Search
Total
17685 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2018-2437 | 1 Sap | 1 Internet Graphics Server | 2020-08-24 | 6.4 MEDIUM | 9.1 CRITICAL |
| The SAP Internet Graphics Service (IGS), 7.20, 7.20EXT, 7.45, 7.49, 7.53, allows an attacker to externally trigger IGS command executions which can lead to: disclosure of information and malicious file insertion or modification. | |||||
| CVE-2018-2913 | 1 Oracle | 1 Goldengate | 2020-08-24 | 7.5 HIGH | 10.0 CRITICAL |
| Vulnerability in the Oracle GoldenGate component of Oracle GoldenGate (subcomponent: Monitoring Manager). Supported versions that are affected are 12.1.2.1.0, 12.2.0.2.0 and 12.3.0.1.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via TCP to compromise Oracle GoldenGate. While the vulnerability is in Oracle GoldenGate, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle GoldenGate. Note: For Linux and Windows platforms, the CVSS score is 9.0 with Access Complexity as High. For all other platforms, the cvss score is 10.0. CVSS 3.0 Base Score 10.0 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H). | |||||
| CVE-2018-3867 | 1 Samsung | 2 Sth-eth-250, Sth-eth-250 Firmware | 2020-08-24 | 9.0 HIGH | 9.9 CRITICAL |
| An exploitable stack-based buffer overflow vulnerability exists in the samsungWifiScan callback notification of video-core's HTTP server of Samsung SmartThings Hub STH-ETH-250 devices with firmware version 0.20.17. The video-core process incorrectly handles the answer received from a smart camera, leading to a buffer overflow on the stack. An attacker can send a series of HTTP requests to trigger this vulnerability. | |||||
| CVE-2018-3880 | 1 Samsung | 2 Sth-eth-250, Sth-eth-250 Firmware | 2020-08-24 | 9.0 HIGH | 9.9 CRITICAL |
| An exploitable stack-based buffer overflow vulnerability exists in the database 'find-by-cameraId' functionality of video-core's HTTP server of Samsung SmartThings Hub STH-ETH-250 - Firmware version 0.20.17. The video-core process incorrectly handles existing records inside its SQLite database, leading to a buffer overflow on the stack. An attacker can send an HTTP request to trigger this vulnerability. | |||||
| CVE-2018-3919 | 1 Samsung | 2 Sth-eth-250, Sth-eth-250 Firmware | 2020-08-24 | 9.0 HIGH | 9.9 CRITICAL |
| An exploitable stack-based buffer overflow vulnerability exists in the retrieval of database fields in video-core's HTTP server of Samsung SmartThings Hub STH-ETH-250 devices with firmware version 0.20.17. The video-core process insecurely extracts the fields from the "clips" table of its SQLite database, leading to a buffer overflow on the stack. An attacker can send a series of HTTP requests to trigger this vulnerability. | |||||
| CVE-2018-3934 | 1 Yitechnology | 2 Yi Home Camera, Yi Home Camera Firmware | 2020-08-24 | 7.5 HIGH | 9.8 CRITICAL |
| An exploitable code execution vulnerability exists in the firmware update functionality of Yi Home Camera 27US 1.8.7.0D. A specially crafted set of UDP packets can cause a logic flaw, resulting in an authentication bypass. An attacker can sniff network traffic and send a set of packets to trigger this vulnerability. | |||||
| CVE-2018-3938 | 1 Sony | 28 Snc-eb600, Snc-eb600 Firmware, Snc-eb600b and 25 more | 2020-08-24 | 7.5 HIGH | 10.0 CRITICAL |
| An exploitable stack-based buffer overflow vulnerability exists in the 802dot1xclientcert.cgi functionality of Sony IPELA E Series Camera G5 firmware 1.87.00. A specially crafted POST can cause a stack-based buffer overflow, resulting in remote code execution. An attacker can send a malicious POST request to trigger this vulnerability. | |||||
| CVE-2018-3963 | 1 Getcujo | 1 Smart Firewall | 2020-08-24 | 8.3 HIGH | 9.0 CRITICAL |
| An exploitable command injection vulnerability exists in the DHCP daemon configuration of the CUJO Smart Firewall. When adding a new static DHCP address, its corresponding hostname is inserted into the dhcpd.conf file without prior sanitization, allowing for arbitrary execution of system commands. To trigger this vulnerability, an attacker can send a DHCP request message and set up the corresponding static DHCP entry. | |||||
| CVE-2018-3991 | 3 Microsoft, Siemens, Wibu | 3 Windows, Simatic Wincc Open Architecture, Wibukey | 2020-08-24 | 7.5 HIGH | 9.8 CRITICAL |
| An exploitable heap overflow vulnerability exists in the WkbProgramLow function of WibuKey Network server management, version 6.40.2402.500. A specially crafted TCP packet can cause a heap overflow, potentially leading to remote code execution. An attacker can send a malformed TCP packet to trigger this vulnerability. | |||||
| CVE-2018-4003 | 1 Getcujo | 1 Smart Firewall | 2020-08-24 | 7.5 HIGH | 9.8 CRITICAL |
| An exploitable heap overflow vulnerability exists in the mdnscap binary of the CUJO Smart Firewall running firmware 7003. The string lengths are handled incorrectly when parsing character strings in mDNS resource records, leading to arbitrary code execution in the context of the mdnscap process. An unauthenticated attacker can send an mDNS message to trigger this vulnerability. | |||||
| CVE-2018-4229 | 1 Apple | 1 Mac Os X | 2020-08-24 | 10.0 HIGH | 10.0 CRITICAL |
| An issue was discovered in certain Apple products. macOS before 10.13.5 is affected. The issue involves the "Grand Central Dispatch" component. It allows attackers to bypass a sandbox protection mechanism by leveraging the misparsing of entitlement plists. | |||||
| CVE-2018-4298 | 1 Apple | 4 Apple Tv, Iphone Os, Mac Os X and 1 more | 2020-08-24 | 10.0 HIGH | 9.8 CRITICAL |
| In macOS High Sierra before 10.13.3, Security Update 2018-001 Sierra, and Security Update 2018-001 El Capitan, a permissions issue existed in Remote Management. This issue was addressed through improved permission validation. | |||||
| CVE-2018-4872 | 1 Adobe | 4 Acrobat, Acrobat Dc, Acrobat Reader and 1 more | 2020-08-24 | 10.0 HIGH | 10.0 CRITICAL |
| An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and earlier versions, 2017.011.30070 and earlier versions, 2015.006.30394 and earlier versions. This vulnerability is a security bypass vulnerability that leads to a sandbox escape. Specifically, the vulnerability exists in the way a cross call is handled. | |||||
| CVE-2018-7553 | 2 Debian, Sam2p Project | 2 Debian Linux, Sam2p | 2020-08-24 | 7.5 HIGH | 9.8 CRITICAL |
| There is a heap-based buffer overflow in the pcxLoadRaster function of in_pcx.cpp in sam2p 0.49.4. A crafted input will lead to a denial of service or possibly unspecified other impact. | |||||
| CVE-2018-7561 | 2 Tenda, Tendacn | 2 Ac9, Ac9 Firmware | 2020-08-24 | 7.5 HIGH | 9.8 CRITICAL |
| Stack-based Buffer Overflow in httpd on Tenda AC9 devices V15.03.05.14_EN allows remote attackers to cause a denial of service or possibly have unspecified other impact. | |||||
| CVE-2018-8092 | 1 Mautic | 1 Mautic | 2020-08-24 | 7.5 HIGH | 9.8 CRITICAL |
| Mautic before 2.13.0 allows CSV injection. | |||||
| CVE-2018-8154 | 1 Microsoft | 1 Exchange Server | 2020-08-24 | 10.0 HIGH | 9.8 CRITICAL |
| A remote code execution vulnerability exists in Microsoft Exchange software when the software fails to properly handle objects in memory, aka "Microsoft Exchange Memory Corruption Vulnerability." This affects Microsoft Exchange Server. This CVE ID is unique from CVE-2018-8151. | |||||
| CVE-2018-8302 | 1 Microsoft | 1 Exchange Server | 2020-08-24 | 10.0 HIGH | 9.8 CRITICAL |
| A remote code execution vulnerability exists in Microsoft Exchange software when the software fails to properly handle objects in memory, aka "Microsoft Exchange Memory Corruption Vulnerability." This affects Microsoft Exchange Server. | |||||
| CVE-2018-8500 | 1 Microsoft | 1 Chakracore | 2020-08-24 | 10.0 HIGH | 9.8 CRITICAL |
| A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability." This affects ChakraCore. | |||||
| CVE-2018-8626 | 1 Microsoft | 4 Windows 10, Windows Server 2012, Windows Server 2016 and 1 more | 2020-08-24 | 10.0 HIGH | 9.8 CRITICAL |
| A remote code execution vulnerability exists in Windows Domain Name System (DNS) servers when they fail to properly handle requests, aka "Windows DNS Server Heap Overflow Vulnerability." This affects Windows Server 2012 R2, Windows Server 2019, Windows Server 2016, Windows 10, Windows 10 Servers. | |||||
| CVE-2018-8828 | 2 Debian, Kamailio | 2 Debian Linux, Kamailio | 2020-08-24 | 7.5 HIGH | 9.8 CRITICAL |
| A Buffer Overflow issue was discovered in Kamailio before 4.4.7, 5.0.x before 5.0.6, and 5.1.x before 5.1.2. A specially crafted REGISTER message with a malformed branch or From tag triggers an off-by-one heap-based buffer overflow in the tmx_check_pretran function in modules/tmx/tmx_pretran.c. | |||||
| CVE-2018-8930 | 1 Amd | 8 Epyc Server, Epyc Server Firmware, Ryzen and 5 more | 2020-08-24 | 9.3 HIGH | 9.0 CRITICAL |
| The AMD EPYC Server, Ryzen, Ryzen Pro, and Ryzen Mobile processor chips have insufficient enforcement of Hardware Validated Boot, aka MASTERKEY-1, MASTERKEY-2, and MASTERKEY-3. | |||||
| CVE-2018-9035 | 1 Contact-form-7-to-database-extension Project | 1 Contact-form-7-to-database-extension | 2020-08-24 | 6.8 MEDIUM | 9.6 CRITICAL |
| CSV Injection vulnerability in ExportToCsvUtf8.php of the Contact Form 7 to Database Extension plugin 2.10.32 for WordPress allows remote attackers to inject spreadsheet formulas into CSV files via the contact form. | |||||
| CVE-2018-9079 | 1 Lenovo | 40 Ez Media \& Backup Center, Ez Media \& Backup Center Firmware, Ix2 and 37 more | 2020-08-24 | 7.5 HIGH | 9.8 CRITICAL |
| For some Iomega, Lenovo, LenovoEMC NAS devices versions 4.1.402.34662 and earlier, adversaries can craft URLs to modify the Document Object Model (DOM) of the page. In addition, adversaries can inject HTML script tags and HTML tags with JavaScript handlers to execute arbitrary JavaScript with the origin of the device. | |||||
| CVE-2018-9143 | 1 Samsung | 1 Samsung Mobile | 2020-08-24 | 10.0 HIGH | 9.8 CRITICAL |
| On Samsung mobile devices with M(6.0) and N(7.x) software, a heap overflow in the sensorhub binder service leads to code execution in a privileged process, aka SVE-2017-10991. | |||||
| CVE-2019-0007 | 1 Juniper | 17 Junos, Mx10, Mx10003 and 14 more | 2020-08-24 | 7.5 HIGH | 10.0 CRITICAL |
| The vMX Series software uses a predictable IP ID Sequence Number. This leaves the system as well as clients connecting through the device susceptible to a family of attacks which rely on the use of predictable IP ID sequence numbers as their base method of attack. This issue was found during internal product security testing. Affected releases are Juniper Networks Junos OS: 15.1 versions prior to 15.1F5 on vMX Series. | |||||
| CVE-2019-1000001 | 1 Teampass | 1 Teampass | 2020-08-24 | 5.0 MEDIUM | 9.8 CRITICAL |
| TeamPass version 2.1.27 and earlier contains a Storing Passwords in a Recoverable Format vulnerability in Shared password vaults that can result in all shared passwords are recoverable server side. This attack appears to be exploitable via any vulnerability that can bypass authentication or role assignment and can lead to shared password leakage. | |||||
| CVE-2019-10039 | 1 Dlink | 2 Dir-816, Dir-816 Firmware | 2020-08-24 | 5.0 MEDIUM | 9.8 CRITICAL |
| The D-Link DIR-816 A2 1.11 router only checks the random token when authorizing a goform request. An attacker can get this token from dir_login.asp and use an API URL /goform/setSysAdm to edit the web or system account without authentication. | |||||
| CVE-2019-10040 | 1 Dlink | 2 Dir-816, Dir-816 Firmware | 2020-08-24 | 10.0 HIGH | 9.8 CRITICAL |
| The D-Link DIR-816 A2 1.11 router only checks the random token when authorizing a goform request. An attacker can get this token from dir_login.asp and use a hidden API URL /goform/SystemCommand to execute a system command without authentication. | |||||
| CVE-2019-10041 | 1 Dlink | 2 Dir-816, Dir-816 Firmware | 2020-08-24 | 5.0 MEDIUM | 9.8 CRITICAL |
| The D-Link DIR-816 A2 1.11 router only checks the random token when authorizing a goform request. An attacker can get this token from dir_login.asp and use an API URL /goform/form2userconfig.cgi to edit the system account without authentication. | |||||
| CVE-2019-10058 | 1 Lexmark | 148 6500e, 6500e Firmware, C734 and 145 more | 2020-08-24 | 6.4 MEDIUM | 9.1 CRITICAL |
| Various Lexmark products have Incorrect Access Control. | |||||
| CVE-2019-10061 | 1 Node-opencv Project | 1 Node-opencv | 2020-08-24 | 7.5 HIGH | 9.8 CRITICAL |
| utils/find-opencv.js in node-opencv (aka OpenCV bindings for Node.js) prior to 6.1.0 is vulnerable to Command Injection. It does not validate user input allowing attackers to execute arbitrary commands. | |||||
| CVE-2019-10100 | 1 Jetbrains | 1 Youtrack Integration | 2020-08-24 | 7.5 HIGH | 9.8 CRITICAL |
| In JetBrains YouTrack Confluence plugin versions before 1.8.1.3, it was possible to achieve Server Side Template Injection. The attacker could add an Issue macro to the page in Confluence, and use a combination of a valid id field and specially crafted code in the link-text-template field to execute code remotely. | |||||
| CVE-2019-1010009 | 1 Dglogik | 1 Dglux Server | 2020-08-24 | 7.5 HIGH | 9.8 CRITICAL |
| DGLogik Inc DGLux Server All Versions is affected by: Insecure Permissions. The impact is: Remote Execution, Credential Leaks. The component is: IoT API. The attack vector is: Any Accessible Server. | |||||
| CVE-2019-1010101 | 1 Akeo | 1 Rufus | 2020-08-24 | 7.5 HIGH | 9.8 CRITICAL |
| Akeo Consulting Rufus 3.0 and earlier is affected by: Insecure Permissions. The impact is: arbitrary code execution with escalation of privilege. The component is: Executable installer, portable executable (ALL executables available). The attack vector is: CWE-29, CWE-377, CWE-379. | |||||
| CVE-2019-1010151 | 1 Zzcms | 1 Zzmcms | 2020-08-24 | 7.5 HIGH | 9.8 CRITICAL |
| zzcms zzmcms 8.3 and earlier is affected by: File Delete to getshell. The impact is: getshell. The component is: /user/ppsave.php. | |||||
| CVE-2019-1010155 | 1 Dlink | 2 Dsl-2750u, Dsl-2750u Firmware | 2020-08-24 | 6.4 MEDIUM | 9.1 CRITICAL |
| ** DISPUTED ** D-Link DSL-2750U 1.11 is affected by: Authentication Bypass. The impact is: denial of service and information leakage. The component is: login. NOTE: Third parties dispute this issues as not being a vulnerability because although the wizard is accessible without authentication, it can't actually configure anything. Thus, there is no denial of service or information leakage. | |||||
| CVE-2019-1010161 | 1 Perl-crypt-jwt Project | 1 Perl-crypt-jwt | 2020-08-24 | 7.5 HIGH | 9.8 CRITICAL |
| perl-CRYPT-JWT 0.022 and earlier is affected by: Incorrect Access Control. The impact is: bypass authentication. The component is: JWT.pm for JWT security token, line 614 in _decode_jws(). The attack vector is: network connectivity(crafting user-controlled input to bypass authentication). The fixed version is: 0.023. | |||||
| CVE-2019-0101 | 1 Intel | 1 Unite | 2020-08-24 | 7.5 HIGH | 9.8 CRITICAL |
| Authentication bypass in the Intel Unite(R) solution versions 3.2 through 3.3 may allow an unauthenticated user to potentially enable escalation of privilege to the Intel Unite(R) Solution administrative portal via network access. | |||||
| CVE-2019-0172 | 1 Intel | 1 Unite | 2020-08-24 | 7.5 HIGH | 9.8 CRITICAL |
| A logic issue in Intel Unite(R) Client for Android prior to version 4.0 may allow a remote attacker to potentially enable escalation of privilege via network access. | |||||
| CVE-2019-0187 | 1 Apache | 1 Jmeter | 2020-08-24 | 7.5 HIGH | 9.8 CRITICAL |
| Unauthenticated RCE is possible when JMeter is used in distributed mode (-r or -R command line options). Attacker can establish a RMI connection to a jmeter-server using RemoteJMeterEngine and proceed with an attack using untrusted data deserialization. This only affect tests running in Distributed mode. Note that versions before 4.0 are not able to encrypt traffic between the nodes, nor authenticate the participating nodes so upgrade to JMeter 5.1 is also advised. | |||||
| CVE-2019-0246 | 1 Sap | 1 Cloud Connector | 2020-08-24 | 7.5 HIGH | 9.8 CRITICAL |
| SAP Cloud Connector, before version 2.11.3, does not perform any authentication checks for functionalities that require user identity. | |||||
| CVE-2019-0261 | 1 Sap | 1 Landscape Management | 2020-08-24 | 7.5 HIGH | 9.8 CRITICAL |
| Under certain circumstances, SAP HANA Extended Application Services, advanced model (XS advanced) does not perform authentication checks properly for XS advanced platform and business users. Fixed in 1.0.97 to 1.0.99 (running on SAP HANA 1 or SAP HANA 2 SPS0 (second S stands for stack)). | |||||
| CVE-2019-0285 | 1 Sap | 1 Crystal Reports | 2020-08-24 | 5.0 MEDIUM | 9.8 CRITICAL |
| The .NET SDK WebForm Viewer in SAP Crystal Reports for Visual Studio (fixed in version 2010) discloses sensitive database information including credentials which can be misused by the attacker. | |||||
| CVE-2019-0344 | 1 Sap | 1 Commerce Cloud | 2020-08-24 | 7.5 HIGH | 9.8 CRITICAL |
| Due to unsafe deserialization used in SAP Commerce Cloud (virtualjdbc extension), versions 6.4, 6.5, 6.6, 6.7, 1808, 1811, 1905, it is possible to execute arbitrary code on a target machine with 'Hybris' user rights, resulting in Code Injection. | |||||
| CVE-2019-0403 | 1 Sap | 1 Enable Now | 2020-08-24 | 7.5 HIGH | 9.8 CRITICAL |
| SAP Enable Now, before version 1911, allows an attacker to input commands into the CSV files, which will be executed when opened, leading to CSV Command Injection. | |||||
| CVE-2019-0547 | 1 Microsoft | 1 Windows 10 | 2020-08-24 | 7.5 HIGH | 9.8 CRITICAL |
| A memory corruption vulnerability exists in the Windows DHCP client when an attacker sends specially crafted DHCP responses to a client, aka "Windows DHCP Client Remote Code Execution Vulnerability." This affects Windows 10, Windows 10 Servers. | |||||
| CVE-2019-0586 | 1 Microsoft | 1 Exchange Server | 2020-08-24 | 10.0 HIGH | 9.8 CRITICAL |
| A remote code execution vulnerability exists in Microsoft Exchange software when the software fails to properly handle objects in memory, aka "Microsoft Exchange Memory Corruption Vulnerability." This affects Microsoft Exchange Server. | |||||
| CVE-2019-0626 | 1 Microsoft | 8 Windows 10, Windows 7, Windows 8.1 and 5 more | 2020-08-24 | 7.5 HIGH | 9.8 CRITICAL |
| A memory corruption vulnerability exists in the Windows Server DHCP service when an attacker sends specially crafted packets to a DHCP server, aka 'Windows DHCP Server Remote Code Execution Vulnerability'. | |||||
| CVE-2019-0697 | 1 Microsoft | 3 Windows 10, Windows Server 2016, Windows Server 2019 | 2020-08-24 | 7.5 HIGH | 9.8 CRITICAL |
| A memory corruption vulnerability exists in the Windows DHCP client when an attacker sends specially crafted DHCP responses to a client, aka 'Windows DHCP Client Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-0698, CVE-2019-0726. | |||||