Security Vulnerabilities - CVEs Published In October 2018
OpenJPEG 2.3.0 has a NULL pointer dereference for "red" in the imagetopnm function of jp2/convert.c
CVSS Score
6.5
EPSS Score
0.01
Published
2018-10-09
An issue was discovered in GoPro gpmf-parser before 1.2.1. There is a divide-by-zero error in GPMF_ScaledData in GPMF_parser.c.
CVSS Score
5.5
EPSS Score
0.003
Published
2018-10-09
Cross-site request forgery (CSRF) vulnerability in /admin.php?c=member&m=edit&uid=1 in dayrui FineCms 5.4 allows remote attackers to change the administrator's password.
CVSS Score
8.8
EPSS Score
0.002
Published
2018-10-09
XSS exists in Waimai Super Cms 20150505 via the fname parameter to the admin.php?m=Food&a=addsave or admin.php?m=Food&a=editsave URI.
CVSS Score
6.1
EPSS Score
0.002
Published
2018-10-09
An issue was discovered in DuomiCMS 3.0. Remote PHP code execution is possible via the search.php searchword parameter because "eval" is used during "if" processing.
CVSS Score
9.8
EPSS Score
0.012
Published
2018-10-09
An issue was discovered in DuomiCMS 3.0. SQL injection exists in the ajax.php file, as demonstrated by the uid parameter.
CVSS Score
9.8
EPSS Score
0.003
Published
2018-10-09
WikidForum 2.20 has SQL Injection via the rpc.php parent_post_id or num_records parameter, or the index.php?action=search select_sort parameter.
CVSS Score
9.8
EPSS Score
0.007
Published
2018-10-09
It was found that ceph-isci-cli package as shipped by Red Hat Ceph Storage 2 and 3 is using python-werkzeug in debug shell mode. This is done by setting debug=True in file /usr/bin/rbd-target-api provided by ceph-isci-cli package. This allows unauthenticated attackers to access this debug shell and escalate privileges. Once an attacker has successfully connected to this debug shell they will be able to execute arbitrary commands remotely. These commands will run with the same privileges as of user executing the application which is using python-werkzeug with debug shell mode enabled. In - Red Hat Ceph Storage 2 and 3, ceph-isci-cli package runs python-werkzeug library with root level permissions.
CVSS Score
9.8
EPSS Score
0.581
Published
2018-10-09
An issue was discovered in the org.telegram.messenger application 4.8.11 for Android. The Passcode feature allows authentication bypass via runtime manipulation that forces a certain method's return value to true. In other words, an attacker could authenticate with an arbitrary passcode. NOTE: the vendor indicates that this is not an attack of interest within the context of their threat model, which excludes Android devices on which rooting has occurred
CVSS Score
6.4
EPSS Score
0.0
Published
2018-10-09
An issue was discovered in the org.telegram.messenger application 4.8.11 for Android. The FingerprintManager class for Biometric validation allows authentication bypass through the callback method from onAuthenticationFailed to onAuthenticationSucceeded with null, because the fingerprint API in conjunction with the Android keyGenerator class is not implemented. In other words, an attacker could authenticate with an arbitrary fingerprint. NOTE: the vendor indicates that this is not an attack of interest within the context of their threat model, which excludes Android devices on which rooting has occurred
CVSS Score
6.8
EPSS Score
0.001
Published
2018-10-09