Search
Total
17685 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2018-1078 | 1 Opendaylight | 1 Openflow | 2019-10-09 | 7.5 HIGH | 9.8 CRITICAL |
| OpenDayLight version Carbon SR3 and earlier contain a vulnerability during node reconciliation that can result in traffic flows that should be expired or should expire shortly being re-installed and their timers reset resulting in traffic being allowed that should be expired. | |||||
| CVE-2018-1163 | 1 Quest | 1 Netvault Backup | 2019-10-09 | 10.0 HIGH | 9.8 CRITICAL |
| This vulnerability allows remote attackers to bypass authentication on vulnerable installations of Quest NetVault Backup 11.2.0.13. The specific flaw exists within JSON RPC Request handling. By setting the checksession parameter to a specific value, it is possible to bypass authentication to critical functions. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of SYSTEM. Was ZDI-CAN-4752. | |||||
| CVE-2018-1264 | 1 Pivotal Software | 1 Cloud Foundry Log Cache | 2019-10-09 | 5.0 MEDIUM | 9.8 CRITICAL |
| Cloud Foundry Log Cache, versions prior to 1.1.1, logs its UAA client secret on startup as part of its envstruct report. A remote attacker who has gained access to the Log Cache VM can read this secret, gaining all privileges held by the Log Cache UAA client. In the worst case, if this client is an admin, the attacker would gain complete control over the Foundation. | |||||
| CVE-2018-1085 | 1 Redhat | 1 Openshift Container Platform | 2019-10-09 | 10.0 HIGH | 9.8 CRITICAL |
| openshift-ansible before versions 3.9.23, 3.7.46 deploys a misconfigured etcd file that causes the SSL client certificate authentication to be disabled. Quotations around the values of ETCD_CLIENT_CERT_AUTH and ETCD_PEER_CLIENT_CERT_AUTH in etcd.conf result in etcd being configured to allow remote users to connect without any authentication if they can access the etcd server bound to the network on the master nodes. An attacker could use this flaw to read and modify all the data about the Openshift cluster in the etcd datastore, potentially adding another compute node, or bringing down the entire cluster. | |||||
| CVE-2018-1567 | 1 Ibm | 1 Websphere Application Server | 2019-10-09 | 7.5 HIGH | 9.8 CRITICAL |
| IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 could allow remote attackers to execute arbitrary Java code through the SOAP connector with a serialized object from untrusted sources. IBM X-Force ID: 143024. | |||||
| CVE-2018-1072 | 2 Ovirt, Redhat | 2 Ovirt, Enterprise Virtualization Manager | 2019-10-09 | 5.0 MEDIUM | 9.8 CRITICAL |
| ovirt-engine before version ovirt 4.2.2 is vulnerable to an information exposure through log files. When engine-backup was run with one of the options "--provision*db", the database username and password were logged in cleartext. Sharing the provisioning log might inadvertently leak database passwords. | |||||
| CVE-2018-1742 | 1 Ibm | 1 Security Key Lifecycle Manager | 2019-10-09 | 7.2 HIGH | 9.3 CRITICAL |
| IBM Tivoli Key Lifecycle Manager 2.6, 2.7, and 3.0 contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data. IBM X-Force ID: 148421. | |||||
| CVE-2018-1117 | 2 Ovirt, Redhat | 2 Ovirt-ansible-roles, Enterprise Virtualization | 2019-10-09 | 5.0 MEDIUM | 9.8 CRITICAL |
| ovirt-ansible-roles before version 1.0.6 has a vulnerability due to a missing no_log directive, resulting in the 'Add oVirt Provider to ManageIQ/CloudForms' playbook inadvertently disclosing admin passwords in the provisioning log. In an environment where logs are shared with other parties, this could lead to privilege escalation. | |||||
| CVE-2018-19641 | 1 Microfocus | 1 Solutions Business Manager | 2019-10-09 | 7.5 HIGH | 9.8 CRITICAL |
| Unauthenticated remote code execution issue in Micro Focus Solutions Business Manager (SBM) (formerly Serena Business Manager (SBM)) versions prior to 11.5. | |||||
| CVE-2018-17922 | 1 Circontrol | 2 Circarlife, Circarlife Firmware | 2019-10-09 | 5.0 MEDIUM | 9.8 CRITICAL |
| Circontrol CirCarLife all versions prior to 4.3.1, the PAP credentials of the device are stored in clear text in a log file that is accessible without authentication. | |||||
| CVE-2018-19007 | 1 Geutebrueck | 4 G-cam\/efd-2251, G-cam\/efd-2251 Firmware, G-cam\/ewpc-2275 and 1 more | 2019-10-09 | 10.0 HIGH | 9.8 CRITICAL |
| In Geutebrueck GmbH E2 Camera Series versions prior to 1.12.0.25 the DDNS configuration (in the Network Configuration panel) is vulnerable to an OS system command injection as root. | |||||
| CVE-2018-17936 | 1 Nuuo | 1 Nuuo Cms | 2019-10-09 | 7.5 HIGH | 9.8 CRITICAL |
| NUUO CMS All versions 3.3 and prior the application allows the upload of arbitrary files that can modify or overwrite configuration files to the server, which could allow remote code execution. | |||||
| CVE-2018-19276 | 1 Openmrs | 1 Openmrs | 2019-10-09 | 10.0 HIGH | 9.8 CRITICAL |
| OpenMRS before 2.24.0 is affected by an Insecure Object Deserialization vulnerability that allows an unauthenticated user to execute arbitrary commands on the targeted system via crafted XML data in a request body. | |||||
| CVE-2018-18998 | 1 Lcds | 1 Laquis Scada | 2019-10-09 | 7.5 HIGH | 9.8 CRITICAL |
| LCDS Laquis SCADA prior to version 4.1.0.4150 uses hard coded credentials, which may allow an attacker unauthorized access to the system with high privileges. | |||||
| CVE-2018-17915 | 1 Xiongmaitech | 1 Xmeye P2p Cloud Server | 2019-10-09 | 6.4 MEDIUM | 9.8 CRITICAL |
| All versions of Hangzhou Xiongmai Technology Co., Ltd XMeye P2P Cloud Server do not encrypt all device communication. This includes the XMeye service and firmware update communication. This could allow an attacker to eavesdrop on video feeds, steal XMeye login credentials, or impersonate the update server with malicious update code. | |||||
| CVE-2018-17900 | 1 Yokogawa | 8 Fcj, Fcj Firmware, Fcn-100 and 5 more | 2019-10-09 | 5.0 MEDIUM | 9.8 CRITICAL |
| Yokogawa STARDOM Controllers FCJ, FCN-100, FCN-RTU, FCN-500, All versions R4.10 and prior, The web application improperly protects credentials which could allow an attacker to obtain credentials for remote access to controllers. | |||||
| CVE-2018-17918 | 1 Circontrol | 2 Circarlife, Circarlife Firmware | 2019-10-09 | 7.5 HIGH | 9.8 CRITICAL |
| Circontrol CirCarLife all versions prior to 4.3.1, authentication to the device can be bypassed by entering the URL of a specific page. | |||||
| CVE-2018-18995 | 1 Abb | 4 Gate-e1, Gate-e1 Firmware, Gate-e2 and 1 more | 2019-10-09 | 7.5 HIGH | 9.8 CRITICAL |
| Pluto Safety PLC Gateway Ethernet devices ABB GATE-E1 and GATE-E2 all versions do not allow authentication to be configured on administrative telnet or web interfaces, which could enable various effects vectors, including conducting device resets, reading or modifying registers, and changing configuration settings such as IP addresses. | |||||
| CVE-2018-17893 | 1 Lcds | 1 Laquis Scada | 2019-10-09 | 7.5 HIGH | 9.8 CRITICAL |
| LAquis SCADA Versions 4.1.0.3870 and prior has an untrusted pointer dereference vulnerability, which may allow remote code execution. | |||||
| CVE-2018-17894 | 1 Nuuo | 1 Nuuo Cms | 2019-10-09 | 7.5 HIGH | 9.8 CRITICAL |
| NUUO CMS all versions 3.1 and prior, The application creates default accounts that have hard-coded passwords, which could allow an attacker to gain privileged access. | |||||
| CVE-2018-18996 | 1 Lcds | 1 Laquis Scada | 2019-10-09 | 7.5 HIGH | 9.8 CRITICAL |
| LCDS Laquis SCADA prior to version 4.1.0.4150 allows taking in user input without proper authorization or sanitation, which may allow an attacker to execute remote code on the server. | |||||
| CVE-2018-18814 | 1 Tibco | 2 Spotfire Analytics Platform For Aws, Spotfire Server | 2019-10-09 | 7.5 HIGH | 9.8 CRITICAL |
| The TIBCO Spotfire authentication component of TIBCO Software Inc.'s TIBCO Spotfire Analytics Platform for AWS Marketplace, and TIBCO Spotfire Server contains a vulnerability in the handling of the authentication that theoretically may allow an attacker to gain full access to a target account, independent of configured authentication mechanisms. Affected releases are TIBCO Software Inc. TIBCO Spotfire Analytics Platform for AWS Marketplace: versions up to and including 10.0.0, and TIBCO Spotfire Server: versions up to and including 7.10.1; 7.11.0; 7.11.1; 7.12.0; 7.13.0; 7.14.0. | |||||
| CVE-2018-17895 | 1 Lcds | 1 Laquis Scada | 2019-10-09 | 7.5 HIGH | 9.8 CRITICAL |
| LAquis SCADA Versions 4.1.0.3870 and prior has several out-of-bounds read vulnerabilities, which may allow remote code execution. | |||||
| CVE-2018-17934 | 1 Nuuo | 1 Nuuo Cms | 2019-10-09 | 7.5 HIGH | 9.8 CRITICAL |
| NUUO CMS All versions 3.3 and prior the application allows external input to construct a pathname that is able to be resolved outside the intended directory. This could allow an attacker to impersonate a legitimate user, obtain restricted information, or execute arbitrary code. | |||||
| CVE-2018-16489 | 1 Just-extend Project | 1 Just-extend | 2019-10-09 | 7.5 HIGH | 9.8 CRITICAL |
| A prototype pollution vulnerability was found in just-extend <4.0.0 that allows attack to inject properties onto Object.prototype through its functions. | |||||
| CVE-2018-17888 | 1 Nuuo | 1 Nuuo Cms | 2019-10-09 | 7.5 HIGH | 9.8 CRITICAL |
| NUUO CMS all versions 3.1 and prior, The application uses a session identification mechanism that could allow attackers to obtain the active session ID, which could allow arbitrary remote code execution. | |||||
| CVE-2018-16486 | 1 Defaults-deep Project | 1 Defaults-deep | 2019-10-09 | 7.5 HIGH | 9.8 CRITICAL |
| A prototype pollution vulnerability was found in defaults-deep <=0.2.4 that would allow a malicious user to inject properties onto Object.prototype. | |||||
| CVE-2018-16461 | 1 Libnmap Project | 1 Libnmap | 2019-10-09 | 10.0 HIGH | 9.8 CRITICAL |
| A command injection vulnerability in libnmapp package for versions <0.4.16 allows arbitrary commands to be executed via arguments to the range options. | |||||
| CVE-2018-16462 | 1 Apex-publish-static-files Project | 1 Apex-publish-static-files | 2019-10-09 | 10.0 HIGH | 10.0 CRITICAL |
| A command injection vulnerability in the apex-publish-static-files npm module version <2.0.1 which allows arbitrary shell command execution through a maliciously crafted argument. | |||||
| CVE-2018-16850 | 3 Canonical, Postgresql, Redhat | 3 Ubuntu Linux, Postgresql, Enterprise Linux | 2019-10-09 | 7.5 HIGH | 9.8 CRITICAL |
| postgresql before versions 11.1, 10.6 is vulnerable to a to SQL injection in pg_upgrade and pg_dump via CREATE TRIGGER ... REFERENCING. Using a purpose-crafted trigger definition, an attacker can cause arbitrary SQL statements to run, with superuser privileges. | |||||
| CVE-2018-16839 | 3 Canonical, Debian, Haxx | 3 Ubuntu Linux, Debian Linux, Curl | 2019-10-09 | 7.5 HIGH | 9.8 CRITICAL |
| Curl versions 7.33.0 through 7.61.1 are vulnerable to a buffer overrun in the SASL authentication code that may lead to denial of service. | |||||
| CVE-2018-16491 | 1 Dreamerslab | 1 Node.extend | 2019-10-09 | 7.5 HIGH | 9.8 CRITICAL |
| A prototype pollution vulnerability was found in node.extend <1.1.7, ~<2.0.1 that allows an attacker to inject arbitrary properties onto Object.prototype. | |||||
| CVE-2018-16492 | 1 Extend Project | 1 Extend | 2019-10-09 | 7.5 HIGH | 9.8 CRITICAL |
| A prototype pollution vulnerability was found in module extend <2.0.2, ~<3.0.2 that allows an attacker to inject arbitrary properties onto Object.prototype. | |||||
| CVE-2018-16840 | 2 Canonical, Haxx | 2 Ubuntu Linux, Curl | 2019-10-09 | 7.5 HIGH | 9.8 CRITICAL |
| A heap use-after-free flaw was found in curl versions from 7.59.0 through 7.61.1 in the code related to closing an easy handle. When closing and cleaning up an 'easy' handle in the `Curl_close()` function, the library code first frees a struct (without nulling the pointer) and might then subsequently erroneously write to a struct field within that already freed struct. | |||||
| CVE-2018-16460 | 1 Umbraengineering | 1 Ps | 2019-10-09 | 7.5 HIGH | 9.8 CRITICAL |
| A command Injection in ps package versions <1.0.0 for Node.js allowed arbitrary commands to be executed when attacker controls the PID. | |||||
| CVE-2018-15394 | 1 Cisco | 1 Stealthwatch Enterprise | 2019-10-09 | 7.5 HIGH | 9.8 CRITICAL |
| A vulnerability in the Stealthwatch Management Console (SMC) of Cisco Stealthwatch Enterprise could allow an unauthenticated, remote attacker to bypass authentication and execute arbitrary actions with administrative privileges on an affected system. The vulnerability is due to an insecure system configuration. An attacker could exploit this vulnerability by sending a crafted HTTP request to the targeted application. An exploit could allow the attacker to gain unauthenticated access, resulting in elevated privileges in the SMC. | |||||
| CVE-2018-14826 | 1 Entes | 2 Emg-12, Emg-12 Firmware | 2019-10-09 | 7.5 HIGH | 9.8 CRITICAL |
| Entes EMG12 versions 2.57 and prior The application uses a web interface where it is possible for an attacker to bypass authentication with a specially crafted URL. This could allow for remote code execution. | |||||
| CVE-2018-14829 | 1 Rockwellautomation | 1 Rslinx | 2019-10-09 | 7.5 HIGH | 9.8 CRITICAL |
| Rockwell Automation RSLinx Classic Versions 4.00.01 and prior. This vulnerability may allow a remote threat actor to intentionally send a malformed CIP packet to Port 44818, causing the software application to stop responding and crash. This vulnerability also has the potential to exploit a buffer overflow condition, which may allow the threat actor to remotely execute arbitrary code. | |||||
| CVE-2018-15447 | 1 Cisco | 1 Integrated Management Controller | 2019-10-09 | 7.5 HIGH | 9.8 CRITICAL |
| A vulnerability in the web framework code of Cisco Integrated Management Controller (IMC) Supervisor could allow an unauthenticated, remote attacker to execute arbitrary SQL queries. The vulnerability is due to a lack of proper validation of user-supplied input in SQL queries. An attacker could exploit this vulnerability by sending crafted URLs that contain malicious SQL statements to the affected application. | |||||
| CVE-2018-14809 | 1 Fujielectric | 2 V-server, V-server Firmware | 2019-10-09 | 7.5 HIGH | 9.8 CRITICAL |
| Fuji Electric V-Server 4.0.3.0 and prior, A use after free vulnerability has been identified, which may allow remote code execution. | |||||
| CVE-2018-14790 | 1 Fujielectric | 7 Frenic-ace, Frenic-eco, Frenic-mega and 4 more | 2019-10-09 | 10.0 HIGH | 9.8 CRITICAL |
| Fuji Electric FRENIC LOADER v3.3 v7.3.4.1a of FRENIC-Mini (C1), FRENIC-Mini (C2), FRENIC-Eco, FRENIC-Multi, FRENIC-MEGA, FRENIC-Ace. A buffer over-read vulnerability may allow remote code execution on the device. | |||||
| CVE-2018-15379 | 1 Cisco | 1 Prime Infrastructure | 2019-10-09 | 7.5 HIGH | 9.8 CRITICAL |
| A vulnerability in which the HTTP web server for Cisco Prime Infrastructure (PI) has unrestricted directory permissions could allow an unauthenticated, remote attacker to upload an arbitrary file. This file could allow the attacker to execute commands at the privilege level of the user prime. This user does not have administrative or root privileges. The vulnerability is due to an incorrect permission setting for important system directories. An attacker could exploit this vulnerability by uploading a malicious file by using TFTP, which can be accessed via the web-interface GUI. A successful exploit could allow the attacker to run commands on the targeted application without authentication. | |||||
| CVE-2018-15441 | 1 Cisco | 1 Prime License Manager | 2019-10-09 | 7.5 HIGH | 9.8 CRITICAL |
| A vulnerability in the web framework code of Cisco Prime License Manager (PLM) could allow an unauthenticated, remote attacker to execute arbitrary SQL queries. The vulnerability is due to a lack of proper validation of user-supplied input in SQL queries. An attacker could exploit this vulnerability by sending crafted HTTP POST requests that contain malicious SQL statements to an affected application. A successful exploit could allow the attacker to modify and delete arbitrary data in the PLM database or gain shell access with the privileges of the postgres user. | |||||
| CVE-2018-14811 | 1 Fujielectric | 2 V-server, V-server Firmware | 2019-10-09 | 7.5 HIGH | 9.8 CRITICAL |
| Fuji Electric V-Server 4.0.3.0 and prior, Multiple untrusted pointer dereference vulnerabilities have been identified, which may allow remote code execution. | |||||
| CVE-2018-15389 | 1 Cisco | 1 Prime Collaboration | 2019-10-09 | 7.5 HIGH | 9.8 CRITICAL |
| A vulnerability in the install function of Cisco Prime Collaboration Provisioning (PCP) could allow an unauthenticated, remote attacker to access the administrative web interface using a default hard-coded username and password that are used during install. The vulnerability is due to a hard-coded password that, in some cases, is not replaced with a unique password. A successful exploit could allow the attacker to access the administrative web interface with administrator-level privileges. | |||||
| CVE-2018-15721 | 1 Logitech | 2 Harmony Hub, Harmony Hub Firmware | 2019-10-09 | 7.5 HIGH | 9.8 CRITICAL |
| The XMPP server in Logitech Harmony Hub before version 4.15.206 is vulnerable to authentication bypass via a crafted XMPP request. Remote attackers can use this vulnerability to gain access to the local API. | |||||
| CVE-2018-15381 | 1 Cisco | 1 Unity Express | 2019-10-09 | 10.0 HIGH | 9.8 CRITICAL |
| A Java deserialization vulnerability in Cisco Unity Express (CUE) could allow an unauthenticated, remote attacker to execute arbitrary shell commands with the privileges of the root user. The vulnerability is due to insecure deserialization of user-supplied content by the affected software. An attacker could exploit this vulnerability by sending a malicious serialized Java object to the listening Java Remote Method Invocation (RMI) service. A successful exploit could allow the attacker to execute arbitrary commands on the device with root privileges. | |||||
| CVE-2018-15556 | 1 Actiontec | 2 Web6000q, Web6000q Firmware | 2019-10-09 | 10.0 HIGH | 9.8 CRITICAL |
| The Quantenna WiFi Controller on Telus Actiontec WEB6000Q v1.1.02.22 allows login with root level access with the user "root" and an empty password by using the enabled onboard UART headers. | |||||
| CVE-2018-15427 | 1 Cisco | 2 Connected Safety And Security Ucs C220, Video Surveillance Manager | 2019-10-09 | 10.0 HIGH | 9.8 CRITICAL |
| A vulnerability in Cisco Video Surveillance Manager (VSM) Software running on certain Cisco Connected Safety and Security Unified Computing System (UCS) platforms could allow an unauthenticated, remote attacker to log in to an affected system by using the root account, which has default, static user credentials. The vulnerability is due to the presence of undocumented, default, static user credentials for the root account of the affected software on certain systems. An attacker could exploit this vulnerability by using the account to log in to an affected system. A successful exploit could allow the attacker to log in to the affected system and execute arbitrary commands as the root user. | |||||
| CVE-2018-15616 | 1 Avaya | 1 Avaya Aura System Platform | 2019-10-09 | 7.5 HIGH | 9.8 CRITICAL |
| A vulnerability in the Web UI component of Avaya Aura System Platform could allow a remote, unauthenticated user to perform a targeted deserialization attack that could result in remote code execution. Affected versions of System Platform includes 6.3.0 through 6.3.9 and 6.4.0 through 6.4.2. | |||||