Search
Total
49350 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2017-15854 | 1 Google | 1 Android | 2018-08-01 | 4.6 MEDIUM | 7.8 HIGH |
| The value of fix_param->num_chans is received from firmware and if it is too large, an integer overflow can occur in wma_radio_chan_stats_event_handler() for the derived length len leading to a subsequent buffer overflow in all Android releases from CAF (Android for MSM, Firefox OS for MSM, QRD Android) using the Linux Kernel. | |||||
| CVE-2017-15857 | 1 Google | 1 Android | 2018-08-01 | 4.6 MEDIUM | 7.8 HIGH |
| In the camera driver, an out-of-bounds access can occur due to an error in copying region params from user space in all Android releases from CAF (Android for MSM, Firefox OS for MSM, QRD Android) using the Linux Kernel. | |||||
| CVE-2017-18070 | 1 Google | 1 Android | 2018-08-01 | 4.6 MEDIUM | 7.8 HIGH |
| In wma_ndp_end_response_event_handler(), the variable len_end_rsp is a uint32 which can be overflowed if the value of variable "event->num_ndp_end_rsp_per_ndi_list" is very large which can then lead to a heap overwrite of the heap object end_rsp in all Android releases from CAF (Android for MSM, Firefox OS for MSM, QRD Android) using the Linux Kernel. | |||||
| CVE-2018-12034 | 1 Virustotal | 1 Yara | 2018-08-01 | 6.8 MEDIUM | 7.8 HIGH |
| In YARA 3.7.1 and prior, parsing a specially crafted compiled rule file can cause an out of bounds read vulnerability in yr_execute_code in libyara/exec.c. | |||||
| CVE-2018-12035 | 1 Virustotal | 1 Yara | 2018-08-01 | 6.8 MEDIUM | 7.8 HIGH |
| In YARA 3.7.1 and prior, parsing a specially crafted compiled rule file can cause an out of bounds write vulnerability in yr_execute_code in libyara/exec.c. | |||||
| CVE-2018-12247 | 1 Mruby | 1 Mruby | 2018-08-01 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered in mruby 1.4.1. There is a NULL pointer dereference in mrb_class, related to certain .clone usage, because mrb_obj_clone in kernel.c copies flags other than the MRB_FLAG_IS_FROZEN flag (e.g., the embedded flag). | |||||
| CVE-2017-14020 | 1 Automationdirect | 10 C-more Micro, C-more Micro Firmware, C-more Plc and 7 more | 2018-08-01 | 9.3 HIGH | 7.8 HIGH |
| In AutomationDirect CLICK Programming Software (Part Number C0-PGMSW) Versions 2.10 and prior; C-More Programming Software (Part Number EA9-PGMSW) Versions 6.30 and prior; C-More Micro (Part Number EA-PGMSW) Versions 4.20.01.0 and prior; Do-more Designer Software (Part Number DM-PGMSW) Versions 2.0.3 and prior; GS Drives Configuration Software (Part Number GSOFT) Versions 4.0.6 and prior; SL-SOFT SOLO Temperature Controller Configuration Software (Part Number SL-SOFT) Versions 1.1.0.5 and prior; and DirectSOFT Programming Software Versions 6.1 and prior, an uncontrolled search path element (DLL Hijacking) vulnerability has been identified. To exploit this vulnerability, an attacker could rename a malicious DLL to meet the criteria of the application, and the application would not verify that the DLL is correct. Once loaded by the application, the DLL could run malicious code at the privilege level of the application. | |||||
| CVE-2018-3853 | 1 Foxitsoftware | 1 Foxit Reader | 2018-07-31 | 6.8 MEDIUM | 7.8 HIGH |
| An exploitable use-after-free vulnerability exists in the JavaScript engine of Foxit Software Foxit PDF Reader version 9.0.1.1049. A specially crafted PDF document can trigger a previously freed object in memory to be reused resulting in arbitrary code execution. An attacker needs to trick the user to open the malicious file to trigger this vulnerability. If the browser plugin extension is enabled, visiting a malicious site can also trigger the vulnerability. | |||||
| CVE-2017-16031 | 1 Socket | 1 Socket.io | 2018-07-31 | 5.0 MEDIUM | 7.5 HIGH |
| Socket.io is a realtime application framework that provides communication via websockets. Because socket.io 0.9.6 and earlier depends on `Math.random()` to create socket IDs, the IDs are predictable. An attacker is able to guess the socket ID and gain access to socket.io servers, potentially obtaining sensitive information. | |||||
| CVE-2016-5836 | 1 Wordpress | 1 Wordpress | 2018-07-31 | 5.0 MEDIUM | 7.5 HIGH |
| The oEmbed protocol implementation in WordPress before 4.5.3 allows remote attackers to cause a denial of service via unspecified vectors. | |||||
| CVE-2017-7797 | 1 Mozilla | 1 Firefox | 2018-07-30 | 5.0 MEDIUM | 7.5 HIGH |
| Response header name interning does not have same-origin protections and these headers are stored in a global registry. This allows stored header names to be available cross-origin. This vulnerability affects Firefox < 55. | |||||
| CVE-2017-7806 | 1 Mozilla | 1 Firefox | 2018-07-30 | 5.0 MEDIUM | 7.5 HIGH |
| A use-after-free vulnerability can occur when the layer manager is freed too early when rendering specific SVG content, resulting in a potentially exploitable crash. This vulnerability affects Firefox < 55. | |||||
| CVE-2017-7783 | 1 Mozilla | 1 Firefox | 2018-07-30 | 5.0 MEDIUM | 7.5 HIGH |
| If a long user name is used in a username/password combination in a site URL (such as " http://UserName:Password@example.com"), the resulting modal prompt will hang in a non-responsive state or crash, causing a denial of service. This vulnerability affects Firefox < 55. | |||||
| CVE-2017-7762 | 2 Mozilla, Redhat | 4 Firefox, Enterprise Linux Desktop, Enterprise Linux Server and 1 more | 2018-07-30 | 5.0 MEDIUM | 7.5 HIGH |
| When entered directly, Reader Mode did not strip the username and password section of URLs displayed in the addressbar. This can be used for spoofing the domain of the current page. This vulnerability affects Firefox < 54. | |||||
| CVE-2017-5467 | 2 Mozilla, Redhat | 6 Firefox, Firefox Esr, Thunderbird and 3 more | 2018-07-30 | 5.0 MEDIUM | 7.5 HIGH |
| A potential memory corruption and crash when using Skia content when drawing content outside of the bounds of a clipping region. This vulnerability affects Thunderbird < 52.1, Firefox ESR < 52.1, and Firefox < 53. | |||||
| CVE-2017-5450 | 1 Mozilla | 1 Firefox | 2018-07-30 | 5.0 MEDIUM | 7.5 HIGH |
| A mechanism to spoof the Firefox for Android addressbar using a "javascript:" URI. On Firefox for Android, the base domain is parsed incorrectly, making the resulting location less visibly a spoofed site and showing an incorrect domain in appended notifications. This vulnerability affects Firefox < 53. | |||||
| CVE-2016-9073 | 1 Mozilla | 1 Firefox | 2018-07-30 | 5.0 MEDIUM | 7.5 HIGH |
| WebExtensions can bypass security checks to load privileged URLs and potentially escape the WebExtension sandbox. This vulnerability affects Firefox < 50. | |||||
| CVE-2016-9068 | 1 Mozilla | 1 Firefox | 2018-07-30 | 5.0 MEDIUM | 7.5 HIGH |
| A use-after-free during web animations when working with timelines resulting in a potentially exploitable crash. This vulnerability affects Firefox < 50. | |||||
| CVE-2016-9066 | 2 Debian, Mozilla | 4 Debian Linux, Firefox, Firefox Esr and 1 more | 2018-07-30 | 5.0 MEDIUM | 7.5 HIGH |
| A buffer overflow resulting in a potentially exploitable crash due to memory allocation issues when handling large amounts of incoming data. This vulnerability affects Thunderbird < 45.5, Firefox ESR < 45.5, and Firefox < 50. | |||||
| CVE-2016-9065 | 2 Google, Mozilla | 2 Android, Firefox | 2018-07-30 | 5.0 MEDIUM | 7.5 HIGH |
| The location bar in Firefox for Android can be spoofed by forcing a user into fullscreen mode, blocking its exiting, and creating of a fake location bar without any user notification. Note: This issue only affects Firefox for Android. Other versions and operating systems are unaffected. This vulnerability affects Firefox < 50. | |||||
| CVE-2016-9061 | 2 Google, Mozilla | 2 Android, Firefox | 2018-07-30 | 5.0 MEDIUM | 7.5 HIGH |
| A previously installed malicious Android application which defines a specific signature-level permissions used by Firefox can access API keys meant for Firefox only. Note: This issue only affects Firefox for Android. Other versions and operating systems are unaffected. This vulnerability affects Firefox < 50. | |||||
| CVE-2016-5299 | 2 Google, Mozilla | 2 Android, Firefox | 2018-07-30 | 5.0 MEDIUM | 7.5 HIGH |
| A previously installed malicious Android application with same signature-level permissions as Firefox can intercept AuthTokens meant for Firefox only. Note: This issue only affects Firefox for Android. Other versions and operating systems are unaffected. This vulnerability affects Firefox < 50. | |||||
| CVE-2016-5296 | 2 Debian, Mozilla | 4 Debian Linux, Firefox, Firefox Esr and 1 more | 2018-07-30 | 5.0 MEDIUM | 7.5 HIGH |
| A heap-buffer-overflow in Cairo when processing SVG content caused by compiler optimization, resulting in a potentially exploitable crash. This vulnerability affects Thunderbird < 45.5, Firefox ESR < 45.5, and Firefox < 50. | |||||
| CVE-2016-5295 | 2 Microsoft, Mozilla | 2 Windows, Firefox | 2018-07-30 | 4.6 MEDIUM | 7.8 HIGH |
| This vulnerability allows an attacker to use the Mozilla Maintenance Service to escalate privilege by having the Maintenance Service invoke the Mozilla Updater to run malicious local files. This vulnerability requires local system access and is a variant of MFSA2013-44. Note: this issue only affects Windows operating systems. This vulnerability affects Firefox < 50. | |||||
| CVE-2015-5996 | 1 Mediabridge | 2 Medialink Mwn-wapr300n, Medialink Mwn-wapr300n Firmware | 2018-07-28 | 6.8 MEDIUM | 8.8 HIGH |
| Cross-site request forgery (CSRF) vulnerability on Mediabridge Medialink MWN-WAPR300N devices with firmware 5.07.50 allows remote attackers to hijack the authentication of arbitrary users. | |||||
| CVE-2018-12036 | 1 Owasp | 1 Dependency-check | 2018-07-27 | 6.8 MEDIUM | 7.8 HIGH |
| OWASP Dependency-Check before 3.2.0 allows attackers to write to arbitrary files via a crafted archive that holds directory traversal filenames. | |||||
| CVE-2018-12112 | 1 Md4c Project | 1 Md4c | 2018-07-27 | 6.8 MEDIUM | 7.8 HIGH |
| md_build_attribute in md4c.c in md4c 0.2.6 allows remote attackers to cause a denial of service (Segmentation fault and application crash) or possibly have unspecified other impact via a crafted file. | |||||
| CVE-2018-12354 | 1 Knowage-suite | 1 Knowage | 2018-07-27 | 6.8 MEDIUM | 8.8 HIGH |
| Knowage (formerly SpagoBI) 6.1.1 allows CSRF via every form, as demonstrated by a /knowage/restful-services/2.0/analyticalDrivers/ POST request. | |||||
| CVE-2018-12046 | 1 Dedecms | 1 Dedecms | 2018-07-27 | 5.0 MEDIUM | 7.5 HIGH |
| DedeCMS through 5.7SP2 allows arbitrary file write in dede/file_manage_control.php via a dede/file_manage_view.php?fmdo=newfile request with name and str parameters, as demonstrated by writing to a new .php file. | |||||
| CVE-2018-12492 | 1 Phpok | 1 Phpok | 2018-07-27 | 6.4 MEDIUM | 7.5 HIGH |
| PHPOK 4.9.032 has an arbitrary file deletion vulnerability in the delfile_f function in framework/admin/tpl_control.php. | |||||
| CVE-2018-12110 | 1 Portfoliocms Project | 1 Portfoliocms | 2018-07-27 | 6.5 MEDIUM | 7.2 HIGH |
| portfolioCMS 1.0.5 has SQL Injection via the admin/portfolio.php preview parameter. | |||||
| CVE-2017-6294 | 1 Google | 1 Android | 2018-07-27 | 7.2 HIGH | 7.8 HIGH |
| In Android before the 2018-06-05 security patch level, NVIDIA Tegra X1 TZ contains a possible out of bounds write due to missing bounds check which could lead to escalation of privilege from the kernel to the TZ. User interaction is not needed for exploitation. This issue is rated as high. Version: N/A. Android: A-69316825. Reference: N-CVE-2017-6294. | |||||
| CVE-2017-6292 | 1 Google | 1 Android | 2018-07-27 | 7.2 HIGH | 7.8 HIGH |
| In Android before the 2018-06-05 security patch level, NVIDIA TLZ TrustZone contains a possible out of bounds write due to integer overflow which could lead to local escalation of privilege in the TrustZone with no additional execution privileges needed. User interaction is not needed for exploitation. This issue is rated as high. Version: N/A. Android: A-69480285. Reference: N-CVE-2017-6292. | |||||
| CVE-2017-6290 | 1 Google | 1 Android | 2018-07-27 | 7.2 HIGH | 7.8 HIGH |
| In Android before the 2018-06-05 security patch level, NVIDIA TLK TrustZone contains a possible out of bounds write due to an integer overflow which could lead to local escalation of privilege with no additional execution privileges needed. User interaction not needed for exploitation. This issue is rated as high. Version: N/A. Android: A-69559414. Reference: N-CVE-2017-6290. | |||||
| CVE-2018-1456 | 1 Ibm | 2 Rational Rhapsody Design Manager, Rational Software Architect Design Manager | 2018-07-24 | 5.5 MEDIUM | 7.1 HIGH |
| IBM Rhapsody DM 5.0 through 5.0.2 and 6.0 through 6.0.5 is vulnerable to a XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 140091. | |||||
| CVE-2017-16206 | 1 Coffescript Project | 1 Coffescript | 2018-07-24 | 5.0 MEDIUM | 7.5 HIGH |
| The cofee-script module exfiltrates sensitive data such as a user's private SSH key and bash history to a third party server during installation. | |||||
| CVE-2018-3852 | 1 Onssi | 1 Ocularis | 2018-07-23 | 5.0 MEDIUM | 7.5 HIGH |
| An exploitable denial of service vulnerability exists in the Ocularis Recorder functionality of Ocularis 5.5.0.242. A specially crafted TCP packet can cause a process to terminate resulting in denial of service. An attacker can send a crafted TCP packet to trigger this vulnerability. | |||||
| CVE-2018-12041 | 1 Mediatek | 2 Awus036nh, Awus036nh Firmware | 2018-07-23 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered on the MediaTek AWUS036NH wireless USB adapter through 5.1.25.0. Attackers can remotely deny service by sending specially constructed 802.11 frames. | |||||
| CVE-2016-5139 | 1 Google | 1 Chrome | 2018-07-21 | 6.8 MEDIUM | 7.6 HIGH |
| Multiple integer overflows in the opj_tcd_init_tile function in tcd.c in OpenJPEG, as used in PDFium in Google Chrome before 52.0.2743.116, allow remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via crafted JPEG 2000 data. | |||||
| CVE-2018-13662 | 1 Worldopctionchain Project | 1 Worldopctionchain | 2018-07-20 | 5.0 MEDIUM | 7.5 HIGH |
| The mintToken function of a smart contract implementation for WorldOpctionChain, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | |||||
| CVE-2018-13663 | 1 Bsctoken Project | 1 Bsctoken | 2018-07-20 | 5.0 MEDIUM | 7.5 HIGH |
| The mintToken function of a smart contract implementation for BSCToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | |||||
| CVE-2018-13666 | 1 Eristicaico Project | 1 Eristicaico | 2018-07-20 | 5.0 MEDIUM | 7.5 HIGH |
| The mintToken function of a smart contract implementation for EristicaICO, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | |||||
| CVE-2018-13667 | 1 Utbtokentest Project | 1 Utbtokentest | 2018-07-20 | 5.0 MEDIUM | 7.5 HIGH |
| The mintToken function of a smart contract implementation for UTBTokenTest, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | |||||
| CVE-2018-13664 | 1 Cws Project | 1 Cws | 2018-07-20 | 5.0 MEDIUM | 7.5 HIGH |
| The mintToken function of a smart contract implementation for CWS, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | |||||
| CVE-2018-13665 | 1 Bcaas Project | 1 Bcaas | 2018-07-20 | 5.0 MEDIUM | 7.5 HIGH |
| The mintToken function of a smart contract implementation for BCaaS, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | |||||
| CVE-2018-11518 | 1 Hcltech | 2 Legacy Ivr, Legacy Ivr Firmware | 2018-07-20 | 6.8 MEDIUM | 8.1 HIGH |
| A vulnerability allows a phreaking attack on HCL legacy IVR systems that do not use VoIP. These IVR systems rely on various frequencies of audio signals; based on the frequency, certain commands and functions are processed. Since these frequencies are accepted within a phone call, an attacker can record these frequencies and use them for service activations. This is a request-forgery issue when the required series of DTMF signals for a service activation is predictable (e.g., the IVR system does not speak a nonce to the caller). In this case, the IVR system accepts an activation request from a less-secure channel (any loudspeaker in the caller's physical environment) without verifying that the request was intended (it matches a nonce sent over a more-secure channel to the caller's earpiece). | |||||
| CVE-2018-7943 | 1 Huawei | 40 1288h V5, 1288h V5 Firmware, 2288h V5 and 37 more | 2018-07-20 | 6.5 MEDIUM | 8.8 HIGH |
| There is an authentication bypass vulnerability in some Huawei servers. A remote attacker with low privilege may bypass the authentication by some special operations. Due to insufficient authentication, an attacker may exploit the vulnerability to get some sensitive information and high-level users' privilege. | |||||
| CVE-2018-11548 | 1 Block | 1 Eos | 2018-07-20 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered in EOS.IO DAWN 4.2. plugins/net_plugin/net_plugin.cpp does not limit the number of P2P connections from the same source IP address. | |||||
| CVE-2015-9240 | 1 Keystonejs | 1 Keystone | 2018-07-20 | 5.0 MEDIUM | 7.5 HIGH |
| Due to a bug in the the default sign in functionality in the keystone node module before 0.3.16, incomplete email addresses could be matched. A correct password is still required to complete sign in. | |||||
| CVE-2018-10813 | 1 Aprendecondedos | 1 Dedos-web | 2018-07-20 | 7.5 HIGH | 7.3 HIGH |
| In Dedos-web 1.0, the cookie and session secrets used in the Express.js application have hardcoded values that are visible in the source code published on GitHub. An attacker can edit the contents of the session cookie and re-sign it using the hardcoded secret. Due to the use of Passport.js, this could lead to privilege escalation. | |||||