Security Vulnerabilities - CVEs Published In January 2019
In Pydio before 8.2.2, an attack is possible via PHP Object Injection because a user is allowed to use the $phpserial$a:0:{} syntax to store a preference. An attacker either needs a "public link" of a file, or access to any unprivileged user account for creation of such a link.
CVSS Score
9.8
EPSS Score
0.094
Published
2019-01-15
In Tiki before 17.2, the user task component is vulnerable to a SQL Injection via the tiki-user_tasks.php show_history parameter.
CVSS Score
8.8
EPSS Score
0.002
Published
2019-01-15
A vulnerability was found in sssd. If a user was configured with no home directory set, sssd would return '/' (the root directory) instead of '' (the empty string / no home directory). This could impact services that restrict the user's filesystem access to within their home directory through chroot() etc. All versions before 2.1 are vulnerable.
CVSS Score
4.1
EPSS Score
0.002
Published
2019-01-15
An issue was discovered in EasyCMS 1.5. There is CSRF via the index.php?s=/admin/articlem/insert/navTabId/listarticle/callbackType/closeCurrent URI.
CVSS Score
8.8
EPSS Score
0.001
Published
2019-01-15
Cleanto 5.0 has SQL Injection via the assets/lib/service_method_ajax.php service_id parameter.
CVSS Score
9.8
EPSS Score
0.003
Published
2019-01-15
Cleanto 5.0 has SQL Injection via the assets/lib/export_ajax.php id parameter.
CVSS Score
9.8
EPSS Score
0.002
Published
2019-01-15
uploads/include/dialog/select_soft.php in DedeCMS V57_UTF8_SP2 allows remote attackers to execute arbitrary PHP code by uploading with a safe file extension and then renaming with a mixed-case variation of the .php extension, as demonstrated by the 1.pHP filename.
CVSS Score
8.8
EPSS Score
0.009
Published
2019-01-15
A heap-based buffer over-read exists in the function d_expression_1 in cp-demangle.c in GNU libiberty, as distributed in GNU Binutils 2.31.1. A crafted input can cause segmentation faults, leading to denial-of-service, as demonstrated by c++filt.
CVSS Score
6.5
EPSS Score
0.011
Published
2019-01-15
The Premium WP Suite Easy Redirect Manager plugin 28.07-17 for WordPress has XSS via a crafted GET request that is mishandled during log viewing at the templates/admin/redirect-log.php URI.
CVSS Score
6.1
EPSS Score
0.003
Published
2019-01-15
An infinite recursion issue was discovered in eval.c in Netwide Assembler (NASM) through 2.14.02. There is a stack exhaustion problem resulting from infinite recursion in the functions expr, rexp, bexpr and cexpr in certain scenarios involving lots of '{' characters. Remote attackers could leverage this vulnerability to cause a denial-of-service via a crafted asm file.
CVSS Score
5.5
EPSS Score
0.002
Published
2019-01-15