Search
Total
49350 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2018-6233 | 2 Microsoft, Trendmicro | 5 Windows, Antivirus\+, Internet Security and 2 more | 2019-10-03 | 7.2 HIGH | 7.8 HIGH |
| A buffer overflow privilege escalation vulnerability in Trend Micro Maximum Security (Consumer) 2018 could allow a local attacker to escalate privileges on vulnerable installations due to a flaw within processing of IOCTL 0x222060 by the tmnciesc.sys driver. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. | |||||
| CVE-2018-3128 | 1 Oracle | 1 Hospitality Reporting And Analytics | 2019-10-03 | 5.5 MEDIUM | 8.1 HIGH |
| Vulnerability in the Oracle Hospitality Reporting and Analytics component of Oracle Food and Beverage Applications. The supported version that is affected is 9.0. Easily exploitable vulnerability allows low privileged attacker having Report privilege with network access via HTTP to compromise Oracle Hospitality Reporting and Analytics. Successful attacks of this vulnerability can result in unauthorized creation, deletion, or modification access to critical data or all Oracle Hospitality Reporting and Analytics accessible data as well as unauthorized access to critical data or complete access to all Oracle Hospitality Reporting and Analytics accessible data. CVSS 3.0 Base Score 8.1 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N). | |||||
| CVE-2018-6183 | 1 Bitdefender | 1 Total Security | 2019-10-03 | 4.6 MEDIUM | 7.8 HIGH |
| BitDefender Total Security 2018 allows local users to gain privileges or cause a denial of service by impersonating all the pipes through a use of an "insecurely created named pipe". Ensures full access to Everyone users group. | |||||
| CVE-2018-10853 | 3 Canonical, Debian, Linux | 3 Ubuntu Linux, Debian Linux, Linux Kernel | 2019-10-03 | 4.6 MEDIUM | 7.8 HIGH |
| A flaw was found in the way Linux kernel KVM hypervisor before 4.18 emulated instructions such as sgdt/sidt/fxsave/fxrstor. It did not check current privilege(CPL) level while emulating unprivileged instructions. An unprivileged guest user/process could use this flaw to potentially escalate privileges inside guest. | |||||
| CVE-2017-7293 | 1 Dolby | 2 Dolby Audio X2, Dolby Audio X3 | 2019-10-03 | 7.2 HIGH | 7.8 HIGH |
| The Dolby DAX2 and DAX3 API services are vulnerable to a privilege escalation vulnerability that allows a normal user to get arbitrary system privileges, because these services have .NET code for DCOM. This affects Dolby Audio X2 (DAX2) 1.0, 1.0.1, 1.1, 1.1.1, 1.2, 1.3, 1.3.1, 1.3.2, 1.4, 1.4.1, 1.4.2, 1.4.3, and 1.4.4 and Dolby Audio X3 (DAX3) 1.0 and 1.1. An example affected driver is Realtek Audio Driver 6.0.1.7898 on a Lenovo P50. | |||||
| CVE-2017-6253 | 2 Microsoft, Nvidia | 2 Windows, Gpu Driver | 2019-10-03 | 7.2 HIGH | 7.8 HIGH |
| NVIDIA Windows GPU Display Driver contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape where the size of an input buffer is not validated which may lead to denial of service or potential escalation of privileges | |||||
| CVE-2018-10190 | 1 Londontrustmedia | 1 Private Internet Access | 2019-10-03 | 7.2 HIGH | 7.8 HIGH |
| A vulnerability in London Trust Media Private Internet Access (PIA) VPN Client v77 for Windows could allow an unauthenticated, local attacker to run executable files with elevated privileges. The vulnerability is due to insufficient implementation of access controls. The "Changelog" and "Help" options available from the system tray context menu spawn an elevated instance of the user's default web browser. An attacker could exploit this vulnerability by selecting "Run as Administrator" from the context menu of an executable file within the file browser of the spawned default web browser. This may allow the attacker to execute privileged commands on the targeted system. | |||||
| CVE-2018-10906 | 3 Debian, Fuse Project, Redhat | 5 Debian Linux, Fuse, Enterprise Linux Desktop and 2 more | 2019-10-03 | 4.6 MEDIUM | 7.8 HIGH |
| In fuse before versions 2.9.8 and 3.x before 3.2.5, fusermount is vulnerable to a restriction bypass when SELinux is active. This allows non-root users to mount a FUSE file system with the 'allow_other' mount option regardless of whether 'user_allow_other' is set in the fuse configuration. An attacker may use this flaw to mount a FUSE file system, accessible by other users, and trick them into accessing files on that file system, possibly causing Denial of Service or other unspecified effects. | |||||
| CVE-2018-10172 | 1 7-zip | 1 7-zip | 2019-10-03 | 7.2 HIGH | 8.8 HIGH |
| 7-Zip through 18.01 on Windows implements the "Large memory pages" option by calling the LsaAddAccountRights function to add the SeLockMemoryPrivilege privilege to the user's account, which makes it easier for attackers to bypass intended access restrictions by using this privilege in the context of a sandboxed process. | |||||
| CVE-2018-10168 | 1 Tp-link | 1 Eap Controller | 2019-10-03 | 6.5 MEDIUM | 8.8 HIGH |
| TP-Link EAP Controller and Omada Controller versions 2.5.4_Windows/2.6.0_Windows do not control privileges for usage of the Web API, allowing a low-privilege user to make any request as an Administrator. This is fixed in version 2.6.1_Windows. | |||||
| CVE-2017-6214 | 1 Linux | 1 Linux Kernel | 2019-10-03 | 5.0 MEDIUM | 7.5 HIGH |
| The tcp_splice_read function in net/ipv4/tcp.c in the Linux kernel before 4.9.11 allows remote attackers to cause a denial of service (infinite loop and soft lockup) via vectors involving a TCP packet with the URG flag. | |||||
| CVE-2018-3146 | 1 Oracle | 1 Ilearning | 2019-10-03 | 5.8 MEDIUM | 8.2 HIGH |
| Vulnerability in the Oracle iLearning component of Oracle iLearning (subcomponent: Learner Administration). Supported versions that are affected are 6.1 and 6.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle iLearning. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle iLearning, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle iLearning accessible data as well as unauthorized update, insert or delete access to some of Oracle iLearning accessible data. CVSS 3.0 Base Score 8.2 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:L/A:N). | |||||
| CVE-2018-3151 | 1 Oracle | 1 Iprocurement | 2019-10-03 | 5.0 MEDIUM | 7.5 HIGH |
| Vulnerability in the Oracle iProcurement component of Oracle E-Business Suite (subcomponent: E-Content Manager Catalog). Supported versions that are affected are 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, 12.2.5, 12.2.6 and 12.2.7. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle iProcurement. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle iProcurement accessible data. CVSS 3.0 Base Score 7.5 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N). | |||||
| CVE-2018-6222 | 1 Trendmicro | 1 Email Encryption Gateway | 2019-10-03 | 7.2 HIGH | 7.8 HIGH |
| Arbitrary logs location in Trend Micro Email Encryption Gateway 5.5 could allow an attacker to change location of log files and be manipulated to execute arbitrary commands and attain command execution on a vulnerable system. | |||||
| CVE-2018-6232 | 2 Microsoft, Trendmicro | 5 Windows, Antivirus\+, Internet Security and 2 more | 2019-10-03 | 7.2 HIGH | 7.8 HIGH |
| A buffer overflow privilege escalation vulnerability in Trend Micro Maximum Security (Consumer) 2018 could allow a local attacker to escalate privileges on vulnerable installations due to a flaw within processing of IOCTL 0x22205C by the tmnciesc.sys driver. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. | |||||
| CVE-2018-6241 | 1 Google | 1 Android | 2019-10-03 | 7.2 HIGH | 7.8 HIGH |
| NVIDIA Tegra Gralloc module contains a vulnerability in driver in which it does not validate input parameter of the registerbuffer API, which may lead to arbitrary code execution, denial of service, or escalation of privileges. Android ID: A-62540032 Severity Rating: High Version: N/A. | |||||
| CVE-2018-6243 | 1 Google | 1 Android | 2019-10-03 | 7.2 HIGH | 7.8 HIGH |
| NVIDIA Tegra TLK Widevine Trust Application contains a vulnerability in which missing the input parameter checking of video metadata count may lead to Arbitrary Code Execution, Denial of Service or Escalation of Privileges. Android ID: A-72315075. Severity Rating: High. Version: N/A. | |||||
| CVE-2018-13108 | 1 Adbglobal | 8 Dv2210, Dv2210 Firmware, Prg Av4202n and 5 more | 2019-10-03 | 7.2 HIGH | 7.8 HIGH |
| All ADB broadband gateways / routers based on the Epicentro platform are affected by a local root jailbreak vulnerability where attackers are able to gain root access on the device, and extract further information such as sensitive configuration data of the ISP (e.g., VoIP credentials) or attack the internal network of the ISP. | |||||
| CVE-2018-13109 | 1 Adbglobal | 8 Dv2210, Dv2210 Firmware, Prg Av4202n and 5 more | 2019-10-03 | 5.0 MEDIUM | 7.5 HIGH |
| All ADB broadband gateways / routers based on the Epicentro platform are affected by an authorization bypass vulnerability where attackers are able to access and manipulate settings within the web interface that are forbidden to end users (e.g., by the ISP). An attacker would be able to enable the TELNET server or other settings as well. | |||||
| CVE-2018-13110 | 1 Adbglobal | 8 Dv2210, Dv2210 Firmware, Prg Av4202n and 5 more | 2019-10-03 | 8.5 HIGH | 7.5 HIGH |
| All ADB broadband gateways / routers based on the Epicentro platform are affected by a privilege escalation vulnerability where attackers can gain access to the command line interface (CLI) if previously disabled by the ISP, escalate their privileges, and perform further attacks. | |||||
| CVE-2017-6255 | 2 Microsoft, Nvidia | 2 Windows, Gpu Driver | 2019-10-03 | 7.2 HIGH | 7.8 HIGH |
| NVIDIA Windows GPU Display Driver contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape where an improper input parameter handling may lead to a denial of service or potential escalation of privileges. | |||||
| CVE-2018-3155 | 4 Canonical, Microsoft, Netapp and 1 more | 8 Ubuntu Linux, Windows, Oncommand Insight and 5 more | 2019-10-03 | 4.0 MEDIUM | 7.7 HIGH |
| Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Parser). Supported versions that are affected are 5.7.23 and prior and 8.0.12 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. While the vulnerability is in MySQL Server, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 7.7 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H). | |||||
| CVE-2018-3158 | 1 Oracle | 1 Hospitality Cruise Fleet Management | 2019-10-03 | 5.5 MEDIUM | 7.1 HIGH |
| Vulnerability in the Oracle Hospitality Cruise Fleet Management component of Oracle Hospitality Applications (subcomponent: Emergency Response System). The supported version that is affected is 9.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Hospitality Cruise Fleet Management. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Hospitality Cruise Fleet Management accessible data as well as unauthorized update, insert or delete access to some of Oracle Hospitality Cruise Fleet Management accessible data. CVSS 3.0 Base Score 7.1 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N). | |||||
| CVE-2018-20785 | 1 Neatorobotics | 14 Botvac Connected, Botvac Connected Firmware, Botvac D3 Connected and 11 more | 2019-10-03 | 4.4 MEDIUM | 7.4 HIGH |
| Secure boot bypass and memory extraction can be achieved on Neato Botvac Connected 2.2.0 devices. During startup, the AM335x secure boot feature decrypts and executes firmware. Secure boot can be bypassed by starting with certain commands to the USB serial port. Although a power cycle occurs, this does not completely reset the chip: memory contents are still in place. Also, it restarts into a boot menu that enables XMODEM upload and execution of an unsigned QNX IFS system image, thereby completing the bypass of secure boot. Moreover, the attacker can craft custom IFS data and write it to unused memory to extract all memory contents that had previously been present. This includes the original firmware and sensitive information such as Wi-Fi credentials. | |||||
| CVE-2018-11832 | 1 Google | 1 Android | 2019-10-03 | 4.6 MEDIUM | 7.8 HIGH |
| In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, lack of input size validation before copying to buffer in PMIC function can lead to heap overflow. | |||||
| CVE-2018-3160 | 1 Oracle | 1 Hospitality Cruise Shipboard Property Management System | 2019-10-03 | 4.4 MEDIUM | 7.7 HIGH |
| Vulnerability in the Oracle Hospitality Cruise Shipboard Property Management System component of Oracle Hospitality Applications (subcomponent: OHC Admin, OHC Management). The supported version that is affected is 8.0. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle Hospitality Cruise Shipboard Property Management System executes to compromise Oracle Hospitality Cruise Shipboard Property Management System. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle Hospitality Cruise Shipboard Property Management System, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle Hospitality Cruise Shipboard Property Management System. CVSS 3.0 Base Score 7.7 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H). | |||||
| CVE-2018-1016 | 1 Microsoft | 7 Windows 10, Windows 7, Windows 8.1 and 4 more | 2019-10-03 | 9.3 HIGH | 8.8 HIGH |
| A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted embedded fonts, aka "Microsoft Graphics Remote Code Execution Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers. This CVE ID is unique from CVE-2018-1010, CVE-2018-1012, CVE-2018-1013, CVE-2018-1015. | |||||
| CVE-2018-13321 | 1 Buffalo | 2 Ts5600d1206, Ts5600d1206 Firmware | 2019-10-03 | 6.5 MEDIUM | 8.8 HIGH |
| Incorrect access controls in nasapi in Buffalo TS5600D1206 version 3.61-0.10 allow attackers to call dangerous internal functions via the "method" parameter. | |||||
| CVE-2018-4965 | 3 Adobe, Apple, Microsoft | 4 Acrobat Dc, Acrobat Reader Dc, Mac Os X and 1 more | 2019-10-03 | 5.0 MEDIUM | 7.5 HIGH |
| Adobe Acrobat and Reader versions 2018.011.20038 and earlier, 2017.011.30079 and earlier, and 2015.006.30417 and earlier have a Memory Corruption vulnerability. Successful exploitation could lead to information disclosure. | |||||
| CVE-2018-13341 | 1 Crestron | 15 Mc3, Mc3 Firmware, Tsw-1060-b-s and 12 more | 2019-10-03 | 4.0 MEDIUM | 8.8 HIGH |
| Crestron TSW-X60 all versions prior to 2.001.0037.001 and MC3 all versions prior to 1.502.0047.00, The passwords for special sudo accounts may be calculated using information accessible to those with regular user privileges. Attackers could decipher these passwords, which may allow them to execute hidden API calls and escape the CTP console sandbox environment with elevated privileges. | |||||
| CVE-2018-3179 | 1 Oracle | 1 Identity Manager | 2019-10-03 | 6.4 MEDIUM | 7.2 HIGH |
| Vulnerability in the Oracle Identity Manager component of Oracle Fusion Middleware (subcomponent: Advanced Console). Supported versions that are affected are 11.1.2.3.0 and 12.2.1.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Identity Manager. While the vulnerability is in Oracle Identity Manager, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle Identity Manager accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Identity Manager. CVSS 3.0 Base Score 7.2 (Confidentiality and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:L). | |||||
| CVE-2018-11826 | 1 Google | 1 Android | 2019-10-03 | 7.2 HIGH | 7.8 HIGH |
| In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, lack of check on integer overflow while calculating memory can lead to Buffer overflow in WLAN ext scan handler. | |||||
| CVE-2018-1335 | 1 Apache | 1 Tika | 2019-10-03 | 9.3 HIGH | 8.1 HIGH |
| From Apache Tika versions 1.7 to 1.17, clients could send carefully crafted headers to tika-server that could be used to inject commands into the command line of the server running tika-server. This vulnerability only affects those running tika-server on a server that is open to untrusted clients. The mitigation is to upgrade to Tika 1.18. | |||||
| CVE-2018-20674 | 1 Dlink | 8 Dir-822, Dir-822-us, Dir-822-us Firmware and 5 more | 2019-10-03 | 6.5 MEDIUM | 8.8 HIGH |
| D-Link DIR-822 C1 before v3.11B01Beta, DIR-822-US C1 before v3.11B01Beta, DIR-850L A* before v1.21B08Beta, DIR-850L B* before v2.22B03Beta, and DIR-880L A* before v1.20B02Beta devices allow authenticated remote command execution. | |||||
| CVE-2018-13353 | 1 Terra-master | 1 Terramaster Operating System | 2019-10-03 | 9.0 HIGH | 8.8 HIGH |
| System command injection in ajaxdata.php in TerraMaster TOS version 3.1.03 allows attackers to execute commands via the "checkport" parameter. | |||||
| CVE-2018-13356 | 1 Terra-master | 1 Terramaster Operating System | 2019-10-03 | 9.0 HIGH | 8.8 HIGH |
| Incorrect access control on ajaxdata.php in TerraMaster TOS version 3.1.03 allows attackers to elevate user permissions. | |||||
| CVE-2018-3204 | 1 Oracle | 1 Business Intelligence | 2019-10-03 | 5.8 MEDIUM | 8.2 HIGH |
| Vulnerability in the Oracle Business Intelligence Enterprise Edition component of Oracle Fusion Middleware (subcomponent: Analytics Server). The supported version that is affected is 12.2.1.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Business Intelligence Enterprise Edition. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle Business Intelligence Enterprise Edition, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Business Intelligence Enterprise Edition accessible data as well as unauthorized update, insert or delete access to some of Oracle Business Intelligence Enterprise Edition accessible data. CVSS 3.0 Base Score 8.2 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:L/A:N). | |||||
| CVE-2018-3208 | 1 Oracle | 1 Hyperion Data Relationship Management | 2019-10-03 | 4.0 MEDIUM | 7.7 HIGH |
| Vulnerability in the Hyperion Data Relationship Management component of Oracle Hyperion (subcomponent: Access and Security). The supported version that is affected is 11.1.2.4.345. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Hyperion Data Relationship Management. While the vulnerability is in Hyperion Data Relationship Management, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Hyperion Data Relationship Management accessible data. CVSS 3.0 Base Score 7.7 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N). | |||||
| CVE-2018-13397 | 1 Atlassian | 1 Sourcetree | 2019-10-03 | 9.0 HIGH | 8.8 HIGH |
| There was an argument injection vulnerability in Sourcetree for Windows from version 0.5.1.0 before version 3.0.0 via Git subrepositories in Mercurial repositories. An attacker with permission to commit to a Mercurial repository linked in Sourcetree for Windows is able to exploit this issue to gain code execution on the system. | |||||
| CVE-2018-6316 | 1 Ivanti | 1 Endpoint Security | 2019-10-03 | 6.0 MEDIUM | 7.5 HIGH |
| Ivanti Endpoint Security (formerly HEAT Endpoint Management and Security Suite) 8.5 Update 1 and earlier allows an authenticated user with low privileges and access to the local network to bypass application whitelisting when using the Application Control module on Ivanti Endpoint Security in lockdown mode. | |||||
| CVE-2018-13843 | 1 Htslib | 1 Htslib | 2019-10-03 | 5.0 MEDIUM | 7.5 HIGH |
| ** DISPUTED ** An issue has been found in HTSlib 1.8. It is a memory leak in bgzf_getline in bgzf.c. NOTE: the software maintainer's position is that the "failure to free memory" can be fixed in applications that use the HTSlib library (such as test/test_bgzf.c in the original report) and is not a library issue. | |||||
| CVE-2017-7344 | 1 Fortinet | 1 Forticlient | 2019-10-03 | 7.6 HIGH | 8.1 HIGH |
| A privilege escalation in Fortinet FortiClient Windows 5.4.3 and earlier as well as 5.6.0 allows attacker to gain privilege via exploiting the Windows "security alert" dialog thereby popping up when the "VPN before logon" feature is enabled and an untrusted certificate chain. | |||||
| CVE-2018-3235 | 1 Oracle | 1 Applications Manager | 2019-10-03 | 5.8 MEDIUM | 8.2 HIGH |
| Vulnerability in the Oracle Applications Manager component of Oracle E-Business Suite (subcomponent: None). Supported versions that are affected are 12.1.3, 12.2.3, 12.2.4, 12.2.5, 12.2.6 and 12.2.7. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Applications Manager. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle Applications Manager, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Applications Manager accessible data as well as unauthorized update, insert or delete access to some of Oracle Applications Manager accessible data. CVSS 3.0 Base Score 8.2 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:L/A:N). | |||||
| CVE-2018-6322 | 1 Pandasecurity | 1 Panda Global Protection | 2019-10-03 | 4.6 MEDIUM | 7.8 HIGH |
| Panda Global Protection 17.0.1 allows local users to gain privileges or cause a denial of service by impersonating all the pipes through a use of \.\pipe\PSANMSrvcPpal -- an "insecurely created named pipe." Ensures full access to Everyone users group. | |||||
| CVE-2018-11139 | 1 Quest | 1 Kace System Management Appliance | 2019-10-03 | 9.0 HIGH | 8.8 HIGH |
| The '/common/ajax_email_connection_test.php' script in the Quest KACE System Management Appliance 8.0.318 is accessible by any authenticated user and can be abused to execute arbitrary commands on the system. This script is vulnerable to command injection via the unsanitized user input 'TEST_SERVER' sent to the script via the POST method. | |||||
| CVE-2018-3229 | 1 Oracle | 1 Outside In Technology | 2019-10-03 | 5.8 MEDIUM | 7.1 HIGH |
| Vulnerability in the Oracle Outside In Technology component of Oracle Fusion Middleware (subcomponent: Outside In Filters). The supported version that is affected are 8.5.3 and 8.5.4. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Outside In Technology. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle Outside In Technology and unauthorized read access to a subset of Oracle Outside In Technology accessible data. Note: Outside In Technology is a suite of software development kits (SDKs). The protocol and CVSS score depend on the software that uses the Outside In Technology code. The CVSS score assumes that the software passes data received over a network directly to Outside In Technology code, but if data is not received over a network the CVSS score may be lower. CVSS 3.0 Base Score 7.1 (Confidentiality and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:H). | |||||
| CVE-2018-13863 | 1 Mongodb | 1 Js-bson | 2019-10-03 | 5.0 MEDIUM | 7.5 HIGH |
| The MongoDB bson JavaScript module (also known as js-bson) versions 0.5.0 to 1.0.x before 1.0.5 is vulnerable to a Regular Expression Denial of Service (ReDoS) in lib/bson/decimal128.js. The flaw is triggered when the Decimal128.fromString() function is called to parse a long untrusted string. | |||||
| CVE-2017-4985 | 1 Emc | 4 Vnx1, Vnx1 Firmware, Vnx2 and 1 more | 2019-10-03 | 7.2 HIGH | 7.8 HIGH |
| In EMC VNX2 versions prior to OE for File 8.1.9.211 and VNX1 versions prior to OE for File 7.1.80.8, a local authenticated user may potentially escalate their privileges to root due to authorization checks not being performed on certain perl scripts. This may potentially be exploited by an attacker to run arbitrary commands as root on the targeted VNX Control Station system. | |||||
| CVE-2018-20578 | 1 Nuttx | 1 Nuttx | 2019-10-03 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered in NuttX before 7.27. The function netlib_parsehttpurl() in apps/netutils/netlib/netlib_parsehttpurl.c mishandles URLs longer than hostlen bytes (in the webclient, this is set by default to 40), leading to an Infinite Loop. The attack vector is the Location header of an HTTP 3xx response. | |||||
| CVE-2018-2485 | 1 Sap | 1 Fiori Client | 2019-10-03 | 6.4 MEDIUM | 7.7 HIGH |
| It is possible for a malicious application or malware to execute JavaScript in a SAP Fiori application. This can include reading and writing of information and calling device specific JavaScript APIs in the application. SAP Fiori Client version 1.11.5 in Google Play store addresses these issues and users must update to that version. | |||||