Weekly Vulnerabilities Reports > April 29 to May 5, 2019

Overview

207 new vulnerabilities reported during this period, including 25 critical vulnerabilities and 53 high severity vulnerabilities. This weekly summary report vulnerabilities in 544 products from 79 vendors including Cisco, Doorgets, Crestron, Jenkins, and IBM. Vulnerabilities are notably categorized as "Cross-site Scripting", "Path Traversal", "Improper Input Validation", "SQL Injection", and "OS Command Injection".

  • 181 reported vulnerabilities are remotely exploitables.
  • 6 reported vulnerabilities have public exploit available.
  • 80 reported vulnerabilities are related to weaknesses in OWASP Top Ten.
  • 153 reported vulnerabilities are exploitable by an anonymous user.
  • Cisco has the most reported vulnerabilities, with 41 reported vulnerabilities.
  • Crestron has the most reported critical vulnerabilities, with 8 reported vulnerabilities.

TOTAL
VULNERABILITIES
CRITICAL RISK
VULNERABILITIES
HIGH RISK
VULNERABILITIES
MEDIUM RISK
VULNERABILITIES
LOW RISK
VULNERABILITIES
REMOTELY
EXPLOITABLE
LOCALLY
EXPLOITABLE
EXPLOIT
AVAILABLE
EXPLOITABLE
ANONYMOUSLY
AFFECTING
WEB APPLICATION

Vulnerability Details

The following table list reported vulnerabilities for the period covered by this report:

Expand/Hide

25 Critical Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2019-05-03 CVE-2019-1804 Cisco Insecure Default Initialization of Resource vulnerability in Cisco products

A vulnerability in the SSH key management for the Cisco Nexus 9000 Series Application Centric Infrastructure (ACI) Mode Switch Software could allow an unauthenticated, remote attacker to connect to the affected system with the privileges of the root user.

10.0
2019-05-02 CVE-2017-18369 Billion OS Command Injection vulnerability in Billion 5200W-T Firmware 1.02B

The Billion 5200W-T 1.02b.rc5.dt49 router distributed by TrueOnline has a command injection vulnerability in the Remote System Log forwarding function, which is accessible by an unauthenticated user.

10.0
2019-05-02 CVE-2017-18368 Billion
Zyxel
OS Command Injection vulnerability in multiple products

The ZyXEL P660HN-T1A v1 TCLinux Fw $7.3.15.0 v001 / 3.40(ULM.0)b31 router distributed by TrueOnline has a command injection vulnerability in the Remote System Log forwarding function, which is accessible by an unauthenticated user.

10.0
2019-04-30 CVE-2019-11627 Signing Party Project
Debian
Opensuse
OS Command Injection vulnerability in multiple products

gpg-key2ps in signing-party 1.1.x and 2.x before 2.10-1 contains an unsafe shell call enabling shell injection via a User ID.

10.0
2019-04-30 CVE-2019-3930 Crestron
Barco
Extron
Teqavit
Sharp
Optoma
Blackbox
Infocus
Out-of-bounds Write vulnerability in multiple products

The Crestron AM-100 firmware 1.6.0.2, Crestron AM-101 firmware 2.7.0.1, Barco wePresent WiPG-1000P firmware 2.3.0.10, Barco wePresent WiPG-1600W before firmware 2.4.1.19, Extron ShareLink 200/250 firmware 2.0.3.4, Teq AV IT WIPS710 firmware 1.1.0.7, SHARP PN-L703WA firmware 1.4.2.3, Optoma WPS-Pro firmware 1.0.0.5, Blackbox HD WPS firmware 1.0.0.5, InFocus LiteShow3 firmware 1.0.16, and InFocus LiteShow4 2.0.0.7 are vulnerable to a stack buffer overflow in libAwgCgi.so's PARSERtoCHAR function.

10.0
2019-04-30 CVE-2019-3929 Crestron
Barco
Extron
Teqavit
Sharp
Optoma
Blackbox
Infocus
OS Command Injection vulnerability in multiple products

The Crestron AM-100 firmware 1.6.0.2, Crestron AM-101 firmware 2.7.0.1, Barco wePresent WiPG-1000P firmware 2.3.0.10, Barco wePresent WiPG-1600W before firmware 2.4.1.19, Extron ShareLink 200/250 firmware 2.0.3.4, Teq AV IT WIPS710 firmware 1.1.0.7, SHARP PN-L703WA firmware 1.4.2.3, Optoma WPS-Pro firmware 1.0.0.5, Blackbox HD WPS firmware 1.0.0.5, InFocus LiteShow3 firmware 1.0.16, and InFocus LiteShow4 2.0.0.7 are vulnerable to command injection via the file_transfer.cgi HTTP endpoint.

10.0
2019-04-30 CVE-2019-3926 Crestron OS Command Injection vulnerability in Crestron Am-100 Firmware and Am-101 Firmware

Crestron AM-100 with firmware 1.6.0.2 and AM-101 with firmware 2.7.0.2 are vulnerable to command injection via SNMP OID iso.3.6.1.4.1.3212.100.3.2.14.1.

10.0
2019-04-30 CVE-2019-3925 Crestron OS Command Injection vulnerability in Crestron Am-100 Firmware and Am-101 Firmware

Crestron AM-100 with firmware 1.6.0.2 and AM-101 with firmware 2.7.0.2 are vulnerable to command injection via SNMP OID iso.3.6.1.4.1.3212.100.3.2.9.3.

10.0
2019-04-30 CVE-2019-10950 Fujifilm Improper Authentication vulnerability in Fujifilm products

Fujifilm FCR Capsula X/ Carbon X/ FCR XC-2, model versions CR-IR 357 FCR Carbon X, CR-IR 357 FCR XC-2, FCR-IR 357 FCR Capsula X provide insecure telnet services that lack authentication requirements.

10.0
2019-05-05 CVE-2019-11766 Dhcpcd Project
Debian
Out-of-bounds Read vulnerability in multiple products

dhcp6.c in dhcpcd before 6.11.7 and 7.x before 7.2.2 has a buffer over-read in the D6_OPTION_PD_EXCLUDE feature.

9.8
2019-05-03 CVE-2019-11037 PHP Out-of-bounds Write vulnerability in PHP Imagick

In PHP imagick extension in versions between 3.3.0 and 3.4.4, writing to an array of values in ImagickKernel::fromMatrix() function did not check that the address will be within the allocated array.

9.8
2019-05-02 CVE-2019-11683 Linux
Canonical
Out-of-bounds Write vulnerability in multiple products

udp_gro_receive_segment in net/ipv4/udp_offload.c in the Linux kernel 5.x before 5.0.13 allows remote attackers to cause a denial of service (slab-out-of-bounds memory corruption) or possibly have unspecified other impact via UDP packets with a 0 payload, because of mishandling of padded packets, aka the "GRO packet of death" issue.

9.8
2019-05-01 CVE-2019-10952 Rockwellautomation Resource Exhaustion vulnerability in Rockwellautomation products

An attacker could send a crafted HTTP/HTTPS request to render the web server unavailable and/or lead to remote code execution caused by a stack-based buffer overflow vulnerability.

9.8
2019-04-30 CVE-2019-3939 Crestron Use of Hard-coded Credentials vulnerability in Crestron Am-100 Firmware and Am-101 Firmware

Crestron AM-100 with firmware 1.6.0.2 and AM-101 with firmware 2.7.0.2 use default credentials admin/admin and moderator/moderator for the web interface.

9.8
2019-04-30 CVE-2019-3932 Crestron Use of Hard-coded Credentials vulnerability in Crestron Am-100 Firmware and Am-101 Firmware

Crestron AM-100 with firmware 1.6.0.2 and AM-101 with firmware 2.7.0.2 are vulnerable to authentication bypass due to a hard-coded password in return.tgi.

9.8
2019-05-03 CVE-2018-20580 Smartbear Improper Input Validation vulnerability in Smartbear Readyapi 2.5.0/2.6.0

The WSDL import functionality in SmartBear ReadyAPI 2.5.0 and 2.6.0 allows remote attackers to execute arbitrary Java code via a crafted request parameter in a WSDL file.

9.3
2019-04-30 CVE-2019-10309 Jenkins XXE vulnerability in Jenkins Self-Organizing Swarm Modules

Jenkins Self-Organizing Swarm Plug-in Modules Plugin clients that use UDP broadcasts to discover Jenkins masters do not prevent XML External Entity processing when processing the responses, allowing unauthorized attackers on the same network to read arbitrary files from Swarm clients.

9.3
2019-05-03 CVE-2019-11036 PHP
Fedoraproject
Redhat
Canonical
Debian
Opensuse
Out-of-bounds Read vulnerability in multiple products

When processing certain files, PHP EXIF extension in versions 7.1.x below 7.1.29, 7.2.x below 7.2.18 and 7.3.x below 7.3.5 can be caused to read past allocated buffer in exif_process_IFD_TAG function.

9.1
2019-04-30 CVE-2019-3935 Crestron Unspecified vulnerability in Crestron Am-100 Firmware and Am-101 Firmware

Crestron AM-100 with firmware 1.6.0.2 and AM-101 with firmware 2.7.0.2 allows anyone to act as a moderator to a slide show via crafted HTTP POST requests to conference.cgi.

9.1
2019-05-02 CVE-2017-18374 Billion
Zyxel
Use of Hard-coded Credentials vulnerability in multiple products

The ZyXEL P660HN-T1A v1 TCLinux Fw $7.3.15.0 v001 / 3.40(ULM.0)b31 router distributed by TrueOnline has two user accounts with default passwords, including a hardcoded service account with the username true and password true.

9.0
2019-05-02 CVE-2017-18373 Billion Use of Hard-coded Credentials vulnerability in Billion 5200W-T Firmware 7.3.8.0

The Billion 5200W-T TCLinux Fw $7.3.8.0 v008 130603 router distributed by TrueOnline has three user accounts with default passwords, including two hardcoded service accounts: one with the username true and password true, and another with the username user3 and and a long password consisting of a repetition of the string 0123456789.

9.0
2019-05-02 CVE-2017-18372 Billion
Zyxel
OS Command Injection vulnerability in multiple products

The Billion 5200W-T TCLinux Fw $7.3.8.0 v008 130603 router distributed by TrueOnline has a command injection vulnerability in the Time Setting function, which is only accessible by an authenticated user.

9.0
2019-05-02 CVE-2017-18370 Billion
Zyxel
OS Command Injection vulnerability in multiple products

The ZyXEL P660HN-T1A v2 TCLinux Fw #7.3.37.6 router distributed by TrueOnline has a command injection vulnerability in the Remote System Log forwarding function, which is only accessible by an authenticated user.

9.0
2019-04-30 CVE-2019-3931 Crestron Argument Injection or Modification vulnerability in Crestron Am-100 Firmware and Am-101 Firmware

Crestron AM-100 with firmware 1.6.0.2 and AM-101 with firmware 2.7.0.2 are vulnerable to argumention injection to the curl binary via crafted HTTP requests to return.cgi.

9.0
2019-04-30 CVE-2019-9486 Strato
Telekom
Ionos
Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in multiple products

STRATO HiDrive Desktop Client 5.0.1.0 for Windows suffers from a SYSTEM privilege escalation vulnerability through the HiDriveMaintenanceService service.

9.0

53 High Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2019-05-03 CVE-2019-1713 Cisco Cross-Site Request Forgery (CSRF) vulnerability in Cisco Adaptive Security Appliance Software

A vulnerability in the web-based management interface of Cisco Adaptive Security Appliance (ASA) Software could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack on an affected system.

8.8
2019-04-30 CVE-2019-10318 Jenkins Insufficiently Protected Credentials vulnerability in Jenkins Azure AD

Jenkins Azure AD Plugin 0.3.3 and earlier stored the client secret unencrypted in the global config.xml configuration file on the Jenkins master where it could be viewed by users with access to the master file system.

8.8
2019-04-30 CVE-2019-10316 Jenkins Insufficiently Protected Credentials vulnerability in Jenkins Aqua Microscanner

Jenkins Aqua MicroScanner Plugin 1.0.5 and earlier stored credentials unencrypted in its global configuration file on the Jenkins master where they could be viewed by users with access to the master file system.

8.8
2019-04-30 CVE-2019-10315 Jenkins Cross-Site Request Forgery (CSRF) vulnerability in Jenkins Github Authentication

Jenkins GitHub Authentication Plugin 0.31 and earlier did not use the state parameter of OAuth to prevent CSRF.

8.8
2019-04-30 CVE-2019-10313 Jenkins Insufficiently Protected Credentials vulnerability in Jenkins Twitter

Jenkins Twitter Plugin stores credentials unencrypted in its global configuration file on the Jenkins master where they can be viewed by users with access to the master file system.

8.8
2019-04-30 CVE-2019-10311 Jenkins Missing Authorization vulnerability in Jenkins Ansible Tower

A missing permission check in Jenkins Ansible Tower Plugin 0.9.1 and earlier in the TowerInstallation.TowerInstallationDescriptor#doTestTowerConnection form validation method allowed attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins.

8.8
2019-04-30 CVE-2019-10310 Jenkins Cross-Site Request Forgery (CSRF) vulnerability in Jenkins Ansible Tower

A cross-site request forgery vulnerability in Jenkins Ansible Tower Plugin 0.9.1 and earlier in the TowerInstallation.TowerInstallationDescriptor#doTestTowerConnection form validation method allowed attackers permission to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins

8.8
2019-04-29 CVE-2019-3493 Microfocus Unspecified vulnerability in Microfocus Network Automation and Network Operations Management

A potential security vulnerability has been identified in Micro Focus Network Automation Software 9.20, 9.21, 10.00, 10.10, 10.20, 10.30, 10.40, 10.50, 2018.05, 2018.08, 2018.11, and Micro Focus Network Operations Management (NOM) all versions.

8.8
2019-04-29 CVE-2019-11591 WEB Dorado Inclusion of Functionality from Untrusted Control Sphere vulnerability in Web-Dorado Contact Form

The WebDorado Contact Form plugin before 1.13.5 for WordPress allows CSRF via the wp-admin/admin-ajax.php action parameter, with resultant local file inclusion via directory traversal, because there can be a discrepancy between the $_POST['action'] value and the $_GET['action'] value, and the latter is unsanitized.

8.8
2019-05-03 CVE-2019-1714 Cisco Unspecified vulnerability in Cisco products

A vulnerability in the implementation of Security Assertion Markup Language (SAML) 2.0 Single Sign-On (SSO) for Clientless SSL VPN (WebVPN) and AnyConnect Remote Access VPN in Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to successfully establish a VPN session to an affected device.

8.6
2019-05-03 CVE-2019-1708 Cisco Memory Leak vulnerability in Cisco products

A vulnerability in the Internet Key Exchange Version 2 Mobility and Multihoming Protocol (MOBIKE) feature for the Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a memory leak or a reload of an affected device that leads to a denial of service (DoS) condition.

8.6
2019-05-03 CVE-2019-1706 Cisco Use of a Broken or Risky Cryptographic Algorithm vulnerability in Cisco Adaptive Security Appliance Software

A vulnerability in the software cryptography module of the Cisco Adaptive Security Virtual Appliance (ASAv) and Firepower 2100 Series running Cisco Adaptive Security Appliance (ASA) Software could allow an unauthenticated, remote attacker to cause an unexpected reload of the device that results in a denial of service (DoS) condition.

8.6
2019-05-03 CVE-2019-1694 Cisco Unspecified vulnerability in Cisco Adaptive Security Appliance Software

A vulnerability in the TCP processing engine of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service (DoS) condition.

8.6
2019-05-03 CVE-2018-15388 Cisco Resource Exhaustion vulnerability in Cisco Adaptive Security Appliance Software

A vulnerability in the WebVPN login process of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause increased CPU utilization on an affected device.

8.6
2019-05-03 CVE-2019-1816 Cisco Improper Input Validation vulnerability in Cisco web Security Appliance

A vulnerability in the log subscription subsystem of the Cisco Web Security Appliance (WSA) could allow an authenticated, local attacker to perform command injection and elevate privileges to root.

7.8
2019-05-03 CVE-2019-1703 Cisco Resource Exhaustion vulnerability in Cisco Firepower Threat Defense

A vulnerability in the internal packet-processing functionality of Cisco Firepower Threat Defense (FTD) Software for the Cisco Firepower 2100 Series could allow an unauthenticated, remote attacker to cause an affected device to stop processing traffic, resulting in a denial of service (DoS) condition.

7.8
2019-05-03 CVE-2019-1635 Cisco Improper Handling of Exceptional Conditions vulnerability in Cisco products

A vulnerability in the call-handling functionality of Session Initiation Protocol (SIP) Software for Cisco IP Phone 7800 Series and 8800 Series could allow an unauthenticated, remote attacker to cause an affected phone to reload unexpectedly, resulting in a temporary denial of service (DoS) condition.

7.8
2019-05-03 CVE-2018-15462 Cisco Allocation of Resources Without Limits or Throttling vulnerability in Cisco Firepower Threat Defense

A vulnerability in the TCP ingress handler for the data interfaces that are configured with management access to Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause an increase in CPU and memory usage, resulting in a denial of service (DoS) condition.

7.8
2019-05-02 CVE-2019-11687 Nema Improper Input Validation vulnerability in Nema Dicom Standard

An issue was discovered in the DICOM Part 10 File Format in the NEMA DICOM Standard 1995 through 2019b.

7.8
2019-04-30 CVE-2019-3938 Crestron Use of Hard-coded Credentials vulnerability in Crestron Am-100 Firmware and Am-101 Firmware

Crestron AM-100 with firmware 1.6.0.2 and AM-101 with firmware 2.7.0.2 stores usernames, passwords, and other configuration options in the file generated via the "export configuration" feature.

7.8
2019-04-30 CVE-2019-10948 Fujifilm Resource Exhaustion vulnerability in Fujifilm products

Fujifilm FCR Capsula X/ Carbon X/ FCR XC-2, model versions CR-IR 357 FCR Carbon X, CR-IR 357 FCR XC-2, FCR-IR 357 FCR Capsula X are susceptible to a denial-of-service condition as a result of an overflow of TCP packets, which requires the device to be manually rebooted.

7.8
2019-04-29 CVE-2019-5429 Filezilla Project
Debian
Fedoraproject
Untrusted Search Path vulnerability in multiple products

Untrusted search path in FileZilla before 3.41.0-rc1 allows an attacker to gain privileges via a malicious 'fzsftp' binary in the user's home directory.

7.8
2019-05-03 CVE-2019-6619 F5 Unspecified vulnerability in F5 products

On BIG-IP 14.0.0-14.1.0.1, 13.0.0-13.1.1.4, and 12.1.0-12.1.4, the Traffic Management Microkernel (TMM) may restart when a virtual server has an HTTP/2 profile with Application Layer Protocol Negotiation (ALPN) enabled and it processes traffic where the ALPN extension size is zero.

7.5
2019-05-03 CVE-2019-6612 F5 Unspecified vulnerability in F5 products

On BIG-IP 14.0.0-14.1.0.1, 13.0.0-13.1.1.4, 12.1.0-12.1.4, 11.6.1-11.6.3.4, and 11.5.2-11.5.8, DNS query TCP connections that are aborted before receiving a response from a DNS cache may cause TMM to restart.

7.5
2019-05-03 CVE-2019-6611 F5 Unspecified vulnerability in F5 products

When BIG-IP 14.0.0-14.1.0.1, 13.0.0-13.1.1.4, 12.1.0-12.1.4, 11.6.1-11.6.3.4, and 11.5.2-11.5.8 are processing certain rare data sequences occurring in PPTP VPN traffic, the BIG-IP system may execute incorrect logic.

7.5
2019-05-03 CVE-2019-1817 Cisco Improper Input Validation vulnerability in Cisco web Security Appliance

A vulnerability in the web proxy functionality of Cisco AsyncOS Software for Cisco Web Security Appliance could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device.

7.5
2019-05-03 CVE-2019-1697 Cisco Improper Input Validation vulnerability in Cisco Adaptive Security Appliance Software

A vulnerability in the implementation of the Lightweight Directory Access Protocol (LDAP) feature in Cisco Adaptive Security Appliance (ASA) Software and Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service (DoS) condition.

7.5
2019-05-03 CVE-2019-1687 Cisco Improper Input Validation vulnerability in Cisco Adaptive Security Appliance Software

A vulnerability in the TCP proxy functionality for Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause the device to restart unexpectedly, resulting in a denial of service (DoS) condition.

7.5
2019-05-02 CVE-2018-16717 NIH Out-of-bounds Write vulnerability in NIH Ncbi Toolbox 2.0.7/2.2.26

A heap-based buffer overflow exists in nph-viewgif.cgi in the 2.0.7 through 2.2.26 legacy versions of the NCBI ToolBox.

7.5
2019-05-02 CVE-2018-16716 NIH Path Traversal vulnerability in NIH Ncbi Toolbox 2.0.7/2.2.26

A path traversal vulnerability exists in viewcgi.c in the 2.0.7 through 2.2.26 legacy versions of the NCBI ToolBox, which may result in reading of arbitrary files (i.e., significant information disclosure) or file deletion via the nph-viewgif.cgi query string.

7.5
2019-05-02 CVE-2019-9017 Solarwinds Out-of-bounds Write vulnerability in Solarwinds Dameware Mini Remote Control 10.0

DWRCC in SolarWinds DameWare Mini Remote Control 10.0 x64 has a Buffer Overflow associated with the size field for the machine name.

7.5
2019-05-02 CVE-2017-18371 Billion
Zyxel
Use of Hard-coded Credentials vulnerability in multiple products

The ZyXEL P660HN-T1A v2 TCLinux Fw #7.3.37.6 router distributed by TrueOnline has three user accounts with default passwords, including two hardcoded service accounts: one with the username true and password true, and another with the username supervisor and password zyad1234.

7.5
2019-05-02 CVE-2019-11682 Tabslab Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Tabslab Mailcarrier 2.51

A buffer overflow in the SMTP response service in MailCarrier 2.51 allows the attacker to execute arbitrary code remotely via a long HELP command, a related issue to CVE-2019-11395.

7.5
2019-05-02 CVE-2019-11678 Zohocorp SQL Injection vulnerability in Zohocorp Manageengine Firewall Analyzer

The "default reports" feature in Zoho ManageEngine Firewall Analyzer before 12.3 Build 123218 is vulnerable to SQL Injection.

7.5
2019-05-02 CVE-2019-11677 Zohocorp XXE vulnerability in Zohocorp Manageengine Firewall Analyzer

The Custom Report import function in Zoho ManageEngine Firewall Analyzer before 12.3 Build 123224 is vulnerable to XML External Entity (XXE) Injection.

7.5
2019-05-01 CVE-2019-0227 Apache
Oracle
Server-Side Request Forgery (SSRF) vulnerability in multiple products

A Server Side Request Forgery (SSRF) vulnerability affected the Apache Axis 1.4 distribution that was last released in 2006.

7.5
2019-05-01 CVE-2019-10954 Rockwellautomation Stack-based Buffer Overflow vulnerability in Rockwellautomation products

An attacker could send crafted SMTP packets to cause a denial-of-service condition where the controller enters a major non-recoverable faulted state (MNRF) in CompactLogix 5370 L1, L2, and L3 Controllers, Compact GuardLogix 5370 controllers, and Armor Compact GuardLogix 5370 Controllers Versions 20 - 30 and earlier.

7.5
2019-04-30 CVE-2019-0194 Apache Path Traversal vulnerability in Apache Camel

Apache Camel's File is vulnerable to directory traversal.

7.5
2019-04-30 CVE-2019-11618 Doorgets Insecure Default Initialization of Resource vulnerability in Doorgets CMS 7.0

doorGets 7.0 has a default administrator credential vulnerability.

7.5
2019-04-29 CVE-2019-3563 Facebook Out-of-bounds Write vulnerability in Facebook Wangle

Wangle's LineBasedFrameDecoder contains logic for identifying newlines which incorrectly advances a buffer, leading to a potential underflow.

7.5
2019-04-29 CVE-2019-3561 Facebook Out-of-bounds Read vulnerability in Facebook Hhvm

Insufficient boundary checks for the strrpos and strripos functions allow access to out-of-bounds memory.

7.5
2019-04-29 CVE-2019-3560 Facebook Infinite Loop vulnerability in Facebook Fizz

An improperly performed length calculation on a buffer in PlaintextRecordLayer could lead to an infinite loop and denial-of-service based on user input.

7.5
2019-04-29 CVE-2019-11596 Memcached
Canonical
NULL Pointer Dereference vulnerability in multiple products

In memcached before 1.5.14, a NULL pointer dereference was found in the "lru mode" and "lru temp_ttl" commands.

7.5
2019-04-29 CVE-2016-10749 Cjson Project Out-of-bounds Read vulnerability in Cjson Project Cjson

parse_string in cJSON.c in cJSON before 2016-10-02 has a buffer over-read, as demonstrated by a string that begins with a " character and ends with a \ character.

7.5
2019-04-30 CVE-2019-5624 Rapid7 Path Traversal vulnerability in Rapid7 Metasploit

Rapid7 Metasploit Framework suffers from an instance of CWE-22, Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') in the Zip import function of Metasploit.

7.3
2019-05-03 CVE-2019-6616 F5 Unspecified vulnerability in F5 products

On BIG-IP 14.0.0-14.1.0.1, 13.0.0-13.1.1.4, 12.1.0-12.1.4, 11.6.1-11.6.3.4, and 11.5.2-11.5.8, administrative users with TMSH access can overwrite critical system files on BIG-IP which can result in bypass of whitelist / blacklist restrictions enforced by appliance mode.

7.2
2019-05-03 CVE-2019-1803 Cisco Permissions, Privileges, and Access Controls vulnerability in Cisco Nexus 9000 Series Application Centric Infrastructure

A vulnerability in the filesystem management for the Cisco Nexus 9000 Series Application Centric Infrastructure (ACI) Mode Switch Software could allow an authenticated, local attacker with administrator rights to gain elevated privileges as the root user on an affected device.

7.2
2019-05-03 CVE-2019-1709 Cisco OS Command Injection vulnerability in Cisco products

A vulnerability in the CLI of Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to perform a command injection attack.

7.2
2019-05-03 CVE-2019-1699 Cisco OS Command Injection vulnerability in Cisco Firepower Management Center

A vulnerability in the CLI of Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to perform a command injection attack.

7.2
2019-05-03 CVE-2019-1682 Cisco Permissions, Privileges, and Access Controls vulnerability in Cisco Application Policy Infrastructure Controller 3.2(2L)

A vulnerability in the FUSE filesystem functionality for Cisco Application Policy Infrastructure Controller (APIC) software could allow an authenticated, local attacker to escalate privileges to root on an affected device.

7.2
2019-05-03 CVE-2019-1592 Cisco Improper Input Validation vulnerability in Cisco Nx-Os 14.1(0.90)

A vulnerability in the background operations functionality of Cisco Nexus 9000 Series Application Centric Infrastructure (ACI) Mode Switch Software could allow an authenticated, local attacker to gain elevated privileges as root on an affected device.

7.2
2019-04-29 CVE-2019-11599 Linux Improper Locking vulnerability in Linux Kernel

The coredump implementation in the Linux kernel before 5.0.10 does not use locking or other mechanisms to prevent vma layout or vma flags changes while it runs, which allows local users to obtain sensitive information, cause a denial of service, or possibly have unspecified other impact by triggering a race condition with mmget_not_zero or get_task_mm calls.

7.0
2019-04-29 CVE-2019-8454 Checkpoint Link Following vulnerability in Checkpoint Endpoint Security

A local attacker can create a hard-link between a file to which the Check Point Endpoint Security client for Windows before E80.96 writes and another BAT file, then by impersonating the WPAD server, the attacker can write BAT commands into that file that will later be run by the user or the system.

7.0

118 Medium Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2019-05-02 CVE-2019-11675 Groonga Race Condition vulnerability in Groonga Groonga-Httpd 6.5.11

The groonga-httpd package 6.1.5-1 for Debian sets the /var/log/groonga ownership to the groonga account, which might let local users obtain root access because of unsafe interaction with logrotate.

6.9
2019-04-30 CVE-2018-19374 Zohocorp Incorrect Permission Assignment for Critical Resource vulnerability in Zohocorp Manageengine Admanager Plus 6.6

Zoho ManageEngine ADManager Plus 6.6 Build 6657 allows local users to gain privileges (after a reboot) by placing a Trojan horse file into the permissive bin directory.

6.9
2019-05-03 CVE-2019-1857 Cisco Cross-Site Request Forgery (CSRF) vulnerability in Cisco products

A vulnerability in the web-based management interface of Cisco HyperFlex HX-Series could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack and perform arbitrary actions on an affected system.

6.8
2019-05-03 CVE-2019-1807 Cisco Session Fixation vulnerability in Cisco Umbrella

A vulnerability in the session management functionality of the web UI for the Cisco Umbrella Dashboard could allow an authenticated, remote attacker to access the Dashboard via an active, user session.

6.8
2019-05-03 CVE-2019-1724 Cisco Improper Authentication vulnerability in Cisco products

A vulnerability in the session management functionality of the web-based interface for Cisco Small Business RV320 and RV325 Dual Gigabit WAN VPN Routers could allow an unauthenticated, remote attacker to hijack a valid user session on an affected system.

6.8
2019-05-03 CVE-2019-1590 Cisco Improper Certificate Validation vulnerability in Cisco Nx-Os 14.1(0.90)/8.3(0)Sk(0.39)

A vulnerability in the Transport Layer Security (TLS) certificate validation functionality of Cisco Nexus 9000 Series Application Centric Infrastructure (ACI) Mode Switch Software could allow an unauthenticated, remote attacker to perform insecure TLS client authentication on an affected device.

6.8
2019-05-01 CVE-2019-11640 GNU Out-of-bounds Write vulnerability in GNU Recutils 1.8

An issue was discovered in GNU recutils 1.8.

6.8
2019-05-01 CVE-2019-11639 GNU Out-of-bounds Write vulnerability in GNU Recutils 1.8

An issue was discovered in GNU recutils 1.8.

6.8
2019-04-30 CVE-2019-11617 Doorgets Cross-Site Request Forgery (CSRF) vulnerability in Doorgets CMS 7.0

doorGets 7.0 has a CSRF vulnerability in /doorgets/app/requests/user/configurationRequest.php.

6.8
2019-04-30 CVE-2019-11193 Infinitumit Cross-Site Request Forgery (CSRF) vulnerability in Infinitumit Directadmin 1.561

The FileManager in InfinitumIT DirectAdmin through v1.561 has XSS via CMD_FILE_MANAGER, CMD_SHOW_USER, and CMD_SHOW_RESELLER; an attacker can bypass the CSRF protection with this, and take over the administration panel.

6.8
2019-04-30 CVE-2018-15206 Bpcbt Cross-Site Request Forgery (CSRF) vulnerability in Bpcbt Smartvista 2

BPC SmartVista 2 has CSRF via SVFE2/pages/admpages/roles/createrole.jsf.

6.8
2019-04-30 CVE-2018-14930 Polarisft Cross-Site Request Forgery (CSRF) vulnerability in Polarisft Intellect Core Banking 9.7.1

An issue was discovered in the Armor module in Polaris FT Intellect Core Banking 9.7.1.

6.8
2019-04-29 CVE-2018-5123 Mozilla Cross-Site Request Forgery (CSRF) vulnerability in Mozilla Bugzilla

A third party website can access information available to a user with access to a restricted bug entry using the image generation in report.cgi in all Bugzilla versions prior to 4.4.

6.8
2019-04-29 CVE-2019-11595 Ublockorigin Improper Input Validation vulnerability in Ublockorigin Ublock Origin

In uBlock before 0.9.5.15, the $rewrite filter option allows filter-list maintainers to run arbitrary code in a client-side session when a web service loads a script for execution using XMLHttpRequest or Fetch, and the script origin has an open redirect.

6.8
2019-04-29 CVE-2019-11594 Getadblock Code Injection vulnerability in Getadblock Adblock

In AdBlock before 3.45.0, the $rewrite filter option allows filter-list maintainers to run arbitrary code in a client-side session when a web service loads a script for execution using XMLHttpRequest or Fetch, and the script origin has an open redirect.

6.8
2019-04-29 CVE-2019-11593 Adblockplus Code Injection vulnerability in Adblockplus Adblock Plus

In Adblock Plus before 3.5.2, the $rewrite filter option allows filter-list maintainers to run arbitrary code in a client-side session when a web service loads a script for execution using XMLHttpRequest or Fetch, and the script origin has an open redirect.

6.8
2019-04-29 CVE-2019-11590 10Web Inclusion of Functionality from Untrusted Control Sphere vulnerability in 10Web Form Maker

The 10Web Form Maker plugin before 1.13.5 for WordPress allows CSRF via the wp-admin/admin-ajax.php action parameter, with resultant local file inclusion via directory traversal, because there can be a discrepancy between the $_POST['action'] value and the $_GET['action'] value, and the latter is unsanitized.

6.8
2019-05-03 CVE-2019-1836 Cisco Path Traversal vulnerability in Cisco Nx-Os 14.0(3D)

A vulnerability in the system shell for Cisco Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) mode could allow an authenticated, local attacker to use symbolic links to overwrite system files.

6.6
2019-05-03 CVE-2019-6617 F5 Improper Privilege Management vulnerability in F5 products

On BIG-IP 14.0.0-14.1.0.1, 13.0.0-13.1.1.4, 12.1.0-12.1.4, 11.6.1-11.6.3.4, and 11.5.2-11.5.8, a user with the Resource Administrator role is able to overwrite sensitive low-level files (such as /etc/passwd) using SFTP to modify user permissions, without Advanced Shell access.

6.5
2019-05-03 CVE-2019-6614 F5 Unspecified vulnerability in F5 products

On BIG-IP 14.0.0-14.1.0.1, 13.0.0-13.1.1.4, and 12.1.0-12.1.4, internal methods used to prevent arbitrary file overwrites in Appliance Mode were not fully effective.

6.5
2019-05-03 CVE-2019-3894 Redhat Unspecified vulnerability in Redhat Jboss Enterprise Application Platform and Wildfly

It was discovered that the ElytronManagedThread in Wildfly's Elytron subsystem in versions from 11 to 16 stores a SecurityIdentity to run the thread as.

6.5
2019-05-03 CVE-2019-1859 Cisco Incorrect Authorization vulnerability in Cisco products

A vulnerability in the Secure Shell (SSH) authentication process of Cisco Small Business Switches software could allow an attacker to bypass client-side certificate authentication and revert to password authentication.

6.5
2019-05-03 CVE-2019-1695 Cisco Unspecified vulnerability in Cisco Adaptive Security Appliance Software

A vulnerability in the detection engine of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, adjacent attacker to send data directly to the kernel of an affected device.

6.5
2019-05-03 CVE-2019-1693 Cisco Unspecified vulnerability in Cisco Adaptive Security Appliance Software

A vulnerability in the WebVPN service of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, remote attacker to cause a denial of service (DoS) condition on an affected device.

6.5
2019-04-30 CVE-2019-0214 Apache Unspecified vulnerability in Apache Archiva

In Apache Archiva 2.0.0 - 2.2.3, it is possible to write files to the archiva server at arbitrary locations by using the artifact upload mechanism.

6.5
2019-04-30 CVE-2019-0213 Apache Cross-site Scripting vulnerability in Apache Archiva

In Apache Archiva before 2.2.4, it may be possible to store malicious XSS code into central configuration entries, i.e.

6.5
2019-04-30 CVE-2019-11615 Doorgets Unrestricted Upload of File with Dangerous Type vulnerability in Doorgets CMS 7.0

/fileman/php/upload.php in doorGets 7.0 has an arbitrary file upload vulnerability.

6.5
2019-04-30 CVE-2018-15207 Bpcbt Improper Privilege Management vulnerability in Bpcbt Smartvista 2

BPC SmartVista 2 has Improper Access Control in the SVFE module, where it fails to appropriately restrict access: a normal user is able to access the SVFE2/pages/finadmin/currconvrate/currconvrate.jsf functionality that should be only accessible to an admin.

6.5
2019-04-30 CVE-2018-14874 Polarisft SQL Injection vulnerability in Polarisft Intellect Core Banking 9.7.1

An issue was discovered in the Armor module in Polaris FT Intellect Core Banking 9.7.1.

6.5
2019-04-30 CVE-2019-10308 Jenkins Missing Authorization vulnerability in Jenkins Static Analysis Utilities

A missing permission check in Jenkins Static Analysis Utilities Plugin 1.95 and earlier in the DefaultGraphConfigurationView#doSave form handler method allowed attackers with Overall/Read permission to change the per-job default graph configuration for all users.

6.5
2019-04-30 CVE-2019-10307 Jenkins Cross-Site Request Forgery (CSRF) vulnerability in Jenkins Static Analysis Utilities

A cross-site request forgery vulnerability in Jenkins Static Analysis Utilities Plugin 1.95 and earlier in the DefaultGraphConfigurationView#doSave form handler method allowed attackers to change the per-job default graph configuration for all users.

6.5
2019-04-30 CVE-2019-11612 Doorgets Path Traversal vulnerability in Doorgets CMS 7.0

doorGets 7.0 has an arbitrary file deletion vulnerability in /fileman/php/deletefile.php.

6.4
2019-04-30 CVE-2019-11609 Doorgets Path Traversal vulnerability in Doorgets CMS 7.0

doorGets 7.0 has a sensitive information disclosure vulnerability in /fileman/php/movefile.php.

6.4
2019-04-30 CVE-2019-11608 Doorgets Path Traversal vulnerability in Doorgets CMS 7.0

doorGets 7.0 has a sensitive information disclosure vulnerability in /fileman/php/renamefile.php.

6.4
2019-04-30 CVE-2018-20835 TAR FS Project Improper Input Validation vulnerability in Tar-Fs Project Tar-Fs

A vulnerability was found in tar-fs before 1.16.2.

6.4
2019-04-30 CVE-2018-20834 Node TAR Project Link Following vulnerability in Node-Tar Project Node-Tar

A vulnerability was found in node-tar before version 4.4.2 (excluding version 2.2.2).

6.4
2019-05-02 CVE-2019-3490 Microfocus Cross-site Scripting vulnerability in Microfocus Open Enterprise Server 2015.1/2018.0/2018.1

A DOM based XSS vulnerability has been identified in the Netstorage component of Open Enterprise Server (OES) allowing a remote attacker to execute javascript in the victims browser by tricking the victim into clicking on a specially crafted link.

6.1
2019-05-01 CVE-2018-8035 Apache Cross-site Scripting vulnerability in Apache Uimaducc

This vulnerability relates to the user's browser processing of DUCC webpage input data.The javascript comprising Apache UIMA DUCC (<= 2.2.2) which runs in the user's browser does not sufficiently filter user supplied inputs, which may result in unintended execution of user supplied javascript code.

6.1
2019-04-30 CVE-2019-4166 IBM Open Redirect vulnerability in IBM Storediq

IBM StoredIQ 7.6 could allow a remote attacker to conduct phishing attacks, using an open redirect attack.

6.1
2019-05-03 CVE-2019-1705 Cisco Improper Resource Shutdown or Release vulnerability in Cisco Adaptive Security Appliance Software

A vulnerability in the remote access VPN session manager of Cisco Adaptive Security Appliance (ASA) Software could allow a unauthenticated, remote attacker to cause a denial of service (DoS) condition on the remote access VPN services.

5.9
2019-04-30 CVE-2019-10317 Jenkins Improper Certificate Validation vulnerability in Jenkins Sitemonitor

Jenkins SiteMonitor Plugin 0.5 and earlier disabled SSL/TLS and hostname verification globally for the Jenkins master JVM.

5.9
2019-04-30 CVE-2019-10314 Jenkins Improper Certificate Validation vulnerability in Jenkins Koji

Jenkins Koji Plugin disables SSL/TLS and hostname verification globally for the Jenkins master JVM.

5.9
2019-04-30 CVE-2018-14931 Polarisft Open Redirect vulnerability in Polarisft Intellect Core Banking 9.7.1

An issue was discovered in the Core and Portal modules in Polaris FT Intellect Core Banking 9.7.1.

5.8
2019-04-29 CVE-2019-11598 Imagemagick Out-of-bounds Read vulnerability in Imagemagick 7.0.840

In ImageMagick 7.0.8-40 Q16, there is a heap-based buffer over-read in the function WritePNMImage of coders/pnm.c, which allows an attacker to cause a denial of service or possibly information disclosure via a crafted image file.

5.8
2019-04-29 CVE-2019-11597 Imagemagick Out-of-bounds Read vulnerability in Imagemagick 7.0.843

In ImageMagick 7.0.8-43 Q16, there is a heap-based buffer over-read in the function WriteTIFFImage of coders/tiff.c, which allows an attacker to cause a denial of service or possibly information disclosure via a crafted image file.

5.8
2019-05-01 CVE-2019-11632 Octopus Improper Privilege Management vulnerability in Octopus Deploy and Octopus Server

In Octopus Deploy 2019.1.0 through 2019.3.1 and 2019.4.0 through 2019.4.5, an authenticated user with the VariableViewUnscoped or VariableEditUnscoped permission scoped to a specific project could view or edit unscoped variables from a different project.

5.5
2019-04-30 CVE-2019-11624 Doorgets Path Traversal vulnerability in Doorgets CMS 7.0

doorGets 7.0 has an arbitrary file deletion vulnerability in /doorgets/app/requests/user/configurationRequest.php.

5.5
2019-04-30 CVE-2018-20509 Linux Information Exposure vulnerability in Linux Kernel 4.14.90

The print_binder_ref_olocked function in drivers/android/binder.c in the Linux kernel 4.14.90 allows local users to obtain sensitive address information by reading " ref *desc *node" lines in a debugfs file.

5.5
2019-04-30 CVE-2019-6494 Iobit Unspecified vulnerability in Iobit Malware Fighter 6.2

IMFForceDelete.sys in IObit Malware Fighter 6.2 allows a low privileged user to send IOCTL 0x8016E000 along with a user defined string to a file; that file will be promptly deleted regardless of access controls.

5.5
2019-05-01 CVE-2019-6562 Philips Cross-site Scripting vulnerability in Philips Tasy EMR 3.02.1744

In Philips Tasy EMR, Tasy EMR Versions 3.02.1744 and prior, the software incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.

5.4
2019-05-01 CVE-2019-4258 IBM Cross-site Scripting vulnerability in IBM Sterling B2B Integrator 6.0.0.0/6.0.0.1

IBM Sterling B2B Integrator 6.0.0.0 and 6.0.0.1 Standard Edition is vulnerable to cross-site scripting.

5.4
2019-05-03 CVE-2019-6613 F5 Cleartext Transmission of Sensitive Information vulnerability in F5 products

On BIG-IP 13.0.0-13.1.1.4, 12.1.0-12.1.4, 11.6.1-11.6.3.4, and 11.5.2-11.5.8, SNMP may expose sensitive configuration objects over insecure transmission channels.

5.3
2019-04-30 CVE-2019-3928 Crestron Unspecified vulnerability in Crestron Am-100 Firmware and Am-101 Firmware

Crestron AM-100 with firmware 1.6.0.2 and AM-101 with firmware 2.7.0.2 allow any user to obtain the presentation passcode via the iso.3.6.1.4.1.3212.100.3.2.7.4 OIDs.

5.3
2019-04-30 CVE-2018-15208 Bpcbt Session Fixation vulnerability in Bpcbt Smartvista 2

BPC SmartVista 2 has Session Fixation via the JSESSIONID parameter.

5.1
2019-05-05 CVE-2019-11767 Phpbb Server-Side Request Forgery (SSRF) vulnerability in PHPbb

Server side request forgery (SSRF) in phpBB before 3.2.6 allows checking for the existence of files and services on the local network of the host through the remote avatar upload function.

5.0
2019-05-03 CVE-2019-1844 Cisco Improper Input Validation vulnerability in Cisco Email Security Appliance 11.1.0131

A vulnerability in certain attachment detection mechanisms of the Cisco Email Security Appliance (ESA) could allow an unauthenticated, remote attacker to bypass the filtering functionality of an affected device.

5.0
2019-05-03 CVE-2019-1715 Cisco Insufficient Entropy in PRNG vulnerability in Cisco products

A vulnerability in the Deterministic Random Bit Generator (DRBG), also known as Pseudorandom Number Generator (PRNG), used in Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a cryptographic collision, enabling the attacker to discover the private key of an affected device.

5.0
2019-05-03 CVE-2019-1704 Cisco Resource Exhaustion vulnerability in Cisco Firepower Threat Defense

Multiple vulnerabilities in the Server Message Block (SMB) Protocol preprocessor detection engine for Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, adjacent or remote attacker to cause a denial of service (DoS) condition.

5.0
2019-05-03 CVE-2019-1692 Cisco Information Exposure vulnerability in Cisco Application Policy Infrastructure Controller 4.1(0.88A)/8.3(1)S6

A vulnerability in the web-based management interface of Cisco Application Policy Infrastructure Controller (APIC) Software could allow an unauthenticated, remote attacker to access sensitive system usage information.

5.0
2019-05-02 CVE-2019-9826 Phpbb Improper Input Validation vulnerability in PHPbb

The fulltext search component in phpBB before 3.2.6 allows Denial of Service.

5.0
2019-05-02 CVE-2018-16988 Xdmod Weak Password Recovery Mechanism for Forgotten Password vulnerability in Xdmod Open Xdmod

An issue was discovered in Open XDMoD through 7.5.0.

5.0
2019-05-02 CVE-2018-16961 Buffalo Path Traversal vulnerability in Buffalo Open Xdmod 7.5.0

An issue was discovered in Open XDMoD through 7.5.0.

5.0
2019-05-01 CVE-2019-11641 Anomali Use of Insufficiently Random Values vulnerability in Anomali Agave

Anomali Agave (formerly Drupot) through 1.0.0 fails to avoid fingerprinting by including predictable data and minimal variation in size within HTML templates, giving attackers the ability to detect and avoid this system.

5.0
2019-05-01 CVE-2019-11636 Z Cash 7PK - Security Features vulnerability in Z.Cash Zcash

Zcash 2.x allows an inexpensive approach to "fill all transactions of all blocks" and "prevent any real transaction from occurring" via a "Sapling Wood-Chipper" attack.

5.0
2019-05-01 CVE-2018-1608 IBM Inadequate Encryption Strength vulnerability in IBM Rational Engineering Lifecycle Manager

IBM Rational Engineering Lifecycle Manager 6.0 through 6.0.6 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information.

5.0
2019-05-01 CVE-2019-11633 Honeypress Project Information Exposure vulnerability in Honeypress Project Honeypress 20160927

HoneyPress through 2016-09-27 can be fingerprinted by attackers because of the ingrained unique www.atxsec.com and ayylmao.wpengine.com hostnames within the fake WordPress templates.

5.0
2019-04-30 CVE-2019-3936 Crestron Unspecified vulnerability in Crestron Am-100 Firmware and Am-101 Firmware

Crestron AM-100 with firmware 1.6.0.2 and AM-101 with firmware 2.7.0.2 is vulnerable to denial of service via a crafted request to TCP port 389.

5.0
2019-04-30 CVE-2019-3934 Crestron Forced Browsing vulnerability in Crestron Am-100 Firmware and Am-101 Firmware

Crestron AM-100 with firmware 1.6.0.2 and AM-101 with firmware 2.7.0.2 allows anyone to bypass the presentation code sending a crafted HTTP POST request to login.cgi.

5.0
2019-04-30 CVE-2019-3933 Crestron Forced Browsing vulnerability in Crestron Am-100 Firmware and Am-101 Firmware

Crestron AM-100 with firmware 1.6.0.2 and AM-101 with firmware 2.7.0.2 allows anyone to bypass the presentation code simply by requesting /images/browserslide.jpg via HTTP.

5.0
2019-04-30 CVE-2019-3927 Crestron Improper Authentication vulnerability in Crestron Am-100 Firmware and Am-101 Firmware

Crestron AM-100 with firmware 1.6.0.2 and AM-101 with firmware 2.7.0.2 anyone can change the administrator and moderator passwords via the iso.3.6.1.4.1.3212.100.3.2.8.1 and iso.3.6.1.4.1.3212.100.3.2.8.2 OIDs.

5.0
2019-04-30 CVE-2019-11626 Doorgets Pathname Traversal and Equivalence Errors vulnerability in Doorgets CMS 7.0

routers/ajaxRouter.php in doorGets 7.0 has a web site physical path leakage vulnerability, as demonstrated by an ajax/index.php?uri=1234%5c request.

5.0
2019-04-30 CVE-2019-11616 Doorgets Unspecified vulnerability in Doorgets CMS 7.0

doorGets 7.0 has a sensitive information disclosure vulnerability in /setup/temp/admin.php and /setup/temp/database.php.

5.0
2019-04-30 CVE-2019-11614 Doorgets SQL Injection vulnerability in Doorgets CMS 7.0

doorGets 7.0 has a SQL injection vulnerability in /doorgets/app/views/ajax/commentView.php.

5.0
2019-04-30 CVE-2019-11611 Doorgets Path Traversal vulnerability in Doorgets CMS 7.0

doorGets 7.0 has a sensitive information disclosure vulnerability in /fileman/php/download.php.

5.0
2019-04-30 CVE-2019-11610 Doorgets Path Traversal vulnerability in Doorgets CMS 7.0

doorGets 7.0 has a sensitive information disclosure vulnerability in /fileman/php/downloaddir.php.

5.0
2019-04-30 CVE-2019-11607 Doorgets Path Traversal vulnerability in Doorgets CMS 7.0

doorGets 7.0 has a sensitive information disclosure vulnerability in /fileman/php/copydir.php.

5.0
2019-04-30 CVE-2019-11606 Doorgets Path Traversal vulnerability in Doorgets CMS 7.0

doorGets 7.0 has a sensitive information disclosure vulnerability in /fileman/php/copyfile.php.

5.0
2019-04-30 CVE-2019-9621 Zimbra Server-Side Request Forgery (SSRF) vulnerability in Zimbra Collaboration Server

Zimbra Collaboration Suite before 8.6 patch 13, 8.7.x before 8.7.11 patch 10, and 8.8.x before 8.8.10 patch 7 or 8.8.x before 8.8.11 patch 3 allows SSRF via the ProxyServlet component.

5.0
2019-04-30 CVE-2019-3399 Atlassian Missing Authorization vulnerability in Atlassian Jira

The BrowseProjects.jspa resource in Jira before version 7.13.2, and from version 8.0.0 before version 8.0.2 allows remote attackers to see information for archived projects through a missing authorisation check.

5.0
2019-04-29 CVE-2018-2007 IBM Inadequate Encryption Strength vulnerability in IBM API Connect

IBM API Connect 2018.1 and 2018.4.1.2 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information.

5.0
2019-04-29 CVE-2018-1961 IBM Information Exposure vulnerability in IBM Emptoris Contract Management

IBM Emptoris Contract Management 10.0.0 and 10.1.3.0 could disclose sensitive information from detailed information from error messages.

5.0
2019-04-29 CVE-2019-5492 Netapp Unspecified vulnerability in Netapp products

Element Plug-in for vCenter Server versions prior to 4.2.3 may disclose sensitive account information to an unauthenticated attacker.

5.0
2019-05-03 CVE-2019-6615 F5 Unspecified vulnerability in F5 products

On BIG-IP 14.0.0-14.1.0.1, 13.0.0-13.1.1.4, 12.1.0-12.1.4, 11.6.1-11.6.3.4, and 11.5.2-11.5.8, Administrator and Resource Administrator roles might exploit TMSH access to bypass Appliance Mode restrictions on BIG-IP systems.

4.9
2019-05-03 CVE-2019-1701 Cisco Cross-site Scripting vulnerability in Cisco Adaptive Security Appliance Software

Multiple vulnerabilities in the WebVPN service of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the WebVPN portal of an affected device.

4.8
2019-05-03 CVE-2019-3805 Redhat Improper Privilege Management vulnerability in Redhat Jboss Enterprise Application Platform and Wildfly

A flaw was discovered in wildfly versions up to 16.0.0.Final that would allow local users who are able to execute init.d script to terminate arbitrary processes on the system.

4.7
2019-05-03 CVE-2019-6158 Lenovo Information Exposure Through Log Files vulnerability in Lenovo Xclarity Administrator

An internal product security audit of Lenovo XClarity Administrator (LXCA) discovered HTTP proxy credentials being written to a log file in clear text.

4.3
2019-05-03 CVE-2019-3400 Atlassian Cross-site Scripting vulnerability in Atlassian Jira Server

The labels gadget in Jira before version 7.13.2, and from version 8.0.0 before version 8.0.2 allows remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability in the jql parameter.

4.3
2019-05-03 CVE-2018-20824 Atlassian Cross-site Scripting vulnerability in Atlassian Jira

The WallboardServlet resource in Jira before version 7.13.1 allows remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability in the cyclePeriod parameter.

4.3
2019-05-03 CVE-2019-1856 Cisco Cross-site Scripting vulnerability in Cisco Prime Collaboration Assurance 12.1

A vulnerability in the web-based management interface of Cisco Prime Collaboration Assurance (PCA) could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device.

4.3
2019-05-03 CVE-2019-1852 Cisco Cross-site Scripting vulnerability in Cisco Network Registrar 9.1(2)

A vulnerability in the web-based management interface of Cisco Prime Network Registrar could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based interface.

4.3
2019-05-03 CVE-2019-11690 Denx Use of Insufficiently Random Values vulnerability in Denx U-Boot

gen_rand_uuid in lib/uuid.c in Das U-Boot v2014.04 through v2019.04 lacks an srand call, which allows attackers to determine UUID values in scenarios where CONFIG_RANDOM_UUID is enabled, and Das U-Boot is relied upon for UUID values of a GUID Partition Table of a boot device.

4.3
2019-05-02 CVE-2018-16960 Buffalo Cross-site Scripting vulnerability in Buffalo Open Xdmod 7.5.0

An issue was discovered in Open XDMoD through 7.5.0.

4.3
2019-05-02 CVE-2018-16718 NIH Cross-site Scripting vulnerability in NIH Ncbi Toolbox 2.0.7/2.2.26

An XSS vulnerability exists in wwwblast.c in the 2.0.7 through 2.2.26 legacy versions of the NCBI ToolBox via a crafted -z1 argument.

4.3
2019-05-02 CVE-2018-10383 Lantronix Cross-site Scripting vulnerability in Lantronix Securelinx Spider Firmware

Lantronix SecureLinx Spider (SLS) 2.2+ devices have XSS in the auth.asp login page.

4.3
2019-05-02 CVE-2018-12404 Mozilla Unspecified vulnerability in Mozilla Network Security Services

A cached side channel attack during handshakes using RSA encryption could allow for the decryption of encrypted content.

4.3
2019-05-02 CVE-2018-2015 IBM Improper Input Validation vulnerability in IBM API Connect

IBM API Connect 2018.1 and 2018.4.1.4 could allow a remote attacker to hijack the clicking action of the victim.

4.3
2019-05-02 CVE-2019-11676 Zohocorp Cross-site Scripting vulnerability in Zohocorp Manageengine Firewall Analyzer

The user defined DNS name in Zoho ManageEngine Firewall Analyzer before 12.3 Build 123224 is vulnerable to stored XSS attacks.

4.3
2019-05-01 CVE-2019-11638 GNU NULL Pointer Dereference vulnerability in GNU Recutils 1.8

An issue was discovered in GNU recutils 1.8.

4.3
2019-05-01 CVE-2019-11637 GNU NULL Pointer Dereference vulnerability in GNU Recutils 1.8

An issue was discovered in GNU recutils 1.8.

4.3
2019-04-30 CVE-2019-10272 Weaver CRLF Injection vulnerability in Weaver E-Cology 9.0

An issue was discovered in Weaver e-cology 9.0.

4.3
2019-04-30 CVE-2015-9286 Nodebb Cross-site Scripting vulnerability in Nodebb

Controllers.outgoing in controllers/index.js in NodeBB before 0.7.3 has outgoing XSS.

4.3
2019-04-30 CVE-2019-10312 Jenkins Missing Authorization vulnerability in Jenkins Ansible Tower

A missing permission check in Jenkins Ansible Tower Plugin 0.9.1 and earlier in the TowerInstallation.TowerInstallationDescriptor#doFillTowerCredentialsIdItems method allowed attackers with Overall/Read permission to enumerate credentials ID of credentials stored in Jenkins.

4.3
2019-04-29 CVE-2019-4047 IBM Improper Privilege Management vulnerability in IBM Jazz Reporting Service 6.0.6

IBM Jazz Reporting Service (JRS) 6.0.6 could allow an authenticated user to access the execution log files as a guest user, and obtain the information of the server execution.

4.3
2019-04-29 CVE-2019-3562 Oculus Cross-site Scripting vulnerability in Oculus Browser

A remote web page could inject arbitrary HTML code into the Oculus Browser UI, allowing an attacker to spoof UI and potentially execute code.

4.3
2019-04-29 CVE-2018-12384 Mozilla Incorrect Usage of Seeds in Pseudo-Random Number Generator (PRNG) vulnerability in Mozilla Network Security Services

When handling a SSLv2-compatible ClientHello request, the server doesn't generate a new random value but sends an all-zero value instead.

4.3
2019-04-29 CVE-2019-11592 Webidsupport Cross-site Scripting vulnerability in Webidsupport Webid 1.2.2

WeBid 1.2.2 has reflected XSS via the id parameter to admin/deletenews.php, admin/editbannersuser.php, admin/editfaqscategory.php, or admin/excludeuser.php, or the offset parameter to admin/edituser.php.

4.3
2019-04-29 CVE-2015-9285 Esotalk Cross-site Scripting vulnerability in Esotalk 1.0.0

esoTalk 1.0.0g4 has XSS via the PATH_INFO to the conversations/ URI.

4.3
2019-05-03 CVE-2019-6618 F5 Unspecified vulnerability in F5 products

On BIG-IP 14.0.0-14.1.0.1, 13.0.0-13.1.1.4, 12.1.0-12.1.4, 11.6.1-11.6.3.4, and 11.5.2-11.5.8, users with the Resource Administrator role can modify sensitive portions of the filesystem if provided Advanced Shell Access, such as editing /etc/passwd.

4.0
2019-05-03 CVE-2019-1854 Cisco Path Traversal vulnerability in Cisco Telepresence Video Communication Server X8.11.4

A vulnerability in the management web interface of Cisco Expressway Series could allow an authenticated, remote attacker to perform a directory traversal attack against an affected device.

4.0
2019-05-03 CVE-2019-1587 Cisco Resource Management Errors vulnerability in Cisco Nx-Os 8.3(0)Sk(0.39)

A vulnerability in Cisco Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) mode could allow an authenticated, remote attacker to access sensitive information.

4.0
2019-05-01 CVE-2019-11628 Qlik Expression Language Injection vulnerability in Qlik Analytics, Qlik Sense and Qlikview Server

An issue was discovered in QlikView Server before 11.20 SR19, 12.00 and 12.10 before 12.10 SR11, 12.20 before SR9, and 12.30 before SR2; and Qlik Sense Enterprise and Qlik Analytics Platform installations that lack these patch levels: February 2018 Patch 4, April 2018 Patch 3, June 2018 Patch 3, September 2018 Patch 4, November 2018 Patch 4, or February 2019 Patch 2.

4.0
2019-04-30 CVE-2019-11625 Doorgets SQL Injection vulnerability in Doorgets CMS 7.0

doorGets 7.0 has a SQL injection vulnerability in /doorgets/app/requests/user/emailingRequest.php.

4.0
2019-04-30 CVE-2019-11623 Doorgets SQL Injection vulnerability in Doorgets CMS 7.0

doorGets 7.0 has a SQL injection vulnerability in /doorgets/app/requests/user/configurationRequest.php when action=siteweb.

4.0
2019-04-30 CVE-2019-11622 Doorgets SQL Injection vulnerability in Doorgets CMS 7.0

doorGets 7.0 has a SQL injection vulnerability in /doorgets/app/requests/user/modulecategoryRequest.php.

4.0
2019-04-30 CVE-2019-11621 Doorgets SQL Injection vulnerability in Doorgets CMS 7.0

doorGets 7.0 has a SQL injection vulnerability in /doorgets/app/requests/user/configurationRequest.php when action=network.

4.0
2019-04-30 CVE-2019-11620 Doorgets SQL Injection vulnerability in Doorgets CMS 7.0

doorGets 7.0 has a SQL injection vulnerability in /doorgets/app/requests/user/modulecategoryRequest.php.

4.0
2019-04-30 CVE-2019-11619 Doorgets SQL Injection vulnerability in Doorgets CMS 7.0

doorGets 7.0 has a SQL injection vulnerability in /doorgets/app/requests/user/configurationRequest.php when action=analytics.

4.0
2019-04-30 CVE-2019-11613 Doorgets SQL Injection vulnerability in Doorgets CMS 7.0

doorGets 7.0 has a SQL injection vulnerability in /doorgets/app/views/ajax/contactView.php.

4.0

11 Low Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2019-04-30 CVE-2019-10131 Imagemagick
Redhat
Debian
Canonical
Opensuse
Off-by-one Error vulnerability in multiple products

An off-by-one read vulnerability was discovered in ImageMagick before version 7.0.7-28 in the formatIPTCfromBuffer function in coders/meta.c.

3.6
2019-05-03 CVE-2019-1838 Cisco Cross-site Scripting vulnerability in Cisco Application Policy Infrastructure Controller 3.2(5D)/4.0(3D)

A vulnerability in the web-based management interface of Cisco Application Policy Infrastructure Controller (APIC) could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device.

3.5
2019-05-01 CVE-2018-1933 IBM Cross-site Scripting vulnerability in IBM Planning Analytics

IBM Planning Analytics 2.0 through 2.0.6 is vulnerable to cross-site scripting.

3.5
2019-04-30 CVE-2018-14875 Polarisft Cross-site Scripting vulnerability in Polarisft Intellect Core Banking 9.7.1

An issue was discovered in the Core and Portal modules in Polaris FT Intellect Core Banking 9.7.1.

3.5
2019-04-30 CVE-2018-20239 Atlassian Cross-site Scripting vulnerability in Atlassian products

Application Links before version 5.0.11, from version 5.1.0 before 5.2.10, from version 5.3.0 before 5.3.6, from version 5.4.0 before 5.4.12, and from version 6.0.0 before 6.0.4 allows remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability in the applinkStartingUrl parameter.

3.5
2019-04-29 CVE-2018-2004 IBM Cross-site Scripting vulnerability in IBM Jazz Reporting Service

IBM Jazz Reporting Service (JRS) 6.0 through 6.0.6 is vulnerable to cross-site scripting.

3.5
2019-05-03 CVE-2019-1696 Cisco Resource Exhaustion vulnerability in Cisco products

Multiple vulnerabilities in the Server Message Block (SMB) Protocol preprocessor detection engine for Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, adjacent or remote attacker to cause a denial of service (DoS) condition.

3.3
2019-05-03 CVE-2019-1589 Cisco Information Exposure vulnerability in Cisco Nx-Os 8.3(0)Sk(0.39)

A vulnerability in the Trusted Platform Module (TPM) functionality of software for Cisco Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) mode could allow an unauthenticated, local attacker with physical access to view sensitive information on an affected device.

2.1
2019-05-03 CVE-2019-1586 Cisco Incomplete Cleanup vulnerability in Cisco Application Policy Infrastructure Controller 4.1(0.90A)

A vulnerability in Cisco Application Policy Infrastructure Controller (APIC) Software could allow an unauthenticated, local attacker with physical access to obtain sensitive information from an affected device.

2.1
2019-04-30 CVE-2019-3937 Crestron Cleartext Storage of Sensitive Information vulnerability in Crestron Am-100 Firmware and Am-101 Firmware

Crestron AM-100 with firmware 1.6.0.2 and AM-101 with firmware 2.7.0.2 stores usernames, passwords, slideshow passcode, and other configuration options in cleartext in the file /tmp/scfgdndf.

2.1
2019-04-30 CVE-2018-20510 Linux Information Exposure vulnerability in Linux Kernel 4.14.90

The print_binder_transaction_ilocked function in drivers/android/binder.c in the Linux kernel 4.14.90 allows local users to obtain sensitive address information by reading "*from *code *flags" lines in a debugfs file.

2.1