Weekly Vulnerabilities Reports > July 23 to 29, 2018

Overview

273 new vulnerabilities reported during this period, including 17 critical vulnerabilities and 60 high severity vulnerabilities. This weekly summary report vulnerabilities in 387 products from 127 vendors including Redhat, Debian, Linux, Canonical, and Jenkins. Vulnerabilities are notably categorized as "Cross-site Scripting", "Out-of-bounds Read", "Path Traversal", "Improper Input Validation", and "Information Exposure".

  • 230 reported vulnerabilities are remotely exploitables.
  • 9 reported vulnerabilities have public exploit available.
  • 82 reported vulnerabilities are related to weaknesses in OWASP Top Ten.
  • 194 reported vulnerabilities are exploitable by an anonymous user.
  • Redhat has the most reported vulnerabilities, with 79 reported vulnerabilities.
  • Redhat has the most reported critical vulnerabilities, with 7 reported vulnerabilities.

TOTAL
VULNERABILITIES
CRITICAL RISK
VULNERABILITIES
HIGH RISK
VULNERABILITIES
MEDIUM RISK
VULNERABILITIES
LOW RISK
VULNERABILITIES
REMOTELY
EXPLOITABLE
LOCALLY
EXPLOITABLE
EXPLOIT
AVAILABLE
EXPLOITABLE
ANONYMOUSLY
AFFECTING
WEB APPLICATION

Vulnerability Details

The following table list reported vulnerabilities for the period covered by this report:

Expand/Hide

17 Critical Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2018-07-26 CVE-2017-2637 Redhat Missing Authentication for Critical Function vulnerability in Redhat Openstack

A design flaw issue was found in the Red Hat OpenStack Platform director use of TripleO to enable libvirtd based live-migration.

10.0
2018-07-25 CVE-2018-11491 Asus Improper Authentication vulnerability in Asus Hg100 Firmware

ASUS HG100 devices with firmware before 1.05.12 allow unauthenticated access, leading to remote command execution.

10.0
2018-07-27 CVE-2016-9603 Qemu
Redhat
Citrix
Debian
Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products

A heap buffer overflow flaw was found in QEMU's Cirrus CLGD 54xx VGA emulator's VNC display driver support before 2.9; the issue could occur when a VNC client attempted to update its display after a VGA operation is performed by a guest.

9.9
2018-07-27 CVE-2017-2620 Qemu
Redhat
Citrix
Debian
XEN
Out-of-bounds Write vulnerability in multiple products

Quick emulator (QEMU) before 2.8 built with the Cirrus CLGD 54xx VGA Emulator support is vulnerable to an out-of-bounds access issue.

9.9
2018-07-27 CVE-2017-15118 Qemu
Redhat
Canonical
Out-of-bounds Write vulnerability in multiple products

A stack-based buffer overflow vulnerability was found in NBD server implementation in qemu before 2.11 allowing a client to request an export name of size up to 4096 bytes, which in fact should be limited to 256 bytes, causing an out-of-bounds stack write in the qemu process.

9.8
2018-07-27 CVE-2017-7470 Redhat Incorrect Authorization vulnerability in Redhat Satellite and Spacewalk

It was found that spacewalk-channel can be used by a non-admin user or disabled users to perform administrative tasks due to an incorrect authorization check in backend/server/rhnChannel.py.

9.8
2018-07-27 CVE-2017-7464 Redhat XXE vulnerability in Redhat Jboss Enterprise Application Platform 7.0

It was found that the JAXP implementation used in JBoss EAP 7.0 for SAX and DOM parsing is vulnerable to certain XXE flaws.

9.8
2018-07-24 CVE-2018-10628 Aveva Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Aveva Intouch 2014 and Intouch 2017

AVEVA InTouch 2014 R2 SP1 and prior, InTouch 2017, InTouch 2017 Update 1, and InTouch 2017 Update 2 allow an unauthenticated user to send a specially crafted packet that could overflow the buffer on a locale not using a dot floating point separator.

9.8
2018-07-24 CVE-2018-5384 Navarino SQL Injection vulnerability in Navarino Infinity 2.2

Navarino Infinity web interface up to version 2.2 exposes an unauthenticated script that is prone to blind sql injection.

9.8
2018-07-23 CVE-2018-11757 Apache Unspecified vulnerability in Apache Openwhisk

In Docker Skeleton Runtime for Apache OpenWhisk, a Docker action inheriting the Docker tag openwhisk/dockerskeleton:1.3.0 (or earlier) may allow an attacker to replace the user function inside the container if the user code is vulnerable to code exploitation.

9.8
2018-07-23 CVE-2018-11756 Apache Unspecified vulnerability in Apache Openwhisk 1.0.0

In PHP Runtime for Apache OpenWhisk, a Docker action inheriting one of the Docker tags openwhisk/action-php-v7.2:1.0.0 or openwhisk/action-php-v7.1:1.0.1 (or earlier) may allow an attacker to replace the user function inside the container if the user code is vulnerable to code exploitation.

9.8
2018-07-24 CVE-2017-3217 Calamp Missing Authentication for Critical Function vulnerability in Calamp products

CalAmp LMU 3030 series OBD-II CDMA and GSM devices has an SMS (text message) interface that can be deployed where no password is configured for this interface by the integrator / reseller.

9.3
2018-07-24 CVE-2017-3189 Dotcms Unrestricted Upload of File with Dangerous Type vulnerability in Dotcms

The dotCMS administration panel, versions 3.7.1 and earlier, "Push Publishing" feature in Enterprise Pro is vulnerable to arbitrary file upload.

9.3
2018-07-23 CVE-2018-6678 Mcafee Unspecified vulnerability in Mcafee web Gateway 7.8.1.0

Configuration/Environment manipulation vulnerability in the administrative interface in McAfee Web Gateway (MWG) MWG 7.8.1.x allows authenticated administrator users to execute arbitrary commands via unspecified vectors.

9.1
2018-07-23 CVE-2018-6677 Mcafee Path Traversal vulnerability in Mcafee web Gateway 7.8.1.0

Directory Traversal vulnerability in the administrative user interface in McAfee Web Gateway (MWG) MWG 7.8.1.x allows authenticated administrator users to gain elevated privileges via unspecified vectors.

9.1
2018-07-27 CVE-2017-2652 Jenkins Improper Authentication vulnerability in Jenkins Distributed Fork

It was found that there were no permission checks performed in the Distributed Fork plugin before and including 1.5.0 for Jenkins that provides the dist-fork CLI command beyond the basic check for Overall/Read permission, allowing anyone with that permission to run arbitrary shell commands on all connected nodes.

9.0
2018-07-27 CVE-2017-12148 Redhat Improper Input Validation vulnerability in Redhat Ansible Tower and Cloudforms

A flaw was found in Ansible Tower's interface before 3.1.5 and 3.2.0 with SCM repositories.

9.0

60 High Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2018-07-27 CVE-2016-9577 Spice Project
Redhat
Debian
Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products

A vulnerability was discovered in SPICE before 0.13.90 in the server's protocol handling.

8.8
2018-07-27 CVE-2017-2630 Qemu Stack-based Buffer Overflow vulnerability in Qemu

A stack buffer overflow flaw was found in the Quick Emulator (QEMU) before 2.9 built with the Network Block Device (NBD) client support.

8.8
2018-07-24 CVE-2018-5385 Navarino Session Fixation vulnerability in Navarino Infinity 2.2

Navarino Infinity is prone to session fixation attacks.

8.8
2018-07-27 CVE-2017-15119 Qemu
Canonical
Debian
Redhat
Resource Exhaustion vulnerability in multiple products

The Network Block Device (NBD) server in Quick Emulator (QEMU) before 2.11 is vulnerable to a denial of service issue.

8.6
2018-07-23 CVE-2018-1999018 Pydio Improper Input Validation vulnerability in Pydio

Pydio version 8.2.1 and prior contains an Unvalidated user input leading to Remote Code Execution (RCE) vulnerability in plugins/action.antivirus/AntivirusScanner.php: Line 124, scanNow($nodeObject) that can result in An attacker gaining admin access and can then execute arbitrary commands on the underlying OS.

8.5
2018-07-28 CVE-2018-14678 Linux
XEN
Debian
Canonical
Improper Initialization vulnerability in multiple products

An issue was discovered in the Linux kernel through 4.17.11, as used in Xen through 4.11.x.

7.8
2018-07-26 CVE-2018-10879 Canonical
Linux
Debian
Redhat
Use After Free vulnerability in multiple products

A flaw was found in the Linux kernel's ext4 filesystem.

7.8
2018-07-26 CVE-2018-10878 Canonical
Linux
Debian
Redhat
Out-of-bounds Write vulnerability in multiple products

A flaw was found in the Linux kernel's ext4 filesystem.

7.8
2018-07-26 CVE-2018-10901 Linux
Redhat
A flaw was found in Linux kernel's KVM virtualization subsystem.
7.8
2018-07-25 CVE-2018-5541 F5 Resource Exhaustion vulnerability in F5 Big-Ip Application Security Manager

When F5 BIG-IP ASM 13.0.0-13.1.0.1, 12.1.0-12.1.3.5, 11.6.0-11.6.3.1, or 11.5.1-11.5.6 is processing HTTP requests, an unusually large number of parameters can cause excessive CPU usage in the BIG-IP ASM bd process.

7.8
2018-07-24 CVE-2018-10906 Debian
Fuse Project
Redhat
Improper Privilege Management vulnerability in multiple products

In fuse before versions 2.9.8 and 3.x before 3.2.5, fusermount is vulnerable to a restriction bypass when SELinux is active.

7.8
2018-07-24 CVE-2018-10608 Selinc Resource Exhaustion vulnerability in Selinc Acselerator Architect 2.2.24.0

SEL AcSELerator Architect version 2.2.24.0 and prior can be exploited when the AcSELerator Architect FTP client connects to a malicious FTP server, which may cause denial of service via 100% CPU utilization.

7.8
2018-07-23 CVE-2018-11452 Siemens Improper Input Validation vulnerability in Siemens products

A vulnerability has been identified in Firmware variant IEC 61850 for EN100 Ethernet module (All versions < V4.33), Firmware variant PROFINET IO for EN100 Ethernet module (All versions), Firmware variant Modbus TCP for EN100 Ethernet module (All versions), Firmware variant DNP3 TCP for EN100 Ethernet module (All versions), Firmware variant IEC104 for EN100 Ethernet module (All versions < V1.22).

7.8
2018-07-23 CVE-2018-11451 Siemens Improper Input Validation vulnerability in Siemens products

A vulnerability has been identified in Firmware variant IEC 61850 for EN100 Ethernet module (All versions < V4.33), Firmware variant PROFINET IO for EN100 Ethernet module (All versions), Firmware variant Modbus TCP for EN100 Ethernet module (All versions), Firmware variant DNP3 TCP for EN100 Ethernet module (All versions), Firmware variant IEC104 for EN100 Ethernet module (All versions < V1.22), SIPROTEC 5 relays with CPU variants CP300 and CP100 and the respective Ethernet communication modules (All versions < V7.80), SIPROTEC 5 relays with CPU variants CP200 and the respective Ethernet communication modules (All versions < V7.58).

7.8
2018-07-27 CVE-2016-9578 Spice Project
Redhat
Debian
Improper Input Validation vulnerability in multiple products

A vulnerability was discovered in SPICE before 0.13.90 in the server's protocol handling.

7.5
2018-07-27 CVE-2017-15101 Liblouis
Redhat
Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products

A missing patch for a stack-based buffer overflow in findTable() was found in Red Hat version of liblouis before 2.5.4.

7.5
2018-07-27 CVE-2017-2634 Linux
Redhat
NULL Pointer Dereference vulnerability in multiple products

It was found that the Linux kernel's Datagram Congestion Control Protocol (DCCP) implementation before 2.6.22.17 used the IPv4-only inet_sk_rebuild_header() function for both IPv4 and IPv6 DCCP connections, which could result in memory corruptions.

7.5
2018-07-27 CVE-2017-2640 Pidgin
Debian
Redhat
Out-of-bounds Write vulnerability in multiple products

An out-of-bounds write flaw was found in the way Pidgin before 2.12.0 processed XML content.

7.5
2018-07-27 CVE-2017-2639 Redhat Improper Certificate Validation vulnerability in Redhat Cloudforms and Cloudforms Management Engine

It was found that CloudForms does not verify that the server hostname matches the domain name in the certificate when using a custom CA and communicating with Red Hat Virtualization (RHEV) and OpenShift.

7.5
2018-07-26 CVE-2018-14608 Thomsonreuters Missing Encryption of Sensitive Data vulnerability in Thomsonreuters Ultratax CS 2017

Thomson Reuters UltraTax CS 2017 on Windows has a password protection option; however, the level of protection might be inconsistent with some customers' expectations because the data is directly accessible in cleartext.

7.5
2018-07-26 CVE-2018-14607 Thomsonreuters Missing Encryption of Sensitive Data vulnerability in Thomsonreuters Ultratax CS 2017

Thomson Reuters UltraTax CS 2017 on Windows, in a client/server configuration, transfers customer records and bank account numbers in cleartext over SMBv2, which allows attackers to (1) obtain sensitive information by sniffing the network or (2) conduct man-in-the-middle (MITM) attacks via unspecified vectors.

7.5
2018-07-26 CVE-2017-7558 Linux
Debian
Out-of-bounds Read vulnerability in multiple products

A kernel data leak due to an out-of-bound read was found in the Linux kernel in inet_diag_msg_sctp{,l}addr_fill() and sctp_get_sctp_info() functions present since version 4.7-rc1 through version 4.13.

7.5
2018-07-26 CVE-2017-7539 Qemu
Redhat
Reachable Assertion vulnerability in multiple products

An assertion-failure flaw was found in Qemu before 2.10.1, in the Network Block Device (NBD) server's initial connection negotiation, where the I/O coroutine was undefined.

7.5
2018-07-26 CVE-2017-7537 Redhat
Dogtagpki
DEPRECATED: Authentication Bypass Issues vulnerability in multiple products

It was found that a mock CMC authentication plugin with a hardcoded secret was accidentally enabled by default in the pki-core package before 10.6.4.

7.5
2018-07-25 CVE-2017-10934 ZTE Deserialization of Untrusted Data vulnerability in ZTE Zxiptv-Epg Firmware

All versions prior to V5.09.02.02T4 of the ZTE ZXIPTV-EPG product use the Java RMI service in which the servers use the Apache Commons Collections (ACC) library that may result in Java deserialization vulnerabilities.

7.5
2018-07-24 CVE-2018-8859 Echelon Improper Authentication vulnerability in Echelon products

Echelon SmartServer 1 all versions, SmartServer 2 all versions prior to release 4.11.007, i.LON 100 all versions, and i.LON 600 all versions.

7.5
2018-07-24 CVE-2018-8855 Echelon Cleartext Transmission of Sensitive Information vulnerability in Echelon products

Echelon SmartServer 1 all versions, SmartServer 2 all versions prior to release 4.11.007, i.LON 100 all versions, and i.LON 600 all versions.

7.5
2018-07-24 CVE-2018-5386 Navarino Information Exposure vulnerability in Navarino Infinity 2.2

Some Navarino Infinity functions, up to version 2.2, placed in the URL can bypass any authentication mechanism leading to an information leak.

7.5
2018-07-24 CVE-2017-3223 Dahuasecurity Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Dahuasecurity IP Camera Firmware

Dahua IP camera products using firmware versions prior to V2.400.0000.14.R.20170713 include a version of the Sonia web interface that may be vulnerable to a stack buffer overflow.

7.5
2018-07-24 CVE-2017-3181 Tibco SQL Injection vulnerability in Tibco products

Multiple TIBCO Products are prone to multiple unspecified SQL-injection vulnerabilities because it fails to properly sanitize user-supplied input before using it in an SQL query.

7.5
2018-07-24 CVE-2018-14579 Golemcms Project Code Injection vulnerability in Golemcms Project Golemcms

GolemCMS through 2008-12-24, if the install/ directory remains active after an installation, allows remote attackers to execute arbitrary PHP code by inserting this code into the "Database Information" "Table prefix" form field, or obtain sensitive information via a direct request for install/install.sql.

7.5
2018-07-24 CVE-2018-13385 Atlassian Argument Injection or Modification vulnerability in Atlassian Sourcetree

There was an argument injection vulnerability in Sourcetree for macOS via filenames in Mercurial repositories.

7.5
2018-07-24 CVE-2018-10600 Selinc XXE vulnerability in Selinc Acselerator Architect 2.2.24.0

SEL AcSELerator Architect version 2.2.24.0 and prior allows unsanitized input to be passed to the XML parser, which may allow disclosure and retrieval of arbitrary data, arbitrary code execution (in certain situations on specific platforms), and denial of service attacks.

7.5
2018-07-23 CVE-2018-1999022 Html Quickform Project
Civicrm
Code Injection vulnerability in multiple products

PEAR HTML_QuickForm version 3.2.14 contains an eval injection (CWE-95) vulnerability in HTML_QuickForm's getSubmitValue method, HTML_QuickForm's validate method, HTML_QuickForm_hierselect's _setOptions method, HTML_QuickForm_element's _findValue method, HTML_QuickForm_element's _prepareValue method.

7.5
2018-07-23 CVE-2018-1999019 Chamilo Code Injection vulnerability in Chamilo LMS

Chamilo LMS version 11.x contains an Unserialization vulnerability in the "hash" GET parameter for the api endpoint located at /webservices/api/v2.php that can result in Unauthenticated remote code execution.

7.5
2018-07-23 CVE-2018-1999010 Ffmpeg
Debian
Out-of-bounds Read vulnerability in multiple products

FFmpeg before commit cced03dd667a5df6df8fd40d8de0bff477ee02e8 contains multiple out of array access vulnerabilities in the mms protocol that can result in attackers accessing out of bound data.

7.5
2018-07-23 CVE-2018-14565 Thunlp Out-of-bounds Read vulnerability in Thunlp Thulac 20180225

An issue was discovered in libthulac.so in THULAC through 2018-02-25.

7.5
2018-07-23 CVE-2018-14564 Thunlp Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Thunlp Thulac 20180225

An issue was discovered in libthulac.so in THULAC through 2018-02-25.

7.5
2018-07-23 CVE-2018-14563 Thunlp Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Thunlp Thulac 20180225

An issue was discovered in libthulac.so in THULAC through 2018-02-25.

7.5
2018-07-23 CVE-2018-14562 Thunlp NULL Pointer Dereference vulnerability in Thunlp Thulac 20180225

An issue was discovered in libthulac.so in THULAC through 2018-02-25.

7.5
2018-07-23 CVE-2018-14551 Imagemagick
Canonical
Use of Uninitialized Resource vulnerability in multiple products

The ReadMATImageV4 function in coders/mat.c in ImageMagick 7.0.8-7 uses an uninitialized variable, leading to memory corruption.

7.5
2018-07-23 CVE-2018-14532 Axiosys Out-of-bounds Read vulnerability in Axiosys Bento4 1.5.1624

An issue was discovered in Bento4 1.5.1-624.

7.5
2018-07-23 CVE-2018-14531 Axiosys Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Axiosys Bento4 1.5.1624

An issue was discovered in Bento4 1.5.1-624.

7.5
2018-07-23 CVE-2018-14515 Wuzhi CMS Project SQL Injection vulnerability in Wuzhi CMS Project Wuzhi CMS 4.1.0

A SQL injection was discovered in WUZHI CMS 4.1.0 that allows remote attackers to inject a malicious SQL statement via the index.php?m=promote&f=index&v=search keywords parameter.

7.5
2018-07-23 CVE-2018-14514 Icmsdev Server-Side Request Forgery (SSRF) vulnerability in Icmsdev Icms 7.0.9

An SSRF vulnerability was discovered in idreamsoft iCMS V7.0.9 that allows attackers to read sensitive files, access an intranet, or possibly have unspecified other impact.

7.5
2018-07-23 CVE-2018-6683 Mcafee Incorrect Default Permissions vulnerability in Mcafee Data Loss Prevention Endpoint

Exploiting Incorrectly Configured Access Control Security Levels vulnerability in McAfee Data Loss Prevention (DLP) for Windows versions prior to 10.0.505 and 11.0.405 allows local users to bypass DLP policy via editing of local policy files when offline.

7.4
2018-07-26 CVE-2018-10900 Gnome
Debian
OS Command Injection vulnerability in multiple products

Network Manager VPNC plugin (aka networkmanager-vpnc) before version 1.2.6 is vulnerable to a privilege escalation attack.

7.2
2018-07-24 CVE-2017-3210 Portrait
Fujitsu
HP
Philips
Configuration vulnerability in multiple products

Applications developed using the Portrait Display SDK, versions 2.30 through 2.34, default to insecure configurations which allow arbitrary code execution.

7.2
2018-07-24 CVE-2018-10905 Redhat OS Command Injection vulnerability in Redhat Cloudforms and Cloudforms Management Engine

CloudForms Management Engine (cfme) is vulnerable to an improper security setting in the dRuby component of CloudForms.

7.2
2018-07-27 CVE-2018-14617 Linux
Debian
Canonical
NULL Pointer Dereference vulnerability in Linux Kernel

An issue was discovered in the Linux kernel through 4.17.10.

7.1
2018-07-27 CVE-2018-14616 Linux NULL Pointer Dereference vulnerability in Linux Kernel

An issue was discovered in the Linux kernel through 4.17.10.

7.1
2018-07-27 CVE-2018-14615 Linux Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Linux Kernel

An issue was discovered in the Linux kernel through 4.17.10.

7.1
2018-07-27 CVE-2018-14614 Linux NULL Pointer Dereference vulnerability in Linux Kernel

An issue was discovered in the Linux kernel through 4.17.10.

7.1
2018-07-27 CVE-2018-14613 Linux NULL Pointer Dereference vulnerability in Linux Kernel

An issue was discovered in the Linux kernel through 4.17.10.

7.1
2018-07-27 CVE-2018-14612 Linux NULL Pointer Dereference vulnerability in Linux Kernel

An issue was discovered in the Linux kernel through 4.17.10.

7.1
2018-07-27 CVE-2018-14611 Linux
Debian
Use After Free vulnerability in Linux Kernel

An issue was discovered in the Linux kernel through 4.17.10.

7.1
2018-07-27 CVE-2018-14610 Linux Out-of-bounds Read vulnerability in Linux Kernel

An issue was discovered in the Linux kernel through 4.17.10.

7.1
2018-07-27 CVE-2018-14609 Linux
Debian
Canonical
NULL Pointer Dereference vulnerability in Linux Kernel

An issue was discovered in the Linux kernel through 4.17.10.

7.1
2018-07-26 CVE-2017-12163 Samba
Redhat
Debian
Information Exposure vulnerability in multiple products

An information leak flaw was found in the way SMB1 protocol was implemented by Samba before 4.4.16, 4.5.x before 4.5.14, and 4.6.x before 4.6.8.

7.1
2018-07-23 CVE-2018-1999012 Ffmpeg Infinite Loop vulnerability in Ffmpeg

FFmpeg before commit 9807d3976be0e92e4ece3b4b1701be894cd7c2e1 contains a CWE-835: Infinite loop vulnerability in pva format demuxer that can result in a Vulnerability that allows attackers to consume excessive amount of resources like CPU and RAM.

7.1

173 Medium Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2018-07-26 CVE-2017-12164 Gnome Improper Initialization vulnerability in Gnome Display Manager 3.24.1

A flaw was discovered in gdm 3.24.1 where gdm greeter was no longer setting the ran_once boolean during autologin.

6.9
2018-07-28 CVE-2018-14682 Cabextract
Cabextract Project
Debian
Canonical
Redhat
Off-by-one Error vulnerability in multiple products

An issue was discovered in mspack/chmd.c in libmspack before 0.7alpha.

6.8
2018-07-28 CVE-2018-14681 Cabextract
Cabextract Project
Debian
Canonical
Redhat
Out-of-bounds Write vulnerability in multiple products

An issue was discovered in kwajd_read_headers in mspack/kwajd.c in libmspack before 0.7alpha.

6.8
2018-07-27 CVE-2017-2649 Jenkins Improper Certificate Validation vulnerability in Jenkins Active Directory

It was found that the Active Directory Plugin for Jenkins up to and including version 2.2 did not verify certificates of the Active Directory server, thereby enabling Man-in-the-Middle attacks.

6.8
2018-07-27 CVE-2017-2648 Jenkins Improper Certificate Validation vulnerability in Jenkins SSH Slaves

It was found that jenkins-ssh-slaves-plugin before version 1.15 did not perform host key verification, thereby enabling Man-in-the-Middle attacks.

6.8
2018-07-27 CVE-2018-1056 Advancemame
Canonical
Debian
Out-of-bounds Read vulnerability in multiple products

An out-of-bounds heap buffer read flaw was found in the way advancecomp before 2.1-2018/02 handled processing of ZIP files.

6.8
2018-07-27 CVE-2017-2581 Netpbm Project Out-of-bounds Write vulnerability in Netpbm Project Netpbm

An out-of-bounds write vulnerability was found in netpbm before 10.61.

6.8
2018-07-27 CVE-2017-2580 Netpbm Project Out-of-bounds Write vulnerability in Netpbm Project Netpbm 10.61.00

An out-of-bounds write vulnerability was found in netpbm before 10.61.

6.8
2018-07-27 CVE-2017-2579 Netpbm Project Out-of-bounds Read vulnerability in Netpbm Project Netpbm 10.61.00

An out-of-bounds read vulnerability was found in netpbm before 10.61.

6.8
2018-07-27 CVE-2018-14603 Gitlab Cross-Site Request Forgery (CSRF) vulnerability in Gitlab

An issue was discovered in GitLab Community and Enterprise Edition before 10.8.7, 11.0.x before 11.0.5, and 11.1.x before 11.1.2.

6.8
2018-07-26 CVE-2018-0621 Logitech Untrusted Search Path vulnerability in Logitech Connection Utility Software

Untrusted search path vulnerability in LOGICOOL CONNECTION UTILITY SOFTWARE versions before 2.30.9 allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.

6.8
2018-07-26 CVE-2018-0620 Logitech Untrusted Search Path vulnerability in Logitech Game Software

Untrusted search path vulnerability in LOGICOOL Game Software versions before 8.87.116 allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.

6.8
2018-07-26 CVE-2018-0619 Glarysoft Untrusted Search Path vulnerability in Glarysoft Glary Utilities 5.99

Untrusted search path vulnerability in the installer of Glarysoft Glary Utilities (Glary Utilities 5.99 and earlier and Glary Utilities Pro 5.99 and earlier) allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.

6.8
2018-07-26 CVE-2017-12610 Apache Improper Authentication vulnerability in Apache Kafka

In Apache Kafka 0.10.0.0 to 0.10.2.1 and 0.11.0.0 to 0.11.0.1, authenticated Kafka clients may use impersonation via a manually crafted protocol message with SASL/PLAIN or SASL/SCRAM authentication when using the built-in PLAIN or SCRAM server implementations in Apache Kafka.

6.8
2018-07-26 CVE-2017-7526 Gnupg
Canonical
Debian
Cryptographic Issues vulnerability in multiple products

libgcrypt before version 1.7.8 is vulnerable to a cache side-channel attack resulting into a complete break of RSA-1024 while using the left-to-right method for computing the sliding-window expansion.

6.8
2018-07-25 CVE-2018-8090 Quickheal Uncontrolled Search Path Element vulnerability in Quickheal Antivirus Pro, Internet Security and Total Security

Quick Heal Total Security 64 bit 17.00 (QHTS64.exe), (QHTSFT64.exe) - Version 10.0.1.38; Quick Heal Total Security 32 bit 17.00 (QHTS32.exe), (QHTSFT32.exe) - Version 10.0.1.38; Quick Heal Internet Security 64 bit 17.00 (QHIS64.exe), (QHISFT64.exe) - Version 10.0.0.37; Quick Heal Internet Security 32 bit 17.00 (QHIS32.exe), (QHISFT32.exe) - Version 10.0.0.37; Quick Heal AntiVirus Pro 64 bit 17.00 (QHAV64.exe), (QHAVFT64.exe) - Version 10.0.0.37; and Quick Heal AntiVirus Pro 32 bit 17.00 (QHAV32.exe), (QHAVFT32.exe) - Version 10.0.0.37 allow DLL Hijacking because of Insecure Library Loading.

6.8
2018-07-25 CVE-2018-5542 F5 Improper Input Validation vulnerability in F5 products

F5 BIG-IP 13.0.0-13.0.1, 12.1.0-12.1.3.6, or 11.2.1-11.6.3.2 HTTPS health monitors do not validate the identity of the monitored server.

6.8
2018-07-24 CVE-2018-14589 Axiosys Out-of-bounds Read vulnerability in Axiosys Bento4 1.5.1624

An issue has been discovered in Bento4 1.5.1-624.

6.8
2018-07-24 CVE-2018-14587 Axiosys Out-of-bounds Read vulnerability in Axiosys Bento4 1.5.1624

An issue has been discovered in Bento4 1.5.1-624.

6.8
2018-07-24 CVE-2018-14586 Axiosys Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Axiosys Bento4 1.5.1624

An issue has been discovered in Bento4 1.5.1-624.

6.8
2018-07-24 CVE-2018-14585 Axiosys Out-of-bounds Read vulnerability in Axiosys Bento4 1.5.1624

An issue has been discovered in Bento4 1.5.1-624.

6.8
2018-07-24 CVE-2018-14584 Axiosys Out-of-bounds Read vulnerability in Axiosys Bento4 1.5.1624

An issue has been discovered in Bento4 1.5.1-624.

6.8
2018-07-24 CVE-2018-14583 Xyhcms Cross-Site Request Forgery (CSRF) vulnerability in Xyhcms 3.5

xyhai.php?s=/Auth/addUser in XYHCMS 3.5 allows CSRF to add a background administrator account.

6.8
2018-07-24 CVE-2018-14582 Bagesoft Cross-Site Request Forgery (CSRF) vulnerability in Bagesoft Bagecms 3.1.3

index.php?r=admini/admin/create in BageCMS V3.1.3 allows CSRF to add a background administrator account.

6.8
2018-07-24 CVE-2017-3187 Dotcms Cross-Site Request Forgery (CSRF) vulnerability in Dotcms

The dotCMS administration panel, versions 3.7.1 and earlier, are vulnerable to cross-site request forgery.

6.8
2018-07-24 CVE-2018-13386 Atlassian Argument Injection or Modification vulnerability in Atlassian Sourcetree

There was an argument injection vulnerability in Sourcetree for Windows via filenames in Mercurial repositories.

6.8
2018-07-23 CVE-2018-1999023 Wesnoth Code Injection vulnerability in Wesnoth the Battle FOR Wesnoth

The Battle for Wesnoth Project version 1.7.0 through 1.14.3 contains a Code Injection vulnerability in the Lua scripting engine that can result in code execution outside the sandbox.

6.8
2018-07-23 CVE-2018-1999011 Ffmpeg Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Ffmpeg

FFmpeg before commit 2b46ebdbff1d8dec7a3d8ea280a612b91a582869 contains a Buffer Overflow vulnerability in asf_o format demuxer that can result in heap-buffer-overflow that may result in remote code execution.

6.8
2018-07-23 CVE-2018-1999009 Octobercms Information Exposure vulnerability in Octobercms October

October CMS version prior to Build 437 contains a Local File Inclusion vulnerability in modules/system/traits/ViewMaker.php#244 (makeFileContents function) that can result in Sensitive information disclosure and remote code execution.

6.8
2018-07-23 CVE-2018-14523 Aubio
Opensuse
Suse
Out-of-bounds Read vulnerability in multiple products

An issue was discovered in aubio 0.4.6.

6.8
2018-07-23 CVE-2018-14522 Aubio
Opensuse
Suse
Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products

An issue was discovered in aubio 0.4.6.

6.8
2018-07-23 CVE-2018-14521 Aubio Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Aubio 0.4.6

An issue was discovered in aubio 0.4.6.

6.8
2018-07-27 CVE-2017-15097 Redhat Link Following vulnerability in Redhat products

Privilege escalation flaws were found in the Red Hat initialization scripts of PostgreSQL.

6.7
2018-07-27 CVE-2017-15113 Ovirt
Redhat
Information Exposure Through Log Files vulnerability in multiple products

ovirt-engine before version 4.1.7.6 with log level set to DEBUG includes passwords in the log file without masking.

6.6
2018-07-27 CVE-2018-6686 Mcafee Improper Authentication vulnerability in Mcafee Drive Encryption

Authentication Bypass vulnerability in TPM autoboot in McAfee Drive Encryption (MDE) 7.1.0 and above allows physically proximate attackers to bypass local security protection via specific set of circumstances.

6.6
2018-07-27 CVE-2017-2633 Qemu
Redhat
Out-of-bounds Write vulnerability in multiple products

An out-of-bounds memory access issue was found in Quick Emulator (QEMU) before 1.7.2 in the VNC display driver.

6.5
2018-07-27 CVE-2017-2658 Redhat Improper Input Validation vulnerability in Redhat products

It was discovered that the Dashbuilder login page as used in Red Hat JBoss BPM Suite before 6.4.2 and Red Hat JBoss Data Virtualization & Services before 6.4.3 could be opened in an IFRAME, which made it possible to intercept and manipulate requests.

6.5
2018-07-27 CVE-2017-2653 Redhat Improper Input Validation vulnerability in Redhat Cloudforms and Cloudforms Management Engine

A number of unused delete routes are present in CloudForms before 5.7.2.1 which can be accessed via GET requests instead of just POST requests.

6.5
2018-07-26 CVE-2018-0613 Necplatforms Improper Privilege Management vulnerability in Necplatforms products

NEC Platforms Calsos CSDX and CSDJ series products (CSDX 1.37210411 and earlier, CSDX(P) 4.37210411 and earlier, CSDX(D) 3.37210411 and earlier, CSDX(S) 2.37210411 and earlier, CSDJ-B 01.03.00 and earlier, CSDJ-H 01.03.00 and earlier, CSDJ-D 01.03.00 and earlier, CSDJ-A 03.00.00) allows remote authenticated attackers to bypass access restriction to conduct arbitrary operations with administrative privilege via unspecified vectors.

6.5
2018-07-26 CVE-2018-0607 Cybozu SQL Injection vulnerability in Cybozu Garoon

SQL injection vulnerability in the Notifications application in the Cybozu Garoon 3.5.0 to 4.6.2 allows remote authenticated attackers to execute arbitrary SQL commands via unspecified vectors.

6.5
2018-07-26 CVE-2017-12171 Redhat
Apache
Improper Access Control vulnerability in multiple products

A regression was found in the Red Hat Enterprise Linux 6.9 version of httpd 2.2.15-60, causing comments in the "Allow" and "Deny" configuration lines to be parsed incorrectly.

6.5
2018-07-26 CVE-2017-7562 Redhat
MIT
Improper Certificate Validation vulnerability in multiple products

An authentication bypass flaw was found in the way krb5's certauth interface before 1.16.1 handled the validation of client certificates.

6.5
2018-07-26 CVE-2017-7530 Redhat Unspecified vulnerability in Redhat Cloudforms and Cloudforms Management Engine

In CloudForms Management Engine (cfme) before 5.7.3 and 5.8.x before 5.8.1, it was found that privilege check is missing when invoking arbitrary methods via filtering on VMs that MiqExpression will execute that is triggerable by API users.

6.5
2018-07-24 CVE-2018-11060 RSA Unspecified vulnerability in RSA Archer 6.4.0.0

RSA Archer, versions prior to 6.4.0.1, contain an authorization bypass vulnerability in the REST API.

6.5
2018-07-24 CVE-2017-3183 Sage Incorrect Authorization vulnerability in Sage XRT Treasury 3.0

Sage XRT Treasury, version 3, fails to properly restrict database access to authorized users, which may enable any authenticated user to gain full access to privileged database functions.

6.5
2018-07-24 CVE-2018-14335 H2Database Link Following vulnerability in H2Database H2 1.4.197

An issue was discovered in H2 1.4.197.

6.5
2018-07-24 CVE-2018-10604 Selinc Incorrect Default Permissions vulnerability in Selinc SEL Compass 3.0.5.1

SEL Compass version 3.0.5.1 and prior allows all users full access to the SEL Compass directory, which may allow modification or overwriting of files within the Compass installation folder, resulting in escalation of privilege and/or malicious code execution.

6.5
2018-07-23 CVE-2018-14570 Niushop Unrestricted Upload of File with Dangerous Type vulnerability in Niushop B2B2C Multi-Business 1.11

A file upload vulnerability in application/shop/controller/member.php in Niushop B2B2C Multi-business basic version V1.11 allows any remote member to upload a .php file to the web server via a profile avatar field, by using an image Content-Type (e.g., image/jpeg) with a modified filename and file content.

6.5
2018-07-27 CVE-2017-2666 Redhat
Debian
HTTP Request Smuggling vulnerability in multiple products

It was discovered in Undertow that the code that parsed the HTTP request line permitted invalid characters.

6.4
2018-07-24 CVE-2018-10627 Echelon Information Exposure vulnerability in Echelon products

Echelon SmartServer 1 all versions, SmartServer 2 all versions prior to release 4.11.007, i.LON 100 all versions, and i.LON 600 all versions.

6.4
2018-07-29 CVE-2018-14734 Linux
Canonical
Debian
Use After Free vulnerability in Linux Kernel

drivers/infiniband/core/ucma.c in the Linux kernel through 4.17.11 allows ucma_leave_multicast to access a certain data structure after a cleanup step in ucma_process_join, which allows attackers to cause a denial of service (use-after-free).

6.1
2018-07-25 CVE-2018-5531 F5 Improper Input Validation vulnerability in F5 products

Through undisclosed methods, on F5 BIG-IP 13.0.0-13.1.0.7, 12.1.0-12.1.3.5, 11.6.0-11.6.3.1, or 11.2.1-11.5.6, adjacent network attackers can cause a denial of service for VCMP guest and host systems.

6.1
2018-07-23 CVE-2018-8031 Apache Cross-site Scripting vulnerability in Apache Tomee

The Apache TomEE console (tomee-webapp) has a XSS vulnerability which could allow javascript to be executed if the user is given a malicious URL.

6.1
2018-07-27 CVE-2017-2650 Jenkins Security Bypass vulnerability in Jenkins Pipeline Classpath Step 0.1.0

It was found that the use of Pipeline: Classpath Step Jenkins plugin enables a bypass of the Script Security sandbox for users with SCM commit access, as well as users with e.g.

6.0
2018-07-26 CVE-2017-2589 Hawt
Redhat
It was discovered that the hawtio servlet 1.4 uses a single HttpClient instance to proxy requests with a persistent cookie store (cookies are stored locally and are not passed between the client and the end URL) which means all clients using that proxy are sharing the same cookies.
6.0
2018-07-26 CVE-2017-7543 Openstack
Redhat
Race Condition vulnerability in multiple products

A race-condition flaw was discovered in openstack-neutron before 7.2.0-12.1, 8.x before 8.3.0-11.1, 9.x before 9.3.1-2.1, and 10.x before 10.0.2-1.1, where, following a minor overcloud update, neutron security groups were disabled.

5.9
2018-07-27 CVE-2017-12151 Samba
Debian
Redhat
HP
Cryptographic Issues vulnerability in multiple products

A flaw was found in the way samba client before samba 4.4.16, samba 4.5.14 and samba 4.6.8 used encryption with the max protocol set as SMB3.

5.8
2018-07-26 CVE-2017-12150 Samba
Redhat
Debian
It was found that samba before 4.4.16, 4.5.x before 4.5.14, and 4.6.x before 4.6.8 did not enforce "SMB signing" when certain configuration options were enabled.
5.8
2018-07-26 CVE-2018-0622 DHC Improper Certificate Validation vulnerability in DHC Online Shop

The DHC Online Shop App for Android version 3.2.0 and earlier does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.

5.8
2018-07-25 CVE-2018-1002202 Zip4J Project Path Traversal vulnerability in Zip4J Project Zip4J

zip4j before 1.3.3 is vulnerable to directory traversal, allowing attackers to write to arbitrary files via a ../ (dot dot slash) in a Zip archive entry that is mishandled during extraction.

5.8
2018-07-25 CVE-2018-1002201 Jrebel Path Traversal vulnerability in Jrebel Zt-Zip

zt-zip before 1.13 is vulnerable to directory traversal, allowing attackers to write to arbitrary files via a ../ (dot dot slash) in a Zip archive entry that is mishandled during extraction.

5.8
2018-07-23 CVE-2018-1999020 Opennetworking Path Traversal vulnerability in Opennetworking Onos

Open Networking Foundation (ONF) ONOS version 1.13.2 and earlier version contains a Directory Traversal vulnerability in core/common/src/main/java/org/onosproject/common/app/ApplicationArchive.java line 35 that can result in arbitrary file deletion (overwrite).

5.8
2018-07-27 CVE-2017-2626 Freedesktop
Redhat
Insufficient Entropy vulnerability in multiple products

It was discovered that libICE before 1.0.9-8 used a weak entropy to generate keys.

5.5
2018-07-27 CVE-2017-2618 Linux
Redhat
Debian
Off-by-one Error vulnerability in multiple products

A flaw was found in the Linux kernel's handling of clearing SELinux attributes on /proc/pid/attr files before 4.9.10.

5.5
2018-07-27 CVE-2018-10882 Linux
Debian
Canonical
Redhat
Out-of-bounds Write vulnerability in multiple products

A flaw was found in the Linux kernel's ext4 filesystem.

5.5
2018-07-27 CVE-2017-2625 X ORG
Redhat
Insufficient Entropy vulnerability in multiple products

It was discovered that libXdmcp before 1.1.2 including used weak entropy to generate session keys.

5.5
2018-07-27 CVE-2017-2621 Redhat
Openstack
Files or Directories Accessible to External Parties vulnerability in multiple products

An access-control flaw was found in the OpenStack Orchestration (heat) service before 8.0.0, 6.1.0 and 7.0.2 where a service log directory was improperly made world readable.

5.5
2018-07-27 CVE-2017-2590 Freeipa
Redhat
Permission Issues vulnerability in multiple products

A vulnerability was found in ipa before 4.4.

5.5
2018-07-27 CVE-2016-9595 Theforeman
Redhat
Link Following vulnerability in multiple products

A flaw was found in katello-debug before 3.4.0 where certain scripts and log files used insecure temporary files.

5.5
2018-07-27 CVE-2017-2622 Redhat Files or Directories Accessible to External Parties vulnerability in Redhat Openstack 10

An accessibility flaw was found in the OpenStack Workflow (mistral) service where a service log directory was improperly made world readable.

5.5
2018-07-26 CVE-2015-9261 Busybox
Debian
Canonical
NULL Pointer Dereference vulnerability in multiple products

huft_build in archival/libarchive/decompress_gunzip.c in BusyBox before 1.27.2 misuses a pointer, causing segfaults and an application crash during an unzip operation on a specially crafted ZIP file.

5.5
2018-07-26 CVE-2018-10881 Debian
Canonical
Linux
Redhat
Out-of-bounds Write vulnerability in multiple products

A flaw was found in the Linux kernel's ext4 filesystem.

5.5
2018-07-26 CVE-2018-10876 Linux
Canonical
Debian
Use After Free vulnerability in multiple products

A flaw was found in Linux kernel in the ext4 filesystem code.

5.5
2018-07-25 CVE-2018-1002200 Codehaus Plexus
Redhat
Debian
Path Traversal vulnerability in multiple products

plexus-archiver before 3.6.0 is vulnerable to directory traversal, allowing attackers to write to arbitrary files via a ../ (dot dot slash) in an archive entry that is mishandled during extraction.

5.5
2018-07-25 CVE-2018-10880 Debian
Linux
Redhat
Canonical
Out-of-bounds Write vulnerability in multiple products

Linux kernel is vulnerable to a stack-out-of-bounds write in the ext4 filesystem code when mounting and writing to a crafted ext4 image in ext4_update_inline_data().

5.5
2018-07-26 CVE-2017-12175 Redhat Cross-site Scripting vulnerability in Redhat Satellite

Red Hat Satellite before 6.5 is vulnerable to a XSS in discovery rule when you are entering filter and you use autocomplete functionality.

5.4
2018-07-26 CVE-2018-1288 Apache
Redhat
Oracle
In Apache Kafka 0.9.0.0 to 0.9.0.1, 0.10.0.0 to 0.10.2.1, 0.11.0.0 to 0.11.0.2, and 1.0.0, authenticated Kafka users may perform action reserved for the Broker via a manually created fetch request interfering with data replication, resulting in data loss.
5.4
2018-07-25 CVE-2018-5240 Symantec Unspecified vulnerability in Symantec Inventory 8.0/8.1

The Inventory Plugin for Symantec Management Agent prior to 7.6 POST HF7, 8.0 POST HF6, or 8.1 RU7 may be susceptible to a privilege escalation vulnerability, which is a type of issue that allows a user to gain elevated access to resources that are normally protected at lower access levels.

5.2
2018-07-28 CVE-2018-14685 Gxlcms Information Exposure vulnerability in Gxlcms 1.1.4

The add function in www/Lib/Lib/Action/Admin/TplAction.class.php in Gxlcms v1.1.4 allows remote attackers to read arbitrary files via a crafted index.php?s=Admin-Tpl-ADD-id request, related to Lib/Common/Admin/function.php.

5.0
2018-07-27 CVE-2017-2646 Redhat Infinite Loop vulnerability in Redhat Keycloak

It was found that when Keycloak before 2.5.5 receives a Logout request with a Extensions in the middle of the request, the SAMLSloRequestParser.parse() method ends in a infinite loop.

5.0
2018-07-27 CVE-2017-2670 Redhat
Debian
Infinite Loop vulnerability in multiple products

It was found in Undertow before 1.3.28 that with non-clean TCP close, the Websocket server gets into infinite loop on every IO thread, effectively causing DoS.

5.0
2018-07-27 CVE-2017-15120 Powerdns
Debian
NULL Pointer Dereference vulnerability in multiple products

An issue has been found in the parsing of authoritative answers in PowerDNS Recursor before 4.0.8, leading to a NULL pointer dereference when parsing a specially crafted answer containing a CNAME of a different class than IN.

5.0
2018-07-27 CVE-2017-12165 Redhat HTTP Request Smuggling vulnerability in Redhat Jboss Enterprise Application Platform and Undertow

It was discovered that Undertow before 1.4.17, 1.3.31 and 2.0.0 processes http request headers with unusual whitespaces which can cause possible http request smuggling.

5.0
2018-07-27 CVE-2018-14602 Gitlab Information Exposure vulnerability in Gitlab

An issue was discovered in GitLab Community and Enterprise Edition before 10.8.7, 11.0.x before 11.0.5, and 11.1.x before 11.1.2.

5.0
2018-07-27 CVE-2018-14601 Gitlab Unspecified vulnerability in Gitlab 11.1.0/11.1.1

An issue was discovered in GitLab Community and Enterprise Edition 11.1.x before 11.1.2.

5.0
2018-07-26 CVE-2018-9068 Lenovo
IBM
Use of Hard-coded Credentials vulnerability in multiple products

The IMM2 First Failure Data Capture function collects management module logs and diagnostic information when a hardware error is detected.

5.0
2018-07-26 CVE-2018-0617 Chama Path Traversal vulnerability in Chama Memocgi

Directory traversal vulnerability in ChamaNet MemoCGI v2.1800 to v2.2200 allows remote attackers to read arbitrary files via unspecified vectors.

5.0
2018-07-25 CVE-2018-14083 Lica Information Exposure vulnerability in Lica Minicmts E8K Firmware

LICA miniCMTS E8K(u/i/...) devices allow remote attackers to obtain sensitive information via a direct POST request for the inc/user.ini file, leading to discovery of a password hash.

5.0
2018-07-25 CVE-2017-10937 ZTE SQL Injection vulnerability in ZTE Zxiptv-Ucm Firmware

SQL injection vulnerability in all versions prior to V2.01.05.09 of the ZTE ZXIPTV-UCM product allows remote attackers to execute arbitrary SQL commands via the opertype parameter, resulting in the disclosure of database information.

5.0
2018-07-25 CVE-2017-10936 ZTE SQL Injection vulnerability in ZTE Zxcdn-Sns Firmware

SQL injection vulnerability in all versions prior to V4.01.01 of the ZTE ZXCDN-SNS product allows remote attackers to execute arbitrary SQL commands via the aoData parameter, resulting in the disclosure of database information.

5.0
2018-07-25 CVE-2018-5539 F5 Unspecified vulnerability in F5 Big-Ip Application Security Manager

Under certain conditions, on F5 BIG-IP ASM 13.0.0-13.1.0.7, 12.1.0-12.1.3.5, 11.6.0-11.6.3.1, 11.5.1-11.5.6, or 11.2.1, when processing CSRF protections, the BIG-IP ASM bd process may restart and produce a core file.

5.0
2018-07-25 CVE-2018-5536 F5 Missing Release of Resource after Effective Lifetime vulnerability in F5 Big-Ip Access Policy Manager

A remote attacker via undisclosed measures, may be able to exploit an F5 BIG-IP APM 13.0.0-13.1.0.7 or 12.1.0-12.1.3.5 virtual server configured with an APM per-request policy object and cause a memory leak in the APM module.

5.0
2018-07-25 CVE-2018-5530 F5 Resource Exhaustion vulnerability in F5 products

F5 BIG-IP 13.0.0-13.1.0.5, 12.1.0-12.1.3.5, or 11.6.0-11.6.3.1 virtual servers with HTTP/2 profiles enabled are vulnerable to "HPACK Bomb".

5.0
2018-07-25 CVE-2018-14596 Wancms Resource Exhaustion vulnerability in Wancms 1.0/5.0

wancms 1.0 through 5.0 allows remote attackers to cause a denial of service (resource consumption) via a checkcode (aka verification code) URI in which the values of font_size, width, and height are large numbers.

5.0
2018-07-24 CVE-2018-11047 Pivotal Software Incorrect Authorization vulnerability in Pivotal Software Cloud Foundry UAA

Cloud Foundry UAA, versions 4.19 prior to 4.19.2 and 4.12 prior to 4.12.4 and 4.10 prior to 4.10.2 and 4.7 prior to 4.7.6 and 4.5 prior to 4.5.7, incorrectly authorizes requests to admin endpoints by accepting a valid refresh token in lieu of an access token.

5.0
2018-07-24 CVE-2018-8851 Echelon Insufficiently Protected Credentials vulnerability in Echelon products

Echelon SmartServer 1 all versions, SmartServer 2 all versions prior to release 4.11.007, i.LON 100 all versions, and i.LON 600 all versions.

5.0
2018-07-24 CVE-2018-10632 Moxa Resource Exhaustion vulnerability in Moxa products

In Moxa NPort 5210, 5230, and 5232 versions 2.9 build 17030709 and prior, the amount of resources requested by a malicious actor are not restricted, allowing for a denial-of-service condition.

5.0
2018-07-24 CVE-2018-14590 Axiosys Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Axiosys Bento4 1.5.1624

An issue has been discovered in Bento4 1.5.1-624.

5.0
2018-07-24 CVE-2018-14588 Axiosys NULL Pointer Dereference vulnerability in Axiosys Bento4 1.5.1624

An issue has been discovered in Bento4 1.5.1-624.

5.0
2018-07-24 CVE-2018-5387 Wizkunde Improper Verification of Cryptographic Signature vulnerability in Wizkunde Samlbase

Wizkunde SAMLBase may incorrectly utilize the results of XML DOM traversal and canonicalization APIs in such a way that an attacker may be able to manipulate the SAML data without invalidating the cryptographic signature, allowing the attack to potentially bypass authentication to SAML service providers.

5.0
2018-07-24 CVE-2016-5649 Netgear Information Exposure vulnerability in Netgear Dgn2200 Firmware and Dgnd3700 Firmware

A vulnerability is in the 'BSW_cxttongr.htm' page of the Netgear DGN2200, version DGN2200-V1.0.0.50_7.0.50, and DGND3700, version DGND3700-V1.0.0.17_1.0.17, which can allow a remote attacker to access this page without any authentication.

5.0
2018-07-24 CVE-2016-5638 Netgear Information Exposure vulnerability in Netgear Wndr4500 Firmware 1.0.1.401.0.6877

There are few web pages associated with the genie app on the Netgear WNDR4500 running firmware version V1.0.1.40_1.0.6877.

5.0
2018-07-23 CVE-2018-14568 Suricata IDS Unspecified vulnerability in Suricata-Ids Suricata

Suricata before 4.0.5 stops TCP stream inspection upon a TCP RST from a server.

5.0
2018-07-23 CVE-2018-14328 Brynamics Information Exposure vulnerability in Brynamics Online Trade

Brynamics "Online Trade - Online trading and cryptocurrency investment system" allows remote attackers to obtain sensitive information via a direct request for /dashboard/addplan, /dashboard/paywithcard/charge, /dashboard/withdrawal, or /privacy&terms, as demonstrated by reading database username, database password, database_name, and IP address fields, related to CVE-2018-12908.

5.0
2018-07-23 CVE-2016-10728 Suricata IDS Improper Input Validation vulnerability in Suricata-Ids Suricata

An issue was discovered in Suricata before 3.1.2.

5.0
2018-07-23 CVE-2018-1999002 Jenkins
Oracle
A arbitrary file read vulnerability exists in Jenkins 2.132 and earlier, 2.121.1 and earlier in the Stapler web framework's org/kohsuke/stapler/Stapler.java that allows attackers to send crafted HTTP requests returning the contents of any file on the Jenkins master file system that the Jenkins master has access to.
5.0
2018-07-27 CVE-2018-10862 Redhat Path Traversal vulnerability in Redhat products

WildFly Core before version 6.0.0.Alpha3 does not properly validate file paths in .war archives, allowing for the extraction of crafted .war archives to overwrite arbitrary files.

4.9
2018-07-26 CVE-2016-8647 Redhat Improper Input Validation vulnerability in Redhat Ansible Engine

An input validation vulnerability was found in Ansible's mysql_user module before 2.2.1.0, which may fail to correctly change a password in certain circumstances.

4.9
2018-07-27 CVE-2017-12195 Redhat Improper Authentication vulnerability in Redhat Openshift Container Platform

A flaw was found in all Openshift Enterprise versions using the openshift elasticsearch plugin.

4.8
2018-07-24 CVE-2017-3209 Dbpower
Busybox
Missing Authentication for Critical Function vulnerability in Dbpower U818A Firmware

The DBPOWER U818A WIFI quadcopter drone provides FTP access over its own local access point, and allows full file permissions to the anonymous user.

4.8
2018-07-27 CVE-2017-2616 Util Linux Project
Debian
Redhat
Race Condition vulnerability in multiple products

A race condition was found in util-linux before 2.32.1 in the way su handled the management of child processes.

4.7
2018-07-27 CVE-2017-2663 Redhat Local Privilege Escalation vulnerability in Candlepin subscription-manager

It was found that subscription-manager's DBus interface before 1.19.4 let unprivileged user access the com.redhat.RHSM1.Facts.GetFacts and com.redhat.RHSM1.Config.Set methods.

4.6
2018-07-24 CVE-2017-3226 Denx Cryptographic Issues vulnerability in Denx U-Boot

Das U-Boot is a device bootloader that can read its configuration from an AES encrypted file.

4.4
2018-07-28 CVE-2018-14686 Xycms Project Cross-site Scripting vulnerability in Xycms Project Xycms 1.7

system/edit_book.php in XYCMS 1.7 has stored XSS via a crafted add_do.php request, related to add_book.php.

4.3
2018-07-28 CVE-2018-14680 Cabextract
Cabextract Project
Debian
Canonical
Redhat
Improper Input Validation vulnerability in multiple products

An issue was discovered in mspack/chmd.c in libmspack before 0.7alpha.

4.3
2018-07-28 CVE-2018-14679 Cabextract
Cabextract Project
Canonical
Debian
Redhat
Off-by-one Error vulnerability in multiple products

An issue was discovered in mspack/chmd.c in libmspack before 0.7alpha.

4.3
2018-07-28 CVE-2018-0497 ARM
Debian
ARM mbed TLS before 2.12.0, before 2.7.5, and before 2.1.14 allows remote attackers to achieve partial plaintext recovery (for a CBC based ciphersuite) via a timing-based side-channel attack.
4.3
2018-07-27 CVE-2017-7463 Redhat Cross-site Scripting vulnerability in Redhat Jboss BPM Suite

JBoss BRMS 6 and BPM Suite 6 before 6.4.3 are vulnerable to a reflected XSS via artifact upload.

4.3
2018-07-27 CVE-2017-2651 Jenkins Information Exposure vulnerability in Jenkins Mailer

jenkins-mailer-plugin before version 1.20 is vulnerable to an information disclosure while using the feature to send emails to a dynamically created list of users based on the changelogs.

4.3
2018-07-27 CVE-2017-2623 RPM Ostree
Redhat
Improper Certificate Validation vulnerability in multiple products

It was discovered that rpm-ostree and rpm-ostree-client before 2017.3 fail to properly check GPG signatures on packages when doing layering.

4.3
2018-07-27 CVE-2017-2587 Netpbm Project Allocation of Resources Without Limits or Throttling vulnerability in Netpbm Project Netpbm

A memory allocation vulnerability was found in netpbm before 10.61.

4.3
2018-07-27 CVE-2017-2586 Netpbm Project NULL Pointer Dereference vulnerability in Netpbm Project Netpbm

A null pointer dereference vulnerability was found in netpbm before 10.61.

4.3
2018-07-27 CVE-2017-7497 Redhat Improper Access Control vulnerability in Redhat Cloudforms Management Engine 5.7.2/5.8.0

The dialog for creating cloud volumes (cinder provider) in CloudForms does not filter cloud tenants by user.

4.3
2018-07-27 CVE-2018-14604 Gitlab Cross-site Scripting vulnerability in Gitlab

An issue was discovered in GitLab Community and Enterprise Edition before 10.8.7, 11.0.x before 11.0.5, and 11.1.x before 11.1.2.

4.3
2018-07-26 CVE-2018-0614 Necplatforms Cross-site Scripting vulnerability in Necplatforms products

Cross-site scripting vulnerability in NEC Platforms Calsos CSDX and CSDJ series products (CSDX 1.37210411 and earlier, CSDX(P) 4.37210411 and earlier, CSDX(D) 3.37210411 and earlier, CSDX(S) 2.37210411 and earlier, CSDJ-B 01.03.00 and earlier, CSDJ-H 01.03.00 and earlier, CSDJ-D 01.03.00 and earlier, CSDJ-A 03.00.00) allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

4.3
2018-07-26 CVE-2017-7535 Theforeman Cross-site Scripting vulnerability in Theforeman Foreman

foreman before version 1.16.0 is vulnerable to a stored XSS in organizations/locations assignment to hosts.

4.3
2018-07-25 CVE-2018-14493 Opmantek Cross-site Scripting vulnerability in Opmantek Open-Audit 2.2.6

Cross-site scripting (XSS) vulnerability in the Groups Page in Open-Audit Community 2.2.6 allows remote attackers to inject arbitrary web script or HTML via the group name.

4.3
2018-07-25 CVE-2018-14430 Mondula Cross-site Scripting vulnerability in Mondula Multi Step Form

The Mondula Multi Step Form plugin through 1.2.5 for WordPress allows XSS via the fw_data [id][1], fw_data [id][2], fw_data [id][3], fw_data [id][4], or email field of the contact form, exploitable with an fw_send_email action to wp-admin/admin-ajax.php.

4.3
2018-07-25 CVE-2018-13988 Freedesktop
Canonical
Debian
Redhat
Out-of-bounds Read vulnerability in multiple products

Poppler through 0.62 contains an out of bounds read vulnerability due to an incorrect memory access that is not mapped in its memory space, as demonstrated by pdfunite.

4.3
2018-07-25 CVE-2018-1002209 Quazip Project Path Traversal vulnerability in Quazip Project Quazip

QuaZIP before 0.7.6 is vulnerable to directory traversal, allowing attackers to write to arbitrary files via a ../ (dot dot slash) in a Zip archive entry that is mishandled during extraction.

4.3
2018-07-25 CVE-2018-1002208 Sharpziplib Project Path Traversal vulnerability in Sharpziplib Project Sharpziplib

SharpZipLib before 1.0 RC1 is vulnerable to directory traversal, allowing attackers to write to arbitrary files via a ../ (dot dot slash) in a Zip archive entry that is mishandled during extraction.

4.3
2018-07-25 CVE-2018-1002207 Archiver Project Path Traversal vulnerability in Archiver Project Archiver

mholt/archiver golang package before e4ef56d48eb029648b0e895bb0b6a393ef0829c3 is vulnerable to directory traversal, allowing attackers to write to arbitrary files via a ../ (dot dot slash) in an archive entry that is mishandled during extraction.

4.3
2018-07-25 CVE-2018-1002206 Sharpcompress Project Path Traversal vulnerability in Sharpcompress Project Sharpcompress

SharpCompress before 0.21.0 is vulnerable to directory traversal, allowing attackers to write to arbitrary files via a ../ (dot dot slash) in a Zip archive entry that is mishandled during extraction.

4.3
2018-07-25 CVE-2018-1002205 Dotnetzip Semverd Project Path Traversal vulnerability in Dotnetzip.Semverd Project Dotnetzip.Semverd

DotNetZip.Semvered before 1.11.0 is vulnerable to directory traversal, allowing attackers to write to arbitrary files via a ../ (dot dot slash) in a Zip archive entry that is mishandled during extraction.

4.3
2018-07-25 CVE-2018-1002204 ADM ZIP Project Path Traversal vulnerability in Adm-Zip Project Adm-Zip

adm-zip npm library before 0.4.9 is vulnerable to directory traversal, allowing attackers to write to arbitrary files via a ../ (dot dot slash) in a Zip archive entry that is mishandled during extraction.

4.3
2018-07-25 CVE-2018-1002203 Unzipper Project Path Traversal vulnerability in Unzipper Project Unzipper

unzipper npm library before 0.8.13 is vulnerable to directory traversal, allowing attackers to write to arbitrary files via a ../ (dot dot slash) in a Zip archive entry that is mishandled during extraction.

4.3
2018-07-25 CVE-2018-5538 F5 Unspecified vulnerability in F5 products

On F5 BIG-IP DNS 13.1.0-13.1.0.7, 12.1.3-12.1.3.5, DNS Express / DNS Zones accept NOTIFY messages on the management interface from source IP addresses not listed in the 'Allow NOTIFY From' configuration parameter when the db variable "dnsexpress.notifyport" is set to any value other than the default of "0".

4.3
2018-07-24 CVE-2017-3224 Quagga
Suse
Redhat
Insufficient Verification of Data Authenticity vulnerability in multiple products

Open Shortest Path First (OSPF) protocol implementations may improperly determine Link State Advertisement (LSA) recency for LSAs with MaxSequenceNumber.

4.3
2018-07-24 CVE-2017-3182 Threatmetrix Improper Certificate Validation vulnerability in Threatmetrix SDK

On the iOS platform, the ThreatMetrix SDK versions prior to 3.2 fail to validate SSL certificates provided by HTTPS connections, which may allow an attacker to perform a man-in-the-middle (MITM) attack.

4.3
2018-07-24 CVE-2017-18104 Atlassian Information Exposure vulnerability in Atlassian Jira and Jira Server

The Webhooks component of Atlassian Jira before version 7.6.7 and from version 7.7.0 before version 7.11.0 allows remote attackers who are able to observe or otherwise intercept webhook events to learn information about changes in issues that should not be sent because they are not contained within the results of a specified JQL query.

4.3
2018-07-23 CVE-2018-1999001 Jenkins
Oracle
A unauthorized modification of configuration vulnerability exists in Jenkins 2.132 and earlier, 2.121.1 and earlier in User.java that allows attackers to provide crafted login credentials that cause Jenkins to move the config.xml file from the Jenkins home directory.
4.3
2018-07-23 CVE-2018-1999024 Mathjax Cross-site Scripting vulnerability in Mathjax

MathJax version prior to version 2.7.4 contains a Cross Site Scripting (XSS) vulnerability in the \unicode{} macro that can result in Potentially untrusted Javascript running within a web browser.

4.3
2018-07-23 CVE-2018-1999016 Pydio Cross-site Scripting vulnerability in Pydio

Pydio version 8.2.0 and earlier contains a Cross Site Scripting (XSS) vulnerability in ./core/vendor/meenie/javascript-packer/example-inline.php line 48; ./core/vendor/dapphp/securimage/examples/test.mysql.static.php lines: 114,118 that can result in an unauthenticated remote attacker manipulating the web client via XSS code injection.

4.3
2018-07-23 CVE-2018-1999015 Ffmpeg Out-of-bounds Read vulnerability in Ffmpeg

FFmpeg before commit 5aba5b89d0b1d73164d3b81764828bb8b20ff32a contains an out of array read vulnerability in ASF_F format demuxer that can result in heap memory reading.

4.3
2018-07-23 CVE-2018-1999014 Ffmpeg Out-of-bounds Read vulnerability in Ffmpeg

FFmpeg before commit bab0716c7f4793ec42e05a5aa7e80d82a0dd4e75 contains an out of array access vulnerability in MXF format demuxer that can result in DoS.

4.3
2018-07-23 CVE-2018-1999013 Ffmpeg Use After Free vulnerability in Ffmpeg

FFmpeg before commit a7e032a277452366771951e29fd0bf2bd5c029f0 contains a use-after-free vulnerability in the realmedia demuxer that can result in vulnerability allows attacker to read heap memory.

4.3
2018-07-23 CVE-2018-14549 Libwav Project Unspecified vulnerability in Libwav Project Libwav

An issue has been found in libwav through 2017-04-20.

4.3
2018-07-23 CVE-2018-14545 Axiosys Out-of-bounds Read vulnerability in Axiosys Bento4 1.5.1624

There exists one invalid memory read bug in AP4_SampleDescription::GetType() in Ap4SampleDescription.h in Bento4 1.5.1-624, which can allow attackers to cause a denial-of-service via a crafted mp4 file.

4.3
2018-07-23 CVE-2018-14544 Axiosys Out-of-bounds Read vulnerability in Axiosys Bento4 1.5.1624

There exists one invalid memory read bug in AP4_SampleDescription::GetFormat() in Ap4SampleDescription.h in Bento4 1.5.1-624, which can allow attackers to cause a denial-of-service via a crafted mp4 file.

4.3
2018-07-23 CVE-2018-14543 Axiosys NULL Pointer Dereference vulnerability in Axiosys Bento4 1.5.1624

There exists one NULL pointer dereference vulnerability in AP4_JsonInspector::AddField in Ap4Atom.cpp in Bento4 1.5.1-624, which can allow attackers to cause a denial-of-service via a crafted mp4 file.

4.3
2018-07-23 CVE-2018-14527 Xiao5Ucompany Project Cross-site Scripting vulnerability in Xiao5Ucompany Project Xiao5Ucompany 1.7

Feedback.asp in Xiao5uCompany 1.7 has XSS because the XSS protection mechanism in Safe.asp is insufficient (for example, it considers SCRIPT and IMG elements, but does not consider VIDEO elements).

4.3
2018-07-23 CVE-2018-14524 GNU Double Free vulnerability in GNU Libredwg

dwg_decode_eed in decode.c in GNU LibreDWG before 0.6 leads to a double free (in dwg_free_eed in free.c) because it does not properly manage the obj->eed value after a free occurs.

4.3
2018-07-23 CVE-2018-14517 Seacms Cross-site Scripting vulnerability in Seacms 6.61

SeaCMS 6.61 has two XSS issues in the admin_config.php file via certain form fields.

4.3
2018-07-23 CVE-2018-14513 Wuzhi CMS Project Cross-site Scripting vulnerability in Wuzhi CMS Project Wuzhi CMS 4.1.0

An XSS vulnerability was discovered in WUZHI CMS 4.1.0.

4.3
2018-07-23 CVE-2018-14512 Wuzhicms Cross-site Scripting vulnerability in Wuzhicms Wuzhi CMS 4.1.0

An XSS vulnerability was discovered in WUZHI CMS 4.1.0.

4.3
2018-07-27 CVE-2017-2632 Redhat Incorrect Authorization vulnerability in Redhat Cloudforms and Cloudforms Management Engine

A logic error in valid_role() in CloudForms role validation before 5.7.1.3 could allow a tenant administrator to create groups with a higher privilege level than the tenant administrator should have.

4.0
2018-07-27 CVE-2017-2629 Haxx Improper Certificate Validation vulnerability in Haxx Curl

curl before 7.53.0 has an incorrect TLS Certificate Status Request extension feature that asks for a fresh proof of the server's certificate's validity in the code that checks for a test success or failure.

4.0
2018-07-27 CVE-2017-12173 Redhat
Fedoraproject
Improper Input Validation vulnerability in multiple products

It was found that sssd's sysdb_search_user_by_upn_res() function before 1.16.0 did not sanitize requests when querying its local cache and was vulnerable to injection.

4.0
2018-07-27 CVE-2017-2595 Redhat Path Traversal vulnerability in Redhat Jboss Enterprise Application Platform

It was found that the log file viewer in Red Hat JBoss Enterprise Application 6 and 7 allows arbitrary file read to authenticated user via path traversal.

4.0
2018-07-26 CVE-2017-2582 Redhat Information Exposure vulnerability in Redhat Jboss Enterprise Application Platform and Keycloak

It was found that while parsing the SAML messages the StaxParserUtil class of keycloak before 2.5.1 replaces special strings for obtaining attribute values with system property.

4.0
2018-07-26 CVE-2017-7509 Redhat Improper Input Validation vulnerability in Redhat Certificate System

An input validation error was found in Red Hat Certificate System's handling of client provided certificates before 8.1.20-1.

4.0
2018-07-26 CVE-2017-7545 Redhat XXE vulnerability in Redhat Decision Manager, Jboss BPM Suite and Jbpm

It was discovered that the XmlUtils class in jbpmmigration 6.5 performed expansion of external parameter entities while parsing XML files.

4.0
2018-07-26 CVE-2017-2664 Redhat Unspecified vulnerability in Redhat Cloudforms and Cloudforms Management Engine

CloudForms Management Engine (cfme) before 5.7.3 and 5.8.x before 5.8.1 lacks RBAC controls on certain methods in the rails application portion of CloudForms.

4.0
2018-07-25 CVE-2017-10935 ZTE Unspecified vulnerability in ZTE Zxr10 1800-2S Firmware

All versions prior to ZSRV2 V3.00.40 of the ZTE ZXR10 1800-2S products allow remote authenticated users to bypass the original password authentication protection to change other user's password.

4.0
2018-07-25 CVE-2018-6972 Vmware NULL Pointer Dereference vulnerability in VMWare Esxi, Fusion and Workstation

VMware ESXi (6.7 before ESXi670-201806401-BG, 6.5 before ESXi650-201806401-BG, 6.0 before ESXi600-201806401-BG and 5.5 before ESXi550-201806401-BG), Workstation (14.x before 14.1.2), and Fusion (10.x before 10.1.2) contain a denial-of-service vulnerability due to NULL pointer dereference issue in RPC handler.

4.0
2018-07-24 CVE-2018-11044 Pivotal Software Improper Input Validation vulnerability in Pivotal Software Pivotal Application Service

Pivotal Apps Manager included in Pivotal Application Service, versions 2.2.x prior to 2.2.1 and 2.1.x prior to 2.1.8 and 2.0.x prior to 2.0.17 and 1.12.x prior to 1.12.26, does not escape all user-provided content when sending invitation emails.

4.0
2018-07-24 CVE-2017-3188 Dotcms Path Traversal vulnerability in Dotcms

The dotCMS administration panel, versions 3.7.1 and earlier, "Push Publishing" feature in Enterprise Pro is vulnerable to path traversal.

4.0
2018-07-23 CVE-2018-10912 Keycloak
Redhat
Infinite Loop vulnerability in multiple products

keycloak before version 4.0.0.final is vulnerable to a infinite loop in session replacement.

4.0
2018-07-23 CVE-2018-1999006 Jenkins Information Exposure vulnerability in Jenkins

A exposure of sensitive information vulnerability exists in Jenkins 2.132 and earlier, 2.121.1 and earlier in Plugin.java that allows attackers to determine the date and time when a plugin HPI/JPI file was last extracted, which typically is the date of the most recent installation/upgrade.

4.0
2018-07-23 CVE-2018-1999004 Jenkins
Oracle
Incorrect Authorization vulnerability in multiple products

A Improper authorization vulnerability exists in Jenkins 2.132 and earlier, 2.121.1 and earlier in SlaveComputer.java that allows attackers with Overall/Read permission to initiate agent launches, and abort in-progress agent launches.

4.0
2018-07-23 CVE-2018-1999003 Jenkins
Oracle
Incorrect Authorization vulnerability in multiple products

A Improper authorization vulnerability exists in Jenkins 2.132 and earlier, 2.121.1 and earlier in Queue.java that allows attackers with Overall/Read permission to cancel queued builds.

4.0
2018-07-23 CVE-2018-1999017 Pydio Server-Side Request Forgery (SSRF) vulnerability in Pydio

Pydio version 8.2.0 and earlier contains a Server-Side Request Forgery (SSRF) vulnerability in plugins/action.updater/UpgradeManager.php Line: 154, getUpgradePath($url) that can result in an authenticated admin users requesting arbitrary URL's, pivoting requests through the server.

4.0
2018-07-23 CVE-2018-1503 IBM Improper Input Validation vulnerability in IBM Websphere MQ

IBM WebSphere MQ 7.5, 8.0, and 9.0 could allow a remotely authenticated attacker to to send invalid or malformed headers that could cause messages to no longer be transmitted via the affected channel.

4.0

23 Low Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2018-07-27 CVE-2017-2674 Redhat Cross-site Scripting vulnerability in Redhat Jboss BPM Suite

JBoss BRMS 6 and BPM Suite 6 before 6.4.3 are vulnerable to a stored XSS via several lists in Business Central.

3.5
2018-07-27 CVE-2017-15125 Redhat Cross-site Scripting vulnerability in Redhat Cloudforms Management Engine

A flaw was found in CloudForms before 5.9.0.22 in the self-service UI snapshot feature where the name field is not properly sanitized for HTML and JavaScript input.

3.5
2018-07-27 CVE-2018-14606 Gitlab Cross-site Scripting vulnerability in Gitlab

An issue was discovered in GitLab Community and Enterprise Edition before 10.8.7, 11.0.x before 11.0.5, and 11.1.x before 11.1.2.

3.5
2018-07-27 CVE-2018-14605 Gitlab Cross-site Scripting vulnerability in Gitlab

An issue was discovered in GitLab Community and Enterprise Edition before 10.8.7, 11.0.x before 11.0.5, and 11.1.x before 11.1.2.

3.5
2018-07-26 CVE-2018-0618 GNU
Debian
Cross-site Scripting vulnerability in multiple products

Cross-site scripting vulnerability in Mailman 2.1.26 and earlier allows remote authenticated attackers to inject arbitrary web script or HTML via unspecified vectors.

3.5
2018-07-26 CVE-2017-7538 Redhat Cross-site Scripting vulnerability in Redhat Satellite

A cross-site scripting (XSS) flaw was found in how an organization name is displayed in Satellite 5, before 5.8.

3.5
2018-07-24 CVE-2018-11059 RSA Cross-site Scripting vulnerability in RSA Archer 6.4.0.0

RSA Archer, versions prior to 6.4.0.1, contain a stored cross-site scripting vulnerability.

3.5
2018-07-24 CVE-2017-3180 Tibco Cross-site Scripting vulnerability in Tibco products

Multiple TIBCO Products are prone to multiple unspecified cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input.

3.5
2018-07-23 CVE-2018-1999007 Jenkins
Oracle
Cross-site Scripting vulnerability in multiple products

A cross-site scripting vulnerability exists in Jenkins 2.132 and earlier, 2.121.1 and earlier in the Stapler web framework's org/kohsuke/stapler/Stapler.java that allows attackers with the ability to control the existence of some URLs in Jenkins to define JavaScript that would be executed in another user's browser when that other user views HTTP 404 error pages while Stapler debug mode is enabled.

3.5
2018-07-23 CVE-2018-1999005 Jenkins
Oracle
Cross-site Scripting vulnerability in multiple products

A cross-site scripting vulnerability exists in Jenkins 2.132 and earlier, 2.121.1 and earlier in BuildTimelineWidget.java, BuildTimelineWidget/control.jelly that allows attackers with Job/Configure permission to define JavaScript that would be executed in another user's browser when that other user performs some UI actions.

3.5
2018-07-23 CVE-2018-1999021 Gleeztech Cross-site Scripting vulnerability in Gleeztech Gleezcms 1.3.0

Gleezcms Gleez Cms version 1.3.0 contains a Cross Site Scripting (XSS) vulnerability in Profile page that can result in Inject arbitrary web script or HTML via the profile page editor.

3.5
2018-07-23 CVE-2018-1999008 Octobercms Cross-site Scripting vulnerability in Octobercms October

October CMS version prior to build 437 contains a Cross Site Scripting (XSS) vulnerability in the Media module and create folder functionality that can result in an Authenticated user with media module permission creating arbitrary folder name with XSS content.

3.5
2018-07-23 CVE-2018-1513 IBM Cross-site Scripting vulnerability in IBM Sterling B2B Integrator

IBM Sterling B2B Integrator Standard Edition 5.2.0 through 5.2.6 is vulnerable to cross-site scripting.

3.5
2018-07-25 CVE-2018-5537 F5 Improper Input Validation vulnerability in F5 products

A remote attacker may be able to disrupt services on F5 BIG-IP 13.0.0-13.1.0.5, 12.1.0-12.1.3.5, 11.6.0-11.6.3.1, or 11.2.1-11.5.6 if the TMM virtual server is configured with a HTML or a Rewrite profile.

2.6
2018-07-27 CVE-2017-2614 Redhat Weak Password Recovery Mechanism for Forgotten Password vulnerability in Redhat Enterprise Virtualization 4.0

When updating a password in the rhvm database the ovirt-aaa-jdbc-tool tools before 1.1.3 fail to correctly check for the current password if it is expired.

2.1
2018-07-27 CVE-2017-7519 Ceph
Debian
Use of Externally-Controlled Format String vulnerability in multiple products

In Ceph, a format string flaw was found in the way libradosstriper parses input from user.

2.1
2018-07-26 CVE-2017-18344 Linux
Canonical
Redhat
Out-of-bounds Read vulnerability in multiple products

The timer_create syscall implementation in kernel/time/posix-timers.c in the Linux kernel before 4.14.8 doesn't properly validate the sigevent->sigev_notify field, which leads to out-of-bounds access in the show_timer function (called when /proc/$PID/timers is read).

2.1
2018-07-26 CVE-2017-12167 Redhat Information Exposure vulnerability in Redhat Jboss Enterprise Application Platform

It was found in EAP 7 before 7.0.9 that properties based files of the management and the application realm configuration that contain user to role mapping are world readable allowing access to users and roles information to all the users logged in to the system.

2.1
2018-07-25 CVE-2018-6971 Vmware Information Exposure Through Log Files vulnerability in VMWare Horizon View Agents

VMware Horizon View Agents (7.x.x before 7.5.1) contain a local information disclosure vulnerability due to insecure logging of credentials in the vmmsi.log file when an account other than the currently logged on user is specified during installation (including silent installations).

2.1
2018-07-24 CVE-2017-3225 Denx Cryptographic Issues vulnerability in Denx U-Boot

Das U-Boot is a device bootloader that can read its configuration from an AES encrypted file.

2.1
2018-07-23 CVE-2018-14573 Trms Path Traversal vulnerability in Trms Tightrope Media Carousel Digital Signage

A Local File Inclusion (LFI) vulnerability exists in the Web Interface API of TightRope Media Carousel Digital Signage before 7.3.5.

2.1
2018-07-28 CVE-2018-0498 ARM
Debian
ARM mbed TLS before 2.12.0, before 2.7.5, and before 2.1.14 allows local users to achieve partial plaintext recovery (for a CBC based ciphersuite) via a cache-based side-channel attack.
1.9
2018-07-27 CVE-2017-2624 X ORG
Debian
Information Exposure vulnerability in multiple products

It was found that xorg-x11-server before 1.19.0 including uses memcmp() to check the received MIT cookie against a series of valid cookies.

1.9