Search
Total
201818 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2018-1779 | 1 Ibm | 1 Api Connect | 2020-08-24 | 5.0 MEDIUM | 7.5 HIGH |
| IBM API Connect 2018.1 through 2018.3.7 could allow an unauthenticated attacker to cause a denial of service due to not setting limits on JSON payload size. IBM X-Force ID: 148802. | |||||
| CVE-2018-17791 | 1 Newgensoft | 1 Omniflow Intelligent Business Process Suite | 2020-08-24 | 5.0 MEDIUM | 7.5 HIGH |
| Newgen OmniFlow Intelligent Business Process Suite (iBPS) 7.0 has an "improper server side validation" vulnerability where client-side validations are tampered, and inappropriate information is stored on the server side and fetched from the server every time the user visits the D, creating business confusion. In the worst case, all available resources are consumed while processing the data, resulting in unavailability of the service to legitimate users. This occurs because non-editable parameters can be modified by manually editing a disabled form field within the developer options. | |||||
| CVE-2018-17798 | 1 Zzcms | 1 Zzcms | 2020-08-24 | 5.5 MEDIUM | 6.5 MEDIUM |
| An issue was discovered in zzcms 8.3. user/ztconfig.php allows remote attackers to delete arbitrary files via an absolute pathname in the oldimg parameter in an action=modify request. This can be leveraged for database access by deleting install.lock. | |||||
| CVE-2018-1783 | 1 Ibm | 1 Spectrum Scale | 2020-08-24 | 2.1 LOW | 5.5 MEDIUM |
| IBM GPFS (IBM Spectrum Scale 4.1.1.0, 4.1.1.20, 4.2.0.0, 4.2.3.10, 5.0.0 and 5.0.1.2) command line utility allows an unprivileged, authenticated user with access to a GPFS node to forcefully terminate GPFS and deny access to data available through GPFS. IBM X-Force ID: 148806. | |||||
| CVE-2018-17836 | 1 Jtbc | 1 Jtbc Php | 2020-08-24 | 6.5 MEDIUM | 8.8 HIGH |
| An issue was discovered in JTBC(PHP) 3.0.1.6. It allows remote attackers to execute arbitrary PHP code by using a /console/file/manage.php?type=action&action=addfile&path=..%2F substring to upload, in conjunction with a multipart/form-data PHP payload. | |||||
| CVE-2018-17837 | 1 Jtbc | 1 Jtbc Php | 2020-08-24 | 6.4 MEDIUM | 7.5 HIGH |
| An issue was discovered in JTBC(PHP) 3.0.1.6. Arbitrary file deletion is possible via a /console/file/manage.php?type=action&action=delete&path=c%3A%2F substring. | |||||
| CVE-2018-1784 | 1 Ibm | 1 Api Connect | 2020-08-24 | 7.5 HIGH | 9.8 CRITICAL |
| IBM API Connect 5.0.0.0 and 5.0.8.4 is affected by a NoSQL Injection in MongoDB connector for the LoopBack framework. IBM X-Force ID: 148807. | |||||
| CVE-2018-17847 | 2 Fedoraproject, Golang | 2 Fedora, Net | 2020-08-24 | 5.0 MEDIUM | 7.5 HIGH |
| The html package (aka x/net/html) through 2018-09-25 in Go mishandles <svg><template><desc><t><svg></template>, leading to a "panic: runtime error" (index out of range) in (*nodeStack).pop in node.go, called from (*parser).clearActiveFormattingElements, during an html.Parse call. | |||||
| CVE-2018-17855 | 1 Joomla | 1 Joomla\! | 2020-08-24 | 6.5 MEDIUM | 8.8 HIGH |
| An issue was discovered in Joomla! before 3.8.13. If an attacker gets access to the mail account of an user who can approve admin verifications in the registration process, he can activate himself. | |||||
| CVE-2018-17856 | 1 Joomla | 1 Joomla\! | 2020-08-24 | 6.5 MEDIUM | 7.2 HIGH |
| An issue was discovered in Joomla! before 3.8.13. com_joomlaupdate allows the execution of arbitrary code. The default ACL config enabled the ability of Administrator-level users to access com_joomlaupdate and trigger code execution. | |||||
| CVE-2018-1787 | 2 Ibm, Microsoft | 3 Spectrum Protect Backup-archive Client, Spectrum Protect For Virtual Environments, Windows | 2020-08-24 | 2.1 LOW | 5.5 MEDIUM |
| IBM Spectrum Protect 7.1 and 8.1 is affected by a password exposure vulnerability caused by insecure file permissions. IBM X-Force ID: 148872. | |||||
| CVE-2018-17872 | 1 Verint | 2 Collaboration Compliance, Quality Management Platform | 2020-08-24 | 6.5 MEDIUM | 8.8 HIGH |
| Verba Collaboration Compliance and Quality Management Platform before 9.2.1.5545 has Insecure Permissions. | |||||
| CVE-2018-17873 | 1 Wifiranger | 2 Wifiranger, Wifiranger Firmware | 2020-08-24 | 3.3 LOW | 8.8 HIGH |
| An incorrect access control vulnerability in the FTP configuration of WiFiRanger devices with firmware version 7.0.8rc3 and earlier allows an attacker with adjacent network access to read the SSH Private Key and log in to the root account. | |||||
| CVE-2018-17880 | 1 D-link | 2 Dir-823g, Dir-823g Firmware | 2020-08-24 | 7.8 HIGH | 7.5 HIGH |
| On D-Link DIR-823G 2018-09-19 devices, the GoAhead configuration allows /HNAP1 RunReboot commands without authentication to trigger a reboot. | |||||
| CVE-2018-17938 | 1 Synacor | 1 Zimbra Collaboration Suite | 2020-08-24 | 5.0 MEDIUM | 5.3 MEDIUM |
| Zimbra Collaboration before 8.8.10 GA allows text content spoofing via a loginErrorCode value. | |||||
| CVE-2018-17942 | 1 Gnu | 1 Gnulib | 2020-08-24 | 6.8 MEDIUM | 8.8 HIGH |
| The convert_to_decimal function in vasnprintf.c in Gnulib before 2018-09-23 has a heap-based buffer overflow because memory is not allocated for a trailing '\0' character during %f processing. | |||||
| CVE-2018-1796 | 1 Ibm | 1 Informix Dynamic Server | 2020-08-24 | 7.2 HIGH | 7.8 HIGH |
| IBM Informix Dynamic Server Enterprise Edition 12.1 could allow a local user to load malicious libraries and gain root privileges. IBM X-Force ID: 149426. | |||||
| CVE-2018-17962 | 6 Canonical, Debian, Oracle and 3 more | 6 Ubuntu Linux, Debian Linux, Linux and 3 more | 2020-08-24 | 5.0 MEDIUM | 7.5 HIGH |
| Qemu has a Buffer Overflow in pcnet_receive in hw/net/pcnet.c because an incorrect integer data type is used. | |||||
| CVE-2018-1799 | 3 Ibm, Linux, Microsoft | 3 Db2, Linux Kernel, Windows | 2020-08-24 | 3.6 LOW | 5.5 MEDIUM |
| IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, and 11.1 could allow a local unprivileged user to overwrite files on the system which could cause damage to the database. IBM X-Force ID: 149429. | |||||
| CVE-2018-18004 | 1 Vivotek | 1 Camera | 2020-08-24 | 5.0 MEDIUM | 5.3 MEDIUM |
| Incorrect Access Control in mod_inetd.cgi in VIVOTEK Network Camera Series products with firmware before XXXXXX-VVTK-0X09a allows remote attackers to enable arbitrary system services via a URL parameter. | |||||
| CVE-2018-18008 | 1 Dlink | 14 Dir-140l, Dir-140l Firmware, Dir-640l and 11 more | 2020-08-24 | 5.0 MEDIUM | 9.8 CRITICAL |
| spaces.htm on multiple D-Link devices (DSL, DIR, DWR) allows remote unauthenticated attackers to discover admin credentials. | |||||
| CVE-2018-18020 | 1 Qpdf Project | 1 Qpdf | 2020-08-24 | 4.3 MEDIUM | 3.3 LOW |
| In QPDF 8.2.1, in libqpdf/QPDFWriter.cc, QPDFWriter::unparseObject and QPDFWriter::unparseChild have recursive calls for a long time, which allows remote attackers to cause a denial of service via a crafted PDF file. | |||||
| CVE-2018-18026 | 1 Iobit | 1 Malware Fighter | 2020-08-24 | 4.6 MEDIUM | 7.8 HIGH |
| IMFCameraProtect.sys in IObit Malware Fighter 6.2 (and possibly lower versions) is vulnerable to a stack-based buffer overflow. The attacker can use DeviceIoControl to pass a user specified size which can be used to overwrite return addresses. This can lead to a denial of service or code execution attack. | |||||
| CVE-2018-1803 | 1 Ibm | 1 Security Access Manager | 2020-08-24 | 4.3 MEDIUM | 6.1 MEDIUM |
| IBM Security Access Manager Appliance 9.0.1.0, 9.0.2.0, 9.0.3.0, 9.0.4.0, and 9.0.5.0 could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could exploit this vulnerability to hijack the victim's click actions and possibly launch further attacks against the victim. IBM X-Force ID: 149702. | |||||
| CVE-2018-1808 | 1 Ibm | 1 Websphere Commerce | 2020-08-24 | 6.5 MEDIUM | 8.8 HIGH |
| IBM WebSphere Commerce 9.0.0.0 through 9.0.0.6 could allow some server-side code injection due to inadequate input control. IBM X-Force ID: 149828. | |||||
| CVE-2018-18192 | 1 Linuxsampler | 1 Libgig | 2020-08-24 | 4.3 MEDIUM | 6.5 MEDIUM |
| An issue was discovered in libgig 4.1.0. There is a NULL pointer dereference in the function DLS::File::GetFirstSample() in DLS.cpp. | |||||
| CVE-2018-18223 | 2 Opendesign, Oracle | 2 Drawings Sdk, Outside In Technology | 2020-08-24 | 5.8 MEDIUM | 8.1 HIGH |
| Open Design Alliance Drawings SDK 2019Update1 has a vulnerability during the reading of malformed files, allowing attackers to obtain sensitive information from process memory or cause a crash. | |||||
| CVE-2018-18224 | 2 Opendesign, Oracle | 2 Drawings Sdk, Outside In Technology | 2020-08-24 | 5.8 MEDIUM | 8.1 HIGH |
| A vulnerability exists in the file reading procedure in Open Design Alliance Drawings SDK 2019Update1 on non-Windows platforms in which attackers could perform read operations past the end, or before the beginning, of the intended buffer. This can allow attackers to obtain sensitive information from process memory or cause a crash. | |||||
| CVE-2018-18240 | 1 Pippo | 1 Pippo | 2020-08-24 | 7.5 HIGH | 9.8 CRITICAL |
| Pippo through 1.11.0 allows remote code execution via a command to java.lang.ProcessBuilder because the XstreamEngine component does not use XStream's available protection mechanisms to restrict unmarshalling. | |||||
| CVE-2018-18250 | 1 Icinga | 1 Icinga Web 2 | 2020-08-24 | 5.0 MEDIUM | 7.5 HIGH |
| Icinga Web 2 before 2.6.2 allows parameters that break navigation dashlets, as demonstrated by a single '$' character as the Name of a Navigation item. | |||||
| CVE-2018-18251 | 1 Deltek | 1 Vision | 2020-08-24 | 7.5 HIGH | 9.8 CRITICAL |
| Deltek Vision 7.x before 7.6 permits the execution of any attacker supplied SQL statement through a custom RPC over HTTP protocol. The Vision system relies on the client binary to enforce security rules and integrity of SQL statements and other content being sent to the server. Client HTTP calls can be manipulated by one of several means to execute arbitrary SQL statements (similar to SQLi) or possibly have unspecified other impact via this custom protocol. To perform these attacks an authenticated session is first required. In some cases client calls are obfuscated by encryption, which can be bypassed due to hard-coded keys and an insecure key rotation protocol. Impacts may include remote code execution in some deployments; however, the vendor states that this cannot occur when the installation documentation is heeded. | |||||
| CVE-2018-18274 | 1 Pdfalto Project | 1 Pdfalto | 2020-08-24 | 6.8 MEDIUM | 7.8 HIGH |
| A issue was found in pdfalto 0.2. There is a heap-based buffer overflow in the TextPage::addAttributsNode function in XmlAltoOutputDev.cc. | |||||
| CVE-2018-18281 | 3 Canonical, Debian, Linux | 3 Ubuntu Linux, Debian Linux, Linux Kernel | 2020-08-24 | 4.6 MEDIUM | 7.8 HIGH |
| Since Linux kernel version 3.2, the mremap() syscall performs TLB flushes after dropping pagetable locks. If a syscall such as ftruncate() removes entries from the pagetables of a task that is in the middle of mremap(), a stale TLB entry can remain for a short time that permits access to a physical page after it has been released back to the page allocator and reused. This is fixed in the following kernel versions: 4.9.135, 4.14.78, 4.18.16, 4.19. | |||||
| CVE-2018-18311 | 8 Apple, Canonical, Debian and 5 more | 18 Mac Os X, Ubuntu Linux, Debian Linux and 15 more | 2020-08-24 | 7.5 HIGH | 9.8 CRITICAL |
| Perl before 5.26.3 and 5.28.x before 5.28.1 has a buffer overflow via a crafted regular expression that triggers invalid write operations. | |||||
| CVE-2018-18319 | 1 Asuswrt-merlin Project | 28 Rt-ac1900, Rt-ac1900 Firmware, Rt-ac2900 and 25 more | 2020-08-24 | 7.5 HIGH | 9.8 CRITICAL |
| ** DISPUTED ** An issue was discovered in the Merlin.PHP component 0.6.6 for Asuswrt-Merlin devices. An attacker can execute arbitrary commands because api.php has an eval call, as demonstrated by the /6/api.php?function=command&class=remote&Cc='ls' URI. NOTE: the vendor indicates that Merlin.PHP is designed only for use on a trusted intranet network, and intentionally allows remote code execution. | |||||
| CVE-2018-18320 | 1 Asuswrt-merlin Project | 28 Rt-ac1900, Rt-ac1900 Firmware, Rt-ac2900 and 25 more | 2020-08-24 | 7.5 HIGH | 9.8 CRITICAL |
| ** DISPUTED ** An issue was discovered in the Merlin.PHP component 0.6.6 for Asuswrt-Merlin devices. An attacker can execute arbitrary commands because exec.php has a popen call. NOTE: the vendor indicates that Merlin.PHP is designed only for use on a trusted intranet network, and intentionally allows remote code execution. | |||||
| CVE-2018-18326 | 1 Dnnsoftware | 1 Dotnetnuke | 2020-08-24 | 5.0 MEDIUM | 7.5 HIGH |
| DNN (aka DotNetNuke) 9.2 through 9.2.2 incorrectly converts encryption key source values, resulting in lower than expected entropy. NOTE: this issue exists because of an incomplete fix for CVE-2018-15812. | |||||
| CVE-2018-1833 | 1 Ibm | 1 Event Streams | 2020-08-24 | 3.5 LOW | 5.3 MEDIUM |
| IBM Event Streams 2018.3.0 could allow a remote attacker to submit an API request with a fake Host request header. An attacker, who has already gained authorised access via the CLI, could exploit this vulnerability to spoof the request header. IBM X-Force ID: 150507. | |||||
| CVE-2018-18330 | 1 Trendmicro | 1 Dr. Safety | 2020-08-24 | 4.3 MEDIUM | 6.5 MEDIUM |
| An Address Bar Spoofing vulnerability in Trend Micro Dr. Safety for Android (Consumer) versions 3.0.1324 and below could allow an attacker to potentially trick a victim into visiting a malicious URL using address bar spoofing on the Private Browser of the app on vulnerable installations. | |||||
| CVE-2018-18331 | 2 Microsoft, Trendmicro | 2 Windows, Officescan | 2020-08-24 | 5.0 MEDIUM | 7.5 HIGH |
| A Trend Micro OfficeScan XG weak file permissions vulnerability on a particular folder for a particular group may allow an attacker to alter the files, which could lead to other exploits on vulnerable installations. | |||||
| CVE-2018-18332 | 2 Microsoft, Trendmicro | 2 Windows, Officescan | 2020-08-24 | 5.0 MEDIUM | 7.5 HIGH |
| A Trend Micro OfficeScan XG weak file permissions vulnerability may allow an attacker to potentially manipulate permissions on some key files to modify other files and folders on vulnerable installations. | |||||
| CVE-2018-18335 | 4 Debian, Google, Opensuse and 1 more | 6 Debian Linux, Chrome, Leap and 3 more | 2020-08-24 | 6.8 MEDIUM | 8.8 HIGH |
| Heap buffer overflow in Skia in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |||||
| CVE-2018-18336 | 3 Debian, Google, Redhat | 5 Debian Linux, Chrome, Linux Desktop and 2 more | 2020-08-24 | 6.8 MEDIUM | 8.8 HIGH |
| Incorrect object lifecycle in PDFium in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file. | |||||
| CVE-2018-18337 | 3 Debian, Google, Redhat | 5 Debian Linux, Chrome, Linux Desktop and 2 more | 2020-08-24 | 6.8 MEDIUM | 8.8 HIGH |
| Incorrect handling of stylesheets leading to a use after free in Blink in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |||||
| CVE-2018-18338 | 3 Debian, Google, Redhat | 5 Debian Linux, Chrome, Linux Desktop and 2 more | 2020-08-24 | 6.8 MEDIUM | 8.8 HIGH |
| Incorrect, thread-unsafe use of SkImage in Canvas in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |||||
| CVE-2018-18339 | 3 Debian, Google, Redhat | 5 Debian Linux, Chrome, Linux Desktop and 2 more | 2020-08-24 | 6.8 MEDIUM | 8.8 HIGH |
| Incorrect object lifecycle in WebAudio in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |||||
| CVE-2018-18340 | 3 Debian, Google, Redhat | 5 Debian Linux, Chrome, Linux Desktop and 2 more | 2020-08-24 | 6.8 MEDIUM | 8.8 HIGH |
| Incorrect object lifecycle in MediaRecorder in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |||||
| CVE-2018-18341 | 3 Debian, Google, Redhat | 5 Debian Linux, Chrome, Linux Desktop and 2 more | 2020-08-24 | 6.8 MEDIUM | 8.8 HIGH |
| An integer overflow leading to a heap buffer overflow in Blink in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |||||
| CVE-2018-18342 | 3 Debian, Google, Redhat | 5 Debian Linux, Chrome, Enterprise Linux Desktop and 2 more | 2020-08-24 | 6.8 MEDIUM | 8.8 HIGH |
| Execution of user supplied Javascript during object deserialization can update object length leading to an out of bounds write in V8 in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. | |||||
| CVE-2018-18343 | 3 Debian, Google, Redhat | 5 Debian Linux, Chrome, Linux Desktop and 2 more | 2020-08-24 | 6.8 MEDIUM | 8.8 HIGH |
| Incorrect handing of paths leading to a use after free in Skia in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |||||