Search
Total
201818 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2017-9447 | 1 Parallels | 1 Remote Application Server | 2018-03-23 | 5.0 MEDIUM | 7.5 HIGH |
| In the web interface of Parallels Remote Application Server (RAS) 15.5 Build 16140, a vulnerability exists due to improper validation of the file path when requesting a resource under the "RASHTML5Gateway" directory. A remote, unauthenticated attacker could exploit this weakness to read arbitrary files from the vulnerable system using path traversal sequences. | |||||
| CVE-2018-7264 | 1 Activepdf | 1 Activepdf Toolkit | 2018-03-23 | 7.5 HIGH | 9.8 CRITICAL |
| The Pictview image processing library embedded in the ActivePDF toolkit through 2018.1.0.18321 is prone to multiple out of bounds write and sign errors, allowing a remote attacker to execute arbitrary code on vulnerable applications using the ActivePDF Toolkit to process untrusted images. | |||||
| CVE-2015-4117 | 1 Vestacp | 1 Control Panel | 2018-03-23 | 6.5 MEDIUM | 8.8 HIGH |
| Vesta Control Panel before 0.9.8-14 allows remote authenticated users to execute arbitrary commands via shell metacharacters in the backup parameter to list/backup/index.php. | |||||
| CVE-2018-7490 | 2 Debian, Unbit | 2 Debian Linux, Uwsgi | 2018-03-23 | 5.0 MEDIUM | 7.5 HIGH |
| uWSGI before 2.0.17 mishandles a DOCUMENT_ROOT check during use of the --php-docroot option, allowing directory traversal. | |||||
| CVE-2018-4897 | 1 Adobe | 4 Acrobat, Acrobat Dc, Acrobat Reader and 1 more | 2018-03-23 | 4.3 MEDIUM | 6.5 MEDIUM |
| An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and earlier versions, 2017.011.30070 and earlier versions, 2015.006.30394 and earlier versions. This vulnerability occurs as a result of computation that reads data that is past the end of the target buffer; the computation is part of the image conversion module that parses TIFF metadata. A successful attack can lead to sensitive data exposure. | |||||
| CVE-2017-15692 | 1 Apache | 1 Geode | 2018-03-23 | 7.5 HIGH | 9.8 CRITICAL |
| In Apache Geode before v1.4.0, the TcpServer within the Geode locator opens a network port that deserializes data. If an unprivileged user gains access to the Geode locator, they may be able to cause remote code execution if certain classes are present on the classpath. | |||||
| CVE-2017-15693 | 1 Apache | 1 Geode | 2018-03-23 | 6.0 MEDIUM | 7.5 HIGH |
| In Apache Geode before v1.4.0, the Geode server stores application objects in serialized form. Certain cluster operations and API invocations cause these objects to be deserialized. A user with DATA:WRITE access to the cluster may be able to cause remote code execution if certain classes are present on the classpath. | |||||
| CVE-2018-0489 | 3 Arubanetworks, Debian, Shibboleth | 3 Clearpass, Debian Linux, Xmltooling-c | 2018-03-23 | 6.4 MEDIUM | 6.5 MEDIUM |
| Shibboleth XMLTooling-C before 1.6.4, as used in Shibboleth Service Provider before 2.6.1.4 on Windows and other products, mishandles digital signatures of user data, which allows remote attackers to obtain sensitive information or conduct impersonation attacks via crafted XML data. NOTE: this issue exists because of an incomplete fix for CVE-2018-0486. | |||||
| CVE-2018-7172 | 1 Wondercms | 1 Wondercms | 2018-03-23 | 5.5 MEDIUM | 4.9 MEDIUM |
| In index.php in WonderCMS before 2.4.1, remote attackers can delete arbitrary files via directory traversal. | |||||
| CVE-2018-6532 | 1 Icinga | 1 Icinga | 2018-03-23 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered in Icinga 2.x through 2.8.1. By sending specially crafted (authenticated and unauthenticated) requests, an attacker can exhaust a lot of memory on the server side, triggering the OOM killer. | |||||
| CVE-2017-7671 | 2 Apache, Debian | 2 Traffic Server, Debian Linux | 2018-03-23 | 5.0 MEDIUM | 7.5 HIGH |
| There is a DOS attack vulnerability in Apache Traffic Server (ATS) 5.2.0 to 5.3.2, 6.0.0 to 6.2.0, and 7.0.0 with the TLS handshake. This issue can cause the server to coredump. | |||||
| CVE-2018-7467 | 1 Axxonsoft | 1 Next | 2018-03-23 | 5.0 MEDIUM | 7.5 HIGH |
| AxxonSoft Axxon Next has Directory Traversal via an initial /css//..%2f substring in a URI. | |||||
| CVE-2018-5501 | 1 F5 | 13 Big-ip Access Policy Manager, Big-ip Advanced Firewall Manager, Big-ip Analytics and 10 more | 2018-03-23 | 4.3 MEDIUM | 5.9 MEDIUM |
| In some circumstances, on F5 BIG-IP systems running 13.0.0, 12.1.0 - 12.1.3.1, any 11.6.x or 11.5.x release, or 11.2.1, TCP DNS profile allows excessive buffering due to lack of flow control. | |||||
| CVE-2018-5500 | 1 F5 | 13 Big-ip Access Policy Manager, Big-ip Advanced Firewall Manager, Big-ip Analytics and 10 more | 2018-03-23 | 4.3 MEDIUM | 5.9 MEDIUM |
| On F5 BIG-IP systems running 13.0.0, 12.1.0 - 12.1.3.1, or 11.6.1 - 11.6.2, every Multipath TCP (MCTCP) connection established leaks a small amount of memory. Virtual server using TCP profile with Multipath TCP (MCTCP) feature enabled will be affected by this issue. | |||||
| CVE-2017-6154 | 1 F5 | 1 Big-ip Application Security Manager | 2018-03-23 | 5.0 MEDIUM | 7.5 HIGH |
| On F5 BIG-IP systems running 13.0.0, 12.1.0 - 12.1.3.1, or 11.6.1 - 11.6.2, the BIG-IP ASM bd daemon may core dump memory under some circumstances when processing undisclosed types of data on systems with 48 or more CPU cores. | |||||
| CVE-2017-6150 | 1 F5 | 10 Big-ip Access Policy Manager, Big-ip Advanced Firewall Manager, Big-ip Analytics and 7 more | 2018-03-23 | 7.8 HIGH | 7.5 HIGH |
| Under certain conditions for F5 BIG-IP systems 13.0.0 or 12.1.0 - 12.1.3.1, using FastL4 profiles, when the Reassemble IP Fragments option is disabled (default), some specific large fragmented packets may restart the Traffic Management Microkernel (TMM). | |||||
| CVE-2015-5374 | 1 Siemens | 3 Siprotec 4, Siprotec Compact, Siprotec Firmware | 2018-03-23 | 7.8 HIGH | N/A |
| A vulnerability has been identified in Firmware variant PROFINET IO for EN100 Ethernet module : All versions < V1.04.01; Firmware variant Modbus TCP for EN100 Ethernet module : All versions < V1.11.00; Firmware variant DNP3 TCP for EN100 Ethernet module : All versions < V1.03; Firmware variant IEC 104 for EN100 Ethernet module : All versions < V1.21; EN100 Ethernet module included in SIPROTEC Merging Unit 6MU80 : All versions < 1.02.02. Specially crafted packets sent to port 50000/UDP could cause a denial-of-service of the affected device. A manual reboot may be required to recover the service of the device. | |||||
| CVE-2016-2074 | 2 Openvswitch, Redhat | 2 Openvswitch, Openshift | 2018-03-23 | 7.5 HIGH | 9.8 CRITICAL |
| Buffer overflow in lib/flow.c in ovs-vswitchd in Open vSwitch 2.2.x and 2.3.x before 2.3.3 and 2.4.x before 2.4.1 allows remote attackers to execute arbitrary code via crafted MPLS packets, as demonstrated by a long string in an ovs-appctl command. | |||||
| CVE-2016-4784 | 1 Siemens | 9 Siprotec 4 En100, Siprotec Compact Model 7rw80, Siprotec Compact Model 7sd80 and 6 more | 2018-03-23 | 5.0 MEDIUM | 5.3 MEDIUM |
| A vulnerability has been identified in firmware variant PROFINET IO for EN100 Ethernet module : All versions < V1.04.01; Firmware variant Modbus TCP for EN100 Ethernet module : All versions < V1.11.00; Firmware variant DNP3 TCP for EN100 Ethernet module : All versions < V1.03; Firmware variant IEC 104 for EN100 Ethernet module : All versions < V1.21; EN100 Ethernet module included in SIPROTEC Merging Unit 6MU80 : All versions < 1.02.02; SIPROTEC 7SJ686 : All versions < V 4.83; SIPROTEC 7UT686 : All versions < V 4.01; SIPROTEC 7SD686 : All versions < V 4.03; SIPROTEC 7SJ66 : All versions < V 4.20. The integrated web server (port 80/tcp) of the affected devices could allow remote attackers to obtain sensitive device information if network access was obtained. | |||||
| CVE-2016-4785 | 1 Siemens | 9 Siprotec 4 En100, Siprotec Compact Model, Siprotec Compact Model 7rw80 and 6 more | 2018-03-23 | 5.0 MEDIUM | 5.3 MEDIUM |
| A vulnerability has been identified in Firmware variant PROFINET IO for EN100 Ethernet module : All versions < V1.04.01; Firmware variant Modbus TCP for EN100 Ethernet module : All versions < V1.11.00; Firmware variant DNP3 TCP for EN100 Ethernet module : All versions < V1.03; Firmware variant IEC 104 for EN100 Ethernet module : All versions < V1.21; EN100 Ethernet module included in SIPROTEC Merging Unit 6MU80 : All versions < 1.02.02. The integrated web server (port 80/tcp) of the affected devices could allow remote attackers to obtain a limited amount of device memory content if network access was obtained. This vulnerability only affects EN100 Ethernet module included in SIPROTEC4 and SIPROTEC Compact devices. | |||||
| CVE-2016-7112 | 1 Siemens | 2 En100 Ethernet Module, En100 Ethernet Module Firmware | 2018-03-23 | 10.0 HIGH | 9.8 CRITICAL |
| A vulnerability has been identified in Firmware variant PROFINET IO for EN100 Ethernet module : All versions < V1.04.01; Firmware variant Modbus TCP for EN100 Ethernet module : All versions < V1.11.00; Firmware variant DNP3 TCP for EN100 Ethernet module : All versions < V1.03; Firmware variant IEC 104 for EN100 Ethernet module : All versions < V1.21; EN100 Ethernet module included in SIPROTEC Merging Unit 6MU80 : All versions < 1.02.02. Attackers with network access to the device's web interface (port 80/tcp) could possibly circumvent authentication and perform certain administrative operations. | |||||
| CVE-2016-7113 | 1 Siemens | 2 En100 Ethernet Module, En100 Ethernet Module Firmware | 2018-03-23 | 7.8 HIGH | 7.5 HIGH |
| A vulnerability has been identified in Firmware variant PROFINET IO for EN100 Ethernet module : All versions < V1.04.01; Firmware variant Modbus TCP for EN100 Ethernet module : All versions < V1.11.00; Firmware variant DNP3 TCP for EN100 Ethernet module : All versions < V1.03; Firmware variant IEC 104 for EN100 Ethernet module : All versions < V1.21; EN100 Ethernet module included in SIPROTEC Merging Unit 6MU80 : All versions < 1.02.02. Specially crafted packets sent to port 80/tcp could cause the affected device to go into defect mode. | |||||
| CVE-2016-7114 | 1 Siemens | 2 En100 Ethernet Module, En100 Ethernet Module Firmware | 2018-03-23 | 9.0 HIGH | 8.8 HIGH |
| A vulnerability has been identified in Firmware variant PROFINET IO for EN100 Ethernet module : All versions < V1.04.01; Firmware variant Modbus TCP for EN100 Ethernet module : All versions < V1.11.00; Firmware variant DNP3 TCP for EN100 Ethernet module : All versions < V1.03; Firmware variant IEC 104 for EN100 Ethernet module : All versions < V1.21; EN100 Ethernet module included in SIPROTEC Merging Unit 6MU80 : All versions < 1.02.02; SIPROTEC 7SJ686 : All versions < V 4.87; SIPROTEC 7UT686 : All versions < V 4.02; SIPROTEC 7SD686 : All versions < V 4.05; SIPROTEC 7SJ66 : All versions < V 4.30. Attackers with network access to the device's web interface (port 80/tcp) could possibly circumvent authentication and perform certain administrative operations. A legitimate user must be logged into the web interface for the attack to be successful. | |||||
| CVE-2017-1000474 | 1 Vehicle Sales Management System Project | 1 Vehicle Sales Management System | 2018-03-23 | 7.5 HIGH | 9.8 CRITICAL |
| Soyket Chowdhury Vehicle Sales Management System version 2017-07-30 is vulnerable to multiple SQL Injecting in login/vehicle.php, login/profile.php, login/Actions.php, login/manage_employee.php, and login/sell.php scripts resulting in the expose of user's login credentials, SQL Injection and Stored XSS vulnerability, which leads to remote code executing. | |||||
| CVE-2017-10286 | 1 Oracle | 1 Mysql | 2018-03-23 | 3.5 LOW | 4.4 MEDIUM |
| Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: InnoDB). Supported versions that are affected are 5.6.37 and earlier and 5.7.19 and earlier. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.4 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H). | |||||
| CVE-2017-3243 | 1 Oracle | 1 Mysql | 2018-03-23 | 3.5 LOW | 4.4 MEDIUM |
| Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Charsets). Supported versions that are affected are 5.5.53 and earlier. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS v3.0 Base Score 4.4 (Availability impacts). | |||||
| CVE-2018-1208 | 2018-03-22 | N/A | N/A | ||
| ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none. | |||||
| CVE-2018-1209 | 2018-03-22 | N/A | N/A | ||
| ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none. | |||||
| CVE-2018-1210 | 2018-03-22 | N/A | N/A | ||
| ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none. | |||||
| CVE-2017-6927 | 2 Debian, Drupal | 2 Debian Linux, Drupal | 2018-03-22 | 4.3 MEDIUM | 6.1 MEDIUM |
| Drupal 8.4.x versions before 8.4.5 and Drupal 7.x versions before 7.57 has a Drupal.checkPlain() JavaScript function which is used to escape potentially dangerous text before outputting it to HTML (as JavaScript output does not typically go through Twig autoescaping). This function does not correctly handle all methods of injecting malicious HTML, leading to a cross-site scripting vulnerability under certain circumstances. The PHP functions which Drupal provides for HTML escaping are not affected. | |||||
| CVE-2017-6926 | 1 Drupal | 1 Drupal | 2018-03-22 | 5.5 MEDIUM | 8.1 HIGH |
| In Drupal versions 8.4.x versions before 8.4.5 users with permission to post comments are able to view content and comments they do not have access to, and are also able to add comments to this content. This vulnerability is mitigated by the fact that the comment system must be enabled and the attacker must have permission to post comments. | |||||
| CVE-2018-7579 | 1 Yzmcms | 1 Yzmcms | 2018-03-22 | 6.5 MEDIUM | 7.2 HIGH |
| \application\admin\controller\update_urls.class.php in YzmCMS 3.6 has SQL Injection via the catids array parameter to admin/update_urls/update_category_url.html. | |||||
| CVE-2018-7634 | 1 Enalean | 1 Tuleap | 2018-03-22 | 6.8 MEDIUM | 8.8 HIGH |
| An issue was discovered in Enalean Tuleap 9.17. Lack of CSRF attack mitigation while changing an e-mail address makes it possible to abuse the functionality by attackers. By making a CSRF attack, an attacker could make a victim change his registered e-mail address on the application, leading to account takeover. | |||||
| CVE-2017-6932 | 2 Debian, Drupal | 2 Debian Linux, Drupal | 2018-03-22 | 5.8 MEDIUM | 4.7 MEDIUM |
| Drupal core 7.x versions before 7.57 has an external link injection vulnerability when the language switcher block is used. A similar vulnerability exists in various custom and contributed modules. This vulnerability could allow an attacker to trick users into unwillingly navigating to an external site. | |||||
| CVE-2018-7249 | 2 Microsoft, Tivo | 5 Windows 7, Windows 8, Windows 8.1 and 2 more | 2018-03-22 | 6.9 MEDIUM | 7.0 HIGH |
| An issue was discovered in secdrv.sys as shipped in Microsoft Windows Vista, Windows 7, Windows 8, and Windows 8.1 before KB3086255, and as shipped in Macrovision SafeDisc. Two carefully timed calls to IOCTL 0xCA002813 can cause a race condition that leads to a use-after-free. When exploited, an unprivileged attacker can run arbitrary code in the kernel. | |||||
| CVE-2017-11635 | 1 - | 1 Wireless Ip Camera 360 | 2018-03-22 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered on Wireless IP Camera 360 devices. Attackers can read recordings by navigating to /mnt/idea0 or /mnt/idea1 on the SD memory card. | |||||
| CVE-2017-11634 | 1 - | 1 Wireless Ip Camera 360 | 2018-03-22 | 10.0 HIGH | 9.8 CRITICAL |
| An issue was discovered on Wireless IP Camera 360 devices. Remote attackers can discover a weakly encoded admin password by connecting to TCP port 9527 and reading the password field of the debugging information, e.g., nTBCS19C corresponds to a password of 123456. | |||||
| CVE-2013-5913 | 1 Oxid-esales | 1 Eshop | 2018-03-22 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in the getRecommSearch function in recommlist.php in OXID eShop before 4.6.7, Professional and Community Edition 4.7.x before 4.7.8, and Enterprise Edition 5.x before 5.0.8 allows remote attackers to inject arbitrary web script or HTML via the searchrecomm parameter. | |||||
| CVE-2018-7448 | 1 Cmsmadesimple | 1 Cms Made Simple | 2018-03-22 | 8.5 HIGH | 7.5 HIGH |
| Remote code execution vulnerability in /cmsms-2.1.6-install.php/index.php in CMS Made Simple version 2.1.6 allows remote attackers to inject arbitrary PHP code via the "timezone" parameter in step 4 of a fresh installation procedure. | |||||
| CVE-2016-10266 | 1 Libtiff | 1 Libtiff | 2018-03-22 | 4.3 MEDIUM | 5.5 MEDIUM |
| LibTIFF 4.0.7 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted TIFF image, related to libtiff/tif_read.c:351:22. | |||||
| CVE-2016-10267 | 1 Libtiff | 1 Libtiff | 2018-03-22 | 4.3 MEDIUM | 5.5 MEDIUM |
| LibTIFF 4.0.7 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted TIFF image, related to libtiff/tif_ojpeg.c:816:8. | |||||
| CVE-2016-10268 | 1 Libtiff | 1 Libtiff | 2018-03-22 | 6.8 MEDIUM | 7.8 HIGH |
| tools/tiffcp.c in LibTIFF 4.0.7 allows remote attackers to cause a denial of service (integer underflow and heap-based buffer under-read) or possibly have unspecified other impact via a crafted TIFF image, related to "READ of size 78490" and libtiff/tif_unix.c:115:23. | |||||
| CVE-2016-10371 | 1 Libtiff | 1 Libtiff | 2018-03-22 | 4.3 MEDIUM | 5.5 MEDIUM |
| The TIFFWriteDirectoryTagCheckedRational function in tif_dirwrite.c in LibTIFF 4.0.6 allows remote attackers to cause a denial of service (assertion failure and application exit) via a crafted TIFF file. | |||||
| CVE-2017-10688 | 1 Libtiff | 1 Libtiff | 2018-03-22 | 5.0 MEDIUM | 7.5 HIGH |
| In LibTIFF 4.0.8, there is a assertion abort in the TIFFWriteDirectoryTagCheckedLong8Array function in tif_dirwrite.c. A crafted input will lead to a remote denial of service attack. | |||||
| CVE-2017-11335 | 1 Libtiff | 1 Libtiff | 2018-03-22 | 6.8 MEDIUM | 8.8 HIGH |
| There is a heap based buffer overflow in tools/tiff2pdf.c of LibTIFF 4.0.8 via a PlanarConfig=Contig image, which causes a more than one hundred bytes out-of-bounds write (related to the ZIPDecode function in tif_zip.c). A crafted input may lead to a remote denial of service attack or an arbitrary code execution attack. | |||||
| CVE-2017-7592 | 1 Libtiff | 1 Libtiff | 2018-03-22 | 6.8 MEDIUM | 7.8 HIGH |
| The putagreytile function in tif_getimage.c in LibTIFF 4.0.7 has a left-shift undefined behavior issue, which might allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted image. | |||||
| CVE-2017-7593 | 1 Libtiff | 1 Libtiff | 2018-03-22 | 4.3 MEDIUM | 5.5 MEDIUM |
| tif_read.c in LibTIFF 4.0.7 does not ensure that tif_rawdata is properly initialized, which might allow remote attackers to obtain sensitive information from process memory via a crafted image. | |||||
| CVE-2017-7595 | 1 Libtiff | 1 Libtiff | 2018-03-22 | 4.3 MEDIUM | 5.5 MEDIUM |
| The JPEGSetupEncode function in tiff_jpeg.c in LibTIFF 4.0.7 allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted image. | |||||
| CVE-2017-7596 | 1 Libtiff | 1 Libtiff | 2018-03-22 | 6.8 MEDIUM | 7.8 HIGH |
| LibTIFF 4.0.7 has an "outside the range of representable values of type float" undefined behavior issue, which might allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted image. | |||||
| CVE-2017-7597 | 1 Libtiff | 1 Libtiff | 2018-03-22 | 6.8 MEDIUM | 7.8 HIGH |
| tif_dirread.c in LibTIFF 4.0.7 has an "outside the range of representable values of type float" undefined behavior issue, which might allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted image. | |||||