Weekly Vulnerabilities Reports > August 27 to September 2, 2018

Overview

243 new vulnerabilities reported during this period, including 11 critical vulnerabilities and 48 high severity vulnerabilities. This weekly summary report vulnerabilities in 213 products from 123 vendors including Debian, Redhat, Google, Microsoft, and Adobe. Vulnerabilities are notably categorized as "Cross-site Scripting", "Improper Restriction of Operations within the Bounds of a Memory Buffer", "Cross-Site Request Forgery (CSRF)", "Information Exposure", and "Path Traversal".

  • 221 reported vulnerabilities are remotely exploitables.
  • 18 reported vulnerabilities have public exploit available.
  • 89 reported vulnerabilities are related to weaknesses in OWASP Top Ten.
  • 205 reported vulnerabilities are exploitable by an anonymous user.
  • Debian has the most reported vulnerabilities, with 40 reported vulnerabilities.
  • Samsung has the most reported critical vulnerabilities, with 3 reported vulnerabilities.

TOTAL
VULNERABILITIES
CRITICAL RISK
VULNERABILITIES
HIGH RISK
VULNERABILITIES
MEDIUM RISK
VULNERABILITIES
LOW RISK
VULNERABILITIES
REMOTELY
EXPLOITABLE
LOCALLY
EXPLOITABLE
EXPLOIT
AVAILABLE
EXPLOITABLE
ANONYMOUSLY
AFFECTING
WEB APPLICATION

Vulnerability Details

The following table list reported vulnerabilities for the period covered by this report:

Expand/Hide

11 Critical Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2018-08-30 CVE-2018-15477 Mystrom OS Command Injection vulnerability in Mystrom Wifi Switch Firmware 2.31

myStrom WiFi Switch V1 devices before 2.66 did not sanitize a parameter received from the cloud that was used in an OS command.

10.0
2018-08-30 CVE-2018-16158 Eaton USE of Hard-Coded Credentials vulnerability in Eaton products

Eaton Power Xpert Meter 4000, 6000, and 8000 devices before 13.4.0.10 have a single SSH private key across different customers' installations and do not properly restrict access to this key, which makes it easier for remote attackers to perform SSH logins (to uid 0) via the PubkeyAuthentication option.

10.0
2018-09-01 CVE-2018-16302 Mc1Soft Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Mc1Soft Zip-N-Go

MediaComm Zip-n-Go before 4.95 has a Buffer Overflow via a crafted file.

9.3
2018-08-30 CVE-2018-15476 Mystrom Improper Certificate Validation vulnerability in Mystrom products

An issue was discovered in myStrom WiFi Switch V1 before 2.66, WiFi Switch V2 before 3.80, WiFi Switch EU before 3.80, WiFi Bulb before 2.58, WiFi LED Strip before 3.80, WiFi Button before 2.73, and WiFi Button Plus before 2.73.

9.3
2018-08-28 CVE-2017-15399 Google
Debian
Redhat
USE After Free vulnerability in Google Chrome

A use after free in V8 in Google Chrome prior to 62.0.3202.89 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

9.3
2018-09-02 CVE-2018-16367 Qduoj Path Traversal vulnerability in Qduoj Onlinejudge 2.0

In OnlineJudge 2.0, the sandbox has an incorrect access control vulnerability that can write a file anywhere.

9.0
2018-09-02 CVE-2018-16334 Tendacn OS Command Injection vulnerability in Tendacn Ac10 Firmware and AC9 Firmware

An issue was discovered on Tenda AC9 V15.03.05.19(6318)_CN and AC10 V15.03.06.23_CN devices.

9.0
2018-08-29 CVE-2018-14768 Vivotek Unspecified vulnerability in Vivotek Camera

Various VIVOTEK FD8*, FD9*, FE9*, IB8*, IB9*, IP9*, IZ9*, MS9*, SD9*, and other devices before XXXXXX-VVTK-xx06a allow remote attackers to execute arbitrary code.

9.0
2018-08-28 CVE-2018-3895 Samsung Buffer Errors vulnerability in Samsung Sth-Eth-250 Firmware 0.20.17

An exploitable buffer overflow vulnerability exists in the /cameras/XXXX/clips handler of video-core's HTTP server of Samsung SmartThings Hub STH-ETH-250 Firmware version 0.20.17.

9.0
2018-08-27 CVE-2018-3904 Samsung Buffer Errors vulnerability in Samsung Sth-Eth-250 Firmware 0.20.17

An exploitable buffer overflow vulnerability exists in the camera 'update' feature of video-core's HTTP server of Samsung SmartThings Hub STH-ETH-250 - Firmware version 0.20.17.

9.0
2018-08-27 CVE-2018-3893 Samsung Buffer Errors vulnerability in Samsung Sth-Eth-250 Firmware 0.20.17

An exploitable buffer overflow vulnerability exists in the /cameras/XXXX/clips handler of video-core's HTTP server of Samsung SmartThings Hub STH-ETH-250 - Firmware version 0.20.17.

9.0

48 High Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2018-08-27 CVE-2018-15695 Asustor Path Traversal vulnerability in Asustor Data Master

ASUSTOR Data Master 3.1.5 and below allows authenticated remote non-administrative users to delete any file on the file system due to a path traversal vulnerability in wallpaper.cgi.

8.5
2018-09-02 CVE-2018-16333 Tendacn Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Tendacn products

An issue was discovered on Tenda AC7 V15.03.06.44_CN, AC9 V15.03.05.19(6318)_CN, AC10 V15.03.06.23_CN, AC15 V15.03.05.19_CN, and AC18 V15.03.05.19(6318)_CN devices.

7.8
2018-08-30 CVE-2018-16131 Lightbend Resource Exhaustion vulnerability in Lightbend Akka Http

The decodeRequest and decodeRequestWith directives in Lightbend Akka HTTP 10.1.x through 10.1.4 and 10.0.x through 10.0.13 allow remote attackers to cause a denial of service (memory consumption and daemon crash) via a ZIP bomb.

7.8
2018-08-30 CVE-2018-14621 Libtirpc Project Infinite Loop vulnerability in Libtirpc Project Libtirpc

An infinite loop vulnerability was found in libtirpc before version 1.0.2-rc2.

7.8
2018-08-30 CVE-2018-11615 Mosca Project Incorrect Regular Expression vulnerability in Mosca Project Mosca 2.8.1

This vulnerability allows remote attackers to deny service on vulnerable installations of npm mosca 2.8.1.

7.8
2018-08-29 CVE-2018-16132 Signal Resource Exhaustion vulnerability in Signal

The image rendering component (createGenericPreview) of the Open Whisper Signal app through 2.29.0 for iOS fails to check for unreasonably large images before manipulating received images.

7.8
2018-08-29 CVE-2018-7789 Schneider Electric Improper Check for Unusual OR Exceptional Conditions vulnerability in Schneider-Electric Modicon M221 Firmware 1.1.1.5

An Improper Check for Unusual or Exceptional Conditions vulnerability exists in Schneider Electric's Modicon M221 product (all references, all versions prior to firmware V1.6.2.0).

7.8
2018-09-02 CVE-2018-16354 Fhcrm Project SQL Injection vulnerability in Fhcrm Project Fhcrm 20180211

An issue was discovered in FHCRM through 2018-02-11.

7.5
2018-09-02 CVE-2018-16353 Fhcrm Project SQL Injection vulnerability in Fhcrm Project Fhcrm 20180211

An issue was discovered in FHCRM through 2018-02-11.

7.5
2018-09-02 CVE-2018-16352 Weaselcms Project Unrestricted Upload of File With Dangerous Type vulnerability in Weaselcms Project Weaselcms 0.3.6

There is a PHP code upload vulnerability in WeaselCMS 0.3.6 via index.php because code can be embedded at the end of a .png file when the image/png content type is used.

7.5
2018-09-01 CVE-2018-16329 Imagemagick Null Pointer Dereference vulnerability in Imagemagick

In ImageMagick before 7.0.8-8, a NULL pointer dereference exists in the GetMagickProperty function in MagickCore/property.c.

7.5
2018-09-01 CVE-2018-16328 Imagemagick Null Pointer Dereference vulnerability in Imagemagick

In ImageMagick before 7.0.8-8, a NULL pointer dereference exists in the CheckEventLogging function in MagickCore/log.c.

7.5
2018-08-31 CVE-2018-16278 Phpkaiyuancms SQL Injection vulnerability in PHPkaiyuancms PHPopensourcecms 3.2.0

phpkaiyuancms PhpOpenSourceCMS (POSCMS) V3.2.0 allows an unauthenticated user to execute arbitrary SQL commands via the diy/module/member/controllers/Api.php ajax_save_draft function with the dir parameter.

7.5
2018-08-30 CVE-2018-6499 Microfocus Code Injection vulnerability in Microfocus products

Remote Code Execution in the following products Hybrid Cloud Management Containerized Suite HCM2017.11, HCM2018.02, HCM2018.05, Operations Bridge Containerized Suite 2017.11, 2018.02, 2018.05, Data Center Automation Containerized Suite 2017.01 until 2018.05, Service Management Automation Suite 2017.11, 2018.02, 2018.05, Service Virtualization (SV) with floating licenses using Any version using APLS older than 10.7, Unified Functional Testing (UFT) with floating licenses using Any version using APLS older than 10.7, Network Virtualization (NV) with floating licenses using Any version using APLS older than 10.7 and Network Operations Management (NOM) Suite CDF 2017.11, 2018.02, 2018.05 will allow Remote Code Execution.

7.5
2018-08-30 CVE-2018-6498 Microfocus Code Injection vulnerability in Microfocus products

Remote Code Execution in the following products Hybrid Cloud Management Containerized Suite HCM2017.11, HCM2018.02, HCM2018.05, Operations Bridge Containerized Suite 2017.11, 2018.02, 2018.05, Data Center Automation Containerized Suite 2017.01 until 2018.05, Service Management Automation Suite 2017.11, 2018.02, 2018.05 and Network Operations Management (NOM) Suite CDF 2017.11, 2018.02, 2018.05 will allow Remote Code Execution.

7.5
2018-08-30 CVE-2018-16159 Codemenschen SQL Injection vulnerability in Codemenschen Gift Vouchers

The Gift Vouchers plugin through 2.0.1 for WordPress allows SQL Injection via the template_id parameter in a wp-admin/admin-ajax.php wpgv_doajax_front_template request.

7.5
2018-08-30 CVE-2018-15691 Broadcom Deserialization of Untrusted Data vulnerability in Broadcom Release Automation 6.3/6.4/6.5

Insecure deserialization of a specially crafted serialized object, in CA Release Automation 6.5 and earlier, allows attackers to potentially execute arbitrary code.

7.5
2018-08-30 CVE-2018-13824 Broadcom
CA
SQL Injection vulnerability in multiple products

Insufficient input sanitization of two parameters in CA PPM 14.3 and below, 14.4, 15.1, 15.2 CP5 and below, and 15.3 CP2 and below, allows remote attackers to execute SQL injection attacks.

7.5
2018-08-30 CVE-2018-13821 CA Improper Authentication vulnerability in CA Unified Infrastructure Management 8.4.7/8.5/8.5.1

A lack of authentication, in CA Unified Infrastructure Management 8.5.1, 8.5, and 8.4.7, allows remote attackers to conduct a variety of attacks, including file reading/writing.

7.5
2018-08-29 CVE-2018-7791 Schneider Electric Improper Authentication vulnerability in Schneider-Electric Modicon M221 Firmware 1.1.1.5

A Permissions, Privileges, and Access Control vulnerability exists in Schneider Electric's Modicon M221 product (all references, all versions prior to firmware V1.6.2.0).

7.5
2018-08-29 CVE-2018-14805 ABB Improper Authentication vulnerability in ABB Esoms 6.0.2

ABB eSOMS version 6.0.2 may allow unauthorized access to the system when LDAP is set to allow anonymous authentication, and specific key values within the eSOMS web.config file are present.

7.5
2018-08-29 CVE-2018-15727 Grafana
Redhat
Improper Authentication vulnerability in multiple products

Grafana 2.x, 3.x, and 4.x before 4.6.4 and 5.x before 5.2.3 allows authentication bypass because an attacker can generate a valid "remember me" cookie knowing only a username of an LDAP or OAuth user.

7.5
2018-08-29 CVE-2018-12829 Adobe Improper Certificate Validation vulnerability in Adobe Creative Cloud

Adobe Creative Cloud Desktop Application before 4.6.1 has an improper certificate validation vulnerability.

7.5
2018-08-29 CVE-2018-12828 Adobe
Apple
Linux
Microsoft
Google
Redhat
Unspecified vulnerability in Adobe Flash Player

Adobe Flash Player 30.0.0.134 and earlier have a "use of a component with a known vulnerability" vulnerability.

7.5
2018-08-29 CVE-2018-12825 Adobe
Apple
Linux
Microsoft
Google
Redhat
Unspecified vulnerability in Adobe Flash Player

Adobe Flash Player 30.0.0.134 and earlier have a security bypass vulnerability.

7.5
2018-08-29 CVE-2018-12811 Adobe
Apple
Microsoft
Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Adobe Photoshop CC

Adobe Photoshop CC 2018 before 19.1.6 and Photoshop CC 2017 before 18.1.6 have a memory corruption vulnerability.

7.5
2018-08-29 CVE-2018-12810 Adobe
Apple
Microsoft
Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Adobe Photoshop CC

Adobe Photoshop CC 2018 before 19.1.6 and Photoshop CC 2017 before 18.1.6 have a memory corruption vulnerability.

7.5
2018-08-29 CVE-2018-12808 Adobe
Apple
Microsoft
Out-Of-Bounds Write vulnerability in Adobe Acrobat DC and Acrobat Reader DC

Adobe Acrobat and Reader versions 2018.011.20055 and earlier, 2017.011.30096 and earlier, and 2015.006.30434 and earlier have an out-of-bounds write vulnerability.

7.5
2018-08-29 CVE-2018-15882 Joomla Unrestricted Upload of File With Dangerous Type vulnerability in Joomla Joomla!

An issue was discovered in Joomla! before 3.8.12.

7.5
2018-08-28 CVE-2017-15398 Google
Redhat
Debian
Buffer Errors vulnerability in Google Chrome

A stack buffer overflow in the QUIC networking stack in Google Chrome prior to 62.0.3202.89 allowed a remote attacker to gain code execution via a malicious server.

7.5
2018-08-28 CVE-2018-15873 Sapplica SQL Injection vulnerability in Sapplica Sentrifugo 3.2

A SQL Injection issue was discovered in Sentrifugo 3.2 via the deptid parameter.

7.5
2018-08-28 CVE-2018-15839 Dlink Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Dlink Dir-615 Firmware

D-Link DIR-615 devices have a buffer overflow via a long Authorization HTTP header.

7.5
2018-08-27 CVE-2018-15904 A10Networks SQL Injection vulnerability in A10Networks Acos web Application Firewall

A10 ACOS Web Application Firewall (WAF) 2.7.1 and 2.7.2 before 2.7.2-P12, 4.1.0 before 4.1.0-P11, 4.1.1 before 4.1.1-P8, and 4.1.2 before 4.1.2-P4 mishandles the configured rules for blocking SQL injection attacks, aka A10-2017-0008.

7.5
2018-08-27 CVE-2018-15894 Wuzhi CMS Project SQL Injection vulnerability in Wuzhi CMS Project Wuzhi CMS 4.1.0

A SQL injection was discovered in /coreframe/app/admin/pay/admin/index.php in WUZHI CMS 4.1.0 via the index.php?m=pay&f=index&v=listing keyValue parameter.

7.5
2018-08-27 CVE-2018-15893 Wuzhi CMS Project SQL Injection vulnerability in Wuzhi CMS Project Wuzhi CMS 4.1.0

A SQL injection was discovered in /coreframe/app/admin/copyfrom.php in WUZHI CMS 4.1.0 via the index.php?m=core&f=copyfrom&v=listing keywords parameter.

7.5
2018-08-27 CVE-2015-9264 Lansweeper Improper Input Validation vulnerability in Lansweeper

Lansweeper 4.x through 6.x before 6.0.0.48 allows attackers to execute arbitrary code on the administrator's workstation via a crafted Windows service.

7.5
2018-08-27 CVE-2015-9263 Idera Unrestricted Upload of File With Dangerous Type vulnerability in Idera Uptime Infrastructure Monitor 7.4.0/7.5.0

An issue was discovered in post2file.php in Up.Time Monitoring Station 7.5.0 (build 16) and 7.4.0 (build 13).

7.5
2018-08-27 CVE-2014-10074 Umbraco Unrestricted Upload of File With Dangerous Type vulnerability in Umbraco CMS

Umbraco before 7.2.0 has a remote PHP code execution vulnerability because Umbraco.Web.UI/config/umbracoSettings.Release.config does not block the upload of .php files.

7.5
2018-08-31 CVE-2018-16276 Linux
Debian
Canonical
Improper Input Validation vulnerability in Linux Kernel

An issue was discovered in yurex_read in drivers/usb/misc/yurex.c in the Linux kernel before 4.17.7.

7.2
2018-08-30 CVE-2018-15363 Trendmicro
Microsoft
Out-Of-Bounds Read vulnerability in Trendmicro products

An Out-of-Bounds Read Privilege Escalation vulnerability in Trend Micro Security 2018 (Consumer) products could allow a local attacker to escalate privileges on vulnerable installations.

7.2
2018-08-30 CVE-2018-10514 Trendmicro
Microsoft
Improper Privilege Management vulnerability in Trendmicro products

A Missing Impersonation Privilege Escalation vulnerability in Trend Micro Security 2018 (Consumer) products could allow a local attacker to escalate privileges on vulnerable installations.

7.2
2018-08-30 CVE-2018-10513 Trendmicro
Microsoft
Deserialization of Untrusted Data vulnerability in Trendmicro products

A Deserialization of Untrusted Data Privilege Escalation vulnerability in Trend Micro Security 2018 (Consumer) products could allow a local attacker to escalate privileges on vulnerable installations.

7.2
2018-08-30 CVE-2018-14619 Linux Improper Input Validation vulnerability in Linux Kernel

A flaw was found in the crypto subsystem of the Linux kernel before version kernel-4.15-rc4.

7.2
2018-08-29 CVE-2018-6597 Alcatel Unspecified vulnerability in Alcatel A30 Firmware 7.0

The Alcatel A30 device with a build fingerprint of TCL/5046G/MICKEY6US:7.0/NRD90M/J63:user/release-keys contains a hidden privilege escalation capability to achieve command execution as the root user.

7.2
2018-08-29 CVE-2018-15912 Manjaro Improper Privilege Management vulnerability in Manjaro Linux

An issue was discovered in manjaro-update-system.sh in manjaro-system 20180716-1 on Manjaro Linux.

7.2
2018-08-28 CVE-2018-3916 Samsung Out-Of-Bounds Write vulnerability in Samsung Sth-Eth-250 Firmware 0.20.17

An exploitable stack-based buffer overflow vulnerability exists in the retrieval of database fields in the video-core HTTP server of the Samsung SmartThings Hub STH-ETH-250 - Firmware version 0.20.17.

7.2
2018-09-02 CVE-2018-16359 Google Unspecified vulnerability in Google Gvisor

Google gVisor before 2018-08-23, within the seccomp sandbox, permits access to the renameat system call, which allows attackers to rename files on the host OS.

7.1
2018-08-27 CVE-2018-10938 Linux
Canonical
Debian
Infinite Loop vulnerability in multiple products

A flaw was found in the Linux kernel present since v4.0-rc1 and through v4.13-rc4.

7.1

166 Medium Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2018-09-02 CVE-2018-16366 Idreamsoft Cross-Site Request Forgery (CSRF) vulnerability in Idreamsoft Icms 7.0.10

An issue was discovered in idreamsoft iCMS V7.0.10.

6.8
2018-09-02 CVE-2018-16365 Idreamsoft Cross-Site Request Forgery (CSRF) vulnerability in Idreamsoft Icms 7.0.10

An issue was discovered in idreamsoft iCMS V7.0.10.

6.8
2018-09-02 CVE-2018-16345 Easycms Cross-Site Request Forgery (CSRF) vulnerability in Easycms 1.5

An issue was discovered in EasyCMS 1.5.

6.8
2018-09-02 CVE-2018-16339 Phome Cross-Site Request Forgery (CSRF) vulnerability in Phome Empirecms 7.0

An issue was discovered in EmpireCMS 7.0.

6.8
2018-09-02 CVE-2018-16338 Auracms Cross-Site Request Forgery (CSRF) vulnerability in Auracms 2.3

An issue was discovered in AuraCMS 2.3.

6.8
2018-09-02 CVE-2018-16335 Libtiff
Debian
Out-Of-Bounds Write vulnerability in multiple products

newoffsets handling in ChopUpSingleUncompressedStrip in tif_dirread.c in LibTIFF 4.0.9 allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted TIFF file, as demonstrated by tiff2pdf.

6.8
2018-09-02 CVE-2018-16332 Idreamsoft Cross-Site Request Forgery (CSRF) vulnerability in Idreamsoft Icms 7.0.9

An issue was discovered in iCMS 7.0.9.

6.8
2018-09-02 CVE-2018-16331 Damicms Cross-Site Request Forgery (CSRF) vulnerability in Damicms 6.0.0

admin.php?s=/Admin/doedit in DamiCMS v6.0.0 allows CSRF to change the administrator account's password.

6.8
2018-09-01 CVE-2018-16314 Icmsdev Cross-Site Request Forgery (CSRF) vulnerability in Icmsdev Icms 7.0.11

An issue was discovered in admincp.php in idreamsoft iCMS 7.0.11.

6.8
2018-09-01 CVE-2018-16308 Ninjaforms Unspecified vulnerability in Ninjaforms Ninja Forms

The Ninja Forms plugin before 3.3.14.1 for WordPress allows CSV injection.

6.8
2018-08-31 CVE-2018-16275 Opswat Unspecified vulnerability in Opswat Metadefender

OPSWAT MetaDefender before v4.11.2 allows CSV injection.

6.8
2018-08-30 CVE-2018-15478 Mystrom Improper Authentication vulnerability in Mystrom products

An issue was discovered in myStrom WiFi Switch V1 before 2.66, WiFi Switch V2 before 3.80, WiFi Switch EU before 3.80, WiFi Bulb before 2.58, WiFi LED Strip before 3.80, WiFi Button before 2.73, and WiFi Button Plus before 2.73.

6.8
2018-08-30 CVE-2018-11718 Xovis Cross-Site Request Forgery (CSRF) vulnerability in Xovis PC2 Firmware, Pc2R Firmware and PC3 Firmware

Xovis PC2, PC2R, and PC3 devices through 3.6.0 allow CSRF.

6.8
2018-08-30 CVE-2018-10936 Postgresql
Redhat
Improper Validation of Certificate With Host Mismatch vulnerability in multiple products

A weakness was found in postgresql-jdbc before version 42.2.5.

6.8
2018-08-30 CVE-2018-14317 Foxitsoftware
Microsoft
Incorrect Type Conversion OR Cast vulnerability in Foxitsoftware Foxit Reader

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.1.0.5096.

6.8
2018-08-30 CVE-2018-11616 Tencent OS Command Injection vulnerability in Tencent Foxmail 7.2.9.115

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Tencent Foxmail 7.2.9.115.

6.8
2018-08-30 CVE-2018-16140 Canonical
Fig2Dev Project
Out-Of-Bounds Write vulnerability in multiple products

A buffer underwrite vulnerability in get_line() (read.c) in fig2dev 3.2.7a allows an attacker to write prior to the beginning of the buffer via a crafted .fig file.

6.8
2018-08-29 CVE-2018-5003 Adobe
Microsoft
Untrusted Search Path vulnerability in Adobe Creative Cloud

Adobe Creative Cloud Desktop Application before 4.5.5.342 (installer) has an insecure library loading (dll hijacking) vulnerability.

6.8
2018-08-29 CVE-2018-12799 Adobe
Apple
Microsoft
Null Pointer Dereference vulnerability in Adobe Acrobat DC and Acrobat Reader DC

Adobe Acrobat and Reader versions 2018.011.20055 and earlier, 2017.011.30096 and earlier, and 2015.006.30434 and earlier have an untrusted pointer dereference vulnerability.

6.8
2018-08-29 CVE-2018-15121 Auth0 Cross-Site Request Forgery (CSRF) vulnerability in Auth0 Aspnet and Aspnet-Owin

An issue was discovered in Auth0 auth0-aspnet and auth0-aspnet-owin.

6.8
2018-08-28 CVE-2017-15406 Google Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Google Chrome

A stack buffer overflow in V8 in Google Chrome prior to 62.0.3202.75 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page.

6.8
2018-08-28 CVE-2018-15901 E107 Cross-Site Request Forgery (CSRF) vulnerability in E107 2.1.8

e107 2.1.8 has CSRF in 'usersettings.php' with an impact of changing details such as passwords of users including administrators.

6.8
2018-08-28 CVE-2018-15884 Ricoh Cross-Site Request Forgery (CSRF) vulnerability in Ricoh MP C4504Ex Firmware

RICOH MP C4504ex devices allow HTML Injection via the /web/entry/en/address/adrsSetUserWizard.cgi entryNameIn parameter.

6.8
2018-08-28 CVE-2018-14572 Pyconuk Deserialization of Untrusted Data vulnerability in Pyconuk Conference-Scheduler-Cli

In conference-scheduler-cli, a pickle.load call on imported data allows remote attackers to execute arbitrary code via a crafted .pickle file, as demonstrated by Python code that contains an os.system call.

6.8
2018-08-28 CVE-2017-15413 Redhat
Debian
Google
Incorrect Type Conversion OR Cast vulnerability in multiple products

Type confusion in WebAssembly in V8 in Google Chrome prior to 63.0.3239.84 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

6.8
2018-08-28 CVE-2017-15412 Redhat
Debian
Google
Xmlsoft
USE After Free vulnerability in multiple products

Use after free in libxml2 before 2.9.5, as used in Google Chrome prior to 63.0.3239.84 and other products, allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

6.8
2018-08-28 CVE-2017-15411 Google
Debian
Redhat
USE After Free vulnerability in Google Chrome

Use after free in PDFium in Google Chrome prior to 63.0.3239.84 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file.

6.8
2018-08-28 CVE-2017-15410 Google
Debian
Redhat
USE After Free vulnerability in Google Chrome

Use after free in PDFium in Google Chrome prior to 63.0.3239.84 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file.

6.8
2018-08-28 CVE-2017-15409 Google
Debian
Redhat
Buffer Errors vulnerability in Google Chrome

Heap buffer overflow in Skia in Google Chrome prior to 63.0.3239.84 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

6.8
2018-08-28 CVE-2017-15408 Google
Debian
Redhat
Buffer Errors vulnerability in Google Chrome

Heap buffer overflow in Omnibox in Google Chrome prior to 63.0.3239.84 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file that is mishandled by PDFium.

6.8
2018-08-28 CVE-2017-15407 Google
Debian
Redhat
Out-Of-Bounds Write vulnerability in Google Chrome

Out-of-bounds Write in the QUIC networking stack in Google Chrome prior to 63.0.3239.84 allowed a remote attacker to gain code execution via a malicious server.

6.8
2018-08-28 CVE-2018-15571 Export Users TO CSV Project Unspecified vulnerability in Export Users TO CSV Project Export Users TO CSV

The Export Users to CSV plugin through 1.1.1 for WordPress allows CSV injection.

6.8
2018-08-28 CVE-2014-6046 Phpmyfaq Cross-Site Request Forgery (CSRF) vulnerability in PHPmyfaq

Multiple cross-site request forgery (CSRF) vulnerabilities in phpMyFAQ before 2.8.13 allow remote attackers to hijack the authentication of unspecified users for requests that (1) delete active users by leveraging improper validation of CSRF tokens or that (2) delete open questions, (3) activate users, (4) publish FAQs, (5) add or delete Glossary, (6) add or delete FAQ news, or (7) add or delete comments or add votes by leveraging lack of a CSRF token.

6.8
2018-08-28 CVE-2018-15911 Debian
Canonical
Artifex
Redhat
Pulsesecure
USE of Uninitialized Resource vulnerability in multiple products

In Artifex Ghostscript 9.23 before 2018-08-24, attackers able to supply crafted PostScript could use uninitialized memory access in the aesdecode operator to crash the interpreter or potentially execute code.

6.8
2018-08-27 CVE-2018-15910 Debian
Canonical
Artifex
Redhat
Pulsesecure
Incorrect Type Conversion OR Cast vulnerability in multiple products

In Artifex Ghostscript before 9.24, attackers able to supply crafted PostScript files could use a type confusion in the LockDistillerParams parameter to crash the interpreter or execute code.

6.8
2018-08-27 CVE-2018-15909 Debian
Canonical
Artifex
Redhat
Pulsesecure
Incorrect Type Conversion OR Cast vulnerability in multiple products

In Artifex Ghostscript 9.23 before 2018-08-24, a type confusion using the .shfill operator could be used by attackers able to supply crafted PostScript files to crash the interpreter or potentially execute code.

6.8
2018-08-27 CVE-2018-15908 Artifex
Debian
Canonical
Redhat
In Artifex Ghostscript 9.23 before 2018-08-23, attackers are able to supply malicious PostScript files to bypass .tempfile restrictions and write files.
6.8
2018-08-27 CVE-2018-15698 Asustor Information Exposure vulnerability in Asustor Data Master

ASUSTOR Data Master 3.1.5 and below allows authenticated remote non-administrative users to read any file on the file system when providing the full path to loginimage.cgi.

6.8
2018-09-02 CVE-2018-16343 Seacms Code Injection vulnerability in Seacms 6.61

SeaCMS 6.61 allows remote attackers to execute arbitrary code because parseIf() in include/main.class.php does not block use of $GLOBALS.

6.5
2018-09-01 CVE-2018-16320 Idreamsoft Path Traversal vulnerability in Idreamsoft Icms 7.0.11

idreamsoft iCMS 7.0.11 allows admincp.php?app=config Directory Traversal, resulting in execution of arbitrary PHP code from a ZIP file.

6.5
2018-09-01 CVE-2018-15514 Docker Deserialization of Untrusted Data vulnerability in Docker

HandleRequestAsync in Docker for Windows before 18.06.0-ce-rc3-win68 (edge) and before 18.06.0-ce-win72 (stable) deserialized requests over the \\.\pipe\dockerBackend named pipe without verifying the validity of the deserialized .NET objects.

6.5
2018-08-30 CVE-2018-16238 Damicms Improper Input Validation vulnerability in Damicms 6.0.1

An issue was discovered in damiCMS V6.0.1.

6.5
2018-08-30 CVE-2018-15480 Mystrom Unspecified vulnerability in Mystrom products

An issue was discovered in myStrom WiFi Switch V1 before 2.66, WiFi Switch V2 before 3.80, WiFi Switch EU before 3.80, WiFi Bulb before 2.58, WiFi LED Strip before 3.80, WiFi Button before 2.73, and WiFi Button Plus before 2.73.

6.5
2018-08-28 CVE-2018-15529 Mutiny OS Command Injection vulnerability in Mutiny 5.01.00/5.01.10/5.01.11

A command injection vulnerability in maintenance.cgi in Mutiny "Monitoring Appliance" before 6.1.0-5263 allows authenticated users, with access to the admin interface, to inject arbitrary commands within the filename of a system upgrade upload.

6.5
2018-08-28 CVE-2014-6045 Phpmyfaq SQL Injection vulnerability in PHPmyfaq

SQL injection vulnerability in phpMyFAQ before 2.8.13 allows remote authenticated users with certain permissions to execute arbitrary SQL commands via vectors involving the restore function.

6.5
2018-08-27 CVE-2018-15887 Asus OS Command Injection vulnerability in Asus Dsl-N12E C1 Firmware 1.1.2.3345

Main_Analysis_Content.asp in ASUS DSL-N12E_C1 1.1.2.3_345 is prone to Authenticated Remote Command Execution, which allows a remote attacker to execute arbitrary OS commands via service parameters, such as shell metacharacters in the destIP parameter of a cmdMethod=ping request.

6.5
2018-09-02 CVE-2018-16344 Zzcms Path Traversal vulnerability in Zzcms 8.3

An issue was discovered in zzcms 8.3.

6.4
2018-08-30 CVE-2018-15479 Mystrom Improper Authentication vulnerability in Mystrom products

An issue was discovered in myStrom WiFi Switch V1 before 2.66, WiFi Switch V2 before 3.80, WiFi Switch EU before 3.80, WiFi Bulb before 2.58, WiFi LED Strip before 3.80, WiFi Button before 2.73, and WiFi Button Plus before 2.73.

6.4
2018-08-30 CVE-2018-13826 Broadcom
CA
XXE vulnerability in multiple products

An XML external entity vulnerability in the XOG functionality, in CA PPM 14.3 and below, 14.4, 15.1, 15.2 CP5 and below, and 15.3 CP2 and below, allows remote attackers to conduct server side request forgery attacks.

6.4
2018-08-29 CVE-2018-16115 Lightbend USE of Cryptographically Weak Pseudo-Random Number Generator (Prng) vulnerability in Lightbend Akka

Lightbend Akka 2.5.x before 2.5.16 allows message disclosure and modification because of an RNG error.

6.4
2018-08-28 CVE-2018-3908 Samsung Http Request Smuggling vulnerability in Samsung Sth-Eth-250 Firmware 0.20.17

An exploitable vulnerability exists in the REST parser of video-core's HTTP server of the Samsung SmartThings Hub STH-ETH-250-Firmware version 0.20.17.

6.4
2018-08-27 CVE-2018-3918 Samsung Improper Enforcement of Message OR Data Structure vulnerability in Samsung Sth-Eth-250 Firmware 0.20.17

An exploitable vulnerability exists in the remote servers of Samsung SmartThings Hub STH-ETH-250 - Firmware version 0.20.17.

6.4
2018-08-29 CVE-2018-15907 Technicolor Resource Exhaustion vulnerability in Technicolor Tc8305C Firmware

** DISPUTED ** Technicolor (formerly RCA) TC8305C devices allow remote attackers to cause a denial of service (networking outage) via a flood of random MAC addresses, as demonstrated by macof.

6.1
2018-08-27 CVE-2018-15694 Asustor Path Traversal vulnerability in Asustor Data Master

ASUSTOR Data Master 3.1.5 and below allows authenticated remote non-administrative users to upload files to arbitrary locations due to a path traversal vulnerability.

6.0
2018-08-29 CVE-2018-6598 Orbic Unspecified vulnerability in Orbic Wonder Rc555L Firmware 7.1.2

An issue was discovered on Orbic Wonder Orbic/RC555L/RC555L:7.1.2/N2G47H/329100b:user/release-keys devices.

5.6
2018-08-30 CVE-2018-16141 Thinkcmf Path Traversal vulnerability in Thinkcmf Thinkcmfx X2.2.3

ThinkCMF X2.2.3 has an arbitrary file deletion vulnerability in do_avatar in \application\User\Controller\ProfileController.class.php via an imgurl parameter with a ..\ sequence.

5.5
2018-08-28 CVE-2014-6049 Phpmyfaq Improper Authorization vulnerability in PHPmyfaq

phpMyFAQ before 2.8.13 allows remote authenticated users with admin privileges to bypass authorization via a crafted instance ID parameter.

5.5
2018-09-01 CVE-2018-16303 Tracker Software XXE vulnerability in Tracker-Software Pdf-Xchange Editor

PDF-XChange Editor through 7.0.326.1 allows remote attackers to cause a denial of service (resource consumption) via a crafted x:xmpmeta structure, a related issue to CVE-2003-1564.

5.0
2018-08-31 CVE-2018-11054 EMC Integer Overflow OR Wraparound vulnerability in EMC RSA Bsafe 4.1.6

RSA BSAFE Micro Edition Suite, version 4.1.6, contains an integer overflow vulnerability.

5.0
2018-08-31 CVE-2018-3787 Simplehttpserver Project Path Traversal vulnerability in Simplehttpserver Project Simplehttpserver

Path traversal in simplehttpserver <v0.2.1 allows listing any file on the server.

5.0
2018-08-30 CVE-2018-16239 Damicms USE of Insufficiently Random Values vulnerability in Damicms 6.0.1

An issue was discovered in damiCMS V6.0.1.

5.0
2018-08-30 CVE-2018-16231 Michael Roth Software Improper Input Validation vulnerability in Michael-Roth-Software Pftp

Michael Roth Software Personal FTP Server (PFTP) through 8.4f allows remote attackers to cause a denial of service (daemon crash) via an unspecified sequence of FTP commands.

5.0
2018-08-30 CVE-2018-15745 Argussurveillance Path Traversal vulnerability in Argussurveillance DVR 4.0.0.0

Argus Surveillance DVR 4.0.0.0 devices allow Unauthenticated Directory Traversal, leading to File Disclosure via a ..%2F in the WEBACCOUNT.CGI RESULTPAGE parameter.

5.0
2018-08-30 CVE-2018-14903 Epson Origin Validation Error vulnerability in Epson Wf-2750 Firmware Jp02L2

EPSON WF-2750 printers with firmware JP02I2 do not properly validate files before running updates, which allows remote attackers to cause a printer malfunction or send malicious data to the printer.

5.0
2018-08-30 CVE-2018-14902 Epson Information Exposure vulnerability in Epson Iprint 6.6.3

The ContentProvider in the EPSON iPrint application 6.6.3 for Android does not properly restrict data access.

5.0
2018-08-30 CVE-2018-14901 Epson USE of Hard-Coded Credentials vulnerability in Epson Iprint 6.6.3

The EPSON iPrint application 6.6.3 for Android contains hard-coded API and Secret keys for the Dropbox, Box, Evernote and OneDrive services.

5.0
2018-08-30 CVE-2018-14900 Epson Channel and Path Errors vulnerability in Epson Wf-2750 Firmware Jp02L2

On EPSON WF-2750 printers with firmware JP02I2, there is no filtering of print jobs.

5.0
2018-08-30 CVE-2018-11720 Xovis Path Traversal vulnerability in Xovis PC2 Firmware, Pc2R Firmware and PC3 Firmware

Xovis PC2, PC2R, and PC3 devices through 3.6.0 allow Directory Traversal.

5.0
2018-08-30 CVE-2018-13823 Broadcom
CA
XXE vulnerability in multiple products

An XML external entity vulnerability in the XOG functionality, in CA PPM 14.3 and below, 14.4, 15.1, 15.2 CP5 and below, and 15.3 CP2 and below, allows remote attackers to access sensitive information.

5.0
2018-08-30 CVE-2018-13822 CA Insufficiently Protected Credentials vulnerability in CA Project Portfolio Management

Unprotected storage of credentials in CA PPM 14.3 and below, 14.4, 15.1, 15.2 CP5 and below, and 15.3 CP2 and below, allows attackers to access sensitive information.

5.0
2018-08-30 CVE-2018-13820 CA USE of Hard-Coded Credentials vulnerability in CA Unified Infrastructure Management 8.4.7/8.5/8.5.1

A hardcoded passphrase, in CA Unified Infrastructure Management 8.5.1, 8.5, and 8.4.7, allows attackers to access sensitive information.

5.0
2018-08-30 CVE-2018-13819 CA USE of Hard-Coded Credentials vulnerability in CA Unified Infrastructure Management 8.4.7/8.5/8.5.1

A hardcoded secret key, in CA Unified Infrastructure Management 8.5.1, 8.5, and 8.4.7, allows attackers to access sensitive information.

5.0
2018-08-30 CVE-2018-16157 Bijiadao Unspecified vulnerability in Bijiadao Waimai Super CMS 20150505

waimai Super Cms 20150505 has a logic flaw allowing attackers to modify a price, before form submission, by observing data in a packet capture.

5.0
2018-08-30 CVE-2018-14622 Libtirpc Project
Canonical
Debian
Redhat
Unchecked Return Value vulnerability in multiple products

A null-pointer dereference vulnerability was found in libtirpc before version 0.3.3-rc3.

5.0
2018-08-30 CVE-2018-16058 Wireshark
Debian
Improper Initialization vulnerability in multiple products

In Wireshark 2.6.0 to 2.6.2, 2.4.0 to 2.4.8, and 2.2.0 to 2.2.16, the Bluetooth AVDTP dissector could crash.

5.0
2018-08-30 CVE-2018-16057 Wireshark
Debian
In Wireshark 2.6.0 to 2.6.2, 2.4.0 to 2.4.8, and 2.2.0 to 2.2.16, the Radiotap dissector could crash.
5.0
2018-08-30 CVE-2018-16056 Wireshark
Debian
In Wireshark 2.6.0 to 2.6.2, 2.4.0 to 2.4.8, and 2.2.0 to 2.2.16, the Bluetooth Attribute Protocol dissector could crash.
5.0
2018-08-29 CVE-2018-16133 Cybrotech Path Traversal vulnerability in Cybrotech Cybrohttpserver 1.0.3

Cybrotech CyBroHttpServer 1.0.3 allows Directory Traversal via a ../ in the URI.

5.0
2018-08-29 CVE-2018-7792 Schneider Electric Missing Authorization vulnerability in Schneider-Electric Modicon M221 Firmware 1.1.1.5

A Permissions, Privileges, and Access Control vulnerability exists in Schneider Electric's Modicon M221 product (all references, all versions prior to firmware V1.6.2.0).

5.0
2018-08-29 CVE-2018-7790 Schneider Electric Authentication Bypass BY Capture-Replay vulnerability in Schneider-Electric Modicon M221 Firmware 1.1.1.5

An Information Management Error vulnerability exists in Schneider Electric's Modicon M221 product (all references, all versions prior to firmware V1.6.2.0).

5.0
2018-08-29 CVE-2017-17762 Episerver XXE vulnerability in Episerver 7

XML external entity (XXE) vulnerability in Episerver 7 patch 4 and earlier allows remote attackers to read arbitrary files via a crafted DTD in an XML request involving util/xmlrpc/Handler.ashx.

5.0
2018-08-29 CVE-2018-8040 Apache
Debian
Exposure of Resource TO Wrong Sphere vulnerability in multiple products

Pages that are rendered using the ESI plugin can have access to the cookie header when the plugin is configured not to allow access.

5.0
2018-08-29 CVE-2018-8022 Apache Improper Input Validation vulnerability in Apache Traffic Server

A carefully crafted invalid TLS handshake can cause Apache Traffic Server (ATS) to segfault.

5.0
2018-08-29 CVE-2018-8005 Apache
Debian
Resource Exhaustion vulnerability in multiple products

When there are multiple ranges in a range request, Apache Traffic Server (ATS) will read the entire object from cache.

5.0
2018-08-29 CVE-2018-1318 Apache
Debian
Improper Input Validation vulnerability in multiple products

Adding method ACLs in remap.config can cause a segfault when the user makes a carefully crafted request.

5.0
2018-08-29 CVE-2018-12827 Adobe
Apple
Microsoft
Google
Linux
Redhat
Out-Of-Bounds Read vulnerability in Adobe Flash Player

Adobe Flash Player 30.0.0.134 and earlier have an out-of-bounds read vulnerability.

5.0
2018-08-29 CVE-2018-12826 Adobe
Apple
Microsoft
Google
Linux
Redhat
Out-Of-Bounds Read vulnerability in Adobe Flash Player

Adobe Flash Player 30.0.0.134 and earlier have an out-of-bounds read vulnerability.

5.0
2018-08-29 CVE-2018-12807 Adobe Improper Input Validation vulnerability in Adobe Experience Manager

Adobe Experience Manager versions 6.4, 6.3, 6.2, 6.1, and 6.0 have an input validation bypass vulnerability.

5.0
2018-08-29 CVE-2018-15881 Joomla Unspecified vulnerability in Joomla Joomla!

An issue was discovered in Joomla! before 3.8.12.

5.0
2018-08-28 CVE-2017-15423 Google
Redhat
Debian
Cryptographic Issues vulnerability in Google Chrome

Inappropriate implementation in BoringSSL SPAKE2 in Google Chrome prior to 63.0.3239.84 allowed a remote attacker to leak the low-order bits of SHA512(password) by inspecting protocol traffic.

5.0
2018-08-28 CVE-2014-6050 Phpmyfaq 7PK - Security Features vulnerability in PHPmyfaq

phpMyFAQ before 2.8.13 allows remote attackers to bypass the CAPTCHA protection mechanism by replaying the request.

5.0
2018-08-28 CVE-2014-6048 Phpmyfaq Information Exposure vulnerability in PHPmyfaq

phpMyFAQ before 2.8.13 allows remote attackers to read arbitrary attachments via a direct request.

5.0
2018-08-28 CVE-2014-6047 Phpmyfaq Permission Issues vulnerability in PHPmyfaq

phpMyFAQ before 2.8.13 allows remote authenticated users with certain permissions to read arbitrary attachments by leveraging incorrect "download an attachment" permission checks.

5.0
2018-08-28 CVE-2018-13391 Atlassian Information Exposure vulnerability in Atlassian Jira

The ProfileLinkUserFormat component of Jira Server before version 7.6.8, from version 7.7.0 before version 7.7.5, from version 7.8.0 before version 7.8.5, from version 7.9.0 before version 7.9.3, from version 7.10.0 before version 7.10.3 and from version 7.11.0 before version 7.11.2 allows remote attackers who can access & view an issue to obtain the email address of the reporter and assignee user of an issue despite the configured email visibility setting being set to hidden.

5.0
2018-08-28 CVE-2018-15919 Openbsd
Netapp
Information Exposure vulnerability in multiple products

Remotely observable behaviour in auth-gss2.c in OpenSSH through 7.8 could be used by remote attackers to detect existence of users on a target system when GSS2 is in use.

5.0
2018-08-27 CVE-2017-15139 Openstack
Redhat
Information Exposure vulnerability in multiple products

A vulnerability was found in openstack-cinder releases up to and including Queens, allowing newly created volumes in certain storage volume configurations to contain previous data.

5.0
2018-08-27 CVE-2018-15810 Visiology Path Traversal vulnerability in Visiology Flipbox 2.0.0/2.6.0

Visiology Flipbox Software Suite before 2.7.0 allows directory traversal via %5c%2e%2e%2f because it does not sanitize filename parameters.

5.0
2018-08-27 CVE-2018-15895 Icmsdev Server-Side Request Forgery (SSRF) vulnerability in Icmsdev Icms

An SSRF vulnerability was discovered in idreamsoft iCMS 7.0.11 because the remote function in app/spider/spider_tools.class.php does not block DNS hostnames associated with private and reserved IP addresses, as demonstrated by 127.0.0.1 in an A record.

5.0
2018-08-28 CVE-2018-3926 Samsung Integer Underflow (Wrap OR Wraparound) vulnerability in Samsung Sth-Eth-250 Firmware 0.20.17

An exploitable integer underflow vulnerability exists in the ZigBee firmware update routine of the hubCore binary of the Samsung SmartThings Hub STH-ETH-250 - Firmware version 0.20.17.

4.9
2018-08-31 CVE-2018-7685 Opensuse Improper Verification of Cryptographic Signature vulnerability in Opensuse Libzypp

The decoupled download and installation steps in libzypp before 17.5.0 could lead to a corrupted RPM being left in the cache, where a later call would not display the corrupted RPM warning and allow installation, a problem caused by malicious warnings only displayed during download.

4.6
2018-08-31 CVE-2018-6257 Nvidia Unspecified vulnerability in Nvidia Geforce Experience

NVIDIA GeForce Experience all versions prior to 3.14.1 contains a potential vulnerability when GameStream is enabled where improper access control may lead to a denial of service, escalation of privileges, or both.

4.4
2018-09-02 CVE-2018-16362 Mantisbt Cross-Site Scripting vulnerability in Mantisbt Source Integration

An issue was discovered in the Source Integration plugin before 1.5.9 and 2.x before 2.1.5 for MantisBT.

4.3
2018-09-02 CVE-2018-16350 Wuzhi CMS Project Cross-Site Scripting vulnerability in Wuzhi CMS Project Wuzhi CMS 4.1.0

WUZHI CMS 4.1.0 has XSS via the index.php?m=core&f=set&v=basic form[statcode] parameter.

4.3
2018-09-02 CVE-2018-16349 Wuzhi CMS Project Cross-Site Scripting vulnerability in Wuzhi CMS Project Wuzhi CMS 4.1.0

WUZHI CMS 4.1.0 has XSS via the index.php?m=link&f=index&v=add form[remark] parameter.

4.3
2018-09-02 CVE-2018-16347 Gleezcms Cross-Site Scripting vulnerability in Gleezcms Gleez CMS 1.2.0

An issue was discovered in Gleez CMS v1.2.0.

4.3
2018-09-02 CVE-2018-16337 Chshcms Cross-Site Request Forgery (CSRF) vulnerability in Chshcms Cscms 4.1.8

An issue was discovered in Cscms V4.1.8.

4.3
2018-09-02 CVE-2018-16336 Exiv2
Canonical
Debian
Out-Of-Bounds Read vulnerability in multiple products

Exiv2::Internal::PngChunk::parseTXTChunk in Exiv2 v0.26 allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted image file, a different vulnerability than CVE-2018-10999.

4.3
2018-09-02 CVE-2018-16330 Ipandao Cross-Site Scripting vulnerability in Ipandao Editor.Md 1.5.0

Pandao Editor.md 1.5.0 allows XSS via crafted attributes of an invalid IMG element.

4.3
2018-09-01 CVE-2018-16325 GET Simple Cross-Site Scripting vulnerability in Get-Simple Getsimple CMS 3.4.0.9

There is XSS in GetSimple CMS 3.4.0.9 via the admin/edit.php title field.

4.3
2018-09-01 CVE-2018-16324 Icewarp Cross-Site Scripting vulnerability in Icewarp Mail Server

In IceWarp Server 12.0.3.1 and before, there is XSS in the /webmail/ username field.

4.3
2018-09-01 CVE-2018-16323 Imagemagick
Canonical
Information Exposure vulnerability in multiple products

ReadXBMImage in coders/xbm.c in ImageMagick before 7.0.8-9 leaves data uninitialized when processing an XBM file that has a negative pixel value.

4.3
2018-09-01 CVE-2018-16315 Bijiadao Cross-Site Request Forgery (CSRF) vulnerability in Bijiadao Waimai Super CMS 20150505

In waimai Super Cms 20150505, there is a CSRF vulnerability that can change the configuration via admin.php?m=Config&a=add.

4.3
2018-09-01 CVE-2018-16313 Bludit Cross-Site Scripting vulnerability in Bludit 2.3.4

Bludit 2.3.4 allows XSS via a user name.

4.3
2018-09-01 CVE-2018-15161 Libesedb Project Out-Of-Bounds Read vulnerability in Libesedb Project Libesedb 20180401

** DISPUTED ** The libesedb_key_append_data function in libesedb_key.c in libesedb through 2018-04-01 allows remote attackers to cause a heap-based buffer over-read via a crafted esedb file.

4.3
2018-09-01 CVE-2018-15160 Libesedb Project Out-Of-Bounds Read vulnerability in Libesedb Project Libesedb 20180401

** DISPUTED ** The libesedb_catalog_definition_read function in libesedb_catalog_definition.c in libesedb through 2018-04-01 allows remote attackers to cause a heap-based buffer over-read via a crafted esedb file.

4.3
2018-09-01 CVE-2018-15159 Libesedb Project Out-Of-Bounds Read vulnerability in Libesedb Project Libesedb 20180401

** DISPUTED ** The libesedb_page_read_tags function in libesedb_page.c in libesedb through 2018-04-01 allows remote attackers to cause a heap-based buffer over-read via a crafted esedb file.

4.3
2018-09-01 CVE-2018-15158 Libesedb Project Out-Of-Bounds Read vulnerability in Libesedb Project Libesedb 20180401

** DISPUTED ** The libesedb_page_read_values function in libesedb_page.c in libesedb through 2018-04-01 allows remote attackers to cause a heap-based buffer over-read via a crafted esedb file.

4.3
2018-09-01 CVE-2018-15157 Libfsclfs Project Out-Of-Bounds Read vulnerability in Libfsclfs Project Libfsclfs 20170206

** DISPUTED ** The libfsclfs_block_read function in libfsclfs_block.c in libfsclfs before 2018-07-25 allows remote attackers to cause a heap-based buffer over-read via a crafted clfs file.

4.3
2018-08-31 CVE-2018-16298 1234N Cross-Site Scripting vulnerability in 1234N Minicms 1.10

An issue was discovered in MiniCMS 1.10.

4.3
2018-08-31 CVE-2018-11057 EMC USE of A Broken OR Risky Cryptographic Algorithm vulnerability in EMC RSA Bsafe

RSA BSAFE Micro Edition Suite, versions prior to 4.0.11 (in 4.0.x) and prior to 4.1.6.1 (in 4.1.x) contains a Covert Timing Channel vulnerability during RSA decryption, also known as a Bleichenbacher attack on RSA decryption.

4.3
2018-08-30 CVE-2018-16236 Cpanel Cross-Site Scripting vulnerability in Cpanel

cPanel through 74 allows XSS via a crafted filename in the logs subdirectory of a user account, because the filename is mishandled during frontend/THEME/raw/index.html rendering.

4.3
2018-08-30 CVE-2018-16234 Morningstarsecurity Cross-Site Scripting vulnerability in Morningstarsecurity Whatweb 0.4.9

MorningStar WhatWeb 0.4.9 has XSS via JSON report files.

4.3
2018-08-30 CVE-2018-16233 1234N Cross-Site Scripting vulnerability in 1234N Minicms 1.10

MiniCMS V1.10 has XSS via the mc-admin/post-edit.php tags parameter.

4.3
2018-08-30 CVE-2018-14899 Epson Cross-Site Scripting vulnerability in Epson Wf-2750 Firmware Jp02L2

On the EPSON WF-2750 printer with firmware JP02I2, the Web interface AirPrint Setup page is vulnerable to HTML Injection that can redirect users to malicious sites.

4.3
2018-08-30 CVE-2018-13825 Broadcom
CA
Cross-Site Scripting vulnerability in multiple products

Insufficient input validation in the gridExcelExport functionality, in CA PPM 14.3 and below, 14.4, 15.1, 15.2 CP5 and below, and 15.3 CP2 and below, allows remote attackers to execute reflected cross-site scripting attacks.

4.3
2018-08-30 CVE-2018-16142 Phpok Cross-Site Scripting vulnerability in PHPok 4.8.278

PHPOK 4.8.278 has a Reflected XSS vulnerability in framework/www/login_control.php via the _back parameter to the ok_f function.

4.3
2018-08-29 CVE-2018-16134 Cybrotech Cross-Site Scripting vulnerability in Cybrotech Cybrohttpserver 1.0.3

Cybrotech CyBroHttpServer 1.0.3 allows XSS via a URI.

4.3
2018-08-29 CVE-2018-7795 Schneider Electric Cross-Site Scripting vulnerability in Schneider-Electric Powerlogic Pm5560 Firmware

A Cross Protocol Injection vulnerability exists in Schneider Electric's PowerLogic (PM5560 prior to FW version 2.5.4) product.

4.3
2018-08-29 CVE-2018-12240 Symantec USE of Hard-Coded Credentials vulnerability in Symantec Norton Identity Safe

The Norton Identity Safe product prior to 5.3.0.976 may be susceptible to a privilege escalation issue via a hard coded IV, which is a type of vulnerability that can potentially increase the likelihood of encrypted data being recovered without adequate credentials.

4.3
2018-08-29 CVE-2018-15562 Isweb Cross-Site Scripting vulnerability in Isweb 3.5.3

CMS ISWEB 3.5.3 has XSS via the ordineRis, sezioneRicerca, or oggettiRicerca parameter to index.php.

4.3
2018-08-29 CVE-2018-12824 Adobe
Apple
Microsoft
Google
Linux
Redhat
Out-Of-Bounds Read vulnerability in multiple products

Adobe Flash Player 30.0.0.134 and earlier have an out-of-bounds read vulnerability.

4.3
2018-08-29 CVE-2018-12806 Adobe Cross-Site Scripting vulnerability in Adobe Experience Manager

Adobe Experience Manager versions 6.4, 6.3, 6.2, 6.1, and 6.0 have a reflected cross-site scripting vulnerability.

4.3
2018-08-29 CVE-2018-16062 Elfutils Project
Debian
Out-Of-Bounds Read vulnerability in multiple products

dwarf_getaranges in dwarf_getaranges.c in libdw in elfutils before 2018-08-18 allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted file.

4.3
2018-08-28 CVE-2017-15429 Google
Debian
Redhat
Cross-Site Scripting vulnerability in Google Chrome

Inappropriate implementation in V8 WebAssembly JS bindings in Google Chrome prior to 63.0.3239.108 allowed a remote attacker to inject arbitrary scripts or HTML (UXSS) via a crafted HTML page.

4.3
2018-08-28 CVE-2017-15396 Google
Redhat
Debian
ICU Project
Buffer Errors vulnerability in Google Chrome

A stack buffer overflow in NumberingSystem in International Components for Unicode (ICU) for C/C++ before 60.2, as used in V8 in Google Chrome prior to 62.0.3202.75 and other products, allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

4.3
2018-08-28 CVE-2018-6643 Infoblox Cross-Site Scripting vulnerability in Infoblox Netmri 7.1.1

Infoblox NetMRI 7.1.1 has Reflected Cross-Site Scripting via the /api/docs/index.php query parameter.

4.3
2018-08-28 CVE-2018-15740 Manageengine Cross-Site Scripting vulnerability in Manageengine Admanager Plus 6.5.7

Zoho ManageEngine ADManager Plus 6.5.7 has XSS on the "Workflow Delegation" "Requester Roles" screen.

4.3
2018-08-28 CVE-2018-15608 Manageengine Cross-Site Scripting vulnerability in Manageengine Admanager Plus 6.5.7

Zoho ManageEngine ADManager Plus 6.5.7 allows HTML Injection on the "AD Delegation" "Help Desk Technicians" screen.

4.3
2018-08-28 CVE-2018-15596 Mybb Cross-Site Scripting vulnerability in Mybb 1.8.17

An issue was discovered in inc/class_feedgeneration.php in MyBB 1.8.17.

4.3
2018-08-28 CVE-2017-15430 Google Unspecified vulnerability in Google Chrome

Insufficient data validation in Chromecast plugin in Google Chrome prior to 63.0.3239.84 allowed a remote attacker to inject arbitrary scripts or HTML (UXSS) via a crafted HTML page.

4.3
2018-08-28 CVE-2017-15427 Google
Redhat
Debian
Cross-Site Scripting vulnerability in Google Chrome

Insufficient policy enforcement in Omnibox in Google Chrome prior to 63.0.3239.84 allowed a socially engineered user to XSS themselves by dragging and dropping a javascript: URL into the URL bar.

4.3
2018-08-28 CVE-2017-15426 Google
Debian
Redhat
Improper Input Validation vulnerability in Google Chrome

Insufficient policy enforcement in Omnibox in Google Chrome prior to 63.0.3239.84 allowed a remote attacker to perform domain spoofing via IDN homographs in a crafted domain name.

4.3
2018-08-28 CVE-2017-15425 Google
Redhat
Debian
Improper Input Validation vulnerability in Google Chrome

Insufficient policy enforcement in Omnibox in Google Chrome prior to 63.0.3239.84 allowed a remote attacker to perform domain spoofing via IDN homographs in a crafted domain name.

4.3
2018-08-28 CVE-2017-15424 Google
Redhat
Debian
Improper Input Validation vulnerability in Google Chrome

Insufficient policy enforcement in Omnibox in Google Chrome prior to 63.0.3239.84 allowed a remote attacker to perform domain spoofing via IDN homographs in a crafted domain name.

4.3
2018-08-28 CVE-2017-15422 Google
ICU Project
Debian
Canonical
Redhat
Integer Overflow OR Wraparound vulnerability in Google Chrome

Integer overflow in international date handling in International Components for Unicode (ICU) for C/C++ before 60.1, as used in V8 in Google Chrome prior to 63.0.3239.84 and other products, allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page.

4.3
2018-08-28 CVE-2017-15420 Google
Redhat
Debian
Improper Input Validation vulnerability in Google Chrome

Incorrect handling of back navigations in error pages in Navigation in Google Chrome prior to 63.0.3239.84 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.

4.3
2018-08-28 CVE-2017-15419 Redhat
Debian
Google
Open Redirect vulnerability in multiple products

Insufficient policy enforcement in Resource Timing API in Google Chrome prior to 63.0.3239.84 allowed a remote attacker to infer browsing history by triggering a leaked cross-origin URL via a crafted HTML page.

4.3
2018-08-28 CVE-2017-15418 Google
Redhat
Debian
Buffer Errors vulnerability in Google Chrome

Use of uninitialized memory in Skia in Google Chrome prior to 63.0.3239.84 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.

4.3
2018-08-28 CVE-2017-15416 Redhat
Debian
Google
Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in multiple products

Heap buffer overflow in Blob API in Google Chrome prior to 63.0.3239.84 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page, aka a Blink out-of-bounds read.

4.3
2018-08-28 CVE-2017-15415 Debian
Redhat
Google
Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in multiple products

Incorrect serialization in IPC in Google Chrome prior to 63.0.3239.84 allowed a remote attacker to leak the value of a pointer via a crafted HTML page.

4.3
2018-08-28 CVE-2014-4932 Wordfence Cross-Site Scripting vulnerability in Wordfence Security

Cross-site scripting (XSS) vulnerability in the Wordfence Security plugin before 5.1.5 for WordPress allows remote attackers to inject arbitrary web script or HTML via the val parameter to whois.php.

4.3
2018-08-28 CVE-2018-13395 Atlassian Cross-Site Scripting vulnerability in Atlassian Jira

Various resources in Atlassian Jira before version 7.6.8, from version 7.7.0 before version 7.7.5, from version 7.8.0 before version 7.8.5, from version 7.9.0 before version 7.9.3, from version 7.10.0 before version 7.10.3 and before version 7.11.1 allow remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability in the epic colour field of an issue while an issue is being moved.

4.3
2018-08-27 CVE-2018-3927 Samsung Improper Certificate Validation vulnerability in Samsung Sth-Eth-250 Firmware 0.20.17

An exploitable information disclosure vulnerability exists in the crash handler of the hubCore binary of the Samsung SmartThings Hub STH-ETH-250 - Firmware version 0.20.17.

4.3
2018-08-27 CVE-2018-15699 Asustor Cross-Site Scripting vulnerability in Asustor Data Master

ASUSTOR Data Master 3.1.5 and below makes an HTTP request for a configuration file that is vulnerable to XSS.

4.3
2018-08-27 CVE-2018-0715 Qnap Cross-Site Scripting vulnerability in Qnap Photo Station

Cross-site scripting vulnerability in QNAP Photo Station versions 5.7.0 and earlier could allow remote attackers to inject Javascript code in the compromised application.

4.3
2018-08-27 CVE-2018-15899 1234N Cross-Site Scripting vulnerability in 1234N Minicms 1.10

An issue was discovered in MiniCMS 1.10.

4.3
2018-08-31 CVE-2018-11056 EMC Resource Exhaustion vulnerability in EMC RSA Bsafe and RSA Bsafe Crypto-C

RSA BSAFE Micro Edition Suite, prior to 4.1.6.1 (in 4.1.x), and RSA BSAFE Crypto-C Micro Edition versions prior to 4.0.5.3 (in 4.0.x) contain an Uncontrolled Resource Consumption ('Resource Exhaustion') vulnerability when parsing ASN.1 data.

4.0
2018-08-30 CVE-2018-16237 Damicms Path Traversal vulnerability in Damicms 6.0.1

An issue was discovered in damiCMS V6.0.1.

4.0
2018-08-30 CVE-2018-11719 Xovis XXE vulnerability in Xovis PC2 Firmware, Pc2R Firmware and PC3 Firmware

Xovis PC2, PC2R, and PC3 devices through 3.6.0 allow XXE.

4.0
2018-08-30 CVE-2016-0373 IBM Improper Authorization vulnerability in IBM Urbancode Deploy

IBM UrbanCode Deploy 6.0 through 6.2.2.1 could allow an authenticated user to read sensitive information due to UCD REST endpoints not properly authorizing users when determining who can read data.

4.0
2018-08-29 CVE-2018-8004 Apache
Debian
Http Request Smuggling vulnerability in multiple products

There are multiple HTTP smuggling and cache poisoning issues when clients making malicious requests interact with Apache Traffic Server (ATS).

4.0
2018-08-28 CVE-2018-15897 Website Seller Script Project Buffer Errors vulnerability in Website Seller Script Project Website Seller Script 2.0.5

PHP Scripts Mall Website Seller Script 2.0.5 allows remote attackers to cause a denial of service via crafted JavaScript code in the First Name, Last Name, Company Name, or Fax field, as demonstrated by crossPwn.

4.0
2018-08-28 CVE-2018-1705 IBM Information Exposure vulnerability in IBM Platform Symphony and Spectrum Symphony

IBM Platform Symphony 7.1 Fix Pack 1 and 7.1.1 and IBM Spectrum Symphony 7.1.2 and 7.2.0.2 contain an information disclosure vulnerability that could allow an authenticated attacker to obtain highly sensitive information.

4.0
2018-08-27 CVE-2018-1644 IBM Information Exposure vulnerability in IBM Websphere Commerce

IBM WebSphere Commerce Enterprise, Professional, Express, and Developer 9.0.0.0 - 9.0.0.4, 8.0.0.0 - 8.0.0.19, 8.0.1.0 - 8.0.1.13, 8.0.3.0 - 8.0.3.6, 8.0.4.0 - 8.0.4.14, and 7.0.0.0 Feature Pack 8 could allow an authenticated user to obtain sensitive information about another user.

4.0
2018-08-27 CVE-2018-15697 Asustor Information Exposure vulnerability in Asustor Data Master

ASUSTOR Data Master 3.1.5 and below allows authenticated remote non-administrative users to read any file on a share by providing the full path.

4.0
2018-08-27 CVE-2018-15696 Asustor Information Exposure vulnerability in Asustor Data Master

ASUSTOR Data Master 3.1.5 and below allows authenticated remote non-administrative users to enumerate all user accounts via user.cgi.

4.0

18 Low Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2018-09-02 CVE-2018-16358 Dotclear Cross-Site Scripting vulnerability in Dotclear

A cross-site scripting (XSS) vulnerability in inc/core/class.dc.core.php in the media manager in Dotclear through 2.14.1 allows remote authenticated users to upload HTML content containing an XSS payload with the file extension .ahtml.

3.5
2018-09-02 CVE-2018-16348 Seacms Cross-Site Scripting vulnerability in Seacms 6.61

SeaCMS V6.61 has XSS via the admin_video.php v_content parameter, related to the site name.

3.5
2018-09-02 CVE-2018-16346 Chemcms Project Cross-Site Scripting vulnerability in Chemcms Project Chemcms 1.0.6

ChemCMS 1.0.6 has XSS via the "setting -> website information" field.

3.5
2018-09-02 CVE-2018-16342 Showdoc Cross-Site Scripting vulnerability in Showdoc 1.8.0

ShowDoc v1.8.0 has XSS via a new page.

3.5
2018-09-01 CVE-2018-16327 Intelliants Cross-Site Scripting vulnerability in Intelliants Subrion 4.2.1

There is Stored XSS in Subrion 4.2.1 via the admin panel URL configuration.

3.5
2018-09-01 CVE-2018-16316 Portainer Cross-Site Scripting vulnerability in Portainer

A stored Cross-site scripting (XSS) vulnerability in Portainer through 1.19.1 allows remote authenticated users to inject arbitrary JavaScript and/or HTML via the Team Name field.

3.5
2018-08-29 CVE-2018-15880 Joomla Cross-Site Scripting vulnerability in Joomla Joomla!

An issue was discovered in Joomla! before 3.8.12.

3.5
2018-08-28 CVE-2018-15896 Website Seller Script Project Cross-Site Scripting vulnerability in Website Seller Script Project Website Seller Script 2.0.5

PHP Scripts Mall Website Seller Script 2.0.5 has XSS via Personal Address or Company Name.

3.5
2018-08-29 CVE-2018-12710 D Link Cleartext Transmission of Sensitive Information vulnerability in D-Link Dir-601 Firmware 2.02Na

An issue was discovered on D-Link DIR-601 2.02NA devices.

2.7
2018-08-28 CVE-2017-15417 Google
Redhat
Debian
Buffer Errors vulnerability in Google Chrome

Inappropriate implementation in Skia canvas composite operations in Google Chrome prior to 63.0.3239.84 allowed a remote attacker to leak cross-origin data via a crafted HTML page.

2.6
2018-08-31 CVE-2018-11055 EMC Improper Resource Shutdown OR Release vulnerability in EMC RSA Bsafe

RSA BSAFE Micro Edition Suite, versions prior to 4.0.11 (in 4.0.x) and prior to 4.1.6.1 (in 4.1.x), contains an Improper Clearing of Heap Memory Before Release ('Heap Inspection') vulnerability.

2.1
2018-08-30 CVE-2016-0234 IBM Insufficient Session Expiration vulnerability in IBM Openpages GRC Platform

IBM OpenPages GRC Platform 7.1, 7.2, and 7.3 could allow a local user to obtain sensitive information when a previous user has logged out of the system but neglected to close their browser.

2.1
2018-08-30 CVE-2016-0205 IBM Information Exposure vulnerability in IBM Cloud Orchestrator

A vulnerability has been identified in IBM Cloud Orchestrator 2.3, 2.3.0.1, 2.4, and 2.4.0.1 that could allow an attacker after authentication to enumerate valid users of the system.

2.1
2018-08-29 CVE-2018-6599 Orbic Information Exposure Through LOG Files vulnerability in Orbic Wonder Rc555L Firmware 7.1/7.1.2

An issue was discovered on Orbic Wonder Orbic/RC555L/RC555L:7.1.2/N2G47H/329100b:user/release-keys devices, allowing attackers to obtain sensitive information (such as text-message content) by reading a copy of the Android log on the SD card.

2.1
2018-08-29 CVE-2018-15746 Qemu Unspecified vulnerability in Qemu

qemu-seccomp.c in QEMU might allow local OS guest users to cause a denial of service (guest crash) by leveraging mishandling of the seccomp policy for threads other than the main thread.

2.1
2018-08-31 CVE-2018-6259 Nvidia Information Exposure vulnerability in Nvidia Geforce Experience

NVIDIA GeForce Experience all versions prior to 3.14.1 contains a potential vulnerability when GameStream is enabled, an attacker has system access, and certain system features are enabled, where limited information disclosure may be possible.

1.9
2018-08-31 CVE-2018-6258 Nvidia Unspecified vulnerability in Nvidia Geforce Experience

NVIDIA GeForce Experience all versions prior to 3.14.1 contains a potential vulnerability during GameStream installation where an attacker who has system access can potentially conduct a Man-in-the-Middle (MitM) attack to obtain sensitive information.

1.9
2018-08-30 CVE-2018-15364 Trendmicro Information Exposure vulnerability in Trendmicro Officescan XG 12.0

A Named Pipe Request Processing Out-of-Bounds Read Information Disclosure vulnerability in Trend Micro OfficeScan XG (12.0) could allow a local attacker to disclose sensitive information on vulnerable installations.

1.9