Search
Total
201818 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2018-12435 | 1 Botan Project | 1 Botan | 2018-08-22 | 1.9 LOW | 5.9 MEDIUM |
| Botan 2.5.0 through 2.6.0 before 2.7.0 allows a memory-cache side-channel attack on ECDSA signatures, aka the Return Of the Hidden Number Problem or ROHNP, related to dsa/dsa.cpp, ec_group/ec_group.cpp, and ecdsa/ecdsa.cpp. To discover an ECDSA key, the attacker needs access to either the local machine or a different virtual machine on the same physical host. | |||||
| CVE-1999-0103 | 2018-08-22 | 5.0 MEDIUM | N/A | ||
| Echo and chargen, or other combinations of UDP services, can be used in tandem to flood the server, a.k.a. UDP bomb or UDP packet storm. | |||||
| CVE-1999-0104 | 4 Caldera, Hp, Microsoft and 1 more | 5 Openlinux, Hp-ux, Windows 95 and 2 more | 2018-08-22 | 5.0 MEDIUM | N/A |
| A later variation on the Teardrop IP denial of service attack, a.k.a. Teardrop-2. | |||||
| CVE-2018-8030 | 1 Apache | 1 Qpid Broker-j | 2018-08-21 | 5.0 MEDIUM | 7.5 HIGH |
| A Denial of Service vulnerability was found in Apache Qpid Broker-J versions 7.0.0-7.0.4 when AMQP protocols 0-8, 0-9 or 0-91 are used to publish messages with size greater than allowed maximum message size limit (100MB by default). The broker crashes due to the defect. AMQP protocols 0-10 and 1.0 are not affected. | |||||
| CVE-2018-7767 | 1 Schneider-electric | 1 U.motion Builder | 2018-08-21 | 6.8 MEDIUM | 8.8 HIGH |
| The vulnerability exists within processing of editobject.php in Schneider Electric U.motion Builder software versions prior to v1.3.4. The underlying SQLite database query is subject to SQL injection on the type input parameter. | |||||
| CVE-2018-7769 | 1 Schneider-electric | 1 U.motion Builder | 2018-08-21 | 6.8 MEDIUM | 8.8 HIGH |
| The vulnerability exists within processing of xmlserver.php in Schneider Electric U.motion Builder software versions prior to v1.3.4. The underlying SQLite database query is subject to SQL injection on the id input parameter. | |||||
| CVE-2018-7774 | 1 Schneider-electric | 1 U.motion Builder | 2018-08-21 | 6.8 MEDIUM | 8.8 HIGH |
| The vulnerability exists within processing of localize.php in Schneider Electric U.motion Builder software versions prior to v1.3.4. The underlying SQLite database query is subject to SQL injection on the username input parameter. | |||||
| CVE-2018-7766 | 1 Schneider-electric | 1 U.motion Builder | 2018-08-21 | 6.8 MEDIUM | 8.8 HIGH |
| The vulnerability exists within processing of track_getdata.php in Schneider Electric U.motion Builder software versions prior to v1.3.4. The underlying SQLite database query is subject to SQL injection on the id input parameter. | |||||
| CVE-2018-7768 | 1 Schneider-electric | 1 U.motion Builder | 2018-08-21 | 6.8 MEDIUM | 8.8 HIGH |
| The vulnerability exists within processing of loadtemplate.php in Schneider Electric U.motion Builder software versions prior to v1.3.4. The underlying SQLite database query is subject to SQL injection on the tpl input parameter. | |||||
| CVE-2018-12633 | 1 Linux | 1 Linux Kernel | 2018-08-21 | 6.3 MEDIUM | 6.3 MEDIUM |
| An issue was discovered in the Linux kernel through 4.17.2. vbg_misc_device_ioctl() in drivers/virt/vboxguest/vboxguest_linux.c reads the same user data twice with copy_from_user. The header part of the user data is double-fetched, and a malicious user thread can tamper with the critical variables (hdr.size_in and hdr.size_out) in the header between the two fetches because of a race condition, leading to severe kernel errors, such as buffer over-accesses. This bug can cause a local denial of service and information leakage. | |||||
| CVE-2016-10723 | 1 Linux | 1 Linux Kernel | 2018-08-21 | 4.9 MEDIUM | 5.5 MEDIUM |
| ** DISPUTED ** An issue was discovered in the Linux kernel through 4.17.2. Since the page allocator does not yield CPU resources to the owner of the oom_lock mutex, a local unprivileged user can trivially lock up the system forever by wasting CPU resources from the page allocator (e.g., via concurrent page fault events) when the global OOM killer is invoked. NOTE: the software maintainer has not accepted certain proposed patches, in part because of a viewpoint that "the underlying problem is non-trivial to handle." | |||||
| CVE-2018-8802 | 1 Unisys | 2 Clearpath Eportal Manager, Eportal-2200 | 2018-08-21 | 6.5 MEDIUM | 8.1 HIGH |
| SQL injection vulnerability in the management interface in ePortal Manager allows remote attackers to execute arbitrary SQL commands via unspecified parameters. | |||||
| CVE-2018-0571 | 1 Basercms | 1 Basercms | 2018-08-21 | 4.0 MEDIUM | 4.3 MEDIUM |
| baserCMS (baserCMS 4.1.0.1 and earlier versions, baserCMS 3.0.15 and earlier versions) allows remote attackers with a site operator privilege to upload arbitrary files. | |||||
| CVE-2018-0574 | 1 Basercms | 1 Basercms | 2018-08-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| Cross-site scripting vulnerability in baserCMS (baserCMS 4.1.0.1 and earlier versions, baserCMS 3.0.15 and earlier versions) allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | |||||
| CVE-2018-0575 | 1 Basercms | 1 Basercms | 2018-08-21 | 5.0 MEDIUM | 5.3 MEDIUM |
| baserCMS (baserCMS 4.1.0.1 and earlier versions, baserCMS 3.0.15 and earlier versions) allows remote attackers to bypass access restriction in mail form to view a file which is uploaded by a site user via unspecified vectors. | |||||
| CVE-2018-0569 | 1 Basercms | 1 Basercms | 2018-08-21 | 6.5 MEDIUM | 8.8 HIGH |
| baserCMS (baserCMS 4.1.0.1 and earlier versions, baserCMS 3.0.15 and earlier versions) allows remote authenticated attackers to execute arbitrary OS commands via unspecified vectors. | |||||
| CVE-2018-0570 | 1 Basercms | 1 Basercms | 2018-08-21 | 3.5 LOW | 5.4 MEDIUM |
| Cross-site scripting vulnerability in baserCMS (baserCMS 4.1.0.1 and earlier versions, baserCMS 3.0.15 and earlier versions) allows remote authenticated attackers to inject arbitrary web script or HTML via unspecified vectors. | |||||
| CVE-2018-12714 | 1 Linux | 1 Linux Kernel | 2018-08-21 | 10.0 HIGH | 9.8 CRITICAL |
| An issue was discovered in the Linux kernel through 4.17.2. The filter parsing in kernel/trace/trace_events_filter.c could be called with no filter, which is an N=0 case when it expected at least one line to have been read, thus making the N-1 index invalid. This allows attackers to cause a denial of service (slab out-of-bounds write) or possibly have unspecified other impact via crafted perf_event_open and mmap system calls. | |||||
| CVE-2018-13008 | 1 Gopro | 1 Gpmf-parser | 2018-08-21 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered in gpmf-parser 1.1.2. There is a heap-based buffer over-read in GPMF_parser.c in the function GPMF_Next, related to certain checks for a positive nest_level. | |||||
| CVE-2018-13009 | 1 Gopro | 1 Gpmf-parser | 2018-08-21 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered in gpmf-parser 1.1.2. There is a heap-based buffer over-read in GPMF_parser.c in the function GPMF_Next, related to certain checks for GPMF_KEY_END and nest_level (conditional on a buffer_size_longs check). | |||||
| CVE-2018-13011 | 1 Gopro | 1 Gpmf-parser | 2018-08-21 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered in gpmf-parser 1.1.2. There is a heap-based buffer over-read in GPMF_parser.c in the function GPMF_Validate. | |||||
| CVE-2018-13007 | 1 Gopro | 1 Gpmf-parser | 2018-08-21 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered in gpmf-parser 1.1.2. There is a heap-based buffer over-read in GPMF_parser.c in the function GPMF_Next, related to certain checks for GPMF_KEY_END and nest_level (not conditional on a buffer_size_longs check). | |||||
| CVE-2018-12973 | 1 Opentsdb | 1 Opentsdb | 2018-08-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| An issue was discovered in OpenTSDB 2.3.0. There is XSS in parameter 'json' to the /q URI. | |||||
| CVE-2018-13003 | 1 Opentsdb | 1 Opentsdb | 2018-08-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| An issue was discovered in OpenTSDB 2.3.0. There is XSS in parameter 'type' to the /suggest URI. | |||||
| CVE-2018-12928 | 2 Canonical, Linux | 2 Ubuntu Linux, Linux Kernel | 2018-08-21 | 4.9 MEDIUM | 5.5 MEDIUM |
| In the Linux kernel 4.15.0, a NULL pointer dereference was discovered in hfs_ext_read_extent in hfs.ko. This can occur during a mount of a crafted hfs filesystem. | |||||
| CVE-2018-13021 | 1 Hongcms Project | 1 Hongcms | 2018-08-21 | 9.0 HIGH | 7.2 HIGH |
| An issue was discovered in HongCMS 3.0.0. There is an Arbitrary Script File Upload issue that can result in PHP code execution via the admin/index.php/template/upload URI. | |||||
| CVE-2018-1000513 | 1 Limesurvey | 1 Limesurvey | 2018-08-21 | 3.5 LOW | 4.8 MEDIUM |
| LimeSurvey version 3.0.0-beta.3+17110 contains a Cross Site Scripting (XSS) vulnerability in Boxes that can result in JS code execution against LimeSurvey admins. This vulnerability appears to have been fixed in 3.6.x. | |||||
| CVE-2018-1000534 | 1 Joplin Project | 1 Joplin | 2018-08-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| Joplin version prior to 1.0.90 contains a XSS evolving into code execution due to enabled nodeIntegration for that particular BrowserWindow instance where XSS was identified from vulnerability in Note content field - information on the fix can be found here https://github.com/laurent22/joplin/commit/494e235e18659574f836f84fcf9f4d4fcdcfcf89 that can result in executing unauthorized code within the rights in which the application is running. This attack appear to be exploitable via Victim synchronizing notes from the cloud services or other note-keeping services which contain malicious code. This vulnerability appears to have been fixed in 1.0.90 and later. | |||||
| CVE-2018-0584 | 1 Iij | 1 Smartkey | 2018-08-21 | 5.0 MEDIUM | 7.5 HIGH |
| IIJ SmartKey App for Android version 2.1.0 and earlier allows remote attackers to bypass authentication [effect_of_bypassing_authentication] via unspecified vectors. | |||||
| CVE-2013-0657 | 1 Schneider-electric | 1 Interactive Graphical Scada System | 2018-08-21 | 10.0 HIGH | N/A |
| Stack-based buffer overflow in Schneider Electric Interactive Graphical SCADA System (IGSS) 10 and earlier allows remote attackers to execute arbitrary code by sending TCP port-12397 data that does not comply with a protocol. | |||||
| CVE-2018-1000212 | 2018-08-20 | N/A | N/A | ||
| ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2018-1999022. Reason: This candidate is a reservation duplicate of CVE-2018-1999022. Notes: All CVE users should reference CVE-2018-1999022 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage. | |||||
| CVE-2018-1000213 | 2018-08-20 | N/A | N/A | ||
| ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2018-1999023. Reason: This candidate is a reservation duplicate of CVE-2018-1999023. Notes: All CVE users should reference CVE-2018-1999023 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage. | |||||
| CVE-2018-1000214 | 2018-08-20 | N/A | N/A | ||
| ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2018-1999024. Reason: This candidate is a reservation duplicate of CVE-2018-1999024. Notes: All CVE users should reference CVE-2018-1999024 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage. | |||||
| CVE-2018-1000220 | 2018-08-20 | N/A | N/A | ||
| ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2014-5462. Reason: This candidate is a reservation duplicate of CVE-2014-5462. Notes: All CVE users should reference CVE-2014-5462 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage. | |||||
| CVE-2018-10658 | 1 Axis | 780 A1001, A1001 Firmware, A8004-v and 777 more | 2018-08-20 | 5.0 MEDIUM | 7.5 HIGH |
| There was a Memory Corruption issue discovered in multiple models of Axis IP Cameras which causes a denial of service (crash). The crash arises from code inside libdbus-send.so shared object or similar. | |||||
| CVE-2018-10663 | 1 Axis | 780 A1001, A1001 Firmware, A8004-v and 777 more | 2018-08-20 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered in multiple models of Axis IP Cameras. There is an Incorrect Size Calculation. | |||||
| CVE-2018-10664 | 1 Axis | 780 A1001, A1001 Firmware, A8004-v and 777 more | 2018-08-20 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered in the httpd process in multiple models of Axis IP Cameras. There is Memory Corruption. | |||||
| CVE-2018-10659 | 1 Axis | 780 A1001, A1001 Firmware, A8004-v and 777 more | 2018-08-20 | 5.0 MEDIUM | 7.5 HIGH |
| There was a Memory Corruption issue discovered in multiple models of Axis IP Cameras which allows remote attackers to cause a denial of service (crash) by sending a crafted command which will result in a code path that calls the UND undefined ARM instruction. | |||||
| CVE-2018-1000514 | 1 Limesurvey | 1 Limesurvey | 2018-08-20 | 4.3 MEDIUM | 4.3 MEDIUM |
| LimeSurvey version 3.0.0-beta.3+17110 contains a Cross ite Request Forgery (CSRF) vulnerability in Boxes that can result in CSRF admins to delete boxes. This vulnerability appears to have been fixed in 3.6.x. | |||||
| CVE-2018-1000540 | 1 Loboevolution Project | 1 Loboevolution | 2018-08-20 | 6.8 MEDIUM | 7.8 HIGH |
| LoboEvolution version < 9b75694cedfa4825d4a2330abf2719d470c654cd contains a XML External Entity (XXE) vulnerability in XML Parsing when viewing the XML file in the browser that can result in disclosure of confidential data, denial of service, server side request forgery. This attack appear to be exploitable via Specially crafted XML file. | |||||
| CVE-2018-1000508 | 1 Wpulike | 1 Ulike | 2018-08-20 | 3.5 LOW | 4.8 MEDIUM |
| WP ULike version 2.8.1, 3.1 contains a Cross Site Scripting (XSS) vulnerability in Settings screen that can result in allows unauthorised users to do almost anything an admin can. This attack appear to be exploitable via Admin must visit logs page. This vulnerability appears to have been fixed in 3.2. | |||||
| CVE-2018-1000512 | 1 Tooltipy Project | 1 Tooltipy | 2018-08-20 | 4.3 MEDIUM | 6.1 MEDIUM |
| Tooltipy Tooltipy (tooltips for WP) version 5 contains a Cross Site Scripting (XSS) vulnerability in Glossary shortcode that can result in could allow anybody to do almost anything an admin can. This attack appear to be exploitable via Admin must follow a link. This vulnerability appears to have been fixed in 5.1. | |||||
| CVE-2018-1000515 | 1 News-articles Project | 1 News-articles | 2018-08-20 | 5.0 MEDIUM | 7.5 HIGH |
| ventrian News-Articles version NewsArticles.00.09.11 contains a XML External Entity (XXE) vulnerability in News-Articles/API/MetaWebLog/Handler.ashx.vb that can result in Attacker can read any file in the server or use smbrelay attack to access to server.. | |||||
| CVE-2018-12712 | 1 Joomla | 1 Joomla\! | 2018-08-20 | 6.5 MEDIUM | 8.8 HIGH |
| An issue was discovered in Joomla! 2.5.0 through 3.8.8 before 3.8.9. The autoload code checks classnames to be valid, using the "class_exists" function in PHP. In PHP 5.3, this function validates invalid names as valid, which can result in a Local File Inclusion. | |||||
| CVE-2018-12902 | 1 Easymagazine Project | 1 Easymagazine | 2018-08-20 | 4.3 MEDIUM | 6.1 MEDIUM |
| In Easy Magazine through 2012-10-26, there is XSS in the search bar of the web site. | |||||
| CVE-2018-14524 | 1 Gnu | 1 Libredwg | 2018-08-20 | 4.3 MEDIUM | 6.5 MEDIUM |
| dwg_decode_eed in decode.c in GNU LibreDWG before 0.6 leads to a double free (in dwg_free_eed in free.c) because it does not properly manage the obj->eed value after a free occurs. | |||||
| CVE-2018-12905 | 1 Joyplus-cms Project | 1 Joyplus-cms | 2018-08-20 | 4.3 MEDIUM | 6.1 MEDIUM |
| joyplus-cms 1.6.0 has XSS in admin_player.php, related to manager/index.php "system manage" and "add" actions. | |||||
| CVE-2018-12912 | 1 Hongcms Project | 1 Hongcms | 2018-08-20 | 6.5 MEDIUM | 7.2 HIGH |
| An issue wan discovered in admin\controllers\database.php in HongCMS 3.0.0. There is a SQL Injection vulnerability via an admin/index.php/database/operate?dbaction=emptytable&tablename= URI. | |||||
| CVE-2018-12711 | 1 Joomla | 1 Joomla\! | 2018-08-20 | 4.3 MEDIUM | 6.1 MEDIUM |
| An XSS issue was discovered in the language switcher module in Joomla! 1.6.0 through 3.8.8 before 3.8.9. In some cases, the link of the current language might contain unescaped HTML special characters. This may lead to reflective XSS via injection of arbitrary parameters and/or values on the current page URL. | |||||
| CVE-2018-12589 | 1 Polarisoffice | 1 Polaris Office 2017 | 2018-08-20 | 6.8 MEDIUM | 7.8 HIGH |
| Polaris Office 2017 8.1 allows attackers to execute arbitrary code via a Trojan horse puiframeworkproresenu.dll file in the current working directory. | |||||