Weekly Vulnerabilities Reports > June 25 to July 1, 2018

Overview

273 new vulnerabilities reported during this period, including 16 critical vulnerabilities and 44 high severity vulnerabilities. This weekly summary report vulnerabilities in 1078 products from 161 vendors including Debian, Canonical, Jenkins, Microsoft, and Cybozu. Vulnerabilities are notably categorized as "Cross-site Scripting", "Information Exposure", "Improper Input Validation", "Untrusted Search Path", and "Cross-Site Request Forgery (CSRF)".

  • 262 reported vulnerabilities are remotely exploitables.
  • 19 reported vulnerabilities have public exploit available.
  • 90 reported vulnerabilities are related to weaknesses in OWASP Top Ten.
  • 210 reported vulnerabilities are exploitable by an anonymous user.
  • Debian has the most reported vulnerabilities, with 15 reported vulnerabilities.
  • Siemens has the most reported critical vulnerabilities, with 3 reported vulnerabilities.

TOTAL
VULNERABILITIES
CRITICAL RISK
VULNERABILITIES
HIGH RISK
VULNERABILITIES
MEDIUM RISK
VULNERABILITIES
LOW RISK
VULNERABILITIES
REMOTELY
EXPLOITABLE
LOCALLY
EXPLOITABLE
EXPLOIT
AVAILABLE
EXPLOITABLE
ANONYMOUSLY
AFFECTING
WEB APPLICATION

Vulnerability Details

The following table list reported vulnerabilities for the period covered by this report:

Expand/Hide

16 Critical Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2018-06-28 CVE-2018-12925 Lantronix Weak Password Requirements vulnerability in Lantronix MSS Firmware

Baseon Lantronix MSS devices do not require a password for TELNET access.

10.0
2018-06-28 CVE-2018-12924 Eztcp USE of Hard-Coded Credentials vulnerability in Eztcp products

Sollae Serial-Ethernet-Module and Remote-I/O-Device-Server devices have a default password of sollae for the TELNET service.

10.0
2018-06-27 CVE-2018-5435 Tibco Unspecified vulnerability in Tibco products

The TIBCO Spotfire Client and TIBCO Spotfire Web Player Client components of TIBCO Software Inc.'s TIBCO Spotfire Analyst, TIBCO Spotfire Analytics Platform for AWS Marketplace, TIBCO Spotfire Deployment Kit, TIBCO Spotfire Desktop, and TIBCO Spotfire Desktop Language Packs contain multiple vulnerabilities that may allow for remote code execution.

10.0
2018-06-26 CVE-2018-4846 Siemens USE of Hard-Coded Credentials vulnerability in Siemens products

A vulnerability has been identified in RAPIDLab 1200 systems / RAPIDPoint 400 systems / RAPIDPoint 500 systems (All versions_without_ use of Siemens Healthineers Informatics products), RAPIDLab 1200 Series (All versions < V3.3 _with_ Siemens Healthineers Informatics products), RAPIDPoint 500 systems (All versions >= V3.0 _with_ Siemens Healthineers Informatics products), RAPIDPoint 500 systems (V2.4.X_with_ Siemens Healthineers Informatics products), RAPIDPoint 500 systems (All versions =< V2.3 _with_ Siemens Healthineers Informatics products), RAPIDPoint 400 systems (All versions _with_ Siemens Healthineers Informatics products).

10.0
2018-06-26 CVE-2018-10662 Axis Unspecified vulnerability in Axis products

An issue was discovered in multiple models of Axis IP Cameras.

10.0
2018-06-26 CVE-2018-10661 Axis Unspecified vulnerability in Axis products

An issue was discovered in multiple models of Axis IP Cameras.

10.0
2018-06-26 CVE-2018-10660 Axis OS Command Injection vulnerability in Axis products

An issue was discovered in multiple models of Axis IP Cameras.

10.0
2018-06-26 CVE-2018-0601 Axpdfium Project Untrusted Search Path vulnerability in Axpdfium Project Axpdfium 0.01

Untrusted search path vulnerability in axpdfium v0.01 allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.

9.3
2018-06-26 CVE-2018-0599 Microsoft Untrusted Search Path vulnerability in Microsoft Windows

Untrusted search path vulnerability in the installer of Visual C++ Redistributable allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.

9.3
2018-06-26 CVE-2018-0598 Microsoft Untrusted Search Path vulnerability in Microsoft Windows

Untrusted search path vulnerability in Self-extracting archive files created by IExpress bundled with Microsoft Windows allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.

9.3
2018-06-26 CVE-2018-0563 NTT East Untrusted Search Path vulnerability in Ntt-East products

Untrusted search path vulnerability in the installer of FLET'S VIRUS CLEAR Easy Setup & Application Tool ver.13.0 and earlier versions and FLET'S VIRUS CLEAR v6 Easy Setup & Application Tool ver.13.0 and earlier versions allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.

9.3
2018-06-29 CVE-2018-13021 Hongcms Project Unrestricted Upload of File With Dangerous Type vulnerability in Hongcms Project Hongcms 3.0.0

An issue was discovered in HongCMS 3.0.0.

9.0
2018-06-29 CVE-2018-12465 Microfocus OS Command Injection vulnerability in Microfocus Secure Messaging Gateway

An OS command injection vulnerability in the web administration component of Micro Focus Secure Messaging Gateway (SMG) allows a remote attacker authenticated as a privileged user to execute arbitrary OS commands on the SMG server.

9.0
2018-06-26 CVE-2018-4860 Siemens OS Command Injection vulnerability in Siemens Scalance M875 Firmware

A vulnerability has been identified in SCALANCE M875 (All versions).

9.0
2018-06-26 CVE-2018-4859 Siemens OS Command Injection vulnerability in Siemens Scalance M875 Firmware

A vulnerability has been identified in SCALANCE M875 (All versions).

9.0
2018-06-26 CVE-2018-1000504 Redirection Open Redirect vulnerability in Redirection 2.7.3

Redirection version 2.7.3 contains a ACE via file inclusion vulnerability in Pass-through mode that can result in allows admins to execute any PHP file in the filesystem.

9.0

44 High Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2018-06-27 CVE-2018-5527 F5 Missing Release of Resource After Effective Lifetime vulnerability in F5 products

On BIG-IP 13.1.0-13.1.0.7, a remote attacker using undisclosed methods against virtual servers configured with a Client SSL or Server SSL profile that has the SSL Forward Proxy feature enabled can force the Traffic Management Microkernel (tmm) to leak memory.

7.8
2018-06-27 CVE-2018-12909 Webgrind Project Path Traversal vulnerability in Webgrind Project Webgrind 1.5.0

** DISPUTED ** Webgrind 1.5 relies on user input to display a file, which lets anyone view files from the local filesystem (that the webserver user has access to) via an index.php?op=fileviewer&file= URI.

7.8
2018-06-25 CVE-2017-9312 Rockwellautomation Improper Input Validation vulnerability in Rockwellautomation Allen-Bradley L30Erms Firmware

Improperly implemented option-field processing in the TCP/IP stack on Allen-Bradley L30ERMS safety devices v30 and earlier causes a denial of service.

7.8
2018-07-01 CVE-2018-13043 Debian
Canonical
Code Injection vulnerability in multiple products

scripts/grep-excuses.pl in Debian devscripts through 2.18.3 allows code execution through unsafe YAML loading because YAML::Syck is used without a configuration that prevents unintended blessing.

7.5
2018-07-01 CVE-2018-13038 Opensid Unrestricted Upload of File With Dangerous Type vulnerability in Opensid 18.06Pasca

OpenSID 18.06-pasca has an Unrestricted File Upload vulnerability via an Attachment Document in the article feature.

7.5
2018-06-30 CVE-2018-13026 Gopro Out-Of-Bounds Read vulnerability in Gopro Gpmf-Parser 1.1.2

An issue was discovered in gpmf-parser 1.1.2.

7.5
2018-06-29 CVE-2018-12464 Microfocus SQL Injection vulnerability in Microfocus Secure Messaging Gateway

A SQL injection vulnerability in the web administration and quarantine components of Micro Focus Secure Messaging Gateway allows an unauthenticated remote attacker to execute arbitrary SQL statements against the database.

7.5
2018-06-29 CVE-2018-13011 Gopro Out-Of-Bounds Read vulnerability in Gopro Gpmf-Parser 1.1.2

An issue was discovered in gpmf-parser 1.1.2.

7.5
2018-06-29 CVE-2018-13009 Gopro Out-Of-Bounds Read vulnerability in Gopro Gpmf-Parser 1.1.2

An issue was discovered in gpmf-parser 1.1.2.

7.5
2018-06-29 CVE-2018-13008 Gopro Out-Of-Bounds Read vulnerability in Gopro Gpmf-Parser 1.1.2

An issue was discovered in gpmf-parser 1.1.2.

7.5
2018-06-29 CVE-2018-13007 Gopro Out-Of-Bounds Read vulnerability in Gopro Gpmf-Parser 1.1.2

An issue was discovered in gpmf-parser 1.1.2.

7.5
2018-06-29 CVE-2018-13006 Debian
Gpac
Canonical
Out-Of-Bounds Read vulnerability in multiple products

An issue was discovered in MP4Box in GPAC 0.7.1.

7.5
2018-06-29 CVE-2018-13005 Debian
Gpac
Canonical
Out-Of-Bounds Read vulnerability in multiple products

An issue was discovered in MP4Box in GPAC 0.7.1.

7.5
2018-06-29 CVE-2018-12984 Hycus CMS Project Improper Authentication vulnerability in Hycus CMS Project Hycus CMS 1.0.4

Hycus CMS 1.0.4 allows Authentication Bypass via "'=' 'OR'" credentials.

7.5
2018-06-29 CVE-2018-12972 Opentsdb OS Command Injection vulnerability in Opentsdb 2.3.0

An issue was discovered in OpenTSDB 2.3.0.

7.5
2018-06-28 CVE-2018-8016 Apache Missing Authentication FOR Critical Function vulnerability in Apache Cassandra 3.11.1/3.8

The default configuration in Apache Cassandra 3.8 through 3.11.1 binds an unauthenticated JMX/RMI interface to all network interfaces, which allows remote attackers to execute arbitrary Java code via an RMI request.

7.5
2018-06-28 CVE-2018-12933 Winehq Out-Of-Bounds Write vulnerability in Winehq Wine 3.7

PlayEnhMetaFileRecord in enhmetafile.c in Wine 3.7 allows attackers to cause a denial of service (out-of-bounds write) or possibly have unspecified other impact because the attacker controls the pCreatePen->ihPen array index.

7.5
2018-06-28 CVE-2018-12932 Winehq Out-Of-Bounds Write vulnerability in Winehq Wine 3.7

PlayEnhMetaFileRecord in enhmetafile.c in Wine 3.7 allows attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact by triggering a large pAlphaBlend->cbBitsSrc value.

7.5
2018-06-27 CVE-2018-1457 IBM Unspecified vulnerability in IBM Rational Doors

An undisclosed vulnerability in IBM Rational DOORS 9.5.1 through 9.6.1.10 application allows an attacker to gain DOORS administrator privileges.

7.5
2018-06-27 CVE-2018-12918 PBC Project Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in PBC Project PBC

In libpbc.a in PBC through 2017-03-02, there is a Segmentation fault in _pbcB_register_fields in bootstrap.c.

7.5
2018-06-27 CVE-2018-12917 PBC Project Out-Of-Bounds Read vulnerability in PBC Project PBC

In libpbc.a in PBC through 2017-03-02, there is a heap-based buffer over-read in _pbcM_ip_new in map.c.

7.5
2018-06-27 CVE-2018-12916 PBC Project Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in PBC Project PBC

In libpbc.a in PBC through 2017-03-02, there is a Segmentation fault in _pbcP_message_default in proto.c.

7.5
2018-06-27 CVE-2018-12915 PBC Project Out-Of-Bounds Read vulnerability in PBC Project PBC

In libpbc.a in PBC through 2017-03-02, there is a buffer over-read in calc_hash in map.c.

7.5
2018-06-27 CVE-2018-12914 Publiccms Unrestricted Upload of File With Dangerous Type vulnerability in Publiccms 4.0.20180210

A remote code execution issue was discovered in PublicCMS V4.0.20180210.

7.5
2018-06-27 CVE-2017-7465 Redhat Code Injection vulnerability in Redhat Jboss Enterprise Application Platform 7.0.0

It was found that the JAXP implementation used in JBoss EAP 7.0 for XSLT processing is vulnerable to code injection.

7.5
2018-06-27 CVE-2017-18342 Pyyaml Project Improper Input Validation vulnerability in Pyyaml

In PyYAML before 5.1, the yaml.load() API could execute arbitrary code if used with untrusted data.

7.5
2018-06-26 CVE-2018-10594 Deltaww Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Deltaww Commgr

Delta Industrial Automation COMMGR from Delta Electronics versions 1.08 and prior with accompanying PLC Simulators (DVPSimulator EH2, EH3, ES2, SE, SS2 and AHSIM_5x0, AHSIM_5x1) utilize a fixed-length stack buffer where an unverified length value can be read from the network packets via a specific network port, causing the buffer to be overwritten.

7.5
2018-06-26 CVE-2018-6667 Mcafee Improper Authentication vulnerability in Mcafee web Gateway

Authentication Bypass vulnerability in the administrative user interface in McAfee Web Gateway 7.8.1.0 through 7.8.1.5 allows remote attackers to execute arbitrary code via Java management extensions (JMX).

7.5
2018-06-26 CVE-2017-7658 Eclipse
Debian
Oracle
HP
Netapp
Http Request Smuggling vulnerability in multiple products

In Eclipse Jetty Server, versions 9.2.x and older, 9.3.x (all non HTTP/1.x configurations), and 9.4.x (all HTTP/1.x configurations), when presented with two content-lengths headers, Jetty ignored the second.

7.5
2018-06-26 CVE-2018-1000550 Sympa
Debian
Path Traversal vulnerability in multiple products

The Sympa Community Sympa version prior to version 6.2.32 contains a Directory Traversal vulnerability in wwsympa.fcgi template editing function that can result in Possibility to create or modify files on the server filesystem.

7.5
2018-06-26 CVE-2018-1000544 Rubyzip Project
Debian
Redhat
Unrestricted Upload of File With Dangerous Type vulnerability in multiple products

rubyzip gem rubyzip version 1.2.1 and earlier contains a Directory Traversal vulnerability in Zip::File component that can result in write arbitrary files to the filesystem.

7.5
2018-06-26 CVE-2018-1000537 Marlinfw Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Marlinfw Marlin Firmware

Marlin Firmware Marlin version 1.1.x and earlier contains a Buffer Overflow vulnerability in cardreader.cpp (Depending on branch/version) that can result in Arbitrary code execution.

7.5
2018-06-26 CVE-2018-1000533 Gitlist Improper Input Validation vulnerability in Gitlist

klaussilveira GitList version <= 0.6 contains a Passing incorrectly sanitized input to system function vulnerability in `searchTree` function that can result in Execute any code as PHP user.

7.5
2018-06-26 CVE-2018-1000525 Openpsa2 Deserialization of Untrusted Data vulnerability in Openpsa2 Openpsa

openpsa contains a PHP Object Injection vulnerability in Form data passed as GET request variables that can result in Possible information disclosure and remote code execution.

7.5
2018-06-26 CVE-2018-1000517 Busybox
Debian
Canonical
Classic Buffer Overflow vulnerability in multiple products

BusyBox project BusyBox wget version prior to commit 8e2174e9bd836e53c8b9c6e00d1bc6e2a718686e contains a Buffer Overflow vulnerability in Busybox wget that can result in heap buffer overflow.

7.5
2018-06-26 CVE-2018-1000501 Instant Update Weak Password Recovery Mechanism FOR Forgotten Password vulnerability in Instant-Update Instant Update CMS

Instant Update CMS contains a Password Reset Vulnerability vulnerability in /iu-application/controllers/administration/auth.php that can result in Account Tackover.

7.5
2018-06-26 CVE-2017-7657 Eclipse
Debian
Netapp
HP
Oracle
Http Request Smuggling vulnerability in multiple products

In Eclipse Jetty, versions 9.2.x and older, 9.3.x (all configurations), and 9.4.x (non-default configuration with RFC2616 compliance enabled), transfer-encoding chunks are handled poorly.

7.5
2018-06-26 CVE-2018-0608 Buffer overflow in H2O version 2.2.4 and earlier allows remote attackers to execute arbitrary code or cause a denial of service (DoS) via unspecified vectors.
7.5
2018-06-26 CVE-2018-12889 CCN Lite Out-Of-Bounds Write vulnerability in Ccn-Lite 2.0.1

An issue was discovered in CCN-lite 2.0.1.

7.5
2018-06-26 CVE-2018-12882 PHP
Canonical
Netapp
USE After Free vulnerability in multiple products

exif_read_from_impl in ext/exif/exif.c in PHP 7.2.x through 7.2.7 allows attackers to trigger a use-after-free (in exif_read_from_file) because it closes a stream that it is not responsible for closing.

7.5
2018-06-25 CVE-2018-11589 Centreon SQL Injection vulnerability in Centreon and Centreon web

Multiple SQL injection vulnerabilities in Centreon 3.4.6 including Centreon Web 2.8.23 allow attacks via the searchU parameter in viewLogs.php, the id parameter in GetXmlHost.php, the chartId parameter in ExportCSVServiceData.php, the searchCurve parameter in listComponentTemplates.php, or the host_id parameter in makeXML_ListMetrics.php.

7.5
2018-06-25 CVE-2018-11587 Centreon Code Injection vulnerability in Centreon and Centreon web

There is Remote Code Execution in Centreon 3.4.6 including Centreon Web 2.8.23 via the RPN value in the Virtual Metric form in centreonGraph.class.php.

7.5
2018-06-28 CVE-2018-12931 Canonical
Linux
Out-Of-Bounds Write vulnerability in multiple products

ntfs_attr_find in the ntfs.ko filesystem driver in the Linux kernel 4.15.0 allows attackers to trigger a stack-based out-of-bounds write and cause a denial of service (kernel oops or panic) or possibly have unspecified other impact via a crafted ntfs filesystem.

7.2
2018-06-28 CVE-2018-12930 Linux
Canonical
Out-Of-Bounds Write vulnerability in multiple products

ntfs_end_buffer_async_read in the ntfs.ko filesystem driver in the Linux kernel 4.15.0 allows attackers to trigger a stack-based out-of-bounds write and cause a denial of service (kernel oops or panic) or possibly have unspecified other impact via a crafted ntfs filesystem.

7.2

195 Medium Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2018-07-01 CVE-2018-13040 Opensid Cross-Site Request Forgery (CSRF) vulnerability in Opensid 18.06Pasca

OpenSID 18.06-pasca has a CSRF vulnerability.

6.8
2018-07-01 CVE-2018-13037 Jpeg Compressor Project Out-Of-Bounds Write vulnerability in Jpeg-Compressor Project Jpeg Compressor 0.1

An issue was discovered in jpeg-compressor 0.1.

6.8
2018-07-01 CVE-2018-13032 Ecessa Cross-Site Request Forgery (CSRF) vulnerability in Ecessa Shieldlink Sl175Ehq Firmware 10.7.4

ECESSA ShieldLink SL175EHQ 10.7.4 devices have CSRF to add superuser accounts via the cgi-bin/pl_web.cgi/util_configlogin_act URI.

6.8
2018-06-30 CVE-2018-13030 Jpeg Compressor Project Out-Of-Bounds Write vulnerability in Jpeg-Compressor Project Jpeg Compressor 0.1

An issue was discovered in jpeg-compressor 0.1.

6.8
2018-06-29 CVE-2018-13012 Safensoft Download of Code Without Integrity Check vulnerability in Safensoft products

Download of code with improper integrity check in snsupd.exe and upd.exe in SAFE'N'SEC SoftControl/SafenSoft SysWatch, SoftControl/SafenSoft TPSecure, and SoftControl/SafenSoft Enterprise Suite before 4.4.12 allows the remote attacker to execute unauthorized code by substituting a forged update server.

6.8
2018-06-29 CVE-2018-13010 Wstmall Cross-Site Request Forgery (CSRF) vulnerability in Wstmall 1.9.1170316

WSTMall v1.9.1_170316 has CSRF via the index.php?m=Admin&c=Users&a=edit URI to add a user account.

6.8
2018-06-29 CVE-2018-12983 Podofo Project Out-Of-Bounds Read vulnerability in Podofo Project Podofo 0.9.6

A stack-based buffer over-read in the PdfEncryptMD5Base::ComputeEncryptionKey() function in PdfEncrypt.cpp in PoDoFo 0.9.6-rc1 could be leveraged by remote attackers to cause a denial-of-service via a crafted pdf file.

6.8
2018-06-28 CVE-2018-12589 Polarisoffice Untrusted Search Path vulnerability in Polarisoffice Polaris Office 2017 8.1

Polaris Office 2017 8.1 allows attackers to execute arbitrary code via a Trojan horse puiframeworkproresenu.dll file in the current working directory.

6.8
2018-06-27 CVE-2018-8025 Apache Race Condition vulnerability in Apache Hbase

CVE-2018-8025 describes an issue in Apache HBase that affects the optional "Thrift 1" API server when running over HTTP.

6.8
2018-06-26 CVE-2018-12900 Libtiff
Canonical
Out-Of-Bounds Write vulnerability in multiple products

Heap-based buffer overflow in the cpSeparateBufToContigBuf function in tiffcp.c in LibTIFF 3.9.3, 3.9.4, 3.9.5, 3.9.6, 3.9.7, 4.0.0beta7, 4.0.0alpha4, 4.0.0alpha5, 4.0.0alpha6, 4.0.0, 4.0.1, 4.0.2, 4.0.3, 4.0.4, 4.0.4beta, 4.0.5, 4.0.6, 4.0.7, 4.0.8 and 4.0.9 allows remote attackers to cause a denial of service (crash) or possibly have unspecified other impact via a crafted TIFF file.

6.8
2018-06-26 CVE-2018-11447 Siemens Cross-Site Request Forgery (CSRF) vulnerability in Siemens Scalance M875 Firmware

A vulnerability has been identified in SCALANCE M875 (All versions).

6.8
2018-06-26 CVE-2018-1000548 Umlet XXE vulnerability in Umlet

Umlet version < 14.3 contains a XML External Entity (XXE) vulnerability in File parsing that can result in disclosure of confidential data, denial of service, server side request forgery.

6.8
2018-06-26 CVE-2018-1000546 Triplea Game XXE vulnerability in Triplea-Game Triplea

Triplea version <= 1.9.0.0.10291 contains a XML External Entity (XXE) vulnerability in Importing game data that can result in Possible information disclosure, server-side request forgery, or remote code execution.

6.8
2018-06-26 CVE-2018-1000542 Netbeans MMD Plugin Project XXE vulnerability in Netbeans-Mmd-Plugin Project Netbeans-Mmd-Plugin 1.4.3

netbeans-mmd-plugin version <= 1.4.3 contains a XML External Entity (XXE) vulnerability in MMD file import that can result in Possible information disclosure, server-side request forgery, or remote code execution.

6.8
2018-06-26 CVE-2018-1000540 Loboevolution Project XXE vulnerability in Loboevolution Project Loboevolution

LoboEvolution version < 9b75694cedfa4825d4a2330abf2719d470c654cd contains a XML External Entity (XXE) vulnerability in XML Parsing when viewing the XML file in the browser that can result in disclosure of confidential data, denial of service, server side request forgery.

6.8
2018-06-26 CVE-2018-1000506 Mediaron Cross-Site Request Forgery (CSRF) vulnerability in Mediaron Metronet TAG Manager 1.2.7

Metronet Tag Manager version 1.2.7 contains a Cross ite Request Forgery (CSRF) vulnerability in Settings page /wp-admin/options-general.php?page=metronet-tag-manager that can result in allows anybody to do almost anything an admin can.

6.8
2018-06-26 CVE-2018-1000500 Busybox Improper Certificate Validation vulnerability in Busybox

Busybox contains a Missing SSL certificate validation vulnerability in The "busybox wget" applet that can result in arbitrary code execution.

6.8
2018-06-26 CVE-2018-0609 Linecorp Untrusted Search Path vulnerability in Linecorp Line 4.3.0.724

Untrusted search path vulnerability in LINE for Windows versions before 5.8.0 allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.

6.8
2018-06-26 CVE-2018-0600 Sony
Microsoft
Untrusted Search Path vulnerability in Sony Playmemories Home 5.5.01

Untrusted search path vulnerability in the installer of PlayMemories Home for Windows ver.5.5.01 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.

6.8
2018-06-26 CVE-2018-0597 Microsoft Untrusted Search Path vulnerability in Microsoft Visual Studio Code

Untrusted search path vulnerability in the installer of Visual Studio Code allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.

6.8
2018-06-26 CVE-2018-0596 Microsoft Untrusted Search Path vulnerability in Microsoft Visual Studio Community

Untrusted search path vulnerability in the installer of Visual Studio Community allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.

6.8
2018-06-26 CVE-2018-0595 Microsoft Untrusted Search Path vulnerability in Microsoft Skype

Untrusted search path vulnerability in the installer of Skype for Windows allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.

6.8
2018-06-26 CVE-2018-0594 Microsoft Untrusted Search Path vulnerability in Microsoft Skype

Untrusted search path vulnerability in Skype for Windows allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.

6.8
2018-06-26 CVE-2018-0593 Microsoft Untrusted Search Path vulnerability in Microsoft Onedrive

Untrusted search path vulnerability in the installer of Microsoft OneDrive allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.

6.8
2018-06-26 CVE-2018-0592 Microsoft Untrusted Search Path vulnerability in Microsoft Onedrive

Untrusted search path vulnerability in Microsoft OneDrive allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.

6.8
2018-06-25 CVE-2018-12603 Lfdycms Cross-Site Request Forgery (CSRF) vulnerability in Lfdycms Lfcms 3.7.0

Cross-site request forgery (CSRF) vulnerability in admin.php in LFCMS 3.7.0 allows remote attackers to hijack the authentication of unspecified users for requests that add administrator users via the s parameter, a related issue to CVE-2018-12114.

6.8
2018-06-25 CVE-2018-12602 Lfdycms Cross-Site Request Forgery (CSRF) vulnerability in Lfdycms Lfcms 3.7.0

A CSRF vulnerability exists in LFCMS 3.7.0: users can be added arbitrarily.

6.8
2018-06-29 CVE-2018-13024 Metinfo Unrestricted Upload of File With Dangerous Type vulnerability in Metinfo 6.0.0

Metinfo v6.0.0 allows remote attackers to write code into a .php file, and execute that code, via the module parameter to admin/column/save.php in an editor upload action.

6.5
2018-06-29 CVE-2018-12995 Onefilecms Code Injection vulnerability in Onefilecms

onefilecms.php in OneFileCMS through 2012-04-14 might allow attackers to execute arbitrary PHP code via a .php filename on the Upload screen.

6.5
2018-06-29 CVE-2018-12994 Onefilecms Code Injection vulnerability in Onefilecms

onefilecms.php in OneFileCMS through 2012-04-14 might allow attackers to execute arbitrary PHP code via a .php filename on the New File screen.

6.5
2018-06-27 CVE-2018-12912 Hongcms Project SQL Injection vulnerability in Hongcms Project Hongcms 3.0.0

An issue wan discovered in admin\controllers\database.php in HongCMS 3.0.0.

6.5
2018-06-26 CVE-2018-12895 Wordpress
Debian
Path Traversal vulnerability in Wordpress

WordPress through 4.9.6 allows Author users to execute arbitrary code by leveraging directory traversal in the wp-admin/post.php thumb parameter, which is passed to the PHP unlink function and can delete the wp-config.php file.

6.5
2018-06-26 CVE-2018-12712 Joomla Improper Input Validation vulnerability in Joomla Joomla!

An issue was discovered in Joomla! 2.5.0 through 3.8.8 before 3.8.9.

6.5
2018-06-26 CVE-2018-4845 Siemens Improper Privilege Management vulnerability in Siemens products

A vulnerability has been identified in RAPIDLab 1200 systems / RAPIDPoint 400 systems / RAPIDPoint 500 systems (All versions_without_ use of Siemens Healthineers Informatics products), RAPIDLab 1200 Series (All versions < V3.3 _with_ Siemens Healthineers Informatics products), RAPIDPoint 500 systems (All versions >= V3.0 _with_ Siemens Healthineers Informatics products), RAPIDPoint 500 systems (V2.4.X_with_ Siemens Healthineers Informatics products), RAPIDPoint 500 systems (All versions =< V2.3 _with_ Siemens Healthineers Informatics products), RAPIDPoint 400 systems (All versions _with_ Siemens Healthineers Informatics products).

6.5
2018-06-26 CVE-2018-1000553 Trovebox Server-Side Request Forgery (SSRF) vulnerability in Trovebox

Trovebox version <= 4.0.0-rc6 contains a Server-Side request forgery vulnerability in webhook component that can result in read or update internal resources.

6.5
2018-06-26 CVE-2018-1000552 Trovebox SQL Injection vulnerability in Trovebox

Trovebox version <= 4.0.0-rc6 contains a SQL Injection vulnerability in album component that can result in SQL code injection.

6.5
2018-06-26 CVE-2018-1000551 Trovebox Unspecified vulnerability in Trovebox

Trovebox version <= 4.0.0-rc6 contains a PHP Type juggling vulnerability in album view component that can result in Authentication bypass.

6.5
2018-06-26 CVE-2018-1000527 Froxlor Deserialization of Untrusted Data vulnerability in Froxlor

Froxlor version <= 0.9.39.5 contains a PHP Object Injection vulnerability in Domain name form that can result in Possible information disclosure and remote code execution.

6.5
2018-06-26 CVE-2018-1000509 Redirection Deserialization of Untrusted Data vulnerability in Redirection 2.7.1

Redirection version 2.7.1 contains a Serialisation vulnerability possibly allowing ACE vulnerability in Settings page AJAX that can result in could allow admin to execute arbitrary code in some circumstances.

6.5
2018-06-26 CVE-2018-1000502 Mybb Inclusion of Functionality From Untrusted Control Sphere vulnerability in Mybb

MyBB Group MyBB contains a File Inclusion vulnerability in Admin panel (Tools and Maintenance -> Task Manager -> Add New Task) that can result in Allows Local File Inclusion on modern PHP versions and Remote File Inclusion on ancient PHP versions.

6.5
2018-06-26 CVE-2018-0610 Zenphoto Improper Privilege Management vulnerability in Zenphoto

Local file inclusion vulnerability in Zenphoto 1.4.14 and earlier allows a remote attacker with an administrative privilege to execute arbitrary code or obtain sensitive information.

6.5
2018-06-26 CVE-2018-0606 Pixelpost SQL Injection vulnerability in Pixelpost 1.7.3

SQL injection vulnerability in the Pixelpost v1.7.3 and earlier allows remote authenticated attackers to execute arbitrary SQL commands via unspecified vectors.

6.5
2018-06-26 CVE-2018-0604 Pixelpost Unspecified vulnerability in Pixelpost 1.7.3

Pixelpost v1.7.3 and earlier allows remote code execution via unspecified vectors.

6.5
2018-06-26 CVE-2018-0569 Basercms OS Command Injection vulnerability in Basercms

baserCMS (baserCMS 4.1.0.1 and earlier versions, baserCMS 3.0.15 and earlier versions) allows remote authenticated attackers to execute arbitrary OS commands via unspecified vectors.

6.5
2018-06-26 CVE-2018-0567 Cybozu Unspecified vulnerability in Cybozu Office

Cybozu Office 10.0.0 to 10.8.0 allows authenticated attackers to bypass access restriction to access and write non-public data via unspecified vectors.

6.5
2018-06-29 CVE-2018-10860 Canonical
Debian
Perl Archive ZIP Project
Path Traversal vulnerability in multiple products

perl-archive-zip is vulnerable to a directory traversal in Archive::Zip.

6.4
2018-06-29 CVE-2018-12999 Zohocorp Improper Input Validation vulnerability in Zohocorp Manageengine Desktop Central 10.0.255

Incorrect Access Control in AgentTrayIconServlet in Zoho ManageEngine Desktop Central 10.0.255 allows attackers to delete certain files on the web server without login by sending a specially crafted request to the server with a computerName=../ substring to the /agenttrayicon URI.

6.4
2018-06-27 CVE-2017-16726 Beckhoff Inadequate Encryption Strength vulnerability in Beckhoff Twincat

Beckhoff TwinCAT supports communication over ADS.

6.4
2018-06-26 CVE-2018-1000204 Linux
Canonical
Debian
Unspecified vulnerability in Linux Kernel

** DISPUTED ** Linux Kernel version 3.18 to 4.16 incorrectly handles an SG_IO ioctl on /dev/sg0 with dxfer_direction=SG_DXFER_FROM_DEV and an empty 6-byte cmdp.

6.3
2018-06-29 CVE-2018-12971 Easycms Cross-Site Request Forgery (CSRF) vulnerability in Easycms 1.3

EasyCMS 1.3 has CSRF via the index.php?s=/admin/user/delAll URI to delete users.

5.8
2018-06-27 CVE-2018-1355 Fortinet Open Redirect vulnerability in Fortinet Fortianalyzer and Fortimanager

An open redirect vulnerability in Fortinet FortiManager 6.0.0, 5.6.5 and below versions, FortiAnalyzer 6.0.0, 5.6.5 and below versions allows attacker to inject script code during converting a HTML table to a PDF document under the FortiView feature.

5.8
2018-06-26 CVE-2018-1000605 Jenkins Improper Certificate Validation vulnerability in Jenkins Collabnet

A man in the middle vulnerability exists in Jenkins CollabNet Plugin 2.0.4 and earlier in CollabNetApp.java, CollabNetPlugin.java, CNFormFieldValidator.java that allows attackers to impersonate any service that Jenkins connects to.

5.8
2018-06-26 CVE-2018-1000523 Topydo Improper Input Validation vulnerability in Topydo

topydo contains a CWE-20: Improper Input Validation vulnerability in ListFormatParser::parse, file topydo/lib/ListFormat.py line 292 as of d4f843dac71308b2f29a7c2cdc76f055c3841523 that can result in Injection of arbitrary bytes to the terminal, including terminal escape code sequences.

5.8
2018-06-26 CVE-2018-0611 ANA Improper Certificate Validation vulnerability in ANA

The ANA App for iOS version 4.0.22 and earlier does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.

5.8
2018-06-25 CVE-2018-11041 Pivotal Software Open Redirect vulnerability in Pivotal Software Cloud Foundry UAA and Cloud Foundry Uaa-Release

Cloud Foundry UAA, versions later than 4.6.0 and prior to 4.19.0 except 4.10.1 and 4.7.5 and uaa-release versions later than v48 and prior to v60 except v55.1 and v52.9, does not validate redirect URL values on a form parameter used for internal UAA redirects on the login page, allowing open redirects.

5.8
2018-06-29 CVE-2018-13025 Yxcms Incorrect Permission Assignment for Critical Resource vulnerability in Yxcms 1.4.7

protected/apps/admin/controller/photoController.php in YXcms 1.4.7 allows remote attackers to delete arbitrary files via the index.php?r=admin/photo/delpic picname parameter.

5.5
2018-06-26 CVE-2018-1000511 Wpulike Incorrect Permission Assignment FOR Critical Resource vulnerability in Wpulike Ulike 2.8.1/3.1

WP ULike version 2.8.1, 3.1 contains a Incorrect Access Control vulnerability in AJAX that can result in allows anybody to delete any row in certain tables.

5.5
2018-06-26 CVE-2018-0572 Basercms Unspecified vulnerability in Basercms

baserCMS (baserCMS 4.1.0.1 and earlier versions, baserCMS 3.0.15 and earlier versions) allows remote authenticated attackers to bypass access restriction to view or alter a restricted content via unspecified vectors.

5.5
2018-07-01 CVE-2018-13041 Linktoken Project Integer Overflow OR Wraparound vulnerability in Linktoken Project Linktoken

The mint function of a smart contract implementation for Link Platform (LNK), an Ethereum ERC20 token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.

5.0
2018-06-30 CVE-2018-12990 Phpwcms Information Exposure vulnerability in PHPwcms 1.8.9

phpwcms 1.8.9 allows remote attackers to discover the installation path via an invalid csrf_token_value field.

5.0
2018-06-29 CVE-2018-12997 Zohocorp Information Exposure vulnerability in Zohocorp products

Incorrect Access Control in FailOverHelperServlet in Zoho ManageEngine Netflow Analyzer before build 123137, Network Configuration Manager before build 123128, OpManager before build 123148, OpUtils before build 123161, and Firewall Analyzer before build 123147 allows attackers to read certain files on the web server without login by sending a specially crafted request to the server with the operation=copyfile&fileName= substring.

5.0
2018-06-29 CVE-2018-12993 Onefilecms Improper Restriction of Excessive Authentication Attempts vulnerability in Onefilecms

onefilecms.php in OneFileCMS through 2012-04-14 might allow attackers to conduct brute-force attacks via the onefilecms_username and onefilecms_password fields.

5.0
2018-06-29 CVE-2018-12988 Greencms Improper Input Validation vulnerability in Greencms 2.3.0603

GreenCMS 2.3.0603 has an arbitrary file download vulnerability via an index.php?m=admin&c=media&a=downfile URI.

5.0
2018-06-28 CVE-2018-12934 GNU Allocation of Resources Without Limits OR Throttling vulnerability in GNU Binutils 2.30

remember_Ktype in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.30, allows attackers to trigger excessive memory consumption (aka OOM).

5.0
2018-06-28 CVE-2018-11510 Asustor OS Command Injection vulnerability in Asustor ADM

The ASUSTOR ADM 3.1.0.RFQ3 NAS portal suffers from an unauthenticated remote code execution vulnerability in the portal/apis/aggrecate_js.cgi file by embedding OS commands in the 'script' parameter.

5.0
2018-06-28 CVE-2018-12927 Northernnep Information Exposure vulnerability in Northernnep Northern Electric & Power Inverter Firmware

Northern Electric & Power (NEP) inverter devices allow remote attackers to obtain potentially sensitive information via a direct request for the nep/status/index/1 URI.

5.0
2018-06-28 CVE-2018-12926 Pharoscontrols Information Exposure vulnerability in Pharoscontrols Pharos Firmware

Pharos Controls devices allow remote attackers to obtain potentially sensitive information via a direct request for the default/index.lsp or default/log.lsp URI.

5.0
2018-06-28 CVE-2018-12923 Bwssystems Information Exposure vulnerability in Bwssystems HA Bridge

BWS Systems HA-Bridge devices allow remote attackers to obtain potentially sensitive information via a direct request for the #!/system URI.

5.0
2018-06-28 CVE-2018-12922 Vertivco Incorrect Permission Assignment FOR Critical Resource vulnerability in Vertivco Liebert Intellislot Firmware

Emerson Liebert IntelliSlot Web Card devices allow remote attackers to reconfigure access control via the config/configUser.htm or config/configTelnet.htm URI.

5.0
2018-06-28 CVE-2018-12921 Electroind Information Exposure vulnerability in Electroind Gaugetech Nexus Firmware

Electro Industries GaugeTech Nexus devices allow remote attackers to obtain potentially sensitive information via a direct request for the meter_information.htm, diag_system.htm, or diag_dnp_lan_wan.htm URI.

5.0
2018-06-28 CVE-2018-12920 Flir Information Exposure vulnerability in Flir Brickstream 2300 Firmware

Brickstream 2300 devices allow remote attackers to obtain potentially sensitive information via a direct request for the basic.html#ipsettings or basic.html#datadelivery URI.

5.0
2018-06-27 CVE-2018-1553 IBM Information Exposure vulnerability in IBM Websphere Application Server

IBM WebSphere Application Server Liberty prior to 18.0.0.2 could allow a remote attacker to obtain sensitive information, caused by mishandling of exceptions by the SAML Web SSO feature.

5.0
2018-06-27 CVE-2018-1306 Apache Information Exposure vulnerability in Apache Pluto 3.0.0

The PortletV3AnnotatedDemo Multipart Portlet war file code provided in Apache Pluto version 3.0.0 could allow a remote attacker to obtain sensitive information, caused by the failure to restrict path information provided during a file upload.

5.0
2018-06-27 CVE-2018-12913 Miniz Project Infinite Loop vulnerability in Miniz Project Miniz 2.0.7

In Miniz 2.0.7, tinfl_decompress in miniz_tinfl.c has an infinite loop because sym2 and counter can both remain equal to zero.

5.0
2018-06-27 CVE-2018-12536 Eclipse
Oracle
In Eclipse Jetty Server, all 9.x versions, on webapps deployed using default Error Handling, when an intentionally bad query arrives that doesn't match a dynamic url-pattern, and is eventually handled by the DefaultServlet's static file serving, the bad characters can trigger a java.nio.file.InvalidPathException which includes the full path to the base resource directory that the DefaultServlet and/or webapp is using.
5.0
2018-06-27 CVE-2018-12908 Brynamics Information Exposure vulnerability in Brynamics

Brynamics "Online Trade - Online trading and cryptocurrency investment system" allows remote attackers to obtain sensitive information via a direct request for the /dashboard/deposit URI, as demonstrated by discovering database credentials.

5.0
2018-06-27 CVE-2018-12907 Rclone Information Exposure vulnerability in Rclone 1.42

In Rclone 1.42, use of "rclone sync" to migrate data between two Google Cloud Storage buckets might allow attackers to trigger the transmission of any URL's content to Google, because there is no validation of a URL field received from the Google Cloud Storage API server, aka a "RESTLESS" issue.

5.0
2018-06-26 CVE-2018-3841 Pixar Null Pointer Dereference vulnerability in Pixar Renderman 21.6

A denial-of-service vulnerability exists in the Pixar Renderman IT Display Service 21.6 (0x69).

5.0
2018-06-26 CVE-2018-3840 Pixar Improper Input Validation vulnerability in Pixar Renderman 21.6

A denial-of-service vulnerability exists in the Pixar Renderman IT Display Service 21.6 (0x67).

5.0
2018-06-26 CVE-2018-1614 IBM Information Exposure vulnerability in IBM Websphere Application Server

IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 using malformed SAML responses from the SAML identity provider could allow a remote attacker to obtain sensitive information.

5.0
2018-06-26 CVE-2018-3760 Redhat
Sprockets Project
Debian
Information Exposure vulnerability in multiple products

There is an information leak vulnerability in Sprockets.

5.0
2018-06-26 CVE-2018-1072 Ovirt
Redhat
Information Exposure Through LOG Files vulnerability in multiple products

ovirt-engine before version ovirt 4.2.2 is vulnerable to an information exposure through log files.

5.0
2018-06-26 CVE-2018-10664 Axis Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Axis products

An issue was discovered in the httpd process in multiple models of Axis IP Cameras.

5.0
2018-06-26 CVE-2018-10663 Axis Information Exposure vulnerability in Axis products

An issue was discovered in multiple models of Axis IP Cameras.

5.0
2018-06-26 CVE-2018-10659 Axis Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Axis products

There was a Memory Corruption issue discovered in multiple models of Axis IP Cameras which allows remote attackers to cause a denial of service (crash) by sending a crafted command which will result in a code path that calls the UND undefined ARM instruction.

5.0
2018-06-26 CVE-2018-10658 Axis Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Axis products

There was a Memory Corruption issue discovered in multiple models of Axis IP Cameras which causes a denial of service (crash).

5.0
2018-06-26 CVE-2018-1000554 Trovebox Weak Password Recovery Mechanism FOR Forgotten Password vulnerability in Trovebox

Trovebox version <= 4.0.0-rc6 contains a Unsafe password reset token generation vulnerability in user component that can result in Password reset.

5.0
2018-06-26 CVE-2018-1000549 Wekan Project Information Exposure vulnerability in Wekan Project Wekan 1.04.0

Wekan version 1.04.0 contains a Email / Username Enumeration vulnerability in Register' and 'Forgot your password?' pages that can result in A remote attacker could perform a brute force attack to obtain valid usernames and email addresses..

5.0
2018-06-26 CVE-2018-1000547 Corebos Incorrect Permission Assignment for Critical Resource vulnerability in Corebos 5.4/5.5/7.0

coreBOS version 7.0 and earlier contains a Incorrect Access Control vulnerability in Module: Contacts that can result in The error allows you to access records that you have no permissions to.

5.0
2018-06-26 CVE-2018-1000539 Json JWT Project Improper Verification of Cryptographic Signature vulnerability in Json-Jwt Project Json-Jwt

Nov json-jwt version >= 0.5.0 && < 1.9.4 contains a CWE-347: Improper Verification of Cryptographic Signature vulnerability in Decryption of AES-GCM encrypted JSON Web Tokens that can result in Attacker can forge a authentication tag.

5.0
2018-06-26 CVE-2018-1000538 Minio Allocation of File Descriptors OR Handles Without Limits OR Throttling vulnerability in Minio

Minio Inc.

5.0
2018-06-26 CVE-2018-1000535 LMS Information Exposure vulnerability in LMS

lms version <= LMS_011123 contains a Local File Disclosure vulnerability in File reading functionality in LMS module that can result in Possible to read files on the server.

5.0
2018-06-26 CVE-2018-1000531 Inversoft Improper Input Validation vulnerability in Inversoft Prime-Jwt

inversoft prime-jwt version prior to commit abb0d479389a2509f939452a6767dc424bb5e6ba contains a CWE-20 vulnerability in JWTDecoder.decode that can result in an incorrect signature validation of a JWT token.

5.0
2018-06-26 CVE-2018-1000526 Openpsa2 XML Injection (Aka Blind Xpath Injection) vulnerability in Openpsa2 Openpsa

Openpsa contains a XML Injection vulnerability in RSS file upload feature that can result in Remote denial of service.

5.0
2018-06-26 CVE-2018-1000520 ARM Improper Certificate Validation vulnerability in ARM Mbed TLS

ARM mbedTLS version 2.7.0 and earlier contains a Ciphersuite Allows Incorrectly Signed Certificates vulnerability in mbedtls_ssl_get_verify_result() that can result in ECDSA-signed certificates are accepted, when only RSA-signed ones should be..

5.0
2018-06-26 CVE-2018-1000518 Myks Resource Exhaustion vulnerability in Myks Websockets 4.0

aaugustin websockets version 4 contains a CWE-409: Improper Handling of Highly Compressed Data (Data Amplification) vulnerability in Servers and clients, unless configured with compression=None that can result in Denial of Service by memory exhaustion.

5.0
2018-06-26 CVE-2018-1000515 News Articles Project XXE vulnerability in News-Articles Project News-Articles 00.09.11

ventrian News-Articles version NewsArticles.00.09.11 contains a XML External Entity (XXE) vulnerability in News-Articles/API/MetaWebLog/Handler.ashx.vb that can result in Attacker can read any file in the server or use smbrelay attack to access to server..

5.0
2018-06-26 CVE-2017-7656 Eclipse
Debian
In Eclipse Jetty, versions 9.2.x and older, 9.3.x (all configurations), and 9.4.x (non-default configuration with RFC2616 compliance enabled), HTTP/0.9 is handled poorly.
5.0
2018-06-26 CVE-2018-10852 Debian
Fedoraproject
Redhat
Information Exposure vulnerability in multiple products

The UNIX pipe which sudo uses to contact SSSD and read the available sudo rules from SSSD has too wide permissions, which means that anyone who can send a message using the same raw protocol that sudo and SSSD use can read the sudo rules available for any user.

5.0
2018-06-26 CVE-2018-0584 IIJ Information Exposure vulnerability in IIJ Smartkey 2.1.0

IIJ SmartKey App for Android version 2.1.0 and earlier allows remote attackers to bypass authentication [effect_of_bypassing_authentication] via unspecified vectors.

5.0
2018-06-26 CVE-2018-0575 Basercms Information Exposure vulnerability in Basercms

baserCMS (baserCMS 4.1.0.1 and earlier versions, baserCMS 3.0.15 and earlier versions) allows remote attackers to bypass access restriction in mail form to view a file which is uploaded by a site user via unspecified vectors.

5.0
2018-06-26 CVE-2018-0573 Basercms Improper Privilege Management vulnerability in Basercms

baserCMS (baserCMS 4.1.0.1 and earlier versions, baserCMS 3.0.15 and earlier versions) allows remote attackers to bypass access restriction for a content to view a file which is uploaded by a site user via unspecified vectors.

5.0
2018-06-25 CVE-2018-12735 SAJ Electric Information Exposure vulnerability in Saj-Electric SAJ Solar Inverter

SAJ Solar Inverter allows remote attackers to obtain potentially sensitive information via a direct request for the inverter_info.htm or english_main.htm URI.

5.0
2018-06-25 CVE-2018-8755 Nucom Missing Authorization vulnerability in Nucom Wr644Gacv Firmware

NuCom WR644GACV devices before STA006 allow an attacker to download the configuration file without credentials.

5.0
2018-06-25 CVE-2018-10956 Ipconfigure
Linux
Microsoft
Path Traversal vulnerability in Ipconfigure Orchid Core VMS 2.0.5

IPConfigure Orchid Core VMS 2.0.5 allows Directory Traversal.

5.0
2018-06-25 CVE-2018-12084 Bitasean Unspecified vulnerability in Bitasean

The mintToken function of a smart contract implementation for BitAsean (BAS), a tradable Ethereum ERC20 token, has no period constraint, which allows the owner to increase the total supply of the digital assets arbitrarily so as to make profits, aka the "tradeTrap" issue.

5.0
2018-06-25 CVE-2018-12083 Goal Bonanza Project Unspecified vulnerability in Goal Bonanza Project Goal Bonanza

The mintToken function of a smart contract implementation for GOAL Bonanza (GOAL), a tradable Ethereum ERC20 token, has no period constraint, which allows the owner to increase the total supply of the digital assets arbitrarily so as to make profits, aka the "tradeTrap" issue.

5.0
2018-06-25 CVE-2018-12082 Fujinto Project Unspecified vulnerability in Fujinto Project Fujinto

The mintToken function of a smart contract implementation for Fujinto (NTO), a tradable Ethereum ERC20 token, has no period constraint, which allows the owner to increase the total supply of the digital assets arbitrarily so as to make profits, aka the "tradeTrap" issue.

5.0
2018-06-25 CVE-2018-12081 Tgtcoins Unspecified vulnerability in Tgtcoins Target Coin

The mintToken function of a smart contract implementation for Target Coin (TGT), a tradable Ethereum ERC20 token, has no period constraint, which allows the owner to increase the total supply of the digital assets arbitrarily so as to make profits, aka the "tradeTrap" issue.

5.0
2018-06-25 CVE-2018-12080 Intchain Unspecified vulnerability in Intchain Node Token

The mintToken function of a smart contract implementation for Internet Node Token (INT), a tradable Ethereum ERC20 token, has no period constraint, which allows the owner to increase the total supply of the digital assets arbitrarily so as to make profits, aka the "tradeTrap" issue.

5.0
2018-06-25 CVE-2018-12079 Substratum Unspecified vulnerability in Substratum

The mintToken function of a smart contract implementation for Substratum (SUB), a tradable Ethereum ERC20 token, has no period constraint, which allows the owner to increase the total supply of the digital assets arbitrarily so as to make profits, aka the "tradeTrap" issue.

5.0
2018-06-25 CVE-2018-12078 Polyai Project Unspecified vulnerability in Polyai Project Polyai

The mintToken function of a smart contract implementation for PolyAI (AI), a tradable Ethereum ERC20 token, has no period constraint, which allows the owner to increase the total supply of the digital assets arbitrarily so as to make profits, aka the "tradeTrap" issue.

5.0
2018-06-25 CVE-2018-12070 SEC Project Integer Overflow OR Wraparound vulnerability in SEC Project SEC

The sell function of a smart contract implementation for SEC, a tradable Ethereum ERC20 token, allows a potential trap that could be used to cause financial damage to the seller, because of overflow of the multiplication of its argument amount and a manipulable variable sellPrice, aka the "tradeTrap" issue.

5.0
2018-06-25 CVE-2018-12068 Tgtcoins Integer Overflow OR Wraparound vulnerability in Tgtcoins Target Coin

The sell function of a smart contract implementation for Target Coin (TGT), a tradable Ethereum ERC20 token, allows a potential trap that could be used to cause financial damage to the seller, because of overflow of the multiplication of its argument amount and a manipulable variable sellPrice, aka the "tradeTrap" issue.

5.0
2018-06-25 CVE-2018-12067 Substratum Integer Overflow OR Wraparound vulnerability in Substratum

The sell function of a smart contract implementation for Substratum (SUB), a tradable Ethereum ERC20 token, allows a potential trap that could be used to cause financial damage to the seller, because of overflow of the multiplication of its argument amount and a manipulable variable sellPrice, aka the "tradeTrap" issue.

5.0
2018-06-25 CVE-2018-12063 Intchain Integer Overflow OR Wraparound vulnerability in Intchain Node Token

The sell function of a smart contract implementation for Internet Node Token (INT), a tradable Ethereum ERC20 token, allows a potential trap that could be used to cause financial damage to the seller, because of overflow of the multiplication of its argument amount and a manipulable variable sellPrice, aka the "tradeTrap" issue.

5.0
2018-06-25 CVE-2018-12062 Swft Integer Overflow OR Wraparound vulnerability in Swft Swftcoin

The sell function of a smart contract implementation for SwftCoin (SWFTC), a tradable Ethereum ERC20 token, allows a potential trap that could be used to cause financial damage to the seller, because of overflow of the multiplication of its argument amount and a manipulable variable sellPrice, aka the "tradeTrap" issue.

5.0
2018-06-25 CVE-2018-11446 Gold Reward Project Integer Overflow OR Wraparound vulnerability in Gold Reward Project Gold Reward

The buy function of a smart contract implementation for Gold Reward (GRX), an Ethereum ERC20 token, allows a potential trap that could be used to cause financial damage to the buyer because of overflow of the multiplication of its argument amount and a manipulable variable buyPrice, aka the "tradeTrap" issue.

5.0
2018-06-25 CVE-2018-12703 Block18 Improper Input Validation vulnerability in Block18

The approveAndCallcode function of a smart contract implementation for Block 18 (18T), an tradable Ethereum ERC20 token, allows attackers to steal assets (e.g., transfer the contract's balances into their account) because the callcode (i.e., _spender.call(_extraData)) is not verified, aka the "evilReflex" issue.

5.0
2018-06-25 CVE-2018-12702 GVE Improper Input Validation vulnerability in GVE Globalvillage Ecosystem

The approveAndCallcode function of a smart contract implementation for Globalvillage ecosystem (GVE), an Ethereum ERC20 token, allows attackers to steal assets (e.g., transfer the contract's balances into their account) because the callcode (i.e., _spender.call(_extraData)) is not verified, aka the "evilReflex" issue.

5.0
2018-06-28 CVE-2018-12929 Linux
Canonical
USE After Free vulnerability in multiple products

ntfs_read_locked_inode in the ntfs.ko filesystem driver in the Linux kernel 4.15.0 allows attackers to trigger a use-after-free read and possibly cause a denial of service (kernel oops or panic) via a crafted ntfs filesystem.

4.9
2018-06-28 CVE-2018-12928 Linux
Canonical
Null Pointer Dereference vulnerability in multiple products

In the Linux kernel 4.15.0, a NULL pointer dereference was discovered in hfs_ext_read_extent in hfs.ko.

4.9
2018-06-29 CVE-2018-13013 Safensoft Improper Check for Unusual OR Exceptional Conditions vulnerability in Safensoft Enterprise Suite, Syswatch and Tpsecure

Improper check of unusual conditions when launching msiexec.exe in safensec.com (SysWatch service) in SAFE'N'SEC SoftControl/SafenSoft SysWatch, SoftControl/SafenSoft TPSecure, and SoftControl/SafenSoft Enterprise Suite before 4.4.9 allows the local attacker to bypass a code-signing protection mechanism and install/execute an unauthorized program by modifying the system configuration and installing a forged MSI file.

4.6
2018-06-27 CVE-2018-12904 Linux
Canonical
Unspecified vulnerability in Linux Kernel

In arch/x86/kvm/vmx.c in the Linux kernel before 4.17.2, when nested virtualization is used, local attackers could cause L1 KVM guests to VMEXIT, potentially allowing privilege escalations and denial of service attacks due to lack of checking of CPL.

4.4
2018-07-01 CVE-2018-13039 Opensid Cross-Site Scripting vulnerability in Opensid 18.06Pasca

OpenSID 18.06-pasca has reflected Cross Site Scripting (XSS) via the cari parameter, aka an index.php/first?cari= URI.

4.3
2018-07-01 CVE-2018-13033 GNU
Redhat
Allocation of Resources Without Limits OR Throttling vulnerability in multiple products

The Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.30, allows remote attackers to cause a denial of service (excessive memory allocation and application crash) via a crafted ELF file, as demonstrated by _bfd_elf_parse_attributes in elf-attrs.c and bfd_malloc in libbfd.c.

4.3
2018-06-30 CVE-2018-7475 Icewarp Cross-Site Scripting vulnerability in Icewarp Mail Server 12.0.3

Cross-site scripting (XSS) vulnerability for webdav/ticket/ URIs in IceWarp Mail Server 12.0.3 allows remote attackers to inject arbitrary web script or HTML.

4.3
2018-06-29 CVE-2018-13003 Opentsdb Cross-Site Scripting vulnerability in Opentsdb 2.3.0

An issue was discovered in OpenTSDB 2.3.0.

4.3
2018-06-29 CVE-2018-13001 Sandoba Cross-Site Scripting vulnerability in Sandoba Cp::Shop 2016.1

An XSS issue was discovered in Sandoba CP:Shop v2016.1.

4.3
2018-06-29 CVE-2018-12998 Zohocorp Cross-Site Scripting vulnerability in Zohocorp products

A reflected Cross-site scripting (XSS) vulnerability in Zoho ManageEngine Netflow Analyzer before build 123137, Network Configuration Manager before build 123128, OpManager before build 123148, OpUtils before build 123161, and Firewall Analyzer before build 123147 allows remote attackers to inject arbitrary web script or HTML via the parameter 'operation' to /servlet/com.adventnet.me.opmanager.servlet.FailOverHelperServlet.

4.3
2018-06-29 CVE-2018-12996 Zohocorp Cross-Site Scripting vulnerability in Zohocorp Manageengine Applications Manager

A reflected Cross-site scripting (XSS) vulnerability in Zoho ManageEngine Applications Manager before 13 (Build 13800) allows remote attackers to inject arbitrary web script or HTML via the parameter 'method' to GraphicalView.do.

4.3
2018-06-29 CVE-2018-12982 Podofo Project Buffer Errors vulnerability in Podofo Project Podofo 0.9.6

Invalid memory read in the PoDoFo::PdfVariant::DelayedLoad() function in PdfVariant.h in PoDoFo 0.9.6-rc1 allows remote attackers to have denial-of-service impact via a crafted file.

4.3
2018-06-29 CVE-2018-12973 Opentsdb Cross-Site Scripting vulnerability in Opentsdb 2.3.0

An issue was discovered in OpenTSDB 2.3.0.

4.3
2018-06-27 CVE-2017-16718 Beckhoff USE of A Broken OR Risky Cryptographic Algorithm vulnerability in Beckhoff Twincat 3.0

Beckhoff TwinCAT 3 supports communication over ADS.

4.3
2018-06-27 CVE-2018-1543 IBM Improper Certificate Validation vulnerability in IBM Websphere MQ 8.0/9.0

IBM WebSphere MQ 8.0 and 9.0 could allow a remote attacker to obtain sensitive information, caused by the failure to properly validate the SSL certificate.

4.3
2018-06-27 CVE-2018-12919 Craftedweb Project Cross-Site Scripting vulnerability in Craftedweb Project Craftedweb 20130924

In CraftedWeb through 2013-09-24, aasp_includes/pages/notice.php allows XSS via the e parameter.

4.3
2018-06-27 CVE-2018-12905 Joyplus CMS Project Cross-Site Scripting vulnerability in Joyplus-Cms Project Joyplus-Cms 1.6.0

joyplus-cms 1.6.0 has XSS in admin_player.php, related to manager/index.php "system manage" and "add" actions.

4.3
2018-06-26 CVE-2018-12902 Easymagazine Project Cross-Site Scripting vulnerability in Easymagazine Project Easymagazine 20121026

In Easy Magazine through 2012-10-26, there is XSS in the search bar of the web site.

4.3
2018-06-26 CVE-2018-12711 Joomla Cross-Site Scripting vulnerability in Joomla Joomla!

An XSS issue was discovered in the language switcher module in Joomla! 1.6.0 through 3.8.8 before 3.8.9.

4.3
2018-06-26 CVE-2018-1000602 Jenkins Session Fixation vulnerability in Jenkins Saml

A session fixation vulnerability exists in Jenkins SAML Plugin 1.0.6 and earlier in SamlSecurityRealm.java that allows unauthorized attackers to impersonate another users if they can control the pre-authentication session.

4.3
2018-06-26 CVE-2018-1000600 Jenkins Information Exposure vulnerability in Jenkins Github

A exposure of sensitive information vulnerability exists in Jenkins GitHub Plugin 1.29.1 and earlier in GitHubTokenCredentialsCreator.java that allows attackers to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins.

4.3
2018-06-26 CVE-2018-1000559 Qutebrowser Cross-Site Scripting vulnerability in Qutebrowser

qutebrowser version introduced in v0.11.0 (1179ee7a937fb31414d77d9970bac21095358449) contains a Cross Site Scripting (XSS) vulnerability in history command, qute://history page that can result in Via injected JavaScript code, a website can steal the user's browsing history.

4.3
2018-06-26 CVE-2018-1000557 Ocsinventory NG Cross-Site Scripting vulnerability in Ocsinventory-Ng Ocsinventory NG 2.4

OCS Inventory OCS Inventory NG version ocsreports 2.4 contains a Cross Site Scripting (XSS) vulnerability in login form and search functionality that can result in An attacker is able to execute arbitrary (javascript) code within a victims' browser.

4.3
2018-06-26 CVE-2018-1000556 Veronalabs Cross-Site Scripting vulnerability in Veronalabs WP Statistics

WordPress version 4.8 + contains a Cross Site Scripting (XSS) vulnerability in plugins.php or core wordpress on delete function that can result in An attacker can perform client side attacks which could be from stealing a cookie to code injection.

4.3
2018-06-26 CVE-2018-1000543 Rockiger Cross-Site Scripting vulnerability in Rockiger Akiee 0.0.3

Akiee version 0.0.3 contains a XSS leading to code execution due to the use of node integration vulnerability in "Details" of a task is not validated that can result in XSS leading to abritrary code execution.

4.3
2018-06-26 CVE-2018-1000536 Getmedis Cross-Site Scripting vulnerability in Getmedis Medis

Medis version 0.6.1 and earlier contains a XSS vulnerability evolving into code execution due to enabled nodeIntegration for the renderer process vulnerability in Key name parameter on new key creation that can result in Unauthorized code execution in the victim's machine, within the rights of the running application.

4.3
2018-06-26 CVE-2018-1000534 Joplin Project Cross-Site Scripting vulnerability in Joplin Project Joplin

Joplin version prior to 1.0.90 contains a XSS evolving into code execution due to enabled nodeIntegration for that particular BrowserWindow instance where XSS was identified from vulnerability in Note content field - information on the fix can be found here https://github.com/laurent22/joplin/commit/494e235e18659574f836f84fcf9f4d4fcdcfcf89 that can result in executing unauthorized code within the rights in which the application is running.

4.3
2018-06-26 CVE-2018-1000529 Grails Cross-Site Scripting vulnerability in Grails Fields 2.2.7

Grails Fields plugin version 2.2.7 contains a Cross Site Scripting (XSS) vulnerability in Using the display tag that can result in XSS .

4.3
2018-06-26 CVE-2018-1000528 Debian
Gonicus
Cross-Site Scripting vulnerability in multiple products

GONICUS GOsa version before commit 56070d6289d47ba3f5918885954dcceb75606001 contains a Cross Site Scripting (XSS) vulnerability in change password form (html/password.php, #308) that can result in injection of arbitrary web script or HTML.

4.3
2018-06-26 CVE-2018-1000524 Spheredev Integer Overflow OR Wraparound vulnerability in Spheredev Minisphere

miniSphere version 5.2.9 and earlier contains a Integer Overflow vulnerability in layer_resize() function in map_engine.c that can result in remote denial of service.

4.3
2018-06-26 CVE-2018-1000521 Bigtreecms Cross-Site Scripting vulnerability in Bigtreecms Bigtree CMS 4.2.21

BigTree-CMS contains a Cross Site Scripting (XSS) vulnerability in /users/create that can result in The low-privileged users can use this vulnerability to attack high-privileged(Developer) users..

4.3
2018-06-26 CVE-2018-1000519 AIO Libs Project Session Fixation vulnerability in Aio-Libs Project Aiohttp

aio-libs aiohttp-session contains a Session Fixation vulnerability in load_session function for RedisStorage (see: https://github.com/aio-libs/aiohttp-session/blob/master/aiohttp_session/redis_storage.py#L42) that can result in Session Hijacking.

4.3
2018-06-26 CVE-2018-1000516 Galaxyproject Cross-Site Scripting vulnerability in Galaxyproject Galaxy 14.10

The Galaxy Project Galaxy version v14.10 contains a CWE-79: Improper Neutralization of Input During Web Page Generation vulnerability in Many templates used in the Galaxy server did not properly sanitize user's input, which would allow for cross-site scripting (XSS) attacks.

4.3
2018-06-26 CVE-2018-1000514 Limesurvey Cross-Site Request Forgery (CSRF) vulnerability in Limesurvey 3.0.0

LimeSurvey version 3.0.0-beta.3+17110 contains a Cross ite Request Forgery (CSRF) vulnerability in Boxes that can result in CSRF admins to delete boxes.

4.3
2018-06-26 CVE-2018-1000512 Tooltipy Project Cross-Site Scripting vulnerability in Tooltipy Project Tooltipy 5.0

Tooltipy Tooltipy (tooltips for WP) version 5 contains a Cross Site Scripting (XSS) vulnerability in Glossary shortcode that can result in could allow anybody to do almost anything an admin can.

4.3
2018-06-26 CVE-2018-1000507 JJJ Cross-Site Request Forgery (CSRF) vulnerability in JJJ WP User Groups 2.0.0

WP User Groups version 2.0.0 contains a Cross ite Request Forgery (CSRF) vulnerability in Settings page that can result in allows anybody to modify user groups and types.

4.3
2018-06-26 CVE-2018-1000505 Tooltipy Cross-Site Request Forgery (CSRF) vulnerability in Tooltipy 5.0

Tooltipy (tooltips for WP) version 5 contains a Cross ite Request Forgery (CSRF) vulnerability in Settings page that can result in could allow anybody to duplicate posts.

4.3
2018-06-26 CVE-2018-1000205 Denx Improper Input Validation vulnerability in Denx U-Boot

U-Boot contains a CWE-20: Improper Input Validation vulnerability in Verified boot signature validation that can result in Bypass verified boot.

4.3
2018-06-26 CVE-2018-0612 5000 Trillion YEN Converter Project Cross-Site Scripting vulnerability in 5000 Trillion YEN Converter Project 5000 Trillion YEN Converter 1.0.6

Cross-site scripting vulnerability in 5000 trillion yen converter v1.0.6 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

4.3
2018-06-26 CVE-2018-0605 Pixelpost Cross-Site Scripting vulnerability in Pixelpost 1.7.15/1.7.3

Cross-site scripting vulnerability in Pixelpost v1.7.3 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

4.3
2018-06-26 CVE-2018-0603 Geminilabs Cross-Site Scripting vulnerability in Geminilabs Site Reviews

Cross-site scripting vulnerability in Site Reviews versions prior to 2.15.3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

4.3
2018-06-26 CVE-2018-0602 Email Subscribers Newsletters Project Cross-Site Scripting vulnerability in Email Subscribers & Newsletters Project Email Subscribers & Newsletters

Cross-site scripting vulnerability in Email Subscribers & Newsletters versions prior to 3.5.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

4.3
2018-06-26 CVE-2018-0574 Basercms Cross-Site Scripting vulnerability in Basercms

Cross-site scripting vulnerability in baserCMS (baserCMS 4.1.0.1 and earlier versions, baserCMS 3.0.15 and earlier versions) allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

4.3
2018-06-26 CVE-2018-0565 Cybozu Cross-Site Scripting vulnerability in Cybozu Office

Cross-site scripting vulnerability in Cybozu Office 10.0.0 to 10.8.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

4.3
2018-06-26 CVE-2018-0559 Cybozu Cross-Site Scripting vulnerability in Cybozu Mailwise

Cross-site scripting vulnerability in Cybozu Mailwise 5.0.0 to 5.4.1 allows remote attackers to inject arbitrary web script or HTML 'Address' via unspecified vectors.

4.3
2018-06-26 CVE-2018-0558 Cybozu Cross-Site Scripting vulnerability in Cybozu Mailwise

Reflected cross-site scripting vulnerability in Cybozu Mailwise 5.0.0 to 5.4.1 allows remote attackers to inject arbitrary web script or HTML in 'System settings' via unspecified vectors.

4.3
2018-06-26 CVE-2018-0557 Cybozu Cross-Site Scripting vulnerability in Cybozu Mailwise

Stored cross-site scripting vulnerability in Cybozu Mailwise 5.0.0 to 5.4.1 allows remote attackers to inject arbitrary web script or HTML 'E-mail Details Screen' via unspecified vectors.

4.3
2018-06-26 CVE-2018-0529 Cybozu Improper Input Validation vulnerability in Cybozu Office

Cybozu Office 10.0.0 to 10.7.0 allows remote attackers to cause a denial of service via unspecified vectors.

4.3
2018-06-26 CVE-2018-0527 Cybozu Cross-Site Scripting vulnerability in Cybozu Office

Cross-site scripting vulnerability in Cybozu Office 10.0.0 to 10.7.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

4.3
2018-06-26 CVE-2018-0526 Cybozu Information Exposure vulnerability in Cybozu Office

Cybozu Office 10.0.0 to 10.7.0 allow remote attackers to display an image located in an external server via unspecified vectors.

4.3
2018-06-25 CVE-2018-11040 Pivotal Software
Oracle
Inclusion of Functionality From Untrusted Control Sphere vulnerability in multiple products

Spring Framework, versions 5.0.x prior to 5.0.7 and 4.3.x prior to 4.3.18 and older unsupported versions, allows web applications to enable cross-domain requests via JSONP (JSON with Padding) through AbstractJsonpResponseBodyAdvice for REST controllers and MappingJackson2JsonView for browser requests.

4.3
2018-06-25 CVE-2018-11039 Pivotal Software Unspecified vulnerability in Pivotal Software Spring Framework

Spring Framework (versions 5.0.x prior to 5.0.7, versions 4.3.x prior to 4.3.18, and older unsupported versions) allow web applications to change the HTTP request method to any HTTP method (including TRACE) using the HiddenHttpMethodFilter in Spring MVC.

4.3
2018-06-29 CVE-2018-8902 Ivanti Improper Authentication vulnerability in Ivanti Avalanche

An issue was discovered in Ivanti Avalanche for all versions between 5.3 and 6.2.

4.0
2018-06-28 CVE-2017-16859 Atlassian Path Traversal vulnerability in Atlassian Crucible and Fisheye

The review attachment resource in Atlassian Fisheye and Crucible before version 4.3.2, from version 4.4.0 before 4.4.3 and before version 4.5.0 allows remote attackers to read files contained within context path of the running application through a path traversal vulnerability in the command parameter.

4.0
2018-06-27 CVE-2018-1354 Fortinet Incorrect Permission Assignment for Critical Resource vulnerability in Fortinet Fortianalyzer and Fortimanager

An improper access control vulnerability in Fortinet FortiManager 6.0.0, 5.6.5 and below versions, FortiAnalyzer 6.0.0, 5.6.5 and below versions allows a regular user edit the avatar picture of other users with arbitrary content.

4.0
2018-06-27 CVE-2018-5437 Tibco Unspecified vulnerability in Tibco products

The TIBCO Spotfire Client and TIBCO Spotfire Web Player Client components of TIBCO Software Inc.'s TIBCO Spotfire Analyst, TIBCO Spotfire Analytics Platform for AWS Marketplace, TIBCO Spotfire Deployment Kit, TIBCO Spotfire Desktop, and TIBCO Spotfire Desktop Language Packs contain multiple vulnerabilities that may allow for unauthorized information disclosure.

4.0
2018-06-27 CVE-2018-5436 Tibco Information Exposure vulnerability in Tibco products

The Spotfire server component of TIBCO Software Inc.'s TIBCO Spotfire Analytics Platform for AWS Marketplace, and TIBCO Spotfire Server contain multiple vulnerabilities that may allow for the disclosure of information, including user and data source credentials.

4.0
2018-06-26 CVE-2018-11053 Dell Incorrect Permission Assignment for Critical Resource vulnerability in Dell EMC Idrac Service Module

Dell EMC iDRAC Service Module for all supported Linux and XenServer versions v3.0.1, v3.0.2, v3.1.0, v3.2.0, when started, changes the default file permission of the hosts file of the host operating system (/etc/hosts) to world writable.

4.0
2018-06-26 CVE-2018-1374 IBM Improper Input Validation vulnerability in IBM Websphere MQ

An IBM WebSphere MQ (Maintenance levels 7.1.0.0 - 7.1.0.9, 7.5.0.0 - 7.5.0.8, 8.0.0.0 - 8.0.0.8, 9.0.0.0 - 9.0.0.2, and 9.0.0 - 9.0.4) client connecting to a Queue Manager could cause a SIGSEGV in the Channel process amqrmppa.

4.0
2018-06-26 CVE-2018-4861 Siemens Information Exposure vulnerability in Siemens Scalance M875 Firmware

A vulnerability has been identified in SCALANCE M875 (All versions).

4.0
2018-06-26 CVE-2018-1000610 Jenkins Insufficiently Protected Credentials vulnerability in Jenkins Configuration AS Code

A exposure of sensitive information vulnerability exists in Jenkins Configuration as Code Plugin 0.7-alpha and earlier in DataBoundConfigurator.java, Attribute.java, BaseConfigurator.java, ExtensionConfigurator.java that allows attackers with access to Jenkins log files to obtain the passwords configured using Configuration as Code Plugin.

4.0
2018-06-26 CVE-2018-1000609 Jenkins Information Exposure vulnerability in Jenkins Configuration AS Code

A exposure of sensitive information vulnerability exists in Jenkins Configuration as Code Plugin 0.7-alpha and earlier in ConfigurationAsCode.java that allows attackers with Overall/Read access to obtain the YAML export of the Jenkins configuration.

4.0
2018-06-26 CVE-2018-1000608 Jenkins Insufficiently Protected Credentials vulnerability in Jenkins Z/Os Connector

A exposure of sensitive information vulnerability exists in Jenkins z/OS Connector Plugin 1.2.6.1 and earlier in SCLMSCM.java that allows an attacker with local file system access or control of a Jenkins administrator's web browser (e.g.

4.0
2018-06-26 CVE-2018-1000607 Jenkins Improper Input Validation vulnerability in Jenkins Fortify Cloudscan

A arbitrary file write vulnerability exists in Jenkins Fortify CloudScan Plugin 1.5.1 and earlier in ArchiveUtil.java that allows attackers able to control rulepack zip file contents to overwrite any file on the Jenkins master file system, only limited by the permissions of the user the Jenkins master process is running as.

4.0
2018-06-26 CVE-2018-1000606 Jenkins Server-Side Request Forgery (SSRF) vulnerability in Jenkins Urltrigger

A server-side request forgery vulnerability exists in Jenkins URLTrigger Plugin 0.41 and earlier in URLTrigger.java that allows attackers with Overall/Read access to cause Jenkins to send a GET request to a specified URL.

4.0
2018-06-26 CVE-2018-1000603 Jenkins Information Exposure vulnerability in Jenkins Openstack Cloud

A exposure of sensitive information vulnerability exists in Jenkins Openstack Cloud Plugin 2.35 and earlier in BootSource.java, InstancesToRun.java, JCloudsCleanupThread.java, JCloudsCloud.java, JCloudsComputer.java, JCloudsPreCreationThread.java, JCloudsRetentionStrategy.java, JCloudsSlave.java, JCloudsSlaveTemplate.java, LauncherFactory.java, OpenstackCredentials.java, OpenStackMachineStep.java, SlaveOptions.java, SlaveOptionsDescriptor.java that allows attackers with Overall/Read access to Jenkins to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins, and to cause Jenkins to submit HTTP requests to attacker-specified URLs.

4.0
2018-06-26 CVE-2018-1000601 Jenkins Information Exposure vulnerability in Jenkins SSH Credentials

A arbitrary file read vulnerability exists in Jenkins SSH Credentials Plugin 1.13 and earlier in BasicSSHUserPrivateKey.java that allows attackers with a Jenkins account and the permission to configure credential bindings to read arbitrary files from the Jenkins master file system.

4.0
2018-06-26 CVE-2018-1000558 Ocsinventory NG SQL Injection vulnerability in Ocsinventory-Ng Ocsinventory NG 2.3.1/2.4

OCS Inventory NG ocsreports 2.4 and ocsreports 2.3.1 version 2.4 and 2.3.1 contains a SQL Injection vulnerability in web search that can result in An authenticated attacker is able to gain full access to data stored within database.

4.0
2018-06-26 CVE-2018-1000510 Silkypress Incorrect Permission Assignment for Critical Resource vulnerability in Silkypress Image Zoom 1.23

WP Image Zoom version 1.23 contains a Incorrect Access Control vulnerability in AJAX settings that can result in allows anybody to cause denial of service.

4.0
2018-06-26 CVE-2018-1000503 Mybb Improper Privilege Management vulnerability in Mybb

MyBB Group MyBB contains a Incorrect Access Control vulnerability in Private forums that can result in Users can view posts from private forums without having the password.

4.0
2018-06-26 CVE-2018-0571 Basercms Unrestricted Upload of File With Dangerous Type vulnerability in Basercms

baserCMS (baserCMS 4.1.0.1 and earlier versions, baserCMS 3.0.15 and earlier versions) allows remote attackers with a site operator privilege to upload arbitrary files.

4.0
2018-06-26 CVE-2018-0566 Cybozu Improper Privilege Management vulnerability in Cybozu Office

Cybozu Office 10.0.0 to 10.8.0 allows authenticated attackers to bypass authentication to obtain the schedules without access privilege via unspecified vectors.

4.0
2018-06-26 CVE-2018-0528 Cybozu Information Exposure vulnerability in Cybozu Office

Cybozu Office 10.0.0 to 10.7.0 allows authenticated attackers to bypass authentication to view the schedules that are not permitted to access via unspecified vectors.

4.0
2018-06-26 CVE-2018-12884 Octopus Improper Privilege Management vulnerability in Octopus Deploy 3.0

In Octopus Deploy 3.0 onwards (before 2018.6.7), an authenticated user with incorrect permissions may be able to create Accounts under the Infrastructure menu.

4.0
2018-06-25 CVE-2018-11046 Pivotal Software Improper Input Validation vulnerability in Pivotal Software Operations Manager

Pivotal Operations Manager, versions 2.1.x prior to 2.1.6 and version 2.0.14, includes NGINX packages that lacks security vulnerability patches.

4.0

18 Low Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2018-06-29 CVE-2018-13002 Weblication Cross-Site Scripting vulnerability in Weblication CMS Core & Grid 12.6.24

An XSS issue was discovered in Inhaltsprojekte in Weblication CMS Core & Grid v12.6.24.

3.5
2018-06-29 CVE-2018-13000 Anelectron Cross-Site Scripting vulnerability in Anelectron Advanced Electron Forum 1.0.9

An XSS issue was discovered in Advanced Electron Forum (AEF) v1.0.9.

3.5
2018-06-29 CVE-2018-12992 Maelostore Project Cross-Site Scripting vulnerability in Maelostore Project Maelostore 1.5.0

An issue was discovered CMS MaeloStore V.1.5.0.

3.5
2018-06-28 CVE-2018-1351 Fortinet Cross-Site Scripting vulnerability in Fortinet Fortimanager

A Cross-site Scripting (XSS) vulnerability in Fortinet FortiManager 6.0.0, 5.6.6 and below versions allows attacker to execute HTML/javascript code via managed remote devices CLI commands by viewing the remote device CLI config installation log.

3.5
2018-06-27 CVE-2018-5528 F5 Improper Input Validation vulnerability in F5 Big-Ip Access Policy Manager

Under certain conditions, TMM may restart and produce a core file while processing APM data on BIG-IP 13.0.1 or 13.1.0.4-13.1.0.7.

3.5
2018-06-27 CVE-2018-1507 IBM Cross-Site Scripting vulnerability in IBM Rational Doors Next Generation 6.0.5

IBM DOORS Next Generation (DNG/RRC) 6.0.5 is vulnerable to cross-site scripting.

3.5
2018-06-26 CVE-2018-12903 Cyberark Cross-Site Scripting vulnerability in Cyberark Endpoint Privilege Manager 10.2.1.603

In CyberArk Endpoint Privilege Manager (formerly Viewfinity) 10.2.1.603, there is persistent XSS via an account name on the create token screen, the VfManager.asmx SelectAccounts->DisplayName screen, a user's groups in ConfigurationPage, the Dialog Title field, and App Group Name in the Application Group Wizard.

3.5
2018-06-26 CVE-2018-11448 Siemens Cross-Site Scripting vulnerability in Siemens Scalance M875 Firmware

A vulnerability has been identified in SCALANCE M875 (All versions).

3.5
2018-06-26 CVE-2018-1000604 Jenkins Cross-Site Scripting vulnerability in Jenkins Badge

A persisted cross-site scripting vulnerability exists in Jenkins Badge Plugin 1.4 and earlier in BadgeSummaryAction.java, HtmlBadgeAction.java that allows attackers able to control build badge content to define JavaScript that would be executed in another user's browser when that other user performs some UI actions.

3.5
2018-06-26 CVE-2018-1000513 Limesurvey Cross-Site Scripting vulnerability in Limesurvey 3.0.0

LimeSurvey version 3.0.0-beta.3+17110 contains a Cross Site Scripting (XSS) vulnerability in Boxes that can result in JS code execution against LimeSurvey admins.

3.5
2018-06-26 CVE-2018-1000508 Wpulike Cross-Site Scripting vulnerability in Wpulike Ulike 2.8.1/3.1

WP ULike version 2.8.1, 3.1 contains a Cross Site Scripting (XSS) vulnerability in Settings screen that can result in allows unauthorised users to do almost anything an admin can.

3.5
2018-06-26 CVE-2018-0570 Basercms Cross-Site Scripting vulnerability in Basercms

Cross-site scripting vulnerability in baserCMS (baserCMS 4.1.0.1 and earlier versions, baserCMS 3.0.15 and earlier versions) allows remote authenticated attackers to inject arbitrary web script or HTML via unspecified vectors.

3.5
2018-06-25 CVE-2018-11588 Centreon Cross-Site Scripting vulnerability in Centreon and Centreon web

Centreon 3.4.6 including Centreon Web 2.8.23 is vulnerable to an authenticated user injecting a payload into the username or command description, resulting in stored XSS.

3.5
2018-06-25 CVE-2018-12716 Google Information Exposure vulnerability in Google Chromecast Firmware and Home Firmware

The API service on Google Home and Chromecast devices before mid-July 2018 does not prevent DNS rebinding attacks from reading the scan_results JSON data, which allows remote attackers to determine the physical location of most web browsers by leveraging the presence of one of these devices on its local network, extracting the scan_results bssid fields, and sending these fields in a geolocation/v1/geolocate Google Maps Geolocation API request.

3.3
2018-06-29 CVE-2018-8901 Ivanti Unspecified vulnerability in Ivanti Avalanche

An issue was discovered in Ivanti Avalanche for all versions between 5.3 and 6.2.

2.1
2018-06-29 CVE-2018-13014 Safensoft Insufficiently Protected Credentials vulnerability in Safensoft Enterprise Suite, Syswatch and Tpsecure

Storing password in recoverable format in safensec.com (SysWatch service) in SAFE'N'SEC SoftControl/SafenSoft SysWatch, SoftControl/SafenSoft TPSecure, and SoftControl/SafenSoft Enterprise Suite before 4.4.2 allows the local attacker to restore the SysWatch password from the settings database and modify program settings.

2.1
2018-06-26 CVE-2018-11449 Siemens Unspecified vulnerability in Siemens Scalance M875 Firmware

A vulnerability has been identified in SCALANCE M875 (All versions).

2.1
2018-06-26 CVE-2018-1000532 Beep Project Path Traversal vulnerability in Beep Project Beep 1.3

beep version 1.3 and up contains a External Control of File Name or Path vulnerability in --device option that can result in Local unprivileged user can inhibit execution of arbitrary programs by other users, allowing DoS.

1.9