출처: [US-CERT: Bulletin(SB18-078)] 2018년 3월 12일까지 발표된 보안 취약점
The vulnerabilities are based on the CVE vulnerability naming standard and are organized according to severity, determined by the Common Vulnerability Scoring System (CVSS) standard. The division of high, medium, and low severities correspond to the following scores:
-
High - Vulnerabilities will be labeled High severity if they have a CVSS base score of 7.0 - 10.0
-
Medium - Vulnerabilities will be labeled Medium severity if they have a CVSS base score of 4.0 - 6.9
-
Low - Vulnerabilities will be labeled Low severity if they have a CVSS base score of 0.0 - 3.9
Entries may include additional information provided by organizations and efforts sponsored by US-CERT. This information may include identifying information, values, definitions, and related links. Patch information is provided when available. Please note that some of the information in the bulletins is compiled from external, open source reports and is not a direct result of US-CERT analysis.
High Vulnerabilities
| Primary Vendor -- Product |
Description | Published | CVSS Score | Source & Patch Info |
|---|---|---|---|---|
| There were no high vulnerabilities recorded this week. | ||||
Medium Vulnerabilities
| Primary Vendor -- Product |
Description | Published | CVSS Score | Source & Patch Info |
|---|---|---|---|---|
| There were no medium vulnerabilities recorded this week. | ||||
Low Vulnerabilities
| Primary Vendor -- Product |
Description | Published | CVSS Score | Source & Patch Info |
|---|---|---|---|---|
| There were no low vulnerabilities recorded this week. | ||||
Severity Not Yet Assigned
| Primary Vendor -- Product |
Description | Published | CVSS Score | Source & Patch Info |
|---|---|---|---|---|
| 10-strike -- network_monitor |
Unquoted Windows search path vulnerability in the srvInventoryWebServer service in 10-Strike Network Monitor 5.4 allows local users to gain privileges via a malicious artefact. | 2018-03-12 | not yet calculated | CVE-2018-6016 FULLDISC |
| abine_blur -- abine_blur |
The Password Manager Extension in Abine Blur 7.8.242* before 7.8.2428 allows attackers to bypass the Multi-Factor Authentication and macOS disk-encryption protection mechanisms, and consequently exfiltrate secured data, because the right-click context menu is not secured. | 2018-03-11 | not yet calculated | CVE-2018-7213 MISC MISC |
| afflib -- afflib |
The af_get_page() function in lib/afflib_pages.cpp in AFFLIB (aka AFFLIBv3) through 3.7.16 allows remote attackers to cause a denial of service (segmentation fault) via a corrupt AFF image that triggers an unexpected pagesize value. | 2018-03-11 | not yet calculated | CVE-2018-8050 MISC |
| ajenti -- ajenti |
Ajenti version 2 contains an Information Disclosure vulnerability in Line 176 of the code source that can result in user and system enumeration as well as data from the /etc/ajenti/config.yml file. This attack appears to be exploitable via network connectivity to the web application. | 2018-03-13 | not yet calculated | CVE-2018-1000126 MISC |
| ajenti -- ajenti |
Ajenti version version 2 contains a Input Validation vulnerability in ID string on Get-values POST request that can result in Server Crashing. This attack appear to be exploitable via An attacker can freeze te server by sending a giant string to the ID parameter .. | 2018-03-13 | not yet calculated | CVE-2018-1000081 MISC |
| ajenti -- ajenti |
Ajenti version version 2 contains a Insecure Permissions vulnerability in Plugins download that can result in The download of any plugins as being a normal user. This attack appear to be exploitable via By knowing how the requisition is made, and sending it as a normal user, the server, in response, downloads the plugin. | 2018-03-13 | not yet calculated | CVE-2018-1000080 MISC |
| ajenti -- ajenti |
Ajenti version version 2 contains a Improper Error Handling vulnerability in Login JSON request that can result in The requisition leaks a path of the server. This attack appear to be exploitable via By sending a malformed JSON, the tool responds with a traceback error that leaks a path of the server. | 2018-03-13 | not yet calculated | CVE-2018-1000083 MISC |
| ajenti -- ajenti |
Ajenti version version 2 contains a Cross ite Request Forgery (CSRF) vulnerability in the command execution panel of the tool used to manage the server. that can result in Code execution on the server . This attack appear to be exploitable via Being a CSRF, victim interaction is needed, when the victim access the infected trigger of the CSRF any code that match the victim privledges on the server can be executed.. | 2018-03-13 | not yet calculated | CVE-2018-1000082 MISC |
| alienvault -- alienvault |
A remote code execution issue was discovered in AlienVault USM and OSSIM before 5.5.1. | 2018-03-14 | not yet calculated | CVE-2018-7279 CONFIRM CONFIRM |
| apache -- allura | In Apache Allura prior to 1.8.1, attackers may craft URLs that cause HTTP response splitting. If a victim goes to a maliciously crafted URL, unwanted results may occur including XSS or service denial for the victim's browsing session. | 2018-03-15 | not yet calculated | CVE-2018-1319 MLIST |
| apache -- commons_compress | A specially crafted ZIP archive can be used to cause an infinite loop inside of Apache Commons Compress' extra field parser used by the ZipFile and ZipArchiveInputStream classes in versions 1.11 to 1.15. This can be used to mount a denial of service attack against services that use Compress' zip package. | 2018-03-16 | not yet calculated | CVE-2018-1324 MLIST |
| apache -- http_server_mod_cluster |
Apache HTTP Server mod_cluster before version httpd 2.4.23 is vulnerable to an Improper Input Validation in the protocol parsing logic in the load balancer resulting in a Segmentation Fault in the serving httpd process. | 2018-03-09 | not yet calculated | CVE-2016-8612 REDHAT BID REDHAT REDHAT CONFIRM |
| apache -- tomcat_jk_isapi_connector | The IIS/ISAPI specific code in the Apache Tomcat JK ISAPI Connector 1.2.0 to 1.2.42 that normalised the requested path before matching it to the URI-worker map did not handle some edge cases correctly. If only a sub-set of the URLs supported by Tomcat were exposed via IIS, then it was possible for a specially constructed request to expose application functionality through the reverse proxy that was not intended for clients accessing Tomcat via the reverse proxy. | 2018-03-12 | not yet calculated | CVE-2018-1323 BID MISC |
| appweb -- appweb |
The Embedthis HTTP library, and Appweb versions before 7.0.3, have a logic flaw related to the authCondition function in http/httpLib.c. With a forged HTTP request, it is possible to bypass authentication for the form and digest login types. | 2018-03-14 | not yet calculated | CVE-2018-8715 MISC MISC |
| asus -- rt-n14uhp_devices |
ASUS RT-N14UHP devices before 3.0.0.4.380.8015 have a reflected XSS vulnerability in the "flag" parameter. | 2018-03-16 | not yet calculated | CVE-2017-12590 MISC |
| asyncssh -- asyncssh |
The SSH server implementation of AsyncSSH before 1.12.1 does not properly check whether authentication is completed before processing other requests. A customized SSH client can simply skip the authentication step. | 2018-03-12 | not yet calculated | CVE-2018-7749 CONFIRM MLIST |
| atlassian -- jira |
The Mail.ru Calendar plugin before 2.5.0.61 for Atlassian Jira has XSS via the Name field in a Create Calender action, related to a MailRuCalendar.jspa#period/month URI. | 2018-03-16 | not yet calculated | CVE-2016-10716 MISC MISC |
| atlassian -- jira |
The Artezio Kanban Board plugin 1.4 revision 1914 for Atlassian Jira has XSS via the Board Name in a Create New Board action, related to an artezioboard/mainPage.jspa?kanbanId=7#/kanban-view URI. | 2018-03-16 | not yet calculated | CVE-2016-10715 MISC |
| aurea -- jive-n |
The Upload File functionality in upload.jspa in Aurea Jive Jive-n 9.0.2.1 On-Premises allows for an XML External Entity attack through a crafted file, allowing attackers to read arbitrary files. | 2018-03-12 | not yet calculated | CVE-2018-5758 MISC |
| authentikat-jwt -- authentikat-jwt |
A time-sensitive equality check on the JWT signature in the JsonWebToken.validate method in main/scala/authentikat/jwt/JsonWebToken.scala in authentikat-jwt (aka com.jason-goodwin/authentikat-jwt) version 0.4.5 and earlier allows the supplier of a JWT token to guess bit after bit of the signature by repeating validation requests. | 2018-03-17 | not yet calculated | CVE-2017-18239 MISC MISC MISC |
| bitdefender -- bitdefender |
BitDefender Total Security 2018 allows local users to gain privileges or cause a denial of service by impersonating all the pipes through a use of an "insecurely created named pipe". Ensures full access to Everyone users group. | 2018-03-12 | not yet calculated | CVE-2018-6183 FULLDISC |
| bitmessage -- pybitmessage |
Bitmessage PyBitmessage version v0.6.2 (and introduced in or after commit 8ce72d8d2d25973b7064b1cf76a6b0b3d62f0ba0) contains a Eval injection vulnerability in main program, file src/messagetypes/__init__.py function constructObject that can result in Code Execution. This attack appears to be exploitable via remote attacker using a malformed message which must be processed by the victim - e.g. arrive from any sender on bitmessage network. This vulnerability appears to have been fixed in v0.6.3. | 2018-03-13 | not yet calculated | CVE-2018-1000070 MISC |
| blackberry -- uem_management_console |
In BlackBerry UEM Management Console version 12.7.1 and earlier, a reflected cross-site scripting vulnerability that could allow an attacker to execute script commands in the context of the affected UEM Management Console account by crafting a malicious link and then persuading a user with legitimate access to the Management Console to click on the malicious link. | 2018-03-13 | not yet calculated | CVE-2017-17442 CONFIRM |
| bmc_remedy -- ar_system |
BMC Remedy AR System before 9.1 SP3, when Remedy AR Authentication is enabled, allows attackers to obtain administrative access. | 2018-03-10 | not yet calculated | CVE-2017-18223 CONFIRM |
| bmc_remedy -- ar_system |
Remedy Mid Tier in BMC Remedy AR System 9.1 allows XSS via the ATTKey parameter in an arsys/servlet/AttachServlet request. | 2018-03-12 | not yet calculated | CVE-2017-18228 MISC |
| bui -- bui |
The select component in bui through 2018-03-13 has XSS because it performs an escape operation on already-escaped text, as demonstrated by workGroupList text. | 2018-03-14 | not yet calculated | CVE-2018-8108 MISC |
| bylancer -- bookme_control_panel |
Bookme Control Panel 2.0 Application is vulnerable to stored XSS within the Customers "Book Me" function. Within the Name and Note (aka custName and custNote) sections of the Customers screen, the application does not sanitize user-supplied input and renders injected JavaScript code to the user's browser. | 2018-03-17 | not yet calculated | CVE-2018-8737 MISC |
| clamav -- clamav |
ClamAV version version 0.99.3 contains a Out of bounds heap memory read vulnerability in XAR parser, function xar_hash_check() that can result in Leaking of memory, may help in developing exploit chains.. This attack appear to be exploitable via The victim must scan a crafted XAR file. This vulnerability appears to have been fixed in after commit d96a6b8bcc7439fa7e3876207aa0a8e79c8451b6. | 2018-03-13 | not yet calculated | CVE-2018-1000085 MLIST MISC MLIST UBUNTU UBUNTU |
| cloudme -- cloudme |
An issue was discovered in CloudMe 1.11.0. An unauthenticated local attacker that can connect to the "CloudMe Sync" client application listening on 127.0.0.1 port 8888 can send a malicious payload causing a buffer overflow condition. This will result in code execution, as demonstrated by a TCP reverse shell, or a crash. NOTE: this vulnerability exists because of an incomplete fix for CVE-2018-6892. | 2018-03-14 | not yet calculated | CVE-2018-7886 MISC |
| clusterlabs -- clusterlabs |
ClusterLabs pcs before version 0.9.157 is vulnerable to a cross-site scripting vulnerability due to improper validation of Node name field when creating new cluster or adding existing cluster. | 2018-03-12 | not yet calculated | CVE-2017-2661 CONFIRM CONFIRM |
| cms_made_simple -- cms_made_simple |
CMS Made Simple (CMSMS) 2.2.6 has XSS in admin/moduleinterface.php via the pagedata parameter. | 2018-03-11 | not yet calculated | CVE-2018-8058 MISC |
| cms_made_simple -- cms_made_simple |
CMS Made Simple version versions 2.2.5 contains a Cross ite Request Forgery (CSRF) vulnerability in Admin profile page that can result in Details can be found here http://dev.cmsmadesimple.org/bug/view/11715. This attack appear to be exploitable via A specially crafted web page. This vulnerability appears to have been fixed in 2.2.6. | 2018-03-13 | not yet calculated | CVE-2018-1000092 MISC |
| cms_made_simple -- cms_made_simple |
CMS Made Simple (CMSMS) 2.2.6 has stored XSS in admin/moduleinterface.php via the metadata parameter. | 2018-03-11 | not yet calculated | CVE-2018-7893 MISC |
| cms_made_simple -- cms_made_simple |
CMS Made Simple version 2.2.5 contains a Remote Code Execution vulnerability in File Manager that can result in Allows an authenticated admin that has access to the file manager to execute code on the server. This attack appear to be exploitable via File upload -> copy to any extension. | 2018-03-12 | not yet calculated | CVE-2018-1000094 MISC |
| coppermine -- photo_gallery |
Cross-site scripting (XSS) vulnerability in the keywords manager (keywordmgr.php) in Coppermine Photo Gallery before 1.5.27 and 1.6.x before 1.6.01 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 2018-03-16 | not yet calculated | CVE-2014-4612 CONFIRM MLIST MLIST CONFIRM BID CONFIRM CONFIRM |
| cryptonote -- cryptonote |
CryptoNote version version 0.8.9 and possibly later contain a local RPC server which does not require authentication, as a result the walletd and the simplewallet RPC daemons will process any commands sent to them, resulting in remote command execution and a takeover of the cryptocurrency wallet if an attacker can trick an application such as a web browser into connecting and sending a command for example. This attack appears to be exploitable via a victim visiting a webpage hosting malicious content that trigger such behavior. | 2018-03-13 | not yet calculated | CVE-2018-1000093 MISC MISC MISC |
| curl -- curl |
A buffer over-read exists in curl 7.20.0 to and including curl 7.58.0 in the RTSP+RTP handling code that allows an attacker to cause a denial of service or information leakage | 2018-03-14 | not yet calculated | CVE-2018-1000122 SECTRACK CONFIRM UBUNTU DEBIAN |
| curl -- curl |
A buffer overflow exists in curl 7.12.3 to and including curl 7.58.0 in the FTP URL handling that allows an attacker to cause a denial of service or worse. | 2018-03-14 | not yet calculated | CVE-2018-1000120 BID SECTRACK CONFIRM UBUNTU DEBIAN |
| curl -- curl |
A NULL pointer dereference exists in curl 7.21.0 to and including curl 7.58.0 in the LDAP code that allows an attacker to cause a denial of service | 2018-03-14 | not yet calculated | CVE-2018-1000121 BID SECTRACK CONFIRM UBUNTU DEBIAN |
| datalust -- seq |
Datalust Seq before 4.2.605 is vulnerable to Authentication Bypass (with the attacker obtaining admin access) via '"Name":"isauthenticationenabled","Value":false' in an api/settings/setting-isauthenticationenabled PUT request. | 2018-03-13 | not yet calculated | CVE-2018-8096 MISC MISC |
| dell -- emc_data_protection_advisor |
EMC Data Protection Advisor 6.3.x before patch 67 and 6.4.x before patch 130 contains undocumented accounts with hard-coded passwords and various privileges. Affected accounts are: "Apollo System Test", "emc.dpa.agent.logon" and "emc.dpa.metrics.logon". An attacker with knowledge of the password could potentially use these accounts via REST APIs to gain unauthorized access to EMC Data Protection Advisor (including potentially access with administrative privileges). | 2018-03-16 | not yet calculated | CVE-2017-8013 FULLDISC BID SECTRACK |
| dell -- emc_data_protection_advisor |
Dell EMC Data Protection Advisor versions prior to 6.3 Patch 159 and Dell EMC Data Protection Advisor versions prior to 6.4 Patch 110 contain a hardcoded database account with administrative privileges. The affected account is "apollosuperuser." An attacker with local access to the server where DPA Datastore Service is installed and knowledge of the password may potentially gain unauthorized access to the database. Note: The Datastore Service database cannot be accessed remotely using this account. | 2018-03-12 | not yet calculated | CVE-2018-1206 CONFIRM BID SECTRACK |
| dell -- storage_manager |
In Dell Storage Manager versions earlier than 16.3.20, the EMConfigMigration service is affected by a directory traversal vulnerability. A remote malicious user could potentially exploit this vulnerability to read unauthorized files by supplying specially crafted strings in input parameters of the application. A malicious user cannot delete or modify any files via this vulnerability. | 2018-03-16 | not yet calculated | CVE-2017-14384 CONFIRM |
| delta_electronics -- delta_industrial_automation_dopsoft |
A Stack-based Buffer Overflow issue was discovered in Delta Electronics Delta Industrial Automation DOPSoft, Version 4.00.01 or prior. Stack-based buffer overflow vulnerabilities caused by processing specially crafted .dop or .dpb files may allow an attacker to remotely execute arbitrary code. | 2018-03-15 | not yet calculated | CVE-2018-5476 BID MISC |
| delta_electronics -- delta_industrial_automation_screen_editor |
An Out-of-bounds Write issue was discovered in Delta Electronics Delta Industrial Automation Screen Editor, Version 2.00.23.00 or prior. Specially crafted .dpb files may cause the system to write outside the intended buffer area. | 2018-03-15 | not yet calculated | CVE-2017-16747 BID MISC |
| delta_electronics -- delta_industrial_automation_screen_editor |
A Type Confusion issue was discovered in Delta Electronics Delta Industrial Automation Screen Editor, Version 2.00.23.00 or prior. An access of resource using incompatible type ('type confusion') vulnerability may allow an attacker to execute remote code when processing specially crafted .dpb files. | 2018-03-15 | not yet calculated | CVE-2017-16745 BID MISC |
| delta_electronics -- delta_industrial_automation_screen_editor |
A Stack-based Buffer Overflow issue was discovered in Delta Electronics Delta Industrial Automation Screen Editor, Version 2.00.23.00 or prior. Stack-based buffer overflow vulnerabilities caused by processing specially crafted .dpb files may allow an attacker to remotely execute arbitrary code. | 2018-03-15 | not yet calculated | CVE-2017-16751 BID MISC |
| delta_electronics -- delta_industrial_automation_screen_editor |
A Use-after-Free issue was discovered in Delta Electronics Delta Industrial Automation Screen Editor, Version 2.00.23.00 or prior. Specially crafted .dpb files could exploit a use-after-free vulnerability. | 2018-03-15 | not yet calculated | CVE-2017-16749 BID MISC |
| dewesoft -- x3_sp1_devices |
RunExeFile.exe in the installer for DEWESoft X3 SP1 (64-bit) devices does not require authentication for sessions on TCP port 1999, which allows remote attackers to execute arbitrary code or access internal commands, as demonstrated by a RUN command that launches a .EXE file located at an arbitrary external URL, or a "SETFIREWALL Off" command. | 2018-03-14 | not yet calculated | CVE-2018-7756 MISC EXPLOIT-DB |
| django -- django |
An issue was discovered in Django 2.0 before 2.0.3, 1.11 before 1.11.11, and 1.8 before 1.8.19. The django.utils.html.urlize() function was extremely slow to evaluate certain inputs due to catastrophic backtracking vulnerabilities in two regular expressions (only one regular expression for Django 1.8.x). The urlize() function is used to implement the urlize and urlizetrunc template filters, which were thus vulnerable. | 2018-03-09 | not yet calculated | CVE-2018-7536 BID MLIST UBUNTU CONFIRM |
| django -- django |
An issue was discovered in Django 2.0 before 2.0.3, 1.11 before 1.11.11, and 1.8 before 1.8.19. If django.utils.text.Truncator's chars() and words() methods were passed the html=True argument, they were extremely slow to evaluate certain inputs due to a catastrophic backtracking vulnerability in a regular expression. The chars() and words() methods are used to implement the truncatechars_html and truncatewords_html template filters, which were thus vulnerable. | 2018-03-09 | not yet calculated | CVE-2018-7537 BID MLIST UBUNTU CONFIRM |
| django-anymail -- django-anymail |
Anymail django-anymail version version 0.2 through 1.3 contains a CWE-532, CWE-209 vulnerability in WEBHOOK_AUTHORIZATION setting value that can result in An attacker with access to error logs could fabricate email tracking events. This attack appear to be exploitable via If you have exposed your Django error reports, an attacker could discover your ANYMAIL_WEBHOOK setting and use this to post fabricated or malicious Anymail tracking/inbound events to your app. This vulnerability appears to have been fixed in v1.4. | 2018-03-13 | not yet calculated | CVE-2018-1000089 MISC MISC |
| doorkeeper -- doorkeeper |
Doorkeeper version 2.1.0 through 4.2.5 contains a Cross Site Scripting (XSS) vulnerability in web view's OAuth app form, user authorization prompt web view that can result in Stored XSS on the OAuth Client's name will cause users interacting with it will execute payload. This attack appear to be exploitable via The victim must be tricked to click an opaque link to the web view that runs the XSS payload. A malicious version virtually indistinguishable from a normal link.. This vulnerability appears to have been fixed in 4.2.6, 4.3.0. | 2018-03-13 | not yet calculated | CVE-2018-1000088 MISC MISC MISC MISC |
| enalean -- tuleap |
A SQL injection vulnerability in the tracker functionality of Enalean Tuleap software engineering platform before 9.18 allows attackers to execute arbitrary SQL commands. | 2018-03-12 | not yet calculated | CVE-2018-7538 FULLDISC MISC CONFIRM EXPLOIT-DB |
| eve -- eve |
io/mongo/parser.py in Eve (aka pyeve) before 0.7.5 allows remote attackers to execute arbitrary code via Code Injection in the where parameter. | 2018-03-14 | not yet calculated | CVE-2018-8097 MISC MISC |
| exempi -- exempi |
An issue was discovered in Exempi before 2.4.3. The VPXChunk class in XMPFiles/source/FormatSupport/WEBP_Support.cpp does not ensure nonzero widths and heights, which allows remote attackers to cause a denial of service (assertion failure and application exit) via a crafted .webp file. | 2018-03-15 | not yet calculated | CVE-2017-18235 CONFIRM CONFIRM |
| exempi -- exempi |
An issue was discovered in Exempi before 2.4.3. The PostScript_Support::ConvertToDate function in XMPFiles/source/FormatSupport/PostScript_Support.cpp allows remote attackers to cause a denial of service (invalid pointer dereference and application crash) via a crafted .ps file. | 2018-03-15 | not yet calculated | CVE-2017-18237 CONFIRM CONFIRM |
| exempi -- exempi |
An issue was discovered in Exempi before 2.4.4. Integer overflow in the Chunk class in XMPFiles/source/FormatSupport/RIFF.cpp allows remote attackers to cause a denial of service (infinite loop) via crafted XMP data in a .avi file. | 2018-03-15 | not yet calculated | CVE-2017-18233 CONFIRM CONFIRM |
| exempi -- exempi |
An issue was discovered in Exempi before 2.4.4. The TradQT_Manager::ParseCachedBoxes function in XMPFiles/source/FormatSupport/QuickTime_Support.cpp allows remote attackers to cause a denial of service (infinite loop) via crafted XMP data in a .qt file. | 2018-03-15 | not yet calculated | CVE-2017-18238 CONFIRM CONFIRM |
| exempi -- exempi |
An issue was discovered in Exempi before 2.4.3. It allows remote attackers to cause a denial of service (invalid memcpy with resultant use-after-free) or possibly have unspecified other impact via a .pdf file containing JPEG data, related to XMPFiles/source/FormatSupport/ReconcileTIFF.cpp, XMPFiles/source/FormatSupport/TIFF_MemoryReader.cpp, and XMPFiles/source/FormatSupport/TIFF_Support.hpp. | 2018-03-15 | not yet calculated | CVE-2017-18234 CONFIRM CONFIRM |
| exempi -- exempi |
An issue was discovered in Exempi before 2.4.4. The ASF_Support::ReadHeaderObject function in XMPFiles/source/FormatSupport/ASF_Support.cpp allows remote attackers to cause a denial of service (infinite loop) via a crafted .asf file. | 2018-03-15 | not yet calculated | CVE-2017-18236 CONFIRM CONFIRM |
| flexense -- syncbreeze_enterprise |
An issue was discovered in the web server in Flexense SyncBreeze Enterprise 10.6.24. There is a user mode write access violation on the syncbrs.exe memory region that can be triggered by rapidly sending a variety of HTTP requests with long HTTP header values or long URIs. | 2018-03-12 | not yet calculated | CVE-2018-8065 MISC MISC |
| foreman -- foreman |
Hammer CLI, a CLI utility for Foreman, before version 0.10.0, did not explicitly set the verify_ssl flag for apipie-bindings that disable it by default. As a result the server certificates are not checked and connections are prone to man-in-the-middle attacks. | 2018-03-12 | not yet calculated | CVE-2017-2667 CONFIRM BID REDHAT CONFIRM |
| foxconn -- femtocell |
One can gain root access on the Foxconn femtocell FEMTO AP-FC4064-T version AP_GT_B38_5.8.3lb15-W47 LTE Build 15 via UART pins without any restrictions, which leads to full system compromise and disclosure of user communications. | 2018-03-10 | not yet calculated | CVE-2018-6311 MISC |
| foxconn -- femtocell |
A privileged account with a weak default password on the Foxconn femtocell FEMTO AP-FC4064-T version AP_GT_B38_5.8.3lb15-W47 LTE Build 15 can be used to turn on the TELNET service via the web interface, which allows root login without any password. This vulnerability will lead to full system compromise and disclosure of user communications. The foxconn account with an 8-character lowercase alphabetic password can be used. | 2018-03-10 | not yet calculated | CVE-2018-6312 MISC |
| freebsd -- freebsd |
In FreeBSD before 11.1-STABLE, 11.1-RELEASE-p7, 10.4-STABLE, 10.4-RELEASE-p7, and 10.3-RELEASE-p28, the kernel does not properly validate IPsec packets coming from a trusted host. Additionally, a use-after-free vulnerability exists in the IPsec AH handling code. This issue could cause a system crash or other unpredictable results. | 2018-03-09 | not yet calculated | CVE-2018-6916 SECTRACK FREEBSD |
| freeplane -- freeplane |
FreePlane version 1.5.9 and earlier contains a XML External Entity (XXE) vulnerability in XML Parser in mindmap loader that can result in stealing data from victim's machine. This attack appears to require the vicim to open a specially crafted mind map file. This vulnerability appears to have been fixed in 1.6+. | 2018-03-13 | not yet calculated | CVE-2018-1000069 MISC MISC |
| gemalto -- sentinel_ldk_rte |
Stack overflow in custom XML-parser in Gemalto's Sentinel LDK RTE version before 7.65 leads to remote denial of service | 2018-03-13 | not yet calculated | CVE-2018-6304 MISC |
| gemalto -- sentinel_ldk_rte |
Denial of service in Gemalto's Sentinel LDK RTE version before 7.65 | 2018-03-13 | not yet calculated | CVE-2018-6305 MISC |
| gentoo -- gentoo | The Gentoo net-im/jabberd2 package through 2.6.1 installs jabberd, jabberd2-c2s, jabberd2-router, jabberd2-s2s, and jabberd2-sm in /usr/bin owned by the jabber account, which might allow local users to gain privileges by leveraging access to this account and then waiting for root to execute one of these programs. | 2018-03-12 | not yet calculated | CVE-2017-18225 CONFIRM |
| gentoo -- gentoo |
The Gentoo net-im/jabberd2 package through 2.6.1 sets the ownership of /var/run/jabber to the jabber account, which might allow local users to kill arbitrary processes by leveraging access to this account for PID file modification before a root script executes a "kill -TERM `cat /var/run/jabber/filename.pid`" command. | 2018-03-12 | not yet calculated | CVE-2017-18226 CONFIRM |
| glpi_project -- glpi | A remote code execution issue was discovered in GLPI through 9.2.1. There is a race condition that allows temporary access to an uploaded executable file that will be disallowed. The application allows an authenticated user to upload a file when he/she creates a new ticket via front/fileupload.php. This feature is protected using different types of security features like the check on the file's extension. However, the application uploads and creates a file, though this file is not allowed, and then deletes the file in the uploadFiles method in inc/glpiuploaderhandler.class.php. | 2018-03-12 | not yet calculated | CVE-2018-7562 CONFIRM MISC |
| glpi_project -- glpi |
An issue was discovered in GLPI through 9.2.1. The application is affected by XSS in the query string to front/preference.php. An attacker is able to create a malicious URL that, if opened by an authenticated user with debug privilege, will execute JavaScript code supplied by the attacker. The attacker-supplied code can perform a wide variety of actions, such as stealing the victim's session token or login credentials, performing arbitrary actions on the victim's behalf, and logging their keystrokes. | 2018-03-12 | not yet calculated | CVE-2018-7563 CONFIRM MISC |
| google -- android |
NVIDIA libnvrm contains a possible out of bounds read due to a missing bounds check which could lead to local information disclosure. This issue is rated as moderate.Product: Android. Version: N/A. Android: A-64893264. Reference: N-CVE-2017-6287. | 2018-03-12 | not yet calculated | CVE-2017-6287 CONFIRM |
| google -- android |
NVIDIA libnvrm contains a possible out of bounds read due to a missing bounds check which could lead to local information disclosure. This issue is rated as moderate. Product: Android. Version: N/A. Android: A-65482562. Reference: N-CVE-2017-6288. | 2018-03-12 | not yet calculated | CVE-2017-6288 CONFIRM |
| google -- android |
NVIDIA libnvomx contains a possible out of bounds write due to a missing bounds check which could lead to local escalation of privilege. This issue is rated as high. Product: Android. Version: N/A. Android: A-64893247. Reference: N-CVE-2017-6286. | 2018-03-12 | not yet calculated | CVE-2017-6286 BID CONFIRM |
| google -- android |
NVIDIA libnvomx contains a possible out of bounds write due to a improper input validation which could lead to local escalation of privilege. This issue is rated as high. Product: Android. Version: N/A. Android: A-66969318. Reference: N-CVE-2017-6281. | 2018-03-12 | not yet calculated | CVE-2017-6281 BID CONFIRM |
| google -- android |
NVIDIA libnvrm contains a possible out of bounds read due to a missing bounds check which could lead to local information disclosure. This issue is rated as moderate. Product: Android. Version: N/A. Android: A-64893156. Reference: N-CVE-2017-6285. | 2018-03-12 | not yet calculated | CVE-2017-6285 CONFIRM |
| google -- android |
An improper authorization vulnerability exists in Jenkins Google Play Android Publisher Plugin version 1.6 and earlier in GooglePlayBuildStepDescriptor.java that allow an attacker to obtain credential IDs. | 2018-03-13 | not yet calculated | CVE-2018-1000109 CONFIRM |
| graphicsmagick -- graphicsmagick |
An issue was discovered in GraphicsMagick 1.3.26. An allocation failure vulnerability was found in the function ReadTIFFImage in coders/tiff.c, which allows attackers to cause a denial of service via a crafted file, because file size is not properly used to restrict scanline, strip, and tile allocations. | 2018-03-13 | not yet calculated | CVE-2017-18229 CONFIRM CONFIRM |
| graphicsmagick -- graphicsmagick |
An issue was discovered in GraphicsMagick 1.3.26. A NULL pointer dereference vulnerability was found in the function ReadCINEONImage in coders/cineon.c, which allows attackers to cause a denial of service via a crafted file. | 2018-03-13 | not yet calculated | CVE-2017-18230 CONFIRM CONFIRM |
| graphicsmagick -- graphicsmagick |
An issue was discovered in GraphicsMagick 1.3.26. A NULL pointer dereference vulnerability was found in the function ReadEnhMetaFile in coders/emf.c, which allows attackers to cause a denial of service via a crafted file. | 2018-03-13 | not yet calculated | CVE-2017-18231 CONFIRM CONFIRM |
| hanwha_techwin -- smartcams |
An undocumented (hidden) capability for switching the web interface in Hanwha Techwin Smartcams | 2018-03-13 | not yet calculated | CVE-2018-6296 MISC |
| hanwha_techwin -- smartcams |
Denial of service by blocking of new camera registration on the cloud server in Hanwha Techwin Smartcams | 2018-03-13 | not yet calculated | CVE-2018-6302 MISC |
| hanwha_techwin -- smartcams |
Unencrypted way of remote control and communications in Hanwha Techwin Smartcams | 2018-03-13 | not yet calculated | CVE-2018-6295 MISC |
| hanwha_techwin -- smartcams |
Authentication bypass in Hanwha Techwin Smartcams | 2018-03-13 | not yet calculated | CVE-2018-6299 MISC |
| hanwha_techwin -- smartcams |
Remote code execution in Hanwha Techwin Smartcams | 2018-03-13 | not yet calculated | CVE-2018-6298 MISC |
| hanwha_techwin -- smartcams |
Unsecured way of firmware update in Hanwha Techwin Smartcams | 2018-03-13 | not yet calculated | CVE-2018-6294 MISC |
| hanwha_techwin -- smartcams |
Arbitrary camera access and monitoring via cloud in Hanwha Techwin Smartcams | 2018-03-13 | not yet calculated | CVE-2018-6301 MISC |
| hanwha_techwin -- smartcams |
Buffer overflow in Hanwha Techwin Smartcams | 2018-03-13 | not yet calculated | CVE-2018-6297 MISC |
| hanwha_techwin -- smartcams |
Denial of service by uploading malformed firmware in Hanwha Techwin Smartcams | 2018-03-13 | not yet calculated | CVE-2018-6303 MISC |
| hanwha_techwin -- smartcams |
Remote password change in Hanwha Techwin Smartcams | 2018-03-13 | not yet calculated | CVE-2018-6300 MISC |
| hola -- hola |
An issue was discovered in Hola 1.79.859. An unprivileged user could modify or overwrite the executable with arbitrary code, which would be executed the next time the service is started. Depending on the user that the service runs as, this could result in privilege escalation. The issue exists because of the SERVICE_ALL_ACCESS access right for the hola_svc and hola_updater services. | 2018-03-12 | not yet calculated | CVE-2018-6623 FULLDISC |
| huawei -- cloudengine |
Huawei CloudEngine 12800 V100R003C00, V100R003C10, V100R005C00, V100R005C10, V100R006C00 have a memory leak vulnerability. An unauthenticated attacker may send specific Label Distribution Protocol (LDP) packets to the devices. When the values of some parameters in the packet are abnormal, the LDP processing module does not release the memory to handle the packet, resulting in memory leak. | 2018-03-09 | not yet calculated | CVE-2016-8784 CONFIRM BID |
| huawei -- cloudengine |
Huawei CloudEngine 12800 V100R003C00, V100R003C10, V100R005C00, V100R005C10, V100R006C00 have a memory leak vulnerability. An unauthenticated attacker may send specific Label Distribution Protocol (LDP) packets to the devices repeatedly. Due to improper validation of some specific fields of the packet, the LDP processing module does not release the memory, resulting in memory leak. | 2018-03-09 | not yet calculated | CVE-2016-8782 CONFIRM BID |
| huawei -- ensp |
Huawei eNSP software with software of versions earlier than V100R002C00B510 has a buffer overflow vulnerability. Due to the improper validation of specific command line parameter, a local attacker could exploit this vulnerability to cause the software process abnormal. | 2018-03-09 | not yet calculated | CVE-2017-17321 CONFIRM BID |
| huawei -- honor_6_and_p9_plus |
Touchscreen drive in Huawei H60 (Honor 6) Versions earlier than H60-L02_6.12.16 and P9 Plus Versions earlier than VIE-AL10BC00B356 has a stack overflow vulnerabilities. An attacker tricks a user into installing a malicious application on the smart phone, and send given parameter to touchscreen drive to crash the system or escalate privilege. | 2018-03-09 | not yet calculated | CVE-2016-8783 CONFIRM BID |
| huawei -- mate_9_pro |
The soundtrigger module in Huawei Mate 9 Pro smart phones with software of the versions before LON-AL00B 8.0.0.343(C00) has an authentication bypass vulnerability due to the improper design of the module. An attacker tricks a user into installing a malicious application, and the application can exploit the vulnerability and make attacker bypass the authentication, the attacker can control the phone to sent short messages and make call within audio range to the phone. | 2018-03-09 | not yet calculated | CVE-2017-17279 CONFIRM BID |
| huawei -- multiple_products |
Huawei S12700 V200R007C00, V200R008C00, S5700 V200R007C00, S7700 V200R002C00, V200R005C00, V200R006C00, V200R007C00, V200R008C00, S9700 V200R007C00 have an input validation vulnerability. Due to the lack of input validation, an attacker may craft a malformed packet and send it to the device using VRP, causing the device to display additional memory data and possibly leading to sensitive information leakage. | 2018-03-09 | not yet calculated | CVE-2016-8785 CONFIRM BID |
| huawei -- multiple_products |
Huawei S12700 V200R005C00, V200R006C00, V200R007C00, V200R008C00, S5700 V200R006C00, V200R007C00, V200R008C00, S6700 V200R008C00, S7700 V200R001C00, V200R002C00, V200R003C00, V200R005C00, V200R006C00, V200R007C00, V200R008C00, S9700 V200R001C00, V200R002C00, V200R003C00, V200R005C00, V200R006C00, V200R007C00, V200R008C00 have a denial of service (DoS) vulnerability. Due to the lack of input validation, a remote attacker may craft a malformed Resource Reservation Protocol (RSVP) packet and send it to the device, causing a few buffer overflows and occasional device restart. | 2018-03-09 | not yet calculated | CVE-2016-8786 CONFIRM BID |
| i_librarian -- i-librarian |
I Librarian I-librarian version 4.8 and earlier contains a XML External Entity (XXE) vulnerability in line 154 of importmetadata.php(simplexml_load_string) that can result in an attacker reading the contents of a file and SSRF. This attack appear to be exploitable via posting xml in the Parameter form_import_textarea. | 2018-03-13 | not yet calculated | CVE-2018-1000124 CONFIRM |
| ibm -- application_performance_management_response_time_monitoring_agent |
IBM Application Performance Management - Response Time Monitoring Agent (IBM Monitoring 8.1.3 and 8.1.4) is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 139597. | 2018-03-13 | not yet calculated | CVE-2018-1441 CONFIRM XF |
| ibm -- business_process_manager |
IBM Business Process Manager 7.5.x, 8.0.x, 8.5.0, 8.5.5, and 8.5.6.0 through cumulative fix 2 allow remote authenticated users to delete process and task data by leveraging incorrect authorization checks. IBM X-Force ID: 108393. | 2018-03-15 | not yet calculated | CVE-2015-7463 CONFIRM XF |
| ibm -- forms_server |
Cross-site scripting (XSS) vulnerability in the Webform Framework API in IBM Forms Server 4.0.x, 8.0.x, 8.1, and 8.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. IBM X-Force ID: 110006. | 2018-03-15 | not yet calculated | CVE-2016-0223 CONFIRM XF |
| ibm -- infosphere_information_governance_catalog |
XML external entity (XXE) vulnerability in IBM InfoSphere Information Governance Catalog 11.3 before 11.3.1.2 and 11.5 before 11.5.0.1 allows remote authenticated users to read arbitrary files or cause a denial of service via crafted XML data. IBM X-Force ID: 110510. | 2018-03-12 | not yet calculated | CVE-2016-0250 CONFIRM XF |
| ibm -- multiple_products |
Cross-site scripting (XSS) vulnerability in IBM Rational Collaborative Lifecycle Management (CLM) 3.0.1 before 3.0.1.6 iFix7 Interim Fix 1, 4.0.x before 4.0.7 iFix10, 5.0.x before 5.0.2 iFix15, and 6.0.x before 6.0.1 iFix4; Rational Quality Manager (RQM) 3.0.x before 3.0.1.6 iFix7 Interim Fix 1, 4.0.x before 4.0.7 iFix10, 5.0.x before 5.0.2 iFix15, and 6.0.x before 6.0.1 iFix4; Rational Team Concert (RTC) 3.0.x before 3.0.1.6 iFix7 Interim Fix 1, 4.0.x before 4.0.7 iFix10, 5.0.x before 5.0.2 iFix15, and 6.0.x before 6.0.1 iFix4; Rational Requirements Composer (RRC) 3.0.x before 3.0.1.6 iFix7 Interim Fix 1 and 4.0.x before 4.0.7 iFix10; Rational DOORS Next Generation (RDNG) 4.0.x before 4.0.7 iFix10, 5.0.x before 5.0.2 iFix15, and 6.0.x before 6.0.1 iFix4; Rational Engineering Lifecycle Manager (RELM) 4.0.3, 4.0.4, 4.0.5, 4.0.6, and 4.0.7 before iFix10, 5.0.x before 5.0.2 iFix1, and 6.0.x before 6.0.2; Rational Rhapsody Design Manager (Rhapsody DM) 4.0.x before 4.0.7 iFix10, 5.0.x before 5.0.2 iFix15, and 6.0.x before 6.0.1 iFix4; and Rational Software Architect Design Manager (RSA DM) 4.0.x before 4.0.7 iFix10, 5.0.x before 5.0.2 iFix15, and 6.0.x before 6.0.1 iFix4 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. IBM X-Force ID: 108296. | 2018-03-15 | not yet calculated | CVE-2015-7453 CONFIRM XF |
| ibm -- multiple_products |
Cross-site scripting (XSS) vulnerability in IBM Curam Social Program Management 6.0.0 before SP2 EP29, 6.0.4 before 6.0.4.6 iFix3, 6.0.5 before 6.0.5.9 iFix2, 6.1.0 before 6.1.0.1 iFix1, and 6.1.1 before 6.1.1.1 iFix1; and IBM Care Management 6.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. IBM X-Force ID: 110604. | 2018-03-12 | not yet calculated | CVE-2016-0261 CONFIRM XF |
| ibm -- multiple_products |
Cross-site scripting (XSS) vulnerability in IBM Rational Collaborative Lifecycle Management (CLM) 3.0.1 before 3.0.1.6 iFix7 Interim Fix 1, 4.0.x before 4.0.7 iFix10, 5.0.x before 5.0.2 iFix15, and 6.0.x before 6.0.1 iFix4; Rational Quality Manager (RQM) 3.0.x before 3.0.1.6 iFix7 Interim Fix 1, 4.0.x before 4.0.7 iFix10, 5.0.x before 5.0.2 iFix15, and 6.0.x before 6.0.1 iFix4; Rational Team Concert (RTC) 3.0.x before 3.0.1.6 iFix7 Interim Fix 1, 4.0.x before 4.0.7 iFix10, 5.0.x before 5.0.2 iFix15, and 6.0.x before 6.0.1 iFix4; Rational Requirements Composer (RRC) 3.0.x before 3.0.1.6 iFix7 Interim Fix 1 and 4.0.x before 4.0.7 iFix10; Rational DOORS Next Generation (RDNG) 4.0.x before 4.0.7 iFix10, 5.0.x before 5.0.2 iFix15, and 6.0.x before 6.0.1 iFix4; Rational Engineering Lifecycle Manager (RELM) 4.0.3, 4.0.4, 4.0.5, 4.0.6, and 4.0.7 before iFix10, 5.0.x before 5.0.2 iFix1, and 6.0.x before 6.0.2; Rational Rhapsody Design Manager (Rhapsody DM) 4.0.x before 4.0.7 iFix10, 5.0.x before 5.0.2 iFix15, and 6.0.x before 6.0.1 iFix4; and Rational Software Architect Design Manager (RSA DM) 4.0.x before 4.0.7 iFix10, 5.0.x before 5.0.2 iFix15, and 6.0.x before 6.0.1 iFix4 allows remote authenticated users with project administrator privileges to inject arbitrary web script or HTML via a crafted project. IBM X-Force ID: 108429. | 2018-03-15 | not yet calculated | CVE-2015-7471 CONFIRM XF |
| ibm -- multiple_products |
IBM Rational Collaborative Lifecycle Management (CLM) 3.0.1 before 3.0.1.6 iFix7 Interim Fix 1, 4.0.x before 4.0.7 iFix10, 5.0.x before 5.0.2 iFix15, and 6.0.x before 6.0.1 iFix4; Rational Quality Manager (RQM) 3.0.x before 3.0.1.6 iFix7 Interim Fix 1, 4.0.x before 4.0.7 iFix10, 5.0.x before 5.0.2 iFix15, and 6.0.x before 6.0.1 iFix4; Rational Team Concert (RTC) 3.0.x before 3.0.1.6 iFix7 Interim Fix 1, 4.0.x before 4.0.7 iFix10, 5.0.x before 5.0.2 iFix15, and 6.0.x before 6.0.1 iFix4; Rational Requirements Composer (RRC) 3.0.x before 3.0.1.6 iFix7 Interim Fix 1 and 4.0.x before 4.0.7 iFix10; Rational DOORS Next Generation (RDNG) 4.0.x before 4.0.7 iFix10, 5.0.x before 5.0.2 iFix15, and 6.0.x before 6.0.1 iFix4; Rational Engineering Lifecycle Manager (RELM) 4.0.3, 4.0.4, 4.0.5, 4.0.6, and 4.0.7 before iFix10, 5.0.x before 5.0.2 iFix1, and 6.0.x before 6.0.2; Rational Rhapsody Design Manager (Rhapsody DM) 4.0.x before 4.0.7 iFix10, 5.0.x before 5.0.2 iFix15, and 6.0.x before 6.0.1 iFix4; and Rational Software Architect Design Manager (RSA DM) 4.0.x before 4.0.7 iFix10, 5.0.x before 5.0.2 iFix15, and 6.0.x before 6.0.1 iFix4 might allow local users to gain privileges via unspecified vectors. IBM X-Force ID: 108098. | 2018-03-15 | not yet calculated | CVE-2015-7440 CONFIRM XF |
| ibm -- notes |
IBM Notes 8.5 and 9.0 is vulnerable to a DLL hijacking attack. A remote attacker could trick a user to double click a malicious executable in an attacker-controlled directory, which could result in code execution. IBM X-Force ID: 139563. | 2018-03-13 | not yet calculated | CVE-2018-1435 CONFIRM BID XF |
| ibm -- notes |
IBM Notes 8.5 and 9.0 could allow an attacker to execute arbitrary code on the system, caused by an error related to multiple untrusted search path. A local attacker could exploit this vulnerability to DLL hijacking to execute arbitrary code on the system or cause the application to crash. IBM X-Force ID: 139565. | 2018-03-13 | not yet calculated | CVE-2018-1437 CONFIRM BID XF |
| ibm -- security_guardium_database_activity_monitor |
IBM Security Guardium Database Activity Monitor 10 allows local users to have unspecified impact by leveraging administrator access to a hardcoded password, related to use on GRUB systems. IBM X-Force ID: 110326. | 2018-03-12 | not yet calculated | CVE-2016-0235 CONFIRM XF |
| ibm -- security_guardium_database_activity_monitor |
IBM Security Guardium Database Activity Monitor 10 allows local users to obtain sensitive information by reading cached browser data. IBM X-Force ID: 110328. | 2018-03-12 | not yet calculated | CVE-2016-0237 CONFIRM XF |
| ibm -- trivoli_workload_automation_for_aix |
IBM Tivoli Workload Automation for AIX (IBM Workload Scheduler 8.6, 9.1, 9.2, 9.3, and 9.4) contains directories with improper permissions that could allow a local user to with special access to gain root privileges. IBM X-Force ID: 138208. | 2018-03-13 | not yet calculated | CVE-2018-1386 CONFIRM XF |
| ibm -- websphere_application_server |
IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 could allow a remote attacker to obtain sensitive information caused by improper handling of Administrative Console panel fields. When exploited an attacker could read files on the file system. IBM X-Force ID: 134931. | 2018-03-13 | not yet calculated | CVE-2017-1741 CONFIRM SECTRACK XF |
| ibm -- websphere_portal |
IBM WebSphere Portal 8.5 and 9.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 139906. | 2018-03-13 | not yet calculated | CVE-2018-1444 SECTRACK XF CONFIRM |
| idm -- ipa |
Ipa before version 4.4.0-14 did not properly check the user's permissions while modifying certificate profiles in IdM's certprofile-mod command. An authenticated, unprivileged attacker could use this flaw to modify profiles to issue certificates with arbitrary naming or key usage information and subsequently use such certificates for other attacks. | 2018-03-13 | not yet calculated | CVE-2016-9575 REDHAT BID CONFIRM |
| inversoft -- prime-jwt |
inversoft prime-jwt version prior to version 1.3.0 or prior to commit 0d94dcef0133d699f21d217e922564adbb83a227 contains an input validation vulnerability in JWTDecoder.decode that can result in a JWT that is decoded and thus implicitly validated even if it lacks a valid signature. This attack appear to be exploitable via an attacker crafting a token with a valid header and body and then requests it to be validated. This vulnerability appears to have been fixed in 1.3.0 and later or after commit 0d94dcef0133d699f21d217e922564adbb83a227. | 2018-03-13 | not yet calculated | CVE-2018-1000125 CONFIRM CONFIRM |
| ios_keychain -- ios_keychain |
Ionic Team Cordova plugin iOS Keychain version before commit 18233ca25dfa92cca018b9c0935f43f78fd77fbf contains an Information Exposure Through Log Files (CWE-532) vulnerability in CDVKeychain.m that can result in login, password and other sensitive data leakage. This attack appear to be exploitable via Attacker must have access to victim's iOS logs. This vulnerability appears to have been fixed in after commit 18233ca25dfa92cca018b9c0935f43f78fd77fbf. | 2018-03-13 | not yet calculated | CVE-2018-1000123 CONFIRM |
| iredmail -- iredmail |
iRedMail version prior to commit f04b8ef contains a Insecure Permissions vulnerability in Roundcube Webmail that can result in Exfiltrate a user's password protected secret GPG key file and other important configuration files.. This attack appear to be exploitable via network connectivity. This vulnerability appears to have been fixed in Beta: 0.9.8-BETA1, Stable: 0.9.7. | 2018-03-13 | not yet calculated | CVE-2018-1000072 MISC MISC |
| jasper -- jasper |
JasPer before version 2.0.10 is vulnerable to a null pointer dereference was found in the decoded creation of JPEG 2000 image files. A specially crafted file could cause an application using JasPer to crash. | 2018-03-12 | not yet calculated | CVE-2016-9600 REDHAT CONFIRM |
| jasper -- jasper |
JasPer before version 2.0.12 is vulnerable to a use-after-free in the way it decodes certain JPEG 2000 image files resulting in a crash on the application using JasPer. | 2018-03-09 | not yet calculated | CVE-2016-9591 BID REDHAT CONFIRM GENTOO DEBIAN |
| jboss -- resteasy |
JBoss RESTEasy before version 3.1.2 could be forced into parsing a request with YamlProvider, resulting in unmarshalling of potentially untrusted data which could allow an attacker to execute arbitrary code with RESTEasy application permissions. | 2018-03-09 | not yet calculated | CVE-2016-9606 REDHAT REDHAT BID SECTRACK REDHAT REDHAT REDHAT REDHAT REDHAT REDHAT REDHAT REDHAT REDHAT CONFIRM |
| jenkins -- jenkins |
A cross-site scripting vulnerability exists in Jenkins CppNCSS Plugin 1.1 and earlier in AbstractProjectAction/index.jelly that allow an attacker to craft links to Jenkins URLs that run arbitrary JavaScript in the user's browser when accessed. | 2018-03-13 | not yet calculated | CVE-2018-1000108 CONFIRM |
| jenkins -- jenkins |
An improper authorization vulnerability exists in Jenkins Subversion Plugin version 2.10.2 and earlier in SubversionStatus.java and SubversionRepositoryStatus.java that allows an attacker with network access to obtain a list of nodes and users. | 2018-03-13 | not yet calculated | CVE-2018-1000111 CONFIRM |
| jenkins -- jenkins |
An improper authorization vulnerability exists in Jenkins Job and Node Ownership Plugin 0.11.0 and earlier in OwnershipDescription.java, JobOwnerJobProperty.java, and OwnerNodeProperty.java that allow an attacker with Job/Configure or Computer/Configure permission and without Ownership related permissions to override ownership metadata. | 2018-03-13 | not yet calculated | CVE-2018-1000107 CONFIRM |
| jenkins -- jenkins |
An improper authorization vulnerability exists in Jenkins Gerrit Trigger Plugin 2.27.4 and earlier in GerritManagement.java, GerritServer.java, and PluginImpl.java that allows an attacker with Overall/Read access to modify the Gerrit configuration in Jenkins. | 2018-03-13 | not yet calculated | CVE-2018-1000106 CONFIRM |
| jenkins -- jenkins |
A plaintext storage of a password vulnerability exists in Jenkins Coverity Plugin 1.10.0 and earlier in CIMInstance.java that allows an attacker with local file system access or control of a Jenkins administrator's web browser (e.g. malicious extension) to retrieve the configured keystore and private key passwords. | 2018-03-13 | not yet calculated | CVE-2018-1000104 CONFIRM |
| jenkins -- jenkins |
An improper authorization vulnerability exists in Jenkins Mercurial Plugin version 2.2 and earlier in MercurialStatus.java that allows an attacker with network access to obtain a list of nodes and users. | 2018-03-13 | not yet calculated | CVE-2018-1000112 CONFIRM |
| jenkins -- jenkins |
An improper authorization vulnerability exists in Jenkins Gerrit Trigger Plugin 2.27.4 and earlier in GerritManagement.java, GerritServer.java, and PluginImpl.java that allows an attacker with Overall/Read access to retrieve some configuration information about Gerrit in Jenkins. | 2018-03-13 | not yet calculated | CVE-2018-1000105 CONFIRM |
| jenkins -- jenkins |
An improper authorization vulnerability exists in Jenkins Git Plugin version 3.7.0 and earlier in GitStatus.java that allows an attacker with network access to obtain a list of nodes and users. | 2018-03-13 | not yet calculated | CVE-2018-1000110 CONFIRM |
| jenkins -- jenkins |
A cross-site scripting vulnerability exists in Jenkins TestLink Plugin 2.12 and earlier in TestLinkBuildAction/summary.jelly and others that allow an attacker who can control e.g. TestLink report names to have Jenkins serve arbitrary HTML and JavaScript | 2018-03-13 | not yet calculated | CVE-2018-1000113 CONFIRM |
| jenkins -- jenkins |
An improper authorization vulnerability exists in Jenkins Promoted Builds Plugin 2.31.1 and earlier in Status.java and ManualCondition.java that allow an attacker with read access to jobs to perform promotions. | 2018-03-13 | not yet calculated | CVE-2018-1000114 CONFIRM |
| jolokia -- jolokia |
An XSS vulnerability exists in the Jolokia agent version 1.3.7 in the HTTP servlet that allows an attacker to execute malicious javascript in the victim's browser. | 2018-03-14 | not yet calculated | CVE-2018-1000129 CONFIRM CONFIRM |
| jolokia -- jolokia |
A JNDI Injection vulnerability exists in Jolokia agent version 1.3.7 in the proxy mode that allows a remote attacker to run arbitrary Java code on the server. | 2018-03-14 | not yet calculated | CVE-2018-1000130 CONFIRM |
| joomla! -- joomla! |
In Joomla! 3.5.0 through 3.8.5, the lack of type casting of a variable in a SQL statement leads to a SQL injection vulnerability in the User Notes list view. | 2018-03-14 | not yet calculated | CVE-2018-8045 BID SECTRACK CONFIRM |
| joyplus-cms -- joyplus-cms |
joyplus-cms 1.6.0 has CSRF, as demonstrated by adding an administrator account via a manager/admin_ajax.php?action=save&tab={pre}manager request. | 2018-03-14 | not yet calculated | CVE-2018-8717 MISC |
| jpxstream -- jpxstream |
The JPXStream::readTilePartData function in JPXStream.cc in xpdf 4.00 allows attackers to launch denial of service (heap-based buffer over-read and application crash) via a specific pdf file, as demonstrated by pdftohtml. | 2018-03-13 | not yet calculated | CVE-2018-8106 MISC |
| jpxstream -- jpxstream |
The JPXStream::fillReadBuf function in JPXStream.cc in xpdf 4.00 allows attackers to launch denial of service (heap-based buffer over-read and application crash) via a specific pdf file, as demonstrated by pdftohtml. | 2018-03-13 | not yet calculated | CVE-2018-8105 MISC |
| jpxstream -- jpxstream |
The JPXStream::readTilePart function in JPXStream.cc in xpdf 4.00 allows attackers to launch denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a specific pdf file, as demonstrated by pdftohtml. | 2018-03-13 | not yet calculated | CVE-2018-8100 MISC |
| jpxstream -- jpxstream |
The JPXStream::close function in JPXStream.cc in xpdf 4.00 allows attackers to launch denial of service (heap-based buffer over-read and application crash) via a specific pdf file, as demonstrated by pdftohtml. | 2018-03-13 | not yet calculated | CVE-2018-8107 MISC |
| jpxstream -- jpxstream |
The JPXStream::inverseTransformLevel function in JPXStream.cc in xpdf 4.00 allows attackers to launch denial of service (heap-based buffer over-read and application crash) via a specific pdf file, as demonstrated by pdftohtml. | 2018-03-13 | not yet calculated | CVE-2018-8101 MISC |
| kadnode -- kadnode |
KadNode version version 2.2.0 contains a Buffer Overflow vulnerability in Arguments when starting up the binary that can result in Control of program execution flow, leading to remote code execution. | 2018-03-13 | not yet calculated | CVE-2018-1000091 MISC |
| keepkey -- keepkey |
Format String vulnerability in KeepKey version 4.0.0 allows attackers to trigger information display (of information that should not be accessible), related to text containing characters that the device's font lacks. | 2018-03-14 | not yet calculated | CVE-2018-6875 CONFIRM |
| kingsoft -- wps_office_free |
Kingsoft WPS Office Free 10.2.0.5978 allows local users to gain privileges or cause a denial of service by impersonating all the pipes through a use of \\.\pipe\WPSCloudSvr\WpsCloudSvr -- an "insecurely created named pipe." Ensures full access to Everyone users group. | 2018-03-12 | not yet calculated | CVE-2018-6400 FULLDISC |
| kontena -- kontena |
server/app/views/static/code.html in Kontena before 1.5.0 allows XSS in "kontena master login --remote" code display, as demonstrated by /code#code= in a URI. | 2018-03-15 | not yet calculated | CVE-2018-8728 MISC MISC MISC |
| kubernetes -- kubernetes |
In Kubernetes versions 1.3.x, 1.4.x, 1.5.x, 1.6.x and prior to versions 1.7.14, 1.8.9 and 1.9.4 containers using a secret, configMap, projected or downwardAPI volume can trigger deletion of arbitrary files/directories from the nodes where they are running. | 2018-03-13 | not yet calculated | CVE-2017-1002102 REDHAT CONFIRM |
| kubernetes -- kubernetes |
In Kubernetes versions 1.3.x, 1.4.x, 1.5.x, 1.6.x and prior to versions 1.7.14, 1.8.9 and 1.9.4 containers using subpath volume mounts with any volume type (including non-privileged pods, subject to file permissions) can access files/directories outside of the volume, including the host's filesystem. | 2018-03-13 | not yet calculated | CVE-2017-1002101 REDHAT CONFIRM |
| libevt -- libevt |
The libevt_record_values_read_event() function in libevt_record_values.c in libevt before 2018-03-17 does not properly check for out-of-bounds values of user SID data size, strings size, or data size. | 2018-03-17 | not yet calculated | CVE-2018-8754 MISC |
| libgit2 -- libgit2 |
Incorrect returning of an error code in the index.c:read_entry() function leads to a double free in libgit2 before v0.26.2, which allows an attacker to cause a denial of service via a crafted repository index file. | 2018-03-13 | not yet calculated | CVE-2018-8099 CONFIRM CONFIRM |
| libgit2 -- libgit2 |
Integer overflow in the index.c:read_entry() function while decompressing a compressed prefix length in libgit2 before v0.26.2 allows an attacker to cause a denial of service (out-of-bounds read) via a crafted repository index file. | 2018-03-13 | not yet calculated | CVE-2018-8098 CONFIRM CONFIRM CONFIRM |
| libtiff -- libtiff |
LibTIFF 4.0.3 allows remote attackers to cause a denial of service (out-of-bounds write) or possibly have unspecified other impact via a crafted TIFF image, as demonstrated by failure of tif_next.c to verify that the BitsPerSample value is 2, and the t2p_sample_lab_signed_to_unsigned function in tiff2pdf.c. | 2018-03-11 | not yet calculated | CVE-2014-8129 MISC MISC APPLE APPLE MLIST REDHAT REDHAT CONFIRM CONFIRM MISC BID SECTRACK CONFIRM GENTOO DEBIAN |
| libtiff -- libtiff |
Buffer overflow in the PixarLogDecode function in tif_pixarlog.c in LibTIFF 4.0.6 and earlier allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted TIFF image, as demonstrated by overwriting the vgetparent function pointer with rgb2ycbcr. | 2018-03-11 | not yet calculated | CVE-2016-5314 CONFIRM SUSE SUSE SUSE SUSE MLIST MLIST MLIST CONFIRM BID BID CONFIRM CONFIRM GENTOO DEBIAN |
| libtiff -- libtiff |
The _TIFFmalloc function in tif_unix.c in LibTIFF 4.0.3 does not reject a zero size, which allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted TIFF image that is mishandled by the TIFFWriteScanline function in tif_write.c, as demonstrated by tiffdither. | 2018-03-11 | not yet calculated | CVE-2014-8130 CONFIRM APPLE APPLE MLIST REDHAT REDHAT CONFIRM CONFIRM MISC BID SECTRACK CONFIRM CONFIRM GENTOO |
| libvips -- libvips |
In libvips before 8.6.3, a NULL function pointer dereference vulnerability was found in the vips_region_generate function in region.c, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted image file. This occurs because of a race condition involving a failed delayed load and other worker threads. | 2018-03-09 | not yet calculated | CVE-2018-7998 MISC MISC MLIST |
| linux -- linux_kernel |
The unimac_mdio_probe function in drivers/net/phy/mdio-bcm-unimac.c in the Linux kernel through 4.15.8 does not validate certain resource availability, which allows local users to cause a denial of service (NULL pointer dereference). | 2018-03-10 | not yet calculated | CVE-2018-8043 MISC MISC |
| linux -- linux_kernel |
The Serial Attached SCSI (SAS) implementation in the Linux kernel through 4.15.9 mishandles a mutex within libsas, which allows local users to cause a denial of service (deadlock) by triggering certain error-handling code. | 2018-03-15 | not yet calculated | CVE-2017-18232 MISC BID MISC |
| linux -- linux_kernel |
In the Linux kernel before 4.15, fs/ocfs2/aops.c omits use of a semaphore and consequently has a race condition for access to the extent tree during read operations in DIRECT mode, which allows local users to cause a denial of service (BUG) by modifying a certain e_cpos field. | 2018-03-11 | not yet calculated | CVE-2017-18224 MISC BID MISC |
| linux -- linux_kernel |
A flaw was found in the Linux 4.x kernel's implementation of 32-bit syscall interface for bridging. This allowed a privileged user to arbitrarily write to a limited range of kernel memory. | 2018-03-16 | not yet calculated | CVE-2018-1068 CONFIRM CONFIRM CONFIRM MLIST MLIST |
| linux -- linux_kernel |
Memory leak in the hwsim_new_radio_nl function in drivers/net/wireless/mac80211_hwsim.c in the Linux kernel through 4.15.9 allows local users to cause a denial of service (memory consumption) by triggering an out-of-array error case. | 2018-03-13 | not yet calculated | CVE-2018-8087 MISC MISC |
| memcached -- memcached |
memcached version prior to 1.4.37 contains an Integer Overflow vulnerability in items.c:item_free() that can result in data corruption and deadlocks due to items existing in hash table being reused from free list. This attack appear to be exploitable via network connectivity to the memcached service. This vulnerability appears to have been fixed in 1.4.37 and later. | 2018-03-13 | not yet calculated | CVE-2018-1000127 CONFIRM CONFIRM CONFIRM |
| mercurial -- mercurial |
Mercurial version 4.5 and earlier contains a Incorrect Access Control (CWE-285) vulnerability in Protocol server that can result in Unauthorized data access. This attack appear to be exploitable via network connectivity. This vulnerability appears to have been fixed in 4.5.1. | 2018-03-14 | not yet calculated | CVE-2018-1000132 CONFIRM |
| microsoft -- .net_core_and_powershell_core |
.NET Core 1.0, .NET Core 1.1, NET Core 2.0 and PowerShell Core 6.0.0 allow a denial of Service vulnerability due to how specially crafted requests are handled, aka ".NET Core Denial of Service Vulnerability". | 2018-03-14 | not yet calculated | CVE-2018-0875 BID SECTRACK REDHAT CONFIRM |
| microsoft -- asp.net_core |
ASP.NET Core 1.0. 1.1, and 2.0 allow an elevation of privilege vulnerability due to how ASP.NET web applications handle web requests, aka "ASP.NET Core Elevation Of Privilege Vulnerability". This CVE is unique from CVE-2018-0784. | 2018-03-14 | not yet calculated | CVE-2018-0808 BID SECTRACK CONFIRM |
| microsoft -- asp.net_core |
ASP.NET Core 1.0. 1.1, and 2.0 allow an elevation of privilege vulnerability due to how web applications that are created from templates validate web requests, aka "ASP.NET Core Elevation Of Privilege Vulnerability". | 2018-03-14 | not yet calculated | CVE-2018-0787 BID SECTRACK CONFIRM CONFIRM |
| microsoft -- chakracore_and_windows_10 |
ChakraCore and Microsoft Windows 10 1709 allow remote code execution, due to how the Chakra scripting engine handles objects in memory, aka "Chakra Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2018-0872, CVE-2018-0873, CVE-2018-0874, CVE-2018-0930, CVE-2018-0931, CVE-2018-0933, CVE-2018-0934, and CVE-2018-0937. | 2018-03-14 | not yet calculated | CVE-2018-0936 BID SECTRACK CONFIRM |
| microsoft -- chakracore_and_windows_10 |
ChakraCore and Microsoft Edge in Microsoft Windows 10 1709 allows remote code execution, due to how the Chakra scripting engine handles objects in memory, aka "Chakra Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2018-0872, CVE-2018-0873, CVE-2018-0874, CVE-2018-0931, CVE-2018-0933, CVE-2018-0934, CVE-2018-0936, and CVE-2018-0937. | 2018-03-14 | not yet calculated | CVE-2018-0930 BID CONFIRM |
| microsoft -- chakracore |
ChakraCore allows remote code execution, due to how the ChakraCore scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2018-0876, CVE-2018-0889, CVE-2018-0893, and CVE-2018-0935. | 2018-03-14 | not yet calculated | CVE-2018-0925 BID CONFIRM |
| microsoft -- sharepoint_enterprise_server |
Microsoft SharePoint Enterprise Server 2016 allows an elevation of privilege vulnerability to due how specially crafted web requests are sanitized, aka "Microsoft SharePoint Elevation of Privilege Vulnerability". This CVE is unique from CVE-2018-0909, CVE-2018-0910. CVE-2018-0911, CVE-2018-0912, CVE-2018-0913 CVE-2018-0914, CVE-2018-0915, CVE-2018-0916, CVE-2018-0921, CVE-2018-0923, CVE-2018-0944 and CVE-2018-0947. | 2018-03-14 | not yet calculated | CVE-2018-0917 BID SECTRACK CONFIRM |
| microsoft -- sharepoint_foundation_2013_sp1_and_ sharepoint_enterprise_server_2016 |
Microsoft SharePoint Foundation 2013 SP1 and Microsoft SharePoint Enterprise Server 2016 allow an elevation of privilege vulnerability to due how specially crafted web requests are sanitized, aka "Microsoft SharePoint Elevation of Privilege Vulnerability". This CVE is unique from CVE-2018-0909, CVE-2018-0910. CVE-2018-0911, CVE-2018-0912, CVE-2018-0913 CVE-2018-0914, CVE-2018-0915, CVE-2018-0916, CVE-2018-0917, CVE-2018-0921, CVE-2018-0923 and CVE-2018-0944. | 2018-03-14 | not yet calculated | CVE-2018-0947 BID SECTRACK CONFIRM |
| microsoft -- windows_kernel |
The Windows kernel in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and 1709, Windows Server 2016 and Windows Server, version 1709 allows an information disclosure vulnerability due to the way memory addresses are handled, aka "Windows Kernel Information Disclosure Vulnerability". This CVE is unique from CVE-2018-0811, CVE-2018-0813, CVE-2018-0814, CVE-2018-0894, CVE-2018-0895, CVE-2018-0896, CVE-2018-0897, CVE-2018-0898, CVE-2018-0899, CVE-2018-0901 and CVE-2018-0926. | 2018-03-14 | not yet calculated | CVE-2018-0900 BID SECTRACK CONFIRM |
| microsoft -- windows_kernel |
The Windows kernel in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and 1709, Windows Server 2016 and Windows Server, version 1709 allows an information disclosure vulnerability due to the way objects are initialized in memory, aka "Windows Kernel Information Disclosure Vulnerability". This CVE is unique from CVE-2018-0813, CVE-2018-0814, CVE-2018-0894, CVE-2018-0895, CVE-2018-0896, CVE-2018-0897, CVE-2018-0898, CVE-2018-0899, CVE-2018-0900, CVE-2018-0901 and CVE-2018-0926. | 2018-03-14 | not yet calculated | CVE-2018-0811 BID SECTRACK CONFIRM |
| microsoft -- windows_kernel |
The Windows kernel in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and 1709, Windows Server 2016 and Windows Server, version 1709 allows an information disclosure vulnerability due to the way memory addresses are handled, aka "Windows Kernel Information Disclosure Vulnerability". This CVE is unique from CVE-2018-0811, CVE-2018-0813, CVE-2018-0814, CVE-2018-0894, CVE-2018-0895, CVE-2018-0896, CVE-2018-0897, CVE-2018-0898, CVE-2018-0899, CVE-2018-0900, and CVE-2018-0926. | 2018-03-14 | not yet calculated | CVE-2018-0901 BID SECTRACK CONFIRM |
| microsoft -- windows_kernel |
The Windows kernel in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and 1709, Windows Server 2016 and Windows Server, version 1709 allows an information disclosure vulnerability due to the way memory addresses are handled, aka "Windows Kernel Information Disclosure Vulnerability". This CVE is unique from CVE-2018-0811, CVE-2018-0813, CVE-2018-0814, CVE-2018-0894, CVE-2018-0896, CVE-2018-0897, CVE-2018-0898, CVE-2018-0899, CVE-2018-0900, CVE-2018-0901 and CVE-2018-0926. | 2018-03-14 | not yet calculated | CVE-2018-0895 BID SECTRACK CONFIRM |
| microsoft -- windows_kernel |
The Windows kernel in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and 1709, Windows Server 2016 and Windows Server, version 1709 allows an information disclosure vulnerability due to the way memory addresses are handled, aka "Windows Kernel Information Disclosure Vulnerability". This CVE is unique from CVE-2018-0811, CVE-2018-0813, CVE-2018-0814, CVE-2018-0894, CVE-2018-0895, CVE-2018-0897, CVE-2018-0898, CVE-2018-0899, CVE-2018-0900, CVE-2018-0901 and CVE-2018-0926. | 2018-03-14 | not yet calculated | CVE-2018-0896 BID SECTRACK CONFIRM |
| microsoft -- windows_kernel |
The Windows kernel mode driver in Windows 10 Gold, 1511, 1607, 1703, and 1709, Windows Server 2016 and Windows Server, version 1709 allows an elevation of privilege vulnerability due to how objects are handled in memory, aka "Win32k Elevation of Privilege Vulnerability". | 2018-03-14 | not yet calculated | CVE-2018-0977 BID SECTRACK CONFIRM |
| microsoft -- windows_kernel |
The Windows kernel in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and 1709, Windows Server 2016 and Windows Server, version 1709 allows an information disclosure vulnerability due to the way memory addresses are handled, aka "Windows Kernel Information Disclosure Vulnerability". This CVE is unique from CVE-2018-0811, CVE-2018-0813, CVE-2018-0814, CVE-2018-0894, CVE-2018-0895, CVE-2018-0896, CVE-2018-0898, CVE-2018-0899, CVE-2018-0900, CVE-2018-0901 and CVE-2018-0926. | 2018-03-14 | not yet calculated | CVE-2018-0897 BID SECTRACK CONFIRM |
| microsoft -- windows_kernel |
The Windows kernel in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and 1709, Windows Server 2016 and Windows Server, version 1709 allows an information disclosure vulnerability due to the way memory addresses are handled, aka "Windows Kernel Information Disclosure Vulnerability". This CVE is unique from CVE-2018-0811, CVE-2018-0813, CVE-2018-0814, CVE-2018-0894, CVE-2018-0895, CVE-2018-0896, CVE-2018-0897, CVE-2018-0898, CVE-2018-0900, CVE-2018-0901 and CVE-2018-0926. | 2018-03-14 | not yet calculated | CVE-2018-0899 BID SECTRACK CONFIRM |
| microsoft -- windows_kernel |
The Windows kernel in Microsoft Windows Server 2008 R2 SP1, Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and 1709, Windows Server 2016 and Windows Server, version 1709 allows information disclosure vulnerability due to how memory addresses are handled, aka "Windows Kernel Information Disclosure Vulnerability". | 2018-03-14 | not yet calculated | CVE-2018-0904 BID SECTRACK CONFIRM |
| microsoft -- windows_kernel |
The Windows kernel in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and 1709, Windows Server 2016 and Windows Server, version 1709 allows an information disclosure vulnerability due to the way memory addresses are handled, aka "Windows Kernel Information Disclosure Vulnerability". This CVE is unique from CVE-2018-0811, CVE-2018-0813, CVE-2018-0814, CVE-2018-0894, CVE-2018-0895, CVE-2018-0896, CVE-2018-0897, CVE-2018-0898, CVE-2018-0899, CVE-2018-0900, and CVE-2018-0901. | 2018-03-14 | not yet calculated | CVE-2018-0926 BID SECTRACK CONFIRM |
| microsoft -- windows_kernel |
The Windows kernel in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and 1709, Windows Server 2016 and Windows Server, version 1709 allows an information disclosure vulnerability due to the way memory addresses are handled, aka "Windows Kernel Information Disclosure Vulnerability". This CVE is unique from CVE-2018-0811, CVE-2018-0813, CVE-2018-0814, CVE-2018-0894, CVE-2018-0895, CVE-2018-0896, CVE-2018-0897, CVE-2018-0899, CVE-2018-0900, CVE-2018-0901 and CVE-2018-0926. | 2018-03-14 | not yet calculated | CVE-2018-0898 BID SECTRACK CONFIRM |
| microsoft -- windows_kernel |
The Windows kernel in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and 1709, Windows Server 2016 and Windows Server, version 1709 allows an information disclosure vulnerability due to the way objects are initialized in memory, aka "Windows Kernel Information Disclosure Vulnerability". This CVE is unique from CVE-2018-0811, CVE-2018-0813, CVE-2018-0894, CVE-2018-0895, CVE-2018-0896, CVE-2018-0897, CVE-2018-0898, CVE-2018-0899, CVE-2018-0900, and CVE-2018-0901 and CVE-2018-0926. | 2018-03-14 | not yet calculated | CVE-2018-0814 BID SECTRACK CONFIRM |
| microsoft -- windows_kernel |
The Windows kernel in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and 1709, Windows Server 2016 and Windows Server, version 1709 allows an information disclosure vulnerability due to the way memory addresses are handled, aka "Windows Kernel Information Disclosure Vulnerability". This CVE is unique from CVE-2018-0811, CVE-2018-0813, CVE-2018-0814, CVE-2018-0895, CVE-2018-0896, CVE-2018-0897, CVE-2018-0898, CVE-2018-0899, CVE-2018-0900, CVE-2018-0901 and CVE-2018-0926. | 2018-03-14 | not yet calculated | CVE-2018-0894 BID SECTRACK CONFIRM |
| microsoft -- windows_kernel |
The Windows kernel in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and 1709, Windows Server 2016 and Windows Server, version 1709 allows an information disclosure vulnerability due to the way objects are initialized in memory, aka "Windows Kernel Information Disclosure Vulnerability". This CVE is unique from CVE-2018-0811, CVE-2018-0814, CVE-2018-0894, CVE-2018-0895, CVE-2018-0896, CVE-2018-0897, CVE-2018-0898, CVE-2018-0899, CVE-2018-0900, and CVE-2018-0901 and CVE-2018-0926. | 2018-03-14 | not yet calculated | CVE-2018-0813 BID SECTRACK CONFIRM |
| microsoft -- windows |
Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows remote code execution, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2018-0889, CVE-2018-0893, CVE-2018-0925, and CVE-2018-0935. | 2018-03-14 | not yet calculated | CVE-2018-0876 BID SECTRACK CONFIRM |
| microsoft -- windows |
Microsoft Exchange Server 2010 Service Pack 3 Update Rollup 20, Microsoft Exchange Server 2013 Cumulative Update 18, Microsoft Exchange Server 2013 Cumulative Update 19, Microsoft Exchange Server 2013 Service Pack 1, Microsoft Exchange Server 2016 Cumulative Update 7, and Microsoft Exchange Server 2016 Cumulative Update 8 allow an information disclosure vulnerability due to how URL redirects are handled, aka "Microsoft Exchange Information Disclosure Vulnerability". This CVE is unique from CVE-2018-0941. | 2018-03-14 | not yet calculated | CVE-2018-0924 BID SECTRACK CONFIRM |
| microsoft -- windows |
Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allow information disclosure, due to how Internet Explorer handles objects in memory, aka "Internet Explorer Information Disclosure Vulnerability". | 2018-03-14 | not yet calculated | CVE-2018-0929 BID SECTRACK CONFIRM |
| microsoft -- windows |
Microsoft Office 2010 SP2, 2013 SP1, and 2016, Microsoft Office 2016 Click-to-Run Microsoft Office 2016 for Mac, Microsoft Office Web Apps 2010 SP2, Microsoft Office Web Apps 2013 SP1, Microsoft SharePoint Enterprise Server 2013 SP1, Microsoft SharePoint Enterprise Server 2016, Microsoft SharePoint Server 2010 SP2, Microsoft Word 2010 SP2, Word 2013 SP1 and Microsoft Word 2016 allow an information disclosure vulnerability due to how variables are initialized, aka "Microsoft Office Information Disclosure Vulnerability". | 2018-03-14 | not yet calculated | CVE-2018-0919 BID SECTRACK CONFIRM |
| microsoft -- windows |
Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, and Microsoft Edge and Internet Explorer in Windows 10 Gold, 1511, 1607, 1703, 1709, Windows Server 2016 and Windows Server, version 1709 allows information disclosure, due to how Microsoft browsers handle objects in memory, aka "Microsoft Browser Information Disclosure Vulnerability". | 2018-03-14 | not yet calculated | CVE-2018-0932 BID SECTRACK CONFIRM |
| microsoft -- windows |
Microsoft Project Server 2013 SP1 and Microsoft SharePoint Enterprise Server 2016 allows an elevation of privilege vulnerability to due how specially crafted web requests are sanitized, aka "Microsoft SharePoint Elevation of Privilege Vulnerability". This CVE is unique from CVE-2018-0909, CVE-2018-0910. CVE-2018-0911, CVE-2018-0912, CVE-2018-0913 CVE-2018-0914, CVE-2018-0915, CVE-2018-0916, CVE-2018-0917, CVE-2018-0921, CVE-2018-0923 and CVE-2018-0947. | 2018-03-14 | not yet calculated | CVE-2018-0944 BID SECTRACK CONFIRM |
| microsoft -- windows |
Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 SP2 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allow elevation of privilege, due to how Internet Explorer handles zone and integrity settings, aka "Internet Explorer Elevation of Privilege Vulnerability". | 2018-03-14 | not yet calculated | CVE-2018-0942 BID SECTRACK CONFIRM |
| microsoft -- windows |
ChakraCore, and Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, and Internet Explorer and Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allow information disclosure, due to how the scripting engine handles objects in memory, aka "Scripting Engine Information Disclosure Vulnerability". This CVE ID is unique from CVE-2018-0939. | 2018-03-14 | not yet calculated | CVE-2018-0891 BID SECTRACK CONFIRM |
| microsoft -- windows |
Microsoft Project Server 2013 SP1 and Microsoft SharePoint Enterprise Server 2016 allow an elevation of privilege vulnerability to due how specially crafted web requests are sanitized, aka "Microsoft SharePoint Elevation of Privilege Vulnerability". This CVE is unique from CVE-2018-0909, CVE-2018-0910, CVE-2018-0912, CVE-2018-0913, CVE-2018-0914, CVE-2018-0915, CVE-2018-0916, CVE-2018-0917, CVE-2018-0921, CVE-2018-0923, CVE-2018-0944 and CVE-2018-0947. | 2018-03-14 | not yet calculated | CVE-2018-0911 BID SECTRACK CONFIRM |
| microsoft -- windows |
Microsoft Project Server 2013 SP1 and Microsoft SharePoint Enterprise Server 2016 allow an elevation of privilege vulnerability to due how specially crafted web requests are sanitized, aka "Microsoft SharePoint Elevation of Privilege Vulnerability". This CVE is unique from CVE-2018-0909, CVE-2018-0911, CVE-2018-0912, CVE-2018-0913, CVE-2018-0914, CVE-2018-0915, CVE-2018-0916, CVE-2018-0917, CVE-2018-0921, CVE-2018-0923, CVE-2018-0944 and CVE-2018-0947. | 2018-03-14 | not yet calculated | CVE-2018-0910 BID SECTRACK CONFIRM |
| microsoft -- windows |
Windows Scripting Host (WSH) in Windows 10 Gold, 1511, 1607, 1703 and 1709, Windows Server 2016 and Windows Server, version 1709 allows a security feature bypass vulnerability due to how objects are handled in memory, aka "Windows Security Feature Bypass Vulnerability". This CVE is unique from CVE-2018-0902. | 2018-03-14 | not yet calculated | CVE-2018-0884 BID SECTRACK CONFIRM |
| microsoft -- windows |
Microsoft Excel 2007 SP3, Microsoft Excel 2010 SP2, Microsoft Excel 2013 SP1, Microsoft Excel 2016, Microsoft Office 2016 Click-to-Run and Microsoft Office 2016 for Mac allow a security feature bypass vulnerability due to how macro settings are enforced, aka "Microsoft Office Excel Security Feature Bypass". | 2018-03-14 | not yet calculated | CVE-2018-0907 BID SECTRACK CONFIRM |
| microsoft -- windows |
ChakraCore and Microsoft Windows 10 1703 and 1709 allow remote code execution, due to how the Chakra scripting engine handles objects in memory, aka "Chakra Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2018-0872, CVE-2018-0873, CVE-2018-0874, CVE-2018-0930, CVE-2018-0931, CVE-2018-0933, CVE-2018-0934, and CVE-2018-0936. | 2018-03-14 | not yet calculated | CVE-2018-0937 BID SECTRACK CONFIRM |
| microsoft -- windows |
Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows remote code execution, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2018-0876, CVE-2018-0889, CVE-2018-0925, and CVE-2018-0935. | 2018-03-14 | not yet calculated | CVE-2018-0893 BID SECTRACK CONFIRM |
| microsoft -- windows |
Microsoft Project Server 2013 SP1 and Microsoft SharePoint Enterprise Server 2016 allow an elevation of privilege vulnerability to due how specially crafted web requests are sanitized, aka "Microsoft SharePoint Elevation of Privilege Vulnerability". This CVE is unique from CVE-2018-0910, CVE-2018-0911, CVE-2018-0912, CVE-2018-0913, CVE-2018-0914, CVE-2018-0915, CVE-2018-0916, CVE-2018-0917, CVE-2018-0921, CVE-2018-0923, CVE-2018-0944 and CVE-2018-0947. | 2018-03-14 | not yet calculated | CVE-2018-0909 BID SECTRACK CONFIRM |
| microsoft -- windows |
Microsoft Edge in Windows 10 1709 allows information disclosure, due to how Edge handles objects in memory, aka "Microsoft Edge Information Disclosure Vulnerability". | 2018-03-14 | not yet calculated | CVE-2018-0879 BID SECTRACK CONFIRM |
| microsoft -- windows |
Microsoft Access 2010 SP2, Microsoft Access 2013 SP1, Microsoft Access 2016, and Microsoft Office 2016 Click-to-Run allow a remote code execution vulnerability due to how objects are handled in memory, aka "Microsoft Access Remote Code Execution Vulnerability". | 2018-03-14 | not yet calculated | CVE-2018-0903 BID SECTRACK CONFIRM |
| microsoft -- windows |
Microsoft Office 2010 SP2, 2013 SP1, and 2016, Microsoft Office 2016 Click-to-Run Microsoft Office 2016 for Mac, Microsoft Office Compatibility Pack SP2, Microsoft Office Web Apps 2010 SP2, Microsoft Office Web Apps 2013 SP1, Microsoft Office Word Viewer, Microsoft SharePoint Enterprise Server 2013 SP1, Microsoft SharePoint Enterprise Server 2016, Microsoft Office Compatibility Pack SP2, Microsoft Online Server 2016, Microsoft SharePoint Server 2010 SP2, Microsoft Word 2007 SP3, Microsoft Word 2010 SP2, Word 2013 and Microsoft Word 2016 allow a remote code execution vulnerability due to how objects are handled in memory, aka "Microsoft Office Memory Corruption Vulnerability". | 2018-03-14 | not yet calculated | CVE-2018-0922 BID SECTRACK CONFIRM |
| microsoft -- windows |
Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows remote code execution, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2018-0876, CVE-2018-0893, CVE-2018-0925, and CVE-2018-0935. | 2018-03-14 | not yet calculated | CVE-2018-0889 BID SECTRACK CONFIRM |
| microsoft -- windows |
Microsoft Project Server 2013 SP1 and Microsoft SharePoint Enterprise Server 2016 allow an elevation of privilege vulnerability to due how specially crafted web requests are sanitized, aka "Microsoft SharePoint Elevation of Privilege Vulnerability". This CVE is unique from CVE-2018-0909, CVE-2018-0910. CVE-2018-0911, CVE-2018-0912, CVE-2018-0913, CVE-2018-0915, CVE-2018-0916, CVE-2018-0917, CVE-2018-0921, CVE-2018-0923, CVE-2018-0944 and CVE-2018-0947. | 2018-03-14 | not yet calculated | CVE-2018-0914 BID SECTRACK CONFIRM |
| microsoft -- windows |
The Desktop Bridge in Windows 10 1607, 1703, and 1709, Windows Server 2016 and Windows Server, version 1709 allows an elevation of privilege vulnerability due to how the virtual registry is managed, aka "Windows Desktop Bridge Elevation of Privilege Vulnerability". This CVE is unique from CVE-2018-0882. | 2018-03-14 | not yet calculated | CVE-2018-0880 BID SECTRACK CONFIRM |
| microsoft -- windows |
Microsoft Project Server 2013 SP1 and Microsoft SharePoint Enterprise Server 2016 allow an elevation of privilege vulnerability to due how specially crafted web requests are sanitized, aka "Microsoft SharePoint Elevation of Privilege Vulnerability". This CVE is unique from CVE-2018-0909, CVE-2018-0910. CVE-2018-0911, CVE-2018-0912, CVE-2018-0914, CVE-2018-0916, CVE-2018-0917, CVE-2018-0921, CVE-2018-0923, CVE-2018-0944 and CVE-2018-0947. | 2018-03-14 | not yet calculated | CVE-2018-0915 BID SECTRACK CONFIRM |
| microsoft -- windows |
Microsoft Project Server 2013 SP1 and Microsoft SharePoint Enterprise Server 2016 allow an elevation of privilege vulnerability to due how specially crafted web requests are sanitized, aka "Microsoft SharePoint Elevation of Privilege Vulnerability". This CVE is unique from CVE-2018-0909, CVE-2018-0910. CVE-2018-0911, CVE-2018-0913, CVE-2018-0914, CVE-2018-0915, CVE-2018-0916, CVE-2018-0917, CVE-2018-0921, CVE-2018-0923, CVE-2018-0944 and CVE-2018-0947. | 2018-03-14 | not yet calculated | CVE-2018-0913 BID SECTRACK CONFIRM |
| microsoft -- windows |
Microsoft Project Server 2013 SP1 and Microsoft SharePoint Enterprise Server 2016 allow an elevation of privilege vulnerability to due how specially crafted web requests are sanitized, aka "Microsoft SharePoint Elevation of Privilege Vulnerability". This CVE is unique from CVE-2018-0909, CVE-2018-0910. CVE-2018-0911, CVE-2018-0912, CVE-2018-0913 CVE-2018-0914, CVE-2018-0915, CVE-2018-0917, CVE-2018-0921, CVE-2018-0923, CVE-2018-0944 and CVE-2018-0947. | 2018-03-14 | not yet calculated | CVE-2018-0916 BID SECTRACK CONFIRM |
| microsoft -- windows |
The verify_certificate function in lib/vtls/schannel.c in libcurl 7.30.0 through 7.51.0, when built for Windows CE using the schannel TLS backend, makes it easier for remote attackers to conduct man-in-the-middle attacks via a crafted wildcard SAN in a server certificate, as demonstrated by "*.com." | 2018-03-12 | not yet calculated | CVE-2016-9952 CONFIRM CONFIRM |
| microsoft -- windows |
Microsoft SharePoint Enterprise Server 2016 allows an elevation of privilege vulnerability to due how specially crafted web requests are sanitized, aka "Microsoft SharePoint Elevation of Privilege Vulnerability". This CVE is unique from CVE-2018-0909, CVE-2018-0910. CVE-2018-0911, CVE-2018-0912, CVE-2018-0913 CVE-2018-0914, CVE-2018-0915, CVE-2018-0916, CVE-2018-0917, CVE-2018-0923, CVE-2018-0944 and CVE-2018-0947. | 2018-03-14 | not yet calculated | CVE-2018-0921 BID SECTRACK CONFIRM |
| microsoft -- windows |
Windows Storage Services in Windows 10 versions 1511, 1607, 1703 and 1709, Windows Server 2016 and Windows Server, version 1709 allows an elevation of privilege vulnerability due to the way objects are handled in memory, aka "Windows Storage Services Elevation of Privilege Vulnerability". | 2018-03-14 | not yet calculated | CVE-2018-0983 BID SECTRACK CONFIRM |
| microsoft -- windows |
The Microsoft Hyper-V Network Switch in 64-bit versions of Microsoft Windows Server 2008 SP2 and R2 SP1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and 1709, Windows Server 2016 and Windows Server, version 1709 allows a denial of service vulnerability due to how input from a privileged user on a guest operating system is validated, aka "Hyper-V Denial of Service Vulnerability". | 2018-03-14 | not yet calculated | CVE-2018-0885 BID SECTRACK CONFIRM |
| microsoft -- windows |
Microsoft Exchange Server 2016 Cumulative Update 7 and Microsoft Exchange Server 2016 Cumulative Update 8 allow an information disclosure vulnerability due to how data is imported, aka "Microsoft Exchange Information Disclosure Vulnerability". This CVE is unique from CVE-2018-0924. | 2018-03-14 | not yet calculated | CVE-2018-0941 BID SECTRACK CONFIRM |
| microsoft -- windows |
Windows Installer in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and 1709, Windows Server 2016 and Windows Server, version 1709 allows an elevation of privilege vulnerability due to how input is sanitized, aka "Windows Installer Elevation of Privilege Vulnerability". | 2018-03-14 | not yet calculated | CVE-2018-0868 BID SECTRACK CONFIRM |
| microsoft -- windows |
Microsoft Exchange Outlook Web Access (OWA) in Microsoft Exchange Server 2010 Service Pack 3 Update Rollup 20, Microsoft Exchange Server 2013 Cumulative Update 18, Microsoft Exchange Server 2013 Cumulative Update 19, Microsoft Exchange Server 2013 Service Pack 1, Microsoft Exchange Server 2016 Cumulative Update 7, and Microsoft Exchange Server 2016 Cumulative Update 8 allows an elevation of privilege vulnerability due to how links in the body of an email message are rewritten, aka "Microsoft Exchange Elevation of Privilege Vulnerability". | 2018-03-14 | not yet calculated | CVE-2018-0940 BID SECTRACK CONFIRM |
| microsoft -- windows |
ChakraCore and Microsoft Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows remote code execution, due to how the Chakra scripting engine handles objects in memory, aka "Chakra Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2018-0872, CVE-2018-0873, CVE-2018-0874, CVE-2018-0930, CVE-2018-0931, CVE-2018-0934, CVE-2018-0936, and CVE-2018-0937. | 2018-03-14 | not yet calculated | CVE-2018-0933 BID SECTRACK CONFIRM |
| microsoft -- windows |
Windows Remote Assistance in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and 1709, Windows Server 2016 and Windows Server, version 1709 allows an information disclosure vulnerability due to how XML External Entities (XXE) are processed, aka "Windows Remote Assistance Information Disclosure Vulnerability". | 2018-03-14 | not yet calculated | CVE-2018-0878 BID SECTRACK CONFIRM |
| microsoft -- windows |
Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 and R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows remote code execution, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2018-0876, CVE-2018-0889, CVE-2018-0893, and CVE-2018-0925. | 2018-03-14 | not yet calculated | CVE-2018-0935 BID SECTRACK CONFIRM |
| microsoft -- windows |
The Desktop Bridge in Windows 10 1607, 1703, and 1709, Windows Server 2016 and Windows Server, version 1709 allows an elevation of privilege vulnerability due to how the virtual registry is managed, aka "Windows Desktop Bridge Elevation of Privilege Vulnerability". This CVE is unique from CVE-2018-0880. | 2018-03-14 | not yet calculated | CVE-2018-0882 BID SECTRACK CONFIRM |
| microsoft -- windows |
Internet Explorer in Microsoft Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8.1 and Windows RT 8.1, Windows Server 2012 and R2, and Microsoft Edge and Internet Explorer in Windows 10 Gold, 1511, 1607, 1703, 1709, Windows Server 2016 and Windows Server, version 1709 allows information disclosure, due to how Microsoft browsers handle objects in memory, aka "Microsoft Browser Information Disclosure Vulnerability". | 2018-03-14 | not yet calculated | CVE-2018-0927 BID SECTRACK CONFIRM |
| microsoft -- windows |
The Credential Security Support Provider protocol (CredSSP) in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and 1709 Windows Server 2016 and Windows Server, version 1709 allows a remote code execution vulnerability due to how CredSSP validates request during the authentication process, aka "CredSSP Remote Code Execution Vulnerability". | 2018-03-14 | not yet calculated | CVE-2018-0886 BID SECTRACK MISC CONFIRM |
| microsoft -- windows |
Microsoft SharePoint Enterprise Server 2016 allows an elevation of privilege vulnerability to due how specially crafted web requests are sanitized, aka "Microsoft SharePoint Elevation of Privilege Vulnerability". This CVE is unique from CVE-2018-0909, CVE-2018-0910. CVE-2018-0911, CVE-2018-0912, CVE-2018-0913 CVE-2018-0914, CVE-2018-0915, CVE-2018-0916, CVE-2018-0917, CVE-2018-0921, CVE-2018-0944 and CVE-2018-0947. | 2018-03-14 | not yet calculated | CVE-2018-0923 BID SECTRACK CONFIRM |
| microsoft -- windows |
ChakraCore and Microsoft Edge in Windows 10 1703 and 1709 allow information disclosure, due to how the scripting engine handles objects in memory, aka "Scripting Engine Information Disclosure Vulnerability". This CVE ID is unique from CVE-2018-0891. | 2018-03-14 | not yet calculated | CVE-2018-0939 BID SECTRACK CONFIRM |
| microsoft -- windows |
Microsoft Project Server 2013 SP1 and Microsoft SharePoint Enterprise Server 2016 allow an elevation of privilege vulnerability to due how specially crafted web requests are sanitized, aka "Microsoft SharePoint Elevation of Privilege Vulnerability". This CVE is unique from CVE-2018-0909, CVE-2018-0910. CVE-2018-0911, CVE-2018-0913, CVE-2018-0914, CVE-2018-0915, CVE-2018-0916, CVE-2018-0917, CVE-2018-0921, CVE-2018-0923, CVE-2018-0944 and CVE-2018-0947. | 2018-03-14 | not yet calculated | CVE-2018-0912 BID SECTRACK CONFIRM |
| microsoft -- windows |
ChakraCore and Microsoft Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows remote code execution, due to how the Chakra scripting engine handles objects in memory, aka "Chakra Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2018-0872, CVE-2018-0873, CVE-2018-0874, CVE-2018-0930, CVE-2018-0933, CVE-2018-0934, CVE-2018-0936, and CVE-2018-0937. | 2018-03-14 | not yet calculated | CVE-2018-0931 BID CONFIRM |
| microsoft -- windows |
The Cryptography Next Generation (CNG) kernel-mode driver (cng.sys) in Windows 10 Gold, 1511, 1607, 1703, and 1709. Windows Server 2016 and Windows Server, version 1709 allows a security feature bypass vulnerability due to the way the kernel-mode driver validates and enforces impersonation levels, aka "Windows Security Feature Bypass Vulnerability". This CVE is unique from CVE-2018-0884. | 2018-03-14 | not yet calculated | CVE-2018-0902 BID SECTRACK CONFIRM |
| microsoft -- windows |
The Desktop Bridge Virtual File System (VFS) in Windows 10 1607, 1703, and 1709, Windows Server 2016 and Windows Server, version 1709 allows an elevation of privilege vulnerability due to how file paths are managed, aka "Windows Desktop Bridge VFS Elevation of Privilege Vulnerability". | 2018-03-14 | not yet calculated | CVE-2018-0877 BID SECTRACK CONFIRM |
| microsoft -- windows |
The verify_certificate function in lib/vtls/schannel.c in libcurl 7.30.0 through 7.51.0, when built for Windows CE using the schannel TLS backend, allows remote attackers to obtain sensitive information, cause a denial of service (crash), or possibly have unspecified other impact via a wildcard certificate name, which triggers an out-of-bounds read. | 2018-03-12 | not yet calculated | CVE-2016-9953 CONFIRM CONFIRM |
| microsoft -- windows |
ChakraCore and Microsoft Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows remote code execution, due to how the Chakra scripting engine handles objects in memory, aka "Chakra Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2018-0872, CVE-2018-0873, CVE-2018-0874, CVE-2018-0930, CVE-2018-0931, CVE-2018-0933, CVE-2018-0936, and CVE-2018-0937. | 2018-03-14 | not yet calculated | CVE-2018-0934 BID SECTRACK CONFIRM |
| microsoft -- windows |
The Windows Graphics Device Interface (GDI) in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and 1709, Windows Server 2016 and Windows Server, version 1709 allows an elevation of privilege vulnerability due to the way objects are handled in memory, aka "Windows GDI Elevation of Privilege Vulnerability". This CVE is unique from CVE-2018-0815 and CVE-2018-0816. | 2018-03-14 | not yet calculated | CVE-2018-0817 BID SECTRACK CONFIRM |
| microsoft -- windows |
Windows Shell in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, Windows Server 2016 and Windows Server, version 1709 allows a remote code execution vulnerability due to how file copy destinations are validated, aka "Windows Shell Remote Code Execution Vulnerability". | 2018-03-14 | not yet calculated | CVE-2018-0883 BID SECTRACK CONFIRM |
| microsoft -- windows |
The Microsoft Video Control in Microsoft Windows Server 2008 R2 SP1, Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and 1709, Windows Server 2016 and Windows Server, version 1709 allows an elevation of privilege due to how objects are handled in memory, aka "Microsoft Video Control Elevation of Privilege Vulnerability". | 2018-03-14 | not yet calculated | CVE-2018-0881 BID SECTRACK CONFIRM |
| microsoft -- windows |
The Microsoft Hyper-V Network Switch in 64-bit versions of Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and 1709, Windows Server 2016 and Windows Server, version 1709 allows an information disclosure vulnerability due to how guest operating system input is validated, aka "Hyper-V Information Disclosure Vulnerability". | 2018-03-14 | not yet calculated | CVE-2018-0888 BID SECTRACK CONFIRM |
| microsoft -- windows |
The Windows Graphics Device Interface (GDI) in Microsoft Windows Server 2008 SP2 and R2 SP1 and Windows 7 SP1 allows an elevation of privilege vulnerability due to the way objects are handled in memory, aka "Windows GDI Elevation of Privilege Vulnerability". This CVE is unique from CVE-2018-0816, and CVE-2018-0817. | 2018-03-14 | not yet calculated | CVE-2018-0815 BID SECTRACK CONFIRM |
| microsoft -- windows |
The Windows Graphics Device Interface (GDI) in Microsoft Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703, and 1709, Windows Server 2016 and Windows Server, version 1709 allows an elevation of privilege vulnerability due to the way objects are handled in memory, aka "Windows GDI Elevation of Privilege Vulnerability". This CVE is unique from CVE-2018-0815 and CVE-2018-0817. | 2018-03-14 | not yet calculated | CVE-2018-0816 BID SECTRACK CONFIRM |
| microsoft -- windows |
ChakraCore and Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows remote code execution, due to how the Chakra scripting engine handles objects in memory, aka "Chakra Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2018-0872, CVE-2018-0873, CVE-2018-0930, CVE-2018-0931, CVE-2018-0933, CVE-2018-0934, CVE-2018-0936, and CVE-2018-0937. | 2018-03-14 | not yet calculated | CVE-2018-0874 BID SECTRACK CONFIRM |
| microsoft -- windows |
ChakraCore and Microsoft Edge in Microsoft Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows remote code execution, due to how the Chakra scripting engine handles objects in memory, aka "Chakra Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2018-0873, CVE-2018-0874, CVE-2018-0930, CVE-2018-0931, CVE-2018-0933, CVE-2018-0934, CVE-2018-0936, and CVE-2018-0937. | 2018-03-14 | not yet calculated | CVE-2018-0872 BID SECTRACK CONFIRM |
| microsoft -- windows |
ChakraCore and Microsoft Edge in Microsoft Windows 10 1511, 1607, 1703, 1709, and Windows Server 2016 allows remote code execution, due to how the Chakra scripting engine handles objects in memory, aka "Chakra Scripting Engine Memory Corruption Vulnerability". This CVE ID is unique from CVE-2018-0872, CVE-2018-0874, CVE-2018-0930, CVE-2018-0931, CVE-2018-0933, CVE-2018-0934, CVE-2018-0936, and CVE-2018-0937. | 2018-03-14 | not yet calculated | CVE-2018-0873 BID SECTRACK CONFIRM |
| mitel -- connect_onsite |
A vulnerability in the conferencing component of Mitel Connect ONSITE, versions R1711-PREM and earlier, and Mitel ST 14.2, release GA28 and earlier, could allow an unauthenticated attacker to inject PHP code using specially crafted requests to the vsethost.php page. Successful exploit could allow an attacker to execute arbitrary PHP code within the context of the application. | 2018-03-14 | not yet calculated | CVE-2018-5782 CONFIRM CONFIRM |
| mitel -- connect_onsite |
A vulnerability in the conferencing component of Mitel Connect ONSITE, versions R1711-PREM and earlier, and Mitel ST 14.2, release GA28 and earlier, could allow an unauthenticated attacker to copy a malicious script into a newly generated PHP file and then execute the generated file using specially crafted requests. Successful exploit could allow an attacker to execute arbitrary code within the context of the application. | 2018-03-14 | not yet calculated | CVE-2018-5779 CONFIRM CONFIRM |
| mitel -- connect_onsite |
A vulnerability in the conferencing component of Mitel Connect ONSITE, versions R1711-PREM and earlier, and Mitel ST 14.2, release GA28 and earlier, could allow an unauthenticated attacker to inject PHP code using specially crafted requests to the vendrecording.php page. Successful exploit could allow an attacker to execute arbitrary PHP code within the context of the application. | 2018-03-14 | not yet calculated | CVE-2018-5781 CONFIRM CONFIRM |
| mitel -- connect_onsite |
A vulnerability in the conferencing component of Mitel Connect ONSITE, versions R1711-PREM and earlier, and Mitel ST 14.2, release GA28 and earlier, could allow an unauthenticated attacker to inject PHP code using specially crafted requests to the vnewmeeting.php page. Successful exploit could allow an attacker to execute arbitrary PHP code within the context of the application. | 2018-03-14 | not yet calculated | CVE-2018-5780 CONFIRM CONFIRM |
| mitel -- mitel_st |
A vulnerability in the conferencing component of Mitel ST 14.2, release GA28 and earlier, could allow an authenticated user to upload a malicious script to the Personal Library by a crafted POST request. Successful exploit could allow an attacker to execute arbitrary code within the context of the application. | 2018-03-13 | not yet calculated | CVE-2017-16251 CONFIRM CONFIRM |
| mitel -- mitel_st |
A vulnerability in Mitel ST 14.2, release GA28 and earlier, could allow an attacker to use the API function to enumerate through user-ids which could be used to identify valid user ids and associated user names. | 2018-03-13 | not yet calculated | CVE-2017-16250 CONFIRM CONFIRM |
| netiq -- access_manager |
A cross site scripting vulnerability exist in the Administration Console in NetIQ Access Manager (NAM) 4.3 and 4.4. | 2018-03-14 | not yet calculated | CVE-2018-7678 BID CONFIRM |
| netiq -- access_manager |
A CSRF exposure exists in NetIQ Access Manager (NAM) 4.4 Identity Server component. | 2018-03-14 | not yet calculated | CVE-2018-7677 BID CONFIRM |
| npr -- visuals_team_pym.js |
NPR Visuals Team Pym.js version versions 0.4.2 up to 1.3.1 contains a Cross ite Request Forgery (CSRF) vulnerability in Pym.js _onNavigateToMessage function. https://github.com/nprapps/pym.js/blob/master/src/pym.js#L573 that can result in Arbitrary javascript code execution. This attack appear to be exploitable via Attacker gains full javascript access to pages with Pym.js embeds when user visits an attacker crafted page.. This vulnerability appears to have been fixed in versions 1.3.2 and later. | 2018-03-13 | not yet calculated | CVE-2018-1000086 MISC MISC MISC |
| opendaylight -- opendaylight |
OpenDayLight version Carbon SR3 and earlier contain a vulnerability during node reconciliation that can result in traffic flows that should be expired or should expire shortly being re-installed and their timers reset resulting in traffic being allowed that should be expired. | 2018-03-16 | not yet calculated | CVE-2018-1078 CONFIRM |
| osisoft -- pi_web_api |
A Permissions, Privileges, and Access Controls issue was discovered in OSIsoft PI Web API versions 2017 R2 and prior. Privileges may be escalated, giving attackers access to the PI System via the service account. | 2018-03-14 | not yet calculated | CVE-2018-7500 BID MISC |
| osisoft -- pi_web_api |
A Cross-site Scripting issue was discovered in OSIsoft PI Web API versions 2017 R2 and prior. Cross-site scripting may occur when input is incorrectly neutralized. | 2018-03-14 | not yet calculated | CVE-2018-7508 BID MISC |
| osisoft – pi_data_archive |
An Improper Input Validation issue was discovered in OSIsoft PI Data Archive versions 2017 and prior. Unauthenticated users may use unvalidated custom requests to crash the server. | 2018-03-14 | not yet calculated | CVE-2018-7531 BID MISC |
| osisoft – pi_data_archive |
A Deserialization of Untrusted Data issue was discovered in OSIsoft PI Data Archive versions 2017 and prior. Unauthenticated users may modify deserialized data to send custom requests that crash the server. | 2018-03-14 | not yet calculated | CVE-2018-7529 BID MISC |
| osisoft – pi_data_archive |
An Incorrect Default Permissions issue was discovered in OSIsoft PI Data Archive versions 2017 and prior. Insecure default configuration may allow escalation of privileges that gives the actor full control over the system. | 2018-03-14 | not yet calculated | CVE-2018-7533 BID MISC |
| osisoft – pi_vision |
A Protection Mechanism Failure issue was discovered in OSIsoft PI Vision versions 2017 and prior. The X-XSS-Protection response header is not set to block, allowing attempts at reflected cross-site scripting. | 2018-03-14 | not yet calculated | CVE-2018-7504 BID MISC |
| osisoft – pi_vision |
An Information Exposure issue was discovered in OSIsoft PI Vision versions 2017 and prior. The server response header and referrer-policy response header each provide unintended information disclosure. | 2018-03-14 | not yet calculated | CVE-2018-7496 BID MISC |
| ovirt -- ovirt |
oVirt version 4.2.0 to 4.2.2 contains a Cross Site Scripting (XSS) vulnerability in the name/description of VMs portion of the web admin application. This vulnerability appears to have been fixed in version 4.2.3. | 2018-03-12 | not yet calculated | CVE-2018-1000095 MISC MISC |
| panda -- global_protection |
Panda Global Protection 17.0.1 allows local users to gain privileges or cause a denial of service by impersonating all the pipes through a use of \.\pipe\PSANMSrvcPpal -- an "insecurely created named pipe." Ensures full access to Everyone users group. | 2018-03-12 | not yet calculated | CVE-2018-6322 FULLDISC |
| panda -- global_protection |
Unquoted Windows search path vulnerability in the panda_url_filtering service in Panda Global Protection 17.0.1 allows local users to gain privileges via a malicious artefact. | 2018-03-12 | not yet calculated | CVE-2018-6321 FULLDISC |
| paramiko -- paramiko |
transport.py in the SSH server implementation of Paramiko before 1.17.6, 1.18.x before 1.18.5, 2.0.x before 2.0.8, 2.1.x before 2.1.5, 2.2.x before 2.2.3, 2.3.x before 2.3.2, and 2.4.x before 2.4.1 does not properly check whether authentication is completed before processing other requests, as demonstrated by channel-open. A customized SSH client can simply skip the authentication step. | 2018-03-13 | not yet calculated | CVE-2018-7750 CONFIRM CONFIRM CONFIRM |
| pitchfork -- pitchfork |
Pitchfork version 1.4.6 RC1 contains an Improper Privilege Management vulnerability in Trident Pitchfork components that can result in A standard unprivileged user could gain system administrator permissions within the web portal.. This attack appear to be exploitable via The user must be able to login, and could edit their profile and set the "System Administrator" permission to "yes" on themselves.. This vulnerability appears to have been fixed in 1.4.6 RC2. | 2018-03-16 | not yet calculated | CVE-2018-1000133 CONFIRM CONFIRM CONFIRM CONFIRM MISC |
| pivotal -- concourse |
Pivotal Concourse after 2018-03-05 might allow remote attackers to have an unspecified impact, if a customer obtained the Concourse software from a DNS domain that is no longer controlled by Pivotal. The original domain for the Concourse CI (concourse-dot-ci) open source project has been registered by an unknown actor, and is therefore no longer the official website for Concourse CI. The new official domain is concourse-ci.org. At approximately 4 am EDT on March 7, 2018 the Concourse OSS team began receiving reports that the Concourse domain was not responding. The Concourse OSS team discovered, upon investigation with both the original and the new domain registrars, that the originating domain registrar had made the domain available for purchase. This was done despite the domain being renewed by the Concourse OSS team through August 2018. For a customer to be affected, they would have needed to access a download from a "concourse-dot-ci" domain web site after March 6, 2018 18:00:00 EST. Accessing that domain is NOT recommended by Pivotal. Anyone who had been using that domain should immediately begin using the concourse-ci.org domain instead. Customers can also safely access Concourse software from the traditionally available locations on the Pivotal Network or GitHub. | 2018-03-13 | not yet calculated | CVE-2018-1227 CONFIRM |
| pivotal -- gemfire_for_pivotal_cloud_foundry |
The GemFire broker for Cloud Foundry 1.6.x before 1.6.5 and 1.7.x before 1.7.1 has multiple API endpoints which do not require authentication and could be used to gain access to the cluster managed by the broker. | 2018-03-16 | not yet calculated | CVE-2016-9880 BID CONFIRM |
| pivotal -- pivotal_application_service |
Apps Manager for PCF (Pivotal Application Service 1.11.x before 1.11.26, 1.12.x before 1.12.14, and 2.0.x before 2.0.5) allows unprivileged remote file read in its container via specially-crafted links. | 2018-03-16 | not yet calculated | CVE-2018-1200 BID CONFIRM |
| piwigo -- piwigo |
Cross-site request forgery (CSRF) vulnerability in the administration panel in Piwigo before 2.6.2 allows remote attackers to hijack the authentication of administrators for requests that add users via a pwg.users.add action in a request to ws.php. | 2018-03-16 | not yet calculated | CVE-2014-4613 OSVDB MISC CONFIRM CONFIRM MLIST MLIST EXPLOIT-DB BID |
| qcms -- qcms |
QCMS version 3.0 has XSS via the webname parameter to the /backend/system.html URI. | 2018-03-12 | not yet calculated | CVE-2018-8069 MISC |
| qcms -- qcms |
QCMS version 3.0 has XSS via the title parameter to the /guest/index.html URI. | 2018-03-12 | not yet calculated | CVE-2018-8070 MISC |
| qemu -- qemu |
Quick Emulator (aka QEMU), when built with the Cirrus CLGD 54xx VGA Emulator support, allows local guest OS privileged users to cause a denial of service (out-of-bounds access and QEMU process crash) by leveraging incorrect region calculation when updating VGA display. | 2018-03-12 | not yet calculated | CVE-2018-7858 MLIST BID CONFIRM MLIST |
| qualcomm -- android |
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, in the function wma_ndp_end_indication_event_handler(), there is no input validation check on a event_info value coming from firmware, which can cause an integer overflow and then leads to potential heap overwrite. | 2018-03-16 | not yet calculated | CVE-2017-15831 CONFIRM MISC |
| qualcomm -- android |
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, while processing VENDOR specific action frame in the function lim_process_action_vendor_specific(), a comparison is performed with the incoming action frame body without validating if the action frame body received is of valid length, potentially leading to an out-of-bounds access. | 2018-03-15 | not yet calculated | CVE-2017-14882 BID CONFIRM MISC |
| qualcomm -- android |
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, improper input validation for vent->vdev_id in wma_action_frame_filter_mac_event_handler(), which is received from firmware, leads to arbitrary code execution. | 2018-03-16 | not yet calculated | CVE-2017-18065 CONFIRM MISC |
| qualcomm -- android |
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, improper input validation for wmi_event->num_vdev_mac_entries in wma_pdev_set_hw_mode_resp_evt_handler(), which is received from firmware, leads to potential buffer overflow. | 2018-03-16 | not yet calculated | CVE-2017-18055 CONFIRM MISC |
| qualcomm -- android |
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, improper input validation for nlo_event in wma_nlo_match_evt_handler(), which is received from firmware, leads to potential out of bound memory access. | 2018-03-15 | not yet calculated | CVE-2017-18063 BID CONFIRM MISC |
| qualcomm -- android |
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, improper input validation for vdev_id in wma_unified_bcntx_status_event_handler() which is received from firmware leads to potential out of bounds memory read. | 2018-03-15 | not yet calculated | CVE-2017-18056 BID CONFIRM |
| qualcomm -- android |
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, potential buffer overflow can happen when processing AOA measurement event from WIGIG firmware in wil_aoa_evt_meas(). | 2018-03-16 | not yet calculated | CVE-2017-18061 CONFIRM MISC |
| qualcomm -- android |
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, a length variable which is used to copy data has a size of only 8 bits and can be exceeded resulting in a denial of service. | 2018-03-15 | not yet calculated | CVE-2017-14878 BID CONFIRM MISC |
| qualcomm -- android |
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, improper input validation for wow_buf_pkt_len in wma_wow_wakeup_host_event() which is received from firmware leads to potential out of bounds memory read. | 2018-03-16 | not yet calculated | CVE-2017-18058 CONFIRM MISC |
| qualcomm -- android |
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, improper input validation for vdev id in wma_nlo_scan_cmp_evt_handler(), which is received from firmware, leads to potential out of bounds memory read. | 2018-03-16 | not yet calculated | CVE-2017-18057 CONFIRM MISC |
| qualcomm -- android |
In Snapdragon Automobile, Snapdragon Wearable and Snapdragon Mobile MDM9206,MDM9607,MDM9650,SD 210/SD 212/SD 205,SD 400,SD 410/12,SD 425,SD 430,SD 450,SD 600,SD 602A,SD 615/16/SD 415,SD 617,SD 625,SD 650/52,SD 800,SD 808,SD 810,SD 820,SD 820Am,SD 835,SD 845,MSM8909W, improper input validation in video_fmt_mp4r_process_atom_avc1() causes a potential buffer overflow. | 2018-03-15 | not yet calculated | CVE-2017-17773 BID CONFIRM |
| qualcomm -- android |
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, due to the lack of a range check on the array index into the WMI descriptor pool, arbitrary address execution may potentially occur in the process mgmt completion handler. | 2018-03-16 | not yet calculated | CVE-2017-14889 CONFIRM MISC |
| qualcomm -- android |
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, improper input validation while processing an encrypted authentication management frame in lim_send_auth_mgmt_frame() leads to buffer overflow. | 2018-03-15 | not yet calculated | CVE-2017-18067 BID CONFIRM MISC |
| qualcomm -- android |
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, a race condition in diag_ioctl_lsm_deinit() leads to a Use After Free condition. | 2018-03-16 | not yet calculated | CVE-2018-3561 CONFIRM |
| qualcomm -- android |
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, when processing a clip with large size values, integer arithmetic overflows, and allocated buffer size will be less than intended buffer size. The following buffer operations will overflow the allocated buffer. | 2018-03-15 | not yet calculated | CVE-2016-10393 BID CONFIRM |
| qualcomm -- android |
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, potential buffer overflow can happen when processing UTF event in wma_process_utf_event(). | 2018-03-16 | not yet calculated | CVE-2017-18062 CONFIRM MISC |
| qualcomm -- android |
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, improper buffer length calculation in wma_roam_scan_filter() leads to buffer overflow. | 2018-03-15 | not yet calculated | CVE-2017-18068 BID CONFIRM MISC |
| qualcomm -- android |
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, a potential buffer overflow can happen when processing any 802.11 MGMT frames like Auth frame in limProcessAuthFrame. | 2018-03-15 | not yet calculated | CVE-2017-15815 BID CONFIRM MISC |
| qualcomm -- android |
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, in the processing of messages of type eWNI_SME_MODIFY_ADDITIONAL_IES, an integer overflow leading to heap buffer overflow may potentially occur. | 2018-03-16 | not yet calculated | CVE-2017-14887 CONFIRM MISC |
| qualcomm -- android |
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, improper controls in MSM CORE leads to use memory after it is freed in msm_core_ioctl(). | 2018-03-16 | not yet calculated | CVE-2017-18066 CONFIRM MISC |
| qualcomm -- android |
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, race condition in diag_dbgfs_read_dcistats(), while accessing diag_dbgfs_dci_data_index, causes potential heap overflow. | 2018-03-16 | not yet calculated | CVE-2017-15834 CONFIRM MISC |
| qualcomm -- android |
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, in msm_flash_subdev_do_ioctl of drivers/media/platform/msm/camera_v2/sensor/flash/msm_flash.c, there is a possible out of bounds read if flash_data.cfg_type is CFG_FLASH_INIT due to improper input validation. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. | 2018-03-16 | not yet calculated | CVE-2017-15814 CONFIRM |
| qualcomm -- android |
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, wma_unified_link_peer_stats_event_handler function has a variable num_rates which represents the sum of all the peer_stats->num_rates. The current behavior in this function is to validate only the num_rates of the first peer stats (peer_stats->num_rates) against WMA_SVC_MSG_MAX_SIZE, but not the sum of all the peer's num_rates (num_rates) which may lead to a buffer overflow when the firmware buffer is copied in to the allocated buffer (peer_stats) as the size for the memory allocation - link_stats_results_size is based on num_rates. | 2018-03-15 | not yet calculated | CVE-2017-14885 BID CONFIRM MISC |
| qualcomm -- android |
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, improper input validation for fix_param->vdev_id in wma_p2p_lo_event_handler(), which is received from firmware, leads to potential out of bounds memory read. | 2018-03-16 | not yet calculated | CVE-2017-18053 CONFIRM MISC |
| qualcomm -- android |
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, improper input validation for event->vdev_id in wma_rcpi_event_handler(), which is received from firmware, leads to potential out of bounds memory read. | 2018-03-16 | not yet calculated | CVE-2017-18051 CONFIRM MISC |
| qualcomm -- android |
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, a Double Free vulnerability exists in Audio Driver while opening a sound compression device. | 2018-03-16 | not yet calculated | CVE-2018-3560 CONFIRM |
| qualcomm -- android |
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, due to a race condition in a firmware loading routine, a buffer overflow could potentially occur if multiple user space threads try to update the WLAN firmware file through sysfs. | 2018-03-16 | not yet calculated | CVE-2017-11082 CONFIRM MISC |
| qualcomm -- android |
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, improper input validation for cmpl_params->num_reports, param_buf->desc_ids and param_buf->status in wma_mgmt_tx_bundle_completion_handler(), which is received from firmware, leads to potential out of bounds memory read. | 2018-03-16 | not yet calculated | CVE-2017-18052 CONFIRM MISC |
| qualcomm -- android |
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, improper input validation for vdev id in wma_scan_event_callback(), which is received from firmware, leads to potential out of bounds memory read. | 2018-03-16 | not yet calculated | CVE-2017-18059 CONFIRM MISC |
| qualcomm -- android |
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, improper input validation for num_vdev_mac_entries in wma_pdev_hw_mode_transition_evt_handler(), which is received from firmware, leads to potential buffer overflow. | 2018-03-16 | not yet calculated | CVE-2017-18054 CONFIRM MISC |
| qualcomm -- android |
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, improper input validation for p2p_noa_info in wma_send_bcn_buf_ll() which is received from firmware leads to potential buffer overflow. | 2018-03-15 | not yet calculated | CVE-2017-18064 BID CONFIRM MISC |
| qualcomm -- android |
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, improper message length calculation in oem_cmd_handler() while processing a WLAN_NL_MSG_OEM netlink message leads to buffer overread. | 2018-03-15 | not yet calculated | CVE-2017-18069 BID CONFIRM |
| qualcomm -- android |
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, untrusted pointer dereference in update_userspace_power() function in power leads to information exposure. | 2018-03-16 | not yet calculated | CVE-2017-15833 CONFIRM MISC |
| qualcomm -- android |
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, improper input validation for resp_event->vdev_id in wma_unified_bcntx_status_event_handler(), which is received from firmware, leads to potential out of bounds memory read. | 2018-03-16 | not yet calculated | CVE-2017-18060 CONFIRM MISC |
| qualcomm -- android |
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, there is an obsolete set/reset ssid hotlist API. | 2018-03-16 | not yet calculated | CVE-2017-11074 CONFIRM MISC |
| qualcomm -- android |
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, in the function wma_p2p_noa_event_handler(), there is no bound check on a value coming from firmware which can potentially lead to a buffer overwrite. | 2018-03-15 | not yet calculated | CVE-2017-15821 BID CONFIRM MISC |
| qualcomm -- android |
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, improper ch_list array index initialization in function sme_set_plm_request() causes potential buffer overflow. | 2018-03-16 | not yet calculated | CVE-2017-15830 CONFIRM MISC |
| qualcomm -- android |
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, improper input validation for vdev_map in wma_tbttoffset_update_event_handler(), which is received from firmware, leads to potential buffer overwrite and out of bounds memory read. | 2018-03-16 | not yet calculated | CVE-2017-18050 CONFIRM MISC |
| red_hat -- enterprise_linux |
curl, as shipped in Red Hat Enterprise Linux 6 before version 7.19.7-53, did not correctly backport the fix for CVE-2015-3148 because it did not reflect the fact that the HAVE_GSSAPI define was meanwhile substituted by USE_HTTP_NEGOTIATE. This issue was introduced in RHEL 6.7 and affects RHEL 6 curl only. | 2018-03-12 | not yet calculated | CVE-2017-2628 REDHAT BID CONFIRM |
| red_hat -- jboss_enterprise_application_platform |
Red Hat JBoss EAP version 5 is vulnerable to a deserialization of untrusted data in the JMX endpoint when deserializes the credentials passed to it. An attacker could exploit this vulnerability resulting in a denial of service attack. | 2018-03-09 | not yet calculated | CVE-2016-9585 BID CONFIRM |
| red_hat -- keycloak | Red Hat Keycloak before version 2.4.0 did not correctly check permissions when handling service account user deletion requests sent to the rest server. An attacker with service account authentication could use this flaw to bypass normal permissions and delete users in a separate realm. | 2018-03-12 | not yet calculated | CVE-2016-8629 REDHAT BID SECTRACK REDHAT REDHAT CONFIRM |
| red_hat -- keycloak | Red Hat Keycloak before version 2.5.1 has an implementation of HMAC verification for JWS tokens that uses a method that runs in non-constant time, potentially leaving the application vulnerable to timing attacks. | 2018-03-12 | not yet calculated | CVE-2017-2585 REDHAT BID SECTRACK REDHAT REDHAT CONFIRM |
| red_hat -- openshift_enterprise | Red Hat OpenShift Enterprise version 3.7 is vulnerable to access control override for container network filesystems. An attacker could override the UserId and GroupId for GlusterFS and NFS to read and write any data on the network filesystem. | 2018-03-09 | not yet calculated | CVE-2018-1069 BID CONFIRM |
| red_hat -- wildfly |
Undertow in Red Hat wildfly before version 11.0.0.Beta1 is vulnerable to a resource exhaustion resulting in a denial of service. Undertow keeps a cache of seen HTTP headers in persistent connections. It was found that this cache can easily exploited to fill memory with garbage, up to "max-headers" (default 200) * "max-header-size" (default 1MB) per active TCP connection. | 2018-03-12 | not yet calculated | CVE-2016-9589 REDHAT REDHAT REDHAT REDHAT REDHAT BID REDHAT REDHAT REDHAT REDHAT REDHAT REDHAT CONFIRM |
| roundcube -- roundcube |
roundcube version 1.3.4 and earlier contains an Insecure Permissions vulnerability in enigma plugin that can result in exfiltration of gpg private key. This attack appear to be exploitable via network connectivity. | 2018-03-13 | not yet calculated | CVE-2018-1000071 MISC MISC |
| ruby -- ruby |
RubyGems version Ruby 2.2 series: 2.2.9 and earlier, Ruby 2.3 series: 2.3.6 and earlier, Ruby 2.4 series: 2.4.3 and earlier, Ruby 2.5 series: 2.5.0 and earlier, prior to trunk revision 62422 contains a Directory Traversal vulnerability in gem installation that can result in the gem could write to arbitrary filesystem locations during installation. This attack appear to be exploitable via the victim must install a malicious gem. This vulnerability appears to have been fixed in 2.7.6. | 2018-03-13 | not yet calculated | CVE-2018-1000079 MISC MISC MISC |
| ruby -- ruby |
RubyGems version Ruby 2.2 series: 2.2.9 and earlier, Ruby 2.3 series: 2.3.6 and earlier, Ruby 2.4 series: 2.4.3 and earlier, Ruby 2.5 series: 2.5.0 and earlier, prior to trunk revision 62422 contains a Improper Input Validation vulnerability in ruby gems specification homepage attribute that can result in a malicious gem could set an invalid homepage URL. This vulnerability appears to have been fixed in 2.7.6. | 2018-03-13 | not yet calculated | CVE-2018-1000077 MISC MISC |
| ruby -- ruby |
RubyGems version Ruby 2.2 series: 2.2.9 and earlier, Ruby 2.3 series: 2.3.6 and earlier, Ruby 2.4 series: 2.4.3 and earlier, Ruby 2.5 series: 2.5.0 and earlier, prior to trunk revision 62422 contains a Cross Site Scripting (XSS) vulnerability in gem server display of homepage attribute that can result in XSS. This attack appear to be exploitable via the victim must browse to a malicious gem on a vulnerable gem server. This vulnerability appears to have been fixed in 2.7.6. | 2018-03-13 | not yet calculated | CVE-2018-1000078 MISC MISC |
| ruby -- ruby |
RubyGems version Ruby 2.2 series: 2.2.9 and earlier, Ruby 2.3 series: 2.3.6 and earlier, Ruby 2.4 series: 2.4.3 and earlier, Ruby 2.5 series: 2.5.0 and earlier, prior to trunk revision 62422 contains a Directory Traversal vulnerability in install_location function of package.rb that can result in path traversal when writing to a symlinked basedir outside of the root. This vulnerability appears to have been fixed in 2.7.6. | 2018-03-13 | not yet calculated | CVE-2018-1000073 MISC MISC |
| ruby -- ruby |
RubyGems version Ruby 2.2 series: 2.2.9 and earlier, Ruby 2.3 series: 2.3.6 and earlier, Ruby 2.4 series: 2.4.3 and earlier, Ruby 2.5 series: 2.5.0 and earlier, prior to trunk revision 62422 contains a Improper Verification of Cryptographic Signature vulnerability in package.rb that can result in a mis-signed gem could be installed, as the tarball would contain multiple gem signatures.. This vulnerability appears to have been fixed in 2.7.6. | 2018-03-13 | not yet calculated | CVE-2018-1000076 MISC MISC |
| ruby -- ruby |
RubyGems version Ruby 2.2 series: 2.2.9 and earlier, Ruby 2.3 series: 2.3.6 and earlier, Ruby 2.4 series: 2.4.3 and earlier, Ruby 2.5 series: 2.5.0 and earlier, prior to trunk revision 62422 contains a Deserialization of Untrusted Data vulnerability in owner command that can result in code execution. This attack appear to be exploitable via victim must run the `gem owner` command on a gem with a specially crafted YAML file. This vulnerability appears to have been fixed in 2.7.6. | 2018-03-13 | not yet calculated | CVE-2018-1000074 MISC MISC |
| ruby -- ruby |
RubyGems version Ruby 2.2 series: 2.2.9 and earlier, Ruby 2.3 series: 2.3.6 and earlier, Ruby 2.4 series: 2.4.3 and earlier, Ruby 2.5 series: 2.5.0 and earlier, prior to trunk revision 62422 contains a infinite loop caused by negative size vulnerability in ruby gem package tar header that can result in a negative size could cause an infinite loop.. This vulnerability appears to have been fixed in 2.7.6. | 2018-03-13 | not yet calculated | CVE-2018-1000075 MISC MISC |
| samba -- samba |
All versions of Samba from 4.0.0 onwards are vulnerable to a denial of service attack when the RPC spoolss service is configured to be run as an external daemon. Missing input sanitization checks on some of the input parameters to spoolss RPC calls could cause the print spooler service to crash. | 2018-03-13 | not yet calculated | CVE-2018-1050 BID SECTRACK CONFIRM CONFIRM UBUNTU DEBIAN CONFIRM |
| samba -- samba |
On a Samba 4 AD DC the LDAP server in all versions of Samba from 4.0.0 onwards incorrectly validates permissions to modify passwords over LDAP allowing authenticated users to change any other users' passwords, including administrative users and privileged service accounts (eg Domain Controllers). | 2018-03-13 | not yet calculated | CVE-2018-1057 BID SECTRACK CONFIRM CONFIRM UBUNTU DEBIAN CONFIRM CONFIRM |
| samba -- samba |
Samba before versions 4.6.1, 4.5.7 and 4.4.11 are vulnerable to a malicious client using a symlink race to allow access to areas of the server file system not exported under the share definition. | 2018-03-12 | not yet calculated | CVE-2017-2619 BID SECTRACK REDHAT REDHAT REDHAT REDHAT CONFIRM CONFIRM DEBIAN EXPLOIT-DB CONFIRM |
| sap -- business_client |
Under certain conditions SAP Business Client 6.5 allows an attacker to access information which would otherwise be restricted. | 2018-03-14 | not yet calculated | CVE-2018-2398 BID CONFIRM CONFIRM |
| sap -- business_objects_business_intelligence_platform |
In SAP Business Objects Business Intelligence Platform, 4.00, 4.10, 4.20, 4.30, the Central Management Console (CMC) does not sufficiently encode user controlled inputs which results in Cross-Site Scripting. | 2018-03-14 | not yet calculated | CVE-2018-2397 BID CONFIRM CONFIRM |
| sap -- business_process_automation_by_redwood |
SAP Business Process Automation (BPA) By Redwood does not sufficiently validate an XML document accepted from an untrusted source resulting in an XML External Entity (XXE) vulnerability. | 2018-03-14 | not yet calculated | CVE-2018-2401 BID CONFIRM CONFIRM |
| sap -- business_process_automation_by_redwood |
SAP Business Process Automation (BPA) By Redwood, 9.0, 9.1, allows an attacker to exploit insufficient validation of path information provided by users, thus characters representing 'traverse to parent directory' are passed through to the file APIs. | 2018-03-14 | not yet calculated | CVE-2018-2366 BID CONFIRM CONFIRM |
| sap -- business_process_automation_by_redwood |
Under certain conditions SAP Business Process Automation (BPA) By Redwood, 9.00, 9.10, allows an attacker to access information which would otherwise be restricted. | 2018-03-14 | not yet calculated | CVE-2018-2400 BID CONFIRM CONFIRM |
| sap -- hana |
In systems using the optional capture & replay functionality of SAP HANA, 1.00 and 2.00, (see SAP Note 2362820 for more information about capture & replay), user credentials may be stored in clear text in the indexserver trace files of the control system. An attacker with the required authorizations on the control system may be able to access the user credentials and gain unauthorized access to data in the captured or target system. | 2018-03-14 | not yet calculated | CVE-2018-2402 BID CONFIRM CONFIRM |
| sap -- process_monitoring_infrastructure |
Cross-Site Scripting in Process Monitoring Infrastructure, from 7.10 to 7.11, 7.20, 7.30, 7.31, 7.40, 7.50, due to inefficient encoding of user controlled inputs. | 2018-03-14 | not yet calculated | CVE-2018-2399 BID CONFIRM CONFIRM |
| schedmd -- slurm |
SchedMD Slurm before 17.02.10 and 17.11.x before 17.11.5 allows SQL Injection attacks against SlurmDBD. | 2018-03-15 | not yet calculated | CVE-2018-7033 CONFIRM CONFIRM |
| schneider_electric -- somove_and_dtm_software |
A DLL hijacking vulnerability exists in Schneider Electric's SoMove Software and associated DTM software components in all versions prior to 2.6.2 which could allow an attacker to execute arbitrary code. | 2018-03-09 | not yet calculated | CVE-2018-7239 BID MISC CONFIRM |
| securenvoy -- securmail |
Directory traversal vulnerability in SecurEnvoy SecurMail before 9.2.501 allows remote authenticated users to read e-mail messages to arbitrary recipients via a .. (dot dot) in the filename parameter to secupload2/upload.aspx. | 2018-03-14 | not yet calculated | CVE-2018-7705 FULLDISC EXPLOIT-DB MISC |
| securenvoy -- securmail |
Directory traversal vulnerability in SecurEnvoy SecurMail before 9.2.501 allows remote authenticated users to read arbitrary e-mail messages via a .. (dot dot) in the option2 parameter in an attachment action to secmail/getmessage.exe. | 2018-03-14 | not yet calculated | CVE-2018-7706 FULLDISC EXPLOIT-DB MISC |
| securenvoy -- securmail |
SecurEnvoy SecurMail before 9.2.501 allows remote attackers to spoof transmission of arbitrary e-mail messages, resend e-mail messages to arbitrary recipients, or modify arbitrary message bodies and attachments by leveraging missing authentication and authorization. | 2018-03-14 | not yet calculated | CVE-2018-7702 FULLDISC EXPLOIT-DB MISC |
| securenvoy -- securmail |
SecurEnvoy SecurMail before 9.2.501 allows remote authenticated users to read arbitrary e-mail messages via the option1 parameter in a reply action to secmail/getmessage.exe. | 2018-03-14 | not yet calculated | CVE-2018-7704 FULLDISC EXPLOIT-DB MISC |
| securenvoy -- securmail |
Cross-site scripting (XSS) vulnerability in SecurEnvoy SecurMail before 9.2.501 allows remote attackers to inject arbitrary web script or HTML via an HTML-formatted e-mail message. | 2018-03-14 | not yet calculated | CVE-2018-7707 FULLDISC EXPLOIT-DB MISC |
| securenvoy -- securmail |
Multiple cross-site request forgery (CSRF) vulnerabilities in SecurEnvoy SecurMail before 9.2.501 allow remote attackers to hijack the authentication of arbitrary users for requests that (1) delete e-mail messages via a delete action in a request to secmail/getmessage.exe or (2) spoof arbitrary users and reply to their messages via a request to secserver/securectrl.exe. | 2018-03-14 | not yet calculated | CVE-2018-7701 FULLDISC EXPLOIT-DB MISC |
| securenvoy -- securmail |
Cross-site scripting (XSS) vulnerability in SecurEnvoy SecurMail before 9.2.501 allows remote attackers to inject arbitrary web script or HTML via the mailboxid parameter to secmail/getmessage.exe. | 2018-03-14 | not yet calculated | CVE-2018-7703 FULLDISC EXPLOIT-DB MISC |
| servicenow_itsm -- servicenow_itsm |
ServiceNow ITSM 2016-06-02 has XSS via the First Name or Last Name field of My Profile (aka navpage.do), or the Search bar of My Portal (aka search_results.do). | 2018-03-15 | not yet calculated | CVE-2018-8720 MISC |
| sharutils -- sharutils |
Sharutils sharutils (unshar command) version 4.15.2 contains a Buffer Overflow vulnerability in Affected component on the file unshar.c at line 75, function looks_like_c_code. Failure to perform checking of the buffer containing input line. that can result in Could lead to code execution. This attack appear to be exploitable via Victim have to run unshar command on a specially crafted file.. | 2018-03-12 | not yet calculated | CVE-2018-1000097 BUGTRAQ |
| spacewalk -- spacewalk |
Spacewalk 2.6 contains an API which has an XXE flaw allowing for the disclosure of potentially sensitive information from the server. | 2018-03-14 | not yet calculated | CVE-2018-1077 CONFIRM |
| spice-gtk -- spice-gtk |
A flaw was found in the way spice-client processed certain messages sent from the server. An attacker, having control of malicious spice-server, could use this flaw to crash the client or execute arbitrary code with permissions of the user running the client. spice-gtk versions through 0.34 are believed to be vulnerable. | 2018-03-14 | not yet calculated | CVE-2017-12194 BID CONFIRM |
| spring_security -- spring_security |
Spring Security (Spring Security 4.1.x before 4.1.5, 4.2.x before 4.2.4, and 5.0.x before 5.0.1; and Spring Framework 4.3.x before 4.3.14 and 5.0.x before 5.0.3) does not consider URL path parameters when processing security constraints. By adding a URL path parameter with special encodings, an attacker may be able to bypass a security constraint. The root cause of this issue is a lack of clarity regarding the handling of path parameters in the Servlet Specification. Some Servlet containers include path parameters in the value returned for getPathInfo() and some do not. Spring Security uses the value returned by getPathInfo() as part of the process of mapping requests to security constraints. In this particular attack, different character encodings used in path parameters allows secured Spring MVC static resource URLs to be bypassed. | 2018-03-16 | not yet calculated | CVE-2018-1199 CONFIRM |
| sqlite -- sqlite |
In SQLite through 3.22.0, databases whose schema is corrupted using a CREATE TABLE AS statement could cause a NULL pointer dereference, related to build.c and prepare.c. | 2018-03-16 | not yet calculated | CVE-2018-8740 MISC MISC MISC MISC |
| squirrelmail -- squirrelmail | A directory traversal flaw in SquirrelMail 1.4.22 allows an authenticated attacker to exfiltrate (or potentially delete) files from the hosting server, related to ../ in the att_local_name field in Deliver.class.php. | 2018-03-17 | not yet calculated | CVE-2018-8741 MISC MISC MISC MISC |
| suse -- portus |
The Djelibeybi configuration examples for use of NGINX in SUSE Portus 2.3, when applied to certain configurations involving Docker Compose, have a Missing SSL Certificate Validation issue because no proxy_ssl_* directives are used. | 2018-03-11 | not yet calculated | CVE-2018-8059 MISC |
| teluu_pjsip -- teluu_pjsip |
Teluu PJSIP version 2.7.1 and earlier contains a Integer Overflow vulnerability in pjmedia SDP parsing that can result in Crash. This attack appear to be exploitable via Sending a specially crafted message. This vulnerability appears to have been fixed in 2.7.2. | 2018-03-12 | not yet calculated | CVE-2018-1000098 MISC MISC |
| teluu_pjsip -- teluu_pjsip |
Teluu PJSIP version 2.7.1 and earlier contains a Access of Null/Uninitialized Pointer vulnerability in pjmedia SDP parsing that can result in Crash. This attack appear to be exploitable via Sending a specially crafted message. This vulnerability appears to have been fixed in 2.7.2. | 2018-03-12 | not yet calculated | CVE-2018-1000099 MISC MISC MISC |
| textpattern -- textpattern |
textpattern version version 4.6.2 contains a XML Injection vulnerability in Import XML feature that can result in Denial of service in context to the web server by exhausting server memory resources. This attack appear to be exploitable via Uploading a specially crafted XML file. | 2018-03-13 | not yet calculated | CVE-2018-1000090 MISC |
| textpattern_cms -- textpattern_cms |
An issue was discovered in Textpattern CMS 4.6.2 and earlier. It is possible to inject SQL code in the variable "qty" on the page index.php. | 2018-03-14 | not yet calculated | CVE-2018-7474 FULLDISC EXPLOIT-DB |
| tiny-json-http -- tiny-json-http |
brianleroux tiny-json-http version all versions since commit 9b8e74a232bba4701844e07bcba794173b0238a8 (Oct 29 2016) contains a Missing SSL certificate validation vulnerability in The libraries core functionality is affected. that can result in Exposes the user to man-in-the-middle attacks. | 2018-03-12 | not yet calculated | CVE-2018-1000096 MISC |
| titanhq -- webtitan_gateway |
TitanHQ WebTitan Gateway has incorrect certificate validation for the TLS interception feature. | 2018-03-12 | not yet calculated | CVE-2017-18227 MISC MISC MISC |
| trend_micro -- email_encryption_gateway |
A SQL injection vulnerability in an Trend Micro Email Encryption Gateway 5.5 edit policy script could allow an attacker to execute SQL commands to upload and execute arbitrary code that may harm the target system. | 2018-03-15 | not yet calculated | CVE-2018-6229 CONFIRM MISC EXPLOIT-DB |
| trend_micro -- email_encryption_gateway |
Arbitrary logs location in Trend Micro Email Encryption Gateway 5.5 could allow an attacker to change location of log files and be manipulated to execute arbitrary commands and attain command execution on a vulnerable system. | 2018-03-15 | not yet calculated | CVE-2018-6222 CONFIRM MISC EXPLOIT-DB |
| trend_micro -- email_encryption_gateway |
A SQL injection vulnerability in an Trend Micro Email Encryption Gateway 5.5 search configuration script could allow an attacker to execute SQL commands to upload and execute arbitrary code that may harm the target system. | 2018-03-15 | not yet calculated | CVE-2018-6230 CONFIRM MISC EXPLOIT-DB |
| trend_micro -- email_encryption_gateway |
A stored cross-site scripting (XSS) vulnerability in Trend Micro Email Encryption Gateway 5.5 could allow an attacker to inject client-side scripts into vulnerable systems. | 2018-03-15 | not yet calculated | CVE-2018-6227 CONFIRM MISC EXPLOIT-DB |
| trend_micro -- email_encryption_gateway |
A missing authentication for appliance registration vulnerability in Trend Micro Email Encryption Gateway 5.5 could allow an attacker to manipulate the registration process of the product to reset configuration parameters. | 2018-03-15 | not yet calculated | CVE-2018-6223 CONFIRM MISC EXPLOIT-DB |
| trend_micro -- email_encryption_gateway |
An Insecure Update via HTTP vulnerability in Trend Micro Email Encryption Gateway 5.5 could allow an attacker to eavesdrop and tamper with certain types of update data. | 2018-03-15 | not yet calculated | CVE-2018-6219 CONFIRM MISC EXPLOIT-DB |
| trend_micro -- email_encryption_gateway |
An XML external entity injection (XXE) vulnerability in Trend Micro Email Encryption Gateway 5.5 could allow an authenticated user to expose a normally protected configuration script. | 2018-03-15 | not yet calculated | CVE-2018-6225 CONFIRM MISC EXPLOIT-DB |
| trend_micro -- email_encryption_gateway |
A SQL injection vulnerability in a Trend Micro Email Encryption Gateway 5.5 policy script could allow an attacker to execute SQL commands to upload and execute arbitrary code that may harm the target system. | 2018-03-15 | not yet calculated | CVE-2018-6228 CONFIRM MISC EXPLOIT-DB |
| trend_micro -- email_encryption_gateway |
An arbitrary file write vulnerability in Trend Micro Email Encryption Gateway 5.5 could allow an attacker to inject arbitrary data, which may lead to gaining code execution on vulnerable systems. | 2018-03-15 | not yet calculated | CVE-2018-6220 CONFIRM MISC EXPLOIT-DB |
| trend_micro -- email_encryption_gateway |
A lack of cross-site request forgery (CSRF) protection vulnerability in Trend Micro Email Encryption Gateway 5.5 could allow an attacker to submit authenticated requests to a user browsing an attacker-controlled domain. | 2018-03-15 | not yet calculated | CVE-2018-6224 CONFIRM MISC EXPLOIT-DB |
| trend_micro -- email_encryption_gateway |
An unvalidated software update vulnerability in Trend Micro Email Encryption Gateway 5.5 could allow a man-in-the-middle attacker to tamper with an update file and inject their own. | 2018-03-15 | not yet calculated | CVE-2018-6221 CONFIRM MISC EXPLOIT-DB |
| trend_micro -- email_encryption_gateway |
Reflected cross-site scripting (XSS) vulnerabilities in two Trend Micro Email Encryption Gateway 5.5 configuration files could allow an attacker to inject client-side scripts into vulnerable systems. | 2018-03-15 | not yet calculated | CVE-2018-6226 CONFIRM MISC EXPLOIT-DB |
| trend_micro -- smart_protection_server |
A server auth command injection authentication bypass vulnerability in Trend Micro Smart Protection Server (Standalone) versions 3.3 and below could allow remote attackers to escalate privileges on vulnerable installations. | 2018-03-15 | not yet calculated | CVE-2018-6231 CONFIRM MISC |
| unboundid -- ldap_sdk |
UnboundID LDAP SDK version from commit 801111d8b5c732266a5dbd4b3bb0b6c7b94d7afb up to commit 8471904a02438c03965d21367890276bc25fa5a6, where the issue was reported and fixed contains an Incorrect Access Control vulnerability in process function in SimpleBindRequest class doesn't check for empty password when running in synchronous mode. commit with applied fix https://github.com/pingidentity/ldapsdk/commit/8471904a02438c03965d21367890276bc25fa5a6#diff-f6cb23b459be1ec17df1da33760087fd that can result in Ability to impersonate any valid user. This attack appear to be exploitable via Providing valid username and empty password against servers that do not do additional validation as per https://tools.ietf.org/html/rfc4513#section-5.1.1. This vulnerability appears to have been fixed in after commit 8471904a02438c03965d21367890276bc25fa5a6. | 2018-03-16 | not yet calculated | CVE-2018-1000134 CONFIRM |
| unitrends -- unitrends_backups |
It was discovered that the Unitrends Backup (UB) before 10.1.0 user interface was exposed to an authentication bypass, which then could allow an unauthenticated user to inject arbitrary commands into its /api/hosts parameters using backquotes. | 2018-03-14 | not yet calculated | CVE-2018-6328 CONFIRM CONFIRM |
| unitrends -- unitrends_backups |
It was discovered that the Unitrends Backup (UB) before 10.1.0 libbpext.so authentication could be bypassed with a SQL injection, allowing a remote attacker to place a privilege escalation exploit on the target system and subsequently execute arbitrary commands. | 2018-03-14 | not yet calculated | CVE-2018-6329 CONFIRM CONFIRM |
| vmware -- workstation_and_fusion |
VMware Workstation (14.x before 14.1.1, 12.x) and Fusion (10.x before 10.1.1 and 8.x) contain a denial-of-service vulnerability which can be triggered by opening a large number of VNC sessions. Note: In order for exploitation to be possible on Workstation and Fusion, VNC must be manually enabled. | 2018-03-15 | not yet calculated | CVE-2018-6957 SECTRACK CONFIRM |
| vpn_unlimited -- vpn_unlimited |
VPN Unlimited 4.2.0 for macOS suffers from a root privilege escalation vulnerability in its privileged helper tool. The privileged helper tool implements an XPC interface, which allows arbitrary applications to execute system commands as root. | 2018-03-16 | not yet calculated | CVE-2018-8739 MISC |
| weblog_expert -- web_server_enterprise |
WebLog Expert Web Server Enterprise 9.4 allows Remote Denial Of Service (daemon crash) via a long HTTP Accept Header to TCP port 9991. | 2018-03-09 | not yet calculated | CVE-2018-7582 MISC MISC EXPLOIT-DB |
| weblog_expert -- web_server_enterprise |
\ProgramData\WebLog Expert\WebServer\WebServer.cfg in WebLog Expert Web Server Enterprise 9.4 has weak permissions (BUILTIN\Users:(ID)C), which allows local users to set a cleartext password and login as admin. | 2018-03-09 | not yet calculated | CVE-2018-7581 MISC MISC EXPLOIT-DB |
| webmin -- webmin |
An issue was discovered in Webmin 1.840 and 1.880 when the default Yes setting of "Can view any file as a log file" is enabled. As a result of weak default configuration settings, limited users have full access rights to the underlying Unix system files, allowing the user to read sensitive data from the local system (using Local File Include) such as the '/etc/shadow' file via a "GET /syslog/save_log.cgi?view=1&file=/etc/shadow" request. | 2018-03-14 | not yet calculated | CVE-2018-8712 MISC |
| western_bridge_cobub_razor -- western_bridge_cobub_razor |
A SQL Injection vulnerability exists in Western Bridge Cobub Razor 0.8.0 via the channel_name or platform parameter in a /index.php?/manage/channel/addchannel request, related to /application/controllers/manage/channel.php. | 2018-03-11 | not yet calculated | CVE-2018-8057 MISC MISC |
| western_bridge_cobub_razor -- western_bridge_cobub_razor |
Physical path Leakage exists in Western Bridge Cobub Razor 0.8.0 via an invalid channel_name parameter to /index.php?/manage/channel/addchannel or a direct request to /export.php. | 2018-03-11 | not yet calculated | CVE-2018-8056 MISC MISC |
| wicket -- jquery |
In Wicket jQuery UI 6.28.0 and earlier, 7.9.1 and earlier, and 8.0.0-M8 and earlier, a security issue has been discovered in the WYSIWYG editor that allows an attacker to submit arbitrary JS code to WYSIWYG editor. | 2018-03-12 | not yet calculated | CVE-2017-15719 CONFIRM CONFIRM |
| wolfcms -- wolfcms |
WolfCMS version version 0.8.3.1 contains a Reflected Cross Site Scripting vulnerability in "Create New File" and "Create New Directory" input box from 'files' Tab that can result in Session Hijacking, Spread Worms,Control the browser remotely. . This attack appear to be exploitable via Attacker can execute the JavaScript into the "Create New File" and "Create New Directory" input box from 'files'. | 2018-03-13 | not yet calculated | CVE-2018-1000087 MISC MISC |
| wolfcms -- wolfcms |
WOlfCMS WolfCMS version version 0.8.3.1 contains a Stored Cross-Site Scripting vulnerability in Layout Name (from Layout tab) that can result in low privilege user can steal the cookie of admin user and compromise the admin account. This attack appear to be exploitable via Need to enter the Javascript code into Layout Name . | 2018-03-13 | not yet calculated | CVE-2018-1000084 MISC |
| wordpress -- wordpress |
A local file inclusion issue was discovered in the WooCommerce Products Filter (aka WOOF) plugin before 2.2.0 for WordPress, as demonstrated by the shortcode parameter in a woof_redraw_woof action. The vulnerability is due to the lack of args/input validation on render_html before allowing it to be called by extract(), a PHP built-in function. Because of this, the supplied args/input can be used to overwrite the $pagepath variable, which then could lead to a local file inclusion attack. | 2018-03-14 | not yet calculated | CVE-2018-8711 MISC MISC MISC |
| wordpress -- wordpress |
Pradeep Makone wordpress Support Plus Responsive Ticket System version 9.0.2 and earlier contains a SQL Injection vulnerability in the function to get tickets, the parameter email in cookie was injected that can result in filter the parameter. This attack appear to be exploitable via web site, without login. This vulnerability appears to have been fixed in 9.0.3 and later. | 2018-03-14 | not yet calculated | CVE-2018-1000131 MISC CONFIRM MISC |
| wordpress -- wordpress |
Multiple cross-site scripting (XSS) vulnerabilities in the Activity Log plugin before 2.4.1 for WordPress allow remote attackers to inject arbitrary JavaScript or HTML via a title that is not escaped. | 2018-03-15 | not yet calculated | CVE-2018-8729 MISC MISC MISC MISC |
| wordpress -- wordpress |
A remote code execution issue was discovered in the WooCommerce Products Filter (aka WOOF) plugin before 2.2.0 for WordPress, as demonstrated by the shortcode parameter in a woof_redraw_woof action. The plugin implemented a page redraw AJAX function accessible to anyone without any authentication. WordPress shortcode markup in the "shortcode" parameters would be evaluated. Normally unauthenticated users can't evaluate shortcodes as they are often sensitive. | 2018-03-14 | not yet calculated | CVE-2018-8710 MISC MISC MISC |
| xpdf -- xpdf |
The JBIG2Stream::readGenericBitmap function in JBIG2Stream.cc in xpdf 4.00 allows attackers to launch denial of service (heap-based buffer over-read and application crash) via a specific pdf file, as demonstrated by pdftohtml. | 2018-03-13 | not yet calculated | CVE-2018-8103 MISC |
| xpdf -- xpdf |
The BufStream::lookChar function in Stream.cc in xpdf 4.00 allows attackers to launch denial of service (heap-based buffer over-read and application crash) via a specific pdf file, as demonstrated by pdftohtml. | 2018-03-13 | not yet calculated | CVE-2018-8104 MISC |
| xpdf -- xpdf |
The JBIG2MMRDecoder::getBlackCode function in JBIG2Stream.cc in xpdf 4.00 allows attackers to launch denial of service (buffer over-read and application crash) via a specific pdf file, as demonstrated by pdftohtml. | 2018-03-13 | not yet calculated | CVE-2018-8102 MISC |
| yzmcms -- yzmcms |
YzmCMS 3.7 has Stored XSS via the title parameter to advertisement/adver/edit.html. | 2018-03-13 | not yet calculated | CVE-2018-8078 MISC |
| zenmate -- zenmate |
ZenMate 1.5.4 for macOS suffers from a type confusion vulnerability within the com.zenmate.chron-xpc LaunchDaemon component. The LaunchDaemon implements an XPC service that uses an insecure XPC API for accessing data from an inbound XPC message. This could potentially result in an XPC object of the wrong type being passed as the first argument to the xpc_connection_create_from_endpoint function if controlled by an attacker. In recent versions of macOS and OS X, Apple has implemented an internal check to prevent such XPC API abuse from occurring, thus making this vulnerability only result in a denial of service if exploited by an attacker. | 2018-03-15 | not yet calculated | CVE-2018-8076 MISC |
| zoho -- manageengine_desktop_central |
Zoho ManageEngine Desktop Central version 9.1.0 build 91099 has multiple XSS issues that were fixed in build 92026. | 2018-03-15 | not yet calculated | CVE-2018-8722 CONFIRM |
| zoho -- manageengine_eventlog_analyzer |
Zoho ManageEngine EventLog Analyzer version 11.0 build 11000 has Stored XSS related to the index2.do?url=editAlertForm&tab=alert&alert=profile URI and the Edit Alert Profile screen | 2018-03-15 | not yet calculated | CVE-2018-8721 BID CONFIRM |
| zoho -- manageengine_eventlog_analyzer |
Cross-site scripting (XSS) in Zoho ManageEngine EventLog Analyzer before 11.12 Build 11120 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 2018-03-13 | not yet calculated | CVE-2018-7405 CONFIRM CONFIRM |
| zsh -- zsh |
zsh through version 5.4.2 is vulnerable to a stack-based buffer overflow in the exec.c:hashcmd() function. A local attacker could exploit this to cause a denial of service. | 2018-03-09 | not yet calculated | CVE-2018-1071 BID CONFIRM |
'IT 와 Social 이야기' 카테고리의 다른 글
| [US-CERT: Bulletin(SB18-085)] 2018년 3월 19일까지 발표된 보안 취약점 (0) | 2018.03.27 |
|---|---|
| [NIA] EU의 인공지능 신규제메카니즘: 설명가능 인공지능(XAI) (0) | 2018.03.26 |
| [kotra] 머신러닝 서비스시장 전망 - 김경민 미국 실리콘밸리 무역관 (0) | 2018.03.19 |
| [kotra] 미국 웨어러블 디바이스 시장 동향 - 이지연 미국 시카고 무역관 (0) | 2018.03.19 |
| [iitp] 소니, 사내 AI 인재 양성을 위한 딥러닝 도구(NNL, NNC) 공개 (0) | 2018.03.14 |
