Weekly Vulnerabilities Reports > December 17 to 23, 2018

Overview

347 new vulnerabilities reported during this period, including 17 critical vulnerabilities and 75 high severity vulnerabilities. This weekly summary report vulnerabilities in 480 products from 193 vendors including Debian, Infovista, Canonical, Google, and IBM. Vulnerabilities are notably categorized as "Cross-site Scripting", "Improper Restriction of Operations within the Bounds of a Memory Buffer", "Insufficiently Protected Credentials", "Out-of-bounds Write", and "XXE".

  • 301 reported vulnerabilities are remotely exploitables.
  • 9 reported vulnerabilities have public exploit available.
  • 153 reported vulnerabilities are related to weaknesses in OWASP Top Ten.
  • 291 reported vulnerabilities are exploitable by an anonymous user.
  • Debian has the most reported vulnerabilities, with 26 reported vulnerabilities.
  • IBM has the most reported critical vulnerabilities, with 2 reported vulnerabilities.

TOTAL
VULNERABILITIES
CRITICAL RISK
VULNERABILITIES
HIGH RISK
VULNERABILITIES
MEDIUM RISK
VULNERABILITIES
LOW RISK
VULNERABILITIES
REMOTELY
EXPLOITABLE
LOCALLY
EXPLOITABLE
EXPLOIT
AVAILABLE
EXPLOITABLE
ANONYMOUSLY
AFFECTING
WEB APPLICATION

Vulnerability Details

The following table list reported vulnerabilities for the period covered by this report:

Expand/Hide

17 Critical Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2018-12-23 CVE-2018-20377 Orange Unspecified vulnerability in Orange Arv7519Rw22 Livebox 2.1 Firmware

Orange Livebox 00.96.320S devices allow remote attackers to discover Wi-Fi credentials via /get_getnetworkconf.cgi on port 8080, leading to full control if the admin password equals the Wi-Fi password or has the default admin value.

10.0
2018-12-20 CVE-2018-1000832 Zoneminder Deserialization of Untrusted Data vulnerability in Zoneminder

ZoneMinder version <= 1.32.2 contains a Other/Unknown vulnerability in User-controlled parameter that can result in Disclosure of confidential data, denial of service, SSRF, remote code execution.

10.0
2018-12-20 CVE-2018-1000820 Neo4J XXE vulnerability in Neo4J Awesome Procedures on Cyper

neo4j-contrib neo4j-apoc-procedures version before commit 45bc09c contains a XML External Entity (XXE) vulnerability in XML Parser that can result in Disclosure of confidential data, denial of service, SSRF, port scanning.

10.0
2018-12-17 CVE-2018-19036 Bosch Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Bosch products

An issue was discovered in several Bosch IP cameras for firmware versions 6.32 and higher.

10.0
2018-12-17 CVE-2018-18556 Vyos Unspecified vulnerability in Vyos 1.1.8

A privilege escalation issue was discovered in VyOS 1.1.8.

9.9
2018-12-23 CVE-2018-20396 Telaum Insufficiently Protected Credentials vulnerability in Telaum Ming2120J Firmware and Ming6300 Firmware

NET&SYS MNG2120J 5.76.1006c and MNG6300 5.83.6305jrc2 devices allow remote attackers to discover credentials via iso.3.6.1.4.1.4491.2.4.1.1.6.1.1.0 and iso.3.6.1.4.1.4491.2.4.1.1.6.1.2.0 SNMP requests.

9.8
2018-12-23 CVE-2018-20389 D Link Insufficiently Protected Credentials vulnerability in D-Link Dcm-604 Firmware and Dcm-704 Firmware

D-Link DCM-604 DCM604_C1_ViaCabo_1.04_20130606 and DCM-704 EU_DCM-704_1.10 devices allow remote attackers to discover credentials via iso.3.6.1.4.1.4491.2.4.1.1.6.1.1.0 and iso.3.6.1.4.1.4491.2.4.1.1.6.1.2.0 SNMP requests.

9.8
2018-12-20 CVE-2018-1160 Netatalk
Synology
Debian
Out-of-bounds Write vulnerability in multiple products

Netatalk before 3.1.12 is vulnerable to an out of bounds write in dsi_opensess.c.

9.8
2018-12-20 CVE-2018-20305 D Link Out-of-bounds Write vulnerability in D-Link Dir-816 A2 Firmware 1.10B05

D-Link DIR-816 A2 1.10 B05 devices allow arbitrary remote code execution without authentication via the newpass parameter.

9.8
2018-12-20 CVE-2018-15722 Logitech OS Command Injection vulnerability in Logitech Harmony HUB Firmware

The Logitech Harmony Hub before version 4.15.206 is vulnerable to OS command injection via the time update request.

9.3
2018-12-20 CVE-2018-1778 IBM Improper Authentication vulnerability in IBM API Connect

IBM LoopBack (IBM API Connect 2018.1, 2018.4.1, 5.0.8.0, and 5.0.8.4) could allow an attacker to bypass authentication if the AccessToken Model is exposed over a REST API, it is then possible for anyone to create an AccessToken for any User provided they know the userId and can hence get access to the other user&#195;&#162;&#194;&#128;&#194;&#153;s data / access to their privileges (if the user happens to be an Admin for example).

9.3
2018-12-21 CVE-2018-19323 Gigabyte Unspecified vulnerability in Gigabyte products

The GDrv low-level driver in GIGABYTE APP Center v1.05.21 and earlier, AORUS GRAPHICS ENGINE before 1.57, XTREME GAMING ENGINE before 1.26, and OC GURU II v2.08 exposes functionality to read and write Machine Specific Registers (MSRs).

9.0
2018-12-20 CVE-2018-19239 Trendnet OS Command Injection vulnerability in Trendnet Tew-673Gru Firmware 1.00B40

TRENDnet TEW-673GRU v1.00b40 devices have an OS command injection vulnerability in the start_arpping function of the timer binary, which allows remote attackers to execute arbitrary commands via three parameters (dhcpd_start, dhcpd_end, and lan_ipaddr) passed to the apply.cgi binary through a POST request.

9.0
2018-12-20 CVE-2018-19234 Comparex Download of Code Without Integrity Check vulnerability in Comparex Miss Marple

The Miss Marple Updater Service in COMPAREX Miss Marple Enterprise Edition before 2.0 allows remote attackers to execute arbitrary code with SYSTEM privileges via vectors related to missing update validation.

9.0
2018-12-20 CVE-2018-1000857 Open
Open Systems
Path Traversal vulnerability in Open-Systems Log-User-Session

log-user-session version 0.7 and earlier contains a Directory Traversal vulnerability in Main SUID-binary /usr/local/bin/log-user-session that can result in User to root privilege escalation.

9.0
2018-12-20 CVE-2018-1973 IBM Improper Privilege Management vulnerability in IBM API Connect

IBM API Connect 5.0.0.0 through 5.0.8.4 allows a user with limited 'API Administrator level access to give themselves full 'Administrator' level access through the members functionality.

9.0
2018-12-17 CVE-2018-18555 Vyos OS Command Injection vulnerability in Vyos 1.1.8

A sandbox escape issue was discovered in VyOS 1.1.8.

9.0

75 High Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2018-12-20 CVE-2018-1000878 Libarchive
Debian
Canonical
Redhat
Opensuse
Fedoraproject
Use After Free vulnerability in multiple products

libarchive version commit 416694915449219d505531b1096384f3237dd6cc onwards (release v3.1.0 onwards) contains a CWE-416: Use After Free vulnerability in RAR decoder - libarchive/archive_read_support_format_rar.c that can result in Crash/DoS - it is unknown if RCE is possible.

8.8
2018-12-20 CVE-2018-1000877 Libarchive
Debian
Canonical
Redhat
Fedoraproject
Double Free vulnerability in multiple products

libarchive version commit 416694915449219d505531b1096384f3237dd6cc onwards (release v3.1.0 onwards) contains a CWE-415: Double Free vulnerability in RAR decoder - libarchive/archive_read_support_format_rar.c, parse_codes(), realloc(rar->lzss.window, new_size) with new_size = 0 that can result in Crash/DoS.

8.8
2018-12-20 CVE-2018-1000843 Spotify Cross-Site Request Forgery (CSRF) vulnerability in Spotify Luigi

Luigi version prior to version 2.8.0; after commit 53b52e12745075a8acc016d33945d9d6a7a6aaeb; after GitHub PR spotify/luigi/pull/1870 contains a Cross ite Request Forgery (CSRF) vulnerability in API endpoint: /api/<method> that can result in Task metadata such as task name, id, parameter, etc.

8.8
2018-12-20 CVE-2018-5199 Wizvera Improper Input Validation vulnerability in Wizvera Veraport G3

In Veraport G3 ALL on MacOS, due to insufficient domain validation, It is possible to overwrite installation file to malicious file.

8.8
2018-12-21 CVE-2018-20346 Sqlite
Google
Redhat
Debian
Opensuse
Integer Overflow or Wraparound vulnerability in multiple products

SQLite before 3.25.3, when the FTS3 extension is enabled, encounters an integer overflow (and resultant buffer overflow) for FTS3 queries that occur after crafted changes to FTS3 shadow tables, allowing remote attackers to execute arbitrary code by leveraging the ability to run arbitrary SQL statements (such as in certain WebSQL use cases), aka Magellan.

8.1
2018-12-20 CVE-2018-5198 Wizvera Race Condition vulnerability in Wizvera Veraport G3

In Veraport G3 ALL on MacOS, a race condition when calling the Veraport API allow remote attacker to cause arbitrary file download and execution.

8.1
2018-12-20 CVE-2018-6669 Mcafee Forced Browsing vulnerability in Mcafee Application Change Control 6.2.0/7.0.0/7.0.1

A whitelist bypass vulnerability in McAfee Application Control / Change Control 7.0.1 and before allows a remote or local user to execute blacklisted files through an ASP.NET form.

8.0
2018-12-18 CVE-2018-16884 Linux
Redhat
Debian
Canonical
Use After Free vulnerability in multiple products

A flaw was found in the Linux kernel's NFS41+ subsystem.

8.0
2018-12-20 CVE-2018-19134 Artifex
Debian
Redhat
Incorrect Type Conversion or Cast vulnerability in multiple products

In Artifex Ghostscript through 9.25, the setpattern operator did not properly validate certain types.

7.8
2018-12-20 CVE-2018-15330 F5 Improper Input Validation vulnerability in F5 products

On BIG-IP 14.0.0-14.0.0.2, 13.0.0-13.1.1.1, or 12.1.0-12.1.3.7, when a virtual server using the inflate functionality to process a gzip bomb as a payload, the BIG-IP system will experience a fatal error and may cause the Traffic Management Microkernel (TMM) to produce a core file.

7.8
2018-12-20 CVE-2018-1000876 GNU
Canonical
Redhat
Integer Overflow or Wraparound vulnerability in multiple products

binutils version 2.32 and earlier contains a Integer Overflow vulnerability in objdump, bfd_get_dynamic_reloc_upper_bound,bfd_canonicalize_dynamic_reloc that can result in Integer overflow trigger heap overflow.

7.8
2018-12-20 CVE-2018-5200 Pandora Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Pandora Kmplayer

KMPlayer 4.2.2.15 and earlier have a Heap Based Buffer Overflow Vulnerability.

7.8
2018-12-19 CVE-2018-20021 Libvnc Project
Canonical
Debian
Infinite Loop vulnerability in multiple products

LibVNC before commit c3115350eb8bb635d0fdb4dbbb0d0541f38ed19c contains a CWE-835: Infinite loop vulnerability in VNC client code.

7.8
2018-12-20 CVE-2018-8653 Microsoft Out-of-bounds Write vulnerability in Microsoft Internet Explorer 10/11/9

A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer, aka "Scripting Engine Memory Corruption Vulnerability." This affects Internet Explorer 9, Internet Explorer 11, Internet Explorer 10.

7.6
2018-12-23 CVE-2018-20406 Python
Debian
Fedoraproject
Integer Overflow or Wraparound vulnerability in multiple products

Modules/_pickle.c in Python before 3.7.1 has an integer overflow via a large LONG_BINPUT value that is mishandled during a "resize to twice the size" attempt.

7.5
2018-12-21 CVE-2018-20325 Definitions Project Code Injection vulnerability in Definitions Project Definitions

There is a vulnerability in load() method in definitions/parser.py in the Danijar Hafner definitions package for Python.

7.5
2018-12-21 CVE-2018-20338 Zohocorp SQL Injection vulnerability in Zohocorp Manageengine Opmanager 12.3

Zoho ManageEngine OpManager 12.3 before build 123239 allows SQL injection in the Alarms section.

7.5
2018-12-21 CVE-2018-20318 Wxjava Project XXE vulnerability in Wxjava Project Wxjava 3.2.0

An issue was discovered in weixin-java-tools v3.2.0.

7.5
2018-12-20 CVE-2018-20191 Qemu
Canonical
Fedoraproject
NULL Pointer Dereference vulnerability in multiple products

hw/rdma/vmw/pvrdma_main.c in QEMU does not implement a read operation (such as uar_read by analogy to uar_write), which allows attackers to cause a denial of service (NULL pointer dereference).

7.5
2018-12-20 CVE-2018-19240 Trendnet Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Trendnet Tv-Ip110Wn Firmware and Tv-Ip121Wn Firmware

Buffer overflow in network.cgi on TRENDnet TV-IP110WN V1.2.2 build 68, V1.2.2.65, and V1.2.2 build 64 and TV-IP121WN V1.2.2 build 28 devices allows attackers to hijack the control flow to any attacker-specified location by crafting a POST request payload (without authentication).

7.5
2018-12-20 CVE-2018-18442 D Link Unspecified vulnerability in D-Link Dcs-825L Firmware 1.08

D-Link DCS-825L devices with firmware 1.08 do not employ a suitable mechanism to prevent denial-of-service (DoS) attacks.

7.5
2018-12-20 CVE-2018-18441 D Link
Dlink
Information Exposure vulnerability in multiple products

D-Link DCS series Wi-Fi cameras expose sensitive information regarding the device configuration.

7.5
2018-12-20 CVE-2018-18399 JCO SQL Injection vulnerability in JCO Karma 6.0.0

SQL injection vulnerability in the "ContentPlaceHolder1_uxTitle" component in ArchiveNews.aspx in jco.ir KARMA 6.0.0 allows a remote attacker to execute arbitrary SQL commands via the "id" parameter.

7.5
2018-12-20 CVE-2018-18388 Escanav Unspecified vulnerability in Escanav Escan Anti-Virus 14.0

eScan Agent Application (MWAGENT.EXE) 4.0.2.98 in MicroWorld Technologies eScan 14.0 allows remote or local attackers to execute arbitrary commands by sending a carefully crafted payload to TCP port 2222.

7.5
2018-12-20 CVE-2018-17246 Elastic
Redhat
Inclusion of Functionality from Untrusted Control Sphere vulnerability in multiple products

Kibana versions before 6.4.3 and 5.6.13 contain an arbitrary file inclusion flaw in the Console plugin.

7.5
2018-12-20 CVE-2018-15723 Logitech Unspecified vulnerability in Logitech Harmony HUB Firmware

The Logitech Harmony Hub before version 4.15.206 is vulnerable to application level command injection via crafted HTTP request.

7.5
2018-12-20 CVE-2018-15721 Logitech Improper Authentication vulnerability in Logitech Harmony HUB Firmware

The XMPP server in Logitech Harmony Hub before version 4.15.206 is vulnerable to authentication bypass via a crafted XMPP request.

7.5
2018-12-20 CVE-2018-15720 Logitech Use of Hard-coded Credentials vulnerability in Logitech Harmony HUB Firmware

Logitech Harmony Hub before version 4.15.206 contained two hard-coded accounts in the XMPP server that gave remote users access to the local API.

7.5
2018-12-20 CVE-2018-1000885 Phkp Project OS Command Injection vulnerability in Phkp Project Phkp

PHKP version including commit 88fd9cfdf14ea4b6ac3e3967feea7bcaabb6f03b contains a Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability in function pgp_exec() phkp.php:98 that can result in It is possible to manipulate gpg-keys or execute commands remotely.

7.5
2018-12-20 CVE-2018-1000881 Traccar Code Injection vulnerability in Traccar Server

Traccar Traccar Server version 4.0 and earlier contains a CWE-94: Improper Control of Generation of Code ('Code Injection') vulnerability in ComputedAttributesHandler.java that can result in Remote Command Execution.

7.5
2018-12-20 CVE-2018-1000875 Berkeley Improper Authentication vulnerability in Berkeley Open Infrastructure FOR Network Computing

Berkeley Open Infrastructure for Network Computing BOINC Server and Website Code version 0.9-1.0.2 contains a CWE-302: Authentication Bypass by Assumed-Immutable Data vulnerability in Website Terms of Service Acceptance Page that can result in Access to any user account.

7.5
2018-12-20 CVE-2018-1000871 Digitaldruid SQL Injection vulnerability in Digitaldruid Hoteldruid

HotelDruid HotelDruid 2.3.0 version 2.3.0 and earlier contains a SQL Injection vulnerability in "id_utente_mod" parameter in gestione_utenti.php file that can result in An attacker can dump all the database records of backend webserver.

7.5
2018-12-20 CVE-2018-1000869 Phpipam SQL Injection vulnerability in PHPipam 1.3.2

phpIPAM version 1.3.2 contains a CWE-89 vulnerability in /app/admin/nat/item-add-submit.php that can result in SQL Injection..

7.5
2018-12-20 CVE-2018-1000854 Esigate Injection vulnerability in Esigate

esigate.org esigate version 5.2 and earlier contains a CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') vulnerability in ESI directive with user specified XSLT that can result in Remote Code Execution.

7.5
2018-12-20 CVE-2018-1000850 Squareup Path Traversal vulnerability in Squareup Retrofit

Square Retrofit version versions from (including) 2.0 and 2.5.0 (excluding) contains a Directory Traversal vulnerability in RequestBuilder class, method addPathParameter that can result in By manipulating the URL an attacker could add or delete resources otherwise unavailable to her..

7.5
2018-12-20 CVE-2018-1000838 Sleuthkit XXE vulnerability in Sleuthkit Autopsy

autopsy version <= 4.9.0 contains a XML External Entity (XXE) vulnerability in CaseMetadata XML Parser that can result in Disclosure of confidential data, denial of service, SSRF, port scanning.

7.5
2018-12-20 CVE-2018-1000837 Obeo XXE vulnerability in Obeo UML Designer

UML Designer version <= 8.0.0 contains a XML External Entity (XXE) vulnerability in XML parser for plugins that can result in Disclosure of confidential data, denial of service, SSRF, port scanning.

7.5
2018-12-20 CVE-2018-1000835 Keepassdx XXE vulnerability in Keepassdx Keepass DX 2.5.0.0

KeePassDX version <= 2.5.0.0beta17 contains a XML External Entity (XXE) vulnerability in kdbx file parser that can result in Disclosure of confidential data, denial of service, SSRF, port scanning.

7.5
2018-12-20 CVE-2018-1000833 Zoneminder Deserialization of Untrusted Data vulnerability in Zoneminder

ZoneMinder version <= 1.32.2 contains a Other/Unknown vulnerability in User-controlled parameter that can result in Disclosure of confidential data, denial of service, SSRF, remote code execution.

7.5
2018-12-20 CVE-2018-1000831 K9Mail XXE vulnerability in K9Mail K-9 Mail

K9Mail version <= v5.600 contains a XML External Entity (XXE) vulnerability in WebDAV response parser that can result in Disclosure of confidential data, denial of service, SSRF, port scanning.

7.5
2018-12-20 CVE-2018-1000830 Xr3Player Project XXE vulnerability in Xr3Player Project Xr3Player

XR3Player version <= V3.124 contains a XML External Entity (XXE) vulnerability in Playlist parser that can result in Disclosure of confidential data, denial of service, SSRF, port scanning.

7.5
2018-12-20 CVE-2018-1000827 Ubilling Deserialization of Untrusted Data vulnerability in Ubilling 0.9.0/0.9.1/0.9.2

Ubilling version <= 0.9.2 contains a Other/Unknown vulnerability in user-controlled parameter that can result in Disclosure of confidential data, denial of service, SSRF, remote code execution.

7.5
2018-12-20 CVE-2018-1000825 Freecol XXE vulnerability in Freecol

FreeCol version <= nightly-2018-08-22 contains a XML External Entity (XXE) vulnerability in FreeColXMLReader parser that can result in Disclosure of confidential data, denial of service, SSRF, port scanning.

7.5
2018-12-20 CVE-2018-1000824 Megamek Deserialization of Untrusted Data vulnerability in Megamek

MegaMek version < v0.45.1 contains a Other/Unknown vulnerability in Object Stream Connection that can result in Disclosure of confidential data, denial of service, SSRF, remote code execution.

7.5
2018-12-20 CVE-2018-1000823 Exist DB XXE vulnerability in Exist-Db Exist

exist version <= 5.0.0-RC4 contains a XML External Entity (XXE) vulnerability in XML Parser for REST Server that can result in Disclosure of confidential data, denial of service, SSRF, port scanning.

7.5
2018-12-20 CVE-2018-1000822 Codelibs XXE vulnerability in Codelibs Fess

codelibs fess version before commit faa265b contains a XML External Entity (XXE) vulnerability in GSA XML file parser that can result in Disclosure of confidential data, denial of service, SSRF, port scanning.

7.5
2018-12-20 CVE-2018-1000821 Micromathematics Project XXE vulnerability in Micromathematics Project Micromathematics

MicroMathematics version before commit 5c05ac8 contains a XML External Entity (XXE) vulnerability in SMathStudio files that can result in Disclosure of confidential data, denial of service, SSRF, port scanning.

7.5
2018-12-20 CVE-2018-1784 IBM Unspecified vulnerability in IBM API Connect

IBM API Connect 5.0.0.0 and 5.0.8.4 is affected by a NoSQL Injection in MongoDB connector for the LoopBack framework.

7.5
2018-12-20 CVE-2018-20300 Phome Code Injection vulnerability in Phome Empirecms 7.5

Empire CMS 7.5 allows remote attackers to execute arbitrary PHP code via the ftemp parameter in an enews=EditMemberForm action because this code is injected into a memberform.$fid.php file.

7.5
2018-12-19 CVE-2018-20299 Bosch Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Bosch products

An issue was discovered in several Bosch Smart Home cameras (360 degree indoor camera and Eyes outdoor camera) with firmware before 6.52.4.

7.5
2018-12-19 CVE-2018-18999 Advantech
Microsoft
Improper Input Validation vulnerability in Advantech Webaccess/Scada 8.3.2

WebAccess/SCADA, WebAccess/SCADA Version 8.3.2 installed on Windows 2008 R2 SP1.

7.5
2018-12-19 CVE-2018-20020 Libvnc Project
Canonical
Debian
Out-of-bounds Write vulnerability in multiple products

LibVNC before commit 7b1ef0ffc4815cab9a96c7278394152bdc89dc4d contains heap out-of-bound write vulnerability inside structure in VNC client code that can result remote code execution

7.5
2018-12-19 CVE-2018-20019 Libvnc Project
Canonical
Debian
Siemens
Out-of-bounds Write vulnerability in multiple products

LibVNC before commit a83439b9fbe0f03c48eb94ed05729cb016f8b72f contains multiple heap out-of-bound write vulnerabilities in VNC client code that can result remote code execution

7.5
2018-12-19 CVE-2018-15127 Libvnc Project
Canonical
Redhat
Debian
Out-of-bounds Write vulnerability in multiple products

LibVNC before commit 502821828ed00b4a2c4bef90683d0fd88ce495de contains heap out-of-bound write vulnerability in server code of file transfer extension that can result remote code execution

7.5
2018-12-19 CVE-2018-15126 Libvnc Project
Canonical
Debian
Use After Free vulnerability in multiple products

LibVNC before commit 73cb96fec028a576a5a24417b57723b55854ad7b contains heap use-after-free vulnerability in server code of file transfer extension that can result remote code execution

7.5
2018-12-18 CVE-2018-17777 Dlink Improper Authentication vulnerability in Dlink Dva-5592 Firmware A1Wi20180823

An issue was discovered on D-Link DVA-5592 A1_WI_20180823 devices.

7.5
2018-12-17 CVE-2018-20133 Ymlref Project Code Injection vulnerability in Ymlref Project Ymlref

ymlref allows code injection.

7.5
2018-12-17 CVE-2018-20027 Lisa LAB Code Injection vulnerability in Lisa-Lab Pylearn2

The yaml_parse.load method in Pylearn2 allows code injection.

7.5
2018-12-17 CVE-2018-18249 Icinga Code Injection vulnerability in Icinga web 2

Icinga Web 2 before 2.6.2 allows injection of PHP ini-file directives via vectors involving environment variables as the channel to send information to the attacker, such as a name=${PATH}_${APACHE_RUN_DIR}_${APACHE_RUN_USER} parameter to /icingaweb2/navigation/add or /icingaweb2/dashboard/new-dashlet.

7.5
2018-12-17 CVE-2018-20173 Zohocorp SQL Injection vulnerability in Zohocorp Manageengine Opmanager 12.3

Zoho ManageEngine OpManager 12.3 before 123238 allows SQL injection via the getGraphData API.

7.5
2018-12-23 CVE-2018-20331 Antiy Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Antiy Anti Virus LAB Atool 1.0.0.22

Local attackers can trigger a Kernel Pool Buffer Overflow in Antiy AVL ATool v1.0.0.22.

7.2
2018-12-21 CVE-2018-19321 Gigabyte Unspecified vulnerability in Gigabyte products

The GPCIDrv and GDrv low-level drivers in GIGABYTE APP Center v1.05.21 and earlier, AORUS GRAPHICS ENGINE before 1.57, XTREME GAMING ENGINE before 1.26, and OC GURU II v2.08 expose functionality to read and write arbitrary physical memory.

7.2
2018-12-21 CVE-2018-19320 Gigabyte Unspecified vulnerability in Gigabyte products

The GDrv low-level driver in GIGABYTE APP Center v1.05.21 and earlier, AORUS GRAPHICS ENGINE before 1.57, XTREME GAMING ENGINE before 1.26, and OC GURU II v2.08 exposes ring0 memcpy-like functionality that could allow a local attacker to take complete control of the affected system.

7.2
2018-12-21 CVE-2018-20342 Floureon Improper Authentication vulnerability in Floureon Sp012

The Floureon IP Camera SP012 provides a root terminal on a UART serial interface without proper access control.

7.2
2018-12-20 CVE-2018-18629 Keybase Untrusted Search Path vulnerability in Keybase

An issue was discovered in the Keybase command-line client before 2.8.0-20181023124437 for Linux.

7.2
2018-12-20 CVE-2018-11965 Google Improper Privilege Management vulnerability in Google Android

In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, Anyone can execute proptrigger.sh which will lead to change in properties.

7.2
2018-12-20 CVE-2018-11964 Google Incorrect Permission Assignment for Critical Resource vulnerability in Google Android

In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, Exposing the hashed content in /etc/passwd may lead to security issue.

7.2
2018-12-20 CVE-2018-11963 Google Out-of-bounds Read vulnerability in Google Android

In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, Buffer overread may occur due to non-null terminated strings while processing vsprintf in camera jpeg driver.

7.2
2018-12-20 CVE-2018-11961 Google Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android

In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, Possibility of accessing out of bound vector index When updating some GNSS configurations.

7.2
2018-12-20 CVE-2018-11960 Google Use After Free vulnerability in Google Android

In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, A use after free condition can occur in the SPS driver which can lead to error in kernel.

7.2
2018-12-20 CVE-2017-9704 Google Use After Free vulnerability in Google Android

In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, There is no synchronization between msm_vb2 buffer operations which can lead to use after free.

7.2
2018-12-20 CVE-2018-1771 IBM Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in IBM Domino and Notes

IBM Domino 9.0 and 9.0.1 could allow an attacker to execute commands on the system by triggering a buffer overflow in the parsing of command line arguments passed to nsd.exe.

7.2
2018-12-18 CVE-2018-6978 Vmware Incorrect Permission Assignment for Critical Resource vulnerability in VMWare Vrealize Operations 6.6.0/6.6.1/6.7.0

vRealize Operations (7.x before 7.0.0.11287810, 6.7.x before 6.7.0.11286837 and 6.6.x before 6.6.1.11286876) contains a local privilege escalation vulnerability due to improper permissions of support scripts.

7.2
2018-12-17 CVE-2018-19295 Sylabs Improper Input Validation vulnerability in Sylabs Singularity

Sylabs Singularity 2.4 to 2.6 allows local users to conduct Improper Input Validation attacks.

7.2
2018-12-20 CVE-2018-18767 Dlink
D Link
Inadequate Encryption Strength vulnerability in multiple products

An issue was discovered in D-Link 'myDlink Baby App' version 2.04.06.

7.0

216 Medium Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2018-12-21 CVE-2018-5202 Signkorea Unspecified vulnerability in Signkorea Skcertservice 2.3.0/2.5.5

SKCertService 2.5.5 and earlier contains a vulnerability that could allow remote attacker to execute arbitrary code.

6.8
2018-12-21 CVE-2018-5196 Estsoft Out-of-bounds Write vulnerability in Estsoft Alzip 10.76.0.0/8.5.1

Alzip 10.76.0.0 and earlier is vulnerable to a stack overflow caused by improper bounds checking.

6.8
2018-12-21 CVE-2018-20337 Libraw Out-of-bounds Write vulnerability in Libraw 0.19.1

There is a stack-based buffer overflow in the parse_makernote function of dcraw_common.cpp in LibRaw 0.19.1.

6.8
2018-12-21 CVE-2018-20330 Libjpeg Turbo Integer Overflow or Wraparound vulnerability in Libjpeg-Turbo 2.0.1

The tjLoadImage function in libjpeg-turbo 2.0.1 has an integer overflow with a resultant heap-based buffer overflow via a BMP image because multiplication of pitch and height is mishandled, as demonstrated by tjbench.

6.8
2018-12-20 CVE-2018-19005 Hornerautomation Improper Input Validation vulnerability in Hornerautomation Cscape 9.70/9.80/9.80.75.3

Cscape, Version 9.80.75.3 SP3 and prior.

6.8
2018-12-20 CVE-2018-15331 F5 Improper Privilege Management vulnerability in F5 Big-Ip Application Acceleration Manager

On BIG-IP AAM 13.0.0 or 12.1.0-12.1.3.7, the dcdb_convert utility used by BIG-IP AAM fails to drop group permissions when executing helper scripts, which could be used to leverage attacks against the BIG-IP system.

6.8
2018-12-20 CVE-2018-1000858 Gnupg
Canonical
Cross-Site Request Forgery (CSRF) vulnerability in multiple products

GnuPG version 2.1.12 - 2.2.11 contains a Cross ite Request Forgery (CSRF) vulnerability in dirmngr that can result in Attacker controlled CSRF, Information Disclosure, DoS.

6.8
2018-12-20 CVE-2018-1000849 Alpinelinux Improper Input Validation vulnerability in Alpinelinux Alpine Linux

Alpine Linux version Versions prior to 2.6.10, 2.7.6, and 2.10.1 contains a Other/Unknown vulnerability in apk-tools (Alpine Linux' package manager) that can result in Remote Code Execution.

6.8
2018-12-20 CVE-2018-1000846 Freshdns Project Cross-Site Request Forgery (CSRF) vulnerability in Freshdns Project Freshdns

FreshDNS version 1.0.3 and earlier contains a Cross ite Request Forgery (CSRF) vulnerability in All (authenticated) API calls in index.php / class.manager.php that can result in Editing domains and zones with victim's privileges.

6.8
2018-12-20 CVE-2018-1000836 Apereo XXE vulnerability in Apereo Bw-Calendar-Engine

bw-calendar-engine version <= bw-calendar-engine-3.12.0 contains a XML External Entity (XXE) vulnerability in IscheduleClient XML Parser that can result in Disclosure of confidential data, denial of service, SSRF, port scanning.

6.8
2018-12-20 CVE-2018-1000834 Runelite XXE vulnerability in Runelite

runelite version <= runelite-parent-1.4.23 contains a XML External Entity (XXE) vulnerability in Man in the middle runscape services call that can result in Disclosure of confidential data, denial of service, SSRF, port scanning.

6.8
2018-12-20 CVE-2018-1000829 Anyplace Project XXE vulnerability in Anyplace Project Anyplace

Anyplace version before commit 80359b4 contains a XML External Entity (XXE) vulnerability in Man in the middle on map API call that can result in Disclosure of confidential data, denial of service, SSRF, port scanning.

6.8
2018-12-20 CVE-2018-1000828 Frostwire XXE vulnerability in Frostwire

FrostWire version <= frostwire-desktop-6.7.4-build-272 contains a XML External Entity (XXE) vulnerability in Man in the middle on update that can result in Disclosure of confidential data, denial of service, SSRF, port scanning.

6.8
2018-12-20 CVE-2018-1661 IBM Cross-Site Request Forgery (CSRF) vulnerability in IBM Datapower Gateway

IBM DataPower Gateways 7.5, 7.5.1, 7.5.2, and 7.6 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts.

6.8
2018-12-19 CVE-2018-6307 Libvnc Project
Canonical
Debian
Use After Free vulnerability in multiple products

LibVNC before commit ca2a5ac02fbbadd0a21fabba779c1ea69173d10b contains heap use-after-free vulnerability in server code of file transfer extension that can result remote code execution.

6.8
2018-12-19 CVE-2018-20231 Simbahosting Cross-Site Request Forgery (CSRF) vulnerability in Simbahosting Two-Factor-Authentication

Cross Site Request Forgery (CSRF) in the two-factor-authentication plugin before 1.3.13 for WordPress allows remote attackers to disable 2FA via the tfa_enable_tfa parameter due to missing nonce validation.

6.8
2018-12-19 CVE-2018-20230 GNU Out-of-bounds Write vulnerability in GNU Pspp 1.2.0

An issue was discovered in PSPP 1.2.0.

6.8
2018-12-18 CVE-2018-4015 Webroot Improper Certificate Validation vulnerability in Webroot Brightcloud

An exploitable vulnerability exists in the HTTP client functionality of the Webroot BrightCloud SDK.

6.8
2018-12-18 CVE-2018-20201 Pur3 Out-of-bounds Read vulnerability in Pur3 Espruino 2.00

There is a stack-based buffer over-read in the jsfNameFromString function of jsflash.c in Espruino 2V00, leading to a denial of service or possibly unspecified other impact via a crafted js file.

6.8
2018-12-18 CVE-2018-20197 Audiocoding Out-of-bounds Write vulnerability in Audiocoding Freeware Advanced Audio Decoder 2 2.8.8

There is a stack-based buffer underflow in the third instance of the calculate_gain function in libfaad/sbr_hfadj.c in Freeware Advanced Audio Decoder 2 (FAAD2) 2.8.8.

6.8
2018-12-18 CVE-2018-20196 Audiocoding
Debian
Out-of-bounds Write vulnerability in multiple products

There is a stack-based buffer overflow in the third instance of the calculate_gain function in libfaad/sbr_hfadj.c in Freeware Advanced Audio Decoder 2 (FAAD2) 2.8.8.

6.8
2018-12-18 CVE-2018-20194 Audiocoding Out-of-bounds Write vulnerability in Audiocoding Freeware Advanced Audio Decoder 2 2.8.8

There is a stack-based buffer underflow in the third instance of the calculate_gain function in libfaad/sbr_hfadj.c in Freeware Advanced Audio Decoder 2 (FAAD2) 2.8.8.

6.8
2018-12-17 CVE-2018-20188 Thedaylightstudio Cross-Site Request Forgery (CSRF) vulnerability in Thedaylightstudio Fuel CMS 1.4.3

FUEL CMS 1.4.3 has CSRF via users/create/ to add an administrator account.

6.8
2018-12-17 CVE-2018-20169 Linux
Canonical
Debian
Resource Exhaustion vulnerability in multiple products

An issue was discovered in the Linux kernel before 4.19.9.

6.8
2018-12-17 CVE-2018-20167 Enlightenment Injection vulnerability in Enlightenment Terminology

Terminology before 1.3.1 allows Remote Code Execution because popmedia is mishandled, as demonstrated by an unsafe "cat README.md" command when \e}pn is used.

6.8
2018-12-23 CVE-2018-20402 Safe Insecure Default Initialization of Resource vulnerability in Safe FME Server

Safe Software FME Server through 2018.1 creates and enables three additional accounts in addition to the initial administrator account.

6.5
2018-12-22 CVE-2018-20349 Igraph NULL Pointer Dereference vulnerability in Igraph

The igraph_i_strdiff function in igraph_trie.c in igraph through 0.7.1 has an NULL pointer dereference that allows attackers to cause a denial of service (application crash) via a crafted object.

6.5
2018-12-21 CVE-2018-20226 Thehive Project Unspecified vulnerability in Thehive-Project Cortex

An organization administrator can add a super administrator in THEHIVE PROJECT Cortex before 2.1.3 due to the lack of overriding the Role.toString method.

6.5
2018-12-20 CVE-2018-19242 Trendnet Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Trendnet Tew-632Brp Firmware and Tew-673Gru Firmware

Buffer overflow in apply.cgi on TRENDnet TEW-632BRP 1.010B32 and TEW-673GRU devices allows attackers to hijack the control flow to any attacker-specified location by crafting a POST request payload (with authentication).

6.5
2018-12-20 CVE-2018-15329 F5 Missing Authorization vulnerability in F5 products

On BIG-IP 14.0.0-14.0.0.2, 13.0.0-13.1.1.1, or 12.1.0-12.1.3.7, or Enterprise Manager 3.1.1, when authenticated administrative users run commands in the Traffic Management User Interface (TMUI), also referred to as the BIG-IP Configuration utility, restrictions on allowed commands may not be enforced.

6.5
2018-12-20 CVE-2018-1000880 Libarchive
Canonical
Opensuse
Fedoraproject
Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products

libarchive version commit 9693801580c0cf7c70e862d305270a16b52826a7 onwards (release v3.2.0 onwards) contains a CWE-20: Improper Input Validation vulnerability in WARC parser - libarchive/archive_read_support_format_warc.c, _warc_read() that can result in DoS - quasi-infinite run time and disk usage from tiny file.

6.5
2018-12-20 CVE-2018-1000879 Libarchive
Opensuse
Fedoraproject
NULL Pointer Dereference vulnerability in multiple products

libarchive version commit 379867ecb330b3a952fb7bfa7bffb7bbd5547205 onwards (release v3.3.0 onwards) contains a CWE-476: NULL Pointer Dereference vulnerability in ACL parser - libarchive/archive_acl.c, archive_acl_from_text_l() that can result in Crash/DoS.

6.5
2018-12-20 CVE-2018-1000873 Fasterxml
Oracle
Netapp
Improper Input Validation vulnerability in multiple products

Fasterxml Jackson version Before 2.9.8 contains a CWE-20: Improper Input Validation vulnerability in Jackson-Modules-Java8 that can result in Causes a denial-of-service (DoS).

6.5
2018-12-20 CVE-2018-1000867 Webidsupport SQL Injection vulnerability in Webidsupport Webid

WeBid version up to current version 1.2.2 contains a SQL Injection vulnerability in All five yourauctions*.php scripts that can result in Database Read via Blind SQL Injection.

6.5
2018-12-20 CVE-2018-1000852 Freerdp
Canonical
Fedoraproject
Out-of-bounds Read vulnerability in multiple products

FreeRDP FreeRDP 2.0.0-rc3 released version before commit 205c612820dac644d665b5bb1cdf437dc5ca01e3 contains a Other/Unknown vulnerability in channels/drdynvc/client/drdynvc_main.c, drdynvc_process_capability_request that can result in The RDP server can read the client's memory..

6.5
2018-12-20 CVE-2018-1000839 Librehealth Unrestricted Upload of File with Dangerous Type vulnerability in Librehealth EHR 2.0.0

LH-EHR version REL-2_0_0 contains a Arbitrary File Upload vulnerability in Profile picture upload that can result in Remote Code Execution.

6.5
2018-12-20 CVE-2018-1000811 Bludit Unrestricted Upload of File with Dangerous Type vulnerability in Bludit 3.0.0

bludit version 3.0.0 contains a Unrestricted Upload of File with Dangerous Type vulnerability in Content Upload in Pages Editor that can result in Remote Command Execution.

6.5
2018-12-20 CVE-2018-7365 ZTE Untrusted Search Path vulnerability in ZTE Usmartview and Zxcloud Irai

All versions up to ZXCLOUD iRAI V5.01.05 of the ZTE uSmartView product are impacted by untrusted search path vulnerability, which may allow an unauthorized user to perform unauthorized operations.

6.5
2018-12-19 CVE-2018-11799 Apache Improper Input Validation vulnerability in Apache Oozie

Vulnerability allows a user of Apache Oozie 3.1.3-incubating to 5.0.0 to impersonate other users.

6.5
2018-12-20 CVE-2018-1000844 Squareup XXE vulnerability in Squareup Retrofit 2.4.0

Square Open Source Retrofit version Prior to commit 4a693c5aeeef2be6c7ecf80e7b5ec79f6ab59437 contains a XML External Entity (XXE) vulnerability in JAXB that can result in An attacker could use this to remotely read files from the file system or to perform SSRF..

6.4
2018-12-19 CVE-2018-20227 Eclipse Path Traversal vulnerability in Eclipse Rdf4J 2.4.2

RDF4J 2.4.2 allows Directory Traversal via ../ in an entry in a ZIP archive.

6.4
2018-12-20 CVE-2018-1000874 Cebe Cross-site Scripting vulnerability in Cebe Markdown

PHP cebe markdown parser version 1.2.0 and earlier contains a Cross Site Scripting (XSS) vulnerability in all distributed parsers allowing a malicious crafted script to be executed that can result in the lose of user data and sensitive user information.

6.1
2018-12-20 CVE-2018-1000848 Wampserver Cross-site Scripting vulnerability in Wampserver

Wampserver version prior to version 3.1.5 contains a Cross Site Scripting (XSS) vulnerability in index.php localhost page that can result in very low.

6.1
2018-12-20 CVE-2018-1000842 Fatfreecrm Cross-site Scripting vulnerability in Fatfreecrm

FatFreeCRM version <=0.14.1, >=0.15.0 <=0.15.1, >=0.16.0 <=0.16.3, >=0.17.0 <=0.17.2, ==0.18.0 contains a Cross Site Scripting (XSS) vulnerability in commit 6d60bc8ed010c4eda05d6645c64849f415f68d65 that can result in Javascript execution.

6.1
2018-12-18 CVE-2018-19790 Sensiolabs
Fedoraproject
Debian
Open Redirect vulnerability in multiple products

An open redirect was discovered in Symfony 2.7.x before 2.7.50, 2.8.x before 2.8.49, 3.x before 3.4.20, 4.0.x before 4.0.15, 4.1.x before 4.1.9 and 4.2.x before 4.2.1.

6.1
2018-12-19 CVE-2018-20228 Subsonic Server-Side Request Forgery (SSRF) vulnerability in Subsonic 6.1.5

Subsonic V6.1.5 allows internetRadioSettings.view streamUrl CSRF, with resultant SSRF.

6.0
2018-12-20 CVE-2018-16627 Getkirby Injection vulnerability in Getkirby Kirby 2.5.12

panel/login in Kirby v2.5.12 allows Host header injection via the "forget password" feature.

5.8
2018-12-19 CVE-2018-15801 Vmware Insufficient Verification of Data Authenticity vulnerability in VMWare Spring Framework 5.1.0/5.1.1

Spring Security versions 5.1.x prior to 5.1.2 contain an authorization bypass vulnerability during JWT issuer validation.

5.8
2018-12-19 CVE-2018-15798 Pivotal Software Open Redirect vulnerability in Pivotal Software Concourse

Pivotal Concourse Release, versions 4.x prior to 4.2.2, login flow allows redirects to untrusted websites.

5.8
2018-12-18 CVE-2018-19829 Artica Cross-Site Request Forgery (CSRF) vulnerability in Artica Integria IMS 5.0.83

Artica Integria IMS 5.0.83 has CSRF in godmode/usuarios/lista_usuarios, resulting in the ability to delete an arbitrary user when the ID number is known.

5.8
2018-12-18 CVE-2018-18921 Phpservermonitor Cross-Site Request Forgery (CSRF) vulnerability in PHPservermonitor PHP Server Monitor

PHP Server Monitor before 3.3.2 has CSRF, as demonstrated by a Delete action.

5.8
2018-12-17 CVE-2018-7804 Schneider Electric Open Redirect vulnerability in Schneider-Electric products

A URL Redirection to Untrusted Site vulnerability exists in the embedded web servers in all Modicon M340, Premium, Quantum PLCs and BMXNOR0200 where a user clicking on a specially crafted link can be redirected to a URL of the attacker's choosing.

5.8
2018-12-17 CVE-2018-7797 Schneider Electric Open Redirect vulnerability in Schneider-Electric products

A URL redirection vulnerability exists in Power Monitoring Expert, Energy Expert (formerly Power Manager) - EcoStruxure Power Monitoring Expert (PME) v8.2 (all editions), EcoStruxure Energy Expert 1.3 (formerly Power Manager), EcoStruxure Power SCADA Operation (PSO) 8.2 Advanced Reports and Dashboards Module, EcoStruxure Power Monitoring Expert (PME) v9.0, EcoStruxure Energy Expert v2.0, and EcoStruxure Power SCADA Operation (PSO) 9.0 Advanced Reports and Dashboards Module which could cause a phishing attack when redirected to a malicious site.

5.8
2018-12-17 CVE-2018-14856 Samsung Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Samsung Galaxy S6 Firmware G920Fxxu5Eqh7

Buffer overflow in dhd_bus_flow_ring_create_response in drivers/net/wireless/bcmdhd4358/dhd_pcie.c in the bcmdhd4358 Wi-Fi driver on the Samsung Galaxy S6 SM-G920F G920FXXU5EQH7 allow an attacker (who has obtained code execution on the Wi-Fi) chip to cause the device driver to perform invalid memory accesses.

5.8
2018-12-17 CVE-2018-14855 Samsung Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Samsung Galaxy S6 Firmware G920Fxxu5Eqh7

Buffer overflow in dhd_bus_flow_ring_flush_response in drivers/net/wireless/bcmdhd4358/dhd_pcie.c in the bcmdhd4358 Wi-Fi driver on the Samsung Galaxy S6 allow an attacker (who has obtained code execution on the Wi-Fi chip) to cause the device driver to perform invalid memory accesses.

5.8
2018-12-17 CVE-2018-14854 Samsung Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Samsung Galaxy S6 Firmware G920Fxxu5Eqh7

Buffer overflow in dhd_bus_flow_ring_delete_response in drivers/net/wireless/bcmdhd4358/dhd_pcie.c in the bcmdhd4358 Wi-Fi driver on the Samsung Galaxy S6 SM-G920F G920FXXU5EQH7 allow an attacker (who has obtained code execution on the Wi-Fi chip) to cause the device driver to perform invalid memory accesses.

5.8
2018-12-17 CVE-2018-14852 Samsung Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Samsung Galaxy S6 Firmware G920Fxxu5Eqh7

Out-of-bounds array access in dhd_rx_frame in drivers/net/wireless/bcmdhd4358/dhd_linux.c in the bcmdhd4358 Wi-Fi driver on the Samsung Galaxy S6 SM-G920F G920FXXU5EQH7 allows an attacker (who has obtained code execution on the Wi-Fi chip) to cause invalid accesses to operating system memory due to improper validation of the network interface index provided by the Wi-Fi chip's firmware.

5.8
2018-12-21 CVE-2018-20329 Chamilo SQL Injection vulnerability in Chamilo LMS 1.11.8

Chamilo LMS version 1.11.8 contains a main/inc/lib/CoursesAndSessionsCatalog.class.php SQL injection, allowing users with access to the sessions catalogue (which may optionally be made public) to extract and/or modify database information.

5.5
2018-12-17 CVE-2018-20123 Qemu
Canonical
Fedoraproject
Missing Release of Resource after Effective Lifetime vulnerability in multiple products

pvrdma_realize in hw/rdma/vmw/pvrdma_main.c in QEMU has a Memory leak after an initialisation error.

5.5
2018-12-17 CVE-2018-19976 Virustotal Information Exposure vulnerability in Virustotal Yara 3.8.1

In YARA 3.8.1, bytecode in a specially crafted compiled rule is exposed to information about its environment, in libyara/exec.c.

5.5
2018-12-17 CVE-2018-19975 Virustotal Out-of-bounds Read vulnerability in Virustotal Yara 3.8.1

In YARA 3.8.1, bytecode in a specially crafted compiled rule can read data from any arbitrary address in memory, in libyara/exec.c.

5.5
2018-12-17 CVE-2018-19974 Virustotal Use of Uninitialized Resource vulnerability in Virustotal Yara 3.8.1

In YARA 3.8.1, bytecode in a specially crafted compiled rule can read uninitialized data from VM scratch memory in libyara/exec.c.

5.5
2018-12-17 CVE-2018-19936 Printeron Improper Input Validation vulnerability in Printeron 4.1.4

PrinterOn Enterprise 4.1.4 allows Arbitrary File Deletion.

5.5
2018-12-17 CVE-2018-16596 Swisscom Out-of-bounds Write vulnerability in Swisscom products

A stack-based buffer overflow in the LAN UPnP service running on UDP port 1900 of Swisscom Internet-Box (2, Standard, and Plus) prior to v09.04.00 and Internet-Box light prior to v08.05.02 allows remote code execution.

5.4
2018-12-18 CVE-2018-19789 Sensiolabs
Debian
Unrestricted Upload of File with Dangerous Type vulnerability in multiple products

An issue was discovered in Symfony 2.7.x before 2.7.50, 2.8.x before 2.8.49, 3.x before 3.4.20, 4.0.x before 4.0.15, 4.1.x before 4.1.9, and 4.2.x before 4.2.1.

5.3
2018-12-17 CVE-2018-20170 Openstack Information Exposure vulnerability in Openstack Keystone

OpenStack Keystone through 14.0.1 has a user enumeration vulnerability because invalid usernames have much faster responses than valid ones for a POST /v3/auth/tokens request.

5.3
2018-12-19 CVE-2018-17195 Apache Cleartext Transmission of Sensitive Information vulnerability in Apache Nifi

The template upload API endpoint accepted requests from different domain when sent in conjunction with ARP spoofing + man in the middle (MiTM) attack, resulting in a CSRF attack.

5.1
2018-12-23 CVE-2018-20401 Zoomtel Insufficiently Protected Credentials vulnerability in Zoomtel 5352 Firmware 5.5.8.6Y

Zoom 5352 v5.5.8.6Y devices allow remote attackers to discover credentials via iso.3.6.1.4.1.4491.2.4.1.1.6.1.1.0 and iso.3.6.1.4.1.4491.2.4.1.1.6.1.2.0 SNMP requests.

5.0
2018-12-23 CVE-2018-20400 Ubeeinteractive Insufficiently Protected Credentials vulnerability in Ubeeinteractive Dvw2108 Firmware and Dvw2110 Firmware

Ubee DVW2108 6.28.1017 and DVW2110 6.28.2012 devices allow remote attackers to discover credentials via iso.3.6.1.4.1.4491.2.4.1.1.6.1.1.0 and iso.3.6.1.4.1.4491.2.4.1.1.6.1.2.0 SNMP requests.

5.0
2018-12-23 CVE-2018-20399 Motorola Insufficiently Protected Credentials vulnerability in Motorola Sbg901 Firmware, Sbg941 Firmware and Svg1202 Firmware

Motorola SBG901 SBG901-2.10.1.1-GA-00-581-NOSH, SBG941 SBG941-2.11.0.0-GA-07-624-NOSH, and SVG1202 SVG1202-2.1.0.0-GA-14-LTSH devices allow remote attackers to discover credentials via iso.3.6.1.4.1.4491.2.4.1.1.6.1.1.0 and iso.3.6.1.4.1.4491.2.4.1.1.6.1.2.0 SNMP requests.

5.0
2018-12-23 CVE-2018-20398 Skyworthdigital Insufficiently Protected Credentials vulnerability in Skyworthdigital products

Skyworth CM5100 V1.1.0, CM5100-440 V1.2.1, CM5100-511 4.1.0.14, CM5100-GHD00 V1.2.2, and CM5100.g2 4.1.0.17 devices allow remote attackers to discover credentials via iso.3.6.1.4.1.4491.2.4.1.1.6.1.1.0 and iso.3.6.1.4.1.4491.2.4.1.1.6.1.2.0 SNMP requests.

5.0
2018-12-23 CVE-2018-20397 Mplustec Insufficiently Protected Credentials vulnerability in Mplustec Cbc383Z Firmware Cbc383Zmplusmdr026

mplus CBC383Z CBC383Z_mplus_MDr026 devices allow remote attackers to discover credentials via iso.3.6.1.4.1.4491.2.4.1.1.6.1.1.0 and iso.3.6.1.4.1.4491.2.4.1.1.6.1.2.0 SNMP requests.

5.0
2018-12-23 CVE-2018-20395 NET Wave Insufficiently Protected Credentials vulnerability in Net-Wave Ming6200 Firmware C4835805Jrc12Fu121413.Cpr

NETWAVE MNG6200 C4835805jrc12FU121413.cpr devices allow remote attackers to discover credentials via iso.3.6.1.4.1.4491.2.4.1.1.6.1.1.0 and iso.3.6.1.4.1.4491.2.4.1.1.6.1.2.0 SNMP requests.

5.0
2018-12-23 CVE-2018-20394 Technicolor Insufficiently Protected Credentials vulnerability in Technicolor products

Thomson DWG849 STC0.01.16, DWG850-4 ST9C.05.25, DWG855 ST80.20.26, and TWG870 STB2.01.36 devices allow remote attackers to discover credentials via iso.3.6.1.4.1.4491.2.4.1.1.6.1.1.0 and iso.3.6.1.4.1.4491.2.4.1.1.6.1.2.0 SNMP requests.

5.0
2018-12-23 CVE-2018-20393 Technicolor Unspecified vulnerability in Technicolor products

Technicolor CGA0111 CGA0111E-ES-13-E23E-c8000r5712-170217-0829-TRU, CWA0101 CWA0101E-A23E-c7000r5712-170315-SKC, DPC3928SL D3928SL-PSIP-13-A010-c3420r55105-170214a, TC7110.AR STD3.38.03, TC7110.B STC8.62.02, TC7110.D STDB.79.02, TC7200.d1I TC7200.d1IE-N23E-c7000r5712-170406-HAT, and TC7200.TH2v2 SC05.00.22 devices allow remote attackers to discover credentials via iso.3.6.1.4.1.4491.2.4.1.1.6.1.1.0 and iso.3.6.1.4.1.4491.2.4.1.1.6.1.2.0 SNMP requests.

5.0
2018-12-23 CVE-2018-20392 Cisco Insufficiently Protected Credentials vulnerability in Cisco Dpc2100 Firmware 2.0.2R1256060303

S-A WebSTAR DPC2100 v2.0.2r1256-060303 devices allow remote attackers to discover credentials via iso.3.6.1.4.1.4491.2.4.1.1.6.1.1.0 and iso.3.6.1.4.1.4491.2.4.1.1.6.1.2.0 SNMP requests.

5.0
2018-12-23 CVE-2018-20391 Teknotel Insufficiently Protected Credentials vulnerability in Teknotel Cbw700N Firmware 81.447.392110.729.024

TEKNOTEL CBW700N 81.447.392110.729.024 devices allow remote attackers to discover credentials via iso.3.6.1.4.1.4491.2.4.1.1.6.1.1.0 and iso.3.6.1.4.1.4491.2.4.1.1.6.1.2.0 SNMP requests.

5.0
2018-12-23 CVE-2018-20390 Kaonmedia Insufficiently Protected Credentials vulnerability in Kaonmedia products

Kaonmedia CG2001-AN22A 1.2.1, CG2001-UDBNA 3.0.8, and CG2001-UN2NA 3.0.8 devices allow remote attackers to discover credentials via iso.3.6.1.4.1.4491.2.4.1.1.6.1.1.0 and iso.3.6.1.4.1.4491.2.4.1.1.6.1.2.0 SNMP requests.

5.0
2018-12-23 CVE-2018-20388 Comtrend Insufficiently Protected Credentials vulnerability in Comtrend Cm-6200Un Firmware and Cm-6300N Firmware

Comtrend CM-6200un 123.447.007 and CM-6300n 123.553mp1.005 devices allow remote attackers to discover credentials via iso.3.6.1.4.1.4491.2.4.1.1.6.1.1.0 and iso.3.6.1.4.1.4491.2.4.1.1.6.1.2.0 SNMP requests.

5.0
2018-12-23 CVE-2018-20387 Bnmux Insufficiently Protected Credentials vulnerability in Bnmux products

Bnmux BCW700J 5.20.7, BCW710J 5.30.6a, and BCW710J2 5.30.16 devices allow remote attackers to discover credentials via iso.3.6.1.4.1.4491.2.4.1.1.6.1.1.0 and iso.3.6.1.4.1.4491.2.4.1.1.6.1.2.0 SNMP requests.

5.0
2018-12-23 CVE-2018-20386 Commscope Insufficiently Protected Credentials vulnerability in Commscope Arris Sbg6580-2 Firmware D30Gwseaeagle1.5.2.5Ga00Nosh

ARRIS SBG6580-2 D30GW-SEAEAGLE-1.5.2.5-GA-00-NOSH devices allow remote attackers to discover credentials via iso.3.6.1.4.1.4491.2.4.1.1.6.1.1.0 and iso.3.6.1.4.1.4491.2.4.1.1.6.1.2.0 SNMP requests.

5.0
2018-12-23 CVE-2018-20385 Castlenet Insufficiently Protected Credentials vulnerability in Castlenet products

CastleNet CBV38Z4EC 125.553mp1.39219mp1.899.007, CBV38Z4ECNIT 125.553mp1.39219mp1.899.005ITT, CBW383G4J 37.556mp5.008, and CBW38G4J 37.553mp1.008 devices allow remote attackers to discover credentials via iso.3.6.1.4.1.4491.2.4.1.1.6.1.1.0 and iso.3.6.1.4.1.4491.2.4.1.1.6.1.2.0 SNMP requests.

5.0
2018-12-23 CVE-2018-20384 Inovobb Insufficiently Protected Credentials vulnerability in Inovobb Ib-8120-W21 Firmware and Ib-8120-W21E1 Firmware

iNovo Broadband IB-8120-W21 139.4410mp1.004200.002 and IB-8120-W21E1 139.4410mp1.3921132mp1.899.004404.004 devices allow remote attackers to discover credentials via iso.3.6.1.4.1.4491.2.4.1.1.6.1.1.0 and iso.3.6.1.4.1.4491.2.4.1.1.6.1.2.0 SNMP requests.

5.0
2018-12-23 CVE-2018-20383 Commscope
Arris
Insufficiently Protected Credentials vulnerability in multiple products

ARRIS DG950A 7.10.145 and DG950S 7.10.145.EURO devices allow remote attackers to discover credentials via iso.3.6.1.4.1.4491.2.4.1.1.6.1.1.0 and iso.3.6.1.4.1.4491.2.4.1.1.6.1.2.0 SNMP requests.

5.0
2018-12-23 CVE-2018-20382 Jezetek Intl Insufficiently Protected Credentials vulnerability in Jezetek-Intl Bcm93383Wrg Firmware 3.0.7

Jiuzhou BCM93383WRG 139.4410mp1.3921132mp1.899.004404.004 devices allow remote attackers to discover credentials via iso.3.6.1.4.1.4491.2.4.1.1.6.1.1.0 and iso.3.6.1.4.1.4491.2.4.1.1.6.1.2.0 SNMP requests.

5.0
2018-12-23 CVE-2018-20381 Technicolor Unspecified vulnerability in Technicolor Dpc2320 Firmware Dpc2300R2V202R1244101150420Av6

Technicolor DPC2320 dpc2300r2-v202r1244101-150420a-v6 devices allow remote attackers to discover credentials via iso.3.6.1.4.1.4491.2.4.1.1.6.1.1.0 and iso.3.6.1.4.1.4491.2.4.1.1.6.1.2.0 SNMP requests.

5.0
2018-12-23 CVE-2018-20380 Ubeeinteractive Unspecified vulnerability in Ubeeinteractive products

Ambit DDW2600 5.100.1009, DDW2602 5.105.1003, T60C926 4.64.1012, and U10C019 5.66.1026 devices allow remote attackers to discover credentials via iso.3.6.1.4.1.4491.2.4.1.1.6.1.1.0 and iso.3.6.1.4.1.4491.2.4.1.1.6.1.2.0 SNMP requests.

5.0
2018-12-23 CVE-2018-20371 Photorange Photo Vault Project Information Exposure vulnerability in Photorange Photo Vault Project Photorange Photo Vault 1.2

PhotoRange Photo Vault 1.2 appends the password to the URI for authorization, which makes it easier for remote attackers to bypass intended GET restrictions via a brute-force approach, as demonstrated by "GET /login.html__passwd1" and "GET /login.html__passwd2" and so on.

5.0
2018-12-21 CVE-2018-18009 Dlink Use of Hard-coded Credentials vulnerability in Dlink Dir-140L Firmware and Dir-640L Firmware

dirary0.js on D-Link DIR-140L, DIR-640L devices allows remote unauthenticated attackers to discover admin credentials.

5.0
2018-12-21 CVE-2018-18008 Dlink Use of Hard-coded Credentials vulnerability in Dlink products

spaces.htm on multiple D-Link devices (DSL, DIR, DWR) allows remote unauthenticated attackers to discover admin credentials.

5.0
2018-12-21 CVE-2018-18007 Dlink Use of Hard-coded Credentials vulnerability in Dlink Dsl-2770L Firmware Me1.01/Me1.02/Me1.06

atbox.htm on D-Link DSL-2770L devices allows remote unauthenticated attackers to discover admin credentials.

5.0
2018-12-21 CVE-2018-18332 Trendmicro
Microsoft
Incorrect Permission Assignment for Critical Resource vulnerability in Trendmicro Officescan XG

A Trend Micro OfficeScan XG weak file permissions vulnerability may allow an attacker to potentially manipulate permissions on some key files to modify other files and folders on vulnerable installations.

5.0
2018-12-21 CVE-2018-18331 Trendmicro
Microsoft
Incorrect Permission Assignment for Critical Resource vulnerability in Trendmicro Officescan XG

A Trend Micro OfficeScan XG weak file permissions vulnerability on a particular folder for a particular group may allow an attacker to alter the files, which could lead to other exploits on vulnerable installations.

5.0
2018-12-21 CVE-2018-20332 Openwebif Project Path Traversal vulnerability in Openwebif Project Openwebif

An issue has been discovered in the OpenWebif plugin through 1.2.4 for Enigma2 based devices.

5.0
2018-12-20 CVE-2018-19241 Trendnet Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Trendnet Tv-Ip110Wn Firmware and Tv-Ip121Wn Firmware

Buffer overflow in video.cgi on TRENDnet TV-IP110WN V1.2.2 build 68, V1.2.2.65, and V1.2.2 build 64 and TV-IP121WN V1.2.2 build 28 devices allows attackers to hijack the control flow to any attacker-specified location by crafting a POST request payload (without authentication).

5.0
2018-12-20 CVE-2017-9732 Secure Endpoints Resource Exhaustion vulnerability in Secure-Endpoints Kerberised Netcat

The read_packet function in knc (Kerberised NetCat) before 1.11-1 is vulnerable to denial of service (memory exhaustion) that can be exploited remotely without authentication, possibly affecting another services running on the targeted host.

5.0
2018-12-20 CVE-2018-17245 Elastic Insufficiently Protected Credentials vulnerability in Elastic Kibana

Kibana versions 4.0 to 4.6, 5.0 to 5.6.12, and 6.0 to 6.4.2 contain an error in the way authorization credentials are used when generating PDF reports.

5.0
2018-12-20 CVE-2018-20216 Qemu
Canonical
Infinite Loop vulnerability in multiple products

QEMU can have an infinite loop in hw/rdma/vmw/pvrdma_dev_ring.c because return values are not checked (and -1 is mishandled).

5.0
2018-12-20 CVE-2018-20125 Qemu
Canonical
NULL Pointer Dereference vulnerability in multiple products

hw/rdma/vmw/pvrdma_cmd.c in QEMU allows attackers to cause a denial of service (NULL pointer dereference or excessive memory allocation) in create_cq_ring or create_qp_rings.

5.0
2018-12-20 CVE-2018-18871 Gigasetpro Weak Password Recovery Mechanism for Forgotten Password vulnerability in Gigasetpro Maxwell Basic Firmware 2.22.7

Missing password verification in the web interface on Gigaset Maxwell Basic VoIP phones with firmware 2.22.7 would allow a remote attacker (in the same network as the device) to change the admin password without authentication (and without knowing the original password).

5.0
2018-12-20 CVE-2018-1000884 Vestacp Information Exposure Through Discrepancy vulnerability in Vestacp Vesta Control Panel

Vesta CP version Prior to commit f6f6f9cfbbf2979e301956d1c6ab5c44386822c0 -- any release prior to 0.9.8-18 contains a CWE-208 / Information Exposure Through Timing Discrepancy vulnerability in Password reset code -- web/reset/index.php, line 51 that can result in Possible to determine password reset codes, attacker is able to change administrator password.

5.0
2018-12-20 CVE-2018-1000882 Webidsupport Path Traversal vulnerability in Webidsupport Webid

WeBid version up to current version 1.2.2 contains a Directory Traversal vulnerability in getthumb.php that can result in Arbitrary Image File Read.

5.0
2018-12-20 CVE-2018-1000851 Copay Insufficiently Protected Credentials vulnerability in Copay Bitcoin Wallet

Copay Bitcoin Wallet version 5.01 to 5.1.0 included.

5.0
2018-12-20 CVE-2018-1000817 Asset Pipeline Project Path Traversal vulnerability in Asset Pipeline Project Asset-Pipeline

Asset Pipeline Grails Plugin Asset-pipeline plugin version Prior to 2.14.1.1, 2.15.1 and 3.0.6 contains a Incorrect Access Control vulnerability in Applications deployed in Jetty that can result in Download .class files and any arbitrary file.

5.0
2018-12-20 CVE-2018-20303 Gogs Path Traversal vulnerability in Gogs

In pkg/tool/path.go in Gogs before 0.11.82.1218, a directory traversal in the file-upload functionality can allow an attacker to create a file under data/sessions on the server, a similar issue to CVE-2018-18925.

5.0
2018-12-19 CVE-2018-20024 Libvnc Project
Canonical
Debian
NULL Pointer Dereference vulnerability in multiple products

LibVNC before commit 4a21bbd097ef7c44bb000c3bd0907f96a10e4ce7 contains null pointer dereference in VNC client code that can result DoS.

5.0
2018-12-19 CVE-2018-20023 Libvnc Project
Debian
Canonical
Improper Initialization vulnerability in multiple products

LibVNC before 8b06f835e259652b0ff026898014fc7297ade858 contains CWE-665: Improper Initialization vulnerability in VNC Repeater client code that allows attacker to read stack memory and can be abuse for information disclosure.

5.0
2018-12-19 CVE-2018-20022 Libvnc Project
Debian
Canonical
Improper Initialization vulnerability in multiple products

LibVNC before 2f5b2ad1c6c99b1ac6482c95844a84d66bb52838 contains multiple weaknesses CWE-665: Improper Initialization vulnerability in VNC client code that allows attacker to read stack memory and can be abuse for information disclosure.

5.0
2018-12-19 CVE-2018-17194 Apache Improper Input Validation vulnerability in Apache Nifi

When a client request to a cluster node was replicated to other nodes in the cluster for verification, the Content-Length was forwarded.

5.0
2018-12-18 CVE-2018-20213 Libexcel Project Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Libexcel Project Libexcel 0.01

wbook_addworksheet in workbook.c in libexcel.a in libexcel 0.01 allows attackers to cause a denial of service (SEGV) via a long name.

5.0
2018-12-18 CVE-2017-15031 ARM Information Exposure vulnerability in ARM Arm-Trusted-Firmware

In all versions of ARM Trusted Firmware up to and including v1.4, not initializing or saving/restoring the PMCR_EL0 register can leak secure world timing information.

5.0
2018-12-17 CVE-2018-7833 Schneider Electric Improper Check for Unusual or Exceptional Conditions vulnerability in Schneider-Electric products

An Improper Check for Unusual or Exceptional Conditions vulnerability exists in the embedded web servers in all Modicon M340, Premium, Quantum PLCs and BMXNOR0200 where an unauthenticated user can send a specially crafted XML data via a POST request to cause the web server to become unavailable

5.0
2018-12-17 CVE-2018-7812 Schneider Electric Information Exposure vulnerability in Schneider-Electric products

An Information Exposure through Discrepancy vulnerability exists in the embedded web servers in all Modicon M340, Premium, Quantum PLCs and BMXNOR0200 where the web server sends different responses in a way that exposes security-relevant information about the state of the product, such as whether a particular operation was successful or not.

5.0
2018-12-17 CVE-2018-20092 PTC Path Traversal vulnerability in PTC Thingworx Platform

PTC ThingWorx Platform through 8.3.0 is vulnerable to a directory traversal attack on ZIP files via a POST request.

5.0
2018-12-17 CVE-2017-1597 IBM Weak Password Requirements vulnerability in IBM Security Guardium

IBM Security Guardium 10.0, 10.0.1, 10.1, 10.1.2, 10.1.3, 10.1.4, and 10.5 Database Activity Monitor does not require that users should have strong passwords by default, which makes it easier for attackers to compromise user accounts.

5.0
2018-12-17 CVE-2017-1272 IBM Information Exposure vulnerability in IBM Security Guardium

IBM Security Guardium 10.0 and 10.5 stores sensitive information in URL parameters.

5.0
2018-12-17 CVE-2018-18250 Icinga Injection vulnerability in Icinga web 2

Icinga Web 2 before 2.6.2 allows parameters that break navigation dashlets, as demonstrated by a single '$' character as the Name of a Navigation item.

5.0
2018-12-17 CVE-2017-18355 Google Information Exposure vulnerability in Google Rendertron 1.0.0

Installed packages are exposed by node_modules in Rendertron 1.0.0, allowing remote attackers to read absolute paths on the server by examining the "_where" attribute of package.json files.

5.0
2018-12-17 CVE-2017-18354 Google Path Traversal vulnerability in Google Rendertron 1.0.0

Rendertron 1.0.0 allows for alternative protocols such as 'file://' introducing a Local File Inclusion (LFI) bug where arbitrary files can be read by a remote attacker.

5.0
2018-12-17 CVE-2017-18353 Google Unspecified vulnerability in Google Rendertron 1.0.0

Rendertron 1.0.0 includes an _ah/stop route to shutdown the Chrome instance responsible for serving render requests to all users.

5.0
2018-12-19 CVE-2018-19596 Zurmo Cross-site Scripting vulnerability in Zurmo 3.2.4

Zurmo 3.2.4 allows HTML Injection via an admin's use of HTML in the report section, a related issue to CVE-2018-19506.

4.8
2018-12-21 CVE-2018-19322 Gigabyte Exposed Dangerous Method or Function vulnerability in Gigabyte products

The GPCIDrv and GDrv low-level drivers in GIGABYTE APP Center v1.05.21 and earlier, AORUS GRAPHICS ENGINE before 1.57, XTREME GAMING ENGINE before 1.26, and OC GURU II v2.08 expose functionality to read/write data from/to IO ports.

4.6
2018-12-20 CVE-2018-11988 Google Use After Free vulnerability in Google Android

In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, Un-trusted pointer de-reference issue by accessing a variable which is already freed.

4.6
2018-12-20 CVE-2018-11987 Google Double Free vulnerability in Google Android

In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, if there is an unlikely memory alloc failure for the secure pool in boot, it can result in wrong pointer access causing kernel panic.

4.6
2018-12-20 CVE-2018-11986 Google Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android

In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, Possible buffer overflow in TX and RX FIFOs of microcontroller in camera subsystem used to exchange commands and messages between Micro FW and CPP driver.

4.6
2018-12-20 CVE-2018-11985 Google Integer Overflow or Wraparound vulnerability in Google Android

In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, When allocating heap using user supplied size, Possible heap overflow vulnerability due to integer overflow in roundup to native pointer.

4.6
2018-12-20 CVE-2018-11984 Google Use After Free vulnerability in Google Android

In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, A use after free condition and an out-of-bounds access can occur in the DIAG driver.

4.6
2018-12-20 CVE-2018-11983 Google Use After Free vulnerability in Google Android

In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, Error in kernel observed while accessing freed mask pointers after reallocating memory for mask table.

4.6
2018-12-23 CVE-2018-20409 Axiosys Out-of-bounds Read vulnerability in Axiosys Bento4 1.5.1627

An issue was discovered in Bento4 1.5.1-627.

4.3
2018-12-23 CVE-2018-20408 Axiosys Missing Release of Resource after Effective Lifetime vulnerability in Axiosys Bento4 1.5.1627

An issue was discovered in Bento4 1.5.1-627.

4.3
2018-12-23 CVE-2018-20407 Axiosys Missing Release of Resource after Effective Lifetime vulnerability in Axiosys Bento4 1.5.1627

An issue was discovered in Bento4 1.5.1-627.

4.3
2018-12-23 CVE-2018-20376 Tinycc Out-of-bounds Write vulnerability in Tinycc 0.9.27

An issue was discovered in Tiny C Compiler (aka TinyCC or TCC) 0.9.27.

4.3
2018-12-23 CVE-2018-20375 Tinycc Out-of-bounds Write vulnerability in Tinycc 0.9.27

An issue was discovered in Tiny C Compiler (aka TinyCC or TCC) 0.9.27.

4.3
2018-12-23 CVE-2018-20374 Tinycc Out-of-bounds Write vulnerability in Tinycc 0.9.27

An issue was discovered in Tiny C Compiler (aka TinyCC or TCC) 0.9.27.

4.3
2018-12-23 CVE-2018-20369 Barracuda Cross-site Scripting vulnerability in Barracuda Message Archiver 2018

Barracuda Message Archiver 2018 has XSS in the error_msg exception-handling value for the ldap_user parameter to the cgi-mod/ldap_load_entry.cgi module.

4.3
2018-12-22 CVE-2018-20367 Wstmart Cross-site Scripting vulnerability in Wstmart 2.0.8181212

The "mall some commodity details: commodity consultation" component in WSTMart 2.0.8_181212 has stored XSS via the consultContent parameter, as demonstrated by the index.php/home/goodsconsult/add.html URI.

4.3
2018-12-22 CVE-2018-20365 Libraw Out-of-bounds Write vulnerability in Libraw

LibRaw::raw2image() in libraw_cxx.cpp has a heap-based buffer overflow.

4.3
2018-12-22 CVE-2018-20364 Libraw NULL Pointer Dereference vulnerability in Libraw

LibRaw::copy_bayer in libraw_cxx.cpp in LibRaw 0.19.1 has a NULL pointer dereference.

4.3
2018-12-22 CVE-2018-20363 Libraw NULL Pointer Dereference vulnerability in Libraw

LibRaw::raw2image in libraw_cxx.cpp in LibRaw 0.19.1 has a NULL pointer dereference.

4.3
2018-12-22 CVE-2018-20362 Audiocoding NULL Pointer Dereference vulnerability in Audiocoding Freeware Advanced Audio Decoder 2 2.8.8

A NULL pointer dereference was discovered in ifilter_bank of libfaad/filtbank.c in Freeware Advanced Audio Decoder 2 (FAAD2) 2.8.8.

4.3
2018-12-22 CVE-2018-20361 Audiocoding Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Audiocoding Freeware Advanced Audio Decoder 2 2.8.8

An invalid memory address dereference was discovered in the hf_assembly function of libfaad/sbr_hfadj.c in Freeware Advanced Audio Decoder 2 (FAAD2) 2.8.8.

4.3
2018-12-22 CVE-2018-20360 Audiocoding
Debian
Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products

An invalid memory address dereference was discovered in the sbr_process_channel function of libfaad/sbr_dec.c in Freeware Advanced Audio Decoder 2 (FAAD2) 2.8.8.

4.3
2018-12-22 CVE-2018-20359 Audiocoding Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Audiocoding Freeware Advanced Audio Decoder 2 2.8.8

An invalid memory address dereference was discovered in the sbrDecodeSingleFramePS function of libfaad/sbr_dec.c in Freeware Advanced Audio Decoder 2 (FAAD2) 2.8.8.

4.3
2018-12-22 CVE-2018-20358 Audiocoding Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Audiocoding Freeware Advanced Audio Decoder 2 2.8.8

An invalid memory address dereference was discovered in the lt_prediction function of libfaad/lt_predict.c in Freeware Advanced Audio Decoder 2 (FAAD2) 2.8.8.

4.3
2018-12-22 CVE-2018-20357 Audiocoding NULL Pointer Dereference vulnerability in Audiocoding Freeware Advanced Audio Decoder 2 2.8.8

A NULL pointer dereference was discovered in sbr_process_channel of libfaad/sbr_dec.c in Freeware Advanced Audio Decoder 2 (FAAD2) 2.8.8.

4.3
2018-12-22 CVE-2018-20351 Evernote Cross-site Scripting vulnerability in Evernote

The Markdown component in Evernote (Chinese) before 8.3.2 on macOS allows stored XSS, aka MAC-832.

4.3
2018-12-21 CVE-2018-20322 Limesurvey Cross-site Scripting vulnerability in Limesurvey

LimeSurvey version 3.15.5 contains a Cross-site scripting (XSS) vulnerability in Survey Resource zip upload, resulting in Javascript code execution against LimeSurvey administrators.

4.3
2018-12-21 CVE-2018-16778 Jenzabar Cross-site Scripting vulnerability in Jenzabar 8.2.1/9.2.0

Cross-site scripting (XSS) vulnerability in Jenzabar v8.2.1 through 9.2.0 allows remote attackers to inject arbitrary web script or HTML via the query parameter (aka the Search Field).

4.3
2018-12-21 CVE-2018-5201 Hancom Out-of-bounds Write vulnerability in Hancom products

Hancom Office 2018 10.0.0.8214 and earlier, Hancom Office NEO 9.6.1.10472 and earlier, Hancom Office 2014 9.1.1.4540 and earlier, Hancom Office 2010 8.5.8.1724 and earlier versions have a heap overflow vulnerability when handling Compound File in document.

4.3
2018-12-21 CVE-2018-18330 Trendmicro Unspecified vulnerability in Trendmicro DR. Safety

An Address Bar Spoofing vulnerability in Trend Micro Dr.

4.3
2018-12-21 CVE-2018-20339 Zohocorp Cross-site Scripting vulnerability in Zohocorp Manageengine Opmanager 12.3

Zoho ManageEngine OpManager 12.3 before build 123239 allows XSS in the Notes column of the Alarms section.

4.3
2018-12-20 CVE-2018-12651 Myadrenalin Cross-site Scripting vulnerability in Myadrenalin Human Resource Management Software 5.4.0

A Reflected Cross Site Scripting (XSS) Vulnerability was discovered in Adrenalin 5.4 HRMS Software.

4.3
2018-12-20 CVE-2018-17247 Elastic XXE vulnerability in Elastic Elasticsearch 6.5.0/6.5.1

Elasticsearch Security versions 6.5.0 and 6.5.1 contain an XXE flaw in Machine Learning's find_file_structure API.

4.3
2018-12-20 CVE-2018-1000886 Nasm Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Nasm Netwide Assembler 2.14.01Rc5/2.15

nasm version 2.14.01rc5, 2.15 contains a Buffer Overflow vulnerability in asm/stdscan.c:130 that can result in Stack-overflow caused by triggering endless macro generation, crash the program.

4.3
2018-12-20 CVE-2018-1000883 Plug Project Improper Input Validation vulnerability in Plug Project Plug

Elixir Plug Plug version All contains a Header Injection vulnerability in Connection that can result in Given a cookie value, Headers can be added.

4.3
2018-12-20 CVE-2018-8892 Blackberry Cross-Site Request Forgery (CSRF) vulnerability in Blackberry Unified Endpoint Manager

A cross-site request forgery (CSRF) vulnerability in the Management Console of BlackBerry UEM versions earlier than 12.9.1 could allow an attacker to make modifications to the UEM settings in the context of a Management Console administrator.

4.3
2018-12-20 CVE-2018-1000872 Pykmip Project Resource Exhaustion vulnerability in Pykmip Project Pykmip

OpenKMIP PyKMIP version All versions before 0.8.0 contains a CWE 399: Resource Management Errors (similar issue to CVE-2015-5262) vulnerability in PyKMIP server that can result in DOS: the server can be made unavailable by one or more clients opening all of the available sockets.

4.3
2018-12-20 CVE-2018-1000868 Webidsupport Cross-site Scripting vulnerability in Webidsupport Webid

WeBid version up to current version 1.2.2 contains a Cross Site Scripting (XSS) vulnerability in user_login.php, register.php that can result in Javascript execution in the user's browser, injection of malicious markup into the page.

4.3
2018-12-20 CVE-2018-1000855 Basecamp Cross-site Scripting vulnerability in Basecamp Easymon

easymon version 1.4 and earlier contains a Cross Site Scripting (XSS) vulnerability in Endpoint where monitoring is mounted that can result in Reflected XSS that affects Firefox.

4.3
2018-12-20 CVE-2018-1000841 Zend Cross-site Scripting vulnerability in Zend Zendto

Zend.To version Prior to 5.15-1 contains a Cross Site Scripting (XSS) vulnerability in The verify.php page that can result in An attacker could execute arbitrary Javascript code in the context of the victim's browser..

4.3
2018-12-20 CVE-2018-1000840 Processing XXE vulnerability in Processing

Processing Foundation Processing version 3.4 and earlier contains a XML External Entity (XXE) vulnerability in loadXML() function that can result in An attacker can read arbitrary files and exfiltrate their contents via HTTP requests.

4.3
2018-12-20 CVE-2018-1000826 Microweber Cross-site Scripting vulnerability in Microweber

Microweber version <= 1.0.7 contains a Cross Site Scripting (XSS) vulnerability in Admin login form template that can result in Execution of JavaScript code.

4.3
2018-12-20 CVE-2018-1000815 Brave Improper Input Validation vulnerability in Brave

Brave Software Inc.

4.3
2018-12-20 CVE-2018-1000812 Artica Weak Password Recovery Mechanism for Forgotten Password vulnerability in Artica Integria IMS

Artica Integria IMS version 5.0 MR56 Package 58, likely earlier versions contains a CWE-640: Weak Password Recovery Mechanism for Forgotten Password vulnerability in Password recovery process, line 45 of general/password_recovery.php that can result in IntegriaIMS web app user accounts can be taken over.

4.3
2018-12-20 CVE-2018-20304 Libexcel Project Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Libexcel Project Libexcel 0.01

wbook_addworksheet in workbook.c in libexcel.a in libexcel 0.01 allows attackers to cause a denial of service (SEGV) via a long second argument.

4.3
2018-12-20 CVE-2018-20302 Emetrotel Cross-site Scripting vulnerability in Emetrotel Xain

An XSS issue was discovered in Steve Pallen Xain before 0.6.2 via the order parameter.

4.3
2018-12-19 CVE-2018-20298 S3Browser XXE vulnerability in S3Browser S3 Browser

S3 Browser before 8.1.5 contains an XML external entity (XXE) vulnerability, allowing remote attackers to read arbitrary files and obtain NTLMv2 hash values by tricking a user into connecting to a malicious server via the S3 protocol.

4.3
2018-12-19 CVE-2018-17193 Apache Cross-site Scripting vulnerability in Apache Nifi

The message-page.jsp error page used the value of the HTTP request header X-ProxyContextPath without sanitization, resulting in a reflected XSS attack.

4.3
2018-12-19 CVE-2018-17192 Apache Improper Restriction of Rendered UI Layers or Frames vulnerability in Apache Nifi

The X-Frame-Options headers were applied inconsistently on some HTTP responses, resulting in duplicate or missing security headers.

4.3
2018-12-18 CVE-2018-20199 Audiocoding
Debian
NULL Pointer Dereference vulnerability in multiple products

A NULL pointer dereference was discovered in ifilter_bank of libfaad/filtbank.c in Freeware Advanced Audio Decoder 2 (FAAD2) 2.8.8.

4.3
2018-12-18 CVE-2018-20198 Audiocoding NULL Pointer Dereference vulnerability in Audiocoding Freeware Advanced Audio Decoder 2 2.8.8

A NULL pointer dereference was discovered in ifilter_bank of libfaad/filtbank.c in Freeware Advanced Audio Decoder 2 (FAAD2) 2.8.8.

4.3
2018-12-18 CVE-2018-20195 Audiocoding NULL Pointer Dereference vulnerability in Audiocoding Freeware Advanced Audio Decoder 2 2.8.8

A NULL pointer dereference was discovered in ic_predict of libfaad/ic_predict.c in Freeware Advanced Audio Decoder 2 (FAAD2) 2.8.8.

4.3
2018-12-17 CVE-2018-20190 Sass Lang NULL Pointer Dereference vulnerability in Sass-Lang Libsass 3.5.5

In LibSass 3.5.5, a NULL Pointer Dereference in the function Sass::Eval::operator()(Sass::Supports_Operator*) in eval.cpp may cause a Denial of Service (application crash) via a crafted sass input file.

4.3
2018-12-17 CVE-2018-20189 Graphicsmagick
Debian
Improper Input Validation vulnerability in multiple products

In GraphicsMagick 1.3.31, the ReadDIBImage function of coders/dib.c has a vulnerability allowing a crash and denial of service via a dib file that is crafted to appear with direct pixel values and also colormapping (which is not available beyond 8-bits/sample), and therefore lacks indexes initialization.

4.3
2018-12-17 CVE-2018-20186 Axiosys Resource Exhaustion vulnerability in Axiosys Bento4 1.5.1627

An issue was discovered in Bento4 1.5.1-627.

4.3
2018-12-17 CVE-2018-20184 Graphicsmagick
Debian
Out-of-bounds Write vulnerability in multiple products

In GraphicsMagick 1.4 snapshot-20181209 Q8, there is a heap-based buffer overflow in the WriteTGAImage function of tga.c, which allows attackers to cause a denial of service via a crafted image file, because the number of rows or columns can exceed the pixel-dimension restrictions of the TGA specification.

4.3
2018-12-17 CVE-2018-19933 Bolt Cross-site Scripting vulnerability in Bolt CMS

Bolt CMS <3.6.2 allows XSS via text input click preview button as demonstrated by the Title field of a Configured and New Entry.

4.3
2018-12-17 CVE-2018-19828 Artica Cross-site Scripting vulnerability in Artica Integria IMS 5.0.83

Artica Integria IMS 5.0.83 has XSS via the search_string parameter.

4.3
2018-12-17 CVE-2017-1265 IBM Improper Certificate Validation vulnerability in IBM Security Guardium

IBM Security Guardium 10.0, 10.0.1, 10.1, 10.1.2, 10.1.3, 10.1.4, and 10.5 does not validate, or incorrectly validates, a certificate.

4.3
2018-12-17 CVE-2018-20172 Nagios Cross-site Scripting vulnerability in Nagios XI

An issue was discovered in Nagios XI before 5.5.8.

4.3
2018-12-17 CVE-2018-20171 Nagios Cross-site Scripting vulnerability in Nagios XI

An issue was discovered in Nagios XI before 5.5.8.

4.3
2018-12-17 CVE-2018-19822 Infovista Cross-site Scripting vulnerability in Infovista Vistaportal 5.1

Cross Site Scripting exists in InfoVista VistaPortal SE Version 5.1 (build 51029).

4.3
2018-12-17 CVE-2018-19821 Infovista Cross-site Scripting vulnerability in Infovista Vistaportal 5.1

Cross Site Scripting exists in InfoVista VistaPortal SE Version 5.1 (build 51029).

4.3
2018-12-17 CVE-2018-19820 Infovista Cross-site Scripting vulnerability in Infovista Vistaportal 5.1

Cross Site Scripting exists in InfoVista VistaPortal SE Version 5.1 (build 51029).

4.3
2018-12-17 CVE-2018-19819 Infovista Cross-site Scripting vulnerability in Infovista Vistaportal 5.1

Cross Site Scripting exists in InfoVista VistaPortal SE Version 5.1 (build 51029).

4.3
2018-12-17 CVE-2018-19818 Infovista Cross-site Scripting vulnerability in Infovista Vistaportal 5.1

Cross Site Scripting exists in InfoVista VistaPortal SE Version 5.1 (build 51029).

4.3
2018-12-17 CVE-2018-19817 Infovista Cross-site Scripting vulnerability in Infovista Vistaportal 5.1

Cross Site Scripting exists in InfoVista VistaPortal SE Version 5.1 (build 51029).

4.3
2018-12-17 CVE-2018-19816 Infovista Cross-site Scripting vulnerability in Infovista Vistaportal 5.1

Cross Site Scripting exists in InfoVista VistaPortal SE Version 5.1 (build 51029).

4.3
2018-12-17 CVE-2018-19815 Infovista Cross-site Scripting vulnerability in Infovista Vistaportal 5.1

Cross Site Scripting exists in InfoVista VistaPortal SE Version 5.1 (build 51029).

4.3
2018-12-17 CVE-2018-19814 Infovista Cross-site Scripting vulnerability in Infovista Vistaportal 5.1

Cross Site Scripting exists in InfoVista VistaPortal SE Version 5.1 (build 51029).

4.3
2018-12-17 CVE-2018-19813 Infovista Cross-site Scripting vulnerability in Infovista Vistaportal 5.1

Cross Site Scripting exists in InfoVista VistaPortal SE Version 5.1 (build 51029).

4.3
2018-12-17 CVE-2018-19812 Infovista Cross-site Scripting vulnerability in Infovista Vistaportal 5.1

Cross Site Scripting exists in InfoVista VistaPortal SE Version 5.1 (build 51029).

4.3
2018-12-17 CVE-2018-19811 Infovista Cross-site Scripting vulnerability in Infovista Vistaportal 5.1

Cross Site Scripting exists in InfoVista VistaPortal SE Version 5.1 (build 51029).

4.3
2018-12-17 CVE-2018-19810 Infovista Cross-site Scripting vulnerability in Infovista Vistaportal 5.1

Cross Site Scripting exists in InfoVista VistaPortal SE Version 5.1 (build 51029).

4.3
2018-12-17 CVE-2018-19809 Infovista Cross-site Scripting vulnerability in Infovista Vistaportal 5.1

Cross Site Scripting exists in InfoVista VistaPortal SE Version 5.1 (build 51029).

4.3
2018-12-17 CVE-2018-19775 Infovista Cross-site Scripting vulnerability in Infovista Vistaportal 5.1

Cross Site Scripting exists in InfoVista VistaPortal SE Version 5.1 (build 51029).

4.3
2018-12-17 CVE-2018-19774 Infovista Cross-site Scripting vulnerability in Infovista Vistaportal 5.1

Cross Site Scripting exists in InfoVista VistaPortal SE Version 5.1 (build 51029).

4.3
2018-12-17 CVE-2018-19773 Infovista Cross-site Scripting vulnerability in Infovista Vistaportal 5.1

Cross Site Scripting exists in InfoVista VistaPortal SE Version 5.1 (build 51029).

4.3
2018-12-17 CVE-2018-19772 Infovista Cross-site Scripting vulnerability in Infovista Vistaportal 5.1

Cross Site Scripting exists in InfoVista VistaPortal SE Version 5.1 (build 51029).

4.3
2018-12-17 CVE-2018-19771 Infovista Cross-site Scripting vulnerability in Infovista Vistaportal 5.1

Cross Site Scripting exists in InfoVista VistaPortal SE Version 5.1 (build 51029).

4.3
2018-12-17 CVE-2018-19770 Infovista Cross-site Scripting vulnerability in Infovista Vistaportal 5.1

Cross Site Scripting exists in InfoVista VistaPortal SE Version 5.1 (build 51029).

4.3
2018-12-17 CVE-2018-19769 Infovista Cross-site Scripting vulnerability in Infovista Vistaportal 5.1

Cross Site Scripting exists in InfoVista VistaPortal SE Version 5.1 (build 51029).

4.3
2018-12-17 CVE-2018-19768 Infovista Cross-site Scripting vulnerability in Infovista Vistaportal 5.1

Cross Site Scripting exists in InfoVista VistaPortal SE Version 5.1 (build 51029).

4.3
2018-12-17 CVE-2018-19767 Infovista Cross-site Scripting vulnerability in Infovista Vistaportal 5.1

Cross Site Scripting exists in InfoVista VistaPortal SE Version 5.1 (build 51029).

4.3
2018-12-17 CVE-2018-19766 Infovista Cross-site Scripting vulnerability in Infovista Vistaportal 5.1

Cross Site Scripting exists in InfoVista VistaPortal SE Version 5.1 (build 51029).

4.3
2018-12-17 CVE-2018-19765 Infovista Cross-site Scripting vulnerability in Infovista Vistaportal 5.1

Cross Site Scripting exists in InfoVista VistaPortal SE Version 5.1 (build 51029).

4.3
2018-12-17 CVE-2018-19649 Infovista Cross-site Scripting vulnerability in Infovista Vistaportal 5.1

XSS exists in InfoVista VistaPortal SE Version 5.1 (build 51029).

4.3
2018-12-17 CVE-2018-18248 Icinga Cross-site Scripting vulnerability in Icinga web 2 2.6.1

Icinga Web 2 has XSS via the /icingaweb2/monitoring/list/services dir parameter, the /icingaweb2/user/list query string, the /icingaweb2/monitoring/timeline query string, or the /icingaweb2/setup query string.

4.3
2018-12-17 CVE-2018-18246 Icinga Cross-Site Request Forgery (CSRF) vulnerability in Icinga web 2

Icinga Web 2 before 2.6.2 has CSRF via /icingaweb2/config/moduledisable?name=monitoring to disable the monitoring module, or via /icingaweb2/config/moduleenable?name=setup to enable the setup module.

4.3
2018-12-17 CVE-2017-18352 Google Cross-site Scripting vulnerability in Google Rendertron 1.0.0

Error reporting within Rendertron 1.0.0 allows reflected Cross Site Scripting (XSS) from invalid URLs.

4.3
2018-12-17 CVE-2018-20168 Google Improper Input Validation vulnerability in Google Gvisor

Google gVisor before 2018-08-22 reuses a pagetable in a different level with the paging-structure cache intact, which allows attackers to cause a denial of service ("physical address not valid" panic) via a crafted application.

4.3
2018-12-21 CVE-2018-20193 Pulsesecure Improper Privilege Management vulnerability in Pulsesecure Secure Access Series SSL VPN Sa-4000 4.2/5.1R5

Certain Secure Access SA Series SSL VPN products (originally developed by Juniper Networks but now sold and supported by Pulse Secure, LLC) allow privilege escalation, as demonstrated by Secure Access SSL VPN SA-4000 5.1R5 (build 9627) 4.2 Release (build 7631).

4.0
2018-12-20 CVE-2018-17244 Elastic Information Exposure vulnerability in Elastic Elasticsearch 6.4.0/6.4.1/6.4.2

Elasticsearch Security versions 6.4.0 to 6.4.2 contain an error in the way request headers are applied to requests when using the Active Directory, LDAP, Native, or File realms.

4.0
2018-12-20 CVE-2018-1000814 Aiohttp Session Project Insufficient Session Expiration vulnerability in Aiohttp-Session Project Aiohttp-Session

aio-libs aiohttp-session version 2.6.0 and earlier contains a Other/Unknown vulnerability in EncryptedCookieStorage and NaClCookieStorage that can result in Non-expiring sessions / Infinite lifespan.

4.0
2018-12-20 CVE-2018-20307 Pulsesecure Information Exposure vulnerability in Pulsesecure Virtual Traffic Manager 10.4R1/17.2R1

Pulse Secure Virtual Traffic Manager 9.9 versions prior to 9.9r2 and 10.4r1 allow a remote authenticated user to obtain sensitive historical activity information by leveraging incorrect permission validation.

4.0
2018-12-20 CVE-2018-20301 Coherence Project Improper Input Validation vulnerability in Coherence Project Coherence

An issue was discovered in Steve Pallen Coherence before 0.5.2 that is similar to a Mass Assignment vulnerability.

4.0

39 Low Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2018-12-23 CVE-2018-20373 Tendacn Cross-site Scripting vulnerability in Tendacn Adsl Firmware 1.0.1

Tenda ADSL modem routers 1.0.1 allow XSS via the hostname of a DHCP client.

3.5
2018-12-23 CVE-2018-20372 TP Link Cross-site Scripting vulnerability in Tp-Link Td-W8961Nd Firmware 1.0.1

TP-Link TD-W8961ND devices allow XSS via the hostname of a DHCP client.

3.5
2018-12-23 CVE-2018-20370 THE SZ Cross-site Scripting vulnerability in The-Sz Netchat 7.8

SZ NetChat before 7.9 has XSS in the MyName input field of the Options module.

3.5
2018-12-23 CVE-2018-20368 Averta Cross-site Scripting vulnerability in Averta Master Slider 3.2.7/3.5.1

The Master Slider plugin 3.2.7 and 3.5.1 for WordPress has XSS via the wp-admin/admin-ajax.php Name input field of the MSPanel.Settings value on Callback.

3.5
2018-12-21 CVE-2018-20345 Stackstorm Unspecified vulnerability in Stackstorm

Incorrect access control in StackStorm API (st2api) in StackStorm before 2.9.2 and 2.10.x before 2.10.1 allows an attacker (who has a StackStorm account and is authenticated against the StackStorm API) to retrieve datastore items for other users by utilizing the /v1/keys "?scope=all" and "?user=<username>" query filter parameters.

3.5
2018-12-21 CVE-2018-20328 Chamilo Cross-site Scripting vulnerability in Chamilo LMS 1.11.8

Chamilo LMS version 1.11.8 contains XSS in main/social/group_view.php in the social groups tool, allowing authenticated users to affect other users, under specific conditions of permissions granted by administrators.

3.5
2018-12-21 CVE-2018-20327 Chamilo Cross-site Scripting vulnerability in Chamilo LMS 1.11.8

Chamilo LMS version 1.11.8 contains XSS in main/template/default/admin/gradebook_list.tpl in the gradebook dependencies tool, allowing authenticated users to affect other users, under specific conditions of permissions granted by administrators.

3.5
2018-12-20 CVE-2018-14846 Mondula Cross-site Scripting vulnerability in Mondula Multi Step Form

The Mondula Multi Step Form plugin before 1.2.8 for WordPress has multiple stored XSS via wp-admin/admin-ajax.php.

3.5
2018-12-20 CVE-2018-8891 Blackberry Cross-site Scripting vulnerability in Blackberry Unified Endpoint Manager

Multiple stored cross-site scripting (XSS) vulnerabilities in the Management Console of BlackBerry UEM versions earlier than 12.9.1 could allow an attacker to store script commands that could later be executed in the context of another Management Console administrator.

3.5
2018-12-20 CVE-2018-8888 Blackberry Cross-site Scripting vulnerability in Blackberry Unified Endpoint Manager

A stored cross-site scripting (XSS) vulnerability in the Management Console of BlackBerry UEM versions earlier than 12.10.0 could allow an attacker to store script commands that could later be executed in the context of another Management Console administrator.

3.5
2018-12-20 CVE-2018-1000870 Phpipam Cross-site Scripting vulnerability in PHPipam

PHPipam version 1.3.2 and earlier contains a CWE-79 vulnerability in /app/admin/users/print-user.php that can result in Execute code in the victims browser.

3.5
2018-12-20 CVE-2018-1000856 Domainmod Cross-site Scripting vulnerability in Domainmod

DomainMOD version 4.09.03 and above.

3.5
2018-12-20 CVE-2018-1000847 Freshdns Project Cross-site Scripting vulnerability in Freshdns Project Freshdns

FreshDNS version 1.0.3 and prior contains a Cross Site Scripting (XSS) vulnerability in Account data form; Zone editor that can result in Execution of attacker's JavaScript code in victim's session.

3.5
2018-12-20 CVE-2018-1000816 Grafana Cross-site Scripting vulnerability in Grafana 5.2.4/5.3.0

Grafana version confirmed for 5.2.4 and 5.3.0 contains a Cross Site Scripting (XSS) vulnerability in Influxdb and Graphite query editor that can result in Running arbitrary js code in victims browser..

3.5
2018-12-20 CVE-2018-1000813 Backdropcms Cross-site Scripting vulnerability in Backdropcms Backdrop CMS

Backdrop CMS version 1.11.0 and earlier contains a Cross Site Scripting (XSS) vulnerability in Sanitization of custom class names used on blocks and layouts.

3.5
2018-12-20 CVE-2018-20306 Pulsesecure Cross-site Scripting vulnerability in Pulsesecure Virtual Traffic Manager

A stored cross-site scripting (XSS) vulnerability in the web administration user interface of Pulse Secure Virtual Traffic Manager may allow a remote authenticated attacker to inject web script or HTML via a crafted website and steal sensitive data and credentials.

3.5
2018-12-19 CVE-2018-19598 Statamic Cross-site Scripting vulnerability in Statamic 2.10.3

Statamic 2.10.3 allows XSS via First Name or Last Name to the /users URI in an 'Add new user' request.

3.5
2018-12-19 CVE-2018-19597 Cmsmadesimple Cross-site Scripting vulnerability in Cmsmadesimple CMS Made Simple 2.2.8

CMS Made Simple 2.2.8 allows XSS via an uploaded SVG document, a related issue to CVE-2017-16798.

3.5
2018-12-19 CVE-2018-19508 Cmsimple Cross-site Scripting vulnerability in Cmsimple 4.7.5

CMSimple 4.7.5 has XSS via an admin's upload of an SVG file at a ?userfiles&subdir=userfiles/images/flags/ URI.

3.5
2018-12-19 CVE-2018-19507 Cmsimple Cross-site Scripting vulnerability in Cmsimple 4.7.5

CMSimple 4.7.5 has XSS via an admin's use of a ?file=config&action=array URI.

3.5
2018-12-19 CVE-2018-19506 Zurmo Cross-site Scripting vulnerability in Zurmo 3.2.4

Zurmo 3.2.4 has XSS via an admin's use of the name parameter in the reports section, aka the app/index.php/reports/default/details?id=1 URI.

3.5
2018-12-18 CVE-2018-1833 IBM Unspecified vulnerability in IBM Event Streams 2018.3.0

IBM Event Streams 2018.3.0 could allow a remote attacker to submit an API request with a fake Host request header.

3.5
2018-12-17 CVE-2018-1891 IBM Cross-site Scripting vulnerability in IBM Security Guardium

IBM Security Guardium 10 and 10.5 is vulnerable to cross-site scripting.

3.5
2018-12-17 CVE-2018-1889 IBM Cross-site Scripting vulnerability in IBM Security Guardium

IBM Security Guardium 10.0 and 10.5 is vulnerable to cross-site scripting.

3.5
2018-12-17 CVE-2018-18247 Icinga Cross-site Scripting vulnerability in Icinga web 2

Icinga Web 2 before 2.6.2 has XSS via the /icingaweb2/navigation/add icon parameter.

3.5
2018-12-17 CVE-2018-18245 Nagios
Debian
Cross-site Scripting vulnerability in multiple products

Nagios Core 4.4.2 has XSS via the alert summary reports of plugin results, as demonstrated by a SCRIPT element delivered by a modified check_load plugin to NRPE.

3.5
2018-12-17 CVE-2018-14853 Samsung NULL Pointer Dereference vulnerability in Samsung Galaxy S6 Firmware G920Fxxu5Eqh7

A NULL pointer dereference in dhd_prot_txdata_write_flush in drivers/net/wireless/bcmdhd4358/dhd_msgbuf.c in the bcmdhd4358 Wi-Fi driver on the Samsung Galaxy S6 SM-G920F G920FXXU5EQH7 allows an attacker (who has obtained code execution on the Wi-Fi chip) to cause the device to reboot.

3.3
2018-12-23 CVE-2018-20405 Bigtreecms Authorization Bypass Through User-Controlled Key vulnerability in Bigtreecms Bigtree 4.3

BigTree 4.3 allows full path disclosure via authenticated admin/news/ input that triggers a syntax error.

2.7
2018-12-23 CVE-2018-20379 Technicolor Cross-site Scripting vulnerability in Technicolor Dpc3928Sl Firmware D3928Slpsip13A010C3420R55105160428A

Technicolor DPC3928SL D3928SL-PSIP-13-A010-c3420r55105-160428a devices allow XSS via a Cross Protocol Injection attack with setSSID of 1.3.6.1.4.1.4413.2.2.2.1.18.1.2.1.1.3.10001.

2.6
2018-12-20 CVE-2018-1000860 Phpipam Cross-site Scripting vulnerability in PHPipam

phpipam version 1.3.2 and earlier contains a Cross Site Scripting (XSS) vulnerability in The value of the phpipamredirect cookie is copied into an HTML tag on the login page encapsulated in single quotes.

2.6
2018-12-17 CVE-2018-20185 Graphicsmagick
Debian
Canonical
Out-of-bounds Read vulnerability in multiple products

In GraphicsMagick 1.4 snapshot-20181209 Q8 on 32-bit platforms, there is a heap-based buffer over-read in the ReadBMPImage function of bmp.c, which allows attackers to cause a denial of service via a crafted bmp image file.

2.6
2018-12-22 CVE-2018-19863 Agilebits Information Exposure Through Log Files vulnerability in Agilebits 1Password 7.2.3

An issue was discovered in 1Password 7.2.3.BETA before 7.2.3.BETA-3 on macOS.

2.1
2018-12-20 CVE-2018-20124 Qemu
Canonical
Out-of-bounds Read vulnerability in multiple products

hw/rdma/rdma_backend.c in QEMU allows guest OS users to trigger out-of-bounds access via a PvrdmaSqWqe ring element with a large num_sge value.

2.1
2018-12-20 CVE-2018-20126 Qemu
Canonical
Opensuse
Missing Release of Resource after Effective Lifetime vulnerability in multiple products

hw/rdma/vmw/pvrdma_cmd.c in QEMU allows create_cq and create_qp memory leaks because errors are mishandled.

2.1
2018-12-20 CVE-2018-19233 Comparex Use of Hard-coded Credentials vulnerability in Comparex Miss Marple

COMPAREX Miss Marple Enterprise Edition before 2.0 allows local users to execute arbitrary code by reading the user name and encrypted password hard-coded in an Inventory Agent configuration file.

2.1
2018-12-20 CVE-2018-1677 IBM Improper Handling of Exceptional Conditions vulnerability in IBM Datapower Gateway

IBM DataPower Gateways 7.1, 7.2, 7.5, 7.5.1, 7.5.2, 7.6, and 7.7 and IBM MQ Appliance are vulnerable to a denial of service, caused by the improper handling of full file system.

2.1
2018-12-19 CVE-2018-16883 Fedoraproject Information Exposure vulnerability in Fedoraproject Sssd

sssd versions from 1.13.0 to before 2.0.0 did not properly restrict access to the infopipe according to the "allowed_uids" configuration parameter.

2.1
2018-12-18 CVE-2018-19522 Driveragent Improper Input Validation vulnerability in Driveragent 2.2015.7.14

DriverAgent 2.2015.7.14, which includes DrvAgent64.sys 1.0.0.1, allows a user to send an IOCTL (0x800020F4) with a buffer containing user defined content.

2.1
2018-12-22 CVE-2018-20348 Libpff Project Infinite Loop vulnerability in Libpff Project Libpff 20161119/20180428

libpff_item_tree_create_node in libpff_item_tree.c in libpff before experimental-20180714 allows attackers to cause a denial of service (infinite recursion) via a crafted file, related to libfdata_tree_get_node_value in libfdata_tree.c.

1.9