Search
Total
201818 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2018-8001 | 1 Podofo Project | 1 Podofo | 2018-03-26 | 6.8 MEDIUM | 7.8 HIGH |
| In PoDoFo 0.9.5, there exists a heap-based buffer over-read vulnerability in UnescapeName() in PdfName.cpp. Remote attackers could leverage this vulnerability to cause a denial-of-service or possibly unspecified other impact via a crafted pdf file. | |||||
| CVE-2018-7734 | 1 Afian | 1 Filerun | 2018-03-26 | 6.5 MEDIUM | 7.2 HIGH |
| Afian FileRun (before 2018.02.13) suffers from a remote SQL injection vulnerability, when logged in as superuser, via the search parameter in a /?module=users§ion=cpanel&page=list request. | |||||
| CVE-2018-7735 | 1 Afian | 1 Filerun | 2018-03-26 | 6.5 MEDIUM | 7.2 HIGH |
| Afian FileRun (before 2018.02.13) suffers from a remote SQL injection vulnerability, when logged in as superuser, via the search parameter in a /?module=metadata§ion=cpanel&page=list_filetypes request. | |||||
| CVE-2018-7733 | 1 Yxtcmf | 1 Yxtcmf | 2018-03-26 | 6.8 MEDIUM | 8.8 HIGH |
| An issue was discovered in YxtCMF 3.1. RbacController.class.php has CSRF, as demonstrated by modifying an administrator account via index.php/admin/user/add_post.html. | |||||
| CVE-2018-7732 | 1 Yxtcmf | 1 Yxtcmf | 2018-03-26 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered in YxtCMF 3.1. SQL Injection exists in ShitiController.class.php via the ids array parameter to exam/shiti/delshiti.html. | |||||
| CVE-2016-3674 | 3 Debian, Fedoraproject, Xstream Project | 3 Debian Linux, Fedora, Xstream | 2018-03-26 | 5.0 MEDIUM | 7.5 HIGH |
| Multiple XML external entity (XXE) vulnerabilities in the (1) Dom4JDriver, (2) DomDriver, (3) JDomDriver, (4) JDom2Driver, (5) SjsxpDriver, (6) StandardStaxDriver, and (7) WstxDriver drivers in XStream before 1.4.9 allow remote attackers to read arbitrary files via a crafted XML document. | |||||
| CVE-2018-7565 | 1 Polycom | 2 Qdx 6000, Qdx 6000 Firmware | 2018-03-26 | 6.8 MEDIUM | 8.8 HIGH |
| CSRF exists on Polycom QDX 6000 devices. | |||||
| CVE-2018-7564 | 1 Polycom | 2 Qdx 6000, Qdx 6000 Firmware | 2018-03-26 | 4.3 MEDIUM | 6.1 MEDIUM |
| Stored XSS exists on Polycom QDX 6000 devices. | |||||
| CVE-2016-0253 | 1 Ibm | 1 Financial Transaction Manager | 2018-03-26 | 3.5 LOW | 5.4 MEDIUM |
| Cross-site scripting (XSS) vulnerability in IBM Financial Transaction Manager (FTM) for ACH Services for Multi-Platform 2.1.1.2 and 3.0.0.x before fp0013, Financial Transaction Manager (FTM) for Check Services for Multi-Platform 2.1.1.2 and 3.0.0.x before fp0013, and Financial Transaction Manager (FTM) for Corporate Payment Services (CPS) for Multi-Platform 2.1.1.2 and 3.0.0.x before fp0013 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. IBM X-Force ID: 110562. | |||||
| CVE-2016-0272 | 1 Ibm | 1 Financial Transaction Manager | 2018-03-26 | 6.0 MEDIUM | 8.0 HIGH |
| Cross-site request forgery (CSRF) vulnerability in IBM Financial Transaction Manager (FTM) for ACH Services for Multi-Platform 2.1.1.2 and 3.0.0.x before fp0013, Financial Transaction Manager (FTM) for Check Services for Multi-Platform 2.1.1.2 and 3.0.0.x before fp0013, and Financial Transaction Manager (FTM) for Corporate Payment Services (CPS) for Multi-Platform 2.1.1.2 and 3.0.0.x before fp0013 allows remote attackers to hijack the authentication of arbitrary users via unspecified vectors. IBM X-Force ID: 111052. | |||||
| CVE-2016-0268 | 1 Ibm | 1 Financial Transaction Manager | 2018-03-26 | 4.0 MEDIUM | 4.3 MEDIUM |
| XML external entity (XXE) vulnerability in IBM Financial Transaction Manager (FTM) for ACH Services for Multi-Platform 2.1.1.2 and 3.0.0.x before fp0013, Financial Transaction Manager (FTM) for Check Services for Multi-Platform 2.1.1.2 and 3.0.0.x before fp0013, and Financial Transaction Manager (FTM) for Corporate Payment Services (CPS) for Multi-Platform 2.1.1.2 and 3.0.0.x before fp0013 allows remote authenticated users to obtain sensitive information via crafted XML data. IBM X-Force ID: 110915. | |||||
| CVE-2017-17227 | 1 Huawei | 2 Mate 10, Mate 10 Firmware | 2018-03-26 | 9.3 HIGH | 7.8 HIGH |
| GPU driver in Huawei Mate 10 smart phones with the versions before ALP-L09 8.0.0.120(C212); The versions before ALP-L09 8.0.0.127(C900); The versions before ALP-L09 8.0.0.128(402/C02/C109/C346/C432/C652) has a out-of-bounds memory access vulnerability due to the input parameters validation. An attacker tricks a user into installing a malicious application on the smart phone, and the application can call the driver with special parameter and cause accessing out-of-bounds memory. Successful exploit may result in phone crash or arbitrary code execution. | |||||
| CVE-2018-1220 | 1 Emc | 1 Rsa Archer | 2018-03-26 | 5.8 MEDIUM | 6.1 MEDIUM |
| EMC RSA Archer, versions prior to 6.2.0.8, contains a redirect vulnerability in the QuickLinks feature. A remote attacker may potentially exploit this vulnerability to redirect genuine users to phishing websites with the intent of obtaining sensitive information from the users. | |||||
| CVE-2016-0274 | 1 Ibm | 1 Financial Transaction Manager | 2018-03-26 | 3.5 LOW | 5.4 MEDIUM |
| IBM Financial Transaction Manager (FTM) for ACH Services for Multi-Platform 2.1.1.2 and 3.0.0.x before fp0013, Financial Transaction Manager (FTM) for Check Services for Multi-Platform 2.1.1.2 and 3.0.0.x before fp0013, and Financial Transaction Manager (FTM) for Corporate Payment Services (CPS) for Multi-Platform 2.1.1.2 and 3.0.0.x before fp0013 allows remote attackers to conduct clickjacking attacks via a crafted web site. IBM X-Force ID: 111076. | |||||
| CVE-2018-7721 | 1 Metinfo | 1 Metinfo | 2018-03-26 | 4.3 MEDIUM | 6.1 MEDIUM |
| Cross Site Scripting (XSS) exists in MetInfo 6.0.0 via /feedback/index.php because app/system/feedback/web/feedback.class.php mishandles input data. | |||||
| CVE-2018-6811 | 1 Citrix | 2 Netscaler Application Delivery Controller Firmware, Netscaler Gateway Firmware | 2018-03-26 | 4.3 MEDIUM | 6.1 MEDIUM |
| Multiple cross-site scripting (XSS) vulnerabilities in Citrix NetScaler ADC 10.5, 11.0, 11.1, and 12.0, and NetScaler Gateway 10.5, 11.0, 11.1, and 12.0 allow remote attackers to inject arbitrary web script or HTML via the Citrix NetScaler interface. | |||||
| CVE-2016-0276 | 1 Ibm | 1 Financial Transaction Manager | 2018-03-26 | 6.5 MEDIUM | 6.3 MEDIUM |
| IBM Financial Transaction Manager (FTM) for ACH Services for Multi-Platform 2.1.1.2 and 3.0.0.x before fp0013, Financial Transaction Manager (FTM) for Check Services for Multi-Platform 2.1.1.2 and 3.0.0.x before fp0013, and Financial Transaction Manager (FTM) for Corporate Payment Services (CPS) for Multi-Platform 2.1.1.2 and 3.0.0.x before fp0013 allows remote attackers to execute arbitrary code via a crafted serialized Java Message Service (JMS) ObjectMessage object. IBM X-Force ID: 111084. | |||||
| CVE-2016-0286 | 1 Ibm | 1 Tivoli Business Service Manager | 2018-03-26 | 4.0 MEDIUM | 8.8 HIGH |
| IBM Tivoli Business Service Manager 6.1.0 before 6.1.0-TIV-BSM-FP0004 and 6.1.1 before 6.1.1-TIV-BSM-FP0004 allows remote authenticated users to obtain administrator passwords by leveraging unspecified privileges. BM X-Force ID: 111234. | |||||
| CVE-2018-7722 | 1 Piwigo | 1 Piwigo | 2018-03-26 | 3.5 LOW | 5.4 MEDIUM |
| The management panel in Piwigo 2.9.3 has stored XSS via the name parameter in a /ws.php?format=json request. CSRF exploitation, related to CVE-2017-10681, may be possible. | |||||
| CVE-2018-7723 | 1 Piwigo | 1 Piwigo | 2018-03-26 | 3.5 LOW | 5.4 MEDIUM |
| The management panel in Piwigo 2.9.3 has stored XSS via the virtual_name parameter in a /admin.php?page=cat_list request, a different issue than CVE-2017-9836. CSRF exploitation, related to CVE-2017-10681, may be possible. | |||||
| CVE-2017-17223 | 1 Huawei | 6 Espace 7910, Espace 7910 Firmware, Espace 7950 and 3 more | 2018-03-26 | 8.0 HIGH | 8.8 HIGH |
| Huawei eSpace 7910 V200R003C30; eSpace 7950 V200R003C30; eSpace 8950 V200R003C00; V200R003C30 have a directory traversal vulnerability. An authenticated, remote attacker can craft specific URL to the affected products. Due to insufficient verification of the URL, successful exploit will upload and download files and cause information leak and system crash. | |||||
| CVE-2017-17322 | 1 Huawei | 2 Honor Smart Scale Application, Honor Smart Scale Application Firmware | 2018-03-26 | 4.3 MEDIUM | 4.3 MEDIUM |
| Huawei Honor Smart Scale Application with software of 1.1.1 has an information disclosure vulnerability. The application does not sufficiently restrict the resource which can be accessed by certain protocol. An attacker could trick the user to click a malicious link, successful exploit could cause information disclosure. | |||||
| CVE-2017-17216 | 1 Huawei | 12 Dp300, Dp300 Firmware, Rp200 and 9 more | 2018-03-26 | 4.3 MEDIUM | 5.9 MEDIUM |
| Media Gateway Control Protocol (MGCP) in Huawei DP300 V500R002C00; RP200 V500R002C00SPC200; V600R006C00; TE30 V100R001C10; V500R002C00; V600R006C00; TE40 V500R002C00; V600R006C00; TE50 V500R002C00; V600R006C00; TE60 V100R001C10; V500R002C00; V600R006C00 have an out-of-bounds read vulnerability. An unauthenticated, remote attacker crafts malformed packets with specific parameter to the affected products. Due to insufficient validation of packets, successful exploitation may cause process reboot. | |||||
| CVE-2017-17217 | 1 Huawei | 12 Dp300, Dp300 Firmware, Rp200 and 9 more | 2018-03-26 | 4.3 MEDIUM | 5.9 MEDIUM |
| Media Gateway Control Protocol (MGCP) in Huawei DP300 V500R002C00; RP200 V500R002C00SPC200; V600R006C00; TE30 V100R001C10; V500R002C00; V600R006C00; TE40 V500R002C00; V600R006C00; TE50 V500R002C00; V600R006C00; TE60 V100R001C10; V500R002C00; V600R006C00 has an out-of-bounds write vulnerability. An unauthenticated, remote attacker crafts malformed packets with specific parameter to the affected products. Due to insufficient validation of packets, successful exploitation may impact availability of product service. | |||||
| CVE-2018-7583 | 1 Advantig | 1 Dualdesk | 2018-03-26 | 5.0 MEDIUM | 7.5 HIGH |
| Proxy.exe in DualDesk 20 allows Remote Denial Of Service (daemon crash) via a long string to TCP port 5500. | |||||
| CVE-2017-17321 | 1 Huawei | 2 Ensp, Ensp Firmware | 2018-03-26 | 2.1 LOW | 3.3 LOW |
| Huawei eNSP software with software of versions earlier than V100R002C00B510 has a buffer overflow vulnerability. Due to the improper validation of specific command line parameter, a local attacker could exploit this vulnerability to cause the software process abnormal. | |||||
| CVE-2018-6810 | 1 Citrix | 4 Netscaler Application Delivery Controller, Netscaler Application Delivery Controller Firmware, Netscaler Gateway and 1 more | 2018-03-26 | 5.0 MEDIUM | 7.5 HIGH |
| Directory traversal vulnerability in NetScaler ADC 10.5, 11.0, 11.1, and 12.0, and NetScaler Gateway 10.5, 11.0, 11.1, and 12.0 allows remote attackers to traverse the directory on the target system via a crafted request. | |||||
| CVE-2018-0544 | 1 Woodybells | 1 Winshot | 2018-03-26 | 9.3 HIGH | 7.8 HIGH |
| Untrusted search path vulnerability in WinShot 1.53a and earlier (Installer) allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. | |||||
| CVE-2018-6808 | 1 Citrix | 4 Netscaler Application Delivery Controller, Netscaler Application Delivery Controller Firmware, Netscaler Gateway and 1 more | 2018-03-26 | 5.0 MEDIUM | 7.5 HIGH |
| NetScaler ADC 10.5, 11.0, 11.1, and 12.0, and NetScaler Gateway 10.5, 11.0, 11.1, and 12.0 allow remote attackers to download arbitrary files on the target system. | |||||
| CVE-2018-0543 | 1 Woodybells | 1 Jtrim | 2018-03-26 | 9.3 HIGH | 7.8 HIGH |
| Untrusted search path vulnerability in Jtrim 1.53c and earlier (Installer) allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. | |||||
| CVE-2018-0523 | 1 Buffalo | 2 Wxr-1900dhp2, Wxr-1900dhp2 Firmware | 2018-03-26 | 8.3 HIGH | 8.8 HIGH |
| Buffalo WXR-1900DHP2 firmware Ver.2.48 and earlier allows an attacker to execute arbitrary OS commands via unspecified vectors. | |||||
| CVE-2018-0522 | 1 Buffalo | 2 Wxr-1900dhp2, Wxr-1900dhp2 Firmware | 2018-03-26 | 6.8 MEDIUM | 7.8 HIGH |
| Buffer overflow in Buffalo WXR-1900DHP2 firmware Ver.2.48 and earlier allows an attacker to execute arbitrary code via a specially crafted file. | |||||
| CVE-2018-0521 | 1 Buffalo | 2 Wxr-1900dhp2, Wxr-1900dhp2 Firmware | 2018-03-26 | 8.3 HIGH | 8.8 HIGH |
| Buffalo WXR-1900DHP2 firmware Ver.2.48 and earlier allows an attacker to bypass authentication and execute arbitrary commands on the device via unspecified vectors. | |||||
| CVE-2016-8782 | 1 Huawei | 2 Cloudengine 12800, Cloudengine 12800 Firmware | 2018-03-26 | 5.0 MEDIUM | 5.3 MEDIUM |
| Huawei CloudEngine 12800 V100R003C00, V100R003C10, V100R005C00, V100R005C10, V100R006C00 have a memory leak vulnerability. An unauthenticated attacker may send specific Label Distribution Protocol (LDP) packets to the devices repeatedly. Due to improper validation of some specific fields of the packet, the LDP processing module does not release the memory, resulting in memory leak. | |||||
| CVE-2016-8784 | 1 Huawei | 2 Cloudengine 12800, Cloudengine 12800 Firmware | 2018-03-26 | 3.3 LOW | 4.3 MEDIUM |
| Huawei CloudEngine 12800 V100R003C00, V100R003C10, V100R005C00, V100R005C10, V100R006C00 have a memory leak vulnerability. An unauthenticated attacker may send specific Label Distribution Protocol (LDP) packets to the devices. When the values of some parameters in the packet are abnormal, the LDP processing module does not release the memory to handle the packet, resulting in memory leak. | |||||
| CVE-2016-8785 | 1 Huawei | 8 S12700, S12700 Firmware, S5700 and 5 more | 2018-03-26 | 4.3 MEDIUM | 4.3 MEDIUM |
| Huawei S12700 V200R007C00, V200R008C00, S5700 V200R007C00, S7700 V200R002C00, V200R005C00, V200R006C00, V200R007C00, V200R008C00, S9700 V200R007C00 have an input validation vulnerability. Due to the lack of input validation, an attacker may craft a malformed packet and send it to the device using VRP, causing the device to display additional memory data and possibly leading to sensitive information leakage. | |||||
| CVE-2016-8786 | 1 Huawei | 10 S12700, S12700 Firmware, S5700 and 7 more | 2018-03-26 | 7.8 HIGH | 7.5 HIGH |
| Huawei S12700 V200R005C00, V200R006C00, V200R007C00, V200R008C00, S5700 V200R006C00, V200R007C00, V200R008C00, S6700 V200R008C00, S7700 V200R001C00, V200R002C00, V200R003C00, V200R005C00, V200R006C00, V200R007C00, V200R008C00, S9700 V200R001C00, V200R002C00, V200R003C00, V200R005C00, V200R006C00, V200R007C00, V200R008C00 have a denial of service (DoS) vulnerability. Due to the lack of input validation, a remote attacker may craft a malformed Resource Reservation Protocol (RSVP) packet and send it to the device, causing a few buffer overflows and occasional device restart. | |||||
| CVE-2018-7239 | 1 Schneider-electric | 13 Atv12 Dtm, Atv212 Dtm, Atv312 Dtm and 10 more | 2018-03-26 | 6.8 MEDIUM | 7.8 HIGH |
| A DLL hijacking vulnerability exists in Schneider Electric's SoMove Software and associated DTM software components in all versions prior to 2.6.2 which could allow an attacker to execute arbitrary code. | |||||
| CVE-2011-4971 | 1 Memcached | 1 Memcached | 2018-03-25 | 5.0 MEDIUM | N/A |
| Multiple integer signedness errors in the (1) process_bin_sasl_auth, (2) process_bin_complete_sasl_auth, (3) process_bin_update, and (4) process_bin_append_prepend functions in Memcached 1.4.5 and earlier allow remote attackers to cause a denial of service (crash) via a large body length value in a packet. | |||||
| CVE-2013-0179 | 1 Memcached | 1 Memcached | 2018-03-25 | 1.8 LOW | N/A |
| The process_bin_delete function in memcached.c in memcached 1.4.4 and other versions before 1.4.17, when running in verbose mode, allows remote attackers to cause a denial of service (segmentation fault) via a request to delete a key, which does not account for the lack of a null terminator in the key and triggers a buffer over-read when printing to stderr. | |||||
| CVE-2013-7239 | 1 Memcached | 1 Memcached | 2018-03-25 | 4.8 MEDIUM | N/A |
| memcached before 1.4.17 allows remote attackers to bypass authentication by sending an invalid request with SASL credentials, then sending another request with incorrect SASL credentials. | |||||
| CVE-2013-7290 | 1 Memcached | 1 Memcached | 2018-03-25 | 1.8 LOW | N/A |
| The do_item_get function in items.c in memcached 1.4.4 and other versions before 1.4.17, when running in verbose mode, allows remote attackers to cause a denial of service (segmentation fault) via a request to delete a key, which does not account for the lack of a null terminator in the key and triggers a buffer over-read when printing to stderr, a different vulnerability than CVE-2013-0179. | |||||
| CVE-2013-7291 | 1 Memcached | 1 Memcached | 2018-03-25 | 1.8 LOW | N/A |
| memcached before 1.4.17, when running in verbose mode, allows remote attackers to cause a denial of service (crash) via a request that triggers an "unbounded key print" during logging, related to an issue that was "quickly grepped out of the source tree," a different vulnerability than CVE-2013-0179 and CVE-2013-7290. | |||||
| CVE-2018-7874 | 2 Debian, Libming | 2 Debian Linux, Libming | 2018-03-23 | 4.3 MEDIUM | 6.5 MEDIUM |
| An invalid memory address dereference was discovered in strlenext in util/decompile.c in libming 0.4.8. The vulnerability causes a segmentation fault and application crash, which leads to denial of service. | |||||
| CVE-2018-2365 | 1 Sap | 1 Netweaver Portal | 2018-03-23 | 4.3 MEDIUM | 6.1 MEDIUM |
| SAP NetWeaver Portal, WebDynpro Java, 7.30, 7.31, 7.40, 7.50, does not sufficiently encode user controlled inputs, resulting in Cross-Site Scripting (XSS) vulnerability. | |||||
| CVE-2018-2367 | 1 Sap | 1 Business Application Software Integrated Solution | 2018-03-23 | 6.5 MEDIUM | 8.8 HIGH |
| ABAP File Interface in, SAP BASIS, from 7.00 to 7.02, from 7.10 to 7.11, 7.30, 7.31, 7.40, from 7.50 to 7.52, allows an attacker to exploit insufficient validation of path information provided by users, thus characters representing "traverse to parent directory" are passed through to the file APIs. | |||||
| CVE-2018-2368 | 1 Sap | 1 Netweaver System Landscape Directory | 2018-03-23 | 7.5 HIGH | 9.8 CRITICAL |
| SAP NetWeaver System Landscape Directory, LM-CORE 7.10, 7.20, 7.30, 7.31, 7.40, does not perform any authentication checks for functionalities that require user identity. | |||||
| CVE-2018-2380 | 1 Sap | 1 Customer Relationship Management | 2018-03-23 | 6.5 MEDIUM | 6.6 MEDIUM |
| SAP CRM, 7.01, 7.02,7.30, 7.31, 7.33, 7.54, allows an attacker to exploit insufficient validation of path information provided by users, thus characters representing "traverse to parent directory" are passed through to the file APIs. | |||||
| CVE-2018-7556 | 2 Debian, Limesurvey | 2 Debian Linux, Limesurvey | 2018-03-23 | 6.4 MEDIUM | 9.1 CRITICAL |
| LimeSurvey 2.6.x before 2.6.7, 2.7x.x before 2.73.1, and 3.x before 3.4.2 mishandles application/controller/InstallerController.php after installation, which allows remote attackers to access the configuration file. | |||||
| CVE-2018-7482 | 1 Joomlaworks | 1 K2 | 2018-03-23 | 5.0 MEDIUM | 7.5 HIGH |
| ** DISPUTED ** The K2 component 2.8.0 for Joomla! has Incorrect Access Control with directory traversal, allowing an attacker to download arbitrary files, as demonstrated by a view=media&task=connector&cmd=file&target=l1_../configuration.php&download=1 request. The specific pathname ../configuration.php should be base64 encoded for a valid attack. NOTE: the vendor disputes this issue because only files under the media-manager path can be downloaded, and the documentation indicates that sensitive information does not belong there. Nonetheless, 2.8.1 has additional blocking of .php downloads. | |||||