Weekly Vulnerabilities Reports > June 18 to 24, 2018

Overview

192 new vulnerabilities reported during this period, including 15 critical vulnerabilities and 42 high severity vulnerabilities. This weekly summary report vulnerabilities in 372 products from 96 vendors including Cisco, Canonical, Debian, Redhat, and Broadcom. Vulnerabilities are notably categorized as "Improper Input Validation", "Information Exposure", "Improper Restriction of Operations within the Bounds of a Memory Buffer", "Cross-site Scripting", and "Out-of-bounds Write".

  • 166 reported vulnerabilities are remotely exploitables.
  • 27 reported vulnerabilities have public exploit available.
  • 52 reported vulnerabilities are related to weaknesses in OWASP Top Ten.
  • 156 reported vulnerabilities are exploitable by an anonymous user.
  • Cisco has the most reported vulnerabilities, with 33 reported vulnerabilities.
  • Cisco has the most reported critical vulnerabilities, with 6 reported vulnerabilities.

TOTAL
VULNERABILITIES
CRITICAL RISK
VULNERABILITIES
HIGH RISK
VULNERABILITIES
MEDIUM RISK
VULNERABILITIES
LOW RISK
VULNERABILITIES
REMOTELY
EXPLOITABLE
LOCALLY
EXPLOITABLE
EXPLOIT
AVAILABLE
EXPLOITABLE
ANONYMOUSLY
AFFECTING
WEB APPLICATION

Vulnerability Details

The following table list reported vulnerabilities for the period covered by this report:

Expand/Hide

15 Critical Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2018-06-24 CVE-2018-12714 Linux Out-Of-Bounds Write vulnerability in Linux Kernel

An issue was discovered in the Linux kernel through 4.17.2.

10.0
2018-06-21 CVE-2018-12526 Telesquare USE of Hard-Coded Credentials vulnerability in Telesquare Sdt-Cs3B1 Firmware and Sdt-Cw3B1 Firmware

Telesquare SDT-CS3B1 and SDT-CW3B1 devices through 1.2.0 have a default factory account.

10.0
2018-06-21 CVE-2018-0310 Cisco Out-Of-Bounds Read vulnerability in Cisco Fxos and Nx-Os

A vulnerability in the Cisco Fabric Services component of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, remote attacker to obtain sensitive information from memory or cause a denial of service (DoS) condition on the affected product.

10.0
2018-06-20 CVE-2018-0304 Cisco Out-Of-Bounds Read vulnerability in Cisco products

A vulnerability in the Cisco Fabric Services component of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, remote attacker to read sensitive memory content, create a denial of service (DoS) condition, or execute arbitrary code as root.

10.0
2018-06-20 CVE-2018-0301 Cisco Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Cisco Nx-Os

A vulnerability in the NX-API feature of Cisco NX-OS Software could allow an unauthenticated, remote attacker to craft a packet to the management interface on an affected system, causing a buffer overflow.

10.0
2018-06-20 CVE-2018-6213 D Link USE of Hard-Coded Credentials vulnerability in D-Link Dir-620 Firmware

In the web server on D-Link DIR-620 devices with a certain customized (by ISP) variant of firmware 1.0.3, 1.0.37, 1.3.1, 1.3.3, 1.3.7, 1.4.0, and 2.0.22, there is a hardcoded password of anonymous for the admin account.

10.0
2018-06-19 CVE-2018-6210 Dlink USE of Hard-Coded Credentials vulnerability in Dlink Dir-620 Firmware 1.0.37

D-Link DIR-620 devices, with a certain Rostelekom variant of firmware 1.0.37, have a hardcoded rostel account, which makes it easier for remote attackers to obtain access via a TELNET session.

10.0
2018-06-21 CVE-2018-0313 Cisco Injection vulnerability in Cisco Nx-Os

A vulnerability in the NX-API feature of Cisco NX-OS Software could allow an authenticated, remote attacker to send a malicious packet to the management interface on an affected system and execute a command-injection exploit.

9.0
2018-06-21 CVE-2018-0300 Cisco Path Traversal vulnerability in Cisco Fxos 2.0(1.68)

A vulnerability in the process of uploading new application images to Cisco FXOS on the Cisco Firepower 4100 Series Next-Generation Firewall (NGFW) and Firepower 9300 Security Appliance could allow an authenticated, remote attacker using path traversal techniques to create or overwrite arbitrary files on an affected device.

9.0
2018-06-20 CVE-2018-0293 Cisco OS Command Injection vulnerability in Cisco Nx-Os

A vulnerability in role-based access control (RBAC) for Cisco NX-OS Software could allow an authenticated, remote attacker to execute CLI commands that should be restricted for a nonadministrative user.

9.0
2018-06-20 CVE-2018-5428 Tibco Command Injection vulnerability in Tibco Data Virtualization 7.0.5/7.0.6

The version control adapters component of TIBCO Data Virtualization (formerly known as Cisco Information Server) contains vulnerabilities that may allow for arbitrary command execution.

9.0
2018-06-20 CVE-2018-6211 D Link OS Command Injection vulnerability in D-Link Dir-620 Firmware

On D-Link DIR-620 devices with a certain customized (by ISP) variant of firmware 1.0.3, 1.0.37, 1.3.1, 1.3.3, 1.3.7, 1.4.0, and 2.0.22, OS command injection is possible as a result of incorrect processing of the res_buf parameter to index.cgi.

9.0
2018-06-20 CVE-2018-12591 Ubnt OS Command Injection vulnerability in Ubnt Edgeswitch Firmware

Ubiquiti Networks EdgeSwitch version 1.7.3 and prior suffer from an improperly neutralized element in an OS command due to lack of protection on the admin CLI, leading to code execution and privilege escalation greater than administrators themselves are allowed.

9.0
2018-06-20 CVE-2018-12590 UI USE of Externally-Controlled Format String vulnerability in UI Edgeswitch Firmware 1.7.3

Ubiquiti Networks EdgeSwitch version 1.7.3 and prior suffer from an externally controlled format-string vulnerability due to lack of protection on the admin CLI, leading to code execution and privilege escalation greater than administrators themselves are allowed.

9.0
2018-06-18 CVE-2018-9023 Broadcom Improper Input Validation vulnerability in Broadcom Privileged Access Manager

An input validation vulnerability in CA Privileged Access Manager 2.x allows unprivileged users to execute arbitrary commands by passing specially crafted arguments to the update_crld script.

9.0

42 High Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2018-06-22 CVE-2017-7466 Redhat Improper Input Validation vulnerability in Redhat Ansible

Ansible before version 2.3 has an input validation vulnerability in the handling of data sent from client systems.

8.5
2018-06-21 CVE-2018-0303 Cisco Buffer Errors vulnerability in Cisco Fxos and Nx-Os

A vulnerability in the Cisco Discovery Protocol component of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to execute arbitrary code as root or cause a denial of service (DoS) condition on the affected device.

8.3
2018-06-20 CVE-2018-0292 Cisco Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Cisco Nx-Os

A vulnerability in the Internet Group Management Protocol (IGMP) Snooping feature of Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to execute arbitrary code and gain full control of an affected system.

8.3
2018-06-23 CVE-2018-12694 TP Link Improper Input Validation vulnerability in Tp-Link Tl-Wa850Re Firmware

TP-Link TL-WA850RE Wi-Fi Range Extender with hardware version 5 allows remote attackers to cause a denial of service (reboot) via data/reboot.json.

7.8
2018-06-21 CVE-2018-0311 Cisco Buffer Errors vulnerability in Cisco Fxos and Nx-Os

A vulnerability in the Cisco Fabric Services component of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device.

7.8
2018-06-21 CVE-2018-0298 Cisco Buffer Errors vulnerability in Cisco Fxos and Nx-Os

A vulnerability in the web UI of Cisco FXOS and Cisco UCS Fabric Interconnect Software could allow an unauthenticated, remote attacker to cause a buffer overflow on an affected system.

7.8
2018-06-20 CVE-2018-0295 Cisco Improper Input Validation vulnerability in Cisco Nx-Os

A vulnerability in the Border Gateway Protocol (BGP) implementation of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition due to the device unexpectedly reloading.

7.8
2018-06-24 CVE-2018-12706 Digisol Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Digisol Dg-Br4000Ng Firmware

DIGISOL DG-BR4000NG devices have a Buffer Overflow via a long Authorization HTTP header.

7.5
2018-06-23 CVE-2018-12699 GNU
Canonical
Out-Of-Bounds Write vulnerability in multiple products

finish_stab in stabs.c in GNU Binutils 2.30 allows attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact, as demonstrated by an out-of-bounds write of 8 bytes.

7.5
2018-06-23 CVE-2018-12640 Insteon Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Insteon 2864-222 Firmware

The webService binary on Insteon HD IP Camera White 2864-222 devices has a Buffer Overflow via a crafted pid, pwd, or usr key in a GET request on port 34100.

7.5
2018-06-23 CVE-2018-11560 Insteon Out-Of-Bounds Write vulnerability in Insteon 2864-222 Firmware

The webService binary on Insteon HD IP Camera White 2864-222 devices has a stack-based Buffer Overflow leading to Control-Flow Hijacking via a crafted usr key, as demonstrated by a long remoteIp parameter to cgi-bin/CGIProxy.fcgi on port 34100.

7.5
2018-06-22 CVE-2018-12689 Phpldapadmin Project Unspecified vulnerability in PHPldapadmin Project PHPldapadmin 1.2.2

phpLDAPadmin 1.2.2 allows LDAP injection via a crafted server_id parameter in a cmd.php?cmd=login_form request, or a crafted username and password in the login panel.

7.5
2018-06-22 CVE-2018-12688 Tinyexr Project Improper Input Validation vulnerability in Tinyexr Project Tinyexr 0.9.5

tinyexr 0.9.5 has a segmentation fault in the wav2Decode function.

7.5
2018-06-22 CVE-2018-12678 Portainer Server-Side Request Forgery (SSRF) vulnerability in Portainer

Portainer before 1.18.0 supports unauthenticated requests to the websocket endpoint with an unvalidated id query parameter for the /websocket/exec endpoint, which allows remote attackers to bypass intended access restrictions or conduct SSRF attacks.

7.5
2018-06-21 CVE-2018-12630 Nmark SQL Injection vulnerability in Nmark Nmcms 2.1

NEWMARK (aka New Mark) NMCMS 2.1 allows SQL Injection via the sect_id parameter to the /catalog URI.

7.5
2018-06-21 CVE-2018-7679 Microfocus Improper Input Validation vulnerability in Microfocus Solutions Business Manager

Micro Focus Solutions Business Manager versions prior to 11.4 when ASP.NET is configured with execute permission on the virtual directories and does not validate the contents of user avatar images, could lead to remote code execution.

7.5
2018-06-21 CVE-2018-0712 Qnap Command Injection vulnerability in Qnap QTS

Command injection vulnerability in LDAP Server in QNAP QTS 4.2.6 build 20171208, QTS 4.3.3 build 20180402, QTS 4.3.4 build 20180413 and their earlier versions could allow remote attackers to run arbitrary commands or install malware on the NAS.

7.5
2018-06-20 CVE-2018-0314 Cisco Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Cisco products

A vulnerability in the Cisco Fabric Services (CFS) component of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, remote attacker to execute arbitrary code on an affected device.

7.5
2018-06-20 CVE-2018-0312 Cisco Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Cisco products

A vulnerability in the Cisco Fabric Services component of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, remote attacker to execute arbitrary code or cause a denial of service (DoS) condition on an affected device.

7.5
2018-06-20 CVE-2018-0308 Cisco Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Cisco products

A vulnerability in the Cisco Fabric Services component of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, remote attacker to execute arbitrary code or cause a denial of service (DoS) condition.

7.5
2018-06-20 CVE-2018-12601 Sam2P Project
Debian
Out-Of-Bounds Write vulnerability in multiple products

There is a heap-based buffer overflow in ReadImage in input-tga.ci in sam2p 0.49.4 that leads to a denial of service or possibly unspecified other impact.

7.5
2018-06-20 CVE-2018-12327 NTP Out-Of-Bounds Write vulnerability in NTP 4.2.8

Stack-based buffer overflow in ntpq and ntpdc of NTP version 4.2.8p11 allows an attacker to achieve code execution or escalate to higher privileges via a long string as the argument for an IPv4 or IPv6 command-line parameter.

7.5
2018-06-20 CVE-2018-1132 Opendaylight SQL Injection vulnerability in Opendaylight Sdninterfaceapp

A flaw was found in Opendaylight's SDNInterfaceapp (SDNI).

7.5
2018-06-19 CVE-2015-4043 Connx SQL Injection vulnerability in Connx ESP HR Management 4.4.0

SQL injection vulnerability in ConnX ESP HR Management 4.4.0 allows remote attackers to execute arbitrary SQL commands via the ctl00$cphMainContent$txtUserName parameter to frmLogin.aspx.

7.5
2018-06-19 CVE-2018-12578 Sam2P Project Out-Of-Bounds Write vulnerability in Sam2P Project Sam2P 0.49.4

There is a heap-based buffer overflow in bmp_compress1_row in appliers.cpp in sam2p 0.49.4 that leads to a denial of service or possibly unspecified other impact.

7.5
2018-06-19 CVE-2018-12562 Cantata Project Improper Input Validation vulnerability in Cantata Project Cantata

An issue was discovered in the cantata-mounter D-Bus service in Cantata through 2.3.1.

7.5
2018-06-18 CVE-2018-10623 Deltaww Out-Of-Bounds Read vulnerability in Deltaww Delta Industrial Automation Dopsoft

Delta Electronics Delta Industrial Automation DOPSoft version 4.00.04 and prior performs read operations on a memory buffer where the position can be determined by a value read from a .dpa file.

7.5
2018-06-18 CVE-2018-10621 Deltaww Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Deltaww Delta Industrial Automation Dopsoft

Delta Electronics Delta Industrial Automation DOPSoft version 4.00.04 and prior utilizes a fixed-length stack buffer where a value larger than the buffer can be read from a .dpa file into the buffer, causing the buffer to be overwritten.

7.5
2018-06-18 CVE-2018-10617 Deltaww Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Deltaww Delta Industrial Automation Dopsoft

Delta Electronics Delta Industrial Automation DOPSoft version 4.00.04 and prior utilizes a fixed-length heap buffer where a value larger than the buffer can be read from a .dpa file into the buffer, causing the buffer to be overwritten.

7.5
2018-06-18 CVE-2018-9029 Broadcom SQL Injection vulnerability in Broadcom Privileged Access Manager

An improper input validation vulnerability in CA Privileged Access Manager 2.x allows remote attackers to conduct SQL injection attacks.

7.5
2018-06-18 CVE-2018-9022 Broadcom Improper Privilege Management vulnerability in Broadcom Privileged Access Manager

An authentication bypass vulnerability in CA Privileged Access Manager 2.8.2 and earlier allows remote attackers to execute arbitrary code or commands by poisoning a configuration file.

7.5
2018-06-18 CVE-2018-9021 Broadcom Improper Privilege Management vulnerability in Broadcom Privileged Access Manager

An authentication bypass vulnerability in CA Privileged Access Manager 2.8.2 and earlier allows remote attackers to execute arbitrary commands with specially crafted requests.

7.5
2018-06-18 CVE-2015-4664 Broadcom
Xceedium
Improper Input Validation vulnerability in multiple products

An improper input validation vulnerability in CA Privileged Access Manager 2.4.4.4 and earlier allows remote attackers to execute arbitrary commands.

7.5
2018-06-18 CVE-2018-12534 Quick Chat Project SQL Injection vulnerability in Quick Chat Project Quick Chat

A SQL injection issue was discovered in the Quick Chat plugin before 4.00 for WordPress.

7.5
2018-06-18 CVE-2018-12531 Metinfo Code Injection vulnerability in Metinfo 6.0.0

An issue was discovered in MetInfo 6.0.0.

7.5
2018-06-18 CVE-2018-12533 Redhat Expression Language Injection vulnerability in Redhat Richfaces

JBoss RichFaces 3.1.0 through 3.3.4 allows unauthenticated remote attackers to inject expression language (EL) expressions and execute arbitrary Java code via a /DATA/ substring in a path with an org.richfaces.renderkit.html.Paint2DResource$ImageData object, aka RF-14310.

7.5
2018-06-18 CVE-2018-12532 Redhat Expression Language Injection vulnerability in Redhat Richfaces

JBoss RichFaces 4.5.3 through 4.5.17 allows unauthenticated remote attackers to inject an arbitrary expression language (EL) variable mapper and execute arbitrary Java code via a MediaOutputResource's resource request, aka RF-14309.

7.5
2018-06-21 CVE-2018-0337 Cisco Incorrect Authorization vulnerability in Cisco Nx-Os

A vulnerability in the role-based access-checking mechanisms of Cisco NX-OS Software could allow an authenticated, local attacker to execute arbitrary commands on an affected device.

7.2
2018-06-21 CVE-2018-0306 Cisco OS Command Injection vulnerability in Cisco Nx-Os

A vulnerability in the CLI parser of Cisco NX-OS Software could allow an authenticated, local attacker to perform a command-injection attack on an affected device.

7.2
2018-06-21 CVE-2018-0302 Cisco Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Cisco Fxos and Nx-Os

A vulnerability in the CLI parser of Cisco FXOS Software and Cisco UCS Fabric Interconnect Software could allow an authenticated, local attacker to cause a buffer overflow on an affected device.

7.2
2018-06-20 CVE-2018-0307 Cisco OS Command Injection vulnerability in Cisco Nx-Os

A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker to perform a command-injection attack on an affected device.

7.2
2018-06-20 CVE-2018-0294 Cisco Unspecified vulnerability in Cisco Fxos and Nx-Os

A vulnerability in the write-erase feature of Cisco FXOS Software and Cisco NX-OS Software could allow an authenticated, local attacker to configure an unauthorized administrator account for an affected device.

7.2

117 Medium Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2018-06-23 CVE-2018-12693 TP Link Out-Of-Bounds Write vulnerability in Tp-Link Tl-Wa850Re Firmware

Stack-based buffer overflow in TP-Link TL-WA850RE Wi-Fi Range Extender with hardware version 5 allows remote authenticated users to cause a denial of service (outage) via a long type parameter to /data/syslog.filter.json.

6.8
2018-06-22 CVE-2018-1000201 Ruby FFI Project
Microsoft
Untrusted Search Path vulnerability in Ruby-Ffi Project Ruby-Ffi

ruby-ffi version 1.9.23 and earlier has a DLL loading issue which can be hijacked on Windows OS, when a Symbol is used as DLL name instead of a String This vulnerability appears to have been fixed in v1.9.24 and later.

6.8
2018-06-22 CVE-2018-12659 Slims Akasia Project Cross-Site Request Forgery (CSRF) vulnerability in Slims Akasia Project Slims Akasia 8.3.1

SLiMS 8 Akasia 8.3.1 allows remote attackers to bypass the CSRF protection mechanism and obtain admin access by omitting the csrf_token parameter.

6.8
2018-06-21 CVE-2018-0371 Cisco Improper Input Validation vulnerability in Cisco Meeting Server 2.2.5

A vulnerability in the Web Admin Interface of Cisco Meeting Server could allow an authenticated, remote attacker to cause a denial of service (DoS) condition.

6.8
2018-06-21 CVE-2018-0365 Cisco Cross-Site Request Forgery (CSRF) vulnerability in Cisco products

A vulnerability in the web-based management interface of Cisco Firepower Management Center could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack and perform arbitrary actions on an affected device.

6.8
2018-06-21 CVE-2018-0364 Cisco Cross-Site Request Forgery (CSRF) vulnerability in Cisco Unified Communications Domain Manager

A vulnerability in the web-based management interface of Cisco Unified Communications Domain Manager could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack and perform arbitrary actions on an affected device.

6.8
2018-06-21 CVE-2018-0363 Cisco Cross-Site Request Forgery (CSRF) vulnerability in Cisco Unified Communications Manager IM and Presence Service 11.5(1)

A vulnerability in the web-based management interface of Cisco Unified Communications Manager IM & Presence Service (formerly CUPS) could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack and perform arbitrary actions on an affected device.

6.8
2018-06-21 CVE-2018-0309 Cisco Resource Exhaustion vulnerability in Cisco Nx-Os 7.0(3)I5(2)/7.0(3)I6(1)

A vulnerability in the implementation of a specific CLI command and the associated Simple Network Management Protocol (SNMP) MIB for Cisco NX-OS (in standalone NX-OS mode) on Cisco Nexus 3000 and 9000 Series Switches could allow an authenticated, remote attacker to exhaust system memory on an affected device, resulting in a denial of service (DoS) condition.

6.8
2018-06-21 CVE-2018-0299 Cisco Improper Input Validation vulnerability in Cisco Nx-Os 4.1(2)E1(1R)

A vulnerability in the Simple Network Management Protocol (SNMP) feature of Cisco NX-OS on the Cisco Nexus 4000 Series Switch could allow an authenticated, remote attacker to cause the device to unexpectedly reload, resulting in a denial of service (DoS) condition.

6.8
2018-06-20 CVE-2018-0291 Cisco Improper Input Validation vulnerability in Cisco Nx-Os

A vulnerability in the Simple Network Management Protocol (SNMP) input packet processor of Cisco NX-OS Software could allow an authenticated, remote attacker to cause the SNMP application on an affected device to restart unexpectedly.

6.8
2018-06-20 CVE-2018-12600 Canonical
Debian
Imagemagick
Out-Of-Bounds Write vulnerability in multiple products

In ImageMagick 7.0.8-3 Q16, ReadDIBImage and WriteDIBImage in coders/dib.c allow attackers to cause an out of bounds write via a crafted file.

6.8
2018-06-20 CVE-2018-12599 Canonical
Debian
Imagemagick
Out-Of-Bounds Write vulnerability in multiple products

In ImageMagick 7.0.8-3 Q16, ReadBMPImage and WriteBMPImage in coders/bmp.c allow attackers to cause an out of bounds write via a crafted file.

6.8
2018-06-20 CVE-2018-6563 Totemo Cross-Site Request Forgery (CSRF) vulnerability in Totemo Encryption Gateway

Multiple cross-site request forgery (CSRF) vulnerabilities in totemomail Encryption Gateway before 6.0.0_Build_371 allow remote attackers to hijack the authentication of users for requests that (1) change user settings, (2) send emails, or (3) change contact information by leveraging lack of an anti-CSRF token.

6.8
2018-06-20 CVE-2018-11707 Faststone Buffer Errors vulnerability in Faststone Image Viewer 6.2

FastStone Image Viewer 6.2 has a User Mode Read and Execute AV at 0x0057898e, triggered when the user opens a malformed JPEG file that is mishandled by FSViewer.exe.

6.8
2018-06-20 CVE-2018-11706 Faststone Buffer Errors vulnerability in Faststone Image Viewer 6.2

FastStone Image Viewer 6.2 has a User Mode Write AV at 0x00578dd8, triggered when the user opens a malformed JPEG file that is mishandled by FSViewer.exe.

6.8
2018-06-20 CVE-2018-11705 Faststone Buffer Errors vulnerability in Faststone Image Viewer 6.2

FastStone Image Viewer 6.2 has a User Mode Write AV at 0x00578cc4, triggered when the user opens a malformed JPEG file that is mishandled by FSViewer.exe.

6.8
2018-06-20 CVE-2018-11704 Faststone Buffer Errors vulnerability in Faststone Image Viewer 6.2

FastStone Image Viewer 6.2 has a User Mode Write AV at 0x00402d7d, triggered when the user opens a malformed JPEG file that is mishandled by FSViewer.exe.

6.8
2018-06-20 CVE-2018-11703 Faststone Buffer Errors vulnerability in Faststone Image Viewer 6.2

FastStone Image Viewer 6.2 has a User Mode Write AV at 0x00402d6a, triggered when the user opens a malformed JPEG file that is mishandled by FSViewer.exe.

6.8
2018-06-20 CVE-2018-11702 Faststone Buffer Errors vulnerability in Faststone Image Viewer 6.2

FastStone Image Viewer 6.2 has a User Mode Write AV at 0x00578cb3, triggered when the user opens a malformed JPEG file that is mishandled by FSViewer.exe.

6.8
2018-06-20 CVE-2018-11701 Faststone Buffer Errors vulnerability in Faststone Image Viewer 6.2

FastStone Image Viewer 6.2 has a User Mode Write AV at 0x005cb509, triggered when the user opens a malformed JPEG file that is mishandled by FSViewer.exe.

6.8
2018-06-19 CVE-2018-12294 Webkit USE After Free vulnerability in Webkit Webkitgtk+

WebCore/platform/graphics/texmap/TextureMapperLayer.cpp in WebKit, as used in WebKitGTK+ prior to version 2.20.2, is vulnerable to a use after free for a WebCore::TextureMapperLayer object.

6.8
2018-06-19 CVE-2018-12293 Canonical
Webkitgtk
Wpewebkit
Integer Overflow OR Wraparound vulnerability in multiple products

The getImageData function in the ImageBufferCairo class in WebCore/platform/graphics/cairo/ImageBufferCairo.cpp in WebKit, as used in WebKitGTK+ prior to version 2.20.3 and WPE WebKit prior to version 2.20.1, is vulnerable to a heap-based buffer overflow triggered by an integer overflow, which could be abused by crafted HTML content.

6.8
2018-06-19 CVE-2018-11726 Libmobi Project Out-Of-Bounds Write vulnerability in Libmobi Project Libmobi 0.3

The mobi_decode_font_resource function in util.c in Libmobi 0.3 allows remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via a crafted mobi file.

6.8
2018-06-19 CVE-2018-11724 Libmobi Project Out-Of-Bounds Read vulnerability in Libmobi Project Libmobi 0.3

The mobi_pk1_decrypt function in encryption.c in Libmobi 0.3 allows remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via a crafted mobi file.

6.8
2018-06-19 CVE-2018-11526 Webtoffee Unspecified vulnerability in Webtoffee Wordpress Comments Import and Export

The plugin "WordPress Comments Import & Export" for WordPress (v2.0.4 and before) is vulnerable to CSV Injection.

6.8
2018-06-19 CVE-2018-11525 Algolplus Unspecified vulnerability in Algolplus Advanced Order Export

The plugin "Advanced Order Export For WooCommerce" for WordPress (v1.5.4 and before) is vulnerable to CSV Injection.

6.8
2018-06-19 CVE-2018-12582 Akcms Project Cross-Site Request Forgery (CSRF) vulnerability in Akcms Project Akcms 6.1

An issue was discovered in AKCMS 6.1.

6.8
2018-06-23 CVE-2018-12692 TP Link OS Command Injection vulnerability in Tp-Link Tl-Wa850Re Firmware

TP-Link TL-WA850RE Wi-Fi Range Extender with hardware version 5 allows remote authenticated users to execute arbitrary commands via shell metacharacters in the wps_setup_pin parameter to /data/wps.setup.json.

6.5
2018-06-22 CVE-2018-12538 Eclipse
Netapp
Session Fixation vulnerability in multiple products

In Eclipse Jetty versions 9.4.0 through 9.4.8, when using the optional Jetty provided FileSessionDataStore for persistent storage of HttpSession details, it is possible for a malicious user to access/hijack other HttpSessions and even delete unmatched HttpSessions present in the FileSystem's storage for the FileSessionDataStore.

6.5
2018-06-22 CVE-2018-12636 Ithemes SQL Injection vulnerability in Ithemes Security

The iThemes Security (better-wp-security) plugin before 7.0.3 for WordPress allows SQL Injection (by attackers with Admin privileges) via the logs page.

6.5
2018-06-21 CVE-2018-12613 Phpmyadmin Improper Authentication vulnerability in PHPmyadmin 4.8.0/4.8.0.1/4.8.1

An issue was discovered in phpMyAdmin 4.8.x before 4.8.2, in which an attacker can include (view and potentially execute) files on the server.

6.5
2018-06-20 CVE-2018-0330 Cisco OS Command Injection vulnerability in Cisco Nx-Os

A vulnerability in the NX-API management application programming interface (API) in devices running, or based on, Cisco NX-OS Software could allow an authenticated, remote attacker to execute commands with elevated privileges.

6.5
2018-06-20 CVE-2018-10841 Gluster Unspecified vulnerability in Gluster Glusterfs

glusterfs is vulnerable to privilege escalation on gluster server nodes.

6.5
2018-06-20 CVE-2018-5237 Symantec Unspecified vulnerability in Symantec Endpoint Protection

Symantec Endpoint Protection prior to 14 RU1 MP1 or 12.1 RU6 MP10 could be susceptible to a privilege escalation vulnerability, which is a type of issue that allows a user to gain elevated access to resources that are normally protected at lower access levels.

6.5
2018-06-19 CVE-2018-11116 Openwrt Incorrect Permission Assignment FOR Critical Resource vulnerability in Openwrt

** DISPUTED ** OpenWrt mishandles access control in /etc/config/rpcd and the /usr/share/rpcd/acl.d files, which allows remote authenticated users to call arbitrary methods (i.e., achieve ubus access over HTTP) that were only supposed to be accessible to a specific user, as demonstrated by the file, log, and service namespaces, potentially leading to remote Information Disclosure or Code Execution.

6.5
2018-06-19 CVE-2018-12565 Linaro
Debian
Improper Input Validation vulnerability in multiple products

An issue was discovered in Linaro LAVA before 2018.5.post1.

6.5
2018-06-19 CVE-2018-12561 Cantata Project Improper Input Validation vulnerability in Cantata Project Cantata

An issue was discovered in the cantata-mounter D-Bus service in Cantata through 2.3.1.

6.5
2018-06-19 CVE-2018-12559 Cantata Project Path Traversal vulnerability in Cantata Project Cantata

An issue was discovered in the cantata-mounter D-Bus service in Cantata through 2.3.1.

6.5
2018-06-24 CVE-2018-12713 Gimp Improper Input Validation vulnerability in Gimp

GIMP through 2.10.2 makes g_get_tmp_dir calls to establish temporary filenames, which may result in a filename that already exists, as demonstrated by the gimp_write_and_read_file function in app/tests/test-xcf.c.

6.4
2018-06-22 CVE-2018-12633 Linux Race Condition vulnerability in Linux Kernel

An issue was discovered in the Linux kernel through 4.17.2.

6.3
2018-06-21 CVE-2018-0331 Cisco Improper Input Validation vulnerability in Cisco Fxos and Nx-Os

A vulnerability in the Cisco Discovery Protocol (formerly known as CDP) subsystem of devices running, or based on, Cisco NX-OS Software contain a vulnerability that could allow an unauthenticated, adjacent attacker to create a denial of service (DoS) condition.

6.1
2018-06-22 CVE-2018-12684 Civetweb Project Information Exposure vulnerability in Civetweb Project Civetweb

Out-of-bounds Read in the send_ssi_file function in civetweb.c in CivetWeb through 1.10 allows attackers to cause a Denial of Service or Information Disclosure via a crafted SSI file.

5.8
2018-06-19 CVE-2018-12583 Akcms Project Cross-Site Request Forgery (CSRF) vulnerability in Akcms Project Akcms 6.1

An issue was discovered in AKCMS 6.1.

5.8
2018-06-18 CVE-2018-12530 Metinfo Path Traversal vulnerability in Metinfo 6.0.0

An issue was discovered in MetInfo 6.0.0.

5.8
2018-06-18 CVE-2018-1153 Portswigger Improper Certificate Validation vulnerability in Portswigger Burp Suite 1.7.32/1.7.33

Burp Suite Community Edition 1.7.32 and 1.7.33 fail to validate the server certificate in a couple of HTTPS requests which allows a man in the middle to modify or view traffic.

5.8
2018-06-23 CVE-2018-12700 GNU
Canonical
Infinite Loop vulnerability in multiple products

A Stack Exhaustion issue was discovered in debug_write_type in debug.c in GNU Binutils 2.30 because of DEBUG_KIND_INDIRECT infinite recursion.

5.0
2018-06-23 CVE-2018-12698 GNU
Canonical
demangle_template in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.30, allows attackers to trigger excessive memory consumption (aka OOM) during the "Create an array for saving the template argument values" XNEWVEC call.
5.0
2018-06-23 CVE-2018-12697 GNU
Canonical
Null Pointer Dereference vulnerability in multiple products

A NULL pointer dereference (aka SEGV on unknown address 0x000000000000) was discovered in work_stuff_copy_to_from in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.30.

5.0
2018-06-22 CVE-2018-12687 Tinyexr Project Reachable Assertion vulnerability in Tinyexr Project Tinyexr 0.9.5

tinyexr 0.9.5 has an assertion failure in DecodePixelData in tinyexr.h.

5.0
2018-06-22 CVE-2018-12649 Misp Improper Restriction of Excessive Authentication Attempts vulnerability in Misp 2.4.92

An issue was discovered in app/Controller/UsersController.php in MISP 2.4.92.

5.0
2018-06-22 CVE-2018-12642 Froxlor Incorrect Permission Assignment FOR Critical Resource vulnerability in Froxlor

Froxlor through 0.9.39.5 has Incorrect Access Control for tickets not owned by the current user.

5.0
2018-06-22 CVE-2018-12635 Circontrol Improper Input Validation vulnerability in Circontrol Scada 4.2.4

CirCarLife Scada v4.2.4 allows unauthorized upgrades via requests to the html/upgrade.html and services/system/firmware.upgrade URIs.

5.0
2018-06-22 CVE-2018-12634 Circontrol Information Exposure vulnerability in Circontrol Circarlife Scada

CirCarLife Scada before 4.3 allows remote attackers to obtain sensitive information via a direct request for the html/log or services/system/info.html URI.

5.0
2018-06-21 CVE-2018-12632 Redatam Information Exposure vulnerability in Redatam

Redatam7 (formerly Redatam WebServer) allows remote attackers to discover the installation path via an invalid LFN parameter to the /redbin/rpwebutilities.exe/text URI.

5.0
2018-06-21 CVE-2018-12631 Redatam Path Traversal vulnerability in Redatam

Redatam7 (formerly Redatam WebServer) allows remote attackers to read arbitrary files via /redbin/rpwebutilities.exe/text?LFN=../ directory traversal.

5.0
2018-06-21 CVE-2018-7683 Microfocus Information Exposure Through LOG Files vulnerability in Microfocus Solutions Business Manager

Micro Focus Solutions Business Manager versions prior to 11.4 might reveal certain sensitive information in server log files.

5.0
2018-06-21 CVE-2018-12617 Qemu
Canonical
Debian
Integer Overflow OR Wraparound vulnerability in multiple products

qmp_guest_file_read in qga/commands-posix.c and qga/commands-win32.c in qemu-ga (aka QEMU Guest Agent) in QEMU 2.12.50 has an integer overflow causing a g_malloc0() call to trigger a segmentation fault when trying to allocate a large memory chunk.

5.0
2018-06-21 CVE-2018-12615 Phusion Incorrect Permission Assignment FOR Critical Resource vulnerability in Phusion Passenger

An issue was discovered in switchGroup() in agent/ExecHelper/ExecHelperMain.cpp in Phusion Passenger before 5.3.2.

5.0
2018-06-21 CVE-2017-2669 Dovecot
Debian
Improper Input Validation vulnerability in multiple products

Dovecot before version 2.2.29 is vulnerable to a denial of service.

5.0
2018-06-21 CVE-2018-0358 Cisco Allocation of Resources Without Limits OR Throttling vulnerability in Cisco Telepresence Video Communication Server

A vulnerability in the file descriptor handling of Cisco TelePresence Video Communication Server (VCS) Expressway could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition.

5.0
2018-06-21 CVE-2018-0305 Cisco Null Pointer Dereference vulnerability in Cisco products

A vulnerability in the Cisco Fabric Services component of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on the affected device.

5.0
2018-06-20 CVE-2018-12604 Njtech Information Exposure Through LOG Files vulnerability in Njtech Greencms 2.3.0603

GreenCMS 2.3.0603 allows remote attackers to obtain sensitive information via a direct request for Data/Log/year_month_day.log.

5.0
2018-06-20 CVE-2018-12558 Email Algorithmic Complexity vulnerability in Email::Address Module Project Email::Address

The parse() method in the Email::Address module through 1.909 for Perl is vulnerable to Algorithmic complexity on specially prepared input, leading to Denial of Service.

5.0
2018-06-20 CVE-2018-12594 Reliablecontrols Information Exposure vulnerability in Reliablecontrols Mach-Prowebcom Firmware 7.80

Reliable Controls MACH-ProWebCom 7.80 devices allow remote attackers to obtain sensitive information via a direct request for the data/fileinfo.xml or job/job.json file, as demonstrated the Master Password field.

5.0
2018-06-20 CVE-2018-12592 Polycom Information Exposure vulnerability in Polycom Realpresence web Suite

Polycom RealPresence Web Suite before 2.2.0 does not block a user's video for a few seconds upon joining a meeting (when the user has explicitly chosen to turn off the video using a specific option).

5.0
2018-06-20 CVE-2018-8030 Apache Improper Input Validation vulnerability in Apache Qpid Broker-J

A Denial of Service vulnerability was found in Apache Qpid Broker-J versions 7.0.0-7.0.4 when AMQP protocols 0-8, 0-9 or 0-91 are used to publish messages with size greater than allowed maximum message size limit (100MB by default).

5.0
2018-06-20 CVE-2018-1117 Ovirt
Redhat
ovirt-ansible-roles before version 1.0.6 has a vulnerability due to a missing no_log directive, resulting in the 'Add oVirt Provider to ManageIQ/CloudForms' playbook inadvertently disclosing admin passwords in the provisioning log.
5.0
2018-06-19 CVE-2018-10945 Cesanta Null Pointer Dereference vulnerability in Cesanta Mongoose 6.11

The mg_handle_cgi function in mongoose.c in Mongoose 6.11 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash, or NULL pointer dereference) via an HTTP request, related to the mbuf_insert function.

5.0
2018-06-19 CVE-2018-10811 Strongswan
Debian
Canonical
Fedoraproject
Missing Initialization of Resource vulnerability in multiple products

strongSwan 5.6.0 and older allows Remote Denial of Service because of Missing Initialization of a Variable.

5.0
2018-06-19 CVE-2018-8727 Mirasys Path Traversal vulnerability in Mirasys Dvms Workstation 5.12.6

Path Traversal in Gateway in Mirasys DVMS Workstation 5.12.6 and earlier allows an attacker to traverse the file system to access files or directories via the Web Client webserver.

5.0
2018-06-19 CVE-2018-1073 Ovirt
Redhat
Information Exposure vulnerability in multiple products

The web console login form in ovirt-engine before version 4.2.3 returned different errors for non-existent users and invalid passwords, allowing an attacker to discover the names of valid user accounts.

5.0
2018-06-19 CVE-2018-1061 Python
Debian
Redhat
Canonical
Fedoraproject
python before versions 2.7.15, 3.4.9, 3.5.6rc1, 3.6.5rc1 and 3.7.0 is vulnerable to catastrophic backtracking in the difflib.IS_LINE_JUNK method.
5.0
2018-06-19 CVE-2018-12557 Zuul CI Information Exposure vulnerability in Zuul-Ci Zuul

An issue was discovered in Zuul 3.x before 3.1.0.

5.0
2018-06-18 CVE-2018-9028 Broadcom Inadequate Encryption Strength vulnerability in Broadcom Privileged Access Manager

Weak cryptography used for passwords in CA Privileged Access Manager 2.x reduces the complexity for password cracking.

5.0
2018-06-18 CVE-2018-9026 Broadcom Session Fixation vulnerability in Broadcom Privileged Access Manager

A session fixation vulnerability in CA Privileged Access Manager 2.x allows remote attackers to hijack user sessions with a specially crafted request.

5.0
2018-06-18 CVE-2018-9025 Broadcom Improper Input Validation vulnerability in Broadcom Privileged Access Manager

An input validation vulnerability in CA Privileged Access Manager 2.x allows remote attackers to poison log files with specially crafted input.

5.0
2018-06-18 CVE-2018-9024 Broadcom Improper Authentication vulnerability in Broadcom Privileged Access Manager

An improper authentication vulnerability in CA Privileged Access Manager 2.x allows attackers to spoof IP addresses in a log file.

5.0
2018-06-18 CVE-2018-1333 Apache
Redhat
Canonical
Netapp
Resource Exhaustion vulnerability in multiple products

By specially crafting HTTP/2 requests, workers would be allocated 60 seconds longer than necessary, leading to worker exhaustion and a denial of service.

5.0
2018-06-18 CVE-2018-1090 Pulpproject
Fedoraproject
Redhat
Information Exposure vulnerability in multiple products

In Pulp before version 2.16.2, secrets are passed into override_config when triggering a task and then become readable to all users with read access on the distributor/importer.

5.0
2018-06-18 CVE-2018-1060 Python
Fedoraproject
Canonical
Redhat
Debian
python before versions 2.7.15, 3.4.9, 3.5.6rc1, 3.6.5rc1 and 3.7.0 is vulnerable to catastrophic backtracking in pop3lib's apop() method.
5.0
2018-06-18 CVE-2018-12525 Perfsonar Information Exposure vulnerability in Perfsonar Monitoring and Debugging Dashboard 2.0.2

An issue was discovered in perfSONAR Monitoring and Debugging Dashboard (MaDDash) 2.0.2.

5.0
2018-06-18 CVE-2018-12524 Perfsonar Information Exposure vulnerability in Perfsonar Monitoring and Debugging Dashboard 2.0.2

An issue was discovered in perfSONAR Monitoring and Debugging Dashboard (MaDDash) 2.0.2.

5.0
2018-06-18 CVE-2018-12523 Perfsonar Information Exposure vulnerability in Perfsonar Monitoring and Debugging Dashboard 2.0.2

An issue was discovered in perfSONAR Monitoring and Debugging Dashboard (MaDDash) 2.0.2.

5.0
2018-06-18 CVE-2018-12522 Perfsonar Information Exposure vulnerability in Perfsonar Monitoring and Debugging Dashboard 2.0.2

An issue was discovered in perfSONAR Monitoring and Debugging Dashboard (MaDDash) 2.0.2.

5.0
2018-06-21 CVE-2016-10723 Linux Resource Management Errors vulnerability in Linux Kernel

** DISPUTED ** An issue was discovered in the Linux kernel through 4.17.2.

4.9
2018-06-21 CVE-2018-0373 Cisco
Microsoft
Improper Input Validation vulnerability in Cisco Anyconnect Secure Mobility Client

A vulnerability in vpnva-6.sys for 32-bit Windows and vpnva64-6.sys for 64-bit Windows of Cisco AnyConnect Secure Mobility Client for Windows Desktop could allow an authenticated, local attacker to cause a denial of service (DoS) condition on an affected system.

4.9
2018-06-21 CVE-2018-3665 Intel
Citrix
Canonical
Debian
Freebsd
Redhat
Information Exposure vulnerability in multiple products

System software utilizing Lazy FP state restore technique on systems using Intel Core-based microprocessors may potentially allow a local process to infer data from another process through a speculative execution side channel.

4.7
2018-06-21 CVE-2018-0362 Cisco Improper Authentication vulnerability in Cisco products

A vulnerability in BIOS authentication management of Cisco 5000 Series Enterprise Network Compute System and Cisco Unified Computing (UCS) E-Series Servers could allow an unauthenticated, local attacker to bypass the BIOS authentication and execute actions as an unprivileged user.

4.6
2018-06-24 CVE-2018-12705 Digisol Cross-Site Scripting vulnerability in Digisol Dg-Br4000Ng Firmware

DIGISOL DG-BR4000NG devices have XSS via the SSID (it is validated only on the client side).

4.3
2018-06-23 CVE-2018-12696 Mao10 Cross-Site Scripting vulnerability in Mao10 Mao10Cms 6.0

mao10cms 6 allows XSS via the article page.

4.3
2018-06-23 CVE-2018-12695 Mao10 Cross-Site Scripting vulnerability in Mao10 Mao10Cms 6.0

mao10cms 6 allows XSS via the m=bbs&a=index page.

4.3
2018-06-22 CVE-2018-12658 Slims Project Cross-Site Scripting vulnerability in Slims Project Slims 8.3.1

Reflected Cross-Site Scripting (XSS) exists in the Stock Take module in SLiMS 8 Akasia 8.3.1 via an admin/modules/stock_take/index.php?keywords= URI.

4.3
2018-06-22 CVE-2018-12657 Slims Akasia Project Cross-Site Scripting vulnerability in Slims Akasia Project Slims Akasia 8.3.1

Reflected Cross-Site Scripting (XSS) exists in the Master File module in SLiMS 8 Akasia 8.3.1 via an admin/modules/master_file/rda_cmc.php?keywords= URI.

4.3
2018-06-22 CVE-2018-12656 Slims Akasia Project Cross-Site Scripting vulnerability in Slims Akasia Project Slims Akasia 8.3.1

Reflected Cross-Site Scripting (XSS) exists in the Membership module in SLiMS 8 Akasia 8.3.1 via an admin/modules/membership/index.php?keywords= URI.

4.3
2018-06-22 CVE-2018-12655 Slims Akasia Project Cross-Site Scripting vulnerability in Slims Akasia Project Slims Akasia 8.3.1

Reflected Cross-Site Scripting (XSS) exists in the Circulation module in SLiMS 8 Akasia 8.3.1 via an admin/modules/circulation/loan_rules.php?keywords= URI, a related issue to CVE-2017-7242.

4.3
2018-06-22 CVE-2018-12654 Slims Akasia Project Cross-Site Scripting vulnerability in Slims Akasia Project Slims Akasia 8.3.1

Reflected Cross-Site Scripting (XSS) exists in the Bibliography module in SLiMS 8 Akasia 8.3.1 via an admin/modules/bibliography/index.php?keywords= URI.

4.3
2018-06-22 CVE-2018-12648 Exempi Project Null Pointer Dereference vulnerability in Exempi Project Exempi 2.4.5

The WEBP::GetLE32 function in XMPFiles/source/FormatSupport/WEBP_Support.hpp in Exempi 2.4.5 has a NULL pointer dereference.

4.3
2018-06-22 CVE-2017-2668 Fedoraproject
Redhat
Null Pointer Dereference vulnerability in multiple products

389-ds-base before versions 1.3.5.17 and 1.3.6.10 is vulnerable to an invalid pointer dereference in the way LDAP bind requests are handled.

4.3
2018-06-22 CVE-2018-12641 GNU Resource Exhaustion vulnerability in GNU Binutils 2.30

An issue was discovered in arm_pt in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.30.

4.3
2018-06-21 CVE-2018-12581 Phpmyadmin Cross-Site Scripting vulnerability in PHPmyadmin

An issue was discovered in js/designer/move.js in phpMyAdmin before 4.8.2.

4.3
2018-06-21 CVE-2018-7680 Microfocus Cross-Site Scripting vulnerability in Microfocus Solutions Business Manager

Micro Focus Solutions Business Manager versions prior to 11.4 can reflect back HTTP header values.

4.3
2018-06-21 CVE-2018-1254 EMC Cross-Site Scripting vulnerability in EMC RSA Authentication Manager 8.0/8.3

RSA Authentication Manager Security Console, versions 8.3 P1 and earlier, contains a reflected cross-site scripting vulnerability.

4.3
2018-06-21 CVE-2018-1253 EMC Cross-Site Scripting vulnerability in EMC RSA Authentication Manager

RSA Authentication Manager Operation Console, versions 8.3 P1 and earlier, contains a stored cross-site scripting vulnerability.

4.3
2018-06-21 CVE-2017-13072 Qnap Cross-Site Scripting vulnerability in Qnap QTS 4.2.6/4.3.3/4.3.4

Cross-site scripting (XSS) vulnerability in App Center in QNAP QTS 4.2.6 build 20171208, QTS 4.3.3 build 20171213, QTS 4.3.4 build 20171223, and their earlier versions could allow remote attackers to inject Javascript code.

4.3
2018-06-20 CVE-2018-6212 D Link Cross-Site Scripting vulnerability in D-Link Dir-620 Firmware

On D-Link DIR-620 devices with a certain customized (by ISP) variant of firmware 1.0.3, 1.0.37, 1.3.1, 1.3.3, 1.3.7, 1.4.0, and 2.0.22, a reflected Cross-Site Scripting (XSS) attack is possible as a result of missed filtration for special characters in the "Search" field and incorrect processing of the XMLHttpRequest object.

4.3
2018-06-19 CVE-2018-12588 Public Knowledge Project Cross-Site Scripting vulnerability in Public Knowledge Project Open Monograph Press

Cross-site scripting (XSS) vulnerability in templates/frontend/pages/searchResults.tpl in Public Knowledge Project (PKP) Open Monograph Press (OMP) v1.2.0 through 3.1.1-2 before 3.1.1-3 allows remote attackers to inject arbitrary web script or HTML via the catalog.noTitlesSearch parameter (aka the Search field).

4.3
2018-06-19 CVE-2018-11725 Libmobi Project Out-Of-Bounds Read vulnerability in Libmobi Project Libmobi 0.3

The mobi_parse_index_entry function in index.c in Libmobi 0.3 allows remote attackers to cause an information disclosure (heap-based buffer over-read) via a crafted mobi file.

4.3
2018-06-19 CVE-2018-11537 Auth0 Improper Input Validation vulnerability in Auth0 Angular-Jwt

Auth0 angular-jwt before 0.1.10 treats whiteListedDomains entries as regular expressions, which allows remote attackers with knowledge of the jwtInterceptorProvider.whiteListedDomains setting to bypass the domain whitelist filter via a crafted domain.

4.3
2018-06-19 CVE-2018-12580 Dragonbyte Tech Cross-Site Scripting vulnerability in Dragonbyte-Tech Vbsecurity

library/DBTech/Security/Action/Sessions.php in DragonByte vBSecurity 3.x through 3.3.0 for vBulletin 3 and vBulletin 4 allows self-XSS via $session['user_agent'] in the "Login Sessions" feature.

4.3
2018-06-18 CVE-2018-9027 CA Cross-Site Scripting vulnerability in CA Privileged Access Manager 2.0

A reflected cross-site scripting vulnerability in CA Privileged Access Manager 2.x allows remote attackers to execute malicious script with a specially crafted link.

4.3
2018-06-18 CVE-2018-1152 Libjpeg Turbo
Canonical
Debian
Divide BY Zero vulnerability in multiple products

libjpeg-turbo 1.5.90 is vulnerable to a denial of service vulnerability caused by a divide by zero when processing a crafted BMP image.

4.3
2018-06-22 CVE-2018-7682 Microfocus Information Exposure Through LOG Files vulnerability in Microfocus Solutions Business Manager

Micro Focus Solutions Business Manager versions prior to 11.4 allows a user to invoke SBM RESTful services across domains.

4.0
2018-06-21 CVE-2017-2672 Theforeman
Redhat
Improper Privilege Management vulnerability in multiple products

A flaw was found in foreman before version 1.15 in the logging of adding and registering images.

4.0
2018-06-19 CVE-2018-12519 Codenx Unrestricted Upload of File With Dangerous Type vulnerability in Codenx Shopnx

An issue was discovered in ShopNx through 2017-11-17.

4.0
2018-06-19 CVE-2018-12564 Linaro
Debian
Improper Input Validation vulnerability in multiple products

An issue was discovered in Linaro LAVA before 2018.5.post1.

4.0
2018-06-19 CVE-2018-12563 Linaro Improper Input Validation vulnerability in Linaro Lava

An issue was discovered in Linaro LAVA before 2018.5.post1.

4.0
2018-06-19 CVE-2018-12560 Cantata Project Path Traversal vulnerability in Cantata Project Cantata

An issue was discovered in the cantata-mounter D-Bus service in Cantata through 2.3.1.

4.0

18 Low Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2018-06-22 CVE-2017-7568 Netapp Information Exposure vulnerability in Netapp Oncommand Unified Manager 5.1/5.2.1/5.2.2

NetApp OnCommand Unified Manager for 7-Mode (core package) versions prior to 5.2.3 may disclose sensitive LDAP account information to authenticated users when the LDAP authentication configuration is tested via the user interface.

3.5
2018-06-21 CVE-2018-7681 Microfocus Cross-Site Scripting vulnerability in Microfocus Solutions Business Manager

Micro Focus Solutions Business Manager versions prior to 11.4 allows JavaScript to be embedded in URLs placed in "Favorites" folder.

3.5
2018-06-20 CVE-2018-5236 Symantec Race Condition vulnerability in Symantec Endpoint Protection

Symantec Endpoint Protection prior to 14 RU1 MP1 or 12.1 RU6 MP10 may be susceptible to a race condition (or race hazard).

3.5
2018-06-20 CVE-2018-9036 Checksec Cross-Site Scripting vulnerability in Checksec Canopy 3.0.0/3.0.6

CheckSec Canopy 3.x before 3.0.7 has stored XSS via the Login Page Disclaimer, allowing attacks by low-privileged users against higher-privileged users.

3.5
2018-06-20 CVE-2018-1120 Linux
Redhat
Debian
Canonical
Buffer Errors vulnerability in Linux Kernel

A flaw was found affecting the Linux kernel before version 4.17.

3.5
2018-06-20 CVE-2018-12446 Dropbox Improper Authentication vulnerability in Dropbox 98.2.2

** DISPUTED ** An issue was discovered in the com.dropbox.android application 98.2.2 for Android.

3.3
2018-06-20 CVE-2018-12445 Dropbox Improper Authentication vulnerability in Dropbox 98.2.2

** DISPUTED ** An issue was discovered in the com.dropbox.android application 98.2.2 for Android.

3.3
2018-06-22 CVE-2018-1655 IBM Information Exposure vulnerability in IBM AIX

IBM AIX 5.3, 6.1, 7.1, and 7.2 contains a vulnerability in the rmsock command that may be used to expose kernel memory.

2.1
2018-06-21 CVE-2018-0359 Cisco Session Fixation vulnerability in Cisco Meeting Server 2.3.0

A vulnerability in the session identification management functionality of the web-based management interface for Cisco Meeting Server could allow an unauthenticated, local attacker to hijack a valid user session identifier, aka Session Fixation.

2.1
2018-06-19 CVE-2018-12098 Liblnk Project Information Exposure vulnerability in Liblnk Project Liblnk 20171101/20180419

** DISPUTED ** The liblnk_data_block_read function in liblnk_data_block.c in liblnk through 2018-04-19 allows remote attackers to cause an information disclosure (heap-based buffer over-read) via a crafted lnk file.

1.9
2018-06-19 CVE-2018-12097 Liblnk Project Information Exposure vulnerability in Liblnk Project Liblnk 20171101/20180419

** DISPUTED ** The liblnk_location_information_read_data function in liblnk_location_information.c in liblnk through 2018-04-19 allows remote attackers to cause an information disclosure (heap-based buffer over-read) via a crafted lnk file.

1.9
2018-06-19 CVE-2018-12096 Liblnk Project Out-Of-Bounds Read vulnerability in Liblnk Project Liblnk 20171101/20180419

** DISPUTED ** The liblnk_data_string_get_utf8_string_size function in liblnk_data_string.c in liblnk through 2018-04-19 allows remote attackers to cause an information disclosure (heap-based buffer over-read) via a crafted lnk file.

1.9
2018-06-19 CVE-2018-11731 Libfsntfs Project Information Exposure vulnerability in Libfsntfs Project Libfsntfs 20180420

** DISPUTED ** The libfsntfs_mft_entry_read_attributes function in libfsntfs_mft_entry.c in libfsntfs through 2018-04-20 allows remote attackers to cause an information disclosure (heap-based buffer over-read) via a crafted ntfs file.

1.9
2018-06-19 CVE-2018-11730 Libfsntfs Project Double Free vulnerability in Libfsntfs Project Libfsntfs 20180420

** DISPUTED ** The libfsntfs_security_descriptor_values_free function in libfsntfs_security_descriptor_values.c in libfsntfs through 2018-04-20 allows remote attackers to cause a denial of service (double-free) via a crafted ntfs file.

1.9
2018-06-19 CVE-2018-11729 Libfsntfs Project Information Exposure vulnerability in Libfsntfs Project Libfsntfs 20180420

** DISPUTED ** The libfsntfs_mft_entry_read_header function in libfsntfs_mft_entry.c in libfsntfs through 2018-04-20 allows remote attackers to cause an information disclosure (heap-based buffer over-read) via a crafted ntfs file.

1.9
2018-06-19 CVE-2018-11728 Libfsntfs Project Information Exposure vulnerability in Libfsntfs Project Libfsntfs 20180420

** DISPUTED ** The libfsntfs_reparse_point_values_read_data function in libfsntfs_reparse_point_values.c in libfsntfs through 2018-04-20 allows remote attackers to cause an information disclosure (heap-based buffer over-read) via a crafted ntfs file.

1.9
2018-06-19 CVE-2018-11727 Libfsntfs Project Information Exposure vulnerability in Libfsntfs Project Libfsntfs 20180420

** DISPUTED ** The libfsntfs_attribute_read_from_mft function in libfsntfs_attribute.c in libfsntfs through 2018-04-20 allows remote attackers to cause an information disclosure (heap-based buffer over-read) via a crafted ntfs file.

1.9
2018-06-19 CVE-2018-11723 Libpff Project Out-Of-Bounds Read vulnerability in Libpff Project Libpff 20161119/20180428

** DISPUTED ** The libpff_name_to_id_map_entry_read function in libpff_name_to_id_map.c in libyal libpff through 2018-04-28 allows remote attackers to cause an information disclosure (heap-based buffer over-read) via a crafted pff file.

1.9