Search
Total
201818 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2018-20645 | 1 Basic B2b Script Project | 1 Basic B2b Script | 2020-08-24 | 3.5 LOW | 5.4 MEDIUM |
| PHP Scripts Mall Basic B2B Script 2.0.9 has HTML injection via the First Name or Last Name field. | |||||
| CVE-2018-20671 | 1 Gnu | 1 Binutils | 2020-08-24 | 4.3 MEDIUM | 5.5 MEDIUM |
| load_specific_debug_section in objdump.c in GNU Binutils through 2.31.1 contains an integer overflow vulnerability that can trigger a heap-based buffer overflow via a crafted section size. | |||||
| CVE-2018-20673 | 1 Gnu | 1 Binutils | 2020-08-24 | 4.3 MEDIUM | 5.5 MEDIUM |
| The demangle_template function in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.31.1, contains an integer overflow vulnerability (for "Create an array for saving the template argument values") that can trigger a heap-based buffer overflow, as demonstrated by nm. | |||||
| CVE-2018-20685 | 7 Canonical, Debian, Netapp and 4 more | 11 Ubuntu Linux, Debian Linux, Cloud Backup and 8 more | 2020-08-24 | 2.6 LOW | 5.3 MEDIUM |
| In OpenSSH 7.9, scp.c in the scp client allows remote SSH servers to bypass intended access restrictions via the filename of . or an empty filename. The impact is modifying the permissions of the target directory on the client side. | |||||
| CVE-2018-20698 | 1 Search-guard | 1 Search Guard | 2020-08-24 | 4.3 MEDIUM | 6.1 MEDIUM |
| The floragunn Search Guard plugin before 6.x-16 for Kibana allows URL injection for login redirects on the login page when basePath is set. | |||||
| CVE-2018-20718 | 1 Pydio | 1 Pydio | 2020-08-24 | 10.0 HIGH | 9.8 CRITICAL |
| In Pydio before 8.2.2, an attack is possible via PHP Object Injection because a user is allowed to use the $phpserial$a:0:{} syntax to store a preference. An attacker either needs a "public link" of a file, or access to any unprivileged user account for creation of such a link. | |||||
| CVE-2018-20752 | 1 Recon-ng Project | 1 Recon-ng | 2020-08-24 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered in Recon-ng before 4.9.5. Lack of validation in the modules/reporting/csv.py file allows CSV injection. More specifically, when a Twitter user possesses an Excel macro for a username, it will not be properly sanitized when exported to a CSV file. This can result in remote code execution for the attacker. | |||||
| CVE-2018-20769 | 1 Xerox | 58 Workcentre 3655, Workcentre 3655 Firmware, Workcentre 3655i and 55 more | 2020-08-24 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered on Xerox WorkCentre 3655, 3655i, 58XX, 58XXi, 59XX, 59XXi, 6655, 6655i, 72XX, 72XXi, 78XX, 78XXi, 7970, 7970i, EC7836, and EC7856 devices before R18-05 073.xxx.0487.15000. There is a Local File Inclusion vulnerability. | |||||
| CVE-2018-20798 | 1 Netgate | 1 Pfsense | 2020-08-24 | 5.0 MEDIUM | 7.5 HIGH |
| The expiretable configuration in pfSense 2.4.4_1 establishes block durations that are incompatible with the block durations implemented by sshguard, which might make it easier for attackers to bypass intended access restrictions. | |||||
| CVE-2018-20819 | 1 Dropbox | 1 Lepton | 2020-08-24 | 6.8 MEDIUM | 7.8 HIGH |
| io/ZlibCompression.cc in the decompression component in Dropbox Lepton 1.2.1 allows attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact by crafting a jpg image file. The root cause is a missing check of header payloads that may be (incorrectly) larger than the maximum file size. | |||||
| CVE-2018-20821 | 1 Sass-lang | 1 Libsass | 2020-08-24 | 4.3 MEDIUM | 6.5 MEDIUM |
| The parsing component in LibSass through 3.5.5 allows attackers to cause a denial-of-service (uncontrolled recursion in Sass::Parser::parse_css_variable_value in parser.cpp). | |||||
| CVE-2018-20822 | 1 Sass-lang | 1 Libsass | 2020-08-24 | 4.3 MEDIUM | 6.5 MEDIUM |
| LibSass 3.5.4 allows attackers to cause a denial-of-service (uncontrolled recursion in Sass::Complex_Selector::perform in ast.hpp and Sass::Inspect::operator in inspect.cpp). | |||||
| CVE-2018-8634 | 1 Microsoft | 3 Windows 10, Windows Server 2016, Windows Server 2019 | 2020-08-24 | 9.3 HIGH | 8.8 HIGH |
| A remote code execution vulnerability exists in Windows where Microsoft text-to-speech fails to properly handle objects in the memory, aka "Microsoft Text-To-Speech Remote Code Execution Vulnerability." This affects Windows Server 2016, Windows 10, Windows Server 2019, Windows 10 Servers. | |||||
| CVE-2018-8636 | 1 Microsoft | 2 Excel, Office 365 Proplus | 2020-08-24 | 9.3 HIGH | 7.8 HIGH |
| A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory, aka "Microsoft Excel Remote Code Execution Vulnerability." This affects Office 365 ProPlus, Microsoft Office, Microsoft Excel. This CVE ID is unique from CVE-2018-8597. | |||||
| CVE-2018-8637 | 1 Microsoft | 3 Windows 10, Windows Server 2016, Windows Server 2019 | 2020-08-24 | 2.1 LOW | 5.5 MEDIUM |
| An information disclosure vulnerability exists in Windows kernel that could allow an attacker to retrieve information that could lead to a Kernel Address Space Layout Randomization (KASLR) bypass, aka "Win32k Information Disclosure Vulnerability." This affects Windows 10 Servers, Windows 10, Windows Server 2019. | |||||
| CVE-2018-8638 | 1 Microsoft | 2 Windows 10, Windows Server 2019 | 2020-08-24 | 2.1 LOW | 5.5 MEDIUM |
| An information disclosure vulnerability exists when DirectX improperly handles objects in memory, aka "DirectX Information Disclosure Vulnerability." This affects Windows 10, Windows Server 2019. | |||||
| CVE-2018-8643 | 1 Microsoft | 9 Internet Explorer, Windows 10, Windows 7 and 6 more | 2020-08-24 | 7.6 HIGH | 7.5 HIGH |
| A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer, aka "Scripting Engine Memory Corruption Vulnerability." This affects Internet Explorer 9, Internet Explorer 11, Internet Explorer 10. | |||||
| CVE-2018-8649 | 1 Microsoft | 2 Windows 10, Windows Server 2019 | 2020-08-24 | 4.9 MEDIUM | 5.5 MEDIUM |
| A denial of service vulnerability exists when Windows improperly handles objects in memory, aka "Windows Denial of Service Vulnerability." This affects Windows 10, Windows Server 2019. | |||||
| CVE-2018-20851 | 1 Helpy.io | 1 Helpy | 2020-08-24 | 6.5 MEDIUM | 8.8 HIGH |
| Helpy before 2.2.0 allows agents to edit admins. | |||||
| CVE-2018-20853 | 1 Mailpoet | 1 Mailpoet Newsletters | 2020-08-24 | 5.0 MEDIUM | 5.3 MEDIUM |
| An issue was discovered in the MailPoet Newsletters (aka wysija-newsletters) plugin before 2.8.2 for WordPress. The plugin is vulnerable to SPAM attacks. | |||||
| CVE-2018-20859 | 1 Edx | 1 Edx-platform | 2020-08-24 | 4.3 MEDIUM | 6.1 MEDIUM |
| edx-platform before 2018-07-18 allows XSS via a response to a Chemical Equation advanced problem. | |||||
| CVE-2018-20862 | 1 Cpanel | 1 Cpanel | 2020-08-24 | 2.1 LOW | 7.8 HIGH |
| cPanel before 76.0.8 unsafely performs PostgreSQL password changes (SEC-366). | |||||
| CVE-2018-20871 | 1 Univa | 1 Grid Engine | 2020-08-24 | 6.8 MEDIUM | 9.8 CRITICAL |
| In Univa Grid Engine before 8.6.3, when configured for Docker jobs and execd spooling on root_squash, weak file permissions ("other" write access) occur in certain cases (GE-6890). | |||||
| CVE-2018-20880 | 1 Cpanel | 1 Cpanel | 2020-08-24 | 2.1 LOW | 3.3 LOW |
| cPanel before 74.0.8 mishandles account suspension because of an invalid email_accounts.json file (SEC-445). | |||||
| CVE-2018-20886 | 1 Cpanel | 1 Cpanel | 2020-08-24 | 4.6 MEDIUM | 5.3 MEDIUM |
| cPanel before 74.0.0 insecurely stores phpMyAdmin session files (SEC-418). | |||||
| CVE-2018-20892 | 1 Cpanel | 1 Cpanel | 2020-08-24 | 4.0 MEDIUM | 4.3 MEDIUM |
| cPanel before 74.0.0 allows arbitrary zone file modifications because of incorrect CAA record handling (SEC-439). | |||||
| CVE-2018-20904 | 1 Cpanel | 1 Cpanel | 2020-08-24 | 4.0 MEDIUM | 4.3 MEDIUM |
| cPanel before 71.9980.37 allows attackers to make API calls that bypass the cron feature restriction (SEC-427). | |||||
| CVE-2018-20905 | 1 Cpanel | 1 Cpanel | 2020-08-24 | 5.5 MEDIUM | 5.4 MEDIUM |
| cPanel before 71.9980.37 allows attackers to make API calls that bypass the backup feature restriction (SEC-429). | |||||
| CVE-2018-20906 | 1 Cpanel | 1 Cpanel | 2020-08-24 | 4.0 MEDIUM | 4.3 MEDIUM |
| cPanel before 71.9980.37 allows attackers to make API calls that bypass the images feature restriction (SEC-430). | |||||
| CVE-2018-20907 | 1 Cpanel | 1 Cpanel | 2020-08-24 | 4.0 MEDIUM | 4.3 MEDIUM |
| cPanel before 71.9980.37 does not enforce the Mime::list_hotlinks API feature restriction (SEC-432). | |||||
| CVE-2018-20908 | 1 Cpanel | 1 Cpanel | 2020-08-24 | 2.1 LOW | 5.5 MEDIUM |
| cPanel before 71.9980.37 allows arbitrary file-read operations during pkgacct custom template handling (SEC-435). | |||||
| CVE-2018-20909 | 1 Cpanel | 1 Cpanel | 2020-08-24 | 3.6 LOW | 7.1 HIGH |
| cPanel before 70.0.23 allows arbitrary file-chmod operations during legacy incremental backups (SEC-338). | |||||
| CVE-2018-20926 | 1 Cpanel | 1 Cpanel | 2020-08-24 | 7.2 HIGH | 6.7 MEDIUM |
| cPanel before 70.0.23 allows local privilege escalation via the WHM Locale XML Upload interface (SEC-380). | |||||
| CVE-2018-20936 | 1 Cpanel | 1 Cpanel | 2020-08-24 | 2.1 LOW | 3.3 LOW |
| cPanel before 68.0.27 allows attackers to read the SRS secret via exim.conf (SEC-308). | |||||
| CVE-2018-20954 | 1 Mailpile | 1 Mailpile | 2020-08-24 | 5.0 MEDIUM | 7.5 HIGH |
| The "Security and Privacy" Encryption feature in Mailpile before 1.0.0rc4 does not exclude disabled, revoked, and expired keys. | |||||
| CVE-2018-20959 | 1 Jura | 2 E8, E8 Firmware | 2020-08-24 | 4.8 MEDIUM | 8.1 HIGH |
| Jura E8 devices lack Bluetooth connection security. | |||||
| CVE-2018-20960 | 1 Nespresso | 2 Prodigo, Prodigo Firmware | 2020-08-24 | 4.8 MEDIUM | 8.1 HIGH |
| Nespresso Prodigio devices lack Bluetooth connection security. | |||||
| CVE-2018-20979 | 1 Rocklobster | 1 Contact Form 7 | 2020-08-24 | 7.5 HIGH | 9.8 CRITICAL |
| The contact-form-7 plugin before 5.0.4 for WordPress has privilege escalation because of capability_type mishandling in register_post_type. | |||||
| CVE-2018-20984 | 1 Patreon | 1 Patreon Wordpress | 2020-08-24 | 7.5 HIGH | 9.8 CRITICAL |
| The patreon-connect plugin before 1.2.2 for WordPress has Object Injection. | |||||
| CVE-2018-20988 | 1 Google Forms Project | 1 Google Forms | 2020-08-24 | 5.0 MEDIUM | 7.5 HIGH |
| The wpgform plugin before 0.94 for WordPress has eval injection in the CAPTCHA calculation. | |||||
| CVE-2018-20992 | 1 Claxon Project | 1 Claxon | 2020-08-24 | 4.3 MEDIUM | 6.5 MEDIUM |
| An issue was discovered in the claxon crate before 0.4.1 for Rust. Uninitialized memory can be exposed because certain decode buffer sizes are mishandled. | |||||
| CVE-2018-20993 | 1 Yaml-rust Project | 1 Yaml-rust | 2020-08-24 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered in the yaml-rust crate before 0.4.1 for Rust. There is uncontrolled recursion during deserialization. | |||||
| CVE-2018-20994 | 1 Trust-dns-proto Project | 1 Trust-dns-proto | 2020-08-24 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered in the trust-dns-proto crate before 0.5.0-alpha.3 for Rust. There is infinite recursion because DNS message compression is mishandled. | |||||
| CVE-2018-20999 | 1 Orion Project | 1 Orion | 2020-08-24 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered in the orion crate before 0.11.2 for Rust. reset() calls cause incorrect results. | |||||
| CVE-2018-21005 | 1 Bbpress Move Topics Project | 1 Bbpress Move Topics | 2020-08-24 | 7.5 HIGH | 9.8 CRITICAL |
| The bbp-move-topics plugin before 1.1.6 for WordPress has code injection. | |||||
| CVE-2018-21017 | 1 Gpac | 1 Gpac | 2020-08-24 | 4.3 MEDIUM | 6.5 MEDIUM |
| GPAC 0.7.1 has a memory leak in dinf_Read in isomedia/box_code_base.c. | |||||
| CVE-2018-21035 | 1 Qt | 1 Qt | 2020-08-24 | 5.0 MEDIUM | 7.5 HIGH |
| In Qt through 5.14.1, the WebSocket implementation accepts up to 2GB for frames and 2GB for messages. Smaller limits cannot be configured. This makes it easier for attackers to cause a denial of service (memory consumption). | |||||
| CVE-2018-21072 | 1 Google | 1 Android | 2020-08-24 | 10.0 HIGH | 9.8 CRITICAL |
| An issue was discovered on Samsung mobile devices with M(6.0), N(7.x), and O(8.0) (Exynos chipsets) software. A kernel driver allows out-of-bounds Read/Write operations and possibly arbitrary code execution. The Samsung ID is SVE-2018-11358 (May 2018). | |||||
| CVE-2018-2362 | 1 Sap | 1 Hana | 2020-08-24 | 5.0 MEDIUM | 5.3 MEDIUM |
| A remote unauthenticated attacker, SAP HANA 1.00 and 2.00, could send specially crafted SOAP requests to the SAP Startup Service and disclose information such as the platform's hostname. | |||||
| CVE-2018-2369 | 1 Sap | 1 Hana | 2020-08-24 | 5.0 MEDIUM | 5.3 MEDIUM |
| Under certain conditions SAP HANA, 1.00, 2.00, allows an unauthenticated attacker to access information which would otherwise be restricted. An attacker can misuse the authentication function of the SAP HANA server on its SQL interface and disclose 8 bytes of the server process memory. The attacker cannot influence or predict the location of the leaked memory. | |||||