U.S. Flag Official website of the Department of Homeland Security
TLP:WHITE

Bulletin (SB19-098)

Vulnerability Summary for the Week of April 1, 2019

Original release date: April 08, 2019 | Last revised: April 17, 2019

The US-CERT Cyber Security Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD) in the past week. The NVD is sponsored by the Department of Homeland Security (DHS) National Cybersecurity and Communications Integration Center (NCCIC) / United States Computer Emergency Readiness Team (US-CERT). For modified or updated entries, please visit the NVD, which contains historical vulnerability information.

The vulnerabilities are based on the CVE vulnerability naming standard and are organized according to severity, determined by the Common Vulnerability Scoring System (CVSS) standard. The division of high, medium, and low severities correspond to the following scores:

  • High - Vulnerabilities will be labeled High severity if they have a CVSS base score of 7.0 - 10.0

  • Medium - Vulnerabilities will be labeled Medium severity if they have a CVSS base score of 4.0 - 6.9

  • Low - Vulnerabilities will be labeled Low severity if they have a CVSS base score of 0.0 - 3.9

Entries may include additional information provided by organizations and efforts sponsored by US-CERT. This information may include identifying information, values, definitions, and related links. Patch information is provided when available. Please note that some of the information in the bulletins is compiled from external, open source reports and is not a direct result of US-CERT analysis.

The NCCIC Weekly Vulnerability Summary Bulletin is created using information from the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD). In some cases, the vulnerabilities in the bulletin may not yet have assigned CVSS scores. Please visit NVD for updated vulnerability entries, which include CVSS scores once they are available.

 

High Vulnerabilities

Primary
Vendor -- Product
DescriptionPublishedCVSS ScoreSource & Patch Info
74cms -- 74cmsApplication/Admin/Controller/ConfigController.class.php in 74cms v5.0.1 allows remote attackers to execute arbitrary PHP code via the index.php?m=Admin&c=config&a=edit site_domain parameter.2019-04-017.5CVE-2019-10684
MISC
advantech -- webaccessAdvantech WebAccess/SCADA, Versions 8.3.5 and prior. Multiple stack-based buffer overflow vulnerabilities, caused by a lack of proper validation of the length of user-supplied data, may allow remote code execution.2019-04-057.5CVE-2019-6550
MISC
advantech -- webaccessAdvantech WebAccess/SCADA, Versions 8.3.5 and prior. Multiple command injection vulnerabilities, caused by a lack of proper validation of user-supplied data, may allow remote code execution.2019-04-057.5CVE-2019-6552
MISC
airsonic -- airsonicXXE issue in Airsonic before 10.1.2 during parse.2019-04-047.5CVE-2018-20222
CONFIRM
CONFIRM
apple -- icloudA memory corruption issue was addressed with improved memory handling. This issue affected versions prior to iOS 12, macOS Mojave 10.14, tvOS 12, watchOS 5, iTunes 12.9 for Windows, iCloud for Windows 7.7.2019-04-039.3CVE-2018-4126
MISC
MISC
MISC
MISC
MISC
MISC
MISC
apple -- iphone_osA memory corruption issue was addressed with improved memory handling. This issue affected versions prior to iOS 11.4.1.2019-04-039.3CVE-2018-4327
MISC
apple -- iphone_osA memory corruption issue was addressed with improved memory handling. This issue affected versions prior to iOS 12, macOS Mojave 10.14, tvOS 12, watchOS 5.2019-04-0310.0CVE-2018-4331
MISC
MISC
MISC
MISC
MISC
apple -- iphone_osA memory corruption issue was addressed with improved memory handling. This issue affected versions prior to iOS 12, macOS Mojave 10.14, tvOS 12, watchOS 5.2019-04-0310.0CVE-2018-4332
MISC
MISC
MISC
MISC
apple -- iphone_osA memory corruption issue was addressed with improved memory handling. This issue affected versions prior to iOS 12, macOS Mojave 10.14, tvOS 12, watchOS 5.2019-04-039.3CVE-2018-4336
MISC
MISC
MISC
MISC
apple -- iphone_osA memory corruption issue was addressed with improved memory handling. This issue affected versions prior to iOS 12, macOS Mojave 10.14, tvOS 12, watchOS 5.2019-04-039.3CVE-2018-4337
MISC
MISC
MISC
MISC
apple -- iphone_osA memory corruption issue was addressed with improved memory handling. This issue affected versions prior to iOS 12, macOS Mojave 10.14, tvOS 12, watchOS 5.2019-04-039.3CVE-2018-4340
MISC
MISC
MISC
MISC
MISC
apple -- iphone_osA memory corruption issue was addressed with improved memory handling. This issue affected versions prior to iOS 12, macOS Mojave 10.14, tvOS 12, watchOS 5.2019-04-039.3CVE-2018-4343
MISC
MISC
MISC
MISC
apple -- iphone_osA memory corruption issue was addressed with improved memory handling. This issue affected versions prior to iOS 12, macOS Mojave 10.14, tvOS 12, watchOS 5.2019-04-039.3CVE-2018-4344
MISC
MISC
MISC
MISC
apple -- iphone_osAn input validation issue existed in the kernel. This issue was addressed with improved input validation. This issue affected versions prior to iOS 12, tvOS 12, watchOS 5.2019-04-037.1CVE-2018-4363
MISC
MISC
MISC
apple -- iphone_osA memory corruption issue was addressed with improved input validation. This issue affected versions prior to iOS 12.1.2019-04-037.5CVE-2018-4367
MISC
apple -- iphone_osA memory corruption issue was addressed with improved state management. This issue affected versions prior to iOS 12, macOS Mojave 10.14, tvOS 12, watchOS 5.2019-04-039.3CVE-2018-4383
MISC
MISC
MISC
MISC
apple -- iphone_osA memory corruption issue was addressed with improved memory handling. This issue affected versions prior to iOS 12, macOS Mojave 10.14, tvOS 12, watchOS 5.2019-04-039.3CVE-2018-4401
MISC
MISC
MISC
MISC
MISC
apple -- iphone_osA memory corruption issue was addressed with improved input validation This issue affected versions prior to iOS 12, macOS Mojave 10.14, tvOS 12, watchOS 5.2019-04-039.3CVE-2018-4408
MISC
MISC
MISC
MISC
MISC
apple -- iphone_osA memory initialization issue was addressed with improved memory handling. This issue affected versions prior to iOS 12.1, macOS Mojave 10.14.1, tvOS 12.1, watchOS 5.1.2019-04-037.1CVE-2018-4413
MISC
MISC
MISC
MISC
apple -- iphone_osA memory corruption issue was addressed with improved memory handling. This issue affected versions prior to iOS 12.1, macOS Mojave 10.14.1, tvOS 12.1, watchOS 5.1.2019-04-039.3CVE-2018-4419
MISC
MISC
MISC
MISC
apple -- iphone_osA memory corruption issue was addressed by removing the vulnerable code. This issue affected versions prior to iOS 12.1, macOS Mojave 10.14.1, tvOS 12.1, watchOS 5.1.2019-04-039.3CVE-2018-4420
MISC
MISC
MISC
MISC
apple -- iphone_osA memory corruption issue was addressed with improved memory handling. This issue affected versions prior to iOS 12, macOS Mojave 10.14, tvOS 12, watchOS 5.2019-04-039.3CVE-2018-4425
MISC
MISC
MISC
MISC
MISC
apple -- iphone_osA memory corruption issue was addressed with improved memory handling. This issue affected versions prior to iOS 12, macOS Mojave 10.14, tvOS 12, watchOS 5.2019-04-039.3CVE-2018-4426
MISC
MISC
MISC
MISC
MISC
apple -- iphone_osA memory corruption issue was addressed with improved memory handling. This issue affected versions prior to: iOS 12.1, watchOS 5.1.2, tvOS 12.1.1, macOS High Sierra 10.13.6 Security Update 2018-003 High Sierra, macOS Sierra 10.12.6 Security Update 2018-006.2019-04-039.3CVE-2018-4427
MISC
MISC
MISC
MISC
apple -- iphone_osA memory corruption issue was addressed with improved state management. This issue affected versions prior to iOS 12.1.1, macOS Mojave 10.14.2, tvOS 12.1.1, watchOS 5.1.2.2019-04-039.3CVE-2018-4447
MISC
MISC
MISC
MISC
apple -- iphone_osA memory corruption issue was addressed with improved input validation. This issue affected versions prior to iOS 12.1.1, macOS Mojave 10.14.2, tvOS 12.1.1, watchOS 5.1.2.2019-04-039.3CVE-2018-4461
MISC
MISC
MISC
MISC
apple -- iphone_osA memory corruption issue was addressed with improved memory handling. This issue affected versions prior to iOS 12.1.1, macOS Mojave 10.14.2, tvOS 12.1.1, watchOS 5.1.2.2019-04-039.3CVE-2018-4465
MISC
MISC
apple -- mac_os_xA configuration issue was addressed with additional restrictions. This issue affected versions prior to macOS X El Capitan 10.11.6 Security Update 2018-002, macOS Sierra 10.12.6 Security Update 2018-002, macOS High Sierra 10.13.2.2019-04-039.3CVE-2017-13911
MISC
MISC
apple -- mac_os_xMultiple memory corruption issues were addressed with improved memory handling. This issue affected versions prior to macOS High Sierra 10.13.6.2019-04-0310.0CVE-2018-4259
MISC
MISC
apple -- mac_os_xA memory corruption issue was addressed with improved memory handling. This issue affected versions prior to macOS High Sierra 10.13.6.2019-04-0310.0CVE-2018-4268
MISC
apple -- mac_os_xA type confusion issue was addressed with improved memory handling. This issue affected versions prior to macOS High Sierra 10.13.6.2019-04-039.3CVE-2018-4285
MISC
apple -- mac_os_xMultiple memory corruption issues were addressed with improved memory handling. This issue affected versions prior to macOS High Sierra 10.13.6.2019-04-0310.0CVE-2018-4286
MISC
MISC
apple -- mac_os_xMultiple memory corruption issues were addressed with improved memory handling. This issue affected versions prior to macOS High Sierra 10.13.6.2019-04-0310.0CVE-2018-4287
MISC
MISC
apple -- mac_os_xMultiple memory corruption issues were addressed with improved memory handling. This issue affected versions prior to macOS High Sierra 10.13.6.2019-04-0310.0CVE-2018-4288
MISC
MISC
apple -- mac_os_xAn information disclosure issue was addressed by removing the vulnerable code. This issue affected versions prior to macOS High Sierra 10.13.6.2019-04-037.1CVE-2018-4289
MISC
apple -- mac_os_xMultiple memory corruption issues were addressed with improved memory handling. This issue affected versions prior to macOS High Sierra 10.13.6.2019-04-0310.0CVE-2018-4291
MISC
MISC
apple -- mac_os_xAn input validation issue was addressed with improved input validation. This issue affected versions prior to macOS Mojave 10.14.2019-04-037.5CVE-2018-4295
MISC
MISC
apple -- mac_os_xA memory corruption issue was addressed with improved memory handling. This issue affected versions prior to macOS Mojave 10.14.2019-04-039.3CVE-2018-4334
MISC
MISC
apple -- mac_os_xA memory corruption issue was addressed with improved input validation. This issue affected versions prior to macOS Mojave 10.14.2019-04-039.3CVE-2018-4350
MISC
MISC
apple -- mac_os_xA memory corruption issue was addressed with improved memory handling. This issue affected versions prior to macOS Mojave 10.14.2019-04-039.3CVE-2018-4393
MISC
MISC
apple -- mac_os_xA memory corruption issue was addressed with improved memory handling. This issue affected versions prior to macOS Mojave 10.14.1.2019-04-039.3CVE-2018-4402
MISC
apple -- mac_os_xA memory corruption issue was addressed with improved input validation. This issue affected versions prior to macOS Mojave 10.14.1.2019-04-039.3CVE-2018-4410
MISC
apple -- mac_os_xA memory corruption issue was addressed with improved memory handling. This issue affected versions prior to macOS Mojave 10.14.1.2019-04-039.3CVE-2018-4415
MISC
apple -- mac_os_xA memory initialization issue was addressed with improved memory handling. This issue affected versions prior to macOS Mojave 10.14.1.2019-04-039.3CVE-2018-4421
MISC
MISC
apple -- mac_os_xA memory corruption issue was addressed with improved memory handling. This issue affected versions prior to macOS Mojave 10.14.1.2019-04-039.3CVE-2018-4422
MISC
apple -- mac_os_xA buffer overflow was addressed with improved size validation. This issue affected versions prior to macOS Mojave 10.14.1.2019-04-039.3CVE-2018-4424
MISC
apple -- mac_os_xA memory corruption issue was addressed with improved memory handling. This issue affected versions prior to macOS Mojave 10.14.2.2019-04-039.3CVE-2018-4449
MISC
apple -- mac_os_xA memory corruption issue was addressed with improved memory handling. This issue affected versions prior to macOS Mojave 10.14.2.2019-04-039.3CVE-2018-4450
MISC
apple -- mac_os_xA memory corruption issue was addressed with improved input validation. This issue affected versions prior to macOS High Sierra 10.13.6, macOS Mojave 10.14.2019-04-039.3CVE-2018-4456
MISC
MISC
MISC
apple -- mac_os_xA memory corruption issue was addressed with improved memory handling. This issue affected versions prior to macOS Mojave 10.14.2.2019-04-039.3CVE-2018-4463
MISC
apple -- xcodeA memory corruption issue was addressed with improved input validation. This issue affected versions prior to Xcode 10.2019-04-039.3CVE-2018-4357
MISC
audiocodes -- 420hd_ip_phone_firmwareAn issue was discovered on AudioCodes 450HD IP Phone devices with firmware 3.0.0.535.106. The traceroute and ping functionality, which uses a parameter in a request to command.cgi from the Monitoring page in the web UI, unsafely puts user-alterable data directly into an OS command, leading to Remote Code Execution via shell metacharacters in the query string.2019-04-019.0CVE-2018-5757
MISC
axiomsl -- axiomAxiomSL's Axiom java applet module (used for editing uploaded Excel files and associated Java RMI services) 9.5.3 and earlier allows remote attackers to (1) access data of other basic users through arbitrary SQL commands, (2) perform a horizontal and vertical privilege escalation, (3) cause a Denial of Service on global application, or (4) write/read/delete arbitrary files on server hosting the application.2019-04-037.5CVE-2015-5463
MISC
canonical -- ubuntu_linuxIn the Linux Kernel before versions 4.20.8 and 4.19.21 a use-after-free error in the "sctp_sendmsg()" function (net/sctp/socket.c) when handling SCTP_SENDALL flag can be exploited to corrupt memory.2019-04-017.2CVE-2019-8956
MISC
MISC
MISC
MISC
UBUNTU
UBUNTU
cobub -- razorWestern Bridge Cobub Razor 0.8.0 has a file upload vulnerability via the web/assets/swf/uploadify.php URI, as demonstrated by a .php file with the image/jpeg content type.2019-03-297.5CVE-2019-10276
MISC
MISC
ctrip -- apolloAn SSRF vulnerability was found in an API from Ctrip Apollo through 1.4.0-SNAPSHOT. An attacker may use it to do an intranet port scan or raise a GET request via /system-info/health because the %23 substring is mishandled.2019-04-017.5CVE-2019-10686
MISC
dell -- emc_networkerEMC NetWorker may potentially be vulnerable to an unauthenticated remote code execution vulnerability in the Networker Client execution service (nsrexecd) when oldauth authentication method is used. An unauthenticated remote attacker could send arbitrary commands via RPC service to be executed on the host system with the privileges of the nsrexecd service, which runs with administrative privileges.2019-04-0110.0CVE-2017-8023
BID
MISC
dlink -- dsl-3782_firmwareAn issue was discovered on D-Link DSL-3782 devices with firmware 1.01. An OS command injection vulnerability in Acl.asp allows a remote authenticated attacker to execute arbitrary OS commands via the ScrIPaddrEndTXT parameter.2019-04-019.0CVE-2018-17990
MISC
gog -- galaxyAn exploitable local privilege elevation vulnerability exists in the file system permissions of GOG Galaxy's install directory. An attacker can overwrite an executable that is launched as a system service on boot by default to exploit this vulnerability and execute arbitrary code with system privileges.2019-04-027.2CVE-2018-3974
MISC
gog -- galaxyAn exploitable local privilege elevation vulnerability exists in the file system permissions of GOG Galaxy's ?Games? directory, version 1.2.48.36 (Windows 64-bit Installer). An attacker can overwrite executables of installed games to exploit this vulnerability and execute arbitrary code with elevated privileges.2019-04-027.2CVE-2018-4049
MISC
gog -- galaxyAn exploitable local privilege escalation vulnerability exists in the privileged helper tool of GOG Galaxy's Games, version 1.2.47 for macOS. An attacker can globally adjust folder permissions leading to execution of arbitrary code with elevated privileges.2019-04-017.2CVE-2018-4050
CONFIRM
grandstream -- gac2500_firmwareGrandstream GAC2500 1.0.3.35, GXP2200 1.0.3.27, GVC3202 1.0.3.51, GXV3275 before 1.0.3.219 Beta, and GXV3240 before 1.0.3.219 Beta devices allow unauthenticated remote code execution via shell metacharacters in a /manager?action=getlogcat priority field, in conjunction with a buffer overflow (via the phonecookie cookie) to overwrite a data structure and consequently bypass authentication. This can be exploited remotely or via CSRF because the cookie can be placed in an Accept HTTP header in an XMLHttpRequest call to lighttpd.2019-03-307.5CVE-2019-10655
MISC
MISC
grandstream -- gxp1610_firmwareA Malformed Input String to /cgi-bin/delete_CA on Grandstream GXP16xx VoIP 1.0.4.128 phones allows attackers to delete configuration parameters and gain admin access to the device.2019-04-017.5CVE-2018-17564
MISC
MISC
grandstream -- gxp1610_firmwareShell Metacharacter Injection in the SSH configuration interface on Grandstream GXP16xx VoIP 1.0.4.128 phones allows attackers to execute arbitrary system commands and gain a root shell.2019-04-0110.0CVE-2018-17565
MISC
MISC
ibm -- db2IBM DB2 9.7, 10.1, 10.5, and 11.1 libdb2e.so.1 is vulnerable to a stack based buffer overflow, caused by improper bounds checking which could allow an attacker to execute arbitrary code. IBM X-Force ID: 153316.2019-04-037.2CVE-2018-1936
XF
CONFIRM
ibm -- db2IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, and 11.1 is vulnerable to a buffer overflow, which could allow an authenticated local attacker to execute arbitrary code on the system as root. IBM X-Force ID: 155892.2019-04-037.2CVE-2019-4014
XF
CONFIRM
ibm -- security_privileged_identity_managerIBM Security Privileged Identity Manager Virtual Appliance 2.2.1 could allow a remote authenticated attacker to execute arbitrary commands on the system. By sending a specially-crafted request, an attacker could exploit this vulnerability to execute arbitrary commands on the system. IBM X-Force ID: 144580.2019-04-029.0CVE-2018-1640
CONFIRM
XF
mitel -- cmg_suiteThe BluStar component in Mitel InAttend before 2.5 SP3 and CMG before 8.4 SP3 Suite Servers has a default password, which could allow remote attackers to gain unauthorized access and execute arbitrary scripts with potential impacts to the confidentiality, integrity and availability of the system.2019-04-0210.0CVE-2018-19275
CONFIRM
CONFIRM
mkcms_project -- mkcmsMKCMS V5.0 has SQL injection via the bplay.php play parameter.2019-04-027.5CVE-2019-10707
MISC
oisf -- libhtphtp_parse_authorization_digest in htp_parsers.c in LibHTP 0.5.26 allows remote attackers to cause a heap-based buffer over-read via an authorization digest header.2019-04-047.5CVE-2018-10243
CONFIRM
overit -- geocallAn issue was discovered in OverIT Geocall 6.3 before build 2:346977. Weak authentication and session management allows an authenticated user to obtain access to the Administrative control panel and execute administrative functions.2019-04-019.0CVE-2019-5890
MISC
plataformatec -- devisePlataformatec Devise version 4.5.0 and earlier, using the lockable module contains a CWE-367 vulnerability in The `Devise::Models::Lockable` class, more specifically at the `#increment_failed_attempts` method. File location: lib/devise/models/lockable.rb that can result in Multiple concurrent requests can prevent an attacker from being blocked on brute force attacks. This attack appear to be exploitable via Network connectivity - brute force attacks. This vulnerability appears to have been fixed in 4.6.0 and later.2019-04-037.5CVE-2019-5421
MISC
MISC
postgresql -- postgresqlIn PostgreSQL 9.3 through 11.2, the "COPY TO/FROM PROGRAM" function allows superusers and users in the 'pg_read_server_files' group to execute arbitrary code in the context of the database's operating system user. This functionality is enabled by default and can be abused to run arbitrary operating system commands on Windows, Linux, and macOS.2019-04-019.0CVE-2019-9193
MISC
MISC
provisio -- sitekioskAn elevation of privilege vulnerability exists in the Call Dispatcher in Provisio SiteKiosk before 9.7.4905.2019-03-297.5CVE-2018-18766
CONFIRM
qualcomm -- mdm9150_firmwareUndefined behavior in UE while processing unknown IEI in OTA message in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables in MDM9150, MDM9206, MDM9607, MDM9640, MDM9650, MDM9655, MSM8909W, MSM8996AU, QCS605, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 625, SD 632, SD 636, SD 650/52, SD 675, SD 712 / SD 710 / SD 670, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 855, SDA660, SDM439, SDM630, SDM660, SDX20, SM7150, Snapdragon_High_Med_2016, SXR11302019-04-047.2CVE-2018-11966
CONFIRM
qualcomm -- mdm9150_firmwarekernel could return a received message length higher than expected, which leads to buffer overflow in a subsequent operation and stops normal operation in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables, in MDM9150, MDM9206, MDM9607, MDM9650, MSM8909W, QCS605, Qualcomm 215, SD 425, SD 439 / SD 429, SD 450, SD 625, SD 632, SD 675, SD 712 / SD 710 / SD 670, SD 820A, SD 835, SD 845 / SD 850, SD 855, SDM439, SDX24, SM71502019-04-047.2CVE-2018-13918
CONFIRM
qualcomm -- mdm9206_firmwareImproper input validation in QCPE create function may lead to integer overflow in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile in MDM9206, MDM9607, MDM9650, MDM9655, MSM8996AU, SD 410/12, SD 820A2019-04-047.2CVE-2018-11830
CONFIRM
qualcomm -- mdm9206_firmwareTZ App dynamic allocations not protected from XBL loader in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile in MDM9206, MDM9607, MDM9650, MDM9655, QCS605, SD 410/12, SD 636, SD 712 / SD 710 / SD 670, SD 845 / SD 850, SD 8CX, SDA660, SDM630, SDM660, SXR11302019-04-047.2CVE-2018-11970
CONFIRM
robocode_project -- robocodeRobocode through 1.9.3.5 allows remote attackers to cause external service interaction (DNS), as demonstrated by a query for a unique subdomain name within an attacker-controlled DNS zone, because of a .openStream call within java.net.URL.2019-03-307.5CVE-2019-10648
MISC
MISC
s-cms -- s-cmsS-CMS PHP v1.0 has SQL injection via the 4/js/scms.php?action=unlike id parameter.2019-04-027.5CVE-2019-10708
MISC
salesagility -- suitecrmSuiteCRM before 7.8.28, 7.9.x and 7.10.x before 7.10.15, and 7.11.x before 7.11.3 allows SQL Injection.2019-04-027.5CVE-2019-6506
CONFIRM
CONFIRM
CONFIRM
CONFIRM
sony -- neural_network_librariesnbla/logger.cpp in libnnabla.a in Sony Neural Network Libraries (aka nnabla) through v1.0.14 relies on the HOME environment variable, which might be untrusted.2019-04-047.5CVE-2019-10844
MISC
suricata-ids -- suricataSuricata version 4.0.4 incorrectly handles the parsing of an EtherNet/IP PDU. A malformed PDU can cause the parsing code to read beyond the allocated data because DecodeENIPPDU in app-layer-enip-commmon.c has an integer overflow during a length check.2019-04-047.5CVE-2018-10244
CONFIRM
teeworlds -- teeworldsIn Teeworlds 0.7.2, there is an integer overflow in CMap::Load() in engine/shared/map.cpp that can lead to a buffer overflow, because multiplication of width and height is mishandled.2019-04-057.5CVE-2019-10877
MISC
teeworlds -- teeworldsIn Teeworlds 0.7.2, there is a failed bounds check in CDataFileReader::GetData() and CDataFileReader::ReplaceData() and related functions in engine/shared/datafile.cpp that can lead to an arbitrary free and out-of-bounds pointer write, possibly resulting in remote code execution.2019-04-057.5CVE-2019-10878
MISC
teeworlds -- teeworldsIn Teeworlds 0.7.2, there is an integer overflow in CDataFileReader::Open() in engine/shared/datafile.cpp that can lead to a buffer overflow and possibly remote code execution, because size-related multiplications are mishandled.2019-04-057.5CVE-2019-10879
MISC
tongda2000 -- office_anywhereAn issue was discovered in TONGDA Office Anywhere 10.18.190121. There is a SQL Injection vulnerability via the general/approve_center/list/input_form/work_handle.php run_id parameter.2019-04-027.5CVE-2019-9759
MISC
ultimatemember -- ultimate_memberA CSRF vulnerability in a logged-in user's profile edit form in the Ultimate Member plugin before 2.0.40 for WordPress allows attackers to become admin and subsequently extract sensitive information and execute arbitrary code. This occurs because the attacker can change the e-mail address in the administrator profile, and then the attacker is able to reset the administrator password using the WordPress "password forget" form.2019-04-039.3CVE-2019-10673
MISC
zzzcms -- zzzphpZZZCMS zzzphp v1.6.3 allows remote attackers to execute arbitrary PHP code via a .php URL in the plugins/ueditor/php/controller.php?action=catchimage source[] parameter because of a lack of inc/zzz_file.php restrictions. For example, source%5B%5D=http%3A%2F%2F192.168.0.1%2Ftest.php can be used if the 192.168.0.1 web server sends the contents of a .php file (i.e., it does not interpret a .php file).2019-03-307.5CVE-2019-10647
MISC
Back to top

 

Medium Vulnerabilities

Primary
Vendor -- Product
DescriptionPublishedCVSS ScoreSource & Patch Info
3m -- detcon_sitewatch_gatewayDetcon Sitewatch Gateway, all versions without cellular, Passwords are presented in plaintext in a file that is accessible without authentication.2019-04-025.0CVE-2017-6047
MISC
3m -- detcon_sitewatch_gatewayDetcon Sitewatch Gateway, all versions without cellular, an attacker can edit settings on the device using a specially crafted URL.2019-04-025.0CVE-2017-6049
MISC
abine -- blurAbine Blur 7.8.2431 allows remote attackers to conduct "Second-Factor Auth Bypass" attacks by using the "Perform a right-click operation to access a forgotten dev menu to insert user passwords that otherwise would require the user to accept a second-factor request in a mobile app." approach, related to a "Multifactor Auth Bypass, Full Disk Encryption Bypass" issue affecting the Affected Chrome Plugin component.2019-03-295.0CVE-2019-6481
MISC
FULLDISC
MISC
MISC
advantech -- webaccessAdvantech WebAccess/SCADA, Versions 8.3.5 and prior. An improper access control vulnerability may allow an attacker to cause a denial-of-service condition.2019-04-055.0CVE-2019-6554
MISC
apple -- icloudMultiple memory corruption issues were addressed with improved memory handling. This issue affected versions prior to iOS 11.3, tvOS 11.3, watchOS 4.3, Safari 11.1, iTunes 12.7.4 for Windows, iCloud for Windows 7.4.2019-04-036.8CVE-2018-4145
MISC
MISC
MISC
MISC
MISC
MISC
MISC
apple -- icloudA memory corruption issue was addressed with improved validation. This issue affected versions prior to iOS 12, tvOS 12, watchOS 5, Safari 12, iTunes 12.9 for Windows, iCloud for Windows 7.7.2019-04-036.8CVE-2018-4191
MISC
MISC
MISC
MISC
MISC
MISC
apple -- icloudA use after free issue was addressed with improved memory management. This issue affected versions prior to iOS 12, tvOS 12, Safari 12, iTunes 12.9 for Windows, iCloud for Windows 7.7.2019-04-036.8CVE-2018-4197
MISC
MISC
MISC
MISC
MISC
apple -- icloudMultiple memory corruption issues were addressed with improved memory handling. This issue affected versions prior to iOS 11.4.1, tvOS 11.4.1, Safari 11.1.2, iTunes 12.8 for Windows, iCloud for Windows 7.6.2019-04-036.8CVE-2018-4261
MISC
MISC
MISC
MISC
MISC
apple -- icloudMultiple memory corruption issues were addressed with improved memory handling. This issue affected versions prior to iOS 11.4.1, tvOS 11.4.1, Safari 11.1.2, iTunes 12.8 for Windows, iCloud for Windows 7.6.2019-04-036.8CVE-2018-4263
MISC
MISC
MISC
MISC
MISC
apple -- icloudMultiple memory corruption issues were addressed with improved memory handling. This issue affected versions prior to iOS 11.4.1, tvOS 11.4.1, watchOS 4.3.2, Safari 11.1.2, iTunes 12.8 for Windows, iCloud for Windows 7.6.2019-04-036.8CVE-2018-4264
MISC
MISC
MISC
MISC
MISC
MISC
apple -- icloudMultiple memory corruption issues were addressed with improved memory handling. This issue affected versions prior to iOS 11.4.1, tvOS 11.4.1, Safari 11.1.2, iTunes 12.8 for Windows, iCloud for Windows 7.6.2019-04-036.8CVE-2018-4265
MISC
MISC
MISC
MISC
MISC
apple -- icloudA race condition was addressed with additional validation. This issue affected versions prior toiVersions prior to: OS 11.4.1, tvOS 11.4.1, watchOS 4.3.2, Safari 11.1.2, iTunes 12.8 for Windows, iCloud for Windows 7.6.2019-04-034.3CVE-2018-4266
MISC
MISC
MISC
MISC
MISC
MISC
apple -- icloudMultiple memory corruption issues were addressed with improved memory handling. This issue affected versions prior to iOS 11.4.1, tvOS 11.4.1, Safari 11.1.2, iTunes 12.8 for Windows, iCloud for Windows 7.6.2019-04-036.8CVE-2018-4267
MISC
MISC
MISC
MISC
MISC
apple -- icloudA memory corruption issue was addressed with improved input validation. This issue affected versions prior to iOS 11.4.1, macOS High Sierra 10.13.6, tvOS 11.4.1, watchOS 4.3.2, iTunes 12.8 for Windows, iCloud for Windows 7.6.2019-04-036.8CVE-2018-4269
MISC
MISC
MISC
MISC
apple -- icloudA memory corruption issue was addressed with improved memory handling. This issue affected versions prior to iOS 11.4.1, tvOS 11.4.1, watchOS 4.3.2, Safari 11.1.2, iTunes 12.8 for Windows, iCloud for Windows 7.6.2019-04-034.3CVE-2018-4270
MISC
MISC
MISC
MISC
MISC
MISC
apple -- icloudMultiple memory corruption issues were addressed with improved input validation. This issue affected versions prior to iOS 11.4.1, tvOS 11.4.1, watchOS 4.3.2, Safari 11.1.2, iTunes 12.8 for Windows, iCloud for Windows 7.6.2019-04-034.3CVE-2018-4271
MISC
MISC
MISC
MISC
MISC
MISC
apple -- icloudMultiple memory corruption issues were addressed with improved memory handling. This issue affected versions prior to iOS 11.4.1, tvOS 11.4.1, watchOS 4.3.2, Safari 11.1.2, iTunes 12.8 for Windows, iCloud for Windows 7.6.2019-04-036.8CVE-2018-4272
MISC
MISC
MISC
MISC
MISC
MISC
apple -- icloudMultiple memory corruption issues were addressed with improved input validation. This issue affected versions prior to iOS 11.4.1, tvOS 11.4.1, watchOS 4.3.2, Safari 11.1.2, iTunes 12.8 for Windows, iCloud for Windows 7.6.2019-04-034.3CVE-2018-4273
MISC
MISC
MISC
MISC
MISC
MISC
apple -- icloudA type confusion issue was addressed with improved memory handling. This issue affected versions prior to iOS 11.4.1, tvOS 11.4.1, watchOS 4.3.2, Safari 11.1.2, iTunes 12.8 for Windows, iCloud for Windows 7.6.2019-04-036.8CVE-2018-4284
MISC
MISC
MISC
MISC
MISC
MISC
apple -- icloudA cookie management issue was addressed with improved checks. This issue affected versions prior to iOS 11.4.1, macOS High Sierra 10.13.6, tvOS 11.4.1, watchOS 4.3.2, iTunes 12.8 for Windows, iCloud for Windows 7.6.2019-04-035.0CVE-2018-4293
MISC
MISC
MISC
MISC
MISC
MISC
apple -- icloudMultiple memory corruption issues were addressed with improved memory handling. This issue affected versions prior to iOS 12, tvOS 12, watchOS 5, Safari 12, iTunes 12.9 for Windows, iCloud for Windows 7.7.2019-04-036.8CVE-2018-4299
MISC
MISC
MISC
MISC
MISC
MISC
apple -- icloudA use after free issue was addressed with improved memory management. This issue affected versions prior to iOS 12, tvOS 12, Safari 12, iTunes 12.9 for Windows, iCloud for Windows 7.7.2019-04-036.8CVE-2018-4306
MISC
MISC
MISC
MISC
MISC
apple -- icloudA cross-site scripting issue existed in Safari. This issue was addressed with improved URL validation. This issue affected versions prior to iOS 12, tvOS 12, Safari 12, iTunes 12.9 for Windows, iCloud for Windows 7.7.2019-04-034.3CVE-2018-4309
MISC
MISC
MISC
MISC
MISC
apple -- icloudA use after free issue was addressed with improved memory management. This issue affected versions prior to iOS 12, tvOS 12, Safari 12, iTunes 12.9 for Windows, iCloud for Windows 7.7.2019-04-036.8CVE-2018-4314
MISC
MISC
MISC
MISC
MISC
apple -- icloudA use after free issue was addressed with improved memory management. This issue affected versions prior to iOS 12, tvOS 12, Safari 12, iTunes 12.9 for Windows, iCloud for Windows 7.7.2019-04-036.8CVE-2018-4315
MISC
MISC
MISC
MISC
MISC
apple -- icloudA memory corruption issue was addressed with improved state management. This issue affected versions prior to iOS 12, tvOS 12, Safari 12, iTunes 12.9 for Windows, iCloud for Windows 7.7.2019-04-036.8CVE-2018-4316
MISC
MISC
MISC
MISC
MISC
apple -- icloudA use after free issue was addressed with improved memory management. This issue affected versions prior to iOS 12, tvOS 12, Safari 12, iTunes 12.9 for Windows, iCloud for Windows 7.7.2019-04-036.8CVE-2018-4317
MISC
MISC
MISC
MISC
MISC
apple -- icloudA use after free issue was addressed with improved memory management. This issue affected versions prior to iOS 12, tvOS 12, Safari 12, iTunes 12.9 for Windows, iCloud for Windows 7.7.2019-04-036.8CVE-2018-4318
MISC
MISC
MISC
MISC
MISC
apple -- icloudA cross-origin issue existed with "iframe" elements. This was addressed with improved tracking of security origins. This issue affected versions prior to iOS 12, watchOS 5, Safari 12, iTunes 12.9 for Windows, iCloud for Windows 7.7.2019-04-035.8CVE-2018-4319
MISC
MISC
MISC
MISC
MISC
apple -- icloudMultiple memory corruption issues were addressed with improved memory handling. This issue affected versions prior to iOS 12, tvOS 12, Safari 12, iTunes 12.9 for Windows, iCloud for Windows 7.7.2019-04-036.8CVE-2018-4323
MISC
MISC
MISC
MISC
MISC
apple -- icloudMultiple memory corruption issues were addressed with improved memory handling. This issue affected versions prior to iOS 12, tvOS 12, Safari 12, iTunes 12.9 for Windows, iCloud for Windows 7.7.2019-04-036.8CVE-2018-4328
MISC
MISC
MISC
MISC
MISC
apple -- icloudA cross-site scripting issue existed in Safari. This issue was addressed with improved URL validation. This issue affected versions prior to iOS 12, tvOS 12, Safari 12, iTunes 12.9 for Windows, iCloud for Windows 7.7.2019-04-034.3CVE-2018-4345
MISC
MISC
MISC
MISC
MISC
apple -- icloudA use after free issue was addressed with improved memory management. This issue affected versions prior to iOS 12, macOS Mojave 10.14, tvOS 12, watchOS 5, iTunes 12.9 for Windows, iCloud for Windows 7.7.2019-04-036.8CVE-2018-4347
MISC
MISC
MISC
MISC
MISC
MISC
apple -- icloudMultiple memory corruption issues were addressed with improved memory handling. This issue affected versions prior to iOS 12, tvOS 12, watchOS 5, Safari 12, iTunes 12.9 for Windows, iCloud for Windows 7.7.2019-04-036.8CVE-2018-4358
MISC
MISC
MISC
MISC
MISC
MISC
apple -- icloudMultiple memory corruption issues were addressed with improved memory handling. This issue affected versions prior to iOS 12, tvOS 12, watchOS 5, Safari 12, iTunes 12.9 for Windows, iCloud for Windows 7.7.2019-04-036.8CVE-2018-4359
MISC
MISC
MISC
MISC
MISC
MISC
apple -- icloudMultiple memory corruption issues were addressed with improved memory handling. This issue affected versions prior to iOS 12, tvOS 12, Safari 12, iTunes 12.9 for Windows, iCloud for Windows 7.7.2019-04-036.8CVE-2018-4360
MISC
MISC
MISC
MISC
MISC
apple -- icloudA memory consumption issue was addressed with improved memory handling. This issue affected versions prior to iOS 12, tvOS 12, watchOS 5, Safari 12, iTunes 12.9 for Windows, iCloud for Windows 7.7.2019-04-036.8CVE-2018-4361
MISC
MISC
MISC
MISC
MISC
MISC
apple -- icloudMultiple memory corruption issues were addressed with improved memory handling. This issue affected versions prior to iOS 12.1, tvOS 12.1, watchOS 5.1, Safari 12.0.1, iTunes 12.9.1, iCloud for Windows 7.8.2019-04-036.8CVE-2018-4372
MISC
MISC
MISC
MISC
MISC
MISC
apple -- icloudMultiple memory corruption issues were addressed with improved memory handling. This issue affected versions prior to iOS 12.1, watchOS 5.1, Safari 12.0.1, iTunes 12.9.1, iCloud for Windows 7.8.2019-04-036.8CVE-2018-4373
MISC
MISC
MISC
MISC
MISC
apple -- icloudA logic issue was addressed with improved validation. This issue affected versions prior to iOS 12.1, watchOS 5.1, Safari 12.0.1, iTunes 12.9.1, iCloud for Windows 7.8.2019-04-034.3CVE-2018-4374
MISC
MISC
MISC
MISC
MISC
apple -- icloudMultiple memory corruption issues were addressed with improved memory handling. This issue affected versions prior to iOS 12.1, watchOS 5.1, Safari 12.0.1, iTunes 12.9.1, iCloud for Windows 7.8.2019-04-036.8CVE-2018-4375
MISC
MISC
MISC
MISC
MISC
apple -- icloudMultiple memory corruption issues were addressed with improved memory handling. This issue affected versions prior to iOS 12.1, watchOS 5.1, Safari 12.0.1, iTunes 12.9.1, iCloud for Windows 7.8.2019-04-036.8CVE-2018-4376
MISC
MISC
MISC
MISC
MISC
apple -- icloudA cross-site scripting issue existed in Safari. This issue was addressed with improved URL validation. This issue affected versions prior to iOS 12.1, watchOS 5.1, Safari 12.0.1, iTunes 12.9.1, iCloud for Windows 7.8.2019-04-034.3CVE-2018-4377
MISC
MISC
MISC
MISC
MISC
apple -- icloudA memory corruption issue was addressed with improved validation. This issue affected versions prior to iOS 12.1, tvOS 12.1, watchOS 5.1, Safari 12.0.1, iTunes 12.9.1, iCloud for Windows 7.8.2019-04-036.8CVE-2018-4378
MISC
MISC
MISC
MISC
MISC
MISC
apple -- icloudMultiple memory corruption issues were addressed with improved memory handling. This issue affected versions prior to iOS 12.1, tvOS 12.1, watchOS 5.1, Safari 12.0.1, iTunes 12.9.1, iCloud for Windows 7.8.2019-04-036.8CVE-2018-4382
MISC
MISC
MISC
MISC
MISC
MISC
apple -- icloudMultiple memory corruption issues were addressed with improved memory handling. This issue affected versions prior to iOS 12.1, tvOS 12.1, watchOS 5.1, Safari 12.0.1, iTunes 12.9.1, iCloud for Windows 7.8.2019-04-036.8CVE-2018-4386
MISC
MISC
MISC
MISC
MISC
MISC
apple -- icloudMultiple memory corruption issues were addressed with improved memory handling. This issue affected versions prior to iOS 12.1, tvOS 12.1, watchOS 5.1, Safari 12.0.1, iTunes 12.9.1, iCloud for Windows 7.8.2019-04-036.8CVE-2018-4392
MISC
MISC
MISC
MISC
MISC
MISC
apple -- icloudAn issue existed in the method for determining prime numbers. This issue was addressed by using pseudorandom bases for testing of primes. This issue affected versions prior to iOS 12.1, macOS Mojave 10.14.1, tvOS 12.1, watchOS 5.1, iTunes 12.9.1, iCloud for Windows 7.8.2019-04-035.0CVE-2018-4398
MISC
MISC
MISC
MISC
MISC
MISC
apple -- icloudA resource exhaustion issue was addressed with improved input validation. This issue affected versions prior to iOS 12.1, tvOS 12.1, Safari 12.0.1, iTunes 12.9.1, iCloud for Windows 7.8.2019-04-034.3CVE-2018-4409
MISC
MISC
MISC
MISC
MISC
apple -- icloudA memory corruption issue was addressed with improved input validation. This issue affected versions prior to iOS 12, macOS Mojave 10.14, tvOS 12, watchOS 5, iTunes 12.9 for Windows, iCloud for Windows 7.7.2019-04-036.8CVE-2018-4414
MISC
MISC
MISC
MISC
MISC
MISC
apple -- icloudMultiple memory corruption issues were addressed with improved memory handling. This issue affected versions prior to iOS 12.1, tvOS 12.1, watchOS 5.1, Safari 12.0.1, iTunes 12.9.1, iCloud for Windows 7.8.2019-04-036.8CVE-2018-4416
MISC
MISC
MISC
MISC
MISC
MISC
apple -- icloudMultiple memory corruption issues were addressed with improved memory handling. This issue affected versions prior to iOS 12.1.1, tvOS 12.1.1, watchOS 5.1.2, Safari 12.0.2, iTunes 12.9.2 for Windows, iCloud for Windows 7.9.2019-04-036.8CVE-2018-4437
MISC
MISC
MISC
MISC
MISC
MISC
apple -- icloudA logic issue existed resulting in memory corruption. This was addressed with improved state management. This issue affected versions prior to iOS 12.1.1, tvOS 12.1.1, watchOS 5.1.2, Safari 12.0.2, iTunes 12.9.2 for Windows, iCloud for Windows 7.9.2019-04-036.8CVE-2018-4438
MISC
MISC
MISC
MISC
MISC
MISC
apple -- icloudA logic issue was addressed with improved validation. This issue affected versions prior to iOS 12.1.1, Safari 12.0.2, iTunes 12.9.2 for Windows, iCloud for Windows 7.9.2019-04-034.3CVE-2018-4439
MISC
MISC
MISC
MISC
apple -- icloudA logic issue was addressed with improved state management. This issue affected versions prior to iOS 12.1.1, Safari 12.0.2, iTunes 12.9.2 for Windows, iCloud for Windows 7.9.2019-04-034.3CVE-2018-4440
MISC
MISC
MISC
MISC
apple -- icloudA memory corruption issue was addressed with improved memory handling. This issue affected versions prior to iOS 12.1.1, tvOS 12.1.1, watchOS 5.1.2, Safari 12.0.2, iTunes 12.9.2 for Windows, iCloud for Windows 7.9.2019-04-036.8CVE-2018-4441
MISC
MISC
MISC
MISC
MISC
MISC
apple -- icloudA memory corruption issue was addressed with improved memory handling. This issue affected versions prior to iOS 12.1.1, tvOS 12.1.1, watchOS 5.1.2, Safari 12.0.2, iTunes 12.9.2 for Windows, iCloud for Windows 7.9.2019-04-036.8CVE-2018-4442
MISC
MISC
MISC
MISC
MISC
MISC
apple -- icloudA memory corruption issue was addressed with improved memory handling. This issue affected versions prior to iOS 12.1.1, tvOS 12.1.1, watchOS 5.1.2, Safari 12.0.2, iTunes 12.9.2 for Windows, iCloud for Windows 7.9.2019-04-036.8CVE-2018-4443
MISC
MISC
MISC
MISC
MISC
MISC
apple -- icloudMultiple memory corruption issues were addressed with improved memory handling. This issue affected versions prior to iOS 12.1.1, tvOS 12.1.1, watchOS 5.1.2, Safari 12.0.2, iTunes 12.9.2 for Windows, iCloud for Windows 7.9.2019-04-036.8CVE-2018-4464
MISC
MISC
MISC
MISC
MISC
MISC
apple -- iphone_osAn out-of-bounds read was addressed with improved bounds checking. This issue affected versions prior to iOS 12, macOS Mojave 10.14, tvOS 12, watchOS 5.2019-04-035.0CVE-2018-4203
MISC
MISC
MISC
MISC
MISC
apple -- iphone_osA logic issue existed in the handling of call URLs. This issue was addressed with improved state management. This issue affected versions prior to iOS 11.4.1.2019-04-034.3CVE-2018-4216
MISC
apple -- iphone_osAn out-of-bounds read was addressed with improved input validation. This issue affected versions prior to iOS 11.4.1, macOS High Sierra 10.13.6, tvOS 11.4.1, watchOS 4.3.2.2019-04-035.0CVE-2018-4248
MISC
MISC
MISC
MISC
apple -- iphone_osA memory corruption issue was addressed with improved memory handling. This issue affected versions prior to iOS 11.4.1.2019-04-036.8CVE-2018-4275
MISC
apple -- iphone_osA memory corruption issue was addressed with improved memory handling. This issue affected versions prior to iOS 11.4.1, macOS High Sierra 10.13.6, tvOS 11.4.1, watchOS 4.3.2.2019-04-036.8CVE-2018-4280
MISC
MISC
MISC
MISC
apple -- iphone_osAn out-of-bounds read issue existed that led to the disclosure of kernel memory. This was addressed with improved input validation. This issue affected versions prior to iOS 11.4.1, tvOS 11.4.1, watchOS 4.3.2.2019-04-034.9CVE-2018-4282
MISC
MISC
MISC
apple -- iphone_osA denial of service issue was addressed with improved memory handling. This issue affected versions prior to iOS 11.4.1, watchOS 4.3.2.2019-04-034.3CVE-2018-4290
MISC
MISC
apple -- iphone_osAn input validation issue was addressed with improved input validation. This issue affected versions prior to macOS Mojave 10.14, iOS 12.1.1, macOS Mojave 10.14.2, tvOS 12.1.1, watchOS 5.1.2.2019-04-036.8CVE-2018-4303
MISC
MISC
MISC
MISC
apple -- iphone_osA denial of service issue was addressed with improved validation. This issue affected versions prior to iOS 12, macOS Mojave 10.14, tvOS 12, watchOS 5.2019-04-034.3CVE-2018-4304
MISC
MISC
MISC
MISC
MISC
apple -- iphone_osA validation issue existed in the entitlement verification. This issue was addressed with improved validation of the process entitlement. This issue affected versions prior to iOS 12, macOS Mojave 10.14, tvOS 12.2019-04-035.0CVE-2018-4321
MISC
MISC
MISC
apple -- iphone_osA memory corruption issue was addressed with improved memory handling. This issue affected versions prior to iOS 12, macOS Mojave 10.14.2019-04-036.8CVE-2018-4326
MISC
MISC
MISC
apple -- iphone_osA validation issue was addressed with improved input sanitization. This issue affected versions prior to iOS 12, macOS Mojave 10.14.2019-04-034.3CVE-2018-4333
MISC
MISC
apple -- iphone_osA validation issue was addressed with improved input sanitization. This issue affected versions prior to iOS 12.2019-04-034.3CVE-2018-4335
MISC
apple -- iphone_osA memory corruption issue was addressed with improved memory handling. This issue affected versions prior to iOS 12, macOS Mojave 10.14, tvOS 12, watchOS 5.2019-04-036.8CVE-2018-4341
MISC
MISC
MISC
MISC
MISC
apple -- iphone_osA memory corruption issue was addressed with improved memory handling. This issue affected versions prior to iOS 12, macOS Mojave 10.14, tvOS 12, watchOS 5.2019-04-036.8CVE-2018-4354
MISC
MISC
MISC
MISC
MISC
apple -- iphone_osA configuration issue was addressed with additional restrictions. This issue affected versions prior to iOS 12, macOS Mojave 10.14.2019-04-034.3CVE-2018-4355
MISC
MISC
apple -- iphone_osA permissions issue existed. This issue was addressed with improved permission validation. This issue affected versions prior to iOS 12.2019-04-035.0CVE-2018-4356
MISC
apple -- iphone_osAn out-of-bounds read was addressed with improved bounds checking. This issue affected versions prior to iOS 12.1.2019-04-034.3CVE-2018-4365
MISC
apple -- iphone_osA memory corruption issue was addressed with improved input validation. This issue affected versions prior to iOS 12.1.2019-04-035.0CVE-2018-4366
MISC
apple -- iphone_osA denial of service issue was addressed with improved validation. This issue affected versions prior to iOS 12.1, macOS Mojave 10.14.1, tvOS 12.1, watchOS 5.1.2019-04-034.0CVE-2018-4368
MISC
MISC
MISC
MISC
apple -- iphone_osA logic issue was addressed with improved state management. This issue affected versions prior to iOS 12.1, macOS Mojave 10.14.1, tvOS 12.1, watchOS 5.1.2019-04-035.0CVE-2018-4369
MISC
MISC
MISC
MISC
apple -- iphone_osA memory corruption issue was addressed with improved input validation. This issue affected versions prior to iOS 12.1, watchOS 5.1.2019-04-036.8CVE-2018-4384
MISC
MISC
apple -- iphone_osA logic issue was addressed with improved state management. This issue affected versions prior to iOS 12.1.2019-04-034.3CVE-2018-4385
MISC
apple -- iphone_osAn access issue existed with privileged API calls. This issue was addressed with additional restrictions. This issue affected versions prior to iOS 12, macOS Mojave 10.14, tvOS 12, watchOS 5.2019-04-034.3CVE-2018-4399
MISC
MISC
MISC
MISC
MISC
apple -- iphone_osA validation issue was addressed with improved logic. This issue affected versions prior to iOS 12.1, macOS Mojave 10.14.1, watchOS 5.1.2019-04-034.3CVE-2018-4400
MISC
MISC
MISC
apple -- iphone_osA memory corruption issue was addressed with improved validation. This issue affected versions prior to iOS 12, macOS Mojave 10.14, tvOS 12, watchOS 5.2019-04-036.5CVE-2018-4407
MISC
MISC
MISC
MISC
MISC
apple -- iphone_osA spoofing issue existed in the handling of URLs. This issue was addressed with improved input validation. This issue affected versions prior to iOS 12.1.1, watchOS 5.1.2.2019-04-034.3CVE-2018-4429
MISC
MISC
apple -- iphone_osA memory initialization issue was addressed with improved memory handling. This issue affected versions prior to iOS 12.1.1, macOS Mojave 10.14.2, tvOS 12.1.1, watchOS 5.1.2.2019-04-034.9CVE-2018-4431
MISC
MISC
MISC
MISC
apple -- iphone_osA logic issue was addressed with improved restrictions. This issue affected versions prior to iOS 12.1.1, macOS Mojave 10.14.2, tvOS 12.1.1, watchOS 5.1.2.2019-04-036.8CVE-2018-4435
MISC
MISC
MISC
MISC
apple -- iphone_osA certificate validation issue existed in configuration profiles. This was addressed with additional checks. This issue affected versions prior to iOS 12.1.1, tvOS 12.1.1, watchOS 5.1.2.2019-04-035.0CVE-2018-4436
MISC
MISC
MISC
apple -- iphone_osThis issue was addressed with improved entitlements. This issue affected versions prior to iOS 12.1.1.2019-04-034.3CVE-2018-4446
MISC
apple -- itunesA race condition was addressed with additional validation. This issue affected versions prior to iOS 11.2, macOS High Sierra 10.13.2, tvOS 11.2, watchOS 4.2, iTunes 12.7.2 for Windows, macOS High Sierra 10.13.4.2019-04-035.1CVE-2017-7151
MISC
MISC
MISC
MISC
MISC
MISC
apple -- itunesA memory corruption issue was addressed with improved input validation. This issue affected versions prior to iOS 12.1, macOS Mojave 10.14.1, tvOS 12.1, watchOS 5.1, iTunes 12.9.1.2019-04-036.8CVE-2018-4394
MISC
MISC
MISC
MISC
MISC
apple -- mac_os_xAn injection issue was addressed with improved validation. This issue affected versions prior to macOS Mojave 10.14.2019-04-034.3CVE-2018-4153
MISC
MISC
apple -- mac_os_xA null pointer dereference was addressed with improved validation. This issue affected versions prior to macOS High Sierra 10.13.6.2019-04-035.0CVE-2018-4276
MISC
apple -- mac_os_xAn out-of-bounds read issue existed that led to the disclosure of kernel memory. This was addressed with improved input validation. This issue affected versions prior to macOS High Sierra 10.13.6.2019-04-034.9CVE-2018-4283
MISC
apple -- mac_os_xAn out-of-bounds read was addressed with improved bounds checking. This issue affected versions prior to macOS Mojave 10.14.2019-04-034.3CVE-2018-4308
MISC
MISC
apple -- mac_os_xA permissions issue existed in the handling of the Apple ID. This issue was addressed with improved access controls. This issue affected versions prior to macOS Mojave 10.14.2019-04-034.3CVE-2018-4324
MISC
apple -- mac_os_xA validation issue was addressed with improved input sanitization. This issue affected versions prior to macOS Mojave 10.14.2019-04-034.3CVE-2018-4338
MISC
apple -- mac_os_xA validation issue existed which allowed local file access. This was addressed with input sanitization. This issue affected versions prior to macOS Mojave 10.14.2019-04-034.3CVE-2018-4346
MISC
MISC
apple -- mac_os_xA memory initialization issue was addressed with improved memory handling. This issue affected versions prior to macOS Mojave 10.14.2019-04-034.3CVE-2018-4351
MISC
apple -- mac_os_xAn inconsistent user interface issue was addressed with improved state management. This issue affected versions prior to macOS Mojave 10.14.1.2019-04-034.3CVE-2018-4389
MISC
apple -- mac_os_xA validation issue was addressed with improved input sanitization. This issue affected versions prior to macOS Mojave 10.14.2019-04-034.3CVE-2018-4396
MISC
MISC
apple -- mac_os_xThis issue was addressed by removing additional entitlements. This issue affected versions prior to macOS Mojave 10.14.1.2019-04-034.3CVE-2018-4403
MISC
apple -- mac_os_xA denial of service issue was addressed with improved validation. This issue affected versions prior to macOS Mojave 10.14.2019-04-034.0CVE-2018-4406
MISC
MISC
apple -- mac_os_xA memory corruption issue was addressed with improved input validation. This issue affected versions prior to macOS Mojave 10.14.2019-04-036.8CVE-2018-4411
MISC
MISC
apple -- mac_os_xA validation issue was addressed with improved input sanitization. This issue affected versions prior to macOS Mojave 10.14.2019-04-034.3CVE-2018-4417
MISC
MISC
apple -- mac_os_xA validation issue was addressed with improved input sanitization. This issue affected versions prior to macOS Mojave 10.14.2019-04-034.3CVE-2018-4418
MISC
MISC
apple -- mac_os_xA logic issue was addressed with improved validation. This issue affected versions prior to macOS Mojave 10.14.1.2019-04-036.8CVE-2018-4423
MISC
apple -- mac_os_xAn out-of-bounds read was addressed with improved input validation. This issue affected versions prior to macOS Mojave 10.14.2.2019-04-036.6CVE-2018-4434
MISC
apple -- mac_os_xA validation issue was addressed with improved input sanitization. This issue affected versions prior to macOS Mojave 10.14.2.2019-04-034.3CVE-2018-4462
MISC
apple -- mac_os_xA privacy issue in the handling of Open Directory records was addressed with improved indexing. This issue affected versions prior to macOS High Sierra 10.13.6.2019-04-034.3CVE-2018-4470
MISC
apple -- safariAn inconsistent user interface issue was addressed with improved state management. This issue affected versions prior to Safari 12.2019-04-034.3CVE-2018-4195
MISC
apple -- safariAn inconsistent user interface issue was addressed with improved state management. This issue affected versions prior to iOS 11.4.1, Safari 11.1.2.2019-04-034.3CVE-2018-4260
MISC
MISC
apple -- safariA spoofing issue existed in the handling of URLs. This issue was addressed with improved input validation. This issue affected versions prior to iOS 11.4.1, Safari 11.1.2.2019-04-035.0CVE-2018-4274
MISC
MISC
apple -- safariAn inconsistent user interface issue was addressed with improved state management. This issue affected versions prior to Safari 11.1.2.2019-04-035.0CVE-2018-4279
MISC
apple -- safariA logic issue was addressed with improved state management. This issue affected versions prior to iOS 12, Safari 12.2019-04-034.3CVE-2018-4307
MISC
MISC
apple -- safariClearing a history item may not clear visits with redirect chains. The issue was addressed with improved data deletion. This issue affected versions prior to iOS 12, Safari 12.2019-04-035.0CVE-2018-4329
MISC
MISC
apple -- safariAn inconsistent user interface issue was addressed with improved state management. This issue affected versions prior to Safari 11.1.2, iOS 12.2019-04-034.3CVE-2018-4362
MISC
MISC
apple -- safari"Clear History and Website Data" did not clear the history. The issue was addressed with improved data deletion. This issue affected versions prior to iOS 12.1.1, Safari 12.0.2.2019-04-034.0CVE-2018-4445
MISC
MISC
atlassian -- crowdThe console login resource in Atlassian Crowd before version 3.0.2 and from version 3.1.0 before version 3.1.1 allows remote attackers, who have previously obtained a user's JSESSIONID cookie, to gain access to some of the built-in and potentially third party rest resources via a session fixation vulnerability.2019-03-296.8CVE-2017-18105
MISC
atlassian -- crowdThe identifier_hash for a session token in Atlassian Crowd before version 2.9.1 could potentially collide with an identifier_hash for another user or a user in a different directory, this allows remote attackers who can authenticate to Crowd or an application using Crowd for authentication to gain access to another user's session provided they can make their identifier hash collide with another user's session identifier hash.2019-03-296.0CVE-2017-18106
MISC
atlassian -- crowdThe administration SMTP configuration resource in Atlassian Crowd before version 2.10.2 allows remote attackers with administration rights to execute arbitrary code via a JNDI injection.2019-03-296.5CVE-2017-18108
MISC
atlassian -- crowdThe login resource of CrowdId in Atlassian Crowd before version 3.0.2 and from version 3.1.0 before version 3.1.1 allows remote attackers to redirect users to a different website which they may use as part of performing a phishing attack via an open redirect.2019-03-295.8CVE-2017-18109
MISC
atlassian -- crowdThe administration backup restore resource in Atlassian Crowd before version 3.0.2 and from version 3.1.0 before version 3.1.1 allows remote attackers to read files from the filesystem via a XXE vulnerability.2019-03-294.0CVE-2017-18110
MISC
axway -- vordel_xml_gatewayVordel XML Gateway (acquired by Axway) version 7.2.2 could allow remote attackers to cause a denial of service via a specially crafted request.2019-04-035.0CVE-2015-5606
MISC
buttle_project -- buttleXSS in buttle npm package version 0.2.0 causes execution of attacker-provided code in the victim's browser when an attacker creates an arbitrary file on the server.2019-04-034.3CVE-2019-5422
MISC
coapthon3_project -- coapthon3The Serialize.deserialize() method in CoAPthon3 1.0 and 1.0.1 mishandles certain exceptions, leading to a denial of service in applications that use this library (e.g., the standard CoAP server, CoAP client, example collect CoAP server and client) when they receive crafted CoAP messages.2019-04-025.0CVE-2018-12679
MISC
coapthon_project -- coapthonThe Serialize.deserialize() method in CoAPthon 3.1, 4.0.0, 4.0.1, and 4.0.2 mishandles certain exceptions, leading to a denial of service in applications that use this library (e.g., the standard CoAP server, CoAP client, CoAP reverse proxy, example collect CoAP server and client) when they receive crafted CoAP messages.2019-04-025.0CVE-2018-12680
MISC
domoticz -- domoticzDomoticz before 4.10579 neglects to categorize \n and \r as insecure argument options.2019-03-315.0CVE-2019-10678
MISC
flatcore -- flatcoreAn issue was discovered in flatCore 1.4.7. acp/acp.php allows remote authenticated administrators to upload arbitrary .php files, related to the addons feature.2019-03-306.5CVE-2019-10652
MISC
fusioninventory -- fusioninventoryThe FusionInventory plugin before 1.4 for GLPI 9.3.x and before 1.1 for GLPI 9.4.x mishandles sendXML actions.2019-03-295.0CVE-2019-10477
MISC
MISC
MISC
MISC
MISC
gnu -- gnutlsIt was discovered in gnutls before version 3.6.7 upstream that there is an uninitialized pointer access in gnutls versions 3.6.3 or later which can be triggered by certain post-handshake messages.2019-04-015.0CVE-2019-3836
CONFIRM
CONFIRM
FEDORA
gog -- galaxyAn exploitable local privilege escalation vulnerability exists in the privileged helper tool of GOG Galaxy's Games, version 1.2.47 for macOS. An attacker can globally create directories and subdirectories on the root file system, as well as change the permissions of existing directories.2019-04-024.9CVE-2018-4051
MISC
grandstream -- gxp1610_firmwareA Malformed Input String to /cgi-bin/api-get_line_status on Grandstream GXP16xx VoIP 1.0.4.128 phones allows attackers to dump the device's configuration in cleartext.2019-04-015.0CVE-2018-17563
MISC
MISC
harmistechnology -- je_messengerAn issue was discovered in the Harmis JE Messenger component 1.2.2 for Joomla!. It is possible to perform an action within the context of the account of another user.2019-03-296.5CVE-2019-9920
MISC
MISC
harmistechnology -- je_messengerAn issue was discovered in the Harmis JE Messenger component 1.2.2 for Joomla!. It is possible to read information that should only be accessible by a different user.2019-03-294.0CVE-2019-9921
MISC
MISC
harmistechnology -- je_messengerAn issue was discovered in the Harmis JE Messenger component 1.2.2 for Joomla!. Directory Traversal allows read access to arbitrary files.2019-03-295.0CVE-2019-9922
MISC
MISC
http-live-simulator_project -- http-live-simulatorPath traversal vulnerability in http-live-simulator npm package version 1.0.5 allows arbitrary path to be accessed on the file system by a remote attacker.2019-04-035.0CVE-2019-5423
MISC
hyphp -- hybbsAn issue was discovered in HYBBS 2.2. /?admin/user.html has a CSRF vulnerability that can add an administrator account.2019-03-296.8CVE-2019-10644
MISC
ibm -- infosphere_information_serverIBM InfoSphere Information Server 11.3, 11.5, and 11.7could allow an authenticated user to download code using a specially crafted HTTP request. IBM X-Force ID: 152663.2019-04-024.0CVE-2018-1906
BID
XF
CONFIRM
ibm -- infosphere_information_serverIBM InfoSphere Information Server 11.3, 11.5, and 11.7 could allow an authenticated user to access JSP files and disclose sensitive information. IBM X-Force ID: 152784.2019-04-024.0CVE-2018-1917
BID
XF
CONFIRM
ibm -- security_privileged_identity_managerIBM Security Privileged Identity Manager Virtual Appliance 2.2.1 could allow a remote attacker to traverse directories on the system. An attacker could send a specially-crafted URL request containing "dot dot" sequences (/../) to view arbitrary files on the system. IBM X-Force ID: 144343.2019-04-025.0CVE-2018-1618
CONFIRM
XF
ibm -- security_privileged_identity_managerIBM Security Privileged Identity Manager Virtual Appliance 2.2.1 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 144348.2019-04-026.8CVE-2018-1622
CONFIRM
XF
ibm -- security_privileged_identity_managerIBM Security Privileged Identity Manager Virtual Appliance 2.2.1 generates an error message that includes sensitive information about its environment, users, or associated data. IBM X-Force ID: 144410.2019-04-024.0CVE-2018-1625
CONFIRM
XF
ibm -- security_privileged_identity_managerIBM Security Privileged Identity Manager Virtual Appliance 2.2.1 does not renew a session variable after a successful authentication which could lead to session fixation/hijacking vulnerability. This could force a user to utilize a cookie that may be known to an attacker. IBM X-Force ID: 144411.2019-04-024.0CVE-2018-1626
CONFIRM
XF
ibm -- security_privileged_identity_managerIBM Security Privileged Identity Manager Virtual Appliance 2.2.1 does not require that users should have strong passwords by default, which makes it easier for attackers to compromise user accounts. IBM X-Force ID: 145236.2019-04-025.0CVE-2018-1680
CONFIRM
XF
ibm -- sterling_b2b_integratorIBM Sterling B2B Integrator Standard Edition 5.2.0 snf 6.0.0.0 is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 156239.2019-04-025.5CVE-2019-4043
BID
XF
CONFIRM
ibm -- websphere_application_serverIBM WebSphere Application Server Admin Console 7.5, 8.0, 8.5, and 9.0 is vulnerable to a potential denial of service, caused by improper parameter parsing. A remote attacker could exploit this to consume all available CPU resources. IBM X-Force ID: 157380.2019-04-026.8CVE-2019-4080
BID
XF
CONFIRM
imagemagick -- imagemagickIn ImageMagick 7.0.8-36 Q16, there is a memory leak in the function SVGKeyValuePairs of coders/svg.c, which allows an attacker to cause a denial of service via a crafted image file.2019-03-304.3CVE-2019-10649
BID
MISC
imagemagick -- imagemagickIn ImageMagick 7.0.8-36 Q16, there is a heap-based buffer over-read in the function WriteTIFFImage of coders/tiff.c, which allows an attacker to cause a denial of service or information disclosure via a crafted image file.2019-03-305.8CVE-2019-10650
BID
MISC
imagemagick -- imagemagickLocaleLowercase in MagickCore/locale.c in ImageMagick before 7.0.8-32 allows out-of-bounds access, leading to a SIGSEGV.2019-04-024.3CVE-2019-10714
MISC
MISC
MISC
MISC
kakaocorp -- kakaotalkRemote code execution vulnerability exists in KaKaoTalk PC messenger when user clicks specially crafted link in the message window. This affects KaKaoTalk windows version 2.7.5.2024 or lower.2019-04-016.8CVE-2019-9132
CONFIRM
kubernetes -- kubernetesIn all Kubernetes versions prior to v1.11.8, v1.12.6, and v1.13.4, users that are authorized to make patch requests to the Kubernetes API Server can send a specially crafted patch of type "json-patch" (e.g. `kubectl patch --type json` or `"Content-Type: application/json-patch+json"`) that consumes excessive resources while processing, causing a Denial of Service on the API Server.2019-04-014.0CVE-2019-1002100
BID
CONFIRM
CONFIRM
kubernetes -- kubernetesCloud Native Computing Foundation (CNCF) CNI (Container Networking Interface) 0.7.4 has a network firewall misconfiguration which affects Kubernetes. The CNI 'portmap' plugin, used to setup HostPorts for CNI, inserts rules at the front of the iptables nat chains; which take precedence over the KUBE- SERVICES chain. Because of this, the HostPort/portmap rule could match incoming traffic even if there were better fitting, more specific service definition rules like NodePorts later in the chain. The issue is fixed in CNI 0.7.5 and Kubernetes 1.11.9, 1.12.7, 1.13.5, and 1.14.0.2019-04-025.0CVE-2019-9946
CONFIRM
lrzip_project -- lrzipThe lzo1x_decompress function in liblzo2.so.2 in LZO 2.10, as used in Long Range Zip (aka lrzip) 0.631, allows remote attackers to cause a denial of service (invalid memory read and application crash) via a crafted archive, a different vulnerability than CVE-2017-8845.2019-03-304.3CVE-2019-10654
MISC
microfocus -- content_managerAn unauthenticated file upload vulnerability has been identified in the Web Client component of Micro Focus Content Manager 9.1, 9.2, and 9.3 when configured to use the ADFS authentication method. The vulnerability could be exploited by an unauthenticated remote attacker to upload content to arbitrary locations on the Content Manager server.2019-04-015.0CVE-2019-3489
MISC
mybb -- mybbA reflected XSS vulnerability in the ModCP Profile Editor in MyBB before 1.8.20 allows remote attackers to inject JavaScript via the 'username' parameter.2019-03-294.3CVE-2018-19201
MISC
online_lottery_php_readymade_script_project -- online_lottery_php_readymade_scriptPHP Scripts Mall Online Lottery PHP Readymade Script 1.7.0 has Cross-Site Request Forgery (CSRF) for Edit Profile actions.2019-03-296.8CVE-2019-9604
MISC
open-emr -- openemrA vulnerability in flashcanvas.swf in OpenEMR before 5.0.1 Patch 6 could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack on a targeted system.2019-04-024.3CVE-2018-18035
CONFIRM
openmicroscopy -- omeroOMERO before 5.0.6 has multiple CSRF vulnerabilities because the framework for OMERO's web interface lacks CSRF protection.2019-03-316.8CVE-2014-7198
MISC
MISC
opensynergy -- blue_sdkThe L2CAP signaling channel implementation and SDP server implementation in OpenSynergy Blue SDK 3.2 through 6.0 allow remote, unauthenticated attackers to execute arbitrary code or cause a denial of service via malicious L2CAP configuration requests, in conjunction with crafted SDP communication over maliciously configured L2CAP channels. The attacker must have connectivity over the Bluetooth physical layer, and must be able to send raw L2CAP frames. This is related to L2Cap_HandleConfigReq in core/stack/l2cap/l2cap_sm.c and SdpServHandleServiceSearchAttribReq in core/stack/sdp/sdpserv.c.2019-03-295.4CVE-2018-20378
MISC
CONFIRM
overit -- geocallMultiple XSS vulnerabilities were discovered in OverIT Geocall 6.3 before build 2:346977.2019-04-014.3CVE-2019-5888
MISC
overit -- geocallAn log-management directory traversal issue was discovered in OverIT Geocall 6.3 before build 2:346977.2019-04-015.0CVE-2019-5889
MISC
overit -- geocallAn issue was discovered in OverIT Geocall 6.3 before build 2:346977. An unauthenticated servlet allows an attacker to obtain a cookie of an authenticated user, and login to the web application.2019-04-015.0CVE-2019-5891
MISC
pivotal_software -- concoursePivotal Concourse versions prior to 5.0.1, contains an API that is vulnerable to SQL injection. An Concourse resource can craft a version identifier that can carry a SQL injection payload to the Concourse server, allowing the attacker to read privileged data.2019-04-015.0CVE-2019-3792
BID
CONFIRM
podofo_project -- podofoAn issue was discovered in PoDoFo 0.9.6. The PdfPagesTreeCache class in doc/PdfPagesTreeCache.cpp has an attempted excessive memory allocation because nInitialSize is not validated.2019-04-034.3CVE-2019-10723
MISC
pronestor -- pronestor_health_monitoringThe Pronestor PNHM (aka Health Monitoring or HealthMonitor) add-in before 8.1.13.0 for Outlook has "BUILTIN\Users:(I)(F)" permissions for the "%PROGRAMFILES(X86)%\proNestor\Outlook add-in for Pronestor\PronestorHealthMonitor.exe" file, which allows local users to gain privileges via a Trojan horse PronestorHealthMonitor.exe file.2019-04-014.4CVE-2018-19113
MISC
MISC
qasymphony -- qtest_managerqTest Portal in QASymphony qTest Manager 9.0.0 has an Open Redirect via the /portal/loginform redirect parameter.2019-04-025.8CVE-2018-15180
MISC
qualcomm -- mdm9206_firmwareInsufficient protection of keys in keypad can lead HLOS to gain access to confidential keypad input data in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music in MDM9206, MDM9607, MDM9650, MDM9655, Qualcomm 215, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 615/16/SD 415, SD 625, SD 632, SD 636, SD 650/52, SDA660, SDM439, SDM630, SDM660, Snapdragon_High_Med_20162019-04-044.9CVE-2018-11958
CONFIRM
qualcomm -- mdm9206_firmwareInterrupt exit code flow may undermine access control policy set forth by secure world can lead to potential secure asset leakage in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, in MDM9206, MDM9607, MDM9650, MDM9655, QCS605, SD 410/12, SD 615/16/SD 415, SD 636, SD 712 / SD 710 / SD 670, SD 845 / SD 850, SD 8CX, SDA660, SDM630, SDM660, SXR11302019-04-044.9CVE-2018-11971
CONFIRM
redhat -- openshift_container_platformA flaw was found in the /oauth/token/request custom endpoint of the OpenShift OAuth server allowing for XSS generation of CLI tokens due to missing X-Frame-Options and CSRF protections. If not otherwise prevented, a separate XSS vulnerability via JavaScript could further allow for the extraction of these tokens.2019-04-014.3CVE-2019-3876
BID
CONFIRM
suricata-ids -- suricataSuricata version 4.0.4 incorrectly handles the parsing of the SSH banner. A malformed SSH banner can cause the parsing code to read beyond the allocated data because SSHParseBanner in app-layer-ssh.c lacks a length check.2019-04-045.0CVE-2018-10242
CONFIRM
synology -- calendarRelative path traversal vulnerability in Attachment Uploader in Synology Calendar before 2.2.2-0532 allows remote authenticated users to upload arbitrary files via the filename parameter.2019-04-014.0CVE-2018-13299
CONFIRM
synology -- driveInformation exposure vulnerability in SYNO.SynologyDrive.Files in Synology Drive before 1.1.2-10562 allows remote attackers to obtain sensitive system information via the dsm_path parameter.2019-04-015.0CVE-2018-13297
CONFIRM
synology -- file_stationInformation exposure vulnerability in SYNO.FolderSharing.List in Synology File Station before 1.2.3-0252 and before 1.1.5-0125 allows remote attackers to obtain sensitive information via the (1) folder_path or (2) real_path parameter.2019-04-015.0CVE-2018-13288
CONFIRM
synology -- mailplus_serverUncontrolled resource consumption vulnerability in TLS configuration in Synology MailPlus Server before 2.0.5-0606 allows remote attackers to conduct denial-of-service attacks via client-initiated renegotiation.2019-04-015.0CVE-2018-13296
CONFIRM
synology -- ssl_vpn_clientLack of administrator control over security vulnerability in client.cgi in Synology SSL VPN Client before 1.2.5-0226 allows remote attackers to conduct man-in-the-middle attacks via the (1) command, (2) hostname, or (3) port parameter.2019-04-015.8CVE-2018-13283
CONFIRM
tp-link -- tl-wr840n_firmwareTP-Link TL-WR840N devices allow remote attackers to cause a denial of service (networking outage) via fragmented packets, as demonstrated by an "nmap -f" command.2019-03-295.0CVE-2018-15840
MISC
ukcms -- ukcmsA CSRF Issue that can add an admin user was discovered in UKcms v1.1.10 via admin.php/admin/role/add.html.2019-04-056.8CVE-2019-10888
MISC
wolfcms -- wolfcmsWolf CMS v0.8.3.1 is affected by cross site scripting (XSS) in the module Add Snippet (/?/admin/snippet/add). This allows an attacker to insert arbitrary JavaScript as user input, which will be executed whenever the affected snippet is loaded.2019-03-294.3CVE-2019-10646
MISC
Back to top

 

Low Vulnerabilities

Primary
Vendor -- Product
DescriptionPublishedCVSS ScoreSource & Patch Info
apple -- iphone_osAn input validation issue was addressed with improved input validation. This issue affected versions prior to iOS 12, tvOS 12, watchOS 5.2019-04-033.3CVE-2018-4305
MISC
MISC
MISC
apple -- iphone_osA consistency issue existed in the handling of application snapshots. The issue was addressed with improved handling of message deletions. This issue affected versions prior to iOS 12, tvOS 12, watchOS 5.2019-04-032.1CVE-2018-4313
MISC
MISC
MISC
apple -- iphone_osThis issue was addressed with improved entitlements. This issue affected versions prior to iOS 12.2019-04-032.1CVE-2018-4322
MISC
apple -- iphone_osA logic issue was addressed with improved restrictions. This issue affected versions prior to iOS 12.2019-04-032.1CVE-2018-4325
MISC
apple -- iphone_osA consistency issue existed in the handling of application snapshots. The issue was addressed with improved handling of notes deletions. This issue affected versions prior to iOS 12.2019-04-032.1CVE-2018-4352
MISC
apple -- iphone_osA lock screen issue allowed access to the share function on a locked device. This issue was addressed by restricting options offered on a locked device. This issue affected versions prior to iOS 12.0.1.2019-04-032.1CVE-2018-4379
MISC
apple -- iphone_osA lock screen issue allowed access to photos via Reply With Message on a locked device. This issue was addressed with improved state management. This issue affected versions prior to iOS 12.1.2019-04-032.1CVE-2018-4387
MISC
apple -- iphone_osA lock screen issue allowed access to the share function on a locked device. This issue was addressed by restricting options offered on a locked device. This issue affected versions prior to iOS 12.1.2019-04-032.1CVE-2018-4388
MISC
apple -- iphone_osA lock screen issue allowed access to contacts on a locked device. This issue was addressed with improved state management. This issue affected versions prior to iOS 12.1.1.2019-04-032.1CVE-2018-4430
MISC
apple -- mac_os_xA permissions issue existed in which execute permission was incorrectly granted. This issue was addressed with improved permission validation. This issue affected versions prior to macOS High Sierra 10.13.4.2019-04-032.1CVE-2018-4178
MISC
apple -- mac_os_xA configuration issue was addressed with additional restrictions. This issue affected versions prior to macOS Mojave 10.14.1.2019-04-032.1CVE-2018-4342
MISC
apple -- mac_os_xA validation issue was addressed with improved logic. This issue affected versions prior to macOS Mojave 10.14.2019-04-032.1CVE-2018-4348
MISC
MISC
centos-webpanel -- centos_web_panelCentOS Web Panel (CWP) 0.9.8.789 is vulnerable to Stored/Persistent XSS for the "Name Server 1" and "Name Server 2" fields via a "DNS Functions" "Edit Nameservers IPs" action.2019-04-033.5CVE-2019-10261
BID
MISC
EXPLOIT-DB
dlink -- dsl-3782_firmwareA stored XSS vulnerability exists in the web interface on D-Link DSL-3782 devices with firmware 1.01 that allows authenticated attackers to inject a JavaScript or HTML payload inside the ACL page. The injected payload would be executed in a user's browser when "/cgi-bin/New_GUI/Acl.asp" is requested.2019-04-013.5CVE-2018-17989
MISC
gog -- galaxyAn exploitable local information leak vulnerability exists in the privileged helper tool of GOG Galaxy's Games, version 1.2.47 for macOS. An attacker can pass a PID and receive information running on it that would usually only be accessible to the root user.2019-04-022.1CVE-2018-4052
MISC
gog -- galaxyAn exploitable local denial-of-service vulnerability exists in the privileged helper tool of GOG Galaxy's Games, version 1.2.47 for macOS. An attacker can send malicious data to the root-listening service, causing the application to terminate and become unavailable.2019-04-022.1CVE-2018-4053
MISC
harmistechnology -- je_messengerAn issue was discovered in the Harmis JE Messenger component 1.2.2 for Joomla!. It is possible to craft messages in a way that JavaScript gets executed on the side of the receiving user when the message is opened, aka XSS.2019-03-293.5CVE-2019-9919
MISC
MISC
ibm -- api_connectIBM API Connect 5.0.0.0 through 5.0.8.5 could display highly sensitive information to an attacker with physical access to the system. IBM X-Force ID: 151636.2019-04-022.1CVE-2018-1874
BID
XF
CONFIRM
ibm -- security_privileged_identity_managerIBM Security Privileged Identity Manager Virtual Appliance 2.2.1 allows web pages to be stored locally which can be read by another user on the system. IBM X-Force ID: 144408.2019-04-022.1CVE-2018-1623
CONFIRM
XF
ibm -- spectrum_protectIBM Tivoli Storage Manager (IBM Spectrum Protect 8.1.7) could allow a user to restore files and directories using IBM Spectrum Prootect Client Web User Interface on Windows that they should not have access to due to incorrect file permissions. IBM X-Force ID: 157981.2019-04-023.2CVE-2019-4093
CONFIRM
XF
linux -- linux_kernelThe hidma_chan_stats function in drivers/dma/qcom/hidma_dbg.c in the Linux kernel 4.14.90 allows local users to obtain sensitive address information by reading "callback=" lines in a debugfs file.2019-04-042.1CVE-2018-20449
CONFIRM
MISC
online_lottery_php_readymade_script_project -- online_lottery_php_readymade_scriptPHP Scripts Mall Online Lottery PHP Readymade Script 1.7.0 has Reflected Cross-site Scripting (XSS) via the err value in a .ico picture upload.2019-03-293.5CVE-2019-9605
MISC
Back to top

 

Severity Not Yet Assigned

Primary
Vendor -- Product
DescriptionPublishedCVSS ScoreSource & Patch Info
amazon -- aws_sdk_for_androidAmazon AWS SDK <=2.8.5 for Android uses Android SharedPreferences to store plain text AWS STS Temporary Credentials retrieved by AWS Cognito Identity Service. An attacker can use these credentials to create authenticated and/or authorized requests. Note that the attacker must have "root" privilege access to the Android filesystem in order to exploit this vulnerability (i.e. the device has been compromised, such as disabling or bypassing Android's fundamental security mechanisms).2019-04-04not yet calculatedCVE-2018-19981
MISC
MISC
MISC
MISC
apple -- ios_and_macos_mojaveAn access issue was addressed with additional sandbox restrictions. This issue affected versions prior to iOS 12, macOS Mojave 10.14.2019-04-03not yet calculatedCVE-2018-4310
MISC
MISC
MISC
apple -- macos_mojaveA configuration issue was addressed with additional restrictions. This issue affected versions prior to macOS Mojave 10.14.2019-04-03not yet calculatedCVE-2018-4353
MISC
apple -- apple_support_for_iosAnalytics data was sent using HTTP rather than HTTPS. This was addressed by sending analytics data using HTTPS. This issue affected versions prior to Apple Support 2.4 for iOS.2019-04-03not yet calculatedCVE-2018-4397
MISC
apple -- cupsThe session cookie generated by the CUPS web interface was easy to guess on Linux, allowing unauthorized scripted access to the web interface when the web interface is enabled. This issue affected versions prior to v2.2.10.2019-04-03not yet calculatedCVE-2018-4300
BID
MISC
apple -- iosA lock screen issue allowed access to photos and contacts on a locked device. This issue was addressed by restricting options offered on a locked device. This issue affected versions prior to iOS 12.0.1.2019-04-03not yet calculatedCVE-2018-4380
MISC
apple -- multiple_productsA denial of service issue was addressed by removing the vulnerable code. This issue affected versions prior to iOS 12.1.1, macOS Mojave 10.14.2, tvOS 12.1.1, watchOS 5.1.2.2019-04-03not yet calculatedCVE-2018-4460
MISC
MISC
MISC
apple -- multiple_productsA memory corruption issue was addressed with improved input validation. This issue affected versions prior to iOS 12, macOS Mojave 10.14, tvOS 12, watchOS 5, iTunes 12.9 for Windows, iCloud for Windows 7.7.2019-04-03not yet calculatedCVE-2018-4412
MISC
MISC
MISC
MISC
MISC
MISC
MISC
apple -- multiple_productsThis issue was addressed with improved checks. This issue affected versions prior to iOS 12, macOS Mojave 10.14, tvOS 12, watchOS 5.2019-04-03not yet calculatedCVE-2018-4395
MISC
MISC
MISC
MISC
MISC
apple -- multiple_productsAn out-of-bounds read was addressed with improved input validation. This issue affected versions prior to iOS 12.1, macOS Mojave 10.14.1, tvOS 12.1, watchOS 5.1.2019-04-03not yet calculatedCVE-2018-4371
MISC
MISC
MISC
MISC
apple -- multiple_productsA use after free issue was addressed with improved memory management. This issue affected versions prior to iOS 12, tvOS 12, Safari 12, iTunes 12.9 for Windows, iCloud for Windows 7.7.2019-04-03not yet calculatedCVE-2018-4312
MISC
MISC
MISC
MISC
MISC
apple -- multiple_productsThe issue was addressed by removing origin information. This issue affected versions prior to iOS 12, watchOS 5, Safari 12, iTunes 12.9 for Windows, iCloud for Windows 7.7.2019-04-03not yet calculatedCVE-2018-4311
MISC
MISC
MISC
MISC
MISC
atlassian -- application_linksThe OAuthHelper in Atlassian Application Links before version 5.0.10, from version 5.1.0 before version 5.1.3, and from version 5.2.0 before version 5.2.6 used an XML document builder that was vulnerable to XXE when consuming a client OAuth request. This allowed malicious oauth application linked applications to probe internal network resources by requesting internal locations, read the contents of files and also cause an out of memory exception affecting availability via an XML External Entity vulnerability.2019-03-29not yet calculatedCVE-2017-18111
MISC
avaya -- ip_office_contact_centerA SQL injection vulnerability in the WebUI component of IP Office Contact Center could allow an authenticated attacker to retrieve or alter sensitive data related to other users on the system. Affected versions of IP Office Contact Center include all 9.x and 10.x versions prior to 10.1.2.2.2-11201.1908. Unsupported versions not listed here were not evaluated.2019-04-04not yet calculatedCVE-2019-7001
CONFIRM
axiomsl -- axiom_google_web_toolkit_moduleAxiomSL's Axiom Google Web Toolkit module 9.5.3 and earlier is vulnerable to a Session Fixation attack.2019-04-03not yet calculatedCVE-2015-5384
MISC
axiomsl -- axiom_google_web_toolkit_moduleAxiomSL's Axiom Google Web Toolkit module 9.5.3 and earlier allows remote attackers to inject HTML into the scoping dashboard features.2019-04-03not yet calculatedCVE-2015-5462
MISC
bolt -- cmsCross Site Request Forgery (CSRF) in the bolt/upload File Upload feature in Bolt CMS 3.6.6 allows remote attackers to execute arbitrary code by uploading a JavaScript file to include executable extensions in the file/edit/config/config.yml configuration file.2019-04-05not yet calculatedCVE-2019-10874
MISC
MISC
bootstrap -- bootstrap-sass
 
Arbitrary code execution (via backdoor code) was discovered in bootstrap-sass 3.2.0.3, when downloaded from rubygems.org. An unauthenticated attacker can craft the ___cfduid cookie value with base64 arbitrary code to be executed via eval(), which can be leveraged to execute arbitrary code on the target system. Note that there are three underscore characters in the cookie name. This is unrelated to the __cfduid cookie that is legitimately used by Cloudflare.2019-04-04not yet calculatedCVE-2019-10842
MISC
MISC
MISC
burrow-wheeler_aligner -- burrow-wheeler_alignerBWA (aka Burrow-Wheeler Aligner) before 2019-01-23 has a stack-based buffer overflow in the bns_restore function in bntseq.c via a long sequence name in a .alt file.2019-03-29not yet calculatedCVE-2019-10269
MISC

cisco -- small_business_rv320_and_rv325_dual_gigabit_wan_vpn_routers

A vulnerability in the Online Help web service of Cisco Small Business RV320 and RV325 Dual Gigabit WAN VPN Routers could allow an unauthenticated, remote attacker to conduct a reflected cross-site scripting (XSS) attack against a user of the service. The vulnerability exists because the Online Help web service of an affected device insufficiently validates user-supplied input. An attacker could exploit this vulnerability by persuading a user of the service to click a malicious link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected service or access sensitive browser-based information.This vulnerability affects Cisco Small Business RV320 and RV325 Dual Gigabit WAN VPN Routers running firmware releases prior to 1.4.2.22.2019-04-04not yet calculatedCVE-2019-1827
BID
CISCO

cisco -- small_business_rv320_and_rv325_dual_gigabit_wan_vpn_routers

A vulnerability in the web-based management interface of Cisco Small Business RV320 and RV325 Dual Gigabit WAN VPN Routers could allow an unauthenticated, remote attacker to access administrative credentials. The vulnerability exists because affected devices use weak encryption algorithms for user credentials. An attacker could exploit this vulnerability by conducting a man-in-the-middle attack and decrypting intercepted credentials. A successful exploit could allow the attacker to gain access to an affected device with administrator privileges. This vulnerability affects Cisco Small Business RV320 and RV325 Dual Gigabit WAN VPN Routers running firmware releases prior to 1.4.2.22.2019-04-04not yet calculatedCVE-2019-1828
BID
CISCO
domoticz -- domoticzDomoticz before 4.10578 allows SQL Injection via the idx parameter in CWebServer::GetFloorplanImage in WebServer.cpp.2019-03-31not yet calculatedCVE-2019-10664
MISC
eclipse -- hawkbitEclipse hawkBit versions prior to 0.3.0M2 resolved Maven build artifacts for the Vaadin based UI over HTTP instead of HTTPS. Any of these dependent artifacts could have been maliciously compromised by a MITM attack. Hence produced build artifacts of hawkBit might be infected.2019-04-03not yet calculatedCVE-2019-10240
CONFIRM
gitlab -- community_and_enterprise_editionGitLab Community and Enterprise Edition before 11.3.14, 11.4.x before 11.4.12, and 11.5.x before 11.5.5 allows Directory Traversal.2019-04-04not yet calculatedCVE-2018-20229
CONFIRM
CONFIRM
glory -- rbw-100_devicesAn issue was discovered on Glory RBW-100 devices with firmware ISP-K05-02 7.0.0. An unrestricted file upload vulnerability in the Front Circle Controller glytoolcgi/settingfile_upload.cgi allows attackers to upload supplied data. This can be used to place attacker controlled code on the filesystem that can be executed and can lead to a reverse root shell.2019-04-05not yet calculatedCVE-2019-10478
MISC
glory -- rbw-100_devicesAn issue was discovered on Glory RBW-100 devices with firmware ISP-K05-02 7.0.0. A hard-coded username and password were identified that allow a remote attacker to gain admin access to the Front Circle Controller web interface.2019-04-05not yet calculatedCVE-2019-10479
MISC
grandstream -- gwn7000_and_gwn7610_devicesGrandstream GWN7000 before 1.0.6.32 and GWN7610 before 1.0.8.18 devices allow remote authenticated users to discover passwords via a /ubus/uci.apply config request.2019-03-30not yet calculatedCVE-2019-10657
MISC
grandstream -- gwn7000_devicesGrandstream GWN7000 before 1.0.6.32 devices allow remote authenticated users to execute arbitrary code via shell metacharacters in the filename in a /ubus/uci.apply update_nds_webroot_from_tmp API call.2019-03-30not yet calculatedCVE-2019-10656
MISC
grandstream -- gwn7610_devicesGrandstream GWN7610 before 1.0.8.18 devices allow remote authenticated users to execute arbitrary code via shell metacharacters in the filename in a /ubus/controller.icc.update_nds_webroot_from_tmp update_nds_webroot_from_tmp API call.2019-03-30not yet calculatedCVE-2019-10658
MISC
grandstream -- gxv3370_and_wp820_devicesGrandstream GXV3370 before 1.0.1.41 and WP820 before 1.0.3.6 devices allow remote authenticated users to execute arbitrary code via shell metacharacters in a /manager?action=getlogcat priority field.2019-03-30not yet calculatedCVE-2019-10659
MISC
grandstream -- gxv3611ir_hdGrandstream GXV3611IR_HD before 1.0.3.23 devices allow remote authenticated users to execute arbitrary code via shell metacharacters in the /goform/systemlog?cmd=set logserver field.2019-03-30not yet calculatedCVE-2019-10660
MISC
grandstream -- gxv3611ir_hdOn Grandstream GXV3611IR_HD before 1.0.3.23 devices, the root account lacks a password.2019-03-30not yet calculatedCVE-2019-10661
MISC
grandstream -- ucm6204Grandstream UCM6204 before 1.0.19.20 devices allow remote authenticated users to execute arbitrary code via shell metacharacters in the backupUCMConfig file-backup parameter to the /cgi? URI.2019-03-30not yet calculatedCVE-2019-10662
MISC
grandstream -- ucm6204Grandstream UCM6204 before 1.0.19.20 devices allow remote authenticated users to conduct SQL injection attacks via the sord parameter in a listCodeblueGroup API call to the /cgi? URI.2019-03-30not yet calculatedCVE-2019-10663
MISC
ibm -- doors_next_generationIBM DOORS Next Generation (DNG/RRC) 5.0 through 5.0.3 and 6.0 through 6.0.6 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 147710.2019-04-03not yet calculatedCVE-2018-1731
CONFIRM
BID
XF
ibm -- doors_next_generationIBM DOORS Next Generation (DNG/RRC) 5.0 through 5.0.3 and 6.0 through 6.0.6 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 152737.2019-04-03not yet calculatedCVE-2018-1913
CONFIRM
BID
XF
ivanti -- workspace_controlAn issue was discovered in Ivanti Workspace Control before 10.3.90.0. Local authenticated users with low privileges in a Workspace Control managed session can bypass Workspace Control security features configured for this session by resetting the session context.2019-04-05not yet calculatedCVE-2019-10885
MISC
jenkins -- jenkinsJenkins Koji Plugin stores credentials unencrypted in its global configuration file on the Jenkins master where they can be viewed by users with access to the master file system.2019-04-04not yet calculatedCVE-2019-10298
MISC
jenkins -- jenkinsA missing permission check in Jenkins openid Plugin in the OpenIdSsoSecurityRealm.DescriptorImpl#doValidate form validation method allows attackers with Overall/Read permission to initiate a connection to an attacker-specified server.2019-04-04not yet calculatedCVE-2019-1003099
MISC
jenkins -- jenkinsJenkins Perfecto Mobile Plugin stores credentials unencrypted in its global configuration file on the Jenkins master where they can be viewed by users with access to the master file system.2019-04-04not yet calculatedCVE-2019-1003095
MISC
jenkins -- jenkinsA cross-site request forgery vulnerability in Jenkins openid Plugin in the OpenIdSsoSecurityRealm.DescriptorImpl#doValidate form validation method allows attackers to initiate a connection to an attacker-specified server.2019-04-04not yet calculatedCVE-2019-1003098
MISC
jenkins -- jenkinsJenkins Crowd Integration Plugin stores credentials unencrypted in the global config.xml configuration file on the Jenkins master where they can be viewed by users with access to the master file system.2019-04-04not yet calculatedCVE-2019-1003097
MISC
jenkins -- jenkinsJenkins TestFairy Plugin stores credentials unencrypted in job config.xml files on the Jenkins master where they can be viewed by users with Extended Read permission, or access to the master file system.2019-04-04not yet calculatedCVE-2019-1003096
MISC
jenkins -- jenkinsJenkins Sametime Plugin stores credentials unencrypted in its global configuration file on the Jenkins master where they can be viewed by users with access to the master file system.2019-04-04not yet calculatedCVE-2019-10297
MISC
jenkins -- jenkinsJenkins Open STF Plugin stores credentials unencrypted in its global configuration file on the Jenkins master where they can be viewed by users with access to the master file system.2019-04-04not yet calculatedCVE-2019-1003094
MISC
jenkins -- jenkinsA cross-site request forgery vulnerability in Jenkins Chef Sinatra Plugin in the ChefBuilderConfiguration.DescriptorImpl#doTestConnection form validation method allows attackers to initiate a connection to an attacker-specified server.2019-04-04not yet calculatedCVE-2019-1003086
MISC
jenkins -- jenkinsA cross-site request forgery vulnerability in Jenkins Nomad Plugin in the NomadCloud.DescriptorImpl#doTestConnection form validation method allows attackers to initiate a connection to an attacker-specified server.2019-04-04not yet calculatedCVE-2019-1003092
MISC
jenkins -- jenkinsA missing permission check in Jenkins SOASTA CloudTest Plugin in the CloudTestServer.DescriptorImpl#doValidate form validation method allows attackers with Overall/Read permission to initiate a connection to an attacker-specified server.2019-04-04not yet calculatedCVE-2019-1003091
MISC
jenkins -- jenkinsA missing permission check in Jenkins Chef Sinatra Plugin in the ChefBuilderConfiguration.DescriptorImpl#doTestConnection form validation method allows attackers with Overall/Read permission to initiate a connection to an attacker-specified server.2019-04-04not yet calculatedCVE-2019-1003087
MISC
jenkins -- jenkinsJenkins Upload to pgyer Plugin stores credentials unencrypted in job config.xml files on the Jenkins master where they can be viewed by users with Extended Read permission, or access to the master file system.2019-04-04not yet calculatedCVE-2019-1003089
MISC
jenkins -- jenkinsJenkins Fabric Beta Publisher Plugin stores credentials unencrypted in job config.xml files on the Jenkins master where they can be viewed by users with Extended Read permission, or access to the master file system.2019-04-04not yet calculatedCVE-2019-1003088
MISC
jenkins -- jenkinsA cross-site request forgery vulnerability in Jenkins SOASTA CloudTest Plugin in the CloudTestServer.DescriptorImpl#doValidate form validation method allows attackers to initiate a connection to an attacker-specified server.2019-04-04not yet calculatedCVE-2019-1003090
MISC
jenkins -- jenkinsA missing permission check in Jenkins Nomad Plugin in the NomadCloud.DescriptorImpl#doTestConnection form validation method allows attackers with Overall/Read permission to initiate a connection to an attacker-specified server.2019-04-04not yet calculatedCVE-2019-1003093
MISC
jenkins -- jenkinsJenkins StarTeam Plugin stores credentials unencrypted in job config.xml files on the Jenkins master where they can be viewed by users with Extended Read permission, or access to the master file system.2019-04-04not yet calculatedCVE-2019-10277
MISC
jenkins -- jenkinsJenkins Jabber Server Plugin stores credentials unencrypted in its global configuration file on the Jenkins master where they can be viewed by users with access to the master file system.2019-04-04not yet calculatedCVE-2019-10288
MISC
jenkins -- jenkinsJenkins Kmap Plugin stores credentials unencrypted in job config.xml files on the Jenkins master where they can be viewed by users with Extended Read permission, or access to the master file system.2019-04-04not yet calculatedCVE-2019-10294
MISC
jenkins -- jenkinsA missing permission check in Jenkins Kmap Plugin in KmapJenkinsBuilder.DescriptorImpl form validation methods allows attackers with Overall/Read permission to initiate a connection to an attacker-specified server.2019-04-04not yet calculatedCVE-2019-10293
MISC
jenkins -- jenkinsA cross-site request forgery vulnerability in Jenkins Kmap Plugin in KmapJenkinsBuilder.DescriptorImpl form validation methods allows attackers to initiate a connection to an attacker-specified server.2019-04-04not yet calculatedCVE-2019-10292
MISC
jenkins -- jenkinsA cross-site request forgery vulnerability in Jenkins Zephyr Enterprise Test Management Plugin in the ZeeDescriptor#doTestConnection form validation method allows attackers to initiate a connection to an attacker-specified server.2019-04-04not yet calculatedCVE-2019-1003084
MISC
jenkins -- jenkinsJenkins Netsparker Cloud Scan Plugin 1.1.5 and older stored credentials unencrypted in its global configuration file on the Jenkins master where they could be viewed by users with access to the master file system.2019-04-04not yet calculatedCVE-2019-10291
MISC
jenkins -- jenkinsA missing permission check in Jenkins Netsparker Cloud Scan Plugin 1.1.5 and older in the NCScanBuilder.DescriptorImpl#doValidateAPI form validation method allowed attackers with Overall/Read permission to initiate a connection to an attacker-specified server.2019-04-04not yet calculatedCVE-2019-10290
MISC
jenkins -- jenkinsA cross-site request forgery vulnerability in Jenkins Netsparker Cloud Scan Plugin 1.1.5 and older in the NCScanBuilder.DescriptorImpl#doValidateAPI form validation method allowed attackers to initiate a connection to an attacker-specified server.2019-04-04not yet calculatedCVE-2019-10289
MISC
jenkins -- jenkinsJenkins youtrack-plugin Plugin 0.7.1 and older stored credentials unencrypted in its global configuration file on the Jenkins master where they could be viewed by users with access to the master file system.2019-04-04not yet calculatedCVE-2019-10287
MISC
jenkins -- jenkinsA cross-site request forgery vulnerability in Jenkins jenkins-reviewbot Plugin in the ReviewboardDescriptor#doTestConnection form validation method allows attackers to initiate a connection to an attacker-specified server.2019-04-04not yet calculatedCVE-2019-10278
MISC
jenkins -- jenkinsJenkins DeployHub Plugin stores credentials unencrypted in job config.xml files on the Jenkins master where they can be viewed by users with Extended Read permission, or access to the master file system.2019-04-04not yet calculatedCVE-2019-10286
MISC
jenkins -- jenkinsJenkins Minio Storage Plugin stores credentials unencrypted in its global configuration file on the Jenkins master where they can be viewed by users with access to the master file system.2019-04-04not yet calculatedCVE-2019-10285
MISC
jenkins -- jenkinsJenkins Diawi Upload Plugin stores credentials unencrypted in job config.xml files on the Jenkins master where they can be viewed by users with Extended Read permission, or access to the master file system.2019-04-04not yet calculatedCVE-2019-10284
MISC
jenkins -- jenkinsJenkins mabl Plugin stores credentials unencrypted in job config.xml files on the Jenkins master where they can be viewed by users with Extended Read permission, or access to the master file system.2019-04-04not yet calculatedCVE-2019-10283
MISC
jenkins -- jenkinsJenkins Klaros-Testmanagement Plugin stores credentials unencrypted in job config.xml files on the Jenkins master where they can be viewed by users with Extended Read permission, or access to the master file system.2019-04-04not yet calculatedCVE-2019-10282
MISC
jenkins -- jenkinsJenkins Relution Enterprise Appstore Publisher Plugin stores credentials unencrypted in its global configuration file on the Jenkins master where they can be viewed by users with access to the master file system.2019-04-04not yet calculatedCVE-2019-10281
MISC
jenkins -- jenkinsJenkins Assembla Auth Plugin stores credentials unencrypted in the global config.xml configuration file on the Jenkins master where they can be viewed by users with access to the master file system.2019-04-04not yet calculatedCVE-2019-10280
MISC
jenkins -- jenkinsA missing permission check in Jenkins jenkins-reviewbot Plugin in the ReviewboardDescriptor#doTestConnection form validation method allows attackers with Overall/Read permission to initiate a connection to an attacker-specified server.2019-04-04not yet calculatedCVE-2019-10279
MISC
jenkins -- jenkinsA missing permission check in Jenkins Zephyr Enterprise Test Management Plugin in the ZeeDescriptor#doTestConnection form validation method allows attackers with Overall/Read permission to initiate a connection to an attacker-specified server.2019-04-04not yet calculatedCVE-2019-1003085
MISC
jenkins -- jenkinsJenkins Bugzilla Plugin stores credentials unencrypted in its global configuration file on the Jenkins master where they can be viewed by users with access to the master file system.2019-04-04not yet calculatedCVE-2019-1003066
MISC
jenkins -- jenkinsA missing permission check in Jenkins Gearman Plugin in the GearmanPluginConfig#doTestConnection form validation method allows attackers with Overall/Read permission to initiate a connection to an attacker-specified server.2019-04-04not yet calculatedCVE-2019-1003083
MISC
jenkins -- jenkinsJenkins Bitbucket Approve Plugin stores credentials unencrypted in its global configuration file on the Jenkins master where they can be viewed by users with access to the master file system.2019-04-04not yet calculatedCVE-2019-1003057
MISC
jenkins -- jenkinsJenkins Amazon SNS Build Notifier Plugin stores credentials unencrypted in its global configuration file on the Jenkins master where they can be viewed by users with access to the master file system.2019-04-04not yet calculatedCVE-2019-1003063
MISC
jenkins -- jenkinsJenkins AWS CloudWatch Logs Publisher Plugin stores credentials unencrypted in its global configuration file on the Jenkins master where they can be viewed by users with access to the master file system.2019-04-04not yet calculatedCVE-2019-1003062
MISC
jenkins -- jenkinsJenkins jenkins-cloudformation-plugin Plugin stores credentials unencrypted in job config.xml files on the Jenkins master where they can be viewed by users with Extended Read permission, or access to the master file system.2019-04-04not yet calculatedCVE-2019-1003061
MISC
jenkins -- jenkinsJenkins Official OWASP ZAP Plugin stores credentials unencrypted in its global configuration file on the Jenkins master where they can be viewed by users with access to the master file system.2019-04-04not yet calculatedCVE-2019-1003060
MISC
jenkins -- jenkinsA missing permission check in Jenkins FTP publisher Plugin in the FTPPublisher.DescriptorImpl#doLoginCheck method allows attackers with Overall/Read permission to initiate a connection to an attacker-specified server.2019-04-04not yet calculatedCVE-2019-1003059
MISC
jenkins -- jenkinsA cross-site request forgery vulnerability in Jenkins FTP publisher Plugin in the FTPPublisher.DescriptorImpl#doLoginCheck method allows attackers to initiate a connection to an attacker-specified server.2019-04-04not yet calculatedCVE-2019-1003058
MISC
jenkins -- jenkinsJenkins WebSphere Deployer Plugin stores credentials unencrypted in job config.xml files on the Jenkins master where they can be viewed by users with Extended Read permission, or access to the master file system.2019-04-04not yet calculatedCVE-2019-1003056
MISC
jenkins -- jenkinsJenkins CloudShare Docker-Machine Plugin stores credentials unencrypted in its global configuration file on the Jenkins master where they can be viewed by users with access to the master file system.2019-04-04not yet calculatedCVE-2019-1003065
MISC
jenkins -- jenkinsJenkins FTP publisher Plugin stores credentials unencrypted in its global configuration file on the Jenkins master where they can be viewed by users with access to the master file system.2019-04-04not yet calculatedCVE-2019-1003055
MISC
jenkins -- jenkinsJenkins Jira Issue Updater Plugin stores credentials unencrypted in job config.xml files on the Jenkins master where they can be viewed by users with Extended Read permission, or access to the master file system.2019-04-04not yet calculatedCVE-2019-1003054
MISC
jenkins -- jenkinsJenkins HockeyApp Plugin stores credentials unencrypted in job config.xml files on the Jenkins master where they can be viewed by users with Extended Read permission, or access to the master file system.2019-04-04not yet calculatedCVE-2019-1003053
MISC
jenkins -- jenkinsJenkins AWS Elastic Beanstalk Publisher Plugin stores credentials unencrypted in its global configuration file on the Jenkins master where they can be viewed by users with access to the master file system.2019-04-04not yet calculatedCVE-2019-1003052
MISC
jenkins -- jenkinsJenkins IRC Plugin stores credentials unencrypted in its global configuration file on the Jenkins master where they can be viewed by users with access to the master file system.2019-04-04not yet calculatedCVE-2019-1003051
MISC
jenkins -- jenkinsJenkins CloudCoreo DeployTime Plugin stores credentials unencrypted in its global configuration file on the Jenkins master where they can be viewed by users with access to the master file system.2019-04-04not yet calculatedCVE-2019-10299
MISC
jenkins -- jenkinsA cross-site request forgery vulnerability in Jenkins Gearman Plugin in the GearmanPluginConfig#doTestConnection form validation method allows attackers to initiate a connection to an attacker-specified server.2019-04-04not yet calculatedCVE-2019-1003082
MISC
jenkins -- jenkinsJenkins aws-device-farm Plugin stores credentials unencrypted in its global configuration file on the Jenkins master where they can be viewed by users with access to the master file system.2019-04-04not yet calculatedCVE-2019-1003064
MISC
jenkins -- jenkinsJenkins Serena SRA Deploy Plugin stores credentials unencrypted in its global configuration file on the Jenkins master where they can be viewed by users with access to the master file system.2019-04-04not yet calculatedCVE-2019-10296
MISC
jenkins -- jenkinsJenkins Audit to Database Plugin stores credentials unencrypted in its global configuration file on the Jenkins master where they can be viewed by users with access to the master file system.2019-04-04not yet calculatedCVE-2019-1003075
MISC
jenkins -- jenkinsA missing permission check in Jenkins OpenShift Deployer Plugin in the DeployApplication.DeployApplicationDescriptor#doCheckLogin form validation method allows attackers with Overall/Read permission to initiate a connection to an attacker-specified server.2019-04-04not yet calculatedCVE-2019-1003081
MISC
jenkins -- jenkinsA cross-site request forgery vulnerability in Jenkins OpenShift Deployer Plugin in the DeployApplication.DeployApplicationDescriptor#doCheckLogin form validation method allows attackers to initiate a connection to an attacker-specified server.2019-04-04not yet calculatedCVE-2019-1003080
MISC
jenkins -- jenkinsA missing permission check in Jenkins VMware Lab Manager Slaves Plugin in the LabManager.DescriptorImpl#doTestConnection form validation method allows attackers with Overall/Read permission to initiate a connection to an attacker-specified server.2019-04-04not yet calculatedCVE-2019-1003079
MISC
jenkins -- jenkinsA cross-site request forgery vulnerability in Jenkins VMware Lab Manager Slaves Plugin in the LabManager.DescriptorImpl#doTestConnection form validation method allows attackers to initiate a connection to an attacker-specified server.2019-04-04not yet calculatedCVE-2019-1003078
MISC
jenkins -- jenkinsA missing permission check in Jenkins Audit to Database Plugin in the DbAuditPublisherDescriptorImpl#doTestJdbcConnection form validation method allows attackers with Overall/Read permission to initiate a connection to an attacker-specified server.2019-04-04not yet calculatedCVE-2019-1003077
MISC
jenkins -- jenkinsJenkins Trac Publisher Plugin stores credentials unencrypted in job config.xml files on the Jenkins master where they can be viewed by users with Extended Read permission, or access to the master file system.2019-04-04not yet calculatedCVE-2019-1003067
MISC
jenkins -- jenkinsA cross-site request forgery vulnerability in Jenkins Audit to Database Plugin in the DbAuditPublisherDescriptorImpl#doTestJdbcConnection form validation method allows attackers to initiate a connection to an attacker-specified server.2019-04-04not yet calculatedCVE-2019-1003076
MISC
jenkins -- jenkinsJenkins Hyper.sh Commons Plugin stores credentials unencrypted in its global configuration file on the Jenkins master where they can be viewed by users with access to the master file system.2019-04-04not yet calculatedCVE-2019-1003074
MISC
jenkins -- jenkinsJenkins VS Team Services Continuous Deployment Plugin stores credentials unencrypted in job config.xml files on the Jenkins master where they can be viewed by users with Extended Read permission, or access to the master file system.2019-04-04not yet calculatedCVE-2019-1003073
MISC
jenkins -- jenkinsJenkins WildFly Deployer Plugin stores credentials unencrypted in job config.xml files on the Jenkins master where they can be viewed by users with Extended Read permission, or access to the master file system.2019-04-04not yet calculatedCVE-2019-1003072
MISC
jenkins -- jenkinsJenkins OctopusDeploy Plugin stores credentials unencrypted in its global configuration file on the Jenkins master where they can be viewed by users with access to the master file system.2019-04-04not yet calculatedCVE-2019-1003071
MISC
jenkins -- jenkinsJenkins veracode-scanner Plugin stores credentials unencrypted in its global configuration file on the Jenkins master where they can be viewed by users with access to the master file system.2019-04-04not yet calculatedCVE-2019-1003070
MISC
jenkins -- jenkinsJenkins Aqua Security Scanner Plugin stores credentials unencrypted in its global configuration file on the Jenkins master where they can be viewed by users with access to the master file system.2019-04-04not yet calculatedCVE-2019-1003069
MISC
jenkins -- jenkinsJenkins VMware vRealize Automation Plugin stores credentials unencrypted in job config.xml files on the Jenkins master where they can be viewed by users with Extended Read permission, or access to the master file system.2019-04-04not yet calculatedCVE-2019-1003068
MISC
jenkins -- jenkinsJenkins crittercism-dsym Plugin stores credentials unencrypted in job config.xml files on the Jenkins master where they can be viewed by users with Extended Read permission, or access to the master file system.2019-04-04not yet calculatedCVE-2019-10295
MISC
kubernetes -- kubectlThe kubectl cp command allows copying files between containers and the user machine. To copy files from a container, Kubernetes creates a tar inside the container, copies it over the network, and kubectl unpacks it on the user?s machine. If the tar binary in the container is malicious, it could run any code and output unexpected, malicious results. An attacker could use this to write files to any path on the user?s machine when kubectl cp is called, limited only by the system permissions of the local user. The untar function can both create and follow symbolic links. The issue is resolved in kubectl v1.11.9, v1.12.7, v1.13.5, and v1.14.0.2019-04-01not yet calculatedCVE-2019-1002101
BID
MISC
kunbus -- pr100088_modbus_gatewayAn attacker could retrieve passwords from a HTTP GET request from the Kunbus PR100088 Modbus gateway versions prior to Release R02 (or Software Version 1.1.13166) if the attacker is in an MITM position.2019-04-02not yet calculatedCVE-2019-6531
MISC
libmysofa -- libmysofatreeRead in hdf/btree.c in libmysofa before 0.7 does not properly validate multiplications and additions.2019-03-31not yet calculatedCVE-2019-10672
MISC
MISC
MISC
libvirt -- libvirtAn incorrect permissions check was discovered in libvirt 4.8.0 and above. The readonly permission was allowed to invoke APIs depending on the guest agent, which could lead to potentially disclosing unintended information or denial of service by causing libvirt to block.2019-04-04not yet calculatedCVE-2019-3886
BID
CONFIRM
norton -- coreNorton Core prior to v278 may be susceptible to an arbitrary code execution issue, which is a type of vulnerability that has the potential of allowing an individual to execute arbitrary commands or code on a target machine or in a target process. Note that this exploit is only possible with direct physical access to the device.2019-03-29not yet calculatedCVE-2019-9695
BID
CONFIRM
nouveau_project -- nouveau_display_driverA remote denial-of-service vulnerability exists in the way the Nouveau Display Driver (the default Ubuntu Nvidia display driver) handles GPU shader execution. A specially crafted pixel shader can cause remote denial-of-service issues. An attacker can provide a specially crafted website to trigger this vulnerability. This vulnerability can be triggered remotely after the user visits a malformed website. No further user interaction is required. Vulnerable versions include Ubuntu 18.04 LTS (linux 4.15.0-29-generic x86_64), Nouveau Display Driver NV117 (vermagic: 4.15.0-29-generic SMP mod_unload).2019-04-01not yet calculatedCVE-2018-3979
CONFIRM
openstack -- neutronAn issue was discovered in OpenStack Neutron 11.x before 11.0.7, 12.x before 12.0.6, and 13.x before 13.0.3. By creating two security groups with separate/overlapping port ranges, an authenticated user may prevent Neutron from being able to configure networks on any compute nodes where those security groups are present, because of an Open vSwitch (OVS) firewall KeyError. All Neutron deployments utilizing neutron-openvswitch-agent are affected.2019-04-05not yet calculatedCVE-2019-10876
MISC
MISC
pallets -- jinjaIn Pallets Jinja before 2.10.1, str.format_map allows a sandbox escape.2019-04-06not yet calculatedCVE-2019-10906
MISC
parsedown -- parsedownParsedown before 1.7.2, when safe mode is used and HTML markup is disabled, might allow attackers to execute arbitrary JavaScript code if a script (already running on the affected page) executes the contents of any element with a specific class. This occurs because spaces are permitted in code block infostrings, which interferes with the intended behavior of a single class name beginning with the language- substring.2019-04-06not yet calculatedCVE-2019-10905
MISC
MISC
pimcore -- pimcoreAn issue was discovered in Pimcore before 5.7.1. An attacker with classes permission can send a POST request to /admin/class/bulk-commit, which will make it possible to exploit the unserialize function when passing untrusted values in the data parameter to bundles/AdminBundle/Controller/Admin/DataObject/ClassController.php.2019-04-04not yet calculatedCVE-2019-10867
MISC
MISC
pinterest -- ktlintUsing ktlint to download and execute custom rulesets can result in arbitrary code execution as the served jars can be compromised by a MITM. This attack is exploitable via Man in the Middle of the HTTP connection to the artifact servers. This vulnerability appears to have been fixed in 0.30.0 and later; after commit 5e547b287d6c260d328a2cb658dbe6b7a7ff2261.2019-04-02not yet calculatedCVE-2019-1010260
MISC
poppler -- popplerAn issue was discovered in Poppler 0.74.0. There is a NULL pointer dereference in the function SplashClip::clipAALine at splash/SplashClip.cc.2019-04-05not yet calculatedCVE-2019-10873
MISC
poppler -- popplerAn issue was discovered in Poppler 0.74.0. There is a heap-based buffer over-read in the function Splash::blitTransparent at splash/Splash.cc.2019-04-05not yet calculatedCVE-2019-10872
MISC
poppler -- popplerAn issue was discovered in Poppler 0.74.0. There is a heap-based buffer over-read in the function PSOutputDev::checkPageSlice at PSOutputDev.cc.2019-04-05not yet calculatedCVE-2019-10871
MISC
project_jupyter -- jupyter_notebookIn Jupyter Notebook before 5.7.8, an open redirect can occur via an empty netloc. This issue exists because of an incomplete fix for CVE-2019-10255.2019-04-04not yet calculatedCVE-2019-10856
MISC
MISC
rasberry_pi_foundation -- pi_3The ARM-based hardware debugging feature on Raspberry Pi 3 module B+ and possibly other devices allows non-secure EL1 code to read/write any EL3 (the highest privilege level in ARMv8) memory/register via inter-processor debugging. With a debug host processor A running in non-secure EL1 and a debug target processor B running in any privilege level, the debugging feature allows A to halt B and promote B to any privilege level. As a debug host, A has full control of B even if B owns a higher privilege level than A. Accordingly, A can read/write any EL3 memory/register via B. Also, with this memory access, A can execute arbitrary code in EL3.2019-04-04not yet calculatedCVE-2018-18068
MISC
MISC
rockwell_automation -- powerflex_525_ac_drivesRockwell Automation PowerFlex 525 AC Drives 5.001 and earlier allow remote attackers to cause a denial of service by crashing the Common Industrial Protocol (CIP) network stack. The vulnerability allows the attacker to crash the CIP in a way that it does not accept new connections, but keeps the current connections active, which can prevent legitimate users from recovering control.2019-04-04not yet calculatedCVE-2018-19282
MISC
MISC
rockwell_automation -- rslinx_classicA vulnerability was found in Rockwell Automation RSLinx Classic versions 4.10.00 and prior. An input validation issue in a .dll file of RSLinx Classic where the data in a Forward Open service request is passed to a fixed size buffer, allowing an attacker to exploit a stack-based buffer overflow condition.2019-04-04not yet calculatedCVE-2019-6553
MISC
roundup -- roundupRoundup 1.6 allows XSS via the URI because frontends/roundup.cgi and roundup/cgi/wsgi_handler.py mishandle 404 errors.2019-04-06not yet calculatedCVE-2019-10904
MLIST
MISC
MISC
MLIST
MISC
salesagility -- suitecrmAn XSS combined with CSRF vulnerability discovered in SalesAgility SuiteCRM 7.x before 7.8.24 and 7.10.x before 7.10.11 leads to cookie stealing, aka session hijacking. This issue affects the "add dashboard pages" feature where users can receive a malicious attack through a phished URL, with script executed.2019-04-05not yet calculatedCVE-2018-20816
MISC
MISC
MISC
salicru -- slc-20-cube3(5)_devicesA reflected HTML injection vulnerability on Salicru SLC-20-cube3(5) devices running firmware version cs121-SNMP v4.54.82.130611 allows remote attackers to inject arbitrary HTML elements via a /DataLog.csv?log= or /AlarmLog.csv?log= or /waitlog.cgi?name= or /chart.shtml?data= or /createlog.cgi?name= request.2019-04-05not yet calculatedCVE-2019-10887
MISC
shibboleth -- identity_provider_and_opensaml_javaThe (1) HttpResource and (2) FileBackedHttpResource implementations in Shibboleth Identity Provider (IdP) before 2.4.1 and OpenSAML Java 2.6.2 do not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate.2019-04-04not yet calculatedCVE-2014-3603
SECUNIA
CONFIRM
CONFIRM
sonicwall -- sonicos_and_sonicosvA vulnerability in SonicWall SonicOS and SonicOSv TLS CBC Cipher allow remote attackers to obtain sensitive plaintext data when CBC cipher suites are enabled. This vulnerability affected SonicOS Gen 5 version 5.9.1.10 and earlier, Gen 6 version 6.2.7.3, 6.5.1.3, 6.5.2.2, 6.5.3.1, 6.2.7.8, 6.4.0.0, 6.5.1.8, 6.0.5.3-86o and SonicOSv 6.5.0.2-8v_RC363 (VMWARE), 6.5.0.2.8v_RC367 (AZURE), SonicOSv 6.5.0.2.8v_RC368 (AWS), SonicOSv 6.5.0.2.8v_RC366 (HYPER_V).2019-04-02not yet calculatedCVE-2019-7477
CONFIRM
sonicwall -- sonicos_and_sonicosvA vulnerability in SonicWall SonicOS and SonicOSv with management enabled system on specific configuration allow unprivileged user to access advanced routing services. This vulnerability affected SonicOS Gen 5 version 5.9.1.10 and earlier, Gen 6 version 6.2.7.3, 6.5.1.3, 6.5.2.2, 6.5.3.1, 6.2.7.8, 6.4.0.0, 6.5.1.8, 6.0.5.3-86o and SonicOSv 6.5.0.2-8v_RC363 (VMWARE), 6.5.0.2.8v_RC367 (AZURE), SonicOSv 6.5.0.2.8v_RC368 (AWS), SonicOSv 6.5.0.2.8v_RC366 (HYPER_V).2019-04-02not yet calculatedCVE-2019-7475
CONFIRM
sonicwall -- sonicos_and_sonicosvA vulnerability in SonicWall SonicOS and SonicOSv, allow authenticated read-only admin to leave the firewall in an unstable state by downloading certificate with specific extension. This vulnerability affected SonicOS Gen 5 version 5.9.1.10 and earlier, Gen 6 version 6.2.7.3, 6.5.1.3, 6.5.2.2, 6.5.3.1, 6.2.7.8, 6.4.0.0, 6.5.1.8, 6.0.5.3-86o and SonicOSv 6.5.0.2-8v_RC363 (VMWARE), 6.5.0.2.8v_RC367 (AZURE), SonicOSv 6.5.0.2.8v_RC368 (AWS), SonicOSv 6.5.0.2.8v_RC366 (HYPER_V).2019-04-02not yet calculatedCVE-2019-7474
CONFIRM
sqlite -- sqliteSQLite 3.25.2, when queries are run on a table with a malformed PRIMARY KEY, allows remote attackers to cause a denial of service (application crash) by leveraging the ability to run arbitrary SQL statements (such as in certain WebSQL use cases).2019-04-03not yet calculatedCVE-2018-20505
MISC
MISC
MISC
MISC
MISC
MISC
MISC
MISC
MISC
MISC
MISC
MISC
MISC
MISC
MISC
MISC
MISC
MISC
MISC
MISC
sqlite -- sqlite
 
SQLite before 3.25.3, when the FTS3 extension is enabled, encounters an integer overflow (and resultant buffer overflow) for FTS3 queries in a "merge" operation that occurs after crafted changes to FTS3 shadow tables, allowing remote attackers to execute arbitrary code by leveraging the ability to run arbitrary SQL statements (such as in certain WebSQL use cases). This is a different vulnerability than CVE-2018-20346.2019-04-03not yet calculatedCVE-2018-20506
MISC
MISC
MISC
MISC
MISC
MISC
MISC
MISC
MISC
MISC
MISC
MISC
MISC
MISC
MISC
MISC
MISC
MISC
MISC
MISC
synology -- android_momentsChannel accessible by non-endpoint vulnerability in privacy page in Synology Android Moments before 1.2.3-199 allows man-in-the-middle attackers to execute arbitrary code via unspecified vectors.2019-04-01not yet calculatedCVE-2018-13298
CONFIRM
synology -- application_serviceInformation exposure vulnerability in SYNO.Personal.Profile in Synology Application Service before 1.5.4-0320 allows remote authenticated users to obtain sensitive system information via the uid parameter.2019-04-01not yet calculatedCVE-2018-13294
CONFIRM
synology -- application_serviceInformation exposure vulnerability in SYNO.Personal.Application.Info in Synology Application Service before 1.5.4-0320 allows remote authenticated users to obtain sensitive system information via the version parameter.2019-04-01not yet calculatedCVE-2018-13295
CONFIRM
synology -- diskstation_managerInformation exposure vulnerability in /usr/syno/etc/mount.conf in Synology DiskStation Manager (DSM) before 6.2.1-23824 allows remote authenticated users to obtain sensitive information via the world readable configuration.2019-04-01not yet calculatedCVE-2018-13291
CONFIRM
synology -- diskstation_managerCross-site scripting (XSS) vulnerability in Control Panel SSO Settings in Synology DiskStation Manager (DSM) before 6.2.1-23824 allows remote authenticated users to inject arbitrary web script or HTML via the URL parameter.2019-04-01not yet calculatedCVE-2018-13293
CONFIRM
synology -- diskstation_managerCross-site scripting (XSS) vulnerability in SYNO.Core.PersonalNotification.Event in Synology DiskStation Manager (DSM) before 6.1.4-15217-3 allows remote authenticated users to inject arbitrary web script or HTML via the package parameter.2019-04-01not yet calculatedCVE-2017-16774
CONFIRM
synology -- diskstation_managerCommand injection vulnerability in ftpd in Synology Diskstation Manager (DSM) before 6.2-23739-1 allows remote authenticated users to execute arbitrary OS commands via the (1) MKD or (2) RMD command.2019-04-01not yet calculatedCVE-2018-13284
CONFIRM
synology -- diskstation_managerIncorrect default permissions vulnerability in synouser.conf in Synology Diskstation Manager (DSM) before 6.2-23739-1 allows remote authenticated users to obtain sensitive information via the world readable configuration.2019-04-01not yet calculatedCVE-2018-13286
CONFIRM
synology -- router_managerInformation exposure vulnerability in SYNO.Core.ACL in Synology Router Manager (SRM) before 1.1.7-6941-2 allows remote authenticated users to determine the existence of files or obtain sensitive information of files via the file_path parameter.2019-04-01not yet calculatedCVE-2018-13290
CONFIRM
synology -- router_managerCommand injection vulnerability in ftpd in Synology Router Manager (SRM) before 1.1.7-6941-1 allows remote authenticated users to execute arbitrary OS commands via the (1) MKD or (2) RMD command.2019-04-01not yet calculatedCVE-2018-13285
CONFIRM
synology -- router_managerIncorrect default permissions vulnerability in synouser.conf in Synology Router Manager (SRM) before 1.1.7-6941-1 allows remote authenticated users to obtain sensitive information via the world readable configuration.2019-04-01not yet calculatedCVE-2018-13287
CONFIRM
synology -- router_managerInformation exposure vulnerability in /usr/syno/etc/mount.conf in Synology Router Manager (SRM) before 1.1.7-6941-2 allows remote authenticated users to obtain sensitive information via the world readable configuration.2019-04-01not yet calculatedCVE-2018-13292
CONFIRM
synology -- router_managerInformation exposure vulnerability in SYNO.FolderSharing.List in Synology Router Manager (SRM) before 1.1.7-6941-2 allows remote attackers to obtain sensitive information via the (1) folder_path or (2) real_path parameter.2019-04-01not yet calculatedCVE-2018-13289
CONFIRM
synology -- sso_serverImproper restriction of rendered UI layers or frames vulnerability in SSOOauth.cgi in Synology SSO Server before 2.1.3-0129 allows remote attackers to conduct clickjacking attacks via unspecified vectors.2019-04-01not yet calculatedCVE-2017-16775
CONFIRM
synology -- web_stationMissing custom error page vulnerability in Synology Web Station before 2.1.3-0139 allows remote attackers to conduct phishing attacks via a crafted URL.2019-04-01not yet calculatedCVE-2018-8913
CONFIRM
teemip -- teemipA command injection vulnerability exists in TeemIp versions before 2.4.0. The new_config parameter of exec.php allows one to create a new PHP file with the exception of config information. The malicious PHP code sent is executed instantaneously and is not saved on the server.2019-04-04not yet calculatedCVE-2019-10863
MISC
MISC
trend_micro -- apex_one_and_officescan_and_worry-free_business_securityA directory traversal vulnerability in Trend Micro Apex One, OfficeScan (versions XG and 11.0), and Worry-Free Business Security (versions 10.0, 9.5 and 9.0) could allow an attacker to modify arbitrary files on the affected product's management console.2019-04-05not yet calculatedCVE-2019-9489
CONFIRM
trend_micro -- interscan_web_security_virtual_applianceA vulnerability in Trend Micro InterScan Web Security Virtual Appliance version 6.5 SP2 could allow an non-authorized user to disclose administrative credentials. An attacker must be an authenticated user in order to exploit the vulnerability.2019-04-05not yet calculatedCVE-2019-9490
CONFIRM
tryton -- trytonIn trytond/model/modelstorage.py in Tryton 4.2 before 4.2.21, 4.4 before 4.4.19, 4.6 before 4.6.14, 4.8 before 4.8.10, and 5.0 before 5.0.6, an authenticated user can order records based on a field for which he has no access right. This may allow the user to guess values.2019-04-04not yet calculatedCVE-2019-10868
MISC
MISC
BUGTRAQ
DEBIAN
uniqkey -- password_manager Uniqkey Password Manager 1.14 contains a vulnerability because it fails to recognize the difference between domains and sub-domains. The vulnerability means that passwords saved for example.com will be recommended for usersite.example.com. This could lead to successful phishing campaigns and create a sense of false security.2019-04-05not yet calculatedCVE-2019-10884
MISC
vmware -- esxi_and_workstation_and_fusionVMware ESXi (6.7 before ESXi670-201903001, 6.5 before ESXi650-201903001, 6.0 before ESXi600-201903001), Workstation (15.x before 15.0.4, 14.x before 14.1.7), Fusion (11.x before 11.0.3, 10.x before 10.1.6) contain an out-of-bounds read/write vulnerability in the virtual USB 1.1 UHCI (Universal Host Controller Interface). Exploitation of this issue requires an attacker to have access to a virtual machine with a virtual USB controller present. This issue may allow a guest to execute code on the host.2019-04-01not yet calculatedCVE-2019-5518
MISC
CONFIRM
vmware -- esxi_and_workstation_and_fusionVMware ESXi (6.7 before ESXi670-201903001, 6.5 before ESXi650-201903001, 6.0 before ESXi600-201903001), Workstation (15.x before 15.0.4, 14.x before 14.1.7), Fusion (11.x before 11.0.3, 10.x before 10.1.6) contain a Time-of-check Time-of-use (TOCTOU) vulnerability in the virtual USB 1.1 UHCI (Universal Host Controller Interface). Exploitation of this issue requires an attacker to have access to a virtual machine with a virtual USB controller present. This issue may allow a guest to execute code on the host.2019-04-01not yet calculatedCVE-2019-5519
MISC
CONFIRM
vmware -- fusionVMware VMware Fusion (11.x before 11.0.3) contains a security vulnerability due to certain unauthenticated APIs accessible through a web socket. An attacker may exploit this issue by tricking the host user to execute a JavaScript to perform unauthorized functions on the guest machine where VMware Tools is installed. This may further be exploited to execute commands on the guest machines.2019-04-01not yet calculatedCVE-2019-5514
MISC
BID
CONFIRM
vmware -- vcloud_director_for_service_providers
 
VMware vCloud Director for Service Providers 9.5.x prior to 9.5.0.3 update resolves a Remote Session Hijack vulnerability in the Tenant and Provider Portals. Successful exploitation of this issue may allow a malicious actor to access the Tenant or Provider Portals by impersonating a currently logged in session.2019-04-01not yet calculatedCVE-2019-5523
MISC
BID
CONFIRM
vmware -- workstation_and_fusioinVMware Workstation (15.x before 15.0.3, 14.x before 14.1.6) and Fusion (11.x before 11.0.3, 10.x before 10.1.6) updates address an out-of-bounds write vulnerability in the e1000 and e1000e virtual network adapters. Exploitation of this issue may lead to code execution on the host from the guest but it is more likely to result in a denial of service of the guest.2019-04-02not yet calculatedCVE-2019-5515
MISC
BID
CONFIRM
MISC
vmware -- workstation_and_fusionVMware Workstation (14.x before 14.1.6) and Fusion (10.x before 10.1.6) contain an out-of-bounds write vulnerability in the e1000 virtual network adapter. This issue may allow a guest to execute code on the host.2019-04-02not yet calculatedCVE-2019-5524
MISC
BID
CONFIRM
wordpress -- wordpresspub/sns.php in the W3 Total Cache plugin before 0.9.4 for WordPress allows remote attackers to read arbitrary files via the SubscribeURL field in SubscriptionConfirmation JSON data.2019-04-01not yet calculatedCVE-2019-6715
MISC
wordpress -- wordpressIn the wp-google-maps plugin before 7.11.18 for WordPress, includes/class.rest-api.php in the REST API does not sanitize field names before a SELECT statement.2019-04-02not yet calculatedCVE-2019-10692
MISC
MISC
xiaomi -- mi_browserA URL spoofing vulnerability was found in all international versions of Xiaomi Mi browser 10.5.6-g (aka the MIUI native browser) and Mint Browser 1.5.3 due to the way they handle the "q" query parameter. The portion of an https URL before the ?q= substring is not shown to the user.2019-04-05not yet calculatedCVE-2019-10875
MISC
MISC
MISC
zoho -- manageengine_servicedesk_plusInformation leakage vulnerability in the /mc login page in ManageEngine ServiceDesk Plus 9.3 software allows authenticated users to enumerate active users. Due to a flaw within the way the authentication is handled, an attacker is able to login and verify any active account.2019-04-04not yet calculatedCVE-2019-10273
MISC
Back to top

This product is provided subject to this Notification and this Privacy & Use policy.

Was this document helpful?  Yes  |  Somewhat  |  No

Back to Top