CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities Published In November 2018

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
451 CVE-2018-16472 20 2018-11-06 2019-10-09
5.0
None Remote Low Not required None None Partial
A prototype pollution attack in cached-path-relative versions <=1.0.1 allows an attacker to inject properties on Object.prototype which are then inherited by all the JS objects through the prototype chain causing a DoS attack.
452 CVE-2018-16471 79 XSS Bypass 2018-11-13 2019-06-13
4.3
None Remote Medium Not required None Partial None
There is a possible XSS vulnerability in Rack before 2.0.6 and 1.6.11. Carefully crafted requests can impact the data returned by the `scheme` method on `Rack::Request`. Applications that expect the scheme to be limited to 'http' or 'https' and do not escape the return value could be vulnerable to an XSS attack. Note that applications using the normal escaping mechanisms provided by Rails may not impacted, but applications that bypass the escaping mechanisms, or do not use them may be vulnerable.
453 CVE-2018-16470 400 2018-11-13 2019-10-09
5.0
None Remote Low Not required None None Partial
There is a possible DoS vulnerability in the multipart parser in Rack before 2.0.6. Specially crafted requests can cause the multipart parser to enter a pathological state, causing the parser to use CPU resources disproportionate to the request size.
454 CVE-2018-16396 2018-11-16 2019-10-02
6.8
None Remote Medium Not required Partial Partial Partial
An issue was discovered in Ruby before 2.3.8, 2.4.x before 2.4.5, 2.5.x before 2.5.2, and 2.6.x before 2.6.0-preview3. It does not taint strings that result from unpacking tainted strings with some formats.
455 CVE-2018-16395 2018-11-16 2019-10-02
7.5
None Remote Low Not required Partial Partial Partial
An issue was discovered in the OpenSSL library in Ruby before 2.3.8, 2.4.x before 2.4.5, 2.5.x before 2.5.2, and 2.6.x before 2.6.0-preview3. When two OpenSSL::X509::Name objects are compared using ==, depending on the ordering, non-equal objects may return true. When the first argument is one character longer than the second, or the second argument contains a character that is one less than a character in the same position of the first argument, the result of == will be true. This could be leveraged to create an illegitimate certificate that may be accepted as legitimate and then used in signing or encryption operations.
456 CVE-2018-16253 347 2018-11-07 2018-12-13
4.3
None Remote Medium Not required None Partial None
In sig_verify() in x509.c in axTLS version 2.1.3 and before, the PKCS#1 v1.5 signature verification does not properly verify the ASN.1 metadata. Consequently, a remote attacker can forge signatures when small public exponents are being used, which could lead to impersonation through fake X.509 certificates. This is an even more permissive variant of CVE-2006-4790 and CVE-2014-1568.
457 CVE-2018-16224 200 +Info 2018-11-20 2018-12-20
5.0
None Remote Low Not required Partial None None
Incorrect access control for the diagnostic files of the iSmartAlarm Cube One through 2.2.4.10 allows an attacker to retrieve them via a specifically crafted TCP request to port 12345 and 22306, and access sensitive information from the device.
458 CVE-2018-16223 522 2018-11-20 2019-10-02
5.0
None Remote Low Not required Partial None None
Insecure Cryptographic Storage of credentials in com.vestiacom.qbeecamera_preferences.xml in the QBee Cam application through 1.0.5 for Android allows an attacker to retrieve the username and password.
459 CVE-2018-16222 522 2018-11-20 2019-10-02
2.1
None Local Low Not required Partial None None
Cleartext Storage of credentials in the iSmartAlarmData.xml configuration file in the iSmartAlarm application through 2.0.8 for Android allows an attacker to retrieve the username and password.
460 CVE-2018-16163 284 Bypass 2018-11-15 2019-10-02
5.5
None Remote Low Single system None Partial Partial
OpenDolphin 2.7.0 and earlier allows authenticated attackers to bypass authentication to create and/or delete other users accounts via unspecified vectors.
461 CVE-2018-16162 2018-11-15 2019-10-02
4.0
None Remote Low Single system Partial None None
OpenDolphin 2.7.0 and earlier allows authenticated attackers to obtain other users credentials such as a user ID and/or its password via unspecified vectors.
462 CVE-2018-16161 +Priv 2018-11-15 2019-10-02
9.0
None Remote Low Single system Complete Complete Complete
OpenDolphin 2.7.0 and earlier allows authenticated users to gain administrative privileges and perform unintended operations.
463 CVE-2018-16160 287 Bypass 2018-11-15 2018-12-20
4.6
None Local Low Not required Partial Partial Partial
SecureCore Standard Edition Version 2.x allows an attacker to bypass the product 's authentication to log in to a Windows PC.
464 CVE-2018-16150 347 2018-11-07 2018-12-13
4.3
None Remote Medium Not required None Partial None
In sig_verify() in x509.c in axTLS version 2.1.3 and before, the PKCS#1 v1.5 signature verification does not reject excess data after the hash value. Consequently, a remote attacker can forge signatures when small public exponents are being used, which could lead to impersonation through fake X.509 certificates. This is a variant of CVE-2006-4340.
465 CVE-2018-16149 2018-11-07 2018-11-07
0.0
None ??? ??? ??? ??? ??? ???
In sig_verify() in x509.c in axTLS version 2.1.3 and before, the PKCS#1 v1.5 signature verification blindly trusts the declared lengths in the ASN.1 structure. Consequently, when small public exponents are being used, a remote attacker can generate purposefully crafted signatures (and put them on X.509 certificates) to induce illegal memory access and crash the verifier.
466 CVE-2018-16130 78 Exec Code 2018-11-27 2019-10-02
9.0
None Remote Low Single system Complete Complete Complete
System command injection in request_mitv in Xiaomi Mi Router 3 version 2.22.15 allows attackers to execute arbitrary system commands via the "payload" URL parameter.
467 CVE-2018-16097 434 2018-11-30 2018-12-28
4.0
None Remote Low Single system None Partial None
LXCI for VMware versions prior to 5.5 and LXCI for Microsoft System Center versions prior to 3.5, allow an authenticated user to write to any system file due to insufficient sanitization during the upload of a certificate.
468 CVE-2018-16096 79 XSS 2018-11-27 2018-12-19
4.3
None Remote Medium Not required None Partial None
In System Management Module (SMM) versions prior to 1.06, the SMM web interface for changing Enclosure VPD fails to sufficiently sanitize all input for HTML tags, possibly opening a path for cross-site scripting.
469 CVE-2018-16095 534 2018-11-27 2018-12-19
4.3
None Remote Medium Not required Partial None None
In System Management Module (SMM) versions prior to 1.06, the SMM records hashed passwords to a debug log when user authentication fails.
470 CVE-2018-16094 119 Overflow 2018-11-27 2018-12-19
6.8
None Remote Medium Not required Partial Partial Partial
In System Management Module (SMM) versions prior to 1.06, an internal SMM function that retrieves configuration settings is prone to a buffer overflow.
471 CVE-2018-16093 434 2018-11-30 2018-12-28
4.0
None Remote Low Single system None Partial None
In versions prior to 5.5, LXCI for VMware allows an authenticated user to write to any system file due to insufficient sanitization during the upload of a backup file.
472 CVE-2018-16092 2018-11-27 2019-10-02
4.3
None Remote Medium Not required Partial None None
In System Management Module (SMM) versions prior to 1.06, the FFDC feature includes the collection of SMM system files containing sensitive information; notably, the SMM user account credentials and the system shadow file.
473 CVE-2018-16091 119 Overflow 2018-11-27 2018-12-19
6.8
None Remote Medium Not required Partial Partial Partial
In System Management Module (SMM) versions prior to 1.06, the SMM certificate creation and parsing logic is vulnerable to several buffer overflows.
474 CVE-2018-16090 78 2018-11-27 2019-10-02
6.0
None Remote Medium Single system Partial Partial Partial
In System Management Module (SMM) versions prior to 1.06, the SMM certificate creation and parsing logic is vulnerable to post-authentication command injection.
475 CVE-2018-16089 78 2018-11-27 2019-10-02
8.5
None Remote Medium Single system Complete Complete Complete
In System Management Module (SMM) versions prior to 1.06, a field in the header of SMM firmware update images is insufficiently sanitized, allowing post-authentication command injection on the SMM as the root user.
476 CVE-2018-15981 704 Exec Code 2018-11-29 2018-12-28
10.0
None Remote Low Not required Complete Complete Complete
Flash Player versions 31.0.0.148 and earlier have a type confusion vulnerability. Successful exploitation could lead to arbitrary code execution.
477 CVE-2018-15980 125 2018-11-29 2018-12-04
5.0
None Remote Low Not required Partial None None
Adobe Photoshop CC versions 19.1.6 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.
478 CVE-2018-15979 200 +Info 2018-11-29 2019-08-21
5.0
None Remote Low Not required Partial None None
Adobe Acrobat and Reader versions 2019.008.20080 and earlier, 2017.011.30105 and earlier, and 2015.006.30456 and earlier have a ntlm sso hash theft vulnerability. Successful exploitation could lead to information disclosure.
479 CVE-2018-15978 125 2018-11-29 2018-12-28
5.0
None Remote Low Not required Partial None None
Flash Player versions 31.0.0.122 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.
480 CVE-2018-15835 200 +Info 2018-11-30 2019-10-02
5.0
None Remote Low Not required Partial None None
Android 1.0 through 9.0 has Insecure Permissions. The Android bug ID is 77286983.
481 CVE-2018-15796 310 2018-11-09 2019-10-09
5.5
None Remote Low Single system Partial Partial None
Cloud Foundry Bits Service Release, versions prior to 2.14.0, uses an insecure hashing algorithm to sign URLs. A remote malicious user may obtain a signed URL and extract the signing key, allowing them complete read and write access to the the Bits Service storage.
482 CVE-2018-15795 338 2018-11-13 2019-10-09
5.5
None Remote Low Single system Partial Partial None
Pivotal CredHub Service Broker, versions prior to 1.1.0, uses a guessable form of random number generation in creating service broker's UAA client. A remote malicious user may guess the client secret and obtain or modify credentials for users of the CredHub Service.
483 CVE-2018-15772 2018-11-13 2018-11-16
0.0
None ??? ??? ??? ??? ??? ???
Dell EMC RecoverPoint versions prior to 5.1.2.1 and RecoverPoint for VMs versions prior to 5.2.0.2 contain an uncontrolled resource consumption vulnerability. A malicious boxmgmt user may potentially be able to consume large amount of CPU bandwidth to make the system slow or to determine the existence of any system file via Boxmgmt CLI.
484 CVE-2018-15771 2018-11-13 2018-11-16
0.0
None ??? ??? ??? ??? ??? ???
Dell EMC RecoverPoint versions prior to 5.1.2.1 and RecoverPoint for VMs versions prior to 5.2.0.2 contain an information disclosure vulnerability. A malicious boxmgmt user may potentially be able to determine the existence of any system file via Boxmgmt CLI.
485 CVE-2018-15769 320 DoS 2018-11-16 2019-07-23
5.0
None Remote Low Not required None None Partial
RSA BSAFE Micro Edition Suite versions prior to 4.0.11 (in 4.0.x series) and versions prior to 4.1.6.2 (in 4.1.x series) contain a key management error issue. A malicious TLS server could potentially cause a Denial Of Service (DoS) on TLS clients during the handshake when a very large prime value is sent to the TLS client, and an Ephemeral or Anonymous Diffie-Hellman cipher suite (DHE or ADH) is used.
486 CVE-2018-15768 1188 2018-11-30 2019-10-02
4.0
None Remote Low Single system Partial None None
Dell OpenManage Network Manager versions prior to 6.5.0 enabled read/write access to the file system for MySQL users due to insecure default configuration setting for the embedded MySQL database.
487 CVE-2018-15767 863 2018-11-30 2019-10-02
9.0
None Remote Low Single system Complete Complete Complete
The Dell OpenManage Network Manager virtual appliance versions prior to 6.5.3 contain an improper authorization vulnerability caused by a misconfiguration in the /etc/sudoers file.
488 CVE-2018-15762 269 2018-11-02 2019-10-09
6.5
None Remote Low Single system Partial Partial Partial
Pivotal Operations Manager, versions 2.0.x prior to 2.0.24, versions 2.1.x prior to 2.1.15, versions 2.2.x prior to 2.2.7, and versions 2.3.x prior to 2.3.1, grants all users a scope which allows for privilege escalation. A remote malicious user who has been authenticated may create a new client with administrator privileges for Opsman.
489 CVE-2018-15761 +Priv 2018-11-19 2019-10-09
6.5
None Remote Low Single system Partial Partial Partial
Cloud Foundry UAA release, versions prior to v64.0, and UAA, versions prior to 4.23.0, contains a validation error which allows for privilege escalation. A remote authenticated user may modify the url and content of a consent page to gain a token with arbitrary scopes that escalates their privileges.
490 CVE-2018-15759 307 2018-11-19 2019-10-09
5.0
None Remote Low Not required Partial None None
Pivotal Cloud Foundry On Demand Services SDK, versions prior to 0.24 contain an insecure method of verifying credentials. A remote unauthenticated malicious user may make many requests to the service broker with different credentials, allowing them to infer valid credentials and gain access to perform broker operations.
491 CVE-2018-15716 78 Exec Code 2018-11-30 2019-10-09
9.0
None Remote Low Single system Complete Complete Complete
NUUO NVRMini2 version 3.9.1 is vulnerable to authenticated remote command injection. An attacker can send crafted requests to upgrade_handle.php to execute OS commands as root.
492 CVE-2018-15715 20 2018-11-30 2019-10-09
7.5
None Remote Low Not required Partial Partial Partial
Zoom clients on Windows (before version 4.1.34814.1119), Mac OS (before version 4.1.34801.1116), and Linux (2.4.129780.0915 and below) are vulnerable to unauthorized message processing. A remote unauthenticated attacker can spoof UDP messages from a meeting attendee or Zoom server in order to invoke functionality in the target client. This allows the attacker to remove attendees from meetings, spoof messages from users, or hijack shared screens.
493 CVE-2018-15714 79 XSS 2018-11-14 2018-12-06
4.3
None Remote Medium Not required None Partial None
Nagios XI 5.5.6 allows reflected cross site scripting from remote unauthenticated attackers via the oname and oname2 parameters.
494 CVE-2018-15713 79 XSS 2018-11-14 2018-12-06
3.5
None Remote Medium Single system None Partial None
Nagios XI 5.5.6 allows persistent cross site scripting from remote authenticated attackers via the stored email address in admin/users.php.
495 CVE-2018-15712 79 XSS 2018-11-14 2018-12-06
4.3
None Remote Medium Not required None Partial None
Nagios XI 5.5.6 allows reflected cross site scripting from remote unauthenticated attackers via the host parameter in api_tool.php.
496 CVE-2018-15711 78 2018-11-14 2019-10-02
6.5
None Remote Low Single system Partial Partial Partial
Nagios XI 5.5.6 allows remote authenticated attackers to reset and regenerate the API key of more privileged users. The attacker can then use the new API key to execute API calls at elevated privileges.
497 CVE-2018-15710 78 2018-11-14 2019-10-02
7.2
None Local Low Not required Complete Complete Complete
Nagios XI 5.5.6 allows local authenticated attackers to escalate privileges to root via Autodiscover_new.php.
498 CVE-2018-15709 78 Exec Code 2018-11-14 2019-10-02
6.5
None Remote Low Single system Partial Partial Partial
Nagios XI 5.5.6 allows remote authenticated attackers to execute arbitrary commands via a crafted HTTP request.
499 CVE-2018-15708 Exec Code 2018-11-14 2019-10-02
7.5
None Remote Low Not required Partial Partial Partial
Snoopy 1.0 in Nagios XI 5.5.6 allows remote unauthenticated attackers to execute arbitrary commands via a crafted HTTP request.
500 CVE-2018-15693 863 Bypass 2018-11-16 2019-10-02
3.5
None Remote Medium Single system None Partial None
Inova Partner 5.0.5-RELEASE, Build 0510-0906 and earlier allows authenticated users authorization bypass via insecure direct object reference.
Total number of vulnerabilities : 982   Page : 1 2 3 4 5 6 7 8 9 10 (This Page)11 12 13 14 15 16 17 18 19 20
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.