Search
Total
17685 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2018-17382 | 1 Thephpfactory | 1 Jobs Factory | 2018-11-15 | 7.5 HIGH | 9.8 CRITICAL |
| SQL Injection exists in the Jobs Factory 2.0.4 component for Joomla! via the filter_letter parameter. | |||||
| CVE-2018-17383 | 1 Thephpfactory | 1 Collection Factory | 2018-11-15 | 7.5 HIGH | 9.8 CRITICAL |
| SQL Injection exists in the Collection Factory 4.1.9 component for Joomla! via the filter_order or filter_order_Dir parameter. | |||||
| CVE-2018-17394 | 1 Osthemeclub | 1 Timetable Schedule | 2018-11-14 | 7.5 HIGH | 9.8 CRITICAL |
| SQL Injection exists in the Timetable Schedule 3.6.8 component for Joomla! via the eid parameter. | |||||
| CVE-2018-17391 | 1 Super Cms Blog Pro Project | 1 Super Cms Blog Pro | 2018-11-14 | 7.5 HIGH | 9.8 CRITICAL |
| SQL Injection exists in authors_post.php in Super Cms Blog Pro 1.0 via the author parameter. | |||||
| CVE-2018-17385 | 1 Thephpfactory | 1 Social Factory | 2018-11-14 | 7.5 HIGH | 9.8 CRITICAL |
| SQL Injection exists in the Social Factory 3.8.3 component for Joomla! via the radius[lat], radius[lng], or radius[radius] parameter. | |||||
| CVE-2018-17397 | 1 Multiplanet | 1 Alphaindex Dictionaries | 2018-11-14 | 7.5 HIGH | 9.8 CRITICAL |
| SQL Injection exists in the AlphaIndex Dictionaries 1.0 component for Joomla! via the letter parameter. | |||||
| CVE-2018-17377 | 1 Extensiondeveloper | 1 Questions | 2018-11-14 | 7.5 HIGH | 9.8 CRITICAL |
| SQL Injection exists in the Questions 1.4.3 component for Joomla! via the term, userid, users, or groups parameter. | |||||
| CVE-2018-17376 | 1 Thephpfactory | 1 Reverse Auction Factory | 2018-11-14 | 7.5 HIGH | 9.8 CRITICAL |
| SQL Injection exists in the Reverse Auction Factory 4.3.8 component for Joomla! via the filter_order_Dir, cat, or filter_letter parameter. | |||||
| CVE-2018-17384 | 1 Thephpfactory | 1 Swap Factory | 2018-11-14 | 7.5 HIGH | 9.8 CRITICAL |
| SQL Injection exists in the Swap Factory 2.2.1 component for Joomla! via the filter_order_Dir or filter_order parameter. | |||||
| CVE-2016-1000030 | 2 Pidgin, Suse | 2 Pidgin, Linux Enterprise Server | 2018-11-14 | 7.5 HIGH | 9.8 CRITICAL |
| Pidgin version <2.11.0 contains a vulnerability in X.509 Certificates imports specifically due to improper check of return values from gnutls_x509_crt_init() and gnutls_x509_crt_import() that can result in code execution. This attack appear to be exploitable via custom X.509 certificate from another client. This vulnerability appears to have been fixed in 2.11.0. | |||||
| CVE-2018-17378 | 1 Thephpfactory | 1 Penny Auction Factory | 2018-11-14 | 7.5 HIGH | 9.8 CRITICAL |
| SQL Injection exists in the Penny Auction Factory 2.0.4 component for Joomla! via the filter_order_Dir or filter_order parameter. | |||||
| CVE-2018-16590 | 1 Furuno | 4 Felcom 250, Felcom 250 Firmware, Felcom 500 and 1 more | 2018-11-14 | 10.0 HIGH | 9.8 CRITICAL |
| FURUNO FELCOM 250 and 500 devices use only client-side JavaScript in login.js for authentication. | |||||
| CVE-2018-17375 | 1 Joomlathat | 1 Music Collection | 2018-11-14 | 7.5 HIGH | 9.8 CRITICAL |
| SQL Injection exists in the Music Collection 3.0.3 component for Joomla! via the id parameter. | |||||
| CVE-2018-16710 | 1 Octoprint | 1 Octoprint | 2018-11-14 | 6.4 MEDIUM | 9.1 CRITICAL |
| ** DISPUTED ** OctoPrint through 1.3.9 allows remote attackers to obtain sensitive information or cause a denial of service via HTTP requests on port 8081. NOTE: the vendor disputes the significance of this report because their documentation states that with "blind port forwarding ... Putting OctoPrint onto the public internet is a terrible idea, and I really can't emphasize that enough." | |||||
| CVE-2018-17607 | 1 Foxitsoftware | 2 Phantompdf, Reader | 2018-11-14 | 7.5 HIGH | 9.8 CRITICAL |
| Foxit PhantomPDF and Reader before 9.3 allow remote attackers to execute arbitrary code or cause a denial of service (use-after-free) because properties of Annotation objects are mishandled. This relates to one of five distinct types of Annotation objects. | |||||
| CVE-2018-17608 | 1 Foxitsoftware | 2 Phantompdf, Reader | 2018-11-14 | 7.5 HIGH | 9.8 CRITICAL |
| Foxit PhantomPDF and Reader before 9.3 allow remote attackers to execute arbitrary code or cause a denial of service (use-after-free) because properties of Annotation objects are mishandled. This relates to one of five distinct types of Annotation objects. | |||||
| CVE-2018-17609 | 1 Foxitsoftware | 2 Phantompdf, Reader | 2018-11-14 | 7.5 HIGH | 9.8 CRITICAL |
| Foxit PhantomPDF and Reader before 9.3 allow remote attackers to execute arbitrary code or cause a denial of service (use-after-free) because properties of Annotation objects are mishandled. This relates to one of five distinct types of Annotation objects. | |||||
| CVE-2018-17610 | 1 Foxitsoftware | 2 Phantompdf, Reader | 2018-11-14 | 7.5 HIGH | 9.8 CRITICAL |
| Foxit PhantomPDF and Reader before 9.3 allow remote attackers to execute arbitrary code or cause a denial of service (use-after-free) because properties of Annotation objects are mishandled. This relates to one of five distinct types of Annotation objects. | |||||
| CVE-2018-17611 | 1 Foxitsoftware | 2 Phantompdf, Reader | 2018-11-14 | 7.5 HIGH | 9.8 CRITICAL |
| Foxit PhantomPDF and Reader before 9.3 allow remote attackers to execute arbitrary code or cause a denial of service (use-after-free) because properties of Annotation objects are mishandled. This relates to one of five distinct types of Annotation objects. | |||||
| CVE-2018-16283 | 1 Wechat Brodcast Project | 1 Wechat Brodcast | 2018-11-14 | 7.5 HIGH | 9.8 CRITICAL |
| The Wechat Broadcast plugin 1.2.0 and earlier for WordPress allows Directory Traversal via the Image.php url parameter. | |||||
| CVE-2015-8298 | 1 Rxtec | 1 Rxadmin | 2018-11-13 | 7.5 HIGH | 9.8 CRITICAL |
| Multiple SQL injection vulnerabilities in the login page in RXTEC RXAdmin UPDATE 06 / 2012 allow remote attackers to execute arbitrary SQL commands via the (1) loginpassword, (2) loginusername, (3) zusatzlicher, or (4) groupid parameter to index.htm, or the (5) rxtec cookie to index.htm. | |||||
| CVE-2018-15484 | 1 Kone | 2 Group Controller, Group Controller Firmware | 2018-11-13 | 10.0 HIGH | 9.8 CRITICAL |
| An issue was discovered on KONE Group Controller (KGC) devices before 4.6.5. Unauthenticated Remote Code Execution is possible through the open HTTP interface by modifying autoexec.bat, aka KONE-01. | |||||
| CVE-2018-15485 | 1 Kone | 2 Group Controller, Group Controller Firmware | 2018-11-13 | 6.4 MEDIUM | 9.1 CRITICAL |
| An issue was discovered on KONE Group Controller (KGC) devices before 4.6.5. FTP does not require authentication or authorization, aka KONE-03. | |||||
| CVE-2018-0664 | 1 Nomachine | 1 Nomachine | 2018-11-13 | 7.5 HIGH | 9.8 CRITICAL |
| A vulnerability in NoMachine App for Android 5.0.63 and earlier allows attackers to alter environment variables via unspecified vectors. | |||||
| CVE-2016-7167 | 2 Fedoraproject, Haxx | 2 Fedora, Libcurl | 2018-11-13 | 7.5 HIGH | 9.8 CRITICAL |
| Multiple integer overflows in the (1) curl_escape, (2) curl_easy_escape, (3) curl_unescape, and (4) curl_easy_unescape functions in libcurl before 7.50.3 allow attackers to have unspecified impact via a string of length 0xffffffff, which triggers a heap-based buffer overflow. | |||||
| CVE-2017-8816 | 2 Debian, Haxx | 3 Debian Linux, Curl, Libcurl | 2018-11-13 | 7.5 HIGH | 9.8 CRITICAL |
| The NTLM authentication feature in curl and libcurl before 7.57.0 on 32-bit platforms allows attackers to cause a denial of service (integer overflow and resultant buffer overflow, and application crash) or possibly have unspecified other impact via vectors involving long user and password fields. | |||||
| CVE-2017-8817 | 2 Debian, Haxx | 3 Debian Linux, Curl, Libcurl | 2018-11-13 | 7.5 HIGH | 9.8 CRITICAL |
| The FTP wildcard function in curl and libcurl before 7.57.0 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) or possibly have unspecified other impact via a string that ends with an '[' character. | |||||
| CVE-2016-8618 | 1 Haxx | 1 Curl | 2018-11-13 | 7.5 HIGH | 9.8 CRITICAL |
| The libcurl API function called `curl_maprintf()` before version 7.51.0 can be tricked into doing a double-free due to an unsafe `size_t` multiplication, on systems using 32 bit `size_t` variables. | |||||
| CVE-2016-8622 | 1 Haxx | 1 Libcurl | 2018-11-13 | 7.5 HIGH | 9.8 CRITICAL |
| The URL percent-encoding decode function in libcurl before 7.51.0 is called `curl_easy_unescape`. Internally, even if this function would be made to allocate a unscape destination buffer larger than 2GB, it would return that new length in a signed 32 bit integer variable, thus the length would get either just truncated or both truncated and turned negative. That could then lead to libcurl writing outside of its heap based buffer. | |||||
| CVE-2017-1000257 | 2 Debian, Haxx | 2 Debian Linux, Libcurl | 2018-11-13 | 6.4 MEDIUM | 9.1 CRITICAL |
| An IMAP FETCH response line indicates the size of the returned data, in number of bytes. When that response says the data is zero bytes, libcurl would pass on that (non-existing) data with a pointer and the size (zero) to the deliver-data function. libcurl's deliver-data function treats zero as a magic number and invokes strlen() on the data to figure out the length. The strlen() is called on a heap based buffer that might not be zero terminated so libcurl might read beyond the end of it into whatever memory lies after (or just crash) and then deliver that to the application as if it was actually downloaded. | |||||
| CVE-2018-3904 | 1 Samsung | 2 Sth-eth-250, Sth-eth-250 Firmware | 2018-11-09 | 9.0 HIGH | 9.9 CRITICAL |
| An exploitable buffer overflow vulnerability exists in the camera 'update' feature of video-core's HTTP server of Samsung SmartThings Hub STH-ETH-250 - Firmware version 0.20.17. The video-core process incorrectly extracts fields from a user-controlled JSON payload, leading to a buffer overflow on the stack. An attacker can send an HTTP request to trigger this vulnerability. | |||||
| CVE-2018-15904 | 1 A10networks | 1 Acos Web Application Firewall | 2018-11-09 | 7.5 HIGH | 9.8 CRITICAL |
| A10 ACOS Web Application Firewall (WAF) 2.7.1 and 2.7.2 before 2.7.2-P12, 4.1.0 before 4.1.0-P11, 4.1.1 before 4.1.1-P8, and 4.1.2 before 4.1.2-P4 mishandles the configured rules for blocking SQL injection attacks, aka A10-2017-0008. | |||||
| CVE-2018-14592 | 1 Cwjoomla | 2 Cw Article Attachments Free, Cw Article Attachments Pro | 2018-11-09 | 7.5 HIGH | 9.8 CRITICAL |
| The CWJoomla CW Article Attachments PRO extension before 2.0.7 and CW Article Attachments FREE extension before 1.0.6 for Joomla! allow SQL Injection within download.php. | |||||
| CVE-2018-17243 | 1 Zohocorp | 1 Manageengine Opmanager | 2018-11-09 | 7.5 HIGH | 9.8 CRITICAL |
| Global Search in Zoho ManageEngine OpManager before 12.3 123205 allows SQL Injection. | |||||
| CVE-2018-17110 | 1 Tecdiary | 1 Simple Pos | 2018-11-09 | 7.5 HIGH | 9.8 CRITICAL |
| Simple POS 4.0.24 allows SQL Injection via a products/get_products/ columns[0][search][value] parameter in the management panel, as demonstrated by products/get_products/1. | |||||
| CVE-2018-15477 | 1 Mystrom | 2 Wifi Switch, Wifi Switch Firmware | 2018-11-09 | 10.0 HIGH | 9.8 CRITICAL |
| myStrom WiFi Switch V1 devices before 2.66 did not sanitize a parameter received from the cloud that was used in an OS command. Malicious servers were able to run operating system commands on the device. | |||||
| CVE-2017-5543 | 1 Intelliants | 1 Subrion | 2018-11-08 | 7.5 HIGH | 9.8 CRITICAL |
| includes/classes/ia.core.users.php in Subrion CMS 4.0.5 allows remote attackers to conduct PHP Object Injection attacks via crafted serialized data in a salt cookie in a login request. | |||||
| CVE-2018-16115 | 1 Lightbend | 1 Akka | 2018-11-08 | 6.4 MEDIUM | 9.1 CRITICAL |
| Lightbend Akka 2.5.x before 2.5.16 allows message disclosure and modification because of an RNG error. A random number generator is used in Akka Remoting for TLS (both classic and Artery Remoting). Akka allows configuration of custom random number generators. For historical reasons, Akka included the AES128CounterSecureRNG and AES256CounterSecureRNG random number generators. The implementations had a bug that caused the generated numbers to be repeated after only a few bytes. The custom RNG implementations were not configured by default but examples in the documentation showed (and therefore implicitly recommended) using the custom ones. This can be used by an attacker to compromise the communication if these random number generators are enabled in configuration. It would be possible to eavesdrop, replay, or modify the messages sent with Akka Remoting/Cluster. | |||||
| CVE-2018-16370 | 1 Pescms | 1 Pescms Team | 2018-11-07 | 7.5 HIGH | 9.8 CRITICAL |
| In PESCMS Team 2.2.1, attackers may upload and execute arbitrary PHP code through /Public/?g=Team&m=Setting&a=upgrade by placing a .php file in a ZIP archive. | |||||
| CVE-2018-16822 | 1 Seacms | 1 Seacms | 2018-11-07 | 7.5 HIGH | 9.8 CRITICAL |
| SeaCMS 6.64 allows SQL Injection via the upload/admin/admin_video.php order parameter. | |||||
| CVE-2017-15398 | 3 Debian, Google, Redhat | 5 Debian Linux, Chrome, Enterprise Linux Desktop and 2 more | 2018-11-07 | 7.5 HIGH | 9.8 CRITICAL |
| A stack buffer overflow in the QUIC networking stack in Google Chrome prior to 62.0.3202.89 allowed a remote attacker to gain code execution via a malicious server. | |||||
| CVE-2018-16286 | 1 Lg | 1 Supersign Cms | 2018-11-07 | 5.0 MEDIUM | 9.8 CRITICAL |
| LG SuperSign CMS allows authentication bypass because the CAPTCHA requirement is skipped if a captcha:pass cookie is sent, and because the PIN is limited to four digits. | |||||
| CVE-2018-16287 | 1 Lg | 1 Supersign Cms | 2018-11-07 | 7.5 HIGH | 9.8 CRITICAL |
| LG SuperSign CMS allows file upload via signEzUI/playlist/edit/upload/..%2f URIs. | |||||
| CVE-2018-17035 | 1 Ucms Project | 1 Ucms | 2018-11-07 | 7.5 HIGH | 9.8 CRITICAL |
| UCMS 1.4.6 has SQL injection during installation via the install/index.php mysql_dbname parameter. | |||||
| CVE-2015-9264 | 1 Lansweeper | 1 Lansweeper | 2018-11-07 | 7.5 HIGH | 9.8 CRITICAL |
| Lansweeper 4.x through 6.x before 6.0.0.48 allows attackers to execute arbitrary code on the administrator's workstation via a crafted Windows service. | |||||
| CVE-2014-10074 | 1 Umbraco | 1 Umbraco Cms | 2018-11-06 | 7.5 HIGH | 9.8 CRITICAL |
| Umbraco before 7.2.0 has a remote PHP code execution vulnerability because Umbraco.Web.UI/config/umbracoSettings.Release.config does not block the upload of .php files. | |||||
| CVE-2018-15888 | 1 Aspcms | 1 Aspcms | 2018-11-06 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered in ASPCMS 2.5.6. When registering ordinary users in the addUser function of the /member/reg.asp page, they can be registered with the super administrators GroupID directly. | |||||
| CVE-2017-18345 | 1 Joomanager Project | 1 Joomanager | 2018-11-06 | 5.0 MEDIUM | 9.8 CRITICAL |
| The Joomanager component through 2.0.0 for Joomla! has an arbitrary file download issue, resulting in exposing the credentials of the database via an index.php?option=com_joomanager&controller=details&task=download&path=configuration.php request. | |||||
| CVE-2018-13821 | 1 Ca | 1 Unified Infrastructure Management | 2018-11-05 | 7.5 HIGH | 9.8 CRITICAL |
| A lack of authentication, in CA Unified Infrastructure Management 8.5.1, 8.5, and 8.4.7, allows remote attackers to conduct a variety of attacks, including file reading/writing. | |||||
| CVE-2015-9263 | 1 Idera | 1 Uptime Infrastructure Monitor | 2018-11-05 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered in post2file.php in Up.Time Monitoring Station 7.5.0 (build 16) and 7.4.0 (build 13). It allows an attacker to upload an arbitrary file, such as a .php file that can execute arbitrary OS commands. | |||||