Vulnerability Summary for the Week of March 19, 2018
The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded in the past week. In some cases, the vulnerabilities in the bulletin may not yet have assigned CVSS scores.
Vulnerabilities are based on the Common Vulnerabilities and Exposures (CVE) vulnerability naming standard and are organized according to severity, determined by the Common Vulnerability Scoring System (CVSS) standard. The division of high, medium, and low severities correspond to the following scores:
- High: vulnerabilities with a CVSS base score of 7.0–10.0
- Medium: vulnerabilities with a CVSS base score of 4.0–6.9
- Low: vulnerabilities with a CVSS base score of 0.0–3.9
Entries may include additional information provided by organizations and efforts sponsored by CISA. This information may include identifying information, values, definitions, and related links. Patch information is provided when available. Please note that some of the information in the bulletin is compiled from external, open-source reports and is not a direct result of CISA analysis.
High Vulnerabilities
Primary Vendor -- Product | Description | Published | CVSS Score | Source & Patch Info |
---|---|---|---|---|
There were no high vulnerabilities recorded this week. |
Medium Vulnerabilities
Primary Vendor -- Product | Description | Published | CVSS Score | Source & Patch Info |
---|---|---|---|---|
There were no medium vulnerabilities recorded this week. |
Low Vulnerabilities
Primary Vendor -- Product | Description | Published | CVSS Score | Source & Patch Info |
---|---|---|---|---|
There were no low vulnerabilities recorded this week. |
Severity Not Yet Assigned
Primary Vendor -- Product | Description | Published | CVSS Score | Source & Patch Info |
---|---|---|---|---|
2345_security_guard -- 2345_security_guard | In 2345 Security Guard 3.6, the driver file (2345NetFirewall.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x00222040. | 2018-03-20 | not yet calculated | CVE-2018-8873 MISC |
2345_security_guard -- 2345_security_guard | In 2345 Security Guard 3.6, the driver file (2345NetFirewall.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x00222018. | 2018-03-18 | not yet calculated | CVE-2018-8765 MISC |
2345_security_guard -- 2345_security_guard | In 2345 Security Guard 3.6, the driver file (2345DumpBlock.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x00222044. | 2018-03-22 | not yet calculated | CVE-2018-8896 MISC |
2345_security_guard -- 2345_security_guard | In 2345 Security Guard 3.6, the driver file (2345Wrath.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x00222054. | 2018-03-20 | not yet calculated | CVE-2018-8874 MISC |
2345_security_guard -- 2345_security_guard | In 2345 Security Guard 3.6, the driver file (2345Wrath.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x0022209c. | 2018-03-20 | not yet calculated | CVE-2018-8875 MISC |
2345_security_guard -- 2345_security_guard | In 2345 Security Guard 3.6, the driver file (2345DumpBlock.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x00222040. | 2018-03-22 | not yet calculated | CVE-2018-8895 MISC |
2345_security_guard -- 2345_security_guard | In 2345 Security Guard 3.6, the driver file (2345BdPcSafe.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x00222108. | 2018-03-22 | not yet calculated | CVE-2018-8894 MISC |
2345_security_guard -- 2345_security_guard | In 2345 Security Guard 3.6, the driver file (2345Wrath.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x00222098. | 2018-03-20 | not yet calculated | CVE-2018-8876 MISC |
advanced_systemcare_ultimate -- advanced_systemcare_ultimate | In Advanced SystemCare Ultimate 11.0.1.58, the driver file (Monitor_x86.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x9c4060cc. | 2018-03-24 | not yet calculated | CVE-2018-8998 MISC |
advanced_systemcare_ultimate -- advanced_systemcare_ultimate | In Advanced SystemCare Ultimate 11.0.1.58, the driver file (Monitor_win7_x64.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x9c4060c4. | 2018-03-24 | not yet calculated | CVE-2018-8999 MISC |
advanced_systemcare_ultimate -- advanced_systemcare_ultimate | In Advanced SystemCare Ultimate 11.0.1.58, the driver file (Monitor_x86.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x9c402004. | 2018-03-24 | not yet calculated | CVE-2018-9000 MISC |
advanced_systemcare_ultimate -- advanced_systemcare_ultimate | In Advanced SystemCare Ultimate 11.0.1.58, the driver file (Monitor_win7_x64.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x9c4060d0. | 2018-03-24 | not yet calculated | CVE-2018-9005 MISC |
advanced_systemcare_ultimate -- advanced_systemcare_ultimate | In Advanced SystemCare Ultimate 11.0.1.58, the driver file (Monitor_win7_x64.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x9c402004. | 2018-03-24 | not yet calculated | CVE-2018-9006 MISC |
advanced_systemcare_ultimate -- advanced_systemcare_ultimate | In Advanced SystemCare Ultimate 11.0.1.58, the driver file (Monitor_x86.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x9c4060c4. | 2018-03-24 | not yet calculated | CVE-2018-9007 MISC |
advanced_systemcare_ultimate -- advanced_systemcare_ultimate | In Advanced SystemCare Ultimate 11.0.1.58, the driver file (Monitor_win7_x64.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x9c402000. | 2018-03-24 | not yet calculated | CVE-2018-9001 MISC |
advanced_systemcare_ultimate -- advanced_systemcare_ultimate | In Advanced SystemCare Ultimate 11.0.1.58, the driver file (Monitor_x86.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x9c4060d0. | 2018-03-24 | not yet calculated | CVE-2018-9004 MISC |
advanced_systemcare_ultimate -- advanced_systemcare_ultimate | In Advanced SystemCare Ultimate 11.0.1.58, the driver file (Monitor_win7_x64.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x9c4060cc. | 2018-03-24 | not yet calculated | CVE-2018-9002 MISC |
advanced_systemcare_ultimate -- advanced_systemcare_ultimate | In Advanced SystemCare Ultimate 11.0.1.58, the driver file (Monitor_x86.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x9c402000. | 2018-03-24 | not yet calculated | CVE-2018-9003 MISC |
ajaxdiscussion.php -- ajaxdiscussion.php | I, Librarian version 4.9 and earlier contains an Incorrect Access Control vulnerability in ajaxdiscussion.php that can result in any users gaining unauthorized access (read, write and delete) to project discussions. | 2018-03-23 | not yet calculated | CVE-2018-1000141 MISC |
alkacon -- opencms | Cross-site request forgery (CSRF) vulnerability in system/workplace/admin/accounts/user_role.jsp in OpenCMS 10.5.3 allows remote attackers to hijack the authentication of administrative users for requests that perform privilege escalation. | 2018-03-20 | not yet calculated | CVE-2018-8811 MISC |
alkacon -- opencms | Cross-site scripting (XSS) vulnerability in the gallery function in Alkacon OpenCMS 10.5.3 allows remote attackers to inject arbitrary web script or HTML via a malicious SVG image. | 2018-03-20 | not yet calculated | CVE-2018-8815 MISC |
amd -- epyc_server_and_ryzen_and_ryzen_pro_and_ryzen_mobile_processor_chips | The AMD EPYC Server, Ryzen, Ryzen Pro, and Ryzen Mobile processor chips allow Platform Security Processor (PSP) privilege escalation. | 2018-03-22 | not yet calculated | CVE-2018-8936 MISC MISC MISC MISC |
amd -- epyc_server_and_ryzen_and_ryzen_pro_and_ryzen_mobile_processor_chips | The AMD EPYC Server, Ryzen, Ryzen Pro, and Ryzen Mobile processor chips have insufficient enforcement of Hardware Validated Boot, aka MASTERKEY-1, MASTERKEY-2, and MASTERKEY-3. | 2018-03-22 | not yet calculated | CVE-2018-8930 MISC MISC MISC MISC |
amd -- epyc_server_processor_chips | The AMD EPYC Server processor chips have insufficient access control for protected memory regions, aka FALLOUT-1, FALLOUT-2, and FALLOUT-3. | 2018-03-22 | not yet calculated | CVE-2018-8933 MISC MISC MISC MISC |
amd -- ryzen_and_ryzen_pro_and_ryzen_mobile_processor_chips | The AMD Ryzen, Ryzen Pro, and Ryzen Mobile processor chips have insufficient access control for the Secure Processor, aka RYZENFALL-1. | 2018-03-22 | not yet calculated | CVE-2018-8931 MISC MISC MISC MISC |
amd -- ryzen_and_ryzen_pro_processor_chips | The AMD Ryzen and Ryzen Pro processor chips have insufficient access control for the Secure Processor, aka RYZENFALL-2, RYZENFALL-3, and RYZENFALL-4. | 2018-03-22 | not yet calculated | CVE-2018-8932 MISC MISC MISC MISC |
amd -- ryzen_and_ryzen_pro_processor_chips | The Promontory chipset, as used in AMD Ryzen and Ryzen Pro platforms, has a backdoor in the ASIC, aka CHIMERA-HW. | 2018-03-22 | not yet calculated | CVE-2018-8935 MISC MISC MISC MISC |
amd -- ryzen_and_ryzen_pro_processor_chips | The Promontory chipset, as used in AMD Ryzen and Ryzen Pro platforms, has a backdoor in firmware, aka CHIMERA-FW. | 2018-03-22 | not yet calculated | CVE-2018-8934 MISC MISC MISC MISC |
apache -- apache_commons_components | A specially crafted ZIP archive can be used to cause an infinite loop inside of Apache Commons Compress' extra field parser used by the ZipFile and ZipArchiveInputStream classes in versions 1.11 to 1.15. This can be used to mount a denial of service attack against services that use Compress' zip package. | 2018-03-16 | not yet calculated | CVE-2018-1324 BID SECTRACK MLIST |
apache -- commons-email | If a user of Commons-Email (typically an application programmer) passes unvalidated input as the so-called "Bounce Address", and that input contains line-breaks, then the email details (recipients, contents, etc.) might be manipulated. Mitigation: Users should upgrade to Commons-Email 1.5. You can mitigate this vulnerability for older versions of Commons Email by stripping line-breaks from data, that will be passed to Email.setBounceAddress(String). | 2018-03-20 | not yet calculated | CVE-2018-1294 MLIST |
apache -- syncope | An administrator with user search entitlements in Apache Syncope 1.2.x before 1.2.11 and 2.0.x before 2.0.8 can recover sensitive security values using the fiql and orderby parameters. | 2018-03-20 | not yet calculated | CVE-2018-1322 MISC |
apache -- syncope | An administrator with report and template entitlements in Apache Syncope 1.2.x before 1.2.11 and 2.0.x before 2.0.8 can use XSL Transformations (XSLT) to perform malicious operations, including but not limited to file read, file write, and code execution. | 2018-03-20 | not yet calculated | CVE-2018-1321 MISC |
atlassian -- bitbucket_server
| In browser editing in Atlassian Bitbucket Server from version 4.13.0 before 5.4.8 (the fixed version for 4.13.0 through 5.4.7), 5.5.0 before 5.5.8 (the fixed version for 5.5.x), 5.6.0 before 5.6.5 (the fixed version for 5.6.x), 5.7.0 before 5.7.3 (the fixed version for 5.7.x), and 5.8.0 before 5.8.2 (the fixed version for 5.8.x), allows authenticated users to gain remote code execution using the in browser editing feature via editing a symbolic link within a repository. | 2018-03-22 | not yet calculated | CVE-2018-5225 BID CONFIRM |
atlassian -- fisheye_and_crucible | Various resources in Atlassian Fisheye and Crucible before version 4.4.3 (the fixed version for 4.4.x) and 4.5.0 allow remote attackers with administrative privileges to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability through the base path setting of a configured file system repository. | 2018-03-22 | not yet calculated | CVE-2017-18094 CONFIRM CONFIRM |
authentikat-jwt -- authentikat-jwt | A time-sensitive equality check on the JWT signature in the JsonWebToken.validate method in main/scala/authentikat/jwt/JsonWebToken.scala in authentikat-jwt (aka com.jason-goodwin/authentikat-jwt) version 0.4.5 and earlier allows the supplier of a JWT token to guess bit after bit of the signature by repeating validation requests. | 2018-03-17 | not yet calculated | CVE-2017-18239 MISC MISC MISC |
beckhoff -- twincat | Kernal drivers in Beckhoff TwinCAT 3.1 Build 4022.4, TwinCAT 2.11 R3 2259, and TwinCAT 3.1 lack proper validation of user-supplied pointer values. An attacker who is able to execute code on the target may be able to exploit this vulnerability to obtain SYSTEM privileges. | 2018-03-23 | not yet calculated | CVE-2018-7502 BID MISC MISC |
bmc_remedy -- action_request_system | BMC Remedy Action Request (AR) System 9.0 before 9.0.00 Service Pack 2 hot fix 1 has persistent XSS. | 2018-03-24 | not yet calculated | CVE-2015-9257 CONFIRM |
bose -- soundtouch_devices | Bose SoundTouch devices allow XSS via crafted song data from a music service, as demonstrated by Pandora. | 2018-03-24 | not yet calculated | CVE-2017-17749 MISC |
bose -- soundtouch_devices | Bose SoundTouch devices allow XSS via a crafted public playlist from Spotify. | 2018-03-24 | not yet calculated | CVE-2017-17750 MISC |
bose -- soundtouch_devices | Bose SoundTouch devices allows remote attackers to achieve remote control via a crafted web site that uses the WebSocket Protocol. | 2018-03-24 | not yet calculated | CVE-2017-17751 MISC |
bylancer -- bookme_control_panel | Bookme Control Panel 2.0 Application is vulnerable to stored XSS within the Customers "Book Me" function. Within the Name and Note (aka custName and custNote) sections of the Customers screen, the application does not sanitize user-supplied input and renders injected JavaScript code to the user's browser. | 2018-03-17 | not yet calculated | CVE-2018-8737 MISC |
cloud_controller -- cloud_controller | In Cloud Controller versions prior to 1.46.0, cf-deployment versions prior to 1.3.0, and cf-release versions prior to 283, Cloud Controller accepts refresh tokens for authentication where access tokens are expected. This exposes a vulnerability where a refresh token that would otherwise be insufficient to obtain an access token, either due to lack of client credentials or revocation, would allow authentication. | 2018-03-19 | not yet calculated | CVE-2018-1195 CONFIRM |
cloud_foundry_foundation -- garden | In Garden versions 0.22.0-0.329.0, a vulnerability has been discovered in the garden-linux nstar executable that allows access to files on the host system. By staging an application on Cloud Foundry using Diego and Garden installations with a malicious custom buildpack an end user could read files on the host system that the BOSH-created vcap user has permissions to read and then package them into their app droplet. | 2018-03-19 | not yet calculated | CVE-2015-5350 CONFIRM |
cloud_foundry_foundation -- gorouter | In cf-deployment before 1.14.0 and routing-release before 0.172.0, the Cloud Foundry Gorouter mishandles WebSocket requests for AWS Application Load Balancers (ALBs) and some other HTTP-aware Load Balancers. A user with developer privileges could use this vulnerability to steal data or cause denial of service. | 2018-03-19 | not yet calculated | CVE-2018-1221 CONFIRM |
cloud_foundry_foundation -- windows_stemcells | In Windows Stemcells versions prior to 1200.14, apps running inside containers in Windows on Google Cloud Platform are able to access the metadata endpoint. A malicious developer could use this access to gain privileged credentials. | 2018-03-19 | not yet calculated | CVE-2018-1197 CONFIRM |
core_ftp_server -- core_ftp_server | Multiple buffer overflows in Core FTP Server before 1.2 build 508 allow local users to gain privileges via vectors related to reading data from config.dat and Windows Registry. | 2018-03-20 | not yet calculated | CVE-2014-1215 BUGTRAQ MISC |
covercms -- covercms | CoverCMS v1.1.6 has XSS via the fourth input box to index.php, related to admina/mconfigs.inc.php. | 2018-03-23 | not yet calculated | CVE-2018-8957 MISC MISC MISC |
creditwest_bank -- cms_project | Creditwest Bank CMS Project (aka CWCMS) through 2017-07-28 has CSRF in the functionality for updating the site configuration, which allows remote attackers to inject arbitrary PHP code, as demonstrated by a PHP shell that calls eval on request parameters. | 2018-03-24 | not yet calculated | CVE-2018-8972 MISC |
dell -- storage_manager | In Dell Storage Manager versions earlier than 16.3.20, the EMConfigMigration service is affected by a directory traversal vulnerability. A remote malicious user could potentially exploit this vulnerability to read unauthorized files by supplying specially crafted strings in input parameters of the application. A malicious user cannot delete or modify any files via this vulnerability. | 2018-03-16 | not yet calculated | CVE-2017-14384 CONFIRM BID |
dell_emc -- idrac | Dell EMC iDRAC7/iDRAC8, versions prior to 2.52.52.52, contain a path traversal vulnerability in its Web server's URI parser which could be used to obtain specific sensitive data without authentication. A remote unauthenticated attacker may be able to read configuration settings from the iDRAC by querying specific URI strings. | 2018-03-23 | not yet calculated | CVE-2018-1211 MISC |
dell_emc -- idrac | Dell EMC iDRAC7/iDRAC8, versions prior to 2.52.52.52, contain CGI injection vulnerability which could be used to execute remote code. A remote unauthenticated attacker may potentially be able to use CGI variables to execute remote code. | 2018-03-23 | not yet calculated | CVE-2018-1207 MISC MISC |
dell_emc -- networker | In Dell EMC NetWorker versions prior to 9.2.1.1, versions prior to 9.1.1.6, 9.0.x, and versions prior to 8.2.4.11, the 'nsrd' daemon causes a buffer overflow condition when handling certain messages. A remote unauthenticated attacker could potentially exploit this vulnerability to cause a denial of service to the users of NetWorker systems. | 2018-03-19 | not yet calculated | CVE-2018-1218 FULLDISC SECTRACK |
dsmall -- dsmall | dsmall v20180320 has XSS via a crafted street address to public/index.php/home/memberaddress/index.html, which is mishandled at public/index.php/home/memberaddress/edit/address_id/2.html. | 2018-03-22 | not yet calculated | CVE-2018-8906 MISC |
dtisqlinstaller.exe -- dtisqlinstaller.exe | Versions of DocuTrac QuicDoc and Office Therapy that ship with DTISQLInstaller.exe version 1.6.4.0 and prior contain three credentials with known passwords: QDMaster, OTMaster, and sa. | 2018-03-19 | not yet calculated | CVE-2018-5551 MISC |
dtisqlinstaller.exe -- dtisqlinstaller.exe | Versions of DocuTrac QuicDoc and Office Therapy that ship with DTISQLInstaller.exe version 1.6.4.0 and prior contains a hard-coded cryptographic salt, "S@l+&pepper". | 2018-03-19 | not yet calculated | CVE-2018-5552 MISC |
eaton -- elcsoft | In Eaton ELCSoft versions 2.04.02 and prior, there are multiple cases where specially crafted files could cause a buffer overflow which, in turn, may allow remote execution of arbitrary code. | 2018-03-20 | not yet calculated | CVE-2018-7511 CONFIRM BID MISC |
electron -- electron | Electron version 1.7 up to 1.7.12; 1.8 up to 1.8.3 and 2.0.0 up to 2.0.0-beta.3 contains an improper handling of values vulnerability in Webviews that can result in remote code execution. This attack appear to be exploitable via an app which allows execution of 3rd party code AND disallows node integration AND has not specified if webview is enabled/disabled. This vulnerability appears to have been fixed in 1.7.13, 1.8.4, 2.0.0-beta.4. | 2018-03-23 | not yet calculated | CVE-2018-1000136 MISC |
elfutils -- elfutils | elfutils 0.170 has a buffer over-read in the ebl_dynamic_tag_name function of libebl/ebldynamictagname.c because SYMTAB_SHNDX is unsupported. | 2018-03-18 | not yet calculated | CVE-2018-8769 CONFIRM |
emc -- data_protection_advisor | EMC Data Protection Advisor 6.3.x before patch 67 and 6.4.x before patch 130 contains undocumented accounts with hard-coded passwords and various privileges. Affected accounts are: "Apollo System Test", "emc.dpa.agent.logon" and "emc.dpa.metrics.logon". An attacker with knowledge of the password could potentially use these accounts via REST APIs to gain unauthorized access to EMC Data Protection Advisor (including potentially access with administrative privileges). | 2018-03-16 | not yet calculated | CVE-2017-8013 FULLDISC BID SECTRACK |
enhavo -- enhavo | enhavo 0.4.0 has XSS via a user-group that contains executable JavaScript code in the user-group name. The XSS attack launches when a victim visits the admin user group page. | 2018-03-20 | not yet calculated | CVE-2018-8832 MISC |
exiv2 -- exiv2 | In Exiv2 0.26, the Exiv2::Internal::printCsLensFFFF function in canonmn_int.cpp allows remote attackers to cause a denial of service (invalid memory access) via a crafted file. | 2018-03-24 | not yet calculated | CVE-2018-8977 MISC |
exiv2 -- exiv2 | In Exiv2 0.26, jpgimage.cpp allows remote attackers to cause a denial of service (image.cpp Exiv2::Internal::stringFormat out-of-bounds read) via a crafted file. | 2018-03-24 | not yet calculated | CVE-2018-8976 MISC |
f5 -- big-ip | In some circumstances, the Traffic Management Microkernel (TMM) does not properly handle certain malformed Websockets requests/responses, which allows remote attackers to cause a denial-of-service (DoS) or possible remote code execution on the F5 BIG-IP system running versions 13.0.0 - 13.1.0.3 or 12.1.0 - 12.1.3.1. | 2018-03-22 | not yet calculated | CVE-2018-5504 SECTRACK CONFIRM |
f5 -- big-ip | On F5 BIG-IP versions 13.0.0 - 13.1.0.3, attackers may be able to disrupt services on the BIG-IP system with maliciously crafted client certificate. This vulnerability affects virtual servers associated with Client SSL profile which enables the use of client certificate authentication. Client certificate authentication is not enabled by default in Client SSL profile. There is no control plane exposure. | 2018-03-22 | not yet calculated | CVE-2018-5502 SECTRACK CONFIRM |
f5 -- big-ip | SSL virtual servers in F5 BIG-IP systems 10.x before 10.2.4 HF9, 11.x before 11.2.1 HF12, 11.3.0 before HF10, 11.4.0 before HF8, 11.4.1 before HF5, 11.5.0 before HF5, and 11.5.1 before HF5, when used with third-party Secure Sockets Layer (SSL) accelerator cards, might allow remote attackers to have unspecified impact via a timing side-channel attack. | 2018-03-19 | not yet calculated | CVE-2014-4024 XF CONFIRM |
f5 -- big-ip | On F5 BIG-IP versions 13.0.0 or 12.1.0 - 12.1.3.1, when a specifically configured virtual server receives traffic of an undisclosed nature, TMM will crash and take the configured failover action, potentially causing a denial of service. The configuration which exposes this issue is not common and in general does not work when enabled in previous versions of BIG-IP. Starting in 12.1.0, BIG-IP will crash if the configuration which exposes this issue is enabled and the virtual server receives non TCP traffic. With the fix of this issue, additional configuration validation logic has been added to prevent this configuration from being applied to a virtual server. There is only data plane exposure to this issue with a non-standard configuration. There is no control plane exposure. | 2018-03-22 | not yet calculated | CVE-2018-5509 SECTRACK CONFIRM |
f5 -- big-ip | On F5 BIG-IP versions 13.1.0 - 13.1.0.3, when ASM and AVR are both provisioned, TMM may restart while processing DNS requests when the virtual server is configured with a DNS profile and the Protocol setting is set to TCP. | 2018-03-22 | not yet calculated | CVE-2018-5505 SECTRACK CONFIRM |
f5 -- big-ip | On F5 BIG-IP versions 13.0.0 - 13.1.0.3 or 12.0.0 - 12.1.3.1, TMM may restart when processing a specifically crafted page through a virtual server with an associated PEM policy that has content insertion as an action. | 2018-03-22 | not yet calculated | CVE-2018-5503 SECTRACK CONFIRM |
flafla -- arsenol | Cross-site scripting vulnerability in ArsenoL Version 0.5 allows an attacker to inject arbitrary web script or HTML via unspecified vectors. | 2018-03-22 | not yet calculated | CVE-2018-0534 JVN |
flafla -- arsenol | Cross-site scripting vulnerability in QQQ SYSTEMS ver2.24 allows an attacker to inject arbitrary web script or HTML via quiz.cgi. | 2018-03-22 | not yet calculated | CVE-2018-0536 JVN |
fortinet -- fortiweb | An Improper Access Control vulnerability in Fortinet FortiWeb 5.6.0 and above under "Signed Security Mode", allows attacker to bypass the signed user cookie protection by removing the FortiWeb own protection session cookie. A fix is scheduled in upcoming FortiWeb v6.1.0. | 2018-03-20 | not yet calculated | CVE-2017-14191 BID CONFIRM |
frog_cms -- frog_cms | An Arbitrary File Upload issue was discovered in Frog CMS 0.9.5 due to lack of extension validation. | 2018-03-22 | not yet calculated | CVE-2014-4912 EXPLOIT-DB |
functions.php -- functions.php | I, Librarian version 4.8 and earlier contains a SSRF vulnerability in "url" parameter of getFromWeb in functions.php that can result in the attacker abusing functionality on the server to read or update internal resources. | 2018-03-23 | not yet calculated | CVE-2018-1000138 MISC MISC |
general_electric -- centricity_pacs_ra1000_devices | GE Centricity PACS RA1000, diagnostic image analysis, all current versions are affected these devices use default or hard-coded credentials. Successful exploitation of this vulnerability may allow a remote attacker to bypass authentication and gain access to the affected devices. | 2018-03-20 | not yet calculated | CVE-2017-14008 BID MISC |
general_electric -- gemnet_license_server | GE GEMNet License server (EchoServer) all current versions are affected these devices use default or hard-coded credentials. Successful exploitation of this vulnerability may allow a remote attacker to bypass authentication and gain access to the affected devices. | 2018-03-20 | not yet calculated | CVE-2017-14004 MISC |
general_electric -- infinia_and_infinia_with_hawkeye_4_medical_imaging_systems | GE Infinia/Infinia with Hawkeye 4 medical imaging systems all current versions are affected these devices use default or hard-coded credentials. Successful exploitation of this vulnerability may allow a remote attacker to bypass authentication and gain access to the affected devices. | 2018-03-20 | not yet calculated | CVE-2017-14002 BID MISC |
general_electric -- xeleris_medical_imaging_systems | GE Xeleris versions 1.0,1.1,2.1,3.0,3.1, medical imaging systems, all current versions are affected, these devices use default or hard-coded credentials. Successful exploitation of this vulnerability may allow a remote attacker to bypass authentication and gain access to the affected devices. | 2018-03-20 | not yet calculated | CVE-2017-14006 MISC |
gentoo -- collectd | The Gentoo app-admin/collectd package before 5.7.2-r1 sets the ownership of PID file directory to the collectd account, which might allow local users to kill arbitrary processes by leveraging access to this account for PID file modification before a root script sends a SIGKILL (when the service is stopped). | 2018-03-18 | not yet calculated | CVE-2017-18240 BID CONFIRM GENTOO |
geutebruck -- ip_cameras | Unauthentication vulnerabilities have been identified in Geutebruck G-Cam/EFD-2250 Version 1.12.0.4 and Topline TopFD-2125 Version 3.15.1 IP cameras, which may allow remote code execution. | 2018-03-22 | not yet calculated | CVE-2018-7532 BID MISC |
geutebruck -- ip_cameras | A server-side request forgery vulnerability has been identified in Geutebruck G-Cam/EFD-2250 Version 1.12.0.4 and Topline TopFD-2125 Version 3.15.1 IP cameras, which could lead to proxied network scans. | 2018-03-22 | not yet calculated | CVE-2018-7516 BID MISC |
geutebruck -- ip_cameras | A cross-site request forgery vulnerability has been identified in Geutebruck G-Cam/EFD-2250 Version 1.12.0.4 and Topline TopFD-2125 Version 3.15.1 IP cameras, which may allow an unauthorized user to be added to the system. | 2018-03-22 | not yet calculated | CVE-2018-7524 BID MISC |
geutebruck -- ip_cameras | An improper access control vulnerability has been identified in Geutebruck G-Cam/EFD-2250 Version 1.12.0.4 and Topline TopFD-2125 Version 3.15.1 IP cameras, which could allow a full configuration download, including passwords. | 2018-03-22 | not yet calculated | CVE-2018-7520 BID MISC |
geutebruck -- ip_cameras | An SQL injection vulnerability has been identified in Geutebruck G-Cam/EFD-2250 Version 1.12.0.4 and Topline TopFD-2125 Version 3.15.1 IP cameras, which may allow an attacker to alter stored data. | 2018-03-22 | not yet calculated | CVE-2018-7528 BID MISC |
geutebruck -- ip_cameras | A cross-site scripting vulnerability has been identified in Geutebruck G-Cam/EFD-2250 Version 1.12.0.4 and Topline TopFD-2125 Version 3.15.1 IP cameras, which may allow remote code execution. | 2018-03-22 | not yet calculated | CVE-2018-7512 BID MISC |
gitlab -- community_and_enterprise_editions | Gitlab Community and Enterprise Editions version 10.3.3 is vulnerable to an Insecure Temporary File in the project import component resulting remote code execution. | 2018-03-21 | not yet calculated | CVE-2018-3710 CONFIRM MISC CONFIRM MISC DEBIAN |
gitlab -- community_and_enterprise_editions | Gitlab Community and Enterprise Editions version 10.1, 10.2, and 10.2.4 are vulnerable to a SQL injection in the MilestoneFinder component resulting in disclosure of all data in a GitLab instance's database. | 2018-03-21 | not yet calculated | CVE-2017-0914 CONFIRM MISC |
gitlab -- community_and_enterprise_editions | GitLab Community and Enterprise Editions before 10.1.6, 10.2.6, and 10.3.4 are vulnerable to an authorization bypass issue in the Projects::MergeRequests::CreationsController component resulting in an attacker to see every project name and their respective namespace on a GitLab instance. | 2018-03-22 | not yet calculated | CVE-2017-0920 CONFIRM MISC |
gitlab -- community_edition | Gitlab Community Edition version 10.2.4 is vulnerable to lack of input validation in the labels component resulting in persistent cross site scripting. | 2018-03-21 | not yet calculated | CVE-2017-0924 CONFIRM MISC |
gitlab -- community_edition | Gitlab Community Edition version 10.2.4 is vulnerable to a lack of input validation in the GitlabProjectsImportService resulting in remote code execution. | 2018-03-21 | not yet calculated | CVE-2017-0915 CONFIRM MISC DEBIAN |
gitlab -- community_edition | Gitlab Community Edition version 10.2.4 is vulnerable to lack of input validation in the CI job component resulting in persistent cross site scripting. | 2018-03-21 | not yet calculated | CVE-2017-0917 CONFIRM MISC DEBIAN |
gitlab -- community_edition | Gitlab Community Edition version 10.3 is vulnerable to an improper authorization issue in the Oauth sign-in component resulting in unauthorized user login. | 2018-03-21 | not yet calculated | CVE-2017-0926 CONFIRM CONFIRM DEBIAN |
gitlab -- community_edition | Gitlab Community Edition version 10.3 is vulnerable to a path traversal issue in the GitLab CI runner component resulting in remote code execution. | 2018-03-21 | not yet calculated | CVE-2017-0918 CONFIRM MISC DEBIAN |
gitlab -- community_edition | Gitlab Community Edition version 10.3 is vulnerable to an improper authorization issue in the deployment keys component resulting in unauthorized use of deployment keys by guest users. | 2018-03-21 | not yet calculated | CVE-2017-0927 CONFIRM CONFIRM |
gitlab -- community_edition | Gitlab Community Edition version 10.3 is vulnerable to a lack of input validation in the system_hook_push queue through web hook component resulting in remote code execution. | 2018-03-21 | not yet calculated | CVE-2017-0916 CONFIRM MISC DEBIAN |
gitlab -- community_edition | Gitlab Community Edition version 9.1 is vulnerable to lack of input validation in the IPython notebooks component resulting in persistent cross site scripting. | 2018-03-21 | not yet calculated | CVE-2017-0923 CONFIRM MISC |
gitlab -- enterprise_edition | Gitlab Enterprise Edition version 10.1.0 is vulnerable to an insufficiently protected credential issue in the project service integration API endpoint resulting in an information disclosure of plaintext password. | 2018-03-21 | not yet calculated | CVE-2017-0925 CONFIRM CONFIRM DEBIAN |
gitlab -- enterprise_edition | Gitlab Enterprise Edition version 10.3 is vulnerable to an authorization bypass issue in the GitLab Projects::BoardsController component resulting in an information disclosure on any board object. | 2018-03-21 | not yet calculated | CVE-2017-0922 CONFIRM MISC |
gitlab -- gitlab | The Auth0 integration in GitLab before 10.3.9, 10.4.x before 10.4.6, and 10.5.x before 10.5.6 has an incorrect omniauth-auth0 configuration, leading to signing in unintended users. | 2018-03-24 | not yet calculated | CVE-2018-8971 MISC |
gnome -- networkmanager | GNOME NetworkManager version 1.10.2 and earlier contains a Information Exposure (CWE-200) vulnerability in DNS resolver that can result in Private DNS queries leaked to local network's DNS servers, while on VPN. This vulnerability appears to have been fixed in Some Ubuntu 16.04 packages were fixed, but later updates removed the fix. cf. https://bugs.launchpad.net/ubuntu/+bug/1754671 an upstream fix does not appear to be available at this time. | 2018-03-20 | not yet calculated | CVE-2018-1000135 BID CONFIRM CONFIRM CONFIRM |
gnu -- binutils | The bfd_section_from_shdr function in elf.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.30, allows remote attackers to cause a denial of service (segmentation fault) via a large attribute section. | 2018-03-22 | not yet calculated | CVE-2018-8945 MISC |
wire.com -- wire_application_for_android | The Wire application before 2018-03-07 for Android allows attackers to write to pathnames outside of the downloads directory via a ../ in a filename of a received file, related to AssetService.scala. | 2018-03-22 | not yet calculated | CVE-2018-8909 MISC |
grav_cms -- grav_cms | Cross-site scripting (XSS) vulnerability in system/src/Grav/Common/Twig/Twig.php in Grav CMS before 1.3.0 allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO to admin/tools. | 2018-03-19 | not yet calculated | CVE-2018-5233 MLIST MISC |
gundam_cult_qqq -- qqq_systems | Cross-site scripting vulnerability in QQQ SYSTEMS ver2.24 allows an attacker to inject arbitrary web script or HTML via quiz_op.cgi. | 2018-03-22 | not yet calculated | CVE-2018-0537 JVN |
gundam_cult_qqq -- qqq_systems | Cross-site scripting vulnerability in QQQ SYSTEMS ver2.24 allows an attacker to inject arbitrary web script or HTML via unspecified vectors. | 2018-03-22 | not yet calculated | CVE-2018-0538 JVN |
gundam_cult_qqq -- qqq_systems | QQQ SYSTEMS version 2.24 allows an attacker to execute arbitrary commands via unspecified vectors. | 2018-03-22 | not yet calculated | CVE-2018-0539 JVN |
heimdal_security -- heimdal_pro_and_heimdal_free_and_heimdal_corp | A vulnerability has been found in Heimdal PRO v2.2.190, but it is most likely also present in Heimdal FREE and Heimdal CORP. Faulty permissions on the directory "C:\ProgramData\Heimdal Security\Heimdal Agent" allow BUILTIN\Users to write new files to the directory. On startup, the process Heimdal.MonitorServices.exe running as SYSTEM will attempt to load version.dll from this directory. Placing a malicious version.dll in this directory will result in privilege escalation. NOTE: any affected Heimdal products are completely unrelated to the Heimdal vendor of a Kerberos 5 product on the h5l.org web site. | 2018-03-22 | not yet calculated | CVE-2018-5349 MISC |
heimdal_security -- heimdal_pro | An issue was discovered in Heimdal PRO 2.2.190. As part of the scanning feature, a process called md.hs writes an executable called CS1.tmp to C:\windows\TEMP. Afterwards the executable is run. It is possible for an attacker to create the file first, let md.hs overwrite it, and then rewrite the file in the window between md.hs closing the file and executing it. This can be exploited via opportunistic locks and a high priority thread. The vulnerablity is triggered when a scan starts. NOTE: any affected Heimdal products are completely unrelated to the Heimdal vendor of a Kerberos 5 product on the h5l.org web site. | 2018-03-22 | not yet calculated | CVE-2018-5731 MISC |
hisayuki_nomura -- tiny_ftp_daemon | Buffer overflow in Tiny FTP Daemon Ver0.52d allows an attacker to cause a denial-of-service (DoS) condition or execute arbitrary code via unspecified vectors. | 2018-03-22 | not yet calculated | CVE-2018-0541 JVN |
huawei -- fusionsphere_openstack | Huawei FusionSphere OpenStack V100R006C00SPC102(NFV) has a privilege escalation vulnerability. Due to improper privilege restrictions, an attacker with high privilege may obtain the other users' certificates. Successful exploit may cause privilege escalation. | 2018-03-20 | not yet calculated | CVE-2017-8187 CONFIRM |
huawei -- hg532 | Huawei HG532 with some customized versions has a remote code execution vulnerability. An authenticated attacker could send malicious packets to port 37215 to launch attacks. Successful exploit could lead to the remote execution of arbitrary code. | 2018-03-20 | not yet calculated | CVE-2017-17215 CONFIRM BID |
huawei -- iptv_stb | Huawei IPTV STB with earlier than IPTV STB V100R003C01LMYTa6SPC001 versions has an authentication bypass vulnerability. An attacker could exploit this vulnerability to access the serial interface and modify the configuration. Successful exploit could lead to the authentication bypass and view channels by free. | 2018-03-20 | not yet calculated | CVE-2017-8176 MISC CONFIRM |
huawei -- mate_9_pro_smartphones | Huawei Mate 9 Pro smartphones with software of LON-AL00BC00B139D, LON-AL00BC00B229, LON-L29DC721B188 have a memory double free vulnerability. The system does not manage the memory properly, that frees on the same memory address twice. An attacker tricks the user who has root privilege to install a crafted application, successful exploit could result in malicious code execution. | 2018-03-20 | not yet calculated | CVE-2017-17320 CONFIRM |
huawei -- multiple_devices | DBS3900 TDD LTE V100R003C00, V100R004C10 have a weak encryption algorithm security vulnerability. DBS3900 TDD LTE supports SSL/TLS protocol negotiation using insecure encryption algorithms. If an insecure encryption algorithm is negotiated in the communication, an unauthenticated remote attacker can exploit this vulnerability to crack the encrypted data and cause information leakage. | 2018-03-23 | not yet calculated | CVE-2017-15326 CONFIRM |
huawei -- multiple_smartphones | Some Huawei Smartphones with software of VNS-L21AUTC555B141, VNS-L21C10B160, VNS-L21C66B160, VNS-L21C703B140 have an array out-of-bounds read vulnerability. Due to the lack verification of array, an attacker tricks a user into installing a malicious application, and the application can exploit the vulnerability and make attacker to read out of bounds of array and possibly cause the device abnormal. | 2018-03-20 | not yet calculated | CVE-2017-17306 CONFIRM |
huawei -- p9_smartphones | Huawei P9 smartphones with the versions before EVA-AL10C00B399SP02 have an information disclosure vulnerability. The software does not properly protect certain resource which can be accessed by multithreading. An attacker tricks the user who has root privilege to install a crafted application, successful exploit could result in kernel information disclosure. | 2018-03-20 | not yet calculated | CVE-2017-17319 CONFIRM |
huawei -- smartphones_with_vns-l21autc555b141_software | Some Huawei Smartphones with software of VNS-L21AUTC555B141 have an out-of-bounds read vulnerability. Due to the lack string terminator of string, an attacker tricks a user into installing a malicious application, and the application can exploit the vulnerability and make attacker to read out of bounds and possibly cause the device abnormal. | 2018-03-20 | not yet calculated | CVE-2017-17307 CONFIRM |
ibm -- data_server_driver_for_jdbc_and_sqlj | IBM Data Server Driver for JDBC and SQLJ (IBM DB2 for Linux, UNIX and Windows 9.7, 10.1, 10.5, and 11.1) deserializes the contents of /tmp/connlicj.bin which leads to object injection and potentially arbitrary code execution depending on the classpath. IBM X-Force ID: 133999. | 2018-03-22 | not yet calculated | CVE-2017-1677 CONFIRM BID MISC |
ibm -- db2_for_linux_and_unix_and_windows | IBM DB2 for Linux, UNIX and Windows 9.7, 10.1, 10.5, and 11.1 (includes DB2 Connect Server) contains a vulnerability that could allow a local user to overwrite arbitrary files owned by the DB2 instance owner. IBM X-Force ID: 140043. | 2018-03-22 | not yet calculated | CVE-2018-1448 CONFIRM MISC |
ibm -- db2_for_linux_and_unix_and_windows | IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, and 11.1 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 131853. | 2018-03-22 | not yet calculated | CVE-2017-1571 CONFIRM MISC |
ibm -- gskit | IBM GSKit (IBM DB2 for Linux, UNIX and Windows 9.7, 10.1, 10.5, and 11.1) contains several environment variables that a local attacker could overflow and cause a denial of service. IBM X-Force ID: 139072. | 2018-03-22 | not yet calculated | CVE-2018-1427 CONFIRM MISC |
ibm -- gskit | IBM GSKit (IBM DB2 for Linux, UNIX and Windows 9.7, 10.1, 10.5, and 11.1) uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 139073. | 2018-03-22 | not yet calculated | CVE-2018-1428 CONFIRM MISC |
ibm -- gskit | IBM GSKit (IBM DB2 for Linux, UNIX and Windows 9.7, 10.1, 10.5, and 11.1) duplicates the PRNG state across fork() system calls when multiple ICC instances are loaded which could result in duplicate Session IDs and a risk of duplicate key material. IBM X-Force ID: 139071. | 2018-03-22 | not yet calculated | CVE-2018-1426 CONFIRM MISC |
ibm -- ibm_connections | Cross-site scripting (XSS) vulnerability in IBM Connections 3.0.1.1 and earlier, 4.0, 4.5, and 5.0 before CR4 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. IBM X-Force ID: 108354. | 2018-03-20 | not yet calculated | CVE-2015-7458 CONFIRM XF |
ibm -- ibm_connections | Cross-site scripting (XSS) vulnerability in IBM Connections 3.0.1.1 and earlier, 4.0, 4.5, and 5.0 before CR4 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. IBM X-Force ID: 108355. | 2018-03-20 | not yet calculated | CVE-2015-7459 CONFIRM XF |
ibm -- ibm_connections | Cross-site scripting (XSS) vulnerability in IBM Connections 3.0.1.1 and earlier, 4.0, 4.5, and 5.0 before CR4 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. IBM X-Force ID: 108356. | 2018-03-20 | not yet calculated | CVE-2015-7460 CONFIRM XF |
ibm -- ibm_connections | XML external entity (XXE) vulnerability in IBM Connections 3.0.1.1 and earlier, 4.0, 4.5, and 5.0 before CR4 allows remote authenticated users to cause a denial of service (memory consumption) via crafted XML data. IBM X-Force ID: 108357. | 2018-03-20 | not yet calculated | CVE-2015-7461 CONFIRM XF |
ibm -- ibm_jazz_foundation | IBM Jazz Foundation (IBM Rational Collaborative Lifecycle Management 5.0 and 6.0) is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 133379. | 2018-03-23 | not yet calculated | CVE-2017-1655 CONFIRM BID MISC |
ibm -- ibm_jazz_foundation | IBM Jazz Foundation (IBM Rational Collaborative Lifecycle Management 5.0 and 6.0) is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 136006. | 2018-03-23 | not yet calculated | CVE-2017-1762 CONFIRM BID MISC |
ibm -- ibm_jazz_foundation | IBM Jazz Foundation (IBM Rational Collaborative Lifecycle Management 5.0 and 6.0) is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 133127. | 2018-03-23 | not yet calculated | CVE-2017-1629 CONFIRM BID MISC |
ibm -- ibm_jazz_foundation | IBM Jazz Foundation (IBM Rational Collaborative Lifecycle Management 5.0 and 6.0) could allow an authenticated user to obtain sensitive information from a specially crafted HTTP request that could be used to aid future attacks. IBM X-Force ID: 129970. | 2018-03-23 | not yet calculated | CVE-2017-1524 CONFIRM BID MISC |
ibm -- ibm_jazz_foundation | IBM Rational Collaborative Lifecycle Management (CLM) 4.0.x before 4.0.7 iFix10, 5.0.x before 5.0.2 iFix15, 6.0.x before 6.0.1 iFix5, and 6.0.2 before iFix2; Rational Quality Manager (RQM) 4.0.x before 4.0.7 iFix10, 5.0.x before 5.0.2 iFix15, 6.0.x before 6.0.1 iFix5, and 6.0.2 before iFix2; Rational Team Concert (RTC) 4.0.x before 4.0.7 iFix10, 5.0.x before 5.0.2 iFix15, 6.0.x before 6.0.1 iFix5, and 6.0.2 before iFix2; Rational Requirements Composer (RRC) 4.0.x before 4.0.7 iFix10; Rational DOORS Next Generation (RDNG) 4.0.x before 4.0.7 iFix10, 5.0.x before 5.0.2 iFix15, 6.0.x before 6.0.1 iFix5, and 6.0.2 before iFix2; Rational Engineering Lifecycle Manager (RELM) 4.0.3, 4.0.4, 4.0.5, 4.0.6, 4.0.7 before iFix1, 5.0.x before 5.0.2 iFix1, and 6.0.x before 6.0.2; Rational Rhapsody Design Manager (Rhapsody DM) 4.0.x before 4.0.7 iFix10, 5.0.x before 5.0.2 iFix15, 6.0.x before 6.0.1 iFix5, and 6.0.2 before iFix2; Rational Software Architect Design Manager (RSA DM) 4.0.x before 4.0.7 iFix10, 5.0.x before 5.0.2 iFix15, 6.0.x before 6.0.1 iFix5, and 6.0.2 before iFix2 allow local users to obtain sensitive information by leveraging weak encryption. IBM X-Force ID: 108221. | 2018-03-20 | not yet calculated | CVE-2015-7449 CONFIRM XF |
ibm -- mq_appliance | IBM MQ Appliance 9.0.1, 9.0.2, 9.0.3, amd 9.0.4 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 139077. | 2018-03-23 | not yet calculated | CVE-2018-1429 CONFIRM BID SECTRACK MISC |
ibm -- predictive_solutions_foundation | IBM Predictive Solutions Foundation (IBM Cognos Analytics 11.0) reveals sensitive information in detailed error messages that could aid an attacker in further attacks against the system. IBM X-Force ID: 119619. | 2018-03-22 | not yet calculated | CVE-2016-9711 CONFIRM MISC |
ibm -- rational_collaborative_lifecycle_management | IBM RSA DM (IBM Rational Collaborative Lifecycle Management 5.0 and 6.0) could allow an authenticated user to access settings that they should not be able to using a specially crafted URL. IBM X-Force ID: 132625. | 2018-03-23 | not yet calculated | CVE-2017-1602 CONFIRM BID MISC |
ibm -- tivoli_monitoring_v6 | IBM Tivoli Monitoring V6 6.2.3 and 6.3.0 could allow an unauthenticated user to remotely execute code through unspecified methods. IBM X-Force ID: 137034. | 2018-03-22 | not yet calculated | CVE-2017-1789 CONFIRM MISC |
ibm -- websphere_application_server_9 | IBM WebSphere Application Server 9 installations using Form Login could allow a remote attacker to conduct spoofing attacks. IBM X-Force ID: 137031. | 2018-03-22 | not yet calculated | CVE-2017-1788 CONFIRM MISC |
identityserver -- identityserver4 | IdentityServer IdentityServer4 1.x before 1.5.3 and 2.x before 2.1.3 does not encode the redirect URI on the authorization response page, which might lead to XSS in some configurations. | 2018-03-22 | not yet calculated | CVE-2018-8899 MISC MISC MISC MISC |
imagemagick -- imagemagick | WriteEPTImage in coders/ept.c in ImageMagick 7.0.7-25 Q16 allows remote attackers to cause a denial of service (MagickCore/memory.c double free and application crash) or possibly have unspecified other impact via a crafted file. | 2018-03-20 | not yet calculated | CVE-2018-8804 CONFIRM |
imagemagick -- imagemagick | The ReadTIFFImage function in coders/tiff.c in ImageMagick 7.0.7-26 Q16 does not properly restrict memory allocation, leading to a heap-based buffer over-read. | 2018-03-23 | not yet calculated | CVE-2018-8960 MISC |
intel -- sgx_sdk | Edger8r tool in the Intel SGX SDK before version 2.1.2 (Linux) and 1.9.6 (Windows) may generate code that is susceptible to a side channel potentially allowing a local user to access unauthorized information. | 2018-03-20 | not yet calculated | CVE-2018-3626 BID CONFIRM |
intel -- software_guard_extensions_platform_software_component | An elevation of privilege in Intel Software Guard Extensions Platform Software Component before 1.9.105.42329 allows a local attacker to execute arbitrary code as administrator. | 2018-03-20 | not yet calculated | CVE-2017-5736 BID CONFIRM |
invision_power_board -- invision_power_board | SQL injection vulnerability in Invision Power Board (aka IPB or IP.Board) before 3.4.6 allows remote attackers to execute arbitrary SQL commands via the cId parameter. | 2018-03-20 | not yet calculated | CVE-2014-4928 MISC |
jboss -- enterprise_application_platform_and_application_server | The Grails Resource Plugin often has to exchange URIs for resources with other internal components. Those other components will decode any URI passed to them. To protect against directory traversal the Grails Resource Plugin did the following: normalized the URI, checked the normalized URI did not step outside the appropriate root directory (e.g. the web application root), decoded the URI and checked that this did not introduce additional /../ (and similar) sequences. A bug was introduced where the Grails Resource Plugin before 1.2.13 returned the decoded version of the URI rather than the normalized version of the URI after the directory traversal check. This exposed a double decoding vulnerability. To address this issue, the Grails Resource Plugin now repeatedly decodes the URI up to three times or until decoding no longer changes the URI. If the decode limit of 3 is exceeded the URI is rejected. A side-effect of this is that the Grails Resource Plugin is unable to serve a resource that includes a '%' character in the full path to the resource. Not all environments are vulnerable because of the differences in URL resolving in different servlet containers. Applications deployed to Tomcat 8 and Jetty 9 were found not not be vulnerable, however applications deployed to JBoss EAP 6.3 / JBoss AS 7.4 and JBoss AS 7.1 were found to be vulnerable (other JBoss versions weren't tested). In certain cases JBoss returns JBoss specific vfs protocol urls from URL resolution methods (ClassLoader.getResources). The JBoss vfs URL protocol supports resolving any file on the filesystem. This made the directory traversal possible. There may be other containers, in addition to JBoss, on which this vulnerability is exposed. | 2018-03-19 | not yet calculated | CVE-2014-3626 CONFIRM |
joyent_smartos -- joyent_smartos | This vulnerability allows local attackers to escalate privileges on vulnerable installations of Joyent SmartOS release-20170803-20170803T064301Z. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the DTrace DOF files. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated object. An attacker can leverage this vulnerability to execute code under the context of the host OS. Was ZDI-CAN-5106. | 2018-03-19 | not yet calculated | CVE-2018-1171 CONFIRM MISC |
joyplus-cms -- joyplus-cms | joyplus-cms 1.6.0 has XSS in manager/admin_ajax.php?action=save&tab={pre}vod_type via the t_name parameter. | 2018-03-18 | not yet calculated | CVE-2018-8767 MISC |
joyplus-cms -- joyplus-cms | joyplus-cms 1.6.0 allows Remote Code Execution because of an Arbitrary File Upload issue in manager/editor/upload.php, related to manager/admin_vod.php?action=add. | 2018-03-18 | not yet calculated | CVE-2018-8766 MISC |
jungo_connectivity -- driverwizard_windriver | windrvr1260.sys in Jungo DriverWizard WinDriver 12.6.0 allows attackers to cause a denial of service (BSOD) via a crafted .exe file. | 2018-03-20 | not yet calculated | CVE-2018-8821 MISC |
jupyter_notebook -- jupyter_notebook | In Jupyter Notebook before 5.4.1, a maliciously forged notebook file can bypass sanitization to execute JavaScript in the notebook context. Specifically, invalid HTML is 'fixed' by jQuery after sanitization, making it dangerous. | 2018-03-18 | not yet calculated | CVE-2018-8768 CONFIRM |
k_okada -- vix | Untrusted search path vulnerability in ViX version 2.21.148.0 allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. | 2018-03-22 | not yet calculated | CVE-2018-0540 JVN |
kagaminokuni -- php_2chbbs | Cross-site scripting vulnerability in PHP 2chBBS version bbs18c allows an attacker to inject arbitrary web script or HTML via unspecified vectors. | 2018-03-22 | not yet calculated | CVE-2018-0535 JVN |
kamailio -- kamailio | A Buffer Overflow issue was discovered in Kamailio before 4.4.7, 5.0.x before 5.0.6, and 5.1.x before 5.1.2. A specially crafted REGISTER message with a malformed branch or From tag triggers an off-by-one heap-based buffer overflow in the tmx_check_pretran function in modules/tmx/tmx_pretran.c. | 2018-03-20 | not yet calculated | CVE-2018-8828 MISC MISC DEBIAN |
kentico -- kentico | Kentico 9.0 before 9.0.51 and 10.0 before 10.0.48 allows remote attackers to obtain Global Administrator access by visiting CMSInstall/install.aspx and then navigating to the CMS Administration Dashboard. | 2018-03-23 | not yet calculated | CVE-2017-17736 MISC |
kentico -- kentico | Kentico 10 before 10.0.50 and 11 before 11.0.3 has XSS in which a crafted URL results in improper construction of a system page. | 2018-03-19 | not yet calculated | CVE-2018-6842 MISC |
kentico -- kentico | Kentico 10 before 10.0.50 and 11 before 11.0.3 has SQL injection in the administration interface. | 2018-03-19 | not yet calculated | CVE-2018-6843 MISC |
libav -- libav | The apply_dependent_coupling function in libavcodec/aacdec.c in Libav 12.2 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted aac file. | 2018-03-22 | not yet calculated | CVE-2017-18242 MISC |
libav -- libav | The mpc8_probe function in libavformat/mpc8.c in Libav 12.2 allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted audio file. | 2018-03-23 | not yet calculated | CVE-2017-18245 MISC |
libav -- libav | The av_audio_fifo_size function in libavutil/audio_fifo.c in Libav 12.2 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted media file. | 2018-03-23 | not yet calculated | CVE-2017-18247 MISC |
libav -- libav | The stereo_processing function in libavcodec/aacps.c in Libav 12.2 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted aac file, related to ff_ps_apply. | 2018-03-22 | not yet calculated | CVE-2017-18244 MISC |
libav -- libav | The pcm_encode_frame function in libavcodec/pcm.c in Libav 12.2 allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted media file. | 2018-03-23 | not yet calculated | CVE-2017-18246 MISC |
libav -- libav | The unpack_parse_unit function in libavcodec/dirac_parser.c in Libav 12.2 allows remote attackers to cause a denial of service (segmentation fault) via a crafted file. | 2018-03-22 | not yet calculated | CVE-2017-18243 MISC |
libevt -- libevt | The libevt_record_values_read_event() function in libevt_record_values.c in libevt before 2018-03-17 does not properly check for out-of-bounds values of user SID data size, strings size, or data size. | 2018-03-17 | not yet calculated | CVE-2018-8754 MISC |
libming -- libming | In libming 0.4.8, there is a use-after-free in the decompileJUMP function of the decompile.c file. | 2018-03-24 | not yet calculated | CVE-2018-9009 MISC |
libming -- libming | In libming 0.4.8, the decompilePUSHPARAM function of decompile.c has a use-after-free. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted swf file. | 2018-03-23 | not yet calculated | CVE-2018-8961 MISC |
libming -- libming | In libming 0.4.8, the decompileSingleArgBuiltInFunctionCall function of decompile.c has a use-after-free. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted swf file. | 2018-03-23 | not yet calculated | CVE-2018-8962 MISC |
libming -- libming | In libming 0.4.8, the decompileDELETE function of decompile.c has a use-after-free. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted swf file. | 2018-03-23 | not yet calculated | CVE-2018-8964 MISC |
libming -- libming | In libming 0.4.8, these is a use-after-free in the function decompileCALLFUNCTION of decompile.c. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted swf file. | 2018-03-20 | not yet calculated | CVE-2018-8807 MISC |
libming -- libming | In libming 0.4.8, the decompileGETVARIABLE function of decompile.c has a use-after-free. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted swf file. | 2018-03-23 | not yet calculated | CVE-2018-8963 MISC |
libming -- libming | In libming 0.4.8, there is a use-after-free in the decompileArithmeticOp function of decompile.c. Remote attackers could use this vulnerability to cause a denial-of-service via a crafted swf file. | 2018-03-20 | not yet calculated | CVE-2018-8806 MISC |
libressl -- libressl | The int_x509_param_set_hosts function in lib/libcrypto/x509/x509_vpm.c in LibreSSL 2.7.0 before 2.7.1 does not support a certain special case of a zero name length, which causes silent omission of hostname verification, and consequently allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. NOTE: the LibreSSL documentation indicates that this special case is supported, but the BoringSSL documentation does not. | 2018-03-24 | not yet calculated | CVE-2018-8970 MISC MISC MISC |
libtiff -- libtiff | In LibTIFF 4.0.9, a heap-based buffer overflow occurs in the function LZWDecodeCompat in tif_lzw.c via a crafted TIFF file, as demonstrated by tiff2ps. | 2018-03-22 | not yet calculated | CVE-2018-8905 MISC MISC |
linux -- linux_kernel | A flaw was found in the Linux 4.x kernel's implementation of 32-bit syscall interface for bridging. This allowed a privileged user to arbitrarily write to a limited range of kernel memory. | 2018-03-16 | not yet calculated | CVE-2018-1068 BID CONFIRM CONFIRM CONFIRM MLIST MLIST |
linux -- linux_kernel | fs/f2fs/segment.c in the Linux kernel before 4.13 allows local users to cause a denial of service (NULL pointer dereference and panic) by using a noflush_merge option that triggers a NULL value for a flush_cmd_control data structure. | 2018-03-21 | not yet calculated | CVE-2017-18241 MISC MISC |
linux -- linux_kernel | Incorrect buffer length handling in the ncp_read_kernel function in fs/ncpfs/ncplib_kernel.c in the Linux kernel through 4.15.11, and in drivers/staging/ncpfs/ncplib_kernel.c in the Linux kernel 4.16-rc through 4.16-rc6, could be exploited by malicious NCPFS servers to crash the kernel or execute code. | 2018-03-20 | not yet calculated | CVE-2018-8822 BID CONFIRM |
lunarnight -- laboratory_webproxy | Directory traversal vulnerability in WebProxy version 1.7.8 allows an attacker to read arbitrary files via unspecified vectors. | 2018-03-22 | not yet calculated | CVE-2018-0542 JVN |
malwarebytes -- anti-malware_consumer_version | A vulnerability in the encryption and permission implementation of Malwarebytes Anti-Malware consumer version 2.2.1 and prior (fixed in 3.0.4) allows an attacker to take control of the whitelisting feature (exclusions.dat under %SYSTEMDRIVE%\ProgramData) to permit execution of unauthorized applications including malware and malicious websites. Files blacklisted by Malwarebytes Malware Protect can be executed, and domains blacklisted by Malwarebytes Web Protect can be reached through HTTP. | 2018-03-21 | not yet calculated | CVE-2016-10717 MISC MISC MISC MISC MISC |
maradns -- maradns | Deadwood before 2.3.09, 3.x before 3.2.05, and as used in MaraDNS before 1.4.14 and 2.x before 2.0.09, allow remote attackers to cause a denial of service (out-of-bounds read and crash) by leveraging permission to perform recursive queries against Deadwood, related to a logic error. | 2018-03-20 | not yet calculated | CVE-2014-2031 CONFIRM MLIST SECTRACK CONFIRM XF |
maradns -- maradns | Deadwood before 2.3.09, 3.x before 3.2.05, and as used in MaraDNS before 1.4.14 and 2.x before 2.0.09, allow remote attackers to cause a denial of service (out-of-bounds read and crash) by leveraging permission to perform recursive queries against Deadwood, related to missing input validation. | 2018-03-20 | not yet calculated | CVE-2014-2032 CONFIRM MLIST BID SECTRACK CONFIRM XF |
meco -- usb_memory_stick_with_fingerprint_mecoziolsamde601_devices | An issue was discovered on MECO USB Memory Stick with Fingerprint MECOZiolsamDE601 devices. The fingerprint authentication requirement for data access can be bypassed. An attacker with physical access can send a static packet to a serial port exposed on the PCB to unlock the key and get access to the data without possessing the required fingerprint. | 2018-03-22 | not yet calculated | CVE-2017-16242 MISC MISC MISC MISC |
micro_focus -- netiq_edirectory | Addresses denial of service attack to eDirectory versions prior to 9.1. | 2018-03-21 | not yet calculated | CVE-2018-1346 BID CONFIRM |
micro_focus -- netiq_imanager | The administrative web interface in NetIQ iManager, versions prior to 3.1, are vulnerable to reflected cross site scripting. | 2018-03-21 | not yet calculated | CVE-2018-1347 BID CONFIRM |
micro_focus -- netiq_imanager | NetIQ iManager, versions prior to 3.1, under some circumstances could be susceptible to an elevation of privilege attack. | 2018-03-21 | not yet calculated | CVE-2018-1345 CONFIRM |
micro_focus -- netiq_imanager | Addresses potential communication downgrade attack in NetIQ iManager versions prior to 3.1 | 2018-03-21 | not yet calculated | CVE-2018-1344 CONFIRM |
mikrotik -- routeros_smb | A buffer overflow was found in the MikroTik RouterOS SMB service when processing NetBIOS session request messages. Remote attackers with access to the service can exploit this vulnerability and gain code execution on the system. The overflow occurs before authentication takes place, so it is possible for an unauthenticated remote attacker to exploit it. All architectures and all devices running RouterOS before versions 6.41.3/6.42rc27 are vulnerable. | 2018-03-19 | not yet calculated | CVE-2018-7445 FULLDISC BID MISC EXPLOIT-DB |
misp -- misp | In MISP before 2.4.89, app/View/Events/resolved_attributes.ctp has multiple XSS issues via a malicious MISP module. | 2018-03-23 | not yet calculated | CVE-2018-8948 CONFIRM |
misp -- misp | An issue was discovered in app/Model/Attribute.php in MISP before 2.4.89. There is a critical API integrity bug, potentially allowing users to delete attributes of other events. A crafted edit for an event (without attribute UUIDs but attribute IDs set) could overwrite an existing attribute. | 2018-03-23 | not yet calculated | CVE-2018-8949 CONFIRM |
ncr -- s1_dispenser_controller | Memory write mechanism in NCR S1 Dispenser controller before firmware version 0x0156 allows an unauthenticated user to upgrade or downgrade the firmware of the device, including to older versions with known vulnerabilities. | 2018-03-20 | not yet calculated | CVE-2017-17668 CONFIRM |
ncr -- s2_dispenser_controller | Memory write mechanism in NCR S2 Dispenser controller before firmware version 0x0108 allows an unauthenticated user to upgrade or downgrade the firmware of the device, including to older versions with known vulnerabilities. | 2018-03-20 | not yet calculated | CVE-2018-5717 CONFIRM |
nessus -- nessus | When installing Nessus to a directory outside of the default location, Nessus versions prior to 7.0.3 did not enforce secure permissions for sub-directories. This could allow for local privilege escalation if users had not secured the directories in the installation location. | 2018-03-20 | not yet calculated | CVE-2018-1141 SECTRACK CONFIRM |
netpbm -- netpbm | The pm_mallocarray2 function in lib/util/mallocvar.c in Netpbm through 10.81.03 allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted image file, as demonstrated by pbmmask. | 2018-03-24 | not yet calculated | CVE-2018-8975 MISC |
netwide_assembler -- netwide_assembler | Netwide Assembler (NASM) 2.13.02rc2 has a buffer over-read in the parse_line function in asm/parser.c via uncontrolled access to nasm_reg_flags. | 2018-03-20 | not yet calculated | CVE-2018-8883 MISC |
netwide_assembler -- netwide_assembler | Netwide Assembler (NASM) 2.13.02rc2 has a heap-based buffer over-read in the function tokenize in asm/preproc.c, related to an unterminated string. | 2018-03-20 | not yet calculated | CVE-2018-8881 MISC |
netwide_assembler -- netwide_assembler | Netwide Assembler (NASM) 2.13.02rc2 has a stack-based buffer under-read in the function ieee_shr in asm/float.c via a large shift value. | 2018-03-20 | not yet calculated | CVE-2018-8882 MISC |
omron -- cx-supervisor | In Omron CX-Supervisor Versions 3.30 and prior, access of uninitialized pointer vulnerabilities can be exploited when CX Supervisor indirectly calls an initialized pointer when parsing malformed packets. | 2018-03-21 | not yet calculated | CVE-2018-7515 BID MISC |
omron -- cx-supervisor | In Omron CX-Supervisor Versions 3.30 and prior, parsing malformed project files may cause an out of bounds vulnerability. | 2018-03-21 | not yet calculated | CVE-2018-7517 BID MISC |
omron -- cx-supervisor | In Omron CX-Supervisor Versions 3.30 and prior, parsing malformed project files may cause a heap-based buffer overflow. | 2018-03-21 | not yet calculated | CVE-2018-7519 BID MISC |
omron -- cx-supervisor | In Omron CX-Supervisor Versions 3.30 and prior, use after free vulnerabilities can be exploited when CX Supervisor parses a specially crafted project file. | 2018-03-21 | not yet calculated | CVE-2018-7521 BID MISC |
omron -- cx-supervisor | In Omron CX-Supervisor Versions 3.30 and prior, parsing malformed project files may cause a double free vulnerability. | 2018-03-21 | not yet calculated | CVE-2018-7523 BID MISC |
omron -- cx-supervisor | In Omron CX-Supervisor Versions 3.30 and prior, processing a malformed packet by a certain executable may cause an untrusted pointer dereference vulnerability. | 2018-03-21 | not yet calculated | CVE-2018-7525 BID MISC |
omron -- cx-supervisor | In Omron CX-Supervisor Versions 3.30 and prior, parsing malformed project files may cause a stack-based buffer overflow. | 2018-03-21 | not yet calculated | CVE-2018-7513 BID MISC |
open_web_analytics -- open_web_analytics | Open Web Analytics (OWA) before 1.5.6 improperly generates random nonce values, which makes it easier for remote attackers to bypass a CSRF protection mechanism by leveraging knowledge of an OWA user name. | 2018-03-20 | not yet calculated | CVE-2014-1457 CONFIRM BID XF MISC |
openbuildservice -- openbuildservice | In the web ui of the openbuildservice before 2.3.0 a code injection of the project rebuildtimes statistics could be used by authorized attackers to execute shellcode. | 2018-03-20 | not yet calculated | CVE-2011-3178 CONFIRM CONFIRM |
opencart -- opencart | The Cart::getProducts method in system/library/cart.php in OpenCart 1.5.6.4 and earlier allows remote attackers to conduct server-side request forgery (SSRF) attacks or possibly conduct XML External Entity (XXE) attacks and execute arbitrary code via a crafted serialized PHP object, related to the quantity parameter in an update request. | 2018-03-20 | not yet calculated | CVE-2014-3990 MISC MISC FULLDISC BUGTRAQ BID CONFIRM |
opendaylight -- opendaylight | OpenDayLight version Carbon SR3 and earlier contain a vulnerability during node reconciliation that can result in traffic flows that should be expired or should expire shortly being re-installed and their timers reset resulting in traffic being allowed that should be expired. | 2018-03-16 | not yet calculated | CVE-2018-1078 MISC CONFIRM |
openscape_development_service -- openscape_development_service | SQL injection vulnerability in OpenScape Deployment Service (DLS) before 6.x and 7.x before R1.11.3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | 2018-03-19 | not yet calculated | CVE-2014-2652 CONFIRM |
opmantek -- open-audit_professional | Open-AudIT Professional 2.1 allows XSS via the Name or Description field on the Credentials screen. | 2018-03-22 | not yet calculated | CVE-2018-8903 MISC |
otcms -- otcms | OTCMS 3.20 allows XSS by adding a keyword or link to an article, as demonstrated by an admin/keyWord_deal.php?mudi=add request. | 2018-03-24 | not yet calculated | CVE-2018-8973 MISC |
owncloud -- owncloud | Cross-site scripting (XSS) vulnerability in ownCloud before 6.0.1 allows remote authenticated users to inject arbitrary web script or HTML via the filename of an uploaded file. | 2018-03-20 | not yet calculated | CVE-2014-1665 MISC BID XF MISC EXPLOIT-DB |
philips -- intellispace_cardiovascular_application | Philips ISCV application prior to version 2.3.0 has an insufficient session expiration vulnerability where an attacker could reuse the session of a previously logged in user. This vulnerability exists when using ISCV together with an Electronic Medical Record (EMR) system, where ISCV is in KIOSK mode for multiple users and using Windows authentication. This may allow an attacker to gain unauthorized access to patient health information and potentially modify this information. | 2018-03-20 | not yet calculated | CVE-2018-5438 BID MISC CONFIRM |
phpok -- phpok | PHPOK 4.8.338 has an arbitrary file upload vulnerability. | 2018-03-22 | not yet calculated | CVE-2018-8944 MISC |
phpshe -- phpshe | There is a SQL injection in the PHPSHE 1.6 userbank parameter. | 2018-03-22 | not yet calculated | CVE-2018-8943 MISC |
pivotal -- gemfire | The GemFire broker for Cloud Foundry 1.6.x before 1.6.5 and 1.7.x before 1.7.1 has multiple API endpoints which do not require authentication and could be used to gain access to the cluster managed by the broker. | 2018-03-16 | not yet calculated | CVE-2016-9880 BID CONFIRM |
pivotal -- pivotal_application_service | Apps Manager for PCF (Pivotal Application Service 1.11.x before 1.11.26, 1.12.x before 1.12.14, and 2.0.x before 2.0.5) allows unprivileged remote file read in its container via specially-crafted links. | 2018-03-16 | not yet calculated | CVE-2018-1200 BID CONFIRM |
pivotal -- spring_batch_admin | Pivotal Spring Batch Admin, all versions, contains a stored XSS vulnerability in the file upload feature. An unauthenticated malicious user with network access to Spring Batch Admin could store an arbitrary web script that would be executed by other users. This issue has not been patched because Spring Batch Admin has reached end of life. | 2018-03-21 | not yet calculated | CVE-2018-1229 BID CONFIRM |
pivotal -- spring_batch_admin | Pivotal Spring Batch Admin, all versions, does not contain cross site request forgery protection. A remote unauthenticated user could craft a malicious site that executes requests to Spring Batch Admin. This issue has not been patched because Spring Batch Admin has reached end of life. | 2018-03-21 | not yet calculated | CVE-2018-1230 BID CONFIRM |
pivotal -- spring_boot | Spring Boot supports an embedded launch script that can be used to easily run the application as a systemd or init.d linux service. The script included with Spring Boot 1.5.9 and earlier and 2.0.0.M1 through 2.0.0.M7 is susceptible to a symlink attack which allows the "run_user" to overwrite and take ownership of any file on the same system. In order to instigate the attack, the application must be installed as a service and the "run_user" requires shell access to the server. Spring Boot application that are not installed as a service, or are not using the embedded launch script are not susceptible. | 2018-03-19 | not yet calculated | CVE-2018-1196 CONFIRM |
prague -- smart_phones | The Bdat driver of Prague smart phones with software versions earlier than Prague-AL00AC00B211, versions earlier than Prague-AL00BC00B211, versions earlier than Prague-AL00CC00B211, versions earlier than Prague-TL00AC01B211, versions earlier than Prague-TL10AC01B211 has integer overflow vulnerability due to the lack of parameter validation. An attacker tricks a user into installing a malicious APP and execute it as a specific privilege; the APP can then send a specific parameter to the driver of the smart phone, causing arbitrary code execution. | 2018-03-23 | not yet calculated | CVE-2017-15325 CONFIRM |
qos.ch_slf4j -- qos.ch_slf4j | org.slf4j.ext.EventData in the slf4j-ext module in QOS.CH SLF4J before 1.8.0-beta2 allows remote attackers to bypass intended access restrictions via crafted data. | 2018-03-20 | not yet calculated | CVE-2018-8088 MISC MISC MISC |
radare2 -- radare2 | In radare2 2.4.0, there is a heap-based buffer over-read in the r_asm_disassemble function of asm.c. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted dex file. | 2018-03-20 | not yet calculated | CVE-2018-8808 MISC |
radare2 -- radare2 | In radare2 2.4.0, there is a heap-based buffer over-read in the dalvik_op function of anal_dalvik.c. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted dex file. | 2018-03-20 | not yet calculated | CVE-2018-8809 MISC |
radare2 -- radare2 | In radare2 2.4.0, there is a heap-based buffer over-read in the get_ivar_list_t function of mach0_classes.c. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted Mach-O file. | 2018-03-20 | not yet calculated | CVE-2018-8810 MISC |
radosgw -- radosgw | In Ceph before 12.2.3 and 13.x through 13.0.1, the rgw_civetweb.cc RGWCivetWeb::init_env function in radosgw doesn't handle malformed HTTP headers properly, allowing for denial of service. | 2018-03-19 | not yet calculated | CVE-2018-7262 CONFIRM REDHAT REDHAT CONFIRM CONFIRM FEDORA |
rsyslog_librelp -- rsyslog_librelp | rsyslog librelp version 1.2.14 and earlier contains a Buffer Overflow vulnerability in the checking of x509 certificates from a peer that can result in Remote code execution. This attack appear to be exploitable a remote attacker that can connect to rsyslog and trigger a stack buffer overflow by sending a specially crafted x509 certificate. | 2018-03-23 | not yet calculated | CVE-2018-1000140 MISC MISC |
seafile -- seafile_server_and_server_professional_edition | Seafile Server before 3.1.2 and Server Professional Edition before 3.1.0 allow local users to gain privileges via vectors related to ccnet handling user accounts. | 2018-03-19 | not yet calculated | CVE-2014-5443 MLIST BID XF CONFIRM CONFIRM |
securebrain_corporation -- installer_of_phishwall_client_firefox_and_chrome_edition_for_windows | Untrusted search path vulnerability in The installer of PhishWall Client Firefox and Chrome edition for Windows Ver. 5.1.26 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. | 2018-03-22 | not yet calculated | CVE-2018-0552 JVN CONFIRM |
siemans -- simatic_and_sinumerik_and_profinet_io | A vulnerability has been identified in SIMATIC CP 343-1 Advanced (All versions), SIMATIC CP 343-1 Standard (All versions), SIMATIC CP 443-1 Advanced (All versions), SIMATIC CP 443-1 Standard (All versions), SIMATIC S7-1500 Software Controller incl. F (All versions < V1.7.0), SIMATIC S7-1500 incl. F (All versions < V1.7.0), SIMATIC S7-300 incl. F and T (All versions), SIMATIC S7-400 H V6 (All versions), SIMATIC S7-400 PN/DP V6 Incl. F (All versions < V6.0.7), SIMATIC S7-400 PN/DP V7 Incl. F (All versions), SIMATIC S7-410 (All versions < V8.1), SIMATIC WinAC RTX 2010 incl. F (All versions), SINUMERIK 828D (All versions), SINUMERIK 840D sl (All versions), Softnet PROFINET IO for PC-based Windows systems (All versions). Responding to a PROFINET DCP request with a specially crafted PROFINET DCP packet could cause a Denial-of-Service condition of the requesting system. The security vulnerability could be exploited by an attacker located on the same Ethernet segment (OSI Layer 2) as the targeted device. Successful exploitation requires no user interaction or privileges and impacts the availability of core functionality of the affected device. A manual restart is required to recover the system. At the time of advisory publication no public exploitation of this security vulnerability is known. Siemens provides mitigations to resolve the security issue. PROFIBUS interfaces are not affected. | 2018-03-20 | not yet calculated | CVE-2018-4843 BID CONFIRM |
siemans -- simatic_wincc_oa_ui_for_android_and__simatic_wincc_oa_ui_for_ios | A vulnerability has been identified in SIMATIC WinCC OA UI for Android (All versions < V3.15.10), SIMATIC WinCC OA UI for iOS (All versions < V3.15.10). Insufficient limitation of CONTROL script capabilities could allow read and write access from one HMI project cache folder to other HMI project cache folders within the app's sandbox on the same mobile device. This includes HMI project cache folders of other configured WinCC OA servers. The security vulnerability could be exploited by an attacker who tricks an app user to connect to an attacker-controlled WinCC OA server. Successful exploitation requires user interaction and read/write access to the app's folder on a mobile device. The vulnerability could allow reading data from and writing data to the app's folder. At the time of advisory publication no public exploitation of this security vulnerability was known. Siemens confirms the security vulnerability and provides mitigations to resolve the security issue. | 2018-03-20 | not yet calculated | CVE-2018-4844 BID CONFIRM |
sqlite -- sqlite | In SQLite through 3.22.0, databases whose schema is corrupted using a CREATE TABLE AS statement could cause a NULL pointer dereference, related to build.c and prepare.c. | 2018-03-16 | not yet calculated | CVE-2018-8740 BID MISC MISC MISC MISC |
squirrelmail -- squirrelmail | A directory traversal flaw in SquirrelMail 1.4.22 allows an authenticated attacker to exfiltrate (or potentially delete) files from the hosting server, related to ../ in the att_local_name field in Deliver.class.php. | 2018-03-17 | not yet calculated | CVE-2018-8741 MISC SECTRACK MISC MISC MISC |
stable.php -- stable.php | I, Librarian version 4.8 and earlier contains a Cross Site Scripting (XSS) vulnerability in "id" parameter in stable.php that can result in an attacker using the XSS to send a malicious script to an unsuspecting user. | 2018-03-23 | not yet calculated | CVE-2018-1000139 MISC MISC |
synology -- photo_station | Cross-site scripting (XSS) vulnerability in Log Viewer in Synology Photo Station before 6.8.3-3463 and before 6.3-2971 allows remote attackers to inject arbitrary web script or HTML via the username parameter. | 2018-03-22 | not yet calculated | CVE-2017-16771 CONFIRM |
synology -- photo_station | Improper input validation vulnerability in SYNOPHOTO_Flickr_MultiUpload in Synology Photo Station before 6.8.3-3463 and before 6.3-2971 allows remote authenticated users to execute arbitrary codes via the prog_id parameter. | 2018-03-22 | not yet calculated | CVE-2017-16772 CONFIRM |
tenda -- ac15_router | A remote, unauthenticated attacker can gain remote code execution on the the Tenda AC15 router with a specially crafted password parameter for the COOKIE header. | 2018-03-20 | not yet calculated | CVE-2018-5768 MISC |
tenda -- ac15_router | An issue was discovered on Tenda AC15 devices. A remote, unauthenticated attacker can make a request to /goform/telnet, creating a telnetd service on the device. This service is password protected; however, several default accounts exist on the device that are root accounts, which can be used to log in. | 2018-03-20 | not yet calculated | CVE-2018-5770 MISC |
truecrypt -- truecrypt | The ProcessVolumeDeviceControlIrp function in Ntdriver.c in TrueCrypt 7.1a allows local users to bypass access restrictions and obtain sensitive information about arbitrary files via a (1) TC_IOCTL_OPEN_TEST or (2) TC_IOCTL_GET_SYSTEM_DRIVE_CONFIG IOCTL call. | 2018-03-19 | not yet calculated | CVE-2014-2884 MLIST MISC |
truecrypt -- truecrypt | Multiple integer overflows in TrueCrypt 7.1a allow local users to (1) obtain sensitive information via vectors involving a crafted item->OriginalLength value in the MainThreadProc function in EncryptedIoQueue.c or (2) cause a denial of service (memory consumption) via vectors involving large StartingOffset and Length values in the ProcessVolumeDeviceControlIrp function in Ntdriver.c. | 2018-03-19 | not yet calculated | CVE-2014-2885 MLIST MISC |
ubiquiti_networks -- edgeos | Ubiquiti Networks EdgeOS version 1.9.1.1 and prior suffer from an Improper Privilege Management vulnerability due to the lack of protection of the file system leading to sensitive information being exposed. An attacker with access to an operator (read-only) account could escalate privileges to admin (root) access in the system. | 2018-03-22 | not yet calculated | CVE-2017-0935 CONFIRM MISC |
ubiquiti_networks -- edgeos | Ubiquiti Networks EdgeOS version 1.9.1.1 and prior suffer from an Improper Privilege Management vulnerability due to the lack of validation on the input of the Feature functionality. An attacker with access to an operator (read-only) account and ssh connection to the devices could escalate privileges to admin (root) access in the system. | 2018-03-22 | not yet calculated | CVE-2017-0932 CONFIRM MISC |
ubiquiti_networks -- edgeos | Ubiquiti Networks EdgeOS version 1.9.1 and prior suffer from a Cross-Site Request Forgery (CSRF) vulnerability. An attacker with access to an operator (read-only) account could lure an admin (root) user to access the attacker-controlled page, allowing the attacker to gain admin privileges in the system. | 2018-03-22 | not yet calculated | CVE-2017-0933 CONFIRM MISC |
ubiquiti_networks -- edgeos | Ubiquiti Networks EdgeOS version 1.9.1 and prior suffer from an Improper Privilege Management vulnerability due to the lack of protection of the file system leading to sensitive information being exposed. An attacker with access to an operator (read-only) account could escalate privileges to admin (root) access in the system. | 2018-03-22 | not yet calculated | CVE-2017-0934 CONFIRM MISC |
ucopia -- wireless_appliance_devices | Improper input sanitization within the restricted administration shell on UCOPIA Wireless Appliance devices before 4.4.20, 5.0.x before 5.0.19, and 5.1.x before 5.1.11 allows authenticated remote attackers to escape the shell and escalate their privileges by uploading a .bashrc file containing the /bin/sh string. In some situations, authentication can be achieved via the bhu85tgb default password for the admin account. | 2018-03-22 | not yet calculated | CVE-2017-17743 MISC |
unboundid -- ldap_sdk_for_java | UnboundID LDAP SDK version from commit 801111d8b5c732266a5dbd4b3bb0b6c7b94d7afb up to commit 8471904a02438c03965d21367890276bc25fa5a6, where the issue was reported and fixed contains an Incorrect Access Control vulnerability in process function in SimpleBindRequest class doesn't check for empty password when running in synchronous mode. commit with applied fix https://github.com/pingidentity/ldapsdk/commit/8471904a02438c03965d21367890276bc25fa5a6#diff-f6cb23b459be1ec17df1da33760087fd that can result in Ability to impersonate any valid user. This attack appear to be exploitable via Providing valid username and empty password against servers that do not do additional validation as per https://tools.ietf.org/html/rfc4513#section-5.1.1. This vulnerability appears to have been fixed in after commit 8471904a02438c03965d21367890276bc25fa5a6. | 2018-03-16 | not yet calculated | CVE-2018-1000134 BID CONFIRM |
users.php -- users.php | I, Librarian version 4.8 and earlier contains a Cross site Request Forgery (CSRF) vulnerability in users.php that can result in the password of the admin being forced to be changed without the administrator's knowledge. | 2018-03-23 | not yet calculated | CVE-2018-1000137 MISC |
wampserver -- wampserver | Cross-site scripting (XSS) vulnerability in WampServer 3.1.1 allows remote attackers to inject arbitrary web script or HTML via the virtual_del parameter. | 2018-03-19 | not yet calculated | CVE-2018-8732 MISC |
western_bridge -- cobub_razor
| Physical path Leakage exists in Western Bridge Cobub Razor 0.8.0 via generate.php, controllers/getConfigTest.php, controllers/getUpdateTest.php, controllers/postclientdataTest.php, controllers/posterrorTest.php, controllers/posteventTest.php, controllers/posttagTest.php, controllers/postusinglogTest.php, fixtures/Controller_fixt.php, fixtures/Controller_fixt2.php, fixtures/view_fixt2.php, libs/ipTest.php, or models/commonDbfix.php in tests/. | 2018-03-18 | not yet calculated | CVE-2018-8770 MISC |
windows_optimization_master -- windows_optimization_master | In Windows Master (aka Windows Optimization Master) 7.99.13.604, the driver file (WoptiHWDetect.SYS) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0xf1002003. | 2018-03-24 | not yet calculated | CVE-2018-8994 MISC |
windows_optimization_master -- windows_optimization_master | In Windows Master (aka Windows Optimization Master) 7.99.13.604, the driver file (WoptiHWDetect.SYS) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0xf1002007. | 2018-03-24 | not yet calculated | CVE-2018-8996 MISC |
windows_optimization_master -- windows_optimization_master | In Windows Master (aka Windows Optimization Master) 7.99.13.604, the driver file (WoptiHWDetect.SYS) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0xf1002004. | 2018-03-24 | not yet calculated | CVE-2018-8997 MISC |
windows_optimization_master -- windows_optimization_master | In Windows Master (aka Windows Optimization Master) 7.99.13.604, the driver file (WoptiHWDetect.SYS) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0xf1002010. | 2018-03-24 | not yet calculated | CVE-2018-8990 MISC |
windows_optimization_master -- windows_optimization_master | In Windows Master (aka Windows Optimization Master) 7.99.13.604, the driver file (WoptiHWDetect.SYS) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0xf1002002. | 2018-03-24 | not yet calculated | CVE-2018-8995 MISC |
windows_optimization_master -- windows_optimization_master | In Windows Master (aka Windows Optimization Master) 7.99.13.604, the driver file (WoptiHWDetect.SYS) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0xf1002009. | 2018-03-24 | not yet calculated | CVE-2018-8991 MISC |
windows_optimization_master -- windows_optimization_master | In Windows Master (aka Windows Optimization Master) 7.99.13.604, the driver file (WoptiHWDetect.SYS) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0xf1002001. | 2018-03-24 | not yet calculated | CVE-2018-8993 MISC |
windows_optimization_master -- windows_optimization_master | In Windows Master (aka Windows Optimization Master) 7.99.13.604, the driver file (WoptiHWDetect.SYS) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0xf1002005. | 2018-03-24 | not yet calculated | CVE-2018-8992 MISC |
windows_optimization_master -- windows_optimization_master | In Windows Master (aka Windows Optimization Master) 7.99.13.604, the driver file (WoptiHWDetect.SYS) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0xf1002006. | 2018-03-24 | not yet calculated | CVE-2018-8989 MISC |
windows_optimization_master -- windows_optimization_master | In Windows Master (aka Windows Optimization Master) 7.99.13.604, the driver file (WoptiHWDetect.SYS) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0xf1002008. | 2018-03-24 | not yet calculated | CVE-2018-8988 MISC |
windows_optimization_master -- windows_optimization_master | In Windows Master (aka Windows Optimization Master) 7.99.13.604, the driver file (WoptiHWDetect.SYS) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0xf1002000. | 2018-03-22 | not yet calculated | CVE-2018-8904 MISC |
wordpress -- wordpress | Cross-site request forgery (CSRF) vulnerability in the Subscribe To Comments Reloaded plugin before 140219 for WordPress allows remote attackers to hijack the authentication of administrators for requests that conduct cross-site scripting (XSS) attacks via a request to the subscribe-to-comments-reloaded/options/index.php page to wp-admin/admin.php. | 2018-03-19 | not yet calculated | CVE-2014-2274 MISC CONFIRM |
wordpress -- wordpress | A Local File Inclusion vulnerability in the Site Editor plugin through 1.1.1 for WordPress allows remote attackers to retrieve arbitrary files via the ajax_path parameter to editor/extensions/pagebuilder/includes/ajax_shortcode_pattern.php, aka absolute path traversal. | 2018-03-19 | not yet calculated | CVE-2018-7422 MISC MISC |
wordpress -- wordpress | Directory traversal vulnerability in the Ajax Pagination (twitter Style) plugin 1.1 for WordPress allows remote attackers to read arbitrary files via a .. (dot dot) in the loop parameter in an ajax_navigation action to wp-admin/admin-ajax.php. | 2018-03-19 | not yet calculated | CVE-2014-2674 MISC |
wordpress -- wordpress | Cross-site request forgery (CSRF) vulnerability in the Disable Comments plugin before 1.0.4 for WordPress allows remote attackers to hijack the authentication of administrators for requests that enable comments via a request to the disable_comments_settings page to wp-admin/options-general.php. | 2018-03-19 | not yet calculated | CVE-2014-2550 XF MISC CONFIRM |
wordpress -- wordpress | Cross-site request forgery (CSRF) vulnerability in inc/AdminPage.php in the WP HTML Sitemap plugin 1.2 for WordPress allows remote attackers to hijack the authentication of administrators for requests that delete the sitemap via a request to the wp-html-sitemap page in wp-admin/options-general.php. | 2018-03-19 | not yet calculated | CVE-2014-2675 MISC |
wordpress -- wordpress | Multiple cross-site scripting (XSS) vulnerabilities in the VideoWhisper Live Streaming Integration plugin 4.29.6 for WordPress allow remote attackers to inject arbitrary web script or HTML via the (1) n parameter to ls/htmlchat.php or (2) bgcolor parameter to ls/index.php. NOTE: vector 1 may overlap CVE-2014-1906.4. | 2018-03-19 | not yet calculated | CVE-2014-2297 BUGTRAQ |
xiuno_bbs -- xiuno_bbs | Xiuno BBS 4.0.0 has XSS in the adminpage sitename parameter. | 2018-03-22 | not yet calculated | CVE-2018-8942 MISC |
yii -- yii | The findByCondition function in framework/db/ActiveRecord.php in Yii 2.x before 2.0.15 allows remote attackers to conduct SQL injection attacks via a findOne() or findAll() call, unless a developer recognizes an undocumented need to sanitize array input. | 2018-03-21 | not yet calculated | CVE-2018-7269 CONFIRM |
yii -- yii | Yii 2.x before 2.0.15 allows remote attackers to execute arbitrary LUA code via a variant of the CVE-2018-7269 attack in conjunction with the Redis extension. | 2018-03-21 | not yet calculated | CVE-2018-8073 CONFIRM |
yii -- yii | Yii 2.x before 2.0.15 allows remote attackers to inject unintended search conditions via a variant of the CVE-2018-7269 attack in conjunction with the Elasticsearch extension. | 2018-03-21 | not yet calculated | CVE-2018-8074 CONFIRM |
yxcms -- yxcms | Yxcms building system (compatible cell phone) v1.4.7 has XSS via the content parameter to protected\apps\default\view\default\extend_guestbook.php or protected\apps\default\view\mobile\extend_guestbook.php in an index.php?r=default/column/index&col=guestbook request. | 2018-03-20 | not yet calculated | CVE-2018-8805 MISC |
yxcms -- yxcms | protected\apps\member\controller\shopcarController.php in Yxcms building system (compatible cell phone) v1.4.7 has a logic flaw allowing attackers to modify a price, before form submission, by observing data in a packet capture. | 2018-03-19 | not yet calculated | CVE-2018-8761 MISC |
yzmcms -- yzmcms | Eval injection in yzmphp/core/function/global.func.php in YzmCMS v3.7.1 allows remote attackers to achieve arbitrary code execution via PHP code in the POST data of an index.php?m=member&c=member_content&a=init request. | 2018-03-18 | not yet calculated | CVE-2018-8756 MISC MISC |
zarafa -- zarafa_collaboration_platform | Zarafa Collaboration Platform 4.1 uses world-readable permissions for /etc/zarafa/license, which allows local users to obtain sensitive information by reading license files. | 2018-03-19 | not yet calculated | CVE-2014-5450 FEDORA FEDORA MLIST BID CONFIRM XF |
zzcms -- zzcms | An issue was discovered in zzcms 8.2. It allows PHP code injection via the siteurl parameter to install/index.php, as demonstrated by injecting a phpinfo() call into /inc/config.php. | 2018-03-24 | not yet calculated | CVE-2018-8966 MISC |
zzcms -- zzcms | An issue was discovered in zzcms 8.2. user/ppsave.php allows remote attackers to delete arbitrary files via directory traversal sequences in the oldimg parameter in an action=modify request. This can be leveraged for database access by deleting install.lock. | 2018-03-24 | not yet calculated | CVE-2018-8965 MISC |
zzcms -- zzcms | An issue was discovered in zzcms 8.2. It allows SQL injection via the id parameter in an adv2.php?action=modify request. | 2018-03-24 | not yet calculated | CVE-2018-8967 MISC |
zzcms -- zzcms | An issue was discovered in zzcms 8.2. user/manage.php allows remote attackers to delete arbitrary files via directory traversal sequences in the oldimg or oldflv parameter in an action=modify request. This can be leveraged for database access by deleting install.lock. | 2018-03-24 | not yet calculated | CVE-2018-8968 MISC |
zzcms -- zzcms | An issue was discovered in zzcms 8.2. user/licence_save.php allows remote attackers to delete arbitrary files via directory traversal sequences in the oldimg parameter in an action=modify request. This can be leveraged for database access by deleting install.lock. | 2018-03-24 | not yet calculated | CVE-2018-8969 MISC |
Please share your thoughts
We recently updated our anonymous product survey; we’d welcome your feedback.