# |
CVE ID
|
CWE ID
|
# of Exploits
|
Vulnerability Type(s)
|
Publish Date
|
Update Date
|
Score
|
Gained Access Level
|
Access
|
Complexity
|
Authentication
|
Conf.
|
Integ.
|
Avail.
|
6601 |
CVE-2018-1000028 |
269 |
|
|
2018-02-09 |
2019-10-02 |
5.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
None |
Linux kernel version after commit bdcf0a423ea1 - 4.15-rc4+, 4.14.8+, 4.9.76+, 4.4.111+ contains a Incorrect Access Control vulnerability in NFS server (nfsd) that can result in remote users reading or writing files they should not be able to via NFS. This attack appear to be exploitable via NFS server must export a filesystem with the "rootsquash" options enabled. This vulnerability appears to have been fixed in after commit 1995266727fa. |
6602 |
CVE-2018-1000027 |
476 |
|
DoS |
2018-02-09 |
2019-07-17 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
The Squid Software Foundation Squid HTTP Caching Proxy version prior to version 4.0.23 contains a NULL Pointer Dereference vulnerability in HTTP Response X-Forwarded-For header processing that can result in Denial of Service to all clients of the proxy. This attack appear to be exploitable via Remote HTTP server responding with an X-Forwarded-For header to certain types of HTTP request. This vulnerability appears to have been fixed in 4.0.23 and later. |
6603 |
CVE-2018-1000026 |
20 |
|
|
2018-02-09 |
2019-05-10 |
6.8 |
None |
Remote |
Low |
Single system |
None |
None |
Complete |
Linux Linux kernel version at least v4.8 onwards, probably well before contains a Insufficient input validation vulnerability in bnx2x network card driver that can result in DoS: Network card firmware assertion takes card off-line. This attack appear to be exploitable via An attacker on a must pass a very large, specially crafted packet to the bnx2x card. This can be done from an untrusted guest VM.. |
6604 |
CVE-2018-1000025 |
732 |
|
|
2018-02-09 |
2019-10-02 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
Jerome Gamez Firebase Admin SDK for PHP version from 3.2.0 to 3.8.0 contains a Incorrect Access Control vulnerability in src/Firebase/Auth/IdTokenVerifier.php does not verify for token signature that can result in JWT with any email address and user ID could be forged from an actual token, or from thin air. This attack appear to be exploitable via Attacker would only need to know email address of the victim on most cases.. This vulnerability appears to have been fixed in 3.8.1. |
6605 |
CVE-2018-1000024 |
|
|
DoS |
2018-02-09 |
2019-10-02 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
The Squid Software Foundation Squid HTTP Caching Proxy version 3.0 to 3.5.27, 4.0 to 4.0.22 contains a Incorrect Pointer Handling vulnerability in ESI Response Processing that can result in Denial of Service for all clients using the proxy.. This attack appear to be exploitable via Remote server delivers an HTTP response payload containing valid but unusual ESI syntax.. This vulnerability appears to have been fixed in 4.0.23 and later. |
6606 |
CVE-2018-1000023 |
20 |
|
|
2018-02-09 |
2018-03-06 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
Bitpay/insight-api Insight-api version 5.0.0 and earlier contains a CWE-20: input validation vulnerability in transaction broadcast endpoint that can result in Full Path Disclosure. This attack appear to be exploitable via Web request. |
6607 |
CVE-2018-1000022 |
862 |
|
|
2018-02-09 |
2019-10-02 |
2.6 |
None |
Remote |
High |
Not required |
Partial |
None |
None |
Electrum Technologies GmbH Electrum Bitcoin Wallet version prior to version 3.0.5 contains a Missing Authorization vulnerability in JSONRPC interface that can result in Bitcoin theft, if the user's wallet is not password protected. This attack appear to be exploitable via The victim must visit a web page with specially crafted javascript. This vulnerability appears to have been fixed in 3.0.5. |
6608 |
CVE-2018-1000021 |
20 |
|
|
2018-02-09 |
2018-03-06 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
GIT version 2.15.1 and earlier contains a Input Validation Error vulnerability in Client that can result in problems including messing up terminal configuration to RCE. This attack appear to be exploitable via The user must interact with a malicious git server, (or have their traffic modified in a MITM attack). |
6609 |
CVE-2018-1000020 |
79 |
|
XSS |
2018-02-09 |
2018-03-01 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
OpenEMR version 5.0.0 contains a Cross Site Scripting (XSS) vulnerability in open-flash-chart.swf and _posteddata.php that can result in . This vulnerability appears to have been fixed in 5.0.0 Patch 2 or higher. |
6610 |
CVE-2018-1000018 |
532 |
|
|
2018-01-24 |
2019-10-02 |
2.1 |
None |
Local |
Low |
Not required |
Partial |
None |
None |
An information disclosure in ovirt-hosted-engine-setup prior to 2.2.7 reveals the root user's password in the log file. |
6611 |
CVE-2018-1000015 |
732 |
|
|
2018-01-23 |
2019-10-02 |
4.9 |
None |
Remote |
Medium |
Single system |
Partial |
Partial |
None |
On Jenkins instances with Authorize Project plugin, the authentication associated with a build may lack the Computer/Build permission on some agents. This did not prevent the execution of Pipeline `node` blocks on those agents due to incorrect permissions checks in Pipeline: Nodes and Processes plugin 2.17 and earlier. |
6612 |
CVE-2018-1000014 |
352 |
|
CSRF |
2018-01-23 |
2018-02-07 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
Jenkins Translation Assistance Plugin 1.15 and earlier did not require form submissions to be submitted via POST, resulting in a CSRF vulnerability allowing attackers to override localized strings displayed to all users on the current Jenkins instance if the victim is a Jenkins administrator. |
6613 |
CVE-2018-1000013 |
352 |
|
CSRF |
2018-01-23 |
2018-02-07 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
Jenkins Release Plugin 2.9 and earlier did not require form submissions to be submitted via POST, resulting in a CSRF vulnerability allowing attackers to trigger release builds. |
6614 |
CVE-2018-1000012 |
611 |
|
|
2018-01-23 |
2018-02-07 |
6.5 |
None |
Remote |
Low |
Single system |
Partial |
Partial |
Partial |
Jenkins Warnings Plugin 4.64 and earlier processes XML external entities in files it parses as part of the build process, allowing attackers with user permissions in Jenkins to extract secrets from the Jenkins master, perform server-side request forgery, or denial-of-service attacks. |
6615 |
CVE-2018-1000011 |
611 |
|
|
2018-01-23 |
2018-02-07 |
6.5 |
None |
Remote |
Low |
Single system |
Partial |
Partial |
Partial |
Jenkins FindBugs Plugin 4.71 and earlier processes XML external entities in files it parses as part of the build process, allowing attackers with user permissions in Jenkins to extract secrets from the Jenkins master, perform server-side request forgery, or denial-of-service attacks. |
6616 |
CVE-2018-1000010 |
611 |
|
|
2018-01-23 |
2018-02-07 |
6.5 |
None |
Remote |
Low |
Single system |
Partial |
Partial |
Partial |
Jenkins DRY Plugin 2.49 and earlier processes XML external entities in files it parses as part of the build process, allowing attackers with user permissions in Jenkins to extract secrets from the Jenkins master, perform server-side request forgery, or denial-of-service attacks. |
6617 |
CVE-2018-1000009 |
611 |
|
|
2018-01-23 |
2018-02-07 |
6.5 |
None |
Remote |
Low |
Single system |
Partial |
Partial |
Partial |
Jenkins Checkstyle Plugin 3.49 and earlier processes XML external entities in files it parses as part of the build process, allowing attackers with user permissions in Jenkins to extract secrets from the Jenkins master, perform server-side request forgery, or denial-of-service attacks. |
6618 |
CVE-2018-1000008 |
611 |
|
|
2018-01-23 |
2018-02-07 |
6.5 |
None |
Remote |
Low |
Single system |
Partial |
Partial |
Partial |
Jenkins PMD Plugin 3.49 and earlier processes XML external entities in files it parses as part of the build process, allowing attackers with user permissions in Jenkins to extract secrets from the Jenkins master, perform server-side request forgery, or denial-of-service attacks. |
6619 |
CVE-2018-1000007 |
200 |
|
+Info |
2018-01-24 |
2019-06-18 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
libcurl 7.1 through 7.57.0 might accidentally leak authentication data to third parties. When asked to send custom headers in its HTTP requests, libcurl will send that set of headers first to the host in the initial URL but also, if asked to follow redirects and a 30X HTTP response code is returned, to the host mentioned in URL in the `Location:` response header value. Sending the same set of headers to subsequent hosts is in particular a problem for applications that pass on custom `Authorization:` headers, as this header often contains privacy sensitive information or data that could allow others to impersonate the libcurl-using client's request. |
6620 |
CVE-2018-1000005 |
125 |
|
|
2018-01-24 |
2019-06-18 |
6.4 |
None |
Remote |
Low |
Not required |
Partial |
None |
Partial |
libcurl 7.49.0 to and including 7.57.0 contains an out bounds read in code handling HTTP/2 trailers. It was reported (https://github.com/curl/curl/pull/2231) that reading an HTTP/2 trailer could mess up future trailers since the stored size was one byte less than required. The problem is that the code that creates HTTP/1-like headers from the HTTP/2 trailer data once appended a string like `:` to the target buffer, while this was recently changed to `: ` (a space was added after the colon) but the following math wasn't updated correspondingly. When accessed, the data is read out of bounds and causes either a crash or that the (too large) data gets passed to client write. This could lead to a denial-of-service situation or an information disclosure if someone has a service that echoes back or uses the trailers for something. |
6621 |
CVE-2018-1000003 |
20 |
|
|
2018-01-22 |
2018-02-06 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
Improper input validation bugs in DNSSEC validators components in PowerDNS version 4.1.0 allow attacker in man-in-the-middle position to deny existence of some data in DNS via packet replay. |
6622 |
CVE-2018-1000002 |
20 |
|
|
2018-01-22 |
2018-02-06 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
Improper input validation bugs in DNSSEC validators components in Knot Resolver (prior version 1.5.2) allow attacker in man-in-the-middle position to deny existence of some data in DNS via packet replay. |
6623 |
CVE-2018-21023 |
94 |
|
Exec Code |
2019-10-08 |
2019-10-15 |
6.5 |
None |
Remote |
Low |
Single system |
Partial |
Partial |
Partial |
getStats.php in Centreon Web before 2.8.28 allows authenticated attackers to execute arbitrary code via the ns_id parameter. |
6624 |
CVE-2018-21022 |
89 |
|
Sql |
2019-10-08 |
2019-10-09 |
6.5 |
None |
Remote |
Low |
Single system |
Partial |
Partial |
Partial |
makeXML_ListServices.php in Centreon Web before 2.8.28 allows attackers to perform SQL injections via the host_id parameter. |
6625 |
CVE-2018-21021 |
89 |
|
Sql |
2019-10-08 |
2019-10-09 |
6.5 |
None |
Remote |
Low |
Single system |
Partial |
Partial |
Partial |
img_gantt.php in Centreon Web before 2.8.27 allows attackers to perform SQL injections via the host_id parameter. |
6626 |
CVE-2018-21020 |
20 |
|
Bypass |
2019-10-08 |
2019-10-11 |
5.0 |
None |
Remote |
Low |
Not required |
None |
Partial |
None |
In very rare cases, a PHP type juggling vulnerability in centreonAuth.class.php in Centreon Web before 2.8.27 allows attackers to bypass authentication mechanisms in place. |
6627 |
CVE-2018-21019 |
200 |
|
+Info |
2019-09-23 |
2019-09-23 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
Home Assistant before 0.67.0 was vulnerable to an information disclosure that allowed an unauthenticated attacker to read the application's error log via components/api.py. |
6628 |
CVE-2018-21017 |
400 |
|
|
2019-09-16 |
2019-09-17 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
GPAC 0.7.1 has a memory leak in dinf_Read in isomedia/box_code_base.c. |
6629 |
CVE-2018-21016 |
125 |
|
DoS |
2019-09-16 |
2019-09-17 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
audio_sample_entry_AddBox() at isomedia/box_code_base.c in GPAC 0.7.1 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted file. |
6630 |
CVE-2018-21015 |
476 |
|
DoS |
2019-09-16 |
2019-09-17 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
AVC_DuplicateConfig() at isomedia/avc_ext.c in GPAC 0.7.1 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted file. There is "cfg_new->AVCLevelIndication = cfg->AVCLevelIndication;" but cfg could be NULL. |
6631 |
CVE-2018-21014 |
79 |
|
XSS |
2019-09-09 |
2019-09-10 |
3.5 |
None |
Remote |
Medium |
Single system |
None |
Partial |
None |
The buddyboss-media plugin through 3.2.3 for WordPress has stored XSS. |
6632 |
CVE-2018-21012 |
79 |
|
XSS |
2019-09-09 |
2019-09-09 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
The cf7-invisible-recaptcha plugin before 1.3.2 for WordPress has XSS. |
6633 |
CVE-2018-21011 |
200 |
|
+Info |
2019-09-09 |
2019-09-11 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
The charitable plugin before 1.5.14 for WordPress has unauthorized access to user and donation details. |
6634 |
CVE-2018-21010 |
119 |
|
Overflow |
2019-09-05 |
2019-10-08 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
OpenJPEG before 2.3.1 has a heap buffer overflow in color_apply_icc_profile in bin/common/color.c. |
6635 |
CVE-2018-21009 |
190 |
|
Overflow |
2019-09-05 |
2019-09-26 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
Poppler before 0.66.0 has an integer overflow in Parser::makeStream in Parser.cc. |
6636 |
CVE-2018-21008 |
416 |
|
|
2019-09-04 |
2019-09-24 |
4.9 |
None |
Local |
Low |
Not required |
None |
None |
Complete |
An issue was discovered in the Linux kernel before 4.16.7. A use-after-free can be caused by the function rsi_mac80211_detach in the file drivers/net/wireless/rsi/rsi_91x_mac80211.c. |
6637 |
CVE-2018-21006 |
352 |
|
CSRF |
2019-08-27 |
2019-08-28 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
The bbp-move-topics plugin before 1.1.6 for WordPress has CSRF. |
6638 |
CVE-2018-21002 |
352 |
|
CSRF |
2019-08-27 |
2019-08-28 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
The js-support-ticket plugin before 2.0.6 for WordPress has CSRF. |
6639 |
CVE-2018-21001 |
79 |
|
XSS |
2019-08-27 |
2019-08-28 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
The anycomment plugin before 0.0.33 for WordPress has XSS. |
6640 |
CVE-2018-20999 |
264 |
|
|
2019-08-26 |
2019-09-03 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
An issue was discovered in the orion crate before 0.11.2 for Rust. reset() calls cause incorrect results. |
6641 |
CVE-2018-20994 |
119 |
|
Overflow |
2019-08-26 |
2019-08-29 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
An issue was discovered in the trust-dns-proto crate before 0.5.0-alpha.3 for Rust. There is infinite recursion because DNS message compression is mishandled. |
6642 |
CVE-2018-20993 |
502 |
|
|
2019-08-26 |
2019-08-28 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
An issue was discovered in the yaml-rust crate before 0.4.1 for Rust. There is uncontrolled recursion during deserialization. |
6643 |
CVE-2018-20992 |
119 |
|
Overflow |
2019-08-26 |
2019-08-28 |
4.3 |
None |
Remote |
Medium |
Not required |
Partial |
None |
None |
An issue was discovered in the claxon crate before 0.4.1 for Rust. Uninitialized memory can be exposed because certain decode buffer sizes are mishandled. |
6644 |
CVE-2018-20990 |
59 |
|
|
2019-08-26 |
2019-08-28 |
6.4 |
None |
Remote |
Low |
Not required |
None |
Partial |
Partial |
An issue was discovered in the tar crate before 0.4.16 for Rust. Arbitrary file overwrite can occur via a symlink or hardlink in a TAR archive. |
6645 |
CVE-2018-20989 |
191 |
|
|
2019-08-26 |
2019-08-30 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
An issue was discovered in the untrusted crate before 0.6.2 for Rust. Error handling can trigger an integer underflow and panic. |
6646 |
CVE-2018-20988 |
74 |
|
|
2019-08-22 |
2019-08-29 |
5.0 |
None |
Remote |
Low |
Not required |
None |
Partial |
None |
The wpgform plugin before 0.94 for WordPress has eval injection in the CAPTCHA calculation. |
6647 |
CVE-2018-20986 |
79 |
|
XSS |
2019-08-22 |
2019-08-27 |
3.5 |
None |
Remote |
Medium |
Single system |
None |
Partial |
None |
The advanced-custom-fields (aka Elliot Condon Advanced Custom Fields) plugin before 5.7.8 for WordPress has XSS by authors. |
6648 |
CVE-2018-20983 |
79 |
|
XSS |
2019-08-22 |
2019-08-26 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
The wp-retina-2x plugin before 5.2.3 for WordPress has XSS. |
6649 |
CVE-2018-20982 |
79 |
|
XSS |
2019-08-22 |
2019-08-26 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
The media-library-assistant plugin before 2.74 for WordPress has XSS via the Media/Assistant or Settings/Media Library assistant admin submenu screens. |
6650 |
CVE-2018-20981 |
20 |
|
|
2019-08-22 |
2019-08-26 |
6.4 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
None |
The ninja-forms plugin before 3.3.9 for WordPress has insufficient restrictions on submission-data retrieval during Export Personal Data requests. |