Search
Total
17685 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2018-6582 | 1 Zh Googlemap Project | 1 Zh Googlemap | 2018-02-28 | 7.5 HIGH | 9.8 CRITICAL |
| SQL Injection exists in the Zh GoogleMap 8.4.0.0 component for Joomla! via the id parameter in a getPlacemarkDetails, getPlacemarkHoverText, getPathHoverText, or getPathDetails request. | |||||
| CVE-2018-6604 | 1 Zh Yandexmap Project | 1 Zh Yandexmap | 2018-02-28 | 7.5 HIGH | 9.8 CRITICAL |
| SQL Injection exists in the Zh YandexMap 6.2.1.0 component for Joomla! via the id parameter in a task=getPlacemarkDetails request. | |||||
| CVE-2018-6605 | 1 Zh Baidumap Project | 1 Zh Baidumap | 2018-02-28 | 7.5 HIGH | 9.8 CRITICAL |
| SQL Injection exists in the Zh BaiduMap 3.0.0.1 component for Joomla! via the id parameter in a getPlacemarkDetails, getPlacemarkHoverText, getPathHoverText, or getPathDetails request. | |||||
| CVE-2018-3601 | 1 Trendmicro | 1 Control Manager | 2018-02-27 | 7.5 HIGH | 9.8 CRITICAL |
| A password hash usage authentication bypass vulnerability in Trend Micro Control Manager 6.0 could allow a remote attacker to bypass authentication on vulnerable installations. | |||||
| CVE-2017-4947 | 1 Vmware | 2 Vrealize Automation, Vsphere Integrated Containers | 2018-02-27 | 10.0 HIGH | 9.8 CRITICAL |
| VMware Realize Automation (7.3 and 7.2) and vSphere Integrated Containers (1.x before 1.3) contain a deserialization vulnerability via Xenon. Successful exploitation of this issue may allow remote attackers to execute arbitrary code on the appliance. | |||||
| CVE-2016-7095 | 1 Exponentcms | 1 Exponent Cms | 2018-02-27 | 7.5 HIGH | 9.8 CRITICAL |
| Exponent CMS before 2.3.9 is vulnerable to an attacker uploading a malicious script file using redirection to place the script in an unprotected folder, one allowing script execution. | |||||
| CVE-2016-7400 | 1 Exponentcms | 1 Exponent Cms | 2018-02-27 | 7.5 HIGH | 9.8 CRITICAL |
| Multiple SQL injection vulnerabilities in Exponent CMS before 2.4.0 allow remote attackers to execute arbitrary SQL commands via the (1) id parameter in an activate_address address controller action, (2) title parameter in a show blog controller action, or (3) content_id parameter in a showComments expComment controller action. | |||||
| CVE-2016-7565 | 1 Exponentcms | 1 Exponent Cms | 2018-02-27 | 7.5 HIGH | 9.8 CRITICAL |
| install/index.php in Exponent CMS 2.3.9 allows remote attackers to execute arbitrary commands via shell metacharacters in the sc array parameter. | |||||
| CVE-2016-6599 | 1 Bmc | 1 Track-it\! | 2018-02-26 | 7.5 HIGH | 9.8 CRITICAL |
| BMC Track-It! 11.4 before Hotfix 3 exposes an unauthenticated .NET remoting configuration service (ConfigurationService) on port 9010. This service contains a method that can be used to retrieve a configuration file that contains the application database name, username and password as well as the domain administrator username and password. These are encrypted with a fixed key and IV ("NumaraIT") using the DES algorithm. The domain administrator username and password can only be obtained if the Self-Service component is enabled, which is the most common scenario in enterprise deployments. | |||||
| CVE-2016-6598 | 1 Bmc | 1 Track-it\! | 2018-02-26 | 10.0 HIGH | 9.8 CRITICAL |
| BMC Track-It! 11.4 before Hotfix 3 exposes an unauthenticated .NET remoting file storage service (FileStorageService) on port 9010. This service contains a method that allows uploading a file to an arbitrary path on the machine that is running Track-It!. This can be used to upload a file to the web root and achieve code execution as NETWORK SERVICE or SYSTEM. | |||||
| CVE-2018-1000034 | 1 Info-zip | 1 Unzip | 2018-02-26 | 6.4 MEDIUM | 9.1 CRITICAL |
| An out-of-bounds read exists in Info-Zip UnZip version 6.10c22 that allows an attacker to perform a denial of service and read sensitive memory. | |||||
| CVE-2018-1000033 | 1 Info-zip | 1 Unzip | 2018-02-26 | 6.4 MEDIUM | 9.1 CRITICAL |
| An out-of-bounds read exists in Info-Zip UnZip version 6.10c22 that allows an attacker to perform a denial of service and read sensitive memory. | |||||
| CVE-2017-5817 | 1 Hp | 1 Intelligent Management Center | 2018-02-24 | 10.0 HIGH | 9.8 CRITICAL |
| A Remote Code Execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version 7.3 E0504P04 was found. | |||||
| CVE-2017-5815 | 1 Hp | 1 Intelligent Management Center | 2018-02-24 | 10.0 HIGH | 9.8 CRITICAL |
| A Remote Code Execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version 7.3 E0504P04 was found. | |||||
| CVE-2017-5816 | 1 Hp | 1 Intelligent Management Center | 2018-02-24 | 10.0 HIGH | 9.8 CRITICAL |
| A Remote Code Execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version 7.3 E0504P04 was found. | |||||
| CVE-2017-5819 | 1 Hp | 1 Intelligent Management Center | 2018-02-24 | 10.0 HIGH | 9.8 CRITICAL |
| A Remote Code Execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version 7.3 E0504P04 was found. | |||||
| CVE-2017-5792 | 1 Hp | 1 Intelligent Management Center | 2018-02-24 | 7.5 HIGH | 9.8 CRITICAL |
| A Remote Code Execution vulnerability in HPE Intelligent Management Center (iMC) PLAT version 7.3 E0504P2 was found. | |||||
| CVE-2018-6289 | 1 Kaspersky | 1 Secure Mail Gateway | 2018-02-23 | 10.0 HIGH | 9.8 CRITICAL |
| Configuration file injection leading to Code Execution as Root in Kaspersky Secure Mail Gateway version 1.1. | |||||
| CVE-2017-12470 | 1 Ccn-lite | 1 Ccn-lite | 2018-02-23 | 7.5 HIGH | 9.8 CRITICAL |
| Integer overflow in the ndn_parse_sequence function in CCN-lite before 2.00 allows context-dependent attackers to have unspecified impact via vectors involving the typ and vallen variables. | |||||
| CVE-2017-12468 | 1 Ccn-lite | 1 Ccn-lite | 2018-02-23 | 7.5 HIGH | 9.8 CRITICAL |
| Buffer overflow in ccn-lite-ccnb2xml.c in CCN-lite before 2.00 allows context-dependent attackers to have unspecified impact via vectors involving the vallen and len variables. | |||||
| CVE-2017-12469 | 1 Ccn-lite | 1 Ccn-lite | 2018-02-23 | 7.5 HIGH | 9.8 CRITICAL |
| Buffer overflow in util/ccnl-common.c in CCN-lite before 2.00 allows context-dependent attackers to have unspecified impact by leveraging incorrect memory allocation. | |||||
| CVE-2017-12466 | 1 Ccn-lite | 1 Ccn-lite | 2018-02-23 | 7.5 HIGH | 9.8 CRITICAL |
| CCN-lite before 2.00 allows context-dependent attackers to have unspecified impact via vectors related to ssl_halen when running ccn-lite-sim, which trigger an out-of-bounds access. | |||||
| CVE-2017-12465 | 1 Ccn-lite | 1 Ccn-lite | 2018-02-23 | 7.5 HIGH | 9.8 CRITICAL |
| Multiple integer overflows in CCN-lite before 2.00 allow context-dependent attackers to have unspecified impact via vectors involving the (1) vallen variable in the iottlv_parse_sequence function or (2) typ, vallen and i variables in the localrpc_parse function. | |||||
| CVE-2018-0001 | 1 Juniper | 1 Junos | 2018-02-23 | 7.5 HIGH | 9.8 CRITICAL |
| A remote, unauthenticated attacker may be able to execute code by exploiting a use-after-free defect found in older versions of PHP through injection of crafted data via specific PHP URLs within the context of the J-Web process. Affected releases are Juniper Networks Junos OS: 12.1X46 versions prior to 12.1X46-D67; 12.3 versions prior to 12.3R12-S5; 12.3X48 versions prior to 12.3X48-D35; 14.1 versions prior to 14.1R8-S5, 14.1R9; 14.1X53 versions prior to 14.1X53-D44, 14.1X53-D50; 14.2 versions prior to 14.2R7-S7, 14.2R8; 15.1 versions prior to 15.1R3; 15.1X49 versions prior to 15.1X49-D30; 15.1X53 versions prior to 15.1X53-D70. | |||||
| CVE-2017-12472 | 1 Ccn-lite | 1 Ccn-lite | 2018-02-22 | 7.5 HIGH | 9.8 CRITICAL |
| ccnl-ext-mgmt.c in CCN-lite before 2.00 allows context-dependent attackers to have unspecified impact by leveraging missing NULL pointer checks after ccnl_malloc. | |||||
| CVE-2017-12471 | 1 Ccn-lite | 1 Ccn-lite | 2018-02-22 | 7.5 HIGH | 9.8 CRITICAL |
| The cnb_parse_lev function in CCN-lite before 2.00 allows context-dependent attackers to have unspecified impact by leveraging failure to check for out-of-bounds conditions, which triggers an invalid read in the hexdump function. | |||||
| CVE-2017-17413 | 1 Quest | 1 Netvault Backup | 2018-02-22 | 7.5 HIGH | 9.8 CRITICAL |
| This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Quest NetVault Backup 11.3.0.12. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of NVBUBackupTargetSet Get method requests. The issue results from the lack of proper validation of a user-supplied string before using it to construct SQL queries. An attacker can leverage this vulnerability to execute code in the context of the underlying database. Was ZDI-CAN-4224. | |||||
| CVE-2017-2750 | 1 Hp | 346 A2w75a, A2w75a Firmware, A2w76a and 343 more | 2018-02-21 | 7.5 HIGH | 9.8 CRITICAL |
| Insufficient Solution DLL Signature Validation allows potential execution of arbitrary code in HP LaserJet Enterprise printers, HP PageWide Enterprise printers, HP LaserJet Managed printers, HP OfficeJet Enterprise printers before 2308937_578479, 2405087_018548, and other firmware versions. | |||||
| CVE-2017-15655 | 1 Asus | 1 Asuswrt | 2018-02-21 | 9.3 HIGH | 9.6 CRITICAL |
| Multiple buffer overflow vulnerabilities exist in the HTTPd server in Asus asuswrt version <=3.0.0.4.376.X. All have been fixed in version 3.0.0.4.378, but this vulnerability was not previously disclosed. Some end-of-life routers have this version as the newest and thus are vulnerable at this time. This vulnerability allows for RCE with administrator rights when the administrator visits several pages. | |||||
| CVE-2014-3005 | 2 Fedoraproject, Zabbix | 2 Fedora, Zabbix | 2018-02-21 | 7.5 HIGH | 9.8 CRITICAL |
| XML external entity (XXE) vulnerability in Zabbix 1.8.x before 1.8.21rc1, 2.0.x before 2.0.13rc1, 2.2.x before 2.2.5rc1, and 2.3.x before 2.3.2 allows remote attackers to read arbitrary files or potentially execute arbitrary code via a crafted DTD in an XML request. | |||||
| CVE-2011-4069 | 1 Packetfence | 1 Packetfence | 2018-02-21 | 7.5 HIGH | 9.8 CRITICAL |
| html/admin/login.php in PacketFence before 3.0.2 allows remote attackers to conduct LDAP injection attacks and consequently bypass authentication via a crafted username. | |||||
| CVE-2011-4068 | 1 Packetfence | 1 Packetfence | 2018-02-21 | 7.5 HIGH | 9.8 CRITICAL |
| The check_password function in html/admin/login.php in PacketFence before 3.0.2 allows remote attackers to bypass authentication via an empty password. | |||||
| CVE-2018-6548 | 1 Webmproject | 1 Libwebm | 2018-02-21 | 7.5 HIGH | 9.8 CRITICAL |
| A use-after-free issue was discovered in libwebm through 2018-02-02. If a Vp9HeaderParser was initialized once before, its property frame_ would not be changed because of code in vp9parser::Vp9HeaderParser::SetFrame. Its frame_ could be freed while the corresponding pointer would not be updated, leading to a dangling pointer. This is related to the function OutputCluster in webm_info.cc. | |||||
| CVE-2017-5791 | 1 Hp | 1 Intelligent Management Center Plat | 2018-02-17 | 10.0 HIGH | 9.8 CRITICAL |
| The doFilter method in UrlAccessController in HPE Intelligent Management Center (iMC) PLAT 7.2 E0403P06 allows remote bypass of authentication via unspecified strings in a URI. | |||||
| CVE-2018-5749 | 2 Minecraft Servers List Lite Project, Premium Minecraft Servers List Project | 2 Minecraft Servers List Lite, Premium Minecraft Servers List | 2018-02-15 | 10.0 HIGH | 9.8 CRITICAL |
| install.php in Minecraft Servers List Lite before commit c1cd164 and Premium Minecraft Servers List before 2.0.4 does not sanitize input before saving database connection information in connect.php, which might allow remote attackers to execute arbitrary PHP code via the (1) database_server, (2) database_user, (3) database_password, or (4) database_name parameter. | |||||
| CVE-2018-5703 | 1 Linux | 1 Linux Kernel | 2018-02-15 | 10.0 HIGH | 9.8 CRITICAL |
| The tcp_v6_syn_recv_sock function in net/ipv6/tcp_ipv6.c in the Linux kernel through 4.14.11 allows attackers to cause a denial of service (slab out-of-bounds write) or possibly have unspecified other impact via vectors involving TLS. | |||||
| CVE-2018-5701 | 1 Iolo | 1 System Shield | 2018-02-15 | 10.0 HIGH | 9.8 CRITICAL |
| In Iolo System Shield AntiVirus and AntiSpyware 5.0.0.136, the amp.sys driver file contains an Arbitrary Write vulnerability due to not validating input values from IOCtl 0x00226003. | |||||
| CVE-2014-3244 | 1 Sugarcrm | 1 Sugarcrm | 2018-02-15 | 7.5 HIGH | 9.8 CRITICAL |
| XML external entity (XXE) vulnerability in the RSSDashlet dashlet in SugarCRM before 6.5.17 allows remote attackers to read arbitrary files or potentially execute arbitrary code via a crafted DTD in an XML request. | |||||
| CVE-2018-6537 | 1 Flexense | 1 Syncbreeze | 2018-02-15 | 7.5 HIGH | 9.8 CRITICAL |
| A buffer overflow vulnerability in the control protocol of Flexense SyncBreeze Enterprise v10.4.18 allows remote attackers to execute arbitrary code by sending a crafted packet to TCP port 9121. | |||||
| CVE-2018-6387 | 1 Iball | 2 Ib-wra150n, Ib-wra150n Firmware | 2018-02-15 | 10.0 HIGH | 9.8 CRITICAL |
| iBall iB-WRA150N 1.2.6 build 110401 Rel.47776n devices have a hardcoded password of admin for the admin account, a hardcoded password of support for the support account, and a hardcoded password of user for the user account. | |||||
| CVE-2018-6317 | 1 Claymore Dual Miner Project | 1 Claymore Dual Miner | 2018-02-15 | 6.4 MEDIUM | 9.1 CRITICAL |
| The remote management interface in Claymore Dual Miner 10.5 and earlier is vulnerable to an unauthenticated format string vulnerability, allowing remote attackers to read memory or cause a denial of service. | |||||
| CVE-2018-6579 | 1 Jextn | 1 Reverse Auction | 2018-02-14 | 7.5 HIGH | 9.8 CRITICAL |
| SQL Injection exists in the JEXTN Reverse Auction 3.1.0 component for Joomla! via a view=products&uid= request. | |||||
| CVE-2018-6575 | 1 Jextn | 1 Classified | 2018-02-14 | 7.5 HIGH | 9.8 CRITICAL |
| SQL Injection exists in the JEXTN Classified 1.0.0 component for Joomla! via a view=boutique&sid= request. | |||||
| CVE-2018-6577 | 1 Jextn | 1 Membership | 2018-02-14 | 7.5 HIGH | 9.8 CRITICAL |
| SQL Injection exists in the JEXTN Membership 3.1.0 component for Joomla! via the usr_plan parameter in a view=myplans&task=myplans.usersubscriptions request. | |||||
| CVE-2018-6395 | 1 Joomlacalendars | 1 Visual Calendar | 2018-02-14 | 7.5 HIGH | 9.8 CRITICAL |
| SQL Injection exists in the Visual Calendar 3.1.3 component for Joomla! via the id parameter in a view=load action. | |||||
| CVE-2018-0510 | 1 Kkcald Project | 1 Kkcald | 2018-02-14 | 7.5 HIGH | 9.8 CRITICAL |
| Buffer overflow in epg search result viewer (kkcald) 0.7.19 and earlier allows remote attackers to perform unintended operations or execute DoS (denial of service) attacks via unspecified vectors. | |||||
| CVE-2018-6398 | 1 Joomlacalendars | 1 Event Calendar | 2018-02-14 | 7.5 HIGH | 9.8 CRITICAL |
| SQL Injection exists in the CP Event Calendar 3.0.1 component for Joomla! via the id parameter in a task=load action. | |||||
| CVE-2018-6580 | 1 Janguo | 1 Jimtawl | 2018-02-14 | 7.5 HIGH | 9.8 CRITICAL |
| Arbitrary file upload exists in the Jimtawl 2.1.6 and 2.2.5 component for Joomla! via a view=upload&task=upload&pop=true&tmpl=component request. | |||||
| CVE-2018-6576 | 1 Ezcode | 1 Event Manager | 2018-02-14 | 7.5 HIGH | 9.8 CRITICAL |
| SQL Injection exists in Event Manager 1.0 via the event.php id parameter or the page.php slug parameter. | |||||
| CVE-2018-6581 | 1 Joommasters | 1 Jms Music | 2018-02-14 | 7.5 HIGH | 9.8 CRITICAL |
| SQL Injection exists in the JMS Music 1.1.1 component for Joomla! via a search with the keyword, artist, or username parameter. | |||||