Weekly Vulnerabilities Reports > February 11 to 17, 2019

Overview

191 new vulnerabilities reported during this period, including 26 critical vulnerabilities and 100 high severity vulnerabilities. This weekly summary report vulnerabilities in 255 products from 105 vendors including Google, SAP, Dlink, Debian, and Fedoraproject. Vulnerabilities are notably categorized as "Cross-site Scripting", "Out-of-bounds Read", "OS Command Injection", "Out-of-bounds Write", and "NULL Pointer Dereference".

  • 130 reported vulnerabilities are remotely exploitables.
  • 16 reported vulnerabilities have public exploit available.
  • 71 reported vulnerabilities are related to weaknesses in OWASP Top Ten.
  • 123 reported vulnerabilities are exploitable by an anonymous user.
  • Google has the most reported vulnerabilities, with 24 reported vulnerabilities.
  • IBM has the most reported critical vulnerabilities, with 2 reported vulnerabilities.

TOTAL
VULNERABILITIES
CRITICAL RISK
VULNERABILITIES
HIGH RISK
VULNERABILITIES
MEDIUM RISK
VULNERABILITIES
LOW RISK
VULNERABILITIES
REMOTELY
EXPLOITABLE
LOCALLY
EXPLOITABLE
EXPLOIT
AVAILABLE
EXPLOITABLE
ANONYMOUSLY
AFFECTING
WEB APPLICATION

Vulnerability Details

The following table list reported vulnerabilities for the period covered by this report:

Expand/Hide

26 Critical Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2019-02-17 CVE-2019-8393 Hotels Server Project SQL Injection vulnerability in Hotels Server Project Hotels Server 1.0/20181105

Hotels_Server through 2018-11-05 has SQL Injection via the API because the controller/api/login.php telephone parameter is mishandled.

9.8
2019-02-17 CVE-2019-8395 Zohocorp Use of Incorrectly-Resolved Name or Reference vulnerability in Zohocorp Manageengine Servicedesk Plus

An Insecure Direct Object Reference (IDOR) vulnerability exists in Zoho ManageEngine ServiceDesk Plus (SDP) before 10.0 build 10007 via an attachment to a request.

9.8
2019-02-16 CVE-2019-8360 Themerig SQL Injection vulnerability in Themerig Find a Place CMS Directory 1.5

Themerig Find a Place CMS Directory 1.5 has SQL Injection via the find/assets/external/data_2.php cate parameter.

9.8
2019-02-15 CVE-2015-4615 Easy2Map SQL Injection vulnerability in Easy2Map Easy2Map-Photos 1.09

Vulnerability in Easy2map-photos WordPress Plugin v1.09 allows SQL Injection via unsanitized mapTemplateName, mapName, mapSettingsXML, parentCSSXML, photoCSSXML, mapCSSXML, mapHTML,mapID variables

9.8
2019-02-15 CVE-2019-4059 IBM Insufficiently Protected Credentials vulnerability in IBM Rational Clearcase

IBM Rational ClearCase 1.0.0.0 GIT connector does not sufficiently protect the document database password.

9.8
2019-02-15 CVE-2019-0261 SAP Missing Authentication for Critical Function vulnerability in SAP Landscape Management 3.0

Under certain circumstances, SAP HANA Extended Application Services, advanced model (XS advanced) does not perform authentication checks properly for XS advanced platform and business users.

9.8
2019-02-15 CVE-2019-0259 SAP Unrestricted Upload of File with Dangerous Type vulnerability in SAP Businessobjects 4.2/4.3

SAP BusinessObjects, versions 4.2 and 4.3, (Visual Difference) allows an attacker to upload any file (including script files) without proper file format validation.

9.8
2019-02-15 CVE-2019-8341 Pocoo
Opensuse
Code Injection vulnerability in multiple products

An issue was discovered in Jinja2 2.10.

9.8
2019-02-13 CVE-2019-5916 D Circle Expression Language Injection vulnerability in D-Circle Power EGG

Input validation issue in POWER EGG(Ver 2.0.1, Ver 2.02 Patch 3 and earlier, Ver 2.1 Patch 4 and earlier, Ver 2.2 Patch 7 and earlier, Ver 2.3 Patch 9 and earlier, Ver 2.4 Patch 13 and earlier, Ver 2.5 Patch 12 and earlier, Ver 2.6 Patch 8 and earlier, Ver 2.7 Patch 6 and earlier, Ver 2.7 Government Edition Patch 7 and earlier, Ver 2.8 Patch 6 and earlier, Ver 2.8c Patch 5 and earlier, Ver 2.9 Patch 4 and earlier) allows remote attackers to execute EL expression on the server via unspecified vectors.

9.8
2019-02-13 CVE-2019-5909 Yokogawa Improper Authentication vulnerability in Yokogawa products

License Manager Service of YOKOGAWA products (CENTUM VP (R5.01.00 - R6.06.00), CENTUM VP Entry Class (R5.01.00 - R6.06.00), ProSafe-RS (R3.01.00 - R4.04.00), PRM (R4.01.00 - R4.02.00), B/M9000 VP(R7.01.01 - R8.02.03)) allows remote attackers to bypass access restriction to send malicious files to the PC where License Manager Service runs via unspecified vectors.

9.8
2019-02-13 CVE-2019-6543 Aveva Missing Authentication for Critical Function vulnerability in Aveva Indusoft web Studio and Intouch Machine Edition 2014

AVEVA Software, LLC InduSoft Web Studio prior to Version 8.1 SP3 and InTouch Edge HMI (formerly InTouch Machine Edition) prior to Version 2017 Update.

9.8
2019-02-12 CVE-2018-19645 Microfocus Improper Authentication vulnerability in Microfocus Solutions Business Manager

An Authentication Bypass issue exists in Solutions Business Manager (SBM) (formerly Serena Business Manager (SBM)) versions prior to 11.5.

9.8
2019-02-12 CVE-2019-7743 Joomla Expression Language Injection vulnerability in Joomla Joomla!

An issue was discovered in Joomla! before 3.9.3.

9.8
2019-02-12 CVE-2019-6527 Kunbus Improper Authentication vulnerability in Kunbus Pr100088 Modbus Gateway Firmware 1.0.10232/1.1.13166

PR100088 Modbus gateway versions prior to Release R02 (or Software Version 1.1.13166) may allow an attacker to be able to change the password for an admin user who is currently or previously logged in, provided the device has not been restarted.

9.8
2019-02-11 CVE-2018-9583 Google Out-of-bounds Write vulnerability in Google Android

In bta_ag_parse_cmer of bta_ag_cmd.cc in Android-7.0, Android-7.1.1, Android-7.1.2, Android-8.0, Android-8.1 and Android-9, there is a possible out-of-bounds write due to a missing bounds check.

9.8
2019-02-11 CVE-2019-7736 Dlink Forced Browsing vulnerability in Dlink Dir-600M Firmware 3.04

D-Link DIR-600M C1 3.04 devices allow authentication bypass via a direct request to the wan.htm page.

9.8
2019-02-11 CVE-2019-7731 Mywebsql Use of Incorrectly-Resolved Name or Reference vulnerability in Mywebsql 3.7

MyWebSQL 3.7 has a remote code execution (RCE) vulnerability after an attacker writes shell code into the database, and executes the Backup Database function with a .php filename for the backup's archive file.

9.8
2019-02-11 CVE-2018-12549 Eclipse
Redhat
Improper Input Validation vulnerability in multiple products

In Eclipse OpenJ9 version 0.11.0, the OpenJ9 JIT compiler may incorrectly omit a null check on the receiver object of an Unsafe call when accelerating it.

9.8
2019-02-11 CVE-2018-12547 Eclipse
Redhat
Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products

In Eclipse OpenJ9, prior to the 0.12.0 release, the jio_snprintf() and jio_vsnprintf() native methods ignored the length parameter.

9.8
2019-02-11 CVE-2019-7720 Taogogo Code Injection vulnerability in Taogogo Taocms

taocms through 2014-05-24 allows eval injection by placing PHP code in the install.php db_name parameter and then making a config.php request.

9.8
2019-02-11 CVE-2019-7719 Nibbleblog Code Injection vulnerability in Nibbleblog 4.0.5

Nibbleblog 4.0.5 allows eval injection by placing PHP code in the install.php username parameter and then making a content/private/shadow.php request.

9.8
2019-02-11 CVE-2018-20779 Traq SQL Injection vulnerability in Traq 3.7.1

Traq 3.7.1 allows SQL Injection via a tickets?search= URI.

9.8
2019-02-11 CVE-2019-7747 Dbninja Session Fixation vulnerability in Dbninja 3.2.7

DbNinja 3.2.7 allows session fixation via the data.php sessid parameter.

9.6
2019-02-15 CVE-2013-5654 Yingzhipython Project Improper Access Control vulnerability in Yingzhipython Project Yingzhipython 1.9

Vulnerability in YingZhi Python Programming Language v1.9 allows arbitrary anonymous uploads to the phone's storage

9.1
2019-02-15 CVE-2018-1727 IBM XXE vulnerability in IBM Infosphere Information Server

IBM InfoSphere Information Server 9.1, 11.3, 11.5, and 11.7 is vulnerable to a XML External Entity Injection (XXE) attack when processing XML data.

9.1
2019-02-12 CVE-2019-6533 Kunbus Missing Authentication for Critical Function vulnerability in Kunbus Pr100088 Modbus Gateway Firmware 1.0.10232/1.1.13166

Registers used to store Modbus values can be read and written from the web interface without authentication in the PR100088 Modbus gateway versions prior to Release R02 (or Software Version 1.1.13166).

9.1

100 High Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2019-02-17 CVE-2019-8418 Seacms Unspecified vulnerability in Seacms 7.2

SeaCMS 7.2 mishandles member.php?mod=repsw4 requests.

8.8
2019-02-17 CVE-2019-8412 Feifeicms Path Traversal vulnerability in Feifeicms 4.0.181010

FeiFeiCms 4.0.181010 on Windows allows remote attackers to read or delete arbitrary files via index.php?s=Admin-Data-Down-id-..\ or index.php?s=Admin-Data-Del-id-..\ directory traversal.

8.8
2019-02-17 CVE-2019-8382 Axiosys NULL Pointer Dereference vulnerability in Axiosys Bento4 1.5.1628

An issue was discovered in Bento4 1.5.1-628.

8.8
2019-02-17 CVE-2019-8380 Axiosys NULL Pointer Dereference vulnerability in Axiosys Bento4 1.5.1628

An issue was discovered in Bento4 1.5.1-628.

8.8
2019-02-17 CVE-2019-8378 Axiosys Out-of-bounds Read vulnerability in Axiosys Bento4 1.5.1628

An issue was discovered in Bento4 1.5.1-628.

8.8
2019-02-15 CVE-2013-2516 Fileutils Project Command Injection vulnerability in Fileutils Project Fileutils

Vulnerability in FileUtils v0.7, Ruby Gem Fileutils <= v0.7 Command Injection vulnerability in user supplied url variable that is passed to the shell.

8.8
2019-02-15 CVE-2019-0267 SAP Cross-Site Request Forgery (CSRF) vulnerability in SAP Manufacturing Integration and Intelligence 15.0/15.1/15.2

SAP Manufacturing Integration and Intelligence, versions 15.0, 15.1 and 15.2, (Illuminator Servlet) currently does not provide Anti-XSRF tokens.

8.8
2019-02-15 CVE-2019-0258 SAP Missing Authorization vulnerability in SAP Disclosure Management 10.01

SAP Disclosure Management, version 10.01, does not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges.

8.8
2019-02-15 CVE-2019-0257 SAP Missing Authorization vulnerability in SAP products

Customizing functionality of SAP NetWeaver AS ABAP Platform (fixed in versions from 7.0 to 7.02, from 7.10 to 7.11, 7.30, 7.31, 7.40, from 7.50 to 7.53, from 7.74 to 7.75) does not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges.

8.8
2019-02-15 CVE-2019-8347 Beescms Cross-Site Request Forgery (CSRF) vulnerability in Beescms 4.0

BEESCMS 4.0 has a CSRF vulnerability to add arbitrary VIP accounts via the admin/admin_member.php?action=add&nav=add_web_user&admin_p_nav=user URI.

8.8
2019-02-13 CVE-2019-8319 Dlink OS Command Injection vulnerability in Dlink Dir-878 Firmware 1.12A1

An issue was discovered on D-Link DIR-878 devices with firmware 1.12A1.

8.8
2019-02-13 CVE-2019-8318 Dlink OS Command Injection vulnerability in Dlink Dir-878 Firmware 1.12A1

An issue was discovered on D-Link DIR-878 devices with firmware 1.12A1.

8.8
2019-02-13 CVE-2019-8317 Dlink OS Command Injection vulnerability in Dlink Dir-878 Firmware 1.12A1

An issue was discovered on D-Link DIR-878 devices with firmware 1.12A1.

8.8
2019-02-13 CVE-2019-8316 Dlink OS Command Injection vulnerability in Dlink Dir-878 Firmware 1.12A1

An issue was discovered on D-Link DIR-878 devices with firmware 1.12A1.

8.8
2019-02-13 CVE-2019-8315 Dlink OS Command Injection vulnerability in Dlink Dir-878 Firmware 1.12A1

An issue was discovered on D-Link DIR-878 devices with firmware 1.12A1.

8.8
2019-02-13 CVE-2019-8314 Dlink OS Command Injection vulnerability in Dlink Dir-878 Firmware 1.12A1

An issue was discovered on D-Link DIR-878 devices with firmware 1.12A1.

8.8
2019-02-13 CVE-2019-8313 Dlink OS Command Injection vulnerability in Dlink Dir-878 Firmware 1.12A1

An issue was discovered on D-Link DIR-878 devices with firmware 1.12A1.

8.8
2019-02-13 CVE-2019-8312 Dlink OS Command Injection vulnerability in Dlink Dir-878 Firmware 1.12A1

An issue was discovered on D-Link DIR-878 devices with firmware 1.12A1.

8.8
2019-02-12 CVE-2019-5596 Freebsd Unspecified vulnerability in Freebsd 11.2/12.0

In FreeBSD 11.2-STABLE after r338618 and before r343786, 12.0-STABLE before r343781, and 12.0-RELEASE before 12.0-RELEASE-p3, a bug in the reference count implementation for UNIX domain sockets can cause a file structure to be incorrectly released potentially allowing a malicious local user to gain root privileges or escape from a jail.

8.8
2019-02-11 CVE-2019-7737 Verydows Cross-Site Request Forgery (CSRF) vulnerability in Verydows 2.0

A CSRF vulnerability was found in Verydows v2.0 that can add an admin account via index.php?m=backend&c=admin&a=add&step=submit.

8.8
2019-02-11 CVE-2018-20780 Traq Cross-Site Request Forgery (CSRF) vulnerability in Traq 3.7.1

Traq 3.7.1 allows admin/users/new CSRF to create an admin account (aka group_id=1).

8.8
2019-02-11 CVE-2018-18569 Dundas Server-Side Request Forgery (SSRF) vulnerability in Dundas BI 5.0.1.1010

The Dundas BI server before 5.0.1.1010 is vulnerable to a Server-Side Request Forgery attack, allowing an attacker to forge arbitrary requests (with certain restrictions) that will be executed on behalf of the attacker, via the viewUrl parameter of the "export the dashboard as an image" feature.

8.6
2019-02-11 CVE-2019-5736 Docker
Linuxfoundation
Redhat
Google
Linuxcontainers
HP
Netapp
Apache
Opensuse
D2Iq
Fedoraproject
Canonical
Microfocus
OS Command Injection vulnerability in multiple products

runc through 1.0-rc6, as used in Docker before 18.09.2 and other products, allows attackers to overwrite the host runc binary (and consequently obtain host root access) by leveraging the ability to execute a command as root within one of these types of containers: (1) a new container with an attacker-controlled image, or (2) an existing container, to which the attacker previously had write access, that can be attached with docker exec.

8.6
2019-02-15 CVE-2018-1701 IBM Unspecified vulnerability in IBM products

IBM InfoSphere Information Server 11.7 could allow an authenciated user under specialized conditions to inject commands into the installation process that would execute on the WebSphere Application Server.

8.5
2019-02-12 CVE-2019-8308 Flatpak
Debian
Redhat
Exposure of Resource to Wrong Sphere vulnerability in multiple products

Flatpak before 1.0.7, and 1.1.x and 1.2.x before 1.2.3, exposes /proc in the apply_extra script sandbox, which allows attackers to modify a host-side executable file.

8.2
2019-02-17 CVE-2019-8389 Musicloud Project Path Traversal vulnerability in Musicloud Project Musicloud 1.6

A file-read vulnerability was identified in the Wi-Fi transfer feature of Musicloud 1.6.

8.1
2019-02-16 CVE-2019-8358 Hiawatha Webserver Path Traversal vulnerability in Hiawatha-Webserver Hiawatha

In Hiawatha before 10.8.4, a remote attacker is able to do directory traversal if AllowDotFiles is enabled.

8.1
2019-02-15 CVE-2019-0255 SAP Improper Input Validation vulnerability in SAP products

SAP NetWeaver AS ABAP Platform, Krnl64nuc 7.74, krnl64UC 7.73, 7.74, Kernel 7.73, 7.74, 7.75, fails to validate type of installation for an ABAP Server system correctly.

8.1
2019-02-15 CVE-2019-6974 Linux
Debian
Canonical
F5
Redhat
Use After Free vulnerability in multiple products

In the Linux kernel before 4.20.8, kvm_ioctl_create_device in virt/kvm/kvm_main.c mishandles reference counting because of a race condition, leading to a use-after-free.

8.1
2019-02-13 CVE-2018-20238 Atlassian Session Fixation vulnerability in Atlassian Crowd

Various rest resources in Atlassian Crowd before version 3.2.7 and from version 3.3.0 before version 3.3.4 allow remote attackers to authenticate using an expired user session via an insufficient session expiration vulnerability.

8.1
2019-02-11 CVE-2019-7722 PMD Project XXE vulnerability in PMD Project PMD

PMD 5.8.1 and earlier processes XML external entities in ruleset files it parses as part of the analysis process, allowing attackers tampering it (either by direct modification or MITM attacks when using remote rulesets) to perform information disclosure, denial of service, or request forgery attacks.

8.1
2019-02-11 CVE-2019-7718 Metinfo Race Condition vulnerability in Metinfo

An issue was discovered in Metinfo 6.x.

8.1
2019-02-13 CVE-2018-15781 Dell Use of Hard-coded Credentials vulnerability in Dell Wyse Thinlinux 2.0

The Dell Wyse Password Encoder in ThinLinux2 versions prior to 2.1.0.01 contain a Hard-coded Cryptographic Key vulnerability.

8.0
2019-02-17 CVE-2019-8383 Advancemame
Debian
Fedoraproject
Redhat
Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products

An issue was discovered in AdvanceCOMP through 2.1.

7.8
2019-02-17 CVE-2019-8381 Broadcom
Fedoraproject
Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products

An issue was discovered in Tcpreplay 4.3.1.

7.8
2019-02-17 CVE-2019-8379 Advancemame
Debian
Fedoraproject
Redhat
NULL Pointer Dereference vulnerability in multiple products

An issue was discovered in AdvanceCOMP through 2.1.

7.8
2019-02-17 CVE-2019-8377 Broadcom
Fedoraproject
NULL Pointer Dereference vulnerability in multiple products

An issue was discovered in Tcpreplay 4.3.1.

7.8
2019-02-17 CVE-2019-8376 Broadcom
Fedoraproject
NULL Pointer Dereference vulnerability in multiple products

An issue was discovered in Tcpreplay 4.3.1.

7.8
2019-02-15 CVE-2019-8343 Nasm Use After Free vulnerability in Nasm Netwide Assembler 2.14.02

In Netwide Assembler (NASM) 2.14.02, there is a use-after-free in paste_tokens in asm/preproc.c.

7.8
2019-02-13 CVE-2018-6271 Google Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android

NVIDIA Tegra OpenMax driver (libnvomx) contains a vulnerability in which the software delivers extra data with the buffer and does not properly validated the extra data, which may lead to denial of service or escalation of privileges.

7.8
2019-02-13 CVE-2018-6268 Google Use After Free vulnerability in Google Android

NVIDIA Tegra library contains a vulnerability in libnvmmlite_video.so, where referencing memory after it has been freed may lead to denial of service or possible escalation of privileges.

7.8
2019-02-13 CVE-2018-6267 Google Improper Input Validation vulnerability in Google Android

NVIDIA Tegra OpenMax driver (libnvomx) contains a vulnerability in which the software does not validate or incorrectly validates input that can affect the control flow or data flow of a program, which may lead to denial of service or escalation of privileges.

7.8
2019-02-13 CVE-2018-19008 ABB Improper Input Validation vulnerability in ABB Cp400Pb Firmware 2.0.7.05

The TextEditor 2.0 in ABB CP400 Panel Builder versions 2.0.7.05 and earlier contain a vulnerability in the file parser of the Text Editor wherein the application doesn't properly prevent the insertion of specially crafted files which could allow arbitrary code execution.

7.8
2019-02-13 CVE-2019-5913 Micco Untrusted Search Path vulnerability in Micco Lhmelting

Untrusted search path vulnerability in the installer of LHMelting (LHMelting for Win32 Ver 1.65.3.6 and earlier) allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.

7.8
2019-02-13 CVE-2019-5912 Micco Untrusted Search Path vulnerability in Micco Unarj32.Dll

Untrusted search path vulnerability in the installer of UNARJ32.DLL (UNARJ32.DLL for Win32 Ver 1.10.1.25 and earlier) allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.

7.8
2019-02-13 CVE-2019-5911 Micco Untrusted Search Path vulnerability in Micco Unlha32.Dll

Untrusted search path vulnerability in the installer of UNLHA32.DLL (UNLHA32.DLL for Win32 Ver 2.67.1.2 and earlier) allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.

7.8
2019-02-13 CVE-2018-16190 Micco Untrusted Search Path vulnerability in Micco products

Untrusted search path vulnerability in UNARJ32.DLL for Win32, LHMelting for Win32, and LMLzh32.DLL (UNARJ32.DLL for Win32 Ver 1.10.1.25 and earlier, LHMelting for Win32 Ver 1.65.3.6 and earlier, LMLzh32.DLL Ver 2.67.1.2 and earlier) allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.

7.8
2019-02-13 CVE-2018-16189 Micco Untrusted Search Path vulnerability in Micco Unlha32.Dll

Untrusted search path vulnerability in Self-Extracting Archives created by UNLHA32.DLL prior to Ver 3.00 allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.

7.8
2019-02-13 CVE-2019-3782 Cloudfoundry Insufficiently Protected Credentials vulnerability in Cloudfoundry Credhub CLI

Cloud Foundry CredHub CLI, versions prior to 2.2.1, inadvertently writes authentication credentials provided via environment variables to its persistent config file.

7.8
2019-02-13 CVE-2018-20253 Rarlab Out-of-bounds Write vulnerability in Rarlab Winrar

In WinRAR versions prior to and including 5.60, There is an out-of-bounds write vulnerability during parsing of a crafted LHA / LZH archive formats.

7.8
2019-02-13 CVE-2019-6541 WE CON Out-of-bounds Write vulnerability in We-Con Levistudiou 1.8.29/1.8.44/1.8.56

A memory corruption vulnerability has been identified in WECON LeviStudioU version 1.8.56 and prior, which may allow arbitrary code execution.

7.8
2019-02-13 CVE-2019-6539 WE CON Out-of-bounds Write vulnerability in We-Con Levistudiou 1.8.29/1.8.44/1.8.56

Several heap-based buffer overflow vulnerabilities in WECON LeviStudioU version 1.8.56 and prior have been identified, which may allow arbitrary code execution.

7.8
2019-02-13 CVE-2019-6537 WE CON Out-of-bounds Write vulnerability in We-Con Levistudiou 1.8.29/1.8.44/1.8.56

Multiple stack-based buffer overflow vulnerabilities in WECON LeviStudioU version 1.8.56 and prior may be exploited when parsing strings within project files.

7.8
2019-02-12 CVE-2018-20781 Gnome
Canonical
Oracle
Insufficiently Protected Credentials vulnerability in multiple products

In pam/gkr-pam-module.c in GNOME Keyring before 3.27.2, the user's password is kept in a session-child process spawned from the LightDM daemon.

7.8
2019-02-11 CVE-2018-9585 Google Out-of-bounds Write vulnerability in Google Android

In nfc_ncif_proc_get_routing of nfc_ncif.cc in Android-7.0, Android-7.1.1, Android-7.1.2, Android-8.0, Android-8.1 and Android-9, there is a possible out of bounds write due to a missing bounds check.

7.8
2019-02-11 CVE-2018-9584 Google Out-of-bounds Write vulnerability in Google Android

In nfc_ncif_set_config_status of nfc_ncif.cc in Android-7.0, Android-7.1.1, Android-7.1.2, Android-8.0, Android-8.1 and Android-9, there is a possible out of bounds write due to a missing bounds check.

7.8
2019-02-11 CVE-2018-9582 Google Externally Controlled Reference to a Resource in Another Sphere vulnerability in Google Android 8.0/8.1/9.0

In package installer in Android-8.0, Android-8.1 and Android-9, there is a possible bypass of the unknown source warning due to a confused deputy scenario.

7.8
2019-02-11 CVE-2018-13893 Google Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Google Android

In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, Out of bound mask range access caused by using possible old value of msg mask table count while copying masks to userspace.

7.8
2019-02-11 CVE-2018-13889 Google Use After Free vulnerability in Google Android

In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, Heap memory was accessed after it was freed

7.8
2019-02-11 CVE-2018-13888 Qualcomm Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Qualcomm products

There is potential for memory corruption in the RIL daemon due to de reference of memory outside the allocated array length in RIL in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables in versions MDM9206, MDM9607, MDM9635M, MDM9650, MSM8909W, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 625, SD 636, SD 650/52, SD 675, SD 712 / SD 710 / SD 670, SD 820A, SD 835, SD 845 / SD 850, SD 855, SDM439, SDM630, SDM660, ZZ_QCS605.

7.8
2019-02-11 CVE-2018-12014 Google Use After Free vulnerability in Google Android

In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, Null pointer dereference vulnerability may occur due to missing NULL assignment in NAT module of freed pointer.

7.8
2019-02-11 CVE-2018-12010 Google Out-of-bounds Write vulnerability in Google Android

In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, Absence of length sanity check may lead to possible stack overflow resulting in memory corruption in trustzone region.

7.8
2019-02-11 CVE-2018-11962 Google Use After Free vulnerability in Google Android

In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, Use-after-free issue in heap while loading audio effects config in audio effects factory.

7.8
2019-02-11 CVE-2018-11899 Qualcomm Improper Validation of Array Index vulnerability in Qualcomm products

While processing radio connection status change events, Radio index is not properly validated in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile and Snapdragon Voice & Music in versions MDM9206, MDM9607, MDM9640, MDM9650, MSM8996AU, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 625, SD 636, SD 650/52, SD 675, SD 712 / SD 710 / SD 670, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 855, SDA660, SDM439, SDM630, SDM660, SDX20, SDX24.

7.8
2019-02-11 CVE-2018-11888 Qualcomm Missing Authorization vulnerability in Qualcomm products

Unauthorized access may be allowed by the SCP11 Crypto Services TA will processing commands from other TA in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile and Snapdragon Voice & Music in versions MDM9607, MDM9650, MDM9655, MSM8996AU, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 615/16/SD 415, SD 625, SD 632, SD 650/52, SD 820, SD 820A, SD 835, SD 8CX, SDM439, Snapdragon_High_Med_2016.

7.8
2019-02-11 CVE-2018-11855 Qualcomm Integer Overflow or Wraparound vulnerability in Qualcomm products

If an end user makes use of SCP11 sample OCE code without modification it could lead to a buffer overflow when transmitting a CAPDU in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT and Snapdragon Mobile in versions MDM9607, MDM9650, MDM9655, MSM8996AU, SD 210/SD 212/SD 205, SD 410/12, SD 636, SD 820, SD 820A, SD 835, SD 8CX, SDA660, SDM630, SDM660.

7.8
2019-02-11 CVE-2018-11847 Qualcomm Improper Input Validation vulnerability in Qualcomm products

Malicious TA can tag QSEE kernel memory and map to EL0, there by corrupting the physical memory as well it can be used to corrupt the QSEE kernel and compromise the whole TEE in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables and Snapdragon Wired Infrastructure and Networking in versions IPQ8074, MDM9206, MDM9607, MDM9650, MDM9655, MSM8909W, MSM8996AU, QCA8081, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 615/16/SD 415, SD 625, SD 632, SD 650/52, SD 820, SD 820A, SD 835, SD 8CX, SDM439 and Snapdragon_High_Med_2016

7.8
2019-02-17 CVE-2019-7649 Cmswing Use of Password Hash With Insufficient Computational Effort vulnerability in Cmswing 1.3.7

global.encryptPassword in bootstrap/global.js in CMSWing 1.3.7 relies on multiple MD5 operations for password hashing.

7.5
2019-02-17 CVE-2019-8411 Zzcms Path Traversal vulnerability in Zzcms 2018

admin/dl_data.php in zzcms 2018 (2018-10-19) allows remote attackers to delete arbitrary files via action=del&filename=../ directory traversal.

7.5
2019-02-17 CVE-2018-20782 Globee Improper Input Validation vulnerability in Globee Woocommerce 1.0.1/1.1.0/1.1.1

The GloBee plugin before 1.1.2 for WooCommerce mishandles IPN messages.

7.5
2019-02-17 CVE-2019-8392 Dlink Unspecified vulnerability in Dlink Dir-823G Firmware 1.02B03

An issue was discovered on D-Link DIR-823G devices with firmware 1.02B03.

7.5
2019-02-16 CVE-2019-8362 Dedecms Unrestricted Upload of File with Dangerous Type vulnerability in Dedecms 5.5/5.6/5.7

DedeCMS through V5.7SP2 allows arbitrary file upload in dede/album_edit.php or dede/album_add.php, as demonstrated by a dede/album_edit.php?dopost=save&formzip=1 request with a ZIP archive that contains a file such as "1.jpg.php" (because input validation only checks that .jpg, .png, or .gif is present as a substring, and does not otherwise check the file name or content).

7.5
2019-02-15 CVE-2015-4617 Easy2Map Path Traversal vulnerability in Easy2Map Easy2Map-Photos 1.09

Vulnerability in Easy2map-photos WordPress Plugin v1.09 MapPinImageUpload.php and MapPinIconSave.php allows path traversal when specifying file names creating files outside of the upload directory.

7.5
2019-02-15 CVE-2017-1695 IBM Inadequate Encryption Strength vulnerability in IBM Qradar Security Information and Event Manager

IBM QRadar SIEM 7.2 and 7.3 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information.

7.5
2019-02-15 CVE-2019-0266 SAP Information Exposure Through Log Files vulnerability in SAP Hana Extended Application Services 1.0

Under certain conditions SAP HANA Extended Application Services, version 1.0, advanced model (XS advanced) writes credentials of platform users to a trace file of the SAP HANA system.

7.5
2019-02-13 CVE-2019-5910 Housegate Path Traversal vulnerability in Housegate House Gate 1.7.8

Directory traversal vulnerability in HOUSE GATE App for iOS 1.7.8 and earlier allows remote attackers to read arbitrary files via unspecified vectors.

7.5
2019-02-13 CVE-2018-0696 Osstech Weak Password Recovery Mechanism for Forgotten Password vulnerability in Osstech Openam

OpenAM (Open Source Edition) 13.0 and later does not properly manage sessions, which allows remote authenticated attackers to change the security questions and reset the login password via unspecified vectors.

7.5
2019-02-13 CVE-2019-6545 Aveva Unspecified vulnerability in Aveva Indusoft web Studio and Intouch Machine Edition 2014

AVEVA Software, LLC InduSoft Web Studio prior to Version 8.1 SP3 and InTouch Edge HMI (formerly InTouch Machine Edition) prior to Version 2017 Update.

7.5
2019-02-12 CVE-2017-0938 UI Improper Input Validation vulnerability in UI Airos and Edgemax Firmware

Denial of Service attack in airMAX < 8.3.2 , airMAX < 6.0.7 and EdgeMAX < 1.9.7 allow attackers to use the Discovery Protocol in amplification attacks.

7.5
2019-02-12 CVE-2018-5499 Atto Improper Input Validation vulnerability in Atto Fibrebridge 7500N Firmware 2.95

ATTO FibreBridge 7500N firmware version 2.95 is susceptible to a vulnerability which allows attackers to cause a Denial of Service (DoS).

7.5
2019-02-11 CVE-2018-9592 Google Out-of-bounds Read vulnerability in Google Android

In mca_ccb_hdl_rsp of mca_cact.cc in Android-7.0, Android-7.1.1, Android-7.1.2, Android-8.0, Android-8.1 and Android-9, there is a possible out of bounds read due to a missing bounds check.

7.5
2019-02-11 CVE-2018-9591 Google Out-of-bounds Read vulnerability in Google Android

In bta_hh_ctrl_dat_act of bta_hh_act.cc in Android-7.0, Android-7.1.1, Android-7.1.2, Android-8.0, Android-8.1 and Android-9, there is a possible out of bounds read due to a missing bounds check.

7.5
2019-02-11 CVE-2018-9590 Google Out-of-bounds Read vulnerability in Google Android

In add_attr of sdp_discovery.c in Android-7.0, Android-7.1.1, Android-7.1.2, Android-8.0, Android-8.1 and Android-9, there is a possible out of bounds read due to a missing bounds check.

7.5
2019-02-11 CVE-2019-7733 Live555 Integer Overflow or Wraparound vulnerability in Live555 Streaming Media 0.95

In Live555 0.95, there is a buffer overflow via a large integer in a Content-Length HTTP header because handleRequestBytes has an unrestricted memmove.

7.5
2019-02-11 CVE-2019-7732 Live555 Memory Leak vulnerability in Live555 Streaming Media 0.95

In Live555 0.95, a setup packet can cause a memory leak leading to DoS because, when there are multiple instances of a single field (username, realm, nonce, uri, or response), only the last instance can ever be freed.

7.5
2019-02-11 CVE-2018-15588 Freron Authentication Bypass by Spoofing vulnerability in Freron Mailmate

MailMate before 1.11.3 mishandles a suspicious HTML/MIME structure in a signed/encrypted email.

7.5
2019-02-11 CVE-2019-6975 Djangoproject
Canonical
Fedoraproject
Allocation of Resources Without Limits or Throttling vulnerability in multiple products

Django 1.11.x before 1.11.19, 2.0.x before 2.0.11, and 2.1.x before 2.1.6 allows Uncontrolled Memory Consumption via a malicious attacker-supplied value to the django.utils.numberformat.format() function.

7.5
2019-02-11 CVE-2019-7721 Nconsulting Unrestricted Upload of File with Dangerous Type vulnerability in Nconsulting Nc-Cms 3.5

lib/NCCms.class.php in nc-cms 3.5 allows upload of .php files via the index.php?action=save name and editordata parameters.

7.5
2019-02-11 CVE-2018-20776 Frog CMS Project Information Exposure vulnerability in Frog CMS Project Frog CMS 0.9.5

Frog CMS 0.9.5 provides a directory listing for a /public request.

7.5
2019-02-17 CVE-2019-7399 Amazon Origin Validation Error vulnerability in Amazon Fire OS

Amazon Fire OS before 5.3.6.4 allows a man-in-the-middle attack against HTTP requests for "Terms of Use" and Privacy pages.

7.4
2019-02-12 CVE-2018-19018 Omron Access of Uninitialized Pointer vulnerability in Omron Cx-Supervisor

An access of uninitialized pointer vulnerability in CX-Supervisor (Versions 3.42 and prior) could lead to type confusion when processing project files.

7.3
2019-02-11 CVE-2018-9587 Google Files or Directories Accessible to External Parties vulnerability in Google Android

In savePhotoFromUriToUri of ContactPhotoUtils.java in Android-7.0, Android-7.1.1, Android-7.1.2, Android-8.0, Android-8.1 and Android-9, there is possible unauthorized access to files within the contact app due to a confused deputy scenario.

7.3
2019-02-17 CVE-2019-8422 Pbootcms SQL Injection vulnerability in Pbootcms 1.3.2

A SQL Injection vulnerability exists in PbootCMS v1.3.2 via the description parameter in apps\admin\controller\content\ContentController.php.

7.2
2019-02-17 CVE-2019-8421 Bagesoft SQL Injection vulnerability in Bagesoft Bagecms 3.1.0/3.1.3/3.1.4

upload/protected/modules/admini/views/post/index.php in BageCMS through 3.1.4 allows SQL Injection via the title or titleAlias parameter.

7.2
2019-02-12 CVE-2019-6549 Kunbus Insufficiently Protected Credentials vulnerability in Kunbus Pr100088 Modbus Gateway Firmware 1.0.10232/1.1.13166

An attacker could retrieve plain-text credentials stored in a XML file on PR100088 Modbus gateway versions prior to Release R02 (or Software Version 1.1.13166) through FTP.

7.2
2019-02-11 CVE-2018-20775 Frog CMS Project Code Injection vulnerability in Frog CMS Project Frog CMS 0.9.5

admin/?/plugin/file_manager in Frog CMS 0.9.5 allows PHP code execution by creating a new .php file containing PHP code, and then visiting this file under the public/ URI.

7.2
2019-02-11 CVE-2018-20773 Frog CMS Project Code Injection vulnerability in Frog CMS Project Frog CMS 0.9.5

Frog CMS 0.9.5 allows PHP code execution by visiting admin/?/page/edit/1 and inserting additional <?php lines.

7.2
2019-02-11 CVE-2018-20772 Frog CMS Project Code Injection vulnerability in Frog CMS Project Frog CMS 0.9.5

Frog CMS 0.9.5 allows PHP code execution via <?php to the admin/?/layout/edit/1 URI.

7.2
2019-02-12 CVE-2019-1688 Cisco Use of Hard-coded Credentials vulnerability in Cisco Network Assurance Engine 3.0(1)

A vulnerability in the management web interface of Cisco Network Assurance Engine (NAE) could allow an unauthenticated, local attacker to gain unauthorized access or cause a Denial of Service (DoS) condition on the server.

7.1
2019-02-11 CVE-2018-9586 Google Race Condition vulnerability in Google Android

In run of InstallPackageTask.java in Android-7.0, Android-7.1.1, Android-7.1.2, Android-8.0, Android-8.1 and Android-9, it is possible that package verification is turned off and remains off due to a race condition.

7.0

65 Medium Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2019-02-17 CVE-2019-8407 Hongcms Project Path Traversal vulnerability in Hongcms Project Hongcms 3.0.0

HongCMS 3.0.0 allows arbitrary file read and write operations via a ../ in the filename parameter to the admin/index.php/language/edit URI.

6.5
2019-02-17 CVE-2019-8398 Hdfgroup Out-of-bounds Read vulnerability in Hdfgroup Hdf5 1.10.4

An issue was discovered in the HDF HDF5 1.10.4 library.

6.5
2019-02-17 CVE-2019-8397 Hdfgroup Out-of-bounds Read vulnerability in Hdfgroup Hdf5 1.10.4

An issue was discovered in the HDF HDF5 1.10.4 library.

6.5
2019-02-17 CVE-2019-8396 Hdfgroup Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Hdfgroup Hdf5

A buffer overflow in H5O__layout_encode in H5Olayout.c in the HDF HDF5 through 1.10.4 library allows attackers to cause a denial of service via a crafted HDF5 file.

6.5
2019-02-17 CVE-2019-8394 Zohocorp Unrestricted Upload of File with Dangerous Type vulnerability in Zohocorp Manageengine Servicedesk Plus

Zoho ManageEngine ServiceDesk Plus (SDP) before 10.0 build 10012 allows remote attackers to upload arbitrary files via login page customization.

6.5
2019-02-13 CVE-2018-20237 Atlassian Exposure of Resource to Wrong Sphere vulnerability in Atlassian Confluence Server

Atlassian Confluence Server and Data Center before version 6.13.1 allows an authenticated user to download a deleted page via the word export feature.

6.5
2019-02-11 CVE-2018-9594 Google Integer Overflow or Wraparound vulnerability in Google Android

In llcp_link_proc_agf_pdu of llcp_link.cc in Android-7.0, Android-7.1.1, Android-7.1.2, Android-8.0, Android-8.1 and Android-9, there is a possible out of bounds read due to an integer overflow.

6.5
2019-02-11 CVE-2018-9593 Google Out-of-bounds Read vulnerability in Google Android

In llcp_dlc_proc_i_pdu of llcp_dlc.cc in Android-7.0, Android-7.1.1, Android-7.1.2, Android-8.0, Android-8.1 and Android-9, there is a possible out of bounds read due to an incorrect bounds check.

6.5
2019-02-11 CVE-2018-9588 Google Out-of-bounds Read vulnerability in Google Android

In avdt_scb_hdl_report of avdt_scb_act.cc in Android-7.0, Android-7.1.1, Android-7.1.2, Android-8.0, Android-8.1 and Android-9, there is a possible out of bounds read due to a missing bounds check.

6.5
2019-02-11 CVE-2019-7738 C P SUB Project Cross-Site Request Forgery (CSRF) vulnerability in C.P.Sub Project C.P.Sub 5.1/5.2

C.P.Sub before 5.3 allows CSRF via a manage.php?p=article_del&id= URI.

6.5
2019-02-11 CVE-2018-15587 Gnome
Debian
Improper Verification of Cryptographic Signature vulnerability in multiple products

GNOME Evolution through 3.28.2 is prone to OpenPGP signatures being spoofed for arbitrary messages using a specially crafted email that contains a valid signature from the entity to be impersonated as an attachment.

6.5
2019-02-11 CVE-2018-15586 Enigmail Improper Verification of Cryptographic Signature vulnerability in Enigmail

Enigmail before 2.0.6 is prone to to OpenPGP signatures being spoofed for arbitrary messages using a PGP/INLINE signature wrapped within a specially crafted multipart HTML email.

6.5
2019-02-17 CVE-2019-8419 Vnote Project Cross-site Scripting vulnerability in Vnote Project Vnote 2.2

VNote 2.2 has XSS via a new text note.

6.1
2019-02-17 CVE-2016-10742 Zabbix
Debian
Open Redirect vulnerability in multiple products

Zabbix before 2.2.21rc1, 3.x before 3.0.13rc1, 3.1.x and 3.2.x before 3.2.10rc1, and 3.3.x and 3.4.x before 3.4.4rc1 allows open redirect via the request parameter.

6.1
2019-02-17 CVE-2019-8400 ORY Cross-site Scripting vulnerability in ORY Hydra

ORY Hydra before v1.0.0-rc.3+oryOS.9 has Reflected XSS via the oauth2/fallbacks/error error_hint parameter.

6.1
2019-02-16 CVE-2019-8363 Verydows Cross-site Scripting vulnerability in Verydows 2.0

Verydows 2.0 has XSS via the index.php?c=main a parameter, as demonstrated by an a=index[XSS] value.

6.1
2019-02-16 CVE-2019-8361 Responsive Video News Script Project Cross-site Scripting vulnerability in Responsive Video News Script Project Responsive Video News Script

PHP Scripts Mall Responsive Video News Script has XSS via the Search Bar.

6.1
2019-02-15 CVE-2019-0251 SAP Cross-site Scripting vulnerability in SAP Businessobjects 4.2/4.3

The Fiori Launchpad of SAP BusinessObjects, before versions 4.2 and 4.3, does not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting (XSS) vulnerability.

6.1
2019-02-14 CVE-2019-6589 F5 Cross-site Scripting vulnerability in F5 products

On BIG-IP 14.0.0-14.0.0.2, 13.0.0-13.1.1.3, 12.1.0-12.1.3.7, and 11.6.0-11.6.3.2, a reflected Cross Site Scripting (XSS) vulnerability is present in an undisclosed page of the BIG-IP TMUI (Traffic Management User Interface) also known as the BIG-IP configuration utility.

6.1
2019-02-13 CVE-2019-5915 Osstech Open Redirect vulnerability in Osstech Openam

Open redirect vulnerability in OpenAM (Open Source Edition) 13.0 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a specially crafted page.

6.1
2019-02-13 CVE-2018-12409 Tibco Cross-site Scripting vulnerability in Tibco Silver Fabric

The SOAP Admin API component of TIBCO Software Inc.'s TIBCO Silver Fabric contains a vulnerability that may allow reflected cross-site scripting (XSS) attacks.

6.1
2019-02-13 CVE-2019-8335 Schoolcms Cross-site Scripting vulnerability in Schoolcms 2.3.1

An issue was discovered in SchoolCMS 2.3.1.

6.1
2019-02-13 CVE-2019-8334 Schoolcms Cross-site Scripting vulnerability in Schoolcms 2.3.1

An issue was discovered in SchoolCMS 2.3.1.

6.1
2019-02-12 CVE-2019-7744 Joomla Cross-site Scripting vulnerability in Joomla Joomla!

An issue was discovered in Joomla! before 3.9.3.

6.1
2019-02-12 CVE-2019-7742 Joomla Cross-site Scripting vulnerability in Joomla Joomla!

An issue was discovered in Joomla! before 3.9.3.

6.1
2019-02-12 CVE-2019-7741 Joomla Cross-site Scripting vulnerability in Joomla Joomla!

An issue was discovered in Joomla! before 3.9.3.

6.1
2019-02-12 CVE-2019-7740 Joomla Cross-site Scripting vulnerability in Joomla Joomla!

An issue was discovered in Joomla! before 3.9.3.

6.1
2019-02-12 CVE-2019-7739 Joomla Unspecified vulnerability in Joomla Joomla!

An issue was discovered in Joomla! before 3.9.3.

6.1
2019-02-12 CVE-2019-7753 Verydows Cross-site Scripting vulnerability in Verydows 2.0

Verydows 2.0 has XSS via the index.php?m=api&c=stats&a=count referrer parameter.

6.1
2019-02-11 CVE-2019-7748 Dbninja Cross-site Scripting vulnerability in Dbninja 3.2.7

_includes\online.php in DbNinja 3.2.7 allows XSS via the data.php task parameter if _users/admin/tasks.php exists.

6.1
2019-02-11 CVE-2018-20242 Apache Cross-site Scripting vulnerability in Apache Jspwiki

A carefully crafted URL could trigger an XSS vulnerability on Apache JSPWiki, from versions up to 2.10.5, which could lead to session hijacking.

6.1
2019-02-11 CVE-2018-20778 Frog CMS Project Cross-site Scripting vulnerability in Frog CMS Project Frog CMS 0.9.5

admin/?/plugin/file_manager in Frog CMS 0.9.5 allows XSS by creating a new file containing a crafted attribute of an IMG element.

6.1
2019-02-11 CVE-2019-7730 Mywebsql Cross-Site Request Forgery (CSRF) vulnerability in Mywebsql 3.7

MyWebSQL 3.7 has a Cross-site request forgery (CSRF) vulnerability for deleting a database via the /?q=wrkfrm&type=databases URI.

5.7
2019-02-17 CVE-2019-8413 MI NULL Pointer Dereference vulnerability in MI MIX 2 Firmware 4.4.78

On Xiaomi MIX 2 devices with the 4.4.78 kernel, a NULL pointer dereference in the ioctl interface of the device file /dev/elliptic1 or /dev/elliptic0 causes a system crash via IOCTL 0x4008c575 (aka decimal 1074316661).

5.5
2019-02-15 CVE-2019-8357 Sound Exchange Project NULL Pointer Dereference vulnerability in Sound Exchange Project Sound Exchange 14.4.2

An issue was discovered in SoX 14.4.2.

5.5
2019-02-15 CVE-2019-8356 Sound Exchange Project Improper Validation of Array Index vulnerability in Sound Exchange Project Sound Exchange 14.4.2

An issue was discovered in SoX 14.4.2.

5.5
2019-02-15 CVE-2019-8355 Sound Exchange Project Integer Overflow or Wraparound vulnerability in Sound Exchange Project Sound Exchange 14.4.2

An issue was discovered in SoX 14.4.2.

5.5
2019-02-15 CVE-2019-0256 SAP Unspecified vulnerability in SAP Business ONE 1.2.12

Under certain conditions SAP Business One Mobile Android App, version 1.2.12, allows an attacker to access information which would otherwise be restricted.

5.5
2019-02-13 CVE-2019-3610 Mcafee Information Exposure vulnerability in Mcafee True KEY 3.1.9211.0

Data Leakage Attacks vulnerability in Microsoft Windows client in McAfee True Key (TK) 3.1.9211.0 and earlier allows local users to expose confidential data via specially crafted malware.

5.5
2019-02-12 CVE-2019-5595 Freebsd Incomplete Cleanup vulnerability in Freebsd 11.2/12.0

In FreeBSD before 11.2-STABLE(r343782), 11.2-RELEASE-p9, 12.0-STABLE(r343781), and 12.0-RELEASE-p3, kernel callee-save registers are not properly sanitized before return from system calls, potentially allowing some kernel data used in the system call to be exposed.

5.5
2019-02-11 CVE-2018-9589 Google Out-of-bounds Read vulnerability in Google Android

In ieee802_11_rx_wnmsleep_req of wnm_ap.c in Android-7.0, Android-7.1.1, Android-7.1.2, Android-8.0, Android-8.1 and Android-9, there is a possible out of bounds read due to a missing bounds check.

5.5
2019-02-11 CVE-2018-12011 Google Use of Uninitialized Resource vulnerability in Google Android

In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, Uninitialized data for socket address leads to information exposure.

5.5
2019-02-11 CVE-2018-12006 Google Information Exposure vulnerability in Google Android

In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, Users with no extra privileges can potentially access leaked data due to uninitialized padding present in display function.

5.5
2019-02-11 CVE-2018-20587 Bitcoinknots
Bitcoin
Bitcoin Core 0.12.0 through 0.17.1 and Bitcoin Knots 0.12.0 through 0.17.x before 0.17.1.knots20181229 have Incorrect Access Control.
5.5
2019-02-15 CVE-2018-1895 IBM Cross-site Scripting vulnerability in IBM products

IBM InfoSphere Information Server 11.3, 11.5, and 11.7 is vulnerable to cross-site scripting.

5.4
2019-02-15 CVE-2019-0262 SAP Cross-site Scripting vulnerability in SAP Businessobjects BI Platform 4.10/4.20

SAP WebIntelligence BILaunchPad, versions 4.10, 4.20, does not sufficiently encode user-controlled inputs in generated HTML reports, resulting in Cross-Site Scripting (XSS) vulnerability.

5.4
2019-02-15 CVE-2019-0254 SAP Cross-site Scripting vulnerability in SAP Disclosure Management

SAP Disclosure Management (before version 10.1 Stack 1301) does not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting (XSS) vulnerability.

5.4
2019-02-13 CVE-2018-20232 Atlassian Cross-site Scripting vulnerability in Atlassian Jira

The labels widget gadget in Atlassian Jira before version 7.6.11 and from version 7.7.0 before version 7.13.1 allows remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability in the rendering of retrieved content from a url location that could be manipulated by the up_projectid widget preference setting.

5.4
2019-02-13 CVE-2018-13403 Atlassian Cross-site Scripting vulnerability in Atlassian Jira

The two-dimensional filter statistics gadget in Atlassian Jira before version 7.6.10, from version 7.7.0 before version 7.12.4, and from version 7.13.0 before version 7.13.1 allows remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability in the name of a saved filter when displayed on a Jira dashboard.

5.4
2019-02-12 CVE-2019-3923 Tenable Cross-site Scripting vulnerability in Tenable Nessus

Nessus versions 8.2.1 and earlier were found to contain a stored XSS vulnerability due to improper validation of user-supplied input.

5.4
2019-02-11 CVE-2018-20777 Frog CMS Project Cross-site Scripting vulnerability in Frog CMS Project Frog CMS 0.9.5

Frog CMS 0.9.5 has XSS via the admin/?/snippet/edit/1 Body field.

5.4
2019-02-11 CVE-2018-20774 Frog CMS Project Cross-site Scripting vulnerability in Frog CMS Project Frog CMS 0.9.5

Frog CMS 0.9.5 has XSS via the admin/?/layout/edit/1 Body field.

5.4
2019-02-15 CVE-2013-2565 Mambo Foundation Path Traversal vulnerability in Mambo-Foundation Mambo CMS 4.6.5

A vulnerability in Mambo CMS v4.6.5 where the scripts thumbs.php, editorFrame.php, editor.php, images.php, manager.php discloses the root path of the webserver.

5.3
2019-02-13 CVE-2019-8337 Marlam Improper Certificate Validation vulnerability in Marlam Mpop and Msmtp

In msmtp 1.8.2 and mpop 1.4.3, when tls_trust_file has its default configuration, certificate-verification results are not properly checked.

5.3
2019-02-13 CVE-2019-5914 Nttdocomo NULL Pointer Dereference vulnerability in Nttdocomo V20 PRO L-01J Firmware L01J20C/L01J20D

V20 PRO L-01J software version L01J20c and L01J20d has a NULL pointer exception flaw that can be used by an attacker to cause the device to crash on the same network range via a specially crafted access point.

5.3
2019-02-13 CVE-2018-20164 Uaparser Incorrect Regular Expression vulnerability in Uaparser User Agent Parser-Core

An issue was discovered in regex.yaml (aka regexes.yaml) in UA-Parser UAP-Core before 0.6.0.

5.3
2019-02-12 CVE-2019-7550 Jforum Information Exposure Through an Error Message vulnerability in Jforum 2.1.8

In JForum 2.1.8, an unauthenticated, remote attacker can enumerate whether a user exists by using the "create user" function.

5.3
2019-02-11 CVE-2019-6489 Lexmark Unspecified vulnerability in Lexmark products

Certain Lexmark CX, MX, X, XC, XM, XS, and 6500e devices before 2019-02-11 allow remote attackers to erase stored shortcuts.

5.3
2019-02-11 CVE-2018-17542 Hgiga SQL Injection vulnerability in Hgiga Oaklouds Mailsherlock

SQL Injection exists in MailSherlock before 1.5.235 for OAKlouds allows an unauthenticated user to extract the subjects of the emails of other users within the enterprise via the select_mid parameter in an letgo.cgi request.

5.3
2019-02-15 CVE-2019-8354 Sound Exchange Project
Debian
Canonical
Integer Overflow or Wraparound vulnerability in multiple products

An issue was discovered in SoX 14.4.2.

5.0
2019-02-12 CVE-2018-19020 Omron Out-of-bounds Read vulnerability in Omron Cx-Supervisor

When CX-Supervisor (Versions 3.42 and prior) processes project files and tampers with the value of an offset, an attacker can force the application to read a value outside of an array.

5.0
2019-02-17 CVE-2019-8408 Onefilecms Unspecified vulnerability in Onefilecms 3.6.13

OneFileCMS 3.6.13 allows remote attackers to modify onefilecms.php by clicking the Copy button twice.

4.9
2019-02-15 CVE-2019-0265 SAP XXE vulnerability in SAP products

SLD Registration of ABAP Platform allows an attacker to prevent legitimate users from accessing a service, either by crashing or flooding the service.

4.9
2019-02-15 CVE-2019-8345 Estrongs Cleartext Transmission of Sensitive Information vulnerability in Estrongs ES File Explorer File Manager 4.1.9.7.4

The Help feature in the ES File Explorer File Manager application 4.1.9.7.4 for Android allows session hijacking by a Man-in-the-middle attacker on the local network because HTTPS is not used, and an attacker's web site is displayed in a WebView with no information about the URL.

4.2
2019-02-13 CVE-2018-13404 Atlassian Server-Side Request Forgery (SSRF) vulnerability in Atlassian Jira

The VerifyPopServerConnection resource in Atlassian Jira before version 7.6.10, from version 7.7.0 before version 7.7.5, from version 7.8.0 before version 7.8.5, from version 7.9.0 before version 7.9.3, from version 7.10.0 before version 7.10.3, from version 7.11.0 before version 7.11.3, from version 7.12.0 before version 7.12.3, and from version 7.13.0 before version 7.13.1 allows remote attackers who have administrator rights to determine the existence of internal hosts & open ports and in some cases obtain service information from internal network resources via a Server Side Request Forgery (SSRF) vulnerability.

4.1

0 Low Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS