The Common Vulnerabilities and Exposures (CVE) project, maintained by the MITRE Corporation, is a list of all standardized names for vulnerabilities and security exposures.
| ID | Description | Priority | Modified date |
|---|---|---|---|
| CVE-2017-14012 | Boston Scientific ZOOM LATITUDE PRM Model 3120 does not encrypt PHI at rest. CVSS v3 base score: 4.6; CVSS vector string: AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N. | LOW | May 2, 2018 |
| CVE-2017-14014 | Boston Scientific ZOOM LATITUDE PRM Model 3120 uses a hard-coded cryptographic key to encrypt PHI prior to having it transferred to removable media. CVSS v3 base score: 4.6; CVSS vector string: AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N. | LOW | May 2, 2018 |
| CVE-2017-1601 | IBM Security Guardium 10.0, 10.0.1, and 10.1 through 10.1.4 Database Activity Monitor does not require that users should have strong passwords by default, which makes it easier for attackers to compromise user accounts. IBM X-Force ID: 132624. | HIGH | May 2, 2018 |
| CVE-2018-0278 | A vulnerability in the management console of Cisco Firepower System Software could allow an unauthenticated, remote attacker to access sensitive data about the system. The vulnerability is due to improper cross-origin domain protections for the WebSocket protocol. An attacker could exploit this vulnerability by convincing a user to visit a malicious website designed to send requests to the affected application while the user is logged into the application with an active session cookie. A successful exploit could allow the attacker to retrieve policy or configuration information from the affected software and to perform another attack against the management console. Cisco Bug IDs: CSCvh68311. | MEDIUM | May 2, 2018 |
| CVE-2018-0283 | A vulnerability in the detection engine of Cisco Firepower System Software could allow an unauthenticated, remote attacker to restart an instance of the Snort detection engine on an affected device, resulting in a brief denial of service (DoS) condition. The vulnerability is due to the incorrect handling of Transport Layer Security (TLS) TCP connection setup for the affected software. An attacker could exploit this vulnerability by sending crafted TLS traffic to an affected device. A successful exploit could allow the attacker to cause the Snort detection engine on the affected device to restart, resulting in a DoS condition. Cisco Bug IDs: CSCvg99327. | MEDIUM | May 2, 2018 |
| CVE-2018-10255 | A CSV Injection vulnerability was discovered in clustercoding Blog Master Pro v1.0 that allows a user with low level privileges to inject a command that will be included in the exported CSV file, leading to possible code execution. | MEDIUM | May 2, 2018 |
| CVE-2018-10256 | A SQL Injection vulnerability was discovered in HRSALE The Ultimate HRM v1.0.2 that allows a user with low level privileges to directly modify the SQL query. | MEDIUM | May 2, 2018 |
| CVE-2018-10257 | A CSV Injection vulnerability was discovered in HRSALE The Ultimate HRM v1.0.2 that allows a user with low level privileges to inject a command that will be included in the exported CSV file, leading to possible code execution. | MEDIUM | May 2, 2018 |
| CVE-2018-10258 | A CSV Injection vulnerability was discovered in Shopy Point of Sale v1.0 that allows a user with low level privileges to inject a command that will be included in the exported CSV file, leading to possible code execution. | MEDIUM | May 2, 2018 |
| CVE-2018-10259 | An Authenticated Stored XSS vulnerability was found in HRSALE The Ultimate HRM v1.0.2, exploitable by a low privileged user. | LOW | May 2, 2018 |
| CVE-2018-10260 | A Local File Inclusion vulnerability was found in HRSALE The Ultimate HRM v1.0.2, exploitable by a low privileged user. | MEDIUM | May 2, 2018 |
| CVE-2018-10294 | Flexense DiskBoss Enterprise v7.4.28 to v9.1.16 has XSS. | MEDIUM | May 2, 2018 |
| CVE-2018-10544 | Meross MSS110 devices through 1.1.24 contain an unauthenticated admin.htm administrative interface. | MEDIUM | May 2, 2018 |
| CVE-2018-10563 | An XSS in Flexense SyncBreeze affects all versions (tested from SyncBreeze Enterprise from v10.1 to v10.7). | MEDIUM | May 2, 2018 |
| CVE-2018-10564 | XSS exists in Flexense DiskPulse Enterprise from v10.4 to v10.7. | MEDIUM | May 2, 2018 |
| CVE-2018-10565 | XSS exists in Flexense DiskSavvy Enterprise from v10.4 to v10.7. | MEDIUM | May 2, 2018 |
| CVE-2018-10566 | XSS exists in Flexense DupScout Enterprise from v10.0.18 to v10.7. | MEDIUM | May 2, 2018 |
| CVE-2018-10567 | XSS exists in Flexense VX Search Enterprise from v10.1.12 to v10.7. | MEDIUM | May 2, 2018 |
| CVE-2018-10568 | XSS exists in Flexense DiskSorter Enterprise from v9.5.12 to v10.7. | MEDIUM | May 2, 2018 |
| CVE-2018-10577 | An issue was discovered on WatchGuard AP100, AP102, and AP200 devices with firmware before 1.2.9.15, and AP300 devices with firmware before 2.0.0.10. File upload functionality allows any users authenticated on the web interface to upload files containing code to the web root, allowing these files to be executed as root. | HIGH | May 2, 2018 |
| CVE-2018-10578 | An issue was discovered on WatchGuard AP100, AP102, and AP200 devices with firmware before 1.2.9.15, and AP300 devices with firmware before 2.0.0.10. Incorrect validation of the old password field in the change password form allows an attacker to bypass validation of this field. | HIGH | May 2, 2018 |
| CVE-2018-10642 | Command injection vulnerability in Combodo iTop 2.4.1 allows remote authenticated administrators to execute arbitrary commands by changing the platform configuration, because web/env-production/itop-config/config.php contains a function called TestConfig() that calls the vulnerable function eval(). | MEDIUM | May 2, 2018 |
| CVE-2018-10645 | Golden Frog VyprVPN 2.12.1.8015 for Windows suffers from a SYSTEM privilege escalation vulnerability through the VyprVPN service. This service establishes a NetNamedPipe endpoint that allows applications to connect and call publicly exposed methods. The SetProperty method allows an attacker to configure the AdditionalOpenVpnParameters property and control the OpenVPN command line. Using the OpenVPN plugin parameter, an attacker may specify a dynamic library plugin that should run for every new VPN connection attempt. This plugin will execute code in the context of the SYSTEM user. This attack may be conducted using VyprVPN Free account credentials and the VyprVPN Desktop Client. | HIGH | May 2, 2018 |
| CVE-2018-10646 | CyberGhost 6.5.0.3180 for Windows suffers from a SYSTEM privilege escalation vulnerability through the CG6Service service. This service establishes a NetNamedPipe endpoint that allows arbitrary installed applications to connect and call publicly exposed methods. The ConnectToVpnServer method accepts a connectionParams argument that provides attacker control of the OpenVPN command line. An attacker can specify a dynamic library plugin that should run for every new VPN connection attempt. This plugin will execute code in the context of the SYSTEM user. | HIGH | May 2, 2018 |
| CVE-2018-10647 | SaferVPN 4.2.5 for Windows suffers from a SYSTEM privilege escalation vulnerability in its SaferVPN.Service service. The SaferVPN.Service service executes openvpn.exe using OpenVPN config files located within the current user's %LOCALAPPDATA%SaferVPNOvpnConfig directory. An authenticated attacker may modify these configuration files to specify a dynamic library plugin that should run for every new VPN connection attempt. This plugin will execute code in the context of the SYSTEM user. | HIGH | May 2, 2018 |
| CVE-2018-10657 | Matrix Synapse before 0.28.1 is prone to a denial of service flaw where malicious events injected with depth = 2^63 - 1 render rooms unusable, related to federation/federation_base.py and handlers/message.py, as exploited in the wild in April 2018. | MEDIUM | May 2, 2018 |
| CVE-2018-10665 | ILIAS 5.3.4 has XSS through unsanitized output of PHP_SELF, related to shib_logout.php and third-party demo files. | MEDIUM | May 2, 2018 |
| CVE-2018-10676 | CeNova, Night OWL, Novo, Pulnix, QSee, Securus, and TBK Vision DVR devices allow remote attackers to download a file and obtain sensitive credential information via a direct request for the download.rsp URI. | MEDIUM | May 2, 2018 |
| CVE-2018-10677 | The DecodeGifImg function in ngiflib.c in MiniUPnP ngiflib 0.4 lacks certain checks against width and height, which allows remote attackers to cause a denial of service (WritePixels heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted GIF file. | MEDIUM | May 2, 2018 |
| CVE-2018-10685 | In Long Range Zip (aka lrzip) 0.631, there is a use-after-free in the lzma_decompress_buf function of stream.c, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact. | HIGH | May 2, 2018 |
| CVE-2018-1468 | IBM API Connect 5.0.8.1 and 5.0.8.2 could allow a user to get access to internal environment and sensitive API details to which they are not authorized. IBM X-Force ID: 140399. | MEDIUM | May 2, 2018 |
| CVE-2018-1502 | IBM Content Manager Enterprise Edition Resource Manager 8.4.3 and 9.5 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 141338. | LOW | May 2, 2018 |
| CVE-2018-6401 | Meross MSS110 devices before 1.1.24 contain a TELNET listener providing access for an undocumented admin account with a blank password. | HIGH | May 2, 2018 |
| CVE-2018-8900 | The License Manager service of HASP SRM, Sentinel HASP and Sentinel LDK products prior to Sentinel LDK RTE 7.80 allows remote attackers to inject malicious web script in the logs page of Admin Control Center (ACC) for cross-site scripting (XSS) vulnerability. | MEDIUM | May 2, 2018 |
| CVE-2018-9919 | A web-accessible backdoor, with resultant SSRF, exists in Tp-shop 2.0.5 through 2.0.8, which allows remote attackers to obtain sensitive information, attack intranet hosts, or possibly trigger remote command execution, because /vendor/phpdocumentor/reflection-docblock/tests/phpDocumentor/Reflection/DocBlock/Tag/LinkTagTeet.php writes data from the down_url URL into the bddlj local file if the attacker knows the backdoor jmmy parameter. | HIGH | May 2, 2018 |
| CVE-2013-0159 | The fedora-business-cards package before 1-0.1.beta1.fc17 on Fedora 17 and before 1-0.1.beta1.fc18 on Fedora 18 allows local users to cause a denial of service or write to arbitrary files via a symlink attack on /tmp/fedora-business-cards-buffer.svg. | LOW | May 1, 2018 |
| CVE-2013-0185 | Cross-site request forgery (CSRF) vulnerability in ManageIQ Enterprise Virtualization Manager (EVM) allows remote attackers to hijack the authentication of users for requests that have unspecified impact via unknown vectors. | MEDIUM | May 1, 2018 |
| CVE-2013-2049 | Red Hat CloudForms 2 Management Engine (CFME) allows remote attackers to conduct session tampering attacks by leveraging use of a static secret_token.rb secret. | MEDIUM | May 1, 2018 |
| CVE-2013-4035 | IBM Sterling Connect:Direct for OpenVMS 3.4.00, 3.4.01, 3.5.00, 3.6.0, and 3.6.0.1 allow remote attackers to have unspecified impact by leveraging failure to reject client requests for an unencrypted session when used as the server in a TCP/IP session and configured for SSL encryption with the client. IBM X-Force ID: 86138. | MEDIUM | May 1, 2018 |
| CVE-2013-4040 | IBM Tivoli Application Dependency Discovery Manager (TADDM) 7.1.2.x before 7.2.1.5 and 7.2.x before 7.2.2.0 on Unix use weak permissions (755) for unspecified configuration and log files, which allows local users to obtain sensitive information by reading the files. IBM X-Force ID: 86176. | LOW | May 1, 2018 |
| CVE-2013-4201 | Katello allows remote authenticated users to call the system remove_deletion CLI command via vectors related to remove system permissions. | MEDIUM | May 1, 2018 |
| CVE-2013-4209 | Automatic Bug Reporting Tool (ABRT) before 2.1.6 allows local users to obtain sensitive information about arbitrary files via vectors related to sha1sums. | LOW | May 1, 2018 |
| CVE-2016-10036 | Unrestricted file upload vulnerability in ui/artifact/upload in JFrog Artifactory before 4.16 allows remote attackers to (1) deploy an arbitrary servlet application and execute arbitrary code by uploading a war file or (2) possibly write to arbitrary files and cause a denial of service by uploading an HTML file. | HIGH | May 1, 2018 |
| CVE-2016-6811 | In Apache Hadoop 2.x before 2.7.4, a user who can escalate to yarn user can possibly run arbitrary commands as root user. | HIGH | May 1, 2018 |
| CVE-2017-17020 | On D-Link DCS-5009 devices with firmware 1.08.11 and earlier, DCS-5010 devices with firmware 1.14.09 and earlier, and DCS-5020L devices with firmware before 1.15.01, command injection in alphapd (binary responsible for running the camera's web server) allows remote authenticated attackers to execute code through sanitized /setSystemAdmin user input in the AdminID field being passed directly to a call to system. | MEDIUM | May 1, 2018 |
| CVE-2017-18264 | An issue was discovered in libraries/common.inc.php in phpMyAdmin 4.0 before 4.0.10.20, 4.4.x, 4.6.x, and 4.7.0 prereleases. The restrictions caused by $cfg[\'Servers\'][$i][\'AllowNoPassword\'] = false are bypassed under certain PHP versions (e.g., version 5). This can allow the login of users who have no password set even if the administrator has set $cfg[\'Servers\'][$i][\'AllowNoPassword\'] to false (which is also the default). This occurs because some implementations of the PHP substr function return false when given \'\' as the first argument. | HIGH | May 1, 2018 |
| CVE-2017-5535 | The GridServer Broker, GridServer Driver, and GridServer Engine components of TIBCO Software Inc. TIBCO DataSynapse GridServer Manager contain vulnerabilities related to both the improper use of encryption mechanisms and the use of weak ciphers. A malicious actor could theoretically compromise the traffic between any of the components. Affected releases include TIBCO Software Inc.'s TIBCO DataSynapse GridServer Manager: versions up to and including 5.1.3; 6.0.0; 6.0.1; 6.0.2; 6.1.0; 6.1.1; and 6.2.0. | MEDIUM | May 1, 2018 |
| CVE-2017-5536 | The GridServer Broker, and GridServer Director components of TIBCO Software Inc. TIBCO DataSynapse GridServer Manager contain vulnerabilities which may allow an authenticated user to perform cross-site scripting (XSS). In addition, an authenticated user could be a victim of a cross-site request forgery (CSRF) attack. Affected releases include TIBCO Software Inc.'s TIBCO DataSynapse GridServer Manager: versions up to and including 5.1.3; 6.0.0; 6.0.1; 6.0.2; 6.1.0; 6.1.1; and 6.2.0. | LOW | May 1, 2018 |
| CVE-2018-10365 | An XSS issue was discovered in the Threads to Link plugin 1.3 for MyBB. When editing a thread, the user is given the option to convert the thread to a link. The thread link input box is not properly sanitized. | LOW | May 1, 2018 |
| CVE-2018-10581 | In Octopus Deploy 3.4.x before 2018.4.7, an authenticated user is able to view/update/save variable values within the Tenant Variables area for Environments that do not exist within their associated Team scoping. This occurs in situations where this authenticated user also belongs to multiple teams, where one of the Teams has the VariableEdit permission or VariableView permissions for the Environment. | MEDIUM | May 1, 2018 |
