Search
Total
9231 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2017-17173 | 1 Huawei | 2 Mate 9 Pro, Mate 9 Pro Fimware | 2018-08-13 | 9.3 HIGH | 7.8 HIGH |
| Due to insufficient parameters verification GPU driver of Mate 9 Pro Huawei smart phones with the versions before LON-AL00B 8.0.0.356(C00) has an arbitrary memory free vulnerability. An attacker can tricks a user into installing a malicious application on the smart phone, and send given parameter to driver to release special kernel memory resource. Successful exploit may result in phone crash or arbitrary code execution. | |||||
| CVE-2017-7770 | 2 Google, Mozilla | 2 Android, Firefox | 2018-08-13 | 4.3 MEDIUM | 5.9 MEDIUM |
| A mechanism where when a new tab is loaded through JavaScript events, if fullscreen mode is then entered, the addressbar will not be rendered. This would allow a malicious site to displayed a spoofed addressbar, showing the location of an arbitrary website instead of the one loaded. Note: this issue only affects Firefox for Android. Desktop Firefox is unaffected. This vulnerability affects Firefox < 54. | |||||
| CVE-2015-1047 | 1 Vmware | 1 Vcenter Server | 2018-08-12 | 5.0 MEDIUM | N/A |
| vpxd in VMware vCenter Server 5.0 before u3e, 5.1 before u3, and 5.5 before u2 allows remote attackers to cause a denial of service via a long heartbeat message. | |||||
| CVE-2018-5488 | 1 Netapp | 2 Santricity Storage Manager, Santricity Web Services Proxy | 2018-08-11 | 7.5 HIGH | 9.8 CRITICAL |
| NetApp SANtricity Web Services Proxy versions 1.10.x000.0002 through 2.12.X000.0002 and SANtricity Storage Manager 11.30.0X00.0004 through 11.42.0X00.0001 ship with the Java Management Extension Remote Method Invocation (JMX RMI) service bound to the network, and are susceptible to unauthenticated remote code execution. | |||||
| CVE-2018-12562 | 1 Cantata Project | 1 Cantata | 2018-08-10 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered in the cantata-mounter D-Bus service in Cantata through 2.3.1. The wrapper script 'mount.cifs.wrapper' uses the shell to forward the arguments to the actual mount.cifs binary. The shell evaluates wildcards (such as in an injected string:/home/../tmp/* string). | |||||
| CVE-2018-12561 | 1 Cantata Project | 1 Cantata | 2018-08-10 | 6.5 MEDIUM | 8.8 HIGH |
| An issue was discovered in the cantata-mounter D-Bus service in Cantata through 2.3.1. A regular user can inject additional mount options such as file_mode= by manipulating (for example) the domain parameter of the samba URL. | |||||
| CVE-2018-12564 | 2 Debian, Linaro | 2 Debian Linux, Lava | 2018-08-10 | 4.0 MEDIUM | 6.5 MEDIUM |
| An issue was discovered in Linaro LAVA before 2018.5.post1. Because of support for URLs in the submit page, a user can forge an HTTP request that will force lava-server-gunicorn to return any file on the server that is readable by lavaserver and valid yaml. | |||||
| CVE-2018-12563 | 1 Linaro | 1 Lava | 2018-08-10 | 4.0 MEDIUM | 6.5 MEDIUM |
| An issue was discovered in Linaro LAVA before 2018.5.post1. Because of support for file: URLs, a user can force lava-server-gunicorn to download any file from the filesystem if it's readable by lavaserver and valid yaml. | |||||
| CVE-2018-12635 | 1 Circontrol | 1 Scada | 2018-08-10 | 5.0 MEDIUM | 7.5 HIGH |
| CirCarLife Scada v4.2.4 allows unauthorized upgrades via requests to the html/upgrade.html and services/system/firmware.upgrade URIs. | |||||
| CVE-2018-12688 | 1 Tinyexr Project | 1 Tinyexr | 2018-08-10 | 7.5 HIGH | 9.8 CRITICAL |
| tinyexr 0.9.5 has a segmentation fault in the wav2Decode function. | |||||
| CVE-2018-10363 | 1 Wpdevart | 1 Booking Calendar | 2018-08-09 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered in the WpDevArt "Booking calendar, Appointment Booking System" plugin 2.2.2 for WordPress. Multiple parameters allow remote attackers to manipulate the values to change data such as prices. | |||||
| CVE-2017-5453 | 1 Mozilla | 1 Firefox | 2018-08-09 | 4.3 MEDIUM | 4.3 MEDIUM |
| A mechanism to inject static HTML into the RSS reader preview page due to a failure to escape characters sent as URL parameters for a feed's "TITLE" element. This vulnerability allows for spoofing but no scripted content can be run. This vulnerability affects Firefox < 53. | |||||
| CVE-2017-5452 | 1 Mozilla | 1 Firefox | 2018-08-09 | 4.3 MEDIUM | 4.3 MEDIUM |
| Malicious sites can display a spoofed addressbar on a page when the existing location bar on the new page is scrolled out of view if an HTML editable page element is user selected. Note: This attack only affects Firefox for Android. Other operating systems are not affected. This vulnerability affects Firefox < 53. | |||||
| CVE-2017-7796 | 2 Microsoft, Mozilla | 2 Windows, Firefox | 2018-08-09 | 3.3 LOW | 4.7 MEDIUM |
| On Windows systems, the logger run by the Windows updater deletes the file "update.log" before it runs in order to write a new log of that name. The path to this file is supplied at the command line to the updater and could be used in concert with another local exploit to delete a different file named "update.log" instead of the one intended. Note: This attack only affects Windows operating systems. Other operating systems are not affected. This vulnerability affects Firefox < 55. | |||||
| CVE-2017-5463 | 2 Google, Mozilla | 2 Android, Firefox | 2018-08-09 | 5.0 MEDIUM | 5.3 MEDIUM |
| Android intents can be used to launch Firefox for Android in reader mode with a user specified URL. This allows an attacker to spoof the contents of the addressbar as displayed to users. Note: This attack only affects Firefox for Android. Other operating systems are not affected. This vulnerability affects Firefox < 53. | |||||
| CVE-2017-5451 | 2 Mozilla, Redhat | 9 Firefox, Firefox Esr, Thunderbird and 6 more | 2018-08-09 | 4.3 MEDIUM | 4.3 MEDIUM |
| A mechanism to spoof the addressbar through the user interaction on the addressbar and the "onblur" event. The event could be used by script to affect text display to make the loaded site appear to be different from the one actually loaded within the addressbar. This vulnerability affects Thunderbird < 52.1, Firefox ESR < 52.1, and Firefox < 53. | |||||
| CVE-2017-5449 | 2 Mozilla, Redhat | 9 Firefox, Firefox Esr, Thunderbird and 6 more | 2018-08-09 | 5.0 MEDIUM | 7.5 HIGH |
| A possibly exploitable crash triggered during layout and manipulation of bidirectional unicode text in concert with CSS animations. This vulnerability affects Thunderbird < 52.1, Firefox ESR < 52.1, and Firefox < 53. | |||||
| CVE-2018-5138 | 2 Google, Mozilla | 2 Android, Firefox | 2018-08-08 | 5.0 MEDIUM | 5.3 MEDIUM |
| A spoofing vulnerability can occur when a malicious site with an extremely long domain name is opened in an Android Custom Tab (a browser panel inside another app) and the default browser is Firefox for Android. This could allow an attacker to spoof which page is actually loaded and in use. Note: this issue only affects Firefox for Android. Other versions and operating systems are unaffected. This vulnerability affects Firefox < 59. | |||||
| CVE-2018-0529 | 1 Cybozu | 1 Office | 2018-08-08 | 4.3 MEDIUM | 4.3 MEDIUM |
| Cybozu Office 10.0.0 to 10.7.0 allows remote attackers to cause a denial of service via unspecified vectors. | |||||
| CVE-2017-17443 | 1 Opcfoundation | 1 Local Discovery Server | 2018-08-08 | 4.0 MEDIUM | 6.5 MEDIUM |
| OPC Foundation Local Discovery Server (LDS) 1.03.370 required a security update to resolve multiple vulnerabilities that allow attackers to trigger a crash by placing invalid data into the configuration file. This vulnerability requires an attacker with access to the file system where the configuration file is stored; however, if the configuration file is altered the LDS will be unavailable until it is repaired. | |||||
| CVE-2016-9076 | 1 Mozilla | 1 Firefox | 2018-08-08 | 4.3 MEDIUM | 5.9 MEDIUM |
| An issue where a "<select>" dropdown menu can be used to cover location bar content, resulting in potential spoofing attacks. This attack requires e10s to be enabled in order to function. This vulnerability affects Firefox < 50. | |||||
| CVE-2017-5420 | 1 Mozilla | 1 Firefox | 2018-08-07 | 4.3 MEDIUM | 6.5 MEDIUM |
| A "javascript:" url loaded by a malicious page can obfuscate its location by blanking the URL displayed in the addressbar, allowing for an attacker to spoof an existing page without the malicious page's address being displayed correctly. This vulnerability affects Firefox < 52. | |||||
| CVE-2017-12070 | 1 Opcfoundation | 1 Ua-.net-legacy | 2018-08-07 | 6.8 MEDIUM | 8.8 HIGH |
| Unsigned versions of the DLLs distributed by the OPC Foundation may be replaced with malicious code. | |||||
| CVE-2017-5421 | 1 Mozilla | 2 Firefox, Thunderbird | 2018-08-07 | 5.0 MEDIUM | 7.5 HIGH |
| A malicious site could spoof the contents of the print preview window if popup windows are enabled, resulting in user confusion of what site is currently loaded. This vulnerability affects Firefox < 52 and Thunderbird < 52. | |||||
| CVE-2017-7829 | 4 Canonical, Debian, Mozilla and 1 more | 8 Ubuntu Linux, Debian Linux, Thunderbird and 5 more | 2018-08-07 | 5.0 MEDIUM | 5.3 MEDIUM |
| It is possible to spoof the sender's email address and display an arbitrary sender address to the email recipient. The real sender's address is not displayed if preceded by a null character in the display string. This vulnerability affects Thunderbird < 52.5.2. | |||||
| CVE-2017-5422 | 1 Mozilla | 2 Firefox, Thunderbird | 2018-08-07 | 5.0 MEDIUM | 7.5 HIGH |
| If a malicious site uses the "view-source:" protocol in a series within a single hyperlink, it can trigger a non-exploitable browser crash when the hyperlink is selected. This was fixed by no longer making "view-source:" linkable. This vulnerability affects Firefox < 52 and Thunderbird < 52. | |||||
| CVE-2017-5415 | 1 Mozilla | 1 Firefox | 2018-08-07 | 5.0 MEDIUM | 5.3 MEDIUM |
| An attack can use a blob URL and script to spoof an arbitrary addressbar URL prefaced by "blob:" as the protocol, leading to user confusion and further spoofing attacks. This vulnerability affects Firefox < 52. | |||||
| CVE-2018-11808 | 1 Zohocorp | 1 Manageengine Applications Manager | 2018-08-07 | 10.0 HIGH | 9.1 CRITICAL |
| Incorrect Access Control in CustomFieldsFeedServlet in Zoho ManageEngine Applications Manager Version 13 before build 13740 allows an attacker to delete any file and read certain files on the server in the context of the user (which by default is "NT AUTHORITY / SYSTEM") by sending a specially crafted request to the server. | |||||
| CVE-2018-8244 | 1 Microsoft | 3 Office, Outlook, Outlook Rt | 2018-08-06 | 4.3 MEDIUM | 6.5 MEDIUM |
| An elevation of privilege vulnerability exists when Microsoft Outlook does not validate attachment headers properly, aka "Microsoft Outlook Elevation of Privilege Vulnerability." This affects Microsoft Office, Microsoft Outlook. | |||||
| CVE-2018-3582 | 1 Google | 1 Android | 2018-08-06 | 4.6 MEDIUM | 7.8 HIGH |
| Buffer overflow can occur due to improper input validation in multiple WMA event handler functions in all Android releases from CAF (Android for MSM, Firefox OS for MSM, QRD Android) using the Linux Kernel. | |||||
| CVE-2018-12025 | 1 Futurxe | 1 Futurxe | 2018-08-06 | 5.0 MEDIUM | 7.5 HIGH |
| The transferFrom function of a smart contract implementation for FuturXE (FXE), an Ethereum ERC20 token, allows attackers to accomplish an unauthorized transfer of digital assets because of a logic error. The developer messed up with the boolean judgment - if the input value is smaller than or equal to allowed value, the transfer session would stop execution by returning false. This makes no sense, because the transferFrom() function should require the transferring value to not exceed the allowed value in the first place. Suppose this function asks for the allowed value to be smaller than the input. Then, the attacker could easily ignore the allowance: after this condition, the `allowed[from][msg.sender] -= value;` would cause an underflow because the allowed part is smaller than the value. The attacker could transfer any amount of FuturXe tokens of any accounts to an appointed account (the `_to` address) because the allowed value is initialized to 0, and the attacker could bypass this restriction even without the victim's private key. | |||||
| CVE-2017-7825 | 3 Apple, Debian, Mozilla | 5 Mac Os X, Debian Linux, Firefox and 2 more | 2018-08-06 | 5.0 MEDIUM | 5.3 MEDIUM |
| Several fonts on OS X display some Tibetan and Arabic characters as whitespace. When used in the addressbar as part of an IDN this can be used for domain name spoofing attacks. Note: This attack only affects OS X operating systems. Other operating systems are unaffected. This vulnerability affects Firefox < 56, Firefox ESR < 52.4, and Thunderbird < 52.4. | |||||
| CVE-2017-7814 | 3 Debian, Mozilla, Redhat | 9 Debian Linux, Firefox, Firefox Esr and 6 more | 2018-08-06 | 6.8 MEDIUM | 7.8 HIGH |
| File downloads encoded with "blob:" and "data:" URL elements bypassed normal file download checks though the Phishing and Malware Protection feature and its block lists of suspicious sites and files. This would allow malicious sites to lure users into downloading executables that would otherwise be detected as suspicious. This vulnerability affects Firefox < 56, Firefox ESR < 52.4, and Thunderbird < 52.4. | |||||
| CVE-2017-7804 | 2 Microsoft, Mozilla | 4 Windows, Firefox, Firefox Esr and 1 more | 2018-08-06 | 5.0 MEDIUM | 7.5 HIGH |
| The destructor function for the "WindowsDllDetourPatcher" class can be re-purposed by malicious code in concert with another vulnerability to write arbitrary data to an attacker controlled location in memory. This can be used to bypass existing memory protections in this situation. Note: This attack only affects Windows operating systems. Other operating systems are not affected. This vulnerability affects Thunderbird < 52.3, Firefox ESR < 52.3, and Firefox < 55. | |||||
| CVE-2018-5753 | 1 Open-xchange | 1 Open-xchange Appsuite | 2018-08-03 | 4.0 MEDIUM | 6.5 MEDIUM |
| The frontend component in Open-Xchange OX App Suite before 7.6.3-rev31, 7.8.x before 7.8.2-rev31, 7.8.3 before 7.8.3-rev41, and 7.8.4 before 7.8.4-rev20 allows remote attackers to spoof the origin of e-mails via unicode characters in the "personal part" of a (1) From or (2) Sender address. | |||||
| CVE-2018-5176 | 2 Canonical, Mozilla | 2 Ubuntu Linux, Firefox | 2018-08-03 | 4.3 MEDIUM | 6.1 MEDIUM |
| The JSON Viewer displays clickable hyperlinks for strings that are parseable as URLs, including "javascript:" links. If a JSON file contains malicious JavaScript script embedded as "javascript:" links, users may be tricked into clicking and running this code in the context of the JSON Viewer. This can allow for the theft of cookies and authorization tokens which are accessible to that context. This vulnerability affects Firefox < 60. | |||||
| CVE-2017-7791 | 3 Debian, Mozilla, Redhat | 10 Debian Linux, Firefox, Firefox Esr and 7 more | 2018-08-03 | 5.0 MEDIUM | 5.3 MEDIUM |
| On pages containing an iframe, the "data:" protocol can be used to create a modal alert that will render over arbitrary domains following page navigation, spoofing of the origin of the modal alert from the iframe content. This vulnerability affects Thunderbird < 52.3, Firefox ESR < 52.3, and Firefox < 55. | |||||
| CVE-2018-5173 | 2 Canonical, Mozilla | 2 Ubuntu Linux, Firefox | 2018-08-03 | 5.0 MEDIUM | 5.3 MEDIUM |
| The filename appearing in the "Downloads" panel improperly renders some Unicode characters, allowing for the file name to be spoofed. This can be used to obscure the file extension of potentially executable files from user view in the panel. Note: the dialog to open the file will show the full, correct filename and whether it is executable or not. This vulnerability affects Firefox < 60. | |||||
| CVE-2018-5167 | 2 Canonical, Mozilla | 2 Ubuntu Linux, Firefox | 2018-08-03 | 4.3 MEDIUM | 4.3 MEDIUM |
| The web console and JavaScript debugger do not sanitize all output that can be hyperlinked. Both will display "chrome:" links as active, clickable hyperlinks in their output. Web sites should not be able to directly link to internal chrome pages. Additionally, the JavaScript debugger will display "javascript:" links, which users could be tricked into clicking by malicious sites. This vulnerability affects Firefox < 60. | |||||
| CVE-2017-5383 | 3 Debian, Mozilla, Redhat | 10 Debian Linux, Firefox, Firefox Esr and 7 more | 2018-08-02 | 5.0 MEDIUM | 5.3 MEDIUM |
| URLs containing certain unicode glyphs for alternative hyphens and quotes do not properly trigger punycode display, allowing for domain name spoofing attacks in the location bar. This vulnerability affects Thunderbird < 45.7, Firefox ESR < 45.7, and Firefox < 51. | |||||
| CVE-2018-5141 | 2 Canonical, Mozilla | 2 Ubuntu Linux, Firefox | 2018-08-02 | 6.4 MEDIUM | 8.2 HIGH |
| A vulnerability in the notifications Push API where notifications can be sent through service workers by web content without direct user interaction. This could be used to open new tabs in a denial of service (DOS) attack or to display unwanted content from arbitrary URLs to users. This vulnerability affects Firefox < 59. | |||||
| CVE-2017-5417 | 1 Mozilla | 1 Firefox | 2018-08-02 | 5.0 MEDIUM | 5.3 MEDIUM |
| When dragging content from the primary browser pane to the addressbar on a malicious site, it is possible to change the addressbar so that the displayed location following navigation does not match the URL of the newly loaded page. This allows for spoofing attacks. This vulnerability affects Firefox < 52. | |||||
| CVE-2018-5169 | 2 Canonical, Mozilla | 2 Ubuntu Linux, Firefox | 2018-08-02 | 4.3 MEDIUM | 6.5 MEDIUM |
| If manipulated hyperlinked text with "chrome:" URL contained in it is dragged and dropped on the "home" icon, the home page can be reset to include a normally-unlinkable chrome page as one of the home page tabs. This vulnerability affects Firefox < 60. | |||||
| CVE-2018-12459 | 1 Ffmpeg | 1 Ffmpeg | 2018-08-02 | 4.3 MEDIUM | 6.5 MEDIUM |
| An inconsistent bits-per-sample value in the ff_mpeg4_decode_picture_header function in libavcodec/mpeg4videodec.c in FFmpeg 4.0 may trigger an assertion violation while converting a crafted AVI file to MPEG4, leading to a denial of service. | |||||
| CVE-2018-6515 | 2 Microsoft, Puppet | 2 Windows, Puppet | 2018-08-02 | 6.8 MEDIUM | 7.8 HIGH |
| Puppet Agent 1.10.x prior to 1.10.13, Puppet Agent 5.3.x prior to 5.3.7, and Puppet Agent 5.5.x prior to 5.5.2 on Windows only, with a specially crafted configuration file an attacker could get pxp-agent to load arbitrary code with privilege escalation. | |||||
| CVE-2015-5146 | 3 Debian, Fedoraproject, Ntp | 3 Debian Linux, Fedora, Ntp | 2018-08-02 | 3.5 LOW | 5.3 MEDIUM |
| ntpd in ntp before 4.2.8p3 with remote configuration enabled allows remote authenticated users with knowledge of the configuration password and access to a computer entrusted to perform remote configuration to cause a denial of service (service crash) via a NULL byte in a crafted configuration directive packet. | |||||
| CVE-2018-5513 | 1 F5 | 13 Big-ip Access Policy Manager, Big-ip Advanced Firewall Manager, Big-ip Analytics and 10 more | 2018-08-01 | 5.0 MEDIUM | 7.5 HIGH |
| On F5 BIG-IP 13.1.0-13.1.0.3, 13.0.0, 12.1.0-12.1.3.3, 11.6.1-11.6.3.1, 11.5.1-11.5.5, or 11.2.1, a malformed TLS handshake causes TMM to crash leading to a disruption of service. This issue is only exposed on the data plane when Proxy SSL configuration is enabled. The control plane is not impacted by this issue. | |||||
| CVE-2018-5522 | 1 F5 | 13 Big-ip Access Policy Manager, Big-ip Advanced Firewall Manager, Big-ip Analytics and 10 more | 2018-08-01 | 4.3 MEDIUM | 5.9 MEDIUM |
| On F5 BIG-IP 13.0.0, 12.0.0-12.1.2, 11.6.1-11.6.3.1, 11.5.1-11.5.5, or 11.2.1, when processing DIAMETER transactions with carefully crafted attribute-value pairs, TMM may crash. | |||||
| CVE-2016-9901 | 2 Mozilla, Redhat | 7 Firefox, Firefox Esr, Enterprise Linux Aus and 4 more | 2018-08-01 | 7.5 HIGH | 9.8 CRITICAL |
| HTML tags received from the Pocket server will be processed without sanitization and any JavaScript code executed will be run in the "about:pocket-saved" (unprivileged) page, giving it access to Pocket's messaging API through HTML injection. This vulnerability affects Firefox ESR < 45.6 and Firefox < 50.1. | |||||
| CVE-2018-12108 | 1 Dropbox | 1 Lepton | 2018-07-30 | 4.3 MEDIUM | 5.5 MEDIUM |
| An issue was discovered in Dropbox Lepton 1.2.1. The validateAndCompress function in validation.cc allows remote attackers to cause a denial of service (SIGFPE and application crash) via a malformed file. | |||||