Search
Total
49350 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2018-11964 | 1 Google | 1 Android | 2019-10-03 | 7.2 HIGH | 7.8 HIGH |
| In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, Exposing the hashed content in /etc/passwd may lead to security issue. | |||||
| CVE-2018-11965 | 1 Google | 1 Android | 2019-10-03 | 7.2 HIGH | 7.8 HIGH |
| In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, Anyone can execute proptrigger.sh which will lead to change in properties. | |||||
| CVE-2018-11985 | 1 Google | 1 Android | 2019-10-03 | 4.6 MEDIUM | 7.8 HIGH |
| In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, When allocating heap using user supplied size, Possible heap overflow vulnerability due to integer overflow in roundup to native pointer. | |||||
| CVE-2018-12067 | 1 Substratum | 1 Substratum | 2019-10-03 | 5.0 MEDIUM | 7.5 HIGH |
| The sell function of a smart contract implementation for Substratum (SUB), a tradable Ethereum ERC20 token, allows a potential trap that could be used to cause financial damage to the seller, because of overflow of the multiplication of its argument amount and a manipulable variable sellPrice, aka the "tradeTrap" issue. | |||||
| CVE-2018-12068 | 1 Tgtcoins | 1 Target Coin | 2019-10-03 | 5.0 MEDIUM | 7.5 HIGH |
| The sell function of a smart contract implementation for Target Coin (TGT), a tradable Ethereum ERC20 token, allows a potential trap that could be used to cause financial damage to the seller, because of overflow of the multiplication of its argument amount and a manipulable variable sellPrice, aka the "tradeTrap" issue. | |||||
| CVE-2018-12070 | 1 Sec Project | 1 Sec | 2019-10-03 | 5.0 MEDIUM | 7.5 HIGH |
| The sell function of a smart contract implementation for SEC, a tradable Ethereum ERC20 token, allows a potential trap that could be used to cause financial damage to the seller, because of overflow of the multiplication of its argument amount and a manipulable variable sellPrice, aka the "tradeTrap" issue. | |||||
| CVE-2018-12173 | 1 Intel | 28 Compute Module Hns2600bp, Compute Module Hns2600bp Firmware, Compute Module Hns2600bpr and 25 more | 2019-10-03 | 7.2 HIGH | 7.6 HIGH |
| Insufficient access protection in firmware in Intel Server Board, Intel Server System and Intel Compute Module before firmware version 00.01.0014 may allow an unauthenticated attacker to potentially execute arbitrary code resulting in information disclosure, escalation of privilege and/or denial of service via local access. | |||||
| CVE-2018-12175 | 1 Intel | 1 Distribution For Python | 2019-10-03 | 4.6 MEDIUM | 7.8 HIGH |
| Default install directory permissions in Intel Distribution for Python (IDP) version 2018 may allow an unprivileged user to escalate privileges via local access. | |||||
| CVE-2018-12176 | 1 Intel | 29 Compute Card Cd1iv128mk, Compute Card Cd1m3128mk, Compute Card Cd1p64gk and 26 more | 2019-10-03 | 7.2 HIGH | 8.2 HIGH |
| Improper input validation in firmware for Intel NUC Kits may allow a privileged user to potentially execute arbitrary code resulting in information disclosure, escalation of privilege and/or denial of service via local access. | |||||
| CVE-2018-12177 | 1 Intel | 24 Dual Band Wireless-ac 3160, Dual Band Wireless-ac 3165, Dual Band Wireless-ac 3168 and 21 more | 2019-10-03 | 4.6 MEDIUM | 7.8 HIGH |
| Improper directory permissions in the ZeroConfig service in Intel(R) PROSet/Wireless WiFi Software before version 20.90.0.7 may allow an authorized user to potentially enable escalation of privilege via local access. | |||||
| CVE-2018-12296 | 1 Seagate | 1 Nas Os | 2019-10-03 | 5.0 MEDIUM | 7.5 HIGH |
| Insufficient access control in /api/external/7.0/system.System.get_infos in Seagate NAS OS version 4.3.15.1 allows attackers to obtain information about the NAS without authentication via empty POST requests. | |||||
| CVE-2018-1231 | 1 Pivotal Software | 1 Bosh Cli | 2019-10-03 | 6.5 MEDIUM | 8.8 HIGH |
| Cloud Foundry BOSH CLI, versions prior to v3.0.1, contains an improper access control vulnerability. A user with access to an instance using the BOSH CLI can access the BOSH CLI configuration file and use its contents to perform authenticated requests to BOSH. | |||||
| CVE-2018-12333 | 1 Ecos | 2 Secure Boot Stick, Secure Boot Stick Firmware | 2019-10-03 | 6.8 MEDIUM | 8.1 HIGH |
| Insufficient Verification of Data Authenticity vulnerability in ECOS Secure Boot Stick (aka SBS) 5.6.5 allows an attacker to manipulate security relevant configurations and execute malicious code. | |||||
| CVE-2018-12334 | 1 Ecos | 2 Secure Boot Stick, Secure Boot Stick Firmware | 2019-10-03 | 6.5 MEDIUM | 7.5 HIGH |
| Protection Mechanism Failure in ECOS Secure Boot Stick (aka SBS) 5.6.5 allows an attacker to compromise authentication and encryption keys via a virtualization attack. | |||||
| CVE-2018-12335 | 1 Ecos | 1 System Management Appliance | 2019-10-03 | 4.1 MEDIUM | 7.3 HIGH |
| Incorrect access control in ECOS System Management Appliance (aka SMA) 5.2.68 allows a user to compromise authentication keys, and access and manipulate security relevant configurations, via unrestricted database access during Easy Enrollment. | |||||
| CVE-2018-12395 | 4 Canonical, Debian, Mozilla and 1 more | 8 Ubuntu Linux, Debian Linux, Firefox and 5 more | 2019-10-03 | 5.0 MEDIUM | 7.5 HIGH |
| By rewriting the Host: request headers using the webRequest API, a WebExtension can bypass domain restrictions through domain fronting. This would allow access to domains that share a host that are otherwise restricted. This vulnerability affects Firefox ESR < 60.3 and Firefox < 63. | |||||
| CVE-2018-1240 | 1 Emc | 1 Vipr Controller | 2019-10-03 | 2.7 LOW | 8.0 HIGH |
| Dell EMC ViPR Controller, versions after 3.0.0.38, contain an information exposure vulnerability in the VRRP. VRRP defaults to an insecure configuration in Linux's keepalived component which sends the cluster password in plaintext through multicast. A malicious user, having access to the vCloud subnet where ViPR is deployed, could potentially sniff the password and use it to take over the cluster's virtual IP and cause a denial of service on that ViPR Controller system. | |||||
| CVE-2018-12520 | 1 Ntop | 1 Ntopng | 2019-10-03 | 6.8 MEDIUM | 8.1 HIGH |
| An issue was discovered in ntopng 3.4 before 3.4.180617. The PRNG involved in the generation of session IDs is not seeded at program startup. This results in deterministic session IDs being allocated for active user sessions. An attacker with foreknowledge of the operating system and standard library in use by the host running the service and the username of the user whose session they're targeting can abuse the deterministic random number generation in order to hijack the user's session, thus escalating their access. | |||||
| CVE-2018-19853 | 1 Hitshop Project | 1 Hitshop | 2019-10-03 | 6.5 MEDIUM | 8.8 HIGH |
| An issue was discovered in hitshop through 2014-07-15. There is an elevation-of-privilege vulnerability (that allows control over the whole web site) via the admin.php/user/add URI because a storekeeper account (which is supposed to have only privileges for commodity management) can add an administrator account. | |||||
| CVE-2018-12642 | 1 Froxlor | 1 Froxlor | 2019-10-03 | 5.0 MEDIUM | 7.5 HIGH |
| Froxlor through 0.9.39.5 has Incorrect Access Control for tickets not owned by the current user. | |||||
| CVE-2018-12698 | 2 Canonical, Gnu | 2 Ubuntu Linux, Binutils | 2019-10-03 | 5.0 MEDIUM | 7.5 HIGH |
| demangle_template in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.30, allows attackers to trigger excessive memory consumption (aka OOM) during the "Create an array for saving the template argument values" XNEWVEC call. This can occur during execution of objdump. | |||||
| CVE-2018-12692 | 1 Tp-link | 2 Tl-wa850re, Tl-wa850re Firmware | 2019-10-03 | 6.5 MEDIUM | 8.8 HIGH |
| TP-Link TL-WA850RE Wi-Fi Range Extender with hardware version 5 allows remote authenticated users to execute arbitrary commands via shell metacharacters in the wps_setup_pin parameter to /data/wps.setup.json. | |||||
| CVE-2018-19793 | 1 Jiacrontab Project | 1 Jiacrontab | 2019-10-03 | 6.5 MEDIUM | 7.2 HIGH |
| jiacrontab 1.4.5 allows remote attackers to execute arbitrary commands via the crontab/task/edit?addr=localhost%3a20001 command and args parameters, as demonstrated by command=cat&args=/etc/passwd in the POST data. | |||||
| CVE-2018-19648 | 1 Adtran | 1 Pmaa | 2019-10-03 | 9.0 HIGH | 8.8 HIGH |
| An issue was discovered in ADTRAN PMAA 1.6.2-1, 1.6.3, and 1.6.4. NETCONF Access Management (NACM) allows unprivileged users to create privileged users and execute arbitrary commands via the use of the diagnostic-profile over RESTCONF. | |||||
| CVE-2018-19639 | 1 Opensuse | 1 Supportutils | 2019-10-03 | 7.2 HIGH | 7.8 HIGH |
| If supportutils before version 3.1-5.7.1 is run with -v to perform rpm verification and the attacker manages to manipulate the rpm listing (e.g. with CVE-2018-19638) he can execute arbitrary commands as root. | |||||
| CVE-2018-19475 | 4 Artifex, Canonical, Debian and 1 more | 10 Ghostscript, Ubuntu Linux, Debian Linux and 7 more | 2019-10-03 | 6.8 MEDIUM | 7.8 HIGH |
| psi/zdevice2.c in Artifex Ghostscript before 9.26 allows remote attackers to bypass intended access restrictions because available stack space is not checked when the device remains the same. | |||||
| CVE-2018-13140 | 3 Druide, Linux, Microsoft | 3 Antidote 9, Linux Kernel, Windows | 2019-10-03 | 9.3 HIGH | 8.1 HIGH |
| Druide Antidote through 9.5.1 on Windows and Linux allows remote code execution through the update mechanism by leveraging use of HTTP to download installation packages. | |||||
| CVE-2018-19374 | 1 Zohocorp | 1 Manageengine Admanager Plus | 2019-10-03 | 6.9 MEDIUM | 7.0 HIGH |
| Zoho ManageEngine ADManager Plus 6.6 Build 6657 allows local users to gain privileges (after a reboot) by placing a Trojan horse file into the permissive bin directory. | |||||
| CVE-2018-19359 | 1 Gitlab | 1 Gitlab | 2019-10-03 | 6.5 MEDIUM | 8.8 HIGH |
| GitLab Community and Enterprise Edition 8.9 and later and before 11.5.0-rc12, 11.4.6, and 11.3.10 has Incorrect Access Control. | |||||
| CVE-2018-19396 | 1 Php | 1 Php | 2019-10-03 | 5.0 MEDIUM | 7.5 HIGH |
| ext/standard/var_unserializer.c in PHP 5.x through 7.1.24 allows attackers to cause a denial of service (application crash) via an unserialize call for the com, dotnet, or variant class. | |||||
| CVE-2018-6635 | 1 Avaya | 1 Aura | 2019-10-03 | 6.0 MEDIUM | 7.5 HIGH |
| System Manager in Avaya Aura before 7.1.2 does not properly use SSL in conjunction with authentication, which allows remote attackers to bypass intended Remote Method Invocation (RMI) restrictions, aka SMGR-26896. | |||||
| CVE-2018-13321 | 1 Buffalo | 2 Ts5600d1206, Ts5600d1206 Firmware | 2019-10-03 | 6.5 MEDIUM | 8.8 HIGH |
| Incorrect access controls in nasapi in Buffalo TS5600D1206 version 3.61-0.10 allow attackers to call dangerous internal functions via the "method" parameter. | |||||
| CVE-2018-19125 | 1 Prestashop | 1 Prestashop | 2019-10-03 | 6.4 MEDIUM | 7.5 HIGH |
| PrestaShop 1.6.x before 1.6.1.23 and 1.7.x before 1.7.4.4 allows remote attackers to delete an image directory. | |||||
| CVE-2018-13341 | 1 Crestron | 15 Mc3, Mc3 Firmware, Tsw-1060-b-s and 12 more | 2019-10-03 | 4.0 MEDIUM | 8.8 HIGH |
| Crestron TSW-X60 all versions prior to 2.001.0037.001 and MC3 all versions prior to 1.502.0047.00, The passwords for special sudo accounts may be calculated using information accessible to those with regular user privileges. Attackers could decipher these passwords, which may allow them to execute hidden API calls and escape the CTP console sandbox environment with elevated privileges. | |||||
| CVE-2018-13353 | 1 Terra-master | 1 Terramaster Operating System | 2019-10-03 | 9.0 HIGH | 8.8 HIGH |
| System command injection in ajaxdata.php in TerraMaster TOS version 3.1.03 allows attackers to execute commands via the "checkport" parameter. | |||||
| CVE-2018-13356 | 1 Terra-master | 1 Terramaster Operating System | 2019-10-03 | 9.0 HIGH | 8.8 HIGH |
| Incorrect access control on ajaxdata.php in TerraMaster TOS version 3.1.03 allows attackers to elevate user permissions. | |||||
| CVE-2018-13376 | 1 Fortinet | 1 Fortios | 2019-10-03 | 5.0 MEDIUM | 7.5 HIGH |
| An uninitialized memory buffer leak exists in Fortinet FortiOS 5.6.1 to 5.6.3, 5.4.6 to 5.4.7, 5.2 all versions under web proxy's disclaimer response web pages, potentially causing sensitive data to be displayed in the HTTP response. | |||||
| CVE-2018-13397 | 1 Atlassian | 1 Sourcetree | 2019-10-03 | 9.0 HIGH | 8.8 HIGH |
| There was an argument injection vulnerability in Sourcetree for Windows from version 0.5.1.0 before version 3.0.0 via Git subrepositories in Mercurial repositories. An attacker with permission to commit to a Mercurial repository linked in Sourcetree for Windows is able to exploit this issue to gain code execution on the system. | |||||
| CVE-2018-13418 | 1 Terra-master | 1 Terramaster Operating System | 2019-10-03 | 9.0 HIGH | 8.8 HIGH |
| System command injection in ajaxdata.php in TerraMaster TOS 3.1.03 allows attackers to execute system commands via the "newname" parameter. | |||||
| CVE-2018-13420 | 1 Gperftools Project | 1 Gperftools | 2019-10-03 | 5.0 MEDIUM | 7.5 HIGH |
| ** DISPUTED ** Google gperftools 2.7 has a memory leak in malloc_extension.cc, related to MallocExtension::Register and InitModule. NOTE: the software maintainer indicates that this is not a bug; it is only a false-positive report from the LeakSanitizer program. | |||||
| CVE-2018-19114 | 1 Iminho | 1 Mindoc | 2019-10-03 | 6.5 MEDIUM | 8.8 HIGH |
| An issue was discovered in MinDoc through v1.0.2. It allows attackers to gain privileges by uploading an image file with contents that represent an admin session, and then sending a Cookie: header with a mindoc_id value containing the relative pathname of this uploaded file. For example, the mindoc_id (aka session ID) could be of the form aa/../../uploads/blog/201811/attach_#.jpg where '#' is a hex value displayed in the upload field of a manage/blogs/edit/ screen. | |||||
| CVE-2018-19113 | 1 Pronestor | 1 Pronestor Health Monitoring | 2019-10-03 | 4.4 MEDIUM | 7.3 HIGH |
| The Pronestor PNHM (aka Health Monitoring or HealthMonitor) add-in before 8.1.13.0 for Outlook has "BUILTIN\Users:(I)(F)" permissions for the "%PROGRAMFILES(X86)%\proNestor\Outlook add-in for Pronestor\PronestorHealthMonitor.exe" file, which allows local users to gain privileges via a Trojan horse PronestorHealthMonitor.exe file. | |||||
| CVE-2018-19109 | 1 Tianti Project | 1 Tianti | 2019-10-03 | 6.5 MEDIUM | 8.8 HIGH |
| tianti 2.3 allows remote authenticated users to bypass intended permission restrictions by visiting tianti-module-admin/cms/column/list directly to read the column list page or edit a column. | |||||
| CVE-2018-19074 | 2 Foscam, Opticam | 6 C2, C2 Application Firmware, C2 System Firmware and 3 more | 2019-10-03 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered on Foscam C2 devices with System Firmware 1.11.1.8 and Application Firmware 2.72.1.32, and Opticam i5 devices with System Firmware 1.5.2.11 and Application Firmware 2.21.1.128. The firewall has no effect except for blocking port 443 and partially blocking port 88. | |||||
| CVE-2018-19071 | 2 Foscam, Opticam | 6 C2, C2 Application Firmware, C2 System Firmware and 3 more | 2019-10-03 | 4.6 MEDIUM | 7.8 HIGH |
| An issue was discovered on Foscam C2 devices with System Firmware 1.11.1.8 and Application Firmware 2.72.1.32, and Opticam i5 devices with System Firmware 1.5.2.11 and Application Firmware 2.21.1.128. /mnt/mtd/boot.sh has 0777 permissions, allowing local users to control the commands executed at system start-up. | |||||
| CVE-2018-1360 | 1 Fortinet | 1 Fortimanager | 2019-10-03 | 4.3 MEDIUM | 8.1 HIGH |
| A cleartext transmission of sensitive information vulnerability in Fortinet FortiManager 5.2.0 through 5.2.7, 5.4.0 and 5.4.1 may allow an unauthenticated attacker in a man in the middle position to retrieve the admin password via intercepting REST API JSON responses. | |||||
| CVE-2018-18638 | 1 Neatorobotics | 2 Botvac Connected, Botvac Connected Firmware | 2019-10-03 | 9.3 HIGH | 8.1 HIGH |
| A command injection vulnerability in the setup API in the Neato Botvac Connected 2.2.0 allows network attackers to execute arbitrary commands via shell metacharacters in the ntp field within JSON data to the /robot/initialize endpoint. | |||||
| CVE-2018-18600 | 1 Guardzilla | 4 180 Indoor, 180 Indoor Firmware, 180 Outdoor and 1 more | 2019-10-03 | 9.3 HIGH | 8.1 HIGH |
| The remote upgrade feature in Guardzilla GZ180 devices allow command injection via a crafted new firmware version parameter. | |||||
| CVE-2018-18581 | 1 Lupng Project | 1 Lupng | 2019-10-03 | 6.8 MEDIUM | 8.8 HIGH |
| An issue has been found in LuPng through 2017-03-10. It is a heap-based buffer over-read in internalPrintf in miniz/lupng.c. | |||||
| CVE-2018-18562 | 1 Roche | 8 Accu-chek Inform Ii, Accu-chek Inform Ii Firmware, Base Unit Hub and 5 more | 2019-10-03 | 3.3 LOW | 8.8 HIGH |
| An issue was discovered in Roche Accu-Chek Inform II Base Unit / Base Unit Hub before 03.01.04 and CoaguChek / cobas h232 Handheld Base Unit before 03.01.04. Weak access credentials may enable attackers in the adjacent network to gain unauthorized service access via a service interface. | |||||