Search
Total
201818 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2018-15571 | 1 Export Users To Csv Project | 1 Export Users To Csv | 2020-08-24 | 6.8 MEDIUM | 8.6 HIGH |
| The Export Users to CSV plugin through 1.1.1 for WordPress allows CSV injection. | |||||
| CVE-2018-15576 | 1 Hazzardweb | 1 Easylogin Pro | 2020-08-24 | 6.8 MEDIUM | 8.1 HIGH |
| An issue was discovered in EasyLogin Pro through 1.3.0. Encryptor.php contains an unserialize call that can be exploited for remote code execution in the decrypt function, if the attacker knows the key. | |||||
| CVE-2018-15608 | 1 Manageengine | 1 Admanager Plus | 2020-08-24 | 4.3 MEDIUM | 6.1 MEDIUM |
| Zoho ManageEngine ADManager Plus 6.5.7 allows HTML Injection on the "AD Delegation" "Help Desk Technicians" screen. | |||||
| CVE-2018-15667 | 1 Airmailapp | 1 Airmail | 2020-08-24 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered in Bloop Airmail 3 3.5.9 for macOS. It registers and uses the airmail:// URL scheme. The "send" command in the URL scheme allows an external application to send arbitrary emails from an active account without authentication. The handler has no restriction on who can use its functionality. The handler can be invoked using any method that invokes the URL handler such as a hyperlink in an email. The user is not prompted when the handler processes the "send" command, thus leading to automatic transmission of an attacker crafted email from the target account. | |||||
| CVE-2018-15677 | 1 Btiteam | 1 Xbtit | 2020-08-24 | 4.3 MEDIUM | 6.1 MEDIUM |
| The newsfeed (aka /index.php?page=viewnews) in BTITeam XBTIT 2.5.4 has stored XSS via the title of a news item. This is also exploitable via CSRF. | |||||
| CVE-2018-15704 | 1 Advantech | 1 Webaccess | 2020-08-24 | 9.0 HIGH | 8.8 HIGH |
| Advantech WebAccess 8.3.2 and below is vulnerable to a stack buffer overflow vulnerability. A remote authenticated attacker could potentially exploit this vulnerability by sending a crafted HTTP request to broadweb/system/opcImg.asp. | |||||
| CVE-2018-15766 | 1 Dell | 2 Encryption, Endpoint Security Suite Enterprise | 2020-08-24 | 5.0 MEDIUM | 7.5 HIGH |
| On install, Dell Encryption versions prior 10.0.1 and Dell Endpoint Security Suite Enterprise versions prior 2.0.1 will overwrite and manually set the "Minimum Password Length" group policy object to a value of 1 on that device. This allows for users to bypass any existing policy for password length and potentially create insecure password on their device. This value is defined during the installation of the "Encryption Management Agent" or "EMAgent" application. There are no other known values modified. | |||||
| CVE-2018-15768 | 1 Dell | 1 Openmanage Network Manager | 2020-08-24 | 4.0 MEDIUM | 6.5 MEDIUM |
| Dell OpenManage Network Manager versions prior to 6.5.0 enabled read/write access to the file system for MySQL users due to insecure default configuration setting for the embedded MySQL database. | |||||
| CVE-2018-15776 | 1 Dell | 2 Idrac7 Firmware, Idrac8 Firmware | 2020-08-24 | 4.6 MEDIUM | 6.8 MEDIUM |
| Dell EMC iDRAC7/iDRAC8 versions prior to 2.61.60.60 contain an improper error handling vulnerability. An unauthenticated attacker with physical access to the system could potentially exploit this vulnerability to get access to the u-boot shell. | |||||
| CVE-2018-15796 | 1 Pivotal Software | 1 Bits Service | 2020-08-24 | 5.5 MEDIUM | 8.1 HIGH |
| Cloud Foundry Bits Service Release, versions prior to 2.14.0, uses an insecure hashing algorithm to sign URLs. A remote malicious user may obtain a signed URL and extract the signing key, allowing them complete read and write access to the the Bits Service storage. | |||||
| CVE-2018-15797 | 1 Pivotal Software | 1 Cloud Foundry Nfs Volume | 2020-08-24 | 4.0 MEDIUM | 8.8 HIGH |
| Cloud Foundry NFS volume release, 1.2.x prior to 1.2.5, 1.5.x prior to 1.5.4, 1.7.x prior to 1.7.3, logs the cf admin username and password when running the nfsbrokerpush BOSH deploy errand. A remote authenticated user with access to BOSH can obtain the admin credentials for the Cloud Foundry Platform through the logs of the NFS volume deploy errand. | |||||
| CVE-2018-15809 | 1 Accupos | 1 Accupos | 2020-08-24 | 2.1 LOW | 5.5 MEDIUM |
| AccuPOS 2017.8 is installed with the insecure "Authenticated Users: Modify" permission for files within the installation path. This may allow local attackers to compromise the integrity of critical resource and executable files. | |||||
| CVE-2018-15812 | 1 Dnnsoftware | 1 Dotnetnuke | 2020-08-24 | 5.0 MEDIUM | 7.5 HIGH |
| DNN (aka DotNetNuke) 9.2 through 9.2.1 incorrectly converts encryption key source values, resulting in lower than expected entropy. | |||||
| CVE-2018-15833 | 1 Vanillaforums | 1 Vanilla Forums | 2020-08-24 | 4.0 MEDIUM | 4.3 MEDIUM |
| In Vanilla before 2.6.1, the polling functionality allows Insecure Direct Object Reference (IDOR) via the Poll ID, leading to the ability of a single user to select multiple Poll Options (e.g., vote for multiple items). | |||||
| CVE-2018-15834 | 1 Radare | 1 Radare2 | 2020-08-24 | 4.3 MEDIUM | 5.5 MEDIUM |
| In radare2 before 2.9.0, a heap overflow vulnerability exists in the read_module_referenced_functions function in libr/anal/flirt.c via a crafted flirt signature file. | |||||
| CVE-2018-15835 | 1 Google | 1 Android | 2020-08-24 | 5.0 MEDIUM | 7.5 HIGH |
| Android 1.0 through 9.0 has Insecure Permissions. The Android bug ID is 77286983. | |||||
| CVE-2018-15884 | 1 Ricoh | 2 Mp C4504ex, Mp C4504ex Firmware | 2020-08-24 | 6.8 MEDIUM | 8.8 HIGH |
| RICOH MP C4504ex devices allow HTML Injection via the /web/entry/en/address/adrsSetUserWizard.cgi entryNameIn parameter. | |||||
| CVE-2018-15911 | 5 Artifex, Canonical, Debian and 2 more | 11 Ghostscript, Gpl Ghostscript, Ubuntu Linux and 8 more | 2020-08-24 | 6.8 MEDIUM | 7.8 HIGH |
| In Artifex Ghostscript 9.23 before 2018-08-24, attackers able to supply crafted PostScript could use uninitialized memory access in the aesdecode operator to crash the interpreter or potentially execute code. | |||||
| CVE-2018-16021 | 3 Adobe, Apple, Microsoft | 4 Acrobat Dc, Acrobat Reader Dc, Mac Os X and 1 more | 2020-08-24 | 9.3 HIGH | 8.8 HIGH |
| Adobe Acrobat and Reader versions 2019.008.20081 and earlier, 2019.008.20080 and earlier, 2019.008.20081 and earlier, 2017.011.30106 and earlier version, 2017.011.30105 and earlier version, 2015.006.30457 and earlier, and 2015.006.30456 and earlier have a heap overflow vulnerability. Successful exploitation could lead to arbitrary code execution. | |||||
| CVE-2018-16056 | 2 Debian, Wireshark | 2 Debian Linux, Wireshark | 2020-08-24 | 5.0 MEDIUM | 7.5 HIGH |
| In Wireshark 2.6.0 to 2.6.2, 2.4.0 to 2.4.8, and 2.2.0 to 2.2.16, the Bluetooth Attribute Protocol dissector could crash. This was addressed in epan/dissectors/packet-btatt.c by verifying that a dissector for a specific UUID exists. | |||||
| CVE-2018-16058 | 2 Debian, Wireshark | 2 Debian Linux, Wireshark | 2020-08-24 | 5.0 MEDIUM | 7.5 HIGH |
| In Wireshark 2.6.0 to 2.6.2, 2.4.0 to 2.4.8, and 2.2.0 to 2.2.16, the Bluetooth AVDTP dissector could crash. This was addressed in epan/dissectors/packet-btavdtp.c by properly initializing a data structure. | |||||
| CVE-2018-16066 | 3 Debian, Google, Redhat | 5 Debian Linux, Chrome, Enterprise Linux Desktop and 2 more | 2020-08-24 | 4.3 MEDIUM | 6.5 MEDIUM |
| A use after free in Blink in Google Chrome prior to 69.0.3497.81 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |||||
| CVE-2018-16067 | 3 Debian, Google, Redhat | 5 Debian Linux, Chrome, Enterprise Linux Desktop and 2 more | 2020-08-24 | 4.3 MEDIUM | 6.5 MEDIUM |
| A use after free in WebAudio in Google Chrome prior to 69.0.3497.81 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |||||
| CVE-2018-16070 | 1 Google | 1 Chrome | 2020-08-24 | 6.8 MEDIUM | 8.8 HIGH |
| Integer overflows in Skia in Google Chrome prior to 69.0.3497.81 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |||||
| CVE-2018-16071 | 2 Google, Redhat | 4 Chrome, Enterprise Linux Desktop, Enterprise Linux Server and 1 more | 2020-08-24 | 6.8 MEDIUM | 8.8 HIGH |
| A use after free in WebRTC in Google Chrome prior to 69.0.3497.81 allowed a remote attacker to potentially exploit heap corruption via a crafted video file. | |||||
| CVE-2018-16075 | 1 Google | 1 Chrome | 2020-08-24 | 2.6 LOW | 5.3 MEDIUM |
| Insufficient file type enforcement in Blink in Google Chrome prior to 69.0.3497.81 allowed a remote attacker to obtain local file data via a crafted HTML page. | |||||
| CVE-2018-16085 | 1 Google | 1 Chrome | 2020-08-24 | 6.8 MEDIUM | 8.8 HIGH |
| A use after free in ResourceCoordinator in Google Chrome prior to 69.0.3497.81 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | |||||
| CVE-2018-16087 | 1 Google | 1 Chrome | 2020-08-24 | 4.3 MEDIUM | 4.3 MEDIUM |
| Lack of proper state tracking in Permissions in Google Chrome prior to 69.0.3497.81 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. | |||||
| CVE-2018-16095 | 1 Lenovo | 8 System Management Module Firmware, Thinkagile Hx Enclosure 7x81, Thinkagile Hx Enclosure 7y87 and 5 more | 2020-08-24 | 4.3 MEDIUM | 5.9 MEDIUM |
| In System Management Module (SMM) versions prior to 1.06, the SMM records hashed passwords to a debug log when user authentication fails. | |||||
| CVE-2018-16119 | 1 Tp-link | 2 Tl-wr1043nd, Tl-wr1043nd Firmware | 2020-08-24 | 9.0 HIGH | 7.2 HIGH |
| Stack-based buffer overflow in the httpd server of TP-Link WR1043nd (Firmware Version 3) allows remote attackers to execute arbitrary code via a malicious MediaServer request to /userRpm/MediaServerFoldersCfgRpm.htm. | |||||
| CVE-2018-16157 | 1 Bijiadao | 1 Waimai Super Cms | 2020-08-24 | 5.0 MEDIUM | 5.3 MEDIUM |
| waimai Super Cms 20150505 has a logic flaw allowing attackers to modify a price, before form submission, by observing data in a packet capture. By setting the index.php?m=cart&a=save item_totals parameter to zero, the entire cart is sold for free. | |||||
| CVE-2018-16158 | 1 Eaton | 6 Power Xpert Meter 4000, Power Xpert Meter 4000 Firmware, Power Xpert Meter 6000 and 3 more | 2020-08-24 | 10.0 HIGH | 9.8 CRITICAL |
| Eaton Power Xpert Meter 4000, 6000, and 8000 devices before 13.4.0.10 have a single SSH private key across different customers' installations and do not properly restrict access to this key, which makes it easier for remote attackers to perform SSH logins (to uid 0) via the PubkeyAuthentication option. | |||||
| CVE-2018-16163 | 1 Opendolphin | 1 Opendolphin | 2020-08-24 | 5.5 MEDIUM | 6.5 MEDIUM |
| OpenDolphin 2.7.0 and earlier allows authenticated attackers to bypass authentication to create and/or delete other users accounts via unspecified vectors. | |||||
| CVE-2018-16172 | 1 Cybozu | 1 Remote Service Manager | 2020-08-24 | 5.8 MEDIUM | 6.5 MEDIUM |
| Improper countermeasure against clickjacking attack in client certificates management screen was discovered in Cybozu Remote Service 3.0.0 to 3.1.8, that allows remote attackers to trick a user to delete the registered client certificate. | |||||
| CVE-2018-16178 | 1 Cybozu | 1 Garoon | 2020-08-24 | 5.0 MEDIUM | 7.5 HIGH |
| Cybozu Garoon 3.0.0 to 4.10.0 allows remote attackers to bypass access restriction to view information available only for a sign-on user via Single sign-on function. | |||||
| CVE-2018-16225 | 2 Qbeecam, Swisscom | 4 Qbee Multi-sensor Camera, Qbee Multi-sensor Camera Firmware, Qbeecam and 1 more | 2020-08-24 | 6.1 MEDIUM | 6.5 MEDIUM |
| The QBee MultiSensor Camera through 4.16.4 accepts unencrypted network traffic from clients (such as the QBee Cam application through 1.0.5 for Android and the Swisscom Home application up to 10.7.2 for Android), which results in an attacker being able to reuse cookies to bypass authentication and disable the camera. | |||||
| CVE-2018-16275 | 1 Opswat | 1 Metadefender | 2020-08-24 | 6.8 MEDIUM | 7.8 HIGH |
| OPSWAT MetaDefender before v4.11.2 allows CSV injection. | |||||
| CVE-2018-16281 | 1 Deiser | 1 Profields-project Custom Fields | 2020-08-24 | 7.5 HIGH | 9.8 CRITICAL |
| The DEISER "Profields - Project Custom Fields" app before 6.0.2 for Jira has Incorrect Access Control. | |||||
| CVE-2018-1630 | 1 Ibm | 1 Informix Dynamic Server | 2020-08-24 | 7.2 HIGH | 6.7 MEDIUM |
| IBM Informix Dynamic Server Enterprise Edition 12.1 could allow a local user logged in with database administrator user to gain root privileges through a symbolic link vulnerability in onmode. IBM X-Force ID: 144430. | |||||
| CVE-2018-16308 | 1 Ninjaforms | 1 Ninja Forms | 2020-08-24 | 6.8 MEDIUM | 8.6 HIGH |
| The Ninja Forms plugin before 3.3.14.1 for WordPress allows CSV injection. | |||||
| CVE-2018-1631 | 1 Ibm | 1 Informix Dynamic Server | 2020-08-24 | 7.2 HIGH | 6.7 MEDIUM |
| IBM Informix Dynamic Server Enterprise Edition 12.1 could allow a local user logged in with database administrator user to gain root privileges through a symbolic link vulnerability in oninit mongohash. IBM X-Force ID: 144431. | |||||
| CVE-2018-1632 | 1 Ibm | 1 Informix Dynamic Server | 2020-08-24 | 7.2 HIGH | 6.7 MEDIUM |
| IBM Informix Dynamic Server Enterprise Edition 12.1 could allow a local user logged in with database administrator user to gain root privileges through a symbolic link vulnerability in .infxdirs. IBM X-Force ID: 144432. | |||||
| CVE-2018-1633 | 1 Ibm | 1 Informix Dynamic Server | 2020-08-24 | 7.2 HIGH | 6.7 MEDIUM |
| IBM Informix Dynamic Server Enterprise Edition 12.1 could allow a local user logged in with database administrator user to gain root privileges through a symbolic link vulnerability in onsrvapd. IBM X-Force ID: 144434. | |||||
| CVE-2018-16335 | 2 Debian, Libtiff | 2 Debian Linux, Libtiff | 2020-08-24 | 6.8 MEDIUM | 8.8 HIGH |
| newoffsets handling in ChopUpSingleUncompressedStrip in tif_dirread.c in LibTIFF 4.0.9 allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted TIFF file, as demonstrated by tiff2pdf. This is a different vulnerability than CVE-2018-15209. | |||||
| CVE-2018-1634 | 1 Ibm | 1 Informix Dynamic Server | 2020-08-24 | 7.2 HIGH | 6.7 MEDIUM |
| IBM Informix Dynamic Server Enterprise Edition 12.1 could allow a local user logged in with database administrator user to gain root privileges through a symbolic link vulnerability in infos.DBSERVERNAME. IBM X-Force ID: 144437. | |||||
| CVE-2018-1635 | 1 Ibm | 1 Informix Dynamic Server | 2020-08-24 | 7.2 HIGH | 6.7 MEDIUM |
| Stack-based buffer overflow in oninit in IBM Informix Dynamic Server Enterprise Edition 12.1 allows an authenticated user to execute predefined code with root privileges, such as escalating to a root shell. IBM X-Force ID: 144439. | |||||
| CVE-2018-1636 | 1 Ibm | 1 Informix Dynamic Server | 2020-08-24 | 7.2 HIGH | 6.7 MEDIUM |
| Stack-based buffer overflow in oninit in IBM Informix Dynamic Server Enterprise Edition 12.1 allows an authenticated user to execute predefined code with root privileges, such as escalating to a root shell. IBM X-Force ID: 144441. | |||||
| CVE-2018-16367 | 1 Qduoj | 1 Onlinejudge | 2020-08-24 | 9.0 HIGH | 9.9 CRITICAL |
| In OnlineJudge 2.0, the sandbox has an incorrect access control vulnerability that can write a file anywhere. A user can write a directory listing to /tmp, and can leak file data with a #include. | |||||
| CVE-2018-16386 | 1 Swift | 1 Alliance Web Platform | 2020-08-24 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered in SWIFT Alliance Web Platform 7.1.23. A log injection (and an arbitrary log filename) can be achieved via the PATH_INFO to swp/login/EJBRemoteService/, related to com.swift.ejbgwt.j2ee.client.EjBlnvocationException error log information containing null@java:comp/env/ error messages. | |||||
| CVE-2018-16408 | 1 D-link | 2 Dir-846, Dir-846 Firmware | 2020-08-24 | 9.0 HIGH | 7.2 HIGH |
| D-Link DIR-846 devices with firmware 100.26 allow remote attackers to execute arbitrary code as root via a SetNetworkTomographySettings request by leveraging admin access. | |||||