Weekly Vulnerabilities Reports > January 28 to February 3, 2019

Overview

139 new vulnerabilities reported during this period, including 6 critical vulnerabilities and 18 high severity vulnerabilities. This weekly summary report vulnerabilities in 154 products from 86 vendors including Debian, Canonical, Microsoft, Redhat, and Netapp. Vulnerabilities are notably categorized as "Cross-site Scripting", "Path Traversal", "Out-of-bounds Read", "Out-of-bounds Write", and "Information Exposure".

  • 123 reported vulnerabilities are remotely exploitables.
  • 8 reported vulnerabilities have public exploit available.
  • 56 reported vulnerabilities are related to weaknesses in OWASP Top Ten.
  • 119 reported vulnerabilities are exploitable by an anonymous user.
  • Debian has the most reported vulnerabilities, with 16 reported vulnerabilities.
  • Dlink has the most reported critical vulnerabilities, with 1 reported vulnerabilities.

TOTAL
VULNERABILITIES
CRITICAL RISK
VULNERABILITIES
HIGH RISK
VULNERABILITIES
MEDIUM RISK
VULNERABILITIES
LOW RISK
VULNERABILITIES
REMOTELY
EXPLOITABLE
LOCALLY
EXPLOITABLE
EXPLOIT
AVAILABLE
EXPLOITABLE
ANONYMOUSLY
AFFECTING
WEB APPLICATION

Vulnerability Details

The following table list reported vulnerabilities for the period covered by this report:

Expand/Hide

6 Critical Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2019-01-31 CVE-2019-7297 D Link OS Command Injection vulnerability in D-Link Dir-823G Firmware

An issue was discovered on D-Link DIR-823G devices with firmware through 1.02B03.

10.0
2019-01-29 CVE-2018-10612 Codesys Missing Encryption of Sensitive Data vulnerability in Codesys products

In 3S-Smart Software Solutions GmbH CODESYS Control V3 products prior to version 3.5.14.0, user access management and communication encryption is not enabled by default, which could allow an attacker access to the device and sensitive information, including user credentials.

10.0
2019-02-01 CVE-2019-7298 Dlink OS Command Injection vulnerability in Dlink Dir-823G Firmware

An issue was discovered on D-Link DIR-823G devices with firmware through 1.02B03.

9.3
2019-01-28 CVE-2019-3462 Debian
Canonical
Netapp
Incorrect sanitation of the 302 redirect field in HTTP transport method of apt versions 1.4.8 and earlier can lead to content injection by a MITM attacker, potentially leading to remote code execution on the target machine.
9.3
2019-02-01 CVE-2019-7301 Zevenet OS Command Injection vulnerability in Zevenet ZEN Load Balancer 3.10.1

Zen Load Balancer 3.10.1 allows remote authenticated admin users to execute arbitrary commands as root via shell metacharacters in the index.cgi?action=View_Cert certname parameter.

9.0
2019-02-01 CVE-2019-7300 Articatech Insufficiently Protected Credentials vulnerability in Articatech Artica Proxy 3.06.200056

Artica Proxy 3.06.200056 allows remote attackers to execute arbitrary commands as root by reading the ressources/settings.inc ldap_admin and ldap_password fields, using these credentials at logon.php, and then entering the commands in the admin.index.php command-line field.

9.0

18 High Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2019-02-01 CVE-2018-18988 Lcds Improper Input Validation vulnerability in Lcds Laquis Scada 4.1.0.3870

LCDS Laquis SCADA prior to version 4.1.0.4150 allows execution of script code by opening a specially crafted report format file.

8.3
2019-02-01 CVE-2018-16492 Extend Project Injection vulnerability in Extend Project Extend

A prototype pollution vulnerability was found in module extend <2.0.2, ~<3.0.2 that allows an attacker to inject arbitrary properties onto Object.prototype.

7.5
2019-02-01 CVE-2018-16491 Dreamerslab Injection vulnerability in Dreamerslab Node.Extend

A prototype pollution vulnerability was found in node.extend <1.1.7, ~<2.0.1 that allows an attacker to inject arbitrary properties onto Object.prototype.

7.5
2019-02-01 CVE-2018-16489 Just Extend Project Injection vulnerability in Just-Extend Project Just-Extend

A prototype pollution vulnerability was found in just-extend <4.0.0 that allows attack to inject properties onto Object.prototype through its functions.

7.5
2019-02-01 CVE-2018-16486 Defaults Deep Project Injection vulnerability in Defaults-Deep Project Defaults-Deep

A prototype pollution vulnerability was found in defaults-deep <=0.2.4 that would allow a malicious user to inject properties onto Object.prototype.

7.5
2019-01-31 CVE-2018-12548 Eclipse Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Eclipse Openj9 0.11.0

In OpenJDK + Eclipse OpenJ9 version 0.11.0 builds, the public jdk.crypto.jniprovider.NativeCrypto class contains public static natives which accept pointer values that are dereferenced in the native code.

7.5
2019-01-31 CVE-2019-7249 Keybase Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Keybase

In Keybase before 2.12.6 on macOS, the move RPC to the Helper was susceptible to time-to-check-time-to-use bugs and would also allow one user of the system (who didn't have root access) to tamper with another's installs.

7.5
2019-01-31 CVE-2019-6438 Schedmd
Opensuse
SchedMD Slurm before 17.11.13 and 18.x before 18.08.5 mishandles 32-bit systems.
7.5
2019-01-30 CVE-2018-20750 Libvnc Project
Canonical
Debian
Siemens
Out-of-bounds Write vulnerability in multiple products

LibVNC through 0.9.12 contains a heap out-of-bounds write vulnerability in libvncserver/rfbserver.c.

7.5
2019-01-30 CVE-2018-20749 Libvnc Project
Canonical
Debian
Siemens
Out-of-bounds Write vulnerability in multiple products

LibVNC before 0.9.12 contains a heap out-of-bounds write vulnerability in libvncserver/rfbserver.c.

7.5
2019-01-30 CVE-2018-20748 Libvnc Project
Debian
Canonical
Siemens
Out-of-bounds Write vulnerability in multiple products

LibVNC before 0.9.12 contains multiple heap out-of-bounds write vulnerabilities in libvncclient/rfbproto.c.

7.5
2019-01-30 CVE-2018-17431 Comodo Improper Authentication vulnerability in Comodo Unified Threat Management Firewall

Web Console in Comodo UTM Firewall before 2.7.0 allows remote attackers to execute arbitrary code without authentication via a crafted URL.

7.5
2019-01-29 CVE-2019-7160 Idreamsoft Path Traversal vulnerability in Idreamsoft Icms 7.0.13

idreamsoft iCMS 7.0.13 allows admincp.php?app=files ../ Directory Traversal via the udir parameter to files.admincp.php, resulting in execution of arbitrary PHP code from a ZIP file via the admincp.php?app=apps zipfile parameter to apps.admincp.php.

7.5
2019-01-28 CVE-2019-6991 Zoneminder Out-of-bounds Write vulnerability in Zoneminder

A classic Stack-based buffer overflow exists in the zmLoadUser() function in zm_user.cpp of the zmu binary in ZoneMinder through 1.32.3, allowing an unauthenticated attacker to execute code via a long username.

7.5
2019-01-28 CVE-2019-6978 Libgd
Debian
Canonical
Double Free vulnerability in multiple products

The GD Graphics Library (aka LibGD) 2.2.5 has a double free in the gdImage*Ptr() functions in gd_gif_out.c, gd_jpeg.c, and gd_wbmp.c.

7.5
2019-01-31 CVE-2018-6241 Google Improper Input Validation vulnerability in Google Android

NVIDIA Tegra Gralloc module contains a vulnerability in driver in which it does not validate input parameter of the registerbuffer API, which may lead to arbitrary code execution, denial of service, or escalation of privileges.

7.2
2019-01-31 CVE-2018-15515 Dlink Unspecified vulnerability in Dlink Central Wifimanager 1.03R0098

The CaptivelPortal service on D-Link Central WiFiManager CWM-100 1.03 r0098 devices will load a Trojan horse "quserex.dll" from the CaptivelPortal.exe subdirectory under the D-Link directory, which allows unprivileged local users to gain SYSTEM privileges.

7.2
2019-01-28 CVE-2018-19012 Draeger Unspecified vulnerability in Draeger products

Drager Infinity Delta, Infinity Delta, all versions, Delta XL, all versions, Kappa, all version, and Infinity Explorer C700, all versions.

7.2

96 Medium Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2019-01-29 CVE-2018-16880 Linux
Canonical
Out-of-bounds Write vulnerability in multiple products

A flaw was found in the Linux kernel's handle_rx() function in the [vhost_net] driver.

6.9
2019-02-03 CVE-2019-7310 Freedesktop
Canonical
Debian
Fedoraproject
Redhat
Incorrect Conversion between Numeric Types vulnerability in multiple products

In Poppler 0.73.0, a heap-based buffer over-read (due to an integer signedness error in the XRef::getEntry function in XRef.cc) allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted PDF document, as demonstrated by pdftocairo.

6.8
2019-02-01 CVE-2018-16487 Lodash Resource Exhaustion vulnerability in Lodash

A prototype pollution vulnerability was found in lodash <4.17.11 where the functions merge, mergeWith, and defaultsDeep can be tricked into adding or modifying properties of Object.prototype.

6.8
2019-02-01 CVE-2019-3604 Mcafee Cross-Site Request Forgery (CSRF) vulnerability in Mcafee Epolicy Orchestrator

Cross-Site Request Forgery (CSRF) vulnerability in McAfee ePO (legacy) Cloud allows unauthenticated users to perform unintended ePO actions using an authenticated user's session via unspecified vectors.

6.8
2019-01-31 CVE-2019-7216 Encodable Unspecified vulnerability in Encodable Filechucker 4.99Efreee02/5.09

An issue was discovered in FileChucker 4.99e-free-e02.

6.8
2019-01-30 CVE-2019-7233 Libdoc Project NULL Pointer Dereference vulnerability in Libdoc Project Libdoc 20190128

In libdoc through 2019-01-28, doc2text in catdoc.c has a NULL pointer dereference.

6.8
2019-01-30 CVE-2018-19027 Omron Incorrect Type Conversion or Cast vulnerability in Omron Cx-One and Cx-Protocol

Three type confusion vulnerabilities exist in CX-One Versions 4.50 and prior and CX-Protocol Versions 2.0 and prior when processing project files.

6.8
2019-01-29 CVE-2019-3806 Powerdns Unspecified vulnerability in Powerdns Recursor

An issue has been found in PowerDNS Recursor versions after 4.1.3 before 4.1.9 where Lua hooks are not properly applied to queries received over TCP in some specific combination of settings, possibly bypassing security policies enforced using Lua.

6.8
2019-01-28 CVE-2019-6985 Foxitsoftware
Microsoft
Out-of-bounds Read vulnerability in Foxitsoftware 3D

An issue was discovered in Foxit 3D Plugin Beta before 9.4.0.16807 for Foxit Reader and PhantomPDF.

6.8
2019-02-01 CVE-2018-16483 Express Cart Project Authentication Bypass by Spoofing vulnerability in Express-Cart Project Express-Cart

A deficiency in the access control in module express-cart <=1.1.5 allows unprivileged users to add new users to the application as administrators.

6.5
2019-01-30 CVE-2019-7235 Idreamsoft Path Traversal vulnerability in Idreamsoft Icms 7.0.13

An issue was discovered in idreamsoft iCMS 7.0.13.

6.4
2019-01-30 CVE-2019-7234 Idreamsoft Path Traversal vulnerability in Idreamsoft Icms 7.0.13

An issue was discovered in idreamsoft iCMS 7.0.13.

6.4
2019-01-29 CVE-2019-3807 Powerdns Improper Certificate Validation vulnerability in Powerdns Recursor

An issue has been found in PowerDNS Recursor versions 4.1.x before 4.1.9 where records in the answer section of responses received from authoritative servers with the AA flag not set were not properly validated, allowing an attacker to bypass DNSSEC validation.

6.4
2019-01-28 CVE-2018-19015 Omron Command Injection vulnerability in Omron Cx-Supervisor 3.5

An attacker could inject commands to launch programs and create, write, and read files on CX-Supervisor (Versions 3.42 and prior) through a specially crafted project file.

6.0
2019-02-03 CVE-2019-7313 Buildbot CRLF Injection vulnerability in Buildbot

www/resource.py in Buildbot before 1.8.1 allows CRLF injection in the Location header of /auth/login and /auth/logout via the redirect parameter.

5.8
2019-01-31 CVE-2019-7283 Netkit
Debian
An issue was discovered in rcp in NetKit through 0.17.
5.8
2019-01-31 CVE-2019-6111 Openbsd
Winscp
Canonical
Debian
Redhat
Path Traversal vulnerability in multiple products

An issue was discovered in OpenSSH 7.9.

5.8
2019-01-30 CVE-2018-3956 Foxitsoftware Out-of-bounds Read vulnerability in Foxitsoftware Phantompdf

An exploitable out-of-bounds read vulnerability exists in the handling of certain XFA element attributes of Foxit Software's PDF Reader version 9.1.0.5096.

5.8
2019-01-30 CVE-2019-3912 Labkey Open Redirect vulnerability in Labkey Server

An open redirect vulnerability in LabKey Server Community Edition before 18.3.0-61806.763 via the /__r1/ returnURL parameter allows an unauthenticated remote attacker to redirect users to arbitrary web sites.

5.8
2019-01-28 CVE-2019-3593 Mcafee
Microsoft
Unspecified vulnerability in Mcafee Total Protection 16.0.18/4.0.161.1/4.6

Exploitation of Privilege/Trust vulnerability in Microsoft Windows client in McAfee Total Protection (MTP) Prior to 16.0.R18 allows local users to bypass product self-protection, tamper with policies and product files, and uninstall McAfee software without permission via specially crafted malware.

5.6
2019-02-03 CVE-2019-7312 Primx Information Exposure vulnerability in Primx Zed, Zedmail and Zonecentral

Limited plaintext disclosure exists in PRIMX Zed Entreprise for Windows before 6.1.2240, Zed Entreprise for Windows (ANSSI qualification submission) before 6.1.2150, Zed Entreprise for Mac before 2.0.199, Zed Entreprise for Linux before 2.0.199, Zed Pro for Windows before 1.0.195, Zed Pro for Mac before 1.0.199, Zed Pro for Linux before 1.0.199, Zed Free for Windows before 1.0.195, Zed Free for Mac before 1.0.199, and Zed Free for Linux before 1.0.199.

5.0
2019-02-01 CVE-2018-16493 Static Resource Server Project Path Traversal vulnerability in Static-Resource-Server Project Static-Resource-Server 1.7.2

A path traversal vulnerability was found in module static-resource-server 1.7.2 that allows unauthorized read access to any file on the server by appending slashes in the URL.

5.0
2019-02-01 CVE-2018-16490 Mpath Project Injection vulnerability in Mpath Project Mpath

A prototype pollution vulnerability was found in module mpath <0.5.1 that allows an attacker to inject arbitrary properties onto Object.prototype.

5.0
2019-02-01 CVE-2018-16482 Mcstatic Project Path Traversal vulnerability in Mcstatic Project Mcstatic

A server directory traversal vulnerability was found on node module mcstatic <=0.0.20 that would allow an attack to access sensitive information in the file system by appending slashes in the URL path.

5.0
2019-02-01 CVE-2018-16479 Http Live Simulator Project Path Traversal vulnerability in Http-Live-Simulator Project Http-Live-Simulator

Path traversal vulnerability in http-live-simulator <1.0.7 causes unauthorized access to arbitrary files on disk by appending extra slashes after the URL.

5.0
2019-02-01 CVE-2018-0722 Qnap Path Traversal vulnerability in Qnap Photo Station

Path Traversal vulnerability in Photo Station versions: 5.7.2 and earlier in QTS 4.3.4, 5.4.4 and earlier in QTS 4.3.3, 5.2.8 and earlier in QTS 4.2.6 could allow remote attackers to access sensitive information on the device.

5.0
2019-02-01 CVE-2018-15617 Avaya Unspecified vulnerability in Avaya Aura Communication Manager

A vulnerability in the "capro" (Call Processor) process component of Avaya Aura Communication Manager could allow a remote, unauthenticated user to cause denial of service.

5.0
2019-02-01 CVE-2017-18361 Pylonsproject Infinite Loop vulnerability in Pylonsproject Colander

In Pylons Colander through 1.6, the URL validator allows an attacker to potentially cause an infinite loop thereby causing a denial of service via an unclosed parenthesis.

5.0
2019-01-31 CVE-2018-5560 Guardzilla Use of Hard-coded Credentials vulnerability in Guardzilla Gz521W Firmware

A reliance on a static, hard-coded credential in the design of the cloud-based storage system of Practecol's Guardzilla All-In-One Video Security System allows an attacker to view the private data of all users of the Guardzilla device.

5.0
2019-01-31 CVE-2018-19043 Media File Manager Project Path Traversal vulnerability in Media File Manager Project Media File Manager 1.4.2

The Media File Manager plugin 1.4.2 for WordPress allows arbitrary file renaming (specifying a "from" and "to" filename) via a ../ directory traversal in the dir parameter of an mrelocator_rename action to the wp-admin/admin-ajax.php URI.

5.0
2019-01-31 CVE-2018-19042 Media File Manager Project Path Traversal vulnerability in Media File Manager Project Media File Manager 1.4.2

The Media File Manager plugin 1.4.2 for WordPress allows arbitrary file movement via a ../ directory traversal in the dir_from and dir_to parameters of an mrelocator_move action to the wp-admin/admin-ajax.php URI.

5.0
2019-01-31 CVE-2018-19040 Media File Manager Project Path Traversal vulnerability in Media File Manager Project Media File Manager 1.4.2

The Media File Manager plugin 1.4.2 for WordPress allows directory listing via a ../ directory traversal in the dir parameter of an mrelocator_getdir action to the wp-admin/admin-ajax.php URI.

5.0
2019-01-31 CVE-2018-18941 Vignette Information Exposure vulnerability in Vignette Content Management 6

In Vignette Content Management version 6, it is possible to gain remote access to administrator privileges by discovering the admin password in the vgn/ccb/user/mgmt/user/edit/0,1628,0,00.html?uid=admin HTML source code, and then creating a privileged user account.

5.0
2019-01-31 CVE-2018-15517 D Link Server-Side Request Forgery (SSRF) vulnerability in D-Link Central Wifimanager 1.03

The MailConnect feature on D-Link Central WiFiManager CWM-100 1.03 r0098 devices is intended to check a connection to an SMTP server but actually allows outbound TCP to any port on any IP address, leading to SSRF, as demonstrated by an index.php/System/MailConnect/host/127.0.0.1/port/22/secure/ URI.

5.0
2019-01-30 CVE-2019-0190 Apache
Oracle
A bug exists in the way mod_ssl handled client renegotiations.
5.0
2019-01-30 CVE-2018-17199 Apache
Debian
Netapp
Canonical
Oracle
Session Fixation vulnerability in multiple products

In Apache HTTP Server 2.4 release 2.4.37 and prior, mod_session checks the session expiry time before decoding the session.

5.0
2019-01-30 CVE-2018-17189 Apache
Netapp
Fedoraproject
Debian
Oracle
Canonical
Redhat
Resource Exhaustion vulnerability in multiple products

In Apache HTTP server versions 2.4.37 and prior, by sending request bodies in a slow loris way to plain resources, the h2 stream for that request unnecessarily occupied a server thread cleaning up that incoming data.

5.0
2019-01-30 CVE-2019-7237 Idreamsoft
Microsoft
Path Traversal vulnerability in Idreamsoft Icms 7.0.13

An issue was discovered in idreamsoft iCMS 7.0.13 on Windows.

5.0
2019-01-30 CVE-2019-7236 Idreamsoft Path Traversal vulnerability in Idreamsoft Icms 7.0.13

An issue was discovered in idreamsoft iCMS 7.0.13.

5.0
2019-01-30 CVE-2018-19858 Princexml XXE vulnerability in Princexml

PrinceXML, versions 10 and below, is vulnerable to XXE due to the lack of protection against external entities.

5.0
2019-01-30 CVE-2018-19440 ARM Information Exposure vulnerability in ARM Trusted Firmware-A

ARM Trusted Firmware-A allows information disclosure.

5.0
2019-01-30 CVE-2018-12610 Open Xchange Information Exposure vulnerability in Open-Xchange Appsuite

OX App Suite 7.8.4 and earlier allows Information Exposure.

5.0
2019-01-29 CVE-2018-1733 IBM Unspecified vulnerability in IBM Qradar Security Information and Event Manager

IBM QRadar SIEM 7.2 and 7.3 fails to adequately filter user-controlled input data for syntax that has control-plane implications which could allow an attacker to modify displayed content.

5.0
2019-01-29 CVE-2018-1668 IBM Improper Authentication vulnerability in IBM Datapower Gateway

IBM DataPower Gateway 7.5.0.0 through 7.5.0.19, 7.5.1.0 through 7.5.1.18, 7.5.2.0 through 7.5.2.18, and 7.6.0.0 through 7.6.0.11 appliances allows "null" logins which could give read access to IPMI data to obtain sensitive information.

5.0
2019-01-28 CVE-2018-19723 Adobe
Apple
Microsoft
Out-of-bounds Read vulnerability in Adobe Acrobat DC and Acrobat Reader DC

Adobe Acrobat and Reader versions 2018.011.20058 and earlier, 2017.011.30099 and earlier, and 2015.006.30448 and earlier have an out-of-bounds read vulnerability.

5.0
2019-01-28 CVE-2019-6986 Duraspace Command Injection vulnerability in Duraspace Vitro 1.10.0

SPARQL Injection in VIVO Vitro v1.10.0 allows a remote attacker to execute arbitrary SPARQL via the uri parameter, leading to a regular expression denial of service (ReDoS), as demonstrated by crafted use of FILTER%20regex in a /individual?uri= request.

5.0
2019-01-28 CVE-2018-16889 Redhat Improper Input Validation vulnerability in Redhat Ceph

Ceph does not properly sanitize encryption keys in debug logging for v4 auth.

5.0
2019-01-31 CVE-2017-18360 Linux
Canonical
Divide By Zero vulnerability in Linux Kernel

In change_port_settings in drivers/usb/serial/io_ti.c in the Linux kernel before 4.11.3, local users could cause a denial of service by division-by-zero in the serial device layer by trying to set very high baud rates.

4.9
2019-02-01 CVE-2019-7308 Linux
Canonical
Opensuse
Numeric Errors vulnerability in Linux Kernel

kernel/bpf/verifier.c in the Linux kernel before 4.20.6 performs undesirable out-of-bounds speculation on pointer arithmetic in various cases, including cases of different branches with different state or limits to sanitize, leading to side-channel attacks.

4.7
2019-02-01 CVE-2016-10741 Linux
Debian
Race Condition vulnerability in Linux Kernel

In the Linux kernel before 4.9.3, fs/xfs/xfs_aops.c allows local users to cause a denial of service (system crash) because there is a race condition between direct and memory-mapped I/O (associated with a hole) that is handled with BUG_ON instead of an I/O failure.

4.7
2019-01-31 CVE-2018-11790 Apache
Canonical
Incorrect Calculation vulnerability in multiple products

When loading a document with Apache Open Office 4.1.5 and earlier with smaller end line termination than the operating system uses, the defect occurs.

4.6
2019-02-01 CVE-2018-19004 Lcds Out-of-bounds Read vulnerability in Lcds Laquis Scada 4.1.0.3870

LCDS Laquis SCADA prior to version 4.1.0.4150 allows out of bounds read when opening a specially crafted project file, which may allow data exfiltration.

4.3
2019-02-01 CVE-2018-16481 Html Pages Project Cross-site Scripting vulnerability in Html-Pages Project Html-Pages

A XSS vulnerability was found in html-page <=2.1.1 that allows malicious Javascript code to be executed in the user's browser due to the absence of sanitization of the paths before rendering.

4.3
2019-02-01 CVE-2018-16480 Public Project Cross-site Scripting vulnerability in Public Project Public

A XSS vulnerability was found in module public <0.1.4 that allows malicious Javascript code to run in the browser, due to the absence of sanitization of the file/folder names before rendering.

4.3
2019-01-31 CVE-2019-7296 Typora Cross-site Scripting vulnerability in Typora

typora through 0.9.64 has XSS, with resultant remote command execution, during inline rendering of a mathematical formula.

4.3
2019-01-31 CVE-2019-7295 Typora Cross-site Scripting vulnerability in Typora

typora through 0.9.63 has XSS, with resultant remote command execution, during block rendering of a mathematical formula.

4.3
2019-01-31 CVE-2018-19041 Media File Manager Project Cross-site Scripting vulnerability in Media File Manager Project Media File Manager 1.4.2

The Media File Manager plugin 1.4.2 for WordPress allows XSS via the dir parameter of an mrelocator_getdir action to the wp-admin/admin-ajax.php URI.

4.3
2019-01-31 CVE-2018-18940 Netscape Cross-site Scripting vulnerability in Netscape Enterprise Server 3.63

servlet/SnoopServlet (a servlet installed by default) in Netscape Enterprise 3.63 has reflected XSS via an arbitrary parameter=[XSS] in the query string.

4.3
2019-01-31 CVE-2019-7282 Netkit
Debian
Fedoraproject
In NetKit through 0.17, rcp.c in the rcp client allows remote rsh servers to bypass intended access restrictions via the filename of .
4.3
2019-01-31 CVE-2019-4040 IBM Cross-site Scripting vulnerability in IBM I 7.2/7.3

IBM I 7.2 and 7.3 is vulnerable to cross-site scripting.

4.3
2019-01-31 CVE-2019-7250 Cross Reference Project Cross-site Scripting vulnerability in Cross Reference Project Cross Reference 36

An issue was discovered in the Cross Reference Add-on 36 for Google Docs.

4.3
2019-01-30 CVE-2019-3911 Labkey Cross-site Scripting vulnerability in Labkey Server

Reflected cross-site scripting (XSS) vulnerability in LabKey Server Community Edition before 18.3.0-61806.763 allows an unauthenticated remote attacker to inject arbitrary javascript via the onerror parameter in the /__r2/query endpoints.

4.3
2019-01-30 CVE-2019-1566 Paloaltonetworks Cross-site Scripting vulnerability in Paloaltonetworks Pan-Os

The PAN-OS management web interface in PAN-OS 7.1.21 and earlier, PAN-OS 8.0.14 and earlier, and PAN-OS 8.1.5 and earlier, may allow an unauthenticated attacker to inject arbitrary JavaScript or HTML.

4.3
2019-01-30 CVE-2018-19782 Freshrss Cross-site Scripting vulnerability in Freshrss 1.11.1

Multiple cross-site scripting (XSS) vulnerabilities in GET requests in FreshRSS 1.11.1 allow remote attackers to inject arbitrary web script or HTML via the (1) c parameter or (2) a parameter.

4.3
2019-01-30 CVE-2018-12611 Open Xchange Cross-site Scripting vulnerability in Open-Xchange Appsuite

OX App Suite 7.8.4 and earlier allows Directory Traversal.

4.3
2019-01-29 CVE-2019-7172 Atutor Cross-site Scripting vulnerability in Atutor

A stored-self XSS exists in ATutor through v2.2.4, allowing an attacker to execute HTML or JavaScript code in a vulnerable Real Name field to /mods/_core/users/admins/my_edit.php.

4.3
2019-01-29 CVE-2019-7156 Libdoc Project Divide By Zero vulnerability in Libdoc Project Libdoc

In libdoc through 2019-01-28, calcFileBlockOffset in ole.c allows division by zero.

4.3
2019-01-29 CVE-2019-7154 Webassembly Out-of-bounds Write vulnerability in Webassembly Binaryen

The main function in tools/wasm2js.cpp in Binaryen 1.38.22 has a heap-based buffer overflow because Emscripten is misused, triggering an error in cashew::JSPrinter::printAst() in emscripten-optimizer/simple_ast.h.

4.3
2019-01-29 CVE-2019-7153 Webassembly NULL Pointer Dereference vulnerability in Webassembly Binaryen

A NULL pointer dereference was discovered in wasm::WasmBinaryBuilder::processFunctions() in wasm/wasm-binary.cpp (when calling wasm::WasmBinaryBuilder::getFunctionIndexName) in Binaryen 1.38.22.

4.3
2019-01-29 CVE-2019-7152 Webassembly Out-of-bounds Read vulnerability in Webassembly Binaryen

A heap-based buffer over-read was discovered in wasm::WasmBinaryBuilder::processFunctions() in wasm/wasm-binary.cpp (when calling wasm::WasmBinaryBuilder::getFunctionIndexName) in Binaryen 1.38.22.

4.3
2019-01-29 CVE-2019-7151 Webassembly NULL Pointer Dereference vulnerability in Webassembly Binaryen

A NULL pointer dereference was discovered in wasm::Module::getFunctionOrNull in wasm/wasm.cpp in Binaryen 1.38.22.

4.3
2019-01-29 CVE-2019-7150 Elfutils Project
Debian
Canonical
Opensuse
Redhat
Out-of-bounds Read vulnerability in multiple products

An issue was discovered in elfutils 0.175.

4.3
2019-01-29 CVE-2019-7149 Elfutils Project
Debian
Out-of-bounds Read vulnerability in multiple products

A heap-based buffer over-read was discovered in the function read_srclines in dwarf_getsrclines.c in libdw in elfutils 0.175.

4.3
2019-01-29 CVE-2019-7148 Elfutils Project Allocation of Resources Without Limits or Throttling vulnerability in Elfutils Project Elfutils 0.174

An attempted excessive memory allocation was discovered in the function read_long_names in elf_begin.c in libelf in elfutils 0.174.

4.3
2019-01-29 CVE-2019-7147 Nasm Out-of-bounds Read vulnerability in Nasm Netwide Assembler 2.14

A buffer over-read exists in the function crc64ib in crc64.c in nasmlib in Netwide Assembler (NASM) 2.14rc16.

4.3
2019-01-29 CVE-2019-7146 Elfutils Project Out-of-bounds Read vulnerability in Elfutils Project Elfutils 0.175

In elfutils 0.175, there is a buffer over-read in the ebl_object_note function in eblobjnote.c in libebl.

4.3
2019-01-28 CVE-2018-19721 Adobe
Apple
Microsoft
Out-of-bounds Read vulnerability in Adobe Acrobat DC and Acrobat Reader DC

Adobe Acrobat and Reader versions 2018.011.20058 and earlier, 2017.011.30099 and earlier, and 2015.006.30448 and earlier have an out-of-bounds read vulnerability.

4.3
2019-01-28 CVE-2019-6992 Zoneminder Cross-site Scripting vulnerability in Zoneminder

A stored-self XSS exists in web/skins/classic/views/controlcaps.php of ZoneMinder through 1.32.3, allowing an attacker to execute HTML or JavaScript code in a vulnerable field via a long NAME or PROTOCOL to the index.php?view=controlcaps URI.

4.3
2019-01-28 CVE-2018-19728 Adobe
Microsoft
Apple
Out-of-bounds Read vulnerability in Adobe Acrobat DC and Acrobat Reader DC

Adobe Acrobat and Reader versions 2019.008.20081 and earlier, 2019.008.20080 and earlier, 2019.008.20081 and earlier, 2017.011.30106 and earlier version, 2017.011.30105 and earlier version, 2015.006.30457 and earlier, and 2015.006.30456 and earlier have an out-of-bounds read vulnerability.

4.3
2019-01-28 CVE-2018-19727 Adobe Cross-site Scripting vulnerability in Adobe Experience Manager 6.3.0/6.4.0

Adobe Experience Manager versions 6.4, 6.3, 6.2, 6.1, and 6.0 have a reflected cross-site scripting vulnerability.

4.3
2019-01-28 CVE-2018-19726 Adobe Cross-site Scripting vulnerability in Adobe Experience Manager

Adobe Experience Manager versions 6.4, 6.3, 6.2, 6.1, and 6.0 have a stored cross-site scripting vulnerability.

4.3
2019-01-28 CVE-2018-19724 Adobe Cross-site Scripting vulnerability in Adobe Experience Manager 6.2.0/6.3.0/6.4.0

Adobe Experience Manager Forms versions 6.2, 6.3 and 6.4 have a stored cross-site scripting vulnerability.

4.3
2019-01-28 CVE-2019-6988 Uclouvain Allocation of Resources Without Limits or Throttling vulnerability in Uclouvain Openjpeg 2.3.0

An issue was discovered in OpenJPEG 2.3.0.

4.3
2019-01-28 CVE-2019-6984 Foxitsoftware Use After Free vulnerability in Foxitsoftware 3D 9.1.0.425/9.2.0.9182/9.3.0.10830

An issue was discovered in Foxit 3D Plugin Beta before 9.4.0.16807 for Foxit Reader and PhantomPDF.

4.3
2019-01-28 CVE-2019-6983 Foxitsoftware
Microsoft
Integer Overflow or Wraparound vulnerability in Foxitsoftware 3D

An issue was discovered in Foxit 3D Plugin Beta before 9.4.0.16807 for Foxit Reader and PhantomPDF.

4.3
2019-01-28 CVE-2019-6982 Foxitsoftware
Microsoft
Out-of-bounds Write vulnerability in Foxitsoftware 3D

An issue was discovered in Foxit 3D Plugin Beta before 9.4.0.16807 for Foxit Reader and PhantomPDF.

4.3
2019-01-28 CVE-2019-6979 IP History Logs Project Cross-site Scripting vulnerability in IP History Logs Project IP History Logs 1.0.2

An issue was discovered in the User IP History Logs (aka IP_History_Logs) plugin 1.0.2 for MyBB.

4.3
2019-01-28 CVE-2018-20745 Yiiframework Origin Validation Error vulnerability in Yiiframework YII

Yii 2.x through 2.0.15.1 actively converts a wildcard CORS policy into reflecting an arbitrary Origin header value, which is incompatible with the CORS security design, and could lead to CORS misconfiguration security problems.

4.3
2019-01-28 CVE-2018-20744 GO Cors Project Origin Validation Error vulnerability in GO Cors Project GO Cors

The Olivier Poitrey Go CORS handler through 1.3.0 actively converts a wildcard CORS policy into reflecting an arbitrary Origin header value, which is incompatible with the CORS security design, and could lead to CORS misconfiguration security problems.

4.3
2019-02-01 CVE-2018-16485 M Server Project Path Traversal vulnerability in M-Server Project M-Server

Path Traversal vulnerability in module m-server <1.4.1 allows malicious user to access unauthorized content of any file in the directory tree e.g.

4.0
2019-01-31 CVE-2019-6110 Openbsd
Winscp
Netapp
Inappropriate Encoding for Output Context vulnerability in multiple products

In OpenSSH 7.9, due to accepting and displaying arbitrary stderr output from the server, a malicious server (or Man-in-The-Middle attacker) can manipulate the client output, for example to use ANSI control codes to hide additional files being transferred.

4.0
2019-01-31 CVE-2019-6109 Openbsd
Winscp
Canonical
Debian
Netapp
Improper Encoding or Escaping of Output vulnerability in multiple products

An issue was discovered in OpenSSH 7.9.

4.0
2019-01-30 CVE-2019-3913 Labkey OS Command Injection vulnerability in Labkey Server

Command manipulation in LabKey Server Community Edition before 18.3.0-61806.763 allows an authenticated remote attacker to unmount any drive on the system leading to denial of service.

4.0
2019-01-30 CVE-2018-12609 Open Xchange Server-Side Request Forgery (SSRF) vulnerability in Open-Xchange Appsuite

OX App Suite 7.8.4 and earlier allows Server-Side Request Forgery.

4.0
2019-01-29 CVE-2018-1976 IBM Information Exposure vulnerability in IBM API Connect

IBM API Connect 5.0.0.0 through 5.0.8.4 is impacted by sensitive information disclosure via a REST API that could allow a user with administrative privileges to obtain highly sensitive information.

4.0
2019-01-29 CVE-2016-10740 Atlassian Information Exposure vulnerability in Atlassian Crowd

Various resources in Atlassian Crowd before version 2.10.1 allow remote attackers with administration rights to learn the passwords of configured LDAP directories by examining the responses to requests for these resources.

4.0

19 Low Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2019-02-01 CVE-2018-16484 M Server Project Cross-site Scripting vulnerability in M-Server Project M-Server

A XSS vulnerability was found in module m-server <1.4.2 that allows malicious Javascript code or HTML to be executed, due to the lack of escaping for special characters in folder names.

3.5
2019-02-01 CVE-2018-5498 Netapp Improper Input Validation vulnerability in Netapp Clustered Data Ontap

Clustered Data ONTAP versions 9.0 through 9.4 are susceptible to a vulnerability which allows remote authenticated attackers to cause a Denial of Service (DoS) in NFS and SMB environments.

3.5
2019-01-31 CVE-2018-15516 D Link Server-Side Request Forgery (SSRF) vulnerability in D-Link Central Wifimanager 1.03

The FTP service on D-Link Central WiFiManager CWM-100 1.03 r0098 devices allows remote attackers to conduct a PORT command bounce scan via port 8000, resulting in SSRF.

3.5
2019-01-30 CVE-2019-1565 Paloaltonetworks Cross-site Scripting vulnerability in Paloaltonetworks Pan-Os

The PAN-OS external dynamics lists in PAN-OS 7.1.21 and earlier, PAN-OS 8.0.14 and earlier, and PAN-OS 8.1.5 and earlier, may allow an attacker that is authenticated in Next Generation Firewall with write privileges to External Dynamic List configuration to inject arbitrary JavaScript or HTML.

3.5
2019-01-29 CVE-2019-7173 Croogo Cross-site Scripting vulnerability in Croogo

A stored-self XSS exists in Croogo through v3.0.5, allowing an attacker to execute HTML or JavaScript code in a vulnerable Title field to /admin/file-manager/attachments/edit/4.

3.5
2019-01-29 CVE-2019-7171 Croogo Cross-site Scripting vulnerability in Croogo

A stored-self XSS exists in Croogo through v3.0.5, allowing an attacker to execute HTML or JavaScript code in a vulnerable Title field to /admin/blocks/blocks/edit/8.

3.5
2019-01-29 CVE-2019-7170 Croogo Cross-site Scripting vulnerability in Croogo

A stored-self XSS exists in Croogo through v3.0.5, allowing an attacker to execute HTML or JavaScript code in a vulnerable Title field to /admin/taxonomy/vocabularies.

3.5
2019-01-29 CVE-2019-7169 Croogo Cross-site Scripting vulnerability in Croogo

A stored-self XSS exists in Croogo through v3.0.5, allowing an attacker to execute HTML or JavaScript code in a vulnerable Title field to /admin/menus/menus/edit/3.

3.5
2019-01-29 CVE-2019-7168 Croogo Cross-site Scripting vulnerability in Croogo

A stored-self XSS exists in Croogo through v3.0.5, allowing an attacker to execute HTML or JavaScript code in a vulnerable Blog field to /admin/nodes/nodes/add/blog.

3.5
2019-01-29 CVE-2018-18985 Tridium Cross-site Scripting vulnerability in Tridium products

Tridium Niagara Enterprise Security 2.3u1, all versions prior to 2.3.118.6, Niagara AX 3.8u4, all versions prior to 3.8.401.1, Niagara 4.4u2, all versions prior to 4.4.93.40.2, and Niagara 4.6, all versions prior to 4.6.96.28.4 a cross-site scripting vulnerability has been identified that may allow a remote attacker to inject code to some web pages affecting confidentiality.

3.5
2019-01-28 CVE-2019-6990 Zoneminder Cross-site Scripting vulnerability in Zoneminder

A stored-self XSS exists in web/skins/classic/views/zones.php of ZoneMinder through 1.32.3, allowing an attacker to execute HTML or JavaScript code in a vulnerable field via a crafted Zone NAME to the index.php?view=zones&action=zoneImage&mid=1 URI.

3.5
2019-01-31 CVE-2018-17928 ABB Improper Authentication vulnerability in ABB Cms-770 Firmware

The product CMS-770 (Software Versions 1.7.1 and prior)is vulnerable that an attacker can read sensitive configuration files by bypassing the user authentication mechanism.

3.3
2019-01-31 CVE-2018-17926 ABB Improper Authentication vulnerability in ABB Eth-Fw Firmware and FW Firmware

The product M2M ETHERNET (FW Versions 2.22 and prior, ETH-FW Versions 1.01 and prior) is vulnerable in that an attacker can upload a malicious language file by bypassing the user authentication mechanism.

3.3
2019-01-28 CVE-2018-19014 Draeger Information Exposure Through Log Files vulnerability in Draeger products

Drager Infinity Delta, Infinity Delta, all versions, Delta XL, all versions, Kappa, all version, and Infinity Explorer C700, all versions.

3.3
2019-01-28 CVE-2018-19010 Draeger Improper Input Validation vulnerability in Draeger products

Drager Infinity Delta, Infinity Delta, all versions, Delta XL, all versions, Kappa, all version, and Infinity Explorer C700, all versions.

3.3
2019-01-30 CVE-2018-15136 Titanhq Improper Input Validation vulnerability in Titanhq Spamtitan

TitanHQ SpamTitan before 7.01 has Improper input validation.

2.6
2019-02-03 CVE-2019-7309 GNU Unspecified vulnerability in GNU Glibc

In the GNU C Library (aka glibc or libc6) through 2.29, the memcmp function for the x32 architecture can incorrectly return zero (indicating that the inputs are equal) because the RDX most significant bit is mishandled.

2.1
2019-01-28 CVE-2019-3815 Redhat
Debian
Memory Leak vulnerability in multiple products

A memory leak was discovered in the backport of fixes for CVE-2018-16864 in Red Hat Enterprise Linux.

2.1
2019-01-28 CVE-2018-10910 Bluez
Canonical
A bug in Bluez may allow for the Bluetooth Discoverable state being set to on when no Bluetooth agent is registered with the system.
2.1