 IBM InfoSphere BigInsights 2.1.2 allows remote authenticated users to discover SMTP server credentials via vectors related to the Alert management service. | 4.0 |
2018-04-19 | CVE-2018-0266 | Cisco | Forced Browsing vulnerability in Cisco Unified Communications Manager A vulnerability in the web framework of Cisco Unified Communications Manager could allow an authenticated, remote attacker to view sensitive data. | 4.0 |
2018-04-19 | CVE-2018-2863 | Oracle | Unspecified vulnerability in Oracle SUN ZFS Storage Appliance KIT 8.7.13 Vulnerability in the Sun ZFS Storage Appliance Kit (AK) component of Oracle Sun Systems Products Suite (subcomponent: API frameworks). | 4.0 |
2018-04-19 | CVE-2018-2849 | Oracle | Unspecified vulnerability in Oracle Primavera P6 Enterprise Project Portfolio Management Vulnerability in the Primavera P6 Enterprise Project Portfolio Management component of Oracle Construction and Engineering Suite (subcomponent: Web Access). | 4.0 |
2018-04-19 | CVE-2018-2847 | Oracle | Unspecified vulnerability in Oracle Hospitality Simphony 1.6/1.7 Vulnerability in the Oracle Hospitality Simphony First Edition component of Oracle Hospitality Applications (subcomponent: Operations). | 4.0 |
2018-04-19 | CVE-2018-2846 | Oracle Canonical Netapp | Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Performance Schema). | 4.0 |
2018-04-19 | CVE-2018-2839 | Oracle Canonical Netapp | Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DML). | 4.0 |
2018-04-19 | CVE-2018-2824 | Oracle | Unspecified vulnerability in Oracle Hospitality Simphony 2.10/2.8/2.9 Vulnerability in the Oracle Hospitality Simphony component of Oracle Hospitality Applications (subcomponent: Enterprise Management Console). | 4.0 |
2018-04-19 | CVE-2018-2823 | Oracle | Unspecified vulnerability in Oracle Transportation Management 6.4.3 Vulnerability in the Oracle Transportation Management component of Oracle Supply Chain Products Suite (subcomponent: Database). | 4.0 |
2018-04-19 | CVE-2018-2820 | Oracle | Unspecified vulnerability in Oracle Peoplesoft Enterprise Peopletools 8.54/8.55/8.56 Vulnerability in the PeopleSoft Enterprise PeopleTools component of Oracle PeopleSoft Products (subcomponent: Fluid Core). | 4.0 |
2018-04-19 | CVE-2018-2819 | Oracle Mariadb Canonical Debian Redhat Netapp | Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). | 4.0 |
2018-04-19 | CVE-2018-2818 | Oracle Canonical Debian Netapp | Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server : Security : Privileges). | 4.0 |
2018-04-19 | CVE-2018-2817 | Oracle Canonical Debian Redhat Mariadb Netapp | Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). | 4.0 |
2018-04-19 | CVE-2018-2816 | Oracle Canonical Netapp | Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). | 4.0 |
2018-04-19 | CVE-2018-2813 | Oracle Debian Canonical Redhat Netapp Mariadb | Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). | 4.0 |
2018-04-19 | CVE-2018-2810 | Oracle Netapp Canonical Mariadb | Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). | 4.0 |
2018-04-19 | CVE-2018-2805 | Oracle | Unspecified vulnerability in Oracle Mysql Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: GIS Extension). | 4.0 |
2018-04-19 | CVE-2018-2800 | Oracle Redhat Debian Canonical Schneider Electric HP | Vulnerability in the Java SE, JRockit component of Oracle Java SE (subcomponent: RMI). | 4.0 |
2018-04-19 | CVE-2018-2789 | Oracle | Unspecified vulnerability in Oracle Siebel Core-Server Framework 17.0 Vulnerability in the Siebel Core - Server Framework component of Oracle Siebel CRM (subcomponent: Services). | 4.0 |
2018-04-19 | CVE-2018-2784 | Oracle Canonical Mariadb Debian Netapp | Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). | 4.0 |
2018-04-19 | CVE-2018-2782 | Oracle Canonical Mariadb Debian Netapp | Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). | 4.0 |
2018-04-19 | CVE-2018-2781 | Debian Netapp Canonical Mariadb Oracle Redhat | Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). | 4.0 |
2018-04-19 | CVE-2018-2780 | Oracle Canonical | Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). | 4.0 |
2018-04-19 | CVE-2018-2779 | Oracle Canonical | Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). | 4.0 |
2018-04-19 | CVE-2018-2778 | Oracle Canonical | Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). | 4.0 |
2018-04-19 | CVE-2018-2777 | Oracle Netapp Canonical Mariadb | Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). | 4.0 |
2018-04-19 | CVE-2018-2776 | Oracle Canonical | Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Group Replication GCS). | 4.0 |
2018-04-19 | CVE-2018-2775 | Oracle Canonical | Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). | 4.0 |
2018-04-19 | CVE-2018-2769 | Oracle Canonical | Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Pluggable Auth). | 4.0 |
2018-04-19 | CVE-2018-2759 | Oracle Netapp Canonical Mariadb | Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). | 4.0 |
2018-04-19 | CVE-2018-2758 | Oracle | Unspecified vulnerability in Oracle Mysql Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server : Security : Privileges). | 4.0 |
2018-04-19 | CVE-2018-2747 | Oracle | Unspecified vulnerability in Oracle products Vulnerability in the Oracle Banking Corporate Lending component of Oracle Financial Services Applications (subcomponent: Core module). | 4.0 |
2018-04-18 | CVE-2016-10443 | Qualcomm | 7PK - Security Features vulnerability in Qualcomm products In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear MDM9206, MDM9607, MDM9635M, MDM9640, MDM9645, MDM9650, MSM8909W, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 808, SD 810, SD 820, SD 820A, SD 835, SD 845, and SD 850, packet replay may be possible. | 4.0 |
2018-04-17 | CVE-2018-1371 | IBM | Unspecified vulnerability in IBM Websphere MQ 8.0.0.8/9.0.0.2/9.0.4 An IBM WebSphere MQ 8.0.0.8, 9.0.0.2, and 9.0.4 Client connecting to a MQ Queue Manager can cause a SIGSEGV in the AMQRMPPA channel process terminating it. | 4.0 |
2018-04-17 | CVE-2017-6020 | Lcds | Path Traversal vulnerability in Lcds Laquis Scada Leao Consultoria e Desenvolvimento de Sistemas (LCDS) LTDA ME LAquis SCADA software versions prior to version 4.1.0.3237 do not neutralize external input to ensure that users are not calling for absolute path sequences outside of their privilege level. | 4.0 |
2018-04-17 | CVE-2017-12701 | Cpap | Improper Input Validation vulnerability in Cpap Luna Cpap Machine Firmware BMC Medical Luna CPAP Machines released prior to July 1, 2017, contain an improper input validation vulnerability which may allow an authenticated attacker to crash the CPAP's Wi-Fi module resulting in a denial-of-service condition. | 4.0 |
2018-04-16 | CVE-2018-0550 | Cybozu | Unspecified vulnerability in Cybozu Garoon Cybozu Garoon 3.5.0 to 4.6.1 allows remote authenticated attackers to bypass access restriction to view the closed title of "Cabinet" via unspecified vectors. | 4.0 |
2018-04-16 | CVE-2018-0533 | Cybozu | Unspecified vulnerability in Cybozu Garoon Cybozu Garoon 3.0.0 to 4.2.6 allows remote authenticated attackers to bypass access restriction to alter setting data of session authentication via unspecified vectors. | 4.0 |
2018-04-16 | CVE-2018-0532 | Cybozu | Cross-site Scripting vulnerability in Cybozu Garoon Cybozu Garoon 3.0.0 to 4.2.6 allows remote authenticated attackers to bypass access restriction to alter setting data of the Standard database via unspecified vectors. | 4.0 |
2018-04-16 | CVE-2018-0531 | Cybozu | Unspecified vulnerability in Cybozu Garoon Cybozu Garoon 3.0.0 to 4.2.6 allows remote authenticated attackers to bypass access restriction to view or alter an access privilege of a folder and/or notification settings via unspecified vectors. | 4.0 |
44 Low Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2018-04-19 | CVE-2018-2755 | Oracle Debian Canonical Mariadb Netapp Redhat | Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Replication). | 3.7 |
2018-04-19 | CVE-2018-2754 | Oracle | Unspecified vulnerability in Oracle Solaris 11.3 Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: ZVNET Driver). | 3.6 |
2018-04-16 | CVE-2018-5382 | Bouncycastle Redhat | Improper Validation of Integrity Check Value vulnerability in multiple products The default BKS keystore use an HMAC that is only 16 bits long, which can allow an attacker to compromise the integrity of a BKS keystore. | 3.6 |
2018-04-22 | CVE-2018-10298 | Discuz | Cross-site Scripting vulnerability in Discuz Discuzx 3.4 Discuz! DiscuzX through X3.4 has reflected XSS via forum.php?mod=post&action=newthread because data/template/1_diy_portal_view.tpl.php does not restrict the content. | 3.5 |
2018-04-22 | CVE-2018-10297 | Discuz | Cross-site Scripting vulnerability in Discuz Discuzx 3.4 Discuz! DiscuzX through X3.4 has stored XSS via the portal.php?mod=portalcp&ac=article URI, related to mishandling of IMG elements associated with remote images. | 3.5 |
2018-04-22 | CVE-2017-17889 | Kliqqi | Cross-site Scripting vulnerability in Kliqqi CMS 3.5.2 Kliqqi CMS 3.5.2 has XSS via a crafted group name in pligg/groups.php, a crafted Homepage string in a profile, or a crafted string in Tags or Description within pligg/submit.php. | 3.5 |
2018-04-22 | CVE-2018-10268 | Fastadmin | Cross-site Scripting vulnerability in Fastadmin 1.0.0.20180417 An issue was discovered in FastAdmin V1.0.0.20180417_beta. | 3.5 |
2018-04-21 | CVE-2017-15640 | Phpipam | Cross-site Scripting vulnerability in PHPipam app/sections/user-menu.php in phpIPAM before 1.3.1 has XSS via the ip parameter. | 3.5 |
2018-04-20 | CVE-2018-7747 | Calderalabs | Cross-site Scripting vulnerability in Calderalabs Caldera Forms Multiple cross-site scripting (XSS) vulnerabilities in the Caldera Forms plugin before 1.6.0-rc.1 for WordPress allow remote attackers to inject arbitrary web script or HTML via vectors involving (1) a greeting message, (2) the email transaction log, or (3) an imported form. | 3.5 |
2018-04-20 | CVE-2018-10078 | Vertiv | Cross-site Scripting vulnerability in Vertiv Watchdog Console 3.2.2 Cross-site scripting (XSS) vulnerability in Geist WatchDog Console 3.2.2 allows remote authenticated administrators to inject arbitrary web script or HTML via a server description. | 3.5 |
2018-04-20 | CVE-2014-6109 | IBM | Improper Access Control vulnerability in IBM Security Identity Manager and Tivoli Identity Manager IBM Tivoli Identity Manager 5.1.x before 5.1.0.15-ISS-TIM-IF0057 and Security Identity Manager 6.0.x before 6.0.0.4-ISS-SIM-IF0001 and 7.0.x before 7.0.0.0-ISS-SIM-IF0003 allow remote authenticated users to bypass intended access restrictions and obtain sensitive information via vectors related to server side LDAP queries. | 3.5 |
2018-04-20 | CVE-2018-10250 | Icmsdev | Cross-site Scripting vulnerability in Icmsdev Icms 7.0.8 iCMS V7.0.8 has XSS via the admincp.php keywords parameter in a weixin_category action, aka a WeChat Classified Management keyword search. | 3.5 |
2018-04-19 | CVE-2018-9137 | Open Audit | Improper Neutralization of Formula Elements in a CSV File vulnerability in Open-Audit 2.1 Open-AudIT before 2.2 has CSV Injection. | 3.5 |
2018-04-19 | CVE-2018-10227 | 1234N | Cross-site Scripting vulnerability in 1234N Minicms 1.10 MiniCMS v1.10 has XSS via the mc-admin/conf.php site_link parameter. | 3.5 |
2018-04-19 | CVE-2018-10221 | Wuzhicms | Cross-site Scripting vulnerability in Wuzhicms 4.1.0 An issue was discovered in WUZHI CMS V4.1.0. | 3.5 |
2018-04-18 | CVE-2018-1000161 | Nmap | Path Traversal vulnerability in Nmap nmap version 6.49BETA6 through 7.60, up to and including SVN revision 37147 contains a Directory Traversal vulnerability in NSE script http-fetch that can result in file overwrite as the user is running it. | 3.5 |
2018-04-18 | CVE-2018-9999 | Zulip | Cross-site Scripting vulnerability in Zulip Server In Zulip Server versions before 1.7.2, there was an XSS issue with user uploads and the (default) LOCAL_UPLOADS_DIR storage backend. | 3.5 |
2018-04-17 | CVE-2018-5431 | Tibco | Cross-site Scripting vulnerability in Tibco products The domain designer component of TIBCO Software Inc.'s TIBCO JasperReports Server, TIBCO JasperReports Server Community Edition, TIBCO JasperReports Server for ActiveMatrix BPM, TIBCO Jaspersoft for AWS with Multi-Tenancy, and TIBCO Jaspersoft Reporting and Analytics for AWS contains a vulnerability which may allow, in the context of a non-default permissions configuration, persisted cross-site scripting (XSS) attacks. | 3.5 |
2018-04-17 | CVE-2018-1445 | IBM | Cross-site Scripting vulnerability in IBM Websphere Portal IBM WebSphere Portal 8.0.0 through 8.0.0.1, 8.5, and 9.0 is vulnerable to cross-site scripting. | 3.5 |
2018-04-17 | CVE-2017-18102 | Atlassian | Cross-site Scripting vulnerability in Atlassian Jira Server The wiki markup component of atlassian-renderer from version 8.0.0 before version 8.0.22 allows remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability in nested wiki markup. | 3.5 |
2018-04-16 | CVE-2015-1952 | IBM | Cross-site Scripting vulnerability in IBM Security Appscan Cross-site scripting (XSS) vulnerability in IBM AppScan Enterprise Edition 9.0.x before 9.0.2 iFix 001 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 3.5 |
2018-04-16 | CVE-2018-0551 | Cybozu | Cross-site Scripting vulnerability in Cybozu Garoon Cross-site scripting vulnerability in Cybozu Garoon 3.0.0 to 4.6.1 allows remote authenticated attackers to inject arbitrary web script or HTML via unspecified vectors. | 3.5 |
2018-04-16 | CVE-2018-0549 | Cybozu | Cross-site Scripting vulnerability in Cybozu Garoon Cross-site scripting vulnerability in Cybozu Garoon 3.0.0 to 4.6.0 allows remote authenticated attackers to inject arbitrary web script or HTML via unspecified vectors. | 3.5 |
2018-04-16 | CVE-2018-9169 | Zblogcn | Cross-site Scripting vulnerability in Zblogcn Z-Blogphp 1.5.1 Z-BlogPHP 1.5.1 has XSS via the zb_users/plugin/AppCentre/plugin_edit.php app_id parameter. | 3.5 |
2018-04-16 | CVE-2018-10121 | Monstra | Cross-site Scripting vulnerability in Monstra 3.0.4 plugins/box/pages/pages.admin.php in Monstra CMS 3.0.4 has a stored XSS vulnerability when an attacker has access to the editor role, and enters the payload in the title section of an admin/index.php?id=pages&action=edit_page&name=error404 (aka Edit 404 page) action. | 3.5 |
2018-04-16 | CVE-2018-10118 | Monstra | Cross-site Scripting vulnerability in Monstra 3.0.4 Monstra CMS 3.0.4 has Stored XSS via the Name field on the Create New Page screen under the admin/index.php?id=pages URI, related to plugins/box/pages/pages.admin.php. | 3.5 |
2018-04-16 | CVE-2018-10109 | Monstra | Cross-site Scripting vulnerability in Monstra 3.0.4 Monstra CMS 3.0.4 has a stored XSS vulnerability when an attacker has access to the editor role, and enters the payload in the content section of a new page in the blog catalog. | 3.5 |
2018-04-16 | CVE-2018-1000170 | Jenkins | Cross-site Scripting vulnerability in Jenkins A cross-site scripting vulnerability exists in Jenkins 2.115 and older, LTS 2.107.1 and older, in confirmationList.jelly and stopButton.jelly that allows attackers with Job/Configure and/or Job/Create permission to create an item name containing JavaScript that would be executed in another user's browser when that other user performs some UI actions. | 3.5 |
2018-04-19 | CVE-2018-0257 | Cisco | Unspecified vulnerability in Cisco IOS XE A vulnerability in Cisco IOS XE Software running on Cisco cBR Series Converged Broadband Routers could allow an unauthenticated, adjacent attacker to cause high CPU usage on an affected device, resulting in a denial of service (DoS) condition. | 3.3 |
2018-04-18 | CVE-2018-7758 | Schneider Electric | Insufficient Session Expiration vulnerability in Schneider-Electric products A denial of service vulnerability exists in Schneider Electric's MiCOM Px4x (P540 range excluded) with legacy Ethernet board, MiCOM P540D Range with Legacy Ethernet Board, and MiCOM Px4x Rejuvenated could lose network communication in case of TCP/IP open requests on port 20000 (DNP3oE) if an older TCI/IP session is still open with identical IP address and port number. | 3.3 |
2018-04-19 | CVE-2018-2790 | Oracle Redhat Debian Canonical HP Schneider Electric | Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Security). | 3.1 |
2018-04-18 | CVE-2018-1240 | EMC | Information Exposure vulnerability in EMC Vipr Controller 3.0.0.39 Dell EMC ViPR Controller, versions after 3.0.0.38, contain an information exposure vulnerability in the VRRP. | 2.7 |
2018-04-19 | CVE-2018-2753 | Oracle | Unspecified vulnerability in Oracle Solaris 11.3 Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: Python modules). | 2.6 |
2018-04-20 | CVE-2018-10079 | Vertiv | Improper Privilege Management vulnerability in Vertiv Watchdog Console 3.2.2 Geist WatchDog Console 3.2.2 uses a weak ACL for the C:\ProgramData\WatchDog Console directory, which allows local users to modify configuration data by updating (1) config.xml or (2) servers.xml. | 2.1 |
2018-04-20 | CVE-2014-6111 | IBM | Credentials Management vulnerability in IBM Security Identity Manager and Tivoli Identity Manager IBM Tivoli Identity Manager 5.1.x before 5.1.0.15-ISS-TIM-IF0057 and Security Identity Manager 6.0.x before 6.0.0.4-ISS-SIM-IF0001 and 7.0.x before 7.0.0.0-ISS-SIM-IF0003 store encrypted user credentials and the keystore password in cleartext in configuration files, which allows local users to decrypt SIM credentials via unspecified vectors. | 2.1 |
2018-04-19 | CVE-2018-0267 | Cisco | Forced Browsing vulnerability in Cisco Unified Communications Manager A vulnerability in the web framework of Cisco Unified Communications Manager could allow an authenticated, local attacker to view sensitive data that should be restricted. | 2.1 |
2018-04-19 | CVE-2018-2831 | Oracle | Unspecified vulnerability in Oracle VM Virtualbox Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). | 2.1 |
2018-04-19 | CVE-2018-2793 | Oracle | Unspecified vulnerability in Oracle Peoplesoft Enterprise PT Peopletools 8.54/8.55/8.56 Vulnerability in the PeopleSoft Enterprise PT PeopleTools component of Oracle PeopleSoft Products (subcomponent: PsAdmin). | 2.1 |
2018-04-19 | CVE-2018-2763 | Oracle | Unspecified vulnerability in Oracle Solaris 11.3 Vulnerability in the Solaris component of Oracle Sun Systems Products Suite (subcomponent: NTPD). | 2.1 |
2018-04-19 | CVE-2018-2762 | Oracle Canonical | Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Connection). | 2.1 |
2018-04-16 | CVE-2018-10124 | Linux Debian Canonical | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Linux Kernel The kill_something_info function in kernel/signal.c in the Linux kernel before 4.13, when an unspecified architecture and compiler is used, might allow local users to cause a denial of service via an INT_MIN argument. | 2.1 |
2018-04-19 | CVE-2018-2877 | Oracle | Unspecified vulnerability in Oracle Mysql Cluster Vulnerability in the MySQL Cluster component of Oracle MySQL (subcomponent: Cluster: ndbcluster/plugin). | 1.9 |
2018-04-19 | CVE-2018-2874 | Oracle | Unspecified vulnerability in Oracle E-Business Suite 12.1.3 Vulnerability in the Oracle Application Object Library component of Oracle E-Business Suite (subcomponent: Logging). | 1.9 |
2018-04-19 | CVE-2018-2773 | Oracle Debian Canonical | Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Client programs). | 1.9 |