Search
Total
49350 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2018-3561 | 1 Google | 1 Android | 2018-04-04 | 4.4 MEDIUM | 7.0 HIGH |
| In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, a race condition in diag_ioctl_lsm_deinit() leads to a Use After Free condition. | |||||
| CVE-2017-18066 | 1 Google | 1 Android | 2018-04-04 | 4.6 MEDIUM | 7.8 HIGH |
| In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, improper controls in MSM CORE leads to use memory after it is freed in msm_core_ioctl(). | |||||
| CVE-2018-3560 | 1 Google | 1 Android | 2018-04-04 | 4.6 MEDIUM | 7.8 HIGH |
| In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, a Double Free vulnerability exists in Audio Driver while opening a sound compression device. | |||||
| CVE-2017-14461 | 3 Debian, Dovecot, Ubuntu | 3 Debian Linux, Dovecot, Ubuntu | 2018-04-04 | 5.5 MEDIUM | 7.1 HIGH |
| A specially crafted email delivered over SMTP and passed on to Dovecot by MTA can trigger an out of bounds read resulting in potential sensitive information disclosure and denial of service. In order to trigger this vulnerability, an attacker needs to send a specially crafted email message to the server. | |||||
| CVE-2017-17712 | 1 Linux | 1 Linux Kernel | 2018-04-04 | 6.9 MEDIUM | 7.0 HIGH |
| The raw_sendmsg() function in net/ipv4/raw.c in the Linux kernel through 4.14.6 has a race condition in inet->hdrincl that leads to uninitialized stack pointer usage; this allows a local user to execute code and gain privileges. | |||||
| CVE-2016-1713 | 1 Vtiger | 1 Vtiger Crm | 2018-04-02 | 8.5 HIGH | 7.3 HIGH |
| Unrestricted file upload vulnerability in the Settings_Vtiger_CompanyDetailsSave_Action class in modules/Settings/Vtiger/actions/CompanyDetailsSave.php in Vtiger CRM 6.4.0 allows remote authenticated users to execute arbitrary code by uploading a crafted image file with an executable extension, then accessing it via a direct request to the file in test/logo/. NOTE: this vulnerability exists because of an incomplete fix for CVE-2015-6000. | |||||
| CVE-2018-1000006 | 2 Atom, Microsoft | 4 Electron, Windows 10, Windows 7 and 1 more | 2018-04-01 | 9.3 HIGH | 8.8 HIGH |
| GitHub Electron versions 1.8.2-beta.3 and earlier, 1.7.10 and earlier, 1.6.15 and earlier has a vulnerability in the protocol handler, specifically Electron apps running on Windows 10, 7 or 2008 that register custom protocol handlers can be tricked in arbitrary command execution if the user clicks on a specially crafted URL. This has been fixed in versions 1.8.2-beta.4, 1.7.11, and 1.6.16. | |||||
| CVE-2018-9007 | 1 Iobit | 1 Advanced Systemcare Ultimate | 2018-03-30 | 6.1 MEDIUM | 7.8 HIGH |
| In Advanced SystemCare Ultimate 11.0.1.58, the driver file (Monitor_x86.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x9c4060c4. | |||||
| CVE-2018-9004 | 1 Iobit | 1 Advanced Systemcare Ultimate | 2018-03-30 | 6.1 MEDIUM | 7.8 HIGH |
| In Advanced SystemCare Ultimate 11.0.1.58, the driver file (Monitor_x86.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x9c4060d0. | |||||
| CVE-2018-8998 | 1 Iobit | 1 Advanced Systemcare Ultimate | 2018-03-30 | 6.1 MEDIUM | 7.8 HIGH |
| In Advanced SystemCare Ultimate 11.0.1.58, the driver file (Monitor_x86.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x9c4060cc. | |||||
| CVE-2018-9040 | 1 Iobit | 1 Advanced Systemcare Ultimate | 2018-03-30 | 6.1 MEDIUM | 7.8 HIGH |
| In Advanced SystemCare Ultimate 11.0.1.58, the driver file (Monitor_win10_x64.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x9c4060c4. | |||||
| CVE-2018-9043 | 1 Iobit | 1 Advanced Systemcare Ultimate | 2018-03-30 | 6.1 MEDIUM | 7.8 HIGH |
| In Advanced SystemCare Ultimate 11.0.1.58, the driver file (Monitor_win10_x64.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x9c4060d0. | |||||
| CVE-2018-9042 | 1 Iobit | 1 Advanced Systemcare Ultimate | 2018-03-30 | 6.1 MEDIUM | 7.8 HIGH |
| In Advanced SystemCare Ultimate 11.0.1.58, the driver file (Monitor_win10_x64.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x9c402000. | |||||
| CVE-2018-9044 | 1 Iobit | 1 Advanced Systemcare Ultimate | 2018-03-30 | 6.1 MEDIUM | 7.8 HIGH |
| In Advanced SystemCare Ultimate 11.0.1.58, the driver file (Monitor_win10_x64.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x9c4060cc. | |||||
| CVE-2018-9041 | 1 Iobit | 1 Advanced Systemcare Ultimate | 2018-03-30 | 6.1 MEDIUM | 7.8 HIGH |
| In Advanced SystemCare Ultimate 11.0.1.58, the driver file (Monitor_win10_x64.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x9c402004. | |||||
| CVE-2018-9005 | 1 Iobit | 1 Advanced Systemcare Ultimate | 2018-03-30 | 6.1 MEDIUM | 7.8 HIGH |
| In Advanced SystemCare Ultimate 11.0.1.58, the driver file (Monitor_win7_x64.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x9c4060d0. | |||||
| CVE-2018-9001 | 1 Iobit | 1 Advanced Systemcare Ultimate | 2018-03-30 | 6.1 MEDIUM | 7.8 HIGH |
| In Advanced SystemCare Ultimate 11.0.1.58, the driver file (Monitor_win7_x64.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x9c402000. | |||||
| CVE-2018-9006 | 1 Iobit | 1 Advanced Systemcare Ultimate | 2018-03-30 | 6.1 MEDIUM | 7.8 HIGH |
| In Advanced SystemCare Ultimate 11.0.1.58, the driver file (Monitor_win7_x64.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x9c402004. | |||||
| CVE-2018-8999 | 1 Iobit | 1 Advanced Systemcare Ultimate | 2018-03-30 | 6.1 MEDIUM | 7.8 HIGH |
| In Advanced SystemCare Ultimate 11.0.1.58, the driver file (Monitor_win7_x64.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x9c4060c4. | |||||
| CVE-2018-9000 | 1 Iobit | 1 Advanced Systemcare Ultimate | 2018-03-30 | 6.1 MEDIUM | 7.8 HIGH |
| In Advanced SystemCare Ultimate 11.0.1.58, the driver file (Monitor_x86.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x9c402004. | |||||
| CVE-2018-9003 | 1 Iobit | 1 Advanced Systemcare Ultimate | 2018-03-30 | 6.1 MEDIUM | 7.8 HIGH |
| In Advanced SystemCare Ultimate 11.0.1.58, the driver file (Monitor_x86.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x9c402000. | |||||
| CVE-2018-9002 | 1 Iobit | 1 Advanced Systemcare Ultimate | 2018-03-30 | 6.1 MEDIUM | 7.8 HIGH |
| In Advanced SystemCare Ultimate 11.0.1.58, the driver file (Monitor_win7_x64.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x9c4060cc. | |||||
| CVE-2018-8988 | 1 Windows Optimization Master Project | 1 Windows Optimization Master | 2018-03-30 | 6.1 MEDIUM | 7.8 HIGH |
| In Windows Master (aka Windows Optimization Master) 7.99.13.604, the driver file (WoptiHWDetect.SYS) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0xf1002008. | |||||
| CVE-2018-8990 | 1 Windows Optimization Master Project | 1 Windows Optimization Master | 2018-03-30 | 6.1 MEDIUM | 7.8 HIGH |
| In Windows Master (aka Windows Optimization Master) 7.99.13.604, the driver file (WoptiHWDetect.SYS) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0xf1002010. | |||||
| CVE-2018-8989 | 1 Windows Optimization Master Project | 1 Windows Optimization Master | 2018-03-30 | 6.1 MEDIUM | 7.8 HIGH |
| In Windows Master (aka Windows Optimization Master) 7.99.13.604, the driver file (WoptiHWDetect.SYS) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0xf1002006. | |||||
| CVE-2018-8991 | 1 Windows Optimization Master Project | 1 Windows Optimization Master | 2018-03-30 | 6.1 MEDIUM | 7.8 HIGH |
| In Windows Master (aka Windows Optimization Master) 7.99.13.604, the driver file (WoptiHWDetect.SYS) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0xf1002009. | |||||
| CVE-2018-9045 | 1 Windows Optimization Master Project | 1 Windows Optimization Master | 2018-03-30 | 6.1 MEDIUM | 7.8 HIGH |
| In Windows Master (aka Windows Optimization Master) 7.99.13.604, the driver file (WoptiHWDetect.SYS) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0xf1002849. | |||||
| CVE-2018-9046 | 1 Windows Optimization Master Project | 1 Windows Optimization Master | 2018-03-30 | 6.1 MEDIUM | 7.8 HIGH |
| In Windows Master (aka Windows Optimization Master) 7.99.13.604, the driver file (WoptiHWDetect.SYS) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0xf100282d. | |||||
| CVE-2018-9049 | 1 Windows Optimization Master Project | 1 Windows Optimization Master | 2018-03-30 | 6.1 MEDIUM | 7.8 HIGH |
| In Windows Master (aka Windows Optimization Master) 7.99.13.604, the driver file (WoptiHWDetect.SYS) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0xf1002833. | |||||
| CVE-2018-9048 | 1 Windows Optimization Master Project | 1 Windows Optimization Master | 2018-03-30 | 6.1 MEDIUM | 7.8 HIGH |
| In Windows Master (aka Windows Optimization Master) 7.99.13.604, the driver file (WoptiHWDetect.SYS) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0xf100282c. | |||||
| CVE-2018-9047 | 1 Windows Optimization Master Project | 1 Windows Optimization Master | 2018-03-30 | 6.1 MEDIUM | 7.8 HIGH |
| In Windows Master (aka Windows Optimization Master) 7.99.13.604, the driver file (WoptiHWDetect.SYS) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0xf1002841. | |||||
| CVE-2018-8997 | 1 Windows Optimization Master Project | 1 Windows Optimization Master | 2018-03-30 | 6.1 MEDIUM | 7.8 HIGH |
| In Windows Master (aka Windows Optimization Master) 7.99.13.604, the driver file (WoptiHWDetect.SYS) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0xf1002004. | |||||
| CVE-2018-8996 | 1 Windows Optimization Master Project | 1 Windows Optimization Master | 2018-03-30 | 6.1 MEDIUM | 7.8 HIGH |
| In Windows Master (aka Windows Optimization Master) 7.99.13.604, the driver file (WoptiHWDetect.SYS) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0xf1002007. | |||||
| CVE-2018-8992 | 1 Windows Optimization Master Project | 1 Windows Optimization Master | 2018-03-30 | 6.1 MEDIUM | 7.8 HIGH |
| In Windows Master (aka Windows Optimization Master) 7.99.13.604, the driver file (WoptiHWDetect.SYS) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0xf1002005. | |||||
| CVE-2018-8994 | 1 Windows Optimization Master Project | 1 Windows Optimization Master | 2018-03-30 | 6.1 MEDIUM | 7.8 HIGH |
| In Windows Master (aka Windows Optimization Master) 7.99.13.604, the driver file (WoptiHWDetect.SYS) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0xf1002003. | |||||
| CVE-2018-8995 | 1 Windows Optimization Master Project | 1 Windows Optimization Master | 2018-03-30 | 6.1 MEDIUM | 7.8 HIGH |
| In Windows Master (aka Windows Optimization Master) 7.99.13.604, the driver file (WoptiHWDetect.SYS) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0xf1002002. | |||||
| CVE-2018-8993 | 1 Windows Optimization Master Project | 1 Windows Optimization Master | 2018-03-30 | 6.1 MEDIUM | 7.8 HIGH |
| In Windows Master (aka Windows Optimization Master) 7.99.13.604, the driver file (WoptiHWDetect.SYS) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0xf1002001. | |||||
| CVE-2018-9051 | 1 Windows Optimization Master Project | 1 Windows Optimization Master | 2018-03-30 | 6.1 MEDIUM | 7.8 HIGH |
| In Windows Master (aka Windows Optimization Master) 7.99.13.604, the driver file (WoptiHWDetect.SYS) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0xf1002021. | |||||
| CVE-2018-9054 | 1 Windows Optimization Master Project | 1 Windows Optimization Master | 2018-03-30 | 6.1 MEDIUM | 7.8 HIGH |
| In Windows Master (aka Windows Optimization Master) 7.99.13.604, the driver file (WoptiHWDetect.SYS) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0xf100284c. | |||||
| CVE-2018-9052 | 1 Windows Optimization Master Project | 1 Windows Optimization Master | 2018-03-30 | 6.1 MEDIUM | 7.8 HIGH |
| In Windows Master (aka Windows Optimization Master) 7.99.13.604, the driver file (WoptiHWDetect.SYS) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0xf100283c. | |||||
| CVE-2018-9053 | 1 Windows Optimization Master Project | 1 Windows Optimization Master | 2018-03-30 | 6.1 MEDIUM | 7.8 HIGH |
| In Windows Master (aka Windows Optimization Master) 7.99.13.604, the driver file (WoptiHWDetect.SYS) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0xf10026cc. | |||||
| CVE-2018-9050 | 1 Windows Optimization Master Project | 1 Windows Optimization Master | 2018-03-30 | 6.1 MEDIUM | 7.8 HIGH |
| In Windows Master (aka Windows Optimization Master) 7.99.13.604, the driver file (WoptiHWDetect.SYS) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0xf100202d. | |||||
| CVE-2018-7711 | 2 Debian, Simplesamlphp | 3 Debian Linux, Saml2, Simplesamlphp | 2018-03-29 | 6.8 MEDIUM | 8.1 HIGH |
| HTTPRedirect.php in the saml2 library in SimpleSAMLphp before 1.15.4 has an incorrect check of return values in the signature validation utilities, allowing an attacker to get invalid signatures accepted as valid by forcing an error during validation. This occurs because of a dependency on PHP functionality that interprets a -1 error code as a true boolean value. | |||||
| CVE-2018-7567 | 1 Otrs | 1 Otrs | 2018-03-29 | 9.0 HIGH | 7.2 HIGH |
| ** DISPUTED ** In the Admin Package Manager in Open Ticket Request System (OTRS) 5.0.0 through 5.0.24 and 6.0.0 through 6.0.1, authenticated admins are able to exploit a Blind Remote Code Execution vulnerability by loading a crafted opm file with an embedded CodeInstall element to execute a command on the server during package installation. NOTE: the vendor disputes this issue stating "the behaviour is as designed and needed for different packages to be installed", "there is a security warning if the package is not verified by OTRS Group", and "there is the possibility and responsibility of an admin to check packages before installation which is possible as they are not binary." | |||||
| CVE-2017-17324 | 1 Huawei | 2 Mate 9 Pro, Mate 9 Pro Firmware | 2018-03-29 | 6.8 MEDIUM | 7.8 HIGH |
| Huawei Mate 9 Pro smartphones with software LON-AL00BC00B139D; LON-AL00BC00B229 have an integer overflow vulnerability. The camera driver does not validate the external input parameters and causes an integer overflow, which in the after processing results in a buffer overflow. An attacker tricks the user to install a crafted application, successful exploit could cause malicious code execution. | |||||
| CVE-2016-8783 | 1 Huawei | 4 Honor 6, Honor 6 Firmware, P9 Plus and 1 more | 2018-03-29 | 9.3 HIGH | 7.8 HIGH |
| Touchscreen drive in Huawei H60 (Honor 6) Versions earlier than H60-L02_6.12.16 and P9 Plus Versions earlier than VIE-AL10BC00B356 has a stack overflow vulnerabilities. An attacker tricks a user into installing a malicious application on the smart phone, and send given parameter to touchscreen drive to crash the system or escalate privilege. | |||||
| CVE-2018-1215 | 1 Dell | 4 Emc Solutions Enabler Virtual Appliance, Emc Unisphere For Vmax Virtual Appliance, Emc Vasa Virtual Appliance and 1 more | 2018-03-29 | 9.0 HIGH | 8.8 HIGH |
| An arbitrary file upload vulnerability was discovered in vApp Manager which is embedded in Dell EMC Unisphere for VMAX, Dell EMC Solutions Enabler, Dell EMC VASA Virtual Appliances, and Dell EMC VMAX Embedded Management (eManagement): Dell EMC Unisphere for VMAX Virtual Appliance versions prior to 8.4.0.18, Dell EMC Solutions Enabler Virtual Appliance versions prior to 8.4.0.21, Dell EMC VASA Virtual Appliance versions prior to 8.4.0.514, and Dell EMC VMAX Embedded Management (eManagement) versions prior to and including 1.4 (Enginuity Release 5977.1125.1125 and earlier). A remote authenticated malicious user may potentially upload arbitrary maliciously crafted files in any location on the web server. By chaining this vulnerability with CVE-2018-1216, the attacker may use the default account to exploit this vulnerability. | |||||
| CVE-2017-7633 | 1 Qnap | 1 Qfinder Pro | 2018-03-29 | 5.0 MEDIUM | 7.5 HIGH |
| QNAP Qfinder Pro 6.1.0.0317 and earlier may expose sensitive information contained in NAS devices. If exploited, this may allow attackers to further compromise the device. | |||||
| CVE-2018-7307 | 1 Auth0 | 1 Auth0.js | 2018-03-28 | 6.8 MEDIUM | 8.8 HIGH |
| The Auth0 Auth0.js library before 9.3 has CSRF because it mishandles the case where the authorization response lacks the state parameter. | |||||
| CVE-2015-7551 | 2 Apple, Ruby-lang | 2 Mac Os X, Ruby | 2018-03-28 | 4.6 MEDIUM | 8.4 HIGH |
| The Fiddle::Handle implementation in ext/fiddle/handle.c in Ruby before 2.0.0-p648, 2.1 before 2.1.8, and 2.2 before 2.2.4, as distributed in Apple OS X before 10.11.4 and other products, mishandles tainting, which allows context-dependent attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted string, related to the DL module and the libffi library. NOTE: this vulnerability exists because of a CVE-2009-5147 regression. | |||||