The NCCIC Weekly Vulnerability Summary Bulletin is created using information from the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD). In some cases, the vulnerabilities in the Bulletin may not yet have assigned CVSS scores. Please visit NVD for updated vulnerability entries, which include CVSS scores once they are available.
There were no high vulnerabilities recorded this week. There were no medium vulnerabilities recorded this week. Back There were no low vulnerabilities recorded this week. adobe — acrobat_and_reader Adobe Acrobat and Reader 2018.011.
20040 and earlier, 2017.011.30080 and earlier, and 2015.006.
30418 and earlier versions have an Out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.
2018-07-20 not yet calculated CVE-2018-5018
BID
SECTRACK
CONFIRM adobe — acrobat_and_reader Adobe Acrobat and Reader 2018.011.
20040 and earlier, 2017.011.30080 and earlier, and 2015.006.
30418 and earlier versions have an Out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. 2018-07-20 not yet calculated CVE-2018-5024
BID
SECTRACK
CONFIRM adobe — acrobat_and_reader Adobe Acrobat and Reader 2018.011.
20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have a Heap Overflow vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user.
2018-07-20 not yet calculated CVE-2018-5015
SECTRACK
CONFIRM adobe — acrobat_and_reader Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.
006.
30418 and earlier versions have an Out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. 2018-07-20 not yet calculated CVE-2018-5022
BID
SECTRACK
CONFIRM adobe — acrobat_and_reader Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.
30080 and earlier, and 2015.006.30418 and earlier versions have an Out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. 2018-07-20 not yet calculated CVE-2018-5025
BID
SECTRACK
CONFIRM adobe — acrobat_and_reader Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.
011.30080 and earlier, and 2015.006.30418 and earlier versions have an Untrusted pointer dereference vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user. 2018-07-20 not yet calculated CVE-2018-5012
BID
SECTRACK
CONFIRM adobe — acrobat_and_reader Adobe Acrobat and Reader 2018.011.
20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have an Out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. 2018-07-20 not yet calculated CVE-2018-5026
BID
SECTRACK
CONFIRM adobe — acrobat_and_reader Adobe Acrobat and Reader 2018.
011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have an Out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.
2018-07-20 not yet calculated CVE-2018-5016
BID
SECTRACK
CONFIRM adobe — acrobat_and_reader Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have a Use-after-free vulnerability.
Successful exploitation could lead to arbitrary code execution in the context of the current user. 2018-07-20 not yet calculated CVE-2018-12792
BID
SECTRACK
CONFIRM adobe — acrobat_and_reader Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.
30418 and earlier versions have an Out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user. 2018-07-20 not yet calculated CVE-2018-5070
BID
SECTRACK
CONFIRM adobe — acrobat_and_reader Adobe Acrobat and Reader 2018.011.
20040 and earlier, 2017.011.30080 and earlier, and 2015.
006.30418 and earlier versions have a Heap Overflow vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user. 2018-07-20 not yet calculated CVE-2018-5028
SECTRACK
CONFIRM adobe — acrobat_and_reader Adobe Acrobat and Reader 2018.011.
20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have an Out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user. 2018-07-20 not yet calculated CVE-2018-5064
BID
SECTRACK
CONFIRM adobe — acrobat_and_reader Adobe Acrobat and Reader 2018.011.
20040 and earlier, 2017.
011.30080 and earlier, and 2015.006.30418 and earlier versions have an Out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. 2018-07-20 not yet calculated CVE-2018-5066
BID
SECTRACK
CONFIRM adobe — acrobat_and_reader Adobe Acrobat and Reader 2018.011.
20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have a Use-after-free vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user. 2018-07-20 not yet calculated CVE-2018-5009
BID
SECTRACK
CONFIRM adobe — acrobat_and_reader Adobe Acrobat and Reader 2018.011.
20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have an Out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. 2018-07-20 not yet calculated CVE-2018-12767
BID
SECTRACK
CONFIRM adobe — acrobat_and_reader Adobe Acrobat and Reader 2018.011.
20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have an Out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. 2018-07-20 not yet calculated CVE-2018-12786
BID
SECTRACK
CONFIRM adobe — acrobat_and_reader Adobe Acrobat and Reader 2018.011.
20040 and earlier, 2017.011.30080 and earlier, and 2015.006.
30418 and earlier versions have a Heap Overflow vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user. 2018-07-20 not yet calculated CVE-2018-5052
SECTRACK
CONFIRM adobe — acrobat_and_reader Adobe Acrobat and Reader 2018.011.
20040 and earlier, 2017.
011.30080 and earlier, and 2015.
006.30418 and earlier versions have an Out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. 2018-07-20 not yet calculated CVE-2018-12789
BID
SECTRACK
CONFIRM adobe — acrobat_and_reader Adobe Acrobat and Reader 2018.011.
20040 and earlier, 2017.011.30080 and earlier, and 2015.006.
30418 and earlier versions have an Out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. 2018-07-20 not yet calculated CVE-2018-12790
BID
SECTRACK
CONFIRM adobe — acrobat_and_reader Adobe Acrobat and Reader 2018.011.
20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have an Out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user. 2018-07-20 not yet calculated CVE-2018-12771
BID
SECTRACK
CONFIRM adobe — acrobat_and_reader Adobe Acrobat and Reader 2018.011.
20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have an Out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. 2018-07-20 not yet calculated CVE-2018-5063
BID
SECTRACK
CONFIRM adobe — acrobat_and_reader Adobe Acrobat and Reader 2018.011.
20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have a Use-after-free vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user.
2018-07-20 not yet calculated CVE-2018-5011
BID
SECTRACK
CONFIRM adobe — acrobat_and_reader Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.
30080 and earlier, and 2015.006.30418 and earlier versions have an Out-of-bounds read vulnerability.
Successful exploitation could lead to information disclosure. 2018-07-20 not yet calculated CVE-2018-5027
BID
SECTRACK
CONFIRM adobe — acrobat_and_reader Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.
30418 and earlier versions have an Out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. 2018-07-20 not yet calculated CVE-2018-5014
BID
SECTRACK
CONFIRM adobe — acrobat_and_reader Adobe Acrobat and Reader 2018.011.
20040 and earlier, 2017.011.30080 and earlier, and 2015.006.
30418 and earlier versions have an Out-of-bounds write vulnerability.
Successful exploitation could lead to arbitrary code execution in the context of the current user. 2018-07-20 not yet calculated CVE-2018-12787
BID
SECTRACK
CONFIRM adobe — acrobat_and_reader Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.
30080 and earlier, and 2015.006.30418 and earlier versions have a Heap Overflow vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user. 2018-07-20 not yet calculated CVE-2018-5058
SECTRACK
CONFIRM adobe — acrobat_and_reader Adobe Acrobat and Reader 2018.011.
20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have an Out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user. 2018-07-20 not yet calculated CVE-2018-5020
BID
SECTRACK
CONFIRM adobe — acrobat_and_reader Adobe Acrobat and Reader 2018.011.
20040 and earlier, 2017.011.30080 and earlier, and 2015.006.
30418 and earlier versions have an Out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. 2018-07-20 not yet calculated CVE-2018-5055
BID
SECTRACK
CONFIRM adobe — acrobat_and_reader Adobe Acrobat and Reader 2018.011.
20040 and earlier, 2017.011.30080 and earlier, and 2015.
006.
30418 and earlier versions have an Out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. 2018-07-20 not yet calculated CVE-2018-5035
BID
SECTRACK
CONFIRM adobe — acrobat_and_reader Adobe Acrobat and Reader 2018.011.
20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have an Out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.
2018-07-20 not yet calculated CVE-2018-5056
BID
SECTRACK
CONFIRM adobe — acrobat_and_reader Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.
30418 and earlier versions have an Out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. 2018-07-20 not yet calculated CVE-2018-5068
BID
SECTRACK
CONFIRM adobe — acrobat_and_reader Adobe Acrobat and Reader 2018.011.
20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have an Out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. 2018-07-20 not yet calculated CVE-2018-5046
BID
SECTRACK
CONFIRM adobe — acrobat_and_reader Adobe Acrobat and Reader 2018.011.
20040 and earlier, 2017.011.
30080 and earlier, and 2015.006.30418 and earlier versions have an Out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.
2018-07-20 not yet calculated CVE-2018-5048
BID
SECTRACK
CONFIRM adobe — acrobat_and_reader Adobe Acrobat and Reader 2018.011.
20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have an Out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user. 2018-07-20 not yet calculated CVE-2018-5059
BID
SECTRACK
CONFIRM adobe — acrobat_and_reader
Adobe Acrobat and Reader 2018.011.
20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have a Heap Overflow vulnerability.
Successful exploitation could lead to arbitrary code execution in the context of the current user. 2018-07-20 not yet calculated CVE-2018-12798
SECTRACK
CONFIRM adobe — acrobat_and_reader Adobe Acrobat and Reader 2018.011.
20040 and earlier, 2017.011.30080 and earlier, and 2015.006.
30418 and earlier versions have an Out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. 2018-07-20 not yet calculated CVE-2018-12781
BID
SECTRACK
CONFIRM adobe — acrobat_and_reader Adobe Acrobat and Reader 2018.011.
20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have a Use-after-free vulnerability.
Successful exploitation could lead to arbitrary code execution in the context of the current user. 2018-07-20 not yet calculated CVE-2018-12791
BID
SECTRACK
CONFIRM adobe — acrobat_and_reader Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.
30080 and earlier, and 2015.006.
30418 and earlier versions have a Double Free vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user. 2018-07-20 not yet calculated CVE-2018-12782
BID
SECTRACK
CONFIRM adobe — acrobat_and_reader Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.
006.30418 and earlier versions have an Out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. 2018-07-20 not yet calculated CVE-2018-5060
BID
SECTRACK
CONFIRM adobe — acrobat_and_reader Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.
30080 and earlier, and 2015.006.30418 and earlier versions have a Heap Overflow vulnerability.
Successful exploitation could lead to arbitrary code execution in the context of the current user. 2018-07-20 not yet calculated CVE-2018-5067
SECTRACK
CONFIRM adobe — acrobat_and_reader Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.
30080 and earlier, and 2015.006.30418 and earlier versions have a Type Confusion vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user. 2018-07-20 not yet calculated CVE-2018-5057
BID
SECTRACK
CONFIRM adobe — acrobat_and_reader Adobe Acrobat and Reader 2018.011.
20040 and earlier, 2017.011.30080 and earlier, and 2015.006.
30418 and earlier versions have an Out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. 2018-07-20 not yet calculated CVE-2018-5033
BID
SECTRACK
CONFIRM adobe — acrobat_and_reader Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.
011.30080 and earlier, and 2015.006.30418 and earlier versions have a Heap Overflow vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user. 2018-07-20 not yet calculated CVE-2018-5032
SECTRACK
CONFIRM adobe — acrobat_and_reader Adobe Acrobat and Reader 2018.011.
20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have an Out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user. 2018-07-20 not yet calculated CVE-2018-12760
BID
SECTRACK
CONFIRM adobe — acrobat_and_reader Adobe Acrobat and Reader 2018.011.
20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have an Out-of-bounds read vulnerability.
Successful exploitation could lead to information disclosure. 2018-07-20 not yet calculated CVE-2018-5019
BID
SECTRACK
CONFIRM adobe — acrobat_and_reader Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.
006.30418 and earlier versions have a Buffer Errors vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user. 2018-07-20 not yet calculated CVE-2018-5034
BID
SECTRACK
CONFIRM adobe — acrobat_and_reader Adobe Acrobat and Reader 2018.011.
20040 and earlier, 2017.011.
30080 and earlier, and 2015.006.30418 and earlier versions have an Out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. 2018-07-20 not yet calculated CVE-2018-12765
BID
SECTRACK
CONFIRM adobe — acrobat_and_reader Adobe Acrobat and Reader 2018.011.
20040 and earlier, 2017.011.30080 and earlier, and 2015.006.
30418 and earlier versions have an Out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.
2018-07-20 not yet calculated CVE-2018-5047
BID
SECTRACK
CONFIRM adobe — acrobat_and_reader Adobe Acrobat and Reader 2018.011.
20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have a Heap Overflow vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user. 2018-07-20 not yet calculated CVE-2018-5045
SECTRACK
CONFIRM adobe — acrobat_and_reader Adobe Acrobat and Reader 2018.011.
20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have an Out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. 2018-07-20 not yet calculated CVE-2018-5017
BID
SECTRACK
CONFIRM adobe — acrobat_and_reader Adobe Acrobat and Reader 2018.011.
20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have an Out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. 2018-07-20 not yet calculated CVE-2018-5050
BID
SECTRACK
CONFIRM adobe — acrobat_and_reader Adobe Acrobat and Reader 2018.011.
20040 and earlier, 2017.011.30080 and earlier, and 2015.006.
30418 and earlier versions have a Heap Overflow vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user. 2018-07-20 not yet calculated CVE-2018-5040
SECTRACK
CONFIRM adobe — acrobat_and_reader Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.
006.30418 and earlier versions have an Out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user. 2018-07-20 not yet calculated CVE-2018-5069
BID
SECTRACK
CONFIRM adobe — acrobat_and_reader Adobe Acrobat and Reader 2018.011.
20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have a Use-after-free vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user. 2018-07-20 not yet calculated CVE-2018-12770
BID
SECTRACK
CONFIRM adobe — acrobat_and_reader Adobe Acrobat and Reader 2018.011.
20040 and earlier, 2017.011.30080 and earlier, and 2015.006.
30418 and earlier versions have a Use-after-free vulnerability.
Successful exploitation could lead to arbitrary code execution in the context of the current user. 2018-07-20 not yet calculated CVE-2018-12773
BID
SECTRACK
CONFIRM adobe — acrobat_and_reader Adobe Acrobat and Reader 2018.011.
20040 and earlier, 2017.011.
30080 and earlier, and 2015.006.30418 and earlier versions have an Out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. 2018-07-20 not yet calculated CVE-2018-5054
BID
SECTRACK
CONFIRM adobe — acrobat_and_reader Adobe Acrobat and Reader 2018.
011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.
30418 and earlier versions have an Out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.
2018-07-20 not yet calculated CVE-2018-12768
BID
SECTRACK
CONFIRM adobe — acrobat_and_reader Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.
011.30080 and earlier, and 2015.006.
30418 and earlier versions have a Use-after-free vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user. 2018-07-20 not yet calculated CVE-2018-12796
BID
SECTRACK
CONFIRM adobe — acrobat_and_reader Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.
30080 and earlier, and 2015.
006.30418 and earlier versions have a Use-after-free vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user. 2018-07-20 not yet calculated CVE-2018-12772
BID
SECTRACK
CONFIRM adobe — acrobat_and_reader Adobe Acrobat and Reader 2018.011.
20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have an Out-of-bounds read vulnerability.
Successful exploitation could lead to information disclosure.
2018-07-20 not yet calculated CVE-2018-5031
BID
SECTRACK
CONFIRM adobe — acrobat_and_reader Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.
30418 and earlier versions have an Untrusted pointer dereference vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user. 2018-07-20 not yet calculated CVE-2018-5030
BID
SECTRACK
CONFIRM adobe — acrobat_and_reader Adobe Acrobat and Reader 2018.
011.20040 and earlier, 2017.011.
30080 and earlier, and 2015.006.
30418 and earlier versions have a Use-after-free vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user. 2018-07-20 not yet calculated CVE-2018-12797
BID
SECTRACK
CONFIRM adobe — acrobat_and_reader Adobe Acrobat and Reader 2018.011.
20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have an Out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. 2018-07-20 not yet calculated CVE-2018-5049
BID
SECTRACK
CONFIRM adobe — acrobat_and_reader Adobe Acrobat and Reader 2018.011.
20040 and earlier, 2017.011.30080 and earlier, and 2015.
006.
30418 and earlier versions have an Out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. 2018-07-20 not yet calculated CVE-2018-12779
BID
SECTRACK
CONFIRM adobe — acrobat_and_reader Adobe Acrobat and Reader 2018.011.
20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have an Out-of-bounds read vulnerability.
Successful exploitation could lead to information disclosure. 2018-07-20 not yet calculated CVE-2018-12803
BID
SECTRACK
CONFIRM adobe — acrobat_and_reader Adobe Acrobat and Reader 2018.011.
20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have a Security Bypass vulnerability. Successful exploitation could lead to privilege escalation. 2018-07-20 not yet calculated CVE-2018-12802
BID
SECTRACK
CONFIRM adobe — acrobat_and_reader
Adobe Acrobat and Reader 2018.011.
20040 and earlier, 2017.011.30080 and earlier, and 2015.006.
30418 and earlier versions have an Out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. 2018-07-20 not yet calculated CVE-2018-5051
BID
SECTRACK
CONFIRM adobe — acrobat_and_reader Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.
30080 and earlier, and 2015.006.30418 and earlier versions have a Use-after-free vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user.
2018-07-20 not yet calculated CVE-2018-5065
BID
SECTRACK
CONFIRM adobe — acrobat_and_reader
Adobe Acrobat and Reader 2018.011.
20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have a Use-after-free vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user. 2018-07-20 not yet calculated CVE-2018-12783
BID
SECTRACK
CONFIRM adobe — acrobat_and_reader
Adobe Acrobat and Reader 2018.011.
20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have a Use-after-free vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user. 2018-07-20 not yet calculated CVE-2018-12756
BID
SECTRACK
CONFIRM adobe — acrobat_and_reader
Adobe Acrobat and Reader 2018.011.
20040 and earlier, 2017.011.
30080 and earlier, and 2015.006.30418 and earlier versions have an Out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user. 2018-07-20 not yet calculated CVE-2018-12754
BID
SECTRACK
CONFIRM adobe — acrobat_and_reader Adobe Acrobat and Reader 2018.
011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.
30418 and earlier versions have an Out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. 2018-07-20 not yet calculated CVE-2018-5044
BID
SECTRACK
CONFIRM adobe — acrobat_and_reader
Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.
011.30080 and earlier, and 2015.006.
30418 and earlier versions have a Buffer Errors vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user. 2018-07-20 not yet calculated CVE-2018-12784
BID
SECTRACK
CONFIRM adobe — acrobat_and_reader Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.
006.30418 and earlier versions have a Heap Overflow vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user. 2018-07-20 not yet calculated CVE-2018-12785
SECTRACK
CONFIRM adobe — acrobat_and_reader Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.
30080 and earlier, and 2015.006.30418 and earlier versions have an Out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.
2018-07-20 not yet calculated CVE-2018-12780
BID
SECTRACK
CONFIRM adobe — acrobat_and_reader Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.
011.30080 and earlier, and 2015.006.30418 and earlier versions have an Out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. 2018-07-20 not yet calculated CVE-2018-12795
BID
SECTRACK
CONFIRM adobe — acrobat_and_reader Adobe Acrobat and Reader 2018.011.
20040 and earlier, 2017.011.30080 and earlier, and 2015.006.
30418 and earlier versions have an Out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. 2018-07-20 not yet calculated CVE-2018-12757
BID
SECTRACK
CONFIRM adobe — acrobat_and_reader Adobe Acrobat and Reader 2018.011.
20040 and earlier, 2017.
011.30080 and earlier, and 2015.006.
30418 and earlier versions have an Out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.
2018-07-20 not yet calculated CVE-2018-12774
BID
SECTRACK
CONFIRM adobe — acrobat_and_reader Adobe Acrobat and Reader 2018.011.
20040 and earlier, 2017.011.30080 and earlier, and 2015.
006.30418 and earlier versions have an Out-of-bounds read vulnerability.
Successful exploitation could lead to information disclosure. 2018-07-20 not yet calculated CVE-2018-5053
BID
SECTRACK
CONFIRM adobe — acrobat_and_reader Adobe Acrobat and Reader 2018.011.
20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have an Out-of-bounds read vulnerability.
Successful exploitation could lead to information disclosure. 2018-07-20 not yet calculated CVE-2018-12761
BID
SECTRACK
CONFIRM adobe — acrobat_and_reader Adobe Acrobat and Reader 2018.011.
20040 and earlier, 2017.011.30080 and earlier, and 2015.
006.30418 and earlier versions have an Out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. 2018-07-20 not yet calculated CVE-2018-5062
BID
SECTRACK
CONFIRM adobe — acrobat_and_reader Adobe Acrobat and Reader 2018.
011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.
30418 and earlier versions have a Type Confusion vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user. 2018-07-20 not yet calculated CVE-2018-12793
BID
SECTRACK
CONFIRM adobe — acrobat_and_reader Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.
011.30080 and earlier, and 2015.006.
30418 and earlier versions have a Heap Overflow vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user. 2018-07-20 not yet calculated CVE-2018-12788
SECTRACK
CONFIRM adobe — acrobat_and_reader Adobe Acrobat and Reader 2018.011.
20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have an Out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. 2018-07-20 not yet calculated CVE-2018-12766
BID
SECTRACK
CONFIRM adobe — acrobat_and_reader Adobe Acrobat and Reader 2018.011.
20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have an Out-of-bounds write vulnerability.
Successful exploitation could lead to arbitrary code execution in the context of the current user. 2018-07-20 not yet calculated CVE-2018-12758
BID
SECTRACK
CONFIRM adobe — acrobat_and_reader Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.
30080 and earlier, and 2015.006.
30418 and earlier versions have an Out-of-bounds write vulnerability.
Successful exploitation could lead to arbitrary code execution in the context of the current user. 2018-07-20 not yet calculated CVE-2018-5042
BID
SECTRACK
CONFIRM adobe — acrobat_and_reader
Adobe Acrobat and Reader 2018.011.
20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have an Out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user. 2018-07-20 not yet calculated CVE-2018-12755
BID
SECTRACK
CONFIRM adobe — acrobat_and_reader Adobe Acrobat and Reader 2018.011.
20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have an Out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. 2018-07-20 not yet calculated CVE-2018-5061
BID
SECTRACK
CONFIRM adobe — acrobat_and_reader Adobe Acrobat and Reader 2018.011.
20040 and earlier, 2017.011.
30080 and earlier, and 2015.006.30418 and earlier versions have an Out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. 2018-07-20 not yet calculated CVE-2018-12777
BID
SECTRACK
CONFIRM adobe — acrobat_and_reader Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.
011.30080 and earlier, and 2015.006.30418 and earlier versions have a Heap Overflow vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user. 2018-07-20 not yet calculated CVE-2018-5036
SECTRACK
CONFIRM adobe — acrobat_and_reader Adobe Acrobat and Reader 2018.011.
20040 and earlier, 2017.011.30080 and earlier, and 2015.006.
30418 and earlier versions have an Out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. 2018-07-20 not yet calculated CVE-2018-12762
BID
SECTRACK
CONFIRM adobe — acrobat_and_reader Adobe Acrobat and Reader 2018.011.
20040 and earlier, 2017.011.30080 and earlier, and 2015.006.
30418 and earlier versions have an Out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. 2018-07-20 not yet calculated CVE-2018-5029
BID
SECTRACK
CONFIRM adobe — acrobat_and_reader Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.
011.30080 and earlier, and 2015.006.30418 and earlier versions have an Out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.
2018-07-20 not yet calculated CVE-2018-12763
BID
SECTRACK
CONFIRM adobe — acrobat_and_reader Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.
006.
30418 and earlier versions have an Out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. 2018-07-20 not yet calculated CVE-2018-5039
BID
SECTRACK
CONFIRM adobe — acrobat_and_reader Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.
30080 and earlier, and 2015.006.30418 and earlier versions have a Buffer Errors vulnerability.
Successful exploitation could lead to arbitrary code execution in the context of the current user. 2018-07-20 not yet calculated CVE-2018-5043
BID
SECTRACK
CONFIRM adobe — acrobat_and_reader Adobe Acrobat and Reader 2018.011.
20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have a Use-after-free vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user. 2018-07-20 not yet calculated CVE-2018-12776
BID
SECTRACK
CONFIRM adobe — acrobat_and_reader Adobe Acrobat and Reader 2018.011.
20040 and earlier, 2017.
011.30080 and earlier, and 2015.006.
30418 and earlier versions have a Buffer Errors vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user. 2018-07-20 not yet calculated CVE-2018-5037
BID
SECTRACK
CONFIRM adobe — acrobat_and_reader Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.
011.30080 and earlier, and 2015.006.
30418 and earlier versions have a Heap Overflow vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user. 2018-07-20 not yet calculated CVE-2018-5041
SECTRACK
CONFIRM adobe — acrobat_and_reader Adobe Acrobat and Reader 2018.
011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have an Out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.
2018-07-20 not yet calculated CVE-2018-12764
BID
SECTRACK
CONFIRM adobe — acrobat_and_reader Adobe Acrobat and Reader 2018.011.
20040 and earlier, 2017.011.30080 and earlier, and 2015.006.
30418 and earlier versions have a Heap Overflow vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user. 2018-07-20 not yet calculated CVE-2018-5038
SECTRACK
CONFIRM adobe — acrobat_and_reader Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.
30080 and earlier, and 2015.006.
30418 and earlier versions have a Type Confusion vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user. 2018-07-20 not yet calculated CVE-2018-12794
BID
SECTRACK
CONFIRM adobe — acrobat_and_reader Adobe Acrobat and Reader 2018.011.
20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have an Out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.
2018-07-20 not yet calculated CVE-2018-5010
BID
SECTRACK
CONFIRM adobe — acrobat_and_reader Adobe Acrobat and Reader 2018.011.
20040 and earlier, 2017.011.30080 and earlier, and 2015.006.
30418 and earlier versions have an Out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user. 2018-07-20 not yet calculated CVE-2018-5021
BID
SECTRACK
CONFIRM adobe — acrobat_and_reader Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.
30080 and earlier, and 2015.
006.
30418 and earlier versions have an Out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. 2018-07-20 not yet calculated CVE-2018-5023
BID
SECTRACK
CONFIRM adobe — connect Adobe Connect versions 9.7.
5 and earlier have an Insecure Library Loading vulnerability. Successful exploitation could lead to privilege escalation. 2018-07-20 not yet calculated CVE-2018-12805
BID
CONFIRM adobe — connect Adobe Connect versions 9.7.5 and earlier have an Authentication Bypass vulnerability. Successful exploitation could lead to session hijacking.
2018-07-20 not yet calculated CVE-2018-12804
BID
SECTRACK
CONFIRM adobe — experience_manager Adobe Experience Manager versions 6.2 and 6.
3 have a Server-Side Request Forgery vulnerability. Successful exploitation could lead to sensitive information disclosure. 2018-07-20 not yet calculated CVE-2018-5004
BID
CONFIRM adobe — experience_manager Adobe Experience Manager versions 6.4 and earlier have a Server-Side Request Forgery vulnerability.
Successful exploitation could lead to sensitive information disclosure. 2018-07-20 not yet calculated CVE-2018-5006
BID
CONFIRM adobe — experience_manager
Adobe Experience Manager versions 6.4 and earlier have a Server-Side Request Forgery vulnerability. Successful exploitation could lead to sensitive information disclosure. 2018-07-20 not yet calculated CVE-2018-12809
BID
CONFIRM adobe — flash_player Adobe Flash Player 30.0.
0.113 and earlier versions have a Type Confusion vulnerability.
Successful exploitation could lead to arbitrary code execution in the context of the current user.
2018-07-20 not yet calculated CVE-2018-5007
BID
SECTRACK
REDHAT
CONFIRM adobe — flash_player Adobe Flash Player 30.0.0.
113 and earlier versions have an Out-of-bounds read vulnerability.
Successful exploitation could lead to information disclosure. 2018-07-20 not yet calculated CVE-2018-5008
BID
SECTRACK
REDHAT
CONFIRM advancecomp — advancecomp An out-of-bounds heap buffer read flaw was found in the way advancecomp before 2.1-2018/02 handled processing of ZIP files.
An attacker could potentially use this flaw to crash the advzip utility by tricking it into processing crafted ZIP files. 2018-07-27 not yet calculated CVE-2018-1056
CONFIRM
CONFIRM
MLIST
CONFIRM
UBUNTU ansible — ansible
An input validation vulnerability was found in Ansible’s mysql_user module before 2.2.1.
0, which may fail to correctly change a password in certain circumstances. Thus the previous password would still be active when it should have been changed. 2018-07-26 not yet calculated CVE-2016-8647
REDHAT
CONFIRM
CONFIRM ansible — tower
A flaw was found in Ansible Tower’s interface before 3.
1.5 and 3.2.0 with SCM repositories. If a Tower project (SCM repository) definition does not have the ‘delete before update’ flag set, an attacker with commit access to the upstream playbook source repository could create a Trojan playbook that, when executed by Tower, modifies the checked out SCM repository to add git hooks. These git hooks could, in turn, cause arbitrary command and code execution as the user Tower runs as. 2018-07-27 not yet calculated CVE-2017-12148
REDHAT
CONFIRM apache — kafka In Apache Kafka 0.
9.0.0 to 0.9.0.1, 0.10.
0.0 to 0.10.
2.1, 0.
11.0.0 to 0.11.0.2, and 1.
0.0, authenticated Kafka users may perform action reserved for the Broker via a manually created fetch request interfering with data replication, resulting in data loss. 2018-07-26 not yet calculated CVE-2018-1288
MLIST apache — kafka
In Apache Kafka 0.10.0.
0 to 0.10.2.1 and 0.11.
0.0 to 0.
11.0.1, authenticated Kafka clients may use impersonation via a manually crafted protocol message with SASL/PLAIN or SASL/SCRAM authentication when using the built-in PLAIN or SCRAM server implementations in Apache Kafka.
2018-07-26 not yet calculated CVE-2017-12610
BID
MLIST apache — openwhisk In PHP Runtime for Apache OpenWhisk, a Docker action inheriting one of the Docker tags openwhisk/action-php-v7.2:1.0.0 or openwhisk/action-php-v7.1:1.
0.1 (or earlier) may allow an attacker to replace the user function inside the container if the user code is vulnerable to code exploitation. 2018-07-23 not yet calculated CVE-2018-11756
CONFIRM
MLIST apache — openwhisk In Docker Skeleton Runtime for Apache OpenWhisk, a Docker action inheriting the Docker tag openwhisk/dockerskeleton:1.3.0 (or earlier) may allow an attacker to replace the user function inside the container if the user code is vulnerable to code exploitation.
2018-07-23 not yet calculated CVE-2018-11757
CONFIRM
MLIST apache — tomee The TomEE console (tomee-webapp) has a XSS vulnerability which could allow javascript to be executed if the user is given a malicious URL. This web application is typically used to add TomEE features to a Tomcat installation. The TomEE bundles do not ship with this application included.
This issue can be mitigated by removing the application after TomEE is setup (if using the application to install TomEE), using one of the provided pre-configured bundles, or by upgrading to TomEE 7.0.5. This issue is resolve in this commit: b8bbf50c23ce97dd64f3a5d77f78f84e47579863.
2018-07-23 not yet calculated CVE-2018-8031
MLIST arm — mbed_tls
ARM mbed TLS before 2.12.0, before 2.7.5, and before 2.1.
14 allows local users to achieve partial plaintext recovery (for a CBC based ciphersuite) via a cache-based side-channel attack. 2018-07-28 not yet calculated CVE-2018-0498
CONFIRM arm — mbed_tls
ARM mbed TLS before 2.
12.0, before 2.
7.5, and before 2.1.
14 allows remote attackers to achieve partial plaintext recovery (for a CBC based ciphersuite) via a timing-based side-channel attack. This vulnerability exists because of an incorrect fix (with a wrong SHA-384 calculation) for CVE-2013-0169. 2018-07-28 not yet calculated CVE-2018-0497
CONFIRM asus — hg100_devices ASUS HG100 devices with firmware before 1.
05.12 allow unauthenticated access, leading to remote command execution.
2018-07-25 not yet calculated CVE-2018-11491
CONFIRM atlassian — jira
The Webhooks component of Atlassian Jira before version 7.6.7 and from version 7.7.0 before version 7.
11.
0 allows remote attackers who are able to observe or otherwise intercept webhook events to learn information about changes in issues that should not be sent because they are not contained within the results of a specified JQL query. 2018-07-24 not yet calculated CVE-2017-18104
CONFIRM aubio — aubio An issue was discovered in aubio 0.4.6.
A SEGV signal can occur in aubio_source_avcodec_readframe in io/source_avcodec.c, as demonstrated by aubiomfcc. 2018-07-23 not yet calculated CVE-2018-14521
MISC aubio — aubio An issue was discovered in aubio 0.4.6. A SEGV signal can occur in aubio_pitch_set_unit in pitch/pitch.
c, as demonstrated by aubionotes. 2018-07-23 not yet calculated CVE-2018-14522
MISC aubio — aubio An issue was discovered in aubio 0.
4.6. A buffer over-read can occur in new_aubio_pitchyinfft in pitch/pitchyinfft.c, as demonstrated by aubionotes. 2018-07-23 not yet calculated CVE-2018-14523
MISC aveva — intouch
AVEVA InTouch 2014 R2 SP1 and prior, InTouch 2017, InTouch 2017 Update 1, and InTouch 2017 Update 2 allow an unauthenticated user to send a specially crafted packet that could overflow the buffer on a locale not using a dot floating point separator.
Exploitation could allow remote code execution under the privileges of the InTouch View process. 2018-07-24 not yet calculated CVE-2018-10628
BID
MISC
CONFIRM bagecms — bagecms
index.php?r=admini/admin/create in BageCMS V3.
1.3 allows CSRF to add a background administrator account. 2018-07-24 not yet calculated CVE-2018-14582
MISC bento4 — bento4 An issue has been discovered in Bento4 1.5.1-624. A SEGV can occur in AP4_Processor::ProcessFragments in Core/Ap4Processor.cpp. 2018-07-24 not yet calculated CVE-2018-14590
MISC bento4 — bento4 An issue was discovered in Bento4 1.
5.1-624. There is a heap-based buffer over-read in AP4_Mpeg2TsVideoSampleStream::WriteSample in Core/Ap4Mpeg2Ts.
cpp after a call from Mp42Hls.cpp, a related issue to CVE-2018-13846. 2018-07-23 not yet calculated CVE-2018-14532
MISC bento4 — bento4 An issue has been discovered in Bento4 1.5.1-624.
AP4_MemoryByteStream::WritePartial in Core/Ap4ByteStream.cpp has a buffer over-read. 2018-07-24 not yet calculated CVE-2018-14587
MISC bento4 — bento4 An issue was discovered in Bento4 1.
5.
1-624. There is an unspecified “heap-buffer-overflow” crash in the AP4_HvccAtom class in Core/Ap4HvccAtom.cpp. 2018-07-23 not yet calculated CVE-2018-14531
MISC bento4 — bento4 An issue has been discovered in Bento4 1.
5.1-624. A NULL pointer dereference can occur in AP4_DataBuffer::SetData in Core/Ap4DataBuffer.cpp.
2018-07-24 not yet calculated CVE-2018-14588
MISC bento4 — bento4 An issue has been discovered in Bento4 1.
5.1-624. AP4_Mp4AudioDsiParser::ReadBits in Codecs/Ap4Mp4AudioInfo.
cpp has a heap-based buffer over-read. 2018-07-24 not yet calculated CVE-2018-14589
MISC bento4 — bento4 There exists one NULL pointer dereference vulnerability in AP4_JsonInspector::AddField in Ap4Atom.cpp in Bento4 1.5.1-624, which can allow attackers to cause a denial-of-service via a crafted mp4 file. This vulnerability can be triggered by the executable mp4dump. 2018-07-23 not yet calculated CVE-2018-14543
MISC bento4 — bento4 An issue has been discovered in Bento4 1.
5.
1-624. AP4_AvccAtom::Create in Core/Ap4AvccAtom.cpp has a heap-based buffer over-read. 2018-07-24 not yet calculated CVE-2018-14584
MISC
MISC bento4 — bento4 An issue has been discovered in Bento4 1.5.1-624. AP4_BytesToUInt16BE in Core/Ap4Utils.h has a heap-based buffer over-read after a call from the AP4_Stz2Atom class.
2018-07-24 not yet calculated CVE-2018-14585
MISC bento4 — bento4 There exists one invalid memory read bug in AP4_SampleDescription::GetFormat() in Ap4SampleDescription.
h in Bento4 1.5.1-624, which can allow attackers to cause a denial-of-service via a crafted mp4 file. This vulnerability can be triggered by the executable mp42ts. 2018-07-23 not yet calculated CVE-2018-14544
MISC bento4 — bento4 There exists one invalid memory read bug in AP4_SampleDescription::GetType() in Ap4SampleDescription.
h in Bento4 1.5.1-624, which can allow attackers to cause a denial-of-service via a crafted mp4 file. This vulnerability can be triggered by the executable mp42ts. 2018-07-23 not yet calculated CVE-2018-14545
MISC bento4 — bento4 An issue has been discovered in Bento4 1.
5.
1-624. A SEGV can occur in AP4_Mpeg2TsAudioSampleStream::WriteSample in Core/Ap4Mpeg2Ts.cpp, a different vulnerability than CVE-2018-14532. 2018-07-24 not yet calculated CVE-2018-14586
MISC brynamics — online_trade Brynamics “Online Trade – Online trading and cryptocurrency investment system” allows remote attackers to obtain sensitive information via a direct request for /dashboard/addplan, /dashboard/paywithcard/charge, /dashboard/withdrawal, or /privacy&terms, as demonstrated by reading database username, database password, database_name, and IP address fields, related to CVE-2018-12908.
2018-07-23 not yet calculated CVE-2018-14328
MISC busybox — busybox
huft_build in archival/libarchive/decompress_gunzip.c in BusyBox before 1.27.2 misuses a pointer, causing segfaults and an application crash during an unzip operation on a specially crafted ZIP file.
2018-07-26 not yet calculated CVE-2015-9261
MISC
MISC
MISC
MLIST calamp — lmu_3030_series_devices
CalAmp LMU 3030 series OBD-II CDMA and GSM devices has an SMS (text message) interface that can be deployed where no password is configured for this interface by the integrator / reseller. This interface must be password protected, otherwise, the attacker only needs to know the phone number of the device (via an IMSI Catcher, for example) to send administrative commands to the device. These commands can be used to provide ongoing, real-time access to the device and can configure parameters such as IP addresses, firewall rules, and passwords. 2018-07-24 not yet calculated CVE-2017-3217
CERT-VN
BID ceph — ceph In Ceph, a format string flaw was found in the way libradosstriper parses input from user. A user could crash an application or service using the libradosstriper library. 2018-07-27 not yet calculated CVE-2017-7519
BID
CONFIRM chamanet — memocgi
Directory traversal vulnerability in ChamaNet MemoCGI v2.
1800 to v2.2200 allows remote attackers to read arbitrary files via unspecified vectors. 2018-07-26 not yet calculated CVE-2018-0617
JVN
CONFIRM chamilo — chamilo-lms
Chamilo LMS version 11.x contains an Unserialization vulnerability in the “hash” GET parameter for the api endpoint located at /webservices/api/v2.php that can result in Unauthenticated remote code execution. This attack appear to be exploitable via a simple GET request to the api endpoint.
This vulnerability appears to have been fixed in After commit 0de84700648f098c1fbf6b807dee28ec640efe62.
2018-07-23 not yet calculated CVE-2018-1999019
CONFIRM
MISC cloud_foundry_foundation — uaa
Cloud Foundry UAA, versions 4.19 prior to 4.19.2 and 4.12 prior to 4.12.4 and 4.
10 prior to 4.
10.2 and 4.7 prior to 4.7.6 and 4.5 prior to 4.
5.7, incorrectly authorizes requests to admin endpoints by accepting a valid refresh token in lieu of an access token. Refresh tokens by design have a longer expiration time than access tokens, allowing the possessor of a refresh token to authenticate longer than expected. This affects the administrative endpoints of the UAA.
i.e. /Users, /Groups, etc.
However, if the user has been deleted or had groups removed, or the client was deleted, the refresh token will no longer be valid. 2018-07-24 not yet calculated CVE-2018-11047
CONFIRM cthackers — adm-zip
adm-zip npm library before 0.4.9 is vulnerable to directory traversal, allowing attackers to write to arbitrary files via a ../ (dot dot slash) in a Zip archive entry that is mishandled during extraction. This vulnerability is also known as ‘Zip-Slip’. 2018-07-25 not yet calculated CVE-2018-1002204
CONFIRM
CONFIRM
MISC
MISC
MISC curl — curl curl before 7.
53.
0 has an incorrect TLS Certificate Status Request extension feature that asks for a fresh proof of the server’s certificate’s validity in the code that checks for a test success or failure. It ends up always thinking there’s valid proof, even when there is none or if the server doesn’t support the TLS extension in question. This could lead to users not detecting when a server’s certificate goes invalid or otherwise be mislead that the server is in a better shape than it is in reality. This flaw also exists in the command line tool (–cert-status). 2018-07-27 not yet calculated CVE-2017-2629
BID
SECTRACK
CONFIRM
CONFIRM
GENTOO
CONFIRM cybozu — cybozu_garoon
SQL injection vulnerability in the Notifications application in the Cybozu Garoon 3.5.
0 to 4.6.2 allows remote authenticated attackers to execute arbitrary SQL commands via unspecified vectors. 2018-07-26 not yet calculated CVE-2018-0607
JVN
CONFIRM dahua_security — ip_camera_products
Dahua IP camera products using firmware versions prior to V2.400.0000.14.
R.20170713 include a version of the Sonia web interface that may be vulnerable to a stack buffer overflow. Dahua IP camera products include an application known as Sonia (/usr/bin/sonia) that provides the web interface and other services for controlling the IP camera remotely. Versions of Sonia included in firmware versions prior to DH_IPC-Consumer-Zi-Themis_Eng_P_V2.408.
0000.11.R.20170621 do not validate input data length for the ‘password’ field of the web interface. A remote, unauthenticated attacker may submit a crafted POST request to the IP camera’s Sonia web interface that may lead to out-of-bounds memory operations and loss of availability or remote code execution. The issue was originally identified by the researcher in firmware version DH_IPC-HX1X2X-Themis_EngSpnFrn_N_V2.400.0000.
30.R.20160803. 2018-07-24 not yet calculated CVE-2017-3223
BID
CERT-VN dbpower — dbpower
The DBPOWER U818A WIFI quadcopter drone provides FTP access over its own local access point, and allows full file permissions to the anonymous user.
The DBPower U818A WIFI quadcopter drone runs an FTP server that by default allows anonymous access without a password, and provides full filesystem read/write permissions to the anonymous user. A remote user within range of the open access point on the drone may utilize the anonymous user of the FTP server to read arbitrary files, such as images and video recorded by the device, or to replace system files such as /etc/shadow to gain further access to the device. Furthermore, the DBPOWER U818A WIFI quadcopter drone uses BusyBox 1.20.
2, which was released in 2012, and may be vulnerable to other known BusyBox vulnerabilities. 2018-07-24 not yet calculated CVE-2017-3209
MISC
CERT-VN
BID dbus — dbus It was found that subscription-manager’s DBus interface before 1.19.4 let unprivileged user access the com.redhat.
RHSM1.Facts.GetFacts and com.
redhat.RHSM1.Config.Set methods. An unprivileged local attacker could use these methods to gain access to private information, or launch a privilege escalation attack. 2018-07-27 not yet calculated CVE-2017-2663
BID
CONFIRM
CONFIRM dhc — dhc_online_shop_app_for_android
The DHC Online Shop App for Android version 3.
2.0 and earlier does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. 2018-07-26 not yet calculated CVE-2018-0622
JVN dotcms — dotcms The dotCMS administration panel, versions 3.7.1 and earlier, are vulnerable to cross-site request forgery. The dotCMS administrator panel contains a cross-site request forgery (CSRF) vulnerability.
An attacker can perform actions with the same permissions as a victim user, provided the victim has an active session and is induced to trigger the malicious request. An unauthenticated remote attacker may perform actions with the dotCMS administrator panel with the same permissions of a victim user or execute arbitrary system commands with the permissions of the user running the dotCMS application. 2018-07-24 not yet calculated CVE-2017-3187
BID
CERT-VN dotcms — dotcms The dotCMS administration panel, versions 3.7.1 and earlier, “Push Publishing” feature in Enterprise Pro is vulnerable to arbitrary file upload.
When “Bundle” tar.gz archives uploaded to the Push Publishing feature are decompressed, there are no checks on the types of files which the bundle contains.
This vulnerability combined with the path traversal vulnerability (CVE-2017-3188) can lead to remote command execution with the permissions of the user running the dotCMS application. An unauthenticated remote attacker may perform actions with the dotCMS administrator panel with the same permissions of a victim user or execute arbitrary system commands with the permissions of the user running the dotCMS application. 2018-07-24 not yet calculated CVE-2017-3189
BID
CERT-VN dotcms — dotcms The dotCMS administration panel, versions 3.7.1 and earlier, “Push Publishing” feature in Enterprise Pro is vulnerable to path traversal. When “Bundle” tar.gz archives uploaded to the Push Publishing feature are decompressed, the filenames of its contents are not properly checked, allowing for writing files to arbitrary directories on the file system.
These archives may be uploaded directly via the administrator panel, or using the CSRF vulnerability (CVE-2017-3187). An unauthenticated remote attacker may perform actions with the dotCMS administrator panel with the same permissions of a victim user or execute arbitrary system commands with the permissions of the user running the dotCMS application. 2018-07-24 not yet calculated CVE-2017-3188
BID
CERT-VN dotnetzip.semvered — dotnetzip.semvered
DotNetZip.
Semvered before 1.11.0 is vulnerable to directory traversal, allowing attackers to write to arbitrary files via a ../ (dot dot slash) in a Zip archive entry that is mishandled during extraction. This vulnerability is also known as ‘Zip-Slip’. 2018-07-25 not yet calculated CVE-2018-1002205
CONFIRM
CONFIRM
MISC
MISC
MISC eap — eap
It was found in EAP 7 before 7.0.9 that properties based files of the management and the application realm configuration that contain user to role mapping are world readable allowing access to users and roles information to all the users logged in to the system.
2018-07-26 not yet calculated CVE-2017-12167
BID
REDHAT
REDHAT
REDHAT
REDHAT
REDHAT
REDHAT
REDHAT
REDHAT
CONFIRM echelon — smartserver_and_i.lon
Echelon SmartServer 1 all versions, SmartServer 2 all versions prior to release 4.11.007, i.
LON 100 all versions, and i.LON 600 all versions. An attacker can use the SOAP API to retrieve and change sensitive configuration items such as the usernames and passwords for the Web and FTP servers. This vulnerability does not affect the i.
LON 600 product. 2018-07-24 not yet calculated CVE-2018-10627
MISC echelon — smartserver_and_i.lon Echelon SmartServer 1 all versions, SmartServer 2 all versions prior to release 4.11.007, i.LON 100 all versions, and i.LON 600 all versions.
The devices allow unencrypted Web connections by default, and devices can receive configuration and firmware updates by unsecure FTP. 2018-07-24 not yet calculated CVE-2018-8855
MISC echelon — smartserver_and_i.lon Echelon SmartServer 1 all versions, SmartServer 2 all versions prior to release 4.11.007, i.
LON 100 all versions, and i.LON 600 all versions. The devices store passwords in plaintext, which may allow an attacker with access to the configuration file to log into the SmartServer web user interface. 2018-07-24 not yet calculated CVE-2018-8851
MISC echelon — smartserver_and_i.
lon Echelon SmartServer 1 all versions, SmartServer 2 all versions prior to release 4.11.007, i.LON 100 all versions, and i.LON 600 all versions.
An attacker can bypass the required authentication specified in the security configuration file by including extra characters in the directory name when specifying the directory to be accessed. This vulnerability does not affect the i.LON 600 product.
2018-07-24 not yet calculated CVE-2018-8859
MISC f5 — big-ip On F5 BIG-IP DNS 13.1.0-13.1.0.7, 12.
1.3-12.1.3.5, DNS Express / DNS Zones accept NOTIFY messages on the management interface from source IP addresses not listed in the ‘Allow NOTIFY From’ configuration parameter when the db variable “dnsexpress.notifyport” is set to any value other than the default of “0”.
2018-07-25 not yet calculated CVE-2018-5538
CONFIRM f5 — big-ip A remote attacker may be able to disrupt services on F5 BIG-IP 13.0.0-13.1.0.5, 12.
1.0-12.1.3.5, 11.6.
0-11.6.3.1, or 11.2.1-11.5.6 if the TMM virtual server is configured with a HTML or a Rewrite profile.
TMM may restart while processing some specially prepared HTML content from the back end. 2018-07-25 not yet calculated CVE-2018-5537
CONFIRM f5 — big-ip A remote attacker via undisclosed measures, may be able to exploit an F5 BIG-IP APM 13.0.0-13.
1.0.7 or 12.1.
0-12.1.3.5 virtual server configured with an APM per-request policy object and cause a memory leak in the APM module. 2018-07-25 not yet calculated CVE-2018-5536
CONFIRM f5 — big-ip Under certain conditions, on F5 BIG-IP ASM 13.0.
0-13.1.0.7, 12.1.0-12.1.
3.5, 11.6.
0-11.6.3.1, 11.
5.1-11.5.6, or 11.
2.1, when processing CSRF protections, the BIG-IP ASM bd process may restart and produce a core file. 2018-07-25 not yet calculated CVE-2018-5539
CONFIRM f5 — big-ip Through undisclosed methods, on F5 BIG-IP 13.0.
0-13.1.0.7, 12.
1.0-12.1.3.5, 11.6.
0-11.6.3.
1, or 11.2.1-11.
5.6, adjacent network attackers can cause a denial of service for VCMP guest and host systems. Attack must be sourced from adjacent network (layer 2). 2018-07-25 not yet calculated CVE-2018-5531
CONFIRM f5 — big-ip When F5 BIG-IP ASM 13.
0.0-13.
1.0.1, 12.1.0-12.1.
3.5, 11.6.0-11.
6.3.1, or 11.5.
1-11.5.6 is processing HTTP requests, an unusually large number of parameters can cause excessive CPU usage in the BIG-IP ASM bd process. 2018-07-25 not yet calculated CVE-2018-5541
BID
CONFIRM f5 — big-ip F5 BIG-IP 13.
0.0-13.0.1, 12.1.0-12.
1.3.
6, or 11.2.1-11.6.
3.2 HTTPS health monitors do not validate the identity of the monitored server. 2018-07-25 not yet calculated CVE-2018-5542
CONFIRM f5 — big-ip F5 BIG-IP 13.0.0-13.1.
0.5, 12.1.0-12.1.3.
5, or 11.6.0-11.6.
3.1 virtual servers with HTTP/2 profiles enabled are vulnerable to “HPACK Bomb”.
2018-07-25 not yet calculated CVE-2018-5530
CONFIRM ffmpeg — ffmpeg FFmpeg before commit bab0716c7f4793ec42e05a5aa7e80d82a0dd4e75 contains an out of array access vulnerability in MXF format demuxer that can result in DoS. This attack appear to be exploitable via specially crafted MXF file which has to be provided as input. This vulnerability appears to have been fixed in bab0716c7f4793ec42e05a5aa7e80d82a0dd4e75 and later. 2018-07-23 not yet calculated CVE-2018-1999014
BID
CONFIRM ffmpeg — ffmpeg FFmpeg before commit 5aba5b89d0b1d73164d3b81764828bb8b20ff32a contains an out of array read vulnerability in ASF_F format demuxer that can result in heap memory reading. This attack appear to be exploitable via specially crafted ASF file that has to provided as input. This vulnerability appears to have been fixed in 5aba5b89d0b1d73164d3b81764828bb8b20ff32a and later.
2018-07-23 not yet calculated CVE-2018-1999015
BID
CONFIRM ffmpeg — ffmpeg FFmpeg before commit 9807d3976be0e92e4ece3b4b1701be894cd7c2e1 contains a CWE-835: Infinite loop vulnerability in pva format demuxer that can result in a Vulnerability that allows attackers to consume excessive amount of resources like CPU and RAM. This attack appear to be exploitable via specially crafted PVA file has to be provided as input. This vulnerability appears to have been fixed in 9807d3976be0e92e4ece3b4b1701be894cd7c2e1 and later. 2018-07-23 not yet calculated CVE-2018-1999012
BID
CONFIRM ffmpeg — ffmpeg FFmpeg before commit 2b46ebdbff1d8dec7a3d8ea280a612b91a582869 contains a Buffer Overflow vulnerability in asf_o format demuxer that can result in heap-buffer-overflow that may result in remote code execution.
This attack appears to be exploitable via specially crafted ASF file that has to be provided as input to FFmpeg. This vulnerability appears to have been fixed in 2b46ebdbff1d8dec7a3d8ea280a612b91a582869 and later.
2018-07-23 not yet calculated CVE-2018-1999011
BID
CONFIRM ffmpeg — ffmpeg FFmpeg before commit a7e032a277452366771951e29fd0bf2bd5c029f0 contains a use-after-free vulnerability in the realmedia demuxer that can result in vulnerability allows attacker to read heap memory. This attack appear to be exploitable via specially crafted RM file has to be provided as input. This vulnerability appears to have been fixed in a7e032a277452366771951e29fd0bf2bd5c029f0 and later. 2018-07-23 not yet calculated CVE-2018-1999013
BID
CONFIRM ffmpeg — ffmpeg FFmpeg before commit cced03dd667a5df6df8fd40d8de0bff477ee02e8 contains multiple out of array access vulnerabilities in the mms protocol that can result in attackers accessing out of bound data. This attack appear to be exploitable via network connectivity.
This vulnerability appears to have been fixed in cced03dd667a5df6df8fd40d8de0bff477ee02e8 and later. 2018-07-23 not yet calculated CVE-2018-1999010
BID
CONFIRM foreman — foreman foreman before version 1.16.
0 is vulnerable to a stored XSS in organizations/locations assignment to hosts. Exploiting this requires a user to actively assign hosts to an organization that contains html in its name which is visible to the user prior to taking action. 2018-07-26 not yet calculated CVE-2017-7535
MLIST
BID
CONFIRM
CONFIRM fuse — fuse In fuse before versions 2.9.
8 and 3.x before 3.2.
5, fusermount is vulnerable to a restriction bypass when SELinux is active. This allows non-root users to mount a FUSE file system with the ‘allow_other’ mount option regardless of whether ‘user_allow_other’ is set in the fuse configuration. An attacker may use this flaw to mount a FUSE file system, accessible by other users, and trick them into accessing files on that file system, possibly causing Denial of Service or other unspecified effects.
2018-07-24 not yet calculated CVE-2018-10906
CONFIRM gdm — gdm
A flaw was discovered in gdm 3.24.1 where gdm greeter was no longer setting the ran_once boolean during autologin. If autologin was enabled for a victim, an attacker could simply select ‘login as another user’ to unlock their screen. 2018-07-26 not yet calculated CVE-2017-12164
CONFIRM
CONFIRM gitlab — community_and_enterprise_edition An issue was discovered in GitLab Community and Enterprise Edition before 10.8.
7, 11.0.
x before 11.0.5, and 11.1.
x before 11.1.2. XSS can occur in the branch name during a Web IDE file commit. 2018-07-26 not yet calculated CVE-2018-14605
MISC gitlab — community_and_enterprise_edition
An issue was discovered in GitLab Community and Enterprise Edition 11.
1.
x before 11.1.
2. A Denial of Service can occur because Markdown rendering times are slow. 2018-07-26 not yet calculated CVE-2018-14601
MISC gitlab — community_and_enterprise_edition An issue was discovered in GitLab Community and Enterprise Edition before 10.8.
7, 11.0.x before 11.0.5, and 11.1.x before 11.1.
2. Information Disclosure can occur because the Prometheus metrics feature discloses private project pathnames. 2018-07-26 not yet calculated CVE-2018-14602
MISC gitlab — community_and_enterprise_edition An issue was discovered in GitLab Community and Enterprise Edition before 10.8.
7, 11.0.x before 11.0.
5, and 11.1.
x before 11.1.2. CSRF can occur in the Test feature of the System Hooks component. 2018-07-26 not yet calculated CVE-2018-14603
MISC gitlab — community_and_enterprise_edition An issue was discovered in GitLab Community and Enterprise Edition before 10.
8.
7, 11.0.x before 11.0.
5, and 11.
1.x before 11.1.
2. XSS can occur via a Milestone name during a promotion. 2018-07-26 not yet calculated CVE-2018-14606
MISC gitlab — community_and_enterprise_edition An issue was discovered in GitLab Community and Enterprise Edition before 10.8.
7, 11.0.x before 11.0.
5, and 11.1.x before 11.
1.2. XSS can occur in the tooltip of the job inside the CI/CD pipeline. 2018-07-26 not yet calculated CVE-2018-14604
MISC glarysoft — glary_utilities
Untrusted search path vulnerability in the installer of Glarysoft Glary Utilities (Glary Utilities 5.99 and earlier and Glary Utilities Pro 5.
99 and earlier) allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. 2018-07-26 not yet calculated CVE-2018-0619
JVN gleez_cms — gleez_cms Gleezcms Gleez Cms version 1.3.0 contains a Cross Site Scripting (XSS) vulnerability in Profile page that can result in Inject arbitrary web script or HTML via the profile page editor. This attack appear to be exploitable via The victim must navigate to the attacker’s profile page. 2018-07-23 not yet calculated CVE-2018-1999021
CONFIRM gnome — gnome
camel/providers/imapx/camel-imapx-server.c in the IMAPx component in GNOME evolution-data-server before 3.21.
2 proceeds with cleartext data containing a password if the client wishes to use STARTTLS but the server will not use STARTTLS, which makes it easier for remote attackers to obtain sensitive information by sniffing the network. The server code was intended to report an error and not proceed, but the code was written incorrectly. 2018-07-20 not yet calculated CVE-2016-10727
MISC
MISC
MISC
MISC
UBUNTU gnu — libredwg
dwg_decode_eed in decode.c in GNU LibreDWG 0.
5.1048 leads to a double free (in dwg_free_eed in free.c) because it does not properly manage the obj->eed value after a free occurs.
2018-07-23 not yet calculated CVE-2018-14524
MISC gnu_mailmain — mailman
Cross-site scripting vulnerability in Mailman 2.
1.26 and earlier allows remote authenticated attackers to inject arbitrary web script or HTML via unspecified vectors. 2018-07-26 not yet calculated CVE-2018-0618
JVN
MLIST
MLIST
DEBIAN golang — golang mholt/archiver golang package before e4ef56d48eb029648b0e895bb0b6a393ef0829c3 is vulnerable to directory traversal, allowing attackers to write to arbitrary files via a ../ (dot dot slash) in an archive entry that is mishandled during extraction. This vulnerability is also known as ‘Zip-Slip’. 2018-07-25 not yet calculated CVE-2018-1002207
CONFIRM
CONFIRM
MISC
MISC
MISC golemcms — golemcms
GolemCMS through 2008-12-24, if the install/ directory remains active after an installation, allows remote attackers to execute arbitrary PHP code by inserting this code into the “Database Information” “Table prefix” form field, or obtain sensitive information via a direct request for install/install.sql.
2018-07-24 not yet calculated CVE-2018-14579
MISC gxlcms — gxlcms The add function in www/Lib/Lib/Action/Admin/TplAction.class.
php in Gxlcms v1.1.4 allows remote attackers to read arbitrary files via a crafted index.php?s=Admin-Tpl-ADD-id request, related to Lib/Common/Admin/function.php.
2018-07-28 not yet calculated CVE-2018-14685
MISC h2 — h2 An issue was discovered in H2 1.4.197. Insecure handling of permissions in the backup function allows attackers to read sensitive files (outside of their permissions) via a symlink to a fake database file. 2018-07-24 not yet calculated CVE-2018-14335
MISC ibm — sterling_b2b_integrator_standard_edition
IBM Sterling B2B Integrator Standard Edition (IBM Sterling File Gateway 2.2.0 through 2.
2.6) uses weaker than expected cryptographic algorithms that could allow a local attacker to decrypt highly sensitive information. IBM X-Force ID: 132032. 2018-07-20 not yet calculated CVE-2017-1575
CONFIRM
BID
XF ibm — sterling_b2b_integrator_standard_edition
IBM Sterling B2B Integrator Standard Edition 5.2.0 through 5.2.
6 is vulnerable to cross-site scripting.
This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 141551. 2018-07-23 not yet calculated CVE-2018-1513
CONFIRM
XF ibm — sterling_b2b_integrator_standard_edition
IBM Sterling B2B Integrator Standard Edition (IBM Sterling File Gateway 2.
2.0 through 2.2.6) caches usernames and passwords in browsers that could be used by a local attacker to obtain sensitive information. IBM X-Force ID: 130812. 2018-07-20 not yet calculated CVE-2017-1544
CONFIRM
BID
XF ibm — sterling_file_gateway
IBM Sterling File Gateway 2.2.0 through 2.
2.6 could allow a remote authenticated attacker to obtain sensitive information displayed in the URL that could lead to further attacks against the system. IBM X-Force ID: 140688. 2018-07-20 not yet calculated CVE-2018-1470
CONFIRM
BID
XF ibm — websphere_mq
IBM WebSphere MQ 7.
5, 8.0, and 9.0 could allow a remotely authenticated attacker to to send invalid or malformed headers that could cause messages to no longer be transmitted via the affected channel. IBM X-Force ID: 141339.
2018-07-23 not yet calculated CVE-2018-1503
CONFIRM
SECTRACK
XF idreamsoft — icms
An SSRF vulnerability was discovered in idreamsoft iCMS V7.0.
9 that allows attackers to read sensitive files, access an intranet, or possibly have unspecified other impact. 2018-07-23 not yet calculated CVE-2018-14514
MISC imagemagick — imagemagick
The ReadMATImageV4 function in coders/mat.c in ImageMagick 7.0.
8-7 uses an uninitialized variable, leading to memory corruption. 2018-07-23 not yet calculated CVE-2018-14551
MISC ipa — ipa A vulnerability was found in ipa before 4.
4. IdM’s ca-del, ca-disable, and ca-enable commands did not properly check the user’s permissions while modifying CAs in Dogtag. An authenticated, unauthorized attacker could use this flaw to delete, disable, or enable CAs causing various denial of service problems with certificate issuance, OCSP signing, and deletion of secret keys. 2018-07-27 not yet calculated CVE-2017-2590
REDHAT
BID
CONFIRM jbpmmigration — jbpmmigration It was discovered that the XmlUtils class in jbpmmigration 6.5 performed expansion of external parameter entities while parsing XML files. A remote attacker could use this flaw to read files accessible to the user running the application server and, potentially, perform other more advanced XML eXternal Entity (XXE) attacks. 2018-07-26 not yet calculated CVE-2017-7545
BID
REDHAT
REDHAT
CONFIRM
CONFIRM jenkins — jenkins A cross-site scripting vulnerability exists in Jenkins 2.
132 and earlier, 2.
121.1 and earlier in the Stapler web framework’s org/kohsuke/stapler/Stapler.java that allows attackers with the ability to control the existence of some URLs in Jenkins to define JavaScript that would be executed in another user’s browser when that other user views HTTP 404 error pages while Stapler debug mode is enabled. 2018-07-23 not yet calculated CVE-2018-1999007
CONFIRM jenkins — jenkins It was found that the use of Pipeline: Classpath Step Jenkins plugin enables a bypass of the Script Security sandbox for users with SCM commit access, as well as users with e.
g. Job/Configure permission in Jenkins. 2018-07-27 not yet calculated CVE-2017-2650
BID
CONFIRM jenkins — jenkins It was found that there were no permission checks performed in the Distributed Fork plugin before and including 1.5.
0 for Jenkins that provides the dist-fork CLI command beyond the basic check for Overall/Read permission, allowing anyone with that permission to run arbitrary shell commands on all connected nodes. 2018-07-27 not yet calculated CVE-2017-2652
BID
CONFIRM jenkins — jenkins A exposure of sensitive information vulnerability exists in Jenkins 2.132 and earlier, 2.121.1 and earlier in Plugin.java that allows attackers to determine the date and time when a plugin HPI/JPI file was last extracted, which typically is the date of the most recent installation/upgrade. 2018-07-23 not yet calculated CVE-2018-1999006
CONFIRM jenkins — jenkins It was found that jenkins-ssh-slaves-plugin before version 1.15 did not perform host key verification, thereby enabling Man-in-the-Middle attacks.
2018-07-27 not yet calculated CVE-2017-2648
BID
CONFIRM
CONFIRM jenkins — jenkins A Improper authorization vulnerability exists in Jenkins 2.132 and earlier, 2.121.1 and earlier in Queue.
java that allows attackers with Overall/Read permission to cancel queued builds. 2018-07-23 not yet calculated CVE-2018-1999003
CONFIRM jenkins — jenkins A arbitrary file read vulnerability exists in Jenkins 2.132 and earlier, 2.121.1 and earlier in the Stapler web framework’s org/kohsuke/stapler/Stapler.
java that allows attackers to send crafted HTTP requests returning the contents of any file on the Jenkins master file system that the Jenkins master has access to. 2018-07-23 not yet calculated CVE-2018-1999002
CONFIRM jenkins — jenkins jenkins-mailer-plugin before version 1.20 is vulnerable to an information disclosure while using the feature to send emails to a dynamically created list of users based on the changelogs.
This could in some cases result in emails being sent to people who have no user account in Jenkins, and in rare cases even people who were not involved in whatever project was being built, due to some mapping based on the local-part of email addresses. 2018-07-27 not yet calculated CVE-2017-2651
BID
CONFIRM
CONFIRM jenkins — jenkins It was found that the Active Directory Plugin for Jenkins up to and including version 2.2 did not verify certificates of the Active Directory server, thereby enabling Man-in-the-Middle attacks. 2018-07-27 not yet calculated CVE-2017-2649
BID
CONFIRM jenkins — jenkins A unauthorized modification of configuration vulnerability exists in Jenkins 2.
132 and earlier, 2.121.1 and earlier in User.java that allows attackers to provide crafted login credentials that cause Jenkins to move the config.xml file from the Jenkins home directory. If Jenkins is started without this file present, it will revert to the legacy defaults of granting administrator access to anonymous users. 2018-07-23 not yet calculated CVE-2018-1999001
CONFIRM jenkins — jenkins A cross-site scripting vulnerability exists in Jenkins 2.132 and earlier, 2.
121.1 and earlier in BuildTimelineWidget.java, BuildTimelineWidget/control.jelly that allows attackers with Job/Configure permission to define JavaScript that would be executed in another user’s browser when that other user performs some UI actions. 2018-07-23 not yet calculated CVE-2018-1999005
CONFIRM jenkins — jenkins A Improper authorization vulnerability exists in Jenkins 2.132 and earlier, 2.
121.1 and earlier in SlaveComputer.
java that allows attackers with Overall/Read permission to initiate agent launches, and abort in-progress agent launches. 2018-07-23 not yet calculated CVE-2018-1999004
CONFIRM joyplus-cms — joyplus-cms joyplus-cms 1.6.0 has XSS via the manager/collect/collect_vod_zhuiju.
php keyword parameter. 2018-07-22 not yet calculated CVE-2018-14500
MISC joyplus-cms — joyplus-cms manager/admin_ajax.php in joyplus-cms 1.6.0 has SQL Injection, as demonstrated by crafted POST data beginning with an “m_id=1 AND SLEEP(5)” substring. 2018-07-22 not yet calculated CVE-2018-14501
MISC katello-debug — katello-debug
A flaw was found in katello-debug before 3.
4.0 where certain scripts and log files used insecure temporary files.
A local user could exploit this flaw to conduct a symbolic-link attack, allowing them to overwrite the contents of arbitrary files. 2018-07-27 not yet calculated CVE-2016-9595
REDHAT
CONFIRM keycloak — keycloak
It was found that while parsing the SAML messages the StaxParserUtil class of keycloak before 2.
5.1 replaces special strings for obtaining attribute values with system property.
This could allow an attacker to determine values of system properties at the attacked system by formatting the SAML request ID field to be the chosen system property which could be obtained in the “InResponseTo” field in the response.
2018-07-26 not yet calculated CVE-2017-2582
BID
REDHAT
REDHAT
REDHAT
REDHAT
REDHAT
REDHAT
REDHAT
REDHAT
REDHAT
CONFIRM
CONFIRM keycloak — keycloak keycloak before version 4.0.0.final is vulnerable to a infinite loop in session replacement. A Keycloak cluster with multiple nodes could mishandle an expired session replacement and lead to an infinite loop.
A malicious authenticated user could use this flaw to achieve Denial of Service on the server. 2018-07-23 not yet calculated CVE-2018-10912
CONFIRM keycloak — keycloak It was found that when Keycloak before 2.5.5 receives a Logout request with a Extensions in the middle of the request, the SAMLSloRequestParser.parse() method ends in a infinite loop.
An attacker could use this flaw to conduct denial of service attacks.
2018-07-27 not yet calculated CVE-2017-2646
BID
CONFIRM krb5 — krb5
An authentication bypass flaw was found in the way krb5’s certauth interface before 1.16.1 handled the validation of client certificates. A remote attacker able to communicate with the KDC could potentially use this flaw to impersonate arbitrary principals under rare and erroneous circumstances.
2018-07-26 not yet calculated CVE-2017-7562
BID
REDHAT
CONFIRM
CONFIRM
CONFIRM
CONFIRM
CONFIRM lenovo — multiple_products
The IMM2 First Failure Data Capture function collects management module logs and diagnostic information when a hardware error is detected. This information is made available for download through an SFTP server hosted on the IMM2 management network interface. In versions earlier than 4.
90 for Lenovo System x and earlier than 6.80 for IBM System x, the credentials to access the SFTP server are hard-coded and described in the IMM2 documentation, allowing an attacker with management network access to obtain the collected FFDC data.
After applying the update, the IMM2 will create random SFTP credentials for use with OneCLI. 2018-07-26 not yet calculated CVE-2018-9068
CONFIRM libgcrypt — libgcrypt
libgcrypt before version 1.7.
8 is vulnerable to a cache side-channel attack resulting into a complete break of RSA-1024 while using the left-to-right method for computing the sliding-window expansion. The same attack is believed to work on RSA-2048 with moderately more computation.
This side-channel requires that attacker can run arbitrary software on the hardware where the private RSA key is used. 2018-07-26 not yet calculated CVE-2017-7526
BID
SECTRACK
CONFIRM
MISC
CONFIRM
CONFIRM
CONFIRM
MLIST
DEBIAN
DEBIAN libice — libice
It was discovered that libICE before 1.0.9-8 used a weak entropy to generate keys. A local attacker could potentially use this flaw for session hijacking using the information available from the process list. 2018-07-27 not yet calculated CVE-2017-2626
BID
SECTRACK
REDHAT
CONFIRM
CONFIRM
GENTOO
MISC liblouis — liblouis
A missing patch for a stack-based buffer overflow in findTable() was found in Red Hat version of liblouis before 2.5.
4. An attacker could cause a denial of service condition or potentially even arbitrary code execution. 2018-07-27 not yet calculated CVE-2017-15101
REDHAT
CONFIRM libmspack — libmspack
An issue was discovered in mspack/chmd.c in libmspack before 0.7alpha. There is an off-by-one error in the TOLOWER() macro for CHM decompression. 2018-07-28 not yet calculated CVE-2018-14682
MISC
MISC
MISC libmspack — libmspack
An issue was discovered in kwajd_read_headers in mspack/kwajd.
c in libmspack before 0.7alpha.
Bad KWAJ file header extensions could cause a one or two byte overwrite. 2018-07-28 not yet calculated CVE-2018-14681
MISC
MISC
MISC libmspack — libmspack
An issue was discovered in mspack/chmd.c in libmspack before 0.7alpha. There is an off-by-one error in the CHM PMGI/PMGL chunk number validity checks, which could lead to denial of service (uninitialized data dereference and application crash).
2018-07-28 not yet calculated CVE-2018-14679
MISC
MISC
MISC libmspack — libmspack
An issue was discovered in mspack/chmd.
c in libmspack before 0.7alpha. It does not reject blank CHM filenames.
2018-07-28 not yet calculated CVE-2018-14680
MISC
MISC
MISC libwav — libwav
An issue has been found in libwav through 2017-04-20. It is a SEGV in the function wav_write in libwav.c. 2018-07-23 not yet calculated CVE-2018-14549
MISC
MISC libxdmcp — libxdmcp
It was discovered that libXdmcp before 1.1.
2 including used weak entropy to generate session keys. On a multi-user system using xdmcp, a local attacker could potentially use information available from the process list to brute force the key, allowing them to hijack other users’ sessions. 2018-07-27 not yet calculated CVE-2017-2625
BID
SECTRACK
REDHAT
CONFIRM
GENTOO
MISC lica — minicmts_e8k_devices
LICA miniCMTS E8K(u/i/..
.) devices allow remote attackers to obtain sensitive information via a direct POST request for the inc/user.ini file, leading to discovery of a password hash.
2018-07-25 not yet calculated CVE-2018-14083
MISC linux — linux_kernel An issue was discovered in the Linux kernel through 4.17.10. There is a buffer overflow in truncate_inline_inode() in fs/f2fs/inline.c when umounting an f2fs image, because a length value may be negative.
2018-07-27 not yet calculated CVE-2018-14615
MISC linux — linux_kernel An issue was discovered in the Linux kernel through 4.17.
10. There is an out-of-bounds access in __remove_dirty_segment() in fs/f2fs/segment.c when mounting an f2fs image. 2018-07-27 not yet calculated CVE-2018-14614
MISC linux — linux_kernel A flaw was found in Linux kernel’s KVM virtualization subsystem.
The VMX code does not restore the GDT.LIMIT to the previous host value, but instead sets it to 64KB. With a corrupted GDT limit a host’s userspace code has an ability to place malicious entries in the GDT, particularly to the per-cpu variables. An attacker can use this to escalate their privileges. 2018-07-26 not yet calculated CVE-2018-10901
CONFIRM
CONFIRM linux — linux_kernel Linux kernel is vulnerable to a stack-out-of-bounds write in the ext4 filesystem code when mounting and writing to a crafted ext4 image in ext4_update_inline_data(). An attacker could use this to cause a system crash and a denial of service.
2018-07-25 not yet calculated CVE-2018-10880
CONFIRM
CONFIRM
CONFIRM
CONFIRM
MLIST linux — linux_kernel An issue was discovered in the Linux kernel through 4.17.10. There is a NULL pointer dereference and panic in hfsplus_lookup() in fs/hfsplus/dir.c when opening a file (that is purportedly a hard link) in an hfs+ filesystem that has malformed catalog data, and is mounted read-only without a metadata directory. 2018-07-27 not yet calculated CVE-2018-14617
MISC
MISC linux — linux_kernel It was found that the Linux kernel’s Datagram Congestion Control Protocol (DCCP) implementation before 2.
6.22.17 used the IPv4-only inet_sk_rebuild_header() function for both IPv4 and IPv6 DCCP connections, which could result in memory corruptions. A remote attacker could use this flaw to crash the system. 2018-07-27 not yet calculated CVE-2017-2634
REDHAT
REDHAT
REDHAT
BID
SECTRACK
CONFIRM
CONFIRM linux — linux_kernel An issue was discovered in the Linux kernel through 4.
17.
10.
There is out-of-bounds access in write_extent_buffer() when mounting and operating a crafted btrfs image, because of a lack of verification that each block group has a corresponding chunk at mount time, within btrfs_read_block_groups in fs/btrfs/extent-tree.c. 2018-07-27 not yet calculated CVE-2018-14610
MISC
MISC linux — linux_kernel A flaw was found in the Linux kernel’s handling of clearing SELinux attributes on /proc/pid/attr files before 4.9.10.
An empty (null) write to this file can crash the system by causing the system to attempt to access unmapped kernel memory. 2018-07-27 not yet calculated CVE-2017-2618
BID
REDHAT
REDHAT
REDHAT
CONFIRM
CONFIRM
MLIST
DEBIAN linux — linux_kernel An issue was discovered in the Linux kernel through 4.17.11, as used in Xen through 4.11.x.
The xen_failsafe_callback entry point in arch/x86/entry/entry_64.S does not properly maintain RBX, which allows local users to cause a denial of service (uninitialized memory usage and system crash). Within Xen, 64-bit x86 PV Linux guest OS users can trigger a guest OS crash or possibly gain privileges. 2018-07-28 not yet calculated CVE-2018-14678
MISC linux — linux_kernel A kernel data leak due to an out-of-bound read was found in the Linux kernel in inet_diag_msg_sctp,laddr_fill() and sctp_get_sctp_info() functions present since version 4.
7-rc1 through version 4.13.
A data leak happens when these functions fill in sockaddr data structures used to export socket’s diagnostic information. As a result, up to 100 bytes of the slab data could be leaked to a userspace.
2018-07-26 not yet calculated CVE-2017-7558
MLIST
BID
SECTRACK
REDHAT
REDHAT
REDHAT
CONFIRM
MLIST
DEBIAN linux — linux_kernel A flaw was found in the Linux kernel’s ext4 filesystem. A local user can cause an out-of-bounds write and a denial of service or unspecified other impact is possible by mounting and operating a crafted ext4 filesystem image. 2018-07-26 not yet calculated CVE-2018-10878
CONFIRM
CONFIRM
CONFIRM
CONFIRM
CONFIRM
CONFIRM
MLIST linux — linux_kernel An issue was discovered in the Linux kernel through 4.17.10. There is an invalid pointer dereference in io_ctl_map_page() when mounting and operating a crafted btrfs image, because of a lack of block group item validation in check_leaf_item in fs/btrfs/tree-checker.c.
2018-07-27 not yet calculated CVE-2018-14613
MISC
MISC linux — linux_kernel An issue was discovered in the Linux kernel through 4.17.10. There is an invalid pointer dereference in __del_reloc_root() in fs/btrfs/relocation.
c when mounting a crafted btrfs image, related to removing reloc rb_trees when reloc control has not been initialized. 2018-07-27 not yet calculated CVE-2018-14609
MISC
MISC linux — linux_kernel An issue was discovered in the Linux kernel through 4.17.
10. There is an invalid pointer dereference in btrfs_root_node() when mounting a crafted btrfs image, because of a lack of chunk block group mapping validation in btrfs_read_block_groups in fs/btrfs/extent-tree.c, and a lack of empty-tree checks in check_leaf in fs/btrfs/tree-checker.c.
2018-07-27 not yet calculated CVE-2018-14612
MISC
MISC
MISC linux — linux_kernel A flaw was found in the Linux kernel’s ext4 filesystem. A local user can cause an out-of-bound access in ext4_get_group_info function, a denial of service, and a system crash by mounting and operating on a crafted ext4 filesystem image. 2018-07-26 not yet calculated CVE-2018-10881
CONFIRM
CONFIRM
CONFIRM
CONFIRM
MLIST linux — linux_kernel
A flaw was found in the Linux kernel’s ext4 filesystem. A local user can cause a use-after-free in ext4_xattr_set_entry function and a denial of service or unspecified other impact may occur by renaming a file in a crafted ext4 filesystem image.
2018-07-26 not yet calculated CVE-2018-10879
CONFIRM
CONFIRM
CONFIRM
CONFIRM
CONFIRM
CONFIRM
MLIST linux — linux_kernel A flaw was found in Linux kernel in the ext4 filesystem code. A use-after-free is possible in ext4_ext_remove_space() function when mounting and operating a crafted ext4 image. 2018-07-26 not yet calculated CVE-2018-10876
CONFIRM
CONFIRM
CONFIRM
CONFIRM
MLIST linux — linux_kernel A flaw was found in the Linux kernel’s ext4 filesystem. A local user can cause an out-of-bound write in in fs/jbd2/transaction.
c code, a denial of service, and a system crash by unmounting a crafted ext4 filesystem image. 2018-07-27 not yet calculated CVE-2018-10882
CONFIRM
CONFIRM
CONFIRM
MLIST linux — linux_kernel An issue was discovered in the Linux kernel through 4.17.10. There is a use-after-free in try_merge_free_space() when mounting a crafted btrfs image, because of a lack of chunk type flag checks in btrfs_check_chunk_valid in fs/btrfs/volumes.
c. 2018-07-27 not yet calculated CVE-2018-14611
MISC
MISC linux — linux_kernel The timer_create syscall implementation in kernel/time/posix-timers.c in the Linux kernel before 4.
14.8 doesn’t properly validate the sigevent->sigev_notify field, which leads to out-of-bounds access in the show_timer function (called when /proc/$PID/timers is read). This allows userspace applications to read arbitrary kernel memory (on a kernel built with CONFIG_POSIX_TIMERS and CONFIG_CHECKPOINT_RESTORE). 2018-07-26 not yet calculated CVE-2017-18344
MISC
MISC linux — linux_kernel An issue was discovered in the Linux kernel through 4.17.10. There is a NULL pointer dereference in fscrypt_do_page_crypto() in fs/crypto/crypto.c when operating on a file in a corrupted f2fs image.
2018-07-27 not yet calculated CVE-2018-14616
MISC linux — util-linux
A race condition was found in util-linux before 2.32.1 in the way su handled the management of child processes. A local authenticated attacker could use this flaw to kill other processes with root privileges under specific conditions.
2018-07-27 not yet calculated CVE-2017-2616
REDHAT
BID
SECTRACK
REDHAT
CONFIRM
CONFIRM
GENTOO
DEBIAN logicool — connection_utility_software
Untrusted search path vulnerability in LOGICOOL CONNECTION UTILITY SOFTWARE versions before 2.30.9 allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.
2018-07-26 not yet calculated CVE-2018-0621
JVN logicool — game_software
Untrusted search path vulnerability in LOGICOOL Game Software versions before 8.87.
116 allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. 2018-07-26 not yet calculated CVE-2018-0620
JVN mathjax — mathjax
MathJax version prior to version 2.7.4 contains a Cross Site Scripting (XSS) vulnerability in the unicode macro that can result in Potentially untrusted Javascript running within a web browser. This attack appear to be exploitable via The victim must view a page where untrusted content is processed using Mathjax. This vulnerability appears to have been fixed in 2.7.
4 and later. 2018-07-23 not yet calculated CVE-2018-1999024
MISC
CONFIRM mcafee — data_loss_prevention
Exploiting Incorrectly Configured Access Control Security Levels vulnerability in McAfee Data Loss Prevention (DLP) for Windows versions prior to 10.0.505 and 11.0.405 allows local users to bypass DLP policy via editing of local policy files when offline. 2018-07-23 not yet calculated CVE-2018-6683
CONFIRM mcafee — drive_encryption
Authentication Bypass vulnerability in TPM autoboot in McAfee Drive Encryption (MDE) 7.1.
0 and above allows physically proximate attackers to bypass local security protection via specific set of circumstances. 2018-07-27 not yet calculated CVE-2018-6686
CONFIRM mcafee — web_gateway
Configuration/Environment manipulation vulnerability in the administrative interface in McAfee Web Gateway (MWG) MWG 7.8.1.x allows authenticated administrator users to execute arbitrary commands via unspecified vectors.
2018-07-23 not yet calculated CVE-2018-6678
BID
CONFIRM mcafee — web_gateway
Directory Traversal vulnerability in the administrative user interface in McAfee Web Gateway (MWG) MWG 7.8.1.
x allows authenticated administrator users to gain elevated privileges via unspecified vectors. 2018-07-23 not yet calculated CVE-2018-6677
BID
CONFIRM mitmproxy — mitmproxy
mitmweb in mitmproxy v4.0.3 allows DNS Rebinding attacks, related to tools/web/app.
py. 2018-07-22 not yet calculated CVE-2018-14505
CONFIRM
CONFIRM moxa — nport
In Moxa NPort 5210, 5230, and 5232 versions 2.9 build 17030709 and prior, the amount of resources requested by a malicious actor are not restricted, allowing for a denial-of-service condition. 2018-07-24 not yet calculated CVE-2018-10632
BID
MISC multiple_vendors — das_u-boot_aes-cbc_encryption
Das U-Boot is a device bootloader that can read its configuration from an AES encrypted file.
For devices utilizing this environment encryption mode, U-Boot’s use of a zero initialization vector may allow attacks against the underlying cryptographic implementation and allow an attacker to decrypt the data. Das U-Boot’s AES-CBC encryption feature uses a zero (0) initialization vector. This allows an attacker to perform dictionary attacks on encrypted data produced by Das U-Boot to learn information about the encrypted data. 2018-07-24 not yet calculated CVE-2017-3225
BID
CERT-VN multiple_vendors — das_u-boot_aes-cbc_encryption
Das U-Boot is a device bootloader that can read its configuration from an AES encrypted file.
Devices that make use of Das U-Boot’s AES-CBC encryption feature using environment encryption (i.e.
, setting the configuration parameter CONFIG_ENV_AES=y) read environment variables from disk as the encrypted disk image is processed. An attacker with physical access to the device can manipulate the encrypted environment data to include a crafted two-byte sequence which triggers an error in environment variable parsing. This error condition is improperly handled by Das U-Boot, resulting in an immediate process termination with a debugging message. 2018-07-24 not yet calculated CVE-2017-3226
BID
CERT-VN multiple_vendors — multiple_products
Applications developed using the Portrait Display SDK, versions 2.30 through 2.34, default to insecure configurations which allow arbitrary code execution.
A number of applications developed using the Portrait Displays SDK do not use secure permissions when running. These applications run the component pdiservice.exe with NT AUTHORITY/SYSTEM permissions. This component is also read/writable by all Authenticated Users.
This allows local authenticated attackers to run arbitrary code with SYSTEM privileges. The following applications have been identified by Portrait Displays as affected: Fujitsu DisplayView Click: Version 6.0 and 6.
01.
The issue was fixed in Version 6.3. Fujitsu DisplayView Click Suite: Version 5.
The issue is addressed by patch in Version 5.
9. HP Display Assistant: Version 2.1. The issue was fixed in Version 2.11. HP My Display: Version 2.
0. The issue was fixed in Version 2.
1. Philips Smart Control Premium: Versions 2.23, 2.25.
The issue was fixed in Version 2.26. 2018-07-24 not yet calculated CVE-2017-3210
CERT-VN
BID multiple_vendors — open_shortest_path_first_protocol
Open Shortest Path First (OSPF) protocol implementations may improperly determine Link State Advertisement (LSA) recency for LSAs with MaxSequenceNumber. According to RFC 2328 section 13.1, for two instances of the same LSA, recency is determined by first comparing sequence numbers, then checksums, and finally MaxAge. In a case where the sequence numbers are the same, the LSA with the larger checksum is considered more recent, and will not be flushed from the Link State Database (LSDB).
Since the RFC does not explicitly state that the values of links carried by a LSA must be the same when prematurely aging a self-originating LSA with MaxSequenceNumber, it is possible in vulnerable OSPF implementations for an attacker to craft a LSA with MaxSequenceNumber and invalid links that will result in a larger checksum and thus a ‘newer’ LSA that will not be flushed from the LSDB. Propagation of the crafted LSA can result in the erasure or alteration of the routing tables of routers within the routing domain, creating a denial of service condition or the re-routing of traffic on the network.
CVE-2017-3224 has been reserved for Quagga and downstream implementations (SUSE, openSUSE, and Red Hat packages). 2018-07-24 not yet calculated CVE-2017-3224
CERT-VN navarino — infinity_web_interface
Navarino Infinity web interface up to version 2.2 exposes an unauthenticated script that is prone to blind sql injection. If successfully exploited the user can get info from the underlying postgresql database that could lead into to total compromise of the product.
The said script is available with no authentication. 2018-07-24 not yet calculated CVE-2018-5384
BID
MISC
MISC
CERT-VN navarino — infinity_web_interface
Some Navarino Infinity functions, up to version 2.2, placed in the URL can bypass any authentication mechanism leading to an information leak. 2018-07-24 not yet calculated CVE-2018-5386
BID
MISC
MISC
CERT-VN navarino — infinity_web_interface
Navarino Infinity is prone to session fixation attacks. The server accepts the session ID as a GET parameter which can lead to bypassing the two factor authentication in some installations. This could lead to phishing attacks that can bypass the two factor authentication that is present in some installations.
2018-07-24 not yet calculated CVE-2018-5385
BID
MISC
MISC
CERT-VN nec_platforms — csdx_and_csdj_series_products
NEC Platforms Calsos CSDX and CSDJ series products (CSDX 1.37210411 and earlier, CSDX(P) 4.37210411 and earlier, CSDX(D) 3.37210411 and earlier, CSDX(S) 2.37210411 and earlier, CSDJ-B 01.03.
00 and earlier, CSDJ-H 01.03.00 and earlier, CSDJ-D 01.03.00 and earlier, CSDJ-A 03.00.
00) allows remote authenticated attackers to bypass access restriction to conduct arbitrary operations with administrative privilege via unspecified vectors. 2018-07-26 not yet calculated CVE-2018-0613
JVN
CONFIRM nec_platforms — csdx_and_csdj_series_products
Cross-site scripting vulnerability in NEC Platforms Calsos CSDX and CSDJ series products (CSDX 1.37210411 and earlier, CSDX(P) 4.37210411 and earlier, CSDX(D) 3.37210411 and earlier, CSDX(S) 2.37210411 and earlier, CSDJ-B 01.
03.00 and earlier, CSDJ-H 01.03.00 and earlier, CSDJ-D 01.03.00 and earlier, CSDJ-A 03.
00.00) allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
2018-07-26 not yet calculated CVE-2018-0614
JVN
CONFIRM netgear — dgn2200_router
A vulnerability is in the ‘BSW_cxttongr.htm’ page of the Netgear DGN2200, version DGN2200-V1.0.0.50_7.0.50, and DGND3700, version DGND3700-V1.0.
0.17_1.0.17, which can allow a remote attacker to access this page without any authentication. When processed, it exposes the admin password in clear text before it gets redirected to absw_vfysucc.cgia. An attacker can use this password to gain administrator access to the targeted router’s web interface. 2018-07-24 not yet calculated CVE-2016-5649
MISC netgear — wndr4500_router
There are few web pages associated with the genie app on the Netgear WNDR4500 running firmware version V1.
0.1.40_1.0.
6877. Genie app adds some capabilities over the Web GUI and can be accessed even when you are away from home. A remote attacker can access genie_ping.htm or genie_ping2.
htm or genie_ping3.htm page without authentication. Once accessed, the page will be redirected to the aCongratulations2.
htma page, which reveals some sensitive information such as 2.
4GHz & 5GHz Wireless Network Name (SSID) and Network Key (Password) in clear text. 2018-07-24 not yet calculated CVE-2016-5638
MISC netpbm — netpbm
An out-of-bounds write vulnerability was found in netpbm before 10.61. A maliciously crafted file could cause the application to crash or possibly allow code execution. 2018-07-27 not yet calculated CVE-2017-25.
