Security Vulnerabilities - CVEs Published In March 2018
Z-BlogPHP 1.5.1 Zero has CSRF in plugin_edit.php, resulting in the ability to execute arbitrary PHP code.
CVSS Score
8.8
EPSS Score
0.001
Published
2018-03-31
An issue was discovered in /admin/?/user/add in Frog CMS 0.9.5. The application's add user functionality suffers from CSRF. A malicious user can craft an HTML page and use it to trick a victim into clicking on it; once executed, a malicious user will be created with admin privileges. This happens due to lack of an anti-CSRF token in state modification requests.
CVSS Score
8.8
EPSS Score
0.002
Published
2018-03-31
Prisma Industriale Checkweigher PrismaWEB 1.21 allows remote attackers to discover the hardcoded prisma password for the prismaweb account by reading user/scripts/login_par.js.
CVSS Score
9.8
EPSS Score
0.64
Published
2018-03-31
Contec Smart Home 4.15 devices do not require authentication for new_user.php, edit_user.php, delete_user.php, and user.php, as demonstrated by changing the admin password and then obtaining control over doors.
CVSS Score
9.8
EPSS Score
0.051
Published
2018-03-31
In Docker Notary before 0.1, gotuf/signed/verify.go has a Signature Algorithm Not Matched to Key vulnerability. Because an attacker controls the field specifying the signature algorithm, they might (for example) be able to forge a signature by forcing a misinterpretation of an RSA-PSS key as Ed25519 elliptic-curve data.
CVSS Score
7.5
EPSS Score
0.002
Published
2018-03-31
In Docker Notary before 0.1, the checkRoot function in gotuf/client/client.go does not check expiry of root.json files, despite a comment stating that it does. Even if a user creates a new root.json file after a key compromise, an attacker can produce update files referring to an old root.json file.
CVSS Score
9.8
EPSS Score
0.006
Published
2018-03-31
In Spark before 2.7.2, a remote attacker can read unintended static files via various representations of absolute or relative pathnames, as demonstrated by file: URLs and directory traversal sequences. NOTE: this product is unrelated to Ignite Realtime Spark.
CVSS Score
5.3
EPSS Score
0.008
Published
2018-03-31
SickRage before v2018.03.09-1 includes cleartext credentials in HTTP responses.
CVSS Score
9.8
EPSS Score
0.719
Published
2018-03-31
The perf_cpu_time_max_percent_handler function in kernel/events/core.c in the Linux kernel before 4.11 allows local users to cause a denial of service (integer overflow) or possibly have unspecified other impact via a large value, as demonstrated by an incorrect sample-rate calculation.
CVSS Score
7.8
EPSS Score
0.0
Published
2018-03-31
The Linux kernel 4.15 has a Buffer Overflow via an SNDRV_SEQ_IOCTL_SET_CLIENT_POOL ioctl write operation to /dev/snd/seq by a local user.
CVSS Score
7.8
EPSS Score
0.0
Published
2018-03-30
Page 1