Weekly Vulnerabilities Reports > April 29 to May 5, 2019
Overview
207 new vulnerabilities reported during this period, including 25 critical vulnerabilities and 53 high severity vulnerabilities. This weekly summary report vulnerabilities in 544 products from 79 vendors including Cisco, Doorgets, Crestron, Jenkins, and IBM. Vulnerabilities are notably categorized as "Cross-site Scripting", "Path Traversal", "Improper Input Validation", "SQL Injection", and "OS Command Injection".
- 181 reported vulnerabilities are remotely exploitables.
- 6 reported vulnerabilities have public exploit available.
- 80 reported vulnerabilities are related to weaknesses in OWASP Top Ten.
- 153 reported vulnerabilities are exploitable by an anonymous user.
- Cisco has the most reported vulnerabilities, with 41 reported vulnerabilities.
- Crestron has the most reported critical vulnerabilities, with 8 reported vulnerabilities.
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
EXPLOITABLE
EXPLOITABLE
AVAILABLE
ANONYMOUSLY
WEB APPLICATION
Vulnerability Details
The following table list reported vulnerabilities for the period covered by this report:
25 Critical Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2019-05-03 | CVE-2019-1804 | Cisco | Insecure Default Initialization of Resource vulnerability in Cisco products A vulnerability in the SSH key management for the Cisco Nexus 9000 Series Application Centric Infrastructure (ACI) Mode Switch Software could allow an unauthenticated, remote attacker to connect to the affected system with the privileges of the root user. | 10.0 |
2019-05-02 | CVE-2017-18369 | Billion | OS Command Injection vulnerability in Billion 5200W-T Firmware 1.02B The Billion 5200W-T 1.02b.rc5.dt49 router distributed by TrueOnline has a command injection vulnerability in the Remote System Log forwarding function, which is accessible by an unauthenticated user. | 10.0 |
2019-05-02 | CVE-2017-18368 | Billion Zyxel | OS Command Injection vulnerability in multiple products The ZyXEL P660HN-T1A v1 TCLinux Fw $7.3.15.0 v001 / 3.40(ULM.0)b31 router distributed by TrueOnline has a command injection vulnerability in the Remote System Log forwarding function, which is accessible by an unauthenticated user. | 10.0 |
2019-04-30 | CVE-2019-11627 | Signing Party Project Debian Opensuse | OS Command Injection vulnerability in multiple products gpg-key2ps in signing-party 1.1.x and 2.x before 2.10-1 contains an unsafe shell call enabling shell injection via a User ID. | 10.0 |
2019-04-30 | CVE-2019-3930 | Crestron Barco Extron Teqavit Sharp Optoma Blackbox Infocus | Out-of-bounds Write vulnerability in multiple products The Crestron AM-100 firmware 1.6.0.2, Crestron AM-101 firmware 2.7.0.1, Barco wePresent WiPG-1000P firmware 2.3.0.10, Barco wePresent WiPG-1600W before firmware 2.4.1.19, Extron ShareLink 200/250 firmware 2.0.3.4, Teq AV IT WIPS710 firmware 1.1.0.7, SHARP PN-L703WA firmware 1.4.2.3, Optoma WPS-Pro firmware 1.0.0.5, Blackbox HD WPS firmware 1.0.0.5, InFocus LiteShow3 firmware 1.0.16, and InFocus LiteShow4 2.0.0.7 are vulnerable to a stack buffer overflow in libAwgCgi.so's PARSERtoCHAR function. | 10.0 |
2019-04-30 | CVE-2019-3929 | Crestron Barco Extron Teqavit Sharp Optoma Blackbox Infocus | OS Command Injection vulnerability in multiple products The Crestron AM-100 firmware 1.6.0.2, Crestron AM-101 firmware 2.7.0.1, Barco wePresent WiPG-1000P firmware 2.3.0.10, Barco wePresent WiPG-1600W before firmware 2.4.1.19, Extron ShareLink 200/250 firmware 2.0.3.4, Teq AV IT WIPS710 firmware 1.1.0.7, SHARP PN-L703WA firmware 1.4.2.3, Optoma WPS-Pro firmware 1.0.0.5, Blackbox HD WPS firmware 1.0.0.5, InFocus LiteShow3 firmware 1.0.16, and InFocus LiteShow4 2.0.0.7 are vulnerable to command injection via the file_transfer.cgi HTTP endpoint. | 10.0 |
2019-04-30 | CVE-2019-3926 | Crestron | OS Command Injection vulnerability in Crestron Am-100 Firmware and Am-101 Firmware Crestron AM-100 with firmware 1.6.0.2 and AM-101 with firmware 2.7.0.2 are vulnerable to command injection via SNMP OID iso.3.6.1.4.1.3212.100.3.2.14.1. | 10.0 |
2019-04-30 | CVE-2019-3925 | Crestron | OS Command Injection vulnerability in Crestron Am-100 Firmware and Am-101 Firmware Crestron AM-100 with firmware 1.6.0.2 and AM-101 with firmware 2.7.0.2 are vulnerable to command injection via SNMP OID iso.3.6.1.4.1.3212.100.3.2.9.3. | 10.0 |
2019-04-30 | CVE-2019-10950 | Fujifilm | Improper Authentication vulnerability in Fujifilm products Fujifilm FCR Capsula X/ Carbon X/ FCR XC-2, model versions CR-IR 357 FCR Carbon X, CR-IR 357 FCR XC-2, FCR-IR 357 FCR Capsula X provide insecure telnet services that lack authentication requirements. | 10.0 |
2019-05-05 | CVE-2019-11766 | Dhcpcd Project Debian | Out-of-bounds Read vulnerability in multiple products dhcp6.c in dhcpcd before 6.11.7 and 7.x before 7.2.2 has a buffer over-read in the D6_OPTION_PD_EXCLUDE feature. | 9.8 |
2019-05-03 | CVE-2019-11037 | PHP | Out-of-bounds Write vulnerability in PHP Imagick In PHP imagick extension in versions between 3.3.0 and 3.4.4, writing to an array of values in ImagickKernel::fromMatrix() function did not check that the address will be within the allocated array. | 9.8 |
2019-05-02 | CVE-2019-11683 | Linux Canonical | Out-of-bounds Write vulnerability in multiple products udp_gro_receive_segment in net/ipv4/udp_offload.c in the Linux kernel 5.x before 5.0.13 allows remote attackers to cause a denial of service (slab-out-of-bounds memory corruption) or possibly have unspecified other impact via UDP packets with a 0 payload, because of mishandling of padded packets, aka the "GRO packet of death" issue. | 9.8 |
2019-05-01 | CVE-2019-10952 | Rockwellautomation | Resource Exhaustion vulnerability in Rockwellautomation products An attacker could send a crafted HTTP/HTTPS request to render the web server unavailable and/or lead to remote code execution caused by a stack-based buffer overflow vulnerability. | 9.8 |
2019-04-30 | CVE-2019-3939 | Crestron | Use of Hard-coded Credentials vulnerability in Crestron Am-100 Firmware and Am-101 Firmware Crestron AM-100 with firmware 1.6.0.2 and AM-101 with firmware 2.7.0.2 use default credentials admin/admin and moderator/moderator for the web interface. | 9.8 |
2019-04-30 | CVE-2019-3932 | Crestron | Use of Hard-coded Credentials vulnerability in Crestron Am-100 Firmware and Am-101 Firmware Crestron AM-100 with firmware 1.6.0.2 and AM-101 with firmware 2.7.0.2 are vulnerable to authentication bypass due to a hard-coded password in return.tgi. | 9.8 |
2019-05-03 | CVE-2018-20580 | Smartbear | Improper Input Validation vulnerability in Smartbear Readyapi 2.5.0/2.6.0 The WSDL import functionality in SmartBear ReadyAPI 2.5.0 and 2.6.0 allows remote attackers to execute arbitrary Java code via a crafted request parameter in a WSDL file. | 9.3 |
2019-04-30 | CVE-2019-10309 | Jenkins | XXE vulnerability in Jenkins Self-Organizing Swarm Modules Jenkins Self-Organizing Swarm Plug-in Modules Plugin clients that use UDP broadcasts to discover Jenkins masters do not prevent XML External Entity processing when processing the responses, allowing unauthorized attackers on the same network to read arbitrary files from Swarm clients. | 9.3 |
2019-05-03 | CVE-2019-11036 | PHP Fedoraproject Redhat Canonical Debian Opensuse | Out-of-bounds Read vulnerability in multiple products When processing certain files, PHP EXIF extension in versions 7.1.x below 7.1.29, 7.2.x below 7.2.18 and 7.3.x below 7.3.5 can be caused to read past allocated buffer in exif_process_IFD_TAG function. | 9.1 |
2019-04-30 | CVE-2019-3935 | Crestron | Unspecified vulnerability in Crestron Am-100 Firmware and Am-101 Firmware Crestron AM-100 with firmware 1.6.0.2 and AM-101 with firmware 2.7.0.2 allows anyone to act as a moderator to a slide show via crafted HTTP POST requests to conference.cgi. | 9.1 |
2019-05-02 | CVE-2017-18374 | Billion Zyxel | Use of Hard-coded Credentials vulnerability in multiple products The ZyXEL P660HN-T1A v1 TCLinux Fw $7.3.15.0 v001 / 3.40(ULM.0)b31 router distributed by TrueOnline has two user accounts with default passwords, including a hardcoded service account with the username true and password true. | 9.0 |
2019-05-02 | CVE-2017-18373 | Billion | Use of Hard-coded Credentials vulnerability in Billion 5200W-T Firmware 7.3.8.0 The Billion 5200W-T TCLinux Fw $7.3.8.0 v008 130603 router distributed by TrueOnline has three user accounts with default passwords, including two hardcoded service accounts: one with the username true and password true, and another with the username user3 and and a long password consisting of a repetition of the string 0123456789. | 9.0 |
2019-05-02 | CVE-2017-18372 | Billion Zyxel | OS Command Injection vulnerability in multiple products The Billion 5200W-T TCLinux Fw $7.3.8.0 v008 130603 router distributed by TrueOnline has a command injection vulnerability in the Time Setting function, which is only accessible by an authenticated user. | 9.0 |
2019-05-02 | CVE-2017-18370 | Billion Zyxel | OS Command Injection vulnerability in multiple products The ZyXEL P660HN-T1A v2 TCLinux Fw #7.3.37.6 router distributed by TrueOnline has a command injection vulnerability in the Remote System Log forwarding function, which is only accessible by an authenticated user. | 9.0 |
2019-04-30 | CVE-2019-3931 | Crestron | Argument Injection or Modification vulnerability in Crestron Am-100 Firmware and Am-101 Firmware Crestron AM-100 with firmware 1.6.0.2 and AM-101 with firmware 2.7.0.2 are vulnerable to argumention injection to the curl binary via crafted HTTP requests to return.cgi. | 9.0 |
2019-04-30 | CVE-2019-9486 | Strato Telekom Ionos | Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in multiple products STRATO HiDrive Desktop Client 5.0.1.0 for Windows suffers from a SYSTEM privilege escalation vulnerability through the HiDriveMaintenanceService service. | 9.0 |
53 High Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2019-05-03 | CVE-2019-1713 | Cisco | Cross-Site Request Forgery (CSRF) vulnerability in Cisco Adaptive Security Appliance Software A vulnerability in the web-based management interface of Cisco Adaptive Security Appliance (ASA) Software could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack on an affected system. | 8.8 |
2019-04-30 | CVE-2019-10318 | Jenkins | Insufficiently Protected Credentials vulnerability in Jenkins Azure AD Jenkins Azure AD Plugin 0.3.3 and earlier stored the client secret unencrypted in the global config.xml configuration file on the Jenkins master where it could be viewed by users with access to the master file system. | 8.8 |
2019-04-30 | CVE-2019-10316 | Jenkins | Insufficiently Protected Credentials vulnerability in Jenkins Aqua Microscanner Jenkins Aqua MicroScanner Plugin 1.0.5 and earlier stored credentials unencrypted in its global configuration file on the Jenkins master where they could be viewed by users with access to the master file system. | 8.8 |
2019-04-30 | CVE-2019-10315 | Jenkins | Cross-Site Request Forgery (CSRF) vulnerability in Jenkins Github Authentication Jenkins GitHub Authentication Plugin 0.31 and earlier did not use the state parameter of OAuth to prevent CSRF. | 8.8 |
2019-04-30 | CVE-2019-10313 | Jenkins | Insufficiently Protected Credentials vulnerability in Jenkins Twitter Jenkins Twitter Plugin stores credentials unencrypted in its global configuration file on the Jenkins master where they can be viewed by users with access to the master file system. | 8.8 |
2019-04-30 | CVE-2019-10311 | Jenkins | Missing Authorization vulnerability in Jenkins Ansible Tower A missing permission check in Jenkins Ansible Tower Plugin 0.9.1 and earlier in the TowerInstallation.TowerInstallationDescriptor#doTestTowerConnection form validation method allowed attackers with Overall/Read permission to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins. | 8.8 |
2019-04-30 | CVE-2019-10310 | Jenkins | Cross-Site Request Forgery (CSRF) vulnerability in Jenkins Ansible Tower A cross-site request forgery vulnerability in Jenkins Ansible Tower Plugin 0.9.1 and earlier in the TowerInstallation.TowerInstallationDescriptor#doTestTowerConnection form validation method allowed attackers permission to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins | 8.8 |
2019-04-29 | CVE-2019-3493 | Microfocus | Unspecified vulnerability in Microfocus Network Automation and Network Operations Management A potential security vulnerability has been identified in Micro Focus Network Automation Software 9.20, 9.21, 10.00, 10.10, 10.20, 10.30, 10.40, 10.50, 2018.05, 2018.08, 2018.11, and Micro Focus Network Operations Management (NOM) all versions. | 8.8 |
2019-04-29 | CVE-2019-11591 | WEB Dorado | Inclusion of Functionality from Untrusted Control Sphere vulnerability in Web-Dorado Contact Form The WebDorado Contact Form plugin before 1.13.5 for WordPress allows CSRF via the wp-admin/admin-ajax.php action parameter, with resultant local file inclusion via directory traversal, because there can be a discrepancy between the $_POST['action'] value and the $_GET['action'] value, and the latter is unsanitized. | 8.8 |
2019-05-03 | CVE-2019-1714 | Cisco | Unspecified vulnerability in Cisco products A vulnerability in the implementation of Security Assertion Markup Language (SAML) 2.0 Single Sign-On (SSO) for Clientless SSL VPN (WebVPN) and AnyConnect Remote Access VPN in Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to successfully establish a VPN session to an affected device. | 8.6 |
2019-05-03 | CVE-2019-1708 | Cisco | Memory Leak vulnerability in Cisco products A vulnerability in the Internet Key Exchange Version 2 Mobility and Multihoming Protocol (MOBIKE) feature for the Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a memory leak or a reload of an affected device that leads to a denial of service (DoS) condition. | 8.6 |
2019-05-03 | CVE-2019-1706 | Cisco | Use of a Broken or Risky Cryptographic Algorithm vulnerability in Cisco Adaptive Security Appliance Software A vulnerability in the software cryptography module of the Cisco Adaptive Security Virtual Appliance (ASAv) and Firepower 2100 Series running Cisco Adaptive Security Appliance (ASA) Software could allow an unauthenticated, remote attacker to cause an unexpected reload of the device that results in a denial of service (DoS) condition. | 8.6 |
2019-05-03 | CVE-2019-1694 | Cisco | Unspecified vulnerability in Cisco Adaptive Security Appliance Software A vulnerability in the TCP processing engine of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service (DoS) condition. | 8.6 |
2019-05-03 | CVE-2018-15388 | Cisco | Resource Exhaustion vulnerability in Cisco Adaptive Security Appliance Software A vulnerability in the WebVPN login process of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause increased CPU utilization on an affected device. | 8.6 |
2019-05-03 | CVE-2019-1816 | Cisco | Improper Input Validation vulnerability in Cisco web Security Appliance A vulnerability in the log subscription subsystem of the Cisco Web Security Appliance (WSA) could allow an authenticated, local attacker to perform command injection and elevate privileges to root. | 7.8 |
2019-05-03 | CVE-2019-1703 | Cisco | Resource Exhaustion vulnerability in Cisco Firepower Threat Defense A vulnerability in the internal packet-processing functionality of Cisco Firepower Threat Defense (FTD) Software for the Cisco Firepower 2100 Series could allow an unauthenticated, remote attacker to cause an affected device to stop processing traffic, resulting in a denial of service (DoS) condition. | 7.8 |
2019-05-03 | CVE-2019-1635 | Cisco | Improper Handling of Exceptional Conditions vulnerability in Cisco products A vulnerability in the call-handling functionality of Session Initiation Protocol (SIP) Software for Cisco IP Phone 7800 Series and 8800 Series could allow an unauthenticated, remote attacker to cause an affected phone to reload unexpectedly, resulting in a temporary denial of service (DoS) condition. | 7.8 |
2019-05-03 | CVE-2018-15462 | Cisco | Allocation of Resources Without Limits or Throttling vulnerability in Cisco Firepower Threat Defense A vulnerability in the TCP ingress handler for the data interfaces that are configured with management access to Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause an increase in CPU and memory usage, resulting in a denial of service (DoS) condition. | 7.8 |
2019-05-02 | CVE-2019-11687 | Nema | Improper Input Validation vulnerability in Nema Dicom Standard An issue was discovered in the DICOM Part 10 File Format in the NEMA DICOM Standard 1995 through 2019b. | 7.8 |
2019-04-30 | CVE-2019-3938 | Crestron | Use of Hard-coded Credentials vulnerability in Crestron Am-100 Firmware and Am-101 Firmware Crestron AM-100 with firmware 1.6.0.2 and AM-101 with firmware 2.7.0.2 stores usernames, passwords, and other configuration options in the file generated via the "export configuration" feature. | 7.8 |
2019-04-30 | CVE-2019-10948 | Fujifilm | Resource Exhaustion vulnerability in Fujifilm products Fujifilm FCR Capsula X/ Carbon X/ FCR XC-2, model versions CR-IR 357 FCR Carbon X, CR-IR 357 FCR XC-2, FCR-IR 357 FCR Capsula X are susceptible to a denial-of-service condition as a result of an overflow of TCP packets, which requires the device to be manually rebooted. | 7.8 |
2019-04-29 | CVE-2019-5429 | Filezilla Project Debian Fedoraproject | Untrusted Search Path vulnerability in multiple products Untrusted search path in FileZilla before 3.41.0-rc1 allows an attacker to gain privileges via a malicious 'fzsftp' binary in the user's home directory. | 7.8 |
2019-05-03 | CVE-2019-6619 | F5 | Unspecified vulnerability in F5 products On BIG-IP 14.0.0-14.1.0.1, 13.0.0-13.1.1.4, and 12.1.0-12.1.4, the Traffic Management Microkernel (TMM) may restart when a virtual server has an HTTP/2 profile with Application Layer Protocol Negotiation (ALPN) enabled and it processes traffic where the ALPN extension size is zero. | 7.5 |
2019-05-03 | CVE-2019-6612 | F5 | Unspecified vulnerability in F5 products On BIG-IP 14.0.0-14.1.0.1, 13.0.0-13.1.1.4, 12.1.0-12.1.4, 11.6.1-11.6.3.4, and 11.5.2-11.5.8, DNS query TCP connections that are aborted before receiving a response from a DNS cache may cause TMM to restart. | 7.5 |
2019-05-03 | CVE-2019-6611 | F5 | Unspecified vulnerability in F5 products When BIG-IP 14.0.0-14.1.0.1, 13.0.0-13.1.1.4, 12.1.0-12.1.4, 11.6.1-11.6.3.4, and 11.5.2-11.5.8 are processing certain rare data sequences occurring in PPTP VPN traffic, the BIG-IP system may execute incorrect logic. | 7.5 |
2019-05-03 | CVE-2019-1817 | Cisco | Improper Input Validation vulnerability in Cisco web Security Appliance A vulnerability in the web proxy functionality of Cisco AsyncOS Software for Cisco Web Security Appliance could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. | 7.5 |
2019-05-03 | CVE-2019-1697 | Cisco | Improper Input Validation vulnerability in Cisco Adaptive Security Appliance Software A vulnerability in the implementation of the Lightweight Directory Access Protocol (LDAP) feature in Cisco Adaptive Security Appliance (ASA) Software and Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service (DoS) condition. | 7.5 |
2019-05-03 | CVE-2019-1687 | Cisco | Improper Input Validation vulnerability in Cisco Adaptive Security Appliance Software A vulnerability in the TCP proxy functionality for Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause the device to restart unexpectedly, resulting in a denial of service (DoS) condition. | 7.5 |
2019-05-02 | CVE-2018-16717 | NIH | Out-of-bounds Write vulnerability in NIH Ncbi Toolbox 2.0.7/2.2.26 A heap-based buffer overflow exists in nph-viewgif.cgi in the 2.0.7 through 2.2.26 legacy versions of the NCBI ToolBox. | 7.5 |
2019-05-02 | CVE-2018-16716 | NIH | Path Traversal vulnerability in NIH Ncbi Toolbox 2.0.7/2.2.26 A path traversal vulnerability exists in viewcgi.c in the 2.0.7 through 2.2.26 legacy versions of the NCBI ToolBox, which may result in reading of arbitrary files (i.e., significant information disclosure) or file deletion via the nph-viewgif.cgi query string. | 7.5 |
2019-05-02 | CVE-2019-9017 | Solarwinds | Out-of-bounds Write vulnerability in Solarwinds Dameware Mini Remote Control 10.0 DWRCC in SolarWinds DameWare Mini Remote Control 10.0 x64 has a Buffer Overflow associated with the size field for the machine name. | 7.5 |
2019-05-02 | CVE-2017-18371 | Billion Zyxel | Use of Hard-coded Credentials vulnerability in multiple products The ZyXEL P660HN-T1A v2 TCLinux Fw #7.3.37.6 router distributed by TrueOnline has three user accounts with default passwords, including two hardcoded service accounts: one with the username true and password true, and another with the username supervisor and password zyad1234. | 7.5 |
2019-05-02 | CVE-2019-11682 | Tabslab | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Tabslab Mailcarrier 2.51 A buffer overflow in the SMTP response service in MailCarrier 2.51 allows the attacker to execute arbitrary code remotely via a long HELP command, a related issue to CVE-2019-11395. | 7.5 |
2019-05-02 | CVE-2019-11678 | Zohocorp | SQL Injection vulnerability in Zohocorp Manageengine Firewall Analyzer The "default reports" feature in Zoho ManageEngine Firewall Analyzer before 12.3 Build 123218 is vulnerable to SQL Injection. | 7.5 |
2019-05-02 | CVE-2019-11677 | Zohocorp | XXE vulnerability in Zohocorp Manageengine Firewall Analyzer The Custom Report import function in Zoho ManageEngine Firewall Analyzer before 12.3 Build 123224 is vulnerable to XML External Entity (XXE) Injection. | 7.5 |
2019-05-01 | CVE-2019-0227 | Apache Oracle | Server-Side Request Forgery (SSRF) vulnerability in multiple products A Server Side Request Forgery (SSRF) vulnerability affected the Apache Axis 1.4 distribution that was last released in 2006. | 7.5 |
2019-05-01 | CVE-2019-10954 | Rockwellautomation | Stack-based Buffer Overflow vulnerability in Rockwellautomation products An attacker could send crafted SMTP packets to cause a denial-of-service condition where the controller enters a major non-recoverable faulted state (MNRF) in CompactLogix 5370 L1, L2, and L3 Controllers, Compact GuardLogix 5370 controllers, and Armor Compact GuardLogix 5370 Controllers Versions 20 - 30 and earlier. | 7.5 |
2019-04-30 | CVE-2019-0194 | Apache | Path Traversal vulnerability in Apache Camel Apache Camel's File is vulnerable to directory traversal. | 7.5 |
2019-04-30 | CVE-2019-11618 | Doorgets | Insecure Default Initialization of Resource vulnerability in Doorgets CMS 7.0 doorGets 7.0 has a default administrator credential vulnerability. | 7.5 |
2019-04-29 | CVE-2019-3563 | Out-of-bounds Write vulnerability in Facebook Wangle Wangle's LineBasedFrameDecoder contains logic for identifying newlines which incorrectly advances a buffer, leading to a potential underflow. | 7.5 | |
2019-04-29 | CVE-2019-3561 | Out-of-bounds Read vulnerability in Facebook Hhvm Insufficient boundary checks for the strrpos and strripos functions allow access to out-of-bounds memory. | 7.5 | |
2019-04-29 | CVE-2019-3560 | Infinite Loop vulnerability in Facebook Fizz An improperly performed length calculation on a buffer in PlaintextRecordLayer could lead to an infinite loop and denial-of-service based on user input. | 7.5 | |
2019-04-29 | CVE-2019-11596 | Memcached Canonical | NULL Pointer Dereference vulnerability in multiple products In memcached before 1.5.14, a NULL pointer dereference was found in the "lru mode" and "lru temp_ttl" commands. | 7.5 |
2019-04-29 | CVE-2016-10749 | Cjson Project | Out-of-bounds Read vulnerability in Cjson Project Cjson parse_string in cJSON.c in cJSON before 2016-10-02 has a buffer over-read, as demonstrated by a string that begins with a " character and ends with a \ character. | 7.5 |
2019-04-30 | CVE-2019-5624 | Rapid7 | Path Traversal vulnerability in Rapid7 Metasploit Rapid7 Metasploit Framework suffers from an instance of CWE-22, Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') in the Zip import function of Metasploit. | 7.3 |
2019-05-03 | CVE-2019-6616 | F5 | Unspecified vulnerability in F5 products On BIG-IP 14.0.0-14.1.0.1, 13.0.0-13.1.1.4, 12.1.0-12.1.4, 11.6.1-11.6.3.4, and 11.5.2-11.5.8, administrative users with TMSH access can overwrite critical system files on BIG-IP which can result in bypass of whitelist / blacklist restrictions enforced by appliance mode. | 7.2 |
2019-05-03 | CVE-2019-1803 | Cisco | Permissions, Privileges, and Access Controls vulnerability in Cisco Nexus 9000 Series Application Centric Infrastructure A vulnerability in the filesystem management for the Cisco Nexus 9000 Series Application Centric Infrastructure (ACI) Mode Switch Software could allow an authenticated, local attacker with administrator rights to gain elevated privileges as the root user on an affected device. | 7.2 |
2019-05-03 | CVE-2019-1709 | Cisco | OS Command Injection vulnerability in Cisco products A vulnerability in the CLI of Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to perform a command injection attack. | 7.2 |
2019-05-03 | CVE-2019-1699 | Cisco | OS Command Injection vulnerability in Cisco Firepower Management Center A vulnerability in the CLI of Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, local attacker to perform a command injection attack. | 7.2 |
2019-05-03 | CVE-2019-1682 | Cisco | Permissions, Privileges, and Access Controls vulnerability in Cisco Application Policy Infrastructure Controller 3.2(2L) A vulnerability in the FUSE filesystem functionality for Cisco Application Policy Infrastructure Controller (APIC) software could allow an authenticated, local attacker to escalate privileges to root on an affected device. | 7.2 |
2019-05-03 | CVE-2019-1592 | Cisco | Improper Input Validation vulnerability in Cisco Nx-Os 14.1(0.90) A vulnerability in the background operations functionality of Cisco Nexus 9000 Series Application Centric Infrastructure (ACI) Mode Switch Software could allow an authenticated, local attacker to gain elevated privileges as root on an affected device. | 7.2 |
2019-04-29 | CVE-2019-11599 | Linux | Improper Locking vulnerability in Linux Kernel The coredump implementation in the Linux kernel before 5.0.10 does not use locking or other mechanisms to prevent vma layout or vma flags changes while it runs, which allows local users to obtain sensitive information, cause a denial of service, or possibly have unspecified other impact by triggering a race condition with mmget_not_zero or get_task_mm calls. | 7.0 |
2019-04-29 | CVE-2019-8454 | Checkpoint | Link Following vulnerability in Checkpoint Endpoint Security A local attacker can create a hard-link between a file to which the Check Point Endpoint Security client for Windows before E80.96 writes and another BAT file, then by impersonating the WPAD server, the attacker can write BAT commands into that file that will later be run by the user or the system. | 7.0 |
118 Medium Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2019-05-02 | CVE-2019-11675 | Groonga | Race Condition vulnerability in Groonga Groonga-Httpd 6.5.11 The groonga-httpd package 6.1.5-1 for Debian sets the /var/log/groonga ownership to the groonga account, which might let local users obtain root access because of unsafe interaction with logrotate. | 6.9 |
2019-04-30 | CVE-2018-19374 | Zohocorp | Incorrect Permission Assignment for Critical Resource vulnerability in Zohocorp Manageengine Admanager Plus 6.6 Zoho ManageEngine ADManager Plus 6.6 Build 6657 allows local users to gain privileges (after a reboot) by placing a Trojan horse file into the permissive bin directory. | 6.9 |
2019-05-03 | CVE-2019-1857 | Cisco | Cross-Site Request Forgery (CSRF) vulnerability in Cisco products A vulnerability in the web-based management interface of Cisco HyperFlex HX-Series could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack and perform arbitrary actions on an affected system. | 6.8 |
2019-05-03 | CVE-2019-1807 | Cisco | Session Fixation vulnerability in Cisco Umbrella A vulnerability in the session management functionality of the web UI for the Cisco Umbrella Dashboard could allow an authenticated, remote attacker to access the Dashboard via an active, user session. | 6.8 |
2019-05-03 | CVE-2019-1724 | Cisco | Improper Authentication vulnerability in Cisco products A vulnerability in the session management functionality of the web-based interface for Cisco Small Business RV320 and RV325 Dual Gigabit WAN VPN Routers could allow an unauthenticated, remote attacker to hijack a valid user session on an affected system. | 6.8 |
2019-05-03 | CVE-2019-1590 | Cisco | Improper Certificate Validation vulnerability in Cisco Nx-Os 14.1(0.90)/8.3(0)Sk(0.39) A vulnerability in the Transport Layer Security (TLS) certificate validation functionality of Cisco Nexus 9000 Series Application Centric Infrastructure (ACI) Mode Switch Software could allow an unauthenticated, remote attacker to perform insecure TLS client authentication on an affected device. | 6.8 |
2019-05-01 | CVE-2019-11640 | GNU | Out-of-bounds Write vulnerability in GNU Recutils 1.8 An issue was discovered in GNU recutils 1.8. | 6.8 |
2019-05-01 | CVE-2019-11639 | GNU | Out-of-bounds Write vulnerability in GNU Recutils 1.8 An issue was discovered in GNU recutils 1.8. | 6.8 |
2019-04-30 | CVE-2019-11617 | Doorgets | Cross-Site Request Forgery (CSRF) vulnerability in Doorgets CMS 7.0 doorGets 7.0 has a CSRF vulnerability in /doorgets/app/requests/user/configurationRequest.php. | 6.8 |
2019-04-30 | CVE-2019-11193 | Infinitumit | Cross-Site Request Forgery (CSRF) vulnerability in Infinitumit Directadmin 1.561 The FileManager in InfinitumIT DirectAdmin through v1.561 has XSS via CMD_FILE_MANAGER, CMD_SHOW_USER, and CMD_SHOW_RESELLER; an attacker can bypass the CSRF protection with this, and take over the administration panel. | 6.8 |
2019-04-30 | CVE-2018-15206 | Bpcbt | Cross-Site Request Forgery (CSRF) vulnerability in Bpcbt Smartvista 2 BPC SmartVista 2 has CSRF via SVFE2/pages/admpages/roles/createrole.jsf. | 6.8 |
2019-04-30 | CVE-2018-14930 | Polarisft | Cross-Site Request Forgery (CSRF) vulnerability in Polarisft Intellect Core Banking 9.7.1 An issue was discovered in the Armor module in Polaris FT Intellect Core Banking 9.7.1. | 6.8 |
2019-04-29 | CVE-2018-5123 | Mozilla | Cross-Site Request Forgery (CSRF) vulnerability in Mozilla Bugzilla A third party website can access information available to a user with access to a restricted bug entry using the image generation in report.cgi in all Bugzilla versions prior to 4.4. | 6.8 |
2019-04-29 | CVE-2019-11595 | Ublockorigin | Improper Input Validation vulnerability in Ublockorigin Ublock Origin In uBlock before 0.9.5.15, the $rewrite filter option allows filter-list maintainers to run arbitrary code in a client-side session when a web service loads a script for execution using XMLHttpRequest or Fetch, and the script origin has an open redirect. | 6.8 |
2019-04-29 | CVE-2019-11594 | Getadblock | Code Injection vulnerability in Getadblock Adblock In AdBlock before 3.45.0, the $rewrite filter option allows filter-list maintainers to run arbitrary code in a client-side session when a web service loads a script for execution using XMLHttpRequest or Fetch, and the script origin has an open redirect. | 6.8 |
2019-04-29 | CVE-2019-11593 | Adblockplus | Code Injection vulnerability in Adblockplus Adblock Plus In Adblock Plus before 3.5.2, the $rewrite filter option allows filter-list maintainers to run arbitrary code in a client-side session when a web service loads a script for execution using XMLHttpRequest or Fetch, and the script origin has an open redirect. | 6.8 |
2019-04-29 | CVE-2019-11590 | 10Web | Inclusion of Functionality from Untrusted Control Sphere vulnerability in 10Web Form Maker The 10Web Form Maker plugin before 1.13.5 for WordPress allows CSRF via the wp-admin/admin-ajax.php action parameter, with resultant local file inclusion via directory traversal, because there can be a discrepancy between the $_POST['action'] value and the $_GET['action'] value, and the latter is unsanitized. | 6.8 |
2019-05-03 | CVE-2019-1836 | Cisco | Path Traversal vulnerability in Cisco Nx-Os 14.0(3D) A vulnerability in the system shell for Cisco Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) mode could allow an authenticated, local attacker to use symbolic links to overwrite system files. | 6.6 |
2019-05-03 | CVE-2019-6617 | F5 | Improper Privilege Management vulnerability in F5 products On BIG-IP 14.0.0-14.1.0.1, 13.0.0-13.1.1.4, 12.1.0-12.1.4, 11.6.1-11.6.3.4, and 11.5.2-11.5.8, a user with the Resource Administrator role is able to overwrite sensitive low-level files (such as /etc/passwd) using SFTP to modify user permissions, without Advanced Shell access. | 6.5 |
2019-05-03 | CVE-2019-6614 | F5 | Unspecified vulnerability in F5 products On BIG-IP 14.0.0-14.1.0.1, 13.0.0-13.1.1.4, and 12.1.0-12.1.4, internal methods used to prevent arbitrary file overwrites in Appliance Mode were not fully effective. | 6.5 |
2019-05-03 | CVE-2019-3894 | Redhat | Unspecified vulnerability in Redhat Jboss Enterprise Application Platform and Wildfly It was discovered that the ElytronManagedThread in Wildfly's Elytron subsystem in versions from 11 to 16 stores a SecurityIdentity to run the thread as. | 6.5 |
2019-05-03 | CVE-2019-1859 | Cisco | Incorrect Authorization vulnerability in Cisco products A vulnerability in the Secure Shell (SSH) authentication process of Cisco Small Business Switches software could allow an attacker to bypass client-side certificate authentication and revert to password authentication. | 6.5 |
2019-05-03 | CVE-2019-1695 | Cisco | Unspecified vulnerability in Cisco Adaptive Security Appliance Software A vulnerability in the detection engine of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, adjacent attacker to send data directly to the kernel of an affected device. | 6.5 |
2019-05-03 | CVE-2019-1693 | Cisco | Unspecified vulnerability in Cisco Adaptive Security Appliance Software A vulnerability in the WebVPN service of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. | 6.5 |
2019-04-30 | CVE-2019-0214 | Apache | Unspecified vulnerability in Apache Archiva In Apache Archiva 2.0.0 - 2.2.3, it is possible to write files to the archiva server at arbitrary locations by using the artifact upload mechanism. | 6.5 |
2019-04-30 | CVE-2019-0213 | Apache | Cross-site Scripting vulnerability in Apache Archiva In Apache Archiva before 2.2.4, it may be possible to store malicious XSS code into central configuration entries, i.e. | 6.5 |
2019-04-30 | CVE-2019-11615 | Doorgets | Unrestricted Upload of File with Dangerous Type vulnerability in Doorgets CMS 7.0 /fileman/php/upload.php in doorGets 7.0 has an arbitrary file upload vulnerability. | 6.5 |
2019-04-30 | CVE-2018-15207 | Bpcbt | Improper Privilege Management vulnerability in Bpcbt Smartvista 2 BPC SmartVista 2 has Improper Access Control in the SVFE module, where it fails to appropriately restrict access: a normal user is able to access the SVFE2/pages/finadmin/currconvrate/currconvrate.jsf functionality that should be only accessible to an admin. | 6.5 |
2019-04-30 | CVE-2018-14874 | Polarisft | SQL Injection vulnerability in Polarisft Intellect Core Banking 9.7.1 An issue was discovered in the Armor module in Polaris FT Intellect Core Banking 9.7.1. | 6.5 |
2019-04-30 | CVE-2019-10308 | Jenkins | Missing Authorization vulnerability in Jenkins Static Analysis Utilities A missing permission check in Jenkins Static Analysis Utilities Plugin 1.95 and earlier in the DefaultGraphConfigurationView#doSave form handler method allowed attackers with Overall/Read permission to change the per-job default graph configuration for all users. | 6.5 |
2019-04-30 | CVE-2019-10307 | Jenkins | Cross-Site Request Forgery (CSRF) vulnerability in Jenkins Static Analysis Utilities A cross-site request forgery vulnerability in Jenkins Static Analysis Utilities Plugin 1.95 and earlier in the DefaultGraphConfigurationView#doSave form handler method allowed attackers to change the per-job default graph configuration for all users. | 6.5 |
2019-04-30 | CVE-2019-11612 | Doorgets | Path Traversal vulnerability in Doorgets CMS 7.0 doorGets 7.0 has an arbitrary file deletion vulnerability in /fileman/php/deletefile.php. | 6.4 |
2019-04-30 | CVE-2019-11609 | Doorgets | Path Traversal vulnerability in Doorgets CMS 7.0 doorGets 7.0 has a sensitive information disclosure vulnerability in /fileman/php/movefile.php. | 6.4 |
2019-04-30 | CVE-2019-11608 | Doorgets | Path Traversal vulnerability in Doorgets CMS 7.0 doorGets 7.0 has a sensitive information disclosure vulnerability in /fileman/php/renamefile.php. | 6.4 |
2019-04-30 | CVE-2018-20835 | TAR FS Project | Improper Input Validation vulnerability in Tar-Fs Project Tar-Fs A vulnerability was found in tar-fs before 1.16.2. | 6.4 |
2019-04-30 | CVE-2018-20834 | Node TAR Project | Link Following vulnerability in Node-Tar Project Node-Tar A vulnerability was found in node-tar before version 4.4.2 (excluding version 2.2.2). | 6.4 |
2019-05-02 | CVE-2019-3490 | Microfocus | Cross-site Scripting vulnerability in Microfocus Open Enterprise Server 2015.1/2018.0/2018.1 A DOM based XSS vulnerability has been identified in the Netstorage component of Open Enterprise Server (OES) allowing a remote attacker to execute javascript in the victims browser by tricking the victim into clicking on a specially crafted link. | 6.1 |
2019-05-01 | CVE-2018-8035 | Apache | Cross-site Scripting vulnerability in Apache Uimaducc This vulnerability relates to the user's browser processing of DUCC webpage input data.The javascript comprising Apache UIMA DUCC (<= 2.2.2) which runs in the user's browser does not sufficiently filter user supplied inputs, which may result in unintended execution of user supplied javascript code. | 6.1 |
2019-04-30 | CVE-2019-4166 | IBM | Open Redirect vulnerability in IBM Storediq IBM StoredIQ 7.6 could allow a remote attacker to conduct phishing attacks, using an open redirect attack. | 6.1 |
2019-05-03 | CVE-2019-1705 | Cisco | Improper Resource Shutdown or Release vulnerability in Cisco Adaptive Security Appliance Software A vulnerability in the remote access VPN session manager of Cisco Adaptive Security Appliance (ASA) Software could allow a unauthenticated, remote attacker to cause a denial of service (DoS) condition on the remote access VPN services. | 5.9 |
2019-04-30 | CVE-2019-10317 | Jenkins | Improper Certificate Validation vulnerability in Jenkins Sitemonitor Jenkins SiteMonitor Plugin 0.5 and earlier disabled SSL/TLS and hostname verification globally for the Jenkins master JVM. | 5.9 |
2019-04-30 | CVE-2019-10314 | Jenkins | Improper Certificate Validation vulnerability in Jenkins Koji Jenkins Koji Plugin disables SSL/TLS and hostname verification globally for the Jenkins master JVM. | 5.9 |
2019-04-30 | CVE-2018-14931 | Polarisft | Open Redirect vulnerability in Polarisft Intellect Core Banking 9.7.1 An issue was discovered in the Core and Portal modules in Polaris FT Intellect Core Banking 9.7.1. | 5.8 |
2019-04-29 | CVE-2019-11598 | Imagemagick | Out-of-bounds Read vulnerability in Imagemagick 7.0.840 In ImageMagick 7.0.8-40 Q16, there is a heap-based buffer over-read in the function WritePNMImage of coders/pnm.c, which allows an attacker to cause a denial of service or possibly information disclosure via a crafted image file. | 5.8 |
2019-04-29 | CVE-2019-11597 | Imagemagick | Out-of-bounds Read vulnerability in Imagemagick 7.0.843 In ImageMagick 7.0.8-43 Q16, there is a heap-based buffer over-read in the function WriteTIFFImage of coders/tiff.c, which allows an attacker to cause a denial of service or possibly information disclosure via a crafted image file. | 5.8 |
2019-05-01 | CVE-2019-11632 | Octopus | Improper Privilege Management vulnerability in Octopus Deploy and Octopus Server In Octopus Deploy 2019.1.0 through 2019.3.1 and 2019.4.0 through 2019.4.5, an authenticated user with the VariableViewUnscoped or VariableEditUnscoped permission scoped to a specific project could view or edit unscoped variables from a different project. | 5.5 |
2019-04-30 | CVE-2019-11624 | Doorgets | Path Traversal vulnerability in Doorgets CMS 7.0 doorGets 7.0 has an arbitrary file deletion vulnerability in /doorgets/app/requests/user/configurationRequest.php. | 5.5 |
2019-04-30 | CVE-2018-20509 | Linux | Information Exposure vulnerability in Linux Kernel 4.14.90 The print_binder_ref_olocked function in drivers/android/binder.c in the Linux kernel 4.14.90 allows local users to obtain sensitive address information by reading " ref *desc *node" lines in a debugfs file. | 5.5 |
2019-04-30 | CVE-2019-6494 | Iobit | Unspecified vulnerability in Iobit Malware Fighter 6.2 IMFForceDelete.sys in IObit Malware Fighter 6.2 allows a low privileged user to send IOCTL 0x8016E000 along with a user defined string to a file; that file will be promptly deleted regardless of access controls. | 5.5 |
2019-05-01 | CVE-2019-6562 | Philips | Cross-site Scripting vulnerability in Philips Tasy EMR 3.02.1744 In Philips Tasy EMR, Tasy EMR Versions 3.02.1744 and prior, the software incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users. | 5.4 |
2019-05-01 | CVE-2019-4258 | IBM | Cross-site Scripting vulnerability in IBM Sterling B2B Integrator 6.0.0.0/6.0.0.1 IBM Sterling B2B Integrator 6.0.0.0 and 6.0.0.1 Standard Edition is vulnerable to cross-site scripting. | 5.4 |
2019-05-03 | CVE-2019-6613 | F5 | Cleartext Transmission of Sensitive Information vulnerability in F5 products On BIG-IP 13.0.0-13.1.1.4, 12.1.0-12.1.4, 11.6.1-11.6.3.4, and 11.5.2-11.5.8, SNMP may expose sensitive configuration objects over insecure transmission channels. | 5.3 |
2019-04-30 | CVE-2019-3928 | Crestron | Unspecified vulnerability in Crestron Am-100 Firmware and Am-101 Firmware Crestron AM-100 with firmware 1.6.0.2 and AM-101 with firmware 2.7.0.2 allow any user to obtain the presentation passcode via the iso.3.6.1.4.1.3212.100.3.2.7.4 OIDs. | 5.3 |
2019-04-30 | CVE-2018-15208 | Bpcbt | Session Fixation vulnerability in Bpcbt Smartvista 2 BPC SmartVista 2 has Session Fixation via the JSESSIONID parameter. | 5.1 |
2019-05-05 | CVE-2019-11767 | Phpbb | Server-Side Request Forgery (SSRF) vulnerability in PHPbb Server side request forgery (SSRF) in phpBB before 3.2.6 allows checking for the existence of files and services on the local network of the host through the remote avatar upload function. | 5.0 |
2019-05-03 | CVE-2019-1844 | Cisco | Improper Input Validation vulnerability in Cisco Email Security Appliance 11.1.0131 A vulnerability in certain attachment detection mechanisms of the Cisco Email Security Appliance (ESA) could allow an unauthenticated, remote attacker to bypass the filtering functionality of an affected device. | 5.0 |
2019-05-03 | CVE-2019-1715 | Cisco | Insufficient Entropy in PRNG vulnerability in Cisco products A vulnerability in the Deterministic Random Bit Generator (DRBG), also known as Pseudorandom Number Generator (PRNG), used in Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to cause a cryptographic collision, enabling the attacker to discover the private key of an affected device. | 5.0 |
2019-05-03 | CVE-2019-1704 | Cisco | Resource Exhaustion vulnerability in Cisco Firepower Threat Defense Multiple vulnerabilities in the Server Message Block (SMB) Protocol preprocessor detection engine for Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, adjacent or remote attacker to cause a denial of service (DoS) condition. | 5.0 |
2019-05-03 | CVE-2019-1692 | Cisco | Information Exposure vulnerability in Cisco Application Policy Infrastructure Controller 4.1(0.88A)/8.3(1)S6 A vulnerability in the web-based management interface of Cisco Application Policy Infrastructure Controller (APIC) Software could allow an unauthenticated, remote attacker to access sensitive system usage information. | 5.0 |
2019-05-02 | CVE-2019-9826 | Phpbb | Improper Input Validation vulnerability in PHPbb The fulltext search component in phpBB before 3.2.6 allows Denial of Service. | 5.0 |
2019-05-02 | CVE-2018-16988 | Xdmod | Weak Password Recovery Mechanism for Forgotten Password vulnerability in Xdmod Open Xdmod An issue was discovered in Open XDMoD through 7.5.0. | 5.0 |
2019-05-02 | CVE-2018-16961 | Buffalo | Path Traversal vulnerability in Buffalo Open Xdmod 7.5.0 An issue was discovered in Open XDMoD through 7.5.0. | 5.0 |
2019-05-01 | CVE-2019-11641 | Anomali | Use of Insufficiently Random Values vulnerability in Anomali Agave Anomali Agave (formerly Drupot) through 1.0.0 fails to avoid fingerprinting by including predictable data and minimal variation in size within HTML templates, giving attackers the ability to detect and avoid this system. | 5.0 |
2019-05-01 | CVE-2019-11636 | Z Cash | 7PK - Security Features vulnerability in Z.Cash Zcash Zcash 2.x allows an inexpensive approach to "fill all transactions of all blocks" and "prevent any real transaction from occurring" via a "Sapling Wood-Chipper" attack. | 5.0 |
2019-05-01 | CVE-2018-1608 | IBM | Inadequate Encryption Strength vulnerability in IBM Rational Engineering Lifecycle Manager IBM Rational Engineering Lifecycle Manager 6.0 through 6.0.6 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. | 5.0 |
2019-05-01 | CVE-2019-11633 | Honeypress Project | Information Exposure vulnerability in Honeypress Project Honeypress 20160927 HoneyPress through 2016-09-27 can be fingerprinted by attackers because of the ingrained unique www.atxsec.com and ayylmao.wpengine.com hostnames within the fake WordPress templates. | 5.0 |
2019-04-30 | CVE-2019-3936 | Crestron | Unspecified vulnerability in Crestron Am-100 Firmware and Am-101 Firmware Crestron AM-100 with firmware 1.6.0.2 and AM-101 with firmware 2.7.0.2 is vulnerable to denial of service via a crafted request to TCP port 389. | 5.0 |
2019-04-30 | CVE-2019-3934 | Crestron | Forced Browsing vulnerability in Crestron Am-100 Firmware and Am-101 Firmware Crestron AM-100 with firmware 1.6.0.2 and AM-101 with firmware 2.7.0.2 allows anyone to bypass the presentation code sending a crafted HTTP POST request to login.cgi. | 5.0 |
2019-04-30 | CVE-2019-3933 | Crestron | Forced Browsing vulnerability in Crestron Am-100 Firmware and Am-101 Firmware Crestron AM-100 with firmware 1.6.0.2 and AM-101 with firmware 2.7.0.2 allows anyone to bypass the presentation code simply by requesting /images/browserslide.jpg via HTTP. | 5.0 |
2019-04-30 | CVE-2019-3927 | Crestron | Improper Authentication vulnerability in Crestron Am-100 Firmware and Am-101 Firmware Crestron AM-100 with firmware 1.6.0.2 and AM-101 with firmware 2.7.0.2 anyone can change the administrator and moderator passwords via the iso.3.6.1.4.1.3212.100.3.2.8.1 and iso.3.6.1.4.1.3212.100.3.2.8.2 OIDs. | 5.0 |
2019-04-30 | CVE-2019-11626 | Doorgets | Pathname Traversal and Equivalence Errors vulnerability in Doorgets CMS 7.0 routers/ajaxRouter.php in doorGets 7.0 has a web site physical path leakage vulnerability, as demonstrated by an ajax/index.php?uri=1234%5c request. | 5.0 |
2019-04-30 | CVE-2019-11616 | Doorgets | Unspecified vulnerability in Doorgets CMS 7.0 doorGets 7.0 has a sensitive information disclosure vulnerability in /setup/temp/admin.php and /setup/temp/database.php. | 5.0 |
2019-04-30 | CVE-2019-11614 | Doorgets | SQL Injection vulnerability in Doorgets CMS 7.0 doorGets 7.0 has a SQL injection vulnerability in /doorgets/app/views/ajax/commentView.php. | 5.0 |
2019-04-30 | CVE-2019-11611 | Doorgets | Path Traversal vulnerability in Doorgets CMS 7.0 doorGets 7.0 has a sensitive information disclosure vulnerability in /fileman/php/download.php. | 5.0 |
2019-04-30 | CVE-2019-11610 | Doorgets | Path Traversal vulnerability in Doorgets CMS 7.0 doorGets 7.0 has a sensitive information disclosure vulnerability in /fileman/php/downloaddir.php. | 5.0 |
2019-04-30 | CVE-2019-11607 | Doorgets | Path Traversal vulnerability in Doorgets CMS 7.0 doorGets 7.0 has a sensitive information disclosure vulnerability in /fileman/php/copydir.php. | 5.0 |
2019-04-30 | CVE-2019-11606 | Doorgets | Path Traversal vulnerability in Doorgets CMS 7.0 doorGets 7.0 has a sensitive information disclosure vulnerability in /fileman/php/copyfile.php. | 5.0 |
2019-04-30 | CVE-2019-9621 | Zimbra | Server-Side Request Forgery (SSRF) vulnerability in Zimbra Collaboration Server Zimbra Collaboration Suite before 8.6 patch 13, 8.7.x before 8.7.11 patch 10, and 8.8.x before 8.8.10 patch 7 or 8.8.x before 8.8.11 patch 3 allows SSRF via the ProxyServlet component. | 5.0 |
2019-04-30 | CVE-2019-3399 | Atlassian | Missing Authorization vulnerability in Atlassian Jira The BrowseProjects.jspa resource in Jira before version 7.13.2, and from version 8.0.0 before version 8.0.2 allows remote attackers to see information for archived projects through a missing authorisation check. | 5.0 |
2019-04-29 | CVE-2018-2007 | IBM | Inadequate Encryption Strength vulnerability in IBM API Connect IBM API Connect 2018.1 and 2018.4.1.2 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. | 5.0 |
2019-04-29 | CVE-2018-1961 | IBM | Information Exposure vulnerability in IBM Emptoris Contract Management IBM Emptoris Contract Management 10.0.0 and 10.1.3.0 could disclose sensitive information from detailed information from error messages. | 5.0 |
2019-04-29 | CVE-2019-5492 | Netapp | Unspecified vulnerability in Netapp products Element Plug-in for vCenter Server versions prior to 4.2.3 may disclose sensitive account information to an unauthenticated attacker. | 5.0 |
2019-05-03 | CVE-2019-6615 | F5 | Unspecified vulnerability in F5 products On BIG-IP 14.0.0-14.1.0.1, 13.0.0-13.1.1.4, 12.1.0-12.1.4, 11.6.1-11.6.3.4, and 11.5.2-11.5.8, Administrator and Resource Administrator roles might exploit TMSH access to bypass Appliance Mode restrictions on BIG-IP systems. | 4.9 |
2019-05-03 | CVE-2019-1701 | Cisco | Cross-site Scripting vulnerability in Cisco Adaptive Security Appliance Software Multiple vulnerabilities in the WebVPN service of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the WebVPN portal of an affected device. | 4.8 |
2019-05-03 | CVE-2019-3805 | Redhat | Improper Privilege Management vulnerability in Redhat Jboss Enterprise Application Platform and Wildfly A flaw was discovered in wildfly versions up to 16.0.0.Final that would allow local users who are able to execute init.d script to terminate arbitrary processes on the system. | 4.7 |
2019-05-03 | CVE-2019-6158 | Lenovo | Information Exposure Through Log Files vulnerability in Lenovo Xclarity Administrator An internal product security audit of Lenovo XClarity Administrator (LXCA) discovered HTTP proxy credentials being written to a log file in clear text. | 4.3 |
2019-05-03 | CVE-2019-3400 | Atlassian | Cross-site Scripting vulnerability in Atlassian Jira Server The labels gadget in Jira before version 7.13.2, and from version 8.0.0 before version 8.0.2 allows remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability in the jql parameter. | 4.3 |
2019-05-03 | CVE-2018-20824 | Atlassian | Cross-site Scripting vulnerability in Atlassian Jira The WallboardServlet resource in Jira before version 7.13.1 allows remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability in the cyclePeriod parameter. | 4.3 |
2019-05-03 | CVE-2019-1856 | Cisco | Cross-site Scripting vulnerability in Cisco Prime Collaboration Assurance 12.1 A vulnerability in the web-based management interface of Cisco Prime Collaboration Assurance (PCA) could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device. | 4.3 |
2019-05-03 | CVE-2019-1852 | Cisco | Cross-site Scripting vulnerability in Cisco Network Registrar 9.1(2) A vulnerability in the web-based management interface of Cisco Prime Network Registrar could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based interface. | 4.3 |
2019-05-03 | CVE-2019-11690 | Denx | Use of Insufficiently Random Values vulnerability in Denx U-Boot gen_rand_uuid in lib/uuid.c in Das U-Boot v2014.04 through v2019.04 lacks an srand call, which allows attackers to determine UUID values in scenarios where CONFIG_RANDOM_UUID is enabled, and Das U-Boot is relied upon for UUID values of a GUID Partition Table of a boot device. | 4.3 |
2019-05-02 | CVE-2018-16960 | Buffalo | Cross-site Scripting vulnerability in Buffalo Open Xdmod 7.5.0 An issue was discovered in Open XDMoD through 7.5.0. | 4.3 |
2019-05-02 | CVE-2018-16718 | NIH | Cross-site Scripting vulnerability in NIH Ncbi Toolbox 2.0.7/2.2.26 An XSS vulnerability exists in wwwblast.c in the 2.0.7 through 2.2.26 legacy versions of the NCBI ToolBox via a crafted -z1 argument. | 4.3 |
2019-05-02 | CVE-2018-10383 | Lantronix | Cross-site Scripting vulnerability in Lantronix Securelinx Spider Firmware Lantronix SecureLinx Spider (SLS) 2.2+ devices have XSS in the auth.asp login page. | 4.3 |
2019-05-02 | CVE-2018-12404 | Mozilla | Unspecified vulnerability in Mozilla Network Security Services A cached side channel attack during handshakes using RSA encryption could allow for the decryption of encrypted content. | 4.3 |
2019-05-02 | CVE-2018-2015 | IBM | Improper Input Validation vulnerability in IBM API Connect IBM API Connect 2018.1 and 2018.4.1.4 could allow a remote attacker to hijack the clicking action of the victim. | 4.3 |
2019-05-02 | CVE-2019-11676 | Zohocorp | Cross-site Scripting vulnerability in Zohocorp Manageengine Firewall Analyzer The user defined DNS name in Zoho ManageEngine Firewall Analyzer before 12.3 Build 123224 is vulnerable to stored XSS attacks. | 4.3 |
2019-05-01 | CVE-2019-11638 | GNU | NULL Pointer Dereference vulnerability in GNU Recutils 1.8 An issue was discovered in GNU recutils 1.8. | 4.3 |
2019-05-01 | CVE-2019-11637 | GNU | NULL Pointer Dereference vulnerability in GNU Recutils 1.8 An issue was discovered in GNU recutils 1.8. | 4.3 |
2019-04-30 | CVE-2019-10272 | Weaver | CRLF Injection vulnerability in Weaver E-Cology 9.0 An issue was discovered in Weaver e-cology 9.0. | 4.3 |
2019-04-30 | CVE-2015-9286 | Nodebb | Cross-site Scripting vulnerability in Nodebb Controllers.outgoing in controllers/index.js in NodeBB before 0.7.3 has outgoing XSS. | 4.3 |
2019-04-30 | CVE-2019-10312 | Jenkins | Missing Authorization vulnerability in Jenkins Ansible Tower A missing permission check in Jenkins Ansible Tower Plugin 0.9.1 and earlier in the TowerInstallation.TowerInstallationDescriptor#doFillTowerCredentialsIdItems method allowed attackers with Overall/Read permission to enumerate credentials ID of credentials stored in Jenkins. | 4.3 |
2019-04-29 | CVE-2019-4047 | IBM | Improper Privilege Management vulnerability in IBM Jazz Reporting Service 6.0.6 IBM Jazz Reporting Service (JRS) 6.0.6 could allow an authenticated user to access the execution log files as a guest user, and obtain the information of the server execution. | 4.3 |
2019-04-29 | CVE-2019-3562 | Oculus | Cross-site Scripting vulnerability in Oculus Browser A remote web page could inject arbitrary HTML code into the Oculus Browser UI, allowing an attacker to spoof UI and potentially execute code. | 4.3 |
2019-04-29 | CVE-2018-12384 | Mozilla | Incorrect Usage of Seeds in Pseudo-Random Number Generator (PRNG) vulnerability in Mozilla Network Security Services When handling a SSLv2-compatible ClientHello request, the server doesn't generate a new random value but sends an all-zero value instead. | 4.3 |
2019-04-29 | CVE-2019-11592 | Webidsupport | Cross-site Scripting vulnerability in Webidsupport Webid 1.2.2 WeBid 1.2.2 has reflected XSS via the id parameter to admin/deletenews.php, admin/editbannersuser.php, admin/editfaqscategory.php, or admin/excludeuser.php, or the offset parameter to admin/edituser.php. | 4.3 |
2019-04-29 | CVE-2015-9285 | Esotalk | Cross-site Scripting vulnerability in Esotalk 1.0.0 esoTalk 1.0.0g4 has XSS via the PATH_INFO to the conversations/ URI. | 4.3 |
2019-05-03 | CVE-2019-6618 | F5 | Unspecified vulnerability in F5 products On BIG-IP 14.0.0-14.1.0.1, 13.0.0-13.1.1.4, 12.1.0-12.1.4, 11.6.1-11.6.3.4, and 11.5.2-11.5.8, users with the Resource Administrator role can modify sensitive portions of the filesystem if provided Advanced Shell Access, such as editing /etc/passwd. | 4.0 |
2019-05-03 | CVE-2019-1854 | Cisco | Path Traversal vulnerability in Cisco Telepresence Video Communication Server X8.11.4 A vulnerability in the management web interface of Cisco Expressway Series could allow an authenticated, remote attacker to perform a directory traversal attack against an affected device. | 4.0 |
2019-05-03 | CVE-2019-1587 | Cisco | Resource Management Errors vulnerability in Cisco Nx-Os 8.3(0)Sk(0.39) A vulnerability in Cisco Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) mode could allow an authenticated, remote attacker to access sensitive information. | 4.0 |
2019-05-01 | CVE-2019-11628 | Qlik | Expression Language Injection vulnerability in Qlik Analytics, Qlik Sense and Qlikview Server An issue was discovered in QlikView Server before 11.20 SR19, 12.00 and 12.10 before 12.10 SR11, 12.20 before SR9, and 12.30 before SR2; and Qlik Sense Enterprise and Qlik Analytics Platform installations that lack these patch levels: February 2018 Patch 4, April 2018 Patch 3, June 2018 Patch 3, September 2018 Patch 4, November 2018 Patch 4, or February 2019 Patch 2. | 4.0 |
2019-04-30 | CVE-2019-11625 | Doorgets | SQL Injection vulnerability in Doorgets CMS 7.0 doorGets 7.0 has a SQL injection vulnerability in /doorgets/app/requests/user/emailingRequest.php. | 4.0 |
2019-04-30 | CVE-2019-11623 | Doorgets | SQL Injection vulnerability in Doorgets CMS 7.0 doorGets 7.0 has a SQL injection vulnerability in /doorgets/app/requests/user/configurationRequest.php when action=siteweb. | 4.0 |
2019-04-30 | CVE-2019-11622 | Doorgets | SQL Injection vulnerability in Doorgets CMS 7.0 doorGets 7.0 has a SQL injection vulnerability in /doorgets/app/requests/user/modulecategoryRequest.php. | 4.0 |
2019-04-30 | CVE-2019-11621 | Doorgets | SQL Injection vulnerability in Doorgets CMS 7.0 doorGets 7.0 has a SQL injection vulnerability in /doorgets/app/requests/user/configurationRequest.php when action=network. | 4.0 |
2019-04-30 | CVE-2019-11620 | Doorgets | SQL Injection vulnerability in Doorgets CMS 7.0 doorGets 7.0 has a SQL injection vulnerability in /doorgets/app/requests/user/modulecategoryRequest.php. | 4.0 |
2019-04-30 | CVE-2019-11619 | Doorgets | SQL Injection vulnerability in Doorgets CMS 7.0 doorGets 7.0 has a SQL injection vulnerability in /doorgets/app/requests/user/configurationRequest.php when action=analytics. | 4.0 |
2019-04-30 | CVE-2019-11613 | Doorgets | SQL Injection vulnerability in Doorgets CMS 7.0 doorGets 7.0 has a SQL injection vulnerability in /doorgets/app/views/ajax/contactView.php. | 4.0 |
11 Low Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2019-04-30 | CVE-2019-10131 | Imagemagick Redhat Debian Canonical Opensuse | Off-by-one Error vulnerability in multiple products An off-by-one read vulnerability was discovered in ImageMagick before version 7.0.7-28 in the formatIPTCfromBuffer function in coders/meta.c. | 3.6 |
2019-05-03 | CVE-2019-1838 | Cisco | Cross-site Scripting vulnerability in Cisco Application Policy Infrastructure Controller 3.2(5D)/4.0(3D) A vulnerability in the web-based management interface of Cisco Application Policy Infrastructure Controller (APIC) could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device. | 3.5 |
2019-05-01 | CVE-2018-1933 | IBM | Cross-site Scripting vulnerability in IBM Planning Analytics IBM Planning Analytics 2.0 through 2.0.6 is vulnerable to cross-site scripting. | 3.5 |
2019-04-30 | CVE-2018-14875 | Polarisft | Cross-site Scripting vulnerability in Polarisft Intellect Core Banking 9.7.1 An issue was discovered in the Core and Portal modules in Polaris FT Intellect Core Banking 9.7.1. | 3.5 |
2019-04-30 | CVE-2018-20239 | Atlassian | Cross-site Scripting vulnerability in Atlassian products Application Links before version 5.0.11, from version 5.1.0 before 5.2.10, from version 5.3.0 before 5.3.6, from version 5.4.0 before 5.4.12, and from version 6.0.0 before 6.0.4 allows remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability in the applinkStartingUrl parameter. | 3.5 |
2019-04-29 | CVE-2018-2004 | IBM | Cross-site Scripting vulnerability in IBM Jazz Reporting Service IBM Jazz Reporting Service (JRS) 6.0 through 6.0.6 is vulnerable to cross-site scripting. | 3.5 |
2019-05-03 | CVE-2019-1696 | Cisco | Resource Exhaustion vulnerability in Cisco products Multiple vulnerabilities in the Server Message Block (SMB) Protocol preprocessor detection engine for Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, adjacent or remote attacker to cause a denial of service (DoS) condition. | 3.3 |
2019-05-03 | CVE-2019-1589 | Cisco | Information Exposure vulnerability in Cisco Nx-Os 8.3(0)Sk(0.39) A vulnerability in the Trusted Platform Module (TPM) functionality of software for Cisco Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) mode could allow an unauthenticated, local attacker with physical access to view sensitive information on an affected device. | 2.1 |
2019-05-03 | CVE-2019-1586 | Cisco | Incomplete Cleanup vulnerability in Cisco Application Policy Infrastructure Controller 4.1(0.90A) A vulnerability in Cisco Application Policy Infrastructure Controller (APIC) Software could allow an unauthenticated, local attacker with physical access to obtain sensitive information from an affected device. | 2.1 |
2019-04-30 | CVE-2019-3937 | Crestron | Cleartext Storage of Sensitive Information vulnerability in Crestron Am-100 Firmware and Am-101 Firmware Crestron AM-100 with firmware 1.6.0.2 and AM-101 with firmware 2.7.0.2 stores usernames, passwords, slideshow passcode, and other configuration options in cleartext in the file /tmp/scfgdndf. | 2.1 |
2019-04-30 | CVE-2018-20510 | Linux | Information Exposure vulnerability in Linux Kernel 4.14.90 The print_binder_transaction_ilocked function in drivers/android/binder.c in the Linux kernel 4.14.90 allows local users to obtain sensitive address information by reading "*from *code *flags" lines in a debugfs file. | 2.1 |