Search
Total
17685 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2016-10525 | 1 Dwyl | 1 Hapi-auth-jwt2 | 2018-07-02 | 7.5 HIGH | 9.8 CRITICAL |
| When attempting to allow authentication mode `try` in hapi, hapi-auth-jwt2 version 5.1.1 introduced an issue whereby people could bypass authentication. | |||||
| CVE-2018-10094 | 1 Dolibarr | 1 Dolibarr | 2018-07-02 | 7.5 HIGH | 9.8 CRITICAL |
| SQL injection vulnerability in Dolibarr before 7.0.2 allows remote attackers to execute arbitrary SQL commands via vectors involving integer parameters without quotes. | |||||
| CVE-2018-8898 | 1 D-link | 2 Dsl-3782, Dsl-3782 Firmware | 2018-07-02 | 7.5 HIGH | 9.8 CRITICAL |
| A flaw in the authentication mechanism in the Login Panel of router D-Link DSL-3782 (A1_WI_20170303 || SWVer="V100R001B012" FWVer="3.10.0.24" FirmVer="TT_77616E6771696F6E67") allows unauthenticated attackers to perform arbitrary modification (read, write) to passwords and configurations meanwhile an administrator is logged into the web panel. | |||||
| CVE-2017-12868 | 2 Php, Simplesamlphp | 2 Php, Simplesamlphp | 2018-07-01 | 7.5 HIGH | 9.8 CRITICAL |
| The secureCompare method in lib/SimpleSAML/Utils/Crypto.php in SimpleSAMLphp 1.14.13 and earlier, when used with PHP before 5.6, allows attackers to conduct session fixation attacks or possibly bypass authentication by leveraging missing character conversions before an XOR operation. | |||||
| CVE-2018-11141 | 1 Quest | 1 Kace System Management Appliance | 2018-06-29 | 7.5 HIGH | 9.8 CRITICAL |
| The 'IMAGES_JSON' and 'attachments_to_remove[]' parameters of the '/adminui/advisory.php' script in the Quest KACE System Management Virtual Appliance 8.0.318 can be abused to write and delete files respectively via Directory Traversal. Files can be at any location where the 'www' user has write permissions. | |||||
| CVE-2018-11136 | 1 Quest | 1 Kace System Management Appliance | 2018-06-29 | 7.5 HIGH | 9.8 CRITICAL |
| The 'orgID' parameter received by the '/common/download_agent_installer.php' script in the Quest KACE System Management Appliance 8.0.318 is not sanitized, leading to SQL injection (in particular, a blind time-based type). | |||||
| CVE-2018-11523 | 1 Nuuo | 2 Nvrmini 2, Nvrmini 2 Firmware | 2018-06-29 | 7.5 HIGH | 9.8 CRITICAL |
| upload.php on NUUO NVRmini 2 devices allows Arbitrary File Upload, such as upload of .php files. | |||||
| CVE-2018-9311 | 1 Bmw | 2 Telematics Control Unit, Telematics Control Unit Firmware | 2018-06-29 | 10.0 HIGH | 9.8 CRITICAL |
| The Telematics Control Unit (aka Telematic Communication Box or TCB), when present on BMW vehicles produced in 2012 through 2018, allows a remote attack via a cellular network. | |||||
| CVE-2018-9318 | 1 Bmw | 2 Telematics Control Unit, Telematics Control Unit Firmware | 2018-06-29 | 10.0 HIGH | 9.8 CRITICAL |
| The Telematics Control Unit (aka Telematic Communication Box or TCB), when present on BMW vehicles produced in 2012 through 2018, allows a remote attack via a cellular network. | |||||
| CVE-2018-6411 | 1 Appnitro | 1 Machform | 2018-06-29 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered in Appnitro MachForm before 4.2.3. When the form is set to filter a blacklist, it automatically adds dangerous extensions to the filters. If the filter is set to a whitelist, the dangerous extensions can be bypassed through ap_form_elements SQL Injection. | |||||
| CVE-2018-11547 | 1 Md4c Project | 1 Md4c | 2018-06-29 | 7.5 HIGH | 9.8 CRITICAL |
| md_is_link_reference_definition_helper in md4c 0.2.5 has a heap-based buffer over-read because md_is_link_label mishandles loop termination. | |||||
| CVE-2018-11546 | 1 Md4c Project | 1 Md4c | 2018-06-29 | 7.5 HIGH | 9.8 CRITICAL |
| md4c 0.2.5 has a heap-based buffer over-read because md_is_named_entity_contents has an off-by-one error. | |||||
| CVE-2018-11535 | 1 Sitemakin | 1 Slac | 2018-06-29 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered in SITEMAKIN SLAC (Site Login and Access Control) v1.0. The parameter "my_item_search" in users.php is exploitable using SQL injection. | |||||
| CVE-2018-6410 | 1 Appnitro | 1 Machform | 2018-06-28 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered in Appnitro MachForm before 4.2.3. There is a download.php SQL injection via the q parameter. | |||||
| CVE-2018-11576 | 1 Miniupnp Project | 1 Ngiflib | 2018-06-28 | 7.5 HIGH | 9.8 CRITICAL |
| ngiflib.c in MiniUPnP ngiflib 0.4 has a heap-based buffer over-read in GifIndexToTrueColor. | |||||
| CVE-2018-11309 | 1 Membermouse | 1 Membermouse | 2018-06-28 | 7.5 HIGH | 9.8 CRITICAL |
| Blind SQL injection in coupon_code in the MemberMouse plugin 2.2.8 and prior for WordPress allows an unauthenticated attacker to dump the WordPress MySQL database via an applyCoupon action in an admin-ajax.php request. | |||||
| CVE-2018-11515 | 1 Gvectors | 1 Wpforo | 2018-06-28 | 5.0 MEDIUM | 9.8 CRITICAL |
| The wpForo plugin through 2018-02-05 for WordPress has SQL Injection via a search with the /forum/ wpfo parameter. | |||||
| CVE-2018-11528 | 1 Wuzhicms | 1 Wuzhi Cms | 2018-06-28 | 7.5 HIGH | 9.8 CRITICAL |
| WUZHI CMS 4.1.0 has SQL Injection via an api/sms_check.php?param= URI. | |||||
| CVE-2018-11444 | 1 Easyservice Billing Project | 1 Easyservice Billing | 2018-06-27 | 7.5 HIGH | 9.8 CRITICAL |
| A SQL Injection issue was observed in the parameter "q" in jobcard-ongoing.php in EasyService Billing 1.0. | |||||
| CVE-2018-7218 | 1 Citrix | 2 Application Delivery Controller Firmware, Netscaler Gateway Firmware | 2018-06-27 | 10.0 HIGH | 9.8 CRITICAL |
| The AppFirewall functionality in Citrix NetScaler Application Delivery Controller and NetScaler Gateway 10.5 before Build 68.7, 11.0 before Build 71.24, 11.1 before Build 58.13, and 12.0 before Build 57.24 allows remote attackers to execute arbitrary code via unspecified vectors. | |||||
| CVE-2018-4920 | 5 Adobe, Apple, Google and 2 more | 8 Flash Player, Flash Player Desktop Runtime, Mac Os X and 5 more | 2018-06-27 | 10.0 HIGH | 9.8 CRITICAL |
| Adobe Flash Player versions 28.0.0.161 and earlier have an exploitable type confusion vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user. | |||||
| CVE-2018-4919 | 5 Adobe, Apple, Google and 2 more | 8 Flash Player, Flash Player Desktop Runtime, Mac Os X and 5 more | 2018-06-27 | 10.0 HIGH | 9.8 CRITICAL |
| Adobe Flash Player versions 28.0.0.161 and earlier have an exploitable use after free vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user. | |||||
| CVE-2018-1309 | 1 Apache | 1 Nifi | 2018-06-27 | 7.5 HIGH | 9.8 CRITICAL |
| Apache NiFi External XML Entity issue in SplitXML processor. Malicious XML content could cause information disclosure or remote code execution. The fix to disable external general entity parsing and disallow doctype declarations was applied on the Apache NiFi 1.6.0 release. Users running a prior 1.x release should upgrade to the appropriate release. | |||||
| CVE-2018-11311 | 1 Myscada | 1 Mypro | 2018-06-26 | 6.4 MEDIUM | 9.1 CRITICAL |
| A hardcoded FTP username of myscada and password of Vikuk63 in 'myscadagate.exe' in mySCADA myPRO 7 allows remote attackers to access the FTP server on port 2121, and upload files or list directories, by entering these credentials. | |||||
| CVE-2018-11373 | 1 Iscripts | 1 Eswap | 2018-06-25 | 7.5 HIGH | 9.8 CRITICAL |
| iScripts eSwap v2.4 has SQL injection via the "salelistdetailed.php" User Panel ToId parameter. | |||||
| CVE-2018-11372 | 1 Iscripts | 1 Eswap | 2018-06-25 | 7.5 HIGH | 9.8 CRITICAL |
| iScripts eSwap v2.4 has SQL injection via the wishlistdetailed.php User Panel ToId parameter. | |||||
| CVE-2017-7827 | 1 Mozilla | 1 Firefox | 2018-06-25 | 10.0 HIGH | 9.8 CRITICAL |
| Memory safety bugs were reported in Firefox 56. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Firefox < 57. | |||||
| CVE-2018-5092 | 2 Canonical, Mozilla | 2 Ubuntu Linux, Firefox | 2018-06-25 | 7.5 HIGH | 9.8 CRITICAL |
| A use-after-free vulnerability can occur when the thread for a Web Worker is freed from memory prematurely instead of from memory in the main thread while cancelling fetch operations. This vulnerability affects Firefox < 58. | |||||
| CVE-2018-5090 | 2 Canonical, Mozilla | 2 Ubuntu Linux, Firefox | 2018-06-25 | 10.0 HIGH | 9.8 CRITICAL |
| Memory safety bugs were reported in Firefox 57. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Firefox < 58. | |||||
| CVE-2018-5116 | 2 Canonical, Mozilla | 2 Ubuntu Linux, Firefox | 2018-06-25 | 7.5 HIGH | 9.8 CRITICAL |
| WebExtensions with the "ActiveTab" permission are able to access frames hosted within the active tab even if the frames are cross-origin. Malicious extensions can inject frames from arbitrary origins into the loaded page and then interact with them, bypassing same-origin user expectations with this permission. This vulnerability affects Firefox < 58. | |||||
| CVE-2018-10648 | 1 Citrix | 1 Xenmobile Server | 2018-06-25 | 7.5 HIGH | 9.8 CRITICAL |
| There are Unauthenticated File Upload Vulnerabilities in Citrix XenMobile Server 10.8 before RP2 and 10.7 before RP3. | |||||
| CVE-2018-4991 | 1 Adobe | 1 Creative Cloud | 2018-06-25 | 7.5 HIGH | 9.8 CRITICAL |
| Adobe Creative Cloud Desktop Application versions 4.4.1.298 and earlier have an exploitable Improper certificate validation vulnerability. Successful exploitation could lead to a security bypass. | |||||
| CVE-2018-4923 | 1 Adobe | 1 Connect | 2018-06-22 | 6.4 MEDIUM | 9.1 CRITICAL |
| Adobe Connect versions 9.7 and earlier have an exploitable OS Command Injection. Successful exploitation could lead to arbitrary file deletion. | |||||
| CVE-2018-11094 | 1 Intelbras | 2 Ncloud 300, Ncloud 300 Firmware | 2018-06-22 | 10.0 HIGH | 9.8 CRITICAL |
| An issue was discovered on Intelbras NCLOUD 300 1.0 devices. /cgi-bin/ExportSettings.sh, /goform/updateWPS, /goform/RebootSystem, and /goform/vpnBasicSettings do not require authentication. For example, when an HTTP POST request is made to /cgi-bin/ExportSettings.sh, the username, password, and other details are retrieved. | |||||
| CVE-2018-11369 | 1 Pbootcms | 1 Pbootcms | 2018-06-22 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered in PbootCMS v1.0.9. There is a SQL Injection that can get important information from the database via the \apps\home\controller\ParserController.php scode parameter. | |||||
| CVE-2018-4924 | 2 Adobe, Microsoft | 2 Dreamweaver, Windows | 2018-06-22 | 10.0 HIGH | 9.8 CRITICAL |
| Adobe Dreamweaver CC versions 18.0 and earlier have an OS Command Injection vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user. | |||||
| CVE-2018-11331 | 1 Pluck-cms | 1 Pluck | 2018-06-22 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered in Pluck before 4.7.6. Remote PHP code execution is possible because the set of disallowed filetypes for uploads in missing some applicable ones such as .phtml and .htaccess. | |||||
| CVE-2018-10731 | 1 Phoenixcontact | 58 Fl Switch 3004t-fx, Fl Switch 3004t-fx Firmware, Fl Switch 3004t-fx St and 55 more | 2018-06-20 | 9.3 HIGH | 9.0 CRITICAL |
| All Phoenix Contact managed FL SWITCH 3xxx, 4xxx, 48xx products running firmware version 1.0 to 1.33 are prone to buffer overflows when handling very large cookies (a different vulnerability than CVE-2018-10728). | |||||
| CVE-2018-11248 | 1 Liulishuo | 1 Filedownloader | 2018-06-20 | 7.5 HIGH | 9.8 CRITICAL |
| util/FileDownloadUtils.java in FileDownloader 1.7.3 does not check an attachment's name. If an attacker places "../" in the file name, the file can be stored in an unintended directory because of Directory Traversal. | |||||
| CVE-2017-15670 | 1 Gnu | 1 Glibc | 2018-06-20 | 7.5 HIGH | 9.8 CRITICAL |
| The GNU C Library (aka glibc or libc6) before 2.27 contains an off-by-one error leading to a heap-based buffer overflow in the glob function in glob.c, related to the processing of home directories using the ~ operator followed by a long string. | |||||
| CVE-2017-15804 | 1 Gnu | 1 Glibc | 2018-06-20 | 7.5 HIGH | 9.8 CRITICAL |
| The glob function in glob.c in the GNU C Library (aka glibc or libc6) before 2.27 contains a buffer overflow during unescaping of user names with the ~ operator. | |||||
| CVE-2018-11031 | 1 Gouguoyin | 1 Phprap | 2018-06-19 | 10.0 HIGH | 9.8 CRITICAL |
| application/home/controller/debug.php in PHPRAP 1.0.4 through 1.0.8 has SSRF via the /debug URI, as demonstrated by an api[url]=file:////etc/passwd&api[method]=get POST request. | |||||
| CVE-2018-11032 | 1 Gouguoyin | 1 Phprap | 2018-06-19 | 7.5 HIGH | 9.8 CRITICAL |
| PHPRAP 1.0.4 through 1.0.8 has SQL Injection via the application/home/controller/project.php search() function. | |||||
| CVE-2018-10730 | 1 Phoenixcontact | 58 Fl Switch 3004t-fx, Fl Switch 3004t-fx Firmware, Fl Switch 3004t-fx St and 55 more | 2018-06-19 | 9.0 HIGH | 9.1 CRITICAL |
| All Phoenix Contact managed FL SWITCH 3xxx, 4xxx, 48xx products running firmware version 1.0 to 1.33 are prone to OS command injection. | |||||
| CVE-2018-10682 | 1 Wildfly | 1 Wildfly | 2018-06-18 | 10.0 HIGH | 9.8 CRITICAL |
| ** DISPUTED ** An issue was discovered in WildFly 10.1.2.Final. It is possible for an attacker to access the administration panel on TCP port 9990 without any authentication using "anonymous" access that is automatically created. Once logged in, a misconfiguration present by default (auto-deployment) permits an anonymous user to deploy a malicious .war file, leading to remote code execution. NOTE: the vendor indicates that anonymous access is not available in the default installation; however, it remains optional because there are several use cases for it, including development environments and network architectures that have a proxy server for access control to the WildFly server. | |||||
| CVE-2018-9112 | 1 Foxconn | 2 Ap-fc4064-t, Ap-fc4064-t Firmware | 2018-06-18 | 7.5 HIGH | 9.8 CRITICAL |
| A low privileged admin account with a weak default password of admin exists on the Foxconn FEMTO AP-FC4064-T AP_GT_B38_5.8.3lb15-W47 LTE Build 15. In addition, its web management page relies on the existence or values of cookies when performing security-critical operations. One can gain privileges by modifying cookies. | |||||
| CVE-2018-10996 | 1 D-link | 2 Dir-629-b, Dir-629-b Firmware | 2018-06-18 | 10.0 HIGH | 9.8 CRITICAL |
| The weblogin_log function in /htdocs/cgibin on D-Link DIR-629-B1 devices allows attackers to execute arbitrary code or cause a denial of service (buffer overflow) via a session.cgi?ACTION=logout request involving a long REMOTE_ADDR environment variable. | |||||
| CVE-2017-12942 | 1 Rarlab | 1 Unrar | 2018-06-16 | 7.5 HIGH | 9.8 CRITICAL |
| libunrar.a in UnRAR before 5.5.7 has a buffer overflow in the Unpack::LongLZ function. | |||||
| CVE-2017-12940 | 1 Rarlab | 1 Unrar | 2018-06-16 | 7.5 HIGH | 9.8 CRITICAL |
| libunrar.a in UnRAR before 5.5.7 has an out-of-bounds read in the EncodeFileName::Decode call within the Archive::ReadHeader15 function. | |||||
| CVE-2017-12941 | 1 Rarlab | 1 Unrar | 2018-06-16 | 7.5 HIGH | 9.8 CRITICAL |
| libunrar.a in UnRAR before 5.5.7 has an out-of-bounds read in the Unpack::Unpack20 function. | |||||