Weekly Vulnerabilities Reports > May 6 to 12, 2019
Overview
196 new vulnerabilities reported during this period, including 36 critical vulnerabilities and 92 high severity vulnerabilities. This weekly summary report vulnerabilities in 288 products from 113 vendors including Google, Sierrawireless, Qualcomm, IBM, and Opensuse. Vulnerabilities are notably categorized as "Cross-site Scripting", "Information Exposure", "Out-of-bounds Write", "Cross-Site Request Forgery (CSRF)", and "Use After Free".
- 160 reported vulnerabilities are remotely exploitables.
- 32 reported vulnerabilities have public exploit available.
- 64 reported vulnerabilities are related to weaknesses in OWASP Top Ten.
- 143 reported vulnerabilities are exploitable by an anonymous user.
- Google has the most reported vulnerabilities, with 12 reported vulnerabilities.
- Google has the most reported critical vulnerabilities, with 3 reported vulnerabilities.
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
VULNERABILITIES
EXPLOITABLE
EXPLOITABLE
AVAILABLE
ANONYMOUSLY
WEB APPLICATION
Vulnerability Details
The following table list reported vulnerabilities for the period covered by this report:
36 Critical Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2019-05-10 | CVE-2019-1867 | Cisco | Improper Authentication vulnerability in Cisco Elastic Services Controller A vulnerability in the REST API of Cisco Elastic Services Controller (ESC) could allow an unauthenticated, remote attacker to bypass authentication on the REST API. | 10.0 |
2019-05-08 | CVE-2019-11510 | Ivanti | Path Traversal vulnerability in Ivanti Connect Secure 8.2/8.3/9.0 In Pulse Secure Pulse Connect Secure (PCS) 8.2 before 8.2R12.1, 8.3 before 8.3R7.1, and 9.0 before 9.0R3.4, an unauthenticated remote attacker can send a specially crafted URI to perform an arbitrary file reading vulnerability . | 10.0 |
2019-05-10 | CVE-2019-11066 | Lightopenid Project | Server-Side Request Forgery (SSRF) vulnerability in Lightopenid Project Lightopenid 1.3.0/1.3.1 openid.php in LightOpenID through 1.3.1 allows SSRF via a crafted OpenID 2.0 assertion request using the HTTP GET method. | 9.8 |
2019-05-10 | CVE-2019-11059 | Denx | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Denx U-Boot Das U-Boot 2016.11-rc1 through 2019.04 mishandles the ext4 64-bit extension, resulting in a buffer overflow. | 9.8 |
2019-05-10 | CVE-2018-7120 | HP | Unspecified vulnerability in HP Synergy Firmware 5.00.50 A security vulnerability in the HPE Virtual Connect SE 16Gb Fibre Channel Module for HPE Synergy running firmware 5.00.50, which is part of the HPE Synergy Custom SPP 2018.11.20190205, could allow local or remote unauthorized elevation of privilege. | 9.8 |
2019-05-10 | CVE-2018-7084 | Arubanetworks Siemens | OS Command Injection vulnerability in multiple products A command injection vulnerability is present that permits an unauthenticated user with access to the Aruba Instant web interface to execute arbitrary system commands within the underlying operating system. | 9.8 |
2019-05-10 | CVE-2017-12795 | Openmrs | Improper Input Validation vulnerability in Openmrs Openmrs-Module-Htmlformentry 3.3.2 OpenMRS openmrs-module-htmlformentry 3.3.2 is affected by: (Improper Input Validation). | 9.8 |
2019-05-10 | CVE-2015-1006 | Opto22 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Opto22 products A vulnerable file in Opto 22 PAC Project Professional versions prior to R9.4006, PAC Project Basic versions prior to R9.4006, PAC Display Basic versions prior to R9.4f, PAC Display Professional versions prior to R9.4f, OptoOPCServer versions prior to R9.4c, and OptoDataLink version R9.4d and prior versions that were installed by PAC Project installer, versions prior to R9.4006, is susceptible to a heap-based buffer overflow condition that may allow remote code execution on the target system. | 9.8 |
2019-05-09 | CVE-2017-12759 | Ynetinteractive | SQL Injection vulnerability in Ynetinteractive SOA School Management 3.0 Ynet Interactive - http://demo.ynetinteractive.com/soa/ SOA School Management 3.0 is affected by: SQL Injection. | 9.8 |
2019-05-09 | CVE-2017-12758 | Joomlaextensions | SQL Injection vulnerability in Joomlaextensions Component Appointment 1.1 https://www.joomlaextensions.co.in/ Joomla! Component Appointment 1.1 is affected by: SQL Injection. | 9.8 |
2019-05-09 | CVE-2017-12757 | Ambittechnologies | SQL Injection vulnerability in Ambittechnologies products Certain Ambit Technologies Pvt. | 9.8 |
2019-05-09 | CVE-2019-6548 | GE | Use of Hard-coded Credentials vulnerability in GE Communicator 3.15 GE Communicator, all versions prior to 4.0.517, contains two backdoor accounts with hardcoded credentials, which may allow control over the database. | 9.8 |
2019-05-09 | CVE-2019-11839 | F5 | Out-of-bounds Write vulnerability in F5 NJS njs through 0.3.1, used in NGINX, has a heap-based buffer overflow in Array.prototype.push after a resize, related to njs_array_prototype_push in njs/njs_array.c, because of njs_array_expand size mishandling. | 9.8 |
2019-05-09 | CVE-2019-11838 | F5 | Out-of-bounds Write vulnerability in F5 NJS njs through 0.3.1, used in NGINX, has a heap-based buffer overflow in Array.prototype.splice after a resize, related to njs_array_prototype_splice in njs/njs_array.c, because of njs_array_expand size mishandling. | 9.8 |
2019-05-09 | CVE-2019-11353 | Engeniustech | OS Command Injection vulnerability in Engeniustech Ews660Ap Firmware 2.0.284 The EnGenius EWS660AP router with firmware 2.0.284 allows an attacker to execute arbitrary commands using the built-in ping and traceroute utilities by using different payloads and injecting multiple parameters. | 9.8 |
2019-05-09 | CVE-2019-11835 | Cjson Project Oracle | Out-of-bounds Write vulnerability in multiple products cJSON before 1.7.11 allows out-of-bounds access, related to multiline comments. | 9.8 |
2019-05-09 | CVE-2019-11834 | Cjson Project Oracle | Out-of-bounds Write vulnerability in multiple products cJSON before 1.7.11 allows out-of-bounds access, related to \x00 in a string literal. | 9.8 |
2019-05-09 | CVE-2019-11831 | Typo3 Debian Fedoraproject Drupal Joomla | Deserialization of Untrusted Data vulnerability in multiple products The PharStreamWrapper (aka phar-stream-wrapper) package 2.x before 2.1.1 and 3.x before 3.1.1 for TYPO3 does not prevent directory traversal, which allows attackers to bypass a deserialization protection mechanism, as demonstrated by a phar:///path/bad.phar/../good.phar URL. | 9.8 |
2019-05-09 | CVE-2019-11830 | Typo3 | Deserialization of Untrusted Data vulnerability in Typo3 Pharstreamwrapper PharMetaDataInterceptor in the PharStreamWrapper (aka phar-stream-wrapper) package 2.x before 2.1.1 and 3.x before 3.1.1 for TYPO3 mishandles Phar stub parsing, which allows attackers to bypass a deserialization protection mechanism. | 9.8 |
2019-05-08 | CVE-2019-7442 | Cyberark | XXE vulnerability in Cyberark Enterprise Password Vault 10.6/10.7 An XML external entity (XXE) vulnerability in the Password Vault Web Access (PVWA) of CyberArk Enterprise Password Vault <=10.7 allows remote attackers to read arbitrary files or potentially bypass authentication via a crafted DTD in the SAML authentication system. | 9.8 |
2019-05-08 | CVE-2019-5021 | Gliderlabs Opensuse F5 | Versions of the Official Alpine Linux Docker images (since v3.3) contain a NULL password for the `root` user. | 9.8 |
2019-05-08 | CVE-2019-2047 | Type Confusion vulnerability in Google Android In UpdateLoadElement of ic.cc, there is a possible out-of-bounds write due to type confusion. | 9.8 | |
2019-05-08 | CVE-2019-2046 | Integer Overflow or Wraparound vulnerability in Google Android In CalculateInstanceSizeForDerivedClass of objects.cc, there is possible memory corruption due to an integer overflow. | 9.8 | |
2019-05-08 | CVE-2019-2045 | Out-of-bounds Write vulnerability in Google Android In JSCallTyper of typer.cc, there is an out of bounds write due to an incorrect bounds check. | 9.8 | |
2019-05-08 | CVE-2019-9505 | Printerlogic | Unspecified vulnerability in Printerlogic Print Management 18.3.1.96 The PrinterLogic Print Management software, versions up to and including 18.3.1.96, does not sanitize special characters allowing for remote unauthorized changes to configuration files. | 9.8 |
2019-05-08 | CVE-2018-5409 | Printerlogic | Origin Validation Error vulnerability in Printerlogic Print Management 18.3.1.96 The PrinterLogic Print Management software, versions up to and including 18.3.1.96, updates and executes the code without sufficiently verifying the origin and integrity of the code. | 9.8 |
2019-05-08 | CVE-2019-8387 | Barni | Unspecified vulnerability in Barni Master IP Camera01 Firmware 3.3.4.2103 MASTER IPCAMERA01 3.3.4.2103 devices allow Remote Command Execution, related to the thttpd component. | 9.8 |
2019-05-07 | CVE-2019-10712 | Wago | Use of Hard-coded Credentials vulnerability in Wago products The Web-GUI on WAGO Series 750-88x (750-330, 750-352, 750-829, 750-831, 750-852, 750-880, 750-881, 750-882, 750-884, 750-885, 750-889) and Series 750-87x (750-830, 750-849, 750-871, 750-872, 750-873) devices has undocumented service access. | 9.8 |
2019-05-07 | CVE-2018-6634 | Parsecgaming | Insufficient Session Expiration vulnerability in Parsecgaming Parsec 1420/1421 A vulnerability in Parsec Windows 142-0 and Parsec 'Linux Ubuntu 16.04 LTS Desktop' Build 142-1 allows unauthorized users to maintain access to an account. | 9.8 |
2019-05-07 | CVE-2019-7745 | JIO | Unspecified vulnerability in JIO Jmr1140 Firmware Amteljmr1140R12.07 JioFi 4 jmr1140 Amtel_JMR1140_R12.07 devices allow remote attackers to obtain the Wi-Fi password by making a cgi-bin/qcmap_web_cgi Page=GetWiFi_Setting request and then reading the wpa_security_key field. | 9.8 |
2019-05-07 | CVE-2019-7564 | Coship | Missing Authentication for Critical Function vulnerability in Coship products An issue was discovered on Shenzhen Coship WM3300 WiFi Router 5.0.0.55 devices. | 9.8 |
2019-05-07 | CVE-2018-14485 | Blogengine | XXE vulnerability in Blogengine Blogengine.Net 3.3 BlogEngine.NET 3.3 allows XXE attacks via the POST body to metaweblog.axd. | 9.8 |
2019-05-07 | CVE-2018-13992 | Phoenixcontact | Missing Encryption of Sensitive Data vulnerability in Phoenixcontact products The WebUI of PHOENIX CONTACT FL SWITCH 3xxx, 4xxx, 48xx versions 1.0 to 1.34 allows for plaintext transmission (HTTP) of user credentials by default. | 9.8 |
2019-05-07 | CVE-2019-11560 | Hisilicon | Out-of-bounds Write vulnerability in Hisilicon Hi3516 Firmware A buffer overflow vulnerability in the streaming server provided by hisilicon in HI3516 models allows an unauthenticated attacker to remotely run arbitrary code by sending a special RTSP over HTTP packet. | 9.8 |
2019-05-06 | CVE-2018-13990 | Phoenixcontact | Improper Authentication vulnerability in Phoenixcontact products The WebUI of PHOENIX CONTACT FL SWITCH 3xxx, 4xxx, 48xx versions prior to 1.35 is vulnerable to brute-force attacks, because of Improper Restriction of Excessive Authentication Attempts. | 9.8 |
2019-05-06 | CVE-2019-5434 | Revive SAS | Deserialization of Untrusted Data vulnerability in Revive-Sas Revive Adserver An attacker could send a specifically crafted payload to the XML-RPC invocation script and trigger the unserialize() call on the "what" parameter in the "openads.spc" RPC method. | 9.8 |
92 High Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2019-05-10 | CVE-2018-1790 | IBM | Cross-Site Request Forgery (CSRF) vulnerability in IBM Financial Transaction Manager 3.0.2.0/3.0.2.1 IBM Financial Transaction Manager for Digital Payments for Multi-Platform 3.0.2 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. | 8.8 |
2019-05-10 | CVE-2017-12789 | Metinfo | Cross-Site Request Forgery (CSRF) vulnerability in Metinfo 5.3.18 Metinfo 5.3.18 is affected by: Cross Site Request Forgery (CSRF). | 8.8 |
2019-05-09 | CVE-2017-12760 | Ynetinteractive | SQL Injection vulnerability in Ynetinteractive Mobiketa 3.5 Ynet Interactive - http://demo.ynetinteractive.com/mobiketa/ Mobiketa 4.0 is affected by: SQL Injection. | 8.8 |
2019-05-09 | CVE-2019-4071 | IBM | Improper Neutralization of Formula Elements in a CSV File vulnerability in IBM products IBM Tivoli Storage Productivity Center (IBM Spectrum Control Standard Edition 5.2.1 through 5.2.17) could allow a remote attacker to execute arbitrary commands on the system, caused by improper validation of csv file contents. | 8.8 |
2019-05-08 | CVE-2019-8285 | Kaspersky | Out-of-bounds Write vulnerability in Kaspersky Antivirus Engine Kaspersky Lab Antivirus Engine version before 04.apr.2019 has a heap-based buffer overflow vulnerability that potentially allow arbitrary code execution | 8.8 |
2019-05-08 | CVE-2019-2044 | Out-of-bounds Write vulnerability in Google Android In MakeMP>G4VideoCodecSpecificData of APacketSource.cpp, there is a possible out-of-bounds write due to an incorrect bounds check. | 8.8 | |
2019-05-08 | CVE-2019-11642 | Oneshield | Code Injection vulnerability in Oneshield Policy A log poisoning vulnerability has been discovered in the OneShield Policy (Dragon Core) framework before 5.1.10. | 8.8 |
2019-05-07 | CVE-2018-2001 | IBM | Cross-Site Request Forgery (CSRF) vulnerability in IBM Curam Social Program Management IBM Cram Social Program Management 6.1.1, 6.2.0, 7.0.4, and 7.0.5 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. | 8.8 |
2019-05-07 | CVE-2018-13993 | Phoenixcontact | Cross-Site Request Forgery (CSRF) vulnerability in Phoenixcontact products The WebUI of PHOENIX CONTACT FL SWITCH 3xxx, 4xxx, 48xx versions 1.0 to 1.34 is prone to CSRF. | 8.8 |
2019-05-06 | CVE-2019-11569 | Veeam | Cross-Site Request Forgery (CSRF) vulnerability in Veeam ONE Reporter 9.5.0.3201 Veeam ONE Reporter 9.5.0.3201 allows CSRF. | 8.8 |
2019-05-06 | CVE-2019-10999 | Dlink | Out-of-bounds Write vulnerability in Dlink products The D-Link DCS series of Wi-Fi cameras contains a stack-based buffer overflow in alphapd, the camera's web server. | 8.8 |
2019-05-06 | CVE-2018-4073 | Sierrawireless | Incorrect Permission Assignment for Critical Resource vulnerability in Sierrawireless Airlink Es450 Firmware 4.9.3 An exploitable Permission Assignment vulnerability exists in the ACEManager EmbeddedAceSet_Task.cgi functionality of Sierra Wireless AirLink ES450 FW 4.9.3. | 8.8 |
2019-05-06 | CVE-2018-4072 | Sierrawireless | Incorrect Permission Assignment for Critical Resource vulnerability in Sierrawireless Airlink Es450 Firmware 4.9.3 An exploitable Permission Assignment vulnerability exists in the ACEManager EmbeddedAceSet_Task.cgi functionality of Sierra Wireless AirLink ES450 FW 4.9.3. | 8.8 |
2019-05-06 | CVE-2018-4071 | Sierrawireless | Information Exposure vulnerability in Sierrawireless Airlink Es450 Firmware 4.9.3 An exploitable Information Disclosure vulnerability exists in the ACEManager EmbeddedAceGet_Task.cgi functionality of Sierra Wireless AirLink ES450 FW 4.9.3. | 8.8 |
2019-05-06 | CVE-2018-4070 | Sierrawireless | Information Exposure vulnerability in Sierrawireless Airlink Es450 Firmware 4.9.3 An exploitable Information Disclosure vulnerability exists in the ACEManager EmbeddedAceGet_Task.cgi functionality of Sierra Wireless AirLink ES450 FW 4.9.3. | 8.8 |
2019-05-06 | CVE-2018-4066 | Sierrawireless | Cross-Site Request Forgery (CSRF) vulnerability in Sierrawireless Airlink Es450 Firmware 4.9.3 An exploitable cross-site request forgery vulnerability exists in the ACEManager functionality of Sierra Wireless AirLink ES450 FW 4.9.3. | 8.8 |
2019-05-06 | CVE-2018-4063 | Sierrawireless | Unrestricted Upload of File with Dangerous Type vulnerability in Sierrawireless Airlink Es450 Firmware 4.9.3 An exploitable remote code execution vulnerability exists in the upload.cgi functionality of Sierra Wireless AirLink ES450 FW 4.9.3. | 8.8 |
2019-05-06 | CVE-2018-4061 | Sierrawireless | OS Command Injection vulnerability in Sierrawireless Airlink Es450 Firmware 4.9.3 An exploitable command injection vulnerability exists in the ACEManager iplogging.cgi functionality of Sierra Wireless AirLink ES450 FW 4.9.3. | 8.8 |
2019-05-06 | CVE-2019-5430 | UI | Cross-Site Request Forgery (CSRF) vulnerability in UI Unifi Video In UniFi Video 3.10.0 and prior, due to the lack of CSRF protection, it is possible to abuse the Web API to make changes on the server configuration without the user consent, requiring the attacker to lure an authenticated user to access on attacker controlled page. | 8.8 |
2019-05-09 | CVE-2017-12839 | Mpg123 | Out-of-bounds Read vulnerability in Mpg123 A heap-based buffer over-read in the getbits function in src/libmpg123/getbits.h in mpg123 through 1.25.5 allows remote attackers to cause a possible denial-of-service (out-of-bounds read) or possibly have unspecified other impact via a crafted mp3 file. | 8.3 |
2019-05-10 | CVE-2019-5018 | Sqlite Canonical | Use After Free vulnerability in multiple products An exploitable use after free vulnerability exists in the window function functionality of Sqlite3 3.26.0. | 8.1 |
2019-05-08 | CVE-2019-11815 | Linux Canonical Debian Opensuse Netapp | Use After Free vulnerability in multiple products An issue was discovered in rds_tcp_kill_sock in net/rds/tcp.c in the Linux kernel before 5.0.8. | 8.1 |
2019-05-07 | CVE-2019-7746 | JIO | Cross-Site Request Forgery (CSRF) vulnerability in JIO Jmr1140 Firmware Amteljmr1140R12.07 JioFi 4 jmr1140 Amtel_JMR1140_R12.07 devices allow remote attackers to obtain an admin token by making a /cgi-bin/qcmap_auth type=getuser request and then reading the token field. | 8.1 |
2019-05-07 | CVE-2019-7443 | KDE Opensuse Fedoraproject | Improper Input Validation vulnerability in multiple products KDE KAuth before 5.55 allows the passing of parameters with arbitrary types to helpers running as root over DBus via DBusHelperProxy.cpp. | 8.1 |
2019-05-07 | CVE-2019-10869 | Ninjaforms | Unrestricted Upload of File with Dangerous Type vulnerability in Ninjaforms Ninja Forms File Uploads Path Traversal and Unrestricted File Upload exists in the Ninja Forms plugin before 3.0.23 for WordPress (when the Uploads add-on is activated). | 8.1 |
2019-05-07 | CVE-2018-20836 | Linux Canonical Debian F5 Netapp Opensuse | Use After Free vulnerability in multiple products An issue was discovered in the Linux kernel before 4.20. | 8.1 |
2019-05-06 | CVE-2018-4062 | Sierrawireless | Use of Hard-coded Credentials vulnerability in Sierrawireless Airlink Es450 Firmware 4.9.3 A hard-coded credentials vulnerability exists in the snmpd function of the Sierra Wireless AirLink ES450 FW 4.9.3. | 8.1 |
2019-05-06 | CVE-2019-10249 | Eclipse | Improper Encoding or Escaping of Output vulnerability in Eclipse Xtend and Xtext All Xtext & Xtend versions prior to 2.18.0 were built using HTTP instead of HTTPS file transfer and thus the built artifacts may have been compromised. | 8.1 |
2019-05-10 | CVE-2019-5675 | Nvidia | Improper Synchronization vulnerability in Nvidia GPU Driver NVIDIA Windows GPU Display driver software for Windows (all versions) contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape where the product does not properly synchronize shared data, such as static variables across threads, which can lead to undefined behavior and unpredictable data changes, which may lead to denial of service, escalation of privileges, or information disclosure. | 7.8 |
2019-05-09 | CVE-2019-6566 | GE | Unspecified vulnerability in GE Communicator 3.15 GE Communicator, all versions prior to 4.0.517, allows a non-administrative user to replace the uninstaller with a malicious version, which could allow an attacker to gain administrator privileges to the system. | 7.8 |
2019-05-09 | CVE-2019-6564 | GE | Uncontrolled Search Path Element vulnerability in GE Communicator 3.15 GE Communicator, all versions prior to 4.0.517, allows a non-administrative user to place malicious files within the installer file directory, which may allow an attacker to gain administrative privileges on a system during installation or upgrade. | 7.8 |
2019-05-09 | CVE-2019-6546 | GE | Uncontrolled Search Path Element vulnerability in GE Communicator 3.15 GE Communicator, all versions prior to 4.0.517, allows an attacker to place malicious files within the working directory of the program, which may allow an attacker to manipulate widgets and UI elements. | 7.8 |
2019-05-09 | CVE-2019-9847 | Libreoffice | Improper Input Validation vulnerability in Libreoffice A vulnerability in LibreOffice hyperlink processing allows an attacker to construct documents containing hyperlinks pointing to the location of an executable on the target users file system. | 7.8 |
2019-05-08 | CVE-2019-2054 | Google Canonical | In the seccomp implementation prior to kernel version 4.8, there is a possible seccomp bypass due to seccomp policies that allow the use of ptrace. | 7.8 |
2019-05-08 | CVE-2019-2050 | Improper Locking vulnerability in Google Android 8.0/8.1/9.0 In tearDownClientInterface of WificondControl.java, there is a possible use after free due to improper locking. | 7.8 | |
2019-05-08 | CVE-2019-2049 | Use After Free vulnerability in Google Android 9.0 In SendMediaUpdate and SendFolderUpdate of avrcp_service.cc, there is a possible memory corruption due to a use after free. | 7.8 | |
2019-05-08 | CVE-2019-11819 | Alkacon | Improper Neutralization of Formula Elements in a CSV File vulnerability in Alkacon Opencms Alkacon OpenCMS v10.5.4 and before is affected by CSV (aka Excel Macro) Injection in the module New User (/opencms/system/workplace/admin/accounts/user_new.jsp) via the First Name or Last Name. | 7.8 |
2019-05-07 | CVE-2018-6243 | Improper Input Validation vulnerability in Google Android NVIDIA Tegra TLK Widevine Trust Application contains a vulnerability in which missing the input parameter checking of video metadata count may lead to Arbitrary Code Execution, Denial of Service or Escalation of Privileges. | 7.8 | |
2019-05-06 | CVE-2017-18279 | Qualcomm | Integer Overflow or Wraparound vulnerability in Qualcomm products Lack of check of buffer length before copying can lead to buffer overflow in camera module in Small Cell SoC, Snapdragon Mobile, Snapdragon Wear in FSM9055, FSM9955, IPQ4019, IPQ8064, MDM9206, MDM9607, MDM9640, MDM9650, MSM8909W, MSM8996AU, QCA9531, QCA9558, QCA9563, QCA9880, QCA9886, QCA9980, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 450, SD 615/16/SD 415, SD 625, SD 650/52, SD 800, SD 810, SD 820, SD 835, SDM630, SDM636, SDM660, SDX20, Snapdragon_High_Med_2016. | 7.8 |
2019-05-06 | CVE-2017-18278 | Qualcomm | Integer Underflow (Wrap or Wraparound) vulnerability in Qualcomm products An integer underflow may occur due to lack of check when received data length from font_mgr_qsee_request_service is bigger than the minimal value of the segment header, which may result in a buffer overflow, in Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear in MDM9206, MDM9607, MDM9650, SD 210/SD 212/SD 205, SD 425, SD 430, SD 450, SD 625, SD 650/52, SD 820, SD 820A, SD 835, SD 845, SD 850. | 7.8 |
2019-05-06 | CVE-2017-18276 | Qualcomm | Unspecified vulnerability in Qualcomm products Secure camera logic allows display/secure camera controllers to access HLOS memory during secure display or camera session in Snapdragon Mobile, Snapdragon Wear in MDM9206, MDM9607, MDM9650, SD 210/SD 212/SD 205, SD 835, SD 845, SD 850 | 7.8 |
2019-05-06 | CVE-2017-18274 | Qualcomm | Improper Validation of Array Index vulnerability in Qualcomm products While iterating through the models contained in a fixed-size array in the actData structure, which also stores an incorrect number of models that is greater than the size of the array, a buffer overflow occurs in Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear in MDM9206, MDM9607, MDM9650, SD 210/SD 212/SD 205, SD 425, SD 430, SD 450, SD 617, SD 625, SD 650/52, SD 820, SD 820A, SD 835 | 7.8 |
2019-05-06 | CVE-2017-18173 | Qualcomm | Integer Overflow or Wraparound vulnerability in Qualcomm products In case of using an invalid android verified boot signature with very large length, an integer underflow occurs in Snapdragon Mobile in SD 425, SD 427, SD 430, SD 435, SD 450, SD 625, SD 810, SD 820, SD 835, SDM630, SDM636, SDM660, Snapdragon_High_Med_2016. | 7.8 |
2019-05-06 | CVE-2017-18157 | Qualcomm | Use After Free vulnerability in Qualcomm products A Use After Free Condition can occur in Thermal Engine in Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear in MDM9206, MDM9607, MDM9650, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 425, SD 450, SD 615/16/SD 415, SD 625, SD 650/52, SD 820, SD 820A, SD 835, SD 845, SDX20. | 7.8 |
2019-05-06 | CVE-2017-18156 | Qualcomm | Use After Free vulnerability in Qualcomm products While processing camera buffers in camera driver, a use after free condition can occur in Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear in MDM9206, MDM9607, MDM9650, MSM8996AU, SD 210/SD 212/SD 205, SD 625, SD 820, SD 820A, SD 835, SDX20. | 7.8 |
2019-05-06 | CVE-2017-18131 | Qualcomm | Improper Initialization vulnerability in Qualcomm products In QTEE, an incorrect fuse value can be blown in Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear in version MDM9206, MDM9607, MSM8996AU, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 450, SD 615/16/SD 415, SD 625, SD 820, SD 820A, SD 835, SD 845, SDM429, SDM439, SDM630, SDM632, SDM636, SDM660, Snapdragon_High_Med_2016. | 7.8 |
2019-05-09 | CVE-2019-7652 | Thehive Project | Server-Side Request Forgery (SSRF) vulnerability in Thehive-Project Cortex-Analyzers TheHive Project UnshortenLink analyzer before 1.1, included in Cortex-Analyzers before 1.15.2, has SSRF. | 7.7 |
2019-05-10 | CVE-2019-5496 | Netapp | Cleartext Transmission of Sensitive Information vulnerability in Netapp Oncommand Insight Oncommand Insight versions prior to 7.3.5 shipped without certain HTTP Security headers configured which could allow an attacker to obtain sensitive information via unspecified vectors. | 7.5 |
2019-05-10 | CVE-2019-5495 | Netapp | 7PK - Security Features vulnerability in Netapp Oncommand Unified Manager OnCommand Unified Manager for VMware vSphere, Linux and Windows prior to 9.5 shipped without certain HTTP Security headers configured which could allow an attacker to obtain sensitive information via unspecified vectors. | 7.5 |
2019-05-10 | CVE-2019-5494 | Netapp | Cleartext Transmission of Sensitive Information vulnerability in Netapp Oncommand Unified Manager OnCommand Unified Manager 7-Mode prior to version 5.2.4 shipped without certain HTTP Security headers configured which could allow an attacker to obtain sensitive information via unspecified vectors. | 7.5 |
2019-05-10 | CVE-2018-7083 | Arubanetworks Siemens | Information Exposure vulnerability in multiple products If a process running within Aruba Instant crashes, it may leave behind a "core dump", which contains the memory contents of the process at the time it crashed. | 7.5 |
2019-05-10 | CVE-2019-11082 | Dkpro Core Project | Path Traversal vulnerability in Dkpro-Core Project Dkpro-Core core/api/datasets/internal/actions/Explode.java in the Dataset API in DKPro Core through 1.10.0 allows Directory Traversal, resulting in the overwrite of local files with the contents of an archive. | 7.5 |
2019-05-10 | CVE-2017-12884 | Open Xchange | Information Exposure vulnerability in Open-Xchange Appsuite OX Software GmbH App Suite 7.8.4 and earlier is affected by: Information Exposure. | 7.5 |
2019-05-09 | CVE-2016-1600 | Microfocus | Information Exposure vulnerability in Microfocus Identity Manager The ServiceNow driver in NetIQ Identity Manager versions prior to 4.6 are susceptible to an information disclosure vulnerability. | 7.5 |
2019-05-09 | CVE-2019-11842 | Matrix | Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) vulnerability in Matrix Sydent and Synapse An issue was discovered in Matrix Sydent before 1.0.3 and Synapse before 0.99.3.1. | 7.5 |
2019-05-09 | CVE-2017-12761 | Webfile Explorer Project | SQL Injection vulnerability in Webfile Explorer Project Webfile Explorer 1.0 http://codecanyon.net/user/Endober WebFile Explorer 1.0 is affected by: SQL Injection. | 7.5 |
2019-05-09 | CVE-2017-12806 | Imagemagick | Resource Exhaustion vulnerability in Imagemagick 7.0.66 In ImageMagick 7.0.6-6, a memory exhaustion vulnerability was found in the function format8BIM, which allows attackers to cause a denial of service. | 7.5 |
2019-05-09 | CVE-2017-12805 | Imagemagick | Resource Exhaustion vulnerability in Imagemagick 7.0.66 In ImageMagick 7.0.6-6, a memory exhaustion vulnerability was found in the function ReadTIFFImage, which allows attackers to cause a denial of service. | 7.5 |
2019-05-09 | CVE-2019-7181 | Qnap | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Qnap Myqnapcloud 1.0.52/1.3.3.0925 Buffer Overflow vulnerability in myQNAPcloud Connect 1.3.3.0925 and earlier could allow remote attackers to crash the program. | 7.5 |
2019-05-09 | CVE-2019-11837 | F5 | Numeric Errors vulnerability in F5 NJS njs through 0.3.1, used in NGINX, has a segmentation fault in String.prototype.toBytes for negative arguments, related to nxt_utf8_next in nxt/nxt_utf8.h and njs_string_offset in njs/njs_string.c. | 7.5 |
2019-05-09 | CVE-2019-11832 | Typo3 | Improper Input Validation vulnerability in Typo3 TYPO3 8.x before 8.7.25 and 9.x before 9.5.6 allows remote code execution because it does not properly configure the applications used for image processing, as demonstrated by ImageMagick or GraphicsMagick. | 7.5 |
2019-05-08 | CVE-2019-11494 | Dovecot Fedoraproject Opensuse | NULL Pointer Dereference vulnerability in multiple products In the IMAP Server in Dovecot 2.3.3 through 2.3.5.2, the submission-login service crashes when the client disconnects prematurely during the AUTH command. | 7.5 |
2019-05-08 | CVE-2019-11458 | Cakefoundation | Deserialization of Untrusted Data vulnerability in Cakefoundation Cakephp 3.7.6 An issue was discovered in SmtpTransport in CakePHP 3.7.6. | 7.5 |
2019-05-08 | CVE-2019-2052 | Type Confusion vulnerability in Google Android In VisitPointers of heap.cc, there is a possible out-of-bounds read due to type confusion. | 7.5 | |
2019-05-08 | CVE-2019-2051 | Out-of-bounds Read vulnerability in Google Android In heap of spaces.h, there is a possible out of bounds read due to improper input validation. | 7.5 | |
2019-05-08 | CVE-2019-11499 | Dovecot Fedoraproject Opensuse | In the IMAP Server in Dovecot 2.3.3 through 2.3.5.2, the submission-login component crashes if AUTH PLAIN is attempted over a TLS secured channel with an unacceptable authentication message. | 7.5 |
2019-05-07 | CVE-2019-10742 | Axios | Improper Handling of Exceptional Conditions vulnerability in Axios Axios up to and including 0.18.0 allows attackers to cause a denial of service (application crash) by continuing to accepting content after maxContentLength is exceeded. | 7.5 |
2019-05-07 | CVE-2018-19456 | Wplaunchpad Opensuse | Information Exposure vulnerability in multiple products The WP Backup+ (aka WPbackupplus) plugin through 2018-11-22 for WordPress allows remote attackers to obtain sensitive information from server folders and files, as demonstrated by download.sql. | 7.5 |
2019-05-07 | CVE-2018-13994 | Phoenixcontact | Resource Exhaustion vulnerability in Phoenixcontact products The WebUI of PHOENIX CONTACT FL SWITCH 3xxx, 4xxx, 48xx versions 1.0 to 1.34 is vulnerable to a denial-of-service attack by making more than 120 connections. | 7.5 |
2019-05-07 | CVE-2019-11810 | Linux Canonical Debian | Use After Free vulnerability in multiple products An issue was discovered in the Linux kernel before 5.0.7. | 7.5 |
2019-05-06 | CVE-2018-18977 | Ascensia | Information Exposure vulnerability in Ascensia Contour Diabetes An issue was discovered in the Ascensia Contour NEXT ONE application for Android before 2019-01-15. | 7.5 |
2019-05-06 | CVE-2018-18975 | Ascensia | Information Exposure vulnerability in Ascensia Contour Diabetes An issue was discovered in the Ascensia Contour NEXT ONE app for iOS before 2019-01-15. | 7.5 |
2019-05-06 | CVE-2019-11807 | Visser | Unrestricted Upload of File with Dangerous Type vulnerability in Visser Woocommerce Checkout Manager The WooCommerce Checkout Manager plugin before 4.3 for WordPress allows media deletion via the wp-admin/admin-ajax.php?action=update_attachment_wccm wccm_default_keys_load parameter because of a nopriv_ registration and a lack of capabilities checks. | 7.5 |
2019-05-06 | CVE-2018-4069 | Sierrawireless | Information Exposure vulnerability in Sierrawireless Airlink Es450 Firmware 4.9.3 An information disclosure vulnerability exists in the ACEManager authentication functionality of Sierra Wireless AirLink ES450 FW 4.9.3. | 7.5 |
2019-05-06 | CVE-2018-17202 | Apache | Infinite Loop vulnerability in Apache Commons Imaging 0.97 Certain input files could make the code to enter into an infinite loop when Apache Sanselan 0.97-incubator was used to parse them, which could be used in a DoS attack. | 7.5 |
2019-05-06 | CVE-2018-17201 | Apache | Unspecified vulnerability in Apache Commons Imaging 0.97 Certain input files could make the code hang when Apache Sanselan 0.97-incubator was used to parse them, which could be used in a DoS attack. | 7.5 |
2019-05-06 | CVE-2019-5432 | Mqtt Packet Project | Out-of-bounds Read vulnerability in Mqtt-Packet Project Mqtt-Packet A specifically malformed MQTT Subscribe packet crashes MQTT Brokers using the mqtt-packet module versions < 3.5.1, 4.0.0 - 4.1.3, 5.0.0 - 5.6.1, 6.0.0 - 6.1.2 for decoding. | 7.5 |
2019-05-06 | CVE-2019-3565 | Improper Handling of Exceptional Conditions vulnerability in Facebook Thrift Legacy C++ Facebook Thrift servers (using cpp instead of cpp2) would not error upon receiving messages with containers of fields of unknown type. | 7.5 | |
2019-05-06 | CVE-2019-3564 | Improper Handling of Exceptional Conditions vulnerability in Facebook Thrift Go Facebook Thrift servers would not error upon receiving messages with containers of fields of unknown type. | 7.5 | |
2019-05-06 | CVE-2019-3559 | Improper Handling of Exceptional Conditions vulnerability in Facebook Thrift Java Facebook Thrift servers would not error upon receiving messages with containers of fields of unknown type. | 7.5 | |
2019-05-06 | CVE-2019-3558 | Improper Handling of Exceptional Conditions vulnerability in Facebook Thrift Python Facebook Thrift servers would not error upon receiving messages with containers of fields of unknown type. | 7.5 | |
2019-05-06 | CVE-2019-3552 | Improper Handling of Exceptional Conditions vulnerability in Facebook Thrift C++ Facebook Thrift servers (using cpp2) would not error upon receiving messages with containers of fields of unknown type. | 7.5 | |
2019-05-08 | CVE-2018-5408 | Printerlogic | Improper Certificate Validation vulnerability in Printerlogic Print Management 18.3.1.96 The PrinterLogic Print Management software, versions up to and including 18.3.1.96, does not validate, or incorrectly validates, the PrinterLogic management portal's SSL certificate. | 7.4 |
2019-05-06 | CVE-2018-18979 | Ascensia | Use of Hard-coded Credentials vulnerability in Ascensia Contour Diabetes An issue was discovered in the Ascensia Contour NEXT ONE application for Android before 2019-01-15. | 7.4 |
2019-05-06 | CVE-2018-18978 | Ascensia | Use of Hard-coded Credentials vulnerability in Ascensia Contour Diabetes An issue was discovered in the Ascensia Contour NEXT ONE application for Android before 2019-01-15. | 7.4 |
2019-05-08 | CVE-2019-2043 | Insecure Default Initialization of Resource vulnerability in Google Android In SmsDefaultDialog.onStart of SmsDefaultDialog.java, there is a possible escalation of privilege due to an overlay attack. | 7.3 | |
2019-05-10 | CVE-2018-7082 | Arubanetworks Siemens | OS Command Injection vulnerability in multiple products A command injection vulnerability is present in Aruba Instant that permits an authenticated administrative user to execute arbitrary commands on the underlying operating system. | 7.2 |
2019-05-08 | CVE-2019-11508 | Pulsesecure Ivanti | Path Traversal vulnerability in multiple products In Pulse Secure Pulse Connect Secure (PCS) before 8.1R15.1, 8.2 before 8.2R12.1, 8.3 before 8.3R7.1, and 9.0 before 9.0R3.4, an authenticated attacker (via the admin web interface) can exploit Directory Traversal to execute arbitrary code on the appliance. | 7.2 |
2019-05-09 | CVE-2017-12778 | Qbittorrent | Improper Authentication vulnerability in Qbittorrent 3.3.15 The UI Lock feature in qBittorrent version 3.3.15 is vulnerable to Authentication Bypass, which allows Attack to gain unauthorized access to qBittorrent functions by tampering the affected flag value of the config file at the C:\Users\<username>\Roaming\qBittorrent pathname. | 7.1 |
2019-05-07 | CVE-2019-4208 | IBM | XXE vulnerability in IBM Tririga Application Platform 3.5.3.0/3.6.0.0 IBM TRIRIGA Application Platform 3.5.3 and 3.6.0 is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. | 7.1 |
2019-05-10 | CVE-2018-7119 | HP | Unspecified vulnerability in HP products A Local Disclosure of Sensitive Information vulnerability was identified in HPE NonStop Safeguard earlier than version SPR T9750L01^AIC or T9750H05^AIH, and later versions when the PASSWORD-PROMPT configuration attribute is not set to BLIND; all versions on H-series. | 7.0 |
2019-05-07 | CVE-2019-11811 | Linux Redhat Opensuse | Use After Free vulnerability in multiple products An issue was discovered in the Linux kernel before 5.0.4. | 7.0 |
65 Medium Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2019-05-12 | CVE-2019-11885 | EYE Disk | Insufficiently Protected Credentials vulnerability in Eye-Disk Eyedisk eyeDisk implements the unlock feature by sending a cleartext password. | 6.8 |
2019-05-10 | CVE-2019-5676 | Nvidia | Uncontrolled Search Path Element vulnerability in Nvidia Geforce Experience and GPU Display Driver NVIDIA Windows GPU Display driver software for Windows (all versions) contains a vulnerability in which it incorrectly loads Windows system DLLs without validating the path or signature (also known as a binary planting or DLL preloading attack), leading to escalation of privileges through code execution. | 6.7 |
2019-05-10 | CVE-2019-11000 | Gitlab | Unspecified vulnerability in Gitlab An issue was discovered in GitLab Enterprise Edition before 11.7.11, 11.8.x before 11.8.7, and 11.9.x before 11.9.7. | 6.5 |
2019-05-10 | CVE-2019-11878 | Xiongmaitech | Integer Overflow or Wraparound vulnerability in Xiongmaitech Besder Ip20H1 Firmware 4.02.R12.00035520.12012.047500.00200 An issue was discovered on XiongMai Besder IP20H1 V4.02.R12.00035520.12012.047500.00200 cameras. | 6.5 |
2019-05-09 | CVE-2017-12790 | Metinfo | Cross-Site Request Forgery (CSRF) vulnerability in Metinfo 5.3.18 Metinfo 5.3.18 is affected by: Cross Site Request Forgery (CSRF). | 6.5 |
2019-05-09 | CVE-2017-12804 | Entropymine | Resource Exhaustion vulnerability in Entropymine Imageworsener 1.3.2 The iwgif_init_screen function in imagew-gif.c:510 in ImageWorsener 1.3.2 allows remote attackers to cause a denial of service (hmemory exhaustion) via a crafted file. | 6.5 |
2019-05-08 | CVE-2019-5014 | Wincofireworks | Missing Authentication for Critical Function vulnerability in Wincofireworks Fw-1007 Firmware 2.0 An exploitable improper access control vulnerability exists in the bluetooth low energy functionality of Winco Fireworks FireFly FW-1007 V2.0. | 6.5 |
2019-05-06 | CVE-2018-4067 | Sierrawireless | Information Exposure vulnerability in Sierrawireless Airlink Es450 Firmware 4.9.3 An exploitable information disclosure vulnerability exists in the ACEManager template_load.cgi functionality of Sierra Wireless AirLink ES450 FW 4.9.3. | 6.5 |
2019-05-06 | CVE-2019-3799 | Vmware Oracle | Path Traversal vulnerability in multiple products Spring Cloud Config, versions 2.1.x prior to 2.1.2, versions 2.0.x prior to 2.0.4, and versions 1.4.x prior to 1.4.6, and older unsupported versions allow applications to serve arbitrary configuration files through the spring-cloud-config-server module. | 6.5 |
2019-05-09 | CVE-2019-4072 | IBM | Insufficient Session Expiration vulnerability in IBM products IBM Tivoli Storage Productivity Center (IBM Spectrum Control Standard Edition 5.2.1 through 5.2.17) allows users to remain idle within the application even when a user has logged out. | 6.3 |
2019-05-10 | CVE-2018-7064 | Arubanetworks Siemens | Cross-site Scripting vulnerability in multiple products A reflected cross-site scripting (XSS) vulnerability is present in an unauthenticated Aruba Instant web interface. | 6.1 |
2019-05-10 | CVE-2017-12885 | Open Xchange | Cross-site Scripting vulnerability in Open-Xchange Appsuite OX Software GmbH App Suite 7.8.4 and earlier is affected by: Cross Site Scripting (XSS). | 6.1 |
2019-05-09 | CVE-2019-11870 | S9Y | Cross-site Scripting vulnerability in S9Y Serendipity Serendipity before 2.1.5 has XSS via EXIF data that is mishandled in the templates/2k11/admin/media_choose.tpl Editor Preview feature or the templates/2k11/admin/media_items.tpl Media Library feature. | 6.1 |
2019-05-09 | CVE-2019-11869 | Yuzopro | Cross-site Scripting vulnerability in Yuzopro Yuzo 5.12.94 The Yuzo Related Posts plugin 5.12.94 for WordPress has XSS because it mistakenly expects that is_admin() verifies that the request comes from an admin user (it actually only verifies that the request is for an admin page). | 6.1 |
2019-05-09 | CVE-2019-1568 | Paloaltonetworks | Cross-site Scripting vulnerability in Paloaltonetworks Demisto 4.5 Cross-site scripting (XSS) vulnerability in Palo Alto Networks Demisto 4.5 build 40249 may allow an unauthenticated attacker to run arbitrary JavaScript or HTML. | 6.1 |
2019-05-09 | CVE-2017-12788 | Metinfo | Cross-site Scripting vulnerability in Metinfo 5.3.18 Multiple cross-site scripting (XSS) vulnerabilities in admin/index.php in Metinfo 5.3.18 allows remote attackers to inject arbitrary web script or HTML via the (1) class1 parameter or the (2) anyid parameter. | 6.1 |
2019-05-08 | CVE-2019-11406 | Intelliants | Cross-site Scripting vulnerability in Intelliants Subrion CMS 4.2.1 Subrion CMS 4.2.1 allows _core/en/contacts/ XSS via the name, email, or phone parameter. | 6.1 |
2019-05-08 | CVE-2019-11398 | Ulicms | Cross-site Scripting vulnerability in Ulicms 2019.1/2019.2 Multiple cross-site scripting (XSS) vulnerabilities in UliCMS 2019.2 and 2019.1 allow remote attackers to inject arbitrary web script or HTML via the go parameter to admin/index.php, the go parameter to /admin/index.php?register=register, or the error parameter to admin/index.php?action=favicon. | 6.1 |
2019-05-08 | CVE-2019-11507 | Ivanti | Cross-site Scripting vulnerability in Ivanti Connect Secure 8.3/9.0 In Pulse Secure Pulse Connect Secure (PCS) 8.3.x before 8.3R7.1 and 9.0.x before 9.0R3, an XSS issue has been found on the Application Launcher page. | 6.1 |
2019-05-08 | CVE-2019-11818 | Alkacon | Cross-site Scripting vulnerability in Alkacon Opencms Alkacon OpenCMS v10.5.4 and before is affected by stored cross site scripting (XSS) in the module New User (/opencms/system/workplace/admin/accounts/user_new.jsp). | 6.1 |
2019-05-08 | CVE-2019-11643 | Oneshield | Cross-site Scripting vulnerability in Oneshield Policy Persistent XSS has been found in the OneShield Policy (Dragon Core) framework before 5.1.10. | 6.1 |
2019-05-08 | CVE-2019-11564 | Humhub | Cross-site Scripting vulnerability in Humhub 1.3.12 A cross-site scripting (XSS) vulnerability in HumHub 1.3.12 allows remote attackers to inject arbitrary web script or HTML via a /protected/vendor/codeception/codeception/tests/data/app/view/index.php POST request. | 6.1 |
2019-05-08 | CVE-2019-8349 | Htmly | Cross-site Scripting vulnerability in Htmly 2.7.4 Multiple cross-site scripting (XSS) vulnerabilities in HTMLy 2.7.4 allow remote attackers to inject arbitrary web script or HTML via the (1) destination parameter to delete feature; the (2) destination parameter to edit feature; (3) content parameter in the profile feature. | 6.1 |
2019-05-08 | CVE-2019-11814 | Misp | Cross-site Scripting vulnerability in Misp An issue was discovered in app/webroot/js/misp.js in MISP before 2.4.107. | 6.1 |
2019-05-08 | CVE-2019-11813 | Misp | Cross-site Scripting vulnerability in Misp An issue was discovered in app/View/Elements/Events/View/value_field.ctp in MISP before 2.4.107. | 6.1 |
2019-05-08 | CVE-2019-11812 | Misp | Cross-site Scripting vulnerability in Misp A persistent XSS issue was discovered in app/View/Helper/CommandHelper.php in MISP before 2.4.107. | 6.1 |
2019-05-07 | CVE-2019-7687 | JIO | Cross-site Scripting vulnerability in JIO Jmr1140 Firmware Amteljmr1140R12.07 cgi-bin/qcmap_web_cgi on JioFi 4 jmr1140 Amtel_JMR1140_R12.07 devices has POST based reflected XSS via the Page parameter. | 6.1 |
2019-05-07 | CVE-2019-7541 | Rukovoditel | Cross-site Scripting vulnerability in Rukovoditel Rukovoditel through 2.4.1 allows XSS via a URL that lacks a module=users%2flogin substring. | 6.1 |
2019-05-07 | CVE-2019-7427 | Zohocorp | Cross-site Scripting vulnerability in Zohocorp Manageengine Netflow Analyzer 7.0.0.2 XSS exists in Zoho ManageEngine Netflow Analyzer Professional v7.0.0.2 in the Administration zone "/netflow/jspui/linkdownalertConfig.jsp" file in the autorefTime or graphTypes parameter. | 6.1 |
2019-05-07 | CVE-2019-7426 | Zohocorp | Cross-site Scripting vulnerability in Zohocorp Manageengine Netflow Analyzer 7.0.0.2 XSS exists in Zoho ManageEngine Netflow Analyzer Professional v7.0.0.2 in the Administration zone "/netflow/jspui/linkdownalertConfig.jsp" file in the groupDesc, groupName, groupID, or task parameter. | 6.1 |
2019-05-07 | CVE-2018-20503 | Alliedtelesis | Cross-site Scripting vulnerability in Alliedtelesis 8100L/8 Firmware Allied Telesis 8100L/8 devices allow XSS via the edit-ipv4_interface.php vlanid or subnet_mask parameter. | 6.1 |
2019-05-07 | CVE-2019-11629 | Sonatype | Cross-site Scripting vulnerability in Sonatype Nexus Repository Manager Sonatype Nexus Repository Manager 2.x before 2.14.13 allows XSS. | 6.1 |
2019-05-07 | CVE-2018-14478 | Coppermine Gallery | Cross-site Scripting vulnerability in Coppermine-Gallery Coppermine Photo Gallery 1.5.46 ecard.php in Coppermine Photo Gallery (CPG) 1.5.46 has XSS via the sender_name, recipient_email, greetings, or recipient_name parameter. | 6.1 |
2019-05-06 | CVE-2018-4065 | Sierrawireless | Cross-site Scripting vulnerability in Sierrawireless Airlink Es450 Firmware 4.9.3 An exploitable cross-site scripting vulnerability exists in the ACEManager ping_result.cgi functionality of Sierra Wireless AirLink ES450 FW 4.9.3. | 6.1 |
2019-05-06 | CVE-2018-13983 | Impresscms | Cross-site Scripting vulnerability in Impresscms 1.3.10 ImpressCMS 1.3.10 has XSS via the PATH_INFO to htdocs/install/index.php, htdocs/install/page_langselect.php, or htdocs/install/page_modcheck.php. | 6.1 |
2019-05-10 | CVE-2019-3566 | Unspecified vulnerability in Whatsapp and Whatsapp Business A bug in WhatsApp for Android's messaging logic would potentially allow a malicious individual who has taken over over a WhatsApp user's account to recover previously sent messages. | 5.9 | |
2019-05-09 | CVE-2019-11840 | Golang Debian | Use of Insufficiently Random Values vulnerability in multiple products An issue was discovered in the supplementary Go cryptography library, golang.org/x/crypto, before v0.0.0-20190320223903-b7391e95e576. | 5.9 |
2019-05-09 | CVE-2019-11323 | Haproxy | Use of Uninitialized Resource vulnerability in Haproxy HAProxy before 1.9.7 mishandles a reload with rotated keys, which triggers use of uninitialized, and very predictable, HMAC keys. | 5.9 |
2019-05-08 | CVE-2019-11550 | Citrix | Improper Certificate Validation vulnerability in Citrix Netscaler Sd-Wan and Sd-Wan Citrix SD-WAN 10.2.x before 10.2.1 and NetScaler SD-WAN 10.0.x before 10.0.7 have Improper Certificate Validation. | 5.9 |
2019-05-08 | CVE-2019-11561 | Chuango | Unspecified vulnerability in Chuango products The Chuango 433 MHz burglar-alarm product line is vulnerable to a Denial of Service attack. | 5.9 |
2019-05-09 | CVE-2019-6544 | GE | Unspecified vulnerability in GE Communicator 3.15 GE Communicator, all versions prior to 4.0.517, has a service running with system privileges that may allow an unprivileged user to perform certain administrative actions, which may allow the execution of scheduled scripts with system administrator privileges. | 5.6 |
2019-05-10 | CVE-2019-5677 | Nvidia | Out-of-bounds Read vulnerability in Nvidia GPU Driver NVIDIA Windows GPU Display driver software for Windows (all versions) contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DeviceIoControl where the software reads from a buffer using buffer access mechanisms such as indexes or pointers that reference memory locations after the targeted buffer, which may lead to denial of service. | 5.5 |
2019-05-10 | CVE-2019-11879 | Ruby Lang | Link Following vulnerability in Ruby-Lang Webrick 1.4.2 The WEBrick gem 1.4.2 for Ruby allows directory traversal if the attacker once had local access to create a symlink to a location outside of the web root directory. | 5.5 |
2019-05-09 | CVE-2019-11820 | Synology | Insufficiently Protected Credentials vulnerability in Synology Calendar Information exposure through process environment vulnerability in Synology Calendar before 2.3.3-0620 allows local users to obtain credentials via cmdline. | 5.5 |
2019-05-08 | CVE-2019-9698 | Symantec | Unspecified vulnerability in Symantec Antivirus Engine Symantec AV Engine, prior to 13.0.9r17, may be susceptible to an arbitrary file deletion issue, which is a type of vulnerability that could allow an attacker to delete files on the resident system without elevated privileges. | 5.5 |
2019-05-08 | CVE-2019-2053 | Out-of-bounds Read vulnerability in Google Android In wnm_parse_neighbor_report_elem of wnm_sta.c, there is a possible out-of-bounds read due to missing bounds check. | 5.5 | |
2019-05-06 | CVE-2017-18275 | Qualcomm | Unspecified vulnerability in Qualcomm products A new account can be inserted into simContacts service using Android command line tool in Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear in MDM9206, MDM9607, MDM9650, MSM8909W, SD 210/SD 212/SD 205, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 820, SD 820A, SD 835, SD 845. | 5.5 |
2019-05-06 | CVE-2017-15841 | Qualcomm | Unspecified vulnerability in Qualcomm products When HOST sends a Special command ID packet, Controller triggers a RAM Dump and FW reset in Snapdragon Mobile in version SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 450, SD 615/16/SD 415, SD 625, SD 650/52, SD 820, SD 835, Snapdragon_High_Med_2016. | 5.5 |
2019-05-10 | CVE-2019-4204 | IBM | Cross-site Scripting vulnerability in IBM products IBM Business Automation Workflow 18.0.0.0, 18.0.0.1, 18.0.0.2, and 19.0.0.1 is vulnerable to cross-site scripting. | 5.4 |
2019-05-10 | CVE-2019-11871 | Custom Field Suite Project | Cross-site Scripting vulnerability in Custom Field Suite Project Custom Field Suite The Custom Field Suite plugin before 2.5.15 for WordPress has XSS for editors or admins. | 5.4 |
2019-05-07 | CVE-2019-9709 | Mahara | Cross-site Scripting vulnerability in Mahara An issue was discovered in Mahara 17.10 before 17.10.8, 18.04 before 18.04.4, and 18.10 before 18.10.1. | 5.4 |
2019-05-06 | CVE-2019-5433 | Revive Adserver | Open Redirect vulnerability in Revive-Adserver Revive Adserver A user having access to the UI of a Revive Adserver instance could be tricked into clicking on a specifically crafted admin account-switch.php URL that would eventually lead them to another (unsafe) domain, potentially used for stealing credentials or other phishing attacks. | 5.4 |
2019-05-06 | CVE-2019-5431 | Insufficient Verification of Data Authenticity vulnerability in Twitter KIT This vulnerability was caused by an incomplete fix to CVE-2017-0911. | 5.4 | |
2019-05-10 | CVE-2019-5438 | Harpjs | Link Following vulnerability in Harpjs Harp Path traversal using symlink in npm harp module versions <= 0.29.0. | 5.3 |
2019-05-10 | CVE-2019-5437 | Harpjs | Information Exposure vulnerability in Harpjs Harp Information exposure through the directory listing in npm's harp module allows to access files that are supposed to be ignored according to the harp server rules.Vulnerable versions are <= 0.29.0 and no fix was applied to our knowledge. | 5.3 |
2019-05-10 | CVE-2018-1990 | IBM | Information Exposure vulnerability in IBM Cloud APP Management 2018.2.0/2018.4.0/2018.4.1 IBM Cloud App Management V2018.2.0, V2018.4.0, and V2018.4.1 could allow an attacker to obtain sensitive configuration information using a specially crafted HTTP request. | 5.3 |
2019-05-07 | CVE-2018-13991 | Phoenixcontact | Information Exposure vulnerability in Phoenixcontact products The WebUI of PHOENIX CONTACT FL SWITCH 3xxx, 4xxx, 48xx versions 1.0 to 1.34 leaks private information in firmware images. | 5.3 |
2019-05-06 | CVE-2018-18976 | Ascensia | Authorization Bypass Through User-Controlled Key vulnerability in Ascensia Contour Diabetes An issue was discovered in the Ascensia Contour NEXT ONE application for iOS and Android before 2019-01-15. | 5.3 |
2019-05-06 | CVE-2018-4068 | Sierrawireless | Information Exposure vulnerability in Sierrawireless Airlink Es450 Firmware 4.9.3 An exploitable information disclosure vulnerability exists in the ACEManager functionality of Sierra Wireless AirLink ES450 FW 4.9.3. | 5.3 |
2019-05-06 | CVE-2019-3797 | Pivotal Software | Information Exposure vulnerability in Pivotal Software Spring Data Java Persistence API This affects Spring Data JPA in versions up to and including 2.1.5, 2.0.13 and 1.11.19. | 5.3 |
2019-05-09 | CVE-2019-0226 | Apache | Path Traversal vulnerability in Apache Karaf Apache Karaf Config service provides a install method (via service or MBean) that could be used to travel in any directory and overwrite existing file. | 4.9 |
2019-05-07 | CVE-2019-9708 | Mahara | Unspecified vulnerability in Mahara An issue was discovered in Mahara 17.10 before 17.10.8, 18.04 before 18.04.4, and 18.10 before 18.10.1. | 4.9 |
2019-05-09 | CVE-2018-20837 | Typesettercms | Cross-site Scripting vulnerability in Typesettercms Typesetter 5.1 include/admin/Menu/Ajax.php in Typesetter 5.1 has index.php/Admin/Menu/Ajax?cmd=AddHidden title XSS. | 4.8 |
2019-05-09 | CVE-2019-11836 | Rediff | Missing Encryption of Sensitive Data vulnerability in Rediff Rediffmail 2.2.6 The Rediffmail (aka com.rediff.mail.and) application 2.2.6 for Android has cleartext mail content in file storage, persisting after a logout. | 4.6 |
2019-05-07 | CVE-2018-2008 | IBM | Information Exposure vulnerability in IBM Tririga Application Platform 3.5.3.0/3.6.0.0 IBM TRIRIGA Application Platform 3.5.3 and 3.6.0 could disclose sensitive information to an authenticated user that could aid in further attacks against the system. | 4.3 |
3 Low Vulnerabilities
DATE | CVE | VENDOR | VULNERABILITY | CVSS |
---|---|---|---|---|
2019-05-07 | CVE-2019-11808 | Ratpack Project | Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) vulnerability in Ratpack Project Ratpack Ratpack versions before 1.6.1 generate a session ID using a cryptographically weak PRNG in the JDK's ThreadLocalRandom. | 3.7 |
2019-05-10 | CVE-2019-11884 | Linux Fedoraproject Debian Canonical Redhat Opensuse | The do_hidp_sock_ioctl function in net/bluetooth/hidp/sock.c in the Linux kernel before 5.0.15 allows a local user to obtain potentially sensitive information from kernel stack memory via a HIDPCONNADD command, because a name field may not end with a '\0' character. | 3.3 |
2019-05-07 | CVE-2019-4207 | IBM | Unspecified vulnerability in IBM Tririga Application Platform 3.5.3.0/3.6.0.0 IBM TRIRIGA Application Platform 3.5.3 and 3.6.0 may disclose sensitive information only available to a local user that could be used in further attacks against the system. | 3.3 |