Weekly Vulnerabilities Reports > April 23 to 29, 2018

Overview

252 new vulnerabilities reported during this period, including 6 critical vulnerabilities and 62 high severity vulnerabilities. This weekly summary report vulnerabilities in 380 products from 112 vendors including Debian, IBM, Blender, Redhat, and Canonical. Vulnerabilities are notably categorized as "Cross-site Scripting", "Integer Overflow or Wraparound", "Out-of-bounds Write", "Information Exposure", and "Improper Restriction of Operations within the Bounds of a Memory Buffer".

  • 202 reported vulnerabilities are remotely exploitables.
  • 16 reported vulnerabilities have public exploit available.
  • 73 reported vulnerabilities are related to weaknesses in OWASP Top Ten.
  • 186 reported vulnerabilities are exploitable by an anonymous user.
  • Debian has the most reported vulnerabilities, with 61 reported vulnerabilities.
  • CDC has the most reported critical vulnerabilities, with 2 reported vulnerabilities.

TOTAL
VULNERABILITIES
CRITICAL RISK
VULNERABILITIES
HIGH RISK
VULNERABILITIES
MEDIUM RISK
VULNERABILITIES
LOW RISK
VULNERABILITIES
REMOTELY
EXPLOITABLE
LOCALLY
EXPLOITABLE
EXPLOIT
AVAILABLE
EXPLOITABLE
ANONYMOUSLY
AFFECTING
WEB APPLICATION

Vulnerability Details

The following table list reported vulnerabilities for the period covered by this report:

Expand/Hide

6 Critical Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2018-04-26 CVE-2018-10381 Mcafee Incorrect Permission Assignment for Critical Resource vulnerability in Mcafee Tunnelbear 3.2.0.6

TunnelBear 3.2.0.6 for Windows suffers from a SYSTEM privilege escalation vulnerability through the "TunnelBearMaintenance" service.

10.0
2018-04-25 CVE-2018-10362 Phpliteadmin Improper Authentication vulnerability in PHPliteadmin

An issue was discovered in phpLiteAdmin 1.9.5 through 1.9.7.1.

9.8
2018-04-24 CVE-2018-6491 Microfocus Unspecified vulnerability in Microfocus Ucmdb Configuration Manager

Local Escalation of Privilege vulnerability to Micro Focus Universal CMDB, versions 10.20, 10.21, 10.22, 10.30, 10.31, 10.32, 10.33, 11.00.

9.8
2018-04-26 CVE-2018-9113 CDC Code Injection vulnerability in CDC Microbetrace 0.1.12

Centers for Disease Control and Prevention MicrobeTRACE 0.1.12 allows remote attackers to execute arbitrary code, related to code injection via a crafted CSV file with an initial '><script type="text/javascript" src=' line.

9.3
2018-04-26 CVE-2018-8974 CDC Code Injection vulnerability in CDC Microbetrace 0.1.11

Centers for Disease Control and Prevention MicrobeTRACE 0.1.11 allows remote attackers to execute arbitrary code, related to code injection via a crafted CSV file with an initial 'Source<script type="text/javascript" src=' line.

9.3
2018-04-24 CVE-2017-2832 Foscam Command Injection vulnerability in Foscam C1 Firmware 2.52.2.37

An exploitable command injection vulnerability exists in the web management interface used by the Foscam C1 Indoor HD Camera running application firmware 2.52.2.37.

9.0

62 High Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2018-04-26 CVE-2018-3851 Hyland Out-of-bounds Write vulnerability in Hyland Perceptive Document Filters 11.4.0.2647

In Hyland Perceptive Document Filters 11.4.0.2647 - x86/x64 Windows/Linux, an exploitable stack-based buffer overflow exists in the DOC-to-HTML conversion functionality of the Hyland Perceptive Document Filters version 11.4.0.2647.

8.8
2018-04-26 CVE-2018-3845 Hyland Double Free vulnerability in Hyland Perceptive Document Filters 11.4.0.2647

In Hyland Perceptive Document Filters 11.4.0.2647 - x86/x64 Windows/Linux, a crafted OpenDocument document can lead to a SkCanvas object double free resulting in direct code execution.

8.8
2018-04-26 CVE-2018-3844 Hyland Use After Free vulnerability in Hyland Perceptive Document Filters 11.4.0.2647

In Hyland Perceptive Document Filters 11.4.0.2647 - x86/x64 Windows/Linux, a crafted DOCX document can lead to a use-after-free resulting in direct code execution.

8.8
2018-04-26 CVE-2016-9602 Qemu
Debian
Link Following vulnerability in multiple products

Qemu before version 2.9 is vulnerable to an improper link following when built with the VirtFS.

8.8
2018-04-24 CVE-2017-14448 Libsdl
Debian
Out-of-bounds Write vulnerability in multiple products

An exploitable code execution vulnerability exists in the XCF image rendering functionality of SDL2_image-2.0.2.

8.8
2018-04-24 CVE-2017-14442 Libsdl
Debian
Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products

An exploitable code execution vulnerability exists in the BMP image rendering functionality of SDL2_image-2.0.2.

8.8
2018-04-24 CVE-2017-14441 Libsdl
Debian
Integer Overflow or Wraparound vulnerability in multiple products

An exploitable code execution vulnerability exists in the ICO image rendering functionality of SDL2_image-2.0.2.

8.8
2018-04-24 CVE-2017-14440 Libsdl
Debian
Out-of-bounds Write vulnerability in multiple products

An exploitable code execution vulnerability exists in the ILBM image rendering functionality of SDL2_image-2.0.2.

8.8
2018-04-24 CVE-2017-12122 Libsdl
Debian
Out-of-bounds Write vulnerability in multiple products

An exploitable code execution vulnerability exists in the ILBM image rendering functionality of SDL2_image-2.0.2.

8.8
2018-04-24 CVE-2017-12108 Libxls Project Integer Overflow or Wraparound vulnerability in Libxls Project Libxls 1.4

An exploitable integer overflow vulnerability exists in the xls_preparseWorkSheet function of libxls 1.4 when handling a MULBLANK record.

8.8
2018-04-24 CVE-2016-8384 Marklogic Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Marklogic 8.05.5

An exploitable heap corruption vulnerability exists in the DHFSummary functionality of AntennaHouse DMC HTMLFilter.

8.8
2018-04-24 CVE-2016-8383 Marklogic Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Marklogic 8.05.5

An exploitable heap corruption vulnerability exists in the Doc_GetFontTable functionality of AntennaHouse DMC HTMLFilter.

8.8
2018-04-23 CVE-2018-3850 Foxit Use After Free vulnerability in Foxit PDF Reader 9.0.1.1049

An exploitable use-after-free vulnerability exists in the JavaScript engine Foxit Software Foxit PDF Reader version 9.0.1.1049.

8.8
2018-04-23 CVE-2017-14458 Foxit Use After Free vulnerability in Foxit PDF Reader 8.3.2.25013

An exploitable use-after-free vulnerability exists in the JavaScript engine of Foxit Software's Foxit PDF Reader version 8.3.2.25013.

8.8
2018-04-27 CVE-2018-10520 Cmsmadesimple Incorrect Permission Assignment for Critical Resource vulnerability in Cmsmadesimple CMS Made Simple

In CMS Made Simple (CMSMS) through 2.2.7, the "module remove" operation in the admin dashboard contains an arbitrary file deletion vulnerability that can cause DoS, exploitable by an admin user, because the attacker can remove all lib/ files in all directories.

8.5
2018-04-27 CVE-2018-10518 Cmsmadesimple Incorrect Permission Assignment for Critical Resource vulnerability in Cmsmadesimple CMS Made Simple

In CMS Made Simple (CMSMS) through 2.2.7, the "file delete" operation in the admin dashboard contains an arbitrary file deletion vulnerability that can cause DoS, exploitable by an admin user, because the attacker can remove all lib/ files in all directories.

8.5
2018-04-24 CVE-2017-2833 Foscam Command Injection vulnerability in Foscam C1 Firmware 2.52.2.37

An exploitable command injection vulnerability exists in the web management interface used by the Foscam C1 Indoor HD Camera running application firmware 2.52.2.37.

8.5
2018-04-25 CVE-2017-12712 Abbott Improper Authentication vulnerability in Abbott products

The authentication algorithm in Abbott Laboratories pacemakers manufactured prior to Aug 28, 2017, which involves an authentication key and time stamp, can be compromised or bypassed, which may allow a nearby attacker to issue unauthorized commands to the pacemaker via RF communications.

8.3
2018-04-25 CVE-2018-1335 Apache Unspecified vulnerability in Apache Tika

From Apache Tika versions 1.7 to 1.17, clients could send carefully crafted headers to tika-server that could be used to inject commands into the command line of the server running tika-server.

8.1
2018-04-24 CVE-2016-9587 Redhat
Ansible
Improper Input Validation vulnerability in multiple products

Ansible before versions 2.1.4, 2.2.1 is vulnerable to an improper input validation in Ansible's handling of data sent from client systems.

8.1
2018-04-23 CVE-2016-9594 Haxx Improper Initialization vulnerability in Haxx Curl

curl before version 7.52.1 is vulnerable to an uninitialized random in libcurl's internal function that returns a good 32bit random value.

8.1
2018-04-23 CVE-2016-9586 Haxx Heap-based Buffer Overflow vulnerability in Haxx Curl

curl before version 7.52.0 is vulnerable to a buffer overflow when doing a large floating point output in libcurl's implementation of the printf() functions.

8.1
2018-04-29 CVE-2018-10537 Wavpack
Debian
Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products

An issue was discovered in WavPack 5.1.0 and earlier.

7.8
2018-04-29 CVE-2018-10536 Wavpack
Debian
Out-of-bounds Write vulnerability in multiple products

An issue was discovered in WavPack 5.1.0 and earlier.

7.8
2018-04-27 CVE-2018-7669 Sitecore Path Traversal vulnerability in Sitecore Sitecore.Net 8.1

An issue was discovered in Sitecore Sitecore.NET 8.1 rev.

7.8
2018-04-26 CVE-2018-3855 Hyland Double Free vulnerability in Hyland Perceptive Document Filters 11.2.0.1732/11.4.0.2647

In Hyland Perceptive Document Filters 11.4.0.2647 - x86/x64 Windows/Linux, a crafted OpenDocument document can lead to a SkCanvas object double free resulting in direct code execution.

7.8
2018-04-24 CVE-2018-3836 Leptonica
Debian
OS Command Injection vulnerability in multiple products

An exploitable command injection vulnerability exists in the gplotMakeOutput function of Leptonica 1.74.4.

7.8
2018-04-24 CVE-2017-12105 Blender
Debian
Integer Overflow or Wraparound vulnerability in multiple products

An exploitable integer overflow exists in the way that the Blender open-source 3d creation suite v2.78c applies a particular object modifier to a Mesh.

7.8
2018-04-24 CVE-2017-12104 Blender
Debian
Integer Overflow or Wraparound vulnerability in multiple products

An exploitable integer overflow exists in the way that the Blender open-source 3d creation suite v2.78c draws a Particle object.

7.8
2018-04-24 CVE-2017-12103 Blender
Debian
Integer Overflow or Wraparound vulnerability in multiple products

An exploitable integer overflow exists in the way that the Blender open-source 3d creation suite v2.78c converts text rendered as a font into a curve.

7.8
2018-04-24 CVE-2017-12102 Blender
Debian
Integer Overflow or Wraparound vulnerability in multiple products

An exploitable integer overflow exists in the way that the Blender open-source 3d creation suite v2.78c converts curves to polygons.

7.8
2018-04-24 CVE-2017-12101 Blender
Debian
Integer Overflow or Wraparound vulnerability in multiple products

An exploitable integer overflow exists in the 'modifier_mdef_compact_influences' functionality of the Blender open-source 3d creation suite v2.78c.

7.8
2018-04-24 CVE-2017-12100 Blender
Debian
Integer Overflow or Wraparound vulnerability in multiple products

An exploitable integer overflow exists in the 'multires_load_old_dm' functionality of the Blender open-source 3d creation suite v2.78c.

7.8
2018-04-24 CVE-2017-12099 Blender
Debian
Integer Overflow or Wraparound vulnerability in multiple products

An exploitable integer overflow exists in the upgrade of the legacy Mesh attribute 'tface' of the Blender open-source 3d creation suite v2.78c.

7.8
2018-04-24 CVE-2017-12086 Blender
Debian
Integer Overflow or Wraparound vulnerability in multiple products

An exploitable integer overflow exists in the 'BKE_mesh_calc_normals_tessface' functionality of the Blender open-source 3d creation suite.

7.8
2018-04-24 CVE-2017-12082 Blender
Debian
Integer Overflow or Wraparound vulnerability in multiple products

An exploitable integer overflow exists in the 'CustomData' Mesh loading functionality of the Blender open-source 3d creation suite.

7.8
2018-04-24 CVE-2017-12081 Blender
Debian
Integer Overflow or Wraparound vulnerability in multiple products

An exploitable integer overflow exists in the upgrade of a legacy Mesh attribute of the Blender open-source 3d creation suite v2.78c.

7.8
2018-04-24 CVE-2016-9043 Corel Out-of-bounds Write vulnerability in Corel Coreldraw X8

An out of bound write vulnerability exists in the EMF parsing functionality of CorelDRAW X8 (CdrGfx - Corel Graphics Engine (64-Bit) - 18.1.0.661).

7.8
2018-04-24 CVE-2016-9038 Sophos Race Condition vulnerability in Sophos Invincea-X 6.1.324058

An exploitable double fetch vulnerability exists in the SboxDrv.sys driver functionality of Invincea-X 6.1.3-24058.

7.8
2018-04-24 CVE-2016-8732 Sophos Permission Issues vulnerability in Sophos Invincea Dell Protected Workspace 5.1.122303

Multiple security flaws exists in InvProtectDrv.sys which is a part of Invincea Dell Protected Workspace 5.1.1-22303.

7.8
2018-04-24 CVE-2016-8730 Corel Out-of-bounds Write vulnerability in Corel Coreldraw Photo Paint X8 18.1.0.661

An of bound write / memory corruption vulnerability exists in the GIF parsing functionality of Core PHOTO-PAINT X8 18.1.0.661.

7.8
2018-04-24 CVE-2016-8729 Artifex Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Artifex Mupdf 1.9

An exploitable memory corruption vulnerability exists in the JBIG2 parser of Artifex MuPDF 1.9.

7.8
2018-04-24 CVE-2016-8728 Artifex Out-of-bounds Write vulnerability in Artifex Mupdf 1.10

An exploitable heap out of bounds write vulnerability exists in the Fitz graphical library part of the MuPDF renderer.

7.8
2018-04-23 CVE-2018-8781 Linux
Canonical
Debian
Redhat
Integer Overflow or Wraparound vulnerability in multiple products

The udl_fb_mmap function in drivers/gpu/drm/udl/udl_fb.c at the Linux kernel version 3.4 and up to and including 4.15 has an integer-overflow vulnerability allowing local users with access to the udldrmfb driver to obtain full read and write permissions on kernel physical pages, resulting in a code execution in kernel space.

7.8
2018-04-29 CVE-2018-9845 Etherpad Improper Handling of Case Sensitivity vulnerability in Etherpad Lite

Etherpad Lite before 1.6.4 is exploitable for admin access.

7.5
2018-04-28 CVE-2018-10468 Uetoken Improper Input Validation vulnerability in Uetoken Useless Ethereum Token

The transferFrom function of a smart contract implementation for Useless Ethereum Token (UET), an Ethereum ERC20 token, allows attackers to steal assets (e.g., transfer all victims' balances into their account) because certain computations involving _value are incorrect, as exploited in the wild starting in December 2017, aka the "transferFlaw" issue.

7.5
2018-04-27 CVE-2014-2552 Brookinsconsulting Permissions, Privileges, and Access Controls vulnerability in Brookinsconsulting Collected Information Export 1.1.0

Brookins Consulting (BC) Collected Information Export extension for eZ Publish 1.1.0 does not properly restrict access, which allows remote attackers to gain access to sensitive data.

7.5
2018-04-27 CVE-2018-10469 B3Log Unrestricted Upload of File with Dangerous Type vulnerability in B3Log Symphony 2.6.0

b3log Symphony (aka Sym) 2.6.0 allows remote attackers to upload and execute arbitrary JSP files via the name[] parameter to the /upload URI.

7.5
2018-04-26 CVE-2018-10429 Cosmocms Code Injection vulnerability in Cosmocms Cosmo 1.0.0

Cosmo 1.0.0Beta6 allows attackers to execute arbitrary PHP code via the Database Prefix field on the Database Info screen of install.php.

7.5
2018-04-26 CVE-2017-9284 Netiq Information Exposure vulnerability in Netiq Identity Manager 4.6/4.6.1/4.6.2

IDM 4.6 Identity Applications prior to 4.6.2.1 may expose sensitive information.

7.5
2018-04-25 CVE-2014-5014 Tinywebgallery Command Injection vulnerability in Tinywebgallery Wordpress Flash Uploader

The WordPress Flash Uploader plugin before 3.1.3 for WordPress allows remote attackers to execute arbitrary commands via vectors related to invalid characters in image_magic_path.

7.5
2018-04-25 CVE-2018-1112 Gluster Unspecified vulnerability in Gluster Glusterfs

glusterfs server before versions 3.10.12, 4.0.2 is vulnerable when using 'auth.allow' option which allows any unauthenticated gluster client to connect from any network to mount gluster storage volumes.

7.5
2018-04-25 CVE-2018-10375 Dedecms Unrestricted Upload of File with Dangerous Type vulnerability in Dedecms 5.7

A file uploading vulnerability exists in /include/helpers/upload.helper.php in DedeCMS V5.7 SP2, which can be utilized by attackers to upload and execute arbitrary PHP code via the /dede/archives_do.php?dopost=uploadLitpic litpic parameter when "Content-Type: image/jpeg" is sent, but the filename ends in .php and contains PHP code.

7.5
2018-04-24 CVE-2017-2885 Gnome
Debian
Redhat
Out-of-bounds Write vulnerability in multiple products

An exploitable stack based buffer overflow vulnerability exists in the GNOME libsoup 2.58.

7.5
2018-04-24 CVE-2017-12087 Tinysvcmdns Project Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Tinysvcmdns Project Tinysvcmdns 20160718

An exploitable heap overflow vulnerability exists in the tinysvcmdns library version 2016-07-18.

7.5
2018-04-24 CVE-2018-4832 Siemens Improper Input Validation vulnerability in Siemens products

A vulnerability has been identified in OpenPCS 7 V7.1 and earlier (All versions), OpenPCS 7 V8.0 (All versions), OpenPCS 7 V8.1 (All versions < V8.1 Upd5), OpenPCS 7 V8.2 (All versions), OpenPCS 7 V9.0 (All versions < V9.0 Upd1), SIMATIC BATCH V7.1 and earlier (All versions), SIMATIC BATCH V8.0 (All versions < V8.0 SP1 Upd21), SIMATIC BATCH V8.1 (All versions < V8.1 SP1 Upd16), SIMATIC BATCH V8.2 (All versions < V8.2 Upd10), SIMATIC BATCH V9.0 (All versions < V9.0 SP1), SIMATIC NET PC Software V14 (All versions < V14 SP1 Update 14), SIMATIC NET PC Software V15 (All versions < 15 SP1), SIMATIC PCS 7 V7.1 and earlier (All versions), SIMATIC PCS 7 V8.0 (All versions), SIMATIC PCS 7 V8.1 (All versions), SIMATIC PCS 7 V8.2 (All versions < V8.2 SP1), SIMATIC PCS 7 V9.0 (All versions < V9.0 SP1), SIMATIC Route Control V7.1 and earlier (All versions), SIMATIC Route Control V8.0 (All versions), SIMATIC Route Control V8.1 (All versions), SIMATIC Route Control V8.2 (All versions), SIMATIC Route Control V9.0 (All versions < V9.0 Upd1), SIMATIC WinCC Runtime Professional V13 (All versions < V13 SP2 Upd2), SIMATIC WinCC Runtime Professional V14 (All versions < V14 SP1 Upd5), SIMATIC WinCC V7.2 and earlier (All versions < WinCC 7.2 Upd 15), SIMATIC WinCC V7.3 (All versions < WinCC 7.3 Upd 16), SIMATIC WinCC V7.4 (All versions < V7.4 SP1 Upd 4), SPPA-T3000 Application Server (All versions < Service Pack R8.2 SP2).

7.5
2018-04-24 CVE-2018-10305 Simplemachines Unspecified vulnerability in Simplemachines Simple Machines Forum

The MessageSearch2 function in PersonalMessage.php in Simple Machines Forum (SMF) before 2.0.15 does not properly use the possible_users variable in a query, which might allow attackers to bypass intended access restrictions.

7.5
2018-04-23 CVE-2017-7893 Saltstack Unspecified vulnerability in Saltstack Salt

In SaltStack Salt before 2016.3.6, compromised salt-minions can impersonate the salt-master.

7.5
2018-04-23 CVE-2017-17833 Openslp
Debian
Canonical
Redhat
Lenovo
Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products

OpenSLP releases in the 1.0.2 and 1.1.0 code streams have a heap-related memory corruption issue which may manifest itself as a denial-of-service or a remote code-execution vulnerability.

7.5
2018-04-26 CVE-2018-10431 D Link OS Command Injection vulnerability in D-Link Dir-615 Firmware 2.5.17

D-Link DIR-615 2.5.17 devices allow Remote Code Execution via shell metacharacters in the Host field of the System / Traceroute screen.

7.2
2018-04-25 CVE-2018-10361 KDE Exposure of Resource to Wrong Sphere vulnerability in KDE Ktexteditor

An issue was discovered in KTextEditor 5.34.0 through 5.45.0.

7.2
2018-04-24 CVE-2013-3947 Ahnlab Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Ahnlab V3 Internet Security 8.0.7.5

Buffer overflow in MedCoreD.sys in AhnLab V3 Internet Security 8.0.7.5 (Build 1373) allows local users to gain privileges via a crafted 0xA3350014 IOCTL call.

7.2

148 Medium Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2018-04-29 CVE-2018-10549 PHP
Canonical
Debian
Netapp
Out-of-bounds Read vulnerability in PHP

An issue was discovered in PHP before 5.6.36, 7.0.x before 7.0.30, 7.1.x before 7.1.17, and 7.2.x before 7.2.5.

6.8
2018-04-29 CVE-2018-10529 Canonical
Libraw
Out-of-bounds Read vulnerability in multiple products

An issue was discovered in LibRaw 0.18.9.

6.8
2018-04-29 CVE-2018-10528 Canonical
Libraw
Out-of-bounds Write vulnerability in multiple products

An issue was discovered in LibRaw 0.18.9.

6.8
2018-04-27 CVE-2018-10504 WEB Dorado Improper Neutralization of Formula Elements in a CSV File vulnerability in Web-Dorado Form Maker

The WebDorado "Form Maker by WD" plugin before 1.12.24 for WordPress allows CSV injection.

6.8
2018-04-27 CVE-2018-10503 Baijiacms Project Cross-Site Request Forgery (CSRF) vulnerability in Baijiacms Project Baijiacms 41420170105

An issue was discovered in index.php in baijiacms V4 v4_1_4_20170105.

6.8
2018-04-27 CVE-2013-7202 Paypal Permissions, Privileges, and Access Controls vulnerability in Paypal

The WebHybridClient class in PayPal 5.3 and earlier for Android allows remote attackers to execute arbitrary JavaScript on the system.

6.8
2018-04-27 CVE-2018-1479 IBM Cross-Site Request Forgery (CSRF) vulnerability in IBM Bigfix Platform

IBM BigFix Platform 9.2 and 9.5 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts.

6.8
2018-04-26 CVE-2018-7527 WE CON Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in We-Con products

A buffer overflow can be triggered in LeviStudio HMI Editor, Version 1.10 part of Wecon LeviStudioU 1.8.29, and PI Studio HMI Project Programmer, Build: November 11, 2017 and prior by opening a specially crafted file.

6.8
2018-04-26 CVE-2017-14010 Spidercontrol
Microsoft
Uncontrolled Search Path Element vulnerability in Spidercontrol Scada Microbrowser 1.6.30.144

In SpiderControl MicroBrowser Windows XP, Vista 7, 8 and 10, Versions 1.6.30.144 and prior, an uncontrolled search path element vulnerability has been identified which could be exploited by placing a specially crafted DLL file in the search path.

6.8
2018-04-26 CVE-2017-1721 IBM Code Injection vulnerability in IBM Qradar Security Information and Event Manager

IBM Security QRadar SIEM 7.2 and 7.3 could allow an unauthenticated user to execute code remotely with lower level privileges under unusual circumstances.

6.8
2018-04-26 CVE-2018-10392 Xiph ORG
Debian
Redhat
Out-of-bounds Write vulnerability in multiple products

mapping0_forward in mapping0.c in Xiph.Org libvorbis 1.3.6 does not validate the number of channels, which allows remote attackers to cause a denial of service (heap-based buffer overflow or over-read) or possibly have unspecified other impact via a crafted file.

6.8
2018-04-25 CVE-2018-8837 Advantech Out-of-bounds Write vulnerability in Advantech Webaccess HMI Designer 2.1.7.32

Processing specially crafted .pm3 files in Advantech WebAccess HMI Designer 2.1.7.32 and prior may cause the system to write outside the intended buffer area and may allow remote code execution.

6.8
2018-04-25 CVE-2018-8835 Advantech Double Free vulnerability in Advantech Webaccess HMI Designer 2.1.7.32

Double free vulnerabilities in Advantech WebAccess HMI Designer 2.1.7.32 and prior caused by processing specially crafted .pm3 files may allow remote code execution.

6.8
2018-04-25 CVE-2018-8833 Advantech Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Advantech Webaccess HMI Designer 2.1.7.32

Heap-based buffer overflow vulnerabilities in Advantech WebAccess HMI Designer 2.1.7.32 and prior caused by processing specially crafted .pm3 files may allow remote code execution.

6.8
2018-04-24 CVE-2017-17557 Foxitsoftware Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Foxitsoftware Foxit Reader and Phantompdf

In Foxit Reader before 9.1 and Foxit PhantomPDF before 9.1, a flaw exists within the parsing of the BITMAPINFOHEADER record in BMP files.

6.8
2018-04-24 CVE-2017-2924 Freexl Project
Debian
Out-of-bounds Write vulnerability in multiple products

An exploitable heap-based buffer overflow vulnerability exists in the read_legacy_biff function of FreeXL 1.0.3.

6.8
2018-04-24 CVE-2017-2923 Freexl Project
Debian
Out-of-bounds Write vulnerability in multiple products

An exploitable heap based buffer overflow vulnerability exists in the 'read_biff_next_record function' of FreeXL 1.0.3.

6.8
2018-04-24 CVE-2017-2918 Blender
Debian
Integer Overflow or Wraparound vulnerability in multiple products

An exploitable integer overflow exists in the Image loading functionality of the Blender open-source 3d creation suite v2.78c.

6.8
2018-04-24 CVE-2017-2908 Blender
Debian
Integer Overflow or Wraparound vulnerability in multiple products

An exploitable integer overflow exists in the thumbnail functionality of the Blender open-source 3d creation suite version 2.78c.

6.8
2018-04-24 CVE-2017-2907 Blender
Debian
Integer Overflow or Wraparound vulnerability in multiple products

An exploitable integer overflow exists in the animation playing functionality of the Blender open-source 3d creation suite version 2.78c.

6.8
2018-04-24 CVE-2017-2906 Blender
Debian
Integer Overflow or Wraparound vulnerability in multiple products

An exploitable integer overflow exists in the animation playing functionality of the Blender open-source 3d creation suite version 2.78c.

6.8
2018-04-24 CVE-2017-2905 Blender
Debian
Integer Overflow or Wraparound vulnerability in multiple products

An exploitable integer overflow exists in the bmp loading functionality of the Blender open-source 3d creation suite version 2.78c.

6.8
2018-04-24 CVE-2017-2904 Blender
Debian
Integer Overflow or Wraparound vulnerability in multiple products

An exploitable integer overflow exists in the RADIANCE loading functionality of the Blender open-source 3d creation suite version 2.78c.

6.8
2018-04-24 CVE-2017-2903 Blender
Debian
Integer Overflow or Wraparound vulnerability in multiple products

An exploitable integer overflow exists in the DPX loading functionality of the Blender open-source 3d creation suite version 2.78c.

6.8
2018-04-24 CVE-2017-2902 Blender
Debian
Integer Overflow or Wraparound vulnerability in multiple products

An exploitable integer overflow exists in the DPX loading functionality of the Blender open-source 3d creation suite version 2.78c.

6.8
2018-04-24 CVE-2017-2901 Blender
Debian
Integer Overflow or Wraparound vulnerability in multiple products

An exploitable integer overflow exists in the IRIS loading functionality of the Blender open-source 3d creation suite version 2.78c.

6.8
2018-04-24 CVE-2017-2900 Blender
Debian
Integer Overflow or Wraparound vulnerability in multiple products

An exploitable integer overflow exists in the PNG loading functionality of the Blender open-source 3d creation suite version 2.78c.

6.8
2018-04-24 CVE-2017-2899 Blender
Debian
Integer Overflow or Wraparound vulnerability in multiple products

An exploitable integer overflow exists in the TIFF loading functionality of the Blender open-source 3d creation suite version 2.78c.

6.8
2018-04-24 CVE-2017-2840 Ezbsystems Classic Buffer Overflow vulnerability in Ezbsystems Ultraiso 9.6.6.3300

A buffer overflow vulnerability exists in the ISO parsing functionality of EZB Systems UltraISO 9.6.6.3300.

6.8
2018-04-24 CVE-2017-2835 Freerdp
Debian
Out-of-bounds Write vulnerability in multiple products

An exploitable code execution vulnerability exists in the RDP receive functionality of FreeRDP 2.0.0-beta1+android11.

6.8
2018-04-24 CVE-2017-2834 Freerdp
Debian
Out-of-bounds Write vulnerability in multiple products

An exploitable code execution vulnerability exists in the authentication functionality of FreeRDP 2.0.0-beta1+android11.

6.8
2018-04-24 CVE-2017-2812 Kakadusoftware Out-of-bounds Write vulnerability in Kakadusoftware Kakadu SDK 7.9

A code execution vulnerability exists in the kdu_buffered_expand function of the Kakadu SDK 7.9.

6.8
2018-04-24 CVE-2017-2811 Kakadusoftware Out-of-bounds Write vulnerability in Kakadusoftware Kakadu SDK 7.9

A code execution vulnerability exists in the Kakadu SDK 7.9's parsing of compressed JPEG 2000 images.

6.8
2018-04-24 CVE-2017-2804 Corel Out-of-bounds Write vulnerability in Corel Coreldraw Photo Paint X8 18.1.0.661

A remote out of bound write vulnerability exists in the TIFF parsing functionality of Core PHOTO-PAINT X8 18.1.0.661.

6.8
2018-04-24 CVE-2017-2803 Corel Out-of-bounds Write vulnerability in Corel Coreldraw Photo Paint X8 18.1.0.661

A remote out of bound write vulnerability exists in the TIFF parsing functionality of Core PHOTO-PAINT X8 version 18.1.0.661.

6.8
2018-04-24 CVE-2017-2802 Dell Untrusted Search Path vulnerability in Dell Precision Optimizer 3.5.5.0

An exploitable dll hijacking vulnerability exists in the poaService.exe service component of the Dell Precision Optimizer software version 3.5.5.0.

6.8
2018-04-24 CVE-2017-14449 Libsdl
Debian
Double Free vulnerability in multiple products

A double-Free vulnerability exists in the XCF image rendering functionality of SDL2_image-2.0.2.

6.8
2018-04-24 CVE-2017-12109 Libxls Project Integer Overflow or Wraparound vulnerability in Libxls Project Libxls 1.4

An exploitable integer overflow vulnerability exists in the xls_preparseWorkSheet function of libxls 1.4 when handling a MULRK record.

6.8
2018-04-24 CVE-2017-12107 Pl32 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Pl32 Photoline 20.02

An memory corruption vulnerability exists in the .PCX parsing functionality of Computerinsel Photoline 20.02.

6.8
2018-04-24 CVE-2016-8382 Marklogic Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Marklogic 8.05.5

An exploitable heap corruption vulnerability exists in the Doc_SetSummary functionality of AntennaHouse DMC HTMLFilter.

6.8
2018-04-24 CVE-2018-7932 Huawei Insufficient Verification of Data Authenticity vulnerability in Huawei Appgallery

Huawei AppGallery versions before 8.0.4.301 has an arbitrary Javascript running vulnerability.

6.8
2018-04-24 CVE-2018-10312 Wuzhicms Cross-Site Request Forgery (CSRF) vulnerability in Wuzhicms Wuzhi CMS 4.1.0

index.php?m=member&v=pw_reset in WUZHI CMS 4.1.0 allows CSRF to change the password of a common member.

6.8
2018-04-23 CVE-2018-10303 Foxitsoftware Use After Free vulnerability in Foxitsoftware Foxit Reader and Phantompdf

A use-after-free in Foxit Reader before 9.1 and PhantomPDF before 9.1 allows remote attackers to execute arbitrary code, aka iDefense ID V-y0nqfutlf3.

6.8
2018-04-23 CVE-2018-10302 Foxitsoftware Use After Free vulnerability in Foxitsoftware Foxit Reader and Phantompdf

A use-after-free in Foxit Reader before 9.1 and PhantomPDF before 9.1 allows remote attackers to execute arbitrary code, aka iDefense ID V-jyb51g3mv9.

6.8
2018-04-23 CVE-2018-10233 Ultimatemember Cross-Site Request Forgery (CSRF) vulnerability in Ultimatemember User Profile & Membership

The User Profile & Membership plugin before 2.0.7 for WordPress has no mitigations implemented against cross site request forgery attacks.

6.8
2018-04-27 CVE-2018-10519 Cmsmadesimple Incorrect Permission Assignment for Critical Resource vulnerability in Cmsmadesimple CMS Made Simple 2.2.7

CMS Made Simple (CMSMS) 2.2.7 contains a privilege escalation vulnerability from ordinary user to admin user by arranging for the eff_uid value within $_COOKIE[$this->_loginkey] to equal 1, because files in the tmp/ directory are accessible through HTTP requests.

6.5
2018-04-27 CVE-2018-10517 Cmsmadesimple Code Injection vulnerability in Cmsmadesimple CMS Made Simple

In CMS Made Simple (CMSMS) through 2.2.7, the "module import" operation in the admin dashboard contains a remote code execution vulnerability, exploitable by an admin user, because an XML Package can contain base64-encoded PHP code in a data element.

6.5
2018-04-27 CVE-2018-10515 Cmsmadesimple Code Injection vulnerability in Cmsmadesimple CMS Made Simple

In CMS Made Simple (CMSMS) through 2.2.7, the "file unpack" operation in the admin dashboard contains a remote code execution vulnerability exploitable by an admin user because a .php file can be present in the extracted ZIP archive.

6.5
2018-04-26 CVE-2017-15691 Apache XXE vulnerability in Apache products

In Apache uimaj prior to 2.10.2, Apache uimaj 3.0.0-xxx prior to 3.0.0-beta, Apache uima-as prior to 2.10.2, Apache uimaFIT prior to 2.4.0, Apache uimaDUCC prior to 2.2.2, this vulnerability relates to an XML external entity expansion (XXE) capability of various XML parsers.

6.5
2018-04-26 CVE-2018-1418 IBM Improper Authentication vulnerability in IBM Qradar Security Information and Event Manager

IBM Security QRadar SIEM 7.2 and 7.3 could allow a user to bypass authentication which could lead to code execution.

6.5
2018-04-26 CVE-2017-1722 IBM SQL Injection vulnerability in IBM Qradar Security Information and Event Manager

IBM Security QRadar SIEM 7.2 and 7.3 is vulnerable to SQL injection.

6.5
2018-04-25 CVE-2018-5226 Atlassian Unspecified vulnerability in Atlassian Sourcetree

There was an argument injection vulnerability in Sourcetree for Windows via Mercurial repository tag name that is going to be deleted.

6.5
2018-04-24 CVE-2017-9656 Philips Use of Hard-coded Credentials vulnerability in Philips Dosewise 1.1.7.333/2.1.1.3069

The backend database of the Philips DoseWise Portal application versions 1.1.7.333 and 2.1.1.3069 uses hard-coded credentials for a database account with privileges that can affect confidentiality, integrity, and availability of the database.

6.5
2018-04-26 CVE-2017-9275 Netiq Cross-site Scripting vulnerability in Netiq Identity Reporting 5.5

NetIQ Identity Reporting, in versions prior to 5.5 Service Pack 1, is susceptible to an XSS attack.

6.1
2018-04-25 CVE-2017-12714 Abbott Improper Restriction of Power Consumption vulnerability in Abbott products

Abbott Laboratories pacemakers manufactured prior to Aug 28, 2017 do not restrict or limit the number of correctly formatted "RF wake-up" commands that can be received, which may allow a nearby attacker to repeatedly send commands to reduce pacemaker battery life.

6.1
2018-04-23 CVE-2018-10301 WEB Dorado Cross-site Scripting vulnerability in Web-Dorado WD Instagram Feed

Cross-site scripting (XSS) vulnerability in the Web-Dorado Instagram Feed WD plugin before 1.3.1 Premium for WordPress allows remote attackers to inject arbitrary web script or HTML by passing payloads in a comment on an Instagram post.

6.1
2018-04-23 CVE-2018-10300 WEB Dorado Cross-site Scripting vulnerability in Web-Dorado WD Instagram Feed

Cross-site scripting (XSS) vulnerability in the Web-Dorado Instagram Feed WD plugin before 1.3.1 for WordPress allows remote attackers to inject arbitrary web script or HTML by passing payloads in an Instagram profile's bio.

6.1
2018-04-25 CVE-2017-7652 Eclipse
Debian
In Eclipse Mosquitto 1.4.14, if a Mosquitto instance is set running with a configuration file, then sending a HUP signal to server triggers the configuration to be reloaded from disk.
6.0
2018-04-24 CVE-2016-9599 Openstack
Redhat
Improper Access Control vulnerability in multiple products

puppet-tripleo before versions 5.5.0, 6.2.0 is vulnerable to an access-control flaw in the IPtables rules management, which allowed the creation of TCP/UDP rules with empty port values.

6.0
2018-04-26 CVE-2018-10237 Google
Redhat
Oracle
Allocation of Resources Without Limits or Throttling vulnerability in multiple products

Unbounded memory allocation in Google Guava 11.0 through 24.x before 24.1.1 allows remote attackers to conduct denial of service attacks against servers that depend on this library and deserialize attacker-provided data, because the AtomicDoubleArray class (when serialized with Java serialization) and the CompoundOrdering class (when serialized with GWT serialization) perform eager allocation without appropriate checks on what a client has sent and whether the data size is reasonable.

5.9
2018-04-27 CVE-2013-7201 Paypal Improper Certificate Validation vulnerability in Paypal

WebHybridClient.java in PayPal 5.3 and earlier for Android ignores SSL errors, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information.

5.8
2018-04-26 CVE-2018-8072 Edimax Out-of-bounds Write vulnerability in Edimax products

An issue was discovered on EDIMAX IC-3140W through 3.06, IC-5150W through 3.09, and IC-6220DC through 3.06 devices.

5.8
2018-04-25 CVE-2014-0881 IBM Improper Access Control vulnerability in IBM Integrated Management Module Firmware 1.36/1.43

The TPM on Integrated Management Module II (IMM2) on IBM Flex System x222 servers with firmware 1.00 through 3.56 allows remote attackers to obtain sensitive key information or cause a denial of service by leveraging an incorrect configuration.

5.8
2018-04-24 CVE-2017-14450 Libsdl
Debian
Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products

A buffer overflow vulnerability exists in the GIF image parsing functionality of SDL2_image-2.0.2.

5.8
2018-04-29 CVE-2018-10540 Wavpack
Debian
Out-of-bounds Write vulnerability in multiple products

An issue was discovered in WavPack 5.1.0 and earlier for W64 input.

5.5
2018-04-29 CVE-2018-10539 Wavpack
Debian
Out-of-bounds Write vulnerability in multiple products

An issue was discovered in WavPack 5.1.0 and earlier for DSDiff input.

5.5
2018-04-29 CVE-2018-10538 Wavpack
Debian
Out-of-bounds Write vulnerability in multiple products

An issue was discovered in WavPack 5.1.0 and earlier for WAV input.

5.5
2018-04-27 CVE-2018-10516 Cmsmadesimple Information Exposure vulnerability in Cmsmadesimple CMS Made Simple

In CMS Made Simple (CMSMS) through 2.2.7, the "file rename" operation in the admin dashboard contains a sensitive information disclosure vulnerability, exploitable by an admin user, that can cause DoS by moving config.php to the upload/ directory.

5.5
2018-04-27 CVE-2013-6739 IBM Improper Access Control vulnerability in IBM Spss Modeler

IBM SPSS Modeler before 16 on UNIX allows remote authenticated users to bypass intended access restrictions via an SSO token.

5.5
2018-04-25 CVE-2018-1339 Apache Infinite Loop vulnerability in Apache Tika

A carefully crafted (or fuzzed) file can trigger an infinite loop in Apache Tika's ChmParser in versions of Apache Tika before 1.18.

5.5
2018-04-25 CVE-2018-1338 Apache Infinite Loop vulnerability in Apache Tika

A carefully crafted (or fuzzed) file can trigger an infinite loop in Apache Tika's BPGParser in versions of Apache Tika before 1.18.

5.5
2018-04-25 CVE-2017-6888 Flac Project
Debian
Fedoraproject
Missing Release of Resource after Effective Lifetime vulnerability in multiple products

An error in the "read_metadata_vorbiscomment_()" function (src/libFLAC/stream_decoder.c) in FLAC version 1.3.2 can be exploited to cause a memory leak via a specially crafted FLAC file.

5.5
2018-04-25 CVE-2018-10212 Vaultize Incorrect Authorization vulnerability in Vaultize Enterprise File Sharing 17.05.31

An issue was discovered in Vaultize Enterprise File Sharing 17.05.31.

5.5
2018-04-24 CVE-2016-9601 Artifex
Debian
Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products

ghostscript before version 9.21 is vulnerable to a heap based buffer overflow that was found in the ghostscript jbig2_decode_gray_scale_image function which is used to decode halftone segments in a JBIG2 image.

5.5
2018-04-29 CVE-2018-10548 PHP
Canonical
Debian
Netapp
NULL Pointer Dereference vulnerability in PHP

An issue was discovered in PHP before 5.6.36, 7.0.x before 7.0.30, 7.1.x before 7.1.17, and 7.2.x before 7.2.5.

5.0
2018-04-29 CVE-2018-10546 PHP
Canonical
Debian
Netapp
Infinite Loop vulnerability in PHP

An issue was discovered in PHP before 5.6.36, 7.0.x before 7.0.30, 7.1.x before 7.1.17, and 7.2.x before 7.2.5.

5.0
2018-04-28 CVE-2017-18263 Seagate Path Traversal vulnerability in Seagate Personal Cloud Firmware

Seagate Media Server in Seagate Personal Cloud before 4.3.18.4 has directory traversal in getPhotoPlaylistPhotos.psp via a parameter named url.

5.0
2018-04-27 CVE-2018-10523 Cmsmadesimple Information Exposure vulnerability in Cmsmadesimple CMS Made Simple

CMS Made Simple (CMSMS) through 2.2.7 contains a physical path leakage Vulnerability via /modules/DesignManager/action.ajax_get_templates.php, /modules/DesignManager/action.ajax_get_stylesheets.php, /modules/FileManager/dunzip.php, or /modules/FileManager/untgz.php.

5.0
2018-04-27 CVE-2015-1857 Linuxfoundation Information Exposure vulnerability in Linuxfoundation Opendaylight

The odl-mdsal-apidocs feature in OpenDaylight Helium allow remote attackers to obtain sensitive information by leveraging missing AAA restrictions.

5.0
2018-04-27 CVE-2018-1475 IBM Improper Restriction of Excessive Authentication Attempts vulnerability in IBM Bigfix Platform

IBM BigFix Platform 9.2 and 9.5 uses an inadequate account lockout setting that could allow a remote attacker to brute force account credentials.

5.0
2018-04-26 CVE-2017-17543 Fortinet Inadequate Encryption Strength vulnerability in Fortinet Forticlient and Forticlient Sslvpn Client

Users' VPN authentication credentials are unsafely encrypted in Fortinet FortiClient for Windows 5.6.0 and below versions, FortiClient for Mac OSX 5.6.0 and below versions and FortiClient SSLVPN Client for Linux 4.4.2335 and below versions, due to the use of a static encryption key and weak encryption algorithms.

5.0
2018-04-26 CVE-2018-10393 Xiph ORG
Debian
Redhat
Out-of-bounds Read vulnerability in multiple products

bark_noise_hybridmp in psy.c in Xiph.Org libvorbis 1.3.6 has a stack-based buffer over-read.

5.0
2018-04-25 CVE-2018-10211 Vaultize Authorization Bypass Through User-Controlled Key vulnerability in Vaultize Enterprise File Sharing 17.05.31

An issue was discovered in Vaultize Enterprise File Sharing 17.05.31.

5.0
2018-04-25 CVE-2018-10210 Vaultize Weak Password Recovery Mechanism for Forgotten Password vulnerability in Vaultize Enterprise File Sharing 17.05.31

An issue was discovered in Vaultize Enterprise File Sharing 17.05.31.

5.0
2018-04-25 CVE-2018-10207 Vaultize Missing Authorization vulnerability in Vaultize Enterprise File Sharing 17.05.31

An issue was discovered in Vaultize Enterprise File Sharing 17.05.31.

5.0
2018-04-25 CVE-2018-10376 Smartmesh Integer Overflow or Wraparound vulnerability in Smartmesh

An integer overflow in the transferProxy function of a smart contract implementation for SmartMesh (aka SMT), an Ethereum ERC20 token, allows attackers to accomplish an unauthorized increase of digital assets via crafted _fee and _value parameters, as exploited in the wild in April 2018, aka the "proxyOverflow" issue.

5.0
2018-04-24 CVE-2013-7245 Sybase Improper Authorization vulnerability in Sybase Adaptive Server Enterprise 15.7

The Backup Server component in SAP Sybase ASE 15.7 before SP51 allows remote attackers to bypass access restrictions and perform database dumps by leveraging failure to validate credentials, aka SAP Security Note 1927859.

5.0
2018-04-24 CVE-2017-17258 Huawei Improper Input Validation vulnerability in Huawei products

Huawei AR120-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR1200 V200R006C10, V200R006C13, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30, AR1200-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR150 V200R006C10, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30, AR150-S V200R006C10SPC300, V200R007C00, V200R008C20, V200R008C30, AR160 V200R006C10, V200R006C12, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30, AR200 V200R006C10, V200R007C00, V200R007C01, V200R008C20, V200R008C30, AR200-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR2200 V200R006C10, V200R006C13, V200R006C16PWE, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30, AR2200-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR3200 V200R006C10, V200R006C11, V200R007C00, V200R007C01, V200R007C02, V200R008C00, V200R008C10, V200R008C20, V200R008C30, AR3600 V200R006C10, V200R007C00, V200R007C01, V200R008C20, AR510 V200R006C10, V200R006C12, V200R006C13, V200R006C15, V200R006C16, V200R006C17, V200R007C00SPC180T, V200R008C20, V200R008C30, DP300 V500R002C00, IPS Module V100R001C10SPC200, V100R001C20, V100R001C30, V500R001C00, V500R001C20, V500R001C30, V500R001C50, NGFW Module V100R001C10SPC200, V100R001C20, V100R001C30, V500R001C00, V500R001C20, V500R002C00, V500R002C10, NIP6300 V500R001C00, V500R001C20, V500R001C30, V500R001C50, NIP6600 V500R001C00, V500R001C20, V500R001C30, V500R001C50, NIP6800 V500R001C50, NetEngine16EX V200R006C10, V200R007C00, V200R008C20, V200R008C30, RSE6500 V500R002C00, SRG1300 V200R006C10, V200R007C00, V200R007C02, V200R008C20, V200R008C30, SRG2300 V200R006C10, V200R007C00, V200R007C02, V200R008C20, V200R008C30, SRG3300 V200R006C10, V200R007C00, V200R008C20, V200R008C30, SVN5600 V200R003C00, V200R003C10, SVN5800 V200R003C00, V200R003C10, SVN5800-C V200R003C00, V200R003C10, SeMG9811 V300R001C01, Secospace USG6300 V100R001C10, V100R001C20, V100R001C30, V500R001C00, V500R001C20, V500R001C30, V500R001C50, Secospace USG6500 V100R001C10, V100R001C20, V100R001C30, V500R001C00, V500R001C20, V500R001C30, V500R001C50, Secospace USG6600 V100R001C00SPC200, V100R001C10, V100R001C20, V100R001C30, V500R001C00, V500R001C20, V500R001C30, V500R001C50, V500R001C60, TE30 V100R001C02, V100R001C10, V500R002C00, V600R006C00, TE40 V500R002C00, V600R006C00, TE50 V500R002C00, V600R006C00, TE60 V100R001C01, V100R001C10, V500R002C00, V600R006C00, TP3106 V100R002C00, TP3206 V100R002C00, V100R002C10, USG6000V V500R001C20, USG9500 V500R001C00, V500R001C20, V500R001C30, V500R001C50, USG9520 V300R001C01, V300R001C20, USG9560 V300R001C01, V300R001C20, USG9580 V300R001C01, V300R001C20, VP9660 V500R002C00, V500R002C10, ViewPoint 8660 V100R008C03, ViewPoint 9030 V100R011C02 has a resource management vulnerability in H323 protocol.

5.0
2018-04-24 CVE-2017-17257 Huawei Missing Release of Resource after Effective Lifetime vulnerability in Huawei products

Huawei AR120-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR1200 V200R006C10, V200R006C13, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30, AR1200-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR150 V200R006C10, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30, AR150-S V200R006C10SPC300, V200R007C00, V200R008C20, V200R008C30, AR160 V200R006C10, V200R006C12, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30, AR200 V200R006C10, V200R007C00, V200R007C01, V200R008C20, V200R008C30, AR200-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR2200 V200R006C10, V200R006C13, V200R006C16PWE, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30, AR2200-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR3200 V200R006C10, V200R006C11, V200R007C00, V200R007C01, V200R007C02, V200R008C00, V200R008C10, V200R008C20, V200R008C30, AR3600 V200R006C10, V200R007C00, V200R007C01, V200R008C20, AR510 V200R006C10, V200R006C12, V200R006C13, V200R006C15, V200R006C16, V200R006C17, V200R007C00SPC180T, V200R008C20, V200R008C30, DP300 V500R002C00, IPS Module V100R001C10SPC200, V100R001C20, V100R001C30, V500R001C00, V500R001C20, V500R001C30, V500R001C50, NGFW Module V100R001C10SPC200, V100R001C20, V100R001C30, V500R001C00, V500R001C20, V500R002C00, V500R002C10, NIP6300 V500R001C00, V500R001C20, V500R001C30, V500R001C50, NIP6600 V500R001C00, V500R001C20, V500R001C30, V500R001C50, NIP6800 V500R001C50, NetEngine16EX V200R006C10, V200R007C00, V200R008C20, V200R008C30, RSE6500 V500R002C00, SRG1300 V200R006C10, V200R007C00, V200R007C02, V200R008C20, V200R008C30, SRG2300 V200R006C10, V200R007C00, V200R007C02, V200R008C20, V200R008C30, SRG3300 V200R006C10, V200R007C00, V200R008C20, V200R008C30, SVN5600 V200R003C00, V200R003C10, SVN5800 V200R003C00, V200R003C10, SVN5800-C V200R003C00, V200R003C10, SeMG9811 V300R001C01, Secospace USG6300 V100R001C10, V100R001C20, V100R001C30, V500R001C00, V500R001C20, V500R001C30, V500R001C50, Secospace USG6500 V100R001C10, V100R001C20, V100R001C30, V500R001C00, V500R001C20, V500R001C30, V500R001C50, Secospace USG6600 V100R001C00SPC200, V100R001C10, V100R001C20, V100R001C30, V500R001C00, V500R001C20, V500R001C30, V500R001C50, V500R001C60, TE30 V100R001C02, V100R001C10, V500R002C00, V600R006C00, TE40 V500R002C00, V600R006C00, TE50 V500R002C00, V600R006C00, TE60 V100R001C01, V100R001C10, V500R002C00, V600R006C00, TP3106 V100R002C00, TP3206 V100R002C00, V100R002C10, USG6000V V500R001C20, USG9500 V500R001C00, V500R001C20, V500R001C30, V500R001C50, USG9520 V300R001C01, V300R001C20, USG9560 V300R001C01, V300R001C20, USG9580 V300R001C01, V300R001C20, VP9660 V500R002C00, V500R002C10, ViewPoint 8660 V100R008C03, ViewPoint 9030 V100R011C02 has a memory leak vulnerability in H323 protocol.

5.0
2018-04-24 CVE-2017-17256 Huawei Missing Release of Resource after Effective Lifetime vulnerability in Huawei products

Huawei AR120-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR1200 V200R006C10, V200R006C13, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30, AR1200-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR150 V200R006C10, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30, AR150-S V200R006C10SPC300, V200R007C00, V200R008C20, V200R008C30, AR160 V200R006C10, V200R006C12, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30, AR200 V200R006C10, V200R007C00, V200R007C01, V200R008C20, V200R008C30, AR200-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR2200 V200R006C10, V200R006C13, V200R006C16PWE, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30, AR2200-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR3200 V200R006C10, V200R006C11, V200R007C00, V200R007C01, V200R007C02, V200R008C00, V200R008C10, V200R008C20, V200R008C30, AR3600 V200R006C10, V200R007C00, V200R007C01, V200R008C20, AR510 V200R006C10, V200R006C12, V200R006C13, V200R006C15, V200R006C16, V200R006C17, V200R007C00SPC180T, V200R008C20, V200R008C30, DP300 V500R002C00, IPS Module V100R001C10SPC200, V100R001C20, V100R001C30, V500R001C00, V500R001C20, V500R001C30, V500R001C50, NGFW Module V100R001C10SPC200, V100R001C20, V100R001C30, V500R001C00, V500R001C20, V500R002C00, V500R002C10, NIP6300 V500R001C00, V500R001C20, V500R001C30, V500R001C50, NIP6600 V500R001C00, V500R001C20, V500R001C30, V500R001C50, NIP6800 V500R001C50, NetEngine16EX V200R006C10, V200R007C00, V200R008C20, V200R008C30, RSE6500 V500R002C00, SRG1300 V200R006C10, V200R007C00, V200R007C02, V200R008C20, V200R008C30, SRG2300 V200R006C10, V200R007C00, V200R007C02, V200R008C20, V200R008C30, SRG3300 V200R006C10, V200R007C00, V200R008C20, V200R008C30, SVN5600 V200R003C00, V200R003C10, SVN5800 V200R003C00, V200R003C10, SVN5800-C V200R003C00, V200R003C10, SeMG9811 V300R001C01, Secospace USG6300 V100R001C10, V100R001C20, V100R001C30, V500R001C00, V500R001C20, V500R001C30, V500R001C50, Secospace USG6500 V100R001C10, V100R001C20, V100R001C30, V500R001C00, V500R001C20, V500R001C30, V500R001C50, Secospace USG6600 V100R001C00SPC200, V100R001C10, V100R001C20, V100R001C30, V500R001C00, V500R001C20, V500R001C30, V500R001C50, V500R001C60, TE30 V100R001C02, V100R001C10, V500R002C00, V600R006C00, TE40 V500R002C00, V600R006C00, TE50 V500R002C00, V600R006C00, TE60 V100R001C01, V100R001C10, V500R002C00, V600R006C00, TP3106 V100R002C00, TP3206 V100R002C00, V100R002C10, USG6000V V500R001C20, USG9500 V500R001C00, V500R001C20, V500R001C30, V500R001C50, USG9520 V300R001C01, V300R001C20, USG9560 V300R001C01, V300R001C20, USG9580 V300R001C01, V300R001C20, VP9660 V500R002C00, V500R002C10, ViewPoint 8660 V100R008C03, ViewPoint 9030 V100R011C02 has a memory leak vulnerability in H323 protocol.

5.0
2018-04-24 CVE-2017-17255 Huawei NULL Pointer Dereference vulnerability in Huawei products

Huawei AR120-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR1200 V200R006C10, V200R006C13, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30, AR1200-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR150 V200R006C10, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30, AR150-S V200R006C10SPC300, V200R007C00, V200R008C20, V200R008C30, AR160 V200R006C10, V200R006C12, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30, AR200 V200R006C10, V200R007C00, V200R007C01, V200R008C20, V200R008C30, AR200-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR2200 V200R006C10, V200R006C13, V200R006C16PWE, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30, AR2200-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR3200 V200R006C10, V200R006C11, V200R007C00, V200R007C01, V200R007C02, V200R008C00, V200R008C10, V200R008C20, V200R008C30, AR3600 V200R006C10, V200R007C00, V200R007C01, V200R008C20, AR510 V200R006C10, V200R006C12, V200R006C13, V200R006C15, V200R006C16, V200R006C17, V200R007C00SPC180T, V200R008C20, V200R008C30, DP300 V500R002C00, IPS Module V100R001C10SPC200, V100R001C20, V100R001C30, V500R001C00, V500R001C20, V500R001C30, V500R001C50, NGFW Module V100R001C10SPC200, V100R001C20, V100R001C30, V500R001C00, V500R001C20, V500R002C00, V500R002C10, NIP6300 V500R001C00, V500R001C20, V500R001C30, V500R001C50, NIP6600 V500R001C00, V500R001C20, V500R001C30, V500R001C50, NIP6800 V500R001C50, NetEngine16EX V200R006C10, V200R007C00, V200R008C20, V200R008C30, RSE6500 V500R002C00, SRG1300 V200R006C10, V200R007C00, V200R007C02, V200R008C20, V200R008C30, SRG2300 V200R006C10, V200R007C00, V200R007C02, V200R008C20, V200R008C30, SRG3300 V200R006C10, V200R007C00, V200R008C20, V200R008C30, SVN5600 V200R003C00, V200R003C10, SVN5800 V200R003C00, V200R003C10, SVN5800-C V200R003C00, V200R003C10, SeMG9811 V300R001C01, Secospace USG6300 V100R001C10, V100R001C20, V100R001C30, V500R001C00, V500R001C20, V500R001C30, V500R001C50, Secospace USG6500 V100R001C10, V100R001C20, V100R001C30, V500R001C00, V500R001C20, V500R001C30, V500R001C50, Secospace USG6600 V100R001C00SPC200, V100R001C10, V100R001C20, V100R001C30, V500R001C00, V500R001C20, V500R001C30, V500R001C50, V500R001C60, TE30 V100R001C02, V100R001C10, V500R002C00, V600R006C00, TE40 V500R002C00, V600R006C00, TE50 V500R002C00, V600R006C00, TE60 V100R001C01, V100R001C10, V500R002C00, V600R006C00, TP3106 V100R002C00, TP3206 V100R002C00, V100R002C10, USG6000V V500R001C20, USG9500 V500R001C00, V500R001C20, V500R001C30, V500R001C50, USG9520 V300R001C01, V300R001C20, USG9560 V300R001C01, V300R001C20, USG9580 V300R001C01, V300R001C20, VP9660 V500R002C00, V500R002C10, ViewPoint 8660 V100R008C03, ViewPoint 9030 V100R011C02 have a null pointer dereference vulnerability in H323 protocol.

5.0
2018-04-24 CVE-2017-17254 Huawei NULL Pointer Dereference vulnerability in Huawei products

Huawei AR120-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR1200 V200R006C10, V200R006C13, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30, AR1200-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR150 V200R006C10, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30, AR150-S V200R006C10SPC300, V200R007C00, V200R008C20, V200R008C30, AR160 V200R006C10, V200R006C12, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30, AR200 V200R006C10, V200R007C00, V200R007C01, V200R008C20, V200R008C30, AR200-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR2200 V200R006C10, V200R006C13, V200R006C16PWE, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30, AR2200-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR3200 V200R006C10, V200R006C11, V200R007C00, V200R007C01, V200R007C02, V200R008C00, V200R008C10, V200R008C20, V200R008C30, AR3600 V200R006C10, V200R007C00, V200R007C01, V200R008C20, AR510 V200R006C10, V200R006C12, V200R006C13, V200R006C15, V200R006C16, V200R006C17, V200R007C00SPC180T, V200R008C20, V200R008C30, DP300 V500R002C00, IPS Module V100R001C10SPC200, V100R001C20, V100R001C30, V500R001C00, V500R001C20, V500R001C30, V500R001C50, NGFW Module V100R001C10SPC200, V100R001C20, V100R001C30, V500R001C00, V500R001C20, V500R002C00, V500R002C10, NIP6300 V500R001C00, V500R001C20, V500R001C30, V500R001C50, NIP6600 V500R001C00, V500R001C20, V500R001C30, V500R001C50, NIP6800 V500R001C50, NetEngine16EX V200R006C10, V200R007C00, V200R008C20, V200R008C30, RSE6500 V500R002C00, SRG1300 V200R006C10, V200R007C00, V200R007C02, V200R008C20, V200R008C30, SRG2300 V200R006C10, V200R007C00, V200R007C02, V200R008C20, V200R008C30, SRG3300 V200R006C10, V200R007C00, V200R008C20, V200R008C30, SVN5600 V200R003C00, V200R003C10, SVN5800 V200R003C00, V200R003C10, SVN5800-C V200R003C00, V200R003C10, SeMG9811 V300R001C01, Secospace USG6300 V100R001C10, V100R001C20, V100R001C30, V500R001C00, V500R001C20, V500R001C30, V500R001C50, Secospace USG6500 V100R001C10, V100R001C20, V100R001C30, V500R001C00, V500R001C20, V500R001C30, V500R001C50, Secospace USG6600 V100R001C00SPC200, V100R001C10, V100R001C20, V100R001C30, V500R001C00, V500R001C20, V500R001C30, V500R001C50, V500R001C60, TE30 V100R001C02, V100R001C10, V500R002C00, V600R006C00, TE40 V500R002C00, V600R006C00, TE50 V500R002C00, V600R006C00, TE60 V100R001C01, V100R001C10, V500R002C00, V600R006C00, TP3106 V100R002C00, TP3206 V100R002C00, V100R002C10, USG6000V V500R001C20, USG9500 V500R001C00, V500R001C20, V500R001C30, V500R001C50, USG9520 V300R001C01, V300R001C20, USG9560 V300R001C01, V300R001C20, USG9580 V300R001C01, V300R001C20, VP9660 V500R002C00, V500R002C10, ViewPoint 8660 V100R008C03, ViewPoint 9030 V100R011C02 have a null pointer dereference vulnerability in H323 protocol.

5.0
2018-04-24 CVE-2017-17253 Huawei Out-of-bounds Read vulnerability in Huawei products

Huawei AR120-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR1200 V200R006C10, V200R006C13, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30, AR1200-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR150 V200R006C10, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30, AR150-S V200R006C10SPC300, V200R007C00, V200R008C20, V200R008C30, AR160 V200R006C10, V200R006C12, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30, AR200 V200R006C10, V200R007C00, V200R007C01, V200R008C20, V200R008C30, AR200-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR2200 V200R006C10, V200R006C13, V200R006C16PWE, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30, AR2200-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR3200 V200R006C10, V200R006C11, V200R007C00, V200R007C01, V200R007C02, V200R008C00, V200R008C10, V200R008C20, V200R008C30, AR3600 V200R006C10, V200R007C00, V200R007C01, V200R008C20, AR510 V200R006C10, V200R006C12, V200R006C13, V200R006C15, V200R006C16, V200R006C17, V200R007C00SPC180T, V200R008C20, V200R008C30, DP300 V500R002C00, IPS Module V100R001C10SPC200, V100R001C20, V100R001C30, V500R001C00, V500R001C20, V500R001C30, V500R001C50, NGFW Module V100R001C10SPC200, V100R001C20, V100R001C30, V500R001C00, V500R001C20, V500R002C00, V500R002C10, NIP6300 V500R001C00, V500R001C20, V500R001C30, V500R001C50, NIP6600 V500R001C00, V500R001C20, V500R001C30, V500R001C50, NIP6800 V500R001C50, NetEngine16EX V200R006C10, V200R007C00, V200R008C20, V200R008C30, RSE6500 V500R002C00, SRG1300 V200R006C10, V200R007C00, V200R007C02, V200R008C20, V200R008C30, SRG2300 V200R006C10, V200R007C00, V200R007C02, V200R008C20, V200R008C30, SRG3300 V200R006C10, V200R007C00, V200R008C20, V200R008C30, SVN5600 V200R003C00, V200R003C10, SVN5800 V200R003C00, V200R003C10, SVN5800-C V200R003C00, V200R003C10, SeMG9811 V300R001C01, Secospace USG6300 V100R001C10, V100R001C20, V100R001C30, V500R001C00, V500R001C20, V500R001C30, V500R001C50, Secospace USG6500 V100R001C10, V100R001C20, V100R001C30, V500R001C00, V500R001C20, V500R001C30, V500R001C50, Secospace USG6600 V100R001C00SPC200, V100R001C10, V100R001C20, V100R001C30, V500R001C00, V500R001C20, V500R001C30, V500R001C50, V500R001C60, TE30 V100R001C02, V100R001C10, V500R002C00, V600R006C00, TE40 V500R002C00, V600R006C00, TE50 V500R002C00, V600R006C00, TE60 V100R001C01, V100R001C10, V500R002C00, V600R006C00, TP3106 V100R002C00, TP3206 V100R002C00, V100R002C10, USG6000V V500R001C20, USG9500 V500R001C00, V500R001C20, V500R001C30, V500R001C50, USG9520 V300R001C01, V300R001C20, USG9560 V300R001C01, V300R001C20, USG9580 V300R001C01, V300R001C20, VP9660 V500R002C00, V500R002C10, ViewPoint 8660 V100R008C03, ViewPoint 9030 V100R011C02 has an out-of-bounds read vulnerability in H323 protocol.

5.0
2018-04-24 CVE-2017-17252 Huawei Out-of-bounds Read vulnerability in Huawei products

Huawei AR120-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR1200 V200R006C10, V200R006C13, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30, AR1200-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR150 V200R006C10, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30, AR150-S V200R006C10SPC300, V200R007C00, V200R008C20, V200R008C30, AR160 V200R006C10, V200R006C12, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30, AR200 V200R006C10, V200R007C00, V200R007C01, V200R008C20, V200R008C30, AR200-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR2200 V200R006C10, V200R006C13, V200R006C16PWE, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30, AR2200-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR3200 V200R006C10, V200R006C11, V200R007C00, V200R007C01, V200R007C02, V200R008C00, V200R008C10, V200R008C20, V200R008C30, AR3600 V200R006C10, V200R007C00, V200R007C01, V200R008C20, AR510 V200R006C10, V200R006C12, V200R006C13, V200R006C15, V200R006C16, V200R006C17, V200R007C00SPC180T, V200R008C20, V200R008C30, DP300 V500R002C00, IPS Module V100R001C10SPC200, V100R001C20, V100R001C30, V500R001C00, V500R001C20, V500R001C30, V500R001C50, NGFW Module V100R001C10SPC200, V100R001C20, V100R001C30, V500R001C00, V500R001C20, V500R002C00, V500R002C10, NIP6300 V500R001C00, V500R001C20, V500R001C30, V500R001C50, NIP6600 V500R001C00, V500R001C20, V500R001C30, V500R001C50, NIP6800 V500R001C50, NetEngine16EX V200R006C10, V200R007C00, V200R008C20, V200R008C30, RSE6500 V500R002C00, SRG1300 V200R006C10, V200R007C00, V200R007C02, V200R008C20, V200R008C30, SRG2300 V200R006C10, V200R007C00, V200R007C02, V200R008C20, V200R008C30, SRG3300 V200R006C10, V200R007C00, V200R008C20, V200R008C30, SVN5600 V200R003C00, V200R003C10, SVN5800 V200R003C00, V200R003C10, SVN5800-C V200R003C00, V200R003C10, SeMG9811 V300R001C01, Secospace USG6300 V100R001C10, V100R001C20, V100R001C30, V500R001C00, V500R001C20, V500R001C30, V500R001C50, Secospace USG6500 V100R001C10, V100R001C20, V100R001C30, V500R001C00, V500R001C20, V500R001C30, V500R001C50, Secospace USG6600 V100R001C00SPC200, V100R001C10, V100R001C20, V100R001C30, V500R001C00, V500R001C20, V500R001C30, V500R001C50, V500R001C60, TE30 V100R001C02, V100R001C10, V500R002C00, V600R006C00, TE40 V500R002C00, V600R006C00, TE50 V500R002C00, V600R006C00, TE60 V100R001C01, V100R001C10, V500R002C00, V600R006C00, TP3106 V100R002C00, TP3206 V100R002C00, V100R002C10, USG6000V V500R001C20, USG9500 V500R001C00, V500R001C20, V500R001C30, V500R001C50, USG9520 V300R001C01, V300R001C20, USG9560 V300R001C01, V300R001C20, USG9580 V300R001C01, V300R001C20, VP9660 V500R002C00, V500R002C10, ViewPoint 8660 V100R008C03, ViewPoint 9030 V100R011C02 has an out-of-bounds read vulnerability in H323 protocol.

5.0
2018-04-24 CVE-2017-17251 Huawei NULL Pointer Dereference vulnerability in Huawei products

Huawei AR120-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR1200 V200R006C10, V200R006C13, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30, AR1200-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR150 V200R006C10, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30, AR150-S V200R006C10SPC300, V200R007C00, V200R008C20, V200R008C30, AR160 V200R006C10, V200R006C12, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30, AR200 V200R006C10, V200R007C00, V200R007C01, V200R008C20, V200R008C30, AR200-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR2200 V200R006C10, V200R006C13, V200R006C16PWE, V200R007C00, V200R007C01, V200R007C02, V200R008C20, V200R008C30, AR2200-S V200R006C10, V200R007C00, V200R008C20, V200R008C30, AR3200 V200R006C10, V200R006C11, V200R007C00, V200R007C01, V200R007C02, V200R008C00, V200R008C10, V200R008C20, V200R008C30, AR3600 V200R006C10, V200R007C00, V200R007C01, V200R008C20, AR510 V200R006C10, V200R006C12, V200R006C13, V200R006C15, V200R006C16, V200R006C17, V200R007C00SPC180T, V200R008C20, V200R008C30, DP300 V500R002C00, IPS Module V100R001C10SPC200, V100R001C20, V100R001C30, V500R001C00, V500R001C20, V500R001C30, V500R001C50, NGFW Module V100R001C10SPC200, V100R001C20, V100R001C30, V500R001C00, V500R001C20, V500R002C00, V500R002C10, NIP6300 V500R001C00, V500R001C20, V500R001C30, V500R001C50, NIP6600 V500R001C00, V500R001C20, V500R001C30, V500R001C50, NIP6800 V500R001C50, NetEngine16EX V200R006C10, V200R007C00, V200R008C20, V200R008C30, RSE6500 V500R002C00, SRG1300 V200R006C10, V200R007C00, V200R007C02, V200R008C20, V200R008C30, SRG2300 V200R006C10, V200R007C00, V200R007C02, V200R008C20, V200R008C30, SRG3300 V200R006C10, V200R007C00, V200R008C20, V200R008C30, SVN5600 V200R003C00, V200R003C10, SVN5800 V200R003C00, V200R003C10, SVN5800-C V200R003C00, V200R003C10, SeMG9811 V300R001C01, Secospace USG6300 V100R001C10, V100R001C20, V100R001C30, V500R001C00, V500R001C20, V500R001C30, V500R001C50, Secospace USG6500 V100R001C10, V100R001C20, V100R001C30, V500R001C00, V500R001C20, V500R001C30, V500R001C50, Secospace USG6600 V100R001C00SPC200, V100R001C10, V100R001C20, V100R001C30, V500R001C00, V500R001C20, V500R001C30, V500R001C50, V500R001C60, TE30 V100R001C02, V100R001C10, V500R002C00, V600R006C00, TE40 V500R002C00, V600R006C00, TE50 V500R002C00, V600R006C00, TE60 V100R001C01, V100R001C10, V500R002C00, V600R006C00, TP3106 V100R002C00, TP3206 V100R002C00, V100R002C10, USG6000V V500R001C20, USG9500 V500R001C00, V500R001C20, V500R001C30, V500R001C50, USG9520 V300R001C01, V300R001C20, USG9560 V300R001C01, V300R001C20, USG9580 V300R001C01, V300R001C20, VP9660 V500R002C00, V500R002C10, ViewPoint 8660 V100R008C03, ViewPoint 9030 V100R011C02 have a null pointer dereference vulnerability in H323 protocol.

5.0
2018-04-24 CVE-2017-7651 Eclipse
Debian
Resource Exhaustion vulnerability in multiple products

In Eclipse Mosquitto 1.4.14, a user can shutdown the Mosquitto server simply by filling the RAM memory with a lot of connections with large payload.

5.0
2018-04-23 CVE-2018-9921 Cmsmadesimple Path Traversal vulnerability in Cmsmadesimple CMS Made Simple 2.2.7

In CMS Made Simple 2.2.7, a Directory Traversal issue makes it possible to determine the existence of files and directories outside the web-site installation directory, and determine whether a file has contents matching a specified checksum.

5.0
2018-04-23 CVE-2018-8880 Lutron Information Exposure vulnerability in Lutron Quantum Bacnet Integration Firmware 3.2.243

Lutron Quantum BACnet Integration 2.0 (firmware 3.2.243) doesn't check for correct user authentication before showing the /deviceIP information, which leads to internal network information disclosure.

5.0
2018-04-23 CVE-2017-1473 IBM Inadequate Encryption Strength vulnerability in IBM products

IBM Security Access Manager Appliance 8.0.0 through 8.0.1.6 and 9.0.0 through 9.0.3.1 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information.

5.0
2018-04-23 CVE-2018-10299 Beauty Integer Overflow or Wraparound vulnerability in Beauty Ecosystem Coin

An integer overflow in the batchTransfer function of a smart contract implementation for Beauty Ecosystem Coin (BEC), the Ethereum ERC20 token used in the Beauty Chain economic system, allows attackers to accomplish an unauthorized increase of digital assets by providing two _receivers arguments in conjunction with a large _value argument, as exploited in the wild in April 2018, aka the "batchOverflow" issue.

5.0
2018-04-27 CVE-2018-10471 XEN
Debian
Out-of-bounds Write vulnerability in multiple products

An issue was discovered in Xen through 4.10.x allowing x86 PV guest OS users to cause a denial of service (out-of-bounds zero write and hypervisor crash) via unexpected INT 80 processing, because of an incorrect fix for CVE-2017-5754.

4.9
2018-04-24 CVE-2018-10323 Linux
Canonical
Debian
NULL Pointer Dereference vulnerability in multiple products

The xfs_bmap_extents_to_btree function in fs/xfs/libxfs/xfs_bmap.c in the Linux kernel through 4.16.3 allows local users to cause a denial of service (xfs_bmapi_write NULL pointer dereference) via a crafted xfs image.

4.9
2018-04-24 CVE-2018-10322 Linux
Redhat
NULL Pointer Dereference vulnerability in multiple products

The xfs_dinode_verify function in fs/xfs/libxfs/xfs_inode_buf.c in the Linux kernel through 4.16.3 allows local users to cause a denial of service (xfs_ilock_attr_map_shared invalid pointer dereference) via a crafted xfs image.

4.9
2018-04-27 CVE-2014-1846 Enlightenment Permissions, Privileges, and Access Controls vulnerability in Enlightenment

Enlightenment before 0.17.6 might allow local users to gain privileges via vectors involving the gdb method.

4.6
2018-04-27 CVE-2014-1845 Enlightenment Permissions, Privileges, and Access Controls vulnerability in Enlightenment

An unspecified setuid root helper in Enlightenment before 0.17.6 allows local users to gain privileges by leveraging failure to properly sanitize the environment.

4.6
2018-04-26 CVE-2018-10425 HZ Soft Unspecified vulnerability in Hz-Soft Security Guard 3.7.0

An issue was discovered in Shanghai 2345 Security Guard 3.7.0.

4.6
2018-04-25 CVE-2018-5486 Netapp
Linux
Missing Authentication for Critical Function vulnerability in Netapp Oncommand Unified Manager

NetApp OnCommand Unified Manager for Linux versions 7.2 though 7.3 ship with the Java Debug Wire Protocol (JDWP) enabled which allows unauthorized local attackers to execute arbitrary code.

4.6
2018-04-29 CVE-2018-10547 PHP
Canonical
Debian
Netapp
Cross-site Scripting vulnerability in PHP

An issue was discovered in ext/phar/phar_object.c in PHP before 5.6.36, 7.0.x before 7.0.30, 7.1.x before 7.1.17, and 7.2.x before 7.2.5.

4.3
2018-04-29 CVE-2018-10535 GNU
Redhat
NULL Pointer Dereference vulnerability in multiple products

The ignore_section_sym function in elf.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.30, does not validate the output_section pointer in the case of a symtab entry with a "SECTION" type that has a "0" value, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted file, as demonstrated by objcopy.

4.3
2018-04-29 CVE-2018-10534 GNU
Redhat
Out-of-bounds Write vulnerability in multiple products

The _bfd_XX_bfd_copy_private_bfd_data_common function in peXXigen.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.30, processes a negative Data Directory size with an unbounded loop that increases the value of (external_IMAGE_DEBUG_DIRECTORY) *edd so that the address exceeds its own memory region, resulting in an out-of-bounds memory write, as demonstrated by objcopy copying private info with _bfd_pex64_bfd_copy_private_bfd_data_common in pex64igen.c.

4.3
2018-04-27 CVE-2018-1473 IBM Cross-site Scripting vulnerability in IBM Bigfix Platform

IBM BigFix Platform 9.2 and 9.5 is vulnerable to cross-site scripting.

4.3
2018-04-25 CVE-2018-9104 Mitel Cross-site Scripting vulnerability in Mitel Mivoice Connect and ST 14.2

A vulnerability in the conferencing component of Mitel MiVoice Connect, versions R1707-PREM SP1 (21.84.5535.0) and earlier, and Mitel ST 14.2, versions GA27 (19.49.5200.0) and earlier, could allow an unauthenticated attacker to conduct a reflected cross-site scripting (XSS) attack due to insufficient validation for the api.php page.

4.3
2018-04-25 CVE-2018-9103 Mitel Cross-site Scripting vulnerability in Mitel Mivoice Connect and ST 14.2

A vulnerability in the conferencing component of Mitel MiVoice Connect, versions R1707-PREM SP1 (21.84.5535.0) and earlier, and Mitel ST 14.2, versions GA27 (19.49.5200.0) and earlier, could allow an unauthenticated attacker to conduct a reflected cross-site scripting (XSS) attack due to insufficient validation for the signin.php page.

4.3
2018-04-25 CVE-2018-9102 Mitel SQL Injection vulnerability in Mitel Mivoice Connect and ST 14.2

A vulnerability in the conferencing component of Mitel MiVoice Connect, versions R1707-PREM SP1 (21.84.5535.0) and earlier, and Mitel ST 14.2, versions GA27 (19.49.5200.0) and earlier, could allow an unauthenticated attacker to conduct an SQL injection attack due to insufficient input validation for the signin interface.

4.3
2018-04-25 CVE-2018-9101 Mitel Cross-site Scripting vulnerability in Mitel Mivoice Connect and ST 14.2

A vulnerability in the conferencing component of Mitel MiVoice Connect, versions R1707-PREM SP1 (21.84.5535.0) and earlier, and Mitel ST 14.2, versions GA27 (19.49.5200.0) and earlier, could allow an unauthenticated attacker to conduct a reflected cross-site scripting (XSS) attack due to insufficient validation for the launch_presenter.php page.

4.3
2018-04-25 CVE-2018-10208 Vaultize Cross-site Scripting vulnerability in Vaultize Enterprise File Sharing 17.05.31

An issue was discovered in Vaultize Enterprise File Sharing 17.05.31.

4.3
2018-04-25 CVE-2018-10374 Easycms Cross-site Scripting vulnerability in Easycms 1.3

EasyCMS 1.3 has XSS via the s POST parameter (aka a search box value) in an index.php?s=/index/search/index.html request.

4.3
2018-04-25 CVE-2018-10373 GNU
Redhat
NULL Pointer Dereference vulnerability in multiple products

concat_filename in dwarf2.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.30, allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted binary file, as demonstrated by nm-new.

4.3
2018-04-25 CVE-2018-10372 GNU
Redhat
Out-of-bounds Read vulnerability in multiple products

process_cu_tu_index in dwarf.c in GNU Binutils 2.30 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted binary file, as demonstrated by readelf.

4.3
2018-04-25 CVE-2018-10366 User Project Cross-site Scripting vulnerability in User Project User 1.4.5

An issue was discovered in the Users (aka Front-end user management) plugin 1.4.5 for October CMS.

4.3
2018-04-24 CVE-2017-2839 Freerdp
Debian
An exploitable denial of service vulnerability exists within the handling of challenge packets in FreeRDP 2.0.0-beta1+android11.
4.3
2018-04-24 CVE-2017-2838 Freerdp
Debian
Integer Overflow or Wraparound vulnerability in multiple products

An exploitable denial of service vulnerability exists within the handling of challenge packets in FreeRDP 2.0.0-beta1+android11.

4.3
2018-04-24 CVE-2017-2837 Freerdp
Debian
Integer Overflow or Wraparound vulnerability in multiple products

An exploitable denial of service vulnerability exists within the handling of security data in FreeRDP 2.0.0-beta1+android11.

4.3
2018-04-24 CVE-2017-2836 Freerdp
Debian
Improper Certificate Validation vulnerability in multiple products

An exploitable denial of service vulnerability exists within the reading of proprietary server certificates in FreeRDP 2.0.0-beta1+android11.

4.3
2018-04-24 CVE-2018-7931 Huawei Unspecified vulnerability in Huawei Appgallery

Huawei AppGallery versions before 8.0.4.301 has a whitelist mechanism bypass vulnerability.

4.3
2018-04-24 CVE-2018-5228 Atlassian Cross-site Scripting vulnerability in Atlassian Crucible and Fisheye

The /browse/~raw resource in Atlassian Fisheye and Crucible before version 4.5.3 allows remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability in the handling of response headers.

4.3
2018-04-24 CVE-2018-7751 Ffmpeg Infinite Loop vulnerability in Ffmpeg

The svg_probe function in libavformat/img2dec.c in FFmpeg through 3.4.2 allows remote attackers to cause a denial of service (Infinite Loop) via a crafted XML file.

4.3
2018-04-24 CVE-2018-10329 Phpipam Cross-site Scripting vulnerability in PHPipam 1.3.1

app/tools/mac-lookup/index.php in phpIPAM 1.3.1 has Reflected XSS on /tools/mac-lookup/ via the mac parameter.

4.3
2018-04-24 CVE-2018-10316 Nasm Integer Overflow or Wraparound vulnerability in Nasm Netwide Assembler 2.14

Netwide Assembler (NASM) 2.14rc0 has an endless while loop in the assemble_file function of asm/nasm.c because of a globallineno integer overflow.

4.3
2018-04-24 CVE-2018-10311 Wuzhicms Cross-site Scripting vulnerability in Wuzhicms Wuzhi CMS 4.1.0

A vulnerability was discovered in WUZHI CMS 4.1.0.

4.3
2018-04-23 CVE-2017-13073 Qnap Cross-site Scripting vulnerability in Qnap Photo Station

Cross-site scripting (XSS) vulnerability in QNAP NAS application Photo Station versions 5.2.7, 5.4.3, and their earlier versions could allow remote attackers to inject arbitrary web script or HTML.

4.3
2018-04-23 CVE-2017-1486 IBM Cross-site Scripting vulnerability in IBM Cognos Business Intelligence

IBM Cognos Business Intelligence 10.2, 10.2.1, 10.2.1.1, and 10.2.2 is vulnerable to cross-site scripting.

4.3
2018-04-27 CVE-2018-10522 Cmsmadesimple Information Exposure vulnerability in Cmsmadesimple CMS Made Simple

In CMS Made Simple (CMSMS) through 2.2.7, the "file view" operation in the admin dashboard contains a sensitive information disclosure vulnerability, exploitable by ordinary users, because the product exposes unrestricted access to the PHP file_get_contents function.

4.0
2018-04-27 CVE-2018-10521 Cmsmadesimple Unrestricted Upload of File with Dangerous Type vulnerability in Cmsmadesimple CMS Made Simple

In CMS Made Simple (CMSMS) through 2.2.7, the "file move" operation in the admin dashboard contains an arbitrary file movement vulnerability that can cause DoS, exploitable by an admin user, because config.php can be moved into an incorrect directory.

4.0
2018-04-27 CVE-2013-5461 IBM Credentials Management vulnerability in IBM products

IBM Endpoint Manager for Remote Control 9.0.0 and 9.0.1 and Tivoli Remote Control 5.1.2 store multiple hashes of partial passwords, which makes it easier for remote attackers to decrypt passwords by leveraging access to the hashes.

4.0
2018-04-27 CVE-2017-1116 IBM Information Exposure vulnerability in IBM Campaign

IBM Campaign 8.6, 9.0, 9.1, 9.1.1, 9.1.2, and 10.0 contains excessive details on the client side which could provide information useful for an authenticated user to conduct other attacks.

4.0
2018-04-26 CVE-2018-1074 Ovirt
Redhat
Insufficiently Protected Credentials vulnerability in multiple products

ovirt-engine API and administration web portal before versions 4.2.2.5, 4.1.11.2 is vulnerable to an exposure of Power Management credentials, including cleartext passwords to Host Administrators.

4.0
2018-04-26 CVE-2016-9590 Openstack
Redhat
Information Exposure vulnerability in multiple products

puppet-swift before versions 8.2.1, 9.4.4 is vulnerable to an information-disclosure in Red Hat OpenStack Platform director's installation of Object Storage (swift).

4.0
2018-04-26 CVE-2017-1723 IBM Path Traversal vulnerability in IBM products

IBM Security QRadar SIEM 7.2 and 7.3 could allow a remote attacker to traverse directories on the system.

4.0
2018-04-26 CVE-2018-10424 1234N Information Exposure vulnerability in 1234N Minicms 1.10

mc-admin/post-edit.php in MiniCMS 1.10 allows full path disclosure via a modified id field.

4.0
2018-04-26 CVE-2018-10423 1234N Information Exposure vulnerability in 1234N Minicms 1.10

mc-admin/post.php in MiniCMS 1.10 allows remote attackers to obtain a directory listing of the top-level directory of the web root via a link that becomes available after posting an article.

4.0
2018-04-25 CVE-2014-0882 IBM Information Exposure vulnerability in IBM Integrated Management Module Firmware

Integrated Management Module II (IMM2) on IBM Flex System, NeXtScale, System x3xxx, and System x iDataPlex systems might allow remote authenticated users to obtain sensitive account information via vectors related to generated Service Advisor data (FFDC).

4.0
2018-04-25 CVE-2018-8801 Gitlab Server-Side Request Forgery (SSRF) vulnerability in Gitlab

GitLab Community and Enterprise Editions version 8.3 up to 10.x before 10.3 are vulnerable to SSRF in the Services and webhooks component.

4.0
2018-04-24 CVE-2017-9654 Philips Insufficiently Protected Credentials vulnerability in Philips Dosewise 1.1.7.333/2.1.1.3069

The Philips DoseWise Portal web-based application versions 1.1.7.333 and 2.1.1.3069 stores login credentials in clear text within backend system files.

4.0
2018-04-24 CVE-2017-1734 IBM Information Exposure vulnerability in IBM products

IBM Jazz Team Server affecting the following IBM Rational Products: Collaborative Lifecycle Management (CLM), Rational DOORS Next Generation (RDNG), Rational Engineering Lifecycle Manager (RELM), Rational Team Concert (RTC), Rational Quality Manager (RQM), Rational Rhapsody Design Manager (Rhapsody DM), and Rational Software Architect (RSA DM) stores potentially sensitive information in a cache that could be read by authenticated users.

4.0
2018-04-24 CVE-2017-1725 IBM Information Exposure vulnerability in IBM products

IBM Jazz Team Server affecting the following IBM Rational Products: Collaborative Lifecycle Management (CLM), Rational DOORS Next Generation (RDNG), Rational Engineering Lifecycle Manager (RELM), Rational Team Concert (RTC), Rational Quality Manager (RQM), Rational Rhapsody Design Manager (Rhapsody DM), and Rational Software Architect (RSA DM) contain an undisclosed vulnerability with the potential for information disclosure.

4.0
2018-04-24 CVE-2017-1700 IBM Incorrect Authorization vulnerability in IBM products

IBM Jazz Team Server affecting the following IBM Rational Products: Collaborative Lifecycle Management (CLM), Rational DOORS Next Generation (RDNG), Rational Engineering Lifecycle Manager (RELM), Rational Team Concert (RTC), Rational Quality Manager (RQM), Rational Rhapsody Design Manager (Rhapsody DM), and Rational Software Architect (RSA DM) could allow an authenticated user to cause a denial of service due to incorrect authorization for resource intensive scenarios.

4.0
2018-04-23 CVE-2017-1701 IBM Inadequate Encryption Strength vulnerability in IBM products

IBM Team Concert (RTC) 5.0, 5.0.1, 5.0.2, 6.0, 6.0.1, 6.0.2, 6.0.3, 6.0.4, and 6.0.5 stores credentials for users using a weak encryption algorithm, which could allow an authenticated user to obtain highly sensitive information.

4.0

36 Low Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2018-04-28 CVE-2018-10527 Easycms Project Cross-site Scripting vulnerability in Easycms Project Easycms 1.3

EasyCMS 1.3 is prone to Stored XSS when posting an article; four fields are affected: title, keyword, abstract, and content, as demonstrated by the /admin/index/index.html#listarticle URI.

3.5
2018-04-27 CVE-2013-5391 IBM Cryptographic Issues vulnerability in IBM Mobile Foundation and Worklight

IBM Worklight Consumer and Enterprise Editions 5.0.x before 5.0.6 Fix Pack 2 and 6.0.x before 6.0.0 Fix Pack 2, and Mobile Foundation Consumer and Enterprise Editions 5.0.x before 5.0.6 Fix Pack 2 and 6.0.0 Fix Pack 2 make it easier for attackers to defeat cryptographic protection mechanisms by leveraging improper initialization of the pseudo random number generator (PRNG) in Android and use of the Java Cryptography Architecture (JCA) by a Worklight program.

3.5
2018-04-26 CVE-2018-7465 Virtuemart Cross-site Scripting vulnerability in Virtuemart

An XSS issue was discovered in VirtueMart before 3.2.14.

3.5
2018-04-26 CVE-2018-10430 Dilicms Cross-site Scripting vulnerability in Dilicms 2.4.0

An issue was discovered in DiliCMS (aka DiligentCMS) 2.4.0.

3.5
2018-04-26 CVE-2018-6518 Compo Cross-site Scripting vulnerability in Compo Composr CMS 10.0.13

Composr CMS 10.0.13 has XSS via the site_name parameter in a page=admin-setupwizard&type=step3 request to /adminzone/index.php.

3.5
2018-04-26 CVE-2017-1724 IBM Cross-site Scripting vulnerability in IBM products

IBM Security QRadar SIEM 7.2 and 7.3 is vulnerable to cross-site scripting.

3.5
2018-04-26 CVE-2017-14740 Genixcms Cross-site Scripting vulnerability in Genixcms 1.1.0

Cross-site scripting (XSS) vulnerability in GeniXCMS 1.1.0 allows remote authenticated users to inject arbitrary web script or HTML via the Menu ID when adding a menu.

3.5
2018-04-26 CVE-2018-10422 Hongcms Project Cross-site Scripting vulnerability in Hongcms Project Hongcms 3.0.0

An issue was discovered in HongCMS 3.0.0.

3.5
2018-04-26 CVE-2018-10391 Wuzhicms Cross-site Scripting vulnerability in Wuzhicms Wuzhi CMS 4.1.0

An issue was discovered in WUZHI CMS 4.1.0.

3.5
2018-04-25 CVE-2018-8716 Wso2 Cross-site Scripting vulnerability in Wso2 Identity Server

WSO2 Identity Server before 5.5.0 has XSS via the dashboard, allowing attacks by low-privileged attackers.

3.5
2018-04-25 CVE-2018-10213 Vaultize Cross-site Scripting vulnerability in Vaultize Enterprise File Sharing 17.05.31

An issue was discovered in Vaultize Enterprise File Sharing 17.05.31.

3.5
2018-04-25 CVE-2018-10209 Vaultize Cross-site Scripting vulnerability in Vaultize Enterprise File Sharing 17.05.31

An issue was discovered in Vaultize Enterprise File Sharing 17.05.31.

3.5
2018-04-25 CVE-2018-10206 Vaultize Cross-site Scripting vulnerability in Vaultize Enterprise File Sharing 17.05.31

An issue was discovered in Vaultize Enterprise File Sharing 17.05.31.

3.5
2018-04-25 CVE-2018-1363 IBM Cross-site Scripting vulnerability in IBM Jazz Reporting Service

IBM Jazz Reporting Service (JRS) 5.0 through 5.0.2 and 6.0 through 6.0.5 is vulnerable to cross-site scripting.

3.5
2018-04-25 CVE-2017-1750 IBM Cross-site Scripting vulnerability in IBM Jazz Reporting Service

IBM Jazz Reporting Service (JRS) 5.0 through 5.0.2 and 6.0 through 6.0.5 is vulnerable to cross-site scripting.

3.5
2018-04-25 CVE-2018-10368 Wuzhicms Cross-site Scripting vulnerability in Wuzhicms Wuzhi CMS 4.1.0

An issue was discovered in WUZHI CMS 4.1.0.

3.5
2018-04-25 CVE-2018-10367 Wuzhicms Cross-site Scripting vulnerability in Wuzhicms Wuzhi CMS 4.1.0

An issue was discovered in WUZHI CMS 4.1.0.

3.5
2018-04-25 CVE-2018-10310 Catapultthemes Cross-site Scripting vulnerability in Catapultthemes Cookie Consent

A persistent cross-site scripting vulnerability has been identified in the web interface of the Catapult UK Cookie Consent plugin before 2.3.10 for WordPress that allows the execution of arbitrary HTML/script code in the context of a victim's browser.

3.5
2018-04-24 CVE-2018-10321 Frogcms Project Cross-site Scripting vulnerability in Frogcms Project Frogcms 0.9.5

Frog CMS 0.9.5 has a stored Cross Site Scripting Vulnerability via "Admin Site title" in Settings.

3.5
2018-04-24 CVE-2018-10320 Frogcms Project Cross-site Scripting vulnerability in Frogcms Project Frogcms 0.9.5

Frog CMS 0.9.5 has XSS via the admin/?/layout/edit layout[name] parameter, aka Edit Layout.

3.5
2018-04-24 CVE-2018-10319 Frogcms Project Cross-site Scripting vulnerability in Frogcms Project Frogcms 0.9.5

Frog CMS 0.9.5 has XSS via the admin/?/snippet/edit snippet[name] parameter, aka Edit Snippet.

3.5
2018-04-24 CVE-2018-10318 Frogcms Project Cross-site Scripting vulnerability in Frogcms Project Frogcms 0.9.5

Frog CMS 0.9.5 has XSS via the admin/?/page/edit page[keywords] parameter, aka Edit Page Metadata.

3.5
2018-04-24 CVE-2018-10313 Wuzhicms Cross-site Scripting vulnerability in Wuzhicms Wuzhi CMS 4.1.0

WUZHI CMS 4.1.0 allows persistent XSS via the form%5Bqq_10%5D parameter to the /index.php?m=member&f=index&v=profile&set_iframe=1 URI.

3.5
2018-04-24 CVE-2018-10309 Responsive Cookie Consent Project Cross-site Scripting vulnerability in Responsive Cookie Consent Project Responsive Cookie Consent

The Responsive Cookie Consent plugin before 1.8 for WordPress mishandles number fields, leading to XSS.

3.5
2018-04-23 CVE-2018-10234 Ultimatemember Cross-site Scripting vulnerability in Ultimatemember User Profile & Membership

Authenticated Cross site Scripting exists in the User Profile & Membership plugin before 2.0.11 for WordPress via the "Account Deletion Custom Text" input field on the wp-admin/admin.php?page=um_options&section=account page.

3.5
2018-04-23 CVE-2017-1786 IBM Missing Release of Resource after Effective Lifetime vulnerability in IBM Websphere MQ

IBM WebSphere MQ 8.0 through 8.0.0.8 and 9.0 through 9.0.4 under special circumstances could allow an authenticated user to consume all resources due to a memory leak resulting in service loss.

3.5
2018-04-25 CVE-2017-12716 Abbott Cleartext Transmission of Sensitive Information vulnerability in Abbott products

Abbott Laboratories Accent and Anthem pacemakers manufactured prior to Aug 28, 2017 transmit unencrypted patient information via RF communications to programmers and home monitoring units.

3.3
2018-04-24 CVE-2018-10328 Momentum Use of Hard-coded Credentials vulnerability in Momentum Axel 720P Firmware 5.1.8

Momentum Axel 720P 5.1.8 devices have a hardcoded password of streaming for the appagent account, which allows remote attackers to view the RTSP video stream.

3.3
2018-04-24 CVE-2018-1059 Canonical
Redhat
Dpdk
Information Exposure vulnerability in multiple products

The DPDK vhost-user interface does not check to verify that all the requested guest physical range is mapped and contiguous when performing Guest Physical Addresses to Host Virtual Addresses translations.

2.9
2018-04-27 CVE-2014-0841 IBM Inadequate Encryption Strength vulnerability in IBM Rational Focal Point

IBM Rational Focal Point 6.4.0, 6.4.1, 6.5.1, 6.5.2, and 6.6.0 use a weak algorithm to hash passwords, which makes it easier for context-dependent attackers to obtain cleartext values via a brute-force attack.

2.1
2018-04-23 CVE-2018-1106 Packagekit Project
Redhat
Canonical
Debian
Improper Authentication vulnerability in multiple products

An authentication bypass flaw has been found in PackageKit before 1.1.10 that allows users without administrator privileges to install signed packages.

2.1
2018-04-23 CVE-2018-4847 Siemens Missing Encryption of Sensitive Data vulnerability in Siemens Simatic Wincc OA Operator

A vulnerability has been identified in SIMATIC WinCC OA Operator iOS App (All versions < V1.4).

2.1
2018-04-29 CVE-2018-10545 PHP
Canonical
Debian
Netapp
Information Exposure vulnerability in PHP

An issue was discovered in PHP before 5.6.35, 7.0.x before 7.0.29, 7.1.x before 7.1.16, and 7.2.x before 7.2.4.

1.9
2018-04-27 CVE-2018-10472 XEN
Debian
Information Exposure vulnerability in multiple products

An issue was discovered in Xen through 4.10.x allowing x86 HVM guest OS users (in certain configurations) to read arbitrary dom0 files via QMP live insertion of a CDROM, in conjunction with specifying the target file as the backing file of a snapshot.

1.9
2018-04-23 CVE-2017-1764 IBM Insufficiently Protected Credentials vulnerability in IBM Cognos Business Intelligence

IBM Cognos Business Intelligence 10.2, 10.2.1, 10.2.1.1, and 10.2.2, under specialized circumstances, could expose plain text credentials to a local user.

1.9
2018-04-25 CVE-2014-0872 IBM Information Exposure vulnerability in IBM Security KEY Lifecycle Manager 2.5.0

The installation process in IBM Security Key Lifecycle Manager 2.5 stores unencrypted credentials, which might allow local users to obtain sensitive information by leveraging root access.

1.5