The Patriot Files Forums  

Go Back   The Patriot Files Forums > Military News > Cyber Warfare

Post New Thread  Reply
 
Thread Tools Display Modes
  #1  
Old 07-24-2018, 06:53 AM
The Patriot's Avatar
The Patriot The Patriot is offline
Senior Member
 

Join Date: Jun 2002
Posts: 1,386,283
Default SB18-204: Vulnerability Summary for the Week of July 16, 2018

SB18-204: Vulnerability Summary for the Week of July 16, 2018

07-23-2018 03:50 AM

Original release date: July 23, 2018
The US-CERT Cyber Security Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD) in the past week. The NVD is sponsored by the Department of Homeland Security (DHS) National Cybersecurity and Communications Integration Center (NCCIC) / United States Computer Emergency Readiness Team (US-CERT). For modified or updated entries, please visit the NVD, which contains historical vulnerability information.

The vulnerabilities are based on the CVE vulnerability naming standard and are organized according to severity, determined by the Common Vulnerability Scoring System (CVSS) standard. The division of high, medium, and low severities correspond to the following scores:
  • High - Vulnerabilities will be labeled High severity if they have a CVSS base score of 7.0 - 10.0
  • Medium - Vulnerabilities will be labeled Medium severity if they have a CVSS base score of 4.0 - 6.9
  • Low - Vulnerabilities will be labeled Low severity if they have a CVSS base score of 0.0 - 3.9
Entries may include additional information provided by organizations and efforts sponsored by US-CERT. This information may include identifying information, values, definitions, and related links. Patch information is provided when available. Please note that some of the information in the bulletins is compiled from external, open source reports and is not a direct result of US-CERT analysis.

The NCCIC Weekly Vulnerability Summary Bulletin is created using information from the National Institute of Standards and Technology (NIST) National Vulnerability Database (NVD). In some cases, the vulnerabilities in the Bulletin may not yet have assigned CVSS scores. Please visit NVD for updated vulnerability entries, which include CVSS scores once they are available.

*

High Vulnerabilities

Primary
Vendor -- ProductDescriptionPublishedCVSS ScoreSource & Patch InfoThere were no high vulnerabilities recorded this week.Back to top
*

Medium Vulnerabilities

Primary
Vendor -- ProductDescriptionPublishedCVSS ScoreSource & Patch Infooracle -- mysqlVulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Audit Log). Supported versions that are affected are 5.7.22 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).2018-07-184.0CVE-2018-3071
CONFIRM
@#15#Back to top
*

Low Vulnerabilities

Primary
Vendor -- ProductDescriptionPublishedCVSS ScoreSource & Patch InfoThere were no low vulnerabilities recorded this week.Back to top
*

Severity Not Yet Assigned

Primary
Vendor -- ProductDescriptionPublishedCVSS ScoreSource & Patch Info389-ds-base -- 389-ds-base

389-ds-base before versions 1.3.8.5, 1.4.0.12 is vulnerable to a Cleartext Storage of Sensitive Information. By default, when the Replica and/or retroChangeLog plugins are enabled, 389-ds-base stores passwords in plaintext format in their respective changelog files. An attacker with sufficiently high privileges, such as root or Directory Manager, can query these files in order to retrieve plaintext passwords.2018-07-18not yet calculatedCVE-2018-10871
CONFIRM
CONFIRMabb -- panel_builder_800

ABB Panel Builder 800 all versions has an improper input validation vulnerability which may allow an attacker to insert and run arbitrary code on a computer where the affected product is used.2018-07-18not yet calculatedCVE-2018-10616
CONFIRM
MISCaccountsservice -- accountsservice

Directory Traversal with ../ sequences occurs in AccountsService before 0.6.50 because of an insufficient path check in user_change_icon_file_authorized_cb() in user.c.2018-07-13not yet calculatedCVE-2018-14036
MISC
BID
MISC
MISC
MISCadobe -- acrobat_and_readerAdobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have a Heap Overflow vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user.2018-07-20not yet calculatedCVE-2018-5028
SECTRACK
CONFIRMadobe -- acrobat_and_readerAdobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have a Buffer Errors vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user.2018-07-20not yet calculatedCVE-2018-5043
BID
SECTRACK
CONFIRMadobe -- acrobat_and_readerAdobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have an Out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.2018-07-20not yet calculatedCVE-2018-5025
BID
SECTRACK
CONFIRMadobe -- acrobat_and_readerAdobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have a Buffer Errors vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user.2018-07-20not yet calculatedCVE-2018-5037
BID
SECTRACK
CONFIRMadobe -- acrobat_and_readerAdobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have an Out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.2018-07-20not yet calculatedCVE-2018-5050
BID
SECTRACK
CONFIRMadobe -- acrobat_and_readerAdobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have an Out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.2018-07-20not yet calculatedCVE-2018-5026
BID
SECTRACK
CONFIRMadobe -- acrobat_and_readerAdobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have an Out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.2018-07-20not yet calculatedCVE-2018-5049
BID
SECTRACK
CONFIRMadobe -- acrobat_and_readerAdobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have an Out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.2018-07-20not yet calculatedCVE-2018-5031
BID
SECTRACK
CONFIRMadobe -- acrobat_and_readerAdobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have an Out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.2018-07-20not yet calculatedCVE-2018-5060
BID
SECTRACK
CONFIRMadobe -- acrobat_and_readerAdobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have an Out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.2018-07-20not yet calculatedCVE-2018-5023
BID
SECTRACK
CONFIRMadobe -- acrobat_and_readerAdobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have an Out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.2018-07-20not yet calculatedCVE-2018-5048
BID
SECTRACK
CONFIRMadobe -- acrobat_and_readerAdobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have an Out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.2018-07-20not yet calculatedCVE-2018-5066
BID
SECTRACK
CONFIRMadobe -- acrobat_and_readerAdobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have a Heap Overflow vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user.2018-07-20not yet calculatedCVE-2018-5067
SECTRACK
CONFIRMadobe -- acrobat_and_readerAdobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have a Heap Overflow vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user.2018-07-20not yet calculatedCVE-2018-5015
SECTRACK
CONFIRMadobe -- acrobat_and_readerAdobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have an Out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.2018-07-20not yet calculatedCVE-2018-5027
BID
SECTRACK
CONFIRMadobe -- acrobat_and_readerAdobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have an Out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.2018-07-20not yet calculatedCVE-2018-5022
BID
SECTRACK
CONFIRMadobe -- acrobat_and_readerAdobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have an Out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.2018-07-20not yet calculatedCVE-2018-5055
BID
SECTRACK
CONFIRMadobe -- acrobat_and_readerAdobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have a Heap Overflow vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user.2018-07-20not yet calculatedCVE-2018-5032
SECTRACK
CONFIRMadobe -- acrobat_and_readerAdobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have a Use-after-free vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user.2018-07-20not yet calculatedCVE-2018-5065
BID
SECTRACK
CONFIRMadobe -- acrobat_and_readerAdobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have a Heap Overflow vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user.2018-07-20not yet calculatedCVE-2018-5052
SECTRACK
CONFIRMadobe -- acrobat_and_readerAdobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have an Out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user.2018-07-20not yet calculatedCVE-2018-5070
BID
SECTRACK
CONFIRMadobe -- acrobat_and_readerAdobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have an Out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.2018-07-20not yet calculatedCVE-2018-5047
BID
SECTRACK
CONFIRMadobe -- acrobat_and_readerAdobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have an Out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.2018-07-20not yet calculatedCVE-2018-5053
BID
SECTRACK
CONFIRMadobe -- acrobat_and_readerAdobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have a Heap Overflow vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user.2018-07-20not yet calculatedCVE-2018-5036
SECTRACK
CONFIRMadobe -- acrobat_and_readerAdobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have a Heap Overflow vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user.2018-07-20not yet calculatedCVE-2018-5038
SECTRACK
CONFIRMadobe -- acrobat_and_readerAdobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have a Type Confusion vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user.2018-07-20not yet calculatedCVE-2018-5057
BID
SECTRACK
CONFIRMadobe -- acrobat_and_readerAdobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have an Out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.2018-07-20not yet calculatedCVE-2018-5054
BID
SECTRACK
CONFIRMadobe -- acrobat_and_readerAdobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have an Untrusted pointer dereference vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user.2018-07-20not yet calculatedCVE-2018-5012
BID
SECTRACK
CONFIRMadobe -- acrobat_and_readerAdobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have an Out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.2018-07-20not yet calculatedCVE-2018-5019
BID
SECTRACK
CONFIRMadobe -- acrobat_and_readerAdobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have an Out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user.2018-07-20not yet calculatedCVE-2018-5069
BID
SECTRACK
CONFIRMadobe -- acrobat_and_readerAdobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have an Out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.2018-07-20not yet calculatedCVE-2018-5046
BID
SECTRACK
CONFIRMadobe -- acrobat_and_readerAdobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have an Out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.2018-07-20not yet calculatedCVE-2018-5016
BID
SECTRACK
CONFIRMadobe -- acrobat_and_readerAdobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have a Buffer Errors vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user.2018-07-20not yet calculatedCVE-2018-5034
BID
SECTRACK
CONFIRMadobe -- acrobat_and_readerAdobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have a Use-after-free vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user.2018-07-20not yet calculatedCVE-2018-5009
BID
SECTRACK
CONFIRMadobe -- acrobat_and_readerAdobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have an Out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.2018-07-20not yet calculatedCVE-2018-5014
BID
SECTRACK
CONFIRMadobe -- acrobat_and_readerAdobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have an Out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user.2018-07-20not yet calculatedCVE-2018-5020
BID
SECTRACK
CONFIRMadobe -- acrobat_and_readerAdobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have an Out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.2018-07-20not yet calculatedCVE-2018-5010
BID
SECTRACK
CONFIRMadobe -- acrobat_and_readerAdobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have an Out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.2018-07-20not yet calculatedCVE-2018-5018
BID
SECTRACK
CONFIRMadobe -- acrobat_and_readerAdobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have a Use-after-free vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user.2018-07-20not yet calculatedCVE-2018-5011
BID
SECTRACK
CONFIRMadobe -- acrobat_and_readerAdobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have an Out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.2018-07-20not yet calculatedCVE-2018-5039
BID
SECTRACK
CONFIRMadobe -- acrobat_and_readerAdobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have a Heap Overflow vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user.2018-07-20not yet calculatedCVE-2018-5041
SECTRACK
CONFIRMadobe -- acrobat_and_readerAdobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have an Out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.2018-07-20not yet calculatedCVE-2018-5033
BID
SECTRACK
CONFIRMadobe -- acrobat_and_readerAdobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have an Out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user.2018-07-20not yet calculatedCVE-2018-5042
BID
SECTRACK
CONFIRMadobe -- acrobat_and_readerAdobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have an Out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.2018-07-20not yet calculatedCVE-2018-5061
BID
SECTRACK
CONFIRMadobe -- acrobat_and_readerAdobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have an Out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.2018-07-20not yet calculatedCVE-2018-5056
BID
SECTRACK
CONFIRMadobe -- acrobat_and_readerAdobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have an Out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.2018-07-20not yet calculatedCVE-2018-5044
BID
SECTRACK
CONFIRMadobe -- acrobat_and_readerAdobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have a Heap Overflow vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user.2018-07-20not yet calculatedCVE-2018-5045
SECTRACK
CONFIRMadobe -- acrobat_and_readerAdobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have an Out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.2018-07-20not yet calculatedCVE-2018-5062
BID
SECTRACK
CONFIRMadobe -- acrobat_and_readerAdobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have an Out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user.2018-07-20not yet calculatedCVE-2018-5064
BID
SECTRACK
CONFIRMadobe -- acrobat_and_readerAdobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have a Heap Overflow vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user.2018-07-20not yet calculatedCVE-2018-5040
SECTRACK
CONFIRMadobe -- acrobat_and_readerAdobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have an Out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.2018-07-20not yet calculatedCVE-2018-5063
BID
SECTRACK
CONFIRMadobe -- acrobat_and_readerAdobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have an Out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user.2018-07-20not yet calculatedCVE-2018-5059
BID
SECTRACK
CONFIRMadobe -- acrobat_and_readerAdobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have an Out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.2018-07-20not yet calculatedCVE-2018-5068
BID
SECTRACK
CONFIRMadobe -- acrobat_and_readerAdobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have an Untrusted pointer dereference vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user.2018-07-20not yet calculatedCVE-2018-5030
BID
SECTRACK
CONFIRMadobe -- acrobat_and_readerAdobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have a Heap Overflow vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user.2018-07-20not yet calculatedCVE-2018-5058
SECTRACK
CONFIRMadobe -- acrobat_and_readerAdobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have an Out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.2018-07-20not yet calculatedCVE-2018-5029
BID
SECTRACK
CONFIRMadobe -- acrobat_and_reader

Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have an Out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.2018-07-20not yet calculatedCVE-2018-12761
BID
SECTRACK
CONFIRMadobe -- acrobat_and_readerAdobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have an Out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.2018-07-20not yet calculatedCVE-2018-5051
BID
SECTRACK
CONFIRMadobe -- acrobat_and_reader

Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have a Use-after-free vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user.2018-07-20not yet calculatedCVE-2018-12770
BID
SECTRACK
CONFIRMadobe -- acrobat_and_reader

Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have an Out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user.2018-07-20not yet calculatedCVE-2018-12760
BID
SECTRACK
CONFIRMadobe -- acrobat_and_reader

Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have a Use-after-free vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user.2018-07-20not yet calculatedCVE-2018-12776
BID
SECTRACK
CONFIRMadobe -- acrobat_and_readerAdobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have an Out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.2018-07-20not yet calculatedCVE-2018-5024
BID
SECTRACK
CONFIRMadobe -- acrobat_and_reader

Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have an Out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.2018-07-20not yet calculatedCVE-2018-12764
BID
SECTRACK
CONFIRMadobe -- acrobat_and_reader

Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have an Out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.2018-07-20not yet calculatedCVE-2018-12762
BID
SECTRACK
CONFIRMadobe -- acrobat_and_reader

Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have an Out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user.2018-07-20not yet calculatedCVE-2018-12754
BID
SECTRACK
CONFIRMadobe -- acrobat_and_reader

Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have an Out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.2018-07-20not yet calculatedCVE-2018-12777
BID
SECTRACK
CONFIRMadobe -- acrobat_and_reader

Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have an Out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.2018-07-20not yet calculatedCVE-2018-12780
BID
SECTRACK
CONFIRMadobe -- acrobat_and_reader

Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have a Type Confusion vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user.2018-07-20not yet calculatedCVE-2018-12794
BID
SECTRACK
CONFIRMadobe -- acrobat_and_reader

Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have an Out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user.2018-07-20not yet calculatedCVE-2018-12755
BID
SECTRACK
CONFIRMadobe -- acrobat_and_reader

Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have a Type Confusion vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user.2018-07-20not yet calculatedCVE-2018-12793
BID
SECTRACK
CONFIRMadobe -- acrobat_and_reader

Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have a Use-after-free vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user.2018-07-20not yet calculatedCVE-2018-12797
BID
SECTRACK
CONFIRMadobe -- acrobat_and_reader

Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have a Use-after-free vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user.2018-07-20not yet calculatedCVE-2018-12792
BID
SECTRACK
CONFIRMadobe -- acrobat_and_reader

Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have a Use-after-free vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user.2018-07-20not yet calculatedCVE-2018-12796
BID
SECTRACK
CONFIRMadobe -- acrobat_and_reader

Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have a Use-after-free vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user.2018-07-20not yet calculatedCVE-2018-12773
BID
SECTRACK
CONFIRMadobe -- acrobat_and_reader

Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have an Out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user.2018-07-20not yet calculatedCVE-2018-12758
BID
SECTRACK
CONFIRMadobe -- acrobat_and_reader

Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have an Out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.2018-07-20not yet calculatedCVE-2018-12795
BID
SECTRACK
CONFIRMadobe -- acrobat_and_reader

Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have an Out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user.2018-07-20not yet calculatedCVE-2018-12771
BID
SECTRACK
CONFIRMadobe -- acrobat_and_reader

Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have an Out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.2018-07-20not yet calculatedCVE-2018-12781
BID
SECTRACK
CONFIRMadobe -- acrobat_and_reader

Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have an Out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.2018-07-20not yet calculatedCVE-2018-12766
BID
SECTRACK
CONFIRMadobe -- acrobat_and_readerAdobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have an Out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.2018-07-20not yet calculatedCVE-2018-5035
BID
SECTRACK
CONFIRMadobe -- acrobat_and_reader

Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have an Out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.2018-07-20not yet calculatedCVE-2018-12767
BID
SECTRACK
CONFIRMadobe -- acrobat_and_reader

Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have an Out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.2018-07-20not yet calculatedCVE-2018-12757
BID
SECTRACK
CONFIRMadobe -- acrobat_and_readerAdobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have an Out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user.2018-07-20not yet calculatedCVE-2018-5021
BID
SECTRACK
CONFIRMadobe -- acrobat_and_reader

Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have an Out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.2018-07-20not yet calculatedCVE-2018-12763
BID
SECTRACK
CONFIRMadobe -- acrobat_and_reader

Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have a Use-after-free vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user.2018-07-20not yet calculatedCVE-2018-12772
BID
SECTRACK
CONFIRMadobe -- acrobat_and_reader

Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have a Use-after-free vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user.2018-07-20not yet calculatedCVE-2018-12756
BID
SECTRACK
CONFIRMadobe -- acrobat_and_reader

Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have an Out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.2018-07-20not yet calculatedCVE-2018-12765
BID
SECTRACK
CONFIRMadobe -- acrobat_and_reader

Adobe Acrobat and Reader 2018.011.20038 and earlier, 2017.011.30079 and earlier, and 2015.006.30417 and earlier versions have a Type Confusion vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user.2018-07-20not yet calculatedCVE-2018-12812
CONFIRMadobe -- acrobat_and_reader

Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have a Use-after-free vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user.2018-07-20not yet calculatedCVE-2018-12815
CONFIRMadobe -- acrobat_and_reader

Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have an Out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.2018-07-20not yet calculatedCVE-2018-12789
BID
SECTRACK
CONFIRMadobe -- acrobat_and_reader

Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have an Out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.2018-07-20not yet calculatedCVE-2018-12786
BID
SECTRACK
CONFIRMadobe -- acrobat_and_reader

Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have a Heap Overflow vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user.2018-07-20not yet calculatedCVE-2018-12798
SECTRACK
CONFIRMadobe -- acrobat_and_reader

Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have an Out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.2018-07-20not yet calculatedCVE-2018-12779
BID
SECTRACK
CONFIRMadobe -- acrobat_and_reader

Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have a Heap Overflow vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user.2018-07-20not yet calculatedCVE-2018-12785
SECTRACK
CONFIRMadobe -- acrobat_and_reader

Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have an Out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.2018-07-20not yet calculatedCVE-2018-12768
BID
SECTRACK
CONFIRMadobe -- acrobat_and_reader

Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have an Out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.2018-07-20not yet calculatedCVE-2018-12774
BID
SECTRACK
CONFIRMadobe -- acrobat_and_reader

Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have an Out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user.2018-07-20not yet calculatedCVE-2018-12787
BID
SECTRACK
CONFIRMadobe -- acrobat_and_reader

Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have an Out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.2018-07-20not yet calculatedCVE-2018-12803
BID
SECTRACK
CONFIRMadobe -- acrobat_and_reader

Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have a Use-after-free vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user.2018-07-20not yet calculatedCVE-2018-12783
BID
SECTRACK
CONFIRMadobe -- acrobat_and_reader

Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have a Heap Overflow vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user.2018-07-20not yet calculatedCVE-2018-12788
SECTRACK
CONFIRMadobe -- acrobat_and_reader

Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have a Double Free vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user.2018-07-20not yet calculatedCVE-2018-12782
BID
SECTRACK
CONFIRMadobe -- acrobat_and_reader

Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have a Security Bypass vulnerability. Successful exploitation could lead to privilege escalation.2018-07-20not yet calculatedCVE-2018-12802
BID
SECTRACK
CONFIRMadobe -- acrobat_and_reader

Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have a Buffer Errors vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user.2018-07-20not yet calculatedCVE-2018-12784
BID
SECTRACK
CONFIRMadobe -- acrobat_and_readerAdobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have an Out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.2018-07-20not yet calculatedCVE-2018-5017
BID
SECTRACK
CONFIRMadobe -- acrobat_and_reader

Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have an Out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.2018-07-20not yet calculatedCVE-2018-12790
BID
SECTRACK
CONFIRMadobe -- acrobat_and_reader

Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have a Use-after-free vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user.2018-07-20not yet calculatedCVE-2018-12791
BID
SECTRACK
CONFIRMadobe -- connectAdobe Connect versions 9.7.5 and earlier have an Authentication Bypass vulnerability. Successful exploitation could lead to session hijacking.2018-07-20not yet calculatedCVE-2018-12804
BID
SECTRACK
CONFIRMadobe -- connect

Adobe Connect versions 9.7.5 and earlier have an Insecure Library Loading vulnerability. Successful exploitation could lead to privilege escalation.2018-07-20not yet calculatedCVE-2018-12805
BID
CONFIRMadobe -- experience_managerAdobe Experience Manager versions 6.4 and earlier have a Server-Side Request Forgery vulnerability. Successful exploitation could lead to sensitive information disclosure.2018-07-20not yet calculatedCVE-2018-12809
BID
CONFIRMadobe -- experience_managerAdobe Experience Manager versions 6.2 and 6.3 have a Server-Side Request Forgery vulnerability. Successful exploitation could lead to sensitive information disclosure.2018-07-20not yet calculatedCVE-2018-5004
BID
CONFIRMadobe -- experience_managerAdobe Experience Manager versions 6.4 and earlier have a Server-Side Request Forgery vulnerability. Successful exploitation could lead to sensitive information disclosure.2018-07-20not yet calculatedCVE-2018-5006
BID
CONFIRMadobe -- flash_playerAdobe Flash Player 30.0.0.113 and earlier versions have an Out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.2018-07-20not yet calculatedCVE-2018-5008
BID
SECTRACK
REDHAT
CONFIRMadobe -- flash_playerAdobe Flash Player 30.0.0.113 and earlier versions have a Type Confusion vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user.2018-07-20not yet calculatedCVE-2018-5007
BID
SECTRACK
REDHAT
CONFIRMansible -- ansibleAnsible before versions 2.3.1.0 and 2.4.0.0 fails to properly mark lookup-plugin results as unsafe. If an attacker could control the results of lookup() calls, they could inject Unicode strings to be parsed by the jinja2 templating system, resulting in code execution. By default, the jinja2 templating language is now marked as 'unsafe' and is not evaluated.2018-07-19not yet calculatedCVE-2017-7481
BID
REDHAT
REDHAT
REDHAT
REDHAT
REDHAT
REDHAT
CONFIRM
CONFIRMant -- antant before version 1.9.12 unzip and untar targets allows the extraction of files outside the target directory. A crafted zip or tar file submitted to an Ant build could create or overwrite arbitrary files with the privileges of the user running Ant.2018-07-16not yet calculatedCVE-2018-10886
CONFIRM
MLISTapache -- ambariApache Ambari, version 2.5.0 to 2.6.2, passwords for Hadoop credential stores are exposed in Ambari Agent informational log messages when the credential store feature is enabled for eligible services. For example, Hive and Oozie.2018-07-18not yet calculatedCVE-2018-8042
CONFIRMapache -- httpd_server

By specially crafting HTTP requests, the mod_md challenge handler would dereference a NULL pointer and cause the child process to segfault. This could be used to DoS the server. Fixed in Apache HTTP Server 2.4.34 (Affected 2.4.33).2018-07-18not yet calculatedCVE-2018-8011
CONFIRMapache -- ignite

Apache Ignite 2.5 and earlier serialization mechanism does not have a list of classes allowed for serialization/deserialization, which makes it possible to run arbitrary code when third party vulnerable classes are present in Ignite classpath. The vulnerability can be exploited if the one sends a specially prepared form of a serialized object to GridClientJdkMarshaller deserialization endpoint.2018-07-19not yet calculatedCVE-2018-8018
MLISTapple -- webkitWebKitGTK+ 2.20.3 has an off-by-one error, with a resultant out-of-bounds write, in the get_simple_globs functions in ThirdParty/xdgmime/src/xdgmimecache.c and ThirdParty/xdgmime/src/xdgmimeglob.c.2018-07-19not yet calculatedCVE-2018-12911
MISCatlassian -- jira

The EditIssue.jspa resource in Atlassian Jira before version 7.6.7 and from version 7.7.0 before version 7.10.1 allows remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability in the issuetype parameter.2018-07-18not yet calculatedCVE-2018-5232
CONFIRMatlassian -- jira_serverThe IncomingMailServers resource in Atlassian JIRA Server before version 7.6.7, from version 7.7.0 before version 7.7.5, from version 7.8.0 before version 7.8.5, from version 7.9.0 before version 7.9.3 and from version 7.10.0 before version 7.10.2 allows remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability in the messagesThreshold parameter as the fix for CVE-2017-18039 was incomplete.2018-07-16not yet calculatedCVE-2018-13387
CONFIRMatlassian -- multiple_productsThe atlassian-http library, as used in various Atlassian products, before version 2.0.2 allows remote attackers to spoof web content in the Mozilla Firefox Browser through uploaded files that have a content-type of application/mathml+xml.2018-07-18not yet calculatedCVE-2017-18103
CONFIRMatlassian -- universal_plugin_manager

The NotificationRepresentationFactoryImpl class in Atlassian Universal Plugin Manager before version 2.22.9 allows remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability in the name of user submitted add-on names.2018-07-16not yet calculatedCVE-2018-5229
CONFIRMaveva -- indusoft_web_studio

AVEVA InduSoft Web Studio v8.1 and v8.1SP1, and InTouch Machine Edition v2017 8.1 and v2017 8.1 SP1 a remote user could send a carefully crafted packet to exploit a stack-based buffer overflow vulnerability during tag, alarm, or event related actions such as read and write, with potential for code to be executed.2018-07-19not yet calculatedCVE-2018-10620
MISC
CONFIRMaxml-parser -- axml-parserCopyData in AxmlParser.c in AXML Parser through 2018-01-04 has an out-of-bounds read.2018-07-19not yet calculatedCVE-2018-14401
MISCaxmldec -- axmldecaxmldec 1.2.0 has an out-of-bounds write in the jitana::axml_parser::parse_start_namespace function in lib/jitana/util/axml_parser.cpp.2018-07-19not yet calculatedCVE-2018-14402
MISCbento4 -- bento4In Bento4 v1.5.1-624, AP4_File::ParseStream in Ap4File.cpp allows remote attackers to cause a denial of service (infinite loop) via a crafted MP4 file.2018-07-20not yet calculatedCVE-2018-14445
MISC
MISCcanvas -- draw

An exploitable out-of-bounds write exists in the TIFF parsing functionality of Canvas Draw version 4.0.0. A specially crafted TIFF image processed via the application can lead to an out-of-bounds write, overwriting arbitrary data. An attacker can deliver a TIFF image to trigger this vulnerability and gain the ability to execute code. A different vulnerability than CVE-2018-3859.2018-07-19not yet calculatedCVE-2018-3860
MISCcanvas -- draw

An exploitable heap overflow exists in the TIFF parsing functionality of Canvas Draw version 4.0.0. A specially crafted TIFF image processed via the application can lead to an out-of-bounds write, overwriting arbitrary data. An attacker can deliver a TIFF image to trigger this vulnerability and gain code execution. A different vulnerability than CVE-2018-3858.2018-07-19not yet calculatedCVE-2018-3857
MISCcanvas -- draw

An exploitable heap overflow exists in the TIFF parsing functionality of Canvas Draw version 4.0.0. A specially crafted TIFF image processed via the application can lead to an out-of-bounds write, overwriting arbitrary data. An attacker can deliver a TIFF image to trigger this vulnerability and gain the ability to execute code. A different vulnerability than CVE-2018-3857.2018-07-19not yet calculatedCVE-2018-3858
MISCcanvas -- draw

An exploitable out-of-bounds write exists in the PCX parsing functionality of Canvas Draw version 4.0.0. A specially crafted PCX image processed via the application can lead to an out-of-bounds write, overwriting arbitrary data. An attacker can deliver a PCX image to trigger this vulnerability and gain code execution. A different vulnerability than CVE-2018-3870.2018-07-19not yet calculatedCVE-2018-3871
MISCcanvas -- draw

An exploitable out-of-bounds write exists in the TIFF parsing functionality of Canvas Draw version 4.0.0. A specially crafted TIFF image processed via the application can lead to an out-of-bounds write, overwriting arbitrary data. An attacker can deliver a TIFF image to trigger this vulnerability and gain code execution. A different vulnerability than CVE-2018-3860.2018-07-19not yet calculatedCVE-2018-3859
MISCcanvas -- draw

An exploitable out-of-bounds write exists in the PCX parsing functionality of Canvas Draw version 4.0.0. A specially crafted PCX image processed via the application can lead to an out-of-bounds write, overwriting arbitrary data. An attacker can deliver a PCX image to trigger this vulnerability and gain code execution. A different vulnerability than CVE-2018-3871.2018-07-19not yet calculatedCVE-2018-3870
MISCcckevincyh -- ssh_companywebsiteAn issue was discovered in cckevincyh SSH CompanyWebsite through 2018-05-03. admin/admin/fileUploadAction_fileUpload.action allows arbitrary file upload, as demonstrated by a .jsp file with the image/jpeg content type.2018-07-19not yet calculatedCVE-2018-14441
MISCcckevincyh -- ssh_companywebsiteAn issue was discovered in cckevincyh SSH CompanyWebsite through 2018-05-03. SQL injection exists via the admin/noticeManageAction_queryNotice.action noticeInfo parameter.2018-07-19not yet calculatedCVE-2018-14440
MISCcisco -- cloud_services_platformA vulnerability in the web upload function of Cisco Cloud Services Platform 2100 could allow an authenticated, remote attacker to obtain restricted shell access on an affected system. The vulnerability is due to insufficient input validation of parameters passed to a specific function within the user interface. An attacker could exploit this vulnerability by injecting code into a function parameter. Cisco Bug IDs: CSCvi12935.2018-07-18not yet calculatedCVE-2018-0394
CONFIRMcisco -- digital_network_architecture_centerA vulnerability in Cisco Digital Network Architecture (DNA) Center could allow an authenticated, local attacker to access sensitive information on an affected system. The vulnerability is due to insufficient security restrictions imposed by the affected software. An attacker could exploit this vulnerability by accessing unprotected log files. A successful exploit could allow the attacker to access sensitive log files, which may include system credentials, on the affected device. Cisco Bug IDs: CSCvi22400.2018-07-16not yet calculatedCVE-2018-0368
BID
CONFIRMcisco -- finesseMultiple vulnerabilities in the web-based management interface of Cisco Finesse could allow an unauthenticated, remote attacker to conduct a server-side request forgery (SSRF) attack. Cisco Bug IDs: CSCvg71018.2018-07-18not yet calculatedCVE-2018-0398
CONFIRMcisco -- finesseMultiple vulnerabilities in the web-based management interface of Cisco Finesse could allow an unauthenticated, remote attacker to retrieve a cleartext password from an affected system. Cisco Bug IDs: CSCvg71044.2018-07-18not yet calculatedCVE-2018-0399
CONFIRMcisco -- firepower_system_softwareA vulnerability in the detection engine of Cisco Firepower System Software could allow an unauthenticated, remote attacker to cause one of the detection engine processes to run out of memory and thus slow down traffic processing. The vulnerability is due to improper handling of traffic when the Secure Sockets Layer (SSL) inspection policy is enabled. An attacker could exploit this vulnerability by sending malicious traffic through an affected device. An exploit could allow the attacker to increase the resource consumption of a single instance of the Snort detection engine on an affected device. This will lead to performance degradation and eventually the restart of the affected Snort process. Cisco Bug IDs: CSCvi09219, CSCvi29845.2018-07-16not yet calculatedCVE-2018-0370
BID
CONFIRMcisco -- firepower_system_softwareA vulnerability in the detection engine parsing of Security Socket Layer (SSL) protocol packets for Cisco Firepower System Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition due to the Snort process unexpectedly restarting. The vulnerability is due to improper input handling of the SSL traffic. An attacker could exploit this vulnerability by sending a crafted SSL traffic to the detection engine on the targeted device. An exploit could allow the attacker to cause a DoS condition if the Snort process restarts and traffic inspection is bypassed or traffic is dropped. Cisco Bug IDs: CSCvi36434.2018-07-16not yet calculatedCVE-2018-0385
BID
CONFIRMcisco -- firesight_system_softwareA vulnerability in the detection engine of Cisco FireSIGHT System Software could allow an unauthenticated, remote attacker to bypass a URL-based access control policy that is configured to block traffic for an affected system. The vulnerability exists because the affected software incorrectly handles TCP packets that are received out of order when a TCP SYN retransmission is issued. An attacker could exploit this vulnerability by sending a maliciously crafted connection through an affected device. A successful exploit could allow the attacker to bypass a URL-based access control policy that is configured to block traffic for the affected system. Cisco Bug IDs: CSCvh84511.2018-07-16not yet calculatedCVE-2018-0384
BID
SECTRACK
CONFIRMcisco -- firesight_system_softwareA vulnerability in the detection engine of Cisco FireSIGHT System Software could allow an unauthenticated, remote attacker to bypass a file policy that is configured to block the transfer of files to an affected system via FTP. The vulnerability exists because the affected software incorrectly handles FTP control connections. An attacker could exploit this vulnerability by sending a maliciously crafted FTP connection to transfer a file to an affected device. A successful exploit could allow the attacker to bypass a file policy that is configured to apply the Block upload with reset action to FTP traffic. Cisco Bug IDs: CSCvh70130.2018-07-16not yet calculatedCVE-2018-0383
BID
SECTRACK
CONFIRMcisco -- ip_phone_6800_7800_and_8800A vulnerability in the web-based UI of Cisco IP Phone 6800, 7800, and 8800 Series with Multiplatform Firmware before 11.2(1) could allow an authenticated, remote attacker to perform a command injection and execute commands with the privileges of the web server. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by including arbitrary shell commands in a specific user input field. Cisco Bug IDs: CSCvi51426.2018-07-16not yet calculatedCVE-2018-0341
BID
SECTRACK
CONFIRMcisco -- multiple_productsA vulnerability in the vManage dashboard for the configuration and management service of the Cisco SD-WAN Solution could allow an authenticated, remote attacker to inject and execute arbitrary commands with vmanage user privileges on an affected system. The vulnerability is due to insufficient input validation of data parameters for certain fields in the affected solution. An attacker could exploit this vulnerability by configuring a malicious username on the login page of the affected solution. A successful exploit could allow the attacker to inject and execute arbitrary commands with vmanage user privileges on an affected system. This vulnerability affects the following Cisco products if they are running a release of the Cisco SD-WAN Solution prior to Release 18.3.0: vBond Orchestrator Software, vEdge 100 Series Routers, vEdge 1000 Series Routers, vEdge 2000 Series Routers, vEdge 5000 Series Routers, vEdge Cloud Router Platform, vManage Network Management Software, vSmart Controller Software. Cisco Bug IDs: CSCvi69974.2018-07-18not yet calculatedCVE-2018-0344
CONFIRMcisco -- multiple_productsA vulnerability in the configuration and monitoring service of the Cisco SD-WAN Solution could allow an authenticated, local attacker to execute arbitrary code with root privileges or cause a denial of service (DoS) condition on an affected device. The vulnerability is due to incomplete bounds checks for data that is provided by the configuration and monitoring service of the affected solution. An attacker could exploit this vulnerability by sending malicious data to the vDaemon listening service on an affected device. A successful exploit could allow the attacker to cause a buffer overflow condition on the affected device, which could allow the attacker to execute arbitrary code with root privileges on the device or cause the vDaemon listening service to reload and result in a DoS condition on the device. This vulnerability affects the following Cisco products if they are running a release of the Cisco SD-WAN Solution prior to Release 18.3.0: vBond Orchestrator Software, vEdge 100 Series Routers, vEdge 1000 Series Routers, vEdge 2000 Series Routers, vEdge 5000 Series Routers, vEdge Cloud Router Platform, vManage Network Management Software, vSmart Controller Software. Cisco Bug IDs: CSCvi70003.2018-07-18not yet calculatedCVE-2018-0342
CONFIRMcisco -- multiple_productsA vulnerability in the CLI of the Cisco SD-WAN Solution could allow an authenticated, remote attacker to inject arbitrary commands that are executed with root privileges. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by authenticating to the device and submitting malicious input to the load command within the VPN subsystem. The attacker must be authenticated to access the affected CLI parameter. A successful exploit could allow an attacker to execute commands with root privileges. This vulnerability affects the following Cisco products if they are running a release of the Cisco SD-WAN Solution prior to Release 18.3.0: vBond Orchestrator Software, vEdge 100 Series Routers, vEdge 1000 Series Routers, vEdge 2000 Series Routers, vEdge 5000 Series Routers, vEdge Cloud Router Platform, vManage Network Management Software, vSmart Controller Software. Cisco Bug IDs: CSCvi69866.2018-07-18not yet calculatedCVE-2018-0348
CONFIRMcisco -- multiple_productsA vulnerability in the VPN subsystem configuration in the Cisco SD-WAN Solution could allow an authenticated, remote attacker to inject arbitrary commands that are executed with root privileges. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by authenticating to the device and submitting crafted input to the affected parameter in a web page. The attacker must be authenticated to access the affected parameter. A successful exploit could allow the attacker to execute commands with root privileges. This vulnerability affects the following Cisco products if they are running a release of the Cisco SD-WAN Solution prior to Release 18.3.0: vBond Orchestrator Software, vEdge 100 Series Routers, vEdge 1000 Series Routers, vEdge 2000 Series Routers, vEdge 5000 Series Routers, vEdge Cloud Router Platform, vManage Network Management Software, vSmart Controller Software. Cisco Bug IDs: CSCvi69808, CSCvi69810, CSCvi69814, CSCvi69822, CSCvi69827, CSCvi69828, CSCvi69836.2018-07-18not yet calculatedCVE-2018-0350
CONFIRMcisco -- multiple_productsA vulnerability in the Cisco SD-WAN Solution could allow an authenticated, remote attacker to overwrite arbitrary files on the underlying operating system of an affected device. The vulnerability is due to improper input validation of the request admin-tech command in the CLI of the affected software. An attacker could exploit this vulnerability by modifying the request admin-tech command in the CLI of an affected device. A successful exploit could allow the attacker to overwrite arbitrary files on the underlying operating system of an affected device and escalate their privileges to the root user. This vulnerability affects the following Cisco products if they are running a release of the Cisco SD-WAN Solution prior to Release 18.3.0: vBond Orchestrator Software, vEdge 100 Series Routers, vEdge 1000 Series Routers, vEdge 2000 Series Routers, vEdge 5000 Series Routers, vEdge Cloud Router Platform, vManage Network Management Software, vSmart Controller Software. Cisco Bug IDs: CSCvi69852, CSCvi69856.2018-07-18not yet calculatedCVE-2018-0349
BID
CONFIRMcisco -- multiple_productsA vulnerability in the configuration and management database of the Cisco SD-WAN Solution could allow an authenticated, remote attacker to execute arbitrary commands with the privileges of the vmanage user in the configuration management system of the affected software. The vulnerability is due to insufficient validation of command arguments that are passed to the configuration and management database of the affected software. An attacker could exploit this vulnerability by creating custom functions that contain malicious code and are executed as the vmanage user of the configuration management system. A successful exploit could allow the attacker to execute arbitrary commands with the privileges of the vmanage user in the configuration management system of the affected software. This vulnerability affects the following Cisco products if they are running a release of the Cisco SD-WAN Solution prior to Release 18.3.0: vBond Orchestrator Software, vManage Network Management Software, vSmart Controller Software. Cisco Bug IDs: CSCvi69937.2018-07-18not yet calculatedCVE-2018-0345
BID
CONFIRMcisco -- multiple_productsA vulnerability in the configuration and management service of the Cisco SD-WAN Solution could allow an authenticated, remote attacker to execute arbitrary code with vmanage user privileges or cause a denial of service (DoS) condition on an affected system. The vulnerability is due to insufficient access restrictions to the HTTP management interface of the affected solution. An attacker could exploit this vulnerability by sending a malicious HTTP request to the affected management service through an authenticated device. A successful exploit could allow the attacker to execute arbitrary code with vmanage user privileges or stop HTTP services on an affected system. This vulnerability affects the following Cisco products if they are running a release of the Cisco SD-WAN Solution prior to Release 18.3.0: vBond Orchestrator Software, vEdge 100 Series Routers, vEdge 1000 Series Routers, vEdge 2000 Series Routers, vEdge 5000 Series Routers, vEdge Cloud Router Platform, vManage Network Management Software, vSmart Controller Software. Cisco Bug IDs: CSCvi69976.2018-07-18not yet calculatedCVE-2018-0343
BID
CONFIRMcisco -- multiple_productsA vulnerability in the command-line tcpdump utility in the Cisco SD-WAN Solution could allow an authenticated, local attacker to inject arbitrary commands that are executed with root privileges. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by authenticating to the device and submitting crafted input to the tcpdump utility. The attacker must be authenticated to access the tcpdump utility. A successful exploit could allow the attacker to execute commands with root privileges. This vulnerability affects the following Cisco products if they are running a release of the Cisco SD-WAN Solution prior to Release 18.3.0: vBond Orchestrator Software, vEdge 100 Series Routers, vEdge 1000 Series Routers, vEdge 2000 Series Routers, vEdge 5000 Series Routers, vEdge Cloud Router Platform, vManage Network Management Software, vSmart Controller Software. Cisco Bug IDs: CSCvi69751.2018-07-18not yet calculatedCVE-2018-0351
BID
CONFIRMcisco -- multiple_productsA vulnerability in the Zero Touch Provisioning service of the Cisco SD-WAN Solution could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to incorrect bounds checks for certain values in packets that are sent to the Zero Touch Provisioning service of the affected software. An attacker could exploit this vulnerability by sending malicious packets to the affected software for processing. When the software processes the packets, a buffer overflow condition could occur and cause an affected device to reload. A successful exploit could allow the attacker to cause a temporary DoS condition while the device reloads. This vulnerability can be exploited only by traffic that is destined for an affected device. It cannot be exploited by traffic that is transiting a device. This vulnerability affects the following Cisco products if they are running a release of the Cisco SD-WAN Solution prior to Release 18.3.0: vBond Orchestrator Software, vManage Network Management Software, vSmart Controller Software. Cisco Bug IDs: CSCvi69914.2018-07-18not yet calculatedCVE-2018-0346
BID
CONFIRMcisco -- multiple_productsA vulnerability in the Zero Touch Provisioning (ZTP) subsystem of the Cisco SD-WAN Solution could allow an authenticated, local attacker to inject arbitrary commands that are executed with root privileges. The vulnerability is due to insufficient input validation. An attacker could exploit this vulnerability by authenticating to the device and submitting malicious input to the affected parameter. The attacker must be authenticated to access the affected parameter. A successful exploit could allow an attacker to execute commands with root privileges. This vulnerability affects the following Cisco products if they are running a release of the Cisco SD-WAN Solution prior to Release 18.3.0: vEdge 100 Series Routers, vEdge 1000 Series Routers, vEdge 2000 Series Routers, vEdge 5000 Series Routers. Cisco Bug IDs: CSCvi69906.2018-07-18not yet calculatedCVE-2018-0347
BID
CONFIRMcisco -- nexus_9000_series_fabric_switchesA vulnerability in the DHCPv6 feature of the Cisco Nexus 9000 Series Fabric Switches in Application-Centric Infrastructure (ACI) Mode could allow an unauthenticated, remote attacker to cause the device to run low on system memory, which could result in a Denial of Service (DoS) condition on an affected system. The vulnerability is due to improper memory management when DHCPv6 packets are received on an interface of the targeted device. An attacker could exploit this vulnerability by sending a high number of malicious DHCPv6 packets to be processed by an affected device. A successful exploit could allow the attacker to cause the system to run low on memory, which could cause an eventual reboot of an affected device. The vulnerability only applies to IPv6 protocol packets and not for IPv4 protocol packets. This vulnerability affects Cisco Nexus 9000 Series Fabric Switches in ACI Mode running software version 13.0(1k). The vulnerability can only be exploited when unicast routing is enabled on the Bridge Domain (BD). DHCP and DHCP relay do not have to be configured for the vulnerability to be exploited. Cisco Bug IDs: CSCvg38918.2018-07-18not yet calculatedCVE-2018-0372
CONFIRMcisco -- policy_suiteA vulnerability in the Policy Builder database of Cisco Policy Suite before 18.2.0 could allow an unauthenticated, remote attacker to connect directly to the Policy Builder database. The vulnerability is due to a lack of authentication. An attacker could exploit this vulnerability by connecting directly to the Policy Builder database. A successful exploit could allow the attacker to access and change any data in the Policy Builder database. Cisco Bug IDs: CSCvh06134.2018-07-18not yet calculatedCVE-2018-0374
BID
CONFIRMcisco -- policy_suiteA vulnerability in the Cluster Manager of Cisco Policy Suite before 18.2.0 could allow an unauthenticated, remote attacker to log in to an affected system using the root account, which has default, static user credentials. The vulnerability is due to the presence of undocumented, static user credentials for the root account. An attacker could exploit this vulnerability by using the account to log in to an affected system. An exploit could allow the attacker to log in to the affected system and execute arbitrary commands as the root user. Cisco Bug IDs: CSCvh02680.2018-07-18not yet calculatedCVE-2018-0375
BID
CONFIRMcisco -- policy_suiteA vulnerability in the Policy Builder interface of Cisco Policy Suite before 18.2.0 could allow an unauthenticated, remote attacker to access the Policy Builder interface. The vulnerability is due to a lack of authentication. An attacker could exploit this vulnerability by accessing the Policy Builder interface. A successful exploit could allow the attacker to make changes to existing repositories and create new repositories. Cisco Bug IDs: CSCvi35109.2018-07-18not yet calculatedCVE-2018-0376
BID
CONFIRMcisco -- policy_suiteA vulnerability in the CLI of Cisco Policy Suite could allow an authenticated, local attacker to access files owned by another user. The vulnerability is due to insufficient access control permissions (i.e., World-Readable). An attacker could exploit this vulnerability by logging in to the CLI. An exploit could allow the attacker to access potentially sensitive files that are owned by a different user. Cisco Bug IDs: CSCvh18087.2018-07-18not yet calculatedCVE-2018-0392
CONFIRMcisco -- policy_suiteA Read-Only User Effect Change vulnerability in the Policy Builder interface of Cisco Policy Suite could allow an authenticated, remote attacker to make policy changes in the Policy Builder interface. The vulnerability is due to insufficient authorization controls. An attacker could exploit this vulnerability by accessing the Policy Builder interface and modifying an HTTP request. A successful exploit could allow the attacker to make changes to existing policies. Cisco Bug IDs: CSCvi35007.2018-07-18not yet calculatedCVE-2018-0393
CONFIRMcisco -- policy_suiteA vulnerability in the Open Systems Gateway initiative (OSGi) interface of Cisco Policy Suite before 18.1.0 could allow an unauthenticated, remote attacker to directly connect to the OSGi interface. The vulnerability is due to a lack of authentication. An attacker could exploit this vulnerability by directly connecting to the OSGi interface. An exploit could allow the attacker to access or change any files that are accessible by the OSGi process. Cisco Bug IDs: CSCvh18017.2018-07-18not yet calculatedCVE-2018-0377
BID
CONFIRMcisco -- starosA vulnerability in the reassembly logic for fragmented IPv4 packets of Cisco StarOS running on virtual platforms could allow an unauthenticated, remote attacker to trigger a reload of the npusim process, resulting in a denial of service (DoS) condition. There are four instances of the npusim process running per Service Function (SF) instance, each handling a subset of all traffic flowing across the device. It is possible to trigger a reload of all four instances of the npusim process around the same time. The vulnerability is due to improper handling of fragmented IPv4 packets containing options. An attacker could exploit this vulnerability by sending a malicious IPv4 packet across an affected device. An exploit could allow the attacker to trigger a restart of the npusim process, which will result in all traffic queued toward this instance of the npusim process to be dropped while the process is restarting. The npusim process typically restarts within less than a second. This vulnerability affects: Cisco Virtualized Packet Core-Single Instance (VPC-SI), Cisco Virtualized Packet Core-Distributed Instance (VPC-DI), Cisco Ultra Packet Core (UPC). Cisco Bug IDs: CSCvh29613.2018-07-16not yet calculatedCVE-2018-0369
BID
CONFIRMcisco -- unified_communications_managerA vulnerability in the web framework of the Cisco Unified Communications Manager IM and Presence Service software could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against the user of the web interface of an affected system. The vulnerability is due to insufficient input validation of certain parameters passed to the web server. An attacker could exploit this vulnerability by convincing the user to access a malicious link or by intercepting the user request and injecting certain malicious code. A successful exploit could allow the attacker to execute arbitrary script code in the context of the affected site or allow the attacker to access sensitive browser-based information. Cisco Bug IDs: CSCve25985.2018-07-18not yet calculatedCVE-2018-0396
CONFIRMcisco -- unified_contact_center_expressMultiple vulnerabilities in the web-based management interface of Cisco Unified Contact Center Express (Unified CCX) could allow an unauthenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the interface. Cisco Bug IDs: CSCvg70904.2018-07-18not yet calculatedCVE-2018-0400
CONFIRMcisco -- unified_contact_center_expressMultiple vulnerabilities in the web-based management interface of Cisco Unified Contact Center Express (Unified CCX) could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack. Cisco Bug IDs: CSCvg70921.2018-07-18not yet calculatedCVE-2018-0402
CONFIRMcisco -- unified_contact_center_expressMultiple vulnerabilities in the web-based management interface of Cisco Unified Contact Center Express (Unified CCX) could allow an unauthenticated, remote attacker to retrieve a cleartext password. Cisco Bug IDs: CSCvg71040.2018-07-18not yet calculatedCVE-2018-0403
CONFIRMcisco -- unified_contact_center_expressMultiple vulnerabilities in the web-based management interface of Cisco Unified Contact Center Express (Unified CCX) could allow an unauthenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the interface. Cisco Bug IDs: CSCvg70967.2018-07-18not yet calculatedCVE-2018-0401
CONFIRMcisco -- web_security_applianceA vulnerability in the web-based management interface of Cisco Web Security Appliance (WSA) could allow an unauthenticated, remote attacker to conduct a reflected cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device. The vulnerability is due to insufficient validation of user-supplied input by the web-based management interface of an affected device. An attacker could exploit this vulnerability by persuading a user of the interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the interface or allow the attacker to access sensitive browser-based information. Cisco Bug IDs: CSCvf03514.2018-07-16not yet calculatedCVE-2018-0366
BID
SECTRACK
CONFIRMcisco -- webexA vulnerability in the web framework of Cisco Webex could allow an unauthenticated, remote attacker to conduct a Document Object Model-based (DOM-based) cross-site scripting (XSS) attack against the user of the web interface of an affected system. The vulnerability is due to insufficient input validation of certain parameters that are passed to the affected software by using the HTTP POST method. An attacker who can submit malicious scripts to the affected user interface element could execute arbitrary script or HTML code in the user's browser in the context of the affected site. Cisco Bug IDs: CSCvj33287.2018-07-18not yet calculatedCVE-2018-0390
CONFIRMcisco -- webex_network_recording_playerMultiple vulnerabilities exist in the Cisco Webex Network Recording Player for Advanced Recording Format (ARF) and Webex Recording Format (WRF) files. An attacker could exploit these vulnerabilities by providing a user with a malicious .arf or .wrf file via email or URL and convincing the user to launch the file in the Webex recording players. Exploitation of these vulnerabilities could allow arbitrary code execution on the system of a targeted user. These vulnerabilities affect ARF and WRF recording players available from Cisco Webex Meetings Suite sites, Cisco Webex Meetings Online sites, and Cisco Webex Meetings Server. Cisco Bug IDs: CSCvi02621, CSCvi02965, CSCvi63329, CSCvi63333, CSCvi63335, CSCvi63374, CSCvi63376, CSCvi63377, CSCvi63391, CSCvi63392, CSCvi63396, CSCvi63495, CSCvi63497, CSCvi63498, CSCvi82684, CSCvi82700, CSCvi82705, CSCvi82725, CSCvi82737, CSCvi82742, CSCvi82760, CSCvi82771, CSCvj51284, CSCvj51294.2018-07-18not yet calculatedCVE-2018-0379
CONFIRMcisco -- webex_network_recording_playerMultiple vulnerabilities exist in the Cisco Webex Network Recording Player for Advanced Recording Format (ARF) and Webex Recording Format (WRF) files. An attacker could exploit these vulnerabilities by providing a user with a malicious .arf or .wrf file via email or URL and convincing the user to launch the file in the Webex recording players. Exploitation of these vulnerabilities could cause an affected player to crash, resulting in a denial of service (DoS) condition. The Cisco Webex players are applications that are used to play back Webex meetings that have been recorded by an online meeting attendee. The Webex Network Recording Player for .arf files can be automatically installed when the user accesses a recording that is hosted on a Webex server. The Webex Player for .wrf files can be downloaded manually. These vulnerabilities affect ARF and WRF recording players available from Cisco Webex Meetings Suite sites, Cisco Webex Meetings Online sites, and Cisco Webex Meetings Server. Cisco Bug IDs: CSCvh70253, CSCvh70268, CSCvh72272, CSCvh72281, CSCvh72285, CSCvi60477, CSCvi60485, CSCvi60490, CSCvi60520, CSCvi60529, CSCvi60533.2018-07-18not yet calculatedCVE-2018-0380
CONFIRMcisco -- webex_teamsA vulnerability in Cisco Webex Teams (for Windows and macOS) could allow an unauthenticated, remote attacker to execute arbitrary code on the user's device, possibly with elevated privileges. The vulnerability occurs because Cisco Webex Teams does not properly sanitize input. An attacker could exploit the vulnerability by sending a user a malicious link and persuading the user to follow the link. A successful exploit could allow the attacker to execute arbitrary code on the user's system. Cisco Bug IDs: CSCvh66250.2018-07-18not yet calculatedCVE-2018-0387
CONFIRMclamav -- clamavClamAV before 0.100.1 has an HWP integer overflow with a resultant infinite loop via a crafted Hangul Word Processor file. This is in parsehwp3_paragraph() in libclamav/hwp.c.2018-07-16not yet calculatedCVE-2018-0360
CONFIRM
MISCclamav -- clamavClamAV before 0.100.1 lacks a PDF object length check, resulting in an unreasonably long time to parse a relatively small file.2018-07-16not yet calculatedCVE-2018-0361
CONFIRMclementine -- music_playerAn issue was discovered in Clementine Music Player 1.3.1. Clementine.exe is vulnerable to a user mode write access violation due to a NULL pointer dereference in the Init call in the MoodbarPipeline::NewPadCallback function in moodbar/moodbarpipeline.cpp. The vulnerability is triggered when the user opens a malformed mp3 file.2018-07-19not yet calculatedCVE-2018-14332
CONFIRM
CONFIRM
MISCcurl_project -- curl_and_libcurlIn curl and libcurl 7.52.0 to and including 7.53.1, libcurl would attempt to resume a TLS session even if the client certificate had changed. That is unacceptable since a server by specification is allowed to skip the client certificate check on resume, and may instead use the old identity which was established by the previous certificate (or no certificate). libcurl supports by default the use of TLS session id/ticket to resume previous TLS sessions to speed up subsequent TLS handshakes. They are used when for any reason an existing TLS connection couldn't be kept alive to make the next handshake faster. This flaw is a regression and identical to CVE-2016-5419 reported on August 3rd 2016, but affecting a different version range.2018-07-16not yet calculatedCVE-2017-7468
BID
SECTRACK
CONFIRM
CONFIRM
GENTOOdrupal -- drupalA remote code execution vulnerability exists within multiple subsystems of Drupal 7.x and 8.x. This potentially allows attackers to exploit multiple attack vectors on a Drupal site, which could result in the site being compromised. This vulnerability is related to Drupal core - Highly critical - Remote Code Execution - SA-CORE-2018-002. Both SA-CORE-2018-002 and this vulnerability are being exploited in the wild.2018-07-19not yet calculatedCVE-2018-7602
BID
SECTRACK
MLIST
DEBIAN
CONFIRM
EXPLOIT-DB
EXPLOIT-DBeclipse -- mojarraThe getLocalePrefix function in ResourceManager.java in Eclipse Mojarra before 2.3.5 is affected by Directory Traversal via the loc parameter. A remote attacker can download configuration files or Java bytecodes from applications.2018-07-18not yet calculatedCVE-2018-14371
MISC
MISCespritblock/eos4j -- espritblock/eos4j

espritblock eos4j, an unofficial SDK for EOS, through 2018-07-12 mishandles floating-point numbers with more than four digits after the decimal point, which might allow attackers to trigger currency transfers of unintended amounts.2018-07-19not yet calculatedCVE-2018-14439
MISC
MISCethereum -- aditus_tokenThe approveAndCall function of a smart contract implementation for Aditus (ADI), an Ethereum ERC20 token, allows attackers to steal assets (e.g., transfer all contract balances into their account).2018-07-19not yet calculatedCVE-2018-12959
MISCethereum -- euc_tokenAn issue was discovered in a smart contract implementation for EUC (EUC), an Ethereum token. The contract has an integer overflow. If the owner sets the value of buyPrice to a large number in setPrices() then the "msg.value * buyPrice" will cause an integer overflow in the fallback function.2018-07-15not yet calculatedCVE-2018-14087
MISCethereum -- mkcb_tokenAn issue was discovered in a smart contract implementation for MKCB, an Ethereum token. If the owner sets the value of sellPrice to a large number in setPrices() then the "amount * sellPrice" will cause an integer overflow in sell().2018-07-15not yet calculatedCVE-2018-14084
MISCethereum -- singaporecoinorigin_tokenAn issue was discovered in a smart contract implementation for SingaporeCoinOrigin (SCO), an Ethereum token. The contract has an integer overflow. If the owner sets the value of sellPrice to a large number in setPrices() then the "amount * sellPrice" will cause an integer overflow in sell().2018-07-15not yet calculatedCVE-2018-14086
MISCethereum -- stex_white_list_tokenAn issue was discovered in a smart contract implementation for STeX White List (STE(WL)), an Ethereum token. The contract has an integer overflow. If the owner sets the value of amount to a large number then the "amount * 1000000000000000" will cause an integer overflow in withdrawToFounders().2018-07-15not yet calculatedCVE-2018-14088
MISCethereum -- tracto_tokenThe increaseApproval function of a smart contract implementation for Tracto (TRCT), an Ethereum ERC20 token, has an integer overflow.2018-07-15not yet calculatedCVE-2018-14063
MISCethereum -- userwallet_0x0a7bca9fb7aff26c6ed8029bb6f0f5d291587 c42_token

An issue was discovered in a smart contract implementation for UserWallet 0x0a7bca9FB7AfF26c6ED8029BB6f0F5D291587c42, an Ethereum token. First, suppose that the owner adds the evil contract address to his sweepers. The evil contract looks like this: contract Exploit { uint public start; function sweep(address _token, uint _amount) returns (bool) { start = 0x123456789; return true;} }. Then, when one calls the function sweep() in the UserWallet contract, it will change the sweeperList to 0X123456789.2018-07-15not yet calculatedCVE-2018-14085
MISCethereum -- virgo_zodiactoken_tokenAn issue was discovered in a smart contract implementation for Virgo_ZodiacToken, an Ethereum token. In this contract, 'bool sufficientAllowance = allowance value' condition.2018-07-15not yet calculatedCVE-2018-14089
MISCexiv2 -- exiv2samples/geotag.cpp in the example code of Exiv2 0.26 misuses the realpath function on POSIX platforms (other than Apple platforms) where glibc is not used, possibly leading to a buffer overflow.2018-07-17not yet calculatedCVE-2018-14338
MISCf5 -- big-ip

On F5 BIG-IP 13.0.0, 12.1.0-12.1.2, 11.6.0-11.6.3.1, or 11.2.1-11.5.6 a domain name cached within the DNS Cache of TMM may continue to be resolved by the cache even after the parent server revokes the record, if the DNS Cache is receiving a stream of requests for the cached name.2018-07-19not yet calculatedCVE-2018-5532
CONFIRMf5 -- big-ipUnder certain conditions on F5 BIG-IP 13.1.0-13.1.0.5, 13.0.0, 12.1.0-12.1.3.1, 11.6.0-11.6.3.1, or 11.5.0-11.5.6, TMM may core while processing SSL forward proxy traffic.2018-07-19not yet calculatedCVE-2018-5534
CONFIRMf5 -- big-ipUnder certain conditions on F5 BIG-IP 13.0.0, 12.1.0-12.1.2, 11.6.0-11.6.3.1, or 11.5.0-11.5.6, TMM may core while processing SSL forward proxy traffic.2018-07-19not yet calculatedCVE-2018-5533
CONFIRMf5 -- big-ipOn F5 BIG-IP 13.0.0-13.0.1, 12.1.0-12.1.3.3, 11.6.0-11.6.3.1, or 11.5.1-11.5.6, Enterprise Manager 3.1.1, BIG-IQ Centralized Management 5.0.0-5.1.0, BIG-IQ Cloud and Orchestration 1.0.0, or F5 iWorkflow 2.1.0-2.3.0 the big3d process does not irrevocably minimize group privileges at start up.2018-07-19not yet calculatedCVE-2018-5540
CONFIRMf5 -- big-ipOn F5 BIG-IP 13.0.0-13.1.0, 12.1.0-12.1.3, or 11.2.1-11.6.3 specifically crafted HTTP responses, when processed by a Virtual Server with an associated QoE profile that has Video enabled, may cause TMM to incorrectly buffer response data causing the TMM to restart resulting in a Denial of Service.2018-07-19not yet calculatedCVE-2018-5535
CONFIRMffmpeg -- ffmpeg

libavformat/movenc.c in FFmpeg before 4.0.2 allows attackers to cause a denial of service (application crash caused by a divide-by-zero error) with a user crafted audio file when converting to the MOV audio format.2018-07-19not yet calculatedCVE-2018-14395
MISCffmpeg -- ffmpeg

libavformat/movenc.c in FFmpeg before 4.0.2 allows attackers to cause a denial of service (application crash caused by a divide-by-zero error) with a user crafted Waveform audio file.2018-07-19not yet calculatedCVE-2018-14394
MISCfortinet -- fortimanagerA Cross-site Scripting (XSS) vulnerability in Fortinet FortiManager 6.0.0, 5.6.4 and below versions, FortiAnalyzer 6.0.0, 5.6.4 and below versions allows inject Javascript code and HTML tags through the CN value of CA and CRL certificates via the import CA and CRL certificates feature.2018-07-16not yet calculatedCVE-2017-17541
SECTRACK
SECTRACK
CONFIRMfoxit -- reader_and_phantompdfFoxit Reader before 9.2 and PhantomPDF before 9.2 have a Use-After-Free that leads to Remote Code Execution, aka V-88f4smlocs.2018-07-20not yet calculatedCVE-2018-14442
CONFIRMgit-annex -- git-annexgit-annex is vulnerable to an Information Exposure when decrypting files. A malicious server for a special remote could trick git-annex into decrypting a file that was encrypted to the user's gpg key. This attack could be used to expose encrypted data that was never stored in git-annex2018-07-16not yet calculatedCVE-2018-10859
CONFIRMgit-annex -- git-annexgit-annex is vulnerable to a private data exposure and exfiltration attack. It could expose the content of files located outside the git-annex repository, or content from a private web server on localhost or the LAN.2018-07-16not yet calculatedCVE-2018-10857
CONFIRMgitlab -- community_and_enterprise_editionGitLab Community and Enterprise Edition before 10.7.7, 10.8.x before 10.8.6, and 11.x before 11.0.4 allows Directory Traversal with write access and resultant remote code execution via the GitLab projects import component.2018-07-18not yet calculatedCVE-2018-14364
CONFIRMgnome -- evolution-data-servercamel/providers/imapx/camel-imapx-server.c in the IMAPx component in GNOME evolution-data-server before 3.21.2 proceeds with cleartext data containing a password if the client wishes to use STARTTLS but the server will not use STARTTLS, which makes it easier for remote attackers to obtain sensitive information by sniffing the network. The server code was intended to report an error and not proceed, but the code was written incorrectly.2018-07-20not yet calculatedCVE-2016-10727
MISC
MISC
MISC
MISCgnu -- libextractorGNU Libextractor before 1.7 has a stack-based buffer overflow in ec_read_file_func (unzip.c).2018-07-17not yet calculatedCVE-2018-14346
MISC
MISCgnu -- libextractorGNU Libextractor before 1.7 contains an infinite loop vulnerability in EXTRACTOR_mpeg_extract_method (mpeg_extractor.c).2018-07-17not yet calculatedCVE-2018-14347
MISC
MISC
MISCgnu -- libredwgget_first_owned_object in dwg.c in GNU LibreDWG 0.5.1036 allows remote attackers to cause a denial of service (SEGV).2018-07-20not yet calculatedCVE-2018-14443
MISC
MISCgnu -- libredwgdwg_obj_block_control_get_block_headers in dwg_api.c in GNU LibreDWG 0.5.1048 allows remote attackers to cause a denial of service (NULL pointer dereference and SEGV) via a crafted dwg file.2018-07-20not yet calculatedCVE-2018-14471
MISCgraylog -- graylogIn Graylog before 2.4.6, XSS was possible in typeahead components, related to components/common/TypeAheadInput.jsx and components/search/QueryInput.ts.2018-07-18not yet calculatedCVE-2018-14380
CONFIRM
CONFIRMhdf -- hdf5An issue was discovered in the HDF HDF5 1.8.20 library. There is a heap-based buffer over-read in the function H5O_sdspace_decode in H5Osdspace.c.2018-07-20not yet calculatedCVE-2018-14460
MISChtslib -- htslibIn HTSlib 1.8, a race condition in cram/cram_io.c might allow local users to overwrite arbitrary files via a symlink attack.2018-07-16not yet calculatedCVE-2018-14329
MISCibm -- notes*

The Notes Client Single Logon feature in IBM Notes 8.0, 8.0.1, 8.0.2, 8.5, 8.5.1, 8.5.2, 8.5.3, and 9.0 on Windows allows local users to discover passwords via vectors involving an unspecified operating system communication mechanism for password transmission between Windows and Notes. IBM X-Force ID: 82531.2018-07-16not yet calculatedCVE-2013-0522
XF
CONFIRMibm -- qradar_incident_forensics

IBM QRadar Incident Forensics (IBM QRadar SIEM 7.2, and 7.3) could allow a remote attacker to bypass authentication and obtain sensitive information. IBM X-Force ID: 144164.2018-07-17not yet calculatedCVE-2018-1612
CONFIRM
XFibm -- rational_doors_next_generationIBM Rational DOORS Next Generation 5.0 through 5.0.2, 6.0 through 6.0.5 and IBM Rational Requirements Composer 5.0 through 5.0.2 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 142291.2018-07-19not yet calculatedCVE-2018-1529
CONFIRM
XFibm -- rational_rhapsody_design_manager

IBM Rational Rhapsody Design Manager 5.0 through 5.0.2 and 6.0 through 6.0.5 and IBM Rational Software Architect Design Manager 5.0 through 5.0.2 and 6.0 through 6.0.1 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 142558.2018-07-19not yet calculatedCVE-2018-1536
CONFIRM
XFibm -- rational_rhapsody_design_manager

IBM Rational Rhapsody Design Manager 5.0 through 5.0.2 and 6.0 through 6.0.5 and IBM Rational Software Architect Design Manager 5.0 through 5.0.2 and 6.0 through 6.0.1 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 124557.2018-07-19not yet calculatedCVE-2018-1535
CONFIRM
XFibm -- rational_rhapsody_design_manager

IBM Rational Rhapsody Design Manager 5.0 through 5.0.2 and 6.0 through 6.0.5 and IBM Rational Software Architect Design Manager 5.0 through 5.0.2 and 6.0 through 6.0.1 could reveal technical error messages to allow an adversary to gain information about the application and database that could be used to conduct further attacks. IBM X-Force ID: 143500.2018-07-19not yet calculatedCVE-2018-1587
CONFIRM
XFibm -- rational_rhapsody_design_manager

IBM Rational Rhapsody Design Manager 5.0 through 5.0.2 and 6.0 through 6.0.5 and IBM Rational Software Architect Design Manager 5.0 through 5.0.2 and 6.0 through 6.0.1 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 143498.2018-07-19not yet calculatedCVE-2018-1585
CONFIRM
XFibm -- sterling_b2b_integratorIBM Sterling B2B Integrator Standard Edition (IBM Sterling File Gateway 2.2.0 through 2.2.6) caches usernames and passwords in browsers that could be used by a local attacker to obtain sensitive information. IBM X-Force ID: 130812.2018-07-20not yet calculatedCVE-2017-1544
CONFIRM
XFibm -- sterling_b2b_integratorIBM Sterling B2B Integrator Standard Edition (IBM Sterling File Gateway 2.2.0 through 2.2.6) is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 142967.2018-07-20not yet calculatedCVE-2018-1563
CONFIRM
XFibm -- sterling_b2b_integratorIBM Sterling B2B Integrator 5.2 through 5.2.6 could allow an authenticated attacker to obtain sensitive variable name information using specially crafted HTTP requests. IBM X-Force ID: 133180.2018-07-20not yet calculatedCVE-2017-1633
CONFIRM
XFibm -- sterling_b2b_integratorIBM Sterling B2B Integrator Standard Edition 5.2 through 5.2.6 could allow a local user with administrator privileges to obtain user passwords found in debugging messages. IBM X-Force ID: 142968.2018-07-20not yet calculatedCVE-2018-1564
CONFIRM
XFibm -- sterling_b2b_integratorIBM Sterling B2B Integrator Standard Edition 5.2 through 5.2.6 could allow an unauthenticated user to obtain sensitive information that could be used in further attacks against the system. IBM X-Force ID: 145180.2018-07-20not yet calculatedCVE-2018-1679
CONFIRM
XFibm -- sterling_b2b_integratorIBM Sterling B2B Integrator Standard Edition (IBM Sterling File Gateway 2.2.0 through 2.2.6) uses weaker than expected cryptographic algorithms that could allow a local attacker to decrypt highly sensitive information. IBM X-Force ID: 132032.2018-07-20not yet calculatedCVE-2017-1575
CONFIRM
XFibm -- sterling_file_gatewayIBM Sterling File Gateway 2.2.0 through 2.2.6 could allow a remote authenticated attacker to obtain sensitive information displayed in the URL that could lead to further attacks against the system. IBM X-Force ID: 140688.2018-07-20not yet calculatedCVE-2018-1470
CONFIRM
XFibm -- sterling_file_gatewayIBM Sterling File Gateway 2.2.0 through 2.2.6 could allow a remote attacker to download certain files that could contain sensitive information. IBM X-Force ID: 138434.2018-07-20not yet calculatedCVE-2018-1398
CONFIRM
XFidreamsoft -- icmsAn issue was discovered in idreamsoft iCMS before 7.0.10. XSS exists via the fourth and fifth input elements on the admincp.php?app=prop&do=add screen.2018-07-19not yet calculatedCVE-2018-14415
MISCimagemagick -- imagemagickImageMagick 7.0.8-4 has a memory leak in ReadMIFFImage in coders/miff.c.2018-07-19not yet calculatedCVE-2018-14436
MISCimagemagick -- imagemagickImageMagick 7.0.8-4 has a memory leak in DecodeImage in coders/pcd.c.2018-07-19not yet calculatedCVE-2018-14435
MISCimagemagick -- imagemagickImageMagick 7.0.8-4 has a memory leak in parse8BIM in coders/meta.c.2018-07-19not yet calculatedCVE-2018-14437
MISCimagemagick -- imagemagickImageMagick 7.0.8-4 has a memory leak for a colormap in WriteMPCImage in coders/mpc.c.2018-07-19not yet calculatedCVE-2018-14434
MISCinfinispan -- infinispanIt was found that the REST API in Infinispan before version 9.0.0 did not properly enforce auth constraints. An attacker could use this vulnerability to read or modify data in the default cache or a known cache name.2018-07-16not yet calculatedCVE-2017-2638
REDHAT
BID
CONFIRM
CONFIRM
CONFIRMinfinix_and_lenovo -- multiple_smartphonesThe content://wappush content provider in com.android.provider.telephony, as found in some custom ROMs for Android phones, allows SQL injection. One consequence is that an application without the READ_SMS permission can read SMS messages. This affects Infinix X571 phones, as well as various Lenovo phones (such as the A7020) that have since been fixed by Lenovo.2018-07-15not yet calculatedCVE-2018-14066
MISCinstantcms -- instantcms

InstantCMS 2.10.1 has /redirect?url= XSS.2018-07-18not yet calculatedCVE-2018-14382
MISCjasig -- cas_serverXML external entity (XXE) vulnerability in java/org/jasig/cas/util/SamlUtils.java in Jasig CAS server before 3.4.12.1 and 3.5.x before 3.5.2.1, when Google Accounts Integration is enabled, allows remote unauthenticated users to bypass authentication via crafted XML data.2018-07-20not yet calculatedCVE-2014-2296
MLIST
MISCjeesns -- jeesnsJEESNS through 1.2.1 allows XSS attacks by ordinary users who publish articles containing a crafted payload in order to capture an administrator cookie.2018-07-18not yet calculatedCVE-2018-12429
MISCjoyplus-cms -- joyplus-cmsjoyplus-cms 1.6.0 has XSS via the manager/admin_ajax.php can_search_device array parameter.2018-07-18not yet calculatedCVE-2018-14388
MISCjoyplus-cms -- joyplus-cmsjoyplus-cms 1.6.0 has SQL Injection via the manager/admin_ajax.php val parameter.2018-07-18not yet calculatedCVE-2018-14389
MISCjoyplus-cms -- joyplus-cmsmanager/editor/upload.php in joyplus-cms 1.6.0 allows arbitrary file upload because detection of a prohibited file extension simply sets the $errm value, and does not otherwise alter the flow of control. Consequently, one can upload and execute a .php file, a similar issue to CVE-2018-8766.2018-07-16not yet calculatedCVE-2018-14334
MISCkingsoft -- wps_office_and_jinshan_pdfwpsmain.dll in Kingsoft WPS Office 2016 and Jinshan PDF 10.1.0.6621 allows remote attackers to cause a denial of service via a crafted pdf file.2018-07-18not yet calculatedCVE-2018-7546
MISClibconfuse -- libconfusetrim_whitespace in lexer.l in libConfuse v3.2.1 has an out-of-bounds read.2018-07-20not yet calculatedCVE-2018-14447
MISC
MISClibdxfrw -- libdxfrwlibdxfrw 0.6.3 has an Integer Overflow in dwgCompressor::decompress18 in dwgutil.cpp, leading to an out-of-bounds read and application crash.2018-07-20not yet calculatedCVE-2018-14444
MISC
MISClibgig -- libgigAn issue was discovered in libgig 4.1.0. There is an out-of-bounds write in the function DLS::Info::UpdateChunks in DLS.cpp.2018-07-20not yet calculatedCVE-2018-14457
MISClibgig -- libgigAn issue was discovered in libgig 4.1.0. There is a heap-based buffer overflow in pData[1] access in the function store32 in helper.h.2018-07-20not yet calculatedCVE-2018-14458
MISClibgig -- libgigAn issue was discovered in libgig 4.1.0. There is an out-of-bounds write in pData[0] access in the function store32 in helper.h.2018-07-20not yet calculatedCVE-2018-14455
MISClibgig -- libgigAn issue was discovered in libgig 4.1.0. There is an out-of-bounds write in the function DLS::Info::SaveString in DLS.cpp.2018-07-20not yet calculatedCVE-2018-14456
MISClibgig -- libgigAn issue was discovered in libgig 4.1.0. There is an out-of-bounds write in pData[0] access in the function store16 in helper.h.2018-07-20not yet calculatedCVE-2018-14459
MISClibgig -- libgigAn issue was discovered in libgig 4.1.0. There is an out-of-bounds read in the "always assign the sample of the first dimension region of this region" feature of the function gig::Region::UpdateChunks in gig.cpp.2018-07-20not yet calculatedCVE-2018-14452
MISClibgig -- libgigAn issue was discovered in libgig 4.1.0. There is an out of bounds read in gig::File::UpdateChunks in gig.cpp.2018-07-20not yet calculatedCVE-2018-14449
MISClibgig -- libgigAn issue was discovered in libgig 4.1.0. There is a heap-based buffer overflow in the function RIFF::Chunk::Read in RIFF.cpp.2018-07-20not yet calculatedCVE-2018-14451
MISClibgig -- libgigAn issue was discovered in libgig 4.1.0. There is a heap-based buffer overflow in pData[1] access in the function store16 in helper.h.2018-07-20not yet calculatedCVE-2018-14453
MISClibgig -- libgigAn issue was discovered in libgig 4.1.0. There is an out-of-bounds read in the function RIFF::Chunk::Read in RIFF.cpp.2018-07-20not yet calculatedCVE-2018-14454
MISClibgig -- libgigAn issue was discovered in libgig 4.1.0. There is an out-of-bounds read in the "update dimension region's chunks" feature of the function gig::Region::UpdateChunks in gig.cpp.2018-07-20not yet calculatedCVE-2018-14450
MISClibsixel -- libsixellibsixel 1.8.1 has a memory leak in sixel_allocator_new in allocator.c.2018-07-15not yet calculatedCVE-2018-14073
MISClibsixel -- libsixellibsixel 1.8.1 has a memory leak in sixel_decoder_decode in decoder.c, image_buffer_resize in fromsixel.c, and sixel_decode_raw in fromsixel.c.2018-07-15not yet calculatedCVE-2018-14072
MISClibtiff -- libtiffAn issue was discovered in LibTIFF 4.0.9. A buffer overflow can occur via an invalid or empty tif argument to TIFFWriteBufferSetup in tif_write.c, and it can be exploited (at a minimum) via the following high-level library API function: TIFFWriteTile.2018-07-17not yet calculatedCVE-2018-14378
MISClibtiff -- libtiffAn issue was discovered in LibTIFF 4.0.9. In TIFFFindField in tif_dirinfo.c, the structure tif is being dereferenced without first checking that the structure is not empty and has the requested fields (tif_foundfield). In the call sequences following from the affected library functions (TIFFVGetField, TIFFVGetFieldDefaulted, TIFFVStripSize, TIFFScanlineSize, TIFFTileSize, TIFFGetFieldDefaulted, and TIFFGetField), this sanitization of the tif structure is never being done and, hence, using them with an invalid or empty tif structure will trigger a buffer overflow, leading to a crash.2018-07-17not yet calculatedCVE-2018-14373
MISClibtiff -- libtiffAn issue was discovered in LibTIFF 4.0.9. A buffer overflow vulnerability can occur via an invalid or empty tif argument to TIFFRGBAImageOK in tif_getimage.c, and it can be exploited (at a minimum) via the following high-level library API functions: TIFFReadRGBAImage, TIFFRGBAImageOK, and TIFFRGBAImageBegin.2018-07-17not yet calculatedCVE-2018-14375
MISClibtiff -- libtiffAn issue was discovered in LibTIFF 4.0.9. A buffer overflow can occur via an empty fmt argument to unixErrorHandler in tif_unix.c, and it can be exploited (at a minimum) via the following high-level library API functions: TIFFClientOpen, TIFFFdOpen, TIFFRawStripSize, TIFFCheckTile, TIFFComputeStrip, TIFFReadRawTile, TIFFUnRegisterCODEC, and TIFFWriteEncodedTile.2018-07-17not yet calculatedCVE-2018-14374
MISClibxml2 -- libxml2A NULL pointer dereference vulnerability exists in the xpath.c:xmlXPathCompOpEval() function of libxml2 through 2.9.8 when parsing an invalid XPath expression in the XPATH_OP_AND or XPATH_OP_OR case. Applications processing untrusted XSL format inputs with the use of the libxml2 library may be vulnerable to a denial of service attack due to a crash of the application.2018-07-19not yet calculatedCVE-2018-14404
MISC
MISC
MISClinux -- linux_kernelLinux kernel is vulnerable to a heap-based buffer overflow in the fs/ext4/xattr.c:ext4_xattr_set_entry() function. An attacker could exploit this by operating on a mounted crafted ext4 image.2018-07-16not yet calculatedCVE-2018-10840
CONFIRMlinux -- linux_kernelLinux kernel ext4 filesystem is vulnerable to an out-of-bound access in the ext4_ext_drop_refs() function when operating on a crafted ext4 filesystem image.2018-07-18not yet calculatedCVE-2018-10877
CONFIRM
MLISTmarkdown-pdf -- markdown-pdfA path traversal exists in markdown-pdf version
sendpm.gif Reply With Quote
Sponsored Links
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is On

All times are GMT -7. The time now is 03:47 PM.


Powered by vBulletin, Jelsoft Enterprises Ltd.