Security Vulnerabilities - CVEs Published In July 2018
In Nextcloud Contacts before 2.1.2, a missing sanitization of search results for an autocomplete field could lead to a stored XSS requiring user-interaction. The missing sanitization only affected group names, hence malicious search results could only be crafted by privileged users like admins or group admins.
CVSS Score
4.8
EPSS Score
0.003
Published
2018-07-05
Path traversal in buttle module versions <= 0.2.0 allows to read any file in the server.
CVSS Score
7.5
EPSS Score
0.006
Published
2018-07-05
`memjs` versions <= 1.1.0 allocates and stores buffers on typed input, resulting in DoS and uninitialized memory usage.
CVSS Score
9.1
EPSS Score
0.004
Published
2018-07-05
ruby-grape ruby gem suffers from a cross-site scripting (XSS) vulnerability via "format" parameter.
CVSS Score
6.1
EPSS Score
0.004
Published
2018-07-05
libming 0.4.8 has a NULL pointer dereference in the getString function of the decompile.c file, related to decompileSTRINGCONCAT. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted swf file.
CVSS Score
6.5
EPSS Score
0.004
Published
2018-07-05
In libming 0.4.8, there is an excessive memory allocation attempt in the readBytes function of the util/read.c file, related to parseSWF_DEFINEBITSJPEG2. Remote attackers could leverage this vulnerability to cause a denial-of-service via a crafted swf file.
CVSS Score
6.5
EPSS Score
0.004
Published
2018-07-05
This vulnerability in Apache Solr 6.0.0 to 6.6.4 and 7.0.0 to 7.3.1 relates to an XML external entity expansion (XXE) in Solr config files (currency.xml, enumsConfig.xml referred from schema.xml, TIKA parsecontext config file). In addition, Xinclude functionality provided in these config files is also affected in a similar way. The vulnerability can be used as XXE using file/ftp/http protocols in order to read arbitrary local files from the Solr server or the internal network. The manipulated files can be uploaded as configsets using Solr's API, allowing to exploit that vulnerability.
CVSS Score
5.5
EPSS Score
0.043
Published
2018-07-05
Improper authorization vulnerability in Highlight Preview in Synology Universal Search before 1.0.5-0135 allows remote authenticated users to bypass permission checks for directories in POSIX mode.
CVSS Score
6.5
EPSS Score
0.001
Published
2018-07-05
In atomic-openshift before version 3.10.9 a malicious network-policy configuration can cause Openshift Routing to crash when using ovs-networkpolicy plugin. An attacker can use this flaw to cause a Denial of Service (DoS) attack on an Openshift 3.9, or 3.7 Cluster.
CVSS Score
6.5
EPSS Score
0.004
Published
2018-07-05
Versions of Apache CXF Fediz prior to 1.4.4 do not fully disable Document Type Declarations (DTDs) when either parsing the Identity Provider response in the application plugins, or in the Identity Provider itself when parsing certain XML-based parameters.
CVSS Score
7.5
EPSS Score
0.407
Published
2018-07-05