CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities (CVSS score between 6 and 6.99)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1651 CVE-2018-15471 190 DoS Overflow +Info 2018-08-17 2018-11-15
6.8
None Local Low Single system Complete Complete Complete
An issue was discovered in xenvif_set_hash_mapping in drivers/net/xen-netback/hash.c in the Linux kernel through 4.18.1, as used in Xen through 4.11.x and other products. The Linux netback driver allows frontends to control mapping of requests to request queues. When processing a request to set or change this mapping, some input validation (e.g., for an integer overflow) was missing or flawed, leading to OOB access in hash handling. A malicious or buggy frontend may cause the (usually privileged) backend to make out of bounds memory accesses, potentially resulting in one or more of privilege escalation, Denial of Service (DoS), or information leaks.
1652 CVE-2018-15445 352 CSRF 2018-11-08 2018-12-11
6.0
None Remote Medium Single system Partial Partial Partial
A vulnerability in the web-based management interface of Cisco Energy Management Suite Software could allow an authenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack and perform arbitrary actions on an affected device. The vulnerability is due to insufficient CSRF protections for the web-based management interface of an affected device. An attacker could exploit this vulnerability by persuading an authenticated user of the interface to follow a crafted link. A successful exploit could allow the attacker to perform arbitrary actions on a targeted device via a web browser and with the privileges of the user.
1653 CVE-2018-15431 20 Exec Code 2018-10-05 2018-12-06
6.9
None Local Medium Not required Complete Complete Complete
A vulnerability in the Cisco Webex Network Recording Player for Microsoft Windows and the Cisco Webex Player for Microsoft Windows could allow an attacker to execute arbitrary code on an affected system. The vulnerability exist because the affected software improperly validates Advanced Recording Format (ARF) and Webex Recording Format (WRF) files. An attacker could exploit this vulnerability by sending a user a malicious ARF or WRF file via a link or an email attachment and persuading the user to open the file by using the affected software. A successful exploit could allow the attacker to execute arbitrary code on the affected system.
1654 CVE-2018-15430 20 Exec Code 2018-10-05 2018-11-27
6.5
None Remote Low Single system Partial Partial Partial
A vulnerability in the administrative web interface of Cisco Expressway Series and Cisco TelePresence Video Communication Server (VCS) could allow an authenticated, remote attacker to execute code with user-level privileges on the underlying operating system. The vulnerability is due to insufficient validation of the content of upgrade packages. An attacker could exploit this vulnerability by uploading a malicious archive to the Upgrade page of the administrative web interface. A successful exploit could allow the attacker to execute code with user-level privileges on the underlying operating system.
1655 CVE-2018-15425 20 Exec Code 2018-10-05 2018-12-06
6.5
None Remote Low Single system Partial Partial Partial
A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to execute arbitrary commands on the underlying operating system of an affected device with the privileges of the web server.
1656 CVE-2018-15424 20 Exec Code 2018-10-05 2018-12-06
6.5
None Remote Low Single system Partial Partial Partial
A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to execute arbitrary commands on the underlying operating system of an affected device with the privileges of the web server.
1657 CVE-2018-15409 20 Exec Code 2018-10-05 2018-12-06
6.8
None Remote Medium Not required Partial Partial Partial
A vulnerability in the Cisco Webex Network Recording Player for Microsoft Windows and the Cisco Webex Player for Microsoft Windows could allow an attacker to execute arbitrary code on an affected system. The vulnerability exist because the affected software improperly validates Advanced Recording Format (ARF) and Webex Recording Format (WRF) files. An attacker could exploit this vulnerability by sending a user a malicious ARF or WRF file via a link or an email attachment and persuading the user to open the file by using the affected software. A successful exploit could allow the attacker to execute arbitrary code on the affected system.
1658 CVE-2018-15402 352 +Priv CSRF 2018-10-17 2019-01-24
6.8
None Remote Medium Not required Partial Partial Partial
A vulnerability in Cisco Enterprise NFV Infrastructure Software (NFVIS) could allow an unauthenticated, remote attacker to conduct cross-site request forgery (CSRF) attacks. The vulnerability is due to improper validation of Origin headers on HTTP requests within the management interface. An attacker could exploit this vulnerability by convincing a targeted user to follow a URL to a malicious website. An exploit could allow the attacker to take actions within the software with the privileges of the targeted user or gain access to sensitive information.
1659 CVE-2018-15373 399 DoS 2018-10-05 2019-04-15
6.1
None Local Network Low Not required None None Complete
A vulnerability in the implementation of Cisco Discovery Protocol functionality in Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to exhaust memory on an affected device, resulting in a denial of service (DoS) condition. The vulnerability is due to improper memory handling by the affected software when the software processes high rates of Cisco Discovery Protocol packets that are sent to a device. An attacker could exploit this vulnerability by sending a high rate of Cisco Discovery Protocol packets to an affected device. A successful exploit could allow the attacker to exhaust memory on the affected device, resulting in a DoS condition.
1660 CVE-2018-15359 264 2018-08-17 2018-10-12
6.5
None Remote Low Single system Partial Partial Partial
An authenticated attacker with low privileges can use insecure sudo configuration to expand attack surface in Eltex ESP-200 firmware version 1.2.0.
1661 CVE-2018-15358 20 2018-08-17 2018-10-12
6.5
None Remote Low Single system Partial Partial Partial
An authenticated attacker with low privileges can activate high privileged user and use it to expand attack surface in Eltex ESP-200 firmware version 1.2.0.
1662 CVE-2018-15356 77 Exec Code 2018-08-17 2018-10-12
6.5
None Remote Low Single system Partial Partial Partial
An authenticated attacker can execute arbitrary code using command ejection in Eltex ESP-200 firmware version 1.2.0.
1663 CVE-2018-15331 275 2018-12-20 2019-01-10
6.8
None Remote Medium Not required Partial Partial Partial
On BIG-IP AAM 13.0.0 or 12.1.0-12.1.3.7, the dcdb_convert utility used by BIG-IP AAM fails to drop group permissions when executing helper scripts, which could be used to leverage attacks against the BIG-IP system.
1664 CVE-2018-15329 77 2018-12-20 2019-01-09
6.5
None Remote Low Single system Partial Partial Partial
On BIG-IP 14.0.0-14.0.0.2, 13.0.0-13.1.1.1, or 12.1.0-12.1.3.7, or Enterprise Manager 3.1.1, when authenticated administrative users run commands in the Traffic Management User Interface (TMUI), also referred to as the BIG-IP Configuration utility, restrictions on allowed commands may not be enforced.
1665 CVE-2018-15327 77 2018-10-31 2018-12-11
6.5
None Remote Low Single system Partial Partial Partial
In BIG-IP 14.0.0-14.0.0.2 or 13.0.0-13.1.1.1 or Enterprise Manager 3.1.1, when authenticated administrative users run commands in the Traffic Management User Interface (TMUI), also referred to as the BIG-IP Configuration utility, restrictions on allowed commands may not be enforced.
1666 CVE-2018-15326 295 2018-10-31 2018-12-13
6.0
None Remote Medium Single system Partial Partial Partial
In some situations on BIG-IP APM 14.0.0-14.0.0.2, 13.0.0-13.1.0.7, 12.1.0-12.1.3.5, or 11.6.0-11.6.3.2, the CRLDP Auth access policy agent may treat revoked certificates as valid when the BIG-IP APM system fails to download a new Certificate Revocation List.
1667 CVE-2018-15209 119 DoS Overflow 2018-08-08 2018-12-01
6.8
None Remote Medium Not required Partial Partial Partial
ChopUpSingleUncompressedStrip in tif_dirread.c in LibTIFF 4.0.9 allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted TIFF file, as demonstrated by tiff2pdf.
1668 CVE-2018-15207 284 2019-04-30 2019-05-01
6.5
None Remote Low Single system Partial Partial Partial
BPC SmartVista 2 has Improper Access Control in the SVFE module, where it fails to appropriately restrict access: a normal user is able to access the SVFE2/pages/finadmin/currconvrate/currconvrate.jsf functionality that should be only accessible to an admin.
1669 CVE-2018-15206 352 CSRF 2019-04-30 2019-05-01
6.8
None Remote Medium Not required Partial Partial Partial
BPC SmartVista 2 has CSRF via SVFE2/pages/admpages/roles/createrole.jsf.
1670 CVE-2018-15202 352 CSRF 2018-08-08 2018-10-18
6.8
None Remote Medium Not required Partial Partial Partial
An issue was discovered in Juunan06 eCommerce through 2018-08-05. There is a CSRF vulnerability in ee/eBoutique/app/template/includes/crudTreatment.php that can add new users and add products.
1671 CVE-2018-15198 352 CSRF 2018-08-07 2018-10-04
6.8
None Remote Medium Not required Partial Partial Partial
An issue was discovered in OneThink v1.1. There is a CSRF vulnerability in admin.php?s=/User/add.html that can add a user.
1672 CVE-2018-15197 352 CSRF 2018-08-07 2018-10-04
6.8
None Remote Medium Not required Partial Partial Partial
An issue was discovered in OneThink v1.1. There is a CSRF vulnerability in admin.php?s=/AuthManager/addToGroup.html that can endow administrator privileges.
1673 CVE-2018-15193 352 CSRF 2018-08-07 2018-10-05
6.8
None Remote Medium Not required Partial Partial Partial
A CSRF vulnerability in the admin panel in Gogs through 0.11.53 allows remote attackers to execute admin operations via a crafted issue / link.
1674 CVE-2018-15187 352 CSRF 2018-08-10 2018-10-05
6.0
None Remote Medium Single system Partial Partial Partial
PHP Scripts Mall advanced-real-estate-script 4.0.9 has CSRF via edit-profile.php.
1675 CVE-2018-15186 352 CSRF 2018-08-10 2018-10-09
6.8
None Remote Medium Not required Partial Partial Partial
PHP Scripts Mall Chartered Accountant : Auditor Website 2.0.1 has CSRF via client/auditor/updprofile.php.
1676 CVE-2018-15181 20 DoS XSS 2018-08-09 2018-10-10
6.8
None Remote Low Single system None None Complete
JioFi 4G Hotspot M2S devices allow attackers to cause a denial of service (secure configuration outage) via an XSS payload in the SSID name and Security Key fields.
1677 CVE-2018-15177 352 CSRF 2018-08-07 2018-10-05
6.8
None Remote Medium Not required Partial Partial Partial
In Gxlcms 2.0, a news/index.php?s=Admin-Admin-Insert CSRF attack can add an administrator account.
1678 CVE-2018-15176 119 DoS Overflow 2018-08-07 2018-10-04
6.8
None Remote Medium Not required Partial Partial Partial
XnView 2.45 allows remote attackers to cause a denial of service (User Mode Write AV starting at MSVCR120!memcpy+0x0000000000000074 and application crash) or possibly have unspecified other impact via a crafted RLE file.
1679 CVE-2018-15175 119 DoS Overflow 2018-08-07 2018-10-04
6.8
None Remote Medium Not required Partial Partial Partial
XnView 2.45 allows remote attackers to cause a denial of service (User Mode Write AV starting at Qt5Core!QVariant::~QVariant+0x0000000000000014 and application crash) or possibly have unspecified other impact via a crafted RLE file.
1680 CVE-2018-15174 119 DoS Overflow 2018-08-07 2018-10-04
6.8
None Remote Medium Not required Partial Partial Partial
XnView 2.45 allows remote attackers to cause a denial of service (Read Access Violation at the Instruction Pointer and application crash) or possibly have unspecified other impact via a crafted ICO file.
1681 CVE-2018-15156 78 Exec Code 2018-08-15 2018-10-10
6.5
None Remote Low Single system Partial Partial Partial
OS command injection occurring in versions of OpenEMR before 5.0.1.4 allows a remote authenticated attacker to execute arbitrary commands by making a crafted request to interface/fax/faxq.php after modifying the "hylafax_server" global variable in interface/super/edit_globals.php.
1682 CVE-2018-15155 78 Exec Code 2018-08-15 2018-10-10
6.5
None Remote Low Single system Partial Partial Partial
OS command injection occurring in versions of OpenEMR before 5.0.1.4 allows a remote authenticated attacker to execute arbitrary commands by making a crafted request to interface/fax/fax_dispatch.php after modifying the "hylafax_enscript" global variable in interface/super/edit_globals.php.
1683 CVE-2018-15154 78 Exec Code 2018-08-15 2018-10-10
6.5
None Remote Low Single system Partial Partial Partial
OS command injection occurring in versions of OpenEMR before 5.0.1.4 allows a remote authenticated attacker to execute arbitrary commands by making a crafted request to interface/billing/sl_eob_search.php after modifying the "print_command" global variable in interface/super/edit_globals.php.
1684 CVE-2018-15153 78 Exec Code 2018-08-15 2018-10-10
6.5
None Remote Low Single system Partial Partial Partial
OS command injection occurring in versions of OpenEMR before 5.0.1.4 allows a remote authenticated attacker to execute arbitrary commands by making a crafted request to interface/main/daemon_frame.php after modifying the "hylafax_server" global variable in interface/super/edit_globals.php.
1685 CVE-2018-15152 287 Bypass 2018-08-15 2018-10-23
6.4
None Remote Low Not required Partial Partial None
Authentication bypass vulnerability in portal/account/register.php in versions of OpenEMR before 5.0.1.4 allows a remote attacker to access (1) portal/add_edit_event_user.php, (2) portal/find_appt_popup_user.php, (3) portal/get_allergies.php, (4) portal/get_amendments.php, (5) portal/get_lab_results.php, (6) portal/get_medications.php, (7) portal/get_patient_documents.php, (8) portal/get_problems.php, (9) portal/get_profile.php, (10) portal/portal_payment.php, (11) portal/messaging/messages.php, (12) portal/messaging/secure_chat.php, (13) portal/report/pat_ledger.php, (14) portal/report/portal_custom_report.php, or (15) portal/report/portal_patient_report.php without authenticating as a patient.
1686 CVE-2018-15151 89 Exec Code Sql 2018-08-15 2018-10-12
6.5
None Remote Low Single system Partial Partial Partial
SQL injection vulnerability in interface/de_identification_forms/find_code_popup.php in versions of OpenEMR before 5.0.1.4 allows a remote authenticated attacker to execute arbitrary SQL commands via the 'search_term' parameter.
1687 CVE-2018-15150 89 Exec Code Sql 2018-08-15 2018-10-12
6.5
None Remote Low Single system Partial Partial Partial
SQL injection vulnerability in interface/de_identification_forms/de_identification_screen2.php in versions of OpenEMR before 5.0.1.4 allows a remote authenticated attacker to execute arbitrary SQL commands via the 'temporary_files_dir' variable in interface/super/edit_globals.php.
1688 CVE-2018-15149 89 Exec Code Sql 2018-08-15 2018-10-12
6.5
None Remote Low Single system Partial Partial Partial
SQL injection vulnerability in interface/forms/eye_mag/php/Anything_simple.php from library/forms.inc in versions of OpenEMR before 5.0.1.4 allows a remote authenticated attacker to execute arbitrary SQL commands via the 'encounter' parameter.
1689 CVE-2018-15148 89 Exec Code Sql 2018-08-15 2018-10-12
6.5
None Remote Low Single system Partial Partial Partial
SQL injection vulnerability in interface/patient_file/encounter/search_code.php in versions of OpenEMR before 5.0.1.4 allows a remote authenticated attacker to execute arbitrary SQL commands via the 'text' parameter.
1690 CVE-2018-15147 89 Exec Code Sql 2018-08-15 2018-10-12
6.5
None Remote Low Single system Partial Partial Partial
SQL injection vulnerability in interface/forms_admin/forms_admin.php from library/registry.inc in versions of OpenEMR before 5.0.1.4 allows a remote authenticated attacker to execute arbitrary SQL commands via the 'id' parameter.
1691 CVE-2018-15146 89 Exec Code Sql 2018-08-15 2018-10-11
6.5
None Remote Low Single system Partial Partial Partial
SQL injection vulnerability in interface/de_identification_forms/find_immunization_popup.php in versions of OpenEMR before 5.0.1.4 allows a remote authenticated attacker to execute arbitrary SQL commands via the 'search_term' parameter.
1692 CVE-2018-15144 89 Exec Code Sql 2018-08-13 2018-10-10
6.5
None Remote Low Single system Partial Partial Partial
SQL injection vulnerability in interface/de_identification_forms/find_drug_popup.php in versions of OpenEMR before 5.0.1.4 allows a remote authenticated attacker to execute arbitrary SQL commands via the search_term parameter.
1693 CVE-2018-15142 22 Exec Code Dir. Trav. 2018-08-13 2018-10-10
6.5
None Remote Low Single system Partial Partial Partial
Directory traversal in portal/import_template.php in versions of OpenEMR before 5.0.1.4 allows a remote attacker authenticated in the patient portal to execute arbitrary PHP code by writing a file with a PHP extension via the "docid" and "content" parameters and accessing it in the traversed directory.
1694 CVE-2018-15139 434 Exec Code 2018-08-13 2018-10-10
6.5
None Remote Low Single system Partial Partial Partial
Unrestricted file upload in interface/super/manage_site_files.php in versions of OpenEMR before 5.0.1.4 allows a remote authenticated attacker to execute arbitrary PHP code by uploading a file with a PHP extension via the images upload form and accessing it in the images directory.
1695 CVE-2018-15133 502 Exec Code 2018-08-09 2019-07-15
6.8
None Remote Medium Not required Partial Partial Partial
In Laravel Framework through 5.5.40 and 5.6.x through 5.6.29, remote code execution might occur as a result of an unserialize call on a potentially untrusted X-XSRF-TOKEN value. This involves the decrypt method in Illuminate/Encryption/Encrypter.php and PendingBroadcast in gadgetchains/Laravel/RCE/3/chain.php in phpggc. The attacker must know the application key, which normally would never occur, but could happen if the attacker previously had privileged access or successfully accomplished a previous attack.
1696 CVE-2018-15122 20 Exec Code 2018-08-16 2018-10-15
6.8
None Remote Medium Not required Partial Partial Partial
An issue found in Progress Telerik JustAssembly through 2018.1.323.2 and JustDecompile through 2018.2.605.0 makes it possible to execute code by decompiling a compiled .NET object (such as DLL or EXE) with an embedded resource file by clicking on the resource.
1697 CVE-2018-15121 352 CSRF 2018-08-28 2018-11-08
6.8
None Remote Medium Not required Partial Partial Partial
An issue was discovered in Auth0 auth0-aspnet and auth0-aspnet-owin. Affected packages do not use or validate the state parameter of the OAuth 2.0 and OpenID Connect protocols. This leaves applications vulnerable to CSRF attacks during authentication and authorization operations.
1698 CVE-2018-15120 119 DoS Overflow 2018-08-24 2018-11-10
6.8
None Remote Medium Not required Partial Partial Partial
libpango in Pango 1.40.8 through 1.42.3, as used in hexchat and other products, allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via crafted text with invalid Unicode sequences.
1699 CVE-2018-14978 352 CSRF 2018-08-06 2018-10-03
6.8
None Remote Medium Not required Partial Partial Partial
An issue was discovered in QCMS 3.0.1. CSRF exists via the backend/user/admin/add.html URI.
1700 CVE-2018-14967 89 Sql 2018-08-06 2018-10-04
6.5
None Remote Low Single system Partial Partial Partial
An issue was discovered in EMLsoft 5.4.5. upload\eml\action\action.user.php has SQL Injection via the numPerPage parameter.
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.