CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities (CVSS score between 6 and 6.99)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
751 CVE-2018-14252 704 Exec Code 2018-07-31 2018-09-26
6.8
None Remote Medium Not required Partial Partial Partial
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.1.1049. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the getField method. By performing actions in JavaScript, an attacker can trigger a type confusion condition. An attacker can leverage this vulnerability to execute code under the context of the current process. Was ZDI-CAN-6015.
752 CVE-2018-14251 704 Exec Code 2018-07-31 2018-09-26
6.8
None Remote Medium Not required Partial Partial Partial
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.1.1049. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the getDataObject method. By performing actions in JavaScript, an attacker can trigger a type confusion condition. An attacker can leverage this vulnerability to execute code under the context of the current process. Was ZDI-CAN-6014.
753 CVE-2018-14250 704 Exec Code 2018-07-31 2018-09-26
6.8
None Remote Medium Not required Partial Partial Partial
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.1.1049. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the getAnnot method. By performing actions in JavaScript, an attacker can trigger a type confusion condition. An attacker can leverage this vulnerability to execute code under the context of the current process. Was ZDI-CAN-6013.
754 CVE-2018-14249 704 Exec Code 2018-07-31 2018-09-26
6.8
None Remote Medium Not required Partial Partial Partial
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.1.1049. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the exportDataObject method. By performing actions in JavaScript, an attacker can trigger a type confusion condition. An attacker can leverage this vulnerability to execute code under the context of the current process. Was ZDI-CAN-6012.
755 CVE-2018-14248 704 Exec Code 2018-07-31 2018-09-26
6.8
None Remote Medium Not required Partial Partial Partial
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.1.1049. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the exportAsXFDF method. By performing actions in JavaScript, an attacker can trigger a type confusion condition. An attacker can leverage this vulnerability to execute code under the context of the current process. Was ZDI-CAN-6011.
756 CVE-2018-14247 704 Exec Code 2018-07-31 2018-09-26
6.8
None Remote Medium Not required Partial Partial Partial
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.1.1049. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the exportAsFDF method. By performing actions in JavaScript, an attacker can trigger a type confusion condition. An attacker can leverage this vulnerability to execute code under the context of the current process. Was ZDI-CAN-6010.
757 CVE-2018-14246 704 Exec Code 2018-07-31 2018-09-26
6.8
None Remote Medium Not required Partial Partial Partial
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.1.1049. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the convertTocPDF method. By performing actions in JavaScript, an attacker can trigger a type confusion condition. The attacker can leverage this vulnerability to execute code under the context of the current process. Was ZDI-CAN-6009.
758 CVE-2018-14245 704 Exec Code 2018-07-31 2018-09-26
6.8
None Remote Medium Not required Partial Partial Partial
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.1.1049. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the closeDoc method. By performing actions in JavaScript, an attacker can trigger a type confusion condition. The attacker can leverage this vulnerability to execute code under the context of the current process. Was ZDI-CAN-6008.
759 CVE-2018-14244 704 Exec Code 2018-07-31 2018-09-26
6.8
None Remote Medium Not required Partial Partial Partial
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.1.1049. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the calculateNow method. By performing actions in JavaScript, an attacker can trigger a type confusion condition. An attacker can leverage this vulnerability to execute code under the context of the current process. Was ZDI-CAN-6007.
760 CVE-2018-14243 704 Exec Code 2018-07-31 2018-09-26
6.8
None Remote Medium Not required Partial Partial Partial
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.1.1049. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the addPageOpenJSMessage method. By performing actions in JavaScript, an attacker can trigger a type confusion condition. The attacker can leverage this vulnerability to execute code under the context of the current process. Was ZDI-CAN-6006.
761 CVE-2018-14242 704 Exec Code 2018-07-31 2018-09-26
6.8
None Remote Medium Not required Partial Partial Partial
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.1.1049. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the addField method. By performing actions in JavaScript, an attacker can trigger a type confusion condition. An attacker can leverage this vulnerability to execute code under the context of the current process. Was ZDI-CAN-6005.
762 CVE-2018-14241 704 Exec Code 2018-07-31 2018-09-26
6.8
None Remote Medium Not required Partial Partial Partial
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.1.1049. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the addAnnot method. By performing actions in JavaScript, an attacker can trigger a type confusion condition. An attacker can leverage this vulnerability to execute code under the context of the current process. Was ZDI-CAN-6004.
763 CVE-2018-14069 352 CSRF 2018-07-15 2018-09-10
6.0
None Remote Medium Single system Partial Partial Partial
An issue was discovered in SRCMS V2.3.1. There is a CSRF vulnerability that can add a user account via admin.php?m=Admin&c=member&a=add.
764 CVE-2018-14068 352 CSRF 2018-07-15 2018-09-10
6.8
None Remote Medium Not required Partial Partial Partial
An issue was discovered in SRCMS V2.3.1. There is a CSRF vulnerability that can add an admin account via admin.php?m=Admin&c=manager&a=add.
765 CVE-2018-14057 352 CSRF 2018-08-17 2018-10-12
6.8
None Remote Medium Not required Partial Partial Partial
Pimcore before 5.3.0 allows remote attackers to conduct cross-site request forgery (CSRF) attacks by leveraging validation of the X-pimcore-csrf-token anti-CSRF token only in the "Settings > Users / Roles" function.
766 CVE-2018-14046 119 Overflow 2018-07-13 2018-09-06
6.8
None Remote Medium Not required Partial Partial Partial
Exiv2 0.26 has a heap-based buffer over-read in WebPImage::decodeChunks in webpimage.cpp.
767 CVE-2018-14035 125 2018-07-12 2018-09-11
6.8
None Remote Medium Not required Partial Partial Partial
An issue was discovered in the HDF HDF5 1.8.20 library. There is a heap-based buffer over-read in the function H5VM_memcpyvv in H5VM.c.
768 CVE-2018-14034 125 2018-07-12 2018-09-11
6.8
None Remote Medium Not required Partial Partial Partial
An issue was discovered in the HDF HDF5 1.8.20 library. There is an out of bounds read in the function H5O_pline_reset in H5Opline.c.
769 CVE-2018-14033 125 2018-07-12 2018-09-11
6.8
None Remote Medium Not required Partial Partial Partial
An issue was discovered in the HDF HDF5 1.8.20 library. There is a heap-based buffer over-read in the function H5O_layout_decode in H5Olayout.c, related to HDmemcpy.
770 CVE-2018-14031 125 2018-07-12 2018-09-11
6.8
None Remote Medium Not required Partial Partial Partial
An issue was discovered in the HDF HDF5 1.8.20 library. There is a heap-based buffer over-read in the function H5T_copy in H5T.c.
771 CVE-2018-14029 352 CSRF 2018-07-12 2018-09-06
6.8
None Remote Medium Not required Partial Partial Partial
CSRF vulnerability in admin/user/edit in Creatiwity wityCMS 0.6.2 allows an attacker to take over a user account, as demonstrated by modifying the account's email field.
772 CVE-2018-14028 434 Exec Code 2018-08-10 2018-10-10
6.5
None Remote Low Single system Partial Partial Partial
In WordPress 4.9.7, plugins uploaded via the admin area are not verified as being ZIP files. This allows for PHP files to be uploaded. Once a PHP file is uploaded, the plugin extraction fails, but the PHP file remains in a predictable wp-content/uploads location, allowing for an attacker to then execute the file. This represents a security risk in limited scenarios where an attacker (who does have the required capabilities for plugin uploads) cannot simply place arbitrary PHP code into a valid plugin ZIP file and upload that plugin, because a machine's wp-content/plugins directory permissions were set up to block all new plugins.
773 CVE-2018-14014 352 CSRF 2018-07-12 2018-09-06
6.8
None Remote Medium Not required Partial Partial Partial
In waimai Super Cms 20150505, there is a CSRF vulnerability that can add an admin account via admin.php?m=Member&a=adminadd.
774 CVE-2018-13875 125 2018-07-10 2018-09-07
6.8
None Remote Medium Not required Partial Partial Partial
An issue was discovered in the HDF HDF5 1.8.20 library. There is an out-of-bounds read in the function H5VM_memcpyvv in H5VM.c.
775 CVE-2018-13833 119 DoS Overflow 2018-07-10 2018-09-06
6.8
None Remote Medium Not required Partial Partial Partial
An issue was discovered in cmft through 2017-09-24. The cmft::rwReadFile function in image.cpp allows remote attackers to cause a denial of service (stack-based buffer overflow and application crash) or possibly have unspecified other impact.
776 CVE-2018-13826 611 2018-08-30 2018-10-31
6.4
None Remote Low Not required Partial Partial None
An XML external entity vulnerability in the XOG functionality, in CA PPM 14.3 and below, 14.4, 15.1, 15.2 CP5 and below, and 15.3 CP2 and below, allows remote attackers to conduct server side request forgery attacks.
777 CVE-2018-13799 284 2018-09-12 2018-12-04
6.4
None Remote Low Not required None Partial Partial
A vulnerability has been identified in SIMATIC WinCC OA V3.14 and prior (All versions < V3.14-P021). Improper access control to a data point of the affected product could allow an unauthenticated remote user to escalate its privileges in the context of SIMATIC WinCC OA V3.14. This vulnerability could be exploited by an attacker with network access to port 5678/TCP of the SIMATIC WinCC OA V3.14 server. Successful exploitation requires no user privileges and no user interaction. This vulnerability could allow an attacker to compromise integrity and availability of the SIMATIC WinCC OA system. At the time of advisory publication no public exploitation of this vulnerability was known.
778 CVE-2018-13793 352 CSRF 2018-07-09 2018-09-07
6.8
None Remote Medium Not required Partial Partial Partial
Multiple Cross Site Request Forgery (CSRF) vulnerabilities in the HTTP API in ABBYY FlexiCapture before 12 Release 1 Update 7 exist in Web Verification, Web Scanning, Web Capture, Monitoring and Administration, and Login.
779 CVE-2018-13790 918 2018-07-09 2018-09-07
6.5
None Remote Low Single system Partial Partial Partial
A Server Side Request Forgery (SSRF) vulnerability in tools/files/importers/remote.php in concrete5 8.2.0 can lead to attacks on the local network and mapping of the internal network, because of URL functionality on the File Manager page.
780 CVE-2018-13784 310 2018-07-09 2018-09-11
6.4
None Remote Low Not required Partial Partial None
PrestaShop before 1.6.1.20 and 1.7.x before 1.7.3.4 mishandles cookie encryption in Cookie.php, Rinjdael.php, and Blowfish.php.
781 CVE-2018-13445 352 CSRF 2018-07-08 2018-08-28
6.8
None Remote Medium Not required Partial Partial Partial
An issue was discovered in SeaCMS 6.61. There is a CSRF vulnerability that can add a user account via adm1n/admin_manager.php?action=add.
782 CVE-2018-13444 352 CSRF 2018-07-08 2018-08-28
6.8
None Remote Medium Not required Partial Partial Partial
An issue was discovered in SeaCMS 6.61. There is a CSRF vulnerability that can add an admin account via adm1n/admin_manager.php?action=save&id=2.
783 CVE-2018-13400 284 2018-10-23 2018-12-03
6.5
None Remote Low Single system Partial Partial Partial
Several administrative resources in Atlassian Jira before version 7.6.9, from version 7.7.0 before version 7.7.5, from version 7.8.0 before version 7.8.5, from version 7.9.0 before version 7.9.3, from version 7.10.0 before version 7.10.3, from version 7.11.0 before version 7.11.3, from version 7.12.0 before version 7.12.3, and before version 7.13.1 allow remote attackers who have obtained access to administrator's session to access certain administrative resources without needing to re-authenticate to pass "WebSudo" through an improper access control vulnerability.
784 CVE-2018-13386 74 Exec Code 2018-07-24 2018-09-20
6.8
None Remote Medium Not required Partial Partial Partial
There was an argument injection vulnerability in Sourcetree for Windows via filenames in Mercurial repositories. An attacker with permission to commit to a Mercurial repository linked in Sourcetree for Windows is able to exploit this issue to gain code execution on the system. Versions of Sourcetree for Windows before version 2.6.9 are affected by this vulnerability.
785 CVE-2018-13359 352 XSS 2018-11-27 2018-12-20
6.8
None Remote Medium Not required Partial Partial Partial
Cross-site scripting in usertable.php in TerraMaster TOS version 3.1.03 allows attackers to execute JavaScript via the "modgroup" parameter.
786 CVE-2018-13340 352 CSRF 2018-07-05 2018-08-28
6.8
None Remote Medium Not required Partial Partial Partial
Gleez CMS 1.2.0 has CSRF, as demonstrated by a /page/add request.
787 CVE-2018-13321 284 2018-11-26 2018-12-31
6.5
None Remote Low Single system Partial Partial Partial
Incorrect access controls in nasapi in Buffalo TS5600D1206 version 3.61-0.10 allow attackers to call dangerous internal functions via the "method" parameter.
788 CVE-2018-13320 77 Exec Code 2018-11-26 2018-12-31
6.5
None Remote Low Single system Partial Partial Partial
System Command Injection in network.set_auth_settings in Buffalo TS5600D1206 version 3.70-0.10 allows attackers to execute system commands via the adminUsername and adminPassword parameters.
789 CVE-2018-13318 77 Exec Code 2018-11-26 2018-12-31
6.5
None Remote Low Single system Partial Partial Partial
System command injection in User.create method in Buffalo TS5600D1206 version 3.61-0.10 allows attackers to execute system commands via the "name" parameter.
790 CVE-2018-13302 19 DoS 2018-07-05 2018-07-27
6.8
None Remote Medium Not required Partial Partial Partial
In FFmpeg 4.0.1, improper handling of frame types (other than EAC3_FRAME_TYPE_INDEPENDENT) that have multiple independent substreams in the handle_eac3 function in libavformat/movenc.c may trigger an out-of-array access while converting a crafted AVI file to MPEG4, leading to a denial of service or possibly unspecified other impact.
791 CVE-2018-13282 384 2018-10-31 2018-12-10
6.8
None Remote Medium Not required Partial Partial Partial
Session fixation vulnerability in SYNO.PhotoStation.Auth in Synology Photo Station before 6.8.7-3481 allows remote attackers to hijack web sessions via the PHPSESSID parameter.
792 CVE-2018-13139 119 DoS Overflow 2018-07-04 2018-12-26
6.8
None Remote Medium Not required Partial Partial Partial
A stack-based buffer overflow in psf_memset in common.c in libsndfile 1.0.28 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted audio file. The vulnerability can be triggered by the executable sndfile-deinterleave.
793 CVE-2018-13102 426 2018-07-03 2018-09-11
6.8
None Remote Medium Not required Partial Partial Partial
AnyDesk before "12.06.2018 - 4.1.3" on Windows 7 SP1 has a DLL preloading vulnerability.
794 CVE-2018-13067 352 CSRF 2018-07-02 2018-09-04
6.8
None Remote Medium Not required Partial Partial Partial
/upload/catalog/controller/account/password.php in OpenCart through 3.0.2.0 has CSRF via the index.php?route=account/password URI to change a user's password.
795 CVE-2018-13056 20 2018-07-02 2018-09-04
6.4
None Remote Low Not required None Partial Partial
An issue was discovered on zzcms 8.3. There is a vulnerability at /user/del.php that can delete any file by placing its relative path into the zzcms_main table and then making an img add request. This can be leveraged for database access by deleting install.lock.
796 CVE-2018-13049 89 Sql 2018-07-02 2018-08-30
6.5
None Remote Low Single system Partial Partial Partial
The constructSQL function in inc/search.class.php in GLPI 9.2.x through 9.3.0 allows SQL Injection, as demonstrated by triggering a crafted LIMIT clause to front/computer.php.
797 CVE-2018-13040 352 CSRF 2018-07-01 2018-08-21
6.8
None Remote Medium Not required Partial Partial Partial
OpenSID 18.06-pasca has a CSRF vulnerability. This vulnerability can add an account (at the admin level) via the index.php/man_user/insert URI.
798 CVE-2018-13037 119 DoS Overflow 2018-07-01 2018-08-28
6.8
None Remote Medium Not required Partial Partial Partial
An issue was discovered in jpeg-compressor 0.1. The bmp_load function in stb_image.c allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact.
799 CVE-2018-13032 352 CSRF 2018-07-01 2018-08-31
6.8
None Remote Medium Not required Partial Partial Partial
ECESSA ShieldLink SL175EHQ 10.7.4 devices have CSRF to add superuser accounts via the cgi-bin/pl_web.cgi/util_configlogin_act URI.
800 CVE-2018-13031 352 CSRF 2018-07-05 2018-08-27
6.8
None Remote Medium Not required Partial Partial Partial
DamiCMS v6.0.0 allows CSRF via admin.php?s=/Admin/doadd to add an administrator account.
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.