CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities (CVSS score between 6 and 6.99)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
651 CVE-2018-14653 119 DoS Overflow 2018-10-31 2018-12-31
6.5
None Remote Low Single system Partial Partial Partial
The Gluster file system through versions 4.1.4 and 3.12 is vulnerable to a heap-based buffer overflow in the '__server_getspec' function via the 'gf_getspec_req' RPC message. A remote authenticated attacker could exploit this to cause a denial of service or other potential unspecified impact.
652 CVE-2018-14651 59 DoS Exec Code 2018-10-31 2018-12-11
6.5
None Remote Low Single system Partial Partial Partial
It was found that the fix for CVE-2018-10927, CVE-2018-10928, CVE-2018-10929, CVE-2018-10930, and CVE-2018-10926 was incomplete. A remote, authenticated attacker could use one of these flaws to execute arbitrary code, create arbitrary files, or cause denial of service on glusterfs server nodes via symlinks to relative paths.
653 CVE-2018-14630 94 Exec Code 2018-09-17 2018-12-04
6.5
None Remote Low Single system Partial Partial Partial
moodle before versions 3.5.2, 3.4.5, 3.3.8, 3.1.14 is vulnerable to an XML import of ddwtos could lead to intentional remote code execution. When importing legacy 'drag and drop into text' (ddwtos) type quiz questions, it was possible to inject and execute PHP code from within the imported questions, either intentionally or by importing questions from an untrusted source.
654 CVE-2018-14603 352 CSRF 2018-07-26 2018-09-18
6.8
None Remote Medium Not required Partial Partial Partial
An issue was discovered in GitLab Community and Enterprise Edition before 10.8.7, 11.0.x before 11.0.5, and 11.1.x before 11.1.2. CSRF can occur in the Test feature of the System Hooks component.
655 CVE-2018-14593 264 2018-08-03 2018-10-15
6.5
None Remote Low Single system Partial Partial Partial
An issue was discovered in Open Ticket Request System (OTRS) 6.0.x through 6.0.9, 5.0.x through 5.0.28, and 4.0.x through 4.0.30. An attacker who is logged into OTRS as an agent may escalate their privileges by accessing a specially crafted URL.
656 CVE-2018-14589 119 Overflow 2018-07-24 2018-09-18
6.8
None Remote Medium Not required Partial Partial Partial
An issue has been discovered in Bento4 1.5.1-624. AP4_Mp4AudioDsiParser::ReadBits in Codecs/Ap4Mp4AudioInfo.cpp has a heap-based buffer over-read.
657 CVE-2018-14587 119 Overflow 2018-07-24 2018-09-18
6.8
None Remote Medium Not required Partial Partial Partial
An issue has been discovered in Bento4 1.5.1-624. AP4_MemoryByteStream::WritePartial in Core/Ap4ByteStream.cpp has a buffer over-read.
658 CVE-2018-14586 119 Overflow 2018-07-24 2018-09-18
6.8
None Remote Medium Not required Partial Partial Partial
An issue has been discovered in Bento4 1.5.1-624. A SEGV can occur in AP4_Mpeg2TsAudioSampleStream::WriteSample in Core/Ap4Mpeg2Ts.cpp, a different vulnerability than CVE-2018-14532.
659 CVE-2018-14585 119 Overflow 2018-07-24 2018-09-18
6.8
None Remote Medium Not required Partial Partial Partial
An issue has been discovered in Bento4 1.5.1-624. AP4_BytesToUInt16BE in Core/Ap4Utils.h has a heap-based buffer over-read after a call from the AP4_Stz2Atom class.
660 CVE-2018-14584 119 Overflow 2018-07-24 2018-09-18
6.8
None Remote Medium Not required Partial Partial Partial
An issue has been discovered in Bento4 1.5.1-624. AP4_AvccAtom::Create in Core/Ap4AvccAtom.cpp has a heap-based buffer over-read.
661 CVE-2018-14583 352 CSRF 2018-07-24 2018-09-18
6.8
None Remote Medium Not required Partial Partial Partial
xyhai.php?s=/Auth/addUser in XYHCMS 3.5 allows CSRF to add a background administrator account.
662 CVE-2018-14582 352 CSRF 2018-07-24 2018-09-18
6.8
None Remote Medium Not required Partial Partial Partial
index.php?r=admini/admin/create in BageCMS V3.1.3 allows CSRF to add a background administrator account.
663 CVE-2018-14581 20 Exec Code 2018-07-31 2018-10-05
6.8
None Remote Medium Not required Partial Partial Partial
Redgate .NET Reflector before 10.0.7.774 and SmartAssembly before 6.12.5 allow attackers to execute code by decompiling a compiled .NET object (such as a DLL or EXE file) with a specific embedded resource file.
664 CVE-2018-14572 78 Exec Code 2018-08-28 2018-11-23
6.8
None Remote Medium Not required Partial Partial Partial
In conference-scheduler-cli, a pickle.load call on imported data allows remote attackers to execute arbitrary code via a crafted .pickle file, as demonstrated by Python code that contains an os.system call.
665 CVE-2018-14570 434 Exec Code 2018-07-23 2018-09-20
6.5
None Remote Low Single system Partial Partial Partial
A file upload vulnerability in application/shop/controller/member.php in Niushop B2B2C Multi-business basic version V1.11 allows any remote member to upload a .php file to the web server via a profile avatar field, by using an image Content-Type (e.g., image/jpeg) with a modified filename and file content. This results in arbitrary code execution by requesting that .php file.
666 CVE-2018-14523 119 Overflow 2018-07-23 2018-09-17
6.8
None Remote Medium Not required Partial Partial Partial
An issue was discovered in aubio 0.4.6. A buffer over-read can occur in new_aubio_pitchyinfft in pitch/pitchyinfft.c, as demonstrated by aubionotes.
667 CVE-2018-14522 119 Overflow 2018-07-23 2018-09-15
6.8
None Remote Medium Not required Partial Partial Partial
An issue was discovered in aubio 0.4.6. A SEGV signal can occur in aubio_pitch_set_unit in pitch/pitch.c, as demonstrated by aubionotes.
668 CVE-2018-14521 119 Overflow 2018-07-23 2018-09-17
6.8
None Remote Medium Not required Partial Partial Partial
An issue was discovered in aubio 0.4.6. A SEGV signal can occur in aubio_source_avcodec_readframe in io/source_avcodec.c, as demonstrated by aubiomfcc.
669 CVE-2018-14505 20 2018-07-22 2018-09-18
6.8
None Remote Medium Not required Partial Partial Partial
mitmweb in mitmproxy v4.0.3 allows DNS Rebinding attacks, related to tools/web/app.py.
670 CVE-2018-14473 611 DoS 2018-08-03 2018-09-30
6.4
None Remote Low Not required Partial None Partial
OCS Inventory 2.4.1 lacks a proper XML parsing configuration, allowing the use of external entities. This issue can be exploited by an attacker sending a crafted HTTP request in order to exfiltrate information or cause a Denial of Service.
671 CVE-2018-14472 89 Sql 2018-07-20 2018-09-14
6.5
None Remote Low Single system Partial Partial Partial
An issue was discovered in WUZHI CMS 4.1.0. The vulnerable file is coreframe/app/order/admin/goods.php. The $keywords parameter is taken directly into execution without any filtering, leading to SQL injection.
672 CVE-2018-14460 125 2018-07-20 2018-09-06
6.8
None Remote Medium Not required Partial Partial Partial
An issue was discovered in the HDF HDF5 1.8.20 library. There is a heap-based buffer over-read in the function H5O_sdspace_decode in H5Osdspace.c.
673 CVE-2018-14459 787 2018-07-20 2018-09-13
6.8
None Remote Medium Not required Partial Partial Partial
An issue was discovered in libgig 4.1.0. There is an out-of-bounds write in pData[0] access in the function store16 in helper.h.
674 CVE-2018-14458 119 Overflow 2018-07-20 2018-09-13
6.8
None Remote Medium Not required Partial Partial Partial
An issue was discovered in libgig 4.1.0. There is a heap-based buffer overflow in pData[1] access in the function store32 in helper.h.
675 CVE-2018-14457 787 2018-07-20 2018-09-13
6.8
None Remote Medium Not required Partial Partial Partial
An issue was discovered in libgig 4.1.0. There is an out-of-bounds write in the function DLS::Info::UpdateChunks in DLS.cpp.
676 CVE-2018-14456 787 2018-07-20 2018-09-13
6.8
None Remote Medium Not required Partial Partial Partial
An issue was discovered in libgig 4.1.0. There is an out-of-bounds write in the function DLS::Info::SaveString in DLS.cpp.
677 CVE-2018-14455 787 2018-07-20 2018-09-13
6.8
None Remote Medium Not required Partial Partial Partial
An issue was discovered in libgig 4.1.0. There is an out-of-bounds write in pData[0] access in the function store32 in helper.h.
678 CVE-2018-14454 125 2018-07-20 2018-09-11
6.8
None Remote Medium Not required Partial Partial Partial
An issue was discovered in libgig 4.1.0. There is an out-of-bounds read in the function RIFF::Chunk::Read in RIFF.cpp.
679 CVE-2018-14453 119 Overflow 2018-07-20 2018-09-13
6.8
None Remote Medium Not required Partial Partial Partial
An issue was discovered in libgig 4.1.0. There is a heap-based buffer overflow in pData[1] access in the function store16 in helper.h.
680 CVE-2018-14452 125 2018-07-20 2018-09-11
6.8
None Remote Medium Not required Partial Partial Partial
An issue was discovered in libgig 4.1.0. There is an out-of-bounds read in the "always assign the sample of the first dimension region of this region" feature of the function gig::Region::UpdateChunks in gig.cpp.
681 CVE-2018-14451 119 Overflow 2018-07-20 2018-09-13
6.8
None Remote Medium Not required Partial Partial Partial
An issue was discovered in libgig 4.1.0. There is a heap-based buffer overflow in the function RIFF::Chunk::Read in RIFF.cpp.
682 CVE-2018-14450 125 2018-07-20 2018-09-11
6.8
None Remote Medium Not required Partial Partial Partial
An issue was discovered in libgig 4.1.0. There is an out-of-bounds read in the "update dimension region's chunks" feature of the function gig::Region::UpdateChunks in gig.cpp.
683 CVE-2018-14449 125 2018-07-20 2018-09-11
6.8
None Remote Medium Not required Partial Partial Partial
An issue was discovered in libgig 4.1.0. There is an out of bounds read in gig::File::UpdateChunks in gig.cpp.
684 CVE-2018-14447 125 2018-07-20 2018-09-14
6.8
None Remote Medium Not required Partial Partial Partial
trim_whitespace in lexer.l in libConfuse v3.2.1 has an out-of-bounds read.
685 CVE-2018-14446 119 DoS Overflow 2018-07-20 2018-09-17
6.8
None Remote Medium Not required Partial Partial Partial
MP4Integer32Property::Read in atom_avcC.cpp in MP4v2 2.1.0 allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted MP4 file.
686 CVE-2018-14421 94 Exec Code CSRF 2018-07-19 2018-09-14
6.8
None Remote Medium Not required Partial Partial Partial
SeaCMS v6.61 allows Remote Code execution by placing PHP code in a movie picture address (aka v_pic) to /admin/admin_video.php (aka /backend/admin_video.php). The code is executed by visiting /details/index.php. This can also be exploited through CSRF.
687 CVE-2018-14420 352 CSRF 2018-07-19 2018-09-14
6.8
None Remote Medium Not required Partial Partial Partial
MetInfo 6.0.0 allows a CSRF attack to add a user account via a doaddsave action to admin/index.php, as demonstrated by an admin/index.php?anyid=47&n=admin&c=admin_admin&a=doaddsave URI.
688 CVE-2018-14387 384 2018-07-18 2018-09-19
6.8
None Remote Medium Not required Partial Partial Partial
An issue was discovered in WonderCMS before 2.5.2. An attacker can create a new session on a web application and record the associated session identifier. The attacker then causes the victim to authenticate against the server using the same session identifier. The attacker can access the user's account through the active session. The Session Fixation attack fixes a session on the victim's browser, so the attack starts before the user logs in.
689 CVE-2018-14379 704 DoS Mem. Corr. 2018-07-18 2018-09-19
6.8
None Remote Medium Not required Partial Partial Partial
MP4Atom::factory in mp4atom.cpp in MP4v2 2.0.0 incorrectly uses the MP4ItemAtom data type in a certain case where MP4DataAtom is required, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a crafted MP4 file, because access to the data structure has different expectations about layout as a result of this type confusion.
690 CVE-2018-14346 119 Overflow 2018-07-17 2018-09-15
6.8
None Remote Medium Not required Partial Partial Partial
GNU Libextractor before 1.7 has a stack-based buffer overflow in ec_read_file_func (unzip.c).
691 CVE-2018-14345 264 2018-07-17 2018-09-17
6.0
None Remote Medium Single system Partial Partial Partial
An issue was discovered in SDDM through 0.17.0. If configured with ReuseSession=true, the password is not checked for users with an already existing session. Any user with access to the system D-Bus can therefore unlock any graphical session. This is related to daemon/Display.cpp and helper/backend/PamBackend.cpp.
692 CVE-2018-14338 119 Overflow 2018-07-17 2018-09-17
6.8
None Remote Medium Not required Partial Partial Partial
samples/geotag.cpp in the example code of Exiv2 0.26 misuses the realpath function on POSIX platforms (other than Apple platforms) where glibc is not used, possibly leading to a buffer overflow.
693 CVE-2018-14331 352 CSRF 2018-07-16 2018-09-17
6.8
None Remote Medium Not required Partial Partial Partial
An issue was discovered in XiaoCms X1 v20140305. There is a CSRF vulnerability to change the administrator account password via admin/index.php?c=index&a=my.
694 CVE-2018-14326 190 Overflow Mem. Corr. 2018-07-16 2018-09-12
6.8
None Remote Medium Not required Partial Partial Partial
In MP4v2 2.0.0, there is an integer overflow (with resultant memory corruption) when resizing MP4Array for the ftyp atom in mp4array.h.
695 CVE-2018-14325 191 Mem. Corr. 2018-07-16 2018-09-12
6.8
None Remote Medium Not required Partial Partial Partial
In MP4v2 2.0.0, there is an integer underflow (with resultant memory corruption) when parsing MP4Atom in mp4atom.cpp.
696 CVE-2018-14318 20 Exec Code 2018-09-24 2018-11-30
6.8
None Remote Medium Not required Partial Partial Partial
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Samsung Galaxy S8 G950FXXU1AQL5. User interaction is required to exploit this vulnerability in that the target must have their cellular radios enabled. The specific flaw exists within the handling of IPCP headers. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length, stack-based buffer. An attacker can leverage this vulnerability to execute code under the context of the baseband processor. Was ZDI-CAN-5368.
697 CVE-2018-14317 704 Exec Code 2018-08-30 2018-11-08
6.8
None Remote Medium Not required Partial Partial Partial
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.1.0.5096. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing of PDF files. The issue results from the lack of proper validation of user-supplied data, which can result in a type confusion condition. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-6683.
698 CVE-2018-14315 416 Exec Code 2018-07-31 2018-09-26
6.8
None Remote Medium Not required Partial Partial Partial
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.1.5096. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of annotations. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-6328.
699 CVE-2018-14314 416 Exec Code 2018-07-31 2018-09-26
6.8
None Remote Medium Not required Partial Partial Partial
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.1.5096. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of annotations. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-6327.
700 CVE-2018-14313 704 Exec Code 2018-07-31 2018-09-26
6.8
None Remote Medium Not required Partial Partial Partial
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.1.5096. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of PDF files. The issue results from the lack of proper validation of user-supplied data, which can result in a type confusion condition. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-6362.
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.