CVE-2018-13988

Poppler through 0.62 contains an out of bounds read vulnerability due to an incorrect memory access that is not mapped in its memory space, as demonstrated by pdfunite. This can result in memory corruption and denial of service. This may be exploitable when a victim opens a specially crafted PDF...

Code injection

The Battle for Wesnoth Project version 1.7.0 through 1.14.3 contains a Code Injection vulnerability in the Lua scripting engine that can result in code execution outside the sandbox. This attack appear to be exploitable via Loading specially-crafted saved games, networked games, replays, and play...

CVE-2018-1999022

PEAR HTMLQuickForm version 3.2.14 contains an eval injection CWE-95 vulnerability in HTMLQuickForm's getSubmitValue method, HTMLQuickForm's validate method, HTMLQuickFormhierselect's setOptions method, HTMLQuickFormelement's findValue method, HTMLQuickFormelement's prepareValue method. that can...

CVE-2018-1999024

MathJax version prior to version 2.7.4 contains a Cross Site Scripting XSS vulnerability in the \unicode macro that can result in Potentially untrusted Javascript running within a web browser. This attack appear to be exploitable via The victim must view a page where untrusted content is processe...

CVE-2018-1999023

CVE-2018-1999023 affects The Battle for Wesnoth Project versions 1.7.0 through 1.14.3. The vulnerability is a Code Injection flaw in the Lua scripting engine that can lead to code execution outside the sandbox. Exploitation vectors include loading specially-crafted saved games, networked games, r...

Directory traversal

Open Networking Foundation ONF ONOS version 1.13.2 and earlier version contains a Directory Traversal vulnerability in core/common/src/main/java/org/onosproject/common/app/ApplicationArchive.java line 35 that can result in arbitrary file deletion overwrite. This attack appear to be exploitable vi...

Cross site scripting

Gleezcms Gleez Cms version 1.3.0 contains a Cross Site Scripting XSS vulnerability in Profile page that can result in Inject arbitrary web script or HTML via the profile page editor. This attack appear to be exploitable via The victim must navigate to the attacker's profile page...

Server side request forgery (ssrf)

Pydio version 8.2.0 and earlier contains a Server-Side Request Forgery SSRF vulnerability in plugins/action.updater/UpgradeManager.php Line: 154, getUpgradePath$url that can result in an authenticated admin users requesting arbitrary URL's, pivoting requests through the server. This attack appear...

Remote code execution

Pydio version 8.2.1 and prior contains an Unvalidated user input leading to Remote Code Execution RCE vulnerability in plugins/action.antivirus/AntivirusScanner.php: Line 124, scanNow$nodeObject that can result in An attacker gaining admin access and can then execute arbitrary commands on the...

Design/Logic Flaw

FFmpeg before commit 5aba5b89d0b1d73164d3b81764828bb8b20ff32a contains an out of array read vulnerability in ASFF format demuxer that can result in heap memory reading. This attack appear to be exploitable via specially crafted ASF file that has to provided as input. This vulnerability appears to...

CVE-2018-1999012

FFmpeg before commit 9807d3976be0e92e4ece3b4b1701be894cd7c2e1 contains a CWE-835: Infinite loop vulnerability in pva format demuxer that can result in a Vulnerability that allows attackers to consume excessive amount of resources like CPU and RAM. This attack appear to be exploitable via speciall...

CVE-2018-1999020

The CVE-2018-1999020 issue affects Open Networking Foundation ONOS (ONOS) versions 1.13.2 and earlier. It is a Directory Traversal vulnerability in core/common/src/main/java/org/onosproject/common/app/ApplicationArchive.java (line 35) that can result in arbitrary file deletion (overwrite) when a ...

CVE-2018-1999012

FFmpeg before commit 9807d3976be0e92e4ece3b4b1701be894cd7c2e1 contains a CWE-835: Infinite loop vulnerability in pva format demuxer that can result in a Vulnerability that allows attackers to consume excessive amount of resources like CPU and RAM. This attack appear to be exploitable via speciall...

Bluetooth Vulnerability

NCCIC is aware of a vulnerability affecting Bluetooth firmware and operating system software drivers. A remote attacker could exploit this vulnerability to obtain sensitive information. NCCIC encourages users and administrators to review Vulnerability Note VU 304725 for more information and refer...

FocalScope XML External Entity Injection Vulnerability

Summary An exploitable unauthenticated XML external injection vulnerability was identified in FocalScope v2416. A unauthenticated attacker could submit a specially crafted web request to FocalScope’s server that could cause an XXE, and potentially result in data compromise. Tested Versions...

CVE-2018-3870

An exploitable out-of-bounds write exists in the PCX parsing functionality of Canvas Draw version 4.0.0. A specially crafted PCX image processed via the application can lead to an out-of-bounds write, overwriting arbitrary data. An attacker can deliver a PCX image to trigger this vulnerability an...

Heap overflow

An exploitable heap overflow exists in the TIFF parsing functionality of Canvas Draw version 4.0.0. A specially crafted TIFF image processed via the application can lead to an out-of-bounds write, overwriting arbitrary data. An attacker can deliver a TIFF image to trigger this vulnerability and...

CVE-2018-3870

An exploitable out-of-bounds write exists in the PCX parsing functionality of Canvas Draw version 4.0.0. A specially crafted PCX image processed via the application can lead to an out-of-bounds write, overwriting arbitrary data. An attacker can deliver a PCX image to trigger this vulnerability an...

CVE-2018-3871

An exploitable out-of-bounds write exists in the PCX parsing functionality of Canvas Draw version 4.0.0. A specially crafted PCX image processed via the application can lead to an out-of-bounds write, overwriting arbitrary data. An attacker can deliver a PCX image to trigger this vulnerability an...

CVE-2018-3871

CVE-2018-3871 is an out-of-bounds write vulnerability in Canvas Draw 4.0.0’s PCX parsing functionality. A specially crafted PCX image processed by the application can trigger an out-of-bounds write, overwriting data and enabling code execution. The CVE is documented as a separate issue from CVE-2...