All CVEs — 2018 (Page 2/120)

Browse all CVEs by publication year. Use filters to refine.

CVSS ≥ 0.0

2018-12-28

Medium

CVE-2018-20538

There is a use-after-free at asm/preproc.c (function pp_getline) in Netwide Assembler (NASM) 2.14rc16 that will cause a denial of service during certain finishes tests.

CVSS: 5.5 CWE: CWE-416

Medium

CVE-2018-20537

There is a NULL pointer dereference at liblas::SpatialReference::GetGTIF() (spatialreference.cpp) in libLAS 1.8.1 that will cause a denial of service.

CVSS: 6.5 CWE: CWE-476

Medium

CVE-2018-20536

There is a heap-based buffer over-read at liblas::SpatialReference::GetGTIF() (spatialreference.cpp) in libLAS 1.8.1 that will cause a denial of service.

CVSS: 6.5 CWE: CWE-125

Medium

CVE-2018-20535

There is a use-after-free at asm/preproc.c (function pp_getline) in Netwide Assembler (NASM) 2.14rc16 that will cause a denial of service during a line-number increment attempt.

CVSS: 5.5 CWE: CWE-416

Medium

CVE-2018-20534

There is an illegal address access at ext/testcase.c in libsolv.a in libsolv through 0.7.2 that will cause a denial of service. NOTE: third parties dispute this issue stating that the issue affects t…

CVSS: 6.5 CWE: CWE-119

Medium

CVE-2018-20533

There is a NULL pointer dereference at ext/testcase.c (function testcase_str2dep_complex) in libsolvext.a in libsolv through 0.7.2 that will cause a denial of service.

CVSS: 6.5 CWE: CWE-476

Medium

CVE-2018-20532

There is a NULL pointer dereference at ext/testcase.c (function testcase_read) in libsolvext.a in libsolv through 0.7.2 that will cause a denial of service.

CVSS: 6.5 CWE: CWE-476

Medium

CVE-2018-20530

PHP Scripts Mall Website Seller Script 2.0.5 has XSS via a Profile field such as Company Address, a related issue to CVE-2018-15896.

CVSS: 5.4 CWE: CWE-79

Medium

CVE-2018-20528

JEECMS 9 has SSRF via the ueditor/getRemoteImage.jspx upfile parameter.

CVSS: 6.5 CWE: CWE-918

High

CVE-2018-1000890

FrontAccounting 2.4.5 contains a Time Based Blind SQL Injection vulnerability in the parameter "filterType" in /attachments.php that can allow the attacker to grab the entire database of the applicat…

CVSS: 7.5 CWE: CWE-89

High

CVE-2018-1000889

Logisim Evolution version 2.14.3 and earlier contains an XML External Entity (XXE) vulnerability in Circuit file loading functionality (loadXmlFrom in src/com/cburch/logisim/file/XmlReader.java) that…

CVSS: 8.8 CWE: CWE-611

High

CVE-2018-1000888

PEAR Archive_Tar version 1.4.3 and earlier contains a CWE-502, CWE-915 vulnerability in the Archive_Tar class. There are several file operations with `$v_header['filename']` as parameter (such as fil…

CVSS: 8.8 CWE: CWE-502

Medium

CVE-2018-1000887

Peel shopping peel-shopping_9_1_0 version contains a Cross Site Scripting (XSS) vulnerability that can result in an authenticated user injecting java script code in the "Site Name EN" parameter. This…

CVSS: 4.8 CWE: CWE-79

Critical

CVE-2018-1000631

Battelle V2I Hub 3.0 is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements to the tmx/TmxCtl/src/lib/PluginStatus.cpp and TmxControl::user_info() function, whi…

CVSS: 9.8 CWE: CWE-89

High

CVE-2018-1000630

Battelle V2I Hub 2.5.1 is vulnerable to SQL injection. A remote authenticated attacker could send specially-crafted SQL statements to /api/PluginStatusActions.php and /status/pluginStatus.php using t…

CVSS: 7.2 CWE: CWE-89

Medium

CVE-2018-1000629

Battelle V2I Hub 2.5.1 is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by api/SystemConfigActions.php?action=add and the index.php script. A remote attacke…

CVSS: 6.1 CWE: CWE-79

Critical

CVE-2018-1000627

Battelle V2I Hub 2.5.1 could allow a remote attacker to obtain sensitive information, caused by the failure to restrict access to the API key file. An attacker could exploit this vulnerability to obt…

CVSS: 9.8 CWE: CWE-522

Critical

CVE-2018-1000625

Battelle V2I Hub 2.5.1 contains hard-coded credentials for the administrative account. An attacker could exploit this vulnerability to log in as an admin on any installation and gain unauthorized acc…

CVSS: 9.8 CWE: CWE-798

High

CVE-2018-1000624

Battelle V2I Hub 2.5.1 is vulnerable to a denial of service, caused by the failure to restrict access to a sensitive functionality. By visiting http://V2I_HUB/UI/powerdown.php, a remote attacker coul…

CVSS: 7.5 CWE: CWE-269

Medium

CVE-2018-15334

A cross-site request forgery (CSRF) vulnerability in the APM webtop 11.2.1 or greater may allow attacker to force an APM webtop session to log out and require re-authentication.

CVSS: 4.3 CWE: CWE-352

Medium

CVE-2018-15333

On versions 11.2.1. and greater, unrestricted Snapshot File Access allows BIG-IP system's user with any role, including Guest Role, to have access and download previously generated and available snap…

CVSS: 5.5 CWE: CWE-434

2018-12-27

Medium

CVE-2018-20524

The Chat Anywhere extension 2.4.0 for Chrome allows XSS via crafted use of <<a> in a message, because a danmuWrapper DIV element in chatbox-only\danmu.js is outside the scope of a Content Security Po…

CVSS: 6.1 CWE: CWE-79

Medium

CVE-2018-20520

MiniCMS V1.10 has XSS via the mc-admin/post-edit.php query string, a related issue to CVE-2018-10296 and CVE-2018-16233.

CVSS: 6.1 CWE: CWE-79

High

CVE-2018-20519

An issue was discovered in 74cms v4.2.111. It allows remote authenticated users to read or modify arbitrary resumes by changing a job-search intention, as demonstrated by the index.php?c=Personal&a=a…

CVSS: 8.1 CWE: CWE-20

Medium

CVE-2018-20511

An issue was discovered in the Linux kernel before 4.18.11. The ipddp_ioctl function in drivers/net/appletalk/ipddp.c allows local users to obtain sensitive kernel address information by leveraging C…

CVSS: 5.5 CWE: CWE-200

Critical

CVE-2018-20508

CrashFix 1.0.4 has SQL Injection via the User[status] parameter. This is related to actionIndex in UserController.php, and the protected\models\User.php search() function.

CVSS: 9.8 CWE: CWE-89

2018-12-26

Medium

CVE-2018-20502

An issue was discovered in Bento4 1.5.1-627. There is an attempt at excessive memory allocation in the AP4_DataBuffer class when called from AP4_HvccAtom::Create in Core/Ap4HvccAtom.cpp.

CVSS: 6.5 CWE: CWE-400

High

CVE-2018-20404

ETK_E900.sys, a SmartETK driver for VIA Technologies EPIA-E900 system board, is vulnerable to denial of service attack via IOCTL 0x9C402048, which calls memmove and constantly fails on an arbitrary (…

CVSS: 7.5 CWE: CWE-20

Medium

CVE-2018-20217

A Reachable Assertion issue was discovered in the KDC in MIT Kerberos 5 (aka krb5) before 1.17. If an attacker can obtain a krbtgt ticket using an older encryption type (single-DES, triple-DES, or RC…

CVSS: 5.3 CWE: CWE-617

Critical

CVE-2018-19873

An issue was discovered in Qt before 5.11.3. QBmpHandler has a buffer overflow via BMP data.

CVSS: 9.8 CWE: CWE-119

Medium

CVE-2018-19871

An issue was discovered in Qt before 5.11.3. There is QTgaFile Uncontrolled Resource Consumption.

CVSS: 6.5 CWE: CWE-400

High

CVE-2018-19870

An issue was discovered in Qt before 5.11.3. A malformed GIF image causes a NULL pointer dereference in QGifHandler resulting in a segmentation fault.

CVSS: 8.8 CWE: CWE-476

Medium

CVE-2018-19869

An issue was discovered in Qt before 5.11.3. A malformed SVG image causes a segmentation fault in qsvghandler.cpp.

CVSS: 6.5 CWE: CWE-20

Medium

CVE-2018-19799

Dolibarr ERP/CRM through 8.0.3 has /exports/export.php?datatoexport= XSS.

CVSS: 6.1 CWE: CWE-79

High

CVE-2018-19616

An issue was discovered in Rockwell Automation Allen-Bradley PowerMonitor 1000. An unauthenticated user can add/edit/remove administrators because access control is implemented on the client side via…

CVSS: 8.1 CWE: CWE-287

Medium

CVE-2018-19615

Rockwell Automation Allen-Bradley PowerMonitor 1000 all versions. A remote attacker could inject arbitrary code into a targeted userâs web browser to gain access to the affected device.

CVSS: 6.1 CWE: CWE-79

High

CVE-2018-19182

Engelsystem before commit hash 2e28336 allows CSRF.

CVSS: 8.8 CWE: CWE-352

High

CVE-2018-17987

The determineWinner function of a smart contract implementation for HashHeroes Tiles, an Ethereum game, uses a certain blockhash value in an attempt to generate a random number for the case where NUM…

CVSS: 7.5 CWE: CWE-330

High

CVE-2018-15518

QXmlStream in Qt 5.x before 5.11.3 has a double-free or corruption during parsing of a specially crafted illegal XML document.

CVSS: 8.8 CWE: CWE-415

Critical

CVE-2018-11742

NEC Univerge Sv9100 WebPro 6.00.00 devices have Cleartext Password Storage in the Web UI.

CVSS: 9.8 CWE: CWE-522

Critical

CVE-2018-11741

NEC Univerge Sv9100 WebPro 6.00.00 devices have Predictable Session IDs that result in Account Information Disclosure via Home.htm?sessionId=#####&GOTO(8) URIs.

CVSS: 9.8 CWE: CWE-200

Medium

CVE-2018-20486

MetInfo 6.x through 6.1.3 has XSS via the /admin/login/login_check.php url_array[] parameter.

CVSS: 6.1 CWE: CWE-79

Medium

CVE-2018-20485

Zoho ManageEngine ADSelfService Plus 5.7 before build 5702 has XSS in the employee search feature.

CVSS: 6.1 CWE: CWE-79

Medium

CVE-2018-20484

Zoho ManageEngine ADSelfService Plus 5.7 before build 5702 has XSS in the self-update layout implementation.

CVSS: 6.1 CWE: CWE-79

High

CVE-2018-20483

set_file_metadata in xattr.c in GNU Wget before 1.20.1 stores a file's origin URL in the user.xdg.origin.url metadata attribute of the extended attributes of the downloaded file, which allows local u…

CVSS: 7.8 CWE: CWE-200

Medium

CVE-2018-20482

GNU Tar through 1.30, when --sparse is used, mishandles file shrinkage during read access, which allows local users to cause a denial of service (infinite read loop in sparse_dump_region in sparse.c)…

CVSS: 4.7 CWE: CWE-835

Medium

CVE-2018-0724

Cross-site scripting (XSS) vulnerability in Q'center Virtual Appliance 1.8.1014 and earlier versions could allow remote attackers to inject Javascript code in the compromised application, a different…

CVSS: 6.1 CWE: CWE-79

Medium

CVE-2018-0723

CVSS: 6.1 CWE: CWE-79

Low

CVE-2018-17957

The YaST2 RMT module for configuring the SUSE Repository Mirroring Tool (RMT) before 1.1.2 exposed MySQL database passwords on process commandline, allowing local attackers to access or corrupt the R…

CVSS: 3.4 CWE: CWE-214

Medium

CVE-2018-20481

XRef::getEntry in XRef.cc in Poppler 0.72.0 mishandles unallocated XRef entries, which allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted PDF document, when…

CVSS: 6.5 CWE: CWE-476

Critical

CVE-2018-20480

An issue was discovered in S-CMS 1.0. It allows SQL Injection via the js/pic.php P_id parameter.

CVSS: 9.8 CWE: CWE-89

Critical

CVE-2018-20479

An issue was discovered in S-CMS 1.0. It allows SQL Injection via the wap_index.php?type=newsinfo S_id parameter.

CVSS: 9.8 CWE: CWE-89

High

CVE-2018-20478

An issue was discovered in S-CMS 1.0. It allows reading certain files, such as PHP source code, via the admin/download.php DownName parameter with a mixed-case extension, as demonstrated by a DownNam…

CVSS: 7.5 CWE: CWE-200

Critical

CVE-2018-20477

An issue was discovered in S-CMS 3.0. It allows SQL Injection via the bank/callback1.php P_no field.

CVSS: 9.8 CWE: CWE-89

Medium

CVE-2018-20476

An issue was discovered in S-CMS 3.0. It allows XSS via the admin/demo.php T_id parameter.

CVSS: 6.1 CWE: CWE-79

Medium

CVE-2018-20467

In coders/bmp.c in ImageMagick before 7.0.8-16, an input file can result in an infinite loop and hang, with high CPU and memory consumption. Remote attackers could leverage this vulnerability to caus…

CVSS: 6.5 CWE: CWE-835

2018-12-25

High

CVE-2018-20465

Craft CMS through 3.0.34 allows remote authenticated administrators to read sensitive information via server-side template injection, as demonstrated by a {% string for craft.app.config.DB.user and c…

CVSS: 7.2 CWE: CWE-311

Medium

CVE-2018-20464

There is a reflected XSS vulnerability in the CMS Made Simple 2.2.8 admin/myaccount.php. This vulnerability is triggered upon an attempt to modify a user's mailbox with the wrong format. The response…

CVSS: 6.1 CWE: CWE-79

High

CVE-2018-20463

An issue was discovered in the JSmol2WP plugin 1.07 for WordPress. There is an arbitrary file read vulnerability via ../ directory traversal in query=php://filter/resource= in the jsmol.php query str…

CVSS: 7.5 CWE: CWE-22

Medium

CVE-2018-20462

An issue was discovered in the JSmol2WP plugin 1.07 for WordPress. A cross-site scripting (XSS) vulnerability allows remote attackers to inject arbitrary web script or HTML via the jsmol.php data par…

CVSS: 6.1 CWE: CWE-79

Medium

CVE-2018-20461

In radare2 prior to 3.1.1, core_anal_bytes in libr/core/cmd_anal.c allows attackers to cause a denial-of-service (application crash caused by out-of-bounds read) by crafting a binary file.

CVSS: 5.5 CWE: CWE-125

Medium

CVE-2018-20460

In radare2 prior to 3.1.2, the parseOperands function in libr/asm/arch/arm/armass64.c allows attackers to cause a denial-of-service (application crash caused by stack-based buffer overflow) by crafti…

CVSS: 5.5 CWE: CWE-787

Medium

CVE-2018-20459

In radare2 through 3.1.3, the armass_assemble function in libr/asm/arch/arm/armass.c allows attackers to cause a denial-of-service (application crash by out-of-bounds read) by crafting an arm assembl…

CVSS: 5.5 CWE: CWE-125

Medium

CVE-2018-20458

In radare2 prior to 3.1.1, r_bin_dyldcache_extract in libr/bin/format/mach0/dyldcache.c may allow attackers to cause a denial-of-service (application crash caused by out-of-bounds read) by crafting a…

CVSS: 5.5 CWE: CWE-125

Medium

CVE-2018-20457

In radare2 through 3.1.3, the assemble function inside libr/asm/p/asm_arm_cs.c allows attackers to cause a denial-of-service (application crash via an r_num_calc out-of-bounds read) by crafting an ar…

CVSS: 5.5 CWE: CWE-125

Medium

CVE-2018-20456

In radare2 prior to 3.1.1, the parseOperand function inside libr/asm/p/asm_x86_nz.c may allow attackers to cause a denial of service (application crash in libr/util/strbuf.c via a stack-based buffer…

CVSS: 5.5 CWE: CWE-125

Medium

CVE-2018-20455

In radare2 prior to 3.1.1, the parseOperand function inside libr/asm/p/asm_x86_nz.c may allow attackers to cause a denial of service (application crash via a stack-based buffer overflow) by crafting…

CVSS: 5.5 CWE: CWE-787

Medium

CVE-2018-20454

An issue was discovered in 74cms v4.2.111. upload/index.php?c=resume&a=resume_list has XSS via the key parameter.

CVSS: 6.1 CWE: CWE-79

Medium

CVE-2018-20453

The getlong function in numutils.c in libdoc through 2017-10-23 has a heap-based buffer over-read that allows attackers to cause a denial of service (application crash) via a crafted file.

CVSS: 6.5 CWE: CWE-125

High

CVE-2018-20452

The read_MSAT_body function in ole.c in libxls 1.4.0 has an invalid free that allows attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted…

CVSS: 8.8 CWE: CWE-119

Medium

CVE-2018-20451

The process_file function in reader.c in libdoc through 2017-10-23 has a heap-based buffer over-read that allows attackers to cause a denial of service (application crash) via a crafted file.

CVSS: 6.5 CWE: CWE-125

Medium

CVE-2018-20450

The read_MSAT function in ole.c in libxls 1.4.0 has a double free that allows attackers to cause a denial of service (application crash) via a crafted file, a different vulnerability than CVE-2017-28…

CVSS: 6.5 CWE: CWE-415

Medium

CVE-2018-20448

Frog CMS 0.9.5 has XSS via the Database name field to the /install/index.php URI.

CVSS: 5.4 CWE: CWE-79

Critical

CVE-2018-20445

D-Link DCM-604 DCM604_C1_ViaCabo_1.04_20130606 and DCM-704 EU_DCM-704_1.10 devices allow remote attackers to discover Wi-Fi credentials via iso.3.6.1.4.1.4413.2.2.2.1.5.4.1.14.1.3.32 and iso.3.6.1.4.…

CVSS: 9.8 CWE: CWE-522

Critical

CVE-2018-20444

Technicolor CGA0111 CGA0111E-ES-13-E23E-c8000r5712-170217-0829-TRU devices allow remote attackers to discover Wi-Fi credentials via iso.3.6.1.4.1.4413.2.2.2.1.5.4.1.14.1.3.10001 and 1.3.6.1.4.1.4413.…

CVSS: 9.8 CWE: CWE-522

Critical

CVE-2018-20443

Technicolor TC7200.d1I TC7200.d1IE-N23E-c7000r5712-170406-HAT devices allow remote attackers to discover Wi-Fi credentials via iso.3.6.1.4.1.4413.2.2.2.1.5.4.1.14.1.3.10001 and 1.3.6.1.4.1.4413.2.2.2…

CVSS: 9.8 CWE: CWE-522

Critical

CVE-2018-20442

Technicolor TC7110.B STC8.62.02 devices allow remote attackers to discover Wi-Fi credentials via iso.3.6.1.4.1.2863.205.10.1.30.4.1.14.1.3.32 and iso.3.6.1.4.1.2863.205.10.1.30.4.2.4.1.2.32 SNMP requ…

CVSS: 9.8 CWE: CWE-522

Critical

CVE-2018-20441

Technicolor TC7200.TH2v2 SC05.00.22 devices allow remote attackers to discover Wi-Fi credentials via iso.3.6.1.4.1.2863.205.10.1.30.4.1.14.1.3.32 and iso.3.6.1.4.1.2863.205.10.1.30.4.2.4.1.2.32 SNMP…

CVSS: 9.8 CWE: CWE-522

Critical

CVE-2018-20440

Technicolor CWA0101 CWA0101E-A23E-c7000r5712-170315-SKC devices allow remote attackers to discover Wi-Fi credentials via iso.3.6.1.4.1.4413.2.2.2.1.5.4.1.14.1.3.10001 and 1.3.6.1.4.1.4413.2.2.2.1.18.…

CVSS: 9.8 CWE: CWE-522

Critical

CVE-2018-20439

Technicolor DPC3928SL D3928SL-PSIP-13-A010-c3420r55105-170214a devices allow remote attackers to discover Wi-Fi credentials via iso.3.6.1.4.1.4413.2.2.2.1.5.4.1.14.1.3.10001 and 1.3.6.1.4.1.4413.2.2.…

CVSS: 9.8 CWE: CWE-522

Critical

CVE-2018-20438

Technicolor TC7110.AR STD3.38.03 devices allow remote attackers to discover Wi-Fi credentials via iso.3.6.1.4.1.2863.205.10.1.30.4.1.14.1.3.32 and iso.3.6.1.4.1.2863.205.10.1.30.4.2.4.1.2.32 SNMP req…

CVSS: 9.8 CWE: CWE-522

High

CVE-2018-20437

An issue was discovered in the fileDownload function in the CommonController class in FEBS-Shiro before 2018-11-05. An attacker can download a file via a request of the form /common/download?filename…

CVSS: 7.5 CWE: CWE-22

2018-12-24

High

CVE-2018-20436

The "secret chat" feature in Telegram 4.9.1 for Android has a "side channel" in which Telegram servers send GET requests for URLs typed while composing a chat message, before that chat message is sen…

CVSS: 8.1 CWE: CWE-918

High

CVE-2018-20249

In Foxit Quick PDF Library (all versions prior to 16.12), issue where loading a malformed or malicious PDF containing invalid xref entries using the DAOpenFile or DAOpenFileReadOnly functions may res…

CVSS: 8.8 CWE: CWE-787

Critical

CVE-2018-20248

In Foxit Quick PDF Library (all versions prior to 16.12), issue where loading a malformed or malicious PDF containing invalid xref table pointers or invalid xref table data using the LoadFromFile, Lo…

CVSS: 9.8 CWE: CWE-787

High

CVE-2018-20247

In Foxit Quick PDF Library (all versions prior to 16.12), issue where loading a malformed or malicious PDF containing a recursive page tree structure using the LoadFromFile, LoadFromString or LoadFro…

CVSS: 7.8 CWE: CWE-121

Critical

CVE-2018-19248

The web service on Epson WorkForce WF-2861 10.48 LQ22I3(Recovery-mode), WF-2861 10.51.LQ20I6, and WF-2861 10.52.LQ17IA devices allows remote attackers to upload a firmware file and reset the printer…

CVSS: 9.1 CWE: CWE-306

Medium

CVE-2018-18960

An issue was discovered on Epson WorkForce WF-2861 10.48 LQ22I3, 10.51.LQ20I6 and 10.52.LQ17IA devices. They use SNMP to find certain devices on the network, but the default version is v2c, allowing…

CVSS: 5.9 CWE: CWE-400

High

CVE-2018-18959

An issue was discovered on Epson WorkForce WF-2861 10.48 LQ22I3, 10.51.LQ20I6 and 10.52.LQ17IA devices. On the 'Air Print Setting' web page, if the data for 'Bonjour Service Location' at /PRESENTATIO…

CVSS: 7.5 CWE: CWE-119

Critical

CVE-2018-18698

An issue was discovered on Xiaomi Mi A1 tissot_sprout:8.1.0/OPM1.171019.026/V9.6.4.0.ODHMIFE devices. They store cleartext Wi-Fi passwords in logcat during the process of setting up the phone as a ho…

CVSS: 9.8 CWE: CWE-522

High

CVE-2018-7837

An Improper Restriction of XML External Entity Reference ('XXE') vulnerability exists on numerous methods of the IIoT Monitor 3.1.38 software that could allow the software to resolve documents outsid…

CVSS: 7.5 CWE: CWE-611

Critical

CVE-2018-7836

An unrestricted Upload of File with Dangerous Type vulnerability exists on numerous methods of the IIoT Monitor 3.1.38 software that could allow upload and execution of malicious files.

CVSS: 9.8 CWE: CWE-434

High

CVE-2018-7835

An Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability exists in IIoT Monitor 3.1.38 which could allow access to files available to SYSTEM user.

CVSS: 7.5 CWE: CWE-22

High

CVE-2018-7832

An Improper Input Validation vulnerability exists in Pro-Face GP-Pro EX v4.08 and previous versions which could cause the execution arbitrary executable when GP-Pro EX is launched.

CVSS: 8.8 CWE: CWE-20

High

CVE-2018-7802

A SQL Injection vulnerability exists in EVLink Parking, v3.2.0-12_v1 and earlier, which could give access to the web interface with full privileges.

CVSS: 8.8 CWE: CWE-89

High

CVE-2018-7801

A Code Injection vulnerability exists in EVLink Parking, v3.2.0-12_v1 and earlier, which could enable access with maximum privileges when a remote code execution is performed.

CVSS: 8.8 CWE: CWE-94

Critical

CVE-2018-7800

A Hard-coded Credentials vulnerability exists in EVLink Parking, v3.2.0-12_v1 and earlier, which could enable an attacker to gain access to the device.

CVSS: 9.8 CWE: CWE-798

Medium

CVE-2018-7796

A Buffer Error vulnerability exists in PowerSuite 2, all released versions (VW3A8104 & Patches), which could cause an overflow in the memcpy function, leading to corruption of data and program instab…

CVSS: 6.3 CWE: CWE-119

High

CVE-2018-8920

Improper neutralization of escape vulnerability in Log Exporter in Synology DiskStation Manager (DSM) before 6.1.6-15266 allows remote attackers to inject arbitrary content to have an unspecified imp…

CVSS: 7.2 CWE: CWE-116

High

CVE-2018-8919

Information exposure vulnerability in SYNO.Core.Desktop.SessionData in Synology DiskStation Manager (DSM) before 6.1.6-15266 allows remote attackers to steal credentials via unspecified vectors.

CVSS: 8.3 CWE: CWE-200

Medium

CVE-2018-8917

Cross-site scripting (XSS) vulnerability in info.cgi in Synology DiskStation Manager (DSM) before 6.1.6-15266 allows remote attackers to inject arbitrary web script or HTML via the host parameter.

CVSS: 6.5 CWE: CWE-79

Medium

CVE-2018-8918

Cross-site scripting (XSS) vulnerability in info.cgi in Synology Router Manager (SRM) before 1.1.7-6941 allows remote attackers to inject arbitrary web script or HTML via the host parameter.

CVSS: 6.5 CWE: CWE-79

Medium

CVE-2018-17197

A carefully crafted or corrupt sqlite file can cause an infinite loop in Apache Tika's SQLite3Parser in versions 1.8-1.19.1 of Apache Tika.

CVSS: 6.5 CWE: CWE-835

High

CVE-2018-15465

A vulnerability in the authorization subsystem of Cisco Adaptive Security Appliance (ASA) Software could allow an authenticated, but unprivileged (levels 0 and 1), remote attacker to perform privileg…

CVSS: 8.1 CWE: CWE-285

Critical

CVE-2018-20433

c3p0 0.9.5.2 allows XXE in extractXmlConfigFromInputStream in com/mchange/v2/c3p0/cfg/C3P0ConfigXmlUtils.java during initialization.

CVSS: 9.8 CWE: CWE-611

High

CVE-2018-19357

XMPlay 3.8.3 allows remote attackers to execute arbitrary code or cause a denial of service (stack-based buffer overflow) via a crafted http:// URL in a .m3u file.

CVSS: 7.8 CWE: CWE-787

Medium

CVE-2018-20431

GNU Libextractor through 1.8 has a NULL Pointer Dereference vulnerability in the function process_metadata() in plugins/ole2_extractor.c.

CVSS: 6.5 CWE: CWE-476

Medium

CVE-2018-20430

GNU Libextractor through 1.8 has an out-of-bounds read vulnerability in the function history_extract() in plugins/ole2_extractor.c, related to EXTRACTOR_common_convert_to_utf8 in common/convert.c.

CVSS: 6.5 CWE: CWE-125

High

CVE-2018-20429

libming 0.4.8 has a NULL pointer dereference in the getName function of the decompile.c file, a different vulnerability than CVE-2018-7872 and CVE-2018-9165.

CVSS: 8.8 CWE: CWE-476

High

CVE-2018-20428

libming 0.4.8 has a NULL pointer dereference in the strlenext function of the decompile.c file, a different vulnerability than CVE-2018-7874.

CVSS: 8.8 CWE: CWE-476

High

CVE-2018-20427

libming 0.4.8 has a NULL pointer dereference in the getInt function of the decompile.c file, a different vulnerability than CVE-2018-9132.

CVSS: 8.8 CWE: CWE-476

High

CVE-2018-20426

libming 0.4.8 has a NULL pointer dereference in the newVar3 function of the decompile.c file, a different vulnerability than CVE-2018-7866.

CVSS: 8.8 CWE: CWE-476

High

CVE-2018-20425

libming 0.4.8 has a NULL pointer dereference in the pushdup function of the decompile.c file.

CVSS: 8.8 CWE: CWE-476

Medium

CVE-2018-20424

Discuz! DiscuzX 3.4, when WeChat login is enabled, allows remote attackers to delete the common_member_wechatmp data structure via an ac=unbindmp request to plugin.php.

CVSS: 5.9 CWE: CWE-20

High

CVE-2018-20422

Discuz! DiscuzX 3.4, when WeChat login is enabled, allows remote attackers to bypass authentication by leveraging a non-empty #wechat#common_member_wechatmp to gain login access to an account via a p…

CVSS: 8.1 CWE: CWE-287

Medium

CVE-2018-20418

index.php?p=admin/actions/entries/save-entry in Craft CMS 3.0.25 allows XSS by saving a new title from the console tab.

CVSS: 4.8 CWE: CWE-79

High

CVE-2018-20421

Go Ethereum (aka geth) 1.8.19 allows attackers to cause a denial of service (memory consumption) by rewriting the length of a dynamic array in memory, and then writing data to a single memory locatio…

CVSS: 7.5 CWE: CWE-770

Medium

CVE-2018-20420

In webERP 4.15, Z_CreateCompanyTemplateFile.php has Incorrect Access Control, leading to the overwrite of an existing .sql file on the target web site by creating a template and then using ../ direct…

CVSS: 4.9 CWE: CWE-732

High

CVE-2018-20419

DouCo DouPHP 1.5 has upload/admin/manager.php?rec=insert CSRF to add an administrator account.

CVSS: 8.8 CWE: CWE-352

High

CVE-2018-20410

WellinTech KingSCADA before 3.7.0.0.1 contains a stack-based buffer overflow. The vulnerability is triggered when sending a specially crafted packet to the AlarmServer (AEserver.exe) service listenin…

CVSS: 7.5 CWE: CWE-787