Security Vulnerabilities - CVEs Published In April 2018
An issue was discovered in WavPack 5.1.0 and earlier for DSDiff input. Out-of-bounds writes can occur because ParseDsdiffHeaderConfig in dsdiff.c does not validate the sizes of unknown chunks before attempting memory allocation, related to a lack of integer-overflow protection within a bytes_to_copy calculation and subsequent malloc call, leading to insufficient memory allocation.
CVSS Score
5.5
EPSS Score
0.006
Published
2018-04-29
An issue was discovered in WavPack 5.1.0 and earlier for W64 input. Out-of-bounds writes can occur because ParseWave64HeaderConfig in wave64.c does not validate the sizes of unknown chunks before attempting memory allocation, related to a lack of integer-overflow protection within a bytes_to_copy calculation and subsequent malloc call, leading to insufficient memory allocation.
CVSS Score
5.5
EPSS Score
0.004
Published
2018-04-29
An issue was discovered in LibRaw 0.18.9. There is a stack-based buffer overflow in the utf2char function in libraw_cxx.cpp.
CVSS Score
8.8
EPSS Score
0.021
Published
2018-04-29
An issue was discovered in LibRaw 0.18.9. There is an out-of-bounds read affecting the X3F property table list implementation in libraw_x3f.cpp and libraw_cxx.cpp.
CVSS Score
8.8
EPSS Score
0.005
Published
2018-04-29
EasyCMS 1.3 is prone to Stored XSS when posting an article; four fields are affected: title, keyword, abstract, and content, as demonstrated by the /admin/index/index.html#listarticle URI.
CVSS Score
5.4
EPSS Score
0.002
Published
2018-04-28
The transferFrom function of a smart contract implementation for Useless Ethereum Token (UET), an Ethereum ERC20 token, allows attackers to steal assets (e.g., transfer all victims' balances into their account) because certain computations involving _value are incorrect, as exploited in the wild starting in December 2017, aka the "transferFlaw" issue.
CVSS Score
7.5
EPSS Score
0.003
Published
2018-04-28
Seagate Media Server in Seagate Personal Cloud before 4.3.18.4 has directory traversal in getPhotoPlaylistPhotos.psp via a parameter named url.
CVSS Score
7.5
EPSS Score
0.058
Published
2018-04-28
In CMS Made Simple (CMSMS) through 2.2.7, the "file unpack" operation in the admin dashboard contains a remote code execution vulnerability exploitable by an admin user because a .php file can be present in the extracted ZIP archive.
CVSS Score
7.2
EPSS Score
0.027
Published
2018-04-27
In CMS Made Simple (CMSMS) through 2.2.7, the "file rename" operation in the admin dashboard contains a sensitive information disclosure vulnerability, exploitable by an admin user, that can cause DoS by moving config.php to the upload/ directory.
CVSS Score
6.5
EPSS Score
0.004
Published
2018-04-27
In CMS Made Simple (CMSMS) through 2.2.7, the "module import" operation in the admin dashboard contains a remote code execution vulnerability, exploitable by an admin user, because an XML Package can contain base64-encoded PHP code in a data element.
CVSS Score
7.2
EPSS Score
0.185
Published
2018-04-27