Search
Total
49350 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2018-10550 | 1 Octopus | 1 Octopus Deploy | 2019-10-03 | 5.0 MEDIUM | 7.5 HIGH |
| In Octopus Deploy before 2018.4.7, target and tenant tag variable scopes were not checked against the list of tenants the user has access to. | |||||
| CVE-2017-18372 | 2 Billion, Zyxel | 6 5200w-t, 5200w-t Firmware, P660hn-t1a V1 and 3 more | 2019-10-03 | 9.0 HIGH | 8.8 HIGH |
| The Billion 5200W-T TCLinux Fw $7.3.8.0 v008 130603 router distributed by TrueOnline has a command injection vulnerability in the Time Setting function, which is only accessible by an authenticated user. The vulnerability is in the tools_time.asp page and can be exploited through the uiViewSNTPServer parameter. Authentication can be achieved by exploiting CVE-2017-18373. | |||||
| CVE-2017-18370 | 2 Billion, Zyxel | 6 5200w-t, 5200w-t Firmware, P660hn-t1a V1 and 3 more | 2019-10-03 | 9.0 HIGH | 8.8 HIGH |
| The ZyXEL P660HN-T1A v2 TCLinux Fw #7.3.37.6 router distributed by TrueOnline has a command injection vulnerability in the Remote System Log forwarding function, which is only accessible by an authenticated user. The vulnerability is in the logSet.asp page and can be exploited through the ServerIP parameter. Authentication can be achieved by exploiting CVE-2017-18371. | |||||
| CVE-2018-5706 | 1 Octopus | 1 Octopus Deploy | 2019-10-03 | 6.5 MEDIUM | 8.8 HIGH |
| An issue was discovered in Octopus Deploy before 4.1.9. Any user with user editing permissions can modify teams to give themselves Administer System permissions even if they didn't have them, as demonstrated by use of the RoleEdit or TeamEdit permission. | |||||
| CVE-2018-10823 | 1 D-link | 8 Dwr-111, Dwr-111 Firmware, Dwr-116 and 5 more | 2019-10-03 | 9.0 HIGH | 8.8 HIGH |
| An issue was discovered on D-Link DWR-116 through 1.06, DWR-512 through 2.02, DWR-712 through 2.02, DWR-912 through 2.02, DWR-921 through 2.02, and DWR-111 through 1.01 devices. An authenticated attacker may execute arbitrary code by injecting the shell command into the chkisg.htm page Sip parameter. This allows for full control over the device internals. | |||||
| CVE-2017-18353 | 1 Google | 1 Rendertron | 2019-10-03 | 5.0 MEDIUM | 7.5 HIGH |
| Rendertron 1.0.0 includes an _ah/stop route to shutdown the Chrome instance responsible for serving render requests to all users. Visiting this route with a GET request allows any unauthorized remote attacker to disable the core service of the application. | |||||
| CVE-2017-18348 | 1 Splunk | 1 Splunk | 2019-10-03 | 6.9 MEDIUM | 7.0 HIGH |
| Splunk Enterprise 6.6.x, when configured to run as root but drop privileges to a specific non-root account, allows local users to gain privileges by leveraging access to that non-root account to modify $SPLUNK_HOME/etc/splunk-launch.conf and insert Trojan horse programs into $SPLUNK_HOME/bin, because the non-root setup instructions state that chown should be run across all of $SPLUNK_HOME to give non-root access. | |||||
| CVE-2018-5234 | 1 Symantec | 2 Norton Core, Norton Core Firmware | 2019-10-03 | 8.3 HIGH | 8.0 HIGH |
| The Norton Core router prior to v237 may be susceptible to a command injection exploit. This is a type of attack in which the goal is execution of arbitrary commands on the host system via vulnerable software. | |||||
| CVE-2017-18285 | 2 Burp Project, Gentoo | 2 Burp, Linux | 2019-10-03 | 3.6 LOW | 7.1 HIGH |
| The Gentoo app-backup/burp package before 2.1.32 has incorrect group ownership of the /etc/burp directory, which might allow local users to obtain read and write access to arbitrary files by leveraging access to a certain account for a burp-server.conf change. | |||||
| CVE-2017-18284 | 2 Burp Project, Gentoo | 2 Burp, Linux | 2019-10-03 | 3.6 LOW | 7.1 HIGH |
| The Gentoo app-backup/burp package before 2.1.32 sets the ownership of the PID file directory to the burp account, which might allow local users to kill arbitrary processes by leveraging access to this account for PID file modification before a root script sends a SIGKILL. | |||||
| CVE-2017-18282 | 1 Qualcomm | 28 Mdm9206, Mdm9206 Firmware, Mdm9607 and 25 more | 2019-10-03 | 7.2 HIGH | 7.8 HIGH |
| Non-secure SW can cause SDCC to generate secure bus accesses, which may expose RPM access in Snapdragon Mobile, Snapdragon Wear in version MDM9206, MDM9607, MDM9650, SD 210/SD 212/SD 205, SD 425, SD 430, SD 450, SD 625, SD 650/52, SD 835, SDA660. | |||||
| CVE-2017-18280 | 1 Qualcomm | 42 Mdm9607, Mdm9607 Firmware, Msm8909w and 39 more | 2019-10-03 | 7.2 HIGH | 7.8 HIGH |
| In Snapdragon (Automobile, Mobile, Wear) in version MDM9607, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 450, SD 617, SD 625, SD 650/52, SD 820, SD 820A, SD 835, SDM429, SDM439, SDM632, Snapdragon_High_Med_2016, when a Trusted Application has opened the SPI/I2C interface to a particular device, it is possible for another Trusted Application to read the data on this open interface by calling the SPI/I2C read function. | |||||
| CVE-2018-10906 | 3 Debian, Fuse Project, Redhat | 5 Debian Linux, Fuse, Enterprise Linux Desktop and 2 more | 2019-10-03 | 4.6 MEDIUM | 7.8 HIGH |
| In fuse before versions 2.9.8 and 3.x before 3.2.5, fusermount is vulnerable to a restriction bypass when SELinux is active. This allows non-root users to mount a FUSE file system with the 'allow_other' mount option regardless of whether 'user_allow_other' is set in the fuse configuration. An attacker may use this flaw to mount a FUSE file system, accessible by other users, and trick them into accessing files on that file system, possibly causing Denial of Service or other unspecified effects. | |||||
| CVE-2017-18276 | 1 Qualcomm | 18 Mdm9206, Mdm9206 Firmware, Mdm9607 and 15 more | 2019-10-03 | 7.2 HIGH | 7.8 HIGH |
| Secure camera logic allows display/secure camera controllers to access HLOS memory during secure display or camera session in Snapdragon Mobile, Snapdragon Wear in MDM9206, MDM9607, MDM9650, SD 210/SD 212/SD 205, SD 835, SD 845, SD 850 | |||||
| CVE-2018-10982 | 2 Debian, Xen | 2 Debian Linux, Xen | 2019-10-03 | 7.2 HIGH | 8.8 HIGH |
| An issue was discovered in Xen through 4.10.x allowing x86 HVM guest OS users to cause a denial of service (unexpectedly high interrupt number, array overrun, and hypervisor crash) or possibly gain hypervisor privileges by setting up an HPET timer to deliver interrupts in IO-APIC mode, aka vHPET interrupt injection. | |||||
| CVE-2018-10987 | 1 Diqee | 2 Diqee360, Diqee360 Firmware | 2019-10-03 | 8.5 HIGH | 7.5 HIGH |
| An issue was discovered on Dongguan Diqee Diqee360 devices. The affected vacuum cleaner suffers from an authenticated remote code execution vulnerability. An authenticated attacker can send a specially crafted UDP packet, and execute commands on the vacuum cleaner as root. The bug is in the function REQUEST_SET_WIFIPASSWD (UDP command 153). A crafted UDP packet runs "/mnt/skyeye/mode_switch.sh %s" with an attacker controlling the %s variable. In some cases, authentication can be achieved with the default password of 888888 for the admin account. | |||||
| CVE-2018-10988 | 1 Diqee | 2 Diqee360, Diqee360 Firmware | 2019-10-03 | 7.2 HIGH | 7.8 HIGH |
| An issue was discovered on Diqee Diqee360 devices. A firmware update process, integrated into the firmware, starts at boot and tries to find the update folder on the microSD card. It executes code, without a digital signature, as root from the /mnt/sdcard/$PRO_NAME/upgrade.sh or /sdcard/upgrage_360/upgrade.sh pathname. | |||||
| CVE-2018-5237 | 1 Symantec | 1 Endpoint Protection | 2019-10-03 | 6.5 MEDIUM | 8.8 HIGH |
| Symantec Endpoint Protection prior to 14 RU1 MP1 or 12.1 RU6 MP10 could be susceptible to a privilege escalation vulnerability, which is a type of issue that allows a user to gain elevated access to resources that are normally protected at lower access levels. | |||||
| CVE-2018-18600 | 1 Guardzilla | 4 180 Indoor, 180 Indoor Firmware, 180 Outdoor and 1 more | 2019-10-03 | 9.3 HIGH | 8.1 HIGH |
| The remote upgrade feature in Guardzilla GZ180 devices allow command injection via a crafted new firmware version parameter. | |||||
| CVE-2018-5708 | 1 Dlink | 2 Dir-601, Dir-601 Firmware | 2019-10-03 | 6.1 MEDIUM | 8.0 HIGH |
| An issue was discovered on D-Link DIR-601 B1 2.02NA devices. Being on the same local network as, but being unauthenticated to, the administrator's panel, a user can obtain the admin username and cleartext password in the response (specifically, the configuration file restore_default), which is displayed in XML. | |||||
| CVE-2018-11047 | 1 Pivotal Software | 1 Cloud Foundry Uaa | 2019-10-03 | 5.0 MEDIUM | 7.5 HIGH |
| Cloud Foundry UAA, versions 4.19 prior to 4.19.2 and 4.12 prior to 4.12.4 and 4.10 prior to 4.10.2 and 4.7 prior to 4.7.6 and 4.5 prior to 4.5.7, incorrectly authorizes requests to admin endpoints by accepting a valid refresh token in lieu of an access token. Refresh tokens by design have a longer expiration time than access tokens, allowing the possessor of a refresh token to authenticate longer than expected. This affects the administrative endpoints of the UAA. i.e. /Users, /Groups, etc. However, if the user has been deleted or had groups removed, or the client was deleted, the refresh token will no longer be valid. | |||||
| CVE-2017-18265 | 2 Debian, Prosody | 2 Debian Linux, Prosody | 2019-10-03 | 5.0 MEDIUM | 7.5 HIGH |
| Prosody before 0.10.0 allows remote attackers to cause a denial of service (application crash), related to an incompatibility with certain versions of the LuaSocket library, such as the lua-socket package from Debian stretch. The attacker needs to trigger a stream error. A crash can be observed in, for example, the c2s module. | |||||
| CVE-2018-11050 | 1 Dell | 1 Emc Networker | 2019-10-03 | 3.3 LOW | 8.8 HIGH |
| Dell EMC NetWorker versions between 9.0 and 9.1.1.8 through 9.2.1.3, and the version 18.1.0.1 contain a Clear-Text authentication over network vulnerability in the Rabbit MQ Advanced Message Queuing Protocol (AMQP) component. User credentials are sent unencrypted to the remote AMQP service. An unauthenticated attacker in the same network collision domain, could potentially sniff the password from the network and use it to access the component using the privileges of the compromised user. | |||||
| CVE-2018-5240 | 1 Symantec | 1 Inventory | 2019-10-03 | 5.2 MEDIUM | 8.0 HIGH |
| The Inventory Plugin for Symantec Management Agent prior to 7.6 POST HF7, 8.0 POST HF6, or 8.1 RU7 may be susceptible to a privilege escalation vulnerability, which is a type of issue that allows a user to gain elevated access to resources that are normally protected at lower access levels. | |||||
| CVE-2018-11145 | 1 Quest | 1 Disk Backup | 2019-10-03 | 6.5 MEDIUM | 8.8 HIGH |
| Quest DR Series Disk Backup software version before 4.0.3.1 allows command injection (issue 3 of 46). | |||||
| CVE-2018-11146 | 1 Quest | 1 Disk Backup | 2019-10-03 | 6.5 MEDIUM | 8.8 HIGH |
| Quest DR Series Disk Backup software version before 4.0.3.1 allows command injection (issue 4 of 46). | |||||
| CVE-2018-11147 | 1 Quest | 1 Disk Backup | 2019-10-03 | 6.5 MEDIUM | 8.8 HIGH |
| Quest DR Series Disk Backup software version before 4.0.3.1 allows command injection (issue 5 of 46). | |||||
| CVE-2018-11148 | 1 Quest | 1 Disk Backup | 2019-10-03 | 6.5 MEDIUM | 8.8 HIGH |
| Quest DR Series Disk Backup software version before 4.0.3.1 allows command injection (issue 6 of 46). | |||||
| CVE-2018-11175 | 1 Quest | 1 Disk Backup | 2019-10-03 | 6.5 MEDIUM | 8.8 HIGH |
| Quest DR Series Disk Backup software version before 4.0.3.1 allows command injection (issue 33 of 46). | |||||
| CVE-2018-11176 | 1 Quest | 1 Disk Backup | 2019-10-03 | 6.5 MEDIUM | 8.8 HIGH |
| Quest DR Series Disk Backup software version before 4.0.3.1 allows command injection (issue 34 of 46). | |||||
| CVE-2018-11177 | 1 Quest | 1 Disk Backup | 2019-10-03 | 6.5 MEDIUM | 8.8 HIGH |
| Quest DR Series Disk Backup software version before 4.0.3.1 allows command injection (issue 35 of 46). | |||||
| CVE-2018-11178 | 1 Quest | 1 Disk Backup | 2019-10-03 | 6.5 MEDIUM | 8.8 HIGH |
| Quest DR Series Disk Backup software version before 4.0.3.1 allows command injection (issue 36 of 46). | |||||
| CVE-2018-11190 | 1 Quest | 1 Disk Backup | 2019-10-03 | 9.0 HIGH | 8.8 HIGH |
| Quest DR Series Disk Backup software version before 4.0.3.1 allows privilege escalation (issue 2 of 6). | |||||
| CVE-2018-11191 | 1 Quest | 1 Disk Backup | 2019-10-03 | 9.0 HIGH | 8.8 HIGH |
| Quest DR Series Disk Backup software version before 4.0.3.1 allows privilege escalation (issue 3 of 6). | |||||
| CVE-2018-11192 | 1 Quest | 1 Disk Backup | 2019-10-03 | 9.0 HIGH | 8.8 HIGH |
| Quest DR Series Disk Backup software version before 4.0.3.1 allows privilege escalation (issue 4 of 6). | |||||
| CVE-2018-11193 | 1 Quest | 1 Disk Backup | 2019-10-03 | 9.0 HIGH | 8.8 HIGH |
| Quest DR Series Disk Backup software version before 4.0.3.1 allows privilege escalation (issue 5 of 6). | |||||
| CVE-2018-18562 | 1 Roche | 8 Accu-chek Inform Ii, Accu-chek Inform Ii Firmware, Base Unit Hub and 5 more | 2019-10-03 | 3.3 LOW | 8.8 HIGH |
| An issue was discovered in Roche Accu-Chek Inform II Base Unit / Base Unit Hub before 03.01.04 and CoaguChek / cobas h232 Handheld Base Unit before 03.01.04. Weak access credentials may enable attackers in the adjacent network to gain unauthorized service access via a service interface. | |||||
| CVE-2018-11323 | 1 Joomla | 1 Joomla\! | 2019-10-03 | 6.5 MEDIUM | 8.8 HIGH |
| An issue was discovered in Joomla! Core before 3.8.8. Inadequate checks allowed users to modify the access levels of user groups with higher permissions. | |||||
| CVE-2018-15502 | 1 Lwolf | 1 Loading Docs | 2019-10-03 | 5.0 MEDIUM | 7.5 HIGH |
| Insecure permissions in Lone Wolf Technologies loadingDOCS 2018-08-13 allow remote attackers to download any confidential files via https requests for predictable URLs. | |||||
| CVE-2018-11363 | 1 Pdfgen | 1 Pdfgen | 2019-10-03 | 5.0 MEDIUM | 7.5 HIGH |
| jpeg_size in pdfgen.c in PDFGen before 2018-04-09 has a heap-based buffer over-read. | |||||
| CVE-2017-18225 | 2 Gentoo, Jabberd2 | 2 Linux, Jabberd2 | 2019-10-03 | 4.6 MEDIUM | 7.8 HIGH |
| The Gentoo net-im/jabberd2 package through 2.6.1 installs jabberd, jabberd2-c2s, jabberd2-router, jabberd2-s2s, and jabberd2-sm in /usr/bin owned by the jabber account, which might allow local users to gain privileges by leveraging access to this account and then waiting for root to execute one of these programs. | |||||
| CVE-2018-11446 | 1 Gold Reward Project | 1 Gold Reward | 2019-10-03 | 5.0 MEDIUM | 7.5 HIGH |
| The buy function of a smart contract implementation for Gold Reward (GRX), an Ethereum ERC20 token, allows a potential trap that could be used to cause financial damage to the buyer because of overflow of the multiplication of its argument amount and a manipulable variable buyPrice, aka the "tradeTrap" issue. | |||||
| CVE-2018-1146 | 1 Belkin | 2 N750, N750 Firmware | 2019-10-03 | 5.0 MEDIUM | 7.5 HIGH |
| A remote unauthenticated user can enable telnet on the Belkin N750 using firmware version 1.10.22 by sending a crafted HTTP request to set.cgi. When enabled the telnet session requires no password and provides root access. | |||||
| CVE-2018-11906 | 1 Google | 1 Android | 2019-10-03 | 7.2 HIGH | 7.8 HIGH |
| In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, there is a security concern with default privileged access to ADB and debug-fs. | |||||
| CVE-2018-15767 | 1 Dell | 1 Openmanage Network Manager | 2019-10-03 | 9.0 HIGH | 8.8 HIGH |
| The Dell OpenManage Network Manager virtual appliance versions prior to 6.5.3 contain an improper authorization vulnerability caused by a misconfiguration in the /etc/sudoers file. | |||||
| CVE-2018-11646 | 1 Webkitgtk | 1 Webkitgtk\+ | 2019-10-03 | 5.0 MEDIUM | 7.5 HIGH |
| webkitFaviconDatabaseSetIconForPageURL and webkitFaviconDatabaseSetIconURLForPageURL in UIProcess/API/glib/WebKitFaviconDatabase.cpp in WebKit, as used in WebKitGTK+ through 2.21.3, mishandle an unset pageURL, leading to an application crash. | |||||
| CVE-2018-1154 | 1 Tenable | 1 Securitycenter | 2019-10-03 | 3.3 LOW | 8.8 HIGH |
| In SecurityCenter versions prior to 5.7.0, a username enumeration issue could allow an unauthenticated attacker to automate the discovery of username aliases via brute force, ultimately facilitating unauthorized access. Server response output has been unified to correct this issue. | |||||
| CVE-2018-18392 | 1 Moxa | 1 Thingspro | 2019-10-03 | 6.5 MEDIUM | 8.8 HIGH |
| Privilege Escalation via Broken Access Control in Moxa ThingsPro IIoT Gateway and Device Management Software Solutions version 2.1. | |||||
| CVE-2018-18391 | 1 Moxa | 1 Thingspro | 2019-10-03 | 6.5 MEDIUM | 8.8 HIGH |
| User Privilege Escalation in Moxa ThingsPro IIoT Gateway and Device Management Software Solutions version 2.1. | |||||
| CVE-2018-18387 | 1 Playsms Project | 1 Playsms | 2019-10-03 | 9.0 HIGH | 8.8 HIGH |
| playSMS through 1.4.2 allows Privilege Escalation through Daemon abuse. | |||||