CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities (CVSS score between 6 and 6.99)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
2151 CVE-2018-11100 19 DoS 2018-05-14 2018-06-20
6.8
None Remote Medium Not required Partial Partial Partial
The decompileSETTARGET function in decompile.c in libming through 0.4.8 mishandles cases where the header indicates a file size greater than the actual size, which allows remote attackers to cause a denial of service (Segmentation fault and application crash) or possibly have unspecified other impact.
2152 CVE-2018-11098 434 2018-05-14 2018-06-19
6.5
None Remote Low Single system Partial Partial Partial
An issue was discovered in Frog CMS 0.9.5. There is a file upload vulnerability via the admin/?/plugin/file_manager/upload URI, a similar issue to CVE-2014-4912.
2153 CVE-2018-11095 19 DoS 2018-05-14 2018-06-20
6.8
None Remote Medium Not required Partial Partial Partial
The decompileJUMP function in decompile.c in libming through 0.4.8 mishandles cases where the header indicates a file size greater than the actual size, which allows remote attackers to cause a denial of service (Segmentation fault and application crash) or possibly have unspecified other impact.
2154 CVE-2018-11078 275 2018-09-11 2018-11-20
6.0
None Remote Medium Single system Partial Partial Partial
Dell EMC VPlex GeoSynchrony, versions prior to 6.1, contains an Insecure File Permissions vulnerability. A remote authenticated malicious user could read from VPN configuration files on and potentially author a MITM attack on the VPN traffic.
2155 CVE-2018-11060 264 Bypass 2018-07-24 2019-07-25
6.5
None Remote Low Single system Partial Partial Partial
RSA Archer, versions prior to 6.4.0.1, contain an authorization bypass vulnerability in the REST API. A remote authenticated malicious Archer user could potentially exploit this vulnerability to elevate their privileges.
2156 CVE-2018-11049 427 2018-07-11 2018-09-10
6.9
None Local Medium Not required Complete Complete Complete
RSA Identity Governance and Lifecycle, RSA Via Lifecycle and Governance, and RSA IMG releases have an uncontrolled search vulnerability. The installation scripts set an environment variable in an unintended manner. A local authenticated malicious user could trick the root user to run malicious code on the targeted system.
2157 CVE-2018-11036 200 +Info 2018-05-31 2018-08-01
6.4
None Remote Low Not required Partial Partial None
Ruckus SmartZone (formerly Virtual SmartCell Gateway or vSCG) 3.5.0, 3.5.1, 3.6.0, and 3.6.1 (Essentials and High Scale) on vSZ, SZ-100, SZ-300, and SCG-200 devices allows remote attackers to obtain sensitive information or modify data.
2158 CVE-2018-11035 20 DoS 2018-05-13 2018-06-15
6.1
None Local Low Not required Partial Partial Complete
In 2345 Security Guard 3.7, the driver file (2345NsProtect.sys, X64 version) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCTL 0x80002019.
2159 CVE-2018-11034 20 DoS 2018-05-13 2018-06-15
6.1
None Local Low Not required Partial Partial Complete
In 2345 Security Guard 3.7, the driver file (2345NsProtect.sys, X64 version) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCTL 0x8000200D.
2160 CVE-2018-11033 119 DoS Overflow 2018-05-13 2018-06-19
6.8
None Remote Medium Not required Partial Partial Partial
The DCTStream::readHuffSym function in Stream.cc in the DCT decoder in xpdf before 4.00 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via crafted JPEG data.
2161 CVE-2018-11018 352 CSRF 2018-05-13 2018-06-18
6.8
None Remote Medium Not required Partial Partial Partial
An issue was discovered in PbootCMS v1.0.7. Cross-site request forgery (CSRF) vulnerability in apps/admin/controller/system/RoleController.php allows remote attackers to add administrator accounts via admin.php/role/add.html.
2162 CVE-2018-11017 119 DoS Overflow 2018-05-13 2018-06-13
6.8
None Remote Medium Not required Partial Partial Partial
The newVar_N function in decompile.c in libming through 0.4.8 mishandles cases where the header indicates a file size greater than the actual size, which allows remote attackers to cause a denial of service (Segmentation fault and application crash) or possibly have unspecified other impact.
2163 CVE-2018-11004 352 CSRF 2018-05-12 2018-06-18
6.8
None Remote Medium Not required Partial Partial Partial
An issue was discovered in SDcms v1.5. Cross-site request forgery (CSRF) vulnerability in /WWW//app/admin/controller/admincontroller.php allows remote attackers to add administrator accounts via m=admin&c=admin&a=add.
2164 CVE-2018-10986 352 CSRF 2019-07-03 2019-07-05
6.8
None Remote Medium Not required Partial Partial Partial
OX Guard 2.8.0 has CSRF.
2165 CVE-2018-10977 20 DoS 2018-05-10 2018-06-13
6.1
None Local Low Not required Partial Partial Complete
In 2345 Security Guard 3.7, the driver file (2345BdPcSafe.sys, X64 version) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCTL 0x002220E4.
2166 CVE-2018-10976 20 DoS 2018-05-10 2018-06-13
6.1
None Local Low Not required Partial Partial Complete
In 2345 Security Guard 3.7, the driver file (2345BdPcSafe.sys, X64 version) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCTL 0x00222050.
2167 CVE-2018-10975 20 DoS 2018-05-10 2018-06-13
6.1
None Local Low Not required Partial Partial Complete
In 2345 Security Guard 3.7, the driver file (2345BdPcSafe.sys, X64 version) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCTL 0x00222104.
2168 CVE-2018-10974 20 DoS 2018-05-10 2018-06-13
6.1
None Local Low Not required Partial Partial Complete
In 2345 Security Guard 3.7, the driver file (2345BdPcSafe.sys, X64 version) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCTL 0x00222100.
2169 CVE-2018-10972 119 DoS Overflow 2018-05-10 2018-06-13
6.8
None Remote Medium Not required Partial Partial Partial
An issue was discovered in Free Lossless Image Format (FLIF) 0.3. The TransformPaletteC::process function in transform/palette_C.hpp allows remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via a crafted file.
2170 CVE-2018-10957 352 CSRF 2018-05-09 2018-06-13
6.8
None Remote Medium Not required Partial Partial Partial
CSRF exists on D-Link DIR-868L devices, leading to (for example) a change to the Admin password. hedwig.cgi and pigwidgeon.cgi are two of the affected components.
2171 CVE-2018-10955 20 DoS 2018-05-09 2018-06-12
6.1
None Local Low Not required Partial Partial Complete
In 2345 Security Guard 3.7, the driver file (2345BdPcSafe.sys, X64 version) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCTL 0x00222548.
2172 CVE-2018-10954 20 DoS 2018-05-09 2018-06-12
6.1
None Local Low Not required Partial Partial Complete
In 2345 Security Guard 3.7, the driver file (2345BdPcSafe.sys, X64 version) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCTL 0x00222550.
2173 CVE-2018-10953 20 DoS 2018-05-09 2018-06-12
6.1
None Local Low Not required Partial Partial Complete
In 2345 Security Guard 3.7, the driver file (2345BdPcSafe.sys, X64 version) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCTL 0x0022204C.
2174 CVE-2018-10952 20 DoS 2018-05-09 2018-06-12
6.1
None Local Low Not required Partial Partial Complete
In 2345 Security Guard 3.7, the driver file (2345BdPcSafe.sys, X64 version) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCTL 0x00222088.
2175 CVE-2018-10936 297 2018-08-30 2019-04-22
6.8
None Remote Medium Not required Partial Partial Partial
A weakness was found in postgresql-jdbc before version 42.2.5. It was possible to provide an SSL Factory and not check the host name if a host name verifier was not provided to the driver. This could lead to a condition where a man-in-the-middle attacker could masquerade as a trusted server by providing a certificate for the wrong host, as long as it was signed by a trusted CA.
2176 CVE-2018-10933 287 2018-10-17 2019-04-25
6.4
None Remote Low Not required Partial Partial None
A vulnerability was found in libssh's server-side state machine before versions 0.7.6 and 0.8.4. A malicious client could create channels without first performing authentication, resulting in unauthorized access.
2177 CVE-2018-10929 20 Exec Code 2018-09-04 2019-04-02
6.5
None Remote Low Single system Partial Partial Partial
A flaw was found in RPC request using gfs2_create_req in glusterfs server. An authenticated attacker could use this flaw to create arbitrary files and execute arbitrary code on glusterfs server nodes.
2178 CVE-2018-10928 59 Exec Code 2018-09-04 2019-04-02
6.5
None Remote Low Single system Partial Partial Partial
A flaw was found in RPC request using gfs3_symlink_req in glusterfs server which allows symlink destinations to point to file paths outside of the gluster volume. An authenticated attacker could use this flaw to create arbitrary symlinks pointing anywhere on the server and execute arbitrary code on glusterfs server nodes.
2179 CVE-2018-10926 22 Exec Code Dir. Trav. 2018-09-04 2019-04-02
6.5
None Remote Low Single system Partial Partial Partial
A flaw was found in RPC request using gfs3_mknod_req supported by glusterfs server. An authenticated attacker could use this flaw to write files to an arbitrary location via path traversal and execute arbitrary code on a glusterfs server node.
2180 CVE-2018-10924 400 DoS 2018-09-04 2019-04-02
6.8
None Remote Low Single system None None Complete
It was discovered that fsync(2) system call in glusterfs client code leaks memory. An authenticated attacker could use this flaw to launch a denial of service attack by making gluster clients consume memory of the host machine.
2181 CVE-2018-10915 20 Sql Bypass 2018-08-09 2018-12-14
6.0
None Remote Medium Single system Partial Partial Partial
A vulnerability was found in libpq, the default PostgreSQL client library where libpq failed to properly reset its internal state between connections. If an affected version of libpq was used with "host" or "hostaddr" connection parameters from untrusted input, attackers could bypass client-side connection security features, obtain access to higher privileged connections or potentially cause other impact through SQL injection, by causing the PQescape() functions to malfunction. Postgresql versions before 10.5, 9.6.10, 9.5.14, 9.4.19, and 9.3.24 are affected.
2182 CVE-2018-10907 119 Exec Code Overflow 2018-09-04 2019-04-02
6.5
None Remote Low Single system Partial Partial Partial
It was found that glusterfs server is vulnerable to multiple stack based buffer overflows due to functions in server-rpc-fopc.c allocating fixed size buffers using 'alloca(3)'. An authenticated attacker could exploit this by mounting a gluster volume and sending a string longer that the fixed buffer size to cause crash or potential code execution.
2183 CVE-2018-10904 426 Exec Code 2018-09-04 2019-04-02
6.5
None Remote Low Single system Partial Partial Partial
It was found that glusterfs server does not properly sanitize file paths in the "trusted.io-stats-dump" extended attribute which is used by the "debug/io-stats" translator. Attacker can use this flaw to create files and execute arbitrary code. To exploit this attacker would require sufficient access to modify the extended attributes of files on a gluster volume.
2184 CVE-2018-10899 352 Exec Code CSRF 2019-08-01 2019-08-08
6.8
None Remote Medium Not required Partial Partial Partial
A flaw was found in Jolokia versions from 1.2 to before 1.6.1. Affected versions are vulnerable to a system-wide CSRF. This holds true for properly configured instances with strict checking for origin and referrer headers. This could result in a Remote Code Execution attack.
2185 CVE-2018-10895 352 Exec Code CSRF 2018-07-12 2018-09-06
6.8
None Remote Medium Not required Partial Partial Partial
qutebrowser before version 1.4.1 is vulnerable to a cross-site request forgery flaw that allows websites to access 'qute://*' URLs. A malicious website could exploit this to load a 'qute://settings/set' URL, which then sets 'editor.command' to a bash script, resulting in arbitrary code execution.
2186 CVE-2018-10893 190 Exec Code Overflow 2018-09-11 2019-08-06
6.5
None Remote Low Single system Partial Partial Partial
Multiple integer overflow and buffer overflow issues were discovered in spice-client's handling of LZ compressed frames. A malicious server could cause the client to crash or, potentially, execute arbitrary code.
2187 CVE-2018-10884 352 CSRF 2018-08-22 2018-10-12
6.8
None Remote Medium Not required Partial Partial Partial
Ansible Tower before versions 3.1.8 and 3.2.6 is vulnerable to cross-site request forgery (CSRF) in awx/api/authentication.py. An attacker could exploit this by tricking already authenticated users into visiting a malicious site and hijacking the authtoken cookie.
2188 CVE-2018-10879 416 DoS 2018-07-26 2018-10-31
6.1
None Local Low Not required Partial Partial Complete
A flaw was found in the Linux kernel's ext4 filesystem. A local user can cause a use-after-free in ext4_xattr_set_entry function and a denial of service or unspecified other impact may occur by renaming a file in a crafted ext4 filesystem image.
2189 CVE-2018-10878 787 DoS 2018-07-26 2018-10-31
6.1
None Local Low Not required Partial Partial Complete
A flaw was found in the Linux kernel's ext4 filesystem. A local user can cause an out-of-bounds write and a denial of service or unspecified other impact is possible by mounting and operating a crafted ext4 filesystem image.
2190 CVE-2018-10877 125 2018-07-18 2019-04-01
6.8
None Remote Medium Not required Partial Partial Partial
Linux kernel ext4 filesystem is vulnerable to an out-of-bound access in the ext4_ext_drop_refs() function when operating on a crafted ext4 filesystem image.
2191 CVE-2018-10873 20 2018-08-17 2019-04-22
6.5
None Remote Low Single system Partial Partial Partial
A vulnerability was discovered in SPICE before version 0.14.1 where the generated code used for demarshalling messages lacked sufficient bounds checks. A malicious client or server, after authentication, could send specially crafted messages to its peer which would result in a crash or, potentially, other impacts.
2192 CVE-2018-10860 22 Dir. Trav. 2018-06-29 2018-09-23
6.4
None Remote Low Not required None Partial Partial
perl-archive-zip is vulnerable to a directory traversal in Archive::Zip. It was found that the Archive::Zip module did not properly sanitize paths while extracting zip files. An attacker able to provide a specially crafted archive for processing could use this flaw to write or overwrite arbitrary files in the context of the perl interpreter.
2193 CVE-2018-10858 119 Exec Code Overflow 2018-08-22 2019-06-26
6.5
None Remote Low Single system Partial Partial Partial
A heap-buffer overflow was found in the way samba clients processed extra long filename in a directory listing. A malicious samba server could use this flaw to cause arbitrary code execution on a samba client. Samba versions before 4.6.16, 4.7.9 and 4.8.4 are vulnerable.
2194 CVE-2018-10856 264 2018-07-02 2018-09-04
6.5
None Remote Low Single system Partial Partial Partial
It has been discovered that podman before version 0.6.1 does not drop capabilities when executing a container as a non-root user. This results in unnecessary privileges being granted to the container.
2195 CVE-2018-10847 287 Bypass 2018-07-30 2018-10-17
6.5
None Remote Low Single system Partial Partial Partial
prosody before versions 0.10.2, 0.9.14 is vulnerable to an Authentication Bypass. Prosody did not verify that the virtual host associated with a user session remained the same across stream restarts. A user may authenticate to XMPP host A and migrate their authenticated session to XMPP host B of the same Prosody instance.
2196 CVE-2018-10841 264 2018-06-20 2019-04-02
6.5
None Remote Low Single system Partial Partial Partial
glusterfs is vulnerable to privilege escalation on gluster server nodes. An authenticated gluster client via TLS could use gluster cli with --remote-host command to add it self to trusted storage pool and perform privileged gluster operations like adding other machines to trusted storage pool, start, stop, and delete volumes.
2197 CVE-2018-10830 20 DoS 2018-05-09 2018-06-13
6.1
None Local Low Not required Partial Partial Complete
In 2345 Security Guard 3.7, the driver file (2345BdPcSafe.sys, X64 version) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x002220e0.
2198 CVE-2018-10809 20 DoS 2018-05-08 2018-06-13
6.1
None Local Low Not required Partial Partial Complete
In 2345 Security Guard 3.7, the driver file (2345NetFirewall.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x00222040. NOTE: this vulnerability exists because of an incomplete fix for CVE-2018-8873.
2199 CVE-2018-10796 20 DoS 2018-05-08 2018-06-13
6.1
None Local Low Not required Partial Partial Complete
In 2345 Security Guard 3.7, the driver file (2345NetFirewall.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x00222014.
2200 CVE-2018-10795 434 2018-05-07 2018-06-13
6.5
None Remote Low Single system Partial Partial Partial
** DISPUTED ** Liferay 6.2.x and before has an FCKeditor configuration that allows an attacker to upload or transfer files of dangerous types that can be automatically processed within the product's environment via a browser/liferay/browser.html?Type= or html/js/editor/fckeditor/editor/filemanager/browser/liferay/browser.html URI. NOTE: the vendor disputes this issue because file upload is an expected feature, subject to Role Based Access Control checks where only authenticated users with proper permissions can upload files.
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.