| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2018-14602 | Hig | 0.42 | 7.5 | 0.02 | Jul 27, 2018 | An issue was discovered in GitLab Community and Enterprise Edition before 10.8.7, 11.0.x before 11.0.5, and 11.1.x before 11.1.2. Information Disclosure can occur because the Prometheus metrics feature discloses private project pathnames. | ||
| CVE-2018-14601 | Hig | 0.42 | 7.5 | 0.01 | Jul 27, 2018 | An issue was discovered in GitLab Community and Enterprise Edition 11.1.x before 11.1.2. A Denial of Service can occur because Markdown rendering times are slow. | ||
| CVE-2018-14608 | Hig | 0.49 | 7.5 | 0.01 | Jul 26, 2018 | Thomson Reuters UltraTax CS 2017 on Windows has a password protection option; however, the level of protection might be inconsistent with some customers' expectations because the data is directly accessible in cleartext. Specifically, it stores customer data in unique… | ||
| CVE-2018-14607 | Hig | 0.49 | 7.5 | 0.01 | Jul 26, 2018 | Thomson Reuters UltraTax CS 2017 on Windows, in a client/server configuration, transfers customer records and bank account numbers in cleartext over SMBv2, which allows attackers to (1) obtain sensitive information by sniffing the network or (2) conduct man-in-the-middle (MITM)… | ||
| CVE-2018-9068 | Hig | 0.49 | 7.5 | 0.01 | Jul 26, 2018 | The IMM2 First Failure Data Capture function collects management module logs and diagnostic information when a hardware error is detected. This information is made available for download through an SFTP server hosted on the IMM2 management network interface. In versions earlier… | ||
| CVE-2018-10878 | Hig | 0.00 | 7.8 | 0.01 | Jul 26, 2018 | A flaw was found in the Linux kernel's ext4 filesystem. A local user can cause an out-of-bounds write and a denial of service or unspecified other impact is possible by mounting and operating a crafted ext4 filesystem image. | ||
| CVE-2017-12150 | Hig | 0.49 | 7.4 | 0.13 | Jul 26, 2018 | It was found that samba before 4.4.16, 4.5.x before 4.5.14, and 4.6.x before 4.6.8 did not enforce "SMB signing" when certain configuration options were enabled. A remote attacker could launch a man-in-the-middle attack and retrieve information in plain-text. | ||
| CVE-2018-10901 | Hig | 0.00 | 7.8 | 0.01 | Jul 26, 2018 | A flaw was found in Linux kernel's KVM virtualization subsystem. The VMX code does not restore the GDT.LIMIT to the previous host value, but instead sets it to 64KB. With a corrupted GDT limit a host's userspace code has an ability to place malicious entries in the GDT,… | ||
| CVE-2018-0622 | Hig | 0.48 | 7.4 | 0.01 | Jul 26, 2018 | The DHC Online Shop App for Android version 3.2.0 and earlier does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | ||
| CVE-2018-0621 | Hig | 0.51 | 7.8 | 0.01 | Jul 26, 2018 | Untrusted search path vulnerability in LOGICOOL CONNECTION UTILITY SOFTWARE versions before 2.30.9 allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. | ||
| CVE-2018-0620 | Hig | 0.51 | 7.8 | 0.01 | Jul 26, 2018 | Untrusted search path vulnerability in LOGICOOL Game Software versions before 8.87.116 allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. | ||
| CVE-2018-0619 | Hig | 0.51 | 7.8 | 0.01 | Jul 26, 2018 | Untrusted search path vulnerability in the installer of Glarysoft Glary Utilities (Glary Utilities 5.99 and earlier and Glary Utilities Pro 5.99 and earlier) allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. | ||
| CVE-2018-0617 | Hig | 0.49 | 7.5 | 0.02 | Jul 26, 2018 | Directory traversal vulnerability in ChamaNet MemoCGI v2.1800 to v2.2200 allows remote attackers to read arbitrary files via unspecified vectors. | ||
| CVE-2018-0613 | Hig | 0.57 | 8.8 | 0.01 | Jul 26, 2018 | NEC Platforms Calsos CSDX and CSDJ series products (CSDX 1.37210411 and earlier, CSDX(P) 4.37210411 and earlier, CSDX(D) 3.37210411 and earlier, CSDX(S) 2.37210411 and earlier, CSDJ-B 01.03.00 and earlier, CSDJ-H 01.03.00 and earlier, CSDJ-D 01.03.00 and earlier, CSDJ-A… | ||
| CVE-2018-0607 | Hig | 0.57 | 8.8 | 0.01 | Jul 26, 2018 | SQL injection vulnerability in the Notifications application in the Cybozu Garoon 3.5.0 to 4.6.2 allows remote authenticated attackers to execute arbitrary SQL commands via unspecified vectors. | ||
| CVE-2018-10900 | Hig | 0.54 | 7.8 | 0.05 | Jul 26, 2018 | Network Manager VPNC plugin (aka networkmanager-vpnc) before version 1.2.6 is vulnerable to a privilege escalation attack. A new line character can be used to inject a Password helper parameter into the configuration data passed to VPNC, allowing an attacker to execute arbitrary… | ||
| CVE-2017-2589 | — | Hig | 0.57 | 8.7 | 0.01 | Jul 26, 2018 | It was discovered that the hawtio servlet 1.4 uses a single HttpClient instance to proxy requests with a persistent cookie store (cookies are stored locally and are not passed between the client and the end URL) which means all clients using that proxy are sharing the same… | |
| CVE-2017-7530 | — | Hig | 0.57 | 8.8 | 0.02 | Jul 26, 2018 | In CloudForms Management Engine (cfme) before 5.7.3 and 5.8.x before 5.8.1, it was found that privilege check is missing when invoking arbitrary methods via filtering on VMs that MiqExpression will execute that is triggerable by API users. An attacker could use this to execute… | |
| CVE-2018-8090 | Hig | 0.51 | 7.8 | 0.01 | Jul 25, 2018 | Quick Heal Total Security 64 bit 17.00 (QHTS64.exe), (QHTSFT64.exe) - Version 10.0.1.38; Quick Heal Total Security 32 bit 17.00 (QHTS32.exe), (QHTSFT32.exe) - Version 10.0.1.38; Quick Heal Internet Security 64 bit 17.00 (QHIS64.exe), (QHISFT64.exe) - Version 10.0.0.37; Quick… | ||
| CVE-2018-14083 | Hig | 0.49 | 7.5 | 0.03 | Jul 25, 2018 | LICA miniCMTS E8K(u/i/...) devices allow remote attackers to obtain sensitive information via a direct POST request for the inc/user.ini file, leading to discovery of a password hash. | ||
| CVE-2018-5240 | Hig | 0.52 | 8.0 | 0.01 | Jul 25, 2018 | The Inventory Plugin for Symantec Management Agent prior to 7.6 POST HF7, 8.0 POST HF6, or 8.1 RU7 may be susceptible to a privilege escalation vulnerability, which is a type of issue that allows a user to gain elevated access to resources that are normally protected at lower… | ||
| CVE-2017-10937 | Hig | 0.49 | 7.5 | 0.01 | Jul 25, 2018 | SQL injection vulnerability in all versions prior to V2.01.05.09 of the ZTE ZXIPTV-UCM product allows remote attackers to execute arbitrary SQL commands via the opertype parameter, resulting in the disclosure of database information. | ||
| CVE-2017-10936 | Hig | 0.49 | 7.5 | 0.01 | Jul 25, 2018 | SQL injection vulnerability in all versions prior to V4.01.01 of the ZTE ZXCDN-SNS product allows remote attackers to execute arbitrary SQL commands via the aoData parameter, resulting in the disclosure of database information. | ||
| CVE-2017-10935 | Hig | 0.47 | 7.2 | 0.01 | Jul 25, 2018 | All versions prior to ZSRV2 V3.00.40 of the ZTE ZXR10 1800-2S products allow remote authenticated users to bypass the original password authentication protection to change other user's password. | ||
| CVE-2018-5542 | Hig | 0.53 | 8.1 | 0.01 | Jul 25, 2018 | F5 BIG-IP 13.0.0-13.0.1, 12.1.0-12.1.3.6, or 11.2.1-11.6.3.2 HTTPS health monitors do not validate the identity of the monitored server. | ||
| CVE-2018-5541 | Hig | 0.49 | 7.5 | 0.02 | Jul 25, 2018 | When F5 BIG-IP ASM 13.0.0-13.1.0.1, 12.1.0-12.1.3.5, 11.6.0-11.6.3.1, or 11.5.1-11.5.6 is processing HTTP requests, an unusually large number of parameters can cause excessive CPU usage in the BIG-IP ASM bd process. | ||
| CVE-2018-5539 | Hig | 0.49 | 7.5 | 0.02 | Jul 25, 2018 | Under certain conditions, on F5 BIG-IP ASM 13.0.0-13.1.0.7, 12.1.0-12.1.3.5, 11.6.0-11.6.3.1, 11.5.1-11.5.6, or 11.2.1, when processing CSRF protections, the BIG-IP ASM bd process may restart and produce a core file. | ||
| CVE-2018-5536 | Hig | 0.49 | 7.5 | 0.02 | Jul 25, 2018 | A remote attacker via undisclosed measures, may be able to exploit an F5 BIG-IP APM 13.0.0-13.1.0.7 or 12.1.0-12.1.3.5 virtual server configured with an APM per-request policy object and cause a memory leak in the APM module. | ||
| CVE-2018-5531 | Hig | 0.48 | 7.4 | 0.01 | Jul 25, 2018 | Through undisclosed methods, on F5 BIG-IP 13.0.0-13.1.0.7, 12.1.0-12.1.3.5, 11.6.0-11.6.3.1, or 11.2.1-11.5.6, adjacent network attackers can cause a denial of service for VCMP guest and host systems. Attack must be sourced from adjacent network (layer 2). | ||
| CVE-2018-5530 | Hig | 0.49 | 7.5 | 0.02 | Jul 25, 2018 | F5 BIG-IP 13.0.0-13.1.0.5, 12.1.0-12.1.3.5, or 11.6.0-11.6.3.1 virtual servers with HTTP/2 profiles enabled are vulnerable to "HPACK Bomb". | ||
| CVE-2018-6971 | Hig | 0.51 | 7.8 | 0.00 | Jul 25, 2018 | VMware Horizon View Agents (7.x.x before 7.5.1) contain a local information disclosure vulnerability due to insecure logging of credentials in the vmmsi.log file when an account other than the currently logged on user is specified during installation (including silent… | ||
| CVE-2018-14596 | Hig | 0.49 | 7.5 | 0.01 | Jul 25, 2018 | wancms 1.0 through 5.0 allows remote attackers to cause a denial of service (resource consumption) via a checkcode (aka verification code) URI in which the values of font_size, width, and height are large numbers. | ||
| CVE-2018-11060 | Hig | 0.57 | 8.8 | 0.03 | Jul 24, 2018 | RSA Archer, versions prior to 6.4.0.1, contain an authorization bypass vulnerability in the REST API. A remote authenticated malicious Archer user could potentially exploit this vulnerability to elevate their privileges. | ||
| CVE-2018-11059 | Hig | 0.53 | 8.2 | 0.01 | Jul 24, 2018 | RSA Archer, versions prior to 6.4.0.1, contain a stored cross-site scripting vulnerability. A remote authenticated malicious Archer user could potentially exploit this vulnerability to store malicious HTML or JavaScript code in a trusted application data store. When application… | ||
| CVE-2018-11047 | — | Hig | 0.42 | 7.5 | 0.01 | Jul 24, 2018 | Cloud Foundry UAA, versions 4.19 prior to 4.19.2 and 4.12 prior to 4.12.4 and 4.10 prior to 4.10.2 and 4.7 prior to 4.7.6 and 4.5 prior to 4.5.7, incorrectly authorizes requests to admin endpoints by accepting a valid refresh token in lieu of an access token. Refresh tokens by… | |
| CVE-2018-10632 | Hig | 0.49 | 7.5 | 0.02 | Jul 24, 2018 | In Moxa NPort 5210, 5230, and 5232 versions 2.9 build 17030709 and prior, the amount of resources requested by a malicious actor are not restricted, allowing for a denial-of-service condition. | ||
| CVE-2018-14590 | Hig | 0.49 | 7.5 | 0.01 | Jul 24, 2018 | An issue has been discovered in Bento4 1.5.1-624. A SEGV can occur in AP4_Processor::ProcessFragments in Core/Ap4Processor.cpp. | ||
| CVE-2018-14589 | Hig | 0.57 | 8.8 | 0.01 | Jul 24, 2018 | An issue has been discovered in Bento4 1.5.1-624. AP4_Mp4AudioDsiParser::ReadBits in Codecs/Ap4Mp4AudioInfo.cpp has a heap-based buffer over-read. | ||
| CVE-2018-14588 | Hig | 0.49 | 7.5 | 0.01 | Jul 24, 2018 | An issue has been discovered in Bento4 1.5.1-624. A NULL pointer dereference can occur in AP4_DataBuffer::SetData in Core/Ap4DataBuffer.cpp. | ||
| CVE-2018-14587 | Hig | 0.57 | 8.8 | 0.01 | Jul 24, 2018 | An issue has been discovered in Bento4 1.5.1-624. AP4_MemoryByteStream::WritePartial in Core/Ap4ByteStream.cpp has a buffer over-read. | ||
| CVE-2018-14586 | Hig | 0.57 | 8.8 | 0.01 | Jul 24, 2018 | An issue has been discovered in Bento4 1.5.1-624. A SEGV can occur in AP4_Mpeg2TsAudioSampleStream::WriteSample in Core/Ap4Mpeg2Ts.cpp, a different vulnerability than CVE-2018-14532. | ||
| CVE-2018-14585 | Hig | 0.57 | 8.8 | 0.01 | Jul 24, 2018 | An issue has been discovered in Bento4 1.5.1-624. AP4_BytesToUInt16BE in Core/Ap4Utils.h has a heap-based buffer over-read after a call from the AP4_Stz2Atom class. | ||
| CVE-2018-14584 | Hig | 0.57 | 8.8 | 0.02 | Jul 24, 2018 | An issue has been discovered in Bento4 1.5.1-624. AP4_AvccAtom::Create in Core/Ap4AvccAtom.cpp has a heap-based buffer over-read. | ||
| CVE-2018-14583 | Hig | 0.57 | 8.8 | 0.00 | Jul 24, 2018 | xyhai.php?s=/Auth/addUser in XYHCMS 3.5 allows CSRF to add a background administrator account. | ||
| CVE-2018-14582 | Hig | 0.57 | 8.8 | 0.01 | Jul 24, 2018 | index.php?r=admini/admin/create in BageCMS V3.1.3 allows CSRF to add a background administrator account. | ||
| CVE-2018-5387 | Hig | 0.42 | 7.5 | 0.02 | Jul 24, 2018 | Wizkunde SAMLBase may incorrectly utilize the results of XML DOM traversal and canonicalization APIs in such a way that an attacker may be able to manipulate the SAML data without invalidating the cryptographic signature, allowing the attack to potentially bypass authentication… | ||
| CVE-2018-5386 | Hig | 0.49 | 7.5 | 0.05 | Jul 24, 2018 | Some Navarino Infinity functions, up to version 2.2, placed in the URL can bypass any authentication mechanism leading to an information leak. | ||
| CVE-2018-5385 | Hig | 0.58 | 8.8 | 0.04 | Jul 24, 2018 | Navarino Infinity is prone to session fixation attacks. The server accepts the session ID as a GET parameter which can lead to bypassing the two factor authentication in some installations. This could lead to phishing attacks that can bypass the two factor authentication that is… | ||
| CVE-2017-3224 | Hig | 0.53 | 8.2 | 0.01 | Jul 24, 2018 | Open Shortest Path First (OSPF) protocol implementations may improperly determine Link State Advertisement (LSA) recency for LSAs with MaxSequenceNumber. According to RFC 2328 section 13.1, for two instances of the same LSA, recency is determined by first comparing sequence… | ||
| CVE-2017-3217 | Hig | 0.53 | 8.1 | 0.02 | Jul 24, 2018 | CalAmp LMU 3030 series OBD-II CDMA and GSM devices has an SMS (text message) interface that can be deployed where no password is configured for this interface by the integrator / reseller. This interface must be password protected, otherwise, the attacker only needs to know the… |
- risk 0.42cvss 7.5epss 0.02
An issue was discovered in GitLab Community and Enterprise Edition before 10.8.7, 11.0.x before 11.0.5, and 11.1.x before 11.1.2. Information Disclosure can occur because the Prometheus metrics feature discloses private project pathnames.
- risk 0.42cvss 7.5epss 0.01
An issue was discovered in GitLab Community and Enterprise Edition 11.1.x before 11.1.2. A Denial of Service can occur because Markdown rendering times are slow.
- risk 0.49cvss 7.5epss 0.01
Thomson Reuters UltraTax CS 2017 on Windows has a password protection option; however, the level of protection might be inconsistent with some customers' expectations because the data is directly accessible in cleartext. Specifically, it stores customer data in unique…
- risk 0.49cvss 7.5epss 0.01
Thomson Reuters UltraTax CS 2017 on Windows, in a client/server configuration, transfers customer records and bank account numbers in cleartext over SMBv2, which allows attackers to (1) obtain sensitive information by sniffing the network or (2) conduct man-in-the-middle (MITM)…
- risk 0.49cvss 7.5epss 0.01
The IMM2 First Failure Data Capture function collects management module logs and diagnostic information when a hardware error is detected. This information is made available for download through an SFTP server hosted on the IMM2 management network interface. In versions earlier…
- risk 0.00cvss 7.8epss 0.01
A flaw was found in the Linux kernel's ext4 filesystem. A local user can cause an out-of-bounds write and a denial of service or unspecified other impact is possible by mounting and operating a crafted ext4 filesystem image.
- risk 0.49cvss 7.4epss 0.13
It was found that samba before 4.4.16, 4.5.x before 4.5.14, and 4.6.x before 4.6.8 did not enforce "SMB signing" when certain configuration options were enabled. A remote attacker could launch a man-in-the-middle attack and retrieve information in plain-text.
- risk 0.00cvss 7.8epss 0.01
A flaw was found in Linux kernel's KVM virtualization subsystem. The VMX code does not restore the GDT.LIMIT to the previous host value, but instead sets it to 64KB. With a corrupted GDT limit a host's userspace code has an ability to place malicious entries in the GDT,…
- risk 0.48cvss 7.4epss 0.01
The DHC Online Shop App for Android version 3.2.0 and earlier does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.
- risk 0.51cvss 7.8epss 0.01
Untrusted search path vulnerability in LOGICOOL CONNECTION UTILITY SOFTWARE versions before 2.30.9 allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.
- risk 0.51cvss 7.8epss 0.01
Untrusted search path vulnerability in LOGICOOL Game Software versions before 8.87.116 allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.
- risk 0.51cvss 7.8epss 0.01
Untrusted search path vulnerability in the installer of Glarysoft Glary Utilities (Glary Utilities 5.99 and earlier and Glary Utilities Pro 5.99 and earlier) allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory.
- risk 0.49cvss 7.5epss 0.02
Directory traversal vulnerability in ChamaNet MemoCGI v2.1800 to v2.2200 allows remote attackers to read arbitrary files via unspecified vectors.
- risk 0.57cvss 8.8epss 0.01
NEC Platforms Calsos CSDX and CSDJ series products (CSDX 1.37210411 and earlier, CSDX(P) 4.37210411 and earlier, CSDX(D) 3.37210411 and earlier, CSDX(S) 2.37210411 and earlier, CSDJ-B 01.03.00 and earlier, CSDJ-H 01.03.00 and earlier, CSDJ-D 01.03.00 and earlier, CSDJ-A…
- risk 0.57cvss 8.8epss 0.01
SQL injection vulnerability in the Notifications application in the Cybozu Garoon 3.5.0 to 4.6.2 allows remote authenticated attackers to execute arbitrary SQL commands via unspecified vectors.
- risk 0.54cvss 7.8epss 0.05
Network Manager VPNC plugin (aka networkmanager-vpnc) before version 1.2.6 is vulnerable to a privilege escalation attack. A new line character can be used to inject a Password helper parameter into the configuration data passed to VPNC, allowing an attacker to execute arbitrary…
- risk 0.57cvss 8.7epss 0.01
It was discovered that the hawtio servlet 1.4 uses a single HttpClient instance to proxy requests with a persistent cookie store (cookies are stored locally and are not passed between the client and the end URL) which means all clients using that proxy are sharing the same…
- risk 0.57cvss 8.8epss 0.02
In CloudForms Management Engine (cfme) before 5.7.3 and 5.8.x before 5.8.1, it was found that privilege check is missing when invoking arbitrary methods via filtering on VMs that MiqExpression will execute that is triggerable by API users. An attacker could use this to execute…
- risk 0.51cvss 7.8epss 0.01
Quick Heal Total Security 64 bit 17.00 (QHTS64.exe), (QHTSFT64.exe) - Version 10.0.1.38; Quick Heal Total Security 32 bit 17.00 (QHTS32.exe), (QHTSFT32.exe) - Version 10.0.1.38; Quick Heal Internet Security 64 bit 17.00 (QHIS64.exe), (QHISFT64.exe) - Version 10.0.0.37; Quick…
- risk 0.49cvss 7.5epss 0.03
LICA miniCMTS E8K(u/i/...) devices allow remote attackers to obtain sensitive information via a direct POST request for the inc/user.ini file, leading to discovery of a password hash.
- risk 0.52cvss 8.0epss 0.01
The Inventory Plugin for Symantec Management Agent prior to 7.6 POST HF7, 8.0 POST HF6, or 8.1 RU7 may be susceptible to a privilege escalation vulnerability, which is a type of issue that allows a user to gain elevated access to resources that are normally protected at lower…
- risk 0.49cvss 7.5epss 0.01
SQL injection vulnerability in all versions prior to V2.01.05.09 of the ZTE ZXIPTV-UCM product allows remote attackers to execute arbitrary SQL commands via the opertype parameter, resulting in the disclosure of database information.
- risk 0.49cvss 7.5epss 0.01
SQL injection vulnerability in all versions prior to V4.01.01 of the ZTE ZXCDN-SNS product allows remote attackers to execute arbitrary SQL commands via the aoData parameter, resulting in the disclosure of database information.
- risk 0.47cvss 7.2epss 0.01
All versions prior to ZSRV2 V3.00.40 of the ZTE ZXR10 1800-2S products allow remote authenticated users to bypass the original password authentication protection to change other user's password.
- risk 0.53cvss 8.1epss 0.01
F5 BIG-IP 13.0.0-13.0.1, 12.1.0-12.1.3.6, or 11.2.1-11.6.3.2 HTTPS health monitors do not validate the identity of the monitored server.
- risk 0.49cvss 7.5epss 0.02
When F5 BIG-IP ASM 13.0.0-13.1.0.1, 12.1.0-12.1.3.5, 11.6.0-11.6.3.1, or 11.5.1-11.5.6 is processing HTTP requests, an unusually large number of parameters can cause excessive CPU usage in the BIG-IP ASM bd process.
- risk 0.49cvss 7.5epss 0.02
Under certain conditions, on F5 BIG-IP ASM 13.0.0-13.1.0.7, 12.1.0-12.1.3.5, 11.6.0-11.6.3.1, 11.5.1-11.5.6, or 11.2.1, when processing CSRF protections, the BIG-IP ASM bd process may restart and produce a core file.
- risk 0.49cvss 7.5epss 0.02
A remote attacker via undisclosed measures, may be able to exploit an F5 BIG-IP APM 13.0.0-13.1.0.7 or 12.1.0-12.1.3.5 virtual server configured with an APM per-request policy object and cause a memory leak in the APM module.
- risk 0.48cvss 7.4epss 0.01
Through undisclosed methods, on F5 BIG-IP 13.0.0-13.1.0.7, 12.1.0-12.1.3.5, 11.6.0-11.6.3.1, or 11.2.1-11.5.6, adjacent network attackers can cause a denial of service for VCMP guest and host systems. Attack must be sourced from adjacent network (layer 2).
- risk 0.49cvss 7.5epss 0.02
F5 BIG-IP 13.0.0-13.1.0.5, 12.1.0-12.1.3.5, or 11.6.0-11.6.3.1 virtual servers with HTTP/2 profiles enabled are vulnerable to "HPACK Bomb".
- risk 0.51cvss 7.8epss 0.00
VMware Horizon View Agents (7.x.x before 7.5.1) contain a local information disclosure vulnerability due to insecure logging of credentials in the vmmsi.log file when an account other than the currently logged on user is specified during installation (including silent…
- risk 0.49cvss 7.5epss 0.01
wancms 1.0 through 5.0 allows remote attackers to cause a denial of service (resource consumption) via a checkcode (aka verification code) URI in which the values of font_size, width, and height are large numbers.
- risk 0.57cvss 8.8epss 0.03
RSA Archer, versions prior to 6.4.0.1, contain an authorization bypass vulnerability in the REST API. A remote authenticated malicious Archer user could potentially exploit this vulnerability to elevate their privileges.
- risk 0.53cvss 8.2epss 0.01
RSA Archer, versions prior to 6.4.0.1, contain a stored cross-site scripting vulnerability. A remote authenticated malicious Archer user could potentially exploit this vulnerability to store malicious HTML or JavaScript code in a trusted application data store. When application…
- risk 0.42cvss 7.5epss 0.01
Cloud Foundry UAA, versions 4.19 prior to 4.19.2 and 4.12 prior to 4.12.4 and 4.10 prior to 4.10.2 and 4.7 prior to 4.7.6 and 4.5 prior to 4.5.7, incorrectly authorizes requests to admin endpoints by accepting a valid refresh token in lieu of an access token. Refresh tokens by…
- risk 0.49cvss 7.5epss 0.02
In Moxa NPort 5210, 5230, and 5232 versions 2.9 build 17030709 and prior, the amount of resources requested by a malicious actor are not restricted, allowing for a denial-of-service condition.
- risk 0.49cvss 7.5epss 0.01
An issue has been discovered in Bento4 1.5.1-624. A SEGV can occur in AP4_Processor::ProcessFragments in Core/Ap4Processor.cpp.
- risk 0.57cvss 8.8epss 0.01
An issue has been discovered in Bento4 1.5.1-624. AP4_Mp4AudioDsiParser::ReadBits in Codecs/Ap4Mp4AudioInfo.cpp has a heap-based buffer over-read.
- risk 0.49cvss 7.5epss 0.01
An issue has been discovered in Bento4 1.5.1-624. A NULL pointer dereference can occur in AP4_DataBuffer::SetData in Core/Ap4DataBuffer.cpp.
- risk 0.57cvss 8.8epss 0.01
An issue has been discovered in Bento4 1.5.1-624. AP4_MemoryByteStream::WritePartial in Core/Ap4ByteStream.cpp has a buffer over-read.
- risk 0.57cvss 8.8epss 0.01
An issue has been discovered in Bento4 1.5.1-624. A SEGV can occur in AP4_Mpeg2TsAudioSampleStream::WriteSample in Core/Ap4Mpeg2Ts.cpp, a different vulnerability than CVE-2018-14532.
- risk 0.57cvss 8.8epss 0.01
An issue has been discovered in Bento4 1.5.1-624. AP4_BytesToUInt16BE in Core/Ap4Utils.h has a heap-based buffer over-read after a call from the AP4_Stz2Atom class.
- risk 0.57cvss 8.8epss 0.02
An issue has been discovered in Bento4 1.5.1-624. AP4_AvccAtom::Create in Core/Ap4AvccAtom.cpp has a heap-based buffer over-read.
- risk 0.57cvss 8.8epss 0.00
xyhai.php?s=/Auth/addUser in XYHCMS 3.5 allows CSRF to add a background administrator account.
- risk 0.57cvss 8.8epss 0.01
index.php?r=admini/admin/create in BageCMS V3.1.3 allows CSRF to add a background administrator account.
- risk 0.42cvss 7.5epss 0.02
Wizkunde SAMLBase may incorrectly utilize the results of XML DOM traversal and canonicalization APIs in such a way that an attacker may be able to manipulate the SAML data without invalidating the cryptographic signature, allowing the attack to potentially bypass authentication…
- risk 0.49cvss 7.5epss 0.05
Some Navarino Infinity functions, up to version 2.2, placed in the URL can bypass any authentication mechanism leading to an information leak.
- risk 0.58cvss 8.8epss 0.04
Navarino Infinity is prone to session fixation attacks. The server accepts the session ID as a GET parameter which can lead to bypassing the two factor authentication in some installations. This could lead to phishing attacks that can bypass the two factor authentication that is…
- risk 0.53cvss 8.2epss 0.01
Open Shortest Path First (OSPF) protocol implementations may improperly determine Link State Advertisement (LSA) recency for LSAs with MaxSequenceNumber. According to RFC 2328 section 13.1, for two instances of the same LSA, recency is determined by first comparing sequence…
- risk 0.53cvss 8.1epss 0.02
CalAmp LMU 3030 series OBD-II CDMA and GSM devices has an SMS (text message) interface that can be deployed where no password is configured for this interface by the integrator / reseller. This interface must be password protected, otherwise, the attacker only needs to know the…