Weekly Vulnerabilities Reports > December 31, 2018 to January 6, 2019
Overview
135 new vulnerabilities reported during this period, including 14 critical vulnerabilities and 29 high severity vulnerabilities. This weekly summary report vulnerabilities in 303 products from 82 vendors including Debian, Qualcomm, Redhat, Facebook, and Oracle. Vulnerabilities are notably categorized as "Cross-site Scripting", "Improper Input Validation", "Improper Restriction of Operations within the Bounds of a Memory Buffer", "Information Exposure", and "SQL Injection".
- 108 reported vulnerabilities are remotely exploitables.
- 9 reported vulnerabilities have public exploit available.
- 58 reported vulnerabilities are related to weaknesses in OWASP Top Ten.
- 103 reported vulnerabilities are exploitable by an anonymous user.
- Debian has the most reported vulnerabilities, with 14 reported vulnerabilities.
- Redhat has the most reported critical vulnerabilities, with 8 reported vulnerabilities.
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
EXPLOITABLE
EXPLOITABLE
AVAILABLE
ANONYMOUSLY
WEB APPLICATION
Vulnerability Details
The following table list reported vulnerabilities for the period covered by this report:
14 Critical Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2019-01-03 | CVE-2018-20512 | Cdatatec | Reliance on Cookies without Validation and Integrity Checking vulnerability in Cdatatec Epon Cpe-Wifi Devices Firmware 2.0.4X000 EPON CPE-WiFi devices 2.0.4-X000 are vulnerable to escalation of privileges by sending cooLogin=1, cooUser=admin, and timestamp=-1 cookies. | 10.0 |
2019-01-02 | CVE-2018-20114 | Dlink | OS Command Injection vulnerability in Dlink Dir-818Lw Firmware and Dir-860L Firmware On D-Link DIR-818LW Rev.A 2.05.B03 and DIR-860L Rev.B 2.03.B03 devices, unauthenticated remote OS command execution can occur in the soap.cgi service of the cgibin binary via an "&&" substring in the service parameter. | 10.0 |
2019-01-02 | CVE-2018-14721 | Fasterxml Debian Oracle Redhat | Server-Side Request Forgery (SSRF) vulnerability in multiple products FasterXML jackson-databind 2.x before 2.9.7 might allow remote attackers to conduct server-side request forgery (SSRF) attacks by leveraging failure to block the axis2-jaxws class from polymorphic deserialization. | 10.0 |
2018-12-31 | CVE-2018-6342 | OS Command Injection vulnerability in Facebook React-Dev-Utils react-dev-utils on Windows allows developers to run a local webserver for accepting various commands, including a command to launch an editor. | 10.0 | |
2019-01-03 | CVE-2018-16879 | Redhat | Missing Encryption of Sensitive Data vulnerability in Redhat Ansible Tower Ansible Tower before version 3.3.3 does not set a secure channel as it is using the default insecure configuration channel settings for messaging celery workers from RabbitMQ. | 9.8 |
2019-01-02 | CVE-2018-19362 | Fasterxml Debian Oracle Redhat | Deserialization of Untrusted Data vulnerability in multiple products FasterXML jackson-databind 2.x before 2.9.8 might allow attackers to have unspecified impact by leveraging failure to block the jboss-common-core class from polymorphic deserialization. | 9.8 |
2019-01-02 | CVE-2018-19361 | Fasterxml Debian Oracle Redhat | Deserialization of Untrusted Data vulnerability in multiple products FasterXML jackson-databind 2.x before 2.9.8 might allow attackers to have unspecified impact by leveraging failure to block the openjpa class from polymorphic deserialization. | 9.8 |
2019-01-02 | CVE-2018-19360 | Fasterxml Debian Oracle Redhat | Deserialization of Untrusted Data vulnerability in multiple products FasterXML jackson-databind 2.x before 2.9.8 might allow attackers to have unspecified impact by leveraging failure to block the axis2-transport-jms class from polymorphic deserialization. | 9.8 |
2019-01-02 | CVE-2018-14720 | Fasterxml Debian Oracle Redhat | Deserialization of Untrusted Data vulnerability in multiple products FasterXML jackson-databind 2.x before 2.9.7 might allow attackers to conduct external XML entity (XXE) attacks by leveraging failure to block unspecified JDK classes from polymorphic deserialization. | 9.8 |
2019-01-02 | CVE-2018-14719 | Fasterxml Debian Oracle Redhat Netapp | Deserialization of Untrusted Data vulnerability in multiple products FasterXML jackson-databind 2.x before 2.9.7 might allow remote attackers to execute arbitrary code by leveraging failure to block the blaze-ds-opt and blaze-ds-core classes from polymorphic deserialization. | 9.8 |
2019-01-02 | CVE-2018-14718 | Fasterxml Debian Oracle Netapp Redhat | Deserialization of Untrusted Data vulnerability in multiple products FasterXML jackson-databind 2.x before 2.9.7 might allow remote attackers to execute arbitrary code by leveraging failure to block the slf4j-ext class from polymorphic deserialization. | 9.8 |
2018-12-31 | CVE-2018-17191 | Apache | Unspecified vulnerability in Apache Netbeans 9.0 Apache NetBeans (incubating) 9.0 NetBeans Proxy Auto-Configuration (PAC) interpretation is vulnerable for remote command execution (RCE). | 9.8 |
2019-01-03 | CVE-2018-4012 | Webroot | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Webroot Brightcloud An exploitable buffer overflow vulnerability exists in the HTTP header-parsing function of the Webroot BrightCloud SDK. | 9.3 |
2018-12-31 | CVE-2018-18600 | Guardzilla | OS Command Injection vulnerability in Guardzilla 180 Indoor Firmware and 180 Outdoor Firmware The remote upgrade feature in Guardzilla GZ180 devices allow command injection via a crafted new firmware version parameter. | 9.3 |
29 High Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2019-01-03 | CVE-2018-19998 | Dolibarr | SQL Injection vulnerability in Dolibarr Erp/Crm 8.0.2 SQL injection vulnerability in user/card.php in Dolibarr version 8.0.2 allows remote authenticated users to execute arbitrary SQL commands via the employee parameter. | 8.8 |
2019-01-03 | CVE-2018-19994 | Dolibarr | SQL Injection vulnerability in Dolibarr Erp/Crm 8.0.2 An error-based SQL injection vulnerability in product/card.php in Dolibarr version 8.0.2 allows remote authenticated users to execute arbitrary SQL commands via the desiredstock parameter. | 8.8 |
2019-01-03 | CVE-2018-16882 | Linux Canonical | Use After Free vulnerability in multiple products A use-after-free issue was found in the way the Linux kernel's KVM hypervisor processed posted interrupts when nested(=1) virtualization is enabled. | 8.8 |
2019-01-02 | CVE-2019-3500 | Aria2 Project Debian Fedoraproject Canonical | Information Exposure Through Log Files vulnerability in multiple products aria2c in aria2 1.33.1, when --log is used, can store an HTTP Basic Authentication username and password in a file, which might allow local users to obtain sensitive information by reading this file. | 7.8 |
2018-12-31 | CVE-2018-6668 | Mcafee | Unspecified vulnerability in Mcafee Application Change Control 6.2.0/7.0.0/7.0.1 A whitelist bypass vulnerability in McAfee Application Control / Change Control 7.0.1 and before allows execution bypass, for example, with simple DLL through interpreters such as PowerShell. | 7.8 |
2019-01-04 | CVE-2019-5312 | Wxjava Project | XXE vulnerability in Wxjava Project Wxjava 3.3.0 An issue was discovered in weixin-java-tools v3.3.0. | 7.5 |
2019-01-03 | CVE-2018-18995 | ABB | Missing Authentication for Critical Function vulnerability in ABB Gate-E1 Firmware and Gate-E2 Firmware Pluto Safety PLC Gateway Ethernet devices ABB GATE-E1 and GATE-E2 all versions do not allow authentication to be configured on administrative telnet or web interfaces, which could enable various effects vectors, including conducting device resets, reading or modifying registers, and changing configuration settings such as IP addresses. | 7.5 |
2019-01-03 | CVE-2019-3905 | Zohocorp | Server-Side Request Forgery (SSRF) vulnerability in Zohocorp Manageengine Adselfservice Plus Zoho ManageEngine ADSelfService Plus 5.x before build 5703 has SSRF. | 7.5 |
2019-01-03 | CVE-2018-20664 | Zohocorp | XXE vulnerability in Zohocorp Manageengine Adselfservice Plus 5.7 Zoho ManageEngine ADSelfService Plus 5.x before build 5701 has XXE via an uploaded product license. | 7.5 |
2019-01-03 | CVE-2018-19862 | Minishare Project | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Minishare Project Minishare 1.4.1 Buffer overflow in MiniShare 1.4.1 and earlier allows remote attackers to execute arbitrary code via a long HTTP POST request. | 7.5 |
2019-01-03 | CVE-2018-19861 | Minishare Project | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Minishare Project Minishare 1.4.1 Buffer overflow in MiniShare 1.4.1 and earlier allows remote attackers to execute arbitrary code via a long HTTP HEAD request. | 7.5 |
2019-01-03 | CVE-2018-19415 | Plikli | SQL Injection vulnerability in Plikli CMS 4.0.0 Multiple SQL injection vulnerabilities in Plikli CMS 4.0.0 allow remote attackers to execute arbitrary SQL commands via the (1) id parameter to join_group.php or (2) comment_id parameter to story.php. | 7.5 |
2019-01-03 | CVE-2018-17161 | Freebsd | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Freebsd 11.2/12.0 In FreeBSD before 11.2-STABLE(r348229), 11.2-RELEASE-p7, 12.0-STABLE(r342228), and 12.0-RELEASE-p1, insufficient validation of network-provided data in bootpd may make it possible for a malicious attacker to craft a bootp packet which could cause a stack buffer overflow. | 7.5 |
2019-01-03 | CVE-2018-17172 | Xerox | Command Injection vulnerability in Xerox products The web application on Xerox AltaLink B80xx before 100.008.028.05200, C8030/C8035 before 100.001.028.05200, C8045/C8055 before 100.002.028.05200, and C8070 before 100.003.028.05200 allows unauthenticated command injection. | 7.5 |
2019-01-03 | CVE-2018-18264 | Kubernetes | Missing Authentication for Critical Function vulnerability in Kubernetes Dashboard Kubernetes Dashboard before 1.10.1 allows attackers to bypass authentication and use Dashboard's Service Account for reading secrets within the cluster. | 7.5 |
2019-01-02 | CVE-2018-13045 | Yeswiki | SQL Injection vulnerability in Yeswiki Cercopitheque 201806191 SQL injection vulnerability in the "Bazar" page in Yeswiki Cercopitheque 2018-06-19-1 and earlier allows attackers to execute arbitrary SQL commands via the "id" parameter. | 7.5 |
2019-01-02 | CVE-2019-3577 | Bijiadao | SQL Injection vulnerability in Bijiadao Waimai Super CMS 20150505 An issue was discovered in Waimai Super Cms 20150505. | 7.5 |
2019-01-02 | CVE-2019-3576 | Inxedu Project | SQL Injection vulnerability in Inxedu Project Inxedu 20181224 inxedu through 2018-12-24 has a SQL Injection vulnerability that can lead to information disclosure via the deleteFaveorite/ PATH_INFO. | 7.5 |
2018-12-31 | CVE-2018-6333 | Improper Input Validation vulnerability in Facebook Nuclide The hhvm-attach deep link handler in Nuclide did not properly sanitize the provided hostname parameter when rendering. | 7.5 | |
2018-12-31 | CVE-2018-6331 | Deserialization of Untrusted Data vulnerability in Facebook Buck Buck parser-cache command loads/saves state using Java serialized object. | 7.5 | |
2018-12-31 | CVE-2018-6334 | Improper Input Validation vulnerability in Facebook Hhvm Multipart-file uploads call variables to be improperly registered in the global scope. | 7.5 | |
2018-12-31 | CVE-2018-18593 | HP | Path Traversal vulnerability in HP Ucmdb Configuration Manager Remote Directory Traversal and Remote Disclosure of Privileged Information in UCMDB Configuration Management Service, version 10.22, 10.22 CUP1, 10.22 CUP2, 10.22 CUP3, 10.22 CUP4, 10.22 CUP5, 10.22 CUP6, 10.22 CUP7, 10.33, 10.33 CUP1, 10.33 CUP2, 10.33 CUP3, 2018.02, 2018.05, 2018.08, 2018.11. | 7.5 |
2019-01-03 | CVE-2017-18330 | Qualcomm | Unspecified vulnerability in Qualcomm products Buffer overflow in AES-CCM and AES-GCM encryption via initialization vector in snapdragon automobile, snapdragon mobile and snapdragon wear in versions IPQ8074, MDM9206, MDM9607, MDM9635M, MDM9640, MDM9650, MDM9655, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 615/16/SD 415, SD 625, SD 632, SD 636, SD 650/52, SD 810, SD 820, SD 820A, SD 835, SDA660, SDM439, SDM630, SDM660, SDX24, Snapdragon_High_Med_2016. | 7.2 |
2019-01-03 | CVE-2017-18329 | Qualcomm | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Qualcomm products Possible Buffer overflow when transmitting an RTP packet in snapdragon automobile and snapdragon wear in versions MDM9615, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 450, SD 615/16/SD 415, SD 625, SD 636, SD 650/52, SD 712 / SD 710 / SD 670, SD 810, SD 820, SD 835, SD 845 / SD 850, SDA660, SDM630, SDM660, Snapdragon_High_Med_2016, SXR1130 | 7.2 |
2019-01-03 | CVE-2017-18328 | Qualcomm | Use After Free vulnerability in Qualcomm products Use after free in QSH client rule processing in snapdragon mobile and snapdragon wear in versions MDM9206, MDM9607, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 450, SD 625, SD 636, SD 820, SD 835, SDA660, SDM630, SDM660, Snapdragon_High_Med_2016. | 7.2 |
2019-01-03 | CVE-2017-18320 | Qualcomm | Improper Input Validation vulnerability in Qualcomm products QSEE unload attempt on a 3rd party TEE without previously loading results in a data abort in snapdragon automobile and snapdragon mobile in versions MSM8996AU, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 615/16/SD 415, SD 625, SD 632, SD 636, SD 650/52, SD 712 / SD 710 / SD 670, SD 810, SD 820, SD 820A, SD 835, SDA660, SDM439, SDM630, SDM660, SDX24, Snapdragon_High_Med_2016, SXR1130. | 7.2 |
2019-01-03 | CVE-2017-18141 | Qualcomm | Unspecified vulnerability in Qualcomm products When a 3rd party TEE has been loaded it is possible for the non-secure world to create a secure monitor call which will give it access to privileged functions meant to only be accessible from the TEE in Snapdragon Automobile, Snapdragon Mobile and Snapdragon Wear in versions IPQ8074, MDM9206, MDM9607, MDM9635M, MDM9650, MDM9655, MSM8996AU, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 625, SD 632, SD 636, SD 650/52, SD 810, SD 820, SD 820A, SD 835, SDA660, SDM439, SDM630, SDM660, SDX24, Snapdragon_High_Med_2016. | 7.2 |
2019-01-02 | CVE-2018-17188 | Apache | Unspecified vulnerability in Apache Couchdb Prior to CouchDB version 2.3.0, CouchDB allowed for runtime-configuration of key components of the database. | 7.2 |
2019-01-02 | CVE-2018-15490 | Expressvpn | Path Traversal vulnerability in Expressvpn An issue was discovered in ExpressVPN on Windows. | 7.1 |
70 Medium Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2019-01-04 | CVE-2018-1888 | IBM | Untrusted Search Path vulnerability in IBM I Access 6.1/7.1 An untrusted search path vulnerability in IBM i Access for Windows versions 7.1 and earlier on Windows can allow arbitrary code execution via a Trojan horse DLL in the current working directory, related to use of the LoadLibrary function. | 6.8 |
2019-01-02 | CVE-2018-20211 | Exiftool Project | Uncontrolled Search Path Element vulnerability in Exiftool Project Exiftool 8.32 ExifTool 8.32 allows local users to gain privileges by creating a %TEMP%\par-%username%\cache-exiftool-8.32 folder with a victim's username, and then copying a Trojan horse ws32_32.dll file into this new folder, aka DLL Hijacking. | 6.8 |
2019-01-02 | CVE-2019-3574 | Libsixel Project | Out-of-bounds Read vulnerability in Libsixel Project Libsixel 1.8.2 In libsixel v1.8.2, there is a heap-based buffer over-read in the function load_jpeg() in the file loader.c, as demonstrated by img2sixel. | 6.8 |
2019-01-02 | CVE-2018-5197 | Tobesoft Microsoft | Improper Input Validation vulnerability in Tobesoft Xplatform 9.2/9.2.1/9.2.2 A vulnerability in the ExtCommon.dll user extension module version 9.2, 9.2.1, 9.2.2 of Xplatform ActiveX could allow attacker to perform a command injection attack. | 6.8 |
2018-12-31 | CVE-2018-6340 | Out-of-bounds Read vulnerability in Facebook Hhvm The Memcache::getextendedstats function can be used to trigger an out-of-bounds read. | 6.8 | |
2018-12-31 | CVE-2018-6336 | Linuxfoundation | 7PK - Security Features vulnerability in Linuxfoundation Osquery An issue was discovered in osquery. | 6.8 |
2018-12-31 | CVE-2018-18601 | Guardzilla | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Guardzilla Gz621W Firmware 0.5.1.4 The TK_set_deviceModel_req_handle function in the cloud communication component in Guardzilla GZ621W devices with firmware 0.5.1.4 has a Buffer Overflow. | 6.8 |
2018-12-31 | CVE-2018-20618 | OK File Formats Project | Out-of-bounds Read vulnerability in Ok-File-Formats Project Ok-File-Formats ok-file-formats through 2018-10-16 has a heap-based buffer over-read in the ok_mo_decode2 function in ok_mo.c. | 6.8 |
2018-12-31 | CVE-2018-20617 | OK File Formats Project | Out-of-bounds Write vulnerability in Ok-File-Formats Project Ok-File-Formats ok-file-formats through 2018-10-16 has a heap-based buffer overflow in the ok_csv_decode2 function in ok_csv.c. | 6.8 |
2018-12-31 | CVE-2018-20616 | OK File Formats Project | Out-of-bounds Write vulnerability in Ok-File-Formats Project Ok-File-Formats ok-file-formats through 2018-10-16 has a heap-based buffer overflow in the ok_wav_decode_ms_adpcm_data function in ok_wav.c. | 6.8 |
2019-01-04 | CVE-2018-1859 | IBM | Unspecified vulnerability in IBM API Connect IBM API Connect 5.0.0.0 through 5.0.8.4 could allow a user authenticated as an administrator with limited rights to escalate their privileges. | 6.5 |
2019-01-04 | CVE-2019-5009 | Vtiger | Unrestricted Upload of File with Dangerous Type vulnerability in Vtiger CRM Vtiger CRM 7.1.0 before Hotfix2 allows uploading files with the extension "php3" in the logo upload field, if the uploaded file is in PNG format and has a size of 150x40. | 6.5 |
2019-01-03 | CVE-2018-19601 | Rhymix | Server-Side Request Forgery (SSRF) vulnerability in Rhymix 1.9.8.1 Rhymix CMS 1.9.8.1 allows SSRF via an index.php?module=admin&act=dispModuleAdminFileBox SVG upload. | 6.5 |
2019-01-03 | CVE-2018-20662 | Freedesktop Debian Fedoraproject Canonical Redhat | Improper Input Validation vulnerability in multiple products In Poppler 0.72.0, PDFDoc::setup in PDFDoc.cc allows attackers to cause a denial-of-service (application crash caused by Object.h SIGABRT, because of a wrong return value from PDFDoc::setup) by crafting a PDF file in which an xref data structure is mishandled during extractPDFSubtype processing. | 6.5 |
2019-01-02 | CVE-2018-20166 | Rukovoditel | Unrestricted Upload of File with Dangerous Type vulnerability in Rukovoditel 2.3.1 A file-upload vulnerability exists in Rukovoditel 2.3.1. | 6.5 |
2019-01-01 | CVE-2018-20650 | Freedesktop Canonical Debian Redhat | Improper Input Validation vulnerability in multiple products A reachable Object::dictLookup assertion in Poppler 0.72.0 allows attackers to cause a denial of service due to the lack of a check for the dict data type, as demonstrated by use of the FileSpec class (in FileSpec.cc) in pdfdetach. | 6.5 |
2019-01-01 | CVE-2019-3494 | Simply Blog Project | SQL Injection vulnerability in Simply-Blog Project Simply-Blog 20190101 Simply-Blog through 2019-01-01 has SQL Injection via the admin/deleteCategories.php delete parameter. | 6.4 |
2019-01-03 | CVE-2018-19993 | Dolibarr | Cross-site Scripting vulnerability in Dolibarr Erp/Crm 8.0.2 A reflected cross-site scripting (XSS) vulnerability in Dolibarr 8.0.2 allows remote attackers to inject arbitrary web script or HTML via the transphrase parameter to public/notice.php. | 6.1 |
2019-01-03 | CVE-2019-5007 | Foxitsoftware Microsoft | NULL Pointer Dereference vulnerability in Foxitsoftware Foxit Reader and Phantompdf An issue was discovered in Foxit Reader and PhantomPDF before 9.4 on Windows. | 5.8 |
2019-01-04 | CVE-2018-20671 | GNU | Integer Overflow or Wraparound vulnerability in GNU Binutils load_specific_debug_section in objdump.c in GNU Binutils through 2.31.1 contains an integer overflow vulnerability that can trigger a heap-based buffer overflow via a crafted section size. | 5.5 |
2019-01-03 | CVE-2018-3986 | Telegram | Information Exposure vulnerability in Telegram 4.9.0 An exploitable information disclosure vulnerability exists in the "Secret Chats" functionality of the Telegram Android messaging application version 4.9.0. | 5.5 |
2019-01-03 | CVE-2018-16885 | Linux Redhat | Out-of-bounds Read vulnerability in multiple products A flaw was found in the Linux kernel that allows the userspace to call memcpy_fromiovecend() and similar functions with a zero offset and buffer length which causes the read beyond the buffer boundaries, in certain cases causing a memory access fault and a system halt by accessing invalid memory address. | 5.5 |
2019-01-02 | CVE-2018-19478 | Artifex Debian | Improper Input Validation vulnerability in multiple products In Artifex Ghostscript before 9.26, a carefully crafted PDF file can trigger an extremely long running computation when parsing the file. | 5.5 |
2019-01-01 | CVE-2018-20651 | GNU | NULL Pointer Dereference vulnerability in GNU Binutils 2.31.1 A NULL pointer dereference was discovered in elf_link_add_object_symbols in elflink.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31.1. | 5.5 |
2019-01-03 | CVE-2018-19995 | Dolibarr | Cross-site Scripting vulnerability in Dolibarr Erp/Crm 8.0.2 A stored cross-site scripting (XSS) vulnerability in Dolibarr 8.0.2 allows remote authenticated users to inject arbitrary web script or HTML via the "address" (POST) or "town" (POST) parameter to user/card.php. | 5.4 |
2019-01-03 | CVE-2018-19992 | Dolibarr | Cross-site Scripting vulnerability in Dolibarr Erp/Crm 8.0.2 A stored cross-site scripting (XSS) vulnerability in Dolibarr 8.0.2 allows remote authenticated users to inject arbitrary web script or HTML via the "address" (POST) or "town" (POST) parameter to adherents/type.php. | 5.4 |
2019-01-03 | CVE-2018-19249 | Stripe | Improper Authentication vulnerability in Stripe API 1.0 The Stripe API v1 allows remote attackers to bypass intended access restrictions by replaying api.stripe.com /v1/tokens XMLHttpRequest data, parsing the response under the object card{}, and reading the cvc_check information if the creation is successful without charging the actual card used in the transaction. | 5.0 |
2019-01-03 | CVE-2018-18004 | Vivotek | Missing Authorization vulnerability in Vivotek Camera Incorrect Access Control in mod_inetd.cgi in VIVOTEK Network Camera Series products with firmware before XXXXXX-VVTK-0X09a allows remote attackers to enable arbitrary system services via a URL parameter. | 5.0 |
2019-01-03 | CVE-2019-3580 | Openrefine | Path Traversal vulnerability in Openrefine OpenRefine through 3.1 allows arbitrary file write because Directory Traversal can occur during the import of a crafted project file. | 5.0 |
2019-01-03 | CVE-2018-18893 | Hubspot | Unspecified vulnerability in Hubspot Jinjava Jinjava before 2.4.6 does not block the getClass method, related to com/hubspot/jinjava/el/ext/JinjavaBeanELResolver.java. | 5.0 |
2019-01-02 | CVE-2018-20100 | August | Missing Encryption of Sensitive Data vulnerability in August Connect and August Connect Firmware An issue was discovered on August Connect devices. | 5.0 |
2019-01-02 | CVE-2018-20658 | Coreftp | Improper Input Validation vulnerability in Coreftp Core FTP 2.0 The server in Core FTP 2.0 build 653 on 32-bit platforms allows remote attackers to cause a denial of service (daemon crash) via a crafted XRMD command. | 5.0 |
2019-01-02 | CVE-2018-20657 | GNU F5 | Missing Release of Resource after Effective Lifetime vulnerability in multiple products The demangle_template function in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.31.1, has a memory leak via a crafted string, leading to a denial of service (memory consumption), as demonstrated by cxxfilt, a related issue to CVE-2018-12698. | 5.0 |
2018-12-31 | CVE-2018-6347 | Proxygen Project | Improper Input Validation vulnerability in Proxygen Project Proxygen An issue in the Proxygen handling of HTTP2 parsing of headers/trailers can lead to a denial-of-service attack. | 5.0 |
2018-12-31 | CVE-2018-6346 | Proxygen Project | 7PK - Errors vulnerability in Proxygen Project Proxygen A potential denial-of-service issue in the Proxygen handling of invalid HTTP2 priority settings (specifically a circular dependency). | 5.0 |
2018-12-31 | CVE-2018-6344 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Whatsapp A heap corruption in WhatsApp can be caused by a malformed RTP packet being sent after a call is established. | 5.0 | |
2018-12-31 | CVE-2018-6343 | Improper Input Validation vulnerability in Facebook Proxygen 2018.10.29.00/2018.11.05.00/2018.11.12.00 Proxygen fails to validate that a secondary auth manager is set before dereferencing it. | 5.0 | |
2018-12-31 | CVE-2018-6337 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Facebook Folly and Hhvm folly::secureRandom will re-use a buffer between parent and child processes when fork() is called. | 5.0 | |
2018-12-31 | CVE-2018-6335 | Improper Input Validation vulnerability in Facebook Hhvm A Malformed h2 frame can cause 'std::out_of_range' exception when parsing priority meta data. | 5.0 | |
2018-12-31 | CVE-2018-18602 | Guardzilla | Use of Insufficiently Random Values vulnerability in Guardzilla products The Cloud API on Guardzilla smart cameras allows user enumeration, with resultant arbitrary camera access and monitoring. | 5.0 |
2019-01-03 | CVE-2019-3701 | Linux Debian Canonical | Out-of-bounds Write vulnerability in Linux Kernel An issue was discovered in can_can_gw_rcv in net/can/gw.c in the Linux kernel through 4.19.13. | 4.9 |
2019-01-03 | CVE-2019-3575 | Sqla Yaml Fixtures Project | Code Injection vulnerability in Sqla Yaml Fixtures Project Sqla Yaml Fixtures 0.9.1 Sqla_yaml_fixtures 0.9.1 allows local users to execute arbitrary python code via the fixture_text argument in sqla_yaml_fixtures.load. | 4.6 |
2019-01-03 | CVE-2018-20131 | Code42 Linux | Incorrect Permission Assignment for Critical Resource vulnerability in Code42 The Code42 app before 6.8.4, as used in Code42 for Enterprise, on Linux installs with overly permissive permissions on the /usr/local/crashplan/log directory. | 4.6 |
2018-12-31 | CVE-2018-19937 | Videolan | Improper Authentication vulnerability in Videolan VLC FOR Mobile A local, authenticated attacker can bypass the passcode in the VideoLAN VLC media player app before 3.1.5 for iOS by opening a URL and turning the phone. | 4.6 |
2019-01-04 | CVE-2018-20673 | GNU | Integer Overflow or Wraparound vulnerability in GNU Binutils 2.31.1 The demangle_template function in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.31.1, contains an integer overflow vulnerability (for "Create an array for saving the template argument values") that can trigger a heap-based buffer overflow, as demonstrated by nm. | 4.3 |
2019-01-04 | CVE-2019-5311 | Yunucms | Cross-site Scripting vulnerability in Yunucms 1.1.8 An issue was discovered in YUNUCMS V1.1.8. | 4.3 |
2019-01-04 | CVE-2019-5310 | Yunucms | Cross-site Scripting vulnerability in Yunucms 1.1.8 YUNUCMS 1.1.8 has XSS in app/admin/controller/System.php because crafted data can be written to the sys.php file, as demonstrated by site_title in an admin/system/basic POST request. | 4.3 |
2019-01-03 | CVE-2019-5006 | Foxitsoftware Microsoft | NULL Pointer Dereference vulnerability in Foxitsoftware Foxit Reader and Phantompdf An issue was discovered in Foxit Reader and PhantomPDF before 9.4 on Windows. | 4.3 |
2019-01-03 | CVE-2019-5005 | Foxitsoftware Microsoft | Out-of-bounds Write vulnerability in Foxitsoftware Foxit Reader and Phantompdf An issue was discovered in Foxit Reader and PhantomPDF before 9.4 on Windows. | 4.3 |
2019-01-03 | CVE-2018-8827 | Technicolor | Cross-site Scripting vulnerability in Technicolor Tg789Vac Firmware 16.3.7190276100520161004084353 The admin web interface on Technicolor MediaAccess TG789vac v2 HP devices with firmware v16.3.7190-2761005-20161004084353 displays unsanitised user input, which allows an unauthenticated malicious user to embed JavaScript into the Log viewer interface via a crafted HTTP Referer header, aka XSS. | 4.3 |
2019-01-03 | CVE-2018-18997 | ABB | Cross-site Scripting vulnerability in ABB Gate-E1 Firmware and Gate-E2 Firmware Pluto Safety PLC Gateway Ethernet devices in ABB GATE-E1 and GATE-E2 all versions allows an unauthenticated attacker using the administrative web interface to insert an HTML/Javascript payload into any of the device properties, which may allow an attacker to display/execute the payload in a visitor browser. | 4.3 |
2019-01-03 | CVE-2018-18244 | Vivotek | Cross-site Scripting vulnerability in Vivotek Camera Cross-site scripting in syslog.html in VIVOTEK Network Camera Series products with firmware 0x06x to 0x08x allows remote attackers to execute arbitrary JavaScript code via an HTTP Referer Header. | 4.3 |
2019-01-03 | CVE-2018-18005 | Vivotek | Cross-site Scripting vulnerability in Vivotek Camera Cross-site scripting in event_script.js in VIVOTEK Network Camera Series products with firmware 0x06x to 0x08x allows remote attackers to execute arbitrary JavaScript via a URL query string parameter. | 4.3 |
2019-01-03 | CVE-2018-19414 | Plikli | Cross-site Scripting vulnerability in Plikli CMS 4.0.0 Multiple cross-site scripting (XSS) vulnerabilities in Plikli CMS 4.0.0 allow remote attackers to inject arbitrary web script or HTML via the (1) keyword parameter to groups.php; (2) username parameter to login.php; or (3) date parameter to search.php. | 4.3 |
2019-01-03 | CVE-2018-14481 | Osclass | Cross-site Scripting vulnerability in Osclass 3.7.4 Osclass 3.7.4 has XSS via the query string to index.php, a different vulnerability than CVE-2014-6280. | 4.3 |
2019-01-03 | CVE-2018-16870 | Wolfssl | Cryptographic Issues vulnerability in Wolfssl It was found that wolfssl before 3.15.7 is vulnerable to a new variant of the Bleichenbacher attack to perform downgrade attacks against TLS. | 4.3 |
2019-01-02 | CVE-2018-20326 | Chinamobile | Cross-site Scripting vulnerability in Chinamobile Gpn2.4P21-C-Cn Firmware W2001En00 ChinaMobile PLC Wireless Router GPN2.4P21-C-CN devices with firmware W2001EN-00 have XSS via the cgi-bin/webproc?getpage=html/index.html var:subpage parameter. | 4.3 |
2019-01-02 | CVE-2018-20659 | Axiosys | Allocation of Resources Without Limits or Throttling vulnerability in Axiosys Bento4 1.5.1627 An issue was discovered in Bento4 1.5.1-627. | 4.3 |
2019-01-02 | CVE-2019-3573 | Libsixel Project | Infinite Loop vulnerability in Libsixel Project Libsixel 1.8.2 In libsixel v1.8.2, there is an infinite loop in the function sixel_decode_raw_impl() in the file fromsixel.c, as demonstrated by sixel2png. | 4.3 |
2019-01-02 | CVE-2019-3572 | Libming | Out-of-bounds Read vulnerability in Libming 0.4.8 An issue was discovered in libming 0.4.8. | 4.3 |
2019-01-01 | CVE-2018-20652 | Tinyexr Project | Allocation of Resources Without Limits or Throttling vulnerability in Tinyexr Project Tinyexr 0.9.5 An attempted excessive memory allocation was discovered in the function tinyexr::AllocateImage in tinyexr.h in tinyexr v0.9.5. | 4.3 |
2018-12-31 | CVE-2018-6341 | Cross-site Scripting vulnerability in Facebook React React applications which rendered to HTML using the ReactDOMServer API were not escaping user-supplied attribute names at render-time. | 4.3 | |
2018-12-31 | CVE-2018-20623 | GNU | Use After Free vulnerability in GNU Binutils 2.31.1 In GNU Binutils 2.31.1, there is a use-after-free in the error function in elfcomm.c when called from the process_archive function in readelf.c via a crafted ELF file. | 4.3 |
2018-12-31 | CVE-2018-20622 | Jasper Project Debian | Missing Release of Resource after Effective Lifetime vulnerability in multiple products JasPer 2.0.14 has a memory leak in base/jas_malloc.c in libjasper.a when "--output-format jp2" is used. | 4.3 |
2018-12-31 | CVE-2018-19904 | Xsltcms ORG Project | Cross-site Scripting vulnerability in Xsltcms.Org Project Xsltcms.Org Persistent XSS exists in XSLT CMS via the create/?action=items.edit&type=Page "body" field. | 4.3 |
2018-12-31 | CVE-2018-19903 | Xsltcms ORG Project | Cross-site Scripting vulnerability in Xsltcms.Org Project Xsltcms.Org Persistent XSS exists in XSLT CMS via the create/?action=items.edit&type=Page title field. | 4.3 |
2019-01-03 | CVE-2018-15780 | RSA | Unspecified vulnerability in RSA Archer GRC Platform RSA Archer versions prior to 6.5.0.1 contain an improper access control vulnerability. | 4.0 |
2019-01-03 | CVE-2018-19505 | BMC | Improper Authentication vulnerability in BMC Remedy Action Request System Server 7.1 Remedy AR System Server in BMC Remedy 7.1 may fail to set the correct user context in certain impersonation scenarios, which can allow a user to act with the identity of a different user, because userdata.js in the WOI:WorkOrderConsole component allows a username substitution involving a UserData_Init call. | 4.0 |
2019-01-02 | CVE-2018-19371 | SDL | XXE vulnerability in SDL web Content Manager 8.5.0 The SaveUserSettings service in Content Manager in SDL Web 8.5.0 has an XXE Vulnerability that allows reading sensitive files from the system. | 4.0 |
2019-01-02 | CVE-2018-7900 | Huawei | Information Exposure vulnerability in Huawei products There is an information leak vulnerability in some Huawei HG products. | 4.0 |
22 Low Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2019-01-04 | CVE-2018-1951 | IBM | Cross-site Scripting vulnerability in IBM Rational Publishing Engine 2.1.2/6.0.5/6.0.6 IBM Publishing Engine 2.1.2, 6.0.5, and 6.0.6 is vulnerable to cross-site scripting. | 3.5 |
2019-01-04 | CVE-2018-1657 | IBM | Cross-site Scripting vulnerability in IBM Rational Publishing Engine 2.1.2/6.0.5/6.0.6 IBM Publishing Engine 2.1.2, 6.0.5, and 6.0.6 is vulnerable to cross-site scripting. | 3.5 |
2019-01-03 | CVE-2018-19600 | Rhymix | Cross-site Scripting vulnerability in Rhymix 1.9.8.1 Rhymix CMS 1.9.8.1 allows XSS via an index.php?module=admin&act=dispModuleAdminFileBox SVG upload. | 3.5 |
2019-01-03 | CVE-2018-20663 | Haulmont | Cross-site Scripting vulnerability in Haulmont Cuba Platform and Reporting The Reporting Addon (aka Reports Addon) through 2019-01-02 for CUBA Platform through 6.10.x has Persistent XSS via the "Reports > Reports" name field. | 3.5 |
2019-01-03 | CVE-2018-16876 | Redhat Debian Suse Canonical | Information Exposure vulnerability in multiple products ansible before versions 2.5.14, 2.6.11, 2.7.5 is vulnerable to a information disclosure flaw in vvv+ mode with no_log on that can lead to leakage of sensible data. | 3.5 |
2019-01-02 | CVE-2019-3501 | Ougc Awards Project | Cross-site Scripting vulnerability in Ougc Awards Project Ougc Awards 1.1/1.8.0/1.8.3 The OUGC Awards plugin before 1.8.19 for MyBB allows XSS via a crafted award reason that is mishandled on the awards page or in a user profile. | 3.5 |
2018-12-31 | CVE-2018-19918 | Cuppacms | Cross-site Scripting vulnerability in Cuppacms CuppaCMS has XSS via an SVG document uploaded to the administrator/#/component/table_manager/view/cu_views URI. | 3.5 |
2018-12-31 | CVE-2018-19906 | Razorcms | Cross-site Scripting vulnerability in Razorcms 3.4.8 Stored XSS exists in razorCMS 3.4.8 via the /#/page description parameter. | 3.5 |
2018-12-31 | CVE-2018-19905 | Razorcms | Cross-site Scripting vulnerability in Razorcms 3.4.8 HTML injection exists in razorCMS 3.4.8 via the /#/page keywords parameter. | 3.5 |
2018-12-31 | CVE-2018-19902 | NO CMS Project | Cross-site Scripting vulnerability in No-Cms Project No-Cms 1.1.3 No-CMS 1.1.3 is prone to Persistent XSS via the blog/manage_article "keyword" parameter. | 3.5 |
2018-12-31 | CVE-2018-19901 | NO CMS Project | Cross-site Scripting vulnerability in No-Cms Project No-Cms 1.1.3 No-CMS 1.1.3 is prone to Persistent XSS via the blog/manage_article/index/ "article_title" parameter. | 3.5 |
2018-12-31 | CVE-2018-19845 | GET Simple | Cross-site Scripting vulnerability in Get-Simple Getsimple CMS 3.3.12 There is Stored XSS in GetSimple CMS 3.3.12 via the admin/edit.php "post-menu" parameter, a related issue to CVE-2018-16325. | 3.5 |
2018-12-31 | CVE-2018-19844 | Frogcms Project | Cross-site Scripting vulnerability in Frogcms Project Frogcms 0.9.5 FROG CMS 0.9.5 has XSS via the admin/?/snippet/add name parameter, which is mishandled during an edit action, a related issue to CVE-2018-10319. | 3.5 |
2019-01-03 | CVE-2018-19523 | Driveagent | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Driveagent 2.2015.7.14 DriverAgent 2.2015.7.14, which includes DrvAgent64.sys 1.0.0.1, allows a user to send an IOCTL (0x80002068) with a user defined buffer size. | 2.1 |
2019-01-03 | CVE-2017-18327 | Qualcomm | Cryptographic Issues vulnerability in Qualcomm products Security keys are logged when any WCDMA call is configured or reconfigured in snapdragon automobile, snapdragon mobile and snapdragon wear in versions MDM9607, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 425, SD 430, SD 450, SD 625, SD 650/52, SD 712 / SD 710 / SD 670, SD 820, SD 820A, SD 835, SD 845 / SD 850, SDA660, SDX20, SXR1130. | 2.1 |
2019-01-03 | CVE-2017-18326 | Qualcomm | Information Exposure vulnerability in Qualcomm products Cryptographic keys are printed in modem debug messages in snapdragon mobile and snapdragon wear in versions MDM9607, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 450, SD 615/16/SD 415, SD 625, SD 636, SD 650/52, SD 800, SD 810, SD 820, SD 835, SDA660, SDM630, SDM660, Snapdragon_High_Med_2016. | 2.1 |
2019-01-03 | CVE-2017-18324 | Qualcomm | Information Exposure vulnerability in Qualcomm products Cryptographic key material leaked in debug messages - GERAN in snapdragon mobile and snapdragon wear in versions MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 450, SD 615/16/SD 415, SD 625, SD 650/52, SD 800, SD 810, SD 820, SD 835, SD 855, SDX24, Snapdragon_High_Med_2016. | 2.1 |
2019-01-03 | CVE-2017-18323 | Qualcomm | Key Management Errors vulnerability in Qualcomm products Cryptographic key material leaked in TDSCDMA RRC debug messages in snapdragon automobile, snapdragon mobile and snapdragon wear in versions MDM9206, MDM9607, MDM9615, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 625, SD 650/52, SD 712 / SD 710 / SD 670, SD 820, SD 820A, SD 835, SD 845 / SD 850, SDA660, SDX20, SXR1130. | 2.1 |
2019-01-03 | CVE-2017-18322 | Qualcomm | Information Exposure vulnerability in Qualcomm products Cryptographic key material leaked in WCDMA debug messages in snapdragon mobile and snapdragon wear in versions MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 450, SD 615/16/SD 415, SD 625, SD 650/52, SD 800, SD 810, SD 820, SD 835, Snapdragon_High_Med_2016. | 2.1 |
2019-01-03 | CVE-2017-18321 | Qualcomm | Information Exposure vulnerability in Qualcomm products Security keys used by the terminal and NW for a session could be leaked in snapdragon mobile in versions MDM9650, MDM9655, SD 835, SDA660. | 2.1 |
2019-01-03 | CVE-2017-18319 | Qualcomm | Key Management Errors vulnerability in Qualcomm products Information leak in UIM API debug messages in snapdragon mobile and snapdragon wear in versions MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 450, SD 615/16/SD 415, SD 625, SD 650/52, SD 800, SD 810, SD 820, SD 835, Snapdragon_High_Med_2016. | 2.1 |
2019-01-03 | CVE-2017-11004 | Qualcomm | Unspecified vulnerability in Qualcomm products A non-secure user may be able to access certain registers in snapdragon automobile, snapdragon mobile and snapdragon wear in versions IPQ8074, MDM9206, MDM9607, MDM9635M, MDM9650, MDM9655, MSM8996AU, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 615/16/SD 415, SD 625, SD 632, SD 636, SD 650/52, SD 810, SD 820, SD 820A, SD 835, SDA660, SDM439, SDM630, SDM660, SDX24, Snapdragon_High_Med_2016. | 2.1 |