CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities Published In September 2018

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
651 CVE-2018-14592 89 Sql 2018-09-20 2018-11-09
7.5
None Remote Low Not required Partial Partial Partial
The CWJoomla CW Article Attachments PRO extension before 2.0.7 and CW Article Attachments FREE extension before 1.0.6 for Joomla! allow SQL Injection within download.php.
652 CVE-2018-14398 601 2018-09-07 2018-11-14
5.8
None Remote Medium Not required Partial Partial None
An issue was discovered in Creme CRM 1.6.12. The value of the cancel button uses the content of the HTTP Referer header, and could be used to trick a user into visiting a fake login page in order to steal credentials.
653 CVE-2018-14397 79 XSS 2018-09-07 2018-10-31
3.5
None Remote Medium Single system None Partial None
An issue was discovered in Creme CRM 1.6.12. The organization creation page is affected by 9 stored cross-site scripting vulnerabilities involving the name, billing_address-address, billing_address-zipcode, billing_address-city, billing_address-department, shipping_address-address, shipping_address-zipcode, shipping_address-city, and shipping_address-department parameters.
654 CVE-2018-14396 79 XSS 2018-09-07 2018-10-31
3.5
None Remote Medium Single system None Partial None
An issue was discovered in Creme CRM 1.6.12. The salesman creation page is affected by 10 stored cross-site scripting vulnerabilities involving the firstname, lastname, billing_address-address, billing_address-zipcode, billing_address-city, billing_address-department, shipping_address-address, shipping_address-zipcode, shipping_address-city, and shipping_address-department parameters.
655 CVE-2018-14366 601 2018-09-06 2018-11-02
5.8
None Remote Medium Not required Partial Partial None
download.cgi in Pulse Secure Pulse Connect Secure 8.1RX before 8.1R13 and 8.3RX before 8.3R4 and Pulse Policy Secure through 5.2RX before 5.2R10 and 5.4RX before 5.4R4 have an Open Redirect Vulnerability.
656 CVE-2018-14327 732 +Priv 2018-09-26 2019-10-02
9.3
None Remote Medium Not required Complete Complete Complete
The installer for the Alcatel OSPREY3_MINI Modem component on EE EE40VB 4G mobile broadband modems with firmware before EE40_00_02.00_45 sets weak permissions (Everyone:Full Control) for the "Web Connecton\EE40" and "Web Connecton\EE40\BackgroundService" directories, which allows local users to gain privileges, as demonstrated by inserting a Trojan horse ServiceManager.exe file into the "Web Connecton\EE40\BackgroundService" directory.
657 CVE-2018-14320 119 Exec Code Overflow Mem. Corr. 2018-09-17 2019-10-09
4.3
None Remote Medium Not required Partial None None
This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of PoDoFo. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within PdfEncoding::ParseToUnicode. The issue results from the lack of proper validation of user-supplied data, which can result in a memory corruption condition. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-5673.
658 CVE-2018-14318 20 Exec Code 2018-09-24 2019-10-09
6.8
None Remote Medium Not required Partial Partial Partial
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Samsung Galaxy S8 G950FXXU1AQL5. User interaction is required to exploit this vulnerability in that the target must have their cellular radios enabled. The specific flaw exists within the handling of IPCP headers. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length, stack-based buffer. An attacker can leverage this vulnerability to execute code under the context of the baseband processor. Was ZDI-CAN-5368.
659 CVE-2018-14037 79 XSS 2018-09-27 2019-08-01
4.3
None Remote Medium Not required None Partial None
Cross-site scripting (XSS) vulnerability in Progress Kendo UI Editor v2018.1.221 allows remote attackers to inject arbitrary JavaScript into the DOM of the WYSIWYG editor because of the editorNS.Serializer toEditableHtml function in kendo.all.min.js. If the victim accesses the editor, the payload gets executed. Furthermore, if the payload is reflected at any other resource that does rely on the sanitisation of the editor itself, the JavaScript payload will be executed in the context of the application. This allows attackers (in the worst case) to take over user sessions.
660 CVE-2018-13982 22 Exec Code Dir. Trav. Bypass 2018-09-18 2018-12-07
5.0
None Remote Low Not required Partial None None
Smarty_Security::isTrustedResourceDir() in Smarty before 3.1.33 is prone to a path traversal vulnerability due to insufficient template code sanitization. This allows attackers controlling the executed template code to bypass the trusted directory security restriction and read arbitrary files.
661 CVE-2018-13807 20 2018-09-12 2019-10-09
7.8
None Remote Low Not required None None Complete
A vulnerability has been identified in SCALANCE X300 (All versions < V4.0.0), SCALANCE X408 (All versions < V4.0.0), SCALANCE X414 (All versions). The web interface on port 443/tcp could allow an attacker to cause a Denial-of-Service condition by sending specially crafted packets to the web server. The device will automatically reboot, impacting network availability for other devices. An attacker must have network access to port 443/tcp to exploit the vulnerability. Neither valid credentials nor interaction by a legitimate user is required to exploit the vulnerability. There is no confidentiality or integrity impact, only availability is temporarily impacted. This vulnerability could be triggered by publicly available tools.
662 CVE-2018-13806 427 Exec Code 2018-09-12 2019-10-09
9.3
None Remote Medium Not required Complete Complete Complete
A vulnerability has been identified in SIEMENS TD Keypad Designer (All versions). A DLL hijacking vulnerability exists in all versions of SIEMENS TD Keypad Designer which could allow an attacker to execute code with the permission of the user running TD Designer. The attacker must have write access to the directory containing the TD project file in order to exploit the vulnerability. A legitimate user with higher privileges than the attacker must open the TD project in order for this vulnerability to be exploited. At the time of advisory publication no public exploitation of this security vulnerability was known.
663 CVE-2018-13799 2018-09-12 2019-10-09
6.4
None Remote Low Not required None Partial Partial
A vulnerability has been identified in SIMATIC WinCC OA V3.14 and prior (All versions < V3.14-P021). Improper access control to a data point of the affected product could allow an unauthenticated remote user to escalate its privileges in the context of SIMATIC WinCC OA V3.14. This vulnerability could be exploited by an attacker with network access to port 5678/TCP of the SIMATIC WinCC OA V3.14 server. Successful exploitation requires no user privileges and no user interaction. This vulnerability could allow an attacker to compromise integrity and availability of the SIMATIC WinCC OA system. At the time of advisory publication no public exploitation of this vulnerability was known.
664 CVE-2018-13412 732 2018-09-12 2019-10-02
7.2
None Local Low Not required Complete Complete Complete
An issue was discovered in the Self Service Portal in Zoho ManageEngine Desktop Central before 10.0.282. A clickable company logo in a window running as SYSTEM can be abused to escalate privileges.
665 CVE-2018-13411 732 2018-09-12 2019-10-02
9.0
None Remote Low Single system Complete Complete Complete
An issue was discovered in Zoho ManageEngine Desktop Central before 10.0.282. A clickable company logo in a window running as SYSTEM can be abused to escalate privileges.
666 CVE-2018-13398 352 CSRF 2018-09-18 2018-12-13
4.3
None Remote Medium Not required None Partial None
The administrative smart-commits resource in Atlassian Fisheye and Crucible before version 4.5.4 allows remote attackers to modify smart-commit settings via a Cross-site request forgery (CSRF) vulnerability.
667 CVE-2018-13259 20 2018-09-05 2019-08-06
7.5
None Remote Low Not required Partial Partial Partial
An issue was discovered in zsh before 5.6. Shebang lines exceeding 64 characters were truncated, potentially leading to an execve call to a program name that is a substring of the intended one.
668 CVE-2018-13140 319 Exec Code 2018-09-24 2019-10-02
9.3
None Remote Medium Not required Complete Complete Complete
Druide Antidote through 9.5.1 on Windows and Linux allows remote code execution through the update mechanism by leveraging use of HTTP to download installation packages.
669 CVE-2018-13111 20 DoS 2018-09-21 2018-11-09
4.3
None Remote Medium Not required None None Partial
There exists a partial Denial of Service vulnerability in Wanscam HW0021 IP Cameras. An attacker could craft a malicious POST request to crash the ONVIF service on such a device.
670 CVE-2018-12975 338 2018-09-24 2018-12-20
5.0
None Remote Low Not required Partial None None
The random() function of the smart contract implementation for CryptoSaga, an Ethereum game, generates a random value with publicly readable variables such as timestamp, the current block's blockhash, and a private variable (which can be read with a getStorageAt call). Therefore, attackers can precompute the random number and manipulate the game (e.g., get powerful characters or get critical damages).
671 CVE-2018-12897 119 Overflow 2018-09-07 2019-07-16
4.6
None Local Low Not required Partial Partial Partial
SolarWinds DameWare Mini Remote Control before 12.1 has a Buffer Overflow.
672 CVE-2018-12850 125 2018-09-25 2019-08-21
5.0
None Remote Low Not required Partial None None
Adobe Acrobat and Reader versions 2018.011.20058 and earlier, 2017.011.30099 and earlier, and 2015.006.30448 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.
673 CVE-2018-12849 125 2018-09-25 2019-08-21
5.0
None Remote Low Not required Partial None None
Adobe Acrobat and Reader versions 2018.011.20058 and earlier, 2017.011.30099 and earlier, and 2015.006.30448 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.
674 CVE-2018-12848 787 Exec Code 2018-09-25 2019-08-21
7.5
None Remote Low Not required Partial Partial Partial
Adobe Acrobat and Reader versions 2018.011.20058 and earlier, 2017.011.30099 and earlier, and 2015.006.30448 and earlier have an out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution.
675 CVE-2018-12840 125 2018-09-25 2019-08-21
5.0
None Remote Low Not required Partial None None
Adobe Acrobat and Reader versions 2018.011.20058 and earlier, 2017.011.30099 and earlier, and 2015.006.30448 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.
676 CVE-2018-12801 125 2018-09-25 2019-08-21
5.0
None Remote Low Not required Partial None None
Adobe Acrobat and Reader versions 2018.011.20058 and earlier, 2017.011.30099 and earlier, and 2015.006.30448 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.
677 CVE-2018-12778 125 2018-09-25 2019-08-21
5.0
None Remote Low Not required Partial None None
Adobe Acrobat and Reader versions 2018.011.20058 and earlier, 2017.011.30099 and earlier, and 2015.006.30448 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.
678 CVE-2018-12775 125 2018-09-25 2019-08-21
5.0
None Remote Low Not required Partial None None
Adobe Acrobat and Reader versions 2018.011.20058 and earlier, 2017.011.30099 and earlier, and 2015.006.30448 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure.
679 CVE-2018-12608 295 2018-09-10 2018-11-19
5.0
None Remote Low Not required None Partial None
An issue was discovered in Docker Moby before 17.06.0. The Docker engine validated a client TLS certificate using both the configured client CA root certificate and all system roots on non-Windows systems. This allowed a client with any domain validated certificate signed by a system-trusted root CA (as opposed to one signed by the configured CA root certificate) to authenticate.
680 CVE-2018-12585 611 DoS 2018-09-14 2018-11-27
6.4
None Remote Low Not required Partial None Partial
An XXE vulnerability in the OPC UA Java and .NET Legacy Stack can allow remote attackers to trigger a denial of service.
681 CVE-2018-12511 190 Overflow 2018-09-21 2018-11-09
5.0
None Remote Low Not required None Partial None
In the mintToken function of a smart contract implementation for Substratum (SUB), an Ethereum ERC20 token, the administrator can control mintedAmount, leverage an integer overflow, and modify a user account's balance arbitrarily.
682 CVE-2018-12243 611 2018-09-19 2018-12-07
5.8
None Local Network Low Not required Partial Partial Partial
The Symantec Messaging Gateway product prior to 10.6.6 may be susceptible to a XML external entity (XXE) exploit, which is a type of issue where XML input containing a reference to an external entity is processed by a weakly configured XML parser. The attack uses file URI schemes or relative paths in the system identifier to access files that should not normally be accessible.
683 CVE-2018-12242 287 Bypass 2018-09-19 2018-12-07
7.5
None Remote Low Not required Partial Partial Partial
The Symantec Messaging Gateway product prior to 10.6.6 may be susceptible to an authentication bypass exploit, which is a type of issue that can allow attackers to potentially circumvent security mechanisms currently in place and gain access to the system or network.
684 CVE-2018-12234 79 XSS 2018-09-06 2018-11-02
4.3
None Remote Medium Not required None Partial None
A Reflected Cross Site Scripting (XSS) Vulnerability was discovered in Adrenalin 5.4.0 HRMS Software. The user supplied input containing JavaScript is echoed back in JavaScript code in an HTML response via the flexiportal/GeneralInfo.aspx strAction parameter.
685 CVE-2018-12176 20 DoS Exec Code 2018-09-12 2019-10-02
7.2
None Local Low Not required Complete Complete Complete
Improper input validation in firmware for Intel NUC Kits may allow a privileged user to potentially execute arbitrary code resulting in information disclosure, escalation of privilege and/or denial of service via local access.
686 CVE-2018-12175 276 2018-09-12 2019-10-02
4.6
None Local Low Not required Partial Partial Partial
Default install directory permissions in Intel Distribution for Python (IDP) version 2018 may allow an unprivileged user to escalate privileges via local access.
687 CVE-2018-12171 DoS Exec Code 2018-09-12 2019-10-02
7.5
None Remote Low Not required Partial Partial Partial
Privilege escalation in Intel Baseboard Management Controller (BMC) firmware before version 1.43.91f76955 may allow an unprivileged user to potentially execute arbitrary code or perform denial of service over the network.
688 CVE-2018-12169 287 Bypass 2018-09-21 2018-12-20
4.6
None Local Low Not required Partial Partial Partial
Platform sample code firmware in 4th Generation Intel Core Processor, 5th Generation Intel Core Processor, 6th Generation Intel Core Processor, 7th Generation Intel Core Processor and 8th Generation Intel Core Processor contains a logic error which may allow physical attacker to potentially bypass firmware authentication.
689 CVE-2018-12168 732 Exec Code 2018-09-12 2019-10-02
7.2
None Local Low Not required Complete Complete Complete
Privilege escalation in file permissions in Intel Computing Improvement Program before version 2.2.0.03942 may allow an authenticated user to potentially execute code as administrator via local access.
690 CVE-2018-12163 427 2018-09-12 2019-10-02
6.8
None Remote Medium Not required Partial Partial Partial
A DLL injection vulnerability in the Intel IoT Developers Kit 4.0 installer may allow an authenticated user to potentially escalate privileges using file modification via local access.
691 CVE-2018-12162 732 Exec Code 2018-09-12 2019-10-02
4.6
None Local Low Not required Partial Partial Partial
Directory permissions in the Intel OpenVINO Toolkit for Windows before version 2018.1.265 may allow an authenticated user to potentially execute code using default directory permissions via local access.
692 CVE-2018-12160 74 Exec Code 2018-09-12 2018-11-26
4.6
None Local Low Not required Partial Partial Partial
DLL injection vulnerability in software installer for Intel Data Center Migration Center Software v3.1 and before may allow an authenticated user to potentially execute code using default directory permissions via local access.
693 CVE-2018-12151 119 DoS Overflow 2018-09-12 2018-10-30
2.1
None Local Low Not required None None Partial
Buffer overflow in installer for Intel Extreme Tuning Utility before 6.4.1.21 may allow an authenticated user to potentially cause a buffer overflow potentially leading to a denial of service via local access.
694 CVE-2018-12150 119 Exec Code Overflow 2018-09-12 2018-11-07
4.6
None Local Low Not required Partial Partial Partial
Escalation of privilege in Installer for Intel Extreme Tuning Utility before 6.4.1.21 may allow an authenticated user to potentially execute code or disclose information as administrator via local access.
695 CVE-2018-12149 119 Overflow 2018-09-12 2018-11-07
2.1
None Local Low Not required None None Partial
Buffer overflow in input handling in Intel Extreme Tuning Utility before 6.4.1.21 may allow an authenticated user to potentially deny service to the application via local access.
696 CVE-2018-12148 732 Exec Code 2018-09-12 2019-10-02
7.2
None Local Low Not required Complete Complete Complete
Privilege escalation in file permissions in Intel Driver and Support Assistant before 3.5.0.1 may allow an authenticated user to potentially execute code as administrator via local access.
697 CVE-2018-12086 119 Overflow 2018-09-14 2019-01-17
5.0
None Remote Low Not required None None Partial
Buffer overflow in OPC UA applications allows remote attackers to trigger a stack overflow with carefully structured requests.
698 CVE-2018-11982 415 2018-09-20 2018-11-23
8.3
None Local Network Low Not required Complete Complete Complete
In Snapdragon (Mobile, Wear) in version MDM9206, MDM9607, MDM9635M, MDM9640, MDM9645, MDM9655, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 810, SD 820, SD 835, Snapdragon_High_Med_2016, a double free of ASN1 heap memory used for EUTRA CAP container occurs during UTRAN to LTE Capability inquiry procedure.
699 CVE-2018-11904 476 2018-09-19 2019-04-18
7.2
None Local Low Not required Complete Complete Complete
In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, asynchronous callbacks received a pointer to a callers local variable. Should the caller return early (e.g., timeout), the callback will dereference an invalid pointer.
700 CVE-2018-11903 787 2018-09-19 2018-11-08
7.2
None Local Low Not required Complete Complete Complete
In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, lack of length validation check for value received from caller function used as an array index for WMA interfaces can lead to OOB write in WLAN HOST.
Total number of vulnerabilities : 1171   Page : 1 2 3 4 5 6 7 8 9 10 11 12 13 14 (This Page)15 16 17 18 19 20 21 22 23 24
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.