CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities (CVSS score between 8 and 10)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
951 CVE-2018-17068 78 2018-09-15 2019-10-02
10.0
None Remote Low Not required Complete Complete Complete
An issue was discovered on D-Link DIR-816 A2 1.10 B05 devices. An HTTP request parameter is used in command string construction in the handler function of the /goform/Diagnosis route. This could lead to command injection via shell metacharacters in the sendNum parameter.
952 CVE-2018-17067 119 Overflow 2018-09-15 2018-11-13
10.0
None Remote Low Not required Complete Complete Complete
An issue was discovered on D-Link DIR-816 A2 1.10 B05 devices. A very long password to /goform/formLogin could lead to a stack-based buffer overflow and overwrite the return address.
953 CVE-2018-17066 78 2018-09-15 2019-10-02
10.0
None Remote Low Not required Complete Complete Complete
An issue was discovered on D-Link DIR-816 A2 1.10 B05 devices. An HTTP request parameter is used in command string construction in the handler function of the /goform/form2systime.cgi route. This could lead to command injection via shell metacharacters in the datetime parameter.
954 CVE-2018-17065 119 Overflow 2018-09-15 2018-11-13
10.0
None Remote Low Not required Complete Complete Complete
An issue was discovered on D-Link DIR-816 A2 1.10 B05 devices. Within the handler function of the /goform/DDNS route, a very long password could lead to a stack-based buffer overflow and overwrite the return address.
955 CVE-2018-17064 78 2018-09-15 2019-10-02
10.0
None Remote Low Not required Complete Complete Complete
An issue was discovered on D-Link DIR-816 A2 1.10 B05 devices. An HTTP request parameter is used in command string construction within the handler function of the /goform/sylogapply route. This could lead to command injection via the syslogIp parameter after /goform/clearlog is invoked.
956 CVE-2018-17063 78 2018-09-15 2019-10-02
10.0
None Remote Low Not required Complete Complete Complete
An issue was discovered on D-Link DIR-816 A2 1.10 B05 devices. An HTTP request parameter is used in command string construction within the handler function of the /goform/NTPSyncWithHost route. This could lead to command injection via shell metacharacters.
957 CVE-2018-17022 119 DoS Overflow 2018-09-13 2018-11-07
8.0
None Remote Low Single system Partial Partial Complete
Stack-based buffer overflow on the ASUS GT-AC5300 router through 3.0.0.4.384_32738 allows remote attackers to cause a denial of service (device crash) or possibly have unspecified other impact by setting a long sh_path0 value and then sending an appGet.cgi?hook=select_list("Storage_x_SharedPath") request, because ej_select_list in router/httpd/web.c uses strcpy.
958 CVE-2018-16957 798 2018-09-17 2018-12-06
10.0
None Remote Low Not required Complete Complete Complete
The Oracle WebCenter Interaction 10.3.3 search service queryd.exe binary is compiled with the i1g2s3c4 hardcoded password. Authentication to the Oracle WCI search service uses this hardcoded password and cannot be customised by customers. An adversary able to access this service over a network could perform search queries to extract large quantities of sensitive information from the WCI installation. NOTE: this CVE is assigned by MITRE and isn't validated by Oracle because Oracle WebCenter Interaction Portal is out of support.
959 CVE-2018-16863 78 Exec Code Bypass 2018-12-03 2019-10-09
9.3
None Remote Medium Not required Complete Complete Complete
It was found that RHSA-2018:2918 did not fully fix CVE-2018-16509. An attacker could possibly exploit another variant of the flaw and bypass the -dSAFER protection to, for example, execute arbitrary shell commands via a specially crafted PostScript document. This only affects ghostscript 9.07 as shipped with Red Hat Enterprise Linux 7.
960 CVE-2018-16796 434 2018-09-13 2018-11-25
9.0
None Remote Low Single system Complete Complete Complete
HiScout GRC Suite before 3.1.5 allows Unrestricted Upload of Files with Dangerous Types.
961 CVE-2018-16752 1188 Exec Code 2018-09-20 2019-10-02
9.0
None Remote Low Single system Complete Complete Complete
LINK-NET LW-N605R devices with firmware 12.20.2.1486 allow Remote Code Execution via shell metacharacters in the HOST field of the ping feature at adm/systools.asp. Authentication is needed but the default password of admin for the admin account may be used in some cases.
962 CVE-2018-16660 78 Exec Code 2019-04-25 2019-04-29
9.0
None Remote Low Single system Complete Complete Complete
A command injection vulnerability in PWS in Imperva SecureSphere 13.0.0.10 and 13.1.0.10 Gateway allows an attacker with authenticated access to execute arbitrary OS commands on a vulnerable installation.
963 CVE-2018-16651 74 2018-09-07 2018-11-14
9.0
None Remote Low Single system Complete Complete Complete
The admin backend in phpMyFAQ before 2.9.11 allows CSV injection in reports.
964 CVE-2018-16618 77 Exec Code 2019-06-19 2019-06-21
10.0
None Remote Low Not required Complete Complete Complete
VTech Storio Max before 56.D3JM6 allows remote command execution via shell metacharacters in an Android activity name. It exposes the storeintenttranslate.x service on port 1668 listening for requests on localhost. Requests submitted to this service are checked for a string of random characters followed by the name of an Android activity to start. Activities are started by inserting their name into a string that is executed in a shell command. By inserting metacharacters this can be exploited to run arbitrary commands as root. The requests also match those of the HTTP protocol and can be triggered on any web page rendered on the device by requesting resources stored at an http://127.0.0.1:1668/ URI, as demonstrated by the http://127.0.0.1:1668/dacdb70556479813fab2d92896596eef?';{ping,example.org}' URL.
965 CVE-2018-16593 77 2019-06-19 2019-06-24
8.3
None Local Network Low Not required Complete Complete Complete
The Photo Sharing Plus component on Sony Bravia TV through 8.587 devices allows Shell Metacharacter Injection.
966 CVE-2018-16591 425 2018-09-10 2019-10-02
10.0
None Remote Low Not required Complete Complete Complete
FURUNO FELCOM 250 and 500 devices allow unauthenticated users to change the password for the Admin, Log and Service accounts, as well as the password for the protected "SMS" panel via /cgi-bin/sm_changepassword.cgi and /cgi-bin/sm_sms_changepasswd.cgi.
967 CVE-2018-16590 287 2018-09-06 2018-11-14
10.0
None Remote Low Not required Complete Complete Complete
FURUNO FELCOM 250 and 500 devices use only client-side JavaScript in login.js for authentication.
968 CVE-2018-16509 Exec Code 2018-09-05 2019-10-02
9.3
None Remote Medium Not required Complete Complete Complete
An issue was discovered in Artifex Ghostscript before 9.24. Incorrect "restoration of privilege" checking during handling of /invalidaccess exceptions could be used by attackers able to supply crafted PostScript to execute code using the "pipe" instruction.
969 CVE-2018-16462 78 Exec Code 2018-10-30 2019-10-09
10.0
None Remote Low Not required Complete Complete Complete
A command injection vulnerability in the apex-publish-static-files npm module version <2.0.1 which allows arbitrary shell command execution through a maliciously crafted argument.
970 CVE-2018-16461 78 Exec Code 2018-10-30 2019-10-09
10.0
None Remote Low Not required Complete Complete Complete
A command injection vulnerability in libnmapp package for versions <0.4.16 allows arbitrary commands to be executed via arguments to the range options.
971 CVE-2018-16408 269 Exec Code 2018-09-03 2019-10-02
9.0
None Remote Low Single system Complete Complete Complete
D-Link DIR-846 devices with firmware 100.26 allow remote attackers to execute arbitrary code as root via a SetNetworkTomographySettings request by leveraging admin access.
972 CVE-2018-16367 284 2018-09-02 2019-10-02
9.0
None Remote Low Single system Complete Complete Complete
In OnlineJudge 2.0, the sandbox has an incorrect access control vulnerability that can write a file anywhere. A user can write a directory listing to /tmp, and can leak file data with a #include.
973 CVE-2018-16364 502 Exec Code 2018-09-26 2018-12-20
9.3
None Remote Medium Not required Complete Complete Complete
A serialization vulnerability in Zoho ManageEngine Applications Manager before build 13740 allows for remote code execution on Windows via a payload on an SMB share.
974 CVE-2018-16334 78 2018-09-01 2018-10-25
9.0
None Remote Low Single system Complete Complete Complete
An issue was discovered on Tenda AC9 V15.03.05.19(6318)_CN and AC10 V15.03.06.23_CN devices. The mac parameter in a POST request is used directly in a doSystemCmd call, causing OS command injection.
975 CVE-2018-16302 119 Overflow 2018-09-01 2018-11-01
9.3
None Remote Medium Not required Complete Complete Complete
MediaComm Zip-n-Go before 4.95 has a Buffer Overflow via a crafted file.
976 CVE-2018-16282 78 Exec Code 2018-09-20 2018-11-05
9.0
None Remote Low Single system Complete Complete Complete
A command injection vulnerability in the web server functionality of Moxa EDR-810 V4.2 build 18041013 allows remote attackers to execute arbitrary OS commands with root privilege via the caname parameter to the /xml/net_WebCADELETEGetValue URI.
977 CVE-2018-16217 78 2019-05-29 2019-05-31
9.0
None Remote Low Single system Complete Complete Complete
The network diagnostic function (ping) in the Yeahlink Ultra-elegant IP Phone SIP-T41P (firmware 66.83.0.35) allows a remote authenticated attacker to trigger OS commands or open a reverse shell via command injection.
978 CVE-2018-16201 798 Exec Code 2019-01-09 2019-01-24
8.3
None Local Network Low Not required Complete Complete Complete
Toshiba Home gateway HEM-GW16A 1.2.9 and earlier, Toshiba Home gateway HEM-GW26A 1.2.9 and earlier uses hard-coded credentials, which may allow an attacker on the same network segment to login to the administrators settings screen and change the configuration or execute arbitrary OS commands.
979 CVE-2018-16195 78 Exec Code 2019-01-09 2019-01-17
8.3
None Local Network Low Not required Complete Complete Complete
Aterm WF1200CR and Aterm WG1200CR (Aterm WF1200CR firmware Ver1.1.1 and earlier, Aterm WG1200CR firmware Ver1.0.1 and earlier) allows an attacker on the same network segment to execute arbitrary OS commands via SOAP interface of UPnP.
980 CVE-2018-16194 78 Exec Code 2019-01-09 2019-01-17
9.0
None Remote Low Single system Complete Complete Complete
Aterm WF1200CR and Aterm WG1200CR (Aterm WF1200CR firmware Ver1.1.1 and earlier, Aterm WG1200CR firmware Ver1.0.1 and earlier) allows authenticated attackers to execute arbitrary OS commands via unspecified vectors.
981 CVE-2018-16184 78 Exec Code 2019-01-09 2019-10-02
10.0
None Remote Low Not required Complete Complete Complete
RICOH Interactive Whiteboard D2200 V1.6 to V2.2, D5500 V1.6 to V2.2, D5510 V1.6 to V2.2, and the display versions with RICOH Interactive Whiteboard Controller Type1 V1.6 to V2.2 attached (D5520, D6500, D6510, D7500, D8400) allows remote attackers to execute arbitrary commands via unspecified vectors.
982 CVE-2018-16167 78 Exec Code 2019-01-09 2019-01-15
10.0
None Remote Low Not required Complete Complete Complete
LogonTracer 1.2.0 and earlier allows remote attackers to execute arbitrary OS commands via unspecified vectors.
983 CVE-2018-16161 +Priv 2018-11-15 2019-10-02
9.0
None Remote Low Single system Complete Complete Complete
OpenDolphin 2.7.0 and earlier allows authenticated users to gain administrative privileges and perform unintended operations.
984 CVE-2018-16158 1188 2018-08-30 2019-10-02
10.0
None Remote Low Not required Complete Complete Complete
Eaton Power Xpert Meter 4000, 6000, and 8000 devices before 13.4.0.10 have a single SSH private key across different customers' installations and do not properly restrict access to this key, which makes it easier for remote attackers to perform SSH logins (to uid 0) via the PubkeyAuthentication option.
985 CVE-2018-16146 78 2018-09-05 2019-10-02
9.0
None Remote Low Single system Complete Complete Complete
The web management console of Opsview Monitor 5.4.x before 5.4.2 provides functionality accessible by an authenticated administrator to test notifications that are triggered under certain configurable events. The value parameter is not properly sanitized, leading to arbitrary command injection with the privileges of the nagios user account.
986 CVE-2018-16145 732 2018-09-05 2019-10-02
9.3
None Remote Medium Not required Complete Complete Complete
The /etc/init.d/opsview-reporting-module script that runs at boot time in Opsview Monitor before 5.3.1 and 5.4.x before 5.4.2 invokes a file that can be edited by the nagios user, and would allow attackers to elevate their privileges to root after a system restart, hence obtaining full control of the appliance.
987 CVE-2018-16144 78 2018-09-05 2019-10-02
10.0
None Remote Low Not required Complete Complete Complete
The test connection functionality in the NetAudit section of Opsview Monitor before 5.3.1 and 5.4.x before 5.4.2 is vulnerable to command injection due to improper sanitization of the rancid_password parameter.
988 CVE-2018-16130 78 Exec Code 2018-11-27 2019-10-02
9.0
None Remote Low Single system Complete Complete Complete
System command injection in request_mitv in Xiaomi Mi Router 3 version 2.22.15 allows attackers to execute arbitrary system commands via the "payload" URL parameter.
989 CVE-2018-16119 119 Exec Code Overflow 2019-06-20 2019-06-24
9.0
None Remote Low Single system Complete Complete Complete
Stack-based buffer overflow in the httpd server of TP-Link WR1043nd (Firmware Version 3) allows remote attackers to execute arbitrary code via a malicious MediaServer request to /userRpm/MediaServerFoldersCfgRpm.htm.
990 CVE-2018-16118 78 Exec Code 2019-06-20 2019-06-25
9.3
None Remote Medium Not required Complete Complete Complete
A shell escape vulnerability in /webconsole/APIController in the API Configuration component of Sophos XG firewall 17.0.8 MR-8 allows remote attackers to execute arbitrary OS commands via shell metachracters in the "X-Forwarded-for" HTTP header.
991 CVE-2018-16117 78 Exec Code 2019-06-20 2019-06-24
9.0
None Remote Low Single system Complete Complete Complete
A shell escape vulnerability in /webconsole/Controller in Admin Portal of Sophos XG firewall 17.0.8 MR-8 allow remote authenticated attackers to execute arbitrary OS commands via shell metacharacters in the "dbName" POST parameter.
992 CVE-2018-16089 78 2018-11-27 2019-10-02
8.5
None Remote Medium Single system Complete Complete Complete
In System Management Module (SMM) versions prior to 1.06, a field in the header of SMM firmware update images is insufficiently sanitized, allowing post-authentication command injection on the SMM as the root user.
993 CVE-2018-16055 78 Exec Code 2018-09-26 2019-10-02
9.0
None Remote Low Single system Complete Complete Complete
An authenticated command injection vulnerability exists in status_interfaces.php via dhcp_relinquish_lease() in pfSense before 2.4.4 due to its passing user input from the $_POST parameters "ifdescr" and "ipv" to a shell without escaping the contents of the variables. This allows an authenticated WebGUI user with privileges for the affected page to execute commands in the context of the root user when submitting a request to relinquish a DHCP lease for an interface which is configured to obtain its address via DHCP.
994 CVE-2018-16046 416 Exec Code 2019-01-18 2019-08-21
9.3
None Remote Medium Not required Complete Complete Complete
Adobe Acrobat and Reader versions 2019.008.20081 and earlier, 2019.008.20080 and earlier, 2019.008.20081 and earlier, 2017.011.30106 and earlier version, 2017.011.30105 and earlier version, 2015.006.30457 and earlier, and 2015.006.30456 and earlier have a use after free vulnerability. Successful exploitation could lead to arbitrary code execution.
995 CVE-2018-16045 Bypass 2019-01-18 2019-10-02
9.3
None Remote Medium Not required Complete Complete Complete
Adobe Acrobat and Reader versions 2019.008.20081 and earlier, 2019.008.20080 and earlier, 2019.008.20081 and earlier, 2017.011.30106 and earlier version, 2017.011.30105 and earlier version, 2015.006.30457 and earlier, and 2015.006.30456 and earlier have a security bypass vulnerability. Successful exploitation could lead to privilege escalation.
996 CVE-2018-16044 Bypass 2019-01-18 2019-10-02
9.3
None Remote Medium Not required Complete Complete Complete
Adobe Acrobat and Reader versions 2019.008.20081 and earlier, 2019.008.20080 and earlier, 2019.008.20081 and earlier, 2017.011.30106 and earlier version, 2017.011.30105 and earlier version, 2015.006.30457 and earlier, and 2015.006.30456 and earlier have a security bypass vulnerability. Successful exploitation could lead to privilege escalation.
997 CVE-2018-16040 416 Exec Code 2019-01-18 2019-08-21
10.0
None Remote Low Not required Complete Complete Complete
Adobe Acrobat and Reader versions 2019.008.20081 and earlier, 2019.008.20080 and earlier, 2019.008.20081 and earlier, 2017.011.30106 and earlier version, 2017.011.30105 and earlier version, 2015.006.30457 and earlier, and 2015.006.30456 and earlier have a use after free vulnerability. Successful exploitation could lead to arbitrary code execution.
998 CVE-2018-16039 416 Exec Code 2019-01-18 2019-08-21
10.0
None Remote Low Not required Complete Complete Complete
Adobe Acrobat and Reader versions 2019.008.20081 and earlier, 2019.008.20080 and earlier, 2019.008.20081 and earlier, 2017.011.30106 and earlier version, 2017.011.30105 and earlier version, 2015.006.30457 and earlier, and 2015.006.30456 and earlier have a use after free vulnerability. Successful exploitation could lead to arbitrary code execution.
999 CVE-2018-16037 416 Exec Code 2019-01-18 2019-08-21
10.0
None Remote Low Not required Complete Complete Complete
Adobe Acrobat and Reader versions 2019.008.20081 and earlier, 2019.008.20080 and earlier, 2019.008.20081 and earlier, 2017.011.30106 and earlier version, 2017.011.30105 and earlier version, 2015.006.30457 and earlier, and 2015.006.30456 and earlier have a use after free vulnerability. Successful exploitation could lead to arbitrary code execution.
1000 CVE-2018-16036 416 Exec Code 2019-01-18 2019-08-21
10.0
None Remote Low Not required Complete Complete Complete
Adobe Acrobat and Reader versions 2019.008.20081 and earlier, 2019.008.20080 and earlier, 2019.008.20081 and earlier, 2017.011.30106 and earlier version, 2017.011.30105 and earlier version, 2015.006.30457 and earlier, and 2015.006.30456 and earlier have a use after free vulnerability. Successful exploitation could lead to arbitrary code execution.
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.