SB18-225: Vulnerability Summary for the Week of August 6, 2018

Original release date: August 13, 2018

The US-CERT Cyber Security Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD) in the past week. The NVD is sponsored by the Department of Homeland Security (DHS) National Cybersecurity and Communications Integration Center (NCCIC) / United States Computer Emergency Readiness Team (US-CERT). For modified or updated entries, please visit the NVD, which contains historical vulnerability information.

The vulnerabilities are based on the CVE vulnerability naming standard and are organized according to severity, determined by the Common Vulnerability Scoring System (CVSS) standard. The division of high, medium, and low severities correspond to the following scores:

  • High – Vulnerabilities will be labeled High severity if they have a CVSS base score of 7.0 – 10.0

  • Medium – Vulnerabilities will be labeled Medium severity if they have a CVSS base score of 4.0 – 6.9

  • Low – Vulnerabilities will be labeled Low severity if they have a CVSS base score of 0.0 – 3.9

Entries may include additional information provided by organizations and efforts sponsored by US-CERT. This information may include identifying information, values, definitions, and related links. Patch information is provided when available. Please note that some of the information in the bulletins is compiled from external, open source reports and is not a direct result of US-CERT analysis.

The NCCIC Weekly Vulnerability Summary Bulletin is created using information from the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD). In some cases, the vulnerabilities in the Bulletin may not yet have assigned CVSS scores. Please visit NVD for updated vulnerability entries, which include CVSS scores once they are available.

 

High Vulnerabilities

Primary
Vendor — Product
Description Published CVSS Score Source & Patch Info
There were no high vulnerabilities recorded this week.

Back to top

 

Medium Vulnerabilities

Primary
Vendor — Product
Description Published CVSS Score Source & Patch Info
There were no medium vulnerabilities recorded this week.

Back to top

 

Low Vulnerabilities

Primary
Vendor — Product
Description Published CVSS Score Source & Patch Info
There were no low vulnerabilities recorded this week.

Back to top

 

Severity Not Yet Assigned

Primary
Vendor — Product
Description Published CVSS Score Source & Patch Info
aedes — aedes
 
Improper authorization in aedes version <0.35.0 will publish a LWT in a channel when a client is not authorized. 2018-08-08 not yet calculated CVE-2018-3778
MISC
MISC
MISC
apache — airflow It was noticed an XSS in certain 404 pages that could be exploited to perform an XSS attack. Chrome will detect this as a reflected XSS attempt and prevent the page from loading. Firefox and other browsers don’t, and are vulnerable to this attack. Mitigation: The fix for this is to upgrade to Apache Airflow 1.9.0 or above. 2018-08-06 not yet calculated CVE-2017-12614
MLIST
arubanetworks — airwave Aruba Airwave all versions up to, but not including, 8.2.3.1 is vulnerable to an XML external entities (XXE). XXEs are a way to permit XML parsers to access storage that exist on external systems. If an unprivileged user is permitted to control the contents of XML files, XXE can be used as an attack vector. Because the XML parser has access to the local filesystem and runs with the permissions of the web server, it can access any file that is readable by the web server and copy it to an external system of the attacker’s choosing. This could include files that contain passwords, which could then lead to privilege escalation. 2018-08-06 not yet calculated CVE-2016-8526
CONFIRM
BID
EXPLOIT-DB
arubanetworks — airwave Aruba Airwave all versions up to, but not including, 8.2.3.1 is vulnerable to a reflected cross-site scripting (XSS). The vulnerability is present in the VisualRF component of AirWave. By exploiting this vulnerability, an attacker who can trick a logged-in AirWave administrative user into clicking a link could obtain sensitive information, such as session cookies or passwords. The vulnerability requires that an administrative users click on the malicious link while currently logged into AirWave in the same browser. 2018-08-06 not yet calculated CVE-2016-8527
CONFIRM
BID
EXPLOIT-DB
arubanetworks — arubaos Multiple memory corruption flaws are present in ArubaOS which could allow an unauthenticated user to crash ArubaOS processes. With sufficient time and effort, it is possible these vulnerabilities could lead to the ability to execute arbitrary code – remote code execution has not yet been confirmed. 2018-08-06 not yet calculated CVE-2017-9003
CONFIRM
SECTRACK
arubanetworks — arubaos ArubaOS, all versions prior to 6.3.1.25, 6.4 prior to 6.4.4.16, 6.5.x prior to 6.5.1.9, 6.5.2, 6.5.3 prior to 6.5.3.3, 6.5.4 prior to 6.5.4.2, 8.x prior to 8.1.0.4 FIPS and non-FIPS versions of software are both affected equally is vulnerable to unauthenticated arbitrary file access. An unauthenticated user with network access to an Aruba mobility controller on TCP port 8080 or 8081 may be able to access arbitrary files stored on the mobility controller. Ports 8080 and 8081 are used for captive portal functionality and are listening, by default, on all IP interfaces of the mobility controller, including captive portal interfaces. The attacker could access files which could contain passwords, keys, and other sensitive information that could lead to full system compromise. 2018-08-06 not yet calculated CVE-2017-9000
CONFIRM
SECTRACK
arubanetworks — clearpass Aruba ClearPass prior to 6.6.9 has a vulnerability in the API that helps to coordinate cluster actions. An authenticated user with the “mon” permission could use this vulnerability to obtain cluster credentials which could allow privilege escalation. This vulnerability is only present when authenticated as a user with “mon” permission. 2018-08-06 not yet calculated CVE-2018-7059
CONFIRM
arubanetworks — clearpass Aruba ClearPass 6.6.x prior to 6.6.9 and 6.7.x prior to 6.7.1 is vulnerable to CSRF attacks against authenticated users. An attacker could manipulate an authenticated user into performing actions on the web administrative interface. 2018-08-06 not yet calculated CVE-2018-7060
CONFIRM
arubanetworks — clearpass Aruba ClearPass, all versions of 6.6.x prior to 6.6.9 are affected by an authentication bypass vulnerability, an attacker can leverage this vulnerability to gain administrator privileges on the system. The vulnerability is exposed only on ClearPass web interfaces, including administrative, guest captive portal, and API. Customers who do not expose ClearPass web interfaces to untrusted users are impacted to a lesser extent. 2018-08-06 not yet calculated CVE-2018-7058
CONFIRM
arubanetworks — clearpass Aruba ClearPass 6.6.3 and later includes a feature called “SSH Lockout”, which causes ClearPass to lock accounts with too many login failures through SSH. When this feature is enabled, an unauthenticated remote command execution vulnerability is present which could allow an unauthenticated user to execute arbitrary commands on the underlying operating system with “root” privilege level. This vulnerability is only present when a specific feature has been enabled. The SSH Lockout feature is not enabled by default, so only systems which have enabled this feature are vulnerable. 2018-08-06 not yet calculated CVE-2017-9001
CONFIRM
arubanetworks — clearpass All versions of Aruba ClearPass prior to 6.6.8 contain reflected cross-site scripting vulnerabilities. By exploiting this vulnerability, an attacker who can trick a logged-in ClearPass administrative user into clicking a link could obtain sensitive information, such as session cookies or passwords. The vulnerability requires that an administrative users click on the malicious link while currently logged into ClearPass in the same browser. 2018-08-06 not yet calculated CVE-2017-9002
CONFIRM
asus — hg100_devices ASUS HG100 devices allow denial of service via an IPv4 packet flood. 2018-08-10 not yet calculated CVE-2018-11492
MISC
atlassian — cloudtoken Unauthenticated access to cloudtoken daemon on Linux via network from version 0.1.1 before version 0.1.24 allows attackers on the same subnet to gain temporary AWS credentials for the users’ roles. 2018-08-10 not yet calculated CVE-2018-13390
MISC
auracms — auracms
 
AuraCMS 2.3 allows XSS via a Bukutamu -> AddGuestbook action. 2018-08-07 not yet calculated CVE-2018-15199
MISC
celalink — clr-m20_devices CeLa Link CLR-M20 devices allow unauthorized users to upload any file (e.g., asp, aspx, cfm, html, jhtml, jsp, or shtml), which causes remote code execution as well. Because of the WebDAV feature, it is possible to upload arbitrary files by utilizing the PUT method. 2018-08-07 not yet calculated CVE-2018-15137
MISC
cgit — cgit
 
cgit_clone_objects in CGit before 1.2.1 has a directory traversal vulnerability when `enable-http-clone=1` is not turned off, as demonstrated by a cgit/cgit.cgi/git/objects/?path=../ request. 2018-08-03 not yet calculated CVE-2018-14912
MISC
MLIST
MISC
DEBIAN
cisco — thor Stack-based buffer overflow in the Cisco Thor decoder before commit 18de8f9f0762c3a542b1122589edb8af859d9813 allows local users to cause a denial of service (segmentation fault) and execute arbitrary code via a crafted non-conformant Thor bitstream. 2018-08-09 not yet calculated CVE-2018-0429
CONFIRM
cobbler — cobbler
 
It was found that cobbler 2.6.x exposed all functions from its CobblerXMLRPCInterface class over XMLRPC. A remote, unauthenticated attacker could use this flaw to gain high privileges within cobbler, upload files to arbitrary location in the context of the daemon. 2018-08-09 not yet calculated CVE-2018-10931
REDHAT
CONFIRM
coremail — coremail
 
Cross-site scripting (XSS) vulnerability in intervalCheck.jsp in Coremail XT 3.0 allows remote attackers to inject arbitrary web script or HTML via the sid parameter. 2018-08-10 not yet calculated CVE-2018-14503
MISC
couchdb — couchdb CouchDB administrative users before 2.2.0 can configure the database server via HTTP(S). Due to insufficient validation of administrator-supplied configuration settings via the HTTP API, it is possible for a CouchDB administrator user to escalate their privileges to that of the operating system’s user under which CouchDB runs, by bypassing the blacklist of configuration settings that are not allowed to be modified via the HTTP API. This privilege escalation effectively allows a CouchDB admin user to gain arbitrary remote code execution, bypassing CVE-2017-12636 and CVE-2018-8007. 2018-08-08 not yet calculated CVE-2018-11769
BID
MISC
craft — cms
 
A Server Side Template Injection (SSTI) was discovered in the SEOmatic plugin before 3.1.4 for Craft CMS, because requests that don’t match any elements incorrectly generate the canonicalUrl, and can lead to execution of Twig code. 2018-08-06 not yet calculated CVE-2018-14716
MISC
CONFIRM
CONFIRM
CONFIRM
CONFIRM
EXPLOIT-DB
crestron — tsw-x60_and_mc3 For Crestron TSW-X60 version prior to 2.001.0037.001 and MC3 version prior to 1.502.0047.001, The devices are shipped with authentication disabled, and there is no indication to users that they need to take steps to enable it. When compromised, the access to the CTP console is left open. 2018-08-10 not yet calculated CVE-2018-10630
MISC
crestron — tsw-x60_and_mc3 Crestron TSW-X60 all versions prior to 2.001.0037.001 and MC3 all versions prior to 1.502.0047.00, The passwords for special sudo accounts may be calculated using information accessible to those with regular user privileges. Attackers could decipher these passwords, which may allow them to execute hidden API calls and escape the CTP console sandbox environment with elevated privileges. 2018-08-10 not yet calculated CVE-2018-13341
MISC
csrf-magic — csrf-magic
 
In csrf-magic before 1.0.4, if $GLOBALS[‘csrf’][‘secret’] is not configured, the Anti-CSRF Token used is predictable and would permit an attacker to bypass the CSRF protections, because an automatically generated secret is not used. 2018-08-07 not yet calculated CVE-2013-7464
MISC
MISC
MISC
dell — wyse_management_suite Dell WMS versions 1.1 and prior are impacted by multiple unquoted service path vulnerabilities. Affected software installs multiple services incorrectly by specifying the paths to the service executables without quotes. This could potentially allow a low-privileged local user to execute arbitrary executables with elevated privileges. 2018-08-10 not yet calculated CVE-2018-11063
MISC
dell_emc — data_protection_advisor_and_data_protection_appliance Dell EMC Data Protection Advisor, versions 6.2, 6,3, 6.4, 6.5 and Dell EMC Integrated Data Protection Appliance (IDPA) versions 2.0, 2.1 contain a XML External Entity (XXE) Injection vulnerability in the REST API. An authenticated remote malicious user could potentially exploit this vulnerability to read certain system files in the server or cause denial of service by supplying specially crafted Document Type Definitions (DTDs) in an XML request. 2018-08-10 not yet calculated CVE-2018-11048
FULLDISC
SECTRACK
dilawar — sound An issue has been found in dilawar sound through 2017-11-27. The end of openWavFile in wav-file.cc has Mismatched Memory Management Routines (operator new [] versus operator delete). 2018-08-05 not yet calculated CVE-2018-14948
MISC
MISC
django — django
 
django.middleware.common.CommonMiddleware in Django 1.11.x before 1.11.15 and 2.0.x before 2.0.8 has an Open Redirect. 2018-08-03 not yet calculated CVE-2018-14574
BID
SECTRACK
UBUNTU
DEBIAN
CONFIRM
drupal — drupal
 
Drupal core 8 before versions 8.3.4 allows remote attackers to execute arbitrary code due to the PECL YAML parser not handling PHP objects safely during certain operations. 2018-08-06 not yet calculated CVE-2017-6920
BID
SECTRACK
CONFIRM
emlsoft — emlsoft An issue was discovered in EMLsoft 5.4.5. The eml/upload/eml/?action=user&do=add page allows CSRF. 2018-08-06 not yet calculated CVE-2018-14966
MISC
emlsoft — emlsoft An issue was discovered in EMLsoft 5.4.5. The eml/upload/eml/?action=address&do=add page allows CSRF. 2018-08-06 not yet calculated CVE-2018-14965
MISC
emlsoft — emlsoft An issue was discovered in EMLsoft 5.4.5. upload\eml\action\action.address.php has SQL Injection via the numPerPage parameter. 2018-08-06 not yet calculated CVE-2018-14968
MISC
emlsoft — emlsoft An issue was discovered in EMLsoft 5.4.5. upload\eml\action\action.user.php has SQL Injection via the numPerPage parameter. 2018-08-06 not yet calculated CVE-2018-14967
MISC
emlsoft — emlsoft An issue was discovered in EMLsoft 5.4.5. XSS exists via the eml/upload/eml/?action=address&do=edit page. 2018-08-06 not yet calculated CVE-2018-14964
MISC
ethereum — eether_token An integer overflow in the unprotected distributeToken function of a smart contract implementation for EETHER (EETHER), an Ethereum ERC20 token, will lead to an unauthorized increase of an attacker’s digital assets. 2018-08-08 not yet calculated CVE-2018-11561
MISC
ethereum — megacryptopolis The doPayouts() function of the smart contract implementation for MegaCryptoPolis, an Ethereum game, has a Denial of Service vulnerability. If a smart contract that has a fallback function always causing exceptions buys a land, users cannot buy lands near that contract’s land, because those purchase attempts will not be completed unless the doPayouts() function successfully sends Ether to certain neighbors. 2018-08-06 not yet calculated CVE-2018-13877
MISC
ethereum — mycryptochamp The randMod() function of the smart contract implementation for MyCryptoChamp, an Ethereum game, generates a random value with publicly readable variables such as the current block information and a private variable, (which can be read with a getStorageAt call). Therefore, attackers can get powerful champs/items and get rewards. 2018-08-07 not yet calculated CVE-2018-12885
MISC
MISC
MISC
ethereum — smartmesh_token The transferProxy and approveProxy functions of a smart contract implementation for SmartMesh (SMT), an Ethereum ERC20 token, allow attackers to accomplish an unauthorized transfer of digital assets because replay attacks can occur with the same-named functions (with the same signatures) in other tokens: First (FST), GG Token (GG), M2C Mesh Network (MTC), M2C Mesh Network (mesh), and UG Token (UGT). 2018-08-10 not yet calculated CVE-2018-10769
MISC
freebsd — freebsd One of the data structures that holds TCP segments in all versions of FreeBSD prior to 11.2-RELEASE-p1, 11.1-RELEASE-p12, and 10.4-RELEASE-p10 uses an inefficient algorithm to reassemble the data. This causes the CPU time spent on segment processing to grow linearly with the number of segments in the reassembly queue. An attacker who has the ability to send TCP traffic to a victim system can degrade the victim system’s network performance and/or consume excessive CPU by exploiting the inefficiency of TCP reassembly handling, with relatively small bandwidth cost. 2018-08-09 not yet calculated CVE-2018-6922
SECTRACK
FREEBSD
gitea_and_gogs — gitea_and_gogs
 
An SSRF vulnerability in webhooks in Gitea through 1.5.0-rc2 and Gogs through 0.11.53 allows remote attackers to access intranet services. 2018-08-07 not yet calculated CVE-2018-15192
MISC
MISC
gogs — gogs A CSRF vulnerability in the admin panel in Gogs through 0.11.53 allows remote attackers to execute admin operations via a crafted issue / link. 2018-08-07 not yet calculated CVE-2018-15193
MISC
gogs — gogs
 
Open redirect vulnerability in Gogs before 0.12 allows remote attackers to redirect users to arbitrary websites and conduct phishing attacks via an initial /\ substring in the user/login redirect_to parameter, related to the function isValidRedirect in routes/user/auth.go. 2018-08-07 not yet calculated CVE-2018-15178
MISC
MISC
gxlcms — gxlcms
 
In Gxlcms 2.0, a news/index.php?s=Admin-Admin-Insert CSRF attack can add an administrator account. 2018-08-07 not yet calculated CVE-2018-15177
MISC
harmonic — nsg_9000_devices Harmonic NSG 9000 devices have a default password of nsgadmin for the admin account, a default password of nsgguest for the guest account, and a default password of nsgconfig for the config account. 2018-08-05 not yet calculated CVE-2018-14943
MISC
harmonic — nsg_9000_devices Harmonic NSG 9000 devices allow remote authenticated users to read the webapp.py source code via a direct request for the /webapp.py URI. 2018-08-05 not yet calculated CVE-2018-14941
MISC
harmonic — nsg_9000_devices Harmonic NSG 9000 devices allow remote authenticated users to conduct directory traversal attacks, as demonstrated by “POST /PY/EMULATION_GET_FILE” or “POST /PY/EMULATION_EXPORT” with FileName=../../../passwd in the POST data. 2018-08-05 not yet calculated CVE-2018-14942
MISC

hewlett_packard_enterprise — arcsight_winc_connector

A remote code execution security vulnerability has been identified in all versions of the HP ArcSight WINC Connector prior to v7.3.0. 2018-08-06 not yet calculated CVE-2016-4391
BID
SECTRACK
CONFIRM
hewlett_packard_enterprise — business_service_management A remote code execution vulnerability was identified in HP Business Service Management (BSM) using Apache Commons Collection Java Deserialization versions v9.20-v9.26 2018-08-06 not yet calculated CVE-2016-4405
BID
CONFIRM
hewlett_packard_enterprise — business_service_management A remote cross site scripting vulnerability has been identified in HP Business Service Management software v9.1x, v9.20 – v9.25IP1. 2018-08-06 not yet calculated CVE-2016-4392
BID
SECTRACK
CONFIRM
hewlett_packard_enterprise — centralview_fraud_risk_management HPE has identified a remote privilege escalation vulnerability in HPE CentralView Fraud Risk Management earlier than version CV 6.1. This isssue is resolved in HF16 for HPE CV 6.1 or subsequent version. 2018-08-06 not yet calculated CVE-2017-8992
CONFIRM
hewlett_packard_enterprise — centralview_fraud_risk_management HPE has identified a remote disclosure of information vulnerability in HPE CentralView Fraud Risk Management earlier than version CV 6.1. This isssue is resolved in HF16 for HPE CV 6.1 or subsequent version. 2018-08-06 not yet calculated CVE-2018-7070
CONFIRM
hewlett_packard_enterprise — centralview_fraud_risk_management
 
HPE has identified a remote HOST header attack vulnerability in HPE CentralView Fraud Risk Management earlier than version CV 6.1. This isssue is resolved in HF16 for HPE CV 6.1 or subsequent version. 2018-08-06 not yet calculated CVE-2018-7068
CONFIRM
hewlett_packard_enterprise — centralview_fraud_risk_management
 
HPE has identified a remote unauthenticated access to files vulnerability in HPE CentralView Fraud Risk Management earlier than version CV 6.1. This isssue is resolved in HF16 for HPE CV 6.1 or subsequent version. 2018-08-06 not yet calculated CVE-2018-7069
CONFIRM
hewlett_packard_enterprise — centralview_fraud_risk_management
 
HPE has identified a cross site scripting (XSS) vulnerability in HPE CentralView Fraud Risk Management earlier than version CV 6.1. This isssue is resolved in HF16 for HPE CV 6.1 or subsequent version. 2018-08-06 not yet calculated CVE-2017-8991
CONFIRM
hewlett_packard_enterprise — icewall_sso_dfw
 
A security vulnerability in HPE IceWall SSO Dfw 10.0 and 11.0 on RHEL, HP-UX, and Windows could be exploited remotely to allow URL Redirection. 2018-08-06 not yet calculated CVE-2017-8989
CONFIRM
hewlett_packard_enterprise — integrated_lights_out A Unauthenticated Remote Denial of Service vulnerability was identified in HPE Integrated Lights-Out 3 (iLO 3) version v1.88 only. The vulnerability is resolved in iLO3 v1.89 or subsequent versions. 2018-08-06 not yet calculated CVE-2017-8987
SECTRACK
CONFIRM
hewlett_packard_enterprise — integrated_lights_out A remote code execution was identified in HPE Integrated Lights-Out 4 (iLO 4) earlier than version v2.60 and HPE Integrated Lights-Out 5 (iLO 5) earlier than version v1.30. 2018-08-06 not yet calculated CVE-2018-7078
SECTRACK
CONFIRM
hewlett_packard_enterprise — integrated_lights_out
 
A remote cross site scripting vulnerability was identified in HPE iLO 3 all version prior to v1.88 and HPE iLO 4 all versions prior to v2.44. 2018-08-06 not yet calculated CVE-2016-4406
BID
SECTRACK
CONFIRM
hewlett_packard_enterprise — intelligent_management_center A potential security vulnerability has been identified in HPE Intelligent Management Center Platform (IMC Plat) 7.3 E0506P09. The vulnerability could be remotely exploited to allow for remote directory traversal leading to arbitrary file deletion. 2018-08-06 not yet calculated CVE-2018-7092
SECTRACK
CONFIRM
hewlett_packard_enterprise — intelligent_management_center_wireless_service_manager
 
A remote code execution vulnerability was identified in HPE Intelligent Management Center (iMC) Wireless Service Manager (WSM) Software earlier than version WSM 7.3 (E0506). This issue was resolved in HPE IMC Wireless Services Manager Software IMC WSM 7.3 E0506P01 or subsequent version. 2018-08-06 not yet calculated CVE-2017-8990
SECTRACK
CONFIRM
hewlett_packard_enterprise — intelligent_management_center
 
A remote code execution vulnerability was identified in HPE Intelligent Management Center (iMC) PLAT 7.3 E0506P07. The vulnerability was resolved in iMC PLAT 7.3 E0605P04 or subsequent version. 2018-08-06 not yet calculated CVE-2018-7074
SECTRACK
CONFIRM
hewlett_packard_enterprise — intelligent_management_center
 
A remote cross-site scripting (XSS) vulnerability was identified in HPE Intelligent Management Center (iMC) PLAT version v7.3 (E0506). The vulnerability is fixed in Intelligent Management Center PLAT 7.3 E0605P04 or subsequent version. 2018-08-06 not yet calculated CVE-2018-7075
CONFIRM
hewlett_packard_enterprise — keyview A security vulnerability was identified in the Filter SDK component of HP KeyView earlier than v11.2. The vulnerability could be exploited remotely to allow code execution via a memory allocation issue. 2018-08-06 not yet calculated CVE-2016-4404
BID
SECTRACK
CONFIRM
hewlett_packard_enterprise — keyview A security vulnerability was identified in the Filter SDK component of HP KeyView earlier than v11.2. The vulnerability could be exploited remotely to allow code execution via buffer overflow. 2018-08-06 not yet calculated CVE-2016-4402
BID
SECTRACK
CONFIRM
hewlett_packard_enterprise — keyview A security vulnerability was identified in the Filter SDK component of HP KeyView earlier than v11.2. The vulnerability could be exploited remotely to allow code execution via memory corruption. 2018-08-06 not yet calculated CVE-2016-4403
BID
SECTRACK
CONFIRM
hewlett_packard_enterprise — moonshot_provisioning_manager
 
A remote bypass of security restrictions vulnerability was identified in HPE Moonshot Provisioning Manager prior to v1.24. 2018-08-06 not yet calculated CVE-2018-7072
CONFIRM
MISC
hewlett_packard_enterprise — moonshot_provisioning_manager
 
A local arbitrary file modification vulnerability was identified in HPE Moonshot Provisioning Manager prior to v1.24. 2018-08-06 not yet calculated CVE-2018-7073
CONFIRM
UBUNTU
MISC
hewlett_packard_enterprise — network_function_virtualization_director
 
HPE has identified a remote access to sensitive information vulnerability in HPE Network Function Virtualization Director (NFVD) 4.2.1 prior to gui patch 3. 2018-08-06 not yet calculated CVE-2018-7071
CONFIRM
hewlett_packard_enterprise — network_node_manager_i A security vulnerability was identified in HP Network Node Manager i (NNMi) Software 10.00, 10.01 (patch1), 10.01 (patch 2), 10.10. The vulnerability could result in cross-site scripting (XSS). 2018-08-06 not yet calculated CVE-2016-4400
BID
SECTRACK
CONFIRM
hewlett_packard_enterprise — network_node_manager_i A local code execution security vulnerability was identified in HP Network Node Manager i (NNMi) v10.00, v10.10 and v10.20 Software. 2018-08-06 not yet calculated CVE-2016-4397
BID
BID
SECTRACK
CONFIRM
hewlett_packard_enterprise — network_node_manager_i A security vulnerability was identified in HP Network Node Manager i (NNMi) Software 10.00, 10.01 (patch1), 10.01 (patch 2), 10.10. The vulnerability could result in cross-site scripting (XSS). 2018-08-06 not yet calculated CVE-2016-4399
BID
SECTRACK
CONFIRM
hewlett_packard_enterprise — network_node_manager_i A remote arbitrary code execution vulnerability was identified in HP Network Node Manager i (NNMi) Software 10.00, 10.01 (patch1), 10.01 (patch 2), 10.10 using Java Deserialization. 2018-08-06 not yet calculated CVE-2016-4398
BID
CONFIRM
hewlett_packard_enterprise — restful_interface_tool A remote execution of arbitrary code vulnerability has been identified in HPE RESTful Interface Tool 1.5, 2.0 (hprest-1.5-79.x86_64.rpm, ilorest-2.0-403.x86_64.rpm). The issue is resolved in iLOREST v2.1 or subsequent versions. 2018-08-06 not yet calculated CVE-2017-8968
CONFIRM
hewlett_packard_enterprise — xp_command_view_advanced_edition
 
A Remote Bypass of Security Restrictions vulnerability was identified in HPE XP Command View Advanced Edition Software Earlier than 8.5.3-00. The vulnerability impacts DevMgr Earlier than 8.5.3-00 (for Windows, Linux), RepMgr earlier than 8.5.3-00 (for Windows, Linux) and HDLM earlier than 8.5.3-00 (for Windows, Linux, Solaris, AIX). 2018-08-06 not yet calculated CVE-2017-8988
CONFIRM
hewlett_packard_enterprise — xp_p9000_command_view_advanced_edition
 
HPE XP P9000 Command View Advanced Edition Software (CVAE) has open URL redirection vulnerability in versions 7.0.0-00 to earlier than 8.60-00 of DevMgr, TSMgr and RepMgr. 2018-08-06 not yet calculated CVE-2018-7091
CONFIRM
hewlett_packard_enterprise — xp_p9000_command_view_advanced_edition
 
HPE XP P9000 Command View Advanced Edition Software (CVAE) has local and remote cross site scripting vulnerability in versions 7.0.0-00 to earlier than 8.60-00 of DevMgr, TSMgr and RepMgr. 2018-08-06 not yet calculated CVE-2018-7090
CONFIRM
hitachi — command_suite An Information Exposure issue was discovered in Hitachi Command Suite 8.5.3. A remote attacker may be able to exploit a flaw in the permission of messaging that may allow for information exposure via a crafted message. 2018-08-09 not yet calculated CVE-2018-14735
CONFIRM
ibm — jazz_foundation_products IBM Jazz Foundation products (IBM Rational DOORS Next Generation 5.0 through 5.0.2 and 6.0 through 6.0.5) are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 139025. 2018-08-06 not yet calculated CVE-2018-1422
CONFIRM
BID
XF
ibm — maximo_asset_management IBM Maximo Asset Management 7.6 through 7.6.3 installs with a default administrator account that a remote intruder could use to gain administrator access to the system. This vulnerability is due to an incomplete fix for CVE-2015-4966. IBM X-Force ID: 142116. 2018-08-03 not yet calculated CVE-2018-1524
XF
CONFIRM
ibm — maximo_asset_management IBM Maximo Asset Management 7.6 through 7.6.3 could allow an authenticated user to obtain sensitive information from the WhoAmI API. IBM X-Force ID: 142290. 2018-08-06 not yet calculated CVE-2018-1528
BID
XF
CONFIRM
ibm — rhapsody_model_manager IBM Rhapsody Model Manager 6.0.6 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 145510. 2018-08-07 not yet calculated CVE-2018-1690
CONFIRM
XF
ibm — security_identity_governance_virtual_appliance IBM Security Identity Governance Virtual Appliance 5.2 through 5.2.3.2 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 126859. 2018-08-06 not yet calculated CVE-2017-1366
CONFIRM
XF
ibm — security_identity_governance_virtual_appliance IBM Security Identity Governance Virtual Appliance 5.2 through 5.2.3.2 generates an error message that includes sensitive information about its environment, users, or associated data. IBM X-Force ID: 127400. 2018-08-06 not yet calculated CVE-2017-1412
CONFIRM
XF
ibm — security_identity_governance_virtual_appliance IBM Security Identity Governance Virtual Appliance 5.2 through 5.2.3.2 could allow a local attacker to inject commands into malicious files that could be executed by the administrator. IBM X-Force ID: 135855. 2018-08-06 not yet calculated CVE-2017-1755
CONFIRM
XF
ibm — security_identity_governance_virtual_appliance IBM Security Identity Governance Virtual Appliance 5.2 through 5.2.3.2 does not set the secure attribute on authorization tokens or session cookies. Attackers may be able to get the cookie values by sending a http:// link to a user or by planting this link in a site the user goes to. The cookie will be sent to the insecure link and the attacker can then obtain the cookie value by snooping the traffic. IBM X-Force ID: 126861. 2018-08-06 not yet calculated CVE-2017-1368
CONFIRM
XF
ibm — security_identity_governance_virtual_appliance IBM Security Identity Governance Virtual Appliance 5.2 through 5.2.3.2 does not require that users should have strong passwords by default, which makes it easier for attackers to compromise user accounts. IBM X-Force ID: 127399. 2018-08-06 not yet calculated CVE-2017-1411
CONFIRM
XF
ibm — security_identity_governance_virtual_appliance IBM Security Identity Governance Virtual Appliance 5.2 through 5.2.3.2 specifies permissions for a security-critical resource in a way that allows that resource to be read or modified by unintended actors. IBM X-Force ID: 127342. 2018-08-06 not yet calculated CVE-2017-1396
CONFIRM
XF
ibm — security_identity_governance_virtual_appliance IBM Security Identity Governance Virtual Appliance 5.2 through 5.2.3.2 discloses sensitive information to unauthorized users. The information can be used to mount further attacks on the system. IBM X-Force ID: 127396. 2018-08-06 not yet calculated CVE-2017-1409
CONFIRM
XF
ibm — websphere_mq IBM WebSphere MQ 8.0.0.2 through 8.0.0.8 and 9.0.0.0 through 9.0.0.3 could allow users to have more authority than they should have if an MQ administrator creates an invalid user group name. IBM X-Force ID: 142888. 2018-08-06 not yet calculated CVE-2018-1551
BID
XF
CONFIRM
ignited — cms An issue was discovered in Ignited CMS through 2017-02-19. ign/index.php/admin/pages/add_page allows a CSRF attack to add pages. 2018-08-08 not yet calculated CVE-2018-15203
MISC
insteon — hub Specially crafted commands sent through the PubNub service in Insteon Hub 2245-222 with firmware version 1012 can cause a stack-based buffer overflow overwriting arbitrary data. An attacker should send an authenticated HTTP request to trigger this vulnerability.At 0x9d014cc0 the value for the cmd key is copied using strcpy to the buffer at $sp+0x11c. This buffer is 20 bytes large, sending anything longer will cause a buffer overflow. 2018-08-06 not yet calculated CVE-2017-16252
MISC
insteon — hub An exploitable buffer overflow vulnerability exists in the PubNub message handler for the ‘ad’ channel of Insteon Hub running firmware version 1012. Specially crafted commands sent through the PubNub service can cause a stack-based buffer overflow overwriting arbitrary data. An attacker should send an authenticated HTTP request to trigger this vulnerability. 2018-08-06 not yet calculated CVE-2017-14447
MISC
jenkins — jenkins
 
jenkins-email-ext before version 2.57.1 is vulnerable to an Information Exposure. The Email Extension Plugins is able to send emails to a dynamically created list of users based on the changelogs, like authors of SCM changes since the last successful build. This could in some cases result in emails being sent to people who have no user account in Jenkins, and in rare cases even people who were not involved in whatever project was being built, due to some mapping based on the local-part of email addresses. 2018-08-06 not yet calculated CVE-2017-2654
CONFIRM
CONFIRM
jiofi — 4g_hotspot_m2s_devices JioFi 4G Hotspot M2S devices allow attackers to cause a denial of service (secure configuration outage) via an XSS payload in the SSID name and Security Key fields. 2018-08-09 not yet calculated CVE-2018-15181
MISC
jpeg_encoder — jpeg_encoder An issue has been found in jpeg_encoder through 2015-11-27. It is a heap-based buffer overflow in the function readFromBMP in jpeg_encoder.cpp. 2018-08-05 not yet calculated CVE-2018-14945
MISC
MISC
jpeg_encoder — jpeg_encoder
 
An issue has been found in jpeg_encoder through 2015-11-27. It is a SEGV in the function readFromBMP in jpeg_encoder.cpp. The signal is caused by an out-of-bounds write. 2018-08-05 not yet calculated CVE-2018-14944
MISC
MISC
juunan06 — ecommerce An issue was discovered in Juunan06 eCommerce through 2018-08-05. There is a CSRF vulnerability in ee/eBoutique/app/template/includes/crudTreatment.php that can add new users and add products. 2018-08-08 not yet calculated CVE-2018-15202
MISC
laravel — framework In Laravel Framework through 5.5.40 and 5.6.x through 5.6.29, remote code execution might occur as a result of an unserialize call on a potentially untrusted X-XSRF-TOKEN value. This involves the decrypt method in Illuminate/Encryption/Encrypter.php and PendingBroadcast in gadgetchains/Laravel/RCE/3/chain.php in phpggc. The attacker must know the application key, which normally would never occur, but could happen if the attacker previously had privileged access or successfully accomplished a previous attack. 2018-08-09 not yet calculated CVE-2018-15133
CONFIRM
libpq — libpq
 
A vulnerability was found in libpq, the default PostgreSQL client library where libpq failed to properly reset its internal state between connections. If an affected version of libpq was used with “host” or “hostaddr” connection parameters from untrusted input, attackers could bypass client-side connection security features, obtain access to higher privileged connections or potentially cause other impact through SQL injection, by causing the PQescape() functions to malfunction. Postgresql versions before 10.5, 9.6.10, 9.5.14, 9.4.19, and 9.3.24 are affected. 2018-08-09 not yet calculated CVE-2018-10915
CONFIRM
DEBIAN
CONFIRM
libreoffice — libreoffice The get_app_path function in desktop/unx/source/start.c in LibreOffice through 6.0.5 mishandles the realpath function in certain environments such as FreeBSD libc, which might allow attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other impact if LibreOffice is automatically launched during web browsing with pathnames controlled by a remote web site. 2018-08-05 not yet calculated CVE-2018-14939
BID
MISC
libtiff — libtiff
 
ChopUpSingleUncompressedStrip in tif_dirread.c in LibTIFF 4.0.9 allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted TIFF file, as demonstrated by tiff2pdf. 2018-08-08 not yet calculated CVE-2018-15209
MISC
linux — kernel The swiotlb_print_info function in lib/swiotlb.c in the Linux kernel through 4.14.14 allows local users to obtain sensitive address information by reading dmesg data from a “software IO TLB” printk call. 2018-08-07 not yet calculated CVE-2018-5953
BID
MISC
linux — kernel The pcpu_embed_first_chunk function in mm/percpu.c in the Linux kernel through 4.14.14 allows local users to obtain sensitive address information by reading dmesg data from a “pages/cpu” printk call. 2018-08-07 not yet calculated CVE-2018-5995
BID
MISC
linux — kernel
 
The aoedisk_debugfs_show function in drivers/block/aoe/aoeblk.c in the Linux kernel through 4.16.4rc4 allows local users to obtain sensitive address information by reading “ffree: ” lines in a debugfs file. 2018-08-10 not yet calculated CVE-2018-7754
CONFIRM
MISC
linux — kernel
 
Linux kernel versions 4.9+ can be forced to make very expensive calls to tcp_collapse_ofo_queue() and tcp_prune_ofo_queue() for every incoming packet which can lead to a denial of service. 2018-08-06 not yet calculated CVE-2018-5390
BID
SECTRACK
SECTRACK
CONFIRM
UBUNTU
UBUNTU
DEBIAN
CERT-VN
CONFIRM
lxc-user-nic — lxc-user-nic
 
lxc-user-nic when asked to delete a network interface will unconditionally open a user provided path. This code path may be used by an unprivileged user to check for the existence of a path which they wouldn’t otherwise be able to reach. It may also be used to trigger side effects by causing a (read-only) open of special kernel files (ptmx, proc, sys). Affected releases are LXC: 2.0 versions above and including 2.0.9; 3.0 versions above and including 3.0.0, prior to 3.0.2. 2018-08-10 not yet calculated CVE-2018-6556
CONFIRM
CONFIRM
UBUNTU
medtronic — mycarelink_and_patient_monitor A vulnerability was discovered in all versions of Medtronic MyCareLink 24950 and 24952 Patient Monitor. The affected product’s update service does not sufficiently verify the authenticity of the data uploaded. An attacker who obtains per-product credentials from the monitor and paired implantable cardiac device information can potentially upload invalid data to the Medtronic CareLink network. 2018-08-10 not yet calculated CVE-2018-10626
BID
MISC
medtronic — mycarelink_and_patient_monitor A vulnerability was discovered in all versions of Medtronic MyCareLink 24950 and 24952 Patient Monitor. The affected products use per-product credentials that are stored in a recoverable format. An attacker can use these credentials for network authentication and encryption of local data at rest. 2018-08-10 not yet calculated CVE-2018-10622
BID
MISC
multiple_vendors — bluetooth_firmware_and_operating_system_software_drivers
 
Bluetooth firmware or operating system software drivers in macOS versions before 10.13, High Sierra and iOS versions before 11.4, and Android versions before the 2018-06-05 patch may not sufficiently validate elliptic curve parameters used to generate public keys during a Diffie-Hellman key exchange, which may allow a remote attacker to obtain the encryption key used by the device. 2018-08-07 not yet calculated CVE-2018-5383
MISC
BID
SECTRACK
CONFIRM
CERT-VN
netcomm_wireless — 4g_lte_light_industrial_m2m_router NetComm Wireless G LTE Light Industrial M2M Router (NWL-25) with firmware 2.0.29.11 and prior. The directory of the device is listed openly without authentication. 2018-08-10 not yet calculated CVE-2018-14785
MISC
netcomm_wireless — 4g_lte_light_industrial_m2m_router NetComm Wireless G LTE Light Industrial M2M Router (NWL-25) with firmware 2.0.29.11 and prior. A cross-site request forgery condition can occur, allowing an attacker to change passwords of the device remotely. 2018-08-10 not yet calculated CVE-2018-14783
MISC
netcomm_wireless — 4g_lte_light_industrial_m2m_router NetComm Wireless G LTE Light Industrial M2M Router (NWL-25) with firmware 2.0.29.11 and prior. The device is vulnerable to several cross-site scripting attacks, allowing a remote attacker to run arbitrary code on the device. 2018-08-10 not yet calculated CVE-2018-14784
MISC
netcomm_wireless — 4g_lte_light_industrial_m2m_router NetComm Wireless G LTE Light Industrial M2M Router (NWL-25) with firmware 2.0.29.11 and prior. The device allows access to configuration files and profiles without authenticating the user. 2018-08-10 not yet calculated CVE-2018-14782
MISC
netiq — edirectory Unvalidated redirect vulnerability in in NetIQ eDirectory before 9.1.1 HF1. 2018-08-09 not yet calculated CVE-2018-7692
MISC
netiq — edirectory Information leakage vulnerability in NetIQ eDirectory before 9.1.1 HF1 due to shared memory usage. 2018-08-09 not yet calculated CVE-2018-7686
MISC
nmap — nmap
 
Nmap through 7.70, when the -sV option is used, allows remote attackers to cause a denial of service (stack consumption and application crash) via a crafted TCP-based service. 2018-08-07 not yet calculated CVE-2018-15173
MISC
MISC
ocs_inventory_ng — ocs_inventory_server Unrestricted file upload (with remote code execution) in require/mail/NotificationMail.php in Webconsole in OCS Inventory NG OCS Inventory Server through 2.5 allows a privileged user to gain access to the server via a template file containing PHP code, because file extensions other than .html are permitted. 2018-08-06 not yet calculated CVE-2018-14857
FULLDISC
SECTRACK
CONFIRM
onethink — onethink An issue was discovered in OneThink v1.1. There is a CSRF vulnerability in admin.php?s=/User/add.html that can add a user. 2018-08-07 not yet calculated CVE-2018-15198
MISC
onethink — onethink
 
An issue was discovered in OneThink v1.1. There is a CSRF vulnerability in admin.php?s=/AuthManager/addToGroup.html that can endow administrator privileges. 2018-08-07 not yet calculated CVE-2018-15197
MISC
oracle — database_server A vulnerability was discovered in the Java VM component of Oracle Database Server. Supported versions that are affected are 11.2.0.4, 12.1.0.2, 12.2.0.1 and 18. Easily exploitable vulnerability allows low privileged attacker having Create Session privilege with network access via Oracle Net to compromise Java VM. While the vulnerability is in Java VM, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Java VM. CVSS 3.0 Base Score 9.9 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H). 2018-08-10 not yet calculated CVE-2018-3110
CONFIRM
pdf2json — pdf2json An issue has been found in PDF2JSON 0.69. The HtmlString class in ImgOutputDev.cc has Mismatched Memory Management Routines (malloc versus operator delete). 2018-08-05 not yet calculated CVE-2018-14946
MISC
MISC
pdf2json — pdf2json An issue has been found in PDF2JSON 0.69. XmlFontAccu::CSStyle in XmlFonts.cc has Mismatched Memory Management Routines (operator new [] versus operator delete). 2018-08-05 not yet calculated CVE-2018-14947
MISC
MISC
php — php
 
An issue was discovered in ext/standard/link_win32.c in PHP before 5.6.37, 7.0.x before 7.0.31, 7.1.x before 7.1.20, and 7.2.x before 7.2.8. The linkinfo function on Windows doesn’t implement the open_basedir check. This could be abused to find files on paths outside of the allowed directories. 2018-08-07 not yet calculated CVE-2018-15132
MISC
MISC
MISC
MISC
phpcms — phpcms
 
PHPCMS 9 allows remote attackers to cause a denial of service (resource consumption) via large font_size, height, and width parameters in an api.php?op=checkcode request. 2018-08-05 not yet calculated CVE-2018-14940
MISC
phpscriptsmall.com — advanced_real_estate_script PHP Scripts Mall advanced-real-estate-script 4.0.9 has CSRF via edit-profile.php. 2018-08-10 not yet calculated CVE-2018-15187
MISC
phpscriptsmall.com — advanced_real_estate_script PHP Scripts Mall advanced-real-estate-script has XSS via the Name field of a profile. 2018-08-10 not yet calculated CVE-2018-15189
MISC
phpscriptsmall.com — advanced_real_estate_script PHP Scripts Mall advanced-real-estate-script 4.0.9 allows remote attackers to cause a denial of service (page structure loss) via crafted JavaScript code in the Name field of a profile. 2018-08-10 not yet calculated CVE-2018-15188
MISC
phpscriptsmall.com — basic_b2b_script PHP Scripts Mall Basic B2B Script 2.0.0 has Reflected and Stored XSS via the First name, Last name, Address 1, City, State, and Company name fields. 2018-08-03 not yet calculated CVE-2018-14541
MISC
EXPLOIT-DB
phpscriptsmall.com — car_rental_script PHP Scripts Mall Car Rental Script 2.0.8 has XSS via the FirstName and LastName fields. 2018-08-09 not yet calculated CVE-2018-15182
MISC
phpscriptsmall.com — cms_auditor_website PHP Scripts Mall Chartered Accountant : Auditor Website 2.0.1 has CSRF via client/auditor/updprofile.php. 2018-08-10 not yet calculated CVE-2018-15186
MISC
phpscriptsmall.com — hotel_booking_script PHP Scripts Mall hotel-booking-script 2.0.4 allows XSS via the First Name, Last Name, or Address field. 2018-08-10 not yet calculated CVE-2018-15190
MISC
phpscriptsmall.com — hotel_booking_script PHP Scripts Mall hotel-booking-script 2.0.4 allows remote attackers to cause a denial of service via crafted JavaScript code in the First Name, Last Name, or Address field. 2018-08-10 not yet calculated CVE-2018-15191
MISC
phpscriptsmall.com — naukri_clone_script PHP Scripts Mall Naukri / Shine / Jobsite Clone Script 3.0.4 has Stored XSS via the USERNAME field, a related issue to CVE-2018-6795. 2018-08-09 not yet calculated CVE-2018-15184
MISC
phpscriptsmall.com — naukri_clone_script PHP Scripts Mall Naukri / Shine / Jobsite Clone Script 3.0.4 allows remote attackers to cause a denial of service (page update outage) via crafted PHP and JavaScript code in the “Current Position” field. 2018-08-10 not yet calculated CVE-2018-15185
MISC
phpscriptsmall.com — php_template_store_script PHP Template Store Script 3.0.6 allows XSS via the Address line 1, Address Line 2, Bank name, or A/C Holder name field in a profile. 2018-08-06 not yet calculated CVE-2018-14869
MISC
EXPLOIT-DB
phpscriptsmall.com — resume_builder_script PHP Scripts Mall Myperfectresume / JobHero / Resume Clone Script 2.0.6 has Stored XSS via the Full Name and Title fields. 2018-08-09 not yet calculated CVE-2018-15183
MISC
postgresql — postgresql It was discovered that PostgreSQL versions before 10.5, 9.6.10, 9.5.14, 9.4.19, and 9.3.24 failed to properly check authorization on certain statements involved with “INSERT … ON CONFLICT DO UPDATE”. An attacker with “CREATE TABLE” privileges could exploit this to read arbitrary bytes server memory. If the attacker also had certain “INSERT” and limited “UPDATE” privileges to a particular table, they could exploit this to update other columns in the same table. 2018-08-09 not yet calculated CVE-2018-10925
CONFIRM
DEBIAN
CONFIRM
qcms — qcms An issue was discovered in QCMS 3.0.1. upload/System/Controller/backend/product.php has XSS. 2018-08-06 not yet calculated CVE-2018-14973
MISC
qcms — qcms An issue was discovered in QCMS 3.0.1. upload/System/Controller/backend/user.php has XSS. 2018-08-06 not yet calculated CVE-2018-14971
MISC
qcms — qcms An issue was discovered in QCMS 3.0.1. upload/System/Controller/backend/category.php has XSS. 2018-08-06 not yet calculated CVE-2018-14976
MISC
qcms — qcms An issue was discovered in QCMS 3.0.1. upload/System/Controller/backend/down.php has XSS. 2018-08-06 not yet calculated CVE-2018-14972
MISC
qcms — qcms An issue was discovered in QCMS 3.0.1. upload/System/Controller/backend/slideshow.php has XSS. 2018-08-06 not yet calculated CVE-2018-14970
MISC
qcms — qcms An issue was discovered in QCMS 3.0.1. upload/System/Controller/backend/album.php has XSS. 2018-08-06 not yet calculated CVE-2018-14975
MISC
qcms — qcms An issue was discovered in QCMS 3.0.1. upload/System/Controller/guest.php has XSS, as demonstrated by the name parameter, a different vulnerability than CVE-2018-8070. 2018-08-06 not yet calculated CVE-2018-14977
MISC
qcms — qcms An issue was discovered in QCMS 3.0.1. CSRF exists via the backend/user/admin/add.html URI. 2018-08-06 not yet calculated CVE-2018-14978
MISC
qcms — qcms An issue was discovered in QCMS 3.0.1. upload/System/Controller/backend/news.php has XSS. 2018-08-06 not yet calculated CVE-2018-14974
MISC
qcms — qcms
 
An issue was discovered in QCMS 3.0.1. upload/System/Controller/backend/system.php has XSS. 2018-08-06 not yet calculated CVE-2018-14969
MISC
responsive_filemanager — responsive_filemanager upload.php in Responsive FileManager 9.13.1 allows SSRF via the url parameter. 2018-08-03 not yet calculated CVE-2018-14728
MISC
EXPLOIT-DB
rubygems — active-support_gem active-support ruby gem 5.2.0 could allow a remote attacker to execute arbitrary code on the system, caused by containing a malicious backdoor. An attacker could exploit this vulnerability to execute arbitrary code on the system. 2018-08-10 not yet calculated CVE-2018-3779
MISC
siemens — automation_license_manager A vulnerability has been identified in Automation License Manager 5 (All versions < 5.3.4.4). An attacker with network access to the device could send specially crafted network packets to determine whether or not a network port on another remote system is accessible or not. This allows the attacker to do basic network scanning using the victims machine. Successful exploitation requires a network connection to the affected device. The attacker does not need privileges, no user interaction is required. The impact is limited to determining whether or not a port on a target system is accessible by the affected device. 2018-08-07 not yet calculated CVE-2018-11456
CONFIRM
siemens — automation_license_manager A vulnerability has been identified in Automation License Manager 5 (All versions < 5.3.4.4), Automation License Manager 6 (All versions < 6.0.1). A directory traversal vulnerability could allow a remote attacker to move arbitrary files, which can result in code execution, compromising confidentiality, integrity and availability of the system. Successful exploitation requires a network connection to the affected device. The attacker does not need privileges or special conditions of the system, but user interaction is required. 2018-08-07 not yet calculated CVE-2018-11455
CONFIRM
siemens — simatic_step_7_and_simatic_wincc A vulnerability has been identified in SIMATIC STEP 7 (TIA Portal) and WinCC (TIA Portal) V10, V11, V12 (All versions), SIMATIC STEP 7 (TIA Portal) and WinCC (TIA Portal) V13 (All versions), SIMATIC STEP 7 (TIA Portal) and WinCC (TIA Portal) V14 (All versions < V14 SP1 Update 6), SIMATIC STEP 7 (TIA Portal) and WinCC (TIA Portal) V15 (All versions < V15 Update 2). Improper file permissions in the default installation of TIA Portal may allow an attacker with local file system access to insert specially crafted files which may prevent TIA Portal startup (Denial-of-Service) or lead to local code execution. No special privileges are required, but the victim needs to attempt to start TIA Portal after the manipulation. 2018-08-07 not yet calculated CVE-2018-11453
CONFIRM
siemens — simatic_step_7_and_simatic_wincc A vulnerability has been identified in SIMATIC STEP 7 (TIA Portal) and WinCC (TIA Portal) V10, V11, V12 (All versions), SIMATIC STEP 7 (TIA Portal) and WinCC (TIA Portal) V13 (All versions), SIMATIC STEP 7 (TIA Portal) and WinCC (TIA Portal) V14 (All versions < V14 SP1 Update 6), SIMATIC STEP 7 (TIA Portal) and WinCC (TIA Portal) V15 (All versions < V15 Update 2). Improper file permissions in the default installation of TIA Portal may allow an attacker with local file system access to manipulate resources which may be transferred to devices and executed there by a different user. No special privileges are required, but the victim needs to transfer the manipulated files to a device. Execution is caused on the target device rather than on the PG device. 2018-08-07 not yet calculated CVE-2018-11454
CONFIRM
squirrelmail — squirrelmail The mail message display page in SquirrelMail through 1.4.22 has XSS via a “<svg><a xlink:href=”https://www.us-cert.gov attack. 2018-08-05 not yet calculated CVE-2018-14950
MISC
MISC
MISC
squirrelmail — squirrelmail The mail message display page in SquirrelMail through 1.4.22 has XSS via a “<form action=’data:text” attack. 2018-08-05 not yet calculated CVE-2018-14951
MISC
MISC
MISC
squirrelmail — squirrelmail The mail message display page in SquirrelMail through 1.4.22 has XSS via the formaction attribute. 2018-08-05 not yet calculated CVE-2018-14954
MISC
MISC
MISC
squirrelmail — squirrelmail The mail message display page in SquirrelMail through 1.4.22 has XSS via a “<math xlink:href=”https://www.us-cert.gov attack. 2018-08-05 not yet calculated CVE-2018-14953
MISC
MISC
MISC
squirrelmail — squirrelmail The mail message display page in SquirrelMail through 1.4.22 has XSS via a “<math><maction xlink:href=”https://www.us-cert.gov attack. 2018-08-05 not yet calculated CVE-2018-14952
MISC
MISC
MISC
squirrelmail — squirrelmail The mail message display page in SquirrelMail through 1.4.22 has XSS via SVG animations (animate to attribute). 2018-08-05 not yet calculated CVE-2018-14955
MISC
MISC
MISC
symfony — symfony An issue was discovered in Symfony before 2.7.38, 2.8.31, 3.2.14, 3.3.13, 3.4-BETA5, and 4.0-BETA5. The Intl component includes various bundle readers that are used to read resource bundles from the local filesystem. The read() methods of these classes use a path and a locale to determine the language bundle to retrieve. The locale argument value is commonly retrieved from untrusted user input (like a URL parameter). An attacker can use this argument to navigate to arbitrary directories via the dot-dot-slash attack, aka Directory Traversal. 2018-08-06 not yet calculated CVE-2017-16654
CONFIRM
CONFIRM
DEBIAN
symfony — symfony An issue was discovered in Symfony before 2.7.38, 2.8.31, 3.2.14, 3.3.13, 3.4-BETA5, and 4.0-BETA5. When a form is submitted by the user, the request handler classes of the Form component merge POST data and uploaded files data into one array. This big array forms the data that are then bound to the form. At this stage there is no difference anymore between submitted POST data and uploaded files. A user can send a crafted HTTP request where the value of a “FileType” is sent as normal POST data that could be interpreted as a local file path on the server-side (for example, “file:///etc/passwd”). If the application did not perform any additional checks about the value submitted to the “FileType”, the contents of the given file on the server could have been exposed to the attacker. 2018-08-06 not yet calculated CVE-2017-16790
CONFIRM
DEBIAN
symfony — symfony An issue was discovered in Symfony before 2.7.38, 2.8.31, 3.2.14, 3.3.13, 3.4-BETA5, and 4.0-BETA5. The current implementation of CSRF protection in Symfony (Version >=2) does not use different tokens for HTTP and HTTPS; therefore the token is subject to MITM attacks on HTTP and can then be used in an HTTPS context to do CSRF attacks. 2018-08-06 not yet calculated CVE-2017-16653
CONFIRM
CONFIRM
DEBIAN
thinksaas — thinksaas ThinkSAAS through 2018-07-25 has XSS via the index.php?app=group&ac=create&ts=do groupdesc parameter. 2018-08-07 not yet calculated CVE-2018-15130
MISC
thinksaas — thinksaas ThinkSAAS through 2018-07-25 has XSS via the index.php?app=article&ac=comment&ts=do content parameter. 2018-08-07 not yet calculated CVE-2018-15129
MISC
tibco — activematrix_businessworks The BusinessWorks engine component of TIBCO Software Inc.’s TIBCO ActiveMatrix BusinessWorks, TIBCO ActiveMatrix BusinessWorks for z/Linux, and TIBCO ActiveMatrix BusinessWorks Distribution for TIBCO Silver Fabric contains a vulnerability that may allow XML eXternal Entity (XXE) attacks via incoming network messages, and may disclose the contents of files accessible to a running BusinessWorks engine Affected releases are TIBCO Software Inc. TIBCO ActiveMatrix BusinessWorks: versions up to and including 5.13.0, TIBCO ActiveMatrix BusinessWorks for z/Linux: versions up to and including 5.13.0, TIBCO ActiveMatrix BusinessWorks Distribution for TIBCO Silver Fabric: versions up to and including 5.13.0. 2018-08-08 not yet calculated CVE-2018-12408
BID
MISC
CONFIRM
ubuntu — ubuntu
 
The CUPS AppArmor profile incorrectly confined the dnssd backend due to use of hard links. A local attacker could possibly use this issue to escape confinement. This flaw affects versions prior to 2.2.7-1ubuntu2.1 in Ubuntu 18.04 LTS, prior to 2.2.4-7ubuntu3.1 in Ubuntu 17.10, prior to 2.1.3-4ubuntu0.5 in Ubuntu 16.04 LTS, and prior to 1.7.2-0ubuntu1.10 in Ubuntu 14.04 LTS. 2018-08-10 not yet calculated CVE-2018-6553
MLIST
UBUNTU
DEBIAN
vdsm — vdsm
 
It was found that vdsm before version 4.20.37 invokes qemu-img on untrusted inputs without limiting resources. By uploading a specially crafted image, an attacker could cause the qemu-img process to consume unbounded amounts of memory of CPU time, causing a denial of service condition that could potentially impact other users of the host. 2018-08-09 not yet calculated CVE-2018-10908
MISC
CONFIRM
MISC
weaselcms — weaselcms An issue was discovered in WeaselCMS v0.3.5. CSRF can update the website settings (such as the theme, title, and description) via index.php. 2018-08-05 not yet calculated CVE-2018-14958
MISC
weaselcms — weaselcms An issue was discovered in WeaselCMS v0.3.5. CSRF can create new pages via an index.php?b=pages&a=new URI. 2018-08-05 not yet calculated CVE-2018-14959
MISC
wolf — cms
 
Wolf CMS 0.8.3.1 has XSS in the Snippets tab, as demonstrated by a ?/admin/snippet/edit/1 URI. 2018-08-10 not yet calculated CVE-2018-14837
MISC
wordpress — wordpress
 
In WordPress 4.9.7, plugins uploaded via the admin area are not verified as being ZIP files. This allows for PHP files to be uploaded. Once a PHP file is uploaded, the plugin extraction fails, but the PHP file remains in a predictable wp-content/uploads location, allowing for an attacker to then execute the file. This represents a security risk in limited scenarios where an attacker (who does have the required capabilities for plugin uploads) cannot simply place arbitrary PHP code into a valid plugin ZIP file and upload that plugin, because a machine’s wp-content/plugins directory permissions were set up to block all new plugins. 2018-08-10 not yet calculated CVE-2018-14028
MISC
MISC
MISC
wpa_supplicant — wpa_supplicant
 
An issue was discovered in rsn_supp/wpa.c in wpa_supplicant 2.0 through 2.6. Under certain conditions, the integrity of EAPOL-Key messages is not checked, leading to a decryption oracle. An attacker within range of the Access Point and client can abuse the vulnerability to recover sensitive information. 2018-08-08 not yet calculated CVE-2018-14526
SECTRACK
MLIST
MISC
MISC
xiao5ucompany — xiao5ucompany Xiao5uCompany 1.7 has CSRF via admin/Admin.asp. 2018-08-06 not yet calculated CVE-2018-14960
MISC
MISC
xnview — xnview XnView 2.45 allows remote attackers to cause a denial of service (User Mode Write AV starting at MSVCR120!memcpy+0x0000000000000074 and application crash) or possibly have unspecified other impact via a crafted RLE file. 2018-08-07 not yet calculated CVE-2018-15176
MISC
xnview — xnview XnView 2.45 allows remote attackers to cause a denial of service (User Mode Write AV starting at Qt5Core!QVariant::~QVariant+0x0000000000000014 and application crash) or possibly have unspecified other impact via a crafted RLE file. 2018-08-07 not yet calculated CVE-2018-15175
MISC
xnview — xnview
 
XnView 2.45 allows remote attackers to cause a denial of service (Read Access Violation at the Instruction Pointer and application crash) or possibly have unspecified other impact via a crafted ICO file. 2018-08-07 not yet calculated CVE-2018-15174
MISC
zoho_manageengine — applications_manager A SQL Injection vulnerability exists in the Zoho ManageEngine Applications Manager 13 before build 13820 via the resids parameter in a /editDisplaynames.do?method=editDisplaynames GET request. 2018-08-07 not yet calculated CVE-2018-15168
MISC
MISC
zoho_manageengine — applications_manager A reflected Cross-site scripting (XSS) vulnerability in Zoho ManageEngine Applications Manager 13 before build 13820 allows remote attackers to inject arbitrary web script or HTML via the /deleteMO.do method parameter. 2018-08-07 not yet calculated CVE-2018-15169
MISC
MISC
zzcms —  zzcms zzcms 8.3 has CSRF via the admin/adminadd.php?action=add URI. 2018-08-06 not yet calculated CVE-2018-14963
MISC
zzcms —  zzcms zzcms 8.3 has stored XSS related to the content variable in user/manage.php and zt/show.php. 2018-08-06 not yet calculated CVE-2018-14962
MISC
zzcms —  zzcms
 
dl/dl_sendmail.php in zzcms 8.3 has SQL Injection via the sql parameter. 2018-08-06 not yet calculated CVE-2018-14961
MISC
MISC

Back to top


This product is provided subject to this Notification and this Privacy & Use policy.

SB18-211: Vulnerability Summary for the Week of July 23, 2018

Original release date: July 30, 2018

The US-CERT Cyber Security Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD) in the past week. The NVD is sponsored by the Department of Homeland Security (DHS) National Cybersecurity and Communications Integration Center (NCCIC) / United States Computer Emergency Readiness Team (US-CERT). For modified or updated entries, please visit the NVD, which contains historical vulnerability information.

The vulnerabilities are based on the CVE vulnerability naming standard and are organized according to severity, determined by the Common Vulnerability Scoring System (CVSS) standard. The division of high, medium, and low severities correspond to the following scores:

  • High – Vulnerabilities will be labeled High severity if they have a CVSS base score of 7.0 – 10.0

  • Medium – Vulnerabilities will be labeled Medium severity if they have a CVSS base score of 4.0 – 6.9

  • Low – Vulnerabilities will be labeled Low severity if they have a CVSS base score of 0.0 – 3.9

Entries may include additional information provided by organizations and efforts sponsored by US-CERT. This information may include identifying information, values, definitions, and related links. Patch information is provided when available. Please note that some of the information in the bulletins is compiled from external, open source reports and is not a direct result of US-CERT analysis.

The NCCIC Weekly Vulnerability Summary Bulletin is created using information from the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD). In some cases, the vulnerabilities in the Bulletin may not yet have assigned CVSS scores. Please visit NVD for updated vulnerability entries, which include CVSS scores once they are available.

 

High Vulnerabilities

Primary
Vendor — Product
Description Published CVSS Score Source & Patch Info
There were no high vulnerabilities recorded this week.

Back to top

 

Medium Vulnerabilities

Primary
Vendor — Product
Description Published CVSS Score Source & Patch Info
There were no medium vulnerabilities recorded this week.

Back to top

 

Low Vulnerabilities

Primary
Vendor — Product
Description Published CVSS Score Source & Patch Info
There were no low vulnerabilities recorded this week.

Back to top

 

Severity Not Yet Assigned

Primary
Vendor — Product
Description Published CVSS Score Source & Patch Info
adobe — acrobat_and_reader Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have an Out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. 2018-07-20 not yet calculated CVE-2018-5018
BID
SECTRACK
CONFIRM
adobe — acrobat_and_reader Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have an Out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. 2018-07-20 not yet calculated CVE-2018-5024
BID
SECTRACK
CONFIRM
adobe — acrobat_and_reader Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have a Heap Overflow vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user. 2018-07-20 not yet calculated CVE-2018-5015
SECTRACK
CONFIRM
adobe — acrobat_and_reader Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have an Out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. 2018-07-20 not yet calculated CVE-2018-5022
BID
SECTRACK
CONFIRM
adobe — acrobat_and_reader Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have an Out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. 2018-07-20 not yet calculated CVE-2018-5025
BID
SECTRACK
CONFIRM
adobe — acrobat_and_reader Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have an Untrusted pointer dereference vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user. 2018-07-20 not yet calculated CVE-2018-5012
BID
SECTRACK
CONFIRM
adobe — acrobat_and_reader Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have an Out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. 2018-07-20 not yet calculated CVE-2018-5026
BID
SECTRACK
CONFIRM
adobe — acrobat_and_reader Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have an Out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. 2018-07-20 not yet calculated CVE-2018-5016
BID
SECTRACK
CONFIRM
adobe — acrobat_and_reader Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have a Use-after-free vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user. 2018-07-20 not yet calculated CVE-2018-12792
BID
SECTRACK
CONFIRM
adobe — acrobat_and_reader Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have an Out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user. 2018-07-20 not yet calculated CVE-2018-5070
BID
SECTRACK
CONFIRM
adobe — acrobat_and_reader Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have a Heap Overflow vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user. 2018-07-20 not yet calculated CVE-2018-5028
SECTRACK
CONFIRM
adobe — acrobat_and_reader Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have an Out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user. 2018-07-20 not yet calculated CVE-2018-5064
BID
SECTRACK
CONFIRM
adobe — acrobat_and_reader Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have an Out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. 2018-07-20 not yet calculated CVE-2018-5066
BID
SECTRACK
CONFIRM
adobe — acrobat_and_reader Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have a Use-after-free vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user. 2018-07-20 not yet calculated CVE-2018-5009
BID
SECTRACK
CONFIRM
adobe — acrobat_and_reader Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have an Out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. 2018-07-20 not yet calculated CVE-2018-12767
BID
SECTRACK
CONFIRM
adobe — acrobat_and_reader Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have an Out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. 2018-07-20 not yet calculated CVE-2018-12786
BID
SECTRACK
CONFIRM
adobe — acrobat_and_reader Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have a Heap Overflow vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user. 2018-07-20 not yet calculated CVE-2018-5052
SECTRACK
CONFIRM
adobe — acrobat_and_reader Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have an Out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. 2018-07-20 not yet calculated CVE-2018-12789
BID
SECTRACK
CONFIRM
adobe — acrobat_and_reader Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have an Out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. 2018-07-20 not yet calculated CVE-2018-12790
BID
SECTRACK
CONFIRM
adobe — acrobat_and_reader Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have an Out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user. 2018-07-20 not yet calculated CVE-2018-12771
BID
SECTRACK
CONFIRM
adobe — acrobat_and_reader Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have an Out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. 2018-07-20 not yet calculated CVE-2018-5063
BID
SECTRACK
CONFIRM
adobe — acrobat_and_reader Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have a Use-after-free vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user. 2018-07-20 not yet calculated CVE-2018-5011
BID
SECTRACK
CONFIRM
adobe — acrobat_and_reader Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have an Out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. 2018-07-20 not yet calculated CVE-2018-5027
BID
SECTRACK
CONFIRM
adobe — acrobat_and_reader Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have an Out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. 2018-07-20 not yet calculated CVE-2018-5014
BID
SECTRACK
CONFIRM
adobe — acrobat_and_reader Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have an Out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user. 2018-07-20 not yet calculated CVE-2018-12787
BID
SECTRACK
CONFIRM
adobe — acrobat_and_reader Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have a Heap Overflow vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user. 2018-07-20 not yet calculated CVE-2018-5058
SECTRACK
CONFIRM
adobe — acrobat_and_reader Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have an Out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user. 2018-07-20 not yet calculated CVE-2018-5020
BID
SECTRACK
CONFIRM
adobe — acrobat_and_reader Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have an Out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. 2018-07-20 not yet calculated CVE-2018-5055
BID
SECTRACK
CONFIRM
adobe — acrobat_and_reader Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have an Out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. 2018-07-20 not yet calculated CVE-2018-5035
BID
SECTRACK
CONFIRM
adobe — acrobat_and_reader Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have an Out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. 2018-07-20 not yet calculated CVE-2018-5056
BID
SECTRACK
CONFIRM
adobe — acrobat_and_reader Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have an Out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. 2018-07-20 not yet calculated CVE-2018-5068
BID
SECTRACK
CONFIRM
adobe — acrobat_and_reader Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have an Out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. 2018-07-20 not yet calculated CVE-2018-5046
BID
SECTRACK
CONFIRM
adobe — acrobat_and_reader Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have an Out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. 2018-07-20 not yet calculated CVE-2018-5048
BID
SECTRACK
CONFIRM
adobe — acrobat_and_reader Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have an Out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user. 2018-07-20 not yet calculated CVE-2018-5059
BID
SECTRACK
CONFIRM

adobe — acrobat_and_reader

Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have a Heap Overflow vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user. 2018-07-20 not yet calculated CVE-2018-12798
SECTRACK
CONFIRM
adobe — acrobat_and_reader Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have an Out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. 2018-07-20 not yet calculated CVE-2018-12781
BID
SECTRACK
CONFIRM
adobe — acrobat_and_reader Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have a Use-after-free vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user. 2018-07-20 not yet calculated CVE-2018-12791
BID
SECTRACK
CONFIRM
adobe — acrobat_and_reader Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have a Double Free vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user. 2018-07-20 not yet calculated CVE-2018-12782
BID
SECTRACK
CONFIRM
adobe — acrobat_and_reader Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have an Out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. 2018-07-20 not yet calculated CVE-2018-5060
BID
SECTRACK
CONFIRM
adobe — acrobat_and_reader Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have a Heap Overflow vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user. 2018-07-20 not yet calculated CVE-2018-5067
SECTRACK
CONFIRM
adobe — acrobat_and_reader Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have a Type Confusion vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user. 2018-07-20 not yet calculated CVE-2018-5057
BID
SECTRACK
CONFIRM
adobe — acrobat_and_reader Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have an Out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. 2018-07-20 not yet calculated CVE-2018-5033
BID
SECTRACK
CONFIRM
adobe — acrobat_and_reader Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have a Heap Overflow vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user. 2018-07-20 not yet calculated CVE-2018-5032
SECTRACK
CONFIRM
adobe — acrobat_and_reader Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have an Out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user. 2018-07-20 not yet calculated CVE-2018-12760
BID
SECTRACK
CONFIRM
adobe — acrobat_and_reader Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have an Out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. 2018-07-20 not yet calculated CVE-2018-5019
BID
SECTRACK
CONFIRM
adobe — acrobat_and_reader Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have a Buffer Errors vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user. 2018-07-20 not yet calculated CVE-2018-5034
BID
SECTRACK
CONFIRM
adobe — acrobat_and_reader Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have an Out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. 2018-07-20 not yet calculated CVE-2018-12765
BID
SECTRACK
CONFIRM
adobe — acrobat_and_reader Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have an Out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. 2018-07-20 not yet calculated CVE-2018-5047
BID
SECTRACK
CONFIRM
adobe — acrobat_and_reader Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have a Heap Overflow vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user. 2018-07-20 not yet calculated CVE-2018-5045
SECTRACK
CONFIRM
adobe — acrobat_and_reader Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have an Out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. 2018-07-20 not yet calculated CVE-2018-5017
BID
SECTRACK
CONFIRM
adobe — acrobat_and_reader Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have an Out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. 2018-07-20 not yet calculated CVE-2018-5050
BID
SECTRACK
CONFIRM
adobe — acrobat_and_reader Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have a Heap Overflow vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user. 2018-07-20 not yet calculated CVE-2018-5040
SECTRACK
CONFIRM
adobe — acrobat_and_reader Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have an Out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user. 2018-07-20 not yet calculated CVE-2018-5069
BID
SECTRACK
CONFIRM
adobe — acrobat_and_reader Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have a Use-after-free vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user. 2018-07-20 not yet calculated CVE-2018-12770
BID
SECTRACK
CONFIRM
adobe — acrobat_and_reader Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have a Use-after-free vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user. 2018-07-20 not yet calculated CVE-2018-12773
BID
SECTRACK
CONFIRM
adobe — acrobat_and_reader Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have an Out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. 2018-07-20 not yet calculated CVE-2018-5054
BID
SECTRACK
CONFIRM
adobe — acrobat_and_reader Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have an Out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. 2018-07-20 not yet calculated CVE-2018-12768
BID
SECTRACK
CONFIRM
adobe — acrobat_and_reader Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have a Use-after-free vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user. 2018-07-20 not yet calculated CVE-2018-12796
BID
SECTRACK
CONFIRM
adobe — acrobat_and_reader Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have a Use-after-free vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user. 2018-07-20 not yet calculated CVE-2018-12772
BID
SECTRACK
CONFIRM
adobe — acrobat_and_reader Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have an Out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. 2018-07-20 not yet calculated CVE-2018-5031
BID
SECTRACK
CONFIRM
adobe — acrobat_and_reader Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have an Untrusted pointer dereference vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user. 2018-07-20 not yet calculated CVE-2018-5030
BID
SECTRACK
CONFIRM
adobe — acrobat_and_reader Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have a Use-after-free vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user. 2018-07-20 not yet calculated CVE-2018-12797
BID
SECTRACK
CONFIRM
adobe — acrobat_and_reader Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have an Out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. 2018-07-20 not yet calculated CVE-2018-5049
BID
SECTRACK
CONFIRM
adobe — acrobat_and_reader Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have an Out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. 2018-07-20 not yet calculated CVE-2018-12779
BID
SECTRACK
CONFIRM
adobe — acrobat_and_reader Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have an Out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. 2018-07-20 not yet calculated CVE-2018-12803
BID
SECTRACK
CONFIRM
adobe — acrobat_and_reader Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have a Security Bypass vulnerability. Successful exploitation could lead to privilege escalation. 2018-07-20 not yet calculated CVE-2018-12802
BID
SECTRACK
CONFIRM

adobe — acrobat_and_reader

Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have an Out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. 2018-07-20 not yet calculated CVE-2018-5051
BID
SECTRACK
CONFIRM
adobe — acrobat_and_reader Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have a Use-after-free vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user. 2018-07-20 not yet calculated CVE-2018-5065
BID
SECTRACK
CONFIRM

adobe — acrobat_and_reader

Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have a Use-after-free vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user. 2018-07-20 not yet calculated CVE-2018-12783
BID
SECTRACK
CONFIRM

adobe — acrobat_and_reader

Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have a Use-after-free vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user. 2018-07-20 not yet calculated CVE-2018-12756
BID
SECTRACK
CONFIRM

adobe — acrobat_and_reader

Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have an Out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user. 2018-07-20 not yet calculated CVE-2018-12754
BID
SECTRACK
CONFIRM
adobe — acrobat_and_reader Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have an Out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. 2018-07-20 not yet calculated CVE-2018-5044
BID
SECTRACK
CONFIRM

adobe — acrobat_and_reader

Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have a Buffer Errors vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user. 2018-07-20 not yet calculated CVE-2018-12784
BID
SECTRACK
CONFIRM
adobe — acrobat_and_reader Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have a Heap Overflow vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user. 2018-07-20 not yet calculated CVE-2018-12785
SECTRACK
CONFIRM
adobe — acrobat_and_reader Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have an Out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. 2018-07-20 not yet calculated CVE-2018-12780
BID
SECTRACK
CONFIRM
adobe — acrobat_and_reader Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have an Out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. 2018-07-20 not yet calculated CVE-2018-12795
BID
SECTRACK
CONFIRM
adobe — acrobat_and_reader Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have an Out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. 2018-07-20 not yet calculated CVE-2018-12757
BID
SECTRACK
CONFIRM
adobe — acrobat_and_reader Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have an Out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. 2018-07-20 not yet calculated CVE-2018-12774
BID
SECTRACK
CONFIRM
adobe — acrobat_and_reader Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have an Out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. 2018-07-20 not yet calculated CVE-2018-5053
BID
SECTRACK
CONFIRM
adobe — acrobat_and_reader Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have an Out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. 2018-07-20 not yet calculated CVE-2018-12761
BID
SECTRACK
CONFIRM
adobe — acrobat_and_reader Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have an Out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. 2018-07-20 not yet calculated CVE-2018-5062
BID
SECTRACK
CONFIRM
adobe — acrobat_and_reader Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have a Type Confusion vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user. 2018-07-20 not yet calculated CVE-2018-12793
BID
SECTRACK
CONFIRM
adobe — acrobat_and_reader Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have a Heap Overflow vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user. 2018-07-20 not yet calculated CVE-2018-12788
SECTRACK
CONFIRM
adobe — acrobat_and_reader Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have an Out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. 2018-07-20 not yet calculated CVE-2018-12766
BID
SECTRACK
CONFIRM
adobe — acrobat_and_reader Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have an Out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user. 2018-07-20 not yet calculated CVE-2018-12758
BID
SECTRACK
CONFIRM
adobe — acrobat_and_reader Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have an Out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user. 2018-07-20 not yet calculated CVE-2018-5042
BID
SECTRACK
CONFIRM

adobe — acrobat_and_reader

Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have an Out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user. 2018-07-20 not yet calculated CVE-2018-12755
BID
SECTRACK
CONFIRM
adobe — acrobat_and_reader Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have an Out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. 2018-07-20 not yet calculated CVE-2018-5061
BID
SECTRACK
CONFIRM
adobe — acrobat_and_reader Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have an Out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. 2018-07-20 not yet calculated CVE-2018-12777
BID
SECTRACK
CONFIRM
adobe — acrobat_and_reader Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have a Heap Overflow vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user. 2018-07-20 not yet calculated CVE-2018-5036
SECTRACK
CONFIRM
adobe — acrobat_and_reader Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have an Out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. 2018-07-20 not yet calculated CVE-2018-12762
BID
SECTRACK
CONFIRM
adobe — acrobat_and_reader Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have an Out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. 2018-07-20 not yet calculated CVE-2018-5029
BID
SECTRACK
CONFIRM
adobe — acrobat_and_reader Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have an Out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. 2018-07-20 not yet calculated CVE-2018-12763
BID
SECTRACK
CONFIRM
adobe — acrobat_and_reader Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have an Out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. 2018-07-20 not yet calculated CVE-2018-5039
BID
SECTRACK
CONFIRM
adobe — acrobat_and_reader Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have a Buffer Errors vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user. 2018-07-20 not yet calculated CVE-2018-5043
BID
SECTRACK
CONFIRM
adobe — acrobat_and_reader Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have a Use-after-free vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user. 2018-07-20 not yet calculated CVE-2018-12776
BID
SECTRACK
CONFIRM
adobe — acrobat_and_reader Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have a Buffer Errors vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user. 2018-07-20 not yet calculated CVE-2018-5037
BID
SECTRACK
CONFIRM
adobe — acrobat_and_reader Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have a Heap Overflow vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user. 2018-07-20 not yet calculated CVE-2018-5041
SECTRACK
CONFIRM
adobe — acrobat_and_reader Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have an Out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. 2018-07-20 not yet calculated CVE-2018-12764
BID
SECTRACK
CONFIRM
adobe — acrobat_and_reader Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have a Heap Overflow vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user. 2018-07-20 not yet calculated CVE-2018-5038
SECTRACK
CONFIRM
adobe — acrobat_and_reader Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have a Type Confusion vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user. 2018-07-20 not yet calculated CVE-2018-12794
BID
SECTRACK
CONFIRM
adobe — acrobat_and_reader Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have an Out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. 2018-07-20 not yet calculated CVE-2018-5010
BID
SECTRACK
CONFIRM
adobe — acrobat_and_reader Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have an Out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user. 2018-07-20 not yet calculated CVE-2018-5021
BID
SECTRACK
CONFIRM
adobe — acrobat_and_reader Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have an Out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. 2018-07-20 not yet calculated CVE-2018-5023
BID
SECTRACK
CONFIRM
adobe — connect Adobe Connect versions 9.7.5 and earlier have an Insecure Library Loading vulnerability. Successful exploitation could lead to privilege escalation. 2018-07-20 not yet calculated CVE-2018-12805
BID
CONFIRM
adobe — connect Adobe Connect versions 9.7.5 and earlier have an Authentication Bypass vulnerability. Successful exploitation could lead to session hijacking. 2018-07-20 not yet calculated CVE-2018-12804
BID
SECTRACK
CONFIRM
adobe — experience_manager Adobe Experience Manager versions 6.2 and 6.3 have a Server-Side Request Forgery vulnerability. Successful exploitation could lead to sensitive information disclosure. 2018-07-20 not yet calculated CVE-2018-5004
BID
CONFIRM
adobe — experience_manager Adobe Experience Manager versions 6.4 and earlier have a Server-Side Request Forgery vulnerability. Successful exploitation could lead to sensitive information disclosure. 2018-07-20 not yet calculated CVE-2018-5006
BID
CONFIRM

adobe — experience_manager

Adobe Experience Manager versions 6.4 and earlier have a Server-Side Request Forgery vulnerability. Successful exploitation could lead to sensitive information disclosure. 2018-07-20 not yet calculated CVE-2018-12809
BID
CONFIRM
adobe — flash_player Adobe Flash Player 30.0.0.113 and earlier versions have a Type Confusion vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user. 2018-07-20 not yet calculated CVE-2018-5007
BID
SECTRACK
REDHAT
CONFIRM
adobe — flash_player Adobe Flash Player 30.0.0.113 and earlier versions have an Out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. 2018-07-20 not yet calculated CVE-2018-5008
BID
SECTRACK
REDHAT
CONFIRM
advancecomp — advancecomp An out-of-bounds heap buffer read flaw was found in the way advancecomp before 2.1-2018/02 handled processing of ZIP files. An attacker could potentially use this flaw to crash the advzip utility by tricking it into processing crafted ZIP files. 2018-07-27 not yet calculated CVE-2018-1056
CONFIRM
CONFIRM
MLIST
CONFIRM
UBUNTU

ansible — ansible

An input validation vulnerability was found in Ansible’s mysql_user module before 2.2.1.0, which may fail to correctly change a password in certain circumstances. Thus the previous password would still be active when it should have been changed. 2018-07-26 not yet calculated CVE-2016-8647
REDHAT
CONFIRM
CONFIRM

ansible — tower

A flaw was found in Ansible Tower’s interface before 3.1.5 and 3.2.0 with SCM repositories. If a Tower project (SCM repository) definition does not have the ‘delete before update’ flag set, an attacker with commit access to the upstream playbook source repository could create a Trojan playbook that, when executed by Tower, modifies the checked out SCM repository to add git hooks. These git hooks could, in turn, cause arbitrary command and code execution as the user Tower runs as. 2018-07-27 not yet calculated CVE-2017-12148
REDHAT
CONFIRM
apache — kafka In Apache Kafka 0.9.0.0 to 0.9.0.1, 0.10.0.0 to 0.10.2.1, 0.11.0.0 to 0.11.0.2, and 1.0.0, authenticated Kafka users may perform action reserved for the Broker via a manually created fetch request interfering with data replication, resulting in data loss. 2018-07-26 not yet calculated CVE-2018-1288
MLIST

apache — kafka

In Apache Kafka 0.10.0.0 to 0.10.2.1 and 0.11.0.0 to 0.11.0.1, authenticated Kafka clients may use impersonation via a manually crafted protocol message with SASL/PLAIN or SASL/SCRAM authentication when using the built-in PLAIN or SCRAM server implementations in Apache Kafka. 2018-07-26 not yet calculated CVE-2017-12610
BID
MLIST
apache — openwhisk In PHP Runtime for Apache OpenWhisk, a Docker action inheriting one of the Docker tags openwhisk/action-php-v7.2:1.0.0 or openwhisk/action-php-v7.1:1.0.1 (or earlier) may allow an attacker to replace the user function inside the container if the user code is vulnerable to code exploitation. 2018-07-23 not yet calculated CVE-2018-11756
CONFIRM
MLIST
apache — openwhisk In Docker Skeleton Runtime for Apache OpenWhisk, a Docker action inheriting the Docker tag openwhisk/dockerskeleton:1.3.0 (or earlier) may allow an attacker to replace the user function inside the container if the user code is vulnerable to code exploitation. 2018-07-23 not yet calculated CVE-2018-11757
CONFIRM
MLIST
apache — tomee The TomEE console (tomee-webapp) has a XSS vulnerability which could allow javascript to be executed if the user is given a malicious URL. This web application is typically used to add TomEE features to a Tomcat installation. The TomEE bundles do not ship with this application included. This issue can be mitigated by removing the application after TomEE is setup (if using the application to install TomEE), using one of the provided pre-configured bundles, or by upgrading to TomEE 7.0.5. This issue is resolve in this commit: b8bbf50c23ce97dd64f3a5d77f78f84e47579863. 2018-07-23 not yet calculated CVE-2018-8031
MLIST

arm — mbed_tls

ARM mbed TLS before 2.12.0, before 2.7.5, and before 2.1.14 allows local users to achieve partial plaintext recovery (for a CBC based ciphersuite) via a cache-based side-channel attack. 2018-07-28 not yet calculated CVE-2018-0498
CONFIRM

arm — mbed_tls

ARM mbed TLS before 2.12.0, before 2.7.5, and before 2.1.14 allows remote attackers to achieve partial plaintext recovery (for a CBC based ciphersuite) via a timing-based side-channel attack. This vulnerability exists because of an incorrect fix (with a wrong SHA-384 calculation) for CVE-2013-0169. 2018-07-28 not yet calculated CVE-2018-0497
CONFIRM
asus — hg100_devices ASUS HG100 devices with firmware before 1.05.12 allow unauthenticated access, leading to remote command execution. 2018-07-25 not yet calculated CVE-2018-11491
CONFIRM

atlassian — jira

The Webhooks component of Atlassian Jira before version 7.6.7 and from version 7.7.0 before version 7.11.0 allows remote attackers who are able to observe or otherwise intercept webhook events to learn information about changes in issues that should not be sent because they are not contained within the results of a specified JQL query. 2018-07-24 not yet calculated CVE-2017-18104
CONFIRM
aubio — aubio An issue was discovered in aubio 0.4.6. A SEGV signal can occur in aubio_source_avcodec_readframe in io/source_avcodec.c, as demonstrated by aubiomfcc. 2018-07-23 not yet calculated CVE-2018-14521
MISC
aubio — aubio An issue was discovered in aubio 0.4.6. A SEGV signal can occur in aubio_pitch_set_unit in pitch/pitch.c, as demonstrated by aubionotes. 2018-07-23 not yet calculated CVE-2018-14522
MISC
aubio — aubio An issue was discovered in aubio 0.4.6. A buffer over-read can occur in new_aubio_pitchyinfft in pitch/pitchyinfft.c, as demonstrated by aubionotes. 2018-07-23 not yet calculated CVE-2018-14523
MISC

aveva — intouch

AVEVA InTouch 2014 R2 SP1 and prior, InTouch 2017, InTouch 2017 Update 1, and InTouch 2017 Update 2 allow an unauthenticated user to send a specially crafted packet that could overflow the buffer on a locale not using a dot floating point separator. Exploitation could allow remote code execution under the privileges of the InTouch View process. 2018-07-24 not yet calculated CVE-2018-10628
BID
MISC
CONFIRM

bagecms — bagecms

index.php?r=admini/admin/create in BageCMS V3.1.3 allows CSRF to add a background administrator account. 2018-07-24 not yet calculated CVE-2018-14582
MISC
bento4 — bento4 An issue has been discovered in Bento4 1.5.1-624. A SEGV can occur in AP4_Processor::ProcessFragments in Core/Ap4Processor.cpp. 2018-07-24 not yet calculated CVE-2018-14590
MISC
bento4 — bento4 An issue was discovered in Bento4 1.5.1-624. There is a heap-based buffer over-read in AP4_Mpeg2TsVideoSampleStream::WriteSample in Core/Ap4Mpeg2Ts.cpp after a call from Mp42Hls.cpp, a related issue to CVE-2018-13846. 2018-07-23 not yet calculated CVE-2018-14532
MISC
bento4 — bento4 An issue has been discovered in Bento4 1.5.1-624. AP4_MemoryByteStream::WritePartial in Core/Ap4ByteStream.cpp has a buffer over-read. 2018-07-24 not yet calculated CVE-2018-14587
MISC
bento4 — bento4 An issue was discovered in Bento4 1.5.1-624. There is an unspecified “heap-buffer-overflow” crash in the AP4_HvccAtom class in Core/Ap4HvccAtom.cpp. 2018-07-23 not yet calculated CVE-2018-14531
MISC
bento4 — bento4 An issue has been discovered in Bento4 1.5.1-624. A NULL pointer dereference can occur in AP4_DataBuffer::SetData in Core/Ap4DataBuffer.cpp. 2018-07-24 not yet calculated CVE-2018-14588
MISC
bento4 — bento4 An issue has been discovered in Bento4 1.5.1-624. AP4_Mp4AudioDsiParser::ReadBits in Codecs/Ap4Mp4AudioInfo.cpp has a heap-based buffer over-read. 2018-07-24 not yet calculated CVE-2018-14589
MISC
bento4 — bento4 There exists one NULL pointer dereference vulnerability in AP4_JsonInspector::AddField in Ap4Atom.cpp in Bento4 1.5.1-624, which can allow attackers to cause a denial-of-service via a crafted mp4 file. This vulnerability can be triggered by the executable mp4dump. 2018-07-23 not yet calculated CVE-2018-14543
MISC
bento4 — bento4 An issue has been discovered in Bento4 1.5.1-624. AP4_AvccAtom::Create in Core/Ap4AvccAtom.cpp has a heap-based buffer over-read. 2018-07-24 not yet calculated CVE-2018-14584
MISC
MISC
bento4 — bento4 An issue has been discovered in Bento4 1.5.1-624. AP4_BytesToUInt16BE in Core/Ap4Utils.h has a heap-based buffer over-read after a call from the AP4_Stz2Atom class. 2018-07-24 not yet calculated CVE-2018-14585
MISC
bento4 — bento4 There exists one invalid memory read bug in AP4_SampleDescription::GetFormat() in Ap4SampleDescription.h in Bento4 1.5.1-624, which can allow attackers to cause a denial-of-service via a crafted mp4 file. This vulnerability can be triggered by the executable mp42ts. 2018-07-23 not yet calculated CVE-2018-14544
MISC
bento4 — bento4 There exists one invalid memory read bug in AP4_SampleDescription::GetType() in Ap4SampleDescription.h in Bento4 1.5.1-624, which can allow attackers to cause a denial-of-service via a crafted mp4 file. This vulnerability can be triggered by the executable mp42ts. 2018-07-23 not yet calculated CVE-2018-14545
MISC
bento4 — bento4 An issue has been discovered in Bento4 1.5.1-624. A SEGV can occur in AP4_Mpeg2TsAudioSampleStream::WriteSample in Core/Ap4Mpeg2Ts.cpp, a different vulnerability than CVE-2018-14532. 2018-07-24 not yet calculated CVE-2018-14586
MISC
brynamics — online_trade Brynamics “Online Trade – Online trading and cryptocurrency investment system” allows remote attackers to obtain sensitive information via a direct request for /dashboard/addplan, /dashboard/paywithcard/charge, /dashboard/withdrawal, or /privacy&terms, as demonstrated by reading database username, database password, database_name, and IP address fields, related to CVE-2018-12908. 2018-07-23 not yet calculated CVE-2018-14328
MISC
busybox — busybox
 
huft_build in archival/libarchive/decompress_gunzip.c in BusyBox before 1.27.2 misuses a pointer, causing segfaults and an application crash during an unzip operation on a specially crafted ZIP file. 2018-07-26 not yet calculated CVE-2015-9261
MISC
MISC
MISC
MLIST

calamp — lmu_3030_series_devices

CalAmp LMU 3030 series OBD-II CDMA and GSM devices has an SMS (text message) interface that can be deployed where no password is configured for this interface by the integrator / reseller. This interface must be password protected, otherwise, the attacker only needs to know the phone number of the device (via an IMSI Catcher, for example) to send administrative commands to the device. These commands can be used to provide ongoing, real-time access to the device and can configure parameters such as IP addresses, firewall rules, and passwords. 2018-07-24 not yet calculated CVE-2017-3217
CERT-VN
BID
ceph — ceph In Ceph, a format string flaw was found in the way libradosstriper parses input from user. A user could crash an application or service using the libradosstriper library. 2018-07-27 not yet calculated CVE-2017-7519
BID
CONFIRM

chamanet — memocgi

Directory traversal vulnerability in ChamaNet MemoCGI v2.1800 to v2.2200 allows remote attackers to read arbitrary files via unspecified vectors. 2018-07-26 not yet calculated CVE-2018-0617
JVN
CONFIRM

chamilo — chamilo-lms

Chamilo LMS version 11.x contains an Unserialization vulnerability in the “hash” GET parameter for the api endpoint located at /webservices/api/v2.php that can result in Unauthenticated remote code execution. This attack appear to be exploitable via a simple GET request to the api endpoint. This vulnerability appears to have been fixed in After commit 0de84700648f098c1fbf6b807dee28ec640efe62. 2018-07-23 not yet calculated CVE-2018-1999019
CONFIRM
MISC

cloud_foundry_foundation — uaa

Cloud Foundry UAA, versions 4.19 prior to 4.19.2 and 4.12 prior to 4.12.4 and 4.10 prior to 4.10.2 and 4.7 prior to 4.7.6 and 4.5 prior to 4.5.7, incorrectly authorizes requests to admin endpoints by accepting a valid refresh token in lieu of an access token. Refresh tokens by design have a longer expiration time than access tokens, allowing the possessor of a refresh token to authenticate longer than expected. This affects the administrative endpoints of the UAA. i.e. /Users, /Groups, etc. However, if the user has been deleted or had groups removed, or the client was deleted, the refresh token will no longer be valid. 2018-07-24 not yet calculated CVE-2018-11047
CONFIRM

cthackers — adm-zip

adm-zip npm library before 0.4.9 is vulnerable to directory traversal, allowing attackers to write to arbitrary files via a ../ (dot dot slash) in a Zip archive entry that is mishandled during extraction. This vulnerability is also known as ‘Zip-Slip’. 2018-07-25 not yet calculated CVE-2018-1002204
CONFIRM
CONFIRM
MISC
MISC
MISC
curl — curl curl before 7.53.0 has an incorrect TLS Certificate Status Request extension feature that asks for a fresh proof of the server’s certificate’s validity in the code that checks for a test success or failure. It ends up always thinking there’s valid proof, even when there is none or if the server doesn’t support the TLS extension in question. This could lead to users not detecting when a server’s certificate goes invalid or otherwise be mislead that the server is in a better shape than it is in reality. This flaw also exists in the command line tool (–cert-status). 2018-07-27 not yet calculated CVE-2017-2629
BID
SECTRACK
CONFIRM
CONFIRM
GENTOO
CONFIRM

cybozu — cybozu_garoon

SQL injection vulnerability in the Notifications application in the Cybozu Garoon 3.5.0 to 4.6.2 allows remote authenticated attackers to execute arbitrary SQL commands via unspecified vectors. 2018-07-26 not yet calculated CVE-2018-0607
JVN
CONFIRM

dahua_security — ip_camera_products

Dahua IP camera products using firmware versions prior to V2.400.0000.14.R.20170713 include a version of the Sonia web interface that may be vulnerable to a stack buffer overflow. Dahua IP camera products include an application known as Sonia (/usr/bin/sonia) that provides the web interface and other services for controlling the IP camera remotely. Versions of Sonia included in firmware versions prior to DH_IPC-Consumer-Zi-Themis_Eng_P_V2.408.0000.11.R.20170621 do not validate input data length for the ‘password’ field of the web interface. A remote, unauthenticated attacker may submit a crafted POST request to the IP camera’s Sonia web interface that may lead to out-of-bounds memory operations and loss of availability or remote code execution. The issue was originally identified by the researcher in firmware version DH_IPC-HX1X2X-Themis_EngSpnFrn_N_V2.400.0000.30.R.20160803. 2018-07-24 not yet calculated CVE-2017-3223
BID
CERT-VN

dbpower — dbpower

The DBPOWER U818A WIFI quadcopter drone provides FTP access over its own local access point, and allows full file permissions to the anonymous user. The DBPower U818A WIFI quadcopter drone runs an FTP server that by default allows anonymous access without a password, and provides full filesystem read/write permissions to the anonymous user. A remote user within range of the open access point on the drone may utilize the anonymous user of the FTP server to read arbitrary files, such as images and video recorded by the device, or to replace system files such as /etc/shadow to gain further access to the device. Furthermore, the DBPOWER U818A WIFI quadcopter drone uses BusyBox 1.20.2, which was released in 2012, and may be vulnerable to other known BusyBox vulnerabilities. 2018-07-24 not yet calculated CVE-2017-3209
MISC
CERT-VN
BID
dbus — dbus It was found that subscription-manager’s DBus interface before 1.19.4 let unprivileged user access the com.redhat.RHSM1.Facts.GetFacts and com.redhat.RHSM1.Config.Set methods. An unprivileged local attacker could use these methods to gain access to private information, or launch a privilege escalation attack. 2018-07-27 not yet calculated CVE-2017-2663
BID
CONFIRM
CONFIRM

dhc — dhc_online_shop_app_for_android

The DHC Online Shop App for Android version 3.2.0 and earlier does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. 2018-07-26 not yet calculated CVE-2018-0622
JVN
dotcms — dotcms The dotCMS administration panel, versions 3.7.1 and earlier, are vulnerable to cross-site request forgery. The dotCMS administrator panel contains a cross-site request forgery (CSRF) vulnerability. An attacker can perform actions with the same permissions as a victim user, provided the victim has an active session and is induced to trigger the malicious request. An unauthenticated remote attacker may perform actions with the dotCMS administrator panel with the same permissions of a victim user or execute arbitrary system commands with the permissions of the user running the dotCMS application. 2018-07-24 not yet calculated CVE-2017-3187
BID
CERT-VN
dotcms — dotcms The dotCMS administration panel, versions 3.7.1 and earlier, “Push Publishing” feature in Enterprise Pro is vulnerable to arbitrary file upload. When “Bundle” tar.gz archives uploaded to the Push Publishing feature are decompressed, there are no checks on the types of files which the bundle contains. This vulnerability combined with the path traversal vulnerability (CVE-2017-3188) can lead to remote command execution with the permissions of the user running the dotCMS application. An unauthenticated remote attacker may perform actions with the dotCMS administrator panel with the same permissions of a victim user or execute arbitrary system commands with the permissions of the user running the dotCMS application. 2018-07-24 not yet calculated CVE-2017-3189
BID
CERT-VN
dotcms — dotcms The dotCMS administration panel, versions 3.7.1 and earlier, “Push Publishing” feature in Enterprise Pro is vulnerable to path traversal. When “Bundle” tar.gz archives uploaded to the Push Publishing feature are decompressed, the filenames of its contents are not properly checked, allowing for writing files to arbitrary directories on the file system. These archives may be uploaded directly via the administrator panel, or using the CSRF vulnerability (CVE-2017-3187). An unauthenticated remote attacker may perform actions with the dotCMS administrator panel with the same permissions of a victim user or execute arbitrary system commands with the permissions of the user running the dotCMS application. 2018-07-24 not yet calculated CVE-2017-3188
BID
CERT-VN

dotnetzip.semvered — dotnetzip.semvered

DotNetZip.Semvered before 1.11.0 is vulnerable to directory traversal, allowing attackers to write to arbitrary files via a ../ (dot dot slash) in a Zip archive entry that is mishandled during extraction. This vulnerability is also known as ‘Zip-Slip’. 2018-07-25 not yet calculated CVE-2018-1002205
CONFIRM
CONFIRM
MISC
MISC
MISC
eap — eap
 
It was found in EAP 7 before 7.0.9 that properties based files of the management and the application realm configuration that contain user to role mapping are world readable allowing access to users and roles information to all the users logged in to the system. 2018-07-26 not yet calculated CVE-2017-12167
BID
REDHAT
REDHAT
REDHAT
REDHAT
REDHAT
REDHAT
REDHAT
REDHAT
CONFIRM

echelon — smartserver_and_i.lon

Echelon SmartServer 1 all versions, SmartServer 2 all versions prior to release 4.11.007, i.LON 100 all versions, and i.LON 600 all versions. An attacker can use the SOAP API to retrieve and change sensitive configuration items such as the usernames and passwords for the Web and FTP servers. This vulnerability does not affect the i.LON 600 product. 2018-07-24 not yet calculated CVE-2018-10627
MISC
echelon — smartserver_and_i.lon Echelon SmartServer 1 all versions, SmartServer 2 all versions prior to release 4.11.007, i.LON 100 all versions, and i.LON 600 all versions. The devices allow unencrypted Web connections by default, and devices can receive configuration and firmware updates by unsecure FTP. 2018-07-24 not yet calculated CVE-2018-8855
MISC
echelon — smartserver_and_i.lon Echelon SmartServer 1 all versions, SmartServer 2 all versions prior to release 4.11.007, i.LON 100 all versions, and i.LON 600 all versions. The devices store passwords in plaintext, which may allow an attacker with access to the configuration file to log into the SmartServer web user interface. 2018-07-24 not yet calculated CVE-2018-8851
MISC
echelon — smartserver_and_i.lon Echelon SmartServer 1 all versions, SmartServer 2 all versions prior to release 4.11.007, i.LON 100 all versions, and i.LON 600 all versions. An attacker can bypass the required authentication specified in the security configuration file by including extra characters in the directory name when specifying the directory to be accessed. This vulnerability does not affect the i.LON 600 product. 2018-07-24 not yet calculated CVE-2018-8859
MISC
f5 — big-ip On F5 BIG-IP DNS 13.1.0-13.1.0.7, 12.1.3-12.1.3.5, DNS Express / DNS Zones accept NOTIFY messages on the management interface from source IP addresses not listed in the ‘Allow NOTIFY From’ configuration parameter when the db variable “dnsexpress.notifyport” is set to any value other than the default of “0”. 2018-07-25 not yet calculated CVE-2018-5538
CONFIRM
f5 — big-ip A remote attacker may be able to disrupt services on F5 BIG-IP 13.0.0-13.1.0.5, 12.1.0-12.1.3.5, 11.6.0-11.6.3.1, or 11.2.1-11.5.6 if the TMM virtual server is configured with a HTML or a Rewrite profile. TMM may restart while processing some specially prepared HTML content from the back end. 2018-07-25 not yet calculated CVE-2018-5537
CONFIRM
f5 — big-ip A remote attacker via undisclosed measures, may be able to exploit an F5 BIG-IP APM 13.0.0-13.1.0.7 or 12.1.0-12.1.3.5 virtual server configured with an APM per-request policy object and cause a memory leak in the APM module. 2018-07-25 not yet calculated CVE-2018-5536
CONFIRM
f5 — big-ip Under certain conditions, on F5 BIG-IP ASM 13.0.0-13.1.0.7, 12.1.0-12.1.3.5, 11.6.0-11.6.3.1, 11.5.1-11.5.6, or 11.2.1, when processing CSRF protections, the BIG-IP ASM bd process may restart and produce a core file. 2018-07-25 not yet calculated CVE-2018-5539
CONFIRM
f5 — big-ip Through undisclosed methods, on F5 BIG-IP 13.0.0-13.1.0.7, 12.1.0-12.1.3.5, 11.6.0-11.6.3.1, or 11.2.1-11.5.6, adjacent network attackers can cause a denial of service for VCMP guest and host systems. Attack must be sourced from adjacent network (layer 2). 2018-07-25 not yet calculated CVE-2018-5531
CONFIRM
f5 — big-ip When F5 BIG-IP ASM 13.0.0-13.1.0.1, 12.1.0-12.1.3.5, 11.6.0-11.6.3.1, or 11.5.1-11.5.6 is processing HTTP requests, an unusually large number of parameters can cause excessive CPU usage in the BIG-IP ASM bd process. 2018-07-25 not yet calculated CVE-2018-5541
BID
CONFIRM
f5 — big-ip F5 BIG-IP 13.0.0-13.0.1, 12.1.0-12.1.3.6, or 11.2.1-11.6.3.2 HTTPS health monitors do not validate the identity of the monitored server. 2018-07-25 not yet calculated CVE-2018-5542
CONFIRM
f5 — big-ip F5 BIG-IP 13.0.0-13.1.0.5, 12.1.0-12.1.3.5, or 11.6.0-11.6.3.1 virtual servers with HTTP/2 profiles enabled are vulnerable to “HPACK Bomb”. 2018-07-25 not yet calculated CVE-2018-5530
CONFIRM
ffmpeg — ffmpeg FFmpeg before commit bab0716c7f4793ec42e05a5aa7e80d82a0dd4e75 contains an out of array access vulnerability in MXF format demuxer that can result in DoS. This attack appear to be exploitable via specially crafted MXF file which has to be provided as input. This vulnerability appears to have been fixed in bab0716c7f4793ec42e05a5aa7e80d82a0dd4e75 and later. 2018-07-23 not yet calculated CVE-2018-1999014
BID
CONFIRM
ffmpeg — ffmpeg FFmpeg before commit 5aba5b89d0b1d73164d3b81764828bb8b20ff32a contains an out of array read vulnerability in ASF_F format demuxer that can result in heap memory reading. This attack appear to be exploitable via specially crafted ASF file that has to provided as input. This vulnerability appears to have been fixed in 5aba5b89d0b1d73164d3b81764828bb8b20ff32a and later. 2018-07-23 not yet calculated CVE-2018-1999015
BID
CONFIRM
ffmpeg — ffmpeg FFmpeg before commit 9807d3976be0e92e4ece3b4b1701be894cd7c2e1 contains a CWE-835: Infinite loop vulnerability in pva format demuxer that can result in a Vulnerability that allows attackers to consume excessive amount of resources like CPU and RAM. This attack appear to be exploitable via specially crafted PVA file has to be provided as input. This vulnerability appears to have been fixed in 9807d3976be0e92e4ece3b4b1701be894cd7c2e1 and later. 2018-07-23 not yet calculated CVE-2018-1999012
BID
CONFIRM
ffmpeg — ffmpeg FFmpeg before commit 2b46ebdbff1d8dec7a3d8ea280a612b91a582869 contains a Buffer Overflow vulnerability in asf_o format demuxer that can result in heap-buffer-overflow that may result in remote code execution. This attack appears to be exploitable via specially crafted ASF file that has to be provided as input to FFmpeg. This vulnerability appears to have been fixed in 2b46ebdbff1d8dec7a3d8ea280a612b91a582869 and later. 2018-07-23 not yet calculated CVE-2018-1999011
BID
CONFIRM
ffmpeg — ffmpeg FFmpeg before commit a7e032a277452366771951e29fd0bf2bd5c029f0 contains a use-after-free vulnerability in the realmedia demuxer that can result in vulnerability allows attacker to read heap memory. This attack appear to be exploitable via specially crafted RM file has to be provided as input. This vulnerability appears to have been fixed in a7e032a277452366771951e29fd0bf2bd5c029f0 and later. 2018-07-23 not yet calculated CVE-2018-1999013
BID
CONFIRM
ffmpeg — ffmpeg FFmpeg before commit cced03dd667a5df6df8fd40d8de0bff477ee02e8 contains multiple out of array access vulnerabilities in the mms protocol that can result in attackers accessing out of bound data. This attack appear to be exploitable via network connectivity. This vulnerability appears to have been fixed in cced03dd667a5df6df8fd40d8de0bff477ee02e8 and later. 2018-07-23 not yet calculated CVE-2018-1999010
BID
CONFIRM
foreman — foreman foreman before version 1.16.0 is vulnerable to a stored XSS in organizations/locations assignment to hosts. Exploiting this requires a user to actively assign hosts to an organization that contains html in its name which is visible to the user prior to taking action. 2018-07-26 not yet calculated CVE-2017-7535
MLIST
BID
CONFIRM
CONFIRM
fuse — fuse In fuse before versions 2.9.8 and 3.x before 3.2.5, fusermount is vulnerable to a restriction bypass when SELinux is active. This allows non-root users to mount a FUSE file system with the ‘allow_other’ mount option regardless of whether ‘user_allow_other’ is set in the fuse configuration. An attacker may use this flaw to mount a FUSE file system, accessible by other users, and trick them into accessing files on that file system, possibly causing Denial of Service or other unspecified effects. 2018-07-24 not yet calculated CVE-2018-10906
CONFIRM
gdm — gdm
 
A flaw was discovered in gdm 3.24.1 where gdm greeter was no longer setting the ran_once boolean during autologin. If autologin was enabled for a victim, an attacker could simply select ‘login as another user’ to unlock their screen. 2018-07-26 not yet calculated CVE-2017-12164
CONFIRM
CONFIRM
gitlab — community_and_enterprise_edition An issue was discovered in GitLab Community and Enterprise Edition before 10.8.7, 11.0.x before 11.0.5, and 11.1.x before 11.1.2. XSS can occur in the branch name during a Web IDE file commit. 2018-07-26 not yet calculated CVE-2018-14605
MISC

gitlab — community_and_enterprise_edition

An issue was discovered in GitLab Community and Enterprise Edition 11.1.x before 11.1.2. A Denial of Service can occur because Markdown rendering times are slow. 2018-07-26 not yet calculated CVE-2018-14601
MISC
gitlab — community_and_enterprise_edition An issue was discovered in GitLab Community and Enterprise Edition before 10.8.7, 11.0.x before 11.0.5, and 11.1.x before 11.1.2. Information Disclosure can occur because the Prometheus metrics feature discloses private project pathnames. 2018-07-26 not yet calculated CVE-2018-14602
MISC
gitlab — community_and_enterprise_edition An issue was discovered in GitLab Community and Enterprise Edition before 10.8.7, 11.0.x before 11.0.5, and 11.1.x before 11.1.2. CSRF can occur in the Test feature of the System Hooks component. 2018-07-26 not yet calculated CVE-2018-14603
MISC
gitlab — community_and_enterprise_edition An issue was discovered in GitLab Community and Enterprise Edition before 10.8.7, 11.0.x before 11.0.5, and 11.1.x before 11.1.2. XSS can occur via a Milestone name during a promotion. 2018-07-26 not yet calculated CVE-2018-14606
MISC
gitlab — community_and_enterprise_edition An issue was discovered in GitLab Community and Enterprise Edition before 10.8.7, 11.0.x before 11.0.5, and 11.1.x before 11.1.2. XSS can occur in the tooltip of the job inside the CI/CD pipeline. 2018-07-26 not yet calculated CVE-2018-14604
MISC

glarysoft — glary_utilities

Untrusted search path vulnerability in the installer of Glarysoft Glary Utilities (Glary Utilities 5.99 and earlier and Glary Utilities Pro 5.99 and earlier) allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. 2018-07-26 not yet calculated CVE-2018-0619
JVN
gleez_cms — gleez_cms Gleezcms Gleez Cms version 1.3.0 contains a Cross Site Scripting (XSS) vulnerability in Profile page that can result in Inject arbitrary web script or HTML via the profile page editor. This attack appear to be exploitable via The victim must navigate to the attacker’s profile page. 2018-07-23 not yet calculated CVE-2018-1999021
CONFIRM
gnome — gnome
 
camel/providers/imapx/camel-imapx-server.c in the IMAPx component in GNOME evolution-data-server before 3.21.2 proceeds with cleartext data containing a password if the client wishes to use STARTTLS but the server will not use STARTTLS, which makes it easier for remote attackers to obtain sensitive information by sniffing the network. The server code was intended to report an error and not proceed, but the code was written incorrectly. 2018-07-20 not yet calculated CVE-2016-10727
MISC
MISC
MISC
MISC
UBUNTU

gnu — libredwg

dwg_decode_eed in decode.c in GNU LibreDWG 0.5.1048 leads to a double free (in dwg_free_eed in free.c) because it does not properly manage the obj->eed value after a free occurs. 2018-07-23 not yet calculated CVE-2018-14524
MISC

gnu_mailmain — mailman

Cross-site scripting vulnerability in Mailman 2.1.26 and earlier allows remote authenticated attackers to inject arbitrary web script or HTML via unspecified vectors. 2018-07-26 not yet calculated CVE-2018-0618
JVN
MLIST
MLIST
DEBIAN
golang — golang mholt/archiver golang package before e4ef56d48eb029648b0e895bb0b6a393ef0829c3 is vulnerable to directory traversal, allowing attackers to write to arbitrary files via a ../ (dot dot slash) in an archive entry that is mishandled during extraction. This vulnerability is also known as ‘Zip-Slip’. 2018-07-25 not yet calculated CVE-2018-1002207
CONFIRM
CONFIRM
MISC
MISC
MISC

golemcms — golemcms

GolemCMS through 2008-12-24, if the install/ directory remains active after an installation, allows remote attackers to execute arbitrary PHP code by inserting this code into the “Database Information” “Table prefix” form field, or obtain sensitive information via a direct request for install/install.sql. 2018-07-24 not yet calculated CVE-2018-14579
MISC
gxlcms — gxlcms The add function in www/Lib/Lib/Action/Admin/TplAction.class.php in Gxlcms v1.1.4 allows remote attackers to read arbitrary files via a crafted index.php?s=Admin-Tpl-ADD-id request, related to Lib/Common/Admin/function.php. 2018-07-28 not yet calculated CVE-2018-14685
MISC
h2 — h2 An issue was discovered in H2 1.4.197. Insecure handling of permissions in the backup function allows attackers to read sensitive files (outside of their permissions) via a symlink to a fake database file. 2018-07-24 not yet calculated CVE-2018-14335
MISC

ibm — sterling_b2b_integrator_standard_edition

IBM Sterling B2B Integrator Standard Edition (IBM Sterling File Gateway 2.2.0 through 2.2.6) uses weaker than expected cryptographic algorithms that could allow a local attacker to decrypt highly sensitive information. IBM X-Force ID: 132032. 2018-07-20 not yet calculated CVE-2017-1575
CONFIRM
BID
XF

ibm — sterling_b2b_integrator_standard_edition

IBM Sterling B2B Integrator Standard Edition 5.2.0 through 5.2.6 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 141551. 2018-07-23 not yet calculated CVE-2018-1513
CONFIRM
XF

ibm — sterling_b2b_integrator_standard_edition

IBM Sterling B2B Integrator Standard Edition (IBM Sterling File Gateway 2.2.0 through 2.2.6) caches usernames and passwords in browsers that could be used by a local attacker to obtain sensitive information. IBM X-Force ID: 130812. 2018-07-20 not yet calculated CVE-2017-1544
CONFIRM
BID
XF

ibm — sterling_file_gateway

IBM Sterling File Gateway 2.2.0 through 2.2.6 could allow a remote authenticated attacker to obtain sensitive information displayed in the URL that could lead to further attacks against the system. IBM X-Force ID: 140688. 2018-07-20 not yet calculated CVE-2018-1470
CONFIRM
BID
XF

ibm — websphere_mq

IBM WebSphere MQ 7.5, 8.0, and 9.0 could allow a remotely authenticated attacker to to send invalid or malformed headers that could cause messages to no longer be transmitted via the affected channel. IBM X-Force ID: 141339. 2018-07-23 not yet calculated CVE-2018-1503
CONFIRM
SECTRACK
XF

idreamsoft — icms

An SSRF vulnerability was discovered in idreamsoft iCMS V7.0.9 that allows attackers to read sensitive files, access an intranet, or possibly have unspecified other impact. 2018-07-23 not yet calculated CVE-2018-14514
MISC

imagemagick — imagemagick

The ReadMATImageV4 function in coders/mat.c in ImageMagick 7.0.8-7 uses an uninitialized variable, leading to memory corruption. 2018-07-23 not yet calculated CVE-2018-14551
MISC
ipa — ipa A vulnerability was found in ipa before 4.4. IdM’s ca-del, ca-disable, and ca-enable commands did not properly check the user’s permissions while modifying CAs in Dogtag. An authenticated, unauthorized attacker could use this flaw to delete, disable, or enable CAs causing various denial of service problems with certificate issuance, OCSP signing, and deletion of secret keys. 2018-07-27 not yet calculated CVE-2017-2590
REDHAT
BID
CONFIRM
jbpmmigration — jbpmmigration It was discovered that the XmlUtils class in jbpmmigration 6.5 performed expansion of external parameter entities while parsing XML files. A remote attacker could use this flaw to read files accessible to the user running the application server and, potentially, perform other more advanced XML eXternal Entity (XXE) attacks. 2018-07-26 not yet calculated CVE-2017-7545
BID
REDHAT
REDHAT
CONFIRM
CONFIRM
jenkins — jenkins A cross-site scripting vulnerability exists in Jenkins 2.132 and earlier, 2.121.1 and earlier in the Stapler web framework’s org/kohsuke/stapler/Stapler.java that allows attackers with the ability to control the existence of some URLs in Jenkins to define JavaScript that would be executed in another user’s browser when that other user views HTTP 404 error pages while Stapler debug mode is enabled. 2018-07-23 not yet calculated CVE-2018-1999007
CONFIRM
jenkins — jenkins It was found that the use of Pipeline: Classpath Step Jenkins plugin enables a bypass of the Script Security sandbox for users with SCM commit access, as well as users with e.g. Job/Configure permission in Jenkins. 2018-07-27 not yet calculated CVE-2017-2650
BID
CONFIRM
jenkins — jenkins It was found that there were no permission checks performed in the Distributed Fork plugin before and including 1.5.0 for Jenkins that provides the dist-fork CLI command beyond the basic check for Overall/Read permission, allowing anyone with that permission to run arbitrary shell commands on all connected nodes. 2018-07-27 not yet calculated CVE-2017-2652
BID
CONFIRM
jenkins — jenkins A exposure of sensitive information vulnerability exists in Jenkins 2.132 and earlier, 2.121.1 and earlier in Plugin.java that allows attackers to determine the date and time when a plugin HPI/JPI file was last extracted, which typically is the date of the most recent installation/upgrade. 2018-07-23 not yet calculated CVE-2018-1999006
CONFIRM
jenkins — jenkins It was found that jenkins-ssh-slaves-plugin before version 1.15 did not perform host key verification, thereby enabling Man-in-the-Middle attacks. 2018-07-27 not yet calculated CVE-2017-2648
BID
CONFIRM
CONFIRM
jenkins — jenkins A Improper authorization vulnerability exists in Jenkins 2.132 and earlier, 2.121.1 and earlier in Queue.java that allows attackers with Overall/Read permission to cancel queued builds. 2018-07-23 not yet calculated CVE-2018-1999003
CONFIRM
jenkins — jenkins A arbitrary file read vulnerability exists in Jenkins 2.132 and earlier, 2.121.1 and earlier in the Stapler web framework’s org/kohsuke/stapler/Stapler.java that allows attackers to send crafted HTTP requests returning the contents of any file on the Jenkins master file system that the Jenkins master has access to. 2018-07-23 not yet calculated CVE-2018-1999002
CONFIRM
jenkins — jenkins jenkins-mailer-plugin before version 1.20 is vulnerable to an information disclosure while using the feature to send emails to a dynamically created list of users based on the changelogs. This could in some cases result in emails being sent to people who have no user account in Jenkins, and in rare cases even people who were not involved in whatever project was being built, due to some mapping based on the local-part of email addresses. 2018-07-27 not yet calculated CVE-2017-2651
BID
CONFIRM
CONFIRM
jenkins — jenkins It was found that the Active Directory Plugin for Jenkins up to and including version 2.2 did not verify certificates of the Active Directory server, thereby enabling Man-in-the-Middle attacks. 2018-07-27 not yet calculated CVE-2017-2649
BID
CONFIRM
jenkins — jenkins A unauthorized modification of configuration vulnerability exists in Jenkins 2.132 and earlier, 2.121.1 and earlier in User.java that allows attackers to provide crafted login credentials that cause Jenkins to move the config.xml file from the Jenkins home directory. If Jenkins is started without this file present, it will revert to the legacy defaults of granting administrator access to anonymous users. 2018-07-23 not yet calculated CVE-2018-1999001
CONFIRM
jenkins — jenkins A cross-site scripting vulnerability exists in Jenkins 2.132 and earlier, 2.121.1 and earlier in BuildTimelineWidget.java, BuildTimelineWidget/control.jelly that allows attackers with Job/Configure permission to define JavaScript that would be executed in another user’s browser when that other user performs some UI actions. 2018-07-23 not yet calculated CVE-2018-1999005
CONFIRM
jenkins — jenkins A Improper authorization vulnerability exists in Jenkins 2.132 and earlier, 2.121.1 and earlier in SlaveComputer.java that allows attackers with Overall/Read permission to initiate agent launches, and abort in-progress agent launches. 2018-07-23 not yet calculated CVE-2018-1999004
CONFIRM
joyplus-cms — joyplus-cms joyplus-cms 1.6.0 has XSS via the manager/collect/collect_vod_zhuiju.php keyword parameter. 2018-07-22 not yet calculated CVE-2018-14500
MISC
joyplus-cms — joyplus-cms manager/admin_ajax.php in joyplus-cms 1.6.0 has SQL Injection, as demonstrated by crafted POST data beginning with an “m_id=1 AND SLEEP(5)” substring. 2018-07-22 not yet calculated CVE-2018-14501
MISC

katello-debug — katello-debug

A flaw was found in katello-debug before 3.4.0 where certain scripts and log files used insecure temporary files. A local user could exploit this flaw to conduct a symbolic-link attack, allowing them to overwrite the contents of arbitrary files. 2018-07-27 not yet calculated CVE-2016-9595
REDHAT
CONFIRM

keycloak — keycloak

It was found that while parsing the SAML messages the StaxParserUtil class of keycloak before 2.5.1 replaces special strings for obtaining attribute values with system property. This could allow an attacker to determine values of system properties at the attacked system by formatting the SAML request ID field to be the chosen system property which could be obtained in the “InResponseTo” field in the response. 2018-07-26 not yet calculated CVE-2017-2582
BID
REDHAT
REDHAT
REDHAT
REDHAT
REDHAT
REDHAT
REDHAT
REDHAT
REDHAT
CONFIRM
CONFIRM
keycloak — keycloak keycloak before version 4.0.0.final is vulnerable to a infinite loop in session replacement. A Keycloak cluster with multiple nodes could mishandle an expired session replacement and lead to an infinite loop. A malicious authenticated user could use this flaw to achieve Denial of Service on the server. 2018-07-23 not yet calculated CVE-2018-10912
CONFIRM
keycloak — keycloak It was found that when Keycloak before 2.5.5 receives a Logout request with a Extensions in the middle of the request, the SAMLSloRequestParser.parse() method ends in a infinite loop. An attacker could use this flaw to conduct denial of service attacks. 2018-07-27 not yet calculated CVE-2017-2646
BID
CONFIRM

krb5 — krb5

An authentication bypass flaw was found in the way krb5’s certauth interface before 1.16.1 handled the validation of client certificates. A remote attacker able to communicate with the KDC could potentially use this flaw to impersonate arbitrary principals under rare and erroneous circumstances. 2018-07-26 not yet calculated CVE-2017-7562
BID
REDHAT
CONFIRM
CONFIRM
CONFIRM
CONFIRM
CONFIRM

lenovo — multiple_products

The IMM2 First Failure Data Capture function collects management module logs and diagnostic information when a hardware error is detected. This information is made available for download through an SFTP server hosted on the IMM2 management network interface. In versions earlier than 4.90 for Lenovo System x and earlier than 6.80 for IBM System x, the credentials to access the SFTP server are hard-coded and described in the IMM2 documentation, allowing an attacker with management network access to obtain the collected FFDC data. After applying the update, the IMM2 will create random SFTP credentials for use with OneCLI. 2018-07-26 not yet calculated CVE-2018-9068
CONFIRM

libgcrypt — libgcrypt

libgcrypt before version 1.7.8 is vulnerable to a cache side-channel attack resulting into a complete break of RSA-1024 while using the left-to-right method for computing the sliding-window expansion. The same attack is believed to work on RSA-2048 with moderately more computation. This side-channel requires that attacker can run arbitrary software on the hardware where the private RSA key is used. 2018-07-26 not yet calculated CVE-2017-7526
BID
SECTRACK
CONFIRM
MISC
CONFIRM
CONFIRM
CONFIRM
MLIST
DEBIAN
DEBIAN

libice — libice

It was discovered that libICE before 1.0.9-8 used a weak entropy to generate keys. A local attacker could potentially use this flaw for session hijacking using the information available from the process list. 2018-07-27 not yet calculated CVE-2017-2626
BID
SECTRACK
REDHAT
CONFIRM
CONFIRM
GENTOO
MISC

liblouis — liblouis

A missing patch for a stack-based buffer overflow in findTable() was found in Red Hat version of liblouis before 2.5.4. An attacker could cause a denial of service condition or potentially even arbitrary code execution. 2018-07-27 not yet calculated CVE-2017-15101
REDHAT
CONFIRM

libmspack — libmspack

An issue was discovered in mspack/chmd.c in libmspack before 0.7alpha. There is an off-by-one error in the TOLOWER() macro for CHM decompression. 2018-07-28 not yet calculated CVE-2018-14682
MISC
MISC
MISC

libmspack — libmspack

An issue was discovered in kwajd_read_headers in mspack/kwajd.c in libmspack before 0.7alpha. Bad KWAJ file header extensions could cause a one or two byte overwrite. 2018-07-28 not yet calculated CVE-2018-14681
MISC
MISC
MISC

libmspack — libmspack

An issue was discovered in mspack/chmd.c in libmspack before 0.7alpha. There is an off-by-one error in the CHM PMGI/PMGL chunk number validity checks, which could lead to denial of service (uninitialized data dereference and application crash). 2018-07-28 not yet calculated CVE-2018-14679
MISC
MISC
MISC

libmspack — libmspack

An issue was discovered in mspack/chmd.c in libmspack before 0.7alpha. It does not reject blank CHM filenames. 2018-07-28 not yet calculated CVE-2018-14680
MISC
MISC
MISC

libwav — libwav

An issue has been found in libwav through 2017-04-20. It is a SEGV in the function wav_write in libwav.c. 2018-07-23 not yet calculated CVE-2018-14549
MISC
MISC

libxdmcp — libxdmcp

It was discovered that libXdmcp before 1.1.2 including used weak entropy to generate session keys. On a multi-user system using xdmcp, a local attacker could potentially use information available from the process list to brute force the key, allowing them to hijack other users’ sessions. 2018-07-27 not yet calculated CVE-2017-2625
BID
SECTRACK
REDHAT
CONFIRM
GENTOO
MISC

lica — minicmts_e8k_devices

LICA miniCMTS E8K(u/i/…) devices allow remote attackers to obtain sensitive information via a direct POST request for the inc/user.ini file, leading to discovery of a password hash. 2018-07-25 not yet calculated CVE-2018-14083
MISC
linux — linux_kernel An issue was discovered in the Linux kernel through 4.17.10. There is a buffer overflow in truncate_inline_inode() in fs/f2fs/inline.c when umounting an f2fs image, because a length value may be negative. 2018-07-27 not yet calculated CVE-2018-14615
MISC
linux — linux_kernel An issue was discovered in the Linux kernel through 4.17.10. There is an out-of-bounds access in __remove_dirty_segment() in fs/f2fs/segment.c when mounting an f2fs image. 2018-07-27 not yet calculated CVE-2018-14614
MISC
linux — linux_kernel A flaw was found in Linux kernel’s KVM virtualization subsystem. The VMX code does not restore the GDT.LIMIT to the previous host value, but instead sets it to 64KB. With a corrupted GDT limit a host’s userspace code has an ability to place malicious entries in the GDT, particularly to the per-cpu variables. An attacker can use this to escalate their privileges. 2018-07-26 not yet calculated CVE-2018-10901
CONFIRM
CONFIRM
linux — linux_kernel Linux kernel is vulnerable to a stack-out-of-bounds write in the ext4 filesystem code when mounting and writing to a crafted ext4 image in ext4_update_inline_data(). An attacker could use this to cause a system crash and a denial of service. 2018-07-25 not yet calculated CVE-2018-10880
CONFIRM
CONFIRM
CONFIRM
CONFIRM
MLIST
linux — linux_kernel An issue was discovered in the Linux kernel through 4.17.10. There is a NULL pointer dereference and panic in hfsplus_lookup() in fs/hfsplus/dir.c when opening a file (that is purportedly a hard link) in an hfs+ filesystem that has malformed catalog data, and is mounted read-only without a metadata directory. 2018-07-27 not yet calculated CVE-2018-14617
MISC
MISC
linux — linux_kernel It was found that the Linux kernel’s Datagram Congestion Control Protocol (DCCP) implementation before 2.6.22.17 used the IPv4-only inet_sk_rebuild_header() function for both IPv4 and IPv6 DCCP connections, which could result in memory corruptions. A remote attacker could use this flaw to crash the system. 2018-07-27 not yet calculated CVE-2017-2634
REDHAT
REDHAT
REDHAT
BID
SECTRACK
CONFIRM
CONFIRM
linux — linux_kernel An issue was discovered in the Linux kernel through 4.17.10. There is out-of-bounds access in write_extent_buffer() when mounting and operating a crafted btrfs image, because of a lack of verification that each block group has a corresponding chunk at mount time, within btrfs_read_block_groups in fs/btrfs/extent-tree.c. 2018-07-27 not yet calculated CVE-2018-14610
MISC
MISC
linux — linux_kernel A flaw was found in the Linux kernel’s handling of clearing SELinux attributes on /proc/pid/attr files before 4.9.10. An empty (null) write to this file can crash the system by causing the system to attempt to access unmapped kernel memory. 2018-07-27 not yet calculated CVE-2017-2618
BID
REDHAT
REDHAT
REDHAT
CONFIRM
CONFIRM
MLIST
DEBIAN
linux — linux_kernel An issue was discovered in the Linux kernel through 4.17.11, as used in Xen through 4.11.x. The xen_failsafe_callback entry point in arch/x86/entry/entry_64.S does not properly maintain RBX, which allows local users to cause a denial of service (uninitialized memory usage and system crash). Within Xen, 64-bit x86 PV Linux guest OS users can trigger a guest OS crash or possibly gain privileges. 2018-07-28 not yet calculated CVE-2018-14678
MISC
linux — linux_kernel A kernel data leak due to an out-of-bound read was found in the Linux kernel in inet_diag_msg_sctp{,l}addr_fill() and sctp_get_sctp_info() functions present since version 4.7-rc1 through version 4.13. A data leak happens when these functions fill in sockaddr data structures used to export socket’s diagnostic information. As a result, up to 100 bytes of the slab data could be leaked to a userspace. 2018-07-26 not yet calculated CVE-2017-7558
MLIST
BID
SECTRACK
REDHAT
REDHAT
REDHAT
CONFIRM
MLIST
DEBIAN
linux — linux_kernel A flaw was found in the Linux kernel’s ext4 filesystem. A local user can cause an out-of-bounds write and a denial of service or unspecified other impact is possible by mounting and operating a crafted ext4 filesystem image. 2018-07-26 not yet calculated CVE-2018-10878
CONFIRM
CONFIRM
CONFIRM
CONFIRM
CONFIRM
CONFIRM
MLIST
linux — linux_kernel An issue was discovered in the Linux kernel through 4.17.10. There is an invalid pointer dereference in io_ctl_map_page() when mounting and operating a crafted btrfs image, because of a lack of block group item validation in check_leaf_item in fs/btrfs/tree-checker.c. 2018-07-27 not yet calculated CVE-2018-14613
MISC
MISC
linux — linux_kernel An issue was discovered in the Linux kernel through 4.17.10. There is an invalid pointer dereference in __del_reloc_root() in fs/btrfs/relocation.c when mounting a crafted btrfs image, related to removing reloc rb_trees when reloc control has not been initialized. 2018-07-27 not yet calculated CVE-2018-14609
MISC
MISC
linux — linux_kernel An issue was discovered in the Linux kernel through 4.17.10. There is an invalid pointer dereference in btrfs_root_node() when mounting a crafted btrfs image, because of a lack of chunk block group mapping validation in btrfs_read_block_groups in fs/btrfs/extent-tree.c, and a lack of empty-tree checks in check_leaf in fs/btrfs/tree-checker.c. 2018-07-27 not yet calculated CVE-2018-14612
MISC
MISC
MISC
linux — linux_kernel A flaw was found in the Linux kernel’s ext4 filesystem. A local user can cause an out-of-bound access in ext4_get_group_info function, a denial of service, and a system crash by mounting and operating on a crafted ext4 filesystem image. 2018-07-26 not yet calculated CVE-2018-10881
CONFIRM
CONFIRM
CONFIRM
CONFIRM
MLIST

linux — linux_kernel

A flaw was found in the Linux kernel’s ext4 filesystem. A local user can cause a use-after-free in ext4_xattr_set_entry function and a denial of service or unspecified other impact may occur by renaming a file in a crafted ext4 filesystem image. 2018-07-26 not yet calculated CVE-2018-10879
CONFIRM
CONFIRM
CONFIRM
CONFIRM
CONFIRM
CONFIRM
MLIST
linux — linux_kernel A flaw was found in Linux kernel in the ext4 filesystem code. A use-after-free is possible in ext4_ext_remove_space() function when mounting and operating a crafted ext4 image. 2018-07-26 not yet calculated CVE-2018-10876
CONFIRM
CONFIRM
CONFIRM
CONFIRM
MLIST
linux — linux_kernel A flaw was found in the Linux kernel’s ext4 filesystem. A local user can cause an out-of-bound write in in fs/jbd2/transaction.c code, a denial of service, and a system crash by unmounting a crafted ext4 filesystem image. 2018-07-27 not yet calculated CVE-2018-10882
CONFIRM
CONFIRM
CONFIRM
MLIST
linux — linux_kernel An issue was discovered in the Linux kernel through 4.17.10. There is a use-after-free in try_merge_free_space() when mounting a crafted btrfs image, because of a lack of chunk type flag checks in btrfs_check_chunk_valid in fs/btrfs/volumes.c. 2018-07-27 not yet calculated CVE-2018-14611
MISC
MISC
linux — linux_kernel The timer_create syscall implementation in kernel/time/posix-timers.c in the Linux kernel before 4.14.8 doesn’t properly validate the sigevent->sigev_notify field, which leads to out-of-bounds access in the show_timer function (called when /proc/$PID/timers is read). This allows userspace applications to read arbitrary kernel memory (on a kernel built with CONFIG_POSIX_TIMERS and CONFIG_CHECKPOINT_RESTORE). 2018-07-26 not yet calculated CVE-2017-18344
MISC
MISC
linux — linux_kernel An issue was discovered in the Linux kernel through 4.17.10. There is a NULL pointer dereference in fscrypt_do_page_crypto() in fs/crypto/crypto.c when operating on a file in a corrupted f2fs image. 2018-07-27 not yet calculated CVE-2018-14616
MISC

linux — util-linux

A race condition was found in util-linux before 2.32.1 in the way su handled the management of child processes. A local authenticated attacker could use this flaw to kill other processes with root privileges under specific conditions. 2018-07-27 not yet calculated CVE-2017-2616
REDHAT
BID
SECTRACK
REDHAT
CONFIRM
CONFIRM
GENTOO
DEBIAN

logicool — connection_utility_software

Untrusted search path vulnerability in LOGICOOL CONNECTION UTILITY SOFTWARE versions before 2.30.9 allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. 2018-07-26 not yet calculated CVE-2018-0621
JVN

logicool — game_software

Untrusted search path vulnerability in LOGICOOL Game Software versions before 8.87.116 allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. 2018-07-26 not yet calculated CVE-2018-0620
JVN

mathjax — mathjax

MathJax version prior to version 2.7.4 contains a Cross Site Scripting (XSS) vulnerability in the \unicode{} macro that can result in Potentially untrusted Javascript running within a web browser. This attack appear to be exploitable via The victim must view a page where untrusted content is processed using Mathjax. This vulnerability appears to have been fixed in 2.7.4 and later. 2018-07-23 not yet calculated CVE-2018-1999024
MISC
CONFIRM

mcafee — data_loss_prevention

Exploiting Incorrectly Configured Access Control Security Levels vulnerability in McAfee Data Loss Prevention (DLP) for Windows versions prior to 10.0.505 and 11.0.405 allows local users to bypass DLP policy via editing of local policy files when offline. 2018-07-23 not yet calculated CVE-2018-6683
CONFIRM

mcafee — drive_encryption

Authentication Bypass vulnerability in TPM autoboot in McAfee Drive Encryption (MDE) 7.1.0 and above allows physically proximate attackers to bypass local security protection via specific set of circumstances. 2018-07-27 not yet calculated CVE-2018-6686
CONFIRM

mcafee — web_gateway

Configuration/Environment manipulation vulnerability in the administrative interface in McAfee Web Gateway (MWG) MWG 7.8.1.x allows authenticated administrator users to execute arbitrary commands via unspecified vectors. 2018-07-23 not yet calculated CVE-2018-6678
BID
CONFIRM

mcafee — web_gateway

Directory Traversal vulnerability in the administrative user interface in McAfee Web Gateway (MWG) MWG 7.8.1.x allows authenticated administrator users to gain elevated privileges via unspecified vectors. 2018-07-23 not yet calculated CVE-2018-6677
BID
CONFIRM

mitmproxy — mitmproxy

mitmweb in mitmproxy v4.0.3 allows DNS Rebinding attacks, related to tools/web/app.py. 2018-07-22 not yet calculated CVE-2018-14505
CONFIRM
CONFIRM

moxa — nport

In Moxa NPort 5210, 5230, and 5232 versions 2.9 build 17030709 and prior, the amount of resources requested by a malicious actor are not restricted, allowing for a denial-of-service condition. 2018-07-24 not yet calculated CVE-2018-10632
BID
MISC

multiple_vendors — das_u-boot_aes-cbc_encryption

Das U-Boot is a device bootloader that can read its configuration from an AES encrypted file. For devices utilizing this environment encryption mode, U-Boot’s use of a zero initialization vector may allow attacks against the underlying cryptographic implementation and allow an attacker to decrypt the data. Das U-Boot’s AES-CBC encryption feature uses a zero (0) initialization vector. This allows an attacker to perform dictionary attacks on encrypted data produced by Das U-Boot to learn information about the encrypted data. 2018-07-24 not yet calculated CVE-2017-3225
BID
CERT-VN

multiple_vendors — das_u-boot_aes-cbc_encryption

Das U-Boot is a device bootloader that can read its configuration from an AES encrypted file. Devices that make use of Das U-Boot’s AES-CBC encryption feature using environment encryption (i.e., setting the configuration parameter CONFIG_ENV_AES=y) read environment variables from disk as the encrypted disk image is processed. An attacker with physical access to the device can manipulate the encrypted environment data to include a crafted two-byte sequence which triggers an error in environment variable parsing. This error condition is improperly handled by Das U-Boot, resulting in an immediate process termination with a debugging message. 2018-07-24 not yet calculated CVE-2017-3226
BID
CERT-VN

multiple_vendors — multiple_products

Applications developed using the Portrait Display SDK, versions 2.30 through 2.34, default to insecure configurations which allow arbitrary code execution. A number of applications developed using the Portrait Displays SDK do not use secure permissions when running. These applications run the component pdiservice.exe with NT AUTHORITY/SYSTEM permissions. This component is also read/writable by all Authenticated Users. This allows local authenticated attackers to run arbitrary code with SYSTEM privileges. The following applications have been identified by Portrait Displays as affected: Fujitsu DisplayView Click: Version 6.0 and 6.01. The issue was fixed in Version 6.3. Fujitsu DisplayView Click Suite: Version 5. The issue is addressed by patch in Version 5.9. HP Display Assistant: Version 2.1. The issue was fixed in Version 2.11. HP My Display: Version 2.0. The issue was fixed in Version 2.1. Philips Smart Control Premium: Versions 2.23, 2.25. The issue was fixed in Version 2.26. 2018-07-24 not yet calculated CVE-2017-3210
CERT-VN
BID

multiple_vendors — open_shortest_path_first_protocol

Open Shortest Path First (OSPF) protocol implementations may improperly determine Link State Advertisement (LSA) recency for LSAs with MaxSequenceNumber. According to RFC 2328 section 13.1, for two instances of the same LSA, recency is determined by first comparing sequence numbers, then checksums, and finally MaxAge. In a case where the sequence numbers are the same, the LSA with the larger checksum is considered more recent, and will not be flushed from the Link State Database (LSDB). Since the RFC does not explicitly state that the values of links carried by a LSA must be the same when prematurely aging a self-originating LSA with MaxSequenceNumber, it is possible in vulnerable OSPF implementations for an attacker to craft a LSA with MaxSequenceNumber and invalid links that will result in a larger checksum and thus a ‘newer’ LSA that will not be flushed from the LSDB. Propagation of the crafted LSA can result in the erasure or alteration of the routing tables of routers within the routing domain, creating a denial of service condition or the re-routing of traffic on the network. CVE-2017-3224 has been reserved for Quagga and downstream implementations (SUSE, openSUSE, and Red Hat packages). 2018-07-24 not yet calculated CVE-2017-3224
CERT-VN

navarino — infinity_web_interface

Navarino Infinity web interface up to version 2.2 exposes an unauthenticated script that is prone to blind sql injection. If successfully exploited the user can get info from the underlying postgresql database that could lead into to total compromise of the product. The said script is available with no authentication. 2018-07-24 not yet calculated CVE-2018-5384
BID
MISC
MISC
CERT-VN

navarino — infinity_web_interface

Some Navarino Infinity functions, up to version 2.2, placed in the URL can bypass any authentication mechanism leading to an information leak. 2018-07-24 not yet calculated CVE-2018-5386
BID
MISC
MISC
CERT-VN

navarino — infinity_web_interface

Navarino Infinity is prone to session fixation attacks. The server accepts the session ID as a GET parameter which can lead to bypassing the two factor authentication in some installations. This could lead to phishing attacks that can bypass the two factor authentication that is present in some installations. 2018-07-24 not yet calculated CVE-2018-5385
BID
MISC
MISC
CERT-VN

nec_platforms — csdx_and_csdj_series_products

NEC Platforms Calsos CSDX and CSDJ series products (CSDX 1.37210411 and earlier, CSDX(P) 4.37210411 and earlier, CSDX(D) 3.37210411 and earlier, CSDX(S) 2.37210411 and earlier, CSDJ-B 01.03.00 and earlier, CSDJ-H 01.03.00 and earlier, CSDJ-D 01.03.00 and earlier, CSDJ-A 03.00.00) allows remote authenticated attackers to bypass access restriction to conduct arbitrary operations with administrative privilege via unspecified vectors. 2018-07-26 not yet calculated CVE-2018-0613
JVN
CONFIRM

nec_platforms — csdx_and_csdj_series_products

Cross-site scripting vulnerability in NEC Platforms Calsos CSDX and CSDJ series products (CSDX 1.37210411 and earlier, CSDX(P) 4.37210411 and earlier, CSDX(D) 3.37210411 and earlier, CSDX(S) 2.37210411 and earlier, CSDJ-B 01.03.00 and earlier, CSDJ-H 01.03.00 and earlier, CSDJ-D 01.03.00 and earlier, CSDJ-A 03.00.00) allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. 2018-07-26 not yet calculated CVE-2018-0614
JVN
CONFIRM

netgear — dgn2200_router

A vulnerability is in the ‘BSW_cxttongr.htm’ page of the Netgear DGN2200, version DGN2200-V1.0.0.50_7.0.50, and DGND3700, version DGND3700-V1.0.0.17_1.0.17, which can allow a remote attacker to access this page without any authentication. When processed, it exposes the admin password in clear text before it gets redirected to absw_vfysucc.cgia. An attacker can use this password to gain administrator access to the targeted router’s web interface. 2018-07-24 not yet calculated CVE-2016-5649
MISC

netgear — wndr4500_router

There are few web pages associated with the genie app on the Netgear WNDR4500 running firmware version V1.0.1.40_1.0.6877. Genie app adds some capabilities over the Web GUI and can be accessed even when you are away from home. A remote attacker can access genie_ping.htm or genie_ping2.htm or genie_ping3.htm page without authentication. Once accessed, the page will be redirected to the aCongratulations2.htma page, which reveals some sensitive information such as 2.4GHz & 5GHz Wireless Network Name (SSID) and Network Key (Password) in clear text. 2018-07-24 not yet calculated CVE-2016-5638
MISC

netpbm — netpbm

An out-of-bounds write vulnerability was found in netpbm before 10.61. A maliciously crafted file could cause the application to crash or possibly allow code execution. 2018-07-27 not yet calculated CVE-2017-2580
BID
CONFIRM

netpbm — netpbm

An out-of-bounds read vulnerability was found in netpbm before 10.61. The expandCodeOntoStack() function has an insufficient code value check, so that a maliciously crafted file could cause the application to crash or possibly allows code execution. 2018-07-27 not yet calculated CVE-2017-2579
BID
CONFIRM

netpbm — netpbm

A null pointer dereference vulnerability was found in netpbm before 10.61. A maliciously crafted SVG file could cause the application to crash. 2018-07-27 not yet calculated CVE-2017-2586
BID
CONFIRM

netpbm — netpbm

A memory allocation vulnerability was found in netpbm before 10.61. A maliciously crafted SVG file could cause the application to crash. 2018-07-27 not yet calculated CVE-2017-2587
BID
CONFIRM

netpbm — netpbm

An out-of-bounds write vulnerability was found in netpbm before 10.61. A maliciously crafted file could cause the application to crash or possibly allow code execution. 2018-07-27 not yet calculated CVE-2017-2581
BID
CONFIRM

network — manager_vpnc

Network Manager VPNC plugin (aka networkmanager-vpnc) before version 1.2.6 is vulnerable to a privilege escalation attack. A new line character can be used to inject a Password helper parameter into the configuration data passed to VPNC, allowing an attacker to execute arbitrary commands as root. 2018-07-26 not yet calculated CVE-2018-10900
CONFIRM
CONFIRM
CONFIRM
CONFIRM
MISC
DEBIAN

niushop — b2b2c_multi-business_basic

A file upload vulnerability in application/shop/controller/member.php in Niushop B2B2C Multi-business basic version V1.11 allows any remote member to upload a .php file to the web server via a profile avatar field, by using an image Content-Type (e.g., image/jpeg) with a modified filename and file content. This results in arbitrary code execution by requesting that .php file. 2018-07-23 not yet calculated CVE-2018-14570
MISC

october — cms

October CMS version prior to build 437 contains a Cross Site Scripting (XSS) vulnerability in the Media module and create folder functionality that can result in an Authenticated user with media module permission creating arbitrary folder name with XSS content. This attack appear to be exploitable via an Authenticated user with media module permission who can create arbitrary folder name (XSS). This vulnerability appears to have been fixed in build 437. 2018-07-23 not yet calculated CVE-2018-1999008
CONFIRM

october — cms

October CMS version prior to Build 437 contains a Local File Inclusion vulnerability in modules/system/traits/ViewMaker.php#244 (makeFileContents function) that can result in Sensitive information disclosure and remote code execution. This attack appear to be exploitable remotely if the /backend path is accessible. This vulnerability appears to have been fixed in Build 437. 2018-07-23 not yet calculated CVE-2018-1999009
CONFIRM

open-audit — community

Cross-site scripting (XSS) vulnerability in the Groups Page in Open-Audit Community 2.2.6 allows remote attackers to inject arbitrary web script or HTML via the group name. 2018-07-25 not yet calculated CVE-2018-14493
MISC

open_networking_foundation — onos

Open Networking Foundation (ONF) ONOS version 1.13.2 and earlier version contains a Directory Traversal vulnerability in core/common/src/main/java/org/onosproject/common/app/ApplicationArchive.java line 35 that can result in arbitrary file deletion (overwrite). This attack appear to be exploitable via a specially crafted zip file should be uploaded. 2018-07-23 not yet calculated CVE-2018-1999020
MISC
CONFIRM

openshift — enterprise

A flaw was found in all Openshift Enterprise versions using the openshift elasticsearch plugin. An attacker with knowledge of the given name used to authenticate and access Elasticsearch can later access it without the token, bypassing authentication. This attack also requires that the Elasticsearch be configured with an external route, and the data accessed is limited to the indices. 2018-07-27 not yet calculated CVE-2017-12195
REDHAT
REDHAT
CONFIRM

ovirt-engine — ovirt-engine

ovirt-engine before version 4.1.7.6 with log level set to DEBUG includes passwords in the log file without masking. Only administrators can change the log level and only administrators can access the logs. This presents a risk when debug-level logs are shared with vendors or other parties to troubleshoot issues. 2018-07-27 not yet calculated CVE-2017-15113
BID
REDHAT
CONFIRM
CONFIRM

pear — html_quickform

PEAR HTML_QuickForm version 3.2.14 contains an eval injection (CWE-95) vulnerability in HTML_QuickForm’s getSubmitValue method, HTML_QuickForm’s validate method, HTML_QuickForm_hierselect’s _setOptions method, HTML_QuickForm_element’s _findValue method, HTML_QuickForm_element’s _prepareValue method. that can result in Possible information disclosure, possible impact on data integrity and execution of arbitrary code. This attack appear to be exploitable via A specially crafted query string could be utilised, e.g. http://www.example.com/admin/add_practice_type_id[1]=fubar%27])%20OR%20die(%27OOK!%27);%20//&mode=live. This vulnerability appears to have been fixed in 3.2.15. 2018-07-23 not yet calculated CVE-2018-1999022
CONFIRM
CONFIRM

pidgin — pidgin

An out-of-bounds write flaw was found in the way Pidgin before 2.12.0 processed XML content. A malicious remote server could potentially use this flaw to crash Pidgin or execute arbitrary code in the context of the pidgin process. 2018-07-27 not yet calculated CVE-2017-2640
BID
REDHAT
CONFIRM
GENTOO
DEBIAN

pivotal — application_service

Pivotal Apps Manager included in Pivotal Application Service, versions 2.2.x prior to 2.2.1 and 2.1.x prior to 2.1.8 and 2.0.x prior to 2.0.17 and 1.12.x prior to 1.12.26, does not escape all user-provided content when sending invitation emails. A malicious authenticated user can inject content into an invite to another user, exploiting the trust implied by the source of the email. 2018-07-24 not yet calculated CVE-2018-11044
CONFIRM

plexus-archiver — plexus-archiver

plexus-archiver before 3.6.0 is vulnerable to directory traversal, allowing attackers to write to arbitrary files via a ../ (dot dot slash) in an archive entry that is mishandled during extraction. This vulnerability is also known as ‘Zip-Slip’. 2018-07-25 not yet calculated CVE-2018-1002200
REDHAT
REDHAT
CONFIRM
CONFIRM
MISC
MISC
MISC
DEBIAN

poppler — poppler

Poppler through 0.62 contains a Buffer Overflow vulnerability due to an incorrect memory access that is not mapped in its memory space, as demonstrated by pdfunite. This can result in memory corruption and denial of service. This may be exploitable when a victim opens a specially crafted PDF file. 2018-07-25 not yet calculated CVE-2018-13988
MISC

postgresql — postgresql

Privilege escalation flaws were found in the Red Hat initialization scripts of PostgreSQL. An attacker with access to the postgres user account could use these flaws to obtain root access on the server machine. 2018-07-27 not yet calculated CVE-2017-15097
SECTRACK
REDHAT
REDHAT
REDHAT
REDHAT
CONFIRM

powerdns — recursor

An issue has been found in the parsing of authoritative answers in PowerDNS Recursor before 4.0.8, leading to a NULL pointer dereference when parsing a specially crafted answer containing a CNAME of a different class than IN. An unauthenticated remote attacker could cause a denial of service. 2018-07-27 not yet calculated CVE-2017-15120
MLIST
CONFIRM
CONFIRM
DEBIAN

pydio — pydio

Pydio version 8.2.0 and earlier contains a Cross Site Scripting (XSS) vulnerability in ./core/vendor/meenie/javascript-packer/example-inline.php line 48; ./core/vendor/dapphp/securimage/examples/test.mysql.static.php lines: 114,118 that can result in an unauthenticated remote attacker manipulating the web client via XSS code injection. This attack appear to be exploitable via the victim openning a specially crafted URL. This vulnerability appears to have been fixed in version 8.2.1. 2018-07-23 not yet calculated CVE-2018-1999016
CONFIRM
MISC

pydio — pydio

Pydio version 8.2.1 and prior contains an Unvalidated user input leading to Remote Code Execution (RCE) vulnerability in plugins/action.antivirus/AntivirusScanner.php: Line 124, scanNow($nodeObject) that can result in An attacker gaining admin access and can then execute arbitrary commands on the underlying OS. This attack appear to be exploitable via The attacker edits the Antivirus Command in the antivirus plugin, and executes the payload by uploading any file within Pydio. 2018-07-23 not yet calculated CVE-2018-1999018
MISC

pydio — pydio

Pydio version 8.2.0 and earlier contains a Server-Side Request Forgery (SSRF) vulnerability in plugins/action.updater/UpgradeManager.php Line: 154, getUpgradePath($url) that can result in an authenticated admin users requesting arbitrary URL’s, pivoting requests through the server. This attack appears to be exploitable via the attacker gaining access to an administrative account, enters a URL into Upgrade Engine, and reloads the page or presses “Check Now”. This vulnerability appears to have been fixed in 8.2.1. 2018-07-23 not yet calculated CVE-2018-1999017
CONFIRM
MISC

qemu — qemu

An out-of-bounds memory access issue was found in Quick Emulator (QEMU) before 1.7.2 in the VNC display driver. This flaw could occur while refreshing the VNC display surface area in the ‘vnc_refresh_server_surface’. A user inside a guest could use this flaw to crash the QEMU process. 2018-07-27 not yet calculated CVE-2017-2633
MLIST
BID
REDHAT
REDHAT
REDHAT
REDHAT
CONFIRM
CONFIRM
CONFIRM

qemu — qemu

A heap buffer overflow flaw was found in QEMU’s Cirrus CLGD 54xx VGA emulator’s VNC display driver support before 2.9; the issue could occur when a VNC client attempted to update its display after a VGA operation is performed by a guest. A privileged user/process inside a guest could use this flaw to crash the QEMU process or, potentially, execute arbitrary code on the host with privileges of the QEMU process. 2018-07-27 not yet calculated CVE-2016-9603
BID
SECTRACK
REDHAT
REDHAT
REDHAT
REDHAT
REDHAT
REDHAT
REDHAT
REDHAT
REDHAT
REDHAT
REDHAT
CONFIRM
MLIST
GENTOO
CONFIRM

qemu — qemu

Quick emulator (QEMU) before 2.8 built with the Cirrus CLGD 54xx VGA Emulator support is vulnerable to an out-of-bounds access issue. The issue could occur while copying VGA data in cirrus_bitblt_cputovideo. A privileged user inside guest could use this flaw to crash the QEMU process OR potentially execute arbitrary code on host with privileges of the QEMU process. 2018-07-27 not yet calculated CVE-2017-2620
REDHAT
REDHAT
REDHAT
REDHAT
REDHAT
REDHAT
REDHAT
REDHAT
REDHAT
REDHAT
REDHAT
REDHAT
MLIST
BID
SECTRACK
CONFIRM
MLIST
MLIST
GENTOO
GENTOO
CONFIRM
CONFIRM

qemu — qemu

The Network Block Device (NBD) server in Quick Emulator (QEMU) before 2.11 is vulnerable to a denial of service issue. It could occur if a client sent large option requests, making the server waste CPU time on reading up to 4GB per request. A client could use this flaw to keep the NBD server from serving other requests, resulting in DoS. 2018-07-27 not yet calculated CVE-2017-15119
MISC
BID
REDHAT
REDHAT
CONFIRM
MISC
UBUNTU
DEBIAN

qemu — qemu

A stack buffer overflow flaw was found in the Quick Emulator (QEMU) before 2.9 built with the Network Block Device (NBD) client support. The flaw could occur while processing server’s response to a ‘NBD_OPT_LIST’ request. A malicious NBD server could use this issue to crash a remote NBD client resulting in DoS or potentially execute arbitrary code on client host with privileges of the QEMU process. 2018-07-27 not yet calculated CVE-2017-2630
MLIST
BID
REDHAT
CONFIRM
MLIST
GENTOO

qemu — qemu

A stack-based buffer overflow vulnerability was found in NBD server implementation in qemu before 2.11 allowing a client to request an export name of size up to 4096 bytes, which in fact should be limited to 256 bytes, causing an out-of-bounds stack write in the qemu process. If NBD server requires TLS, the attacker cannot trigger the buffer overflow without first successfully negotiating TLS. 2018-07-27 not yet calculated CVE-2017-15118
MISC
BID
REDHAT
CONFIRM
MISC
UBUNTU
EXPLOIT-DB

qemu — qemu

An assertion-failure flaw was found in Qemu before 2.10.1, in the Network Block Device (NBD) server’s initial connection negotiation, where the I/O coroutine was undefined. This could crash the qemu-nbd server if a client sent unexpected data during connection negotiation. A remote user or process could use this flaw to crash the qemu-nbd server resulting in denial of service. 2018-07-26 not yet calculated CVE-2017-7539
MLIST
BID
REDHAT
REDHAT
REDHAT
REDHAT
REDHAT
REDHAT
REDHAT
CONFIRM
CONFIRM
CONFIRM

quazip — quazip

QuaZIP before 0.7.6 is vulnerable to directory traversal, allowing attackers to write to arbitrary files via a ../ (dot dot slash) in a Zip archive entry that is mishandled during extraction. This vulnerability is also known as ‘Zip-Slip’. 2018-07-25 not yet calculated CVE-2018-1002209
MISC
CONFIRM
CONFIRM
MISC

quick_heal — multiple_products

Quick Heal Total Security 64 bit 17.00 (QHTS64.exe), (QHTSFT64.exe) – Version 10.0.1.38; Quick Heal Total Security 32 bit 17.00 (QHTS32.exe), (QHTSFT32.exe) – Version 10.0.1.38; Quick Heal Internet Security 64 bit 17.00 (QHIS64.exe), (QHISFT64.exe) – Version 10.0.0.37; Quick Heal Internet Security 32 bit 17.00 (QHIS32.exe), (QHISFT32.exe) – Version 10.0.0.37; Quick Heal AntiVirus Pro 64 bit 17.00 (QHAV64.exe), (QHAVFT64.exe) – Version 10.0.0.37; and Quick Heal AntiVirus Pro 32 bit 17.00 (QHAV32.exe), (QHAVFT32.exe) – Version 10.0.0.37 allow DLL Hijacking because of Insecure Library Loading. 2018-07-25 not yet calculated CVE-2018-8090
MISC

red_hat — certificate_system

An input validation error was found in Red Hat Certificate System’s handling of client provided certificates before 8.1.20-1. If the certreq field is not present in a certificate an assertion error is triggered causing a denial of service. 2018-07-26 not yet calculated CVE-2017-7509
SECTRACK
REDHAT
CONFIRM

red_hat — cloudforms

A number of unused delete routes are present in CloudForms before 5.7.2.1 which can be accessed via GET requests instead of just POST requests. This could allow an attacker to bypass the protect_from_forgery XSRF protection causing the routes to be used. This attack would require additional cross-site scripting or similar attacks in order to execute. 2018-07-27 not yet calculated CVE-2017-2653
BID
REDHAT
CONFIRM

red_hat — cloudforms

A flaw was found in CloudForms before 5.9.0.22 in the self-service UI snapshot feature where the name field is not properly sanitized for HTML and JavaScript input. An attacker could use this flaw to execute a stored XSS attack on an application administrator using CloudForms. Please note that CSP (Content Security Policy) prevents exploitation of this XSS however not all browsers support CSP. 2018-07-27 not yet calculated CVE-2017-15125
BID
REDHAT
CONFIRM

red_hat — cloudforms

The dialog for creating cloud volumes (cinder provider) in CloudForms does not filter cloud tenants by user. An attacker with the ability to create storage volumes could use this to create storage volumes for any other tenant. 2018-07-27 not yet calculated CVE-2017-7497
REDHAT
REDHAT
CONFIRM

red_hat — cloudforms

It was found that CloudForms does not verify that the server hostname matches the domain name in the certificate when using a custom CA and communicating with Red Hat Virtualization (RHEV) and OpenShift. This would allow an attacker to spoof RHEV or OpenShift systems and potentially harvest sensitive information from CloudForms. 2018-07-27 not yet calculated CVE-2017-2639
BID
SECTRACK
REDHAT
CONFIRM

red_hat — cloudforms

A logic error in valid_role() in CloudForms role validation before 5.7.1.3 could allow a tenant administrator to create groups with a higher privilege level than the tenant administrator should have. This would allow an attacker with tenant administration access to elevate privileges. 2018-07-27 not yet calculated CVE-2017-2632
REDHAT
BID
CONFIRM

red_hat — cloudforms_management_engine

CloudForms Management Engine (cfme) is vulnerable to an improper security setting in the dRuby component of CloudForms. An attacker with access to an unprivileged local shell could use this flaw to execute commands as a high privileged user. 2018-07-24 not yet calculated CVE-2018-10905
CONFIRM

red_hat — cloudforms_management_engine

CloudForms Management Engine (cfme) before 5.7.3 and 5.8.x before 5.8.1 lacks RBAC controls on certain methods in the rails application portion of CloudForms. An attacker with access could use a variety of methods within the rails application portion of CloudForms to escalate privileges. 2018-07-26 not yet calculated CVE-2017-2664
BID
REDHAT
REDHAT
CONFIRM

red_hat — cloudforms_management_engine

In CloudForms Management Engine (cfme) before 5.7.3 and 5.8.x before 5.8.1, it was found that privilege check is missing when invoking arbitrary methods via filtering on VMs that MiqExpression will execute that is triggerable by API users. An attacker could use this to execute actions they should not be allowed to (e.g. destroying VMs). 2018-07-26 not yet calculated CVE-2017-7530
BID
REDHAT
CONFIRM

red_hat — enterprise_linux

A regression was found in the Red Hat Enterprise Linux 6.9 version of httpd 2.2.15-60, causing comments in the “Allow” and “Deny” configuration lines to be parsed incorrectly. A web administrator could unintentionally allow any client to access a restricted HTTP resource. 2018-07-26 not yet calculated CVE-2017-12171
BID
SECTRACK
REDHAT
CONFIRM

red_hat — enterprise_linux

It was found that sssd’s sysdb_search_user_by_upn_res() function before 1.16.0 did not sanitize requests when querying its local cache and was vulnerable to injection. In a centralized login environment, if a password hash was locally cached for a given user, an authenticated attacker could use this flaw to retrieve it. 2018-07-27 not yet calculated CVE-2017-12173
REDHAT
REDHAT
CONFIRM

red_hat — enterprise_linux

It was discovered that rpm-ostree and rpm-ostree-client before 2017.3 fail to properly check GPG signatures on packages when doing layering. Packages with unsigned or badly signed content could fail to be rejected as expected. This issue is partially mitigated on RHEL Atomic Host, where certificate pinning is used by default. 2018-07-27 not yet calculated CVE-2017-2623
BID
REDHAT
CONFIRM

red_hat — enterprise_linux_server

It was found that a mock CMC authentication plugin with a hardcoded secret was accidentally enabled by default in the pki-core package before 10.6.4. An attacker could potentially use this flaw to bypass the regular authentication process and trick the CA server into issuing certificates. 2018-07-26 not yet calculated CVE-2017-7537
REDHAT
CONFIRM
CONFIRM

red_hat — jboss_bpm_suite_and_jboss_data_virtualization_and_services

It was discovered that the Dashbuilder login page as used in Red Hat JBoss BPM Suite before 6.4.2 and Red Hat JBoss Data Virtualization & Services before 6.4.3 could be opened in an IFRAME, which made it possible to intercept and manipulate requests. An attacker could use this flaw to trick a user into performing arbitrary actions in the Console (clickjacking). 2018-07-27 not yet calculated CVE-2017-2658
REDHAT
BID
REDHAT
CONFIRM

red_hat — jboss_brms_and_bpm_suite

JBoss BRMS 6 and BPM Suite 6 before 6.4.3 are vulnerable to a stored XSS via several lists in Business Central. The flaw is due to lack of sanitation of user input when creating new lists. Remote, authenticated attackers that have privileges to create lists can store scripts in them, which are not properly sanitized before showing to other users, including admins. 2018-07-27 not yet calculated CVE-2017-2674
BID
REDHAT
REDHAT
CONFIRM

red_hat — jboss_brms_and_bpm_suite

JBoss BRMS 6 and BPM Suite 6 before 6.4.3 are vulnerable to a reflected XSS via artifact upload. A malformed XML file, if uploaded, causes an error message to appear that includes part of the bad XML code verbatim without filtering out scripts. Successful exploitation would allow execution of script code within the context of the affected user. 2018-07-27 not yet calculated CVE-2017-7463
BID
REDHAT
REDHAT
CONFIRM

red_hat — jboss_eap

It was found that the JAXP implementation used in JBoss EAP 7.0 for SAX and DOM parsing is vulnerable to certain XXE flaws. An attacker could use this flaw to cause DoS, SSRF, or information disclosure if they are able to provide XML content for parsing. 2018-07-27 not yet calculated CVE-2017-7464
BID
CONFIRM

red_hat — jboss_enterprise_application

It was found that the log file viewer in Red Hat JBoss Enterprise Application 6 and 7 allows arbitrary file read to authenticated user via path traversal. 2018-07-27 not yet calculated CVE-2017-2595
REDHAT
REDHAT
BID
SECTRACK
REDHAT
REDHAT
REDHAT
REDHAT
REDHAT
REDHAT
REDHAT
REDHAT
REDHAT
REDHAT
REDHAT
CONFIRM

red_hat — jboss_fuse

It was discovered that the hawtio servlet 1.4 uses a single HttpClient instance to proxy requests with a persistent cookie store (cookies are stored locally and are not passed between the client and the end URL) which means all clients using that proxy are sharing the same cookies. 2018-07-26 not yet calculated CVE-2017-2589
REDHAT
CONFIRM

red_hat — openstack_platform

A design flaw issue was found in the Red Hat OpenStack Platform director use of TripleO to enable libvirtd based live-migration. Libvirtd is deployed by default (by director) listening on 0.0.0.0 (all interfaces) with no-authentication or encryption. Anyone able to make a TCP connection to any compute host IP address, including 127.0.0.1, other loopback interface addresses, or in some cases possibly addresses that have been exposed beyond the management interface, could use this to open a virsh session to the libvirtd instance and gain control of virtual machine instances or possibly take over the host. 2018-07-26 not yet calculated CVE-2017-2637
BID
REDHAT
REDHAT
REDHAT
REDHAT
CONFIRM
CONFIRM
CONFIRM

red_hat — satellite

Red Hat Satellite before 6.5 is vulnerable to a XSS in discovery rule when you are entering filter and you use autocomplete functionality. 2018-07-26 not yet calculated CVE-2017-12175
BID
CONFIRM
CONFIRM

red_hat — satellite

A cross-site scripting (XSS) flaw was found in how an organization name is displayed in Satellite 5, before 5.8. A user able to change an organization’s name could exploit this flaw to perform XSS attacks against other Satellite users. 2018-07-26 not yet calculated CVE-2017-7538
SECTRACK
REDHAT
CONFIRM

red_hat — spacewalk-channel

It was found that spacewalk-channel can be used by a non-admin user or disabled users to perform administrative tasks due to an incorrect authorization check in backend/server/rhnChannel.py. 2018-07-27 not yet calculated CVE-2017-7470
BID
REDHAT
CONFIRM

red_hat — undertow

It was discovered that Undertow before 1.4.17, 1.3.31 and 2.0.0 processes http request headers with unusual whitespaces which can cause possible http request smuggling. 2018-07-27 not yet calculated CVE-2017-12165
REDHAT
REDHAT
REDHAT
REDHAT
REDHAT
REDHAT
REDHAT
REDHAT
REDHAT
CONFIRM

red_hat — undertow

It was found in Undertow before 1.3.28 that with non-clean TCP close, the Websocket server gets into infinite loop on every IO thread, effectively causing DoS. 2018-07-27 not yet calculated CVE-2017-2670
REDHAT
BID
REDHAT
REDHAT
REDHAT
REDHAT
REDHAT
REDHAT
REDHAT
CONFIRM
DEBIAN

red_hat — undertow

It was discovered in Undertow that the code that parsed the HTTP request line permitted invalid characters. This could be exploited, in conjunction with a proxy that also permitted the invalid characters but with a different interpretation, to inject data into the HTTP response. By manipulating the HTTP response the attacker could poison a web-cache, perform an XSS attack, or obtain sensitive information from requests other than their own. 2018-07-27 not yet calculated CVE-2017-2666
REDHAT
BID
REDHAT
REDHAT
REDHAT
REDHAT
REDHAT
REDHAT
REDHAT
CONFIRM
DEBIAN

red_hat — virtualization

When updating a password in the rhvm database the ovirt-aaa-jdbc-tool tools before 1.1.3 fail to correctly check for the current password if it is expired. This would allow access to an attacker with access to change the password on accounts with expired passwords, gaining access to those accounts. 2018-07-27 not yet calculated CVE-2017-2614
REDHAT
CONFIRM

redhat — openstack-neutron

A race-condition flaw was discovered in openstack-neutron before 7.2.0-12.1, 8.x before 8.3.0-11.1, 9.x before 9.3.1-2.1, and 10.x before 10.0.2-1.1, where, following a minor overcloud update, neutron security groups were disabled. Specifically, the following were reset to 0: net.bridge.bridge-nf-call-ip6tables and net.bridge.bridge-nf-call-iptables. The race was only triggered by an update, at which point an attacker could access exposed tenant VMs and network resources. 2018-07-26 not yet calculated CVE-2017-7543
BID
REDHAT
REDHAT
REDHAT
REDHAT
REDHAT
REDHAT
CONFIRM

redhat — openstack_orchestration

An access-control flaw was found in the OpenStack Orchestration (heat) service before 8.0.0, 6.1.0 and 7.0.2 where a service log directory was improperly made world readable. A malicious system user could exploit this flaw to access sensitive information. 2018-07-27 not yet calculated CVE-2017-2621
BID
REDHAT
REDHAT
CONFIRM

redhat — openstack_workflow

An accessibility flaw was found in the OpenStack Workflow (mistral) service where a service log directory was improperly made world readable. A malicious system user could exploit this flaw to access sensitive information. 2018-07-27 not yet calculated CVE-2017-2622
REDHAT
CONFIRM

rsa — archer

RSA Archer, versions prior to 6.4.0.1, contain a stored cross-site scripting vulnerability. A remote authenticated malicious Archer user could potentially exploit this vulnerability to store malicious HTML or JavaScript code in a trusted application data store. When application users access the corrupted data store through their browsers, the malicious code gets executed by the web browser in the context of the vulnerable web application. 2018-07-24 not yet calculated CVE-2018-11059
FULLDISC
BID
SECTRACK

rsa — archer

RSA Archer, versions prior to 6.4.0.1, contain an authorization bypass vulnerability in the REST API. A remote authenticated malicious Archer user could potentially exploit this vulnerability to elevate their privileges. 2018-07-24 not yet calculated CVE-2018-11060
FULLDISC
BID
SECTRACK

sage — xrt_treasury

Sage XRT Treasury, version 3, fails to properly restrict database access to authorized users, which may enable any authenticated user to gain full access to privileged database functions. Sage XRT Treasury is a business finance management application. Database user access privileges are determined by the USER_CODE field associated with the querying user. By modifying the USER_CODE value to match that of a privileged user, a low-privileged, authenticated user may gain privileged access to the SQL database. A remote, authenticated user can submit specially crafted SQL queries to gain privileged access to the application database. 2018-07-24 not yet calculated CVE-2017-3183
CERT-VN
BID

samba — samba

A flaw was found in the way samba client before samba 4.4.16, samba 4.5.14 and samba 4.6.8 used encryption with the max protocol set as SMB3. The connection could lose the requirement for signing and encrypting to any DFS redirects, allowing an attacker to read or alter the contents of the connection via a man-in-the-middle attack. 2018-07-27 not yet calculated CVE-2017-12151
BID
SECTRACK
REDHAT
REDHAT
CONFIRM
CONFIRM
CONFIRM
CONFIRM
DEBIAN
CONFIRM

samba — samba

An information leak flaw was found in the way SMB1 protocol was implemented by Samba before 4.4.16, 4.5.x before 4.5.14, and 4.6.x before 4.6.8. A malicious client could use this flaw to dump server memory contents to a file on the samba share or to a shared printer, though the exact area of server memory cannot be controlled by the attacker. 2018-07-26 not yet calculated CVE-2017-12163
BID
SECTRACK
REDHAT
REDHAT
REDHAT
REDHAT
CONFIRM
CONFIRM
CONFIRM
CONFIRM
CONFIRM
DEBIAN
CONFIRM
CONFIRM

samba — samba

It was found that samba before 4.4.16, 4.5.x before 4.5.14, and 4.6.x before 4.6.8 did not enforce “SMB signing” when certain configuration options were enabled. A remote attacker could launch a man-in-the-middle attack and retrieve information in plain-text. 2018-07-26 not yet calculated CVE-2017-12150
BID
SECTRACK
REDHAT
REDHAT
REDHAT
REDHAT
CONFIRM
CONFIRM
CONFIRM
CONFIRM
CONFIRM
DEBIAN
CONFIRM

seacms — seacms

SeaCMS 6.61 has two XSS issues in the admin_config.php file via certain form fields. 2018-07-23 not yet calculated CVE-2018-14517
MISC

sel — acselerator_architect

SEL AcSELerator Architect version 2.2.24.0 and prior can be exploited when the AcSELerator Architect FTP client connects to a malicious FTP server, which may cause denial of service via 100% CPU utilization. Restart of the application is required. 2018-07-24 not yet calculated CVE-2018-10608
MISC

sel — acselerator_architect

SEL AcSELerator Architect version 2.2.24.0 and prior allows unsanitized input to be passed to the XML parser, which may allow disclosure and retrieval of arbitrary data, arbitrary code execution (in certain situations on specific platforms), and denial of service attacks. 2018-07-24 not yet calculated CVE-2018-10600
MISC

sel — compass

SEL Compass version 3.0.5.1 and prior allows all users full access to the SEL Compass directory, which may allow modification or overwriting of files within the Compass installation folder, resulting in escalation of privilege and/or malicious code execution. 2018-07-24 not yet calculated CVE-2018-10604
MISC

sharpcompress — sharpcompress

SharpCompress before 0.21.0 is vulnerable to directory traversal, allowing attackers to write to arbitrary files via a ../ (dot dot slash) in a Zip archive entry that is mishandled during extraction. This vulnerability is also known as ‘Zip-Slip’. 2018-07-25 not yet calculated CVE-2018-1002206
CONFIRM
CONFIRM
MISC
MISC
MISC

sharplibzip — sharplibzip

sharplibzip before 1.0 RC1 is vulnerable to directory traversal, allowing attackers to write to arbitrary files via a ../ (dot dot slash) in a Zip archive entry that is mishandled during extraction. This vulnerability is also known as ‘Zip-Slip’. 2018-07-25 not yet calculated CVE-2018-1002208
CONFIRM
CONFIRM
MISC
MISC
MISC

siemens — ethernet_modules

A vulnerability has been identified in Firmware variant IEC 61850 for EN100 Ethernet module (All versions < V4.33), Firmware variant PROFINET IO for EN100 Ethernet module (All versions), Firmware variant Modbus TCP for EN100 Ethernet module (All versions), Firmware variant DNP3 TCP for EN100 Ethernet module (All versions), Firmware variant IEC104 for EN100 Ethernet module (All versions). Specially crafted packets to port 102/tcp could cause a denial-of-service condition in the EN100 communication module if oscillographs are running. A manual restart is required to recover the EN100 module functionality. Successful exploitation requires an attacker with network access to send multiple packets to the EN100 module. As a precondition the IEC 61850-MMS communication needs to be activated on the affected EN100 modules. No user interaction or privileges are required to exploit the security vulnerability. The vulnerability could allow causing a Denial-of-Service condition of the network functionality of the device, compromising the availability of the system. At the time of advisory publication no public exploitation of this security vulnerability was known. 2018-07-23 not yet calculated CVE-2018-11452
CONFIRM

siemens — ethernet_modules

A vulnerability has been identified in Firmware variant IEC 61850 for EN100 Ethernet module (All versions < V4.33), Firmware variant PROFINET IO for EN100 Ethernet module (All versions), Firmware variant Modbus TCP for EN100 Ethernet module (All versions), Firmware variant DNP3 TCP for EN100 Ethernet module (All versions), Firmware variant IEC104 for EN100 Ethernet module (All versions), SIPROTEC 5 relays with CPU variants CP300 and CP100 and the respective Ethernet communication modules (All versions < V7.80), SIPROTEC 5 relays with CPU variants CP200 and the respective Ethernet communication modules (All versions). Specially crafted packets to port 102/tcp could cause a denial-of-service condition in the affected products. A manual restart is required to recover the EN100 module functionality of SIPROTEC 4 and SIPROTEC Compact relays. Successful exploitation requires an attacker with network access to send multiple packets to the affected products or modules. As a precondition the IEC 61850-MMS communication needs to be activated on the affected products or modules. No user interaction or privileges are required to exploit the vulnerability. The vulnerability could allow causing a Denial-of-Service condition of the network functionality of the device, compromising the availability of the system. At the time of advisory publication no public exploitation of this security vulnerability was known. 2018-07-23 not yet calculated CVE-2018-11451
CONFIRM

sourcetree — sourcetree

There was an argument injection vulnerability in Sourcetree for macOS via filenames in Mercurial repositories. An attacker with permission to commit to a Mercurial repository linked in Sourcetree for macOS is able to exploit this issue to gain code execution on the system. Versions of Sourcetree for macOS from 1.0b2 before 2.7.6 are affected by this vulnerability. 2018-07-24 not yet calculated CVE-2018-13385
CONFIRM

sourcetree — sourcetree

There was an argument injection vulnerability in Sourcetree for Windows via filenames in Mercurial repositories. An attacker with permission to commit to a Mercurial repository linked in Sourcetree for Windows is able to exploit this issue to gain code execution on the system. Versions of Sourcetree for Windows before version 2.6.9 are affected by this vulnerability. 2018-07-24 not yet calculated CVE-2018-13386
CONFIRM

spice — spice

A vulnerability was discovered in SPICE before 0.13.90 in the server’s protocol handling. An authenticated attacker could send crafted messages to the SPICE server causing a heap overflow leading to a crash or possible code execution. 2018-07-27 not yet calculated CVE-2016-9577
REDHAT
REDHAT
BID
REDHAT
REDHAT
CONFIRM
DEBIAN

spice — spice

A vulnerability was discovered in SPICE before 0.13.90 in the server’s protocol handling. An attacker able to connect to the SPICE server could send crafted messages which would cause the process to crash. 2018-07-27 not yet calculated CVE-2016-9578
REDHAT
REDHAT
BID
REDHAT
REDHAT
CONFIRM
DEBIAN

suricata — suricata

An issue was discovered in Suricata before 3.1.2. If an ICMPv4 error packet is received as the first packet on a flow in the to_client direction, it confuses the rule grouping lookup logic. The toclient inspection will then continue with the wrong rule group. This can lead to missed detection. 2018-07-23 not yet calculated CVE-2016-10728
MISC
MISC
MISC

suricata — suricata

Suricata before 4.0.5 stops TCP stream inspection upon a TCP RST from a server. This allows detection bypass because Windows TCP clients proceed with normal processing of TCP data that arrives shortly after an RST (i.e., they act as if the RST had not yet been received). 2018-07-23 not yet calculated CVE-2018-14568
MISC
MISC
MISC
MISC

symantec — management_agent

The Inventory Plugin for Symantec Management Agent prior to 7.6 POST HF7, 8.0 POST HF6, or 8.1 RU7 may be susceptible to a privilege escalation vulnerability, which is a type of issue that allows a user to gain elevated access to resources that are normally protected at lower access levels. 2018-07-25 not yet calculated CVE-2018-5240
BID
CONFIRM

tenda — ac7

Tenda AC7 through V15.03.06.44_CN, AC9 through V15.03.05.19(6318)_CN, and AC10 through V15.03.06.23_CN devices have a Stack-based Buffer Overflow via a long limitSpeed or limitSpeedup parameter to an unspecified /goform URI. 2018-07-21 not yet calculated CVE-2018-14492
MISC

thomson_reuters — ultratax_cs

Thomson Reuters UltraTax CS 2017 on Windows, in a client/server configuration, transfers customer records and bank account numbers in cleartext over SMBv2, which allows attackers to (1) obtain sensitive information by sniffing the network or (2) conduct man-in-the-middle (MITM) attacks via unspecified vectors. The customer record transferred in cleartext contains: Client ID, Full Name, Spouse’s Full Name, Social Security Number, Spouse’s Social Security Number, Occupation, Spouse’s Occupation, Daytime Phone, Home Phone, Tax Preparer, Federal and State Taxes to File, Bank Name, Bank Account Number, and possibly other sensitive information. 2018-07-26 not yet calculated CVE-2018-14607
MISC

thomson_reuters — ultratax_cs

Thomson Reuters UltraTax CS 2017 on Windows has a password protection option; however, the level of protection might be inconsistent with some customers’ expectations because the data is directly accessible in cleartext. Specifically, it stores customer data in unique directories (%install_path%\WinCSI\UT17DATA\client_ID\file_name.XX17) that can be bypassed without authentication by examining the strings of the .XX17 file. The strings stored in the .XX17 file contain each customer’s: Full Name, Spouse’s Name, Social Security Number, Date of Birth, Occupation, Home Address, Daytime Phone Number, Home Phone Number, Spouse’s Address, Spouse’s Daytime Phone Number, Spouse’s Social Security Number, Spouse’s Home Phone Number, Spouse’s Occupation, Spouse’s Date of Birth, and Spouse’s Filing Status. 2018-07-26 not yet calculated CVE-2018-14608
MISC

threatmetrix — threatmetrix_sdk

On the iOS platform, the ThreatMetrix SDK versions prior to 3.2 fail to validate SSL certificates provided by HTTPS connections, which may allow an attacker to perform a man-in-the-middle (MITM) attack. ThreatMetrix is a security library for mobile applications, which aims to provide fraud prevention and device identity capabilities. The ThreatMetrix SDK versions prior to 3.2 do not validate SSL certificates on the iOS platform. An affected application will communicate with https://ift.tt/2LPeRKA, regardless of whether the connection is secure or not. An attacker on the same network as or upstream from the iOS device may be able to view or modify ThreatMetrix network traffic that should have been protected by HTTPS. 2018-07-24 not yet calculated CVE-2017-3182
CERT-VN
BID

thulac — thulac

An issue was discovered in libthulac.so in THULAC through 2018-02-25. A heap-based buffer over-read can occur in NGramFeature::find_bases in include/cb_ngram_feature.h. 2018-07-23 not yet calculated CVE-2018-14565
MISC

thulac — thulac

An issue was discovered in libthulac.so in THULAC through 2018-02-25. A SEGV can occur in NGramFeature::find_bases in include/cb_ngram_feature.h. 2018-07-23 not yet calculated CVE-2018-14564
MISC

thulac — thulac

An issue was discovered in libthulac.so in THULAC through 2018-02-25. “operator delete” is used with “operator new[]” in the TaggingLearner class in include/cb_tagging_learner.h, possibly leading to memory corruption. 2018-07-23 not yet calculated CVE-2018-14563
MISC

thulac — thulac

An issue was discovered in libthulac.so in THULAC through 2018-02-25. A NULL pointer dereference can occur in the BasicModel class in include/cb_model.h. 2018-07-23 not yet calculated CVE-2018-14562
MISC

tibco — multiple_products

Multiple TIBCO Products are prone to multiple unspecified cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input. An attacker may leverage these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and to launch other attacks. The products and versions that are affected include the following: TIBCO Silver Fabric Enabler for Spotfire Web Player 2.1.2 and earlier TIBCO Spotfire Analyst 7.5.0 TIBCO Spotfire Analyst 7.6.0 TIBCO Spotfire Analyst 7.7.0 TIBCO Spotfire Analytics Platform for AWS Marketplace 7.0.2 and earlier TIBCO Spotfire Automation Services 6.5.3 and earlier TIBCO Spotfire Automation Services 7.0.0, and 7.0.1 TIBCO Spotfire Connectors 7.6.0 TIBCO Spotfire Deployment Kit 6.5.3 and earlier TIBCO Spotfire Deployment Kit 7.0.0, and 7.0.1 TIBCO Spotfire Deployment Kit 7.5.0 TIBCO Spotfire Deployment Kit 7.6.0 TIBCO Spotfire Deployment Kit 7.7.0 TIBCO Spotfire Desktop 6.5.2 and earlier TIBCO Spotfire Desktop 7.0.0, and 7.0.1 TIBCO Spotfire Desktop 7.5.0 TIBCO Spotfire Desktop 7.6.0 TIBCO Spotfire Desktop 7.7.0 TIBCO Spotfire Desktop Developer Edition 7.7.0 TIBCO Spotfire Desktop Language Packs 7.0.1 and earlier TIBCO Spotfire Desktop Language Packs 7.5.0 TIBCO Spotfire Desktop Language Packs 7.6.0 TIBCO Spotfire Desktop Language Packs 7.7.0 TIBCO Spotfire Professional 6.5.3 and earlier TIBCO Spotfire Professional 7.0.0 and 7.0.1 TIBCO Spotfire Web Player 6.5.3 and earlier TIBCO Spotfire Web Player 7.0.0 and 7.0.1 2018-07-24 not yet calculated CVE-2017-3180
BID
CONFIRM

tibco — multiple_products

Multiple TIBCO Products are prone to multiple unspecified SQL-injection vulnerabilities because it fails to properly sanitize user-supplied input before using it in an SQL query. Exploiting these issues could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. The following products and versions are affected: TIBCO Spotfire Analyst 7.7.0 TIBCO Spotfire Connectors 7.6.0 TIBCO Spotfire Deployment Kit 7.7.0 TIBCO Spotfire Desktop 7.6.0 TIBCO Spotfire Desktop 7.7.0 TIBCO Spotfire Desktop Developer Edition 7.7.0 TIBCO Spotfire Desktop Language Packs 7.6.0 TIBCO Spotfire Desktop Language Packs 7.7.0 The following components are affected: TIBCO Spotfire Client TIBCO Spotfire Web Player Client 2018-07-24 not yet calculated CVE-2017-3181
BID
CONFIRM

tightrope_media — carousel_digital_signage

A Local File Inclusion (LFI) vulnerability exists in the Web Interface API of TightRope Media Carousel Digital Signage before 7.3.5. The RenderingFetch API allows for the downloading of arbitrary files through the use of directory traversal sequences, aka CSL-1683. 2018-07-23 not yet calculated CVE-2018-14573
CONFIRM

vmware — esxi_and_workstation_and_fusion

VMware ESXi (6.7 before ESXi670-201806401-BG, 6.5 before ESXi650-201806401-BG, 6.0 before ESXi600-201806401-BG and 5.5 before ESXi550-201806401-BG), Workstation (14.x before 14.1.2), and Fusion (10.x before 10.1.2) contain a denial-of-service vulnerability due to NULL pointer dereference issue in RPC handler. Successful exploitation of this issue may allow attackers with normal user privileges to crash their VMs. 2018-07-25 not yet calculated CVE-2018-6972
BID
SECTRACK
SECTRACK
CONFIRM

vmware — horizon_view_agents

VMware Horizon View Agents (7.x.x before 7.5.1) contain a local information disclosure vulnerability due to insecure logging of credentials in the vmmsi.log file when an account other than the currently logged on user is specified during installation (including silent installations). Successful exploitation of this issue may allow low privileged users access to the credentials specified during the Horizon View Agent installation. 2018-07-25 not yet calculated CVE-2018-6971
BID
SECTRACK
SECTRACK
CONFIRM

wancms — wancms

wancms 1.0 through 5.0 allows remote attackers to cause a denial of service (resource consumption) via a checkcode (aka verification code) URI in which the values of font_size, width, and height are large numbers. 2018-07-25 not yet calculated CVE-2018-14596
MISC

wesnoth — battle_for _wesnoth

The Battle for Wesnoth Project version 1.7.0 through 1.14.3 contains a Code Injection vulnerability in the Lua scripting engine that can result in code execution outside the sandbox. This attack appear to be exploitable via Loading specially-crafted saved games, networked games, replays, and player content. 2018-07-23 not yet calculated CVE-2018-1999023
CONFIRM

wildfly — core

WildFly Core before version 6.0.0.Alpha3 does not properly validate file paths in .war archives, allowing for the extraction of crafted .war archives to overwrite arbitrary files. This is an instance of the ‘Zip Slip’ vulnerability. 2018-07-27 not yet calculated CVE-2018-10862
REDHAT
REDHAT
REDHAT
CONFIRM
MISC

wizkunde — samlbase

Wizkunde SAMLBase may incorrectly utilize the results of XML DOM traversal and canonicalization APIs in such a way that an attacker may be able to manipulate the SAML data without invalidating the cryptographic signature, allowing the attack to potentially bypass authentication to SAML service providers. 2018-07-24 not yet calculated CVE-2018-5387
MISC
CERT-VN

wordpress — wordpress

The Mondula Multi Step Form plugin through 1.2.5 for WordPress allows XSS via the fw_data [id][1], fw_data [id][2], fw_data [id][3], fw_data [id][4], or email field of the contact form, exploitable with an fw_send_email action to wp-admin/admin-ajax.php. 2018-07-25 not yet calculated CVE-2018-14430
MISC

wuzhi — cms

A SQL injection was discovered in WUZHI CMS 4.1.0 that allows remote attackers to inject a malicious SQL statement via the index.php?m=promote&f=index&v=search keywords parameter. 2018-07-23 not yet calculated CVE-2018-14515
MISC

wuzhi — cms

An XSS vulnerability was discovered in WUZHI CMS 4.1.0. There is persistent XSS that allows remote attackers to inject arbitrary web script or HTML via the form[content] parameter to the index.php?m=feedback&f=index&v=contact URI. 2018-07-23 not yet calculated CVE-2018-14513
MISC

wuzhi — cms 

An XSS vulnerability was discovered in WUZHI CMS 4.1.0. There is persistent XSS that allows remote attackers to inject arbitrary web script or HTML via the form[nickname] parameter to the index.php?m=core&f=set&v=sendmail URI. When the administrator accesses the “system settings – mail server” screen, the XSS payload is triggered. 2018-07-23 not yet calculated CVE-2018-14512
MISC

x.org — x.org

It was found that xorg-x11-server before 1.19.0 including uses memcmp() to check the received MIT cookie against a series of valid cookies. If the cookie is correct, it is allowed to attach to the Xorg session. Since most memcmp() implementations return after an invalid byte is seen, this causes a time difference between a valid and invalid byte, which could allow an efficient brute force attack. 2018-07-27 not yet calculated CVE-2017-2624
BID
SECTRACK
CONFIRM
MLIST
GENTOO
GENTOO
MISC

xiao5ucompany — xiao5ucompany

Feedback.asp in Xiao5uCompany 1.7 has XSS because the XSS protection mechanism in Safe.asp is insufficient (for example, it considers SCRIPT and IMG elements, but does not consider VIDEO elements). 2018-07-23 not yet calculated CVE-2018-14527
MISC

xycms — xycms

system/edit_book.php in XYCMS 1.7 has stored XSS via a crafted add_do.php request, related to add_book.php. 2018-07-28 not yet calculated CVE-2018-14686
MISC

xyhcms — xyhcms

xyhai.php?s=/Auth/addUser in XYHCMS 3.5 allows CSRF to add a background administrator account. 2018-07-24 not yet calculated CVE-2018-14583
MISC

zeroturnaround — zt_zip

zt-zip before 1.13 is vulnerable to directory traversal, allowing attackers to write to arbitrary files via a ../ (dot dot slash) in a Zip archive entry that is mishandled during extraction. This vulnerability is also known as ‘Zip-Slip’. 2018-07-25 not yet calculated CVE-2018-1002201
MISC
CONFIRM
CONFIRM
MISC
MISC

zip4j — zip4j

zip4j before 1.3.3 is vulnerable to directory traversal, allowing attackers to write to arbitrary files via a ../ (dot dot slash) in a Zip archive entry that is mishandled during extraction. This vulnerability is also known as ‘Zip-Slip’. 2018-07-25 not yet calculated CVE-2018-1002202
MISC
MISC
MISC

zjonsson — node-unzipper

unzipper npm library before 0.8.13 is vulnerable to directory traversal, allowing attackers to write to arbitrary files via a ../ (dot dot slash) in a Zip archive entry that is mishandled during extraction. This vulnerability is also known as ‘Zip-Slip’. 2018-07-25 not yet calculated CVE-2018-1002203
MISC
CONFIRM
CONFIRM
MISC
MISC

zte — zxcdn-sns

SQL injection vulnerability in all versions prior to V4.01.01 of the ZTE ZXCDN-SNS product allows remote attackers to execute arbitrary SQL commands via the aoData parameter, resulting in the disclosure of database information. 2018-07-25 not yet calculated CVE-2017-10936
CONFIRM

zte — zxiptv-epg

All versions prior to V5.09.02.02T4 of the ZTE ZXIPTV-EPG product use the Java RMI service in which the servers use the Apache Commons Collections (ACC) library that may result in Java deserialization vulnerabilities. An unauthenticated remote attacker can exploit the vulnerabilities by sending a crafted RMI request to execute arbitrary code on the target host. 2018-07-25 not yet calculated CVE-2017-10934
CONFIRM

zte — zxiptv-ucm

SQL injection vulnerability in all versions prior to V2.01.05.09 of the ZTE ZXIPTV-UCM product allows remote attackers to execute arbitrary SQL commands via the opertype parameter, resulting in the disclosure of database information. 2018-07-25 not yet calculated CVE-2017-10937
CONFIRM

zte — zxr10_1800-2s

All versions prior to ZSRV2 V3.00.40 of the ZTE ZXR10 1800-2S products allow remote authenticated users to bypass the original password authentication protection to change other user’s password. 2018-07-25 not yet calculated CVE-2017-10935
CONFIRM

Back to top


This product is provided subject to this Notification and this Privacy & Use policy.

SB18-197: Vulnerability Summary for the Week of July 9, 2018

Original release date: July 16, 2018

The US-CERT Cyber Security Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD) in the past week. The NVD is sponsored by the Department of Homeland Security (DHS) National Cybersecurity and Communications Integration Center (NCCIC) / United States Computer Emergency Readiness Team (US-CERT). For modified or updated entries, please visit the NVD, which contains historical vulnerability information.

The vulnerabilities are based on the CVE vulnerability naming standard and are organized according to severity, determined by the Common Vulnerability Scoring System (CVSS) standard. The division of high, medium, and low severities correspond to the following scores:

  • High – Vulnerabilities will be labeled High severity if they have a CVSS base score of 7.0 – 10.0

  • Medium – Vulnerabilities will be labeled Medium severity if they have a CVSS base score of 4.0 – 6.9

  • Low – Vulnerabilities will be labeled Low severity if they have a CVSS base score of 0.0 – 3.9

Entries may include additional information provided by organizations and efforts sponsored by US-CERT. This information may include identifying information, values, definitions, and related links. Patch information is provided when available. Please note that some of the information in the bulletins is compiled from external, open source reports and is not a direct result of US-CERT analysis.

The NCCIC Weekly Vulnerability Summary Bulletin is created using information from the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD). In some cases, the vulnerabilities in the Bulletin may not yet have assigned CVSS scores. Please visit NVD for updated vulnerability entries, which include CVSS scores once they are available.

 

High Vulnerabilities

Primary
Vendor — Product
Description Published CVSS Score Source & Patch Info
There were no high vulnerabilities recorded this week.

Back to top

 

Medium Vulnerabilities

Primary
Vendor — Product
Description Published CVSS Score Source & Patch Info
arm — cortex-a Systems with microprocessors utilizing speculative execution and branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a speculative buffer overflow and side-channel analysis. 2018-07-10 4.7 CVE-2018-3693
CONFIRM
MISC
MISC
servviziotoken_project — servviziotoken The mintToken function of a smart contract implementation for SERVVIZIOToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 5.0 CVE-2018-13723
MISC
MISC

Back to top

 

Low Vulnerabilities

Primary
Vendor — Product
Description Published CVSS Score Source & Patch Info
There were no low vulnerabilities recorded this week.

Back to top

 

Severity Not Yet Assigned

Primary
Vendor — Product
Description Published CVSS Score Source & Patch Info
abbyy — flexicapture Multiple Cross Site Request Forgery (CSRF) vulnerabilities in the HTTP API in ABBYY FlexiCapture before 12 Release 1 Update 7 exist in Web Verification, Web Scanning, Web Capture, Monitoring and Administration, and Login. 2018-07-09 not yet calculated CVE-2018-13793
MISC
abbyy — flexicapture The HTTP API in ABBYY FlexiCapture before 12 Release 1 Update 7 allows an attacker to conduct Access Control attacks via the /FlexiCapture12/Login/Server/SevaUserProfile FlexiCaptureTmsSts2 parameter. 2018-07-09 not yet calculated CVE-2018-13791
MISC
accellion — ftp_server Accellion FTP server prior to version FTA_9_12_220 uses the Accusoft Prizm Content flash component, which contains multiple parameters (customTabCategoryName, customButton1Image) that are vulnerable to cross-site scripting. 2018-07-13 not yet calculated CVE-2016-9500
CERT-VN
MISC
BID
accellion — ftp_server Accellion FTP server prior to version FTA_9_12_220 only returns the username in the server response if the username is invalid. An attacker may use this information to determine valid user accounts and enumerate them. 2018-07-13 not yet calculated CVE-2016-9499
CERT-VN
MISC
BID
accountsservice — accountsservice
 
Directory Traversal with ../ sequences occurs in AccountsService before 0.6.50 because of an insufficient path check in user_change_icon_file_authorized_cb() in user.c. 2018-07-13 not yet calculated CVE-2018-14036
MISC
MISC
MISC
MISC
adobe — acrobat_and_reader Adobe Acrobat and Reader versions 2018.009.20050 and earlier, 2017.011.30070 and earlier, and 2015.006.30394 and earlier have an Out-of-bounds read vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user. 2018-07-09 not yet calculated CVE-2018-4999
BID
MISC
adobe — acrobat_and_reader Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011.30079 and earlier, and 2015.006.30417 and earlier have a Use-after-free vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user. 2018-07-09 not yet calculated CVE-2018-4980
BID
SECTRACK
MISC
adobe — acrobat_and_reader Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011.30079 and earlier, and 2015.006.30417 and earlier have an Out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. 2018-07-09 not yet calculated CVE-2018-4985
BID
SECTRACK
MISC
adobe — acrobat_and_reader Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011.30079 and earlier, and 2015.006.30417 and earlier have an Out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. 2018-07-09 not yet calculated CVE-2018-4949
BID
SECTRACK
MISC
adobe — acrobat_and_reader Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011.30079 and earlier, and 2015.006.30417 and earlier have an Out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. 2018-07-09 not yet calculated CVE-2018-4972
BID
SECTRACK
MISC
adobe — acrobat_and_reader Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011.30079 and earlier, and 2015.006.30417 and earlier have a Use-after-free vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user. 2018-07-09 not yet calculated CVE-2018-4989
BID
SECTRACK
MISC
adobe — acrobat_and_reader Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011.30079 and earlier, and 2015.006.30417 and earlier have a Heap Overflow vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user. 2018-07-09 not yet calculated CVE-2018-4968
BID
SECTRACK
MISC
adobe — acrobat_and_reader Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011.30079 and earlier, and 2015.006.30417 and earlier have an Out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. 2018-07-09 not yet calculated CVE-2018-4957
BID
SECTRACK
MISC
adobe — acrobat_and_reader Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011.30079 and earlier, and 2015.006.30417 and earlier have a Heap Overflow vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user. 2018-07-09 not yet calculated CVE-2018-4948
BID
SECTRACK
MISC
adobe — acrobat_and_reader Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011.30079 and earlier, and 2015.006.30417 and earlier have an Out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. 2018-07-09 not yet calculated CVE-2018-4986
BID
SECTRACK
MISC
adobe — acrobat_and_reader Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011.30079 and earlier, and 2015.006.30417 and earlier have a Security Bypass vulnerability. Successful exploitation could lead to information disclosure. 2018-07-09 not yet calculated CVE-2018-4979
BID
SECTRACK
MISC
adobe — acrobat_and_reader Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011.30079 and earlier, and 2015.006.30417 and earlier have an Out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. 2018-07-09 not yet calculated CVE-2018-4964
BID
SECTRACK
MISC
adobe — acrobat_and_reader Adobe Acrobat and Reader versions 2018.009.20050 and earlier, 2017.011.30070 and earlier, and 2015.006.30394 and earlier have a Memory corruption vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user. 2018-07-09 not yet calculated CVE-2018-4998
BID
MISC
adobe — acrobat_and_reader Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011.30079 and earlier, and 2015.006.30417 and earlier have a Use-after-free vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user. 2018-07-09 not yet calculated CVE-2018-4971
BID
SECTRACK
MISC
adobe — acrobat_and_reader Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011.30079 and earlier, and 2015.006.30417 and earlier have an Out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user. 2018-07-09 not yet calculated CVE-2018-4950
BID
SECTRACK
MISC
adobe — acrobat_and_reader Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011.30079 and earlier, and 2015.006.30417 and earlier have a Heap Overflow vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user. 2018-07-09 not yet calculated CVE-2018-4966
BID
SECTRACK
MISC
adobe — acrobat_and_reader Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011.30079 and earlier, and 2015.006.30417 and earlier have a Use-after-free vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user. 2018-07-09 not yet calculated CVE-2018-4954
BID
SECTRACK
MISC
adobe — acrobat_and_reader Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011.30079 and earlier, and 2015.006.30417 and earlier have a Use-after-free vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user. 2018-07-09 not yet calculated CVE-2018-4977
BID
SECTRACK
MISC
adobe — acrobat_and_reader Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011.30079 and earlier, and 2015.006.30417 and earlier have a Memory Corruption vulnerability. Successful exploitation could lead to information disclosure. 2018-07-09 not yet calculated CVE-2018-4965
BID
SECTRACK
MISC
adobe — acrobat_and_reader Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011.30079 and earlier, and 2015.006.30417 and earlier have an NTLM SSO hash theft vulnerability. Successful exploitation could lead to information disclosure. 2018-07-09 not yet calculated CVE-2018-4993
BID
SECTRACK
MISC
adobe — acrobat_and_reader Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011.30079 and earlier, and 2015.006.30417 and earlier have an Out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. 2018-07-09 not yet calculated CVE-2018-4951
BID
SECTRACK
MISC
adobe — acrobat_and_reader Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011.30079 and earlier, and 2015.006.30417 and earlier have an Out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. 2018-07-09 not yet calculated CVE-2018-4955
BID
SECTRACK
MISC
adobe — acrobat_and_reader Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011.30079 and earlier, and 2015.006.30417 and earlier have a Use-after-free vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user. 2018-07-09 not yet calculated CVE-2018-4996
SECTRACK
MISC
adobe — acrobat_and_reader Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011.30079 and earlier, and 2015.006.30417 and earlier have a Type Confusion vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user. 2018-07-09 not yet calculated CVE-2018-4953
BID
SECTRACK
MISC
adobe — acrobat_and_reader Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011.30079 and earlier, and 2015.006.30417 and earlier have an Out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. 2018-07-09 not yet calculated CVE-2018-4967
BID
SECTRACK
MISC
adobe — acrobat_and_reader Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011.30079 and earlier, and 2015.006.30417 and earlier have a Heap Overflow vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user. 2018-07-09 not yet calculated CVE-2018-4947
BID
SECTRACK
MISC
adobe — acrobat_and_reader Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011.30079 and earlier, and 2015.006.30417 and earlier have a Use-after-free vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user. 2018-07-09 not yet calculated CVE-2018-4988
BID
SECTRACK
MISC
adobe — acrobat_and_reader Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011.30079 and earlier, and 2015.006.30417 and earlier have an Out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. 2018-07-09 not yet calculated CVE-2018-4973
BID
SECTRACK
MISC
adobe — acrobat_and_reader Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011.30079 and earlier, and 2015.006.30417 and earlier have a Use-after-free vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user. 2018-07-09 not yet calculated CVE-2018-4952
BID
SECTRACK
MISC
adobe — acrobat_and_reader Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011.30079 and earlier, and 2015.006.30417 and earlier have an Out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. 2018-07-09 not yet calculated CVE-2018-4969
BID
SECTRACK
MISC
adobe — acrobat_and_reader Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011.30079 and earlier, and 2015.006.30417 and earlier have a Heap Overflow vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user. 2018-07-09 not yet calculated CVE-2018-4984
BID
SECTRACK
MISC
adobe — acrobat_and_reader Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011.30079 and earlier, and 2015.006.30417 and earlier have a Use-after-free vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user. 2018-07-09 not yet calculated CVE-2018-4961
BID
SECTRACK
MISC
adobe — acrobat_and_reader Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011.30079 and earlier, and 2015.006.30417 and earlier have a Heap Overflow vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user. 2018-07-09 not yet calculated CVE-2018-4978
BID
SECTRACK
MISC
adobe — acrobat_and_reader Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011.30079 and earlier, and 2015.006.30417 and earlier have an Out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. 2018-07-09 not yet calculated CVE-2018-4963
BID
SECTRACK
MISC
adobe — acrobat_and_reader Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011.30079 and earlier, and 2015.006.30417 and earlier have a Use-after-free vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user. 2018-07-09 not yet calculated CVE-2018-4958
BID
SECTRACK
MISC
adobe — acrobat_and_reader Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011.30079 and earlier, and 2015.006.30417 and earlier have an Out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. 2018-07-09 not yet calculated CVE-2018-4960
BID
SECTRACK
MISC
adobe — acrobat_and_reader Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011.30079 and earlier, and 2015.006.30417 and earlier have an Out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. 2018-07-09 not yet calculated CVE-2018-4962
BID
SECTRACK
MISC
adobe — acrobat_and_reader Adobe Acrobat and Reader versions 2018.009.20050 and earlier, 2017.011.30070 and earlier, and 2015.006.30394 and earlier have an Out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user. 2018-07-09 not yet calculated CVE-2018-4997
BID
MISC
adobe — acrobat_and_reader Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011.30079 and earlier, and 2015.006.30417 and earlier have a Use-after-free vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user. 2018-07-09 not yet calculated CVE-2018-4983
BID
SECTRACK
MISC
adobe — acrobat_and_reader Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011.30079 and earlier, and 2015.006.30417 and earlier have an Out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. 2018-07-09 not yet calculated CVE-2018-4981
BID
SECTRACK
MISC
adobe — acrobat_and_reader Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011.30079 and earlier, and 2015.006.30417 and earlier have an Out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. 2018-07-09 not yet calculated CVE-2018-4956
BID
SECTRACK
MISC
adobe — acrobat_and_reader Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011.30079 and earlier, and 2015.006.30417 and earlier have an Out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. 2018-07-09 not yet calculated CVE-2018-4975
BID
SECTRACK
MISC
adobe — acrobat_and_reader Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011.30079 and earlier, and 2015.006.30417 and earlier have a Use-after-free vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user. 2018-07-09 not yet calculated CVE-2018-4974
BID
SECTRACK
MISC
adobe — acrobat_and_reader Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011.30079 and earlier, and 2015.006.30417 and earlier have an Out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. 2018-07-09 not yet calculated CVE-2018-4970
BID
SECTRACK
MISC
adobe — acrobat_and_reader Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011.30079 and earlier, and 2015.006.30417 and earlier have an Out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. 2018-07-09 not yet calculated CVE-2018-4976
BID
SECTRACK
MISC
adobe — acrobat_and_reader Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011.30079 and earlier, and 2015.006.30417 and earlier have an XFA ‘\n’ POST injection vulnerability. Successful exploitation could lead to a security bypass. 2018-07-09 not yet calculated CVE-2018-4995
SECTRACK
MISC
adobe — acrobat_and_reader Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011.30079 and earlier, and 2015.006.30417 and earlier have an Untrusted pointer dereference vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user. 2018-07-09 not yet calculated CVE-2018-4987
BID
SECTRACK
MISC
adobe — acrobat_and_reader Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011.30079 and earlier, and 2015.006.30417 and earlier have a Heap Overflow vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user. 2018-07-09 not yet calculated CVE-2018-4982
BID
SECTRACK
MISC
adobe — acrobat_and_reader Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011.30079 and earlier, and 2015.006.30417 and earlier have a Double Free vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user. 2018-07-09 not yet calculated CVE-2018-4990
BID
SECTRACK
MISC
adobe — acrobat_and_reader
 
Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011.30079 and earlier, and 2015.006.30417 and earlier have a Use-after-free vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user. 2018-07-09 not yet calculated CVE-2018-4959
BID
SECTRACK
MISC
adobe — flash_player Adobe Flash Player versions 29.0.0.171 and earlier have a Stack-based buffer overflow vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user. 2018-07-09 not yet calculated CVE-2018-5002
BID
SECTRACK
REDHAT
MISC
adobe — flash_player Adobe Flash Player versions 29.0.0.171 and earlier have an Out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. 2018-07-09 not yet calculated CVE-2018-5001
BID
SECTRACK
REDHAT
MISC
adobe — flash_player
 
Adobe Flash Player versions 29.0.0.171 and earlier have a Type Confusion vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user. 2018-07-09 not yet calculated CVE-2018-4945
BID
SECTRACK
REDHAT
MISC
adobe — flash_player
 
Adobe Flash Player versions 29.0.0.171 and earlier have an Integer Overflow vulnerability. Successful exploitation could lead to information disclosure. 2018-07-09 not yet calculated CVE-2018-5000
BID
SECTRACK
REDHAT
MISC
adobe — photoshop_cc Adobe Photoshop CC versions 19.1.3 and earlier, 18.1.3 and earlier, and 18.1.2 and earlier have an Out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user. 2018-07-09 not yet calculated CVE-2018-4946
BID
SECTRACK
MISC
ansible — ansible
 
A flaw was found in ansible. ansible.cfg is read from the current working directory which can be altered to make it point to a plugin or a module path under the control of an attacker, thus allowing the attacker to execute arbitrary code. 2018-07-13 not yet calculated CVE-2018-10875
REDHAT
REDHAT
REDHAT
REDHAT
CONFIRM
antenna_house — office_server_document_converter An exploitable out-of-bounds write exists in the Microsoft Word document conversion functionality of the Antenna House Office Server Document Converter version V6.1 Pro MR2 for Linux64 (6,1,2018,0312). A crafted Microsoft Word (DOC) document can lead to an out-of-bounds write, resulting in remote code execution. This vulnerability occurs in the `vbputanld` method. 2018-07-11 not yet calculated CVE-2018-3933
MISC
antenna_house — office_server_document_converter In Antenna House Office Server Document Converter version V6.1 Pro MR2 for Linux64 (6,1,2018,0312), a crafted Microsoft Word (DOC) document can lead to an out-of-bounds write, resulting in remote code execution. This vulnerability occurs in the `putShapeProperty` method. 2018-07-11 not yet calculated CVE-2018-3931
MISC
antenna_house — office_server_document_converter In Antenna House Office Server Document Converter version V6.1 Pro MR2 for Linux64 (6,1,2018,0312), a crafted Microsoft Word (DOC) document can lead to an out-of-bounds write, resulting in remote code execution. This vulnerability occurs in the `vbgetfp` method. 2018-07-11 not yet calculated CVE-2018-3930
MISC
antenna_house — office_server_document_converter An exploitable stack-based buffer overflow exists in the Microsoft Word document conversion functionality of the Antenna House Office Server Document Converter version V6.1 Pro MR2 for Linux64 (6,1,2018,0312). A crafted Microsoft Word (DOC) document can lead to a stack-based buffer overflow, resulting in remote code execution. 2018-07-11 not yet calculated CVE-2018-3932
MISC
antenna_house — office_server_document_converter In Antenna House Office Server Document Converter version V6.1 Pro MR2 for Linux64 (6,1,2018,0312), a crafted Microsoft Word (DOC) document can lead to an out-of-bounds write, resulting in remote code execution. 2018-07-11 not yet calculated CVE-2018-3936
MISC
apache — couchdb
 
Apache CouchDB administrative users can configure the database server via HTTP(S). Due to insufficient validation of administrator-supplied configuration settings via the HTTP API, it is possible for a CouchDB administrator user to escalate their privileges to that of the operating system’s user that CouchDB runs under, by bypassing the blacklist of configuration settings that are not allowed to be modified via the HTTP API. This privilege escalation effectively allows an existing CouchDB admin user to gain arbitrary remote code execution, bypassing already disclosed CVE-2017-12636. Mitigation: All users should upgrade to CouchDB releases 1.7.2 or 2.1.2. 2018-07-11 not yet calculated CVE-2018-8007
MLIST
MLIST
CONFIRM
apache — ldap_api
 
In Apache LDAP API before 1.0.2, a bug in the way the SSL Filter was setup made it possible for another thread to use the connection before the TLS layer has been established, if the connection has already been used and put back in a pool of connections, leading to leaking any information contained in this request (including the credentials when sending a BIND request). 2018-07-10 not yet calculated CVE-2018-1337
MLIST
apache — spark In Apache Spark 1.0.0 to 2.1.2, 2.2.0 to 2.2.1, and 2.3.0, it’s possible for a malicious user to construct a URL pointing to a Spark cluster’s UI’s job and stage info pages, and if a user can be tricked into accessing the URL, can be used to cause script to execute and expose information from the user’s view of the Spark UI. 2018-07-12 not yet calculated CVE-2018-8024
MLIST
CONFIRM
apache — spark
 
In Apache Spark 1.0.0 to 2.1.2, 2.2.0 to 2.2.1, and 2.3.0, when using PySpark or SparkR, it’s possible for a different local user to connect to the Spark application and impersonate the user running the Spark application. 2018-07-12 not yet calculated CVE-2018-1334
MLIST
CONFIRM
apache — storm
 
In Apache Storm 0.10.0 through 0.10.2, 1.0.0 through 1.0.6, 1.1.0 through 1.1.2, and 1.2.0 through 1.2.1, an attacker with access to a secure storm cluster in some cases could execute arbitrary code as a different user. 2018-07-10 not yet calculated CVE-2018-1331
CONFIRM
CONFIRM
MLIST
BID
SECTRACK
asp.net — asp.net
 
A Security Feature Bypass vulnerability exists in ASP.NET when the number of incorrect login attempts is not validated, aka “ASP.NET Security Feature Bypass Vulnerability.” This affects ASP.NET, ASP.NET Core 1.1, ASP.NET Core 1.0, ASP.NET Core 2.0, ASP.NET MVC 5.2. 2018-07-10 not yet calculated CVE-2018-8171
BID
SECTRACK
CONFIRM
asustek — asus_rp-ac52_access_points A command injection vulnerability exists in apply.cgi on the ASUS RP-AC52 access point, firmware version 1.0.1.1s and possibly earlier, web interface specifically in the action_script parameter. The action_script parameter specifies a script to be executed if the action_mode parameter does not contain a valid state. If the input provided by action_script does not match one of the hard coded options, then it will be executed as the argument of either a system() or an eval() call allowing arbitrary commands to be executed. 2018-07-13 not yet calculated CVE-2016-6558
CERT-VN
BID
asustek — asus_rp-ac52_access_points In ASUS RP-AC52 access points with firmware version 1.0.1.1s and possibly earlier, the web interface, the web interface does not sufficiently verify whether a valid request was intentionally provided by the user. An attacker can perform actions with the same permissions as a victim user, provided the victim has an active session and is induced to trigger the malicious request. 2018-07-13 not yet calculated CVE-2016-6557
CERT-VN
BID
atlassian — confluence
 
The attachment resource in Atlassian Confluence before version 6.6.1 allows remote attackers to spoof web content in the Mozilla Firefox Browser through attachments that have a content-type of application/rdf+xml. 2018-07-10 not yet calculated CVE-2018-13389
CONFIRM
atlassian — fisheye_and_crucible The review attachment resource in Atlassian Fisheye and Crucible before version 4.5.3 allows remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability in attached files. 2018-07-10 not yet calculated CVE-2018-13388
BID
CONFIRM
CONFIRM
atlassian — floodlight_controller Atlassian Floodlight Atlassian Floodlight Controller version 1.2 and earlier versions contains a Denial of Service vulnerability in Forwarding module that can result in Improper type cast in Forwarding module allows remote attackers to cause a DoS(thread crash).. This attack appear to be exploitable via network connectivity (Remote attack). 2018-07-09 not yet calculated CVE-2018-1000617
MISC
BID
barco — clickshare_and_base_units An issue was discovered on Barco ClickShare CSE-200 and CS-100 Base Units with firmware before 1.6.0.3. Sending an arbitrary unexpected string to TCP port 7100 respecting a certain frequency timing disconnects all clients and results in a crash of the Unit. 2018-07-10 not yet calculated CVE-2018-10943
CONFIRM
CONFIRM
bento4 — bento4 An issue has been found in Bento4 1.5.1-624. It is a SEGV in AP4_StcoAtom::AdjustChunkOffsets in Core/Ap4StcoAtom.cpp. 2018-07-10 not yet calculated CVE-2018-13847
MISC
bento4 — bento4
 
An issue has been found in Bento4 1.5.1-624. It is a SEGV in AP4_StszAtom::GetSampleSize in Core/Ap4StszAtom.cpp. 2018-07-10 not yet calculated CVE-2018-13848
MISC
bento4 — bento4
 
An issue has been found in Bento4 1.5.1-624. AP4_Mpeg2TsVideoSampleStream::WriteSample in Core/Ap4Mpeg2Ts.cpp has a heap-based buffer over-read. 2018-07-10 not yet calculated CVE-2018-13846
MISC
bmc — intel_product_firmware
 
BMC Firmware in Intel server boards, compute modules, and systems potentially allow an attacker with administrative privileges to make unauthorized read\writes to the SMBUS. 2018-07-10 not yet calculated CVE-2018-3682
CONFIRM
boostnote — boostnote Boostnote v0.11.7 allows XSS during highlighting of Markdown text, as demonstrated by an onerror attribute of an IMG element. 2018-07-08 not yet calculated CVE-2018-13433
MISC
bootstrap — bootstrap In Bootstrap before 4.1.2, XSS is possible in the data-container property of tooltip. 2018-07-13 not yet calculated CVE-2018-14042
MISC
MISC
MISC
MISC
bootstrap — bootstrap
 
In Bootstrap before 4.1.2, XSS is possible in the collapse data-parent attribute. 2018-07-13 not yet calculated CVE-2018-14040
MISC
MISC
MISC
MISC
bootstrap — bootstrap
 
In Bootstrap before 4.1.2, XSS is possible in the data-target property of scrollspy. 2018-07-13 not yet calculated CVE-2018-14041
MISC
MISC
MISC
MISC
catfish — cms
 
Catfish CMS v4.7.9 allows XSS via the admin/Index/write.html editorValue parameter (aka an article posted by an administrator). 2018-07-12 not yet calculated CVE-2018-13999
MISC
catimg — catimg
 
A heap-based buffer overflow exists in stbi__bmp_load_cont in stb_image.h in catimg 2.4.0. 2018-07-09 not yet calculated CVE-2018-13794
MISC
ceph-mon — ceph-mon
 
A flaw was found in the way ceph mon handles user requests. Any authenticated ceph user having read access to ceph can delete, create ceph storage pools and corrupt snapshot images. Ceph branches master, mimic, luminous and jewel are believed to be affected. 2018-07-10 not yet calculated CVE-2018-10861
CONFIRM
REDHAT
REDHAT
CONFIRM
CONFIRM
cephx — cephx A flaw was found in the way signature calculation was handled by cephx authentication protocol. An attacker having access to ceph cluster network who is able to alter the message payload was able to bypass signature checks done by cephx protocol. Ceph branches master, mimic, luminous and jewel are believed to be vulnerable. 2018-07-10 not yet calculated CVE-2018-1129
CONFIRM
REDHAT
REDHAT
CONFIRM
CONFIRM
cephx — cephx
 
It was found that cephx authentication protocol did not verify ceph clients correctly and was vulnerable to replay attack. Any attacker having access to ceph cluster network who is able to sniff packets on network can use this vulnerability to authenticate with ceph service and perform actions allowed by ceph service. Ceph branches master, mimic, luminous and jewel are believed to be vulnerable. 2018-07-10 not yet calculated CVE-2018-1128
CONFIRM
REDHAT
REDHAT
CONFIRM
CONFIRM
clippercms — clippercms
 
ClipperCMS 1.3.3 has stored XSS via the Full Name field of (1) Security -> Manager Users or (2) Security -> Web Users. 2018-07-12 not yet calculated CVE-2018-13998
MISC

cloud_foundry — cloud_foundry

Applications deployed to Cloud Foundry, versions v166 through v227, may be vulnerable to a remote disclosure of information, including, but not limited to environment variables and bound service details. For applications to be vulnerable, they must have been staged using automatic buildpack detection, passed through the Java Buildpack detection script, and allow the serving of static content from within the deployed artifact. The default Apache Tomcat configuration in the affected java buildpack versions for some basic web application archive (WAR) packaged applications are vulnerable to this issue. 2018-07-11 not yet calculated CVE-2016-0708
CONFIRM
cmft — cmft
 
An issue was discovered in cmft through 2017-09-24. The cmft::rwReadFile function in image.cpp allows remote attackers to cause a denial of service (stack-based buffer overflow and application crash) or possibly have unspecified other impact. 2018-07-10 not yet calculated CVE-2018-13833
MISC
MISC
codelathe — filecloud CodeLathe FileCloud, version 13.0.0.32841 and earlier, contains a global cross-site request forgery (CSRF) vulnerability. An attacker can perform actions with the same permissions as a victim user, provided the victim has an active session and is induced to trigger the malicious request. 2018-07-13 not yet calculated CVE-2016-6578
BID
CERT-VN
codiad — codiad
 
Codiad through 2.8.4 allows Remote Code Execution, a different vulnerability than CVE-2017-11366 and CVE-2017-15689. 2018-07-12 not yet calculated CVE-2018-14009
MISC
MISC
concrete5 — concrete5
 
A Server Side Request Forgery (SSRF) vulnerability in tools/files/importers/remote.php in concrete5 8.2.0 can lead to attacks on the local network and mapping of the internal network, because of URL functionality on the File Manager page. 2018-07-09 not yet calculated CVE-2018-13790
MISC
creatiwity — witycms CSRF vulnerability in admin/user/edit in Creatiwity wityCMS 0.6.2 allows an attacker to take over a user account, as demonstrated by modifying the account’s email field. 2018-07-12 not yet calculated CVE-2018-14029
MISC
crestron — airmedia_am-100_and_am-101_devices Cross-site scripting (XSS) vulnerability in Crestron Airmedia AM-100 devices with firmware before 1.6.0 and AM-101 devices with firmware before 2.7.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. 2018-07-11 not yet calculated CVE-2017-16710
CONFIRM
crestron — airmedia_am-100_and_am-101_devices Crestron Airmedia AM-100 devices with firmware before 1.6.0 and AM-101 devices with firmware before 2.7.0 allows remote authenticated administrators to execute arbitrary code via unspecified vectors. 2018-07-11 not yet calculated CVE-2017-16709
CONFIRM
crestron — digital_graphics_engine The Crestron Console service running on DGE-100, DM-DGE-200-C, and TS-1542-C devices with default configuration and running firmware versions 1.3384.00049.001 and lower are vulnerable to command injection that can be used to gain root-level access. 2018-07-10 not yet calculated CVE-2018-5553
MISC
CONFIRM
curl — curl
 
Curl_smtp_escape_eob in lib/smtp.c in curl before 7.61.0 has a heap-based buffer overflow that might be exploitable by an attacker who can control the data that curl transmits over SMTP with certain settings (i.e., use of a nonstandard –limit-rate argument or CURLOPT_BUFFERSIZE value). 2018-07-11 not yet calculated CVE-2018-0500
SECTRACK
CONFIRM
CONFIRM
UBUNTU
d-link_systems — dir_routers Processing malformed SOAP messages when performing the HNAP Login action causes a buffer overflow in the stack in some D-Link DIR routers. The vulnerable XML fields within the SOAP body are: Action, Username, LoginPassword, and Captcha. The following products are affected: DIR-823, DIR-822, DIR-818L(W), DIR-895L, DIR-890L, DIR-885L, DIR-880L, DIR-868L, and DIR-850L. 2018-07-13 not yet calculated CVE-2016-6563
FULLDISC
BID
EXPLOIT-DB
CERT-VN
dolibarr — dolibarr SQL injection vulnerability in product/card.php in Dolibarr ERP/CRM version 7.0.3 allows remote attackers to execute arbitrary SQL commands via the country_id parameter. 2018-07-08 not yet calculated CVE-2018-13448
MISC
dolibarr — dolibarr SQL injection vulnerability in product/card.php in Dolibarr ERP/CRM version 7.0.3 allows remote attackers to execute arbitrary SQL commands via the statut_buy parameter. 2018-07-08 not yet calculated CVE-2018-13449
MISC
dolibarr — dolibarr
 
SQL injection vulnerability in product/card.php in Dolibarr ERP/CRM version 7.0.3 allows remote attackers to execute arbitrary SQL commands via the statut parameter. 2018-07-08 not yet calculated CVE-2018-13447
MISC
dolibarr — dolibarr
 
SQL injection vulnerability in product/card.php in Dolibarr ERP/CRM version 7.0.3 allows remote attackers to execute arbitrary SQL commands via the status_batch parameter. 2018-07-08 not yet calculated CVE-2018-13450
MISC
doorkeeper — doorkeeper
 
Doorkeeper version 4.2.0 and later contains a Incorrect Access Control vulnerability in Token revocation API’s authorized method that can result in Access tokens are not revoked for public OAuth apps, leaking access until expiry. 2018-07-13 not yet calculated CVE-2018-1000211
CONFIRM
CONFIRM
dspace — dspace
 
The XMLUI feature in DSpace before 3.6, 4.x before 4.5, and 5.x before 5.5 allows directory traversal via the themes/ path in an attack with two or more arbitrary characters and a colon before a pathname, as demonstrated by a themes/Reference/aa:etc/passwd URI. 2018-07-10 not yet calculated CVE-2016-10726
MISC
MISC
MISC
eaton — 9000x_drivea
 
Eaton 9000X DriveA versions 2.0.29 and prior has a stack-based buffer overflow vulnerability, which may allow remote code execution. 2018-07-13 not yet calculated CVE-2018-8847
MISC
BID
MISC
eclipse — vert.x In version from 3.0.0 to 3.5.2 of Eclipse Vert.x, the CSRFHandler do not assert that the XSRF Cookie matches the returned XSRF header/form parameter. This allows replay attacks with previously issued tokens which are not expired yet. 2018-07-12 not yet calculated CVE-2018-12540
CONFIRM
elo — eloenterprise_and_eloprofessional There is a time-based blind SQL injection vulnerability in the Access Manager component before 9.18.040 and 10.x before 10.18.040 in ELO ELOenterprise 9 and 10 and ELOprofessional 9 and 10 that makes it possible to read all database content. The vulnerability exists in the ticket HTTP GET parameter. For example, one can succeed in reading the password hash of the administrator user in the “userdata” table from the “eloam” database. 2018-07-11 not yet calculated CVE-2018-10197
FULLDISC
eosio/eos — eosio/eos EOSIO/eos eos version after commit f1545dd0ae2b77580c2236fdb70ae7138d2c7168 contains a stack overflow vulnerability in abi_serializer that can result in attack eos network node. This attack appear to be exploitable via network request. This vulnerability appears to have been fixed in after commit cf7209e703e6d3f7a5413e0cb1fe88a4d8e4b38d . 2018-07-09 not yet calculated CVE-2018-1000618
CONFIRM
epubcheck — epubcheck EpubCheck 4.0.1 does not properly restrict resolving external entities when parsing XML in EPUB files during validation. An attacker who supplies a specially crafted EPUB file may be able to exploit this behavior to read arbitrary files, or have the victim execute arbitrary requests on his behalf, abusing the victim’s trust relationship with other entities. 2018-07-13 not yet calculated CVE-2016-9487
CERT-VN
BID
eran_hammer — cryptiles Eran Hammer cryptiles version 4.1.1 earlier contains a CWE-331: Insufficient Entropy vulnerability in randomDigits() method that can result in An attacker is more likely to be able to brute force something that was supposed to be random.. This attack appear to be exploitable via Depends upon the calling application.. This vulnerability appears to have been fixed in 4.1.2. 2018-07-09 not yet calculated CVE-2018-1000620
CONFIRM
ethereum — ablgenesistoken The mintToken function of a smart contract implementation for ABLGenesisToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13741
MISC
MISC
ethereum — airdroppercryptics_token The mintToken function of a smart contract implementation for AirdropperCryptics, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13623
MISC
MISC
ethereum — aluxtoken The mintToken function of a smart contract implementation for ALUXToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13533
MISC
MISC
ethereum — aman_token The mintToken function of a smart contract implementation for aman, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13515
MISC
MISC
ethereum — amtoken The mintToken function of a smart contract implementation for AMToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13600
MISC
MISC
ethereum — anovabace_token
 
The mintToken function of a smart contract implementation for AnovaBace, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13737
MISC
MISC
ethereum — antoken The mintToken function of a smart contract implementation for Antoken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13720
MISC
MISC
ethereum — app_token The mintToken function of a smart contract implementation for APP, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13661
MISC
MISC

ethereum — appletoken

The mintToken function of a smart contract implementation for AppleToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13776
MISC
MISC
ethereum — archain_token The mintToken function of a smart contract implementation for ARChain, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13606
MISC
MISC
ethereum — archercoin_token The mintToken function of a smart contract implementation for archercoin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13608
MISC
MISC
ethereum — azttoken The mintToken function of a smart contract implementation for AZTToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13734
MISC
MISC
ethereum — bcaas_token The mintToken function of a smart contract implementation for BCaaS, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13665
MISC
MISC
ethereum — bcxss_token The mintToken function of a smart contract implementation for Bcxss, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13539
MISC
MISC
ethereum — betterthanadrien_token The mintToken function of a smart contract implementation for BetterThanAdrien, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13529
MISC
MISC
ethereum — beyondcashtoken The mintToken function of a smart contract implementation for BeyondCashToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13471
MISC
MISC
ethereum — bgamecoin_token The mintToken function of a smart contract implementation for Bgamecoin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13551
MISC
MISC
ethereum — bgc_token The mintToken function of a smart contract implementation for BGC, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13648
MISC
MISC
ethereum — bigcadvancedtoken The mintToken function of a smart contract implementation for BIGCAdvancedToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13759
MISC
MISC
ethereum — billionrewardstoken The mint function of a smart contract implementation for BillionRewardsToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13660
MISC
MISC
ethereum — biqutoken The mintToken function of a smart contract implementation for BiquToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13764
MISC
MISC
ethereum — bitcoinagiletoken The mintToken function of a smart contract implementation for BitcoinAgileToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13485
MISC
MISC
ethereum — bitedutoken The mintToken function of a smart contract implementation for BiteduToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13719
MISC
MISC
ethereum — bitmaxertoken The mintToken function of a smart contract implementation for BitmaxerToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13650
MISC
MISC
ethereum — bitpark_token
 
The mintToken function of a smart contract implementation for Bitpark, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13638
MISC
MISC
ethereum — bitstarti_token The mintToken function of a smart contract implementation for Bitstarti, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13774
MISC
MISC
ethereum — bitstore_token The mintToken function of a smart contract implementation for BitStore, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13595
MISC
MISC
ethereum — bmvcoin_token The mintToken function of a smart contract implementation for BMVCoin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13562
MISC
MISC
ethereum — bpstoken The mintToken function of a smart contract implementation for BpsToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13715
MISC
MISC
ethereum — briancoin_token The mintToken function of a smart contract implementation for BrianCoin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13659
MISC
MISC
ethereum — briant2token The mintToken function of a smart contract implementation for Briant2Token, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13603
MISC
MISC
ethereum — bsctoken The mintToken function of a smart contract implementation for BSCToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13663
MISC
MISC
ethereum — btpcoin_token The mintToken function of a smart contract implementation for BTPCoin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13668
MISC
MISC
ethereum — buyertoken The mintToken function of a smart contract implementation for BuyerToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13470
MISC
MISC
ethereum — buytoken The mintToken function of a smart contract implementation for Order (ETH) (Contract Name: BuyToken), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13708
MISC
MISC
ethereum — c3_token The mintToken function of a smart contract implementation for C3 Token (C3), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13517
MISC
MISC
ethereum — captoz_token The mintToken function of a smart contract implementation for CAPTOZ, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13617
MISC
MISC
ethereum — cardfactory_token The mintToken function of a smart contract implementation for CardFactory, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13594
MISC
MISC
ethereum — cardtoken The mintToken function of a smart contract implementation for CardToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13593
MISC
MISC
ethereum — carrot_token The mintToken function of a smart contract implementation for Carrot, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13491
MISC
MISC
ethereum — cartoken The mintToken function of a smart contract implementation for CarToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13748
MISC
MISC
ethereum — cavecoin_token The mintToken function of a smart contract implementation for Cavecoin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13468
MISC
MISC
ethereum — cbrtoken The mintToken function of a smart contract implementation for CBRToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13484
MISC
MISC
ethereum — ccash_token The mintToken function of a smart contract implementation for CCASH, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13546
MISC
MISC
ethereum — cdcurrency_token The mintToken function of a smart contract implementation for CDcurrency, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13611
MISC
MISC
ethereum — cerb_coin_token The mintToken function of a smart contract implementation for CERB_Coin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13703
MISC
MISC
ethereum — cgctoken The mintToken function of a smart contract implementation for CGCToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13778
MISC
MISC
ethereum — cherrycoin_token The mintToken function of a smart contract implementation for CHERRYCOIN, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13585
MISC
MISC
ethereum — cherrycoinfoundation_token The mintToken function of a smart contract implementation for CherryCoinFoundation, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13756
MISC
MISC
ethereum — cikkacoin_token The mintToken function of a smart contract implementation for CikkaCoin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13637
MISC
MISC
ethereum — cjxtoken The mintToken function of a smart contract implementation for CJXToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13689
MISC
MISC
ethereum — cloutoken The mint function of a smart contract implementation for CloutToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13472
MISC
MISC
ethereum — cm_token The mintToken function of a smart contract implementation for CM, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13714
MISC
MISC
ethereum — co2bit_token The mintToken function of a smart contract implementation for Co2Bit, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13565
MISC
MISC
ethereum — cobtoken The mintToken function of a smart contract implementation for COBToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13497
MISC
MISC
ethereum — code47_token The mintToken function of a smart contract implementation for Code47 (C47), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13588
MISC
MISC
ethereum — coinquer_token The mintToken function of a smart contract implementation for Coinquer, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13757
MISC
MISC
ethereum — combilladvancedtoken The mintToken function of a smart contract implementation for ComBillAdvancedToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13674
MISC
MISC
ethereum — con0217_token The mintToken function of a smart contract implementation for CON0217, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13613
MISC
MISC
ethereum — coquinho_coin_token The mintToken function of a smart contract implementation for Coquinho Coin (CQNC) (Contract Name: CoquinhoERC20), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13550
MISC
MISC
ethereum — corellicoin_token The mintToken function of a smart contract implementation for CorelliCoin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13511
MISC
MISC
ethereum — cornerstone_token The mintToken function of a smart contract implementation for Cornerstone, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13767
MISC
MISC
ethereum — cosmotokenerc20_token The mintToken function of a smart contract implementation for COSMOTokenERC20, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13556
MISC
MISC
ethereum — crimsonshilling_token The mintToken function of a smart contract implementation for CrimsonShilling, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13629
MISC
MISC
ethereum — crowdnext_token The mintToken function of a smart contract implementation for Crowdnext (CNX), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13744
MISC
MISC
ethereum — crowdsale_token The mintToken function of a smart contract implementation for Crowdsale, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13499
MISC
MISC
ethereum — crypto_alley_shares_token The mintToken function of a smart contract implementation for Crypto Alley Shares (CAST), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13488
MISC
MISC
ethereum — cryptoleu_token The mintToken function of a smart contract implementation for CryptoLeu, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13541
MISC
MISC
ethereum — cryptosistoken The mintToken function of a smart contract implementation for CryptosisToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13754
MISC
MISC
ethereum — crystals_token The mintToken function of a smart contract implementation for Crystals, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13466
MISC
MISC
ethereum — csatoken The mintToken function of a smart contract implementation for CSAToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13609
MISC
MISC
ethereum — ctesale_token The mintToken function of a smart contract implementation for CTESale, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13477
MISC
MISC
ethereum — ctest7_token The mint function of a smart contract implementation for CTest7, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13695
MISC
MISC
ethereum — cws_token
 
The mintToken function of a smart contract implementation for CWS, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13664
MISC
MISC
ethereum — daddytoken The mintToken function of a smart contract implementation for DaddyToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13493
MISC
MISC
ethereum — databits_token The mintToken function of a smart contract implementation for Databits, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13711
MISC
MISC
ethereum — datashieldcoin_token The mintToken function of a smart contract implementation for DataShieldCoin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13574
MISC
MISC
ethereum — datiac_token The mintToken function of a smart contract implementation for Datiac, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13646
MISC
MISC
ethereum — dectoken The mintToken function of a smart contract implementation for DECToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13587
MISC
MISC
ethereum — deploy_token The mintToken function of a smart contract implementation for Deploy, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13649
MISC
MISC
ethereum — destineed_token The mintToken function of a smart contract implementation for DestiNeed (DSN), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13699
MISC
MISC
ethereum — deweisecurityservicetoken The mintToken function of a smart contract implementation for DeWeiSecurityServiceToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13753
MISC
MISC
ethereum — dhacoin_token The mintToken function of a smart contract implementation for DhaCoin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13528
MISC
MISC
ethereum — digitalcloudtoken The mint function of a smart contract implementation for DigitalCloudToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13519
MISC
MISC
ethereum — dinsteincoin_token The mintToken function of a smart contract implementation for DinsteinCoin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13671
MISC
MISC
ethereum — dmptoken The mintToken function of a smart contract implementation for DMPToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13478
MISC
MISC
ethereum — doccoin_token The mintToken function of a smart contract implementation for doccoin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13631
MISC
MISC
ethereum — doccoinpreico_token The mintToken function of a smart contract implementation for DoccoinPreICO, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13630
MISC
MISC
ethereum — dopnetwork_token The mintToken function of a smart contract implementation for dopnetwork, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13739
MISC
MISC
ethereum — eastcoin_token The mintToken function of a smart contract implementation for Eastcoin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13727
MISC
MISC
ethereum — easticoin_token The mintToken function of a smart contract implementation for Easticoin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13766
MISC
MISC
ethereum — ecogreenhouse_token The mintToken function of a smart contract implementation for ecogreenhouse, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13505
MISC
MISC
ethereum — eddtoken The mintToken function of a smart contract implementation for eddToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13704
MISC
MISC
ethereum — elearningcoinerc_token The mintToken function of a smart contract implementation for ELearningCoinERC, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13736
MISC
MISC
ethereum — elevatecoin_token The mintToken function of a smart contract implementation for ElevateCoin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13527
MISC
MISC
ethereum — enter_token The mintToken function of a smart contract implementation for ENTER (ENTR) (Contract Name: EnterToken), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13735
MISC
MISC
ethereum — entercoin_token The mintToken function of a smart contract implementation for ENTER (ENTR) (Contract Name: EnterCoin), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13782
MISC
MISC
ethereum — epiphanycoin_token The mintToken function of a smart contract implementation for EpiphanyCoin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13467
MISC
MISC
ethereum — erc20_ico_token The mintToken function of a smart contract implementation for ERC20_ICO, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13536
MISC
MISC
ethereum — eristicaico_token The mintToken function of a smart contract implementation for EristicaICO, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13666
MISC
MISC
ethereum — escut_token The mintToken function of a smart contract implementation for Escut (ESCT) (Contract Name: JuntsPerCreixer), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13576
MISC
MISC
ethereum — esh_token The mintToken function of a smart contract implementation for ESH, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13780
MISC
MISC
ethereum — esportz_token The mintToken function of a smart contract implementation for esportz, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13514
MISC
MISC
ethereum — essence_token The mintToken function of a smart contract implementation for Essence, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13702
MISC
MISC
ethereum — eststoken The mintToken function of a smart contract implementation for ESTSToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13654
MISC
MISC
ethereum — eth033_token The mintToken function of a smart contract implementation for YourCoin (ICO) (Contract Name: ETH033), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13561
MISC
MISC
ethereum — ethercash_token The mintToken function of a smart contract implementation for ETHERCASH (ETC), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13482
MISC
MISC
ethereum — ethereumlegit_token
 
The mintToken function of a smart contract implementation for EthereumLegit, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13537
MISC
MISC
ethereum — ethereumsmart_token The mintToken function of a smart contract implementation for EthereumSmart, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13640
MISC
MISC
ethereum — exacorecontract_token The mintToken function of a smart contract implementation for ExacoreContract, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13771
MISC
MISC
ethereum — exgroup_token The mintToken function of a smart contract implementation for EXGROUP, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13522
MISC
MISC
ethereum — exsulcoin_token The mintToken function of a smart contract implementation for exsulcoin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13683
MISC
MISC
ethereum — extremetoken The mintToken function of a smart contract implementation for Extreme Coin (XT) (Contract Name: ExtremeToken), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13605
MISC
MISC
ethereum — fanschaintoken The mintToken function of a smart contract implementation for FansChainToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13474
MISC
MISC
ethereum — film_token The mintToken function of a smart contract implementation for FILM, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13490
MISC
MISC
ethereum — finaltoken The mintToken function of a smart contract implementation for FinalToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13749
MISC
MISC
ethereum — fiocoin_token The mintToken function of a smart contract implementation for Fiocoin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13645
MISC
MISC
ethereum — flow_token The mintToken function of a smart contract implementation for Flow, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13525
MISC
MISC
ethereum — forevercoin_token The mintToken function of a smart contract implementation for ForeverCoin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13579
MISC
MISC
ethereum — futurxe_token The mintToken function of a smart contract implementation for FuturXe, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13718
MISC
MISC
ethereum — galacticx_token The mintToken function of a smart contract implementation for GalacticX, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13601
MISC
MISC
ethereum — galaxycoin_token The mintToken function of a smart contract implementation for GalaxyCoin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13578
MISC
MISC
ethereum — gatcoin_token The mintToken function of a smart contract implementation for GATcoin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13564
MISC
MISC
ethereum — gcrtokenerc210_token The mintToken function of a smart contract implementation for GCRTokenERC20, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13643
MISC
MISC
ethereum — gemstonetoken The mintToken function of a smart contract implementation for GemstoneToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13543
MISC
MISC
ethereum — gfc_token The mintToken function of a smart contract implementation for GFC, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13655
MISC
MISC
ethereum — gfcb_token The mintToken function of a smart contract implementation for GFCB, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13670
MISC
MISC
ethereum — globalsupergametoken The mintToken function of a smart contract implementation for GlobalSuperGameToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13725
MISC
MISC
ethereum — globecoin_token An integer overflow vulnerability exists in the function transfer_tokens_after_ICO of GlobeCoin (GLB), an Ethereum token smart contract. An attacker could use it to set any user’s balance. 2018-07-12 not yet calculated CVE-2018-14004
MISC
MISC
ethereum — gmile_token The mintToken function of a smart contract implementation for GMile, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13694
MISC
MISC
ethereum — goldtokenerc20_token The mintToken function of a smart contract implementation for GoldTokenERC20, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13673
MISC
MISC
ethereum — gomineworld_token The mintToken function of a smart contract implementation for GoMineWorld, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13721
MISC
MISC
ethereum — goochain_token The mintToken function of a smart contract implementation for Goochain, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13677
MISC
MISC
ethereum — goramcoin_token The mintToken function of a smart contract implementation for GoramCoin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13571
MISC
MISC
ethereum — greenenergytoken The mintToken function of a smart contract implementation for GreenEnergyToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13693
MISC
MISC
ethereum — gsi_token The mintToken function of a smart contract implementation for GSI, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13540
MISC
MISC
ethereum — hashshield_token The mintToken function of a smart contract implementation for HashShield, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13545
MISC
MISC
ethereum — hbcm_token The mintToken function of a smart contract implementation for HBCM, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13635
MISC
MISC
ethereum — heliumnetwork_token The mintToken function of a smart contract implementation for HeliumNetwork, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13502
MISC
MISC
ethereum — help_token The mintToken function of a smart contract implementation for HELP, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13486
MISC
MISC
ethereum — hey_token The mintToken function of a smart contract implementation for HEY, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13730
MISC
MISC
ethereum — hittoken The mintToken function of a smart contract implementation for HitToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13569
MISC
MISC
ethereum — hormitechtoken The mintToken function of a smart contract implementation for HormitechToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13717
MISC
MISC
ethereum — hrwtoken The mintToken function of a smart contract implementation for HRWtoken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13501
MISC
MISC
ethereum — huntercoin_token The mintToken function of a smart contract implementation for HunterCoin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13530
MISC
MISC
ethereum — hyipcrowdsale1_token The mint function of a smart contract implementation for HYIPCrowdsale1, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13724
MISC
MISC
ethereum — hyiptoken The mint function of a smart contract implementation for HYIPToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13722
MISC
MISC
ethereum — iamrich_token The mintToken function of a smart contract implementation for IamRich, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13509
MISC
MISC
ethereum — ico_dollar_token The mintToken function of a smart contract implementation for ICO Dollar (ICOD), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13686
MISC
MISC
ethereum — icocontract_token The mintToken function of a smart contract implementation for IcoContract, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13469
MISC
MISC
ethereum — ideacoin_token The mintToken function of a smart contract implementation for IdeaCoin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13706
MISC
MISC
ethereum — instacocoa_token The mintToken function of a smart contract implementation for Instacocoa, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13690
MISC
MISC
ethereum — ioct_coin_token The mintToken function of a smart contract implementation for IOCT_Coin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13616
MISC
MISC
ethereum — ipmcoin_token The mintToken function of a smart contract implementation for IPMCoin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13700
MISC
MISC
ethereum — ipshoots_token The mintToken function of a smart contract implementation for ipshoots, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13653
MISC
MISC
ethereum — iseevoicetoken The mintToken function of a smart contract implementation for ISeeVoiceToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13726
MISC
MISC
ethereum — jaxbox_token The mintToken function of a smart contract implementation for JaxBox, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13555
MISC
MISC
ethereum — jeanstoken The mintToken function of a smart contract implementation for JeansToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13769
MISC
MISC
ethereum — jiucaitoken The mintToken function of a smart contract implementation for JiucaiToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13783
MISC
MISC
ethereum — jixocoin_token The mintToken function of a smart contract implementation for JixoCoin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13728
MISC
MISC
ethereum — jpmd100b_token The mintToken function of a smart contract implementation for JPMD100B, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13729
MISC
MISC
ethereum — justwallet_token The mintToken function of a smart contract implementation for JustWallet, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13751
MISC
MISC
ethereum — kapaycoin_token The mintToken function of a smart contract implementation for KAPAYcoin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13498
MISC
MISC
ethereum — kapcoin_token The mintToken function of a smart contract implementation for KAPcoin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13591
MISC
MISC
ethereum — kbit_token The mintToken function of a smart contract implementation for kBit, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13746
MISC
MISC
ethereum — kelvintoken The mintToken function of a smart contract implementation for KelvinToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13560
MISC
MISC
ethereum — kissme_token The mintToken function of a smart contract implementation for KissMe, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13701
MISC
MISC
ethereum — kktestcoin1_token The mint function of a smart contract implementation for kkTestCoin1 (KTC1), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13570
MISC
MISC
ethereum — kmctoken The mintToken function of a smart contract implementation for KMCToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13495
MISC
MISC
ethereum — krown_token The mintlvlToken function of a smart contract implementation for Krown, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13625
MISC
MISC
ethereum — landcoin_token The mintToken function of a smart contract implementation for LandCoin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13765
MISC
MISC
ethereum — lexittoken The mintToken function of a smart contract implementation for LexitToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13680
MISC
MISC
ethereum — lolicoin_token The mintToken function of a smart contract implementation for LoliCoin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13758
MISC
MISC
ethereum — lottery_token The mintToken function of a smart contract implementation for Lottery, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13678
MISC
MISC
ethereum — malaysia_coins_token An integer overflow vulnerability exists in the function transferAny of Malaysia coins (Xmc), an Ethereum token smart contract. An attacker could use it to set any user’s balance. 2018-07-12 not yet calculated CVE-2018-14005
MISC
MISC
ethereum — malltoken The mintToken function of a smart contract implementation for MallToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13688
MISC
MISC
ethereum — martcoin_token The mintToken function of a smart contract implementation for Martcoin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13633
MISC
MISC
ethereum — mavcash_token The mintToken function of a smart contract implementation for MAVCash, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13614
MISC
MISC
ethereum — maxhouse_token The mintToken function of a smart contract implementation for MaxHouse, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13531
MISC
MISC
ethereum — mediacubetoken The mintToken function of a smart contract implementation for MediaCubeToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13634
MISC
MISC
ethereum — medicayunlink_token The mintToken function of a smart contract implementation for MedicayunLink, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13610
MISC
MISC
ethereum — mehditazitoken The mintToken function of a smart contract implementation for MehdiTAZIToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13692
MISC
MISC
ethereum — micoinnetworktoken The mintToken function of a smart contract implementation for MicoinNetworkToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13651
MISC
MISC
ethereum — micointoken The mintToken function of a smart contract implementation for MicoinToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13619
MISC
MISC
ethereum — micro_btc_token The mintToken function of a smart contract implementation for Micro BTC (MBTC), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13553
MISC
MISC
ethereum — mimicoin_token The mintToken function of a smart contract implementation for Mimicoin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13548
MISC
MISC
ethereum — mindexcoin_token The mintToken function of a smart contract implementation for Mindexcoin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13532
MISC
MISC
ethereum — miningtoken The mint function of a smart contract implementation for MiningToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13602
MISC
MISC
ethereum — mjctoken The mintToken function of a smart contract implementation for MJCToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13615
MISC
MISC
ethereum — mjolnir_token The mintToken function of a smart contract implementation for Mjolnir, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13710
MISC
MISC
ethereum — mkethtoken The mintToken function of a smart contract implementation for mkethToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13483
MISC
MISC
ethereum — mktcoin_token The mintToken function of a smart contract implementation for MktCoin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13568
MISC
MISC
ethereum — mmcoin_token The mintToken function of a smart contract implementation for MMCoin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13504
MISC
MISC
ethereum — momentumtoken The mintToken function of a smart contract implementation for MomentumToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13628
MISC
MISC
ethereum — moneychainnet_token The mintToken function of a smart contract implementation for MoneyChainNet (MCN), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13760
MISC
MISC
ethereum — moneytree_token The mintToken function of a smart contract implementation for MoneyTree (TREE), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13554
MISC
MISC
ethereum — mooadvtoken The mintToken function of a smart contract implementation for MooAdvToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13589
MISC
MISC
ethereum — moontoken The mintToken function of a smart contract implementation for MoonToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13462
MISC
MISC
ethereum — mp3_coin_token An integer overflow vulnerability exists in the function distribute of MP3 Coin (MP3), an Ethereum token smart contract. An attacker could use it to set any user’s balance. 2018-07-12 not yet calculated CVE-2018-14002
MISC
MISC
ethereum — msxadvanced_token The mintToken function of a smart contract implementation for MSXAdvanced, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13500
MISC
MISC
ethereum — mvgcoin_token The mintToken function of a smart contract implementation for MVGcoin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13641
MISC
MISC
ethereum — my2token The mintToken function of a smart contract implementation for My2Token, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13582
MISC
MISC
ethereum — myoffer_token The mintToken function of a smart contract implementation for MyOffer, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13627
MISC
MISC
ethereum — myylc_token The mintToken function of a smart contract implementation for MyYLC, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13781
MISC
MISC
ethereum — naga_token The mintToken function of a smart contract implementation for naga, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13492
MISC
MISC
ethereum — ncu_token The mintToken function of a smart contract implementation for NCU, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13669
MISC
MISC
ethereum — nectar_token The mintToken function of a smart contract implementation for Nectar (NCTR), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13586
MISC
MISC
ethereum — neo_genesis_token An integer overflow vulnerability exists in the function multipleTransfer of Neo Genesis Token (NGT), an Ethereum token smart contract. An attacker could use it to set any user’s balance. 2018-07-12 not yet calculated CVE-2018-14006
MISC
MISC
ethereum — netkilleradvancedtokenairdrop_token The mintToken function of a smart contract implementation for NetkillerAdvancedTokenAirDrop, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13761
MISC
MISC
ethereum — netkillertoken The mintToken function of a smart contract implementation for Enterprise Token Ecosystem (ETE) (Contract Name: NetkillerToken), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13773
MISC
MISC
ethereum — neurotoken The mintToken function of a smart contract implementation for NeuroToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13549
MISC
MISC
ethereum — nexpara_token The mintToken function of a smart contract implementation for NEXPARA, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13632
MISC
MISC
ethereum — normikaivo_token The mintToken function of a smart contract implementation for normikaivo, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13687
MISC
MISC
ethereum — numisma_token The mintToken function of a smart contract implementation for Numisma, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13544
MISC
MISC
ethereum — objecttoken The mintToken function of a smart contract implementation for ObjectToken (OBJ), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13622
MISC
MISC
ethereum — obtcoin_token The mintToken function of a smart contract implementation for OBTCoin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13672
MISC
MISC
ethereum — ohni_2_token The mintToken function of a smart contract implementation for ohni_2 (OHNI), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13473
MISC
MISC
ethereum — olliscoin_token The mintToken function of a smart contract implementation for OllisCoin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13489
MISC
MISC
ethereum — onechain_token The mintToken function of a smart contract implementation for OneChain, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13740
MISC
MISC
ethereum — orderbook_presale_token The mintToken function of a smart contract implementation for Orderbook Presale Token (OBP), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13676
MISC
MISC
ethereum — otakutoken The mintToken function of a smart contract implementation for OTAKUToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13755
MISC
MISC
ethereum — paccoin_token The mintToken function of a smart contract implementation for PACCOIN, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13535
MISC
MISC
ethereum — paulycoin_token The mintToken function of a smart contract implementation for PaulyCoin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13465
MISC
MISC
ethereum — pelocointoken The mintToken function of a smart contract implementation for PELOCoinToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13738
MISC
MISC
ethereum — pgm_coin_token The mintToken function of a smart contract implementation for PGM_Coin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13572
MISC
MISC
ethereum — philcoin_token The mintToken function of a smart contract implementation for PhilCoin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13476
MISC
MISC
ethereum — pinkytoken The mintToken function of a smart contract implementation for PinkyToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13521
MISC
MISC
ethereum — platotoken The mintToken function of a smart contract implementation for PlatoToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13487
MISC
MISC
ethereum — play2livepromo_token The mintTokens function of a smart contract implementation for Play2LivePromo, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13698
MISC
MISC
ethereum — pmet_token The mintToken function of a smart contract implementation for PMET, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13712
MISC
MISC
ethereum — pmhtoken The mintToken function of a smart contract implementation for PMHToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13705
MISC
MISC
ethereum — porncoin_token The mintToken function of a smart contract implementation for PornCoin (PRNC), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13524
MISC
MISC
ethereum — projectj_token The mintToken function of a smart contract implementation for ProjectJ, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13733
MISC
MISC
ethereum — providence_crypto_casino_token The mintToken function of a smart contract implementation for Providence Crypto Casino (PVE) (Contract Name: ProvidenceCasinoToken), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13547
MISC
MISC
ethereum — providencecasino_token The mintToken function of a smart contract implementation for ProvidenceCasino (PVE), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13580
MISC
MISC
ethereum — qrg_token The mintToken function of a smart contract implementation for QRG, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13480
MISC
MISC
ethereum — rajtest_token The mintToken function of a smart contract implementation for RajTest, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13592
MISC
MISC
ethereum — rajtestico_token The mintToken function of a smart contract implementation for RajTestICO, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13496
MISC
MISC
ethereum — rckt_coin_token The mintToken function of a smart contract implementation for RCKT_Coin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13775
MISC
MISC
ethereum — redticket_token The mintToken function of a smart contract implementation for RedTicket, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13696
MISC
MISC
ethereum — remicoin_token An wrong logical check identified in the transferFrom function of a smart contract implementation for RemiCoin (RMC), an Ethereum ERC20 token, allows the attacker to steal tokens or conduct resultant integer underflow attacks. 2018-07-10 not yet calculated CVE-2018-12230
MISC
ethereum — residualshare_token The mintToken function of a smart contract implementation for ResidualShare, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13607
MISC
MISC
ethereum — residualvalue_token The mintToken function of a smart contract implementation for ResidualValue, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13599
MISC
MISC
ethereum — retntoken The mintToken function of a smart contract implementation for RETNToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13566
MISC
MISC
ethereum — rhovit_token The mintToken function of a smart contract implementation for rhovit, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13558
MISC
MISC
ethereum — rice_token The mintToken function of a smart contract implementation for Rice, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13657
MISC
MISC
ethereum — richiumtoken The mintToken function of a smart contract implementation for RichiumToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13750
MISC
MISC
ethereum — riptidecoin_token The mintToken function of a smart contract implementation for RiptideCoin (RIPT), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13732
MISC
MISC
ethereum — robincoin_token The mintToken function of a smart contract implementation for Robincoin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13612
MISC
MISC
ethereum — robotbtc_token The mintToken function of a smart contract implementation for RobotBTC, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13697
MISC
MISC
ethereum — rocket_coin_token An integer overflow vulnerability exists in the function multiTransfer of Rocket Coin (XRC), an Ethereum token smart contract. An attacker could use it to set any user’s balance. 2018-07-12 not yet calculated CVE-2018-13836
MISC
MISC
ethereum — royalclassiccoin_token The mintToken function of a smart contract implementation for RoyalClassicCoin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13644
MISC
MISC
ethereum — rrtoken The mintToken function of a smart contract implementation for RRToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13777
MISC
MISC
ethereum — rtokenmain_token The mintToken function of a smart contract implementation for R Time Token v3 (RS) (Contract Name: RTokenMain), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13691
MISC
MISC
ethereum — sample_token The mintToken function of a smart contract implementation for Sample Token (STK) (Contract Name: cashBackMintable), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13656
MISC
MISC
ethereum — sdr22_token The mintToken function of a smart contract implementation for SDR22, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13506
MISC
MISC
ethereum — sdr_token The mintToken function of a smart contract implementation for SDR, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13567
MISC
MISC
ethereum — secoin_token The mintToken function of a smart contract implementation for SECoin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13642
MISC
MISC
ethereum — semaintoken The mintToken function of a smart contract implementation for SemainToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13626
MISC
MISC
ethereum — sendme_token The mintToken function of a smart contract implementation for SendMe, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13598
MISC
MISC
ethereum — sexhdsolo_token The mintToken function of a smart contract implementation for sexhdsolo, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13716
MISC
MISC
ethereum — sharktech_token An integer overflow vulnerability exists in the function batchTransfer of SHARKTECH (SKT), an Ethereum token smart contract. An attacker could use it to set any user’s balance. 2018-07-12 not yet calculated CVE-2018-14001
MISC
ethereum — shitcoin_token The mintToken function of a smart contract implementation for ShitCoin (SHITC) (Contract Name: AdvancedShit), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13577
MISC
MISC
ethereum — shmoo_token The mintToken function of a smart contract implementation for Shmoo, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13583
MISC
MISC
ethereum — sipcoin_token The mintToken function of a smart contract implementation for SIPCOIN, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13590
MISC
MISC
ethereum — sipctoken The mintToken function of a smart contract implementation for SIPCToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13538
MISC
MISC
ethereum — slcadvancedtoken The mintToken function of a smart contract implementation for SLCAdvancedToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13507
MISC
MISC
ethereum — slidebitstoken The mintToken function of a smart contract implementation for SlidebitsToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13479
MISC
MISC
ethereum — smart_contract_implementation_for_tickets_token The mintToken function of a smart contract implementation for tickets (TKT), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13742
MISC
MISC
ethereum — smarthomecoin_token The mintToken function of a smart contract implementation for SmartHomeCoin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13512
MISC
MISC
ethereum — smartpayment_token The mintToken function of a smart contract implementation for SmartPayment, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13523
MISC
MISC
ethereum — soscoin_token The mintToken function of a smart contract implementation for SOSCoin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13681
MISC
MISC
ethereum — soundtribetoken The mintToken function of a smart contract implementation for SoundTribeToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13621
MISC
MISC
ethereum — south_park_token The mintToken function of a smart contract implementation for South Park Token Token (SPTKN), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13503
MISC
MISC
ethereum — speedcashlite_token The mintToken function of a smart contract implementation for SpeedCashLite (SCSL), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13534
MISC
MISC
ethereum — stctoken The mintToken function of a smart contract implementation for STCToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13745
MISC
MISC
ethereum — super_cool_awesome_money_token The mintToken function of a smart contract implementation for Super Cool Awesome Money (SCAM), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13516
MISC
MISC
ethereum — superenergy_token The mintToken function of a smart contract implementation for SuperEnergy (SEC), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13743
MISC
MISC
ethereum — susantokenerc20_token The mintToken function of a smart contract implementation for SusanTokenERC20, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13494
MISC
MISC
ethereum — t-swap-token The mintToken function of a smart contract implementation for T-Swap-Token (T-S-T), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13463
MISC
MISC
ethereum — t_swap_token The mintToken function of a smart contract implementation for t_swap, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13464
MISC
MISC
ethereum — tcash_token The mintToken function of a smart contract implementation for TCash, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13518
MISC
MISC
ethereum — testahihi_token
 
The mintToken function of a smart contract implementation for TESTAhihi, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13596
MISC
MISC
ethereum — testcoin_token The mintToken function of a smart contract implementation for testcoin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13597
MISC
MISC
ethereum — theflashtoken The mintToken function of a smart contract implementation for TheFlashToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13772
MISC
MISC
ethereum — thegodgital_token The mintToken function of a smart contract implementation for TheGoDgital, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13658
MISC
MISC
ethereum — thegodigital_token The mintToken function of a smart contract implementation for TheGoDigital, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13652
MISC
MISC
ethereum — thread_token The mintToken function of a smart contract implementation for Thread, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13752
MISC
MISC
ethereum — tokenmachu_token The mintToken function of a smart contract implementation for TokenMACHU, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13731
MISC
MISC
ethereum — topscoinadvanced_token The mintToken function of a smart contract implementation for TopscoinAdvanced, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13520
MISC
MISC
ethereum — trabet_coin_preico_token The mintToken function of a smart contract implementation for Trabet_Coin_PreICO, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13552
MISC
MISC
ethereum — trabet_coin_token The mintToken function of a smart contract implementation for Trabet_Coin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13557
MISC
MISC
ethereum — tradesman_token The mintToken function of a smart contract implementation for Tradesman, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13713
MISC
MISC
ethereum — travelcoin_token The mintToken function of a smart contract implementation for TravelCoin (TRV), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13581
MISC
MISC
ethereum — tripcash_token The mintToken function of a smart contract implementation for TripCash, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13620
MISC
MISC
ethereum — trippay_token The mintToken function of a smart contract implementation for TripPay, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13573
MISC
MISC
ethereum — trium_token The mintToken function of a smart contract implementation for TRIUM, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13481
MISC
MISC
ethereum — truegoldcointoken The mintToken function of a smart contract implementation for TrueGoldCoinToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13647
MISC
MISC
ethereum — tube_token The mintToken function of a smart contract implementation for Tube, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13709
MISC
MISC
ethereum — turdcoin_token The mintToken function of a smart contract implementation for TurdCoin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13636
MISC
MISC
ethereum — ubiou_token The mintToken function of a smart contract implementation for Ubiou, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13513
MISC
MISC
ethereum — ublasti_token The mintToken function of a smart contract implementation for Ublasti, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13763
MISC
MISC
ethereum — ultimatecoin_token The mintToken function of a smart contract implementation for UltimateCoin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13770
MISC
MISC
ethereum — upaytoken
 
The mintToken function of a smart contract implementation for UPayToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13563
MISC
MISC
ethereum — utbtokentest_token The mintToken function of a smart contract implementation for UTBTokenTest, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13667
MISC
MISC
ethereum — utct_token The mintToken function of a smart contract implementation for UTCT, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13559
MISC
MISC
ethereum — vanminhcoin_token The mintToken function of a smart contract implementation for VanMinhCoin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13747
MISC
MISC
ethereum — vicetoken_ico_is_a_scam_token The mintToken function of a smart contract implementation for VICETOKEN_ICO_IS_A_SCAM, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13618
MISC
MISC
ethereum — virtual_energy_units_token The mintToken function of a smart contract implementation for Virtual Energy Units (VEU) (Contract Name: VEU_TokenERC20), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13639
MISC
MISC
ethereum — vitemoneycoin_token The mintToken function of a smart contract implementation for ViteMoneyCoin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13682
MISC
MISC
ethereum — vittoken The mintToken function of a smart contract implementation for VITToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13508
MISC
MISC
ethereum — vornox_token The mintToken function of a smart contract implementation for Vornox (VRX) (Contract Name: VornoxCoinToken), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13685
MISC
MISC
ethereum — vsctoken The mintToken function of a smart contract implementation for VSCToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13475
MISC
MISC
ethereum — wangwangtoken The mintToken function of a smart contract implementation for WangWangToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13526
MISC
MISC
ethereum — welfare_token_fund_token The mintToken function of a smart contract implementation for Welfare Token Fund (WTF), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13510
MISC
MISC
ethereum — wellieat_token The mintToken function of a smart contract implementation for wellieat, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13604
MISC
MISC
ethereum — wemediachain_token An integer overflow vulnerability exists in the function batchTransfer of WeMediaChain (WMC), an Ethereum token smart contract. An attacker could use it to set any user’s balance. 2018-07-12 not yet calculated CVE-2018-14003
MISC
MISC
ethereum — worldopctionchain_token The mintToken function of a smart contract implementation for WorldOpctionChain, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13662
MISC
MISC
ethereum — wxsltoken The mintToken function of a smart contract implementation for WXSLToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13624
MISC
MISC
ethereum — yambyo_token The mintToken function of a smart contract implementation for YAMBYO, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13675
MISC
MISC
ethereum — yasudem_token The mintToken function of a smart contract implementation for yasudem, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13584
MISC
MISC
ethereum — yestoken The mintToken function of a smart contract implementation for YESToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13575
MISC
MISC
ethereum — ylctoken The mintToken function of a smart contract implementation for YLCToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13779
MISC
MISC
ethereum — yss_token The mintToken function of a smart contract implementation for YSS, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13707
MISC
MISC
ethereum — yumerium_token The mintToken function of a smart contract implementation for Yumerium, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13762
MISC
MISC
ethereum — zibtoken The mintToken function of a smart contract implementation for ZIBToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13542
MISC
MISC
ethereum — zip_token The mintToken function of a smart contract implementation for ZIP, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13684
MISC
MISC
ethereum — zpecoin_token The mintToken function of a smart contract implementation for ZPEcoin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13679
MISC
MISC
ethereum — ztoken The mintToken function of a smart contract implementation for ZToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-09 not yet calculated CVE-2018-13768
MISC
MISC
exiv2 — exiv2
 
Exiv2 0.26 has a heap-based buffer over-read in WebPImage::decodeChunks in webpimage.cpp. 2018-07-13 not yet calculated CVE-2018-14046
MISC
f5 — big-ip
 
The svpn component of the F5 BIG-IP APM client prior to version 7.1.7 for Linux and Mac OS X runs as a privileged process and can allow an unprivileged user to assume super-user privileges on the local client host. A malicious local unprivileged user may gain knowledge of sensitive information, manipulate certain data, or disrupt service. 2018-07-12 not yet calculated CVE-2018-5529
BID
CONFIRM

firebase — firebase

The “Firebase Cloud Messaging (FCM) + Advance Admin Panel” component supporting Firebase Push Notification on iOS (through 2017-10-26) allows SQL injection via the /advance_push/public/login username parameter. 2018-07-10 not yet calculated CVE-2018-13850
MISC
forescout — counteract On Windows endpoints, the SecureConnector agent must run under the local SYSTEM account or another administrator account in order to enable full functionality of the agent. The typical configuration is for the agent to run as a Windows service under the local SYSTEM account. The SecureConnector agent runs various plugin scripts and executables on the endpoint in order to gather and report information about the host to the CounterACT management appliance. The SecureConnector agent downloads these scripts and executables as needed from the CounterACT management appliance and runs them on the endpoint. By default, these executable files are downloaded to and run from the %TEMP% directory of the currently logged on user, despite the fact that the SecureConnector agent is running as SYSTEM. Aside from the downloaded scripts, the SecureConnector agent runs a batch file with SYSTEM privileges from the temp directory of the currently logged on user. If the naming convention of this script can be derived, which is made possible by placing it in a directory to which the user has read access, it may be possible overwrite the legitimate batch file with a malicious one before SecureConnector executes it. It is possible to change this directory by setting the the configuration property config.script_run_folder.value in the local.properties configuration file on the CounterACT management appliance, however the batch file which is run does not follow this property. 2018-07-13 not yet calculated CVE-2016-9486
BID
CERT-VN
forescout — counteract On Windows endpoints, the SecureConnector agent must run under the local SYSTEM account or another administrator account in order to enable full functionality of the agent. The typical configuration is for the agent to run as a Windows service under the local SYSTEM account. The SecureConnector agent runs various plugin scripts and executables on the endpoint in order to gather and report information about the host to the CounterACT management appliance. The SecureConnector agent downloads these scripts and executables as needed from the CounterACT management appliance and runs them on the endpoint. The SecureConnector agent fails to set any permissions on downloaded file objects. This allows a malicious user to take ownership of any of these files and make modifications to it, regardless of where the files are saved. These files are then executed under SYSTEM privileges. A malicious unprivileged user can overwrite these executable files with malicious code before the SecureConnector agent executes them, causing the malicious code to be run under the SYSTEM account. 2018-07-13 not yet calculated CVE-2016-9485
BID
CERT-VN
fortify — software_security_center An XML external entity (XXE) vulnerability in Fortify Software Security Center (SSC), version 17.1, 17.2, 18.1 allows remote unauthenticated users to read arbitrary files or conduct server-side request forgery (SSRF) attacks via a crafted DTD in an XML request. 2018-07-12 not yet calculated CVE-2018-12463
CONFIRM
foscam — cameras Stack-based buffer overflow in the getSWFlag function in Foscam Cameras C1 Lite V3, and C1 V3 with firmware 2.82.2.33 and earlier, FI9800P V3, FI9803P V4, FI9851P V3, and FI9853EP V2 2.84.2.33 and earlier, FI9816P V3, FI9821EP V2, FI9821P V3, FI9826P V3, and FI9831P V3 2.81.2.33 and earlier, C1, C1 V2, C1 Lite, and C1 Lite V2 2.52.2.47 and earlier, FI9800P, FI9800P V2, FI9803P V2, FI9803P V3, and FI9851P V2 2.54.2.47 and earlier, FI9815P, FI9815P V2, FI9816P, and FI9816P V2, 2.51.2.47 and earlier, R2 and R4 2.71.1.59 and earlier, C2 and FI9961EP 2.72.1.59 and earlier, FI9900EP, FI9900P, and FI9901EP 2.74.1.59 and earlier, FI9928P 2.74.1.58 and earlier, FI9803EP and FI9853EP 2.22.2.31 and earlier, FI9803P and FI9851P 2.24.2.31 and earlier, FI9821P V2, FI9826P V2, FI9831P V2, and FI9821EP 2.21.2.31 and earlier, FI9821W V2, FI9831W, FI9826W, FI9821P, FI9831P, and FI9826P 2.11.1.120 and earlier, FI9818W V2 2.13.2.120 and earlier, FI9805W, FI9804W, FI9804P, FI9805E, and FI9805P 2.14.1.120 and earlier, FI9828P, and FI9828W 2.13.1.120 and earlier, and FI9828P V2 2.11.1.133 and earlier allows remote attackers to cause a denial of service (crash and reboot), via the callbackJson parameter. 2018-07-09 not yet calculated CVE-2018-6832
MISC
CONFIRM
foscam — cameras Directory traversal vulnerability in Foscam Cameras C1 Lite V3, and C1 V3 with firmware 2.82.2.33 and earlier, FI9800P V3, FI9803P V4, FI9851P V3, and FI9853EP V2 2.84.2.33 and earlier, FI9816P V3, FI9821EP V2, FI9821P V3, FI9826P V3, and FI9831P V3 2.81.2.33 and earlier, C1, C1 V2, C1 Lite, and C1 Lite V2 2.52.2.47 and earlier, FI9800P, FI9800P V2, FI9803P V2, FI9803P V3, and FI9851P V2 2.54.2.47 and earlier, FI9815P, FI9815P V2, FI9816P, and FI9816P V2, 2.51.2.47 and earlier, R2 and R4 2.71.1.59 and earlier, C2 and FI9961EP 2.72.1.59 and earlier, FI9900EP, FI9900P, and FI9901EP 2.74.1.59 and earlier, FI9928P 2.74.1.58 and earlier, FI9803EP and FI9853EP 2.22.2.31 and earlier, FI9803P and FI9851P 2.24.2.31 and earlier, FI9821P V2, FI9826P V2, FI9831P V2, and FI9821EP 2.21.2.31 and earlier, FI9821W V2, FI9831W, FI9826W, FI9821P, FI9831P, and FI9826P 2.11.1.120 and earlier, FI9818W V2 2.13.2.120 and earlier, FI9805W, FI9804W, FI9804P, FI9805E, and FI9805P 2.14.1.120 and earlier, FI9828P, and FI9828W 2.13.1.120 and earlier, and FI9828P V2 2.11.1.133 and earlier allows remote attackers to delete arbitrary files via a .. (dot dot) in the URI path component. 2018-07-09 not yet calculated CVE-2018-6830
MISC
CONFIRM
foscam — cameras
 
The setSystemTime function in Foscam Cameras C1 Lite V3, and C1 V3 with firmware 2.82.2.33 and earlier, FI9800P V3, FI9803P V4, FI9851P V3, and FI9853EP V2 2.84.2.33 and earlier, FI9816P V3, FI9821EP V2, FI9821P V3, FI9826P V3, and FI9831P V3 2.81.2.33 and earlier, C1, C1 V2, C1 Lite, and C1 Lite V2 2.52.2.47 and earlier, FI9800P, FI9800P V2, FI9803P V2, FI9803P V3, and FI9851P V2 2.54.2.47 and earlier, FI9815P, FI9815P V2, FI9816P, and FI9816P V2, 2.51.2.47 and earlier, R2 and R4 2.71.1.59 and earlier, C2 and FI9961EP 2.72.1.59 and earlier, FI9900EP, FI9900P, and FI9901EP 2.74.1.59 and earlier, FI9928P 2.74.1.58 and earlier, FI9803EP and FI9853EP 2.22.2.31 and earlier, FI9803P and FI9851P 2.24.2.31 and earlier, FI9821P V2, FI9826P V2, FI9831P V2, and FI9821EP 2.21.2.31 and earlier, FI9821W V2, FI9831W, FI9826W, FI9821P, FI9831P, and FI9826P 2.11.1.120 and earlier, FI9818W V2 2.13.2.120 and earlier, FI9805W, FI9804W, FI9804P, FI9805E, and FI9805P 2.14.1.120 and earlier, FI9828P, and FI9828W 2.13.1.120 and earlier, and FI9828P V2 2.11.1.133 and earlier allows remote authenticated users to execute arbitrary commands via a ‘;’ in the ntpServer argument. NOTE: this issue exists because of an incomplete fix for CVE-2017-2849. 2018-07-09 not yet calculated CVE-2018-6831
MISC
CONFIRM
freebsd — freebsd Improper bounds checking of the obuf variable in the link_ntoa() function in linkaddr.c of the BSD libc library may allow an attacker to read or write from memory. The full impact and severity depends on the method of exploit and how the library is used by applications. According to analysis by FreeBSD developers, it is very unlikely that applications exist that utilize link_ntoa() in an exploitable manner, and the CERT/CC is not aware of any proof of concept. A blog post describes the functionality of link_ntoa() and points out that none of the base utilities use this function in an exploitable manner. For more information, please see FreeBSD Security Advisory SA-16:37. 2018-07-13 not yet calculated CVE-2016-6559
SECTRACK
FREEBSD
CERT-VN
BID
freesshd — freesshd
 
Insecure access control in freeSSHd version 1.3.1 allows attackers to obtain the privileges of the freesshd.exe process by leveraging the ability to login to an unprivileged account on the server. 2018-07-10 not yet calculated CVE-2018-9853
MISC
g_data — total_security The GDASPAMLib.AntiSpam ActiveX control ASK\GDASpam.dll in G DATA Total Security 25.4.0.3 has a buffer overflow via a long IsBlackListed argument. 2018-07-13 not yet calculated CVE-2018-10018
FULLDISC
genann — genann
 
Genann through 2018-07-08 has a SEGV in genann_run in genann.c. 2018-07-12 not yet calculated CVE-2018-13997
MISC
genann — genann
 
Genann through 2018-07-08 has a stack-based buffer over-read in genann_train in genann.c. 2018-07-12 not yet calculated CVE-2018-13996
MISC
gigabyte — brix_platform GIGABYTE BRIX UEFI firmware does not cryptographically validate images prior to updating the system firmware. Additionally, the firmware updates are served over HTTP. An attacker can make arbitrary modifications to firmware images without being detected. 2018-07-09 not yet calculated CVE-2017-3198
BID
MISC
CERT-VN
gigabyte — brix_platform GIGABYTE BRIX UEFI firmware for the GB-BSi7H-6500 (version F6) and GB-BXi7-5775 (version F2) platforms does not securely implement BIOSWE, BLE, SMM_BWP, and PRx features. As a result, the BIOS is not protected from arbitrary write access and may permit modifications to the SPI flash. 2018-07-09 not yet calculated CVE-2017-3197
BID
MISC
MISC
MISC
CERT-VN
gravity — gravity
 
Gravity before 0.5.1 does not support a maximum recursion depth. 2018-07-09 not yet calculated CVE-2018-13795
MISC
green_packet — dx-350 Green Packet DX-350 uses non-random default credentials of: root:wimax. A remote network attacker can gain privileged access to a vulnerable device. 2018-07-13 not yet calculated CVE-2016-6552
CERT-VN
BID
grundig — smart_inter@ctive_tv_devices Grundig Smart Inter@ctive TV 3.0 devices allow CSRF attacks via a POST request to TCP port 8085 containing a predictable ID value, as demonstrated by a /sendrcpackage?keyid=-2544&keysymbol=-4081 request to shut off the device. 2018-07-11 not yet calculated CVE-2018-13989
MISC
MISC
hdf — hdf5 An issue was discovered in the HDF HDF5 1.8.20 library. There is a heap-based buffer over-read in the function H5O_link_decode in H5Olink.c. 2018-07-10 not yet calculated CVE-2018-13870
MISC
hdf — hdf5 An issue was discovered in the HDF HDF5 1.8.20 library. There is a heap-based buffer over-read in the function H5O_fill_old_decode in H5Ofill.c. 2018-07-10 not yet calculated CVE-2018-13868
MISC
hdf — hdf5 An issue was discovered in the HDF HDF5 1.8.20 library. There is a stack-based buffer overflow in the function H5FD_sec2_read in H5FDsec2.c, related to HDread. 2018-07-10 not yet calculated CVE-2018-13876
MISC
hdf — hdf5 An issue was discovered in the HDF HDF5 1.8.20 library. There is a heap-based buffer overflow in the function H5FL_blk_malloc in H5FL.c. 2018-07-10 not yet calculated CVE-2018-13871
MISC
hdf — hdf5 An issue was discovered in the HDF HDF5 1.8.20 library. There is a buffer over-read in H5O_chunk_deserialize in H5Ocache.c. 2018-07-10 not yet calculated CVE-2018-13873
MISC
hdf — hdf5 An issue was discovered in the HDF HDF5 1.8.20 library. There is a stack-based buffer over-read in the function H5F_addr_decode_len in H5Fint.c. 2018-07-10 not yet calculated CVE-2018-13866
MISC
hdf — hdf5 An issue was discovered in the HDF HDF5 1.8.20 library. There is a heap-based buffer over-read in the function H5O_fill_new_decode in H5Ofill.c, related to HDmemcpy. 2018-07-12 not yet calculated CVE-2018-14032
MISC
hdf — hdf5 An issue was discovered in the HDF HDF5 1.8.20 library. There is an out of bounds read in the function H5F__accum_read in H5Faccum.c. 2018-07-10 not yet calculated CVE-2018-13867
MISC
hdf — hdf5 An issue was discovered in the HDF HDF5 1.8.20 library. There is a heap-based buffer over-read in the function H5VM_memcpyvv in H5VM.c. 2018-07-12 not yet calculated CVE-2018-14035
MISC
hdf — hdf5 An issue was discovered in the HDF HDF5 1.8.20 library. There is an out of bounds read in the function H5O_pline_reset in H5Opline.c. 2018-07-12 not yet calculated CVE-2018-14034
MISC
hdf — hdf5 An issue was discovered in the HDF HDF5 1.8.20 library. There is a heap-based buffer overflow in the function H5G_ent_decode in H5Gent.c. 2018-07-10 not yet calculated CVE-2018-13872
MISC
hdf — hdf5 An issue was discovered in the HDF HDF5 1.8.20 library. There is an out-of-bounds read in the function H5VM_memcpyvv in H5VM.c. 2018-07-10 not yet calculated CVE-2018-13875
MISC
hdf — hdf5 An issue was discovered in the HDF HDF5 1.8.20 library. There is a memcpy parameter overlap in the function H5O_link_decode in H5Olink.c. 2018-07-10 not yet calculated CVE-2018-13869
MISC
hdf — hdf5 An issue was discovered in the HDF HDF5 1.8.20 library. There is a stack-based buffer overflow in the function H5FD_sec2_read in H5FDsec2.c, related to HDmemset. 2018-07-10 not yet calculated CVE-2018-13874
MISC
hdf — hdf5
 
An issue was discovered in the HDF HDF5 1.8.20 library. There is a heap-based buffer over-read in the function H5O_layout_decode in H5Olayout.c, related to HDmemcpy. 2018-07-12 not yet calculated CVE-2018-14033
MISC
hdf — hdf5
 
An issue was discovered in the HDF HDF5 1.8.20 library. There is a heap-based buffer over-read in the function H5T_copy in H5T.c. 2018-07-12 not yet calculated CVE-2018-14031
MISC
htslib — htslib
 
An issue has been found in HTSlib 1.8. It is a buffer over-read in sam_parse1 in sam.c. 2018-07-10 not yet calculated CVE-2018-13845
MISC
htslib — htslib
 
An issue has been found in HTSlib 1.8. It is a memory leak in bgzf_getline in bgzf.c. 2018-07-10 not yet calculated CVE-2018-13843
MISC
htslib — htslib
 
An issue has been found in HTSlib 1.8. It is a memory leak in fai_read in faidx.c. 2018-07-10 not yet calculated CVE-2018-13844
MISC
hughes — satellite_modems Hughes high-performance broadband satellite modems, models HN7740S DW7000 HN7000S/SM, lacks authentication. An unauthenticated user may send an HTTP GET request to http://[ip]/com/gatewayreset or http://[ip]/cgi/reboot.bin to cause the modem to reboot. 2018-07-13 not yet calculated CVE-2016-9496
CERT-VN
BID
hughes — satellite_modems Hughes high-performance broadband satellite modems, models HN7740S DW7000 HN7000S/SM, is vulnerable to an authentication bypass using an alternate path or channel. By default, port 1953 is accessible via telnet and does not require authentication. An unauthenticated remote user can access many administrative commands via this interface, including rebooting the modem. 2018-07-13 not yet calculated CVE-2016-9497
CERT-VN
BID
hughes — satellite_modems Hughes high-performance broadband satellite modems, models HN7740S DW7000 HN7000S/SM, are potentially vulnerable to improper input validation. The device’s advanced status web page that is linked to from the basic status web page does not appear to properly parse malformed GET requests. This may lead to a denial of service. 2018-07-13 not yet calculated CVE-2016-9494
CERT-VN
BID
hughes — satellite_modems Hughes high-performance broadband satellite modems, models HN7740S DW7000 HN7000S/SM, uses hard coded credentials. Access to the device’s default telnet port (23) can be obtained through using one of a few default credentials shared among all devices. 2018-07-13 not yet calculated CVE-2016-9495
CERT-VN
BID
ibm — api_connect IBM API Connect 2018.1.0.0, 2018.2.1, 2018.2.2, 2018.2.3, and 2018.2.4 contains a vulnerability that could allow an authenticated user to obtain sensitive information. IBM X-Force ID: 142657. 2018-07-09 not yet calculated CVE-2018-1548
CONFIRM
BID
XF
ibm — db2_for_linux_unix_and_windows IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10,1, 10.5 and 11.1 could allow a local user to execute arbitrary code and conduct DLL hijacking attacks. IBM X-Force ID: 140209. 2018-07-10 not yet calculated CVE-2018-1458
SECTRACK
XF
CONFIRM
ibm — db2_for_linux_unix_and_windows IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5 and 11.1 binaries load shared libraries from an untrusted path potentially giving low privilege users full access to the DB2 instance account by loading a malicious shared library. IBM X-Force ID: 140972. 2018-07-10 not yet calculated CVE-2018-1487
CONFIRM
SECTRACK
XF
ibm — db2_for_linux_unix_and_windows IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, and 11.1 could allow a local user to execute arbitrary code due to a format string error. IBM X-Force ID: 143023. 2018-07-10 not yet calculated CVE-2018-1566
CONFIRM
BID
SECTRACK
XF
ibm — infosphere_data_replication_dashboard Directory traversal vulnerability in IBM InfoSphere Data Replication Dashboard 9.7 and 10.1 allows remote attackers to read arbitrary files via unspecified vectors. IBM X-Force ID: 84127. 2018-07-09 not yet calculated CVE-2013-3001
XF
CONFIRM
ibm — infosphere_data_replication_dashboard SQL injection vulnerability in IBM InfoSphere Data Replication Dashboard 9.7 and 10.1 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. IBM X-Force ID: 84116. 2018-07-09 not yet calculated CVE-2013-3000
XF
CONFIRM
ibm — infosphere_data_replication_dashboard Cross-site scripting (XSS) vulnerability in IBM InfoSphere Data Replication Dashboard 9.7 and 10.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. IBM X-Force ID: 84115. 2018-07-09 not yet calculated CVE-2013-2999
XF
CONFIRM
ibm — inotes Open redirect vulnerability in IBM iNotes before 8.5.3 Fix Pack 6 and 9.x before 9.0.1 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors. IBM X-Force ID: 83383. 2018-07-11 not yet calculated CVE-2013-0594
XF
CONFIRM
ibm — inotes IBM iNotes before 8.5.3 Fix Pack 6 and 9.x before 9.0.1 allows remote attackers to bypass the remote image filtering mechanism and obtain sensitive information via a crafted e-mail message. IBM X-Force ID: 83371. 2018-07-11 not yet calculated CVE-2013-0589
XF
CONFIRM
ibm — inotes
 
Cross-site scripting (XSS) vulnerability in IBM iNotes before 8.5.3 Fix Pack 6 and 9.x before 9.0.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. IBM X-Force ID: 83815. 2018-07-11 not yet calculated CVE-2013-0592
XF
CONFIRM
ibm — jazz_foundation IBM Jazz Foundation products could disclose sensitive information to an authenticated attacker that could be used in further attacks against the system. IBM X-Force ID: 139026. 2018-07-10 not yet calculated CVE-2018-1423
CONFIRM
XF
ibm — jazz_foundation IBM Jazz Foundation products could allow a user with physical access to the system to log in as another user due to the server’s failure to properly log out from the previous session. IBM X-Force ID: 140977. 2018-07-10 not yet calculated CVE-2018-1492
CONFIRM
XF
ibm — rational_quality_manager IBM Rational Quality Manager 5.0 through 5.0.2 and 6.0 through 6.0.5 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 141804. 2018-07-10 not yet calculated CVE-2018-1523
CONFIRM
XF
ibm — rational_quality_manager IBM Rational Quality Manager 5.0 through 5.0.2 and 6.0 through 6.0.5 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 137038. 2018-07-10 not yet calculated CVE-2017-1793
CONFIRM
XF
ibm — rational_quality_manager IBM Rational Quality Manager 5.0 through 5.0.2 and 6.0 through 6.0.5 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 137037. 2018-07-10 not yet calculated CVE-2017-1792
CONFIRM
XF
ibm — rational_quality_manager IBM Rational Quality Manager 5.0 through 5.0.2 and 6.0 through 6.0.5 contains an undisclosed vulnerability that would allow an authenticated user to obtain elevated privileges. IBM X-Force ID: 134919. 2018-07-10 not yet calculated CVE-2017-1738
CONFIRM
XF
ibm — rational_quality_manager IBM Rational Quality Manager 5.0 through 5.0.2 and 6.0 through 6.0.5 are vulnerable to HTTP response splitting attacks. A remote attacker could exploit this vulnerability using specially-crafted URL to cause the server to return a split response, once the URL is clicked. This would allow the attacker to perform further attacks, such as Web cache poisoning, cross-site scripting, and possibly obtain sensitive information. IBM X-Force ID: 142658. 2018-07-10 not yet calculated CVE-2018-1549
CONFIRM
XF
ibm — rational_quality_manager IBM Rational Quality Manager 5.0 through 5.0.2 and 6.0 through 6.0.5 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 137036. 2018-07-10 not yet calculated CVE-2017-1791
CONFIRM
XF
ibm — rational_quality_manager IBM Rational Quality Manager 5.0 through 5.0.2 and 6.0 through 6.0.5 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 138429. 2018-07-10 not yet calculated CVE-2018-1396
CONFIRM
XF
ibm — rational_quality_manager IBM Rational Quality Manager 5.0 through 5.0.2 and 6.0 through 6.0.5 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 134909. 2018-07-10 not yet calculated CVE-2017-1729
CONFIRM
XF
ibm — rational_team_concert IBM Rational Team Concert 5.0 through 5.0.2 and 6.0 through 6.0.5 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 138445. 2018-07-10 not yet calculated CVE-2018-1407
XF
CONFIRM
ibm — rational_team_concert IBM Rational Team Concert 5.0 through 5.0.2 and 6.0 through 6.0.5 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 138446. 2018-07-10 not yet calculated CVE-2018-1408
XF
CONFIRM
ibm — rational_team_concert IBM Rational Team Concert 5.0 through 5.0.2 and 6.0 through 6.0.5 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 141802. 2018-07-10 not yet calculated CVE-2018-1521
XF
CONFIRM
ibm — security_identity_governance_and_intelligence_virtual_appliance IBM Security Identity Governance and Intelligence Virtual Appliance 5.2 through 5.2.3.2 could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security. An attacker could exploit this vulnerability to obtain sensitive information using man in the middle techniques. IBM X-Force ID: 127341. 2018-07-13 not yet calculated CVE-2017-1395
CONFIRM
XF
ibm — security_identity_governance_and_intelligence_virtual_appliance IBM Security Identity Governance and Intelligence Virtual Appliance 5.2 through 5.2.3.2 stores sensitive information in URL parameters. This may lead to information disclosure if unauthorized parties have access to the URLs via server logs, referrer header or browser history. IBM X-Force ID: 126860. 2018-07-13 not yet calculated CVE-2017-1367
CONFIRM
XF
ibm — system_networking_and_blade_network_technology_switches The Fibre Channel over Ethernet (FCoE) feature in IBM System Networking and Blade Network Technology (BNT) switches running IBM Networking Operating System (aka NOS, formerly BLADE Operating System) floods data frames with unknown MAC addresses out on all interfaces on the same VLAN, which might allow remote attackers to obtain sensitive information in opportunistic circumstances by eavesdropping on the broadcast domain. IBM X-Force ID: 83166. 2018-07-13 not yet calculated CVE-2013-0570
XF
CONFIRM
ibm — tivoli_application_dependency_discovery_manager IBM Tivoli Application Dependency Discovery Manager (TADDM) before 7.2.1.5 and 7.2.x before 7.2.2 make it easier for remote attackers to defeat cryptographic protection mechanisms by leveraging support for weak SSL ciphers. IBM X-Force ID: 84353. 2018-07-09 not yet calculated CVE-2013-3017
XF
CONFIRM
ibm — websphere_cast_iron IBM WebSphere Cast Iron 6.3 allows remote attackers to bypass intended access restrictions via unspecified vectors. IBM X-Force ID: 83868. 2018-07-11 not yet calculated CVE-2013-2972
XF
CONFIRM
ibm — websphere_portal IBM WebSphere Portal 7.0.0.x and 8.0.0.x write passwords to a trace file when tracing is enabled for the Selfcare Portlet (Profile Management), which allows local users to obtain sensitive information by reading the file. IBM X-Force ID: 83621. 2018-07-11 not yet calculated CVE-2013-2951
CONFIRM
XF
idreamsoft — icms
 
An issue was discovered in idreamsoft iCMS 7.0.9. XSS exists via the callback parameter in a public/api.php uploadpic request, bypassing the iWAF protection mechanism. 2018-07-10 not yet calculated CVE-2018-13865
MISC
intel — converged_security_manageability_engine_firmware Buffer overflow in HTTP handler in Intel Active Management Technology in Intel Converged Security Manageability Engine Firmware 3.x, 4.x, 5.x, 6.x, 7.x, 8.x, 9.x, 10.x, and 11.x may allow an attacker to execute arbitrary code via the same subnet. 2018-07-10 not yet calculated CVE-2018-3628
CONFIRM
intel — converged_security_manageability_engine_firmware Memory corruption in Intel Active Management Technology in Intel Converged Security Manageability Engine Firmware 6.x / 7.x / 8.x / 9.x / 10.x / 11.0 / 11.5 / 11.6 / 11.7 / 11.10 / 11.20 could be triggered by an attacker with local administrator permission on the system. 2018-07-10 not yet calculated CVE-2018-3632
CONFIRM
intel — converged_security_manageability_engine_firmware Buffer overflow in event handler in Intel Active Management Technology in Intel Converged Security Manageability Engine Firmware 3.x, 4.x, 5.x, 6.x, 7.x, 8.x, 9.x, 10.x, and 11.x may allow an attacker to cause a denial of service via the same subnet. 2018-07-10 not yet calculated CVE-2018-3629
CONFIRM
intel — converged_security_management_engine Logic bug in Intel Converged Security Management Engine 11.x may allow an attacker to execute arbitrary code via local privileged access. 2018-07-10 not yet calculated CVE-2018-3627
CONFIRM
intel — multiple_core_processors
 
Platform sample code firmware included with 4th Gen Intel Core Processor, 5th Gen Intel Core Processor, 6th Gen Intel Core Processor, and 7th Gen Intel Core Processor potentially exposes password information in memory to a local attacker with administrative privileges. 2018-07-10 not yet calculated CVE-2017-5704
CONFIRM
intel — multiple_xeon_processors Existing UEFI setting restrictions for DCI (Direct Connect Interface) in 5th and 6th generation Intel Xeon Processor E3 Family, Intel Xeon Scalable processors, and Intel Xeon Processor D Family allows a limited physical presence attacker to potentially access platform secrets via debug interfaces. 2018-07-10 not yet calculated CVE-2018-3652
CONFIRM
intel — optane_memory_module Information disclosure vulnerability in storage media in systems with Intel Optane memory module with Whole Disk Encryption may allow an attacker to recover data via physical access. 2018-07-10 not yet calculated CVE-2018-3619
CONFIRM
intel — processor_diagnostic_tool Unquoted service paths in Intel Processor Diagnostic Tool (IPDT) before version 4.1.0.27 allows a local attacker to potentially execute arbitrary code. 2018-07-10 not yet calculated CVE-2018-3668
CONFIRM
intel — processor_diagnostic_tool Installation tool IPDT (Intel Processor Diagnostic Tool) 4.1.0.24 sets permissions of installed files incorrectly, allowing for execution of arbitrary code and potential privilege escalation. 2018-07-10 not yet calculated CVE-2018-3667
CONFIRM
intel — quartus_ii Unquoted service paths in Intel Quartus II Programmer and Tools in versions 11.0 – 15.0 allow a local attacker to potentially execute arbitrary code. 2018-07-10 not yet calculated CVE-2018-3687
CONFIRM
intel — quartus_ii Unquoted service paths in Intel Quartus II in versions 11.0 – 15.0 allow a local attacker to potentially execute arbitrary code. 2018-07-10 not yet calculated CVE-2018-3684
CONFIRM
intel — quartus_prime Unquoted service paths in Intel Quartus Prime in versions 15.1 – 18.0 allow a local attacker to potentially execute arbitrary code. 2018-07-10 not yet calculated CVE-2018-3683
CONFIRM
intel — quartus_prime_programmer_and_tools Unquoted service paths in Intel Quartus Prime Programmer and Tools in versions 15.1 – 18.0 allow a local attacker to potentially execute arbitrary code. 2018-07-10 not yet calculated CVE-2018-3688
CONFIRM
intellian_technologies — satellite_tv_t-series_and_v-series_firmware
 
Intellian Satellite TV antennas t-Series and v-Series, firmware version 1.07, uses non-random default credentials of: ftp/ftp or intellian:12345678. A remote network attacker can gain elevated access to a vulnerable device. 2018-07-13 not yet calculated CVE-2016-6551
BID
CERT-VN
itrack — itrack_easy A captured MAC/device ID of an iTrack Easy can be registered under multiple user accounts allowing access to getgps GPS data, which can allow unauthenticated parties to track the device. 2018-07-13 not yet calculated CVE-2016-6543
BID
MISC
CERT-VN
itrack — itrack_easy The iTrack Easy mobile application stores the account password used to authenticate to the cloud API in base64-encoding in the cache.db file. The base64 encoding format is considered equivalent to cleartext. 2018-07-13 not yet calculated CVE-2016-6546
BID
MISC
CERT-VN
itrack — itrack_easy getgps data in iTrack Easy can be modified without authentication by setting the data using the parametercmd:setothergps. This vulnerability can be exploited to alter the GPS data of a lost device. 2018-07-13 not yet calculated CVE-2016-6544
BID
MISC
CERT-VN
itrack — itrack_easy Session cookies are not used for maintaining valid sessions in iTrack Easy. The user’s password is passed as a POST parameter over HTTPS using a base64 encoded passwd field on every request. In this implementation, sessions can only be terminated when the user changes the associated password. 2018-07-13 not yet calculated CVE-2016-6545
BID
MISC
CERT-VN
itrack — itrack_easy
 
The iTrack device tracking ID number, also called “LosserID” in the web API, can be obtained by being in the range of an iTrack device. The tracker ID is the device’s BLE MAC address. 2018-07-13 not yet calculated CVE-2016-6542
BID
MISC
CERT-VN
jenkins — jenkins Jenkins project Jenkins AWS CodeDeploy Plugin version 1.19 and earlier contains a Insufficiently Protected Credentials vulnerability in AWSCodeDeployPublisher.java that can result in Credentials Disclosure. This attack appear to be exploitable via local file access. This vulnerability appears to have been fixed in 1.20 and later. 2018-07-09 not yet calculated CVE-2018-1000403
CONFIRM
jenkins — jenkins Jenkins project Jenkins AWS CodePipeline Plugin version 0.36 and earlier contains a Insufficiently Protected Credentials vulnerability in AWSCodePipelineSCM.java that can result in Credentials Disclosure. This attack appear to be exploitable via local file access. This vulnerability appears to have been fixed in 0.37 and later. 2018-07-09 not yet calculated CVE-2018-1000401
CONFIRM
jenkins — jenkins
 
Jenkins project Jenkins AWS CodeBuild Plugin version 0.26 and earlier contains a Insufficiently Protected Credentials vulnerability in AWSClientFactory.java, CodeBuilder.java that can result in Credentials Disclosure. This attack appear to be exploitable via local file access. This vulnerability appears to have been fixed in 0.27 and later. 2018-07-09 not yet calculated CVE-2018-1000404
CONFIRM
jenkins — jenkins
 
Jenkins project Jenkins AWS CodeDeploy Plugin version 1.19 and earlier contains a File and Directory Information Exposure vulnerability in AWSCodeDeployPublisher.java that can result in Disclosure of environment variables. This vulnerability appears to have been fixed in 1.20 and later. 2018-07-09 not yet calculated CVE-2018-1000402
CONFIRM
jester — jester
 
Directory traversal in Jester web framework 0.2.0 allows remote attackers to fetch files in arbitrary locations via “..%f” sequences. 2018-07-09 not yet calculated CVE-2018-13034
CONFIRM
jfrog — artifactory JFrog Artifactory version since 5.11 contains a Cross-site Request Forgery (CSRF) vulnerability in UI rest endpoints that can result in Classic CSRF attack allowing an attacker to perform actions as logged in user. This attack appear to be exploitable via The victim must run maliciously crafted flash component. This vulnerability appears to have been fixed in 6.1. 2018-07-13 not yet calculated CVE-2018-1000206
MISC
CONFIRM
CONFIRM
jfrog — artifactory
 
JFrog JFrog Artifactory version Prior to version 6.0.3, since version 4.0.0 contains a Directory Traversal vulnerability in The “Import Repository from Zip” feature, available through the Admin menu -> Import & Export -> Repositories, triggers a vulnerable UI REST endpoint (/ui/artifactimport/upload) that can result in Directory traversal / file overwrite and remote code execution. This attack appear to be exploitable via An attacker with Admin privileges may use the aforementioned UI endpoint and exploit the publicly known “Zip Slip” vulnerability, to add/overwrite files outside the target directory. This vulnerability appears to have been fixed in 6.0.3. 2018-07-09 not yet calculated CVE-2018-1000623
CONFIRM
juniper_networks — contrail_service_orchestration Juniper Networks Contrail Service Orchestration releases prior to 3.3.0 use hardcoded credentials to access Keystone service. These credentials allow network based attackers unauthorized access to information stored in keystone. 2018-07-11 not yet calculated CVE-2018-0041
CONFIRM
juniper_networks — contrail_service_orchestration Juniper Networks Contrail Service Orchestration releases prior to 4.0.0 have Grafana service enabled by default with hardcoded credentials. These credentials allow network based attackers unauthorized access to information stored in Grafana or exploit other weaknesses or vulnerabilities in Grafana. 2018-07-11 not yet calculated CVE-2018-0039
CONFIRM
juniper_networks — contrail_service_orchestration Juniper Networks Contrail Service Orchestration versions prior to 4.0.0 use hardcoded cryptographic certificates and keys in some cases, which may allow network based attackers to gain unauthorized access to services. 2018-07-11 not yet calculated CVE-2018-0040
CONFIRM
juniper_networks — contrail_service_orchestration Juniper Networks CSO versions prior to 4.0.0 may log passwords in log files leading to an information disclosure vulnerability. 2018-07-11 not yet calculated CVE-2018-0042
CONFIRM
juniper_networks — contrail_service_orchestration Juniper Networks Contrail Service Orchestration releases prior to 3.3.0 have Cassandra service enabled by default with hardcoded credentials. These credentials allow network based attackers unauthorized access to information stored in Cassandra. 2018-07-11 not yet calculated CVE-2018-0038
CONFIRM
juniper_networks — junos_os When an SRX Series device is configured to use HTTP/HTTPS pass-through authentication services, a client sending authentication credentials in the initial HTTP/HTTPS session is at risk that these credentials may be captured during follow-on HTTP/HTTPS requests by a malicious actor through a man-in-the-middle attack or by authentic servers subverted by malicious actors. FTP, and Telnet pass-through authentication services are not affected. Affected releases are Juniper Networks SRX Series: 12.1X46 versions prior to 12.1X46-D67 on SRX Series; 12.3X48 versions prior to 12.3X48-D25 on SRX Series; 15.1X49 versions prior to 15.1X49-D35 on SRX Series. 2018-07-11 not yet calculated CVE-2018-0025
BID
CONFIRM
MISC
MISC
MISC
juniper_networks — junos_os Receipt of a crafted or malformed RSVP PATH message may cause the routing protocol daemon (RPD) to hang or crash. When RPD is unavailable, routing updates cannot be processed which can lead to an extended network outage. If RSVP is not enabled on an interface, then the issue cannot be triggered via that interface. This issue only affects Juniper Networks Junos OS 16.1 versions prior to 16.1R3. This issue does not affect Junos releases prior to 16.1R1. 2018-07-11 not yet calculated CVE-2018-0027
BID
CONFIRM
juniper_networks — junos_os Receipt of a specific MPLS packet may cause MPC7/8/9, PTX-FPC3 (FPC-P1, FPC-P2) line cards or PTX1K to crash and restart. By continuously sending specific MPLS packets, an attacker can repeatedly crash the line cards or PTX1K causing a sustained Denial of Service. Affected releases are Juniper Networks Junos OS with MPC7/8/9 or PTX-FPC3 (FPC-P1, FPC-P2) installed and PTX1K: 15.1F versions prior to 15.1F6-S10; 15.1 versions prior to 15.1R4-S9, 15.1R6-S6, 15.1R7; 16.1 versions prior to 16.1R3-S8, 16.1R4-S9, 16.1R5-S4, 16.1R6-S3, 16.1R7; 16.1X65 versions prior to 16.1X65-D46; 16.2 versions prior to 16.2R1-S6, 16.2R2-S5, 16.2R3; 17.1 versions prior to 17.1R1-S7, 17.1R2-S7, 17.1R3; 17.2 versions prior to 17.2R1-S4, 17.2R2-S4, 17.2R3; 17.2X75 versions prior to 17.2X75-D70, 17.2X75-D90; 17.3 versions prior to 17.3R1-S4, 17.3R2, 17.4 versions prior to 17.4R1-S2, 17.4R2. Refer to KB25385 for more information about PFE line cards. 2018-07-11 not yet calculated CVE-2018-0030
CONFIRM
MISC
juniper_networks — junos_os A Denial of Service vulnerability exists in the Juniper Networks Junos OS JDHCPD daemon which allows an attacker to core the JDHCPD daemon by sending a crafted IPv6 packet to the system. This issue is limited to systems which receives IPv6 DHCP packets on a system configured for DHCP processing using the JDHCPD daemon. This issue does not affect IPv4 DHCP packet processing. Affected releases are Juniper Networks Junos OS: 12.3 versions prior to 12.3R12-S10 on EX Series; 12.3X48 versions prior to 12.3X48-D70 on SRX Series; 14.1X53 versions prior to 14.1X53-D47 on EX2200/VC, EX3200, EX3300/VC, EX4200, EX4300, EX4550/VC, EX4600, EX6200, EX8200/VC (XRE), QFX3500, QFX3600, QFX5100; 14.1X53 versions prior to 14.1X53-D130 on QFabric; 15.1 versions prior to 15.1R4-S9, 15.1R6-S6, 15.1R7; 15.1X49 versions prior to 15.1X49-D140 on SRX Series; 15.1X53 versions prior to 15.1X53-D67 on QFX10000 Series; 15.1X53 versions prior to 15.1X53-D233 on QFX5110, QFX5200; 15.1X53 versions prior to 15.1X53-D471 on NFX 150, NFX 250; 16.1 versions prior to 16.1R3-S9, 16.1R4-S8, 16.1R5-S4, 16.1R6-S3, 16.1R7; 16.2 versions prior to 16.2R2-S5, 16.2R3; 17.1 versions prior to 17.1R1-S7, 17.1R2-S7, 17.1R3; 17.2 versions prior to 17.2R1-S6, 17.2R2-S4, 17.2R3; 17.3 versions prior to 17.3R1-S4, 17.3R2-S2, 17.3R3; 17.4 versions prior to 17.4R1-S3, 17.4R2. 2018-07-11 not yet calculated CVE-2018-0034
MISC
CONFIRM
juniper_networks — junos_os An Improper Privilege Management vulnerability in a shell session of Juniper Networks Junos OS allows an authenticated unprivileged attacker to gain full control of the system. Affected releases are Juniper Networks Junos OS: 12.1X46 versions prior to 12.1X46-D45 on SRX Series; 12.3X48 versions prior to 12.3X48-D20 on SRX Series; 12.3 versions prior to 12.3R11 on EX Series; 14.1X53 versions prior to 14.1X53-D30 on EX2200/VC, EX3200, EX3300/VC, EX4200, EX4300, EX4550/VC, EX4600, EX6200, EX8200/VC (XRE), QFX3500, QFX3600, QFX5100;; 15.1X49 versions prior to 15.1X49-D20 on SRX Series. 2018-07-11 not yet calculated CVE-2018-0024
BID
CONFIRM
juniper_networks — junos_os Receipt of specially crafted UDP/IP packets over MPLS may be able to bypass a stateless firewall filter. The crafted UDP packets must be encapsulated and meet a very specific packet format to be classified in a way that bypasses IP firewall filter rules. The packets themselves do not cause a service interruption (e.g. RPD crash), but receipt of a high rate of UDP packets may be able to contribute to a denial of service attack. This issue only affects processing of transit UDP/IP packets over MPLS, received on an interface with MPLS enabled. TCP packet processing and non-MPLS encapsulated UDP packet processing are unaffected by this issue. Affected releases are Juniper Networks Junos OS: 12.1X46 versions prior to 12.1X46-D76; 12.3 versions prior to 12.3R12-S10; 12.3X48 versions prior to 12.3X48-D66, 12.3X48-D70; 14.1X53 versions prior to 14.1X53-D47; 15.1 versions prior to 15.1F6-S10, 15.1R4-S9, 15.1R6-S6, 15.1R7; 15.1X49 versions prior to 15.1X49-D131, 15.1X49-D140; 15.1X53 versions prior to 15.1X53-D59 on EX2300/EX3400; 15.1X53 versions prior to 15.1X53-D67 on QFX10K; 15.1X53 versions prior to 15.1X53-D233 on QFX5200/QFX5110; 15.1X53 versions prior to 15.1X53-D471, 15.1X53-D490 on NFX; 16.1 versions prior to 16.1R3-S8, 16.1R4-S9, 16.1R5-S4, 16.1R6-S3, 16.1R7; 16.2 versions prior to 16.2R1-S6, 16.2R2-S5, 16.2R3; 17.1 versions prior to 17.1R1-S7, 17.1R2-S7, 17.1R3; 17.2 versions prior to 17.2R1-S6, 17.2R2-S4, 17.2R3; 17.2X75 versions prior to 17.2X75-D100; 17.3 versions prior to 17.3R1-S4, 17.3R2-S2, 17.3R3; 17.4 versions prior to 17.4R1-S3, 17.4R2; 18.1 versions prior to 18.1R2; 18.2X75 versions prior to 18.2X75-D5. 2018-07-11 not yet calculated CVE-2018-0031
CONFIRM
juniper_networks — junos_os After Junos OS device reboot or upgrade, the stateless firewall filter configuration may not take effect. This issue can be verified by running the command: user@re0> show interfaces <interface_name> extensive | match filters” CAM destination filters: 0, CAM source filters: 0 Note: when the issue occurs, it does not show the applied firewall filter. The correct output should show the applied firewall filter, for example: user@re0> show interfaces <interface_name> extensive | match filters” CAM destination filters: 0, CAM source filters: 0 Input Filters: FIREWAL_FILTER_NAME-<interface_name> This issue affects firewall filters for every address family. Affected releases are Juniper Networks Junos OS: 15.1R4, 15.1R5, 15.1R6 and SRs based on these MRs. 15.1X8 versions prior to 15.1X8.3. 2018-07-11 not yet calculated CVE-2018-0026
BID
CONFIRM
juniper_networks — junos_os While experiencing a broadcast storm, placing the fxp0 interface into promiscuous mode via the ‘monitor traffic interface fxp0’ can cause the system to crash and restart (vmcore). This issue only affects Junos OS 15.1 and later releases, and affects both single core and multi-core REs. Releases prior to Junos OS 15.1 are unaffected by this vulnerability. Affected releases are Juniper Networks Junos OS: 15.1 versions prior to 15.1F6-S11, 15.1R4-S9, 15.1R6-S6, 15.1R7; 15.1X49 versions prior to 15.1X49-D140; 15.1X53 versions prior to 15.1X53-D59 on EX2300/EX3400; 15.1X53 versions prior to 15.1X53-D67 on QFX10K; 15.1X53 versions prior to 15.1X53-D233 on QFX5200/QFX5110; 15.1X53 versions prior to 15.1X53-D471, 15.1X53-D490 on NFX; 16.1 versions prior to 16.1R3-S8, 16.1R5-S4, 16.1R6-S1, 16.1R7; 16.2 versions prior to 16.2R1-S6, 16.2R2-S5, 16.2R3; 17.1 versions prior to 17.1R1-S7, 17.1R2-S7, 17.1R3; 17.2 versions prior to 17.2R1-S6, 17.2R2-S4, 17.2R3; 17.2X75 versions prior to 17.2X75-D90, 17.2X75-D110; 17.3 versions prior to 17.3R1-S4, 17.3R2; 17.4 versions prior to 17.4R1-S3, 17.4R2. 2018-07-11 not yet calculated CVE-2018-0029
CONFIRM
juniper_networks — junos_os QFX5200 and QFX10002 devices that have been shipped with Junos OS 15.1X53-D21, 15.1X53-D30, 15.1X53-D31, 15.1X53-D32, 15.1X53-D33 and 15.1X53-D60 or have been upgraded to these releases using the .bin or .iso images may contain an unintended additional Open Network Install Environment (ONIE) partition. This additional partition allows the superuser to reboot to the ONIE partition which will wipe out the content of the Junos partition and its configuration. Once rebooted, the ONIE partition will not have root password configured, thus any user can access the console or SSH, using an IP address acquired from DHCP, as root without password. Once the device has been shipped or upgraded with the ONIE partition installed, the issue will persist. Simply upgrading to higher release via the CLI will not resolve the issue. No other Juniper Networks products or platforms are affected by this issue. 2018-07-11 not yet calculated CVE-2018-0035
CONFIRM
juniper_networks — junos_os The receipt of a crafted BGP UPDATE can lead to a routing process daemon (RPD) crash and restart. Repeated receipt of the same crafted BGP UPDATE can result in an extended denial of service condition for the device. This issue only affects the specific versions of Junos OS listed within this advisory. Earlier releases are unaffected by this vulnerability. This crafted BGP UPDATE does not propagate to other BGP peers. Affected releases are Juniper Networks Junos OS: 16.1X65 versions prior to 16.1X65-D47; 17.2X75 versions prior to 17.2X75-D91, 17.2X75-D110; 17.3 versions prior to 17.3R1-S4, 17.3R2; 17.4 versions prior to 17.4R1-S3, 17.4R2. 2018-07-11 not yet calculated CVE-2018-0032
CONFIRM
juniper_networks — junos_os Junos OS routing protocol daemon (RPD) process may crash and restart or may lead to remote code execution while processing specific BGP NOTIFICATION messages. By continuously sending crafted BGP NOTIFICATION messages, an attacker can repeatedly crash the RPD process causing a sustained Denial of Service. Due to design improvements, this issue does not affect Junos OS 16.1R1, and all subsequent releases. This issue only affects the receiving BGP device and is non-transitive in nature. Affected releases are Juniper Networks Junos OS: 15.1F5 versions starting from 15.1F5-S7 and all subsequent releases; 15.1F6 versions starting from 15.1F6-S3 and later releases prior to 15.1F6-S10; 15.1F7 versions 15.1 versions starting from 15.1R5 and later releases, including the Service Releases based on 15.1R5 and on 15.1R6 prior to 15.1R6-S6 and 15.1R7; 2018-07-11 not yet calculated CVE-2018-0037
CONFIRM
komoot — komoot_cycling_and_hiking_maps_app_for_ios
 
The komoot GmbH “Komoot – Cycling & Hiking Maps” app before 9.3.2 — aka komoot-cycling-hiking-maps/id447374873 — for iOS does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. 2018-07-12 not yet calculated CVE-2017-14709
MISC

legion_of_the_bouncy_castle — bouncy_castle_java_cryptography_apis

Legion of the Bouncy Castle Legion of the Bouncy Castle Java Cryptography APIs version prior to version 1.60 contains a CWE-470: Use of Externally-Controlled Input to Select Classes or Code (‘Unsafe Reflection’) vulnerability in XMSS/XMSS^MT private key deserialization that can result in Deserializing an XMSS/XMSS^MT private key can result in the execution of unexpected code.. This attack appear to be exploitable via A handcrafted private key can include references to unexpected classes which will be picked up from the class path for the executing application.. This vulnerability appears to have been fixed in 1.60 and later. 2018-07-09 not yet calculated CVE-2018-1000613
CONFIRM
CONFIRM
lenovo — help_android_app The Lenovo Help Android app versions earlier than 6.1.2.0327 had insufficient access control for some functions which, if exploited, could have led to exposure of approximately 400 email addresses and 8,500 IMEI. 2018-07-13 not yet calculated CVE-2018-9067
CONFIRM
lenovo — smart_assistant_android_app
 
For the Lenovo Smart Assistant Android app versions earlier than 12.1.82, an attacker with physical access to the smart speaker can, by pressing a specific button sequence, enter factory test mode and enable a web service intended for testing the device. As with most test modes, this provides extra privileges, including changing settings and running code. Lenovo Smart Assistant is an Amazon Alexa-enabled smart speaker developed by Lenovo. 2018-07-13 not yet calculated CVE-2018-9070
CONFIRM
libgit2 — libgit2
 
A flaw was found in libgit2 before version 0.27.3. It has been discovered that an unexpected sign extension in git_delta_apply function in delta.c file may lead to an integer overflow which in turn leads to an out of bound read, allowing to read before the base object. An attacker may use this flaw to leak memory addresses or cause a Denial of Service. 2018-07-10 not yet calculated CVE-2018-10887
CONFIRM
CONFIRM
CONFIRM
CONFIRM
libgit2 — libgit2
 
A flaw was found in libgit2 before version 0.27.3. A missing check in git_delta_apply function in delta.c file, may lead to an out-of-bound read while reading a binary delta file. An attacker may use this flaw to cause a Denial of Service. 2018-07-10 not yet calculated CVE-2018-10888
CONFIRM
CONFIRM
CONFIRM
libpng — libpng
 
In libpng 1.6.34, a wrong calculation of row_factor in the png_check_chunk_length function (pngrutil.c) may trigger an integer overflow and resultant divide-by-zero while processing a crafted PNG file, leading to a denial of service. 2018-07-09 not yet calculated CVE-2018-13785
MISC
MISC
UBUNTU
libpng — libpng
 
An issue has been found in libpng 1.6.34. It is a SEGV in the function png_free_data in png.c, related to the recommended error handling for png_read_image. 2018-07-13 not yet calculated CVE-2018-14048
MISC
MISC
libwav — libwav The function wav_read in libwav.c in libwav through 2017-04-20 has an infinite loop. 2018-07-13 not yet calculated CVE-2018-14051
MISC
MISC
libwav — libwav An issue has been found in libwav through 2017-04-20. It is a SEGV in the function wav_free in libwav.c. 2018-07-13 not yet calculated CVE-2018-14050
MISC
MISC
libwav — libwav
 
An issue has been found in libwav through 2017-04-20. It is a SEGV in the function print_info in wav_info/wav_info.c. 2018-07-13 not yet calculated CVE-2018-14049
MISC
MISC
libwav — libwav
 
An issue has been found in libwav through 2017-04-20. It is a SEGV in the function apply_gain in wav_gain/wav_gain.c. 2018-07-13 not yet calculated CVE-2018-14052
MISC
MISC
linux — linux_kernel It was discovered in the Linux kernel before 4.11-rc8 that root can gain direct access to an internal keyring, such as ‘.dns_resolver’ in RHEL-7 or ‘.builtin_trusted_keys’ upstream, by joining it as its session keyring. This allows root to bypass module signature verification by adding a new public key of its own devising to the keyring. 2018-07-11 not yet calculated CVE-2016-9604
CONFIRM
BID
REDHAT
REDHAT
REDHAT
CONFIRM
CONFIRM
CONFIRM
linux — linux_kernel
 
A flaw was found in the way the Linux kernel handled exceptions delivered after a stack switch operation via Mov SS or Pop SS instructions. During the stack switch operation, processor does not deliver interrupts and exceptions, they are delivered once the first instruction after the stack switch is executed. An unprivileged system user could use this flaw to crash the system kernel resulting in DoS. This CVE-2018-10872 was assigned due to regression of CVE-2018-8897 in Red Hat Enterprise Linux 6.10 GA kernel. No other versions are affected by this CVE. 2018-07-10 not yet calculated CVE-2018-10872
REDHAT
CONFIRM
linux — linux_kernel
 
An integer overflow in the uvesafb_setcmap function in drivers/video/fbdev/uvesafb.c in the Linux kernel before 4.17.4 could result in local attackers being able to crash the kernel or potentially elevate privileges because kmalloc_array is not used. 2018-07-06 not yet calculated CVE-2018-13406
MISC
BID
MISC
MISC
linux — linux_kernel
 
Lack of copy_from_user and information leak in function “msm_ois_subdev_do_ioctl, file msm_ois.c can lead to a camera crash in all Android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the Linux kernel 2018-07-06 not yet calculated CVE-2017-15851
MISC
MISC
mailman — mailman
 
Unspecified vulnerability in Mailman before 2.1.28 has unknown impact and attack vectors. 2018-07-12 not yet calculated CVE-2018-13796
MLIST
manageengine — applications_manager ManageEngine Applications Manager 12 and 13 allows an authenticated user, who is able to access /register.do page (most likely limited to administrator), to browse the filesystem and read the system files, including Applications Manager configuration, stored private keys, etc. By default Application Manager is running with administrative privileges, therefore it is possible to access every directory on the underlying operating system. 2018-07-13 not yet calculated CVE-2016-9491
FULLDISC
BID
medtronic — n’vision_clinician_programmer_and_n’vision_removable_application_card Medtronic N’Vision Clinician Programmer 8840 N’Vision Clinician Programmer, all versions, and 8870 N’Vision removable Application Card, all versions. The 8840 Clinician Programmer executes the application program from the 8870 Application Card. An attacker with physical access to an 8870 Application Card and sufficient technical capability can modify the contents of this card, including the binary executables. If modified to bypass protection mechanisms, this malicious code will be run when the card is inserted into an 8840 Clinician Programmer. 2018-07-13 not yet calculated CVE-2018-10631
MISC
MISC
microsoft — .net_framework A remote code execution vulnerability exists when the Microsoft .NET Framework fails to validate input properly, aka “.NET Framework Remote Code Injection Vulnerability.” This affects Microsoft .NET Framework 2.0, Microsoft .NET Framework 3.0, Microsoft .NET Framework 4.6.2/4.7/4.7.1/4.7.2, Microsoft .NET Framework 4.5.2, Microsoft .NET Framework 4.6, Microsoft .NET Framework 4.7/4.7.1/4.7.2, Microsoft .NET Framework 4.7.1/4.7.2, Microsoft .NET Framework 3.5, Microsoft .NET Framework 3.5.1, Microsoft .NET Framework 4.6/4.6.1/4.6.2, Microsoft .NET Framework 4.6/4.6.1/4.6.2/4.7/4.7.1/4.7.1/4.7.2, Microsoft .NET Framework 4.7.2. 2018-07-10 not yet calculated CVE-2018-8284
BID
SECTRACK
CONFIRM
microsoft — .net_framework An elevation of privilege vulnerability exists in .NET Framework which could allow an attacker to elevate their privilege level, aka “.NET Framework Elevation of Privilege Vulnerability.” This affects Microsoft .NET Framework 2.0, Microsoft .NET Framework 3.0, Microsoft .NET Framework 4.6.2/4.7/4.7.1/4.7.2, Microsoft .NET Framework 4.5.2, Microsoft .NET Framework 4.6, Microsoft .NET Framework 4.7/4.7.1/4.7.2, Microsoft .NET Framework 4.7.1/4.7.2, Microsoft .NET Framework 3.5, Microsoft .NET Framework 3.5.1, Microsoft .NET Framework 4.6/4.6.1/4.6.2, Microsoft .NET Framework 4.6/4.6.1/4.6.2/4.7/4.7.1/4.7.1/4.7.2, Microsoft .NET Framework 4.7.2. 2018-07-10 not yet calculated CVE-2018-8202
BID
SECTRACK
CONFIRM
microsoft — .net_framework A security feature bypass vulnerability exists when Microsoft .NET Framework components do not correctly validate certificates, aka “.NET Framework Security Feature Bypass Vulnerability.” This affects .NET Framework 4.7.2, Microsoft .NET Framework 3.0, Microsoft .NET Framework 4.6.2/4.7/4.7.1/4.7.2, ASP.NET Core 1.1, Microsoft .NET Framework 4.5.2, ASP.NET Core 2.0, ASP.NET Core 1.0, .NET Core 1.1, Microsoft .NET Framework 3.5, Microsoft .NET Framework 3.5.1, Microsoft .NET Framework 4.6/4.6.1/4.6.2, .NET Core 1.0, .NET Core 2.0, Microsoft .NET Framework 4.6, Microsoft .NET Framework 4.6/4.6.1/4.6.2/4.7/4.7.1/4.7.1/4.7.2, Microsoft .NET Framework 4.7.2. 2018-07-10 not yet calculated CVE-2018-8356
BID
SECTRACK
CONFIRM
microsoft — .net_framework
 
A Remote Code Execution vulnerability exists in .NET software when the software fails to check the source markup of a file, aka “.NET Framework Remote Code Execution Vulnerability.” This affects .NET Framework 4.7.2, Microsoft .NET Framework 4.7.2. 2018-07-10 not yet calculated CVE-2018-8260
BID
SECTRACK
CONFIRM
microsoft — access_and_office A remote code execution vulnerability exists when Microsoft Access fails to properly handle objects in memory, aka “Microsoft Access Remote Code Executio