Security Vulnerabilities - CVEs Published In June 2018
The Java implementations of AMF3 deserializers in WebORB for Java by Midnight Coders, version 5.1.1.0, derive class instances from java.io.Externalizable rather than the AMF3 specification's recommendation of flash.utils.IExternalizable. A remote attacker with the ability to spoof or control an RMI server connection may be able to send serialized Java objects that execute arbitrary code when deserialized.
CVSS Score
9.8
EPSS Score
0.075
Published
2018-06-11
The Java implementation of AMF3 deserializers used by WebORB for Java by Midnight Coders, version 5.1.1.0, allows external entity references (XXEs) from XML documents embedded within AMF3 messages. If the XML parsing is handled incorrectly it could potentially expose sensitive data on the server, denial of service, or server side request forgery.
CVSS Score
9.8
EPSS Score
0.018
Published
2018-06-11
A vulnerability in open build service allows remote attackers to gain access to source files even though source access is disabled. Affected releases are SUSE open build service up to and including version 2.1.15 (for 2.1) and before version 2.3.
CVSS Score
4.3
EPSS Score
0.002
Published
2018-06-11
md_build_attribute in md4c.c in md4c 0.2.6 allows remote attackers to cause a denial of service (Segmentation fault and application crash) or possibly have unspecified other impact via a crafted file.
CVSS Score
7.8
EPSS Score
0.002
Published
2018-06-11
md4c 0.2.6 has a NULL pointer dereference in the function md_process_line in md4c.c, related to ctx->current_block.
CVSS Score
5.5
EPSS Score
0.001
Published
2018-06-11
An issue was discovered in Dropbox Lepton 1.2.1. The validateAndCompress function in validation.cc allows remote attackers to cause a denial of service (SIGFPE and application crash) via a malformed file.
CVSS Score
5.5
EPSS Score
0.002
Published
2018-06-11
An issue was discovered in Free Lossless Image Format (FLIF) 0.3. The TransformPaletteC<FileIO>::process function in transform/palette_C.hpp allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted PAM image file.
CVSS Score
7.8
EPSS Score
0.003
Published
2018-06-11
portfolioCMS 1.0.5 has SQL Injection via the admin/portfolio.php preview parameter.
CVSS Score
7.2
EPSS Score
0.003
Published
2018-06-11
Cross-site scripting (XSS) vulnerability in the Canon PrintMe EFI webinterface allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO to the /wt3/mydocs.php URI.
CVSS Score
6.1
EPSS Score
0.003
Published
2018-06-11
tinyexr 0.9.5 has a heap-based buffer over-read in tinyexr::DecodePixelData in tinyexr.h, related to OpenEXR code.
CVSS Score
9.8
EPSS Score
0.004
Published
2018-06-11