Weekly Vulnerabilities Reports > February 4 to 10, 2019

Overview

271 new vulnerabilities reported during this period, including 4 critical vulnerabilities and 53 high severity vulnerabilities. This weekly summary report vulnerabilities in 277 products from 118 vendors including Debian, Canonical, Zoneminder, Opensuse, and Jenkins. Vulnerabilities are notably categorized as "Cross-site Scripting", "Out-of-bounds Read", "Out-of-bounds Write", "Information Exposure", and "Cross-Site Request Forgery (CSRF)".

  • 254 reported vulnerabilities are remotely exploitables.
  • 4 reported vulnerabilities have public exploit available.
  • 102 reported vulnerabilities are related to weaknesses in OWASP Top Ten.
  • 238 reported vulnerabilities are exploitable by an anonymous user.
  • Debian has the most reported vulnerabilities, with 50 reported vulnerabilities.
  • Mozilla has the most reported critical vulnerabilities, with 1 reported vulnerabilities.

TOTAL
VULNERABILITIES
CRITICAL RISK
VULNERABILITIES
HIGH RISK
VULNERABILITIES
MEDIUM RISK
VULNERABILITIES
LOW RISK
VULNERABILITIES
REMOTELY
EXPLOITABLE
LOCALLY
EXPLOITABLE
EXPLOIT
AVAILABLE
EXPLOITABLE
ANONYMOUSLY
AFFECTING
WEB APPLICATION

Vulnerability Details

The following table list reported vulnerabilities for the period covered by this report:

Expand/Hide

4 Critical Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2019-02-09 CVE-2019-7684 Inxedu Unrestricted Upload of File with Dangerous Type vulnerability in Inxedu 20181224

inxedu through 2018-12-24 has a vulnerability that can lead to the upload of a malicious JSP file.

10.0
2019-02-09 CVE-2009-5154 Mobotix Use of Hard-coded Credentials vulnerability in Mobotix S14 Firmware Mxv4.2.1.61

An issue was discovered on MOBOTIX S14 MX-V4.2.1.61 devices.

10.0
2019-02-05 CVE-2018-18502 Mozilla
Canonical
Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products

Mozilla developers and community members reported memory safety bugs present in Firefox 64.

10.0
2019-02-08 CVE-2019-7632 Lifesize OS Command Injection vulnerability in Lifesize products

LifeSize Team, Room, Passport, and Networker 220 devices allow Authenticated Remote OS Command Injection, as demonstrated by shell metacharacters in the support/mtusize.php mtu_size parameter.

9.0

53 High Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2019-02-05 CVE-2018-19029 Lcds NULL Pointer Dereference vulnerability in Lcds Laquis Scada 4.1.0.3870

LCDS Laquis SCADA prior to version 4.1.0.4150 allows an attacker using a specially crafted project file to supply a pointer for a controlled memory address, which may allow remote code execution, data exfiltration, or cause a system crash.

8.3
2019-02-05 CVE-2018-19002 Lcds Code Injection vulnerability in Lcds Laquis Scada 4.1.0.3870

LCDS Laquis SCADA prior to version 4.1.0.4150 allows improper control of generation of code when opening a specially crafted project file, which may allow remote code execution, data exfiltration, or cause a system crash.

8.3
2019-02-05 CVE-2018-18986 Lcds Out-of-bounds Read vulnerability in Lcds Laquis Scada 4.1.0.3870

LCDS Laquis SCADA prior to version 4.1.0.4150 allows the opening of a specially crafted report format file that may cause an out of bounds read, which may cause a system crash, allow data exfiltration, or remote code execution.

8.3
2019-02-07 CVE-2019-1675 Cisco Use of Hard-coded Credentials vulnerability in Cisco products

A vulnerability in the default configuration of the Cisco Aironet Active Sensor could allow an unauthenticated, remote attacker to restart the sensor.

7.8
2019-02-05 CVE-2019-7389 Dlink Missing Authentication for Critical Function vulnerability in Dlink Dir-823G Firmware 1.02B03

An issue was discovered in /bin/goahead on D-Link DIR-823G devices with the firmware 1.02B03.

7.8
2019-02-10 CVE-2018-20771 Xerox Improper Input Validation vulnerability in Xerox products

An issue was discovered on Xerox WorkCentre 3655, 3655i, 58XX, 58XXi, 59XX, 59XXi, 6655, 6655i, 72XX, 72XXi, 78XX, 78XXi, 7970, 7970i, EC7836, and EC7856 devices before R18-05 073.xxx.0487.15000.

7.5
2019-02-10 CVE-2018-20770 Xerox SQL Injection vulnerability in Xerox products

An issue was discovered on Xerox WorkCentre 3655, 3655i, 58XX, 58XXi, 59XX, 59XXi, 6655, 6655i, 72XX, 72XXi, 78XX, 78XXi, 7970, 7970i, EC7836, and EC7856 devices before R18-05 073.xxx.0487.15000.

7.5
2019-02-10 CVE-2018-20768 Xerox Code Injection vulnerability in Xerox products

An issue was discovered on Xerox WorkCentre 3655, 3655i, 58XX, 58XXi, 59XX, 59XXi, 6655, 6655i, 72XX, 72XXi, 78XX, 78XXi, 7970, 7970i, EC7836, and EC7856 devices before R18-05 073.xxx.0487.15000.

7.5
2019-02-10 CVE-2019-7692 CIM Project Code Injection vulnerability in CIM Project CIM 0.9.3

install/install.php in CIM 0.9.3 allows remote attackers to execute arbitrary PHP code via a crafted prefix value because of configuration file mishandling in the N=83 case, as demonstrated by a call to the PHP fputs function that creates a .php file in the public folder.

7.5
2019-02-10 CVE-2018-13792 Abbyy SQL Injection vulnerability in Abbyy Flexicapture

Multiple SQL injection vulnerabilities in the monitoring feature in the HTTP API in ABBYY FlexiCapture before 12 Release 2 allow an attacker to execute arbitrary SQL commands via the mask, sortOrder, filter, or Order parameter.

7.5
2019-02-09 CVE-2019-7678 Enphase Path Traversal vulnerability in Enphase Envoy

A directory traversal vulnerability was discovered in Enphase Envoy R3.*.* via images/, include/, include/js, or include/css on TCP port 8888.

7.5
2019-02-09 CVE-2019-7653 Rdflib Project Code Injection vulnerability in Rdflib Project Rdflib 4.2.2

The Debian python-rdflib-tools 4.2.2-1 package for RDFLib 4.2.2 has CLI tools that can load Python modules from the current working directory, allowing code injection, because "python -m" looks in this directory, as demonstrated by rdf2dot.

7.5
2019-02-08 CVE-2018-1352 Fortinet Use of Externally-Controlled Format String vulnerability in Fortinet Fortios 5.6.0

A format string vulnerability in Fortinet FortiOS 5.6.0 allows attacker to execute unauthorized code or commands via the SSH username variable.

7.5
2019-02-08 CVE-2018-20764 Helpsystems
Linux
Unspecified vulnerability in Helpsystems Boks 6.6.0/6.7.1

A buffer overflow exists in HelpSystems tcpcrypt on Linux, used for BoKS encrypted telnet through BoKS version 6.7.1.

7.5
2019-02-08 CVE-2019-7401 Nginx Out-of-bounds Write vulnerability in Nginx Unit

NGINX Unit before 1.7.1 might allow an attacker to cause a heap-based buffer overflow in the router process with a specially crafted request.

7.5
2019-02-07 CVE-2019-6139 Forcepoint Unrestricted Upload of File with Dangerous Type vulnerability in Forcepoint User ID 1.1/1.2

Forcepoint User ID (FUID) server versions up to 1.2 have a remote arbitrary file upload vulnerability on TCP port 5001.

7.5
2019-02-07 CVE-2019-7587 BO Blog SQL Injection vulnerability in Bo-Blog BW

Bo-blog Wind through 1.6.0-r allows SQL Injection via the admin.php/comments/batchdel/ comID parameter because this parameter is mishandled in the mode/admin.mode.php delBlockedBatch function.

7.5
2019-02-07 CVE-2019-7585 Bijiadao SQL Injection vulnerability in Bijiadao Waimai Super CMS 20150505

An issue was discovered in Waimai Super Cms 20150505.

7.5
2019-02-07 CVE-2019-7568 Baijiacms Project SQL Injection vulnerability in Baijiacms Project Baijiacms 4.0

An issue was discovered in baijiacms V4 that can result in time-based blind SQL injection to get data via the cate parameter in an index.php?act=index request.

7.5
2019-02-06 CVE-2019-3822 Haxx
Canonical
Debian
Netapp
Siemens
Oracle
Redhat
Out-of-bounds Write vulnerability in multiple products

libcurl versions from 7.36.0 to before 7.64.0 are vulnerable to a stack-based buffer overflow.

7.5
2019-02-06 CVE-2019-3464 Pizzashack
Debian
Fedoraproject
Canonical
Improper Input Validation vulnerability in multiple products

Insufficient sanitization of environment variables passed to rsync can bypass the restrictions imposed by rssh, a restricted shell that should restrict users to perform only rsync operations, resulting in the execution of arbitrary shell commands.

7.5
2019-02-06 CVE-2019-3463 Pizzashack
Debian
Fedoraproject
Canonical
Improper Input Validation vulnerability in multiple products

Insufficient sanitization of arguments passed to rsync can bypass the restrictions imposed by rssh, a restricted shell that should restrict users to perform only rsync operations, resulting in the execution of arbitrary shell commands.

7.5
2019-02-05 CVE-2018-3991 Wibu
Microsoft
Siemens
Out-of-bounds Write vulnerability in multiple products

An exploitable heap overflow vulnerability exists in the WkbProgramLow function of WibuKey Network server management, version 6.40.2402.500.

7.5
2019-02-05 CVE-2019-6523 Advantech SQL Injection vulnerability in Advantech Webaccess/Scada 8.3

WebAccess/SCADA, Version 8.3.

7.5
2019-02-05 CVE-2019-6521 Advantech Improper Authentication vulnerability in Advantech Webaccess/Scada 8.3

WebAccess/SCADA, Version 8.3.

7.5
2019-02-05 CVE-2019-6519 Advantech Improper Authentication vulnerability in Advantech Webaccess/Scada 8.3

WebAccess/SCADA, Version 8.3.

7.5
2019-02-05 CVE-2018-18505 Mozilla
Canonical
Debian
Redhat
Improper Authentication vulnerability in Mozilla Firefox and Firefox ESR

An earlier fix for an Inter-process Communication (IPC) vulnerability, CVE-2011-3079, added authentication to communication between IPC endpoints and server parents during IPC process creation.

7.5
2019-02-05 CVE-2018-18504 Mozilla
Canonical
Out-of-bounds Read vulnerability in multiple products

A crash and out-of-bounds read can occur when the buffer of a texture client is freed while it is still in use during graphic operations.

7.5
2019-02-05 CVE-2018-18501 Mozilla
Canonical
Debian
Redhat
Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Mozilla Firefox and Firefox ESR

Mozilla developers and community members reported memory safety bugs present in Firefox 64 and Firefox ESR 60.4.

7.5
2019-02-05 CVE-2018-18500 Mozilla
Canonical
Debian
Redhat
Use After Free vulnerability in Mozilla Firefox and Firefox ESR

A use-after-free vulnerability can occur while parsing an HTML5 stream in concert with custom HTML elements.

7.5
2019-02-05 CVE-2018-8800 Rdesktop
Debian
Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products

rdesktop versions up to and including v1.8.3 contain a Heap-Based Buffer Overflow in function ui_clip_handle_data() that results in a memory corruption and probably even a remote code execution.

7.5
2019-02-05 CVE-2018-8797 Rdesktop
Debian
Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products

rdesktop versions up to and including v1.8.3 contain a Heap-Based Buffer Overflow in function process_plane() that results in a memory corruption and probably even a remote code execution.

7.5
2019-02-05 CVE-2018-8795 Rdesktop
Debian
Integer Overflow or Wraparound vulnerability in multiple products

rdesktop versions up to and including v1.8.3 contain an Integer Overflow that leads to a Heap-Based Buffer Overflow in function process_bitmap_updates() and results in a memory corruption and probably even a remote code execution.

7.5
2019-02-05 CVE-2018-8794 Rdesktop
Debian
Integer Overflow or Wraparound vulnerability in multiple products

rdesktop versions up to and including v1.8.3 contain an Integer Overflow that leads to an Out-Of-Bounds Write in function process_bitmap_updates() and results in a memory corruption and possibly even a remote code execution.

7.5
2019-02-05 CVE-2018-8793 Rdesktop
Debian
Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products

rdesktop versions up to and including v1.8.3 contain a Heap-Based Buffer Overflow in function cssp_read_tsrequest() that results in a memory corruption and probably even a remote code execution.

7.5
2019-02-05 CVE-2019-7412 PS Phpcaptcha WP Project Improper Input Validation vulnerability in PS PHPcaptcha WP Project PS PHPcaptcha WP 1.0.0/1.1.0

The PS PHPCaptcha WP plugin before v1.2.0 for WordPress mishandles sanitization of input values.

7.5
2019-02-05 CVE-2018-4056 Coturn Project
Debian
SQL Injection vulnerability in multiple products

An exploitable SQL injection vulnerability exists in the administrator web portal function of coTURN prior to version 4.5.0.9.

7.5
2019-02-05 CVE-2018-18998 Lcds Use of Hard-coded Credentials vulnerability in Lcds Laquis Scada 4.1.0.3870

LCDS Laquis SCADA prior to version 4.1.0.4150 uses hard coded credentials, which may allow an attacker unauthorized access to the system with high privileges.

7.5
2019-02-05 CVE-2018-18996 Lcds Missing Authorization vulnerability in Lcds Laquis Scada 4.1.0.3870

LCDS Laquis SCADA prior to version 4.1.0.4150 allows taking in user input without proper authorization or sanitation, which may allow an attacker to execute remote code on the server.

7.5
2019-02-05 CVE-2016-1000282 Haraka Project Command Injection vulnerability in Haraka Project Haraka

Haraka version 2.8.8 and earlier comes with a plugin for processing attachments for zip files.

7.5
2019-02-05 CVE-2018-20753 Kaseya Unspecified vulnerability in Kaseya Virtual System Administrator

Kaseya VSA RMM before R9.3 9.3.0.35, R9.4 before 9.4.0.36, and R9.5 before 9.5.0.5 allows unprivileged remote attackers to execute PowerShell payloads on all managed devices.

7.5
2019-02-05 CVE-2017-18362 Connectwise SQL Injection vulnerability in Connectwise Manageditsync

ConnectWise ManagedITSync integration through 2017 for Kaseya VSA is vulnerable to unauthenticated remote commands that allow full direct access to the Kaseya VSA database.

7.5
2019-02-04 CVE-2019-1000023 OPT NET SQL Injection vulnerability in Opt-Net Ng-Netms 3.3/3.5/3.62

OPT/NET BV OPTOSS Next Gen Network Management System (NG-NetMS) version v3.6-2 and earlier versions contains a SQL Injection vulnerability in Identified vulnerable parameters: id, id_access_type and id_attr_access that can result in a malicious attacker can include own SQL commands which database will execute.

7.5
2019-02-04 CVE-2019-1000006 Riot OS Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Riot-Os Riot

RIOT RIOT-OS version after commit 7af03ab624db0412c727eed9ab7630a5282e2fd3 contains a Buffer Overflow vulnerability in sock_dns, an implementation of the DNS protocol utilizing the RIOT sock API that can result in Remote code executing.

7.5
2019-02-04 CVE-2018-20752 Recon NG Project Improper Neutralization of Formula Elements in a CSV File vulnerability in Recon-Ng Project Recon-Ng

An issue was discovered in Recon-ng before 4.9.5.

7.5
2019-02-04 CVE-2016-1000271 Dthdevelopment SQL Injection vulnerability in Dthdevelopment DT Register

Joomla extension DT Register version before 3.1.12 (Joomla 3.x) / 2.8.18 (Joomla 2.5) contains an SQL injection in "/index.php?controller=calendar&format=raw&cat[0]=SQLi&task=events".

7.5
2019-02-04 CVE-2019-7316 CSS Tricks SQL Injection vulnerability in Css-Tricks Chat2

An issue was discovered in CSS-TRICKS Chat2 through 2015-05-05.

7.5
2019-02-04 CVE-2019-7314 Live555
Debian
Use After Free vulnerability in multiple products

liblivemedia in Live555 before 2019.02.03 mishandles the termination of an RTSP stream after RTP/RTCP-over-RTSP has been set up, which could lead to a Use-After-Free error that causes the RTSP server to crash (Segmentation fault) or possibly have unspecified other impact.

7.5
2019-02-07 CVE-2019-3704 Dell OS Command Injection vulnerability in Dell EMC Vnx2 Firmware

VNX Control Station in Dell EMC VNX2 OE for File versions prior to 8.1.9.236 contains OS command injection vulnerability.

7.2
2019-02-05 CVE-2018-3990 Wibu
Microsoft
Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Wibu Wibukey 6.40

An exploitable pool corruption vulnerability exists in the 0x8200E804 IOCTL handler functionality of WIBU-SYSTEMS WibuKey.sys Version 6.40 (Build 2400).

7.2
2019-02-04 CVE-2018-15778 Dell Improper Input Validation vulnerability in Dell Networking Os10

Dell OS10 versions prior to 10.4.2.1 contain a vulnerability caused by lack of proper input validation on the command-line interface (CLI).

7.2
2019-02-09 CVE-2019-7662 Webassembly Reachable Assertion vulnerability in Webassembly Binaryen

An assertion failure was discovered in wasm::WasmBinaryBuilder::getType() in wasm-binary.cpp in Binaryen 1.38.22.

7.1
2019-02-05 CVE-2019-6590 F5 Unspecified vulnerability in F5 Big-Ip Local Traffic Manager

On BIG-IP LTM 13.0.0 to 13.0.1 and 12.1.0 to 12.1.3.6, under certain conditions, the TMM may consume excessive resources when processing SSL Session ID Persistence traffic.

7.1

195 Medium Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2019-02-06 CVE-2019-3825 Gnome
Canonical
Redhat
Improper Authentication vulnerability in multiple products

A vulnerability was discovered in gdm before 3.31.4.

6.9
2019-02-09 CVE-2019-7659 Genivia
Debian
Out-of-bounds Write vulnerability in multiple products

Genivia gSOAP 2.7.x and 2.8.x before 2.8.75 allows attackers to cause a denial of service (application abort) or possibly have unspecified other impact if a server application is built with the -DWITH_COOKIES flag.

6.8
2019-02-08 CVE-2019-7638 Libsdl
Debian
Opensuse
Fedoraproject
Canonical
Out-of-bounds Read vulnerability in multiple products

SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer over-read in Map1toN in video/SDL_pixels.c.

6.8
2019-02-08 CVE-2019-7637 Libsdl
Debian
Opensuse
Out-of-bounds Write vulnerability in multiple products

SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer overflow in SDL_FillRect in video/SDL_surface.c.

6.8
2019-02-07 CVE-2019-7582 Libming
Canonical
Allocation of Resources Without Limits or Throttling vulnerability in Libming

The readBytes function in util/read.c in libming through 0.4.8 allows remote attackers to have unspecified impact via a crafted swf file that triggers a memory allocation failure.

6.8
2019-02-07 CVE-2019-7581 Libming
Canonical
Allocation of Resources Without Limits or Throttling vulnerability in Libming

The parseSWF_ACTIONRECORD function in util/parser.c in libming through 0.4.8 allows remote attackers to have unspecified impact via a crafted swf file that triggers a memory allocation failure, a different vulnerability than CVE-2018-7876.

6.8
2019-02-07 CVE-2019-7577 Libsdl
Opensuse
Debian
Fedoraproject
Canonical
Out-of-bounds Read vulnerability in multiple products

SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a buffer over-read in SDL_LoadWAV_RW in audio/SDL_wave.c.

6.8
2019-02-07 CVE-2019-7576 Libsdl
Debian
Opensuse
Out-of-bounds Read vulnerability in multiple products

SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer over-read in InitMS_ADPCM in audio/SDL_wave.c (outside the wNumCoef loop).

6.8
2019-02-07 CVE-2019-7575 Libsdl
Debian
Opensuse
Fedoraproject
Canonical
Out-of-bounds Write vulnerability in multiple products

SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer overflow in MS_ADPCM_decode in audio/SDL_wave.c.

6.8
2019-02-07 CVE-2019-7574 Libsdl
Debian
Opensuse
Out-of-bounds Read vulnerability in multiple products

SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer over-read in IMA_ADPCM_decode in audio/SDL_wave.c.

6.8
2019-02-07 CVE-2019-7573 Libsdl
Debian
Opensuse
Out-of-bounds Read vulnerability in multiple products

SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer over-read in InitMS_ADPCM in audio/SDL_wave.c (inside the wNumCoef loop).

6.8
2019-02-07 CVE-2019-7572 Libsdl
Debian
Opensuse
Out-of-bounds Read vulnerability in multiple products

SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a buffer over-read in IMA_ADPCM_nibble in audio/SDL_wave.c.

6.8
2019-02-07 CVE-2019-7569 Wdoyo Cross-Site Request Forgery (CSRF) vulnerability in Wdoyo Doyo 2.3

An issue was discovered in DOYO (aka doyocms) 2.3(20140425 update).

6.8
2019-02-07 CVE-2019-7566 Cszcms Cross-Site Request Forgery (CSRF) vulnerability in Cszcms CSZ CMS 1.1.8

CSZ CMS 1.1.8 has CSRF via admin/users/new/add.

6.8
2019-02-06 CVE-2018-7817 Schneider Electric Use After Free vulnerability in Schneider-Electric Zelio Soft 2 4.6/5.0/5.1

A Use After Free (CWE-416) vulnerability exists in Zelio Soft 2 v5.1 and prior versions which could cause remote code execution when opening a specially crafted Zelio Soft project file.

6.8
2019-02-06 CVE-2018-7815 Schneider Electric Incorrect Type Conversion or Cast vulnerability in Schneider-Electric Guicon 2.0

A Type Confusion (CWE-843) vulnerability exists in Eurotherm by Schneider Electric GUIcon V2.0 (Gold Build 683.0) on c3core.dll which could cause remote code to be executed when parsing a GD1 file

6.8
2019-02-06 CVE-2018-7814 Schneider Electric Out-of-bounds Write vulnerability in Schneider-Electric Guicon 2.0

A Stack-based Buffer Overflow (CWE-121) vulnerability exists in Eurotherm by Schneider Electric GUIcon V2.0 (Gold Build 683.0) which could cause remote code to be executed when parsing a GD1 file

6.8
2019-02-06 CVE-2018-7813 Schneider Electric Incorrect Type Conversion or Cast vulnerability in Schneider-Electric Guicon 2.0

A Type Confusion (CWE-843) vulnerability exists in Eurotherm by Schneider Electric GUIcon V2.0 (Gold Build 683.0) on pcwin.dll which could cause remote code to be executed when parsing a GD1 file

6.8
2019-02-06 CVE-2018-20763 Gpac Project
Debian
Canonical
Out-of-bounds Write vulnerability in multiple products

In GPAC 0.7.1 and earlier, gf_text_get_utf8_line in media_tools/text_import.c in libgpac_static.a allows an out-of-bounds write because of missing szLineConv bounds checking.

6.8
2019-02-06 CVE-2018-20762 Gpac Project
Debian
Canonical
Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products

GPAC version 0.7.1 and earlier has a buffer overflow vulnerability in the cat_multiple_files function in applications/mp4box/fileimport.c when MP4Box is used for a local directory containing crafted filenames.

6.8
2019-02-06 CVE-2018-20761 Gpac Project
Debian
Canonical
Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products

GPAC version 0.7.1 and earlier has a Buffer Overflow vulnerability in the gf_sm_load_init function in scene_manager.c in libgpac_static.a.

6.8
2019-02-06 CVE-2018-20760 Gpac
Debian
Canonical
Out-of-bounds Write vulnerability in multiple products

In GPAC 0.7.1 and earlier, gf_text_get_utf8_line in media_tools/text_import.c in libgpac_static.a allows an out-of-bounds write because a certain -1 return value is mishandled.

6.8
2019-02-06 CVE-2019-7548 Sqlalchemy
Debian
SQL Injection vulnerability in multiple products

SQLAlchemy 1.2.17 has SQL Injection when the group_by parameter can be controlled.

6.8
2019-02-06 CVE-2018-3980 Canvasgfx Out-of-bounds Write vulnerability in Canvasgfx Canvas Draw 5.0.0

An exploitable out-of-bounds write exists in the TIFF-parsing functionality of Canvas Draw version 5.0.0.

6.8
2019-02-06 CVE-2018-3976 Canvasgfx Out-of-bounds Write vulnerability in Canvasgfx Canvas Draw 5.0.0.28

An exploitable out-of-bounds write exists in the CALS Raster file format-parsing functionality of Canvas Draw version 5.0.0.28.

6.8
2019-02-06 CVE-2018-3973 Canvasgfx Out-of-bounds Write vulnerability in Canvasgfx Canvas Draw 5.0.0

An exploitable out of bounds write exists in the CAL parsing functionality of Canvas Draw version 5.0.0.

6.8
2019-02-06 CVE-2019-1003008 Jenkins Cross-Site Request Forgery (CSRF) vulnerability in Jenkins Warnings Next Generation

A cross-site request forgery vulnerability exists in Jenkins Warnings Next Generation Plugin 2.1.1 and earlier in src/main/java/io/jenkins/plugins/analysis/warnings/groovy/GroovyParser.java that allows attackers to execute arbitrary code via a form validation HTTP endpoint.

6.8
2019-02-06 CVE-2019-1003007 Jenkins Cross-Site Request Forgery (CSRF) vulnerability in Jenkins Warnings

A cross-site request forgery vulnerability exists in Jenkins Warnings Plugin 5.0.0 and earlier in src/main/java/hudson/plugins/warnings/GroovyParser.java that allows attackers to execute arbitrary code via a form validation HTTP endpoint.

6.8
2019-02-05 CVE-2018-18333 Trendmicro Untrusted Search Path vulnerability in Trendmicro products

A DLL hijacking vulnerability in Trend Micro Security 2019 (Consumer) versions below 15.0.0.1163 and below could allow an attacker to manipulate a specific DLL and escalate privileges on vulnerable installations.

6.8
2019-02-05 CVE-2018-18503 Mozilla
Canonical
Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products

When JavaScript is used to create and manipulate an audio buffer, a potentially exploitable crash may occur because of a compartment mismatch in some situations.

6.8
2019-02-05 CVE-2018-20252 Rarlab Out-of-bounds Write vulnerability in Rarlab Winrar

In WinRAR versions prior to and including 5.60, there is an out-of-bounds write vulnerability during parsing of crafted ACE and RAR archive formats.

6.8
2019-02-05 CVE-2018-20250 Rarlab Path Traversal vulnerability in Rarlab Winrar

In WinRAR versions prior to and including 5.61, There is path traversal vulnerability when crafting the filename field of the ACE format (in UNACEV2.dll).

6.8
2019-02-05 CVE-2018-18992 Lcds Injection vulnerability in Lcds Laquis Scada 4.1.0.3870

LCDS Laquis SCADA prior to version 4.1.0.4150 allows taking in user input without proper sanitation, which may allow an attacker to execute remote code on the server.

6.8
2019-02-04 CVE-2019-1000022 Taoensso Cross-Site Request Forgery (CSRF) vulnerability in Taoensso Sente

Taoensso Sente version Prior to version 1.14.0 contains a Cross Site Request Forgery (CSRF) vulnerability in WebSocket handshake endpoint that can result in CSRF attack, possible leak of anti-CSRF token.

6.8
2019-02-04 CVE-2019-1000014 Erlang Improper Input Validation vulnerability in Erlang Rebar3

Erlang/OTP Rebar3 version 3.7.0 through 3.7.5 contains a Signing oracle vulnerability in Package registry verification that can result in Package modifications not detected, allowing code execution.

6.8
2019-02-04 CVE-2019-1000013 HEX Improper Input Validation vulnerability in HEX Core

Hex package manager hex_core version 0.3.0 and earlier contains a Signing oracle vulnerability in Package registry verification that can result in Package modifications not detected, allowing code execution.

6.8
2019-02-04 CVE-2019-1000012 HEX Improper Input Validation vulnerability in HEX

Hex package manager version 0.14.0 through 0.18.2 contains a Signing oracle vulnerability in Package registry verification that can result in Package modifications not detected, allowing code execution.

6.8
2019-02-04 CVE-2019-1000005 Mpdf Project Deserialization of Untrusted Data vulnerability in Mpdf Project Mpdf

mPDF version 7.1.7 and earlier contains a CWE-502: Deserialization of Untrusted Data vulnerability in getImage() method of Image/ImageProcessor class that can result in Arbitry code execution, file write, etc..

6.8
2019-02-04 CVE-2019-1000003 Mapsvg Cross-Site Request Forgery (CSRF) vulnerability in Mapsvg Lite 3.2.3

MapSVG MapSVG Lite version 3.2.3 contains a Cross Site Request Forgery (CSRF) vulnerability in REST endpoint /wp-admin/admin-ajax.php?action=mapsvg_save that can result in an attacker can modify post data, including embedding javascript.

6.8
2019-02-04 CVE-2019-7346 Zoneminder Cross-Site Request Forgery (CSRF) vulnerability in Zoneminder

A CSRF check issue exists in ZoneMinder through 1.32.3 as whenever a CSRF check fails, a callback function is called displaying a "Try again" button, which allows resending the failed request, making the CSRF attack successful.

6.8
2019-02-04 CVE-2018-20751 Podofo Project NULL Pointer Dereference vulnerability in Podofo Project Podofo 0.9.6

An issue was discovered in crop_page in PoDoFo 0.9.6.

6.8
2019-02-10 CVE-2018-20767 Xerox Improper Input Validation vulnerability in Xerox products

An issue was discovered on Xerox WorkCentre 3655, 3655i, 58XX, 58XXi, 59XX, 59XXi, 6655, 6655i, 72XX, 72XXi, 78XX, 78XXi, 7970, 7970i, EC7836, and EC7856 devices before R18-05 073.xxx.0487.15000.

6.5
2019-02-09 CVE-2019-7676 Enphase Weak Password Requirements vulnerability in Enphase Envoy

A weak password vulnerability was discovered in Enphase Envoy R3.*.*.

6.5
2019-02-07 CVE-2019-7580 Thinkcmf Code Injection vulnerability in Thinkcmf 5.0.190111

ThinkCMF 5.0.190111 allows remote attackers to execute arbitrary PHP code via the portal/admin_category/addpost.html alias parameter because the mishandling of a single quote character allows data/conf/route.php injection.

6.5
2019-02-06 CVE-2019-1003006 Jenkins Improper Access Control vulnerability in Jenkins Groovy

A sandbox bypass vulnerability exists in Jenkins Groovy Plugin 2.0 and earlier in src/main/java/hudson/plugins/groovy/StringScriptSource.java that allows attackers with Overall/Read permission to provide a Groovy script to an HTTP endpoint that can result in arbitrary code execution on the Jenkins master JVM.

6.5
2019-02-06 CVE-2019-1003005 Jenkins Permissions, Privileges, and Access Controls vulnerability in Jenkins Script Security

A sandbox bypass vulnerability exists in Jenkins Script Security Plugin 1.50 and earlier in src/main/java/org/jenkinsci/plugins/scriptsecurity/sandbox/groovy/SecureGroovyScript.java that allows attackers with Overall/Read permission to provide a Groovy script to an HTTP endpoint that can result in arbitrary code execution on the Jenkins master JVM.

6.5
2019-02-06 CVE-2019-1003015 Jenkins XXE vulnerability in Jenkins JOB Import

An XML external entity processing vulnerability exists in Jenkins Job Import Plugin 2.1 and earlier in src/main/java/org/jenkins/ci/plugins/jobimport/client/RestApiClient.java that allows attackers with the ability to control the HTTP server (Jenkins) queried in preparation of job import to read arbitrary files, perform a denial of service attack, etc.

6.4
2019-02-08 CVE-2018-18364 Symantec Untrusted Search Path vulnerability in Symantec Ghost Solution Suite

Symantec Ghost Solution Suite (GSS) versions prior to 3.3 RU1 may be susceptible to a DLL hijacking vulnerability, which is a type of issue whereby a potential attacker attempts to execute unexpected code on your machine.

6.0
2019-02-04 CVE-2019-7347 Zoneminder Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in Zoneminder

A Time-of-check Time-of-use (TOCTOU) Race Condition exists in ZoneMinder through 1.32.3 as a session remains active for an authenticated user even after deletion from the users table.

6.0
2019-02-08 CVE-2019-7636 Libsdl
Opensuse
Debian
Fedoraproject
Canonical
Out-of-bounds Read vulnerability in multiple products

SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer over-read in SDL_GetRGB in video/SDL_pixels.c.

5.8
2019-02-08 CVE-2019-7635 Libsdl
Opensuse
Debian
Fedoraproject
Canonical
Out-of-bounds Read vulnerability in multiple products

SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer over-read in Blit1to4 in video/SDL_blit_1.c.

5.8
2019-02-07 CVE-2019-7578 Libsdl
Opensuse
Debian
Fedoraproject
Canonical
Out-of-bounds Read vulnerability in multiple products

SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer over-read in InitIMA_ADPCM in audio/SDL_wave.c.

5.8
2019-02-07 CVE-2019-7570 Pbootcms Cross-Site Request Forgery (CSRF) vulnerability in Pbootcms 1.3.6

A CSRF vulnerability was found in PbootCMS v1.3.6 that can delete users via an admin.php/User/del/ucode/ URI.

5.8
2019-02-06 CVE-2019-1003009 Jenkins Improper Certificate Validation vulnerability in Jenkins Active Directory

An improper certificate validation vulnerability exists in Jenkins Active Directory Plugin 2.10 and earlier in src/main/java/hudson/plugins/active_directory/ActiveDirectoryDomain.java, src/main/java/hudson/plugins/active_directory/ActiveDirectorySecurityRealm.java, src/main/java/hudson/plugins/active_directory/ActiveDirectoryUnixAuthenticationProvider.java that allows attackers to impersonate the Active Directory server Jenkins connects to for authentication if Jenkins is configured to use StartTLS.

5.8
2019-02-04 CVE-2019-1000007 Aioxmpp Project Data Processing Errors vulnerability in Aioxmpp Project Aioxmpp

aioxmpp version 0.10.2 and earlier contains a Improper Handling of Structural Elements vulnerability in Stanza Parser, rollback during error processing, aioxmpp.xso.model.guard function that can result in Denial of Service, Other.

5.8
2019-02-06 CVE-2019-1003011 Jenkins
Redhat
Improper Input Validation vulnerability in multiple products

An information exposure and denial of service vulnerability exists in Jenkins Token Macro Plugin 2.5 and earlier in src/main/java/org/jenkinsci/plugins/tokenmacro/Parser.java, src/main/java/org/jenkinsci/plugins/tokenmacro/TokenMacro.java, src/main/java/org/jenkinsci/plugins/tokenmacro/impl/AbstractChangesSinceMacro.java, src/main/java/org/jenkinsci/plugins/tokenmacro/impl/ChangesSinceLastBuildMacro.java, src/main/java/org/jenkinsci/plugins/tokenmacro/impl/ProjectUrlMacro.java that allows attackers with the ability to control token macro input (such as SCM changelogs) to define recursive input that results in unexpected macro evaluation.

5.5
2019-02-05 CVE-2019-7403 Phpmywind Path Traversal vulnerability in PHPmywind 5.5

An issue was discovered in PHPMyWind 5.5.

5.5
2019-02-04 CVE-2019-1000011 API Platform Unspecified vulnerability in Api-Platform Core

API Platform version from 2.2.0 to 2.3.5 contains an Incorrect Access Control vulnerability in GraphQL delete mutations that can result in a user authorized to delete a resource can delete any resource.

5.5
2019-02-04 CVE-2019-1000002 Gitea Unspecified vulnerability in Gitea

Gitea version 1.6.2 and earlier contains a Incorrect Access Control vulnerability in Delete/Edit file functionallity that can result in the attacker deleting files outside the repository he/she has access to.

5.5
2019-02-04 CVE-2018-1970 IBM XXE vulnerability in IBM Security Access Manager

IBM Security Identity Manager 7.0.1 is vulnerable to a XML External Entity Injection (XXE) attack when processing XML data.

5.5
2019-02-04 CVE-2019-3813 Spice Project
Redhat
Debian
Canonical
Out-of-bounds Read vulnerability in multiple products

Spice, versions 0.5.2 through 0.14.1, are vulnerable to an out-of-bounds read due to an off-by-one error in memslot_get_virt.

5.4
2019-02-04 CVE-2019-7323 Logmx Insufficient Verification of Data Authenticity vulnerability in Logmx

GUP (generic update process) in LightySoft LogMX before 7.4.0 does not properly verify the authenticity of updates, which allows man-in-the-middle attackers to execute arbitrary code via a Trojan horse update.

5.1
2019-02-10 CVE-2018-20769 Xerox Path Traversal vulnerability in Xerox products

An issue was discovered on Xerox WorkCentre 3655, 3655i, 58XX, 58XXi, 59XX, 59XXi, 6655, 6655i, 72XX, 72XXi, 78XX, 78XXi, 7970, 7970i, EC7836, and EC7856 devices before R18-05 073.xxx.0487.15000.

5.0
2019-02-09 CVE-2019-7675 Mobotix Cleartext Transmission of Sensitive Information vulnerability in Mobotix S14 Firmware Mxv4.2.1.61

An issue was discovered on MOBOTIX S14 MX-V4.2.1.61 devices.

5.0
2019-02-09 CVE-2019-7674 Mobotix Weak Password Requirements vulnerability in Mobotix S14 Firmware Mxv4.2.1.61

An issue was discovered on MOBOTIX S14 MX-V4.2.1.61 devices.

5.0
2019-02-09 CVE-2019-7673 Mobotix Information Exposure vulnerability in Mobotix S14 Firmware Mxv4.2.1.61

An issue was discovered on MOBOTIX S14 MX-V4.2.1.61 devices.

5.0
2019-02-08 CVE-2019-7651 Emsisoft Unspecified vulnerability in Emsisoft Anti-Malware

EPP.sys in Emsisoft Anti-Malware prior to version 2018.12 allows an attacker to bypass ACLs because Interpreted Device Characteristics lacks FILE_DEVICE_SECURE_OPEN and therefore files and directories "inside" the \\.\EPP device are not properly protected, leading to unintended impersonation or object creation.

5.0
2019-02-08 CVE-2019-1676 Cisco Improper Input Validation vulnerability in Cisco Meeting Server

A vulnerability in the Session Initiation Protocol (SIP) call processing of Cisco Meeting Server (CMS) software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition of the Cisco Meeting Server.

5.0
2019-02-08 CVE-2019-1672 Cisco Resource Exhaustion vulnerability in Cisco web Security Appliance 10.1.0204/10.5.2072/11.5.1Fcs115

A vulnerability in the Decryption Policy Default Action functionality of the Cisco Web Security Appliance (WSA) could allow an unauthenticated, remote attacker to bypass a configured drop policy and allow traffic onto the network that should have been denied.

5.0
2019-02-08 CVE-2019-7648 Hotels Server Project Inadequate Encryption Strength vulnerability in Hotels Server Project Hotels Server 20181105

controller/fetchpwd.php and controller/doAction.php in Hotels_Server through 2018-11-05 rely on base64 in an attempt to protect password storage.

5.0
2019-02-07 CVE-2018-1340 Apache Missing Encryption of Sensitive Data vulnerability in Apache Guacamole

Prior to 1.0.0, Apache Guacamole used a cookie for client-side storage of the user's session token.

5.0
2019-02-07 CVE-2018-1296 Apache Information Exposure vulnerability in Apache Hadoop

In Apache Hadoop 3.0.0-alpha1 to 3.0.0, 2.9.0, 2.8.0 to 2.8.3, and 2.5.0 to 2.7.5, HDFS exposes extended attribute key/value pairs during listXAttrs, verifying only path-level search access to the directory rather than path-level read permission to the referent.

5.0
2019-02-07 CVE-2019-1660 Cisco Permissions, Privileges, and Access Controls vulnerability in Cisco Telepresence Management Suite

A vulnerability in the Simple Object Access Protocol (SOAP) of Cisco TelePresence Management Suite (TMS) software could allow an unauthenticated, remote attacker to gain unauthorized access to an affected device.

5.0
2019-02-07 CVE-2019-7535 Gurock Information Exposure vulnerability in Gurock Testrail 5.3.0.3603

index.php in Gurock TestRail 5.3.0.3603 returns potentially sensitive information for an invalid request, as demonstrated by full path disclosure and the identification of PHP as the backend technology.

5.0
2019-02-07 CVE-2019-4008 IBM Information Exposure Through Log Files vulnerability in IBM API Connect

API Connect V2018.1 through 2018.4.1.1 is impacted by access token leak.

5.0
2019-02-06 CVE-2019-3823 Haxx
Canonical
Debian
Netapp
Oracle
Out-of-bounds Read vulnerability in multiple products

libcurl versions from 7.34.0 to before 7.64.0 are vulnerable to a heap out-of-bounds read in the code handling the end-of-response for SMTP.

5.0
2019-02-06 CVE-2018-16890 Haxx
Canonical
Debian
Netapp
Siemens
Oracle
Out-of-bounds Read vulnerability in multiple products

libcurl versions from 7.36.0 to before 7.64.0 is vulnerable to a heap buffer out-of-bounds read.

5.0
2019-02-05 CVE-2018-18334 Trendmicro Information Exposure vulnerability in Trendmicro DR. Safety

A vulnerability in the Private Browser of Trend Micro Dr.

5.0
2019-02-05 CVE-2018-8799 Rdesktop
Debian
Out-of-bounds Read vulnerability in multiple products

rdesktop versions up to and including v1.8.3 contain an Out-Of-Bounds Read in function process_secondary_order() that results in a Denial of Service (segfault).

5.0
2019-02-05 CVE-2018-8798 Rdesktop
Debian
Out-of-bounds Read vulnerability in multiple products

rdesktop versions up to and including v1.8.3 contain an Out-Of-Bounds Read in function rdpsnd_process_ping() that results in an information leak.

5.0
2019-02-05 CVE-2018-8796 Rdesktop
Debian
Out-of-bounds Read vulnerability in multiple products

rdesktop versions up to and including v1.8.3 contain an Out-Of-Bounds Read in function process_bitmap_updates() that results in a Denial of Service (segfault).

5.0
2019-02-05 CVE-2018-8792 Rdesktop
Debian
Out-of-bounds Read vulnerability in multiple products

rdesktop versions up to and including v1.8.3 contain an Out-Of-Bounds Read in function cssp_read_tsrequest() that results in a Denial of Service (segfault).

5.0
2019-02-05 CVE-2018-8791 Rdesktop
Debian
Out-of-bounds Read vulnerability in multiple products

rdesktop versions up to and including v1.8.3 contain an Out-Of-Bounds Read in function rdpdr_process() that results in an information leak.

5.0
2019-02-05 CVE-2019-6535 Mitsubishielectric Resource Exhaustion vulnerability in Mitsubishielectric products

Mitsubishi Electric Q03/04/06/13/26UDVCPU: serial number 20081 and prior, Q04/06/13/26UDPVCPU: serial number 20081 and prior, and Q03UDECPU, Q04/06/10/13/20/26/50/100UDEHCPU: serial number 20101 and prior.

5.0
2019-02-05 CVE-2018-19000 Lcds Improper Authentication vulnerability in Lcds Laquis Scada 4.1.0.3870

LCDS Laquis SCADA prior to version 4.1.0.4150 allows an authentication bypass, which may allow an attacker access to sensitive data.

5.0
2019-02-05 CVE-2018-18990 Lcds Path Traversal vulnerability in Lcds Laquis Scada 4.1.0.3870

LCDS Laquis SCADA prior to version 4.1.0.4150 allows a user-supplied path in file operations prior to proper validation.

5.0
2019-02-05 CVE-2017-1198 IBM Information Exposure Through Log Files vulnerability in IBM Bigfix Compliance 1.7/1.8/1.9.91

IBM BigFix Compliance 1.7 through 1.9.91 (TEMA SUAv1 SCA SCM) stores sensitive information in URL parameters.

5.0
2019-02-05 CVE-2017-1177 IBM Information Exposure vulnerability in IBM Bigfix Compliance 1.7/1.8/1.9.91

IBM BigFix Compliance 1.7 through 1.9.91 discloses sensitive information to unauthorized users.

5.0
2019-02-05 CVE-2019-3818 Kube Rbac Proxy Project
Redhat
Use of a Broken or Risky Cryptographic Algorithm vulnerability in multiple products

The kube-rbac-proxy container before version 0.4.1 as used in Red Hat OpenShift Container Platform does not honor TLS configurations, allowing for use of insecure ciphers and TLS 1.0.

5.0
2019-02-05 CVE-2018-11803 Apache
Canonical
Access of Uninitialized Pointer vulnerability in multiple products

Subversion's mod_dav_svn Apache HTTPD module versions 1.11.0 and 1.10.0 to 1.10.3 will crash after dereferencing an uninitialized pointer if the client omits the root path in a recursive directory listing operation.

5.0
2019-02-05 CVE-2018-15658 42Gears Information Exposure vulnerability in 42Gears Suremdm 6.34/6.35

An issue was discovered in 42Gears SureMDM before 2018-11-27.

5.0
2019-02-05 CVE-2018-15656 42Gears Information Exposure vulnerability in 42Gears Suremdm 6.34/6.35

An issue was discovered in the registration API endpoint in 42Gears SureMDM before 2018-11-27.

5.0
2019-02-05 CVE-2019-7398 Imagemagick
Opensuse
Debian
Canonical
Memory Leak vulnerability in multiple products

In ImageMagick before 7.0.8-25, a memory leak exists in WriteDIBImage in coders/dib.c.

5.0
2019-02-05 CVE-2019-7397 Imagemagick
Graphicsmagick
Opensuse
Debian
Canonical
Memory Leak vulnerability in multiple products

In ImageMagick before 7.0.8-25 and GraphicsMagick through 1.3.31, several memory leaks exist in WritePDFImage in coders/pdf.c.

5.0
2019-02-05 CVE-2019-7396 Imagemagick
Opensuse
Debian
Canonical
Memory Leak vulnerability in multiple products

In ImageMagick before 7.0.8-25, a memory leak exists in ReadSIXELImage in coders/sixel.c.

5.0
2019-02-05 CVE-2019-7395 Imagemagick
Opensuse
Debian
Canonical
Memory Leak vulnerability in multiple products

In ImageMagick before 7.0.8-25, a memory leak exists in WritePSDChannel in coders/psd.c.

5.0
2019-02-05 CVE-2019-7390 Dlink Missing Authentication for Critical Function vulnerability in Dlink Dir-823G Firmware 1.02B03

An issue was discovered in /bin/goahead on D-Link DIR-823G devices with firmware 1.02B03.

5.0
2019-02-05 CVE-2019-7388 Dlink Information Exposure vulnerability in Dlink Dir-823G Firmware 1.02B03

An issue was discovered in /bin/goahead on D-Link DIR-823G devices with firmware 1.02B03.

5.0
2019-02-04 CVE-2019-1000021 Slixmpp Project Unspecified vulnerability in Slixmpp Project Slixmpp

slixmpp version before commit 7cd73b594e8122dddf847953fcfc85ab4d316416 contains an incorrect Access Control vulnerability in XEP-0223 plugin (Persistent Storage of Private Data via PubSub) options profile, used for the configuration of default access model that can result in all of the contacts of the victim can see private data having been published to a PEP node.

5.0
2019-02-04 CVE-2019-1000001 Teampass Insufficiently Protected Credentials vulnerability in Teampass

TeamPass version 2.1.27 and earlier contains a Storing Passwords in a Recoverable Format vulnerability in Shared password vaults that can result in all shared passwords are recoverable server side.

5.0
2019-02-04 CVE-2018-1801 IBM XXE vulnerability in IBM products

IBM App Connect V11.0.0.0 through V11.0.0.1, IBM Integration Bus V10.0.0.0 through V10.0.0.13, IBM Integration Bus V9.0.0.0 through V9.0.0.10, and WebSphere Message Broker V8.0.0.0 through V8.0.0.9 is vulnerable to a XML External Entity Injection (XXE) attack when processing XML data.

5.0
2019-02-04 CVE-2018-1675 IBM Information Exposure vulnerability in IBM Tivoli Application Dependency Discovery Manager

IBM Tivoli Application Dependency Discovery Manager 7.2.2 and 7.3 could expose password hashes in stored in system memory on target systems that are configured to use TADDM.

5.0
2019-02-08 CVE-2018-9190 Fortinet NULL Pointer Dereference vulnerability in Fortinet Forticlient

A null pointer dereference vulnerability in Fortinet FortiClientWindows 6.0.2 and earlier allows attacker to cause a denial of service via the NDIS miniport driver.

4.9
2019-02-04 CVE-2019-7350 Zoneminder Session Fixation vulnerability in Zoneminder

Session fixation exists in ZoneMinder through 1.32.3, as an attacker can fixate his own session cookies to the next logged-in user, thereby hijacking the victim's account.

4.9
2019-02-06 CVE-2019-6517 BD Unspecified vulnerability in BD Facslyric and Facslyric IVD

BD FACSLyric Research Use Only, Windows 10 Professional Operating System, U.S.

4.6
2019-02-06 CVE-2019-3820 Gnome
Opensuse
Canonical
Improper Authentication vulnerability in multiple products

It was discovered that the gnome-shell lock screen since version 3.15.91 did not properly restrict all contextual actions.

4.6
2019-02-04 CVE-2019-4038 IBM Code Injection vulnerability in IBM Security Identity Manager

IBM Security Identity Manager 6.0 and 7.0 could allow an attacker to create unexpected control flow paths through the application, potentially bypassing security checks.

4.6
2019-02-04 CVE-2019-1000018 Pizzashack
Debian
Fedoraproject
Canonical
Command Injection vulnerability in multiple products

rssh version 2.3.4 contains a CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability in allowscp permission that can result in Local command execution.

4.6
2019-02-04 CVE-2019-3461 Debian Race Condition vulnerability in Debian Linux and Tmpreaper

Debian tmpreaper version 1.6.13+nmu1 has a race condition when doing a (bind) mount via rename() which could result in local privilege escalation.

4.4
2019-02-10 CVE-2019-7704 Webassembly Allocation of Resources Without Limits or Throttling vulnerability in Webassembly Binaryen

wasm::WasmBinaryBuilder::readUserSection in wasm-binary.cpp in Binaryen 1.38.22 triggers an attempt at excessive memory allocation, as demonstrated by wasm-merge and wasm-opt.

4.3
2019-02-10 CVE-2019-7703 Webassembly Use After Free vulnerability in Webassembly Binaryen

In Binaryen 1.38.22, there is a use-after-free problem in wasm::WasmBinaryBuilder::visitCall in wasm-binary.cpp.

4.3
2019-02-10 CVE-2019-7702 Webassembly NULL Pointer Dereference vulnerability in Webassembly Binaryen

A NULL pointer dereference was discovered in wasm::SExpressionWasmBuilder::parseExpression in wasm-s-parser.cpp in Binaryen 1.38.22.

4.3
2019-02-10 CVE-2019-7701 Webassembly Out-of-bounds Read vulnerability in Webassembly Binaryen

A heap-based buffer over-read was discovered in wasm::SExpressionParser::skipWhitespace() in wasm-s-parser.cpp in Binaryen 1.38.22.

4.3
2019-02-10 CVE-2019-7700 Webassembly Out-of-bounds Read vulnerability in Webassembly Binaryen

A heap-based buffer over-read was discovered in wasm::WasmBinaryBuilder::visitCall in wasm-binary.cpp in Binaryen 1.38.22.

4.3
2019-02-10 CVE-2019-7699 Axiosys Out-of-bounds Read vulnerability in Axiosys Bento4 1.5.1627

A heap-based buffer over-read occurs in AP4_BitStream::WriteBytes in Codecs/Ap4BitStream.cpp in Bento4 v1.5.1-627.

4.3
2019-02-10 CVE-2019-7698 Axiosys Allocation of Resources Without Limits or Throttling vulnerability in Axiosys Bento4 1.5.1627

An issue was discovered in AP4_Array<AP4_CttsTableEntry>::EnsureCapacity in Core/Ap4Array.h in Bento4 1.5.1-627.

4.3
2019-02-10 CVE-2019-7697 Axiosys Reachable Assertion vulnerability in Axiosys Bento4 1.5.1627

An issue was discovered in Bento4 v1.5.1-627.

4.3
2019-02-10 CVE-2019-7693 Axiositalia Cross-site Scripting vulnerability in Axiositalia Registro Elettronico 1.7.0/7.0.0

Axios Italia Axios RE 1.7.0/7.0.0 devices have XSS via the RELogOff.aspx Error_Parameters parameter.

4.3
2019-02-09 CVE-2019-7677 Enphase Cross-site Scripting vulnerability in Enphase Envoy

XSS exists in Enphase Envoy R3.*.* via the profileName parameter to the /home URI on TCP port 8888.

4.3
2019-02-09 CVE-2019-7665 Elfutils Project
Debian
Out-of-bounds Read vulnerability in multiple products

In elfutils 0.175, a heap-based buffer over-read was discovered in the function elf32_xlatetom in elf32_xlatetom.c in libelf.

4.3
2019-02-09 CVE-2019-7664 Elfutils Project Out-of-bounds Write vulnerability in Elfutils Project Elfutils 0.175

In elfutils 0.175, a negative-sized memcpy is attempted in elf_cvt_note in libelf/note_xlate.h because of an incorrect overflow check.

4.3
2019-02-09 CVE-2019-7663 Libtiff
Debian
Canonical
Opensuse
An Invalid Address dereference was discovered in TIFFWriteDirectoryTagTransferfunction in libtiff/tif_dirwrite.c in LibTIFF 4.0.10, affecting the cpSeparateBufToContigBuf function in tiffcp.c.
4.3
2019-02-08 CVE-2019-7639 Fedoraproject
GSI Openssh Project
Incorrect Authorization vulnerability in multiple products

An issue was discovered in gsi-openssh-server 7.9p1 on Fedora 29.

4.3
2019-02-08 CVE-2019-7628 Redhat Information Exposure vulnerability in Redhat Pagure 5.2

Pagure 5.2 leaks API keys by e-mailing them to users.

4.3
2019-02-07 CVE-2019-1671 Cisco Cross-site Scripting vulnerability in Cisco Firepower Management Center

A vulnerability in the web-based management interface of Cisco Firepower Management Center (FMC) could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected system.

4.3
2019-02-07 CVE-2019-1670 Cisco Cross-site Scripting vulnerability in Cisco Unified Intelligence Center 9.5(1)

A vulnerability in the web-based management interface of Cisco Unified Intelligence Center Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web interface of an affected system.

4.3
2019-02-07 CVE-2019-1661 Cisco Cross-site Scripting vulnerability in Cisco Telepresence Management Suite 15.0

A vulnerability in the web-based management interface of Cisco TelePresence Management Suite (TMS) software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device.

4.3
2019-02-07 CVE-2019-1680 Cisco Improper Input Validation vulnerability in Cisco Webex Business Suite and Webex Meetings Online

A vulnerability in Cisco Webex Business Suite could allow an unauthenticated, remote attacker to inject arbitrary text into a user's browser.

4.3
2019-02-07 CVE-2019-7567 Bijiadao Cross-site Scripting vulnerability in Bijiadao Waimai Super CMS 20150505

An issue was discovered in Waimai Super Cms 20150505.

4.3
2019-02-07 CVE-2019-7560 Boolector Project Use After Free vulnerability in Boolector Project Boolector 3.0.0

In parser/btorsmt2.c in Boolector 3.0.0, opening a specially crafted input file leads to a use after free in get_failed_assumptions or btor_delete.

4.3
2019-02-07 CVE-2019-7559 Btor2Tools Project Out-of-bounds Write vulnerability in Btor2Tools Project Btor2Tools

In btor2parser/btor2parser.c in Boolector Btor2Tools before 2019-01-15, opening a specially crafted input file leads to an out of bounds write in pusht_bfr.

4.3
2019-02-06 CVE-2019-7546 Topnew Cross-site Scripting vulnerability in Topnew Sidu 6.0

An issue was discovered in SIDU 6.0.

4.3
2019-02-06 CVE-2019-7543 Kindsoft Cross-site Scripting vulnerability in Kindsoft Kindeditor 4.1.11

In KindEditor 4.1.11, the php/demo.php content1 parameter has a reflected Cross-site Scripting (XSS) vulnerability.

4.3
2019-02-06 CVE-2015-9282 Grafana Cross-site Scripting vulnerability in Grafana Piechart-Panel

The Pie Chart Panel plugin through 2019-01-02 for Grafana is vulnerable to XSS via legend data or tooltip data.

4.3
2019-02-06 CVE-2018-20757 Modx Cross-site Scripting vulnerability in Modx Revolution

MODX Revolution through v2.7.0-pl allows XSS via an extended user field such as Container name or Attribute name.

4.3
2019-02-06 CVE-2018-20756 Modx Cross-site Scripting vulnerability in Modx Revolution

MODX Revolution through v2.7.0-pl allows XSS via a document resource (such as pagetitle), which is mishandled during an Update action, a Quick Edit action, or the viewing of manager logs.

4.3
2019-02-06 CVE-2018-20755 Modx Cross-site Scripting vulnerability in Modx Revolution

MODX Revolution through v2.7.0-pl allows XSS via the User Photo field.

4.3
2019-02-06 CVE-2019-1003023 Jenkins Cross-site Scripting vulnerability in Jenkins Warnings Next Generation 1.0.0/1.0.1

A cross-site scripting vulnerability exists in Jenkins Warnings Next Generation Plugin 1.0.1 and earlier in src/main/java/io/jenkins/plugins/analysis/core/model/DetailsTableModel.java, src/main/java/io/jenkins/plugins/analysis/core/model/SourceDetail.java, src/main/java/io/jenkins/plugins/analysis/core/model/SourcePrinter.java, src/main/java/io/jenkins/plugins/analysis/core/util/Sanitizer.java, src/main/java/io/jenkins/plugins/analysis/warnings/DuplicateCodeScanner.java that allows attackers with the ability to control warnings parser input to have Jenkins render arbitrary HTML.

4.3
2019-02-06 CVE-2019-1003022 Jenkins Cross-Site Request Forgery (CSRF) vulnerability in Jenkins Monitoring 1.73.0/1.73.1/1.74.0

A denial of service vulnerability exists in Jenkins Monitoring Plugin 1.74.0 and earlier in PluginImpl.java that allows attackers to kill threads running on the Jenkins master.

4.3
2019-02-06 CVE-2019-1003021 Jenkins Information Exposure vulnerability in Jenkins Openid Connect Authentication 1.4

An exposure of sensitive information vulnerability exists in Jenkins OpenId Connect Authentication Plugin 1.4 and earlier in OicSecurityRealm/config.jelly that allows attackers able to view a Jenkins administrator's web browser output, or control the browser (e.g.

4.3
2019-02-06 CVE-2019-1003019 Jenkins Session Fixation vulnerability in Jenkins Github Oauth

An session fixation vulnerability exists in Jenkins GitHub Authentication Plugin 0.29 and earlier in GithubSecurityRealm.java that allows unauthorized attackers to impersonate another user if they can control the pre-authentication session.

4.3
2019-02-06 CVE-2019-1003018 Jenkins Information Exposure vulnerability in Jenkins Github Oauth

An exposure of sensitive information vulnerability exists in Jenkins GitHub Authentication Plugin 0.29 and earlier in GithubSecurityRealm/config.jelly that allows attackers able to view a Jenkins administrator's web browser output, or control the browser (e.g.

4.3
2019-02-06 CVE-2019-1003016 Jenkins Cross-Site Request Forgery (CSRF) vulnerability in Jenkins JOB Import

An exposure of sensitive information vulnerability exists in Jenkins Job Import Plugin 2.1 and earlier in src/main/java/org/jenkins/ci/plugins/jobimport/JobImportAction.java, src/main/java/org/jenkins/ci/plugins/jobimport/JobImportGlobalConfig.java, src/main/java/org/jenkins/ci/plugins/jobimport/model/JenkinsSite.java that allows attackers with Overall/Read permission to have Jenkins connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins.

4.3
2019-02-06 CVE-2019-1003012 Jenkins
Redhat
Cross-Site Request Forgery (CSRF) vulnerability in multiple products

A data modification vulnerability exists in Jenkins Blue Ocean Plugins 1.10.1 and earlier in blueocean-core-js/src/js/bundleStartup.js, blueocean-core-js/src/js/fetch.ts, blueocean-core-js/src/js/i18n/i18n.js, blueocean-core-js/src/js/urlconfig.js, blueocean-rest/src/main/java/io/jenkins/blueocean/rest/APICrumbExclusion.java, blueocean-web/src/main/java/io/jenkins/blueocean/BlueOceanUI.java, blueocean-web/src/main/resources/io/jenkins/blueocean/BlueOceanUI/index.jelly that allows attackers to bypass all cross-site request forgery protection in Blue Ocean API.

4.3
2019-02-06 CVE-2019-1003010 Jenkins
Redhat
Cross-Site Request Forgery (CSRF) vulnerability in multiple products

A cross-site request forgery vulnerability exists in Jenkins Git Plugin 3.9.1 and earlier in src/main/java/hudson/plugins/git/GitTagAction.java that allows attackers to create a Git tag in a workspace and attach corresponding metadata to a build record.

4.3
2019-02-06 CVE-2019-6504 Broadcom Cross-site Scripting vulnerability in Broadcom Automic Workload Automation 12.0/12.1/12.2

Insufficient output sanitization in the Automic Web Interface (AWI), in CA Automic Workload Automation 12.0 to 12.2, allow attackers to potentially conduct persistent cross site scripting (XSS) attacks via a crafted object.

4.3
2019-02-05 CVE-2018-18506 Mozilla
Canonical
Debian
Redhat
Opensuse
When proxy auto-detection is enabled, if a web server serves a Proxy Auto-Configuration (PAC) file or if a PAC file is loaded locally, this PAC file can specify that requests to the localhost are to be sent through the proxy to another server.
4.3
2019-02-05 CVE-2018-20251 Rarlab Path Traversal vulnerability in Rarlab Winrar

In WinRAR versions prior to and including 5.61, there is path traversal vulnerability when crafting the filename field of the ACE format.

4.3
2019-02-05 CVE-2019-7413 Parallax Scroll Project Cross-site Scripting vulnerability in Parallax Scroll Project Parallax Scroll

In the Parallax Scroll (aka adamrob-parallax-scroll) plugin before 2.1 for WordPress, includes/adamrob-parralax-shortcode.php allows XSS via the title text.

4.3
2019-02-05 CVE-2017-1200 IBM Improper Certificate Validation vulnerability in IBM Bigfix Compliance 1.7/1.8/1.9.91

IBM BigFix Compliance 1.7 through 1.9.91 (TEMA SUAv1 SCA SCM) does not validate, or incorrectly validates, a certificate.This weakness might allow an attacker to spoof a trusted entity by using a man-in-the-middle (MITM) attack.

4.3
2019-02-05 CVE-2019-7402 Phpmywind Cross-Site Request Forgery (CSRF) vulnerability in PHPmywind 5.5

An issue was discovered in PHPMyWind 5.5.

4.3
2019-02-05 CVE-2019-7400 Rukovoditel Cross-site Scripting vulnerability in Rukovoditel

Rukovoditel before 2.4.1 allows XSS.

4.3
2019-02-05 CVE-2018-15659 42Gears Information Exposure vulnerability in 42Gears Suremdm 6.34

An issue was discovered in 42Gears SureMDM before 2018-11-27, related to the access policy for Silverlight applications.

4.3
2019-02-05 CVE-2018-15655 42Gears Information Exposure vulnerability in 42Gears Suremdm 6.34

An issue was discovered in 42Gears SureMDM before 2018-11-27, related to CORS settings.

4.3
2019-02-04 CVE-2019-1000024 OPT NET Cross-site Scripting vulnerability in Opt-Net Ng-Netms 3.3/3.5/3.62

OPT/NET BV NG-NetMS version v3.6-2 and earlier versions contains a Cross Site Scripting (XSS) vulnerability in /js/libs/jstree/demo/filebrowser/index.php page.

4.3
2019-02-04 CVE-2019-1000020 Libarchive
Canonical
Debian
Fedoraproject
Opensuse
Redhat
Infinite Loop vulnerability in multiple products

libarchive version commit 5a98dcf8a86364b3c2c469c85b93647dfb139961 onwards (version v2.8.0 onwards) contains a CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') vulnerability in ISO9660 parser, archive_read_support_format_iso9660.c, read_CE()/parse_rockridge() that can result in DoS by infinite loop.

4.3
2019-02-04 CVE-2019-1000019 Libarchive
Debian
Canonical
Fedoraproject
Opensuse
Redhat
Out-of-bounds Read vulnerability in multiple products

libarchive version commit bf9aec176c6748f0ee7a678c5f9f9555b9a757c1 onwards (release v3.0.2 onwards) contains a CWE-125: Out-of-bounds Read vulnerability in 7zip decompression, archive_read_support_format_7zip.c, header_bytes() that can result in a crash (denial of service).

4.3
2019-02-04 CVE-2019-1000016 Ffmpeg Improper Validation of Array Index vulnerability in Ffmpeg 4.1

FFMPEG version 4.1 contains a CWE-129: Improper Validation of Array Index vulnerability in libavcodec/cbs_av1.c that can result in Denial of service.

4.3
2019-02-04 CVE-2019-1000015 Chamilo Cross-site Scripting vulnerability in Chamilo LMS

Chamilo Chamilo-lms version 1.11.8 and earlier contains a Cross Site Scripting (XSS) vulnerability in main/messages/new_message.php, main/social/personal_data.php, main/inc/lib/TicketManager.php, main/ticket/ticket_details.php that can result in a message being sent to the Administrator with the XSS to steal cookies.

4.3
2019-02-04 CVE-2019-1000010 Phpipam Cross-site Scripting vulnerability in PHPipam

phpIPAM version 1.3.2 and earlier contains a Cross Site Scripting (XSS) vulnerability in subnet-scan-telnet.php that can result in executing code in victims browser.

4.3
2019-02-04 CVE-2019-1000008 Helm Path Traversal vulnerability in Helm

All versions of Helm between Helm >=2.0.0 and < 2.12.2 contains a CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in The commands `helm fetch --untar` and `helm lint some.tgz` that can result when chart archive files are unpacked a file may be unpacked outside of the target directory.

4.3
2019-02-04 CVE-2019-1000004 Jspmyadmin Cross-site Scripting vulnerability in Jspmyadmin Jspmyadmin2

yugandhargangu JspMyAdmin2 version 1.0.6 and earlier contains a Cross Site Scripting (XSS) vulnerability in sidebar and table data that can result in Database fields aren't properly sanitized and allow code injection (Cross-Site Scripting).

4.3
2019-02-04 CVE-2018-1000998 Freebsd Cross-site Scripting vulnerability in Freebsd Cvsweb 2.0.4/2.0.5/2.0.6

FreeBSD CVSweb version 2.x contains a Cross Site Scripting (XSS) vulnerability in all pages that can result in limited impact--CVSweb is anonymous & read-only.

4.3
2019-02-04 CVE-2019-7352 Zoneminder Cross-site Scripting vulnerability in Zoneminder

Self - Stored Cross Site Scripting (XSS) exists in ZoneMinder through 1.32.3, as the view 'state' (aka Run State) (state.php) does no input validation to the value supplied to the 'New State' (aka newState) field, allowing an attacker to execute HTML or JavaScript code.

4.3
2019-02-04 CVE-2019-7351 Zoneminder Injection vulnerability in Zoneminder

Log Injection exists in ZoneMinder through 1.32.3, as an attacker can entice the victim to visit a specially crafted link, which in turn will inject a custom Log message provided by the attacker in the 'log' view page, as demonstrated by the message=User%20'admin'%20Logged%20in value.

4.3
2019-02-04 CVE-2019-7349 Zoneminder Cross-site Scripting vulnerability in Zoneminder

Reflected Cross Site Scripting (XSS) exists in ZoneMinder through 1.32.3, allowing an attacker to execute HTML or JavaScript code via a vulnerable 'newMonitor[V4LCapturesPerFrame]' parameter value in the view monitor (monitor.php) because proper filtration is omitted.

4.3
2019-02-04 CVE-2019-7348 Zoneminder Cross-site Scripting vulnerability in Zoneminder

Self - Stored Cross Site Scripting (XSS) exists in ZoneMinder through 1.32.3, allowing an attacker to execute HTML or JavaScript code via a vulnerable 'username' parameter value in the view user (user.php) because proper filtration is omitted.

4.3
2019-02-04 CVE-2019-7344 Zoneminder Cross-site Scripting vulnerability in Zoneminder

Reflected XSS exists in ZoneMinder through 1.32.3, allowing an attacker to execute HTML or JavaScript code in the view 'filter' as it insecurely prints the 'filter[Name]' (aka Filter name) value on the web page without applying any proper filtration.

4.3
2019-02-04 CVE-2019-7343 Zoneminder Cross-site Scripting vulnerability in Zoneminder

Reflected - Cross Site Scripting (XSS) exists in ZoneMinder through 1.32.3, allowing an attacker to execute HTML or JavaScript code via a vulnerable 'newMonitor[Method]' parameter value in the view monitor (monitor.php) because proper filtration is omitted.

4.3
2019-02-04 CVE-2019-7342 Zoneminder Cross-site Scripting vulnerability in Zoneminder

POST - Cross Site Scripting (XSS) exists in ZoneMinder through 1.32.3, allowing an attacker to execute HTML or JavaScript code via a vulnerable 'filter[AutoExecuteCmd]' parameter value in the view filter (filter.php) because proper filtration is omitted.

4.3
2019-02-04 CVE-2019-7341 Zoneminder Cross-site Scripting vulnerability in Zoneminder

Reflected - Cross Site Scripting (XSS) exists in ZoneMinder through 1.32.3, allowing an attacker to execute HTML or JavaScript code via a vulnerable 'newMonitor[LinkedMonitors]' parameter value in the view monitor (monitor.php) because proper filtration is omitted.

4.3
2019-02-04 CVE-2019-7340 Zoneminder Cross-site Scripting vulnerability in Zoneminder

POST - Cross Site Scripting (XSS) exists in ZoneMinder through 1.32.3, allowing an attacker to execute HTML or JavaScript code via a vulnerable 'filter[Query][terms][0][val]' parameter value in the view filter (filter.php) because proper filtration is omitted.

4.3
2019-02-04 CVE-2019-7339 Zoneminder Cross-site Scripting vulnerability in Zoneminder

POST - Cross Site Scripting (XSS) exists in ZoneMinder through 1.32.3, allowing an attacker to execute HTML or JavaScript code via a vulnerable 'level' parameter value in the view log (log.php) because proper filtration is omitted.

4.3
2019-02-04 CVE-2019-7338 Zoneminder Cross-site Scripting vulnerability in Zoneminder

Self - Stored XSS exists in ZoneMinder through 1.32.3, allowing an attacker to execute HTML or JavaScript code in the view 'group' as it insecurely prints the 'Group Name' value on the web page without applying any proper filtration.

4.3
2019-02-04 CVE-2019-7336 Zoneminder Cross-site Scripting vulnerability in Zoneminder

Self - Stored Cross Site Scripting (XSS) exists in ZoneMinder through 1.32.3, as the view _monitor_filters.php contains takes in input from the user and saves it into the session, and retrieves it later (insecurely).

4.3
2019-02-04 CVE-2019-7335 Zoneminder Cross-site Scripting vulnerability in Zoneminder

Self - Stored XSS exists in ZoneMinder through 1.32.3, allowing an attacker to execute HTML or JavaScript code in the view 'log' as it insecurely prints the 'Log Message' value on the web page without applying any proper filtration.

4.3
2019-02-04 CVE-2019-7334 Zoneminder Cross-site Scripting vulnerability in Zoneminder

Reflected Cross Site Scripting (XSS) exists in ZoneMinder through 1.32.3, allowing an attacker to execute HTML or JavaScript code via a vulnerable 'Exportfile' parameter value in the view export (export.php) because proper filtration is omitted.

4.3
2019-02-04 CVE-2019-7333 Zoneminder Cross-site Scripting vulnerability in Zoneminder

Reflected Cross Site Scripting (XSS) exists in ZoneMinder through 1.32.3, allowing an attacker to execute HTML or JavaScript code via a vulnerable 'Exportfile' parameter value in the view download (download.php) because proper filtration is omitted.

4.3
2019-02-04 CVE-2019-7332 Zoneminder Cross-site Scripting vulnerability in Zoneminder

Reflected Cross Site Scripting (XSS) exists in ZoneMinder through 1.32.3, allowing an attacker to execute HTML or JavaScript code via a vulnerable 'eid' (aka Event ID) parameter value in the view download (download.php) because proper filtration is omitted.

4.3
2019-02-04 CVE-2019-7331 Zoneminder Cross-site Scripting vulnerability in Zoneminder

Self - Stored Cross Site Scripting (XSS) exists in ZoneMinder through 1.32.3 while editing an existing monitor field named "signal check color" (monitor.php).

4.3
2019-02-04 CVE-2019-7330 Zoneminder Cross-site Scripting vulnerability in Zoneminder

Reflected Cross Site Scripting (XSS) exists in ZoneMinder through 1.32.3, allowing an attacker to execute HTML or JavaScript code via a vulnerable 'show' parameter value in the view frame (frame.php) because proper filtration is omitted.

4.3
2019-02-04 CVE-2019-7329 Zoneminder Cross-site Scripting vulnerability in Zoneminder

Reflected Cross Site Scripting (XSS) exists in ZoneMinder through 1.32.3, as the form action on multiple views utilizes $_SERVER['PHP_SELF'] insecurely, mishandling any arbitrary input appended to the webroot URL, without any proper filtration, leading to XSS.

4.3
2019-02-04 CVE-2019-7328 Zoneminder Cross-site Scripting vulnerability in Zoneminder

Reflected Cross Site Scripting (XSS) exists in ZoneMinder through 1.32.3, allowing an attacker to execute HTML or JavaScript code via a vulnerable 'scale' parameter value in the view frame (frame.php) via /js/frame.js.php because proper filtration is omitted.

4.3
2019-02-04 CVE-2019-7327 Zoneminder Cross-site Scripting vulnerability in Zoneminder

Reflected Cross Site Scripting (XSS) exists in ZoneMinder through 1.32.3, allowing an attacker to execute HTML or JavaScript code via a vulnerable 'scale' parameter value in the view frame (frame.php) because proper filtration is omitted.

4.3
2019-02-04 CVE-2019-7326 Zoneminder Cross-site Scripting vulnerability in Zoneminder

Self - Stored Cross Site Scripting (XSS) exists in ZoneMinder through 1.32.3, allowing an attacker to execute HTML or JavaScript code via a vulnerable 'Host' parameter value in the view console (console.php) because proper filtration is omitted.

4.3
2019-02-04 CVE-2019-7325 Zoneminder Cross-site Scripting vulnerability in Zoneminder

Reflected Cross Site Scripting (XSS) exists in ZoneMinder through 1.32.3, as multiple views under web/skins/classic/views insecurely utilize $_REQUEST['PHP_SELF'], without applying any proper filtration.

4.3
2019-02-04 CVE-2019-7324 Kanboard Cross-site Scripting vulnerability in Kanboard

app/Core/Paginator.php in Kanboard before 1.2.8 has XSS in pagination sorting.

4.3
2019-02-08 CVE-2019-6242 Kentico Insufficiently Protected Credentials vulnerability in Kentico 10.0.42

** DISPUTED ** Kentico v10.0.42 allows Global Administrators to read the cleartext SMTP Password by navigating to the SMTP configuration page.

4.0
2019-02-07 CVE-2019-1679 Cisco Server-Side Request Forgery (SSRF) vulnerability in Cisco products

A vulnerability in the web interface of Cisco TelePresence Conductor, Cisco Expressway Series, and Cisco TelePresence Video Communication Server (VCS) Software could allow an authenticated, remote attacker to trigger an HTTP request from an affected server to an arbitrary host.

4.0
2019-02-07 CVE-2019-1678 Cisco Improper Input Validation vulnerability in Cisco Meeting Server 2.3.6

A vulnerability in Cisco Meeting Server could allow an authenticated, remote attacker to cause a partial denial of service (DoS) to Cisco Meetings application users who are paired with a Session Initiation Protocol (SIP) endpoint.

4.0
2019-02-07 CVE-2018-1666 IBM Unspecified vulnerability in IBM Datapower Gateway

IBM DataPower Gateway 2018.4.1.0, 7.6.0.0 through 7.6.0.11, 7.5.2.0 through 7.5.2.18, 7.5.1.0 through 7.5.1.18, 7.5.0.0 through 7.5.0.19, and 7.7.0.0 through 7.7.1.3 could allow an authenticated user to inject arbitrary messages that would be displayed on the UI.

4.0
2019-02-06 CVE-2019-1003020 Jenkins Server-Side Request Forgery (SSRF) vulnerability in Jenkins Kanboard

A server-side request forgery vulnerability exists in Jenkins Kanboard Plugin 1.5.10 and earlier in KanboardGlobalConfiguration.java that allows attackers with Overall/Read permission to submit a GET request to an attacker-specified URL.

4.0
2019-02-04 CVE-2019-7387 Systrome Path Traversal vulnerability in Systrome products

A local file inclusion vulnerability exists in the web interface of Systrome Cumilon ISG-600C, ISG-600H, and ISG-800W 1.1-R2.1_TRUNK-20180914.bin devices.

4.0
2019-02-04 CVE-2019-1000017 Chamilo Missing Authorization vulnerability in Chamilo LMS

Chamilo Chamilo-lms version 1.11.8 and earlier contains an Incorrect Access Control vulnerability in Tickets component that can result in an authenticated user can read all tickets available on the platform, due to lack of access controls.

4.0
2019-02-04 CVE-2019-1000009 Helm Path Traversal vulnerability in Helm Chartmuseum

Helm ChartMuseum version >=0.1.0 and < 0.8.1 contains a CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in HTTP API to save charts that can result in a specially crafted chart could be uploaded and saved outside the intended location.

4.0

19 Low Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2019-02-08 CVE-2019-1673 Cisco Cross-site Scripting vulnerability in Cisco Identity Services Engine 2.5(0.353)

A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based interface.

3.5
2019-02-06 CVE-2019-7547 Topnew Cross-site Scripting vulnerability in Topnew Sidu 6.0

An issue was discovered in SIDU 6.0.

3.5
2019-02-06 CVE-2019-7545 Dbninja Cross-site Scripting vulnerability in Dbninja

In DbNinja 3.2.7, the Add Host function of the Manage Hosts pages has a Stored Cross-site Scripting (XSS) vulnerability in the User Name field.

3.5
2019-02-06 CVE-2019-7544 Mywebsql Cross-site Scripting vulnerability in Mywebsql

An issue was discovered in MyWebSQL 3.7.

3.5
2019-02-06 CVE-2018-20758 Modx Cross-site Scripting vulnerability in Modx Revolution

MODX Revolution through v2.7.0-pl allows XSS via User Settings such as Description.

3.5
2019-02-06 CVE-2019-1003014 Jenkins
Redhat
Cross-site Scripting vulnerability in multiple products

An cross-site scripting vulnerability exists in Jenkins Config File Provider Plugin 3.4.1 and earlier in src/main/resources/lib/configfiles/configfiles.jelly that allows attackers with permission to define shared configuration files to execute arbitrary JavaScript when a user attempts to delete the shared configuration file.

3.5
2019-02-06 CVE-2019-1003013 Jenkins
Redhat
Cross-site Scripting vulnerability in multiple products

An cross-site scripting vulnerability exists in Jenkins Blue Ocean Plugins 1.10.1 and earlier in blueocean-commons/src/main/java/io/jenkins/blueocean/commons/stapler/Export.java, blueocean-commons/src/main/java/io/jenkins/blueocean/commons/stapler/export/ExportConfig.java, blueocean-commons/src/main/java/io/jenkins/blueocean/commons/stapler/export/JSONDataWriter.java, blueocean-rest-impl/src/main/java/io/jenkins/blueocean/service/embedded/UserStatePreloader.java, blueocean-web/src/main/resources/io/jenkins/blueocean/PageStatePreloadDecorator/header.jelly that allows attackers with permission to edit a user's description in Jenkins to have Blue Ocean render arbitrary HTML when using it as that user.

3.5
2019-02-05 CVE-2019-6591 F5 Cross-site Scripting vulnerability in F5 Big-Ip Access Policy Manager

On BIG-IP APM 14.0.0 to 14.0.0.4, 13.0.0 to 13.1.1.3 and 12.1.0 to 12.1.3.7, a reflected cross-site scripting (XSS) vulnerability exists in the resource information page for authenticated users when a full webtop is configured on the BIG-IP APM system.

3.5
2019-02-05 CVE-2017-1202 IBM Injection vulnerability in IBM Bigfix Compliance 1.7/1.8/1.9.91

IBM BigFix Compliance 1.7 through 1.9.91 (TEMA SUAv1 SCA SCM) is vulnerable to HTML injection.

3.5
2019-02-04 CVE-2019-7345 Zoneminder Cross-site Scripting vulnerability in Zoneminder

Self - Stored Cross Site Scripting (XSS) exists in ZoneMinder through 1.32.3, as the view 'options' (options.php) does no input validation for the WEB_TITLE, HOME_URL, HOME_CONTENT, or WEB_CONSOLE_BANNER value, allowing an attacker to execute HTML or JavaScript code.

3.5
2019-02-04 CVE-2019-7337 Zoneminder Cross-site Scripting vulnerability in Zoneminder

Reflected Cross Site Scripting (XSS) exists in ZoneMinder through 1.32.3 as the view 'events' (events.php) insecurely displays the limit parameter value, without applying any proper output filtration.

3.5
2019-02-06 CVE-2019-1003017 Jenkins Cross-Site Request Forgery (CSRF) vulnerability in Jenkins JOB Import

A data modification vulnerability exists in Jenkins Job Import Plugin 3.0 and earlier in JobImportAction.java that allows attackers to copy jobs from a preconfigured other Jenkins instance, potentially installing additional plugins necessary to load the imported job's configuration.

2.6
2019-02-04 CVE-2019-7317 Libpng
Debian
Canonical
Use After Free vulnerability in multiple products

png_image_free in png.c in libpng 1.6.x before 1.6.37 has a use-after-free because png_image_free_function is called under png_safe_execute.

2.6
2019-02-06 CVE-2018-7839 Schneider Electric Cryptographic Issues vulnerability in Schneider-Electric Iiot Monitor 3.1.38

A Cryptographic Issue (CWE-310) vulnerability exists in IIoT Monitor 3.1.38 which could allow information disclosure.

2.1
2019-02-05 CVE-2018-3989 Wibu
Microsoft
Use of Uninitialized Resource vulnerability in Wibu Wibukey 6.40

An exploitable kernel memory disclosure vulnerability exists in the 0x8200E804 IOCTL handler functionality of WIBU-SYSTEMS WibuKey.sys Version 6.40 (Build 2400).A specially crafted IRP request can cause the driver to return uninitialized memory, resulting in kernel memory disclosure.

2.1
2019-02-04 CVE-2018-1962 IBM Session Fixation vulnerability in IBM Security Identity Manager

IBM Security Identity Manager 7.0.1 Virtual Appliance does not invalidate session tokens when the logout button is pressed.

2.1
2019-02-04 CVE-2018-11760 Apache Unspecified vulnerability in Apache Spark

When using PySpark , it's possible for a different local user to connect to the Spark application and impersonate the user running the Spark application.

2.1
2019-02-07 CVE-2019-1677 Cisco Cross-site Scripting vulnerability in Cisco Webex Meetings

A vulnerability in Cisco Webex Meetings for Android could allow an unauthenticated, local attacker to perform a cross-site scripting attack against the application.

1.9
2019-02-05 CVE-2018-15657 42Gears Server-Side Request Forgery (SSRF) vulnerability in 42Gears Suremdm 6.34/6.35

An SSRF issue was discovered in 42Gears SureMDM before 2018-11-27 via the /api/DownloadUrlResponse.ashx "url" parameter.

1.9