Critical
CVE-2018-6333
The hhvm-attach deep link handler in Nuclide did not properly sanitize the provided hostname parameter when rendering. As a result, a malicious URL could be used to render HTML and other content insi…
Read moreAll CVEs — 2018
Page 1/120.
Browse all CVEs by publication year. Use filters to refine.
CVSS ≥ 0.0
2018-12-31
Critical
CVE-2018-6331
Buck parser-cache command loads/saves state using Java serialized object. If the state information is maliciously crafted, deserializing it could lead to code execution. This issue affects Buck versi…
Read more
High
CVE-2018-6347
An issue in the Proxygen handling of HTTP2 parsing of headers/trailers can lead to a denial-of-service attack. This affects Proxygen prior to v2018.12.31.00.
Read more
High
CVE-2018-6346
A potential denial-of-service issue in the Proxygen handling of invalid HTTP2 priority settings (specifically a circular dependency). This affects Proxygen prior to v2018.12.31.00.
Read more
High
CVE-2018-6344
A heap corruption in WhatsApp can be caused by a malformed RTP packet being sent after a call is established. The vulnerability can be used to cause denial of service. It affects WhatsApp for Android…
Read more
High
CVE-2018-6343
Proxygen fails to validate that a secondary auth manager is set before dereferencing it. That can cause a denial of service issue when parsing a Certificate/CertificateRequest HTTP2 Frame over a fizz…
Read more
Critical
CVE-2018-6342
react-dev-utils on Windows allows developers to run a local webserver for accepting various commands, including a command to launch an editor. The input to that command was not properly sanitized, al…
Read more
Medium
CVE-2018-6341
React applications which rendered to HTML using the ReactDOMServer API were not escaping user-supplied attribute names at render-time. That lack of escaping could lead to a cross-site scripting vulne…
Read more
High
CVE-2018-6340
The Memcache::getextendedstats function can be used to trigger an out-of-bounds read. Exploiting this issue requires control over memcached server hostnames and/or ports. This affects all supported v…
Read more
High
CVE-2018-6337
folly::secureRandom will re-use a buffer between parent and child processes when fork() is called. That will result in multiple forked children producing repeat (or similar) results. This affects HHV…
Read more
High
CVE-2018-6335
A Malformed h2 frame can cause 'std::out_of_range' exception when parsing priority meta data. This behavior can lead to denial-of-service. This affects all supported versions of HHVM (3.25.2, 3.24.6,…
Read more
Critical
CVE-2018-6334
Multipart-file uploads call variables to be improperly registered in the global scope. In cases where variables are not declared explicitly before being used this can lead to unexpected behavior. Thi…
Read more
Medium
CVE-2018-20623
In GNU Binutils 2.31.1, there is a use-after-free in the error function in elfcomm.c when called from the process_archive function in readelf.c via a crafted ELF file.
Read more
Medium
CVE-2018-20622
JasPer 2.0.14 has a memory leak in base/jas_malloc.c in libjasper.a when "--output-format jp2" is used.
Read more
Medium
CVE-2018-19937
A local, authenticated attacker can bypass the passcode in the VideoLAN VLC media player app before 3.1.5 for iOS by opening a URL and turning the phone.
Read more
Critical
CVE-2018-18602
The Cloud API on Guardzilla smart cameras allows user enumeration, with resultant arbitrary camera access and monitoring.
Read more
High
CVE-2018-18601
The TK_set_deviceModel_req_handle function in the cloud communication component in Guardzilla GZ621W devices with firmware 0.5.1.4 has a Buffer Overflow.
Read more
High
CVE-2018-18600
The remote upgrade feature in Guardzilla GZ180 devices allow command injection via a crafted new firmware version parameter.
Read more
High
CVE-2018-20618
ok-file-formats through 2018-10-16 has a heap-based buffer over-read in the ok_mo_decode2 function in ok_mo.c.
Read more
Medium
CVE-2018-19918
CuppaCMS has XSS via an SVG document uploaded to the administrator/#/component/table_manager/view/cu_views URI.
Read more
Medium
CVE-2018-19906
Stored XSS exists in razorCMS 3.4.8 via the /#/page description parameter.
Read more
Medium
CVE-2018-19905
HTML injection exists in razorCMS 3.4.8 via the /#/page keywords parameter.
Read more
Medium
CVE-2018-19904
Persistent XSS exists in XSLT CMS via the create/?action=items.edit&type=Page "body" field.
Read more
Medium
CVE-2018-19903
Persistent XSS exists in XSLT CMS via the create/?action=items.edit&type=Page title field.
Read more
Medium
CVE-2018-19902
No-CMS 1.1.3 is prone to Persistent XSS via the blog/manage_article "keyword" parameter.
Read more
Medium
CVE-2018-19901
No-CMS 1.1.3 is prone to Persistent XSS via the blog/manage_article/index/ "article_title" parameter.
Read more
Medium
CVE-2018-19845
There is Stored XSS in GetSimple CMS 3.3.12 via the admin/edit.php "post-menu" parameter, a related issue to CVE-2018-16325.
Read more
Medium
CVE-2018-19844
FROG CMS 0.9.5 has XSS via the admin/?/snippet/add name parameter, which is mishandled during an edit action, a related issue to CVE-2018-10319.
Read more
Medium
CVE-2018-18593
Remote Directory Traversal and Remote Disclosure of Privileged Information in UCMDB Configuration Management Service, version 10.22, 10.22 CUP1, 10.22 CUP2, 10.22 CUP3, 10.22 CUP4, 10.22 CUP5, 10.22…
Read more
High
CVE-2018-20617
ok-file-formats through 2018-10-16 has a heap-based buffer overflow in the ok_csv_decode2 function in ok_csv.c.
Read more
High
CVE-2018-20616
ok-file-formats through 2018-10-16 has a heap-based buffer overflow in the ok_wav_decode_ms_adpcm_data function in ok_wav.c.
Read more2018-12-30
High
CVE-2018-20614
public\install\install.php in CIM 0.9.3 allows remote attackers to reload the product via the public/install/#/step3 URI.
Read more
High
CVE-2018-20613
TEMMOKU T1.09 Beta allows admin/user/add CSRF.
Read more
High
CVE-2018-20612
UWA 2.3.11 allows index.php?g=admin&c=admin&a=add_admin_do CSRF.
Read more
Medium
CVE-2018-20611
imcat 4.4 allow XSS via a crafted cookie to the root/tools/adbug/binfo.php?cookie URI.
Read more
Medium
CVE-2018-20610
imcat 4.4 allows directory traversal via the root/run/adm.php efile parameter.
Read more
Medium
CVE-2018-20609
imcat 4.4 allows remote attackers to obtain potentially sensitive configuration information via the root/tools/adbug/check.php URI.
Read more
High
CVE-2018-20608
imcat 4.4 allows remote attackers to read phpinfo output via the root/tools/adbug/binfo.php?phpinfo1 URI.
Read more
Medium
CVE-2018-20607
imcat 4.4 allows remote attackers to obtain potentially sensitive debugging information via the root/tools/adbug/binfo.php URI.
Read more
High
CVE-2018-20606
imcat 4.4 allows full path disclosure via a dev.php?tools-ipaddr&api=Pcoln&uip= URI.
Read more
Critical
CVE-2018-20605
imcat 4.4 allows remote attackers to execute arbitrary PHP code by using root/run/adm.php to modify the boot/bootskip.php file.
Read more
Medium
CVE-2018-20604
Lei Feng TV CMS (aka LFCMS) 3.8.6 allows Directory Traversal via crafted use of ..* in Template/edit/path URIs, as demonstrated by the admin.php?s=/Template/edit/path/*web*..*..*..*..*1.txt.html URI…
Read more
High
CVE-2018-20603
Lei Feng TV CMS (aka LFCMS) 3.8.6 allows admin.php?s=/Member/add.html CSRF.
Read more
High
CVE-2018-20602
Lei Feng TV CMS (aka LFCMS) 3.8.6 allows full path disclosure via the /install.php?s=/1 URI.
Read more
Medium
CVE-2018-20601
UCMS 1.4.7 has XSS via the description parameter in an index.php list_editpost action.
Read more
Medium
CVE-2018-20600
sadmin\cedit.php in UCMS 1.4.7 has XSS via an index.php sadmin_cedit action.
Read more
High
CVE-2018-20599
UCMS 1.4.7 allows remote attackers to execute arbitrary PHP code by entering this code during an index.php sadmin_fileedit action.
Read more
High
CVE-2018-20598
UCMS 1.4.7 has ?do=user_addpost CSRF.
Read more
Medium
CVE-2018-20597
UCMS 1.4.7 has XSS via the dir parameter in an index.php sadmin_fileedit action.
Read more
Critical
CVE-2018-20596
Jspxcms v9.0.0 allows SSRF.
Read more
High
CVE-2018-20595
A CSRF issue was discovered in web/authorization/oauth2/controller/OAuth2ClientController.java in hsweb 3.0.4 because the state parameter in the request is not compared with the state parameter in th…
Read more
Medium
CVE-2018-20594
An issue was discovered in hsweb 3.0.4. It is a reflected XSS vulnerability due to the absence of type parameter checking in FlowableModelManagerController.java.
Read more
Medium
CVE-2018-20593
In Mini-XML (aka mxml) v2.12, there is stack-based buffer overflow in the scan_file function in mxmldoc.c.
Read more
Medium
CVE-2018-20592
In Mini-XML (aka mxml) v2.12, there is a use-after-free in the mxmlAdd function of the mxml-node.c file. Remote attackers could leverage this vulnerability to cause a denial-of-service via a crafted…
Read more
Medium
CVE-2018-20591
A heap-based buffer over-read was discovered in decompileJUMP function in util/decompile.c of libming v0.4.8. A crafted input can cause segmentation faults, leading to denial-of-service, as demonstra…
Read more
Medium
CVE-2018-20590
Ivan Cordoba Generic Content Management System (CMS) through 2018-04-28 has XSS via the Administrator/users.php user ID.
Read more
Medium
CVE-2018-20589
Ivan Cordoba Generic Content Management System (CMS) through 2018-04-28 has XSS via the Administrator/add_pictures.php article ID.
Read more
Medium
CVE-2018-20588
lib/support/unicodeconv/unicodeconv.c in libotfcc.a in otfcc v0.10.3-alpha has a buffer over-read.
Read more
Medium
CVE-2018-20583
Cross-site scripting (XSS) vulnerability in the PHP League CommonMark library versions 0.15.6 through 0.18.x before 0.18.1 allows remote attackers to insert unsafe URLs into HTML (even if allow_unsaf…
Read more2018-12-28
High
CVE-2018-15007
The Sky Elite 6.0L+ Android device with a build fingerprint of SKY/x6069_trx_l601_sky/x6069_trx_l601_sky:6.0/MRA58K/1482897127:user/release-keys contains a pre-installed platform app with a package n…
Read more
High
CVE-2018-15005
The ZTE ZMAX Champ Android device with a build fingerprint of ZTE/Z917VL/fortune:6.0.1/MMB29M/20170327.120922:user/release-keys contains a pre-installed platform app with a package name of com.zte.zd…
Read more
Medium
CVE-2018-15004
The Coolpad Canvas device with a build fingerprint of Coolpad/cp3636a/cp3636a:7.0/NRD90M/093031423:user/release-keys contains a platform app with a package name of com.qualcomm.qti.modemtestmode (ver…
Read more
Medium
CVE-2018-15002
The Vivo V7 device with a build fingerprint of vivo/1718/1718:7.1.2/N2G47H/compil11021857:user/release-keys allows any app co-located on the device to set system properties as the com.android.phone u…
Read more
Medium
CVE-2018-15001
The Vivo V7 Android device with a build fingerprint of vivo/1718/1718:7.1.2/N2G47H/compil11021857:user/release-keys contains a platform app with a package name of com.vivo.bsptest (versionCode=1, ver…
Read more
Medium
CVE-2018-14998
The Leagoo P1 Android device with a build fingerprint of sp7731c_1h10_32v4_bird:6.0/MRA58K/android.20170629.214736:user/release-keys contains a hidden root privilege escalation capability to achieve…
Read more
Medium
CVE-2018-14995
The ZTE Blade Vantage Android device with a build fingerprint of ZTE/Z839/sweet:7.1.1/NMF26V/20180120.095344:user/release-keys, the ZTE Blade Spark Android device with a build fingerprint of ZTE/Z971…
Read more
High
CVE-2018-14988
The MXQ TV Box 4.4.2 Android device with a build fingerprint of MBX/m201_N/m201_N:4.4.2/KOT49H/20160106:user/test-keys contains the Android framework with a package name of android (versionCode=19, v…
Read more
High
CVE-2018-14987
The MXQ TV Box 4.4.2 Android device with a build fingerprint of MBX/m201_N/m201_N:4.4.2/KOT49H/20160106:user/test-keys contains the Android framework with a package name of android (versionCode=19, v…
Read more
High
CVE-2018-14986
The Leagoo Z5C Android device with a build fingerprint of sp7731c_1h10_32v4_bird:6.0/MRA58K/android.20170629.214736:user/release-keys contains a pre-installed app with a package name of com.android.m…
Read more
High
CVE-2018-14985
The Leagoo Z5C Android device with a build fingerprint of sp7731c_1h10_32v4_bird:6.0/MRA58K/android.20170629.214736:user/release-keys contains a pre-installed platform app with a package name of com.…
Read more
High
CVE-2018-14984
The Leagoo Z5C Android device with a build fingerprint of sp7731c_1h10_32v4_bird:6.0/MRA58K/android.20170629.214736:user/release-keys contains a pre-installed app with a package name of com.android.m…
Read more
Medium
CVE-2018-14979
The ASUS ZenFone 3 Max Android device with a build fingerprint of asus/US_Phone/ASUS_X008_1:7.0/NRD90M/US_Phone-14.14.1711.92-20171208:user/release-keys contains a pre-installed app with a package na…
Read more
High
CVE-2018-20579
Contiki-NG before 4.2 has a stack-based buffer overflow in the push function in os/lib/json/jsonparse.c that allows an out-of-bounds write of an '{' or '[' character.
Read more
High
CVE-2018-20578
An issue was discovered in NuttX before 7.27. The function netlib_parsehttpurl() in apps/netutils/netlib/netlib_parsehttpurl.c mishandles URLs longer than hostlen bytes (in the webclient, this is set…
Read more
Critical
CVE-2018-20577
Orange Livebox 00.96.320S devices allow cgi-bin/restore.exe, cgi-bin/firewall_SPI.exe, cgi-bin/setup_remote_mgmt.exe, cgi-bin/setup_pass.exe, and cgi-bin/upgradep.exe CSRF. This is related to Firmwar…
Read more
Medium
CVE-2018-20576
Orange Livebox 00.96.320S devices allow cgi-bin/autodialing.exe and cgi-bin/phone_test.exe CSRF, leading to arbitrary outbound telephone calls to an attacker-specified telephone number. This is relat…
Read more
High
CVE-2018-20575
Orange Livebox 00.96.320S devices have an undocumented /system_firmwarel.stm URI for manual firmware update. This is related to Firmware 01.11.2017-11:43:44, Boot v0.70.03, Modem 5.4.1.10.1.1A, Hardw…
Read more
High
CVE-2018-18696
main.aspx in Microstrategy Analytics 10.4.0026.0049 and earlier has CSRF. NOTE: The vendor claims that documentation for preventing a CSRF attack has been provided (https://community.microstrategy.co…
Read more
High
CVE-2018-18667
The mintToken function of Pylon (PYLNT) aka PylonToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value, a relate…
Read more
High
CVE-2018-18666
The mintToken function of SwftCoin (SWFTC) aka SwftCoin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.
Read more
High
CVE-2018-18665
The mintToken function of Nexxus (NXX) aka NexxusToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.
Read more
Medium
CVE-2018-16638
Evolution CMS 1.4.x allows XSS via the manager/ search parameter.
Read more
Medium
CVE-2018-16637
Evolution CMS 1.4.x allows XSS via the page weblink title parameter to the manager/ URI.
Read more
Medium
CVE-2018-16632
Mezzanine CMS v4.3.1 allows XSS via the /admin/blog/blogcategory/add/?_to_field=id&_popup=1 title parameter at admin/blog/blogpost/add/.
Read more
Medium
CVE-2018-16630
Kirby v2.5.12 allows XSS by using the "site files" Add option to upload an SVG file.
Read more
Medium
CVE-2018-7366
ZTE ZXV10 B860AV2.1 product ChinaMobile branch with the ICNT versions up to V1.3.3, the BESTV versions up to V1.2.2, the WASU versions up to V1.1.7 and the MGTV versions up to V1.4.6 have an authenti…
Read more
Critical
CVE-2018-5204
ML Report version Between 2.00.000.0000 and 2.18.628.5980 contains a vulnerability that could allow remote attacker to download and execute remote arbitrary file by setting the arguments to the activ…
Read more
Critical
CVE-2018-5203
DEXTUploadX5 version Between 1.0.0.0 and 2.2.0.0 contains a vulnerability that could allow remote attacker to download and execute remote arbitrary file by setting the arguments to the activex method…
Read more
Medium
CVE-2018-20574
The SingleDocParser::HandleFlowMap function in yaml-cpp (aka LibYaml-C++) 0.6.2 allows remote attackers to cause a denial of service (stack consumption and application crash) via a crafted YAML file.
Read more
Medium
CVE-2018-20573
The Scanner::EnsureTokensInQueue function in yaml-cpp (aka LibYaml-C++) 0.6.2 allows remote attackers to cause a denial of service (stack consumption and application crash) via a crafted YAML file.
Read more
Critical
CVE-2018-20572
WUZHI CMS 4.1.0 allows coreframe/app/coupon/admin/copyfrom.php SQL injection via the index.php?m=promote&f=index&v=search keywords parameter, a related issue to CVE-2018-15893.
Read more
High
CVE-2018-20571
DamiCMS 6.0.1 allows remote attackers to read arbitrary files via a crafted admin.php?s=Tpl/Add/id request, as demonstrated by admin.php?s=Tpl/Add/id/.\Public\Config\config.ini.php to read the global…
Read more
Medium
CVE-2018-20570
jp2_encode in jp2/jp2_enc.c in JasPer 2.0.14 has a heap-based buffer over-read.
Read more
Critical
CVE-2018-20569
user/index.php in Ivan Cordoba Generic Content Management System (CMS) through 2018-04-28 allows SQL injection for authentication bypass.
Read more
Critical
CVE-2018-20568
Administrator/index.php in Ivan Cordoba Generic Content Management System (CMS) through 2018-04-28 allows SQL injection for authentication bypass.
Read more
Medium
CVE-2018-20567
An issue was discovered in DouCo DouPHP 1.5 20181221. \install\index.php allows a reload of the product in opportunistic circumstances in which install.lock cannot be read.
Read more
Medium
CVE-2018-20566
An issue was discovered in DouCo DouPHP 1.5 20181221. It allows full path disclosure in "Smarty error: unable to read resource" error messages for a crafted installation page.
Read more
Medium
CVE-2018-20565
An issue was discovered in DouCo DouPHP 1.5 20181221. admin/nav.php?rec=update has XSS via the nav_name parameter.
Read more
Medium
CVE-2018-20564
An issue was discovered in DouCo DouPHP 1.5 20181221. admin/product_category.php?rec=update has XSS via the cat_name parameter.
Read more
Medium
CVE-2018-20563
An issue was discovered in DouCo DouPHP 1.5 20181221. admin/mobile.php?rec=system&act=update has XSS via the mobile_name parameter.
Read more
Medium
CVE-2018-20562
An issue was discovered in DouCo DouPHP 1.5 20181221. admin/article_category.php?rec=update has XSS via the cat_name parameter.
Read more
Medium
CVE-2018-20561
An issue was discovered in DouCo DouPHP 1.5 20181221. admin/article.php?rec=update has XSS via the title parameter.
Read more
Medium
CVE-2018-20560
An issue was discovered in DouCo DouPHP 1.5 20181221. admin/show.php?rec=update has XSS via the show_name parameter.
Read more
Medium
CVE-2018-20559
An issue was discovered in DouCo DouPHP 1.5 20181221. admin/product.php?rec=update has XSS via the name parameter.
Read more
Medium
CVE-2018-20558
An issue was discovered in DouCo DouPHP 1.5 20181221. admin/system.php?rec=update has XSS via the site_name parameter.
Read more
Medium
CVE-2018-20557
An issue was discovered in DouCo DouPHP 1.5 20181221. admin/page.php?rec=edit has XSS via the page_name parameter.
Read more
High
CVE-2018-20553
Tcpreplay before 4.3.1 has a heap-based buffer over-read in get_l2len in common/get.c.
Read more
High
CVE-2018-20552
Tcpreplay before 4.3.1 has a heap-based buffer over-read in packet2tree in tree.c.
Read more
Medium
CVE-2018-20551
A reachable Object::getString assertion in Poppler 0.72.0 allows attackers to cause a denial of service due to construction of invalid rich media annotation assets in the AnnotRichMedia class in Anno…
Read more
High
CVE-2018-20549
There is an illegal WRITE memory access at caca/file.c (function caca_file_read) in libcaca 0.99.beta19.
Read more
High
CVE-2018-20548
There is an illegal WRITE memory access at common-image.c (function load_image) in libcaca 0.99.beta19 for 1bpp data.
Read more
High
CVE-2018-20547
There is an illegal READ memory access at caca/dither.c (function get_rgba_default) in libcaca 0.99.beta19 for 24bpp data.
Read more
High
CVE-2018-20546
There is an illegal READ memory access at caca/dither.c (function get_rgba_default) in libcaca 0.99.beta19 for the default bpp case.
Read more
High
CVE-2018-20545
There is an illegal WRITE memory access at common-image.c (function load_image) in libcaca 0.99.beta19 for 4bpp data.
Read more
Medium
CVE-2018-20544
There is floating point exception at caca/dither.c (function caca_dither_bitmap) in libcaca 0.99.beta19.
Read more
Medium
CVE-2018-20543
There is an attempted excessive memory allocation at libxsmm_sparse_csc_reader in generator_spgemm_csc_reader.c in LIBXSMM 1.10 that will cause a denial of service.
Read more
High
CVE-2018-20542
There is a heap-based buffer-overflow at generator_spgemm_csc_reader.c (function libxsmm_sparse_csc_reader) in LIBXSMM 1.10, a different vulnerability than CVE-2018-20541 (which is in a different par…
Read more
High
CVE-2018-20541
There is a heap-based buffer overflow in libxsmm_sparse_csc_reader at generator_spgemm_csc_reader.c in LIBXSMM 1.10, a different vulnerability than CVE-2018-20542 (which is in a different part of the…
Read more
Medium
CVE-2018-20540
There is memory leak at liblas::Open (liblas/liblas.hpp) in libLAS 1.8.1.
Read more
Medium
CVE-2018-20539
There is a Segmentation fault triggered by illegal address access at liblas::SpatialReference::GetGTIF() (spatialreference.cpp) in libLAS 1.8.1 that will cause a denial of service.
Read more