Security Vulnerabilities - CVEs Published In 2018
An invalid memory address dereference was discovered in the huffcode function (libfaac/huff2.c) in Freeware Advanced Audio Coder (FAAC) 1.29.9.2. The vulnerability causes a segmentation fault and application crash, which leads to denial of service in the book 10 case.
CVSS Score
5.5
EPSS Score
0.002
Published
2018-12-06
In SolarWinds SFTP/SCP Server through 2018-09-10, the configuration file is world readable and writable, and stores user passwords in an insecure manner, allowing an attacker to determine passwords for potentially privileged accounts. This also grants the attacker an ability to backdoor the server.
CVSS Score
9.8
EPSS Score
0.003
Published
2018-12-05
SolarWinds SFTP/SCP server through 2018-09-10 is vulnerable to XXE via a world readable and writable configuration file that allows an attacker to exfiltrate data.
CVSS Score
9.1
EPSS Score
0.004
Published
2018-12-05
Perl before 5.26.3 and 5.28.0 before 5.28.1 has a buffer overflow via a crafted regular expression that triggers invalid write operations.
CVSS Score
9.8
EPSS Score
0.093
Published
2018-12-05
Arm Mbed TLS before 2.14.1, before 2.7.8, and before 2.1.17 allows a local unprivileged attacker to recover the plaintext of RSA decryption, which is used in RSA-without-(EC)DH(E) cipher suites.
CVSS Score
4.7
EPSS Score
0.003
Published
2018-12-05
Local attackers can trigger a stack-based buffer overflow on vulnerable installations of Antiy-AVL ATool security management v1.0.0.22. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the processing of IOCTL 0x80002000 by the IRPFile.sys Antiy-AVL ATool kernel driver. The bug is caused by failure to properly validate the length of the user-supplied data, which results in a kernel stack buffer overflow. An attacker can leverage this vulnerability to execute arbitrary code in the context of the kernel, which could lead to privilege escalation and a failed exploit could lead to denial of service.
CVSS Score
7.8
EPSS Score
0.001
Published
2018-12-05
Tarantella Enterprise before 3.11 allows Directory Traversal.
CVSS Score
7.5
EPSS Score
0.733
Published
2018-12-05
Tarantella Enterprise before 3.11 allows bypassing Access Control.
CVSS Score
8.8
EPSS Score
0.011
Published
2018-12-05
In Kubernetes versions 1.9.0-1.9.9, 1.10.0-1.10.5, and 1.11.0-1.11.1, user input was handled insecurely while setting up volume mounts on Windows nodes, which could lead to command line argument injection.
CVSS Score
5.9
EPSS Score
0.007
Published
2018-12-05
In Minikube versions 0.3.0-0.29.0, minikube exposes the Kubernetes Dashboard listening on the VM IP at port 30000. In VM environments where the IP is easy to predict, the attacker can use DNS rebinding to indirectly make requests to the Kubernetes Dashboard, create a new Kubernetes Deployment running arbitrary code. If minikube mount is in use, the attacker could also directly access the host filesystem.
CVSS Score
8.1
EPSS Score
0.002
Published
2018-12-05