CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities Published In November 2018

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
851 CVE-2018-6012 2018-11-01 2018-11-01
0.0
None ??? ??? ??? ??? ??? ???
The 'Weather Service' feature of the Green Electronics RainMachine Mini-8 (2nd generation) allows an attacker to inject arbitrary Python code via the 'Add new weather data source' upload function.
852 CVE-2018-6011 2018-11-01 2018-11-01
0.0
None ??? ??? ??? ??? ??? ???
The time-based one-time-password (TOTP) function in the application logic of the Green Electronics RainMachine Mini-8 (2nd generation) uses the administrator's password hash to generate a 6-digit temporary passcode that can be used for remote and local access, aka a "Use of Password Hash Instead of Password for Authentication" issue. This is exploitable by an attacker who discovers a hash value in the rainmachine-settings.sqlite file.
853 CVE-2018-5919 416 2018-11-27 2018-12-21
6.1
None Local Low Not required Partial Partial Complete
In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, a use after free issue in WLAN host driver can lead to device reboot.
854 CVE-2018-5918 119 Overflow 2018-11-28 2018-12-26
4.6
None Local Low Not required Partial Partial Partial
Possible buffer overflow in DRM Trusted application due to lack of check function return values in Snapdragon Automobile, Snapdragon Mobile and Snapdragon Wear in versions MDM9206, MDM9607, MDM9650, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 625, SD 650/52, SD 800, SD 810, SD 820, SD 820A, SD 835, SD 845, SD 850, SDA660, SDA845, SDX24, SXR1130.
855 CVE-2018-5917 119 Overflow 2018-11-28 2018-12-26
7.2
None Local Low Not required Complete Complete Complete
Possible buffer overflow in OEM crypto function due to improper input validation in Snapdragon Automobile, Snapdragon Mobile in versions MSM8996AU, SD 425, SD 430, SD 450, SD 625, SD 820, SD 820A, SD 835, SD 845, SD 850, SDA660, SDA845, SDX24, SXR1130.
856 CVE-2018-5916 125 2018-11-28 2018-12-26
6.1
None Local Network Low Not required Complete None None
Buffer overread while decoding PDP modify request or network initiated secondary PDP activation in Snapdragon Automobile, Snapdragon Mobile and Snapdragon Wear in versions MDM9206, MDM9607, MDM9615, MDM9625, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 430, SD 450, SD 615/16/SD 415, SD 625, SD 650/52, SD 810, SD 820, SD 820A, SD 835, SD 845, SD 850, SDA660, SDA845, SDX20, SXR1130.
857 CVE-2018-5912 119 Overflow 2018-11-28 2019-06-14
7.2
None Local Low Not required Complete Complete Complete
Potential buffer overflow in Video due to lack of input validation in input and output values in Snapdragon Automobile, Snapdragon Mobile in MSM8996AU, SD 450, SD 625, SD 820, SD 820A, SD 835, SD 845, SD 850, SDA660
858 CVE-2018-5910 119 Overflow Mem. Corr. 2018-11-27 2018-12-21
4.6
None Local Low Not required Partial Partial Partial
In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, a memory corruption can occur in kernel due to improper check in callers count parameter in display handlers.
859 CVE-2018-5909 119 Overflow Mem. Corr. 2018-11-27 2018-12-21
4.6
None Local Low Not required Partial Partial Partial
In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, buffer overflow occur may occur in display handlers due to lack of checking in buffer size before copying into it and will lead to memory corruption.
860 CVE-2018-5908 119 Overflow 2018-11-27 2018-12-21
4.6
None Local Low Not required Partial Partial Partial
In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, there is a possible buffer overflow in display function due to lack of buffer length validation before copying.
861 CVE-2018-5906 119 Overflow 2018-11-27 2018-12-21
4.6
None Local Low Not required Partial Partial Partial
In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, there is a possible buffer overflow in debugfs module due to lack of check in size of input before copying into buffer.
862 CVE-2018-5904 416 2018-11-27 2018-12-21
4.6
None Local Low Not required Partial Partial Partial
In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, while list traversal in LPM status driver for clean up, use after free vulnerability may occur.
863 CVE-2018-5877 119 Overflow 2018-11-28 2018-12-26
7.2
None Local Low Not required Complete Complete Complete
In the device programmer target-side code for firehose, a string may not be properly NULL terminated can lead to a incorrect buffer size in Snapdragon Automobile, Snapdragon Mobile and Snapdragon Wear in versions MDM9206, MDM9607, MDM9640, MDM9650, MDM9655, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 600, SD 820, SD 820A, SD 835, SDA660, SDX20.
864 CVE-2018-5870 119 Overflow 2018-11-28 2018-12-26
7.2
None Local Low Not required Complete Complete Complete
While loading a service image, an untrusted pointer dereference can occur in Snapdragon Mobile in versions SD 835, SDA660, SDX24.
865 CVE-2018-5861 704 2018-11-27 2018-12-21
4.6
None Local Low Not required Partial Partial Partial
In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, existing checks in place on partition size are incomplete and can lead to heap overwrite vulnerabilities while loading a secure application from the boot loader.
866 CVE-2018-5856 416 2018-11-27 2018-12-21
6.1
None Local Low Not required Partial Partial Complete
In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, due to a race condition, a Use After Free condition can occur in Audio.
867 CVE-2018-5559 312 2018-11-28 2019-10-09
4.0
None Remote Low Single system Partial None None
In Rapid7 Komand version 0.41.0 and prior, certain endpoints that are able to list the always encrypted-at-rest connection data could return some configurations of connection data without obscuring sensitive data from the API response sent over an encrypted channel. This issue does not affect Rapid7 Komand version 0.42.0 and later versions.
868 CVE-2018-5495 2018-11-14 2019-10-02
7.5
None Remote Low Not required Partial Partial Partial
All StorageGRID Webscale versions are susceptible to a vulnerability which could permit an unauthenticated attacker to communicate with systems on the same network as the StorageGRID Webscale Admin Node via HTTP or to take over services on the Admin Node.
869 CVE-2018-5407 200 +Info 2018-11-15 2019-07-23
1.9
None Local Medium Not required Partial None None
Simultaneous Multi-threading (SMT) in processors can enable local users to exploit software vulnerable to timing attacks via a side-channel timing attack on 'port contention'.
870 CVE-2018-3977 119 Exec Code Overflow 2018-11-01 2019-07-22
6.8
None Remote Medium Not required Partial Partial Partial
An exploitable code execution vulnerability exists in the XCF image rendering functionality of SDL2_image-2.0.3. A specially crafted XCF image can cause a heap overflow, resulting in code execution. An attacker can display a specially crafted image to trigger this vulnerability.
871 CVE-2018-3950 119 Exec Code Overflow 2018-11-30 2018-12-27
6.5
None Remote Low Single system Partial Partial Partial
An exploitable remote code execution vulnerability exists in the ping and tracert functionality of the TP-Link TL-R600VPN HWv3 FRNv1.3.0 and HWv2 FRNv1.2.3 http server. A specially crafted IP address can cause a stack overflow, resulting in remote code execution. An attacker can send a single authenticated HTTP request to trigger this vulnerability.
872 CVE-2018-3949 22 Dir. Trav. 2018-11-30 2018-12-27
5.0
None Remote Low Not required Partial None None
An exploitable information disclosure vulnerability exists in the HTTP server functionality of the TP-Link TL-R600VPN. A specially crafted URL can cause a directory traversal, resulting in the disclosure of sensitive system files. An attacker can send either an unauthenticated or an authenticated web request to trigger this vulnerability.
873 CVE-2018-3948 20 2018-11-30 2018-12-27
5.0
None Remote Low Not required None None Partial
An exploitable denial-of-service vulnerability exists in the URI-parsing functionality of the TP-Link TL-R600VPN HTTP server. A specially crafted URL can cause the server to stop responding to requests, resulting in downtime for the management portal. An attacker can send either an unauthenticated or authenticated web request to trigger this vulnerability.
874 CVE-2018-3947 200 +Info 2018-11-01 2019-01-24
4.3
None Remote Medium Not required Partial None None
An exploitable information disclosure vulnerability exists in the phone-to-camera communications of Yi Home Camera 27US 1.8.7.0D. An attacker can sniff network traffic to exploit this vulnerability.
875 CVE-2018-3935 400 DoS Exec Code 2018-11-02 2018-12-11
5.0
None Remote Low Not required None None Partial
An exploitable code execution vulnerability exists in the UDP network functionality of Yi Home Camera 27US 1.8.7.0D. A specially crafted set of UDP packets can allocate unlimited memory, resulting in denial of service. An attacker can send a set of packets to trigger this vulnerability.
876 CVE-2018-3934 320 Exec Code Bypass 2018-11-02 2018-12-11
7.5
None Remote Low Not required Partial Partial Partial
An exploitable code execution vulnerability exists in the firmware update functionality of Yi Home Camera 27US 1.8.7.0D. A specially crafted set of UDP packets can cause a logic flaw, resulting in an authentication bypass. An attacker can sniff network traffic and send a set of packets to trigger this vulnerability.
877 CVE-2018-3928 200 DoS Exec Code +Info 2018-11-01 2019-10-02
5.0
None Remote Low Not required None None Partial
An exploitable code execution vulnerability exists in the firmware update functionality of Yi Home Camera 27US 1.8.7.0D. A specially crafted set of UDP packets can cause a settings change, resulting in denial of service. An attacker can send a set of packets to trigger this vulnerability.
878 CVE-2018-3920 20 Exec Code 2018-11-02 2018-12-11
4.6
None Local Low Not required Partial Partial Partial
An exploitable code execution vulnerability exists in the firmware update functionality of the Yi Home Camera 27US 1.8.7.0D. A specially crafted 7-Zip file can cause a CRC collision, resulting in a firmware update and code execution. An attacker can insert an SDcard to trigger this vulnerability.
879 CVE-2018-3910 78 Exec Code 2018-11-01 2019-10-02
5.4
None Local Network Medium Not required Partial Partial Partial
An exploitable code execution vulnerability exists in the cloud OTA setup functionality of Yi Home Camera 27US 1.8.7.0D. A specially crafted SSID can cause a command injection, resulting in code execution. An attacker can cause a camera to connect to this SSID to trigger this vulnerability. Alternatively, an attacker can convince a user to connect their camera to this SSID.
880 CVE-2018-3900 119 Exec Code Overflow 2018-11-01 2018-12-11
6.8
None Remote Medium Not required Partial Partial Partial
An exploitable code execution vulnerability exists in the QR code scanning functionality of Yi Home Camera 27US 1.8.7.0D. A specially crafted QR Code can cause a buffer overflow, resulting in code execution. An attacker can make the camera scan a QR code to trigger this vulnerability. Alternatively, a user could be convinced to display a QR code from the internet to their camera, which could exploit this vulnerability.
881 CVE-2018-3899 119 Exec Code Overflow 2018-11-02 2018-12-11
5.1
None Remote High Not required Partial Partial Partial
An exploitable code execution vulnerability exists in the QR code scanning functionality of Yi Home Camera 27US 1.8.7.0D. A specially crafted QR Code can cause a buffer overflow, resulting in code execution. The trans_info call can overwrite a buffer of size 0x104, which is more than enough to overflow the return address from the password_dst field
882 CVE-2018-3898 119 Exec Code Overflow 2018-11-02 2018-12-11
5.1
None Remote High Not required Partial Partial Partial
An exploitable code execution vulnerability exists in the QR code scanning functionality of Yi Home Camera 27US 1.8.7.0D. A specially crafted QR Code can cause a buffer overflow, resulting in code execution. The trans_info call can overwrite a buffer of size 0x104, which is more than enough to overflow the return address from the ssid_dst field.
883 CVE-2018-3892 119 Exec Code Overflow 2018-11-02 2018-12-11
7.5
None Remote Low Not required Partial Partial Partial
An exploitable firmware downgrade vulnerability exists in the time syncing functionality of Yi Home Camera 27US 1.8.7.0D. A specially crafted packet can cause a buffer overflow, resulting in code execution. An attacker can intercept and alter network traffic to trigger this vulnerability.
884 CVE-2018-3891 20 2018-11-02 2018-12-11
2.1
None Local Low Not required None Partial None
An exploitable firmware downgrade vulnerability exists in the firmware update functionality of Yi Home Camera 27US 1.8.7.0D. A specially crafted file can cause a logic flaw, resulting in a firmware downgrade. An attacker can insert an SD card to trigger this vulnerability.
885 CVE-2018-3890 78 Exec Code 2018-11-02 2019-10-02
4.6
None Local Low Not required Partial Partial Partial
An exploitable code execution vulnerability exists in the firmware update functionality of Yi Home Camera 27US 1.8.7.0D. A specially crafted file can cause a logic flaw and command injection, resulting in code execution. An attacker can insert an SD card to trigger this vulnerability.
886 CVE-2018-3699 79 XSS 2018-11-14 2018-12-31
4.3
None Remote Medium Not required None Partial None
Cross-site scripting in the Intel RAID Web Console v3 for Windows may allow an unauthenticated user to elevate privilege via remote access.
887 CVE-2018-3698 +Priv 2018-11-14 2019-10-02
4.6
None Local Low Not required Partial Partial Partial
Improper file permissions in the installer for the Intel Ready Mode Technology may allow an unprivileged user to potentially gain privileged access via local access.
888 CVE-2018-3697 732 2018-11-14 2019-10-02
4.6
None Local Low Not required Partial Partial Partial
Improper directory permissions in the installer for the Intel Media Server Studio may allow unprivileged users to potentially enable an escalation of privilege via local access.
889 CVE-2018-3696 287 +Priv Bypass 2018-11-14 2018-12-31
2.1
None Local Low Not required Partial None None
Authentication bypass in the Intel RAID Web Console 3 for Windows before 4.186 may allow an unprivileged user to potentially gain administrative privileges via local access.
890 CVE-2018-3635 20 DoS 2018-11-14 2018-12-13
4.6
None Local Low Not required Partial Partial Partial
Insufficient input validation in installer in Intel Rapid Store Technology (RST) before version 16.7 may allow an unprivileged user to potentially elevate privileges or cause an installer denial of service via local access.
891 CVE-2018-3621 200 +Info 2018-11-14 2018-12-13
3.3
None Local Network Low Not required Partial None None
Insufficient input validation in the Intel Driver & Support Assistant before 3.6.0.4 may allow an unauthenticated user to potentially enable information disclosure via adjacent access.
892 CVE-2018-2491 2018-11-13 2018-11-13
0.0
None ??? ??? ??? ??? ??? ???
When opening a deep link URL in SAP Fiori Client with log level set to "Debug", the client application logs the URL to the log file. If this URL contains malicious JavaScript code it can eventually run inside the built-in log viewer of the application in case user opens the viewer and taps on the hyperlink in the viewer. SAP Fiori Client version 1.11.5 in Google Play store addresses these issues and users must update to that version.
893 CVE-2018-2490 732 2018-11-13 2019-10-02
6.8
None Remote Medium Not required Partial Partial Partial
The broadcast messages received by SAP Fiori Client are not protected by permissions. SAP Fiori Client version 1.11.5 in Google Play store addresses these issues and users must update to that version.
894 CVE-2018-2489 732 2018-11-13 2019-10-02
6.8
None Remote Medium Not required Partial Partial Partial
Locally, without any permission, an arbitrary android application could delete the SSO configuration of SAP Fiori Client. SAP Fiori Client version 1.11.5 in Google Play store addresses these issues and users must update to that version.
895 CVE-2018-2488 2018-11-13 2018-11-13
0.0
None ??? ??? ??? ??? ??? ???
It is possible for a malware application installed on an Android device to send local push notifications with an empty message to SAP Fiori Client and cause the application to crash. SAP Fiori Client version 1.11.5 in Google Play store addresses these issues and users must update to that version.
896 CVE-2018-2487 2018-11-13 2018-11-14
0.0
None ??? ??? ??? ??? ??? ???
SAP Disclosure Management 10.x allows an attacker to exploit through a specially crafted zip file provided by users: When extracted in specific use cases, files within this zip file can land in different locations than the originally intended extraction point.
897 CVE-2018-2485 2018-11-13 2019-10-02
6.4
None Remote Low Not required Partial Partial None
It is possible for a malicious application or malware to execute JavaScript in a SAP Fiori application. This can include reading and writing of information and calling device specific JavaScript APIs in the application. SAP Fiori Client version 1.11.5 in Google Play store addresses these issues and users must update to that version.
898 CVE-2018-2483 2018-11-13 2018-11-14
0.0
None ??? ??? ??? ??? ??? ???
HTTP Verb Tampering is possible in SAP BusinessObjects Business Intelligence Platform, versions 4.1 and 4.2, Central Management Console (CMC) by changing request method.
899 CVE-2018-2482 2018-11-13 2018-11-14
0.0
None ??? ??? ??? ??? ??? ???
SAP Mobile Secure Android Application, Mobile-secure.apk Android client, before version 6.60.19942.0, allows an attacker to prevent legitimate users from accessing a service, either by crashing or flooding the service. Install the Mobile Secure Android client released in Mid-Oct 2018.
900 CVE-2018-2481 269 Exec Code 2018-11-13 2019-10-02
6.5
None Remote Low Single system Partial Partial Partial
In some SAP standard roles, in SAP_ABA versions, 7.00 to 7.02, 7.10 to 7.11, 7.30, 7.31, 7.40, 7.50, 75C to 75D, a transaction code reserved for customer is used. By implementing such transaction code a malicious user may execute unauthorized transaction functionality.
Total number of vulnerabilities : 982   Page : 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 (This Page)19 20
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.