Security Vulnerabilities - CVEs Published In 2018
Pulse Secure Virtual Traffic Manager 9.9 versions prior to 9.9r2 and 10.4r1 allow a remote authenticated user to obtain sensitive historical activity information by leveraging incorrect permission validation.
CVSS Score
4.3
EPSS Score
0.002
Published
2018-12-20
Empire CMS 7.5 allows remote attackers to execute arbitrary PHP code via the ftemp parameter in an enews=EditMemberForm action because this code is injected into a memberform.$fid.php file.
CVSS Score
9.8
EPSS Score
0.01
Published
2018-12-20
An XSS issue was discovered in Steve Pallen Xain before 0.6.2 via the order parameter.
CVSS Score
6.1
EPSS Score
0.002
Published
2018-12-20
In pkg/tool/path.go in Gogs before 0.11.82.1218, a directory traversal in the file-upload functionality can allow an attacker to create a file under data/sessions on the server, a similar issue to CVE-2018-18925.
CVSS Score
7.5
EPSS Score
0.031
Published
2018-12-20
wbook_addworksheet in workbook.c in libexcel.a in libexcel 0.01 allows attackers to cause a denial of service (SEGV) via a long second argument. NOTE: this is not a Microsoft product.
CVSS Score
6.5
EPSS Score
0.002
Published
2018-12-20
D-Link DIR-816 A2 1.10 B05 devices allow arbitrary remote code execution without authentication via the newpass parameter. In the /goform/form2userconfig.cgi handler function, a long password may lead to a stack-based buffer overflow and overwrite a return address.
CVSS Score
9.8
EPSS Score
0.12
Published
2018-12-20
Pivotal Concourse Release, versions 4.x prior to 4.2.2, login flow allows redirects to untrusted websites. A remote unauthenticated attacker could convince a user to click on a link using the oAuth redirect link with an untrusted website and gain access to that user's access token in Concourse.
CVSS Score
7.6
EPSS Score
0.006
Published
2018-12-19
Spring Security versions 5.1.x prior to 5.1.2 contain an authorization bypass vulnerability during JWT issuer validation. In order to be impacted, the same private key for an honest issuer and a malicious user must be used when signing JWTs. In that case, a malicious user could fashion signed JWTs with the malicious issuer URL that may be granted for the honest issuer.
CVSS Score
3.3
EPSS Score
0.001
Published
2018-12-19
An issue was discovered in several Bosch Smart Home cameras (360 degree indoor camera and Eyes outdoor camera) with firmware before 6.52.4. A malicious client could potentially succeed in the unauthorized execution of code on the device via the network interface, because there is a buffer overflow in the RCP+ parser of the web server.
CVSS Score
9.8
EPSS Score
0.013
Published
2018-12-19
Vulnerability allows a user of Apache Oozie 3.1.3-incubating to 5.0.0 to impersonate other users. The malicious user can construct an XML that results workflows running in other user's name.
CVSS Score
6.5
EPSS Score
0.002
Published
2018-12-19