| # |
CVE ID
|
CWE ID
|
# of Exploits
|
Vulnerability Type(s)
|
Publish Date
|
Update Date
|
Score
|
Gained Access Level
|
Access
|
Complexity
|
Authentication
|
Conf.
|
Integ.
|
Avail.
|
|
10351 |
CVE-2018-13457 |
476 |
|
|
2018-07-12 |
2018-09-06 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
qh_echo in Nagios Core 4.4.1 and earlier is prone to a NULL pointer dereference vulnerability, which allows attackers to cause a local denial-of-service condition by sending a crafted payload to the listening UNIX socket. |
|
10352 |
CVE-2018-13446 |
287 |
|
Bypass |
2018-08-16 |
2018-11-08 |
4.4 |
None |
Local |
Medium |
Not required |
Partial |
Partial |
Partial |
|
** DISPUTED ** An issue was discovered in the LINE jp.naver.line application 8.8.1 for Android. The Passcode feature allows authentication bypass via runtime manipulation that forces a certain method's return value to true. In other words, an attacker could authenticate with an arbitrary passcode. NOTE: the vendor indicates that this is not an attack of interest within the context of their threat model, which excludes Android devices on which rooting has occurred. |
|
10353 |
CVE-2018-13445 |
352 |
|
CSRF |
2018-07-08 |
2018-08-28 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
An issue was discovered in SeaCMS 6.61. There is a CSRF vulnerability that can add a user account via adm1n/admin_manager.php?action=add. |
|
10354 |
CVE-2018-13444 |
352 |
|
CSRF |
2018-07-08 |
2018-08-28 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
An issue was discovered in SeaCMS 6.61. There is a CSRF vulnerability that can add an admin account via adm1n/admin_manager.php?action=save&id=2. |
|
10355 |
CVE-2018-13443 |
119 |
|
Overflow |
2019-04-24 |
2019-04-26 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
EOS.IO jit-wasm 4.1 has a heap-based buffer overflow via a crafted wast file. |
|
10356 |
CVE-2018-13442 |
89 |
|
Sql |
2019-07-16 |
2019-07-18 |
6.5 |
None |
Remote |
Low |
Single system |
Partial |
Partial |
Partial |
|
SolarWinds Network Performance Monitor 12.3 allows SQL Injection via the /api/ActiveAlertsOnThisEntity/GetActiveAlerts TriggeringObjectEntityNames parameter. |
|
10357 |
CVE-2018-13441 |
476 |
|
|
2018-07-12 |
2018-09-06 |
2.1 |
None |
Local |
Low |
Not required |
None |
None |
Partial |
|
qh_help in Nagios Core version 4.4.1 and earlier is prone to a NULL pointer dereference vulnerability, which allows attacker to cause a local denial-of-service condition by sending a crafted payload to the listening UNIX socket. |
|
10358 |
CVE-2018-13440 |
476 |
|
DoS |
2018-07-08 |
2018-10-25 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
The audiofile Audio File Library 0.3.6 has a NULL pointer dereference bug in ModuleState::setup in modules/ModuleState.cpp, which allows an attacker to cause a denial of service via a crafted caf file, as demonstrated by sfconvert. |
|
10359 |
CVE-2018-13439 |
611 |
|
|
2018-07-08 |
2018-09-10 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
WXPayUtil in WeChat Pay Java SDK allows XXE attacks involving a merchant notification URL. |
|
10360 |
CVE-2018-13435 |
287 |
|
Bypass |
2018-08-16 |
2018-11-08 |
4.4 |
None |
Local |
Medium |
Not required |
Partial |
Partial |
Partial |
|
** DISPUTED ** An issue was discovered in the LINE jp.naver.line application 8.8.0 for iOS. The Passcode feature allows authentication bypass via runtime manipulation that forces a certain method to disable passcode authentication. NOTE: the vendor indicates that this is not an attack of interest within the context of their threat model, which excludes iOS devices on which a jailbreak has occurred. |
|
10361 |
CVE-2018-13434 |
287 |
|
Bypass |
2018-08-16 |
2018-11-08 |
4.4 |
None |
Local |
Medium |
Not required |
Partial |
Partial |
Partial |
|
** DISPUTED ** An issue was discovered in the LINE jp.naver.line application 8.8.0 for iOS. The LAContext class for Biometric (TouchID) validation allows authentication bypass by overriding the LAContext return Boolean value to be "true" because the kSecAccessControlUserPresence protection mechanism is not used. In other words, an attacker could authenticate with an arbitrary fingerprint. NOTE: the vendor indicates that this is not an attack of interest within the context of their threat model, which excludes iOS devices on which a jailbreak has occurred. |
|
10362 |
CVE-2018-13433 |
79 |
|
XSS |
2018-07-08 |
2018-08-28 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
Boostnote v0.11.7 allows XSS during highlighting of Markdown text, as demonstrated by an onerror attribute of an IMG element. |
|
10363 |
CVE-2018-13423 |
79 |
|
XSS |
2018-07-07 |
2018-08-27 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
admin/themes/default/items/tag-form.php in Omeka before 2.6.1 allows XSS by adding or editing a tag. |
|
10364 |
CVE-2018-13422 |
79 |
|
XSS |
2018-07-07 |
2018-08-27 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
TCExam before 14.1.2 has XSS via an ff_ or xl_ field. |
|
10365 |
CVE-2018-13420 |
772 |
|
|
2018-07-07 |
2019-10-02 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
** DISPUTED ** Google gperftools 2.7 has a memory leak in malloc_extension.cc, related to MallocExtension::Register and InitModule. NOTE: the software maintainer indicates that this is not a bug; it is only a false-positive report from the LeakSanitizer program. |
|
10366 |
CVE-2018-13419 |
772 |
|
|
2018-07-07 |
2019-10-02 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
** DISPUTED ** An issue has been found in libsndfile 1.0.28. There is a memory leak in psf_allocate in common.c, as demonstrated by sndfile-convert. NOTE: The maintainer and third parties were unable to reproduce and closed the issue. |
|
10367 |
CVE-2018-13409 |
79 |
|
+Priv XSS |
2018-07-06 |
2018-08-23 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
An issue was discovered in Jirafeau before 3.4.1. The "search file by hash" form is affected by reflected XSS that could allow, by targeting an administrator, stealing a session and gaining administrative privileges. |
|
10368 |
CVE-2018-13408 |
79 |
|
+Priv XSS |
2018-07-06 |
2018-08-23 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
An issue was discovered in Jirafeau before 3.4.1. The "search file by link" form is affected by reflected XSS that could allow, by targeting an administrator, stealing a session and gaining administrative privileges. |
|
10369 |
CVE-2018-13407 |
352 |
|
CSRF |
2018-07-06 |
2018-08-23 |
5.5 |
None |
Remote |
Low |
Single system |
None |
Partial |
Partial |
|
A CSRF issue was discovered in Jirafeau before 3.4.1. The "delete file" feature on the admin panel is not protected against automated requests and could be abused. |
|
10370 |
CVE-2018-13405 |
269 |
|
|
2018-07-06 |
2019-10-02 |
4.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
|
The inode_init_owner function in fs/inode.c in the Linux kernel through 4.17.4 allows local users to create files with an unintended group ownership, in a scenario where a directory is SGID to a certain group and is writable by a user who is not a member of that group. Here, the non-member can trigger creation of a plain file whose group ownership is that group. The intended behavior was that the non-member can trigger creation of a directory (but not a plain file) whose group ownership is that group. The non-member can escalate privileges by making the plain file executable and SGID. |
|
10371 |
CVE-2018-13402 |
601 |
|
CSRF |
2018-10-23 |
2018-12-03 |
5.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
None |
|
Many resources in Atlassian Jira before version 7.6.9, from version 7.7.0 before version 7.7.5, from version 7.8.0 before version 7.8.5, from version 7.9.0 before version 7.9.3, from version 7.10.0 before version 7.10.3, from version 7.11.0 before version 7.11.3, from version 7.12.0 before version 7.12.3, and before version 7.13.1 allow remote attackers to attack users, in some cases be able to obtain a user's Cross-site request forgery (CSRF) token, via a open redirect vulnerability. |
|
10372 |
CVE-2018-13401 |
601 |
|
CSRF |
2018-10-23 |
2018-12-03 |
5.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
None |
|
The XsrfErrorAction resource in Atlassian Jira before version 7.6.9, from version 7.7.0 before version 7.7.5, from version 7.8.0 before version 7.8.5, from version 7.9.0 before version 7.9.3, from version 7.10.0 before version 7.10.3, from version 7.11.0 before version 7.11.3, from version 7.12.0 before version 7.12.3, and before version 7.13.1 allows remote attackers to obtain a user's Cross-site request forgery (CSRF) token through an open redirect vulnerability. |
|
10373 |
CVE-2018-13400 |
269 |
|
|
2018-10-23 |
2019-10-02 |
6.5 |
None |
Remote |
Low |
Single system |
Partial |
Partial |
Partial |
|
Several administrative resources in Atlassian Jira before version 7.6.9, from version 7.7.0 before version 7.7.5, from version 7.8.0 before version 7.8.5, from version 7.9.0 before version 7.9.3, from version 7.10.0 before version 7.10.3, from version 7.11.0 before version 7.11.3, from version 7.12.0 before version 7.12.3, and before version 7.13.1 allow remote attackers who have obtained access to administrator's session to access certain administrative resources without needing to re-authenticate to pass "WebSudo" through an improper access control vulnerability. |
|
10374 |
CVE-2018-13399 |
732 |
|
|
2018-10-16 |
2019-10-02 |
4.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
|
The Microsoft Windows Installer for Atlassian Fisheye and Crucible before version 4.6.1 allows local attackers to escalate privileges because of weak permissions on the installation directory. |
|
10375 |
CVE-2018-13398 |
352 |
|
CSRF |
2018-09-18 |
2018-12-13 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
The administrative smart-commits resource in Atlassian Fisheye and Crucible before version 4.5.4 allows remote attackers to modify smart-commit settings via a Cross-site request forgery (CSRF) vulnerability. |
|
10376 |
CVE-2018-13395 |
79 |
|
XSS |
2018-08-28 |
2018-11-08 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
Various resources in Atlassian Jira before version 7.6.8, from version 7.7.0 before version 7.7.5, from version 7.8.0 before version 7.8.5, from version 7.9.0 before version 7.9.3, from version 7.10.0 before version 7.10.3 and before version 7.11.1 allow remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability in the epic colour field of an issue while an issue is being moved. |
|
10377 |
CVE-2018-13394 |
352 |
|
CSRF |
2018-08-15 |
2018-10-12 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
The acceptAnswer resource in Atlassian Confluence Questions before version 2.6.6, the bundled version of Confluence Questions was updated to a fixed version in Confluence version 6.9.0, allows remote attackers to modify a comment into an answer via a Cross-site request forgery (CSRF) vulnerability. |
|
10378 |
CVE-2018-13393 |
352 |
|
CSRF |
2018-08-15 |
2018-10-12 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
The convertCommentToAnswer resource in Atlassian Confluence Questions before version 2.6.6, the bundled version of Confluence Questions was updated to a fixed version in Confluence version 6.9.0, allows remote attackers to modify a comment into an answer via a Cross-site request forgery (CSRF) vulnerability. |
|
10379 |
CVE-2018-13392 |
79 |
|
XSS |
2018-08-13 |
2018-10-10 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
Several resources in Atlassian Fisheye and Crucible before version 4.6.0 allow remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability in linked issue keys. |
|
10380 |
CVE-2018-13391 |
200 |
|
+Info |
2018-08-28 |
2018-11-08 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
The ProfileLinkUserFormat component of Jira Server before version 7.6.8, from version 7.7.0 before version 7.7.5, from version 7.8.0 before version 7.8.5, from version 7.9.0 before version 7.9.3, from version 7.10.0 before version 7.10.3 and from version 7.11.0 before version 7.11.2 allows remote attackers who can access & view an issue to obtain the email address of the reporter and assignee user of an issue despite the configured email visibility setting being set to hidden. |
|
10381 |
CVE-2018-13390 |
|
|
|
2018-08-10 |
2019-10-02 |
4.8 |
None |
Local Network |
Low |
Not required |
Partial |
Partial |
None |
|
Unauthenticated access to cloudtoken daemon on Linux via network from version 0.1.1 before version 0.1.24 allows attackers on the same subnet to gain temporary AWS credentials for the users' roles. |
|
10382 |
CVE-2018-13389 |
20 |
|
|
2018-07-10 |
2018-09-07 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
The attachment resource in Atlassian Confluence before version 6.6.1 allows remote attackers to spoof web content in the Mozilla Firefox Browser through attachments that have a content-type of application/rdf+xml. |
|
10383 |
CVE-2018-13388 |
79 |
|
XSS |
2018-07-10 |
2018-09-04 |
3.5 |
None |
Remote |
Medium |
Single system |
None |
Partial |
None |
|
The review attachment resource in Atlassian Fisheye and Crucible before version 4.5.3 allows remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability in attached files. |
|
10384 |
CVE-2018-13387 |
79 |
|
XSS |
2018-07-16 |
2018-09-17 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
The IncomingMailServers resource in Atlassian JIRA Server before version 7.6.7, from version 7.7.0 before version 7.7.5, from version 7.8.0 before version 7.8.5, from version 7.9.0 before version 7.9.3 and from version 7.10.0 before version 7.10.2 allows remote attackers to inject arbitrary HTML or JavaScript via a cross site scripting (XSS) vulnerability in the messagesThreshold parameter as the fix for CVE-2017-18039 was incomplete. |
|
10385 |
CVE-2018-13386 |
74 |
|
Exec Code |
2018-07-24 |
2018-09-20 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
There was an argument injection vulnerability in Sourcetree for Windows via filenames in Mercurial repositories. An attacker with permission to commit to a Mercurial repository linked in Sourcetree for Windows is able to exploit this issue to gain code execution on the system. Versions of Sourcetree for Windows before version 2.6.9 are affected by this vulnerability. |
|
10386 |
CVE-2018-13384 |
601 |
|
|
2019-06-04 |
2019-06-05 |
5.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
None |
|
A Host Header Redirection vulnerability in Fortinet FortiOS all versions below 6.0.5 under SSL VPN web portal allows a remote attacker to potentially poison HTTP cache and subsequently redirect SSL VPN web portal users to arbitrary web domains. |
|
10387 |
CVE-2018-13383 |
119 |
|
Overflow |
2019-05-29 |
2019-06-03 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
A heap buffer overflow in Fortinet FortiOS all versions below 6.0.5 in the SSL VPN web portal may cause the SSL VPN web service termination for logged in users due to a failure to properly handle javascript href data when proxying webpages. |
|
10388 |
CVE-2018-13382 |
285 |
|
|
2019-06-04 |
2019-06-11 |
5.0 |
None |
Remote |
Low |
Not required |
None |
Partial |
None |
|
An Improper Authorization vulnerability in Fortinet FortiOS 6.0.0 to 6.0.4, 5.6.0 to 5.6.8 and 5.4.1 to 5.4.10 under SSL VPN web portal allows an unauthenticated attacker to modify the password of an SSL VPN web portal user via specially crafted HTTP requests. |
|
10389 |
CVE-2018-13381 |
119 |
|
Overflow |
2019-06-04 |
2019-08-29 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
A buffer overflow vulnerability in Fortinet FortiOS 6.0.0 to 6.0.4, 5.6.0 to 5.6.7, 5.4 and below versions under SSL VPN web portal allows a non-authenticated attacker to perform a Denial-of-service attack via special craft message payloads. |
|
10390 |
CVE-2018-13380 |
79 |
|
Exec Code XSS |
2019-06-04 |
2019-06-07 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
A Cross-site Scripting (XSS) vulnerability in Fortinet FortiOS 6.0.0 to 6.0.4, 5.6.0 to 5.6.7, 5.4 and below versions under SSL VPN web portal allows attacker to execute unauthorized malicious script code via the error or message handling parameters. |
|
10391 |
CVE-2018-13379 |
22 |
|
Dir. Trav. |
2019-06-04 |
2019-09-19 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
An Improper Limitation of a Pathname to a Restricted Directory ("Path Traversal") in Fortinet FortiOS 6.0.0 to 6.0.4, 5.6.3 to 5.6.7 under SSL VPN web portal allows an unauthenticated attacker to download system files via special crafted HTTP resource requests. |
|
10392 |
CVE-2018-13378 |
200 |
|
+Info |
2019-04-17 |
2019-04-17 |
4.0 |
None |
Remote |
Low |
Single system |
Partial |
None |
None |
|
An information disclosure vulnerability in Fortinet FortiSIEM 5.2.0 and below versions exposes the LDAP server plaintext password via the HTML source code. |
|
10393 |
CVE-2018-13376 |
|
|
|
2018-11-27 |
2019-10-02 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
An uninitialized memory buffer leak exists in Fortinet FortiOS 5.6.1 to 5.6.3, 5.4.6 to 5.4.7, 5.2 all versions under web proxy's disclaimer response web pages, potentially causing sensitive data to be displayed in the HTTP response. |
|
10394 |
CVE-2018-13375 |
79 |
|
Exec Code XSS |
2019-05-28 |
2019-05-30 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
An Improper Neutralization of Script-Related HTML Tags in Fortinet FortiAnalyzer 5.6.0 and below and FortiManager 5.6.0 and below allows an attacker to send DHCP request containing malicious scripts in the HOSTNAME parameter. The malicious script code is executed while viewing the logs in FortiAnalyzer and FortiManager (with FortiAnalyzer feature enabled). |
|
10395 |
CVE-2018-13374 |
732 |
|
|
2019-01-22 |
2019-10-02 |
4.0 |
None |
Remote |
Low |
Single system |
Partial |
None |
None |
|
A Improper Access Control in Fortinet FortiOS allows attacker to obtain the LDAP server login credentials configured in FortiGate via pointing a LDAP server connectivity test request to a rogue LDAP server instead of the configured one. |
|
10396 |
CVE-2018-13368 |
264 |
|
Exec Code |
2019-05-30 |
2019-05-30 |
4.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
|
A local privilege escalation in Fortinet FortiClient for Windows 6.0.4 and earlier allows attacker to execute unauthorized code or commands via the command injection. |
|
10397 |
CVE-2018-13367 |
200 |
|
+Info |
2019-08-23 |
2019-08-26 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
An information exposure vulnerability in FortiOS 6.2.0 and below may allow an unauthenticated attacker to gain platform information such as version, models, via parsing a JavaScript file through admin webUI. |
|
10398 |
CVE-2018-13366 |
200 |
|
+Info |
2019-04-09 |
2019-04-10 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
An information disclosure vulnerability in Fortinet FortiOS 6.0.1, 5.6.7 and below allows attacker to reveals serial number of FortiGate via hostname field defined in connection control setup packets of PPTP protocol. |
|
10399 |
CVE-2018-13365 |
200 |
|
+Info |
2019-05-29 |
2019-05-30 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
An Information Exposure vulnerability in Fortinet FortiOS 6.0.1, 5.6.5 and below, allow attackers to learn private IP as well as the hostname of FortiGate via Application Control Block page. |
|
10400 |
CVE-2018-13361 |
20 |
|
|
2018-11-27 |
2018-12-21 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
User enumeration in usertable.php in TerraMaster TOS version 3.1.03 allows attackers to list all system users via the "modgroup" parameter. |
