All CVEs — 2018 (Page 3/120)

Browse all CVEs by publication year. Use filters to refine.

CVSS ≥ 0.0

2018-12-23

Medium

CVE-2018-20409

An issue was discovered in Bento4 1.5.1-627. There is a heap-based buffer over-read in AP4_AvccAtom::Create in Core/Ap4AvccAtom.cpp, as demonstrated by mp42hls.

CVSS: 6.5 CWE: CWE-125

Medium

CVE-2018-20408

An issue was discovered in Bento4 1.5.1-627. There is a memory leak in AP4_StdcFileByteStream::Create in System/StdC/Ap4StdCFileByteStream.cpp, as demonstrated by mp42hls.

CVSS: 6.5 CWE: CWE-772

Medium

CVE-2018-20407

An issue was discovered in Bento4 1.5.1-627. There is a memory leak in AP4_DescriptorFactory::CreateDescriptorFromStream in Core/Ap4DescriptorFactory.cpp, as demonstrated by mp42hls.

CVSS: 6.5 CWE: CWE-772

High

CVE-2018-20406

Modules/_pickle.c in Python before 3.7.1 has an integer overflow via a large LONG_BINPUT value that is mishandled during a "resize to twice the size" attempt. This issue might cause memory exhaustion…

CVSS: 7.5 CWE: CWE-190

Low

CVE-2018-20405

BigTree 4.3 allows full path disclosure via authenticated admin/news/ input that triggers a syntax error. NOTE: This has been disputed with the following reasoning: "The issue reported requires full…

CVSS: 2.7 CWE: CWE-639

High

CVE-2018-20402

Safe Software FME Server through 2018.1 creates and enables three additional accounts in addition to the initial administrator account. The passwords to the three accounts are the same as the usernam…

CVSS: 8.8 CWE: CWE-1188

Critical

CVE-2018-20401

Zoom 5352 v5.5.8.6Y devices allow remote attackers to discover credentials via iso.3.6.1.4.1.4491.2.4.1.1.6.1.1.0 and iso.3.6.1.4.1.4491.2.4.1.1.6.1.2.0 SNMP requests.

CVSS: 9.8 CWE: CWE-522

Critical

CVE-2018-20400

Ubee DVW2108 6.28.1017 and DVW2110 6.28.2012 devices allow remote attackers to discover credentials via iso.3.6.1.4.1.4491.2.4.1.1.6.1.1.0 and iso.3.6.1.4.1.4491.2.4.1.1.6.1.2.0 SNMP requests.

CVSS: 9.8 CWE: CWE-522

Critical

CVE-2018-20399

Motorola SBG901 SBG901-2.10.1.1-GA-00-581-NOSH, SBG941 SBG941-2.11.0.0-GA-07-624-NOSH, and SVG1202 SVG1202-2.1.0.0-GA-14-LTSH devices allow remote attackers to discover credentials via iso.3.6.1.4.1.…

CVSS: 9.8 CWE: CWE-522

Critical

CVE-2018-20398

Skyworth CM5100 V1.1.0, CM5100-440 V1.2.1, CM5100-511 4.1.0.14, CM5100-GHD00 V1.2.2, and CM5100.g2 4.1.0.17 devices allow remote attackers to discover credentials via iso.3.6.1.4.1.4491.2.4.1.1.6.1.1…

CVSS: 9.8 CWE: CWE-522

Critical

CVE-2018-20397

mplus CBC383Z CBC383Z_mplus_MDr026 devices allow remote attackers to discover credentials via iso.3.6.1.4.1.4491.2.4.1.1.6.1.1.0 and iso.3.6.1.4.1.4491.2.4.1.1.6.1.2.0 SNMP requests.

CVSS: 9.8 CWE: CWE-522

Critical

CVE-2018-20396

NET&SYS MNG2120J 5.76.1006c and MNG6300 5.83.6305jrc2 devices allow remote attackers to discover credentials via iso.3.6.1.4.1.4491.2.4.1.1.6.1.1.0 and iso.3.6.1.4.1.4491.2.4.1.1.6.1.2.0 SNMP request…

CVSS: 9.8 CWE: CWE-522

Critical

CVE-2018-20395

NETWAVE MNG6200 C4835805jrc12FU121413.cpr devices allow remote attackers to discover credentials via iso.3.6.1.4.1.4491.2.4.1.1.6.1.1.0 and iso.3.6.1.4.1.4491.2.4.1.1.6.1.2.0 SNMP requests.

CVSS: 9.8 CWE: CWE-522

Critical

CVE-2018-20394

Thomson DWG849 STC0.01.16, DWG850-4 ST9C.05.25, DWG855 ST80.20.26, and TWG870 STB2.01.36 devices allow remote attackers to discover credentials via iso.3.6.1.4.1.4491.2.4.1.1.6.1.1.0 and iso.3.6.1.4.…

CVSS: 9.8 CWE: CWE-522

Critical

CVE-2018-20392

S-A WebSTAR DPC2100 v2.0.2r1256-060303 devices allow remote attackers to discover credentials via iso.3.6.1.4.1.4491.2.4.1.1.6.1.1.0 and iso.3.6.1.4.1.4491.2.4.1.1.6.1.2.0 SNMP requests.

CVSS: 9.8 CWE: CWE-522

Critical

CVE-2018-20391

TEKNOTEL CBW700N 81.447.392110.729.024 devices allow remote attackers to discover credentials via iso.3.6.1.4.1.4491.2.4.1.1.6.1.1.0 and iso.3.6.1.4.1.4491.2.4.1.1.6.1.2.0 SNMP requests.

CVSS: 9.8 CWE: CWE-522

Critical

CVE-2018-20390

Kaonmedia CG2001-AN22A 1.2.1, CG2001-UDBNA 3.0.8, and CG2001-UN2NA 3.0.8 devices allow remote attackers to discover credentials via iso.3.6.1.4.1.4491.2.4.1.1.6.1.1.0 and iso.3.6.1.4.1.4491.2.4.1.1.6…

CVSS: 9.8 CWE: CWE-522

Critical

CVE-2018-20389

D-Link DCM-604 DCM604_C1_ViaCabo_1.04_20130606 and DCM-704 EU_DCM-704_1.10 devices allow remote attackers to discover credentials via iso.3.6.1.4.1.4491.2.4.1.1.6.1.1.0 and iso.3.6.1.4.1.4491.2.4.1.1…

CVSS: 9.8 CWE: CWE-522

Critical

CVE-2018-20388

Comtrend CM-6200un 123.447.007 and CM-6300n 123.553mp1.005 devices allow remote attackers to discover credentials via iso.3.6.1.4.1.4491.2.4.1.1.6.1.1.0 and iso.3.6.1.4.1.4491.2.4.1.1.6.1.2.0 SNMP re…

CVSS: 9.8 CWE: CWE-522

Critical

CVE-2018-20387

Bnmux BCW700J 5.20.7, BCW710J 5.30.6a, and BCW710J2 5.30.16 devices allow remote attackers to discover credentials via iso.3.6.1.4.1.4491.2.4.1.1.6.1.1.0 and iso.3.6.1.4.1.4491.2.4.1.1.6.1.2.0 SNMP r…

CVSS: 9.8 CWE: CWE-522

Critical

CVE-2018-20386

ARRIS SBG6580-2 D30GW-SEAEAGLE-1.5.2.5-GA-00-NOSH devices allow remote attackers to discover credentials via iso.3.6.1.4.1.4491.2.4.1.1.6.1.1.0 and iso.3.6.1.4.1.4491.2.4.1.1.6.1.2.0 SNMP requests.

CVSS: 9.8 CWE: CWE-522

Critical

CVE-2018-20385

CastleNet CBV38Z4EC 125.553mp1.39219mp1.899.007, CBV38Z4ECNIT 125.553mp1.39219mp1.899.005ITT, CBW383G4J 37.556mp5.008, and CBW38G4J 37.553mp1.008 devices allow remote attackers to discover credential…

CVSS: 9.8 CWE: CWE-522

Critical

CVE-2018-20384

iNovo Broadband IB-8120-W21 139.4410mp1.004200.002 and IB-8120-W21E1 139.4410mp1.3921132mp1.899.004404.004 devices allow remote attackers to discover credentials via iso.3.6.1.4.1.4491.2.4.1.1.6.1.1.…

CVSS: 9.8 CWE: CWE-522

Critical

CVE-2018-20383

ARRIS DG950A 7.10.145 and DG950S 7.10.145.EURO devices allow remote attackers to discover credentials via iso.3.6.1.4.1.4491.2.4.1.1.6.1.1.0 and iso.3.6.1.4.1.4491.2.4.1.1.6.1.2.0 SNMP requests.

CVSS: 9.8 CWE: CWE-522

Critical

CVE-2018-20382

Jiuzhou BCM93383WRG 139.4410mp1.3921132mp1.899.004404.004 devices allow remote attackers to discover credentials via iso.3.6.1.4.1.4491.2.4.1.1.6.1.1.0 and iso.3.6.1.4.1.4491.2.4.1.1.6.1.2.0 SNMP req…

CVSS: 9.8 CWE: CWE-522

Medium

CVE-2018-20379

Technicolor DPC3928SL D3928SL-PSIP-13-A010-c3420r55105-160428a devices allow XSS via a Cross Protocol Injection attack with setSSID of 1.3.6.1.4.1.4413.2.2.2.1.18.1.2.1.1.3.10001.

CVSS: 4.7 CWE: CWE-79

Medium

CVE-2018-20376

An issue was discovered in Tiny C Compiler (aka TinyCC or TCC) 0.9.27. Compiling a crafted source file leads to an 8 byte out of bounds write in the asm_parse_directive function in tccasm.c.

CVSS: 5.5 CWE: CWE-787

Medium

CVE-2018-20375

An issue was discovered in Tiny C Compiler (aka TinyCC or TCC) 0.9.27. Compiling a crafted source file leads to an 8 byte out of bounds write in the sym_pop function in tccgen.c.

CVSS: 5.5 CWE: CWE-787

Medium

CVE-2018-20374

An issue was discovered in Tiny C Compiler (aka TinyCC or TCC) 0.9.27. Compiling a crafted source file leads to an 8 byte out of bounds write in the use_section1 function in tccasm.c.

CVSS: 5.5 CWE: CWE-787

Medium

CVE-2018-20373

Tenda ADSL modem routers 1.0.1 allow XSS via the hostname of a DHCP client.

CVSS: 5.4 CWE: CWE-79

Medium

CVE-2018-20372

TP-Link TD-W8961ND devices allow XSS via the hostname of a DHCP client.

CVSS: 5.4 CWE: CWE-79

Critical

CVE-2018-20371

PhotoRange Photo Vault 1.2 appends the password to the URI for authorization, which makes it easier for remote attackers to bypass intended GET restrictions via a brute-force approach, as demonstrate…

CVSS: 9.8 CWE: CWE-200

Medium

CVE-2018-20370

SZ NetChat before 7.9 has XSS in the MyName input field of the Options module. Attackers are able to inject commands to compromise the enabled HTTP server web frontend.

CVSS: 5.4 CWE: CWE-79

Medium

CVE-2018-20369

Barracuda Message Archiver 2018 has XSS in the error_msg exception-handling value for the ldap_user parameter to the cgi-mod/ldap_load_entry.cgi module. The injection point of the issue is the Add_Up…

CVSS: 6.1 CWE: CWE-79

Medium

CVE-2018-20368

The Master Slider plugin 3.2.7 and 3.5.1 for WordPress has XSS via the wp-admin/admin-ajax.php Name input field of the MSPanel.Settings value on Callback.

CVSS: 5.4 CWE: CWE-79

High

CVE-2018-20331

Local attackers can trigger a Kernel Pool Buffer Overflow in Antiy AVL ATool v1.0.0.22. An attacker must first obtain the ability to execute low-privileged code on the target system in order to explo…

CVSS: 7.8 CWE: CWE-119

2018-12-22

Medium

CVE-2018-20367

The "mall some commodity details: commodity consultation" component in WSTMart 2.0.8_181212 has stored XSS via the consultContent parameter, as demonstrated by the index.php/home/goodsconsult/add.htm…

CVSS: 6.1 CWE: CWE-79

Medium

CVE-2018-20365

LibRaw::raw2image() in libraw_cxx.cpp has a heap-based buffer overflow.

CVSS: 6.5 CWE: CWE-787

Medium

CVE-2018-20364

LibRaw::copy_bayer in libraw_cxx.cpp in LibRaw 0.19.1 has a NULL pointer dereference.

CVSS: 6.5 CWE: CWE-476

Medium

CVE-2018-20363

LibRaw::raw2image in libraw_cxx.cpp in LibRaw 0.19.1 has a NULL pointer dereference.

CVSS: 6.5 CWE: CWE-476

Medium

CVE-2018-20362

A NULL pointer dereference was discovered in ifilter_bank of libfaad/filtbank.c in Freeware Advanced Audio Decoder 2 (FAAD2) 2.8.8. The vulnerability causes a segmentation fault and application crash…

CVSS: 5.5 CWE: CWE-476

Medium

CVE-2018-20361

An invalid memory address dereference was discovered in the hf_assembly function of libfaad/sbr_hfadj.c in Freeware Advanced Audio Decoder 2 (FAAD2) 2.8.8. The vulnerability causes a segmentation fau…

CVSS: 5.5 CWE: CWE-119

Medium

CVE-2018-20360

An invalid memory address dereference was discovered in the sbr_process_channel function of libfaad/sbr_dec.c in Freeware Advanced Audio Decoder 2 (FAAD2) 2.8.8. The vulnerability causes a segmentati…

CVSS: 5.5 CWE: CWE-119

Medium

CVE-2018-20359

An invalid memory address dereference was discovered in the sbrDecodeSingleFramePS function of libfaad/sbr_dec.c in Freeware Advanced Audio Decoder 2 (FAAD2) 2.8.8. The vulnerability causes a segment…

CVSS: 5.5 CWE: CWE-119

Medium

CVE-2018-20358

An invalid memory address dereference was discovered in the lt_prediction function of libfaad/lt_predict.c in Freeware Advanced Audio Decoder 2 (FAAD2) 2.8.8. The vulnerability causes a segmentation…

CVSS: 5.5 CWE: CWE-119

Medium

CVE-2018-20357

A NULL pointer dereference was discovered in sbr_process_channel of libfaad/sbr_dec.c in Freeware Advanced Audio Decoder 2 (FAAD2) 2.8.8. The vulnerability causes a segmentation fault and application…

CVSS: 5.5 CWE: CWE-476

Medium

CVE-2018-19863

An issue was discovered in 1Password 7.2.3.BETA before 7.2.3.BETA-3 on macOS. A mistake in error logging resulted in instances where sensitive data passed from Safari to 1Password could be logged loc…

CVSS: 5.5 CWE: CWE-532

Medium

CVE-2018-20351

The Markdown component in Evernote (Chinese) before 8.3.2 on macOS allows stored XSS, aka MAC-832.

CVSS: 6.1 CWE: CWE-79

Medium

CVE-2018-20349

The igraph_i_strdiff function in igraph_trie.c in igraph through 0.7.1 has an NULL pointer dereference that allows attackers to cause a denial of service (application crash) via a crafted object.

CVSS: 6.5 CWE: CWE-476

Medium

CVE-2018-20348

libpff_item_tree_create_node in libpff_item_tree.c in libpff before experimental-20180714 allows attackers to cause a denial of service (infinite recursion) via a crafted file, related to libfdata_tr…

CVSS: 5.5 CWE: CWE-835

2018-12-21

Critical

CVE-2018-20325

There is a vulnerability in load() method in definitions/parser.py in the Danijar Hafner definitions package for Python. It can execute arbitrary python commands resulting in command execution.

CVSS: 9.8 CWE: CWE-94

Medium

CVE-2018-20322

LimeSurvey version 3.15.5 contains a Cross-site scripting (XSS) vulnerability in Survey Resource zip upload, resulting in Javascript code execution against LimeSurvey administrators. Fixed in version…

CVSS: 6.1 CWE: CWE-79

High

CVE-2018-20193

Certain Secure Access SA Series SSL VPN products (originally developed by Juniper Networks but now sold and supported by Pulse Secure, LLC) allow privilege escalation, as demonstrated by Secure Acces…

CVSS: 8.8 CWE: CWE-269

High

CVE-2018-19322

The GPCIDrv and GDrv low-level drivers in GIGABYTE APP Center v1.05.21 and earlier, AORUS GRAPHICS ENGINE before 1.57, XTREME GAMING ENGINE before 1.26, and OC GURU II v2.08 expose functionality to r…

CVSS: 7.8 CWE: CWE-749

Critical

CVE-2018-18009

dirary0.js on D-Link DIR-140L, DIR-640L devices allows remote unauthenticated attackers to discover admin credentials.

CVSS: 9.8 CWE: CWE-798

Critical

CVE-2018-18008

spaces.htm on multiple D-Link devices (DSL, DIR, DWR) allows remote unauthenticated attackers to discover admin credentials.

CVSS: 9.8 CWE: CWE-798

Critical

CVE-2018-18007

atbox.htm on D-Link DSL-2770L devices allows remote unauthenticated attackers to discover admin credentials.

CVSS: 9.8 CWE: CWE-798

Medium

CVE-2018-16778

Cross-site scripting (XSS) vulnerability in Jenzabar v8.2.1 through 9.2.0 allows remote attackers to inject arbitrary web script or HTML via the query parameter (aka the Search Field).

CVSS: 6.1 CWE: CWE-79

High

CVE-2018-20346

SQLite before 3.25.3, when the FTS3 extension is enabled, encounters an integer overflow (and resultant buffer overflow) for FTS3 queries that occur after crafted changes to FTS3 shadow tables, allow…

CVSS: 8.1 CWE: CWE-190

Medium

CVE-2018-20342

The Floureon IP Camera SP012 provides a root terminal on a UART serial interface without proper access control. This allows attackers with physical access to execute arbitrary commands with root priv…

CVSS: 6.8 CWE: CWE-287

Medium

CVE-2018-5201

Hancom Office 2018 10.0.0.8214 and earlier, Hancom Office NEO 9.6.1.10472 and earlier, Hancom Office 2014 9.1.1.4540 and earlier, Hancom Office 2010 8.5.8.1724 and earlier versions have a heap overfl…

CVSS: 5.5 CWE: CWE-787

High

CVE-2018-5196

Alzip 10.76.0.0 and earlier is vulnerable to a stack overflow caused by improper bounds checking. By persuading a victim to open a specially-crafted LZH archive file, a attacker could execute arbitra…

CVSS: 8.8 CWE: CWE-787

High

CVE-2018-18332

A Trend Micro OfficeScan XG weak file permissions vulnerability may allow an attacker to potentially manipulate permissions on some key files to modify other files and folders on vulnerable installat…

CVSS: 7.5 CWE: CWE-732

High

CVE-2018-18331

A Trend Micro OfficeScan XG weak file permissions vulnerability on a particular folder for a particular group may allow an attacker to alter the files, which could lead to other exploits on vulnerabl…

CVSS: 7.5 CWE: CWE-732

Medium

CVE-2018-20339

Zoho ManageEngine OpManager 12.3 before build 123239 allows XSS in the Notes column of the Alarms section.

CVSS: 6.1 CWE: CWE-79

Critical

CVE-2018-20338

Zoho ManageEngine OpManager 12.3 before build 123239 allows SQL injection in the Alarms section.

CVSS: 9.8 CWE: CWE-89

High

CVE-2018-20337

There is a stack-based buffer overflow in the parse_makernote function of dcraw_common.cpp in LibRaw 0.19.1. Crafted input will lead to a denial of service or possibly unspecified other impact.

CVSS: 8.8 CWE: CWE-787

High

CVE-2018-20332

An issue has been discovered in the OpenWebif plugin through 1.2.4 for Enigma2 based devices. Reading of arbitrary files is possible with /file?action=download&file= followed by a full pathname, and…

CVSS: 7.5 CWE: CWE-22

High

CVE-2018-20330

The tjLoadImage function in libjpeg-turbo 2.0.1 has an integer overflow with a resultant heap-based buffer overflow via a BMP image because multiplication of pitch and height is mishandled, as demons…

CVSS: 8.8 CWE: CWE-190

High

CVE-2018-20329

Chamilo LMS version 1.11.8 contains a main/inc/lib/CoursesAndSessionsCatalog.class.php SQL injection, allowing users with access to the sessions catalogue (which may optionally be made public) to ext…

CVSS: 8.1 CWE: CWE-89

Medium

CVE-2018-20328

Chamilo LMS version 1.11.8 contains XSS in main/social/group_view.php in the social groups tool, allowing authenticated users to affect other users, under specific conditions of permissions granted b…

CVSS: 5.4 CWE: CWE-79

Medium

CVE-2018-20327

Chamilo LMS version 1.11.8 contains XSS in main/template/default/admin/gradebook_list.tpl in the gradebook dependencies tool, allowing authenticated users to affect other users, under specific condit…

CVSS: 5.4 CWE: CWE-79

Critical

CVE-2018-20318

An issue was discovered in weixin-java-tools v3.2.0. There is an XXE vulnerability in the getXmlDoc method of the BaseWxPayResult.java file.

CVSS: 9.8 CWE: CWE-611

2018-12-20

High

CVE-2018-20191

hw/rdma/vmw/pvrdma_main.c in QEMU does not implement a read operation (such as uar_read by analogy to uar_write), which allows attackers to cause a denial of service (NULL pointer dereference).

CVSS: 7.5 CWE: CWE-476

Medium

CVE-2018-20124

hw/rdma/rdma_backend.c in QEMU allows guest OS users to trigger out-of-bounds access via a PvrdmaSqWqe ring element with a large num_sge value.

CVSS: 5.5 CWE: CWE-125

High

CVE-2018-19242

Buffer overflow in apply.cgi on TRENDnet TEW-632BRP 1.010B32 and TEW-673GRU devices allows attackers to hijack the control flow to any attacker-specified location by crafting a POST request payload (…

CVSS: 8.8 CWE: CWE-119

High

CVE-2018-19241

Buffer overflow in video.cgi on TRENDnet TV-IP110WN V1.2.2 build 68, V1.2.2.65, and V1.2.2 build 64 and TV-IP121WN V1.2.2 build 28 devices allows attackers to hijack the control flow to any attacker-…

CVSS: 7.5 CWE: CWE-119

Critical

CVE-2018-19240

Buffer overflow in network.cgi on TRENDnet TV-IP110WN V1.2.2 build 68, V1.2.2.65, and V1.2.2 build 64 and TV-IP121WN V1.2.2 build 28 devices allows attackers to hijack the control flow to any attacke…

CVSS: 9.8 CWE: CWE-119

High

CVE-2018-19239

TRENDnet TEW-673GRU v1.00b40 devices have an OS command injection vulnerability in the start_arpping function of the timer binary, which allows remote attackers to execute arbitrary commands via thre…

CVSS: 7.2 CWE: CWE-78

High

CVE-2018-19134

In Artifex Ghostscript through 9.25, the setpattern operator did not properly validate certain types. A specially crafted PostScript document could exploit this to crash Ghostscript or, possibly, exe…

CVSS: 7.8 CWE: CWE-704

High

CVE-2018-18767

An issue was discovered in D-Link 'myDlink Baby App' version 2.04.06. Whenever actions are performed from the app (e.g., change camera settings or play lullabies), it communicates directly with the W…

CVSS: 7.0 CWE: CWE-326

High

CVE-2018-18629

An issue was discovered in the Keybase command-line client before 2.8.0-20181023124437 for Linux. An untrusted search path vulnerability in the keybase-redirector application allows a local, unprivil…

CVSS: 7.8 CWE: CWE-426

High

CVE-2018-18441

D-Link DCS series Wi-Fi cameras expose sensitive information regarding the device configuration. The affected devices include many of DCS series, such as: DCS-936L, DCS-942L, DCS-8000LH, DCS-942LB1,…

CVSS: 7.5 CWE: CWE-200

Critical

CVE-2018-18399

SQL injection vulnerability in the "ContentPlaceHolder1_uxTitle" component in ArchiveNews.aspx in jco.ir KARMA 6.0.0 allows a remote attacker to execute arbitrary SQL commands via the "id" parameter.

CVSS: 9.8 CWE: CWE-89

Medium

CVE-2018-16627

panel/login in Kirby v2.5.12 allows Host header injection via the "forget password" feature.

CVSS: 6.1 CWE: CWE-74

Medium

CVE-2018-14846

The Mondula Multi Step Form plugin before 1.2.8 for WordPress has multiple stored XSS via wp-admin/admin-ajax.php.

CVSS: 5.4 CWE: CWE-79

Medium

CVE-2018-12651

A Reflected Cross Site Scripting (XSS) Vulnerability was discovered in Adrenalin 5.4 HRMS Software. The user supplied input containing JavaScript is echoed back in JavaScript code in an HTML response…

CVSS: 6.1 CWE: CWE-79

High

CVE-2017-9732

The read_packet function in knc (Kerberised NetCat) before 1.11-1 is vulnerable to denial of service (memory exhaustion) that can be exploited remotely without authentication, possibly affecting anot…

CVSS: 7.5 CWE: CWE-400

Medium

CVE-2018-17247

Elasticsearch Security versions 6.5.0 and 6.5.1 contain an XXE flaw in Machine Learning's find_file_structure API. If a policy allowing external network access has been added to Elasticsearch's Java…

CVSS: 5.9 CWE: CWE-611

Critical

CVE-2018-17246

Kibana versions before 6.4.3 and 5.6.13 contain an arbitrary file inclusion flaw in the Console plugin. An attacker with access to the Kibana Console API could send a request that will attempt to exe…

CVSS: 9.8 CWE: CWE-73

Critical

CVE-2018-17245

Kibana versions 4.0 to 4.6, 5.0 to 5.6.12, and 6.0 to 6.4.2 contain an error in the way authorization credentials are used when generating PDF reports. If a report requests external resources plainte…

CVSS: 9.8 CWE: CWE-201

Medium

CVE-2018-17244

Elasticsearch Security versions 6.4.0 to 6.4.2 contain an error in the way request headers are applied to requests when using the Active Directory, LDAP, Native, or File realms. A request may receive…

CVSS: 6.5 CWE: CWE-362

High

CVE-2018-20216

QEMU can have an infinite loop in hw/rdma/vmw/pvrdma_dev_ring.c because return values are not checked (and -1 is mishandled).

CVSS: 7.5 CWE: CWE-252

Medium

CVE-2018-20126

hw/rdma/vmw/pvrdma_cmd.c in QEMU allows create_cq and create_qp memory leaks because errors are mishandled.

CVSS: 5.5 CWE: CWE-772

High

CVE-2018-20125

hw/rdma/vmw/pvrdma_cmd.c in QEMU allows attackers to cause a denial of service (NULL pointer dereference or excessive memory allocation) in create_cq_ring or create_qp_rings.

CVSS: 7.5 CWE: CWE-476

High

CVE-2018-19005

Cscape, Version 9.80.75.3 SP3 and prior. An improper input validation vulnerability has been identified that may be exploited by processing specially crafted POC files lacking user input validation.…

CVSS: 7.8 CWE: CWE-20

Critical

CVE-2018-18871

Missing password verification in the web interface on Gigaset Maxwell Basic VoIP phones with firmware 2.22.7 would allow a remote attacker (in the same network as the device) to change the admin pass…

CVSS: 9.8 CWE: CWE-640

Critical

CVE-2018-15723

The Logitech Harmony Hub before version 4.15.206 is vulnerable to application level command injection via crafted HTTP request. An unauthenticated remote attacker can leverage this vulnerability to e…

CVSS: 9.8 CWE: CWE-346

High

CVE-2018-15722

The Logitech Harmony Hub before version 4.15.206 is vulnerable to OS command injection via the time update request. A remote server or man in the middle can inject OS commands with a properly formatt…

CVSS: 8.1 CWE: CWE-78

Critical

CVE-2018-15721

The XMPP server in Logitech Harmony Hub before version 4.15.206 is vulnerable to authentication bypass via a crafted XMPP request. Remote attackers can use this vulnerability to gain access to the lo…

CVSS: 9.8 CWE: CWE-287

Critical

CVE-2018-15720

Logitech Harmony Hub before version 4.15.206 contained two hard-coded accounts in the XMPP server that gave remote users access to the local API.

CVSS: 9.8 CWE: CWE-798

Critical

CVE-2018-1160

Netatalk before 3.1.12 is vulnerable to an out of bounds write in dsi_opensess.c. This is due to lack of bounds checking on attacker controlled data. A remote unauthenticated attacker can leverage th…

CVSS: 9.8 CWE: CWE-787

Medium

CVE-2018-1000886

nasm version 2.14.01rc5, 2.15 contains a Buffer Overflow vulnerability in asm/stdscan.c:130 that can result in Stack-overflow caused by triggering endless macro generation, crash the program. This at…

CVSS: 5.5 CWE: CWE-119

Critical

CVE-2018-1000885

PHKP version including commit 88fd9cfdf14ea4b6ac3e3967feea7bcaabb6f03b contains a Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability in function pgp_exe…

CVSS: 9.8 CWE: CWE-78

Critical

CVE-2018-1000884

Vesta CP version Prior to commit f6f6f9cfbbf2979e301956d1c6ab5c44386822c0 -- any release prior to 0.9.8-18 contains a CWE-208 / Information Exposure Through Timing Discrepancy vulnerability in Passwo…

CVSS: 9.8 CWE: CWE-203

Medium

CVE-2018-1000883

Elixir Plug Plug version All contains a Header Injection vulnerability in Connection that can result in Given a cookie value, Headers can be added. This attack appear to be exploitable via Crafting a…

CVSS: 6.5 CWE: CWE-20

Medium

CVE-2018-8892

A cross-site request forgery (CSRF) vulnerability in the Management Console of BlackBerry UEM versions earlier than 12.9.1 could allow an attacker to make modifications to the UEM settings in the con…

CVSS: 6.5 CWE: CWE-352

Medium

CVE-2018-8891

Multiple stored cross-site scripting (XSS) vulnerabilities in the Management Console of BlackBerry UEM versions earlier than 12.9.1 could allow an attacker to store script commands that could later b…

CVSS: 4.8 CWE: CWE-79

Medium

CVE-2018-8888

A stored cross-site scripting (XSS) vulnerability in the Management Console of BlackBerry UEM versions earlier than 12.10.0 could allow an attacker to store script commands that could later be execut…

CVSS: 4.8 CWE: CWE-79

High

CVE-2018-15331

On BIG-IP AAM 13.0.0 or 12.1.0-12.1.3.7, the dcdb_convert utility used by BIG-IP AAM fails to drop group permissions when executing helper scripts, which could be used to leverage attacks against the…

CVSS: 7.8 CWE: CWE-269

High

CVE-2018-15330

On BIG-IP 14.0.0-14.0.0.2, 13.0.0-13.1.1.1, or 12.1.0-12.1.3.7, when a virtual server using the inflate functionality to process a gzip bomb as a payload, the BIG-IP system will experience a fatal er…

CVSS: 7.5 CWE: CWE-20

High

CVE-2018-15329

On BIG-IP 14.0.0-14.0.0.2, 13.0.0-13.1.1.1, or 12.1.0-12.1.3.7, or Enterprise Manager 3.1.1, when authenticated administrative users run commands in the Traffic Management User Interface (TMUI), also…

CVSS: 7.2 CWE: CWE-862

High

CVE-2018-19234

The Miss Marple Updater Service in COMPAREX Miss Marple Enterprise Edition before 2.0 allows remote attackers to execute arbitrary code with SYSTEM privileges via vectors related to missing update va…

CVSS: 8.8 CWE: CWE-494

High

CVE-2018-19233

COMPAREX Miss Marple Enterprise Edition before 2.0 allows local users to execute arbitrary code by reading the user name and encrypted password hard-coded in an Inventory Agent configuration file.

CVSS: 7.8 CWE: CWE-798

High

CVE-2018-1000882

WeBid version up to current version 1.2.2 contains a Directory Traversal vulnerability in getthumb.php that can result in Arbitrary Image File Read. This attack appear to be exploitable via HTTP GET…

CVSS: 7.5 CWE: CWE-22

Critical

CVE-2018-1000881

Traccar Traccar Server version 4.0 and earlier contains a CWE-94: Improper Control of Generation of Code ('Code Injection') vulnerability in ComputedAttributesHandler.java that can result in Remote C…

CVSS: 9.8 CWE: CWE-94

Medium

CVE-2018-1000880

libarchive version commit 9693801580c0cf7c70e862d305270a16b52826a7 onwards (release v3.2.0 onwards) contains a CWE-20: Improper Input Validation vulnerability in WARC parser - libarchive/archive_read…

CVSS: 6.5 CWE: CWE-119

Medium

CVE-2018-1000879

libarchive version commit 379867ecb330b3a952fb7bfa7bffb7bbd5547205 onwards (release v3.3.0 onwards) contains a CWE-476: NULL Pointer Dereference vulnerability in ACL parser - libarchive/archive_acl.c…

CVSS: 6.5 CWE: CWE-476

High

CVE-2018-1000878

libarchive version commit 416694915449219d505531b1096384f3237dd6cc onwards (release v3.1.0 onwards) contains a CWE-416: Use After Free vulnerability in RAR decoder - libarchive/archive_read_support_f…

CVSS: 8.8 CWE: CWE-416

High

CVE-2018-1000877

libarchive version commit 416694915449219d505531b1096384f3237dd6cc onwards (release v3.1.0 onwards) contains a CWE-415: Double Free vulnerability in RAR decoder - libarchive/archive_read_support_form…

CVSS: 8.8 CWE: CWE-415