Weekly Vulnerabilities Reports > November 5 to 11, 2018

Overview

206 new vulnerabilities reported during this period, including 17 critical vulnerabilities and 47 high severity vulnerabilities. This weekly summary report vulnerabilities in 383 products from 80 vendors including Google, Foscam, Opticam, Debian, and Cisco. Vulnerabilities are notably categorized as "Cross-site Scripting", "Out-of-bounds Write", "Out-of-bounds Read", "Information Exposure", and "Cross-Site Request Forgery (CSRF)".

  • 169 reported vulnerabilities are remotely exploitables.
  • 10 reported vulnerabilities have public exploit available.
  • 58 reported vulnerabilities are related to weaknesses in OWASP Top Ten.
  • 163 reported vulnerabilities are exploitable by an anonymous user.
  • Google has the most reported vulnerabilities, with 32 reported vulnerabilities.
  • Foscam has the most reported critical vulnerabilities, with 7 reported vulnerabilities.

TOTAL
VULNERABILITIES
CRITICAL RISK
VULNERABILITIES
HIGH RISK
VULNERABILITIES
MEDIUM RISK
VULNERABILITIES
LOW RISK
VULNERABILITIES
REMOTELY
EXPLOITABLE
LOCALLY
EXPLOITABLE
EXPLOIT
AVAILABLE
EXPLOITABLE
ANONYMOUSLY
AFFECTING
WEB APPLICATION

Vulnerability Details

The following table list reported vulnerabilities for the period covered by this report:

Expand/Hide

17 Critical Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2018-11-11 CVE-2018-19168 Fruitywifi Project OS Command Injection vulnerability in Fruitywifi Project Fruitywifi

Shell Metacharacter Injection in www/modules/save.php in FruityWifi (aka PatatasFritas/PatataWifi) through 2.4 allows remote attackers to execute arbitrary code with root privileges via a crafted mod_name parameter in a POST request.

10.0
2018-11-08 CVE-2018-15381 Cisco Deserialization of Untrusted Data vulnerability in Cisco Unity Express

A Java deserialization vulnerability in Cisco Unity Express (CUE) could allow an unauthenticated, remote attacker to execute arbitrary shell commands with the privileges of the root user.

10.0
2018-11-07 CVE-2018-19081 Opticam
Foscam
OS Command Injection vulnerability in multiple products

An issue was discovered on Foscam Opticam i5 devices with System Firmware 1.5.2.11 and Application Firmware 2.21.1.128.

10.0
2018-11-07 CVE-2018-19069 Opticam
Foscam
USE of Hard-Coded Credentials vulnerability in multiple products

An issue was discovered on Foscam C2 devices with System Firmware 1.11.1.8 and Application Firmware 2.72.1.32, and Opticam i5 devices with System Firmware 1.5.2.11 and Application Firmware 2.21.1.128.

10.0
2018-11-07 CVE-2018-19067 Opticam
Foscam
USE of Hard-Coded Credentials vulnerability in multiple products

An issue was discovered on Foscam C2 devices with System Firmware 1.11.1.8 and Application Firmware 2.72.1.32, and Opticam i5 devices with System Firmware 1.5.2.11 and Application Firmware 2.21.1.128.

10.0
2018-11-07 CVE-2018-19064 Opticam
Foscam
Weak Password Requirements vulnerability in multiple products

An issue was discovered on Foscam C2 devices with System Firmware 1.11.1.8 and Application Firmware 2.72.1.32, and Opticam i5 devices with System Firmware 1.5.2.11 and Application Firmware 2.21.1.128.

10.0
2018-11-07 CVE-2018-19063 Opticam
Foscam
USE of Hard-Coded Credentials vulnerability in multiple products

An issue was discovered on Foscam C2 devices with System Firmware 1.11.1.8 and Application Firmware 2.72.1.32, and Opticam i5 devices with System Firmware 1.5.2.11 and Application Firmware 2.21.1.128.

10.0
2018-11-06 CVE-2018-9446 Google Out-Of-Bounds Write vulnerability in Google Android

In smp_br_state_machine_event of smp_br_main.cc, there is a possible out of bounds write due to memory corruption.

10.0
2018-11-06 CVE-2018-9356 Google Double Free vulnerability in Google Android

In bnep_data_ind of bnep_main.c, there is a possible remote code execution due to a double free.

10.0
2018-11-06 CVE-2018-9355 Google Out-Of-Bounds Write vulnerability in Google Android

In bta_dm_sdp_result of bta_dm_act.cc, there is a possible out of bounds stack write due to a missing bounds check.

10.0
2018-11-08 CVE-2018-15439 Cisco USE of Hard-Coded Credentials vulnerability in Cisco products

A vulnerability in the Cisco Small Business Switches software could allow an unauthenticated, remote attacker to bypass the user authentication mechanism of an affected device.

9.3
2018-11-06 CVE-2018-9427 Google Out-Of-Bounds Write vulnerability in Google Android 8.0/8.1

In CopyToOMX of OMXNodeInstance.cpp there is a possible out-of-bounds write due to an incorrect bounds check.

9.3
2018-11-07 CVE-2018-19073 Opticam
Foscam
OS Command Injection vulnerability in multiple products

An issue was discovered on Foscam C2 devices with System Firmware 1.11.1.8 and Application Firmware 2.72.1.32, and Opticam i5 devices with System Firmware 1.5.2.11 and Application Firmware 2.21.1.128.

9.0
2018-11-07 CVE-2018-19070 Opticam
Foscam
OS Command Injection vulnerability in multiple products

An issue was discovered on Foscam C2 devices with System Firmware 1.11.1.8 and Application Firmware 2.72.1.32, and Opticam i5 devices with System Firmware 1.5.2.11 and Application Firmware 2.21.1.128.

9.0
2018-11-06 CVE-2018-9450 Google Out-Of-Bounds Write vulnerability in Google Android

In avrc_proc_vendor_command of avrc_api.cc, there is a possible out of bounds write due to a missing bounds check.

9.0
2018-11-05 CVE-2018-13397 Atlassian Unspecified vulnerability in Atlassian Sourcetree

There was an argument injection vulnerability in Sourcetree for Windows from version 0.5.1.0 before version 3.0.0 via Git subrepositories in Mercurial repositories.

9.0
2018-11-05 CVE-2018-13396 Atlassian Unspecified vulnerability in Atlassian Sourcetree

There was an argument injection vulnerability in Sourcetree for macOS from version 1.0b2 before version 3.0.0 via Git subrepositories in Mercurial repositories.

9.0

47 High Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2018-11-07 CVE-2018-19079 Opticam
Foscam
Missing Authentication FOR Critical Function vulnerability in multiple products

An issue was discovered on Foscam Opticam i5 devices with System Firmware 1.5.2.11 and Application Firmware 2.21.1.128.

7.8
2018-11-07 CVE-2018-19077 Opticam
Foscam
Out-Of-Bounds Read vulnerability in multiple products

An issue was discovered on Foscam Opticam i5 devices with System Firmware 1.5.2.11 and Application Firmware 2.21.1.128.

7.8
2018-11-07 CVE-2018-16844 Nginx
Debian
Canonical
Resource Exhaustion vulnerability in multiple products

nginx before versions 1.15.6 and 1.14.1 has a vulnerability in the implementation of HTTP/2 that can allow for excessive CPU usage.

7.8
2018-11-07 CVE-2018-16843 Nginx
Debian
Canonical
Opensuse
Resource Exhaustion vulnerability in multiple products

nginx before versions 1.15.6 and 1.14.1 has a vulnerability in the implementation of HTTP/2 that can allow for excessive memory consumption.

7.8
2018-11-06 CVE-2018-9455 Google Out-Of-Bounds Read vulnerability in Google Android

In sdpu_extract_attr_seq of sdp_utils.cc, there is a possible out of bounds read due to an incorrect bounds check.

7.8
2018-11-06 CVE-2018-9448 Google Out-Of-Bounds Read vulnerability in Google Android 8.0/8.1

In avct_bcb_msg_ind of avct_bcb_act.cc, there is a possible out of bounds read due to a missing bounds check.

7.8
2018-11-06 CVE-2018-9436 Google Out-Of-Bounds Read vulnerability in Google Android

In bnep_data_ind of bnep_main.cc, there is a possible out of bounds read due to a missing bounds check.

7.8
2018-11-06 CVE-2018-9362 Google Improper Input Validation vulnerability in Google Android

In processMessagePart of InboundSmsHandler.java, there is a possible remote denial of service due to improper input validation.

7.8
2018-11-06 CVE-2018-9361 Google Out-Of-Bounds Read vulnerability in Google Android

In process_l2cap_cmd of l2c_main.cc, there is a possible out of bounds read due to a missing bounds check.

7.8
2018-11-06 CVE-2018-9360 Google Out-Of-Bounds Read vulnerability in Google Android

In process_l2cap_cmd of l2c_main.cc, there is a possible out of bounds read due to a missing bounds check.

7.8
2018-11-06 CVE-2018-9359 Google Out-Of-Bounds Read vulnerability in Google Android

In process_l2cap_cmd of l2c_main.cc, there is a possible out of bounds read due to a missing bounds check.

7.8
2018-11-06 CVE-2018-9358 Google Out-Of-Bounds Read vulnerability in Google Android

In gatts_process_attribute_req of gatt_sc.cc, there is a possible read of uninitialized data due to a missing bounds check.

7.8
2018-11-11 CVE-2018-19180 Yunucms Code Injection vulnerability in Yunucms 1.1.5

statics/app/index/controller/Install.php in YUNUCMS 1.1.5 (if install.lock is not present) allows remote attackers to execute arbitrary PHP code by placing this code in the index.php?s=index/install/setup2 DB_PREFIX field, which is written to database.php.

7.5
2018-11-09 CVE-2018-19127 Phpcms Code Injection vulnerability in PHPcms 2008

A code injection vulnerability in /type.php in PHPCMS 2008 allows attackers to write arbitrary content to a website cache file with a controllable filename, leading to arbitrary code execution.

7.5
2018-11-09 CVE-2018-19126 Prestashop Unrestricted Upload of File With Dangerous Type vulnerability in Prestashop

PrestaShop 1.6.x before 1.6.1.23 and 1.7.x before 1.7.4.4 allows remote attackers to execute arbitrary code via a file upload.

7.5
2018-11-08 CVE-2018-19115 Keepalived
Debian
Redhat
Out-Of-Bounds Write vulnerability in multiple products

keepalived before 2.0.7 has a heap-based buffer overflow when parsing HTTP status codes resulting in DoS or possibly unspecified other impact, because extract_status_code in lib/html.c has no validation of the status code and instead writes an unlimited amount of data to the heap.

7.5
2018-11-08 CVE-2018-15447 Cisco SQL Injection vulnerability in Cisco Integrated Management Controller

A vulnerability in the web framework code of Cisco Integrated Management Controller (IMC) Supervisor could allow an unauthenticated, remote attacker to execute arbitrary SQL queries.

7.5
2018-11-08 CVE-2018-15394 Cisco Unspecified vulnerability in Cisco Stealthwatch Enterprise

A vulnerability in the Stealthwatch Management Console (SMC) of Cisco Stealthwatch Enterprise could allow an unauthenticated, remote attacker to bypass authentication and execute arbitrary actions with administrative privileges on an affected system.

7.5
2018-11-07 CVE-2018-19082 Opticam
Foscam
Out-Of-Bounds Write vulnerability in multiple products

An issue was discovered on Foscam Opticam i5 devices with System Firmware 1.5.2.11 and Application Firmware 2.21.1.128.

7.5
2018-11-07 CVE-2018-19061 Dedecms SQL Injection vulnerability in Dedecms 5.7

DedeCMS 5.7 SP2 has SQL Injection via the dede\co_do.php ids parameter.

7.5
2018-11-07 CVE-2018-8021 Apache Deserialization of Untrusted Data vulnerability in Apache Superset

Versions of Superset prior to 0.23 used an unsafe load method from the pickle library to deserialize data leading to possible remote code execution.

7.5
2018-11-07 CVE-2018-19047 Mpdf Project Server-Side Request Forgery (SSRF) vulnerability in Mpdf Project Mpdf

** DISPUTED ** mPDF through 7.1.6, if deployed as a web application that accepts arbitrary HTML, allows SSRF, as demonstrated by a '<img src="http://192.168' substring that triggers a call to getImage in Image/ImageProcessor.php.

7.5
2018-11-06 CVE-2018-14667 Redhat Code Injection vulnerability in Redhat Enterprise Linux and Richfaces

The RichFaces Framework 3.X through 3.3.4 is vulnerable to Expression Language (EL) injection via the UserResource resource.

7.5
2018-11-06 CVE-2018-18963 Degraupublicidade SQL Injection vulnerability in Degraupublicidade

Busca.aspx.cs in Degrau Publicidade e Internet Plataforma de E-commerce allows SQL Injection via the busca/ URI.

7.5
2018-11-05 CVE-2018-18957 MZ Automation Out-Of-Bounds Write vulnerability in Mz-Automation Libiec61850 1.3

An issue has been found in libIEC61850 v1.3.

7.5
2018-11-05 CVE-2018-9208 Tuyoshi Unrestricted Upload of File With Dangerous Type vulnerability in Tuyoshi Jquery Picture CUT 1.1

Unauthenticated arbitrary file upload vulnerability in jQuery Picture Cut <= v1.1Beta

7.5
2018-11-05 CVE-2018-18949 Zohocorp SQL Injection vulnerability in Zohocorp Manageengine Opmanager 11.4/12.3

Zoho ManageEngine OpManager 12.3 before 123222 has SQL Injection via Mail Server settings.

7.5
2018-11-05 CVE-2018-18934 Popojicms Cross-Site Request Forgery (CSRF) vulnerability in Popojicms 2.0.1

An issue was discovered in PopojiCMS v2.0.1.

7.5
2018-11-10 CVE-2018-19087 Iobit Out-Of-Bounds Write vulnerability in Iobit Malware Fighter 6.2

RegFilter.sys in IOBit Malware Fighter 6.2 is susceptible to a stack-based buffer overflow when an attacker uses IOCTL 0x8006E044 with a size larger than 8 bytes.

7.2
2018-11-10 CVE-2018-19086 Iobit Out-Of-Bounds Write vulnerability in Iobit Malware Fighter 6.2

RegFilter.sys in IOBit Malware Fighter 6.2 is susceptible to a stack-based buffer overflow when an attacker uses IOCTL 0x8006E040 with a size larger than 8 bytes.

7.2
2018-11-10 CVE-2018-19085 Iobit Out-Of-Bounds Write vulnerability in Iobit Malware Fighter 6.2

RegFilter.sys in IOBit Malware Fighter 6.2 is susceptible to a stack-based buffer overflow when an attacker uses IOCTL 0x8006E048 with a size larger than 8 bytes.

7.2
2018-11-10 CVE-2018-19084 Iobit Out-Of-Bounds Write vulnerability in Iobit Malware Fighter

RegFilter.sys in IOBit Malware Fighter 6.2 is susceptible to a stack-based buffer overflow when an attacker uses IOCTL 0x8006E05C with a size larger than 8 bytes.

7.2
2018-11-09 CVE-2018-1834 IBM
Linux
Microsoft
Link Following vulnerability in IBM DB2

IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, and 11.1 contains a vulnerability that could allow a local user to escalate their privileges to root through a symbolic link attack.

7.2
2018-11-09 CVE-2018-1781 IBM
Linux
Microsoft
Link Following vulnerability in IBM DB2

IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, and 11.1 could allow a local user to obtain root access by exploiting a symbolic link attack to read/write/corrupt a file that they originally did not have permission to access.

7.2
2018-11-09 CVE-2018-1780 IBM
Linux
Microsoft
Link Following vulnerability in IBM DB2

IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, and 11.1 could allow a local db2 instance owner to obtain root access by exploiting a symbolic link attack to read/write/corrupt a file that they originally did not have permission to access.

7.2
2018-11-08 CVE-2018-6438 Brocade Unspecified vulnerability in Brocade Fabric OS

A Vulnerability in the supportsave command of Brocade Fabric OS command line interface (CLI) versions before 8.2.1, 8.1.2f, 8.0.2f, 7.4.2d could allow a local attacker to escape the restricted shell and, gain root access.

7.2
2018-11-08 CVE-2018-6437 Brocade Unspecified vulnerability in Brocade Fabric OS

A Vulnerability in the help command of Brocade Fabric OS command line interface (CLI) versions before 8.2.1, 8.1.2f, 8.0.2f, 7.4.2d could allow a local attacker to escape the restricted shell and, gain root access.

7.2
2018-11-08 CVE-2018-6436 Brocade Unspecified vulnerability in Brocade Fabric OS

A Vulnerability in the firmwaredownload command of Brocade Fabric OS command line interface (CLI) versions before 8.2.1, 8.1.2f, 8.0.2f, 7.4.2d could allow a local attacker to escape the restricted shell and, gain root access.

7.2
2018-11-08 CVE-2018-6441 Brocade Unspecified vulnerability in Brocade Fabric OS

A vulnerability in Secure Shell implementation of Brocade Fabric OS versions before 8.2.1, 8.1.2f, 8.0.2f, 7.4.2d could allow a local attacker to provide arbitrary environment variables, and bypass the restricted configuration shell.

7.2
2018-11-08 CVE-2018-6435 Brocade Unspecified vulnerability in Brocade Fabric OS

A Vulnerability in the secryptocfg command of Brocade Fabric OS command line interface (CLI) versions before 8.2.1, 8.1.2f, 8.0.2f, 7.4.2d could allow a local attacker to escape the restricted shell and, and gain root access.

7.2
2018-11-06 CVE-2018-9516 Google
Debian
Canonical
Out-Of-Bounds Write vulnerability in multiple products

In hid_debug_events_read of drivers/hid/hid-debug.c, there is a possible out of bounds write due to a missing bounds check.

7.2
2018-11-06 CVE-2018-9445 Google Path Traversal vulnerability in Google Android

In readMetadata of Utils.cpp, there is a possible path traversal bug due to a confused deputy.

7.2
2018-11-06 CVE-2018-9422 Google
Debian
USE After Free vulnerability in multiple products

In get_futex_key of futex.c, there is a use-after-free due to improper locking.

7.2
2018-11-06 CVE-2018-9363 Google
Canonical
Debian
Integer Overflow OR Wraparound vulnerability in multiple products

In the hidp_process_report in bluetooth, there is an integer overflow.

7.2
2018-11-06 CVE-2018-9357 Google Out-Of-Bounds Write vulnerability in Google Android

In BNEP_Write of bnep_api.cc, there is a possible out of bounds write due to an incorrect bounds check.

7.2
2018-11-06 CVE-2018-9444 Google Infinite Loop vulnerability in Google Android

In ih264d_video_decode of ih264d_api.c there is a possible resource exhaustion due to an infinite loop.

7.1
2018-11-06 CVE-2018-9437 Google Out-Of-Bounds Read vulnerability in Google Android

In getstring of ID3.cpp there is a possible out-of-bounds read due to a missing bounds check.

7.1

120 Medium Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2018-11-11 CVE-2018-19135 Clippercms Cross-Site Request Forgery (CSRF) vulnerability in Clippercms 1.3.3

ClipperCMS 1.3.3 does not have CSRF protection on its kcfinder file upload (enabled by default).

6.8
2018-11-10 CVE-2017-17550 Zyxel Cross-Site Request Forgery (CSRF) vulnerability in Zyxel Zywall USG 100 Firmware 2.12(Aqq.2)/3.30(Aqq.7)

ZyXEL ZyWALL USG 2.12 AQQ.2 and 3.30 AQQ.7 devices are affected by a CSRF vulnerability via a cgi-bin/zysh-cgi cmd action to add a user account.

6.8
2018-11-10 CVE-2018-19150 Pdfforge Buffer Errors vulnerability in Pdfforge PDF Architect 6

Memory corruption in PDMODELProvidePDModelHFT in pdmodel.dll in pdfforge PDF Architect 6 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact because of a "Data from Faulting Address controls Code Flow" issue.

6.8
2018-11-09 CVE-2018-19138 Wstmart Cross-Site Request Forgery (CSRF) vulnerability in Wstmart 2.0.7

WSTMart 2.0.7 has CSRF via the index.php/admin/staffs/add.html URI.

6.8
2018-11-09 CVE-2018-1774 IBM Unspecified vulnerability in IBM API Connect

IBM API Connect 5.0.0.0, 5.0.8.4, 2018.1 and 2018.3.6 is vulnerable to CSV injection via the developer portal and analytics that could contain malicious commands that would be executed once opened by an administrator.

6.8
2018-11-08 CVE-2018-19105 Librecad Out-Of-Bounds Write vulnerability in Librecad 2.1.3

LibreCAD 2.1.3 allows remote attackers to cause a denial of service (0x89C04589 write access violation and application crash) or possibly have unspecified other impact via a crafted file.

6.8
2018-11-08 CVE-2018-19104 Bagesoft Cross-Site Request Forgery (CSRF) vulnerability in Bagesoft Bagecms 3.1.3

In BageCMS 3.1.3, upload/index.php has a CSRF vulnerability that can be used to upload arbitrary files and get server privileges.

6.8
2018-11-06 CVE-2018-12415 Tibco Cross-Site Request Forgery (CSRF) vulnerability in Tibco Enterprise Message Service

The Central Administration server (emsca) component of TIBCO Software Inc.'s TIBCO Enterprise Message Service, TIBCO Enterprise Message Service - Community Edition, and TIBCO Enterprise Message Service - Developer Edition contains a vulnerability which may allow an attacker to perform cross-site request forgery (CSRF) attacks.

6.8
2018-11-06 CVE-2018-12414 Tibco Cross-Site Request Forgery (CSRF) vulnerability in Tibco products

The Rendezvous Routing Daemon (rvrd), Rendezvous Secure Routing Daemon (rvrsd), Rendezvous Secure Daemon (rvsd), Rendezvous Cache (rvcache), and Rendezvous Daemon Manager (rvdm) components of TIBCO Software Inc.'s TIBCO Rendezvous, TIBCO Rendezvous Developer Edition, TIBCO Rendezvous for z/Linux, TIBCO Rendezvous for z/OS, TIBCO Rendezvous Network Server, TIBCO Substation ES contain vulnerabilities which may allow an attacker to perform cross-site request forgery (CSRF) attacks.

6.8
2018-11-06 CVE-2018-12413 Tibco Cross-Site Request Forgery (CSRF) vulnerability in Tibco Messaging - Apache Kafka Distribution - Schema Repository 1.0.0

The Schema repository server (tibschemad) component of TIBCO Software Inc.'s TIBCO Messaging - Apache Kafka Distribution - Schema Repository - Community Edition, and TIBCO Messaging - Apache Kafka Distribution - Schema Repository - Enterprise Edition contains a vulnerability which may allow an attacker to perform cross-site request forgery (CSRF) attacks.

6.8
2018-11-06 CVE-2018-12412 Tibco Cross-Site Request Forgery (CSRF) vulnerability in Tibco FTL

The realm server (tibrealmserver) component of TIBCO Software Inc.

6.8
2018-11-06 CVE-2018-12411 Tibco Cross-Site Request Forgery (CSRF) vulnerability in Tibco Activespaces

The administrative daemon (tibdgadmind) of TIBCO Software Inc.'s TIBCO ActiveSpaces - Community Edition, TIBCO ActiveSpaces - Developer Edition, and TIBCO ActiveSpaces - Enterprise Edition contains a vulnerability which may allow an attacker to perform cross-site request forgery (CSRF) attacks.

6.8
2018-11-06 CVE-2018-9459 Google Path Traversal vulnerability in Google Android

In Attachment of Attachment.java and getFilePath of EmlAttachmentProvider.java, there is a possible Elevation of Privilege due to a path traversal error.

6.8
2018-11-06 CVE-2018-9458 Google Improper Restriction of Rendered UI Layers OR Frames vulnerability in Google Android 8.0/8.1

In computeFocusedWindow of RootWindowContainer.java, and related functions, there is possible interception of keypresses due to focus being on the wrong window.

6.8
2018-11-05 CVE-2018-17913 Omron Incorrect Type Conversion OR Cast vulnerability in Omron Cx-Supervisor

A type confusion vulnerability exists when processing project files in Omron CX-Supervisor Versions 3.4.1.0 and prior, which may allow an attacker to execute code in the context of the application.

6.8
2018-11-05 CVE-2018-17909 Omron USE After Free vulnerability in Omron Cx-Supervisor

When processing project files in Omron CX-Supervisor Versions 3.4.1.0 and prior, the application fails to check if it is referencing freed memory, which may allow an attacker to execute code under the context of the application.

6.8
2018-11-05 CVE-2018-17905 Omron Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Omron Cx-Supervisor

When processing project files in Omron CX-Supervisor Versions 3.4.1.0 and prior and tampering with a specific byte, memory corruption may occur within a specific object.

6.8
2018-11-05 CVE-2018-18820 Xiph
Debian
Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in multiple products

A buffer overflow was discovered in the URL-authentication backend of the Icecast before 2.4.4.

6.8
2018-11-05 CVE-2018-18935 Popojicms Cross-Site Request Forgery (CSRF) vulnerability in Popojicms 2.0.1

An issue was discovered in PopojiCMS v2.0.1.

6.8
2018-11-08 CVE-2018-19114 Iminho Improper Input Validation vulnerability in Iminho Mindoc

An issue was discovered in MinDoc through v1.0.2.

6.5
2018-11-08 CVE-2018-6442 Brocade Unspecified vulnerability in Brocade Fabric OS

A vulnerability in the Brocade Webtools firmware update section of Brocade Fabric OS before 8.2.1, 8.1.2f, 8.0.2f, 7.4.2d could allow remote authenticated attackers to execute arbitrary commands.

6.5
2018-11-08 CVE-2018-19109 Tianti Project Forced Browsing vulnerability in Tianti Project Tianti 2.3

tianti 2.3 allows remote authenticated users to bypass intended permission restrictions by visiting tianti-module-admin/cms/column/list directly to read the column list page or edit a column.

6.5
2018-11-07 CVE-2018-19053 Pbootcms Code Injection vulnerability in Pbootcms 1.2.2

PbootCMS 1.2.2 allows remote attackers to execute arbitrary PHP code by specifying a .php filename in a "SET GLOBAL general_log_file" statement, followed by a SELECT statement containing this PHP code.

6.5
2018-11-06 CVE-2018-17186 Apache XXE vulnerability in Apache Syncope

An administrator with workflow definition entitlements can use DTD to perform malicious operations, including but not limited to file read, file write, and code execution.

6.5
2018-11-05 CVE-2018-18942 Basercms Unrestricted Upload of File With Dangerous Type vulnerability in Basercms

In baserCMS before 4.1.4, lib\Baser\Model\ThemeConfig.php allows remote attackers to execute arbitrary PHP code via the admin/theme_configs/form data[ThemeConfig][logo] parameter.

6.5
2018-11-11 CVE-2018-19181 Yunucms Path Traversal vulnerability in Yunucms 1.1.5

statics/ueditor/php/vendor/Local.class.php in YUNUCMS 1.1.5 allows arbitrary file deletion via the statics/ueditor/php/controller.php?action=remove key parameter, as demonstrated by using directory traversal to delete the install.lock file.

6.4
2018-11-09 CVE-2018-19125 Prestashop Unspecified vulnerability in Prestashop

PrestaShop 1.6.x before 1.6.1.23 and 1.7.x before 1.7.4.4 allows remote attackers to delete an image directory.

6.4
2018-11-05 CVE-2018-18936 Popojicms Path Traversal vulnerability in Popojicms 2.0.1

An issue was discovered in PopojiCMS v2.0.1.

6.4
2018-11-05 CVE-2018-18933 Foxitsoftware Out-Of-Bounds Read vulnerability in Foxitsoftware Foxit Reader and U3D

The u3d plugin 9.3.0.10809 (aka plugins\U3DBrowser.fpi) in FoxitReader.exe in Foxit Reader 9.3.0.10826 allows remote attackers to cause a denial of service (out-of-bounds read) or obtain sensitive information via a U3D sample because of a "Read Access Violation near NULL starting at FoxitReader!safe_vsnprintf+0x00000000002c4330" issue.

6.4
2018-11-08 CVE-2018-15445 Cisco Cross-Site Request Forgery (CSRF) vulnerability in Cisco Energy Management Suite Software

A vulnerability in the web-based management interface of Cisco Energy Management Suite Software could allow an authenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack and perform arbitrary actions on an affected device.

6.0
2018-11-07 CVE-2018-18590 Microfocus Information Exposure vulnerability in Microfocus Operations Bridge

A potential remote code execution and information disclosure vulnerability exists in Micro Focus Operations Bridge containerized suite versions 2017.11, 2018.02, 2018.05, 2018.08.

5.8
2018-11-07 CVE-2018-16845 Nginx
Debian
Canonical
Opensuse
Infinite Loop vulnerability in multiple products

nginx before versions 1.15.6, 1.14.1 has a vulnerability in the ngx_http_mp4_module, which might allow an attacker to cause infinite loop in a worker process, cause a worker process crash, or might result in worker process memory disclosure by using a specially crafted mp4 file.

5.8
2018-11-06 CVE-2018-16986 TI Out-Of-Bounds Write vulnerability in TI Ble-Stack 3.0.0

Texas Instruments BLE-STACK v2.2.1 for SimpleLink CC2640 and CC2650 devices allows remote attackers to execute arbitrary code via a malformed packet that triggers a buffer overflow.

5.8
2018-11-11 CVE-2018-19143 Otrs
Debian
Forced Browsing vulnerability in multiple products

Open Ticket Request System (OTRS) 4.0.x before 4.0.33, 5.0.x before 5.0.31, and 6.0.x before 6.0.13 allows an authenticated user to delete files via a modified submission form because upload caching is mishandled.

5.5
2018-11-09 CVE-2018-15796 Pivotal Software Inadequate Encryption Strength vulnerability in Pivotal Software Bits Service

Cloud Foundry Bits Service Release, versions prior to 2.14.0, uses an insecure hashing algorithm to sign URLs.

5.5
2018-11-08 CVE-2018-15450 Cisco Path Traversal vulnerability in Cisco Prime Collaboration 12.1

A vulnerability in the web-based UI of Cisco Prime Collaboration Assurance could allow an authenticated, remote attacker to overwrite files on the file system.

5.5
2018-11-08 CVE-2018-11777 Apache Unspecified vulnerability in Apache Hive

In Apache Hive 2.3.3, 3.1.0 and earlier, local resources on HiveServer2 machines are not properly protected against malicious user if ranger, sentry or sql standard authorizer is not in use.

5.5
2018-11-09 CVE-2018-17612 Sennheiser
Microsoft
Improper Certificate Validation vulnerability in multiple products

Sennheiser HeadSetup 7.3.4903 places Certification Authority (CA) certificates into the Trusted Root CA store of the local system, and publishes the private key in the SennComCCKey.pem file within the public software distribution, which allows remote attackers to spoof arbitrary web sites or software publishers for several years, even if the HeadSetup product is uninstalled.

5.0
2018-11-09 CVE-2018-19133 Flarum Information Exposure vulnerability in Flarum 0.1.0

In Flarum Core 0.1.0-beta.7.1, a serious leak can get everyone's email address.

5.0
2018-11-09 CVE-2018-19124 Prestashop
Microsoft
Path Traversal vulnerability in Prestashop

PrestaShop 1.6.x before 1.6.1.23 and 1.7.x before 1.7.4.4 on Windows allows remote attackers to write to arbitrary image files.

5.0
2018-11-08 CVE-2018-19045 Keepalived Information Exposure vulnerability in Keepalived 2.0.8

keepalived 2.0.8 used mode 0666 when creating new temporary files upon a call to PrintData or PrintStats, potentially leaking sensitive information.

5.0
2018-11-08 CVE-2018-15448 Cisco Unspecified vulnerability in Cisco Registered Envelope Service

A vulnerability in the user management functions of Cisco Registered Envelope Service could allow an unauthenticated, remote attacker to discover sensitive user information.

5.0
2018-11-08 CVE-2018-15446 Cisco Information Exposure vulnerability in Cisco Meeting Server

A vulnerability in Cisco Meeting Server could allow an unauthenticated, remote attacker to gain access to sensitive information.

5.0
2018-11-08 CVE-2018-15443 Cisco Resource Exhaustion vulnerability in Cisco Firepower System Software

A vulnerability in the detection engine of Cisco Firepower System Software could allow an unauthenticated, remote attacker to bypass a configured Intrusion Prevention System (IPS) rule that inspects certain types of TCP traffic.

5.0
2018-11-08 CVE-2018-6434 Brocade Session Fixation vulnerability in Brocade Fabric OS

A vulnerability in the web management interface of Brocade Fabric OS versions before 8.2.1, 8.1.2f, 8.0.2f, 7.4.2d could allow attackers to intercept or manipulate a user's session ID.

5.0
2018-11-08 CVE-2018-19111 Google Cleartext Transmission of Sensitive Information vulnerability in Google Cardboard 1.2/1.8

The Google Cardboard application 1.8 for Android and 1.2 for iOS sends potentially private cleartext information to the Unity 3D Stats web site, as demonstrated by device make, model, and OS.

5.0
2018-11-07 CVE-2018-19093 MZ Automation Unspecified vulnerability in Mz-Automation Libiec61850 1.3

** DISPUTED ** An issue has been found in libIEC61850 v1.3.

5.0
2018-11-07 CVE-2018-19078 Opticam
Foscam
Insufficiently Protected Credentials vulnerability in multiple products

An issue was discovered on Foscam Opticam i5 devices with System Firmware 1.5.2.11 and Application Firmware 2.21.1.128.

5.0
2018-11-07 CVE-2018-19076 Opticam
Foscam
Improper Authentication vulnerability in multiple products

An issue was discovered on Foscam C2 devices with System Firmware 1.11.1.8 and Application Firmware 2.72.1.32, and Opticam i5 devices with System Firmware 1.5.2.11 and Application Firmware 2.21.1.128.

5.0
2018-11-07 CVE-2018-19075 Opticam
Foscam
Information Exposure vulnerability in multiple products

An issue was discovered on Foscam C2 devices with System Firmware 1.11.1.8 and Application Firmware 2.72.1.32, and Opticam i5 devices with System Firmware 1.5.2.11 and Application Firmware 2.21.1.128.

5.0
2018-11-07 CVE-2018-19074 Opticam
Foscam
An issue was discovered on Foscam C2 devices with System Firmware 1.11.1.8 and Application Firmware 2.72.1.32, and Opticam i5 devices with System Firmware 1.5.2.11 and Application Firmware 2.21.1.128.
5.0
2018-11-07 CVE-2018-19066 Opticam
Foscam
USE of Hard-Coded Credentials vulnerability in multiple products

An issue was discovered on Foscam C2 devices with System Firmware 1.11.1.8 and Application Firmware 2.72.1.32, and Opticam i5 devices with System Firmware 1.5.2.11 and Application Firmware 2.21.1.128.

5.0
2018-11-07 CVE-2018-19065 Opticam
Foscam
USE of Hard-Coded Credentials vulnerability in multiple products

An issue was discovered on Foscam C2 devices with System Firmware 1.11.1.8 and Application Firmware 2.72.1.32, and Opticam i5 devices with System Firmware 1.5.2.11 and Application Firmware 2.21.1.128.

5.0
2018-11-07 CVE-2018-19052 Lighttpd
Suse
Path Traversal vulnerability in multiple products

An issue was discovered in mod_alias_physical_handler in mod_alias.c in lighttpd before 1.4.50.

5.0
2018-11-06 CVE-2018-16475 Knight Project Path Traversal vulnerability in Knight Project Knight 0.0.1

A Path Traversal in Knightjs versions <= 0.0.1 allows an attacker to read content of arbitrary files on a remote server.

5.0
2018-11-06 CVE-2018-16473 Takeapeek Project Path Traversal vulnerability in Takeapeek Project Takeapeek

A path traversal in takeapeek module versions <=0.2.2 allows an attacker to list directory and files.

5.0
2018-11-06 CVE-2018-16472 Cached Path Relative Project Improper Input Validation vulnerability in Cached-Path-Relative Project Cached-Path-Relative 1.0.0/1.0.1

A prototype pollution attack in cached-path-relative versions <=1.0.1 allows an attacker to inject properties on Object.prototype which are then inherited by all the JS objects through the prototype chain causing a DoS attack.

5.0
2018-11-06 CVE-2018-9489 Google Information Exposure vulnerability in Google Android

When wifi is switched, function sendNetworkStateChangeBroadcast of WifiStateMachine.java broadcasts an intent including detailed wifi network information.

5.0
2018-11-06 CVE-2014-10077 I18N Project
Debian
Improper Input Validation vulnerability in multiple products

Hash#slice in lib/i18n/core_ext/hash.rb in the i18n gem before 0.8.0 for Ruby allows remote attackers to cause a denial of service (application crash) via a call in a situation where :some_key is present in keep_keys but not present in the hash.

5.0
2018-11-06 CVE-2018-18980 Zohocorp XXE vulnerability in Zohocorp products

An XML External Entity injection (XXE) vulnerability exists in Zoho ManageEngine Network Configuration Manager and OpManager before 12.3.214 via the RequestXML parameter in a /devices/ProcessRequest.do GET request.

5.0
2018-11-05 CVE-2018-18956 Suricata IDS Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Suricata-Ids Suricata

The ProcessMimeEntity function in util-decode-mime.c in Suricata 4.x before 4.0.6 allows remote attackers to cause a denial of service (segfault and daemon crash) via crafted input to the SMTP parser, as exploited in the wild in November 2018.

5.0
2018-11-05 CVE-2018-18950 Kindeditor Path Traversal vulnerability in Kindeditor

KindEditor through 4.1.11 has a path traversal vulnerability in php/upload_json.php.

5.0
2018-11-05 CVE-2018-18937 MZ Automation Null Pointer Dereference vulnerability in Mz-Automation Libiec61850 1.3

An issue has been found in libIEC61850 v1.3.

5.0
2018-11-08 CVE-2018-15444 Cisco XXE vulnerability in Cisco Energy Management Suite Software

A vulnerability in the web-based user interface of Cisco Energy Management Suite Software could allow an authenticated, remote attacker to gain read and write access to information that is stored on an affected system.

4.9
2018-11-06 CVE-2018-9454 Google Out-Of-Bounds Read vulnerability in Google Android

In bnep_data_ind of bnep_main.cc, there is a possible out of bounds read due to a missing bounds check.

4.9
2018-11-06 CVE-2018-9453 Google Out-Of-Bounds Read vulnerability in Google Android

In avdt_msg_prs_cfg of avdt_msg.cc, there is a possible out of bounds read due to a missing bounds check.

4.9
2018-11-06 CVE-2018-9451 Google Out-Of-Bounds Read vulnerability in Google Android

In DynamicRefTable::load of ResourceTypes.cpp, there is a possible out of bounds read due to a missing bounds check.

4.9
2018-11-06 CVE-2018-9438 Google Unspecified vulnerability in Google Android 8.1

When a device connects only over WiFi VPN, the device may not receive security updates due to some incorrect checks.

4.7
2018-11-09 CVE-2018-1802 IBM
Linux
Microsoft
Untrusted Search Path vulnerability in IBM DB2

IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, and 11.1 binaries load shared libraries from an untrusted path potentially giving low privilege user full access to the DB2 instance account by loading a malicious shared library.

4.6
2018-11-07 CVE-2018-19071 Opticam
Foscam
Incorrect Permission Assignment FOR Critical Resource vulnerability in multiple products

An issue was discovered on Foscam C2 devices with System Firmware 1.11.1.8 and Application Firmware 2.72.1.32, and Opticam i5 devices with System Firmware 1.5.2.11 and Application Firmware 2.21.1.128.

4.6
2018-11-06 CVE-2018-9488 Google Incorrect Authorization vulnerability in Google Android 8.0/8.1/9.0

In the SELinux permissions of crash_dump.te, there is a permissions bypass due to a missing restriction.

4.6
2018-11-06 CVE-2018-9465 Google USE After Free vulnerability in Google Android

In task_get_unused_fd_flags of binder.c, there is a possible memory corruption due to a use after free.

4.6
2018-11-06 CVE-2018-9415 Google
Canonical
Double Free vulnerability in multiple products

In driver_override_store and driver_override_show of bus.c, there is a possible double free due to improper locking.

4.6
2018-11-06 CVE-2018-9385 Google Out-Of-Bounds Write vulnerability in Google Android

In driver_override_store of bus.c, there is a possible out of bounds write due to an incorrect bounds check.

4.6
2018-11-10 CVE-2018-19149 Freedesktop
Canonical
Null Pointer Dereference vulnerability in multiple products

Poppler before 0.70.0 has a NULL pointer dereference in _poppler_attachment_new when called from poppler_annot_file_attachment_get_attachment.

4.3
2018-11-10 CVE-2018-19148 Caddyserver Information Exposure vulnerability in Caddyserver Caddy

Caddy through 0.11.0 sends incorrect certificates for certain invalid requests, making it easier for attackers to enumerate hostnames.

4.3
2018-11-09 CVE-2018-19145 S CMS Cross-Site Scripting vulnerability in S-Cms 1.5

An issue was discovered in S-CMS v1.5.

4.3
2018-11-09 CVE-2018-19139 Jasper Project
Redhat
Debian
Missing Release of Resource After Effective Lifetime vulnerability in multiple products

An issue has been found in JasPer 2.0.14.

4.3
2018-11-09 CVE-2018-19137 Domainmod Cross-Site Scripting vulnerability in Domainmod

DomainMOD through 4.11.01 has XSS via the assets/edit/ip-address.php ipid parameter.

4.3
2018-11-09 CVE-2018-19136 Domainmod Cross-Site Scripting vulnerability in Domainmod

DomainMOD through 4.11.01 has XSS via the assets/edit/registrar-account.php raid parameter.

4.3
2018-11-09 CVE-2018-14644 Powerdns Improper Input Validation vulnerability in Powerdns Recursor

An issue has been found in PowerDNS Recursor from 4.0.0 up to and including 4.1.4.

4.3
2018-11-09 CVE-2018-19132 Squid Cache
Debian
Missing Release of Resource After Effective Lifetime vulnerability in multiple products

Squid before 4.4, when SNMP is enabled, allows a denial of service (Memory Leak) via an SNMP packet.

4.3
2018-11-09 CVE-2018-19131 Squid Cache Cross-Site Scripting vulnerability in Squid-Cache Squid

Squid before 4.4 has XSS via a crafted X.509 certificate during HTTP(S) error page generation for certificate errors.

4.3
2018-11-09 CVE-2018-19130 Libav Buffer Errors vulnerability in Libav 12.3

** DISPUTED ** In Libav 12.3, there is an invalid memory access in vc1_decode_frame in libavcodec/vc1dec.c that allows attackers to cause a denial-of-service via a crafted aac file.

4.3
2018-11-09 CVE-2018-19129 Libav Null Pointer Dereference vulnerability in Libav 12.3

In Libav 12.3, a NULL pointer dereference (RIP points to zero) issue in ff_mpa_synth_filter_float in libavcodec/mpegaudiodsp_template.c can cause a segmentation fault (application crash) via a crafted mov file.

4.3
2018-11-09 CVE-2018-19128 Libav Out-Of-Bounds Read vulnerability in Libav 12.3

In Libav 12.3, there is a heap-based buffer over-read in decode_frame in libavcodec/lcldec.c that allows an attacker to cause denial-of-service via a crafted avi file.

4.3
2018-11-09 CVE-2018-19122 MZ Automation Null Pointer Dereference vulnerability in Mz-Automation Libiec61850 1.3

An issue has been found in libIEC61850 v1.3.

4.3
2018-11-09 CVE-2018-19121 MZ Automation Null Pointer Dereference vulnerability in Mz-Automation Libiec61850 1.3

An issue has been found in libIEC61850 v1.3.

4.3
2018-11-08 CVE-2018-15449 Cisco Improper Input Validation vulnerability in Cisco Video Surveillance Media Server

A vulnerability in the web-based management interface of Cisco Video Surveillance Media Server could allow an unauthenticated, remote attacker to cause a denial of service (DoS) of the web-based management interface of an affected system.

4.3
2018-11-08 CVE-2018-15393 Cisco Cross-Site Scripting vulnerability in Cisco Content Security Management Appliance

A vulnerability in the web-based management interface of Cisco Content Security Management Appliance (SMA) Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface.

4.3
2018-11-08 CVE-2018-19108 Exiv2
Debian
Infinite Loop vulnerability in multiple products

In Exiv2 0.26, Exiv2::PsdImage::readMetadata in psdimage.cpp in the PSD image reader may suffer from a denial of service (infinite loop) caused by an integer overflow via a crafted PSD image file.

4.3
2018-11-08 CVE-2018-19107 Exiv2
Debian
Out-Of-Bounds Read vulnerability in multiple products

In Exiv2 0.26, Exiv2::IptcParser::decode in iptc.cpp (called from psdimage.cpp in the PSD image reader) may suffer from a denial of service (heap-based buffer over-read) caused by an integer overflow via a crafted PSD image file.

4.3
2018-11-07 CVE-2018-16253 Axtls Project Improper Verification of Cryptographic Signature vulnerability in Axtls Project Axtls

In sig_verify() in x509.c in axTLS version 2.1.3 and before, the PKCS#1 v1.5 signature verification does not properly verify the ASN.1 metadata.

4.3
2018-11-07 CVE-2018-16150 Axtls Project Improper Verification of Cryptographic Signature vulnerability in Axtls Project Axtls

In sig_verify() in x509.c in axTLS version 2.1.3 and before, the PKCS#1 v1.5 signature verification does not reject excess data after the hash value.

4.3
2018-11-07 CVE-2018-16149 Axtls Project Improper Verification of Cryptographic Signature vulnerability in Axtls Project Axtls

In sig_verify() in x509.c in axTLS version 2.1.3 and before, the PKCS#1 v1.5 signature verification blindly trusts the declared lengths in the ASN.1 structure.

4.3
2018-11-07 CVE-2018-19092 Yzmcms Cross-Site Scripting vulnerability in Yzmcms 5.2

An issue was discovered in YzmCMS v5.2.

4.3
2018-11-07 CVE-2018-19083 Wecenter Cross-Site Scripting vulnerability in Wecenter 3.2.0/3.2.2

WeCenter 3.2.0 through 3.2.2 has XSS in the views/default/question/index.tpl.html htmlspecialchars_decode function via the /?/publish/ajax/publish_question/ question_content parameter.

4.3
2018-11-07 CVE-2018-19080 Opticam
Foscam
Cross-Site Scripting vulnerability in multiple products

An issue was discovered on Foscam Opticam i5 devices with System Firmware 1.5.2.11 and Application Firmware 2.21.1.128.

4.3
2018-11-07 CVE-2018-19060 Freedesktop
Canonical
Null Pointer Dereference vulnerability in multiple products

An issue was discovered in Poppler 0.71.0.

4.3
2018-11-07 CVE-2018-19059 Freedesktop
Canonical
Out-Of-Bounds Read vulnerability in multiple products

An issue was discovered in Poppler 0.71.0.

4.3
2018-11-07 CVE-2018-19058 Freedesktop
Canonical
Debian
Always-Incorrect Control Flow Implementation vulnerability in multiple products

An issue was discovered in Poppler 0.71.0.

4.3
2018-11-07 CVE-2018-19057 Sparksuite Cross-Site Scripting vulnerability in Sparksuite Simplemde 1.11.2

SimpleMDE 1.11.2 has XSS via an onerror attribute of a crafted IMG element, or via certain input with [ and ( characters, which is mishandled during construction of an A element.

4.3
2018-11-07 CVE-2018-19056 Ipandao Cross-Site Scripting vulnerability in Ipandao Editor.Md 1.5.0

pandao Editor.md 1.5.0 has DOM XSS via input starting with a "<<" substring, which is mishandled during construction of an A element.

4.3
2018-11-07 CVE-2018-19051 Metinfo Cross-Site Scripting vulnerability in Metinfo 6.1.3

MetInfo 6.1.3 has XSS via the admin/index.php?a=dogetpassword abt_type parameter.

4.3
2018-11-07 CVE-2018-19050 Metinfo Cross-Site Scripting vulnerability in Metinfo 6.1.3

MetInfo 6.1.3 has XSS via the admin/index.php?a=dogetpassword langset parameter.

4.3
2018-11-06 CVE-2018-16474 Tianma Static Project Cross-Site Scripting vulnerability in Tianma-Static Project Tianma-Static

A stored xss in tianma-static module versions <=1.0.4 allows an attacker to execute arbitrary javascript.

4.3
2018-11-06 CVE-2018-1694 IBM Unspecified vulnerability in IBM products

IBM Jazz applications (IBM Rational Collaborative Lifecycle Management 5.0 through 5.02 and 6.0 through 6.0.6, IBM Rational DOORS Next Generation 5.0 through 5.02 and 6.0 through 6.0.6, IBM Rational Engineering Lifecycle Manager 5.0 through 5.02 and 6.0 through 6.0.6, IBM Rational Quality Manager 5.0 through 5.02 and 6.0 through 6.0.6, IBM Rational Rhapsody Design Manager 5.0 through 5.02 and 6.0 through 6.0.6, IBM Rational Software Architect Design Manager 5.0 through 5.02 and 6.0 through 6.0.1, IBM Rational Team Concert 5.0 through 5.02 and 6.0 through 6.0.6) could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security.

4.3
2018-11-05 CVE-2018-17907 Omron Information Exposure vulnerability in Omron Cx-Supervisor

When processing project files in Omron CX-Supervisor Versions 3.4.1.0 and prior and tampering with the value of an offset, an attacker can force the application to read a value outside of an array.

4.3
2018-11-09 CVE-2018-1857 IBM
Linux
Microsoft
Information Exposure vulnerability in IBM DB2 11.1

IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 11.1 could allow a user to bypass FGAC control and gain access to data they shouldn't be able to see.

4.0
2018-11-09 CVE-2018-1684 IBM Unspecified vulnerability in IBM Websphere MQ

IBM WebSphere MQ 8.0 through 9.1 is vulnerable to a error with MQTT topic string publishing that can cause a denial of service attack.

4.0
2018-11-09 CVE-2017-1119 IBM Information Exposure vulnerability in IBM Marketing Operations

IBM Marketing Operations 9.1.0, 9.1.2, and 10.1 could allow a remote attacker to obtain sensitive information.

4.0
2018-11-08 CVE-2018-7718 Telexy Unspecified vulnerability in Telexy Qpath 5.4.462

An issue was discovered in Telexy QPath 5.4.462.

4.0
2018-11-08 CVE-2018-0284 Cisco Unspecified vulnerability in Cisco products

A vulnerability in the local status page functionality of the Cisco Meraki MR, MS, MX, Z1, and Z3 product lines could allow an authenticated, remote attacker to modify device configuration files.

4.0
2018-11-08 CVE-2018-1314 Apache Missing Authorization vulnerability in Apache Hive

In Apache Hive 2.3.3, 3.1.0 and earlier, Hive "EXPLAIN" operation does not check for necessary authorization of involved entities in a query.

4.0
2018-11-08 CVE-2018-19110 Tianti Project Missing Authorization vulnerability in Tianti Project Tianti 2.3

The skin-management feature in tianti 2.3 allows remote authenticated users to bypass intended permission restrictions by visiting tianti-module-admin/user/skin/list directly because controller\usercontroller.java maps a /skin/list request to the function skinList, and lacks an authorization check.

4.0
2018-11-07 CVE-2018-19068 Opticam
Foscam
An issue was discovered on Foscam Opticam i5 devices with System Firmware 1.5.2.11 and Application Firmware 2.21.1.128.
4.0
2018-11-06 CVE-2018-1606 IBM Information Exposure vulnerability in IBM products

IBM Jazz based applications (IBM Rational Collaborative Lifecycle Management 5.0 through 5.02 and 6.0 through 6.0.6, IBM Rational DOORS Next Generation 5.0 through 5.02 and 6.0 through 6.0.6, IBM Rational Engineering Lifecycle Manager 5.0 through 5.02 and 6.0 through 6.0.6, IBM Rational Quality Manager 5.0 through 5.02 and 6.0 through 6.0.6, IBM Rational Rhapsody Design Manager 5.0 through 5.02 and 6.0 through 6.0.6, IBM Rational Software Architect Design Manager 5.0 through 5.02 and 6.0 through 6.0.1, IBM Rational Team Concert 5.0 through 5.02 and 6.0 through 6.0.6) could allow an authenticated user to obtain sensitive information from an error message that could be used in further attacks against the system.

4.0
2018-11-06 CVE-2018-18966 Oscommerce
Microsoft
Unspecified vulnerability in Oscommerce Online Merchant 2.3.4.1

osCommerce 2.3.4.1 has an incomplete '.htaccess' for blacklist filtering in the "product" page.

4.0
2018-11-06 CVE-2018-18965 Oscommerce Unspecified vulnerability in Oscommerce Online Merchant 2.3.4.1

osCommerce 2.3.4.1 has an incomplete '.htaccess' for blacklist filtering in the "product" page.

4.0
2018-11-06 CVE-2018-18964 Oscommerce Unspecified vulnerability in Oscommerce Online Merchant 2.3.4.1

osCommerce 2.3.4.1 has an incomplete '.htaccess' for blacklist filtering in the "product" page.

4.0

22 Low Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2018-11-09 CVE-2018-1799 IBM
Linux
Microsoft
Unspecified vulnerability in IBM DB2

IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, and 11.1 could allow a local unprivileged user to overwrite files on the system which could cause damage to the database.

3.6
2018-11-07 CVE-2018-19072 Opticam
Foscam
Incorrect Permission Assignment FOR Critical Resource vulnerability in multiple products

An issue was discovered on Foscam C2 devices with System Firmware 1.11.1.8 and Application Firmware 2.72.1.32, and Opticam i5 devices with System Firmware 1.5.2.11 and Application Firmware 2.21.1.128.

3.6
2018-11-11 CVE-2018-19178 Jeesns Cross-Site Scripting vulnerability in Jeesns 1.3

In JEESNS 1.3, com/lxinet/jeesns/core/utils/XssHttpServletRequestWrapper.java allows stored XSS via an HTML EMBED element, a different vulnerability than CVE-2018-17886.

3.5
2018-11-11 CVE-2018-19170 Jpress Cross-Site Scripting vulnerability in Jpress 1.0

In JPress v1.0-rc.5, there is stored XSS via each of the first three input fields to the starter-tomcat-1.0/admin/setting URI, as demonstrated by the web_name parameter.

3.5
2018-11-11 CVE-2018-19142 Otrs Cross-Site Scripting vulnerability in Otrs Open Ticket Request System

Open Ticket Request System (OTRS) 6.0.x before 6.0.13 allows an admin to conduct an XSS attack via a modified URL.

3.5
2018-11-11 CVE-2018-19141 Otrs
Debian
Cross-Site Scripting vulnerability in multiple products

Open Ticket Request System (OTRS) 4.0.x before 4.0.33 and 5.0.x before 5.0.31 allows an admin to conduct an XSS attack via a modified URL because user and customer preferences are mishandled.

3.5
2018-11-09 CVE-2018-1872 IBM Cross-Site Scripting vulnerability in IBM Maximo Asset Management 7.6

IBM Maximo Asset Management 7.6 is vulnerable to cross-site scripting.

3.5
2018-11-08 CVE-2018-15451 Cisco Cross-Site Scripting vulnerability in Cisco Prime Service Catalog 12.1

A vulnerability in the web-based management interface of Cisco Prime Service Catalog could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface.

3.5
2018-11-07 CVE-2018-19091 Tianti Project Cross-Site Scripting vulnerability in Tianti Project Tianti 2.3

tianti 2.3 has reflected XSS in the user management module via the tianti-module-admin/user/list userName parameter.

3.5
2018-11-07 CVE-2018-19090 Tianti Project Cross-Site Scripting vulnerability in Tianti Project Tianti 2.3

tianti 2.3 has stored XSS in the article management module via an article title.

3.5
2018-11-07 CVE-2018-19089 Tianti Project Cross-Site Scripting vulnerability in Tianti Project Tianti 2.3

tianti 2.3 has stored XSS in the userlist module via the tianti-module-admin/user/ajax/save_role name parameter, which is mishandled in tianti-module-admin\src\main\webapp\WEB-INF\views\user\user_list.jsp.

3.5
2018-11-06 CVE-2018-17184 Apache Cross-Site Scripting vulnerability in Apache Syncope

A malicious user with enough administration entitlements can inject html-like elements containing JavaScript statements into Connector names, Report names, AnyTypeClass keys and Policy descriptions.

3.5
2018-11-05 CVE-2018-18952 Jeecms Cross-Site Scripting vulnerability in Jeecms 9.3

JEECMS 9.3 has XSS via an index.do#/content/update?type=update URI.

3.5
2018-11-05 CVE-2018-18943 Basercms Cross-Site Scripting vulnerability in Basercms

An issue was discovered in baserCMS before 4.1.4.

3.5
2018-11-05 CVE-2018-18939 Wuzhi CMS Project Cross-Site Scripting vulnerability in Wuzhi CMS Project Wuzhi CMS 4.1.0

An issue was discovered in WUZHI CMS 4.1.0.

3.5
2018-11-05 CVE-2018-18938 Wuzhicms Cross-Site Scripting vulnerability in Wuzhicms Wuzhi CMS 4.1.0

An issue was discovered in WUZHI CMS 4.1.0.

3.5
2018-11-09 CVE-2018-1842 IBM
Netapp
Improper Verification of Cryptographic Signature vulnerability in multiple products

IBM Cognos Analytics 11 Configuration tool, under certain circumstances, will bypass OIDC namespace signature verification on its id_token.

3.3
2018-11-08 CVE-2018-19044 Keepalived Link Following vulnerability in Keepalived 2.0.8

keepalived 2.0.8 didn't check for pathnames with symlinks when writing data to a temporary file upon a call to PrintData or PrintStats.

3.3
2018-11-09 CVE-2016-9749 IBM Improper Input Validation vulnerability in IBM Campaign

IBM Campaign 9.1.0, 9.1.2, 10.0, and 10.1 could allow an authenticated user with access to the local network to bypass security due to lack of input validation.

2.1
2018-11-08 CVE-2018-15437 Cisco
Microsoft
Resource Exhaustion vulnerability in Cisco products

A vulnerability in the system scanning component of Cisco Immunet and Cisco Advanced Malware Protection (AMP) for Endpoints running on Microsoft Windows could allow a local attacker to disable the scanning functionality of the product.

2.1
2018-11-08 CVE-2018-6433 Brocade Improper Input Validation vulnerability in Brocade Fabric OS

A vulnerability in the secryptocfg export command of Brocade Fabric OS versions before 8.2.1, 8.1.2f, 8.0.2f, 7.4.2d could allow a local attacker to bypass the export file access restrictions and initiate a file copy from the source to a remote system.

2.1
2018-11-08 CVE-2018-19046 Keepalived Information Exposure vulnerability in Keepalived 2.0.8

keepalived 2.0.8 didn't check for existing plain files when writing data to a temporary file upon a call to PrintData or PrintStats.

1.9