Weekly Vulnerabilities Reports > September 3 to 9, 2018

Overview

266 new vulnerabilities reported during this period, including 17 critical vulnerabilities and 33 high severity vulnerabilities. This weekly summary report vulnerabilities in 235 products from 141 vendors including Debian, Canonical, Redhat, Opensc Project, and Artifex. Vulnerabilities are notably categorized as "Cross-site Scripting", "Improper Restriction of Operations within the Bounds of a Memory Buffer", "Cross-Site Request Forgery (CSRF)", "Improper Input Validation", and "Path Traversal".

  • 228 reported vulnerabilities are remotely exploitables.
  • 12 reported vulnerabilities have public exploit available.
  • 93 reported vulnerabilities are related to weaknesses in OWASP Top Ten.
  • 213 reported vulnerabilities are exploitable by an anonymous user.
  • Debian has the most reported vulnerabilities, with 37 reported vulnerabilities.
  • Opsview has the most reported critical vulnerabilities, with 3 reported vulnerabilities.

TOTAL
VULNERABILITIES
CRITICAL RISK
VULNERABILITIES
HIGH RISK
VULNERABILITIES
MEDIUM RISK
VULNERABILITIES
LOW RISK
VULNERABILITIES
REMOTELY
EXPLOITABLE
LOCALLY
EXPLOITABLE
EXPLOIT
AVAILABLE
EXPLOITABLE
ANONYMOUSLY
AFFECTING
WEB APPLICATION

Vulnerability Details

The following table list reported vulnerabilities for the period covered by this report:

Expand/Hide

17 Critical Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2018-09-07 CVE-2018-15484 Kone OS Command Injection vulnerability in Kone Group Controller Firmware

An issue was discovered on KONE Group Controller (KGC) devices before 4.6.5.

10.0
2018-09-06 CVE-2018-16590 Furuno Improper Authentication vulnerability in Furuno Felcom 250 Firmware and Felcom 500 Firmware

FURUNO FELCOM 250 and 500 devices use only client-side JavaScript in login.js for authentication.

10.0
2018-09-06 CVE-2018-1000666 Openvcloud Project
GIG
OS Command Injection vulnerability in multiple products

GIG Technology NV JumpScale Portal 7 version before commit 15443122ed2b1cbfd7bdefc048bf106f075becdb contains a CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in method: notifySpaceModification; that can result in Improper validation of parameters results in command execution.

10.0
2018-09-05 CVE-2018-16144 Opsview OS Command Injection vulnerability in Opsview

The test connection functionality in the NetAudit section of Opsview Monitor before 5.3.1 and 5.4.x before 5.4.2 is vulnerable to command injection due to improper sanitization of the rancid_password parameter.

10.0
2018-09-05 CVE-2015-9266 Ubnt Path Traversal vulnerability in Ubnt products

The web management interface of Ubiquiti airMAX, airFiber, airGateway and EdgeSwitch XP (formerly TOUGHSwitch) allows an unauthenticated attacker to upload and write arbitrary files using directory traversal techniques.

10.0
2018-09-05 CVE-2018-14618 Haxx
Canonical
Debian
Redhat
Integer Overflow OR Wraparound vulnerability in multiple products

curl before version 7.61.1 is vulnerable to a buffer overrun in the NTLM authentication code.

10.0
2018-09-07 CVE-2018-0649 Eset Untrusted Search Path vulnerability in Eset products

Untrusted search path vulnerability in the installers of multiple Canon IT Solutions Inc.

9.3
2018-09-05 CVE-2018-16145 Opsview Incorrect Permission Assignment FOR Critical Resource vulnerability in Opsview

The /etc/init.d/opsview-reporting-module script that runs at boot time in Opsview Monitor before 5.3.1 and 5.4.x before 5.4.2 invokes a file that can be edited by the nagios user, and would allow attackers to elevate their privileges to root after a system restart, hence obtaining full control of the appliance.

9.3
2018-09-05 CVE-2018-16509 Debian
Artifex
Canonical
Redhat
An issue was discovered in Artifex Ghostscript before 9.24.
9.3
2018-09-04 CVE-2018-7937 Huawei Unspecified vulnerability in Huawei Hirouter-Cd20 Firmware and Ws5200-10 Firmware

In Huawei HiRouter-CD20-10 with the versions before 1.9.6 and WS5200-10 with the versions before 1.9.6, there is a plug-in signature bypass vulnerability due to insufficient plug-in verification.

9.3
2018-09-07 CVE-2016-9044 Informationbuilders Command Injection vulnerability in Informationbuilders Webfocus 8.1

An exploitable command execution vulnerability exists in Information Builders WebFOCUS Business Intelligence Portal 8.1 .

9.0
2018-09-07 CVE-2018-0663 Iodata USE of Hard-Coded Credentials vulnerability in Iodata products

Multiple I-O DATA network camera products (TS-WRLP firmware Ver.1.09.04 and earlier, TS-WRLA firmware Ver.1.09.04 and earlier, TS-WRLP/E firmware Ver.1.09.04 and earlier) use hardcoded credentials which may allow an remote authenticated attacker to execute arbitrary OS commands on the device via unspecified vector.

9.0
2018-09-07 CVE-2018-16651 Phpmyfaq Unspecified vulnerability in PHPmyfaq

The admin backend in phpMyFAQ before 2.9.11 allows CSV injection in reports.

9.0
2018-09-05 CVE-2018-16146 Opsview OS Command Injection vulnerability in Opsview 5.4.0/5.4.1

The web management console of Opsview Monitor 5.4.x before 5.4.2 provides functionality accessible by an authenticated administrator to test notifications that are triggered under certain configurable events.

9.0
2018-09-05 CVE-2018-14771 Vivotek Unspecified vulnerability in Vivotek Camera

VIVOTEK FD8177 devices before XXXXXX-VVTK-xx06a allow remote attackers to execute arbitrary code (issue 2 of 2) via eventscript.cgi.

9.0
2018-09-05 CVE-2018-14770 Vivotek Unspecified vulnerability in Vivotek Camera

VIVOTEK FD8177 devices before XXXXXX-VVTK-xx06a allow remote attackers to execute arbitrary code (issue 1 of 2) via the ONVIF interface, (/onvif/device_service).

9.0
2018-09-03 CVE-2018-16408 D Link OS Command Injection vulnerability in D-Link Dir-846 Firmware 100.26

D-Link DIR-846 devices with firmware 100.26 allow remote attackers to execute arbitrary code as root via a SetNetworkTomographySettings request by leveraging admin access.

9.0

33 High Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2018-09-07 CVE-2018-0661 Iodata Unspecified vulnerability in Iodata products

Multiple I-O DATA network camera products (TS-WRLP firmware Ver.1.09.04 and earlier, TS-WRLA firmware Ver.1.09.04 and earlier, TS-WRLP/E firmware Ver.1.09.04 and earlier) allow an attacker on the same network segment to bypass access restriction to add files on a specific directory that may result in executing arbitrary OS commands/code or information including credentials leakage or alteration.

8.3
2018-09-07 CVE-2018-15483 Kone Improper Input Validation vulnerability in Kone Group Controller Firmware

An issue was discovered on KONE Group Controller (KGC) devices before 4.6.5.

7.8
2018-09-06 CVE-2018-5391 Linux
Redhat
Debian
Canonical
Improper Input Validation vulnerability in Linux Kernel

The Linux kernel, versions 3.9+, is vulnerable to a denial of service attack with low rates of specially modified packets targeting IP fragment re-assembly.

7.8
2018-09-04 CVE-2018-6923 Freebsd Resource Exhaustion vulnerability in Freebsd

In FreeBSD before 11.1-STABLE, 11.2-RELEASE-p2, 11.1-RELEASE-p13, ip fragment reassembly code is vulnerable to a denial of service due to excessive system resource consumption.

7.8
2018-09-09 CVE-2018-16763 Thedaylightstudio Injection vulnerability in Thedaylightstudio Fuel CMS

FUEL CMS 1.4.1 allows PHP Code Evaluation via the pages/select/ filter parameter or the preview/ data parameter.

7.5
2018-09-09 CVE-2018-16762 Thedaylightstudio SQL Injection vulnerability in Thedaylightstudio Fuel CMS

FUEL CMS 1.4.1 allows SQL Injection via the layout, published, or search_term parameter to pages/items.

7.5
2018-09-08 CVE-2018-16731 Chshcms Unrestricted Upload of File With Dangerous Type vulnerability in Chshcms Cscms 4.1

CScms 4.1 allows arbitrary file upload by (for example) adding the php extension to the default filetype list (gif, jpg, png), and then providing a .php pathname within fileurl JSON data.

7.5
2018-09-08 CVE-2018-16724 Baijiacms Project SQL Injection vulnerability in Baijiacms Project Baijiacms 4.0

An issue is discovered in baijiacms V4.

7.5
2018-09-07 CVE-2018-16709 Fujixerox Unspecified vulnerability in Fujixerox products

Fuji Xerox DocuCentre-V 3065, ApeosPort-VI C3371, ApeosPort-V C4475, ApeosPort-V C3375, DocuCentre-VI C2271, ApeosPort-V C5576, DocuCentre-IV C2263, DocuCentre-V C2263, and ApeosPort-V 5070 devices allow remote attackers to read or write to files via crafted PJL commands.

7.5
2018-09-07 CVE-2018-16460 Umbraengineering OS Command Injection vulnerability in Umbraengineering PS 0.0.1/0.0.2

A command Injection in ps package versions <1.0.0 for Node.js allowed arbitrary commands to be executed when attacker controls the PID.

7.5
2018-09-07 CVE-2018-1567 IBM Deserialization of Untrusted Data vulnerability in IBM Websphere Application Server

IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 could allow remote attackers to execute arbitrary Java code through the SOAP connector with a serialized object from untrusted sources.

7.5
2018-09-07 CVE-2018-16657 Debian
Kamailio
Null Pointer Dereference vulnerability in multiple products

In Kamailio before 5.0.7 and 5.1.x before 5.1.4, a crafted SIP message with an invalid Via header causes a segmentation fault and crashes Kamailio.

7.5
2018-09-07 CVE-2018-0645 BIT Part Unrestricted Upload of File With Dangerous Type vulnerability in Bit-Part Mtappjquery

MTAppjQuery 1.8.1 and earlier allows remote PHP code execution via unspecified vectors.

7.5
2018-09-06 CVE-2018-6320 Pulsesecure Improper Input Validation vulnerability in Pulsesecure Pulse Connect Secure and Pulse Policy Secure

A vulnerability has been discovered in login.cgi in Pulse Secure Pulse Connect Secure (PCS) 8.1RX before 8.1R12 and 8.3RX before 8.3R2 and Pulse Policy Secure (PPS) 5.2RX before 5.2R9 and 5.4RX before 5.4R2 wherein an http(s) Host header received from the browser is trusted without validation.

7.5
2018-09-06 CVE-2018-1000800 Zephyrproject Null Pointer Dereference vulnerability in Zephyrproject Zephyr 1.12.0

zephyr-rtos version 1.12.0 contains a NULL base pointer reference vulnerability in sys_ring_buf_put(), sys_ring_buf_get() that can result in CPU Page Fault (error code 0x00000010).

7.5
2018-09-05 CVE-2016-1000030 Suse
Pidgin
Improper Certificate Validation vulnerability in multiple products

Pidgin version <2.11.0 contains a vulnerability in X.509 Certificates imports specifically due to improper check of return values from gnutls_x509_crt_init() and gnutls_x509_crt_import() that can result in code execution.

7.5
2018-09-05 CVE-2018-16521 Openmrs XXE vulnerability in Openmrs Html Form Entry and Reference Application

An XML External Entity (XXE) vulnerability exists in HTML Form Entry 3.7.0, as distributed in OpenMRS Reference Application 2.8.0.

7.5
2018-09-05 CVE-2018-16518 Primx Path Traversal vulnerability in Primx Zed! and Zed! Free

A directory traversal vulnerability with remote code execution in Prim'X Zed! FREE through 1.0 build 186 and Zed! Limited Edition through 6.1 build 2208 allows creation of arbitrary files on a user's workstation using crafted ZED! containers because the watermark loading function can place an executable file into a Startup folder.

7.5
2018-09-05 CVE-2018-13259 Canonical
ZSH
Improper Input Validation vulnerability in multiple products

An issue was discovered in zsh before 5.6.

7.5
2018-09-05 CVE-2018-0502 Canonical
ZSH
Improper Input Validation vulnerability in multiple products

An issue was discovered in zsh before 5.6.

7.5
2018-09-04 CVE-2018-0664 Nomachine Improper Input Validation vulnerability in Nomachine 5.0.63

A vulnerability in NoMachine App for Android 5.0.63 and earlier allows attackers to alter environment variables via unspecified vectors.

7.5
2018-09-04 CVE-2018-16445 Seacms SQL Injection vulnerability in Seacms

An issue was discovered in SeaCMS through 6.61.

7.5
2018-09-04 CVE-2018-16432 Bluecms Project SQL Injection vulnerability in Bluecms Project Bluecms 1.6

BlueCMS 1.6 allows SQL Injection via the user_name parameter to uploads/user.php?act=index_login.

7.5
2018-09-04 CVE-2018-16428 Gnome
Canonical
Null Pointer Dereference vulnerability in multiple products

In GNOME GLib 2.56.1, g_markup_parse_context_end_parse() in gmarkup.c has a NULL pointer dereference.

7.5
2018-09-03 CVE-2018-16402 Elfutils Project Double Free vulnerability in Elfutils Project Elfutils 0.173

libelf/elf_end.c in elfutils 0.173 allows remote attackers to cause a denial of service (double free and application crash) or possibly have unspecified other impact because it tries to decompress twice.

7.5
2018-09-03 CVE-2018-16385 Thinkphp SQL Injection vulnerability in Thinkphp

ThinkPHP before 5.1.23 allows SQL Injection via the public/index/index/test/index query string.

7.5
2018-09-03 CVE-2018-16370 Pescms Unrestricted Upload of File With Dangerous Type vulnerability in Pescms Team 2.2.1

In PESCMS Team 2.2.1, attackers may upload and execute arbitrary PHP code through /Public/?g=Team&m=Setting&a=upgrade by placing a .php file in a ZIP archive.

7.5
2018-09-07 CVE-2018-0643 Canonical
Orcamo
OS Command Injection vulnerability in multiple products

Ubuntu14.04 ORCA (Online Receipt Computer Advantage) 4.8.0 (panda-server) 1:1.4.9+p41-u4jma1 and earlier allows attacker with administrator rights to execute arbitrary OS commands via unspecified vectors.

7.4
2018-09-07 CVE-2018-4010 Protonvpn OS Command Injection vulnerability in Protonvpn 1.5.1

An exploitable code execution vulnerability exists in the connect functionality of ProtonVPN VPN client 1.5.1.

7.2
2018-09-07 CVE-2018-3952 Nordvpn OS Command Injection vulnerability in Nordvpn 6.14.28.0

An exploitable code execution vulnerability exists in the connect functionality of NordVPN 6.14.28.0.

7.2
2018-09-07 CVE-2018-0662 Iodata Unspecified vulnerability in Iodata products

Multiple I-O DATA network camera products (TS-WRLP firmware Ver.1.09.04 and earlier, TS-WRLA firmware Ver.1.09.04 and earlier, TS-WRLP/E firmware Ver.1.09.04 and earlier) allow an attacker on the same network segment to add malicious files on the device and execute arbitrary code.

7.2
2018-09-04 CVE-2018-6555 Linux
Canonical
Debian
USE After Free vulnerability in Linux Kernel

The irda_setsockopt function in net/irda/af_irda.c and later in drivers/staging/irda/net/af_irda.c in the Linux kernel before 4.17 allows local users to cause a denial of service (ias_object use-after-free and system crash) or possibly have unspecified other impact via an AF_IRDA socket.

7.2
2018-09-04 CVE-2018-11262 Google Incorrect Calculation vulnerability in Google Android

In Android for MSM, Firefox OS for MSM, and QRD Android with all Android releases from CAF using the Linux kernel while trying to find out total number of partition via a non zero check, there could be possibility where the 'TotalPart' could cross 'GptHeader->MaxPtCnt' and which could result in OOB write in patching GPT.

7.2

195 Medium Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2018-09-08 CVE-2018-16732 Chshcms Cross-Site Request Forgery (CSRF) vulnerability in Chshcms Cscms 4.1

\upload\plugins\sys\admin\Setting.php in CScms 4.1 allows CSRF via admin.php/setting/ftp_save.

6.8
2018-09-07 CVE-2018-15474 Dokuwiki Unspecified vulnerability in Dokuwiki

** DISPUTED ** CSV Injection (aka Excel Macro Injection or Formula Injection) in /lib/plugins/usermanager/admin.php in DokuWiki 2018-04-22a and earlier allows remote attackers to exfiltrate sensitive data and to execute arbitrary code via a value that is mishandled in a CSV export.

6.8
2018-09-07 CVE-2017-2795 Marklogic Buffer Errors vulnerability in Marklogic 8.06

An exploitable heap corruption vulnerability exists in the Txo functionality of Antenna House DMC HTMLFilter as used by MarkLogic 8.0-6.

6.8
2018-09-07 CVE-2017-2792 Marklogic Buffer Errors vulnerability in Marklogic 8.06

An exploitable heap corruption vulnerability exists in the iBldDirInfo functionality of Antenna House DMC HTMLFilter used by MarkLogic 8.0-6.

6.8
2018-09-07 CVE-2018-0648 Chatwork Untrusted Search Path vulnerability in Chatwork 2.3.0

Untrusted search path vulnerability in installer of ChatWork Desktop App for Windows 2.3.0 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.

6.8
2018-09-07 CVE-2018-0647 Asus Cross-Site Request Forgery (CSRF) vulnerability in Asus Wl-330Nul Firmware 3.0.0.41

Cross-site request forgery (CSRF) vulnerability in WL-330NUL Firmware version prior to 3.0.0.46 allows remote attackers to hijack the authentication of administrators via unspecified vectors.

6.8
2018-09-07 CVE-2018-0624 Yayoi KK Untrusted Search Path vulnerability in Yayoi-Kk products

Untrusted search path vulnerability in Multiple Yayoi 17 Series products (Yayoi Kaikei 17 Series Ver.23.1.1 and earlier, Yayoi Aoiro Shinkoku 17 Ver.23.1.1 and earlier, Yayoi Kyuuyo 17 Ver.20.1.4 and earlier, Yayoi Kyuuyo Keisan 17 Ver.20.1.4 and earlier, Yayoi Hanbai 17 Series Ver.20.0.2 and earlier, and Yayoi Kokyaku Kanri 17 Ver.11.0.2 and earlier) allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.

6.8
2018-09-07 CVE-2018-0623 Yayoi KK Untrusted Search Path vulnerability in Yayoi-Kk products

Untrusted search path vulnerability in Multiple Yayoi 17 Series products (Yayoi Kaikei 17 Series Ver.23.1.1 and earlier, Yayoi Aoiro Shinkoku 17 Ver.23.1.1 and earlier, Yayoi Kyuuyo 17 Ver.20.1.4 and earlier, Yayoi Kyuuyo Keisan 17 Ver.20.1.4 and earlier, Yayoi Hanbai 17 Series Ver.

6.8
2018-09-07 CVE-2018-16650 Phpmyfaq Cross-Site Request Forgery (CSRF) vulnerability in PHPmyfaq

phpMyFAQ before 2.9.11 allows CSRF.

6.8
2018-09-06 CVE-2018-1000669 Koha Cross-Site Request Forgery (CSRF) vulnerability in Koha

KOHA Library System version 16.11.x (up until 16.11.13) and 17.05.x (up until 17.05.05) contains a Cross Site Request Forgery (CSRF) vulnerability in /cgi-bin/koha/members/paycollect.pl Parameters affected: borrowernumber, amount, amountoutstanding, paid that can result in Attackers can mark payments as paid for certain users on behalf of Administrators.

6.8
2018-09-06 CVE-2018-1695 IBM Authentication Bypass BY Spoofing vulnerability in IBM Websphere Application Server 7.0.0.0/8.0.0.0/8.5.5.0

IBM WebSphere Application Server 7.0, 8.0, and 8.5.5 installations using Form Login could allow a remote attacker to conduct spoofing attacks.

6.8
2018-09-06 CVE-2018-16585 Artifex
Canonical
Debian
Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in multiple products

** DISPUTED ** An issue was discovered in Artifex Ghostscript before 9.24.

6.8
2018-09-05 CVE-2018-16552 Micropyramid Cross-Site Request Forgery (CSRF) vulnerability in Micropyramid Django-Crm 0.2

MicroPyramid Django-CRM 0.2 allows CSRF for /users/create/, /users/##/edit/, and /accounts/##/delete/ URIs.

6.8
2018-09-05 CVE-2018-15682 Btiteam Cross-Site Request Forgery (CSRF) vulnerability in Btiteam Xbtit 2.5.4

An issue was discovered in BTITeam XBTIT.

6.8
2018-09-05 CVE-2018-14769 Vivotek Cross-Site Request Forgery (CSRF) vulnerability in Vivotek Camera

VIVOTEK FD8177 devices before XXXXXX-VVTK-xx06a allow CSRF.

6.8
2018-09-05 CVE-2018-16545 Kzsoftware Incorrect Permission Assignment for Critical Resource vulnerability in Kzsoftware Asset Manager and Training Manager

Kaizen Asset Manager (Enterprise Edition) and Training Manager (Enterprise Edition) allow a remote attacker to achieve arbitrary code execution via file impersonation.

6.8
2018-09-05 CVE-2018-16543 Artifex
Canonical
Debian
In Artifex Ghostscript before 9.24, gssetresolution and gsgetresolution allow attackers to have an unspecified impact.
6.8
2018-09-05 CVE-2018-16540 Artifex
Redhat
Debian
Canonical
USE After Free vulnerability in multiple products

In Artifex Ghostscript before 9.24, attackers able to supply crafted PostScript files to the builtin PDF14 converter could use a use-after-free in copydevice handling to crash the interpreter or possibly have unspecified other impact.

6.8
2018-09-05 CVE-2018-16513 Artifex
Canonical
Debian
Pulsesecure
Incorrect Type Conversion OR Cast vulnerability in multiple products

In Artifex Ghostscript before 9.24, attackers able to supply crafted PostScript files could use a type confusion in the setcolor function to crash the interpreter or possibly have unspecified other impact.

6.8
2018-09-05 CVE-2018-16511 Debian
Artifex
Canonical
Redhat
Incorrect Type Conversion OR Cast vulnerability in multiple products

An issue was discovered in Artifex Ghostscript before 9.24.

6.8
2018-09-05 CVE-2018-16510 Artifex
Canonical
Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in multiple products

An issue was discovered in Artifex Ghostscript before 9.24.

6.8
2018-09-04 CVE-2018-10924 Gluster Missing Release of Resource After Effective Lifetime vulnerability in Gluster Glusterfs

It was discovered that fsync(2) system call in glusterfs client code leaks memory.

6.8
2018-09-04 CVE-2018-0675 Hibara Code Injection vulnerability in Hibara Attachecase

AttacheCase ver.3.3.0.0 and earlier allows an arbitrary script execution via unspecified vectors.

6.8
2018-09-04 CVE-2018-0674 Hibara Code Injection vulnerability in Hibara Attachecase

AttacheCase ver.2.8.4.0 and earlier allows an arbitrary script execution via unspecified vectors.

6.8
2018-09-04 CVE-2018-0656 Sony Untrusted Search Path vulnerability in Sony Digital Paper APP 1.4.0.16050

Untrusted search path vulnerability in The installer of Digital Paper App version 1.4.0.16050 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.

6.8
2018-09-04 CVE-2018-0646 Ponsoftware Path Traversal vulnerability in Ponsoftware Explzh

Directory traversal vulnerability in Explzh v.7.58 and earlier allows an attacker to read arbitrary files via unspecified vectors.

6.8
2018-09-04 CVE-2018-16448 Chshcms Cross-Site Request Forgery (CSRF) vulnerability in Chshcms Cscms 4.0

Cscms 4 allows CSRF for creating a member via upload/admin.php/user/save, authenticating vip members via upload/admin.php/user/init/tid and upload/admin.php/user/init/rzid, and creating a super administrator and web editor via upload/admin.php/sys/save.

6.8
2018-09-04 CVE-2018-16447 Frogcms Project Cross-Site Request Forgery (CSRF) vulnerability in Frogcms Project Frogcms 0.9.5

Frog CMS 0.9.5 has admin/?/user/edit/1 CSRF.

6.8
2018-09-04 CVE-2018-16438 Hdfgroup Out-Of-Bounds Read vulnerability in Hdfgroup Hdf5 1.8.20

An issue was discovered in the HDF HDF5 1.8.20 library.

6.8
2018-09-04 CVE-2018-16431 Yfcmf Cross-Site Request Forgery (CSRF) vulnerability in Yfcmf 3.0

admin/admin/adminsave.html in YFCMF v3.0 allows CSRF to add an administrator account.

6.8
2018-09-04 CVE-2018-16430 GNU
Debian
Out-Of-Bounds Read vulnerability in multiple products

GNU Libextractor through 1.7 has an out-of-bounds read vulnerability in EXTRACTOR_zip_extract_method() in zip_extractor.c.

6.8
2018-09-03 CVE-2018-16416 Thedaylightstudio Cross-Site Request Forgery (CSRF) vulnerability in Thedaylightstudio Fuel CMS 1.4

Cross-site request forgery (CSRF) vulnerability in my_profile/edit?inline= in FUEL CMS 1.4 allows remote attackers to change the administrator's password.

6.8
2018-09-03 CVE-2018-16413 Imagemagick Out-Of-Bounds Read vulnerability in Imagemagick 7.0.811

ImageMagick 7.0.8-11 Q16 has a heap-based buffer over-read in the MagickCore/quantum-private.h PushShortPixel function when called from the coders/psd.c ParseImageResourceBlocks function.

6.8
2018-09-03 CVE-2018-16412 Imagemagick
Opensuse
Out-Of-Bounds Read vulnerability in multiple products

ImageMagick 7.0.8-11 Q16 has a heap-based buffer over-read in the coders/psd.c ParseImageResourceBlocks function.

6.8
2018-09-03 CVE-2018-16387 Elefantcms Cross-Site Request Forgery (CSRF) vulnerability in Elefantcms

An issue was discovered in Elefant CMS before 2.0.5.

6.8
2018-09-03 CVE-2018-16380 Digimute Cross-Site Request Forgery (CSRF) vulnerability in Digimute Ogma CMS 0.4

An issue was discovered in Ogma CMS 0.4 Beta.

6.8
2018-09-03 CVE-2018-16376 Uclouvain Out-Of-Bounds Write vulnerability in Uclouvain Openjpeg 2.3.0

An issue was discovered in OpenJPEG 2.3.0.

6.8
2018-09-03 CVE-2018-16375 Uclouvain Out-Of-Bounds Write vulnerability in Uclouvain Openjpeg 2.3.0

An issue was discovered in OpenJPEG 2.3.0.

6.8
2018-09-08 CVE-2018-16715 Absolute Incorrect Permission Assignment for Critical Resource vulnerability in Absolute Ctes Windows Agent 1.0.0.1479

An issue was discovered in Absolute Software CTES Windows Agent through 1.0.0.1479.

6.5
2018-09-07 CVE-2018-1789 IBM Server-Side Request Forgery (SSRF) vulnerability in IBM API Connect

IBM API Connect v2018.1.0 through v2018.3.4 could allow an attacker to send a specially crafted request to conduct a server side request forgery attack.

6.5
2018-09-07 CVE-2018-0658 EC Cube
GMO PG
Improper Input Validation vulnerability in multiple products

Input validation issue in EC-CUBE Payment Module (2.12) version 3.5.23 and earlier, EC-CUBE Payment Module (2.11) version 2.3.17 and earlier, GMO-PG Payment Module (PG Multi-Payment Service) (2.12) version 3.5.23 and earlier, GMO-PG Payment Module (PG Multi-Payment Service) (2.11) version 2.3.17 and earlier allows an attacker with administrative rights to execute arbitrary PHP code on the server via unspecified vectors.

6.5
2018-09-06 CVE-2018-1000659 Limesurvey Path Traversal vulnerability in Limesurvey

LimeSurvey version 3.14.4 and earlier contains a directory traversal in file upload that allows upload of webshell vulnerability in file upload functionality that can result in remote code execution as authenticated user.

6.5
2018-09-06 CVE-2018-1000658 Limesurvey Unrestricted Upload of File With Dangerous Type vulnerability in Limesurvey

LimeSurvey version prior to 3.14.4 contains a file upload vulnerability in upload functionality that can result in an attacker gaining code execution via webshell.

6.5
2018-09-06 CVE-2018-16604 Nibbleblog Code Injection vulnerability in Nibbleblog 4.0.5

An issue was discovered in Nibbleblog v4.0.5.

6.5
2018-09-06 CVE-2018-1000773 Wordpress Improper Input Validation vulnerability in Wordpress

WordPress version 4.9.8 and earlier contains a CWE-20 Input Validation vulnerability in thumbnail processing that can result in remote code execution due to an incomplete fix for CVE-2017-1000600.

6.5
2018-09-06 CVE-2017-1000600 Wordpress Improper Input Validation vulnerability in Wordpress

WordPress version <4.9 contains a CWE-20 Input Validation vulnerability in thumbnail processing that can result in remote code execution.

6.5
2018-09-05 CVE-2018-16436 Gxlcms SQL Injection vulnerability in Gxlcms 2.0

Gxlcms 2.0 before bug fix 20180915 has SQL Injection exploitable by an administrator.

6.5
2018-09-04 CVE-2018-10929 Debian
Redhat
Gluster
Improper Input Validation vulnerability in multiple products

A flaw was found in RPC request using gfs2_create_req in glusterfs server.

6.5
2018-09-04 CVE-2018-10928 Debian
Redhat
Gluster
Link Following vulnerability in multiple products

A flaw was found in RPC request using gfs3_symlink_req in glusterfs server which allows symlink destinations to point to file paths outside of the gluster volume.

6.5
2018-09-04 CVE-2018-10926 Redhat
Debian
Gluster
Path Traversal vulnerability in multiple products

A flaw was found in RPC request using gfs3_mknod_req supported by glusterfs server.

6.5
2018-09-04 CVE-2018-10907 Gluster
Redhat
Debian
Opensuse
Out-Of-Bounds Write vulnerability in multiple products

It was found that glusterfs server is vulnerable to multiple stack based buffer overflows due to functions in server-rpc-fopc.c allocating fixed size buffers using 'alloca(3)'.

6.5
2018-09-04 CVE-2018-10904 Gluster
Redhat
Debian
Untrusted Search Path vulnerability in multiple products

It was found that glusterfs server does not properly sanitize file paths in the "trusted.io-stats-dump" extended attribute which is used by the "debug/io-stats" translator.

6.5
2018-09-07 CVE-2018-15486 Kone Inclusion of Functionality From Untrusted Control Sphere vulnerability in Kone Group Controller Firmware

An issue was discovered on KONE Group Controller (KGC) devices before 4.6.5.

6.4
2018-09-07 CVE-2018-15485 Kone Improper Authentication vulnerability in Kone Group Controller Firmware

An issue was discovered on KONE Group Controller (KGC) devices before 4.6.5.

6.4
2018-09-07 CVE-2018-16710 Octoprint Information Exposure vulnerability in Octoprint

** DISPUTED ** OctoPrint through 1.3.9 allows remote attackers to obtain sensitive information or cause a denial of service via HTTP requests on port 8081.

6.4
2018-09-04 CVE-2018-16446 Seamcms Path Traversal vulnerability in Seamcms Seacms

An issue was discovered in SeaCMS through 6.61.

6.4
2018-09-04 CVE-2018-16444 Seacms Server-Side Request Forgery (SSRF) vulnerability in Seacms 6.61

An issue was discovered in SeaCMS 6.61.

6.4
2018-09-06 CVE-2018-16310 Technicolor Resource Exhaustion vulnerability in Technicolor Tg588V Firmware

** DISPUTED ** Technicolor TG588V V2 devices allow remote attackers to cause a denial of service (networking outage) via a flood of random MAC addresses, as demonstrated by macof.

6.1
2018-09-09 CVE-2018-16761 Eventum Project Open Redirect vulnerability in Eventum Project Eventum

Eventum before 3.4.0 has an open redirect vulnerability.

5.8
2018-09-07 CVE-2018-14398 Cremecrm Open Redirect vulnerability in Cremecrm 1.6.12

An issue was discovered in Creme CRM 1.6.12.

5.8
2018-09-07 CVE-2018-0659 Hibara Path Traversal vulnerability in Hibara Attachecase

Directory traversal vulnerability in ver.2.8.4.0 and earlier and ver.3.3.0.0 and earlier allows an attacker to create or overwrite existing files via specially crafted ATC file.

5.8
2018-09-07 CVE-2018-0650 Linecorp Improper Certificate Validation vulnerability in Linecorp Line Music 3.1.0

The LINE MUSIC for Android version 3.1.0 to versions prior to 3.6.5 does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.

5.8
2018-09-06 CVE-2018-14366 Pulsesecure Open Redirect vulnerability in Pulsesecure Pulse Connect Secure and Pulse Policy Secure

download.cgi in Pulse Secure Pulse Connect Secure 8.1RX before 8.1R13 and 8.3RX before 8.3R4 and Pulse Policy Secure through 5.2RX before 5.2R10 and 5.4RX before 5.4R4 have an Open Redirect Vulnerability.

5.8
2018-09-06 CVE-2018-1000671 Sympa
Debian
Open Redirect vulnerability in multiple products

sympa version 6.2.16 and later contains a CWE-601: URL Redirection to Untrusted Site ('Open Redirect') vulnerability in The "referer" parameter of the wwsympa.fcgi login action.

5.8
2018-09-06 CVE-2018-11263 Google Improper Validation of Array Index vulnerability in Google Android

In all Android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the Linux kernel, radio_id is received from the FW and is used to access the buffer to copy the radio stats received for each radio from FW.

5.8
2018-09-05 CVE-2018-15683 Btiteam Open Redirect vulnerability in Btiteam Xbtit 2.5.4

An issue was discovered in BTITeam XBTIT.

5.8
2018-09-05 CVE-2018-15918 Jorani SQL Injection vulnerability in Jorani 0.6.5

An issue was discovered in Jorani 0.6.5.

5.5
2018-09-04 CVE-2018-10927 Debian
Redhat
Gluster
Information Exposure vulnerability in multiple products

A flaw was found in RPC request using gfs3_lookup_req in glusterfs server.

5.5
2018-09-04 CVE-2018-10923 Gluster
Redhat
Debian
Improper Input Validation vulnerability in multiple products

It was found that the "mknod" call derived from mknod(2) can create files pointing to devices on a glusterfs server node.

5.5
2018-09-08 CVE-2018-16733 Ethereum Improper Input Validation vulnerability in Ethereum GO Ethereum

In Go Ethereum (aka geth) before 1.8.14, TraceChain in eth/api_tracer.go does not verify that the end block is after the start block.

5.0
2018-09-07 CVE-2018-16454 Currency Converter Script Project Improper Input Validation vulnerability in Currency Converter Script Project Currency Converter Script 2.0.5

PHP Scripts Mall Currency Converter Script 2.0.5 allows remote attackers to cause a denial of service (web-interface change) via an inverted comma.

5.0
2018-09-07 CVE-2018-16059 Endress Path Traversal vulnerability in Endress Wirelesshart Fieldgate Swg70 Firmware 3.00.07

Endress+Hauser WirelessHART Fieldgate SWG70 3.x devices allow Directory Traversal via the fcgi-bin/wgsetcgi filename parameter.

5.0
2018-09-07 CVE-2018-15552 Theethereumlottery USE of Cryptographically Weak Pseudo-Random Number Generator (Prng) vulnerability in Theethereumlottery the Ethereum Lottery

The "PayWinner" function of a simplelottery smart contract implementation for The Ethereum Lottery, an Ethereum gambling game, generates a random value with publicly readable variable "maxTickets" (which is private, yet predictable and readable by the eth.getStorageAt function).

5.0
2018-09-07 CVE-2018-16703 Gleeztech Improper Restriction of Excessive Authentication Attempts vulnerability in Gleeztech Gleez CMS 1.2.0

A vulnerability in the Gleez CMS 1.2.0 login page could allow an unauthenticated, remote attacker to perform multiple user enumerations, which can further help an attacker to perform login attempts in excess of the configured login attempt limit.

5.0
2018-09-07 CVE-2018-1757 IBM Missing Authentication FOR Critical Function vulnerability in IBM Security Identity Governance and Intelligence 5.2.3.2/5.2.4

IBM Security Identity Governance and Intelligence 5.2.3.2 and 5.2.4 could allow an attacker to obtain sensitive information due to missing authentication in IGI for the survey application.

5.0
2018-09-07 CVE-2018-1756 IBM SQL Injection vulnerability in IBM Security Identity Governance and Intelligence 5.2.3.2/5.2.4

IBM Security Identity Governance and Intelligence 5.2.3.2 and 5.2.4 is vulnerable to SQL injection.

5.0
2018-09-06 CVE-2017-16714 Iceqube Insufficiently Protected Credentials vulnerability in Iceqube Thermal Management Center Firmware

In Ice Qube Thermal Management Center versions prior to version 4.13, passwords are stored in plaintext in a file that is accessible without authentication.

5.0
2018-09-06 CVE-2017-14026 Iceqube Improper Authentication vulnerability in Iceqube Thermal Management Center Firmware

In Ice Qube Thermal Management Center versions prior to version 4.13, the web application does not properly authenticate users which may allow an attacker to gain access to sensitive information.

5.0
2018-09-06 CVE-2018-1000660 Tockos Incorrect Permission Assignment FOR Critical Resource vulnerability in Tockos Tock 1.0/1.1

TOCK version prior to commit 42f7f36e74088036068d62253e1d8fb26605feed.

5.0
2018-09-06 CVE-2018-14624 Fedoraproject
Redhat
Debian
Improper Input Validation vulnerability in multiple products

A vulnerability was discovered in 389-ds-base through versions 1.3.7.10, 1.3.8.8 and 1.4.0.16.

5.0
2018-09-05 CVE-2018-16550 Teamviewer Unspecified vulnerability in Teamviewer

TeamViewer 10.x through 13.x allows remote attackers to bypass the brute-force authentication protection mechanism by skipping the "Cancel" step, which makes it easier to determine the correct value of the default 4-digit PIN.

5.0
2018-09-05 CVE-2018-16549 PHP File Browser Script Project Path Traversal vulnerability in PHP File Browser Script Project PHP File Browser Script 1.0

HScripts PHP File Browser Script v1.0 allows Directory Traversal via the index.php path parameter.

5.0
2018-09-05 CVE-2018-16307 MI Information Exposure vulnerability in MI Xiaomi Miwifi Xiaomi 55Dd Firmware 2.8.50

An "Out-of-band resource load" issue was discovered on Xiaomi MIWiFi Xiaomi_55DD Version 2.8.50 devices.

5.0
2018-09-05 CVE-2018-15684 Btiteam Information Exposure vulnerability in Btiteam Xbtit 2.5.4

An issue was discovered in BTITeam XBTIT.

5.0
2018-09-05 CVE-2018-15681 Btiteam USE of Password Hash With Insufficient Computational Effort vulnerability in Btiteam Xbtit 2.5.4

An issue was discovered in BTITeam XBTIT 2.5.4.

5.0
2018-09-05 CVE-2018-15680 Btiteam USE of Password Hash With Insufficient Computational Effort vulnerability in Btiteam Xbtit 2.5.4

An issue was discovered in BTITeam XBTIT 2.5.4.

5.0
2018-09-05 CVE-2018-15676 Btiteam Cross-Site Scripting vulnerability in Btiteam Xbtit 2.5.4

An issue was discovered in BTITeam XBTIT.

5.0
2018-09-05 CVE-2016-1000232 Salesforce
IBM
Redhat
Improper Input Validation vulnerability in multiple products

NodeJS Tough-Cookie version 2.2.2 contains a Regular Expression Parsing vulnerability in HTTP request Cookie Header parsing that can result in Denial of Service.

5.0
2018-09-04 CVE-2018-10911 Gluster
Redhat
Debian
Deserialization of Untrusted Data vulnerability in multiple products

A flaw was found in the way dic_unserialize function of glusterfs does not handle negative key length values.

5.0
2018-09-04 CVE-2018-16429 Gnome
Canonical
Out-Of-Bounds Read vulnerability in multiple products

GNOME GLib 2.56.1 has an out-of-bounds read vulnerability in g_markup_parse_context_parse() in gmarkup.c, related to utf8_str().

5.0
2018-09-03 CVE-2018-16409 Gogs Server-Side Request Forgery (SSRF) vulnerability in Gogs 0.11.53

In Gogs 0.11.53, an attacker can use migrate to send arbitrary HTTP GET requests, leading to SSRF.

5.0
2018-09-03 CVE-2018-16398 Twistlock Unspecified vulnerability in Twistlock Authz Broker 0.1

In Twistlock AuthZ Broker 0.1, regular expressions are mishandled, as demonstrated by containers/aa/pause?aaa=\/start to bypass a policy in which "docker start" is allowed but "docker pause" is not allowed.

5.0
2018-09-03 CVE-2018-16384 Trustwave SQL Injection vulnerability in Trustwave Owasp Modsecurity Core Rule SET 3.1.0

A SQL injection bypass (aka PL1 bypass) exists in OWASP ModSecurity Core Rule Set (owasp-modsecurity-crs) through v3.1.0-rc3 via {`a`b} where a is a special function name (such as "if") and b is the SQL statement to be executed.

5.0
2018-09-07 CVE-2016-9040 Joyent Resource Exhaustion vulnerability in Joyent Smartos 20161110T013148Z

An exploitable denial of service exists in the the Joyent SmartOS OS 20161110T013148Z Hyprlofs file system.

4.9
2018-09-04 CVE-2018-6554 Linux
Canonical
Debian
Missing Release of Resource After Effective Lifetime vulnerability in Linux Kernel

Memory leak in the irda_bind function in net/irda/af_irda.c and later in drivers/staging/irda/net/af_irda.c in the Linux kernel before 4.17 allows local users to cause a denial of service (memory consumption) by repeatedly binding an AF_IRDA socket.

4.9
2018-09-04 CVE-2018-7990 Huawei Unspecified vulnerability in Huawei Mate 10 PRO Firmware

Mate10 Pro Huawei smart phones with the versions before 8.1.0.326(C00) have a FRP bypass vulnerability.

4.9
2018-09-04 CVE-2018-7936 Huawei Unspecified vulnerability in Huawei Mate 10 PRO Firmware

Mate 10 Pro Huawei smart phones with the versions before BLA-L29 8.0.0.148(C432) have a Factory Reset Protection (FRP) bypass security vulnerability.

4.9
2018-09-07 CVE-2018-12897 Solarwinds Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Solarwinds Dameware Mini Remote Control

SolarWinds DameWare Mini Remote Control before 12.1 has a Buffer Overflow.

4.6
2018-09-07 CVE-2018-16666 Contiki NG Out-Of-Bounds Write vulnerability in Contiki-Ng Contiki-Ng.

An issue was discovered in Contiki-NG through 4.1.

4.6
2018-09-07 CVE-2018-16663 Contiki NG Out-Of-Bounds Write vulnerability in Contiki-Ng Contiki-Ng.

An issue was discovered in Contiki-NG through 4.1.

4.6
2018-09-06 CVE-2018-16261 Pulsesecure Improper Certificate Validation vulnerability in Pulsesecure Pulse Secure Desktop Client

In Pulse Secure Pulse Desktop Client 5.3RX before 5.3R5 and 9.0R1, there is a Privilege Escalation Vulnerability with Dynamic Certificate Trust.

4.6
2018-09-06 CVE-2018-15865 Pulsesecure Unspecified vulnerability in Pulsesecure Pulse Secure Desktop Client

The Pulse Secure Desktop (macOS) has a Privilege Escalation Vulnerability.

4.6
2018-09-06 CVE-2018-15726 Pulsesecure OS Command Injection vulnerability in Pulsesecure Pulse Secure Desktop Client

The Pulse Secure Desktop (macOS) 5.3RX before 5.3R5 and 9.0R1 has a Privilege Escalation Vulnerability.

4.6
2018-09-04 CVE-2018-16425 Opensc Project Double Free vulnerability in Opensc Project Opensc

A double free when handling responses from an HSM Card in sc_pkcs15emu_sc_hsm_init in libopensc/pkcs15-sc-hsm.c in OpenSC before 0.19.0-rc1 could be used by attackers able to supply crafted smartcards to cause a denial of service (application crash) or possibly have unspecified other impact.

4.6
2018-09-04 CVE-2018-16424 Opensc Project Double Free vulnerability in Opensc Project Opensc

A double free when handling responses in read_file in tools/egk-tool.c (aka the eGK card tool) in OpenSC before 0.19.0-rc1 could be used by attackers able to supply crafted smartcards to cause a denial of service (application crash) or possibly have unspecified other impact.

4.6
2018-09-04 CVE-2018-16423 Opensc Project Double Free vulnerability in Opensc Project Opensc

A double free when handling responses from a smartcard in sc_file_set_sec_attr in libopensc/sc.c in OpenSC before 0.19.0-rc1 could be used by attackers able to supply crafted smartcards to cause a denial of service (application crash) or possibly have unspecified other impact.

4.6
2018-09-04 CVE-2018-16422 Opensc Project Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Opensc Project Opensc

A single byte buffer overflow when handling responses from an esteid Card in sc_pkcs15emu_esteid_init in libopensc/pkcs15-esteid.c in OpenSC before 0.19.0-rc1 could be used by attackers able to supply crafted smartcards to cause a denial of service (application crash) or possibly have unspecified other impact.

4.6
2018-09-04 CVE-2018-16421 Opensc Project Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Opensc Project Opensc

Several buffer overflows when handling responses from a CAC Card in cac_get_serial_nr_from_CUID in libopensc/card-cac.c in OpenSC before 0.19.0-rc1 could be used by attackers able to supply crafted smartcards to cause a denial of service (application crash) or possibly have unspecified other impact.

4.6
2018-09-04 CVE-2018-16420 Opensc Project Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Opensc Project Opensc

Several buffer overflows when handling responses from an ePass 2003 Card in decrypt_response in libopensc/card-epass2003.c in OpenSC before 0.19.0-rc1 could be used by attackers able to supply crafted smartcards to cause a denial of service (application crash) or possibly have unspecified other impact.

4.6
2018-09-04 CVE-2018-16419 Opensc Project Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Opensc Project Opensc

Several buffer overflows when handling responses from a Cryptoflex card in read_public_key in tools/cryptoflex-tool.c in OpenSC before 0.19.0-rc1 could be used by attackers able to supply crafted smartcards to cause a denial of service (application crash) or possibly have unspecified other impact.

4.6
2018-09-04 CVE-2018-16418 Opensc Project Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Opensc Project Opensc

A buffer overflow when handling string concatenation in util_acl_to_str in tools/util.c in OpenSC before 0.19.0-rc1 could be used by attackers able to supply crafted smartcards to cause a denial of service (application crash) or possibly have unspecified other impact.

4.6
2018-09-03 CVE-2018-16393 Opensc Project Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Opensc Project Opensc

Several buffer overflows when handling responses from a Gemsafe V1 Smartcard in gemsafe_get_cert_len in libopensc/pkcs15-gemsafeV1.c in OpenSC before 0.19.0-rc1 could be used by attackers able to supply crafted smartcards to cause a denial of service (application crash) or possibly have unspecified other impact.

4.6
2018-09-03 CVE-2018-16392 Opensc Project Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Opensc Project Opensc

Several buffer overflows when handling responses from a TCOS Card in tcos_select_file in libopensc/card-tcos.c in OpenSC before 0.19.0-rc1 could be used by attackers able to supply crafted smartcards to cause a denial of service (application crash) or possibly have unspecified other impact.

4.6
2018-09-03 CVE-2018-16391 Opensc Project Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Opensc Project Opensc

Several buffer overflows when handling responses from a Muscle Card in muscle_list_files in libopensc/card-muscle.c in OpenSC before 0.19.0-rc1 could be used by attackers able to supply crafted smartcards to cause a denial of service (application crash) or possibly have unspecified other impact.

4.6
2018-09-07 CVE-2018-16667 Contiki NG Out-Of-Bounds Read vulnerability in Contiki-Ng Contiki-Ng.

An issue was discovered in Contiki-NG through 4.1.

4.4
2018-09-07 CVE-2018-16664 Contiki NG Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Contiki-Ng Contiki-Ng.

An issue was discovered in Contiki-NG through 4.1.

4.4
2018-09-09 CVE-2018-16759 Easycms Cross-Site Scripting vulnerability in Easycms 1.4

The removeXSS function in App/Common/common.php (called from App/Modules/Index/Action/SearchAction.class.php) in EasyCMS v1.4 allows XSS via an onhashchange event.

4.3
2018-09-09 CVE-2018-16750 Imagemagick
Canonical
Missing Release of Resource After Effective Lifetime vulnerability in Imagemagick

In ImageMagick 7.0.7-29 and earlier, a memory leak in the formatIPTCfromBuffer function in coders/meta.c was found.

4.3
2018-09-09 CVE-2018-16749 Imagemagick
Canonical
Debian
Reachable Assertion vulnerability in multiple products

In ImageMagick 7.0.7-29 and earlier, a missing NULL check in ReadOneJNGImage in coders/png.c allows an attacker to cause a denial of service (WriteBlob assertion failure and application exit) via a crafted file.

4.3
2018-09-08 CVE-2018-16730 Chshcms Cross-Site Scripting vulnerability in Chshcms Cscms 4.1

\upload\plugins\sys\Install.php in CScms 4.1 has XSS via the site name.

4.3
2018-09-08 CVE-2018-16725 Baijiacms Project Cross-Site Scripting vulnerability in Baijiacms Project Baijiacms 4.0

An issue is discovered in baijiacms V4.

4.3
2018-09-07 CVE-2017-17691 Contronics Insufficiently Protected Credentials vulnerability in Contronics Homeputer CL Studio FUR Homematic

Homeputer CL Studio fur HomeMatic 4.0 Rel 160808 and earlier uses cleartext to exchange the username and password between server and client instances, which allows remote attackers to obtain sensitive information via a man in the middle attack.

4.3
2018-09-07 CVE-2018-0660 Hibara Path Traversal vulnerability in Hibara Attachecase

Directory traversal vulnerability in ver.2.8.4.0 and earlier and ver.3.3.0.0 and earlier allows an attacker to create arbitrary files via specially crafted ATC file.

4.3
2018-09-07 CVE-2018-0654 Weseek Cross-Site Scripting vulnerability in Weseek Growi

Cross-site scripting vulnerability in GROWI v.3.1.11 and earlier allows remote attackers to inject arbitrary web script or HTML via the modal for creating Wiki page.

4.3
2018-09-07 CVE-2018-0653 Weseek Cross-Site Scripting vulnerability in Weseek Growi

Cross-site scripting vulnerability in GROWI v.3.1.11 and earlier allows remote attackers to inject arbitrary web script or HTML via Wiki page view.

4.3
2018-09-07 CVE-2018-0642 Foliovision Cross-Site Scripting vulnerability in Foliovision FV Flowplayer Video Player

Cross-site scripting vulnerability in FV Flowplayer Video Player 6.1.2 to 6.6.4 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

4.3
2018-09-07 CVE-2018-16655 Gxlcms Cross-Site Scripting vulnerability in Gxlcms 1.0

Gxlcms 1.0 has XSS via the PATH_INFO to gx/lib/ThinkPHP/Tpl/ThinkException.tpl.php.

4.3
2018-09-07 CVE-2018-16654 Zurmo Cross-Site Scripting vulnerability in Zurmo CRM 3.2.4

Zurmo 3.2.4 Stable allows XSS via app/index.php/accounts/default/details?id=2&kanbanBoard=1&openToTaskId=1.

4.3
2018-09-07 CVE-2018-16653 Rejucms Project Cross-Site Scripting vulnerability in Rejucms Project Rejucms 2.1

rejucms 2.1 has XSS via the ucenter/cms_user_add.php u_name parameter.

4.3
2018-09-06 CVE-2018-16648 Artifex Improper Validation of Array Index vulnerability in Artifex Mupdf 1.13.0

In Artifex MuPDF 1.13.0, the fz_append_byte function in fitz/buffer.c allows remote attackers to cause a denial of service (segmentation fault) via a crafted pdf file.

4.3
2018-09-06 CVE-2018-16647 Artifex Buffer Errors vulnerability in Artifex Mupdf 1.13.0

In Artifex MuPDF 1.13.0, the pdf_get_xref_entry function in pdf/pdf-xref.c allows remote attackers to cause a denial of service (segmentation fault in fz_write_data in fitz/output.c) via a crafted pdf file.

4.3
2018-09-06 CVE-2018-16646 Freedesktop
Debian
Canonical
Infinite Loop vulnerability in multiple products

In Poppler 0.68.0, the Parser::getObj() function in Parser.cc may cause infinite recursion via a crafted file.

4.3
2018-09-06 CVE-2018-16517 Nasm Null Pointer Dereference vulnerability in Nasm Netwide Assembler

asm/labels.c in Netwide Assembler (NASM) is prone to NULL Pointer Dereference, which allows the attacker to cause a denial of service via a crafted file.

4.3
2018-09-06 CVE-2018-16285 Userproplugin Cross-Site Scripting vulnerability in Userproplugin Userpro

The UserPro plugin through 4.9.23 for WordPress allows XSS via the shortcode parameter in a userpro_shortcode_template action to wp-admin/admin-ajax.php.

4.3
2018-09-06 CVE-2018-12234 Myadrenalin Cross-Site Scripting vulnerability in Myadrenalin Adrenalin 5.4.0

A Reflected Cross Site Scripting (XSS) Vulnerability was discovered in Adrenalin 5.4.0 HRMS Software.

4.3
2018-09-06 CVE-2018-16645 Imagemagick
Canonical
Debian
Allocation of Resources Without Limits OR Throttling vulnerability in multiple products

There is an excessive memory allocation issue in the functions ReadBMPImage of coders/bmp.c and ReadDIBImage of coders/dib.c in ImageMagick 7.0.8-11, which allows remote attackers to cause a denial of service via a crafted image file.

4.3
2018-09-06 CVE-2018-16644 Imagemagick
Canonical
Debian
Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in multiple products

There is a missing check for length in the functions ReadDCMImage of coders/dcm.c and ReadPICTImage of coders/pict.c in ImageMagick 7.0.8-11, which allows remote attackers to cause a denial of service via a crafted image.

4.3
2018-09-06 CVE-2018-16643 Imagemagick
Canonical
Debian
Unchecked Return Value vulnerability in multiple products

The functions ReadDCMImage in coders/dcm.c, ReadPWPImage in coders/pwp.c, ReadCALSImage in coders/cals.c, and ReadPICTImage in coders/pict.c in ImageMagick 7.0.8-4 do not check the return value of the fputc function, which allows remote attackers to cause a denial of service via a crafted image file.

4.3
2018-09-06 CVE-2018-16642 Imagemagick
Canonical
Debian
Out-Of-Bounds Write vulnerability in multiple products

The function InsertRow in coders/cut.c in ImageMagick 7.0.7-37 allows remote attackers to cause a denial of service via a crafted image file due to an out-of-bounds write.

4.3
2018-09-06 CVE-2018-16641 Imagemagick Missing Release of Resource After Effective Lifetime vulnerability in Imagemagick 7.0.86

ImageMagick 7.0.8-6 has a memory leak vulnerability in the TIFFWritePhotoshopLayers function in coders/tiff.c.

4.3
2018-09-06 CVE-2018-16640 Imagemagick
Canonical
Missing Release of Resource After Effective Lifetime vulnerability in multiple products

ImageMagick 7.0.8-5 has a memory leak vulnerability in the function ReadOneJNGImage in coders/png.c.

4.3
2018-09-06 CVE-2018-5389 Ietf Weak Password Requirements vulnerability in Ietf Internet KEY Exchange 1.0

The Internet Key Exchange v1 main mode is vulnerable to offline dictionary or brute force attacks.

4.3
2018-09-06 CVE-2018-5005 Adobe Cross-Site Scripting vulnerability in Adobe Experience Manager

Adobe Experience Manager versions 6.4, 6.3, 6.2, 6.1, and 6.0 have a Cross-site Scripting vulnerability.

4.3
2018-09-06 CVE-2018-1000670 Koha Cross-Site Scripting vulnerability in Koha

KOHA Library System version 16.11.x (up until 16.11.13) and 17.05.x (up until 17.05.05) contains a Cross Site Scripting (XSS) vulnerability in Multiple fields on multiple pages including /cgi-bin/koha/acqui/supplier.pl?op=enter , /cgi-bin/koha/circ/circulation.pl?borrowernumber=[number] , /cgi-bin/koha/serials/subscription-add.pl that can result in Privilege escalation by taking control of higher privileged users browser sessions.

4.3
2018-09-06 CVE-2018-1000801 KDE
Debian
Path Traversal vulnerability in multiple products

okular version 18.08 and earlier contains a Directory Traversal vulnerability in function "unpackDocumentArchive(...)" in "core/document.cpp" that can result in Arbitrary file creation on the user workstation.

4.3
2018-09-06 CVE-2018-1000668 Jsish Out-Of-Bounds Read vulnerability in Jsish 2.4.702.047

jsish version 2.4.70 2.047 contains a CWE-125: Out-of-bounds Read vulnerability in function jsi_ObjArrayLookup (jsiObj.c:274) that can result in Crash due to segmentation fault.

4.3
2018-09-06 CVE-2018-1000667 Nasm Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Nasm Netwide Assembler

NASM nasm-2.13.03 nasm- 2.14rc15 version 2.14rc15 and earlier contains a memory corruption (crashed) of nasm when handling a crafted file due to function assemble_file(inname, depend_ptr) at asm/nasm.c:482.

4.3
2018-09-06 CVE-2018-1000665 Dojotoolkit Cross-Site Scripting vulnerability in Dojotoolkit Dojo

Dojo Dojo Objective Harness (DOH) version prior to version 1.14 contains a Cross Site Scripting (XSS) vulnerability in unit.html and testsDOH/_base/loader/i18n-exhaustive/i18n-test/unit.html and testsDOH/_base/i18nExhaustive.js in the DOH that can result in Victim attacked through their browser - deliver malware, steal HTTP cookies, bypass CORS trust.

4.3
2018-09-06 CVE-2018-1000664 Dsub FOR Subsonic Project Improper Certificate Validation vulnerability in Dsub FOR Subsonic Project Dsub for Subsonic 5.4.1

daneren2005 DSub for Subsonic (Android client) version 5.4.1 contains a CWE-295: Improper Certificate Validation vulnerability in HTTPS Client that can result in Any non-CA signed server certificate, including self signed and expired, are accepted by the client.

4.3
2018-09-06 CVE-2018-1000663 Jsish Buffer Errors vulnerability in Jsish 2.4.702.047

jsish version 2.4.70 2.047 contains a Buffer Overflow vulnerability in function _jsi_evalcode from jsiEval.c that can result in Crash due to segmentation fault.

4.3
2018-09-06 CVE-2018-1000661 Jsish Null Pointer Dereference vulnerability in Jsish 2.4.67

jsish version 2.4.67 contains a CWE-476: NULL Pointer Dereference vulnerability in Jsi_LogMsg (jsiUtils.c:196) that can result in Crash due to segmentation fault.

4.3
2018-09-06 CVE-2018-16459 Exceljs Project Cross-Site Scripting vulnerability in Exceljs Project Exceljs

An unescaped payload in exceljs <v1.6 allows a possible XSS via cell value when worksheet is displayed in browser.

4.3
2018-09-05 CVE-2018-16548 Zziplib Project Missing Release of Resource After Effective Lifetime vulnerability in Zziplib Project Zziplib

An issue was discovered in ZZIPlib through 0.13.69.

4.3
2018-09-05 CVE-2018-16381 E107 Cross-Site Scripting vulnerability in E107 2.1.8

e107 2.1.8 has XSS via the e107_admin/users.php?mode=main&action=list user_loginname parameter.

4.3
2018-09-05 CVE-2018-16361 Btiteam Cross-Site Scripting vulnerability in Btiteam Xbtit 2.5.4

An issue was discovered in BTITeam XBTIT 2.5.4.

4.3
2018-09-05 CVE-2018-16148 Opsview Cross-Site Scripting vulnerability in Opsview

The diagnosticsb2ksy parameter of the /rest endpoint in Opsview Monitor before 5.3.1 and 5.4.x before 5.4.2 is vulnerable to Cross-Site Scripting.

4.3
2018-09-05 CVE-2018-16147 Opsview Cross-Site Scripting vulnerability in Opsview

The data parameter of the /settings/api/router endpoint in Opsview Monitor before 5.3.1 and 5.4.x before 5.4.2 is vulnerable to Cross-Site Scripting.

4.3
2018-09-05 CVE-2018-15679 Btiteam Cross-Site Scripting vulnerability in Btiteam Xbtit 2.5.4

An issue was discovered in BTITeam XBTIT 2.5.4.

4.3
2018-09-05 CVE-2018-15678 Btiteam Cross-Site Scripting vulnerability in Btiteam Xbtit 2.5.4

An issue was discovered in BTITeam XBTIT 2.5.4.

4.3
2018-09-05 CVE-2018-15677 Btiteam Cross-Site Request Forgery (CSRF) vulnerability in Btiteam Xbtit 2.5.4

The newsfeed (aka /index.php?page=viewnews) in BTITeam XBTIT 2.5.4 has stored XSS via the title of a news item.

4.3
2018-09-05 CVE-2018-16546 Amcrest USE of Hard-Coded Credentials vulnerability in Amcrest Ipc-Hx1X3X-Lexus ENG N Amcrest V2.420.Ac01.3.R.20180206

Amcrest networked devices use the same hardcoded SSL private key across different customers' installations, which allows remote attackers to defeat cryptographic protection mechanisms by leveraging knowledge of this key from another installation, as demonstrated by Amcrest_IPC-HX1X3X-LEXUS_Eng_N_AMCREST_V2.420.AC01.3.R.20180206.

4.3
2018-09-05 CVE-2018-16542 Artifex
Redhat
Debian
Canonical
Out-Of-Bounds Write vulnerability in multiple products

In Artifex Ghostscript before 9.24, attackers able to supply crafted PostScript files could use insufficient interpreter stack-size checking during error handling to crash the interpreter.

4.3
2018-09-05 CVE-2018-16541 Artifex
Canonical
Debian
Redhat
USE After Free vulnerability in multiple products

In Artifex Ghostscript before 9.24, attackers able to supply crafted PostScript files could use incorrect free logic in pagedevice replacement to crash the interpreter.

4.3
2018-09-05 CVE-2018-16539 Artifex
Canonical
Debian
Redhat
Information Exposure vulnerability in multiple products

In Artifex Ghostscript before 9.24, attackers able to supply crafted PostScript files could use incorrect access checking in temp file handling to disclose contents of files on the system otherwise not readable.

4.3
2018-09-05 CVE-2018-16516 Flask Admin Project Cross-Site Scripting vulnerability in Flask-Admin Project Flask-Admin 1.5.2

helpers.py in Flask-Admin 1.5.2 has Reflected XSS via a crafted URL.

4.3
2018-09-05 CVE-2018-9194 Fortinet Information Exposure Through Discrepancy vulnerability in Fortinet Fortios

A plaintext recovery of encrypted messages or a Man-in-the-middle (MiTM) attack on RSA PKCS #1 v1.5 encryption may be possible without knowledge of the server's private key.

4.3
2018-09-05 CVE-2018-9192 Fortinet Information Exposure Through Discrepancy vulnerability in Fortinet Fortios

A plaintext recovery of encrypted messages or a Man-in-the-middle (MiTM) attack on RSA PKCS #1 v1.5 encryption may be possible without knowledge of the server's private key.

4.3
2018-09-04 CVE-2018-7938 Huawei Information Exposure vulnerability in Huawei P10 Firmware

P10 Huawei smartphones with the versions before Victoria-AL00AC00B217 have an information leak vulnerability due to the lack of permission validation.

4.3
2018-09-04 CVE-2018-0672 Sixapart Cross-Site Scripting vulnerability in Sixapart Movable Type

Cross-site scripting vulnerability in Movable Type versions prior to Ver.

4.3
2018-09-04 CVE-2018-14627 Redhat Cleartext Transmission of Sensitive Information vulnerability in Redhat Wildfly

The IIOP OpenJDK Subsystem in WildFly before version 14.0.0 does not honour configuration when SSL transport is required.

4.3
2018-09-04 CVE-2018-16458 Baigo Cross-Site Request Forgery (CSRF) vulnerability in Baigo CMS 2.1.1

An issue was discovered in baigo CMS v2.1.1.

4.3
2018-09-04 CVE-2018-16450 Craftedweb Project Cross-Site Scripting vulnerability in Craftedweb Project Craftedweb 20130924

CraftedWeb through 2013-09-24 has reflected XSS via the p parameter.

4.3
2018-09-04 CVE-2018-16449 Onethink Cross-Site Request Forgery (CSRF) vulnerability in Onethink 1.1.141212

OneThink 1.1.141212 allows CSRF for adding a page via admin.php?s=/Channel/add.html, adding a blog via admin.php?s=/Article/update.html, and setting the audit state via admin.php?s=/Article/setStatus/status/1.html.

4.3
2018-09-04 CVE-2018-16435 Littlecms
Canonical
Redhat
Debian
Integer Overflow OR Wraparound vulnerability in multiple products

Little CMS (aka Little Color Management System) 2.9 has an integer overflow in the AllocateDataSet function in cmscgats.c, leading to a heap-based buffer overflow in the SetData function via a crafted file in the second argument to cmsIT8LoadFromFile.

4.3
2018-09-03 CVE-2018-16407 Mayan Edms Cross-Site Scripting vulnerability in Mayan-Edms Mayan Edms

An issue was discovered in Mayan EDMS before 3.0.3.

4.3
2018-09-03 CVE-2018-16406 Mayan Edms Cross-Site Scripting vulnerability in Mayan-Edms Mayan Edms

An issue was discovered in Mayan EDMS before 3.0.2.

4.3
2018-09-03 CVE-2018-16405 Mayan Edms Cross-Site Scripting vulnerability in Mayan-Edms Mayan Edms

An issue was discovered in Mayan EDMS before 3.0.2.

4.3
2018-09-03 CVE-2018-16403 Elfutils Project Out-Of-Bounds Read vulnerability in Elfutils Project Elfutils 0.173

libdw in elfutils 0.173 checks the end of the attributes list incorrectly in dwarf_getabbrev in dwarf_getabbrev.c and dwarf_hasattr in dwarf_hasattr.c, leading to a heap-based buffer over-read and an application crash.

4.3
2018-09-03 CVE-2018-16382 Nasm Out-Of-Bounds Read vulnerability in Nasm Netwide Assembler 2.14

Netwide Assembler (NASM) 2.14rc15 has a buffer over-read in x86/regflags.c.

4.3
2018-09-03 CVE-2018-16372 Ideacms Cross-Site Scripting vulnerability in Ideacms 20160430

The issue was discovered in IdeaCMS through 2016-04-30.

4.3
2018-09-03 CVE-2018-16371 Pescms Cross-Site Scripting vulnerability in Pescms Team 2.2.1

PESCMS Team 2.2.1 has multiple reflected XSS via the keyword parameter: g=Team&m=User&a=index&keyword=, g=Team&m=User_group&a=index&keyword=, g=Team&m=Department&a=index&keyword=, and g=Team&m=Bulletin&a=index&keyword=.

4.3
2018-09-03 CVE-2018-16369 Xpdfreader Unspecified vulnerability in Xpdfreader Xpdf 4.00

XRef::fetch in XRef.cc in Xpdf 4.00 allows remote attackers to cause a denial of service (stack consumption) via a crafted pdf file, related to AcroForm::scanField, as demonstrated by pdftohtml.

4.3
2018-09-03 CVE-2018-16368 Xpdfreader Out-Of-Bounds Read vulnerability in Xpdfreader Xpdf 4.00

SplashXPath::strokeAdjust in splash/SplashXPath.cc in Xpdf 4.00 allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted pdf file, as demonstrated by pdftoppm.

4.3
2018-09-07 CVE-2018-16704 Gleeztech Authorization Bypass Through User-Controlled KEY vulnerability in Gleeztech Gleezcms 1.3.0

An issue was discovered in Gleez CMS v1.2.0.

4.0
2018-09-07 CVE-2018-0644 Canonical Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Canonical Ubuntu Linux 14.04/16.04

Buffer overflow in Ubuntu14.04 ORCA (Online Receipt Computer Advantage) 4.8.0 (panda-client2) 1:1.4.9+p41-u4jma1 and earlier, Ubuntu14.04 ORCA (Online Receipt Computer Advantage) 5.0.0 (panda-client2) 1:2.0.0+p48-u4jma1 and earlier, and Ubuntu16.04 ORCA (Online Receipt Computer Advantage) 5.0.0 (panda-client2) 1:2.0.0+p48-u5jma1 and earlier allows authenticated attackers to cause denial-of-service (DoS) condition via unspecified vectors.

4.0
2018-09-06 CVE-2018-16606 Proconf Authorization Bypass Through User-Controlled KEY vulnerability in Proconf

In ProConf before 6.1, an Insecure Direct Object Reference (IDOR) allows any author to view and grab all submitted papers (Title and Abstract) and their authors' personal information (Name, Email, Organization, and Position) by changing the value of Paper ID (the pid parameter).

4.0
2018-09-06 CVE-2018-14632 Redhat
Json Patch Project
Out-Of-Bounds Write vulnerability in multiple products

An out of bound write can occur when patching an Openshift object using the 'oc patch' functionality in OpenShift Container Platform before 3.7.

4.0
2018-09-05 CVE-2018-16437 Gxlcms Path Traversal vulnerability in Gxlcms 2.0

Gxlcms 2.0 before bug fix 20180915 has Directory Traversal exploitable by an administrator.

4.0
2018-09-05 CVE-2018-1353 Fortinet Information Exposure vulnerability in Fortinet Fortimanager

An information disclosure vulnerability in Fortinet FortiManager 6.0.1 and below versions allows a standard user with adom assignment read the interface settings of vdoms unrelated to the assigned adom.

4.0
2018-09-04 CVE-2018-10930 Redhat
Debian
Gluster
A flaw was found in RPC request using gfs3_rename_req in glusterfs server.
4.0
2018-09-04 CVE-2018-10914 Gluster
Redhat
Debian
Null Pointer Dereference vulnerability in multiple products

It was found that an attacker could issue a xattr request via glusterfs FUSE to cause gluster brick process to crash which will result in a remote denial of service.

4.0
2018-09-04 CVE-2018-10913 Gluster
Redhat
Debian
Information Exposure vulnerability in multiple products

An information disclosure vulnerability was discovered in glusterfs server.

4.0
2018-09-03 CVE-2018-16410 Vanillaforums SQL Injection vulnerability in Vanillaforums Vanilla 2.6.1

Vanilla before 2.6.1 allows SQL injection via an invitationID array to /profile/deleteInvitation, related to applications/dashboard/models/class.invitationmodel.php and applications/dashboard/controllers/class.profilecontroller.php.

4.0
2018-09-03 CVE-2018-16397 Limesurvey Unrestricted Upload of File With Dangerous Type vulnerability in Limesurvey

In LimeSurvey before 3.14.7, an admin user can leverage a "file upload" question to read an arbitrary file,

4.0
2018-09-03 CVE-2018-16373 Frog CMS Project Unrestricted Upload of File With Dangerous Type vulnerability in Frog CMS Project Frog CMS 0.9.5

Frog CMS 0.9.5 has an Upload vulnerability that can create files via /admin/?/plugin/file_manager/save.

4.0

21 Low Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2018-09-07 CVE-2018-16665 Contiki NG Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Contiki-Ng Contiki-Ng.

An issue was discovered in Contiki-NG through 4.1.

3.6
2018-09-07 CVE-2018-16658 Linux
Canonical
Debian
Information Exposure vulnerability in Linux Kernel

An issue was discovered in the Linux kernel before 4.18.6.

3.6
2018-09-09 CVE-2018-16736 Rcfilters Project Cross-Site Scripting vulnerability in Rcfilters Project Rcfilters 2.1.6

In the rcfilters plugin 2.1.6 for Roundcube, XSS exists via the _whatfilter and _messages parameters (in the Filters section of the settings).

3.5
2018-09-07 CVE-2018-9283 Cremecrm Cross-Site Scripting vulnerability in Cremecrm 1.6.12

An XSS issue was discovered in CremeCRM 1.6.12.

3.5
2018-09-07 CVE-2018-16363 Webdesi9 Cross-Site Scripting vulnerability in Webdesi9 File Manager 2.9

The mndpsingh287 File Manager plugin V2.9 for WordPress has XSS via the lang parameter in a wp-admin/admin.php?page=wp_file_manager request because set_transient is used in file_folder_manager.php and there is an echo of lang in lib\wpfilemanager.php.

3.5
2018-09-07 CVE-2018-14397 Cremecrm Cross-Site Scripting vulnerability in Cremecrm 1.6.12

An issue was discovered in Creme CRM 1.6.12.

3.5
2018-09-07 CVE-2018-14396 Cremecrm Cross-Site Scripting vulnerability in Cremecrm 1.6.12

An issue was discovered in Creme CRM 1.6.12.

3.5
2018-09-07 CVE-2017-1115 IBM Injection vulnerability in IBM Campaign 10.0/9.1/9.1.2

IBM Campaign 9.1, 9.1.2, and 10 is vulnerable to HTML injection.

3.5
2018-09-07 CVE-2017-1114 IBM Cross-Site Scripting vulnerability in IBM Campaign 10.0/9.1/9.1.2

IBM Campaign 9.1, 9.1.2, and 10 is vulnerable to cross-site scripting.

3.5
2018-09-07 CVE-2018-0657 EC Cube
GMO PG
Cross-Site Scripting vulnerability in multiple products

Cross-site scripting vulnerability in EC-CUBE Payment Module and GMO-PG Payment Module (PG Multi-Payment Service) for EC-CUBE (EC-CUBE Payment Module (2.12) version 3.5.23 and earlier, EC-CUBE Payment Module (2.11) version 2.3.17 and earlier, GMO-PG Payment Module (PG Multi-Payment Service) (2.12) version 3.5.23 and earlier, and GMO-PG Payment Module (PG Multi-Payment Service) (2.11) version 2.3.17 and earlier) allow an attacker with administrator rights to inject arbitrary web script or HTML via unspecified vectors.

3.5
2018-09-07 CVE-2018-0655 Weseek Cross-Site Scripting vulnerability in Weseek Growi

Cross-site scripting vulnerability in GROWI v.3.1.11 and earlier allows remote authenticated attackers to inject arbitrary web script or HTML via the app settings section of admin page.

3.5
2018-09-07 CVE-2018-0652 Weseek Cross-Site Scripting vulnerability in Weseek Growi

Cross-site scripting vulnerability in GROWI v.3.1.11 and earlier allows remote authenticated attackers to inject arbitrary web script or HTML via the UserGroup Management section of admin page.

3.5
2018-09-06 CVE-2018-16622 Html JS Cross-Site Scripting vulnerability in Html-Js Doracms 2.0.3

Multiple cross-site scripting (XSS) vulnerabilities in /api/content/addOne in DoraCMS v2.0.3 allow remote attackers to inject arbitrary web script or HTML via the (1) discription or (2) comments field, related to users/userAddContent.

3.5
2018-09-05 CVE-2018-16551 Lavalite Cross-Site Scripting vulnerability in Lavalite 5.5.0

LavaLite 5.5 has XSS via a /edit URI, as demonstrated by client/job/job/Zy8PWBekrJ/edit.

3.5
2018-09-05 CVE-2018-15917 Jorani Cross-Site Scripting vulnerability in Jorani 0.6.5

Persistent cross-site scripting (XSS) issues in Jorani 0.6.5 allow remote attackers to inject arbitrary web script or HTML via the language parameter to session/language.

3.5
2018-09-03 CVE-2018-16379 Digimute Cross-Site Scripting vulnerability in Digimute Ogma CMS 0.4

Ogma CMS 0.4 Beta has XSS via the "Footer Text footer" field on the "Theme/Theme Options" screen.

3.5
2018-09-03 CVE-2018-16374 Frog CMS Project Cross-Site Scripting vulnerability in Frog CMS Project Frog CMS 0.9.5

Frog CMS 0.9.5 has stored XSS via /admin/?/plugin/comment/settings.

3.5
2018-09-06 CVE-2018-15749 Pulsesecure USE of Externally-Controlled Format String vulnerability in Pulsesecure Pulse Secure Desktop Client

The Pulse Secure Desktop (macOS) 5.3RX before 5.3R5 and 9.0R1 has a Format String Vulnerability.

2.1
2018-09-05 CVE-2018-16252 Fspro XXE vulnerability in Fspro Event LOG Explorer 4.6.1.2115

FsPro Labs Event Log Explorer 4.6.1.2115 has ".elx" FileType XML External Entity Injection.

2.1
2018-09-04 CVE-2018-16427 Opensc Project Out-Of-Bounds Read vulnerability in Opensc Project Opensc

Various out of bounds reads when handling responses in OpenSC before 0.19.0-rc1 could be used by attackers able to supply crafted smartcards to potentially crash the opensc library using programs.

2.1
2018-09-04 CVE-2018-16426 Opensc Project Uncontrolled Recursion vulnerability in Opensc Project Opensc

Endless recursion when handling responses from an IAS-ECC card in iasecc_select_file in libopensc/card-iasecc.c in OpenSC before 0.19.0-rc1 could be used by attackers able to supply crafted smartcards to hang or crash the opensc library using programs.

2.1