CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
551 CVE-2018-12413 CSRF 2018-11-06 2018-11-12
0.0
None ??? ??? ??? ??? ??? ???
The Schema repository server (tibschemad) component of TIBCO Software Inc.'s TIBCO Messaging - Apache Kafka Distribution - Schema Repository - Community Edition, and TIBCO Messaging - Apache Kafka Distribution - Schema Repository - Enterprise Edition contains a vulnerability which may allow an attacker to perform cross-site request forgery (CSRF) attacks. Affected releases are TIBCO Software Inc. TIBCO Messaging - Apache Kafka Distribution - Schema Repository - Community Edition: 1.0.0, and TIBCO Messaging - Apache Kafka Distribution - Schema Repository - Enterprise Edition: 1.0.0.
552 CVE-2018-12412 CSRF 2018-11-06 2018-11-09
0.0
None ??? ??? ??? ??? ??? ???
The realm server (tibrealmserver) component of TIBCO Software Inc. TIBCO FTL - Community Edition, TIBCO FTL - Developer Edition, and TIBCO FTL - Enterprise Edition contains a vulnerability which may allow an attacker to perform cross-site request forgery (CSRF) attacks. Affected releases are TIBCO Software Inc. TIBCO FTL - Community Edition: versions up to and including 5.4.0, TIBCO FTL - Developer Edition: versions up to and including 5.4.0, TIBCO FTL - Enterprise Edition: versions up to and including 5.4.0.
553 CVE-2018-12411 CSRF 2018-11-06 2018-11-09
0.0
None ??? ??? ??? ??? ??? ???
The administrative daemon (tibdgadmind) of TIBCO Software Inc.'s TIBCO ActiveSpaces - Community Edition, TIBCO ActiveSpaces - Developer Edition, and TIBCO ActiveSpaces - Enterprise Edition contains a vulnerability which may allow an attacker to perform cross-site request forgery (CSRF) attacks. Affected releases are TIBCO Software Inc.'s TIBCO ActiveSpaces - Community Edition: 3.3.0; 3.4.0; 3.5.0, TIBCO ActiveSpaces - Developer Edition: 3.0.0; 3.1.0; 3.3.0; 3.4.0; 3.5.0, and TIBCO ActiveSpaces - Enterprise Edition: 3.0.0; 3.1.0; 3.2.0; 3.3.0; 3.4.0; 3.5.0.
554 CVE-2018-12318 +Info 2018-12-04 2018-12-04
0.0
None ??? ??? ??? ??? ??? ???
Information disclosure in the SNMP settings page in ASUSTOR ADM version 3.1.1 allows attackers to obtain the SNMP password in cleartext.
555 CVE-2018-12241 XSS 2018-11-27 2018-11-28
0.0
None ??? ??? ??? ??? ??? ???
The Symantec Security Analytics (SA) 7.x prior to 7.3.4 Web UI is susceptible to a reflected cross-site scripting (XSS) vulnerability. A remote attacker with knowledge of the SA web UI hostname or IP address can craft a malicious URL for the SA web UI and target SA web UI users with phishing attacks or other social engineering techniques. A successful attack allows injecting malicious JavaScript code into the SA web UI client application.
556 CVE-2018-12237 Exec Code 2019-01-24 2019-01-24
0.0
None ??? ??? ??? ??? ??? ???
The Symantec Reporter CLI 10.1 prior to 10.1.5.6 and 10.2 prior to 10.2.1.8 is susceptible to an OS command injection vulnerability. An authenticated malicious administrator with Enable mode access can execute arbitrary OS commands with elevated system privileges.
557 CVE-2018-12177 2019-01-10 2019-01-10
0.0
None ??? ??? ??? ??? ??? ???
Improper directory permissions in the ZeroConfig service in Intel(R) PROSet/Wireless WiFi Software before version 20.90.0.7 may allow an authorized user to potentially enable escalation of privilege via local access.
558 CVE-2018-12176 DoS Exec Code 2018-09-12 2018-09-12
0.0
None ??? ??? ??? ??? ??? ???
Improper input validation in firmware for Intel NUC Kits may allow a privileged user to potentially execute arbitrary code resulting in information disclosure, escalation of privilege and/or denial of service via local access.
559 CVE-2018-12167 DoS 2019-01-10 2019-01-10
0.0
None ??? ??? ??? ??? ??? ???
Firmware update routine in bootloader for Intel(R) Optane(TM) SSD DC P4800X before version E2010435 may allow a privileged user to potentially enable a denial of service via local access.
560 CVE-2018-12166 DoS 2019-01-10 2019-01-10
0.0
None ??? ??? ??? ??? ??? ???
Insufficient write protection in firmware for Intel(R) Optane(TM) SSD DC P4800X before version E2010435 may allow a privileged user to potentially enable a denial of service via local access.
561 CVE-2018-12158 DoS 2018-10-10 2018-10-10
0.0
None ??? ??? ??? ??? ??? ???
Insufficient input validation in BIOS update utility in Intel NUC FW kits downloaded before May 24, 2018 may allow a privileged user to potentially trigger a denial of service or information disclosure via local access.
562 CVE-2018-12154 DoS 2018-10-15 2018-10-17
0.0
None ??? ??? ??? ??? ??? ???
Denial of Service in Unified Shader Compiler in Intel Graphics Drivers before 10.18.x.5056 (aka 15.33.x.5056), 10.18.x.5057 (aka 15.36.x.5057) and 20.19.x.5058 (aka 15.40.x.5058) may allow an unprivileged user to potentially create an infinite loop and crash an application via local access.
563 CVE-2018-12076 2018-12-13 2018-12-13
0.0
None ??? ??? ??? ??? ??? ???
A vulnerability in the UPC bar code of the Avanti Markets MarketCard could allow an unauthenticated, local attacker to access funds within the customer's MarketCard balance, and also could lead to Customer Information Disclosure. The vulnerability is due to lack of proper validation of the UPC bar code present on the MarketCard. An attacker could exploit this vulnerability by generating a copy of a customer's bar code. An exploit could allow the attacker to access all funds located within the MarketCard or allow unauthenticated disclosure of information.
564 CVE-2018-11799 2018-12-19 2018-12-21
0.0
None ??? ??? ??? ??? ??? ???
Vulnerability allows a user of Apache Oozie 3.1.3-incubating to 5.0.0 to impersonate other users. The malicious user can construct an XML that results workflows running in other user's name.
565 CVE-2018-11792 2018-10-24 2018-10-29
0.0
None ??? ??? ??? ??? ??? ???
In Apache Impala before 3.0.1, ALTER TABLE/VIEW RENAME required ALTER on the old table. This may pose a potential security risk, such as having ALTER on a table and ALL on a particular database allows a user to move the table to a database with ALL, which will automatically grant that user with ALL privilege on that table due to the privilege inherited from the database.
566 CVE-2018-11788 2019-01-07 2019-01-09
0.0
None ??? ??? ??? ??? ??? ???
Apache Karaf provides a features deployer, which allows users to "hot deploy" a features XML by dropping the file directly in the deploy folder. The features XML is parsed by XMLInputFactory class. Apache Karaf XMLInputFactory class doesn't contain any mitigation codes against XXE. This is a potential security risk as an user can inject external XML entities in Apache Karaf version prior to 4.1.7 or 4.2.2. It has been fixed in Apache Karaf 4.1.7 and 4.2.2 releases.
567 CVE-2018-11785 2018-10-24 2018-10-29
0.0
None ??? ??? ??? ??? ??? ???
Missing authorization check in Apache Impala before 3.0.1 allows a Kerberos-authenticated but unauthorized user to inject random data into a running query, leading to wrong results for a query.
568 CVE-2018-11742 2018-12-26 2018-12-26
0.0
None ??? ??? ??? ??? ??? ???
NEC Univerge Sv9100 WebPro 6.00.00 devices have Cleartext Password Storage in the Web UI.
569 CVE-2018-11741 2018-12-26 2018-12-26
0.0
None ??? ??? ??? ??? ??? ???
NEC Univerge Sv9100 WebPro 6.00.00 devices have Predictable Session IDs that result in Account Information Disclosure via Home.htm?sessionId=#####&GOTO(8) URIs.
570 CVE-2018-11347 Http R.Spl. 2018-12-04 2018-12-04
0.0
None ??? ??? ??? ??? ??? ???
The YunoHost 2.7.2 through 2.7.14 web application is affected by one HTTP Response Header Injection. This flaw allows an attacker to inject, into the response from the server, one or several HTTP Header. It requires an interaction with the user to send him the malicious link. It could be used to perform other attacks such as user redirection to a malicious website, HTTP response splitting, or HTTP cache poisoning.
571 CVE-2018-11288 2019-01-18 2019-01-18
0.0
None ??? ??? ??? ??? ??? ???
Possible undefined behavior due to lack of size check in function for parameter segment_idx can lead to a read outside of the intended region in snapdragon automobile, snapdragon mobile and snapdragon wear in versions MDM9206, MDM9607, MDM9650, MDM9655, MSM8996AU, SD 210/SD 212/SD 205, SD 410/12, SD 712 / SD 710 / SD 670, SD 820, SD 820A, SD 835, SD 845 / SD 850, SDX24, SXR1130
572 CVE-2018-11284 2019-01-18 2019-01-18
0.0
None ??? ??? ??? ??? ??? ???
Spoofed SMS can be used to send a large number of messages to the device which will in turn initiate a flood of registration updates with the server in snapdragon mobile and snapdragon wear in versions MDM9206, MDM9607, MDM9650, SD 210/SD 212/SD 205, SD 625, SD 636, SDA660, SDM630, SDM660, SDX20
573 CVE-2018-11279 Overflow 2019-01-18 2019-01-19
0.0
None ??? ??? ??? ??? ??? ???
Lack of check of input size can make device memory get corrupted because of buffer overflow in snapdragon automobile, snapdragon mobile and snapdragon wear in versions MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 439 / SD 429, SD 450, SD 615/16/SD 415, SD 625, SD 636, SD 650/52, SD 712 / SD 710 / SD 670, SD 810, SD 820, SD 820A, SD 835, SD 845 / SD 850, SDA660, SDM439, SDM630, SDM660, SDX20, Snapdragon_High_Med_2016, SXR1130
574 CVE-2018-11200 XSS 2019-09-20 2019-09-20
0.0
None ??? ??? ??? ??? ??? ???
An issue was discovered in Mautic 2.13.1. It has Stored XSS via the company name field.
575 CVE-2018-11125 2018-05-15 2018-05-15
0.0
None ??? ??? ??? ??? ??? ???
Tencent RapidJSON 1.1.0 has a heap-based buffer over-read in the Peek function in stream.h.
576 CVE-2018-11083 2018-10-05 2018-10-05
0.0
None ??? ??? ??? ??? ??? ???
Cloud Foundry BOSH, versions v264 prior to v264.14.0 and v265 prior to v265.7.0 and v266 prior to v266.8.0 and v267 prior to v267.2.0, allows refresh tokens to be as access tokens when using UAA for authentication. A remote attacker with an admin refresh token given by UAA can be used to access BOSH resources without obtaining an access token, even if their user no longer has access to those resources.
577 CVE-2018-11062 +Priv 2018-11-02 2018-11-03
0.0
None ??? ??? ??? ??? ??? ???
Integrated Data Protection Appliance versions 2.0, 2.1, and 2.2 contain undocumented accounts named 'support' and 'admin' that are protected with default passwords. These accounts have limited privileges and can access certain system files only. A malicious user with the knowledge of the default passwords may potentially log in to the system and gain read and write access to certain system files.
578 CVE-2018-10886 2018-07-16 2018-07-19
0.0
None ??? ??? ??? ??? ??? ???
ant before version 1.9.12 unzip and untar targets allows the extraction of files outside the target directory. A crafted zip or tar file submitted to an Ant build could create or overwrite arbitrary files with the privileges of the user running Ant.
579 CVE-2018-10712 2018-10-30 2018-10-31
0.0
None ??? ??? ??? ??? ??? ???
The AsrDrv101.sys and AsrDrv102.sys low-level drivers in ASRock RGBLED before v1.0.35.1, A-Tuning before v3.0.210, F-Stream before v3.0.210, and RestartToUEFI before v1.0.6.2 expose functionality to read/write data from/to IO ports. This could be leveraged in a number of ways to ultimately run code with elevated privileges.
580 CVE-2018-10711 Exec Code 2018-10-30 2018-10-31
0.0
None ??? ??? ??? ??? ??? ???
The AsrDrv101.sys and AsrDrv102.sys low-level drivers in ASRock RGBLED before v1.0.35.1, A-Tuning before v3.0.210, F-Stream before v3.0.210, and RestartToUEFI before v1.0.6.2 expose functionality to read and write Machine Specific Registers (MSRs). This could be leveraged to execute arbitrary ring-0 code.
581 CVE-2018-10710 2018-10-30 2018-10-31
0.0
None ??? ??? ??? ??? ??? ???
The AsrDrv101.sys and AsrDrv102.sys low-level drivers in ASRock RGBLED before v1.0.35.1, A-Tuning before v3.0.210, F-Stream before v3.0.210, and RestartToUEFI before v1.0.6.2 expose functionality to read and write arbitrary physical memory. This could be leveraged by a local attacker to elevate privileges.
582 CVE-2018-10709 2018-10-30 2018-10-31
0.0
None ??? ??? ??? ??? ??? ???
The AsrDrv101.sys and AsrDrv102.sys low-level drivers in ASRock RGBLED before v1.0.35.1, A-Tuning before v3.0.210, F-Stream before v3.0.210, and RestartToUEFI before v1.0.6.2 expose functionality to read and write CR register values. This could be leveraged in a number of ways to ultimately run code with elevated privileges.
583 CVE-2018-10532 Bypass 2018-10-30 2018-10-30
0.0
None ??? ??? ??? ??? ??? ???
An issue was discovered on EE 4GEE HH70VB-2BE8GB3 HH70_E1_02.00_19 devices. Hardcoded root SSH credentials were discovered to be stored within the "core_app" binary utilised by the EE router for networking services. An attacker with knowledge of the default password (oelinux123) could login to the router via SSH as the root user, which could allow for the loss of confidentiality, integrity, and availability of the system. This would also allow for the bypass of the "AP Isolation" mode that is supported by the router, as well as the settings for multiple Wireless networks, which a user may use for guest clients.
584 CVE-2018-9567 2018-12-06 2018-12-07
0.0
None ??? ??? ??? ??? ??? ???
On Pixel devices there is a bug causing verified boot to show the same certificate fingerprint despite using different signing keys. This may lead to local escalation of privilege if people are relying on those fingerprints to determine what version of the OS the device is running, with System execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: Android kernel. Android ID: A-65543936.
585 CVE-2018-9459 2018-11-06 2018-11-07
0.0
None ??? ??? ??? ??? ??? ???
In Attachment of Attachment.java and getFilePath of EmlAttachmentProvider.java, there is a possible Elevation of Privilege due to a path traversal error. This could lead to a remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-6.0 Android-6.0.1 Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android ID: A-66230183.
586 CVE-2018-9458 2018-11-06 2018-11-07
0.0
None ??? ??? ??? ??? ??? ???
In computeFocusedWindow of RootWindowContainer.java, and related functions, there is possible interception of keypresses due to focus being on the wrong window. This could lead to local escalation of privilege revealing the user's keypresses while the screen was locked with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android Versions: Android-8.0 Android-8.1 Android ID: A-71786287.
587 CVE-2018-9329 2018-04-05 2018-04-09
0.0
None ??? ??? ??? ??? ??? ???
** DISPUTED ** The Bitdefender Antivirus 6.2.19.890 component, as configured for AV Defender in SolarWinds N-Central and possibly other products, attempts to access hosts in the bitdefeder.net Potentially Unwanted Domain (a domain similar to "bitdefender.net" but with a missing 'n' character) in unspecified circumstances. The observed hostnames are of the form upgr-midgress-##.htz.bitdefeder.net; however, all hostnames ending in .bitdefeder.net apparently resolve to the same IP address. This product behavior may allow remote attackers to block antivirus updates or potentially provide crafted updates, either by controlling that IP address or by purchasing the bitdefeder.net domain name. NOTE: the vendor reportedly disputes the details of this finding, indicating that a user's tools may have displayed upgr-midgress-##.htz.bitdefeder.net names because of incorrect DNS PTR records, not actual outbound traffic to an unintended IP address.
588 CVE-2018-9086 Exec Code 2018-11-16 2018-11-16
0.0
None ??? ??? ??? ??? ??? ???
In some Lenovo ThinkServer-branded servers, a command injection vulnerability exists in the BMC firmware download command. This allows a privileged user to download and execute arbitrary code inside the BMC. This can only be exploited by authorized privileged users.
589 CVE-2018-9085 2018-11-16 2018-11-16
0.0
None ??? ??? ??? ??? ??? ???
A write protection lock bit was left unset after boot on an older generation of Lenovo and IBM System x servers, potentially allowing an attacker with administrator access to modify the subset of flash memory containing Intel Server Platform Services (SPS) and the system Flash Descriptors.
590 CVE-2018-8955 Exec Code 2018-10-24 2018-10-24
0.0
None ??? ??? ??? ??? ??? ???
The installer for BitDefender GravityZone relies on an encoded string in a filename to determine the URL for installation metadata, which allows remote attackers to execute arbitrary code by changing the filename while leaving the file's digital signature unchanged.
591 CVE-2018-8920 2018-12-24 2018-12-24
0.0
None ??? ??? ??? ??? ??? ???
Improper neutralization of escape vulnerability in Log Exporter in Synology DiskStation Manager (DSM) before 6.1.6-15266 allows remote attackers to inject arbitrary content to have an unspecified impact by exporting an archive in CSV format.
592 CVE-2018-8599 2018-12-11 2018-12-12
0.0
None ??? ??? ??? ??? ??? ???
An elevation of privilege vulnerability exists when the Diagnostics Hub Standard Collector Service improperly impersonates certain file operations, aka "Diagnostics Hub Standard Collector Service Elevation of Privilege Vulnerability." This affects Microsoft Visual Studio, Windows Server 2019, Windows Server 2016, Windows 10, Windows 10 Servers.
593 CVE-2018-8086 DoS 2018-03-12 2018-03-12
0.0
None ??? ??? ??? ??? ??? ???
The basename implementation in string/basename.c in the GNU C Library (aka glibc or libc6) 2.26 allows attackers to cause a denial of service (segmentation fault), within the assembly code for strrchr, via a crafted argument.
594 CVE-2018-8033 2018-12-13 2018-12-13
0.0
None ??? ??? ??? ??? ??? ???
In Apache OFBiz 16.11.01 to 16.11.04, the OFBiz HTTP engine (org.apache.ofbiz.service.engine.HttpEngine.java) handles requests for HTTP services via the /webtools/control/httpService endpoint. Both POST and GET requests to the httpService endpoint may contain three parameters: serviceName, serviceMode, and serviceContext. The exploitation occurs by having DOCTYPEs pointing to external references that trigger a payload that returns secret information from the host.
595 CVE-2018-8021 Exec Code 2018-11-07 2018-12-05
0.0
None ??? ??? ??? ??? ??? ???
Versions of Superset prior to 0.23 used an unsafe load method from the pickle library to deserialize data leading to possible remote code execution. Note Superset 0.23 was released prior to any Superset release under the Apache Software Foundation.
596 CVE-2018-7988 Bypass 2018-11-27 2018-11-27
0.0
None ??? ??? ??? ??? ??? ???
There is a Factory Reset Protection (FRP) bypass vulnerability on several smartphones. The system does not sufficiently verify the permission, an attacker uses a data cable to connect the smartphone to another smartphone and then perform a series of specific operations. Successful exploit could allow the attacker bypass the FRP protection.
597 CVE-2018-7961 +Info 2018-11-27 2018-11-27
0.0
None ??? ??? ??? ??? ??? ???
There is a smart SMS verification code vulnerability in some Huawei smart phones. An attacker should trick a user to access malicious Website or malicious App and register. Due to incorrect processing of the smart SMS verification code, successful exploitation can cause sensitive information leak.
598 CVE-2018-7956 2018-12-04 2018-12-04
0.0
None ??? ??? ??? ??? ??? ???
Huawei VIP App is a mobile app for Malaysia customers that purchased P20 Series, Nova 3/3i and Mate 20. There is a vulnerability in versions before 4.0.5 that attackers can conduct bruteforce to the VIP App Web Services to get user information.
599 CVE-2018-7900 +Info 2019-01-02 2019-01-03
0.0
None ??? ??? ??? ??? ??? ???
There is an information leak vulnerability in some Huawei HG products. An attacker may obtain information about the HG device by exploiting this vulnerability.
600 CVE-2018-7837 2018-12-24 2019-01-10
0.0
None ??? ??? ??? ??? ??? ???
An Improper Restriction of XML External Entity Reference ('XXE') vulnerability exists on numerous methods of the IIoT Monitor 3.1.38 software that could allow the software to resolve documents outside of the intended sphere of control, causing the software to embed incorrect documents into its output and expose restricted information.
Total number of vulnerabilities : 994   Page : 1 2 3 4 5 6 7 8 9 10 11 12 (This Page)13 14 15 16 17 18 19 20
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.