CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
651 CVE-2018-6109 2019-01-09 2019-01-10
0.0
None ??? ??? ??? ??? ??? ???
readAsText() can indefinitely read the file picked by the user, rather than only once at the time the file is picked in File API in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to access data on the user file system without explicit consent via a crafted HTML page.
652 CVE-2018-6106 2019-01-09 2019-01-10
0.0
None ??? ??? ??? ??? ??? ???
An asynchronous generator may return an incorrect state in V8 in Google Chrome prior to 66.0.3359.117 allowing a remote attacker to potentially exploit object corruption via a crafted HTML page.
653 CVE-2018-6100 2019-01-09 2019-01-10
0.0
None ??? ??? ??? ??? ??? ???
Incorrect handling of confusable characters in URL Formatter in Google Chrome on macOS prior to 66.0.3359.117 allowed a remote attacker to perform domain spoofing via IDN homographs via a crafted domain name.
654 CVE-2018-6097 2019-01-09 2019-01-10
0.0
None ??? ??? ??? ??? ??? ???
Incorrect handling of asynchronous methods in Fullscreen in Google Chrome on macOS prior to 66.0.3359.117 allowed a remote attacker to enter full screen without showing a warning via a crafted HTML page.
655 CVE-2018-6096 2019-01-09 2019-01-10
0.0
None ??? ??? ??? ??? ??? ???
A JavaScript focused window could overlap the fullscreen notification in Fullscreen in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to obscure the full screen warning via a crafted HTML page.
656 CVE-2018-6093 2019-01-09 2019-01-10
0.0
None ??? ??? ??? ??? ??? ???
Insufficient origin checks in Blink in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to leak cross-origin data via a crafted HTML page.
657 CVE-2018-6091 2019-01-09 2019-01-10
0.0
None ??? ??? ??? ??? ??? ???
Service Workers can intercept any request made by an <embed> or <object> tag in Fetch API in Google Chrome prior to 66.0.3359.117 allowed a remote attacker to leak cross-origin data via a crafted HTML page.
658 CVE-2018-6084 Exec Code 2019-01-09 2019-01-10
0.0
None ??? ??? ??? ??? ??? ???
Insufficiently sanitized distributed objects in Updater in Google Chrome on macOS prior to 66.0.3359.117 allowed a local attacker to execute arbitrary code via an executable file.
659 CVE-2018-6056 Exec Code 2019-01-09 2019-01-10
0.0
None ??? ??? ??? ??? ??? ???
Type confusion could lead to a heap out-of-bounds write in V8 in Google Chrome prior to 64.0.3282.168 allowing a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page.
660 CVE-2018-6012 2018-11-01 2018-11-01
0.0
None ??? ??? ??? ??? ??? ???
The 'Weather Service' feature of the Green Electronics RainMachine Mini-8 (2nd generation) allows an attacker to inject arbitrary Python code via the 'Add new weather data source' upload function.
661 CVE-2018-6011 2018-11-01 2018-11-01
0.0
None ??? ??? ??? ??? ??? ???
The time-based one-time-password (TOTP) function in the application logic of the Green Electronics RainMachine Mini-8 (2nd generation) uses the administrator's password hash to generate a 6-digit temporary passcode that can be used for remote and local access, aka a "Use of Password Hash Instead of Password for Authentication" issue. This is exploitable by an attacker who discovers a hash value in the rainmachine-settings.sqlite file.
662 CVE-2018-5811 2018-12-07 2018-12-08
0.0
None ??? ??? ??? ??? ??? ???
An error within the "nikon_coolscan_load_raw()" function (internal/dcraw_common.cpp) in LibRaw versions prior to 0.18.9 can be exploited to cause an out-of-bounds read memory access and subsequently cause a crash.
663 CVE-2018-5739 2019-01-16 2019-01-16
0.0
None ??? ??? ??? ??? ??? ???
An extension to hooks capabilities which debuted in Kea 1.4.0 introduced a memory leak for operators who are using certain hooks library facilities. In order to support multiple requests simultaneously, Kea 1.4 added a callout handle store but unfortunately the initial implementation of this store does not properly free memory in every case. Hooks which make use of query4 or query6 parameters in their callouts can leak memory, resulting in the eventual exhaustion of available memory and subsequent failure of the server process. Affects Kea DHCP 1.4.0.
664 CVE-2018-5737 DoS 2019-01-16 2019-01-17
0.0
None ??? ??? ??? ??? ??? ???
A problem with the implementation of the new serve-stale feature in BIND 9.12 can lead to an assertion failure in rbtdb.c, even when stale-answer-enable is off. Additionally, problematic interaction between the serve-stale feature and NSEC aggressive negative caching can in some cases cause undesirable behavior from named, such as a recursion loop or excessive logging. Deliberate exploitation of this condition could cause operational problems depending on the particular manifestation -- either degradation or denial of service. Affects BIND 9.12.0 and 9.12.1.
665 CVE-2018-5736 2019-01-16 2019-01-17
0.0
None ??? ??? ??? ??? ??? ???
An error in zone database reference counting can lead to an assertion failure if a server which is running an affected version of BIND attempts several transfers of a slave zone in quick succession. This defect could be deliberately exercised by an attacker who is permitted to cause a vulnerable server to initiate zone transfers (for example: by sending valid NOTIFY messages), causing the named process to exit after failing the assertion test. Affects BIND 9.12.0 and 9.12.1.
666 CVE-2018-5734 2019-01-16 2019-01-17
0.0
None ??? ??? ??? ??? ??? ???
While handling a particular type of malformed packet BIND erroneously selects a SERVFAIL rcode instead of a FORMERR rcode. If the receiving view has the SERVFAIL cache feature enabled, this can trigger an assertion failure in badcache.c when the request doesn't contain all of the expected information. Affects BIND 9.10.5-S1 to 9.10.5-S4, 9.10.6-S1, 9.10.6-S2.
667 CVE-2018-5733 Overflow 2019-01-16 2019-01-17
0.0
None ??? ??? ??? ??? ??? ???
A malicious client which is allowed to send very large amounts of traffic (billions of packets) to a DHCP server can eventually overflow a 32-bit reference counter, potentially causing dhcpd to crash. Affects ISC DHCP 4.1.0 -> 4.1-ESV-R15, 4.2.0 -> 4.2.8, 4.3.0 -> 4.3.6, 4.4.0.
668 CVE-2018-5497 2019-01-24 2019-01-24
0.0
None ??? ??? ??? ??? ??? ???
Clustered Data ONTAP versions prior to 9.1P16, 9.3P10 and 9.4P5 are susceptible to a vulnerability which discloses sensitive information to an unauthorized user.
669 CVE-2018-5496 2018-12-04 2018-12-04
0.0
None ??? ??? ??? ??? ??? ???
Data ONTAP operating in 7-Mode versions prior to 8.2.5P2 are susceptible to a vulnerability which discloses sensitive information to an unauthorized user.
670 CVE-2018-5481 2019-01-07 2019-01-07
0.0
None ??? ??? ??? ??? ??? ???
OnCommand Unified Manager for 7-Mode (core package) prior to 5.2.4 uses cookies that lack the secure attribute in certain circumstances making it vulnerable to impersonation via man-in-the-middle (MITM) attacks.
671 CVE-2018-5413 2019-01-10 2019-01-10
0.0
None ??? ??? ??? ??? ??? ???
Imperva SecureSphere running v13.0, v12.0, or v11.5 allows low privileged users to add SSH login keys to the admin user, resulting in privilege escalation.
672 CVE-2018-5411 XSS 2018-12-13 2018-12-15
0.0
None ??? ??? ??? ??? ??? ???
Pixar's Tractor software, versions 2.2 and earlier, contain a stored cross-site scripting vulnerability in the field that allows a user to add a note to an existing node. The stored information is displayed when a user requests information about the node. An attacker could insert Javascript into this note field that is then saved and displayed to the end user. An attacker might include Javascript that could execute on an authenticated user's system that could lead to website redirects, session cookie hijacking, social engineering, etc. As this is stored with the information about the node, all other authenticated users with access to this data are also vulnerable.
673 CVE-2018-5410 Overflow 2019-01-07 2019-01-15
0.0
None ??? ??? ??? ??? ??? ???
Dokan, versions between 1.0.0.5000 and 1.2.0.1000, are vulnerable to a stack-based buffer overflow in the dokan1.sys driver. An attacker can create a device handle to the system driver and send arbitrary input that will trigger the vulnerability. This vulnerability was introduced in the 1.0.0.5000 version update.
674 CVE-2018-5403 2019-01-10 2019-01-10
0.0
None ??? ??? ??? ??? ??? ???
Imperva SecureSphere gateway (GW) running v13, for both pre-First Time Login or post-First Time Login (FTL), if the attacker knows the basic authentication passwords, the GW may be vulnerable to RCE through specially crafted requests, from the web access management interface.
675 CVE-2018-5204 Exec Code 2018-12-28 2018-12-28
0.0
None ??? ??? ??? ??? ??? ???
ML Report version Between 2.00.000.0000 and 2.18.628.5980 contains a vulnerability that could allow remote attacker to download and execute remote arbitrary file by setting the arguments to the activex method. this can be leveraged for code execution.
676 CVE-2018-5203 Exec Code 2018-12-28 2018-12-28
0.0
None ??? ??? ??? ??? ??? ???
DEXTUploadX5 version Between 1.0.0.0 and 2.2.0.0 contains a vulnerability that could allow remote attacker to download and execute remote arbitrary file by setting the arguments to the activex method. this can be leveraged for code execution.
677 CVE-2018-5197 Exec Code 2019-01-02 2019-01-02
0.0
None ??? ??? ??? ??? ??? ???
A vulnerability in the ExtCommon.dll user extension module version 9.2, 9.2.1, 9.2.2 of Xplatform ActiveX could allow attacker to perform a command injection attack. The vulnerability is due to insufficient input validation of command parameters. An crafted malicious parameters could cause arbitrary command to execute.
678 CVE-2018-5191 CSRF 2018-01-03 2018-01-03
0.0
None ??? ??? ??? ??? ??? ???
/usr/local/www/csrf/csrf-magic.php in the WebGUI in pfSense before 2.4.2-RELEASE allows Clickjacking on the CSRF error page because the error detection occurs before an X-Frame-Options header is set.
679 CVE-2018-4209 2019-01-11 2019-01-12
0.0
None ??? ??? ??? ??? ??? ???
In iOS before 11.3, Safari before 11.1, iCloud for Windows before 7.4, tvOS before 11.3, watchOS before 4.3, iTunes before 12.7.4 for Windows, unexpected interaction causes an ASSERT failure. This issue was addressed with improved checks.
680 CVE-2018-4208 2019-01-11 2019-01-12
0.0
None ??? ??? ??? ??? ??? ???
In iOS before 11.3, Safari before 11.1, iCloud for Windows before 7.4, tvOS before 11.3, watchOS before 4.3, iTunes before 12.7.4 for Windows, unexpected interaction causes an ASSERT failure. This issue was addressed with improved checks.
681 CVE-2018-4207 2019-01-11 2019-01-12
0.0
None ??? ??? ??? ??? ??? ???
In iOS before 11.3, Safari before 11.1, iCloud for Windows before 7.4, tvOS before 11.3, watchOS before 4.3, iTunes before 12.7.4 for Windows, unexpected interaction causes an ASSERT failure. This issue was addressed with improved checks.
682 CVE-2018-4194 2019-01-11 2019-01-14
0.0
None ??? ??? ??? ??? ??? ???
In iOS before 11.4, iCloud for Windows before 7.5, watchOS before 4.3.1, iTunes before 12.7.5 for Windows, and macOS High Sierra before 10.13.5, an out-of-bounds read was addressed with improved input validation.
683 CVE-2018-4186 +Info 2019-01-11 2019-01-11
0.0
None ??? ??? ??? ??? ??? ???
In Safari before 11.1, an information leakage issue existed in the handling of downloads in Safari Private Browsing. This issue was addressed with additional validation.
684 CVE-2018-4185 2019-01-11 2019-01-14
0.0
None ??? ??? ??? ??? ??? ???
In iOS before 11.3, tvOS before 11.3, watchOS before 4.3, and macOS before High Sierra 10.13.4, an information disclosure issue existed in the transition of program state. This issue was addressed with improved state handling.
685 CVE-2018-4179 2019-01-11 2019-01-11
0.0
None ??? ??? ??? ??? ??? ???
In macOS High Sierra before 10.13.4, there was an issue with the handling of smartcard PINs. This issue was addressed with additional logic.
686 CVE-2018-4046 2019-01-10 2019-01-10
0.0
None ??? ??? ??? ??? ??? ???
An exploitable denial-of-service vulnerability exists in the helper service of Clean My Mac X, version 4.04, due to improper input validation. A user with local access can use this vulnerability to terminate a privileged helper application. An attacker would need local access to the machine for a successful exploit.
687 CVE-2018-4043 2019-01-10 2019-01-10
0.0
None ??? ??? ??? ??? ??? ???
An exploitable privilege escalation vulnerability exists in the Clean My Mac X, version 4.04, helper service due to improper input validation. A user with local access can use this vulnerability to modify the file system as root. An attacker would need local access to the machine for a successful exploit.
688 CVE-2018-4022 Exec Code 2018-10-26 2018-10-26
0.0
None ??? ??? ??? ??? ??? ???
A use-after-free vulnerability exists in the way MKVToolNix MKVINFO v25.0.0 handles the MKV (matroska) file format. A specially crafted MKV file can cause arbitrary code execution in the context of the current user.
689 CVE-2018-4015 2018-12-18 2018-12-18
0.0
None ??? ??? ??? ??? ??? ???
An exploitable vulnerability exists in the HTTP client functionality of the Webroot BrightCloud SDK. The configuration of the HTTP client does not enforce a secure connection by default, resulting in a failure to validate TLS certificates. An attacker could impersonate a remote BrightCloud server to exploit this vulnerability.
690 CVE-2018-4013 Exec Code Overflow 2018-10-19 2018-11-24
0.0
None ??? ??? ??? ??? ??? ???
An exploitable code execution vulnerability exists in the HTTP packet-parsing functionality of the LIVE555 RTSP server library version 0.92. A specially crafted packet can cause a stack-based buffer overflow, resulting in code execution. An attacker can send a packet to trigger this vulnerability.
691 CVE-2018-4012 Exec Code Overflow 2019-01-03 2019-01-03
0.0
None ??? ??? ??? ??? ??? ???
An exploitable buffer overflow vulnerability exists in the HTTP header-parsing function of the Webroot BrightCloud SDK. The function bc_http_read_header incorrectly handles overlong headers, leading to arbitrary code execution. An unauthenticated attacker could impersonate a remote BrightCloud server to trigger this vulnerability.
692 CVE-2018-3988 2018-12-10 2018-12-15
0.0
None ??? ??? ??? ??? ??? ???
Signal Messenger for Android 4.24.8 may expose private information when using "disappearing messages." If a user uses the photo feature available in the "attach file" menu, then Signal will leave the picture in its own cache directory, which is available to any application on the system.
693 CVE-2018-3986 2019-01-03 2019-01-04
0.0
None ??? ??? ??? ??? ??? ???
An exploitable information disclosure vulnerability exists in the "Secret Chats" functionality of the Telegram Android messaging application version 4.9.0. The "Secret Chats" functionality allows a user to delete all traces of a chat, either by using a time trigger or by direct request. There is a bug in this functionality that leaves behind photos taken and shared on the secret chats, even after the chats are deleted. These photos will be stored in the device and accessible to all applications installed on the Android device.
694 CVE-2018-3971 Mem. Corr. 2018-10-25 2018-10-29
0.0
None ??? ??? ??? ??? ??? ???
An exploitable arbitrary write vulnerability exists in the 0x2222CC IOCTL handler functionality of Sophos HitmanPro.Alert 3.7.6.744. A specially crafted IRP request can cause the driver to write data under controlled by an attacker address, resulting in memory corruption. An attacker can send IRP request to trigger this vulnerability.
695 CVE-2018-3970 2018-10-25 2018-10-29
0.0
None ??? ??? ??? ??? ??? ???
An exploitable memory disclosure vulnerability exists in the 0x222000 IOCTL handler functionality of Sophos HitmanPro.Alert 3.7.6.744. A specially crafted IRP request can cause the driver to return uninitialized memory, resulting in kernel memory disclosure. An attacker can send an IRP request to trigger this vulnerability.
696 CVE-2018-3910 Exec Code 2018-11-01 2018-11-01
0.0
None ??? ??? ??? ??? ??? ???
An exploitable code execution vulnerability exists in the cloud OTA setup functionality of Yi Home Camera 27US 1.8.7.0D. A specially crafted SSID can cause a command injection, resulting in code execution. An attacker can cause a camera to connect to this SSID to trigger this vulnerability. Alternatively, an attacker can convince a user to connect their camera to this SSID.
697 CVE-2018-3827 2018-09-19 2018-09-19
0.0
None ??? ??? ??? ??? ??? ???
A sensitive data disclosure flaw was found in the Elasticsearch repository-azure (formerly elasticsearch-cloud-azure) plugin. When the repository-azure plugin is set to log at TRACE level Azure credentials can be inadvertently logged.
698 CVE-2018-3703 2019-01-10 2019-01-10
0.0
None ??? ??? ??? ??? ??? ???
Improper directory permissions in the installer for the Intel(R) SSD Data Center Tool for Windows before v3.0.17 may allow authenticated users to potentially enable an escalation of privilege via local access.
699 CVE-2018-3617 2018-05-10 2018-05-25
0.0
None ??? ??? ??? ??? ??? ???
Some implementations in Intel Integrated Performance Primitives Cryptography Library before version 2018 U2.1 do not properly ensure constant execution time.
700 CVE-2018-2499 2019-01-08 2019-01-09
0.0
None ??? ??? ??? ??? ??? ???
A security weakness in SAP Financial Consolidation Cube Designer (BOBJ_EADES fixed in versions 8.0, 10.1) may allow an attacker to discover the password hash of an admin user.
Total number of vulnerabilities : 994   Page : 1 2 3 4 5 6 7 8 9 10 11 12 13 14 (This Page)15 16 17 18 19 20
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.