Search
Total
201818 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2017-6001 | 1 Linux | 1 Linux Kernel | 2018-06-20 | 7.6 HIGH | 7.0 HIGH |
| Race condition in kernel/events/core.c in the Linux kernel before 4.9.7 allows local users to gain privileges via a crafted application that makes concurrent perf_event_open system calls for moving a software group into a hardware context. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-6786. | |||||
| CVE-2017-7308 | 1 Linux | 1 Linux Kernel | 2018-06-20 | 7.2 HIGH | 7.8 HIGH |
| The packet_set_ring function in net/packet/af_packet.c in the Linux kernel through 4.10.6 does not properly validate certain block-size data, which allows local users to cause a denial of service (integer signedness error and out-of-bounds write), or gain privileges (if the CAP_NET_RAW capability is held), via crafted system calls. | |||||
| CVE-2017-7616 | 1 Linux | 1 Linux Kernel | 2018-06-20 | 2.1 LOW | 5.5 MEDIUM |
| Incorrect error handling in the set_mempolicy and mbind compat syscalls in mm/mempolicy.c in the Linux kernel through 4.10.9 allows local users to obtain sensitive information from uninitialized stack data by triggering failure of a certain bitmap operation. | |||||
| CVE-2018-1064 | 2 Debian, Redhat | 2 Debian Linux, Libvirt | 2018-06-20 | 5.0 MEDIUM | 7.5 HIGH |
| libvirt version before 4.2.0-rc1 is vulnerable to a resource exhaustion as a result of an incomplete fix for CVE-2018-5748 that affects QEMU monitor but now also triggered via QEMU guest agent. | |||||
| CVE-2018-11101 | 1 Signal | 1 Signal-desktop | 2018-06-19 | 4.3 MEDIUM | 6.1 MEDIUM |
| Open Whisper Signal (aka Signal-Desktop) through 1.10.1 allows XSS via a resource location specified in an attribute of a SCRIPT, IFRAME, or IMG element, leading to JavaScript execution after a reply, a different vulnerability than CVE-2018-10994. The attacker needs to send HTML code directly as a message, and then reply to that message to trigger this vulnerability. The Signal-Desktop software fails to sanitize specific HTML elements that can be used to inject HTML code into remote chat windows when replying to an HTML message. Specifically the IMG and IFRAME elements can be used to include remote or local resources. For example, the use of an IFRAME element enables full code execution, allowing an attacker to download/upload files, information, etc. The SCRIPT element was also found to be injectable. On the Windows operating system, the CSP fails to prevent remote inclusion of resources via the SMB protocol. In this case, remote execution of JavaScript can be achieved by referencing the script on an SMB share within an IFRAME element, for example: <IFRAME src=\\DESKTOP-XXXXX\Temp\test.html> and then replying to it. The included JavaScript code is then executed automatically, without any interaction needed from the user. The vulnerability can be triggered in the Signal-Desktop client by sending a specially crafted message and then replying to it with any text or content in the reply (it doesn't matter). | |||||
| CVE-2018-11031 | 1 Gouguoyin | 1 Phprap | 2018-06-19 | 10.0 HIGH | 9.8 CRITICAL |
| application/home/controller/debug.php in PHPRAP 1.0.4 through 1.0.8 has SSRF via the /debug URI, as demonstrated by an api[url]=file:////etc/passwd&api[method]=get POST request. | |||||
| CVE-2018-0568 | 1 Sitebridge | 1 Joruri Gw | 2018-06-19 | 6.5 MEDIUM | 8.8 HIGH |
| Unrestricted file upload vulnerability in SiteBridge Inc. Joruri Gw Ver 3.2.0 and earlier allows remote authenticated users to execute arbitrary PHP code via unspecified vectors. | |||||
| CVE-2017-12126 | 1 Moxa | 2 Edr-810, Edr-810 Firmware | 2018-06-19 | 6.8 MEDIUM | 8.8 HIGH |
| An exploitable cross-site request forgery vulnerability exists in the web server functionality of Moxa EDR-810 V4.1 build 17030317. A specially crafted HTTP packet can cause cross-site request forgery. An attacker can create malicious HTML to trigger this vulnerability. | |||||
| CVE-2018-0579 | 1 Webdados | 1 Open Graph For Facebook\, Google\+ And Twitter Card Tags | 2018-06-19 | 4.3 MEDIUM | 6.1 MEDIUM |
| Cross-site scripting vulnerability in Open Graph for Facebook, Google+ and Twitter Card Tags plugin prior to version 2.2.4.1 for WordPress allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | |||||
| CVE-2018-5230 | 1 Atlassian | 1 Jira | 2018-06-19 | 4.3 MEDIUM | 6.1 MEDIUM |
| The issue collector in Atlassian Jira before version 7.6.6, from version 7.7.0 before version 7.7.4, from version 7.8.0 before version 7.8.4 and from version 7.9.0 before version 7.9.2 allows remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability in the error message of custom fields when an invalid value is specified. | |||||
| CVE-2018-11127 | 1 E107 | 1 E107 | 2018-06-19 | 4.3 MEDIUM | 6.5 MEDIUM |
| e107 2.1.7 has CSRF resulting in arbitrary user deletion. | |||||
| CVE-2018-11245 | 1 Misp-project | 1 Misp | 2018-06-19 | 4.3 MEDIUM | 6.1 MEDIUM |
| app/webroot/js/misp.js in MISP 2.4.91 has a DOM based XSS with cortex type attributes. | |||||
| CVE-2018-11098 | 1 Frog Cms Project | 1 Frog Cms | 2018-06-19 | 6.5 MEDIUM | 7.2 HIGH |
| An issue was discovered in Frog CMS 0.9.5. There is a file upload vulnerability via the admin/?/plugin/file_manager/upload URI, a similar issue to CVE-2014-4912. | |||||
| CVE-2018-10326 | 1 Printeron | 1 Printeron | 2018-06-19 | 3.5 LOW | 5.4 MEDIUM |
| PrinterOn Enterprise 4.1.3 suffers from multiple authenticated stored XSS vulnerabilities via the (1) department field in the printer configuration, (2) description field in the print server configuration, and (3) username field for authentication to print as guest. | |||||
| CVE-2018-3661 | 1 Intel | 2 Selview, Syscfg | 2018-06-19 | 2.1 LOW | 5.5 MEDIUM |
| Buffer overflow in Intel system Configuration utilities selview.exe and syscfg.exe before version 14 build 11 allows a local user to crash these services potentially resulting in a denial of service. | |||||
| CVE-2018-11032 | 1 Gouguoyin | 1 Phprap | 2018-06-19 | 7.5 HIGH | 9.8 CRITICAL |
| PHPRAP 1.0.4 through 1.0.8 has SQL Injection via the application/home/controller/project.php search() function. | |||||
| CVE-2018-11126 | 1 Doorgets | 1 Doorgets | 2018-06-19 | 6.8 MEDIUM | 8.8 HIGH |
| dg-user/?controller=users&action=add in doorGets 7.0 has CSRF that results in adding an administrator account. | |||||
| CVE-2018-1147 | 1 Tenable | 1 Nessus | 2018-06-19 | 3.5 LOW | 5.4 MEDIUM |
| In Nessus before 7.1.0, a XSS vulnerability exists due to improper input validation. A remote authenticated attacker could create and upload a .nessus file, which may be viewed by an administrator allowing for the execution of arbitrary script code in a user's browser session. In other scenarios, XSS could also occur by altering variables from the Advanced Settings. | |||||
| CVE-2017-16860 | 1 Atlassian | 1 Application Links | 2018-06-19 | 4.3 MEDIUM | 6.1 MEDIUM |
| The invalidRedirectUrl template in Atlassian Application Links before version 5.2.7, from version 5.3.0 before version 5.3.4 and from version 5.4.0 before version 5.4.3 allows remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability in the redirectUrl parameter link in the redirect warning message. | |||||
| CVE-2018-10730 | 1 Phoenixcontact | 58 Fl Switch 3004t-fx, Fl Switch 3004t-fx Firmware, Fl Switch 3004t-fx St and 55 more | 2018-06-19 | 9.0 HIGH | 9.1 CRITICAL |
| All Phoenix Contact managed FL SWITCH 3xxx, 4xxx, 48xx products running firmware version 1.0 to 1.33 are prone to OS command injection. | |||||
| CVE-2018-11033 | 1 Xpdfreader | 1 Xpdf | 2018-06-19 | 6.8 MEDIUM | 7.8 HIGH |
| The DCTStream::readHuffSym function in Stream.cc in the DCT decoder in xpdf before 4.00 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via crafted JPEG data. | |||||
| CVE-2018-10810 | 1 Livezilla | 1 Livezilla | 2018-06-19 | 4.3 MEDIUM | 6.1 MEDIUM |
| chat/mobile/index.php in LiveZilla Live Chat 7.0.9.5 and prior is affected by Cross-Site Scripting via the Accept-Language HTTP header. | |||||
| CVE-2018-11105 | 1 Wp-livechat | 1 Wp Live Chat Support | 2018-06-19 | 4.3 MEDIUM | 6.1 MEDIUM |
| There is stored cross site scripting in the wp-live-chat-support plugin before 8.0.08 for WordPress via the "name" (aka wplc_name) and "email" (aka wplc_email) input fields to wp-json/wp_live_chat_support/v1/start_chat whenever a malicious attacker would initiate a new chat with an administrator. NOTE: this issue exists because of an incomplete fix for CVE-2018-9864. | |||||
| CVE-2018-10306 | 1 Ilias | 1 Ilias | 2018-06-19 | 4.3 MEDIUM | 6.1 MEDIUM |
| Services/Form/classes/class.ilDateDurationInputGUI.php and Services/Form/classes/class.ilDateTimeInputGUI.php in ILIAS 5.1.x through 5.3.x before 5.3.4 allow XSS via an invalid date. | |||||
| CVE-2018-11232 | 1 Linux | 1 Linux Kernel | 2018-06-19 | 4.9 MEDIUM | 5.5 MEDIUM |
| The etm_setup_aux function in drivers/hwtracing/coresight/coresight-etm-perf.c in the Linux kernel before 4.10.2 allows attackers to cause a denial of service (panic) because a parameter is incorrectly used as a local variable. | |||||
| CVE-2017-7583 | 1 Ilias | 1 Ilias | 2018-06-19 | 4.3 MEDIUM | 6.1 MEDIUM |
| ILIAS before 5.2.3 has XSS via SVG documents. | |||||
| CVE-2017-15538 | 1 Ilias | 1 Ilias | 2018-06-19 | 3.5 LOW | 5.4 MEDIUM |
| Stored XSS vulnerability in the Media Objects component of ILIAS before 5.1.21 and 5.2.x before 5.2.9 allows an authenticated user to inject JavaScript to gain administrator privileges, related to the setParameter function in Services/MediaObjects/classes/class.ilMediaItem.php. | |||||
| CVE-2018-10027 | 1 Estsoft | 1 Alzip | 2018-06-19 | 4.6 MEDIUM | 7.8 HIGH |
| ESTsoft ALZip before 10.76 allows local users to execute arbitrary code via creating a malicious .DLL file and installing it in a specific directory: %PROGRAMFILES%\ESTsoft\ALZip\Formats, %PROGRAMFILES%\ESTsoft\ALZip\Coders, %PROGRAMFILES(X86)%\ESTsoft\ALZip\Formats, or %PROGRAMFILES(X86)%\ESTsoft\ALZip\Coders. | |||||
| CVE-2018-10760 | 1 Projectpier | 1 Projectpier | 2018-06-19 | 6.5 MEDIUM | 8.8 HIGH |
| Unrestricted file upload vulnerability in the Files plugin in ProjectPier 0.88 and earlier allows remote authenticated users to execute arbitrary PHP code by uploading a file with an executable extension, then accessing it via a direct request to the file in the tmp directory under the document root. | |||||
| CVE-2018-3568 | 1 Google | 1 Android | 2018-06-19 | 4.6 MEDIUM | 7.8 HIGH |
| In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with all Android releases from CAF using the Linux kernel before security patch level 2018-04-05, in __wlan_hdd_cfg80211_vendor_scan(), a buffer overwrite can potentially occur. | |||||
| CVE-2018-5827 | 1 Google | 1 Android | 2018-06-19 | 4.6 MEDIUM | 7.8 HIGH |
| In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with all Android releases from CAF using the Linux kernel before security patch level 2018-04-05, a buffer overflow vulnerability exists in WLAN while processing an extscan hotlist event. | |||||
| CVE-2018-3567 | 1 Google | 1 Android | 2018-06-19 | 4.6 MEDIUM | 7.8 HIGH |
| In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with all Android releases from CAF using the Linux kernel before security patch level 2018-04-05, a buffer overflow vulnerability exists in WLAN while processing the HTT_T2H_MSG_TYPE_PEER_MAP or HTT_T2H_MSG_TYPE_PEER_UNMAP messages. | |||||
| CVE-2017-15855 | 1 Google | 1 Android | 2018-06-19 | 4.6 MEDIUM | 7.8 HIGH |
| In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with all Android releases from CAF using the Linux kernel before security patch level 2018-04-05, the camera application triggers "user-memory-access" issue as the Camera CPP module Linux driver directly accesses the application provided buffer, which resides in user space. An unchecked userspace value (ioctl_ptr->len) is used to copy contents to a kernel buffer which can lead to kernel buffer overflow. | |||||
| CVE-2017-2815 | 1 Igniterealtime | 1 User Import Export | 2018-06-19 | 5.5 MEDIUM | 8.1 HIGH |
| An exploitable XML entity injection vulnerability exists in OpenFire User Import Export Plugin 2.6.0. A specially crafted web request can cause the retrieval of arbitrary files or denial of service. An authenticated attacker can send a crafted web request to trigger this vulnerability. | |||||
| CVE-2015-4665 | 1 Xceedium | 1 Xsuite | 2018-06-19 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in ajax_cmd.php in Xceedium Xsuite 2.4.4.1 and earlier allows remote attackers to inject arbitrary web script or HTML via the fileName parameter. | |||||
| CVE-2015-4666 | 1 Xceedium | 1 Xsuite | 2018-06-19 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in opm/read_sessionlog.php in Xceedium Xsuite 2.4.4.5 and earlier allows remote attackers to read arbitrary files via a ....// (quadruple dot double slash) in the logFile parameter. | |||||
| CVE-2018-10682 | 1 Wildfly | 1 Wildfly | 2018-06-18 | 10.0 HIGH | 9.8 CRITICAL |
| ** DISPUTED ** An issue was discovered in WildFly 10.1.2.Final. It is possible for an attacker to access the administration panel on TCP port 9990 without any authentication using "anonymous" access that is automatically created. Once logged in, a misconfiguration present by default (auto-deployment) permits an anonymous user to deploy a malicious .war file, leading to remote code execution. NOTE: the vendor indicates that anonymous access is not available in the default installation; however, it remains optional because there are several use cases for it, including development environments and network architectures that have a proxy server for access control to the WildFly server. | |||||
| CVE-2018-10184 | 2 Haproxy, Redhat | 2 Haproxy, Enterprise Linux | 2018-06-18 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered in HAProxy before 1.8.8. The incoming H2 frame length was checked against the max_frame_size setting instead of being checked against the bufsize. The max_frame_size only applies to outgoing traffic and not to incoming, so if a large enough frame size is advertised in the SETTINGS frame, a wrapped frame will be defragmented into a temporary allocated buffer where the second fragment may overflow the heap by up to 16 kB. It is very unlikely that this can be exploited for code execution given that buffers are very short lived and their addresses not realistically predictable in production, but the likelihood of an immediate crash is absolutely certain. | |||||
| CVE-2018-3612 | 1 Intel | 18 Ayaplcel.86a, Bios, Bnkbl357.86a and 15 more | 2018-06-18 | 7.2 HIGH | 7.8 HIGH |
| Intel NUC kits with insufficient input validation in system firmware, potentially allows a local attacker to elevate privileges to System Management Mode (SMM). | |||||
| CVE-2018-10831 | 1 Zclassic | 1 Z-nomp | 2018-06-18 | 5.0 MEDIUM | 7.5 HIGH |
| Z-NOMP before 2018-04-05 has an incorrect Equihash solution verifier that allows attackers to spoof mining shares, as demonstrated by providing a solution with {x1=1,x2=1,x3=1,...,x512=1} to bypass this verifier for any blockheader. This originally affected (for example) the Bitcoin Gold and Zcash cryptocurrencies, and continued to be exploited in the wild in May 2018 against smaller cryptocurrencies. | |||||
| CVE-2018-8119 | 1 Microsoft | 3 C Software Development Kit, Csharp Software Development Kit, Java Software Development Kit | 2018-06-18 | 6.8 MEDIUM | 5.6 MEDIUM |
| A spoofing vulnerability exists when the Azure IoT Device Provisioning AMQP Transport library improperly validates certificates over the AMQP protocol, aka "Azure IoT SDK Spoofing Vulnerability." This affects C# SDK, C SDK, Java SDK. | |||||
| CVE-2018-9112 | 1 Foxconn | 2 Ap-fc4064-t, Ap-fc4064-t Firmware | 2018-06-18 | 7.5 HIGH | 9.8 CRITICAL |
| A low privileged admin account with a weak default password of admin exists on the Foxconn FEMTO AP-FC4064-T AP_GT_B38_5.8.3lb15-W47 LTE Build 15. In addition, its web management page relies on the existence or values of cookies when performing security-critical operations. One can gain privileges by modifying cookies. | |||||
| CVE-2018-0581 | 1 Asus | 2 Rt-ac87u, Rt-ac87u Firmware | 2018-06-18 | 4.3 MEDIUM | 6.1 MEDIUM |
| Cross-site scripting vulnerability in ASUS RT-AC87U Firmware version prior to 3.0.0.4.378.9383 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | |||||
| CVE-2018-11004 | 1 Sdcms | 1 Sdcms | 2018-06-18 | 6.8 MEDIUM | 8.8 HIGH |
| An issue was discovered in SDcms v1.5. Cross-site request forgery (CSRF) vulnerability in /WWW//app/admin/controller/admincontroller.php allows remote attackers to add administrator accounts via m=admin&c=admin&a=add. | |||||
| CVE-2018-11003 | 1 Yxcms | 1 Yxcms | 2018-06-18 | 4.3 MEDIUM | 6.5 MEDIUM |
| An issue was discovered in YXcms 1.4.7. Cross-site request forgery (CSRF) vulnerability in protected/apps/admin/controller/adminController.php allows remote attackers to delete administrator accounts via index.php?r=admin/admin/admindel. | |||||
| CVE-2018-10996 | 1 D-link | 2 Dir-629-b, Dir-629-b Firmware | 2018-06-18 | 10.0 HIGH | 9.8 CRITICAL |
| The weblogin_log function in /htdocs/cgibin on D-Link DIR-629-B1 devices allows attackers to execute arbitrary code or cause a denial of service (buffer overflow) via a session.cgi?ACTION=logout request involving a long REMOTE_ADDR environment variable. | |||||
| CVE-2018-11256 | 1 Podofo Project | 1 Podofo | 2018-06-18 | 4.3 MEDIUM | 6.5 MEDIUM |
| An issue was discovered in PoDoFo 0.9.5. The function PdfDocument::Append() in PdfDocument.cpp in PoDoFo 0.9.5 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted PDF document. | |||||
| CVE-2017-14436 | 1 Moxa | 2 Edr-810, Edr-810 Firmware | 2018-06-18 | 5.0 MEDIUM | 7.5 HIGH |
| An exploitable denial of service vulnerability exists in the web server functionality of Moxa EDR-810 V4.1 build 17030317. A specially crafted HTTP URI can cause a null pointer dereference resulting in denial of service. An attacker can send a GET request to "/MOXA\_CFG2.ini" without a cookie header to trigger this vulnerability. | |||||
| CVE-2018-10994 | 1 Signal | 1 Signal-desktop | 2018-06-18 | 4.3 MEDIUM | 6.1 MEDIUM |
| js/views/message_view.js in Open Whisper Signal (aka Signal-Desktop) before 1.10.1 allows XSS via a URL. | |||||
| CVE-2018-11090 | 1 Mybiz | 1 Myprocurenet | 2018-06-18 | 4.3 MEDIUM | 6.1 MEDIUM |
| An XSS issue was discovered in MyBiz MyProcureNet 5.0.0. This vulnerability within "ProxyPage.aspx" allows an attacker to inject malicious client side scripting which will be executed in the browser of users if they visit the manipulated site. | |||||