Total
299403 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2018-8014 | 5 Apache, Canonical, Debian and 2 more | 9 Tomcat, Ubuntu Linux, Debian Linux and 6 more | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| The defaults settings for the CORS filter provided in Apache Tomcat 9.0.0.M1 to 9.0.8, 8.5.0 to 8.5.31, 8.0.0.RC1 to 8.0.52, 7.0.41 to 7.0.88 are insecure and enable 'supportsCredentials' for all origins. It is expected that users of the CORS filter will have configured it appropriately for their environment rather than using it in the default configuration. Therefore, it is expected that most users will not be impacted by this issue. | |||||
| CVE-2018-8013 | 4 Apache, Canonical, Debian and 1 more | 21 Batik, Ubuntu Linux, Debian Linux and 18 more | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| In Apache Batik 1.x before 1.10, when deserializing subclass of `AbstractDocument`, the class takes a string from the inputStream as the class name which then use it to call the no-arg constructor of the class. Fix was to check the class type before calling newInstance in deserialization. | |||||
| CVE-2018-8012 | 3 Apache, Debian, Oracle | 3 Zookeeper, Debian Linux, Goldengate Stream Analytics | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| No authentication/authorization is enforced when a server attempts to join a quorum in Apache ZooKeeper before 3.4.10, and 3.5.0-alpha through 3.5.3-beta. As a result an arbitrary end point could join the cluster and begin propagating counterfeit changes to the leader. | |||||
| CVE-2018-8011 | 2 Apache, Netapp | 2 Http Server, Cloud Backup | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| By specially crafting HTTP requests, the mod_md challenge handler would dereference a NULL pointer and cause the child process to segfault. This could be used to DoS the server. Fixed in Apache HTTP Server 2.4.34 (Affected 2.4.33). | |||||
| CVE-2018-8010 | 1 Apache | 1 Solr | 2024-11-21 | 2.1 LOW | 5.5 MEDIUM |
| This vulnerability in Apache Solr 6.0.0 to 6.6.3, 7.0.0 to 7.3.0 relates to an XML external entity expansion (XXE) in Solr config files (solrconfig.xml, schema.xml, managed-schema). In addition, Xinclude functionality provided in these config files is also affected in a similar way. The vulnerability can be used as XXE using file/ftp/http protocols in order to read arbitrary local files from the Solr server or the internal network. Users are advised to upgrade to either Solr 6.6.4 or Solr 7.3.1 releases both of which address the vulnerability. Once upgrade is complete, no other steps are required. Those releases only allow external entities and Xincludes that refer to local files / zookeeper resources below the Solr instance directory (using Solr's ResourceLoader); usage of absolute URLs is denied. Keep in mind, that external entities and XInclude are explicitly supported to better structure config files in large installations. Before Solr 6 this was no problem, as config files were not accessible through the APIs. | |||||
| CVE-2018-8009 | 1 Apache | 1 Hadoop | 2024-11-21 | 6.5 MEDIUM | 8.8 HIGH |
| Apache Hadoop 3.1.0, 3.0.0-alpha to 3.0.2, 2.9.0 to 2.9.1, 2.8.0 to 2.8.4, 2.0.0-alpha to 2.7.6, 0.23.0 to 0.23.11 is exploitable via the zip slip vulnerability in places that accept a zip file. | |||||
| CVE-2018-8008 | 1 Apache | 1 Storm | 2024-11-21 | 5.8 MEDIUM | 5.5 MEDIUM |
| Apache Storm version 1.0.6 and earlier, 1.2.1 and earlier, and version 1.1.2 and earlier expose an arbitrary file write vulnerability, that can be achieved using a specially crafted zip archive (affects other archives as well, bzip2, tar, xz, war, cpio, 7z), that holds path traversal filenames. So when the filename gets concatenated to the target extraction directory, the final path ends up outside of the target folder. | |||||
| CVE-2018-8007 | 1 Apache | 1 Couchdb | 2024-11-21 | 9.0 HIGH | 7.2 HIGH |
| Apache CouchDB administrative users can configure the database server via HTTP(S). Due to insufficient validation of administrator-supplied configuration settings via the HTTP API, it is possible for a CouchDB administrator user to escalate their privileges to that of the operating system's user that CouchDB runs under, by bypassing the blacklist of configuration settings that are not allowed to be modified via the HTTP API. This privilege escalation effectively allows an existing CouchDB admin user to gain arbitrary remote code execution, bypassing already disclosed CVE-2017-12636. Mitigation: All users should upgrade to CouchDB releases 1.7.2 or 2.1.2. | |||||
| CVE-2018-8006 | 1 Apache | 1 Activemq | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| An instance of a cross-site scripting vulnerability was identified to be present in the web based administration console on the queue.jsp page of Apache ActiveMQ versions 5.0.0 to 5.15.5. The root cause of this issue is improper data filtering of the QueueFilter parameter. | |||||
| CVE-2018-8005 | 2 Apache, Debian | 2 Traffic Server, Debian Linux | 2024-11-21 | 5.0 MEDIUM | 5.3 MEDIUM |
| When there are multiple ranges in a range request, Apache Traffic Server (ATS) will read the entire object from cache. This can cause performance problems with large objects in cache. This affects versions 6.0.0 to 6.2.2 and 7.0.0 to 7.1.3. To resolve this issue users running 6.x users should upgrade to 6.2.3 or later versions and 7.x users should upgrade to 7.1.4 or later versions. | |||||
| CVE-2018-8004 | 2 Apache, Debian | 2 Traffic Server, Debian Linux | 2024-11-21 | 4.0 MEDIUM | 6.5 MEDIUM |
| There are multiple HTTP smuggling and cache poisoning issues when clients making malicious requests interact with Apache Traffic Server (ATS). This affects versions 6.0.0 to 6.2.2 and 7.0.0 to 7.1.3. To resolve this issue users running 6.x should upgrade to 6.2.3 or later versions and 7.x users should upgrade to 7.1.4 or later versions. | |||||
| CVE-2018-8003 | 1 Apache | 1 Ambari | 2024-11-21 | 5.0 MEDIUM | 5.3 MEDIUM |
| Apache Ambari, versions 1.4.0 to 2.6.1, is susceptible to a directory traversal attack allowing an unauthenticated user to craft an HTTP request which provides read-only access to any file on the filesystem of the host the Ambari Server runs on that is accessible by the user the Ambari Server is running as. Direct network access to the Ambari Server is required to issue this request, and those Ambari Servers that are protected behind a firewall, or in a restricted network zone are at less risk of being affected by this issue. | |||||
| CVE-2018-8002 | 1 Podofo Project | 1 Podofo | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| In PoDoFo 0.9.5, there exists an infinite loop vulnerability in PdfParserObject::ParseFileComplete() in PdfParserObject.cpp which may result in stack overflow. Remote attackers could leverage this vulnerability to cause a denial-of-service or possibly unspecified other impact via a crafted pdf file. | |||||
| CVE-2018-8001 | 1 Podofo Project | 1 Podofo | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| In PoDoFo 0.9.5, there exists a heap-based buffer over-read vulnerability in UnescapeName() in PdfName.cpp. Remote attackers could leverage this vulnerability to cause a denial-of-service or possibly unspecified other impact via a crafted pdf file. | |||||
| CVE-2018-8000 | 1 Podofo Project | 1 Podofo | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| In PoDoFo 0.9.5, there exists a heap-based buffer overflow vulnerability in PoDoFo::PdfTokenizer::GetNextToken() in PdfTokenizer.cpp, a related issue to CVE-2017-5886. Remote attackers could leverage this vulnerability to cause a denial-of-service or potentially execute arbitrary code via a crafted pdf file. | |||||
| CVE-2018-7999 | 1 Sil | 1 Graphite2 | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| In libgraphite2 in graphite2 1.3.11, a NULL pointer dereference vulnerability was found in Segment.cpp during a dumbRendering operation, which may allow attackers to cause a denial of service or possibly have unspecified other impact via a crafted .ttf file. | |||||
| CVE-2018-7998 | 2 Debian, Libvips Project | 2 Debian Linux, Libvips | 2024-11-21 | 5.1 MEDIUM | 7.5 HIGH |
| In libvips before 8.6.3, a NULL function pointer dereference vulnerability was found in the vips_region_generate function in region.c, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted image file. This occurs because of a race condition involving a failed delayed load and other worker threads. | |||||
| CVE-2018-7997 | 1 Eramba | 1 Eramba | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| Eramba e1.0.6.033 has Reflected XSS on the Error page of the CSV file inclusion tab of the /importTool/preview URI, with a CSV file polluted with malicious JavaScript. | |||||
| CVE-2018-7996 | 1 Eramba | 1 Eramba | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| Eramba e1.0.6.033 has Stored XSS on the tooltip box via the /programScopes description parameter. | |||||
| CVE-2018-7995 | 3 Canonical, Debian, Linux | 3 Ubuntu Linux, Debian Linux, Linux Kernel | 2024-11-21 | 4.7 MEDIUM | 4.7 MEDIUM |
| ** DISPUTED ** Race condition in the store_int_with_restart() function in arch/x86/kernel/cpu/mcheck/mce.c in the Linux kernel through 4.15.7 allows local users to cause a denial of service (panic) by leveraging root access to write to the check_interval file in a /sys/devices/system/machinecheck/machinecheck<cpu number> directory. NOTE: a third party has indicated that this report is not security relevant. | |||||