Search
Total
46623 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2018-18586 | 1 Kyzer | 1 Libmspack | 2019-04-03 | 5.0 MEDIUM | 5.3 MEDIUM |
| ** DISPUTED ** chmextract.c in the chmextract sample program, as distributed with libmspack before 0.8alpha, does not protect against absolute/relative pathnames in CHM files, leading to Directory Traversal. NOTE: the vendor disputes that this is a libmspack vulnerability, because chmextract.c was only intended as a source-code example, not a supported application. | |||||
| CVE-2018-12896 | 3 Canonical, Debian, Linux | 3 Ubuntu Linux, Debian Linux, Linux Kernel | 2019-04-03 | 2.1 LOW | 5.5 MEDIUM |
| An issue was discovered in the Linux kernel through 4.17.3. An Integer Overflow in kernel/time/posix-timers.c in the POSIX timer code is caused by the way the overrun accounting works. Depending on interval and expiry time values, the overrun can be larger than INT_MAX, but the accounting is int based. This basically makes the accounting values, which are visible to user space via timer_getoverrun(2) and siginfo::si_overrun, random. For example, a local user can cause a denial of service (signed integer overflow) via crafted mmap, futex, timer_create, and timer_settime system calls. | |||||
| CVE-2018-16859 | 1 Redhat | 1 Ansible Engine | 2019-04-03 | 2.1 LOW | 4.4 MEDIUM |
| Execution of Ansible playbooks on Windows platforms with PowerShell ScriptBlock logging and Module logging enabled can allow for 'become' passwords to appear in EventLogs in plaintext. A local user with administrator privileges on the machine can view these logs and discover the plaintext password. Ansible Engine 2.8 and older are believed to be vulnerable. | |||||
| CVE-2018-14614 | 1 Linux | 1 Linux Kernel | 2019-04-03 | 7.1 HIGH | 5.5 MEDIUM |
| An issue was discovered in the Linux kernel through 4.17.10. There is an out-of-bounds access in __remove_dirty_segment() in fs/f2fs/segment.c when mounting an f2fs image. | |||||
| CVE-2018-9517 | 1 Google | 1 Android | 2019-04-03 | 7.2 HIGH | 6.7 MEDIUM |
| In pppol2tp_connect, there is possible memory corruption due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: Android kernel. Android ID: A-38159931. | |||||
| CVE-2018-14616 | 1 Linux | 1 Linux Kernel | 2019-04-03 | 7.1 HIGH | 5.5 MEDIUM |
| An issue was discovered in the Linux kernel through 4.17.10. There is a NULL pointer dereference in fscrypt_do_page_crypto() in fs/crypto/crypto.c when operating on a file in a corrupted f2fs image. | |||||
| CVE-2018-13100 | 2 Debian, Linux | 2 Debian Linux, Linux Kernel | 2019-04-03 | 4.3 MEDIUM | 5.5 MEDIUM |
| An issue was discovered in fs/f2fs/super.c in the Linux kernel through 4.17.3, which does not properly validate secs_per_zone in a corrupted f2fs image, as demonstrated by a divide-by-zero error. | |||||
| CVE-2018-13097 | 1 Linux | 1 Linux Kernel | 2019-04-03 | 4.3 MEDIUM | 5.5 MEDIUM |
| An issue was discovered in fs/f2fs/super.c in the Linux kernel through 4.17.3. There is an out-of-bounds read or a divide-by-zero error for an incorrect user_block_count in a corrupted f2fs image, leading to a denial of service (BUG). | |||||
| CVE-2018-17989 | 1 Dlink | 2 Dsl-3782, Dsl-3782 Firmware | 2019-04-02 | 3.5 LOW | 5.4 MEDIUM |
| A stored XSS vulnerability exists in the web interface on D-Link DSL-3782 devices with firmware 1.01 that allows authenticated attackers to inject a JavaScript or HTML payload inside the ACL page. The injected payload would be executed in a user's browser when "/cgi-bin/New_GUI/Acl.asp" is requested. | |||||
| CVE-2019-9692 | 1 Cmsmadesimple | 1 Cms Made Simple | 2019-04-02 | 4.0 MEDIUM | 6.5 MEDIUM |
| class.showtime2_image.php in CMS Made Simple (CMSMS) before 2.2.10 does not ensure that a watermark file has a standard image file extension (GIF, JPG, JPEG, or PNG). | |||||
| CVE-2017-6284 | 2 Google, Nvidia | 3 Android, Shield Tv, Shield Tv Firmware | 2019-04-02 | 2.1 LOW | 5.5 MEDIUM |
| NVIDIA Security Engine contains a vulnerability in the Deterministic Random Bit Generator (DRBG) where the DRBG does not properly initialize and store or transmits sensitive data using a weakened encryption scheme that is unable to protect sensitive data which may lead to information disclosure.This issue is rated as moderate. | |||||
| CVE-2018-10916 | 3 Canonical, Lftp Project, Opensuse | 3 Ubuntu Linux, Lftp, Leap | 2019-04-02 | 7.8 HIGH | 6.5 MEDIUM |
| It has been discovered that lftp up to and including version 4.8.3 does not properly sanitize remote file names, leading to a loss of integrity on the local system when reverse mirroring is used. A remote attacker may trick a user to use reverse mirroring on an attacker controlled FTP server, resulting in the removal of all files in the current working directory of the victim's system. | |||||
| CVE-2017-0330 | 1 Linux | 1 Linux Kernel | 2019-04-02 | 2.6 LOW | 4.7 MEDIUM |
| An information disclosure vulnerability in the NVIDIA crypto driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it first requires compromising a privileged process. Product: Android. Versions: Kernel 3.10. Android ID: A-33899858. References: N-CVE-2017-0330. | |||||
| CVE-2019-7440 | 1 Jio | 2 Jiofi 4g M2s, Jiofi 4g M2s Firmware | 2019-04-02 | 4.3 MEDIUM | 6.5 MEDIUM |
| JioFi 4G M2S 1.0.2 devices have CSRF via the SSID name and Security Key field under Edit Wi-Fi Settings (aka a SetWiFi_Setting request to cgi-bin/qcmap_web_cgi). | |||||
| CVE-2019-8997 | 1 Blackberry | 1 Athoc | 2019-04-02 | 4.3 MEDIUM | 5.9 MEDIUM |
| An XML External Entity Injection (XXE) vulnerability in the Management System (console) of BlackBerry AtHoc versions earlier than 7.6 HF-567 could allow an attacker to potentially read arbitrary local files from the application server or make requests on the network by entering maliciously crafted XML in an existing field. | |||||
| CVE-2017-16231 | 1 Pcre | 1 Pcre | 2019-04-02 | 2.1 LOW | 5.5 MEDIUM |
| ** DISPUTED ** In PCRE 8.41, after compiling, a pcretest load test PoC produces a crash overflow in the function match() in pcre_exec.c because of a self-recursive call. NOTE: third parties dispute the relevance of this report, noting that there are options that can be used to limit the amount of stack that is used. | |||||
| CVE-2017-9376 | 1 Zohocorp | 1 Manageengine Servicedesk Plus | 2019-04-02 | 5.0 MEDIUM | 6.5 MEDIUM |
| ManageEngine ServiceDesk Plus before 9314 contains a local file inclusion vulnerability in the defModule parameter in DefaultConfigDef.do and AssetDefaultConfigDef.do. | |||||
| CVE-2016-5824 | 3 Canonical, Libical Project, Redhat | 8 Ubuntu Linux, Libical, Enterprise Linux Desktop and 5 more | 2019-04-02 | 4.3 MEDIUM | 5.5 MEDIUM |
| libical 1.0 allows remote attackers to cause a denial of service (use-after-free) via a crafted ics file. | |||||
| CVE-2016-5823 | 1 Libical Project | 1 Libical | 2019-04-02 | 4.3 MEDIUM | 5.5 MEDIUM |
| The icalproperty_new_clone function in libical 0.47 and 1.0 allows remote attackers to cause a denial of service (use-after-free) via a crafted ics file. | |||||
| CVE-2016-9082 | 1 Cairographics | 1 Cairo | 2019-04-02 | 4.3 MEDIUM | 5.5 MEDIUM |
| Integer overflow in the write_png function in cairo 1.14.6 allows remote attackers to cause a denial of service (invalid pointer dereference) via a large svg file. | |||||
| CVE-2019-7400 | 1 Rukovoditel | 1 Rukovoditel | 2019-04-01 | 4.3 MEDIUM | 6.1 MEDIUM |
| Rukovoditel before 2.4.1 allows XSS. | |||||
| CVE-2018-20511 | 2 Debian, Linux | 2 Debian Linux, Linux Kernel | 2019-04-01 | 2.1 LOW | 5.5 MEDIUM |
| An issue was discovered in the Linux kernel before 4.18.11. The ipddp_ioctl function in drivers/net/appletalk/ipddp.c allows local users to obtain sensitive kernel address information by leveraging CAP_NET_ADMIN to read the ipddp_route dev and next fields via an SIOCFINDIPDDPRT ioctl call. | |||||
| CVE-2018-16862 | 4 Canonical, Debian, Linux and 1 more | 4 Ubuntu Linux, Debian Linux, Linux Kernel and 1 more | 2019-04-01 | 2.1 LOW | 5.5 MEDIUM |
| A security flaw was found in the Linux kernel in a way that the cleancache subsystem clears an inode after the final file truncation (removal). The new file created with the same inode may contain leftover pages from cleancache and the old file data instead of the new one. | |||||
| CVE-2018-10880 | 4 Canonical, Debian, Linux and 1 more | 4 Ubuntu Linux, Debian Linux, Linux Kernel and 1 more | 2019-04-01 | 7.1 HIGH | 5.5 MEDIUM |
| Linux kernel is vulnerable to a stack-out-of-bounds write in the ext4 filesystem code when mounting and writing to a crafted ext4 image in ext4_update_inline_data(). An attacker could use this to cause a system crash and a denial of service. | |||||
| CVE-2018-10877 | 4 Canonical, Debian, Linux and 1 more | 4 Ubuntu Linux, Debian Linux, Linux Kernel and 1 more | 2019-04-01 | 6.8 MEDIUM | 6.5 MEDIUM |
| Linux kernel ext4 filesystem is vulnerable to an out-of-bound access in the ext4_ext_drop_refs() function when operating on a crafted ext4 filesystem image. | |||||
| CVE-2018-10876 | 3 Canonical, Debian, Linux | 3 Ubuntu Linux, Debian Linux, Linux Kernel | 2019-04-01 | 4.9 MEDIUM | 5.5 MEDIUM |
| A flaw was found in Linux kernel in the ext4 filesystem code. A use-after-free is possible in ext4_ext_remove_space() function when mounting and operating a crafted ext4 image. | |||||
| CVE-2019-7251 | 1 Digium | 1 Asterisk | 2019-04-01 | 4.0 MEDIUM | 6.5 MEDIUM |
| An Integer Signedness issue (for a return code) in the res_pjsip_sdp_rtp module in Digium Asterisk versions 15.7.1 and earlier and 16.1.1 and earlier allows remote authenticated users to crash Asterisk via a specially crafted SDP protocol violation. | |||||
| CVE-2017-16253 | 1 Insteon | 2 Hub, Hub Firmware | 2019-04-01 | 5.5 MEDIUM | 6.5 MEDIUM |
| An exploitable buffer overflow vulnerability exists in the PubNub message handler Insteon Hub 2245-222 - Firmware version 1012 for the cc channel of Insteon Hub running firmware version 1012. Specially crafted commands sent through the PubNub service can cause a stack-based buffer overflow overwriting arbitrary data. An attacker can send an authenticated HTTP request At 0x9d014dd8 the value for the id key is copied using strcpy to the buffer at $sp+0x290. This buffer is 32 bytes large, sending anything longer will cause a buffer overflow. | |||||
| CVE-2017-16254 | 1 Insteon | 2 Hub, Hub Firmware | 2019-04-01 | 5.5 MEDIUM | 6.5 MEDIUM |
| An exploitable buffer overflow vulnerability exists in the PubNub message handler Insteon Hub 2245-222 - Firmware version 1012. Specially crafted commands sent through the PubNub service can cause a stack-based buffer overflow overwriting arbitrary data. An attacker can send an authenticated HTTP request at 0x9d014e4c the value for the flg key is copied using strcpy to the buffer at $sp+0x270. This buffer is 16 bytes large, sending anything longer will cause a buffer overflow. | |||||
| CVE-2017-16255 | 1 Insteon | 2 Hub, Hub Firmware | 2019-04-01 | 5.5 MEDIUM | 6.5 MEDIUM |
| An exploitable buffer overflow vulnerability exists in the PubNub message handler Insteon Hub 2245-222 - Firmware version 1012. Specially crafted commands sent through the PubNub service can cause a stack-based buffer overflow overwriting arbitrary data. An attacker can send an authenticated HTTP request at At 0x9d014e84 the value for the cmd1 key is copied using strcpy to the buffer at $sp+0x280. This buffer is 16 bytes large. | |||||
| CVE-2017-18110 | 1 Atlassian | 1 Crowd | 2019-04-01 | 4.0 MEDIUM | 6.5 MEDIUM |
| The administration backup restore resource in Atlassian Crowd before version 3.0.2 and from version 3.1.0 before version 3.1.1 allows remote attackers to read files from the filesystem via a XXE vulnerability. | |||||
| CVE-2017-18109 | 1 Atlassian | 1 Crowd | 2019-04-01 | 5.8 MEDIUM | 6.1 MEDIUM |
| The login resource of CrowdId in Atlassian Crowd before version 3.0.2 and from version 3.1.0 before version 3.1.1 allows remote attackers to redirect users to a different website which they may use as part of performing a phishing attack via an open redirect. | |||||
| CVE-2019-9605 | 1 Online Lottery Php Readymade Script Project | 1 Online Lottery Php Readymade Script | 2019-04-01 | 3.5 LOW | 5.4 MEDIUM |
| PHP Scripts Mall Online Lottery PHP Readymade Script 1.7.0 has Reflected Cross-site Scripting (XSS) via the err value in a .ico picture upload. | |||||
| CVE-2017-1428 | 1 Ibm | 1 Cognos Analytics | 2019-04-01 | 5.8 MEDIUM | 6.1 MEDIUM |
| IBM Cognos Analytics 11.0 could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could exploit this vulnerability to hijack the victim's click actions and possibly launch further attacks against the victim. IBM X-Force ID: 127583. | |||||
| CVE-2017-1427 | 1 Ibm | 1 Cognos Analytics | 2019-04-01 | 4.3 MEDIUM | 6.1 MEDIUM |
| IBM Cognos Analytics 11.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 127579. | |||||
| CVE-2017-1000460 | 3 Ffmpeg, Google, Libav | 3 Ffmpeg, Chrome, Libav | 2019-03-31 | 4.3 MEDIUM | 6.5 MEDIUM |
| In line libavcodec/h264dec.c:500 in libav(v13_dev0), ffmpeg(n3.4), chromium(56 prior Feb 13, 2017), the return value of init_get_bits is ignored and get_ue_golomb(&gb) is called on an uninitialized get_bits context, which causes a NULL deref exception. | |||||
| CVE-2018-6392 | 2 Debian, Ffmpeg | 2 Debian Linux, Ffmpeg | 2019-03-31 | 4.3 MEDIUM | 6.5 MEDIUM |
| The filter_slice function in libavfilter/vf_transpose.c in FFmpeg through 3.4.1 allows remote attackers to cause a denial of service (out-of-array access) via a crafted MP4 file. | |||||
| CVE-2018-8026 | 2 Apache, Netapp | 3 Solr, Snapcenter, Storage Automation Store | 2019-03-29 | 2.1 LOW | 5.5 MEDIUM |
| This vulnerability in Apache Solr 6.0.0 to 6.6.4 and 7.0.0 to 7.3.1 relates to an XML external entity expansion (XXE) in Solr config files (currency.xml, enumsConfig.xml referred from schema.xml, TIKA parsecontext config file). In addition, Xinclude functionality provided in these config files is also affected in a similar way. The vulnerability can be used as XXE using file/ftp/http protocols in order to read arbitrary local files from the Solr server or the internal network. The manipulated files can be uploaded as configsets using Solr's API, allowing to exploit that vulnerability. | |||||
| CVE-2019-9961 | 1 Wikindx Project | 1 Wikindx | 2019-03-29 | 4.3 MEDIUM | 6.1 MEDIUM |
| A cross-site scripting (XSS) vulnerability in ressource view in core/modules/resource/RESOURCEVIEW.php in Wikindx prior to version 5.7.0 allows remote attackers to inject arbitrary web script or HTML via the id parameter. | |||||
| CVE-2018-18407 | 2 Appneta, Fedoraproject | 2 Tcpreplay, Fedora | 2019-03-29 | 4.3 MEDIUM | 5.5 MEDIUM |
| A heap-based buffer over-read was discovered in the tcpreplay-edit binary of Tcpreplay 4.3.0 beta1, during the incremental checksum operation. The issue gets triggered in the function csum_replace4() in incremental_checksum.h, causing a denial of service. | |||||
| CVE-2018-12227 | 2 Debian, Digium | 3 Debian Linux, Asterisk, Certified Asterisk | 2019-03-29 | 5.0 MEDIUM | 5.3 MEDIUM |
| An issue was discovered in Asterisk Open Source 13.x before 13.21.1, 14.x before 14.7.7, and 15.x before 15.4.1 and Certified Asterisk 13.18-cert before 13.18-cert4 and 13.21-cert before 13.21-cert2. When endpoint specific ACL rules block a SIP request, they respond with a 403 forbidden. However, if an endpoint is not identified, then a 401 unauthorized response is sent. This vulnerability just discloses which requests hit a defined endpoint. The ACL rules cannot be bypassed to gain access to the disclosed endpoints. | |||||
| CVE-2018-11386 | 2 Debian, Sensiolabs | 2 Debian Linux, Symfony | 2019-03-29 | 4.3 MEDIUM | 5.9 MEDIUM |
| An issue was discovered in the HttpFoundation component in Symfony 2.7.x before 2.7.48, 2.8.x before 2.8.41, 3.3.x before 3.3.17, 3.4.x before 3.4.11, and 4.0.x before 4.0.11. The PDOSessionHandler class allows storing sessions on a PDO connection. Under some configurations and with a well-crafted payload, it was possible to do a denial of service on a Symfony application without too much resources. | |||||
| CVE-2018-11342 | 1 Asustor | 2 As6202t, As6202t Firmware | 2019-03-29 | 4.0 MEDIUM | 4.3 MEDIUM |
| A path traversal vulnerability in fileExplorer.cgi in ASUSTOR AS6202T ADM 3.1.0.RFQ3 allows attackers to arbitrarily specify a path to a file on the system to create folders via the dest_folder parameter. | |||||
| CVE-2018-5801 | 4 Canonical, Debian, Libraw and 1 more | 6 Ubuntu Linux, Debian Linux, Libraw and 3 more | 2019-03-29 | 4.3 MEDIUM | 6.5 MEDIUM |
| An error within the "LibRaw::unpack()" function (src/libraw_cxx.cpp) in LibRaw versions prior to 0.18.7 can be exploited to trigger a NULL pointer dereference. | |||||
| CVE-2019-10260 | 1 Totaljs | 1 Total.js Cms | 2019-03-29 | 4.3 MEDIUM | 6.1 MEDIUM |
| Total.js CMS 12.0.0 has XSS related to themes/admin/views/index.html (item.message) and themes/admin/public/ui.js (column.format). | |||||
| CVE-2018-19859 | 1 Openrefine | 1 Openrefine | 2019-03-28 | 4.0 MEDIUM | 6.5 MEDIUM |
| OpenRefine before 3.2 beta allows directory traversal via a relative pathname in a ZIP archive. | |||||
| CVE-2019-10254 | 1 Misp | 1 Misp | 2019-03-28 | 4.3 MEDIUM | 6.1 MEDIUM |
| In MISP before 2.4.105, the app/View/Layouts/default.ctp default layout template has a Reflected XSS vulnerability. | |||||
| CVE-2018-13134 | 1 Tp-link | 2 Archer C1200, Archer C1200 Firmware | 2019-03-28 | 4.3 MEDIUM | 6.1 MEDIUM |
| TP-Link Archer C1200 1.13 Build 2018/01/24 rel.52299 EU devices have XSS via the PATH_INFO to the /webpages/data URI. | |||||
| CVE-2018-15585 | 1 Gnuboard5 Project | 1 Gnuboard5 | 2019-03-28 | 4.3 MEDIUM | 6.1 MEDIUM |
| Cross-Site Scripting (XSS) vulnerability in newwinform.php in GNUBOARD5 before 5.3.1.6 allows remote attackers to inject arbitrary web script or HTML via the popup title parameter. | |||||
| CVE-2019-10238 | 1 Sitemagic | 1 Sitemagic | 2019-03-28 | 4.3 MEDIUM | 6.1 MEDIUM |
| Sitemagic CMS v4.4 has XSS in SMFiles/FrmUpload.class.php via the filename parameter. | |||||