Weekly Vulnerabilities Reports > December 10 to 16, 2018

Overview

245 new vulnerabilities reported during this period, including 15 critical vulnerabilities and 33 high severity vulnerabilities. This weekly summary report vulnerabilities in 271 products from 83 vendors including Debian, Microsoft, Redhat, IBM, and Google. Vulnerabilities are notably categorized as "Cross-site Scripting", "Improper Input Validation", "Information Exposure", "Out-of-bounds Write", and "Use After Free".

  • 200 reported vulnerabilities are remotely exploitables.
  • 13 reported vulnerabilities have public exploit available.
  • 67 reported vulnerabilities are related to weaknesses in OWASP Top Ten.
  • 190 reported vulnerabilities are exploitable by an anonymous user.
  • Debian has the most reported vulnerabilities, with 43 reported vulnerabilities.
  • Microsoft has the most reported critical vulnerabilities, with 7 reported vulnerabilities.

TOTAL
VULNERABILITIES
CRITICAL RISK
VULNERABILITIES
HIGH RISK
VULNERABILITIES
MEDIUM RISK
VULNERABILITIES
LOW RISK
VULNERABILITIES
REMOTELY
EXPLOITABLE
LOCALLY
EXPLOITABLE
EXPLOIT
AVAILABLE
EXPLOITABLE
ANONYMOUSLY
AFFECTING
WEB APPLICATION

Vulnerability Details

The following table list reported vulnerabilities for the period covered by this report:

Expand/Hide

15 Critical Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2018-12-14 CVE-2018-19007 Geutebrueck OS Command Injection vulnerability in Geutebrueck products

In Geutebrueck GmbH E2 Camera Series versions prior to 1.12.0.25 the DDNS configuration (in the Network Configuration panel) is vulnerable to an OS system command injection as root.

10.0
2018-12-12 CVE-2018-8626 Microsoft Out-Of-Bounds Write vulnerability in Microsoft products

A remote code execution vulnerability exists in Windows Domain Name System (DNS) servers when they fail to properly handle requests, aka "Windows DNS Server Heap Overflow Vulnerability." This affects Windows Server 2012 R2, Windows Server 2019, Windows Server 2016, Windows 10, Windows 10 Servers.

10.0
2018-12-12 CVE-2018-8540 Microsoft Code Injection vulnerability in Microsoft .Net Framework

A remote code execution vulnerability exists when the Microsoft .NET Framework fails to validate input properly, aka ".NET Framework Remote Code Injection Vulnerability." This affects Microsoft .NET Framework 4.6, Microsoft .NET Framework 3.5, Microsoft .NET Framework 4.7/4.7.1/4.7.2, Microsoft .NET Framework 4.6/4.6.1/4.6.2/4.7/4.7.1/4.7.1/4.7.2, Microsoft .NET Framework 3.5.1, Microsoft .NET Framework 4.6.2/4.7/4.7.1/4.7.2, Microsoft .NET Framework 4.5.2, Microsoft .NET Framework 4.7.1/4.7.2, Microsoft .NET Framework 4.7.2, Microsoft .NET Framework 4.6.2.

10.0
2018-12-12 CVE-2018-10143 Paloaltonetworks Improper Privilege Management vulnerability in Paloaltonetworks Expedition 1.0.107

The Palo Alto Networks Expedition Migration tool 1.0.107 and earlier may allow an unauthenticated attacker with remote access to run system level commands on the device hosting this service/application.

10.0
2018-12-10 CVE-2018-1000861 Jenkins
Redhat
Deserialization of Untrusted Data vulnerability in Jenkins

A code execution vulnerability exists in the Stapler web framework used by Jenkins 2.153 and earlier, LTS 2.138.3 and earlier in stapler/core/src/main/java/org/kohsuke/stapler/MetaClass.java that allows attackers to invoke some methods on Java objects by accessing crafted URLs that were not intended to be invoked this way.

10.0
2018-12-10 CVE-2016-10502 Qualcomm Integer Overflow OR Wraparound vulnerability in Qualcomm products

While generating trusted application id, An integer overflow can occur giving the trusted application an invalid identity in Snapdragon Mobile and Snapdragon Wear in versions MDM9206, MDM9607, MDM9650, SD 210/SD 212/SD 205, SD 835 and SDA660.

10.0
2018-12-13 CVE-2018-13804 Siemens Unspecified vulnerability in Siemens products

A vulnerability has been identified in SIMATIC IT LMS (All versions), SIMATIC IT Production Suite (Versions V7.1 < V7.1 Upd3), SIMATIC IT UA Discrete Manufacturing (Versions < V1.2), SIMATIC IT UA Discrete Manufacturing (Versions V1.2), SIMATIC IT UA Discrete Manufacturing (Versions V1.3), SIMATIC IT UA Discrete Manufacturing (Versions V2.3), SIMATIC IT UA Discrete Manufacturing (Versions V2.4).

9.3
2018-12-12 CVE-2018-11458 Siemens Unspecified vulnerability in Siemens products

A vulnerability has been identified in SINUMERIK 828D V4.7 (All versions < V4.7 SP6 HF1), SINUMERIK 840D sl V4.7 (All versions < V4.7 SP6 HF5), SINUMERIK 840D sl V4.8 (All versions < V4.8 SP3).

9.3
2018-12-12 CVE-2018-11457 Siemens Unspecified vulnerability in Siemens products

A vulnerability has been identified in SINUMERIK 828D V4.7 (All versions < V4.7 SP6 HF1), SINUMERIK 840D sl V4.7 (All versions < V4.7 SP6 HF5), SINUMERIK 840D sl V4.8 (All versions < V4.8 SP3).

9.3
2018-12-12 CVE-2018-8636 Microsoft Unspecified vulnerability in Microsoft Excel and Office 365 Proplus

A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory, aka "Microsoft Excel Remote Code Execution Vulnerability." This affects Office 365 ProPlus, Microsoft Office, Microsoft Excel.

9.3
2018-12-12 CVE-2018-8634 Microsoft Unspecified vulnerability in Microsoft products

A remote code execution vulnerability exists in Windows where Microsoft text-to-speech fails to properly handle objects in the memory, aka "Microsoft Text-To-Speech Remote Code Execution Vulnerability." This affects Windows Server 2016, Windows 10, Windows Server 2019, Windows 10 Servers.

9.3
2018-12-12 CVE-2018-8628 Microsoft Unspecified vulnerability in Microsoft products

A remote code execution vulnerability exists in Microsoft PowerPoint software when the software fails to properly handle objects in memory, aka "Microsoft PowerPoint Remote Code Execution Vulnerability." This affects Microsoft Office, Office 365 ProPlus, Microsoft PowerPoint, Microsoft SharePoint, Microsoft PowerPoint Viewer, Office Online Server, Microsoft SharePoint Server.

9.3
2018-12-12 CVE-2018-8597 Microsoft Unspecified vulnerability in Microsoft products

A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory, aka "Microsoft Excel Remote Code Execution Vulnerability." This affects Office 365 ProPlus, Microsoft Office, Microsoft Excel.

9.3
2018-12-12 CVE-2018-8587 Microsoft Unspecified vulnerability in Microsoft Office and Office 365 Proplus

A remote code execution vulnerability exists in Microsoft Outlook software when it fails to properly handle objects in memory, aka "Microsoft Outlook Remote Code Execution Vulnerability." This affects Office 365 ProPlus, Microsoft Office, Microsoft Outlook.

9.3
2018-12-11 CVE-2018-20057 D Link OS Command Injection vulnerability in D-Link Dir-605L Firmware and Dir-619L Firmware

An issue was discovered in /bin/boa on D-Link DIR-619L Rev.B 2.06B1 and DIR-605L Rev.B 2.12B1 devices.

9.0

33 High Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2018-12-14 CVE-2018-16875 Golang
Opensuse
Improper Certificate Validation vulnerability in multiple products

The crypto/x509 package of Go before 1.10.6 and 1.11.x before 1.11.3 does not limit the amount of work performed for each chain verification, which might allow attackers to craft pathological inputs leading to a CPU denial of service.

7.8
2018-12-13 CVE-2018-16557 Siemens Improper Input Validation vulnerability in Siemens products

A vulnerability has been identified in SIMATIC S7-400 (incl.

7.8
2018-12-13 CVE-2018-16556 Siemens Improper Input Validation vulnerability in Siemens products

A vulnerability has been identified in SIMATIC S7-400 (incl.

7.8
2018-12-10 CVE-2018-20051 Qacctv Improper Input Validation vulnerability in Qacctv Jooan Ja-Q1H Wi-Fi Camera Firmware 21.0.0.91

Mishandling of '>' on the Jooan JA-Q1H Wi-Fi camera with firmware 21.0.0.91 allows remote attackers to cause a denial of service (crash and reboot) via certain ONVIF methods such as CreateUsers, SetImagingSettings, GetStreamUri, and so on.

7.8
2018-12-10 CVE-2018-20050 Qacctv Unspecified vulnerability in Qacctv Jooan Ja-Q1H Wi-Fi Camera Firmware 21.0.0.91

Mishandling of an empty string on the Jooan JA-Q1H Wi-Fi camera with firmware 21.0.0.91 allows remote attackers to cause a denial of service (crash and reboot) via the ONVIF GetStreamUri method and GetVideoEncoderConfigurationOptions method.

7.8
2018-12-12 CVE-2018-8643 Microsoft Out-Of-Bounds Write vulnerability in Microsoft Internet Explorer 10/11/9

A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer, aka "Scripting Engine Memory Corruption Vulnerability." This affects Internet Explorer 9, Internet Explorer 11, Internet Explorer 10.

7.6
2018-12-12 CVE-2018-8631 Microsoft Out-Of-Bounds Write vulnerability in Microsoft Internet Explorer 10/11/9

A remote code execution vulnerability exists when Internet Explorer improperly accesses objects in memory, aka "Internet Explorer Memory Corruption Vulnerability." This affects Internet Explorer 9, Internet Explorer 11, Internet Explorer 10.

7.6
2018-12-12 CVE-2018-8629 Microsoft Out-Of-Bounds Write vulnerability in Microsoft Chakracore and Edge

A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore.

7.6
2018-12-12 CVE-2018-8625 Microsoft USE After Free vulnerability in Microsoft Internet Explorer 10/11/9

A remote code execution vulnerability exists in the way that the VBScript engine handles objects in memory, aka "Windows VBScript Engine Remote Code Execution Vulnerability." This affects Internet Explorer 9, Internet Explorer 11, Internet Explorer 10.

7.6
2018-12-12 CVE-2018-8624 Microsoft Out-Of-Bounds Write vulnerability in Microsoft Chakracore and Edge

A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore.

7.6
2018-12-12 CVE-2018-8619 Microsoft Improper Privilege Management vulnerability in Microsoft Internet Explorer 10/11/9

A remote code execution vulnerability exists when the Internet Explorer VBScript execution policy does not properly restrict VBScript under specific conditions, aka "Internet Explorer Remote Code Execution Vulnerability." This affects Internet Explorer 9, Internet Explorer 11, Internet Explorer 10.

7.6
2018-12-12 CVE-2018-8618 Microsoft Out-Of-Bounds Write vulnerability in Microsoft Chakracore and Edge

A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore.

7.6
2018-12-12 CVE-2018-8617 Microsoft Out-Of-Bounds Write vulnerability in Microsoft Chakracore and Edge

A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore.

7.6
2018-12-12 CVE-2018-8583 Microsoft Out-Of-Bounds Write vulnerability in Microsoft Chakracore and Edge

A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore.

7.6
2018-12-14 CVE-2018-20148 Wordpress
Debian
Deserialization of Untrusted Data vulnerability in Wordpress

In WordPress before 4.9.9 and 5.x before 5.0.1, contributors could conduct PHP object injection attacks via crafted metadata in a wp.getMediaItem XMLRPC call.

7.5
2018-12-14 CVE-2018-18006 Ricoh USE of Hard-Coded Credentials vulnerability in Ricoh Myprint 2.2.7/2.9.2.4

Hardcoded credentials in the Ricoh myPrint application 2.9.2.4 for Windows and 2.2.7 for Android give access to any externally disclosed myPrint WSDL API, as demonstrated by discovering API secrets of related Google cloud printers, encrypted passwords of mail servers, and names of printed files.

7.5
2018-12-13 CVE-2018-18923 Abisoftgt SQL Injection vulnerability in Abisoftgt Ticketly 1.0

AbiSoft Ticketly 1.0 is affected by multiple SQL Injection vulnerabilities through the parameters name, category_id and description in action/addproject.php; kind_id, priority_id, project_id, status_id and title in action/addticket.php; and kind_id and status_id in reports.php.

7.5
2018-12-13 CVE-2018-1818 IBM USE of Hard-Coded Credentials vulnerability in IBM Security Guardium

IBM Security Guardium 10 and 10.5 contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data.

7.5
2018-12-12 CVE-2018-13816 Siemens Improper Authentication vulnerability in Siemens TIM 1531 IRC Firmware

A vulnerability has been identified in TIM 1531 IRC (All version < V2.0).

7.5
2018-12-12 CVE-2018-11466 Siemens Unspecified vulnerability in Siemens products

A vulnerability has been identified in SINUMERIK 808D V4.7 (All versions), SINUMERIK 808D V4.8 (All versions), SINUMERIK 828D V4.7 (All versions < V4.7 SP6 HF1), SINUMERIK 840D sl V4.7 (All versions < V4.7 SP6 HF5), SINUMERIK 840D sl V4.8 (All versions < V4.8 SP3).

7.5
2018-12-12 CVE-2018-11462 Siemens Unspecified vulnerability in Siemens products

A vulnerability has been identified in SINUMERIK 808D V4.7 (All versions), SINUMERIK 808D V4.8 (All versions), SINUMERIK 828D V4.7 (All versions < V4.7 SP6 HF1), SINUMERIK 840D sl V4.7 (All versions < V4.7 SP6 HF5), SINUMERIK 840D sl V4.8 (All versions < V4.8 SP3).

7.5
2018-12-11 CVE-2018-6703 Mcafee USE After Free vulnerability in Mcafee Agent

Use After Free in Remote logging (which is disabled by default) in McAfee McAfee Agent (MA) 5.x prior to 5.6.0 allows remote unauthenticated attackers to cause a Denial of Service and potentially a remote code execution via a specially crafted HTTP header sent to the logging service.

7.5
2018-12-11 CVE-2018-20062 5None Improper Input Validation vulnerability in 5None Nonecms 1.3.0

An issue was discovered in NoneCms V1.3.

7.5
2018-12-11 CVE-2018-1904 IBM Deserialization of Untrusted Data vulnerability in IBM Websphere Application Server

IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 could allow remote attackers to execute arbitrary Java code through an administrative client class with a serialized object from untrusted sources.

7.5
2018-12-11 CVE-2018-20059 Pippo XXE vulnerability in Pippo 1.11.0

jaxb/JaxbEngine.java in Pippo 1.11.0 allows XXE.

7.5
2018-12-11 CVE-2018-20056 D Link Out-Of-Bounds Write vulnerability in D-Link Dir-605L Firmware and Dir-619L Firmware

An issue was discovered in /bin/boa on D-Link DIR-619L Rev.B 2.06B1 and DIR-605L Rev.B 2.12B1 devices.

7.5
2018-12-10 CVE-2018-19991 Verynginx Project Improper Handling of Exceptional Conditions vulnerability in Verynginx Project Verynginx 0.3.3

VeryNginx 0.3.3 allows remote attackers to bypass the Web Application Firewall feature because there is no error handler (for get_uri_args or get_post_args) to block the API misuse described in CVE-2018-9230.

7.5
2018-12-12 CVE-2018-11465 Siemens Out-Of-Bounds Read vulnerability in Siemens products

A vulnerability has been identified in SINUMERIK 808D V4.7 (All versions), SINUMERIK 808D V4.8 (All versions), SINUMERIK 828D V4.7 (All versions < V4.7 SP6 HF1), SINUMERIK 840D sl V4.7 (All versions < V4.7 SP6 HF5), SINUMERIK 840D sl V4.8 (All versions < V4.8 SP3).

7.2
2018-12-12 CVE-2018-11460 Siemens Unspecified vulnerability in Siemens products

A vulnerability has been identified in SINUMERIK 808D V4.7 (All versions), SINUMERIK 808D V4.8 (All versions), SINUMERIK 828D V4.7 (All versions < V4.7 SP6 HF1), SINUMERIK 840D sl V4.7 (All versions < V4.7 SP6 HF5), SINUMERIK 840D sl V4.8 (All versions < V4.8 SP3).

7.2
2018-12-12 CVE-2018-11459 Siemens Unspecified vulnerability in Siemens products

A vulnerability has been identified in SINUMERIK 808D V4.7 (All versions), SINUMERIK 808D V4.8 (All versions), SINUMERIK 828D V4.7 (All versions < V4.7 SP6 HF1), SINUMERIK 840D sl V4.7 (All versions < V4.7 SP6 HF5), SINUMERIK 840D sl V4.8 (All versions < V4.8 SP3).

7.2
2018-12-12 CVE-2018-8641 Microsoft Improper Resource Shutdown OR Release vulnerability in Microsoft products

An elevation of privilege vulnerability exists in Windows when the Windows kernel-mode driver fails to properly handle objects in memory, aka "Win32k Elevation of Privilege Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2019, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers.

7.2
2018-12-12 CVE-2018-8639 Microsoft Improper Resource Shutdown OR Release vulnerability in Microsoft products

An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka "Win32k Elevation of Privilege Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2019, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers.

7.2
2018-12-12 CVE-2018-8611 Microsoft Improper Resource Shutdown OR Release vulnerability in Microsoft products

An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory, aka "Windows Kernel Elevation of Privilege Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2019, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers.

7.2

148 Medium Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2018-12-14 CVE-2018-16874 Golang
Opensuse
Suse
Debian
Improper Input Validation vulnerability in multiple products

In Go before 1.10.6 and 1.11.x before 1.11.3, the "go get" command is vulnerable to directory traversal when executed with the import path of a malicious Go package which contains curly braces (both '{' and '}' characters).

6.8
2018-12-14 CVE-2018-16873 Golang
Opensuse
Suse
Debian
Improper Input Validation vulnerability in multiple products

In Go before 1.10.6 and 1.11.x before 1.11.3, the "go get" command is vulnerable to remote code execution when executed with the -u flag and the import path of a malicious Go package, or a package that imports it directly or indirectly.

6.8
2018-12-13 CVE-2018-13814 Siemens Improper Input Validation vulnerability in Siemens products

A vulnerability has been identified in SIMATIC HMI Comfort Panels 4" - 22" (All versions < V14), SIMATIC HMI Comfort Outdoor Panels 7" & 15" (All versions < V14), SIMATIC HMI KTP Mobile Panels KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions < V14), SIMATIC WinCC Runtime Advanced (All versions < V14), SIMATIC WinCC Runtime Professional (All versions < V14), SIMATIC WinCC (TIA Portal) (All versions < V14), SIMATIC HMI Classic Devices (TP/MP/OP/MP Mobile Panel) (All versions).

6.8
2018-12-12 CVE-2018-1926 IBM Cross-Site Request Forgery (CSRF) vulnerability in IBM Websphere Application Server

IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 Admin Console is vulnerable to cross-site request forgery, caused by improper validation of user-supplied input.

6.8
2018-12-11 CVE-2018-19969 Phpmyadmin Cross-Site Request Forgery (CSRF) vulnerability in PHPmyadmin

phpMyAdmin 4.7.x and 4.8.x versions prior to 4.8.4 are affected by a series of CSRF flaws.

6.8
2018-12-11 CVE-2018-18359 Google
Redhat
Debian
Out-Of-Bounds Read vulnerability in Google Chrome

Incorrect handling of Reflect.construct in V8 in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page.

6.8
2018-12-11 CVE-2018-18356 Google
Debian
Canonical
Redhat
Opensuse
USE After Free vulnerability in multiple products

An integer overflow in path handling lead to a use after free in Skia in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

6.8
2018-12-11 CVE-2018-18354 Google
Redhat
Debian
Improper Input Validation vulnerability in Google Chrome

Insufficient validate of external protocols in Shell Integration in Google Chrome on Windows prior to 71.0.3578.80 allowed a remote attacker to launch external programs via a crafted HTML page.

6.8
2018-12-11 CVE-2018-18347 Google
Redhat
Debian
Improper Input Validation vulnerability in Google Chrome

Incorrect handling of failed navigations with invalid URLs in Navigation in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to trick a user into executing javascript in an arbitrary origin via a crafted HTML page.

6.8
2018-12-11 CVE-2018-18343 Google
Redhat
Debian
USE After Free vulnerability in multiple products

Incorrect handing of paths leading to a use after free in Skia in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

6.8
2018-12-11 CVE-2018-18342 Google
Redhat
Debian
Out-Of-Bounds Write vulnerability in multiple products

Execution of user supplied Javascript during object deserialization can update object length leading to an out of bounds write in V8 in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page.

6.8
2018-12-11 CVE-2018-18341 Google
Redhat
Debian
Integer Overflow OR Wraparound vulnerability in multiple products

An integer overflow leading to a heap buffer overflow in Blink in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

6.8
2018-12-11 CVE-2018-18340 Google
Redhat
Debian
USE After Free vulnerability in multiple products

Incorrect object lifecycle in MediaRecorder in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

6.8
2018-12-11 CVE-2018-18339 Google
Redhat
Debian
USE After Free vulnerability in multiple products

Incorrect object lifecycle in WebAudio in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

6.8
2018-12-11 CVE-2018-18338 Google
Redhat
Debian
Out-Of-Bounds Write vulnerability in multiple products

Incorrect, thread-unsafe use of SkImage in Canvas in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

6.8
2018-12-11 CVE-2018-18337 Google
Redhat
Debian
USE After Free vulnerability in multiple products

Incorrect handling of stylesheets leading to a use after free in Blink in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

6.8
2018-12-11 CVE-2018-18336 Google
Redhat
Debian
USE After Free vulnerability in multiple products

Incorrect object lifecycle in PDFium in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file.

6.8
2018-12-11 CVE-2018-18335 Google
Redhat
Debian
Opensuse
Out-Of-Bounds Write vulnerability in multiple products

Heap buffer overflow in Skia in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

6.8
2018-12-11 CVE-2018-17481 Google
Redhat
Debian
USE After Free vulnerability in multiple products

Incorrect object lifecycle handling in PDFium in Google Chrome prior to 71.0.3578.98 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file.

6.8
2018-12-11 CVE-2018-17480 Google
Redhat
Debian
Out-Of-Bounds Write vulnerability in Google Chrome

Execution of user supplied Javascript during array deserialization leading to an out of bounds write in V8 in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page.

6.8
2018-12-10 CVE-2018-20015 Yzmcms Cross-Site Request Forgery (CSRF) vulnerability in Yzmcms 5.2

YzmCMS v5.2 has admin/role/add.html CSRF.

6.8
2018-12-10 CVE-2018-20004 Mini XML Project
Debian
Fedoraproject
Out-Of-Bounds Write vulnerability in multiple products

An issue has been found in Mini-XML (aka mxml) 2.12.

6.8
2018-12-15 CVE-2018-20159 I Doit Improper Input Validation vulnerability in I-Doit 1.11.2

i-doit open 1.11.2 allows Remote Code Execution because ZIP archives are mishandled.

6.5
2018-12-14 CVE-2018-20156 Designmodo Improper Input Validation vulnerability in Designmodo WP Maintenance Mode

The WP Maintenance Mode plugin before 2.0.7 for WordPress allows remote authenticated "site administrator" users to execute arbitrary PHP code throughout a multisite network.

6.5
2018-12-13 CVE-2018-15774 Dell Incorrect Authorization vulnerability in Dell Idrac7 Firmware, Idrac8 Firmware and Idrac9 Firmware

Dell EMC iDRAC7/iDRAC8 versions prior to 2.61.60.60 and iDRAC9 versions prior to 3.20.21.20, 3.21.24.22, 3.21.26.22, and 3.23.23.23 contain a privilege escalation vulnerability.

6.5
2018-12-13 CVE-2018-20129 Dedecms Code Injection vulnerability in Dedecms 5.7

An issue was discovered in DedeCMS V5.7 SP2.

6.5
2018-12-12 CVE-2018-1901 IBM Unspecified vulnerability in IBM Websphere Application Server

IBM WebSphere Application Server 8.5 and 9.0 could allow a remote attacker to temporarily gain elevated privileges on the system, caused by incorrect cached value being used.

6.5
2018-12-12 CVE-2018-8635 Microsoft Improper Input Validation vulnerability in Microsoft Sharepoint Enterprise Server and Sharepoint Server

An elevation of privilege vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted authentication request to an affected SharePoint server, aka "Microsoft SharePoint Server Elevation of Privilege Vulnerability." This affects Microsoft SharePoint Server, Microsoft SharePoint.

6.5
2018-12-11 CVE-2018-2494 SAP Incorrect Authorization vulnerability in SAP Business Application Software Integrated Solution

Necessary authorization checks for an authenticated user, resulting in escalation of privileges, have been fixed in SAP Basis AS ABAP of SAP NetWeaver 700 to 750, from 750 onwards delivered as ABAP Platform.

6.5
2018-12-10 CVE-2018-1000866 Jenkins
Redhat
Improper Privilege Management vulnerability in multiple products

A sandbox bypass vulnerability exists in Pipeline: Groovy Plugin 2.59 and earlier in groovy-sandbox/src/main/java/org/kohsuke/groovy/sandbox/SandboxTransformer.java, groovy-cps/lib/src/main/java/com/cloudbees/groovy/cps/SandboxCpsTransformer.java that allows attackers with Job/Configure permission, or unauthorized attackers with SCM commit privileges and corresponding pipelines based on Jenkinsfiles set up in Jenkins, to execute arbitrary code on the Jenkins master JVM

6.5
2018-12-10 CVE-2018-1000865 Jenkins
Redhat
Improper Privilege Management vulnerability in multiple products

A sandbox bypass vulnerability exists in Script Security Plugin 1.47 and earlier in groovy-sandbox/src/main/java/org/kohsuke/groovy/sandbox/SandboxTransformer.java that allows attackers with Job/Configure permission to execute arbitrary code on the Jenkins master JVM, if plugins using the Groovy sandbox are installed.

6.5
2018-12-13 CVE-2018-1821 IBM XXE vulnerability in IBM Operational Decision Manager

IBM Operational Decision Management 8.5, 8.6, 8.7, 8.8, and 8.9 is vulnerable to a XML External Entity Injection (XXE) attack when processing XML data.

6.4
2018-12-13 CVE-2018-20128 Usualtool Path Traversal vulnerability in Usualtool Usualtoolcms 8.0

An issue was discovered in UsualToolCMS v8.0.

6.4
2018-12-13 CVE-2018-20127 Zzzcms Improper Input Validation vulnerability in Zzzcms Zzzphp CMS 1.5.8

An issue was discovered in zzzphp cms 1.5.8.

6.4
2018-12-10 CVE-2018-15805 Accusoft XXE vulnerability in Accusoft Prizmdoc

Accusoft PrizmDoc HTML5 Document Viewer before 13.5 contains an XML external entity (XXE) vulnerability, allowing an attacker to read arbitrary files or cause a denial of service (resource consumption).

6.4
2018-12-10 CVE-2018-1000863 Jenkins
Redhat
Path Traversal vulnerability in Jenkins

A data modification vulnerability exists in Jenkins 2.153 and earlier, LTS 2.138.3 and earlier in User.java, IdStrategy.java that allows attackers to submit crafted user names that can cause an improper migration of user record storage formats, potentially preventing the victim from logging into Jenkins.

6.4
2018-12-13 CVE-2018-13813 Siemens Open Redirect vulnerability in Siemens products

A vulnerability has been identified in SIMATIC HMI Comfort Panels 4" - 22" (All versions < V15 Update 4), SIMATIC HMI Comfort Outdoor Panels 7" & 15" (All versions < V15 Update 4), SIMATIC HMI KTP Mobile Panels KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions < V15 Update 4), SIMATIC WinCC Runtime Advanced (All versions < V15 Update 4), SIMATIC WinCC Runtime Professional (All versions < V15 Update 4), SIMATIC WinCC (TIA Portal) (All versions < V15 Update 4), SIMATIC HMI Classic Devices (TP/MP/OP/MP Mobile Panel) (All versions).

5.8
2018-12-11 CVE-2018-1654 IBM Open Redirect vulnerability in IBM Curam Social Program Management

IBM Curam Social Program Management 6.0.5, 6.1.1, 6.2.0, 7.0.1, and 7.0.3 could allow a remote attacker to conduct phishing attacks, using an open redirect attack.

5.8
2018-12-14 CVE-2018-20147 Wordpress
Debian
Incorrect Authorization vulnerability in multiple products

In WordPress before 4.9.9 and 5.x before 5.0.1, authors could modify metadata to bypass intended restrictions on deleting files.

5.5
2018-12-11 CVE-2018-2492 SAP Improper Input Validation vulnerability in SAP Netweaver

SAML 2.0 functionality in SAP NetWeaver AS Java, does not sufficiently validate XML documents received from an untrusted source.

5.5
2018-12-15 CVE-2018-20157 Openrefine XXE vulnerability in Openrefine

The data import functionality in OpenRefine through 3.1 allows an XML External Entity (XXE) attack through a crafted (zip) file, allowing attackers to read arbitrary files.

5.0
2018-12-14 CVE-2018-20151 Wordpress
Debian
Information Exposure vulnerability in Wordpress

In WordPress before 4.9.9 and 5.x before 5.0.1, the user-activation page could be read by a search engine's web crawler if an unusual configuration were chosen.

5.0
2018-12-14 CVE-2018-19003 GE Path Traversal vulnerability in GE products

GE Mark VIe, EX2100e, EX2100e_Reg, and LS2100e Versions 03.03.28C to 05.02.04C, EX2100e All versions prior to v04.09.00C, EX2100e_Reg All versions prior to v04.09.00C, and LS2100e All versions prior to v04.09.00C The affected versions of the application have a path traversal vulnerability that fails to restrict the ability of an attacker to gain access to restricted information.

5.0
2018-12-13 CVE-2018-20145 Eclipse Incorrect Permission Assignment FOR Critical Resource vulnerability in Eclipse Mosquitto

Eclipse Mosquitto 1.5.x before 1.5.5 allows ACL bypass: if the option per_listener_settings was set to true, and the default listener was in use, and the default listener specified an acl_file, then the acl file was being ignored.

5.0
2018-12-13 CVE-2018-19118 Zohocorp Out-Of-Bounds Write vulnerability in Zohocorp Manageengine Adaudit Plus

Zoho ManageEngine ADAudit before 5.1 build 5120 allows remote attackers to cause a denial of service (stack-based buffer overflow) via the 'Domain Name' field when adding a new domain.

5.0
2018-12-13 CVE-2018-18922 Abisoftgt Forced Browsing vulnerability in Abisoftgt Ticketly 1.0

add_user in AbiSoft Ticketly 1.0 allows remote attackers to create administrator accounts via an action/add_user.php POST request.

5.0
2018-12-13 CVE-2018-1886 IBM Information Exposure vulnerability in IBM Security Access Manager

IBM Security Access Manager Appliance 9.0.1.0, 9.0.2.0, 9.0.3.0, 9.0.4.0, and 9.0.5.0 discloses sensitive information to unauthorized users.

5.0
2018-12-13 CVE-2018-1814 IBM Inadequate Encryption Strength vulnerability in IBM Security Access Manager

IBM Security Access Manager Appliance 9.0.1.0, 9.0.2.0, 9.0.3.0, 9.0.4.0, and 9.0.5.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information.

5.0
2018-12-13 CVE-2018-1665 IBM Inadequate Encryption Strength vulnerability in IBM Datapower Gateway

IBM DataPower Gateway 7.6.0.0 through 7.6.0.10, 7.5.2.0 through 7.5.2.17, 7.5.1.0 through 7.5.1.17, 7.5.0.0 through 7.5.0.18, and 7.7.0.0 through 7.7.1.3 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information.

5.0
2018-12-13 CVE-2018-13815 Siemens Resource Exhaustion vulnerability in Siemens Simatic S7-1200 Firmware and Simatic S7-1500 Firmware

A vulnerability has been identified in SIMATIC S7-1200 (All versions), SIMATIC S7-1500 (All Versions < V2.6).

5.0
2018-12-13 CVE-2018-13812 Siemens Path Traversal vulnerability in Siemens products

A vulnerability has been identified in SIMATIC HMI Comfort Panels 4" - 22" (All versions < V15 Update 4), SIMATIC HMI Comfort Outdoor Panels 7" & 15" (All versions < V15 Update 4), SIMATIC HMI KTP Mobile Panels KTP400F, KTP700, KTP700F, KTP900 and KTP900F (All versions < V15 Update 4), SIMATIC WinCC Runtime Advanced (All versions < V15 Update 4), SIMATIC WinCC Runtime Professional (All versions < V15 Update 4), SIMATIC WinCC (TIA Portal) (All versions < V15 Update 4), SIMATIC HMI Classic Devices (TP/MP/OP/MP Mobile Panel) (All versions).

5.0
2018-12-13 CVE-2018-8033 Apache Information Exposure vulnerability in Apache Ofbiz

In Apache OFBiz 16.11.01 to 16.11.04, the OFBiz HTTP engine (org.apache.ofbiz.service.engine.HttpEngine.java) handles requests for HTTP services via the /webtools/control/httpService endpoint.

5.0
2018-12-12 CVE-2018-6706 Mcafee Unspecified vulnerability in Mcafee Agent

Insecure handling of temporary files in non-Windows McAfee Agent 5.0.0 through 5.0.6, 5.5.0, and 5.5.1 allows an Unprivileged User to introduce custom paths during agent installation in Linux via unspecified vectors.

5.0
2018-12-12 CVE-2018-15719 Opendental Weak Password Requirements vulnerability in Opendental

Open Dental before version 18.4 installs a mysql database and uses the default credentials of "root" with a blank password.

5.0
2018-12-12 CVE-2018-15718 Opendental Information Exposure vulnerability in Opendental

Open Dental before version 18.4 transmits the entire user database over the network when a remote unauthenticated user accesses the command prompt.

5.0
2018-12-12 CVE-2018-15717 Opendental Insufficiently Protected Credentials vulnerability in Opendental

Open Dental before version 18.4 stores user passwords as base64 encoded MD5 hashes.

5.0
2018-12-12 CVE-2018-20103 Haproxy
Canonical
Redhat
Infinite Loop vulnerability in multiple products

An issue was discovered in dns.c in HAProxy through 1.8.14.

5.0
2018-12-12 CVE-2018-20102 Haproxy
Canonical
Redhat
Out-Of-Bounds Read vulnerability in multiple products

An out-of-bounds read in dns_validate_dns_response in dns.c was discovered in HAProxy through 1.8.14.

5.0
2018-12-12 CVE-2018-1481 IBM Information Exposure vulnerability in IBM Bigfix Platform

IBM BigFix Platform 9.2.0 through 9.2.14 and 9.5 through 9.5.9 stores sensitive information in URL parameters.

5.0
2018-12-12 CVE-2018-1480 IBM Session Fixation vulnerability in IBM Bigfix Platform

IBM BigFix Platform 9.2.0 through 9.2.14 and 9.5 through 9.5.9 does not set the 'HttpOnly' attribute on authorization tokens or session cookies.

5.0
2018-12-12 CVE-2018-1476 IBM Information Exposure vulnerability in IBM Bigfix Platform

IBM BigFix Platform 9.2.0 through 9.2.14 and 9.5 through 9.5.9 discloses sensitive information to unauthorized users.

5.0
2018-12-12 CVE-2018-17950 Microfocus Incorrect Authorization vulnerability in Microfocus Edirectory

Incorrect enforcement of authorization checks in eDirectory prior to 9.1 SP2

5.0
2018-12-12 CVE-2018-15328 F5 Information Exposure vulnerability in F5 products

On BIG-IP 14.0.x, 13.x, 12.x, and 11.x, Enterprise Manager 3.1.1, BIG-IQ 6.x, 5.x, and 4.x, and iWorkflow 2.x, the passphrases for SNMPv3 users and trap destinations that are used for authentication and privacy are not handled by the BIG-IP system Secure Vault feature; they are written in the clear to the various configuration files.

5.0
2018-12-12 CVE-2018-20094 Xuxueli Path Traversal vulnerability in Xuxueli Xxl-Conf 1.6.0

An issue was discovered in XXL-CONF 1.6.0.

5.0
2018-12-12 CVE-2018-8517 Microsoft Unspecified vulnerability in Microsoft .Net Framework

A denial of service vulnerability exists when .NET Framework improperly handles special web requests, aka ".NET Framework Denial Of Service Vulnerability." This affects Microsoft .NET Framework 4.6, Microsoft .NET Framework 3.5, Microsoft .NET Framework 4.7/4.7.1/4.7.2, Microsoft .NET Framework 4.6/4.6.1/4.6.2/4.7/4.7.1/4.7.1/4.7.2, Microsoft .NET Framework 3.5.1, Microsoft .NET Framework 4.6.2/4.7/4.7.1/4.7.2, Microsoft .NET Framework 4.5.2, Microsoft .NET Framework 4.7.1/4.7.2, Microsoft .NET Framework 4.7.2.

5.0
2018-12-11 CVE-2018-20064 Doorgets Path Traversal vulnerability in Doorgets 7.0

doorGets 7.0 allows remote attackers to write to arbitrary files via directory traversal, as demonstrated by a dg-user/?controller=theme&action=edit&name=doorgets&file=../../1.txt%00 URI with content in the theme_content_nofi parameter.

5.0
2018-12-11 CVE-2018-20061 Frappe SQL Injection vulnerability in Frappe Erpnext

A SQL injection issue was discovered in ERPNext 10.x and 11.x through 11.0.3-beta.29.

5.0
2018-12-11 CVE-2018-20060 Python
Fedoraproject
urllib3 before version 1.23 does not remove the Authorization HTTP header when following a cross-origin redirect (i.e., a redirect that differs in host, port, or scheme).
5.0
2018-12-11 CVE-2018-20058 Evernote Path Traversal vulnerability in Evernote

In Evernote before 7.6 on macOS, there is a local file path traversal issue in attachment previewing, aka MACOSNOTE-28634.

5.0
2018-12-10 CVE-2018-20018 S CMS SQL Injection vulnerability in S-Cms 3.0

S-CMS V3.0 has SQL injection via the S_id parameter, as demonstrated by the /1/?type=productinfo&S_id=140 URI.

5.0
2018-12-10 CVE-2018-20000 Apereo XXE vulnerability in Apereo Bw-Webdav

Apereo Bedework bw-webdav before 4.0.3 allows XXE attacks, as demonstrated by an invite-reply document that reads a local file, related to webdav/servlet/common/MethodBase.java and webdav/servlet/common/PostRequestPars.java.

5.0
2018-12-12 CVE-2018-8649 Microsoft Unspecified vulnerability in Microsoft Windows 10 and Windows Server 2019

A denial of service vulnerability exists when Windows improperly handles objects in memory, aka "Windows Denial of Service Vulnerability." This affects Windows 10, Windows Server 2019.

4.9
2018-12-10 CVE-2018-20029 Dokan DEV
Nomachine
Microsoft
USE of Uninitialized Resource vulnerability in multiple products

The nxfs.sys driver in the DokanFS library 0.6.0 in NoMachine before 6.4.6 on Windows 10 allows local users to cause a denial of service (BSOD) because uninitialized memory can be read.

4.9
2018-12-14 CVE-2018-3704 Intel Incorrect Permission Assignment for Critical Resource vulnerability in Intel Parallel Studio and Parallel Studio XE

Improper directory permissions in the installer for the Intel Parallel Studio before 2019 Gold may allow authenticated users to potentially enable an escalation of privilege via local access.

4.6
2018-12-14 CVE-2018-18097 Intel Incorrect Permission Assignment FOR Critical Resource vulnerability in Intel Solid State Drive Toolbox

Improper directory permissions in Intel Solid State Drive Toolbox before 3.5.7 may allow an authenticated user to potentially enable escalation of privilege via local access.

4.6
2018-12-14 CVE-2018-18093 Intel Incorrect Permission Assignment for Critical Resource vulnerability in Intel Vtune Amplifier 2018

Improper file permissions in the installer for Intel VTune Amplifier 2018 Update 3 and before may allow unprivileged user to potentially gain privileged access via local access.

4.6
2018-12-13 CVE-2018-15776 Dell Unspecified vulnerability in Dell Idrac7 Firmware and Idrac8 Firmware

Dell EMC iDRAC7/iDRAC8 versions prior to 2.61.60.60 contain an improper error handling vulnerability.

4.6
2018-12-13 CVE-2018-1887 IBM USE of Hard-Coded Credentials vulnerability in IBM Security Access Manager

IBM Security Access Manager Appliance 9.0.1.0, 9.0.2.0, 9.0.3.0, 9.0.4.0, and 9.0.5.0 contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data.

4.6
2018-12-12 CVE-2018-6705 Mcafee Unspecified vulnerability in Mcafee Agent 5.5.0/5.5.1

Privilege escalation vulnerability in McAfee Agent (MA) for Linux 5.0.0 through 5.0.6, 5.5.0, and 5.5.1 allows local users to perform arbitrary command execution via specific conditions.

4.6
2018-12-12 CVE-2018-6704 Mcafee Unspecified vulnerability in Mcafee Agent 5.5.0/5.5.1

Privilege escalation vulnerability in McAfee Agent (MA) for Linux 5.0.0 through 5.0.6, 5.5.0, and 5.5.1 allows local users to perform arbitrary command execution via specific conditions.

4.6
2018-12-12 CVE-2018-11463 Siemens Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Siemens products

A vulnerability has been identified in SINUMERIK 808D V4.7 (All versions), SINUMERIK 808D V4.8 (All versions), SINUMERIK 828D V4.7 (All versions < V4.7 SP6 HF1), SINUMERIK 840D sl V4.7 (All versions < V4.7 SP6 HF5), SINUMERIK 840D sl V4.8 (All versions < V4.8 SP3).

4.6
2018-12-12 CVE-2018-11461 Siemens Unspecified vulnerability in Siemens products

A vulnerability has been identified in SINUMERIK 808D V4.7 (All versions), SINUMERIK 808D V4.8 (All versions), SINUMERIK 828D V4.7 (All versions < V4.7 SP6 HF1), SINUMERIK 840D sl V4.7 (All versions < V4.7 SP6 HF5), SINUMERIK 840D sl V4.8 (All versions < V4.8 SP3).

4.6
2018-12-12 CVE-2018-8599 Microsoft Improper Check FOR Dropped Privileges vulnerability in Microsoft products

An elevation of privilege vulnerability exists when the Diagnostics Hub Standard Collector Service improperly impersonates certain file operations, aka "Diagnostics Hub Standard Collector Service Elevation of Privilege Vulnerability." This affects Microsoft Visual Studio, Windows Server 2019, Windows Server 2016, Windows 10, Windows 10 Servers.

4.6
2018-12-14 CVE-2018-6707 Mcafee Resource Exhaustion vulnerability in Mcafee Agent

Denial of Service through Resource Depletion vulnerability in the agent in non-Windows McAfee Agent (MA) 5.0.0 through 5.0.6, 5.5.0, and 5.5.1 allows local users to cause DoS, unexpected behavior, or potentially unauthorized code execution via knowledge of the internal trust mechanism.

4.4
2018-12-12 CVE-2018-16867 Qemu
Fedoraproject
Canonical
Race Condition vulnerability in multiple products

A flaw was found in qemu Media Transfer Protocol (MTP) before version 3.1.0.

4.4
2018-12-14 CVE-2018-20150 Wordpress
Debian
Cross-Site Scripting vulnerability in Wordpress

In WordPress before 4.9.9 and 5.x before 5.0.1, crafted URLs could trigger XSS for certain use cases involving plugins.

4.3
2018-12-14 CVE-2018-1848 IBM Cross-Site Scripting vulnerability in IBM products

IBM Business Automation Workflow 18.0.0.0 and 18.0.0.1 is vulnerable to cross-site scripting.

4.3
2018-12-13 CVE-2018-19439 Oracle Cross-Site Scripting vulnerability in Oracle Secure Global Desktop 4.4

XSS exists in the Administration Console in Oracle Secure Global Desktop 4.4 20080807152602 (but was fixed in later versions including 5.4).

4.3
2018-12-13 CVE-2018-1817 IBM Cross-Site Scripting vulnerability in IBM Security Guardium

IBM Security Guardium 10 and 10.5 is vulnerable to cross-site scripting.

4.3
2018-12-13 CVE-2018-1815 IBM Cross-Site Scripting vulnerability in IBM Security Access Manager

IBM Security Access Manager Appliance 9.0.1.0, 9.0.2.0, 9.0.3.0, 9.0.4.0, and 9.0.5.0 for Enterprise Single-Sign On is vulnerable to cross-site scripting.

4.3
2018-12-13 CVE-2018-1804 IBM Session Fixation vulnerability in IBM Security Access Manager

IBM Security Access Manager Appliance 9.0.1.0, 9.0.2.0, 9.0.3.0, 9.0.4.0, and 9.0.5.0 does not set the secure attribute on authorization tokens or session cookies.

4.3
2018-12-13 CVE-2018-1803 IBM Improper Restriction of Rendered UI Layers OR Frames vulnerability in IBM Security Access Manager

IBM Security Access Manager Appliance 9.0.1.0, 9.0.2.0, 9.0.3.0, 9.0.4.0, and 9.0.5.0 could allow a remote attacker to hijack the clicking action of the victim.

4.3
2018-12-12 CVE-2018-20101 Codection Cross-Site Scripting vulnerability in Codection Import Users From CSV With Meta 1.12.1

The codection "Import users from CSV with meta" plugin before 1.12.1 for WordPress allows XSS via the value of a cell.

4.3
2018-12-12 CVE-2018-1484 IBM Session Fixation vulnerability in IBM Bigfix Platform

IBM BigFix Platform 9.2.0 through 9.2.14 and 9.5 through 9.5.9 does not set the secure attribute on authorization tokens or session cookies.

4.3
2018-12-12 CVE-2018-1478 IBM Improper Input Validation vulnerability in IBM Bigfix Platform

IBM BigFix Platform 9.2.0 through 9.2.14 and 9.5 through 9.5.9 could allow a remote attacker to hijack the clicking action of the victim.

4.3
2018-12-12 CVE-2018-1474 IBM Injection vulnerability in IBM Bigfix Platform

IBM BigFix Platform 9.2.0 through 9.2.14 and 9.5 through 9.5.9 is vulnerable to HTTP response splitting attacks, caused by improper validation of user-supplied input.

4.3
2018-12-12 CVE-2018-11464 Siemens Unspecified vulnerability in Siemens products

A vulnerability has been identified in SINUMERIK 828D V4.7 (All versions < V4.7 SP6 HF1), SINUMERIK 840D sl V4.7 (All versions < V4.7 SP6 HF5), SINUMERIK 840D sl V4.8 (All versions < V4.8 SP3).

4.3
2018-12-12 CVE-2018-17952 Microfocus Cross-Site Scripting vulnerability in Microfocus Edirectory

Cross site scripting vulnerability in eDirectory prior to 9.1 SP2

4.3
2018-12-12 CVE-2018-17949 Microfocus Cross-Site Scripting vulnerability in Microfocus Imanager

Cross site scripting vulnerability in iManager prior to 3.1 SP2.

4.3
2018-12-12 CVE-2018-20099 Exiv2 Infinite Loop vulnerability in Exiv2 0.27

There is an infinite loop in Exiv2::Jp2Image::encodeJp2Header of jp2image.cpp in Exiv2 0.27-RC3.

4.3
2018-12-12 CVE-2018-20098 Exiv2 Out-Of-Bounds Read vulnerability in Exiv2 0.27

There is a heap-based buffer over-read in Exiv2::Jp2Image::encodeJp2Header of jp2image.cpp in Exiv2 0.27-RC3.

4.3
2018-12-12 CVE-2018-20097 Exiv2
Debian
Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in multiple products

There is a SEGV in Exiv2::Internal::TiffParserWorker::findPrimaryGroups of tiffimage_int.cpp in Exiv2 0.27-RC3.

4.3
2018-12-12 CVE-2018-20096 Exiv2 Out-Of-Bounds Read vulnerability in Exiv2 0.27

There is a heap-based buffer over-read in the Exiv2::tEXtToDataBuf function of pngimage.cpp in Exiv2 0.27-RC3.

4.3
2018-12-12 CVE-2018-20095 Axiosys Allocation of Resources Without Limits OR Throttling vulnerability in Axiosys Bento4 1.5.1627

An issue was discovered in EnsureCapacity in Core/Ap4Array.h in Bento4 1.5.1-627.

4.3
2018-12-12 CVE-2018-8627 Microsoft USE of Uninitialized Resource vulnerability in Microsoft products

An information disclosure vulnerability exists when Microsoft Excel software reads out of bound memory due to an uninitialized variable, which could disclose the contents of memory, aka "Microsoft Excel Information Disclosure Vulnerability." This affects Microsoft Office, Office 365 ProPlus, Microsoft Excel, Microsoft Excel Viewer, Excel.

4.3
2018-12-12 CVE-2018-8596 Microsoft Unspecified vulnerability in Microsoft products

An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka "Windows GDI Information Disclosure Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2019, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers.

4.3
2018-12-12 CVE-2018-8595 Microsoft Unspecified vulnerability in Microsoft products

An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka "Windows GDI Information Disclosure Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2019, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers.

4.3
2018-12-12 CVE-2018-8580 Microsoft Information Exposure vulnerability in Microsoft Sharepoint Designer and Sharepoint Enterprise Server

An information disclosure vulnerability exists where certain modes of the search function in Microsoft SharePoint Server are vulnerable to cross-site search attacks (a variant of cross-site request forgery, CSRF), aka "Microsoft SharePoint Information Disclosure Vulnerability." This affects Microsoft SharePoint.

4.3
2018-12-11 CVE-2018-2505 SAP Cross-Site Scripting vulnerability in SAP Hybris

SAP Commerce does not sufficiently validate user-controlled inputs, resulting in Cross-Site Scripting (XSS) vulnerability in storefronts that are based on the product.

4.3
2018-12-11 CVE-2018-2504 SAP Cross-Site Scripting vulnerability in SAP Netweaver

SAP NetWeaver AS Java Web Container service does not validate against whitelist the HTTP host header which can result in HTTP Host Header Manipulation or Cross-Site Scripting (XSS) vulnerability.

4.3
2018-12-11 CVE-2018-2502 SAP Cross-Site Scripting vulnerability in SAP Business ONE ON Hana 9.2/9.3

TRACE method is enabled in SAP Business One Service Layer .

4.3
2018-12-11 CVE-2018-19970 Phpmyadmin
Debian
Cross-Site Scripting vulnerability in multiple products

In phpMyAdmin before 4.8.4, an XSS vulnerability was found in the navigation tree, where an attacker can deliver a payload to a user through a crafted database/table name.

4.3
2018-12-11 CVE-2018-18357 Google
Redhat
Debian
Incorrect handling of confusable characters in URL Formatter in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted domain name.
4.3
2018-12-11 CVE-2018-18355 Google
Redhat
Debian
Incorrect handling of confusable characters in URL Formatter in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted domain name.
4.3
2018-12-11 CVE-2018-18353 Google
Redhat
Debian
Unspecified vulnerability in Google Chrome

Failure to dismiss http auth dialogs on navigation in Network Authentication in Google Chrome on Android prior to 71.0.3578.80 allowed a remote attacker to confuse the user about the origin of an auto dialog via a crafted HTML page.

4.3
2018-12-11 CVE-2018-18352 Google
Redhat
Debian
Incorrect Permission Assignment for Critical Resource vulnerability in Google Chrome

Service works could inappropriately gain access to cross origin audio in Media in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to bypass same origin policy for audio content via a crafted HTML page.

4.3
2018-12-11 CVE-2018-18351 Google
Redhat
Debian
Improper Input Validation vulnerability in Google Chrome

Lack of proper validation of ancestor frames site when sending lax cookies in Navigation in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to bypass SameSite cookie policy via a crafted HTML page.

4.3
2018-12-11 CVE-2018-18350 Google
Redhat
Debian
Unspecified vulnerability in Google Chrome

Incorrect handling of CSP enforcement during navigations in Blink in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to bypass content security policy via a crafted HTML page.

4.3
2018-12-11 CVE-2018-18349 Google
Debian
Redhat
Incorrect Permission Assignment for Critical Resource vulnerability in Google Chrome

Remote frame navigations was incorrectly permitted to local resources in Blink in Google Chrome prior to 71.0.3578.80 allowed an attacker who convinced a user to install a malicious extension to access files on the local file system via a crafted Chrome Extension.

4.3
2018-12-11 CVE-2018-18348 Google
Redhat
Debian
Incorrect handling of bidirectional domain names with RTL characters in Omnibox in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted domain name.
4.3
2018-12-11 CVE-2018-18346 Google
Redhat
Debian
Incorrect handling of alert box display in Blink in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to present confusing browser UI via a crafted HTML page.
4.3
2018-12-11 CVE-2018-18345 Google
Redhat
Debian
Unspecified vulnerability in Google Chrome

Incorrect handling of blob URLS in Site Isolation in Google Chrome prior to 71.0.3578.80 allowed a remote attacker who had compromised the renderer process to bypass site isolation protections via a crafted HTML page.

4.3
2018-12-11 CVE-2018-18344 Google
Debian
Redhat
Improper Privilege Management vulnerability in multiple products

Inappropriate allowance of the setDownloadBehavior devtools protocol feature in Extensions in Google Chrome prior to 71.0.3578.80 allowed a remote attacker with control of an installed extension to access files on the local file system via a crafted Chrome Extension.

4.3
2018-12-10 CVE-2018-1671 IBM Cross-Site Scripting vulnerability in IBM Curam Social Program Management 7.0.3.0

IBM Curam Social Program Management 7.0.3 is vulnerable to HTML injection.

4.3
2018-12-10 CVE-2018-20006 Phpok Cross-Site Scripting vulnerability in PHPok 5.0.055

An issue was discovered in PHPok v5.0.055.

4.3
2018-12-10 CVE-2018-20005 Msweet
Fedoraproject
USE After Free vulnerability in multiple products

An issue has been found in Mini-XML (aka mxml) 2.12.

4.3
2018-12-10 CVE-2018-20002 GNU
Netapp
F5
Missing Release of Resource After Effective Lifetime vulnerability in multiple products

The _bfd_generic_read_minisymbols function in syms.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31, has a memory leak via a crafted ELF file, leading to a denial of service (memory consumption), as demonstrated by nm.

4.3
2018-12-10 CVE-2018-20001 Libav Improper Input Validation vulnerability in Libav 12.3

In Libav 12.3, there is a floating point exception in the range_decode_culshift function (called from range_decode_bits) in libavcodec/apedec.c that will lead to remote denial of service via crafted input.

4.3
2018-12-14 CVE-2018-20155 Designmodo Missing Authorization vulnerability in Designmodo WP Maintenance Mode

The WP Maintenance Mode plugin before 2.0.7 for WordPress allows remote authenticated subscriber users to bypass intended access restrictions on changes to plugin settings.

4.0
2018-12-14 CVE-2018-20154 Designmodo Information Exposure vulnerability in Designmodo WP Maintenance Mode

The WP Maintenance Mode plugin before 2.0.7 for WordPress allows remote authenticated users to discover all subscriber e-mail addresses.

4.0
2018-12-14 CVE-2018-20152 Wordpress
Debian
Improper Input Validation vulnerability in Wordpress

In WordPress before 4.9.9 and 5.x before 5.0.1, authors could bypass intended restrictions on post types via crafted input.

4.0
2018-12-14 CVE-2018-1977 IBM
Linux
Microsoft
Improper Input Validation vulnerability in IBM DB2 11.1

IBM DB2 for Linux, UNIX and Windows 11.1 (includes DB2 Connect Server) contains a denial of service vulnerability.

4.0
2018-12-14 CVE-2018-19413 Sonarsource Information Exposure vulnerability in Sonarsource Sonarqube

A vulnerability in the API of SonarSource SonarQube before 7.4 could allow an authenticated user to discover sensitive information such as valid user-account logins in the web application.

4.0
2018-12-14 CVE-2018-14623 Theforeman SQL Injection vulnerability in Theforeman Katello 3.10.0/3.11.0/3.12.0.9

A SQL injection flaw was found in katello's errata-related API.

4.0
2018-12-13 CVE-2018-15754 Pivotal Software Incorrect Authorization vulnerability in Pivotal Software Cloud Foundry Uaa-Release

Cloud Foundry UAA, versions 60 prior to 66.0, contain an authorization logic error.

4.0
2018-12-13 CVE-2018-19039 Grafana
Redhat
Netapp
Information Exposure vulnerability in multiple products

Grafana before 4.6.5 and 5.x before 5.3.3 allows remote authenticated users to read arbitrary files by leveraging Editor or Admin permissions.

4.0
2018-12-13 CVE-2018-1813 IBM Unspecified vulnerability in IBM Security Access Manager

IBM Security Access Manager Appliance 9.0.1.0, 9.0.2.0, 9.0.3.0, 9.0.4.0, and 9.0.5.0 uses incomplete blacklisting for input validation which allows attackers to bypass application controls resulting in direct impact to the system and data integrity.

4.0
2018-12-13 CVE-2018-1805 IBM Information Exposure vulnerability in IBM Security Access Manager

IBM Security Access Manager Appliance 9.0.1.0, 9.0.2.0, 9.0.3.0, 9.0.4.0, and 9.0.5.0 generates an error message that includes sensitive information about its environment, users, or associated data.

4.0
2018-12-13 CVE-2018-7691 Microfocus Unspecified vulnerability in Microfocus Fortify Software Security Center 17.10/17.20/18.10

A potential Remote Unauthorized Access in Micro Focus Fortify Software Security Center (SSC), versions 17.10, 17.20, 18.10 this exploitation could allow Remote Unauthorized Access

4.0
2018-12-13 CVE-2018-7690 Microfocus Unspecified vulnerability in Microfocus Fortify Software Security Center 17.10/17.20/18.10

A potential Remote Unauthorized Access in Micro Focus Fortify Software Security Center (SSC), versions 17.10, 17.20, 18.10 this exploitation could allow Remote Unauthorized Access

4.0
2018-12-12 CVE-2018-1485 IBM Session Fixation vulnerability in IBM Bigfix Platform

IBM BigFix Platform 9.2.0 through 9.2.14 and 9.5 through 9.5.9 does not renew a session variable after a successful authentication which could lead to session fixation/hijacking vulnerability.

4.0
2018-12-12 CVE-2018-8604 Microsoft Unspecified vulnerability in Microsoft Exchange Server 2016

A tampering vulnerability exists when Microsoft Exchange Server fails to properly handle profile data, aka "Microsoft Exchange Server Tampering Vulnerability." This affects Microsoft Exchange Server.

4.0
2018-12-11 CVE-2018-2497 SAP Unspecified vulnerability in SAP Hana 1.0/2.0

The security audit log of SAP HANA, versions 1.0 and 2.0, does not log SELECT events if these events are part of a statement with the syntax CREATE TABLE <table_name> AS SELECT.

4.0
2018-12-11 CVE-2018-18810 Tibco Unspecified vulnerability in Tibco products

The Administrator Service component of TIBCO Software Inc.'s TIBCO Managed File Transfer Command Center, and TIBCO Managed File Transfer Internet Server contains vulnerabilities where an authenticated user with specific privileges can gain access to credentials to other systems.

4.0
2018-12-11 CVE-2018-19968 Phpmyadmin
Debian
Information Exposure vulnerability in multiple products

An attacker can exploit phpMyAdmin before 4.8.4 to leak the contents of a local file because of an error in the transformation feature.

4.0
2018-12-10 CVE-2018-16636 Nucleuscms Cross-Site Scripting vulnerability in Nucleuscms Nucleus CMS 3.70

Nucleus CMS 3.70 allows HTML Injection via the index.php body parameter.

4.0
2018-12-10 CVE-2018-1000864 Jenkins
Redhat
Infinite Loop vulnerability in Jenkins

A denial of service vulnerability exists in Jenkins 2.153 and earlier, LTS 2.138.3 and earlier in CronTab.java that allows attackers with Overall/Read permission to have a request handling thread enter an infinite loop.

4.0
2018-12-10 CVE-2018-1000862 Jenkins
Redhat
Information Exposure vulnerability in Jenkins

An information exposure vulnerability exists in Jenkins 2.153 and earlier, LTS 2.138.3 and earlier in DirectoryBrowserSupport.java that allows attackers with the ability to control build output to browse the file system on agents running builds beyond the duration of the build using the workspace browser.

4.0

49 Low Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2018-12-14 CVE-2018-20153 Wordpress
Debian
Cross-Site Scripting vulnerability in Wordpress

In WordPress before 4.9.9 and 5.x before 5.0.1, contributors could modify new comments made by users with greater privileges, possibly causing XSS.

3.5
2018-12-14 CVE-2018-20149 Wordpress
Debian
Cross-Site Scripting vulnerability in Wordpress

In WordPress before 4.9.9 and 5.x before 5.0.1, when the Apache HTTP Server is used, authors could upload crafted files that bypass intended MIME type restrictions, leading to XSS, as demonstrated by a .jpg file without JPEG data.

3.5
2018-12-13 CVE-2018-5411 Pixar Cross-Site Scripting vulnerability in Pixar Tractor 2.0/2.1/2.2

Pixar's Tractor software, versions 2.2 and earlier, contain a stored cross-site scripting vulnerability in the field that allows a user to add a note to an existing node.

3.5
2018-12-13 CVE-2018-16872 Qemu
Debian
Fedoraproject
Canonical
Opensuse
Time-Of-Check Time-Of-Use (Toctou) Race Condition vulnerability in multiple products

A flaw was found in qemu Media Transfer Protocol (MTP).

3.5
2018-12-13 CVE-2018-20138 Readymadeb2Bscript Cross-Site Scripting vulnerability in Readymadeb2Bscript Entrepreneur B2B Script 3.0.6

PHP Scripts Mall Entrepreneur B2B Script 3.0.6 allows Stored XSS via Account Settings fields such as FirstName and LastName, a similar issue to CVE-2018-14541.

3.5
2018-12-13 CVE-2018-20137 Thedaylightstudio Cross-Site Scripting vulnerability in Thedaylightstudio Fuel CMS 1.4.3

XSS exists in FUEL CMS 1.4.3 via the Page title, Meta description, or Meta keywords during page data management, as demonstrated by the pages/edit/1?lang=english URI.

3.5
2018-12-13 CVE-2018-20136 Thedaylightstudio Cross-Site Scripting vulnerability in Thedaylightstudio Fuel CMS 1.4.3

XSS exists in FUEL CMS 1.4.3 via the Header or Body in the Layout Variables during new-page creation, as demonstrated by the pages/edit/1?lang=english URI.

3.5
2018-12-13 CVE-2018-1740 IBM Cross-Site Scripting vulnerability in IBM Security Access Manager

IBM Security Access Manager Appliance 9.0.1.0, 9.0.2.0, 9.0.3.0, 9.0.4.0, and 9.0.5.0 is vulnerable to cross-site scripting.

3.5
2018-12-13 CVE-2018-1667 IBM Cross-Site Scripting vulnerability in IBM Datapower Gateway

IBM DataPower Gateway 7.6.0.0 through 7.6.0.10, 7.5.2.0 through 7.5.2.17, 7.5.1.0 through 7.5.1.17, 7.5.0.0 through 7.5.0.18, and 7.7.0.0 through 7.7.1.3 is vulnerable to cross-site scripting.

3.5
2018-12-13 CVE-2018-16555 Siemens Cross-Site Scripting vulnerability in Siemens products

A vulnerability has been identified in SCALANCE S602 (All versions < V4.0.1.1), SCALANCE S612 (All versions < V4.0.1.1), SCALANCE S623 (All versions < V4.0.1.1), SCALANCE S627-2M (All versions < V4.0.1.1).

3.5
2018-12-13 CVE-2018-1653 IBM Cross-Site Scripting vulnerability in IBM Security Access Manager

IBM Security Access Manager Appliance 9.0.1.0, 9.0.2.0, 9.0.3.0, 9.0.4.0, and 9.0.5.0 is vulnerable to cross-site scripting.

3.5
2018-12-12 CVE-2018-8650 Microsoft Cross-Site Scripting vulnerability in Microsoft Sharepoint Enterprise Server 2016

A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka "Microsoft Office SharePoint XSS Vulnerability." This affects Microsoft SharePoint.

3.5
2018-12-12 CVE-2018-8652 Microsoft Cross-Site Scripting vulnerability in Microsoft Windows Azure Pack Rollup 13.1

A Cross-site Scripting (XSS) vulnerability exists when Windows Azure Pack does not properly sanitize user-provided input, aka "Windows Azure Pack Cross Site Scripting Vulnerability." This affects Windows Azure Pack Rollup 13.1.

3.5
2018-12-12 CVE-2018-8651 Microsoft Cross-Site Scripting vulnerability in Microsoft Dynamics NAV 2016/2017

A cross site scripting vulnerability exists when Microsoft Dynamics NAV does not properly sanitize a specially crafted web request to an affected Dynamics NAV server, aka "Microsoft Dynamics NAV Cross Site Scripting Vulnerability." This affects Microsoft Dynamics NAV.

3.5
2018-12-11 CVE-2018-2486 SAP Cross-Site Scripting vulnerability in SAP Marketing Sapscore and Marketing Uicuan

SAP Marketing (UICUAN (1.20, 1.30, 1.40), SAPSCORE (1.13, 1.14)) does not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting (XSS) vulnerability.

3.5
2018-12-11 CVE-2018-1900 IBM Cross-Site Scripting vulnerability in IBM Curam Social Program Management

IBM Curam Social Program Management 6.0.5, 6.1.1, 6.2.0, 7.0.1, and 7.0.3 is vulnerable to cross-site scripting.

3.5
2018-12-10 CVE-2018-16635 Blackcat CMS Cross-Site Scripting vulnerability in Blackcat-Cms Blackcat CMS 1.3.2

Blackcat CMS 1.3.2 allows XSS via the willkommen.php?lang=DE page title at backend/pages/modify.php.

3.5
2018-12-10 CVE-2018-15800 Cloud Foundry Information Exposure vulnerability in Cloud Foundry Bits Service

Cloud Foundry Bits Service, versions prior to 2.18.0, includes an information disclosure vulnerability.

3.5
2018-12-10 CVE-2018-20017 SEM CMS Cross-Site Scripting vulnerability in Sem-Cms Semcms 3.5

SEMCMS 3.5 has XSS via the first text box to the SEMCMS_Main.php URI.

3.5
2018-12-10 CVE-2018-20012 Phpcmf Cross-Site Scripting vulnerability in PHPcmf 4.1.3

PHPCMF 4.1.3 has XSS via the first input field to the index.php?s=member&c=register&m=index URI.

3.5
2018-12-10 CVE-2018-20011 Domainmod Cross-Site Scripting vulnerability in Domainmod

DomainMOD 4.11.01 has XSS via the assets/add/category.php Category Name or Stakeholder field.

3.5
2018-12-10 CVE-2018-20010 Domainmod Cross-Site Scripting vulnerability in Domainmod

DomainMOD 4.11.01 has XSS via the assets/add/ssl-provider-account.php username field.

3.5
2018-12-10 CVE-2018-20009 Domainmod Cross-Site Scripting vulnerability in Domainmod

DomainMOD 4.11.01 has XSS via the assets/add/ssl-provider.php SSL Provider Name or SSL Provider URL field.

3.5
2018-12-15 CVE-2018-20161 Blinkforhome Unspecified vulnerability in Blinkforhome Sync Module

A design flaw in the BlinkForHome (aka Blink For Home) Sync Module 2.10.4 and earlier allows attackers to disable cameras via Wi-Fi, because incident clips (triggered by the motion sensor) are not saved if the attacker's traffic (such as Dot11Deauth) successfully disconnects the Sync Module from the Wi-Fi network.

3.3
2018-12-11 CVE-2018-2503 SAP Missing Authorization vulnerability in SAP Netweaver

By default, the SAP NetWeaver AS Java keystore service does not sufficiently restrict the access to resources that should be protected.

3.3
2018-12-10 CVE-2018-1279 Pivotal Software USE of Insufficiently Random Values vulnerability in Pivotal Software Rabbitmq

Pivotal RabbitMQ for PCF, all versions, uses a deterministically generated cookie that is shared between all machines when configured in a multi-tenant cluster.

3.3
2018-12-11 CVE-2018-18358 Google
Debian
Redhat
Improper Input Validation vulnerability in Google Chrome

Lack of special casing of localhost in WPAD files in Google Chrome prior to 71.0.3578.80 allowed an attacker on the local network segment to proxy resources on localhost via a crafted WPAD file.

2.9
2018-12-12 CVE-2018-8598 Microsoft Unspecified vulnerability in Microsoft Excel, Office and Office 365 Proplus

An information disclosure vulnerability exists when Microsoft Excel improperly discloses the contents of its memory, aka "Microsoft Excel Information Disclosure Vulnerability." This affects Office 365 ProPlus, Microsoft Office, Microsoft Excel.

2.6
2018-12-14 CVE-2018-18984 Medtronic Cryptographic Issues vulnerability in Medtronic products

Medtronic CareLink 2090 Programmer CareLink 9790 Programmer 29901 Encore Programmer, all versions, The affected products do not encrypt or do not sufficiently encrypt the following sensitive information while at rest PII and PHI.

2.1
2018-12-14 CVE-2018-3705 Intel Incorrect Permission Assignment FOR Critical Resource vulnerability in Intel System Defense Utility

Improper directory permissions in the installer for the Intel(R) System Defense Utility (all versions) may allow authenticated users to potentially enable a denial of service via local access.

2.1
2018-12-14 CVE-2018-18096 Intel Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Intel Quickassist Technology FOR Linux

Improper memory handling in Intel QuickAssist Technology for Linux (all versions) may allow an authenticated user to potentially enable a denial of service via local access.

2.1
2018-12-14 CVE-2018-12206 Intel Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Intel Quickassist Technology FOR Linux

Improper configuration of hardware access in Intel QuickAssist Technology for Linux (all versions) may allow an authenticated user to potentially enable a denial of service via local access.

2.1
2018-12-13 CVE-2018-19364 Qemu
Canonical
Debian
Fedoraproject
Opensuse
USE After Free vulnerability in multiple products

hw/9pfs/cofile.c and hw/9pfs/9p.c in QEMU can modify an fid path while it is being accessed by a second thread, leading to (for example) a use-after-free outcome.

2.1
2018-12-13 CVE-2018-13811 Siemens Information Exposure vulnerability in Siemens Simatic Step 7 (Tia Portal)

A vulnerability has been identified in SIMATIC STEP 7 (TIA Portal) (All Versions < V15.1).

2.1
2018-12-13 CVE-2017-1268 IBM Cryptographic Issues vulnerability in IBM Security Guardium

IBM Security Guardium 10 and 10.5 uses a one-way cryptographic hash against an input that should not be reversible, such as a password, but the software does not also use a salt as part of the input.

2.1
2018-12-12 CVE-2018-18397 Linux
Redhat
Canonical
Incorrect Authorization vulnerability in multiple products

The userfaultfd implementation in the Linux kernel before 4.19.7 mishandles access control for certain UFFDIO_ ioctl calls, as demonstrated by allowing local users to write data into holes in a tmpfs file (if the user has read-only access to that file, and that file contains holes), related to fs/userfaultfd.c and mm/userfaultfd.c.

2.1
2018-12-12 CVE-2018-8638 Microsoft Unspecified vulnerability in Microsoft Windows 10 and Windows Server 2019

An information disclosure vulnerability exists when DirectX improperly handles objects in memory, aka "DirectX Information Disclosure Vulnerability." This affects Windows 10, Windows Server 2019.

2.1
2018-12-12 CVE-2018-8637 Microsoft Unspecified vulnerability in Microsoft products

An information disclosure vulnerability exists in Windows kernel that could allow an attacker to retrieve information that could lead to a Kernel Address Space Layout Randomization (KASLR) bypass, aka "Win32k Information Disclosure Vulnerability." This affects Windows 10 Servers, Windows 10, Windows Server 2019.

2.1
2018-12-12 CVE-2018-8622 Microsoft Unspecified vulnerability in Microsoft products

An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory, aka "Windows Kernel Information Disclosure Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1, Windows Server 2008 R2.

2.1
2018-12-12 CVE-2018-8621 Microsoft Unspecified vulnerability in Microsoft Windows 7, Windows Server 2008 and Windows Server 2012

An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory, aka "Windows Kernel Information Disclosure Vulnerability." This affects Windows Server 2012, Windows 7, Windows Server 2008 R2.

2.1
2018-12-12 CVE-2018-8612 Microsoft Improper Input Validation vulnerability in Microsoft products

A Denial Of Service vulnerability exists when Connected User Experiences and Telemetry Service fails to validate certain function values, aka "Connected User Experiences and Telemetry Service Denial of Service Vulnerability." This affects Windows Server 2016, Windows 10, Windows Server 2019, Windows 10 Servers.

2.1
2018-12-12 CVE-2018-8514 Microsoft Improper Initialization vulnerability in Microsoft products

An information disclosure vulnerability exists when Remote Procedure Call runtime improperly initializes objects in memory, aka "Remote Procedure Call runtime Information Disclosure Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2019, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers.

2.1
2018-12-12 CVE-2018-8477 Microsoft Unspecified vulnerability in Microsoft products

An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory, aka "Windows Kernel Information Disclosure Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2019, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers.

2.1
2018-12-11 CVE-2018-1652 IBM Improper Input Validation vulnerability in IBM Datapower Gateway and MQ Appliance

IBM DataPower Gateway 7.1.0.0 through 7.1.0.19, 7.2.0.0 through 7.2.0.16, 7.5.0.0 through 7.5.0.10, 7.5.1.0 through 7.5.1.9, 7.5.2.0 through 7.5.2.9, and 7.6.0.0 through 7.6.0.2 and IBM MQ Appliance 8.0.0.0 through 8.0.0.8 and 9.0.1 through 9.0.5 could allow a local user to cause a denial of service through unknown vectors.

2.1
2018-12-10 CVE-2018-1957 IBM Information Exposure vulnerability in IBM Websphere Application Server

IBM WebSphere Application Server 9 could allow sensitive information to be available caused by mishandling of data by the application based on an incorrect return by the httpServletRequest#authenticate() API when an unprotected URI is accessed.

2.1
2018-12-13 CVE-2018-19489 Qemu
Debian
Fedoraproject
Canonical
Opensuse
Race Condition vulnerability in multiple products

v9fs_wstat in hw/9pfs/9p.c in QEMU allows guest OS users to cause a denial of service (crash) because of a race condition during file renaming.

1.9
2018-12-13 CVE-2018-12076 Avantimarkets Information Exposure vulnerability in Avantimarkets Market Card

A vulnerability in the UPC bar code of the Avanti Markets MarketCard could allow an unauthenticated, local attacker to access funds within the customer's MarketCard balance, and also could lead to Customer Information Disclosure.

1.9
2018-12-11 CVE-2018-2500 SAP Unspecified vulnerability in SAP Mobile Secure

Under certain conditions SAP Mobile Secure Android client (before version 6.60.19942.0 SP28 1711) allows an attacker to access information which would otherwise be restricted.

1.9
2018-12-10 CVE-2018-3988 Signal Information Exposure vulnerability in Signal Messenger 4.24.8

Signal Messenger for Android 4.24.8 may expose private information when using "disappearing messages." If a user uses the photo feature available in the "attach file" menu, then Signal will leave the picture in its own cache directory, which is available to any application on the system.

1.9