index_ label1 index_ label1
Providing services for federal, state and local government ...
index_ label2 index_ label2
Our commercial entity operations, providing enterprise services ...
index_ label3 index_ label3
How do we prepare for what's to come next? See inside ...
I.T. News
We are constantly interested in the latest and up-to-date technology.
As we move forward with the software development we will continue to use new technologies to improve our products and the customer experience. And we will continue to develop our solutions with both new functionality and increasing integration with the latest major platforms.

As the growing market shares and interests in the I.T. virtualization, we tailored the unique virtualization solution vFleXtor using proven, modern up-to-date technology.

Timely information about security topics and threats:

US-CERT: The United States Computer Emergency Readiness Team
  • Original release date: February 15, 2019

    VMware has released security updates to address a vulnerability affecting multiple VMware products. An attacker could exploit this vulnerability to take control of an affected system.  

    The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review VMware Security Advisory VMSA-2019-0001 and apply the necessary updates.


    This product is provided subject to this Notification and this Privacy & Use policy.


  • Original release date: February 14, 2019

    Mozilla has released a security update to address vulnerabilities in Thunderbird. An attacker could exploit some of these vulnerabilities to take control of an affected system.

    The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the Mozilla Security Advisory for Thunderbird 60.5.1 and apply the necessary update.


    This product is provided subject to this Notification and this Privacy & Use policy.


  • Original release date: February 12, 2019

    Mozilla has released security updates to address vulnerabilities in Firefox and Firefox ESR. An attacker could exploit some of these vulnerabilities to take control of an affected system.

    The National Cybersecurity and Communications Integration Center (NCCIC), part of the Cybersecurity and Infrastructure Security Agency (CISA), encourages users and administrators to review the Mozilla Security Advisories for Firefox 65.0.1 and Firefox ESR 60.5.1 and apply the necessary updates. 


    This product is provided subject to this Notification and this Privacy & Use policy.


  • Original release date: February 12, 2019

    Microsoft has released updates to address multiple vulnerabilities in Microsoft software. A remote attacker could exploit some of these vulnerabilities to take control of an affected system.

    The National Cybersecurity and Communications Integration Center (NCCIC), part of the Cybersecurity and Infrastructure Security Agency (CISA), encourages users and administrators to review Microsoft's February 2019 Security Update Summary and Deployment Information and apply the necessary updates.


    This product is provided subject to this Notification and this Privacy & Use policy.


  • Original release date: February 12, 2019

    The Federal Trade Commission (FTC) has released an article addressing a rise in reports of internet romance scams. In this type of fraud, cyber criminals gain the confidence of their victims and trick them into sending money. Use caution when online dating, and never send money or gifts to someone you have not met in person.

    The National Cybersecurity and Communications Integration Center (NCCIC), part of the Cybersecurity and Infrastructure Security Agency (CISA), encourages users to review FTC?s article on Romance Scams and NCCIC?s tip on Staying Safe on Social Networking Sites. If you think you have been a target of a romance scam, file a report with


    This product is provided subject to this Notification and this Privacy & Use policy.


  • Original release date: February 12, 2019

    Cisco has released a security update to address a vulnerability in Network Assurance Engine. An attacker could exploit this vulnerability to obtain sensitive information.

    The National Cybersecurity and Communications Integration Center (NCCIC), part of the Cybersecurity and Infrastructure Security Agency (CISA), encourages users and administrators to review the Cisco Security Advisory and apply the necessary update.


    This product is provided subject to this Notification and this Privacy & Use policy.


  • Original release date: February 12, 2019

    Adobe has released security updates to address vulnerabilities affecting Adobe Flash Player, Acrobat and Reader, ColdFusion, and Creative Cloud Desktop Application. An attacker could exploit some of these vulnerabilities to take control of an affected system.

    The National Cybersecurity and Communications Integration Center (NCCIC), part of the Cybersecurity and Infrastructure Security Agency (CISA), encourages users and administrators to review Adobe Security Bulletins, APSB19-06, APSB19-07, APSB19-10, and APSB19-11, and apply the necessary updates.


    This product is provided subject to this Notification and this Privacy & Use policy.


  • Original release date: February 12, 2019

    The Cybersecurity and Infrastructure Security Agency (CISA) has added an additional session to the virtual awareness briefing on Chinese malicious cyber activity targeting managed service providers. The briefing will be held on Thursday, February 14, 2019, from 1-2 p.m. ET. The briefing will provide a background on the identified cyber activity and mitigation techniques. Click here to register.


    This product is provided subject to this Notification and this Privacy & Use policy.


  • Original release date: February 11, 2019 | Last revised: February 12, 2019

    The National Cybersecurity and Communications Integration Center (NCCIC), part of the Cybersecurity and Infrastructure Security Agency (CISA), is aware of a vulnerability affecting several open-source container management systems that leverage runc.

    NCCIC encourages users and administrators to review the runc security advisory, and the RedHat and Amazon Web Services blogs; and refer to OS and application vendors for mitigations and updates as they become available.


    This product is provided subject to this Notification and this Privacy & Use policy.


  • Original release date: February 11, 2019 | Last revised: February 14, 2019

    The US-CERT Cyber Security Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD) in the past week. The NVD is sponsored by the Department of Homeland Security (DHS) National Cybersecurity and Communications Integration Center (NCCIC) / United States Computer Emergency Readiness Team (US-CERT). For modified or updated entries, please visit the NVD, which contains historical vulnerability information.

    The vulnerabilities are based on the CVE vulnerability naming standard and are organized according to severity, determined by the Common Vulnerability Scoring System (CVSS) standard. The division of high, medium, and low severities correspond to the following scores:

    • High - Vulnerabilities will be labeled High severity if they have a CVSS base score of 7.0 - 10.0

    • Medium - Vulnerabilities will be labeled Medium severity if they have a CVSS base score of 4.0 - 6.9

    • Low - Vulnerabilities will be labeled Low severity if they have a CVSS base score of 0.0 - 3.9

    Entries may include additional information provided by organizations and efforts sponsored by US-CERT. This information may include identifying information, values, definitions, and related links. Patch information is provided when available. Please note that some of the information in the bulletins is compiled from external, open source reports and is not a direct result of US-CERT analysis.

    The NCCIC Weekly Vulnerability Summary Bulletin is created using information from the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD). In some cases, the vulnerabilities in the bulletin may not yet have assigned CVSS scores. Please visit NVD for updated vulnerability entries, which include CVSS scores once they are available.

     

    High Vulnerabilities

    Primary
    Vendor -- Product
    DescriptionPublishedCVSS ScoreSource & Patch Info
    advantech -- webaccess/scadaWebAccess/SCADA, Version 8.3. An improper authentication vulnerability exists that could allow a possible authentication bypass allowing an attacker to upload malicious data.2019-02-057.5CVE-2019-6519
    BID
    MISC
    advantech -- webaccess/scadaWebAccess/SCADA, Version 8.3. Specially crafted requests could allow a possible authentication bypass that could allow an attacker to obtain and manipulate sensitive information.2019-02-057.5CVE-2019-6521
    BID
    MISC
    advantech -- webaccess/scadaWebAccess/SCADA, Version 8.3. The software does not properly sanitize its inputs for SQL commands.2019-02-057.5CVE-2019-6523
    BID
    MISC
    articatech -- artica_proxyArtica Proxy 3.06.200056 allows remote attackers to execute arbitrary commands as root by reading the ressources/settings.inc ldap_admin and ldap_password fields, using these credentials at logon.php, and then entering the commands in the admin.index.php command-line field.2019-02-019.0CVE-2019-7300
    MISC
    MISC
    baijiacms_project -- baijiacmsAn issue was discovered in baijiacms V4 that can result in time-based blind SQL injection to get data via the cate parameter in an index.php?act=index request.2019-02-077.5CVE-2019-7568
    MISC
    bijiadao -- waimai_super_cmsAn issue was discovered in Waimai Super Cms 20150505. web/Lib/Action/PublicAction.class.php allows time-based SQL Injection via the param array parameter to the /index.php?m=public&a=checkemail URI.2019-02-077.5CVE-2019-7585
    MISC
    bo-blog -- bwBo-blog Wind through 1.6.0-r allows SQL Injection via the admin.php/comments/batchdel/ comID parameter because this parameter is mishandled in the mode/admin.mode.php delBlockedBatch function.2019-02-077.5CVE-2019-7587
    MISC
    cisco -- aironet_active_sensorA vulnerability in the default configuration of the Cisco Aironet Active Sensor could allow an unauthenticated, remote attacker to restart the sensor. The vulnerability is due to a default local account with a static password. The account has privileges only to reboot the device. An attacker could exploit this vulnerability by guessing the account name and password to access the CLI. A successful exploit could allow the attacker to reboot the device repeatedly, creating a denial of service (DoS) condition. It is not possible to change the configuration or view sensitive data with this account. Versions prior to DNAC1.2.8 are affected.2019-02-077.8CVE-2019-1675
    BID
    CISCO
    css-tricks -- chat2An issue was discovered in CSS-TRICKS Chat2 through 2015-05-05. The userid parameter in jumpin.php has a SQL injection vulnerability.2019-02-047.5CVE-2019-7316
    MISC
    MISC
    defaults-deep_project -- defaults-deepA prototype pollution vulnerability was found in defaults-deep <=0.2.4 that would allow a malicious user to inject properties onto Object.prototype.2019-02-017.5CVE-2018-16486
    MISC
    dlink -- dir-823g_firmwareAn issue was discovered on D-Link DIR-823G devices with firmware through 1.02B03. A command Injection vulnerability allows attackers to execute arbitrary OS commands via a crafted /HNAP1 request. This occurs when any HNAP API function triggers a call to the system function with untrusted input from the request body, such as a body of ' /bin/telnetd' for the GetDeviceSettingsset API function. Consequently, an attacker can execute any command remotely when they control this input.2019-02-019.3CVE-2019-7298
    BID
    MISC
    dlink -- dir-823g_firmwareAn issue was discovered in /bin/goahead on D-Link DIR-823G devices with the firmware 1.02B03. There is incorrect access control allowing remote attackers to reset the router without authentication via the SetFactoryDefault HNAP API. Consequently, an attacker can achieve a denial-of-service attack without authentication.2019-02-047.8CVE-2019-7389
    BID
    MISC
    f5 -- big-ip_local_traffic_managerOn BIG-IP LTM 13.0.0 to 13.0.1 and 12.1.0 to 12.1.3.6, under certain conditions, the TMM may consume excessive resources when processing SSL Session ID Persistence traffic.2019-02-057.1CVE-2019-6590
    BID
    CONFIRM
    fastnet -- mailcleanerFastnet SA MailCleaner version 2018092601 contains a Command Injection (CWE-78) vulnerability in /admin/managetracing/search/search that can result in an authenticated web application user running commands on the underlying web server as root. This attack appears to be exploitable via Post-authentication access to the web server.2019-02-049.0CVE-2018-1000999
    MISC
    fortinet -- fortiosA format string vulnerability in Fortinet FortiOS 5.6.0 allows attacker to execute unauthorized code or commands via the SSH username variable.2019-02-087.5CVE-2018-1352
    CONFIRM
    haraka_project -- harakaHaraka version 2.8.8 and earlier comes with a plugin for processing attachments for zip files. Versions 2.8.8 and earlier can be vulnerable to command injection.2019-02-057.5CVE-2016-1000282
    MISC
    haxx -- libcurllibcurl versions from 7.34.0 to before 7.64.0 are vulnerable to a heap out-of-bounds read in the code handling the end-of-response for SMTP. If the buffer passed to `smtp_endofresp()` isn't NUL terminated and contains no character ending the parsed number, and `len` is set to 5, then the `strtol()` call reads beyond the allocated buffer. The read contents will not be returned to the caller.2019-02-067.5CVE-2019-3823
    BID
    CONFIRM
    MISC
    UBUNTU
    DEBIAN
    lifesize -- networker_220_firmwareLifeSize Team, Room, Passport, and Networker 220 devices allow Authenticated Remote OS Command Injection, as demonstrated by shell metacharacters in the support/mtusize.php mtu_size parameter. The lifesize default password for the cli account may sometimes be used for authentication.2019-02-089.0CVE-2019-7632
    MISC
    live555 -- streaming_medialiblivemedia in Live555 before 2019.02.03 mishandles the termination of an RTSP stream after RTP/RTCP-over-RTSP has been set up, which could lead to a Use-After-Free error that causes the RTSP server to crash (Segmentation fault) or possibly have unspecified other impact.2019-02-037.5CVE-2019-7314
    MISC
    MISC
    mozilla -- firefoxA use-after-free vulnerability can occur while parsing an HTML5 stream in concert with custom HTML elements. This results in the stream parser object being freed while still in use, leading to a potentially exploitable crash. This vulnerability affects Thunderbird < 60.5, Firefox ESR < 60.5, and Firefox < 65.2019-02-057.5CVE-2018-18500
    BID
    REDHAT
    REDHAT
    REDHAT
    REDHAT
    MLIST
    UBUNTU
    DEBIAN
    CONFIRM
    CONFIRM
    CONFIRM
    mozilla -- firefoxMozilla developers and community members reported memory safety bugs present in Firefox 64 and Firefox ESR 60.4. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Thunderbird < 60.5, Firefox ESR < 60.5, and Firefox < 65.2019-02-057.5CVE-2018-18501
    BID
    REDHAT
    REDHAT
    REDHAT
    REDHAT
    MLIST
    UBUNTU
    DEBIAN
    CONFIRM
    CONFIRM
    CONFIRM
    mozilla -- firefoxMozilla developers and community members reported memory safety bugs present in Firefox 64. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Firefox < 65.2019-02-0510.0CVE-2018-18502
    BID
    UBUNTU
    CONFIRM
    mozilla -- firefoxA crash and out-of-bounds read can occur when the buffer of a texture client is freed while it is still in use during graphic operations. This results is a potentially exploitable crash and the possibility of reading from the memory of the freed buffers. This vulnerability affects Firefox < 65.2019-02-057.5CVE-2018-18504
    BID
    UBUNTU
    CONFIRM
    mozilla -- firefoxAn earlier fix for an Inter-process Communication (IPC) vulnerability, CVE-2011-3079, added authentication to communication between IPC endpoints and server parents during IPC process creation. This authentication is insufficient for channels created after the IPC process is started, leading to the authentication not being correctly applied to later channels. This could allow for a sandbox escape through IPC channels due to lack of message validation in the listener process. This vulnerability affects Thunderbird < 60.5, Firefox ESR < 60.5, and Firefox < 65.2019-02-057.5CVE-2018-18505
    BID
    REDHAT
    REDHAT
    REDHAT
    REDHAT
    CONFIRM
    MLIST
    UBUNTU
    DEBIAN
    CONFIRM
    CONFIRM
    CONFIRM
    opt-net -- ng-netmsOPT/NET BV OPTOSS Next Gen Network Management System (NG-NetMS) version v3.6-2 and earlier versions contains a SQL Injection vulnerability in Identified vulnerable parameters: id, id_access_type and id_attr_access that can result in a malicious attacker can include own SQL commands which database will execute. This attack appears to be exploitable via network connectivity.2019-02-047.5CVE-2019-1000023
    MISC
    MISC
    MISC
    pizzashack -- rsshInsufficient sanitization of arguments passed to rsync can bypass the restrictions imposed by rssh, a restricted shell that should restrict users to perform only rsync operations, resulting in the execution of arbitrary shell commands.2019-02-067.5CVE-2019-3463
    BID
    MLIST
    MISC
    DEBIAN
    rdesktop -- rdesktoprdesktop versions up to and including v1.8.3 contain a Heap-Based Buffer Overflow in function cssp_read_tsrequest() that results in a memory corruption and probably even a remote code execution.2019-02-057.5CVE-2018-8793
    BID
    MISC
    rdesktop -- rdesktoprdesktop versions up to and including v1.8.3 contain an Integer Overflow that leads to an Out-Of-Bounds Write in function process_bitmap_updates() and results in a memory corruption and possibly even a remote code execution.2019-02-057.5CVE-2018-8794
    BID
    MISC
    rdesktop -- rdesktoprdesktop versions up to and including v1.8.3 contain an Integer Overflow that leads to a Heap-Based Buffer Overflow in function process_bitmap_updates() and results in a memory corruption and probably even a remote code execution.2019-02-057.5CVE-2018-8795
    BID
    MISC
    rdesktop -- rdesktoprdesktop versions up to and including v1.8.3 contain a Heap-Based Buffer Overflow in function process_plane() that results in a memory corruption and probably even a remote code execution.2019-02-057.5CVE-2018-8797
    BID
    MISC
    rdesktop -- rdesktoprdesktop versions up to and including v1.8.3 contain a Heap-Based Buffer Overflow in function ui_clip_handle_data() that results in a memory corruption and probably even a remote code execution.2019-02-057.5CVE-2018-8800
    BID
    MISC
    wibu -- wibukeyAn exploitable pool corruption vulnerability exists in the 0x8200E804 IOCTL handler functionality of WIBU-SYSTEMS WibuKey.sys Version 6.40 (Build 2400). A specially crafted IRP request can cause a buffer overflow, resulting in kernel memory corruption and, potentially, privilege escalation. An attacker can send an IRP request to trigger this vulnerability.2019-02-057.2CVE-2018-3990
    MISC
    zevenet -- zen_load_balancerZen Load Balancer 3.10.1 allows remote authenticated admin users to execute arbitrary commands as root via shell metacharacters in the index.cgi?action=View_Cert certname parameter.2019-02-019.0CVE-2019-7301
    BID
    MISC
    Back to top

     

    Medium Vulnerabilities

    Primary
    Vendor -- Product
    DescriptionPublishedCVSS ScoreSource & Patch Info
    apache -- subversionSubversion's mod_dav_svn Apache HTTPD module versions 1.11.0 and 1.10.0 to 1.10.3 will crash after dereferencing an uninitialized pointer if the client omits the root path in a recursive directory listing operation.2019-02-055.0CVE-2018-11803
    BID
    CONFIRM
    UBUNTU
    audacityteam -- audacityAudacity version 2.1.2 is vulnerable to DLL Hijack, it tries to load avformat-55.dll without supplying the absolute path, thus relying upon the presence of such DLL on the system directory. This behavior results in an exploitable DLL Hijack vulnerability, even if the SafeDllSerchMode flag is enabled.2019-02-046.0CVE-2016-1000276
    CONFIRM
    MISC
    bijiadao -- waimai_super_cmsAn issue was discovered in Waimai Super Cms 20150505. admin.php?m=Member&a=adminaddsave has XSS via the username or password parameter.2019-02-074.3CVE-2019-7567
    MISC
    boolector_project -- boolectorIn parser/btorsmt2.c in Boolector 3.0.0, opening a specially crafted input file leads to a use after free in get_failed_assumptions or btor_delete.2019-02-074.3CVE-2019-7560
    MISC
    MISC
    btor2tools_project -- btor2toolsIn btor2parser/btor2parser.c in Boolector Btor2Tools before 2019-01-15, opening a specially crafted input file leads to an out of bounds write in pusht_bfr.2019-02-074.3CVE-2019-7559
    MISC
    canvasgfx -- canvas_drawAn exploitable out of bounds write exists in the CAL parsing functionality of Canvas Draw version 5.0.0. A specially crafted CAL image processed via the application can lead to an out of bounds write overwriting arbitrary data. An attacker can deliver a PCX image to trigger this vulnerability and gain code execution.2019-02-066.8CVE-2018-3973
    BID
    MISC
    canvasgfx -- canvas_drawAn exploitable out-of-bounds write exists in the CALS Raster file format-parsing functionality of Canvas Draw version 5.0.0.28. A specially crafted CAL image processed via the application can lead to an out-of-bounds write, overwriting arbitrary data. An attacker can deliver a CAL image to trigger this vulnerability and gain code execution.2019-02-066.8CVE-2018-3976
    BID
    MISC
    chamilo -- chamilo_lmsChamilo Chamilo-lms version 1.11.8 and earlier contains an Incorrect Access Control vulnerability in Tickets component that can result in an authenticated user can read all tickets available on the platform, due to lack of access controls. This attack appears to be exploitable via ticket_id=[ticket number]. This vulnerability appears to have been fixed in 1.11.x after commit 33e2692a37b5b6340cf5bec1a84e541460983c03.2019-02-044.0CVE-2019-1000017
    MISC
    MISC
    cisco -- firepower_management_centerA vulnerability in the web-based management interface of Cisco Firepower Management Center (FMC) could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected system. The vulnerability is due to insufficient validation of user-supplied input by the web-based management interface of the affected system. An attacker could exploit this vulnerability by persuading a user of the interface to click a maliciously crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected interface or access sensitive, browser-based information.2019-02-074.3CVE-2019-1671
    BID
    CISCO
    cisco -- meeting_serverA vulnerability in Cisco Meeting Server could allow an authenticated, remote attacker to cause a partial denial of service (DoS) to Cisco Meetings application users who are paired with a Session Initiation Protocol (SIP) endpoint. The vulnerability is due to improper validation of coSpaces configuration parameters. An attacker could exploit this vulnerability by inserting crafted strings in specific coSpace parameters. An exploit could allow the attacker to prevent clients from joining a conference call in the affected coSpace. Versions prior to 2.4.3 are affected.2019-02-074.0CVE-2019-1678
    BID
    CISCO
    cisco -- telepresence_management_suiteA vulnerability in the web-based management interface of Cisco TelePresence Management Suite (TMS) software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device. The vulnerability is due to insufficient validation of user-supplied input by the web-based management interface. An attacker could exploit this vulnerability by persuading a user of the interface to click a malicious link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the interface or allow the attacker to access sensitive browser-based information.2019-02-074.3CVE-2019-1661
    BID
    CISCO
    cisco -- unified_intelligence_centerA vulnerability in the web-based management interface of Cisco Unified Intelligence Center Software could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web interface of an affected system. The vulnerability is due to insufficient input validation of a user-supplied value. An attacker could exploit this vulnerability by convincing a user to click a specific link. A successful exploit could allow the attacker to submit arbitrary requests to the affected system via a web browser with the privileges of the user.2019-02-074.3CVE-2019-1670
    BID
    CISCO
    cszcms -- csz_cmsCSZ CMS 1.1.8 has CSRF via admin/users/new/add.2019-02-076.8CVE-2019-7566
    MISC
    dlink -- dir-823g_firmwareAn issue was discovered in /bin/goahead on D-Link DIR-823G devices with firmware 1.02B03. There is incorrect access control allowing remote attackers to get sensitive information (such as MAC address) about all clients in the WLAN via the GetClientInfo HNAP API. Consequently, an attacker can achieve information disclosure without authentication.2019-02-045.0CVE-2019-7388
    BID
    MISC
    express-cart_project -- express-cartA deficiency in the access control in module express-cart <=1.1.5 allows unprivileged users to add new users to the application as administrators.2019-02-016.5CVE-2018-16483
    MISC
    ffmpeg -- ffmpegFFMPEG version 4.1 contains a CWE-129: Improper Validation of Array Index vulnerability in libavcodec/cbs_av1.c that can result in Denial of service. This attack appears to be exploitable via specially crafted AV1 file has to be provided as input. This vulnerability appears to have been fixed in after commit b97a4b658814b2de8b9f2a3bce491c002d34de31.2019-02-044.3CVE-2019-1000016
    MISC
    fortiguard -- forticlientA null pointer dereference vulnerability in Fortinet FortiClientWindows 6.0.2 and earlier allows attacker to cause a denial of service via the NDIS miniport driver.2019-02-084.9CVE-2018-9190
    CONFIRM
    freedesktop -- popplerIn Poppler 0.73.0, a heap-based buffer over-read (due to an integer signedness error in the XRef::getEntry function in XRef.cc) allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted PDF document, as demonstrated by pdftocairo.2019-02-026.8CVE-2019-7310
    BID
    MISC
    MISC
    gpac_project -- gpacIn GPAC 0.7.2, gf_text_get_utf8_line in media_tools/text_import.c in libgpac_static.a allows an out-of-bounds write because a certain -1 return value is mishandled.2019-02-066.8CVE-2018-20760
    MISC
    MISC
    gpac_project -- gpacGPAC version 0.7.2 and earlier has a Buffer Overflow vulnerability in the gf_sm_load_init function in scene_manager.c in libgpac_static.a.2019-02-066.8CVE-2018-20761
    MISC
    MISC
    gpac_project -- gpacGPAC version 0.7.2 and earlier has a buffer overflow vulnerability in the cat_multiple_files function in applications/mp4box/fileimport.c when MP4Box is used for a local directory containing crafted filenames.2019-02-066.8CVE-2018-20762
    MISC
    MISC
    gpac_project -- gpacIn GPAC through 0.7.2, gf_text_get_utf8_line in media_tools/text_import.c in libgpac_static.a allows an out-of-bounds write because of missing szLineConv bounds checking.2019-02-066.8CVE-2018-20763
    MISC
    MISC
    grafana -- piechart-panelThe Pie Chart Panel plugin through 2019-01-02 for Grafana is vulnerable to XSS via legend data or tooltip data. When a chart is included in a Grafana dashboard, this vulnerability could allow an attacker to gain remote unauthenticated access to the dashboard.2019-02-064.3CVE-2015-9282
    MISC
    MISC
    MISC
    MISC
    gurock -- testrailindex.php in Gurock TestRail 5.3.0.3603 returns potentially sensitive information for an invalid request, as demonstrated by full path disclosure and the identification of PHP as the backend technology.2019-02-075.0CVE-2019-7535
    MISC
    html-pages_project -- html-pagesA XSS vulnerability was found in html-page <=2.1.1 that allows malicious Javascript code to be executed in the user's browser due to the absence of sanitization of the paths before rendering.2019-02-014.3CVE-2018-16481
    MISC
    http-live-simulator_project -- http-live-simulatorPath traversal vulnerability in http-live-simulator <1.0.7 causes unauthorized access to arbitrary files on disk by appending extra slashes after the URL.2019-02-015.0CVE-2018-16479
    MISC
    ibm -- api_connectAPI Connect V2018.1 through 2018.4.1.1 is impacted by access token leak. Authorization tokens in some URLs can result in the tokens being written to log files. IBM X-Force ID: 155626.2019-02-075.0CVE-2019-4008
    XF
    CONFIRM
    ibm -- integration_busIBM App Connect V11.0.0.0 through V11.0.0.1, IBM Integration Bus V10.0.0.0 through V10.0.0.13, IBM Integration Bus V9.0.0.0 through V9.0.0.10, and WebSphere Message Broker V8.0.0.0 through V8.0.0.9 is vulnerable to a XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to consume memory resources. IBM X-Force ID: 149639.2019-02-045.0CVE-2018-1801
    CONFIRM
    XF
    ibm -- security_identity_managerIBM Security Identity Manager 6.0 and 7.0 could allow an attacker to create unexpected control flow paths through the application, potentially bypassing security checks. Exploitation of this weakness can result in a limited form of code injection. IBM X-Force ID: 156162.2019-02-044.6CVE-2019-4038
    XF
    CONFIRM
    ibm -- tivoli_application_dependency_discovery_managerIBM Tivoli Application Dependency Discovery Manager 7.2.2 and 7.3 could expose password hashes in stored in system memory on target systems that are configured to use TADDM. IBM X-Force ID: 145110.2019-02-045.0CVE-2018-1675
    CONFIRM
    XF
    imagemagick -- imagemagickIn ImageMagick before 7.0.8-25, a memory leak exists in WritePSDChannel in coders/psd.c.2019-02-045.0CVE-2019-7395
    BID
    MISC
    MISC
    imagemagick -- imagemagickIn ImageMagick before 7.0.8-25, a memory leak exists in ReadSIXELImage in coders/sixel.c.2019-02-045.0CVE-2019-7396
    BID
    MISC
    MISC
    imagemagick -- imagemagickIn ImageMagick before 7.0.8-25, several memory leaks exist in WritePDFImage in coders/pdf.c.2019-02-045.0CVE-2019-7397
    BID
    MISC
    MISC
    imagemagick -- imagemagickIn ImageMagick before 7.0.8-25, a memory leak exists in WriteDIBImage in coders/dib.c.2019-02-045.0CVE-2019-7398
    BID
    MISC
    jenkins -- gitA cross-site request forgery vulnerability exists in Jenkins Git Plugin 3.9.1 and earlier in src/main/java/hudson/plugins/git/GitTagAction.java that allows attackers to create a Git tag in a workspace and attach corresponding metadata to a build record.2019-02-064.3CVE-2019-1003010
    CONFIRM
    jenkins -- github_oauthAn session fixation vulnerability exists in Jenkins GitHub Authentication Plugin 0.29 and earlier in GithubSecurityRealm.java that allows unauthorized attackers to impersonate another user if they can control the pre-authentication session.2019-02-064.3CVE-2019-1003019
    CONFIRM
    jenkins -- job_importAn XML external entity processing vulnerability exists in Jenkins Job Import Plugin 2.1 and earlier in src/main/java/org/jenkins/ci/plugins/jobimport/client/RestApiClient.java that allows attackers with the ability to control the HTTP server (Jenkins) queried in preparation of job import to read arbitrary files, perform a denial of service attack, etc.2019-02-066.4CVE-2019-1003015
    CONFIRM
    jenkins -- job_importAn exposure of sensitive information vulnerability exists in Jenkins Job Import Plugin 2.1 and earlier in src/main/java/org/jenkins/ci/plugins/jobimport/JobImportAction.java, src/main/java/org/jenkins/ci/plugins/jobimport/JobImportGlobalConfig.java, src/main/java/org/jenkins/ci/plugins/jobimport/model/JenkinsSite.java that allows attackers with Overall/Read permission to have Jenkins connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing credentials stored in Jenkins.2019-02-064.3CVE-2019-1003016
    CONFIRM
    jenkins -- monitoringA denial of service vulnerability exists in Jenkins Monitoring Plugin 1.74.0 and earlier in PluginImpl.java that allows attackers to kill threads running on the Jenkins master.2019-02-064.3CVE-2019-1003022
    CONFIRM
    jenkins -- script_securityA sandbox bypass vulnerability exists in Jenkins Script Security Plugin 1.50 and earlier in src/main/java/org/jenkinsci/plugins/scriptsecurity/sandbox/groovy/SecureGroovyScript.java that allows attackers with Overall/Read permission to provide a Groovy script to an HTTP endpoint that can result in arbitrary code execution on the Jenkins master JVM.2019-02-066.5CVE-2019-1003005
    CONFIRM
    jenkins -- token_macroAn information exposure and denial of service vulnerability exists in Jenkins Token Macro Plugin 2.5 and earlier in src/main/java/org/jenkinsci/plugins/tokenmacro/Parser.java, src/main/java/org/jenkinsci/plugins/tokenmacro/TokenMacro.java, src/main/java/org/jenkinsci/plugins/tokenmacro/impl/AbstractChangesSinceMacro.java, src/main/java/org/jenkinsci/plugins/tokenmacro/impl/ChangesSinceLastBuildMacro.java, src/main/java/org/jenkinsci/plugins/tokenmacro/impl/ProjectUrlMacro.java that allows attackers with the ability to control token macro input (such as SCM changelogs) to define recursive input that results in unexpected macro evaluation.2019-02-065.5CVE-2019-1003011
    CONFIRM
    jenkins -- warningsA cross-site request forgery vulnerability exists in Jenkins Warnings Plugin 5.0.0 and earlier in src/main/java/hudson/plugins/warnings/GroovyParser.java that allows attackers to execute arbitrary code via a form validation HTTP endpoint.2019-02-066.8CVE-2019-1003007
    CONFIRM
    jenkins -- warnings_next_generationA cross-site request forgery vulnerability exists in Jenkins Warnings Next Generation Plugin 2.1.1 and earlier in src/main/java/io/jenkins/plugins/analysis/warnings/groovy/GroovyParser.java that allows attackers to execute arbitrary code via a form validation HTTP endpoint.2019-02-066.8CVE-2019-1003008
    CONFIRM
    jspmyadmin -- jspmyadmin2yugandhargangu JspMyAdmin2 version 1.0.6 and earlier contains a Cross Site Scripting (XSS) vulnerability in sidebar and table data that can result in Database fields aren't properly sanitized and allow code injection (Cross-Site Scripting). This attack appears to be exploitable via the payload needs to be stored in the database and the victim must see the db value in question.2019-02-044.3CVE-2019-1000004
    MISC
    kanboard -- kanboardapp/Core/Paginator.php in Kanboard before 1.2.8 has XSS in pagination sorting.2019-02-044.3CVE-2019-7324
    MISC
    MISC
    kindsoft -- kindeditorIn KindEditor 4.1.11, the php/demo.php content1 parameter has a reflected Cross-site Scripting (XSS) vulnerability.2019-02-064.3CVE-2019-7543
    MISC
    libarchive -- libarchivelibarchive version commit bf9aec176c6748f0ee7a678c5f9f9555b9a757c1 onwards (release v3.0.2 onwards) contains a CWE-125: Out-of-bounds Read vulnerability in 7zip decompression, archive_read_support_format_7zip.c, header_bytes() that can result in a crash (denial of service). This attack appears to be exploitable via the victim opening a specially crafted 7zip file.2019-02-044.3CVE-2019-1000019
    MISC
    MISC
    MLIST
    UBUNTU
    libarchive -- libarchivelibarchive version commit 5a98dcf8a86364b3c2c469c85b93647dfb139961 onwards (version v2.8.0 onwards) contains a CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') vulnerability in ISO9660 parser, archive_read_support_format_iso9660.c, read_CE()/parse_rockridge() that can result in DoS by infinite loop. This attack appears to be exploitable via the victim opening a specially crafted ISO9660 file.2019-02-044.3CVE-2019-1000020
    MISC
    MISC
    MLIST
    UBUNTU
    libming -- libmingThe parseSWF_ACTIONRECORD function in util/parser.c in libming through 0.4.8 allows remote attackers to have unspecified impact via a crafted swf file that triggers a memory allocation failure, a different vulnerability than CVE-2018-7876.2019-02-076.8CVE-2019-7581
    MISC
    libming -- libmingThe readBytes function in util/read.c in libming through 0.4.8 allows remote attackers to have unspecified impact via a crafted swf file that triggers a memory allocation failure.2019-02-076.8CVE-2019-7582
    MISC
    libsdl -- simple_directmedia_layerSDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a buffer over-read in IMA_ADPCM_nibble in audio/SDL_wave.c.2019-02-076.8CVE-2019-7572
    MISC
    MISC
    libsdl -- simple_directmedia_layerSDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer over-read in InitMS_ADPCM in audio/SDL_wave.c (inside the wNumCoef loop).2019-02-076.8CVE-2019-7573
    MISC
    MISC
    libsdl -- simple_directmedia_layerSDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer over-read in IMA_ADPCM_decode in audio/SDL_wave.c.2019-02-076.8CVE-2019-7574
    MISC
    MISC
    libsdl -- simple_directmedia_layerSDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer overflow in MS_ADPCM_decode in audio/SDL_wave.c.2019-02-076.8CVE-2019-7575
    MISC
    MISC
    libsdl -- simple_directmedia_layerSDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer over-read in InitMS_ADPCM in audio/SDL_wave.c (outside the wNumCoef loop).2019-02-076.8CVE-2019-7576
    MISC
    MISC
    libsdl -- simple_directmedia_layerSDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a buffer over-read in SDL_LoadWAV_RW in audio/SDL_wave.c.2019-02-076.8CVE-2019-7577
    MISC
    MISC
    libsdl -- simple_directmedia_layerSDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer over-read in InitIMA_ADPCM in audio/SDL_wave.c.2019-02-076.8CVE-2019-7578
    MISC
    MISC
    libsdl -- simple_directmedia_layerSDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer over-read in Blit1to4 in video/SDL_blit_1.c.2019-02-086.8CVE-2019-7635
    MISC
    MISC
    libsdl -- simple_directmedia_layerSDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer over-read in SDL_GetRGB in video/SDL_pixels.c.2019-02-086.8CVE-2019-7636
    MISC
    MISC
    libsdl -- simple_directmedia_layerSDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer overflow in SDL_FillRect in video/SDL_surface.c.2019-02-086.8CVE-2019-7637
    MISC
    MISC
    libsdl -- simple_directmedia_layerSDL (Simple DirectMedia Layer) through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer over-read in Map1toN in video/SDL_pixels.c.2019-02-086.8CVE-2019-7638
    MISC
    MISC
    linux -- linux_kernelIn the Linux kernel before 4.9.3, fs/xfs/xfs_aops.c allows local users to cause a denial of service (system crash) because there is a race condition between direct and memory-mapped I/O (associated with a hole) that is handled with BUG_ON instead of an I/O failure.2019-02-014.7CVE-2016-10741
    MISC
    BID
    MISC
    MISC
    MISC
    mcafee -- epolicy_orchestratorCross-Site Request Forgery (CSRF) vulnerability in McAfee ePO (legacy) Cloud allows unauthenticated users to perform unintended ePO actions using an authenticated user's session via unspecified vectors.2019-02-016.8CVE-2019-3604
    BID
    CONFIRM
    mcstatic-project -- mcstaticA server directory traversal vulnerability was found on node module mcstatic <=0.0.20 that would allow an attack to access sensitive information in the file system by appending slashes in the URL path.2019-02-015.0CVE-2018-16482
    MISC
    modx -- modx_revolutionMODX Revolution through v2.7.0-pl allows XSS via the User Photo field.2019-02-064.3CVE-2018-20755
    MISC
    modx -- modx_revolutionMODX Revolution through v2.7.0-pl allows XSS via a document resource (such as pagetitle), which is mishandled during an Update action, a Quick Edit action, or the viewing of manager logs.2019-02-064.3CVE-2018-20756
    MISC
    modx -- modx_revolutionMODX Revolution through v2.7.0-pl allows XSS via an extended user field such as Container name or Attribute name.2019-02-064.3CVE-2018-20757
    MISC
    mozilla -- firefoxWhen JavaScript is used to create and manipulate an audio buffer, a potentially exploitable crash may occur because of a compartment mismatch in some situations. This vulnerability affects Firefox < 65.2019-02-056.8CVE-2018-18503
    BID
    UBUNTU
    CONFIRM
    mozilla -- firefoxWhen proxy auto-detection is enabled, if a web server serves a Proxy Auto-Configuration (PAC) file or if a PAC file is loaded locally, this PAC file can specify that requests to the localhost are to be sent through the proxy to another server. This behavior is disallowed by default when a proxy is manually configured, but when enabled could allow for attacks on services and tools that bind to the localhost for networked behavior if they are accessed through browsing. This vulnerability affects Firefox < 65.2019-02-054.3CVE-2018-18506
    BID
    UBUNTU
    CONFIRM
    opt-net -- ng-netmsOPT/NET BV NG-NetMS version v3.6-2 and earlier versions contains a Cross Site Scripting (XSS) vulnerability in /js/libs/jstree/demo/filebrowser/index.php page. The "id" and "operation" GET parameters can be used to inject arbitrary JavaScript which is returned in the page's response that can result in Cross-site scripting.This attack appear to be exploitable via network connectivity.2019-02-044.3CVE-2019-1000024
    MISC
    MISC
    MISC
    pbootcms -- pbootcmsA CSRF vulnerability was found in PbootCMS v1.3.6 that can delete users via an admin.php/User/del/ucode/ URI.2019-02-075.8CVE-2019-7570
    MISC
    phpipam -- phpipamphpIPAM version 1.3.2 and earlier contains a Cross Site Scripting (XSS) vulnerability in subnet-scan-telnet.php that can result in executing code in victims browser. This attack appears to be exploitable via victim visits link crafted by an attacker. This vulnerability appears to have been fixed in 1.4.2019-02-044.3CVE-2019-1000010
    MISC
    MISC
    phpmywind -- phpmywindAn issue was discovered in PHPMyWind 5.5. The GetQQ function in include/func.class.php allows XSS via the cfg&#95;qqcode parameter. This can be exploited via CSRF.2019-02-054.3CVE-2019-7402
    MISC
    phpmywind -- phpmywindAn issue was discovered in PHPMyWind 5.5. It allows remote attackers to delete arbitrary folders via an admin/database_backup.php?action=import&dopost=deldir&tbname=../ URI.2019-02-055.5CVE-2019-7403
    MISC
    podofo_project -- podofoAn issue was discovered in crop_page in PoDoFo 0.9.6. For a crafted PDF document, pPage->GetObject()->GetDictionary().AddKey(PdfName("MediaBox"),var) can be problematic due to the function GetObject() being called for the pPage NULL pointer object. The value of pPage at this point is 0x0, which causes a NULL pointer dereference.2019-02-046.8CVE-2018-20751
    MISC
    MISC
    rarlab -- winrarThere is an out-of-bounds writes vulnerability during parsing of crafted ACE and RAR archive formats. Successful exploitation could lead to arbitrary code execution in the context of the current user.2019-02-056.8CVE-2018-20252
    BID
    MISC
    rdesktop -- rdesktoprdesktop versions up to and including v1.8.3 contain an Out-Of-Bounds Read in function rdpdr_process() that results in an information leak.2019-02-055.0CVE-2018-8791
    BID
    MISC
    rdesktop -- rdesktoprdesktop versions up to and including v1.8.3 contain an Out-Of-Bounds Read in function cssp_read_tsrequest() that results in a Denial of Service (segfault).2019-02-055.0CVE-2018-8792
    BID
    MISC
    rdesktop -- rdesktoprdesktop versions up to and including v1.8.3 contain an Out-Of-Bounds Read in function process_bitmap_updates() that results in a Denial of Service (segfault).2019-02-055.0CVE-2018-8796
    BID
    MISC
    rdesktop -- rdesktoprdesktop versions up to and including v1.8.3 contain an Out-Of-Bounds Read in function rdpsnd_process_ping() that results in an information leak.2019-02-055.0CVE-2018-8798
    BID
    MISC
    rdesktop -- rdesktoprdesktop versions up to and including v1.8.3 contain an Out-Of-Bounds Read in function process_secondary_order() that results in a Denial of Service (segfault).2019-02-055.0CVE-2018-8799
    BID
    MISC
    schneider-electric -- guiconA Type Confusion (CWE-843) vulnerability exists in Eurotherm by Schneider Electric GUIcon V2.0 (Gold Build 683.0) on pcwin.dll which could cause remote code to be executed when parsing a GD1 file2019-02-066.8CVE-2018-7813
    BID
    CONFIRM
    schneider-electric -- guiconA Stack-based Buffer Overflow (CWE-121) vulnerability exists in Eurotherm by Schneider Electric GUIcon V2.0 (Gold Build 683.0) which could cause remote code to be executed when parsing a GD1 file2019-02-066.8CVE-2018-7814
    BID
    CONFIRM
    schneider-electric -- guiconA Type Confusion (CWE-843) vulnerability exists in Eurotherm by Schneider Electric GUIcon V2.0 (Gold Build 683.0) on c3core.dll which could cause remote code to be executed when parsing a GD1 file2019-02-066.8CVE-2018-7815
    BID
    CONFIRM
    schneider-electric -- zelio_soft_2A Use After Free (CWE-416) vulnerability exists in Zelio Soft 2 v5.1 and prior versions which could cause remote code execution when opening a specially crafted Zelio Soft project file.2019-02-064.4CVE-2018-7817
    BID
    CONFIRM
    spice_project -- spiceSpice, versions 0.5.2 through 0.14.1, are vulnerable to an out-of-bounds read due to an off-by-one error in memslot_get_virt. This may lead to a denial of service, or, in the worst case, code-execution by unauthenticated attackers.2019-02-045.4CVE-2019-3813
    BID
    REDHAT
    REDHAT
    CONFIRM
    MLIST
    UBUNTU
    DEBIAN
    sqlalchemy -- sqlalchemySQLAlchemy 1.2.17 has SQL Injection when the group_by parameter can be controlled.2019-02-066.8CVE-2019-7548
    MISC
    MISC
    thinkcmf -- thinkcmfThinkCMF 5.0.190111 allows remote attackers to execute arbitrary PHP code via the portal/admin_category/addpost.html alias parameter because the mishandling of a single quote character allows data/conf/route.php injection.2019-02-076.5CVE-2019-7580
    MISC
    MISC
    topnew -- siduAn issue was discovered in SIDU 6.0. The dbs parameter of the conn.php page has a reflected Cross-site Scripting (XSS) vulnerability.2019-02-064.3CVE-2019-7546
    MISC
    wdoyo -- doyoAn issue was discovered in DOYO (aka doyocms) 2.3(20140425 update). There is a CSRF vulnerability that can add a super administrator account via admin.php?c=a_adminuser&a=add&run=1.2019-02-076.8CVE-2019-7569
    MISC
    zoneminder -- zoneminderReflected Cross Site Scripting (XSS) exists in ZoneMinder through 1.32.3, as multiple views under web/skins/classic/views insecurely utilize $_REQUEST['PHP_SELF'], without applying any proper filtration.2019-02-044.3CVE-2019-7325
    MISC
    zoneminder -- zoneminderSelf - Stored Cross Site Scripting (XSS) exists in ZoneMinder through 1.32.3, allowing an attacker to execute HTML or JavaScript code via a vulnerable 'Host' parameter value in the view console (console.php) because proper filtration is omitted. This relates to the index.php?view=monitor Host Name field.2019-02-044.3CVE-2019-7326
    MISC
    zoneminder -- zoneminderReflected Cross Site Scripting (XSS) exists in ZoneMinder through 1.32.3, allowing an attacker to execute HTML or JavaScript code via a vulnerable 'scale' parameter value in the view frame (frame.php) because proper filtration is omitted.2019-02-044.3CVE-2019-7327
    MISC
    zoneminder -- zoneminderReflected Cross Site Scripting (XSS) exists in ZoneMinder through 1.32.3, allowing an attacker to execute HTML or JavaScript code via a vulnerable 'scale' parameter value in the view frame (frame.php) via /js/frame.js.php because proper filtration is omitted.2019-02-044.3CVE-2019-7328
    MISC
    zoneminder -- zoneminderReflected Cross Site Scripting (XSS) exists in ZoneMinder through 1.32.3, as the form action on multiple views utilizes $_SERVER['PHP_SELF'] insecurely, mishandling any arbitrary input appended to the webroot URL, without any proper filtration, leading to XSS.2019-02-044.3CVE-2019-7329
    MISC
    zoneminder -- zoneminderReflected Cross Site Scripting (XSS) exists in ZoneMinder through 1.32.3, allowing an attacker to execute HTML or JavaScript code via a vulnerable 'show' parameter value in the view frame (frame.php) because proper filtration is omitted.2019-02-044.3CVE-2019-7330
    MISC
    zoneminder -- zoneminderSelf - Stored Cross Site Scripting (XSS) exists in ZoneMinder through 1.32.3 while editing an existing monitor field named "signal check color" (monitor.php). There exists no input validation or output filtration, leaving it vulnerable to HTML Injection and an XSS attack.2019-02-044.3CVE-2019-7331
    MISC
    zoneminder -- zoneminderReflected Cross Site Scripting (XSS) exists in ZoneMinder through 1.32.3, allowing an attacker to execute HTML or JavaScript code via a vulnerable 'eid' (aka Event ID) parameter value in the view download (download.php) because proper filtration is omitted.2019-02-044.3CVE-2019-7332
    MISC
    zoneminder -- zoneminderReflected Cross Site Scripting (XSS) exists in ZoneMinder through 1.32.3, allowing an attacker to execute HTML or JavaScript code via a vulnerable 'Exportfile' parameter value in the view download (download.php) because proper filtration is omitted.2019-02-044.3CVE-2019-7333
    MISC
    zoneminder -- zoneminderReflected Cross Site Scripting (XSS) exists in ZoneMinder through 1.32.3, allowing an attacker to execute HTML or JavaScript code via a vulnerable 'Exportfile' parameter value in the view export (export.php) because proper filtration is omitted.2019-02-044.3CVE-2019-7334
    MISC
    zoneminder -- zoneminderSelf - Stored XSS exists in ZoneMinder through 1.32.3, allowing an attacker to execute HTML or JavaScript code in the view 'log' as it insecurely prints the 'Log Message' value on the web page without applying any proper filtration. This relates to the view=logs value.2019-02-044.3CVE-2019-7335
    MISC
    zoneminder -- zoneminderSelf - Stored Cross Site Scripting (XSS) exists in ZoneMinder through 1.32.3, as the view _monitor_filters.php contains takes in input from the user and saves it into the session, and retrieves it later (insecurely). The values of the MonitorName and Source parameters are being displayed without any output filtration being applied. This relates to the view=cycle value.2019-02-044.3CVE-2019-7336
    MISC
    zoneminder -- zoneminderSelf - Stored XSS exists in ZoneMinder through 1.32.3, allowing an attacker to execute HTML or JavaScript code in the view 'group' as it insecurely prints the 'Group Name' value on the web page without applying any proper filtration.2019-02-044.3CVE-2019-7338
    MISC
    zoneminder -- zoneminderPOST - Cross Site Scripting (XSS) exists in ZoneMinder through 1.32.3, allowing an attacker to execute HTML or JavaScript code via a vulnerable 'level' parameter value in the view log (log.php) because proper filtration is omitted.2019-02-044.3CVE-2019-7339
    MISC
    zoneminder -- zoneminderPOST - Cross Site Scripting (XSS) exists in ZoneMinder through 1.32.3, allowing an attacker to execute HTML or JavaScript code via a vulnerable 'filter[Query][terms][0][val]' parameter value in the view filter (filter.php) because proper filtration is omitted.2019-02-044.3CVE-2019-7340
    MISC
    zoneminder -- zoneminderReflected - Cross Site Scripting (XSS) exists in ZoneMinder through 1.32.3, allowing an attacker to execute HTML or JavaScript code via a vulnerable 'newMonitor[LinkedMonitors]' parameter value in the view monitor (monitor.php) because proper filtration is omitted.2019-02-044.3CVE-2019-7341
    MISC
    zoneminder -- zoneminderPOST - Cross Site Scripting (XSS) exists in ZoneMinder through 1.32.3, allowing an attacker to execute HTML or JavaScript code via a vulnerable 'filter[AutoExecuteCmd]' parameter value in the view filter (filter.php) because proper filtration is omitted.2019-02-044.3CVE-2019-7342
    MISC
    zoneminder -- zoneminderReflected - Cross Site Scripting (XSS) exists in ZoneMinder through 1.32.3, allowing an attacker to execute HTML or JavaScript code via a vulnerable 'newMonitor[Method]' parameter value in the view monitor (monitor.php) because proper filtration is omitted.2019-02-044.3CVE-2019-7343
    MISC
    zoneminder -- zoneminderReflected XSS exists in ZoneMinder through 1.32.3, allowing an attacker to execute HTML or JavaScript code in the view 'filter' as it insecurely prints the 'filter[Name]' (aka Filter name) value on the web page without applying any proper filtration.2019-02-044.3CVE-2019-7344
    MISC
    zoneminder -- zoneminderA CSRF check issue exists in ZoneMinder through 1.32.3 as whenever a CSRF check fails, a callback function is called displaying a "Try again" button, which allows resending the failed request, making the CSRF attack successful.2019-02-046.8CVE-2019-7346
    MISC
    zoneminder -- zoneminderA Time-of-check Time-of-use (TOCTOU) Race Condition exists in ZoneMinder through 1.32.3 as a session remains active for an authenticated user even after deletion from the users table. This allows a nonexistent user to access and modify records (add/delete Monitors, Users, etc.).2019-02-046.0CVE-2019-7347
    MISC
    zoneminder -- zoneminderSelf - Stored Cross Site Scripting (XSS) exists in ZoneMinder through 1.32.3, allowing an attacker to execute HTML or JavaScript code via a vulnerable 'username' parameter value in the view user (user.php) because proper filtration is omitted.2019-02-044.3CVE-2019-7348
    MISC
    zoneminder -- zoneminderReflected Cross Site Scripting (XSS) exists in ZoneMinder through 1.32.3, allowing an attacker to execute HTML or JavaScript code via a vulnerable 'newMonitor[V4LCapturesPerFrame]' parameter value in the view monitor (monitor.php) because proper filtration is omitted.2019-02-044.3CVE-2019-7349
    MISC
    zoneminder -- zoneminderSession fixation exists in ZoneMinder through 1.32.3, as an attacker can fixate his own session cookies to the next logged-in user, thereby hijacking the victim's account. This occurs because a set of multiple cookies (between 3 and 5) is being generated when a user successfully logs in, and these sets overlap for successive logins.2019-02-044.9CVE-2019-7350
    MISC
    zoneminder -- zoneminderLog Injection exists in ZoneMinder through 1.32.3, as an attacker can entice the victim to visit a specially crafted link, which in turn will inject a custom Log message provided by the attacker in the 'log' view page, as demonstrated by the message=User%20'admin'%20Logged%20in value.2019-02-044.3CVE-2019-7351
    MISC
    zoneminder -- zoneminderSelf - Stored Cross Site Scripting (XSS) exists in ZoneMinder through 1.32.3, as the view 'state' (aka Run State) (state.php) does no input validation to the value supplied to the 'New State' (aka newState) field, allowing an attacker to execute HTML or JavaScript code.2019-02-044.3CVE-2019-7352
    MISC
    Back to top

     

    Low Vulnerabilities

    Primary
    Vendor -- Product
    DescriptionPublishedCVSS ScoreSource & Patch Info
    apache -- sparkWhen using PySpark , it's possible for a different local user to connect to the Spark application and impersonate the user running the Spark application. This affects versions 1.x, 2.0.x, 2.1.x, 2.2.0 to 2.2.2, and 2.3.0 to 2.3.1.2019-02-042.1CVE-2018-11760
    BID
    MLIST
    cisco -- webex_meetingsA vulnerability in Cisco Webex Meetings for Android could allow an unauthenticated, local attacker to perform a cross-site scripting attack against the application. The vulnerability is due to insufficient validation of the application input parameters. An attacker could exploit this vulnerability by sending a malicious request to the Webex Meetings application through an intent. A successful exploit could allow the attacker to execute script code in the context of the Webex Meetings application. Versions prior to 11.7.0.236 are affected.2019-02-071.9CVE-2019-1677
    BID
    CISCO
    dbninja -- dbninjaIn DbNinja 3.2.7, the Add Host function of the Manage Hosts pages has a Stored Cross-site Scripting (XSS) vulnerability in the User Name field.2019-02-063.5CVE-2019-7545
    MISC
    f5 -- big-ip_access_policy_managerOn BIG-IP APM 14.0.0 to 14.0.0.4, 13.0.0 to 13.1.1.3 and 12.1.0 to 12.1.3.7, a reflected cross-site scripting (XSS) vulnerability exists in the resource information page for authenticated users when a full webtop is configured on the BIG-IP APM system.2019-02-053.5CVE-2019-6591
    CONFIRM
    gnu -- glibcIn the GNU C Library (aka glibc or libc6) through 2.29, the memcmp function for the x32 architecture can incorrectly return zero (indicating that the inputs are equal) because the RDX most significant bit is mishandled.2019-02-022.1CVE-2019-7309
    BID
    MISC
    MISC
    jenkins -- config_file_providerAn cross-site scripting vulnerability exists in Jenkins Config File Provider Plugin 3.4.1 and earlier in src/main/resources/lib/configfiles/configfiles.jelly that allows attackers with permission to define shared configuration files to execute arbitrary JavaScript when a user attempts to delete the shared configuration file.2019-02-063.5CVE-2019-1003014
    CONFIRM
    libpng -- libpngpng_image_free in png.c in libpng 1.6.36 has a use-after-free because png_image_free_function is called under png_safe_execute.2019-02-042.6CVE-2019-7317
    MISC
    MISC
    modx -- modx_revolutionMODX Revolution through v2.7.0-pl allows XSS via User Settings such as Description.2019-02-063.5CVE-2018-20758
    MISC
    mywebsql -- mywebsqlAn issue was discovered in MyWebSQL 3.7. The Add User function of the User Manager pages has a Stored Cross-site Scripting (XSS) vulnerability in the User Name Field.2019-02-063.5CVE-2019-7544
    MISC
    schneider-electric -- iiot_monitorA Cryptographic Issue (CWE-310) vulnerability exists in IIoT Monitor 3.1.38 which could allow information disclosure.2019-02-062.1CVE-2018-7839
    CONFIRM
    topnew -- siduAn issue was discovered in SIDU 6.0. Because the database name is not strictly filtered, the attacker can insert a name containing an XSS Payload, leading to stored XSS.2019-02-063.5CVE-2019-7547
    MISC
    zoneminder -- zoneminderReflected Cross Site Scripting (XSS) exists in ZoneMinder through 1.32.3 as the view 'events' (events.php) insecurely displays the limit parameter value, without applying any proper output filtration. This issue exists because of the function sortHeader() in functions.php, which insecurely returns the value of the limit query string parameter without applying any filtration.2019-02-043.5CVE-2019-7337
    MISC
    zoneminder -- zoneminderSelf - Stored Cross Site Scripting (XSS) exists in ZoneMinder through 1.32.3, as the view 'options' (options.php) does no input validation for the WEB_TITLE, HOME_URL, HOME_CONTENT, or WEB_CONSOLE_BANNER value, allowing an attacker to execute HTML or JavaScript code. This relates to functions.php.2019-02-043.5CVE-2019-7345
    MISC
    Back to top

     

    Severity Not Yet Assigned

    Primary
    Vendor -- Product
    DescriptionPublishedCVSS ScoreSource & Patch Info
    42gears -- suremdmAn SSRF issue was discovered in 42Gears SureMDM before 2018-11-27 via the /api/DownloadUrlResponse.ashx "url" parameter.2019-02-04not yet calculatedCVE-2018-15657
    MISC
    EXPLOIT-DB
    42gears -- suremdmAn issue was discovered in 42Gears SureMDM before 2018-11-27, related to CORS settings. Cross-origin access is possible.2019-02-04not yet calculatedCVE-2018-15655
    MISC
    42gears -- suremdmAn issue was discovered in 42Gears SureMDM before 2018-11-27, related to the access policy for Silverlight applications. Cross-origin access is possible.2019-02-04not yet calculatedCVE-2018-15659
    MISC
    42gears -- suremdmAn issue was discovered in the registration API endpoint in 42Gears SureMDM before 2018-11-27. An attacker can submit a GET request to /api/register/:email, where :email is a base64 encoded e-mail address, to receive confirmation as to whether a user account exists in the system with the specified e-mail address. The request must be made with an "apiKey" value in the "ApiKey" header.2019-02-04not yet calculatedCVE-2018-15656
    MISC
    42gears -- suremdmAn issue was discovered in 42Gears SureMDM before 2018-11-27. By visiting the page found at /console/ConsolePage/Master.html, an attacker is able to see the markup that would be presented to an authenticated user. This is caused by the session validation occurring after the initial markup is loaded. This results in a list of unprotected API endpoints that disclose call logs, SMS logs, and user-account data.2019-02-04not yet calculatedCVE-2018-15658
    MISC
    abbyy -- flexicaptureMultiple SQL injection vulnerabilities in the monitoring feature in the HTTP API in ABBYY FlexiCapture before 12 Release 2 allow an attacker to execute arbitrary SQL commands via the mask, sortOrder, filter, or Order parameter.2019-02-09not yet calculatedCVE-2018-13792
    CONFIRM
    aioxmpp -- aioxmppaioxmpp version 0.10.2 and earlier contains a Improper Handling of Structural Elements vulnerability in Stanza Parser, rollback during error processing, aioxmpp.xso.model.guard function that can result in Denial of Service, Other. This attack appears to be exploitable via Remote. A crafted stanza can be sent to an application which uses the vulnerable components to either inject data in a different context or cause the application to reconnect (potentially losing data). This vulnerability appears to have been fixed in 0.10.3.2019-02-04not yet calculatedCVE-2019-1000007
    MISC
    apache -- gauacamolePrior to 1.0.0, Apache Guacamole used a cookie for client-side storage of the user's session token. This cookie lacked the "secure" flag, which could allow an attacker eavesdropping on the network to intercept the user's session token if unencrypted HTTP requests are made to the same domain.2019-02-07not yet calculatedCVE-2018-1340
    BID
    MISC
    apache -- hadoopIn Apache Hadoop 3.0.0-alpha1 to 3.0.0, 2.9.0, 2.8.0 to 2.8.3, and 2.5.0 to 2.7.5, HDFS exposes extended attribute key/value pairs during listXAttrs, verifying only path-level search access to the directory rather than path-level read permission to the referent.2019-02-07not yet calculatedCVE-2018-1296
    BID
    MISC
    api_platform -- api_platformAPI Platform version from 2.2.0 to 2.3.5 contains an Incorrect Access Control vulnerability in GraphQL delete mutations that can result in a user authorized to delete a resource can delete any resource. This attack appears to be exploitable via the user must be authorized. This vulnerability appears to have been fixed in 2.3.6.2019-02-04not yet calculatedCVE-2019-1000011
    MISC
    MISC
    avaya -- aura_communication_managerA vulnerability in the "capro" (Call Processor) process component of Avaya Aura Communication Manager could allow a remote, unauthenticated user to cause denial of service. Affected versions include 6.3.x, all 7.x versions prior to 7.1.3.2, and all 8.x versions prior to 8.0.1.2019-02-01not yet calculatedCVE-2018-15617
    BID
    CONFIRM
    becton,_dickinson_and_company -- facslyricBD FACSLyric Research Use Only, Windows 10 Professional Operating System, U.S. and Malaysian Releases, between November 2017 and November 2018 and BD FACSLyric IVD Windows 10 Professional Operating System US release does not properly enforce user access control to privileged accounts, which may allow for unauthorized access to administrative level functions.2019-02-06not yet calculatedCVE-2019-6517
    BID
    MISC
    brancz -- kube-rbac-proxyThe kube-rbac-proxy container before version 0.4.1 as used in Red Hat OpenShift Container Platform does not honor TLS configurations, allowing for use of insecure ciphers and TLS 1.0. An attacker could target traffic sent over a TLS connection with a weak configuration and potentially break the encryption.2019-02-05not yet calculatedCVE-2019-3818
    BID
    CONFIRM
    CONFIRM
    buildbot -- buildbotwww/resource.py in Buildbot before 1.8.1 allows CRLF injection in the Location header of /auth/login and /auth/logout via the redirect parameter. This affects other web sites in the same domain.2019-02-03not yet calculatedCVE-2019-7313
    MISC
    ca_technologies -- automic_workload_automationInsufficient output sanitization in the Automic Web Interface (AWI), in CA Automic Workload Automation 12.0 to 12.2, allow attackers to potentially conduct persistent cross site scripting (XSS) attacks via a crafted object.2019-02-05not yet calculatedCVE-2019-6504
    BID
    MISC
    BUGTRAQ
    MISC
    MISC
    FULLDISC
    MISC
    canvas -- drawAn exploitable out-of-bounds write exists in the TIFF-parsing functionality of Canvas Draw version 5.0.0. A specially crafted TIFF image processed via the application can lead to an out-of-bounds write, overwriting arbitrary data. An attacker can deliver a TIFF image to trigger this vulnerability and gain code execution.2019-02-06not yet calculatedCVE-2018-3980
    MISC
    chamilo -- chamilo-lmsChamilo Chamilo-lms version 1.11.8 and earlier contains a Cross Site Scripting (XSS) vulnerability in main/messages/new_message.php, main/social/personal_data.php, main/inc/lib/TicketManager.php, main/ticket/ticket_details.php that can result in a message being sent to the Administrator with the XSS to steal cookies. A ticket can be created with a XSS payload in the subject field. This attack appears to be exploitable via <svg/onload=alert(1)> as the payload user on the Subject field. This makes it possible to obtain the cookies of all users that have permission to view the tickets. This vulnerability appears to have been fixed in 1.11.x after commit 33e2692a37b5b6340cf5bec1a84e541460983c03.2019-02-04not yet calculatedCVE-2019-1000015
    MISC
    cisco -- identity_services_engineA vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based interface. The vulnerability is due to insufficient input validation of some parameters passed to the web-based management interface. An attacker could exploit this vulnerability by convincing a user of the interface to click a specific link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the interface or allow the attacker to access sensitive browser-based information. For information about fixed software releases, consult the Cisco bug ID at https://quickview.cloudapps.cisco.com/quickview/bug/CSCvn64652. When considering software upgrades, customers are advised to regularly consult the advisories for Cisco products, which are available from the Cisco Security Advisories and Alerts page, to determine exposure and a complete upgrade solution.2019-02-08not yet calculatedCVE-2019-1673
    BID
    CISCO
    cisco -- meeting_serverA vulnerability in the Session Initiation Protocol (SIP) call processing of Cisco Meeting Server (CMS) software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition of the Cisco Meeting Server. The vulnerability is due to insufficient validation of Session Description Protocol (SDP) messages. An attacker could exploit this vulnerability by sending a crafted SDP message to the CMS call bridge. An exploit could allow the attacker to cause the CMS to reload, causing a DoS condition for all connected clients. Versions prior to 2.3.9 are affected.2019-02-08not yet calculatedCVE-2019-1676
    BID
    CISCO
    cisco -- telepresence_conductor_and_expressway_series_and_telepresence_video_communication_server_softwareA vulnerability in the web interface of Cisco TelePresence Conductor, Cisco Expressway Series, and Cisco TelePresence Video Communication Server (VCS) Software could allow an authenticated, remote attacker to trigger an HTTP request from an affected server to an arbitrary host. This type of attack is commonly referred to as server-side request forgery (SSRF). The vulnerability is due to insufficient access controls for the REST API of Cisco Expressway Series and Cisco TelePresence VCS. An attacker could exploit this vulnerability by submitting a crafted HTTP request to the affected server. Versions prior to XC4.3.4 are affected.2019-02-07not yet calculatedCVE-2019-1679
    BID
    CISCO
    cisco -- telepresence_management_suiteA vulnerability in the Simple Object Access Protocol (SOAP) of Cisco TelePresence Management Suite (TMS) software could allow an unauthenticated, remote attacker to gain unauthorized access to an affected device. The vulnerability is due to a lack of proper access and authentication controls on the affected TMS software. An attacker could exploit this vulnerability by gaining access to internal, trusted networks to send crafted SOAP calls to the affected device. If successful, an exploit could allow the attacker to access system management tools. Under normal circumstances, this access should be prohibited.2019-02-07not yet calculatedCVE-2019-1660
    BID
    CISCO
    cisco -- web_security_applianceA vulnerability in the Decryption Policy Default Action functionality of the Cisco Web Security Appliance (WSA) could allow an unauthenticated, remote attacker to bypass a configured drop policy and allow traffic onto the network that should have been denied. The vulnerability is due to the incorrect handling of SSL-encrypted traffic when Decrypt for End-User Notification is disabled in the configuration. An attacker could exploit this vulnerability by sending a SSL connection through the affected device. A successful exploit could allow the attacker to bypass a configured drop policy to block specific SSL connections. Releases 10.1.x and 10.5.x are affected.2019-02-08not yet calculatedCVE-2019-1672
    BID
    CISCO
    cisco -- webex_business_suiteA vulnerability in Cisco Webex Business Suite could allow an unauthenticated, remote attacker to inject arbitrary text into a user's browser. The vulnerability is due to improper validation of input. An attacker could exploit this vulnerability by convincing a targeted user to view a malicious URL. A successful exploit could allow the attacker to inject arbitrary text into the user's browser. The attacker could use the content injection to conduct spoofing attacks. Versions prior than 3.0.9 are affected.2019-02-07not yet calculatedCVE-2019-1680
    BID
    CISCO
    connectwise -- manageditsyncConnectWise ManagedITSync integration through 2017 for Kaseya VSA is vulnerable to unauthenticated remote commands that allow full direct access to the Kaseya VSA database. In February 2019, attackers have actively exploited this in the wild to download and execute ransomware payloads on all endpoints managed by the VSA server. If the ManagedIT.asmx page is available via the Kaseya VSA web interface, anyone with access to the page is able to run arbitrary SQL queries, both read and write, without authentication.2019-02-05not yet calculatedCVE-2017-18362
    MISC
    MISC
    MISC
    coturn -- coturnAn exploitable SQL injection vulnerability exists in the administrator web portal function of coTURN prior to version 4.5.0.9. A login message with a specially crafted username can cause an SQL injection, resulting in authentication bypass, which could give access to the TURN server administrator web portal. An attacker can log in via the external interface of the TURN server to trigger this vulnerability.2019-02-05not yet calculatedCVE-2018-4056
    MISC
    DEBIAN
    cvsweb -- cvswebFreeBSD CVSweb version 2.x contains a Cross Site Scripting (XSS) vulnerability in all pages that can result in limited impact--CVSweb is anonymous & read-only. It might impact other sites on same domain. This attack appears to be exploitable via victim must load specially crafted url. This vulnerability appears to have been fixed in 3.x.2019-02-04not yet calculatedCVE-2018-1000998
    MISC
    d-link -- dir-823g_devicesAn issue was discovered in /bin/goahead on D-Link DIR-823G devices with firmware 1.02B03. There is incorrect access control allowing remote attackers to hijack the DNS service configuration of all clients in the WLAN, without authentication, via the SetWanSettings HNAP API.2019-02-04not yet calculatedCVE-2019-7390
    BID
    MISC
    debain -- tmpreaperDebian tmpreaper version 1.6.13+nmu1 has a race condition when doing a (bind) mount via rename() which could result in local privilege escalation. Mounting via rename() could potentially lead to a file being placed elsewhereon the filesystem hierarchy (e.g. /etc/cron.d/) if the directory being cleaned up was on the same physical filesystem. Fixed versions include 1.6.13+nmu1+deb9u1 and 1.6.14.2019-02-04not yet calculatedCVE-2019-3461
    MISC
    MLIST
    DEBIAN
    dell_emc -- dell_os10Dell OS10 versions prior to 10.4.2.1 contain a vulnerability caused by lack of proper input validation on the command-line interface (CLI).2019-02-04not yet calculatedCVE-2018-15778
    MISC
    dell_emc -- vnx2_operating_environmentVNX Control Station in Dell EMC VNX2 OE for File versions prior to 8.1.9.236 contains OS command injection vulnerability. Due to inadequate restriction configured in sudores, a local authenticated malicious user could potentially execute arbitrary OS commands as root by exploiting this vulnerability.2019-02-07not yet calculatedCVE-2019-3704
    BID
    FULLDISC
    elfutils -- elfutilsIn elfutils 0.175, a heap-based buffer over-read was discovered in the function elf32_xlatetom in elf32_xlatetom.c in libelf. A crafted ELF input can cause a segmentation fault leading to denial of service (program crash) because ebl_core_note does not reject malformed core file notes.2019-02-09not yet calculatedCVE-2019-7665
    MISC
    MISC
    elfutils -- elfutilsIn elfutils 0.175, a negative-sized memcpy is attempted in elf_cvt_note in libelf/note_xlate.h because of an incorrect overflow check. Crafted elf input causes a segmentation fault, leading to denial of service (program crash).2019-02-09not yet calculatedCVE-2019-7664
    MISC
    emsisoft -- emsisoft_anti-malwareEPP.sys in Emsisoft Anti-Malware 2018.8.1.8923 allows an attacker to bypass ACLs because Interpreted Device Characteristics lacks FILE_DEVICE_SECURE_OPEN and therefore files and directories "inside" the \\.\EPP device are not properly protected, leading to unintended impersonation or object creation.2019-02-08not yet calculatedCVE-2019-7651
    MISC
    MISC
    MISC
    enphase_energy -- envoyA weak password vulnerability was discovered in Enphase Envoy R3.*.*. One can login via TCP port 8888 with the admin password for the admin account.2019-02-09not yet calculatedCVE-2019-7676
    MISC
    MISC
    MISC
    enphase_energy -- envoyA directory traversal vulnerability was discovered in Enphase Envoy R3.*.* via images/, include/, include/js, or include/css on TCP port 8888.2019-02-09not yet calculatedCVE-2019-7678
    MISC
    MISC
    enphase_energy -- envoyXSS exists in Enphase Envoy R3.*.* via the profileName parameter to the /home URI on TCP port 8888.2019-02-09not yet calculatedCVE-2019-7677
    MISC
    MISC
    extend -- extendA prototype pollution vulnerability was found in module extend <2.0.2, ~<3.0.2 that allows an attacker to inject arbitrary properties onto Object.prototype.2019-02-01not yet calculatedCVE-2018-16492
    MISC
    forcepoint -- forcepoint_user_idForcepoint User ID (FUID) server versions up to 1.2 have a remote arbitrary file upload vulnerability on TCP port 5001. Successful exploitation of this vulnerability may lead to remote code execution. To fix this vulnerability, upgrade to FUID version 1.3 or higher. To prevent the vulnerability on FUID versions 1.2 and below, apply local firewall rules on the FUID server to disable all external access to port TCP/5001. FUID requires this port only for local connections through the loopback interface.2019-02-07not yet calculatedCVE-2019-6139
    MISC
    genivia -- gsoapGenivia gSOAP 2.7.x and 2.8.x before 2.8.75 allows attackers to cause a denial of service (application abort) or possibly have unspecified other impact if a server application is built with the -DWITH_COOKIES flag. This affects the C/C++ libgsoapck/libgsoapck++ and libgsoapssl/libgsoapssl++ libraries, as these are built with that flag.2019-02-09not yet calculatedCVE-2019-7659
    CONFIRM
    gitea -- giteaGitea version 1.6.2 and earlier contains a Incorrect Access Control vulnerability in Delete/Edit file functionallity that can result in the attacker deleting files outside the repository he/she has access to. This attack appears to be exploitable via the attacker must get write access to "any" repository including self-created ones.. This vulnerability appears to have been fixed in 1.6.3, 1.7.0-rc2.2019-02-04not yet calculatedCVE-2019-1000002
    MISC
    gnome -- gdmA vulnerability was discovered in gdm before 3.31.4. When timed login is enabled in configuration, an attacker could bypass the lock screen by selecting the timed login user and waiting for the timer to expire, at which time they would gain access to the logged-in user's session.2019-02-06not yet calculatedCVE-2019-3825
    CONFIRM
    gnome -- gnome-shellIt was discovered that the gnome-shell lock screen since version 3.15.91 did not properly restrict all contextual actions. An attacker with physical access to a locked workstation could invoke certain keyboard shortcuts, and potentially other actions.2019-02-06not yet calculatedCVE-2019-3820
    CONFIRM
    MISC
    gsi-openssh-server -- gsi_openssh_serverAn issue was discovered in gsi-openssh-server 7.9p1 on Fedora 29. If PermitPAMUserChange is set to yes in the /etc/gsissh/sshd_config file, logins succeed with a valid username and an incorrect password, even though a failure entry is recorded in the /var/log/messages file.2019-02-08not yet calculatedCVE-2019-7639
    MISC
    helm -- chartmuseumHelm ChartMuseum version >=0.1.0 and < 0.8.1 contains a CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in HTTP API to save charts that can result in a specially crafted chart could be uploaded and saved outside the intended location. This attack appears to be exploitable via A POST request to the HTTP API can save a chart archive outside of the intended directory. If authentication is, optionally, enabled this requires an authorized user to do so. This vulnerability appears to have been fixed in 0.8.1.2019-02-04not yet calculatedCVE-2019-1000009
    MISC
    helm -- helmAll versions of Helm between Helm >=2.0.0 and < 2.12.2 contains a CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in The commands `helm fetch --untar` and `helm lint some.tgz` that can result when chart archive files are unpacked a file may be unpacked outside of the target directory. This attack appears to be exploitable via a victim must run a helm command on a specially crafted chart archive. This vulnerability appears to have been fixed in 2.12.2.2019-02-04not yet calculatedCVE-2019-1000008
    MISC
    hex -- hex_coreHex package manager hex_core version 0.3.0 and earlier contains a Signing oracle vulnerability in Package registry verification that can result in Package modifications not detected, allowing code execution. This attack appears to be exploitable via victim fetches packages from malicious/compromised mirror. This vulnerability appears to have been fixed in 0.4.0.2019-02-04not yet calculatedCVE-2019-1000013
    MISC
    MISC
    hex -- hex_coreHex package manager version 0.14.0 through 0.18.2 contains a Signing oracle vulnerability in Package registry verification that can result in Package modifications not detected, allowing code execution. This attack appears to be exploitable via victim fetches packages from malicious/compromised mirror. This vulnerability appears to have been fixed in 0.19.2019-02-04not yet calculatedCVE-2019-1000012
    MISC
    MISC
    hotels_server_project -- hotels_servercontroller/fetchpwd.php and controller/doAction.php in Hotels_Server through 2018-11-05 rely on base64 in an attempt to protect password storage.2019-02-08not yet calculatedCVE-2019-7648
    MISC
    ibm -- bigfix_complianceIBM BigFix Compliance 1.7 through 1.9.91 discloses sensitive information to unauthorized users. The information can be used to mount further attacks on the system. IBM X-Force ID: 123429.2019-02-05not yet calculatedCVE-2017-1177
    XF
    CONFIRM
    ibm -- bigfix_complianceIBM BigFix Compliance 1.7 through 1.9.91 (TEMA SUAv1 SCA SCM) stores sensitive information in URL parameters. This may lead to information disclosure if unauthorized parties have access to the URLs via server logs, referrer header or browser history. IBM X-Force ID: 123673.2019-02-05not yet calculatedCVE-2017-1198
    XF
    CONFIRM
    ibm -- bigfix_complianceIBM BigFix Compliance 1.7 through 1.9.91 (TEMA SUAv1 SCA SCM) does not validate, or incorrectly validates, a certificate.This weakness might allow an attacker to spoof a trusted entity by using a man-in-the-middle (MITM) attack. The software might connect to a malicious host while believing it is a trusted host, or the software might be deceived into accepting spoofed data that appears to originate from a trusted host. IBM X-Force ID: 123675.2019-02-05not yet calculatedCVE-2017-1200
    XF
    CONFIRM
    ibm -- bigfix_complianceIBM BigFix Compliance 1.7 through 1.9.91 (TEMA SUAv1 SCA SCM) is vulnerable to HTML injection. A remote attacker could inject malicious HTML code, which when viewed, would be executed in the victim's Web browser within the security context of the hosting site. IBM X-Force ID: 123677.2019-02-05not yet calculatedCVE-2017-1202
    XF
    CONFIRM
    ibm -- datapower_gatewayIBM DataPower Gateway 2018.4.1.0, 7.6.0.0 through 7.6.0.11, 7.5.2.0 through 7.5.2.18, 7.5.1.0 through 7.5.1.18, 7.5.0.0 through 7.5.0.19, and 7.7.0.0 through 7.7.1.3 could allow an authenticated user to inject arbitrary messages that would be displayed on the UI. IBM X-Force ID: 144892.2019-02-07not yet calculatedCVE-2018-1666
    XF
    CONFIRM
    ibm -- security_identity_managerIBM Security Identity Manager 7.0.1 is vulnerable to a XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 153751.2019-02-04not yet calculatedCVE-2018-1970
    CONFIRM
    XF
    ibm -- security_identity_managerIBM Security Identity Manager 7.0.1 Virtual Appliance does not invalidate session tokens when the logout button is pressed. The lack of proper session termination may allow attackers with local access to login into a closed browser session. IBM X-Force ID: 153658.2019-02-04not yet calculatedCVE-2018-1962
    CONFIRM
    BID
    XF
    inxedu -- inxeduinxedu through 2018-12-24 has a vulnerability that can lead to the upload of a malicious JSP file. The vulnerable code location is com.inxedu.os.common.controller.VideoUploadController#gok4 (com/inxedu/os/common/controller/VideoUploadController.java). The attacker uses the /video/uploadvideo fileType parameter to change the list of acceptable extensions from jpg,gif,png,jpeg to jpg,gif,png,jsp,jpeg.2019-02-09not yet calculatedCVE-2019-7684
    MISC
    jenkins -- jenkinsAn exposure of sensitive information vulnerability exists in Jenkins GitHub Authentication Plugin 0.29 and earlier in GithubSecurityRealm/config.jelly that allows attackers able to view a Jenkins administrator's web browser output, or control the browser (e.g. malicious extension) to retrieve the configured client secret.2019-02-06not yet calculatedCVE-2019-1003018
    CONFIRM
    jenkins -- jenkinsAn cross-site scripting vulnerability exists in Jenkins Blue Ocean Plugins 1.10.1 and earlier in blueocean-commons/src/main/java/io/jenkins/blueocean/commons/stapler/Export.java, blueocean-commons/src/main/java/io/jenkins/blueocean/commons/stapler/export/ExportConfig.java, blueocean-commons/src/main/java/io/jenkins/blueocean/commons/stapler/export/JSONDataWriter.java, blueocean-rest-impl/src/main/java/io/jenkins/blueocean/service/embedded/UserStatePreloader.java, blueocean-web/src/main/resources/io/jenkins/blueocean/PageStatePreloadDecorator/header.jelly that allows attackers with permission to edit a user's description in Jenkins to have Blue Ocean render arbitrary HTML when using it as that user.2019-02-06not yet calculatedCVE-2019-1003013
    CONFIRM
    jenkins -- jenkinsAn improper certificate validation vulnerability exists in Jenkins Active Directory Plugin 2.10 and earlier in src/main/java/hudson/plugins/active_directory/ActiveDirectoryDomain.java, src/main/java/hudson/plugins/active_directory/ActiveDirectorySecurityRealm.java, src/main/java/hudson/plugins/active_directory/ActiveDirectoryUnixAuthenticationProvider.java that allows attackers to impersonate the Active Directory server Jenkins connects to for authentication if Jenkins is configured to use StartTLS.2019-02-06not yet calculatedCVE-2019-1003009
    CONFIRM
    jenkins -- jenkinsA data modification vulnerability exists in Jenkins Job Import Plugin 3.0 and earlier in JobImportAction.java that allows attackers to copy jobs from a preconfigured other Jenkins instance, potentially installing additional plugins necessary to load the imported job's configuration.2019-02-06not yet calculatedCVE-2019-1003017
    CONFIRM
    jenkins -- jenkinsA data modification vulnerability exists in Jenkins Blue Ocean Plugins 1.10.1 and earlier in blueocean-core-js/src/js/bundleStartup.js, blueocean-core-js/src/js/fetch.ts, blueocean-core-js/src/js/i18n/i18n.js, blueocean-core-js/src/js/urlconfig.js, blueocean-rest/src/main/java/io/jenkins/blueocean/rest/APICrumbExclusion.java, blueocean-web/src/main/java/io/jenkins/blueocean/BlueOceanUI.java, blueocean-web/src/main/resources/io/jenkins/blueocean/BlueOceanUI/index.jelly that allows attackers to bypass all cross-site request forgery protection in Blue Ocean API.2019-02-06not yet calculatedCVE-2019-1003012
    CONFIRM
    jenkins -- jenkinsA sandbox bypass vulnerability exists in Jenkins Groovy Plugin 2.0 and earlier in src/main/java/hudson/plugins/groovy/StringScriptSource.java that allows attackers with Overall/Read permission to provide a Groovy script to an HTTP endpoint that can result in arbitrary code execution on the Jenkins master JVM.2019-02-06not yet calculatedCVE-2019-1003006
    CONFIRM
    jenkins -- jenkinsAn exposure of sensitive information vulnerability exists in Jenkins OpenId Connect Authentication Plugin 1.4 and earlier in OicSecurityRealm/config.jelly that allows attackers able to view a Jenkins administrator's web browser output, or control the browser (e.g. malicious extension) to retrieve the configured client secret.2019-02-06not yet calculatedCVE-2019-1003021
    CONFIRM
    jenkins -- jenkinsA server-side request forgery vulnerability exists in Jenkins Kanboard Plugin 1.5.10 and earlier in KanboardGlobalConfiguration.java that allows attackers with Overall/Read permission to submit a GET request to an attacker-specified URL.2019-02-06not yet calculatedCVE-2019-1003020
    CONFIRM
    jenkins -- jenkinsA cross-site scripting vulnerability exists in Jenkins Warnings Next Generation Plugin 1.0.1 and earlier in src/main/java/io/jenkins/plugins/analysis/core/model/DetailsTableModel.java, src/main/java/io/jenkins/plugins/analysis/core/model/SourceDetail.java, src/main/java/io/jenkins/plugins/analysis/core/model/SourcePrinter.java, src/main/java/io/jenkins/plugins/analysis/core/util/Sanitizer.java, src/main/java/io/jenkins/plugins/analysis/warnings/DuplicateCodeScanner.java that allows attackers with the ability to control warnings parser input to have Jenkins render arbitrary HTML.2019-02-06not yet calculatedCVE-2019-1003023
    CONFIRM
    joomla -- joomlaJoomla extension DT Register version before 3.1.12 (Joomla 3.x) / 2.8.18 (Joomla 2.5) contains an SQL injection in "/index.php?controller=calendar&format=raw&cat[0]=SQLi&task=events". This attack appears to be exploitable if the attacker can reach the web server.2019-02-04not yet calculatedCVE-2016-1000271
    MISC
    just-extend -- just-extendA prototype pollution vulnerability was found in just-extend <4.0.0 that allows attack to inject properties onto Object.prototype through its functions.2019-02-01not yet calculatedCVE-2018-16489
    MISC
    kaseya -- vsa_rmmKaseya VSA RMM before R9.3 9.3.0.35, R9.4 before 9.4.0.36, and R9.5 before 9.5.0.5 allows unprivileged remote attackers to execute PowerShell payloads on all managed devices. In January 2018, attackers actively exploited this vulnerability in the wild.2019-02-05not yet calculatedCVE-2018-20753
    MISC
    MISC
    lcds -- laquis_scadaLCDS Laquis SCADA prior to version 4.1.0.4150 allows improper control of generation of code when opening a specially crafted project file, which may allow remote code execution, data exfiltration, or cause a system crash.2019-02-05not yet calculatedCVE-2018-19002
    BID
    MISC
    lcds -- laquis_scadaLCDS Laquis SCADA prior to version 4.1.0.4150 allows taking in user input without proper sanitation, which may allow an attacker to execute remote code on the server.2019-02-05not yet calculatedCVE-2018-18992
    BID
    MISC
    lcds -- laquis_scadaLCDS Laquis SCADA prior to version 4.1.0.4150 allows the opening of a specially crafted report format file that may cause an out of bounds read, which may cause a system crash, allow data exfiltration, or remote code execution.2019-02-05not yet calculatedCVE-2018-18986
    BID
    MISC
    lcds -- laquis_scadaLCDS Laquis SCADA prior to version 4.1.0.4150 allows an attacker using a specially crafted project file to supply a pointer for a controlled memory address, which may allow remote code execution, data exfiltration, or cause a system crash.2019-02-05not yet calculatedCVE-2018-19029
    BID
    MISC
    lcds -- laquis_scadaLCDS Laquis SCADA prior to version 4.1.0.4150 allows execution of script code by opening a specially crafted report format file. This may allow remote code execution, data exfiltration, or cause a system crash.2019-02-01not yet calculatedCVE-2018-18988
    BID
    MISC
    lcds -- laquis_scadaLCDS Laquis SCADA prior to version 4.1.0.4150 allows taking in user input without proper authorization or sanitation, which may allow an attacker to execute remote code on the server.2019-02-05not yet calculatedCVE-2018-18996
    BID
    MISC
    lcds -- laquis_scadaLCDS Laquis SCADA prior to version 4.1.0.4150 uses hard coded credentials, which may allow an attacker unauthorized access to the system with high privileges.2019-02-05not yet calculatedCVE-2018-18998
    BID
    MISC
    lcds -- laquis_scadaLCDS Laquis SCADA prior to version 4.1.0.4150 allows an authentication bypass, which may allow an attacker access to sensitive data.2019-02-05not yet calculatedCVE-2018-19000
    BID
    MISC
    lcds -- laquis_scadaLCDS Laquis SCADA prior to version 4.1.0.4150 allows a user-supplied path in file operations prior to proper validation. An attacker can leverage this vulnerability to disclose sensitive information under the context of the web server process.2019-02-05not yet calculatedCVE-2018-18990
    BID
    MISC
    libcurl -- libcurllibcurl versions from 7.36.0 to before 7.64.0 is vulnerable to a heap buffer out-of-bounds read. The function handling incoming NTLM type-2 messages (`lib/vauth/ntlm.c:ntlm_decode_type2_target`) does not validate incoming data correctly and is subject to an integer overflow vulnerability. Using that overflow, a malicious or broken NTLM server could trick libcurl to accept a bad length + offset combination that would lead to a buffer read out-of-bounds.2019-02-06not yet calculatedCVE-2018-16890
    BID
    CONFIRM
    MISC
    UBUNTU
    DEBIAN
    libcurl -- libcurllibcurl versions from 7.36.0 to before 7.64.0 are vulnerable to a stack-based buffer overflow. The function creating an outgoing NTLM type-3 header (`lib/vauth/ntlm.c:Curl_auth_create_ntlm_type3_message()`), generates the request HTTP header contents based on previously received data. The check that exists to prevent the local buffer from getting overflowed is implemented wrongly (using unsigned math) and as such it does not prevent the overflow from happening. This output data can grow larger than the local buffer if very large 'nt response' data is extracted from a previous NTLMv2 header provided by the malicious or broken HTTP server. Such a 'large value' needs to be around 1000 bytes or more. The actual payload data copied to the target buffer comes from the NTLMv2 type-2 response header.2019-02-06not yet calculatedCVE-2019-3822
    BID
    CONFIRM
    MISC
    UBUNTU
    DEBIAN
    libtiff -- libtiffAn Invalid Address dereference was discovered in TIFFWriteDirectoryTagTransferfunction in libtiff/tif_dirwrite.c in LibTIFF 4.0.10, affecting the cpSeparateBufToContigBuf function in tiffcp.c. Remote attackers could leverage this vulnerability to cause a denial-of-service via a crafted tiff file. This is different from CVE-2018-12900.2019-02-09not yet calculatedCVE-2019-7663
    MISC
    lightsoft -- logmxGUP (generic update process) in LightySoft LogMX before 7.4.0 does not properly verify the authenticity of updates, which allows man-in-the-middle attackers to execute arbitrary code via a Trojan horse update. The update process relies on cleartext HTTP. The attacker could replace the LogMXUpdater.class file.2019-02-04not yet calculatedCVE-2019-7323
    MISC
    MISC
    MISC
    linux -- linux_kernelkernel/bpf/verifier.c in the Linux kernel before 4.20.6 performs undesirable out-of-bounds speculation on pointer arithmetic in various cases, including cases of different branches with different state or limits to sanitize, leading to side-channel attacks.2019-02-01not yet calculatedCVE-2019-7308
    MISC
    MISC
    BID
    MISC
    MISC
    MISC
    MISC
    lodash -- lodashA prototype pollution vulnerability was found in lodash <4.17.11 where the functions merge, mergeWith, and defaultsDeep can be tricked into adding or modifying properties of Object.prototype.2019-02-01not yet calculatedCVE-2018-16487
    MISC
    m-server -- m-serverPath Traversal vulnerability in module m-server <1.4.1 allows malicious user to access unauthorized content of any file in the directory tree e.g. /etc/passwd by appending slashes to the URL request.2019-02-01not yet calculatedCVE-2018-16485
    MISC
    m-server -- m-serverA XSS vulnerability was found in module m-server <1.4.2 that allows malicious Javascript code or HTML to be executed, due to the lack of escaping for special characters in folder names.2019-02-01not yet calculatedCVE-2018-16484
    MISC
    mapsvg -- mapsvg_liteMapSVG MapSVG Lite version 3.2.3 contains a Cross Site Request Forgery (CSRF) vulnerability in REST endpoint /wp-admin/admin-ajax.php?action=mapsvg_save that can result in an attacker can modify post data, including embedding javascript. This attack appears to be exploitable via the victim must be logged in to WordPress as an admin, and click a link. This vulnerability appears to have been fixed in 3.3.0 and later.2019-02-04not yet calculatedCVE-2019-1000003
    MISC
    MISC
    mitsubishi -- multiple_productsMitsubishi Electric Q03/04/06/13/26UDVCPU: serial number 20081 and prior, Q04/06/13/26UDPVCPU: serial number 20081 and prior, and Q03UDECPU, Q04/06/10/13/20/26/50/100UDEHCPU: serial number 20101 and prior. A remote attacker can send specific bytes over Port 5007 that will result in an Ethernet stack crash.2019-02-05not yet calculatedCVE-2019-6535
    BID
    MISC
    mobotix -- s14_mx-v4.2.1.61_devicesAn issue was discovered on MOBOTIX S14 MX-V4.2.1.61 devices. /admin/access accepts a request to set the "aaaaa" password, considered insecure for some use cases, from a user.2019-02-09not yet calculatedCVE-2019-7674
    MISC
    mobotix -- s14_mx-v4.2.1.61_devicesAn issue was discovered on MOBOTIX S14 MX-V4.2.1.61 devices. The default management application is delivered over cleartext HTTP with Basic Authentication, as demonstrated by the /admin/index.html URI.2019-02-09not yet calculatedCVE-2019-7675
    MISC
    mobotix -- s14_mx-v4.2.1.61_devicesAn issue was discovered on MOBOTIX S14 MX-V4.2.1.61 devices. Administrator Credentials are stored in the 13-character DES hash format.2019-02-09not yet calculatedCVE-2019-7673
    MISC
    mobotix -- s14_mx-v4.2.1.61_devicesAn issue was discovered on MOBOTIX S14 MX-V4.2.1.61 devices. There is a default password of meinsm for the admin account.2019-02-09not yet calculatedCVE-2009-5154
    MISC
    MISC
    mpath -- mpathA prototype pollution vulnerability was found in module mpath <0.5.1 that allows an attacker to inject arbitrary properties onto Object.prototype.2019-02-01not yet calculatedCVE-2018-16490
    MISC
    mpdf -- mpdfmPDF version 7.1.7 and earlier contains a CWE-502: Deserialization of Untrusted Data vulnerability in getImage() method of Image/ImageProcessor class that can result in Arbitry code execution, file write, etc.. This attack appears to be exploitable via attacker must host crafted image on victim server and trigger generation of pdf file with content <img src="https://www.us-cert.govphar://path/to/crafted/image">. This vulnerability appears to have been fixed in 7.1.8.2019-02-04not yet calculatedCVE-2019-1000005
    MISC
    netapp -- clustered_data_ontapClustered Data ONTAP versions 9.0 through 9.4 are susceptible to a vulnerability which allows remote authenticated attackers to cause a Denial of Service (DoS) in NFS and SMB environments. Exploitation of this vulnerability will allow a remote authenticated attacker to cause a Denial of Service (DoS) on affected versions of clustered Data ONTAP configured for multiprotocol access.2019-02-01not yet calculatedCVE-2018-5498
    CONFIRM
    nginx -- nginx_unitNGINX Unit before 1.7.1 might allow an attacker to cause a heap-based buffer overflow in the router process with a specially crafted request. This may result in a denial of service (router process crash) or possibly have unspecified other impact.2019-02-07not yet calculatedCVE-2019-7401
    MISC
    MISC
    MISC
    BID
    node.extend -- node.extendA prototype pollution vulnerability was found in node.extend <1.1.7, ~<2.0.1 that allows an attacker to inject arbitrary properties onto Object.prototype.2019-02-01not yet calculatedCVE-2018-16491
    MISC
    pagure -- pagurePagure 5.2 leaks API keys by e-mailing them to users. Few e-mail servers validate TLS certificates, so it is easy for man-in-the-middle attackers to read these e-mails and gain access to Pagure on behalf of other users. This issue is found in the API token expiration reminder cron job in files/api_key_expire_mail.py; disabling that job is also a viable solution. (E-mailing a substring of the API key was an attempted, but rejected, solution.)2019-02-07not yet calculatedCVE-2019-7628
    MISC
    MISC
    MISC
    MISC
    MISC
    primx -- zed_enterpriseLimited plaintext disclosure exists in PRIMX Zed Entreprise for Windows before 6.1.2240, Zed Entreprise for Windows (ANSSI qualification submission) before 6.1.2150, Zed Entreprise for Mac before 2.0.199, Zed Entreprise for Linux before 2.0.199, Zed Pro for Windows before 1.0.195, Zed Pro for Mac before 1.0.199, Zed Pro for Linux before 1.0.199, Zed Free for Windows before 1.0.195, Zed Free for Mac before 1.0.199, and Zed Free for Linux before 1.0.199. Analyzing a Zed container can lead to the disclosure of plaintext content of very small files (a few bytes) stored into it.2019-02-03not yet calculatedCVE-2019-7312
    MISC
    public -- publicA XSS vulnerability was found in module public <0.1.4 that allows malicious Javascript code to run in the browser, due to the absence of sanitization of the file/folder names before rendering.2019-02-01not yet calculatedCVE-2018-16480
    MISC
    MISC
    rarlab -- winrarA validation function (in WinRAR code) is being called before extraction of ACE archives. The validation function inspects the filename field for each compressed file in the ACE archive. In case the filename is disallow by the validator function (for example, the filename contains path traversal patterns) The extraction operation should be aborted and no file or folder should be extracted. However, the check of the return value from the validator function made too late (in UNACEV2.dll), after the creation of files and folders. It prevent the write operation to the extracted files only.2019-02-05not yet calculatedCVE-2018-20251
    BID
    MISC
    rebar3 -- rebar3Erlang/OTP Rebar3 version 3.7.0 through 3.7.5 contains a Signing oracle vulnerability in Package registry verification that can result in Package modifications not detected, allowing code execution. This attack appears to be exploitable via Victim fetches packages from malicious/compromised mirror. This vulnerability appears to have been fixed in 3.8.0.2019-02-04not yet calculatedCVE-2019-1000014
    MISC
    recon-ng -- recon-ngAn issue was discovered in Recon-ng before 4.9.5. Lack of validation in the modules/reporting/csv.py file allows CSV injection. More specifically, when a Twitter user possesses an Excel macro for a username, it will not be properly sanitized when exported to a CSV file. This can result in remote code execution for the attacker.2019-02-04not yet calculatedCVE-2018-20752
    MISC
    MISC
    redflib -- redflibThe Debian python-rdflib-tools 4.2.2-1 package for RDFLib 4.2.2 has CLI tools that can load Python modules from the current working directory, allowing code injection, because "python -m" looks in this directory, as demonstrated by rdf2dot. This issue is specific to use of the debian/scripts directory.2019-02-08not yet calculatedCVE-2019-7653
    MISC
    riot -- riot-osRIOT RIOT-OS version after commit 7af03ab624db0412c727eed9ab7630a5282e2fd3 contains a Buffer Overflow vulnerability in sock_dns, an implementation of the DNS protocol utilizing the RIOT sock API that can result in Remote code executing. This attack appears to be exploitable via network connectivity.2019-02-04not yet calculatedCVE-2019-1000006
    MISC
    rssh -- rsshrssh version 2.3.4 contains a CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability in allowscp permission that can result in Local command execution. This attack appear to be exploitable via An authorized SSH user with the allowscp permission.2019-02-04not yet calculatedCVE-2019-1000018
    MISC
    MLIST
    DEBIAN
    rssh -- rsshInsufficient sanitization of environment variables passed to rsync can bypass the restrictions imposed by rssh, a restricted shell that should restrict users to perform only rsync operations, resulting in the execution of arbitrary shell commands.2019-02-06not yet calculatedCVE-2019-3464
    BID
    MLIST
    MISC
    DEBIAN
    rukovoditel -- rukovoditelRukovoditel before 2.4.1 allows XSS.2019-02-05not yet calculatedCVE-2019-7400
    CONFIRM
    slixmpp -- slixmppslixmpp version before commit 7cd73b594e8122dddf847953fcfc85ab4d316416 contains an incorrect Access Control vulnerability in XEP-0223 plugin (Persistent Storage of Private Data via PubSub) options profile, used for the configuration of default access model that can result in all of the contacts of the victim can see private data having been published to a PEP node. This attack appears to be exploitable if the user of this library publishes any private data on PEP, the node isn't configured to be private. This vulnerability appears to have been fixed in commit 7cd73b594e8122dddf847953fcfc85ab4d316416 which is included in slixmpp 1.4.2.2019-02-04not yet calculatedCVE-2019-1000021
    MISC
    MISC
    symantec -- ghost_solution_suiteSymantec Ghost Solution Suite (GSS) versions prior to 3.3 RU1 may be susceptible to a DLL hijacking vulnerability, which is a type of issue whereby a potential attacker attempts to execute unexpected code on your machine. This occurs via placement of a potentially foreign file (DLL) that the attacker then attempts to run via a linked application.2019-02-08not yet calculatedCVE-2018-18364
    BID
    CONFIRM
    systrome -- mulitple_cumilon_devicesA local file inclusion vulnerability exists in the web interface of Systrome Cumilon ISG-600C, ISG-600H, and ISG-800W 1.1-R2.1_TRUNK-20180914.bin devices. When the export function is called from system/maintenance/export.php, it accepts the path provided by the user, leading to path traversal via the name parameter.2019-02-04not yet calculatedCVE-2019-7387
    MISC
    MISC
    taoensso -- senateTaoensso Sente version Prior to version 1.14.0 contains a Cross Site Request Forgery (CSRF) vulnerability in WebSocket handshake endpoint that can result in CSRF attack, possible leak of anti-CSRF token. This attack appears to be exploitable via malicious request against WebSocket handshake endpoint. This vulnerability appears to have been fixed in 1.14.0 and later.2019-02-04not yet calculatedCVE-2019-1000022
    MISC
    tcpcrypt -- tcpcryptA buffer overflow exists in HelpSystems tcpcrypt on Linux, used for BoKS encrypted telnet through BoKS version 6.7.1. Since tcpcrypt is setuid, exploitation leads to privilege escalation.2019-02-08not yet calculatedCVE-2018-20764
    CONFIRM
    teampass -- teampassTeamPass version 2.1.27 and earlier contains a Storing Passwords in a Recoverable Format vulnerability in Shared password vaults that can result in all shared passwords are recoverable server side. This attack appears to be exploitable via any vulnerability that can bypass authentication or role assignment and can lead to shared password leakage.2019-02-04not yet calculatedCVE-2019-1000001
    MISC
    trend_micro -- dr_safetyA vulnerability in the Private Browser of Trend Micro Dr. Safety for Android (Consumer) versions below 3.0.1478 could allow an remote attacker to bypass the Same Origin Policy (SOP) and obtain sensitive information via crafted JavaScript code on vulnerable installations.2019-02-05not yet calculatedCVE-2018-18334
    CONFIRM
    trend_micro -- security_2019A DLL hijacking vulnerability in Trend Micro Security 2019 (Consumer) versions below 15.0.0.1163 and below could allow an attacker to manipulate a specific DLL and escalate privileges on vulnerable installations.2019-02-05not yet calculatedCVE-2018-18333
    CONFIRM
    MISC
    MISC
    webassembly -- binaryenAn assertion failure was discovered in wasm::WasmBinaryBuilder::getType() in wasm-binary.cpp in Binaryen 1.38.22. This allows remote attackers to cause a denial of service (failed assertion and crash) via a crafted wasm file.2019-02-09not yet calculatedCVE-2019-7662
    MISC
    wibu-systems -- wibukeyAn exploitable heap overflow vulnerability exists in the WkbProgramLow function of WibuKey Network server management, version 6.40.2402.500. A specially crafted TCP packet can cause a heap overflow, potentially leading to remote code execution. An attacker can send a malformed TCP packet to trigger this vulnerability.2019-02-05not yet calculatedCVE-2018-3991
    MISC
    wibu-systems -- wibukeyAn exploitable kernel memory disclosure vulnerability exists in the 0x8200E804 IOCTL handler functionality of WIBU-SYSTEMS WibuKey.sys Version 6.40 (Build 2400).A specially crafted IRP request can cause the driver to return uninitialized memory, resulting in kernel memory disclosure. An attacker can send an IRP request to trigger this vulnerability.2019-02-05not yet calculatedCVE-2018-3989
    MISC
    win.rar -- winrarBy crafting the filename field of the ACE format, the destination folder (extraction folder) is ignored, and the relative path in the filename field becomes an absolute Path. This logical bug, allows the extraction of a file to an arbitrary location which is effectively code execution.2019-02-05not yet calculatedCVE-2018-20250
    BID
    MISC
    wordpress -- wordpressIn the Parallax Scroll (aka adamrob-parallax-scroll) plugin before 2.1 for WordPress, includes/adamrob-parralax-shortcode.php allows XSS via the title text. ("parallax" has a spelling change within the PHP filename.)2019-02-05not yet calculatedCVE-2019-7413
    MISC
    wordpress -- wordpressThe PS PHPCaptcha WP plugin before v1.2.0 for WordPress mishandles sanitization of input values.2019-02-05not yet calculatedCVE-2019-7412
    MISC
    Back to top

    This product is provided subject to this Notification and this Privacy & Use policy.