CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
601 CVE-2018-18629 +Priv 2018-12-20 2018-12-21
0.0
None ??? ??? ??? ??? ??? ???
An issue was discovered in the Keybase command-line client before 2.8.0-20181023124437 for Linux. An untrusted search path vulnerability in the keybase-redirector application allows a local, unprivileged user on Linux to gain root privileges via a Trojan horse binary.
602 CVE-2018-18628 Exec Code 2018-10-23 2018-10-23
0.0
None ??? ??? ??? ??? ??? ???
An issue was discovered in Pippo 1.11.0. The function SerializationSessionDataTranscoder.decode() calls ObjectInputStream.readObject() to deserialize a SessionData object without checking the object types. An attacker can create a malicious object, base64 encode it, and place it in the PIPPO_SESSION field of a cookie. Sending this cookie may lead to remote code execution.
603 CVE-2018-18602 2018-12-31 2018-12-31
0.0
None ??? ??? ??? ??? ??? ???
The Cloud API on Guardzilla smart cameras allows user enumeration, with resultant arbitrary camera access and monitoring.
604 CVE-2018-18601 Overflow 2018-12-31 2018-12-31
0.0
None ??? ??? ??? ??? ??? ???
The TK_set_deviceModel_req_handle function in the cloud communication component in Guardzilla GZ621W devices with firmware 0.5.1.4 has a Buffer Overflow.
605 CVE-2018-18593 Dir. Trav. 2018-12-31 2019-01-02
0.0
None ??? ??? ??? ??? ??? ???
Remote Directory Traversal and Remote Disclosure of Privileged Information in UCMDB Configuration Management Service, version 10.22, 10.22 CUP1, 10.22 CUP2, 10.22 CUP3, 10.22 CUP4, 10.22 CUP5, 10.22 CUP6, 10.22 CUP7, 10.33, 10.33 CUP1, 10.33 CUP2, 10.33 CUP3, 2018.02, 2018.05, 2018.08, 2018.11. The vulnerabilities could allow Remote Directory Traversal and Remote Disclosure of Privileged Information
606 CVE-2018-18590 Exec Code 2018-11-07 2018-11-07
0.0
None ??? ??? ??? ??? ??? ???
A potential remote code execution and information disclosure vulnerability exists in Micro Focus Operations Bridge containerized suite versions 2017.11, 2018.02, 2018.05, 2018.08. This vulnerability could allow for information disclosure.
607 CVE-2018-18589 Exec Code 2018-10-23 2018-10-23
0.0
None ??? ??? ??? ??? ??? ???
A potential Remote Arbitrary Code Execution vulnerability has been identified in Micro Focus' Real User Monitoring software, versions 9.26IP, 9.30, 9.40 and 9.50. The vulnerability could be exploited to execute arbitrary code.
608 CVE-2018-18556 2018-12-17 2018-12-17
0.0
None ??? ??? ??? ??? ??? ???
A privilege escalation issue was discovered in VyOS 1.1.8. The default configuration also allows operator users to execute the pppd binary with elevated (sudo) permissions. Certain input parameters are not properly validated. A malicious operator user can run the binary with elevated permissions and leverage its improper input validation condition to spawn an attacker-controlled shell with root privileges.
609 CVE-2018-18555 +Priv 2018-12-17 2018-12-17
0.0
None ??? ??? ??? ??? ??? ???
A sandbox escape issue was discovered in VyOS 1.1.8. It provides a restricted management shell for operator users to administer the device. By issuing various shell special characters with certain commands, an authenticated operator user can break out of the management shell and gain access to the underlying Linux shell. The user can then run arbitrary operating system commands with the privileges afforded by their account.
610 CVE-2018-18537 2018-12-26 2018-12-26
0.0
None ??? ??? ??? ??? ??? ???
The GLCKIo low-level driver in ASUS Aura Sync v1.07.22 and earlier exposes a path to write an arbitrary DWORD to an arbitrary address.
611 CVE-2018-18536 2018-12-26 2018-12-26
0.0
None ??? ??? ??? ??? ??? ???
The GLCKIo and Asusgio low-level drivers in ASUS Aura Sync v1.07.22 and earlier expose functionality to read/write data from/to IO ports. This could be leveraged in a number of ways to ultimately run code with elevated privileges.
612 CVE-2018-18535 Exec Code 2018-12-26 2018-12-26
0.0
None ??? ??? ??? ??? ??? ???
The Asusgio low-level driver in ASUS Aura Sync v1.07.22 and earlier exposes functionality to read and write Machine Specific Registers (MSRs). This could be leveraged to execute arbitrary ring-0 code.
613 CVE-2018-18531 Bypass 2018-10-19 2018-10-19
0.0
None ??? ??? ??? ??? ??? ???
text/impl/DefaultTextCreator.java, text/impl/ChineseTextProducer.java, and text/impl/FiveLetterFirstNameTextCreator.java in kaptcha 2.3.2 use the Random (rather than SecureRandom) function for generating CAPTCHA values, which makes it easier for remote attackers to bypass intended access restrictions via a brute-force approach.
614 CVE-2018-18442 2018-12-20 2018-12-20
0.0
None ??? ??? ??? ??? ??? ???
D-Link DCS-825L devices with firmware 1.08 do not employ a suitable mechanism to prevent denial-of-service (DoS) attacks. An attacker can harm the device availability (i.e., live-online video/audio streaming) by using the hping3 tool to perform an IPv4 flood attack. Verified attacks includes SYN flooding, UDP flooding, ICMP flooding, and SYN-ACK flooding.
615 CVE-2018-18441 2018-12-20 2018-12-20
0.0
None ??? ??? ??? ??? ??? ???
D-Link DCS series Wi-Fi cameras expose sensitive information regarding the device configuration. The affected devices include many of DCS series, such as: DCS-936L, DCS-942L, DCS-8000LH, DCS-942LB1, DCS-5222L, DCS-825L, DCS-2630L, DCS-820L, DCS-855L, DCS-2121, DCS-5222LB1, DCS-5020L, and many more. There are many affected firmware versions starting from 1.00 and above. The configuration file can be accessed remotely through: <Camera-IP>/common/info.cgi, with no authentication. The configuration file include the following fields: model, product, brand, version, build, hw_version, nipca version, device name, location, MAC address, IP address, gateway IP address, wireless status, input/output settings, speaker, and sensor settings.
616 CVE-2018-18380 2018-10-19 2018-10-30
0.0
None ??? ??? ??? ??? ??? ???
A Session Fixation issue was discovered in Bigtree before 4.2.24. admin.php accepts a user-provided PHP session ID instead of regenerating a new one after a user has logged in to the application. The Session Fixation could allow an attacker to hijack an admin session.
617 CVE-2018-18363 Bypass 2019-01-24 2019-01-24
0.0
None ??? ??? ??? ??? ??? ???
Norton App Lock prior to 1.4.0.445 can be susceptible to a bypass exploit. In this type of circumstance, the exploit can allow the user to circumvent the app to prevent it from locking the device, thereby allowing the individual to gain device access.
618 CVE-2018-18332 2018-12-21 2018-12-21
0.0
None ??? ??? ??? ??? ??? ???
A Trend Micro OfficeScan XG weak file permissions vulnerability may allow an attacker to potentially manipulate permissions on some key files to modify other files and folders on vulnerable installations.
619 CVE-2018-18331 2018-12-21 2018-12-21
0.0
None ??? ??? ??? ??? ??? ???
A Trend Micro OfficeScan XG weak file permissions vulnerability on a particular folder for a particular group may allow an attacker to alter the files, which could lead to other exploits on vulnerable installations.
620 CVE-2018-18264 Bypass 2019-01-02 2019-01-11
0.0
None ??? ??? ??? ??? ??? ???
Kubernetes Dashboard before 1.10.1 allows attackers to bypass authentication and use Dashboard's Service Account for reading secrets within the cluster.
621 CVE-2018-18224 +Info 2018-10-19 2018-12-21
0.0
None ??? ??? ??? ??? ??? ???
A vulnerability exists in the file reading procedure in Open Design Alliance Drawings SDK 2019Update1 on non-Windows platforms in which attackers could perform read operations past the end, or before the beginning, of the intended buffer. This can allow attackers to obtain sensitive information from process memory or cause a crash.
622 CVE-2018-18223 +Info 2018-10-19 2018-12-21
0.0
None ??? ??? ??? ??? ??? ???
Open Design Alliance Drawings SDK 2019Update1 has a vulnerability during the reading of malformed files, allowing attackers to obtain sensitive information from process memory or cause a crash.
623 CVE-2018-18203 Exec Code 2018-11-28 2018-11-28
0.0
None ??? ??? ??? ??? ??? ???
A vulnerability in the update mechanism of Subaru StarLink Harman head units 2017, 2018, and 2019 may give an attacker (with physical access to the vehicle's USB ports) the ability to rewrite the firmware of the head unit. This occurs because the device accepts modified QNX6 filesystem images (as long as the attacker obtains access to certain Harman decryption/encryption code) as a consequence of a bug where unsigned images pass a validity check. An attacker could potentially install persistent malicious head unit firmware and execute arbitrary code as the root user.
624 CVE-2018-18093 +Priv 2018-12-13 2018-12-13
0.0
None ??? ??? ??? ??? ??? ???
Improper file permissions in the installer for Intel VTune Amplifier 2018 Update 3 and before may allow unprivileged user to potentially gain privileged access via local access.
625 CVE-2018-18014 Exec Code 2018-10-24 2018-10-24
0.0
None ??? ??? ??? ??? ??? ???
** DISPUTED *** Lack of authentication in Citrix Xen Mobile through 10.8 allows low-privileged local users to execute system commands as root by making requests to private services listening on ports 8000, 30000 and 30001. NOTE: the vendor disputes that this is a vulnerability, stating it is "already mitigated by the internal firewall that limits access to configuration services to localhost."
626 CVE-2018-18013 Exec Code 2018-10-24 2018-10-24
0.0
None ??? ??? ??? ??? ??? ???
** DISPUTED *** Xen Mobile through 10.8.0 includes a service listening on port 5001 within its firewall that accepts unauthenticated input. If this service is supplied with raw serialised Java objects, it deserialises them back into Java objects in memory, giving rise to a remote code execution vulnerability. NOTE: the vendor disputes that this is a vulnerability, stating it is "already mitigated by the internal firewall that limits access to configuration services to localhost."
627 CVE-2018-18009 2018-12-21 2018-12-28
0.0
None ??? ??? ??? ??? ??? ???
dirary0.js on D-Link DIR-140L, DIR-640L devices allows remote unauthenticated attackers to discover admin credentials.
628 CVE-2018-18007 2018-12-21 2018-12-28
0.0
None ??? ??? ??? ??? ??? ???
atbox.htm on D-Link DSL-2770L devices allows remote unauthenticated attackers to discover admin credentials.
629 CVE-2018-17987 2018-12-26 2018-12-26
0.0
None ??? ??? ??? ??? ??? ???
The determineWinner function of a smart contract implementation for HashHeroes Tiles, an Ethereum game, uses a certain blockhash value in an attempt to generate a random number for the case where NUM_TILES equals the number of people who purchased a tile, which allows an attacker to control the awarding of the prize by being the last person to purchase a tile.
630 CVE-2018-17975 2018-12-04 2018-12-04
0.0
None ??? ??? ??? ??? ??? ???
An issue was discovered in GitLab Community Edition 11.x before 11.1.8, 11.2.x before 11.2.5, and 11.3.x before 11.3.2. There is Information Exposure via the GFM markdown API.
631 CVE-2018-17957 2018-12-26 2018-12-26
0.0
None ??? ??? ??? ??? ??? ???
The YaST2 RMT module for configuring the SUSE Repository Mirroring Tool (RMT) before 1.1.2 exposed MySQL database passwords on process commandline, allowing local attackers to access or corrupt the RMT database.
632 CVE-2018-17950 2018-12-12 2018-12-12
0.0
None ??? ??? ??? ??? ??? ???
Incorrect enforcement of authorization checks in eDirectory prior to 9.1 SP2
633 CVE-2018-17939 2018-12-04 2018-12-04
0.0
None ??? ??? ??? ??? ??? ???
An issue was discovered in GitLab Community and Enterprise Edition 11.1.x before 11.1.8, 11.2.x before 11.2.5, and 11.3.x before 11.3.2. There is Information Exposure via the merge request JSON endpoint.
634 CVE-2018-17935 2018-10-24 2018-10-26
0.0
None ??? ??? ??? ??? ??? ???
All versions of Telecrane F25 Series Radio Controls before 00.0A use fixed codes that are reproducible by sniffing and re-transmission. This can lead to unauthorized replay of a command, spoofing of an arbitrary message, or keeping the controlled load in a permanent "stop" state.
635 CVE-2018-17921 2018-10-24 2018-10-26
0.0
None ??? ??? ??? ??? ??? ???
SAGA1-L8B with any firmware versions prior to A0.10 are vulnerable to an attack that may allow an attacker to force-pair the device without human interaction.
636 CVE-2018-17912 2018-11-02 2018-11-05
0.0
None ??? ??? ??? ??? ??? ???
An XXE vulnerability exists in CASE Suite Versions 3.10 and prior when processing parameter entities, which may allow remote file disclosure.
637 CVE-2018-17906 2018-11-19 2018-11-20
0.0
None ??? ??? ??? ??? ??? ???
Philips iSite and IntelliSpace PACS, iSite PACS, all versions, and IntelliSpace PACS, all versions. Default credentials and no authentication within third party software may allow an attacker to compromise a component of the system.
638 CVE-2018-17904 2018-10-25 2018-10-26
0.0
None ??? ??? ??? ??? ??? ???
Reliance 4 SCADA/HMI, Version 4.7.3 Update 3 and prior. This vulnerability could allow an unauthorized attacker to inject arbitrary code.
639 CVE-2018-17873 2018-10-23 2018-10-23
0.0
None ??? ??? ??? ??? ??? ???
An incorrect access control vulnerability in the FTP configuration of WiFiRanger devices with firmware version 7.0.8rc3 and earlier allows an attacker with adjacent network access to read the SSH Private Key and log in to the root account.
640 CVE-2018-17854 DoS 2018-10-01 2018-10-01
0.0
None ??? ??? ??? ??? ??? ???
SIMDComp before 0.1.1 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) because it can read (and then discard) extra bytes. NOTE: this issue exists because of an incomplete fix for CVE-2018-17427.
641 CVE-2018-17851 DoS 2018-10-01 2018-10-01
0.0
None ??? ??? ??? ??? ??? ???
An issue was discovered in JsonCpp 1.8.4. An unhandled exception vulnerability exists in Json::OurReader::readValue() in json_reader.cpp after throwing an instance of "Json::RuntimeError what(): Exceeded stackLimit." Specially crafted JSON requests can cause an unhandled exception resulting in denial of service. An attacker can send malicious JSON to trigger this vulnerability.
642 CVE-2018-17850 DoS 2018-10-01 2018-10-01
0.0
None ??? ??? ??? ??? ??? ???
An issue was discovered in JsonCpp 1.8.4. An unhandled exception vulnerability exists in Json::Value::clear() in json_value.cpp after throwing an instance of "Json::LogicError what(): requires complex value." Specially crafted JSON requests can cause an unhandled exception resulting in denial of service. An attacker can send malicious JSON to trigger this vulnerability.
643 CVE-2018-17790 XSS 2019-08-15 2019-08-15
0.0
None ??? ??? ??? ??? ??? ???
Prospecta Master Data Online (MDO) 2.0 has Stored XSS.
644 CVE-2018-17777 Bypass 2018-12-18 2018-12-18
0.0
None ??? ??? ??? ??? ??? ???
An issue was discovered on D-Link DVA-5592 A1_WI_20180823 devices. If the PIN of the page "/ui/cbpc/login" is the default Parental Control PIN (0000), it is possible to bypass the login form by editing the path of the cookie "sid" generated by the page. The attacker will have access to the router control panel with administrator privileges.
645 CVE-2018-17705 Exec Code 2019-01-23 2019-01-23
0.0
None ??? ??? ??? ??? ??? ???
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.2.0.9297. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of the display property of CheckBox objects. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-7255.
646 CVE-2018-17704 Exec Code 2019-01-23 2019-01-23
0.0
None ??? ??? ??? ??? ??? ???
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.2.0.9297. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of the textColor property of RadioButton objects. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-7254.
647 CVE-2018-17703 Exec Code 2019-01-23 2019-01-23
0.0
None ??? ??? ??? ??? ??? ???
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.2.0.9297. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of the defaultValue property of ComboBox objects. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-7253.
648 CVE-2018-17702 Exec Code 2019-01-23 2019-01-23
0.0
None ??? ??? ??? ??? ??? ???
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.2.0.9297. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of the richValue property of button objects. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-7252.
649 CVE-2018-17701 Exec Code 2019-01-23 2019-01-23
0.0
None ??? ??? ??? ??? ??? ???
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit PhantomPDF 9.2.0.9297. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of JSON objects. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-7132.
650 CVE-2018-17700 Exec Code 2019-01-23 2019-01-23
0.0
None ??? ??? ??? ??? ??? ???
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit PhantomPDF 9.2.0.9297. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of Array.prototype.concat. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-7131.
Total number of vulnerabilities : 1161   Page : 1 2 3 4 5 6 7 8 9 10 11 12 13 (This Page)14 15 16 17 18 19 20 21 22 23 24
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.