We are constantly interested in the latest and up-to-date technology.
As we move forward with the software development we will continue to use new technologies to improve our products and the customer experience. And we will continue to develop our solutions with both new functionality and increasing integration with the latest major platforms.
As the growing market shares and interests in the I.T. virtualization, we tailored the unique virtualization solution vFleXtor using proven, modern up-to-date technology.
Timely information about security topics and threats:
US-CERT: The United States Computer Emergency Readiness Team
US-CERT: The United States Computer Emergency Readiness Team
-
Original release date: July 13, 2018
The Internet Crime Complaint Center (IC3) has released an alert on business email compromise scams. This type of scam targets businesses and individuals by using social engineering or computer intrusion to compromise legitimate email accounts and conduct unauthorized fund transfers or obtain personally identifiable information.
NCCIC encourages businesses and individuals to refer to the IC3 Alert and the NCCIC Tip on Avoiding Social Engineering and Phishing Attacks.
This product is provided subject to this Notification and this Privacy & Use policy.
-
Original release date: July 12, 2018
Juniper Networks has released security updates to address vulnerabilities affecting multiple Junos OS versions. An attacker could exploit some of these vulnerabilities to take control of an affected system.
NCCIC encourages users and administrators to review the Juniper Security Advisories website and apply the necessary updates.
This product is provided subject to this Notification and this Privacy & Use policy.
-
Original release date: July 12, 2018
The Internet Systems Consortium (ISC) has released a security advisory that addresses a memory leak vulnerability in Kea DHCP 1.4.0. A remote attacker could exploit this vulnerability to cause a denial-of-service condition.
NCCIC encourages users and administrators to review ISC Knowledge Base Article AA-01626 and apply the necessary update or workaround.
This product is provided subject to this Notification and this Privacy & Use policy.
-
Original release date: July 11, 2018
Cisco has released updates to address vulnerabilities affecting Cisco products. A remote attacker could exploit one of these vulnerabilities to take control of an affected system.
NCCIC encourages users and administrators to review the following Cisco Security Advisories and apply the necessary updates:
- IP Phone 6800, 7800, and 8800 Series with Multiplatform Firmware Web UI Command Injection Vulnerability cisco-sa-20180711-phone-webui-inject
- StarOS IPv4 Fragmentation Denial-of-Service Vulnerability cisco-sa-20180711-staros-dos
This product is provided subject to this Notification and this Privacy & Use policy.
-
Original release date: July 10, 2018
Microsoft has released updates to address vulnerabilities in Microsoft software. A remote attacker could exploit some of these vulnerabilities to take control of an affected system.
NCCIC encourages users and administrators to review Microsoft?s July 2018 Security Update Summary and Deployment Information and apply the necessary updates.
This product is provided subject to this Notification and this Privacy & Use policy.
-
Original release date: July 10, 2018
Adobe has released security updates to address vulnerabilities in Adobe Acrobat and Reader, Adobe Flash Player, Adobe Connect, and Adobe Experience Manager. A remote attacker could exploit some of these vulnerabilities to take control of an affected system.
NCCIC encourages users and administrators to review Adobe Security Bulletins APSB18-21, APSB18-24, APSB18-22, and APSB18-23 and apply the necessary updates.
This product is provided subject to this Notification and this Privacy & Use policy.
-
Original release date: July 09, 2018
Apple has released security updates to address vulnerabilities in multiple products. An attacker could exploit some of these vulnerabilities to take control of an affected system.
NCCIC encourages users and administrators to review Apple security pages for the following products and apply the necessary updates:
- iTunes 12.8 for Windows
- iCloud for Windows 7.6
- Safari 11.1.2
- macOS High Sierra 10.13.6, Security Update 2018-004 Sierra, Security Update 2018-004 El Capitan
- watchOS 4.3.2
- tvOS 11.4.1
- iOS 11.4.1
This product is provided subject to this Notification and this Privacy & Use policy.
-
Original release date: July 09, 2018
The US-CERT Cyber Security Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD) in the past week. The NVD is sponsored by the Department of Homeland Security (DHS) National Cybersecurity and Communications Integration Center (NCCIC) / United States Computer Emergency Readiness Team (US-CERT). For modified or updated entries, please visit the NVD, which contains historical vulnerability information.
The vulnerabilities are based on the CVE vulnerability naming standard and are organized according to severity, determined by the Common Vulnerability Scoring System (CVSS) standard. The division of high, medium, and low severities correspond to the following scores:
High - Vulnerabilities will be labeled High severity if they have a CVSS base score of 7.0 - 10.0
Medium - Vulnerabilities will be labeled Medium severity if they have a CVSS base score of 4.0 - 6.9
Low - Vulnerabilities will be labeled Low severity if they have a CVSS base score of 0.0 - 3.9
Entries may include additional information provided by organizations and efforts sponsored by US-CERT. This information may include identifying information, values, definitions, and related links. Patch information is provided when available. Please note that some of the information in the bulletins is compiled from external, open source reports and is not a direct result of US-CERT analysis.
The NCCIC Weekly Vulnerability Summary Bulletin is created using information from the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD). In some cases, the vulnerabilities in the Bulletin may not yet have assigned CVSS scores. Please visit NVD for updated vulnerability entries, which include CVSS scores once they are available.
High Vulnerabilities
Back to topPrimary
Vendor -- ProductDescription Published CVSS Score Source & Patch Info There were no high vulnerabilities recorded this week. Medium Vulnerabilities
Back to topPrimary
Vendor -- ProductDescription Published CVSS Score Source & Patch Info There were no medium vulnerabilities recorded this week. Low Vulnerabilities
Back to topPrimary
Vendor -- ProductDescription Published CVSS Score Source & Patch Info There were no low vulnerabilities recorded this week. Severity Not Yet Assigned
Back to topPrimary
Vendor -- ProductDescription Published CVSS Score Source & Patch Info adb -- broadband_gateways_and_routers All ADB broadband gateways / routers based on the Epicentro platform are affected by a privilege escalation vulnerability where attackers can gain access to the command line interface (CLI) if previously disabled by the ISP, escalate their privileges, and perform further attacks. 2018-07-06 not yet calculated CVE-2018-13110
MISC
FULLDISC
BUGTRAQ
EXPLOIT-DB
MISCadb -- broadband_gateways_and_routers All ADB broadband gateways / routers based on the Epicentro platform are affected by a local root jailbreak vulnerability where attackers are able to gain root access on the device, and extract further information such as sensitive configuration data of the ISP (e.g., VoIP credentials) or attack the internal network of the ISP. 2018-07-06 not yet calculated CVE-2018-13108
MISC
FULLDISC
BUGTRAQ
EXPLOIT-DB
MISCadb -- broadband_gateways_and_routers
All ADB broadband gateways / routers based on the Epicentro platform are affected by an authorization bypass vulnerability where attackers are able to access and manipulate settings within the web interface that are forbidden to end users (e.g., by the ISP). An attacker would be able to enable the TELNET server or other settings as well. 2018-07-06 not yet calculated CVE-2018-13109
MISC
FULLDISC
BUGTRAQ
EXPLOIT-DB
MISCairties -- airties
Airties 5444 1.0.0.18 and 5444TT 1.0.0.18 devices allow XSS. 2018-07-05 not yet calculated CVE-2018-8738
EXPLOIT-DB
MISCangular -- redactor Imperavi Redactor 3 in Angular Redactor 1.1.6, when HTML content mode is used, allows stored XSS, as demonstrated by an onerror attribute of an IMG element, a related issue to CVE-2018-7035. 2018-07-05 not yet calculated CVE-2018-13339
MISC
MISCansible -- ansible
Ansible 2.5 prior to 2.5.5, and 2.4 prior to 2.4.5, do not honor the no_log task flag for failed tasks. When the no_log flag has been used to protect sensitive data passed to a task from being logged, and that task does not run successfully, Ansible will expose sensitive data in log files and on the terminal of the user running Ansible. 2018-07-02 not yet calculated CVE-2018-10855
REDHAT
REDHAT
REDHAT
REDHAT
CONFIRMansible -- ansible
In ansible it was found that inventory variables are loaded from current working directory when running ad-hoc command which are under attacker's control, allowing to run arbitrary code as a result. 2018-07-02 not yet calculated CVE-2018-10874
CONFIRManydesk -- anydesk
AnyDesk before "12.06.2018 - 4.1.3" on Windows 7 SP1 has a DLL preloading vulnerability. 2018-07-03 not yet calculated CVE-2018-13102
CONFIRMapache -- cxf It is possible to configure Apache CXF to use the com.sun.net.ssl implementation via 'System.setProperty("java.protocol.handler.pkgs", "com.sun.net.ssl.internal.www.protocol");'. When this system property is set, CXF uses some reflection to try to make the HostnameVerifier work with the old com.sun.net.ssl.HostnameVerifier interface. However, the default HostnameVerifier implementation in CXF does not implement the method in this interface, and an exception is thrown. However, in Apache CXF prior to 3.2.5 and 3.1.16 the exception is caught in the reflection code and not properly propagated. What this means is that if you are using the com.sun.net.ssl stack with CXF, an error with TLS hostname verification will not be thrown, leaving a CXF client subject to man-in-the-middle attacks. 2018-07-02 not yet calculated CVE-2018-8039
CONFIRM
SECTRACK
CONFIRM
MLISTapache -- cxf_fediz Versions of Apache CXF Fediz prior to 1.4.4 do not fully disable Document Type Declarations (DTDs) when either parsing the Identity Provider response in the application plugins, or in the Identity Provider itself when parsing certain XML-based parameters. 2018-07-05 not yet calculated CVE-2018-8038
CONFIRM
SECTRACK
CONFIRM
MLISTapache -- pdfbox In Apache PDFBox 1.8.0 to 1.8.14 and 2.0.0RC1 to 2.0.10, a carefully crafted (or fuzzed) file can trigger an infinite loop which leads to an out of memory exception in Apache PDFBox's AFMParser. 2018-07-03 not yet calculated CVE-2018-8036
MLISTapache -- solr
This vulnerability in Apache Solr 6.0.0 to 6.6.4 and 7.0.0 to 7.3.1 relates to an XML external entity expansion (XXE) in Solr config files (currency.xml, enumsConfig.xml referred from schema.xml, TIKA parsecontext config file). In addition, Xinclude functionality provided in these config files is also affected in a similar way. The vulnerability can be used as XXE using file/ftp/http protocols in order to read arbitrary local files from the Solr server or the internal network. The manipulated files can be uploaded as configsets using Solr's API, allowing to exploit that vulnerability. 2018-07-05 not yet calculated CVE-2018-8026
CONFIRM
MLISTarchive::zip -- archive::zip
perl-archive-zip is vulnerable to a directory traversal in Archive::Zip. It was found that the Archive::Zip module did not properly sanitize paths while extracting zip files. An attacker able to provide a specially crafted archive for processing could use this flaw to write or overwrite arbitrary files in the context of the perl interpreter. 2018-06-29 not yet calculated CVE-2018-10860
BID
CONFIRM
UBUNTU
UBUNTUbedita -- bedita
An issue was discovered in BEdita before 3.7.0. A cross-site scripting (XSS) attack occurs via a crafted pages/showObjects URI, as demonstrated by appending a payload to a pages/showObjects/2/0/0/leafs URI. 2018-07-04 not yet calculated CVE-2015-9260
MISC
MISC
MISCbeescms -- beescms In BEESCMS 4.0, CSRF allows administrators to be added arbitrarily, a related issue to CVE-2018-10266. 2018-07-05 not yet calculated CVE-2018-12739
MISC
EXPLOIT-DBbitcoin_core -- bitcoin_core In Bitcoin Core before v0.13.0, a non-final alert is able to block the special "final alert" (which is supposed to override all other alerts) because operations occur in the wrong order. This behavior occurs in the remote network alert system (deprecated since Q1 2016). This affects other uses of the codebase, such as Bitcoin Knots before v0.13.0.knots20160814 and many altcoins. 2018-07-05 not yet calculated CVE-2016-10725
MISC
MISCbitcoin_core -- bitcoin_core
Bitcoin Core before v0.13.0 allows denial of service (memory exhaustion) triggered by the remote network alert system (deprecated since Q1 2016) if an attacker can sign a message with a certain private key that had been known by unintended actors, because of an infinitely sized map. This affects other uses of the codebase, such as Bitcoin Knots before v0.13.0.knots20160814 and many altcoins. 2018-07-05 not yet calculated CVE-2016-10724
MISC
MISCbuttle -- buttle Path traversal in buttle module versions <= 0.2.0 allows to read any file in the server. 2018-07-05 not yet calculated CVE-2018-3766
MISCcinnamon -- cinnamon
An issue was discovered in Cinnamon 1.9.2 through 3.8.6. The cinnamon-settings-users.py GUI runs as root and allows configuration of (for example) other users' icon files in _on_face_browse_menuitem_activated and _on_face_menuitem_activated. These icon files are written to the respective user's $HOME/.face location. If an unprivileged user prepares a symlink pointing to an arbitrary location, then this location will be overwritten with the icon content. 2018-07-02 not yet calculated CVE-2018-13054
MISC
MISCclippercms -- clippercms
ClipperCMS 1.3.3 has stored XSS via the "Tools -> Configuration" screen of the manager/ URI. 2018-07-03 not yet calculated CVE-2018-13106
MISCcore -- ftp_le Core FTP LE version 2.2 Build 1921 is prone to a buffer overflow vulnerability that may result in a DoS or remote code execution via a PASV response. 2018-07-05 not yet calculated CVE-2018-12113
MISC
MISC
MISCcyberark -- endpoint_privilege_manager In CyberArk Endpoint Privilege Manager (formerly Viewfinity), Privilege Escalation is possible if the attacker has one process that executes as Admin. 2018-07-05 not yet calculated CVE-2018-13052
MISCd-link -- dir-890l_a2_devices An issue was discovered on D-Link DIR-890L A2 devices. Due to the predictability of the /docs/captcha_(number).jpeg URI, being local to the network, but unauthenticated to the administrator's panel, an attacker can disclose the CAPTCHAs used by the access point and can elect to load the CAPTCHA of their choosing, leading to unauthorized login attempts to the access point. 2018-07-05 not yet calculated CVE-2018-12103
FULLDISCdamicms -- damicms
DamiCMS v6.0.0 allows CSRF via admin.php?s=/Admin/doadd to add an administrator account. 2018-07-05 not yet calculated CVE-2018-13031
MISC
EXPLOIT-DBdebian -- devscripts
scripts/grep-excuses.pl in Debian devscripts through 2.18.3 allows code execution through unsafe YAML loading because YAML::Syck is used without a configuration that prevents unintended blessing. 2018-07-01 not yet calculated CVE-2018-13043
MISC
UBUNTUdeep-extend -- deep-extend The utilities function in all versions <= 0.5.0 of the deep-extend node module can be tricked into modifying the prototype of Object when the attacker can control part of the structure passed to this function. This can let an attacker add or modify existing properties that will exist on all objects. 2018-07-03 not yet calculated CVE-2018-3750
MISCdeep-node -- deep-node The utilities function in all versions < 1.0.1 of the deap node module can be tricked into modifying the prototype of Object when the attacker can control part of the structure passed to this function. This can let an attacker add or modify existing properties that will exist on all objects. 2018-07-03 not yet calculated CVE-2018-3749
MISCdell_emc -- ecs Dell EMC ECS versions 3.2.0.0 and 3.2.0.1 contain an authentication bypass vulnerability. A remote unauthenticated attacker could exploit this vulnerability to read and modify S3 objects by supplying specially crafted S3 requests. 2018-07-03 not yet calculated CVE-2018-11052
FULLDISC
BIDdell_emc -- idrac Dell EMC iDRAC9 versions prior to 3.21.21.21 did not enforce the use of TLS/SSL for a connection to iDRAC web server for certain URLs. A man-in-the-middle attacker could use this vulnerability to strip the SSL/TLS protection from a connection between a client and a server. 2018-07-02 not yet calculated CVE-2018-1249
CONFIRMdell_emc -- idrac Dell EMC iDRAC7/iDRAC8, versions prior to 2.60.60.60, and iDRAC9 versions prior to 3.21.21.21 contain a command injection vulnerability in the SNMP agent. A remote authenticated malicious iDRAC user with configuration privileges could potentially exploit this vulnerability to execute arbitrary commands on the iDRAC where SNMP alerting is enabled. 2018-07-02 not yet calculated CVE-2018-1244
CONFIRMdell_emc -- idrac The web-based diagnostics console in Dell EMC iDRAC6 (Monolithic versions prior to 2.91 and Modular all versions) contains a command injection vulnerability. A remote authenticated malicious iDRAC user with access to the diagnostics console could potentially exploit this vulnerability to execute arbitrary commands as root on the affected iDRAC system. 2018-07-02 not yet calculated CVE-2018-1212
CONFIRMdell_emc -- idrac Dell EMC iDRAC6, versions prior to 2.91, iDRAC7/iDRAC8, versions prior to 2.60.60.60 and iDRAC9, versions prior to 3.21.21.21, contain a weak CGI session ID vulnerability. The sessions invoked via CGI binaries use 96-bit numeric-only session ID values, which makes it easier for remote attackers to perform bruteforce session guessing attacks. 2018-07-02 not yet calculated CVE-2018-1243
CONFIRMdialogic -- powermedia_xms Use of Hard-coded Credentials in /var/www/xms/application/controllers/gatherLogs.php in the administrative console in Dialogic PowerMedia XMS through 3.5 allows remote attackers to interact with a web service. 2018-07-03 not yet calculated CVE-2018-11641
MISCdialogic -- powermedia_xms Use of a Hard-coded Cryptographic Key used to protect cookie session data in /var/www/xms/application/config/config.php in the administrative console in Dialogic PowerMedia XMS through 3.5 allows remote attackers to bypass authentication. 2018-07-03 not yet calculated CVE-2018-11635
MISCdialogic -- powermedia_xms Plaintext Storage of Passwords within Cookies in /var/www/xms/application/controllers/verifyLogin.php in the administrative console in Dialogic PowerMedia XMS before 3.5 SU2 allows remote attackers to access a user's password in cleartext. 2018-07-03 not yet calculated CVE-2018-11639
MISCdialogic -- powermedia_xms Cross-site request forgery (CSRF) vulnerability in the administrative console in Dialogic PowerMedia XMS through 3.5 allows remote attackers to execute malicious and unauthorized actions. 2018-07-03 not yet calculated CVE-2018-11636
MISCdialogic -- powermedia_xms Information leakage vulnerability in the administrative console in Dialogic PowerMedia XMS through 3.5 allows remote attackers to read arbitrary files from the /var/ directory because a symlink exists under the web root. 2018-07-03 not yet calculated CVE-2018-11637
MISCdialogic -- powermedia_xms XML External Entity (XXE) vulnerability in the web service in Dialogic PowerMedia XMS before 3.5 SU2 allows remote attackers to read arbitrary files or cause a denial of service (resource consumption). 2018-07-03 not yet calculated CVE-2018-11640
MISCdialogic -- powermedia_xms SQL injection vulnerability in the administrative console in Dialogic PowerMedia XMS through 3.5 allows remote authenticated users to execute arbitrary SQL commands via the filterPattern parameter. 2018-07-03 not yet calculated CVE-2018-11643
MISCdialogic -- powermedia_xms Unrestricted Upload of a File with a Dangerous Type in the administrative console in Dialogic PowerMedia XMS through 3.5 allows remote authenticated users to upload malicious code to the web root to gain code execution. 2018-07-03 not yet calculated CVE-2018-11638
MISCdialogic -- powermedia_xms Incorrect Permission Assignment on the /var/www/xms/cleanzip.sh shell script run periodically in Dialogic PowerMedia XMS through 3.5 allows local users to execute code as the root user. 2018-07-03 not yet calculated CVE-2018-11642
MISCdialogic -- powermedia_xms Plaintext Storage of Passwords in the administrative console in Dialogic PowerMedia XMS before 3.5 SU2 allows local users to access the web application's user passwords in cleartext by reading /var/www/xms/xmsdb/default.db. 2018-07-03 not yet calculated CVE-2018-11634
MISCdnn -- dnn
DNN (aka DotNetNuke) before 9.2.0 suffers from a Server-Side Request Forgery (SSRF) vulnerability in the DnnImageHandler class. Attackers may be able to access information about internal network resources. 2018-07-03 not yet calculated CVE-2017-0929
MISCdocker -- moby
The default OCI linux spec in oci/defaults{_linux}.go in Docker/Moby from 1.11 to current does not block /proc/acpi pathnames. The flaw allows an attacker to modify host's hardware like enabling/disabling bluetooth or turning up/down keyboard brightness. 2018-07-06 not yet calculated CVE-2018-10892
CONFIRM
CONFIRMdogtag -- dogtag_pki
Dogtag PKI, through version 10.6.1, has a vulnerability in AAclAuthz.java that, under certain configurations, causes the application of ACL allow and deny rules to be reversed. If a server is configured to process allow rules before deny rules (authz.evaluateOrder=allow,deny), then allow rules will deny access and deny rules will grant access. This may result in an escalation of privileges or have other unintended consequences. 2018-07-02 not yet calculated CVE-2018-1080
REDHAT
CONFIRM
CONFIRM
CONFIRMdongguan_diqee -- diqee360_devices An issue was discovered on Dongguan Diqee Diqee360 devices. The affected vacuum cleaner suffers from an authenticated remote code execution vulnerability. An authenticated attacker can send a specially crafted UDP packet, and execute commands on the vacuum cleaner as root. The bug is in the function REQUEST_SET_WIFIPASSWD (UDP command 153). A crafted UDP packet runs "/mnt/skyeye/mode_switch.sh %s" with an attacker controlling the %s variable. In some cases, authentication can be achieved with the default password of 888888 for the admin account. 2018-07-05 not yet calculated CVE-2018-10987
MISCdongguan_diqee -- diqee360_devices An issue was discovered on Diqee Diqee360 devices. A firmware update process, integrated into the firmware, starts at boot and tries to find the update folder on the microSD card. It executes code, without a digital signature, as root from the /mnt/sdcard/$PRO_NAME/upgrade.sh or /sdcard/upgrage_360/upgrade.sh pathname. 2018-07-05 not yet calculated CVE-2018-10988
MISCecessa_shieldlink -- sl175ehq_devices ECESSA ShieldLink SL175EHQ 10.7.4 devices have CSRF to add superuser accounts via the cgi-bin/pl_web.cgi/util_configlogin_act URI. 2018-07-01 not yet calculated CVE-2018-13032
EXPLOIT-DBentrust_datacard -- syntera_cs
Entrust Datacard Syntera CS 5.x has XSS via the name field of "Domain or Computer Name" in the login page. 2018-07-05 not yet calculated CVE-2018-13252
MISCethereum -- aichain_token The mintToken function of a smart contract implementation for AIChain, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-04 not yet calculated CVE-2018-13175
MISC
MISCethereum -- air-contact_token The mintToken function of a smart contract implementation for Air-Contact Token (AIR), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-04 not yet calculated CVE-2018-13179
MISC
MISCethereum -- alex_token The mintToken function of a smart contract implementation for ALEX, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-04 not yet calculated CVE-2018-13162
MISC
MISCethereum -- appcoins_token The mintToken function of a smart contract implementation for appcoins (APPC), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-04 not yet calculated CVE-2018-13185
MISC
MISCethereum -- assettoken The mintToken function of a smart contract implementation for AssetToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-04 not yet calculated CVE-2018-13158
MISC
MISCethereum -- athleticoin_token The mintToken function of a smart contract implementation for AthletiCoin (ATHA), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-04 not yet calculated CVE-2018-13166
MISC
MISCethereum -- atlant_token ATLANT (ATL) is a smart contract running on Ethereum. The mint function has an integer overflow that allows minted tokens to be arbitrarily retrieved by the contract owner. 2018-07-03 not yet calculated CVE-2018-11429
MISC
MISCethereum -- azuriontoken The mintToken function of a smart contract implementation for AzurionToken (AZU), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-02 not yet calculated CVE-2018-13068
MISCethereum -- bankcoin_token The mintToken function of a smart contract implementation for bankcoin (BNK), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-04 not yet calculated CVE-2018-13159
MISC
MISCethereum -- betcash_token The mintToken function of a smart contract implementation for Betcash (BC), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-02 not yet calculated CVE-2018-13076
MISCethereum -- bitotal_token Bitotal (TFUND) is a smart contract running on Ethereum. The mintTokens function has an integer overflow that allows minted tokens to be arbitrarily retrieved by the contract owner. 2018-07-03 not yet calculated CVE-2018-13130
MISC
MISCethereum -- bittelux_token The transfer and transferFrom functions of a smart contract implementation for Bittelux (BTX), an Ethereum token, have an integer overflow. 2018-07-05 not yet calculated CVE-2018-13326
MISCethereum -- bonustoken The mintToken function of a smart contract implementation for bonusToken (BNS), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-04 not yet calculated CVE-2018-13156
MISC
MISCethereum -- bzxcoin_token The mintToken function of a smart contract implementation for bzxcoin (BZX), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-04 not yet calculated CVE-2018-13172
MISC
MISCethereum -- carbon_exchange_coin_token The mintToken function of a smart contract implementation for Carbon Exchange Coin Token (CEC), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-02 not yet calculated CVE-2018-13075
MISCethereum -- ccindex10_token The mintToken function of a smart contract implementation for CCindex10 (T10), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-02 not yet calculated CVE-2018-13071
MISCethereum -- chuchulingaigo_token The transfer and transferFrom functions of a smart contract implementation for ChuCunLingAIGO (CCLAG), an Ethereum token, have an integer overflow. 2018-07-05 not yet calculated CVE-2018-13327
MISCethereum -- cibn_live_token The mintToken function of a smart contract implementation for CIBN Live Token (CIBN LIVE), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-04 not yet calculated CVE-2018-13187
MISC
MISCethereum -- coffeecoin_token The mintToken function of a smart contract implementation for Coffeecoin (COFFEE), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-02 not yet calculated CVE-2018-13072
MISCethereum -- coinstar_token The mintToken function of a smart contract implementation for Coinstar (CSTR), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-02 not yet calculated CVE-2018-13087
MISCethereum -- cointoken The sell function of a smart contract implementation for CoinToken, an Ethereum token, has an integer overflow in which "amount * sellPrice" can be zero, consequently reducing a seller's assets. 2018-07-04 not yet calculated CVE-2018-13217
MISC
MISCethereum -- cranoo_token The mintToken function of a smart contract implementation for Cranoo (CRN), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-04 not yet calculated CVE-2018-13195
MISC
MISCethereum -- crowdnext_token The sell function of a smart contract implementation for Crowdnext (CNX), an Ethereum token, has an integer overflow in which "amount * sellPrice" can be zero, consequently reducing a seller's assets. 2018-07-04 not yet calculated CVE-2018-13228
MISC
MISCethereum -- cryptoabs_token The mintToken function of a smart contract implementation for CryptoABS (ABS), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-04 not yet calculated CVE-2018-13174
MISC
MISCethereum -- cryptonitexcoin_token The mintToken function of a smart contract implementation for CryptonitexCoin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-04 not yet calculated CVE-2018-13157
MISC
MISCethereum -- ctb_token The mintToken function of a smart contract implementation for CTB, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-02 not yet calculated CVE-2018-13077
MISCethereum -- dateme_token The sell function of a smart contract implementation for DateMe (DMX) (Contract Name: ProgressiveToken), an Ethereum token, has an integer overflow in which "amount * sellPrice" can be zero, consequently reducing a seller's assets. 2018-07-04 not yet calculated CVE-2018-13200
MISC
MISCethereum -- destineed_token The sell function of a smart contract implementation for DestiNeed (DSN), an Ethereum token, has an integer overflow in which "amount * sellPrice" can be zero, consequently reducing a seller's assets. 2018-07-04 not yet calculated CVE-2018-13230
MISC
MISCethereum -- dvchain_token The mintToken function of a smart contract implementation for DVChain, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-04 not yet calculated CVE-2018-13190
MISC
MISCethereum -- dychain_token The mintToken function of a smart contract implementation for DYchain (DYC), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-02 not yet calculated CVE-2018-13069
MISCethereum -- easy_trading_token The transfer and transferFrom functions of a smart contract implementation for Easy Trading Token (ETT), an Ethereum token, have an integer overflow. 2018-07-03 not yet calculated CVE-2018-13113
MISCethereum -- ectoints_token The mintToken function of a smart contract implementation for ECToints (ECT) (Contract Name: ECPoints), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-04 not yet calculated CVE-2018-13178
MISC
MISCethereum -- eliteshippertoken The mintToken function of a smart contract implementation for EliteShipperToken (ESHIP), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-04 not yet calculated CVE-2018-13173
MISC
MISCethereum -- encryptedtoken The mintToken function of a smart contract implementation for EncryptedToken (ECC), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-02 not yet calculated CVE-2018-13070
MISCethereum -- enter_token The sell function of a smart contract implementation for ENTER (ENTR) (Contract Name: EnterToken), an Ethereum token, has an integer overflow in which "amount * sellPrice" can be zero, consequently reducing a seller's assets. 2018-07-04 not yet calculated CVE-2018-13231
MISC
MISCethereum -- enter_token The sell function of a smart contract implementation for ENTER (ENTR) (Contract Name: EnterCoin), an Ethereum token, has an integer overflow in which "amount * sellPrice" can be zero, consequently reducing a seller's assets. 2018-07-04 not yet calculated CVE-2018-13232
MISC
MISCethereum -- eppcoin_token The mintToken function of a smart contract implementation for EPPCOIN (EPP), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-04 not yet calculated CVE-2018-13164
MISC
MISCethereum -- ethercash_token The sell function of a smart contract implementation for ETHERCASH (ETC), an Ethereum token, has an integer overflow in which "amount * sellPrice" can be zero, consequently reducing a seller's assets. 2018-07-04 not yet calculated CVE-2018-13204
MISC
MISCethereum -- ethereum_cash_pro_token The mintToken function of a smart contract implementation for Ethereum Cash Pro (ECP), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-04 not yet calculated CVE-2018-13169
MISC
MISCethereum -- ethereumblack_token The mintToken function of a smart contract implementation for ETHEREUMBLACK (ETCBK), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-02 not yet calculated CVE-2018-13073
MISCethereum -- ethereumblack_token The sell function of a smart contract implementation for ETHEREUMBLACK (ETCBK), an Ethereum token, has an integer overflow in which "amount * sellPrice" can be zero, consequently reducing a seller's assets. 2018-07-04 not yet calculated CVE-2018-13199
MISCethereum -- ethereumlegit_token The sell function of a smart contract implementation for EthereumLegit, an Ethereum token, has an integer overflow in which "amount * sellPrice" can be zero, consequently reducing a seller's assets. 2018-07-04 not yet calculated CVE-2018-13212
MISC
MISCethereum -- ethernet_cash_token The mintToken function of a smart contract implementation for Ethernet Cash (ENC), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-04 not yet calculated CVE-2018-13163
MISC
MISCethereum -- etherty_token Etherty Token (ETY) is a smart contract running on Ethereum. The mint function has an integer overflow that allows minted tokens to be arbitrarily retrieved by the contract owner. 2018-07-03 not yet calculated CVE-2018-13128
MISC
MISCethereum -- etktokens The mintToken function of a smart contract implementation for etktokens (ETK), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-04 not yet calculated CVE-2018-13160
MISC
MISCethereum -- extreme_coin_token The sell function of a smart contract implementation for Extreme Coin (XT) (Contract Name: ExtremeToken), an Ethereum token, has an integer overflow in which "amount * sellPrice" can be zero, consequently reducing a seller's assets. 2018-07-04 not yet calculated CVE-2018-13221
MISC
MISCethereum -- fibtoken The mintToken function of a smart contract implementation for FIBToken (FIB), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-02 not yet calculated CVE-2018-13074
MISCethereum -- freecoin_token The mintToken function of a smart contract implementation for FreeCoin (FREE), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-02 not yet calculated CVE-2018-13085
MISCethereum -- futures_pease_token The mintToken function of a smart contract implementation for Futures Pease (FP), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-02 not yet calculated CVE-2018-13088
MISCethereum -- gemchain_token The mintToken function of a smart contract implementation for GEMCHAIN (GEM), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-04 not yet calculated CVE-2018-13155
MISCethereum -- gmile_token The sell function of a smart contract implementation for GMile, an Ethereum token, has an integer overflow in which "amount * sellPrice" can be zero, consequently reducing a seller's assets. 2018-07-04 not yet calculated CVE-2018-13214
MISC
MISCethereum -- go_ethereum The GetBlockHeadersMsg handler in the LES protocol implementation in Go Ethereum (aka geth) before 1.8.11 may lead to an access violation because of an integer signedness error for the array index, which allows attackers to launch a Denial of Service attack by sending a packet with a -1 query.Skip value. The vulnerable remote node would be crashed by such an attack immediately, aka the EPoD (Ethereum Packet of Death) issue. 2018-07-04 not yet calculated CVE-2018-12018
MISC
MISC
MISC
MISCethereum -- good_time_coin_token The mintToken function of a smart contract implementation for Good Time Coin (GTY), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-02 not yet calculated CVE-2018-13084
MISCethereum -- goodto_token The mintToken function of a smart contract implementation for GoodTo (GTO), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-02 not yet calculated CVE-2018-13079
MISCethereum -- goutex_token The mintToken function of a smart contract implementation for Goutex (GTX), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-02 not yet calculated CVE-2018-13080
MISCethereum -- greenmed_token The sell function of a smart contract implementation for GreenMed (GRMD), an Ethereum token, has an integer overflow in which "amount * sellPrice" can be zero, consequently reducing a seller's assets. 2018-07-04 not yet calculated CVE-2018-13216
MISC
MISCethereum -- growchain_token The _sell function of a smart contract implementation for GROWCHAIN (GROW), an Ethereum token, has an integer overflow. 2018-07-05 not yet calculated CVE-2018-13325
MISCethereum -- gsi_token The sell function of a smart contract implementation for GSI, an Ethereum token, has an integer overflow in which "amount * sellPrice" can be zero, consequently reducing a seller's assets. 2018-07-04 not yet calculated CVE-2018-13233
MISC
MISCethereum -- gvtoken_genesis_vision GVToken Genesis Vision (GVT) is a smart contract running on Ethereum. The mint function has an integer overflow that allows minted tokens to be arbitrarily retrieved by the contract owner. 2018-07-03 not yet calculated CVE-2018-11335
MISC
MISCethereum -- gzs_token The mintToken function of a smart contract implementation for GZS Token (GZS), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-02 not yet calculated CVE-2018-13081
MISCethereum -- hentaisolo_token The mintToken function of a smart contract implementation for hentaisolo (HAO), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-04 not yet calculated CVE-2018-13193
MISC
MISCethereum -- iadowr_coin_token The mintToken function of a smart contract implementation for IADOWR Coin (IAD), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-02 not yet calculated CVE-2018-13086
MISCethereum -- ico_dollar_token The sell function of a smart contract implementation for ICO Dollar (ICOD), an Ethereum token, has an integer overflow in which "amount * sellPrice" can be zero, consequently reducing a seller's assets. 2018-07-04 not yet calculated CVE-2018-13218
MISC
MISCethereum -- imm_coin_token The mintToken function of a smart contract implementation for IMM Coin (IMC), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-04 not yet calculated CVE-2018-13180
MISC
MISCethereum -- javaswaptest_token The mintToken function of a smart contract implementation for JavaSwapTest (JST), an Ethereum token, has an integer overflow. 2018-07-04 not yet calculated CVE-2018-13145
MISCethereum -- jitech_token The mintToken function of a smart contract implementation for Jitech (JTH), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-02 not yet calculated CVE-2018-13078
MISCethereum -- jobscoin_token The mintToken function of a smart contract implementation for Jobscoin (JOB), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-04 not yet calculated CVE-2018-13192
MISC
MISCethereum -- justdcoin_token The mintToken function of a smart contract implementation for JustDCoin (JustD), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-04 not yet calculated CVE-2018-13165
MISC
MISCethereum -- jwc_token The mintToken function of a smart contract implementation for JWC, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-04 not yet calculated CVE-2018-13183
MISC
MISCethereum -- ladatoken_token The mintToken function of a smart contract implementation for LadaToken (LDT), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-04 not yet calculated CVE-2018-13171
MISC
MISCethereum -- lef_token The mintToken, buy, and sell functions of a smart contract implementation for LEF, an Ethereum token, have an integer overflow. 2018-07-04 not yet calculated CVE-2018-13146
MISCethereum -- link_platform_token The mint function of a smart contract implementation for Link Platform (LNK), an Ethereum ERC20 token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-01 not yet calculated CVE-2018-13041
MISCethereum -- loncoin_token The mintToken function of a smart contract implementation for loncoin (LON), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-04 not yet calculated CVE-2018-13182
MISC
MISCethereum -- mavcash_token The sell function of a smart contract implementation for MAVCash, an Ethereum token, has an integer overflow in which "amount * sellPrice" can be zero, consequently reducing a seller's assets. 2018-07-04 not yet calculated CVE-2018-13220
MISC
MISCethereum -- miningrigrentals_token The mintToken function of a smart contract implementation for MiningRigRentals Token (MRR), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-04 not yet calculated CVE-2018-13177
MISC
MISCethereum -- mmtcoin_token The mintToken function of a smart contract implementation for MMTCoin (MMT), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-04 not yet calculated CVE-2018-13186
MISC
MISCethereum -- modi_token The mintToken function of a smart contract implementation for MODI Token (MODI), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-02 not yet calculated CVE-2018-13082
MISCethereum -- moneychainnet_token The sell function of a smart contract implementation for MoneyChainNet (MCN), an Ethereum token, has an integer overflow in which "amount * sellPrice" can be zero, consequently reducing a seller's assets. 2018-07-04 not yet calculated CVE-2018-13227
MISC
MISCethereum -- moneytree_token
The sell function of a smart contract implementation for MoneyTree (TREE), an Ethereum token, has an integer overflow in which "amount * sellPrice" can be zero, consequently reducing a seller's assets. 2018-07-04 not yet calculated CVE-2018-13208
MISC
MISCethereum -- moxyonepresale MoxyOnePresale is a smart contract running on Ethereum. The mint function has an integer overflow that allows minted tokens to be arbitrarily retrieved by the contract owner. 2018-07-03 not yet calculated CVE-2018-13126
MISC
MISCethereum -- multigames_token The mintToken function of a smart contract implementation for MultiGames (MLT), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-04 not yet calculated CVE-2018-13161
MISC
MISCethereum -- mybo_token The sell function of a smart contract implementation for MyBO, an Ethereum token, has an integer overflow in which "amount * sellPrice" can be zero, consequently reducing a seller's assets. 2018-07-04 not yet calculated CVE-2018-13202
MISC
MISCethereum -- mybo_token The mintToken function of a smart contract implementation for MyBO, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-04 not yet calculated CVE-2018-13188
MISC
MISCethereum -- mytoken The sell function of a smart contract implementation for MyToken, an Ethereum token, has an integer overflow in which "amount * sellPrice" can be zero, consequently reducing a seller's assets. 2018-07-04 not yet calculated CVE-2018-13211
MISC
MISCethereum -- myylc_token The sell function of a smart contract implementation for MyYLC, an Ethereum token, has an integer overflow in which "amount * sellPrice" can be zero, consequently reducing a seller's assets. 2018-07-04 not yet calculated CVE-2018-13225
MISC
MISCethereum -- nectar_token The sell function of a smart contract implementation for Nectar (NCTR), an Ethereum token, has an integer overflow in which "amount * sellPrice" can be zero, consequently reducing a seller's assets. 2018-07-04 not yet calculated CVE-2018-13209
MISC
MISCethereum -- objecttoken_token The sell function of a smart contract implementation for ObjectToken (OBJ), an Ethereum token, has an integer overflow in which "amount * sellPrice" can be zero, consequently reducing a seller's assets. 2018-07-04 not yet calculated CVE-2018-13222
MISC
MISCethereum -- ohni_2_token The sell function of a smart contract implementation for ohni_2 (OHNI), an Ethereum token, has an integer overflow in which "amount * sellPrice" can be zero, consequently reducing a seller's assets. 2018-07-04 not yet calculated CVE-2018-13205
MISC
MISCethereum -- pandora_token The transfer and transferFrom functions of a smart contract implementation for Pandora (PDX), an Ethereum token, have an integer overflow. 2018-07-04 not yet calculated CVE-2018-13144
MISCethereum -- pfgc_token The transfer, transferFrom, and mint functions of a smart contract implementation for PFGc, an Ethereum token, have an integer overflow. 2018-07-05 not yet calculated CVE-2018-13328
MISCethereum -- plaza_token The mintToken function of a smart contract implementation for Plaza Token (PLAZA), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-02 not yet calculated CVE-2018-13083
MISCethereum -- porncoin_token The sell function of a smart contract implementation for PornCoin (PRNC), an Ethereum token, has an integer overflow in which "amount * sellPrice" can be zero, consequently reducing a seller's assets. 2018-07-04 not yet calculated CVE-2018-13207
MISC
MISCethereum -- providence_crypto_casino_token The sell function of a smart contract implementation for Providence Crypto Casino (PVE) (Contract Name: ProvidenceCasinoToken), an Ethereum token, has an integer overflow in which "amount * sellPrice" can be zero, consequently reducing a seller's assets. 2018-07-04 not yet calculated CVE-2018-13210
MISC
MISCethereum -- providencecasino_token The sell function of a smart contract implementation for ProvidenceCasino (PVE), an Ethereum token, has an integer overflow in which "amount * sellPrice" can be zero, consequently reducing a seller's assets. 2018-07-04 not yet calculated CVE-2018-13206
MISC
MISCethereum -- r_time_token The sell function of a smart contract implementation for R Time Token v3 (RS) (Contract Name: RTokenMain), an Ethereum token, has an integer overflow in which "amount * sellPrice" can be zero, consequently reducing a seller's assets. 2018-07-04 not yet calculated CVE-2018-13223
MISC
MISCethereum -- reimburse_token The mintToken function of a smart contract implementation for Reimburse Token (REIM), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-02 not yet calculated CVE-2018-13092
MISCethereum -- ribtidecoin_token The sell function of a smart contract implementation for RiptideCoin (RIPT), an Ethereum token, has an integer overflow in which "amount * sellPrice" can be zero, consequently reducing a seller's assets. 2018-07-04 not yet calculated CVE-2018-13229
MISC
MISCethereum -- sample_token The sell function of a smart contract implementation for Sample Token (STK) (Contract Name: cashBackMintable), an Ethereum token, has an integer overflow in which "amount * sellPrice" can be zero, consequently reducing a seller's assets. 2018-07-04 not yet calculated CVE-2018-13215
MISC
MISCethereum -- snoqualmie_coin_token The mintToken function of a smart contract implementation for Snoqualmie Coin (SNOW), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-04 not yet calculated CVE-2018-13170
MISC
MISCethereum -- sp8de_presale_token SP8DE PreSale Token (DSPX) is a smart contract running on Ethereum. The mint function has an integer overflow that allows minted tokens to be arbitrarily retrieved by the contract owner. 2018-07-03 not yet calculated CVE-2018-13127
MISC
MISCethereum -- sp8de_token SP8DE Token (SPX) is a smart contract running on Ethereum. The mint function has an integer overflow that allows minted tokens to be arbitrarily retrieved by the contract owner. 2018-07-03 not yet calculated CVE-2018-13129
MISCethereum -- spadeico Spadeico is a smart contract running on Ethereum. The mint function has an integer overflow that allows minted tokens to be arbitrarily retrieved by the contract owner. 2018-07-03 not yet calculated CVE-2018-13132
MISC
MISCethereum -- spadepresale SpadePreSale is a smart contract running on Ethereum. The mint function has an integer overflow that allows minted tokens to be arbitrarily retrieved by the contract owner. 2018-07-03 not yet calculated CVE-2018-13131
MISC
MISCethereum -- stex_exchange_ico_token The sell function of a smart contract implementation for STeX Exchange ICO (STE), an Ethereum token, has an integer overflow in which "amount * sellPrice" can be zero, consequently reducing a seller's assets. 2018-07-04 not yet calculated CVE-2018-13198
MISC
MISCethereum -- sumocoin_token The mintToken function of a smart contract implementation for sumocoin (SUMO), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-02 not yet calculated CVE-2018-13091
MISCethereum -- super_carbon_coin_token The mintToken function of a smart contract implementation for Super Carbon Coin (SCC), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-04 not yet calculated CVE-2018-13191
MISC
MISCethereum -- swaptoken_token The sellBuyerTokens function of a smart contract implementation for SwapToken, an Ethereum token, has an integer overflow in which "amount * sellPrice" can be zero, consequently reducing a seller's assets. 2018-07-04 not yet calculated CVE-2018-13203
MISC
MISCethereum -- t-swap-token The sell function of a smart contract implementation for T-Swap-Token (T-S-T), an Ethereum token, has an integer overflow in which "amount * sellPrice" can be zero, consequently reducing a seller's assets. 2018-07-04 not yet calculated CVE-2018-13196
MISC
MISCethereum -- titok-ticket_token The sell function of a smart contract implementation for TiTok - Ticket Token (Contract Name: MyAdvancedToken7), an Ethereum token, has an integer overflow in which "amount * sellPrice" can be zero, consequently reducing a seller's assets. 2018-07-04 not yet calculated CVE-2018-13201
MISC
MISCethereum -- tongtong_coin_token The mintToken function of a smart contract implementation for TongTong Coin (TTCoin), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-04 not yet calculated CVE-2018-13194
MISC
MISCethereum -- travelcoin_token The sell function of a smart contract implementation for TravelCoin (TRV), an Ethereum token, has an integer overflow in which "amount * sellPrice" can be zero, consequently reducing a seller's assets. 2018-07-04 not yet calculated CVE-2018-13213
MISC
MISCethereum -- travelzedi_token The mintToken function of a smart contract implementation for TravelZedi Token (ZEDI), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-04 not yet calculated CVE-2018-13184
MISC
MISCethereum -- troo_token The mintToken function of a smart contract implementation for Troo, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-04 not yet calculated CVE-2018-13181
MISC
MISCethereum -- trust_zen_token The mintToken function of a smart contract implementation for Trust Zen Token (ZEN), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-04 not yet calculated CVE-2018-13176
MISC
MISCethereum -- universal_coin_token The mintToken function of a smart contract implementation for Universal Coin (UCOIN), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-02 not yet calculated CVE-2018-13089
MISCethereum -- unolabo_token The mint function of a smart contract implementation for Unolabo (UNLB), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-04 not yet calculated CVE-2018-13189
MISC
MISCethereum -- virtual_energy_units_token The sell function of a smart contract implementation for Virtual Energy Units (VEU) (Contract Name: VEU_TokenERC20), an Ethereum token, has an integer overflow in which "amount * sellPrice" can be zero, consequently reducing a seller's assets. 2018-07-04 not yet calculated CVE-2018-13224
MISC
MISCethereum -- welfare_token_fund_token The sell function of a smart contract implementation for Welfare Token Fund (WTF), an Ethereum token, has an integer overflow in which "amount * sellPrice" can be zero, consequently reducing a seller's assets. 2018-07-04 not yet calculated CVE-2018-13197
MISC
MISCethereum -- yitongcoin_token The mintToken function of a smart contract implementation for YiTongCoin (YTC), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-02 not yet calculated CVE-2018-13090
MISCethereum -- ylctoken The sell function of a smart contract implementation for YLCToken, an Ethereum token, has an integer overflow in which "amount * sellPrice" can be zero, consequently reducing a seller's assets. 2018-07-04 not yet calculated CVE-2018-13226
MISC
MISCethereum -- yourcoin_token The sell function of a smart contract implementation for YourCoin (ICO) (Contract Name: ETH033), an Ethereum token, has an integer overflow in which "amount * sellPrice" can be zero, consequently reducing a seller's assets. 2018-07-04 not yet calculated CVE-2018-13219
MISC
MISCethereum -- yu_gi_oh_token The mintToken function of a smart contract implementation for Yu Gi Oh (YGO) (Contract Name: NetkillerBatchToken), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-04 not yet calculated CVE-2018-13168
MISC
MISCethereum -- yu_gi_oh_token The mintToken function of a smart contract implementation for Yu Gi Oh (YGO), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. 2018-07-04 not yet calculated CVE-2018-13167
MISC
MISCfast-cpp-csv-parser -- fast-cpp-csv-parser Fast C++ CSV Parser (aka fast-cpp-csv-parser) before 2018-07-06 has a heap-based buffer over-read in io::trim_chars in csv.h. 2018-07-07 not yet calculated CVE-2018-13421
MISCffmpeg -- ffmpeg In FFmpeg 4.0.1, due to a missing check of a profile value before setting it, the ff_mpeg4_decode_picture_header function in libavcodec/mpeg4videodec.c may trigger a NULL pointer dereference while converting a crafted AVI file to MPEG4, leading to a denial of service. 2018-07-05 not yet calculated CVE-2018-13301
MISCffmpeg -- ffmpeg In libavcodec in FFmpeg 4.0.1, improper maintenance of the consistency between the context profile field and studio_profile in libavcodec may trigger an assertion failure while converting a crafted AVI file to MPEG4, leading to a denial of service, related to error_resilience.c, h263dec.c, and mpeg4videodec.c. 2018-07-05 not yet calculated CVE-2018-13304
MISCffmpeg -- ffmpeg In FFmpeg 4.0.1, improper handling of frame types (other than EAC3_FRAME_TYPE_INDEPENDENT) that have multiple independent substreams in the handle_eac3 function in libavformat/movenc.c may trigger an out-of-array access while converting a crafted AVI file to MPEG4, leading to a denial of service or possibly unspecified other impact. 2018-07-05 not yet calculated CVE-2018-13302
MISCffmpeg -- ffmpeg
In FFmpeg 4.0.1, due to a missing check for negative values of the mquant variable, the vc1_put_blocks_clamped function in libavcodec/vc1_block.c may trigger an out-of-array access while converting a crafted AVI file to MPEG4, leading to an information disclosure or a denial of service. 2018-07-05 not yet calculated CVE-2018-13305
MISCffmpeg -- ffmpeg
In FFmpeg 4.0.1, a missing check for failure of a call to init_get_bits8() in the avpriv_ac3_parse_header function in libavcodec/ac3_parser.c may trigger a NULL pointer dereference while converting a crafted AVI file to MPEG4, leading to a denial of service. 2018-07-05 not yet calculated CVE-2018-13303
MISCffmpeg -- ffmpeg
In FFmpeg 4.0.1, an improper argument (AVCodecParameters) passed to the avpriv_request_sample function in the handle_eac3 function in libavformat/movenc.c may trigger an out-of-array read while converting a crafted AVI file to MPEG4, leading to a denial of service and possibly an information disclosure. 2018-07-05 not yet calculated CVE-2018-13300
MISCfortinet -- fortios
An information disclosure vulnerability in Fortinet FortiOS 6.0.0 and below versions reveals user's web portal login credentials in a Javascript file sent to client-side when pages bookmarked in web portal use the Single Sign-On feature. 2018-07-05 not yet calculated CVE-2018-9185
BID
SECTRACK
CONFIRMgitlab -- community_and_enterprise_editions GitLab Community and Enterprise Editions before 10.1.6, 10.2.6, and 10.3.4 are vulnerable to an unverified password change issue in the PasswordsController component resulting in potential account takeover if a victim's session is compromised. 2018-07-03 not yet calculated CVE-2017-0921
MISCgitlab -- community_and_enterprise_editions
GitLab Community and Enterprise Editions before 10.1.6, 10.2.6, and 10.3.4 are vulnerable to an authorization bypass issue in the GitLab import component resulting in an attacker being able to perform operations under a group in which they were previously unauthorized. 2018-07-03 not yet calculated CVE-2017-0919
MISCglance -- glance There is a Stored XSS vulnerability in the glance node module versions <= 3.0.5. File name, which contains malicious HTML (eg. embedded iframe element or javascript: pseudo-protocol handler in <a> element) allows to execute JavaScript code against any user who opens a directory listing containing such crafted file name. 2018-07-03 not yet calculated CVE-2018-3748
MISCgleez_cms -- gleez_cms Gleez CMS 1.2.0 has CSRF, as demonstrated by a /page/add request. 2018-07-05 not yet calculated CVE-2018-13340
MISCglpi -- glpi
The constructSQL function in inc/search.class.php in GLPI 9.2.x through 9.3.0 allows SQL Injection, as demonstrated by triggering a crafted LIMIT clause to front/computer.php. 2018-07-02 not yet calculated CVE-2018-13049
CONFIRMgnu -- binutils
The Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.30, allows remote attackers to cause a denial of service (excessive memory allocation and application crash) via a crafted ELF file, as demonstrated by _bfd_elf_parse_attributes in elf-attrs.c and bfd_malloc in libbfd.c. This can occur during execution of nm. 2018-07-01 not yet calculated CVE-2018-13033
BID
MISCgolang -- go_doc_dot_org In Go Doc Dot Org (gddo) through 2018-06-27, an attacker could use specially crafted <go-import> tags in packages being fetched by gddo to cause a directory traversal and remote code execution. 2018-07-05 not yet calculated CVE-2018-12976
CONFIRM
MLISTgolden_frog -- vyprvpn
Golden Frog VyprVPN before 2018-06-21 has a vulnerability associated with the installation process on Windows. 2018-07-04 not yet calculated CVE-2018-13133
MISC
MISChtcondor -- htcondor
The condor_schedd component in HTCondor before 8.6.8 and 8.7.x before 8.7.5 allows remote authenticated users to cause a denial of service (daemon crash) by leveraging use of GSI and VOMS extensions. 2018-07-05 not yet calculated CVE-2017-16816
CONFIRM
MLISThuawei -- emily-al00a_smart_phones
Huawei smart phones Emily-AL00A with software 8.1.0.106(SP2C00) and 8.1.0.107(SP5C00) have a Factory Reset Protection (FRP) bypass vulnerability. An attacker gets some user's smart phone and performs some special operations in the guide function. The attacker may exploit the vulnerability to bypass FRP function and use the phone normally. 2018-07-05 not yet calculated CVE-2018-7944
CONFIRMhuawei -- mate_9_pro_smart_phones
Short Message Service (SMS) module of Mate 9 Pro Huawei smart phones with the versions before LON-AL00B 8.0.0.354(C00) has a Denial of Service (DoS) vulnerability. An unauthenticated attacker may set up a pseudo base station, and send special malware text message to the phone, causing the mobile phone to fail to make calls and send and receive text messages. 2018-07-02 not yet calculated CVE-2017-17175
CONFIRMhuawei -- multiple_devices Common Open Policy Service Protocol (COPS) module in Huawei USG6300 V100R001C10; V100R001C20; V100R001C30; V500R001C00; V500R001C20; V500R001C30; V500R001C50; Secospace USG6500 V100R001C10; V100R001C20; V100R001C30; V500R001C00; V500R001C20; V500R001C30; V500R001C50; Secospace USG6600 V100R001C00; V100R001C20; V100R001C30; V500R001C00; V500R001C20; V500R001C30; V500R001C50; TE30 V100R001C02; V100R001C10; V500R002C00; V600R006C00; TE40 V500R002C00; V600R006C00; TE50 V500R002C00; V600R006C00; TE60 V100R001C01; V100R001C10; V500R002C00; V600R006C00 has a buffer overflow vulnerability. An unauthenticated, remote attacker has to control the peer device and send specially crafted message to the affected products. Due to insufficient input validation, successful exploit may cause some services abnormal. 2018-07-02 not yet calculated CVE-2017-17317
CONFIRMhuawei -- multiple_devices Huawei DP300 V500R002C00; RP200 V500R002C00; V600R006C00; TE30 V100R001C10; V500R002C00; V600R006C00; TE40 V500R002C00; V600R006C00; TE50 V500R002C00; V600R006C00; TE60 V100R001C10; V500R002C00; V600R006C00 have an out-of-bounds read vulnerability. An unauthenticated, remote attacker has to control the peer device and craft the Signalling Connection Control Part (SCCP) messages to the target devices. Due to insufficient input validation of some values in the messages, successful exploit will cause out-of-bounds read and some services abnormal. 2018-07-02 not yet calculated CVE-2017-17316
CONFIRMibm -- api_connect IBM API Connect 5.0.0.0 through 5.0.8.3 could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security. An attacker could exploit this vulnerability to obtain sensitive information using man in the middle techniques. IBM X-Force ID: 142650. 2018-07-06 not yet calculated CVE-2018-1546
XF
CONFIRMibm -- doors_next_generation
IBM DOORS Next Generation (DNG/RRC) 5.0 through 5.0.2 and 6.0 through 6.0.5 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 141097. 2018-07-06 not yet calculated CVE-2018-1494
CONFIRM
XFibm -- filenet_content_manager IBM FileNet Content Manager 5.2.1 and 5.5.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 142893. 2018-07-06 not yet calculated CVE-2018-1556
CONFIRM
SECTRACK
XFibm -- filenet_content_manager IBM FileNet Content Manager 5.2.1 and 5.5.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 142892. 2018-07-06 not yet calculated CVE-2018-1555
CONFIRM
SECTRACK
XFibm -- jazz_foundation
IBM Jazz Foundation products could allow an authenticated user to obtain sensitive information from a stack trace that could be used to aid future attacks. IBM X-Force ID: 129719. 2018-07-06 not yet calculated CVE-2017-1509
XF
CONFIRMibm -- jazz_foundation
An undisclosed vulnerability in Jazz common products exists with potential for information disclosure. IBM X-Force ID: 128627. 2018-07-06 not yet calculated CVE-2017-1488
XF
CONFIRMibm -- jazz_foundation
IBM Jazz based applications are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 124355. 2018-07-06 not yet calculated CVE-2017-1237
XF
CONFIRMibm -- multiple_products IBM FileNet Content Manager, IBM Content Foundation, and IBM Case Foundation Administration Console for Content Platform Engine (ACCE) 5.2.1 and 5.5.0 are vulnerable to a XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 142597. 2018-07-06 not yet calculated CVE-2018-1542
CONFIRM
SECTRACK
XFibm -- planning_analytics IBM Planning Analytics 2.0.0 through 2.0.4 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 145118. 2018-07-06 not yet calculated CVE-2018-1676
CONFIRM
XFibm -- quality_manager IBM Quality Manager (RQM) 5.0.x and 6.0 through 6.0.5 are vulnerable to HTML injection. A remote attacker could inject malicious HTML code, which when viewed, would be executed in the victim's Web browser within the security context of the hosting site. IBM X-Force ID: 126231. 2018-07-06 not yet calculated CVE-2017-1329
CONFIRM
XFibm -- quality_manager IBM Quality Manager (RQM) 5.0.x and 6.0 through 6.0.5 are vulnerable to HTML injection. A remote attacker could inject malicious HTML code, which when viewed, would be executed in the victim's Web browser within the security context of the hosting site. IBM X-Force ID: 124628. 2018-07-06 not yet calculated CVE-2017-1248
CONFIRM
XFibm -- quality_manager IBM Quality Manager (RQM) 5.0.x and 6.0 through 6.0.5 are vulnerable to HTML injection. A remote attacker could inject malicious HTML code, which when viewed, would be executed in the victim's Web browser within the security context of the hosting site. IBM X-Force ID: 124524. 2018-07-06 not yet calculated CVE-2017-1242
CONFIRM
XFibm -- quality_manager IBM Quality Manager (RQM) 5.0.x and 6.0 through 6.0.5 could reveal sensitive information in HTTP 500 Internal Server Error responses. IBM X-Force ID: 124357. 2018-07-06 not yet calculated CVE-2017-1239
CONFIRM
XFibm -- quality_manager IBM Quality Manager (RQM) 5.0.x and 6.0 through 6.0.5 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 124356. 2018-07-06 not yet calculated CVE-2017-1238
CONFIRM
XFibm -- quality_manager_and_rational_collaborative_lifecycle_management IBM Rational Quality Manager and IBM Rational Collaborative Lifecycle Management 5.0 through 5.0.2 and 6.0 through 6.0.5 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 132493. 2018-07-03 not yet calculated CVE-2017-1592
XF
CONFIRMibm -- quality_manager_and_rational_collaborative_lifecycle_management IBM Rational Quality Manager and IBM Rational Collaborative Lifecycle Management 5.0 through 5.0.2 and 6.0 through 6.0.5 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 131778. 2018-07-03 not yet calculated CVE-2017-1568
XF
CONFIRMibm -- quality_manager_and_rational_collaborative_lifecycle_management IBM Rational Quality Manager and IBM Rational Collaborative Lifecycle Management 5.0 through 5.0.2 and 6.0 through 6.0.5 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 131765. 2018-07-03 not yet calculated CVE-2017-1565
XF
CONFIRMibm -- quality_manager_and_rational_collaborative_lifecycle_management IBM Rational Quality Manager and IBM Rational Collaborative Lifecycle Management 5.0 through 5.0.2 and 6.0 through 6.0.5 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 131760. 2018-07-03 not yet calculated CVE-2017-1561
XF
CONFIRMibm -- quality_manager_and_rational_collaborative_lifecycle_management IBM Rational Quality Manager and IBM Rational Collaborative Lifecycle Management 5.0 through 5.0.2 and 6.0 through 6.0.5 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 125161. 2018-07-03 not yet calculated CVE-2017-1299
XF
CONFIRMibm -- quality_manager_and_rational_collaborative_lifecycle_management IBM Rational Quality Manager and IBM Rational Collaborative Lifecycle Management 5.0 through 5.0.2 and 6.0 through 6.0.5 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 124752. 2018-07-03 not yet calculated CVE-2017-1277
XF
CONFIRMibm -- quality_manager_and_rational_collaborative_lifecycle_management IBM Rational Quality Manager and IBM Rational Collaborative Lifecycle Management 5.0 through 5.0.2 and 6.0 through 6.0.5 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 134066. 2018-07-03 not yet calculated CVE-2017-1691
XF
CONFIRMibm -- quality_manager_and_rational_collaborative_lifecycle_management IBM Rational Quality Manager and IBM Rational Collaborative Lifecycle Management 5.0 through 5.0.2 and 6.0 through 6.0.5 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 131764. 2018-07-03 not yet calculated CVE-2017-1564
XF
CONFIRMibm -- quality_manager_and_rational_collaborative_lifecycle_management IBM Rational Quality Manager and IBM Rational Collaborative Lifecycle Management 5.0 through 5.0.2 and 6.0 through 6.0.5 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 125729. 2018-07-03 not yet calculated CVE-2017-1317
XF
CONFIRMibm -- quality_manager_and_rational_collaborative_lifecycle_management IBM Rational Quality Manager and IBM Rational Collaborative Lifecycle Management 5.0 through 5.0.2 and 6.0 through 6.0.5 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 134065. 2018-07-03 not yet calculated CVE-2017-1690
XF
CONFIRMibm -- quality_manager_and_rational_collaborative_lifecycle_management IBM Rational Quality Manager and IBM Rational Collaborative Lifecycle Management 5.0 through 5.0.2 and 6.0 through 6.0.5 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 125724. 2018-07-03 not yet calculated CVE-2017-1313
XF
CONFIRMibm -- quality_manager_and_rational_collaborative_lifecycle_management IBM Rational Quality Manager and IBM Rational Collaborative Lifecycle Management 5.0 through 5.0.2 and 6.0 through 6.0.5 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 125155. 2018-07-03 not yet calculated CVE-2017-1294
XF
CONFIRMibm -- quality_manager_and_rational_collaborative_lifecycle_management IBM Rational Quality Manager and IBM Rational Collaborative Lifecycle Management 5.0 through 5.0.2 and 6.0 through 6.0.5 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 133263. 2018-07-03 not yet calculated CVE-2017-1652
XF
CONFIRMibm -- quality_manager_and_rational_collaborative_lifecycle_management IBM Rational Quality Manager and IBM Rational Collaborative Lifecycle Management 5.0 through 5.0.2 and 6.0 through 6.0.5 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 125154. 2018-07-03 not yet calculated CVE-2017-1293
XF
CONFIRMibm -- quality_manager_and_rational_collaborative_lifecycle_management IBM Rational Quality Manager and IBM Rational Collaborative Lifecycle Management 5.0 through 5.0.2 and 6.0 through 6.0.5 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force 124630. 2018-07-03 not yet calculated CVE-2017-1250
XF
CONFIRMibm -- quality_manager_and_rational_collaborative_lifecycle_management IBM Rational Quality Manager and IBM Rational Collaborative Lifecycle Management 5.0 through 5.0.2 and 6.0 through 6.0.5 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 124759. 2018-07-03 not yet calculated CVE-2017-1281
XF
CONFIRMibm -- quality_manager_and_rational_collaborative_lifecycle_management IBM Rational Quality Manager and IBM Rational Collaborative Lifecycle Management 5.0 through 5.0.2 and 6.0 through 6.0.5 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 132928. 2018-07-03 not yet calculated CVE-2017-1608
XF
CONFIRMibm -- quality_manager_and_rational_collaborative_lifecycle_management IBM Rational Quality Manager and IBM Rational Collaborative Lifecycle Management 5.0 through 5.0.2 and 6.0 through 6.0.5 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 124750. 2018-07-03 not yet calculated CVE-2017-1275
XF
CONFIRMibm -- quality_manager_and_rational_collaborative_lifecycle_management IBM Rational Quality Manager and IBM Rational Collaborative Lifecycle Management 5.0 through 5.0.2 and 6.0 through 6.0.5 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 125460. 2018-07-03 not yet calculated CVE-2017-1306
XF
CONFIRMibm -- quality_manager_and_rational_collaborative_lifecycle_management IBM Rational Quality Manager and IBM Rational Collaborative Lifecycle Management 5.0 through 5.0.2 and 6.0 through 6.0.5 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 133261. 2018-07-03 not yet calculated CVE-2017-1651
XF
CONFIRMibm -- quality_manager_and_rational_collaborative_lifecycle_management IBM Rational Quality Manager and IBM Rational Collaborative Lifecycle Management 5.0 through 5.0.2 and 6.0 through 6.0.5 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 125728. 2018-07-03 not yet calculated CVE-2017-1316
XF
CONFIRMibm -- quality_manager_and_rational_collaborative_lifecycle_management IBM Rational Quality Manager and IBM Rational Collaborative Lifecycle Management 5.0 through 5.0.2 and 6.0 through 6.0.5 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 124758. 2018-07-03 not yet calculated CVE-2017-1280
XF
CONFIRMibm -- quality_manager_and_rational_collaborative_lifecycle_management IBM Rational Quality Manager and IBM Rational Collaborative Lifecycle Management 5.0 through 5.0.2 and 6.0 through 6.0.5 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 125727. 2018-07-03 not yet calculated CVE-2017-1315
XF
CONFIRMibm -- quality_manager_and_rational_collaborative_lifecycle_management IBM Rational Quality Manager and IBM Rational Collaborative Lifecycle Management 5.0 through 5.0.2 and 6.0 through 6.0.5 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 134796. 2018-07-03 not yet calculated CVE-2017-1717
XF
CONFIRMibm -- quality_manager_and_rational_collaborative_lifecycle_management IBM Rational Quality Manager and IBM Rational Collaborative Lifecycle Management 5.0 through 5.0.2 and 6.0 through 6.0.5 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 133088. 2018-07-03 not yet calculated CVE-2017-1621
XF
CONFIRMibm -- quality_manager_and_rational_collaborative_lifecycle_management IBM Rational Quality Manager and IBM Rational Collaborative Lifecycle Management 5.0 through 5.0.2 and 6.0 through 6.0.5 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 125723. 2018-07-03 not yet calculated CVE-2017-1312
XF
CONFIRMibm -- quality_manager_and_rational_collaborative_lifecycle_management IBM Rational Quality Manager and IBM Rational Collaborative Lifecycle Management 5.0 through 5.0.2 and 6.0 through 6.0.5 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 131761. 2018-07-03 not yet calculated CVE-2017-1562
XF
CONFIRMibm -- quality_manager_and_rational_collaborative_lifecycle_management IBM Rational Quality Manager and IBM Rational Collaborative Lifecycle Management 5.0 through 5.0.2 and 6.0 through 6.0.5 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 134637. 2018-07-03 not yet calculated CVE-2017-1715
XF
CONFIRMibm -- quality_manager_and_rational_collaborative_lifecycle_management IBM Rational Quality Manager and IBM Rational Collaborative Lifecycle Management 5.0 through 5.0.2 and 6.0 through 6.0.5 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 125725. 2018-07-03 not yet calculated CVE-2017-1314
XF
CONFIRMibm -- rational_products Multiple IBM Rational products could disclose sensitive information by an attacker that intercepts vulnerable requests. IBM X-Force ID: 131758. 2018-07-06 not yet calculated CVE-2017-1559
XF
CONFIRMibm -- websphere_application_server IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 could allow a local attacker to obtain clear text password in a trace file caused by improper handling of some datasource custom properties. IBM X-Force ID: 144346. 2018-07-06 not yet calculated CVE-2018-1621
CONFIRM
SECTRACK
XFibm -- websphere_mq IBM WebSphere MQ 7.5, 8.0, and 9.0 through 9.0.4 could allow a local user to obtain highly sensitive information via trace logs in IBM WebSphere MQ Managed File Transfer. IBM X-Force ID: 137042. 2018-07-06 not yet calculated CVE-2017-1795
CONFIRM
XFimagemagick -- imagemagick
In ImageMagick 7.0.8-4, there is a memory leak in the XMagickCommand function in MagickCore/animate.c. 2018-07-04 not yet calculated CVE-2018-13153
SECTRACK
CONFIRMintex -- n150_devices An issue was discovered on Intex N150 devices. The backup/restore option does not check the file extension uploaded for importing a configuration files backup, which can lead to corrupting the router firmware settings or even the uploading of malicious files. In order to exploit the vulnerability, an attacker can upload any malicious file and force reboot the router with it. 2018-07-02 not yet calculated CVE-2018-12528
MISC
EXPLOIT-DBintex -- n150_devices
An issue was discovered on Intex N150 devices. The router firmware suffers from multiple CSRF injection point vulnerabilities including changing user passwords and router settings. 2018-07-02 not yet calculated CVE-2018-12529
MISC
EXPLOIT-DBinvoiceplane -- invoiceplane An XSS issue was discovered in InvoicePlane 1.5.10 via the "Quote PDF Password(Optional)" field. 2018-07-03 not yet calculated CVE-2018-12255
MISC
MISCj2_innovations -- fin_stack
In J2 Innovations FIN Stack 4.0, the authentication webform is vulnerable to reflected XSS via the query string to /auth/ariosa/login. 2018-07-05 not yet calculated CVE-2017-11175
MISCjirafeau -- jirafeau A CSRF issue was discovered in Jirafeau before 3.4.1. The "delete file" feature on the admin panel is not protected against automated requests and could be abused. 2018-07-06 not yet calculated CVE-2018-13407
MISCjirafeau -- jirafeau script.php in Jirafeau before 3.4.1 is affected by two stored Cross-Site Scripting (XSS) vulnerabilities. These are stored within the shared files description file and allow the execution of a JavaScript payload each time an administrator searches or lists uploaded files. These two injections could be triggered without authentication, and target the administrator. The attack vectors are the Content-Type field and the filename parameter. 2018-07-07 not yet calculated CVE-2018-11351
MISCjirafeau -- jirafeau An issue was discovered in Jirafeau before 3.4.1. The "search file by hash" form is affected by reflected XSS that could allow, by targeting an administrator, stealing a session and gaining administrative privileges. 2018-07-06 not yet calculated CVE-2018-13409
MISCjirafeau -- jirafeau An issue was discovered in Jirafeau before 3.4.1. The "search file by link" form is affected by reflected XSS that could allow, by targeting an administrator, stealing a session and gaining administrative privileges. 2018-07-06 not yet calculated CVE-2018-13408
MISCjirafeau -- jirafeau The administration panel of Jirafeau before 3.4.1 is vulnerable to three CSRF attacks on search functionalities: search_by_name, search_by_hash, and search_link. 2018-07-07 not yet calculated CVE-2018-11349
MISCjirafeau -- jirafeau
An issue was discovered in Jirafeau before 3.4.1. The file "search by name" form is affected by one Cross-Site Scripting vulnerability via the name parameter. 2018-07-07 not yet calculated CVE-2018-11350
MISCjpeg-compressor -- jpeg-compressor
An issue was discovered in jpeg-compressor 0.1. The bmp_load function in stb_image.c allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact. 2018-07-01 not yet calculated CVE-2018-13037
MISC
MISClibming -- libming
libming 0.4.8 has a NULL pointer dereference in the getString function of the decompile.c file, related to decompileSTRINGCONCAT. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted swf file. 2018-07-05 not yet calculated CVE-2018-13250
MISClibming -- libming
In libming 0.4.8, there is an excessive memory allocation attempt in the readBytes function of the util/read.c file, related to parseSWF_DEFINEBITSJPEG2. Remote attackers could leverage this vulnerability to cause a denial-of-service via a crafted swf file. 2018-07-05 not yet calculated CVE-2018-13251
MISClibming -- libming
There is a memory leak in util/parser.c in libming 0.4.8, which will lead to a denial of service via parseSWF_DEFINEBUTTON2, parseSWF_DEFINEFONT, parseSWF_DEFINEFONTINFO, parseSWF_DEFINELOSSLESS, parseSWF_DEFINESPRITE, parseSWF_DEFINETEXT, parseSWF_DOACTION, parseSWF_FILLSTYLEARRAY, parseSWF_FRAMELABEL, parseSWF_LINESTYLEARRAY, parseSWF_PLACEOBJECT2, or parseSWF_SHAPEWITHSTYLE. 2018-07-02 not yet calculated CVE-2018-13066
MISClibsndfile -- libsndfile An issue has been found in libsndfile 1.0.28. There is a memory leak in psf_allocate in common.c, as demonstrated by sndfile-convert. 2018-07-07 not yet calculated CVE-2018-13419
MISClibsndfile -- libsndfile
A stack-based buffer overflow in psf_memset in common.c in libsndfile 1.0.28 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted audio file. The vulnerability can be triggered by the executable sndfile-deinterleave. 2018-07-04 not yet calculated CVE-2018-13139
MISClibsoup -- libsoup
soup_cookie_jar_get_cookies in soup-cookie-jar.c in libsoup allows attackers to have unspecified impact via an empty hostname. 2018-07-05 not yet calculated CVE-2018-12910
CONFIRM
MLIST
FEDORA
UBUNTU
DEBIANlinux -- linux_kernel An issue was discovered in fs/f2fs/super.c in the Linux kernel through 4.17.3. A denial of service (out-of-bounds memory access and BUG) can occur upon encountering an abnormal bitmap size when mounting a crafted f2fs image. 2018-07-03 not yet calculated CVE-2018-13096
MISC
MISClinux -- linux_kernel An issue was discovered in fs/f2fs/super.c in the Linux kernel through 4.17.3, which does not properly validate secs_per_zone in a corrupted f2fs image, as demonstrated by a divide-by-zero error. 2018-07-03 not yet calculated CVE-2018-13100
BID
MISC
MISClinux -- linux_kernel The inode_init_owner function in fs/inode.c in the Linux kernel through 4.17.4 allows local users to create files with an unintended group ownership, in a scenario where a directory is SGID to a certain group and is writable by a user who is not a member of that group. Here, the non-member can trigger creation of a plain file whose group ownership is that group. The intended behavior was that the non-member can trigger creation of a directory (but not a plain file) whose group ownership is that group. 2018-07-06 not yet calculated CVE-2018-13405
MISC
MISC
MISClinux -- linux_kernel An issue was discovered in fs/xfs/libxfs/xfs_attr_leaf.c in the Linux kernel through 4.17.3. An OOPS may occur for a corrupted xfs image after xfs_da_shrink_inode() is called with a NULL bp. 2018-07-03 not yet calculated CVE-2018-13094
MISC
MISC
MISClinux -- linux_kernel The alarm_timer_nsleep function in kernel/time/alarmtimer.c in the Linux kernel through 4.17.3 has an integer overflow via a large relative timeout because ktime_add_safe is not used. 2018-07-02 not yet calculated CVE-2018-13053
BID
MISC
MISClinux -- linux_kernel An issue was discovered in fs/f2fs/inline.c in the Linux kernel through 4.17.3. A denial of service (out-of-bounds memory access and BUG) can occur for a modified f2fs filesystem image in which an inline inode contains an invalid reserved blkaddr. 2018-07-03 not yet calculated CVE-2018-13099
BID
MISC
MISC
MISClinux -- linux_kernel An issue was discovered in fs/xfs/libxfs/xfs_inode_buf.c in the Linux kernel through 4.17.3. A denial of service (memory corruption and BUG) can occur for a corrupted xfs image upon encountering an inode that is in extent format, but has more extents than fit in the inode fork. 2018-07-03 not yet calculated CVE-2018-13095
MISC
MISC
MISClinux -- linux_kernel An issue was discovered in fs/xfs/xfs_icache.c in the Linux kernel through 4.17.3. There is a NULL pointer dereference and panic in lookup_slow() on a NULL inode->i_ops pointer when doing pathwalks on a corrupted xfs image. This occurs because of a lack of proper validation that cached inodes are free during allocation. 2018-07-03 not yet calculated CVE-2018-13093
MISC
MISC
MISClinux -- linux_kernel An issue was discovered in fs/f2fs/super.c in the Linux kernel through 4.17.3. There is an out-of-bounds read or a divide-by-zero error for an incorrect user_block_count in a corrupted f2fs image, leading to a denial of service (BUG). 2018-07-03 not yet calculated CVE-2018-13097
MISC
MISClinux -- linux_kernel An integer overflow in the uvesafb_setcmap function in drivers/video/fbdev/uvesafb.c in the Linux kernel before 4.17.4 could result in local attackers being able to crash the kernel or potentially elevate privileges because kmalloc_array is not used. 2018-07-06 not yet calculated CVE-2018-13406
MISC
MISC
MISClinux -- linux_kernel An issue was discovered in the Linux kernel through 4.17.3. An Integer Overflow in kernel/time/posix-timers.c in the POSIX timer code is caused by the way the overrun accounting works. Depending on interval and expiry time values, the overrun can be larger than INT_MAX, but the accounting is int based. This basically makes the accounting values, which are visible to user space via timer_getoverrun(2) and siginfo::si_overrun, random. For example, a local user can cause a denial of service (signed integer overflow) via crafted mmap, futex, timer_create, and timer_settime system calls. 2018-07-02 not yet calculated CVE-2018-12896
MISC
MISC
MISClinux -- linux_kernel An issue was discovered in fs/f2fs/inode.c in the Linux kernel through 4.17.3. A denial of service (slab out-of-bounds read and BUG) can occur for a modified f2fs filesystem image in which FI_EXTRA_ATTR is set in an inode. 2018-07-03 not yet calculated CVE-2018-13098
MISC
MISCmedtronic -- 2090_carelink_programmer Medtronic 2090 CareLink Programmer all versions The affected product uses a virtual private network connection to securely download updates. The product does not verify it is still connected to this virtual private network before downloading updates. An attacker with local network access to the programmer could influence these communications. 2018-07-02 not yet calculated CVE-2018-10596
MISCmedtronic -- mycarelink_patient_monitor_and_mycarelink_monitor Medtronic MyCareLink Patient Monitor, 24950 MyCareLink Monitor, all versions, and 24952 MyCareLink Monitor, all versions, contains debug code meant to test the functionality of the monitor's communication interfaces, including the interface between the monitor and implantable cardiac device. An attacker with physical access to the device can apply the other vulnerabilities within this advisory to access this debug functionality. This debug functionality provides the ability to read and write arbitrary memory values to implantable cardiac devices via inductive or short range wireless protocols. An attacker with close physical proximity to a target implantable cardiac device can use this debug functionality. 2018-07-02 not yet calculated CVE-2018-8868
MISCmedtronic -- mycarelink_patient_monitor_and_mycarelink_monitor Medtronic MyCareLink Patient Monitor, 24950 MyCareLink Monitor, all versions, and 24952 MyCareLink Monitor, all versions contains a hard-coded operating system password. An attacker with physical access can remove the case of the device, connect to the debug port, and use the password to gain privileged access to the operating system. 2018-07-02 not yet calculated CVE-2018-8870
MISCmemjs -- memjs `memjs` versions <= 1.1.0 allocates and stores buffers on typed input, resulting in DoS and uninitialized memory usage. 2018-07-05 not yet calculated CVE-2018-3767
MISCmercurial -- mercurial The mpatch_decode function in mpatch.c in Mercurial before 4.6.1 mishandles certain situations where there should be at least 12 bytes remaining after the current position in the patch data, but actually are not, aka OVE-20180430-0001. 2018-07-05 not yet calculated CVE-2018-13348
MISC
MISCmercurial -- mercurial
mpatch.c in Mercurial before 4.6.1 mishandles integer addition and subtraction, aka OVE-20180430-0002. 2018-07-05 not yet calculated CVE-2018-13347
MISC
MISC
MISCmercurial -- mercurial
The mpatch_apply function in mpatch.c in Mercurial before 4.6.1 incorrectly proceeds in cases where the fragment start is past the end of the original data, aka OVE-20180430-0004. 2018-07-05 not yet calculated CVE-2018-13346
MISC
MISCmerge-objects -- merge-objects The utilities function in all versions <= 1.0.0 of the merge-objects node module can be tricked into modifying the prototype of Object when the attacker can control part of the structure passed to this function. This can let an attacker add or modify existing properties that will exist on all objects. 2018-07-03 not yet calculated CVE-2018-3753
MISCmerge-options -- merge-options
The utilities function in all versions <= 1.0.0 of the merge-options node module can be tricked into modifying the prototype of Object when the attacker can control part of the structure passed to this function. This can let an attacker add or modify existing properties that will exist on all objects. 2018-07-03 not yet calculated CVE-2018-3752
MISCmerge-recursive -- merge-recursive The utilities function in all versions <= 0.3.0 of the merge-recursive node module can be tricked into modifying the prototype of Object when the attacker can control part of the structure passed to this function. This can let an attacker add or modify existing properties that will exist on all objects. 2018-07-03 not yet calculated CVE-2018-3751
MISCmicrosoft -- forefront_unified_access_gateway uniquesig0/InternalSite/InitParams.aspx in Microsoft Forefront Unified Access Gateway 2010 allows remote attackers to trigger outbound DNS queries for arbitrary hosts via a comma-separated list of URLs in the orig_url parameter, possibly causing a traffic amplification and/or SSRF outcome. 2018-07-05 not yet calculated CVE-2018-12571
MISC
FULLDISC
FULLDISC
SECTRACKmongodb -- skyring_database The skyring-setup command creates random password for mongodb skyring database but it writes password in plain text to /etc/skyring/skyring.conf file which is owned by root but read by local user. Any local user who has access to system running skyring service will be able to get password in plain text. 2018-07-06 not yet calculated CVE-2017-2665
BID
CONFIRMmotorola -- mbp853_firmware The Motorola MBP853 firmware does not correctly validate server certificates. This allows for a Man in The Middle (MiTM) attack to take place between a Motorola MBP853 camera and the servers it communicates with. In one such instance, it was identified that the device was downloading what appeared to be a client certificate. 2018-07-02 not yet calculated CVE-2018-12499
MISCnaver -- whale_browser
Whale Browser before 1.0.41.8 displays no URL information but only a title of a web page on the browser's address bar when visiting a blank page, which allows an attacker to display a malicious web page with a fake domain name. 2018-07-03 not yet calculated CVE-2018-7635
MISCnextcloud -- calendar In Nextcloud Calendar before 1.5.8 and 1.6.1, a missing sanitization of search results for an autocomplete field could lead to a stored XSS requiring user-interaction. The missing sanitization only affected group names, hence malicious search results could only be crafted by privileged users like admins or group admins. 2018-07-05 not yet calculated CVE-2018-3763
CONFIRMnextcloud -- contacts In Nextcloud Contacts before 2.1.2, a missing sanitization of search results for an autocomplete field could lead to a stored XSS requiring user-interaction. The missing sanitization only affected group names, hence malicious search results could only be crafted by privileged users like admins or group admins. 2018-07-05 not yet calculated CVE-2018-3764
CONFIRMnextcloud -- server Nextcloud Server before 12.0.8 and 13.0.3 suffer from improper authentication on the OAuth2 token endpoint. Missing checks potentially allowed handing out new tokens in case the OAuth2 client was partly compromised. 2018-07-05 not yet calculated CVE-2018-3761
MISC
CONFIRMnextcloud -- server Nextcloud Server before 12.0.8 and 13.0.3 suffers from improper checks of dropped permissions for incoming shares allowing a user to still request previews for files it should not have access to. 2018-07-05 not yet calculated CVE-2018-3762
MISC
CONFIRMntopng -- ntopng An issue was discovered in ntopng 3.4 before 3.4.180617. The PRNG involved in the generation of session IDs is not seeded at program startup. This results in deterministic session IDs being allocated for active user sessions. An attacker with foreknowledge of the operating system and standard library in use by the host running the service and the username of the user whose session they're targeting can abuse the deterministic random number generation in order to hijack the user's session, thus escalating their access. 2018-07-05 not yet calculated CVE-2018-12520
FULLDISC
MISC
CONFIRM
EXPLOIT-DBomeka -- omeka admin/themes/default/items/tag-form.php in Omeka before 2.6.1 allows XSS by adding or editing a tag. 2018-07-07 not yet calculated CVE-2018-13423
MISC
MISConefilecms -- onefilecms
onefilecms.php in OneFileCMS through 2017-10-08 might allow attackers to delete arbitrary files via the Delete File(s) screen, as demonstrated by a ?i=var/www/html/&f=123.php&p=edit&p=deletefile URI. 2018-07-03 not yet calculated CVE-2018-13122
MISConefilecms -- onefilecms
onefilecms.php in OneFileCMS through 2017-10-08 might allow attackers to read arbitrary files via the i and f parameters, as demonstrated by ?i=etc/&f=passwd&p=raw_view for the /etc/passwd file. 2018-07-03 not yet calculated CVE-2018-13123
MISConos -- onos
Time-of-check to time-of-use (TOCTOU) race condition in org.onosproject.acl (aka the access control application) in ONOS v1.13 and earlier allows attackers to bypass network access control via data plane packet injection. 2018-07-05 not yet calculated CVE-2018-12691
CONFIRM
CONFIRMopen-xchange -- ox_app_suite Open-Xchange OX App Suite before 7.6.3-rev37, 7.8.x before 7.8.2-rev40, 7.8.3 before 7.8.3-rev48, and 7.8.4 before 7.8.4-rev28 include folder names in API error responses, which allows remote attackers to obtain sensitive information via the folder parameter in an "all" action to api/tasks. 2018-07-05 not yet calculated CVE-2018-9998
FULLDISC
SECTRACKopen-xchange -- ox_app_suite Cross-site scripting (XSS) vulnerability in mail compose in Open-Xchange OX App Suite before 7.6.3-rev31, 7.8.x before 7.8.2-rev31, 7.8.3 before 7.8.3-rev41, and 7.8.4 before 7.8.4-rev28 allows remote attackers to inject arbitrary web script or HTML via the data-target attribute in an HTML page with data-toggle gadgets. 2018-07-05 not yet calculated CVE-2018-9997
FULLDISC
SECTRACKopencart -- opencart
/upload/catalog/controller/account/password.php in OpenCart through 3.0.2.0 has CSRF via the index.php?route=account/password URI to change a user's password. 2018-07-02 not yet calculated CVE-2018-13067
MISCopenshift -- container_platform source-to-image component of Openshift Container Platform before versions atomic-openshift 3.7.53, atomic-openshift 3.9.31 is vulnerable to a privilege escalation which allows the assemble script to run as the root user in a non-privileged container. An attacker can use this flaw to open network connections, and possibly other actions, on the host which are normally only available to a root user. 2018-07-02 not yet calculated CVE-2018-10843
REDHAT
CONFIRMopensid -- opensid OpenSID 18.06-pasca has a CSRF vulnerability. This vulnerability can add an account (at the admin level) via the index.php/man_user/insert URI. 2018-07-01 not yet calculated CVE-2018-13040
MISCopensid -- opensid OpenSID 18.06-pasca has reflected Cross Site Scripting (XSS) via the cari parameter, aka an index.php/first?cari= URI. 2018-07-01 not yet calculated CVE-2018-13039
MISCopensid -- opensid
OpenSID 18.06-pasca has an Unrestricted File Upload vulnerability via an Attachment Document in the article feature. This vulnerability leads to uploading arbitrary PHP code via a .php filename with the application/pdf Content-Type. 2018-07-01 not yet calculated CVE-2018-13038
MISCopmantek -- open-audit_community
Cross-site scripting (XSS) vulnerability in Attributes functionality in Open-AudIT Community edition before 2.2.2 allows remote attackers to inject arbitrary web script or HTML via a crafted attribute name of an Attribute. 2018-07-06 not yet calculated CVE-2018-11124
MISCpaessler -- prtg_network_monitor
An issue was discovered in PRTG Network Monitor before 18.2.39. An attacker who has access to the PRTG System Administrator web console with administrative privileges can exploit an OS command injection vulnerability (both on the server and on devices) by sending malformed parameters in sensor or notification management scenarios. 2018-07-02 not yet calculated CVE-2018-9276
MISC
BUGTRAQpan-os -- pan-os The PAN-OS management web interface page in PAN-OS 6.1.20 and earlier, PAN-OS 7.1.16 and earlier, PAN-OS 8.0.8 and earlier, and PAN-OS 8.1.0 may allow an attacker to access the GlobalProtect password hashes of local users via manipulation of the HTML markup. 2018-07-03 not yet calculated CVE-2018-9334
CONFIRMpan-os -- pan-os The URL filtering "continue page" hosted by PAN-OS 8.0.10 and earlier may allow an attacker to inject arbitrary JavaScript or HTML via specially crafted URLs. 2018-07-03 not yet calculated CVE-2018-7636
SECTRACK
CONFIRMpan-os -- pan-os The PAN-OS management web interface page in PAN-OS 6.1.20 and earlier, PAN-OS 7.1.16 and earlier, PAN-OS 8.0.9 and earlier may allow an attacker to delete files in the system via specific request parameters. 2018-07-03 not yet calculated CVE-2018-9242
CONFIRMpan-os -- pan-os
The PAN-OS session browser in PAN-OS 6.1.20 and earlier, PAN-OS 7.1.16 and earlier, PAN-OS 8.0.9 and earlier, and PAN-OS 8.1.1 and earlier may allow an attacker to inject arbitrary JavaScript or HTML. 2018-07-03 not yet calculated CVE-2018-9335
BID
CONFIRMpan-os -- pan-os
The PAN-OS web interface administration page in PAN-OS 6.1.20 and earlier, PAN-OS 7.1.17 and earlier, PAN-OS 8.0.10 and earlier, and PAN-OS 8.1.1 and earlier may allow an attacker to inject arbitrary JavaScript or HTML. 2018-07-03 not yet calculated CVE-2018-9337
BID
CONFIRMpodman -- podman
It has been discovered that podman before version 0.6.1 does not drop capabilities when executing a container as a non-root user. This results in unnecessary privileges being granted to the container. 2018-07-02 not yet calculated CVE-2018-10856
REDHAT
CONFIRM
CONFIRMpublic -- public The public node module versions <= 1.0.3 allows to embed HTML in file names, which (in certain conditions) might lead to execute malicious JavaScript. 2018-07-03 not yet calculated CVE-2018-3747
MISCpuppet -- discovery In Puppet Discovery prior to 1.2.0, when running Discovery against Windows hosts, WinRM connections can fall back to using basic auth over insecure channels if a HTTPS server is not available. This can expose the login credentials being used by Puppet Discovery. 2018-07-03 not yet calculated CVE-2018-11746
CONFIRMqemu -- qemu
Quick emulator (QEMU) built with the Cirrus CLGD 54xx VGA emulator support is vulnerable to an out-of-bounds access issue. It could occur while copying VGA data via bitblt copy in backward mode. A privileged user inside a guest could use this flaw to crash the QEMU process resulting in DoS or potentially execute arbitrary code on the host with privileges of QEMU process on the host. 2018-07-02 not yet calculated CVE-2017-2615
REDHAT
REDHAT
REDHAT
REDHAT
REDHAT
REDHAT
REDHAT
REDHAT
REDHAT
REDHAT
REDHAT
REDHAT
MLIST
BID
SECTRACK
CONFIRM
MLIST
GENTOO
GENTOO
CONFIRMqualcomm -- android
The Touch Pal application can collect user behavior data without awareness by the user in Snapdragon Mobile and Snapdragon Wear. 2018-07-06 not yet calculated CVE-2018-5892
CONFIRMqualcomm -- android Possible buffer overflow in msm_adsp_stream_callback_put due to lack of input validation of user-provided data that leads to integer overflow in all Android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the Linux kernel. 2018-07-06 not yet calculated CVE-2018-5907 qualcomm -- android Integer overflow can occur in msm_pcm_adsp_stream_cmd_put() function if the user supplied data "param_length" goes beyond certain limit in Android releases from CAF using the linux kernel (Android for MSM, Firefox OS for MSM, QRD Android) before security patch level 2018-06-05. 2018-07-06 not yet calculated CVE-2018-5898
CONFIRMqualcomm -- android In __wlan_hdd_cfg80211_vendor_scan() in all Android releases from CAF using the Linux kernel (Android for MSM, Firefox OS for MSM, QRD Android) before security patch level 2018-07-05, when SCAN_SSIDS and QCA_WLAN_VENDOR_ATTR_SCAN_FREQUENCIES are parsed, a buffer overwrite can potentially occur. 2018-07-06 not yet calculated CVE-2018-5862
CONFIRM
CONFIRM
CONFIRMqualcomm -- android A race condition exists in a driver in all Android releases from CAF using the Linux kernel (Android for MSM, Firefox OS for MSM, QRD Android) before security patch level 2018-05-05 potentially leading to a use-after-free condition. 2018-07-06 not yet calculated CVE-2018-5853
CONFIRM
CONFIRM
CONFIRMqualcomm -- android While loading dynamic fonts, a buffer overflow may occur if the number of segments in the font file is out of range in Snapdragon Mobile and Snapdragon Wear. 2018-07-06 not yet calculated CVE-2018-5885
CONFIRMqualcomm -- android In the KGSL driver in Android releases from CAF using the linux kernel (Android for MSM, Firefox OS for MSM, QRD Android) before security patch level 2018-06-05, a reference counting error can lead to a Use After Free condition. 2018-07-06 not yet calculated CVE-2018-5831
CONFIRM
CONFIRM
CONFIRMqualcomm -- android
Permissions, Privileges, and Access Controls in TA in Snapdragon Mobile has an options that allows RPMB erase for secure devices in versions SD 210/SD 212/SD 205, SD 845, SD 850. 2018-07-06 not yet calculated CVE-2018-11257
CONFIRMqualcomm -- android
Improper Input Validation in Linux io-prefetch in Snapdragon Mobile and Snapdragon Wear, A SQL injection vulnerability exists in versions MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 430, SD 450, SD 617, SD 625, SD 650/52, SD 820, SD 835, SD 845. 2018-07-06 not yet calculated CVE-2017-11088
CONFIRMqualcomm -- android While processing the USB StrSerialDescriptor array, an array index out of bounds can occur in Android releases from CAF using the linux kernel (Android for MSM, Firefox OS for MSM, QRD Android) before security patch level 2018-06-05. 2018-07-06 not yet calculated CVE-2018-5887
CONFIRM
CONFIRMqualcomm -- android While padding or shrinking a nested wmi packet in all Android releases from CAF using the Linux kernel (Android for MSM, Firefox OS for MSM, QRD Android) before security patch level 2018-07-05, a buffer over-read can potentially occur. 2018-07-06 not yet calculated CVE-2018-5855
CONFIRM
CONFIRM
CONFIRMqualcomm -- android While processing fragments, when the fragment count becomes very large, an integer overflow leading to a buffer overflow can occur in Android releases from CAF using the linux kernel (Android for MSM, Firefox OS for MSM, QRD Android) before security patch level 2018-06-05. 2018-07-06 not yet calculated CVE-2018-3577
CONFIRM
CONFIRM
CONFIRMqualcomm -- android An integer overflow to buffer overflow vulnerability exists in the ADSPRPC heap manager in all Android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the Linux kernel. 2018-07-06 not yet calculated CVE-2018-3586
MISCqualcomm -- android In wma_nan_rsp_event_handler() in Android releases from CAF using the linux kernel (Android for MSM, Firefox OS for MSM, QRD Android) before security patch level 2018-06-05, the data_len value is received from firmware and not properly validated which could potentially lead to an out-of-bounds access. 2018-07-06 not yet calculated CVE-2018-5836
CONFIRM
CONFIRM
CONFIRMqualcomm -- android If the seq_len is greater then CSR_MAX_RSC_LEN, a buffer overflow in __wlan_hdd_cfg80211_add_key() may occur when copying keyRSC in Android releases from CAF using the linux kernel (Android for MSM, Firefox OS for MSM, QRD Android) before security patch level 2018-06-05. 2018-07-06 not yet calculated CVE-2018-5835
CONFIRM
CONFIRM
CONFIRMqualcomm -- android In the audio debugfs in all Android releases from CAF using the Linux kernel (Android for MSM, Firefox OS for MSM, QRD Android) before security patch level 2018-07-05, out of bounds access can occur. 2018-07-06 not yet calculated CVE-2018-5858
CONFIRM
CONFIRM
CONFIRM
CONFIRMqualcomm -- android Due to a race condition in the MDSS MDP driver in all Android releases from CAF using the Linux kernel (Android for MSM, Firefox OS for MSM, QRD Android) before security patch level 2018-07-05, a Use After Free condition can occur. 2018-07-06 not yet calculated CVE-2018-5859
CONFIRM
CONFIRM
CONFIRMqualcomm -- android In the ADSP RPC driver in Android releases from CAF using the linux kernel (Android for MSM, Firefox OS for MSM, QRD Android) before security patch level 2018-06-05, an arbitrary kernel write can occur. 2018-07-06 not yet calculated CVE-2018-3597
CONFIRM
CONFIRMqualcomm -- android Due to a race condition while processing the power stats debug file to read status, a double free condition can occur in Android releases from CAF using the linux kernel (Android for MSM, Firefox OS for MSM, QRD Android) before security patch level 2018-06-05. 2018-07-06 not yet calculated CVE-2017-15856
CONFIRM
CONFIRM
CONFIRMqualcomm -- android In Android releases from CAF using the linux kernel (Android for MSM, Firefox OS for MSM, QRD Android) before security patch level 2018-06-05, kernel panic may happen due to out-of-bound read, caused by not checking source buffer length against length of packet stream to be copied. 2018-07-06 not yet calculated CVE-2018-5896
CONFIRMqualcomm -- android
In ADSP RPC in Snapdragon Automobile, Snapdragon Mobile and Snapdragon Wear, a Use After Free condition can occur in versions MDM9206, MDM9607, MDM9650, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 425, SD 450, SD 615/16/SD 415, SD 625, SD 650/52, SD 820, SD 820A, SD 835, SD 845, SDX20. 2018-07-06 not yet calculated CVE-2018-11258
CONFIRMqualcomm -- android While parsing an mp4 file, a stack-based buffer overflow can occur in Snapdragon Automobile, Snapdragon Mobile and Snapdragon Wear. 2018-07-06 not yet calculated CVE-2018-5874
CONFIRMqualcomm -- android Due to a race condition in a camera driver ioctl handler in Android releases from CAF using the linux kernel (Android for MSM, Firefox OS for MSM, QRD Android) before security patch level 2018-06-05, a Use After Free condition can occur. 2018-07-06 not yet calculated CVE-2018-5832
CONFIRM
CONFIRMqualcomm -- android While processing a compressed kernel image, a buffer overflow can occur in Android releases from CAF using the linux kernel (Android for MSM, Firefox OS for MSM, QRD Android) before security patch level 2018-06-05. 2018-07-06 not yet calculated CVE-2018-5889
CONFIRM
CONFIRMqualcomm -- android
While parsing an mp4 file, an integer overflow leading to a buffer overflow can occur in Snapdragon Automobile, Snapdragon Mobile and Snapdragon Wear. 2018-07-06 not yet calculated CVE-2018-5875
CONFIRMqualcomm -- android While processing a debug log event from firmware in all Android releases from CAF using the Linux kernel (Android for MSM, Firefox OS for MSM, QRD Android) before security patch level 2018-07-05, an integer underflow and/or buffer over-read can occur. 2018-07-06 not yet calculated CVE-2018-5865
CONFIRM
CONFIRM
CONFIRMqualcomm -- android While processing a message from firmware in htt_t2h_msg_handler_fast() in Android releases from CAF using the linux kernel (Android for MSM, Firefox OS for MSM, QRD Android) before security patch level 2018-06-05, a buffer overwrite can occur. 2018-07-06 not yet calculated CVE-2018-5893
CONFIRM
CONFIRM
CONFIRMqualcomm -- android A pointer in an ADSPRPC command is not properly validated in all Android releases from CAF using the Linux kernel (Android for MSM, Firefox OS for MSM, QRD Android), which can lead to kernel memory being accessed. 2018-07-06 not yet calculated CVE-2018-5886
CONFIRM
CONFIRMqualcomm -- android
Due to Improper Access Control of NAND-based EFS in Snapdragon Automobile, Snapdragon Mobile and Snapdragon Wear, From fastboot on a NAND-based device, the EFS partition can be erased. Apps processor then has non-secure world full read/write access to the partition until the modem boots and configures the EFS partition addresses in its MPU partition. 2018-07-06 not yet calculated CVE-2018-11259
CONFIRMqualcomm -- android While processing a WMI_APFIND event in all Android releases from CAF using the Linux kernel (Android for MSM, Firefox OS for MSM, QRD Android) before security patch level 2018-07-05, a buffer over-read and information leak can potentially occur. 2018-07-06 not yet calculated CVE-2018-5864
CONFIRM
CONFIRM
CONFIRMqualcomm -- android While flashing meta image, a buffer over-read may potentially occur when the image size is smaller than the image header size or is smaller than the image header size + total image header entry in Android releases from CAF using the linux kernel (Android for MSM, Firefox OS for MSM, QRD Android) before security patch level 2018-06-05. 2018-07-06 not yet calculated CVE-2017-14893
CONFIRM
CONFIRMqualcomm -- android Improper Access Control in Multimedia in Snapdragon Mobile and Snapdragon Wear, Non-standard applications without permission may acquire permission of Qualcomm-specific proprietary intents. 2018-07-06 not yet calculated CVE-2018-5884
CONFIRMqualcomm -- android In the cpuidle driver in all Android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the Linux kernel, the list_for_each macro was not used correctly which could lead to an untrusted pointer dereference. 2018-07-06 not yet calculated CVE-2018-3570
MISC
MISCqualcomm -- android In the FastRPC driver in Android releases from CAF using the linux kernel (Android for MSM, Firefox OS for MSM, QRD Android) before security patch level 2018-06-05, a Use After Free condition can occur when mapping on the remote processor fails. 2018-07-06 not yet calculated CVE-2018-3564
CONFIRM
CONFIRM
CONFIRMqualcomm -- android While sending the response to a RIL_REQUEST_GET_SMSC_ADDRESS message, a buffer overflow can occur in Snapdragon Automobile, Snapdragon Mobile and Snapdragon Wear. 2018-07-06 not yet calculated CVE-2018-5878
CONFIRMqualcomm -- android While reading the data from buffer in dci_process_ctrl_status() there can be buffer over-read problem if the len is not checked correctly in Android releases from CAF using the linux kernel (Android for MSM, Firefox OS for MSM, QRD Android) before security patch level 2018-06-05. 2018-07-06 not yet calculated CVE-2018-5897
CONFIRMqualcomm -- android In __wlan_hdd_cfg80211_vendor_scan(), a buffer overwrite can potentially occur in Android releases from CAF using the linux kernel (Android for MSM, Firefox OS for MSM, QRD Android) before security patch level 2018-06-05. 2018-07-06 not yet calculated CVE-2018-5834
CONFIRM
CONFIRM
CONFIRMqualcomm -- android Buffer over-read may happen in wma_process_utf_event() due to improper buffer length validation before writing into param_buf->num_wow_packet_buffer in Android releases from CAF using the linux kernel (Android for MSM, Firefox OS for MSM, QRD Android) before security patch level 2018-06-05. 2018-07-06 not yet calculated CVE-2018-5895
CONFIRM
CONFIRMqualcomm -- android Possible buffer overflows and array out of bounds accesses in Android releases from CAF using the linux kernel (Android for MSM, Firefox OS for MSM, QRD Android) before security patch level 2018-06-05 while flashing images. 2018-07-06 not yet calculated CVE-2017-18158
CONFIRM
CONFIRMqualcomm -- android In Android releases from CAF using the linux kernel (Android for MSM, Firefox OS for MSM, QRD Android) before security patch level 2018-06-05, whenever TDLS connection is setup, we are freeing the netbuf in ol_tx_completion_handler and after that, we are accessing it in NBUF_UPDATE_TX_PKT_COUNT causing a use after free. 2018-07-06 not yet calculated CVE-2018-5899
CONFIRM
CONFIRMqualcomm -- android If the fdt_totalsize is reported as 0 for the current device tree, it bypasses an error check for a valid device tree in Android releases from CAF using the linux kernel (Android for MSM, Firefox OS for MSM, QRD Android) before security patch level 2018-06-05. 2018-07-06 not yet calculated CVE-2018-5890
CONFIRM
CONFIRMqualcomm -- android While parsing an mp4 file, a buffer overflow can occur in Snapdragon Automobile, Snapdragon Mobile and Snapdragon Wear. 2018-07-06 not yet calculated CVE-2018-5876
CONFIRMqualcomm -- android While processing the system path, an out of bounds access can occur in Android releases from CAF using the linux kernel (Android for MSM, Firefox OS for MSM, QRD Android) before security patch level 2018-06-05. 2018-07-06 not yet calculated CVE-2018-5888
CONFIRM
CONFIRMqualcomm -- android Lack of copy_from_user and information leak in function "msm_ois_subdev_do_ioctl, file msm_ois.c can lead to a camera crash in all Android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the Linux kernel 2018-07-06 not yet calculated CVE-2017-15851
MISC
MISCqualcomm -- android
While processing modem SSR after IMS is registered, the IMS data daemon is restarted but the ipc_dataHandle is no longer available. Consequently, the DPL thread frees the internal memory for dataDHandle but the local variable pointer is not updated which can lead to a Use After Free condition in Snapdragon Mobile and Snapdragon Wear. 2018-07-06 not yet calculated CVE-2018-5891
CONFIRMqualcomm -- android Improper Validation of Array Index in Multimedia While parsing an mp4 file in Snapdragon Automobile, Snapdragon Mobile and Snapdragon Wear, an out-of-bounds access can occur. 2018-07-06 not yet calculated CVE-2018-5894
CONFIRMqualcomm -- android
While parsing a Flac file with a corrupted comment block, a buffer over-read can occur in Snapdragon Automobile, Snapdragon Mobile and Snapdragon Wear. 2018-07-06 not yet calculated CVE-2018-5882
CONFIRMqualcomm -- android An issue was discovered in the __ns_get_path function in fs/nsfs.c in the Linux kernel before 4.11. Due to a race condition when accessing files, a Use After Free condition can occur. This also affects all Android releases from CAF using the Linux kernel (Android for MSM, Firefox OS for MSM, QRD Android) before security patch level 2018-07-05. 2018-07-06 not yet calculated CVE-2018-5873
CONFIRM
CONFIRM
CONFIRM
CONFIRM
CONFIRMqualcomm -- android In wlan_hdd_cfg80211_set_privacy_ibss() in Android releases from CAF using the linux kernel (Android for MSM, Firefox OS for MSM, QRD Android) before security patch level 2018-06-05, a buffer over-read can potentially occur. 2018-07-06 not yet calculated CVE-2018-5829
CONFIRM
CONFIRM
CONFIRMqualcomm -- android In Android releases from CAF using the linux kernel (Android for MSM, Firefox OS for MSM, QRD Android) before security patch level 2018-06-05, while processing a StrHwPlatform with length smaller than EFICHIPINFO_MAX_ID_LENGTH, an array out of bounds access may occur. 2018-07-06 not yet calculated CVE-2017-18159
CONFIRM
CONFIRM
CONFIRM
CONFIRM
CONFIRM
CONFIRM
CONFIRM
CONFIRM
CONFIRM
CONFIRMqualcomm -- android Possible buffer overflow in msm_adsp_stream_callback_put due to lack of input validation of user-provided data that leads to integer overflow in all Android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the Linux kernel. 2018-07-06 not yet calculated CVE-2018-11304 qualcomm -- android While processing the HTT_T2H_MSG_TYPE_MGMT_TX_COMPL_IND message, a buffer overflow can potentially occur in Android releases from CAF using the linux kernel (Android for MSM, Firefox OS for MSM, QRD Android) before security patch level 2018-06-05. 2018-07-06 not yet calculated CVE-2018-5830
CONFIRM
CONFIRM
CONFIRM
CONFIRMqualcomm -- android In Android releases from CAF using the linux kernel (Android for MSM, Firefox OS for MSM, QRD Android) before security patch level 2018-06-05, the function UpdateDeviceStatus() writes a local stack buffer without initialization to flash memory using WriteToPartition() which may potentially leak memory. 2018-07-06 not yet calculated CVE-2017-15824
CONFIRMqualcomm -- android In a firmware memory dump feature in all Android releases from CAF using the Linux kernel (Android for MSM, Firefox OS for MSM, QRD Android), a Use After Free condition can occur. 2018-07-06 not yet calculated CVE-2018-3587
CONFIRM
CONFIRM
CONFIRM
CONFIRMqualcomm -- android While parsing over-the-air information elements in all Android releases from CAF using the Linux kernel (Android for MSM, Firefox OS for MSM, QRD Android) before security patch level 2018-07-05, the use of an out-of-range pointer offset can occur. 2018-07-06 not yet calculated CVE-2018-5872
CONFIRM
CONFIRM
CONFIRMqualcomm -- android Improper Validation of Array Index In the adreno OpenGL driver in Snapdragon Automobile, Snapdragon Mobile and Snapdragon Wear, an out-of-bounds access can occur in SurfaceFlinger. 2018-07-06 not yet calculated CVE-2018-5838
CONFIRMqualcomm -- android A buffer over-read can occur during a fast initial link setup (FILS) connection in Android releases from CAF using the linux kernel (Android for MSM, Firefox OS for MSM, QRD Android) before security patch level 2018-06-05. 2018-07-06 not yet calculated CVE-2018-3569
CONFIRM
CONFIRM
CONFIRMqualcomm -- android
While flashing a meta image, a buffer over-read can potentially occur when the number of images are out of the maximum range of 32 in Android releases from CAF using the linux kernel (Android for MSM, Firefox OS for MSM, QRD Android) before security patch level 2018-06-05. 2018-07-06 not yet calculated CVE-2017-14872
CONFIRM
CONFIRMquery-mysql -- query-mysql Node.js third-party module query-mysql versions 0.0.0, 0.0.1, and 0.0.2 are vulnerable to an SQL injection vulnerability due to lack of user input sanitization. This may allow an attacker to run arbitrary SQL queries when fetching data from database. 2018-07-03 not yet calculated CVE-2018-3754
MISCrails_admin -- rails_admin
rails_admin ruby gem <v1.1.1 is vulnerable to cross-site request forgery (CSRF) attacks. Non-GET methods were not validating CSRF tokens and, as a result, an attacker could hypothetically gain access to the application administrative endpoints exposed by the gem. 2018-07-05 not yet calculated CVE-2016-10522
CONFIRM
MISC
MISCrealnetworks -- realoneplayer
RealOne Player 2.0 Build 6.0.11.872 allows remote attackers to cause a denial of service (array out-of-bounds access and application crash) via a crafted .aiff file. 2018-07-03 not yet calculated CVE-2018-13121
MISCred_hat -- openshift
In atomic-openshift before version 3.10.9 a malicious network-policy configuration can cause Openshift Routing to crash when using ovs-networkpolicy plugin. An attacker can use this flaw to cause a Denial of Service (DoS) attack on an Openshift 3.9, or 3.7 Cluster. 2018-07-05 not yet calculated CVE-2018-10885
CONFIRMred_hat-- fedora_and_enterprise_linux
setup before version 2.11.4-1.fc28 in Fedora and Red Hat Enterprise Linux added /sbin/nologin and /usr/sbin/nologin to /etc/shells. This violates security assumptions made by pam_shells and some daemons which allow access based on a user's shell being listed in /etc/shells. Under some circumstances, users which had their shell changed to /sbin/nologin could still access the system. 2018-07-02 not yet calculated CVE-2018-1113
CONFIRMredswimmer -- kiosksimple
KioskSimpleService.exe in RedSwimmer KioskSimple 1.4.7.0 suffers from a privilege escalation vulnerability in the WCF endpoint. The exposed methods allow read and write access to the Windows registry and control of services. These methods may be abused to achieve privilege escalation via execution of attacker controlled binaries. 2018-07-03 not yet calculated CVE-2018-13101
MISCroku -- roku_and_roku_tv_products
The External Control API in Roku and Roku TV products allow unauthorized access via a DNS Rebind attack. This can result in remote device control and privileged device and network information to be exfiltrated by an attacker. 2018-07-03 not yet calculated CVE-2018-11314
MISC
MISCrsa -- certificate_manager
RSA Certificate Manager Versions 6.9 build 560 through 6.9 build 564 contain a path traversal vulnerability in the RSA CMP Enroll Server and the RSA REST Enroll Server. A remote unauthenticated attacker could potentially exploit this vulnerability by manipulating input parameters of the application to gain unauthorized read access to the files stored on the server filesystem, with the privileges of the running web application. 2018-07-03 not yet calculated CVE-2018-11051
FULLDISC
SECTRACKruby-grape -- ruby-grape ruby-grape ruby gem suffers from a cross-site scripting (XSS) vulnerability via "format" parameter. 2018-07-05 not yet calculated CVE-2018-3769
CONFIRM
CONFIRM
CONFIRMschneider_electric -- evlink_charging_station In Schneider Electric Evlink Charging Station versions prior to v3.2.0-12_v1, the Web Interface has an issue that may allow a remote attacker to gain administrative privileges without properly authenticating remote users. 2018-07-03 not yet calculated CVE-2018-7778
CONFIRMschneider_electric -- pelco_sarix_professional_cameras In Schneider Electric Pelco Sarix Professional 1st generation cameras with firmware versions prior to 3.29.69, by sending a specially crafted request an authenticated user can view password in clear text and results in privilege escalation. 2018-07-03 not yet calculated CVE-2018-7781
CONFIRMschneider_electric -- pelco_sarix_professional_cameras In Schneider Electric Pelco Sarix Professional 1st generation cameras with firmware versions prior to 3.29.69, authenticated users can view passwords in clear text. 2018-07-03 not yet calculated CVE-2018-7782
CONFIRMschneider_electric -- pelco_sarix_professional_cameras In Schneider Electric Pelco Sarix Professional 1st generation cameras with firmware versions prior to 3.29.69, a buffer overflow vulnerability exist in cgi program "set". 2018-07-03 not yet calculated CVE-2018-7780
CONFIRMschneider_electric -- somachine_basic Schneider Electric SoMachine Basic prior to v1.6 SP1 suffers from an XML External Entity (XXE) vulnerability using the DTD parameter entities technique resulting in disclosure and retrieval of arbitrary data on the affected node via out-of-band (OOB) attack. The vulnerability is triggered when input passed to the xml parser is not sanitized while parsing the xml project/template file. 2018-07-03 not yet calculated CVE-2018-7783
CONFIRMschneider_electric -- u.motion_builder The vulnerability exists within processing of editobject.php in Schneider Electric U.motion Builder software versions prior to v1.3.4. The underlying SQLite database query is subject to SQL injection on the type input parameter. 2018-07-03 not yet calculated CVE-2018-7767
CONFIRMschneider_electric -- u.motion_builder The vulnerability exists within processing of track_import_export.php in Schneider Electric U.motion Builder software versions prior to v1.3.4. The underlying SQLite database query is subject to SQL injection on the object_id input parameter. 2018-07-03 not yet calculated CVE-2018-7765
CONFIRMschneider_electric -- u.motion_builder In Schneider Electric U.motion Builder software versions prior to v1.3.4, a cross site scripting (XSS) vulnerability exists which could allow injection of malicious scripts. 2018-07-03 not yet calculated CVE-2018-7786
BID
CONFIRMschneider_electric -- u.motion_builder The vulnerability exists within css.inc.php in Schneider Electric U.motion Builder software versions prior to v1.3.4. The 'css' parameter contains a directory traversal vulnerability. 2018-07-03 not yet calculated CVE-2018-7763
CONFIRMschneider_electric -- u.motion_builder The vulnerability exists within processing of xmlserver.php in Schneider Electric U.motion Builder software versions prior to v1.3.4. The underlying SQLite database query is subject to SQL injection on the id input parameter. 2018-07-03 not yet calculated CVE-2018-7769
CONFIRMschneider_electric -- u.motion_builder The vulnerability exists within runscript.php applet in Schneider Electric U.motion Builder software versions prior to v1.3.4. There is a directory traversal vulnerability in the processing of the 's' parameter of the applet. 2018-07-03 not yet calculated CVE-2018-7764
CONFIRMschneider_electric -- u.motion_builder The vulnerability exists within processing of sendmail.php in Schneider Electric U.motion Builder software versions prior to v1.3.4. The applet allows callers to select arbitrary files to send to an arbitrary email address. 2018-07-03 not yet calculated CVE-2018-7770
CONFIRMschneider_electric -- u.motion_builder The vulnerability exists within processing of localize.php in Schneider Electric U.motion Builder software versions prior to v1.3.4. The underlying SQLite database query is subject to SQL injection on the username input parameter. 2018-07-03 not yet calculated CVE-2018-7774
CONFIRMschneider_electric -- u.motion_builder In Schneider Electric U.motion Builder software versions prior to v1.3.4, this exploit occurs when the submitted data of an input string is evaluated as a command by the application. In this way, the attacker could execute code, read the stack, or cause a segmentation fault in the running application. 2018-07-03 not yet calculated CVE-2018-7784
BID
CONFIRMschneider_electric -- u.motion_builder The vulnerability exists within processing of loadtemplate.php in Schneider Electric U.motion Builder software versions prior to v1.3.4. The underlying SQLite database query is subject to SQL injection on the tpl input parameter. 2018-07-03 not yet calculated CVE-2018-7768
CONFIRMschneider_electric -- u.motion_builder The vulnerability exists within processing of track_getdata.php in Schneider Electric U.motion Builder software versions prior to v1.3.4. The underlying SQLite database query is subject to SQL injection on the id input parameter. 2018-07-03 not yet calculated CVE-2018-7766
CONFIRMschneider_electric -- u.motion_builder In Schneider Electric U.motion Builder software versions prior to v1.3.4, a remote command injection allows authentication bypass. 2018-07-03 not yet calculated CVE-2018-7785
BID
CONFIRMschneider_electric -- u.motion_builder In Schneider Electric U.motion Builder software versions prior to v1.3.4, malicious clients can upload and cause the smbd server to execute a shared library from a writable share. 2018-07-03 not yet calculated CVE-2018-7777
CONFIRMschneider_electric -- u.motion_builder The vulnerability exists within error.php in Schneider Electric U.motion Builder software versions prior to v1.3.4. System information is returned to the attacker that contains sensitive data. 2018-07-03 not yet calculated CVE-2018-7775
CONFIRMschneider_electric -- u.motion_builder The vulnerability exists within processing of nfcserver.php in Schneider Electric U.motion Builder software versions prior to v1.3.4. The underlying SQLite database query is subject to SQL injection on the sessionid input parameter. 2018-07-03 not yet calculated CVE-2018-7773
CONFIRMschneider_electric -- u.motion_builder The vulnerability exists within processing of editscript.php in Schneider Electric U.motion Builder software versions prior to v1.3.4. A directory traversal vulnerability allows a caller with standard user privileges to write arbitrary php files anywhere in the web service directory tree. 2018-07-03 not yet calculated CVE-2018-7771
CONFIRMschneider_electric -- u.motion_builder The vulnerability exists within processing of applets which are exposed on the web service in Schneider Electric U.motion Builder software versions prior to v1.3.4. The underlying SQLite database query to determine whether a user is logged in is subject to SQL injection on the loginSeed parameter, which can be embedded in the HTTP cookie of the request. 2018-07-03 not yet calculated CVE-2018-7772
CONFIRMschneider_electric -- u.motion_builder In Schneider Electric U.motion Builder software versions prior to v1.3.4, this vulnerability is due to improper validation of input of context parameter in HTTP GET request. 2018-07-03 not yet calculated CVE-2018-7787
BID
CONFIRMschneider_electric -- u.motion_builder
The vulnerability is due to insufficient handling of update_file request parameter on update_module.php in Schneider Electric U.motion Builder software versions prior to v1.3.4. A remote, authenticated attacker can exploit this vulnerability by sending a crafted request to the target server. 2018-07-03 not yet calculated CVE-2018-7776
CONFIRMschneider_electric -- wiser_for_knx In Schneider Electric Wiser for KNX V2.1.0 and prior, homeLYnk V2.0.1 and prior; and spaceLYnk V2.1.0 and prior, weak and unprotected FTP access could allow an attacker unauthorized access. 2018-07-03 not yet calculated CVE-2018-7779
CONFIRMsencha -- ext_js The getTip() method of Action Columns of Sencha Ext JS 4 to 6 before 6.6.0 is vulnerable to XSS attacks, even when passed HTML-escaped data. This framework brings no built-in XSS protection, so the developer has to ensure that data is correctly sanitized. However, the getTip() method of Action Columns takes HTML-escaped data and un-escapes it. If the tooltip contains user-controlled data, an attacker could exploit this to create a cross-site scripting attack, even when developers took precautions and escaped data. 2018-07-05 not yet calculated CVE-2018-8046
CONFIRM
FULLDISCsiemens -- siclock A vulnerability has been identified in SICLOCK TC100 (All versions) and SICLOCK TC400 (All versions). An attacker with administrative access to the device's management interface could lock out legitimate users. Manual interaction is required to restore the access of legitimate users. 2018-07-03 not yet calculated CVE-2018-4856
BID
CONFIRMsiemens -- siclock A vulnerability has been identified in SICLOCK TC100 (All versions) and SICLOCK TC400 (All versions). An attacker with network access to port 69/udp could modify the administrative client stored on the device. If a legitimate user downloads and executes the modified client from the affected device, then he/she could obtain code execution on the client system. 2018-07-03 not yet calculated CVE-2018-4854
BID
CONFIRMsiemens -- siclock A vulnerability has been identified in SICLOCK TC100 (All versions) and SICLOCK TC400 (All versions). An attacker with network access to the device could cause a Denial-of-Service condition by sending certain packets to the device, causing potential reboots of the device. The core functionality of the device could be impacted. The time serving functionality recovers when time synchronization with GPS devices or other NTP servers are completed. 2018-07-03 not yet calculated CVE-2018-4851
BID
CONFIRMsiemens -- siclock A vulnerability has been identified in SICLOCK TC100 (All versions) and SICLOCK TC400 (All versions). An attacker with network access to the device could potentially circumvent the authentication mechanism if he/she is able to obtain certain knowledge specific to the attacked device. 2018-07-03 not yet calculated CVE-2018-4852
BID
CONFIRMsiemens -- siclock A vulnerability has been identified in SICLOCK TC100 (All versions) and SICLOCK TC400 (All versions). An attacker with network access to port 69/udp could modify the firmware of the device. 2018-07-03 not yet calculated CVE-2018-4853
BID
CONFIRMsiemens -- siclock A vulnerability has been identified in SICLOCK TC100 (All versions) and SICLOCK TC400 (All versions). Unencrypted storage of passwords in the client configuration files and during network transmission could allow an attacker in a privileged position to obtain access passwords. 2018-07-03 not yet calculated CVE-2018-4855
BID
CONFIRMsingularity -- singularity Singularity 2.3.0 through 2.5.1 is affected by an incorrect access control on systems supporting overlay file system. When using the overlay option, a malicious user may access sensitive information by exploiting a few specific Singularity features. 2018-07-05 not yet calculated CVE-2018-12021
CONFIRMsonos -- wireless_speaker_products The UPnP HTTP server on Sonos wireless speaker products allow unauthorized access via a DNS rebinding attack. This can result in remote device control and privileged device and network information to be exfiltrated by an attacker. 2018-07-03 not yet calculated CVE-2018-11316
MISC
MISCsynology -- carddav_server
Cross-site scripting (XSS) vulnerability in Address Book Editor in Synology CardDAV Server before 6.0.8-0086 allows remote authenticated users to inject arbitrary web script or HTML via the (1) family_name, (2) given_name, or (3) additional_name parameter. 2018-07-05 not yet calculated CVE-2018-8928
CONFIRMsynology -- synology_ssl_vpn_client
Improper restriction of communication channel to intended endpoints vulnerability in HTTP daemon in Synology SSL VPN Client before 1.2.4-0224 allows remote attackers to conduct man-in-the-middle attacks via a crafted payload. 2018-07-06 not yet calculated CVE-2018-8929
CONFIRMsynology -- universal_search Improper authorization vulnerability in Highlight Preview in Synology Universal Search before 1.0.5-0135 allows remote authenticated users to bypass permission checks for directories in POSIX mode. 2018-07-05 not yet calculated CVE-2017-16773
CONFIRMtcexam -- tcexam TCExam before 14.1.2 has XSS via an ff_ or xl_ field. 2018-07-07 not yet calculated CVE-2018-13422
MISCtcpreplay -- tcpreplay
get_l2len in common/get.c in Tcpreplay 4.3.0 beta 1 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via crafted packets, as demonstrated by tcpprep. 2018-07-03 not yet calculated CVE-2018-13112
MISCtp-link -- archer_c1200_wireless_router TP-Link Archer C1200 1.13 Build 2018/01/24 rel.52299 EU devices have XSS via the PATH_INFO to the /webpages/data URI. 2018-07-04 not yet calculated CVE-2018-13134
MISCtp-link -- tl-wr841n_devices The Ping and Traceroute features on TP-Link TL-WR841N v13 00000001 0.9.1 4.16 v0001.0 Build 180119 Rel.65243n devices allow authenticated blind Command Injection. 2018-07-02 not yet calculated CVE-2018-12577
MISCtp-link -- tl-wr841n_devices CSRF exists for all actions in the web interface on TP-Link TL-WR841N v13 00000001 0.9.1 4.16 v0001.0 Build 180119 Rel.65243n devices. 2018-07-02 not yet calculated CVE-2018-12574
MISCtp-link -- tl-wr841n_devices TP-Link TL-WR841N v13 00000001 0.9.1 4.16 v0001.0 Build 180119 Rel.65243n devices allow clickjacking. 2018-07-02 not yet calculated CVE-2018-12576
MISCtp-link -- tl-wr841n_devices On TP-Link TL-WR841N v13 00000001 0.9.1 4.16 v0001.0 Build 171019 Rel.55346n devices, all actions in the web interface are affected by bypass of authentication via an HTTP request. 2018-07-02 not yet calculated CVE-2018-12575
MISCtrackr -- trackr_bravo Unauthenticated access to the cloud-based service maintained by TrackR Bravo is allowed for querying or sending GPS data for any Trackr device by using the tracker ID number which can be discovered as described in CVE-2016-6539. Updated apps, version 5.1.6 for iOS and 2.2.5 for Android, have been released by the vendor to address the vulnerabilities in CVE-2016-6538, CVE-2016-6539, CVE-2016-6540 and CVE-2016-6541. 2018-07-06 not yet calculated CVE-2016-6540
BID
MISC
CERT-VN
MISCtrackr -- trackr_bravo The Trackr device ID is constructed of a manufacturer identifier of four zeroes followed by the BLE MAC address in reverse. The MAC address can be obtained by being in close proximity to the Bluetooth device, effectively exposing the device ID. The ID can be used to track devices. Updated apps, version 5.1.6 for iOS and 2.2.5 for Android, have been released by the vendor to address the vulnerabilities in CVE-2016-6538, CVE-2016-6539, CVE-2016-6540 and CVE-2016-6541. 2018-07-06 not yet calculated CVE-2016-6539
BID
MISC
CERT-VN
MISCtrackr -- trackr_bravo TrackR Bravo device allows unauthenticated pairing, which enables unauthenticated connected applications to write to various device attributes. Updated apps, version 5.1.6 for iOS and 2.2.5 for Android, have been released by the vendor to address the vulnerabilities in CVE-2016-6538, CVE-2016-6539, CVE-2016-6540 and CVE-2016-6541. 2018-07-06 not yet calculated CVE-2016-6541
BID
MISC
CERT-VN
MISCtrackr -- trackr_bravo
The TrackR Bravo mobile app stores the account password used to authenticate to the cloud API in cleartext in the cache.db file. Updated apps, version 5.1.6 for iOS and 2.2.5 for Android, have been released by the vendor to address the vulnerabilities in CVE-2016-6538, CVE-2016-6539, CVE-2016-6540 and CVE-2016-6541. 2018-07-06 not yet calculated CVE-2016-6538
BID
MISC
CERT-VN
MISCtrend_micro -- maximum_security_2018 A vulnerability in Trend Micro Maximum Security's (Consumer) 2018 (versions 12.0.1191 and below) User-Mode Hooking (UMH) driver could allow an attacker to create a specially crafted packet that could alter a vulnerable system in such a way that malicious code could be injected into other processes. 2018-07-06 not yet calculated CVE-2018-3608
MISC
MISCubiquiti -- ucrm Ubiquiti UCRM versions 2.3.0 to 2.7.7 allow an authenticated user to read arbitrary files in the local file system. Note that by default, the local file system is isolated in a docker container. Successful exploitation requires valid credentials to an account with "Edit" access to "System Customization". 2018-07-03 not yet calculated CVE-2017-0913
MISC
MISCubiquiti -- ucrm Ubiquiti UCRM versions 2.5.0 to 2.7.7 are vulnerable to Stored Cross-site Scripting. Due to the lack sanitization, it is possible to inject arbitrary HTML code by manipulating the uploaded filename. Successful exploitation requires valid credentials to an account with "Edit" access to "Scheduling". 2018-07-03 not yet calculated CVE-2017-0912
MISCwordpress -- wordpress The WP Live Chat Support Pro plugin before 8.0.07 for WordPress is vulnerable to unauthenticated Remote Code Execution due to client-side validation of allowed file types, as demonstrated by a v1/remote_upload request with a .php filename and the image/jpeg content type. 2018-07-02 not yet calculated CVE-2018-12426
MISC
MISCwordpress -- wordpress The Ultimate Member (aka ultimatemember) plugin before 2.0.18 for WordPress has XSS via the wp-admin settings screen. 2018-07-04 not yet calculated CVE-2018-13136
MISC
MISCxapian -- xapian-core
A cross-site scripting vulnerability in queryparser/termgenerator_internal.cc in Xapian xapian-core before 1.4.6 exists due to incomplete HTML escaping by Xapian::MSet::snippet(). 2018-07-02 not yet calculated CVE-2018-0499
CONFIRM
CONFIRMxen -- xen An issue was discovered in Xen through 4.10.x. Certain PV MMU operations may take a long time to process. For that reason Xen explicitly checks for the need to preempt the current vCPU at certain points. A few rarely taken code paths did bypass such checks. By suitably enforcing the conditions through its own page table contents, a malicious guest may cause such bypasses to be used for an unbounded number of iterations. A malicious or buggy PV guest may cause a Denial of Service (DoS) affecting the entire host. Specifically, it may prevent use of a physical CPU for an indeterminate period of time. All Xen versions from 3.4 onwards are vulnerable. Xen versions 3.3 and earlier are vulnerable to an even wider class of attacks, due to them lacking preemption checks altogether in the affected code paths. Only x86 systems are affected. ARM systems are not affected. Only multi-vCPU x86 PV guests can leverage the vulnerability. x86 HVM or PVH guests as well as x86 single-vCPU PV ones cannot leverage the vulnerability. 2018-07-02 not yet calculated CVE-2018-12891
MLIST
BID
SECTRACK
CONFIRM
CONFIRM
DEBIANxen -- xen An issue was discovered in Xen through 4.10.x. One of the fixes in XSA-260 added some safety checks to help prevent Xen livelocking with debug exceptions. Unfortunately, due to an oversight, at least one of these safety checks can be triggered by a guest. A malicious PV guest can crash Xen, leading to a Denial of Service. All Xen systems which have applied the XSA-260 fix are vulnerable. Only x86 systems are vulnerable. ARM systems are not vulnerable. Only x86 PV guests can exploit the vulnerability. x86 HVM and PVH guests cannot exploit the vulnerability. An attacker needs to be able to control hardware debugging facilities to exploit the vulnerability, but such permissions are typically available to unprivileged users. 2018-07-02 not yet calculated CVE-2018-12893
MLIST
BID
SECTRACK
CONFIRM
CONFIRM
CONFIRM
DEBIANxen -- xen An issue was discovered in Xen 4.7 through 4.10.x. libxl fails to pass the readonly flag to qemu when setting up a SCSI disk, due to what was probably an erroneous merge conflict resolution. Malicious guest administrators or (in some situations) users may be able to write to supposedly read-only disk images. Only emulated SCSI disks (specified as "sd" in the libxl disk configuration, or an equivalent) are affected. IDE disks ("hd") are not affected (because attempts to make them readonly are rejected). Additionally, CDROM devices (that is, devices specified to be presented to the guest as CDROMs, regardless of the nature of the backing storage on the host) are not affected; they are always read only. Only systems using qemu-xen (rather than qemu-xen-traditional) as the device model version are vulnerable. Only systems using libxl or libxl-based toolstacks are vulnerable. (This includes xl, and libvirt with the libxl driver.) The vulnerability is present in Xen versions 4.7 and later. (In earlier versions, provided that the patch for XSA-142 has been applied, attempts to create read only disks are rejected.) If the host and guest together usually support PVHVM, the issue is exploitable only if the malicious guest administrator has control of the guest kernel or guest kernel command line. 2018-07-02 not yet calculated CVE-2018-12892
MLIST
BID
SECTRACK
CONFIRM
DEBIANzoho -- manageengine_applications_manager A SQL Injection vulnerability exists in Zoho ManageEngine Applications Manager 13.x via the j_username parameter in a /j_security_check POST request. 2018-07-02 not yet calculated CVE-2018-13050
MISCzoho -- manageengine_eventlog_analyzer An issue was discovered in Zoho ManageEngine EventLog Analyzer 11.12. A Cross-Site Scripting vulnerability allows a remote attacker to inject arbitrary web script or HTML via the search functionality (the search box of the Dashboard). 2018-07-02 not yet calculated CVE-2018-10076
CONFIRMzoho -- manageengine_eventlog_analyzer
Cross-site scripting (XSS) vulnerability in Zoho ManageEngine EventLog Analyzer 11.12 allows remote attackers to inject arbitrary web script or HTML via the import logs feature. 2018-07-02 not yet calculated CVE-2018-10075
CONFIRMzzcms -- zzcms
/user/del.php in zzcms 8.3 allows SQL injection via the tablename parameter after leveraging use of the zzcms_ask table. 2018-07-03 not yet calculated CVE-2018-13116
MISCzzcms -- zzcms
An issue was discovered on zzcms 8.3. There is a vulnerability at /user/del.php that can delete any file by placing its relative path into the zzcms_main table and then making an img add request. This can be leveraged for database access by deleting install.lock. 2018-07-02 not yet calculated CVE-2018-13056
MISC
This product is provided subject to this Notification and this Privacy & Use policy.
-
Original release date: July 06, 2018
The Center for Internet Security (CIS) has released its 2017 Year in Review. CIS is home to the Multi-State Information Sharing and Analysis Center (MS-ISAC), an NCCIC partner focused on cyber threat prevention, protection, response, and recovery for U.S. state, local, tribal, and territorial government entities. The review highlights CIS's role in improving cyber defense and MS-ISAC's advances in membership, monitoring, cyber education, and information sharing with partners.
This product is provided subject to this Notification and this Privacy & Use policy.
-
Original release date: July 06, 2018
Apple has released a security update to address vulnerabilities in Wi-Fi for Boot Camp 6.4.0. An attacker could exploit these vulnerabilities to obtain access to sensitive information.
NCCIC encourages users and administrators to review Apple?s security page for Wi-Fi Update for Boot Camp 6.4.0 and apply the necessary update.
This product is provided subject to this Notification and this Privacy & Use policy.
