Weekly Vulnerabilities Reports > September 17 to 23, 2018
Overview
301 new vulnerabilities reported during this period, including 24 critical vulnerabilities and 90 high severity vulnerabilities. This weekly summary report vulnerabilities in 351 products from 129 vendors including Google, Qualcomm, Canonical, Debian, and Foscam. Vulnerabilities are notably categorized as "Cross-site Scripting", "Improper Restriction of Operations within the Bounds of a Memory Buffer", "Out-of-bounds Write", "Out-of-bounds Read", and "Information Exposure".
- 206 reported vulnerabilities are remotely exploitables.
- 16 reported vulnerabilities have public exploit available.
- 82 reported vulnerabilities are related to weaknesses in OWASP Top Ten.
- 239 reported vulnerabilities are exploitable by an anonymous user.
- Google has the most reported vulnerabilities, with 54 reported vulnerabilities.
- Foscam has the most reported critical vulnerabilities, with 5 reported vulnerabilities.
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
EXPLOITABLE
EXPLOITABLE
AVAILABLE
ANONYMOUSLY
WEB APPLICATION
Vulnerability Details
The following table list reported vulnerabilities for the period covered by this report:
24 Critical Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2018-09-21 | CVE-2018-11241 | Softcase | Unspecified vulnerability in Softcase T-Router Firmware 20112017 An issue was discovered on SoftCase T-Router build 20112017 devices. | 10.0 |
2018-09-21 | CVE-2018-11240 | Softcase | Incorrect Permission Assignment for Critical Resource vulnerability in Softcase T-Router Firmware 20112017 An issue was discovered on SoftCase T-Router build 20112017 devices. | 10.0 |
2018-09-20 | CVE-2018-11287 | Qualcomm | Improper Input Validation vulnerability in Qualcomm products In Snapdragon (Automobile, Mobile, Wear) in version MDM9206, MDM9607, MDM9650, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 450, SD 625, SD 650/52, SD 820, SD 820A, SD 835, SD 845, SD 850, SDA660, SDM429, SDM439, SDM630, SDM632, SDM636, SDM660, SDM710, Snapdragon_High_Med_2016, incorrect control flow implementation in Video while checking buffer sufficiency. | 10.0 |
2018-09-20 | CVE-2017-18314 | Qualcomm | Unspecified vulnerability in Qualcomm products In Snapdragon (Automobile, Mobile, Wear) in version MDM9206, MDM9607, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 810, SD 820, SD 820A, SD 835, SDA660, SDM429, SDM439, SDM630, SDM632, SDM636, SDM660, Snapdragon_High_Med_2016, on TZ cold boot the CNOC_QDSS RG0 locked by xBL_SEC is cleared by TZ. | 10.0 |
2018-09-19 | CVE-2018-1149 | Nuuo | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Nuuo Nvrmini2 Firmware cgi_system in NUUO's NVRMini2 3.8.0 and below allows remote attackers to execute arbitrary code via crafted HTTP requests. | 10.0 |
2018-09-18 | CVE-2018-16957 | Oracle | Use of Hard-coded Credentials vulnerability in Oracle Webcenter Interaction 10.3.3 The Oracle WebCenter Interaction 10.3.3 search service queryd.exe binary is compiled with the i1g2s3c4 hardcoded password. | 10.0 |
2018-09-21 | CVE-2018-3877 | Samsung | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Samsung Sth-Eth-250 Firmware 0.20.17 An exploitable buffer overflow vulnerability exists in the credentials handler of video-core's HTTP server of Samsung SmartThings Hub STH-ETH-250-Firmware version 0.20.17. | 9.9 |
2018-09-21 | CVE-2018-3874 | Samsung | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Samsung Sth-Eth-250 Firmware 0.20.17 An exploitable buffer overflow vulnerability exists in the credentials handler of video-core's HTTP server of Samsung SmartThings Hub STH-ETH-250-Firmware version 0.20.17. | 9.9 |
2018-09-21 | CVE-2018-3873 | Samsung | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Samsung Sth-Eth-250 Firmware 0.20.17 An exploitable buffer overflow vulnerability exists in the credentials handler of video-core's HTTP server of Samsung SmartThings Hub STH-ETH-250-Firmware version 0.20.17. | 9.9 |
2018-09-21 | CVE-2018-17141 | Debian Hylafax | Out-of-bounds Write vulnerability in multiple products HylaFAX 6.0.6 and HylaFAX+ 5.6.0 allow remote attackers to execute arbitrary code via a dial-in session that provides a FAX page with the JPEG bit enabled, which is mishandled in FaxModem::writeECMData() in the faxd/CopyQuality.c++ file. | 9.8 |
2018-09-21 | CVE-2013-4451 | Gitolite | Permissions, Privileges, and Access Controls vulnerability in Gitolite gitolite commit fa06a34 through 3.5.3 might allow attackers to have unspecified impact via vectors involving world-writable permissions when creating (1) ~/.gitolite.rc, (2) ~/.gitolite, or (3) ~/repositories/gitolite-admin.git on fresh installs. | 9.8 |
2018-09-21 | CVE-2018-14643 | Theforeman | DEPRECATED: Authentication Bypass Issues vulnerability in Theforeman Foreman An authentication bypass flaw was found in the smart_proxy_dynflow component used by Foreman. | 9.8 |
2018-09-18 | CVE-2018-1000802 | Python Debian Canonical Opensuse | Command Injection vulnerability in multiple products Python Software Foundation Python (CPython) version 2.7 contains a CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability in shutil module (make_archive function) that can result in Denial of service, Information gain via injection of arbitrary files on the system or entire drive. | 9.8 |
2018-09-18 | CVE-2018-17153 | Western Digital | Improper Authentication vulnerability in Western Digital products It was discovered that the Western Digital My Cloud device before 2.30.196 is affected by an authentication bypass vulnerability. | 9.8 |
2018-09-17 | CVE-2018-11780 | Apache Pdfinfo Project Debian Canonical | Code Injection vulnerability in multiple products A potential Remote Code Execution bug exists with the PDFInfo plugin in Apache SpamAssassin before 3.4.2. | 9.8 |
2018-09-20 | CVE-2018-11285 | Qualcomm | Out-of-bounds Read vulnerability in Qualcomm products In Snapdragon (Automobile, Mobile, Wear) in version MDM9206, MDM9607, MDM9650, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 450, SD 615/16/SD 415, SD 625, SD 650/52, SD 810, SD 820, SD 820A, SD 835, SD 845, SDA660, SDM429, SDM439, SDM630, SDM632, SDM636, SDM660, SDM710, SDX20, Snapdragon_High_Med_2016, while parsing FLAC file with corrupted picture block, a buffer over-read can occur. | 9.3 |
2018-09-19 | CVE-2018-17208 | Linksys | OS Command Injection vulnerability in Linksys Velop Firmware 1.1.2.187020 Linksys Velop 1.1.2.187020 devices allow unauthenticated command injection, providing an attacker with full root access, via cgi-bin/zbtest.cgi or cgi-bin/zbtest2.cgi (scripts that can be discovered with binwalk on the firmware, but are not visible in the web interface). | 9.3 |
2018-09-19 | CVE-2017-2855 | Foscam | Classic Buffer Overflow vulnerability in Foscam C1 Firmware 2.52.2.43 An exploitable buffer overflow vulnerability exists in the DDNS client used by the Foscam C1 Indoor HD Camera running application firmware 2.52.2.43. | 9.3 |
2018-09-17 | CVE-2017-2857 | Foscam | Classic Buffer Overflow vulnerability in Foscam C1 Firmware 2.52.2.43 An exploitable buffer overflow vulnerability exists in the DDNS client used by the Foscam C1 Indoor HD Camera running application firmware 2.52.2.43. | 9.3 |
2018-09-17 | CVE-2017-2856 | Foscam | Classic Buffer Overflow vulnerability in Foscam C1 Firmware 2.52.2.43 An exploitable buffer overflow vulnerability exists in the DDNS client used by the Foscam C1 Indoor HD Camera running application firmware 2.52.2.43. | 9.3 |
2018-09-17 | CVE-2017-2854 | Foscam | Classic Buffer Overflow vulnerability in Foscam C1 Firmware 2.52.2.43 An exploitable buffer overflow vulnerability exists in the DDNS client used by the Foscam C1 Indoor HD Camera running application firmware 2.52.2.43. | 9.3 |
2018-09-20 | CVE-2018-16752 | Linknet USA | Insecure Default Initialization of Resource vulnerability in Linknet-Usa Lw-N605R Firmware 12.20.2.1486 LINK-NET LW-N605R devices with firmware 12.20.2.1486 allow Remote Code Execution via shell metacharacters in the HOST field of the ping feature at adm/systools.asp. | 9.0 |
2018-09-20 | CVE-2018-16282 | Moxa | OS Command Injection vulnerability in Moxa Edr-810 Firmware 4.2 A command injection vulnerability in the web server functionality of Moxa EDR-810 V4.2 build 18041013 allows remote attackers to execute arbitrary OS commands with root privilege via the caname parameter to the /xml/net_WebCADELETEGetValue URI. | 9.0 |
2018-09-17 | CVE-2017-2872 | Foscam | Improper Authentication vulnerability in Foscam C1 Firmware 2.52.2.43 Insufficient security checks exist in the recovery procedure used by the Foscam C1 Indoor HD Camera running application firmware 2.52.2.43. | 9.0 |
90 High Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2018-09-23 | CVE-2018-17403 | Phonepe | Unspecified vulnerability in Phonepe 3.0.6/3.3.26 The PhonePe wallet (aka com.PhonePe.app) application 3.0.6 through 3.3.26 for Android might allow attackers to impersonate a user and set up their account without their knowledge. | 8.8 |
2018-09-23 | CVE-2018-17401 | Phonepe | Weak Password Recovery Mechanism for Forgotten Password vulnerability in Phonepe 3.0.6/3.3.26 The PhonePe wallet (aka com.PhonePe.app) application 3.0.6 through 3.3.26 for Android might allow attackers to perform Account Takeover attacks by exploiting its Forgot Password feature. | 8.8 |
2018-09-21 | CVE-2018-3894 | Samsung | Classic Buffer Overflow vulnerability in Samsung Sth-Eth-250 Firmware 0.20.17 An exploitable buffer overflow vulnerability exists in the /cameras/XXXX/clips handler of video-core's HTTP server of Samsung SmartThings Hub STH-ETH-250-Firmware version 0.20.17. | 8.8 |
2018-09-21 | CVE-2018-3876 | Samsung | Classic Buffer Overflow vulnerability in Samsung Sth-Eth-250 Firmware 0.20.17 An exploitable buffer overflow vulnerability exists in the credentials handler of video-core's HTTP server of Samsung SmartThings Hub STH-ETH-250-Firmware version 0.20.17. | 8.8 |
2018-09-20 | CVE-2018-6504 | Microfocus | Cross-Site Request Forgery (CSRF) vulnerability in Microfocus Arcsight Management Center A potential Cross-Site Request Forgery (CSRF) vulnerability has been identified in ArcSight Management Center (ArcMC) in all versions prior to 2.81. | 8.8 |
2018-09-20 | CVE-2018-3865 | Samsung | Classic Buffer Overflow vulnerability in Samsung Sth-Eth-250 Firmware 0.20.17 An exploitable buffer overflow vulnerability exists in the Samsung WifiScan handler of video-core's HTTP server of Samsung SmartThings Hub STH-ETH-250 - Firmware version 0.20.17. | 8.8 |
2018-09-20 | CVE-2018-3864 | Samsung | Classic Buffer Overflow vulnerability in Samsung Sth-Eth-250 Firmware 0.20.17 An exploitable buffer overflow vulnerability exists in the Samsung WifiScan handler of video-core's HTTP server of Samsung SmartThings Hub STH-ETH-250 - Firmware version 0.20.17. | 8.8 |
2018-09-18 | CVE-2018-16515 | Matrix Debian | Improper Verification of Cryptographic Signature vulnerability in multiple products Matrix Synapse before 0.33.3.1 allows remote attackers to spoof events and possibly have unspecified other impacts by leveraging improper transaction and event signature validation. | 8.8 |
2018-09-18 | CVE-2018-11786 | Apache | Improper Privilege Management vulnerability in Apache Karaf In Apache Karaf prior to 4.2.0 release, if the sshd service in Karaf is left on so an administrator can manage the running instance, any user with rights to the Karaf console can pivot and read/write any file on the file system to which the Karaf process user has access. | 8.8 |
2018-09-17 | CVE-2016-9045 | Processmaker | Deserialization of Untrusted Data vulnerability in Processmaker 3.0.1.7 A code execution vulnerability exists in ProcessMaker Enterprise Core 3.0.1.7-community. | 8.8 |
2018-09-20 | CVE-2018-11982 | Qualcomm | Double Free vulnerability in Qualcomm products In Snapdragon (Mobile, Wear) in version MDM9206, MDM9607, MDM9635M, MDM9640, MDM9645, MDM9655, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 810, SD 820, SD 835, Snapdragon_High_Med_2016, a double free of ASN1 heap memory used for EUTRA CAP container occurs during UTRAN to LTE Capability inquiry procedure. | 8.3 |
2018-09-19 | CVE-2018-11891 | Improper Validation of Array Index vulnerability in Google Android In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, lack of check on the length of array while accessing can lead to an out of bound read in WLAN HOST function. | 8.3 | |
2018-09-21 | CVE-2018-3915 | Samsung | Out-of-bounds Write vulnerability in Samsung Sth-Eth-250 Firmware 0.20.17 An exploitable stack-based buffer overflow vulnerability exists in the retrieval of database fields in the video-core HTTP server of the Samsung SmartThings Hub STH-ETH-250 - Firmware version 0.20.17. | 8.2 |
2018-09-21 | CVE-2018-3906 | Samsung | Out-of-bounds Write vulnerability in Samsung Sth-Eth-250 Firmware 0.20.17 An exploitable stack-based buffer overflow vulnerability exists in the retrieval of a database field in video-core's HTTP server of Samsung SmartThings Hub. | 8.2 |
2018-09-18 | CVE-2018-11787 | Apache | Improper Authentication vulnerability in Apache Karaf In Apache Karaf version prior to 3.0.9, 4.0.9, 4.1.1, when the webconsole feature is installed in Karaf, it is available at .../system/console and requires authentication to access it. | 8.1 |
2018-09-21 | CVE-2018-3914 | Samsung | Out-of-bounds Write vulnerability in Samsung Sth-Eth-250 Firmware 0.20.17 An exploitable stack-based buffer overflow vulnerability exists in the retrieval of database fields in the video-core HTTP server of the Samsung SmartThings Hub STH-ETH-250 - Firmware version 0.20.17. | 7.8 |
2018-09-20 | CVE-2018-14796 | Tec4Data | Missing Authentication for Critical Function vulnerability in Tec4Data Smartcooler Firmware Tec4Data SmartCooler, all versions prior to firmware 180806, the device responds to a remote unauthenticated reboot command that may be used to perform a denial of service attack. | 7.8 |
2018-09-19 | CVE-2018-17183 | Debian Canonical Artifex Redhat | Artifex Ghostscript before 9.25 allowed a user-writable error exception table, which could be used by remote attackers able to supply crafted PostScript to potentially overwrite or replace error handlers to inject code. | 7.8 |
2018-09-19 | CVE-2018-17182 | Linux Canonical Debian Netapp | Use After Free vulnerability in multiple products An issue was discovered in the Linux kernel through 4.18.8. | 7.8 |
2018-09-18 | CVE-2017-3912 | Mcafee | Improper Authentication vulnerability in Mcafee Application and Change Control 6.2.0/7.0.1 Bypassing password security vulnerability in McAfee Application and Change Control (MACC) 7.0.1 and 6.2.0 allows authenticated users to perform arbitrary command execution via a command-line utility. | 7.8 |
2018-09-17 | CVE-2018-11781 | Apache Redhat Debian Canonical | Code Injection vulnerability in multiple products Apache SpamAssassin 3.4.2 fixes a local user code injection in the meta rule syntax. | 7.8 |
2018-09-17 | CVE-2018-17127 | Asus | NULL Pointer Dereference vulnerability in Asus Gt-Ac5300 Firmware 3.0.0.4.384.21140/3.0.0.4.384.32738 blocking_request.cgi on ASUS GT-AC5300 devices through 3.0.0.4.384_32738 allows remote attackers to cause a denial of service (NULL pointer dereference and device crash) via a request that lacks a timestap parameter. | 7.8 |
2018-09-22 | CVE-2018-17334 | Libsvg2 Project | Out-of-bounds Write vulnerability in Libsvg2 Project Libsvg2 An issue was discovered in libsvg2 through 2012-10-19. | 7.5 |
2018-09-22 | CVE-2018-17333 | Libsvg2 Project | Out-of-bounds Write vulnerability in Libsvg2 Project Libsvg2 An issue was discovered in libsvg2 through 2012-10-19. | 7.5 |
2018-09-21 | CVE-2018-17317 | Fruitywifi Project | OS Command Injection vulnerability in Fruitywifi Project Fruitywifi 2.1 FruityWifi (aka PatatasFritas/PatataWifi) 2.1 allows remote attackers to execute arbitrary commands via shell metacharacters in the io_mode, ap_mode, io_action, io_in_iface, io_in_set, io_in_ip, io_in_mask, io_in_gw, io_out_iface, io_out_set, io_out_mask, io_out_gw, iface, or domain parameter to /www/script/config_iface.php, or the newSSID, hostapd_secure, hostapd_wpa_passphrase, or supplicant_ssid parameter to /www/page_config.php. | 7.5 |
2018-09-21 | CVE-2018-17174 | Nmealib Project | Out-of-bounds Write vulnerability in Nmealib Project Nmealib 0.5.3 A stack-based buffer overflow was discovered in the xtimor NMEA library (aka nmealib) 0.5.3. | 7.5 |
2018-09-21 | CVE-2018-17173 | LG | Code Injection vulnerability in LG Supersign CMS 2.5 LG SuperSign CMS allows remote attackers to execute arbitrary code via the sourceUri parameter to qsr_server/device/getThumbnail. | 7.5 |
2018-09-21 | CVE-2018-16822 | Seacms | SQL Injection vulnerability in Seacms 6.64 SeaCMS 6.64 allows SQL Injection via the upload/admin/admin_video.php order parameter. | 7.5 |
2018-09-21 | CVE-2018-16281 | Deiser | Unspecified vulnerability in Deiser Profields-Project Custom Fields The DEISER "Profields - Project Custom Fields" app before 6.0.2 for Jira has Incorrect Access Control. | 7.5 |
2018-09-21 | CVE-2018-14645 | Haproxy Canonical Redhat | Out-of-bounds Read vulnerability in multiple products A flaw was discovered in the HPACK decoder of HAProxy, before 1.8.14, that is used for HTTP/2. | 7.5 |
2018-09-20 | CVE-2018-14592 | Cwjoomla | SQL Injection vulnerability in Cwjoomla products The CWJoomla CW Article Attachments PRO extension before 2.0.7 and CW Article Attachments FREE extension before 1.0.6 for Joomla! allow SQL Injection within download.php. | 7.5 |
2018-09-20 | CVE-2018-6505 | HP | Unspecified vulnerability in HP Arcsight Management Center 2.0/2.9.1 A potential Unauthenticated File Download vulnerability has been identified in ArcSight Management Center (ArcMC) in all versions prior to 2.81. | 7.5 |
2018-09-20 | CVE-2018-14829 | Rockwellautomation | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Rockwellautomation Rslinx Rockwell Automation RSLinx Classic Versions 4.00.01 and prior. | 7.5 |
2018-09-20 | CVE-2018-6500 | HP | Path Traversal vulnerability in HP Arcsight Management Center 2.0/2.9.1 A potential Directory Traversal Security vulnerability has been identified in ArcSight Management Center (ArcMC) in all versions prior to 2.81. | 7.5 |
2018-09-20 | CVE-2018-17254 | Arkextensions | SQL Injection vulnerability in Arkextensions JCK Editor 6.4.4 The JCK Editor component 6.4.4 for Joomla! allows SQL Injection via the jtreelink/dialogs/links.php parent parameter. | 7.5 |
2018-09-20 | CVE-2018-17243 | Zohocorp | SQL Injection vulnerability in Zohocorp Manageengine Opmanager 11.4/11.5/12.2 Global Search in Zoho ManageEngine OpManager before 12.3 123205 allows SQL Injection. | 7.5 |
2018-09-20 | CVE-2018-17232 | Slack Archivebot Project | SQL Injection vulnerability in Slack Archivebot Project Slack Archivebot SQL injection vulnerability in archivebot.py in docmarionum1 Slack ArchiveBot (aka slack-archive-bot) before 2018-09-19 allows remote attackers to execute arbitrary SQL commands via the text parameter to cursor.execute(). | 7.5 |
2018-09-19 | CVE-2018-17231 | Telegram | Reachable Assertion vulnerability in Telegram Desktop 1.3.14 Telegram Desktop (aka tdesktop) 1.3.14 might allow attackers to cause a denial of service (assertion failure and application exit) via an "Edit color palette" search that triggers an "index out of range" condition. | 7.5 |
2018-09-19 | CVE-2018-17228 | Nmap4J Project | OS Command Injection vulnerability in Nmap4J Project Nmap4J 1.1.0 nmap4j 1.1.0 allows attackers to execute arbitrary commands via shell metacharacters in an includeHosts call. | 7.5 |
2018-09-19 | CVE-2017-2877 | Foscam | Improper Handling of Exceptional Conditions vulnerability in Foscam C1 Firmware 2.52.2.43 A missing error check exists in the Multi-Camera interface used by the Foscam C1 Indoor HD Camera running application firmware 2.52.2.43. | 7.5 |
2018-09-19 | CVE-2018-17207 | Snapcreek | Code Injection vulnerability in Snapcreek Duplicator An issue was discovered in Snap Creek Duplicator before 1.2.42. | 7.5 |
2018-09-19 | CVE-2018-12242 | Symantec | Improper Authentication vulnerability in Symantec Messaging Gateway The Symantec Messaging Gateway product prior to 10.6.6 may be susceptible to an authentication bypass exploit, which is a type of issue that can allow attackers to potentially circumvent security mechanisms currently in place and gain access to the system or network. | 7.5 |
2018-09-19 | CVE-2018-1150 | Nuuo | Unspecified vulnerability in Nuuo Nvrmini2 Firmware NUUO's NVRMini2 3.8.0 and below contains a backdoor that would allow an unauthenticated remote attacker to take over user accounts if the file /tmp/moses exists. | 7.5 |
2018-09-19 | CVE-2018-11761 | Apache Oracle | XXE vulnerability in multiple products In Apache Tika 0.1 to 1.18, the XML parsers were not configured to limit entity expansion. | 7.5 |
2018-09-19 | CVE-2018-17144 | Bitcoinknots Bitcoin | Bitcoin Core 0.14.x before 0.14.3, 0.15.x before 0.15.2, and 0.16.x before 0.16.3 and Bitcoin Knots 0.14.x through 0.16.x before 0.16.3 allow a remote denial of service (application crash) exploitable by miners via duplicate input. | 7.5 |
2018-09-18 | CVE-2018-17111 | Coinlancer | Unspecified vulnerability in Coinlancer The onlyOwner modifier of a smart contract implementation for Coinlancer (CL), an Ethereum ERC20 token, has a potential access control vulnerability. | 7.5 |
2018-09-17 | CVE-2018-17143 | Golang Fedoraproject | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products The html package (aka x/net/html) through 2018-09-17 in Go mishandles <template><tBody><isindex/action=0>, leading to a "panic: runtime error" in inBodyIM in parse.go during an html.Parse call. | 7.5 |
2018-09-17 | CVE-2018-17142 | Golang Fedoraproject | NULL Pointer Dereference vulnerability in multiple products The html package (aka x/net/html) through 2018-09-17 in Go mishandles <math><template><mo><template>, leading to a "panic: runtime error" in parseCurrentToken in parse.go during an html.Parse call. | 7.5 |
2018-09-17 | CVE-2018-17137 | Prezi | Unspecified vulnerability in Prezi Next 1.3.101.11 Prezi Next 1.3.101.11 has a documented purpose of creating HTML5 presentations but has SE_DEBUG_PRIVILEGE on Windows, which might allow attackers to bypass intended access restrictions. | 7.5 |
2018-09-17 | CVE-2018-17136 | Zzcms | SQL Injection vulnerability in Zzcms 8.3 zzcms 8.3 contains a SQL Injection vulnerability in /user/check.php via a Client-Ip HTTP header. | 7.5 |
2018-09-17 | CVE-2018-17126 | Chshcms | Code Injection vulnerability in Chshcms Cscms 4.1 CScms 4.1 allows remote code execution, as demonstrated by 1');eval($_POST[cmd]);# in Web Name to upload\plugins\sys\Install.php. | 7.5 |
2018-09-17 | CVE-2018-17110 | Tecdiary | SQL Injection vulnerability in Tecdiary Simple POS 4.0.24 Simple POS 4.0.24 allows SQL Injection via a products/get_products/ columns[0][search][value] parameter in the management panel, as demonstrated by products/get_products/1. | 7.5 |
2018-09-20 | CVE-2018-11292 | Qualcomm | Integer Overflow or Wraparound vulnerability in Qualcomm products In Snapdragon (Automobile, Mobile, Wear) in version MDM9206, MDM9607, MDM9640, MDM9650, MSM8909W, MSM8996AU, QCA6574AU, QCA6584, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 450, SD 615/16/SD 415, SD 625, SD 650/52, SD 820A, SDM429, SDM439, SDM630, SDM632, SDM636, SDM660, Snapdragon_High_Med_2016, lack of input validation in WLANWMI command handlers can lead to integer & heap overflows. | 7.2 |
2018-09-20 | CVE-2018-11269 | Qualcomm | Improper Validation of Array Index vulnerability in Qualcomm products In Snapdragon (Automobile, Mobile, Wear) in version MDM9206, MDM9607, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 450, SD 625, SD 650/52, SD 810, SD 820, SD 820A, SD 835, SD 845, SD 850, SDA660, SDM429, SDM439, SDM630, SDM632, SDM636, SDM660, SDM710, SDX20, Snapdragon_High_Med_2016, a potential buffer overflow exists when parsing TFTP options. | 7.2 |
2018-09-20 | CVE-2018-11268 | Qualcomm | Improper Validation of Array Index vulnerability in Qualcomm products In Snapdragon (Automobile, Mobile, Wear) in version MDM9206, MDM9607, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 450, SD 625, SD 650/52, SD 810, SD 820, SD 820A, SD 835, SD 845, SD 850, SDA660, SDM429, SDM439, SDM630, SDM632, SDM636, SDM660, SDM710, SDX20, Snapdragon_High_Med_2016, a potential buffer overflow exists when parsing TFTP options. | 7.2 |
2018-09-20 | CVE-2018-11267 | Qualcomm | Improper Validation of Array Index vulnerability in Qualcomm products In Snapdragon (Automobile, Mobile, Wear) in version MDM9206, MDM9607, MDM9615, MDM9640, MDM9650, MDM9655, MSM8996AU, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 450, SD 600, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 820, SD 820A, SD 835, SD 845, SD 850, SDA660, SDM429, SDM439, SDM630, SDM632, SDM636, SDM660, SDX20, Snapdragon_High_Med_2016, when sending an malformed XML data to deviceprogrammer/firehose it may do an out of bounds buffer write allowing a region of memory to be filled with 0x20. | 7.2 |
2018-09-20 | CVE-2017-18280 | Qualcomm | Unspecified vulnerability in Qualcomm products In Snapdragon (Automobile, Mobile, Wear) in version MDM9607, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 450, SD 617, SD 625, SD 650/52, SD 820, SD 820A, SD 835, SDM429, SDM439, SDM632, Snapdragon_High_Med_2016, when a Trusted Application has opened the SPI/I2C interface to a particular device, it is possible for another Trusted Application to read the data on this open interface by calling the SPI/I2C read function. | 7.2 |
2018-09-19 | CVE-2018-11904 | NULL Pointer Dereference vulnerability in Google Android In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, asynchronous callbacks received a pointer to a callers local variable. | 7.2 | |
2018-09-19 | CVE-2018-11903 | Improper Validation of Array Index vulnerability in Google Android In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, lack of length validation check for value received from caller function used as an array index for WMA interfaces can lead to OOB write in WLAN HOST. | 7.2 | |
2018-09-19 | CVE-2018-11902 | Improper Validation of Array Index vulnerability in Google Android In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, lack of length validation check for value received from firmware can lead to OOB access in WLAN HOST. | 7.2 | |
2018-09-19 | CVE-2018-11898 | Out-of-bounds Read vulnerability in Google Android In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, while processing start bss request from upper layer, out of bounds read occurs if ssid length is greater than maximum. | 7.2 | |
2018-09-19 | CVE-2018-11897 | Out-of-bounds Read vulnerability in Google Android In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, while processing diag event after associating to a network out of bounds read occurs if ssid of the network joined is greater than max limit. | 7.2 | |
2018-09-19 | CVE-2018-11895 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, improper length check Validation in WLAN function can lead to driver writes the default rsn capabilities to the memory not allocated to the frame. | 7.2 | |
2018-09-19 | CVE-2018-11894 | Integer Overflow or Wraparound vulnerability in Google Android In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, while processing preferred network offload scan results integer overflow may lead to buffer overflow when large frame length is received from FW. | 7.2 | |
2018-09-19 | CVE-2018-11889 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, when requesting rssi timeout, access invalid memory may occur since local variable 'context' stack data of wlan function is free. | 7.2 | |
2018-09-19 | CVE-2018-11886 | Integer Overflow or Wraparound vulnerability in Google Android In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, lack of check while calculating the MPDU data length will cause an integer overflow and then to buffer overflow in WLAN function. | 7.2 | |
2018-09-19 | CVE-2018-11883 | Improper Validation of Array Index vulnerability in Google Android In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, in policy mgr unit test if mode parameter in wlan function is given an out of bound value it can cause an out of bound access while accessing the PCL table. | 7.2 | |
2018-09-19 | CVE-2018-11878 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, possibility of invalid memory access while processing driver command in WLAN function. | 7.2 | |
2018-09-18 | CVE-2018-11869 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, lack of length validation check for value received from firmware can lead to buffer overflow in WMA handler. | 7.2 | |
2018-09-18 | CVE-2018-11868 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, lack of length validation check for value received from firmware can lead to buffer overflow in nan response event handler. | 7.2 | |
2018-09-18 | CVE-2018-11863 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, lack of check of input received from firmware to calculate the length of WMA roam synch buffer can lead to buffer overwrite during memcpy. | 7.2 | |
2018-09-18 | CVE-2018-11860 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, a potential buffer over flow could occur while processing the ndp event due to lack of check on the message length. | 7.2 | |
2018-09-18 | CVE-2018-11852 | Out-of-bounds Write vulnerability in Google Android In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, improper check In the WMA API for the inputs received from the firmware and then fills the same to the host structure will lead to OOB write. | 7.2 | |
2018-09-18 | CVE-2018-11851 | Out-of-bounds Write vulnerability in Google Android In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, lack of check on input received to calculate the buffer length can lead to out of bound write to kernel stack. | 7.2 | |
2018-09-18 | CVE-2018-11843 | Use After Free vulnerability in Google Android In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, lack fo check on return value in WMA response handler can lead to potential use after free. | 7.2 | |
2018-09-18 | CVE-2018-11842 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, during wlan association, driver allocates memory. | 7.2 | |
2018-09-18 | CVE-2018-11840 | Double Free vulnerability in Google Android In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, while processing the WLAN driver command ioctl a temporary buffer used to construct the reply message may be freed twice. | 7.2 | |
2018-09-18 | CVE-2018-11836 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, improper length check can lead to out-of-bounds access in WLAN function. | 7.2 | |
2018-09-18 | CVE-2018-11827 | Improper Validation of Array Index vulnerability in Google Android In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, improper validation of array index in WMA roam synchronization handler can lead to OOB write. | 7.2 | |
2018-09-18 | CVE-2018-11826 | Integer Overflow or Wraparound vulnerability in Google Android In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, lack of check on integer overflow while calculating memory can lead to Buffer overflow in WLAN ext scan handler. | 7.2 | |
2018-09-18 | CVE-2018-11299 | Improper Validation of Array Index vulnerability in Google Android In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, when WLAN FW has not filled the vdev id correctly in stats events then WLAN host driver tries to access interface array without proper bound check which can lead to invalid memory access and as a side effect kernel panic or page fault. | 7.2 | |
2018-09-18 | CVE-2018-11297 | Out-of-bounds Read vulnerability in Google Android In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, a buffer over-read can occur In the WMA NDP event handler functions due to lack of validation of input value event_info which is received from FW. | 7.2 | |
2018-09-18 | CVE-2018-11296 | Out-of-bounds Write vulnerability in Google Android In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, while processing a message from firmware in WLAN handler, a buffer overwrite can occur. | 7.2 | |
2018-09-18 | CVE-2018-11295 | Out-of-bounds Write vulnerability in Google Android In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, WMA handler carries a fixed event data from the firmware to the host . | 7.2 | |
2018-09-18 | CVE-2018-11281 | Use After Free vulnerability in Google Android In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, while calling IPA_IOC_MDFY_RT_RULE IPA IOCTL, header entry is not checked before use. | 7.2 | |
2018-09-18 | CVE-2018-11274 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, buffer overflow may occur when payload size is extremely large. | 7.2 | |
2018-09-18 | CVE-2017-15818 | Integer Overflow or Wraparound vulnerability in Google Android In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, while loading a user application in qseecom, an integer overflow could potentially occur if the application partition size is rounded up to page_size. | 7.2 | |
2018-09-18 | CVE-2018-6690 | Mcafee | Origin Validation Error vulnerability in Mcafee Application Change Control Accessing, modifying, or executing executable files vulnerability in Microsoft Windows client in McAfee Application and Change Control (MACC) 8.0.0 Hotfix 4 and earlier allows authenticated users to execute arbitrary code via file transfer from external system. | 7.1 |
2018-09-18 | CVE-2018-14641 | Linux | Improper Input Validation vulnerability in Linux Kernel 4.19 A security flaw was found in the ip_frag_reasm() function in net/ipv4/ip_fragment.c in the Linux kernel from 4.19-rc1 to 4.19-rc3 inclusive, which can cause a later system crash in ip_do_fragment(). | 7.1 |
2018-09-23 | CVE-2018-17400 | Phonepe | Unspecified vulnerability in Phonepe 3.0.6/3.3.26 The PhonePe wallet (aka com.PhonePe.app) application 3.0.6 through 3.3.26 for Android might allow attackers to perform Account Takeover attacks by intercepting the user name and PIN during the initial configuration of the application. | 7.0 |
165 Medium Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2018-09-23 | CVE-2018-17407 | TUG Canonical Debian | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products An issue was discovered in t1_check_unusual_charstring functions in writet1.c files in TeX Live before 2018-09-21. | 6.8 |
2018-09-23 | CVE-2018-17366 | Mcms Project | Cross-Site Request Forgery (CSRF) vulnerability in Mcms Project Mcms 4.6.5 An issue was discovered in MCMS 4.6.5. | 6.8 |
2018-09-23 | CVE-2018-17364 | Otcms | Race Condition vulnerability in Otcms 3.61 OTCMS 3.61 allows remote attackers to execute arbitrary PHP code via the accBackupDir parameter. | 6.8 |
2018-09-23 | CVE-2018-17341 | Bigtreecms Microsoft | Improper Authentication vulnerability in Bigtreecms Bigtree CMS 4.2.23 BigTree 4.2.23 on Windows, when Advanced or Simple Rewrite routing is enabled, allows remote attackers to bypass authentication via a ..\ substring, as demonstrated by a launch.php?bigtree_htaccess_url=admin/images/..\ URI. | 6.8 |
2018-09-23 | CVE-2018-17338 | Pdfalto Project | Out-of-bounds Write vulnerability in Pdfalto Project Pdfalto 0.2 An issue has been found in pdfalto through 0.2. | 6.8 |
2018-09-21 | CVE-2018-15612 | Avaya | Cross-Site Request Forgery (CSRF) vulnerability in Avaya Orchestration Designer 7.1 A CSRF vulnerability in the Runtime Config component of Avaya Aura Orchestration Designer could allow an attacker to add, change, or remove administrative settings. | 6.8 |
2018-09-21 | CVE-2018-17293 | Webassembly Virtual Machine Project | NULL Pointer Dereference vulnerability in Webassembly Virtual Machine Project Webassembly Virtual Machine An issue was discovered in WAVM before 2018-09-16. | 6.8 |
2018-09-20 | CVE-2018-15832 | Ubisoft | Improper Input Validation vulnerability in Ubisoft Uplay 63.0.5699.0 upc.exe in Ubisoft Uplay Desktop Client versions 63.0.5699.0 allows remote attackers to execute arbitrary code. | 6.8 |
2018-09-19 | CVE-2018-14792 | WE CON | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in We-Con PLC Editor 1.3.3U WECON PLC Editor version 1.3.3U may allow an attacker to execute code under the current process when processing project files. | 6.8 |
2018-09-18 | CVE-2018-16952 | Oracle | Cross-Site Request Forgery (CSRF) vulnerability in Oracle Webcenter Interaction 10.3.3 The Oracle WebCenter Interaction Portal 10.3.3 does not implement protection against Cross-site Request Forgery in its design. | 6.8 |
2018-09-17 | CVE-2017-2777 | Iceni | Integer Overflow or Wraparound vulnerability in Iceni Argus 6.6.05 An exploitable heap overflow vulnerability exists in the ipStringCreate function of Iceni Argus Version 6.6.05. | 6.8 |
2018-09-21 | CVE-2018-3913 | Samsung | Out-of-bounds Write vulnerability in Samsung Sth-Eth-250 Firmware 0.20.17 An exploitable stack-based buffer overflow vulnerability exists in the retrieval of database fields in the video-core HTTP server of the Samsung SmartThings Hub STH-ETH-250 - Firmware version 0.20.17. | 6.7 |
2018-09-18 | CVE-2018-11278 | Out-of-bounds Read vulnerability in Google Android In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, Venus HW searches for start code when decoding input bit stream buffers. | 6.6 | |
2018-09-21 | CVE-2018-16784 | Dedecms | XML Injection (aka Blind XPath Injection) vulnerability in Dedecms 5.7 DedeCMS 5.7 SP2 allows XML injection, and resultant remote code execution, via a "<file type='file' name='../" substring. | 6.5 |
2018-09-20 | CVE-2018-6503 | HP | Unspecified vulnerability in HP Arcsight Management Center 2.0/2.9.1 A potential Access Control vulnerability has been identified in ArcSight Management Center (ArcMC) in all versions prior to 2.81. | 6.5 |
2018-09-20 | CVE-2018-6501 | HP | Unspecified vulnerability in HP Arcsight Management Center 2.0/2.9.1 Potential security vulnerability of Insufficient Access Controls has been identified in ArcSight Management Center (ArcMC) for versions prior to 2.81. | 6.5 |
2018-09-20 | CVE-2018-1674 | IBM | SQL Injection vulnerability in IBM products IBM Business Process Manager 8.5 through 8.6 and 18.0.0.0 through 18.0.0.1 are vulnerable to SQL injection. | 6.5 |
2018-09-20 | CVE-2018-17237 | Hdfgroup | Divide By Zero vulnerability in Hdfgroup Hdf5 A SIGFPE signal is raised in the function H5D__chunk_set_info_real() of H5Dchunk.c in the HDF HDF5 1.10.3 library during an attempted parse of a crafted HDF file, because of incorrect protection against division by zero. | 6.5 |
2018-09-20 | CVE-2018-17234 | Hdfgroup | Missing Release of Resource after Effective Lifetime vulnerability in Hdfgroup Hdf5 Memory leak in the H5O__chunk_deserialize() function in H5Ocache.c in the HDF HDF5 through 1.10.3 library allows attackers to cause a denial of service (memory consumption) via a crafted HDF5 file. | 6.5 |
2018-09-20 | CVE-2018-17233 | Hdfgroup | Divide By Zero vulnerability in Hdfgroup Hdf5 A SIGFPE signal is raised in the function H5D__create_chunk_file_map_hyper() of H5Dchunk.c in the HDF HDF5 through 1.10.3 library during an attempted parse of a crafted HDF file, because of incorrect protection against division by zero. | 6.5 |
2018-09-19 | CVE-2017-2873 | Foscam | OS Command Injection vulnerability in Foscam C1 Firmware 2.52.2.43 An exploitable command injection vulnerability exists in the web management interface used by the Foscam C1 Indoor HD Camera running application firmware 2.52.2.43. | 6.5 |
2018-09-19 | CVE-2018-16785 | Dedecms | XML Injection (aka Blind XPath Injection) vulnerability in Dedecms 5.7 XML injection vulnerability exists in the file of DedeCMS V5.7 SP2 version, which can be utilized by attackers to create script file to obtain webshell | 6.5 |
2018-09-17 | CVE-2018-14630 | Moodle | Code Injection vulnerability in Moodle moodle before versions 3.5.2, 3.4.5, 3.3.8, 3.1.14 is vulnerable to an XML import of ddwtos could lead to intentional remote code execution. | 6.5 |
2018-09-17 | CVE-2017-14443 | Insteon | Information Exposure vulnerability in Insteon HUB 2245-222 Firmware 1012 An exploitable information leak vulnerability exists in Insteon Hub running firmware version 1012. | 6.5 |
2018-09-17 | CVE-2018-17139 | Ultimatefosters | Unrestricted Upload of File with Dangerous Type vulnerability in Ultimatefosters Ultimatepos 2.5 UltimatePOS 2.5 allows users to upload arbitrary files, which leads to remote command execution by posting to a /products URI with PHP code in a .php file with the image/jpeg content type. | 6.5 |
2018-09-17 | CVE-2018-17134 | Phpmywind | Code Injection vulnerability in PHPmywind 5.5 admin/web_config.php in PHPMyWind 5.5 allows Admin users to execute arbitrary code via the cfg_author field in conjunction with a crafted cfg_webpath field. | 6.5 |
2018-09-17 | CVE-2018-17133 | Phpmywind | Code Injection vulnerability in PHPmywind 5.5 admin/web_config.php in PHPMyWind 5.5 allows Admin users to execute arbitrary code via the rewrite url setting. | 6.5 |
2018-09-17 | CVE-2018-17132 | Phpmywind | Code Injection vulnerability in PHPmywind 5.5 admin/goods_update.php in PHPMyWind 5.5 allows Admin users to execute arbitrary code via the attrvalue[] array parameter. | 6.5 |
2018-09-17 | CVE-2018-17131 | Phpmywind | Code Injection vulnerability in PHPmywind 5.5 admin/web_config.php in PHPMyWind 5.5 allows Admin users to execute arbitrary code via the varvalue field. | 6.5 |
2018-09-21 | CVE-2018-17297 | Hutool | Path Traversal vulnerability in Hutool The unzip function in ZipUtil.java in Hutool before 4.1.12 allows remote attackers to overwrite arbitrary files via directory traversal sequences in a filename within a ZIP archive. | 6.4 |
2018-09-19 | CVE-2017-2875 | Foscam | Classic Buffer Overflow vulnerability in Foscam C1 Firmware 2.52.2.43 An exploitable buffer overflow vulnerability exists in the Multi-Camera interface used by the Foscam C1 Indoor HD Camera running application firmware 2.52.2.43. | 6.4 |
2018-09-17 | CVE-2018-17125 | Chshcms | Path Traversal vulnerability in Chshcms Cscms 4.1 CScms 4.1 allows arbitrary directory deletion via a dir=..\\ substring to plugins\sys\admin\Plugins.php. | 6.4 |
2018-09-20 | CVE-2018-6502 | HP | Cross-site Scripting vulnerability in HP Arcsight Management Center 2.0/2.9.1 A potential Reflected Cross-Site Scripting (XSS) Security vulnerability has been identified in ArcSight Management Center (ArcMC) in all versions prior to 2.81. | 6.1 |
2018-09-19 | CVE-2018-3830 | Elastic Redhat | Cross-site Scripting vulnerability in multiple products Kibana versions 5.3.0 to 6.4.1 had a cross-site scripting (XSS) vulnerability via the source field formatter that could allow an attacker to obtain sensitive information from or perform destructive actions on behalf of other Kibana users. | 6.1 |
2018-09-18 | CVE-2018-16225 | Qbeecam Swisscom | Cleartext Transmission of Sensitive Information vulnerability in multiple products The QBee MultiSensor Camera through 4.16.4 accepts unencrypted network traffic from clients (such as the QBee Cam application through 1.0.5 for Android and the Swisscom Home application up to 10.7.2 for Android), which results in an attacker being able to reuse cookies to bypass authentication and disable the camera. | 6.1 |
2018-09-18 | CVE-2018-15546 | Accusoft | Cross-site Scripting vulnerability in Accusoft Prizmdoc Accusoft PrizmDoc version 13.3 and earlier contains a Stored Cross-Site Scripting issue through a crafted PDF file. | 6.1 |
2018-09-19 | CVE-2017-1794 | IBM | Resource Exhaustion vulnerability in IBM Tivoli Monitoring IBM Tivoli Monitoring 6.2.3 through 6.2.3.5 and 6.3.0 through 6.3.0.7 are vulnerable to both TEPS user privilege escalation and possible denial of service due to unconstrained memory growth. | 6.0 |
2018-09-21 | CVE-2018-8023 | Apache | Information Exposure vulnerability in Apache Mesos Apache Mesos can be configured to require authentication to call the Executor HTTP API using JSON Web Token (JWT). | 5.9 |
2018-09-19 | CVE-2018-11762 | Apache | Path Traversal vulnerability in Apache Tika In Apache Tika 0.9 to 1.18, in a rare edge case where a user does not specify an extract directory on the commandline (--extract-dir=) and the input file has an embedded file with an absolute path, such as "C:/evil.bat", tika-app would overwrite that file. | 5.9 |
2018-09-19 | CVE-2018-12243 | Symantec | XXE vulnerability in Symantec Messaging Gateway The Symantec Messaging Gateway product prior to 10.6.6 may be susceptible to a XML external entity (XXE) exploit, which is a type of issue where XML input containing a reference to an external entity is processed by a weakly configured XML parser. | 5.8 |
2018-09-18 | CVE-2018-11294 | Improper Input Validation vulnerability in Google Android In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, WLAN handler indication from the firmware gets the information for 4 access categories. | 5.8 | |
2018-09-18 | CVE-2018-16958 | Oracle | Incorrect Permission Assignment for Critical Resource vulnerability in Oracle Webcenter Interaction 10.3.3 An issue was discovered in Oracle WebCenter Interaction Portal 10.3.3. | 5.8 |
2018-09-18 | CVE-2018-16954 | Oracle | Open Redirect vulnerability in Oracle Webcenter Interaction 10.3.3 An issue was discovered in Oracle WebCenter Interaction Portal 10.3.3. | 5.8 |
2018-09-19 | CVE-2018-8017 | Apache | Infinite Loop vulnerability in Apache Tika In Apache Tika 1.2 to 1.18, a carefully crafted file can trigger an infinite loop in the IptcAnpaParser. | 5.5 |
2018-09-18 | CVE-2018-16819 | Monstra | Path Traversal vulnerability in Monstra 3.0.4 admin/index.php in Monstra CMS 3.0.4 allows arbitrary file deletion via id=filesmanager&path=uploads/.......//./.......//./&delete_file= requests. | 5.5 |
2018-09-18 | CVE-2018-11084 | Cloudfoundry | Unspecified vulnerability in Cloudfoundry Garden-Runc Cloud Foundry Garden-runC release, versions prior to 1.16.1, prevents deletion of some app environments based on file attributes. | 5.5 |
2018-09-21 | CVE-2018-17302 | Espocrm | Cross-site Scripting vulnerability in Espocrm 5.3.6 Stored XSS exists in views/fields/wysiwyg.js in EspoCRM 5.3.6 via a /#Email/view saved draft message. | 5.4 |
2018-09-19 | CVE-2018-3823 | Elastic | Cross-site Scripting vulnerability in Elastic Elasticsearch X-Pack and Kibana X-Pack X-Pack Machine Learning versions before 6.2.4 and 5.6.9 had a cross-site scripting (XSS) vulnerability. | 5.4 |
2018-09-23 | CVE-2018-17402 | Phonepe | Information Exposure vulnerability in Phonepe 3.0.6/3.3.26 The PhonePe wallet (aka com.PhonePe.app) application 3.0.6 through 3.3.26 for Android might allow attackers to discover the Credit/Debit card number, expiration date, and CVV number. | 5.3 |
2018-09-19 | CVE-2018-3829 | Elastic | Authentication Bypass by Spoofing vulnerability in Elastic Cloud Enterprise In Elastic Cloud Enterprise (ECE) versions prior to 1.1.4 it was discovered that a user could scale out allocators on new hosts with an invalid roles token. | 5.3 |
2018-09-18 | CVE-2018-6693 | Mcafee | Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Mcafee products An unprivileged user can delete arbitrary files on a Linux system running ENSLTP 10.5.1, 10.5.0, and 10.2.3 Hotfix 1246778 and earlier. | 5.3 |
2018-09-17 | CVE-2018-8041 | Apache | Path Traversal vulnerability in Apache Camel Apache Camel's Mail 2.20.0 through 2.20.3, 2.21.0 through 2.21.1 and 2.22.0 is vulnerable to path traversal. | 5.3 |
2018-09-17 | CVE-2017-15705 | Apache Redhat Debian Canonical | Improper Input Validation vulnerability in multiple products A denial of service vulnerability was identified that exists in Apache SpamAssassin before 3.4.2. | 5.3 |
2018-09-23 | CVE-2018-17368 | Publiccms | Unspecified vulnerability in Publiccms 4.0.180825 An issue was discovered in PublicCMS V4.0.180825. | 5.0 |
2018-09-22 | CVE-2018-17332 | Libsvg2 Project | Missing Release of Resource after Effective Lifetime vulnerability in Libsvg2 Project Libsvg2 An issue was discovered in libsvg2 through 2012-10-19. | 5.0 |
2018-09-21 | CVE-2018-17050 | Polyai Project | Integer Overflow or Wraparound vulnerability in Polyai Project Polyai The mintToken function of a smart contract implementation for PolyAi (AI), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | 5.0 |
2018-09-21 | CVE-2018-16821 | Seacms | Unrestricted Upload of File with Dangerous Type vulnerability in Seacms 6.64 SeaCMS 6.64 allows arbitrary directory listing via upload/admin/admin_template.php?path=../templets/../../ requests. | 5.0 |
2018-09-21 | CVE-2018-14732 | Webpack JS | Improper Input Validation vulnerability in Webpack.Js Webpack-Dev-Server An issue was discovered in lib/Server.js in webpack-dev-server before 3.1.6. | 5.0 |
2018-09-21 | CVE-2018-14731 | Parceljs | Information Exposure vulnerability in Parceljs Parcel An issue was discovered in HMRServer.js in Parcel parcel-bundler. | 5.0 |
2018-09-21 | CVE-2018-14730 | Browserify HMR Project | Information Exposure vulnerability in Browserify-Hot Module Replacement Project Browserify-Hot Module Replacement An issue was discovered in Browserify-HMR. | 5.0 |
2018-09-21 | CVE-2018-12511 | Substratum | Integer Overflow or Wraparound vulnerability in Substratum In the mintToken function of a smart contract implementation for Substratum (SUB), an Ethereum ERC20 token, the administrator can control mintedAmount, leverage an integer overflow, and modify a user account's balance arbitrarily. | 5.0 |
2018-09-21 | CVE-2018-16793 | Microsoft | Server-Side Request Forgery (SSRF) vulnerability in Microsoft Exchange Server 2010 Rollup 18 for Microsoft Exchange Server 2010 SP3 and previous versions has an SSRF vulnerability via the username parameter in /owa/auth/logon.aspx in the OWA (Outlook Web Access) login page. | 5.0 |
2018-09-21 | CVE-2018-17298 | Enalean | Weak Password Recovery Mechanism for Forgotten Password vulnerability in Enalean Tuleap An issue was discovered in Enalean Tuleap before 10.5. | 5.0 |
2018-09-21 | CVE-2018-17283 | Zohocorp | SQL Injection vulnerability in Zohocorp Manageengine Opmanager 11.4/11.5/12.2 Zoho ManageEngine OpManager before 12.3 Build 123196 does not require authentication for /oputilsServlet requests, as demonstrated by a /oputilsServlet?action=getAPIKey request that can be leveraged against Firewall Analyzer to add an admin user via /api/json/v2/admin/addUser or conduct a SQL Injection attack via the /api/json/device/setManaged name parameter. | 5.0 |
2018-09-20 | CVE-2018-14827 | Rockwellautomation | Resource Exhaustion vulnerability in Rockwellautomation Rslinx Rockwell Automation RSLinx Classic Versions 4.00.01 and prior. | 5.0 |
2018-09-20 | CVE-2018-14821 | Rockwellautomation | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Rockwellautomation Rslinx Rockwell Automation RSLinx Classic Versions 4.00.01 and prior. | 5.0 |
2018-09-20 | CVE-2018-5837 | Qualcomm | Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) vulnerability in Qualcomm products In Snapdragon (Automobile, Mobile, Wear) in version IPQ8074, MDM9206, MDM9607, MDM9640, MDM9650, MSM8996AU, QCA6574AU, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 450, SD 625, SD 820A, SD 835, SD 845, SD 850, SDA660, SDM429, SDM439, SDM630, SDM632, SDM636, SDM660, SDM710, Snapdragon_High_Med_2016, MAC address randomization performed during probe requests is not done properly due to a flawed RNG which produced repeating output much earlier than expected. | 5.0 |
2018-09-20 | CVE-2018-11291 | Qualcomm | Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) vulnerability in Qualcomm products In Snapdragon (Automobile, Mobile, Wear) in version IPQ8074, MDM9206, MDM9607, MDM9640, MDM9650, MSM8996AU, QCA4531, QCA6174A, QCA6564, QCA6574, QCA6574AU, QCA6584, QCA6584AU, QCA9377, QCA9378, QCA9379, SD 425, SD 427, SD 430, SD 435, SD 450, SD 600, SD 625, SD 650/52, SD 810, SD 820, SD 820A, SD 835, SD 845, SD 850, SDM630, SDM632, SDM636, SDM660, SDX20, Snapdragon_High_Med_2016, cryptographic issues due to the random number generator was not a strong one in NAN. | 5.0 |
2018-09-20 | CVE-2018-11290 | Qualcomm | Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) vulnerability in Qualcomm products In Snapdragon (Automobile, Mobile, Wear) in version MDM9206, MDM9607, MDM9640, MDM9650, MSM8996AU, QCA6574AU, QCA6584, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 450, SD 625, SD 650/52, SD 820A, SD 845, SDM429, SDM439, SDM630, SDM632, SDM636, SDM660, SDX20, Snapdragon_High_Med_2016, MAC address randomization performed during probe requests is not done properly due to a flawed RNG in use. | 5.0 |
2018-09-19 | CVE-2017-2876 | Foscam | Classic Buffer Overflow vulnerability in Foscam C1 Firmware 2.52.2.43 An exploitable buffer overflow vulnerability exists in the Multi-Camera interface used by the Foscam C1 Indoor HD Camera running application firmware 2.52.2.43. | 5.0 |
2018-09-19 | CVE-2018-17205 | Openvswitch Redhat Canonical | Reachable Assertion vulnerability in multiple products An issue was discovered in Open vSwitch (OvS) 2.7.x through 2.7.6, affecting ofproto_rule_insert__ in ofproto/ofproto.c. | 5.0 |
2018-09-19 | CVE-2017-2878 | Foscam | Classic Buffer Overflow vulnerability in Foscam C1 Firmware 2.52.2.43 An exploitable buffer overflow vulnerability exists in the web management interface used by the Foscam C1 Indoor HD Camera running application firmware 2.52.2.43. | 5.0 |
2018-09-18 | CVE-2018-17071 | Lucky9 | Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) vulnerability in Lucky9 Lucky9Io The fallback function of a simple lottery smart contract implementation for Lucky9io, an Ethereum gambling game, generates a random value with the publicly readable variable entry_number. | 5.0 |
2018-09-18 | CVE-2018-16820 | Monstra | Path Traversal vulnerability in Monstra 3.0.4 admin/index.php in Monstra CMS 3.0.4 allows arbitrary directory listing via id=filesmanager&path=uploads/.......//./.......//./ requests. | 5.0 |
2018-09-18 | CVE-2018-16794 | Microsoft | Server-Side Request Forgery (SSRF) vulnerability in Microsoft Active Directory Federation Services Microsoft ADFS 4.0 Windows Server 2016 and previous (Active Directory Federation Services) has an SSRF vulnerability via the txtBoxEmail parameter in /adfs/ls. | 5.0 |
2018-09-18 | CVE-2018-13982 | Smarty Debian | Path Traversal vulnerability in multiple products Smarty_Security::isTrustedResourceDir() in Smarty before 3.1.33 is prone to a path traversal vulnerability due to insufficient template code sanitization. | 5.0 |
2018-09-18 | CVE-2018-11071 | EMC | Improper Input Validation vulnerability in EMC Isilon Onefs and Isilonsd Edge Dell EMC Isilon OneFS versions 7.1.1.x, 7.2.1.x, 8.0.0.x, 8.0.1.x, 8.1.0.x and 8.1.x prior to 8.1.2 and Dell EMC IsilonSD Edge versions 8.0.0.x, 8.0.1.x, 8.1.0.x and 8.1.x prior to 8.1.2 contain a remote process crash vulnerability. | 5.0 |
2018-09-18 | CVE-2018-16671 | Circontrol | Information Exposure vulnerability in Circontrol Circarlife Scada An issue was discovered in CIRCONTROL CirCarLife before 4.3. | 5.0 |
2018-09-18 | CVE-2018-16670 | Circontrol | Improper Authentication vulnerability in Circontrol Circarlife Scada An issue was discovered in CIRCONTROL CirCarLife before 4.3. | 5.0 |
2018-09-18 | CVE-2018-16669 | Circontrol | Insufficiently Protected Credentials vulnerability in Circontrol Open Charge Point Protocol An issue was discovered in CIRCONTROL Open Charge Point Protocol (OCPP) before 1.5.0, as used in CirCarLife, PowerStudio, and other products. | 5.0 |
2018-09-18 | CVE-2018-16668 | Circontrol | Improper Authentication vulnerability in Circontrol Circarlife Scada An issue was discovered in CIRCONTROL CirCarLife before 4.3. | 5.0 |
2018-09-18 | CVE-2018-17176 | Neatorobotics | Authentication Bypass by Capture-replay vulnerability in Neatorobotics products A replay issue was discovered on Neato Botvac Connected 2.2.0 devices. | 5.0 |
2018-09-18 | CVE-2018-17175 | Marshmallow Project | Unspecified vulnerability in Marshmallow Project Marshmallow In the marshmallow library before 2.15.1 and 3.x before 3.0.0b9 for Python, the schema "only" option treats an empty list as implying no "only" option, which allows a request that was intended to expose no fields to instead expose all fields (if the schema is being filtered dynamically using the "only" option, and there is a user role that produces an empty value for "only"). | 5.0 |
2018-09-18 | CVE-2018-14642 | Redhat | Information Exposure vulnerability in Redhat Jboss Enterprise Application Platform and Undertow An information leak vulnerability was found in Undertow. | 5.0 |
2018-09-18 | CVE-2018-16959 | Oracle | Information Exposure vulnerability in Oracle Webcenter Interaction 10.3.3 An issue was discovered in Oracle WebCenter Interaction Portal 10.3.3. | 5.0 |
2018-09-17 | CVE-2017-2874 | Foscam | Unspecified vulnerability in Foscam C1 Firmware 2.52.2.43 An information disclosure vulnerability exists in the Multi-Camera interface used by the Foscam C1 Indoor HD Camera running application firmware 2.52.2.43. | 5.0 |
2018-09-21 | CVE-2018-16597 | Linux Netapp Opensuse | Incorrect Authorization vulnerability in Linux Kernel An issue was discovered in the Linux kernel before 4.8. | 4.9 |
2018-09-21 | CVE-2018-1685 | IBM Linux Microsoft | Information Exposure vulnerability in IBM DB2 IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, and 11.1 contains a vulnerability in db2cacpy that could allow a local user to read any file on the system. | 4.9 |
2018-09-20 | CVE-2017-18301 | Qualcomm | NULL Pointer Dereference vulnerability in Qualcomm products In Small Cell SoC and Snapdragon (Automobile, Mobile, Wear) in version FSM9055, FSM9955, MDM9607, MDM9640, MDM9650, MSM8909W, SD 425, SD 427, SD 430, SD 435, SD 450, SD 617, SD 625, SD 650/52, SD 820, SD 820A, SD 835, SD 845, SDM630, SDM636, SDM660, SDX20, Snapdragon_High_Med_2016, providing the NULL argument of ICE regulator while processing create key IOCTL results in system restart. | 4.9 |
2018-09-19 | CVE-2018-1782 | IBM | Unspecified vulnerability in IBM Spectrum Scale 5.0.1.0/5.0.1.1 IBM GPFS (IBM Spectrum Scale 5.0.1.0 and 5.0.1.1) allows a local, unprivileged user to cause a kernel panic on a node running GPFS by accessing a file that is stored on a GPFS file system with mmap, or by executing a crafted file stored on a GPFS file system. | 4.9 |
2018-09-18 | CVE-2018-11280 | Improper Input Validation vulnerability in Google Android In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, while processing user-space there is no size validation of the NAT entry input. | 4.9 | |
2018-09-18 | CVE-2018-11275 | Information Exposure vulnerability in Google Android In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, when flashing image using FastbootLib if size is not divisible by block size, information leak occurs. | 4.9 | |
2018-09-20 | CVE-2017-18302 | Qualcomm | Race Condition vulnerability in Qualcomm products In Snapdragon (Automobile ,Mobile) in version MSM8996AU, SD 425, SD 427, SD 430, SD 435, SD 450, SD 625, SD 650/52, SD 820, SD 820A, SD 835, SDA660, SDM429, SDM439, SDM630, SDM632, SDM636, SDM660, Snapdragon_High_Med_2016, a crafted HLOS client can modify the structure in memory passed to a QSEE application between the time of check and the time of use, resulting in arbitrary writes to TZ kernel memory regions. | 4.7 |
2018-09-19 | CVE-2018-8889 | Blackberry | Path Traversal vulnerability in Blackberry Enterprise Mobility Server 2.6/2.8/2.8.17.29 A directory traversal vulnerability in the Connect Service of the BlackBerry Enterprise Mobility Server (BEMS) 2.8.17.29 and earlier could allow an attacker to retrieve arbitrary files in the context of a BEMS administrator account. | 4.7 |
2018-09-22 | CVE-2018-17336 | Freedesktop Canonical | Use of Externally-Controlled Format String vulnerability in multiple products UDisks 2.8.0 has a format string vulnerability in udisks_log in udiskslogging.c, allowing attackers to obtain sensitive information (stack contents), cause a denial of service (memory corruption), or possibly have unspecified other impact via a malformed filesystem label, as demonstrated by %d or %n substrings. | 4.6 |
2018-09-21 | CVE-2018-14891 | Vectra | Unspecified vulnerability in Vectra Cognito 4.2 Management Console in Vectra Networks Cognito Brain and Sensor before 4.3 contains a local privilege escalation vulnerability. | 4.6 |
2018-09-21 | CVE-2018-14889 | Apache Vectra | Improper Input Validation vulnerability in Apache Couchdb CouchDB in Vectra Networks Cognito Brain and Sensor before 4.3 contains a local code execution vulnerability. | 4.6 |
2018-09-21 | CVE-2018-12169 | Intel Lenovo | Improper Authentication vulnerability in multiple products Platform sample code firmware in 4th Generation Intel Core Processor, 5th Generation Intel Core Processor, 6th Generation Intel Core Processor, 7th Generation Intel Core Processor and 8th Generation Intel Core Processor contains a logic error which may allow physical attacker to potentially bypass firmware authentication. | 4.6 |
2018-09-21 | CVE-2018-1711 | IBM Linux Microsoft | Incorrect Permission Assignment for Critical Resource vulnerability in IBM DB2 IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, and 11.1 could allow a local user to to gain privileges due to allowing modification of columns of existing tasks. | 4.6 |
2018-09-21 | CVE-2018-1710 | IBM Linux Microsoft | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in IBM DB2 10.1/10.5/11.1 IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 10.1, 10.5, and 11.1 tool db2licm is affected by buffer overflow vulnerability that can potentially result in arbitrary code execution. | 4.6 |
2018-09-20 | CVE-2018-11277 | Qualcomm | Incorrect Permission Assignment for Critical Resource vulnerability in Qualcomm products In Snapdragon (Automobile, Mobile, Wear) in version MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 810, SD 820, SD 820A, SD 835, SD 845, SDA660, the com.qualcomm.embms is a vendor package deployed in the system image which has an inadequate permission level and allows any application installed from Play Store to request this permission at install-time. | 4.6 |
2018-09-19 | CVE-2018-3573 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, while relocating kernel images with a specially crafted boot image, an out of bounds access can occur. | 4.6 | |
2018-09-19 | CVE-2018-11893 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, while processing vendor scan request, when input argument - length of request IEs is greater than maximum can lead to a buffer overflow. | 4.6 | |
2018-09-18 | CVE-2018-11832 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, lack of input size validation before copying to buffer in PMIC function can lead to heap overflow. | 4.6 | |
2018-09-18 | CVE-2018-11302 | Improper Input Validation vulnerability in Google Android In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, lack of check of input received from userspace before copying into buffer can lead to potential array overflow in WLAN. | 4.6 | |
2018-09-18 | CVE-2018-11301 | Integer Underflow (Wrap or Wraparound) vulnerability in Google Android In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, lack of check on buffer length while processing debug log event from firmware can lead to an integer overflow. | 4.6 | |
2018-09-18 | CVE-2018-11300 | Use After Free vulnerability in Google Android In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, callback executed from the other thread has freed memory which is also used in wlan function and may result in to a "Use after free" scenario. | 4.6 | |
2018-09-18 | CVE-2018-11298 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, while processing SET_PASSPOINT_LIST vendor command HDD does not make sure that the realm string that gets passed by upper-layer is NULL terminated. | 4.6 | |
2018-09-18 | CVE-2018-11286 | Use After Free vulnerability in Google Android In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, while accessing global variable "debug_client" in multi-thread manner, Use after free issue occurs | 4.6 | |
2018-09-18 | CVE-2018-11276 | Double Free vulnerability in Google Android In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, double free of memory allocation is possible in Kernel when it explicitly tries to free that memory on driver probe failure, since memory allocated is automatically freed on probe. | 4.6 | |
2018-09-18 | CVE-2018-11273 | Double Free vulnerability in Google Android In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, 'voice_svc_dev' is allocated as a device-managed resource. | 4.6 | |
2018-09-18 | CVE-2018-11270 | Double Free vulnerability in Google Android In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, memory allocated with devm_kzalloc is automatically released by the kernel if the probe function fails with an error code. | 4.6 | |
2018-09-18 | CVE-2018-11265 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, possible buffer overflow while incrementing the log_buf of type uint64_t in memcpy function, since the log_buf pointer can access the memory beyond the size to store the data after pointer increment. | 4.6 | |
2018-09-18 | CVE-2017-15828 | Integer Overflow or Wraparound vulnerability in Google Android In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, while accessing the keystore in LK, an integer overflow vulnerability exists which may potentially lead to a buffer overflow. | 4.6 | |
2018-09-18 | CVE-2017-15825 | Out-of-bounds Read vulnerability in Google Android In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, while processing a gpt update, an out of bounds memory access may potentially occur. | 4.6 | |
2018-09-18 | CVE-2018-7929 | Huawei | Incorrect Authorization vulnerability in Huawei Mate RS Firmware Huawei Mate RS smartphones with the versions before NEO-AL00D 8.1.0.167(C786) have a lock-screen bypass vulnerability. | 4.6 |
2018-09-19 | CVE-2018-5905 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, a race condition while accessing num of clients in DIAG services can lead to out of boundary access. | 4.4 | |
2018-09-18 | CVE-2018-11818 | Use After Free vulnerability in Google Android In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, LUT configuration is passed down to driver from userspace via ioctl. | 4.4 | |
2018-09-23 | CVE-2018-17361 | Weaselcms Project | Cross-site Scripting vulnerability in Weaselcms Project Weaselcms 0.3.6 Multiple XSS vulnerabilities in WeaselCMS v0.3.6 allow remote attackers to inject arbitrary web script or HTML via the PATH_INFO to index.php because $_SERVER['PHP_SELF'] is mishandled. | 4.3 |
2018-09-23 | CVE-2018-17360 | GNU | Out-of-bounds Read vulnerability in GNU Binutils 2.31.1 An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31. | 4.3 |
2018-09-23 | CVE-2018-17359 | GNU | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in GNU Binutils 2.31.1 An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31. | 4.3 |
2018-09-23 | CVE-2018-17358 | GNU | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in GNU Binutils 2.31.1 An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31. | 4.3 |
2018-09-22 | CVE-2018-17322 | Yunucms | Cross-site Scripting vulnerability in Yunucms 1.1.4 Cross-site scripting (XSS) vulnerability in index.php/index/category/index in YUNUCMS 1.1.4 allows remote attackers to inject arbitrary web script or HTML via the area parameter. | 4.3 |
2018-09-22 | CVE-2018-17321 | Seacms | Cross-site Scripting vulnerability in Seacms 6.64 An issue was discovered in SeaCMS 6.64. | 4.3 |
2018-09-21 | CVE-2018-17320 | Ucms Project | Cross-site Scripting vulnerability in Ucms Project Ucms 1.4.6 An issue was discovered in UCMS 1.4.6. | 4.3 |
2018-09-21 | CVE-2018-17003 | Limesurvey | Cross-site Scripting vulnerability in Limesurvey 3.14.7 In LimeSurvey 3.14.7, HTML Injection and Stored XSS have been discovered in the appendix via the surveyls_title parameter to /index.php?r=admin/survey/sa/insert. | 4.3 |
2018-09-21 | CVE-2018-17002 | Ricoh | Cross-site Scripting vulnerability in Ricoh MP 2001Sp Firmware On the RICOH MP 2001 printer, HTML Injection and Stored XSS vulnerabilities have been discovered in the area of adding addresses via the entryNameIn parameter to /web/entry/en/address/adrsSetUserWizard.cgi. | 4.3 |
2018-09-21 | CVE-2018-17001 | Ricoh | Cross-site Scripting vulnerability in Ricoh SP 4510Sf Firmware On the RICOH SP 4510SF printer, HTML Injection and Stored XSS vulnerabilities have been discovered in the area of adding addresses via the entryNameIn parameter to /web/entry/en/address/adrsSetUserWizard.cgi. | 4.3 |
2018-09-21 | CVE-2018-16965 | Zohocorp | Cross-site Scripting vulnerability in Zohocorp Manageengine Supportcenter Plus 7.9/7.90 In Zoho ManageEngine SupportCenter Plus before 8.1 Build 8109, there is HTML Injection and Stored XSS via the /ServiceContractDef.do contractName parameter. | 4.3 |
2018-09-21 | CVE-2018-16833 | Zohocorp | Cross-site Scripting vulnerability in Zohocorp Manageengine Desktop Central 10.0.271 Zoho ManageEngine Desktop Central 10.0.271 has XSS via the "Features & Articles" search field to the /advsearch.do?SUBREQUEST=XMLHTTP URI. | 4.3 |
2018-09-21 | CVE-2018-15613 | Avaya | Cross-site Scripting vulnerability in Avaya Aura Orchestration Designer A cross-site scripting (XSS) vulnerability in the Runtime Config component of Avaya Aura Orchestration Designer could result in malicious content being returned to the user. | 4.3 |
2018-09-21 | CVE-2018-13111 | Wanscam | Improper Input Validation vulnerability in Wanscam Hw0021 Firmware There exists a partial Denial of Service vulnerability in Wanscam HW0021 IP Cameras. | 4.3 |
2018-09-21 | CVE-2018-9282 | Subsonic | Cross-site Scripting vulnerability in Subsonic 6.1.1 An XSS issue was discovered in Subsonic Media Server 6.1.1. | 4.3 |
2018-09-21 | CVE-2018-14691 | Subsonic | Cross-site Scripting vulnerability in Subsonic 6.1.1 An issue was discovered in Subsonic 6.1.1. | 4.3 |
2018-09-21 | CVE-2018-14690 | Subsonic | Cross-site Scripting vulnerability in Subsonic 6.1.1 An issue was discovered in Subsonic 6.1.1. | 4.3 |
2018-09-21 | CVE-2018-14689 | Subsonic | Cross-site Scripting vulnerability in Subsonic 6.1.1 An issue was discovered in Subsonic 6.1.1. | 4.3 |
2018-09-21 | CVE-2018-14688 | Subsonic | Cross-site Scripting vulnerability in Subsonic 6.1.1 An issue was discovered in Subsonic 6.1.1. | 4.3 |
2018-09-21 | CVE-2018-16786 | Dedecms | Cross-site Scripting vulnerability in Dedecms 5.7 DedeCMS 5.7 SP2 allows XSS via an onhashchange attribute in the msg parameter to /plus/feedback_ajax.php. | 4.3 |
2018-09-21 | CVE-2018-17294 | Liblouis Canonical Opensuse | Out-of-bounds Read vulnerability in multiple products The matchCurrentInput function inside lou_translateString.c of Liblouis prior to 3.7 does not check the input string's length, allowing attackers to cause a denial of service (application crash via out-of-bounds read) by crafting an input file with certain translation dictionaries. | 4.3 |
2018-09-21 | CVE-2018-17292 | Webassembly Virtual Machine Project | Out-of-bounds Read vulnerability in Webassembly Virtual Machine Project Webassembly Virtual Machine An issue was discovered in WAVM before 2018-09-16. | 4.3 |
2018-09-20 | CVE-2018-17282 | Exiv2 | NULL Pointer Dereference vulnerability in Exiv2 0.26 An issue was discovered in Exiv2 v0.26. | 4.3 |
2018-09-20 | CVE-2018-17236 | Mp4V2 Project | Use After Free vulnerability in Mp4V2 Project Mp4V2 2.1.0 The function MP4Free() in mp4property.cpp in libmp4v2 2.1.0 internally calls free() on a invalid pointer, raising a SIGABRT signal. | 4.3 |
2018-09-20 | CVE-2018-17235 | Mp4V2 Project | Out-of-bounds Read vulnerability in Mp4V2 Project Mp4V2 2.1.0 The function mp4v2::impl::MP4Track::FinishSdtp() in mp4track.cpp in libmp4v2 2.1.0 mishandles compatibleBrand while processing a crafted mp4 file, which leads to a heap-based buffer over-read, causing denial of service. | 4.3 |
2018-09-19 | CVE-2018-17230 | Exiv2 | Out-of-bounds Write vulnerability in Exiv2 0.26 Exiv2::ul2Data in types.cpp in Exiv2 v0.26 allows remote attackers to cause a denial of service (heap-based buffer overflow) via a crafted image file. | 4.3 |
2018-09-19 | CVE-2018-17229 | Exiv2 | Out-of-bounds Write vulnerability in Exiv2 0.26 Exiv2::d2Data in types.cpp in Exiv2 v0.26 allows remote attackers to cause a denial of service (heap-based buffer overflow) via a crafted image file. | 4.3 |
2018-09-19 | CVE-2018-3827 | Elastic | Credentials Management vulnerability in Elastic Azure Repository 6.0.0 A sensitive data disclosure flaw was found in the Elasticsearch repository-azure (formerly elasticsearch-cloud-azure) plugin. | 4.3 |
2018-09-19 | CVE-2018-3825 | Elastic | Insecure Default Initialization of Resource vulnerability in Elastic Cloud Enterprise In Elastic Cloud Enterprise (ECE) versions prior to 1.1.4 a default master encryption key is used in the process of granting ZooKeeper access to Elasticsearch clusters. | 4.3 |
2018-09-19 | CVE-2018-3824 | Elastic | Cross-site Scripting vulnerability in Elastic products X-Pack Machine Learning versions before 6.2.4 and 5.6.9 had a cross-site scripting (XSS) vulnerability. | 4.3 |
2018-09-18 | CVE-2017-6913 | Open Xchange | Cross-site Scripting vulnerability in Open-Xchange Appsuite Cross-site scripting (XSS) vulnerability in the Open-Xchange webmail before 7.6.3-rev28 allows remote attackers to inject arbitrary web script or HTML via the event attribute in a time tag. | 4.3 |
2018-09-18 | CVE-2018-13398 | Atlassian | Cross-Site Request Forgery (CSRF) vulnerability in Atlassian Crucible and Fisheye The administrative smart-commits resource in Atlassian Fisheye and Crucible before version 4.5.4 allows remote attackers to modify smart-commit settings via a Cross-site request forgery (CSRF) vulnerability. | 4.3 |
2018-09-18 | CVE-2018-16955 | Oracle | Cross-site Scripting vulnerability in Oracle Webcenter Interaction 10.3.3 The login function of Oracle WebCenter Interaction Portal 10.3.3 is vulnerable to reflected cross-site scripting (XSS). | 4.3 |
2018-09-18 | CVE-2018-16953 | Oracle | Cross-site Scripting vulnerability in Oracle Webcenter Interaction 10.3.3 The AjaxView::DisplayResponse() function of the portalpages.dll assembly in Oracle WebCenter Interaction Portal 10.3.3 is vulnerable to reflected cross-site scripting (XSS). | 4.3 |
2018-09-17 | CVE-2018-14631 | Moodle | Cross-site Scripting vulnerability in Moodle moodle before versions 3.5.2, 3.4.5, 3.3.8 is vulnerable to a boost theme - blog search GET parameter insufficiently filtered. | 4.3 |
2018-09-17 | CVE-2018-14320 | Podofo Project | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Podofo Project Podofo This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of PoDoFo. | 4.3 |
2018-09-17 | CVE-2018-17113 | Easycms | Cross-site Scripting vulnerability in Easycms 1.5 App/Modules/Admin/Tpl/default/Public/dwz/uploadify/scripts/uploadify.swf in EasyCMS 1.5 has XSS via the uploadifyID or movieName parameter, a related issue to CVE-2018-9173. | 4.3 |
2018-09-19 | CVE-2018-3831 | Elastic | Information Exposure vulnerability in Elastic Elasticsearch Elasticsearch Alerting and Monitoring in versions before 6.4.1 or 5.6.12 have an information disclosure issue when secrets are configured via the API. | 4.0 |
2018-09-19 | CVE-2018-3826 | Elastic | Missing Encryption of Sensitive Data vulnerability in Elastic Elasticsearch In Elasticsearch versions 6.0.0-beta1 to 6.2.4 a disclosure flaw was found in the _snapshot API. | 4.0 |
2018-09-19 | CVE-2018-17206 | Openvswitch Redhat Canonical Debian | Out-of-bounds Read vulnerability in multiple products An issue was discovered in Open vSwitch (OvS) 2.7.x through 2.7.6. | 4.0 |
2018-09-19 | CVE-2018-17204 | Openvswitch Redhat Canonical Debian | Reachable Assertion vulnerability in multiple products An issue was discovered in Open vSwitch (OvS) 2.7.x through 2.7.6, affecting parse_group_prop_ntr_selection_method in lib/ofp-util.c. | 4.0 |
2018-09-18 | CVE-2018-16956 | Oracle | Improper Input Validation vulnerability in Oracle Webcenter Interaction 10.3.3 The AjaxControl component of Oracle WebCenter Interaction Portal 10.3.3 does not validate the names of pages when processing page rename requests. | 4.0 |
2018-09-17 | CVE-2018-1223 | Pivotal | Information Exposure Through Log Files vulnerability in Pivotal Cloud Foundry Container Runtime Cloud Foundry Container Runtime (kubo-release), versions prior to 0.14.0, may leak UAA and vCenter credentials to application logs. | 4.0 |
2018-09-17 | CVE-2018-1198 | Pivotal Software | Information Exposure Through Log Files vulnerability in Pivotal Software Pivotal Cloud Cache Pivotal Cloud Cache, versions prior to 1.3.1, prints a superuser password in plain text during BOSH deployment logs. | 4.0 |
2018-09-17 | CVE-2018-11088 | Pivotal Software | Unspecified vulnerability in Pivotal Software Pivotal Application Service Pivotal Applications Manager in Pivotal Application Service, versions 2.0 prior to 2.0.21 and 2.1 prior to 2.1.13 and 2.2 prior to 2.2.5, contains a bug which may allow escalation of privileges. | 4.0 |
2018-09-17 | CVE-2018-11086 | Pivotal Software | Unspecified vulnerability in Pivotal Software Pivotal Application Service Pivotal Usage Service in Pivotal Application Service, versions 2.0 prior to 2.0.21 and 2.1 prior to 2.1.13 and 2.2 prior to 2.2.5, contains a bug which may allow escalation of privileges. | 4.0 |
2018-09-17 | CVE-2018-17129 | Metinfo | SQL Injection vulnerability in Metinfo 6.1.0 MetInfo 6.1.0 has SQL injection in doexport() in app/system/feedback/admin/feedback_admin.class.php via the class1 field. | 4.0 |
22 Low Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2018-09-23 | CVE-2018-17369 | Springboot Authority Project | Cross-site Scripting vulnerability in Springboot Authority Project Springboot Authority 20170306 An issue was discovered in springboot_authority through 2017-03-06. | 3.5 |
2018-09-21 | CVE-2018-14890 | Vectra | Cross-site Scripting vulnerability in Vectra Cognito Vectra Networks Cognito Brain and Sensor before 4.2 contains a cross-site scripting (XSS) vulnerability in the Web Management Console. | 3.5 |
2018-09-21 | CVE-2018-17301 | Espocrm | Cross-site Scripting vulnerability in Espocrm 5.3.6 Reflected XSS exists in client/res/templates/global-search/name-field.tpl in EspoCRM 5.3.6 via /#Account in the search panel. | 3.5 |
2018-09-21 | CVE-2018-17300 | Cuppacms | Cross-site Scripting vulnerability in Cuppacms Stored XSS exists in CuppaCMS through 2018-09-03 via an administrator/#/component/table_manager/view/cu_menus section name. | 3.5 |
2018-09-19 | CVE-2018-3828 | Elastic | Information Exposure Through Log Files vulnerability in Elastic Cloud Enterprise Elastic Cloud Enterprise (ECE) versions prior to 1.1.4 contain an information exposure vulnerability. | 3.5 |
2018-09-19 | CVE-2018-16607 | Opmantek | Cross-site Scripting vulnerability in Opmantek Open-Audit 2.2.7 Cross-site scripting (XSS) vulnerability in the Orgs Page in Open-AudIT Professional edition in 2.2.7 allows remote attackers to inject arbitrary web script via the Orgs name field. | 3.5 |
2018-09-17 | CVE-2018-17140 | VMS Studio | Cross-site Scripting vulnerability in Vms-Studio Quizlord 1.0.1/2.0 The Quizlord plugin through 2.0 for WordPress is prone to Stored XSS via the title parameter in a ql_insert action to wp-admin/admin.php. | 3.5 |
2018-09-17 | CVE-2018-17138 | Nickelpro | Cross-site Scripting vulnerability in Nickelpro Jibu PRO 1.6/1.7 The Jibu Pro plugin through 1.7 for WordPress is prone to Stored XSS via the wp-content/plugins/jibu-pro/quiz_action.php name (aka Quiz Name) field. | 3.5 |
2018-09-17 | CVE-2018-17130 | Phpmywind | Cross-site Scripting vulnerability in PHPmywind 5.5 PHPMyWind 5.5 has XSS in member.php via an HTTP Referer header, | 3.5 |
2018-09-17 | CVE-2018-17128 | Mybb | Cross-site Scripting vulnerability in Mybb A Persistent XSS issue was discovered in the Visual Editor in MyBB before 1.8.19 via a Video MyCode. | 3.5 |
2018-09-20 | CVE-2018-5871 | Qualcomm | Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) vulnerability in Qualcomm products In Snapdragon (Automobile, Mobile, Wear) in version MDM9206, MDM9607, MDM9640, MDM9650, MSM8996AU, QCA6574AU, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 450, SD 615/16/SD 415, SD 625, SD 650/52, SD 820A, SD 835, SD 845, SD 850, SDA660, SDM429, SDM439, SDM630, SDM632, SDM636, SDM660, SDM710, Snapdragon_High_Med_2016, MAC address randomization performed during probe requests (for privacy reasons) is not done properly due to a flawed RNG which produces repeating output much earlier than expected. | 3.3 |
2018-09-18 | CVE-2018-11293 | Out-of-bounds Read vulnerability in Google Android In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, in wma_ndp_confirm_event_handler and wma_ndp_indication_event_handler, ndp_cfg len and num_ndp_app_info is from fw. | 3.3 | |
2018-09-19 | CVE-2017-2879 | Foscam | Classic Buffer Overflow vulnerability in Foscam C1 Firmware 2.52.2.43 An exploitable buffer overflow vulnerability exists in the UPnP implementation used by the Foscam C1 Indoor HD Camera running application firmware 2.52.2.43. | 2.9 |
2018-09-18 | CVE-2018-17178 | Neatorobotics | Unspecified vulnerability in Neatorobotics products An issue was discovered on Neato Botvac Connected 2.2.0 devices. | 2.9 |
2018-09-23 | CVE-2018-17404 | SBI | Information Exposure vulnerability in SBI Buddy 1.41/1.42 The SBIbuddy (aka com.sbi.erupee) application 1.41 and 1.42 for Android might allow an attacker to sniff private information such as mobile number, PAN number (from a government-issued ID), and date of birth. | 2.6 |
2018-09-21 | CVE-2013-7203 | Gitolite | Information Exposure vulnerability in Gitolite gitolite before commit fa06a34 might allow local users to read arbitrary files in repositories via vectors related to the user umask when running gitolite setup. | 2.1 |
2018-09-21 | CVE-2018-11352 | Wallabag | Cross-site Scripting vulnerability in Wallabag The Wallabag application 2.2.3 to 2.3.2 is affected by one cross-site scripting (XSS) vulnerability that is stored within the configuration page. | 2.1 |
2018-09-19 | CVE-2018-3574 | Improper Input Validation vulnerability in Google Android In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, userspace can request ION cache maintenance on a secure ION buffer for which the ION_FLAG_SECURE ion flag is not set and cause the kernel to attempt to perform cache maintenance on memory which does not belong to HLOS. | 2.1 | |
2018-09-18 | CVE-2018-17177 | Neatorobotics | Inadequate Encryption Strength vulnerability in Neatorobotics products An issue was discovered on Neato Botvac Connected 2.2.0 and Botvac 85 1.2.1 devices. | 2.1 |
2018-09-18 | CVE-2017-15844 | Out-of-bounds Read vulnerability in Google Android In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, while processing the function for writing device values into flash, uninitialized memory can be written to flash. | 2.1 | |
2018-09-18 | CVE-2018-7991 | Huawei | Unspecified vulnerability in Huawei Mate10 Firmware Huawei smartphones Mate10 with versions earlier before ALP-AL00B 8.0.0.110(C00) have a Factory Reset Protection (FRP) bypass vulnerability. | 2.1 |
2018-09-20 | CVE-2018-1800 | IBM | Information Exposure vulnerability in IBM Sterling B2B Integrator IBM Sterling B2B Integrator Standard Edition 5.2.6.0 and 6.2.6.1 could allow a local user to obtain highly sensitive information during a short time period when installation is occurring. | 1.9 |