PDF-XChange Editor Plus 7.0.326.1 (x64) Multilingual + Portable

Adobe Creative Cloud Installer 4.60.384 (free) 2.0 Mb KASPERSKY 2019 ACTIVATION MEDICINE Next PDF-XChange Editor Plus 7.0.326.1 Multilingual. XTechカメラドライバー,即興ブルースピアノティムリチャーズpdfダウンロード,Sugar スキンパックv4.2.2（サンプル用）,PDF-XChange Editor Plus 7.0.326.1（x86. I then updated & scanned with free Malwarebytes, which found nothing. FF Plugin: @Tracker-software.com/PDF-XChange Editor Plugin.

PDF-Xchange Editor 7.0.326.1 License Free Activators - does

PDF-Xchange Editor 7.0.326.1 License Free Activators - sorry, can

Comment(1644) win.ini URI.2018-08-30not yet calculatedCVE-2018-16237
MISCdamicms -- damicmsAn issue was discovered in damiCMS V6.0.1. It relies on the PHP time() function for cookies, which makes it possible to determine the cookie for an existing admin session via 10800 guesses.2018-08-30not yet calculatedCVE-2018-16239
MISCdocker -- docker_for_windowsHandleRequestAsync in Docker for Windows before 18.06.0-ce-rc3-win68 (edge) and before 18.06.0-ce-win72 (stable) deserialized requests over the \\.\pipe\dockerBackend named pipe without verifying the validity of the deserialized .NET objects. This would allow a malicious user in the "docker-users" group (who may not otherwise have administrator access) to escalate to administrator privileges.2018-08-31not yet calculatedCVE-2018-15514
MISC
MISC
MISCe107 -- e107
e107 2.1.8 has CSRF in 'usersettings.php' with an impact of changing details such as passwords of users including administrators.2018-08-28not yet calculatedCVE-2018-15901
MISCeaton -- power_xpert_meterEaton Power Xpert Meter 4000, 6000, and 8000 devices before 13.4.0.10 have a single SSH private key across different customers' installations and do not properly restrict access to this key, which makes it easier for remote attackers to perform SSH logins (to uid 0) via the PubkeyAuthentication option.2018-08-30not yet calculatedCVE-2018-16158
MISC
MISCeaton -- power_xpert_meterMichael Roth Software Personal FTP Server (PFTP) through 8.4f allows remote attackers to cause a denial of service (daemon crash) via an unspecified sequence of FTP commands.2018-08-30not yet calculatedCVE-2018-16231
MISCelfutils -- elfutilsdwarf_getaranges in dwarf_getaranges.c in libdw in elfutils before 2018-08-18 allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted file.2018-08-28not yet calculatedCVE-2018-16062
MISC
MISCepiserver -- episerver
XML external entity (XXE) vulnerability in Episerver 7 patch 4 and earlier allows remote attackers to read arbitrary files via a crafted DTD in an XML request involving util/xmlrpc/Handler.ashx.2018-08-29not yet calculatedCVE-2017-17762
MISC
MISCepson -- iprint_application_6.6.3_for_androidThe EPSON iPrint application 6.6.3 for Android contains hard-coded API and Secret keys for the Dropbox, Box, Evernote and OneDrive services.2018-08-30not yet calculatedCVE-2018-14901
MISCepson -- iprint_application_6.6.3_for_androidThe ContentProvider in the EPSON iPrint application 6.6.3 for Android does not properly restrict data access. This allows an attacker's application to read scanned documents.2018-08-30not yet calculatedCVE-2018-14902
MISCepson -- wf-2750_printer_with_firmware_jp02i2On the EPSON WF-2750 printer with firmware JP02I2, the Web interface AirPrint Setup page is vulnerable to HTML Injection that can redirect users to malicious sites.2018-08-30not yet calculatedCVE-2018-14899
MISCepson -- wf-2750_printer_with_firmware_jp02i2EPSON WF-2750 printers with firmware JP02I2 do not properly validate files before running updates, which allows remote attackers to cause a printer malfunction or send malicious data to the printer.2018-08-30not yet calculatedCVE-2018-14903
MISCepson -- wf-2750_printer_with_firmware_jp02i2On EPSON WF-2750 printers with firmware JP02I2, there is no filtering of print jobs. Remote attackers can send print jobs directly to the printer via TCP port 9100.2018-08-30not yet calculatedCVE-2018-14900
MISCexiv2 -- exiv2Exiv2::Internal::PngChunk::parseTXTChunk in Exiv2 v0.26 allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted image file, a different vulnerability than CVE-2018-10999.2018-09-01not yet calculatedCVE-2018-16336
MISCfig2dev -- fig2dev
A buffer underwrite vulnerability in get_line() (read.c) in fig2dev 3.2.7a allows an attacker to write prior to the beginning of the buffer via a crafted .fig file.2018-08-29not yet calculatedCVE-2018-16140
MISCfoxit -- reader
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.1.0.5096. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing of PDF files. The issue results from the lack of proper validation of user-supplied data, which can result in a type confusion condition. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-6683.2018-08-30not yet calculatedCVE-2018-14317
CONFIRM
MISCgetsimple -- cmsThere is XSS in GetSimple CMS 3.4.0.9 via the admin/edit.php title field.2018-09-01not yet calculatedCVE-2018-16325
MISCgleez -- cmsThere is a CSRF vulnerability that can add an administrator account in Gleez CMS 1.2.0 via admin/users/add.2018-08-25not yet calculatedCVE-2018-15845
MISC
EXPLOIT-DBgoogle -- chromeUse after free in PDFium in Google Chrome prior to 63.0.3239.84 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file.2018-08-28not yet calculatedCVE-2017-15410
REDHAT
MISC
MISC
GENTOO
DEBIANgoogle -- chromeIncorrect serialization in IPC in Google Chrome prior to 63.0.3239.84 allowed a remote attacker to leak the value of a pointer via a crafted HTML page.2018-08-28not yet calculatedCVE-2017-15415
REDHAT
MISC
MISC
GENTOO
DEBIANgoogle -- chromeInappropriate implementation in Skia canvas composite operations in Google Chrome prior to 63.0.3239.84 allowed a remote attacker to leak cross-origin data via a crafted HTML page.2018-08-28not yet calculatedCVE-2017-15417
REDHAT
MISC
MISC
GENTOO
DEBIANgoogle -- chromeInappropriate implementation in browser navigation in Google Chrome prior to 63.0.3239.84 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.2018-08-28not yet calculatedCVE-2017-15420
SECTRACK
REDHAT
MISC
MISC
GENTOO
DEBIAN
DEBIANgoogle -- chromeUse of uninitialized memory in Skia in Google Chrome prior to 63.0.3239.84 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page.2018-08-28not yet calculatedCVE-2017-15418
REDHAT
MISC
MISC
GENTOO
DEBIANgoogle -- chromeHeap buffer overflow in Blob API in Google Chrome prior to 63.0.3239.84 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page, aka a Blink out-of-bounds read.2018-08-28not yet calculatedCVE-2017-15416
REDHAT
MISC
MISC
GENTOO
DEBIANgoogle -- chromeInappropriate implementation in BoringSSL SPAKE2 in Google Chrome prior to 63.0.3239.84 allowed a remote attacker to leak the low-order bits of SHA512(password) by inspecting protocol traffic.2018-08-28not yet calculatedCVE-2017-15423
REDHAT
MISC
MISC
GENTOO
DEBIANgoogle -- chromeA use after free in V8 in Google Chrome prior to 62.0.3202.89 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.2018-08-28not yet calculatedCVE-2017-15399
BID
REDHAT
MISC
MISC
GENTOO
DEBIANgoogle -- chromeInteger overflow in international date handling in International Components for Unicode (ICU) for C/C++ before 60.1, as used in V8 in Google Chrome prior to 63.0.3239.84 and other products, allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page.2018-08-28not yet calculatedCVE-2017-15422
REDHAT
MISC
MISC
GENTOO
UBUNTU
DEBIANgoogle -- chromeInsufficient policy enforcement in Omnibox in Google Chrome prior to 63.0.3239.84 allowed a remote attacker to perform domain spoofing via IDN homographs in a crafted domain name.2018-08-28not yet calculatedCVE-2017-15424
REDHAT
MISC
MISC
GENTOO
DEBIANgoogle -- chromeUnsafe navigation in Chromecast in Google Chrome prior to 63.0.3239.84 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page.2018-08-28not yet calculatedCVE-2017-15430
MISC
MISCgoogle -- chromeInsufficient policy enforcement in Resource Timing API in Google Chrome prior to 63.0.3239.84 allowed a remote attacker to infer browsing history by triggering a leaked cross-origin URL via a crafted HTML page.2018-08-28not yet calculatedCVE-2017-15419
REDHAT
MISC
MISC
GENTOO
DEBIANgoogle -- chromeUse after free in PDFium in Google Chrome prior to 63.0.3239.84 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file.2018-08-28not yet calculatedCVE-2017-15411
REDHAT
MISC
MISC
GENTOO
DEBIANgoogle -- chromeOut-of-bounds Write in the QUIC networking stack in Google Chrome prior to 63.0.3239.84 allowed a remote attacker to gain code execution via a malicious server.2018-08-28not yet calculatedCVE-2017-15407
REDHAT
MISC
MISC
GENTOO
DEBIANgoogle -- chromeInsufficient policy enforcement in Omnibox in Google Chrome prior to 63.0.3239.84 allowed a remote attacker to perform domain spoofing via IDN homographs in a crafted domain name.2018-08-28not yet calculatedCVE-2017-15425
REDHAT
MISC
MISC
GENTOO
DEBIANgoogle -- chromeInsufficient policy enforcement in Omnibox in Google Chrome prior to 63.0.3239.84 allowed a remote attacker to perform domain spoofing via IDN homographs in a crafted domain name.2018-08-28not yet calculatedCVE-2017-15426
REDHAT
MISC
MISC
GENTOO
DEBIANgoogle -- chromeHeap buffer overflow in Omnibox in Google Chrome prior to 63.0.3239.84 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file that is mishandled by PDFium.2018-08-28not yet calculatedCVE-2017-15408
REDHAT
MISC
MISC
GENTOO
DEBIANgoogle -- chromeA stack buffer overflow in V8 in Google Chrome prior to 62.0.3202.75 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page.2018-08-28not yet calculatedCVE-2017-15406
MISC
MISCgoogle -- chromeHeap buffer overflow in Skia in Google Chrome prior to 63.0.3239.84 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.2018-08-28not yet calculatedCVE-2017-15409
REDHAT
MISC
MISC
GENTOO
DEBIANgoogle -- chromeInsufficient policy enforcement in Omnibox in Google Chrome prior to 63.0.3239.84 allowed a socially engineered user to XSS themselves by dragging and dropping a javascript: URL into the URL bar.2018-08-28not yet calculatedCVE-2017-15427
REDHAT
MISC
MISC
GENTOO
DEBIANgoogle -- chromeUse after free in libxml2 before 2.9.5, as used in Google Chrome prior to 63.0.3239.84 and other products, allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.2018-08-28not yet calculatedCVE-2017-15412
SECTRACK
REDHAT
REDHAT
MISC
MISC
MISC
MLIST
GENTOO
DEBIANgoogle -- chromeType confusion in WebAssembly in V8 in Google Chrome prior to 63.0.3239.84 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.2018-08-28not yet calculatedCVE-2017-15413
REDHAT
MISC
MISC
GENTOO
DEBIANgoogle -- chromeInappropriate implementation in V8 WebAssembly JS bindings in Google Chrome prior to 63.0.3239.108 allowed a remote attacker to inject arbitrary scripts or HTML (UXSS) via a crafted HTML page.2018-08-28not yet calculatedCVE-2017-15429
BID
REDHAT
MISC
MISC
GENTOO
DEBIANgoogle -- chromeA stack buffer overflow in the QUIC networking stack in Google Chrome prior to 62.0.3202.89 allowed a remote attacker to gain code execution via a malicious server.2018-08-28not yet calculatedCVE-2017-15398
BID
REDHAT
MISC
MISC
GENTOO
DEBIANgoogle -- chrome
A stack buffer overflow in NumberingSystem in International Components for Unicode (ICU) for C/C++ before 60.2, as used in V8 in Google Chrome prior to 62.0.3202.75 and other products, allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.2018-08-28not yet calculatedCVE-2017-15396
MISC
BID
REDHAT
MISC
MISC
GENTOO
DEBIANgrafana -- grafana
Grafana 2.x, 3.x, and 4.x before 4.6.4 and 5.x before 5.2.3 allows authentication bypass because an attacker can generate a valid "remember me" cookie knowing only a username of an LDAP or OAuth user.2018-08-29not yet calculatedCVE-2018-15727
BID
CONFIRMibm -- cloud_orchestratorA vulnerability has been identified in IBM Cloud Orchestrator 2.3, 2.3.0.1, 2.4, and 2.4.0.1 that could allow an attacker after authentication to enumerate valid users of the system. IBM X-Force ID: 109394.2018-08-30not yet calculatedCVE-2016-0205
XF
CONFIRMibm -- maximo_asset_managementIBM Maximo Asset Management 7.6 through 7.6.3 is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database. IBM X-Force ID: 145968.2018-08-24not yet calculatedCVE-2018-1699
BID
XF
CONFIRMibm -- openpages_grc_platformIBM OpenPages GRC Platform 7.1, 7.2, and 7.3 could allow a local user to obtain sensitive information when a previous user has logged out of the system but neglected to close their browser. IBM X-Force ID: 110303.2018-08-30not yet calculatedCVE-2016-0234
CONFIRM
XFibm -- platform_symphonyIBM Platform Symphony 7.1 Fix Pack 1 and 7.1.1 and IBM Spectrum Symphony 7.1.2 and 7.2.0.2 contain an information disclosure vulnerability that could allow an authenticated attacker to obtain highly sensitive information. IBM X-Force ID: 146340.2018-08-28not yet calculatedCVE-2018-1705
XF
CONFIRMibm -- security_access_manager_applianceIBM Security Access Manager Appliance 9.0.4.0 and 9.0.5.0 could allow remote code execution when Advanced Access Control or Federation services are running. IBM X-Force ID: 147370.2018-08-24not yet calculatedCVE-2018-1722
BID
SECTRACK
XF
CONFIRMibm -- urbancode_deployIBM UrbanCode Deploy 6.0 through 6.2.2.1 could allow an authenticated user to read sensitive information due to UCD REST endpoints not properly authorizing users when determining who can read data. IBM X-Force ID: 112119.2018-08-30not yet calculatedCVE-2016-0373
CONFIRM
XFibm -- websphere_application_server_libertyIBM WebSphere Application Server Liberty could allow a remote attacker to obtain sensitive information, caused by incorrect transport being used when Liberty is configured to use Java Authentication SPI for Containers (JASPIC). This can happen when the Application Server is configured to permit access on non-secure (http) port and using JASPIC or JSR375 authentication.2018-08-24not yet calculatedCVE-2018-1755
BID
SECTRACK
XF
CONFIRMibm -- websphere_commerceIBM WebSphere Commerce Enterprise, Professional, Express, and Developer 9.0.0.0 - 9.0.0.4, 8.0.0.0 - 8.0.0.19, 8.0.1.0 - 8.0.1.13, 8.0.3.0 - 8.0.3.6, 8.0.4.0 - 8.0.4.14, and 7.0.0.0 Feature Pack 8 could allow an authenticated user to obtain sensitive information about another user.2018-08-27not yet calculatedCVE-2018-1644
CONFIRM
XFicewarp -- serverIn IceWarp Server 12.0.3.1 and before, there is XSS in the /webmail/ username field.2018-09-01not yet calculatedCVE-2018-16324
MISC
MISCicms -- icmsAn issue was discovered in iCMS 7.0.9. There is an admincp.php?app=article&do=update CSRF vulnerability.2018-09-01not yet calculatedCVE-2018-16332
MISCidera -- up.timeAn issue was discovered in post2file.php in Up.Time Monitoring Station 7.5.0 (build 16) and 7.4.0 (build 13). It allows an attacker to upload an arbitrary file, such as a .php file that can execute arbitrary OS commands.2018-08-27not yet calculatedCVE-2015-9263
MISC
EXPLOIT-DB
MISCidreamsoft -- icmsAn issue was discovered in admincp.php in idreamsoft iCMS 7.0.11. When verifying CSRF_TOKEN, if CSRF_TOKEN does not exist, only the Referer header is validated, which can be bypassed via an admincp.php substring in this header.2018-09-01not yet calculatedCVE-2018-16314
MISCidreamsoft -- icmsidreamsoft iCMS 7.0.11 allows admincp.php?app=config Directory Traversal, resulting in execution of arbitrary PHP code from a ZIP file.2018-09-01not yet calculatedCVE-2018-16320
MISCidreamsoft -- icmsAn SSRF vulnerability was discovered in idreamsoft iCMS 7.0.11 because the remote function in app/spider/spider_tools.class.php does not block DNS hostnames associated with private and reserved IP addresses, as demonstrated by 127.0.0.1 in an A record. NOTE: this vulnerability exists because of an incomplete fix for CVE-2018-14858.2018-08-27not yet calculatedCVE-2018-15895
MISCimagemagick -- imagemagickIn ImageMagick before 7.0.8-8, a NULL pointer dereference exists in the GetMagickProperty function in MagickCore/property.c.2018-09-01not yet calculatedCVE-2018-16329
MISCimagemagick -- imagemagickReadXBMImage in coders/xbm.c in ImageMagick before 7.0.8-9 leaves data uninitialized when processing an XBM file that has a negative pixel value. If the affected code is used as a library loaded into a process that includes sensitive information, that information sometimes can be leaked via the image data.2018-09-01not yet calculatedCVE-2018-16323
MISCimagemagick -- imagemagick
In ImageMagick before 7.0.8-8, a NULL pointer dereference exists in the CheckEventLogging function in MagickCore/log.c.2018-09-01not yet calculatedCVE-2018-16328
MISCinfoblox -- netmriInfoblox NetMRI 7.1.1 has Reflected Cross-Site Scripting via the /api/docs/index.php query parameter.2018-08-28not yet calculatedCVE-2018-6643
MISCjoomla -- joomlaAn issue was discovered in Joomla! before 3.8.12. Inadequate checks in the InputFilter class could allow specifically prepared phar files to pass the upload filter.2018-08-28not yet calculatedCVE-2018-15882
BID
CONFIRMjoomla -- joomlaAn issue was discovered in Joomla! before 3.8.12. Inadequate checks regarding disabled fields can lead to an ACL violation.2018-08-28not yet calculatedCVE-2018-15881
BID
CONFIRMjoomla -- joomla
The Joomanager component through 2.0.0 for Joomla! has an arbitrary file download issue, resulting in exposing the credentials of the database via an index.php?option=com_joomanager&controller=details&task=download&path=configuration.php request.2018-08-26not yet calculatedCVE-2017-18345
MISC
MISC
EXPLOIT-DBjoomla -- joomla
An issue was discovered in Joomla! before 3.8.12. Inadequate output filtering on the user profile page could lead to a stored XSS attack.2018-08-28not yet calculatedCVE-2018-15880
BID
CONFIRMlansweeper -- lansweeperLansweeper 4.x through 6.x before 6.0.0.48 allows attackers to execute arbitrary code on the administrator's workstation via a crafted Windows service.2018-08-27not yet calculatedCVE-2015-9264
MISClibtiff -- libtiffnewoffsets handling in ChopUpSingleUncompressedStrip in tif_dirread.c in LibTIFF 4.0.9 allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted TIFF file, as demonstrated by tiff2pdf. This is a different vulnerability than CVE-2018-15209.2018-09-01not yet calculatedCVE-2018-16335
MISClibtirpc -- libtirpcA null-pointer dereference vulnerability was found in libtirpc before version 0.3.3-rc3. The return value of makefd_xprt() was not checked in all instances, which could lead to a crash when the server exhausted the maximum number of available file descriptors. A remote attacker could cause an rpc-based application to crash by flooding it with new connections.2018-08-30not yet calculatedCVE-2018-14622
CONFIRM
REDHAT
CONFIRM
CONFIRM
MLISTlibtirpc -- libtirpc
An infinite loop vulnerability was found in libtirpc before version 1.0.2-rc2. With the port to using poll rather than select, exhaustion of file descriptors would cause the server to enter an infinite loop, consuming a large amount of CPU time and denying service to other clients until restarted.2018-08-30not yet calculatedCVE-2018-14621
CONFIRM
CONFIRM
CONFIRMlibx11 -- libx11An issue was discovered in libX11 through 1.6.5. The function XListExtensions in ListExt.c is vulnerable to an off-by-one error caused by malicious server responses, leading to DoS or possibly unspecified other impact.2018-08-24not yet calculatedCVE-2018-14599
MLIST
BID
SECTRACK
CONFIRM
CONFIRM
MLIST
MLIST
UBUNTUlibx11 -- libx11An issue was discovered in libX11 through 1.6.5. The function XListExtensions in ListExt.c interprets a variable as signed instead of unsigned, resulting in an out-of-bounds write (of up to 128 bytes), leading to DoS or remote code execution.2018-08-24not yet calculatedCVE-2018-14600
MLIST
BID
SECTRACK
CONFIRM
CONFIRM
MLIST
MLIST
UBUNTUlibx11 -- libx11
An issue was discovered in XListExtensions in ListExt.c in libX11 through 1.6.5. A malicious server can send a reply in which the first string overflows, causing a variable to be set to NULL that will be freed later on, leading to DoS (segmentation fault).2018-08-24not yet calculatedCVE-2018-14598
MLIST
BID
SECTRACK
CONFIRM
CONFIRM
MLIST
MLIST
UBUNTUlibzypp -- libzypp
The decoupled download and installation steps in libzypp before 17.5.0 could lead to a corrupted RPM being left in the cache, where a later call would not display the corrupted RPM warning and allow installation, a problem caused by malicious warnings only displayed during download.2018-08-31not yet calculatedCVE-2018-7685
MISC
CONFIRM
MISClightbend -- akkaLightbend Akka 2.5.x before 2.5.16 allows message disclosure and modification because of an RNG error. A random number generator is used in Akka Remoting for TLS (both classic and Artery Remoting). Akka allows configuration of custom random number generators. For historical reasons, Akka included the AES128CounterSecureRNG and AES256CounterSecureRNG random number generators. The implementations had a bug that caused the generated numbers to be repeated after only a few bytes. The custom RNG implementations were not configured by default but examples in the documentation showed (and therefore implicitly recommended) using the custom ones. This can be used by an attacker to compromise the communication if these random number generators are enabled in configuration. It would be possible to eavesdrop, replay, or modify the messages sent with Akka Remoting/Cluster.2018-08-29not yet calculatedCVE-2018-16115
MISClightbend -- akkaThe decodeRequest and decodeRequestWith directives in Lightbend Akka HTTP 10.1.x through 10.1.4 and 10.0.x through 10.0.13 allow remote attackers to cause a denial of service (memory consumption and daemon crash) via a ZIP bomb.2018-08-30not yet calculatedCVE-2018-16131
MISC
MISC
MISClinux -- linux_kernelAn issue was discovered in yurex_read in drivers/usb/misc/yurex.c in the Linux kernel before 4.17.7. Local attackers could use user access read/writes with incorrect bounds checking in the yurex USB driver to crash the kernel or potentially escalate privileges.2018-08-31not yet calculatedCVE-2018-16276
MISC
MISC
MISClinux -- linux_kernelA flaw was found in the crypto subsystem of the Linux kernel before version kernel-4.15-rc4. The "null skcipher" was being dropped when each af_alg_ctx was freed instead of when the aead_tfm was freed. This can cause the null skcipher to be freed while it is still in use leading to a local user being able to crash the system or possibly escalate privileges.2018-08-30not yet calculatedCVE-2018-14619
CONFIRM
CONFIRMlinux -- linux_kernel
A flaw was found in the Linux kernel present since v4.0-rc1 and through v4.13-rc4. A crafted network packet sent remotely by an attacker may force the kernel to enter an infinite loop in the cipso_v4_optptr() function in net/ipv4/cipso_ipv4.c leading to a denial-of-service.2018-08-27not yet calculatedCVE-2018-10938
MLIST
BID
SECTRACK
CONFIRM
CONFIRMmanjaro -- linuxAn issue was discovered in manjaro-update-system.sh in manjaro-system 20180716-1 on Manjaro Linux. A local attacker can install or remove arbitrary packages and package repositories potentially containing hooks with arbitrary code, which will automatically be run as root, or remove packages vital to the system.2018-08-29not yet calculatedCVE-2018-15912
CONFIRM
MLIST

mediacomm -- zip-n-go

MediaComm Zip-n-Go before 4.95 has a Buffer Overflow via a crafted file.2018-09-01not yet calculatedCVE-2018-16302
EXPLOIT-DBmicro_focus -- service_management_automation_containerized_suitesRemote Code Execution in the following products Hybrid Cloud Management Containerized Suite HCM2017.11, HCM2018.02, HCM2018.05, Operations Bridge Containerized Suite 2017.11, 2018.02, 2018.05, Data Center Automation Containerized Suite 2017.01 until 2018.05, Service Management Automation Suite 2017.11, 2018.02, 2018.05, Service Virtualization (SV) with floating licenses using Any version using APLS older than 10.7, Unified Functional Testing (UFT) with floating licenses using Any version using APLS older than 10.7, Network Virtualization (NV) with floating licenses using Any version using APLS older than 10.7 and Network Operations Management (NOM) Suite CDF 2017.11, 2018.02, 2018.05 will allow Remote Code Execution.2018-08-30not yet calculatedCVE-2018-6499
CONFIRM
CONFIRM
CONFIRM
CONFIRM
CONFIRM
CONFIRMmicro_focus -- service_management_automation_containerized_suites
Remote Code Execution in the following products Hybrid Cloud Management Containerized Suite HCM2017.11, HCM2018.02, HCM2018.05, Operations Bridge Containerized Suite 2017.11, 2018.02, 2018.05, Data Center Automation Containerized Suite 2017.01 until 2018.05, Service Management Automation Suite 2017.11, 2018.02, 2018.05 and Network Operations Management (NOM) Suite CDF 2017.11, 2018.02, 2018.05 will allow Remote Code Execution.2018-08-30not yet calculatedCVE-2018-6498
CONFIRM
CONFIRM
CONFIRM
CONFIRM
CONFIRMminicms -- minicmsAn issue was discovered in MiniCMS 1.10. There is a post.php?date= XSS vulnerability.2018-08-27not yet calculatedCVE-2018-15899
MISCminicms -- minicmsAn issue was discovered in MiniCMS 1.10. There is an mc-admin/post.php?tag= XSS vulnerability for a state=delete, state=draft, or state=publish request.2018-08-31not yet calculatedCVE-2018-16298
MISCminicms -- minicmsMiniCMS V1.10 has XSS via the mc-admin/post-edit.php tags parameter.2018-08-30not yet calculatedCVE-2018-16233
MISCmorningstar -- whatwebMorningStar WhatWeb 0.4.9 has XSS via JSON report files.2018-08-30not yet calculatedCVE-2018-16234
MISCmutiny -- monitoring_applianceA command injection vulnerability in maintenance.cgi in Mutiny "Monitoring Appliance" before 6.1.0-5263 allows authenticated users, with access to the admin interface, to inject arbitrary commands within the filename of a system upgrade upload.2018-08-28not yet calculatedCVE-2018-15529
MISC
MISCmybb -- mybb
An issue was discovered in inc/class_feedgeneration.php in MyBB 1.8.17. On the forum RSS Syndication page, one can generate a URL such as http://localhost/syndication.php?fid=&type=atom1.0&limit=15. The thread titles (within title elements of the generated XML documents) aren't sanitized, leading to XSS.2018-08-28not yet calculatedCVE-2018-15596
CONFIRMmystrom -- wifi_switch_and_bulb_and_led_strip_and_button_devicesAn issue was discovered in myStrom WiFi Switch V1 before 2.66, WiFi Switch V2 before 3.80, WiFi Switch EU before 3.80, WiFi Bulb before 2.58, WiFi LED Strip before 3.80, WiFi Button before 2.73, and WiFi Button Plus before 2.73. Devices did not authenticate themselves to the cloud in device to cloud communication. This lack of device authentication allowed an attacker to impersonate any device by guessing or learning their MAC address.2018-08-30not yet calculatedCVE-2018-15479
MISCmystrom -- wifi_switch_and_bulb_and_led_strip_and_button_devicesAn issue was discovered in myStrom WiFi Switch V1 before 2.66, WiFi Switch V2 before 3.80, WiFi Switch EU before 3.80, WiFi Bulb before 2.58, WiFi LED Strip before 3.80, WiFi Button before 2.73, and WiFi Button Plus before 2.73. The process of registering a device with a cloud account was based on an activation code derived from the device MAC address. By guessing valid MAC addresses or using MAC addresses printed on devices in shops and reverse engineering the protocol, an attacker would have been able to register previously unregistered devices to their account. When the rightful owner would have connected them after purchase to their WiFi network, the devices would not have registered with their account, would subsequently not have been controllable from the owner's mobile app, and would not have been visible in the owner's account. Instead, they would have been under control of the attacker.2018-08-30not yet calculatedCVE-2018-15478
MISCmystrom -- wifi_switch_and_bulb_and_led_strip_and_button_devicesAn issue was discovered in myStrom WiFi Switch V1 before 2.66, WiFi Switch V2 before 3.80, WiFi Switch EU before 3.80, WiFi Bulb before 2.58, WiFi LED Strip before 3.80, WiFi Button before 2.73, and WiFi Button Plus before 2.73. The SSL/TLS server certificate in the device to cloud communication was not verified by the device. As a result, an attacker in control of the network traffic of a device could have taken control of a device by intercepting and modifying commands issued from the server to the device in a Man-in-the-Middle attack. This included the ability to inject firmware update commands into the communication and cause the device to install maliciously modified firmware.2018-08-30not yet calculatedCVE-2018-15476
MISCmystrom -- wifi_switch_and_bulb_and_led_strip_and_button_devicesAn issue was discovered in myStrom WiFi Switch V1 before 2.66, WiFi Switch V2 before 3.80, WiFi Switch EU before 3.80, WiFi Bulb before 2.58, WiFi LED Strip before 3.80, WiFi Button before 2.73, and WiFi Button Plus before 2.73. The cloud API had a hidden parameter, which allowed an authenticated user to reconfigure the server URL for a device registered to their account. In combination with an insecure device registration vulnerability, this allowed an attacker to reconfigure a maliciously registered device to their own rogue replica of the myStrom API and issue commands to the device, including firmware update commands.2018-08-30not yet calculatedCVE-2018-15480
MISCmystrom -- wifi_switch_devicesmyStrom WiFi Switch V1 devices before 2.66 did not sanitize a parameter received from the cloud that was used in an OS command. Malicious servers were able to run operating system commands on the device.2018-08-30not yet calculatedCVE-2018-15477
MISCnorton -- identity_safeThe Norton Identity Safe product prior to 5.3.0.976 may be susceptible to a privilege escalation issue via a hard coded IV, which is a type of vulnerability that can potentially increase the likelihood of encrypted data being recovered without adequate credentials.2018-08-29not yet calculatedCVE-2018-12240
BID
CONFIRMnpm -- moscaThis vulnerability allows remote attackers to deny service on vulnerable installations of npm mosca 2.8.1. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of topics. A crafted regular expression can cause the broker to crash. An attacker can leverage this vulnerability to deny access to the target system. Was ZDI-CAN-6306.2018-08-30not yet calculatedCVE-2018-11615
MISCnvidia -- geforce_experienceNVIDIA GeForce Experience all versions prior to 3.14.1 contains a potential vulnerability when GameStream is enabled where improper access control may lead to a denial of service, escalation of privileges, or both.2018-08-31not yet calculatedCVE-2018-6257
CONFIRMnvidia -- geforce_experienceNVIDIA GeForce Experience all versions prior to 3.14.1 contains a potential vulnerability during GameStream installation where an attacker who has system access can potentially conduct a Man-in-the-Middle (MitM) attack to obtain sensitive information.2018-08-31not yet calculatedCVE-2018-6258
CONFIRMnvidia -- geforce_experienceNVIDIA GeForce Experience all versions prior to 3.14.1 contains a potential vulnerability when GameStream is enabled, an attacker has system access, and certain system features are enabled, where limited information disclosure may be possible.2018-08-31not yet calculatedCVE-2018-6259
CONFIRMopen_whisper -- signal_appThe image rendering component (createGenericPreview) of the Open Whisper Signal app through 2.29.0 for iOS fails to check for unreasonably large images before manipulating received images. This allows for a large image sent to a user to exhaust all available memory when the image is displayed, resulting in a forced restart of the device.2018-08-29not yet calculatedCVE-2018-16132
MISCopenssh -- opensshRemotely observable behaviour in auth-gss2.c in OpenSSH through 7.8 could be used by remote attackers to detect existence of users on a target system when GSS2 is in use. NOTE: the discoverer states 'We understand that the OpenSSH developers do not want to treat such a username enumeration (or "oracle") as a vulnerability.'2018-08-28not yet calculatedCVE-2018-15919
MISC
BIDopenstack-cinder -- openstack-cinder
A vulnerability was found in openstack-cinder releases up to and including Queens, allowing newly created volumes in certain storage volume configurations to contain previous data. It specifically affects ScaleIO volumes using thin volumes and zero padding. This could lead to leakage of sensitive information between tenants.2018-08-27not yet calculatedCVE-2017-15139
CONFIRM
MISCopswat -- metadefenderOPSWAT MetaDefender before v4.11.2 allows CSV injection.2018-08-31not yet calculatedCVE-2018-16275
CONFIRMorbic -- wonder_orbic_release-keys_devicesAn issue was discovered on Orbic Wonder Orbic/RC555L/RC555L:7.1.2/N2G47H/329100b:user/release-keys devices, allowing attackers to obtain sensitive information (such as text-message content) by reading a copy of the Android log on the SD card. The system-wide Android logs are not directly available to third-party apps since they tend to contain sensitive data. Third-party apps can read from the log but only the log messages that the app itself has written. Certain apps can leak data to the Android log due to not sanitizing log messages, which is in an insecure programming practice. Pre-installed system apps and apps that are signed with the framework key can read from the system-wide Android log. We found a pre-installed app on the Orbic Wonder that when started via an Intent will write the Android log to the SD card, also known as external storage, via com.ckt.mmitest.MmiMainActivity. Any app that requests the READ_EXTERNAL_STORAGE permission can read from the SD card. Therefore, a local app on the device can quickly start a specific component in the pre-installed system app to have the Android log written to the SD card. Therefore, any app co-located on the device with the READ_EXTERNAL_STORAGE permission can obtain the data contained within the Android log and continually monitor it and mine the log for relevant data. In addition, the default messaging app (com.android.mms) writes the body of sent and received text messages to the Android log, as well as the recipient phone number for sent text messages and the sending phone number for received text messages. In addition, any call data contains phone numbers for sent and received calls.2018-08-29not yet calculatedCVE-2018-6599
MISCorbic -- wonder_orbic_release-keys_devicesAn issue was discovered on Orbic Wonder Orbic/RC555L/RC555L:7.1.2/N2G47H/329100b:user/release-keys devices. Any app co-located on the device can send an intent to factory reset the device programmatically because of com.android.server.MasterClearReceiver. This does not require any user interaction and does not require any permission to perform. A factory reset will remove all user data from the device. This will result in the loss of any data that the user has not backed up or synced externally. This capability to perform a factory reset is not directly available to third-party apps (those that the user installs themselves), although this capability is present in an unprotected component of the Android OS. This vulnerability is not present in Google's Android Open Source Project (AOSP) code. Therefore, it was introduced by Orbic or another entity in the supply chain.2018-08-29not yet calculatedCVE-2018-6598
MISCovation -- findmeOvation FindMe 1.4-1083-1 is intended to support transmission of network traffic from covert video recorders but does not properly disrupt binary analysis for discovering the product's capabilities or purpose. This makes it easier for adversaries to detect the covert operation. Specifically, the product uses a compression technique to prevent the identification of certain libraries in the software by obfuscation. The software relies on a TLS callback and an additional executable file to enable these libraries and their access to certain websites. The unpacked software can be exploited by several different types of documented techniques.2018-08-26not yet calculatedCVE-2018-15885
MISCpandao -- editor.mdPandao Editor.md 1.5.0 allows XSS via crafted attributes of an invalid IMG element.2018-09-01not yet calculatedCVE-2018-16330
MISCpango -- pango
libpango in Pango 1.40.8 through 1.42.3, as used in hexchat and other products, allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via crafted text with invalid Unicode sequences.2018-08-24not yet calculatedCVE-2018-15120
MISC
CONFIRM
CONFIRM
MLIST
UBUNTU
EXPLOIT-DBpdf-xchange -- editorPDF-XChange Editor through 7.0.326.1 allows remote attackers to cause a denial of service (resource consumption) via a crafted x:xmpmeta structure, a related issue to CVE-2003-1564.2018-09-01not yet calculatedCVE-2018-16303
MISCphpkaiyuancms -- phpopensourcecmsphpkaiyuancms PhpOpenSourceCMS (POSCMS) V3.2.0 allows an unauthenticated user to execute arbitrary SQL commands via the diy/module/member/controllers/Api.php ajax_save_draft function with the dir parameter.2018-08-31not yet calculatedCVE-2018-16278
MISCphpmyadmin -- phpmyadminAn issue was discovered in phpMyAdmin before 4.8.3. A Cross-Site Scripting vulnerability has been found where an attacker can use a crafted file to manipulate an authenticated user who loads that file through the import feature.2018-08-24not yet calculatedCVE-2018-15605
BID
SECTRACK
CONFIRM
CONFIRMphpmyfaq -- phpmyfaqphpMyFAQ before 2.8.13 allows remote authenticated users with admin privileges to bypass authorization via a crafted instance ID parameter.2018-08-28not yet calculatedCVE-2014-6049
MISC
CONFIRMphpmyfaq -- phpmyfaqphpMyFAQ before 2.8.13 allows remote authenticated users with certain permissions to read arbitrary attachments by leveraging incorrect "download an attachment" permission checks.2018-08-28not yet calculatedCVE-2014-6047
MISC
CONFIRMphpmyfaq -- phpmyfaqSQL injection vulnerability in phpMyFAQ before 2.8.13 allows remote authenticated users with certain permissions to execute arbitrary SQL commands via vectors involving the restore function.2018-08-28not yet calculatedCVE-2014-6045
MISC
CONFIRMphpmyfaq -- phpmyfaqMultiple cross-site request forgery (CSRF) vulnerabilities in phpMyFAQ before 2.8.13 allow remote attackers to hijack the authentication of unspecified users for requests that (1) delete active users by leveraging improper validation of CSRF tokens or that (2) delete open questions, (3) activate users, (4) publish FAQs, (5) add or delete Glossary, (6) add or delete FAQ news, or (7) add or delete comments or add votes by leveraging lack of a CSRF token.2018-08-28not yet calculatedCVE-2014-6046
MISC
CONFIRMphpmyfaq -- phpmyfaqphpMyFAQ before 2.8.2018-08-28not yet calculatedCVE-2014-6050
MISC
CONFIRMphpmyfaq -- phpmyfaqphpMyFAQ before 2.8.13 allows remote attackers to read arbitrary attachments via a direct request.2018-08-28not yet calculatedCVE-2014-6048
MISC
CONFIRMphpok -- phpokPHPOK 4.8.278 has a Reflected XSS vulnerability in framework/www/login_control.php via the _back parameter to the ok_f function.2018-08-30not yet calculatedCVE-2018-16142
MISCphpscriptsmall.com -- website_seller_scriptPHP Scripts Mall Website Seller Script 2.0.5 allows remote attackers to cause a denial of service via crafted JavaScript code in the First Name, Last Name, Company Name, or Fax field, as demonstrated by crossPwn.2018-08-28not yet calculatedCVE-2018-15897
MISCphpscriptsmall.com -- website_seller_scriptPHP Scripts Mall Website Seller Script 2.0.5 has XSS via Personal Address or Company Name.2018-08-28not yet calculatedCVE-2018-15896
MISCpodofo -- podofo
In podofo 0.9.6, the function PoDoFo::PdfParser::ReadObjects() in base/PdfParser.cpp can cause the program to be aborted, because PoDoFo::PdfVecObjects::Reserve() in base/PdfVecObjects.h can be called with a large size value. Remote attackers could leverage this vulnerability to cause a denial-of-service via a crafted pdf file.2018-08-26not yet calculatedCVE-2018-15889
MISC
MISCportainer -- portainerA stored Cross-site scripting (XSS) vulnerability in Portainer through 1.19.1 allows remote authenticated users to inject arbitrary JavaScript and/or HTML via the Team Name field.2018-09-01not yet calculatedCVE-2018-16316
MISCpostgresql-jdbc -- postgresql-jdbc
A weakness was found in postgresql-jdbc before version 42.2.5. It was possible to provide an SSL Factory and not check the host name if a host name verifier was not provided to the driver. This could lead to a condition where a man-in-the-middle attacker could masquerade as a trusted server by providing a certificate for the wrong host, as long as it was signed by a trusted CA.2018-08-30not yet calculatedCVE-2018-10936
CONFIRM
CONFIRMqemu -- qemuqemu-seccomp.c in QEMU might allow local OS guest users to cause a denial of service (guest crash) by leveraging mishandling of the seccomp policy for threads other than the main thread.2018-08-29not yet calculatedCVE-2018-15746
MLIST
MLISTqnap -- photo_stationCross-site scripting vulnerability in QNAP Photo Station versions 5.7.0 and earlier could allow remote attackers to inject Javascript code in the compromised application.2018-08-27not yet calculatedCVE-2018-0715
CONFIRMresponsive_filemanager -- responsive_filemanager/filemanager/ajax_calls.php in tecrail Responsive FileManager before 9.13.4 uses external input to construct a pathname that should be within a restricted directory, but it does not properly neutralize get_file sequences such as ".." that can resolve to a location that is outside of that directory, aka Directory Traversal.2018-08-24not yet calculatedCVE-2018-15535
FULLDISC
EXPLOIT-DBresponsive_filemanager -- responsive_filemanager/filemanager/ajax_calls.php in tecrail Responsive FileManager before 9.13.4 does not properly validate file paths in archives, allowing for the extraction of crafted archives to overwrite arbitrary files via an extract action, aka Directory Traversal.2018-08-24not yet calculatedCVE-2018-15536
FULLDISC
EXPLOIT-DBricoh -- mp_c4504ex_devicesRICOH MP C4504ex devices allow HTML Injection via the /web/entry/en/address/adrsSetUserWizard.cgi entryNameIn parameter.2018-08-28not yet calculatedCVE-2018-15884
MISC
EXPLOIT-DBrsa -- bsafe_micro_edition_suiteRSA BSAFE Micro Edition Suite, version 4.1.6, contains an integer overflow vulnerability. A remote attacker could use maliciously constructed ASN.1 data to potentially cause a Denial Of Service.2018-08-31not yet calculatedCVE-2018-11054
FULLDISCrsa -- bsafe_micro_edition_suiteRSA BSAFE Micro Edition Suite, versions prior to 4.0.11 (in 4.0.x) and prior to 4.1.6.1 (in 4.1.x), contains an Improper Clearing of Heap Memory Before Release ('Heap Inspection') vulnerability. Decoded PKCS #12 data in heap memory is not zeroized by MES before releasing the memory internally and a malicious local user could gain access to the unauthorized data by doing heap inspection.2018-08-31not yet calculatedCVE-2018-11055
FULLDISCrsa -- bsafe_micro_edition_suiteRSA BSAFE Micro Edition Suite, prior to 4.1.6.1 (in 4.1.x), and RSA BSAFE Crypto-C Micro Edition versions prior to 4.0.5.3 (in 4.0.x) contain an Uncontrolled Resource Consumption ('Resource Exhaustion') vulnerability when parsing ASN.1 data. A remote attacker could use maliciously constructed ASN.1 data that would exhaust the stack, potentially causing a Denial Of Service.2018-08-31not yet calculatedCVE-2018-11056
FULLDISCrsa -- bsafe_micro_edition_suiteRSA BSAFE Micro Edition Suite, versions prior to 4.0.11 (in 4.0.x) and prior to 4.1.6.1 (in 4.1.x) contains a Covert Timing Channel vulnerability during RSA decryption, also known as a Bleichenbacher attack on RSA decryption. A remote attacker may be able to recover a RSA key.2018-08-31not yet calculatedCVE-2018-11057
FULLDISCsamsung -- smartthings_hub_sth-eth-250_firmwareAn exploitable integer underflow vulnerability exists in the ZigBee firmware update routine of the hubCore binary of the Samsung SmartThings Hub STH-ETH-250 - Firmware version 0.20.17. The hubCore process incorrectly handles malformed files existing in its data directory, leading to an infinite loop, which eventually causes the process to crash. An attacker can send an HTTP request to trigger this vulnerability.2018-08-28not yet calculatedCVE-2018-3926
BID
MISCsamsung -- smartthings_hub_sth-eth-250_firmwareAn exploitable information disclosure vulnerability exists in the crash handler of the hubCore binary of the Samsung SmartThings Hub STH-ETH-250 - Firmware version 0.20.17. When hubCore crashes, Google Breakpad is used to record minidumps, which are sent over an insecure HTTPS connection to the backtrace.io service, leading to the exposure of sensitive data. An attacker can impersonate the remote backtrace.io server in order to trigger this vulnerability.2018-08-27not yet calculatedCVE-2018-3927
MISCsamsung -- smartthings_hub_sth-eth-250_firmwareAn exploitable buffer overflow vulnerability exists in the /cameras/XXXX/clips handler of video-core's HTTP server of Samsung SmartThings Hub STH-ETH-250 - Firmware version 0.20.17. The video-core process incorrectly extracts fields from a user-controlled JSON payload, leading to a buffer overflow on the stack. An attacker can send an HTTP request to trigger this vulnerability.2018-08-27not yet calculatedCVE-2018-3893
MISCsamsung -- smartthings_hub_sth-eth-250_firmwareAn exploitable buffer overflow vulnerability exists in the camera 'update' feature of video-core's HTTP server of Samsung SmartThings Hub STH-ETH-250 - Firmware version 0.20.17. The video-core process incorrectly extracts fields from a user-controlled JSON payload, leading to a buffer overflow on the stack. An attacker can send an HTTP request to trigger this vulnerability.2018-08-27not yet calculatedCVE-2018-3904
MISCsamsung -- smartthings_hub_sth-eth-250_firmwareAn exploitable vulnerability exists in the remote servers of Samsung SmartThings Hub STH-ETH-250 - Firmware version 0.20.17. The hubCore process listens on port 39500 and relays any unauthenticated messages to SmartThings' remote servers, which incorrectly handle camera IDs for the 'sync' operation, leading to arbitrary deletion of cameras. An attacker can send an HTTP request to trigger this vulnerability.2018-08-27not yet calculatedCVE-2018-3918
MISCsamsung -- smartthings_hub_sth-eth-250_firmwareAn exploitable vulnerability exists in the REST parser of video-core's HTTP server of the Samsung SmartThings Hub STH-ETH-250-Firmware version 0.20.17. The video-core process incorrectly handles pipelined HTTP requests, which allows successive requests to overwrite the previously parsed HTTP method, URL and body. With the implementation of the on_body callback, defined by sub_41734, an attacker can send an HTTP request to trigger this vulnerability.2018-08-28not yet calculatedCVE-2018-3908
MISCsamsung -- smartthings_hub_sth-eth-250_firmwareAn exploitable buffer overflow vulnerability exists in the /cameras/XXXX/clips handler of video-core's HTTP server of Samsung SmartThings Hub STH-ETH-250 Firmware version 0.20.17. The strncpy call overflows the destination buffer, which has a size of 52 bytes. An attacker can send an arbitrarily long 'endTime' value in order to exploit this vulnerability. An attacker can send an HTTP request to trigger this vulnerability.2018-08-28not yet calculatedCVE-2018-3895
MISCsamsung -- smartthings_hub_sth-eth-250_firmwareAn exploitable stack-based buffer overflow vulnerability exists in the retrieval of database fields in the video-core HTTP server of the Samsung SmartThings Hub STH-ETH-250 - Firmware version 0.20.17. The strcpy call overflows the destination buffer, which has a size of 136 bytes. An attacker can send an arbitrarily long 'directory' value in order to exploit this vulnerability. An attacker can send an HTTP request to trigger this vulnerability.2018-08-28not yet calculatedCVE-2018-3916
MISCschneider_electric -- modicon_m221A Permissions, Privileges, and Access Control vulnerability exists in Schneider Electric's Modicon M221 product (all references, all versions prior to firmware V1.6.2.0). The vulnerability allows unauthorized users to overwrite the original password with their password. If an attacker exploits this vulnerability and overwrite the password, the attacker can upload the original program from the PLC.2018-08-29not yet calculatedCVE-2018-7791
BID
CONFIRMschneider_electric -- modicon_m221An Improper Check for Unusual or Exceptional Conditions vulnerability exists in Schneider Electric's Modicon M221 product (all references, all versions prior to firmware V1.6.2.0). The vulnerability allows unauthorized users to remotely reboot Modicon M221 using crafted programing protocol frames.2018-08-29not yet calculatedCVE-2018-7789
BID
MISC
CONFIRMschneider_electric -- modicon_m221An Information Management Error vulnerability exists in Schneider Electric's Modicon M221 product (all references, all versions prior to firmware V1.6.2.0). The vulnerability allows unauthorized users to replay authentication sequences. If an attacker exploits this vulnerability and connects to a Modicon M221, the attacker can upload the original program from the PLC.2018-08-29not yet calculatedCVE-2018-7790
BID
CONFIRMschneider_electric -- modicon_m221A Permissions, Privileges, and Access Control vulnerability exists in Schneider Electric's Modicon M221 product (all references, all versions prior to firmware V1.6.2.0). The vulnerability allows unauthorized users to decode the password using rainbow table.2018-08-29not yet calculatedCVE-2018-7792
BID
CONFIRMschneider_electric -- powerlogicA Cross Protocol Injection vulnerability exists in Schneider Electric's PowerLogic (PM5560 prior to FW version 2.5.4) product. The vulnerability makes the product susceptible to cross site scripting attack on its web browser. User inputs can be manipulated to cause execution of java script code.2018-08-29not yet calculatedCVE-2018-7795
BID
MISC
CONFIRMsentrifugo -- sentrifugo
A SQL Injection issue was discovered in Sentrifugo 3.2 via the deptid parameter.2018-08-28not yet calculatedCVE-2018-15873
MISCsimplehttpserver -- simplehttpserver
Path traversal in simplehttpserver <v0.2.1 allows listing any file on the server.2018-08-31not yet calculatedCVE-2018-3787
MISCsubrion -- subrionThere is Stored XSS in Subrion 4.2.1 via the admin panel URL configuration.2018-09-01not yet calculatedCVE-2018-16327
MISCtechnicolor -- tc8305c_devicesTechnicolor (formerly RCA) TC8305C devices allow remote attackers to cause a denial of service (networking outage) via a flood of random MAC addresses, as demonstrated by macof. NOTE: this might overlap CVE-2018-15852.2018-08-29not yet calculatedCVE-2018-15907
MISCtencent -- foxmailThis vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Tencent Foxmail 7.2.9.115. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing of URI handlers. The issue results from the lack of proper validation of a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code under the context of the current process. Was ZDI-CAN-5543.2018-08-30not yet calculatedCVE-2018-11616
MISC

tenda -- multiple_routers

An issue was discovered on Tenda AC7 V15.03.06.44_CN, AC9 V15.03.05.19(6318)_CN, AC10 V15.03.06.23_CN, AC15 V15.03.05.19_CN, and AC18 V15.03.05.19(6318)_CN devices. There is a buffer overflow vulnerability in the router's web server. While processing the ssid parameter for a POST request, the value is directly used in a sprintf call to a local variable placed on the stack, which overrides the return address of the function, causing a buffer overflow.2018-09-01not yet calculatedCVE-2018-16333
MISCtenda -- multiple_routersAn issue was discovered on Tenda AC9 V15.03.05.19(6318)_CN and AC10 V15.03.06.23_CN devices. The mac parameter in a POST request is used directly in a doSystemCmd call, causing OS command injection.2018-09-01not yet calculatedCVE-2018-16334
MISCthinkcmf -- thinkcmfThinkCMF X2.2.3 has an arbitrary file deletion vulnerability in do_avatar in \application\User\Controller\ProfileController.class.php via an imgurl parameter with a ..\ sequence. A member user can delete any file on a Windows server.2018-08-30not yet calculatedCVE-2018-16141
MISCtrend_micro -- officescan_xgA Named Pipe Request Processing Out-of-Bounds Read Information Disclosure vulnerability in Trend Micro OfficeScan XG (12.0) could allow a local attacker to disclose sensitive information on vulnerable installations. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit the vulnerability.2018-08-30not yet calculatedCVE-2018-15364
CONFIRM
MISCtrend_micro -- securityA Deserialization of Untrusted Data Privilege Escalation vulnerability in Trend Micro Security 2018 (Consumer) products could allow a local attacker to escalate privileges on vulnerable installations. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit the vulnerability.2018-08-30not yet calculatedCVE-2018-10513
CONFIRM
MISCtrend_micro -- securityAn Out-of-Bounds Read Privilege Escalation vulnerability in Trend Micro Security 2018 (Consumer) products could allow a local attacker to escalate privileges on vulnerable installations. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit the vulnerability.2018-08-30not yet calculatedCVE-2018-15363
CONFIRM
MISCtrend_micro -- securityA Missing Impersonation Privilege Escalation vulnerability in Trend Micro Security 2018 (Consumer) products could allow a local attacker to escalate privileges on vulnerable installations. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit the vulnerability.2018-08-30not yet calculatedCVE-2018-10514
CONFIRM
MISCumbraco -- umbraco
Umbraco before 7.2.0 has a remote PHP code execution vulnerability because Umbraco.Web.UI/config/umbracoSettings.Release.config does not block the upload of .php files.2018-08-27not yet calculatedCVE-2014-10074
MISC
MISCvanilla -- vanilla
In Vanilla before 2.6.1, the polling functionality allows Insecure Direct Object Reference (IDOR) via the Poll ID, leading to the ability of a single user to select multiple Poll Options (e.g., vote for multiple items).2018-08-26not yet calculatedCVE-2018-15833
MISC
MISC
MISC
MISCvisiology -- flipbox_software_suiteVisiology Flipbox Software Suite before 2.7.0 allows directory traversal via %5c%2e%2e%2f because it does not sanitize filename parameters.2018-08-27not yet calculatedCVE-2018-15810
MISC
MISCvivotek -- multiple_devicesVarious VIVOTEK FD8*, FD9*, FE9*, IB8*, IB9*, IP9*, IZ9*, MS9*, SD9*, and other devices before XXXXXX-VVTK-xx06a allow remote attackers to execute arbitrary code.2018-08-29not yet calculatedCVE-2018-14768
CONFIRM
CONFIRMwaimai -- super_cmsIn waimai Super Cms 20150505, there is a CSRF vulnerability that can change the configuration via admin.php?m=Config&a=add.2018-09-01not yet calculatedCVE-2018-16315
MISCwaimai -- super_cmswaimai Super Cms 20150505 has a logic flaw allowing attackers to modify a price, before form submission, by observing data in a packet capture. By setting the index.php?m=cart&a=save item_totals parameter to zero, the entire cart is sold for free.2018-08-30not yet calculatedCVE-2018-16157
MISCwireshark -- wiresharkIn Wireshark 2.6.0 to 2.6.2, 2.4.0 to 2.4.8, and 2.2.0 to 2.2.16, the Bluetooth AVDTP dissector could crash. This was addressed in epan/dissectors/packet-btavdtp.c by properly initializing a data structure.2018-08-29not yet calculatedCVE-2018-16058
BID
MISC
MISC
MISCwireshark -- wiresharkIn Wireshark 2.6.0 to 2.6.2, 2.4.0 to 2.4.8, and 2.2.0 to 2.2.16, the Radiotap dissector could crash. This was addressed in epan/dissectors/packet-ieee80211-radiotap-iter.c by validating iterator operations.2018-08-29not yet calculated