Search
Total
201818 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2017-18262 | 1 Blackboard | 1 Blackboard Learn | 2018-06-12 | 5.8 MEDIUM | 6.1 MEDIUM |
| Blackboard Learn (Since at least 17th of October 2017) has allowed Unvalidated Redirects on any signed-in user through its endpoints for handling Shibboleth logins, as demonstrated by a webapps/bb-auth-provider-shibboleth-BBLEARN/execute/shibbolethLogin?returnUrl= URI. | |||||
| CVE-2017-17539 | 1 Fortinet | 1 Fortiwlc | 2018-06-12 | 10.0 HIGH | 9.8 CRITICAL |
| The presence of a hardcoded account in Fortinet FortiWLC 7.0.11 and earlier allows attackers to gain unauthorized read/write access via a remote shell. | |||||
| CVE-2017-17540 | 1 Fortinet | 1 Fortiwlc | 2018-06-12 | 10.0 HIGH | 9.8 CRITICAL |
| The presence of a hardcoded account in Fortinet FortiWLC 8.3.3 allows attackers to gain unauthorized read/write access via a remote shell. | |||||
| CVE-2015-1503 | 1 Icewarp | 1 Mail Server | 2018-06-12 | 7.8 HIGH | 7.5 HIGH |
| Multiple directory traversal vulnerabilities in IceWarp Mail Server before 11.2 allow remote attackers to read arbitrary files via a (1) .. (dot dot) in the file parameter to a webmail/client/skins/default/css/css.php page or .../. (dot dot dot slash dot) in the (2) script or (3) style parameter to webmail/old/calendar/minimizer/index.php. | |||||
| CVE-2013-6272 | 1 Google | 1 Android | 2018-06-12 | 6.8 MEDIUM | 7.8 HIGH |
| The NotificationBroadcastReceiver class in the com.android.phone process in Google Android 4.1.1 through 4.4.2 allows attackers to bypass intended access restrictions and consequently make phone calls to arbitrary numbers, send mmi or ussd codes, or hangup ongoing calls via a crafted application. | |||||
| CVE-2018-10750 | 1 D-link | 2 Dsl-3782, Dsl-3782 Firmware | 2018-06-12 | 9.3 HIGH | 8.8 HIGH |
| An issue was discovered on D-Link DSL-3782 EU 1.01 devices. An authenticated user can pass a long buffer as a 'staticGet' parameter to the '/userfs/bin/tcapi' binary (in the Diagnostics component) using the 'staticGet <node_name attr>' function and cause memory corruption. Furthermore, it is possible to redirect the flow of the program and execute arbitrary code. | |||||
| CVE-2018-10778 | 1 Mp3gain | 1 Mp3gain | 2018-06-12 | 6.8 MEDIUM | 7.8 HIGH |
| Read access violation in the III_dequantize_sample function in mpglibDBL/layer3.c in mp3gain through 1.5.2-r2 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact, a different vulnerability than CVE-2017-9872 and CVE-2017-14409. | |||||
| CVE-2018-10776 | 1 Mp3gain | 1 Mp3gain | 2018-06-12 | 6.8 MEDIUM | 7.8 HIGH |
| The getbits function in mpglibDBL/common.c in mp3gain through 1.5.2-r2 allows remote attackers to cause a denial of service (segmentation fault and application crash) or possibly have unspecified other impact. | |||||
| CVE-2018-10777 | 1 Mp3gain | 1 Mp3gain | 2018-06-12 | 6.8 MEDIUM | 7.8 HIGH |
| Buffer overflow in the WriteMP3GainAPETag function in apetag.c in mp3gain through 1.5.2-r2 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact. | |||||
| CVE-2018-10758 | 1 Datenstrom | 1 Yellow | 2018-06-12 | 5.8 MEDIUM | 6.5 MEDIUM |
| The edit/ URI in Datenstrom Yellow 0.7.3 has CSRF via a delete action that can delete articles. | |||||
| CVE-2018-10757 | 1 Csp Mysql User Manager Project | 1 Csp Mysql User Manager | 2018-06-12 | 7.5 HIGH | 9.8 CRITICAL |
| CSP MySQL User Manager 2.3.1 allows SQL injection, and resultant Authentication Bypass, via a crafted username during a login attempt. | |||||
| CVE-2018-10749 | 1 D-link | 2 Dsl-3782, Dsl-3782 Firmware | 2018-06-12 | 9.0 HIGH | 8.8 HIGH |
| An issue was discovered on D-Link DSL-3782 EU 1.01 devices. An authenticated user can pass a long buffer as a 'commit' parameter to the '/userfs/bin/tcapi' binary (in the Diagnostics component) using the 'commit <node_name>' function and cause memory corruption. Furthermore, it is possible to redirect the flow of the program and execute arbitrary code. | |||||
| CVE-2018-10746 | 1 D-link | 2 Dsl-3782, Dsl-3782 Firmware | 2018-06-12 | 9.0 HIGH | 8.8 HIGH |
| An issue was discovered on D-Link DSL-3782 EU 1.01 devices. An authenticated user can pass a long buffer as a 'get' parameter to the '/userfs/bin/tcapi' binary (in the Diagnostics component) using the 'get <node_name attr>' function and cause memory corruption. Furthermore, it is possible to redirect the flow of the program and execute arbitrary code. | |||||
| CVE-2018-10747 | 1 D-link | 2 Dsl-3782, Dsl-3782 Firmware | 2018-06-12 | 9.0 HIGH | 8.8 HIGH |
| An issue was discovered on D-Link DSL-3782 EU 1.01 devices. An authenticated user can pass a long buffer as an 'unset' parameter to the '/userfs/bin/tcapi' binary (in the Diagnostics component) using the 'unset <node_name>' function and cause memory corruption. Furthermore, it is possible to redirect the flow of the program and execute arbitrary code. | |||||
| CVE-2018-10748 | 1 D-link | 2 Dsl-3782, Dsl-3782 Firmware | 2018-06-12 | 9.0 HIGH | 8.8 HIGH |
| An issue was discovered on D-Link DSL-3782 EU 1.01 devices. An authenticated user can pass a long buffer as a 'show' parameter to the '/userfs/bin/tcapi' binary (in the Diagnostics component) using the 'show <node_name>' function and cause memory corruption. Furthermore, it is possible to redirect the flow of the program and execute arbitrary code. | |||||
| CVE-2018-10723 | 1 Rangerstudio | 1 Directus | 2018-06-12 | 7.5 HIGH | 9.8 CRITICAL |
| Directus 6.4.9 has a hardcoded admin password for the Admin account because of an INSERT statement in api/schema.sql. | |||||
| CVE-2016-2827 | 1 Mozilla | 1 Firefox | 2018-06-12 | 4.3 MEDIUM | 6.5 MEDIUM |
| The mozilla::net::IsValidReferrerPolicy function in Mozilla Firefox before 49.0 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a Content Security Policy (CSP) referrer directive with zero values. | |||||
| CVE-2016-5250 | 1 Mozilla | 1 Firefox | 2018-06-12 | 5.0 MEDIUM | 4.3 MEDIUM |
| Mozilla Firefox before 48.0, Firefox ESR < 45.4 and Thunderbird < 45.4 allow remote attackers to obtain sensitive information about the previously retrieved page via Resource Timing API calls. | |||||
| CVE-2016-5257 | 1 Mozilla | 2 Firefox, Firefox Esr | 2018-06-12 | 7.5 HIGH | 9.8 CRITICAL |
| Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 49.0, Firefox ESR 45.x before 45.4 and Thunderbird < 45.4 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors. | |||||
| CVE-2016-5261 | 1 Mozilla | 1 Firefox | 2018-06-12 | 7.5 HIGH | 8.8 HIGH |
| Integer overflow in the WebSocketChannel class in the WebSockets subsystem in Mozilla Firefox before 48.0 and Firefox ESR < 45.4 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted packets that trigger incorrect buffer-resize operations during buffering. | |||||
| CVE-2016-5270 | 1 Mozilla | 2 Firefox, Firefox Esr | 2018-06-12 | 7.5 HIGH | 9.8 CRITICAL |
| Heap-based buffer overflow in the nsCaseTransformTextRunFactory::TransformString function in Mozilla Firefox before 49.0, Firefox ESR 45.x before 45.4, and Thunderbird < 45.4 allows remote attackers to cause a denial of service (boolean out-of-bounds write) or possibly have unspecified other impact via Unicode characters that are mishandled during text conversion. | |||||
| CVE-2016-5272 | 1 Mozilla | 2 Firefox, Firefox Esr | 2018-06-12 | 6.8 MEDIUM | 8.8 HIGH |
| The nsImageGeometryMixin class in Mozilla Firefox before 49.0, Firefox ESR 45.x before 45.4, and Thunderbird < 45.4 does not properly perform a cast of an unspecified variable during handling of INPUT elements, which allows remote attackers to execute arbitrary code via a crafted web site. | |||||
| CVE-2016-5274 | 1 Mozilla | 2 Firefox, Firefox Esr | 2018-06-12 | 7.5 HIGH | 9.8 CRITICAL |
| Use-after-free vulnerability in the nsFrameManager::CaptureFrameState function in Mozilla Firefox before 49.0, Firefox ESR 45.x before 45.4, and Thunderbird < 45.4 allows remote attackers to execute arbitrary code by leveraging improper interaction between restyling and the Web Animations model implementation. | |||||
| CVE-2016-5276 | 1 Mozilla | 2 Firefox, Firefox Esr | 2018-06-12 | 7.5 HIGH | 9.8 CRITICAL |
| Use-after-free vulnerability in the mozilla::a11y::DocAccessible::ProcessInvalidationList function in Mozilla Firefox before 49.0, Firefox ESR 45.x before 45.4, and Thunderbird < 45.4 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via an aria-owns attribute. | |||||
| CVE-2016-5277 | 1 Mozilla | 2 Firefox, Firefox Esr | 2018-06-12 | 7.5 HIGH | 9.8 CRITICAL |
| Use-after-free vulnerability in the nsRefreshDriver::Tick function in Mozilla Firefox before 49.0, Firefox ESR 45.x before 45.4, and Thunderbird < 45.4 allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) by leveraging improper interaction between timeline destruction and the Web Animations model implementation. | |||||
| CVE-2016-5278 | 1 Mozilla | 2 Firefox, Firefox Esr | 2018-06-12 | 6.8 MEDIUM | 8.8 HIGH |
| Heap-based buffer overflow in the nsBMPEncoder::AddImageFrame function in Mozilla Firefox before 49.0, Firefox ESR 45.x before 45.4, and Thunderbird < 45.4 allows remote attackers to execute arbitrary code via a crafted image data that is mishandled during the encoding of an image frame to an image. | |||||
| CVE-2017-5031 | 2 Google, Microsoft | 2 Chrome, Windows | 2018-06-12 | 6.8 MEDIUM | 8.8 HIGH |
| A use after free in ANGLE in Google Chrome prior to 57.0.2987.98 for Windows allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. | |||||
| CVE-2018-7406 | 1 Foxitsoftware | 2 Phantompdf, Reader | 2018-06-08 | 6.8 MEDIUM | 8.8 HIGH |
| An issue was discovered in Foxit Reader before 9.1 and PhantomPDF before 9.1. This vulnerability allows remote attackers to execute arbitrary code. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the u3d images inside of a pdf. The issue results from the lack of proper validation of user-supplied data, which can result in an array indexing issue. An attacker can leverage this to execute code in the context of the current process. | |||||
| CVE-2018-7407 | 1 Foxitsoftware | 2 Phantompdf, Reader | 2018-06-08 | 6.8 MEDIUM | 8.8 HIGH |
| An issue was discovered in Foxit Reader before 9.1 and PhantomPDF before 9.1. This vulnerability allows remote attackers to execute arbitrary code. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists when rendering U3D images inside of pdf files. The issue results from the lack of proper validation of user-supplied data, which can result in a type confusion condition. An attacker can leverage this to execute code in the context of the current process. | |||||
| CVE-2018-5680 | 1 Foxitsoftware | 2 Phantompdf, Reader | 2018-06-08 | 6.8 MEDIUM | 8.8 HIGH |
| This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader before 9.1 and PhantomPDF before 9.1. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing of specially crafted pdf files with embedded u3d images. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated object. An attacker can leverage this in conjunction with other vulnerabilities to execute code in the context of the current process, a different vulnerability than CVE-2018-5677 and CVE-2018-5679. | |||||
| CVE-2018-5675 | 1 Foxitsoftware | 2 Phantompdf, Reader | 2018-06-08 | 6.8 MEDIUM | 8.8 HIGH |
| This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader before 9.1 and PhantomPDF before 9.1. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing of specially crafted pdf files with embedded u3d images. Crafted data in the PDF file can trigger an out-of-bounds write on a buffer. An attacker can leverage this vulnerability to execute code under the context of the current process. | |||||
| CVE-2018-5676 | 1 Foxitsoftware | 2 Phantompdf, Reader | 2018-06-08 | 6.8 MEDIUM | 8.8 HIGH |
| This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader before 9.1 and PhantomPDF before 9.1. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing of specially crafted pdf files with embedded u3d images. Crafted data in the PDF file can trigger an overflow of a heap-based buffer. An attacker can leverage this vulnerability to execute code under the context of the current process, a different vulnerability than CVE-2018-5674 and CVE-2018-5678. | |||||
| CVE-2018-5677 | 1 Foxitsoftware | 2 Phantompdf, Reader | 2018-06-08 | 6.8 MEDIUM | 8.8 HIGH |
| This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader before 9.1 and PhantomPDF before 9.1. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing of specially crafted pdf files with embedded u3d images. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated object. An attacker can leverage this in conjunction with other vulnerabilities to execute code in the context of the current process, a different vulnerability than CVE-2018-5679 and CVE-2018-5680. | |||||
| CVE-2018-5678 | 1 Foxitsoftware | 2 Phantompdf, Reader | 2018-06-08 | 6.8 MEDIUM | 8.8 HIGH |
| This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader before 9.1 and PhantomPDF before 9.1. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing of specially crafted pdf files with embedded u3d images. Crafted data in the PDF file can trigger an overflow of a heap-based buffer. An attacker can leverage this vulnerability to execute code under the context of the current process, a different vulnerability than CVE-2018-5674 and CVE-2018-5676. | |||||
| CVE-2018-5679 | 1 Foxitsoftware | 2 Phantompdf, Reader | 2018-06-08 | 6.8 MEDIUM | 8.8 HIGH |
| This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader before 9.1 and PhantomPDF before 9.1. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing of specially crafted pdf files with embedded u3d images. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated object. An attacker can leverage this in conjunction with other vulnerabilities to execute code in the context of the current process, a different vulnerability than CVE-2018-5677 and CVE-2018-5680. | |||||
| CVE-2018-5674 | 1 Foxitsoftware | 2 Phantompdf, Reader | 2018-06-08 | 6.8 MEDIUM | 8.8 HIGH |
| This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader before 9.1 and PhantomPDF before 9.1. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing of specially crafted pdf files with embedded u3d images. Crafted data in the PDF file can trigger an overflow of a heap-based buffer. An attacker can leverage this vulnerability to execute code under the context of the current process, a different vulnerability than CVE-2018-5676 and CVE-2018-5678. | |||||
| CVE-2018-11596 | 1 Espruino | 1 Espruino | 2018-06-08 | 4.3 MEDIUM | 5.5 MEDIUM |
| Espruino before 1.99 allows attackers to cause a denial of service (application crash) with a user crafted input file via a Buffer Overflow during syntax parsing because a check for '\0' is made for the wrong array element in jsvar.c. | |||||
| CVE-2018-11598 | 1 Espruino | 1 Espruino | 2018-06-08 | 5.8 MEDIUM | 7.1 HIGH |
| Espruino before 1.99 allows attackers to cause a denial of service (application crash) and a potential Information Disclosure with user crafted input files via a Buffer Overflow or Out-of-bounds Read during syntax parsing of certain for loops in jsparse.c. | |||||
| CVE-2018-11594 | 1 Espruino | 1 Espruino | 2018-06-08 | 4.3 MEDIUM | 5.5 MEDIUM |
| Espruino before 1.99 allows attackers to cause a denial of service (application crash) with a user crafted input file via a Buffer Overflow during syntax parsing of "VOID" tokens in jsparse.c. | |||||
| CVE-2018-11595 | 1 Espruino | 1 Espruino | 2018-06-08 | 6.8 MEDIUM | 7.8 HIGH |
| Espruino before 1.99 allows attackers to cause a denial of service (application crash) and a potential Escalation of Privileges with a user crafted input file via a Buffer Overflow during syntax parsing, because strncat is misused. | |||||
| CVE-2018-11590 | 1 Espruino | 1 Espruino | 2018-06-08 | 4.3 MEDIUM | 5.5 MEDIUM |
| Espruino before 1.99 allows attackers to cause a denial of service (application crash) with a user crafted input file via an integer overflow during syntax parsing. This was addressed by fixing stack size detection on Linux in jsutils.c. | |||||
| CVE-2018-11591 | 1 Espruino | 1 Espruino | 2018-06-08 | 4.3 MEDIUM | 5.5 MEDIUM |
| Espruino before 1.98 allows attackers to cause a denial of service (application crash) with a user crafted input file via a NULL pointer dereference during syntax parsing. This was addressed by adding validation for a debug trace print statement in jsvar.c. | |||||
| CVE-2018-11592 | 1 Espruino | 1 Espruino | 2018-06-08 | 4.3 MEDIUM | 5.5 MEDIUM |
| Espruino before 1.98 allows attackers to cause a denial of service (application crash) with a user crafted input file via an Out-of-bounds Read during syntax parsing in which certain height validation is missing in libs/graphics/jswrap_graphics.c. | |||||
| CVE-2016-4655 | 1 Apple | 1 Iphone Os | 2018-06-08 | 7.1 HIGH | 5.5 MEDIUM |
| The kernel in Apple iOS before 9.3.5 allows attackers to obtain sensitive information from memory via a crafted app. | |||||
| CVE-2016-4656 | 1 Apple | 1 Iphone Os | 2018-06-08 | 9.3 HIGH | 7.8 HIGH |
| The kernel in Apple iOS before 9.3.5 allows attackers to execute arbitrary code in a privileged context or cause a denial of service (memory corruption) via a crafted app. | |||||
| CVE-2016-4657 | 1 Apple | 1 Iphone Os | 2018-06-08 | 6.8 MEDIUM | 8.8 HIGH |
| WebKit in Apple iOS before 9.3.5 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site. | |||||
| CVE-2013-4035 | 1 Ibm | 1 Sterling Connect | 2018-06-07 | 4.1 MEDIUM | 7.3 HIGH |
| IBM Sterling Connect:Direct for OpenVMS 3.4.00, 3.4.01, 3.5.00, 3.6.0, and 3.6.0.1 allow remote attackers to have unspecified impact by leveraging failure to reject client requests for an unencrypted session when used as the server in a TCP/IP session and configured for SSL encryption with the client. IBM X-Force ID: 86138. | |||||
| CVE-2018-1000172 | 1 Imagely | 1 Nextgen Gallery | 2018-06-07 | 3.5 LOW | 4.8 MEDIUM |
| Imagely NextGEN Gallery version 2.2.30 and earlier contains a Cross Site Scripting (XSS) vulnerability in Image Alt & Title Text. This attack appears to be exploitable via a victim viewing the image in the administrator page. This vulnerability appears to have been fixed in 2.2.45. | |||||
| CVE-2018-10570 | 1 Frogcms Project | 1 Frogcms | 2018-06-07 | 3.5 LOW | 4.8 MEDIUM |
| Frog CMS 0.9.5 has XSS in /install/index.php via the ['config']['admin_username'] field. | |||||
| CVE-2018-10574 | 1 Bigtreecms | 1 Bigtree Cms | 2018-06-07 | 7.5 HIGH | 9.8 CRITICAL |
| site/index.php/admin/trees/add/ in BigTree 4.2.22 and earlier allows remote attackers to upload and execute arbitrary PHP code because the BigTreeStorage class in core/inc/bigtree/apis/storage.php does not prevent uploads of .htaccess files. | |||||