index_ label1 index_ label1
Providing services for federal, state and local government ...
index_ label2 index_ label2
Our commercial entity operations, providing enterprise services ...
index_ label3 index_ label3
How do we prepare for what's to come next? See inside ...
I.T. News
We are constantly interested in the latest and up-to-date technology.
As we move forward with the software development we will continue to use new technologies to improve our products and the customer experience. And we will continue to develop our solutions with both new functionality and increasing integration with the latest major platforms.

As the growing market shares and interests in the I.T. virtualization, we tailored the unique virtualization solution vFleXtor using proven, modern up-to-date technology.

Timely information about security topics and threats:

US-CERT: The United States Computer Emergency Readiness Team
  • Original release date: July 13, 2018

    The Internet Crime Complaint Center (IC3) has released an alert on business email compromise scams. This type of scam targets businesses and individuals by using social engineering or computer intrusion to compromise legitimate email accounts and conduct unauthorized fund transfers or obtain personally identifiable information.

    NCCIC encourages businesses and individuals to refer to the IC3 Alert and the NCCIC Tip on Avoiding Social Engineering and Phishing Attacks.


    This product is provided subject to this Notification and this Privacy & Use policy.


  • Original release date: July 12, 2018

    Juniper Networks has released security updates to address vulnerabilities affecting multiple Junos OS versions. An attacker could exploit some of these vulnerabilities to take control of an affected system.

    NCCIC encourages users and administrators to review the Juniper Security Advisories website and apply the necessary updates.


    This product is provided subject to this Notification and this Privacy & Use policy.


  • Original release date: July 12, 2018

    The Internet Systems Consortium (ISC) has released a security advisory that addresses a memory leak vulnerability in Kea DHCP 1.4.0. A remote attacker could exploit this vulnerability to cause a denial-of-service condition.

    NCCIC encourages users and administrators to review ISC Knowledge Base Article AA-01626 and apply the necessary update or workaround.


    This product is provided subject to this Notification and this Privacy & Use policy.


  • Original release date: July 11, 2018

    Cisco has released updates to address vulnerabilities affecting Cisco products. A remote attacker could exploit one of these vulnerabilities to take control of an affected system.

    NCCIC encourages users and administrators to review the following Cisco Security Advisories and apply the necessary updates:


    This product is provided subject to this Notification and this Privacy & Use policy.


  • Original release date: July 10, 2018

    Microsoft has released updates to address vulnerabilities in Microsoft software. A remote attacker could exploit some of these vulnerabilities to take control of an affected system.

    NCCIC encourages users and administrators to review Microsoft?s July 2018 Security Update Summary and Deployment Information and apply the necessary updates.


    This product is provided subject to this Notification and this Privacy & Use policy.


  • Original release date: July 10, 2018

    Adobe has released security updates to address vulnerabilities in Adobe Acrobat and Reader, Adobe Flash Player, Adobe Connect, and Adobe Experience Manager. A remote attacker could exploit some of these vulnerabilities to take control of an affected system.   

    NCCIC encourages users and administrators to review Adobe Security Bulletins APSB18-21, APSB18-24, APSB18-22, and APSB18-23 and apply the necessary updates.

     


    This product is provided subject to this Notification and this Privacy & Use policy.


  • Original release date: July 09, 2018

    Apple has released security updates to address vulnerabilities in multiple products. An attacker could exploit some of these vulnerabilities to take control of an affected system.

    NCCIC encourages users and administrators to review Apple security pages for the following products and apply the necessary updates:


    This product is provided subject to this Notification and this Privacy & Use policy.


  • Original release date: July 09, 2018

    The US-CERT Cyber Security Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD) in the past week. The NVD is sponsored by the Department of Homeland Security (DHS) National Cybersecurity and Communications Integration Center (NCCIC) / United States Computer Emergency Readiness Team (US-CERT). For modified or updated entries, please visit the NVD, which contains historical vulnerability information.

    The vulnerabilities are based on the CVE vulnerability naming standard and are organized according to severity, determined by the Common Vulnerability Scoring System (CVSS) standard. The division of high, medium, and low severities correspond to the following scores:

    • High - Vulnerabilities will be labeled High severity if they have a CVSS base score of 7.0 - 10.0

    • Medium - Vulnerabilities will be labeled Medium severity if they have a CVSS base score of 4.0 - 6.9

    • Low - Vulnerabilities will be labeled Low severity if they have a CVSS base score of 0.0 - 3.9

    Entries may include additional information provided by organizations and efforts sponsored by US-CERT. This information may include identifying information, values, definitions, and related links. Patch information is provided when available. Please note that some of the information in the bulletins is compiled from external, open source reports and is not a direct result of US-CERT analysis.

    The NCCIC Weekly Vulnerability Summary Bulletin is created using information from the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD). In some cases, the vulnerabilities in the Bulletin may not yet have assigned CVSS scores. Please visit NVD for updated vulnerability entries, which include CVSS scores once they are available.

     

    High Vulnerabilities

    Primary
    Vendor -- Product
    DescriptionPublishedCVSS ScoreSource & Patch Info
    There were no high vulnerabilities recorded this week.
    Back to top

     

    Medium Vulnerabilities

    Primary
    Vendor -- Product
    DescriptionPublishedCVSS ScoreSource & Patch Info
    There were no medium vulnerabilities recorded this week.
    Back to top

     

    Low Vulnerabilities

    Primary
    Vendor -- Product
    DescriptionPublishedCVSS ScoreSource & Patch Info
    There were no low vulnerabilities recorded this week.
    Back to top

     

    Severity Not Yet Assigned

    Primary
    Vendor -- Product
    DescriptionPublishedCVSS ScoreSource & Patch Info
    adb -- broadband_gateways_and_routersAll ADB broadband gateways / routers based on the Epicentro platform are affected by a privilege escalation vulnerability where attackers can gain access to the command line interface (CLI) if previously disabled by the ISP, escalate their privileges, and perform further attacks.2018-07-06not yet calculatedCVE-2018-13110
    MISC
    FULLDISC
    BUGTRAQ
    EXPLOIT-DB
    MISC
    adb -- broadband_gateways_and_routersAll ADB broadband gateways / routers based on the Epicentro platform are affected by a local root jailbreak vulnerability where attackers are able to gain root access on the device, and extract further information such as sensitive configuration data of the ISP (e.g., VoIP credentials) or attack the internal network of the ISP.2018-07-06not yet calculatedCVE-2018-13108
    MISC
    FULLDISC
    BUGTRAQ
    EXPLOIT-DB
    MISC
    adb -- broadband_gateways_and_routers
     
    All ADB broadband gateways / routers based on the Epicentro platform are affected by an authorization bypass vulnerability where attackers are able to access and manipulate settings within the web interface that are forbidden to end users (e.g., by the ISP). An attacker would be able to enable the TELNET server or other settings as well.2018-07-06not yet calculatedCVE-2018-13109
    MISC
    FULLDISC
    BUGTRAQ
    EXPLOIT-DB
    MISC
    airties -- airties
     
    Airties 5444 1.0.0.18 and 5444TT 1.0.0.18 devices allow XSS.2018-07-05not yet calculatedCVE-2018-8738
    EXPLOIT-DB
    MISC
    angular -- redactorImperavi Redactor 3 in Angular Redactor 1.1.6, when HTML content mode is used, allows stored XSS, as demonstrated by an onerror attribute of an IMG element, a related issue to CVE-2018-7035.2018-07-05not yet calculatedCVE-2018-13339
    MISC
    MISC
    ansible -- ansible
     
    Ansible 2.5 prior to 2.5.5, and 2.4 prior to 2.4.5, do not honor the no_log task flag for failed tasks. When the no_log flag has been used to protect sensitive data passed to a task from being logged, and that task does not run successfully, Ansible will expose sensitive data in log files and on the terminal of the user running Ansible.2018-07-02not yet calculatedCVE-2018-10855
    REDHAT
    REDHAT
    REDHAT
    REDHAT
    CONFIRM
    ansible -- ansible
     
    In ansible it was found that inventory variables are loaded from current working directory when running ad-hoc command which are under attacker's control, allowing to run arbitrary code as a result.2018-07-02not yet calculatedCVE-2018-10874
    CONFIRM
    anydesk -- anydesk
     
    AnyDesk before "12.06.2018 - 4.1.3" on Windows 7 SP1 has a DLL preloading vulnerability.2018-07-03not yet calculatedCVE-2018-13102
    CONFIRM
    apache -- cxfIt is possible to configure Apache CXF to use the com.sun.net.ssl implementation via 'System.setProperty("java.protocol.handler.pkgs", "com.sun.net.ssl.internal.www.protocol");'. When this system property is set, CXF uses some reflection to try to make the HostnameVerifier work with the old com.sun.net.ssl.HostnameVerifier interface. However, the default HostnameVerifier implementation in CXF does not implement the method in this interface, and an exception is thrown. However, in Apache CXF prior to 3.2.5 and 3.1.16 the exception is caught in the reflection code and not properly propagated. What this means is that if you are using the com.sun.net.ssl stack with CXF, an error with TLS hostname verification will not be thrown, leaving a CXF client subject to man-in-the-middle attacks.2018-07-02not yet calculatedCVE-2018-8039
    CONFIRM
    SECTRACK
    CONFIRM
    MLIST
    apache -- cxf_fedizVersions of Apache CXF Fediz prior to 1.4.4 do not fully disable Document Type Declarations (DTDs) when either parsing the Identity Provider response in the application plugins, or in the Identity Provider itself when parsing certain XML-based parameters.2018-07-05not yet calculatedCVE-2018-8038
    CONFIRM
    SECTRACK
    CONFIRM
    MLIST
    apache -- pdfboxIn Apache PDFBox 1.8.0 to 1.8.14 and 2.0.0RC1 to 2.0.10, a carefully crafted (or fuzzed) file can trigger an infinite loop which leads to an out of memory exception in Apache PDFBox's AFMParser.2018-07-03not yet calculatedCVE-2018-8036
    MLIST
    apache -- solr
     
    This vulnerability in Apache Solr 6.0.0 to 6.6.4 and 7.0.0 to 7.3.1 relates to an XML external entity expansion (XXE) in Solr config files (currency.xml, enumsConfig.xml referred from schema.xml, TIKA parsecontext config file). In addition, Xinclude functionality provided in these config files is also affected in a similar way. The vulnerability can be used as XXE using file/ftp/http protocols in order to read arbitrary local files from the Solr server or the internal network. The manipulated files can be uploaded as configsets using Solr's API, allowing to exploit that vulnerability.2018-07-05not yet calculatedCVE-2018-8026
    CONFIRM
    MLIST
    archive::zip -- archive::zip
     
    perl-archive-zip is vulnerable to a directory traversal in Archive::Zip. It was found that the Archive::Zip module did not properly sanitize paths while extracting zip files. An attacker able to provide a specially crafted archive for processing could use this flaw to write or overwrite arbitrary files in the context of the perl interpreter.2018-06-29not yet calculatedCVE-2018-10860
    BID
    CONFIRM
    UBUNTU
    UBUNTU
    bedita -- bedita
     
    An issue was discovered in BEdita before 3.7.0. A cross-site scripting (XSS) attack occurs via a crafted pages/showObjects URI, as demonstrated by appending a payload to a pages/showObjects/2/0/0/leafs URI.2018-07-04not yet calculatedCVE-2015-9260
    MISC
    MISC
    MISC
    beescms -- beescmsIn BEESCMS 4.0, CSRF allows administrators to be added arbitrarily, a related issue to CVE-2018-10266.2018-07-05not yet calculatedCVE-2018-12739
    MISC
    EXPLOIT-DB
    bitcoin_core -- bitcoin_coreIn Bitcoin Core before v0.13.0, a non-final alert is able to block the special "final alert" (which is supposed to override all other alerts) because operations occur in the wrong order. This behavior occurs in the remote network alert system (deprecated since Q1 2016). This affects other uses of the codebase, such as Bitcoin Knots before v0.13.0.knots20160814 and many altcoins.2018-07-05not yet calculatedCVE-2016-10725
    MISC
    MISC
    bitcoin_core -- bitcoin_core
     
    Bitcoin Core before v0.13.0 allows denial of service (memory exhaustion) triggered by the remote network alert system (deprecated since Q1 2016) if an attacker can sign a message with a certain private key that had been known by unintended actors, because of an infinitely sized map. This affects other uses of the codebase, such as Bitcoin Knots before v0.13.0.knots20160814 and many altcoins.2018-07-05not yet calculatedCVE-2016-10724
    MISC
    MISC
    buttle -- buttlePath traversal in buttle module versions <= 0.2.0 allows to read any file in the server.2018-07-05not yet calculatedCVE-2018-3766
    MISC
    cinnamon -- cinnamon
     
    An issue was discovered in Cinnamon 1.9.2 through 3.8.6. The cinnamon-settings-users.py GUI runs as root and allows configuration of (for example) other users' icon files in _on_face_browse_menuitem_activated and _on_face_menuitem_activated. These icon files are written to the respective user's $HOME/.face location. If an unprivileged user prepares a symlink pointing to an arbitrary location, then this location will be overwritten with the icon content.2018-07-02not yet calculatedCVE-2018-13054
    MISC
    MISC
    clippercms -- clippercms
     
    ClipperCMS 1.3.3 has stored XSS via the "Tools -> Configuration" screen of the manager/ URI.2018-07-03not yet calculatedCVE-2018-13106
    MISC
    core -- ftp_leCore FTP LE version 2.2 Build 1921 is prone to a buffer overflow vulnerability that may result in a DoS or remote code execution via a PASV response.2018-07-05not yet calculatedCVE-2018-12113
    MISC
    MISC
    MISC
    cyberark -- endpoint_privilege_managerIn CyberArk Endpoint Privilege Manager (formerly Viewfinity), Privilege Escalation is possible if the attacker has one process that executes as Admin.2018-07-05not yet calculatedCVE-2018-13052
    MISC
    d-link -- dir-890l_a2_devicesAn issue was discovered on D-Link DIR-890L A2 devices. Due to the predictability of the /docs/captcha_(number).jpeg URI, being local to the network, but unauthenticated to the administrator's panel, an attacker can disclose the CAPTCHAs used by the access point and can elect to load the CAPTCHA of their choosing, leading to unauthorized login attempts to the access point.2018-07-05not yet calculatedCVE-2018-12103
    FULLDISC
    damicms -- damicms
     
    DamiCMS v6.0.0 allows CSRF via admin.php?s=/Admin/doadd to add an administrator account.2018-07-05not yet calculatedCVE-2018-13031
    MISC
    EXPLOIT-DB
    debian -- devscripts
     
    scripts/grep-excuses.pl in Debian devscripts through 2.18.3 allows code execution through unsafe YAML loading because YAML::Syck is used without a configuration that prevents unintended blessing.2018-07-01not yet calculatedCVE-2018-13043
    MISC
    UBUNTU
    deep-extend -- deep-extendThe utilities function in all versions <= 0.5.0 of the deep-extend node module can be tricked into modifying the prototype of Object when the attacker can control part of the structure passed to this function. This can let an attacker add or modify existing properties that will exist on all objects.2018-07-03not yet calculatedCVE-2018-3750
    MISC
    deep-node -- deep-nodeThe utilities function in all versions < 1.0.1 of the deap node module can be tricked into modifying the prototype of Object when the attacker can control part of the structure passed to this function. This can let an attacker add or modify existing properties that will exist on all objects.2018-07-03not yet calculatedCVE-2018-3749
    MISC
    dell_emc -- ecsDell EMC ECS versions 3.2.0.0 and 3.2.0.1 contain an authentication bypass vulnerability. A remote unauthenticated attacker could exploit this vulnerability to read and modify S3 objects by supplying specially crafted S3 requests.2018-07-03not yet calculatedCVE-2018-11052
    FULLDISC
    BID
    dell_emc -- idracDell EMC iDRAC9 versions prior to 3.21.21.21 did not enforce the use of TLS/SSL for a connection to iDRAC web server for certain URLs. A man-in-the-middle attacker could use this vulnerability to strip the SSL/TLS protection from a connection between a client and a server.2018-07-02not yet calculatedCVE-2018-1249
    CONFIRM
    dell_emc -- idracDell EMC iDRAC7/iDRAC8, versions prior to 2.60.60.60, and iDRAC9 versions prior to 3.21.21.21 contain a command injection vulnerability in the SNMP agent. A remote authenticated malicious iDRAC user with configuration privileges could potentially exploit this vulnerability to execute arbitrary commands on the iDRAC where SNMP alerting is enabled.2018-07-02not yet calculatedCVE-2018-1244
    CONFIRM
    dell_emc -- idracThe web-based diagnostics console in Dell EMC iDRAC6 (Monolithic versions prior to 2.91 and Modular all versions) contains a command injection vulnerability. A remote authenticated malicious iDRAC user with access to the diagnostics console could potentially exploit this vulnerability to execute arbitrary commands as root on the affected iDRAC system.2018-07-02not yet calculatedCVE-2018-1212
    CONFIRM
    dell_emc -- idracDell EMC iDRAC6, versions prior to 2.91, iDRAC7/iDRAC8, versions prior to 2.60.60.60 and iDRAC9, versions prior to 3.21.21.21, contain a weak CGI session ID vulnerability. The sessions invoked via CGI binaries use 96-bit numeric-only session ID values, which makes it easier for remote attackers to perform bruteforce session guessing attacks.2018-07-02not yet calculatedCVE-2018-1243
    CONFIRM
    dialogic -- powermedia_xmsUse of Hard-coded Credentials in /var/www/xms/application/controllers/gatherLogs.php in the administrative console in Dialogic PowerMedia XMS through 3.5 allows remote attackers to interact with a web service.2018-07-03not yet calculatedCVE-2018-11641
    MISC
    dialogic -- powermedia_xmsUse of a Hard-coded Cryptographic Key used to protect cookie session data in /var/www/xms/application/config/config.php in the administrative console in Dialogic PowerMedia XMS through 3.5 allows remote attackers to bypass authentication.2018-07-03not yet calculatedCVE-2018-11635
    MISC
    dialogic -- powermedia_xmsPlaintext Storage of Passwords within Cookies in /var/www/xms/application/controllers/verifyLogin.php in the administrative console in Dialogic PowerMedia XMS before 3.5 SU2 allows remote attackers to access a user's password in cleartext.2018-07-03not yet calculatedCVE-2018-11639
    MISC
    dialogic -- powermedia_xmsCross-site request forgery (CSRF) vulnerability in the administrative console in Dialogic PowerMedia XMS through 3.5 allows remote attackers to execute malicious and unauthorized actions.2018-07-03not yet calculatedCVE-2018-11636
    MISC
    dialogic -- powermedia_xmsInformation leakage vulnerability in the administrative console in Dialogic PowerMedia XMS through 3.5 allows remote attackers to read arbitrary files from the /var/ directory because a symlink exists under the web root.2018-07-03not yet calculatedCVE-2018-11637
    MISC
    dialogic -- powermedia_xmsXML External Entity (XXE) vulnerability in the web service in Dialogic PowerMedia XMS before 3.5 SU2 allows remote attackers to read arbitrary files or cause a denial of service (resource consumption).2018-07-03not yet calculatedCVE-2018-11640
    MISC
    dialogic -- powermedia_xmsSQL injection vulnerability in the administrative console in Dialogic PowerMedia XMS through 3.5 allows remote authenticated users to execute arbitrary SQL commands via the filterPattern parameter.2018-07-03not yet calculatedCVE-2018-11643
    MISC
    dialogic -- powermedia_xmsUnrestricted Upload of a File with a Dangerous Type in the administrative console in Dialogic PowerMedia XMS through 3.5 allows remote authenticated users to upload malicious code to the web root to gain code execution.2018-07-03not yet calculatedCVE-2018-11638
    MISC
    dialogic -- powermedia_xmsIncorrect Permission Assignment on the /var/www/xms/cleanzip.sh shell script run periodically in Dialogic PowerMedia XMS through 3.5 allows local users to execute code as the root user.2018-07-03not yet calculatedCVE-2018-11642
    MISC
    dialogic -- powermedia_xmsPlaintext Storage of Passwords in the administrative console in Dialogic PowerMedia XMS before 3.5 SU2 allows local users to access the web application's user passwords in cleartext by reading /var/www/xms/xmsdb/default.db.2018-07-03not yet calculatedCVE-2018-11634
    MISC

    dnn -- dnn

    DNN (aka DotNetNuke) before 9.2.0 suffers from a Server-Side Request Forgery (SSRF) vulnerability in the DnnImageHandler class. Attackers may be able to access information about internal network resources.2018-07-03not yet calculatedCVE-2017-0929
    MISC
    docker -- moby
     
    The default OCI linux spec in oci/defaults{_linux}.go in Docker/Moby from 1.11 to current does not block /proc/acpi pathnames. The flaw allows an attacker to modify host's hardware like enabling/disabling bluetooth or turning up/down keyboard brightness.2018-07-06not yet calculatedCVE-2018-10892
    CONFIRM
    CONFIRM
    dogtag -- dogtag_pki
     
    Dogtag PKI, through version 10.6.1, has a vulnerability in AAclAuthz.java that, under certain configurations, causes the application of ACL allow and deny rules to be reversed. If a server is configured to process allow rules before deny rules (authz.evaluateOrder=allow,deny), then allow rules will deny access and deny rules will grant access. This may result in an escalation of privileges or have other unintended consequences.2018-07-02not yet calculatedCVE-2018-1080
    REDHAT
    CONFIRM
    CONFIRM
    CONFIRM
    dongguan_diqee -- diqee360_devicesAn issue was discovered on Dongguan Diqee Diqee360 devices. The affected vacuum cleaner suffers from an authenticated remote code execution vulnerability. An authenticated attacker can send a specially crafted UDP packet, and execute commands on the vacuum cleaner as root. The bug is in the function REQUEST_SET_WIFIPASSWD (UDP command 153). A crafted UDP packet runs "/mnt/skyeye/mode_switch.sh %s" with an attacker controlling the %s variable. In some cases, authentication can be achieved with the default password of 888888 for the admin account.2018-07-05not yet calculatedCVE-2018-10987
    MISC
    dongguan_diqee -- diqee360_devicesAn issue was discovered on Diqee Diqee360 devices. A firmware update process, integrated into the firmware, starts at boot and tries to find the update folder on the microSD card. It executes code, without a digital signature, as root from the /mnt/sdcard/$PRO_NAME/upgrade.sh or /sdcard/upgrage_360/upgrade.sh pathname.2018-07-05not yet calculatedCVE-2018-10988
    MISC
    ecessa_shieldlink -- sl175ehq_devicesECESSA ShieldLink SL175EHQ 10.7.4 devices have CSRF to add superuser accounts via the cgi-bin/pl_web.cgi/util_configlogin_act URI.2018-07-01not yet calculatedCVE-2018-13032
    EXPLOIT-DB
    entrust_datacard -- syntera_cs
     
    Entrust Datacard Syntera CS 5.x has XSS via the name field of "Domain or Computer Name" in the login page.2018-07-05not yet calculatedCVE-2018-13252
    MISC
    ethereum -- aichain_tokenThe mintToken function of a smart contract implementation for AIChain, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.2018-07-04not yet calculatedCVE-2018-13175
    MISC
    MISC
    ethereum -- air-contact_tokenThe mintToken function of a smart contract implementation for Air-Contact Token (AIR), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.2018-07-04not yet calculatedCVE-2018-13179
    MISC
    MISC
    ethereum -- alex_tokenThe mintToken function of a smart contract implementation for ALEX, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.2018-07-04not yet calculatedCVE-2018-13162
    MISC
    MISC
    ethereum -- appcoins_tokenThe mintToken function of a smart contract implementation for appcoins (APPC), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.2018-07-04not yet calculatedCVE-2018-13185
    MISC
    MISC
    ethereum -- assettokenThe mintToken function of a smart contract implementation for AssetToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.2018-07-04not yet calculatedCVE-2018-13158
    MISC
    MISC
    ethereum -- athleticoin_tokenThe mintToken function of a smart contract implementation for AthletiCoin (ATHA), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.2018-07-04not yet calculatedCVE-2018-13166
    MISC
    MISC
    ethereum -- atlant_tokenATLANT (ATL) is a smart contract running on Ethereum. The mint function has an integer overflow that allows minted tokens to be arbitrarily retrieved by the contract owner.2018-07-03not yet calculatedCVE-2018-11429
    MISC
    MISC
    ethereum -- azuriontokenThe mintToken function of a smart contract implementation for AzurionToken (AZU), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.2018-07-02not yet calculatedCVE-2018-13068
    MISC
    ethereum -- bankcoin_tokenThe mintToken function of a smart contract implementation for bankcoin (BNK), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.2018-07-04not yet calculatedCVE-2018-13159
    MISC
    MISC
    ethereum -- betcash_tokenThe mintToken function of a smart contract implementation for Betcash (BC), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.2018-07-02not yet calculatedCVE-2018-13076
    MISC
    ethereum -- bitotal_tokenBitotal (TFUND) is a smart contract running on Ethereum. The mintTokens function has an integer overflow that allows minted tokens to be arbitrarily retrieved by the contract owner.2018-07-03not yet calculatedCVE-2018-13130
    MISC
    MISC
    ethereum -- bittelux_tokenThe transfer and transferFrom functions of a smart contract implementation for Bittelux (BTX), an Ethereum token, have an integer overflow.2018-07-05not yet calculatedCVE-2018-13326
    MISC
    ethereum -- bonustokenThe mintToken function of a smart contract implementation for bonusToken (BNS), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.2018-07-04not yet calculatedCVE-2018-13156
    MISC
    MISC
    ethereum -- bzxcoin_tokenThe mintToken function of a smart contract implementation for bzxcoin (BZX), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.2018-07-04not yet calculatedCVE-2018-13172
    MISC
    MISC
    ethereum -- carbon_exchange_coin_tokenThe mintToken function of a smart contract implementation for Carbon Exchange Coin Token (CEC), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.2018-07-02not yet calculatedCVE-2018-13075
    MISC
    ethereum -- ccindex10_tokenThe mintToken function of a smart contract implementation for CCindex10 (T10), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.2018-07-02not yet calculatedCVE-2018-13071
    MISC
    ethereum -- chuchulingaigo_tokenThe transfer and transferFrom functions of a smart contract implementation for ChuCunLingAIGO (CCLAG), an Ethereum token, have an integer overflow.2018-07-05not yet calculatedCVE-2018-13327
    MISC
    ethereum -- cibn_live_tokenThe mintToken function of a smart contract implementation for CIBN Live Token (CIBN LIVE), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.2018-07-04not yet calculatedCVE-2018-13187
    MISC
    MISC
    ethereum -- coffeecoin_tokenThe mintToken function of a smart contract implementation for Coffeecoin (COFFEE), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.2018-07-02not yet calculatedCVE-2018-13072
    MISC
    ethereum -- coinstar_tokenThe mintToken function of a smart contract implementation for Coinstar (CSTR), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.2018-07-02not yet calculatedCVE-2018-13087
    MISC
    ethereum -- cointokenThe sell function of a smart contract implementation for CoinToken, an Ethereum token, has an integer overflow in which "amount * sellPrice" can be zero, consequently reducing a seller's assets.2018-07-04not yet calculatedCVE-2018-13217
    MISC
    MISC
    ethereum -- cranoo_tokenThe mintToken function of a smart contract implementation for Cranoo (CRN), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.2018-07-04not yet calculatedCVE-2018-13195
    MISC
    MISC
    ethereum -- crowdnext_tokenThe sell function of a smart contract implementation for Crowdnext (CNX), an Ethereum token, has an integer overflow in which "amount * sellPrice" can be zero, consequently reducing a seller's assets.2018-07-04not yet calculatedCVE-2018-13228
    MISC
    MISC
    ethereum -- cryptoabs_tokenThe mintToken function of a smart contract implementation for CryptoABS (ABS), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.2018-07-04not yet calculatedCVE-2018-13174
    MISC
    MISC
    ethereum -- cryptonitexcoin_tokenThe mintToken function of a smart contract implementation for CryptonitexCoin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.2018-07-04not yet calculatedCVE-2018-13157
    MISC
    MISC
    ethereum -- ctb_tokenThe mintToken function of a smart contract implementation for CTB, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.2018-07-02not yet calculatedCVE-2018-13077
    MISC
    ethereum -- dateme_tokenThe sell function of a smart contract implementation for DateMe (DMX) (Contract Name: ProgressiveToken), an Ethereum token, has an integer overflow in which "amount * sellPrice" can be zero, consequently reducing a seller's assets.2018-07-04not yet calculatedCVE-2018-13200
    MISC
    MISC
    ethereum -- destineed_tokenThe sell function of a smart contract implementation for DestiNeed (DSN), an Ethereum token, has an integer overflow in which "amount * sellPrice" can be zero, consequently reducing a seller's assets.2018-07-04not yet calculatedCVE-2018-13230
    MISC
    MISC
    ethereum -- dvchain_tokenThe mintToken function of a smart contract implementation for DVChain, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.2018-07-04not yet calculatedCVE-2018-13190
    MISC
    MISC
    ethereum -- dychain_tokenThe mintToken function of a smart contract implementation for DYchain (DYC), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.2018-07-02not yet calculatedCVE-2018-13069
    MISC
    ethereum -- easy_trading_tokenThe transfer and transferFrom functions of a smart contract implementation for Easy Trading Token (ETT), an Ethereum token, have an integer overflow.2018-07-03not yet calculatedCVE-2018-13113
    MISC
    ethereum -- ectoints_tokenThe mintToken function of a smart contract implementation for ECToints (ECT) (Contract Name: ECPoints), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.2018-07-04not yet calculatedCVE-2018-13178
    MISC
    MISC
    ethereum -- eliteshippertokenThe mintToken function of a smart contract implementation for EliteShipperToken (ESHIP), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.2018-07-04not yet calculatedCVE-2018-13173
    MISC
    MISC
    ethereum -- encryptedtokenThe mintToken function of a smart contract implementation for EncryptedToken (ECC), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.2018-07-02not yet calculatedCVE-2018-13070
    MISC
    ethereum -- enter_tokenThe sell function of a smart contract implementation for ENTER (ENTR) (Contract Name: EnterToken), an Ethereum token, has an integer overflow in which "amount * sellPrice" can be zero, consequently reducing a seller's assets.2018-07-04not yet calculatedCVE-2018-13231
    MISC
    MISC
    ethereum -- enter_tokenThe sell function of a smart contract implementation for ENTER (ENTR) (Contract Name: EnterCoin), an Ethereum token, has an integer overflow in which "amount * sellPrice" can be zero, consequently reducing a seller's assets.2018-07-04not yet calculatedCVE-2018-13232
    MISC
    MISC
    ethereum -- eppcoin_tokenThe mintToken function of a smart contract implementation for EPPCOIN (EPP), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.2018-07-04not yet calculatedCVE-2018-13164
    MISC
    MISC
    ethereum -- ethercash_tokenThe sell function of a smart contract implementation for ETHERCASH (ETC), an Ethereum token, has an integer overflow in which "amount * sellPrice" can be zero, consequently reducing a seller's assets.2018-07-04not yet calculatedCVE-2018-13204
    MISC
    MISC
    ethereum -- ethereum_cash_pro_tokenThe mintToken function of a smart contract implementation for Ethereum Cash Pro (ECP), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.2018-07-04not yet calculatedCVE-2018-13169
    MISC
    MISC
    ethereum -- ethereumblack_tokenThe mintToken function of a smart contract implementation for ETHEREUMBLACK (ETCBK), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.2018-07-02not yet calculatedCVE-2018-13073
    MISC
    ethereum -- ethereumblack_tokenThe sell function of a smart contract implementation for ETHEREUMBLACK (ETCBK), an Ethereum token, has an integer overflow in which "amount * sellPrice" can be zero, consequently reducing a seller's assets.2018-07-04not yet calculatedCVE-2018-13199
    MISC
    ethereum -- ethereumlegit_tokenThe sell function of a smart contract implementation for EthereumLegit, an Ethereum token, has an integer overflow in which "amount * sellPrice" can be zero, consequently reducing a seller's assets.2018-07-04not yet calculatedCVE-2018-13212
    MISC
    MISC
    ethereum -- ethernet_cash_tokenThe mintToken function of a smart contract implementation for Ethernet Cash (ENC), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.2018-07-04not yet calculatedCVE-2018-13163
    MISC
    MISC
    ethereum -- etherty_tokenEtherty Token (ETY) is a smart contract running on Ethereum. The mint function has an integer overflow that allows minted tokens to be arbitrarily retrieved by the contract owner.2018-07-03not yet calculatedCVE-2018-13128
    MISC
    MISC
    ethereum -- etktokensThe mintToken function of a smart contract implementation for etktokens (ETK), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.2018-07-04not yet calculatedCVE-2018-13160
    MISC
    MISC
    ethereum -- extreme_coin_tokenThe sell function of a smart contract implementation for Extreme Coin (XT) (Contract Name: ExtremeToken), an Ethereum token, has an integer overflow in which "amount * sellPrice" can be zero, consequently reducing a seller's assets.2018-07-04not yet calculatedCVE-2018-13221
    MISC
    MISC
    ethereum -- fibtokenThe mintToken function of a smart contract implementation for FIBToken (FIB), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.2018-07-02not yet calculatedCVE-2018-13074
    MISC
    ethereum -- freecoin_tokenThe mintToken function of a smart contract implementation for FreeCoin (FREE), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.2018-07-02not yet calculatedCVE-2018-13085
    MISC
    ethereum -- futures_pease_tokenThe mintToken function of a smart contract implementation for Futures Pease (FP), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.2018-07-02not yet calculatedCVE-2018-13088
    MISC
    ethereum -- gemchain_tokenThe mintToken function of a smart contract implementation for GEMCHAIN (GEM), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.2018-07-04not yet calculatedCVE-2018-13155
    MISC
    ethereum -- gmile_tokenThe sell function of a smart contract implementation for GMile, an Ethereum token, has an integer overflow in which "amount * sellPrice" can be zero, consequently reducing a seller's assets.2018-07-04not yet calculatedCVE-2018-13214
    MISC
    MISC
    ethereum -- go_ethereumThe GetBlockHeadersMsg handler in the LES protocol implementation in Go Ethereum (aka geth) before 1.8.11 may lead to an access violation because of an integer signedness error for the array index, which allows attackers to launch a Denial of Service attack by sending a packet with a -1 query.Skip value. The vulnerable remote node would be crashed by such an attack immediately, aka the EPoD (Ethereum Packet of Death) issue.2018-07-04not yet calculatedCVE-2018-12018
    MISC
    MISC
    MISC
    MISC
    ethereum -- good_time_coin_tokenThe mintToken function of a smart contract implementation for Good Time Coin (GTY), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.2018-07-02not yet calculatedCVE-2018-13084
    MISC
    ethereum -- goodto_tokenThe mintToken function of a smart contract implementation for GoodTo (GTO), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.2018-07-02not yet calculatedCVE-2018-13079
    MISC
    ethereum -- goutex_tokenThe mintToken function of a smart contract implementation for Goutex (GTX), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.2018-07-02not yet calculatedCVE-2018-13080
    MISC
    ethereum -- greenmed_tokenThe sell function of a smart contract implementation for GreenMed (GRMD), an Ethereum token, has an integer overflow in which "amount * sellPrice" can be zero, consequently reducing a seller's assets.2018-07-04not yet calculatedCVE-2018-13216
    MISC
    MISC
    ethereum -- growchain_tokenThe _sell function of a smart contract implementation for GROWCHAIN (GROW), an Ethereum token, has an integer overflow.2018-07-05not yet calculatedCVE-2018-13325
    MISC
    ethereum -- gsi_tokenThe sell function of a smart contract implementation for GSI, an Ethereum token, has an integer overflow in which "amount * sellPrice" can be zero, consequently reducing a seller's assets.2018-07-04not yet calculatedCVE-2018-13233
    MISC
    MISC
    ethereum -- gvtoken_genesis_visionGVToken Genesis Vision (GVT) is a smart contract running on Ethereum. The mint function has an integer overflow that allows minted tokens to be arbitrarily retrieved by the contract owner.2018-07-03not yet calculatedCVE-2018-11335
    MISC
    MISC
    ethereum -- gzs_tokenThe mintToken function of a smart contract implementation for GZS Token (GZS), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.2018-07-02not yet calculatedCVE-2018-13081
    MISC
    ethereum -- hentaisolo_tokenThe mintToken function of a smart contract implementation for hentaisolo (HAO), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.2018-07-04not yet calculatedCVE-2018-13193
    MISC
    MISC
    ethereum -- iadowr_coin_tokenThe mintToken function of a smart contract implementation for IADOWR Coin (IAD), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.2018-07-02not yet calculatedCVE-2018-13086
    MISC
    ethereum -- ico_dollar_tokenThe sell function of a smart contract implementation for ICO Dollar (ICOD), an Ethereum token, has an integer overflow in which "amount * sellPrice" can be zero, consequently reducing a seller's assets.2018-07-04not yet calculatedCVE-2018-13218
    MISC
    MISC
    ethereum -- imm_coin_tokenThe mintToken function of a smart contract implementation for IMM Coin (IMC), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.2018-07-04not yet calculatedCVE-2018-13180
    MISC
    MISC
    ethereum -- javaswaptest_tokenThe mintToken function of a smart contract implementation for JavaSwapTest (JST), an Ethereum token, has an integer overflow.2018-07-04not yet calculatedCVE-2018-13145
    MISC
    ethereum -- jitech_tokenThe mintToken function of a smart contract implementation for Jitech (JTH), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.2018-07-02not yet calculatedCVE-2018-13078
    MISC
    ethereum -- jobscoin_tokenThe mintToken function of a smart contract implementation for Jobscoin (JOB), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.2018-07-04not yet calculatedCVE-2018-13192
    MISC
    MISC
    ethereum -- justdcoin_tokenThe mintToken function of a smart contract implementation for JustDCoin (JustD), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.2018-07-04not yet calculatedCVE-2018-13165
    MISC
    MISC
    ethereum -- jwc_tokenThe mintToken function of a smart contract implementation for JWC, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.2018-07-04not yet calculatedCVE-2018-13183
    MISC
    MISC
    ethereum -- ladatoken_tokenThe mintToken function of a smart contract implementation for LadaToken (LDT), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.2018-07-04not yet calculatedCVE-2018-13171
    MISC
    MISC
    ethereum -- lef_tokenThe mintToken, buy, and sell functions of a smart contract implementation for LEF, an Ethereum token, have an integer overflow.2018-07-04not yet calculatedCVE-2018-13146
    MISC
    ethereum -- link_platform_tokenThe mint function of a smart contract implementation for Link Platform (LNK), an Ethereum ERC20 token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.2018-07-01not yet calculatedCVE-2018-13041
    MISC
    ethereum -- loncoin_tokenThe mintToken function of a smart contract implementation for loncoin (LON), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.2018-07-04not yet calculatedCVE-2018-13182
    MISC
    MISC
    ethereum -- mavcash_tokenThe sell function of a smart contract implementation for MAVCash, an Ethereum token, has an integer overflow in which "amount * sellPrice" can be zero, consequently reducing a seller's assets.2018-07-04not yet calculatedCVE-2018-13220
    MISC
    MISC
    ethereum -- miningrigrentals_tokenThe mintToken function of a smart contract implementation for MiningRigRentals Token (MRR), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.2018-07-04not yet calculatedCVE-2018-13177
    MISC
    MISC
    ethereum -- mmtcoin_tokenThe mintToken function of a smart contract implementation for MMTCoin (MMT), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.2018-07-04not yet calculatedCVE-2018-13186
    MISC
    MISC
    ethereum -- modi_tokenThe mintToken function of a smart contract implementation for MODI Token (MODI), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.2018-07-02not yet calculatedCVE-2018-13082
    MISC
    ethereum -- moneychainnet_tokenThe sell function of a smart contract implementation for MoneyChainNet (MCN), an Ethereum token, has an integer overflow in which "amount * sellPrice" can be zero, consequently reducing a seller's assets.2018-07-04not yet calculatedCVE-2018-13227
    MISC
    MISC

    ethereum -- moneytree_token

    The sell function of a smart contract implementation for MoneyTree (TREE), an Ethereum token, has an integer overflow in which "amount * sellPrice" can be zero, consequently reducing a seller's assets.2018-07-04not yet calculatedCVE-2018-13208
    MISC
    MISC
    ethereum -- moxyonepresaleMoxyOnePresale is a smart contract running on Ethereum. The mint function has an integer overflow that allows minted tokens to be arbitrarily retrieved by the contract owner.2018-07-03not yet calculatedCVE-2018-13126
    MISC
    MISC
    ethereum -- multigames_tokenThe mintToken function of a smart contract implementation for MultiGames (MLT), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.2018-07-04not yet calculatedCVE-2018-13161
    MISC
    MISC
    ethereum -- mybo_tokenThe sell function of a smart contract implementation for MyBO, an Ethereum token, has an integer overflow in which "amount * sellPrice" can be zero, consequently reducing a seller's assets.2018-07-04not yet calculatedCVE-2018-13202
    MISC
    MISC
    ethereum -- mybo_tokenThe mintToken function of a smart contract implementation for MyBO, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.2018-07-04not yet calculatedCVE-2018-13188
    MISC
    MISC
    ethereum -- mytokenThe sell function of a smart contract implementation for MyToken, an Ethereum token, has an integer overflow in which "amount * sellPrice" can be zero, consequently reducing a seller's assets.2018-07-04not yet calculatedCVE-2018-13211
    MISC
    MISC
    ethereum -- myylc_tokenThe sell function of a smart contract implementation for MyYLC, an Ethereum token, has an integer overflow in which "amount * sellPrice" can be zero, consequently reducing a seller's assets.2018-07-04not yet calculatedCVE-2018-13225
    MISC
    MISC
    ethereum -- nectar_tokenThe sell function of a smart contract implementation for Nectar (NCTR), an Ethereum token, has an integer overflow in which "amount * sellPrice" can be zero, consequently reducing a seller's assets.2018-07-04not yet calculatedCVE-2018-13209
    MISC
    MISC
    ethereum -- objecttoken_tokenThe sell function of a smart contract implementation for ObjectToken (OBJ), an Ethereum token, has an integer overflow in which "amount * sellPrice" can be zero, consequently reducing a seller's assets.2018-07-04not yet calculatedCVE-2018-13222
    MISC
    MISC
    ethereum -- ohni_2_tokenThe sell function of a smart contract implementation for ohni_2 (OHNI), an Ethereum token, has an integer overflow in which "amount * sellPrice" can be zero, consequently reducing a seller's assets.2018-07-04not yet calculatedCVE-2018-13205
    MISC
    MISC
    ethereum -- pandora_tokenThe transfer and transferFrom functions of a smart contract implementation for Pandora (PDX), an Ethereum token, have an integer overflow.2018-07-04not yet calculatedCVE-2018-13144
    MISC
    ethereum -- pfgc_tokenThe transfer, transferFrom, and mint functions of a smart contract implementation for PFGc, an Ethereum token, have an integer overflow.2018-07-05not yet calculatedCVE-2018-13328
    MISC
    ethereum -- plaza_tokenThe mintToken function of a smart contract implementation for Plaza Token (PLAZA), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.2018-07-02not yet calculatedCVE-2018-13083
    MISC
    ethereum -- porncoin_tokenThe sell function of a smart contract implementation for PornCoin (PRNC), an Ethereum token, has an integer overflow in which "amount * sellPrice" can be zero, consequently reducing a seller's assets.2018-07-04not yet calculatedCVE-2018-13207
    MISC
    MISC
    ethereum -- providence_crypto_casino_tokenThe sell function of a smart contract implementation for Providence Crypto Casino (PVE) (Contract Name: ProvidenceCasinoToken), an Ethereum token, has an integer overflow in which "amount * sellPrice" can be zero, consequently reducing a seller's assets.2018-07-04not yet calculatedCVE-2018-13210
    MISC
    MISC
    ethereum -- providencecasino_tokenThe sell function of a smart contract implementation for ProvidenceCasino (PVE), an Ethereum token, has an integer overflow in which "amount * sellPrice" can be zero, consequently reducing a seller's assets.2018-07-04not yet calculatedCVE-2018-13206
    MISC
    MISC
    ethereum -- r_time_tokenThe sell function of a smart contract implementation for R Time Token v3 (RS) (Contract Name: RTokenMain), an Ethereum token, has an integer overflow in which "amount * sellPrice" can be zero, consequently reducing a seller's assets.2018-07-04not yet calculatedCVE-2018-13223
    MISC
    MISC
    ethereum -- reimburse_tokenThe mintToken function of a smart contract implementation for Reimburse Token (REIM), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.2018-07-02not yet calculatedCVE-2018-13092
    MISC
    ethereum -- ribtidecoin_tokenThe sell function of a smart contract implementation for RiptideCoin (RIPT), an Ethereum token, has an integer overflow in which "amount * sellPrice" can be zero, consequently reducing a seller's assets.2018-07-04not yet calculatedCVE-2018-13229
    MISC
    MISC
    ethereum -- sample_tokenThe sell function of a smart contract implementation for Sample Token (STK) (Contract Name: cashBackMintable), an Ethereum token, has an integer overflow in which "amount * sellPrice" can be zero, consequently reducing a seller's assets.2018-07-04not yet calculatedCVE-2018-13215
    MISC
    MISC
    ethereum -- snoqualmie_coin_tokenThe mintToken function of a smart contract implementation for Snoqualmie Coin (SNOW), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.2018-07-04not yet calculatedCVE-2018-13170
    MISC
    MISC
    ethereum -- sp8de_presale_tokenSP8DE PreSale Token (DSPX) is a smart contract running on Ethereum. The mint function has an integer overflow that allows minted tokens to be arbitrarily retrieved by the contract owner.2018-07-03not yet calculatedCVE-2018-13127
    MISC
    MISC
    ethereum -- sp8de_tokenSP8DE Token (SPX) is a smart contract running on Ethereum. The mint function has an integer overflow that allows minted tokens to be arbitrarily retrieved by the contract owner.2018-07-03not yet calculatedCVE-2018-13129
    MISC
    ethereum -- spadeicoSpadeico is a smart contract running on Ethereum. The mint function has an integer overflow that allows minted tokens to be arbitrarily retrieved by the contract owner.2018-07-03not yet calculatedCVE-2018-13132
    MISC
    MISC
    ethereum -- spadepresaleSpadePreSale is a smart contract running on Ethereum. The mint function has an integer overflow that allows minted tokens to be arbitrarily retrieved by the contract owner.2018-07-03not yet calculatedCVE-2018-13131
    MISC
    MISC
    ethereum -- stex_exchange_ico_tokenThe sell function of a smart contract implementation for STeX Exchange ICO (STE), an Ethereum token, has an integer overflow in which "amount * sellPrice" can be zero, consequently reducing a seller's assets.2018-07-04not yet calculatedCVE-2018-13198
    MISC
    MISC
    ethereum -- sumocoin_tokenThe mintToken function of a smart contract implementation for sumocoin (SUMO), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.2018-07-02not yet calculatedCVE-2018-13091
    MISC
    ethereum -- super_carbon_coin_tokenThe mintToken function of a smart contract implementation for Super Carbon Coin (SCC), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.2018-07-04not yet calculatedCVE-2018-13191
    MISC
    MISC
    ethereum -- swaptoken_tokenThe sellBuyerTokens function of a smart contract implementation for SwapToken, an Ethereum token, has an integer overflow in which "amount * sellPrice" can be zero, consequently reducing a seller's assets.2018-07-04not yet calculatedCVE-2018-13203
    MISC
    MISC
    ethereum -- t-swap-tokenThe sell function of a smart contract implementation for T-Swap-Token (T-S-T), an Ethereum token, has an integer overflow in which "amount * sellPrice" can be zero, consequently reducing a seller's assets.2018-07-04not yet calculatedCVE-2018-13196
    MISC
    MISC
    ethereum -- titok-ticket_tokenThe sell function of a smart contract implementation for TiTok - Ticket Token (Contract Name: MyAdvancedToken7), an Ethereum token, has an integer overflow in which "amount * sellPrice" can be zero, consequently reducing a seller's assets.2018-07-04not yet calculatedCVE-2018-13201
    MISC
    MISC
    ethereum -- tongtong_coin_tokenThe mintToken function of a smart contract implementation for TongTong Coin (TTCoin), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.2018-07-04not yet calculatedCVE-2018-13194
    MISC
    MISC
    ethereum -- travelcoin_tokenThe sell function of a smart contract implementation for TravelCoin (TRV), an Ethereum token, has an integer overflow in which "amount * sellPrice" can be zero, consequently reducing a seller's assets.2018-07-04not yet calculatedCVE-2018-13213
    MISC
    MISC
    ethereum -- travelzedi_tokenThe mintToken function of a smart contract implementation for TravelZedi Token (ZEDI), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.2018-07-04not yet calculatedCVE-2018-13184
    MISC
    MISC
    ethereum -- troo_tokenThe mintToken function of a smart contract implementation for Troo, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.2018-07-04not yet calculatedCVE-2018-13181
    MISC
    MISC
    ethereum -- trust_zen_tokenThe mintToken function of a smart contract implementation for Trust Zen Token (ZEN), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.2018-07-04not yet calculatedCVE-2018-13176
    MISC
    MISC
    ethereum -- universal_coin_tokenThe mintToken function of a smart contract implementation for Universal Coin (UCOIN), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.2018-07-02not yet calculatedCVE-2018-13089
    MISC
    ethereum -- unolabo_tokenThe mint function of a smart contract implementation for Unolabo (UNLB), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.2018-07-04not yet calculatedCVE-2018-13189
    MISC
    MISC
    ethereum -- virtual_energy_units_tokenThe sell function of a smart contract implementation for Virtual Energy Units (VEU) (Contract Name: VEU_TokenERC20), an Ethereum token, has an integer overflow in which "amount * sellPrice" can be zero, consequently reducing a seller's assets.2018-07-04not yet calculatedCVE-2018-13224
    MISC
    MISC
    ethereum -- welfare_token_fund_tokenThe sell function of a smart contract implementation for Welfare Token Fund (WTF), an Ethereum token, has an integer overflow in which "amount * sellPrice" can be zero, consequently reducing a seller's assets.2018-07-04not yet calculatedCVE-2018-13197
    MISC
    MISC
    ethereum -- yitongcoin_tokenThe mintToken function of a smart contract implementation for YiTongCoin (YTC), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.2018-07-02not yet calculatedCVE-2018-13090
    MISC
    ethereum -- ylctokenThe sell function of a smart contract implementation for YLCToken, an Ethereum token, has an integer overflow in which "amount * sellPrice" can be zero, consequently reducing a seller's assets.2018-07-04not yet calculatedCVE-2018-13226
    MISC
    MISC
    ethereum -- yourcoin_tokenThe sell function of a smart contract implementation for YourCoin (ICO) (Contract Name: ETH033), an Ethereum token, has an integer overflow in which "amount * sellPrice" can be zero, consequently reducing a seller's assets.2018-07-04not yet calculatedCVE-2018-13219
    MISC
    MISC
    ethereum -- yu_gi_oh_tokenThe mintToken function of a smart contract implementation for Yu Gi Oh (YGO) (Contract Name: NetkillerBatchToken), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.2018-07-04not yet calculatedCVE-2018-13168
    MISC
    MISC
    ethereum -- yu_gi_oh_tokenThe mintToken function of a smart contract implementation for Yu Gi Oh (YGO), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.2018-07-04not yet calculatedCVE-2018-13167
    MISC
    MISC
    fast-cpp-csv-parser -- fast-cpp-csv-parserFast C++ CSV Parser (aka fast-cpp-csv-parser) before 2018-07-06 has a heap-based buffer over-read in io::trim_chars in csv.h.2018-07-07not yet calculatedCVE-2018-13421
    MISC
    ffmpeg -- ffmpegIn FFmpeg 4.0.1, due to a missing check of a profile value before setting it, the ff_mpeg4_decode_picture_header function in libavcodec/mpeg4videodec.c may trigger a NULL pointer dereference while converting a crafted AVI file to MPEG4, leading to a denial of service.2018-07-05not yet calculatedCVE-2018-13301
    MISC
    ffmpeg -- ffmpegIn libavcodec in FFmpeg 4.0.1, improper maintenance of the consistency between the context profile field and studio_profile in libavcodec may trigger an assertion failure while converting a crafted AVI file to MPEG4, leading to a denial of service, related to error_resilience.c, h263dec.c, and mpeg4videodec.c.2018-07-05not yet calculatedCVE-2018-13304
    MISC
    ffmpeg -- ffmpegIn FFmpeg 4.0.1, improper handling of frame types (other than EAC3_FRAME_TYPE_INDEPENDENT) that have multiple independent substreams in the handle_eac3 function in libavformat/movenc.c may trigger an out-of-array access while converting a crafted AVI file to MPEG4, leading to a denial of service or possibly unspecified other impact.2018-07-05not yet calculatedCVE-2018-13302
    MISC
    ffmpeg -- ffmpeg
     
    In FFmpeg 4.0.1, due to a missing check for negative values of the mquant variable, the vc1_put_blocks_clamped function in libavcodec/vc1_block.c may trigger an out-of-array access while converting a crafted AVI file to MPEG4, leading to an information disclosure or a denial of service.2018-07-05not yet calculatedCVE-2018-13305
    MISC
    ffmpeg -- ffmpeg
     
    In FFmpeg 4.0.1, a missing check for failure of a call to init_get_bits8() in the avpriv_ac3_parse_header function in libavcodec/ac3_parser.c may trigger a NULL pointer dereference while converting a crafted AVI file to MPEG4, leading to a denial of service.2018-07-05not yet calculatedCVE-2018-13303
    MISC
    ffmpeg -- ffmpeg
     
    In FFmpeg 4.0.1, an improper argument (AVCodecParameters) passed to the avpriv_request_sample function in the handle_eac3 function in libavformat/movenc.c may trigger an out-of-array read while converting a crafted AVI file to MPEG4, leading to a denial of service and possibly an information disclosure.2018-07-05not yet calculatedCVE-2018-13300
    MISC
    fortinet -- fortios
     
    An information disclosure vulnerability in Fortinet FortiOS 6.0.0 and below versions reveals user's web portal login credentials in a Javascript file sent to client-side when pages bookmarked in web portal use the Single Sign-On feature.2018-07-05not yet calculatedCVE-2018-9185
    BID
    SECTRACK
    CONFIRM
    gitlab -- community_and_enterprise_editionsGitLab Community and Enterprise Editions before 10.1.6, 10.2.6, and 10.3.4 are vulnerable to an unverified password change issue in the PasswordsController component resulting in potential account takeover if a victim's session is compromised.2018-07-03not yet calculatedCVE-2017-0921
    MISC

    gitlab -- community_and_enterprise_editions

    GitLab Community and Enterprise Editions before 10.1.6, 10.2.6, and 10.3.4 are vulnerable to an authorization bypass issue in the GitLab import component resulting in an attacker being able to perform operations under a group in which they were previously unauthorized.2018-07-03not yet calculatedCVE-2017-0919
    MISC
    glance -- glanceThere is a Stored XSS vulnerability in the glance node module versions <= 3.0.5. File name, which contains malicious HTML (eg. embedded iframe element or javascript: pseudo-protocol handler in <a> element) allows to execute JavaScript code against any user who opens a directory listing containing such crafted file name.2018-07-03not yet calculatedCVE-2018-3748
    MISC
    gleez_cms -- gleez_cmsGleez CMS 1.2.0 has CSRF, as demonstrated by a /page/add request.2018-07-05not yet calculatedCVE-2018-13340
    MISC
    glpi -- glpi
     
    The constructSQL function in inc/search.class.php in GLPI 9.2.x through 9.3.0 allows SQL Injection, as demonstrated by triggering a crafted LIMIT clause to front/computer.php.2018-07-02not yet calculatedCVE-2018-13049
    CONFIRM
    gnu -- binutils
     
    The Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.30, allows remote attackers to cause a denial of service (excessive memory allocation and application crash) via a crafted ELF file, as demonstrated by _bfd_elf_parse_attributes in elf-attrs.c and bfd_malloc in libbfd.c. This can occur during execution of nm.2018-07-01not yet calculatedCVE-2018-13033
    BID
    MISC
    golang -- go_doc_dot_orgIn Go Doc Dot Org (gddo) through 2018-06-27, an attacker could use specially crafted <go-import> tags in packages being fetched by gddo to cause a directory traversal and remote code execution.2018-07-05not yet calculatedCVE-2018-12976
    CONFIRM
    MLIST
    golden_frog -- vyprvpn
     
    Golden Frog VyprVPN before 2018-06-21 has a vulnerability associated with the installation process on Windows.2018-07-04not yet calculatedCVE-2018-13133
    MISC
    MISC
    htcondor -- htcondor
     
    The condor_schedd component in HTCondor before 8.6.8 and 8.7.x before 8.7.5 allows remote authenticated users to cause a denial of service (daemon crash) by leveraging use of GSI and VOMS extensions.2018-07-05not yet calculatedCVE-2017-16816
    CONFIRM
    MLIST
    huawei -- emily-al00a_smart_phones
     
    Huawei smart phones Emily-AL00A with software 8.1.0.106(SP2C00) and 8.1.0.107(SP5C00) have a Factory Reset Protection (FRP) bypass vulnerability. An attacker gets some user's smart phone and performs some special operations in the guide function. The attacker may exploit the vulnerability to bypass FRP function and use the phone normally.2018-07-05not yet calculatedCVE-2018-7944
    CONFIRM
    huawei -- mate_9_pro_smart_phones
     
    Short Message Service (SMS) module of Mate 9 Pro Huawei smart phones with the versions before LON-AL00B 8.0.0.354(C00) has a Denial of Service (DoS) vulnerability. An unauthenticated attacker may set up a pseudo base station, and send special malware text message to the phone, causing the mobile phone to fail to make calls and send and receive text messages.2018-07-02not yet calculatedCVE-2017-17175
    CONFIRM
    huawei -- multiple_devicesCommon Open Policy Service Protocol (COPS) module in Huawei USG6300 V100R001C10; V100R001C20; V100R001C30; V500R001C00; V500R001C20; V500R001C30; V500R001C50; Secospace USG6500 V100R001C10; V100R001C20; V100R001C30; V500R001C00; V500R001C20; V500R001C30; V500R001C50; Secospace USG6600 V100R001C00; V100R001C20; V100R001C30; V500R001C00; V500R001C20; V500R001C30; V500R001C50; TE30 V100R001C02; V100R001C10; V500R002C00; V600R006C00; TE40 V500R002C00; V600R006C00; TE50 V500R002C00; V600R006C00; TE60 V100R001C01; V100R001C10; V500R002C00; V600R006C00 has a buffer overflow vulnerability. An unauthenticated, remote attacker has to control the peer device and send specially crafted message to the affected products. Due to insufficient input validation, successful exploit may cause some services abnormal.2018-07-02not yet calculatedCVE-2017-17317
    CONFIRM
    huawei -- multiple_devicesHuawei DP300 V500R002C00; RP200 V500R002C00; V600R006C00; TE30 V100R001C10; V500R002C00; V600R006C00; TE40 V500R002C00; V600R006C00; TE50 V500R002C00; V600R006C00; TE60 V100R001C10; V500R002C00; V600R006C00 have an out-of-bounds read vulnerability. An unauthenticated, remote attacker has to control the peer device and craft the Signalling Connection Control Part (SCCP) messages to the target devices. Due to insufficient input validation of some values in the messages, successful exploit will cause out-of-bounds read and some services abnormal.2018-07-02not yet calculatedCVE-2017-17316
    CONFIRM
    ibm -- api_connectIBM API Connect 5.0.0.0 through 5.0.8.3 could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security. An attacker could exploit this vulnerability to obtain sensitive information using man in the middle techniques. IBM X-Force ID: 142650.2018-07-06not yet calculatedCVE-2018-1546
    XF
    CONFIRM
    ibm -- doors_next_generation
     
    IBM DOORS Next Generation (DNG/RRC) 5.0 through 5.0.2 and 6.0 through 6.0.5 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 141097.2018-07-06not yet calculatedCVE-2018-1494
    CONFIRM
    XF
    ibm -- filenet_content_managerIBM FileNet Content Manager 5.2.1 and 5.5.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 142893.2018-07-06not yet calculatedCVE-2018-1556
    CONFIRM
    SECTRACK
    XF
    ibm -- filenet_content_managerIBM FileNet Content Manager 5.2.1 and 5.5.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 142892.2018-07-06not yet calculatedCVE-2018-1555
    CONFIRM
    SECTRACK
    XF

    ibm -- jazz_foundation

    IBM Jazz Foundation products could allow an authenticated user to obtain sensitive information from a stack trace that could be used to aid future attacks. IBM X-Force ID: 129719.2018-07-06not yet calculatedCVE-2017-1509
    XF
    CONFIRM

    ibm -- jazz_foundation

    An undisclosed vulnerability in Jazz common products exists with potential for information disclosure. IBM X-Force ID: 128627.2018-07-06not yet calculatedCVE-2017-1488
    XF
    CONFIRM

    ibm -- jazz_foundation

    IBM Jazz based applications are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 124355.2018-07-06not yet calculatedCVE-2017-1237
    XF
    CONFIRM
    ibm -- multiple_productsIBM FileNet Content Manager, IBM Content Foundation, and IBM Case Foundation Administration Console for Content Platform Engine (ACCE) 5.2.1 and 5.5.0 are vulnerable to a XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 142597.2018-07-06not yet calculatedCVE-2018-1542
    CONFIRM
    SECTRACK
    XF
    ibm -- planning_analyticsIBM Planning Analytics 2.0.0 through 2.0.4 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 145118.2018-07-06not yet calculatedCVE-2018-1676
    CONFIRM
    XF
    ibm -- quality_managerIBM Quality Manager (RQM) 5.0.x and 6.0 through 6.0.5 are vulnerable to HTML injection. A remote attacker could inject malicious HTML code, which when viewed, would be executed in the victim's Web browser within the security context of the hosting site. IBM X-Force ID: 126231.2018-07-06not yet calculatedCVE-2017-1329
    CONFIRM
    XF
    ibm -- quality_managerIBM Quality Manager (RQM) 5.0.x and 6.0 through 6.0.5 are vulnerable to HTML injection. A remote attacker could inject malicious HTML code, which when viewed, would be executed in the victim's Web browser within the security context of the hosting site. IBM X-Force ID: 124628.2018-07-06not yet calculatedCVE-2017-1248
    CONFIRM
    XF
    ibm -- quality_managerIBM Quality Manager (RQM) 5.0.x and 6.0 through 6.0.5 are vulnerable to HTML injection. A remote attacker could inject malicious HTML code, which when viewed, would be executed in the victim's Web browser within the security context of the hosting site. IBM X-Force ID: 124524.2018-07-06not yet calculatedCVE-2017-1242
    CONFIRM
    XF
    ibm -- quality_managerIBM Quality Manager (RQM) 5.0.x and 6.0 through 6.0.5 could reveal sensitive information in HTTP 500 Internal Server Error responses. IBM X-Force ID: 124357.2018-07-06not yet calculatedCVE-2017-1239
    CONFIRM
    XF
    ibm -- quality_managerIBM Quality Manager (RQM) 5.0.x and 6.0 through 6.0.5 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 124356.2018-07-06not yet calculatedCVE-2017-1238
    CONFIRM
    XF
    ibm -- quality_manager_and_rational_collaborative_lifecycle_managementIBM Rational Quality Manager and IBM Rational Collaborative Lifecycle Management 5.0 through 5.0.2 and 6.0 through 6.0.5 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 132493.2018-07-03not yet calculatedCVE-2017-1592
    XF
    CONFIRM
    ibm -- quality_manager_and_rational_collaborative_lifecycle_managementIBM Rational Quality Manager and IBM Rational Collaborative Lifecycle Management 5.0 through 5.0.2 and 6.0 through 6.0.5 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 131778.2018-07-03not yet calculatedCVE-2017-1568
    XF
    CONFIRM
    ibm -- quality_manager_and_rational_collaborative_lifecycle_managementIBM Rational Quality Manager and IBM Rational Collaborative Lifecycle Management 5.0 through 5.0.2 and 6.0 through 6.0.5 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 131765.2018-07-03not yet calculatedCVE-2017-1565
    XF
    CONFIRM
    ibm -- quality_manager_and_rational_collaborative_lifecycle_managementIBM Rational Quality Manager and IBM Rational Collaborative Lifecycle Management 5.0 through 5.0.2 and 6.0 through 6.0.5 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 131760.2018-07-03not yet calculatedCVE-2017-1561
    XF
    CONFIRM
    ibm -- quality_manager_and_rational_collaborative_lifecycle_managementIBM Rational Quality Manager and IBM Rational Collaborative Lifecycle Management 5.0 through 5.0.2 and 6.0 through 6.0.5 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 125161.2018-07-03not yet calculatedCVE-2017-1299
    XF
    CONFIRM
    ibm -- quality_manager_and_rational_collaborative_lifecycle_managementIBM Rational Quality Manager and IBM Rational Collaborative Lifecycle Management 5.0 through 5.0.2 and 6.0 through 6.0.5 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 124752.2018-07-03not yet calculatedCVE-2017-1277
    XF
    CONFIRM
    ibm -- quality_manager_and_rational_collaborative_lifecycle_managementIBM Rational Quality Manager and IBM Rational Collaborative Lifecycle Management 5.0 through 5.0.2 and 6.0 through 6.0.5 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 134066.2018-07-03not yet calculatedCVE-2017-1691
    XF
    CONFIRM
    ibm -- quality_manager_and_rational_collaborative_lifecycle_managementIBM Rational Quality Manager and IBM Rational Collaborative Lifecycle Management 5.0 through 5.0.2 and 6.0 through 6.0.5 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 131764.2018-07-03not yet calculatedCVE-2017-1564
    XF
    CONFIRM
    ibm -- quality_manager_and_rational_collaborative_lifecycle_managementIBM Rational Quality Manager and IBM Rational Collaborative Lifecycle Management 5.0 through 5.0.2 and 6.0 through 6.0.5 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 125729.2018-07-03not yet calculatedCVE-2017-1317
    XF
    CONFIRM
    ibm -- quality_manager_and_rational_collaborative_lifecycle_managementIBM Rational Quality Manager and IBM Rational Collaborative Lifecycle Management 5.0 through 5.0.2 and 6.0 through 6.0.5 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 134065.2018-07-03not yet calculatedCVE-2017-1690
    XF
    CONFIRM
    ibm -- quality_manager_and_rational_collaborative_lifecycle_managementIBM Rational Quality Manager and IBM Rational Collaborative Lifecycle Management 5.0 through 5.0.2 and 6.0 through 6.0.5 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 125724.2018-07-03not yet calculatedCVE-2017-1313
    XF
    CONFIRM
    ibm -- quality_manager_and_rational_collaborative_lifecycle_managementIBM Rational Quality Manager and IBM Rational Collaborative Lifecycle Management 5.0 through 5.0.2 and 6.0 through 6.0.5 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 125155.2018-07-03not yet calculatedCVE-2017-1294
    XF
    CONFIRM
    ibm -- quality_manager_and_rational_collaborative_lifecycle_managementIBM Rational Quality Manager and IBM Rational Collaborative Lifecycle Management 5.0 through 5.0.2 and 6.0 through 6.0.5 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 133263.2018-07-03not yet calculatedCVE-2017-1652
    XF
    CONFIRM
    ibm -- quality_manager_and_rational_collaborative_lifecycle_managementIBM Rational Quality Manager and IBM Rational Collaborative Lifecycle Management 5.0 through 5.0.2 and 6.0 through 6.0.5 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 125154.2018-07-03not yet calculatedCVE-2017-1293
    XF
    CONFIRM
    ibm -- quality_manager_and_rational_collaborative_lifecycle_managementIBM Rational Quality Manager and IBM Rational Collaborative Lifecycle Management 5.0 through 5.0.2 and 6.0 through 6.0.5 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force 124630.2018-07-03not yet calculatedCVE-2017-1250
    XF
    CONFIRM
    ibm -- quality_manager_and_rational_collaborative_lifecycle_managementIBM Rational Quality Manager and IBM Rational Collaborative Lifecycle Management 5.0 through 5.0.2 and 6.0 through 6.0.5 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 124759.2018-07-03not yet calculatedCVE-2017-1281
    XF
    CONFIRM
    ibm -- quality_manager_and_rational_collaborative_lifecycle_managementIBM Rational Quality Manager and IBM Rational Collaborative Lifecycle Management 5.0 through 5.0.2 and 6.0 through 6.0.5 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 132928.2018-07-03not yet calculatedCVE-2017-1608
    XF
    CONFIRM
    ibm -- quality_manager_and_rational_collaborative_lifecycle_managementIBM Rational Quality Manager and IBM Rational Collaborative Lifecycle Management 5.0 through 5.0.2 and 6.0 through 6.0.5 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 124750.2018-07-03not yet calculatedCVE-2017-1275
    XF
    CONFIRM
    ibm -- quality_manager_and_rational_collaborative_lifecycle_managementIBM Rational Quality Manager and IBM Rational Collaborative Lifecycle Management 5.0 through 5.0.2 and 6.0 through 6.0.5 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 125460.2018-07-03not yet calculatedCVE-2017-1306
    XF
    CONFIRM
    ibm -- quality_manager_and_rational_collaborative_lifecycle_managementIBM Rational Quality Manager and IBM Rational Collaborative Lifecycle Management 5.0 through 5.0.2 and 6.0 through 6.0.5 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 133261.2018-07-03not yet calculatedCVE-2017-1651
    XF
    CONFIRM
    ibm -- quality_manager_and_rational_collaborative_lifecycle_managementIBM Rational Quality Manager and IBM Rational Collaborative Lifecycle Management 5.0 through 5.0.2 and 6.0 through 6.0.5 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 125728.2018-07-03not yet calculatedCVE-2017-1316
    XF
    CONFIRM
    ibm -- quality_manager_and_rational_collaborative_lifecycle_managementIBM Rational Quality Manager and IBM Rational Collaborative Lifecycle Management 5.0 through 5.0.2 and 6.0 through 6.0.5 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 124758.2018-07-03not yet calculatedCVE-2017-1280
    XF
    CONFIRM
    ibm -- quality_manager_and_rational_collaborative_lifecycle_managementIBM Rational Quality Manager and IBM Rational Collaborative Lifecycle Management 5.0 through 5.0.2 and 6.0 through 6.0.5 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 125727.2018-07-03not yet calculatedCVE-2017-1315
    XF
    CONFIRM
    ibm -- quality_manager_and_rational_collaborative_lifecycle_managementIBM Rational Quality Manager and IBM Rational Collaborative Lifecycle Management 5.0 through 5.0.2 and 6.0 through 6.0.5 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 134796.2018-07-03not yet calculatedCVE-2017-1717
    XF
    CONFIRM
    ibm -- quality_manager_and_rational_collaborative_lifecycle_managementIBM Rational Quality Manager and IBM Rational Collaborative Lifecycle Management 5.0 through 5.0.2 and 6.0 through 6.0.5 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 133088.2018-07-03not yet calculatedCVE-2017-1621
    XF
    CONFIRM
    ibm -- quality_manager_and_rational_collaborative_lifecycle_managementIBM Rational Quality Manager and IBM Rational Collaborative Lifecycle Management 5.0 through 5.0.2 and 6.0 through 6.0.5 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 125723.2018-07-03not yet calculatedCVE-2017-1312
    XF
    CONFIRM
    ibm -- quality_manager_and_rational_collaborative_lifecycle_managementIBM Rational Quality Manager and IBM Rational Collaborative Lifecycle Management 5.0 through 5.0.2 and 6.0 through 6.0.5 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 131761.2018-07-03not yet calculatedCVE-2017-1562
    XF
    CONFIRM
    ibm -- quality_manager_and_rational_collaborative_lifecycle_managementIBM Rational Quality Manager and IBM Rational Collaborative Lifecycle Management 5.0 through 5.0.2 and 6.0 through 6.0.5 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 134637.2018-07-03not yet calculatedCVE-2017-1715
    XF
    CONFIRM
    ibm -- quality_manager_and_rational_collaborative_lifecycle_managementIBM Rational Quality Manager and IBM Rational Collaborative Lifecycle Management 5.0 through 5.0.2 and 6.0 through 6.0.5 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 125725.2018-07-03not yet calculatedCVE-2017-1314
    XF
    CONFIRM
    ibm -- rational_productsMultiple IBM Rational products could disclose sensitive information by an attacker that intercepts vulnerable requests. IBM X-Force ID: 131758.2018-07-06not yet calculatedCVE-2017-1559
    XF
    CONFIRM
    ibm -- websphere_application_serverIBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 could allow a local attacker to obtain clear text password in a trace file caused by improper handling of some datasource custom properties. IBM X-Force ID: 144346.2018-07-06not yet calculatedCVE-2018-1621
    CONFIRM
    SECTRACK
    XF
    ibm -- websphere_mqIBM WebSphere MQ 7.5, 8.0, and 9.0 through 9.0.4 could allow a local user to obtain highly sensitive information via trace logs in IBM WebSphere MQ Managed File Transfer. IBM X-Force ID: 137042.2018-07-06not yet calculatedCVE-2017-1795
    CONFIRM
    XF
    imagemagick -- imagemagick
     
    In ImageMagick 7.0.8-4, there is a memory leak in the XMagickCommand function in MagickCore/animate.c.2018-07-04not yet calculatedCVE-2018-13153
    SECTRACK
    CONFIRM
    intex -- n150_devicesAn issue was discovered on Intex N150 devices. The backup/restore option does not check the file extension uploaded for importing a configuration files backup, which can lead to corrupting the router firmware settings or even the uploading of malicious files. In order to exploit the vulnerability, an attacker can upload any malicious file and force reboot the router with it.2018-07-02not yet calculatedCVE-2018-12528
    MISC
    EXPLOIT-DB
    intex -- n150_devices
     
    An issue was discovered on Intex N150 devices. The router firmware suffers from multiple CSRF injection point vulnerabilities including changing user passwords and router settings.2018-07-02not yet calculatedCVE-2018-12529
    MISC
    EXPLOIT-DB
    invoiceplane -- invoiceplaneAn XSS issue was discovered in InvoicePlane 1.5.10 via the "Quote PDF Password(Optional)" field.2018-07-03not yet calculatedCVE-2018-12255
    MISC
    MISC

    j2_innovations -- fin_stack

    In J2 Innovations FIN Stack 4.0, the authentication webform is vulnerable to reflected XSS via the query string to /auth/ariosa/login.2018-07-05not yet calculatedCVE-2017-11175
    MISC
    jirafeau -- jirafeauA CSRF issue was discovered in Jirafeau before 3.4.1. The "delete file" feature on the admin panel is not protected against automated requests and could be abused.2018-07-06not yet calculatedCVE-2018-13407
    MISC
    jirafeau -- jirafeauscript.php in Jirafeau before 3.4.1 is affected by two stored Cross-Site Scripting (XSS) vulnerabilities. These are stored within the shared files description file and allow the execution of a JavaScript payload each time an administrator searches or lists uploaded files. These two injections could be triggered without authentication, and target the administrator. The attack vectors are the Content-Type field and the filename parameter.2018-07-07not yet calculatedCVE-2018-11351
    MISC
    jirafeau -- jirafeauAn issue was discovered in Jirafeau before 3.4.1. The "search file by hash" form is affected by reflected XSS that could allow, by targeting an administrator, stealing a session and gaining administrative privileges.2018-07-06not yet calculatedCVE-2018-13409
    MISC
    jirafeau -- jirafeauAn issue was discovered in Jirafeau before 3.4.1. The "search file by link" form is affected by reflected XSS that could allow, by targeting an administrator, stealing a session and gaining administrative privileges.2018-07-06not yet calculatedCVE-2018-13408
    MISC
    jirafeau -- jirafeauThe administration panel of Jirafeau before 3.4.1 is vulnerable to three CSRF attacks on search functionalities: search_by_name, search_by_hash, and search_link.2018-07-07not yet calculatedCVE-2018-11349
    MISC
    jirafeau -- jirafeau
     
    An issue was discovered in Jirafeau before 3.4.1. The file "search by name" form is affected by one Cross-Site Scripting vulnerability via the name parameter.2018-07-07not yet calculatedCVE-2018-11350
    MISC
    jpeg-compressor -- jpeg-compressor
     
    An issue was discovered in jpeg-compressor 0.1. The bmp_load function in stb_image.c allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact.2018-07-01not yet calculatedCVE-2018-13037
    MISC
    MISC
    libming -- libming
     
    libming 0.4.8 has a NULL pointer dereference in the getString function of the decompile.c file, related to decompileSTRINGCONCAT. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted swf file.2018-07-05not yet calculatedCVE-2018-13250
    MISC
    libming -- libming
     
    In libming 0.4.8, there is an excessive memory allocation attempt in the readBytes function of the util/read.c file, related to parseSWF_DEFINEBITSJPEG2. Remote attackers could leverage this vulnerability to cause a denial-of-service via a crafted swf file.2018-07-05not yet calculatedCVE-2018-13251
    MISC
    libming -- libming
     
    There is a memory leak in util/parser.c in libming 0.4.8, which will lead to a denial of service via parseSWF_DEFINEBUTTON2, parseSWF_DEFINEFONT, parseSWF_DEFINEFONTINFO, parseSWF_DEFINELOSSLESS, parseSWF_DEFINESPRITE, parseSWF_DEFINETEXT, parseSWF_DOACTION, parseSWF_FILLSTYLEARRAY, parseSWF_FRAMELABEL, parseSWF_LINESTYLEARRAY, parseSWF_PLACEOBJECT2, or parseSWF_SHAPEWITHSTYLE.2018-07-02not yet calculatedCVE-2018-13066
    MISC
    libsndfile -- libsndfileAn issue has been found in libsndfile 1.0.28. There is a memory leak in psf_allocate in common.c, as demonstrated by sndfile-convert.2018-07-07not yet calculatedCVE-2018-13419
    MISC
    libsndfile -- libsndfile
     
    A stack-based buffer overflow in psf_memset in common.c in libsndfile 1.0.28 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted audio file. The vulnerability can be triggered by the executable sndfile-deinterleave.2018-07-04not yet calculatedCVE-2018-13139
    MISC
    libsoup -- libsoup
     
    soup_cookie_jar_get_cookies in soup-cookie-jar.c in libsoup allows attackers to have unspecified impact via an empty hostname.2018-07-05not yet calculatedCVE-2018-12910
    CONFIRM
    MLIST
    FEDORA
    UBUNTU
    DEBIAN
    linux -- linux_kernelAn issue was discovered in fs/f2fs/super.c in the Linux kernel through 4.17.3. A denial of service (out-of-bounds memory access and BUG) can occur upon encountering an abnormal bitmap size when mounting a crafted f2fs image.2018-07-03not yet calculatedCVE-2018-13096
    MISC
    MISC
    linux -- linux_kernelAn issue was discovered in fs/f2fs/super.c in the Linux kernel through 4.17.3, which does not properly validate secs_per_zone in a corrupted f2fs image, as demonstrated by a divide-by-zero error.2018-07-03not yet calculatedCVE-2018-13100
    BID
    MISC
    MISC
    linux -- linux_kernelThe inode_init_owner function in fs/inode.c in the Linux kernel through 4.17.4 allows local users to create files with an unintended group ownership, in a scenario where a directory is SGID to a certain group and is writable by a user who is not a member of that group. Here, the non-member can trigger creation of a plain file whose group ownership is that group. The intended behavior was that the non-member can trigger creation of a directory (but not a plain file) whose group ownership is that group.2018-07-06not yet calculatedCVE-2018-13405
    MISC
    MISC
    MISC
    linux -- linux_kernelAn issue was discovered in fs/xfs/libxfs/xfs_attr_leaf.c in the Linux kernel through 4.17.3. An OOPS may occur for a corrupted xfs image after xfs_da_shrink_inode() is called with a NULL bp.2018-07-03not yet calculatedCVE-2018-13094
    MISC
    MISC
    MISC
    linux -- linux_kernelThe alarm_timer_nsleep function in kernel/time/alarmtimer.c in the Linux kernel through 4.17.3 has an integer overflow via a large relative timeout because ktime_add_safe is not used.2018-07-02not yet calculatedCVE-2018-13053
    BID
    MISC
    MISC
    linux -- linux_kernelAn issue was discovered in fs/f2fs/inline.c in the Linux kernel through 4.17.3. A denial of service (out-of-bounds memory access and BUG) can occur for a modified f2fs filesystem image in which an inline inode contains an invalid reserved blkaddr.2018-07-03not yet calculatedCVE-2018-13099
    BID
    MISC
    MISC
    MISC
    linux -- linux_kernelAn issue was discovered in fs/xfs/libxfs/xfs_inode_buf.c in the Linux kernel through 4.17.3. A denial of service (memory corruption and BUG) can occur for a corrupted xfs image upon encountering an inode that is in extent format, but has more extents than fit in the inode fork.2018-07-03not yet calculatedCVE-2018-13095
    MISC
    MISC
    MISC
    linux -- linux_kernelAn issue was discovered in fs/xfs/xfs_icache.c in the Linux kernel through 4.17.3. There is a NULL pointer dereference and panic in lookup_slow() on a NULL inode->i_ops pointer when doing pathwalks on a corrupted xfs image. This occurs because of a lack of proper validation that cached inodes are free during allocation.2018-07-03not yet calculatedCVE-2018-13093
    MISC
    MISC
    MISC
    linux -- linux_kernelAn issue was discovered in fs/f2fs/super.c in the Linux kernel through 4.17.3. There is an out-of-bounds read or a divide-by-zero error for an incorrect user_block_count in a corrupted f2fs image, leading to a denial of service (BUG).2018-07-03not yet calculatedCVE-2018-13097
    MISC
    MISC
    linux -- linux_kernelAn integer overflow in the uvesafb_setcmap function in drivers/video/fbdev/uvesafb.c in the Linux kernel before 4.17.4 could result in local attackers being able to crash the kernel or potentially elevate privileges because kmalloc_array is not used.2018-07-06not yet calculatedCVE-2018-13406
    MISC
    MISC
    MISC
    linux -- linux_kernelAn issue was discovered in the Linux kernel through 4.17.3. An Integer Overflow in kernel/time/posix-timers.c in the POSIX timer code is caused by the way the overrun accounting works. Depending on interval and expiry time values, the overrun can be larger than INT_MAX, but the accounting is int based. This basically makes the accounting values, which are visible to user space via timer_getoverrun(2) and siginfo::si_overrun, random. For example, a local user can cause a denial of service (signed integer overflow) via crafted mmap, futex, timer_create, and timer_settime system calls.2018-07-02not yet calculatedCVE-2018-12896
    MISC
    MISC
    MISC
    linux -- linux_kernelAn issue was discovered in fs/f2fs/inode.c in the Linux kernel through 4.17.3. A denial of service (slab out-of-bounds read and BUG) can occur for a modified f2fs filesystem image in which FI_EXTRA_ATTR is set in an inode.2018-07-03not yet calculatedCVE-2018-13098
    MISC
    MISC
    medtronic -- 2090_carelink_programmerMedtronic 2090 CareLink Programmer all versions The affected product uses a virtual private network connection to securely download updates. The product does not verify it is still connected to this virtual private network before downloading updates. An attacker with local network access to the programmer could influence these communications.2018-07-02not yet calculatedCVE-2018-10596
    MISC
    medtronic -- mycarelink_patient_monitor_and_mycarelink_monitorMedtronic MyCareLink Patient Monitor, 24950 MyCareLink Monitor, all versions, and 24952 MyCareLink Monitor, all versions, contains debug code meant to test the functionality of the monitor's communication interfaces, including the interface between the monitor and implantable cardiac device. An attacker with physical access to the device can apply the other vulnerabilities within this advisory to access this debug functionality. This debug functionality provides the ability to read and write arbitrary memory values to implantable cardiac devices via inductive or short range wireless protocols. An attacker with close physical proximity to a target implantable cardiac device can use this debug functionality.2018-07-02not yet calculatedCVE-2018-8868
    MISC
    medtronic -- mycarelink_patient_monitor_and_mycarelink_monitorMedtronic MyCareLink Patient Monitor, 24950 MyCareLink Monitor, all versions, and 24952 MyCareLink Monitor, all versions contains a hard-coded operating system password. An attacker with physical access can remove the case of the device, connect to the debug port, and use the password to gain privileged access to the operating system.2018-07-02not yet calculatedCVE-2018-8870
    MISC
    memjs -- memjs`memjs` versions <= 1.1.0 allocates and stores buffers on typed input, resulting in DoS and uninitialized memory usage.2018-07-05not yet calculatedCVE-2018-3767
    MISC
    mercurial -- mercurialThe mpatch_decode function in mpatch.c in Mercurial before 4.6.1 mishandles certain situations where there should be at least 12 bytes remaining after the current position in the patch data, but actually are not, aka OVE-20180430-0001.2018-07-05not yet calculatedCVE-2018-13348
    MISC
    MISC
    mercurial -- mercurial
     
    mpatch.c in Mercurial before 4.6.1 mishandles integer addition and subtraction, aka OVE-20180430-0002.2018-07-05not yet calculatedCVE-2018-13347
    MISC
    MISC
    MISC
    mercurial -- mercurial
     
    The mpatch_apply function in mpatch.c in Mercurial before 4.6.1 incorrectly proceeds in cases where the fragment start is past the end of the original data, aka OVE-20180430-0004.2018-07-05not yet calculatedCVE-2018-13346
    MISC
    MISC
    merge-objects -- merge-objectsThe utilities function in all versions <= 1.0.0 of the merge-objects node module can be tricked into modifying the prototype of Object when the attacker can control part of the structure passed to this function. This can let an attacker add or modify existing properties that will exist on all objects.2018-07-03not yet calculatedCVE-2018-3753
    MISC
    merge-options -- merge-options
     
    The utilities function in all versions <= 1.0.0 of the merge-options node module can be tricked into modifying the prototype of Object when the attacker can control part of the structure passed to this function. This can let an attacker add or modify existing properties that will exist on all objects.2018-07-03not yet calculatedCVE-2018-3752
    MISC
    merge-recursive -- merge-recursiveThe utilities function in all versions <= 0.3.0 of the merge-recursive node module can be tricked into modifying the prototype of Object when the attacker can control part of the structure passed to this function. This can let an attacker add or modify existing properties that will exist on all objects.2018-07-03not yet calculatedCVE-2018-3751
    MISC
    microsoft -- forefront_unified_access_gatewayuniquesig0/InternalSite/InitParams.aspx in Microsoft Forefront Unified Access Gateway 2010 allows remote attackers to trigger outbound DNS queries for arbitrary hosts via a comma-separated list of URLs in the orig_url parameter, possibly causing a traffic amplification and/or SSRF outcome.2018-07-05not yet calculatedCVE-2018-12571
    MISC
    FULLDISC
    FULLDISC
    SECTRACK
    mongodb -- skyring_databaseThe skyring-setup command creates random password for mongodb skyring database but it writes password in plain text to /etc/skyring/skyring.conf file which is owned by root but read by local user. Any local user who has access to system running skyring service will be able to get password in plain text.2018-07-06not yet calculatedCVE-2017-2665
    BID
    CONFIRM
    motorola -- mbp853_firmwareThe Motorola MBP853 firmware does not correctly validate server certificates. This allows for a Man in The Middle (MiTM) attack to take place between a Motorola MBP853 camera and the servers it communicates with. In one such instance, it was identified that the device was downloading what appeared to be a client certificate.2018-07-02not yet calculatedCVE-2018-12499
    MISC
    naver -- whale_browser
     
    Whale Browser before 1.0.41.8 displays no URL information but only a title of a web page on the browser's address bar when visiting a blank page, which allows an attacker to display a malicious web page with a fake domain name.2018-07-03not yet calculatedCVE-2018-7635
    MISC
    nextcloud -- calendarIn Nextcloud Calendar before 1.5.8 and 1.6.1, a missing sanitization of search results for an autocomplete field could lead to a stored XSS requiring user-interaction. The missing sanitization only affected group names, hence malicious search results could only be crafted by privileged users like admins or group admins.2018-07-05not yet calculatedCVE-2018-3763
    CONFIRM
    nextcloud -- contactsIn Nextcloud Contacts before 2.1.2, a missing sanitization of search results for an autocomplete field could lead to a stored XSS requiring user-interaction. The missing sanitization only affected group names, hence malicious search results could only be crafted by privileged users like admins or group admins.2018-07-05not yet calculatedCVE-2018-3764
    CONFIRM
    nextcloud -- serverNextcloud Server before 12.0.8 and 13.0.3 suffer from improper authentication on the OAuth2 token endpoint. Missing checks potentially allowed handing out new tokens in case the OAuth2 client was partly compromised.2018-07-05not yet calculatedCVE-2018-3761
    MISC
    CONFIRM
    nextcloud -- serverNextcloud Server before 12.0.8 and 13.0.3 suffers from improper checks of dropped permissions for incoming shares allowing a user to still request previews for files it should not have access to.2018-07-05not yet calculatedCVE-2018-3762
    MISC
    CONFIRM
    ntopng -- ntopngAn issue was discovered in ntopng 3.4 before 3.4.180617. The PRNG involved in the generation of session IDs is not seeded at program startup. This results in deterministic session IDs being allocated for active user sessions. An attacker with foreknowledge of the operating system and standard library in use by the host running the service and the username of the user whose session they're targeting can abuse the deterministic random number generation in order to hijack the user's session, thus escalating their access.2018-07-05not yet calculatedCVE-2018-12520
    FULLDISC
    MISC
    CONFIRM
    EXPLOIT-DB
    omeka -- omekaadmin/themes/default/items/tag-form.php in Omeka before 2.6.1 allows XSS by adding or editing a tag.2018-07-07not yet calculatedCVE-2018-13423
    MISC
    MISC
    onefilecms -- onefilecms
     
    onefilecms.php in OneFileCMS through 2017-10-08 might allow attackers to delete arbitrary files via the Delete File(s) screen, as demonstrated by a ?i=var/www/html/&f=123.php&p=edit&p=deletefile URI.2018-07-03not yet calculatedCVE-2018-13122
    MISC
    onefilecms -- onefilecms
     
    onefilecms.php in OneFileCMS through 2017-10-08 might allow attackers to read arbitrary files via the i and f parameters, as demonstrated by ?i=etc/&f=passwd&p=raw_view for the /etc/passwd file.2018-07-03not yet calculatedCVE-2018-13123
    MISC
    onos -- onos
     
    Time-of-check to time-of-use (TOCTOU) race condition in org.onosproject.acl (aka the access control application) in ONOS v1.13 and earlier allows attackers to bypass network access control via data plane packet injection.2018-07-05not yet calculatedCVE-2018-12691
    CONFIRM
    CONFIRM
    open-xchange -- ox_app_suiteOpen-Xchange OX App Suite before 7.6.3-rev37, 7.8.x before 7.8.2-rev40, 7.8.3 before 7.8.3-rev48, and 7.8.4 before 7.8.4-rev28 include folder names in API error responses, which allows remote attackers to obtain sensitive information via the folder parameter in an "all" action to api/tasks.2018-07-05not yet calculatedCVE-2018-9998
    FULLDISC
    SECTRACK
    open-xchange -- ox_app_suiteCross-site scripting (XSS) vulnerability in mail compose in Open-Xchange OX App Suite before 7.6.3-rev31, 7.8.x before 7.8.2-rev31, 7.8.3 before 7.8.3-rev41, and 7.8.4 before 7.8.4-rev28 allows remote attackers to inject arbitrary web script or HTML via the data-target attribute in an HTML page with data-toggle gadgets.2018-07-05not yet calculatedCVE-2018-9997
    FULLDISC
    SECTRACK
    opencart -- opencart
     
    /upload/catalog/controller/account/password.php in OpenCart through 3.0.2.0 has CSRF via the index.php?route=account/password URI to change a user's password.2018-07-02not yet calculatedCVE-2018-13067
    MISC
    openshift -- container_platformsource-to-image component of Openshift Container Platform before versions atomic-openshift 3.7.53, atomic-openshift 3.9.31 is vulnerable to a privilege escalation which allows the assemble script to run as the root user in a non-privileged container. An attacker can use this flaw to open network connections, and possibly other actions, on the host which are normally only available to a root user.2018-07-02not yet calculatedCVE-2018-10843
    REDHAT
    CONFIRM
    opensid -- opensidOpenSID 18.06-pasca has a CSRF vulnerability. This vulnerability can add an account (at the admin level) via the index.php/man_user/insert URI.2018-07-01not yet calculatedCVE-2018-13040
    MISC
    opensid -- opensidOpenSID 18.06-pasca has reflected Cross Site Scripting (XSS) via the cari parameter, aka an index.php/first?cari= URI.2018-07-01not yet calculatedCVE-2018-13039
    MISC
    opensid -- opensid
     
    OpenSID 18.06-pasca has an Unrestricted File Upload vulnerability via an Attachment Document in the article feature. This vulnerability leads to uploading arbitrary PHP code via a .php filename with the application/pdf Content-Type.2018-07-01not yet calculatedCVE-2018-13038
    MISC
    opmantek -- open-audit_community
     
    Cross-site scripting (XSS) vulnerability in Attributes functionality in Open-AudIT Community edition before 2.2.2 allows remote attackers to inject arbitrary web script or HTML via a crafted attribute name of an Attribute.2018-07-06not yet calculatedCVE-2018-11124
    MISC
    paessler -- prtg_network_monitor
     
    An issue was discovered in PRTG Network Monitor before 18.2.39. An attacker who has access to the PRTG System Administrator web console with administrative privileges can exploit an OS command injection vulnerability (both on the server and on devices) by sending malformed parameters in sensor or notification management scenarios.2018-07-02not yet calculatedCVE-2018-9276
    MISC
    BUGTRAQ
    pan-os -- pan-osThe PAN-OS management web interface page in PAN-OS 6.1.20 and earlier, PAN-OS 7.1.16 and earlier, PAN-OS 8.0.8 and earlier, and PAN-OS 8.1.0 may allow an attacker to access the GlobalProtect password hashes of local users via manipulation of the HTML markup.2018-07-03not yet calculatedCVE-2018-9334
    CONFIRM
    pan-os -- pan-osThe URL filtering "continue page" hosted by PAN-OS 8.0.10 and earlier may allow an attacker to inject arbitrary JavaScript or HTML via specially crafted URLs.2018-07-03not yet calculatedCVE-2018-7636
    SECTRACK
    CONFIRM
    pan-os -- pan-osThe PAN-OS management web interface page in PAN-OS 6.1.20 and earlier, PAN-OS 7.1.16 and earlier, PAN-OS 8.0.9 and earlier may allow an attacker to delete files in the system via specific request parameters.2018-07-03not yet calculatedCVE-2018-9242
    CONFIRM
    pan-os -- pan-os
     
    The PAN-OS session browser in PAN-OS 6.1.20 and earlier, PAN-OS 7.1.16 and earlier, PAN-OS 8.0.9 and earlier, and PAN-OS 8.1.1 and earlier may allow an attacker to inject arbitrary JavaScript or HTML.2018-07-03not yet calculatedCVE-2018-9335
    BID
    CONFIRM
    pan-os -- pan-os
     
    The PAN-OS web interface administration page in PAN-OS 6.1.20 and earlier, PAN-OS 7.1.17 and earlier, PAN-OS 8.0.10 and earlier, and PAN-OS 8.1.1 and earlier may allow an attacker to inject arbitrary JavaScript or HTML.2018-07-03not yet calculatedCVE-2018-9337
    BID
    CONFIRM
    podman -- podman
     
    It has been discovered that podman before version 0.6.1 does not drop capabilities when executing a container as a non-root user. This results in unnecessary privileges being granted to the container.2018-07-02not yet calculatedCVE-2018-10856
    REDHAT
    CONFIRM
    CONFIRM
    public -- publicThe public node module versions <= 1.0.3 allows to embed HTML in file names, which (in certain conditions) might lead to execute malicious JavaScript.2018-07-03not yet calculatedCVE-2018-3747
    MISC
    puppet -- discoveryIn Puppet Discovery prior to 1.2.0, when running Discovery against Windows hosts, WinRM connections can fall back to using basic auth over insecure channels if a HTTPS server is not available. This can expose the login credentials being used by Puppet Discovery.2018-07-03not yet calculatedCVE-2018-11746
    CONFIRM

    qemu -- qemu

    Quick emulator (QEMU) built with the Cirrus CLGD 54xx VGA emulator support is vulnerable to an out-of-bounds access issue. It could occur while copying VGA data via bitblt copy in backward mode. A privileged user inside a guest could use this flaw to crash the QEMU process resulting in DoS or potentially execute arbitrary code on the host with privileges of QEMU process on the host.2018-07-02not yet calculatedCVE-2017-2615
    REDHAT
    REDHAT
    REDHAT
    REDHAT
    REDHAT
    REDHAT
    REDHAT
    REDHAT
    REDHAT
    REDHAT
    REDHAT
    REDHAT
    MLIST
    BID
    SECTRACK
    CONFIRM
    MLIST
    GENTOO
    GENTOO
    CONFIRM

    qualcomm -- android

    The Touch Pal application can collect user behavior data without awareness by the user in Snapdragon Mobile and Snapdragon Wear.2018-07-06not yet calculatedCVE-2018-5892
    CONFIRM
    qualcomm -- androidPossible buffer overflow in msm_adsp_stream_callback_put due to lack of input validation of user-provided data that leads to integer overflow in all Android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the Linux kernel.2018-07-06not yet calculatedCVE-2018-5907
    qualcomm -- androidInteger overflow can occur in msm_pcm_adsp_stream_cmd_put() function if the user supplied data "param_length" goes beyond certain limit in Android releases from CAF using the linux kernel (Android for MSM, Firefox OS for MSM, QRD Android) before security patch level 2018-06-05.2018-07-06not yet calculatedCVE-2018-5898
    CONFIRM
    qualcomm -- androidIn __wlan_hdd_cfg80211_vendor_scan() in all Android releases from CAF using the Linux kernel (Android for MSM, Firefox OS for MSM, QRD Android) before security patch level 2018-07-05, when SCAN_SSIDS and QCA_WLAN_VENDOR_ATTR_SCAN_FREQUENCIES are parsed, a buffer overwrite can potentially occur.2018-07-06not yet calculatedCVE-2018-5862
    CONFIRM
    CONFIRM
    CONFIRM
    qualcomm -- androidA race condition exists in a driver in all Android releases from CAF using the Linux kernel (Android for MSM, Firefox OS for MSM, QRD Android) before security patch level 2018-05-05 potentially leading to a use-after-free condition.2018-07-06not yet calculatedCVE-2018-5853
    CONFIRM
    CONFIRM
    CONFIRM
    qualcomm -- androidWhile loading dynamic fonts, a buffer overflow may occur if the number of segments in the font file is out of range in Snapdragon Mobile and Snapdragon Wear.2018-07-06not yet calculatedCVE-2018-5885
    CONFIRM
    qualcomm -- androidIn the KGSL driver in Android releases from CAF using the linux kernel (Android for MSM, Firefox OS for MSM, QRD Android) before security patch level 2018-06-05, a reference counting error can lead to a Use After Free condition.2018-07-06not yet calculatedCVE-2018-5831
    CONFIRM
    CONFIRM
    CONFIRM

    qualcomm -- android

    Permissions, Privileges, and Access Controls in TA in Snapdragon Mobile has an options that allows RPMB erase for secure devices in versions SD 210/SD 212/SD 205, SD 845, SD 850.2018-07-06not yet calculatedCVE-2018-11257
    CONFIRM

    qualcomm -- android

    Improper Input Validation in Linux io-prefetch in Snapdragon Mobile and Snapdragon Wear, A SQL injection vulnerability exists in versions MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 430, SD 450, SD 617, SD 625, SD 650/52, SD 820, SD 835, SD 845.2018-07-06not yet calculatedCVE-2017-11088
    CONFIRM
    qualcomm -- androidWhile processing the USB StrSerialDescriptor array, an array index out of bounds can occur in Android releases from CAF using the linux kernel (Android for MSM, Firefox OS for MSM, QRD Android) before security patch level 2018-06-05.2018-07-06not yet calculatedCVE-2018-5887
    CONFIRM
    CONFIRM
    qualcomm -- androidWhile padding or shrinking a nested wmi packet in all Android releases from CAF using the Linux kernel (Android for MSM, Firefox OS for MSM, QRD Android) before security patch level 2018-07-05, a buffer over-read can potentially occur.2018-07-06not yet calculatedCVE-2018-5855
    CONFIRM
    CONFIRM
    CONFIRM
    qualcomm -- androidWhile processing fragments, when the fragment count becomes very large, an integer overflow leading to a buffer overflow can occur in Android releases from CAF using the linux kernel (Android for MSM, Firefox OS for MSM, QRD Android) before security patch level 2018-06-05.2018-07-06not yet calculatedCVE-2018-3577
    CONFIRM
    CONFIRM
    CONFIRM
    qualcomm -- androidAn integer overflow to buffer overflow vulnerability exists in the ADSPRPC heap manager in all Android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the Linux kernel.2018-07-06not yet calculatedCVE-2018-3586
    MISC
    qualcomm -- androidIn wma_nan_rsp_event_handler() in Android releases from CAF using the linux kernel (Android for MSM, Firefox OS for MSM, QRD Android) before security patch level 2018-06-05, the data_len value is received from firmware and not properly validated which could potentially lead to an out-of-bounds access.2018-07-06not yet calculatedCVE-2018-5836
    CONFIRM
    CONFIRM
    CONFIRM
    qualcomm -- androidIf the seq_len is greater then CSR_MAX_RSC_LEN, a buffer overflow in __wlan_hdd_cfg80211_add_key() may occur when copying keyRSC in Android releases from CAF using the linux kernel (Android for MSM, Firefox OS for MSM, QRD Android) before security patch level 2018-06-05.2018-07-06not yet calculatedCVE-2018-5835
    CONFIRM
    CONFIRM
    CONFIRM
    qualcomm -- androidIn the audio debugfs in all Android releases from CAF using the Linux kernel (Android for MSM, Firefox OS for MSM, QRD Android) before security patch level 2018-07-05, out of bounds access can occur.2018-07-06not yet calculatedCVE-2018-5858
    CONFIRM
    CONFIRM
    CONFIRM
    CONFIRM
    qualcomm -- androidDue to a race condition in the MDSS MDP driver in all Android releases from CAF using the Linux kernel (Android for MSM, Firefox OS for MSM, QRD Android) before security patch level 2018-07-05, a Use After Free condition can occur.2018-07-06not yet calculatedCVE-2018-5859
    CONFIRM
    CONFIRM
    CONFIRM
    qualcomm -- androidIn the ADSP RPC driver in Android releases from CAF using the linux kernel (Android for MSM, Firefox OS for MSM, QRD Android) before security patch level 2018-06-05, an arbitrary kernel write can occur.2018-07-06not yet calculatedCVE-2018-3597
    CONFIRM
    CONFIRM
    qualcomm -- androidDue to a race condition while processing the power stats debug file to read status, a double free condition can occur in Android releases from CAF using the linux kernel (Android for MSM, Firefox OS for MSM, QRD Android) before security patch level 2018-06-05.2018-07-06not yet calculatedCVE-2017-15856
    CONFIRM
    CONFIRM
    CONFIRM
    qualcomm -- androidIn Android releases from CAF using the linux kernel (Android for MSM, Firefox OS for MSM, QRD Android) before security patch level 2018-06-05, kernel panic may happen due to out-of-bound read, caused by not checking source buffer length against length of packet stream to be copied.2018-07-06not yet calculatedCVE-2018-5896
    CONFIRM

    qualcomm -- android

    In ADSP RPC in Snapdragon Automobile, Snapdragon Mobile and Snapdragon Wear, a Use After Free condition can occur in versions MDM9206, MDM9607, MDM9650, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 425, SD 450, SD 615/16/SD 415, SD 625, SD 650/52, SD 820, SD 820A, SD 835, SD 845, SDX20.2018-07-06not yet calculatedCVE-2018-11258
    CONFIRM
    qualcomm -- androidWhile parsing an mp4 file, a stack-based buffer overflow can occur in Snapdragon Automobile, Snapdragon Mobile and Snapdragon Wear.2018-07-06not yet calculatedCVE-2018-5874
    CONFIRM
    qualcomm -- androidDue to a race condition in a camera driver ioctl handler in Android releases from CAF using the linux kernel (Android for MSM, Firefox OS for MSM, QRD Android) before security patch level 2018-06-05, a Use After Free condition can occur.2018-07-06not yet calculatedCVE-2018-5832
    CONFIRM
    CONFIRM
    qualcomm -- androidWhile processing a compressed kernel image, a buffer overflow can occur in Android releases from CAF using the linux kernel (Android for MSM, Firefox OS for MSM, QRD Android) before security patch level 2018-06-05.2018-07-06not yet calculatedCVE-2018-5889
    CONFIRM
    CONFIRM

    qualcomm -- android

    While parsing an mp4 file, an integer overflow leading to a buffer overflow can occur in Snapdragon Automobile, Snapdragon Mobile and Snapdragon Wear.2018-07-06not yet calculatedCVE-2018-5875
    CONFIRM
    qualcomm -- androidWhile processing a debug log event from firmware in all Android releases from CAF using the Linux kernel (Android for MSM, Firefox OS for MSM, QRD Android) before security patch level 2018-07-05, an integer underflow and/or buffer over-read can occur.2018-07-06not yet calculatedCVE-2018-5865
    CONFIRM
    CONFIRM
    CONFIRM
    qualcomm -- androidWhile processing a message from firmware in htt_t2h_msg_handler_fast() in Android releases from CAF using the linux kernel (Android for MSM, Firefox OS for MSM, QRD Android) before security patch level 2018-06-05, a buffer overwrite can occur.2018-07-06not yet calculatedCVE-2018-5893
    CONFIRM
    CONFIRM
    CONFIRM
    qualcomm -- androidA pointer in an ADSPRPC command is not properly validated in all Android releases from CAF using the Linux kernel (Android for MSM, Firefox OS for MSM, QRD Android), which can lead to kernel memory being accessed.2018-07-06not yet calculatedCVE-2018-5886
    CONFIRM
    CONFIRM

    qualcomm -- android

    Due to Improper Access Control of NAND-based EFS in Snapdragon Automobile, Snapdragon Mobile and Snapdragon Wear, From fastboot on a NAND-based device, the EFS partition can be erased. Apps processor then has non-secure world full read/write access to the partition until the modem boots and configures the EFS partition addresses in its MPU partition.2018-07-06not yet calculatedCVE-2018-11259
    CONFIRM
    qualcomm -- androidWhile processing a WMI_APFIND event in all Android releases from CAF using the Linux kernel (Android for MSM, Firefox OS for MSM, QRD Android) before security patch level 2018-07-05, a buffer over-read and information leak can potentially occur.2018-07-06not yet calculatedCVE-2018-5864
    CONFIRM
    CONFIRM
    CONFIRM
    qualcomm -- androidWhile flashing meta image, a buffer over-read may potentially occur when the image size is smaller than the image header size or is smaller than the image header size + total image header entry in Android releases from CAF using the linux kernel (Android for MSM, Firefox OS for MSM, QRD Android) before security patch level 2018-06-05.2018-07-06not yet calculatedCVE-2017-14893
    CONFIRM
    CONFIRM
    qualcomm -- androidImproper Access Control in Multimedia in Snapdragon Mobile and Snapdragon Wear, Non-standard applications without permission may acquire permission of Qualcomm-specific proprietary intents.2018-07-06not yet calculatedCVE-2018-5884
    CONFIRM
    qualcomm -- androidIn the cpuidle driver in all Android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the Linux kernel, the list_for_each macro was not used correctly which could lead to an untrusted pointer dereference.2018-07-06not yet calculatedCVE-2018-3570
    MISC
    MISC
    qualcomm -- androidIn the FastRPC driver in Android releases from CAF using the linux kernel (Android for MSM, Firefox OS for MSM, QRD Android) before security patch level 2018-06-05, a Use After Free condition can occur when mapping on the remote processor fails.2018-07-06not yet calculatedCVE-2018-3564
    CONFIRM
    CONFIRM
    CONFIRM
    qualcomm -- androidWhile sending the response to a RIL_REQUEST_GET_SMSC_ADDRESS message, a buffer overflow can occur in Snapdragon Automobile, Snapdragon Mobile and Snapdragon Wear.2018-07-06not yet calculatedCVE-2018-5878
    CONFIRM
    qualcomm -- androidWhile reading the data from buffer in dci_process_ctrl_status() there can be buffer over-read problem if the len is not checked correctly in Android releases from CAF using the linux kernel (Android for MSM, Firefox OS for MSM, QRD Android) before security patch level 2018-06-05.2018-07-06not yet calculatedCVE-2018-5897
    CONFIRM
    qualcomm -- androidIn __wlan_hdd_cfg80211_vendor_scan(), a buffer overwrite can potentially occur in Android releases from CAF using the linux kernel (Android for MSM, Firefox OS for MSM, QRD Android) before security patch level 2018-06-05.2018-07-06not yet calculatedCVE-2018-5834
    CONFIRM
    CONFIRM
    CONFIRM
    qualcomm -- androidBuffer over-read may happen in wma_process_utf_event() due to improper buffer length validation before writing into param_buf->num_wow_packet_buffer in Android releases from CAF using the linux kernel (Android for MSM, Firefox OS for MSM, QRD Android) before security patch level 2018-06-05.2018-07-06not yet calculatedCVE-2018-5895
    CONFIRM
    CONFIRM
    qualcomm -- androidPossible buffer overflows and array out of bounds accesses in Android releases from CAF using the linux kernel (Android for MSM, Firefox OS for MSM, QRD Android) before security patch level 2018-06-05 while flashing images.2018-07-06not yet calculatedCVE-2017-18158
    CONFIRM
    CONFIRM
    qualcomm -- androidIn Android releases from CAF using the linux kernel (Android for MSM, Firefox OS for MSM, QRD Android) before security patch level 2018-06-05, whenever TDLS connection is setup, we are freeing the netbuf in ol_tx_completion_handler and after that, we are accessing it in NBUF_UPDATE_TX_PKT_COUNT causing a use after free.2018-07-06not yet calculatedCVE-2018-5899
    CONFIRM
    CONFIRM
    qualcomm -- androidIf the fdt_totalsize is reported as 0 for the current device tree, it bypasses an error check for a valid device tree in Android releases from CAF using the linux kernel (Android for MSM, Firefox OS for MSM, QRD Android) before security patch level 2018-06-05.2018-07-06not yet calculatedCVE-2018-5890
    CONFIRM
    CONFIRM
    qualcomm -- androidWhile parsing an mp4 file, a buffer overflow can occur in Snapdragon Automobile, Snapdragon Mobile and Snapdragon Wear.2018-07-06not yet calculatedCVE-2018-5876
    CONFIRM
    qualcomm -- androidWhile processing the system path, an out of bounds access can occur in Android releases from CAF using the linux kernel (Android for MSM, Firefox OS for MSM, QRD Android) before security patch level 2018-06-05.2018-07-06not yet calculatedCVE-2018-5888
    CONFIRM
    CONFIRM
    qualcomm -- androidLack of copy_from_user and information leak in function "msm_ois_subdev_do_ioctl, file msm_ois.c can lead to a camera crash in all Android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the Linux kernel2018-07-06not yet calculatedCVE-2017-15851
    MISC
    MISC

    qualcomm -- android

    While processing modem SSR after IMS is registered, the IMS data daemon is restarted but the ipc_dataHandle is no longer available. Consequently, the DPL thread frees the internal memory for dataDHandle but the local variable pointer is not updated which can lead to a Use After Free condition in Snapdragon Mobile and Snapdragon Wear.2018-07-06not yet calculatedCVE-2018-5891
    CONFIRM
    qualcomm -- androidImproper Validation of Array Index in Multimedia While parsing an mp4 file in Snapdragon Automobile, Snapdragon Mobile and Snapdragon Wear, an out-of-bounds access can occur.2018-07-06not yet calculatedCVE-2018-5894
    CONFIRM

    qualcomm -- android

    While parsing a Flac file with a corrupted comment block, a buffer over-read can occur in Snapdragon Automobile, Snapdragon Mobile and Snapdragon Wear.2018-07-06not yet calculatedCVE-2018-5882
    CONFIRM
    qualcomm -- androidAn issue was discovered in the __ns_get_path function in fs/nsfs.c in the Linux kernel before 4.11. Due to a race condition when accessing files, a Use After Free condition can occur. This also affects all Android releases from CAF using the Linux kernel (Android for MSM, Firefox OS for MSM, QRD Android) before security patch level 2018-07-05.2018-07-06not yet calculatedCVE-2018-5873
    CONFIRM
    CONFIRM
    CONFIRM
    CONFIRM
    CONFIRM
    qualcomm -- androidIn wlan_hdd_cfg80211_set_privacy_ibss() in Android releases from CAF using the linux kernel (Android for MSM, Firefox OS for MSM, QRD Android) before security patch level 2018-06-05, a buffer over-read can potentially occur.2018-07-06not yet calculatedCVE-2018-5829
    CONFIRM
    CONFIRM
    CONFIRM
    qualcomm -- androidIn Android releases from CAF using the linux kernel (Android for MSM, Firefox OS for MSM, QRD Android) before security patch level 2018-06-05, while processing a StrHwPlatform with length smaller than EFICHIPINFO_MAX_ID_LENGTH, an array out of bounds access may occur.2018-07-06not yet calculatedCVE-2017-18159
    CONFIRM
    CONFIRM
    CONFIRM
    CONFIRM
    CONFIRM
    CONFIRM
    CONFIRM
    CONFIRM
    CONFIRM
    CONFIRM
    qualcomm -- androidPossible buffer overflow in msm_adsp_stream_callback_put due to lack of input validation of user-provided data that leads to integer overflow in all Android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the Linux kernel.2018-07-06not yet calculatedCVE-2018-11304
    qualcomm -- androidWhile processing the HTT_T2H_MSG_TYPE_MGMT_TX_COMPL_IND message, a buffer overflow can potentially occur in Android releases from CAF using the linux kernel (Android for MSM, Firefox OS for MSM, QRD Android) before security patch level 2018-06-05.2018-07-06not yet calculatedCVE-2018-5830
    CONFIRM
    CONFIRM
    CONFIRM
    CONFIRM
    qualcomm -- androidIn Android releases from CAF using the linux kernel (Android for MSM, Firefox OS for MSM, QRD Android) before security patch level 2018-06-05, the function UpdateDeviceStatus() writes a local stack buffer without initialization to flash memory using WriteToPartition() which may potentially leak memory.2018-07-06not yet calculatedCVE-2017-15824
    CONFIRM
    qualcomm -- androidIn a firmware memory dump feature in all Android releases from CAF using the Linux kernel (Android for MSM, Firefox OS for MSM, QRD Android), a Use After Free condition can occur.2018-07-06not yet calculatedCVE-2018-3587
    CONFIRM
    CONFIRM
    CONFIRM
    CONFIRM
    qualcomm -- androidWhile parsing over-the-air information elements in all Android releases from CAF using the Linux kernel (Android for MSM, Firefox OS for MSM, QRD Android) before security patch level 2018-07-05, the use of an out-of-range pointer offset can occur.2018-07-06not yet calculatedCVE-2018-5872
    CONFIRM
    CONFIRM
    CONFIRM
    qualcomm -- androidImproper Validation of Array Index In the adreno OpenGL driver in Snapdragon Automobile, Snapdragon Mobile and Snapdragon Wear, an out-of-bounds access can occur in SurfaceFlinger.2018-07-06not yet calculatedCVE-2018-5838
    CONFIRM
    qualcomm -- androidA buffer over-read can occur during a fast initial link setup (FILS) connection in Android releases from CAF using the linux kernel (Android for MSM, Firefox OS for MSM, QRD Android) before security patch level 2018-06-05.2018-07-06not yet calculatedCVE-2018-3569
    CONFIRM
    CONFIRM
    CONFIRM
    qualcomm -- android
     
    While flashing a meta image, a buffer over-read can potentially occur when the number of images are out of the maximum range of 32 in Android releases from CAF using the linux kernel (Android for MSM, Firefox OS for MSM, QRD Android) before security patch level 2018-06-05.2018-07-06not yet calculatedCVE-2017-14872
    CONFIRM
    CONFIRM
    query-mysql -- query-mysqlNode.js third-party module query-mysql versions 0.0.0, 0.0.1, and 0.0.2 are vulnerable to an SQL injection vulnerability due to lack of user input sanitization. This may allow an attacker to run arbitrary SQL queries when fetching data from database.2018-07-03not yet calculatedCVE-2018-3754
    MISC
    rails_admin -- rails_admin
     
    rails_admin ruby gem <v1.1.1 is vulnerable to cross-site request forgery (CSRF) attacks. Non-GET methods were not validating CSRF tokens and, as a result, an attacker could hypothetically gain access to the application administrative endpoints exposed by the gem.2018-07-05not yet calculatedCVE-2016-10522
    CONFIRM
    MISC
    MISC

    realnetworks -- realoneplayer

    RealOne Player 2.0 Build 6.0.11.872 allows remote attackers to cause a denial of service (array out-of-bounds access and application crash) via a crafted .aiff file.2018-07-03not yet calculatedCVE-2018-13121
    MISC
    red_hat -- openshift
     
    In atomic-openshift before version 3.10.9 a malicious network-policy configuration can cause Openshift Routing to crash when using ovs-networkpolicy plugin. An attacker can use this flaw to cause a Denial of Service (DoS) attack on an Openshift 3.9, or 3.7 Cluster.2018-07-05not yet calculatedCVE-2018-10885
    CONFIRM
    red_hat-- fedora_and_enterprise_linux
     
    setup before version 2.11.4-1.fc28 in Fedora and Red Hat Enterprise Linux added /sbin/nologin and /usr/sbin/nologin to /etc/shells. This violates security assumptions made by pam_shells and some daemons which allow access based on a user's shell being listed in /etc/shells. Under some circumstances, users which had their shell changed to /sbin/nologin could still access the system.2018-07-02not yet calculatedCVE-2018-1113
    CONFIRM
    redswimmer -- kiosksimple
     
    KioskSimpleService.exe in RedSwimmer KioskSimple 1.4.7.0 suffers from a privilege escalation vulnerability in the WCF endpoint. The exposed methods allow read and write access to the Windows registry and control of services. These methods may be abused to achieve privilege escalation via execution of attacker controlled binaries.2018-07-03not yet calculatedCVE-2018-13101
    MISC
    roku -- roku_and_roku_tv_products
     
    The External Control API in Roku and Roku TV products allow unauthorized access via a DNS Rebind attack. This can result in remote device control and privileged device and network information to be exfiltrated by an attacker.2018-07-03not yet calculatedCVE-2018-11314
    MISC
    MISC
    rsa -- certificate_manager
     
    RSA Certificate Manager Versions 6.9 build 560 through 6.9 build 564 contain a path traversal vulnerability in the RSA CMP Enroll Server and the RSA REST Enroll Server. A remote unauthenticated attacker could potentially exploit this vulnerability by manipulating input parameters of the application to gain unauthorized read access to the files stored on the server filesystem, with the privileges of the running web application.2018-07-03not yet calculatedCVE-2018-11051
    FULLDISC
    SECTRACK
    ruby-grape -- ruby-graperuby-grape ruby gem suffers from a cross-site scripting (XSS) vulnerability via "format" parameter.2018-07-05not yet calculatedCVE-2018-3769
    CONFIRM
    CONFIRM
    CONFIRM
    schneider_electric -- evlink_charging_stationIn Schneider Electric Evlink Charging Station versions prior to v3.2.0-12_v1, the Web Interface has an issue that may allow a remote attacker to gain administrative privileges without properly authenticating remote users.2018-07-03not yet calculatedCVE-2018-7778
    CONFIRM
    schneider_electric -- pelco_sarix_professional_camerasIn Schneider Electric Pelco Sarix Professional 1st generation cameras with firmware versions prior to 3.29.69, by sending a specially crafted request an authenticated user can view password in clear text and results in privilege escalation.2018-07-03not yet calculatedCVE-2018-7781
    CONFIRM
    schneider_electric -- pelco_sarix_professional_camerasIn Schneider Electric Pelco Sarix Professional 1st generation cameras with firmware versions prior to 3.29.69, authenticated users can view passwords in clear text.2018-07-03not yet calculatedCVE-2018-7782
    CONFIRM
    schneider_electric -- pelco_sarix_professional_camerasIn Schneider Electric Pelco Sarix Professional 1st generation cameras with firmware versions prior to 3.29.69, a buffer overflow vulnerability exist in cgi program "set".2018-07-03not yet calculatedCVE-2018-7780
    CONFIRM
    schneider_electric -- somachine_basicSchneider Electric SoMachine Basic prior to v1.6 SP1 suffers from an XML External Entity (XXE) vulnerability using the DTD parameter entities technique resulting in disclosure and retrieval of arbitrary data on the affected node via out-of-band (OOB) attack. The vulnerability is triggered when input passed to the xml parser is not sanitized while parsing the xml project/template file.2018-07-03not yet calculatedCVE-2018-7783
    CONFIRM
    schneider_electric -- u.motion_builderThe vulnerability exists within processing of editobject.php in Schneider Electric U.motion Builder software versions prior to v1.3.4. The underlying SQLite database query is subject to SQL injection on the type input parameter.2018-07-03not yet calculatedCVE-2018-7767
    CONFIRM
    schneider_electric -- u.motion_builderThe vulnerability exists within processing of track_import_export.php in Schneider Electric U.motion Builder software versions prior to v1.3.4. The underlying SQLite database query is subject to SQL injection on the object_id input parameter.2018-07-03not yet calculatedCVE-2018-7765
    CONFIRM
    schneider_electric -- u.motion_builderIn Schneider Electric U.motion Builder software versions prior to v1.3.4, a cross site scripting (XSS) vulnerability exists which could allow injection of malicious scripts.2018-07-03not yet calculatedCVE-2018-7786
    BID
    CONFIRM
    schneider_electric -- u.motion_builderThe vulnerability exists within css.inc.php in Schneider Electric U.motion Builder software versions prior to v1.3.4. The 'css' parameter contains a directory traversal vulnerability.2018-07-03not yet calculatedCVE-2018-7763
    CONFIRM
    schneider_electric -- u.motion_builderThe vulnerability exists within processing of xmlserver.php in Schneider Electric U.motion Builder software versions prior to v1.3.4. The underlying SQLite database query is subject to SQL injection on the id input parameter.2018-07-03not yet calculatedCVE-2018-7769
    CONFIRM
    schneider_electric -- u.motion_builderThe vulnerability exists within runscript.php applet in Schneider Electric U.motion Builder software versions prior to v1.3.4. There is a directory traversal vulnerability in the processing of the 's' parameter of the applet.2018-07-03not yet calculatedCVE-2018-7764
    CONFIRM
    schneider_electric -- u.motion_builderThe vulnerability exists within processing of sendmail.php in Schneider Electric U.motion Builder software versions prior to v1.3.4. The applet allows callers to select arbitrary files to send to an arbitrary email address.2018-07-03not yet calculatedCVE-2018-7770
    CONFIRM
    schneider_electric -- u.motion_builderThe vulnerability exists within processing of localize.php in Schneider Electric U.motion Builder software versions prior to v1.3.4. The underlying SQLite database query is subject to SQL injection on the username input parameter.2018-07-03not yet calculatedCVE-2018-7774
    CONFIRM
    schneider_electric -- u.motion_builderIn Schneider Electric U.motion Builder software versions prior to v1.3.4, this exploit occurs when the submitted data of an input string is evaluated as a command by the application. In this way, the attacker could execute code, read the stack, or cause a segmentation fault in the running application.2018-07-03not yet calculatedCVE-2018-7784
    BID
    CONFIRM
    schneider_electric -- u.motion_builderThe vulnerability exists within processing of loadtemplate.php in Schneider Electric U.motion Builder software versions prior to v1.3.4. The underlying SQLite database query is subject to SQL injection on the tpl input parameter.2018-07-03not yet calculatedCVE-2018-7768
    CONFIRM
    schneider_electric -- u.motion_builderThe vulnerability exists within processing of track_getdata.php in Schneider Electric U.motion Builder software versions prior to v1.3.4. The underlying SQLite database query is subject to SQL injection on the id input parameter.2018-07-03not yet calculatedCVE-2018-7766
    CONFIRM
    schneider_electric -- u.motion_builderIn Schneider Electric U.motion Builder software versions prior to v1.3.4, a remote command injection allows authentication bypass.2018-07-03not yet calculatedCVE-2018-7785
    BID
    CONFIRM
    schneider_electric -- u.motion_builderIn Schneider Electric U.motion Builder software versions prior to v1.3.4, malicious clients can upload and cause the smbd server to execute a shared library from a writable share.2018-07-03not yet calculatedCVE-2018-7777
    CONFIRM
    schneider_electric -- u.motion_builderThe vulnerability exists within error.php in Schneider Electric U.motion Builder software versions prior to v1.3.4. System information is returned to the attacker that contains sensitive data.2018-07-03not yet calculatedCVE-2018-7775
    CONFIRM
    schneider_electric -- u.motion_builderThe vulnerability exists within processing of nfcserver.php in Schneider Electric U.motion Builder software versions prior to v1.3.4. The underlying SQLite database query is subject to SQL injection on the sessionid input parameter.2018-07-03not yet calculatedCVE-2018-7773
    CONFIRM
    schneider_electric -- u.motion_builderThe vulnerability exists within processing of editscript.php in Schneider Electric U.motion Builder software versions prior to v1.3.4. A directory traversal vulnerability allows a caller with standard user privileges to write arbitrary php files anywhere in the web service directory tree.2018-07-03not yet calculatedCVE-2018-7771
    CONFIRM
    schneider_electric -- u.motion_builderThe vulnerability exists within processing of applets which are exposed on the web service in Schneider Electric U.motion Builder software versions prior to v1.3.4. The underlying SQLite database query to determine whether a user is logged in is subject to SQL injection on the loginSeed parameter, which can be embedded in the HTTP cookie of the request.2018-07-03not yet calculatedCVE-2018-7772
    CONFIRM
    schneider_electric -- u.motion_builderIn Schneider Electric U.motion Builder software versions prior to v1.3.4, this vulnerability is due to improper validation of input of context parameter in HTTP GET request.2018-07-03not yet calculatedCVE-2018-7787
    BID
    CONFIRM
    schneider_electric -- u.motion_builder
     
    The vulnerability is due to insufficient handling of update_file request parameter on update_module.php in Schneider Electric U.motion Builder software versions prior to v1.3.4. A remote, authenticated attacker can exploit this vulnerability by sending a crafted request to the target server.2018-07-03not yet calculatedCVE-2018-7776
    CONFIRM
    schneider_electric -- wiser_for_knxIn Schneider Electric Wiser for KNX V2.1.0 and prior, homeLYnk V2.0.1 and prior; and spaceLYnk V2.1.0 and prior, weak and unprotected FTP access could allow an attacker unauthorized access.2018-07-03not yet calculatedCVE-2018-7779
    CONFIRM
    sencha -- ext_jsThe getTip() method of Action Columns of Sencha Ext JS 4 to 6 before 6.6.0 is vulnerable to XSS attacks, even when passed HTML-escaped data. This framework brings no built-in XSS protection, so the developer has to ensure that data is correctly sanitized. However, the getTip() method of Action Columns takes HTML-escaped data and un-escapes it. If the tooltip contains user-controlled data, an attacker could exploit this to create a cross-site scripting attack, even when developers took precautions and escaped data.2018-07-05not yet calculatedCVE-2018-8046
    CONFIRM
    FULLDISC
    siemens -- siclockA vulnerability has been identified in SICLOCK TC100 (All versions) and SICLOCK TC400 (All versions). An attacker with administrative access to the device's management interface could lock out legitimate users. Manual interaction is required to restore the access of legitimate users.2018-07-03not yet calculatedCVE-2018-4856
    BID
    CONFIRM
    siemens -- siclockA vulnerability has been identified in SICLOCK TC100 (All versions) and SICLOCK TC400 (All versions). An attacker with network access to port 69/udp could modify the administrative client stored on the device. If a legitimate user downloads and executes the modified client from the affected device, then he/she could obtain code execution on the client system.2018-07-03not yet calculatedCVE-2018-4854
    BID
    CONFIRM
    siemens -- siclockA vulnerability has been identified in SICLOCK TC100 (All versions) and SICLOCK TC400 (All versions). An attacker with network access to the device could cause a Denial-of-Service condition by sending certain packets to the device, causing potential reboots of the device. The core functionality of the device could be impacted. The time serving functionality recovers when time synchronization with GPS devices or other NTP servers are completed.2018-07-03not yet calculatedCVE-2018-4851
    BID
    CONFIRM
    siemens -- siclockA vulnerability has been identified in SICLOCK TC100 (All versions) and SICLOCK TC400 (All versions). An attacker with network access to the device could potentially circumvent the authentication mechanism if he/she is able to obtain certain knowledge specific to the attacked device.2018-07-03not yet calculatedCVE-2018-4852
    BID
    CONFIRM
    siemens -- siclockA vulnerability has been identified in SICLOCK TC100 (All versions) and SICLOCK TC400 (All versions). An attacker with network access to port 69/udp could modify the firmware of the device.2018-07-03not yet calculatedCVE-2018-4853
    BID
    CONFIRM
    siemens -- siclockA vulnerability has been identified in SICLOCK TC100 (All versions) and SICLOCK TC400 (All versions). Unencrypted storage of passwords in the client configuration files and during network transmission could allow an attacker in a privileged position to obtain access passwords.2018-07-03not yet calculatedCVE-2018-4855
    BID
    CONFIRM
    singularity -- singularitySingularity 2.3.0 through 2.5.1 is affected by an incorrect access control on systems supporting overlay file system. When using the overlay option, a malicious user may access sensitive information by exploiting a few specific Singularity features.2018-07-05not yet calculatedCVE-2018-12021
    CONFIRM
    sonos -- wireless_speaker_productsThe UPnP HTTP server on Sonos wireless speaker products allow unauthorized access via a DNS rebinding attack. This can result in remote device control and privileged device and network information to be exfiltrated by an attacker.2018-07-03not yet calculatedCVE-2018-11316
    MISC
    MISC
    synology -- carddav_server
     
    Cross-site scripting (XSS) vulnerability in Address Book Editor in Synology CardDAV Server before 6.0.8-0086 allows remote authenticated users to inject arbitrary web script or HTML via the (1) family_name, (2) given_name, or (3) additional_name parameter.2018-07-05not yet calculatedCVE-2018-8928
    CONFIRM
    synology -- synology_ssl_vpn_client
     
    Improper restriction of communication channel to intended endpoints vulnerability in HTTP daemon in Synology SSL VPN Client before 1.2.4-0224 allows remote attackers to conduct man-in-the-middle attacks via a crafted payload.2018-07-06not yet calculatedCVE-2018-8929
    CONFIRM
    synology -- universal_searchImproper authorization vulnerability in Highlight Preview in Synology Universal Search before 1.0.5-0135 allows remote authenticated users to bypass permission checks for directories in POSIX mode.2018-07-05not yet calculatedCVE-2017-16773
    CONFIRM
    tcexam -- tcexamTCExam before 14.1.2 has XSS via an ff_ or xl_ field.2018-07-07not yet calculatedCVE-2018-13422
    MISC
    tcpreplay -- tcpreplay
     
    get_l2len in common/get.c in Tcpreplay 4.3.0 beta 1 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via crafted packets, as demonstrated by tcpprep.2018-07-03not yet calculatedCVE-2018-13112
    MISC
    tp-link -- archer_c1200_wireless_routerTP-Link Archer C1200 1.13 Build 2018/01/24 rel.52299 EU devices have XSS via the PATH_INFO to the /webpages/data URI.2018-07-04not yet calculatedCVE-2018-13134
    MISC
    tp-link -- tl-wr841n_devicesThe Ping and Traceroute features on TP-Link TL-WR841N v13 00000001 0.9.1 4.16 v0001.0 Build 180119 Rel.65243n devices allow authenticated blind Command Injection.2018-07-02not yet calculatedCVE-2018-12577
    MISC
    tp-link -- tl-wr841n_devicesCSRF exists for all actions in the web interface on TP-Link TL-WR841N v13 00000001 0.9.1 4.16 v0001.0 Build 180119 Rel.65243n devices.2018-07-02not yet calculatedCVE-2018-12574
    MISC
    tp-link -- tl-wr841n_devicesTP-Link TL-WR841N v13 00000001 0.9.1 4.16 v0001.0 Build 180119 Rel.65243n devices allow clickjacking.2018-07-02not yet calculatedCVE-2018-12576
    MISC
    tp-link -- tl-wr841n_devicesOn TP-Link TL-WR841N v13 00000001 0.9.1 4.16 v0001.0 Build 171019 Rel.55346n devices, all actions in the web interface are affected by bypass of authentication via an HTTP request.2018-07-02not yet calculatedCVE-2018-12575
    MISC
    trackr -- trackr_bravoUnauthenticated access to the cloud-based service maintained by TrackR Bravo is allowed for querying or sending GPS data for any Trackr device by using the tracker ID number which can be discovered as described in CVE-2016-6539. Updated apps, version 5.1.6 for iOS and 2.2.5 for Android, have been released by the vendor to address the vulnerabilities in CVE-2016-6538, CVE-2016-6539, CVE-2016-6540 and CVE-2016-6541.2018-07-06not yet calculatedCVE-2016-6540
    BID
    MISC
    CERT-VN
    MISC
    trackr -- trackr_bravoThe Trackr device ID is constructed of a manufacturer identifier of four zeroes followed by the BLE MAC address in reverse. The MAC address can be obtained by being in close proximity to the Bluetooth device, effectively exposing the device ID. The ID can be used to track devices. Updated apps, version 5.1.6 for iOS and 2.2.5 for Android, have been released by the vendor to address the vulnerabilities in CVE-2016-6538, CVE-2016-6539, CVE-2016-6540 and CVE-2016-6541.2018-07-06not yet calculatedCVE-2016-6539
    BID
    MISC
    CERT-VN
    MISC
    trackr -- trackr_bravoTrackR Bravo device allows unauthenticated pairing, which enables unauthenticated connected applications to write to various device attributes. Updated apps, version 5.1.6 for iOS and 2.2.5 for Android, have been released by the vendor to address the vulnerabilities in CVE-2016-6538, CVE-2016-6539, CVE-2016-6540 and CVE-2016-6541.2018-07-06not yet calculatedCVE-2016-6541
    BID
    MISC
    CERT-VN
    MISC
    trackr -- trackr_bravo
     
    The TrackR Bravo mobile app stores the account password used to authenticate to the cloud API in cleartext in the cache.db file. Updated apps, version 5.1.6 for iOS and 2.2.5 for Android, have been released by the vendor to address the vulnerabilities in CVE-2016-6538, CVE-2016-6539, CVE-2016-6540 and CVE-2016-6541.2018-07-06not yet calculatedCVE-2016-6538
    BID
    MISC
    CERT-VN
    MISC
    trend_micro -- maximum_security_2018A vulnerability in Trend Micro Maximum Security's (Consumer) 2018 (versions 12.0.1191 and below) User-Mode Hooking (UMH) driver could allow an attacker to create a specially crafted packet that could alter a vulnerable system in such a way that malicious code could be injected into other processes.2018-07-06not yet calculatedCVE-2018-3608
    MISC
    MISC
    ubiquiti -- ucrmUbiquiti UCRM versions 2.3.0 to 2.7.7 allow an authenticated user to read arbitrary files in the local file system. Note that by default, the local file system is isolated in a docker container. Successful exploitation requires valid credentials to an account with "Edit" access to "System Customization".2018-07-03not yet calculatedCVE-2017-0913
    MISC
    MISC
    ubiquiti -- ucrmUbiquiti UCRM versions 2.5.0 to 2.7.7 are vulnerable to Stored Cross-site Scripting. Due to the lack sanitization, it is possible to inject arbitrary HTML code by manipulating the uploaded filename. Successful exploitation requires valid credentials to an account with "Edit" access to "Scheduling".2018-07-03not yet calculatedCVE-2017-0912
    MISC
    wordpress -- wordpressThe WP Live Chat Support Pro plugin before 8.0.07 for WordPress is vulnerable to unauthenticated Remote Code Execution due to client-side validation of allowed file types, as demonstrated by a v1/remote_upload request with a .php filename and the image/jpeg content type.2018-07-02not yet calculatedCVE-2018-12426
    MISC
    MISC
    wordpress -- wordpressThe Ultimate Member (aka ultimatemember) plugin before 2.0.18 for WordPress has XSS via the wp-admin settings screen.2018-07-04not yet calculatedCVE-2018-13136
    MISC
    MISC
    xapian -- xapian-core
     
    A cross-site scripting vulnerability in queryparser/termgenerator_internal.cc in Xapian xapian-core before 1.4.6 exists due to incomplete HTML escaping by Xapian::MSet::snippet().2018-07-02not yet calculatedCVE-2018-0499
    CONFIRM
    CONFIRM
    xen -- xenAn issue was discovered in Xen through 4.10.x. Certain PV MMU operations may take a long time to process. For that reason Xen explicitly checks for the need to preempt the current vCPU at certain points. A few rarely taken code paths did bypass such checks. By suitably enforcing the conditions through its own page table contents, a malicious guest may cause such bypasses to be used for an unbounded number of iterations. A malicious or buggy PV guest may cause a Denial of Service (DoS) affecting the entire host. Specifically, it may prevent use of a physical CPU for an indeterminate period of time. All Xen versions from 3.4 onwards are vulnerable. Xen versions 3.3 and earlier are vulnerable to an even wider class of attacks, due to them lacking preemption checks altogether in the affected code paths. Only x86 systems are affected. ARM systems are not affected. Only multi-vCPU x86 PV guests can leverage the vulnerability. x86 HVM or PVH guests as well as x86 single-vCPU PV ones cannot leverage the vulnerability.2018-07-02not yet calculatedCVE-2018-12891
    MLIST
    BID
    SECTRACK
    CONFIRM
    CONFIRM
    DEBIAN
    xen -- xenAn issue was discovered in Xen through 4.10.x. One of the fixes in XSA-260 added some safety checks to help prevent Xen livelocking with debug exceptions. Unfortunately, due to an oversight, at least one of these safety checks can be triggered by a guest. A malicious PV guest can crash Xen, leading to a Denial of Service. All Xen systems which have applied the XSA-260 fix are vulnerable. Only x86 systems are vulnerable. ARM systems are not vulnerable. Only x86 PV guests can exploit the vulnerability. x86 HVM and PVH guests cannot exploit the vulnerability. An attacker needs to be able to control hardware debugging facilities to exploit the vulnerability, but such permissions are typically available to unprivileged users.2018-07-02not yet calculatedCVE-2018-12893
    MLIST
    BID
    SECTRACK
    CONFIRM
    CONFIRM
    CONFIRM
    DEBIAN
    xen -- xenAn issue was discovered in Xen 4.7 through 4.10.x. libxl fails to pass the readonly flag to qemu when setting up a SCSI disk, due to what was probably an erroneous merge conflict resolution. Malicious guest administrators or (in some situations) users may be able to write to supposedly read-only disk images. Only emulated SCSI disks (specified as "sd" in the libxl disk configuration, or an equivalent) are affected. IDE disks ("hd") are not affected (because attempts to make them readonly are rejected). Additionally, CDROM devices (that is, devices specified to be presented to the guest as CDROMs, regardless of the nature of the backing storage on the host) are not affected; they are always read only. Only systems using qemu-xen (rather than qemu-xen-traditional) as the device model version are vulnerable. Only systems using libxl or libxl-based toolstacks are vulnerable. (This includes xl, and libvirt with the libxl driver.) The vulnerability is present in Xen versions 4.7 and later. (In earlier versions, provided that the patch for XSA-142 has been applied, attempts to create read only disks are rejected.) If the host and guest together usually support PVHVM, the issue is exploitable only if the malicious guest administrator has control of the guest kernel or guest kernel command line.2018-07-02not yet calculatedCVE-2018-12892
    MLIST
    BID
    SECTRACK
    CONFIRM
    DEBIAN
    zoho -- manageengine_applications_managerA SQL Injection vulnerability exists in Zoho ManageEngine Applications Manager 13.x via the j_username parameter in a /j_security_check POST request.2018-07-02not yet calculatedCVE-2018-13050
    MISC
    zoho -- manageengine_eventlog_analyzerAn issue was discovered in Zoho ManageEngine EventLog Analyzer 11.12. A Cross-Site Scripting vulnerability allows a remote attacker to inject arbitrary web script or HTML via the search functionality (the search box of the Dashboard).2018-07-02not yet calculatedCVE-2018-10076
    CONFIRM
    zoho -- manageengine_eventlog_analyzer
     
    Cross-site scripting (XSS) vulnerability in Zoho ManageEngine EventLog Analyzer 11.12 allows remote attackers to inject arbitrary web script or HTML via the import logs feature.2018-07-02not yet calculatedCVE-2018-10075
    CONFIRM
    zzcms -- zzcms
     
    /user/del.php in zzcms 8.3 allows SQL injection via the tablename parameter after leveraging use of the zzcms_ask table.2018-07-03not yet calculatedCVE-2018-13116
    MISC
    zzcms -- zzcms
     
    An issue was discovered on zzcms 8.3. There is a vulnerability at /user/del.php that can delete any file by placing its relative path into the zzcms_main table and then making an img add request. This can be leveraged for database access by deleting install.lock.2018-07-02not yet calculatedCVE-2018-13056
    MISC
    Back to top

    This product is provided subject to this Notification and this Privacy & Use policy.


  • Original release date: July 06, 2018

    The Center for Internet Security (CIS) has released its 2017 Year in Review. CIS is home to the Multi-State Information Sharing and Analysis Center (MS-ISAC), an NCCIC partner focused on cyber threat prevention, protection, response, and recovery for U.S. state, local, tribal, and territorial government entities. The review highlights CIS's role in improving cyber defense and MS-ISAC's advances in membership, monitoring, cyber education, and information sharing with partners.


    This product is provided subject to this Notification and this Privacy & Use policy.


  • Original release date: July 06, 2018

    Apple has released a security update to address vulnerabilities in Wi-Fi for Boot Camp 6.4.0. An attacker could exploit these vulnerabilities to obtain access to sensitive information.

    NCCIC encourages users and administrators to review Apple?s security page for Wi-Fi Update for Boot Camp 6.4.0 and apply the necessary update.


    This product is provided subject to this Notification and this Privacy & Use policy.