Uncategorized CVEs — 2018 (Page 6/19)

2018-09-03

High

CVE-2018-16398

In Twistlock AuthZ Broker 0.1, regular expressions are mishandled, as demonstrated by containers/aa/pause?aaa=\/start to bypass a policy in which "docker start" is allowed but "docker pause" is not a…

CVSS: 7.5CWE: N/A

Medium

CVE-2018-16369

XRef::fetch in XRef.cc in Xpdf 4.00 allows remote attackers to cause a denial of service (stack consumption) via a crafted pdf file, related to AcroForm::scanField, as demonstrated by pdftohtml. NOTE…

CVSS: 5.5CWE: N/A

2018-09-02

Medium

CVE-2018-16359

Google gVisor before 2018-08-23, within the seccomp sandbox, permits access to the renameat system call, which allows attackers to rename files on the host OS.

CVSS: 6.8CWE: N/A

2018-08-31

Medium

CVE-2018-6258

NVIDIA GeForce Experience all versions prior to 3.14.1 contains a potential vulnerability during GameStream installation where an attacker who has system access can potentially conduct a Man-in-the-M…

CVSS: 4.7CWE: N/A

High

CVE-2018-6257

NVIDIA GeForce Experience all versions prior to 3.14.1 contains a potential vulnerability when GameStream is enabled where improper access control may lead to a denial of service, escalation of privi…

CVSS: 7.0CWE: N/A

2018-08-30

High

CVE-2018-15480

An issue was discovered in myStrom WiFi Switch V1 before 2.66, WiFi Switch V2 before 3.80, WiFi Switch EU before 3.80, WiFi Bulb before 2.58, WiFi LED Strip before 3.80, WiFi Button before 2.73, and…

CVSS: 8.8CWE: N/A

High

CVE-2018-14900

On EPSON WF-2750 printers with firmware JP02I2, there is no filtering of print jobs. Remote attackers can send print jobs directly to the printer via TCP port 9100.

CVSS: 7.5CWE: CWE-417

Medium

CVE-2018-16157

waimai Super Cms 20150505 has a logic flaw allowing attackers to modify a price, before form submission, by observing data in a packet capture. By setting the index.php?m=cart&a=save item_totals para…

CVSS: 5.3CWE: N/A

High

CVE-2018-16057

In Wireshark 2.6.0 to 2.6.2, 2.4.0 to 2.4.8, and 2.2.0 to 2.2.16, the Radiotap dissector could crash. This was addressed in epan/dissectors/packet-ieee80211-radiotap-iter.c by validating iterator ope…

CVSS: 7.5CWE: N/A

High

CVE-2018-16056

In Wireshark 2.6.0 to 2.6.2, 2.4.0 to 2.4.8, and 2.2.0 to 2.2.16, the Bluetooth Attribute Protocol dissector could crash. This was addressed in epan/dissectors/packet-btatt.c by verifying that a diss…

CVSS: 7.5CWE: N/A

2018-08-29

Medium

CVE-2018-6597

The Alcatel A30 device with a build fingerprint of TCL/5046G/MICKEY6US:7.0/NRD90M/J63:user/release-keys contains a hidden privilege escalation capability to achieve command execution as the root user…

CVSS: 6.8CWE: N/A

Medium

CVE-2018-15746

qemu-seccomp.c in QEMU might allow local OS guest users to cause a denial of service (guest crash) by leveraging mishandling of the seccomp policy for threads other than the main thread.

CVSS: 5.5CWE: N/A

High

CVE-2018-14768

Various VIVOTEK FD8*, FD9*, FE9*, IB8*, IB9*, IP9*, IZ9*, MS9*, SD9*, and other devices before XXXXXX-VVTK-xx06a allow remote attackers to execute arbitrary code.

CVSS: 8.8CWE: N/A

Critical

CVE-2018-12828

Adobe Flash Player 30.0.0.134 and earlier have a "use of a component with a known vulnerability" vulnerability. Successful exploitation could lead to privilege escalation.

CVSS: 9.8CWE: N/A

Critical

CVE-2018-12825

Adobe Flash Player 30.0.0.134 and earlier have a security bypass vulnerability. Successful exploitation could lead to security mitigation bypass.

CVSS: 9.8CWE: N/A

High

CVE-2018-15881

An issue was discovered in Joomla! before 3.8.12. Inadequate checks regarding disabled fields can lead to an ACL violation.

CVSS: 7.5CWE: N/A

2018-08-28

Medium

CVE-2017-15430

Insufficient data validation in Chromecast plugin in Google Chrome prior to 63.0.3239.84 allowed a remote attacker to inject arbitrary scripts or HTML (UXSS) via a crafted HTML page.

CVSS: 4.3CWE: N/A

Medium

CVE-2017-15423

Inappropriate implementation in BoringSSL SPAKE2 in Google Chrome prior to 63.0.3239.84 allowed a remote attacker to leak the low-order bits of SHA512(password) by inspecting protocol traffic.

CVSS: 5.3CWE: CWE-310

Medium

CVE-2014-6050

phpMyFAQ before 2.8.13 allows remote attackers to bypass the CAPTCHA protection mechanism by replaying the request.

CVSS: 5.3CWE: CWE-254

Medium

CVE-2014-6047

phpMyFAQ before 2.8.13 allows remote authenticated users with certain permissions to read arbitrary attachments by leveraging incorrect "download an attachment" permission checks.

CVSS: 5.3CWE: CWE-275

2018-08-27

High

CVE-2018-15908

In Artifex Ghostscript 9.23 before 2018-08-23, attackers are able to supply malicious PostScript files to bypass .tempfile restrictions and write files.

CVSS: 7.8CWE: N/A

2018-08-24

High

CVE-2017-12573

An issue was discovered on PLANEX CS-W50HD devices with firmware before 030720. The device has a command-injection vulnerability in the web management UI on NAS settings page "/cgi-bin/nasset.cgi". A…

CVSS: 8.8CWE: N/A

Critical

CVE-2018-11061

RSA NetWitness Platform versions prior to 11.1.0.2 and RSA Security Analytics versions prior to 10.6.6 are vulnerable to a server-side template injection vulnerability due to insecure configuration o…

CVSS: 9.1CWE: N/A

Critical

CVE-2018-1722

IBM Security Access Manager Appliance 9.0.4.0 and 9.0.5.0 could allow remote code execution when Advanced Access Control or Federation services are running. IBM X-Force ID: 147370.

CVSS: 10.0CWE: N/A

2018-08-23

Medium

CVE-2018-6558

The pam_fscrypt module in fscrypt before 0.2.4 may incorrectly restore primary and supplementary group IDs to the values associated with the root user, which allows attackers to gain privileges via a…

CVSS: 6.5CWE: N/A

High

CVE-2003-1605

curl 7.x before 7.10.7 sends CONNECT proxy credentials to the remote server.

CVSS: 7.5CWE: CWE-255

High

CVE-2018-15804

An issue was discovered in the MapR File System in MapR Converged Data Platform and MapR-XD 6.x and earlier. Under certain conditions, it is possible for MapR ticket credentials to become compromised…

CVSS: 8.8CWE: N/A

High

CVE-2018-3833

An exploitable firmware downgrade vulnerability exists in Insteon Hub running firmware version 1013. The firmware upgrade functionality, triggered via PubNub, retrieves signed firmware binaries using…

CVSS: 7.5CWE: N/A

2018-08-22

High

CVE-2018-11776

Apache Struts versions 2.3 to 2.3.34 and 2.5 to 2.5.16 suffer from possible Remote Code Execution when alwaysSelectFullNamespace is true (either by user or a plugin like Convention Plugin) and then:…

CVSS: 8.1CWE: N/A

2018-08-21

Medium

CVE-2018-15669

An issue was discovered in Bloop Airmail 3 3.5.9 for macOS. Its primary WebView instance implements "webView:decidePolicyForNavigationAction:request:frame:decisionListener:" such that requests from H…

CVSS: 5.3CWE: N/A

Medium

CVE-2018-15660

An issue was discovered in the Ola Money (aka com.olacabs.olamoney) application 1.9.0 for Android. If an attacker controls an application with accessibility permissions, then the attacker can read ce…

CVSS: 5.9CWE: N/A

Medium

CVE-2017-17305

Some Huawei Firewall products USG2205BSR V300R001C10SPC600; USG2220BSR V300R001C00; USG5120BSR V300R001C00; USG5150BSR V300R001C00 have a Bleichenbacher Oracle vulnerability in the IPSEC IKEv1 implem…

CVSS: 5.9CWE: CWE-310

2018-08-20

Medium

CVE-2018-14020

An issue was discovered in the Paymorrow module 1.0.0 before 1.0.2 and 2.0.0 before 2.0.1 for OXID eShop. An attacker can bypass delivery-address change detection if the payment module doesn't use eS…

CVSS: 5.3CWE: N/A

High

CVE-2018-14077

Wi2be SMART HP WMT R1.2.20_201400922 allows unauthorized remote attackers to backup the device configuration via a direct request to /Maintenance/configfile.cfg.

CVSS: 7.5CWE: N/A

Medium

CVE-2018-1000654

GNU Libtasn1-4.13 libtasn1-4.13 version libtasn1-4.13, libtasn1-4.12 contains a DoS, specifically CPU usage will reach 100% when running asn1Paser against the POC due to an issue in _asn1_expand_obje…

CVSS: 5.5CWE: N/A

Medium

CVE-2018-15572

The spectre_v2_select_mitigation function in arch/x86/kernel/cpu/bugs.c in the Linux kernel before 4.18.1 does not always fill RSB upon a context switch, which makes it easier for attackers to conduc…

CVSS: 6.5CWE: N/A

2018-08-17

High

CVE-2018-6622

An issue was discovered that affects all producers of BIOS firmware who make a certain realistic interpretation of an obscure portion of the Trusted Computing Group (TCG) Trusted Platform Module (TPM…

CVSS: 7.1CWE: N/A

High

CVE-2018-15359

An authenticated attacker with low privileges can use insecure sudo configuration to expand attack surface in Eltex ESP-200 firmware version 1.2.0.

CVSS: 8.8CWE: N/A

Medium

CVE-2018-15352

An attacker with low privileges can cause denial of service in Kraftway 24F2XG Router firmware version 3.5.30.1118.

CVSS: 6.5CWE: N/A

2018-08-15

Medium

CVE-2018-0415

A vulnerability in the implementation of Extensible Authentication Protocol over LAN (EAPOL) functionality in Cisco Small Business 100 Series Wireless Access Points and Cisco Small Business 300 Serie…

CVSS: 6.8CWE: CWE-388

Medium

CVE-2018-0412

A vulnerability in the implementation of Extensible Authentication Protocol over LAN (EAPOL) functionality in Cisco Small Business 100 Series Wireless Access Points and Cisco Small Business 300 Serie…

CVSS: 5.3CWE: CWE-310

High

CVE-2018-10512

A vulnerability in Trend Micro Control Manager (versions 6.0 and 7.0) could allow an attacker to manipulate a reverse proxy .dll on vulnerable installations, which may lead to a denial of server (DoS…

CVSS: 7.5CWE: N/A

Medium

CVE-2018-9129

ZyXEL ZyWALL/USG series devices have a Bleichenbacher vulnerability in their Internet Key Exchange (IKE) handshake implementation used for IPsec based VPN connections.

CVSS: 5.9CWE: N/A

Medium

CVE-2018-8753

The IKEv1 implementation in Clavister cOS Core before 11.00.11, 11.20.xx before 11.20.06, and 12.00.xx before 12.00.09 allows remote attackers to decrypt RSA-encrypted nonces by leveraging a Bleichen…

CVSS: 5.9CWE: N/A

High

CVE-2018-14722

An issue was discovered in evaluate_auto_mountpoint in btrfsmaintenance-functions in btrfsmaintenance through 0.4.1. Code execution as root can occur via a specially crafted filesystem label if btrfs…

CVSS: 8.1CWE: N/A

High

CVE-2018-8397

A remote code execution vulnerability exists in the way that the Windows Graphics Device Interface (GDI) handles objects in the memory, aka "GDI+ Remote Code Execution Vulnerability." This affects Wi…

CVSS: 8.8CWE: N/A

High

CVE-2018-8379

A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory, aka "Microsoft Excel Remote Code Execution Vulnerability." This…

CVSS: 7.8CWE: N/A

High

CVE-2018-8376

A remote code execution vulnerability exists in Microsoft PowerPoint software when the software fails to properly handle objects in memory, aka "Microsoft PowerPoint Remote Code Execution Vulnerabili…

CVSS: 8.8CWE: N/A

High

CVE-2018-8375

A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory, aka "Microsoft Excel Remote Code Execution Vulnerability." This…

CVSS: 7.8CWE: N/A

Medium

CVE-2018-8374

A tampering vulnerability exists when Microsoft Exchange Server fails to properly handle profile data, aka "Microsoft Exchange Server Tampering Vulnerability." This affects Microsoft Exchange Server.

CVSS: 4.3CWE: N/A

Medium

CVE-2018-8358

A security feature bypass vulnerability exists when Microsoft Edge improperly handles redirect requests, aka "Microsoft Edge Security Feature Bypass Vulnerability." This affects Microsoft Edge.

CVSS: 4.3CWE: N/A

High

CVE-2018-8357

An elevation of privilege vulnerability exists in Microsoft browsers allowing sandbox escape, aka "Microsoft Browser Elevation of Privilege Vulnerability." This affects Internet Explorer 11, Microsof…

CVSS: 8.3CWE: N/A

High

CVE-2018-8350

A remote code execution vulnerability exists when Microsoft Windows PDF Library improperly handles objects in memory, aka "Windows PDF Remote Code Execution Vulnerability." This affects Windows 10 Se…

CVSS: 8.8CWE: N/A

High

CVE-2018-8347

An elevation of privilege vulnerability exists in Microsoft Windows when the Windows kernel fails to properly handle parsing of certain symbolic links, aka "Windows Kernel Elevation of Privilege Vuln…

CVSS: 7.8CWE: N/A

Medium

CVE-2018-8340

A security feature bypass vulnerability exists when Active Directory Federation Services (AD FS) improperly handles multi-factor authentication requests, aka "AD FS Security Feature Bypass Vulnerabil…

CVSS: 6.5CWE: N/A

Medium

CVE-2018-8253

An elevation of privilege vulnerability exists when Microsoft Cortana allows arbitrary website browsing on the lockscreen, aka "Microsoft Cortana Elevation of Privilege Vulnerability." This affects W…

CVSS: 4.6CWE: N/A

Medium

CVE-2018-8204

A security feature bypass vulnerability exists in Device Guard that could allow an attacker to inject malicious code into a Windows PowerShell session, aka "Device Guard Code Integrity Policy Securit…

CVSS: 5.3CWE: N/A

Medium

CVE-2018-8200

A security feature bypass vulnerability exists in Device Guard that could allow an attacker to inject malicious code into a Windows PowerShell session, aka "Device Guard Code Integrity Policy Securit…

CVSS: 5.3CWE: N/A

High

CVE-2018-0952

An Elevation of Privilege vulnerability exists when Diagnostics Hub Standard Collector allows file creation in arbitrary locations, aka "Diagnostic Hub Standard Collector Elevation Of Privilege Vulne…

CVSS: 7.8CWE: N/A

2018-08-14

Medium

CVE-2018-3646

Systems with microprocessors utilizing speculative execution and address translations may allow unauthorized disclosure of information residing in the L1 data cache to an attacker with local user acc…

CVSS: 5.6CWE: N/A

Medium

CVE-2018-2448

Under certain conditions SAP SRM-MDM (CATALOG versions 3.0, 7.01, 7.02) utilities functionality allows an attacker to access information of user existence which would otherwise be restricted.

CVSS: 5.3CWE: N/A

High

CVE-2018-2446

Admin tools in SAP BusinessObjects Business Intelligence, versions 4.1, 4.2, allow an unauthenticated user to read sensitive information (server name), hence leading to an information disclosure.

CVSS: 7.5CWE: N/A

Medium

CVE-2018-2441

Under certain conditions the SAP Change and Transport System (ABAP), SAP KERNEL 32 NUC, SAP KERNEL 32 Unicode, SAP KERNEL 64 NUC, SAP KERNEL 64 Unicode 7.21, 7.21EXT, 7.22 and 7.22EXT; SAP KERNEL 7.2…

CVSS: 5.5CWE: N/A

Medium

CVE-2018-7100

A potential security vulnerability has been identified in HPE OfficeConnect 1810 Switch Series (HP 1810-24G - P.2.22 and previous versions, HP 1810-48G PK.1.34 and previous versions, HP 1810-8 v2 P.2…

CVSS: 5.5CWE: N/A

Medium

CVE-2018-7099

A security vulnerability was identified in 3PAR Service Processor (SP) prior to SP-4.4.0.GA-110(MU7). The vulnerability may be locally exploited to allow disclosure of privileged information.

CVSS: 5.5CWE: N/A

Critical

CVE-2018-7096

A security vulnerability was identified in 3PAR Service Processor (SP) prior to SP-4.4.0.GA-110(MU7). The vulnerability may be exploited remotely to allow code execution.

CVSS: 9.8CWE: N/A

Critical

CVE-2018-7095

A security vulnerability was identified in 3PAR Service Processor (SP) prior to SP-4.4.0.GA-110(MU7). The vulnerability may be exploited remotely to allow access restriction bypass.

CVSS: 9.8CWE: N/A

Medium

CVE-2018-7094

A security vulnerability was identified in 3PAR Service Processor (SP) prior to SP-5.0.0.0-22913(GA). The vulnerability may be exploited locally to allow disclosure of privileged information.

CVSS: 5.5CWE: N/A

High

CVE-2018-7093

A security vulnerability in HPE Integrated Lights-Out 3 prior to v1.90, iLO 4 prior to v2.60, iLO 5 prior to v1.30, Moonshot Chassis Manager firmware prior to v1.58, and Moonshot Component Pack prior…

CVSS: 8.6CWE: N/A

High

CVE-2018-7077

A security vulnerability in HPE XP P9000 Command View Advanced Edition (CVAE) Device Manager (DevMgr 8.5.0-00 and prior to 8.6.0-00), Configuration Manager (CM 8.5.0-00 and prior to 8.6.0-00) could b…

CVSS: 7.5CWE: N/A

2018-08-13

Critical

CVE-2018-15123

Insecure configuration storage in Zipato Zipabox Smart Home Controller BOARD REV - 1 with System Version -118 allows remote attacker perform new attack vectors and take under control device and smart…

CVSS: 9.8CWE: N/A

2018-08-10

Critical

CVE-2018-3110

A vulnerability was discovered in the Java VM component of Oracle Database Server. Supported versions that are affected are 11.2.0.4, 12.1.0.2, 12.2.0.1 and 18. Easily exploitable vulnerability allow…

CVSS: 9.9CWE: N/A

High

CVE-2018-13341

Crestron TSW-X60 all versions prior to 2.001.0037.001 and MC3 all versions prior to 1.502.0047.00, The passwords for special sudo accounts may be calculated using information accessible to those with…

CVSS: 8.8CWE: N/A

High

CVE-2018-11492

ASUS HG100 devices allow denial of service via an IPv4 packet flood.

CVSS: 7.5CWE: N/A

Low

CVE-2018-6556

lxc-user-nic when asked to delete a network interface will unconditionally open a user provided path. This code path may be used by an unprivileged user to check for the existence of a path which the…

CVSS: 3.3CWE: CWE-417

High

CVE-2018-6553

The CUPS AppArmor profile incorrectly confined the dnssd backend due to use of hard links. A local attacker could possibly use this issue to escape confinement. This flaw affects versions prior to 2.…

CVSS: 8.8CWE: N/A

Medium

CVE-2018-13390

Unauthenticated access to cloudtoken daemon on Linux via network from version 0.1.1 before version 0.1.24 allows attackers on the same subnet to gain temporary AWS credentials for the users' roles.

CVSS: 6.1CWE: N/A

High

CVE-2018-10769

The transferProxy and approveProxy functions of a smart contract implementation for SmartMesh (SMT), an Ethereum ERC20 token, allow attackers to accomplish an unauthorized transfer of digital assets…

CVSS: 7.5CWE: N/A

2018-08-08

High

CVE-2018-11769

CouchDB administrative users before 2.2.0 can configure the database server via HTTP(S). Due to insufficient validation of administrator-supplied configuration settings via the HTTP API, it is possib…

CVSS: 7.2CWE: N/A

High

CVE-2018-15173

Nmap through 7.70, when the -sV option is used, allows remote attackers to cause a denial of service (stack consumption and application crash) via a crafted TCP-based service.

CVSS: 7.5CWE: N/A

2018-08-06

Medium

CVE-2017-16653

An issue was discovered in Symfony before 2.7.38, 2.8.31, 3.2.14, 3.3.13, 3.4-BETA5, and 4.0-BETA5. The current implementation of CSRF protection in Symfony (Version >=2) does not use different token…

CVSS: 5.9CWE: N/A

High

CVE-2018-7078

A remote code execution was identified in HPE Integrated Lights-Out 4 (iLO 4) earlier than version v2.60 and HPE Integrated Lights-Out 5 (iLO 5) earlier than version v1.30.

CVSS: 7.2CWE: N/A

Critical

CVE-2018-7074

A remote code execution vulnerability was identified in HPE Intelligent Management Center (iMC) PLAT 7.3 E0506P07. The vulnerability was resolved in iMC PLAT 7.3 E0605P04 or subsequent version.

CVSS: 9.8CWE: N/A

High

CVE-2017-9001

Aruba ClearPass 6.6.3 and later includes a feature called "SSH Lockout", which causes ClearPass to lock accounts with too many login failures through SSH. When this feature is enabled, an unauthentic…

CVSS: 8.1CWE: N/A

Critical

CVE-2017-8992

HPE has identified a remote privilege escalation vulnerability in HPE CentralView Fraud Risk Management earlier than version CV 6.1. This issue is resolved in HF16 for HPE CV 6.1 or subsequent versio…

CVSS: 9.8CWE: N/A

Critical

CVE-2017-8990

A remote code execution vulnerability was identified in HPE Intelligent Management Center (iMC) Wireless Service Manager (WSM) Software earlier than version WSM 7.3 (E0506). This issue was resolved i…

CVSS: 9.8CWE: N/A

Critical

CVE-2017-8988

A Remote Bypass of Security Restrictions vulnerability was identified in HPE XP Command View Advanced Edition Software Earlier than 8.5.3-00. The vulnerability impacts DevMgr Earlier than 8.5.3-00 (f…

CVSS: 9.8CWE: N/A

High

CVE-2017-8987

A Unauthenticated Remote Denial of Service vulnerability was identified in HPE Integrated Lights-Out 3 (iLO 3) version v1.88 only. The vulnerability is resolved in iLO3 v1.89 or subsequent versions.

CVSS: 8.6CWE: N/A

High

CVE-2017-8968

A remote execution of arbitrary code vulnerability has been identified in HPE RESTful Interface Tool 1.5, 2.0 (hprest-1.5-79.x86_64.rpm, ilorest-2.0-403.x86_64.rpm). The issue is resolved in iLOREST…

CVSS: 7.8CWE: N/A

Critical

CVE-2017-6920

Drupal core 8 before versions 8.3.4 allows remote attackers to execute arbitrary code due to the PECL YAML parser not handling PHP objects safely during certain operations.

CVSS: 9.8CWE: CWE-19

Medium

CVE-2017-1755

IBM Security Identity Governance Virtual Appliance 5.2 through 5.2.3.2 could allow a local attacker to inject commands into malicious files that could be executed by the administrator. IBM X-Force ID…

CVSS: 6.5CWE: N/A

Medium

CVE-2017-1396

IBM Security Identity Governance Virtual Appliance 5.2 through 5.2.3.2 specifies permissions for a security-critical resource in a way that allows that resource to be read or modified by unintended a…

CVSS: 4.2CWE: CWE-275

2018-08-04

High

CVE-2018-14593

An issue was discovered in Open Ticket Request System (OTRS) 6.0.x through 6.0.9, 5.0.x through 5.0.28, and 4.0.x through 4.0.30. An attacker who is logged into OTRS as an agent may escalate their pr…

CVSS: 8.8CWE: N/A

2018-08-03

Medium

CVE-2018-14773

An issue was discovered in Http Foundation in Symfony 2.7.0 through 2.7.48, 2.8.0 through 2.8.43, 3.3.0 through 3.3.17, 3.4.0 through 3.4.13, 4.0.0 through 4.0.13, and 4.1.0 through 4.1.2. It arises…

CVSS: 6.5CWE: N/A

Medium

CVE-2018-14876

An issue was discovered in image_save_png in image/image-png.cpp in Free Lossless Image Format (FLIF) 0.3. Attackers can trigger a longjmp that leads to an uninitialized stack frame after a libpng er…

CVSS: 5.5CWE: N/A

2018-08-02

High

CVE-2018-1154

In SecurityCenter versions prior to 5.7.0, a username enumeration issue could allow an unauthenticated attacker to automate the discovery of username aliases via brute force, ultimately facilitating…

CVSS: 8.8CWE: N/A

Medium

CVE-2018-3109

Vulnerability in the Oracle Fusion Middleware MapViewer component of Oracle Fusion Middleware (subcomponent: Map Builder). Supported versions that are affected are 12.2.1.2 and 12.2.1.3. Easily explo…

CVSS: 6.5CWE: N/A

Medium

CVE-2018-3108

Vulnerability in the Oracle Fusion Middleware component of Oracle Fusion Middleware (subcomponent: Oracle Notification Service). Supported versions that are affected are 12.2.1.2 and 12.2.1.3. Diffic…

CVSS: 6.5CWE: N/A

Medium

CVE-2018-2933

Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: WLS Core Components). Supported versions that are affected are 10.3.6.0, 12.1.3.0, 12.2.1.2 and 12.2.1…

CVSS: 4.9CWE: N/A

2018-08-01

Medium

CVE-2018-0397

A vulnerability in Cisco AMP for Endpoints Mac Connector Software installed on Apple macOS 10.12 could allow an unauthenticated, remote attacker to cause a kernel panic on an affected system, resulti…

CVSS: 5.9CWE: CWE-399

High

CVE-2018-1595

IBM Spectrum Symphony and Platform Symphony 7.1.2 and 7.2.0.2 could allow an authenticated user to execute arbitrary commands due to improper handling of user supplied input. IBM X-Force ID: 143622.

CVSS: 8.8CWE: N/A

High

CVE-2018-3672

Driver module in Intel Smart Sound Technology before version 9.21.00.3541 potentially allows a local attacker to execute arbitrary code as administrator via a system calls.

CVSS: 8.8CWE: N/A

Medium

CVE-2018-3671

Escalation of privilege in Intel Saffron admin application before 11.4 allows an authenticated user to access unauthorized information.

CVSS: 5.7CWE: N/A

High

CVE-2018-3666

Driver module in Intel Smart Sound Technology before version 9.21.00.3541 potentially allows a local attacker to execute arbitrary code as administrator via a non-paged pool overflow.

CVSS: 8.8CWE: N/A

Medium

CVE-2018-3663

Escalation of privilege in Intel Saffron MemoryBase before 11.4 allows an authenticated user access to privileged information.

CVSS: 5.7CWE: N/A

High

CVE-2018-3662

Escalation of privilege in Intel Saffron MemoryBase before version 11.4 potentially allows an authorized user of the Saffron application to execute arbitrary code as root.

CVSS: 8.0CWE: N/A

Low

CVE-2016-8616

A flaw was found in curl before version 7.51.0 When re-using a connection, curl was doing case insensitive comparisons of user name and password with the existing connections. This means that if an u…

CVSS: 3.7CWE: CWE-592

2018-07-31

High

CVE-2016-8657

It was discovered that EAP packages in certain versions of Red Hat Enterprise Linux use incorrect permissions for /etc/sysconfig/jbossas configuration files. The file is writable to jboss group (root…

CVSS: 7.8CWE: CWE-264

High

CVE-2018-14533

read_tmp and write_tmp in Inteno IOPSYS allow attackers to gain privileges after writing to /tmp/etc/smb.conf because /var is a symlink to /tmp.

CVSS: 7.8CWE: N/A

Medium

CVE-2017-17174

Some Huawei products RSE6500 V500R002C00; SoftCo V200R003C20SPCb00; VP9660 V600R006C10; eSpace U1981 V100R001C20; V200R003C20; V200R003C30; V200R003C50 have a weak algorithm vulnerability. To exploit…

CVSS: 5.9CWE: CWE-310

2018-07-30

Medium

CVE-2018-10847

prosody before versions 0.10.2, 0.9.14 is vulnerable to an Authentication Bypass. Prosody did not verify that the virtual host associated with a user session remained the same across stream restarts.…

CVSS: 4.2CWE: CWE-592

High

CVE-2018-9064

In Lenovo xClarity Administrator versions earlier than 2.1.0, an authenticated LXCA user may abuse a web API debug call to retrieve the credentials for the System Manager user.

CVSS: 8.8CWE: N/A

2018-07-28

Medium

CVE-2018-0498

ARM mbed TLS before 2.12.0, before 2.7.5, and before 2.1.14 allows local users to achieve partial plaintext recovery (for a CBC based ciphersuite) via a cache-based side-channel attack.

CVSS: 4.7CWE: N/A

Medium

CVE-2018-0497

ARM mbed TLS before 2.12.0, before 2.7.5, and before 2.1.14 allows remote attackers to achieve partial plaintext recovery (for a CBC based ciphersuite) via a timing-based side-channel attack. This vu…

CVSS: 5.9CWE: N/A

2018-07-27

High

CVE-2017-2650

It was found that the use of Pipeline: Classpath Step Jenkins plugin enables a bypass of the Script Security sandbox for users with SCM commit access, as well as users with e.g. Job/Configure permiss…

CVSS: 8.5CWE: CWE-592

High

CVE-2018-14601

An issue was discovered in GitLab Community and Enterprise Edition 11.1.x before 11.1.2. A Denial of Service can occur because Markdown rendering times are slow.

CVSS: 7.5CWE: N/A

2018-07-26

Medium

CVE-2017-12164

A flaw was discovered in gdm 3.24.1 where gdm greeter was no longer setting the ran_once boolean during autologin. If autologin was enabled for a victim, an attacker could simply select 'login as ano…

CVSS: 4.1CWE: CWE-592

Medium

CVE-2018-1288

In Apache Kafka 0.9.0.0 to 0.9.0.1, 0.10.0.0 to 0.10.2.1, 0.11.0.0 to 0.11.0.2, and 1.0.0, authenticated Kafka users may perform action reserved for the Broker via a manually created fetch request in…

CVSS: 5.4CWE: N/A

Medium

CVE-2017-7537

It was found that a mock CMC authentication plugin with a hardcoded secret was accidentally enabled by default in the pki-core package before 10.6.4. An attacker could potentially use this flaw to by…

CVSS: 5.9CWE: CWE-592

2018-07-25

High

CVE-2018-5240

The Inventory Plugin for Symantec Management Agent prior to 7.6 POST HF7, 8.0 POST HF6, or 8.1 RU7 may be susceptible to a privilege escalation vulnerability, which is a type of issue that allows a u…

CVSS: 8.0CWE: N/A