Search
Total
49350 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2018-3978 | 1 Atlantiswordprocessor | 1 Atlantis Word Processor | 2018-11-23 | 6.8 MEDIUM | 7.8 HIGH |
| An exploitable out-of-bounds write vulnerability exists in the Word Document parser of the Atlantis Word Processor 3.0.2.3, 3.0.2.5. A specially crafted document can cause Atlantis to write a value outside the bounds of a heap allocation, resulting in a buffer overflow. An attacker must convince a victim to open a document in order to trigger this vulnerability. | |||||
| CVE-2018-16299 | 1 Localize My Post Project | 1 Localize My Post | 2018-11-23 | 5.0 MEDIUM | 7.5 HIGH |
| The Localize My Post plugin 1.0 for WordPress allows Directory Traversal via the ajax/include.php file parameter. | |||||
| CVE-2018-11982 | 1 Qualcomm | 56 Mdm9206, Mdm9206 Firmware, Mdm9607 and 53 more | 2018-11-23 | 8.3 HIGH | 8.8 HIGH |
| In Snapdragon (Mobile, Wear) in version MDM9206, MDM9607, MDM9635M, MDM9640, MDM9645, MDM9655, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 810, SD 820, SD 835, Snapdragon_High_Med_2016, a double free of ASN1 heap memory used for EUTRA CAP container occurs during UTRAN to LTE Capability inquiry procedure. | |||||
| CVE-2017-1083 | 1 Freebsd | 1 Freebsd | 2018-11-23 | 7.8 HIGH | 7.5 HIGH |
| In FreeBSD before 11.2-RELEASE, a stack guard-page is available but is disabled by default. This results in the possibility a poorly written process could be cause a stack overflow. | |||||
| CVE-2017-1084 | 1 Freebsd | 1 Freebsd | 2018-11-23 | 7.8 HIGH | 7.5 HIGH |
| In FreeBSD before 11.2-RELEASE, multiple issues with the implementation of the stack guard-page reduce the protections afforded by the guard-page. This results in the possibility a poorly written process could be cause a stack overflow. | |||||
| CVE-2017-1085 | 1 Freebsd | 1 Freebsd | 2018-11-23 | 7.2 HIGH | 7.8 HIGH |
| In FreeBSD before 11.2-RELEASE, an application which calls setrlimit() to increase RLIMIT_STACK may turn a read-only memory region below the stack into a read-write region. A specially crafted executable could be exploited to execute arbitrary code in the user context. | |||||
| CVE-2018-0597 | 1 Microsoft | 1 Visual Studio Code | 2018-11-23 | 6.8 MEDIUM | 7.8 HIGH |
| Untrusted search path vulnerability in the installer of Visual Studio Code allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. | |||||
| CVE-2018-11285 | 1 Qualcomm | 64 Mdm9206, Mdm9206 Firmware, Mdm9607 and 61 more | 2018-11-23 | 9.3 HIGH | 7.8 HIGH |
| In Snapdragon (Automobile, Mobile, Wear) in version MDM9206, MDM9607, MDM9650, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 450, SD 615/16/SD 415, SD 625, SD 650/52, SD 810, SD 820, SD 820A, SD 835, SD 845, SDA660, SDM429, SDM439, SDM630, SDM632, SDM636, SDM660, SDM710, SDX20, Snapdragon_High_Med_2016, while parsing FLAC file with corrupted picture block, a buffer over-read can occur. | |||||
| CVE-2018-11269 | 1 Qualcomm | 70 Mdm9206, Mdm9206 Firmware, Mdm9607 and 67 more | 2018-11-23 | 7.2 HIGH | 7.8 HIGH |
| In Snapdragon (Automobile, Mobile, Wear) in version MDM9206, MDM9607, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 450, SD 625, SD 650/52, SD 810, SD 820, SD 820A, SD 835, SD 845, SD 850, SDA660, SDM429, SDM439, SDM630, SDM632, SDM636, SDM660, SDM710, SDX20, Snapdragon_High_Med_2016, a potential buffer overflow exists when parsing TFTP options. | |||||
| CVE-2018-17442 | 1 D-link | 1 Central Wifimanager | 2018-11-23 | 6.5 MEDIUM | 8.8 HIGH |
| An issue was discovered on D-Link Central WiFi Manager before v 1.03r0100-Beta1. An unrestricted file upload vulnerability in the onUploadLogPic endpoint allows remote authenticated users to execute arbitrary PHP code. | |||||
| CVE-2018-17562 | 1 Multitech | 1 Faxfinder | 2018-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| Multi-Tech FaxFinder before 5.1.6 has SQL Injection via a status/call_details?oid= URI, allowing an attacker to extract the underlying database schema to further disclose other fax server information through different injection points. | |||||
| CVE-2018-7107 | 1 Hpe | 1 Device Entitlement Gateway | 2018-11-21 | 6.5 MEDIUM | 8.8 HIGH |
| A potential security vulnerability has been identified in HPE Device Entitlement Gateway (DEG) v3.2.4, v3.3 and v3.3.1. The vulnerability could be remotely exploited to allow local SQL injection and elevation of privilege. | |||||
| CVE-2018-18193 | 1 Linuxsampler | 1 Libgig | 2018-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| An issue was discovered in libgig 4.1.0. There is operator new[] failure (due to a big pWavePoolTable heap request) in DLS::File::File in DLS.cpp. | |||||
| CVE-2018-18194 | 1 Linuxsampler | 1 Libgig | 2018-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| An issue was discovered in libgig 4.1.0. There is a heap-based buffer over-read in DLS::Region::GetSample() in DLS.cpp. | |||||
| CVE-2018-18196 | 1 Linuxsampler | 1 Libgig | 2018-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| An issue was discovered in libgig 4.1.0. There is a heap-based buffer over-read in RIFF::List::GetListTypeString in RIFF.cpp. | |||||
| CVE-2018-18191 | 1 Finecms | 1 Finecms | 2018-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| Cross-site request forgery (CSRF) vulnerability in /admin.php?c=member&m=edit&uid=1 in dayrui FineCms 5.4 allows remote attackers to change the administrator's password. | |||||
| CVE-2018-18215 | 1 Youke365 | 1 Youke 365 | 2018-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| In youke365 v1.1.5, admin/user.html has a CSRF vulnerability that can add an user account. | |||||
| CVE-2018-12818 | 1 Adobe | 1 Digital Editions | 2018-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| Adobe Digital Editions versions 4.5.8 and below have an out of bounds read vulnerability. Successful exploitation could lead to information disclosure. | |||||
| CVE-2018-12819 | 1 Adobe | 1 Digital Editions | 2018-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| Adobe Digital Editions versions 4.5.8 and below have an out of bounds read vulnerability. Successful exploitation could lead to information disclosure. | |||||
| CVE-2018-12820 | 1 Adobe | 1 Digital Editions | 2018-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| Adobe Digital Editions versions 4.5.8 and below have an out of bounds read vulnerability. Successful exploitation could lead to information disclosure. | |||||
| CVE-2018-12821 | 1 Adobe | 1 Digital Editions | 2018-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| Adobe Digital Editions versions 4.5.8 and below have an out of bounds read vulnerability. Successful exploitation could lead to information disclosure. | |||||
| CVE-2018-12816 | 1 Adobe | 1 Digital Editions | 2018-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| Adobe Digital Editions versions 4.5.8 and below have an out of bounds read vulnerability. Successful exploitation could lead to information disclosure. | |||||
| CVE-2018-17341 | 2 Bigtreecms, Microsoft | 2 Bigtree Cms, Windows | 2018-11-21 | 6.8 MEDIUM | 8.1 HIGH |
| BigTree 4.2.23 on Windows, when Advanced or Simple Rewrite routing is enabled, allows remote attackers to bypass authentication via a ..\ substring, as demonstrated by a launch.php?bigtree_htaccess_url=admin/images/..\ URI. | |||||
| CVE-2018-17019 | 1 Bro | 1 Bro | 2018-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| In Bro through 2.5.5, there is a DoS in IRC protocol names command parsing in analyzer/protocol/irc/IRC.cc. | |||||
| CVE-2018-17102 | 1 Quickappscms | 1 Quickapps Cms | 2018-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| An issue was discovered in QuickAppsCMS (aka QACMS) through 2.0.0-beta2. A CSRF vulnerability can change the administrator password via the user/me URI. | |||||
| CVE-2018-1198 | 1 Pivotal Software | 1 Pivotal Cloud Cache | 2018-11-21 | 4.0 MEDIUM | 8.8 HIGH |
| Pivotal Cloud Cache, versions prior to 1.3.1, prints a superuser password in plain text during BOSH deployment logs. A malicious user with access to the logs could escalate their privileges using this password. | |||||
| CVE-2018-17073 | 1 Bitmap Project | 1 Bitmap | 2018-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| wernsey/bitmap before 2018-08-18 allows a NULL pointer dereference via a 4-bit image. | |||||
| CVE-2018-6557 | 1 Canonical | 1 Ubuntu Linux | 2018-11-21 | 4.4 MEDIUM | 7.0 HIGH |
| The MOTD update script in the base-files package in Ubuntu 18.04 LTS before 10.1ubuntu2.2, and Ubuntu 18.10 before 10.1ubuntu6 incorrectly handled temporary files. A local attacker could use this issue to cause a denial of service, or possibly escalate privileges if kernel symlink restrictions were disabled. | |||||
| CVE-2018-17293 | 1 Webassembly Virtual Machine Project | 1 Webassembly Virtual Machine | 2018-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| An issue was discovered in WAVM before 2018-09-16. The run function in Programs/wavm/wavm.cpp does not check whether there is Emscripten memory to store the command-line arguments passed by the input WebAssembly file's main function, which allows attackers to cause a denial of service (application crash by NULL pointer dereference) or possibly have unspecified other impact by crafting certain WebAssembly files. | |||||
| CVE-2018-16292 | 2 Foxitsoftware, Microsoft | 3 Phantompdf, Reader, Windows | 2018-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| An exploitable use-after-free vulnerability exists in the JavaScript engine of Foxit Reader before 9.3 and PhantomPDF before 9.3, a different vulnerability than CVE-2018-16291, CVE-2018-16293, CVE-2018-16294, CVE-2018-16295, CVE-2018-16296, and CVE-2018-16297. A specially crafted PDF document can trigger a previously freed object in memory to be reused, resulting in arbitrary code execution. An attacker needs to trick the user to open the malicious file to trigger this vulnerability. If the browser plugin extension is enabled, visiting a malicious site can also trigger the vulnerability. | |||||
| CVE-2018-16293 | 2 Foxitsoftware, Microsoft | 3 Phantompdf, Reader, Windows | 2018-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| An exploitable use-after-free vulnerability exists in the JavaScript engine of Foxit Reader before 9.3 and PhantomPDF before 9.3, a different vulnerability than CVE-2018-16291, CVE-2018-16292, CVE-2018-16294, CVE-2018-16295, CVE-2018-16296, and CVE-2018-16297. A specially crafted PDF document can trigger a previously freed object in memory to be reused, resulting in arbitrary code execution. An attacker needs to trick the user to open the malicious file to trigger this vulnerability. If the browser plugin extension is enabled, visiting a malicious site can also trigger the vulnerability. | |||||
| CVE-2018-16294 | 2 Foxitsoftware, Microsoft | 3 Phantompdf, Reader, Windows | 2018-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| An exploitable use-after-free vulnerability exists in the JavaScript engine of Foxit Reader before 9.3 and PhantomPDF before 9.3, a different vulnerability than CVE-2018-16291, CVE-2018-16292, CVE-2018-16293, CVE-2018-16295, CVE-2018-16296, and CVE-2018-16297. A specially crafted PDF document can trigger a previously freed object in memory to be reused, resulting in arbitrary code execution. An attacker needs to trick the user to open the malicious file to trigger this vulnerability. If the browser plugin extension is enabled, visiting a malicious site can also trigger the vulnerability. | |||||
| CVE-2018-16296 | 2 Foxitsoftware, Microsoft | 3 Phantompdf, Reader, Windows | 2018-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| An exploitable use-after-free vulnerability exists in the JavaScript engine of Foxit Reader before 9.3 and PhantomPDF before 9.3, a different vulnerability than CVE-2018-16291, CVE-2018-16292, CVE-2018-16293, CVE-2018-16294, CVE-2018-16295, and CVE-2018-16297. A specially crafted PDF document can trigger a previously freed object in memory to be reused, resulting in arbitrary code execution. An attacker needs to trick the user to open the malicious file to trigger this vulnerability. If the browser plugin extension is enabled, visiting a malicious site can also trigger the vulnerability. | |||||
| CVE-2018-16295 | 2 Foxitsoftware, Microsoft | 3 Phantompdf, Reader, Windows | 2018-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| An exploitable use-after-free vulnerability exists in the JavaScript engine of Foxit Reader before 9.3 and PhantomPDF before 9.3, a different vulnerability than CVE-2018-16291, CVE-2018-16292, CVE-2018-16293, CVE-2018-16294, CVE-2018-16296, and CVE-2018-16297. A specially crafted PDF document can trigger a previously freed object in memory to be reused, resulting in arbitrary code execution. An attacker needs to trick the user to open the malicious file to trigger this vulnerability. If the browser plugin extension is enabled, visiting a malicious site can also trigger the vulnerability. | |||||
| CVE-2018-16291 | 2 Foxitsoftware, Microsoft | 3 Phantompdf, Reader, Windows | 2018-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| An exploitable use-after-free vulnerability exists in the JavaScript engine of Foxit Reader before 9.3 and PhantomPDF before 9.3, a different vulnerability than CVE-2018-16292, CVE-2018-16293, CVE-2018-16294, CVE-2018-16295, CVE-2018-16296, and CVE-2018-16297. A specially crafted PDF document can trigger a previously freed object in memory to be reused, resulting in arbitrary code execution. An attacker needs to trick the user to open the malicious file to trigger this vulnerability. If the browser plugin extension is enabled, visiting a malicious site can also trigger the vulnerability. | |||||
| CVE-2018-16297 | 2 Foxitsoftware, Microsoft | 3 Phantompdf, Reader, Windows | 2018-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| An exploitable use-after-free vulnerability exists in the JavaScript engine of Foxit Reader before 9.3 and PhantomPDF before 9.3, a different vulnerability than CVE-2018-16291, CVE-2018-16292, CVE-2018-16293, CVE-2018-16294, CVE-2018-16295, and CVE-2018-16296. A specially crafted PDF document can trigger a previously freed object in memory to be reused, resulting in arbitrary code execution. An attacker needs to trick the user to open the malicious file to trigger this vulnerability. If the browser plugin extension is enabled, visiting a malicious site can also trigger the vulnerability. | |||||
| CVE-2018-17215 | 1 Getpostman | 1 Postman | 2018-11-21 | 4.3 MEDIUM | 8.1 HIGH |
| An information-disclosure issue was discovered in Postman through 6.3.0. It validates a server's X.509 certificate and presents an error if the certificate is not valid. Unfortunately, the associated HTTPS request data is sent anyway. Only the response is not displayed. Thus, all contained information of the HTTPS request is disclosed to a man-in-the-middle attacker (for example, user credentials). | |||||
| CVE-2018-0674 | 1 Hibara | 1 Attachecase | 2018-11-20 | 6.8 MEDIUM | 7.8 HIGH |
| AttacheCase ver.2.8.4.0 and earlier allows an arbitrary script execution via unspecified vectors. | |||||
| CVE-2018-0675 | 1 Hibara | 1 Attachecase | 2018-11-20 | 6.8 MEDIUM | 7.8 HIGH |
| AttacheCase ver.3.3.0.0 and earlier allows an arbitrary script execution via unspecified vectors. | |||||
| CVE-2018-16793 | 1 Microsoft | 1 Exchange Server | 2018-11-20 | 5.0 MEDIUM | 8.6 HIGH |
| Rollup 18 for Microsoft Exchange Server 2010 SP3 and previous versions has an SSRF vulnerability via the username parameter in /owa/auth/logon.aspx in the OWA (Outlook Web Access) login page. | |||||
| CVE-2018-0658 | 2 Ec-cube, Gmo-pg | 3 Ec-cube, Ec-cube Payment Module, Gmo-pg Payment Module | 2018-11-20 | 6.5 MEDIUM | 7.2 HIGH |
| Input validation issue in EC-CUBE Payment Module (2.12) version 3.5.23 and earlier, EC-CUBE Payment Module (2.11) version 2.3.17 and earlier, GMO-PG Payment Module (PG Multi-Payment Service) (2.12) version 3.5.23 and earlier, GMO-PG Payment Module (PG Multi-Payment Service) (2.11) version 2.3.17 and earlier allows an attacker with administrative rights to execute arbitrary PHP code on the server via unspecified vectors. | |||||
| CVE-2018-16794 | 1 Microsoft | 2 Active Directory Federation Services, Windows Server 2016 | 2018-11-20 | 5.0 MEDIUM | 8.6 HIGH |
| Microsoft ADFS 4.0 Windows Server 2016 and previous (Active Directory Federation Services) has an SSRF vulnerability via the txtBoxEmail parameter in /adfs/ls. | |||||
| CVE-2018-9496 | 1 Google | 1 Android | 2018-11-20 | 9.3 HIGH | 7.8 HIGH |
| In ixheaacd_real_synth_fft_p3 of ixheaacd_esbr_fft.c there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android Versions: Android-9.0 Android ID: A-110769924 | |||||
| CVE-2018-17104 | 1 Microweber | 1 Microweber | 2018-11-20 | 6.8 MEDIUM | 8.8 HIGH |
| An issue was discovered in Microweber 1.0.7. There is a CSRF attack (against the admin user) that can add an administrative account via api/save_user. | |||||
| CVE-2018-9497 | 1 Google | 1 Android | 2018-11-20 | 9.3 HIGH | 7.8 HIGH |
| In impeg2_fmt_conv_yuv420p_to_yuv420sp_uv_av8 of impeg2_format_conv.s there is a possible out of bounds write due to missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android Versions: Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android-9.0 Android ID: A-74078669 | |||||
| CVE-2018-9498 | 1 Google | 1 Android | 2018-11-20 | 9.3 HIGH | 7.8 HIGH |
| In SkSampler::Fill of SkSampler.cpp, there is a possible out of bounds write due to an integer overflow. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android Versions: Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android ID: A-78354855 | |||||
| CVE-2018-9503 | 1 Google | 1 Android | 2018-11-20 | 7.8 HIGH | 7.5 HIGH |
| In rfc_process_mx_message of rfc_ts_frames.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android-9.0 Android ID: A-80432928 | |||||
| CVE-2018-9513 | 1 Google | 1 Android | 2018-11-20 | 7.2 HIGH | 7.8 HIGH |
| In copy_process of fork.c, there is possible memory corruption due to a double free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android kernel Android ID: A-111081202 References: N/A | |||||
| CVE-2017-15407 | 3 Debian, Google, Redhat | 5 Debian Linux, Chrome, Enterprise Linux Desktop and 2 more | 2018-11-20 | 6.8 MEDIUM | 8.8 HIGH |
| Out-of-bounds Write in the QUIC networking stack in Google Chrome prior to 63.0.3239.84 allowed a remote attacker to gain code execution via a malicious server. | |||||
| CVE-2018-6033 | 3 Debian, Google, Redhat | 5 Debian Linux, Chrome, Enterprise Linux Desktop and 2 more | 2018-11-20 | 6.8 MEDIUM | 8.8 HIGH |
| Insufficient data validation in Downloads in Google Chrome prior to 64.0.3282.119 allowed a remote attacker to potentially run arbitrary code outside sandbox via a crafted Chrome Extension. | |||||