CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities Published In November 2018 (CVSS score >= 5)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2018-19784 326 File Inclusion 2018-11-30 2019-10-02
5.0
None Remote Low Not required Partial None None
The str_rot_pass function in vendor/atholn1600/php-proxy/src/helpers.php in PHP-Proxy 5.1.0 uses weak cryptography, which makes it easier for attackers to calculate the authorization data needed for local file inclusion.
2 CVE-2018-19762 119 DoS Overflow 2018-11-29 2018-12-26
6.8
None Remote Medium Not required Partial Partial Partial
There is a heap-based buffer overflow at fromsixel.c (function: image_buffer_resize) in libsixel 1.8.2 that will cause a denial of service or possibly unspecified other impact.
3 CVE-2018-19760 772 2018-11-29 2019-10-02
6.8
None Remote Medium Not required Partial Partial Partial
cfg_init in confuse.c in libConfuse 3.2.2 has a memory leak.
4 CVE-2018-19748 22 Dir. Trav. 2018-11-29 2018-12-21
5.0
None Remote Low Not required Partial None None
app/plug/attachment/controller/admincontroller.php in SDCMS 1.6 allows reading arbitrary files via a /?m=plug&c=admin&a=index&p=attachment&root= directory traversal. The value of the root parameter must be base64 encoded (note that base64 encoding, instead of URL encoding, is very rare in a directory traversal attack vector).
5 CVE-2018-19692 434 Exec Code 2018-11-29 2018-12-27
7.5
None Remote Low Not required Partial Partial Partial
An issue was discovered in tp5cms through 2017-05-25. admin.php/upload/picture.html allows remote attackers to execute arbitrary PHP code by uploading a .php file with the image/jpeg content type.
6 CVE-2018-19666 22 Dir. Trav. 2018-11-29 2019-01-04
7.2
None Local Low Not required Complete Complete Complete
The agent in OSSEC through 3.1.0 on Windows allows local users to gain NT AUTHORITY\SYSTEM access via Directory Traversal by leveraging full access to the associated OSSEC server.
7 CVE-2018-19662 125 DoS 2018-11-29 2019-10-02
5.8
None Remote Medium Not required Partial None Partial
An issue was discovered in libsndfile 1.0.28. There is a buffer over-read in the function i2alaw_array in alaw.c that will lead to a denial of service.
8 CVE-2018-19654 20 2018-11-29 2019-10-02
5.0
None Remote Low Not required None Partial None
An issue was discovered in Sales & Company Management System (SCMS) through 2018-06-06. There is a discrepancy in username checking between a component that does string validation, and a component that is supposed to query a MySQL database. Thus, it is possible to register a new account with a duplicate username, as demonstrated by use of the test%c2 string when a test account already exists.
9 CVE-2018-19628 369 2018-11-28 2018-12-28
5.0
None Remote Low Not required None None Partial
In Wireshark 2.6.0 to 2.6.4, the ZigBee ZCL dissector could crash. This was addressed in epan/dissectors/packet-zbee-zcl-lighting.c by preventing a divide-by-zero error.
10 CVE-2018-19623 787 2018-11-28 2019-10-02
5.0
None Remote Low Not required None None Partial
In Wireshark 2.6.0 to 2.6.4 and 2.4.0 to 2.4.10, the LBMPDM dissector could crash. In addition, a remote attacker could write arbitrary data to any memory locations before the packet-scoped memory. This was addressed in epan/dissectors/packet-lbmpdm.c by disallowing certain negative values.
11 CVE-2018-19622 835 Overflow 2018-11-28 2019-10-02
5.0
None Remote Low Not required None None Partial
In Wireshark 2.6.0 to 2.6.4 and 2.4.0 to 2.4.10, the MMSE dissector could go into an infinite loop. This was addressed in epan/dissectors/packet-mmse.c by preventing length overflows.
12 CVE-2018-19595 94 Exec Code 2018-11-27 2019-04-17
7.5
None Remote Low Not required Partial Partial Partial
PbootCMS V1.3.1 build 2018-11-14 allows remote attackers to execute arbitrary code via use of "eval" with mixed case, as demonstrated by an index.php/list/5/?current={pboot:if(evAl($_GET[a]))}1{/pboot:if}&a=phpinfo(); URI, because of an incorrect apps\home\controller\ParserController.php parserIfLabel protection mechanism.
13 CVE-2018-19566 125 +Info 2018-11-26 2018-12-19
5.8
None Remote Medium Not required Partial None Partial
A heap buffer over-read in parse_tiff_ifd in dcraw through 9.28 could be used by attackers able to supply malicious files to crash an application that bundles the dcraw code or leak private information.
14 CVE-2018-19565 125 +Info 2018-11-26 2018-12-19
5.8
None Remote Medium Not required Partial None Partial
A buffer over-read in crop_masked_pixels in dcraw through 9.28 could be used by attackers able to supply malicious files to crash an application that bundles the dcraw code or leak private information.
15 CVE-2018-19562 434 Exec Code 2018-11-26 2018-12-19
6.8
None Remote Medium Not required Partial Partial Partial
An issue was discovered in PHPok 4.9.015. admin.php?c=update&f=unzip allows remote attackers to execute arbitrary code via a "Login Background > Program Upgrade > Compressed Packet Upgrade" action in which a .php file is inside a ZIP archive.
16 CVE-2018-19561 352 CSRF 2018-11-26 2018-12-18
6.8
None Remote Medium Not required Partial Partial Partial
sikcms 1.1 has CSRF via admin.php?m=Admin&c=Users&a=userAdd to add an administrator account.
17 CVE-2018-19560 352 CSRF 2018-11-26 2018-12-31
9.3
None Remote Medium Not required Complete Complete Complete
BageCMS 3.1.3 has CSRF via upload/index.php?r=admini/admin/ownerUpdate to modify a user account.
18 CVE-2018-19559 89 Sql 2018-11-26 2018-12-18
7.5
None Remote Low Not required Partial Partial Partial
CuppaCMS before 2018-11-12 has SQL Injection in administrator/classes/ajax/functions.php via the reference_id parameter.
19 CVE-2018-19558 89 Sql 2018-11-26 2018-12-19
7.5
None Remote Low Not required Partial Partial Partial
An issue was discovered in arcms through 2018-03-19. SQL injection exists via the json/newslist limit parameter because of ctl/main/Json.php, ctl/main/service/Data.php, and comp/Db/Mysql.php.
20 CVE-2018-19557 89 Sql 2018-11-26 2018-12-19
7.5
None Remote Low Not required Partial Partial Partial
An issue was discovered in arcms through 2018-03-19. No authentication is required for index/main, user/useradd, or img/images.
21 CVE-2018-19555 352 CSRF 2018-11-26 2018-12-18
6.8
None Remote Medium Not required Partial Partial Partial
tp4a TELEPORT 3.1.0 has CSRF via user/do-reset-password to change any password, such as the administrator password.
22 CVE-2018-19553 89 Sql 2018-11-26 2018-12-18
6.5
None Remote Low Single system Partial Partial Partial
Interspire Email Marketer through 6.1.6 has SQL Injection via an updateblock sortorder request to Dynamiccontenttags.php
23 CVE-2018-19552 89 Sql 2018-11-26 2018-12-18
6.5
None Remote Low Single system Partial Partial Partial
Interspire Email Marketer through 6.1.6 has SQL Injection via a deleteblock blockid[] request to Dynamiccontenttags.php.
24 CVE-2018-19551 89 Sql 2018-11-26 2018-12-18
6.5
None Remote Low Single system Partial Partial Partial
Interspire Email Marketer through 6.1.6 has SQL Injection via a checkduplicatetags tagname request to Dynamiccontenttags.php.
25 CVE-2018-19550 434 2018-11-26 2019-05-23
6.5
None Remote Low Single system Partial Partial Partial
Interspire Email Marketer through 6.1.6 allows arbitrary file upload via a surveys_submit.php "create survey and submit survey" operation, which can cause a .php file to be accessible under a admin/temp/surveys/ URI.
26 CVE-2018-19549 89 Sql 2018-11-26 2018-12-18
6.5
None Remote Low Single system Partial Partial Partial
Interspire Email Marketer through 6.1.6 has SQL Injection via a tagids Delete action to Dynamiccontenttags.php.
27 CVE-2018-19546 352 XSS CSRF 2018-11-26 2018-12-19
6.8
None Remote Medium Not required Partial Partial Partial
JTBC(PHP) 3.0.1.7 has CSRF via the console/xml/manage.php?type=action&action=edit URI, as demonstrated by an XSS payload in the content parameter.
28 CVE-2018-19545 352 CSRF 2018-11-26 2018-12-19
6.8
None Remote Medium Not required Partial Partial Partial
JEECMS 9.3 has CSRF via the api/admin/role/save URI to add a user.
29 CVE-2018-19543 125 2018-11-25 2019-10-02
6.8
None Remote Medium Not required Partial Partial Partial
An issue was discovered in JasPer 2.0.14. There is a heap-based buffer over-read of size 8 in the function jp2_decode in libjasper/jp2/jp2_dec.c.
30 CVE-2018-19541 125 2018-11-25 2019-10-07
6.8
None Remote Medium Not required Partial Partial Partial
An issue was discovered in JasPer 2.0.14. There is a heap-based buffer over-read of size 8 in the function jas_image_depalettize in libjasper/base/jas_image.c.
31 CVE-2018-19540 119 Overflow 2018-11-25 2019-10-07
6.8
None Remote Medium Not required Partial Partial Partial
An issue was discovered in JasPer 2.0.14. There is a heap-based buffer overflow of size 1 in the function jas_icctxtdesc_input in libjasper/base/jas_icc.c.
32 CVE-2018-19537 434 Exec Code 2018-11-25 2018-12-28
9.0
None Remote Low Single system Complete Complete Complete
TP-Link Archer C5 devices through V2_160201_US allow remote command execution via shell metacharacters on the wan_dyn_hostname line of a configuration file that is encrypted with the 478DA50BF9E3D2CF key and uploaded through the web GUI by using the web admin account. The default password of admin may be used in some cases.
33 CVE-2018-19532 476 DoS 2018-11-25 2018-12-19
6.8
None Remote Medium Not required Partial Partial Partial
A NULL pointer dereference vulnerability exists in the function PdfTranslator::setTarget() in pdftranslator.cpp of PoDoFo 0.9.6, while creating the PdfXObject, as demonstrated by podofoimpose. It allows an attacker to cause Denial of Service.
34 CVE-2018-19531 20 Exec Code 2018-11-25 2018-12-19
7.5
None Remote Low Not required Partial Partial Partial
HTTL (aka Hyper-Text Template Language) through 1.0.11 allows remote command execution because the decodeXml function uses java.beans.XMLEncoder unsafely when configured without an xml.codec= setting.
35 CVE-2018-19530 20 Exec Code 2018-11-25 2018-12-19
7.5
None Remote Low Not required Partial Partial Partial
HTTL (aka Hyper-Text Template Language) through 1.0.11 allows remote command execution because the decodeXml function uses XStream unsafely when configured with an xml.codec=httl.spi.codecs.XstreamCodec setting.
36 CVE-2018-19528 119 DoS Overflow 2018-11-25 2018-12-19
10.0
None Remote Low Not required Complete Complete Complete
TP-Link TL-WR886N 7.0 1.1.0 devices allow remote attackers to cause a denial of service (Tlb Load Exception) via crafted DNS packets to port 53/udp.
37 CVE-2018-19504 125 2018-11-23 2019-09-16
6.8
None Remote Medium Not required Partial Partial Partial
An issue was discovered in Freeware Advanced Audio Decoder 2 (FAAD2) 2.8.1. There is a NULL pointer dereference in ifilter_bank() in libfaad/filtbank.c.
38 CVE-2018-19503 119 Overflow 2018-11-23 2019-09-16
6.8
None Remote Medium Not required Partial Partial Partial
An issue was discovered in Freeware Advanced Audio Decoder 2 (FAAD2) 2.8.1. There was a stack-based buffer overflow in the function calculate_gain() in libfaad/sbr_hfadj.c.
39 CVE-2018-19502 119 Overflow 2018-11-23 2019-08-28
6.8
None Remote Medium Not required Partial Partial Partial
An issue was discovered in Freeware Advanced Audio Decoder 2 (FAAD2) 2.8.1. There was a heap-based buffer overflow in the function excluded_channels() in libfaad/syntax.c.
40 CVE-2018-19499 502 Exec Code 2018-11-23 2019-10-02
6.5
None Remote Low Single system Partial Partial Partial
Vanilla before 2.5.5 and 2.6.x before 2.6.2 allows Remote Code Execution because authenticated administrators have a reachable call to unserialize in the Gdn_Format class.
41 CVE-2018-19492 119 Overflow 2018-11-23 2019-04-18
6.8
None Remote Medium Not required Partial Partial Partial
An issue was discovered in cairo.trm in Gnuplot 5.2.5. This issue allows an attacker to conduct a buffer overflow with an arbitrary amount of data in the cairotrm_options function. This flaw is caused by a missing size check of an argument passed to the "set font" function. This issue occurs when the Gnuplot pngcairo terminal is used as a backend.
42 CVE-2018-19491 119 Overflow 2018-11-23 2019-04-18
6.8
None Remote Medium Not required Partial Partial Partial
An issue was discovered in post.trm in Gnuplot 5.2.5. This issue allows an attacker to conduct a buffer overflow with an arbitrary amount of data in the PS_options function. This flaw is caused by a missing size check of an argument passed to the "set font" function. This issue occurs when the Gnuplot postscript terminal is used as a backend.
43 CVE-2018-19490 119 Overflow 2018-11-23 2019-04-18
6.8
None Remote Medium Not required Partial Partial Partial
An issue was discovered in datafile.c in Gnuplot 5.2.5. This issue allows an attacker to conduct a heap-based buffer overflow with an arbitrary amount of data in df_generate_ascii_array_entry. To exploit this vulnerability, an attacker must pass an overlong string as the right bound of the range argument that is passed to the plot function.
44 CVE-2018-19486 426 Exec Code 2018-11-23 2019-04-10
7.5
None Remote Low Not required Partial Partial Partial
Git before 2.19.2 on Linux and UNIX executes commands from the current working directory (as if '.' were at the end of $PATH) in certain cases involving the run_command() API and run-command.c, because there was a dangerous change from execvp to execv during 2017.
45 CVE-2018-19477 704 Bypass 2018-11-23 2019-04-25
6.8
None Remote Medium Not required Partial Partial Partial
psi/zfjbig2.c in Artifex Ghostscript before 9.26 allows remote attackers to bypass intended access restrictions because of a JBIG2Decode type confusion.
46 CVE-2018-19476 704 Bypass 2018-11-23 2019-04-25
6.8
None Remote Medium Not required Partial Partial Partial
psi/zicc.c in Artifex Ghostscript before 9.26 allows remote attackers to bypass intended access restrictions because of a setcolorspace type confusion.
47 CVE-2018-19475 Bypass 2018-11-23 2019-10-02
6.8
None Remote Medium Not required Partial Partial Partial
psi/zdevice2.c in Artifex Ghostscript before 9.26 allows remote attackers to bypass intended access restrictions because available stack space is not checked when the device remains the same.
48 CVE-2018-19468 89 Sql 2018-11-23 2018-12-19
7.5
None Remote Low Not required Partial Partial Partial
HuCart 5.7.4 has SQL injection in get_ip() in system/class/helper_class.php via the X-Forwarded-For HTTP header to the user/index.php?load=login&act=act_login URI.
49 CVE-2018-19463 94 Exec Code 2018-11-22 2018-12-21
7.5
None Remote Low Not required Partial Partial Partial
zb_system/function/lib/upload.php in Z-BlogPHP through 1.5.1 allows remote attackers to execute arbitrary PHP code by using the image/jpeg content type in an upload to the zb_system/admin/index.php?act=UploadMng URI.
50 CVE-2018-19459 119 Overflow 2018-11-22 2018-12-18
6.8
None Remote Medium Not required Partial Partial Partial
Adult Filter 1.0 has a Buffer Overflow via a crafted Black Domain List file.
Total number of vulnerabilities : 552   Page : 1 (This Page)2 3 4 5 6 7 8 9 10 11 12
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.