Weekly Vulnerabilities Reports > March 18 to 24, 2019

Overview

313 new vulnerabilities reported during this period, including 20 critical vulnerabilities and 46 high severity vulnerabilities. This weekly summary report vulnerabilities in 420 products from 190 vendors including Fedoraproject, Opensuse, Debian, Netapp, and Microsoft. Vulnerabilities are notably categorized as "Cross-site Scripting", "Path Traversal", "Improper Restriction of Operations within the Bounds of a Memory Buffer", "Improper Input Validation", and "Cross-Site Request Forgery (CSRF)".

  • 258 reported vulnerabilities are remotely exploitables.
  • 36 reported vulnerabilities have public exploit available.
  • 138 reported vulnerabilities are related to weaknesses in OWASP Top Ten.
  • 247 reported vulnerabilities are exploitable by an anonymous user.
  • Fedoraproject has the most reported vulnerabilities, with 22 reported vulnerabilities.
  • Indionetworks has the most reported critical vulnerabilities, with 3 reported vulnerabilities.

TOTAL
VULNERABILITIES
CRITICAL RISK
VULNERABILITIES
HIGH RISK
VULNERABILITIES
MEDIUM RISK
VULNERABILITIES
LOW RISK
VULNERABILITIES
REMOTELY
EXPLOITABLE
LOCALLY
EXPLOITABLE
EXPLOIT
AVAILABLE
EXPLOITABLE
ANONYMOUSLY
AFFECTING
WEB APPLICATION

Vulnerability Details

The following table list reported vulnerabilities for the period covered by this report:

Expand/Hide

20 Critical Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2019-03-23 CVE-2019-9945 Softnas Unspecified vulnerability in Softnas Cloud 4.2.0/4.2.1

SoftNAS Cloud 4.2.0 and 4.2.1 allows remote command execution.

10.0
2019-03-21 CVE-2019-5490 Netapp Insecure Default Initialization of Resource vulnerability in Netapp Service Processor

Certain versions between 2.x to 5.x (refer to advisory) of the NetApp Service Processor firmware were shipped with a default account enabled that could allow unauthorized arbitrary command execution.

10.0
2019-03-21 CVE-2019-6441 Coship Improper Authentication vulnerability in Coship products

An issue was discovered on Shenzhen Coship RT3050 4.0.0.40, RT3052 4.0.0.48, RT7620 10.0.0.49, WM3300 5.0.0.54, and WM3300 5.0.0.55 devices.

10.0
2019-03-21 CVE-2018-4059 Coturn Project Use of Hard-coded Credentials vulnerability in Coturn Project Coturn

An exploitable unsafe default configuration vulnerability exists in the TURN server function of coTURN prior to version 4.5.0.9.

10.0
2019-03-21 CVE-2018-20218 Teracue OS Command Injection vulnerability in Teracue products

An issue was discovered on Teracue ENC-400 devices with firmware 2.56 and below.

10.0
2019-03-21 CVE-2018-19524 Skyworthdigital Improper Input Validation vulnerability in Skyworthdigital products

An issue was discovered on Shenzhen Skyworth DT741 Converged Intelligent Terminal (G/EPON+IPTV) SDOTBGN1, DT721-cb SDOTBGN1, and DT741-cb SDOTBGN1 devices.

10.0
2019-03-21 CVE-2018-19276 Openmrs Deserialization of Untrusted Data vulnerability in Openmrs

OpenMRS before 2.24.0 is affected by an Insecure Object Deserialization vulnerability that allows an unauthenticated user to execute arbitrary commands on the targeted system via crafted XML data in a request body.

10.0
2019-03-21 CVE-2018-18473 Patlite Use of Hard-coded Credentials vulnerability in Patlite products

A hidden backdoor on PATLITE NH-FB Series devices with firmware version 1.45 or earlier, NH-FV Series devices with firmware version 1.10 or earlier, and NBM Series devices with firmware version 1.09 or earlier allow attackers to enable an SSH daemon via the "kankichi" or "kamiyo4" password to the _secret1.htm URI.

10.0
2019-03-21 CVE-2019-3855 Libssh2
Fedoraproject
Debian
Netapp
Redhat
Opensuse
Apple
Oracle
Integer Overflow or Wraparound vulnerability in multiple products

An integer overflow flaw which could lead to an out of bounds write was discovered in libssh2 before 1.8.1 in the way packets are read from the server.

9.3
2019-03-21 CVE-2019-5414 Kill Port Project OS Command Injection vulnerability in Kill-Port Project Kill-Port

If an attacker can control the port, which in itself is a very sensitive value, they can inject arbitrary OS commands due to the usage of the exec function in a third-party module kill-port < 1.3.2.

9.3
2019-03-21 CVE-2018-20219 Teracue Use of Hard-coded Credentials vulnerability in Teracue products

An issue was discovered on Teracue ENC-400 devices with firmware 2.56 and below.

9.3
2019-03-23 CVE-2015-3965 Pfizer Permissions, Privileges, and Access Controls vulnerability in Pfizer Symbiq Infusion System Firmware 3.13

Hospira Symbiq Infusion System 3.13 and earlier allows remote authenticated users to trigger "unanticipated operations" by leveraging "elevated privileges" for an unspecified call to an incorrectly exposed function.

9.0
2019-03-21 CVE-2019-3497 Indionetworks Use of Hard-coded Credentials vulnerability in Indionetworks Unibox Firmware

An issue was discovered on Wifi-soft UniBox controller 0.x through 2.x devices.

9.0
2019-03-21 CVE-2019-3496 Indionetworks Use of Hard-coded Credentials vulnerability in Indionetworks Unibox Firmware

An issue was discovered on Wifi-soft UniBox controller 3.x devices.

9.0
2019-03-21 CVE-2019-3495 Indionetworks Unspecified vulnerability in Indionetworks Unibox Firmware

An issue was discovered on Wifi-soft UniBox controller 0.x through 2.x devices.

9.0
2019-03-21 CVE-2018-20323 Mailcleaner OS Command Injection vulnerability in Mailcleaner 2018.08

www/soap/application/MCSoap/Logs.php in MailCleaner Community Edition 2018.08 allows remote attackers to execute arbitrary OS commands.

9.0
2019-03-21 CVE-2018-20162 Digi Improper Input Validation vulnerability in Digi Transport Lr54 Firmware 4.3.2.24

Digi TransPort LR54 4.4.0.26 and possible earlier devices have Improper Input Validation that allows users with 'super' CLI access privileges to bypass a restricted shell and execute arbitrary commands as root.

9.0
2019-03-21 CVE-2018-19512 ENS Path Traversal vulnerability in ENS Webgalamb 6.0/7.0

In Webgalamb through 7.0, a system/ajax.php "wgmfile restore" directory traversal vulnerability could lead to arbitrary code execution by authenticated administrator users, because PHP files are restored under the document root directory.

9.0
2019-03-21 CVE-2018-15906 Solarwinds Unspecified vulnerability in Solarwinds Serv-U FTP Server 15.1.6

SolarWinds Serv-U FTP Server 15.1.6 allows remote authenticated users to execute arbitrary code by leveraging the Import feature and modifying a CSV file.

9.0
2019-03-21 CVE-2018-10093 Audiocodes Missing Authorization vulnerability in Audiocodes 420Hd IP Phone Firmware 2.2.12.126

AudioCodes IP phone 420HD devices using firmware version 2.2.12.126 allow Remote Code Execution.

9.0

46 High Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2019-03-21 CVE-2018-3963 Getcujo Injection vulnerability in Getcujo Smart Firewall 7003

An exploitable command injection vulnerability exists in the DHCP daemon configuration of the CUJO Smart Firewall.

8.3
2019-03-21 CVE-2018-13798 Siemens Improper Input Validation vulnerability in Siemens products

A vulnerability has been identified in SICAM A8000 CP-8000 (All versions < V14), SICAM A8000 CP-802X (All versions < V14), SICAM A8000 CP-8050 (All versions < V2.00).

7.8
2019-03-21 CVE-2018-16789 Shellinabox Project Infinite Loop vulnerability in Shellinabox Project Shellinabox

libhttp/url.c in shellinabox through 2.20 has an implementation flaw in the HTTP request parsing logic.

7.8
2019-03-21 CVE-2018-11789 Apache Path Traversal vulnerability in Apache Heron

When accessing the heron-ui webpage, people can modify the file paths outside of the current container to access any file on the host.

7.8
2019-03-24 CVE-2019-9960 Limesurvey Path Traversal vulnerability in Limesurvey

The downloadZip function in application/controllers/admin/export.php in LimeSurvey through 3.16.1+190225 allows a relative path.

7.5
2019-03-22 CVE-2019-1716 Cisco Improper Input Validation vulnerability in Cisco products

A vulnerability in the web-based management interface of Session Initiation Protocol (SIP) Software for Cisco IP Phone 7800 Series and Cisco IP Phone 8800 Series could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition or execute arbitrary code.

7.5
2019-03-22 CVE-2019-9927 Caret Improper Input Validation vulnerability in Caret

Caret before 2019-02-22 allows Remote Code Execution.

7.5
2019-03-21 CVE-2019-7537 Pytroll Command Injection vulnerability in Pytroll Donfig 0.3.0

An issue was discovered in Donfig 0.3.0.

7.5
2019-03-21 CVE-2019-7238 Sonatype Unspecified vulnerability in Sonatype Nexus

Sonatype Nexus Repository Manager before 3.15.0 has Incorrect Access Control.

7.5
2019-03-21 CVE-2018-4003 Getcujo Out-of-bounds Write vulnerability in Getcujo Smart Firewall 7003

An exploitable heap overflow vulnerability exists in the mdnscap binary of the CUJO Smart Firewall running firmware 7003.

7.5
2019-03-21 CVE-2018-3985 Getcujo Double Free vulnerability in Getcujo Smart Firewall 7003

An exploitable double free vulnerability exists in the mdnscap binary of the CUJO Smart Firewall.

7.5
2019-03-21 CVE-2019-9898 Putty
Fedoraproject
Debian
Opensuse
Netapp
Use of a Broken or Risky Cryptographic Algorithm vulnerability in multiple products

Potential recycling of random numbers used in cryptography exists within PuTTY before 0.71.

7.5
2019-03-21 CVE-2019-9895 Putty
Opengroup
Fedoraproject
Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products

In PuTTY versions before 0.71 on Unix, a remotely triggerable buffer overflow exists in any kind of server-to-client forwarding.

7.5
2019-03-21 CVE-2019-9893 Libseccomp Project Unspecified vulnerability in Libseccomp Project Libseccomp

libseccomp before 2.4.0 did not correctly generate 64-bit syscall argument comparisons using the arithmetic operators (LT, GT, LE, GE), which might able to lead to bypassing seccomp filters and potential privilege escalations.

7.5
2019-03-21 CVE-2019-9870 Oembed Project Data Processing Errors vulnerability in Oembed Project Oembed

plugin.js in the w8tcha oEmbed plugin before 2019-03-14 for CKEditor mishandles SCRIPT elements.

7.5
2019-03-21 CVE-2019-9083 Sqlitemanager SQL Injection vulnerability in Sqlitemanager 1.20/1.24

SQLiteManager 1.20 and 1.24 allows SQL injection via the /sqlitemanager/main.php dbsel parameter.

7.5
2019-03-21 CVE-2019-6716 Logonbox Authorization Bypass Through User-Controlled Key vulnerability in Logonbox Nervepoint Access Manager 1.2/1.3/1.4

An unauthenticated Insecure Direct Object Reference (IDOR) in Wicket Core in LogonBox Nervepoint Access Manager 2013 through 2017 allows a remote attacker to enumerate internal Active Directory usernames and group names, and alter back-end server jobs (backup and synchronization jobs), which could allow for the possibility of a Denial of Service attack via a modified jobId parameter in a runJob.html GET request.

7.5
2019-03-21 CVE-2019-6714 Blogengine Path Traversal vulnerability in Blogengine Blogengine.Net 3.3.5.0/3.3.6.0

An issue was discovered in BlogEngine.NET through 3.3.6.0.

7.5
2019-03-21 CVE-2019-5722 Portier SQL Injection vulnerability in Portier 4.4.4.2/4.4.4.6

An issue was discovered in portier vision 4.4.4.2 and 4.4.4.6.

7.5
2019-03-21 CVE-2019-5413 Morgan Project Command Injection vulnerability in Morgan Project Morgan

An attacker can use the format parameter to inject arbitrary commands in the npm package morgan < 1.9.1.

7.5
2019-03-21 CVE-2018-20555 Designchemical Information Exposure vulnerability in Designchemical Social Network Tabs 1.7.1

The Design Chemical Social Network Tabs plugin 1.7.1 for WordPress allows remote attackers to discover Twitter access_token, access_token_secret, consumer_key, and consumer_secret values by reading the dcwp_twitter.php source code.

7.5
2019-03-21 CVE-2018-20526 Roxyfileman Unrestricted Upload of File with Dangerous Type vulnerability in Roxyfileman Roxy Fileman 1.4.5

Roxy Fileman 1.4.5 allows unrestricted file upload in upload.php.

7.5
2019-03-21 CVE-2018-19783 Kentix Improper Authentication vulnerability in Kentix Multisensor-Lan Firmware

Kentix MultiSensor-LAN 5.63.00 devices and previous allow Authentication Bypass via an Alternate Path or Channel.

7.5
2019-03-21 CVE-2018-19515 ENS Incorrect Authorization vulnerability in ENS Webgalamb 6.0/7.0

In Webgalamb through 7.0, system/ajax.php functionality is supposed to be available only to the administrator.

7.5
2019-03-21 CVE-2018-19514 ENS Unrestricted Upload of File with Dangerous Type vulnerability in ENS Webgalamb 6.0/7.0

In Webgalamb through 7.0, an arbitrary code execution vulnerability could be exploited remotely without authentication.

7.5
2019-03-21 CVE-2018-19510 ENS SQL Injection vulnerability in ENS Webgalamb 6.0/7.0

subscriber.php in Webgalamb through 7.0 is vulnerable to SQL injection via the Client-IP HTTP request header.

7.5
2019-03-21 CVE-2018-19488 WP Jobhunt Project Weak Password Recovery Mechanism for Forgotten Password vulnerability in Wp-Jobhunt Project Wp-Jobhunt

The WP-jobhunt plugin before version 2.4 for WordPress does not control AJAX requests sent to the cs_reset_pass() function through the admin-ajax.php file, which allows remote unauthenticated attackers to reset the password of a user's account.

7.5
2019-03-21 CVE-2018-18798 School Attendance Monitoring System Project SQL Injection vulnerability in School Attendance Monitoring System Project School Attendance Monitoring System 1.0

Attendance Monitoring System 1.0 has SQL Injection via the 'id' parameter to student/index.php?view=view, event/index.php?view=view, and user/index.php?view=view.

7.5
2019-03-21 CVE-2018-11747 Puppet Improper Certificate Validation vulnerability in Puppet Discovery

Previously, Puppet Discovery was shipped with a default generated TLS certificate in the nginx container.

7.5
2019-03-18 CVE-2018-15509 Five9 Incorrect Permission Assignment for Critical Resource vulnerability in Five9 Agent Desktop Plus 10.0.70

Five9 Agent Desktop Plus 10.0.70 has Incorrect Access Control (issue 2 of 2).

7.5
2019-03-22 CVE-2019-9924 GNU
Debian
Improper Input Validation vulnerability in multiple products

rbash in Bash before 4.4-beta2 did not prevent the shell user from modifying BASH_CMDS, thus allowing the user to execute any command with the permissions of the shell.

7.2
2019-03-21 CVE-2018-3969 Getcujo OS Command Injection vulnerability in Getcujo Smart Firewall 7003

An exploitable vulnerability exists in the verified boot protection of the CUJO Smart Firewall.

7.2
2019-03-21 CVE-2019-7385 Raisecom OS Command Injection vulnerability in Raisecom products

An authenticated shell command injection issue has been discovered in Raisecom ISCOM HT803G-U, HT803G-W, HT803G-1GE, and HT803G GPON products with the firmware version ISCOMHT803G-U_2.0.0_140521_R4.1.47.002 or below, The values of the newpass and confpass parameters in /bin/WebMGR are used in a system call in the firmware.

7.2
2019-03-21 CVE-2019-7384 Raisecom OS Command Injection vulnerability in Raisecom products

An authenticated shell command injection issue has been discovered in Raisecom ISCOM HT803G-U, HT803G-W, HT803G-1GE, and HT803G GPON products with the firmware version ISCOMHT803G-U_2.0.0_140521_R4.1.47.002 or below.

7.2
2019-03-21 CVE-2019-7383 Systrome OS Command Injection vulnerability in Systrome products

An issue was discovered on Systrome Cumilon ISG-600C, ISG-600H, and ISG-800W devices with firmware V1.1-R2.1_TRUNK-20181105.bin.

7.2
2019-03-21 CVE-2019-6724 Barracuda
Apple
Linux
Openbsd
Untrusted Search Path vulnerability in Barracuda VPN Client 5.0/5.0.2.5

The barracudavpn component of the Barracuda VPN Client prior to version 5.0.2.7 for Linux, macOS, and OpenBSD runs as a privileged process and can allow an unprivileged local attacker to load a malicious library, resulting in arbitrary code executing as root.

7.2
2019-03-21 CVE-2019-4094 IBM
Linux
Uncontrolled Search Path Element vulnerability in IBM DB2

IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, and 11.1 binaries load shared libraries from an untrusted path potentially giving low privilege user full access to root by loading a malicious shared library.

7.2
2019-03-21 CVE-2018-20669 Linux Improper Input Validation vulnerability in Linux Kernel

An issue where a provided address with access_ok() is not checked was discovered in i915_gem_execbuffer2_ioctl in drivers/gpu/drm/i915/i915_gem_execbuffer.c in the Linux kernel through 4.19.13.

7.2
2019-03-21 CVE-2018-18435 Kioware Incorrect Permission Assignment for Critical Resource vulnerability in Kioware Server

KioWare Server version 4.9.6 and older installs by default to "C:\kioware_com" with weak folder permissions granting any user full permission "Everyone: (F)" to the contents of the directory and it's sub-folders.

7.2
2019-03-21 CVE-2018-17496 Thresholdsecurity Unspecified vulnerability in Thresholdsecurity Evisitorpass 1.5.5.2

eVisitorPass could allow a local attacker to gain elevated privileges on the system, caused by an error while in kiosk mode.

7.2
2019-03-21 CVE-2018-17495 Thresholdsecurity Unspecified vulnerability in Thresholdsecurity Evisitorpass 1.5.5.2

eVisitorPass could allow a local attacker to gain elevated privileges on the system, caused by an error with the Virtual Keyboard Help Dialog.

7.2
2019-03-21 CVE-2018-17494 Thresholdsecurity Unspecified vulnerability in Thresholdsecurity Evisitorpass 1.5.5.2

eVisitorPass could allow a local attacker to gain elevated privileges on the system, caused by an error with the Virtual Keyboard Start Menu.

7.2
2019-03-21 CVE-2018-17493 Thresholdsecurity Unspecified vulnerability in Thresholdsecurity Evisitorpass 1.5.5.2

eVisitorPass could allow a local attacker to gain elevated privileges on the system, caused by an error with the Fullscreen button.

7.2
2019-03-21 CVE-2018-17491 Hidglobal Missing Authorization vulnerability in Hidglobal Easylobby Solo 11.0.4563

EasyLobby Solo could allow a local attacker to gain elevated privileges on the system.

7.2
2019-03-18 CVE-2019-6149 Lenovo Unquoted Search Path or Element vulnerability in Lenovo Dynamic Power Reduction

An unquoted search path vulnerability was identified in Lenovo Dynamic Power Reduction Utility prior to version 2.2.2.0 that could allow a malicious user with local access to execute code with administrative privileges.

7.2
2019-03-21 CVE-2019-7386 Kaiostech
Nokia
A Denial of Service issue has been discovered in the Gecko component of KaiOS 2.5 10.05 (platform 48.0.a2) on Nokia 8810 4G devices.
7.1

204 Medium Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2019-03-21 CVE-2018-18913 Opera
Microsoft
Untrusted Search Path vulnerability in Opera Browser

Opera before 57.0.3098.106 is vulnerable to a DLL Search Order hijacking attack where an attacker can send a ZIP archive composed of an HTML page along with a malicious DLL to the target.

6.9
2019-03-21 CVE-2018-1992 IBM Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in IBM products

The IBM Power 9 OP910, OP920, and FW910 boot firmware's bootloader is responsible for loading and validating the initial boot firmware image that drives the rest of the system's hardware initialization.

6.9
2019-03-24 CVE-2019-9977 Tesla Improper Input Validation vulnerability in Tesla Model 3 Firmware

The renderer process in the entertainment system on Tesla Model 3 vehicles mishandles JIT compilation, which allows attackers to trigger firmware code execution, and display a crafted message to vehicle occupants.

6.8
2019-03-24 CVE-2019-9969 Xnview
Microsoft
Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Xnview Classic 2.48

XnView Classic 2.48 on Windows allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted file, related to xnview+0x385399.

6.8
2019-03-24 CVE-2019-9968 Xnview
Microsoft
Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Xnview Classic 2.48

XnView Classic 2.48 on Windows allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted file, related to ntdll!RtlQueueWorkItem.

6.8
2019-03-24 CVE-2019-9967 Xnview
Microsoft
Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Xnview Classic 2.48

XnView Classic 2.48 on Windows allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted file, related to ntdll!RtlPrefixUnicodeString.

6.8
2019-03-24 CVE-2019-9966 Xnview
Microsoft
Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Xnview Classic 2.48

XnView Classic 2.48 on Windows allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted file, related to xnview+0x38536c.

6.8
2019-03-24 CVE-2019-9965 Xnview
Microsoft
Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Xnview MP 0.93.1

XnView MP 0.93.1 on Windows allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted file, related to ntdll!RtlReAllocateHeap.

6.8
2019-03-24 CVE-2019-9964 Xnview
Microsoft
Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Xnview MP 0.93.1

XnView MP 0.93.1 on Windows allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted file, related to ntdll!RtlpNtMakeTemporaryKey.

6.8
2019-03-24 CVE-2019-9963 Xnview
Microsoft
Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Xnview MP 0.93.1

XnView MP 0.93.1 on Windows allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted file, related to ntdll!RtlFreeHeap.

6.8
2019-03-24 CVE-2019-9962 Xnview
Microsoft
Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Xnview MP 0.93.1

XnView MP 0.93.1 on Windows allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted file, related to VCRUNTIME140!memcpy.

6.8
2019-03-24 CVE-2019-9956 Imagemagick
Debian
Out-of-bounds Write vulnerability in multiple products

In ImageMagick 7.0.8-35 Q16, there is a stack-based buffer overflow in the function PopHexPixel of coders/ps.c, which allows an attacker to cause a denial of service or code execution via a crafted image file.

6.8
2019-03-22 CVE-2019-1764 Cisco Cross-Site Request Forgery (CSRF) vulnerability in Cisco products

A vulnerability in the web-based management interface of Session Initiation Protocol (SIP) Software for Cisco IP Phone 8800 Series could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack.

6.8
2019-03-21 CVE-2019-7539 Ipycache Project Code Injection vulnerability in Ipycache Project Ipycache 20160531

A code injection issue was discovered in ipycache through 2016-05-31.

6.8
2019-03-21 CVE-2015-6458 Moxa Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Moxa Softcms 1.2/1.3

Moxa SoftCMS 1.3 and prior is susceptible to a buffer overflow condition that may crash or allow remote code execution.

6.8
2019-03-21 CVE-2015-6457 Moxa Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Moxa Softcms 1.2/1.3

Moxa SoftCMS 1.3 and prior is susceptible to a buffer overflow condition that may crash or allow remote code execution.

6.8
2019-03-21 CVE-2019-9878 Pdfalto Project
Xpdfreader
Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products

There is an invalid memory access in the function GfxIndexedColorSpace::mapColorToBase() located in GfxState.cc in Xpdf 4.0.0, as used in pdfalto 0.2.

6.8
2019-03-21 CVE-2019-9877 Xpdfreader Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Xpdfreader Xpdf 4.0.1

There is an invalid memory access vulnerability in the function TextPage::findGaps() located at TextOutputDev.c in Xpdf 4.01, which can (for example) be triggered by sending a crafted pdf file to the pdftops binary.

6.8
2019-03-21 CVE-2019-7433 Rental Bike Script Project Cross-Site Request Forgery (CSRF) vulnerability in Rental Bike Script Project Rental Bike Script 2.0.3

PHP Scripts Mall Rental Bike Script 2.0.3 has Cross-Site Request Forgery (CSRF) via the Edit Profile feature.

6.8
2019-03-21 CVE-2019-7391 Zyxel Cross-Site Request Forgery (CSRF) vulnerability in Zyxel products

ZyXEL VMG3312-B10B DSL-491HNU-B1B v2 devices allow login/login-page.cgi CSRF.

6.8
2019-03-21 CVE-2019-6967 Airties Cross-Site Request Forgery (CSRF) vulnerability in Airties AIR 5341 Firmware 1.0.0.12

AirTies Air5341 1.0.0.12 devices allow cgi-bin/login CSRF.

6.8
2019-03-21 CVE-2019-6731 Foxitsoftware
Microsoft
Improper Input Validation vulnerability in Foxitsoftware Phantompdf and Reader

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit PhantomPDF.

6.8
2019-03-21 CVE-2019-6730 Foxitsoftware Use After Free vulnerability in Foxitsoftware Phantompdf

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader.

6.8
2019-03-21 CVE-2019-6729 Foxitsoftware
Microsoft
Improper Input Validation vulnerability in Foxitsoftware Phantompdf and Reader

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader.

6.8
2019-03-21 CVE-2019-6727 Foxitsoftware Use After Free vulnerability in Foxitsoftware Phantompdf

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader.

6.8
2019-03-21 CVE-2019-6282 Chinamobileltd Cross-Site Request Forgery (CSRF) vulnerability in Chinamobileltd Gpn2.4P21-C-Cn Firmware W2001En00

ChinaMobile PLC Wireless Router GPN2.4P21-C-CN devices with firmware W2001EN-00 have CSRF via the cgi-bin/webproc?getpage=html/index.html subpage=wlsecurity URI, allowing an Attacker to change the Wireless Security Password.

6.8
2019-03-21 CVE-2019-6279 Chinamobileltd Unspecified vulnerability in Chinamobileltd Gpn2.4P21-C-Cn Firmware W2001En00

ChinaMobile PLC Wireless Router GPN2.4P21-C-CN devices with firmware W2001EN-00 have an Incorrect Access Control vulnerability via the cgi-bin/webproc?getpage=html/index.html subpage=wlsecurity URI, allowing an Attacker to change the Wireless Security Password.

6.8
2019-03-21 CVE-2019-6116 Artifex
Fedoraproject
Canonical
Debian
Opensuse
Redhat
In Artifex Ghostscript through 9.26, ephemeral or transient procedures can allow access to system operators, leading to remote code execution.
6.8
2019-03-21 CVE-2019-5729 Splunk Improper Certificate Validation vulnerability in Splunk Software Development KIT

Splunk-SDK-Python before 1.6.6 does not properly verify untrusted TLS server certificates, which could result in man-in-the-middle attacks.

6.8
2019-03-21 CVE-2018-20648 CAR Rental Script Project Cross-Site Request Forgery (CSRF) vulnerability in CAR Rental Script Project CAR Rental Script 2.0.8

PHP Scripts Mall Car Rental Script 2.0.8 has Cross-Site Request Forgery (CSRF) via accountedit.php.

6.8
2019-03-21 CVE-2018-20644 Basic B2B Script Project Cross-Site Request Forgery (CSRF) vulnerability in Basic B2B Script Project Basic B2B Script 2.0.9

PHP Scripts Mall Basic B2B Script 2.0.9 has Cross-Site Request Forgery (CSRF) via the Edit profile feature.

6.8
2019-03-21 CVE-2018-20641 Entrepreneur JOB Portal Script Project Cross-Site Request Forgery (CSRF) vulnerability in Entrepreneur JOB Portal Script Project Entrepreneur JOB Portal Script 3.0.1

PHP Scripts Mall Entrepreneur Job Portal Script 3.0.1 has Cross-Site Request Forgery (CSRF) via the Edit Profile feature.

6.8
2019-03-21 CVE-2018-20633 Advance B2B Script Project Cross-Site Request Forgery (CSRF) vulnerability in Advance B2B Script Project Advance B2B Script 2.1.4

PHP Scripts Mall Advance B2B Script 2.1.4 has Cross-Site Request Forgery (CSRF) via the Edit Profile feature.

6.8
2019-03-21 CVE-2018-18881 Controlbyweb Unspecified vulnerability in Controlbyweb X-320M-I Firmware

A Denial of Service (DOS) issue was discovered in ControlByWeb X-320M-I Web-Enabled Instrumentation-Grade Data Acquisition module 1.05 with firmware revision v1.05.

6.8
2019-03-21 CVE-2018-15498 Ysoft Authentication Bypass by Capture-replay vulnerability in Ysoft Safeq Server Client 6.0.13.1

YSoft SafeQ Server 6 allows a replay attack.

6.8
2019-03-21 CVE-2018-14575 Mybb Cross-Site Request Forgery (CSRF) vulnerability in Mybb Trash BIN 1.1.3

Trash Bin plugin 1.1.3 for MyBB has cross-site scripting (XSS) via a thread subject and a cross-site request forgery (CSRF) via a post subject.

6.8
2019-03-21 CVE-2019-5011 Macpaw Improper Input Validation vulnerability in Macpaw Cleanmymac X 4.20

An exploitable privilege escalation vulnerability exists in the helper service CleanMyMac X, version 4.20, due to improper updating.

6.6
2019-03-24 CVE-2019-10015 Baigo Improper Input Validation vulnerability in Baigo SSO 3.0.1

baigoStudio baigoSSO v3.0.1 allows remote attackers to execute arbitrary PHP code via the first form field of a configuration screen, because this code is written to the BG_SITE_NAME field in the opt_base.inc.php file.

6.5
2019-03-21 CVE-2019-3871 Powerdns
Fedoraproject
Improper Input Validation vulnerability in multiple products

A vulnerability was found in PowerDNS Authoritative Server before 4.0.7 and before 4.1.7.

6.5
2019-03-21 CVE-2019-6491 Risi SQL Injection vulnerability in Risi Gestao DE Horarios 3201.09.08

RISI Gestao de Horarios v3201.09.08 rev.23 allows SQL Injection.

6.5
2019-03-21 CVE-2019-6275 GL Inet Command Injection vulnerability in Gl-Inet Gl-Ar300M-Lite Firmware 2.27

Command injection vulnerability in firmware_cgi in GL.iNet GL-AR300M-Lite devices with firmware 2.27 allows remote attackers to execute arbitrary code.

6.5
2019-03-21 CVE-2019-6274 GL Inet Path Traversal vulnerability in Gl-Inet Gl-Ar300M-Lite Firmware 2.27

Directory traversal vulnerability in storage_cgi in GL.iNet GL-AR300M-Lite devices with firmware 2.27 allows remote attackers to have unspecified impact via directory traversal sequences.

6.5
2019-03-21 CVE-2019-6272 GL Inet Command Injection vulnerability in Gl-Inet Gl-Ar300M-Lite Firmware 2.27

Command injection vulnerability in login_cgi in GL.iNet GL-AR300M-Lite devices with firmware 2.27 allows remote attackers to execute arbitrary code.

6.5
2019-03-21 CVE-2018-20556 Booking Calendar Project SQL Injection vulnerability in Booking Calendar Project Booking Calendar 8.4.3

SQL injection vulnerability in Booking Calendar plugin 8.4.3 for WordPress allows remote attackers to execute arbitrary SQL commands via the booking_id parameter.

6.5
2019-03-21 CVE-2018-20221 Deltek Deserialization of Untrusted Data vulnerability in Deltek Ajera

Secure/SAService.rem in Deltek Ajera Timesheets 9.10.16 and prior are vulnerable to remote code execution via deserialization of untrusted user input from an authenticated user.

6.5
2019-03-21 CVE-2018-18862 BMC Forced Browsing vulnerability in BMC Remedy Action Request System and Remedy Mid-Tier

BMC Remedy Mid-Tier 7.1.00 and 9.1.02.003 for BMC Remedy AR System has Incorrect Access Control in ITAM forms, as demonstrated by TLS%3APLR-Configuration+Details/Default+Admin+View/, AST%3AARServerConnection/Default+Admin+View/, and AR+System+Administration%3A+Server+Information/Default+Admin+View/.

6.5
2019-03-23 CVE-2019-9948 Python
Opensuse
Netapp
Path Traversal vulnerability in multiple products

urllib in Python 2.x through 2.7.16 supports the local_file: scheme, which makes it easier for remote attackers to bypass protection mechanisms that blacklist file: URIs, as demonstrated by triggering a urllib.urlopen('local_file:///etc/passwd') call.

6.4
2019-03-22 CVE-2019-4035 IBM Improper Input Validation vulnerability in IBM Content Navigator 3.0.0

IBM Content Navigator 3.0CD could allow attackers to direct web traffic to a malicious site.

6.4
2019-03-21 CVE-2019-8351 Heimdalsecurity Improper Certificate Validation vulnerability in Heimdalsecurity Thor 2.5.170/2.5.171/2.5.172

Heimdal Thor Agent 2.5.17x before 2.5.173 does not verify X.509 certificates from TLS servers, which allows remote attackers to spoof servers and obtain sensitive information via a crafted certificate.

6.4
2019-03-21 CVE-2019-3858 Libssh2
Fedoraproject
Debian
Netapp
Opensuse
Out-of-bounds Read vulnerability in multiple products

An out of bounds read flaw was discovered in libssh2 before 1.8.1 when a specially crafted SFTP packet is received from the server.

6.4
2019-03-21 CVE-2019-9894 Putty
Fedoraproject
Debian
Netapp
Opensuse
Key Management Errors vulnerability in multiple products

A remotely triggerable memory overwrite in RSA key exchange in PuTTY before 0.71 can occur before host key verification.

6.4
2019-03-21 CVE-2019-3862 Libssh2
Fedoraproject
Debian
Netapp
Opensuse
Out-of-bounds Read vulnerability in multiple products

An out of bounds read flaw was discovered in libssh2 before 1.8.1 in the way SSH_MSG_CHANNEL_REQUEST packets with an exit status message and no payload are parsed.

6.4
2019-03-21 CVE-2019-3859 Libssh2
Fedoraproject
Debian
Netapp
Opensuse
Out-of-bounds Read vulnerability in multiple products

An out of bounds read flaw was discovered in libssh2 before 1.8.1 in the _libssh2_packet_require and _libssh2_packet_requirev functions.

6.4
2019-03-21 CVE-2018-15818 Reputeinfosystems Improper Input Validation vulnerability in Reputeinfosystems Repute Arforms 3.5.1

An issue was discovered in Repute ARForms 3.5.1 and prior.

6.4
2019-03-21 CVE-2019-7439 JIO Unspecified vulnerability in JIO Jiofi 4G M2S Firmware 1.0.2

cgi-bin/qcmap_web_cgi on JioFi 4G M2S 1.0.2 devices allows a DoS (Hang) via the mask POST parameter.

6.1
2019-03-21 CVE-2019-6970 Moodle Server-Side Request Forgery (SSRF) vulnerability in Moodle

Moodle 3.5.x before 3.5.4 allows SSRF.

6.0
2019-03-22 CVE-2019-9939 Ushareit Unspecified vulnerability in Ushareit Shareit 4.0.34

The SHAREit application before 4.0.36 for Android allows a remote attacker (on the same network or joining public "open" Wi-Fi hotspots created by the application when file transfer is initiated) to bypass authentication by trying to fetch a non-existing page.

5.8
2019-03-22 CVE-2019-9915 GET Simple Open Redirect vulnerability in Get-Simple. Getsimplecms 3.3.13

GetSimpleCMS 3.3.13 has an Open Redirect via the admin/index.php redirect parameter.

5.8
2019-03-21 CVE-2019-9837 Openid Open Redirect vulnerability in Openid Connect

Doorkeeper::OpenidConnect (aka the OpenID Connect extension for Doorkeeper) 1.4.x and 1.5.x before 1.5.4 has an open redirect via the redirect_uri field in an OAuth authorization request (that results in an error response) with the 'openid' scope and a prompt=none value.

5.8
2019-03-21 CVE-2018-17996 Layerbb Cross-Site Request Forgery (CSRF) vulnerability in Layerbb 1.1.2

LayerBB before 1.1.3 allows CSRF for adding a user via admin/new_user.php, deleting a user via admin/members.php/delete_user/, and deleting content via mod/delete.php/.

5.8
2019-03-21 CVE-2018-14745 Samsung Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Samsung Galaxy S6 Firmware G920Fxxu5Eqh7

Buffer overflow in prot_get_ring_space in the bcmdhd4358 Wi-Fi driver on the Samsung Galaxy S6 SM-G920F G920FXXU5EQH7 allows an attacker (who has obtained code execution on the Wi-Fi chip) to overwrite kernel memory due to improper validation of the ring buffer read pointer.

5.8
2019-03-21 CVE-2018-11767 Apache Improper Privilege Management vulnerability in Apache Hadoop

In Apache Hadoop 2.9.0 to 2.9.1, 2.8.3 to 2.8.4, 2.7.5 to 2.7.6, KMS blocking users or granting access to users incorrectly, if the system uses non-default groups mapping mechanisms.

5.8
2019-03-21 CVE-2015-6461 Schneider Electric Improper Input Validation vulnerability in Schneider-Electric products

Remote file inclusion allows an attacker to craft a specific URL referencing the Schneider Electric Modicon BMXNOC0401, BMXNOE0100, BMXNOE0110, BMXNOE0110H, BMXNOR0200H, BMXP342020, BMXP342020H, BMXP342030, BMXP3420302, BMXP3420302H, or BMXP342030H PLC web server, which, when launched, will result in the browser redirecting to a remote file via a Java script loaded with the web page.

5.5
2019-03-21 CVE-2017-16255 Insteon Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Insteon HUB Firmware 1012

An exploitable buffer overflow vulnerability exists in the PubNub message handler Insteon Hub 2245-222 - Firmware version 1012.

5.5
2019-03-21 CVE-2017-16254 Insteon Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Insteon HUB Firmware 1012

An exploitable buffer overflow vulnerability exists in the PubNub message handler Insteon Hub 2245-222 - Firmware version 1012.

5.5
2019-03-21 CVE-2017-16253 Insteon Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Insteon HUB Firmware 1012

An exploitable buffer overflow vulnerability exists in the PubNub message handler Insteon Hub 2245-222 - Firmware version 1012 for the cc channel of Insteon Hub running firmware version 1012.

5.5
2019-03-21 CVE-2018-13103 Open Xchange Server-Side Request Forgery (SSRF) vulnerability in Open-Xchange Appsuite

OX App Suite 7.8.4 and earlier allows SSRF.

5.5
2019-03-21 CVE-2018-12023 Fasterxml
Debian
Fedoraproject
Oracle
Redhat
Deserialization of Untrusted Data vulnerability in multiple products

An issue was discovered in FasterXML jackson-databind prior to 2.7.9.4, 2.8.11.2, and 2.9.6.

5.1
2019-03-21 CVE-2018-12022 Fasterxml
Debian
Fedoraproject
Oracle
Redhat
Deserialization of Untrusted Data vulnerability in multiple products

An issue was discovered in FasterXML jackson-databind prior to 2.7.9.4, 2.8.11.2, and 2.9.6.

5.1
2019-03-23 CVE-2016-10743 W1 FI Insufficient Entropy in PRNG vulnerability in W1.Fi Hostapd

hostapd before 2.6 does not prevent use of the low-quality PRNG that is reached by an os_random() function call.

5.0
2019-03-22 CVE-2019-9649 Coreftp Path Traversal vulnerability in Coreftp Core FTP 2.0

An issue was discovered in the SFTP Server component in Core FTP 2.0 Build 674.

5.0
2019-03-22 CVE-2019-1766 Cisco Improper Input Validation vulnerability in Cisco IP Phone 8800 Firmware

A vulnerability in the web-based management interface of Session Initiation Protocol (SIP) Software for Cisco IP Phone 8800 Series could allow an unauthenticated, remote attacker to cause high disk utilization, resulting in a denial of service (DoS) condition.

5.0
2019-03-22 CVE-2019-1763 Cisco Improper Access Control vulnerability in Cisco products

A vulnerability in the web-based management interface of Session Initiation Protocol (SIP) Software for Cisco IP Phone 8800 Series could allow an unauthenticated, remote attacker to bypass authorization, access critical services, and cause a denial of service (DoS) condition.

5.0
2019-03-22 CVE-2019-9648 Coreftp Path Traversal vulnerability in Coreftp Core FTP 2.0

An issue was discovered in the SFTP Server component in Core FTP 2.0 Build 674.

5.0
2019-03-22 CVE-2019-4052 IBM Unspecified vulnerability in IBM API Connect

IBM API Connect 2018.1 and 2018.4.1.2 apis can be leveraged by unauthenticated users to discover login ids of registered users.

5.0
2019-03-22 CVE-2019-9937 Sqlite NULL Pointer Dereference vulnerability in Sqlite 3.27.2

In SQLite 3.27.2, interleaving reads and writes in a single transaction with an fts5 virtual table will lead to a NULL Pointer Dereference in fts5ChunkIterate in sqlite3.c.

5.0
2019-03-22 CVE-2019-9936 Sqlite Out-of-bounds Read vulnerability in Sqlite 3.27.2

In SQLite 3.27.2, running fts5 prefix queries inside a transaction could trigger a heap-based buffer over-read in fts5HashEntrySort in sqlite3.c, which may lead to an information leak.

5.0
2019-03-22 CVE-2019-9923 GNU
Opensuse
NULL Pointer Dereference vulnerability in multiple products

pax_decode_header in sparse.c in GNU Tar before 1.32 had a NULL pointer dereference when parsing certain archives that have malformed extended headers.

5.0
2019-03-21 CVE-2018-20034 Flexera Improper Input Validation vulnerability in Flexera Flexnet Publisher

A Denial of Service vulnerability related to adding an item to a list in lmgrd and vendor daemon components of FlexNet Publisher version 11.16.1.0 and earlier allows a remote attacker to send a combination of messages to lmgrd or the vendor daemon, causing the heartbeat between lmgrd and the vendor daemon to stop, and the vendor daemon to shut down.

5.0
2019-03-21 CVE-2018-20032 Flexera Improper Input Validation vulnerability in Flexera Flexnet Publisher

A Denial of Service vulnerability related to message decoding in lmgrd and vendor daemon components of FlexNet Publisher version 11.16.1.0 and earlier allows a remote attacker to send a combination of messages to lmgrd or the vendor daemon, causing the heartbeat between lmgrd and the vendor daemon to stop, and the vendor daemon to shut down.

5.0
2019-03-21 CVE-2018-20031 Flexera Improper Input Validation vulnerability in Flexera Flexnet Publisher

A Denial of Service vulnerability related to preemptive item deletion in lmgrd and vendor daemon components of FlexNet Publisher version 11.16.1.0 and earlier allows a remote attacker to send a combination of messages to lmgrd or the vendor daemon, causing the heartbeat between lmgrd and the vendor daemon to stop, and the vendor daemon to shut down.

5.0
2019-03-21 CVE-2018-4030 Getcujo HTTP Request Smuggling vulnerability in Getcujo Smart Firewall 7003

An exploitable vulnerability exists the safe browsing function of the CUJO Smart Firewall, version 7003.

5.0
2019-03-21 CVE-2018-4011 Getcujo Integer Underflow (Wrap or Wraparound) vulnerability in Getcujo Smart Firewall 7003

An exploitable integer underflow vulnerability exists in the mdnscap binary of the CUJO Smart Firewall, version 7003.

5.0
2019-03-21 CVE-2019-9897 Putty
Fedoraproject
Debian
Netapp
Opensuse
Improper Input Validation vulnerability in multiple products

Multiple denial-of-service attacks that can be triggered by writing to the terminal exist in PuTTY versions before 0.71.

5.0
2019-03-21 CVE-2019-7435 Opensource Classified ADS Script Project Cross-site Scripting vulnerability in Opensource Classified ADS Script Project Opensource Classified ADS Script 3.2.2

PHP Scripts Mall Opensource Classified Ads Script 3.2.2 has reflected HTML injection via the Search Form.

5.0
2019-03-21 CVE-2019-7430 Image Sharing Script Project Cross-site Scripting vulnerability in Image Sharing Script Project Image Sharing Script 1.3.4

PHP Scripts Mall Image Sharing Script 1.3.4 has HTML injection via the Search Bar.

5.0
2019-03-21 CVE-2019-7161 Zohocorp Inadequate Encryption Strength vulnerability in Zohocorp Manageengine Adselfservice Plus

An issue was discovered in Zoho ManageEngine ADSelfService Plus 5.x through build 5704.

5.0
2019-03-21 CVE-2019-6973 Genivia
Sricam
Unspecified vulnerability in Genivia Gsoap 2.8.0

Sricam IP CCTV cameras are vulnerable to denial of service via multiple incomplete HTTP requests because the web server (based on gSOAP 2.8.x) is configured for an iterative queueing approach (aka non-threaded operation) with a timeout of several seconds.

5.0
2019-03-21 CVE-2019-6690 Python
Debian
Opensuse
Suse
Canonical
Improper Input Validation vulnerability in multiple products

python-gnupg 0.4.3 allows context-dependent attackers to trick gnupg to decrypt other ciphertext than intended.

5.0
2019-03-21 CVE-2019-5885 Matrix
Fedoraproject
Key Management Errors vulnerability in multiple products

Matrix Synapse before 0.34.0.1, when the macaroon_secret_key authentication parameter is not set, uses a predictable value to derive a secret key and other secrets which could allow remote attackers to impersonate users.

5.0
2019-03-21 CVE-2019-5723 Portier Inadequate Encryption Strength vulnerability in Portier 4.4.4.2/4.4.4.6

An issue was discovered in portier vision 4.4.4.2 and 4.4.4.6.

5.0
2019-03-21 CVE-2019-5417 Zeit Path Traversal vulnerability in Zeit Serve

A path traversal vulnerability in serve npm package version 7.0.1 allows the attackers to read content of arbitrary files on the remote server.

5.0
2019-03-21 CVE-2019-5416 Localhost NOW Project Path Traversal vulnerability in Localhost-Now Project Localhost-Now 1.0.2

A path traversal vulnerability in localhost-now npm package version 1.0.2 allows the attackers to read content of arbitrary files on the remote server.

5.0
2019-03-21 CVE-2019-5415 Zeit Improper Privilege Management vulnerability in Zeit Serve 6.5.3

A bug in handling the ignore files and directories feature in serve 6.5.3 allows an attacker to read a file or list the directory that the victim has not allowed access to.

5.0
2019-03-21 CVE-2018-6517 Puppet Improper Certificate Validation vulnerability in Puppet Chloride

Prior to version 0.3.0, chloride's use of net-ssh resulted in host fingerprints for previously unknown hosts getting added to the user's known_hosts file without confirmation.

5.0
2019-03-21 CVE-2018-20631 Website Seller Script Project Path Traversal vulnerability in Website Seller Script Project Website Seller Script 2.0.5

PHP Scripts Mall Website Seller Script 2.0.5 allows full Path Disclosure via a request for an arbitrary image URL such as a .png file.

5.0
2019-03-21 CVE-2018-20630 Advance Crowdfunding Script Project Path Traversal vulnerability in Advance Crowdfunding Script Project Advance Crowdfunding Script 2.0.3

PHP Scripts Mall Advance Crowdfunding Script 2.0.3 has directory traversal via a direct request for a listing of an uploads directory such as the wp-content/uploads/2018/12 directory.

5.0
2019-03-21 CVE-2018-20629 Charity Donation Script Project Path Traversal vulnerability in Charity Donation Script Project Charity Donation Script

PHP Scripts Mall Charity Donation Script readymadeb2bscript has directory traversal via a direct request for a listing of an uploads directory such as the wp-content/uploads/2018/12 directory.

5.0
2019-03-21 CVE-2018-20628 Charity Foundation Script Project Path Traversal vulnerability in Charity Foundation Script Project Charity Foundation Script

PHP Scripts Mall Charity Foundation Script 1 through 3 allows directory traversal via a direct request for a listing of an uploads directory such as the wp-content/uploads/2018/12 directory.

5.0
2019-03-21 CVE-2018-20615 Haproxy
Opensuse
Canonical
Redhat
Out-of-bounds Read vulnerability in multiple products

An out-of-bounds read issue was discovered in the HTTP/2 protocol decoder in HAProxy 1.8.x and 1.9.x through 1.9.0 which can result in a crash.

5.0
2019-03-21 CVE-2018-20525 Roxyfileman Path Traversal vulnerability in Roxyfileman Roxy Fileman 1.4.5

Roxy Fileman 1.4.5 allows Directory Traversal in copydir.php, copyfile.php, and fileslist.php.

5.0
2019-03-21 CVE-2018-20220 Teracue Missing Authentication for Critical Function vulnerability in Teracue products

An issue was discovered on Teracue ENC-400 devices with firmware 2.56 and below.

5.0
2019-03-21 CVE-2018-19513 ENS Information Exposure Through Log Files vulnerability in ENS Webgalamb 6.0/7.0

In Webgalamb through 7.0, log files are exposed to the internet with predictable files/logs/sql_error_log/YYYY-MM-DD-sql_error_log.log filenames.

5.0
2019-03-21 CVE-2018-19487 WP Jobhunt Project Information Exposure vulnerability in Wp-Jobhunt Project Wp-Jobhunt

The WP-jobhunt plugin before version 2.4 for WordPress does not control AJAX requests sent to the cs_employer_ajax_profile() function through the admin-ajax.php file, which allows remote unauthenticated attackers to enumerate information about users.

5.0
2019-03-21 CVE-2018-19365 Wowza Path Traversal vulnerability in Wowza Streaming Engine 4.7.4.0.1

The REST API in Wowza Streaming Engine 4.7.4.01 allows traversal of the directory structure and retrieval of a file via a remote, specifically crafted HTTP request.

5.0
2019-03-21 CVE-2018-19158 Colossusxt Resource Exhaustion vulnerability in Colossusxt Colossuscoinxt

ColossusCoinXT through 1.0.5 (a chain-based proof-of-stake cryptocurrency) allows a remote denial of service, exploitable by an attacker who acquires even a small amount of stake/coins in the system.

5.0
2019-03-21 CVE-2018-18898 Bestpractical
Fedoraproject
Resource Exhaustion vulnerability in multiple products

The email-ingestion feature in Best Practical Request Tracker 4.1.13 through 4.4 allows denial of service by remote attackers via an algorithmic complexity attack on email address parsing.

5.0
2019-03-21 CVE-2018-15508 Five9 Incorrect Permission Assignment for Critical Resource vulnerability in Five9 Agent Desktop Plus 10.0.70

Five9 Agent Desktop Plus 10.0.70 has Incorrect Access Control allowing a remote attackers to cause a denial of service via opening a connection on port 8083 to a device running the Five9 SoftPhone(issue 1 of 2).

5.0
2019-03-21 CVE-2017-2659 Dropbear SSH Project Improper Authentication vulnerability in Dropbear SSH Project Dropbear SSH

It was found that dropbear before version 2013.59 with GSSAPI leaks whether given username is valid or invalid.

5.0
2019-03-21 CVE-2017-16232 Libtiff
Opensuse
Suse
Missing Release of Resource after Effective Lifetime vulnerability in multiple products

** DISPUTED ** LibTIFF 4.0.8 has multiple memory leak vulnerabilities, which allow attackers to cause a denial of service (memory consumption), as demonstrated by tif_open.c, tif_lzw.c, and tif_aux.c.

5.0
2019-03-21 CVE-2016-9166 Microfocus Permissions, Privileges, and Access Controls vulnerability in Microfocus Netiq Edirectory 9.0

NetIQ eDirectory versions prior to 9.0.2, under some circumstances, could be susceptible to downgrade of communication security.

5.0
2019-03-21 CVE-2016-5800 Fatek Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Fatek Automation FV Designer and Automation PM Designer V3

A malicious attacker can trigger a remote buffer overflow in the Communication Server in Fatek Automation PM Designer V3 Version 2.1.2.2, and Automation FV Designer Version 1.2.8.0.

5.0
2019-03-21 CVE-2019-9857 Linux Memory Leak vulnerability in Linux Kernel

In the Linux kernel through 5.0.2, the function inotify_update_existing_watch() in fs/notify/inotify/inotify_user.c neglects to call fsnotify_put_mark() with IN_MASK_CREATE after fsnotify_find_mark(), which will cause a memory leak (aka refcount leak).

4.9
2019-03-21 CVE-2019-6454 Freedesktop
Opensuse
Netapp
Debian
Fedoraproject
Canonical
Redhat
Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products

An issue was discovered in sd-bus in systemd 239.

4.9
2019-03-21 CVE-2019-9896 Putty Improper Input Validation vulnerability in Putty

In PuTTY versions before 0.71 on Windows, local attackers could hijack the application by putting a malicious help file in the same directory as the executable.

4.6
2019-03-21 CVE-2019-7221 Linux
Opensuse
Fedoraproject
Debian
Canonical
Netapp
Redhat
Use After Free vulnerability in multiple products

The KVM implementation in the Linux kernel through 4.20.5 has a Use-after-Free.

4.6
2019-03-21 CVE-2019-6778 Qemu
Opensuse
Fedoraproject
Canonical
Out-of-bounds Write vulnerability in multiple products

In QEMU 3.0.0, tcp_emu in slirp/tcp_subr.c has a heap-based buffer overflow.

4.6
2019-03-21 CVE-2018-20340 Yubico
Debian
Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products

Yubico libu2f-host 1.1.6 contains unchecked buffers in devs.c, which could enable a malicious token to exploit a buffer overflow.

4.6
2019-03-21 CVE-2018-17488 Jollytech Unspecified vulnerability in Jollytech Lobby Track 8.2.186

Lobby Track Desktop could allow a local attacker to gain elevated privileges on the system, caused by an error in the printer dialog.

4.6
2019-03-21 CVE-2018-17487 Jollytech Unspecified vulnerability in Jollytech Lobby Track 8.2.186

Lobby Track Desktop could allow a local attacker to gain elevated privileges on the system, caused by an error in the printer dialog.

4.6
2019-03-21 CVE-2018-3968 Denx Improper Verification of Cryptographic Signature vulnerability in Denx U-Boot

An exploitable vulnerability exists in the verified boot protection of the Das U-Boot from version 2013.07-rc1 to 2014.07-rc2.

4.4
2019-03-24 CVE-2019-10010 Thephpleague Cross-site Scripting vulnerability in Thephpleague Commonmark

Cross-site scripting (XSS) vulnerability in the PHP League CommonMark library before 0.18.3 allows remote attackers to insert unsafe links into HTML by using double-encoded HTML entities that are not properly escaped during rendering, a different vulnerability than CVE-2018-20583.

4.3
2019-03-24 CVE-2019-9978 Warfareplugins Cross-site Scripting vulnerability in Warfareplugins Social Warfare and Social Warfare PRO

The social-warfare plugin before 3.5.3 for WordPress has stored XSS via the wp-admin/admin-post.php?swp_debug=load_options swp_url parameter, as exploited in the wild in March 2019.

4.3
2019-03-24 CVE-2019-9970 Signal Improper Input Validation vulnerability in Signal Signal-Desktop

Open Whisper Signal (aka Signal-Desktop) through 1.23.1 and the Signal Private Messenger application through 4.35.3 for Android are vulnerable to an IDN homograph attack when displaying messages containing URLs.

4.3
2019-03-23 CVE-2019-9947 Python CRLF Injection vulnerability in Python

An issue was discovered in urllib2 in Python 2.x through 2.7.16 and urllib in Python 3.x through 3.7.3.

4.3
2019-03-23 CVE-2019-9942 Symfony Information Exposure vulnerability in Symfony Twig

A sandbox information disclosure exists in Twig before 1.38.0 and 2.x before 2.7.0 because, under some circumstances, it is possible to call the __toString() method on an object even if not allowed by the security policy in place.

4.3
2019-03-22 CVE-2018-20165 Opentext Cross-site Scripting vulnerability in Opentext Portal 7.4.4

Cross-site scripting (XSS) vulnerability in OpenText Portal 7.4.4 allows remote attackers to inject arbitrary web script or HTML via the vgnextoid parameter to a menuitem URI.

4.3
2019-03-22 CVE-2019-9925 S CMS Cross-site Scripting vulnerability in S-Cms 1.0

S-CMS PHP v1.0 has XSS in 4.edu.php via the S_id parameter.

4.3
2019-03-22 CVE-2019-9914 YOP Poll Cross-site Scripting vulnerability in Yop-Poll

The yop-poll plugin before 6.0.3 for WordPress has wp-admin/admin.php?page=yop-polls&action=view-votes poll_id XSS.

4.3
2019-03-22 CVE-2019-9913 WP Livechat Cross-site Scripting vulnerability in Wp-Livechat WP Live Chat Support

The wp-live-chat-support plugin before 8.0.18 for WordPress has wp-admin/admin.php?page=wplivechat-menu-gdpr-page term XSS.

4.3
2019-03-22 CVE-2019-9912 Wpgmaps Cross-site Scripting vulnerability in Wpgmaps WP Google Maps

The wp-google-maps plugin before 7.10.43 for WordPress has XSS via the wp-admin/admin.php PATH_INFO.

4.3
2019-03-22 CVE-2019-9911 Nextscripts Cross-site Scripting vulnerability in Nextscripts Social Networks Auto-Poster

The social-networks-auto-poster-facebook-twitter-g plugin before 4.2.8 for WordPress has wp-admin/admin.php?page=nxssnap-reposter&action=edit item XSS.

4.3
2019-03-22 CVE-2019-9910 King Theme Cross-site Scripting vulnerability in King-Theme Kingcomposer 2.7.6

The kingcomposer plugin 2.7.6 for WordPress has wp-admin/admin.php?page=kc-mapper id XSS.

4.3
2019-03-22 CVE-2019-9909 Givewp Cross-site Scripting vulnerability in Givewp Give

The "Donation Plugin and Fundraising Platform" plugin before 2.3.1 for WordPress has wp-admin/edit.php csv XSS.

4.3
2019-03-22 CVE-2019-9908 Hivewebstudios Cross-site Scripting vulnerability in Hivewebstudios Font Organizer 2.1.1

The font-organizer plugin 2.1.1 for WordPress has wp-admin/options-general.php manage_font_id XSS.

4.3
2019-03-21 CVE-2019-9904 Graphviz Uncontrolled Recursion vulnerability in Graphviz 2.40.1

An issue was discovered in lib\cdt\dttree.c in libcdt.a in graphviz 2.40.1.

4.3
2019-03-21 CVE-2019-9903 Freedesktop
Fedoraproject
Out-of-bounds Write vulnerability in multiple products

PDFDoc::markObject in PDFDoc.cc in Poppler 0.74.0 mishandles dict marking, leading to stack consumption in the function Dict::find() located at Dict.cc, which can (for example) be triggered by passing a crafted pdf file to the pdfunite binary.

4.3
2019-03-21 CVE-2019-8997 Blackberry XXE vulnerability in Blackberry Athoc

An XML External Entity Injection (XXE) vulnerability in the Management System (console) of BlackBerry AtHoc versions earlier than 7.6 HF-567 could allow an attacker to potentially read arbitrary local files from the application server or make requests on the network by entering maliciously crafted XML in an existing field.

4.3
2019-03-21 CVE-2019-9094 Humhub Cross-site Scripting vulnerability in Humhub 1.3.10

A Reflected Cross Site Scripting (XSS) Vulnerability was discovered in /s/adada/cfiles/upload in Humhub 1.3.10 Community Edition.

4.3
2019-03-21 CVE-2019-9093 Humhub Cross-site Scripting vulnerability in Humhub 1.3.10

A Reflected Cross Site Scripting (XSS) Vulnerability was discovered in file/file/upload in Humhub 1.3.10 Community Edition.

4.3
2019-03-21 CVE-2019-8938 Vertrigoserv Project Cross-site Scripting vulnerability in Vertrigoserv Project Vertrigoserv 2.17

VertrigoServ 2.17 allows XSS via the /inc/extensions.php ext parameter.

4.3
2019-03-21 CVE-2019-7440 JIO Cross-Site Request Forgery (CSRF) vulnerability in JIO Jiofi 4G M2S Firmware 1.0.2

JioFi 4G M2S 1.0.2 devices have CSRF via the SSID name and Security Key field under Edit Wi-Fi Settings (aka a SetWiFi_Setting request to cgi-bin/qcmap_web_cgi).

4.3
2019-03-21 CVE-2019-7438 JIO Cross-site Scripting vulnerability in JIO Jiofi 4G M2S Firmware 1.0.2

cgi-bin/qcmap_web_cgi on JioFi 4G M2S 1.0.2 devices has XSS and HTML injection via the mask POST parameter.

4.3
2019-03-21 CVE-2019-7437 Opensource Classified ADS Script Project Cross-site Scripting vulnerability in Opensource Classified ADS Script Project Opensource Classified ADS Script 3.2.2

PHP Scripts Mall Opensource Classified Ads Script 3.2.2 has reflected Cross-Site Scripting (XSS) via the Search field.

4.3
2019-03-21 CVE-2019-7425 Zohocorp Cross-site Scripting vulnerability in Zohocorp Manageengine Netflow Analyzer 7.0.0.2

XSS exists in Zoho ManageEngine Netflow Analyzer Professional v7.0.0.2 in the Administration zone "/netflow/jspui/linkdownalertConfig.jsp" file in the task parameter.

4.3
2019-03-21 CVE-2019-7424 Zohocorp Cross-site Scripting vulnerability in Zohocorp Manageengine Netflow Analyzer 7.0.0.2

XSS exists in Zoho ManageEngine Netflow Analyzer Professional v7.0.0.2 in the Administration zone "/netflow/jspui/index.jsp" file in the view GET parameter or any of these POST parameters: autorefTime, section, snapshot, viewOpt, viewAll, view, or groupSelName.

4.3
2019-03-21 CVE-2019-7423 Zohocorp Cross-site Scripting vulnerability in Zohocorp Manageengine Netflow Analyzer 7.0.0.2

XSS exists in Zoho ManageEngine Netflow Analyzer Professional v7.0.0.2 in the Administration zone "/netflow/jspui/editProfile.jsp" file in the userName parameter.

4.3
2019-03-21 CVE-2019-7422 Zohocorp Cross-site Scripting vulnerability in Zohocorp Manageengine Netflow Analyzer 7.0.0.2

XSS exists in Zoho ManageEngine Netflow Analyzer Professional v7.0.0.2 in the Administration zone "/netflow/jspui/addMailSettings.jsp" file in the gF parameter.

4.3
2019-03-21 CVE-2019-7421 Samsung Cross-site Scripting vulnerability in Samsung Syncthru web Service and X7400Gx Firmware

XSS exists in SAMSUNG X7400GX SyncThru Web Service V6.A6.25 V11.01.05.25_08-21-2015 in "/sws.login/gnb/loginView.sws" in multiple parameters: contextpath and basedURL.

4.3
2019-03-21 CVE-2019-7420 Samsung Cross-site Scripting vulnerability in Samsung Syncthru web Service and X7400Gx Firmware

XSS exists in SAMSUNG X7400GX SyncThru Web Service V6.A6.25 V11.01.05.25_08-21-2015 in "/sws.application/information/networkinformationView.sws" in the tabName parameter.

4.3
2019-03-21 CVE-2019-7419 Samsung Cross-site Scripting vulnerability in Samsung Syncthru web Service and X7400Gx Firmware

XSS exists in SAMSUNG X7400GX SyncThru Web Service V6.A6.25 V11.01.05.25_08-21-2015 in "/sws/leftmenu.sws" in multiple parameters: ruiFw_id, ruiFw_pid, ruiFw_title.

4.3
2019-03-21 CVE-2019-7418 Samsung Cross-site Scripting vulnerability in Samsung Syncthru web Service and X7400Gx Firmware

XSS exists in SAMSUNG X7400GX SyncThru Web Service V6.A6.25 V11.01.05.25_08-21-2015 in "/sws/swsAlert.sws" in multiple parameters: flag, frame, func, and Nfunc.

4.3
2019-03-21 CVE-2019-7417 Ericsson Cross-site Scripting vulnerability in Ericsson Active Library Explorer 14.3

XSS exists in Ericsson Active Library Explorer (ALEX) 14.3 in multiple parameters in the "/cgi-bin/alexserv" servlet, as demonstrated by the DB, FN, fn, or id parameter.

4.3
2019-03-21 CVE-2019-7416 Opentext Cross-site Scripting vulnerability in Opentext Documentum Webtop 5.3

XSS and/or a Client Side URL Redirect exists in OpenText Documentum Webtop 5.3 SP2.

4.3
2019-03-21 CVE-2019-7299 Wpsupportplus Cross-site Scripting vulnerability in Wpsupportplus WP Support Plus Responsive Ticket System 9.1.1

A stored cross-site scripting (XSS) vulnerability in the submit_ticket.php module in the WP Support Plus Responsive Ticket System plugin 9.1.1 for WordPress allows remote attackers to inject arbitrary web script or HTML via the subject parameter in wp-content/plugins/wp-support-plus-responsive-ticket-system/includes/ajax/submit_ticket.php.

4.3
2019-03-21 CVE-2019-6735 Foxitsoftware Out-of-bounds Read vulnerability in Foxitsoftware Phantompdf

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Foxit Reader.

4.3
2019-03-21 CVE-2019-6734 Foxitsoftware Use After Free vulnerability in Foxitsoftware Phantompdf

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Foxit PhantomPDF.

4.3
2019-03-21 CVE-2019-6733 Foxitsoftware Out-of-bounds Read vulnerability in Foxitsoftware Phantompdf

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Foxit PhantomPDF.

4.3
2019-03-21 CVE-2019-6732 Foxitsoftware
Microsoft
Information Exposure vulnerability in Foxitsoftware Phantompdf and Reader

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Foxit PhantomPDF.

4.3
2019-03-21 CVE-2019-6728 Foxitsoftware Out-of-bounds Read vulnerability in Foxitsoftware Phantompdf

This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Foxit Reader.

4.3
2019-03-21 CVE-2019-6702 Mastercard Improper Certificate Validation vulnerability in Mastercard Qkr! With Masterpass

The MasterCard Qkr! app before 5.0.8 for iOS has Missing SSL Certificate Validation.

4.3
2019-03-21 CVE-2018-20639 Entrepreneur JOB Portal Script Project Cross-site Scripting vulnerability in Entrepreneur JOB Portal Script Project Entrepreneur JOB Portal Script 3.0.1

PHP Scripts Mall Entrepreneur Job Portal Script 3.0.1 has HTML injection via the Search Bar.

4.3
2019-03-21 CVE-2018-20212 Twiki Cross-site Scripting vulnerability in Twiki 6.0.2

bin/statistics in TWiki 6.0.2 allows cross-site scripting (XSS) via the webs parameter.

4.3
2019-03-21 CVE-2018-20141 Abantecart Cross-site Scripting vulnerability in Abantecart 1.2.12

AbanteCart 1.2.12 has reflected cross-site scripting (XSS) via the sort parameter, as demonstrated by a /apparel--accessories?sort= substring.

4.3
2019-03-21 CVE-2018-20140 Zenphoto Cross-site Scripting vulnerability in Zenphoto 1.4.14

Zenphoto 1.4.14 has multiple cross-site scripting (XSS) vulnerabilities via different URL parameters.

4.3
2019-03-21 CVE-2018-20121 Podcastgenerator Cross-site Scripting vulnerability in Podcastgenerator Podcast Generator 2.7

Podcast Generator 2.7 has stored cross-site scripting (XSS) via the URL addcategory parameter.

4.3
2019-03-21 CVE-2018-19917 Microweber Cross-site Scripting vulnerability in Microweber 1.0.8

Microweber 1.0.8 has reflected cross-site scripting (XSS) vulnerabilities.

4.3
2019-03-21 CVE-2018-19872 QT
Opensuse
Fedoraproject
Divide By Zero vulnerability in multiple products

An issue was discovered in Qt 5.11.

4.3
2019-03-21 CVE-2018-19694 HMS Networks Cross-site Scripting vulnerability in Hms-Networks products

HMS Industrial Networks Netbiter WS100 3.30.5 devices and previous have reflected XSS in the login form.

4.3
2019-03-21 CVE-2018-19525 Systrome Cross-Site Request Forgery (CSRF) vulnerability in Systrome products

An issue was discovered on Systrome ISG-600C, ISG-600H, and ISG-800W 1.1-R2.1_TRUNK-20180914.bin devices.

4.3
2019-03-21 CVE-2018-19511 ENS Cross-Site Request Forgery (CSRF) vulnerability in ENS Webgalamb 7.0

wg7.php in Webgalamb 7.0 lacks security measures to prevent CSRF attacks, as demonstrated by wg7.php?options=1 to change the administrator password.

4.3
2019-03-21 CVE-2018-19509 ENS Cross-site Scripting vulnerability in ENS Webgalamb 7.0

wg7.php in Webgalamb 7.0 makes opportunistic calls to htmlspecialchars() instead of using a templating engine with proper contextual encoding.

4.3
2019-03-21 CVE-2018-19498 Simplenia Cross-site Scripting vulnerability in Simplenia Pages

The Simplenia Pages plugin 2.6.0 for Atlassian Bitbucket Server has XSS.

4.3
2019-03-21 CVE-2018-18845 Advanced Comment System Project Cross-site Scripting vulnerability in Advanced Comment System Project Advanced Comment System 1.0

internal/advanced_comment_system/index.php and internal/advanced_comment_system/admin.php in Advanced Comment System, version 1.0, contain a reflected cross-site scripting vulnerability via ACS_path.

4.3
2019-03-21 CVE-2018-18762 Saltos Information Exposure vulnerability in Saltos 3.1

SaltOS 3.1 r8126 contains a database download vulnerability.

4.3
2019-03-21 CVE-2018-17997 Layerbb Cross-site Scripting vulnerability in Layerbb 1.1.1

LayerBB 1.1.1 allows XSS via the titles of conversations (PMs).

4.3
2019-03-21 CVE-2018-16563 Siemens Unspecified vulnerability in Siemens products

A vulnerability has been identified in Firmware variant IEC 61850 for EN100 Ethernet module (All versions < V4.35), Firmware variant MODBUS TCP for EN100 Ethernet module (All versions), Firmware variant DNP3 TCP for EN100 Ethernet module (All versions), Firmware variant IEC104 for EN100 Ethernet module (All versions), Firmware variant Profinet IO for EN100 Ethernet module (All versions), SIPROTEC 5 relays with CPU variants CP300 and CP100 and the respective Ethernet communication modules (All versions < V7.82), SIPROTEC 5 relays with CPU variants CP200 and the respective Ethernet communication modules (All versions < V7.58).

4.3
2019-03-21 CVE-2018-16519 Coyoapp Cross-site Scripting vulnerability in Coyoapp Coyo 10.0.11/12.0.4/9.0.8

COYO 9.0.8, 10.0.11 and 12.0.4 has cross-site scripting (XSS) via URLs used by "iFrame" widgets.

4.3
2019-03-21 CVE-2018-14486 Dnnsoftware Cross-site Scripting vulnerability in Dnnsoftware Dotnetnuke 9.1.1

DNN (formerly DotNetNuke) 9.1.1 allows cross-site scripting (XSS) via XML.

4.3
2019-03-21 CVE-2018-12638 Bose Cross-site Scripting vulnerability in Bose Soundtouch 18.1.4

An issue was discovered in the Bose Soundtouch app 18.1.4 for iOS.

4.3
2019-03-21 CVE-2017-1713 IBM Inadequate Encryption Strength vulnerability in IBM Infosphere Streams 4.2.1

IBM InfoSphere Streams 4.2.1 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information.

4.3
2019-03-21 CVE-2016-5819 Moxa Cross-site Scripting vulnerability in Moxa products

Moxa G3100V2 Series, editions prior to Version 2.8, and OnCell G3111/G3151/G3211/G3251 Series, editions prior to Version 1.7 allows a reflected cross-site scripting attack which may allow an attacker to execute arbitrary script code in the user’s browser within the trust relationship between their browser and the server.

4.3
2019-03-24 CVE-2019-10014 Dedecms Incorrect Authorization vulnerability in Dedecms 5.7

In DedeCMS 5.7SP2, member/resetpassword.php allows remote authenticated users to reset the passwords of arbitrary users via a modified id parameter, because the key parameter is not properly validated.

4.0
2019-03-22 CVE-2019-1765 Cisco Path Traversal vulnerability in Cisco products

A vulnerability in the web-based management interface of Session Initiation Protocol (SIP) Software for Cisco IP Phone 8800 Series could allow an authenticated, remote attacker to write arbitrary files to the filesystem.

4.0
2019-03-21 CVE-2019-9889 Vanillaforums Path Traversal vulnerability in Vanillaforums Vanilla

In Vanilla before 2.6.4, a flaw exists within the getSingleIndex function of the AddonManager class.

4.0
2019-03-21 CVE-2019-9868 Veritas Insufficiently Protected Credentials vulnerability in Veritas Netbackup Appliance

An issue was discovered in the Web Console in Veritas NetBackup Appliance through 3.1.2.

4.0
2019-03-21 CVE-2019-9867 Veritas Insufficiently Protected Credentials vulnerability in Veritas Netbackup Appliance

An issue was discovered in the Web Console in Veritas NetBackup Appliance through 3.1.2.

4.0
2019-03-21 CVE-2019-7441 Woocommerce Unspecified vulnerability in Woocommerce Paypal Checkout Payment Gateway 1.6.8

** DISPUTED ** cgi-bin/webscr?cmd=_cart in the WooCommerce PayPal Checkout Payment Gateway plugin 1.6.8 for WordPress allows Parameter Tampering in an amount parameter (such as amount_1), as demonstrated by purchasing an item for lower than the intended price.

4.0
2019-03-21 CVE-2019-7436 Opensource Classified ADS Script Project Path Traversal vulnerability in Opensource Classified ADS Script Project Opensource Classified ADS Script 3.2.2

PHP Scripts Mall Opensource Classified Ads Script 3.2.2 has directory traversal via a direct request for a listing of an uploads directory.

4.0
2019-03-21 CVE-2019-7434 Rental Bike Script Project Path Traversal vulnerability in Rental Bike Script Project Rental Bike Script 2.0.3

PHP Scripts Mall Rental Bike Script 2.0.3 has directory traversal via a direct request for a listing of an uploads directory.

4.0
2019-03-21 CVE-2019-7431 Image Sharing Script Project Path Traversal vulnerability in Image Sharing Script Project Image Sharing Script 1.3.4

PHP Scripts Mall Image Sharing Script 1.3.4 has directory traversal via a direct request for a listing of an uploads directory.

4.0
2019-03-21 CVE-2019-7429 Property Rental Software Project Path Traversal vulnerability in Property Rental Software Project Property Rental Software 2.1.4

PHP Scripts Mall Property Rental Software 2.1.4 has directory traversal via a direct request for a listing of an uploads directory such as the wp-content/uploads/2016/08 directory.

4.0
2019-03-21 CVE-2019-6273 GL Inet Path Traversal vulnerability in Gl-Inet Gl-Ar300M-Lite Firmware 2.27

download_file in GL.iNet GL-AR300M-Lite devices with firmware 2.27 allows remote attackers to download arbitrary files.

4.0
2019-03-21 CVE-2019-0191 Apache Path Traversal vulnerability in Apache Karaf

Apache Karaf kar deployer reads .kar archives and extracts the paths from the "repository/" and "resources/" entries in the zip file.

4.0
2019-03-21 CVE-2018-4058 Coturn Project Unspecified vulnerability in Coturn Project Coturn

An exploitable unsafe default configuration vulnerability exists in the TURN server functionality of coTURN prior to 4.5.0.9.

4.0
2019-03-21 CVE-2018-20647 CAR Rental Script Project Path Traversal vulnerability in CAR Rental Script Project CAR Rental Script 2.0.8

PHP Scripts Mall Car Rental Script 2.0.8 has directory traversal via a direct request for a listing of an image directory such as an images/ directory.

4.0
2019-03-21 CVE-2018-20646 Basic B2B Script Project Path Traversal vulnerability in Basic B2B Script Project Basic B2B Script 2.0.9

PHP Scripts Mall Basic B2B Script 2.0.9 has has directory traversal via a direct request for a listing of an image directory such as an uploads/ directory.

4.0
2019-03-21 CVE-2018-20643 Entrepreneur JOB Portal Script Project Path Traversal vulnerability in Entrepreneur JOB Portal Script Project Entrepreneur JOB Portal Script 3.0.1

PHP Scripts Mall Entrepreneur Job Portal Script 3.0.1 has directory traversal via a direct request for a listing of an image directory such as an assets/ directory.

4.0
2019-03-21 CVE-2018-20642 Entrepreneur JOB Portal Script Project Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Entrepreneur JOB Portal Script Project Entrepreneur JOB Portal Script 3.0.1

PHP Scripts Mall Entrepreneur Job Portal Script 3.0.1 allows remote attackers to cause a denial of service (outage of profile editing) via crafted JavaScript code in the KeySkills field.

4.0
2019-03-21 CVE-2018-20638 Chartered Accountant Path Traversal vulnerability in Chartered Accountant : Auditor Website Project Chartered Accountant : Auditor Website 2.0.1

PHP Scripts Mall Chartered Accountant : Auditor Website 2.0.1 has directory traversal via a direct request for a listing of an image directory such as an assets/ directory.

4.0
2019-03-21 CVE-2018-20637 Chartered Accountant Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Chartered Accountant : Auditor Website Project Chartered Accountant : Auditor Website 2.0.1

PHP Scripts Mall Chartered Accountant : Auditor Website 2.0.1 allows remote attackers to cause a denial of service (unrecoverable blank profile) via crafted JavaScript code in the First Name and Last Name field.

4.0
2019-03-21 CVE-2018-20635 Advance B2B Script Project Path Traversal vulnerability in Advance B2B Script Project Advance B2B Script 2.1.4

PHP Scripts Mall Advance B2B Script 2.1.4 has directory traversal via a direct request for a listing of an image directory such as an assets/ directory.

4.0
2019-03-21 CVE-2018-20634 Advance B2B Script Project Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Advance B2B Script Project Advance B2B Script 2.1.4

PHP Scripts Mall Advance B2B Script 2.1.4 allows remote attackers to cause a denial of service (changed Page structure) via JavaScript code in the First Name field.

4.0
2019-03-21 CVE-2018-20626 Consumer Reviews Script Project Path Traversal vulnerability in Consumer Reviews Script Project Consumer Reviews Script 4.0.3

PHP Scripts Mall Consumer Reviews Script 4.0.3 has directory traversal via a direct request for a listing of an uploads directory such as the wp-content/uploads/2018/12 directory.

4.0

43 Low Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2019-03-21 CVE-2018-17490 Hidglobal Missing Authorization vulnerability in Hidglobal Easylobby Solo 11.0.4563

EasyLobby Solo is vulnerable to a denial of service.

3.6
2019-03-21 CVE-2018-17486 Jollytech Unspecified vulnerability in Jollytech Lobby Track 8.2.186

Lobby Track Desktop could allow a local attacker to bypass security restrictions, caused by an error in the find visitor function while in kiosk mode.

3.6
2019-03-21 CVE-2018-17484 Jollytech Information Exposure vulnerability in Jollytech Lobby Track 8.2.186

Lobby Track Desktop could allow a local attacker to obtain sensitive information, caused by an error in Sample Database.mdb database while in kiosk mode.

3.6
2019-03-24 CVE-2019-10017 Cmsmadesimple Cross-site Scripting vulnerability in Cmsmadesimple CMS Made Simple 2.2.10

CMS Made Simple 2.2.10 has XSS via the moduleinterface.php Name field, which is reachable via an "Add a new Profile" action to the File Picker.

3.5
2019-03-21 CVE-2015-6462 Schneider Electric Cross-site Scripting vulnerability in Schneider-Electric products

Reflected Cross-Site Scripting (nonpersistent) allows an attacker to craft a specific URL, which contains Java script that will be executed on the Schneider Electric Modicon BMXNOC0401, BMXNOE0100, BMXNOE0110, BMXNOE0110H, BMXNOR0200H, BMXP342020, BMXP342020H, BMXP342030, BMXP3420302, BMXP3420302H, or BMXP342030H PLC client browser.

3.5
2019-03-21 CVE-2019-7432 Rental Bike Script Project Cross-site Scripting vulnerability in Rental Bike Script Project Rental Bike Script 2.0.3

PHP Scripts Mall Rental Bike Script 2.0.3 has HTML injection via the STREET field in the Profile Edit section.

3.5
2019-03-21 CVE-2019-7223 Invoiceplane Cross-site Scripting vulnerability in Invoiceplane

InvoicePlane 1.5 has stored XSS via the index.php/invoices/ajax/save invoice_password parameter, aka the "PDF password" field to the "Create Invoice" option.

3.5
2019-03-21 CVE-2018-20737 Wso2 Cross-site Scripting vulnerability in Wso2 products

An issue was discovered in WSO2 API Manager 2.1.0 and 2.6.0.

3.5
2019-03-21 CVE-2018-20736 Wso2 Cross-site Scripting vulnerability in Wso2 API Manager 2.6.0

An issue was discovered in WSO2 API Manager 2.1.0 and 2.6.0.

3.5
2019-03-21 CVE-2018-20645 Basic B2B Script Project Cross-site Scripting vulnerability in Basic B2B Script Project Basic B2B Script 2.0.9

PHP Scripts Mall Basic B2B Script 2.0.9 has HTML injection via the First Name or Last Name field.

3.5
2019-03-21 CVE-2018-20640 Entrepreneur JOB Portal Script Project Cross-site Scripting vulnerability in Entrepreneur JOB Portal Script Project Entrepreneur JOB Portal Script 3.0.1

PHP Scripts Mall Entrepreneur Job Portal Script 3.0.1 has stored Cross-Site Scripting (XSS) via the Full Name field.

3.5
2019-03-21 CVE-2018-20636 Chartered Accountant Cross-site Scripting vulnerability in Chartered Accountant : Auditor Website Project Chartered Accountant : Auditor Website 2.0.1

PHP Scripts Mall Chartered Accountant : Auditor Website 2.0.1 has HTML injection via the First Name field.

3.5
2019-03-21 CVE-2018-20632 Advance B2B Script Project Cross-site Scripting vulnerability in Advance B2B Script Project Advance B2B Script 2.1.4

PHP Scripts Mall Advance B2B Script 2.1.4 has stored Cross-Site Scripting (XSS) via the FIRST NAME or LAST NAME field.

3.5
2019-03-21 CVE-2018-20627 Consumer Reviews Script Project Cross-site Scripting vulnerability in Consumer Reviews Script Project Consumer Reviews Script 4.0.3

PHP Scripts Mall Consumer Reviews Script 4.0.3 has HTML injection via the search box.

3.5
2019-03-21 CVE-2018-19934 Solarwinds Cross-site Scripting vulnerability in Solarwinds Serv-U FTP Server 15.1.6.25

SolarWinds Serv-U FTP Server 15.1.6.25 has reflected cross-site scripting (XSS) in the Web management interface via URL path and HTTP POST parameter.

3.5
2019-03-21 CVE-2018-19191 Webmin Cross-site Scripting vulnerability in Webmin 1.890

Webmin 1.890 has XSS via /config.cgi?webmin, the /shell/index.cgi history parameter, /shell/index.cgi?stripped=1, or the /webminlog/search.cgi uall or mall parameter.

3.5
2019-03-21 CVE-2018-18882 Controlbyweb Cross-site Scripting vulnerability in Controlbyweb X-320M-I Firmware

A stored cross-site scripting (XSS) issue was discovered in ControlByWeb X-320M-I Web-Enabled Instrumentation-Grade Data Acquisition module 1.05 with firmware revision v1.05.

3.5
2019-03-21 CVE-2018-1836 IBM Cross-site Scripting vulnerability in IBM MQ

IBM WebSphere MQ 9.0.2, 9.0.3, 9.0.4, 9.0.5, 9.1.0.0, and 9.1.0.1 console is vulnerable to cross-site scripting.

3.5
2019-03-21 CVE-2018-17167 Printeron Cross-site Scripting vulnerability in Printeron 4.1.4

PrinterOn Enterprise 4.1.4 suffers from multiple authenticated stored XSS vulnerabilities via the (1) "Machine Host Name" or "Server Serial Number" field in the clustering configuration, (2) "name" field in the Edit Group configuration, (3) "Rule Name" field in the Access Control configuration, (4) "Service Name" in the Service Configuration, or (5) First Name or Last Name field in the Edit Account configuration.

3.5
2019-03-21 CVE-2018-14724 Mybb Cross-site Scripting vulnerability in Mybb BAN List 1.0

In the Ban List plugin 1.0 for MyBB, any forum user with mod privileges can ban users and input an XSS payload into the ban reason, which is executed on the bans.php page.

3.5
2019-03-21 CVE-2018-13104 Open Xchange Cross-site Scripting vulnerability in Open-Xchange Appsuite

OX App Suite 7.8.4 and earlier allows XSS.

3.5
2019-03-21 CVE-2018-10091 Audiocodes Cross-site Scripting vulnerability in Audiocodes 420Hd IP Phone Firmware 2.2.12.126

AudioCodes IP phone 420HD devices using firmware version 2.2.12.126 allow XSS.

3.5
2019-03-22 CVE-2019-9938 Ushareit Information Exposure vulnerability in Ushareit Shareit 4.0.34/4.0.38

The SHAREit application before 4.0.42 for Android allows a remote attacker (on the same network or joining public "open" Wi-Fi hotspots created by the application when file transfer is initiated) to download arbitrary files from the device including contacts, photos, videos, sound clips, etc.

2.9
2019-03-21 CVE-2019-8934 Qemu
Opensuse
Data Processing Errors vulnerability in multiple products

hw/ppc/spapr.c in QEMU through 3.1.0 allows Information Exposure because the hypervisor shares the /proc/device-tree/system-id and /proc/device-tree/model system attributes with a guest.

2.1
2019-03-21 CVE-2019-7222 Linux
Fedoraproject
Opensuse
Debian
Canonical
Netapp
The KVM implementation in the Linux kernel through 4.20.5 has an Information Leak.
2.1
2019-03-21 CVE-2019-6501 Qemu
Fedoraproject
Out-of-bounds Read vulnerability in multiple products

In QEMU 3.1, scsi_handle_inquiry_reply in hw/scsi/scsi-generic.c allows out-of-bounds write and read operations.

2.1
2019-03-21 CVE-2019-6492 Iobit Memory Leak vulnerability in Iobit Smart Defrag 6.0

SmartDefragDriver.sys (2.0) in IObit Smart Defrag 6 never frees an executable kernel pool that is allocated with user defined bytes and size when IOCTL 0x9C401CC4 is called.

2.1
2019-03-21 CVE-2018-19985 Linux
Debian
Netapp
Out-of-bounds Read vulnerability in Linux Kernel

The function hso_get_config_data in drivers/net/usb/hso.c in the Linux kernel through 4.19.8 reads if_num from the USB device (as a u8) and uses it to index a small array, resulting in an object out-of-bounds (OOB) read that potentially allows arbitrary read in the kernel address space.

2.1
2019-03-21 CVE-2018-18849 Qemu
Opensuse
Fedoraproject
Canonical
Out-of-bounds Read vulnerability in multiple products

In Qemu 3.0.0, lsi_do_msgin in hw/scsi/lsi53c895a.c allows out-of-bounds access by triggering an invalid msg_len value.

2.1
2019-03-21 CVE-2018-17502 Thereceptionist Information Exposure vulnerability in Thereceptionist the Receptionist for Ipad 4.0.4

The Receptionist for iPad could allow a local attacker to obtain sensitive information, caused by an error in the contact.json file.

2.1
2019-03-21 CVE-2018-17500 Envoy Insufficiently Protected Credentials vulnerability in Envoy Passport 2.2.5/2.4.0

Envoy Passport for Android and Envoy Passport for iPhone could allow a local attacker to obtain sensitive information, caused by the storing of hardcoded OAuth Creds in plaintext.

2.1
2019-03-21 CVE-2018-17499 Envoy Information Exposure Through Log Files vulnerability in Envoy Passport 2.2.5/2.4.0

Envoy Passport for Android and Envoy Passport for iPhone could allow a local attacker to obtain sensitive information, caused by the storing of unencrypted data in logs.

2.1
2019-03-21 CVE-2018-17497 Thresholdsecurity Insecure Default Initialization of Resource vulnerability in Thresholdsecurity Evisitorpass 1.5.5.2

eVisitorPass contains default administrative credentials.

2.1
2019-03-21 CVE-2018-17492 Hidglobal Use of Hard-coded Credentials vulnerability in Hidglobal Easylobby Solo 11.0.4563

EasyLobby Solo contains default administrative credentials.

2.1
2019-03-21 CVE-2018-17489 Hidglobal Cleartext Storage of Sensitive Information vulnerability in Hidglobal Easylobby Solo 11.0.4563

EasyLobby Solo could allow a local attacker to obtain sensitive information, caused by the storing of the social security number in plaintext.

2.1
2019-03-21 CVE-2018-17485 Jollytech Insecure Default Initialization of Resource vulnerability in Jollytech Lobby Track 8.2.186

Lobby Track Desktop contains default administrative credentials.

2.1
2019-03-21 CVE-2018-17483 Jollytech Information Exposure vulnerability in Jollytech Lobby Track 8.2.186

Lobby Track Desktop could allow a local attacker to obtain sensitive information, caused by an error in Reports while in kiosk mode.

2.1
2019-03-21 CVE-2018-17482 Jollytech Information Exposure vulnerability in Jollytech Lobby Track 8.2.186

Lobby Track Desktop could allow a local attacker to obtain sensitive information, caused by an error in Reports while in kiosk mode.

2.1
2019-03-21 CVE-2018-15532 HP Information Exposure vulnerability in HP Synaptics Touchpad Driver 20180606

SynTP.sys in Synaptics Touchpad drivers before 2018-06-06 allows local users to obtain sensitive information about freed kernel addresses.

2.1
2019-03-21 CVE-2018-12572 Avast Cleartext Storage of Sensitive Information vulnerability in Avast Free Antivirus

Avast Free Antivirus prior to 19.1.2360 stores user credentials in memory upon login, which allows local users to obtain sensitive information by dumping AvastUI.exe application memory and parsing the data.

2.1
2019-03-21 CVE-2017-16231 Pcre Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Pcre 8.41

** DISPUTED ** In PCRE 8.41, after compiling, a pcretest load test PoC produces a crash overflow in the function match() in pcre_exec.c because of a self-recursive call.

2.1
2019-03-21 CVE-2019-3832 Libsndfile Project Out-of-bounds Read vulnerability in Libsndfile Project Libsndfile 1.0.28

It was discovered the fix for CVE-2018-19758 (libsndfile) was not complete and still allows a read beyond the limits of a buffer in wav_write_header() function in wav.c.

1.9
2019-03-21 CVE-2018-18466 Securenvoy Information Exposure Through Log Files vulnerability in Securenvoy Securaccess 9.3.502

** DISPUTED ** An issue was discovered in SecurEnvoy SecurAccess 9.3.502.

1.9