CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
501 CVE-2018-7065 +Priv Sql 2018-12-07 2018-12-07
0.0
None ??? ??? ??? ??? ??? ???
An authenticated SQL injection vulnerability in Aruba ClearPass Policy Manager can lead to privilege escalation. All versions of ClearPass are affected by multiple authenticated SQL injection vulnerabilities. In each case, an authenticated administrative user of any type could exploit this vulnerability to gain access to "appadmin" credentials, leading to complete cluster compromise. Resolution: Fixed in 6.7.6 and 6.6.10-hotfix.
502 CVE-2018-7063 2018-12-07 2018-12-07
0.0
None ??? ??? ??? ??? ??? ???
In Aruba ClearPass, disabled API admins can still perform read/write operations. In certain circumstances, API admins in ClearPass which have been disabled may still be able to perform read/write operations on parts of the XML API. This can lead to unauthorized access to the API and complete compromise of the ClearPass instance if an attacker knows of the existence of these accounts.
503 CVE-2018-6982 +Info 2018-12-04 2018-12-05
0.0
None ??? ??? ??? ??? ??? ???
VMware ESXi 6.7 without ESXi670-201811401-BG and VMware ESXi 6.5 without ESXi650-201811301-BG contain uninitialized stack memory usage in the vmxnet3 virtual network adapter which may lead to an information leak from host to guest.
504 CVE-2018-6981 Exec Code 2018-12-04 2018-12-05
0.0
None ??? ??? ??? ??? ??? ???
VMware ESXi 6.7 without ESXi670-201811401-BG and VMware ESXi 6.5 without ESXi650-201811301-BG, VMware ESXi 6.0 without ESXi600-201811401-BG, VMware Workstation 15, VMware Workstation 14.1.3 or below, VMware Fusion 11, VMware Fusion 10.1.3 or below contain uninitialized stack memory usage in the vmxnet3 virtual network adapter which may allow a guest to execute code on the host.
505 CVE-2018-6974 Exec Code 2018-10-16 2018-10-18
0.0
None ??? ??? ??? ??? ??? ???
VMware ESXi (6.7 before ESXi670-201810101-SG, 6.5 before ESXi650-201808401-BG, and 6.0 before ESXi600-201808401-BG), Workstation (14.x before 14.1.3) and Fusion (10.x before 10.1.3) contain an out-of-bounds read vulnerability in SVGA device. This issue may allow a guest to execute code on the host.
506 CVE-2018-6909 2018-11-01 2018-11-01
0.0
None ??? ??? ??? ??? ??? ???
A missing X-Frame-Options header in the Green Electronics RainMachine Mini-8 (2nd Generation) and Touch HD 12 web application could be used by a remote attacker for clickjacking, as demonstrated by triggering an API page request.
507 CVE-2018-6908 Bypass 2018-11-01 2018-11-01
0.0
None ??? ??? ??? ??? ??? ???
An authentication bypass vulnerability exists in the Green Electronics RainMachine Mini-8 (2nd Generation) and Touch HD 12 web application allowing an unauthenticated attacker to perform authenticated actions on the device via a 127.0.0.1:port value in the HTTP 'Host' header, as demonstrated by retrieving credentials.
508 CVE-2018-6907 CSRF 2018-11-01 2018-11-01
0.0
None ??? ??? ??? ??? ??? ???
A Cross Site Request Forgery (CSRF) vulnerability in the Green Electronics RainMachine Mini-8 (2nd Generation) and Touch HD 12 web application allows an attacker to control the RainMachine device via the REST API.
509 CVE-2018-6906 XSS 2018-11-01 2018-11-01
0.0
None ??? ??? ??? ??? ??? ???
A persistent Cross Site Scripting (XSS) vulnerability in the Green Electronics RainMachine Mini-8 (2nd Generation) and Touch HD 12 web application allows an attacker to inject arbitrary JavaScript via the REST API.
510 CVE-2018-6162 2019-01-09 2019-01-10
0.0
None ??? ??? ??? ??? ??? ???
Improper deserialization in WebGL in Google Chrome on Mac prior to 68.0.3440.75 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
511 CVE-2018-6152 2018-12-04 2019-01-09
0.0
None ??? ??? ??? ??? ??? ???
The implementation of the Page.downloadBehavior backend unconditionally marked downloaded files as safe, regardless of file type in Google Chrome prior to 66.0.3359.117 allowed an attacker who convinced a user to install a malicious extension to potentially perform a sandbox escape via a crafted HTML page and user interaction.
512 CVE-2018-6147 +Info 2019-01-09 2019-01-10
0.0
None ??? ??? ??? ??? ??? ???
Lack of secure text entry mode in Browser UI in Google Chrome on Mac prior to 67.0.3396.62 allowed a local attacker to obtain potentially sensitive information from process memory via a local process.
513 CVE-2018-6133 2019-01-09 2019-01-10
0.0
None ??? ??? ??? ??? ??? ???
Incorrect handling of confusable characters in URL Formatter in Google Chrome prior to 67.0.3396.62 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted domain name.
514 CVE-2018-6127 2019-01-09 2019-01-10
0.0
None ??? ??? ??? ??? ??? ???
Early free of object in use in IndexDB in Google Chrome prior to 67.0.3396.62 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page.
515 CVE-2018-6124 2019-01-09 2019-01-10
0.0
None ??? ??? ??? ??? ??? ???
Type confusion in ReadableStreams in Blink in Google Chrome prior to 67.0.3396.62 allowed a remote attacker to potentially exploit object corruption via a crafted HTML page.
516 CVE-2018-6110 2019-01-09 2019-01-10
0.0
None ??? ??? ??? ??? ??? ???
Parsing documents as HTML in Downloads in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to cause Chrome to execute scripts via a local non-HTML page.
517 CVE-2018-6109 2019-01-09 2019-01-10
0.0
None ??? ??? ??? ??? ??? ???
readAsText() can indefinitely read the file picked by the user, rather than only once at the time the file is picked in File API in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to access data on the user file system without explicit consent via a crafted HTML page.
518 CVE-2018-6106 2019-01-09 2019-01-10
0.0
None ??? ??? ??? ??? ??? ???
An asynchronous generator may return an incorrect state in V8 in Google Chrome prior to 66.0.3359.117 allowing a remote attacker to potentially exploit object corruption via a crafted HTML page.
519 CVE-2018-6100 2019-01-09 2019-01-10
0.0
None ??? ??? ??? ??? ??? ???
Incorrect handling of confusable characters in URL Formatter in Google Chrome on macOS prior to 66.0.3359.117 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted domain name.
520 CVE-2018-6097 2019-01-09 2019-01-10
0.0
None ??? ??? ??? ??? ??? ???
Incorrect handling of asynchronous methods in Fullscreen in Google Chrome on macOS prior to 66.0.3359.117 allowed a remote attacker to enter full screen without showing a warning via a crafted HTML page.
521 CVE-2018-6096 2019-01-09 2019-01-10
0.0
None ??? ??? ??? ??? ??? ???
A JavaScript focused window could overlap the fullscreen notification in Fullscreen in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to obscure the full screen warning via a crafted HTML page.
522 CVE-2018-6093 2019-01-09 2019-01-10
0.0
None ??? ??? ??? ??? ??? ???
Insufficient origin checks in Blink in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to leak cross-origin data via a crafted HTML page.
523 CVE-2018-6091 2019-01-09 2019-01-10
0.0
None ??? ??? ??? ??? ??? ???
Service Workers can intercept any request made by an <embed> or <object> tag in Fetch API in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to leak cross-origin data via a crafted HTML page.
524 CVE-2018-6084 Exec Code 2019-01-09 2019-01-10
0.0
None ??? ??? ??? ??? ??? ???
Insufficiently sanitized distributed objects in Updater in Google Chrome on macOS prior to 66.0.3359.117 allowed a local attacker to execute arbitrary code via an executable file.
525 CVE-2018-6056 Exec Code 2019-01-09 2019-01-10
0.0
None ??? ??? ??? ??? ??? ???
Type confusion could lead to a heap out-of-bounds write in V8 in Google Chrome prior to 64.0.3282.168 allowing a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page.
526 CVE-2018-6012 2018-11-01 2018-11-01
0.0
None ??? ??? ??? ??? ??? ???
The 'Weather Service' feature of the Green Electronics RainMachine Mini-8 (2nd generation) allows an attacker to inject arbitrary Python code via the 'Add new weather data source' upload function.
527 CVE-2018-6011 2018-11-01 2018-11-01
0.0
None ??? ??? ??? ??? ??? ???
The time-based one-time-password (TOTP) function in the application logic of the Green Electronics RainMachine Mini-8 (2nd generation) uses the administrator's password hash to generate a 6-digit temporary passcode that can be used for remote and local access, aka a "Use of Password Hash Instead of Password for Authentication" issue. This is exploitable by an attacker who discovers a hash value in the rainmachine-settings.sqlite file.
528 CVE-2018-5811 2018-12-07 2018-12-08
0.0
None ??? ??? ??? ??? ??? ???
An error within the "nikon_coolscan_load_raw()" function (internal/dcraw_common.cpp) in LibRaw versions prior to 0.18.9 can be exploited to cause an out-of-bounds read memory access and subsequently cause a crash.
529 CVE-2018-5745 2019-10-09 2019-10-09
0.0
None ??? ??? ??? ??? ??? ???
"managed-keys" is a feature which allows a BIND resolver to automatically maintain the keys used by trust anchors which operators configure for use in DNSSEC validation. Due to an error in the managed-keys feature it is possible for a BIND server which uses managed-keys to exit due to an assertion failure if, during key rollover, a trust anchor's keys are replaced with keys which use an unsupported algorithm. Versions affected: BIND 9.9.0 -> 9.10.8-P1, 9.11.0 -> 9.11.5-P1, 9.12.0 -> 9.12.3-P1, and versions 9.9.3-S1 -> 9.11.5-S3 of BIND 9 Supported Preview Edition. Versions 9.13.0 -> 9.13.6 of the 9.13 development branch are also affected. Versions prior to BIND 9.9.0 have not been evaluated for vulnerability to CVE-2018-5745.
530 CVE-2018-5744 2019-10-09 2019-10-09
0.0
None ??? ??? ??? ??? ??? ???
A failure to free memory can occur when processing messages having a specific combination of EDNS options. Versions affected are: BIND 9.10.7 -> 9.10.8-P1, 9.11.3 -> 9.11.5-P1, 9.12.0 -> 9.12.3-P1, and versions 9.10.7-S1 -> 9.11.5-S3 of BIND 9 Supported Preview Edition. Versions 9.13.0 -> 9.13.6 of the 9.13 development branch are also affected.
531 CVE-2018-5743 2019-10-09 2019-10-09
0.0
None ??? ??? ??? ??? ??? ???
By design, BIND is intended to limit the number of TCP clients that can be connected at any given time. The number of allowed connections is a tunable parameter which, if unset, defaults to a conservative value for most servers. Unfortunately, the code which was intended to limit the number of simultaneous connections contained an error which could be exploited to grow the number of simultaneous connections beyond this limit. Versions affected: BIND 9.9.0 -> 9.10.8-P1, 9.11.0 -> 9.11.6, 9.12.0 -> 9.12.4, 9.14.0. BIND 9 Supported Preview Edition versions 9.9.3-S1 -> 9.11.5-S3, and 9.11.5-S5. Versions 9.13.0 -> 9.13.7 of the 9.13 development branch are also affected. Versions prior to BIND 9.9.0 have not been evaluated for vulnerability to CVE-2018-5743.
532 CVE-2018-5732 Overflow 2019-10-09 2019-10-09
0.0
None ??? ??? ??? ??? ??? ???
Failure to properly bounds-check a buffer used for processing DHCP options allows a malicious server (or an entity masquerading as a server) to cause a buffer overflow (and resulting crash) in dhclient by sending a response containing a specially constructed options section. Affects ISC DHCP versions 4.1.0 -> 4.1-ESV-R15, 4.2.0 -> 4.2.8, 4.3.0 -> 4.3.6, 4.4.0
533 CVE-2018-5497 2019-01-24 2019-01-24
0.0
None ??? ??? ??? ??? ??? ???
Clustered Data ONTAP versions prior to 9.1P16, 9.3P10 and 9.4P5 are susceptible to a vulnerability which discloses sensitive information to an unauthorized user.
534 CVE-2018-5496 2018-12-04 2018-12-04
0.0
None ??? ??? ??? ??? ??? ???
Data ONTAP operating in 7-Mode versions prior to 8.2.5P2 are susceptible to a vulnerability which discloses sensitive information to an unauthorized user.
535 CVE-2018-5204 Exec Code 2018-12-28 2018-12-28
0.0
None ??? ??? ??? ??? ??? ???
ML Report version Between 2.00.000.0000 and 2.18.628.5980 contains a vulnerability that could allow remote attacker to download and execute remote arbitrary file by setting the arguments to the activex method. this can be leveraged for code execution.
536 CVE-2018-5203 Exec Code 2018-12-28 2018-12-28
0.0
None ??? ??? ??? ??? ??? ???
DEXTUploadX5 version Between 1.0.0.0 and 2.2.0.0 contains a vulnerability that could allow remote attacker to download and execute remote arbitrary file by setting the arguments to the activex method. this can be leveraged for code execution.
537 CVE-2018-5197 Exec Code 2019-01-02 2019-01-02
0.0
None ??? ??? ??? ??? ??? ???
A vulnerability in the ExtCommon.dll user extension module version 9.2, 9.2.1, 9.2.2 of Xplatform ActiveX could allow attacker to perform a command injection attack. The vulnerability is due to insufficient input validation of command parameters. An crafted malicious parameters could cause arbitrary command to execute.
538 CVE-2018-5191 CSRF 2018-01-03 2018-01-03
0.0
None ??? ??? ??? ??? ??? ???
/usr/local/www/csrf/csrf-magic.php in the WebGUI in pfSense before 2.4.2-RELEASE allows Clickjacking on the CSRF error page because the error detection occurs before an X-Frame-Options header is set.
539 CVE-2018-4209 2019-01-11 2019-01-12
0.0
None ??? ??? ??? ??? ??? ???
In iOS before 11.3, Safari before 11.1, iCloud for Windows before 7.4, tvOS before 11.3, watchOS before 4.3, iTunes before 12.7.4 for Windows, unexpected interaction causes an ASSERT failure. This issue was addressed with improved checks.
540 CVE-2018-4208 2019-01-11 2019-01-12
0.0
None ??? ??? ??? ??? ??? ???
In iOS before 11.3, Safari before 11.1, iCloud for Windows before 7.4, tvOS before 11.3, watchOS before 4.3, iTunes before 12.7.4 for Windows, unexpected interaction causes an ASSERT failure. This issue was addressed with improved checks.
541 CVE-2018-4207 2019-01-11 2019-01-12
0.0
None ??? ??? ??? ??? ??? ???
In iOS before 11.3, Safari before 11.1, iCloud for Windows before 7.4, tvOS before 11.3, watchOS before 4.3, iTunes before 12.7.4 for Windows, unexpected interaction causes an ASSERT failure. This issue was addressed with improved checks.
542 CVE-2018-4194 2019-01-11 2019-01-14
0.0
None ??? ??? ??? ??? ??? ???
In iOS before 11.4, iCloud for Windows before 7.5, watchOS before 4.3.1, iTunes before 12.7.5 for Windows, and macOS High Sierra before 10.13.5, an out-of-bounds read was addressed with improved input validation.
543 CVE-2018-4186 +Info 2019-01-11 2019-01-11
0.0
None ??? ??? ??? ??? ??? ???
In Safari before 11.1, an information leakage issue existed in the handling of downloads in Safari Private Browsing. This issue was addressed with additional validation.
544 CVE-2018-4185 2019-01-11 2019-01-14
0.0
None ??? ??? ??? ??? ??? ???
In iOS before 11.3, tvOS before 11.3, watchOS before 4.3, and macOS before High Sierra 10.13.4, an information disclosure issue existed in the transition of program state. This issue was addressed with improved state handling.
545 CVE-2018-4179 2019-01-11 2019-01-11
0.0
None ??? ??? ??? ??? ??? ???
In macOS High Sierra before 10.13.4, there was an issue with the handling of smartcard PINs. This issue was addressed with additional logic.
546 CVE-2018-4046 2019-01-10 2019-01-10
0.0
None ??? ??? ??? ??? ??? ???
An exploitable denial-of-service vulnerability exists in the helper service of Clean My Mac X, version 4.04, due to improper input validation. A user with local access can use this vulnerability to terminate a privileged helper application. An attacker would need local access to the machine for a successful exploit.
547 CVE-2018-4043 2019-01-10 2019-01-10
0.0
None ??? ??? ??? ??? ??? ???
An exploitable privilege escalation vulnerability exists in the Clean My Mac X, version 4.04, helper service due to improper input validation. A user with local access can use this vulnerability to modify the file system as root. An attacker would need local access to the machine for a successful exploit.
548 CVE-2018-4022 Exec Code 2018-10-26 2018-10-26
0.0
None ??? ??? ??? ??? ??? ???
A use-after-free vulnerability exists in the way MKVToolNix MKVINFO v25.0.0 handles the MKV (matroska) file format. A specially crafted MKV file can cause arbitrary code execution in the context of the current user.
549 CVE-2018-4015 2018-12-18 2018-12-18
0.0
None ??? ??? ??? ??? ??? ???
An exploitable vulnerability exists in the HTTP client functionality of the Webroot BrightCloud SDK. The configuration of the HTTP client does not enforce a secure connection by default, resulting in a failure to validate TLS certificates. An attacker could impersonate a remote BrightCloud server to exploit this vulnerability.
550 CVE-2018-4013 Exec Code Overflow 2018-10-19 2018-11-24
0.0
None ??? ??? ??? ??? ??? ???
An exploitable code execution vulnerability exists in the HTTP packet-parsing functionality of the LIVE555 RTSP server library version 0.92. A specially crafted packet can cause a stack-based buffer overflow, resulting in code execution. An attacker can send a packet to trigger this vulnerability.
Total number of vulnerabilities : 703   Page : 1 2 3 4 5 6 7 8 9 10 11 (This Page)12 13 14 15
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.