Security Vulnerabilities - CVEs Published In March 2018
QCMS version 3.0 has XSS via the title parameter to the /guest/index.html URI.
CVSS Score
5.4
EPSS Score
0.002
Published
2018-03-12
The Gentoo net-im/jabberd2 package through 2.6.1 installs jabberd, jabberd2-c2s, jabberd2-router, jabberd2-s2s, and jabberd2-sm in /usr/bin owned by the jabber account, which might allow local users to gain privileges by leveraging access to this account and then waiting for root to execute one of these programs.
CVSS Score
7.8
EPSS Score
0.0
Published
2018-03-12
The Gentoo net-im/jabberd2 package through 2.6.1 sets the ownership of /var/run/jabber to the jabber account, which might allow local users to kill arbitrary processes by leveraging access to this account for PID file modification before a root script executes a "kill -TERM `cat /var/run/jabber/filename.pid`" command.
CVSS Score
5.5
EPSS Score
0.0
Published
2018-03-12
TitanHQ WebTitan Gateway has incorrect certificate validation for the TLS interception feature.
CVSS Score
7.5
EPSS Score
0.001
Published
2018-03-12
An issue was discovered in the web server in Flexense SyncBreeze Enterprise 10.6.24. There is a user mode write access violation on the syncbrs.exe memory region that can be triggered by rapidly sending a variety of HTTP requests with long HTTP header values or long URIs.
CVSS Score
7.5
EPSS Score
0.772
Published
2018-03-12
In the Linux kernel before 4.15, fs/ocfs2/aops.c omits use of a semaphore and consequently has a race condition for access to the extent tree during read operations in DIRECT mode, which allows local users to cause a denial of service (BUG) by modifying a certain e_cpos field.
CVSS Score
4.7
EPSS Score
0.001
Published
2018-03-12
CMS Made Simple (CMSMS) 2.2.6 has stored XSS in admin/moduleinterface.php via the metadata parameter.
CVSS Score
4.8
EPSS Score
0.002
Published
2018-03-12
CMS Made Simple (CMSMS) 2.2.6 has XSS in admin/moduleinterface.php via the pagedata parameter.
CVSS Score
4.8
EPSS Score
0.002
Published
2018-03-12
LibTIFF 4.0.3 allows remote attackers to cause a denial of service (out-of-bounds write) or possibly have unspecified other impact via a crafted TIFF image, as demonstrated by failure of tif_next.c to verify that the BitsPerSample value is 2, and the t2p_sample_lab_signed_to_unsigned function in tiff2pdf.c.
CVSS Score
8.8
EPSS Score
0.008
Published
2018-03-12
The _TIFFmalloc function in tif_unix.c in LibTIFF 4.0.3 does not reject a zero size, which allows remote attackers to cause a denial of service (divide-by-zero error and application crash) via a crafted TIFF image that is mishandled by the TIFFWriteScanline function in tif_write.c, as demonstrated by tiffdither.
CVSS Score
6.5
EPSS Score
0.021
Published
2018-03-12