Search
Total
46623 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2018-6051 | 3 Debian, Google, Redhat | 5 Debian Linux, Chrome, Enterprise Linux Desktop and 2 more | 2018-11-15 | 4.3 MEDIUM | 4.3 MEDIUM |
| XSS Auditor in Google Chrome prior to 64.0.3282.119, did not ensure the reporting URL was in the same origin as the page it was on, which allowed a remote attacker to obtain referrer details via a crafted HTML page. | |||||
| CVE-2018-17053 | 1 Progress | 1 Sitefinity Cms | 2018-11-15 | 4.3 MEDIUM | 6.1 MEDIUM |
| Cross-site scripting (XSS) vulnerability in Identity Server in Progress Sitefinity CMS versions 10.0 through 11.0 allows remote attackers to inject arbitrary web script or HTML via vectors related to login request parameters, a different vulnerability than CVE-2018-17054. | |||||
| CVE-2018-17056 | 1 Progress | 1 Sitefinity Cms | 2018-11-15 | 4.3 MEDIUM | 6.1 MEDIUM |
| Cross-site scripting (XSS) vulnerability in ServiceStack in Progress Sitefinity CMS versions 10.2 through 11.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | |||||
| CVE-2018-17054 | 1 Progress | 1 Sitefinity Cms | 2018-11-15 | 4.3 MEDIUM | 6.1 MEDIUM |
| Cross-site scripting (XSS) vulnerability in Identity Server in Progress Sitefinity CMS versions 10.0 through 11.0 allows remote attackers to inject arbitrary web script or HTML via vectors related to login request parameters, a different vulnerability than CVE-2018-17053. | |||||
| CVE-2018-17556 | 1 Modx | 1 Modx Revolution | 2018-11-15 | 3.5 LOW | 5.4 MEDIUM |
| MODX Revolution v2.6.5-pl allows stored XSS via a Create New Media Source action. | |||||
| CVE-2018-15606 | 1 Salesagility | 1 Suitecrm | 2018-11-15 | 4.3 MEDIUM | 6.1 MEDIUM |
| An XSS issue was discovered in SalesAgility SuiteCRM 7.x before 7.8.21 and 7.10.x before 7.10.8, related to phishing an error message. | |||||
| CVE-2018-17832 | 1 Wuzhicms | 1 Wuzhi Cms | 2018-11-15 | 4.3 MEDIUM | 6.1 MEDIUM |
| XSS exists in WUZHI CMS 2.0 via the index.php v or f parameter. | |||||
| CVE-2018-16277 | 1 Xwiki | 1 Xwiki | 2018-11-15 | 3.5 LOW | 5.4 MEDIUM |
| The Image Import function in XWiki through 10.7 has XSS. | |||||
| CVE-2018-17369 | 1 Springboot Authority Project | 1 Springboot Authority | 2018-11-15 | 3.5 LOW | 4.8 MEDIUM |
| An issue was discovered in springboot_authority through 2017-03-06. There is stored XSS via the admin/role/edit roleKey, name, or description parameter. | |||||
| CVE-2018-6039 | 3 Debian, Google, Redhat | 5 Debian Linux, Chrome, Enterprise Linux Desktop and 2 more | 2018-11-15 | 4.3 MEDIUM | 6.1 MEDIUM |
| Insufficient data validation in DevTools in Google Chrome prior to 64.0.3282.119 allowed a remote attacker to potentially leak user cross-origin data via a crafted Chrome Extension. | |||||
| CVE-2018-6046 | 3 Debian, Google, Redhat | 5 Debian Linux, Chrome, Enterprise Linux Desktop and 2 more | 2018-11-15 | 4.3 MEDIUM | 6.1 MEDIUM |
| Insufficient data validation in DevTools in Google Chrome prior to 64.0.3282.119 allowed a remote attacker to potentially leak user cross-origin data via a crafted Chrome Extension. | |||||
| CVE-2018-17069 | 1 Unlcms | 1 Unlcms | 2018-11-15 | 4.3 MEDIUM | 6.5 MEDIUM |
| An issue was discovered in UNL-CMS 7.59. A CSRF attack can create new content via ?q=node%2Fadd%2Farticle&render=overlay&render=overlay. | |||||
| CVE-2018-6037 | 3 Debian, Google, Redhat | 5 Debian Linux, Chrome, Enterprise Linux Desktop and 2 more | 2018-11-15 | 4.3 MEDIUM | 6.5 MEDIUM |
| Inappropriate implementation in autofill in Google Chrome prior to 64.0.3282.119 allowed a remote attacker to obtain autofill data with insufficient user gestures via a crafted HTML page. | |||||
| CVE-2018-17070 | 1 Unlcms | 1 Unlcms | 2018-11-15 | 4.3 MEDIUM | 6.5 MEDIUM |
| An issue was discovered in UNL-CMS 7.59. A CSRF attack can update the website settings via ?q=admin%2Fconfig%2Fsystem%2Fsite-information&render=overlay&render=overlay. | |||||
| CVE-2018-6045 | 3 Debian, Google, Redhat | 5 Debian Linux, Chrome, Enterprise Linux Desktop and 2 more | 2018-11-15 | 4.3 MEDIUM | 6.5 MEDIUM |
| Insufficient policy enforcement in DevTools in Google Chrome prior to 64.0.3282.119 allowed a remote attacker to potentially leak user local file data via a crafted Chrome Extension. | |||||
| CVE-2018-17235 | 1 Mp4v2 Project | 1 Mp4v2 | 2018-11-14 | 4.3 MEDIUM | 6.5 MEDIUM |
| The function mp4v2::impl::MP4Track::FinishSdtp() in mp4track.cpp in libmp4v2 2.1.0 mishandles compatibleBrand while processing a crafted mp4 file, which leads to a heap-based buffer over-read, causing denial of service. | |||||
| CVE-2018-17574 | 1 Ymfe | 1 Yapi | 2018-11-14 | 3.5 LOW | 5.4 MEDIUM |
| An issue was discovered in YMFE YApi 1.3.23. There is stored XSS in the name field of a project. | |||||
| CVE-2015-9270 | 1 Theholidaycalendar | 1 Holiday Calendar | 2018-11-14 | 4.3 MEDIUM | 6.1 MEDIUM |
| XSS exists in the the-holiday-calendar plugin before 1.11.3 for WordPress via the thc-month parameter. | |||||
| CVE-2018-14398 | 1 Cremecrm | 1 Cremecrm | 2018-11-14 | 5.8 MEDIUM | 6.1 MEDIUM |
| An issue was discovered in Creme CRM 1.6.12. The value of the cancel button uses the content of the HTTP Referer header, and could be used to trick a user into visiting a fake login page in order to steal credentials. | |||||
| CVE-2018-0643 | 2 Canonical, Orcamo | 2 Ubuntu Linux, Online Receipt Computer Advantage | 2018-11-13 | 7.4 HIGH | 6.6 MEDIUM |
| Ubuntu14.04 ORCA (Online Receipt Computer Advantage) 4.8.0 (panda-server) 1:1.4.9+p41-u4jma1 and earlier allows attacker with administrator rights to execute arbitrary OS commands via unspecified vectors. | |||||
| CVE-2018-16779 | 1 Blogcms Project | 1 Blogcms | 2018-11-13 | 4.3 MEDIUM | 6.1 MEDIUM |
| BlogCMS through 2016-10-25 has XSS via a comment. | |||||
| CVE-2018-17320 | 1 Ucms Project | 1 Ucms | 2018-11-13 | 4.3 MEDIUM | 6.1 MEDIUM |
| An issue was discovered in UCMS 1.4.6. aaddpost.php has stored XSS via the sadmin/aindex.php minfo parameter in a sadmin_aaddpost action. | |||||
| CVE-2018-6032 | 3 Debian, Google, Redhat | 5 Debian Linux, Chrome, Enterprise Linux Desktop and 2 more | 2018-11-13 | 4.3 MEDIUM | 6.5 MEDIUM |
| Insufficient policy enforcement in Blink in Google Chrome prior to 64.0.3282.119 allowed a remote attacker to potentially leak user cross-origin data via a crafted HTML page. | |||||
| CVE-2018-16147 | 1 Opsview | 1 Opsview | 2018-11-13 | 4.3 MEDIUM | 6.1 MEDIUM |
| The data parameter of the /settings/api/router endpoint in Opsview Monitor before 5.3.1 and 5.4.x before 5.4.2 is vulnerable to Cross-Site Scripting. | |||||
| CVE-2018-16148 | 1 Opsview | 1 Opsview | 2018-11-13 | 4.3 MEDIUM | 6.1 MEDIUM |
| The diagnosticsb2ksy parameter of the /rest endpoint in Opsview Monitor before 5.3.1 and 5.4.x before 5.4.2 is vulnerable to Cross-Site Scripting. | |||||
| CVE-2018-0642 | 1 Foliovision | 1 Fv Flowplayer Video Player | 2018-11-13 | 4.3 MEDIUM | 6.1 MEDIUM |
| Cross-site scripting vulnerability in FV Flowplayer Video Player 6.1.2 to 6.6.4 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | |||||
| CVE-2017-1000101 | 1 Haxx | 1 Curl | 2018-11-13 | 4.3 MEDIUM | 6.5 MEDIUM |
| curl supports "globbing" of URLs, in which a user can pass a numerical range to have the tool iterate over those numbers to do a sequence of transfers. In the globbing function that parses the numerical range, there was an omission that made curl read a byte beyond the end of the URL if given a carefully crafted, or just wrongly written, URL. The URL is stored in a heap based buffer, so it could then be made to wrongly read something else instead of crashing. An example of a URL that triggers the flaw would be `http://ur%20[0-60000000000000000000`. | |||||
| CVE-2018-7540 | 2 Debian, Xen | 2 Debian Linux, Xen | 2018-11-13 | 4.9 MEDIUM | 6.5 MEDIUM |
| An issue was discovered in Xen through 4.10.x allowing x86 PV guest OS users to cause a denial of service (host OS CPU hang) via non-preemptable L3/L4 pagetable freeing. | |||||
| CVE-2018-15470 | 1 Xen | 1 Xen | 2018-11-13 | 4.9 MEDIUM | 6.5 MEDIUM |
| An issue was discovered in Xen through 4.11.x. The logic in oxenstored for handling writes depended on the order of evaluation of expressions making up a tuple. As indicated in section 7.7.3 "Operations on data structures" of the OCaml manual, the order of evaluation of subexpressions is not specified. In practice, different implementations behave differently. Thus, oxenstored may not enforce the configured quota-maxentity. This allows a malicious or buggy guest to write as many xenstore entries as it wishes, causing unbounded memory usage in oxenstored. This can lead to a system-wide DoS. | |||||
| CVE-2017-1000100 | 1 Haxx | 1 Libcurl | 2018-11-13 | 4.3 MEDIUM | 6.5 MEDIUM |
| When doing a TFTP transfer and curl/libcurl is given a URL that contains a very long file name (longer than about 515 bytes), the file name is truncated to fit within the buffer boundaries, but the buffer size is still wrongly updated to use the untruncated length. This too large value is then used in the sendto() call, making curl attempt to send more data than what is actually put into the buffer. The endto() function will then read beyond the end of the heap based buffer. A malicious HTTP(S) server could redirect a vulnerable libcurl-using client to a crafted TFTP URL (if the client hasn't restricted which protocols it allows redirects to) and trick it to send private memory contents to a remote server over UDP. Limit curl's redirect protocols with --proto-redir and libcurl's with CURLOPT_REDIR_PROTOCOLS. | |||||
| CVE-2018-11645 | 1 Artifex | 1 Ghostscript | 2018-11-11 | 5.0 MEDIUM | 5.3 MEDIUM |
| psi/zfile.c in Artifex Ghostscript before 9.21rc1 permits the status command even if -dSAFER is used, which might allow remote attackers to determine the existence and size of arbitrary files, a similar issue to CVE-2016-7977. | |||||
| CVE-2018-13111 | 1 Wanscam | 2 Hw0021, Hw0021 Firmware | 2018-11-09 | 4.3 MEDIUM | 5.9 MEDIUM |
| There exists a partial Denial of Service vulnerability in Wanscam HW0021 IP Cameras. An attacker could craft a malicious POST request to crash the ONVIF service on such a device. | |||||
| CVE-2018-17436 | 1 Hdfgroup | 1 Hdf5 | 2018-11-09 | 4.3 MEDIUM | 6.5 MEDIUM |
| ReadCode() in decompress.c in the HDF HDF5 through 1.10.3 library allows attackers to cause a denial of service (invalid write access) via a crafted HDF5 file. This issue was triggered while converting a GIF file to an HDF file. | |||||
| CVE-2018-17438 | 1 Hdfgroup | 1 Hdf5 | 2018-11-09 | 4.3 MEDIUM | 6.5 MEDIUM |
| A SIGFPE signal is raised in the function H5D__select_io() of H5Dselect.c in the HDF HDF5 through 1.10.3 library during an attempted parse of a crafted HDF file, because of incorrect protection against division by zero. It could allow a remote denial of service attack. | |||||
| CVE-2018-3927 | 1 Samsung | 2 Sth-eth-250, Sth-eth-250 Firmware | 2018-11-09 | 4.3 MEDIUM | 5.9 MEDIUM |
| An exploitable information disclosure vulnerability exists in the crash handler of the hubCore binary of the Samsung SmartThings Hub STH-ETH-250 - Firmware version 0.20.17. When hubCore crashes, Google Breakpad is used to record minidumps, which are sent over an insecure HTTPS connection to the backtrace.io service, leading to the exposure of sensitive data. An attacker can impersonate the remote backtrace.io server in order to trigger this vulnerability. | |||||
| CVE-2018-17361 | 1 Weaselcms Project | 1 Weaselcms | 2018-11-09 | 4.3 MEDIUM | 6.1 MEDIUM |
| Multiple XSS vulnerabilities in WeaselCMS v0.3.6 allow remote attackers to inject arbitrary web script or HTML via the PATH_INFO to index.php because $_SERVER['PHP_SELF'] is mishandled. | |||||
| CVE-2018-3926 | 1 Samsung | 2 Sth-eth-250, Sth-eth-250 Firmware | 2018-11-09 | 4.9 MEDIUM | 5.5 MEDIUM |
| An exploitable integer underflow vulnerability exists in the ZigBee firmware update routine of the hubCore binary of the Samsung SmartThings Hub STH-ETH-250 - Firmware version 0.20.17. The hubCore process incorrectly handles malformed files existing in its data directory, leading to an infinite loop, which eventually causes the process to crash. An attacker can send an HTTP request to trigger this vulnerability. | |||||
| CVE-2018-17432 | 1 Hdfgroup | 1 Hdf5 | 2018-11-09 | 4.3 MEDIUM | 6.5 MEDIUM |
| A NULL pointer dereference in H5O_sdspace_encode() in H5Osdspace.c in the HDF HDF5 through 1.10.3 library allows attackers to cause a denial of service via a crafted HDF5 file. | |||||
| CVE-2018-17129 | 1 Metinfo | 1 Metinfo | 2018-11-09 | 4.0 MEDIUM | 4.9 MEDIUM |
| MetInfo 6.1.0 has SQL injection in doexport() in app/system/feedback/admin/feedback_admin.class.php via the class1 field. | |||||
| CVE-2018-4133 | 3 Apple, Canonical, Webkitgtk | 3 Safari, Ubuntu Linux, Webkitgtk\+ | 2018-11-09 | 4.3 MEDIUM | 6.1 MEDIUM |
| An issue was discovered in certain Apple products. Safari before 11.1 is affected. The issue involves the "WebKit" component. A Safari cross-site scripting (XSS) vulnerability allows remote attackers to inject arbitrary web script or HTML via a crafted URL. | |||||
| CVE-2018-4117 | 6 Apple, Canonical, Debian and 3 more | 12 Icloud, Iphone Os, Itunes and 9 more | 2018-11-09 | 4.3 MEDIUM | 6.5 MEDIUM |
| An issue was discovered in certain Apple products. iOS before 11.3 is affected. Safari before 11.1 is affected. iCloud before 7.4 on Windows is affected. iTunes before 12.7.4 on Windows is affected. watchOS before 4.3 is affected. The issue involves the fetch API in the "WebKit" component. It allows remote attackers to bypass the Same Origin Policy and obtain sensitive information via a crafted web site. | |||||
| CVE-2017-15844 | 1 Google | 1 Android | 2018-11-09 | 2.1 LOW | 5.5 MEDIUM |
| In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, while processing the function for writing device values into flash, uninitialized memory can be written to flash. | |||||
| CVE-2018-17002 | 1 Ricoh | 2 Mp 2001sp, Mp 2001sp Firmware | 2018-11-09 | 4.3 MEDIUM | 6.1 MEDIUM |
| On the RICOH MP 2001 printer, HTML Injection and Stored XSS vulnerabilities have been discovered in the area of adding addresses via the entryNameIn parameter to /web/entry/en/address/adrsSetUserWizard.cgi. | |||||
| CVE-2018-17001 | 1 Ricoh | 2 Sp 4510sf, Sp 4510sf Firmware | 2018-11-09 | 4.3 MEDIUM | 6.1 MEDIUM |
| On the RICOH SP 4510SF printer, HTML Injection and Stored XSS vulnerabilities have been discovered in the area of adding addresses via the entryNameIn parameter to /web/entry/en/address/adrsSetUserWizard.cgi. | |||||
| CVE-2018-17003 | 1 Limesurvey | 1 Limesurvey | 2018-11-09 | 4.3 MEDIUM | 6.1 MEDIUM |
| In LimeSurvey 3.14.7, HTML Injection and Stored XSS have been discovered in the appendix via the surveyls_title parameter to /index.php?r=admin/survey/sa/insert. | |||||
| CVE-2018-17322 | 1 Yunucms | 1 Yunucms | 2018-11-09 | 4.3 MEDIUM | 6.1 MEDIUM |
| Cross-site scripting (XSS) vulnerability in index.php/index/category/index in YUNUCMS 1.1.4 allows remote attackers to inject arbitrary web script or HTML via the area parameter. | |||||
| CVE-2018-16965 | 1 Zohocorp | 1 Manageengine Supportcenter Plus | 2018-11-09 | 4.3 MEDIUM | 6.1 MEDIUM |
| In Zoho ManageEngine SupportCenter Plus before 8.1 Build 8109, there is HTML Injection and Stored XSS via the /ServiceContractDef.do contractName parameter. | |||||
| CVE-2018-16833 | 1 Zohocorp | 1 Manageengine Desktop Central | 2018-11-09 | 4.3 MEDIUM | 6.1 MEDIUM |
| Zoho ManageEngine Desktop Central 10.0.271 has XSS via the "Features & Articles" search field to the /advsearch.do?SUBREQUEST=XMLHTTP URI. | |||||
| CVE-2018-16346 | 1 Chemcms Project | 1 Chemcms | 2018-11-09 | 3.5 LOW | 4.8 MEDIUM |
| ChemCMS 1.0.6 has XSS via the "setting -> website information" field. | |||||
| CVE-2018-9282 | 1 Subsonic | 1 Subsonic | 2018-11-09 | 4.3 MEDIUM | 6.1 MEDIUM |
| An XSS issue was discovered in Subsonic Media Server 6.1.1. The podcast subscription form is affected by a stored XSS vulnerability in the add parameter to podcastReceiverAdmin.view; no administrator access is required. By injecting a JavaScript payload, this flaw could be used to manipulate a user's session, or elevate privileges by targeting an administrative user. | |||||