Weekly Vulnerabilities Reports > May 21 to 27, 2018
Overview
226 new vulnerabilities reported during this period, including 10 critical vulnerabilities and 50 high severity vulnerabilities. This weekly summary report vulnerabilities in 501 products from 99 vendors including Debian, Microsoft, Linux, Canonical, and IBM. Vulnerabilities are notably categorized as "Cross-site Scripting", "Out-of-bounds Read", "SQL Injection", "Improper Restriction of Operations within the Bounds of a Memory Buffer", and "Information Exposure".
- 179 reported vulnerabilities are remotely exploitables.
- 23 reported vulnerabilities have public exploit available.
- 75 reported vulnerabilities are related to weaknesses in OWASP Top Ten.
- 169 reported vulnerabilities are exploitable by an anonymous user.
- Debian has the most reported vulnerabilities, with 25 reported vulnerabilities.
- Trendmicro has the most reported critical vulnerabilities, with 5 reported vulnerabilities.
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
EXPLOITABLE
EXPLOITABLE
AVAILABLE
ANONYMOUSLY
WEB APPLICATION
Vulnerability Details
The following table list reported vulnerabilities for the period covered by this report:
10 Critical Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2018-05-25 | CVE-2018-9091 | Kemptechnologies | Unspecified vulnerability in Kemptechnologies Loadmaster Operating System A critical vulnerability in the KEMP LoadMaster Operating System (LMOS) 6.0.44 through 7.2.41.2 and Long Term Support (LTS) LMOS before 7.1.35.5 related to Session Management could allow an unauthenticated, remote attacker to bypass security protections, gain system privileges, and execute elevated commands such as ls, ps, cat, etc., thereby compromising the system. | 10.0 |
2018-05-24 | CVE-2018-8013 | Apache Debian Canonical Oracle | Deserialization of Untrusted Data vulnerability in multiple products In Apache Batik 1.x before 1.10, when deserializing subclass of `AbstractDocument`, the class takes a string from the inputStream as the class name which then use it to call the no-arg constructor of the class. | 9.8 |
2018-05-23 | CVE-2018-8898 | Dlink | Improper Authentication vulnerability in Dlink Dsl-3782 Firmware 3.10.0.24 A flaw in the authentication mechanism in the Login Panel of router D-Link DSL-3782 (A1_WI_20170303 || SWVer="V100R001B012" FWVer="3.10.0.24" FirmVer="TT_77616E6771696F6E67") allows unauthenticated attackers to perform arbitrary modification (read, write) to passwords and configurations meanwhile an administrator is logged into the web panel. | 9.8 |
2018-05-23 | CVE-2018-8176 | Microsoft | Improper Input Validation vulnerability in Microsoft Office for mac 2016 A remote code execution vulnerability exists in Microsoft PowerPoint software when the software fails to properly validate XML content, aka "Microsoft PowerPoint Remote Code Execution Vulnerability." This affects Microsoft Office. | 9.3 |
2018-05-25 | CVE-2018-10350 | Trendmicro Linux | SQL Injection vulnerability in Trendmicro Smart Protection Server A SQL injection remote code execution vulnerability in Trend Micro Smart Protection Server (Standalone) 3.x could allow a remote attacker to execute arbitrary code on vulnerable installations due to a flaw within the handling of parameters provided to wcs\_bwlists\_handler.php. | 9.0 |
2018-05-23 | CVE-2018-10357 | Trendmicro | Path Traversal vulnerability in Trendmicro Endpoint Application Control 2.0 A directory traversal vulnerability in Trend Micro Endpoint Application Control 2.0 could allow a remote attacker to execute arbitrary code on vulnerable installations due to a flaw in the FileDrop servlet. | 9.0 |
2018-05-23 | CVE-2018-10356 | Trendmicro | SQL Injection vulnerability in Trendmicro Email Encryption Gateway 5.5 A SQL injection remote code execution vulnerability in Trend Micro Email Encryption Gateway 5.5 could allow an attacker to execute arbitrary SQL statements on vulnerable installations due to a flaw in the formRequestDomains class. | 9.0 |
2018-05-23 | CVE-2018-10354 | Trendmicro | OS Command Injection vulnerability in Trendmicro Email Encryption Gateway 5.5 A command injection remote command execution vulnerability in Trend Micro Email Encryption Gateway 5.5 could allow a remote attacker to execute arbitrary code on vulnerable installations due to a flaw in the LauncherServer. | 9.0 |
2018-05-23 | CVE-2018-10351 | Trendmicro | SQL Injection vulnerability in Trendmicro Email Encryption Gateway 5.5 A vulnerability in Trend Micro Email Encryption Gateway 5.5 could allow a remote attacker to execute arbitrary SQL statements on vulnerable installations due to a flaw in the formRegistration2 class. | 9.0 |
2018-05-22 | CVE-2018-11340 | Asustor | Unrestricted Upload of File with Dangerous Type vulnerability in Asustor As6202T Firmware An unrestricted file upload vulnerability in importuser.cgi in ASUSTOR AS6202T ADM 3.1.0.RFQ3 allows attackers to upload supplied data to a specified filename. | 9.0 |
50 High Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2018-05-26 | CVE-2018-11490 | Sam2P Project Giflib Project Debian Canonical | Improper Validation of Array Index vulnerability in multiple products The DGifDecompressLine function in dgif_lib.c in GIFLIB (possibly version 3.0.x), as later shipped in cgif.c in sam2p 0.49.4, has a heap-based buffer overflow because a certain "Private->RunningCode - 2" array index is not checked. | 8.8 |
2018-05-26 | CVE-2018-11489 | Sam2P Project Giflib Project | Improper Validation of Array Index vulnerability in multiple products The DGifDecompressLine function in dgif_lib.c in GIFLIB (possibly version 3.0.x), as later shipped in cgif.c in sam2p 0.49.4, has a heap-based buffer overflow because a certain CrntCode array index is not checked. | 8.8 |
2018-05-25 | CVE-2018-6664 | Mcafee | Improper Verification of Cryptographic Signature vulnerability in Mcafee Data Loss Prevention Endpoint Application Protections Bypass vulnerability in Microsoft Windows in McAfee Data Loss Prevention (DLP) Endpoint before 10.0.500 and DLP Endpoint before 11.0.400 allows authenticated users to bypass the product block action via a command-line utility. | 8.8 |
2018-05-22 | CVE-2018-6493 | HP | SQL Injection vulnerability in HP products SQL Injection in HP Network Operations Management Ultimate, version 2017.07, 2017.11, 2018.02 and in Network Automation, version 10.00, 10.10, 10.11, 10.20, 10.30, 10.40, 10.50. | 8.8 |
2018-05-25 | CVE-2018-6237 | Trendmicro Linux | Resource Exhaustion vulnerability in Trendmicro Smart Protection Server A vulnerability in Trend Micro Smart Protection Server (Standalone) 3.x could allow an unauthenticated remote attacker to manipulate the product to send a large number of specially crafted HTTP requests to potentially cause the file system to fill up, eventually causing a denial of service (DoS) situation. | 7.8 |
2018-05-24 | CVE-2018-1000039 | Artifex | Use After Free vulnerability in Artifex Mupdf In Artifex MuPDF 1.12.0 and earlier, multiple heap use after free bugs in the PDF parser could allow an attacker to execute arbitrary code, read memory, or cause a denial of service via a crafted file. | 7.8 |
2018-05-24 | CVE-2018-1000038 | Artifex | Out-of-bounds Write vulnerability in Artifex Mupdf In Artifex MuPDF 1.12.0 and earlier, a stack buffer overflow in function pdf_lookup_cmap_full in pdf/pdf-cmap.c could allow an attacker to execute arbitrary code via a crafted file. | 7.8 |
2018-05-22 | CVE-2016-8656 | Redhat | Permissions, Privileges, and Access Controls vulnerability in Redhat Jboss Enterprise Application Platform Jboss jbossas before versions 5.2.0-23, 6.4.13, 7.0.5 is vulnerable to an unsafe file handling in the jboss init script which could result in local privilege escalation. | 7.8 |
2018-05-21 | CVE-2018-7687 | Microfocus | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Microfocus Client 2.0 The Micro Focus Client for OES before version 2 SP4 IR8a has a vulnerability that could allow a local attacker to elevate privileges via a buffer overflow in ncfsd.sys. | 7.8 |
2018-05-26 | CVE-2018-6411 | Machform | Unrestricted Upload of File with Dangerous Type vulnerability in Machform 4.2.3 An issue was discovered in Appnitro MachForm before 4.2.3. | 7.5 |
2018-05-26 | CVE-2018-6410 | Machform | SQL Injection vulnerability in Machform 4.2.3 An issue was discovered in Appnitro MachForm before 4.2.3. | 7.5 |
2018-05-26 | CVE-2018-11499 | Sass Lang | Use After Free vulnerability in Sass-Lang Libsass A use-after-free vulnerability exists in handle_error() in sass_context.cpp in LibSass 3.4.x and 3.5.x through 3.5.4 that could be leveraged to cause a denial of service (application crash) or possibly unspecified other impact. | 7.5 |
2018-05-25 | CVE-2018-8871 | Deltaww | Out-of-bounds Write vulnerability in Deltaww Tpeditor In Delta Electronics Automation TPEditor version 1.89 or prior, parsing a malformed program file may cause heap-based buffer overflow vulnerability, which may allow remote code execution. | 7.5 |
2018-05-25 | CVE-2018-11444 | Easyservice Billing Project | SQL Injection vulnerability in Easyservice Billing Project Easyservice Billing 1.0 A SQL Injection issue was observed in the parameter "q" in jobcard-ongoing.php in EasyService Billing 1.0. | 7.5 |
2018-05-24 | CVE-2018-11419 | Jerryscript | Out-of-bounds Read vulnerability in Jerryscript 1.0 An issue was discovered in JerryScript 1.0. | 7.5 |
2018-05-24 | CVE-2018-11418 | Jerryscript | Out-of-bounds Read vulnerability in Jerryscript 1.0 An issue was discovered in JerryScript 1.0. | 7.5 |
2018-05-24 | CVE-2018-5487 | Netapp Linux | Improper Input Validation vulnerability in Netapp Oncommand Unified Manager NetApp OnCommand Unified Manager for Linux versions 7.2 through 7.3 ship with the Java Management Extension Remote Method Invocation (JMX RMI) service bound to the network, and are susceptible to unauthenticated remote code execution. | 7.5 |
2018-05-24 | CVE-2018-1000300 | Haxx Canonical | Out-of-bounds Write vulnerability in multiple products curl version curl 7.54.1 to and including curl 7.59.0 contains a CWE-122: Heap-based Buffer Overflow vulnerability in denial of service and more that can result in curl might overflow a heap based memory buffer when closing down an FTP connection with very long server command replies.. | 7.5 |
2018-05-24 | CVE-2018-1000155 | Opennetworking | Incorrect Authorization vulnerability in Opennetworking Openflow OpenFlow version 1.0 onwards contains a Denial of Service and Improper authorization vulnerability in OpenFlow handshake: The DPID (DataPath IDentifier) in the features_reply message are inherently trusted by the controller. | 7.5 |
2018-05-24 | CVE-2018-11411 | Dimoncoin | Improper Input Validation vulnerability in Dimoncoin The transferFrom function of a smart contract implementation for DimonCoin (FUD), an Ethereum ERC20 token, allows attackers to steal assets (e.g., transfer all victims' balances into their account) because certain computations involving _value are incorrect. | 7.5 |
2018-05-24 | CVE-2018-11410 | Liblouis Canonical | Use After Free vulnerability in multiple products An issue was discovered in Liblouis 3.5.0. | 7.5 |
2018-05-23 | CVE-2018-10653 | Citrix | XXE vulnerability in Citrix Xenmobile Server 10.7/10.8 There is an XML External Entity (XXE) Processing Vulnerability in Citrix XenMobile Server 10.8 before RP2 and 10.7 before RP3. | 7.5 |
2018-05-23 | CVE-2018-10648 | Citrix | Unrestricted Upload of File with Dangerous Type vulnerability in Citrix Xenmobile Server 10.7/10.8 There are Unauthenticated File Upload Vulnerabilities in Citrix XenMobile Server 10.8 before RP2 and 10.7 before RP3. | 7.5 |
2018-05-23 | CVE-2018-1309 | Apache | XXE vulnerability in Apache Nifi Apache NiFi External XML Entity issue in SplitXML processor. | 7.5 |
2018-05-23 | CVE-2018-1123 | Procps NG Project Canonical Debian | Heap-based Buffer Overflow vulnerability in multiple products procps-ng before version 3.3.15 is vulnerable to a denial of service in ps via mmap buffer overflow. | 7.5 |
2018-05-23 | CVE-2018-1126 | Procps NG Project Canonical Debian Redhat Schneider Electric | Integer Overflow or Wraparound vulnerability in multiple products procps-ng before version 3.3.15 is vulnerable to an incorrect integer size in proc/alloc.* leading to truncation/integer overflow issues. | 7.5 |
2018-05-22 | CVE-2018-11362 | Wireshark Debian | Out-of-bounds Read vulnerability in multiple products In Wireshark 2.6.0, 2.4.0 to 2.4.6, and 2.2.0 to 2.2.14, the LDSS dissector could crash. | 7.5 |
2018-05-22 | CVE-2018-11361 | Wireshark | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Wireshark 2.6.0 In Wireshark 2.6.0, the IEEE 802.11 protocol dissector could crash. | 7.5 |
2018-05-22 | CVE-2018-11360 | Wireshark Debian | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products In Wireshark 2.6.0, 2.4.0 to 2.4.6, and 2.2.0 to 2.2.14, the GSM A DTAP dissector could crash. | 7.5 |
2018-05-22 | CVE-2018-11359 | Wireshark Debian | NULL Pointer Dereference vulnerability in multiple products In Wireshark 2.6.0, 2.4.0 to 2.4.6, and 2.2.0 to 2.2.14, the RRC dissector and other dissectors could crash. | 7.5 |
2018-05-22 | CVE-2018-11358 | Wireshark Debian | Use After Free vulnerability in multiple products In Wireshark 2.6.0, 2.4.0 to 2.4.6, and 2.2.0 to 2.2.14, the Q.931 dissector could crash. | 7.5 |
2018-05-22 | CVE-2018-11357 | Wireshark Debian | Improper Input Validation vulnerability in multiple products In Wireshark 2.6.0, 2.4.0 to 2.4.6, and 2.2.0 to 2.2.14, the LTP dissector and other dissectors could consume excessive memory. | 7.5 |
2018-05-22 | CVE-2018-11356 | Wireshark Debian | NULL Pointer Dereference vulnerability in multiple products In Wireshark 2.6.0, 2.4.0 to 2.4.6, and 2.2.0 to 2.2.14, the DNS dissector could crash. | 7.5 |
2018-05-22 | CVE-2018-11355 | Wireshark | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Wireshark 2.6.0 In Wireshark 2.6.0, the RTCP dissector could crash. | 7.5 |
2018-05-22 | CVE-2018-11354 | Wireshark | Improper Input Validation vulnerability in Wireshark 2.6.0 In Wireshark 2.6.0, the IEEE 1905.1a dissector could crash. | 7.5 |
2018-05-22 | CVE-2018-9019 | Dolibarr Oracle | SQL Injection vulnerability in multiple products SQL Injection vulnerability in Dolibarr before version 7.0.2 allows remote attackers to execute arbitrary SQL commands via the sortfield parameter to /accountancy/admin/accountmodel.php, /accountancy/admin/categories_list.php, /accountancy/admin/journals_list.php, /admin/dict.php, /admin/mails_templates.php, or /admin/website.php. | 7.5 |
2018-05-22 | CVE-2018-10094 | Dolibarr | SQL Injection vulnerability in Dolibarr SQL injection vulnerability in Dolibarr before 7.0.2 allows remote attackers to execute arbitrary SQL commands via vectors involving integer parameters without quotes. | 7.5 |
2018-05-22 | CVE-2018-11373 | Iscripts | SQL Injection vulnerability in Iscripts Eswap 2.4 iScripts eSwap v2.4 has SQL injection via the "salelistdetailed.php" User Panel ToId parameter. | 7.5 |
2018-05-22 | CVE-2018-11372 | Iscripts | SQL Injection vulnerability in Iscripts Eswap 2.4 iScripts eSwap v2.4 has SQL injection via the wishlistdetailed.php User Panel ToId parameter. | 7.5 |
2018-05-22 | CVE-2018-11369 | Pbootcms | SQL Injection vulnerability in Pbootcms 1.0.9 An issue was discovered in PbootCMS v1.0.9. | 7.5 |
2018-05-21 | CVE-2018-11331 | Pluck CMS | Unrestricted Upload of File with Dangerous Type vulnerability in Pluck-Cms Pluck An issue was discovered in Pluck before 4.7.6. | 7.5 |
2018-05-21 | CVE-2018-8012 | Apache Debian Oracle | Missing Authorization vulnerability in multiple products No authentication/authorization is enforced when a server attempts to join a quorum in Apache ZooKeeper before 3.4.10, and 3.5.0-alpha through 3.5.3-beta. | 7.5 |
2018-05-25 | CVE-2018-11479 | Windscribe | Improper Input Validation vulnerability in Windscribe 1.81 The VPN component in Windscribe 1.81 uses the OpenVPN client for connections. | 7.2 |
2018-05-25 | CVE-2018-6235 | Trendmicro Microsoft | Out-of-bounds Write vulnerability in Trendmicro products An Out-of-Bounds write privilege escalation vulnerability in Trend Micro Maximum Security (Consumer) 2018 could allow a local attacker to escalate privileges on vulnerable installations due to a flaw within processing of IOCTL 0x222814 by the tmnciesc.sys driver. | 7.2 |
2018-05-25 | CVE-2018-6233 | Trendmicro Microsoft | Classic Buffer Overflow vulnerability in Trendmicro products A buffer overflow privilege escalation vulnerability in Trend Micro Maximum Security (Consumer) 2018 could allow a local attacker to escalate privileges on vulnerable installations due to a flaw within processing of IOCTL 0x222060 by the tmnciesc.sys driver. | 7.2 |
2018-05-25 | CVE-2018-6232 | Trendmicro Microsoft | Classic Buffer Overflow vulnerability in Trendmicro products A buffer overflow privilege escalation vulnerability in Trend Micro Maximum Security (Consumer) 2018 could allow a local attacker to escalate privileges on vulnerable installations due to a flaw within processing of IOCTL 0x22205C by the tmnciesc.sys driver. | 7.2 |
2018-05-25 | CVE-2018-1488 | IBM Linux Microsoft | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in IBM DB2 10.5/11.1 IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 10.5 and 11.1 is vulnerable to a buffer overflow, which could allow an authenticated local attacker to execute arbitrary code on the system as root. | 7.2 |
2018-05-24 | CVE-2013-3024 | IBM | Permissions, Privileges, and Access Controls vulnerability in IBM Websphere Application Server 8.5.0.0/8.5.0.1/8.5.0.2 IBM WebSphere Application Server (WAS) 8.5 through 8.5.0.2 on UNIX allows local users to gain privileges by leveraging improper process initialization. | 7.2 |
2018-05-24 | CVE-2017-14187 | Fortinet | Improper Privilege Management vulnerability in Fortinet Fortios A local privilege escalation and local code execution vulnerability in Fortinet FortiOS 5.6.0 to 5.6.2, 5.4.0 to 5.4.8, and 5.2 and below versions allows attacker to execute unauthorized binary program contained on an USB drive plugged into a FortiGate via linking the aforementioned binary program to a command that is allowed to be run by the fnsysctl CLI command. | 7.2 |
2018-05-22 | CVE-2018-6962 | Vmware | Unspecified vulnerability in VMWare Fusion VMware Fusion (10.x before 10.1.2) contains a signature bypass vulnerability which may lead to a local privilege escalation. | 7.2 |
143 Medium Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2018-05-25 | CVE-2018-6236 | Trendmicro Microsoft | Race Condition vulnerability in Trendmicro products A Time-of-Check Time-of-Use privilege escalation vulnerability in Trend Micro Maximum Security (Consumer) 2018 could allow a local attacker to escalate privileges on vulnerable installations due to a flaw within processing of IOCTL 0x222813 by the tmusa driver. | 6.9 |
2018-05-26 | CVE-2018-11500 | Publiccms | Cross-Site Request Forgery (CSRF) vulnerability in Publiccms 4.0.20180210 An issue was discovered in PublicCMS V4.0.20180210. | 6.8 |
2018-05-26 | CVE-2018-11498 | Lizard Project | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Lizard Project Lizard and LZ5 In Lizard v1.0 and LZ5 v2.0 (the prior release, before the product was renamed), there is an unchecked buffer size during a memcpy in the Lizard_decompress_LIZv1 function (lib/lizard_decompress_liz.h). | 6.8 |
2018-05-26 | CVE-2018-11493 | Wuzhicms | Cross-Site Request Forgery (CSRF) vulnerability in Wuzhicms Wuzhi CMS 4.1.0 An issue was discovered in WUZHI CMS 4.1.0. | 6.8 |
2018-05-25 | CVE-2017-9641 | Osisoft | Cross-Site Request Forgery (CSRF) vulnerability in Osisoft PI Coresight PI Coresight 2016 R2 contains a cross-site request forgery vulnerability that may allow access to the PI system. | 6.8 |
2018-05-25 | CVE-2018-11445 | Easyservice Billing Project | Cross-Site Request Forgery (CSRF) vulnerability in Easyservice Billing Project Easyservice Billing 1.0 A CSRF issue was discovered on the User Add/System Settings Page (system-settings-user-new2.php) in EasyService Billing 1.0. | 6.8 |
2018-05-25 | CVE-2018-11442 | Easyservice Billing Project | Cross-Site Request Forgery (CSRF) vulnerability in Easyservice Billing Project Easyservice Billing 1.0 A CSRF issue was discovered in EasyService Billing 1.0, which was triggered via a quotation-new3-new2.php?add=true&id= URI, as demonstrated by adding a new quotation. | 6.8 |
2018-05-25 | CVE-2018-11440 | Liblouis Canonical Opensuse | Out-of-bounds Write vulnerability in multiple products Liblouis 3.5.0 has a stack-based Buffer Overflow in the function parseChars in compileTranslationTable.c. | 6.8 |
2018-05-24 | CVE-2018-7407 | Foxitsoftware | Incorrect Type Conversion or Cast vulnerability in Foxitsoftware Phantompdf and Reader An issue was discovered in Foxit Reader before 9.1 and PhantomPDF before 9.1. | 6.8 |
2018-05-24 | CVE-2018-7406 | Foxitsoftware | Improper Validation of Array Index vulnerability in Foxitsoftware Phantompdf and Reader An issue was discovered in Foxit Reader before 9.1 and PhantomPDF before 9.1. | 6.8 |
2018-05-24 | CVE-2018-5680 | Foxitsoftware | Out-of-bounds Read vulnerability in Foxitsoftware Phantompdf and Reader This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader before 9.1 and PhantomPDF before 9.1. | 6.8 |
2018-05-24 | CVE-2018-5679 | Foxitsoftware | Out-of-bounds Read vulnerability in Foxitsoftware Phantompdf and Reader This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader before 9.1 and PhantomPDF before 9.1. | 6.8 |
2018-05-24 | CVE-2018-5678 | Foxitsoftware | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Foxitsoftware Phantompdf and Reader This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader before 9.1 and PhantomPDF before 9.1. | 6.8 |
2018-05-24 | CVE-2018-5677 | Foxitsoftware | Out-of-bounds Read vulnerability in Foxitsoftware Phantompdf and Reader This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader before 9.1 and PhantomPDF before 9.1. | 6.8 |
2018-05-24 | CVE-2018-5676 | Foxitsoftware | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Foxitsoftware Phantompdf and Reader This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader before 9.1 and PhantomPDF before 9.1. | 6.8 |
2018-05-24 | CVE-2018-5675 | Foxitsoftware | Out-of-bounds Write vulnerability in Foxitsoftware Phantompdf and Reader This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader before 9.1 and PhantomPDF before 9.1. | 6.8 |
2018-05-24 | CVE-2018-5674 | Foxitsoftware | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Foxitsoftware Phantompdf and Reader This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader before 9.1 and PhantomPDF before 9.1. | 6.8 |
2018-05-24 | CVE-2018-11416 | Jpegoptim Project | Double Free vulnerability in Jpegoptim Project Jpegoptim 1.4.5 jpegoptim.c in jpegoptim 1.4.5 (fixed in 1.4.6) has an invalid use of realloc() and free(), which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact. | 6.8 |
2018-05-24 | CVE-2018-11405 | Kliqqi | Cross-Site Request Forgery (CSRF) vulnerability in Kliqqi CMS 2.0.2 Kliqqi 2.0.2 has CSRF in admin/admin_users.php. | 6.8 |
2018-05-23 | CVE-2018-10654 | Citrix | Deserialization of Untrusted Data vulnerability in Citrix Xenmobile Server 10.7/10.8 There is a Hazelcast Library Java Deserialization Vulnerability in Citrix XenMobile Server 10.8 before RP2 and 10.7 before RP3. | 6.8 |
2018-05-23 | CVE-2018-10650 | Citrix | Untrusted Search Path vulnerability in Citrix Xenmobile Server 10.7/10.8 There is an Insufficient Path Validation Vulnerability in Citrix XenMobile Server 10.8 before RP2 and 10.7 before RP3. | 6.8 |
2018-05-23 | CVE-2018-11231 | Divido | SQL Injection vulnerability in Divido In the Divido plugin for OpenCart, there is SQL injection. | 6.8 |
2018-05-22 | CVE-2018-11378 | Radare | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Radare Radare2 2.5.0 The wasm_dis() function in libr/asm/arch/wasm/wasm.c in or possibly have unspecified other impact via a crafted WASM file. | 6.8 |
2018-05-22 | CVE-2017-2617 | Hawt IO | Unrestricted Upload of File with Dangerous Type vulnerability in Hawt.Io Hawtio hawtio before version 1.5.5 is vulnerable to remote code execution via file upload. | 6.8 |
2018-05-22 | CVE-2018-11371 | Skycaiji | Cross-Site Request Forgery (CSRF) vulnerability in Skycaiji 1.2 SkyCaiji 1.2 allows CSRF to add an Administrator user. | 6.8 |
2018-05-26 | CVE-2018-11496 | Long Range ZIP Project Debian | Use After Free vulnerability in multiple products In Long Range Zip (aka lrzip) 0.631, there is a use-after-free in read_stream in stream.c, because decompress_file in lrzip.c lacks certain size validation. | 6.5 |
2018-05-25 | CVE-2018-11470 | Iscripts | SQL Injection vulnerability in Iscripts Eswap 2.4 iScripts eSwap v2.4 has SQL injection via the "search.php" 'Told' parameter in the User Panel. | 6.5 |
2018-05-25 | CVE-2018-1133 | Moodle | Code Injection vulnerability in Moodle An issue was discovered in Moodle 3.x. | 6.5 |
2018-05-24 | CVE-2018-11414 | Bearadmin Project | SQL Injection vulnerability in Bearadmin Project Bearadmin 0.5 An issue was discovered in BearAdmin 0.5. | 6.5 |
2018-05-23 | CVE-2018-10352 | Trendmicro | SQL Injection vulnerability in Trendmicro Email Encryption Gateway 5.5 A vulnerability in Trend Micro Email Encryption Gateway 5.5 could allow a remote attacker to execute arbitrary SQL statements on vulnerable installations due to a flaw in the formConfiguration class. | 6.5 |
2018-05-22 | CVE-2018-11323 | Joomla | Improper Privilege Management vulnerability in Joomla Joomla! An issue was discovered in Joomla! Core before 3.8.8. | 6.5 |
2018-05-22 | CVE-2018-11345 | Asustor | Unrestricted Upload of File with Dangerous Type vulnerability in Asustor As6202T Firmware An unrestricted file upload vulnerability in upload.cgi in ASUSTOR AS6202T ADM 3.1.0.RFQ3 allows attackers to upload supplied data via the POST parameter filename. | 6.5 |
2018-05-22 | CVE-2018-11341 | Asustor | Path Traversal vulnerability in Asustor As6202T Firmware Directory traversal in importuser.cgi in ASUSTOR AS6202T ADM 3.1.0.RFQ3 allows attackers to navigate the file system via the filename parameter. | 6.5 |
2018-05-24 | CVE-2018-9920 | K2 | Server-Side Request Forgery (SSRF) vulnerability in K2 Smartforms 4.6.11 Server side request forgery exists in the runtime application in K2 smartforms 4.6.11 via a modified hostname in an https://*/Identity/STS/Forms/Scripts URL. | 6.4 |
2018-05-24 | CVE-2018-1000301 | Debian Canonical Haxx Redhat Oracle | Out-of-bounds Read vulnerability in multiple products curl version curl 7.20.0 to and including curl 7.59.0 contains a CWE-126: Buffer Over-read vulnerability in denial of service that can result in curl can be tricked into reading data beyond the end of a heap based buffer used to store downloaded RTSP content.. | 6.4 |
2018-05-24 | CVE-2017-9421 | Accellion | Improper Authentication vulnerability in Accellion Kiteworks Authentication Bypass vulnerability in Accellion kiteworks before 2017.01.00 allows remote attackers to execute certain API calls on behalf of a web user using a gathered token via a POST request to /oauth/token. | 6.4 |
2018-05-22 | CVE-2018-6492 | HP | Cross-site Scripting vulnerability in HP products Persistent Cross-Site Scripting, and non-persistent HTML Injection in HP Network Operations Management Ultimate, version 2017.07, 2017.11, 2018.02 and in Network Automation, version 10.00, 10.10, 10.11, 10.20, 10.30, 10.40, 10.50. | 6.1 |
2018-05-21 | CVE-2018-1067 | Redhat | HTTP Response Splitting vulnerability in Redhat Undertow In Undertow before versions 7.1.2.CR1, 7.1.2.GA it was found that the fix for CVE-2016-4993 was incomplete and Undertow web server is vulnerable to the injection of arbitrary HTTP headers, and also response splitting, due to insufficient sanitization and validation of user input before the input is used as part of an HTTP header value. | 6.1 |
2018-05-26 | CVE-2018-11501 | Website Seller Script Project | Cross-Site Request Forgery (CSRF) vulnerability in Website Seller Script Project Website Seller Script 2.0.3 PHP Scripts Mall Website Seller Script 2.0.3 has CSRF via user_submit.php?upd=2, with resultant XSS. | 6.0 |
2018-05-26 | CVE-2018-11494 | Opencart | Path Traversal vulnerability in Opencart The "program extension upload" feature in OpenCart through 3.0.2.0 has a six-step process (upload, install, unzip, move, xml, remove) that allows attackers to execute arbitrary code if the remove step is skipped, because the attacker can discover a secret temporary directory name (containing 10 random digits) via a directory traversal attack involving language_info['code']. | 6.0 |
2018-05-25 | CVE-2018-11475 | Monstra | Session Fixation vulnerability in Monstra 3.0.4 Monstra CMS 3.0.4 has a Session Management Issue in the Users tab. | 6.0 |
2018-05-25 | CVE-2018-11474 | Monstra | Session Fixation vulnerability in Monstra 3.0.4 Monstra CMS 3.0.4 has a Session Management Issue in the Administrations Tab. | 6.0 |
2018-05-22 | CVE-2018-10092 | Dolibarr | Missing Authorization vulnerability in Dolibarr The admin panel in Dolibarr before 7.0.2 might allow remote attackers to execute arbitrary commands by leveraging support for updating the antivirus command and parameters used to scan file uploads. | 6.0 |
2018-05-22 | CVE-2018-11322 | Joomla | Unrestricted Upload of File with Dangerous Type vulnerability in Joomla Joomla! An issue was discovered in Joomla! Core before 3.8.8. | 6.0 |
2018-05-25 | CVE-2018-11469 | Haproxy Canonical | Information Exposure vulnerability in multiple products Incorrect caching of responses to requests including an Authorization header in HAProxy 1.8.0 through 1.8.9 (if cache enabled) allows attackers to achieve information disclosure via an unauthenticated remote request, related to the proto_http.c check_request_for_cacheability function. | 5.9 |
2018-05-21 | CVE-2018-1108 | Linux Canonical Debian | Use of Insufficiently Random Values vulnerability in multiple products kernel drivers before version 4.17-rc1 are vulnerable to a weakness in the Linux kernel's implementation of random seed data. | 5.9 |
2018-05-23 | CVE-2018-10651 | Citrix | Open Redirect vulnerability in Citrix Xenmobile Server 10.7/10.8 There are Open Redirect Vulnerabilities in Citrix XenMobile Server 10.8 before RP2 and 10.7 before RP3. | 5.8 |
2018-05-22 | CVE-2015-8094 | Cloudera | Open Redirect vulnerability in Cloudera HUE Open redirect vulnerability in Cloudera HUE before 3.10.0 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the next parameter. | 5.8 |
2018-05-21 | CVE-2018-11092 | Admin Notes Project | Cross-Site Request Forgery (CSRF) vulnerability in Admin Notes Project Admin Notes 1.1 An issue was discovered in the Admin Notes plugin 1.1 for MyBB. | 5.8 |
2018-05-25 | CVE-2018-1137 | Moodle | Improper Input Validation vulnerability in Moodle An issue was discovered in Moodle 3.x. | 5.5 |
2018-05-24 | CVE-2018-1000040 | Artifex Debian | Improper Input Validation vulnerability in multiple products In Artifex MuPDF 1.12.0 and earlier, multiple use of uninitialized value bugs in the PDF parser could allow an attacker to cause a denial of service (crash) or influence program flow via a crafted file. | 5.5 |
2018-05-24 | CVE-2018-1000037 | Artifex Debian | Improper Input Validation vulnerability in multiple products In Artifex MuPDF 1.12.0 and earlier, multiple reachable assertions in the PDF parser allow an attacker to cause a denial of service (assert crash) via a crafted file. | 5.5 |
2018-05-24 | CVE-2018-1000036 | Artifex Debian | Missing Release of Resource after Effective Lifetime vulnerability in multiple products In Artifex MuPDF 1.12.0 and earlier, multiple memory leaks in the PDF parser allow an attacker to cause a denial of service (memory leak) via a crafted file. | 5.5 |
2018-05-22 | CVE-2018-1583 | IBM | Unspecified vulnerability in IBM Storediq 7.6.0 IBM StoredIQ 7.6 could allow an authenticated attacker to bypass certain security restrictions. | 5.5 |
2018-05-21 | CVE-2018-8010 | Apache | XXE vulnerability in Apache Solr This vulnerability in Apache Solr 6.0.0 to 6.6.3, 7.0.0 to 7.3.0 relates to an XML external entity expansion (XXE) in Solr config files (solrconfig.xml, schema.xml, managed-schema). | 5.5 |
2018-05-25 | CVE-2017-3961 | Mcafee | Cross-site Scripting vulnerability in Mcafee Network Security Manager Cross-Site Scripting (XSS) vulnerability in the web interface in McAfee Network Security Management (NSM) before 8.2.7.42.2 allows authenticated users to allow arbitrary HTML code to be reflected in the response web page via crafted user input of attributes. | 5.4 |
2018-05-23 | CVE-2018-6495 | Microfocus | Cross-site Scripting vulnerability in Microfocus CMS Server, Universal Cmdb and Universal Cmdb Browser Cross-Site Scripting (XSS) in Micro Focus Universal CMDB, version 10.20, 10.21, 10.22, 10.30, 10.31, 10.32, 10.33, 11.0, CMS, version 4.10, 4.11, 4.12, 4.13, 4.14, 4.15.1 and Micro Focus UCMDB Browser, version 4.10, 4.11, 4.12, 4.13, 4.14, 4.15.1. | 5.4 |
2018-05-22 | CVE-2018-6494 | Microfocus | SQL Injection vulnerability in Microfocus Service Manager Remote SQL Injection against the HP Service Manager Software Web Tier, version 9.30, 9.31, 9.32, 9.33, 9.34, 9.35, 9.40, 9.41, 9.50, 9.51, may lead to unauthorized disclosure of data. | 5.4 |
2018-05-26 | CVE-2018-6409 | Machform | Path Traversal vulnerability in Machform 4.2.3 An issue was discovered in Appnitro MachForm before 4.2.3. | 5.0 |
2018-05-26 | CVE-2018-11505 | Werewolf Online Project | Information Exposure vulnerability in Werewolf Online Project Werewolf Online 0.8.8 The Werewolf Online application 0.8.8 for Android allows attackers to discover the Firebase token by reading logcat output. | 5.0 |
2018-05-25 | CVE-2017-14185 | Fortinet | Information Exposure vulnerability in Fortinet Fortios An Information Disclosure vulnerability in Fortinet FortiOS 5.6.0 to 5.6.2, 5.4.0 to 5.4.8 and 5.2 all versions allows SSL VPN web portal users to access internal FortiOS configuration information (eg:addresses) via specifically crafted URLs inside the SSL-VPN web portal. | 5.0 |
2018-05-25 | CVE-2018-1467 | IBM | Information Exposure vulnerability in IBM Storwize Unified V7000 Software 1.6 The IBM Storwize V7000 Unified management Web interface 1.6 exposes internal cluster details to unauthenticated users. | 5.0 |
2018-05-24 | CVE-2013-3018 | IBM | Information Exposure vulnerability in IBM Tivoli Application Dependency Discovery Manager The AXIS webapp in deploy-tomcat/axis in IBM Tivoli Application Dependency Discovery Manager (TADDM) 7.1.2 and 7.2.0 through 7.2.1.4 allows remote attackers to obtain sensitive configuration information via a direct request, as demonstrated by happyaxis.jsp. | 5.0 |
2018-05-24 | CVE-2018-7526 | Beaconmedaes | Forced Browsing vulnerability in Beaconmedaes Scroll Medical AIR Systems Firmware In TotalAlert Web Application in BeaconMedaes Scroll Medical Air Systems prior to v4107600010.23, by accessing a specific uniform resource locator (URL) on the webserver, a malicious user may be able to access information in the application without authenticating. | 5.0 |
2018-05-24 | CVE-2018-7518 | Beaconmedaes | Insufficiently Protected Credentials vulnerability in Beaconmedaes Scroll Medical AIR Systems Firmware In TotalAlert Web Application in BeaconMedaes Scroll Medical Air Systems prior to v4107600010.23, an attacker with network access to the integrated web server could retrieve default or user defined credentials stored and transmitted in an insecure manner. | 5.0 |
2018-05-24 | CVE-2017-9664 | ABB | Path Traversal vulnerability in ABB Srea-01 Firmware and Srea-50 Firmware In ABB SREA-01 revisions A, B, C: application versions up to 3.31.5, and SREA-50 revision A: application versions up to 3.32.8, an attacker may access internal files of ABB SREA-01 and SREA-50 legacy remote monitoring tools without any authorization over the network using a HTTP request which refers to files using ../../ relative paths. | 5.0 |
2018-05-24 | CVE-2018-7942 | Huawei | Unspecified vulnerability in Huawei products The iBMC (Intelligent Baseboard Management Controller) of some Huawei servers have an authentication bypass vulnerability. | 5.0 |
2018-05-24 | CVE-2017-17315 | Huawei | Improper Input Validation vulnerability in Huawei products Huawei DP300 V500R002C00; RP200 V600R006C00; TE30 V100R001C10; V500R002C00; V600R006C00; TE40 V500R002C00; V600R006C00; TE50 V500R002C00; V600R006C00; TE60 V100R001C10; V500R002C00; V600R006C00 have a numeric errors vulnerability. | 5.0 |
2018-05-23 | CVE-2018-10652 | Citrix | Information Exposure vulnerability in Citrix Xenmobile Server 10.7 There is a Sensitive Data Leakage issue in Citrix XenMobile Server 10.7 before RP3. | 5.0 |
2018-05-23 | CVE-2018-1193 | Cloudfoundry | Unspecified vulnerability in Cloudfoundry Cf-Deployment and Routing-Release Cloud Foundry routing-release, versions prior to 0.175.0, lacks sanitization for user-provided X-Forwarded-Proto headers. | 5.0 |
2018-05-23 | CVE-2018-1310 | Apache | Deserialization of Untrusted Data vulnerability in Apache Nifi Apache NiFi JMS Deserialization issue because of ActiveMQ client vulnerability. | 5.0 |
2018-05-23 | CVE-2018-1125 | Procps NG Project Canonical Debian Opensuse | Out-of-bounds Write vulnerability in multiple products procps-ng before version 3.3.15 is vulnerable to a stack buffer overflow in pgrep. | 5.0 |
2018-05-23 | CVE-2018-11396 | Gnome | Unspecified vulnerability in Gnome Epiphany ephy-session.c in libephymain.so in GNOME Web (aka Epiphany) through 3.28.2.1 allows remote attackers to cause a denial of service (application crash) via JavaScript code that triggers access to a NULL URL, as demonstrated by a crafted window.open call. | 5.0 |
2018-05-22 | CVE-2018-11325 | Joomla | Information Exposure Through an Error Message vulnerability in Joomla Joomla! An issue was discovered in Joomla! Core before 3.8.8. | 5.0 |
2018-05-22 | CVE-2018-11367 | Cppcms | Improper Input Validation vulnerability in Cppcms An issue was discovered in CppCMS before 1.2.1. | 5.0 |
2018-05-22 | CVE-2018-11329 | Ethercartel | Unspecified vulnerability in Ethercartel Ether Cartel 20180518 The DrugDealer function of a smart contract implementation for Ether Cartel, an Ethereum game, allows attackers to take over the contract's ownership, aka ceoAnyone. | 5.0 |
2018-05-22 | CVE-2018-11365 | Wizardmac | Infinite Loop vulnerability in Wizardmac Readstat 0.1.1 sas/readstat_sas7bcat_read.c in libreadstat.a in ReadStat 0.1.1 has an infinite loop. | 5.0 |
2018-05-22 | CVE-2018-11364 | Wizardmac | Missing Release of Resource after Effective Lifetime vulnerability in Wizardmac Readstat 0.1.1 sav_parse_machine_integer_info_record in spss/readstat_sav_read.c in libreadstat.a in ReadStat 0.1.1 has a memory leak related to an iconv_open call. | 5.0 |
2018-05-22 | CVE-2018-11363 | Pdfgen | Out-of-bounds Read vulnerability in Pdfgen jpeg_size in pdfgen.c in PDFGen before 2018-04-09 has a heap-based buffer over-read. | 5.0 |
2018-05-21 | CVE-2018-11320 | Octopus | Information Exposure Through Log Files vulnerability in Octopus Server In Octopus Deploy 2018.4.4 through 2018.5.1, Octopus variables that are sourced from the target do not have sensitive values obfuscated in the deployment logs. | 5.0 |
2018-05-24 | CVE-2018-10595 | BD | SQL Injection vulnerability in BD Database Manager, Performa and Reada A vulnerability in ReadA version 1.1.0.2 and previous allows an authorized user with access to a privileged account on a BD Kiestra system (Kiestra TLA, Kiestra WCA, and InoqulA+ specimen processor) to issue SQL commands, which may result in loss or corruption of data. | 4.9 |
2018-05-24 | CVE-2018-1000199 | Debian Linux Canonical Redhat | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products The Linux Kernel version 3.18 contains a dangerous feature vulnerability in modify_user_hw_breakpoint() that can result in crash and possibly memory corruption. | 4.9 |
2018-05-24 | CVE-2018-11401 | Simplisafe | Unspecified vulnerability in Simplisafe U9K-Bs1000 Firmware In SimpliSafe Original, RF Interference (e.g., an extremely strong 433.92 MHz signal) by a physically proximate attacker does not cause a notification. | 4.9 |
2018-05-24 | CVE-2018-11400 | Simplisafe | Unspecified vulnerability in Simplisafe U9K-Bs1000 Firmware In SimpliSafe Original, the Base Station fails to detect tamper attempts: it does not send a notification if a physically proximate attacker removes the battery and external power. | 4.9 |
2018-05-21 | CVE-2018-7268 | Magnicomp Apple Linux | Information Exposure vulnerability in Magnicomp Sysinfo 10H62 MagniComp SysInfo before 10-H81, as shipped with BMC BladeLogic Automation and other products, contains an information exposure vulnerability in which a local unprivileged user is able to read any root (uid 0) owned file on the system, regardless of the file permissions. | 4.9 |
2018-05-22 | CVE-2018-3640 | Intel ARM | Information Exposure Through Discrepancy vulnerability in multiple products Systems with microprocessors utilizing speculative execution and that perform speculative reads of system registers may allow unauthorized disclosure of system parameters to an attacker with local user access via a side-channel analysis, aka Rogue System Register Read (RSRE), Variant 3a. | 4.7 |
2018-05-25 | CVE-2018-1565 | IBM Linux Microsoft | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in IBM DB2 IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, and 11.1 could allow a local user to overflow a buffer which may result in a privilege escalation to the DB2 instance owner. | 4.6 |
2018-05-25 | CVE-2018-1544 | IBM Linux Microsoft | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in IBM DB2 IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, and 11.1 could allow a local user to overflow a buffer which may result in a privilege escalation to the DB2 instance owner. | 4.6 |
2018-05-25 | CVE-2018-1459 | IBM Linux Microsoft | Out-of-bounds Write vulnerability in IBM DB2 IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, and 11.1 is vulnerable to stack based buffer overflow, caused by improper bounds checking which could lead an attacker to execute arbitrary code. | 4.6 |
2018-05-24 | CVE-2018-5485 | Netapp Microsoft | Unspecified vulnerability in Netapp Oncommand Unified Manager NetApp OnCommand Unified Manager for Windows versions 7.2 through 7.3 are susceptible to a vulnerability which could lead to a privilege escalation attack. | 4.6 |
2018-05-23 | CVE-2018-1124 | Procps NG Project Canonical Debian Redhat Schneider Electric Opensuse | Integer Overflow or Wraparound vulnerability in multiple products procps-ng before version 3.3.15 is vulnerable to multiple integer overflows leading to a heap corruption in file2strvec function. | 4.6 |
2018-05-23 | CVE-2018-11334 | Windscribe | Incorrect Permission Assignment for Critical Resource vulnerability in Windscribe 1.81 Windscribe 1.81 creates a named pipe with a NULL DACL that allows Everyone users to gain privileges or cause a denial of service via \\.\pipe\WindscribeService. | 4.6 |
2018-05-21 | CVE-2018-8142 | Microsoft | Unspecified vulnerability in Microsoft Windows 10 and Windows Server 2016 A security feature bypass exists when Windows incorrectly validates kernel driver signatures, aka "Windows Security Feature Bypass Vulnerability." This affects Windows Server 2016, Windows 10, Windows 10 Servers. | 4.6 |
2018-05-25 | CVE-2018-1515 | IBM Linux Microsoft | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in IBM DB2 10.5/11.1 IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 10.5 and 11.1, under specific or unusual conditions, could allow a local user to overflow a buffer which may result in a privilege escalation to the DB2 instance owner. | 4.4 |
2018-05-23 | CVE-2018-1122 | Procps NG Project Canonical Debian | procps-ng before version 3.3.15 is vulnerable to a local privilege escalation in top. | 4.4 |
2018-05-26 | CVE-2018-11504 | Discount Project Debian | Out-of-bounds Read vulnerability in multiple products The islist function in markdown.c in libmarkdown.a in DISCOUNT 2.2.3a allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted file, as demonstrated by mkd2html. | 4.3 |
2018-05-26 | CVE-2018-11503 | Discount Project Debian | Out-of-bounds Read vulnerability in multiple products The isfootnote function in markdown.c in libmarkdown.a in DISCOUNT 2.2.3a allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted file, as demonstrated by mkd2html. | 4.3 |
2018-05-26 | CVE-2018-11487 | Phpmywind | Cross-site Scripting vulnerability in PHPmywind 5.5 PHPMyWind 5.5 has XSS via the cid parameter to newsshow.php, or the query string to news.php or about.php. | 4.3 |
2018-05-25 | CVE-2018-11473 | Monstra | Cross-site Scripting vulnerability in Monstra 3.0.4 Monstra CMS 3.0.4 has XSS in the registration Form (i.e., the login parameter to users/registration). | 4.3 |
2018-05-25 | CVE-2018-11472 | Monstra | Cross-site Scripting vulnerability in Monstra 3.0.4 Monstra CMS 3.0.4 has Reflected XSS during Login (i.e., the login parameter to admin/index.php). | 4.3 |
2018-05-25 | CVE-2018-11468 | Discount Project Debian | Out-of-bounds Read vulnerability in multiple products The __mkd_trim_line function in mkdio.c in libmarkdown.a in DISCOUNT 2.2.3a allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted file, as demonstrated by mkd2html. | 4.3 |
2018-05-25 | CVE-2018-11443 | Easyservice Billing Project | Cross-site Scripting vulnerability in Easyservice Billing Project Easyservice Billing 1.0 The parameter q is affected by Cross-site Scripting in jobcard-ongoing.php in EasyService Billing 1.0. | 4.3 |
2018-05-24 | CVE-2013-3023 | IBM | Information Exposure vulnerability in IBM Tivoli Application Dependency Discovery Manager IBM Tivoli Application Dependency Discovery Manager (TADDM) 7.1.2 and 7.2.0 through 7.2.1.4 might allow remote attackers to obtain sensitive information about Tomcat credentials by sniffing the network for a session in which HTTP is used. | 4.3 |
2018-05-24 | CVE-2018-11415 | SAP | Cross-site Scripting vulnerability in SAP Internet Transaction Server 6.20 SAP Internet Transaction Server (ITS) 6200.X.X has Reflected Cross Site Scripting (XSS) via certain wgate URIs. | 4.3 |
2018-05-24 | CVE-2018-11412 | Linux Canonical | Use After Free vulnerability in multiple products In the Linux kernel 4.13 through 4.16.11, ext4_read_inline_data() in fs/ext4/inline.c performs a memcpy with an untrusted length value in certain circumstances involving a crafted filesystem that stores the system.data extended attribute value in a dedicated inode. | 4.3 |
2018-05-24 | CVE-2018-11404 | Domainmod | Cross-site Scripting vulnerability in Domainmod 4.09.03 DomainMod v4.09.03 has XSS via the assets/edit/ssl-provider-account.php sslpaid parameter. | 4.3 |
2018-05-23 | CVE-2018-10428 | Ilias | Cross-site Scripting vulnerability in Ilias ILIAS before 5.1.26, 5.2.x before 5.2.15, and 5.3.x before 5.3.4, due to inconsistencies in parameter handling, is vulnerable to various instances of reflected cross-site-scripting. | 4.3 |
2018-05-23 | CVE-2018-10649 | Citrix | Cross-site Scripting vulnerability in Citrix Xenmobile Server 10.7 There is a Cross-Site Scripting Vulnerability in Citrix XenMobile Server 10.7 before RP3. | 4.3 |
2018-05-23 | CVE-2018-7295 | Square Enix | Improper Enforcement of Message Integrity During Transmission in a Communication Channel vulnerability in Square-Enix Final Fantasy XIV 4.21/4.25 ffxivlauncher.exe in Square Enix Final Fantasy XIV 4.21 and 4.25 on Windows is affected by Improper Enforcement of Message Integrity During Transmission in a Communication Channel, allowing a man-in-the-middle attacker to steal user credentials because a session retrieves global.js via http before proceeding to use https. | 4.3 |
2018-05-22 | CVE-2018-10095 | Dolibarr | Cross-site Scripting vulnerability in Dolibarr Cross-site scripting (XSS) vulnerability in Dolibarr before 7.0.2 allows remote attackers to inject arbitrary web script or HTML via the foruserlogin parameter to adherents/cartes/carte.php. | 4.3 |
2018-05-22 | CVE-2018-11384 | Radare | Out-of-bounds Read vulnerability in Radare Radare2 2.5.0 The sh_op() function in radare2 2.5.0 allows remote attackers to cause a denial of service (heap-based out-of-bounds read and application crash) via a crafted ELF file. | 4.3 |
2018-05-22 | CVE-2018-11383 | Radare | Use of Uninitialized Resource vulnerability in Radare Radare2 2.5.0 The r_strbuf_fini() function in radare2 2.5.0 allows remote attackers to cause a denial of service (invalid free and application crash) via a crafted ELF file because of an uninitialized variable in the CPSE handler in libr/anal/p/anal_avr.c. | 4.3 |
2018-05-22 | CVE-2018-11382 | Radare | Out-of-bounds Read vulnerability in Radare Radare2 2.5.0 The _inst__sts() function in radare2 2.5.0 allows remote attackers to cause a denial of service (heap-based out-of-bounds read and application crash) via a crafted binary file. | 4.3 |
2018-05-22 | CVE-2018-11381 | Radare | Out-of-bounds Read vulnerability in Radare Radare2 2.5.0 The string_scan_range() function in radare2 2.5.0 allows remote attackers to cause a denial of service (heap-based out-of-bounds read and application crash) via a crafted binary file. | 4.3 |
2018-05-22 | CVE-2018-11380 | Radare | Out-of-bounds Read vulnerability in Radare Radare2 2.5.0 The parse_import_ptr() function in radare2 2.5.0 allows remote attackers to cause a denial of service (heap-based out-of-bounds read and application crash) via a crafted Mach-O file. | 4.3 |
2018-05-22 | CVE-2018-11379 | Radare | Out-of-bounds Read vulnerability in Radare Radare2 2.5.0 The get_debug_info() function in radare2 2.5.0 allows remote attackers to cause a denial of service (heap-based out-of-bounds read and application crash) via a crafted PE file. | 4.3 |
2018-05-22 | CVE-2018-11377 | Radare | Out-of-bounds Read vulnerability in Radare Radare2 2.5.0 The avr_op_analyze() function in radare2 2.5.0 allows remote attackers to cause a denial of service (heap-based out-of-bounds read and application crash) via a crafted binary file. | 4.3 |
2018-05-22 | CVE-2018-11376 | Radare | Out-of-bounds Read vulnerability in Radare Radare2 2.5.0 The r_read_le32() function in radare2 2.5.0 allows remote attackers to cause a denial of service (heap-based out-of-bounds read and application crash) via a crafted ELF file. | 4.3 |
2018-05-22 | CVE-2018-11375 | Radare | Out-of-bounds Read vulnerability in Radare Radare2 2.5.0 The _inst__lds() function in radare2 2.5.0 allows remote attackers to cause a denial of service (heap-based out-of-bounds read and application crash) via a crafted binary file. | 4.3 |
2018-05-22 | CVE-2018-11093 | Ckeditor | Cross-site Scripting vulnerability in Ckeditor 5-Link Cross-site scripting (XSS) vulnerability in the Link package for CKEditor 5 before 10.0.1 allows remote attackers to inject arbitrary web script through a crafted href attribute of a link (A) element. | 4.3 |
2018-05-22 | CVE-2018-6378 | Joomla | Cross-site Scripting vulnerability in Joomla Joomla! In Joomla! Core before 3.8.8, inadequate filtering of file and folder names leads to various XSS attack vectors in the media manager. | 4.3 |
2018-05-22 | CVE-2018-11324 | Joomla | Race Condition vulnerability in Joomla Joomla! An issue was discovered in Joomla! Core before 3.8.8. | 4.3 |
2018-05-22 | CVE-2018-11366 | Loginizer | Cross-site Scripting vulnerability in Loginizer 1.3.8/1.3.9 init.php in the Loginizer plugin 1.3.8 through 1.3.9 for WordPress has Unauthenticated Stored Cross-Site Scripting (XSS) because logging is mishandled. | 4.3 |
2018-05-22 | CVE-2018-11339 | Frappe | Cross-site Scripting vulnerability in Frappe Erpnext 11.X.Xdevelopb1036E5 An XSS issue was discovered in Frappe ERPNext v11.x.x-develop b1036e5 via a comment. | 4.3 |
2018-05-21 | CVE-2018-11096 | Horse Market Sell Rent Portal Project | Cross-Site Request Forgery (CSRF) vulnerability in Horse Market Sell & Rent Portal Project Horse Market Sell & Rent Portal 1.5.7 Horse Market Sell & Rent Portal Script 1.5.7 has a CSRF vulnerability through which an attacker can change all of the target's account information remotely. | 4.3 |
2018-05-26 | CVE-2018-11495 | Opencart | Path Traversal vulnerability in Opencart OpenCart through 3.0.2.0 allows directory traversal in the editDownload function in admin\model\catalog\download.php via admin/index.php?route=catalog/download/edit, related to the download_id. | 4.0 |
2018-05-25 | CVE-2017-1752 | IBM | Information Exposure vulnerability in IBM Urbancode Deploy IBM UrbanCode Deploy 6.1 and 6.2 could allow an authenticated privileged user to obtain highly sensitive information. | 4.0 |
2018-05-25 | CVE-2018-1136 | Moodle | Cross-site Scripting vulnerability in Moodle An issue was discovered in Moodle 3.x. | 4.0 |
2018-05-25 | CVE-2018-1135 | Moodle | Information Exposure vulnerability in Moodle An issue was discovered in Moodle 3.x. | 4.0 |
2018-05-25 | CVE-2018-1134 | Moodle | Improper Privilege Management vulnerability in Moodle An issue was discovered in Moodle 3.x. | 4.0 |
2018-05-24 | CVE-2018-11413 | Bearadmin Project | Path Traversal vulnerability in Bearadmin Project Bearadmin 0.5 An issue was discovered in BearAdmin 0.5. | 4.0 |
2018-05-24 | CVE-2018-7904 | Huawei | Unspecified vulnerability in Huawei 1288H V5 Firmware and 2288H V5 Firmware Huawei 1288H V5 and 288H V5 with software of V100R005C00 have a JSON injection vulnerability. | 4.0 |
2018-05-24 | CVE-2018-7903 | Huawei | Unspecified vulnerability in Huawei 1288H V5 Firmware and 2288H V5 Firmware Huawei 1288H V5 and 288H V5 with software of V100R005C00 have a JSON injection vulnerability. | 4.0 |
2018-05-24 | CVE-2018-7902 | Huawei | Unspecified vulnerability in Huawei 1288H V5 Firmware and 2288H V5 Firmware Huawei 1288H V5 and 288H V5 with software of V100R005C00 have a JSON injection vulnerability. | 4.0 |
2018-05-23 | CVE-2018-10353 | Trendmicro | SQL Injection vulnerability in Trendmicro Email Encryption Gateway 5.5 A SQL injection information disclosure vulnerability in Trend Micro Email Encryption Gateway 5.5 could allow a remote attacker to disclose sensitive information on vulnerable installations due to a flaw in the formChangePass class. | 4.0 |
2018-05-23 | CVE-2017-9317 | Dahuasecurity | Unspecified vulnerability in Dahuasecurity products Privilege escalation vulnerability found in some Dahua IP devices. | 4.0 |
2018-05-23 | CVE-2017-2598 | Jenkins | Inadequate Encryption Strength vulnerability in Jenkins Jenkins before versions 2.44, 2.32.2 uses AES ECB block cipher mode without IV for encrypting secrets which makes Jenkins and the stored secrets vulnerable to unnecessary risks (SECURITY-304). | 4.0 |
2018-05-22 | CVE-2017-2609 | Jenkins | Information Exposure vulnerability in Jenkins jenkins before versions 2.44, 2.32.2 is vulnerable to an information disclosure vulnerability in search suggestions (SECURITY-385). | 4.0 |
2018-05-22 | CVE-2018-11327 | Joomla | Information Exposure vulnerability in Joomla Joomla! An issue was discovered in Joomla! Core before 3.8.8. | 4.0 |
2018-05-22 | CVE-2018-11321 | Joomla | Improper Input Validation vulnerability in Joomla Joomla! An issue was discovered in com_fields in Joomla! Core before 3.8.8. | 4.0 |
2018-05-22 | CVE-2018-11346 | Asustor | Forced Browsing vulnerability in Asustor As6202T Firmware An insecure direct object reference vulnerability in download.cgi in ASUSTOR AS6202T ADM 3.1.0.RFQ3 allows the ability to reference the "download_sys_settings" action and then specify files arbitrarily throughout the system via the act parameter. | 4.0 |
2018-05-22 | CVE-2018-11344 | Asustor | Path Traversal vulnerability in Asustor As6202T Firmware A path traversal vulnerability in download.cgi in ASUSTOR AS6202T ADM 3.1.0.RFQ3 allows attackers to arbitrarily specify a file on the system to download via the file1 parameter. | 4.0 |
2018-05-22 | CVE-2018-11342 | Asustor | Path Traversal vulnerability in Asustor As6202T Firmware A path traversal vulnerability in fileExplorer.cgi in ASUSTOR AS6202T ADM 3.1.0.RFQ3 allows attackers to arbitrarily specify a path to a file on the system to create folders via the dest_folder parameter. | 4.0 |
23 Low Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2018-05-25 | CVE-2018-6674 | Mcafee | Missing Encryption of Sensitive Data vulnerability in Mcafee Virusscan Enterprise 8.8.0 Privilege Escalation vulnerability in Microsoft Windows client (McTray.exe) in McAfee VirusScan Enterprise (VSE) 8.8 prior to Patch 13 allows local users to spawn unrelated processes with elevated privileges via the system administrator granting McTray.exe elevated privileges (by default it runs with the current user's privileges). | 3.9 |
2018-05-24 | CVE-2018-10593 | BD | SQL Injection vulnerability in BD Database Manager, Performa and Reada A vulnerability in DB Manager version 3.0.1.0 and previous and PerformA version 3.0.0.0 and previous allows an authorized user with access to a privileged account on a BD Kiestra system (Kiestra TLA, Kiestra WCA, and InoqulA+ specimen processor) to issue SQL commands, which may result in data corruption. | 3.8 |
2018-05-25 | CVE-2018-1452 | IBM Linux Microsoft | Unspecified vulnerability in IBM DB2 IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, and 11.1 contains a vulnerability that could allow a local user to overwrite arbitrary files owned by the DB2 instance owner. | 3.6 |
2018-05-25 | CVE-2018-1451 | IBM Linux Microsoft | Unspecified vulnerability in IBM DB2 IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, and 11.1 contains a vulnerability that could allow a local user to overwrite arbitrary files owned by the DB2 instance owner. | 3.6 |
2018-05-25 | CVE-2018-1450 | IBM Linux Microsoft | Unspecified vulnerability in IBM DB2 IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, and 11.1 contains a vulnerability that could allow a local user to overwrite arbitrary files owned by the DB2 instance owner. | 3.6 |
2018-05-25 | CVE-2018-1449 | IBM Linux Microsoft | Unspecified vulnerability in IBM DB2 IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, and 11.1 contains a vulnerability that could allow a local user to overwrite arbitrary files owned by the DB2 instance owner. | 3.6 |
2018-05-25 | CVE-2018-11471 | Getcockpit | Cross-site Scripting vulnerability in Getcockpit Cockpit 0.5.5 Cockpit 0.5.5 has XSS via a collection, form, or region. | 3.5 |
2018-05-24 | CVE-2018-11332 | Clippercms | Cross-site Scripting vulnerability in Clippercms 1.3.3 Stored cross-site scripting (XSS) vulnerability in the "Site Name" field found in the "site" tab under configurations in ClipperCMS 1.3.3 allows remote attackers to inject arbitrary web script or HTML via a crafted site name to the manager/processors/save_settings.processor.php file. | 3.5 |
2018-05-24 | CVE-2018-11403 | Domainmod | Cross-site Scripting vulnerability in Domainmod 4.09.03 DomainMod v4.09.03 has XSS via the assets/edit/account-owner.php oid parameter. | 3.5 |
2018-05-22 | CVE-2018-11326 | Joomla | Cross-site Scripting vulnerability in Joomla Joomla! An issue was discovered in Joomla! Core before 3.8.8. | 3.5 |
2018-05-22 | CVE-2018-11343 | Asustor | Cross-site Scripting vulnerability in Asustor Soundsgood A persistent cross site scripting vulnerability in playlistmanger.cgi in the ASUSTOR SoundsGood application allows attackers to store cross site scripting payloads via the 'playlist' POST parameter. | 3.5 |
2018-05-21 | CVE-2017-2607 | Jenkins | Cross-site Scripting vulnerability in Jenkins jenkins before versions 2.44, 2.32.2 is vulnerable to a persisted cross-site scripting vulnerability in console notes (SECURITY-382). | 3.5 |
2018-05-21 | CVE-2018-11330 | Pluck CMS | Cross-site Scripting vulnerability in Pluck-Cms Pluck An issue was discovered in Pluck before 4.7.6. | 3.5 |
2018-05-25 | CVE-2018-8864 | Atisystem | Missing Encryption of Sensitive Data vulnerability in Atisystem products In ATI Systems Emergency Mass Notification Systems (HPSS16, HPSS32, MHPSS, and ALERT4000) devices, a missing encryption of sensitive data vulnerability caused by specially crafted malicious radio transmissions may allow an attacker to remotely trigger false alarms. | 2.9 |
2018-05-25 | CVE-2018-8862 | Atisystem | Improper Authentication vulnerability in Atisystem products In ATI Systems Emergency Mass Notification Systems (HPSS16, HPSS32, MHPSS, and ALERT4000) devices, an improper authentication vulnerability caused by specially crafted malicious radio transmissions may allow an attacker to remotely trigger false alarms. | 2.9 |
2018-05-22 | CVE-2018-11328 | Joomla | Cross-site Scripting vulnerability in Joomla Joomla! An issue was discovered in Joomla! Core before 3.8.8. | 2.6 |
2018-05-25 | CVE-2018-6234 | Trendmicro Microsoft | Information Exposure vulnerability in Trendmicro products An Out-of-Bounds Read Information Disclosure vulnerability in Trend Micro Maximum Security (Consumer) 2018 could allow a local attacker to disclose sensitive information on vulnerable installations due to a flaw within processing of IOCTL 0x222814 by the tmnciesc.sys driver. | 2.1 |
2018-05-24 | CVE-2017-17158 | Huawei | Improper Input Validation vulnerability in Huawei products Some Huawei smart phones with the versions before Berlin-L21HNC185B381; the versions before Prague-AL00AC00B223; the versions before Prague-AL00BC00B223; the versions before Prague-AL00CC00B223; the versions before Prague-L31C432B208; the versions before Prague-TL00AC01B223; the versions before Prague-TL00AC01B223 have an information exposure vulnerability. | 2.1 |
2018-05-22 | CVE-2018-6963 | Vmware | NULL Pointer Dereference vulnerability in VMWare Fusion and Workstation VMware Workstation (14.x before 14.1.2) and Fusion (10.x before 10.1.2) contain multiple denial-of-service vulnerabilities that occur due to NULL pointer dereference issues in the RPC handler. | 2.1 |
2018-05-22 | CVE-2018-3639 | Intel ARM Redhat Debian Canonical Siemens Oracle Mitel Sonicwall Schneider Electric Nvidia Microsoft | Information Exposure Through Discrepancy vulnerability in multiple products Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of all prior memory writes are known may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis, aka Speculative Store Bypass (SSB), Variant 4. | 2.1 |
2018-05-24 | CVE-2018-11402 | Simplisafe | Cleartext Transmission of Sensitive Information vulnerability in Simplisafe U9K-Kp1000 Firmware SimpliSafe Original has Unencrypted Keypad Transmissions, which allows physically proximate attackers to discover the PIN. | 1.9 |
2018-05-24 | CVE-2018-11399 | Simplisafe | Cleartext Transmission of Sensitive Information vulnerability in Simplisafe products SimpliSafe Original has Unencrypted Sensor Transmissions, which allows physically proximate attackers to obtain potentially sensitive information about the specific times when alarm-system events occur. | 1.9 |
2018-05-23 | CVE-2018-10355 | Trendmicro | Insufficiently Protected Credentials vulnerability in Trendmicro Email Encryption Gateway 5.5 An authentication weakness vulnerability in Trend Micro Email Encryption Gateway 5.5 could allow an attacker to recover user passwords on vulnerable installations due to a flaw in the DBCrypto class. | 1.9 |