Security Vulnerabilities - CVEs Published In November 2018
An issue was discovered in uriparser before 0.9.0. UriCommon.c allows attempted operations on NULL input via a uriResetUri* function.
CVSS Score
7.5
EPSS Score
0.012
Published
2018-11-12
An issue has been found in libIEC61850 v1.3. It is a heap-based buffer overflow in BerEncoder_encodeOctetString in mms/asn1/ber_encoder.c. This is exploitable even after CVE-2018-18834 has been patched, with a different dataSetValue sequence than the CVE-2018-18834 attack vector.
CVSS Score
9.8
EPSS Score
0.005
Published
2018-11-12
An issue was discovered in XiaoCms 20141229. admin/index.php?c=content&a=add&catid=3 has CSRF, as demonstrated by entering news via the data[content] parameter.
CVSS Score
8.8
EPSS Score
0.002
Published
2018-11-12
An issue was discovered in XiaoCms 20141229. There is XSS via the largest input box on the "New news" screen.
CVSS Score
6.1
EPSS Score
0.002
Published
2018-11-12
An issue was discovered in XiaoCms 20141229. /admin/index.php?c=database allows full path disclosure in a "failed to open stream" error message.
CVSS Score
5.3
EPSS Score
0.002
Published
2018-11-12
An issue was discovered in XiaoCms 20141229. There is XSS related to the template\default\show_product.html file.
CVSS Score
6.1
EPSS Score
0.002
Published
2018-11-12
An issue was discovered in XiaoCms 20141229. It allows remote attackers to execute arbitrary code by using the type parameter to bypass the standard admin\controller\uploadfile.php restrictions on uploaded file types (jpg, jpeg, bmp, png, gif), as demonstrated by an admin/index.php?c=uploadfile&a=uploadify_upload&type=php URI.
CVSS Score
9.8
EPSS Score
0.006
Published
2018-11-12
An issue was discovered in XiaoCms 20141229. admin\controller\database.php allows arbitrary directory deletion via admin/index.php?c=database&a=import&paths[]=../ directory traversal.
CVSS Score
4.9
EPSS Score
0.008
Published
2018-11-12
Py-EVM v0.2.0-alpha.33 allows attackers to make a vm.execute_bytecode call that triggers computation._stack.values with '"stack": [100, 100, 0]' where b'\x' was expected, resulting in an execution failure because of an invalid opcode. This is reportedly related to "smart contracts can be executed indefinitely without gas being paid."
CVSS Score
8.8
EPSS Score
0.008
Published
2018-11-12
ethereumjs-vm 2.4.0 allows attackers to cause a denial of service (vm.runCode failure and REVERT) via a "code: Buffer.from(my_code, 'hex')" attribute. NOTE: the vendor disputes this because REVERT is a normal bytecode that can be triggered from high-level source code, leading to a normal programmatic execution result.
CVSS Score
7.5
EPSS Score
0.007
Published
2018-11-12