Vulnerability Summary for the Week of June 4, 2018
Released
Jun 11, 2018
Document ID
SB18-162
The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded in the past week. In some cases, the vulnerabilities in the bulletin may not yet have assigned CVSS scores.
Vulnerabilities are based on the Common Vulnerabilities and Exposures (CVE) vulnerability naming standard and are organized according to severity, determined by the Common Vulnerability Scoring System (CVSS) standard. The division of high, medium, and low severities correspond to the following scores:
- High: vulnerabilities with a CVSS base score of 7.0–10.0
- Medium: vulnerabilities with a CVSS base score of 4.0–6.9
- Low: vulnerabilities with a CVSS base score of 0.0–3.9
Entries may include additional information provided by organizations and efforts sponsored by CISA. This information may include identifying information, values, definitions, and related links. Patch information is provided when available. Please note that some of the information in the bulletin is compiled from external, open-source reports and is not a direct result of CISA analysis.
Vulnerability Severity:
The NCCIC Weekly Vulnerability Summary Bulletin is created using information from the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD). In some cases, the vulnerabilities in the Bulletin may not yet have assigned CVSS scores. Please visit NVD for updated vulnerability entries, which include CVSS scores once they are available.
High Vulnerabilities
| Primary Vendor -- Product | Description | Published | CVSS Score | Source & Patch Info |
|---|---|---|---|---|
| There were no high vulnerabilities recorded this week. | ||||
Medium Vulnerabilities
| Primary Vendor -- Product | Description | Published | CVSS Score | Source & Patch Info |
|---|---|---|---|---|
| There were no medium vulnerabilities recorded this week. | ||||
Low Vulnerabilities
| Primary Vendor -- Product | Description | Published | CVSS Score | Source & Patch Info |
|---|---|---|---|---|
| There were no low vulnerabilities recorded this week. | ||||
Severity Not Yet Assigned
| Primary Vendor -- Product | Description | Published | CVSS Score | Source & Patch Info |
|---|---|---|---|---|
| 11xiaoli -- 11xiaoli | 11xiaoli is a simple file server. 11xiaoli is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url. | 2018-06-06 | not yet calculated | CVE-2017-16160 MISC MISC |
| 22lixian -- 22lixian | 22lixian is a simple file server. 22lixian is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url. | 2018-06-06 | not yet calculated | CVE-2017-16162 MISC MISC |
| 360class.jansenhm -- 360class.jansenhm | 360class.jansenhm is a static file server. 360class.jansenhm is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url. | 2018-06-06 | not yet calculated | CVE-2017-16186 MISC MISC |
| 3rd-eden -- useragent | Useragent is used to parse useragent headers. It uses several regular expressions to accomplish this. An attacker could edit their own headers, creating an arbitrarily long useragent string, causing the event loop and server to block. This affects Useragent 2.1.12 and earlier. | 2018-06-04 | not yet calculated | CVE-2017-16030 MISC |
| 626 -- 626 | 626 node module suffers from a Path Traversal vulnerability due to lack of validation of file, which allows a malicious user to read content of any file with known path. | 2018-06-06 | not yet calculated | CVE-2018-3727 MISC |
| abb -- ip_gateway | In ABB IP GATEWAY 3.39 and prior, the web server does not sufficiently verify that a request was performed by the authenticated user, which may allow an attacker to launch a request impersonating that user. | 2018-06-06 | not yet calculated | CVE-2017-7906 BID MISC |
| abb -- ip_gateway | In ABB IP GATEWAY 3.39 and prior, some configuration files contain passwords stored in plain-text, which may allow an attacker to gain unauthorized access. | 2018-06-06 | not yet calculated | CVE-2017-7933 BID MISC |
| abb -- ip_gateway | In ABB IP GATEWAY 3.39 and prior, by accessing a specific uniform resource locator (URL) on the web server, a malicious user is able to access the configuration files and application pages without authentication. | 2018-06-06 | not yet calculated | CVE-2017-7931 BID MISC |
| ablankenship10 -- goserv | goserv is an http server. goserv is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url. | 2018-06-06 | not yet calculated | CVE-2017-16133 MISC MISC |
| ag-grid -- ag-grid | ag-grid is an advanced data grid that is library agnostic. ag-grid is vulnerable to Cross-site Scripting (XSS) via Angular Expressions, if AngularJS is used in combination with ag-grid. | 2018-06-04 | not yet calculated | CVE-2017-16009 MISC MISC MISC |
| allen_bradley -- micrologix | An exploitable file write vulnerability exists in the memory module functionality of Allen Bradley Micrologix 1400 Series B FRN 21.2 and before. A specially crafted packet can cause a file write resulting in a new program being written to the memory module. An attacker can send an unauthenticated packet to trigger this vulnerability. | 2018-06-04 | not yet calculated | CVE-2017-12092 MISC |
| angular-http-server -- angular-http-server | angular-http-server node module suffers from a Path Traversal vulnerability due to lack of validation of possibleFilename, which allows a malicious user to read content of any file with known path. | 2018-06-06 | not yet calculated | CVE-2018-3713 MISC |
| apache -- mxnet | The clustered setup of Apache MXNet allows users to specify which IP address and port the scheduler will listen on via the DMLC_PS_ROOT_URI and DMLC_PS_ROOT_PORT env variables. In versions older than 1.0.0, however, the MXNet framework will listen on 0.0.0.0 rather than user specified DMLC_PS_ROOT_URI once a scheduler node is initialized. This exposes the instance running MXNet to any attackers reachable via the interface they didn't expect to be listening on. For example: If a user wants to run a clustered setup locally, they may specify to run on 127.0.0.1. But since MXNet will listen on 0.0.0.0, it makes the port accessible on all network interfaces. | 2018-06-08 | not yet calculated | CVE-2018-1281 CONFIRM |
| apache -- storm | Apache Storm version 1.0.6 and earlier, 1.2.1 and earlier, and version 1.1.2 and earlier expose a vulnerability that could allow a user to impersonate another user when communicating with some Storm Daemons. | 2018-06-05 | not yet calculated | CVE-2018-1332 BID CONFIRM |
| apache -- storm | Apache Storm version 1.0.6 and earlier, 1.2.1 and earlier, and version 1.1.2 and earlier expose an arbitrary file write vulnerability, that can be achieved using a specially crafted zip archive (affects other archives as well, bzip2, tar, xz, war, cpio, 7z), that holds path traversal filenames. So when the filename gets concatenated to the target extraction directory, the final path ends up outside of the target folder. | 2018-06-05 | not yet calculated | CVE-2018-8008 BID CONFIRM |
| apple -- ios_and_macos_and_icloud_and_itunes_and_tvos_and_watchos | An issue was discovered in certain Apple products. iOS before 11.4 is affected. macOS before 10.13.5 is affected. iCloud before 7.5 on Windows is affected. iTunes before 12.7.5 on Windows is affected. tvOS before 11.4 is affected. watchOS before 4.3.1 is affected. The issue involves the "Security" component. It allows local users to bypass intended restrictions on the reading of a persistent device identifier. | 2018-06-08 | not yet calculated | CVE-2018-4224 BID SECTRACK CONFIRM CONFIRM CONFIRM CONFIRM CONFIRM CONFIRM |
| apple -- ios_and_macos_and_icloud_and_itunes_and_watchos | An issue was discovered in certain Apple products. iOS before 11.4 is affected. macOS before 10.13.5 is affected. iCloud before 7.5 on Windows is affected. iTunes before 12.7.5 on Windows is affected. watchOS before 4.3.1 is affected. The issue involves the "Security" component. It allows local users to bypass intended restrictions on the reading of sensitive user information. | 2018-06-08 | not yet calculated | CVE-2018-4226 SECTRACK CONFIRM CONFIRM CONFIRM CONFIRM CONFIRM |
| apple -- ios_and_macos_and_icloud_and_itunes_and_watchos | An issue was discovered in certain Apple products. iOS before 11.4 is affected. macOS before 10.13.5 is affected. iCloud before 7.5 on Windows is affected. iTunes before 12.7.5 on Windows is affected. watchOS before 4.3.1 is affected. The issue involves the "Security" component. It allows local users to bypass intended restrictions on Keychain state modifications. | 2018-06-08 | not yet calculated | CVE-2018-4225 SECTRACK CONFIRM CONFIRM CONFIRM CONFIRM CONFIRM |
| apple -- ios_and_macos_and_tvos_and_watchos | An issue was discovered in certain Apple products. iOS before 11.4 is affected. macOS before 10.13.5 is affected. tvOS before 11.4 is affected. watchOS before 4.3.1 is affected. The issue involves the "Messages" component. It allows remote attackers to cause a denial of service via a crafted message. | 2018-06-08 | not yet calculated | CVE-2018-4240 SECTRACK CONFIRM CONFIRM CONFIRM CONFIRM |
| apple -- ios_and_macos_and_tvos_and_watchos | An issue was discovered in certain Apple products. iOS before 11.4 is affected. macOS before 10.13.5 is affected. tvOS before 11.4 is affected. watchOS before 4.3.1 is affected. The issue involves the "UIKit" component. It allows remote attackers to cause a denial of service via a crafted text file. | 2018-06-08 | not yet calculated | CVE-2018-4198 SECTRACK CONFIRM CONFIRM CONFIRM CONFIRM |
| apple -- ios_and_macos_and_tvos_and_watchos | An issue was discovered in certain Apple products. iOS before 11.4 is affected. macOS before 10.13.5 is affected. tvOS before 11.4 is affected. watchOS before 4.3.1 is affected. The issue involves the "Security" component. It allows local users to bypass intended restrictions on the reading of a persistent account identifier. | 2018-06-08 | not yet calculated | CVE-2018-4223 SECTRACK CONFIRM CONFIRM CONFIRM CONFIRM |
| apple -- ios_and_macos_and_tvos_and_watchos | An issue was discovered in certain Apple products. iOS before 11.4 is affected. macOS before 10.13.5 is affected. tvOS before 11.4 is affected. watchOS before 4.3.1 is affected. The issue involves the "Kernel" component. A buffer overflow in getvolattrlist allows attackers to execute arbitrary code in a privileged context via a crafted app. | 2018-06-08 | not yet calculated | CVE-2018-4243 SECTRACK MISC CONFIRM CONFIRM CONFIRM CONFIRM EXPLOIT-DB |
| apple -- ios_and_macos_and_tvos_and_watchos | An issue was discovered in certain Apple products. iOS before 11.4 is affected. macOS before 10.13.5 is affected. tvOS before 11.4 is affected. watchOS before 4.3.1 is affected. The issue involves the "Kernel" component. A buffer overflow in mptcp_usr_connectx allows attackers to execute arbitrary code in a privileged context via a crafted app. | 2018-06-08 | not yet calculated | CVE-2018-4241 SECTRACK MISC CONFIRM CONFIRM CONFIRM CONFIRM EXPLOIT-DB |
| apple -- ios_and_macos_and_tvos_and_watchos | An issue was discovered in certain Apple products. iOS before 11.3.1 is affected. macOS before 10.13.4 Security Update 2018-001 is affected. tvOS before 11.4 is affected. watchOS before 4.3.1 is affected. The issue involves the "Crash Reporter" component. It allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted app that replaces a privileged port name. | 2018-06-08 | not yet calculated | CVE-2018-4206 BID BID SECTRACK MISC CONFIRM CONFIRM CONFIRM CONFIRM EXPLOIT-DB |
| apple -- ios_and_macos_and_tvos_and_watchos | An issue was discovered in certain Apple products. iOS before 11.4 is affected. macOS before 10.13.5 is affected. tvOS before 11.4 is affected. watchOS before 4.3.1 is affected. The issue involves pktmnglr_ipfilter_input in com.apple.packet-mangler in the "Kernel" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (integer overflow and stack-based buffer overflow) via a crafted app. | 2018-06-08 | not yet calculated | CVE-2018-4249 SECTRACK MISC CONFIRM CONFIRM CONFIRM CONFIRM |
| apple -- ios_and_macos_and_tvos_and_watchos | An issue was discovered in certain Apple products. iOS before 11.4 is affected. macOS before 10.13.5 is affected. tvOS before 11.4 is affected. watchOS before 4.3.1 is affected. The issue involves the "FontParser" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted font file. | 2018-06-08 | not yet calculated | CVE-2018-4211 SECTRACK CONFIRM CONFIRM CONFIRM CONFIRM |
| apple -- ios_and_macos_and_tvos_and_watchos | An issue was discovered in certain Apple products. iOS before 11.4 is affected. macOS before 10.13.5 is affected. tvOS before 11.4 is affected. watchOS before 4.3.1 is affected. The issue involves the "libxpc" component. It allows attackers to gain privileges via a crafted app that leverages a logic error. | 2018-06-08 | not yet calculated | CVE-2018-4237 SECTRACK CONFIRM CONFIRM CONFIRM CONFIRM |
| apple -- ios_and_macos | An issue was discovered in certain Apple products. iOS before 11.4 is affected. macOS before 10.13.5 is affected. The issue involves the "Security" component. It allows web sites to track users by leveraging the transmission of S/MIME client certificates. | 2018-06-08 | not yet calculated | CVE-2018-4221 SECTRACK CONFIRM CONFIRM |
| apple -- ios_and_macos | An issue was discovered in certain Apple products. iOS before 11.4 is affected. macOS before 10.13.5 is affected. The issue involves the "iBooks" component. It allows man-in-the-middle attackers to spoof a password prompt. | 2018-06-08 | not yet calculated | CVE-2018-4202 SECTRACK CONFIRM CONFIRM |
| apple -- ios_and_macos | An issue was discovered in certain Apple products. iOS before 11.3.1 is affected. macOS before 10.13.4 Security Update 2018-001 is affected. The issue involves the "LinkPresentation" component. It allows remote attackers to spoof the UI via a crafted URL in a text message. | 2018-06-08 | not yet calculated | CVE-2018-4187 BID BID SECTRACK CONFIRM CONFIRM |
| apple -- ios_and_safari_and_icloud_and_itunes_and_tvos | An issue was discovered in certain Apple products. iOS before 11.3.1 is affected. Safari before 11.1 is affected. iCloud before 7.5 on Windows is affected. iTunes before 12.7.5 on Windows is affected. tvOS before 11.4 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site that triggers a WebCore::jsElementScrollHeightGetter use-after-free. | 2018-06-08 | not yet calculated | CVE-2018-4200 BID SECTRACK MISC CONFIRM CONFIRM CONFIRM CONFIRM CONFIRM UBUNTU EXPLOIT-DB |
| apple -- ios_and_safari_and_icloud_and_itunes_and_tvos | An issue was discovered in certain Apple products. iOS before 11.4 is affected. iOS before 11.3.1 is affected. Safari before 11.1 is affected. iCloud before 7.5 on Windows is affected. iTunes before 12.7.5 on Windows is affected. tvOS before 11.4 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. | 2018-06-08 | not yet calculated | CVE-2018-4204 BID SECTRACK CONFIRM CONFIRM CONFIRM CONFIRM CONFIRM CONFIRM |
| apple -- ios_and_safari_and_icloud_and_itunes_and_tvos | An issue was discovered in certain Apple products. iOS before 11.4 is affected. Safari before 11.1.1 is affected. iCloud before 7.5 on Windows is affected. iTunes before 12.7.5 on Windows is affected. tvOS before 11.4 is affected. The issue involves the "WebKit" component. It allows remote attackers to overwrite cookies via a crafted web site. | 2018-06-08 | not yet calculated | CVE-2018-4232 SECTRACK CONFIRM CONFIRM CONFIRM CONFIRM CONFIRM |
| apple -- ios_and_safari_and_icloud_and_itunes_and_tvos_and_watchos | An issue was discovered in certain Apple products. iOS before 11.4 is affected. Safari before 11.1.1 is affected. iCloud before 7.5 on Windows is affected. iTunes before 12.7.5 on Windows is affected. tvOS before 11.4 is affected. watchOS before 4.3.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code via a crafted web site that leverages a getWasmBufferFromValue out-of-bounds read during WebAssembly compilation. | 2018-06-08 | not yet calculated | CVE-2018-4222 SECTRACK MISC CONFIRM CONFIRM CONFIRM CONFIRM CONFIRM CONFIRM EXPLOIT-DB |
| apple -- ios_and_safari_and_icloud_and_itunes_and_tvos_and_watchos | An issue was discovered in certain Apple products. iOS before 11.4 is affected. Safari before 11.1.1 is affected. iCloud before 7.5 on Windows is affected. iTunes before 12.7.5 on Windows is affected. tvOS before 11.4 is affected. watchOS before 4.3.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to cause a denial of service (memory corruption and Safari crash) or possibly have unspecified other impact via a crafted web site. | 2018-06-08 | not yet calculated | CVE-2018-4214 SECTRACK CONFIRM CONFIRM CONFIRM CONFIRM CONFIRM CONFIRM |
| apple -- ios_and_safari_and_icloud_and_itunes_and_tvos_and_watchos | An issue was discovered in certain Apple products. iOS before 11.4 is affected. Safari before 11.1.1 is affected. iCloud before 7.5 on Windows is affected. iTunes before 12.7.5 on Windows is affected. tvOS before 11.4 is affected. watchOS before 4.3.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. | 2018-06-08 | not yet calculated | CVE-2018-4201 SECTRACK CONFIRM CONFIRM CONFIRM CONFIRM CONFIRM CONFIRM |
| apple -- ios_and_safari_and_icloud_and_itunes_and_tvos_and_watchos | An issue was discovered in certain Apple products. iOS before 11.4 is affected. Safari before 11.1.1 is affected. iCloud before 7.5 on Windows is affected. iTunes before 12.7.5 on Windows is affected. tvOS before 11.4 is affected. watchOS before 4.3.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code via a crafted web site that leverages type confusion. | 2018-06-08 | not yet calculated | CVE-2018-4246 SECTRACK CONFIRM CONFIRM CONFIRM CONFIRM CONFIRM CONFIRM |
| apple -- ios_and_safari_and_icloud_and_itunes_and_tvos_and_watchos | An issue was discovered in certain Apple products. iOS before 11.4 is affected. Safari before 11.1.1 is affected. iCloud before 7.5 on Windows is affected. iTunes before 12.7.5 on Windows is affected. tvOS before 11.4 is affected. watchOS before 4.3.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site that triggers an @generatorState use-after-free. | 2018-06-08 | not yet calculated | CVE-2018-4218 SECTRACK MISC CONFIRM CONFIRM CONFIRM CONFIRM CONFIRM CONFIRM EXPLOIT-DB |
| apple -- ios_and_safari_and_icloud_and_itunes_and_tvos_and_watchos | An issue was discovered in certain Apple products. iOS before 11.4 is affected. Safari before 11.1.1 is affected. iCloud before 7.5 on Windows is affected. iTunes before 12.7.5 on Windows is affected. tvOS before 11.4 is affected. watchOS before 4.3.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted web site. | 2018-06-08 | not yet calculated | CVE-2018-4233 SECTRACK CONFIRM CONFIRM CONFIRM CONFIRM CONFIRM CONFIRM |
| apple -- ios_and_safari_and_icloud_and_itunes_and_tvos_and_watchos | An issue was discovered in certain Apple products. iOS before 11.4 is affected. Safari before 11.1.1 is affected. iCloud before 7.5 on Windows is affected. iTunes before 12.7.5 on Windows is affected. tvOS before 11.4 is affected. watchOS before 4.3.1 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code via a crafted web site that leverages a race condition. | 2018-06-08 | not yet calculated | CVE-2018-4192 SECTRACK CONFIRM CONFIRM CONFIRM CONFIRM CONFIRM CONFIRM |
| apple -- ios_and_safari_and_icloud_and_itunes_and_tvos | An issue was discovered in certain Apple products. iOS before 11.4 is affected. Safari before 11.1.1 is affected. iCloud before 7.5 on Windows is affected. iTunes before 12.7.5 on Windows is affected. tvOS before 11.4 is affected. The issue involves the "WebKit" component. It allows remote attackers to obtain sensitive credential information that is transmitted during a CSS mask-image fetch. | 2018-06-08 | not yet calculated | CVE-2018-4190 SECTRACK CONFIRM CONFIRM CONFIRM CONFIRM CONFIRM |
| apple -- ios_and_safari_and_icloud_and_itunes_and_tvos | An issue was discovered in certain Apple products. iOS before 11.4 is affected. Safari before 11.1.1 is affected. iCloud before 7.5 on Windows is affected. iTunes before 12.7.5 on Windows is affected. tvOS before 11.4 is affected. The issue involves the "WebKit" component. It allows remote attackers to execute arbitrary code or cause a denial of service (buffer overflow and application crash) via a crafted web site. | 2018-06-08 | not yet calculated | CVE-2018-4199 SECTRACK CONFIRM CONFIRM CONFIRM CONFIRM CONFIRM |
| apple -- ios | An issue was discovered in certain Apple products. iOS before 11.4 is affected. The issue involves the "Messages" component. It allows remote attackers to cause a denial of service via a crafted message. | 2018-06-08 | not yet calculated | CVE-2018-4250 SECTRACK CONFIRM |
| apple -- ios | An issue was discovered in certain Apple products. iOS before 11.4 is affected. The issue involves the "Siri" component. It allows physically proximate attackers to bypass the lock-screen protection mechanism and obtain private notification content via Siri. | 2018-06-08 | not yet calculated | CVE-2018-4252 SECTRACK CONFIRM |
| apple -- ios | An issue was discovered in certain Apple products. iOS before 11.4 is affected. The issue involves the "Siri Contacts" component. It allows physically proximate attackers to discover private contact information via Siri. | 2018-06-08 | not yet calculated | CVE-2018-4244 SECTRACK CONFIRM |
| apple -- ios | An issue was discovered in certain Apple products. iOS before 11.4 is affected. The issue involves the "Bluetooth" component. It allows attackers to gain privileges or cause a denial of service (buffer overflow) via a crafted app. | 2018-06-08 | not yet calculated | CVE-2018-4215 SECTRACK CONFIRM |
| apple -- ios | An issue was discovered in certain Apple products. iOS before 11.4 is affected. The issue involves the "Magnifier" component. It allows physically proximate attackers to bypass the lock-screen protection mechanism and see the most recent Magnifier image. | 2018-06-08 | not yet calculated | CVE-2018-4239 SECTRACK CONFIRM |
| apple -- ios | An issue was discovered in certain Apple products. iOS before 11.4 is affected. The issue involves the "Siri" component. It allows physically proximate attackers to bypass the lock-screen protection mechanism and enable Siri. | 2018-06-08 | not yet calculated | CVE-2018-4238 SECTRACK CONFIRM |
| apple -- macos | An issue was discovered in certain Apple products. macOS before 10.13.5 is affected. The issue involves the "Bluetooth" component. It allows attackers to obtain sensitive kernel memory-layout information via a crafted app that leverages device properties. | 2018-06-08 | not yet calculated | CVE-2018-4171 SECTRACK CONFIRM |
| apple -- macos | An issue was discovered in certain Apple products. macOS before 10.13.5 is affected. The issue involves the "Hypervisor" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app. | 2018-06-08 | not yet calculated | CVE-2018-4242 SECTRACK CONFIRM |
| apple -- macos_and_tvos_and_watchos | An issue was discovered in certain Apple products. iOS before 11.4 is affected. macOS before 10.13.5 is affected. tvOS before 11.4 is affected. watchOS before 4.3.1 is affected. The issue involves the "Messages" component. It allows local users to perform impersonation attacks via an unspecified injection. | 2018-06-08 | not yet calculated | CVE-2018-4235 SECTRACK CONFIRM CONFIRM CONFIRM CONFIRM |
| apple -- macos | An issue was discovered in certain Apple products. macOS before 10.13.5 is affected. The issue involves the "Windows Server" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app. | 2018-06-08 | not yet calculated | CVE-2018-4193 SECTRACK CONFIRM |
| apple -- macos | An issue was discovered in certain Apple products. macOS before 10.13.5 is affected. The issue involves the "AMD" component. It allows local users to bypass intended memory-read restrictions or cause a denial of service (out-of-bounds read of kernel memory) via a crafted app. | 2018-06-08 | not yet calculated | CVE-2018-4253 SECTRACK CONFIRM |
| apple -- macos | An issue was discovered in certain Apple products. macOS before 10.13.5 is affected. The issue involves the "Grand Central Dispatch" component. It allows attackers to bypass a sandbox protection mechanism by leveraging the misparsing of entitlement plists. | 2018-06-08 | not yet calculated | CVE-2018-4229 SECTRACK CONFIRM |
| apple -- macos | An issue was discovered in certain Apple products. macOS before 10.13.5 is affected. The issue involves the "IOFireWireAVC" component. It allows attackers to execute arbitrary code in a privileged context via a crafted app that leverages a race condition. | 2018-06-08 | not yet calculated | CVE-2018-4228 SECTRACK CONFIRM |
| apple -- macos | An issue was discovered in certain Apple products. macOS before 10.13.5 is affected. The issue involves the "IOGraphics" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app. | 2018-06-08 | not yet calculated | CVE-2018-4236 SECTRACK CONFIRM |
| apple -- macos | An issue was discovered in certain Apple products. macOS before 10.13.5 is affected. The issue involves the "Accessibility Framework" component. It allows attackers to execute arbitrary code in a privileged context or obtain sensitive information via a crafted app. | 2018-06-08 | not yet calculated | CVE-2018-4196 SECTRACK CONFIRM |
| apple -- macos | An issue was discovered in certain Apple products. iOS before 11.4 is affected. macOS before 10.13.5 is affected. The issue involves the "Mail" component. It allows remote attackers to read the cleartext content of S/MIME encrypted messages via direct exfiltration. | 2018-06-08 | not yet calculated | CVE-2018-4227 SECTRACK MISC CONFIRM CONFIRM |
| apple -- macos | An issue was discovered in certain Apple products. macOS before 10.13.5 is affected. The issue involves the "Graphics Drivers" component. It allows attackers to bypass intended memory-read restrictions via a crafted app. | 2018-06-08 | not yet calculated | CVE-2018-4159 SECTRACK CONFIRM |
| apple -- macos | An issue was discovered in certain Apple products. macOS before 10.13.5 is affected. The issue involves the "IOHIDFamily" component. It allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app. | 2018-06-08 | not yet calculated | CVE-2018-4234 SECTRACK CONFIRM |
| apple -- macos | An issue was discovered in certain Apple products. macOS before 10.13.5 is affected. The issue involves the "ATS" component. It allows attackers to gain privileges via a crafted app that leverages type confusion. | 2018-06-08 | not yet calculated | CVE-2018-4219 SECTRACK CONFIRM |
| apple -- macos | An issue was discovered in certain Apple products. macOS before 10.13.5 is affected. The issue involves the "Intel Graphics Driver" component. It allows attackers to bypass intended memory-read restrictions via a crafted app. | 2018-06-08 | not yet calculated | CVE-2018-4141 SECTRACK CONFIRM |
| apple -- macos | An issue was discovered in certain Apple products. macOS before 10.13.5 is affected. The issue involves the "Speech" component. It allows attackers to bypass a sandbox protection mechanism to obtain microphone access. | 2018-06-08 | not yet calculated | CVE-2018-4184 SECTRACK CONFIRM |
| apple -- macos | An issue was discovered in certain Apple products. macOS before 10.13.5 is affected. The issue involves the "NVIDIA Graphics Drivers" component. It allows attackers to execute arbitrary code in a privileged context via a crafted app that triggers a SetAppSupportBits use-after-free because of a race condition. | 2018-06-08 | not yet calculated | CVE-2018-4230 SECTRACK MISC CONFIRM EXPLOIT-DB |
| apple -- macos | An issue was discovered in certain Apple products. macOS before 10.13.5 is affected. The issue involves the "Firmware" component. It allows attackers to modify the EFI flash-memory region that a crafted app that has root access. | 2018-06-08 | not yet calculated | CVE-2018-4251 SECTRACK CONFIRM |
| apple -- safari_and_icloud_and_itunes_and_tvos | An issue was discovered in certain Apple products. iOS before 11.4 is affected. Safari before 11.1.1 is affected. iCloud before 7.5 on Windows is affected. iTunes before 12.7.5 on Windows is affected. tvOS before 11.4 is affected. The issue involves the "WebKit" component. It allows remote attackers to spoof the address bar via a crafted web site. | 2018-06-08 | not yet calculated | CVE-2018-4188 SECTRACK CONFIRM CONFIRM CONFIRM CONFIRM CONFIRM |
| apple -- safari | An issue was discovered in certain Apple products. Safari before 11.1.1 is affected. The issue involves the "Safari" component. It allows remote attackers to spoof the address bar via a crafted web site. | 2018-06-08 | not yet calculated | CVE-2018-4205 SECTRACK CONFIRM |
| apple -- safari | An issue was discovered in certain Apple products. iOS before 11.4 is affected. Safari before 11.1.1 is affected. The issue involves the "Safari" component. It allows remote attackers to cause a denial of service (persistent Safari outage) via a crafted web site. | 2018-06-08 | not yet calculated | CVE-2018-4247 BID SECTRACK CONFIRM CONFIRM MISC |
| apple -- swift | An issue was discovered in certain Apple products. Swift before 4.1.1 Security Update 2018-001 is affected. The issue involves the "Swift for Ubuntu" component. It allows attackers to execute arbitrary code in a privileged context because write and execute permissions are enabled during library loading. | 2018-06-08 | not yet calculated | CVE-2018-4220 BID CONFIRM |
aprendecondedos -- dedos-web
| In Dedos-web 1.0, the cookie and session secrets used in the Express.js application have hardcoded values that are visible in the source code published on GitHub. An attacker can edit the contents of the session cookie and re-sign it using the hardcoded secret. Due to the use of Passport.js, this could lead to privilege escalation. | 2018-06-05 | not yet calculated | CVE-2018-10813 MISC MISC |
| arthur-zhang -- node-bsdiff-android | node-bsdiff-android downloads resources over HTTP, which leaves it vulnerable to MITM attacks. | 2018-06-04 | not yet calculated | CVE-2016-10641 MISC |
| augustine -- augustine | augustine node module suffers from a Path Traversal vulnerability due to lack of validation of url, which allows a malicious user to read content of any file with known path. | 2018-06-04 | not yet calculated | CVE-2017-0930 MISC |
| babelcli -- babelcli | babelcli was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm. | 2018-06-06 | not yet calculated | CVE-2017-16060 MISC |
| beaconmedaes -- totalalert_scroll_medical_air_systems_web_application | In the web application in BeaconMedaes TotalAlert Scroll Medical Air Systems running software versions prior to 4107600010.23, passwords are presented in plaintext in a file that is accessible without authentication. | 2018-06-06 | not yet calculated | CVE-2018-7510 MISC |
| bear-qv -- ex | exxxxxxxxxxx is an Http eX Frame Google Style JavaScript Guide. exxxxxxxxxxx is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url. Accessible files are restricted to those with a file extension. Files with no extension such as /etc/passwd throw an error. | 2018-06-06 | not yet calculated | CVE-2017-16130 MISC MISC |
| betterjs -- badjs-sourcemap-server | `badjs-sourcemap-server` receives files sent by `badjs-sourcemap`. `badjs-sourcemap-server` is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url. | 2018-06-04 | not yet calculated | CVE-2017-16036 MISC MISC |
| bird -- internet_routing_daemon | BIRD Internet Routing Daemon before 1.6.4 allows local users to cause a denial of service (stack consumption and daemon crash) via BGP mask expressions in birdc. | 2018-06-08 | not yet calculated | CVE-2018-12066 CONFIRM CONFIRM CONFIRM CONFIRM |
bitfu -- uc-httpd-1.0.0-buffer-overflow-exploit
| Buffer overflow in XiongMai uc-httpd 1.0.0 has unspecified impact and attack vectors, a different vulnerability than CVE-2017-16725. | 2018-06-08 | not yet calculated | CVE-2018-10088 MISC EXPLOIT-DB |
| bitjson -- slimerjs-edge | slimerjs-edge is a npm wrapper for installing the bleeding edge version of slimerjs. slimerjs-edge downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution (RCE) by swapping out the requested binary with an attacker controlled binary if the attacker is on the network or positioned in between the user and the remote server. | 2018-06-04 | not yet calculated | CVE-2016-10644 MISC |
blakeembrey -- no-case
| The no-case module is vulnerable to regular expression denial of service. When malicious untrusted user input is passed into no-case it can block the event loop causing a denial of service condition. | 2018-06-06 | not yet calculated | CVE-2017-16099 MISC MISC |
| bmeck -- node-sfml | sfml downloads resources over HTTP, which leaves it vulnerable to MITM attacks. | 2018-06-04 | not yet calculated | CVE-2016-10654 MISC |
| botbait -- botbait | The module botbait is a tool to be used to track bot and automated tools usage with-in the npm ecosystem. botbait is known to record and track user information. The module tracks the following information. Source IP process.versions process.platform How the module was invoked (test, require, pre-install) | 2018-06-06 | not yet calculated | CVE-2017-16126 MISC |
| bouncy_castle -- bc_and_bc-fja | Bouncy Castle BC 1.54 - 1.59, BC-FJA 1.0.0, BC-FJA 1.0.1 and earlier have a flaw in the Low-level interface to RSA key pair generator, specifically RSA Key Pairs generated in low-level API with added certainty may have less M-R tests than expected. This appears to be fixed in versions BC 1.60 beta 4 and later, BC-FJA 1.0.2 and later. | 2018-06-05 | not yet calculated | CVE-2018-1000180 CONFIRM CONFIRM CONFIRM MISC |
| bouncy_castle -- jce_provider | In the Bouncy Castle JCE Provider version 1.55 and earlier DSA signature generation is vulnerable to timing attack. Where timings can be closely observed for the generation of signatures, the lack of blinding in 1.55, or earlier, may allow an attacker to gain information about the signature's k value and ultimately the private value as well. | 2018-06-04 | not yet calculated | CVE-2016-1000341 CONFIRM |
| bouncy_castle -- jce_provider | In the Bouncy Castle JCE Provider version 1.55 and earlier the other party DH public key is not fully validated. This can cause issues as invalid keys can be used to reveal details about the other party's private key where static Diffie-Hellman is in use. As of release 1.56 the key parameters are checked on agreement calculation. | 2018-06-04 | not yet calculated | CVE-2016-1000346 CONFIRM |
| bouncy_castle -- jce_provider | In the Bouncy Castle JCE Provider version 1.55 and earlier the primary engine class used for AES was AESFastEngine. Due to the highly table driven approach used in the algorithm it turns out that if the data channel on the CPU can be monitored the lookup table accesses are sufficient to leak information on the AES key being used. There was also a leak in AESEngine although it was substantially less. AESEngine has been modified to remove any signs of leakage (testing carried out on Intel X86-64) and is now the primary AES class for the BC JCE provider from 1.56. Use of AESFastEngine is now only recommended where otherwise deemed appropriate. | 2018-06-04 | not yet calculated | CVE-2016-1000339 CONFIRM CONFIRM |
| bouncy_castle -- jce_provider | In the Bouncy Castle JCE Provider version 1.55 and earlier the DHIES implementation allowed the use of ECB mode. This mode is regarded as unsafe and support for it has been removed from the provider. | 2018-06-04 | not yet calculated | CVE-2016-1000344 CONFIRM |
| bouncy_castle -- jce_provider | In the Bouncy Castle JCE Provider version 1.55 and earlier the DHIES/ECIES CBC mode vulnerable to padding oracle attack. For BC 1.55 and older, in an environment where timings can be easily observed, it is possible with enough observations to identify when the decryption is failing due to padding. | 2018-06-04 | not yet calculated | CVE-2016-1000345 CONFIRM |
| bouncy_castle -- jce_provider | In the Bouncy Castle JCE Provider version 1.55 and earlier the DSA key pair generator generates a weak private key if used with default values. If the JCA key pair generator is not explicitly initialised with DSA parameters, 1.55 and earlier generates a private value assuming a 1024 bit key size. In earlier releases this can be dealt with by explicitly passing parameters to the key pair generator. | 2018-06-04 | not yet calculated | CVE-2016-1000343 CONFIRM |
| bouncy_castle -- jce_provider | In the Bouncy Castle JCE Provider versions 1.51 to 1.55, a carry propagation bug was introduced in the implementation of squaring for several raw math classes have been fixed (org.bouncycastle.math.raw.Nat???). These classes are used by our custom elliptic curve implementations (org.bouncycastle.math.ec.custom.**), so there was the possibility of rare (in general usage) spurious calculations for elliptic curve scalar multiplications. Such errors would have been detected with high probability by the output validation for our scalar multipliers. | 2018-06-04 | not yet calculated | CVE-2016-1000340 CONFIRM |
| bouncy_castle -- jce_provider | In the Bouncy Castle JCE Provider version 1.55 and earlier ECDSA does not fully validate ASN.1 encoding of signature on verification. It is possible to inject extra elements in the sequence making up the signature and still have it validate, which in some cases may allow the introduction of 'invisible' data into a signed structure. | 2018-06-04 | not yet calculated | CVE-2016-1000342 CONFIRM |
| bouncy_castle -- jce_provider | In the Bouncy Castle JCE Provider version 1.55 and earlier the ECIES implementation allowed the use of ECB mode. This mode is regarded as unsafe and support for it has been removed from the provider. | 2018-06-04 | not yet calculated | CVE-2016-1000352 CONFIRM |
| brianc -- node-postgres | A remote code execution vulnerability was found within the pg module when the remote database or query specifies a specially crafted column name. There are 2 likely scenarios in which one would likely be vulnerable. 1) Executing unsafe, user-supplied sql which contains a malicious column name. 2) Connecting to an untrusted database and executing a query which returns results where any of the column names are malicious. | 2018-06-06 | not yet calculated | CVE-2017-16082 MISC MISC |
brit95 -- lab6
| lab6.brit95 is a file server. lab6.brit95 is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url. | 2018-06-06 | not yet calculated | CVE-2017-16140 MISC MISC |
| broofa -- node-mime | The mime module is vulnerable to regular expression denial of service when a mime lookup is performed on untrusted user input. | 2018-06-06 | not yet calculated | CVE-2017-16138 MISC MISC |
| brother -- hl-l2340d_printers_and_hl-l2380dw_printers | Cross-site scripting (XSS) vulnerability on Brother HL-L2340D and HL-L2380DW series printers allows remote attackers to inject arbitrary web script or HTML via the url parameter to etc/loginerror.html. | 2018-06-01 | not yet calculated | CVE-2018-11581 MISC EXPLOIT-DB |
| byucslabsix -- byucslabsix | byucslabsix is an http server. byucslabsix is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url. | 2018-06-06 | not yet calculated | CVE-2017-16166 MISC MISC |
| calmquist.static-server -- calmquist.static-server | calmquist.static-server is a static file server. calmquist.static-server is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url. | 2018-06-06 | not yet calculated | CVE-2017-16165 MISC MISC |
| canon -- lbp6030w_web_interface | A remote attacker can bypass the System Manager Mode on the Canon LBP6030w web interface without a PIN for /checkLogin.cgi via vectors involving /portal_top.html to get full access to the device. | 2018-06-07 | not yet calculated | CVE-2018-12049 MISC |
| canon -- lbp7110cw_web_interface | A remote attacker can bypass the Management Mode on the Canon LBP7110Cw web interface without a PIN for /checkLogin.cgi via vectors involving /portal_top.html to get full access to the device. | 2018-06-07 | not yet calculated | CVE-2018-12048 MISC |
| canon -- mf210_and_mf220_web_interface | A remote attacker can bypass the System Manager Mode on the Canon MF210 and MF220 web interface without knowing the PIN for /login.html via vectors involving /portal_top.html to get full access to the device. | 2018-06-04 | not yet calculated | CVE-2018-11711 MISC EXPLOIT-DB |
| canon -- multiple_devices | An issue was discovered on Canon LBP6650, LBP3370, LBP3460, and LBP7750C devices. It is possible to bypass the Administrator Mode authentication for /tlogin.cgi via vectors involving frame.cgi?page=DevStatus. | 2018-06-04 | not yet calculated | CVE-2018-11692 MISC EXPLOIT-DB |
caolan -- forms
| Forms is a library for easily creating HTML forms. Versions before 1.3.0 did not have proper html escaping. This means that if the application did not sanitize html on behalf of forms, use of forms may be vulnerable to cross site scripting | 2018-06-04 | not yet calculated | CVE-2017-16015 MISC MISC |
| caolilinode -- caolilinode | caolilinode is a simple file server. caolilinode is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url. | 2018-06-06 | not yet calculated | CVE-2017-16159 MISC MISC |
| cedced19 -- fast-http | fast-http-cli is the command line interface for fast-http, a simple web server. fast-http-cli is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url. | 2018-06-06 | not yet calculated | CVE-2017-16155 MISC MISC |
| censorify.tanisjr -- censorify.tanisjr | censorify.tanisjr is a simple web server and API RESTful service. censorify.tanisjr is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url. | 2018-06-06 | not yet calculated | CVE-2017-16157 MISC MISC |
| charset -- charset | charset 1.0.0 and below are vulnerable to regular expression denial of service. Input of around 50k characters is required for a slow down of around 2 seconds. Unless node was compiled using the -DHTTP_MAX_HEADER_SIZE= option the default header max length is 80kb, so the impact of the ReDoS is relatively low. | 2018-06-06 | not yet calculated | CVE-2017-16098 MISC MISC |
| chatbyvista -- chatbyvista | chatbyvista is a file server. chatbyvista is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url. | 2018-06-06 | not yet calculated | CVE-2017-16177 MISC MISC |
| cisco -- 6800_and_7800_and_8800_series_ip_phones | A vulnerability in the Session Initiation Protocol (SIP) call-handling functionality of Cisco IP Phone 6800, 7800, and 8800 Series Phones with Multiplatform Firmware could allow an unauthenticated, remote attacker to cause an affected phone to reload unexpectedly, resulting in a temporary denial of service (DoS) condition. The vulnerability exists because the firmware of an affected phone incorrectly handles errors that could occur when an incoming phone call is not answered. An attacker could exploit this vulnerability by sending a set of maliciously crafted SIP packets to an affected phone. A successful exploit could allow the attacker to cause the affected phone to reload unexpectedly, resulting in a temporary DoS condition. This vulnerability affects Cisco IP Phone 6800, 7800, and 8800 Series Phones with Multiplatform Firmware if they are running a Multiplatform Firmware release prior to Release 11.1(2). Cisco Bug IDs: CSCvi24718. | 2018-06-07 | not yet calculated | CVE-2018-0316 CONFIRM |
| cisco -- adaptive_security_appliance | A vulnerability in the web interface of the Cisco Adaptive Security Appliance (ASA) could allow an unauthenticated, remote attacker to cause an affected device to reload unexpectedly, resulting in a denial of service (DoS) condition. It is also possible on certain software releases that the ASA will not reload, but an attacker could view sensitive system information without authentication by using directory traversal techniques. The vulnerability is due to lack of proper input validation of the HTTP URL. An attacker could exploit this vulnerability by sending a crafted HTTP request to an affected device. An exploit could allow the attacker to cause a DoS condition or unauthenticated disclosure of information. This vulnerability applies to IPv4 and IPv6 HTTP traffic. This vulnerability affects Cisco ASA Software and Cisco Firepower Threat Defense (FTD) Software that is running on the following Cisco products: 3000 Series Industrial Security Appliance (ISA), ASA 1000V Cloud Firewall, ASA 5500 Series Adaptive Security Appliances, ASA 5500-X Series Next-Generation Firewalls, ASA Services Module for Cisco Catalyst 6500 Series Switches and Cisco 7600 Series Routers, Adaptive Security Virtual Appliance (ASAv), Firepower 2100 Series Security Appliance, Firepower 4100 Series Security Appliance, Firepower 9300 ASA Security Module, FTD Virtual (FTDv). Cisco Bug IDs: CSCvi16029. | 2018-06-07 | not yet calculated | CVE-2018-0296 CONFIRM |
| cisco -- anyconnect_network_access_manager_and_anyconnect_secure_mobility_client | A vulnerability in the certificate management subsystem of Cisco AnyConnect Network Access Manager and of Cisco AnyConnect Secure Mobility Client for iOS, Mac OS X, Android, Windows, and Linux could allow an unauthenticated, remote attacker to bypass the TLS certificate check when downloading certain configuration files. The vulnerability is due to improper use of Simple Certificate Enrollment Protocol and improper server certificate validation. An attacker could exploit this vulnerability by preparing malicious profile and localization files for Cisco AnyConnect to use. A successful exploit could allow the attacker to remotely change the configuration profile, a certificate, or the localization data used by AnyConnect Secure Mobility Client. Cisco Bug IDs: CSCvh23141. | 2018-06-07 | not yet calculated | CVE-2018-0334 CONFIRM |
| cisco -- appdynamics_app_iq_platform | The Enterprise Console in Cisco AppDynamics App iQ Platform before 4.4.3.10598 (HF4) allows SQL injection, aka the Security Advisory 2089 issue. | 2018-06-08 | not yet calculated | CVE-2018-0225 CONFIRM |
| cisco -- firesight_system_software | A vulnerability in the VPN configuration management of Cisco FireSIGHT System Software could allow an unauthenticated, remote attacker to bypass VPN security due to unintended side effects of dynamic configuration changes that could allow an attacker to bypass configured policies. The vulnerability is due to incorrect management of the configured interface names and VPN parameters when dynamic CLI configuration changes are performed. An attacker could exploit this vulnerability by sending packets through an interface on the targeted device. A successful exploit could allow the attacker to bypass configured VPN policies. Cisco Bug IDs: CSCvh49388. | 2018-06-07 | not yet calculated | CVE-2018-0333 BID CONFIRM |
| cisco -- identity_services_engine | A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based interface. The vulnerability is due to insufficient input validation of some parameters passed to the web-based management interface. An attacker could exploit this vulnerability by convincing a user of the interface to click a specific link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the interface or allow the attacker to access sensitive browser-based information. Cisco Bug IDs: CSCvf72309. | 2018-06-07 | not yet calculated | CVE-2018-0339 CONFIRM |
| cisco -- integrated_management_controller_supervisor_software_and_ ucs_director_software | A vulnerability in the web-based management interface of Cisco Integrated Management Controller Supervisor Software and Cisco UCS Director Software could allow an authenticated, remote attacker to conduct a Document Object Model-based (DOM-based), stored cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device. The vulnerability is due to insufficient validation of user-supplied input by the web-based management interface of the affected software. An attacker could exploit this vulnerability by persuading a user of the affected interface to click a malicious link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or allow the attacker to access sensitive browser-based information on the affected device. Cisco Bug IDs: CSCvh12994. | 2018-06-07 | not yet calculated | CVE-2018-0149 CONFIRM |
| cisco -- ios_xe_software | A vulnerability in the authentication, authorization, and accounting (AAA) security services of Cisco IOS XE Software could allow an unauthenticated, remote attacker to execute arbitrary code on an affected device or cause an affected device to reload, resulting in a denial of service (DoS) condition. The vulnerability is due to incorrect memory operations that the affected software performs when the software parses a username during login authentication. An attacker could exploit this vulnerability by attempting to authenticate to an affected device. A successful exploit could allow the attacker to execute arbitrary code on the affected device or cause the affected device to reload, resulting in a DoS condition. This vulnerability affects Cisco devices that are running Cisco IOS XE Software Release Fuji 16.7.1 or Fuji 16.8.1 and are configured to use AAA for login authentication. Cisco Bug IDs: CSCvi25380. | 2018-06-07 | not yet calculated | CVE-2018-0315 BID CONFIRM |
| cisco -- meeting_server | A vulnerability in Cisco Meeting Server (CMS) could allow an unauthenticated, adjacent attacker to access services running on internal device interfaces of an affected system. The vulnerability is due to incorrect default configuration of the device, which can expose internal interfaces and ports on the external interface of the system. A successful exploit could allow the attacker to gain unauthenticated access to configuration and database files and sensitive meeting information on an affected system. This vulnerability affects Cisco Meeting Server (CMS) 2000 Platforms that are running a CMS Software release prior to Release 2.2.13 or Release 2.3.4. Cisco Bug IDs: CSCvg76471. | 2018-06-07 | not yet calculated | CVE-2018-0263 BID CONFIRM |
| cisco -- multiple_products | Multiple Cisco products are affected by a vulnerability in local file management for certain system log files of Cisco collaboration products that could allow an unauthenticated, remote attacker to cause high disk utilization, resulting in a denial of service (DoS) condition. The vulnerability occurs because a certain system log file does not have a maximum size restriction. Therefore, the file is allowed to consume the majority of available disk space on the appliance. An attacker could exploit this vulnerability by sending crafted remote connection requests to the appliance. Successful exploitation could allow the attacker to increase the size of a system log file so that it consumes most of the disk space. The lack of available disk space could lead to a DoS condition in which the application functions could operate abnormally, making the appliance unstable. This vulnerability affects the following Cisco Voice Operating System (VOS)-based products: Emergency Responder, Finesse, Hosted Collaboration Mediation Fulfillment, MediaSense, Prime License Manager, SocialMiner, Unified Communications Manager (UCM), Unified Communications Manager IM and Presence Service (IM&P - earlier releases were known as Cisco Unified Presence), Unified Communication Manager Session Management Edition (SME), Unified Contact Center Express (UCCx), Unified Intelligence Center (UIC), Unity Connection, Virtualized Voice Browser. This vulnerability also affects Prime Collaboration Assurance and Prime Collaboration Provisioning. Cisco Bug IDs: CSCvd10872, CSCvf64322, CSCvf64332, CSCvi29538, CSCvi29543, CSCvi29544, CSCvi29546, CSCvi29556, CSCvi29571, CSCvi31738, CSCvi31741, CSCvi31762, CSCvi31807, CSCvi31818, CSCvi31823. | 2018-06-07 | not yet calculated | CVE-2017-6779 CONFIRM |
| cisco -- network_services_orchestrator | A vulnerability in the CLI parser of Cisco Network Services Orchestrator (NSO) could allow an authenticated, remote attacker to execute arbitrary shell commands with the privileges of the root user. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by injecting malicious arguments into vulnerable commands. A successful exploit could allow the attacker to execute arbitrary commands with root privileges on the affected system. This vulnerability affects the following releases of Cisco Network Services Orchestrator (NSO): 4.1 through 4.1.6.0, 4.2 through 4.2.4.0, 4.3 through 4.3.3.0, 4.4 through 4.4.2.0. Cisco Bug IDs: CSCvf99982. | 2018-06-07 | not yet calculated | CVE-2018-0274 CONFIRM |
| cisco -- node-jose | node-jose is a JavaScript implementation of the JSON Object Signing and Encryption (JOSE) for current web browsers and node.js-based servers. node-jose earlier than version 0.9.3 is vulnerable to an invalid curve attack. This allows an attacker to recover the private secret key when JWE with Key Agreement with Elliptic Curve Diffie-Hellman Ephemeral Static (ECDH-ES) is used. | 2018-06-04 | not yet calculated | CVE-2017-16007 MISC MISC MISC MISC |
| cisco -- prime_collaboration_provisioning | A vulnerability in the password recovery function of Cisco Prime Collaboration Provisioning (PCP) could allow an unauthenticated, remote attacker to gain unauthorized access to an affected device. The vulnerability is due to insufficient validation of a password recovery request. An attacker could exploit this vulnerability by submitting a password recovery request and changing the password for any user on an affected system. An exploit could allow the attacker to gain administrative-level privileges on the affected system. This vulnerability affects Cisco Prime Collaboration Provisioning (PCP) Releases 11.6 and prior. Cisco Bug IDs: CSCvd07253. | 2018-06-07 | not yet calculated | CVE-2018-0319 CONFIRM |
| cisco -- prime_collaboration_provisioning | A vulnerability in the web portal authentication process of Cisco Prime Collaboration Provisioning could allow an unauthenticated, local attacker to view sensitive data. The vulnerability is due to improper logging of authentication data. An attacker could exploit this vulnerability by monitoring a specific World-Readable file for this authentication data (Cleartext Passwords). An exploit could allow the attacker to gain authentication information for other users. Cisco Bug IDs: CSCvd86602. | 2018-06-07 | not yet calculated | CVE-2018-0335 CONFIRM |
| cisco -- prime_collaboration_provisioning | A vulnerability in the web framework code of Cisco Prime Collaboration Provisioning (PCP) could allow an unauthenticated, remote attacker to execute arbitrary SQL queries. The vulnerability is due to a lack of proper validation on user-supplied input in SQL queries. An attacker could exploit this vulnerability by sending crafted URLs that contain malicious SQL statements to the affected application. This vulnerability affects Cisco Prime Collaboration Provisioning (PCP) Releases 12.1 and prior. Cisco Bug IDs: CSCvd61754. | 2018-06-07 | not yet calculated | CVE-2018-0320 BID CONFIRM |
| cisco -- prime_collaboration_provisioning | A vulnerability in the batch provisioning feature of Cisco Prime Collaboration Provisioning could allow an authenticated, remote attacker to escalate privileges to the Administrator level. The vulnerability is due to insufficient authorization enforcement on batch processing. An attacker could exploit this vulnerability by uploading a batch file and having the batch file processed by the system. A successful exploit could allow the attacker to escalate privileges to the Administrator level. Cisco Bug IDs: CSCvd86578. | 2018-06-07 | not yet calculated | CVE-2018-0336 CONFIRM |
| cisco -- prime_collaboration_provisioning | A vulnerability in Cisco Prime Collaboration Provisioning (PCP) could allow an unauthenticated, remote attacker to access the Java Remote Method Invocation (RMI) system. The vulnerability is due to an open port in the Network Interface and Configuration Engine (NICE) service. An attacker could exploit this vulnerability by accessing the open RMI system on an affected PCP instance. An exploit could allow the attacker to perform malicious actions that affect PCP and the devices that are connected to it. This vulnerability affects Cisco Prime Collaboration Provisioning (PCP) Releases 11.6 and prior. Cisco Bug IDs: CSCvd61746. | 2018-06-07 | not yet calculated | CVE-2018-0321 BID CONFIRM |
| cisco -- prime_collaboration_provisioning | A vulnerability in the web management interface of Cisco Prime Collaboration Provisioning (PCP) could allow an authenticated, remote attacker to modify sensitive data that is associated with arbitrary accounts on an affected device. The vulnerability is due to a failure to enforce access restrictions on the Help Desk and User Provisioning roles that are assigned to authenticated users. This failure could allow an authenticated attacker to modify critical attributes of higher-privileged accounts on the device. A successful exploit could allow the attacker to gain elevated privileges on the device. This vulnerability affects Cisco Prime Collaboration Provisioning (PCP) Releases 12.1 and prior. Cisco Bug IDs: CSCvd61779. | 2018-06-07 | not yet calculated | CVE-2018-0322 CONFIRM |
| cisco -- prime_collaboration_provisioning | A vulnerability in the password reset function of Cisco Prime Collaboration Provisioning (PCP) could allow an unauthenticated, remote attacker to gain unauthorized access to an affected device. The vulnerability is due to insufficient validation of a password reset request. An attacker could exploit this vulnerability by submitting a password reset request and changing the password for any user on an affected system. An exploit could allow the attacker to gain administrative-level privileges on the affected system. This vulnerability affects Cisco Prime Collaboration Provisioning (PCP) Releases 11.6 and prior. Cisco Bug IDs: CSCvd07245. | 2018-06-07 | not yet calculated | CVE-2018-0318 CONFIRM |
| cisco -- prime_collaboration_provisioning | A vulnerability in the web interface of Cisco Prime Collaboration Provisioning (PCP) could allow an authenticated, remote attacker to escalate their privileges. The vulnerability is due to insufficient web portal access control checks. An attacker could exploit this vulnerability by modifying an access request. An exploit could allow the attacker to promote their account to any role defined on the system. This vulnerability affects Cisco Prime Collaboration Provisioning (PCP) Releases 12.2 and prior. Cisco Bug IDs: CSCvc90286. | 2018-06-07 | not yet calculated | CVE-2018-0317 CONFIRM |
| cisco -- unified_communications_manager | A vulnerability in the web framework of the Cisco Unified Communications Manager (Unified CM) software could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against the user of the web interface of the affected system. The vulnerability is due to insufficient input validation of certain parameters passed to the web server. An attacker could exploit this vulnerability by convincing the user to access a malicious link or by intercepting the user request and injecting certain malicious code. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected site or allow the attacker to access sensitive browser-based information. Cisco Bug IDs: CSCvj00512. | 2018-06-07 | not yet calculated | CVE-2018-0340 CONFIRM |
| cisco -- unified_communications_manager | A vulnerability in the web UI of Cisco Unified Communications Manager (Unified CM) could allow an unauthenticated, remote attacker to conduct a cross-frame scripting (XFS) attack against the user of the web UI of an affected system. The vulnerability is due to insufficient protections for HTML inline frames (iframes) by the web UI of the affected software. An attacker could exploit this vulnerability by persuading a user of the affected UI to navigate to an attacker-controlled web page that contains a malicious HTML iframe. A successful exploit could allow the attacker to conduct click-jacking or other client-side browser attacks on the affected system. Cisco Bug IDs: CSCvg19761. | 2018-06-07 | not yet calculated | CVE-2018-0355 CONFIRM |
| cisco -- unified_computing_system | A vulnerability in the role-based access-checking mechanisms of Cisco Unified Computing System (UCS) Software could allow an authenticated, local attacker to execute arbitrary commands on an affected system. The vulnerability exists because the affected software lacks proper input and validation checks for certain file systems. An attacker could exploit this vulnerability by issuing crafted commands in the CLI of an affected system. A successful exploit could allow the attacker to cause other users to execute unwanted arbitrary commands on the affected system. Cisco Bug IDs: CSCvf52994. | 2018-06-07 | not yet calculated | CVE-2018-0338 CONFIRM |
| cisco -- unified_ip_phone_software | A vulnerability in the Session Initiation Protocol (SIP) ingress packet processing of Cisco Unified IP Phone software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition. The vulnerability is due to a lack of flow-control mechanisms in the software. An attacker could exploit this vulnerability by sending high volumes of SIP INVITE traffic to the targeted device. Successful exploitation could allow the attacker to cause a disruption of services on the targeted IP phone. Cisco Bug IDs: CSCve10064, CSCve14617, CSCve14638, CSCve14683, CSCve20812, CSCve20926, CSCve20945. | 2018-06-07 | not yet calculated | CVE-2018-0332 CONFIRM |
| cisco -- unity_connection | A vulnerability in the web framework of Cisco Unity Connection could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against the user of the web interface of an affected system. The vulnerability is due to insufficient input validation of certain parameters that are passed to the affected software via the HTTP GET and HTTP POST methods. An attacker who can convince a user to follow an attacker-supplied link could execute arbitrary script or HTML code in the user's browser in the context of an affected site. Cisco Bug IDs: CSCvf76417. | 2018-06-07 | not yet calculated | CVE-2018-0354 CONFIRM |
| cisco -- web_security_appliance | A vulnerability in traffic-monitoring functions in Cisco Web Security Appliance (WSA) could allow an unauthenticated, remote attacker to circumvent Layer 4 Traffic Monitor (L4TM) functionality and bypass security protections. The vulnerability is due to a change in the underlying operating system software that is responsible for monitoring affected traffic. An attacker could exploit this vulnerability by sending crafted IP packets to an affected device. A successful exploit could allow the attacker to pass traffic through the device, which the WSA was configured to deny. This vulnerability affects both IPv4 and IPv6 traffic. This vulnerability affects Cisco AsyncOS versions for WSA on both virtual and hardware appliances running any release of the 10.5.1, 10.5.2, or 11.0.0 WSA Software. The WSA is vulnerable if it is configured for L4TM. Cisco Bug IDs: CSCvg78875. | 2018-06-07 | not yet calculated | CVE-2018-0353 BID CONFIRM |
| cisco -- webex | A vulnerability in the web framework of Cisco WebEx could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against the user of the web interface of an affected system. The vulnerability is due to insufficient input validation of certain parameters that are passed to the affected software via the HTTP GET and HTTP POST methods. An attacker who can convince a user to follow an attacker-supplied link could execute arbitrary script or HTML code in the user's browser in the context of an affected site. Cisco Bug IDs: CSCvi63757. | 2018-06-07 | not yet calculated | CVE-2018-0356 BID CONFIRM |
| cisco -- webex | A vulnerability in the web framework of Cisco WebEx could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against the user of the web interface of an affected system. The vulnerability is due to insufficient input validation of certain parameters that are passed to the affected software via the HTTP GET and HTTP POST methods. An attacker who can convince a user to follow an attacker-supplied link could execute arbitrary script or HTML code in the user's browser in the context of an affected site. Cisco Bug IDs: CSCvi71274. | 2018-06-07 | not yet calculated | CVE-2018-0357 BID CONFIRM |
| cisco -- wide_area_application_services_software | A vulnerability in the Disk Check Tool (disk-check.sh) for Cisco Wide Area Application Services (WAAS) Software could allow an authenticated, local attacker to elevate their privilege level to root. The attacker must have valid user credentials with super user privileges (level 15) to log in to the device. The vulnerability is due to insufficient validation of script files executed in the context of the Disk Check Tool. An attacker could exploit this vulnerability by replacing one script file with a malicious script file while the affected tool is running. A successful exploit could allow the attacker to gain root-level privileges and take full control of the device. Cisco Bug IDs: CSCvi72673. | 2018-06-07 | not yet calculated | CVE-2018-0352 CONFIRM |
| cisco -- wide_area_application_services | A vulnerability in the default configuration of the Simple Network Management Protocol (SNMP) feature of Cisco Wide Area Application Services (WAAS) Software could allow an unauthenticated, remote attacker to read data from an affected device via SNMP. The vulnerability is due to a hard-coded, read-only community string in the configuration file for the SNMP daemon. An attacker could exploit this vulnerability by using the static community string in SNMP version 2c queries to an affected device. A successful exploit could allow the attacker to read any data that is accessible via SNMP on the affected device. Note: The static credentials are defined in an internal configuration file and are not visible in the current operation configuration ('running-config') or the startup configuration ('startup-config'). Cisco Bug IDs: CSCvi40137. | 2018-06-07 | not yet calculated | CVE-2018-0329 CONFIRM |
| citypredict.whauwiller -- citypredict.whauwiller | citypredict.whauwiller is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url. | 2018-06-06 | not yet calculated | CVE-2017-16104 MISC MISC |
| clang-extra -- clang-extra | The clang-extra module installs LLVM's clang-extra tools. clang-extra downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution (RCE) by swapping out the requested resources with an attacker controlled copy if the attacker is on the network or positioned in between the user and the remote server. | 2018-06-04 | not yet calculated | CVE-2016-10655 MISC |
| cloud_foundry -- diego | Cloud Foundry Diego, release versions prior to 2.8.0, does not properly sanitize file paths in tar and zip files headers. A remote attacker with CF admin privileges can upload a malicious buildpack that will allow a complete takeover of a Diego Cell VM and access to all apps running on that Diego Cell. | 2018-06-06 | not yet calculated | CVE-2018-1265 CONFIRM |
| cloud_foundry -- loggregator | Cloud Foundry Loggregator, versions 89.x prior to 89.5 or 96.x prior to 96.1 or 99.x prior to 99.1 or 101.x prior to 101.9 or 102.x prior to 102.2, does not validate app GUID structure in requests. A remote authenticated malicious user knowing the GUID of an app may construct malicious requests to read from or write to the logs of that app. | 2018-06-06 | not yet calculated | CVE-2018-1268 CONFIRM |
| cloud_foundry -- loggregator | Cloud Foundry Loggregator, versions 89.x prior to 89.5 or 96.x prior to 96.1 or 99.x prior to 99.1 or 101.x prior to 101.9 or 102.x prior to 102.2, does not handle errors thrown while constructing certain http requests. A remote authenticated user may construct malicious requests to cause the traffic controller to leave dangling TCP connections, which could cause denial of service. | 2018-06-06 | not yet calculated | CVE-2018-1269 CONFIRM |
| cloudpub-redis -- cloudpub-redis | cloudpub-redis is a module for CloudPub: Redis Backend cloudpub-redis downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution (RCE) by swapping out the requested resources with an attacker controlled copy if the attacker is on the network or positioned in between the user and the remote server. | 2018-06-04 | not yet calculated | CVE-2016-10672 MISC |
| co-cli-installer -- co-cli-installer | co-cli-installer downloads the co-cli module as part of the install process, but does so over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution (RCE) by swapping out the requested resources with an attacker controlled copy if the attacker is on the network or positioned in between the user and the remote server. | 2018-06-04 | not yet calculated | CVE-2016-10657 MISC |
| cofee-script -- cofee-script | The cofee-script module exfiltrates sensitive data such as a user's private SSH key and bash history to a third party server during installation. | 2018-06-06 | not yet calculated | CVE-2017-16206 MISC |
| cofeescript -- cofeescript | The cofeescript module exfiltrates sensitive data such as a user's private SSH key and bash history to a third party server during installation. | 2018-06-06 | not yet calculated | CVE-2017-16202 MISC |
| coffe-script -- coffe-script | The coffe-script module exfiltrates sensitive data such as a user's private SSH key and bash history to a third party server during installation. | 2018-06-06 | not yet calculated | CVE-2017-16205 MISC |
| coffe-script -- coffe-script | The coffe-script module exfiltrates sensitive data such as a user's private SSH key and bash history to a third party server during installation. | 2018-06-06 | not yet calculated | CVE-2017-16203 MISC |
commentapp.stetsonwood -- commentapp.stetsonwood
| commentapp.stetsonwood is an http server. commentapp.stetsonwood is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url. | 2018-06-06 | not yet calculated | CVE-2017-16143 MISC MISC |
| creatiwity -- witycms | A Local File Inclusion vulnerability in /system/WCore/WHelper.php in Creatiwity wityCMS 0.6.2 allows remote attackers to include local PHP files (execute PHP code) or read non-PHP files by replacing a helper.json file. | 2018-06-08 | not yet calculated | CVE-2018-12065 MISC MISC |
| crestron -- mulitple_devices | Crestron TSW-1060, TSW-760, TSW-560, TSW-1060-NC, TSW-760-NC, and TSW-560-NC devices before 2.001.0037.001 allow unauthenticated remote code execution via command injection in Crestron Toolbox Protocol (CTP). | 2018-06-07 | not yet calculated | CVE-2018-11229 CONFIRM |
| crestron -- mulitple_devices | Crestron TSW-1060, TSW-760, TSW-560, TSW-1060-NC, TSW-760-NC, and TSW-560-NC devices before 2.001.0037.001 allow unauthenticated remote code execution via a Bash shell service in Crestron Toolbox Protocol (CTP). | 2018-06-07 | not yet calculated | CVE-2018-11228 CONFIRM |
| cross-env.js -- cross-env.js | cross-env.js was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm. | 2018-06-06 | not yet calculated | CVE-2017-16081 MISC |
| crossenv -- crossenv | crossenv was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm. | 2018-06-06 | not yet calculated | CVE-2017-16074 MISC |
| cuciuci -- cuciuci | cuciuci is a simple fileserver. cuciuci is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url. | 2018-06-06 | not yet calculated | CVE-2017-16122 MISC MISC |
| cyber-js -- cyber-js | cyber-js is a simple http server. A cyberjs server is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url. | 2018-06-06 | not yet calculated | CVE-2017-16093 MISC MISC |
| cypserver -- cypserver | cypserver is a static file server. cypserver is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url. | 2018-06-06 | not yet calculated | CVE-2017-16191 MISC MISC |
danlevan -- bracket-template | bracket-template suffers from reflected XSS possible when variable passed via GET parameter is used in template | 2018-06-06 | not yet calculated | CVE-2018-3735 MISC |
| dasafio -- dasafio | dasafio is a web server. dasafio is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url. File access is restricted to only .html files. | 2018-06-06 | not yet calculated | CVE-2017-16179 MISC MISC |
| datachannel-client -- datachannel-client | datachannel-client is a signaling implementation for DataChannel.js. datachannel-client is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url. | 2018-06-06 | not yet calculated | CVE-2017-16121 MISC MISC |
| dcdcdcdcdc -- dcdcdcdcdc | dcdcdcdcdc is a static file server. dcdcdcdcdc is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url. | 2018-06-06 | not yet calculated | CVE-2017-16190 MISC MISC |
| dckt -- localhost-now | localhost-now node module suffers from a Path Traversal vulnerability due to lack of validation of file, which allows a malicious user to read content of any file with known path. | 2018-06-06 | not yet calculated | CVE-2018-3729 MISC |
| dcserver -- dcserver | dcserver is a static file server. dcserver is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url. | 2018-06-06 | not yet calculated | CVE-2017-16158 MISC MISC |
| dedecms -- dedecms | DedeCMS through V5.7SP2 allows arbitrary file upload in dede/file_manage_control.php via a dede/file_manage_view.php?fmdo=upload request with an upfile1 parameter, as demonstrated by uploading a .php file. | 2018-06-07 | not yet calculated | CVE-2018-12045 MISC |
| dedecms -- dedecms | DedeCMS through 5.7SP2 allows arbitrary file write in dede/file_manage_control.php via a dede/file_manage_view.php?fmdo=newfile request with name and str parameters, as demonstrated by writing to a new .php file. | 2018-06-07 | not yet calculated | CVE-2018-12046 MISC |
| desafio -- desafio | desafio a simple web server. desafio is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url, but is limited to accessing only .html files. | 2018-06-06 | not yet calculated | CVE-2017-16164 MISC MISC |
dgard8 -- lab6 | dgard8.lab6 is a static file server. dgard8.lab6 is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url. | 2018-06-06 | not yet calculated | CVE-2017-16218 MISC MISC |
| discordi.js -- discordi.js | discordi.js is a malicious module based on the discord.js library that exfiltrates login tokens to pastebin. | 2018-06-06 | not yet calculated | CVE-2017-16207 MISC |
| displaylink -- core_software_cleaner_application | An issue was discovered in DisplayLink Core Software Cleaner Application 8.2.1956. When the drivers are updated to a newer version, the product launches a process as SYSTEM to uninstall the old version: cl_1956.exe is run as SYSTEM on the %systemroot%\Temp folder, where any user can write a DLL (e.g., version.dll) to perform DLL Hijacking and elevate privileges to SYSTEM. | 2018-06-05 | not yet calculated | CVE-2018-7884 FULLDISC |
| dmmcquay.lab6 -- dmmcquay.lab6 | dmmcquay.lab6 is a REST server. dmmcquay.lab6 is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url. | 2018-06-06 | not yet calculated | CVE-2017-16208 MISC MISC |
dodo -- node-slug | slug is a module to slugify strings, even if they contain unicode. slug is vulnerable to regular expression denial of service is specially crafted untrusted input is passed as input. About 50k characters can block the event loop for 2 seconds. | 2018-06-06 | not yet calculated | CVE-2017-16117 MISC MISC |
drewfus -- lab6
| lab6drewfusbyu is an http server. lab6drewfusbyu is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url. | 2018-06-06 | not yet calculated | CVE-2017-16141 MISC MISC |
duyetdev -- static-html-server | static-html-server is a static file server. static-html-server is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url. | 2018-06-06 | not yet calculated | CVE-2017-16152 MISC MISC |
| dylmomo -- dylmomo | dylmomo is a simple file server. dylmomo is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url. | 2018-06-06 | not yet calculated | CVE-2017-16163 MISC MISC |
| earlybird -- earlybird | earlybird is a web server module for early development. earlybird is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url. | 2018-06-06 | not yet calculated | CVE-2017-16154 MISC MISC |
| easyquick -- easyquick | easyquick is a simple web server. easyquick is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url. Access is constrained, however, to supported file types. Requesting a file such as /etc/passwd returns a "not supported" error. | 2018-06-06 | not yet calculated | CVE-2017-16109 MISC MISC |
| eclipse -- mosquitto | In Eclipse Mosquitto 1.4.15 and earlier, a Memory Leak vulnerability was found within the Mosquitto Broker. Unauthenticated clients can send crafted CONNECT packets which could cause a denial of service in the Mosquitto Broker. | 2018-06-05 | not yet calculated | CVE-2017-7654 CONFIRM |
| eclipse -- mosquitto | The Eclipse Mosquitto broker up to version 1.4.15 does not reject strings that are not valid UTF-8. A malicious client could cause other clients that do reject invalid UTF-8 strings to disconnect themselves from the broker by sending a topic string which is not valid UTF-8, and so cause a denial of service for the clients. | 2018-06-05 | not yet calculated | CVE-2017-7653 CONFIRM |
| eeems -- pooledwebsocket | pooledwebsocket is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url. | 2018-06-06 | not yet calculated | CVE-2017-16107 MISC MISC |
| elding -- elding | elding is a simple web server. elding is vulnerable to a directory traversal issue, allowing an attacker to access the filesystem by placing "../" in the url. The files accessible, however, are limited to files with a file extension. Sending a GET request to /../../../etc/passwd, for example, will return a 404 on etc/passwd/index.js. | 2018-06-06 | not yet calculated | CVE-2017-16222 MISC MISC |
| electron -- electron | Based on details posted by the ElectronJS team; A remote code execution vulnerability has been discovered in Google Chromium that affects all recent versions of Electron. Any Electron app that accesses remote content is vulnerable to this exploit, regardless of whether the [sandbox option](https://electron.atom.io/docs/api/sandbox-option) is enabled. | 2018-06-06 | not yet calculated | CVE-2017-16151 MISC MISC |
| emreovunc -- eaton-intelligent-power-manager-local | Local file inclusion in Eaton Intelligent Power Manager v1.6 allows an attacker to include a file via server/node_upgrade_srv.js directory traversal with the firmware parameter in a downloadFirmware action. | 2018-06-07 | not yet calculated | CVE-2018-12031 MISC |
| ems -- master_calendar | Data input into EMS Master Calendar before 8.0.0.201805210 via URL parameters is not properly sanitized, allowing malicious attackers to send a crafted URL for XSS. | 2018-06-01 | not yet calculated | CVE-2018-11628 MISC MISC EXPLOIT-DB |
| enserver -- enserver | enserver is a simple web server. enserver is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url. | 2018-06-06 | not yet calculated | CVE-2017-16209 MISC MISC |
erming -- shout
| Shout is an IRC client. Because the `/topic` command in messages is unescaped, attackers have the ability to inject HTML scripts that will run in the victim's browser. Affects shout >=0.44.0 <=0.49.3. | 2018-06-04 | not yet calculated | CVE-2017-16043 MISC MISC |
| ewgaddis.lab6 -- ewgaddis.lab6 | ewgaddis.lab6 is a file server. ewgaddis.lab6 is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url. | 2018-06-06 | not yet calculated | CVE-2017-16175 MISC MISC |
| expressjs -- method-override | method-override is a module used by the Express.js framework to let you use HTTP verbs such as PUT or DELETE in places where the client doesn't support it. method-override is vulnerable to a regular expression denial of service vulnerability when specially crafted input is passed in to be parsed via the X-HTTP-Method-Override header. | 2018-06-06 | not yet calculated | CVE-2017-16136 MISC |
| eyalar -- lwip | prebuild-lwip is a module for comprehensive, fast, and simple image processing and manipulation. prebuild-lwip downloads resources over HTTP, which leaves it vulnerable to MITM attacks. | 2018-06-04 | not yet calculated | CVE-2016-10652 MISC |
| f5 -- big-ip | On F5 BIG-IP 13.0.0, 12.0.0-12.1.2, 11.6.1-11.6.3.1, 11.5.1-11.5.5, or 11.2.1, when processing DIAMETER transactions with carefully crafted attribute-value pairs, TMM may crash. | 2018-06-01 | not yet calculated | CVE-2018-5522 BID CONFIRM |
| fabric-js -- fabric-js | `fabric-js` was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm. | 2018-06-04 | not yet calculated | CVE-2017-16053 MISC |
fastify -- fastify | Fastify node module before 0.38.0 is vulnerable to a denial-of-service attack by sending a request with "Content-Type: application/json" and a very large payload. | 2018-06-06 | not yet calculated | CVE-2018-3711 MISC MISC |
| felicienfrancois -- node-resourcehacker | resourcehacker is a Node wrapper of Resource Hacker (windows executable resource editor). resourcehacker downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution (RCE) by swapping out the requested binary with an attacker controlled binary if the attacker is on the network or positioned in between the user and the remote server. | 2018-06-04 | not yet calculated | CVE-2016-10646 MISC |
| ffmepg -- ffmepg | ffmepg was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm. | 2018-06-06 | not yet calculated | CVE-2017-16068 MISC |
fis-dev -- fis-sass
| fis-sass-all is another libsass wrapper for node. fis-sass-all downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution (RCE) by swapping out the requested resources with an attacker controlled copy if the attacker is on the network or positioned in between the user and the remote server. | 2018-06-04 | not yet calculated | CVE-2016-10686 MISC |
fis-stuff -- fis-parser-sass-bin
| fis-parser-sass-bin a plugin for fis to compile sass using node-sass-binaries. fis-parser-sass-bin downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution (RCE) by swapping out the requested resources with an attacker controlled copy if the attacker is on the network or positioned in between the user and the remote server. | 2018-06-04 | not yet calculated | CVE-2016-10660 MISC |
| foxit_software -- pdf_reader | An exploitable use-after-free vulnerability exists in the JavaScript engine of Foxit Software Foxit PDF Reader version 9.0.1.1049. A specially crafted PDF document can trigger a previously freed object in memory to be reused resulting in arbitrary code execution. An attacker needs to trick the user to open the malicious file to trigger this vulnerability. If the browser plugin extension is enabled, visiting a malicious site can also trigger the vulnerability. | 2018-06-04 | not yet calculated | CVE-2018-3853 BID SECTRACK MISC |
| frames-compiler -- frames-compiler | frames-compiler downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution (RCE) by swapping out the requested binary with an attacker controlled binary if the attacker is on the network or positioned in between the user and the remote server. | 2018-06-04 | not yet calculated | CVE-2016-10649 MISC |
| fsk-server -- fsk-server | fsk-server is a simple http server. fsk-server is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url. | 2018-06-06 | not yet calculated | CVE-2017-16090 MISC MISC |
| gamerpolls -- gamerpolls.com | An issue was discovered in GamerPolls 0.4.6, related to config/environments/all.js and config/initializers/02_passport.js. An attacker can edit the Passport.js contents of the session cookie to contain the ID number of the account they wish to take over, and re-sign it using the hard coded secret. | 2018-06-05 | not yet calculated | CVE-2018-10966 CONFIRM MISC MISC |
| gaoxiaotingtingting -- gaoxiaotingtingting | gaoxiaotingtingting is an HTTP server. gaoxiaotingtingting is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url. | 2018-06-06 | not yet calculated | CVE-2017-16108 MISC MISC |
| garycourt -- uri-js | uri-js is a module that tries to fully implement RFC 3986. One of these features is validating whether or not a supplied URL is valid or not. To do this, uri-js uses a regular expression, This regular expression is vulnerable to redos. This causes the program to hang and the CPU to idle at 100% usage while uri-js is trying to validate if the supplied URL is valid or not. To check if you're vulnerable, look for a call to `require("uri-js").parse()` where a user is able to send their own input. This affects uri-js 2.1.1 and earlier. | 2018-06-04 | not yet calculated | CVE-2017-16021 MISC MISC |
| gcpantazis -- grunt-images | grunt-images is a grunt plugin for processing images. grunt-images downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution (RCE) by swapping out the requested binary with an attacker controlled binary if the attacker is on the network or positioned in between the user and the remote server. | 2018-06-04 | not yet calculated | CVE-2016-10645 MISC |
| ge -- mds_pulsenet_and_mds_pulsenet_enterprise | Directory traversal may lead to files being exfiltrated or deleted on the GE MDS PulseNET and MDS PulseNET Enterprise version 3.2.1 and prior host platform. | 2018-06-04 | not yet calculated | CVE-2018-10615 CONFIRM BID MISC |
| ge -- mds_pulsenet_and_mds_pulsenet_enterprise | Java remote method invocation (RMI) input port in GE MDS PulseNET and MDS PulseNET Enterprise version 3.2.1 and prior may be exploited to allow unauthenticated users to launch applications and support remote code execution through web services. | 2018-06-04 | not yet calculated | CVE-2018-10611 CONFIRM BID MISC |
| ge -- mds_pulsenet_and_mds_pulsenet_enterprise | Multiple variants of XML External Entity (XXE) attacks may be used to exfiltrate data from the host Windows platform in GE MDS PulseNET and MDS PulseNET Enterprise version 3.2.1 and prior. | 2018-06-04 | not yet calculated | CVE-2018-10613 CONFIRM BID MISC |
| gentoo -- gentoo | The Gentoo app-backup/burp package before 2.1.32 has incorrect group ownership of the /etc/burp directory, which might allow local users to obtain read and write access to arbitrary files by leveraging access to a certain account for a burp-server.conf change. | 2018-06-04 | not yet calculated | CVE-2017-18285 CONFIRM |
| gentoo -- gentoo | The Gentoo app-backup/burp package before 2.1.32 sets the ownership of the PID file directory to the burp account, which might allow local users to kill arbitrary processes by leveraging access to this account for PID file modification before a root script sends a SIGKILL. | 2018-06-04 | not yet calculated | CVE-2017-18284 CONFIRM |
| geohey-team -- node-thulac | node-thulac is a node binding for thulac. node-thulac downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution (RCE) by swapping out the requested binary with an attacker controlled binary if the attacker is on the network or positioned in between the user and the remote server. | 2018-06-04 | not yet calculated | CVE-2016-10640 MISC |
| get -- parsejson | The parsejson module is vulnerable to regular expression denial of service when untrusted user input is passed into it to be parsed. | 2018-06-06 | not yet calculated | CVE-2017-16113 MISC MISC |
| gfe-sass -- gfe-sass | gfe-sass is a library for promises (CommonJS/Promises/A,B,D) gfe-sass downloads resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution (RCE) by swapping out the requested resources with an attacker controlled copy if the attacker is on the network or positioned in between the user and the remote server. | 2018-06-04 | not yet calculated | CVE-2017-16040 MISC |
git-lt -- iterhttp
| iter-http is a server for static files. iter-http is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url. | 2018-06-06 | not yet calculated | CVE-2017-16094 MISC MISC |
| gitbookio -- gitbook | GitBook is a command line tool (and Node.js library) for building beautiful books using GitHub/Git and Markdown (or AsciiDoc). Stored Cross-Site-Scripting (XSS) is possible in GitBook before 3.2.2 by including code outside of backticks in any ebook. This code will be executed on the online reader. | 2018-06-04 | not yet calculated | CVE-2017-16019 MISC MISC |
| gnome_project -- gnome_web | libephymain.so in GNOME Web (aka Epiphany) through 3.28.2.1 allows remote attackers to cause a denial of service (application crash) via certain window.open and document.write calls. | 2018-06-07 | not yet calculated | CVE-2018-12016 MISC |
| gnupg -- gnupg | mainproc.c in GnuPG before 2.2.8 mishandles the original filename during decryption and verification actions, which allows remote attackers to spoof the output that GnuPG sends on file descriptor 2 to other programs that use the "--status-fd 2" option. For example, the OpenPGP data might represent an original filename that contains line feed characters in conjunction with GOODSIG or VALIDSIG status codes. | 2018-06-08 | not yet calculated | CVE-2018-12020 MISC MISC MISC DEBIAN DEBIAN DEBIAN |
| gomeplusfed -- meixin-h5-proxy | `gomeplus-h5-proxy` is vulnerable to a directory traversal issue, allowing attackers to access any file in the system by placing '../' in the URL. | 2018-06-04 | not yet calculated | CVE-2017-16037 MISC MISC |
| greencms -- greencms | An issue was discovered in GreenCMS v2.3.0603. There is a CSRF vulnerability that allows attackers to execute arbitrary PHP code via the content parameter to index.php?m=admin&c=media&a=fileconnect. | 2018-06-01 | not yet calculated | CVE-2018-11670 MISC EXPLOIT-DB |
| greencms -- greencms | An issue was discovered in GreenCMS v2.3.0603. There is a CSRF vulnerability that can add an admin account via index.php?m=admin&c=access&a=adduserhandle. | 2018-06-01 | not yet calculated | CVE-2018-11671 MISC EXPLOIT-DB |
| grunt -- grunt-ccompiler | grunt-ccompiler is a Closure Compiler Grunt Plugin. grunt-ccompiler downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution (RCE) by swapping out the requested binary with an attacker controlled binary if the attacker is on the network or positioned in between the user and the remote server. | 2018-06-04 | not yet calculated | CVE-2016-10636 MISC |
| gruntcli -- gruntcli | gruntcli was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm. | 2018-06-06 | not yet calculated | CVE-2017-16058 MISC |
| guardian -- html-janitor | html-janitor node module suffers from a Cross-Site Scripting (XSS) vulnerability via clean() accepting user-controlled values. | 2018-06-04 | not yet calculated | CVE-2017-0931 MISC MISC |
guardian -- html-janitor
| html-janitor node module suffers from an External Control of Critical State Data vulnerability via user-control of the '_sanitized' variable causing sanitization to be bypassed. | 2018-06-04 | not yet calculated | CVE-2017-0928 MISC MISC |
| gvarsanyi -- sync-exec | The sync-exec module is used to simulate child_process.execSync in node versions <0.11.9. Sync-exec uses tmp directories as a buffer before returning values. Other users on the server have read access to the tmp directory, possibly allowing an attacker on the server to obtain confidential information from the buffer/tmp file, while it exists. | 2018-06-04 | not yet calculated | CVE-2017-16024 MISC MISC MISC MISC |
hacksparrow -- safe-eval
| The safe-eval module describes itself as a safer version of eval. By accessing the object constructors, un-sanitized user input can access the entire standard library and effectively break out of the sandbox. | 2018-06-06 | not yet calculated | CVE-2017-16088 MISC MISC MISC |
hapijs -- content
| The content module is a module to parse HTTP Content-* headers. It is used by the hapijs framework to provide this functionality. The module is vulnerable to regular expression denial of service when passed a specifically crafted Content-Type or Content-Disposition header. | 2018-06-06 | not yet calculated | CVE-2017-16111 MISC |
| hapijs -- hapi | hapi is a web and services application framework. When hapi >= 15.0.0 <= 16.1.0 encounters a malformed `accept-encoding` header an uncaught exception is thrown. This may cause hapi to crash or to hang the client connection until the timeout period is reached. | 2018-06-04 | not yet calculated | CVE-2017-16013 MISC MISC |
| hapijs -- nes | Nes is a websocket extension library for hapi. Hapi is a webserver framework. Versions below and including 6.4.0 have a denial of service vulnerability via an invalid Cookie header. This is only present when websocket authentication is set to `cookie`. Submitting an invalid cookie on the websocket upgrade request will cause the node process to error out. | 2018-06-04 | not yet calculated | CVE-2017-16025 MISC MISC MISC |
hardog -- ritp | ritp is a static web server. ritp is vulnerable to a directory traversal issue whereby an attacker can gain access to the file system by placing ../ in the URL. Access is restricted to files with a file extension, so files such as /etc/passwd are not accessible. | 2018-06-06 | not yet calculated | CVE-2017-16198 MISC MISC |
| haxe-dev -- haxe-dev | haxe-dev is a cross-platform toolkit. haxe-dev downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution (RCE) by swapping out the requested binary with an attacker controlled binary if the attacker is on the network or positioned in between the user and the remote server. | 2018-06-04 | not yet calculated | CVE-2016-10637 MISC |
| hcbserver -- hcbserver | hcbserver is a static file server. hcbserver is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url. | 2018-06-06 | not yet calculated | CVE-2017-16171 MISC MISC |
| healthcenter -- healthcenter | healthcenter - IBM Monitoring and Diagnostic Tools health Center agent healthcenter downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution (RCE) by swapping out the requested resources with an attacker controlled copy if the attacker is on the network or positioned in between the user and the remote server. | 2018-06-04 | not yet calculated | CVE-2016-10684 MISC |
helloheary -- sgin.cn_xiangyun_platform | SGIN.CN xiangyun platform V9.4.10 has XSS via the login_url parameter to /login.php. | 2018-06-05 | not yet calculated | CVE-2018-11553 MISC |
| henrytseng -- hostr | hostr is a simple web server that serves up the contents of the current directory. There is a directory traversal vulnerability in hostr 2.3.5 and earlier that allows an attacker to read files outside the current directory by sending `../` in the url path for GET requests. | 2018-06-04 | not yet calculated | CVE-2017-16029 MISC MISC |
| herber -- hekto | hekto node module suffers from a Path Traversal vulnerability due to lack of validation of file, which allows a malicious user to read content of any file with known path. | 2018-06-06 | not yet calculated | CVE-2018-3725 MISC |
| hftp -- hftp | `hftp` is a static http or ftp server `hftp` is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url. | 2018-06-04 | not yet calculated | CVE-2017-16039 MISC MISC |
| hopper -- disassembler | An exploitable out of bounds write vulnerability exists in the parsing of ELF Section Headers of Hopper Disassembler 3.11.20. A specially crafted ELF file can cause attacker controlled pointer arithmetic resulting in a partially controlled out of bounds write. An attacker can craft an ELF file with specific section headers to trigger this vulnerability. | 2018-06-04 | not yet calculated | CVE-2016-8390 BID MISC |
| http-proxy.js -- http-proxy.js | http-proxy.js was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm. | 2018-06-06 | not yet calculated | CVE-2017-16075 MISC |
https-proxy-agent -- https-proxy-agent | https-proxy-agent passes unsanitized options to Buffer(arg) resulting in DoS and uninitialized memory leak. | 2018-06-06 | not yet calculated | CVE-2018-3736 MISC |
| https-proxy-agent -- https-proxy-agent | https-proxy-agent before 2.1.1 passes auth option to the Buffer constructor without proper sanitization, resulting in DoS and uninitialized memory leak in setups where an attacker could submit typed input to the 'auth' parameter (e.g. JSON). | 2018-06-06 | not yet calculated | CVE-2018-3739 MISC |
| huawei -- multiple_servers | There is an authentication bypass vulnerability in some Huawei servers. A remote attacker with low privilege may bypass the authentication by some special operations. Due to insufficient authentication, an attacker may exploit the vulnerability to get some sensitive information and high-level users' privilege. | 2018-06-05 | not yet calculated | CVE-2018-7943 CONFIRM |
| hubl-server -- hubl-server | The hubl-server module is a wrapper for the HubL Development Server. During installation hubl-server downloads a set of dependencies from api.hubapi.com. It appears in the code that these files are downloaded over HTTPS however the api.hubapi.com endpoint redirects to a HTTP url. Because of this behavior an attacker with the ability to man-in-the-middle a developer or system performing a package installation could compromise the integrity of the installation. | 2018-06-04 | not yet calculated | CVE-2017-16035 MISC |
| hujiang-fe -- arcanist | arcanist downloads resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution (RCE) by swapping out the requested resources with an attacker controlled copy if the attacker is on the network or positioned in between the user and the remote server. | 2018-06-04 | not yet calculated | CVE-2016-10683 MISC |
| hypesystem -- jikes | jikes is a file server. jikes is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url. Accessible files are restricted to files with .htm and .js extensions. | 2018-06-06 | not yet calculated | CVE-2017-16139 MISC MISC |
| i18next -- i18next | i18next is a language translation framework. Because of how the interpolation is implemented, making replacements from the dictionary one at a time, untrusted user input can use the name of one of the dictionary keys to inject script into the browser. This affects i18next <=1.10.2. | 2018-06-04 | not yet calculated | CVE-2017-16008 MISC MISC |
| ibm -- bigfix_platform | IBM BigFix Platform 9.2 and 9.5 transmits sensitive or security-critical data in clear text in a communication channel that can be sniffed by unauthorized actors. IBM X-Force ID: 143745. | 2018-06-04 | not yet calculated | CVE-2018-1600 CONFIRM XF |
| ibm -- connections | IBM Connections 5.0, 5.5, and 6.0 could allow a remote attacker to conduct phishing attacks, using an open redirect attack. By persuading a victim to visit a specially-crafted Web site, a remote attacker could exploit this vulnerability to spoof the URL displayed to redirect a user to a malicious Web site that would appear to be trusted. This could allow the attacker to obtain highly sensitive information or conduct further attacks against the victim. IBM X-Force ID: 135521. | 2018-06-04 | not yet calculated | CVE-2017-1748 CONFIRM XF |
| ibm -- infosphere_information_server | IBM InfoSphere Information Server 11.3, 11.5, and 11.7 could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security. An attacker could exploit this vulnerability to obtain sensitive information using man in the middle techniques. IBM X-Force ID: 140089. | 2018-06-05 | not yet calculated | CVE-2018-1454 CONFIRM SECTRACK XF |
| ibm -- infosphere_information_server | IBM InfoSphere Information Server 9.1, 11.3, 11.5, and 11.7 could allow a user to escalate their privileges to administrator due to improper access controls. IBM X-Force ID: 126526. | 2018-06-05 | not yet calculated | CVE-2017-1350 CONFIRM SECTRACK XF |
| ibm -- infosphere_information_server | IBM InfoSphere Information Server 9.1, 11.3, 11.5, and 11.7 is vulnerable to cross-frame scripting which is a vulnerability that allows an attacker to load Information Server components inside an HTML iframe tag on a malicious page. The attacker could use this weakness to devise a Clickjacking attack to conduct phishing, frame sniffing, social engineering or Cross-Site Request Forgery attacks. IBM X-Force ID: 139360. | 2018-06-05 | not yet calculated | CVE-2018-1432 CONFIRM SECTRACK XF |
| ibm -- rhapsody_dm | IBM Rhapsody DM 5.0 through 5.0.2 and 6.0 through 6.0.5 is vulnerable to a XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 140091. | 2018-06-06 | not yet calculated | CVE-2018-1456 CONFIRM XF |
| ibm -- robotic_process_automation_with_automation_anywhere | IBM Robotic Process Automation with Automation Anywhere 10.0 could allow a remote attacker to execute arbitrary code on the system, caused by improper output encoding in an CSV export. By persuading a victim to download the CSV export, to open it in Microsoft Excel and to confirm the two security questions, an attacker could exploit this vulnerability to run any command or program on the victim's machine. IBM X-Force ID: 142651. | 2018-06-07 | not yet calculated | CVE-2018-1547 CONFIRM XF |
| ibm -- robotic_process_automation_with_automation_anywhere | IBM Robotic Process Automation with Automation Anywhere 10.0 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 141622. | 2018-06-07 | not yet calculated | CVE-2018-1514 CONFIRM XF |
| ibm -- security_access_manager_appliance | IBM Security Access Manager Appliance 8.0.0 through 8.0.1.6, and 9.0.0 through 9.0.3.1 stores potentially sensitive information in log files that could be read by a remote user. IBM X-Force ID: 128617. | 2018-06-06 | not yet calculated | CVE-2017-1480 CONFIRM XF |
| ibm -- security_access_manager_appliance | IBM Security Access Manager Appliance 7.0.0, 8.0.0 through 8.0.1.6, and 9.0.0 through 9.0.3.1 could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security. An attacker could exploit this vulnerability to obtain sensitive information using man in the middle techniques. IBM X-Force ID: 128610. | 2018-06-06 | not yet calculated | CVE-2017-1476 CONFIRM XF |
| ibm -- security_access_manager_appliance | IBM Security Access Manager Appliance 7.0.0, 8.0.0 through 8.0.1.6, and 9.0.0 through 9.0.3.1 discloses sensitive information to unauthorized users. The information can be used to mount further attacks on the system. IBM X-Force ID: 128606. | 2018-06-06 | not yet calculated | CVE-2017-1474 CONFIRM XF |
| ibm -- security_identity_manager_virtual_appliance | IBM Security Identity Manager Virtual Appliance 7.0 processes patches, image backups and other updates without sufficiently verifying the origin and integrity of the code. IBM X-Force ID: 127392. | 2018-06-08 | not yet calculated | CVE-2017-1405 CONFIRM XF |
| ibm -- security_identity_manager_virtual_appliance | IBM Security Identity Manager Virtual Appliance 7.0 allows an authenticated attacker to upload or transfer files of dangerous types that can be automatically processed within the environment. IBM X-Force ID: 140055. | 2018-06-08 | not yet calculated | CVE-2018-1453 CONFIRM XF |
| ibm-swift -- kitura | Kitura 2.3.0 and earlier have an unintended read access to unauthorised files and folders that can be exploited by a crafted URL resulting in information disclosure. | 2018-06-05 | not yet calculated | CVE-2018-1000181 CONFIRM |
| ikst -- ikst | ikst versions before 1.1.2 download resources over HTTP, which leaves it vulnerable to MITM attacks. | 2018-06-04 | not yet calculated | CVE-2017-16041 MISC |
| indexzero-- timespan | The timespan module is vulnerable to regular expression denial of service. Given 50k characters of untrusted user input it will block the event loop for around 10 seconds. | 2018-06-06 | not yet calculated | CVE-2017-16115 MISC MISC |
| intel -- integrated_performance_primitives_cryptography_library | Some implementations in Intel Integrated Performance Primitives Cryptography Library before version 2018 U2.1 do not properly ensure constant execution time. | 2018-06-05 | not yet calculated | CVE-2018-3691 CONFIRM |
| intsol-package -- intsol-package | intsol-package is a file server. intsol-package is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url. | 2018-06-06 | not yet calculated | CVE-2017-16178 MISC MISC |
ipfs -- aegir
| aegir is a module to help automate JavaScript project management. Version 12.0.0 through and including 12.0.7 bundled and published to npm the user (that performed a aegir-release) GitHub token. | 2018-06-06 | not yet calculated | CVE-2017-16225 MISC |
| ipip-coffee -- ipip-coffee | ipip-coffee queries geolocation information from IP ipip-coffee downloads geolocation resources over HTTP, which leaves it vulnerable to MITM attacks. This could impact the integrity and availability of the data being used to make geolocation decisions by an application. | 2018-06-04 | not yet calculated | CVE-2016-10673 MISC |
isaacs -- st
| st is a module for serving static files. An attacker is able to craft a request that results in an HTTP 301 (redirect) to an entirely different domain. A request for: http://some.server.com//nodesecurity.org/%2e%2e would result in a 301 to //nodesecurity.org/%2e%2e which most browsers treat as a proper redirect as // is translated into the current schema being used. Mitigating factor: In order for this to work, st must be serving from the root of a server (/) rather than the typical sub directory (/static/) and the redirect URL will end with some form of URL encoded .. ("%2e%2e", "%2e.", ".%2e"). | 2018-06-06 | not yet calculated | CVE-2017-16224 MISC |
| iter-server -- iter-server | iter-server is a static file server. iter-server is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url. | 2018-06-06 | not yet calculated | CVE-2017-16183 MISC MISC |
| jansenstuffpleasework -- jansenstuffpleasework | jansenstuffpleasework is a file server. jansenstuffpleasework is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url. | 2018-06-06 | not yet calculated | CVE-2017-16176 MISC MISC |
| jaredmh -- lab6-node.js | http_static_simple is an http server. http_static_simple is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url. | 2018-06-06 | not yet calculated | CVE-2017-16134 MISC MISC |
jarofghosts -- glance | glance node module before 3.0.4 suffers from a Path Traversal vulnerability due to lack of validation of path passed to it, which allows a malicious user to read content of any file with known path. | 2018-06-06 | not yet calculated | CVE-2018-3715 MISC MISC |
| jenkins -- jenkins | A persisted cross-site scripting vulnerability exists in Jenkins Groovy Postbuild Plugin 2.3.1 and older in various Jelly files that allows attackers able to control build badge content to define JavaScript that would be executed in another user's browser when that other user performs some UI actions. | 2018-06-05 | not yet calculated | CVE-2018-1000202 CONFIRM |
| jenkins -- jenkins | A exposure of sensitive information vulnerability exists in Jenkins GitHub Plugin 1.29.0 and older in GitHubServerConfig.java that allows attackers with Overall/Read access to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins. | 2018-06-05 | not yet calculated | CVE-2018-1000183 CONFIRM |
| jenkins -- jenkins | A exposure of sensitive information vulnerability exists in Jenkins Gitlab Hook Plugin 1.4.2 and older in gitlab_notifier.rb, views/gitlab_notifier/global.erb that allows attackers with local Jenkins master file system access or control of a Jenkins administrator's web browser (e.g. malicious extension) to retrieve the configured Gitlab token. | 2018-06-05 | not yet calculated | CVE-2018-1000196 CONFIRM |
| jenkins -- jenkins | A path traversal vulnerability exists in Jenkins 2.120 and older, LTS 2.107.2 and older in FilePath.java, SoloFilePathFilter.java that allows malicious agents to read and write arbitrary files on the Jenkins master, bypassing the agent-to-master security subsystem protection. | 2018-06-05 | not yet calculated | CVE-2018-1000194 CONFIRM |
| jenkins -- jenkins | An improper authorization vulnerability exists in Jenkins Black Duck Hub Plugin 3.0.3 and older in PostBuildScanDescriptor.java that allows users with Overall/Read permission to read and write the Black Duck Hub plugin configuration. | 2018-06-05 | not yet calculated | CVE-2018-1000197 CONFIRM |
| jenkins -- jenkins | A information exposure vulnerability exists in Jenkins 2.120 and older, LTS 2.107.2 and older in AboutJenkins.java, ListPluginsCommand.java that allows users with Overall/Read access to enumerate all installed plugins. | 2018-06-05 | not yet calculated | CVE-2018-1000192 CONFIRM |
| jenkins -- jenkins | A server-side request forgery vulnerability exists in Jenkins CAS Plugin 1.4.1 and older in CasSecurityRealm.java that allows attackers with Overall/Read access to cause Jenkins to send a GET request to a specified URL. | 2018-06-05 | not yet calculated | CVE-2018-1000188 CONFIRM |
| jenkins -- jenkins | A exposure of sensitive information vulnerability exists in Jenkins Kubernetes Plugin 1.7.0 and older in ContainerExecDecorator.java that results in sensitive variables such as passwords being written to logs. | 2018-06-05 | not yet calculated | CVE-2018-1000187 CONFIRM |
| jenkins -- jenkins | A command execution vulnerability exists in Jenkins Absint Astree Plugin 1.0.5 and older in AstreeBuilder.java that allows attackers with Overall/Read access to execute a command on the Jenkins master. | 2018-06-05 | not yet calculated | CVE-2018-1000189 CONFIRM |
| jenkins -- jenkins | A exposure of sensitive information vulnerability exists in Jenkins Black Duck Hub Plugin 4.0.0 and older in PostBuildScanDescriptor.java that allows attackers with Overall/Read access to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins. | 2018-06-05 | not yet calculated | CVE-2018-1000190 CONFIRM |
| jenkins -- jenkins | A server-side request forgery vulnerability exists in Jenkins GitHub Plugin 1.29.0 and older in GitHubPluginConfig.java that allows attackers with Overall/Read access to cause Jenkins to send a GET request to a specified URL. | 2018-06-05 | not yet calculated | CVE-2018-1000184 CONFIRM |
| jenkins -- jenkins | A server-side request forgery vulnerability exists in Jenkins 2.120 and older, LTS 2.107.2 and older in ZipExtractionInstaller.java that allows users with Overall/Read permission to have Jenkins submit a HTTP GET request to an arbitrary URL and learn whether the response is successful (200) or not. | 2018-06-05 | not yet calculated | CVE-2018-1000195 CONFIRM |
| jenkins -- jenkins | A server-side request forgery vulnerability exists in Jenkins GitHub Branch Source Plugin 2.3.4 and older in Endpoint.java that allows attackers with Overall/Read access to cause Jenkins to send a GET request to a specified URL. | 2018-06-05 | not yet calculated | CVE-2018-1000185 CONFIRM |
| jenkins -- jenkins | A exposure of sensitive information vulnerability exists in Jenkins Black Duck Detect Plugin 1.4.0 and older in DetectPostBuildStepDescriptor.java that allows attackers with Overall/Read access to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins. | 2018-06-05 | not yet calculated | CVE-2018-1000191 CONFIRM |
| jenkins -- jenkins | A improper neutralization of control sequences vulnerability exists in Jenkins 2.120 and older, LTS 2.107.2 and older in HudsonPrivateSecurityRealm.java that allows users to sign up using user names containing control characters that can then appear to have the same name as other users, and cannot be deleted via the UI. | 2018-06-05 | not yet calculated | CVE-2018-1000193 CONFIRM |
| jenkins -- jenkins | A server-side request forgery vulnerability exists in Jenkins Git Plugin 3.9.0 and older in AssemblaWeb.java, GitBlitRepositoryBrowser.java, Gitiles.java, TFS2013GitRepositoryBrowser.java, ViewGitWeb.java that allows attackers with Overall/Read access to cause Jenkins to send a GET request to a specified URL. | 2018-06-05 | not yet calculated | CVE-2018-1000182 CONFIRM |
| jenkins -- jenkins | A exposure of sensitive information vulnerability exists in Jenkins GitHub Pull Request Builder Plugin 1.41.0 and older in GhprbGitHubAuth.java that allows attackers with Overall/Read access to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins. | 2018-06-05 | not yet calculated | CVE-2018-1000186 CONFIRM |
| jenkins -- jenkins | A XML external entity processing vulnerability exists in Jenkins Black Duck Hub Plugin 3.1.0 and older in PostBuildScanDescriptor.java that allows attackers with Overall/Read permission to make Jenkins process XML eternal entities in an XML document. | 2018-06-05 | not yet calculated | CVE-2018-1000198 CONFIRM |
| jeremylong -- dependencycheck | OWASP Dependency-Check before 3.2.0 allows attackers to write to arbitrary files via a crafted archive that holds directory traversal filenames. | 2018-06-07 | not yet calculated | CVE-2018-12036 MISC MISC |
| jn_jj_server -- jn_jj_server | jn_jj_server is a static file server. jn_jj_server is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url. | 2018-06-06 | not yet calculated | CVE-2017-16210 MISC MISC |
jonschlinkert -- assign-deep
| assign-deep node module before 0.4.7 suffers from a Modification of Assumed-Immutable Data (MAID) vulnerability, which allows a malicious user to modify the prototype of "Object" via __proto__, causing the addition or modification of an existing property that will exist on all objects. | 2018-06-06 | not yet calculated | CVE-2018-3720 MISC MISC |
jonschlinkert -- defaults-deep | defaults-deep node module before 0.2.4 suffers from a Modification of Assumed-Immutable Data (MAID) vulnerability, which allows a malicious user to modify the prototype of "Object" via __proto__, causing the addition or modification of an existing property that will exist on all objects. | 2018-06-06 | not yet calculated | CVE-2018-3723 MISC MISC |
jonschlinkert -- merge-deep
| merge-deep node module before 3.0.1 suffers from a Modification of Assumed-Immutable Data (MAID) vulnerability, which allows a malicious user to modify the prototype of "Object" via __proto__, causing the addition or modification of an existing property that will exist on all objects. | 2018-06-06 | not yet calculated | CVE-2018-3722 MISC MISC |
| jonschlinkert -- randomatic | react-native-meteor-oauth is a library for Oauth2 login to a Meteor server in React Native. The oauth Random Token is generated using a non-cryptographically strong RNG (Math.random()). | 2018-06-04 | not yet calculated | CVE-2017-16028 MISC MISC |
| jonschlinkert -- remarkable | Remarkable is a markdown parser. In versions 1.6.2 and lower, remarkable allows the use of `data:` URIs in links and can therefore execute javascript. | 2018-06-04 | not yet calculated | CVE-2017-16006 MISC MISC |
| joyent -- node-http-signature | Http-signature is a "Reference implementation of Joyent's HTTP Signature Scheme". In versions <=0.9.11, http-signature signs only the header values, but not the header names. This makes http-signature vulnerable to header forgery. Thus, if an attacker can intercept a request, he can swap header names and change the meaning of the request without changing the signature. | 2018-06-04 | not yet calculated | CVE-2017-16005 MISC MISC |
joyent -- node-sshpk | sshpk is vulnerable to ReDoS when parsing crafted invalid public keys. | 2018-06-06 | not yet calculated | CVE-2018-3737 MISC |
joyplus -- joyplus-cms | joyplus-cms 1.6.0 allows Remote Code Execution because of an Arbitrary SQL command execution issue in manager/index.php involving use of a "/!select/" substring in place of a select substring. | 2018-06-07 | not yet calculated | CVE-2018-12039 MISC |
jprichardson -- string.js
| The string module is a module that provides extra string operations. The string module is vulnerable to regular expression denial of service when specifically crafted untrusted user input is passed into the underscore or unescapeHTML methods. | 2018-06-06 | not yet calculated | CVE-2017-16116 MISC MISC |
| jquery -- jquery | Jquery is a javascript library for DOM traversal and manipulation, event handling, animation, and Ajax. When text/javascript responses are received from cross-origin ajax requests not containing the option `dataType`, the result is executed in `jQuery.globalEval` potentially allowing an attacker to execute arbitrary code on the origin. This affects Jquery >=1.4.0 <=1.11.3 || >=1.12.4 <=2.2.4. | 2018-06-04 | not yet calculated | CVE-2017-16012 MISC MISC MISC |
| jquery -- jquery | jQuery is a javascript library for DOM manipulation. jQuery's main method in affected versions (>=1.7.1 <=1.8.3) contains an unreliable way of detecting whether the input to the `jQuery(strInput)` function is intended to be a selector or HTML. | 2018-06-04 | not yet calculated | CVE-2017-16011 MISC MISC MISC MISC MISC |
| jquery.js -- jquery.js | `jquery.js` was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm. | 2018-06-04 | not yet calculated | CVE-2017-16045 MISC |
| jquey -- jquey | The jquey module exfiltrates sensitive data such as a user's private SSH key and bash history to a third party server during installation. | 2018-06-06 | not yet calculated | CVE-2017-16204 MISC |
| js-given -- js-given | js-given is a JavaScript frontend to jgiven. js-given downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution (RCE) by swapping out the requested binary with an attacker controlled binary if the attacker is on the network or positioned in between the user and the remote server. | 2018-06-04 | not yet calculated | CVE-2016-10638 MISC |
jshttp -- forwarded
| The forwarded module is used by the Express.js framework to handle the X-Forwarded-For header. It is vulnerable to a regular expression denial of service when it's passed specially crafted input to parse. This causes the event loop to be blocked causing a denial of service condition. | 2018-06-06 | not yet calculated | CVE-2017-16118 MISC |
jshttp -- fresh
| Fresh is a module used by the Express.js framework for HTTP response freshness testing. It is vulnerable to a regular expression denial of service when it is passed specially crafted input to parse. This causes the event loop to be blocked causing a denial of service condition. | 2018-06-06 | not yet calculated | CVE-2017-16119 MISC |
| jstestdriver -- jstestdriver | jstestdriver is a wrapper for Google's jstestdriver. jstestdriver downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution (RCE) by swapping out the requested binary with an attacker controlled binary if the attacker is on the network or positioned in between the user and the remote server. | 2018-06-04 | not yet calculated | CVE-2016-10643 MISC |
julien -- sencisho | Sencisho is a simple http server for local development. Sencisho is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the URL. | 2018-06-06 | not yet calculated | CVE-2017-16092 MISC MISC |
| kevinjreece -- reecerver | reecerver is a web server. reecerver is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url. | 2018-06-06 | not yet calculated | CVE-2017-16188 MISC MISC |
| korynunn -- list-n-stream | list-n-stream is a server for static files to list and stream local videos. list-n-stream v0.0.10 or lower is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url. | 2018-06-06 | not yet calculated | CVE-2017-16084 MISC MISC |
| lennym -- redis-srvr | redis-srvr is a npm wrapper for redis-server. redis-srvr downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution (RCE) by swapping out the requested binary with an attacker controlled binary if the attacker is on the network or positioned in between the user and the remote server. | 2018-06-04 | not yet calculated | CVE-2016-10639 MISC |
| lessindex -- lessindex | lessindex is a static file server. lessindex is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url. | 2018-06-06 | not yet calculated | CVE-2017-16211 MISC MISC |
| libjpeg -- libjpeg | libjpeg 9c has a large loop because read_pixel in rdtarga.c mishandles EOF. | 2018-06-05 | not yet calculated | CVE-2018-11813 MISC MISC |
| liblouis -- liblouis | Liblouis 3.5.0 has a stack-based Buffer Overflow in the function compileHyphenation in compileTranslationTable.c. | 2018-06-04 | not yet calculated | CVE-2018-11685 MISC UBUNTU |
| liblouis -- liblouis | Liblouis 3.5.0 has a stack-based Buffer Overflow in the function includeFile in compileTranslationTable.c. | 2018-06-04 | not yet calculated | CVE-2018-11684 MISC UBUNTU |
| liblouis -- liblouis | Liblouis 3.6.0 has a stack-based Buffer Overflow in the function parseChars in compileTranslationTable.c, a different vulnerability than CVE-2018-11440. | 2018-06-09 | not yet calculated | CVE-2018-12085 MISC |
| liblouis -- liblouis | Liblouis 3.5.0 has a stack-based Buffer Overflow in the function parseChars in compileTranslationTable.c, a different vulnerability than CVE-2018-11440. | 2018-06-04 | not yet calculated | CVE-2018-11683 MISC UBUNTU |
| libopenmpt -- libopenmpt | soundlib/pattern.h in libopenmpt before 0.3.9 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted AMS file because of an invalid write near address 0 in an out-of-memory situation. | 2018-06-04 | not yet calculated | CVE-2018-11710 CONFIRM CONFIRM |
| libsaas -- libsaas | An issue was discovered in LibSaas through 3.5.4. An out-of-bounds read of a memory region was found in the function Sass::Prelexer::skip_over_scopes which could be leveraged by an attacker to disclose information or manipulated to read from unmapped memory causing a denial of service. | 2018-06-04 | not yet calculated | CVE-2018-11693 MISC |
| libsaas -- libsaas | An issue was discovered in LibSaas through 3.5.2. A NULL pointer dereference was found in the function Sass::Expand::operator which could be leveraged by an attacker to cause a denial of service (application crash) or possibly have unspecified other impact. | 2018-06-04 | not yet calculated | CVE-2018-11695 MISC |
| libsaas -- libsaas | An issue was discovered in LibSaas through 3.5.4. A NULL pointer dereference was found in the function Sass::Functions::selector_append which could be leveraged by an attacker to cause a denial of service (application crash) or possibly have unspecified other impact. | 2018-06-04 | not yet calculated | CVE-2018-11694 MISC |
| libsaas -- libsaas | An issue was discovered in LibSaas through 3.5.4. A NULL pointer dereference was found in the function Sass::Inspect::operator which could be leveraged by an attacker to cause a denial of service (application crash) or possibly have unspecified other impact. | 2018-06-04 | not yet calculated | CVE-2018-11696 MISC |
| linux -- linux_kernel | The Linux Kernel versions 4.14, 4.15, and 4.16 has a null pointer dereference which can result in an out of memory (OOM) killing of large mlocked processes. The issue arises from an oom killed process's final thread calling exit_mmap(), which calls munlock_vma_pages_all() for mlocked vmas.This can happen synchronously with the oom reaper's unmap_page_range() since the vma's VM_LOCKED bit is cleared before munlocking (to determine if any other vmas share the memory and are mlocked). | 2018-06-05 | not yet calculated | CVE-2018-1000200 MLIST BID CONFIRM CONFIRM MLIST MLIST |
| liuyaserver -- liuyaserver | liuyaserver is a static file server. liuyaserver is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url. | 2018-06-06 | not yet calculated | CVE-2017-16170 MISC MISC |
| lix-pm -- haxeshim | haxeshim haxe shim to deal with coexisting versions. haxeshim downloads resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution (RCE) by swapping out the requested resources with an attacker controlled copy if the attacker is on the network or positioned in between the user and the remote server. | 2018-06-04 | not yet calculated | CVE-2016-10692 MISC |
| liyujing -- liyujing | liyujing is a static file server. liyujing is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url. | 2018-06-06 | not yet calculated | CVE-2017-16120 MISC MISC |
| lodash -- lodash | lodash node module before 4.17.5 suffers from a Modification of Assumed-Immutable Data (MAID) vulnerability via defaultsDeep, merge, and mergeWith functions, which allows a malicious user to modify the prototype of "Object" via __proto__, causing the addition or modification of an existing property that will exist on all objects. | 2018-06-06 | not yet calculated | CVE-2018-3721 MISC MISC |
| looppake -- looppake | looppake is a simple http server. looppake is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url. | 2018-06-06 | not yet calculated | CVE-2017-16169 MISC MISC |
| ltt -- ltt | ltt is a static file server. ltt is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url. | 2018-06-06 | not yet calculated | CVE-2017-16212 MISC MISC |
| lutron -- multiple_products | Default and unremovable support credentials (user:nwk password:nwk2) allow attackers to gain total super user control of an IoT device through a TELNET session to products using the RadioRA 2 Lutron integration protocol Revision M to Revision Y. | 2018-06-02 | not yet calculated | CVE-2018-11681 MISC MISC |
| lutron -- multiple_products | Default and unremovable support credentials allow attackers to gain total super user control of an IoT device through a TELNET session to products using the Stanza Lutron integration protocol Revision M to Revision Y. | 2018-06-02 | not yet calculated | CVE-2018-11682 MISC MISC |
| lutron -- multiple_products | Default and unremovable support credentials (user:lutron password:integration) allow attackers to gain total super user control of an IoT device through a TELNET session to products using the HomeWorks QS Lutron integration protocol Revision M to Revision Y. | 2018-06-02 | not yet calculated | CVE-2018-11629 MISC MISC |
| manageengine -- applications_manager | ManageEngine Applications Manager versions 12 and 13 suffer from a Reflected Cross-Site Scripting vulnerability. Applications Manager is prone to a Cross-Site Scripting vulnerability in parameter LIMIT, in URL path /DiagAlertAction.do?REQTYPE=AJAX&LIMIT=1233. The URL is also available without authentication. | 2018-06-05 | not yet calculated | CVE-2016-9490 FULLDISC BID MISC |
| manageengine -- applications_manager | ManageEngine Applications Manager versions 12 and 13 suffer from remote SQL injection vulnerabilities. An unauthenticated attacker is able to access the URL /servlet/MenuHandlerServlet, which is vulnerable to SQL injection. The attacker could extract users' password hashes, which are MD5 hashes without salt, and, depending on the database type and its configuration, could also execute operating system commands using SQL queries. | 2018-06-05 | not yet calculated | CVE-2016-9488 FULLDISC BID MISC |
manastungare -- whispercast | whispercast is a file server. whispercast is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url. | 2018-06-06 | not yet calculated | CVE-2017-16174 MISC MISC |
| mapbox -- node-sqlite3 | The npm-test-sqlite3-trunk module provides asynchronous, non-blocking SQLite3 bindings. npm-test-sqlite3-trunk downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution (RCE) by swapping out the requested resources with an attacker controlled copy if the attacker is on the network or positioned in between the user and the remote server. | 2018-06-04 | not yet calculated | CVE-2016-10695 MISC |
| mariadb -- mariadb | `mariadb` was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm. | 2018-06-04 | not yet calculated | CVE-2017-16046 MISC |
markedjs -- marked
| The marked module is vulnerable to a regular expression denial of service. Based on the information published in the public issue, 1k characters can block for around 6 seconds. | 2018-06-06 | not yet calculated | CVE-2017-16114 MISC MISC |
| mcafee -- common_ui | External Entity Attack vulnerability in the ePO extension in McAfee Common UI (CUI) 2.0.2 allows remote authenticated users to view confidential information via a crafted HTTP request parameter. | 2018-06-07 | not yet calculated | CVE-2018-6670 CONFIRM |
| mcafee -- management_of_native_encryption | Privilege Escalation vulnerability in McAfee Management of Native Encryption (MNE) before 4.1.4 allows local users to gain elevated privileges via a crafted user input. | 2018-06-05 | not yet calculated | CVE-2018-6662 BID CONFIRM |
| mebyz -- haxe3 | Haxe 3 : The Cross-Platform Toolkit (a fork from David Mouton's damoebius/haxe-npm) haxe3 downloads resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution (RCE) by swapping out the requested resources with an attacker controlled copy if the attacker is on the network or positioned in between the user and the remote server. | 2018-06-04 | not yet calculated | CVE-2016-10688 MISC |
| mediatek -- awus036nh_wireless_usb_adapter | An issue was discovered on the MediaTek AWUS036NH wireless USB adapter through 5.1.25.0. Attackers can remotely deny service by sending specially constructed 802.11 frames. | 2018-06-07 | not yet calculated | CVE-2018-12041 MISC MISC |
| medium -- phantomjs | phantomjs-cheniu is a Headless WebKit with JS API phantomjs-cheniu downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution (RCE) by swapping out the requested resources with an attacker controlled copy if the attacker is on the network or positioned in between the user and the remote server. | 2018-06-04 | not yet calculated | CVE-2016-10661 MISC |
| mfrs -- mfrs | mfrs is a static file server. mfrs is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url. | 2018-06-06 | not yet calculated | CVE-2017-16193 MISC MISC |
| mfrserver -- mfrserver | mfrserver is a simple file server. mfrserver is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url. | 2018-06-06 | not yet calculated | CVE-2017-16213 MISC MISC |
| mixin-deep node -- mixin-deep node | mixin-deep node module before 1.3.1 suffers from a Modification of Assumed-Immutable Data (MAID) vulnerability, which allows a malicious user to modify the prototype of "Object" via __proto__, causing the addition or modification of an existing property that will exist on all objects. | 2018-06-06 | not yet calculated | CVE-2018-3719 MISC MISC |
| mongose -- mongose | mongose was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm. | 2018-06-06 | not yet calculated | CVE-2017-16077 MISC |
| monkpod -- node-wixtoolset | wixtoolset is a Node module wrapper around the wixtoolset binaries wixtoolset downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution (RCE) by swapping out the requested resources with an attacker controlled copy if the attacker is on the network or positioned in between the user and the remote server. | 2018-06-04 | not yet calculated | CVE-2016-10663 MISC |
| monstra -- cms | plugins/box/users/users.plugin.php in Monstra CMS 3.0.4 allows Login Rate Limiting Bypass via manipulation of the login_attempts cookie. | 2018-06-05 | not yet calculated | CVE-2018-11678 MISC |
| morrisjs -- morris.js | Morris.js creates an svg graph, with labels that appear when hovering over a point. The hovering label names are not escaped in versions 0.5.0 and earlier. If control over the labels is obtained, script can be injected. The script will run on the client side whenever that specific graph is loaded. | 2018-06-04 | not yet calculated | CVE-2017-16022 MISC MISC |
| mozilla -- marionette-socket-host | marionette-socket-host is a marionette-js-runner host for sending actions over a socket. marionette-socket-host downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution (RCE) by swapping out the requested binary with an attacker controlled binary if the attacker is on the network or positioned in between the user and the remote server. | 2018-06-04 | not yet calculated | CVE-2016-10648 MISC |
| mruby -- mruby | The init_copy function in kernel.c in mruby 1.4.1 makes initialize_copy calls for TT_ICLASS objects, which allows attackers to cause a denial of service (mrb_hash_keys uninitialized pointer and application crash) or possibly have unspecified other impact. | 2018-06-05 | not yet calculated | CVE-2018-11743 MISC MISC |
mrvautin -- express-cart | Unrestricted file upload (RCE) in express-cart module before 1.1.7 allows a privileged user to gain access in the hosting machine. | 2018-06-07 | not yet calculated | CVE-2018-3758 MISC |
| mssql-node -- mssql-node | mssql-node was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm. | 2018-06-06 | not yet calculated | CVE-2017-16059 MISC |
| mssql.js -- mssql.js | mssql.js was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm. | 2018-06-06 | not yet calculated | CVE-2017-16056 MISC |
| muaz-khan -- filebufferreader | fbr-client sends files through sockets via socket.io and webRTC. fbr-client is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url. | 2018-06-06 | not yet calculated | CVE-2017-16217 MISC MISC |
| mybb -- mybb | The Recent Threads plugin before 1.1 for MyBB allows XSS via a thread subject. | 2018-06-04 | not yet calculated | CVE-2018-11715 MISC EXPLOIT-DB |
| myprolyz -- myprolyz | myprolyz is a static file server. myprolyz is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url. | 2018-06-06 | not yet calculated | CVE-2017-16156 MISC MISC |
| myserver.alexcthomas18 -- myserver.alexcthomas18 | myserver.alexcthomas18 is a file server. myserver.alexcthomas18 is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url. | 2018-06-06 | not yet calculated | CVE-2017-16144 MISC MISC |
| node-air-sdk -- node-air-sdk | node-air-sdk is an AIR SDK for nodejs. node-air-sdk downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution (RCE) by swapping out the requested binary with an attacker controlled binary if the attacker is on the network or positioned in between the user and the remote server. | 2018-06-04 | not yet calculated | CVE-2016-10647 MISC |
| node-fabric -- node-fabric | `node-fabric` was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm. | 2018-06-04 | not yet calculated | CVE-2017-16052 MISC |
| node-opencv -- node-opencv | node-opencv was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm. | 2018-06-06 | not yet calculated | CVE-2017-16067 MISC |
| node-opensl -- node-opensl | node-opensl was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm. | 2018-06-06 | not yet calculated | CVE-2017-16063 MISC |
| node-openssl -- node-openssl | node-openssl was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm. | 2018-06-06 | not yet calculated | CVE-2017-16064 MISC |
| node-sqlite -- node-sqlite | `node-sqlite` was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm. | 2018-06-04 | not yet calculated | CVE-2017-16048 MISC |
| node-srv -- node-srv | node-srv node module suffers from a Path Traversal vulnerability due to lack of validation of url, which allows a malicious user to read content of any file with known path. | 2018-06-06 | not yet calculated | CVE-2018-3714 MISC |
| nodeaaaaa -- nodeaaaaa | nodeaaaaa is a static file server. nodeaaaaa is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url. | 2018-06-06 | not yet calculated | CVE-2017-16223 MISC MISC |
| nodecaffe -- nodecaffe | nodecaffe was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm. | 2018-06-06 | not yet calculated | CVE-2017-16070 MISC |
| nodefabric -- nodefabric | `nodefabric` was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm. | 2018-06-04 | not yet calculated | CVE-2017-16054 MISC |
| nodeffmpeg -- nodeffmpeg | nodeffmpeg was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm. | 2018-06-06 | not yet calculated | CVE-2017-16069 MISC |
| nodejitsu -- node-http-proxy | Http-proxy is a proxying library. Because of the way errors are handled in versions before 0.7.0, an attacker that forces an error can crash the server, causing a denial of service. | 2018-06-04 | not yet calculated | CVE-2017-16014 MISC MISC |
| nodemailer-js -- nodemailer-js | nodemailer-js was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm. | 2018-06-06 | not yet calculated | CVE-2017-16071 MISC |
| nodemailer.js -- nodemailer.js | nodemailer.js was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm. | 2018-06-06 | not yet calculated | CVE-2017-16072 MISC |
| nodemssql -- nodemssql | nodemssql was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm. | 2018-06-06 | not yet calculated | CVE-2017-16057 MISC |
| noderequest -- noderequest | noderequest was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm. | 2018-06-06 | not yet calculated | CVE-2017-16073 MISC |
| nodesass -- nodesass | nodesass was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm. | 2018-06-06 | not yet calculated | CVE-2017-16080 MISC |
| nodesqlite -- nodesqlite | `nodesqlite` was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm. | 2018-06-04 | not yet calculated | CVE-2017-16049 MISC |
| notduncansmith -- summit | Summit is a node web framework. When using the PouchDB driver in the module, Summit 0.1.0 and later allows an attacker to execute arbitrary commands via the collection name. | 2018-06-04 | not yet calculated | CVE-2017-16020 MISC MISC |
| nowk -- serc.js | serc.js is a Selenium RC process wrapper serc.js downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution (RCE) by swapping out the requested resources with an attacker controlled copy if the attacker is on the network or positioned in between the user and the remote server. | 2018-06-04 | not yet calculated | CVE-2016-10678 MISC |
npm -- security-holder
| `d3.js` was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm. | 2018-06-04 | not yet calculated | CVE-2017-16044 MISC |
| npm-script-demo -- npm-script-demo | The module npm-script-demo opened a connection to a command and control server. It has been removed from the npm registry. | 2018-06-06 | not yet calculated | CVE-2017-16128 MISC |
| ntp -- ntp | An exploitable denial of service vulnerability exists in the origin timestamp check functionality of ntpd 4.2.8p9. A specially crafted unauthenticated network packet can be used to reset the expected origin timestamp for target peers. Legitimate replies from targeted peers will fail the origin timestamp check (TEST2) causing the reply to be dropped and creating a denial of service condition. | 2018-06-04 | not yet calculated | CVE-2016-9042 BID SECTRACK SECTRACK FREEBSD MISC |
| nzedb -- nzedb | nZEDb v0.7.3.3 has XSS in the 404 error page. | 2018-06-05 | not yet calculated | CVE-2017-18286 MISC |
| ocularis -- recorder | An exploitable denial of service vulnerability exists in the Ocularis Recorder functionality of Ocularis 5.5.0.242. A specially crafted TCP packet can cause a process to terminate resulting in denial of service. An attacker can send a crafted TCP packet to trigger this vulnerability. | 2018-06-06 | not yet calculated | CVE-2018-3852 BID MISC |
| olebedev -- node-mystem | mystem is a Node.js wrapper for MyStem morphology text analyzer by Yandex.ru mystem downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution (RCE) by swapping out the requested binary with an attacker controlled binary if the attacker is on the network or positioned in between the user and the remote server. | 2018-06-04 | not yet calculated | CVE-2016-10664 MISC |
omphalos -- crud-file-server
| crud-file-server node module before 0.8.0 suffers from a Cross-Site Scripting vulnerability to a lack of validation of file names. | 2018-06-06 | not yet calculated | CVE-2018-3726 MISC MISC |
| open-device -- open-device | open-device creates a web interface for any device. open-device is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url. | 2018-06-06 | not yet calculated | CVE-2017-16187 MISC MISC |
| opencv.js -- opencv.js | opencv.js was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm. | 2018-06-06 | not yet calculated | CVE-2017-16066 MISC |
| openframe-ascii-image -- openframe-ascii-image | openframe-ascii-image module is an openframe plugin which adds support for ascii images via fim. openframe-ascii-image downloads resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution (RCE) by swapping out the requested resources with an attacker controlled copy if the attacker is on the network or positioned in between the user and the remote server. | 2018-06-04 | not yet calculated | CVE-2016-10690 MISC |
| openssl.js -- openssl.js | openssl.js was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm. | 2018-06-06 | not yet calculated | CVE-2017-16065 MISC |
| opensuse -- open_build_service_api | The controller of the Open Build Service API prior to version 2.4.4 is missing a write permission check, allowing an authenticated attacker to add or remove user roles from packages and/or project meta data. | 2018-06-08 | not yet calculated | CVE-2013-3703 CONFIRM CONFIRM |
| opensuse -- open_build_service | In the Open Build Service (OBS) before version 2.4.6 the CSRF protection is incorrectly disabled in the web interface, allowing for requests without the user's consent. | 2018-06-08 | not yet calculated | CVE-2014-0594 CONFIRM CONFIRM |
| opensuse -- open_build_service | The mdcheck script of the mdadm package for openSUSE 13.2 prior to version 3.3.1-5.14.1 does not properly sanitize device names, which allows local attackers to execute arbitrary commands as root. | 2018-06-08 | not yet calculated | CVE-2014-5220 CONFIRM SUSE |
opensuse -- open_build_service
| The set_version script as shipped with obs-service-set_version is a source validator for the Open Build Service (OBS). In versions prior to 0.5.3-1.1 this script did not properly sanitize the input provided by the user, allowing for code execution on the executing server. | 2018-06-08 | not yet calculated | CVE-2014-0593 CONFIRM CONFIRM MLIST CONFIRM |
| opensuse -- open_build_service | A missing permission check in the review handling of openSUSE Open Build Service before 2.9.3 allowed all authenticated users to modify sources in projects where they do not have write permissions. | 2018-06-07 | not yet calculated | CVE-2018-7688 CONFIRM CONFIRM MLIST |
| opensuse -- open_build_service | Lack of permission checks in the InitializeDevelPackage function in openSUSE Open Build Service before 2.9.3 allowed authenticated users to modify packages where they do not have write permissions. | 2018-06-07 | not yet calculated | CVE-2018-7689 CONFIRM CONFIRM MLIST |
| otrs -- otrs | An issue was discovered in OTRS 6.0.x before 6.0.7. An attacker who is logged into OTRS as a customer can use the ticket overview screen to disclose internal article information of their customer tickets. | 2018-06-06 | not yet calculated | CVE-2018-10198 CONFIRM |
| overflow636 -- simple-npm-registry | simple-npm-registry is a local npm package cache. simple-npm-registry is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url. | 2018-06-06 | not yet calculated | CVE-2017-16132 MISC MISC |
| pagekit -- cms | Stored XSS in YOOtheme Pagekit 1.0.13 and earlier allows a user to upload malicious code via the picture upload feature. A user with elevated privileges could upload a photo to the system in an SVG format. This file will be uploaded to the system and it will not be stripped or filtered. The user can create a link on the website pointing to "/storage/poc.svg" that will point to http://localhost/pagekit/storage/poc.svg. When a user comes along to click that link, it will trigger a XSS attack. | 2018-06-01 | not yet calculated | CVE-2018-11564 MISC MISC EXPLOIT-DB |
| pandora-doomsday -- pandora-doomsday | The module pandora-doomsday infects other modules. It's since been unpublished from the registry. | 2018-06-06 | not yet calculated | CVE-2017-16127 MISC |
| peiserver -- peiserver | peiserver is a static file server. peiserver is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url. | 2018-06-06 | not yet calculated | CVE-2017-16214 MISC MISC |
| perl -- perl | The PGObject::Util::DBAdmin module before 0.120.0 for Perl, as used in LedgerSMB through 1.5.x, insufficiently sanitizes or escapes variable values used as part of shell command execution, resulting in shell code injection via the create(), run_file(), backup(), or restore() function. The vulnerability allows unauthorized users to execute code with the same privileges as the running application. | 2018-06-07 | not yet calculated | CVE-2018-9246 CONFIRM |
| perl -- perl | In Perl through 5.26.2, the Archive::Tar module allows remote attackers to bypass a directory-traversal protection mechanism, and overwrite arbitrary files, via an archive file containing a symlink and a regular file with the same name. | 2018-06-07 | not yet calculated | CVE-2018-12015 SECTRACK CONFIRM |
peterhel -- mockserve | mockserve is a file server. mockserve is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url. | 2018-06-06 | not yet calculated | CVE-2017-16146 MISC MISC |
| philips -- intellivue_patient_monitors_and_avalon_fetal/maternal_monitors | IntelliVue Patient Monitors MP Series (including MP2/X2/MP30/MP50/MP70/NP90/MX700/800) Rev B-M, IntelliVue Patient Monitors MX (MX400-550) Rev J-M and (X3/MX100 for Rev M only), and Avalon Fetal/Maternal Monitors FM20/FM30/FM40/FM50 with software Revisions F.0, G.0 and J.3 have a vulnerability that exposes an "echo" service, in which an attacker-sent buffer to an attacker-chosen device address within the same subnet is copied to the stack with no boundary checks, hence resulting in stack overflow. | 2018-06-05 | not yet calculated | CVE-2018-10601 MISC |
| philips -- intellivue_patient_monitors_and_avalon_fetal/maternal_monitors | IntelliVue Patient Monitors MP Series (including MP2/X2/MP30/MP50/MP70/NP90/MX700/800) Rev B-M, IntelliVue Patient Monitors MX (MX400-550) Rev J-M and (X3/MX100 for Rev M only), and Avalon Fetal/Maternal Monitors FM20/FM30/FM40/FM50 with software Revisions F.0, G.0 and J.3 have a vulnerability that allows an unauthenticated attacker to read memory from an attacker-chosen device address within the same subnet. | 2018-06-05 | not yet calculated | CVE-2018-10599 MISC |
| philips -- intellivue_patient_monitors_and_avalon_fetal/maternal_monitors | IntelliVue Patient Monitors MP Series (including MP2/X2/MP30/MP50/MP70/NP90/MX700/800) Rev B-M, IntelliVue Patient Monitors MX (MX400-550) Rev J-M and (X3/MX100 for Rev M only), and Avalon Fetal/Maternal Monitors FM20/FM30/FM40/FM50 with software Revisions F.0, G.0 and J.3 have a vulnerability that allows an unauthenticated attacker to access memory ("write-what-where") from an attacker-chosen device address within the same subnet. | 2018-06-05 | not yet calculated | CVE-2018-10597 MISC |
| phpscriptsmall.com -- schools_alert_management_script | Arbitrary File Deletion exists in PHP Scripts Mall Schools Alert Management Script via the img parameter in delete_img.php by using directory traversal. | 2018-06-08 | not yet calculated | CVE-2018-12053 MISC |
| phpscriptsmall.com -- schools_alert_management_script | SQL Injection exists in PHP Scripts Mall Schools Alert Management Script via the q Parameter in get_sec.php. | 2018-06-08 | not yet calculated | CVE-2018-12052 MISC |
| phpscriptsmall.com -- schools_alert_management_script | Arbitrary File Read exists in PHP Scripts Mall Schools Alert Management Script via the f parameter in img.php, aka absolute path traversal. | 2018-06-08 | not yet calculated | CVE-2018-12054 MISC |
| phpscriptsmall.com -- schools_alert_management_script | Arbitrary File Upload and Remote Code Execution exist in PHP Scripts Mall Schools Alert Management Script via $_FILE in /webmasterst/general.php, as demonstrated by a .php file with the image/jpeg content type. | 2018-06-08 | not yet calculated | CVE-2018-12051 MISC |
| phpscriptsmall.com -- schools_alert_management_script | Multiple SQL Injections exist in PHP Scripts Mall Schools Alert Management Script via crafted POST data in contact_us.php, faq.php, about.php, photo_gallery.php, privacy.php, and so on. | 2018-06-08 | not yet calculated | CVE-2018-12055 MISC |
| picard -- picard | picard is a micro framework. picard is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url. | 2018-06-06 | not yet calculated | CVE-2017-16194 MISC MISC |
pillarjs -- resolve-path | resolve-path node module before 1.4.0 suffers from a Path Traversal vulnerability due to lack of validation of paths with certain special characters, which allows a malicious user to read content of any file with known path. | 2018-06-06 | not yet calculated | CVE-2018-3732 MISC MISC |
| pk-app-wonderbox -- pk-app-wonderbox | pk-app-wonderbox is an integration with wonderbox pk-app-wonderbox downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution (RCE) by swapping out the requested resources with an attacker controlled copy if the attacker is on the network or positioned in between the user and the remote server. | 2018-06-04 | not yet calculated | CVE-2016-10685 MISC |
pluck-cms -- pluck | An issue was discovered in Pluck before 4.7.7-dev2. /data/inc/images.php allows remote attackers to upload and execute arbitrary PHP code by using the image/jpeg content type for a .htaccess file. | 2018-06-05 | not yet calculated | CVE-2018-11736 CONFIRM CONFIRM |
| pm2-kafka -- pm2-kafka | pm2-kafka is a PM2 module that installs and runs a kafka server pm2-kafka downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution (RCE) by swapping out the requested resources with an attacker controlled copy if the attacker is on the network or positioned in between the user and the remote server. | 2018-06-04 | not yet calculated | CVE-2016-10693 MISC |
| protobufjs -- protobufjs | protobufjs is vulnerable to ReDoS when parsing crafted invalid .proto files. | 2018-06-06 | not yet calculated | CVE-2018-3738 MISC |
| proxy.js -- proxy.js | proxy.js was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm. | 2018-06-06 | not yet calculated | CVE-2017-16076 MISC |
| punkave -- sanitize-html | Sanitize-html is a library for scrubbing html input of malicious values. Versions 1.11.1 and below are vulnerable to cross site scripting (XSS) in certain scenarios: If allowed at least one nonTextTags, the result is a potential XSS vulnerability. | 2018-06-04 | not yet calculated | CVE-2017-16016 MISC MISC MISC |
| punkave -- sanitize-html | sanitize-html is a library for scrubbing html input for malicious values Versions 1.2.2 and below have a cross site scripting vulnerability. | 2018-06-04 | not yet calculated | CVE-2017-16017 MISC MISC MISC |
| pytservce -- pytservce | pytservce is a static file server. pytservce is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url. | 2018-06-06 | not yet calculated | CVE-2017-16195 MISC MISC |
| qbs -- qbs | qbs is a build tool that helps simplify the build process for developing projects across multiple platforms. qbs downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution (RCE) by swapping out the requested resources with an attacker controlled copy if the attacker is on the network or positioned in between the user and the remote server. | 2018-06-04 | not yet calculated | CVE-2016-10656 MISC |
| qinserve -- qinserve | qinserve is a static file server. qinserve is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url. | 2018-06-06 | not yet calculated | CVE-2017-16197 MISC MISC |
| qnap -- nas | QNAP NAS application Proxy Server through version 1.2.0 does not utilize CSRF protections. | 2018-06-05 | not yet calculated | CVE-2017-7635 SECTRACK CONFIRM |
| qnap -- nas | QNAP NAS application Proxy Server through version 1.2.0 does not authenticate requests properly. Successful exploitation can lead to change of the settings of Proxy Server. | 2018-06-05 | not yet calculated | CVE-2017-7639 SECTRACK CONFIRM |
| qnap -- nas | QNAP NAS application Proxy Server through version 1.2.0 allows remote attackers to run arbitrary OS commands against the system with root privileges. | 2018-06-05 | not yet calculated | CVE-2017-7637 SECTRACK CONFIRM |
| qnap -- nas | Cross-site scripting (XSS) vulnerability in QNAP NAS application Proxy Server through version 1.2.0 allows remote attackers to inject arbitrary web script or HTML. | 2018-06-05 | not yet calculated | CVE-2017-7636 SECTRACK CONFIRM |
| qualcomm -- android | In Android before the 2018-06-05 security patch level, NVIDIA TLZ TrustZone contains a possible out of bounds write due to integer overflow which could lead to local escalation of privilege in the TrustZone with no additional execution privileges needed. User interaction is not needed for exploitation. This issue is rated as high. Version: N/A. Android: A-69480285. Reference: N-CVE-2017-6292. | 2018-06-07 | not yet calculated | CVE-2017-6292 CONFIRM |
| qualcomm -- android | In Android before the 2018-06-05 security patch level, NVIDIA TLK TrustZone contains a possible out of bounds write due to an integer overflow which could lead to local escalation of privilege with no additional execution privileges needed. User interaction not needed for exploitation. This issue is rated as high. Version: N/A. Android: A-69559414. Reference: N-CVE-2017-6290. | 2018-06-07 | not yet calculated | CVE-2017-6290 CONFIRM |
| qualcomm -- android | dcc_curr_list is initialized with a default invalid value that is expected to be programmed by the user through a sysfs node which could lead to an invalid access in all Android releases from CAF (Android for MSM, Firefox OS for MSM, QRD Android) using the Linux Kernel. | 2018-06-06 | not yet calculated | CVE-2018-5841 MISC |
| qualcomm -- android | Buffer over -read can occur while processing a FILS authentication frame in all Android releases from CAF (Android for MSM, Firefox OS for MSM, QRD Android) using the Linux Kernel. | 2018-06-06 | not yet calculated | CVE-2018-3562 MISC |
| qualcomm -- android | While sending a probe request indication in lim_send_sme_probe_req_ind() in all Android releases from CAF (Android for MSM, Firefox OS for MSM, QRD Android) using the Linux Kernel, a buffer overflow can occur. | 2018-06-06 | not yet calculated | CVE-2018-3565 MISC |
| qualcomm -- android | A crafted binder request can cause an arbitrary unmap in MediaServer in all Android releases from CAF (Android for MSM, Firefox OS for MSM, QRD Android) using the Linux Kernel. | 2018-06-06 | not yet calculated | CVE-2017-18154 MISC |
| qualcomm -- android | Buffer Copy without Checking Size of Input can occur during the DRM SDE driver initialization sequence in all Android releases from CAF (Android for MSM, Firefox OS for MSM, QRD Android) using the Linux Kernel. | 2018-06-06 | not yet calculated | CVE-2018-5840 MISC |
| qualcomm -- android | A race condition in drm_atomic_nonblocking_commit() in the display driver can potentially lead to a Use After Free scenario in all Android releases from CAF (Android for MSM, Firefox OS for MSM, QRD Android) using the Linux Kernel. | 2018-06-06 | not yet calculated | CVE-2018-5845 MISC |
| qualcomm -- android | A Use After Free condition can occur in the IPA driver whenever the IPA IOCTLs IPA_IOC_NOTIFY_WAN_UPSTREAM_ROUTE_ADD/IPA_IOC_NOTIFY_WAN_UPSTREAM_ROUTE_DEL/IPA_IOC_NOTIFY_WAN_EMBMS_CONNECTED are called in all Android releases from CAF (Android for MSM, Firefox OS for MSM, QRD Android) using the Linux Kernel. | 2018-06-06 | not yet calculated | CVE-2018-5846 MISC |
| qualcomm -- android | Stack-based buffer overflow can occur In the WLAN driver if the pmkid_count value is larger than the PMKIDCache size in all Android releases from CAF (Android for MSM, Firefox OS for MSM, QRD Android) using the Linux Kernel. | 2018-06-06 | not yet calculated | CVE-2018-3580 MISC |
| qualcomm -- android | In the function csr_update_fils_params_rso(), insufficient validation on a key length can result in an integer underflow leading to a buffer overflow in all Android releases from CAF (Android for MSM, Firefox OS for MSM, QRD Android) using the Linux Kernel. | 2018-06-06 | not yet calculated | CVE-2018-5850 MISC |
| qualcomm -- android | In Android before the 2018-06-05 security patch level, NVIDIA Tegra X1 TZ contains a possible out of bounds write due to missing bounds check which could lead to escalation of privilege from the kernel to the TZ. User interaction is not needed for exploitation. This issue is rated as high. Version: N/A. Android: A-69316825. Reference: N-CVE-2017-6294. | 2018-06-07 | not yet calculated | CVE-2017-6294 CONFIRM |
| qualcomm -- android | Type mismatch for ie_len can cause the WLAN driver to allocate less memory on the heap due to implicit casting leading to a heap buffer overflow in all Android releases from CAF (Android for MSM, Firefox OS for MSM, QRD Android) using the Linux Kernel. | 2018-06-06 | not yet calculated | CVE-2018-3578 MISC |
| quest -- dr_series_disk_backup | Quest DR Series Disk Backup software version before 4.0.3.1 allows command injection (issue 27 of 46). | 2018-06-01 | not yet calculated | CVE-2018-11169 MISC FULLDISC MISC |
| quest -- dr_series_disk_backup | Quest DR Series Disk Backup software version before 4.0.3.1 allows command injection (issue 4 of 46). | 2018-06-01 | not yet calculated | CVE-2018-11146 MISC FULLDISC MISC |
| quest -- dr_series_disk_backup | Quest DR Series Disk Backup software version before 4.0.3.1 allows command injection (issue 3 of 46). | 2018-06-01 | not yet calculated | CVE-2018-11145 MISC FULLDISC MISC |
| quest -- dr_series_disk_backup | Quest DR Series Disk Backup software version before 4.0.3.1 allows command injection (issue 44 of 46). | 2018-06-01 | not yet calculated | CVE-2018-11186 MISC FULLDISC MISC |
| quest -- dr_series_disk_backup | Quest DR Series Disk Backup software version before 4.0.3.1 allows command injection (issue 36 of 46). | 2018-06-01 | not yet calculated | CVE-2018-11178 MISC FULLDISC MISC |
| quest -- dr_series_disk_backup | Quest DR Series Disk Backup software version before 4.0.3.1 allows command injection (issue 31 of 46). | 2018-06-01 | not yet calculated | CVE-2018-11173 MISC FULLDISC MISC |
| quest -- dr_series_disk_backup | Quest DR Series Disk Backup software version before 4.0.3.1 allows command injection (issue 45 of 46). | 2018-06-01 | not yet calculated | CVE-2018-11187 MISC FULLDISC MISC |
| quest -- dr_series_disk_backup | Quest DR Series Disk Backup software version before 4.0.3.1 allows command injection (issue 15 of 46). | 2018-06-01 | not yet calculated | CVE-2018-11157 MISC FULLDISC MISC |
| quest -- dr_series_disk_backup | Quest DR Series Disk Backup software version before 4.0.3.1 allows command injection (issue 22 of 46). | 2018-06-01 | not yet calculated | CVE-2018-11164 MISC FULLDISC MISC |
| quest -- dr_series_disk_backup | Quest DR Series Disk Backup software version before 4.0.3.1 allows privilege escalation (issue 4 of 6). | 2018-06-01 | not yet calculated | CVE-2018-11192 MISC FULLDISC MISC |
| quest -- dr_series_disk_backup | Quest DR Series Disk Backup software version before 4.0.3.1 allows command injection (issue 5 of 46). | 2018-06-01 | not yet calculated | CVE-2018-11147 MISC FULLDISC MISC |
| quest -- dr_series_disk_backup | Quest DR Series Disk Backup software version before 4.0.3.1 allows command injection (issue 7 of 46). | 2018-06-01 | not yet calculated | CVE-2018-11149 MISC FULLDISC MISC |
| quest -- dr_series_disk_backup | Quest DR Series Disk Backup software version before 4.0.3.1 allows command injection (issue 41 of 46). | 2018-06-01 | not yet calculated | CVE-2018-11183 MISC FULLDISC MISC |
| quest -- dr_series_disk_backup | Quest DR Series Disk Backup software version before 4.0.3.1 allows command injection (issue 10 of 46). | 2018-06-01 | not yet calculated | CVE-2018-11152 MISC FULLDISC MISC |
| quest -- dr_series_disk_backup | Quest DR Series Disk Backup software version before 4.0.3.1 allows command injection (issue 20 of 46). | 2018-06-01 | not yet calculated | CVE-2018-11162 MISC FULLDISC MISC |
| quest -- dr_series_disk_backup | Quest DR Series Disk Backup software version before 4.0.3.1 allows privilege escalation (issue 1 of 6). | 2018-06-01 | not yet calculated | CVE-2018-11189 MISC FULLDISC MISC |
| quest -- dr_series_disk_backup | Quest DR Series Disk Backup software version before 4.0.3.1 allows command injection (issue 11 of 46). | 2018-06-01 | not yet calculated | CVE-2018-11153 MISC FULLDISC MISC |
| quest -- dr_series_disk_backup | Quest DR Series Disk Backup software version before 4.0.3.1 allows command injection (issue 24 of 46). | 2018-06-01 | not yet calculated | CVE-2018-11166 MISC FULLDISC MISC |
| quest -- dr_series_disk_backup | Quest DR Series Disk Backup software version before 4.0.3.1 allows command injection (issue 35 of 46). | 2018-06-01 | not yet calculated | CVE-2018-11177 MISC FULLDISC MISC |
| quest -- dr_series_disk_backup | Quest DR Series Disk Backup software version before 4.0.3.1 allows command injection (issue 9 of 46). | 2018-06-01 | not yet calculated | CVE-2018-11151 MISC FULLDISC MISC |
| quest -- dr_series_disk_backup | Quest DR Series Disk Backup software version before 4.0.3.1 allows command injection (issue 13 of 46). | 2018-06-01 | not yet calculated | CVE-2018-11155 MISC FULLDISC MISC |
| quest -- dr_series_disk_backup | Quest DR Series Disk Backup software version before 4.0.3.1 allows command injection (issue 28 of 46). | 2018-06-01 | not yet calculated | CVE-2018-11170 MISC FULLDISC MISC |
| quest -- dr_series_disk_backup | Quest DR Series Disk Backup software version before 4.0.3.1 allows command injection (issue 39 of 46). | 2018-06-01 | not yet calculated | CVE-2018-11181 MISC FULLDISC MISC |
| quest -- dr_series_disk_backup | Quest DR Series Disk Backup software version before 4.0.3.1 allows command injection (issue 21 of 46). | 2018-06-01 | not yet calculated | CVE-2018-11163 MISC FULLDISC MISC |
| quest -- dr_series_disk_backup | Quest DR Series Disk Backup software version before 4.0.3.1 allows command injection (issue 43 of 46). | 2018-06-01 | not yet calculated | CVE-2018-11185 MISC FULLDISC MISC |
| quest -- dr_series_disk_backup | Quest DR Series Disk Backup software version before 4.0.3.1 allows command injection (issue 30 of 46). | 2018-06-01 | not yet calculated | CVE-2018-11172 MISC FULLDISC MISC |
| quest -- dr_series_disk_backup | Quest DR Series Disk Backup software version before 4.0.3.1 allows command injection (issue 33 of 46). | 2018-06-01 | not yet calculated | CVE-2018-11175 MISC FULLDISC MISC |
| quest -- dr_series_disk_backup | Quest DR Series Disk Backup software version before 4.0.3.1 allows command injection (issue 40 of 46). | 2018-06-01 | not yet calculated | CVE-2018-11182 MISC FULLDISC MISC |
| quest -- dr_series_disk_backup | Quest DR Series Disk Backup software version before 4.0.3.1 allows command injection (issue 23 of 46). | 2018-06-01 | not yet calculated | CVE-2018-11165 MISC FULLDISC MISC |
| quest -- dr_series_disk_backup | Quest DR Series Disk Backup software version before 4.0.3.1 allows command injection (issue 29 of 46). | 2018-06-01 | not yet calculated | CVE-2018-11171 MISC FULLDISC MISC |
| quest -- dr_series_disk_backup | Quest DR Series Disk Backup software version before 4.0.3.1 allows command injection (issue 38 of 46). | 2018-06-01 | not yet calculated | CVE-2018-11180 MISC FULLDISC MISC |
| quest -- dr_series_disk_backup | Quest DR Series Disk Backup software version before 4.0.3.1 allows privilege escalation (issue 2 of 6). | 2018-06-01 | not yet calculated | CVE-2018-11190 MISC FULLDISC MISC |
| quest -- dr_series_disk_backup | Quest DR Series Disk Backup software version before 4.0.3.1 allows command injection (issue 6 of 46). | 2018-06-01 | not yet calculated | CVE-2018-11148 MISC FULLDISC MISC |
| quest -- dr_series_disk_backup | Quest DR Series Disk Backup software version before 4.0.3.1 allows command injection (issue 32 of 46). | 2018-06-01 | not yet calculated | CVE-2018-11174 MISC FULLDISC MISC |
| quest -- dr_series_disk_backup | Quest DR Series Disk Backup software version before 4.0.3.1 allows command injection (issue 17 of 46). | 2018-06-01 | not yet calculated | CVE-2018-11159 MISC FULLDISC MISC |
| quest -- dr_series_disk_backup | Quest DR Series Disk Backup software version before 4.0.3.1 allows command injection (issue 37 of 46). | 2018-06-01 | not yet calculated | CVE-2018-11179 MISC FULLDISC MISC |
| quest -- dr_series_disk_backup | Quest DR Series Disk Backup software version before 4.0.3.1 allows command injection (issue 16 of 46). | 2018-06-01 | not yet calculated | CVE-2018-11158 MISC FULLDISC MISC |
| quest -- dr_series_disk_backup | Quest DR Series Disk Backup software version before 4.0.3.1 allows command injection (issue 2 of 46). | 2018-06-01 | not yet calculated | CVE-2018-11144 MISC FULLDISC MISC |
| quest -- dr_series_disk_backup | Quest DR Series Disk Backup software version before 4.0.3.1 allows command injection (issue 14 of 46). | 2018-06-01 | not yet calculated | CVE-2018-11156 MISC FULLDISC MISC |
| quest -- dr_series_disk_backup | Quest DR Series Disk Backup software version before 4.0.3.1 allows command injection (issue 18 of 46). | 2018-06-01 | not yet calculated | CVE-2018-11160 MISC FULLDISC MISC |
| quest -- dr_series_disk_backup | Quest DR Series Disk Backup software version before 4.0.3.1 allows command injection (issue 34 of 46). | 2018-06-01 | not yet calculated | CVE-2018-11176 MISC FULLDISC MISC |
| quest -- dr_series_disk_backup | Quest DR Series Disk Backup software version before 4.0.3.1 allows privilege escalation (issue 5 of 6). | 2018-06-01 | not yet calculated | CVE-2018-11193 MISC FULLDISC MISC |
| quest -- dr_series_disk_backup | Quest DR Series Disk Backup software version before 4.0.3.1 allows command injection (issue 8 of 46). | 2018-06-01 | not yet calculated | CVE-2018-11150 MISC FULLDISC MISC |
| quest -- dr_series_disk_backup | Quest DR Series Disk Backup software version before 4.0.3.1 allows command injection (issue 1 of 46). | 2018-06-01 | not yet calculated | CVE-2018-11143 MISC FULLDISC MISC |
| quest -- dr_series_disk_backup | Quest DR Series Disk Backup software version before 4.0.3.1 allows command injection (issue 46 of 46). | 2018-06-01 | not yet calculated | CVE-2018-11188 MISC FULLDISC MISC |
| quest -- dr_series_disk_backup | Quest DR Series Disk Backup software version before 4.0.3.1 allows command injection (issue 25 of 46). | 2018-06-01 | not yet calculated | CVE-2018-11167 MISC FULLDISC MISC |
| quest -- dr_series_disk_backup | Quest DR Series Disk Backup software version before 4.0.3.1 allows privilege escalation (issue 6 of 6). | 2018-06-01 | not yet calculated | CVE-2018-11194 MISC FULLDISC MISC |
| quest -- dr_series_disk_backup | Quest DR Series Disk Backup software version before 4.0.3.1 allows command injection (issue 26 of 46). | 2018-06-01 | not yet calculated | CVE-2018-11168 MISC FULLDISC MISC |
| quest -- dr_series_disk_backup | Quest DR Series Disk Backup software version before 4.0.3.1 allows command injection (issue 12 of 46). | 2018-06-01 | not yet calculated | CVE-2018-11154 MISC FULLDISC MISC |
| quest -- dr_series_disk_backup | Quest DR Series Disk Backup software version before 4.0.3.1 allows privilege escalation (issue 3 of 6). | 2018-06-01 | not yet calculated | CVE-2018-11191 MISC FULLDISC MISC |
| quest -- dr_series_disk_backup | Quest DR Series Disk Backup software version before 4.0.3.1 allows command injection (issue 42 of 46). | 2018-06-01 | not yet calculated | CVE-2018-11184 MISC FULLDISC MISC |
| quest -- dr_series_disk_backup | Quest DR Series Disk Backup software version before 4.0.3.1 allows command injection (issue 19 of 46). | 2018-06-01 | not yet calculated | CVE-2018-11161 MISC FULLDISC MISC |
| react-melon -- react-native-baidu-voice-synthesizer | react-native-baidu-voice-synthesizer is a baidu voice speech synthesizer for react native. react-native-baidu-voice-synthesizer downloads resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution (RCE) by swapping out the requested resources with an attacker controlled copy if the attacker is on the network or positioned in between the user and the remote server. | 2018-06-04 | not yet calculated | CVE-2016-10697 MISC |
| request -- request | Request is an http client. If a request is made using ```multipart```, and the body type is a ```number```, then the specified number of non-zero memory is passed in the body. This affects Request >=2.2.6 <2.47.0 || >2.51.0 <=2.67.0. | 2018-06-04 | not yet calculated | CVE-2017-16026 MISC MISC MISC |
| restify -- node-restify | Restify is a framework for building REST APIs. Restify >=2.0.0 <=4.0.4 using URL encoded script tags in a non-existent URL, an attacker can get script to run in some browsers. | 2018-06-04 | not yet calculated | CVE-2017-16018 MISC MISC |
| rockwell_automation -- grslinx_classic_and_factorytalk_linx_gateway | An unquoted search path or element in RSLinx Classic Versions 3.90.01 and prior and FactoryTalk Linx Gateway Versions 3.90.00 and prior may allow an authorized, but non-privileged local user to execute arbitrary code and allow a threat actor to escalate user privileges on the affected workstation. | 2018-06-07 | not yet calculated | CVE-2018-10619 BID MISC |
| roxy_fileman -- roxy_fileman | Roxy Fileman through v1.4.5 has Directory traversal via the php/download.php f parameter. | 2018-06-07 | not yet calculated | CVE-2018-12042 MISC |
| rs-brightcove -- rs-brightcove | rs-brightcove is a wrapper around brightcove's web api rs-brightcove downloads source file resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution (RCE) by swapping out the requested resources with an attacker controlled copy if the attacker is on the network or positioned in between the user and the remote server. | 2018-06-04 | not yet calculated | CVE-2016-10676 MISC |
| rsa -- web_threat_detection | RSA Web Threat Detection versions prior to 6.4, contain an SQL injection vulnerability in the Administration and Forensics applications. An authenticated malicious user with low privileges could potentially exploit this vulnerability to execute SQL commands on the back-end database to gain unauthorized access to the tool's monitoring and user information by supplying specially crafted input data to the affected application. | 2018-06-05 | not yet calculated | CVE-2018-1252 FULLDISC BID SECTRACK |
rtcmulticonnection-client -- rtcmulticonnection-client
| rtcmulticonnection-client is a signaling implementation for RTCMultiConnection.js, a multi-session manager. rtcmulticonnection-client is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url. | 2018-06-06 | not yet calculated | CVE-2017-16125 MISC MISC |
| saas -- libsaas | An issue was discovered in LibSaas through 3.5.4. An out-of-bounds read of a memory region was found in the function Sass::handle_error which could be leveraged by an attacker to disclose information or manipulated to read from unmapped memory causing a denial of service. | 2018-06-04 | not yet calculated | CVE-2018-11698 MISC |
| saas -- libsaas | An issue was discovered in LibSaas through 3.5.4. An out-of-bounds read of a memory region was found in the function Sass::Prelexer::exactly() which could be leveraged by an attacker to disclose information or manipulated to read from unmapped memory causing a denial of service. | 2018-06-04 | not yet calculated | CVE-2018-11697 MISC |
samatt -- herbivore | herbivore is a packet sniffing and crafting library. Built on libtins herbivore 0.0.3 and below download binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution (RCE) by swapping out the requested resources with an attacker controlled copy if the attacker is on the network or positioned in between the user and the remote server. | 2018-06-04 | not yet calculated | CVE-2016-10665 MISC MISC |
sandy98 -- node-simple-router
| node-simple-router is a minimalistic router for Node. node-simple-router is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the URL. | 2018-06-06 | not yet calculated | CVE-2017-16083 MISC MISC |
| scott-blanch-weather-app -- scott-blanch-weather-app | scott-blanch-weather-app is a sample Node.js app using Express 4. scott-blanch-weather-app is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url. | 2018-06-06 | not yet calculated | CVE-2017-16184 MISC MISC |
| sdaltonb -- utahcityfinder | utahcityfinder constructs lists of Utah cities with a certain prefix. utahcityfinder is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url. | 2018-06-06 | not yet calculated | CVE-2017-16173 MISC MISC |
| searchblox -- searchblox | XML external entity (XXE) vulnerability in api/rest/status in SearchBlox 8.6.7 allows remote unauthenticated users to read arbitrary files or conduct server-side request forgery (SSRF) attacks via a crafted DTD in an XML request. | 2018-06-05 | not yet calculated | CVE-2018-11586 MISC EXPLOIT-DB |
| section2.madisonjbrooks12 -- section2.madisonjbrooks12 | section2.madisonjbrooks12 is a simple web server. section2.madisonjbrooks12 is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url. | 2018-06-06 | not yet calculated | CVE-2017-16172 MISC MISC |
| selenium-portal -- portal | selenium-portal is a Selenium Testing Framework selenium-portal downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution (RCE) by swapping out the requested resources with an attacker controlled copy if the attacker is on the network or positioned in between the user and the remote server. | 2018-06-04 | not yet calculated | CVE-2016-10667 MISC |
| senchalabs -- connect | connect node module before 2.14.0 suffers from a Cross-Site Scripting (XSS) vulnerability due to a lack of validation of file in directory.js middleware. | 2018-06-06 | not yet calculated | CVE-2018-3717 MISC MISC MISC |
| serve46 -- serve46 | serve46 is a static file server. serve46 is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url. | 2018-06-06 | not yet calculated | CVE-2017-16148 MISC MISC |
| serverabc -- serverabc | serverabc is a static file server. serverabc is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url. | 2018-06-06 | not yet calculated | CVE-2017-16180 MISC MISC |
| serverhuwenhui -- serverhuwenhui | serverhuwenhui is a simple http server. serverhuwenhui is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the URL. | 2018-06-06 | not yet calculated | CVE-2017-16102 MISC MISC |
serverliujiayi1 -- serverliujiayi1 | serverliujiayi1 is a simple http server. serverliujiayi1 is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the URL. | 2018-06-06 | not yet calculated | CVE-2017-16095 MISC MISC |
| serverlyr -- serverlyr | serverlyr is a simple http server. serverlyr is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the URL. | 2018-06-06 | not yet calculated | CVE-2017-16089 MISC MISC |
| serverwg -- serverwg | serverwg is a simple http server. serverwg is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the URL. | 2018-06-06 | not yet calculated | CVE-2017-16101 MISC MISC |
| serverwzl -- serverwzl | serverwzl is a simple http server. serverwzl is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the URL. | 2018-06-06 | not yet calculated | CVE-2017-16105 MISC MISC |
| serverxxx -- serverxxx | serverxxx is a static file server. serverxxx is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url. | 2018-06-06 | not yet calculated | CVE-2017-16182 MISC MISC |
| serveryaozeyan -- serveryaozeyan | serveryaozeyan is a simple HTTP server. serveryaozeyan is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the URL. | 2018-06-06 | not yet calculated | CVE-2017-16096 MISC MISC |
| serveryztyzt -- serveryztyzt | serveryztyzt is a simple http server. serveryztyzt is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the URL. | 2018-06-06 | not yet calculated | CVE-2017-16103 MISC MISC |
| serverzyy -- serverzyy | serverzyy is a static file server. serverzyy is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url. | 2018-06-06 | not yet calculated | CVE-2017-16135 MISC MISC |
| sgqserve -- sgqserve | sgqserve is a simple file server. sgqserve is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url. | 2018-06-06 | not yet calculated | CVE-2017-16215 MISC MISC |
| shadowsock -- shadowsock | shadowsock was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm. | 2018-06-06 | not yet calculated | CVE-2017-16078 MISC |
| shenliru -- shenliru | shenliru is a simple file server. shenliru is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url. | 2018-06-06 | not yet calculated | CVE-2017-16161 MISC MISC |
| shit-server -- shit-server | shit-server is a file server. shit-server is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url. | 2018-06-06 | not yet calculated | CVE-2017-16147 MISC MISC |
| shy2850 -- f2e-server | `f2e-server` 1.12.11 and earlier is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url. This is compounded by `f2e-server` requiring elevated privileges to run. | 2018-06-04 | not yet calculated | CVE-2017-16038 MISC MISC MISC |
| simplehttpserver -- simplehttpserver | simplehttpserver node module suffers from a Cross-Site Scripting vulnerability to a lack of validation of file names. | 2018-06-06 | not yet calculated | CVE-2018-3716 MISC |
| sindresorhus -- decamelize | Decamelize is used to convert a dash/dot/underscore/space separated string to camelCase. Decamelize 1.1.0 through 1.1.1 uses regular expressions to evaluate a string and takes unescaped separator values, which can be used to create a denial of service attack. | 2018-06-04 | not yet calculated | CVE-2017-16023 MISC MISC |
skoranga -- node-dns-sync
| dns-sync is a sync/blocking dns resolver. If untrusted user input is allowed into the resolve() method then command injection is possible. | 2018-06-06 | not yet calculated | CVE-2017-16100 MISC MISC |
| sleuthkit -- sleuthkit | An issue was discovered in libtskbase.a in The Sleuth Kit (TSK) from release 4.0.2 through to 4.6.1. An out-of-bounds read of a memory region was found in the function tsk_UTF16toUTF8 in tsk/base/tsk_unicode.c which could be leveraged by an attacker to disclose information or manipulated to read from unmapped memory causing a denial of service attack. | 2018-06-05 | not yet calculated | CVE-2018-11740 MISC |
| sleuthkit -- sleuthkit | An issue was discovered in libtskfs.a in The Sleuth Kit (TSK) from release 4.0.2 through to 4.6.1. An out-of-bounds read of a memory region was found in the function ntfs_fix_idxrec in tsk/fs/ntfs_dent.cpp which could be leveraged by an attacker to disclose information or manipulated to read from unmapped memory causing a denial of service. | 2018-06-05 | not yet calculated | CVE-2018-11737 MISC |
| sleuthkit -- sleuthkit | An issue was discovered in libtskfs.a in The Sleuth Kit (TSK) from release 4.0.2 through to 4.6.1. An out-of-bounds read of a memory region was found in the function ntfs_make_data_run in tsk/fs/ntfs.c which could be leveraged by an attacker to disclose information or manipulated to read from unmapped memory causing a denial of service attack. | 2018-06-05 | not yet calculated | CVE-2018-11738 MISC |
| sleuthkit -- sleuthkit | An issue was discovered in libtskimg.a in The Sleuth Kit (TSK) from release 4.0.2 through to 4.6.1. An out-of-bounds read of a memory region was found in the function raw_read in tsk/img/raw.c which could be leveraged by an attacker to disclose information or manipulated to read from unmapped memory causing a denial of service attack. | 2018-06-05 | not yet calculated | CVE-2018-11739 MISC |
sly07 -- lab5
| sly07 is an API for censoring text. sly07 is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url. | 2018-06-06 | not yet calculated | CVE-2017-16189 MISC MISC |
| smb -- smb | smb was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm. | 2018-06-06 | not yet calculated | CVE-2017-16079 MISC |
| soar_labs -- soar_coin | Soar Labs Soar Coin version up to and including git commit 4a2aa71ee21014e2880a3f7aad11091ed6ad434f (latest release as of Sept 2017) contains an intentional backdoor vulnerability in the function zero_fee_transaction() that can result in theft of Soar Coins by the "onlycentralAccount" (Soar Labs) after payment is processed. | 2018-06-06 | not yet calculated | CVE-2018-1000203 MISC MISC |
| soci -- soci | soci downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution (RCE) by swapping out the requested resources with an attacker controlled copy if the attacker is on the network or positioned in between the user and the remote server. | 2018-06-04 | not yet calculated | CVE-2016-10669 MISC |
| socketio -- socket.io | Socket.io is a realtime application framework that provides communication via websockets. Because socket.io 0.9.6 and earlier depends on `Math.random()` to create socket IDs, the IDs are predictable. An attacker is able to guess the socket ID and gain access to socket.io servers, potentially obtaining sensitive information. | 2018-06-04 | not yet calculated | CVE-2017-16031 MISC MISC MISC MISC |
| splunk -- splunk | Splunk through 7.0.1 allows information disclosure by appending __raw/services/server/info/server-info?output_mode=json to a query, as demonstrated by discovering a license key. | 2018-06-08 | not yet calculated | CVE-2018-11409 MISC EXPLOIT-DB |
| sqlite.js -- sqlite.js | `sqlite.js` was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm. | 2018-06-04 | not yet calculated | CVE-2017-16050 MISC |
| sqliter -- sqliter | `sqliter` was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm. | 2018-06-04 | not yet calculated | CVE-2017-16051 MISC |
| sqlserver -- sqlserver | `sqlserver` was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm. | 2018-06-04 | not yet calculated | CVE-2017-16055 MISC |
| sspa -- sspa | sspa is a server dedicated to single-page apps. sspa is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url. | 2018-06-06 | not yet calculated | CVE-2017-16145 MISC MISC |
| stanleygu -- cmake | cmake installs the cmake x86 linux binaries. cmake downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution (RCE) by swapping out the requested binary with an attacker controlled binary if the attacker is on the network or positioned in between the user and the remote server. | 2018-06-04 | not yet calculated | CVE-2016-10642 MISC |
| stanleygu -- libsbmlsim | libsbmlsim is a module that installs linux binaries for libsbmlsim libsbmlsim downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution (RCE) by swapping out the requested resources with an attacker controlled copy if the attacker is on the network or positioned in between the user and the remote server. | 2018-06-04 | not yet calculated | CVE-2016-10675 MISC |
| stanleygu -- libsbml | libsbml is a module that installs Linux binaries for libSBML libsbml downloads resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution (RCE) by swapping out the requested resources with an attacker controlled copy if the attacker is on the network or positioned in between the user and the remote server. | 2018-06-04 | not yet calculated | CVE-2016-10668 MISC |
substack -- static-eval
| The static-eval module is intended to evaluate statically-analyzable expressions. In affected versions, untrusted user input is able to access the global function constructor, effectively allowing arbitrary code execution. | 2018-06-06 | not yet calculated | CVE-2017-16226 MISC MISC MISC |
| suse -- suse | A vulnerability in pam_modules of SUSE SUSE Linux Enterprise allows attackers to log into accounts that should have been disabled. Affected releases are SUSE SUSE Linux Enterprise: versions prior to 12. | 2018-06-08 | not yet calculated | CVE-2011-3172 CONFIRM CONFIRM |
| suse -- suse | The kdump implementation is missing the host key verification in the kdump and mkdumprd OpenSSH integration of kdump prior to version 2012-01-20. This is similar to CVE-2011-3588, but different in that the kdump implementation is specific to SUSE. A remote malicious kdump server could use this flaw to impersonate the correct kdump server to obtain security sensitive information (kdump core files). | 2018-06-08 | not yet calculated | CVE-2011-4190 CONFIRM CONFIRM |
| suse -- suse | A vulnerability in the listing of available software of SUSE SUSE Studio Onsite, SUSE Studio Onsite 1.1 Appliance allows authenticated users to execute arbitrary SQL statements via SQL injection. Affected releases are SUSE SUSE Studio Onsite: versions prior to 1.0.3-0.18.1, SUSE Studio Onsite 1.1 Appliance: versions prior to 1.1.2-0.25.1. | 2018-06-07 | not yet calculated | CVE-2011-0467 CONFIRM CONFIRM |
| suse -- suse | The install-chef-suse.sh script shipped with crowbar before 2012-10-02 is creating files containing confidential data with insecure permissions, allowing local users to read confidential data. | 2018-06-08 | not yet calculated | CVE-2012-0433 CONFIRM CONFIRM |
| susu-sum -- susu-sum | susu-sum is a static file server. susu-sum is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url. | 2018-06-06 | not yet calculated | CVE-2017-16199 MISC MISC |
| symphonycms -- symphony-2 | content/content.blueprintspages.php in Symphony 2.7.6 has XSS via the pages content page. | 2018-06-07 | not yet calculated | CVE-2018-12043 MISC |
| synology -- diskstation_manager | Unverified password change vulnerability in Change Password in Synology DiskStation Manager (DSM) before 6.2-23739 allows remote authenticated users to reset password without verification. | 2018-06-08 | not yet calculated | CVE-2018-8916 CONFIRM |
| synology -- diskstation_manager | Command injection vulnerability in EZ-Internet in Synology DiskStation Manager (DSM) before 6.2-23739 allows remote authenticated users to execute arbitrary command via the username parameter. | 2018-06-08 | not yet calculated | CVE-2017-12075 CONFIRM |
| synology -- drive | Cross-site scripting (XSS) vulnerability in File Sharing Notify Toast in Synology Drive before 1.0.2-10275 allows remote authenticated users to inject arbitrary web script or HTML via the malicious file name. | 2018-06-01 | not yet calculated | CVE-2018-8921 CONFIRM |
| synology -- file_station | Cross-site scripting (XSS) vulnerability in Attachment Preview in Synology File Station before 1.1.4-0122 allows remote authenticated users to inject arbitrary web script or HTML via malicious attachments. | 2018-06-05 | not yet calculated | CVE-2018-8923 CONFIRM |
| synology -- office | Cross-site scripting (XSS) vulnerability in Title Tootip in Synology Office before 3.0.3-2143 allows remote authenticated users to inject arbitrary web script or HTML via the malicious file name. | 2018-06-05 | not yet calculated | CVE-2018-8924 CONFIRM |
| synology -- photo_station | Cross-site request forgery (CSRF) vulnerability in admin/user.php in Synology Photo Station before 6.8.5-3471 and before 6.3-2975 allows remote attackers to hijack the authentication of administrators via the (1) username, (2) password, (3) admin, (4) action, (5) uid, or (6) modify_admin parameter. | 2018-06-08 | not yet calculated | CVE-2018-8925 CONFIRM |
| synology -- photo_station | Permissive regular expression vulnerability in synophoto_dsm_user in Synology Photo Station before 6.8.5-3471 and before 6.3-2975 allows remote authenticated users to conduct privilege escalation attacks via the fullname parameter. | 2018-06-08 | not yet calculated | CVE-2018-8926 CONFIRM |
| synology -- router_manager | Command injection vulnerability in EZ-Internet in Synology Router Manager (SRM) before 1.1.6-6931 allows remote authenticated users to execute arbitrary command via the username parameter. | 2018-06-08 | not yet calculated | CVE-2017-12078 CONFIRM |
| tencent-server -- tencent-server | tencent-server is a simple web server. tencent-server is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url. | 2018-06-06 | not yet calculated | CVE-2017-16216 MISC MISC |
timqi -- general-file-server | general-file-server node module suffers from a Path Traversal vulnerability due to lack of validation of currpath, which allows a malicious user to read content of any file with known path. | 2018-06-06 | not yet calculated | CVE-2018-3724 MISC |
tintinweb -- cgminer_and_bfgminer | The remote management interface of cgminer 4.10.0 and bfgminer 5.5.0 allows an authenticated remote attacker to write the miner configuration file to arbitrary locations on the server due to missing basedir restrictions (absolute directory traversal). | 2018-06-05 | not yet calculated | CVE-2018-10057 MLIST MISC |
| tintinweb -- cgminer_and_bfgminer | The remote management interface of cgminer 4.10.0 and bfgminer 5.5.0 allows an authenticated remote attacker to execute arbitrary code due to a stack-based buffer overflow in the addpool, failover-only, poolquota, and save command handlers. | 2018-06-05 | not yet calculated | CVE-2018-10058 MLIST MISC |
| tiny-http -- tiny-http | tiny-http is a simple http server. tiny-http is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url. | 2018-06-06 | not yet calculated | CVE-2017-16097 MISC MISC |
| tinyexr -- tinyexr | tinyexr 0.9.5 has a heap-based buffer over-read via tinyexr::ReadChannelInfo in tinyexr.h. | 2018-06-08 | not yet calculated | CVE-2018-12064 MISC |
| tinyserver2 -- tinyserver2 | tinyserver2 is a webserver for static files. tinyserver2 is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the URL. | 2018-06-06 | not yet calculated | CVE-2017-16085 MISC MISC |
| titarenko -- mystem-wrapper | mystem-wrapper is a Yandex mystem app wrapper module. mystem-wrapper downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution (RCE) by swapping out the requested resources with an attacker controlled copy if the attacker is on the network or positioned in between the user and the remote server. | 2018-06-04 | not yet calculated | CVE-2016-10671 MISC |
| tj -- node-growl | Growl adds growl notification support to nodejs. Growl before 1.10.2 does not properly sanitize input before passing it to exec, allowing for arbitrary command execution. | 2018-06-04 | not yet calculated | CVE-2017-16042 MISC MISC MISC |
| tjchaplin -- mcstatic | mcstatic node module suffers from a Path Traversal vulnerability due to lack of validation of filePath, which allows a malicious user to read content of any file with known path. | 2018-06-06 | not yet calculated | CVE-2018-3730 MISC |
| tmock -- tmock | tmock is a static file server. tmock is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url. | 2018-06-06 | not yet calculated | CVE-2017-16106 MISC MISC |
| tnantoka -- public | public node module suffers from a Path Traversal vulnerability due to lack of validation of filePath, which allows a malicious user to read content of any file with known path. | 2018-06-06 | not yet calculated | CVE-2018-3731 MISC |
tobie -- ua-parser
| ua-parser is a port of Browserscope's user agent parser. ua-parser is vulnerable to a ReDoS (Regular Expression Denial of Service) attack when given a specially crafted UserAgent header. | 2018-06-06 | not yet calculated | CVE-2017-16086 MISC |
| tobli -- alto-saxophone | alto-saxophone is a module to install and launch Chromedriver for Mac, Linux or Windows. alto-saxophone versions below 2.25.1 download binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution (RCE) by swapping out the requested binary with an attacker controlled binary if the attacker is on the network or positioned in between the user and the remote server. | 2018-06-04 | not yet calculated | CVE-2016-10694 MISC |
| tomita -- tomita | tomita is a node wrapper for Yandex Tomita Parser tomita downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution (RCE) by swapping out the requested resources with an attacker controlled copy if the attacker is on the network or positioned in between the user and the remote server. | 2018-06-04 | not yet calculated | CVE-2016-10662 MISC |
torthu -- quickserver | quickserver is a simple static file server. quickserver is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url. | 2018-06-06 | not yet calculated | CVE-2017-16196 MISC MISC |
| tp-link -- multiple_devices | An issue was discovered on TP-Link TL-WR840N v5 00000005 0.9.1 3.16 v0001.0 Build 170608 Rel.58696n and TL-WR841N v13 00000013 0.9.1 4.16 v0001.0 Build 170622 Rel.64334n devices. This issue is caused by improper session handling on the /cgi/ folder or a /cgi file. If an attacker sends a header of "Referer: http://192.168.0.1/mainFrame.htm" then no authentication is required for any action. | 2018-06-04 | not yet calculated | CVE-2018-11714 MISC EXPLOIT-DB |
| trend_micro -- officescan | A pool corruption privilege escalation vulnerability in Trend Micro OfficeScan 11.0 SP1 and XG could allow a local attacker to escalate privileges on vulnerable installations due to a flaw within the processing of IOCTL 0x220078 in the TMWFP driver. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. | 2018-06-08 | not yet calculated | CVE-2018-10359 CONFIRM MISC |
| trend_micro -- officescan | A pool corruption privilege escalation vulnerability in Trend Micro OfficeScan 11.0 SP1 and XG could allow a local attacker to escalate privileges on vulnerable installations due to a flaw within the processing of IOCTL 0x2200B4 in the TMWFP driver. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. | 2018-06-08 | not yet calculated | CVE-2018-10358 CONFIRM MISC |
| trend_micro -- officescan | A pool corruption privilege escalation vulnerability in Trend Micro OfficeScan 11.0 SP1 and XG could allow a local attacker to escalate privileges on vulnerable installations due to a flaw within the processing of IOCTL 0x220008 in the TMWFP driver. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. | 2018-06-08 | not yet calculated | CVE-2018-10505 CONFIRM MISC |
| trend_micro -- officescan | A out-of-bounds read information disclosure vulnerability in Trend Micro OfficeScan 11.0 SP1 and XG could allow a local attacker to disclose sensitive information on vulnerable installations due to a flaw within the processing of IOCTL 0x220004 by the TMWFP driver. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. | 2018-06-08 | not yet calculated | CVE-2018-10506 CONFIRM MISC |
| twonky -- server | Twonky Server before 8.5.1 has XSS via a modified "language" parameter in the Language section. | 2018-06-07 | not yet calculated | CVE-2018-9182 MISC |
| twonky -- server | Twonky Server before 8.5.1 has XSS via a folder name on the Shared Folders screen. | 2018-06-07 | not yet calculated | CVE-2018-9177 MISC |
| uekw1511server -- uekw1511server | uekw1511server is a static file server. uekw1511server is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url. | 2018-06-06 | not yet calculated | CVE-2017-16185 MISC MISC |
| uv-tj-demo -- uv-tj-demo | uv-tj-demo is a static file server. uv-tj-demo is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url. | 2018-06-06 | not yet calculated | CVE-2017-16200 MISC MISC |
vannio -- unicorn-framework | unicorn-list is a web framework. unicorn-list is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url. | 2018-06-06 | not yet calculated | CVE-2017-16131 MISC MISC |
| visionmedia -- debug | The debug module is vulnerable to regular expression denial of service when untrusted user input is passed into the o formatter. It takes around 50k characters to block for 2 seconds making this a low severity issue. | 2018-06-06 | not yet calculated | CVE-2017-16137 MISC MISC MISC |
visionmedia -- superagent
| The HTTP client module superagent is vulnerable to ZIP bomb attacks. In a ZIP bomb attack, the HTTP server replies with a compressed response that becomes several magnitudes larger once uncompressed. If a client does not take special care when processing such responses, it may result in excessive CPU and/or memory consumption. An attacker might exploit such a weakness for a DoS attack. To exploit this the attacker must control the location (URL) that superagent makes a request to. | 2018-06-06 | not yet calculated | CVE-2017-16129 MISC MISC |
| vsonix-bub -- node-google-closure-tools-latest | google-closure-tools-latest is a Node.js module wrapper for downloading the latest version of the Google Closure tools google-closure-tools-latest downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution (RCE) by swapping out the requested resources with an attacker controlled copy if the attacker is on the network or positioned in between the user and the remote server. | 2018-06-04 | not yet calculated | CVE-2016-10677 MISC |
| wangcaifeng -- node-server-forfront | node-server-forfront is a simple static file server. node-server-forfront is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url. | 2018-06-06 | not yet calculated | CVE-2017-16124 MISC MISC |
| wanggoujing123 -- wanggoujing123 | wanggoujing123 is a simple webserver. wanggoujing123 is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url. | 2018-06-06 | not yet calculated | CVE-2017-16150 MISC MISC |
| weather.swlyons -- weather.swlyons | weather.swlyons is a simple web server for weather updates. weather.swlyons is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url. | 2018-06-06 | not yet calculated | CVE-2017-16110 MISC MISC |
| webdriver-launcher -- webdriver-launcher | webdriver-launcher is a Node.js Selenium Webdriver Launcher. webdriver-launcher downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution (RCE) by swapping out the requested binary with an attacker controlled binary if the attacker is on the network or positioned in between the user and the remote server. | 2018-06-04 | not yet calculated | CVE-2016-10651 MISC |
| webkit -- webkit | WebCore/platform/network/soup/SocketStreamHandleImplSoup.cpp in the libsoup network backend of WebKit, as used in WebKitGTK+ prior to version 2.20.0 or without libsoup 2.62.0, unexpectedly failed to use system proxy settings for WebSocket connections. As a result, users could be deanonymized by crafted web sites via a WebSocket connection. | 2018-06-04 | not yet calculated | CVE-2018-11713 MISC MISC |
| webkit -- webkit | webkitFaviconDatabaseSetIconForPageURL and webkitFaviconDatabaseSetIconURLForPageURL in UIProcess/API/glib/WebKitFaviconDatabase.cpp in WebKit, as used in WebKitGTK+ through 2.21.3, mishandle an unset pageURL, leading to an application crash. | 2018-06-01 | not yet calculated | CVE-2018-11646 MISC MISC EXPLOIT-DB |
| webkit -- webkit | WebCore/platform/network/soup/SocketStreamHandleImplSoup.cpp in the libsoup network backend of WebKit, as used in WebKitGTK+ versions 2.20.0 and 2.20.1, failed to perform TLS certificate verification for WebSocket connections. | 2018-06-04 | not yet calculated | CVE-2018-11712 MISC MISC |
| welcomyzt -- welcomyzt | welcomyzt is a simple file server. welcomyzt is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url. | 2018-06-06 | not yet calculated | CVE-2017-16123 MISC MISC |
| wffserve -- wffserve | wffserve is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url. | 2018-06-06 | not yet calculated | CVE-2017-16168 MISC MISC |
| wind-mvc -- wind-mvc | wind-mvc is an mvc framework. wind-mvc is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url. | 2018-06-06 | not yet calculated | CVE-2017-16220 MISC MISC |
| windows-iedriver -- windows-iedriver | The windows-iedriver module downloads fixed version of iedriverserver.exe windows-iedriver downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution (RCE) by swapping out the requested resources with an attacker controlled copy if the attacker is on the network or positioned in between the user and the remote server. | 2018-06-04 | not yet calculated | CVE-2016-10689 MISC |
| windows-latestchromedriver -- windows-latestchromedriver | windows-latestchromedriver downloads the latest version of chromedriver.exe. windows-latestchromedriver downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution (RCE) by swapping out the requested resources with an attacker controlled copy if the attacker is on the network or positioned in between the user and the remote server. | 2018-06-04 | not yet calculated | CVE-2016-10696 MISC |
| windows-selenium-chromedriver -- windows-selenium-chromedriver | windows-selenium-chromedriver is a module that downloads the Selenium Jar file. windows-selenium-chromedriver downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution (RCE) by swapping out the requested resources with an attacker controlled copy if the attacker is on the network or positioned in between the user and the remote server. | 2018-06-04 | not yet calculated | CVE-2016-10687 MISC |
| windows-seleniumjar -- windows-seleniumjar | windows-seleniumjar is a module that downloads the Selenium Jar file windows-seleniumjar downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution (RCE) by swapping out the requested resources with an attacker controlled copy if the attacker is on the network or positioned in between the user and the remote server. | 2018-06-04 | not yet calculated | CVE-2016-10691 MISC |
| windows-seleniumjar-mirror -- windows-seleniumjar-mirror | windows-seleniumjar-mirror downloads the Selenium Jar file windows-seleniumjar-mirror downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution (RCE) by swapping out the requested resources with an attacker controlled copy if the attacker is on the network or positioned in between the user and the remote server. | 2018-06-04 | not yet calculated | CVE-2016-10670 MISC |
| wintiwebdev -- wintiwebdev | wintiwebdev is a static file server. wintiwebdev is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url. | 2018-06-06 | not yet calculated | CVE-2017-16181 MISC MISC |
| wordpress -- wordpress | wpforo_get_request_uri in wpf-includes/functions.php in the wpForo Forum plugin before 1.4.12 for WordPress allows Unauthenticated Reflected Cross-Site Scripting (XSS) via the URI. | 2018-06-04 | not yet calculated | CVE-2018-11709 MISC MISC MISC |
wuzhi_cms -- wuzhi_cms
| WUZHI CMS 4.1.0 has a SQL Injection in api/uc.php via the 'code' parameter, because 'UC_KEY' is hard coded. | 2018-06-05 | not yet calculated | CVE-2018-11722 MISC |
| xd-testing -- xd-testing | xd-testing is a testing library for cross-device (XD) web applications. xd-testing downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution (RCE) by swapping out the requested binary with an attacker controlled binary if the attacker is on the network or positioned in between the user and the remote server. | 2018-06-04 | not yet calculated | CVE-2016-10653 MISC |
| ximdex -- ximdex | xfind/search in Ximdex 4.0 has XSS via the filter[n][value] parameters for non-negative values of n, as demonstrated by n equal to 0 through 12. | 2018-06-07 | not yet calculated | CVE-2018-12047 MISC |
| ximdex -- ximdex | index.php?action=createaccount in Ximdex 4.0 has XSS via the sname or fname parameter. | 2018-06-05 | not yet calculated | CVE-2018-11735 MISC |
| xtalk -- xtalk | xtalk helps your browser talk to nodex, a simple web framework. xtalk is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the URL. | 2018-06-06 | not yet calculated | CVE-2017-16091 MISC |
xuemen -- infra | infraserver is a RESTful server. infraserver is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url. | 2018-06-06 | not yet calculated | CVE-2017-16142 MISC MISC |
yoehoehne -- cs360_getcity
| getcityapi.yoehoehne is a web server. getcityapi.yoehoehne is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url. | 2018-06-06 | not yet calculated | CVE-2017-16192 MISC MISC |
| yttivy -- yttivy | yttivy is a static file server. yttivy is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url. | 2018-06-06 | not yet calculated | CVE-2017-16219 MISC MISC |
| yyooopack -- yyooopack | yyooopack is a simple file server. yyooopack is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url. | 2018-06-06 | not yet calculated | CVE-2017-16167 MISC MISC |
| yzmcms -- yzmcms | The forgotten-password feature in index.php/member/reset/reset_email.html in YzmCMS v3.2 through v3.7 has a Response Discrepancy Information Exposure issue and an unexpectedly long lifetime for a verification code, which makes it easier for remote attackers to hijack accounts via a brute-force approach. | 2018-06-05 | not yet calculated | CVE-2018-11554 MISC |
| yzt -- yzt | yzt is a simple file server. yzt is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url. | 2018-06-06 | not yet calculated | CVE-2017-16221 MISC MISC |
| zeit -- serve | serve node module before 6.4.9 suffers from a Path Traversal vulnerability due to not handling %2e (.) and %2f (/) and allowing them in paths, which allows a malicious user to view the contents of any directory with known path. | 2018-06-06 | not yet calculated | CVE-2018-3712 MISC MISC |
| zeit -- serve | serve node module suffers from Improper Handling of URL Encoding by permitting access to ignored files if a filename is URL encoded. | 2018-06-06 | not yet calculated | CVE-2018-3718 MISC |
| zjjserver -- zjjserver | zjjserver is a static file server. zjjserver is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url. | 2018-06-06 | not yet calculated | CVE-2017-16201 MISC MISC |
| zoho -- manageengine_applications_manager | Incorrect Access Control in CustomFieldsFeedServlet in Zoho ManageEngine Applications Manager Version 13 before build 13740 allows an attacker to delete any file and read certain files on the server in the context of the user (which by default is "NT AUTHORITY / SYSTEM") by sending a specially crafted request to the server. | 2018-06-05 | not yet calculated | CVE-2018-11808 MISC |
| zwserver -- zwserver | zwserver is a weather web server. zwserver is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url. | 2018-06-06 | not yet calculated | CVE-2017-16149 MISC MISC |
Please share your thoughts
We recently updated our anonymous product survey; we’d welcome your feedback.