CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities (CVSS score between 6 and 6.99)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
6901 CVE-2018-16711 119 Overflow 2018-09-26 2018-12-11
6.5
None Remote Low ??? Partial Partial Partial
IObit Advanced SystemCare, which includes Monitor_win10_x64.sys or Monitor_win7_x64.sys, 1.2.0.5 (and possibly earlier versions) allows a user to send an IOCTL (0x9C402088) with a buffer containing user defined content. The driver's subroutine will execute a wrmsr instruction with the user's buffer for input.
6902 CVE-2018-16710 200 DoS +Info 2018-09-07 2018-11-14
6.4
None Remote Low Not required Partial None Partial
** DISPUTED ** OctoPrint through 1.3.9 allows remote attackers to obtain sensitive information or cause a denial of service via HTTP requests on port 8081. NOTE: the vendor disputes the significance of this report because their documentation states that with "blind port forwarding ... Putting OctoPrint onto the public internet is a terrible idea, and I really can't emphasize that enough."
6903 CVE-2018-16650 352 CSRF 2018-09-07 2018-11-02
6.8
None Remote Medium Not required Partial Partial Partial
phpMyFAQ before 2.9.11 allows CSRF.
6904 CVE-2018-16634 352 CSRF 2018-12-04 2019-02-26
6.8
None Remote Medium Not required Partial Partial Partial
Pluck v4.7.7 allows CSRF via admin.php?action=settings.
6905 CVE-2018-16621 917 2018-11-15 2021-03-04
6.5
None Remote Low ??? Partial Partial Partial
Sonatype Nexus Repository Manager before 3.14 allows Java Expression Language Injection.
6906 CVE-2018-16604 94 Exec Code 2018-09-06 2018-11-14
6.5
None Remote Low ??? Partial Partial Partial
An issue was discovered in Nibbleblog v4.0.5. With an admin's username and password, an attacker can execute arbitrary PHP code by changing the username because the username is surrounded by double quotes (e.g., "${phpinfo()}").
6907 CVE-2018-16601 191 DoS Exec Code 2018-12-06 2019-01-03
6.8
None Remote Medium Not required Partial Partial Partial
An issue was discovered in Amazon Web Services (AWS) FreeRTOS through 1.3.1, FreeRTOS up to V10.0.1 (with FreeRTOS+TCP), and WITTENSTEIN WHIS Connect middleware TCP/IP component. A crafted IP header triggers a full memory space copy in prvProcessIPPacket, leading to denial of service and possibly remote code execution.
6908 CVE-2018-16585 119 Overflow Mem. Corr. 2018-09-06 2019-10-09
6.8
None Remote Medium Not required Partial Partial Partial
** DISPUTED ** An issue was discovered in Artifex Ghostscript before 9.24. The .setdistillerkeys PostScript command is accepted even though it is not intended for use during document processing (e.g., after the startup phase). This leads to memory corruption, allowing remote attackers able to supply crafted PostScript to crash the interpreter or possibly have unspecified other impact. Note: A reputable source believes that the CVE is potentially a duplicate of CVE-2018-15910 as explained in Red Hat bugzilla (https://bugzilla.redhat.com/show_bug.cgi?id=1626193).
6909 CVE-2018-16554 134 2018-09-16 2019-12-31
6.8
None Remote Medium Not required Partial Partial Partial
The ProcessGpsInfo function of the gpsinfo.c file of jhead 3.00 may allow a remote attacker to cause a denial-of-service attack or unspecified other impact via a malicious JPEG file, because of inconsistency between float and double in a sprintf format string during TAG_GPS_ALT handling.
6910 CVE-2018-16553 284 Exec Code 2019-06-20 2019-06-21
6.5
None Remote Low ??? Partial Partial Partial
In Jspxcms 9.0.0, a vulnerable URL routing implementation allows remote code execution after logging in as web admin.
6911 CVE-2018-16552 352 CSRF 2018-09-05 2021-03-11
6.8
None Remote Medium Not required Partial Partial Partial
MicroPyramid Django-CRM 0.2 allows CSRF for /users/create/, /users/##/edit/, and /accounts/##/delete/ URIs.
6912 CVE-2018-16545 732 Exec Code 2018-09-05 2019-10-03
6.8
None Remote Medium Not required Partial Partial Partial
Kaizen Asset Manager (Enterprise Edition) and Training Manager (Enterprise Edition) allow a remote attacker to achieve arbitrary code execution via file impersonation. For example, a malicious dynamic-link library (dll) assumed the identity of a temporary (tmp) file (isxdl.dll) and an executable file assumed the identity of a temporary file (996E.temp).
6913 CVE-2018-16543 2018-09-05 2019-03-07
6.8
None Remote Medium Not required Partial Partial Partial
In Artifex Ghostscript before 9.24, gssetresolution and gsgetresolution allow attackers to have an unspecified impact.
6914 CVE-2018-16540 416 2018-09-05 2019-04-25
6.8
None Remote Medium Not required Partial Partial Partial
In Artifex Ghostscript before 9.24, attackers able to supply crafted PostScript files to the builtin PDF14 converter could use a use-after-free in copydevice handling to crash the interpreter or possibly have unspecified other impact.
6915 CVE-2018-16528 20 Exec Code 2018-12-06 2019-02-01
6.8
None Remote Medium Not required Partial Partial Partial
Amazon Web Services (AWS) FreeRTOS through 1.3.1 allows remote attackers to execute arbitrary code because of mbedTLS context object corruption in prvSetupConnection and GGD_SecureConnect_Connect in AWS TLS connectivity modules.
6916 CVE-2018-16526 Exec Code Overflow +Info 2018-12-06 2019-10-03
6.8
None Remote Medium Not required Partial Partial Partial
Amazon Web Services (AWS) FreeRTOS through 1.3.1, FreeRTOS up to V10.0.1 (with FreeRTOS+TCP), and WITTENSTEIN WHIS Connect middleware TCP/IP component allow remote attackers to leak information or execute arbitrary code because of a Buffer Overflow during generation of a protocol checksum in usGenerateProtocolChecksum and prvProcessIPPacket.
6917 CVE-2018-16525 Exec Code Overflow +Info 2018-12-06 2019-10-03
6.8
None Remote Medium Not required Partial Partial Partial
Amazon Web Services (AWS) FreeRTOS through 1.3.1, FreeRTOS up to V10.0.1 (with FreeRTOS+TCP), and WITTENSTEIN WHIS Connect middleware TCP/IP component allow remote attackers to execute arbitrary code or leak information because of a Buffer Overflow during parsing of DNS\LLMNR packets in prvParseDNSReply.
6918 CVE-2018-16522 824 2018-12-06 2020-08-24
6.8
None Remote Medium Not required Partial Partial Partial
Amazon Web Services (AWS) FreeRTOS through 1.3.1 has an uninitialized pointer free in SOCKETS_SetSockOpt.
6919 CVE-2018-16515 347 2018-09-18 2019-10-03
6.5
None Remote Low ??? Partial Partial Partial
Matrix Synapse before 0.33.3.1 allows remote attackers to spoof events and possibly have unspecified other impacts by leveraging improper transaction and event signature validation.
6920 CVE-2018-16513 704 2018-09-05 2019-11-05
6.8
None Remote Medium Not required Partial Partial Partial
In Artifex Ghostscript before 9.24, attackers able to supply crafted PostScript files could use a type confusion in the setcolor function to crash the interpreter or possibly have unspecified other impact.
6921 CVE-2018-16511 704 2018-09-05 2019-03-11
6.8
None Remote Medium Not required Partial Partial Partial
An issue was discovered in Artifex Ghostscript before 9.24. A type confusion in "ztype" could be used by remote attackers able to supply crafted PostScript to crash the interpreter or possibly have unspecified other impact.
6922 CVE-2018-16510 119 Overflow 2018-09-05 2019-03-11
6.8
None Remote Medium Not required Partial Partial Partial
An issue was discovered in Artifex Ghostscript before 9.24. Incorrect exec stack handling in the "CS" and "SC" PDF primitives could be used by remote attackers able to supply crafted PDFs to crash the interpreter or possibly have unspecified other impact.
6923 CVE-2018-16495 384 2021-05-26 2021-06-04
6.5
None Remote Low ??? Partial Partial Partial
In VOS user session identifier (authentication token) is issued to the browser prior to authentication but is not changed after the user successfully logs into the application. Failing to issue a new session ID following a successful login introduces the possibility for an attacker to set up a trap session on the device the victim is likely to login with.
6924 CVE-2018-16494 668 2021-05-26 2021-06-04
6.5
None Remote Low ??? Partial Partial Partial
In VOS and overly permissive "umask" may allow for authorized users of the server to gain unauthorized access through insecure file permissions that can result in an arbitrary read, write, or execution of newly created files and directories. Insecure umask setting was present throughout the Versa servers.
6925 CVE-2018-16487 2019-02-01 2020-09-18
6.8
None Remote Medium Not required Partial Partial Partial
A prototype pollution vulnerability was found in lodash <4.17.11 where the functions merge, mergeWith, and defaultsDeep can be tricked into adding or modifying properties of Object.prototype.
6926 CVE-2018-16483 290 2019-02-01 2020-08-24
6.5
None Remote Low ??? Partial Partial Partial
A deficiency in the access control in module express-cart <=1.1.5 allows unprivileged users to add new users to the application as administrators.
6927 CVE-2018-16448 352 CSRF 2018-09-04 2018-10-25
6.8
None Remote Medium Not required Partial Partial Partial
Cscms 4 allows CSRF for creating a member via upload/admin.php/user/save, authenticating vip members via upload/admin.php/user/init/tid and upload/admin.php/user/init/rzid, and creating a super administrator and web editor via upload/admin.php/sys/save.
6928 CVE-2018-16447 352 CSRF 2018-09-04 2019-02-25
6.8
None Remote Medium Not required Partial Partial Partial
Frog CMS 0.9.5 has admin/?/user/edit/1 CSRF.
6929 CVE-2018-16446 22 Dir. Trav. 2018-09-04 2018-10-25
6.4
None Remote Low Not required None Partial Partial
An issue was discovered in SeaCMS through 6.61. adm1n/admin_database.php allows remote attackers to delete arbitrary files via directory traversal sequences in the bakfiles parameter. This can allow the product to be reinstalled by deleting install_lock.txt.
6930 CVE-2018-16444 918 2018-09-04 2018-10-25
6.4
None Remote Low Not required Partial Partial None
An issue was discovered in SeaCMS 6.61. adm1n/admin_reslib.php has SSRF via the url parameter.
6931 CVE-2018-16438 125 2018-09-04 2018-10-26
6.8
None Remote Medium Not required Partial Partial Partial
An issue was discovered in the HDF HDF5 1.8.20 library. There is an out of bounds read in H5L_extern_query at H5Lexternal.c.
6932 CVE-2018-16436 89 Sql 2018-09-05 2018-11-05
6.5
None Remote Low ??? Partial Partial Partial
Gxlcms 2.0 before bug fix 20180915 has SQL Injection exploitable by an administrator.
6933 CVE-2018-16431 352 CSRF 2018-09-04 2018-11-02
6.8
None Remote Medium Not required Partial Partial Partial
admin/admin/adminsave.html in YFCMF v3.0 allows CSRF to add an administrator account.
6934 CVE-2018-16430 125 2018-09-04 2018-10-25
6.8
None Remote Medium Not required Partial Partial Partial
GNU Libextractor through 1.7 has an out-of-bounds read vulnerability in EXTRACTOR_zip_extract_method() in zip_extractor.c.
6935 CVE-2018-16416 352 CSRF 2018-09-03 2018-10-25
6.8
None Remote Medium Not required Partial Partial Partial
Cross-site request forgery (CSRF) vulnerability in my_profile/edit?inline= in FUEL CMS 1.4 allows remote attackers to change the administrator's password.
6936 CVE-2018-16413 125 2018-09-03 2019-10-03
6.8
None Remote Medium Not required Partial Partial Partial
ImageMagick 7.0.8-11 Q16 has a heap-based buffer over-read in the MagickCore/quantum-private.h PushShortPixel function when called from the coders/psd.c ParseImageResourceBlocks function.
6937 CVE-2018-16412 125 2018-09-03 2019-10-03
6.8
None Remote Medium Not required Partial Partial Partial
ImageMagick 7.0.8-11 Q16 has a heap-based buffer over-read in the coders/psd.c ParseImageResourceBlocks function.
6938 CVE-2018-16396 2018-11-16 2019-10-03
6.8
None Remote Medium Not required Partial Partial Partial
An issue was discovered in Ruby before 2.3.8, 2.4.x before 2.4.5, 2.5.x before 2.5.2, and 2.6.x before 2.6.0-preview3. It does not taint strings that result from unpacking tainted strings with some formats.
6939 CVE-2018-16388 434 Exec Code 2018-09-12 2018-11-02
6.5
None Remote Low ??? Partial Partial Partial
e107_web/js/plupload/upload.php in e107 2.1.8 allows remote attackers to execute arbitrary PHP code by uploading a .php filename with the image/jpeg content type.
6940 CVE-2018-16387 352 CSRF 2018-09-03 2018-10-25
6.8
None Remote Medium Not required Partial Partial Partial
An issue was discovered in Elefant CMS before 2.0.5. There is a CSRF vulnerability that can add an account via user/add.
6941 CVE-2018-16380 352 CSRF 2018-09-03 2019-09-23
6.8
None Remote Medium Not required Partial Partial Partial
An issue was discovered in Ogma CMS 0.4 Beta. There is a CSRF vulnerability in users.php?action=createnew that can add an admin account.
6942 CVE-2018-16376 787 DoS Overflow 2018-09-03 2018-10-31
6.8
None Remote Medium Not required Partial Partial Partial
An issue was discovered in OpenJPEG 2.3.0. A heap-based buffer overflow was discovered in the function t2_encode_packet in lib/openmj2/t2.c. The vulnerability causes an out-of-bounds write, which may lead to remote denial of service or possibly unspecified other impact.
6943 CVE-2018-16375 787 Overflow 2018-09-03 2021-01-26
6.8
None Remote Medium Not required Partial Partial Partial
An issue was discovered in OpenJPEG 2.3.0. Missing checks for header_info.height and header_info.width in the function pnmtoimage in bin/jpwl/convert.c can lead to a heap-based buffer overflow.
6944 CVE-2018-16366 352 CSRF 2018-09-02 2019-04-16
6.8
None Remote Medium Not required Partial Partial Partial
An issue was discovered in idreamsoft iCMS V7.0.10. admincp.php?app=user&do=save allows CSRF.
6945 CVE-2018-16365 352 CSRF 2018-09-02 2019-04-16
6.8
None Remote Medium Not required Partial Partial Partial
An issue was discovered in idreamsoft iCMS V7.0.10. admincp.php?app=group&do=save allows CSRF.
6946 CVE-2018-16345 352 CSRF 2018-09-02 2018-11-13
6.8
None Remote Medium Not required Partial Partial Partial
An issue was discovered in EasyCMS 1.5. There is a CSRF vulnerability that can update the admin password via index.php?s=/admin/rbacuser/update/navTabId/listusers/callbackType/closeCurrent.
6947 CVE-2018-16344 22 Dir. Trav. 2018-09-02 2018-11-13
6.4
None Remote Low Not required None Partial Partial
An issue was discovered in zzcms 8.3. It allows remote attackers to delete arbitrary files via directory traversal sequences in the flv parameter. This can be leveraged for database access by deleting install.lock.
6948 CVE-2018-16343 94 Exec Code 2018-09-02 2018-11-13
6.5
None Remote Low ??? Partial Partial Partial
SeaCMS 6.61 allows remote attackers to execute arbitrary code because parseIf() in include/main.class.php does not block use of $GLOBALS.
6949 CVE-2018-16339 352 CSRF 2018-09-02 2018-10-25
6.8
None Remote Medium Not required Partial Partial Partial
An issue was discovered in EmpireCMS 7.0. There is a CSRF vulnerability that can add administrators via upload/e/admin/user/AddUser.php?enews=AddUser.
6950 CVE-2018-16338 352 CSRF 2018-09-02 2018-10-25
6.8
None Remote Medium Not required Partial Partial Partial
An issue was discovered in AuraCMS 2.3. There is a CSRF vulnerability that can change the administrator's password via admin.php?mod=users and subsequently add a page or menu, or submit a topic.
Total number of vulnerabilities : 22306   Page : 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 (This Page)140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 185 186 187 188 189 190 191 192 193 194 195 196 197 198 199 200 201 202 203 204 205 206 207 208 209 210 211 212 213 214 215 216 217 218 219 220 221 222 223 224 225 226 227 228 229 230 231 232 233 234 235 236 237 238 239 240 241 242 243 244 245 246 247 248 249 250 251 252 253 254 255 256 257 258 259 260 261 262 263 264 265 266 267 268 269 270 271 272 273 274 275 276 277 278 279 280 281 282 283 284 285 286 287 288 289 290 291 292 293 294 295 296 297 298 299 300 301 302 303 304 305 306 307 308 309 310 311 312 313 314 315 316 317 318 319 320 321 322 323 324 325 326 327 328 329 330 331 332 333 334 335 336 337 338 339 340 341 342 343 344 345 346 347 348 349 350 351 352 353 354 355 356 357 358 359 360 361 362 363 364 365 366 367 368 369 370 371 372 373 374 375 376 377 378 379 380 381 382 383 384 385 386 387 388 389 390 391 392 393 394 395 396 397 398 399 400 401 402 403 404 405 406 407 408 409 410 411 412 413 414 415 416 417 418 419 420 421 422 423 424 425 426 427 428 429 430 431 432 433 434 435 436 437 438 439 440 441 442 443 444 445 446 447
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.