Security Vulnerabilities - CVEs Published In February 2018
An issue was discovered in QPDF before 7.0.0. There is a large heap-based out-of-bounds read in the Pl_Buffer::write function in Pl_Buffer.cc. It is caused by an integer overflow in the PNG filter.
CVSS Score
5.5
EPSS Score
0.002
Published
2018-02-13
An issue was discovered in QPDF before 7.0.0. There is an infinite loop due to looping xref tables in QPDF.cc.
CVSS Score
5.5
EPSS Score
0.003
Published
2018-02-13
An issue was discovered in GNU patch through 2.7.6. There is a segmentation fault, associated with a NULL pointer dereference, leading to a denial of service in the intuit_diff_type function in pch.c, aka a "mangled rename" issue.
CVSS Score
7.5
EPSS Score
0.231
Published
2018-02-13
A double free exists in the another_hunk function in pch.c in GNU patch through 2.7.6.
CVSS Score
7.5
EPSS Score
0.111
Published
2018-02-13
PHP Scripts Mall News Website Script 2.0.4 has SQL Injection via a search term.
CVSS Score
9.8
EPSS Score
0.002
Published
2018-02-13
In CCN-lite 2, the function ccnl_prefix_to_str_detailed can cause a buffer overflow, when writing a prefix to the buffer buf. The maximal size of the prefix is CCNL_MAX_PREFIX_SIZE; the buffer has the size CCNL_MAX_PREFIX_SIZE. However, when NFN is enabled, additional characters are written to the buffer (e.g., the "NFN" and "R2C" tags). Therefore, sending an NFN-R2C packet with a prefix of size CCNL_MAX_PREFIX_SIZE can cause an overflow of buf inside ccnl_prefix_to_str_detailed.
CVSS Score
9.8
EPSS Score
0.005
Published
2018-02-13
ARM mbed TLS before 1.3.22, before 2.1.10, and before 2.7.0 allows remote attackers to execute arbitrary code or cause a denial of service (buffer overflow) via a crafted certificate chain that is mishandled during RSASSA-PSS signature verification within a TLS or DTLS session.
CVSS Score
9.8
EPSS Score
0.143
Published
2018-02-13
ARM mbed TLS before 1.3.22, before 2.1.10, and before 2.7.0, when the truncated HMAC extension and CBC are used, allows remote attackers to execute arbitrary code or cause a denial of service (heap corruption) via a crafted application packet within a TLS or DTLS session.
CVSS Score
9.8
EPSS Score
0.05
Published
2018-02-13
The VBWinExec function in Node\AspVBObj.dll in Advantech WebAccess 8.3.0 allows remote attackers to execute arbitrary OS commands via a single argument (aka the command parameter).
CVSS Score
9.8
EPSS Score
0.302
Published
2018-02-13
Remote Code Execution in Saperion Web Client version 7.5.2 83166.
CVSS Score
9.8
EPSS Score
0.038
Published
2018-02-13