Weekly Vulnerabilities Reports > December 31, 2018 to January 6, 2019

Overview

135 new vulnerabilities reported during this period, including 14 critical vulnerabilities and 29 high severity vulnerabilities. This weekly summary report vulnerabilities in 303 products from 82 vendors including Debian, Qualcomm, Redhat, Facebook, and Oracle. Vulnerabilities are notably categorized as "Cross-site Scripting", "Improper Input Validation", "Improper Restriction of Operations within the Bounds of a Memory Buffer", "Information Exposure", and "SQL Injection".

  • 108 reported vulnerabilities are remotely exploitables.
  • 9 reported vulnerabilities have public exploit available.
  • 58 reported vulnerabilities are related to weaknesses in OWASP Top Ten.
  • 103 reported vulnerabilities are exploitable by an anonymous user.
  • Debian has the most reported vulnerabilities, with 14 reported vulnerabilities.
  • Redhat has the most reported critical vulnerabilities, with 8 reported vulnerabilities.

TOTAL
VULNERABILITIES
CRITICAL RISK
VULNERABILITIES
HIGH RISK
VULNERABILITIES
MEDIUM RISK
VULNERABILITIES
LOW RISK
VULNERABILITIES
REMOTELY
EXPLOITABLE
LOCALLY
EXPLOITABLE
EXPLOIT
AVAILABLE
EXPLOITABLE
ANONYMOUSLY
AFFECTING
WEB APPLICATION

Vulnerability Details

The following table list reported vulnerabilities for the period covered by this report:

Expand/Hide

14 Critical Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2019-01-03 CVE-2018-20512 Cdatatec Reliance on Cookies without Validation and Integrity Checking vulnerability in Cdatatec Epon Cpe-Wifi Devices Firmware 2.0.4X000

EPON CPE-WiFi devices 2.0.4-X000 are vulnerable to escalation of privileges by sending cooLogin=1, cooUser=admin, and timestamp=-1 cookies.

10.0
2019-01-02 CVE-2018-20114 Dlink OS Command Injection vulnerability in Dlink Dir-818Lw Firmware and Dir-860L Firmware

On D-Link DIR-818LW Rev.A 2.05.B03 and DIR-860L Rev.B 2.03.B03 devices, unauthenticated remote OS command execution can occur in the soap.cgi service of the cgibin binary via an "&&" substring in the service parameter.

10.0
2019-01-02 CVE-2018-14721 Fasterxml
Debian
Oracle
Redhat
Server-Side Request Forgery (SSRF) vulnerability in multiple products

FasterXML jackson-databind 2.x before 2.9.7 might allow remote attackers to conduct server-side request forgery (SSRF) attacks by leveraging failure to block the axis2-jaxws class from polymorphic deserialization.

10.0
2018-12-31 CVE-2018-6342 Facebook OS Command Injection vulnerability in Facebook React-Dev-Utils

react-dev-utils on Windows allows developers to run a local webserver for accepting various commands, including a command to launch an editor.

10.0
2019-01-03 CVE-2018-16879 Redhat Missing Encryption of Sensitive Data vulnerability in Redhat Ansible Tower

Ansible Tower before version 3.3.3 does not set a secure channel as it is using the default insecure configuration channel settings for messaging celery workers from RabbitMQ.

9.8
2019-01-02 CVE-2018-19362 Fasterxml
Debian
Oracle
Redhat
Deserialization of Untrusted Data vulnerability in multiple products

FasterXML jackson-databind 2.x before 2.9.8 might allow attackers to have unspecified impact by leveraging failure to block the jboss-common-core class from polymorphic deserialization.

9.8
2019-01-02 CVE-2018-19361 Fasterxml
Debian
Oracle
Redhat
Deserialization of Untrusted Data vulnerability in multiple products

FasterXML jackson-databind 2.x before 2.9.8 might allow attackers to have unspecified impact by leveraging failure to block the openjpa class from polymorphic deserialization.

9.8
2019-01-02 CVE-2018-19360 Fasterxml
Debian
Oracle
Redhat
Deserialization of Untrusted Data vulnerability in multiple products

FasterXML jackson-databind 2.x before 2.9.8 might allow attackers to have unspecified impact by leveraging failure to block the axis2-transport-jms class from polymorphic deserialization.

9.8
2019-01-02 CVE-2018-14720 Fasterxml
Debian
Oracle
Redhat
Deserialization of Untrusted Data vulnerability in multiple products

FasterXML jackson-databind 2.x before 2.9.7 might allow attackers to conduct external XML entity (XXE) attacks by leveraging failure to block unspecified JDK classes from polymorphic deserialization.

9.8
2019-01-02 CVE-2018-14719 Fasterxml
Debian
Oracle
Redhat
Netapp
Deserialization of Untrusted Data vulnerability in multiple products

FasterXML jackson-databind 2.x before 2.9.7 might allow remote attackers to execute arbitrary code by leveraging failure to block the blaze-ds-opt and blaze-ds-core classes from polymorphic deserialization.

9.8
2019-01-02 CVE-2018-14718 Fasterxml
Debian
Oracle
Netapp
Redhat
Deserialization of Untrusted Data vulnerability in multiple products

FasterXML jackson-databind 2.x before 2.9.7 might allow remote attackers to execute arbitrary code by leveraging failure to block the slf4j-ext class from polymorphic deserialization.

9.8
2018-12-31 CVE-2018-17191 Apache Unspecified vulnerability in Apache Netbeans 9.0

Apache NetBeans (incubating) 9.0 NetBeans Proxy Auto-Configuration (PAC) interpretation is vulnerable for remote command execution (RCE).

9.8
2019-01-03 CVE-2018-4012 Webroot Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Webroot Brightcloud

An exploitable buffer overflow vulnerability exists in the HTTP header-parsing function of the Webroot BrightCloud SDK.

9.3
2018-12-31 CVE-2018-18600 Guardzilla OS Command Injection vulnerability in Guardzilla 180 Indoor Firmware and 180 Outdoor Firmware

The remote upgrade feature in Guardzilla GZ180 devices allow command injection via a crafted new firmware version parameter.

9.3

29 High Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2019-01-03 CVE-2018-19998 Dolibarr SQL Injection vulnerability in Dolibarr Erp/Crm 8.0.2

SQL injection vulnerability in user/card.php in Dolibarr version 8.0.2 allows remote authenticated users to execute arbitrary SQL commands via the employee parameter.

8.8
2019-01-03 CVE-2018-19994 Dolibarr SQL Injection vulnerability in Dolibarr Erp/Crm 8.0.2

An error-based SQL injection vulnerability in product/card.php in Dolibarr version 8.0.2 allows remote authenticated users to execute arbitrary SQL commands via the desiredstock parameter.

8.8
2019-01-03 CVE-2018-16882 Linux
Canonical
Use After Free vulnerability in multiple products

A use-after-free issue was found in the way the Linux kernel's KVM hypervisor processed posted interrupts when nested(=1) virtualization is enabled.

8.8
2019-01-02 CVE-2019-3500 Aria2 Project
Debian
Fedoraproject
Canonical
Information Exposure Through Log Files vulnerability in multiple products

aria2c in aria2 1.33.1, when --log is used, can store an HTTP Basic Authentication username and password in a file, which might allow local users to obtain sensitive information by reading this file.

7.8
2018-12-31 CVE-2018-6668 Mcafee Unspecified vulnerability in Mcafee Application Change Control 6.2.0/7.0.0/7.0.1

A whitelist bypass vulnerability in McAfee Application Control / Change Control 7.0.1 and before allows execution bypass, for example, with simple DLL through interpreters such as PowerShell.

7.8
2019-01-04 CVE-2019-5312 Wxjava Project XXE vulnerability in Wxjava Project Wxjava 3.3.0

An issue was discovered in weixin-java-tools v3.3.0.

7.5
2019-01-03 CVE-2018-18995 ABB Missing Authentication for Critical Function vulnerability in ABB Gate-E1 Firmware and Gate-E2 Firmware

Pluto Safety PLC Gateway Ethernet devices ABB GATE-E1 and GATE-E2 all versions do not allow authentication to be configured on administrative telnet or web interfaces, which could enable various effects vectors, including conducting device resets, reading or modifying registers, and changing configuration settings such as IP addresses.

7.5
2019-01-03 CVE-2019-3905 Zohocorp Server-Side Request Forgery (SSRF) vulnerability in Zohocorp Manageengine Adselfservice Plus

Zoho ManageEngine ADSelfService Plus 5.x before build 5703 has SSRF.

7.5
2019-01-03 CVE-2018-20664 Zohocorp XXE vulnerability in Zohocorp Manageengine Adselfservice Plus 5.7

Zoho ManageEngine ADSelfService Plus 5.x before build 5701 has XXE via an uploaded product license.

7.5
2019-01-03 CVE-2018-19862 Minishare Project Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Minishare Project Minishare 1.4.1

Buffer overflow in MiniShare 1.4.1 and earlier allows remote attackers to execute arbitrary code via a long HTTP POST request.

7.5
2019-01-03 CVE-2018-19861 Minishare Project Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Minishare Project Minishare 1.4.1

Buffer overflow in MiniShare 1.4.1 and earlier allows remote attackers to execute arbitrary code via a long HTTP HEAD request.

7.5
2019-01-03 CVE-2018-19415 Plikli SQL Injection vulnerability in Plikli CMS 4.0.0

Multiple SQL injection vulnerabilities in Plikli CMS 4.0.0 allow remote attackers to execute arbitrary SQL commands via the (1) id parameter to join_group.php or (2) comment_id parameter to story.php.

7.5
2019-01-03 CVE-2018-17161 Freebsd Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Freebsd 11.2/12.0

In FreeBSD before 11.2-STABLE(r348229), 11.2-RELEASE-p7, 12.0-STABLE(r342228), and 12.0-RELEASE-p1, insufficient validation of network-provided data in bootpd may make it possible for a malicious attacker to craft a bootp packet which could cause a stack buffer overflow.

7.5
2019-01-03 CVE-2018-17172 Xerox Command Injection vulnerability in Xerox products

The web application on Xerox AltaLink B80xx before 100.008.028.05200, C8030/C8035 before 100.001.028.05200, C8045/C8055 before 100.002.028.05200, and C8070 before 100.003.028.05200 allows unauthenticated command injection.

7.5
2019-01-03 CVE-2018-18264 Kubernetes Missing Authentication for Critical Function vulnerability in Kubernetes Dashboard

Kubernetes Dashboard before 1.10.1 allows attackers to bypass authentication and use Dashboard's Service Account for reading secrets within the cluster.

7.5
2019-01-02 CVE-2018-13045 Yeswiki SQL Injection vulnerability in Yeswiki Cercopitheque 201806191

SQL injection vulnerability in the "Bazar" page in Yeswiki Cercopitheque 2018-06-19-1 and earlier allows attackers to execute arbitrary SQL commands via the "id" parameter.

7.5
2019-01-02 CVE-2019-3577 Bijiadao SQL Injection vulnerability in Bijiadao Waimai Super CMS 20150505

An issue was discovered in Waimai Super Cms 20150505.

7.5
2019-01-02 CVE-2019-3576 Inxedu Project SQL Injection vulnerability in Inxedu Project Inxedu 20181224

inxedu through 2018-12-24 has a SQL Injection vulnerability that can lead to information disclosure via the deleteFaveorite/ PATH_INFO.

7.5
2018-12-31 CVE-2018-6333 Facebook Improper Input Validation vulnerability in Facebook Nuclide

The hhvm-attach deep link handler in Nuclide did not properly sanitize the provided hostname parameter when rendering.

7.5
2018-12-31 CVE-2018-6331 Facebook Deserialization of Untrusted Data vulnerability in Facebook Buck

Buck parser-cache command loads/saves state using Java serialized object.

7.5
2018-12-31 CVE-2018-6334 Facebook Improper Input Validation vulnerability in Facebook Hhvm

Multipart-file uploads call variables to be improperly registered in the global scope.

7.5
2018-12-31 CVE-2018-18593 HP Path Traversal vulnerability in HP Ucmdb Configuration Manager

Remote Directory Traversal and Remote Disclosure of Privileged Information in UCMDB Configuration Management Service, version 10.22, 10.22 CUP1, 10.22 CUP2, 10.22 CUP3, 10.22 CUP4, 10.22 CUP5, 10.22 CUP6, 10.22 CUP7, 10.33, 10.33 CUP1, 10.33 CUP2, 10.33 CUP3, 2018.02, 2018.05, 2018.08, 2018.11.

7.5
2019-01-03 CVE-2017-18330 Qualcomm Unspecified vulnerability in Qualcomm products

Buffer overflow in AES-CCM and AES-GCM encryption via initialization vector in snapdragon automobile, snapdragon mobile and snapdragon wear in versions IPQ8074, MDM9206, MDM9607, MDM9635M, MDM9640, MDM9650, MDM9655, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 615/16/SD 415, SD 625, SD 632, SD 636, SD 650/52, SD 810, SD 820, SD 820A, SD 835, SDA660, SDM439, SDM630, SDM660, SDX24, Snapdragon_High_Med_2016.

7.2
2019-01-03 CVE-2017-18329 Qualcomm Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Qualcomm products

Possible Buffer overflow when transmitting an RTP packet in snapdragon automobile and snapdragon wear in versions MDM9615, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 450, SD 615/16/SD 415, SD 625, SD 636, SD 650/52, SD 712 / SD 710 / SD 670, SD 810, SD 820, SD 835, SD 845 / SD 850, SDA660, SDM630, SDM660, Snapdragon_High_Med_2016, SXR1130

7.2
2019-01-03 CVE-2017-18328 Qualcomm Use After Free vulnerability in Qualcomm products

Use after free in QSH client rule processing in snapdragon mobile and snapdragon wear in versions MDM9206, MDM9607, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 450, SD 625, SD 636, SD 820, SD 835, SDA660, SDM630, SDM660, Snapdragon_High_Med_2016.

7.2
2019-01-03 CVE-2017-18320 Qualcomm Improper Input Validation vulnerability in Qualcomm products

QSEE unload attempt on a 3rd party TEE without previously loading results in a data abort in snapdragon automobile and snapdragon mobile in versions MSM8996AU, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 615/16/SD 415, SD 625, SD 632, SD 636, SD 650/52, SD 712 / SD 710 / SD 670, SD 810, SD 820, SD 820A, SD 835, SDA660, SDM439, SDM630, SDM660, SDX24, Snapdragon_High_Med_2016, SXR1130.

7.2
2019-01-03 CVE-2017-18141 Qualcomm Unspecified vulnerability in Qualcomm products

When a 3rd party TEE has been loaded it is possible for the non-secure world to create a secure monitor call which will give it access to privileged functions meant to only be accessible from the TEE in Snapdragon Automobile, Snapdragon Mobile and Snapdragon Wear in versions IPQ8074, MDM9206, MDM9607, MDM9635M, MDM9650, MDM9655, MSM8996AU, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 625, SD 632, SD 636, SD 650/52, SD 810, SD 820, SD 820A, SD 835, SDA660, SDM439, SDM630, SDM660, SDX24, Snapdragon_High_Med_2016.

7.2
2019-01-02 CVE-2018-17188 Apache Unspecified vulnerability in Apache Couchdb

Prior to CouchDB version 2.3.0, CouchDB allowed for runtime-configuration of key components of the database.

7.2
2019-01-02 CVE-2018-15490 Expressvpn Path Traversal vulnerability in Expressvpn

An issue was discovered in ExpressVPN on Windows.

7.1

70 Medium Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2019-01-04 CVE-2018-1888 IBM Untrusted Search Path vulnerability in IBM I Access 6.1/7.1

An untrusted search path vulnerability in IBM i Access for Windows versions 7.1 and earlier on Windows can allow arbitrary code execution via a Trojan horse DLL in the current working directory, related to use of the LoadLibrary function.

6.8
2019-01-02 CVE-2018-20211 Exiftool Project Uncontrolled Search Path Element vulnerability in Exiftool Project Exiftool 8.32

ExifTool 8.32 allows local users to gain privileges by creating a %TEMP%\par-%username%\cache-exiftool-8.32 folder with a victim's username, and then copying a Trojan horse ws32_32.dll file into this new folder, aka DLL Hijacking.

6.8
2019-01-02 CVE-2019-3574 Libsixel Project Out-of-bounds Read vulnerability in Libsixel Project Libsixel 1.8.2

In libsixel v1.8.2, there is a heap-based buffer over-read in the function load_jpeg() in the file loader.c, as demonstrated by img2sixel.

6.8
2019-01-02 CVE-2018-5197 Tobesoft
Microsoft
Improper Input Validation vulnerability in Tobesoft Xplatform 9.2/9.2.1/9.2.2

A vulnerability in the ExtCommon.dll user extension module version 9.2, 9.2.1, 9.2.2 of Xplatform ActiveX could allow attacker to perform a command injection attack.

6.8
2018-12-31 CVE-2018-6340 Facebook Out-of-bounds Read vulnerability in Facebook Hhvm

The Memcache::getextendedstats function can be used to trigger an out-of-bounds read.

6.8
2018-12-31 CVE-2018-6336 Linuxfoundation 7PK - Security Features vulnerability in Linuxfoundation Osquery

An issue was discovered in osquery.

6.8
2018-12-31 CVE-2018-18601 Guardzilla Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Guardzilla Gz621W Firmware 0.5.1.4

The TK_set_deviceModel_req_handle function in the cloud communication component in Guardzilla GZ621W devices with firmware 0.5.1.4 has a Buffer Overflow.

6.8
2018-12-31 CVE-2018-20618 OK File Formats Project Out-of-bounds Read vulnerability in Ok-File-Formats Project Ok-File-Formats

ok-file-formats through 2018-10-16 has a heap-based buffer over-read in the ok_mo_decode2 function in ok_mo.c.

6.8
2018-12-31 CVE-2018-20617 OK File Formats Project Out-of-bounds Write vulnerability in Ok-File-Formats Project Ok-File-Formats

ok-file-formats through 2018-10-16 has a heap-based buffer overflow in the ok_csv_decode2 function in ok_csv.c.

6.8
2018-12-31 CVE-2018-20616 OK File Formats Project Out-of-bounds Write vulnerability in Ok-File-Formats Project Ok-File-Formats

ok-file-formats through 2018-10-16 has a heap-based buffer overflow in the ok_wav_decode_ms_adpcm_data function in ok_wav.c.

6.8
2019-01-04 CVE-2018-1859 IBM Unspecified vulnerability in IBM API Connect

IBM API Connect 5.0.0.0 through 5.0.8.4 could allow a user authenticated as an administrator with limited rights to escalate their privileges.

6.5
2019-01-04 CVE-2019-5009 Vtiger Unrestricted Upload of File with Dangerous Type vulnerability in Vtiger CRM

Vtiger CRM 7.1.0 before Hotfix2 allows uploading files with the extension "php3" in the logo upload field, if the uploaded file is in PNG format and has a size of 150x40.

6.5
2019-01-03 CVE-2018-19601 Rhymix Server-Side Request Forgery (SSRF) vulnerability in Rhymix 1.9.8.1

Rhymix CMS 1.9.8.1 allows SSRF via an index.php?module=admin&act=dispModuleAdminFileBox SVG upload.

6.5
2019-01-03 CVE-2018-20662 Freedesktop
Debian
Fedoraproject
Canonical
Redhat
Improper Input Validation vulnerability in multiple products

In Poppler 0.72.0, PDFDoc::setup in PDFDoc.cc allows attackers to cause a denial-of-service (application crash caused by Object.h SIGABRT, because of a wrong return value from PDFDoc::setup) by crafting a PDF file in which an xref data structure is mishandled during extractPDFSubtype processing.

6.5
2019-01-02 CVE-2018-20166 Rukovoditel Unrestricted Upload of File with Dangerous Type vulnerability in Rukovoditel 2.3.1

A file-upload vulnerability exists in Rukovoditel 2.3.1.

6.5
2019-01-01 CVE-2018-20650 Freedesktop
Canonical
Debian
Redhat
Improper Input Validation vulnerability in multiple products

A reachable Object::dictLookup assertion in Poppler 0.72.0 allows attackers to cause a denial of service due to the lack of a check for the dict data type, as demonstrated by use of the FileSpec class (in FileSpec.cc) in pdfdetach.

6.5
2019-01-01 CVE-2019-3494 Simply Blog Project SQL Injection vulnerability in Simply-Blog Project Simply-Blog 20190101

Simply-Blog through 2019-01-01 has SQL Injection via the admin/deleteCategories.php delete parameter.

6.4
2019-01-03 CVE-2018-19993 Dolibarr Cross-site Scripting vulnerability in Dolibarr Erp/Crm 8.0.2

A reflected cross-site scripting (XSS) vulnerability in Dolibarr 8.0.2 allows remote attackers to inject arbitrary web script or HTML via the transphrase parameter to public/notice.php.

6.1
2019-01-03 CVE-2019-5007 Foxitsoftware
Microsoft
NULL Pointer Dereference vulnerability in Foxitsoftware Foxit Reader and Phantompdf

An issue was discovered in Foxit Reader and PhantomPDF before 9.4 on Windows.

5.8
2019-01-04 CVE-2018-20671 GNU Integer Overflow or Wraparound vulnerability in GNU Binutils

load_specific_debug_section in objdump.c in GNU Binutils through 2.31.1 contains an integer overflow vulnerability that can trigger a heap-based buffer overflow via a crafted section size.

5.5
2019-01-03 CVE-2018-3986 Telegram Information Exposure vulnerability in Telegram 4.9.0

An exploitable information disclosure vulnerability exists in the "Secret Chats" functionality of the Telegram Android messaging application version 4.9.0.

5.5
2019-01-03 CVE-2018-16885 Linux
Redhat
Out-of-bounds Read vulnerability in multiple products

A flaw was found in the Linux kernel that allows the userspace to call memcpy_fromiovecend() and similar functions with a zero offset and buffer length which causes the read beyond the buffer boundaries, in certain cases causing a memory access fault and a system halt by accessing invalid memory address.

5.5
2019-01-02 CVE-2018-19478 Artifex
Debian
Improper Input Validation vulnerability in multiple products

In Artifex Ghostscript before 9.26, a carefully crafted PDF file can trigger an extremely long running computation when parsing the file.

5.5
2019-01-01 CVE-2018-20651 GNU NULL Pointer Dereference vulnerability in GNU Binutils 2.31.1

A NULL pointer dereference was discovered in elf_link_add_object_symbols in elflink.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31.1.

5.5
2019-01-03 CVE-2018-19995 Dolibarr Cross-site Scripting vulnerability in Dolibarr Erp/Crm 8.0.2

A stored cross-site scripting (XSS) vulnerability in Dolibarr 8.0.2 allows remote authenticated users to inject arbitrary web script or HTML via the "address" (POST) or "town" (POST) parameter to user/card.php.

5.4
2019-01-03 CVE-2018-19992 Dolibarr Cross-site Scripting vulnerability in Dolibarr Erp/Crm 8.0.2

A stored cross-site scripting (XSS) vulnerability in Dolibarr 8.0.2 allows remote authenticated users to inject arbitrary web script or HTML via the "address" (POST) or "town" (POST) parameter to adherents/type.php.

5.4
2019-01-03 CVE-2018-19249 Stripe Improper Authentication vulnerability in Stripe API 1.0

The Stripe API v1 allows remote attackers to bypass intended access restrictions by replaying api.stripe.com /v1/tokens XMLHttpRequest data, parsing the response under the object card{}, and reading the cvc_check information if the creation is successful without charging the actual card used in the transaction.

5.0
2019-01-03 CVE-2018-18004 Vivotek Missing Authorization vulnerability in Vivotek Camera

Incorrect Access Control in mod_inetd.cgi in VIVOTEK Network Camera Series products with firmware before XXXXXX-VVTK-0X09a allows remote attackers to enable arbitrary system services via a URL parameter.

5.0
2019-01-03 CVE-2019-3580 Openrefine Path Traversal vulnerability in Openrefine

OpenRefine through 3.1 allows arbitrary file write because Directory Traversal can occur during the import of a crafted project file.

5.0
2019-01-03 CVE-2018-18893 Hubspot Unspecified vulnerability in Hubspot Jinjava

Jinjava before 2.4.6 does not block the getClass method, related to com/hubspot/jinjava/el/ext/JinjavaBeanELResolver.java.

5.0
2019-01-02 CVE-2018-20100 August Missing Encryption of Sensitive Data vulnerability in August Connect and August Connect Firmware

An issue was discovered on August Connect devices.

5.0
2019-01-02 CVE-2018-20658 Coreftp Improper Input Validation vulnerability in Coreftp Core FTP 2.0

The server in Core FTP 2.0 build 653 on 32-bit platforms allows remote attackers to cause a denial of service (daemon crash) via a crafted XRMD command.

5.0
2019-01-02 CVE-2018-20657 GNU
F5
Missing Release of Resource after Effective Lifetime vulnerability in multiple products

The demangle_template function in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.31.1, has a memory leak via a crafted string, leading to a denial of service (memory consumption), as demonstrated by cxxfilt, a related issue to CVE-2018-12698.

5.0
2018-12-31 CVE-2018-6347 Proxygen Project Improper Input Validation vulnerability in Proxygen Project Proxygen

An issue in the Proxygen handling of HTTP2 parsing of headers/trailers can lead to a denial-of-service attack.

5.0
2018-12-31 CVE-2018-6346 Proxygen Project 7PK - Errors vulnerability in Proxygen Project Proxygen

A potential denial-of-service issue in the Proxygen handling of invalid HTTP2 priority settings (specifically a circular dependency).

5.0
2018-12-31 CVE-2018-6344 Whatsapp Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Whatsapp

A heap corruption in WhatsApp can be caused by a malformed RTP packet being sent after a call is established.

5.0
2018-12-31 CVE-2018-6343 Facebook Improper Input Validation vulnerability in Facebook Proxygen 2018.10.29.00/2018.11.05.00/2018.11.12.00

Proxygen fails to validate that a secondary auth manager is set before dereferencing it.

5.0
2018-12-31 CVE-2018-6337 Facebook Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Facebook Folly and Hhvm

folly::secureRandom will re-use a buffer between parent and child processes when fork() is called.

5.0
2018-12-31 CVE-2018-6335 Facebook Improper Input Validation vulnerability in Facebook Hhvm

A Malformed h2 frame can cause 'std::out_of_range' exception when parsing priority meta data.

5.0
2018-12-31 CVE-2018-18602 Guardzilla Use of Insufficiently Random Values vulnerability in Guardzilla products

The Cloud API on Guardzilla smart cameras allows user enumeration, with resultant arbitrary camera access and monitoring.

5.0
2019-01-03 CVE-2019-3701 Linux
Debian
Canonical
Out-of-bounds Write vulnerability in Linux Kernel

An issue was discovered in can_can_gw_rcv in net/can/gw.c in the Linux kernel through 4.19.13.

4.9
2019-01-03 CVE-2019-3575 Sqla Yaml Fixtures Project Code Injection vulnerability in Sqla Yaml Fixtures Project Sqla Yaml Fixtures 0.9.1

Sqla_yaml_fixtures 0.9.1 allows local users to execute arbitrary python code via the fixture_text argument in sqla_yaml_fixtures.load.

4.6
2019-01-03 CVE-2018-20131 Code42
Linux
Incorrect Permission Assignment for Critical Resource vulnerability in Code42

The Code42 app before 6.8.4, as used in Code42 for Enterprise, on Linux installs with overly permissive permissions on the /usr/local/crashplan/log directory.

4.6
2018-12-31 CVE-2018-19937 Videolan Improper Authentication vulnerability in Videolan VLC FOR Mobile

A local, authenticated attacker can bypass the passcode in the VideoLAN VLC media player app before 3.1.5 for iOS by opening a URL and turning the phone.

4.6
2019-01-04 CVE-2018-20673 GNU Integer Overflow or Wraparound vulnerability in GNU Binutils 2.31.1

The demangle_template function in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.31.1, contains an integer overflow vulnerability (for "Create an array for saving the template argument values") that can trigger a heap-based buffer overflow, as demonstrated by nm.

4.3
2019-01-04 CVE-2019-5311 Yunucms Cross-site Scripting vulnerability in Yunucms 1.1.8

An issue was discovered in YUNUCMS V1.1.8.

4.3
2019-01-04 CVE-2019-5310 Yunucms Cross-site Scripting vulnerability in Yunucms 1.1.8

YUNUCMS 1.1.8 has XSS in app/admin/controller/System.php because crafted data can be written to the sys.php file, as demonstrated by site_title in an admin/system/basic POST request.

4.3
2019-01-03 CVE-2019-5006 Foxitsoftware
Microsoft
NULL Pointer Dereference vulnerability in Foxitsoftware Foxit Reader and Phantompdf

An issue was discovered in Foxit Reader and PhantomPDF before 9.4 on Windows.

4.3
2019-01-03 CVE-2019-5005 Foxitsoftware
Microsoft
Out-of-bounds Write vulnerability in Foxitsoftware Foxit Reader and Phantompdf

An issue was discovered in Foxit Reader and PhantomPDF before 9.4 on Windows.

4.3
2019-01-03 CVE-2018-8827 Technicolor Cross-site Scripting vulnerability in Technicolor Tg789Vac Firmware 16.3.7190276100520161004084353

The admin web interface on Technicolor MediaAccess TG789vac v2 HP devices with firmware v16.3.7190-2761005-20161004084353 displays unsanitised user input, which allows an unauthenticated malicious user to embed JavaScript into the Log viewer interface via a crafted HTTP Referer header, aka XSS.

4.3
2019-01-03 CVE-2018-18997 ABB Cross-site Scripting vulnerability in ABB Gate-E1 Firmware and Gate-E2 Firmware

Pluto Safety PLC Gateway Ethernet devices in ABB GATE-E1 and GATE-E2 all versions allows an unauthenticated attacker using the administrative web interface to insert an HTML/Javascript payload into any of the device properties, which may allow an attacker to display/execute the payload in a visitor browser.

4.3
2019-01-03 CVE-2018-18244 Vivotek Cross-site Scripting vulnerability in Vivotek Camera

Cross-site scripting in syslog.html in VIVOTEK Network Camera Series products with firmware 0x06x to 0x08x allows remote attackers to execute arbitrary JavaScript code via an HTTP Referer Header.

4.3
2019-01-03 CVE-2018-18005 Vivotek Cross-site Scripting vulnerability in Vivotek Camera

Cross-site scripting in event_script.js in VIVOTEK Network Camera Series products with firmware 0x06x to 0x08x allows remote attackers to execute arbitrary JavaScript via a URL query string parameter.

4.3
2019-01-03 CVE-2018-19414 Plikli Cross-site Scripting vulnerability in Plikli CMS 4.0.0

Multiple cross-site scripting (XSS) vulnerabilities in Plikli CMS 4.0.0 allow remote attackers to inject arbitrary web script or HTML via the (1) keyword parameter to groups.php; (2) username parameter to login.php; or (3) date parameter to search.php.

4.3
2019-01-03 CVE-2018-14481 Osclass Cross-site Scripting vulnerability in Osclass 3.7.4

Osclass 3.7.4 has XSS via the query string to index.php, a different vulnerability than CVE-2014-6280.

4.3
2019-01-03 CVE-2018-16870 Wolfssl Cryptographic Issues vulnerability in Wolfssl

It was found that wolfssl before 3.15.7 is vulnerable to a new variant of the Bleichenbacher attack to perform downgrade attacks against TLS.

4.3
2019-01-02 CVE-2018-20326 Chinamobile Cross-site Scripting vulnerability in Chinamobile Gpn2.4P21-C-Cn Firmware W2001En00

ChinaMobile PLC Wireless Router GPN2.4P21-C-CN devices with firmware W2001EN-00 have XSS via the cgi-bin/webproc?getpage=html/index.html var:subpage parameter.

4.3
2019-01-02 CVE-2018-20659 Axiosys Allocation of Resources Without Limits or Throttling vulnerability in Axiosys Bento4 1.5.1627

An issue was discovered in Bento4 1.5.1-627.

4.3
2019-01-02 CVE-2019-3573 Libsixel Project Infinite Loop vulnerability in Libsixel Project Libsixel 1.8.2

In libsixel v1.8.2, there is an infinite loop in the function sixel_decode_raw_impl() in the file fromsixel.c, as demonstrated by sixel2png.

4.3
2019-01-02 CVE-2019-3572 Libming Out-of-bounds Read vulnerability in Libming 0.4.8

An issue was discovered in libming 0.4.8.

4.3
2019-01-01 CVE-2018-20652 Tinyexr Project Allocation of Resources Without Limits or Throttling vulnerability in Tinyexr Project Tinyexr 0.9.5

An attempted excessive memory allocation was discovered in the function tinyexr::AllocateImage in tinyexr.h in tinyexr v0.9.5.

4.3
2018-12-31 CVE-2018-6341 Facebook Cross-site Scripting vulnerability in Facebook React

React applications which rendered to HTML using the ReactDOMServer API were not escaping user-supplied attribute names at render-time.

4.3
2018-12-31 CVE-2018-20623 GNU Use After Free vulnerability in GNU Binutils 2.31.1

In GNU Binutils 2.31.1, there is a use-after-free in the error function in elfcomm.c when called from the process_archive function in readelf.c via a crafted ELF file.

4.3
2018-12-31 CVE-2018-20622 Jasper Project
Debian
Missing Release of Resource after Effective Lifetime vulnerability in multiple products

JasPer 2.0.14 has a memory leak in base/jas_malloc.c in libjasper.a when "--output-format jp2" is used.

4.3
2018-12-31 CVE-2018-19904 Xsltcms ORG Project Cross-site Scripting vulnerability in Xsltcms.Org Project Xsltcms.Org

Persistent XSS exists in XSLT CMS via the create/?action=items.edit&type=Page "body" field.

4.3
2018-12-31 CVE-2018-19903 Xsltcms ORG Project Cross-site Scripting vulnerability in Xsltcms.Org Project Xsltcms.Org

Persistent XSS exists in XSLT CMS via the create/?action=items.edit&type=Page title field.

4.3
2019-01-03 CVE-2018-15780 RSA Unspecified vulnerability in RSA Archer GRC Platform

RSA Archer versions prior to 6.5.0.1 contain an improper access control vulnerability.

4.0
2019-01-03 CVE-2018-19505 BMC Improper Authentication vulnerability in BMC Remedy Action Request System Server 7.1

Remedy AR System Server in BMC Remedy 7.1 may fail to set the correct user context in certain impersonation scenarios, which can allow a user to act with the identity of a different user, because userdata.js in the WOI:WorkOrderConsole component allows a username substitution involving a UserData_Init call.

4.0
2019-01-02 CVE-2018-19371 SDL XXE vulnerability in SDL web Content Manager 8.5.0

The SaveUserSettings service in Content Manager in SDL Web 8.5.0 has an XXE Vulnerability that allows reading sensitive files from the system.

4.0
2019-01-02 CVE-2018-7900 Huawei Information Exposure vulnerability in Huawei products

There is an information leak vulnerability in some Huawei HG products.

4.0

22 Low Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2019-01-04 CVE-2018-1951 IBM Cross-site Scripting vulnerability in IBM Rational Publishing Engine 2.1.2/6.0.5/6.0.6

IBM Publishing Engine 2.1.2, 6.0.5, and 6.0.6 is vulnerable to cross-site scripting.

3.5
2019-01-04 CVE-2018-1657 IBM Cross-site Scripting vulnerability in IBM Rational Publishing Engine 2.1.2/6.0.5/6.0.6

IBM Publishing Engine 2.1.2, 6.0.5, and 6.0.6 is vulnerable to cross-site scripting.

3.5
2019-01-03 CVE-2018-19600 Rhymix Cross-site Scripting vulnerability in Rhymix 1.9.8.1

Rhymix CMS 1.9.8.1 allows XSS via an index.php?module=admin&act=dispModuleAdminFileBox SVG upload.

3.5
2019-01-03 CVE-2018-20663 Haulmont Cross-site Scripting vulnerability in Haulmont Cuba Platform and Reporting

The Reporting Addon (aka Reports Addon) through 2019-01-02 for CUBA Platform through 6.10.x has Persistent XSS via the "Reports > Reports" name field.

3.5
2019-01-03 CVE-2018-16876 Redhat
Debian
Suse
Canonical
Information Exposure vulnerability in multiple products

ansible before versions 2.5.14, 2.6.11, 2.7.5 is vulnerable to a information disclosure flaw in vvv+ mode with no_log on that can lead to leakage of sensible data.

3.5
2019-01-02 CVE-2019-3501 Ougc Awards Project Cross-site Scripting vulnerability in Ougc Awards Project Ougc Awards 1.1/1.8.0/1.8.3

The OUGC Awards plugin before 1.8.19 for MyBB allows XSS via a crafted award reason that is mishandled on the awards page or in a user profile.

3.5
2018-12-31 CVE-2018-19918 Cuppacms Cross-site Scripting vulnerability in Cuppacms

CuppaCMS has XSS via an SVG document uploaded to the administrator/#/component/table_manager/view/cu_views URI.

3.5
2018-12-31 CVE-2018-19906 Razorcms Cross-site Scripting vulnerability in Razorcms 3.4.8

Stored XSS exists in razorCMS 3.4.8 via the /#/page description parameter.

3.5
2018-12-31 CVE-2018-19905 Razorcms Cross-site Scripting vulnerability in Razorcms 3.4.8

HTML injection exists in razorCMS 3.4.8 via the /#/page keywords parameter.

3.5
2018-12-31 CVE-2018-19902 NO CMS Project Cross-site Scripting vulnerability in No-Cms Project No-Cms 1.1.3

No-CMS 1.1.3 is prone to Persistent XSS via the blog/manage_article "keyword" parameter.

3.5
2018-12-31 CVE-2018-19901 NO CMS Project Cross-site Scripting vulnerability in No-Cms Project No-Cms 1.1.3

No-CMS 1.1.3 is prone to Persistent XSS via the blog/manage_article/index/ "article_title" parameter.

3.5
2018-12-31 CVE-2018-19845 GET Simple Cross-site Scripting vulnerability in Get-Simple Getsimple CMS 3.3.12

There is Stored XSS in GetSimple CMS 3.3.12 via the admin/edit.php "post-menu" parameter, a related issue to CVE-2018-16325.

3.5
2018-12-31 CVE-2018-19844 Frogcms Project Cross-site Scripting vulnerability in Frogcms Project Frogcms 0.9.5

FROG CMS 0.9.5 has XSS via the admin/?/snippet/add name parameter, which is mishandled during an edit action, a related issue to CVE-2018-10319.

3.5
2019-01-03 CVE-2018-19523 Driveagent Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Driveagent 2.2015.7.14

DriverAgent 2.2015.7.14, which includes DrvAgent64.sys 1.0.0.1, allows a user to send an IOCTL (0x80002068) with a user defined buffer size.

2.1
2019-01-03 CVE-2017-18327 Qualcomm Cryptographic Issues vulnerability in Qualcomm products

Security keys are logged when any WCDMA call is configured or reconfigured in snapdragon automobile, snapdragon mobile and snapdragon wear in versions MDM9607, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 425, SD 430, SD 450, SD 625, SD 650/52, SD 712 / SD 710 / SD 670, SD 820, SD 820A, SD 835, SD 845 / SD 850, SDA660, SDX20, SXR1130.

2.1
2019-01-03 CVE-2017-18326 Qualcomm Information Exposure vulnerability in Qualcomm products

Cryptographic keys are printed in modem debug messages in snapdragon mobile and snapdragon wear in versions MDM9607, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 450, SD 615/16/SD 415, SD 625, SD 636, SD 650/52, SD 800, SD 810, SD 820, SD 835, SDA660, SDM630, SDM660, Snapdragon_High_Med_2016.

2.1
2019-01-03 CVE-2017-18324 Qualcomm Information Exposure vulnerability in Qualcomm products

Cryptographic key material leaked in debug messages - GERAN in snapdragon mobile and snapdragon wear in versions MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 450, SD 615/16/SD 415, SD 625, SD 650/52, SD 800, SD 810, SD 820, SD 835, SD 855, SDX24, Snapdragon_High_Med_2016.

2.1
2019-01-03 CVE-2017-18323 Qualcomm Key Management Errors vulnerability in Qualcomm products

Cryptographic key material leaked in TDSCDMA RRC debug messages in snapdragon automobile, snapdragon mobile and snapdragon wear in versions MDM9206, MDM9607, MDM9615, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 625, SD 650/52, SD 712 / SD 710 / SD 670, SD 820, SD 820A, SD 835, SD 845 / SD 850, SDA660, SDX20, SXR1130.

2.1
2019-01-03 CVE-2017-18322 Qualcomm Information Exposure vulnerability in Qualcomm products

Cryptographic key material leaked in WCDMA debug messages in snapdragon mobile and snapdragon wear in versions MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 450, SD 615/16/SD 415, SD 625, SD 650/52, SD 800, SD 810, SD 820, SD 835, Snapdragon_High_Med_2016.

2.1
2019-01-03 CVE-2017-18321 Qualcomm Information Exposure vulnerability in Qualcomm products

Security keys used by the terminal and NW for a session could be leaked in snapdragon mobile in versions MDM9650, MDM9655, SD 835, SDA660.

2.1
2019-01-03 CVE-2017-18319 Qualcomm Key Management Errors vulnerability in Qualcomm products

Information leak in UIM API debug messages in snapdragon mobile and snapdragon wear in versions MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9645, MDM9650, MDM9655, MSM8909W, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 450, SD 615/16/SD 415, SD 625, SD 650/52, SD 800, SD 810, SD 820, SD 835, Snapdragon_High_Med_2016.

2.1
2019-01-03 CVE-2017-11004 Qualcomm Unspecified vulnerability in Qualcomm products

A non-secure user may be able to access certain registers in snapdragon automobile, snapdragon mobile and snapdragon wear in versions IPQ8074, MDM9206, MDM9607, MDM9635M, MDM9650, MDM9655, MSM8996AU, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 615/16/SD 415, SD 625, SD 632, SD 636, SD 650/52, SD 810, SD 820, SD 820A, SD 835, SDA660, SDM439, SDM630, SDM660, SDX24, Snapdragon_High_Med_2016.

2.1