Weekly Vulnerabilities Reports > May 7 to 13, 2018

Overview

236 new vulnerabilities reported during this period, including 24 critical vulnerabilities and 48 high severity vulnerabilities. This weekly summary report vulnerabilities in 310 products from 92 vendors including Microsoft, Debian, Canonical, Redhat, and SAP. Vulnerabilities are notably categorized as "Cross-site Scripting", "Out-of-bounds Write", "Improper Input Validation", "Information Exposure", and "Improper Restriction of Operations within the Bounds of a Memory Buffer".

  • 178 reported vulnerabilities are remotely exploitables.
  • 21 reported vulnerabilities have public exploit available.
  • 63 reported vulnerabilities are related to weaknesses in OWASP Top Ten.
  • 202 reported vulnerabilities are exploitable by an anonymous user.
  • Microsoft has the most reported vulnerabilities, with 65 reported vulnerabilities.
  • Microsoft has the most reported critical vulnerabilities, with 9 reported vulnerabilities.

TOTAL
VULNERABILITIES
CRITICAL RISK
VULNERABILITIES
HIGH RISK
VULNERABILITIES
MEDIUM RISK
VULNERABILITIES
LOW RISK
VULNERABILITIES
REMOTELY
EXPLOITABLE
LOCALLY
EXPLOITABLE
EXPLOIT
AVAILABLE
EXPLOITABLE
ANONYMOUSLY
AFFECTING
WEB APPLICATION

Vulnerability Details

The following table list reported vulnerabilities for the period covered by this report:

Expand/Hide

24 Critical Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2018-05-13 CVE-2018-11013 D Link Out-Of-Bounds Write vulnerability in D-Link Dir-816 A2 Firmware 1.10B05

Stack-based buffer overflow in the websRedirect function in GoAhead on D-Link DIR-816 A2 (CN) routers with firmware version 1.10B05 allows unauthenticated remote attackers to execute arbitrary code via a request with a long HTTP Host header.

10.0
2018-05-12 CVE-2018-10996 D Link Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in D-Link Dir-629-B Firmware

The weblogin_log function in /htdocs/cgibin on D-Link DIR-629-B1 devices allows attackers to execute arbitrary code or cause a denial of service (buffer overflow) via a session.cgi?ACTION=logout request involving a long REMOTE_ADDR environment variable.

10.0
2018-05-09 CVE-2017-14481 Mysql MMM OS Command Injection vulnerability in Mysql-Mmm Mysql Multi-Master Replication Manager 2.2.1

In the MMM::Agent::Helpers::Network::send_arp function in MySQL Multi-Master Replication Manager (MMM) mmm_agentd 2.2.1 (for Solaris), a specially crafted MMM protocol message can cause a shell command injection resulting in arbitrary command execution with the privileges of the mmm\_agentd process.

10.0
2018-05-09 CVE-2017-14480 Mysql MMM OS Command Injection vulnerability in Mysql-Mmm Mysql Multi-Master Replication Manager 2.2.1

In the MMM::Agent::Helpers::Network::clear_ip function in MySQL Multi-Master Replication Manager (MMM) mmm_agentd 2.2.1 (for FreeBSD), a specially crafted MMM protocol message can cause a shell command injection resulting in arbitrary command execution with the privileges of the mmm\_agentd process.

10.0
2018-05-09 CVE-2017-14479 Mysql MMM OS Command Injection vulnerability in Mysql-Mmm Mysql Multi-Master Replication Manager 2.2.1

In the MMM::Agent::Helpers::Network::clear_ip function in MySQL Multi-Master Replication Manager (MMM) mmm_agentd 2.2.1 (for Solaris), a specially crafted MMM protocol message can cause a shell command injection resulting in arbitrary command execution with the privileges of the mmm\_agentd process.

10.0
2018-05-09 CVE-2017-14478 Mysql MMM OS Command Injection vulnerability in Mysql-Mmm Mysql Multi-Master Replication Manager 2.2.1

In the MMM::Agent::Helpers::Network::clear_ip function in MySQL Multi-Master Replication Manager (MMM) mmm_agentd 2.2.1 (for Linux), a specially crafted MMM protocol message can cause a shell command injection resulting in arbitrary command execution with the privileges of the mmm\_agentd process.

10.0
2018-05-09 CVE-2017-14477 Mysql MMM OS Command Injection vulnerability in Mysql-Mmm Mysql Multi-Master Replication Manager 2.2.1

In the MMM::Agent::Helpers::Network::add_ip function in MySQL Multi-Master Replication Manager (MMM) mmm_agentd 2.2.1 (for FreeBSD), a specially crafted MMM protocol message can cause a shell command injection resulting in arbitrary command execution with the privileges of the mmm\_agentd process.

10.0
2018-05-09 CVE-2017-14476 Mysql MMM OS Command Injection vulnerability in Mysql-Mmm Mysql Multi-Master Replication Manager 2.2.1

In the MMM::Agent::Helpers::Network::add_ip function in MySQL Multi-Master Replication Manager (MMM) mmm_agentd 2.2.1 (for Solaris), a specially crafted MMM protocol message can cause a shell command injection resulting in arbitrary command execution with the privileges of the mmm\_agentd process.

10.0
2018-05-09 CVE-2017-14475 Mysql MMM OS Command Injection vulnerability in Mysql-Mmm Mysql Multi-Master Replication Manager 2.2.1

In the MMM::Agent::Helpers::Network::add_ip function in MySQL Multi-Master Replication Manager (MMM) mmm_agentd 2.2.1 (for Linux), a specially crafted MMM protocol message can cause a shell command injection resulting in arbitrary command execution with the privileges of the mmm\_agentd process.

10.0
2018-05-09 CVE-2017-14474 Mysql MMM OS Command Injection vulnerability in Mysql-Mmm Mysql Multi-Master Replication Manager 2.2.1

In the MMM::Agent::Helpers::_execute function in MySQL Multi-Master Replication Manager (MMM) mmm_agentd 2.2.1, a specially crafted MMM protocol message can cause a shell command injection resulting in arbitrary command execution with the privileges of the mmm\_agentd process.

10.0
2018-05-09 CVE-2018-8154 Microsoft Out-Of-Bounds Write vulnerability in Microsoft Exchange Server 2010/2013/2016

A remote code execution vulnerability exists in Microsoft Exchange software when the software fails to properly handle objects in memory, aka "Microsoft Exchange Memory Corruption Vulnerability." This affects Microsoft Exchange Server.

10.0
2018-05-09 CVE-2016-9335 Redlion USE of Hard-Coded Credentials vulnerability in Redlion products

A hard-coded cryptographic key vulnerability was identified in Red Lion Controls Sixnet-Managed Industrial Switches running firmware Version 5.0.196 and Stride-Managed Ethernet Switches running firmware Version 5.0.190.

10.0
2018-05-09 CVE-2018-10682 Wildfly Improper Authentication vulnerability in Wildfly 10.1.2

** DISPUTED ** An issue was discovered in WildFly 10.1.2.Final.

10.0
2018-05-08 CVE-2017-17540 Fortinet USE of Hard-Coded Credentials vulnerability in Fortinet Fortiwlc

The presence of a hardcoded account in Fortinet FortiWLC 8.3.3 allows attackers to gain unauthorized read/write access via a remote shell.

10.0
2018-05-08 CVE-2017-17539 Fortinet USE of Hard-Coded Credentials vulnerability in Fortinet Fortiwlc

The presence of a hardcoded account in Fortinet FortiWLC 7.0.11 and earlier allows attackers to gain unauthorized read/write access via a remote shell.

10.0
2018-05-09 CVE-2018-8173 Microsoft Unspecified vulnerability in Microsoft Infopath 2013

A remote code execution vulnerability exists in Microsoft InfoPath when the software fails to properly handle objects in memory, aka "Microsoft InfoPath Remote Code Execution Vulnerability." This affects Microsoft Infopath.

9.3
2018-05-09 CVE-2018-8162 Microsoft Unspecified vulnerability in Microsoft Excel, Office and Office FOR mac

A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory, aka "Microsoft Excel Remote Code Execution Vulnerability." This affects Microsoft Office, Microsoft Excel.

9.3
2018-05-09 CVE-2018-8161 Microsoft Unspecified vulnerability in Microsoft products

A remote code execution vulnerability exists in Microsoft Office software when the software fails to properly handle objects in memory, aka "Microsoft Office Remote Code Execution Vulnerability." This affects Microsoft Word, Word, Microsoft Office, Microsoft SharePoint.

9.3
2018-05-09 CVE-2018-8158 Microsoft Unspecified vulnerability in Microsoft Office 2010/2013/2016

A remote code execution vulnerability exists in Microsoft Office software when the software fails to properly handle objects in memory, aka "Microsoft Office Remote Code Execution Vulnerability." This affects Microsoft Office.

9.3
2018-05-09 CVE-2018-8157 Microsoft Unspecified vulnerability in Microsoft Office 2010/2013/2016

A remote code execution vulnerability exists in Microsoft Office software when the software fails to properly handle objects in memory, aka "Microsoft Office Remote Code Execution Vulnerability." This affects Microsoft Office.

9.3
2018-05-09 CVE-2018-8148 Microsoft Unspecified vulnerability in Microsoft products

A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory, aka "Microsoft Excel Remote Code Execution Vulnerability." This affects Microsoft Office, Microsoft Excel.

9.3
2018-05-09 CVE-2018-8147 Microsoft Unspecified vulnerability in Microsoft products

A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory, aka "Microsoft Excel Remote Code Execution Vulnerability." This affects Microsoft Office, Microsoft Excel.

9.3
2018-05-09 CVE-2018-8136 Microsoft Unspecified vulnerability in Microsoft products

A remote code execution vulnerability exists in the way that Windows handles objects in memory, aka "Windows Remote Code Execution Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers.

9.3
2018-05-08 CVE-2018-1239 Dell OS Command Injection vulnerability in Dell products

Dell EMC Unity Operating Environment (OE) versions prior to 4.3.0.1522077968 are affected by multiple OS command injection vulnerabilities.

9.0

48 High Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2018-05-09 CVE-2018-8866 Vecna OS Command Injection vulnerability in Vecna VGO Firmware

In Vecna VGo Robot versions prior to 3.0.3.52164, an attacker on an adjacent network could perform command injection.

8.3
2018-05-08 CVE-2015-1503 Icewarp Path Traversal vulnerability in Icewarp Mail Server

Multiple directory traversal vulnerabilities in IceWarp Mail Server before 11.2 allow remote attackers to read arbitrary files via a (1) ..

7.8
2018-05-09 CVE-2018-8179 Microsoft Out-Of-Bounds Write vulnerability in Microsoft Edge

A remote code execution vulnerability exists when Microsoft Edge improperly accesses objects in memory, aka "Microsoft Edge Memory Corruption Vulnerability." This affects Microsoft Edge.

7.6
2018-05-09 CVE-2018-8178 Microsoft Out-Of-Bounds Write vulnerability in Microsoft Chakracore, Edge and Internet Explorer

A remote code execution vulnerability exists in the way that Microsoft browsers access objects in memory, aka "Microsoft Browser Memory Corruption Vulnerability." This affects ChakraCore, Internet Explorer 11, Microsoft Edge.

7.6
2018-05-09 CVE-2018-8177 Microsoft Out-Of-Bounds Write vulnerability in Microsoft Chakracore and Edge

A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects ChakraCore.

7.6
2018-05-09 CVE-2018-8174 Microsoft Out-Of-Bounds Write vulnerability in Microsoft products

A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory, aka "Windows VBScript Engine Remote Code Execution Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers.

7.6
2018-05-09 CVE-2018-8145 Microsoft Information Exposure vulnerability in Microsoft Chakracore, Edge and Internet Explorer

An information disclosure vulnerability exists when Chakra improperly discloses the contents of its memory, which could provide an attacker with information to further compromise the user's computer or data, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects ChakraCore, Internet Explorer 11, Microsoft Edge, Internet Explorer 10.

7.6
2018-05-09 CVE-2018-8139 Microsoft Out-Of-Bounds Read vulnerability in Microsoft Chakracore and Edge

A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka "Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore.

7.6
2018-05-09 CVE-2018-8137 Microsoft Out-Of-Bounds Write vulnerability in Microsoft Chakracore and Edge

A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka "Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore.

7.6
2018-05-09 CVE-2018-8133 Microsoft Type Confusion vulnerability in Microsoft Chakracore and Edge

A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore.

7.6
2018-05-09 CVE-2018-8130 Microsoft Out-Of-Bounds Write vulnerability in Microsoft Chakracore and Edge

A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore.

7.6
2018-05-09 CVE-2018-8128 Microsoft Out-Of-Bounds Write vulnerability in Microsoft Chakracore and Edge

A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka "Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore.

7.6
2018-05-09 CVE-2018-8122 Microsoft Out-Of-Bounds Write vulnerability in Microsoft Internet Explorer 11

A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer, aka "Scripting Engine Memory Corruption Vulnerability." This affects Internet Explorer 11.

7.6
2018-05-09 CVE-2018-8114 Microsoft Out-Of-Bounds Write vulnerability in Microsoft Internet Explorer 11

A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer, aka "Scripting Engine Memory Corruption Vulnerability." This affects Internet Explorer 11.

7.6
2018-05-09 CVE-2018-1022 Microsoft Out-Of-Bounds Write vulnerability in Microsoft Chakracore, Edge and Internet Explorer

A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers, aka "Scripting Engine Memory Corruption Vulnerability." This affects ChakraCore, Internet Explorer 11, Microsoft Edge.

7.6
2018-05-09 CVE-2018-0955 Microsoft Out-Of-Bounds Write vulnerability in Microsoft Internet Explorer 10/11/9

A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer, aka "Scripting Engine Memory Corruption Vulnerability." This affects Internet Explorer 9, Internet Explorer 11, Internet Explorer 10.

7.6
2018-05-09 CVE-2018-0954 Microsoft Out-Of-Bounds Write vulnerability in Microsoft Chakracore, Edge and Internet Explorer

A remote code execution vulnerability exists in the way the scripting engine handles objects in memory in Microsoft browsers, aka "Scripting Engine Memory Corruption Vulnerability." This affects Internet Explorer 9, ChakraCore, Internet Explorer 11, Microsoft Edge, Internet Explorer 10.

7.6
2018-05-09 CVE-2018-0953 Microsoft Out-Of-Bounds Write vulnerability in Microsoft Chakracore and Edge

A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka "Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore.

7.6
2018-05-09 CVE-2018-0951 Microsoft Out-Of-Bounds Write vulnerability in Microsoft Edge

A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka "Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge.

7.6
2018-05-09 CVE-2018-0946 Microsoft USE After Free vulnerability in Microsoft Chakracore and Edge

A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka "Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore.

7.6
2018-05-09 CVE-2018-0945 Microsoft Out-Of-Bounds Write vulnerability in Microsoft Chakracore and Edge

A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Microsoft Edge, aka "Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore.

7.6
2018-05-09 CVE-2018-0943 Microsoft Out-Of-Bounds Write vulnerability in Microsoft Chakracore and Edge

A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore.

7.6
2018-05-11 CVE-2018-10992 Lilypond Argument Injection OR Modification vulnerability in Lilypond 2.19.80

lilypond-invoke-editor in LilyPond 2.19.80 does not validate strings before launching the program specified by the BROWSER environment variable, which allows remote attackers to conduct argument-injection attacks via a crafted URL, as demonstrated by a --proxy-pac-file argument, because the GNU Guile code uses the system Scheme procedure instead of the system* Scheme procedure.

7.5
2018-05-11 CVE-2018-1260 Pivotal Software Code Injection vulnerability in Pivotal Software Spring Security Oauth

Spring Security OAuth, versions 2.3 prior to 2.3.3, 2.2 prior to 2.2.2, 2.1 prior to 2.1.2, 2.0 prior to 2.0.15 and older unsupported versions contains a remote code execution vulnerability.

7.5
2018-05-10 CVE-2018-8914 Synology SQL Injection vulnerability in Synology Media Server

SQL injection vulnerability in UPnP DMA in Synology Media Server before 1.7.6-2842 and before 1.4-2654 allows remote attackers to execute arbitrary SQL commands via the ObjectID parameter.

7.5
2018-05-10 CVE-2018-9112 Foxconn USE of Hard-Coded Credentials vulnerability in Foxconn Ap-Fc4064-T Firmware Apgtb385.8.3Lb15W47Lte

A low privileged admin account with a weak default password of admin exists on the Foxconn FEMTO AP-FC4064-T AP_GT_B38_5.8.3lb15-W47 LTE Build 15.

7.5
2018-05-10 CVE-2018-8824 Responsive Mega Menu PRO Project
Prestashop
SQL Injection vulnerability in multiple products

modules/bamegamenu/ajax_phpcode.php in the Responsive Mega Menu (Horizontal+Vertical+Dropdown) Pro module 1.0.32 for PrestaShop 1.5.5.0 through 1.7.2.5 allows remote attackers to execute a SQL Injection through function calls in the code parameter.

7.5
2018-05-10 CVE-2018-10942 Attribute Wizard Project
Prestashop
Unrestricted Upload of File With Dangerous Type vulnerability in Attribute Wizard Project Attribute Wizard 1.6.9

modules/attributewizardpro/file_upload.php in the Attribute Wizard addon 1.6.9 for PrestaShop 1.4.0.1 through 1.6.1.18 allows remote attackers to execute arbitrary code by uploading a .phtml file.

7.5
2018-05-09 CVE-2018-2420 SAP Unrestricted Upload of File With Dangerous Type vulnerability in SAP Internet Graphics Server

SAP Internet Graphics Server (IGS), 7.20, 7.20EXT, 7.45, 7.49, 7.53, allows an attacker to upload any file (including script files) without proper file format validation.

7.5
2018-05-09 CVE-2018-2418 SAP Code Injection vulnerability in SAP Maxdb Odbc Driver

SAP MaxDB ODBC driver (all versions before 7.9.09.07) allows an attacker to inject code that can be executed by the application.

7.5
2018-05-09 CVE-2018-10683 Wildfly Improper Authentication vulnerability in Redhat Wildfly 10.1.2

** DISPUTED ** An issue was discovered in WildFly 10.1.2.Final.

7.5
2018-05-08 CVE-2018-1000178 Quassel IRC
Debian
Out-Of-Bounds Write vulnerability in multiple products

A heap corruption of type CWE-120 exists in quassel version 0.12.4 in quasselcore in void DataStreamPeer::processMessage(const QByteArray &msg) datastreampeer.cpp line 62 that allows an attacker to execute code remotely.

7.5
2018-05-07 CVE-2018-10771 Moinejf Out-Of-Bounds Write vulnerability in Moinejf Abcm2Ps

Stack-based buffer overflow in the get_key function in parse.c in abcm2ps through 8.13.20 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact.

7.5
2018-05-09 CVE-2018-0961 Microsoft Improper Input Validation vulnerability in Microsoft Windows 10 and Windows Server 2016

A remote code execution vulnerability exists when Windows Hyper-V on a host server fails to properly validate vSMB packet data, aka "Hyper-V vSMB Remote Code Execution Vulnerability." This affects Windows Server 2016, Windows 10, Windows 10 Servers.

7.4
2018-05-09 CVE-2018-0959 Microsoft Improper Input Validation vulnerability in Microsoft products

A remote code execution vulnerability exists when Windows Hyper-V on a host server fails to properly validate input from an authenticated user on a guest operating system, aka "Hyper-V Remote Code Execution Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers.

7.4
2018-05-11 CVE-2009-5151 Absolute Improper Access Control vulnerability in Absolute Computrace Agent 70.785

The stub component of Absolute Computrace Agent V70.785 executes code from a disk's inter-partition space without requiring a digital signature for that code, which allows attackers to execute code on the BIOS.

7.2
2018-05-11 CVE-2009-5150 Absolute Improper Access Control vulnerability in Absolute Computrace Agent 80.845/80.866

Absolute Computrace Agent V80.845 and V80.866 does not have a digital signature for the configuration block, which allows attackers to set up communication with a web site other than the intended search.namequery.com site by modifying data within a disk's inter-partition space.

7.2
2018-05-11 CVE-2017-6015 Rockwellautomation Injection vulnerability in Rockwellautomation Factorytalk Activation

Without quotation marks, any whitespace in the file path for Rockwell Automation FactoryTalk Activation version 4.00.02 remains ambiguous, which may allow an attacker to link to or run a malicious executable.

7.2
2018-05-10 CVE-2018-10982 XEN
Debian
An issue was discovered in Xen through 4.10.x allowing x86 HVM guest OS users to cause a denial of service (unexpectedly high interrupt number, array overrun, and hypervisor crash) or possibly gain hypervisor privileges by setting up an HPET timer to deliver interrupts in IO-APIC mode, aka vHPET interrupt injection.
7.2
2018-05-10 CVE-2018-3612 Intel Improper Input Validation vulnerability in Intel products

Intel NUC kits with insufficient input validation in system firmware, potentially allows a local attacker to elevate privileges to System Management Mode (SMM).

7.2
2018-05-10 CVE-2018-7940 Huawei Improper Authentication vulnerability in Huawei Mate 9 Firmware and Mate 9 PRO Firmware

Huawei smart phones Mate 10 and Mate 10 Pro with earlier versions than 8.0.0.129(SP2C00) and earlier versions than 8.0.0.129(SP2C01) have an authentication bypass vulnerability.

7.2
2018-05-10 CVE-2017-6293 Google Out-Of-Bounds Write vulnerability in Google Android

In Android before the 2018-05-05 security patch level, NVIDIA Tegra X1 TZ contains a vulnerability in Widevine TA where the software writes data past the end, or before the beginning, of the intended buffer, which may lead to escalation of Privileges.

7.2
2018-05-10 CVE-2017-6289 Google Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Google Android

In Android before the 2018-05-05 security patch level, NVIDIA Trusted Execution Environment (TEE) contains a memory corruption (due to unusual root cause) vulnerability, which if run within the speculative execution of the TEE, may lead to local escalation of privileges.

7.2
2018-05-09 CVE-2018-8165 Microsoft Improper Resource Shutdown OR Release vulnerability in Microsoft Windows 10 and Windows Server 2016

An elevation of privilege vulnerability exists when the DirectX Graphics Kernel (DXGKRNL) driver improperly handles objects in memory, aka "DirectX Graphics Kernel Elevation of Privilege Vulnerability." This affects Windows Server 2016, Windows 10, Windows 10 Servers.

7.2
2018-05-09 CVE-2018-8164 Microsoft Improper Resource Shutdown OR Release vulnerability in Microsoft products

An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka "Win32k Elevation of Privilege Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers.

7.2
2018-05-09 CVE-2018-8120 Microsoft Improper Resource Shutdown OR Release vulnerability in Microsoft Windows 7 and Windows Server 2008

An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka "Win32k Elevation of Privilege Vulnerability." This affects Windows Server 2008, Windows 7, Windows Server 2008 R2.

7.2
2018-05-08 CVE-2018-8897 Debian
Canonical
Redhat
Citrix
Synology
Apple
XEN
Freebsd
Race Condition vulnerability in multiple products

A statement in the System Programming Guide of the Intel 64 and IA-32 Architectures Software Developer's Manual (SDM) was mishandled in the development of some or all operating-system kernels, resulting in unexpected behavior for #DB exceptions that are deferred by MOV SS or POP SS, as demonstrated by (for example) privilege escalation in Windows, macOS, some Xen configurations, or FreeBSD, or a Linux kernel crash.

7.2
2018-05-08 CVE-2018-10380 KDE
Debian
Opensuse
Link Following vulnerability in multiple products

kwallet-pam in KDE KWallet before 5.12.6 allows local users to obtain ownership of arbitrary files via a symlink attack.

7.2

129 Medium Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2018-05-09 CVE-2018-8166 Microsoft Improper Resource Shutdown OR Release vulnerability in Microsoft products

An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka "Win32k Elevation of Privilege Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers.

6.9
2018-05-09 CVE-2018-8134 Microsoft Unspecified vulnerability in Microsoft products

An elevation of privilege vulnerability exists in the way that the Windows Kernel API enforces permissions, aka "Windows Elevation of Privilege Vulnerability." This affects Windows Server 2012 R2, Windows RT 8.1, Windows Server 2016, Windows 8.1, Windows 10, Windows 10 Servers.

6.9
2018-05-09 CVE-2018-8124 Microsoft Improper Resource Shutdown OR Release vulnerability in Microsoft products

An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka "Win32k Elevation of Privilege Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers.

6.9
2018-05-13 CVE-2018-11018 Pbootcms Cross-Site Request Forgery (CSRF) vulnerability in Pbootcms 1.0.7

An issue was discovered in PbootCMS v1.0.7.

6.8
2018-05-13 CVE-2018-11017 Libming Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Libming

The newVar_N function in decompile.c in libming through 0.4.8 mishandles cases where the header indicates a file size greater than the actual size, which allows remote attackers to cause a denial of service (Segmentation fault and application crash) or possibly have unspecified other impact.

6.8
2018-05-12 CVE-2018-11004 Sdcms Cross-Site Request Forgery (CSRF) vulnerability in Sdcms 1.5

An issue was discovered in SDcms v1.5.

6.8
2018-05-11 CVE-2018-6458 Ehcp Cross-Site Request Forgery (CSRF) vulnerability in Ehcp Easy Hosting Control Panel 0.37.12.B

Easy Hosting Control Panel (EHCP) v0.37.12.b allows remote attackers to conduct cross-site request forgery (CSRF) attacks by leveraging lack of CSRF protection.

6.8
2018-05-11 CVE-2018-6023 Fastweb Cross-Site Request Forgery (CSRF) vulnerability in Fastweb Fastgate Firmware 0.00.47

Fastweb FASTgate 0.00.47 devices are vulnerable to CSRF, with impacts including Wi-Fi password changing, Guest Wi-Fi activating, etc.

6.8
2018-05-10 CVE-2018-10972 Flif Out-Of-Bounds Write vulnerability in Flif Free Lossless Image Format 0.3

An issue was discovered in Free Lossless Image Format (FLIF) 0.3.

6.8
2018-05-10 CVE-2018-7933 Huawei Path Traversal vulnerability in Huawei Hirouter-Cd20 Firmware and Ws5200 Firmware

Huawei home gateway products HiRouter-CD20 and WS5200 with the versions before HiRouter-CD20-10 1.9.6 and the versions before WS5200-10 1.9.6 have a path traversal vulnerability.

6.8
2018-05-10 CVE-2018-10655 Devicelock Buffer Errors vulnerability in Devicelock Plug and Play Auditor 5.72

DLPnpAuditor.exe in DeviceLock Plug and Play Auditor (freeware) 5.72 has a Unicode Buffer Overflow (SEH).

6.8
2018-05-10 CVE-2017-18266 Freedesktop
Debian
Canonical
Injection vulnerability in multiple products

The open_envvar function in xdg-open in xdg-utils before 1.1.3 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remote attackers to conduct argument-injection attacks via a crafted URL, as demonstrated by %s in this environment variable.

6.8
2018-05-10 CVE-2018-10957 D Link Cross-Site Request Forgery (CSRF) vulnerability in D-Link Dir-868L Firmware 1.12

CSRF exists on D-Link DIR-868L devices, leading to (for example) a change to the Admin password.

6.8
2018-05-09 CVE-2018-8126 Microsoft Unspecified vulnerability in Microsoft Internet Explorer 11

A security feature bypass vulnerability exists when Internet Explorer fails to validate User Mode Code Integrity (UMCI) policies, aka "Internet Explorer Security Feature Bypass Vulnerability." This affects Internet Explorer 11.

6.8
2018-05-09 CVE-2018-8119 Microsoft Improper Certificate Validation vulnerability in Microsoft products

A spoofing vulnerability exists when the Azure IoT Device Provisioning AMQP Transport library improperly validates certificates over the AMQP protocol, aka "Azure IoT SDK Spoofing Vulnerability." This affects C# SDK, C SDK, Java SDK.

6.8
2018-05-09 CVE-2017-5175 Advantech Uncontrolled Search Path Element vulnerability in Advantech Webaccess

Advantech WebAccess 8.1 and earlier contains a DLL hijacking vulnerability which may allow an attacker to run a malicious DLL file within the search path resulting in execution of arbitrary code.

6.8
2018-05-07 CVE-2018-1256 Pivotal Software Unspecified vulnerability in Pivotal Software Spring Cloud SSO Connector 2.1.2

Spring Cloud SSO Connector, version 2.1.2, contains a regression which disables issuer validation in resource servers that are not bound to the SSO service.

6.8
2018-05-07 CVE-2018-10778 Mp3Gain Out-Of-Bounds Read vulnerability in Mp3Gain

Read access violation in the III_dequantize_sample function in mpglibDBL/layer3.c in mp3gain through 1.5.2-r2 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact, a different vulnerability than CVE-2017-9872 and CVE-2017-14409.

6.8
2018-05-07 CVE-2018-10777 Mp3Gain Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Mp3Gain

Buffer overflow in the WriteMP3GainAPETag function in apetag.c in mp3gain through 1.5.2-r2 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact.

6.8
2018-05-07 CVE-2018-10776 Mp3Gain Improper Input Validation vulnerability in Mp3Gain

The getbits function in mpglibDBL/common.c in mp3gain through 1.5.2-r2 allows remote attackers to cause a denial of service (segmentation fault and application crash) or possibly have unspecified other impact.

6.8
2018-05-11 CVE-2018-1258 Pivotal Software
Oracle
Netapp
Incorrect Authorization vulnerability in multiple products

Spring Framework version 5.0.5 when used in combination with any versions of Spring Security contains an authorization bypass when using method security.

6.5
2018-05-10 CVE-2018-7941 Huawei Improper Authentication vulnerability in Huawei products

Huawei iBMC V200R002C60 have an authentication bypass vulnerability.

6.5
2018-05-09 CVE-2018-6021 Silextechnology OS Command Injection vulnerability in Silextechnology Geh-Sd-320An Firmware and Sd-320An Firmware

Silex SD-320AN version 2.01 and prior and GE MobileLink(GEH-SD-320AN) version GEH-1.1 and prior have a system call parameter that is not properly sanitized, which may allow remote code execution.

6.5
2018-05-07 CVE-2018-10795 Liferay Unrestricted Upload of File With Dangerous Type vulnerability in Liferay Portal

** DISPUTED ** Liferay 6.2.x and before has an FCKeditor configuration that allows an attacker to upload or transfer files of dangerous types that can be automatically processed within the product's environment via a browser/liferay/browser.html?Type= or html/js/editor/fckeditor/editor/filemanager/browser/liferay/browser.html URI.

6.5
2018-05-10 CVE-2018-1115 Postgresql
Opensuse
Incorrect Permission Assignment for Critical Resource vulnerability in multiple products

postgresql before versions 10.4, 9.6.9 is vulnerable in the adminpack extension, the pg_catalog.pg_logfile_rotate() function doesn't follow the same ACLs than pg_rorate_logfile.

6.4
2018-05-09 CVE-2018-6020 Silextechnology Improper Authentication vulnerability in Silextechnology products

In Silex SX-500 all versions and GE MobileLink(GEH-500) version 1.54 and prior, authentication is not verified when making certain POST requests, which may allow attackers to modify system settings.

6.4
2018-05-10 CVE-2018-10977 2345 CC Improper Input Validation vulnerability in 2345.Cc Security Guard 3.7

In 2345 Security Guard 3.7, the driver file (2345BdPcSafe.sys, X64 version) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCTL 0x002220E4.

6.1
2018-05-10 CVE-2018-10976 2345 CC Improper Input Validation vulnerability in 2345.Cc Security Guard 3.7

In 2345 Security Guard 3.7, the driver file (2345BdPcSafe.sys, X64 version) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCTL 0x00222050.

6.1
2018-05-10 CVE-2018-10975 2345 CC Improper Input Validation vulnerability in 2345.Cc Security Guard 3.7

In 2345 Security Guard 3.7, the driver file (2345BdPcSafe.sys, X64 version) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCTL 0x00222104.

6.1
2018-05-10 CVE-2018-10974 2345 CC Improper Input Validation vulnerability in 2345.Cc Security Guard 3.7

In 2345 Security Guard 3.7, the driver file (2345BdPcSafe.sys, X64 version) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCTL 0x00222100.

6.1
2018-05-10 CVE-2018-10955 2345 Security Guard Project Improper Input Validation vulnerability in 2345 Security Guard Project 2345 Security Guard 3.7.0

In 2345 Security Guard 3.7, the driver file (2345BdPcSafe.sys, X64 version) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCTL 0x00222548.

6.1
2018-05-10 CVE-2018-10954 2345 Security Guard Project Improper Input Validation vulnerability in 2345 Security Guard Project 2345 Security Guard 3.7.0

In 2345 Security Guard 3.7, the driver file (2345BdPcSafe.sys, X64 version) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCTL 0x00222550.

6.1
2018-05-10 CVE-2018-10953 2345 Security Guard Project Improper Input Validation vulnerability in 2345 Security Guard Project 2345 Security Guard 3.7.0

In 2345 Security Guard 3.7, the driver file (2345BdPcSafe.sys, X64 version) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCTL 0x0022204C.

6.1
2018-05-10 CVE-2018-10952 2345 Security Guard Project Improper Input Validation vulnerability in 2345 Security Guard Project 2345 Security Guard 3.7.0

In 2345 Security Guard 3.7, the driver file (2345BdPcSafe.sys, X64 version) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCTL 0x00222088.

6.1
2018-05-09 CVE-2018-10830 2345 Security Guard Project Improper Input Validation vulnerability in 2345 Security Guard Project 2345 Security Guard 3.7

In 2345 Security Guard 3.7, the driver file (2345BdPcSafe.sys, X64 version) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x002220e0.

6.1
2018-05-08 CVE-2018-10809 2345 Security Guard Project Improper Input Validation vulnerability in 2345 Security Guard Project 2345 Security Guard 3.7

In 2345 Security Guard 3.7, the driver file (2345NetFirewall.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x00222040.

6.1
2018-05-08 CVE-2018-10796 2345 Security Guard Project Improper Input Validation vulnerability in 2345 Security Guard Project 2345 Security Guard 3.7

In 2345 Security Guard 3.7, the driver file (2345NetFirewall.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x00222014.

6.1
2018-05-13 CVE-2018-10678 Mybb Open Redirect vulnerability in Mybb 1.8.15

MyBB 1.8.15, when accessed with Microsoft Edge, mishandles 'target="_blank" rel="noopener"' in A elements, which makes it easier for remote attackers to conduct redirection attacks.

5.8
2018-05-09 CVE-2018-8159 Microsoft Cross-Site Scripting vulnerability in Microsoft Exchange Server 2013/2016

An elevation of privilege vulnerability exists when Microsoft Exchange Outlook Web Access (OWA) fails to properly handle web requests, aka "Microsoft Exchange Elevation of Privilege Vulnerability." This affects Microsoft Exchange Server.

5.8
2018-05-09 CVE-2018-8153 Microsoft Authentication Bypass BY Spoofing vulnerability in Microsoft Exchange Server 2016

A spoofing vulnerability exists in Microsoft Exchange Server when Outlook Web Access (OWA) fails to properly handle web requests, aka "Microsoft Exchange Spoofing Vulnerability." This affects Microsoft Exchange Server.

5.8
2018-05-09 CVE-2018-8152 Microsoft Cross-Site Scripting vulnerability in Microsoft Exchange Server 2016

An elevation of privilege vulnerability exists when Microsoft Exchange Outlook Web Access (OWA) fails to properly handle web requests, aka "Microsoft Exchange Server Elevation of Privilege Vulnerability." This affects Microsoft Exchange Server.

5.8
2018-05-08 CVE-2018-1000174 Jenkins Open Redirect vulnerability in Jenkins Google Login

An open redirect vulnerability exists in Jenkins Google Login Plugin 1.3 and older in GoogleOAuth2SecurityRealm.java that allows attackers to redirect users to an arbitrary URL after successful login.

5.8
2018-05-08 CVE-2018-1248 RSA Open Redirect vulnerability in RSA Authentication Manager

RSA Authentication Manager Security Console, Operation Console and Self-Service Console, version 8.3 and earlier, is affected by a Host header injection vulnerability.

5.8
2018-05-08 CVE-2018-1247 RSA XXE vulnerability in RSA Authentication Manager

RSA Authentication Manager Security Console, version 8.3 and earlier, contains a XML External Entity (XXE) vulnerability.

5.8
2018-05-09 CVE-2018-2419 SAP Missing Authorization vulnerability in SAP Ea-Finserv, S4Core and Sapscore

SAP Enterprise Financial Services (SAPSCORE 1.11, 1.12; S4CORE 1.01, 1.02; EA-FINSERV 6.04, 6.05, 6.06, 6.16, 6.17, 6.18, 8.0) does not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges.

5.5
2018-05-09 CVE-2018-2416 SAP Improper Input Validation vulnerability in SAP Identity Management 7.2/8.0

SAP Identity Management 7.2 and 8.0 do not sufficiently validate an XML document accepted from an untrusted source.

5.5
2018-05-09 CVE-2018-0824 Microsoft Deserialization of Untrusted Data vulnerability in Microsoft products

A remote code execution vulnerability exists in "Microsoft COM for Windows" when it fails to properly handle serialized objects, aka "Microsoft COM for Windows Remote Code Execution Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers.

5.1
2018-05-11 CVE-2018-1280 Pivotal Software SQL Injection vulnerability in Pivotal Software Greenplum Command Center

Pivotal Greenplum Command Center versions 2.x prior to 2.5.1 contains a blind SQL injection vulnerability.

5.0
2018-05-11 CVE-2018-1259 Pivotal Software
Xmlbeam
XXE vulnerability in multiple products

Spring Data Commons, versions 1.13 prior to 1.13.12 and 2.0 prior to 2.0.7, used in combination with XMLBeam 1.4.14 or earlier versions, contains a property binder vulnerability caused by improper restriction of XML external entity references as underlying library XMLBeam does not restrict external reference expansion.

5.0
2018-05-11 CVE-2018-7248 Zohocorp Unspecified vulnerability in Zohocorp Manageengine Servicedesk Plus 9.3

An issue was discovered in Zoho ManageEngine ServiceDesk Plus 9.3 Build 9317.

5.0
2018-05-10 CVE-2018-10973 Koreashow Project Integer Overflow OR Wraparound vulnerability in Koreashow Project Koreashow

An integer overflow in the transferMulti function of a smart contract implementation for KoreaShow, an Ethereum ERC20 token, allows attackers to accomplish an unauthorized increase of digital assets via crafted _value parameters.

5.0
2018-05-10 CVE-2018-10706 Social Chain Integer Overflow OR Wraparound vulnerability in Social-Chain Social Chain

An integer overflow in the transferMulti function of a smart contract implementation for Social Chain (SCA), an Ethereum ERC20 token, allows attackers to accomplish an unauthorized increase of digital assets, aka the "multiOverflow" issue.

5.0
2018-05-10 CVE-2018-6246 Google Information Exposure vulnerability in Google Android

In Android before the 2018-05-05 security patch level, NVIDIA Widevine Trustlet contains a vulnerability in Widevine TA where the software reads data past the end, or before the beginning, of the intended buffer, which may lead to Information Disclosure.

5.0
2018-05-10 CVE-2018-10950 Synacor Information Exposure vulnerability in Synacor Zimbra Collaboration Suite

mailboxd in Zimbra Collaboration Suite 8.8 before 8.8.8; 8.7 before 8.7.11.Patch3; and 8.6 before 8.6.0.Patch10 allows Information Exposure through Verbose Error Messages containing a stack dump, tracing data, or full user-context dump.

5.0
2018-05-10 CVE-2018-10949 Synacor Information Exposure Through Discrepancy vulnerability in Synacor Zimbra Collaboration Suite

mailboxd in Zimbra Collaboration Suite 8.8 before 8.8.8; 8.7 before 8.7.11.Patch3; and 8.6 allows Account Enumeration by leveraging a Discrepancy between the "HTTP 404 - account is not active" and "HTTP 401 - must authenticate" errors.

5.0
2018-05-09 CVE-2018-2423 SAP Unspecified vulnerability in SAP Internet Graphics Server

SAP Internet Graphics Server (IGS), 7.20, 7.20EXT, 7.45, 7.49, 7.53, HTTP and RFC listener allows an attacker to prevent legitimate users from accessing a service, either by crashing or flooding the service.

5.0
2018-05-09 CVE-2018-2422 SAP Unspecified vulnerability in SAP Internet Graphics Server

SAP Internet Graphics Server (IGS) Portwatcher, 7.20, 7.20EXT, 7.45, 7.49, 7.53, allows an attacker to prevent legitimate users from accessing a service, either by crashing or flooding the service.

5.0
2018-05-09 CVE-2018-2421 SAP Unspecified vulnerability in SAP Internet Graphics Server

SAP Internet Graphics Server (IGS) Portwatcher, 7.20, 7.20EXT, 7.45, 7.49, 7.53, allows an attacker to prevent legitimate users from accessing a service, either by crashing or flooding the service.

5.0
2018-05-09 CVE-2018-2417 SAP Unspecified vulnerability in SAP Identity Management 8.0

Under certain conditions, the SAP Identity Management 8.0 (pass of type ToASCII) allows an attacker to access information which would otherwise be restricted.

5.0
2018-05-09 CVE-2018-0765 Microsoft XXE vulnerability in Microsoft .Net Core and .Net Framework

A denial of service vulnerability exists when .NET and .NET Core improperly process XML documents, aka ".NET and .NET Core Denial of Service Vulnerability." This affects Microsoft .NET Framework 2.0, Microsoft .NET Framework 3.0, Microsoft .NET Framework 4.7.1, Microsoft .NET Framework 4.6/4.6.1/4.6.2/4.7/4.7.1, Microsoft .NET Framework 4.5.2, Microsoft .NET Framework 4.7/4.7.1, Microsoft .NET Framework 4.6, Microsoft .NET Framework 3.5, Microsoft .NET Framework 3.5.1, Microsoft .NET Framework 4.6/4.6.1/4.6.2, Microsoft .NET Framework 4.6.2/4.7/4.7.1, .NET Core 2.0, Microsoft .NET Framework 4.7.2.

5.0
2018-05-09 CVE-2018-10770 Annigroup Information Exposure vulnerability in Annigroup 5 in 1 XVR Firmware

download.rsp on ShenZhen Anni "5 in 1 XVR" devices allows remote attackers to download the configuration (without a login) to discover the password.

5.0
2018-05-09 CVE-2017-18265 Prosody
Debian
Prosody before 0.10.0 allows remote attackers to cause a denial of service (application crash), related to an incompatibility with certain versions of the LuaSocket library, such as the lua-socket package from Debian stretch.
5.0
2018-05-09 CVE-2018-1089 Fedoraproject
Redhat
Debian
Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in multiple products

389-ds-base before versions 1.4.0.9, 1.3.8.1, 1.3.6.15 did not properly handle long search filters with characters needing escapes, possibly leading to buffer overflows.

5.0
2018-05-09 CVE-2018-10184 Haproxy
Redhat
Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in multiple products

An issue was discovered in HAProxy before 1.8.8.

5.0
2018-05-09 CVE-2018-10831 Zclassic USE of A Broken OR Risky Cryptographic Algorithm vulnerability in Zclassic Z-Nomp

Z-NOMP before 2018-04-05 has an incorrect Equihash solution verifier that allows attackers to spoof mining shares, as demonstrated by providing a solution with {x1=1,x2=1,x3=1,...,x512=1} to bypass this verifier for any blockheader.

5.0
2018-05-09 CVE-2018-10827 Litecart Resource Exhaustion vulnerability in Litecart

LiteCart before 2.1.2 allows remote attackers to cause a denial of service (memory consumption) via URIs that do not exist, because public_html/logs/not_found.log grows without bound, and is loaded into memory for each request.

5.0
2018-05-09 CVE-2018-10705 Auroradao Unspecified vulnerability in Auroradao Aura

The Owned smart contract implementation for Aurora DAO (AURA), an Ethereum ERC20 token, allows attackers to acquire contract ownership because the setOwner function is declared as public.

5.0
2018-05-08 CVE-2017-2594 Hawt Path Traversal vulnerability in Hawt Hawtio

hawtio before versions 2.0-beta-1, 2.0-beta-2 2.0-m1, 2.0-m2, 2.0-m3, and 1.5 is vulnerable to a path traversal that leads to a NullPointerException with a full stacktrace.

5.0
2018-05-08 CVE-2018-1000179 Quassel IRC
Debian
Null Pointer Dereference vulnerability in multiple products

A NULL Pointer Dereference of CWE-476 exists in quassel version 0.12.4 in the quasselcore void CoreAuthHandler::handle(const Login &msg) coreauthhandler.cpp line 235 that allows an attacker to cause a denial of service.

5.0
2018-05-08 CVE-2018-1000168 Nghttp2
Nodejs
Improper Input Validation vulnerability in multiple products

nghttp2 version >= 1.10.0 and nghttp2 <= v1.31.0 contains an Improper Input Validation CWE-20 vulnerability in ALTSVC frame handling that can result in segmentation fault leading to denial of service.

5.0
2018-05-08 CVE-2018-10734 Kongtop Information Exposure vulnerability in Kongtop products

KONGTOP DVR devices A303, A403, D303, D305, and D403 contain a backdoor that prints the login password via a Print_Password function call in certain circumstances.

5.0
2018-05-10 CVE-2018-10981 Debian
XEN
Infinite Loop vulnerability in multiple products

An issue was discovered in Xen through 4.10.x allowing x86 HVM guest OS users to cause a denial of service (host OS infinite loop) in situations where a QEMU device model attempts to make invalid transitions between states of a request.

4.9
2018-05-10 CVE-2018-1130 Linux
Debian
Canonical
Redhat
Null Pointer Dereference vulnerability in Linux Kernel

Linux kernel before version 4.16-rc7 is vulnerable to a null pointer dereference in dccp_write_xmit() function in net/dccp/output.c in that allows a local user to cause a denial of service by a number of certain crafted system calls.

4.9
2018-05-10 CVE-2018-8060 Hwinfo Null Pointer Dereference vulnerability in Hwinfo Amd64 Kernel Driver

HWiNFO AMD64 Kernel driver version 8.98 and lower allows an unprivileged user to send an IOCTL to the device driver.

4.9
2018-05-09 CVE-2018-10940 Linux
Debian
Buffer Errors vulnerability in Linux Kernel

The cdrom_ioctl_media_changed function in drivers/cdrom/cdrom.c in the Linux kernel before 4.16.6 allows local attackers to use a incorrect bounds check in the CDROM driver CDROM_MEDIA_CHANGED ioctl to read out kernel memory.

4.9
2018-05-10 CVE-2018-3649 Intel Uncontrolled Search Path Element vulnerability in Intel products

DLL injection vulnerability in the installation executables (Autorun.exe and Setup.exe) for Intel's wireless drivers and related software in Intel Dual Band Wireless-AC, Tri-Band Wireless-AC and Wireless-AC family of products allows a local attacker to cause escalation of privilege via remote code execution.

4.6
2018-05-09 CVE-2018-8132 Microsoft Unspecified vulnerability in Microsoft Windows 10 and Windows Server 2016

A security feature bypass vulnerability exists in Windows which could allow an attacker to bypass Device Guard, aka "Windows Security Feature Bypass Vulnerability." This affects Windows Server 2016, Windows 10, Windows 10 Servers.

4.6
2018-05-09 CVE-2018-8129 Microsoft Unspecified vulnerability in Microsoft Windows 10 and Windows Server 2016

A security feature bypass vulnerability exists in Windows which could allow an attacker to bypass Device Guard, aka "Windows Security Feature Bypass Vulnerability." This affects Windows Server 2016, Windows 10, Windows 10 Servers.

4.6
2018-05-09 CVE-2018-1039 Microsoft Unspecified vulnerability in Microsoft .Net Framework

A security feature bypass vulnerability exists in .Net Framework which could allow an attacker to bypass Device Guard, aka ".NET Framework Device Guard Security Feature Bypass Vulnerability." This affects Microsoft .NET Framework 4.7.1, Microsoft .NET Framework 4.6, Microsoft .NET Framework 3.5, Microsoft .NET Framework 4.7/4.7.1, Microsoft .NET Framework 3.0, Microsoft .NET Framework 3.5.1, Microsoft .NET Framework 4.5.2, Microsoft .NET Framework 4.6.2/4.7/4.7.1, Microsoft .NET Framework 4.6/4.6.1/4.6.2/4.7/4.7.1, Microsoft .NET Framework 2.0, Microsoft .NET Framework 4.6/4.6.1/4.6.2.

4.6
2018-05-09 CVE-2018-0958 Microsoft Unspecified vulnerability in Microsoft Windows 10 and Windows Server 2016

A security feature bypass vulnerability exists in Windows which could allow an attacker to bypass Device Guard, aka "Windows Security Feature Bypass Vulnerability." This affects Windows Server 2016, Windows 10, Windows 10 Servers.

4.6
2018-05-09 CVE-2018-0854 Microsoft Unspecified vulnerability in Microsoft Windows 10 and Windows Server 2016

A security feature bypass vulnerability exists in Windows Scripting Host which could allow an attacker to bypass Device Guard, aka "Windows Security Feature Bypass Vulnerability." This affects Windows Server 2016, Windows 10, Windows 10 Servers.

4.6
2018-05-09 CVE-2018-8170 Microsoft Improper Resource Shutdown OR Release vulnerability in Microsoft Windows 10 and Windows Server 2016

An elevation of privilege vulnerability exists in the way that the Windows kernel image handles objects in memory, aka "Windows Image Elevation of Privilege Vulnerability." This affects Windows 10, Windows 10 Servers.

4.4
2018-05-09 CVE-2018-8167 Microsoft Improper Resource Shutdown OR Release vulnerability in Microsoft products

An elevation of privilege vulnerability exists when the Windows Common Log File System (CLFS) driver improperly handles objects in memory, aka "Windows Common Log File System Driver Elevation of Privilege Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers.

4.4
2018-05-12 CVE-2018-11012 Halo Cross-Site Scripting vulnerability in Halo 0.0.2

ruibaby Halo 0.0.2 has stored XSS via the loginName and loginPwd parameters in a failed login attempt to AdminController.java.

4.3
2018-05-12 CVE-2018-11011 Halo Cross-Site Scripting vulnerability in Halo 0.0.2

ruibaby Halo 0.0.2 has stored XSS via the commentAuthor field to FrontCommentController.java.

4.3
2018-05-12 CVE-2018-11003 Yxcms Cross-Site Request Forgery (CSRF) vulnerability in Yxcms 1.4.7

An issue was discovered in YXcms 1.4.7.

4.3
2018-05-12 CVE-2018-10999 Exiv2
Debian
Canonical
Out-Of-Bounds Read vulnerability in multiple products

An issue was discovered in Exiv2 0.26.

4.3
2018-05-12 CVE-2018-10998 Exiv2
Canonical
Debian
An issue was discovered in Exiv2 0.26.
4.3
2018-05-11 CVE-2018-6362 Ehcp Cross-Site Scripting vulnerability in Ehcp Easy Hosting Control Panel 0.37.12.B

Easy Hosting Control Panel (EHCP) v0.37.12.b has XSS via the domainop action parameter, as demonstrated by reading the PHPSESSID cookie.

4.3
2018-05-11 CVE-2018-6361 Ehcp Cross-Site Scripting vulnerability in Ehcp Easy Hosting Control Panel 0.37.12.B

Easy Hosting Control Panel (EHCP) v0.37.12.b has XSS via the op parameter, as demonstrated by adding a backdoor FTP account.

4.3
2018-05-11 CVE-2018-5304 Impinj Open Redirect vulnerability in Impinj R420 Rfid Reader Firmware

An issue was discovered on the Impinj Speedway Connect R420 RFID Reader before 2.2.2.

4.3
2018-05-11 CVE-2018-10832 Modbuspal Project XXE vulnerability in Modbuspal Project Modbuspal 1.6

ModbusPal 1.6b is vulnerable to an XML External Entity (XXE) attack.

4.3
2018-05-11 CVE-2018-1278 Pivotal Software Incorrect Authorization vulnerability in Pivotal Software Pivotal Application Service

Apps Manager included in Pivotal Application Service, versions 1.12.x prior to 1.12.22, 2.0.x prior to 2.0.13, and 2.1.x prior to 2.1.4 contains an authorization enforcement vulnerability.

4.3
2018-05-11 CVE-2016-8627 Redhat Resource Exhaustion vulnerability in Redhat Jboss Enterprise Application Platform and Keycloak

admin-cli before versions 3.0.0.alpha25, 2.2.1.cr2 is vulnerable to an EAP feature to download server log files that allows logs to be available via GET requests making them vulnerable to cross-origin attacks.

4.3
2018-05-10 CVE-2018-10971 Flif Allocation of Resources Without Limits OR Throttling vulnerability in Flif 0.3

An issue was discovered in Free Lossless Image Format (FLIF) 0.3.

4.3
2018-05-10 CVE-2017-18267 Freedesktop
Canonical
Redhat
Debian
Infinite Loop vulnerability in multiple products

The FoFiType1C::cvtGlyph function in fofi/FoFiType1C.cc in Poppler through 0.64.0 allows remote attackers to cause a denial of service (infinite recursion) via a crafted PDF file, as demonstrated by pdftops.

4.3
2018-05-10 CVE-2018-9849 Pulsesecure Unspecified vulnerability in Pulsesecure Pulse Connect Secure

Pulse Secure Pulse Connect Secure 8.1.x before 8.1R14, 8.2.x before 8.2R11, and 8.3.x before 8.3R5 do not properly process nested XML entities, which allows remote attackers to cause a denial of service (memory consumption and memory errors) via a crafted XML document.

4.3
2018-05-10 CVE-2018-10803 Zohocorp Cross-Site Request Forgery (CSRF) vulnerability in Zohocorp Manageengine Netflow Analyzer

Cross-site scripting (XSS) vulnerability in the add credentials functionality in Zoho ManageEngine NetFlow Analyzer v12.3 before 12.3.125 (build 123125) allows remote attackers to inject arbitrary web script or HTML via a crafted description value.

4.3
2018-05-10 CVE-2018-10963 Libtiff
Debian
Canonical
Reachable Assertion vulnerability in multiple products

The TIFFWriteDirectorySec() function in tif_dirwrite.c in LibTIFF through 4.0.9 allows remote attackers to cause a denial of service (assertion failure and application crash) via a crafted file, a different vulnerability than CVE-2017-13726.

4.3
2018-05-10 CVE-2018-10958 Exiv2
Debian
Canonical
Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in multiple products

In types.cpp in Exiv2 0.26, a large size value may lead to a SIGABRT during an attempt at memory allocation for an Exiv2::Internal::PngChunk::zlibUncompress call.

4.3
2018-05-09 CVE-2018-2415 SAP Encoding Error vulnerability in SAP products

SAP NetWeaver Application Server Java Web Container and HTTP Service (Engine API, from 7.10 to 7.11, 7.30, 7.31, 7.40, 7.50; J2EE Engine Server Core 7.11, 7.30, 7.31, 7.40, 7.50) do not sufficiently encode user controlled inputs, resulting in a content spoofing vulnerability when error pages are displayed.

4.3
2018-05-09 CVE-2018-8163 Microsoft Information Exposure vulnerability in Microsoft Excel and Office

An information disclosure vulnerability exists when Microsoft Excel improperly discloses the contents of its memory, aka "Microsoft Excel Information Disclosure Vulnerability." This affects Microsoft Office, Microsoft Excel.

4.3
2018-05-09 CVE-2018-8160 Microsoft Information Exposure vulnerability in Microsoft products

An information disclosure vulnerability exists in Outlook when a message is opened, aka "Microsoft Outlook Information Disclosure Vulnerability." This affects Word, Microsoft Office.

4.3
2018-05-09 CVE-2018-8151 Microsoft Buffer Errors vulnerability in Microsoft Exchange Server 2010/2013/2016

An information disclosure vulnerability exists when Microsoft Exchange improperly handles objects in memory, aka "Microsoft Exchange Memory Corruption Vulnerability." This affects Microsoft Exchange Server.

4.3
2018-05-09 CVE-2018-8150 Microsoft Unspecified vulnerability in Microsoft Office 2016

A security feature bypass vulnerability exists when the Microsoft Outlook attachment block filter does not properly handle attachments, aka "Microsoft Outlook Security Feature Bypass Vulnerability." This affects Microsoft Office.

4.3
2018-05-09 CVE-2018-8123 Microsoft Information Exposure vulnerability in Microsoft Edge

An information disclosure vulnerability exists when Microsoft Edge improperly handles objects in memory, aka "Microsoft Edge Information Disclosure Vulnerability." This affects Microsoft Edge.

4.3
2018-05-09 CVE-2018-8112 Microsoft Origin Validation Error vulnerability in Microsoft Edge

A security feature bypass vulnerability exists when Microsoft Edge improperly handles requests of different origins, aka "Microsoft Edge Security Feature Bypass Vulnerability." This affects Microsoft Edge.

4.3
2018-05-09 CVE-2018-1025 Microsoft Unspecified vulnerability in Microsoft Edge and Internet Explorer

An information disclosure vulnerability exists when affected Microsoft browsers improperly handle objects in memory, aka "Microsoft Browser Information Disclosure Vulnerability." This affects Internet Explorer 11, Microsoft Edge.

4.3
2018-05-09 CVE-2018-1021 Microsoft Unspecified vulnerability in Microsoft Edge

An information disclosure vulnerability exists when Microsoft Edge improperly handles objects in memory, aka "Microsoft Edge Information Disclosure Vulnerability." This affects Microsoft Edge.

4.3
2018-05-09 CVE-2018-10817 Severalnines Cross-Site Scripting vulnerability in Severalnines Clustercontrol 1.6.04699

Severalnines ClusterControl before 1.6.0-4699 allows XSS.

4.3
2018-05-08 CVE-2018-1000173 Jenkins Session Fixation vulnerability in Jenkins Google Login

A session fixaction vulnerability exists in Jenkins Google Login Plugin 1.3 and older in GoogleOAuth2SecurityRealm.java that allows unauthorized attackers to impersonate another user if they can control the pre-authentication session.

4.3
2018-05-08 CVE-2018-10805 Imagemagick
Canonical
Missing Release of Resource After Effective Lifetime vulnerability in multiple products

ImageMagick version 7.0.7-28 contains a memory leak in ReadYCBCRImage in coders/ycbcr.c.

4.3
2018-05-08 CVE-2018-10804 Imagemagick
Canonical
Missing Release of Resource After Effective Lifetime vulnerability in multiple products

ImageMagick version 7.0.7-28 contains a memory leak in WriteTIFFImage in coders/tiff.c.

4.3
2018-05-08 CVE-2018-10801 Libtiff Missing Release of Resource After Effective Lifetime vulnerability in Libtiff 3.8.2

TIFFClientOpen in tif_unix.c in LibTIFF 3.8.2 has memory leaks, as demonstrated by bmp2tiff.

4.3
2018-05-08 CVE-2018-10799 Brave Improper Input Validation vulnerability in Brave

A hang issue was discovered in Brave before 0.14.0 (on, for example, Linux).

4.3
2018-05-08 CVE-2018-10798 Brave Improper Input Validation vulnerability in Brave

A hang issue was discovered in Brave before 0.14.0 (on, for example, Linux).

4.3
2018-05-07 CVE-2018-10780 Exiv2 Out-Of-Bounds Read vulnerability in Exiv2 0.26

Exiv2::Image::byteSwap2 in image.cpp in Exiv2 0.26 has a heap-based buffer over-read.

4.3
2018-05-07 CVE-2018-10779 Libtiff
Canonical
Out-Of-Bounds Read vulnerability in multiple products

TIFFWriteScanline in tif_write.c in LibTIFF 3.8.2 has a heap-based buffer over-read, as demonstrated by bmp2tiff.

4.3
2018-05-07 CVE-2018-10775 Bibutils Project Null Pointer Dereference vulnerability in Bibutils Project Bibutils

NULL pointer dereference in the _fields_add function in fields.c in libbibcore.a in bibutils through 6.2 allows remote attackers to cause a denial of service (application crash), as demonstrated by end2xml.

4.3
2018-05-07 CVE-2018-10774 Bibutils Project Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Bibutils Project Bibutils

Read access violation in the isiin_keyword function in isiin.c in libbibutils.a in bibutils through 6.2 allows remote attackers to cause a denial of service (application crash), as demonstrated by isi2xml.

4.3
2018-05-07 CVE-2018-10773 Bibutils Project Null Pointer Dereference vulnerability in Bibutils Project Bibutils

NULL pointer deference in the addsn function in serialno.c in libbibcore.a in bibutils through 6.2 allows remote attackers to cause a denial of service (application crash), as demonstrated by copac2xml.

4.3
2018-05-07 CVE-2018-10772 Exiv2 Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Exiv2

The tEXtToDataBuf function in pngimage.cpp in Exiv2 through 0.26 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted file.

4.3
2018-05-11 CVE-2018-1261 Pivotal Software Path Traversal vulnerability in Pivotal Software Spring Integration ZIP

Spring-integration-zip versions prior to 1.0.1 exposes an arbitrary file write vulnerability, which can be achieved using a specially crafted zip archive (affects other archives as well, bzip2, tar, xz, war, cpio, 7z) that holds path traversal filenames.

4.0
2018-05-11 CVE-2018-1257 Pivotal Software
Redhat
Oracle
Spring Framework, versions 5.0.x prior to 5.0.6, versions 4.3.x prior to 4.3.17, and older unsupported versions allows applications to expose STOMP over WebSocket endpoints with a simple, in-memory STOMP broker through the spring-messaging module.
4.0
2018-05-10 CVE-2018-10951 Zimbra
Synacor
Unspecified vulnerability in Zimbra Collaboration Suite

mailboxd in Zimbra Collaboration Suite 8.8 before 8.8.8; 8.7 before 8.7.11.Patch3; and 8.6 before 8.6.0.Patch10 allows zimbraSSLPrivateKey read access via a GetServer, GetAllServers, or GetAllActiveServers call in the Admin SOAP API.

4.0
2018-05-08 CVE-2017-2606 Jenkins Information Exposure vulnerability in Jenkins

Jenkins before versions 2.44, 2.32.2 is vulnerable to an information exposure in the internal API that allows access to item names that should not be visible (SECURITY-380).

4.0
2018-05-08 CVE-2017-2611 Jenkins
Redhat
Incorrect Authorization vulnerability in multiple products

Jenkins before versions 2.44, 2.32.2 is vulnerable to an insufficient permission check for periodic processes (SECURITY-389).

4.0
2018-05-08 CVE-2018-1000176 Jenkins Information Exposure vulnerability in Jenkins Email Extension

An exposure of sensitive information vulnerability exists in Jenkins Email Extension Plugin 2.61 and older in src/main/resources/hudson/plugins/emailext/ExtendedEmailPublisher/global.groovy and ExtendedEmailPublisherDescriptor.java that allows attackers with control of a Jenkins administrator's web browser (e.g.

4.0
2018-05-08 CVE-2018-1000175 Jenkins Path Traversal vulnerability in Jenkins Html Publisher

A path traversal vulnerability exists in Jenkins HTML Publisher Plugin 1.15 and older in HtmlPublisherTarget.java that allows attackers able to configure the HTML Publisher build step to override arbitrary files on the Jenkins master.

4.0

35 Low Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2018-05-10 CVE-2018-8061 Hwinfo Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Hwinfo Amd64 Kernel Driver

HWiNFO AMD64 Kernel driver version 8.98 and lower allows an unprivileged user to send IOCTL 0x85FE2608 to the device driver with the HWiNFO32 symbolic device name, resulting in direct physical memory read or write.

3.6
2018-05-11 CVE-2018-5303 Impinj Cross-Site Scripting vulnerability in Impinj R420 Rfid Reader Firmware

An issue was discovered on the Impinj Speedway Connect R420 RFID Reader before 2.2.2.

3.5
2018-05-11 CVE-2018-10580 Latest Posts ON Profile Project Cross-Site Scripting vulnerability in Latest Posts ON Profile Project Latest Posts ON Profile 1.1

The "Latest Posts on Profile" plugin 1.1 for MyBB has XSS because there is an added section in a user profile that displays that user's most recent posts without sanitizing the tsubject (aka thread subject) field.

3.5
2018-05-10 CVE-2018-8915 Synology Cross-Site Scripting vulnerability in Synology Calendar

Cross-site scripting (XSS) vulnerability in Notification Center in Synology Calendar before 2.1.1-0502 allows remote authenticated users to inject arbitrary web script or HTML via title parameter.

3.5
2018-05-10 CVE-2018-8910 Synology Cross-Site Scripting vulnerability in Synology Drive 1.0.010240

Cross-site scripting (XSS) vulnerability in Attachment Preview in Synology Drive before 1.0.1-10253 allows remote authenticated users to inject arbitrary web script or HTML via malicious attachments.

3.5
2018-05-10 CVE-2017-2601 Jenkins Cross-Site Scripting vulnerability in Jenkins

Jenkins before versions 2.44, 2.32.2 is vulnerable to a persisted cross-site scripting in parameter names and descriptions (SECURITY-353).

3.5
2018-05-10 CVE-2018-9111 Foxconn Cross-Site Scripting vulnerability in Foxconn Ap-Fc4064-T Firmware Apgtb385.8.3Lb15W47Lte

Cross Site Scripting (XSS) exists on the Foxconn FEMTO AP-FC4064-T AP_GT_B38_5.8.3lb15-W47 LTE Build 15 via the configuration of a user account.

3.5
2018-05-10 CVE-2018-10314 Opmantek Cross-Site Scripting vulnerability in Opmantek Open-Audit 2.2.0

Cross-site scripting (XSS) vulnerability in Open-AudIT Community 2.2.0 allows remote attackers to inject arbitrary web script or HTML via a crafted name of a component, as demonstrated by the action parameter in the Discover -> Audit Scripts -> List Scripts -> Download section.

3.5
2018-05-09 CVE-2018-8168 Microsoft Cross-Site Scripting vulnerability in Microsoft Sharepoint Server 2010/2013

An elevation of privilege vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka "Microsoft SharePoint Elevation of Privilege Vulnerability." This affects Microsoft SharePoint Server, Microsoft SharePoint.

3.5
2018-05-09 CVE-2018-8156 Microsoft Cross-Site Scripting vulnerability in Microsoft Project Server and Sharepoint Server

An elevation of privilege vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka "Microsoft SharePoint Elevation of Privilege Vulnerability." This affects Microsoft SharePoint, Microsoft Project Server.

3.5
2018-05-09 CVE-2018-8155 Microsoft Cross-Site Scripting vulnerability in Microsoft Sharepoint Foundation and Sharepoint Server

An elevation of privilege vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka "Microsoft SharePoint Elevation of Privilege Vulnerability." This affects Microsoft SharePoint.

3.5
2018-05-09 CVE-2018-8149 Microsoft Cross-Site Scripting vulnerability in Microsoft Sharepoint Server 2010/2013/2016

An elevation of privilege vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka "Microsoft SharePoint Elevation of Privilege Vulnerability." This affects Microsoft SharePoint Server, Microsoft SharePoint.

3.5
2018-05-09 CVE-2018-8912 Synology Cross-Site Scripting vulnerability in Synology Note Station

Cross-site scripting (XSS) vulnerability in SYNO.NoteStation.Note in Synology Note Station before 2.5.1-0844 allows remote authenticated users to inject arbitrary web script or HTML via the commit_msg parameter.

3.5
2018-05-09 CVE-2018-8911 Synology Cross-Site Scripting vulnerability in Synology Note Station

Cross-site scripting (XSS) vulnerability in Attachment Preview in Synology Note Station before 2.5.1-0844 allows remote authenticated users to inject arbitrary web script or HTML via malicious attachments.

3.5
2018-05-08 CVE-2018-6511 Puppetlabs Cross-Site Scripting vulnerability in Puppetlabs Puppet

A cross-site scripting vulnerability in Puppet Enterprise Console of Puppet Enterprise allows a user to inject scripts into the Puppet Enterprise Console when using the Puppet Enterprise Console.

3.5
2018-05-08 CVE-2018-6510 Puppetlabs Cross-Site Scripting vulnerability in Puppetlabs Puppet

A cross-site scripting vulnerability in Puppet Enterprise Console of Puppet Enterprise allows a user to inject scripts into the Puppet Enterprise Console when using the Orchestrator.

3.5
2018-05-08 CVE-2018-1000177 Jenkins Cross-Site Scripting vulnerability in Jenkins S3 Publisher

A cross-site scripting vulnerability exists in Jenkins S3 Plugin 0.10.12 and older in src/main/resources/hudson/plugins/s3/S3ArtifactsProjectAction/jobMain.jelly that allows attackers able to control file names of uploaded files to define file names containing JavaScript that would be executed in another user's browser when that user performs some UI actions.

3.5
2018-05-08 CVE-2018-10806 Frogcms Project Cross-Site Request Forgery (CSRF) vulnerability in Frogcms Project Frogcms 0.9.5

An issue was discovered in Frog CMS 0.9.5.

3.5
2018-05-07 CVE-2018-1413 IBM
Netapp
Cross-Site Scripting vulnerability in multiple products

IBM Cognos Analytics 11.0 is vulnerable to cross-site scripting.

3.5
2018-05-07 CVE-2018-1313 Apache
Oracle
In Apache Derby 10.3.1.4 to 10.14.1.0, a specially-crafted network packet can be used to request the Derby Network Server to boot a database whose location and contents are under the user's control.
3.5
2018-05-09 CVE-2018-8860 Vecna Information Exposure vulnerability in Vecna VGO Firmware

In Vecna VGo Robot versions prior to 3.0.3.52164, an attacker may be able to capture firmware updates through the adjacent network.

3.3
2018-05-11 CVE-2018-6619 Ehcp USE of A Broken OR Risky Cryptographic Algorithm vulnerability in Ehcp Easy Hosting Control Panel 0.37.12.B

Easy Hosting Control Panel (EHCP) v0.37.12.b makes it easier for attackers to crack database passwords by leveraging use of a weak hashing algorithm without a salt.

2.1
2018-05-11 CVE-2018-6618 Ehcp Insufficiently Protected Credentials vulnerability in Ehcp Easy Hosting Control Panel 0.37.12.B

Easy Hosting Control Panel (EHCP) v0.37.12.b allows attackers to obtain sensitive information by leveraging cleartext password storage.

2.1
2018-05-11 CVE-2018-6617 Ehcp Improper Authentication vulnerability in Ehcp Easy Hosting Control Panel 0.37.12.B

Easy Hosting Control Panel (EHCP) v0.37.12.b, when using a local MySQL server, allows attackers to change passwords of arbitrary database users by leveraging failure to ask for the current password.

2.1
2018-05-10 CVE-2018-1118 Linux
Debian
Canonical
Redhat
Information Exposure vulnerability in Linux Kernel

Linux kernel vhost since version 4.8 does not properly initialize memory in messages passed between virtual guests and the host operating system in the vhost/vhost.c:vhost_new_msg() function.

2.1
2018-05-10 CVE-2018-6254 Google Information Exposure vulnerability in Google Android

In Android before the 2018-05-05 security patch level, NVIDIA Media Server contains an out-of-bounds read (due to improper input validation) vulnerability which could lead to local information disclosure.

2.1
2018-05-10 CVE-2018-10962 2345 Security Guard Project Unspecified vulnerability in 2345 Security Guard Project 2345 Security Guard 3.7.0

An issue was discovered in Shanghai 2345 Security Guard 3.7.0.

2.1
2018-05-09 CVE-2018-8127 Microsoft Information Exposure vulnerability in Microsoft products

An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory, aka "Windows Kernel Information Disclosure Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers.

2.1
2018-05-09 CVE-2018-10828 Alps Improper Input Validation vulnerability in Alps Pointing-Device Driver 10.1.101.207

An issue was discovered in Alps Pointing-device Driver 10.1.101.207.

2.1
2018-05-08 CVE-2018-6921 Freebsd Information Exposure vulnerability in Freebsd 11.0

In FreeBSD before 11.1-STABLE(r332066) and 11.1-RELEASE-p10, due to insufficient initialization of memory copied to userland in the network subsystem, small amounts of kernel memory may be disclosed to userland processes.

2.1
2018-05-08 CVE-2018-6920 Freebsd Information Exposure vulnerability in Freebsd

In FreeBSD before 11.1-STABLE(r332303), 11.1-RELEASE-p10, 10.4-STABLE(r332321), and 10.4-RELEASE-p9, due to insufficient initialization of memory copied to userland in the Linux subsystem and Atheros wireless driver, small amounts of kernel memory may be disclosed to userland processes.

2.1
2018-05-08 CVE-2017-2592 Openstack
Canonical
Information Exposure Through LOG Files vulnerability in multiple products

python-oslo-middleware before versions 3.8.1, 3.19.1, 3.23.1 is vulnerable to an information disclosure.

2.1
2018-05-11 CVE-2009-5152 Absolute Race Condition vulnerability in Absolute Computrace Agent

Absolute Computrace Agent, as distributed on certain Dell Inspiron systems through 2009, has a race condition with the Dell Client Configuration Utility (DCCU), which allows privileged local users to change Computrace Agent's activation/deactivation status to the factory default via a crafted TaskResult.xml file.

1.9
2018-05-09 CVE-2018-8141 Microsoft Information Exposure vulnerability in Microsoft Windows 10 and Windows Server 2016

An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory, aka "Windows Kernel Information Disclosure Vulnerability." This affects Windows 10, Windows 10 Servers.

1.9
2018-05-08 CVE-2018-10812 Bitpie Cleartext Storage of Sensitive Information vulnerability in Bitpie Bitcoin Wallet

The Bitpie application through 3.2.4 for Android and iOS uses cleartext storage for digital currency initial keys, which allows local users to steal currency by leveraging root access to read /com.biepie/shared_prefs/com.bitpie_preferences.xml (on Android) or a plist file in the app data folder (on iOS).

1.9