# |
CVE ID
|
CWE ID
|
# of Exploits
|
Vulnerability Type(s)
|
Publish Date
|
Update Date
|
Score
|
Gained Access Level
|
Access
|
Complexity
|
Authentication
|
Conf.
|
Integ.
|
Avail.
|
11651 |
CVE-2018-14492 |
119 |
|
Overflow |
2018-07-21 |
2018-09-20 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
Tenda AC7 through V15.03.06.44_CN, AC9 through V15.03.05.19(6318)_CN, and AC10 through V15.03.06.23_CN devices have a Stack-based Buffer Overflow via a long limitSpeed or limitSpeedup parameter to an unspecified /goform URI. |
11652 |
CVE-2018-14485 |
611 |
|
|
2019-05-07 |
2019-05-08 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
BlogEngine.NET 3.3 allows XXE attacks via the POST body to metaweblog.axd. |
11653 |
CVE-2018-14481 |
79 |
|
XSS |
2019-01-03 |
2019-01-14 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
Osclass 3.7.4 has XSS via the query string to index.php, a different vulnerability than CVE-2014-6280. |
11654 |
CVE-2018-14478 |
79 |
|
XSS |
2019-05-07 |
2019-05-07 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
ecard.php in Coppermine Photo Gallery (CPG) 1.5.46 has XSS via the sender_name, recipient_email, greetings, or recipient_name parameter. |
11655 |
CVE-2018-14474 |
601 |
|
|
2018-07-20 |
2018-10-29 |
5.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
None |
views/auth.go in Orange Forum 1.4.0 allows Open Redirection via the next parameter to /login or /signup. |
11656 |
CVE-2018-14473 |
611 |
|
DoS |
2018-08-03 |
2018-09-30 |
6.4 |
None |
Remote |
Low |
Not required |
Partial |
None |
Partial |
OCS Inventory 2.4.1 lacks a proper XML parsing configuration, allowing the use of external entities. This issue can be exploited by an attacker sending a crafted HTTP request in order to exfiltrate information or cause a Denial of Service. |
11657 |
CVE-2018-14472 |
89 |
|
Sql |
2018-07-20 |
2018-09-14 |
6.5 |
None |
Remote |
Low |
Single system |
Partial |
Partial |
Partial |
An issue was discovered in WUZHI CMS 4.1.0. The vulnerable file is coreframe/app/order/admin/goods.php. The $keywords parameter is taken directly into execution without any filtering, leading to SQL injection. |
11658 |
CVE-2018-14471 |
476 |
|
DoS |
2018-07-20 |
2018-08-24 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
dwg_obj_block_control_get_block_headers in dwg_api.c in GNU LibreDWG 0.5.1048 allows remote attackers to cause a denial of service (NULL pointer dereference and SEGV) via a crafted dwg file. |
11659 |
CVE-2018-14470 |
125 |
|
|
2019-10-03 |
2019-10-11 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
The Babel parser in tcpdump before 4.9.3 has a buffer over-read in print-babel.c:babel_print_v2(). |
11660 |
CVE-2018-14469 |
125 |
|
|
2019-10-03 |
2019-10-11 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
The IKEv1 parser in tcpdump before 4.9.3 has a buffer over-read in print-isakmp.c:ikev1_n_print(). |
11661 |
CVE-2018-14468 |
125 |
|
|
2019-10-03 |
2019-10-11 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
The FRF.16 parser in tcpdump before 4.9.3 has a buffer over-read in print-fr.c:mfr_print(). |
11662 |
CVE-2018-14467 |
125 |
|
|
2019-10-03 |
2019-10-11 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
The BGP parser in tcpdump before 4.9.3 has a buffer over-read in print-bgp.c:bgp_capabilities_print() (BGP_CAPCODE_MP). |
11663 |
CVE-2018-14466 |
125 |
|
|
2019-10-03 |
2019-10-11 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
The Rx parser in tcpdump before 4.9.3 has a buffer over-read in print-rx.c:rx_cache_find() and rx_cache_insert(). |
11664 |
CVE-2018-14465 |
125 |
|
|
2019-10-03 |
2019-10-11 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
The RSVP parser in tcpdump before 4.9.3 has a buffer over-read in print-rsvp.c:rsvp_obj_print(). |
11665 |
CVE-2018-14464 |
125 |
|
|
2019-10-03 |
2019-10-11 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
The LMP parser in tcpdump before 4.9.3 has a buffer over-read in print-lmp.c:lmp_print_data_link_subobjs(). |
11666 |
CVE-2018-14463 |
125 |
|
|
2019-10-03 |
2019-10-11 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
The VRRP parser in tcpdump before 4.9.3 has a buffer over-read in print-vrrp.c:vrrp_print(). |
11667 |
CVE-2018-14462 |
125 |
|
|
2019-10-03 |
2019-10-11 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
The ICMP parser in tcpdump before 4.9.3 has a buffer over-read in print-icmp.c:icmp_print(). |
11668 |
CVE-2018-14461 |
125 |
|
|
2019-10-03 |
2019-10-11 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
The LDP parser in tcpdump before 4.9.3 has a buffer over-read in print-ldp.c:ldp_tlv_print(). |
11669 |
CVE-2018-14460 |
125 |
|
|
2018-07-20 |
2018-09-06 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
An issue was discovered in the HDF HDF5 1.8.20 library. There is a heap-based buffer over-read in the function H5O_sdspace_decode in H5Osdspace.c. |
11670 |
CVE-2018-14459 |
787 |
|
|
2018-07-20 |
2018-09-13 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
An issue was discovered in libgig 4.1.0. There is an out-of-bounds write in pData[0] access in the function store16 in helper.h. |
11671 |
CVE-2018-14458 |
119 |
|
Overflow |
2018-07-20 |
2018-09-13 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
An issue was discovered in libgig 4.1.0. There is a heap-based buffer overflow in pData[1] access in the function store32 in helper.h. |
11672 |
CVE-2018-14457 |
787 |
|
|
2018-07-20 |
2018-09-13 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
An issue was discovered in libgig 4.1.0. There is an out-of-bounds write in the function DLS::Info::UpdateChunks in DLS.cpp. |
11673 |
CVE-2018-14456 |
787 |
|
|
2018-07-20 |
2018-09-13 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
An issue was discovered in libgig 4.1.0. There is an out-of-bounds write in the function DLS::Info::SaveString in DLS.cpp. |
11674 |
CVE-2018-14455 |
787 |
|
|
2018-07-20 |
2018-09-13 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
An issue was discovered in libgig 4.1.0. There is an out-of-bounds write in pData[0] access in the function store32 in helper.h. |
11675 |
CVE-2018-14454 |
125 |
|
|
2018-07-20 |
2018-09-11 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
An issue was discovered in libgig 4.1.0. There is an out-of-bounds read in the function RIFF::Chunk::Read in RIFF.cpp. |
11676 |
CVE-2018-14453 |
119 |
|
Overflow |
2018-07-20 |
2018-09-13 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
An issue was discovered in libgig 4.1.0. There is a heap-based buffer overflow in pData[1] access in the function store16 in helper.h. |
11677 |
CVE-2018-14452 |
125 |
|
|
2018-07-20 |
2018-09-11 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
An issue was discovered in libgig 4.1.0. There is an out-of-bounds read in the "always assign the sample of the first dimension region of this region" feature of the function gig::Region::UpdateChunks in gig.cpp. |
11678 |
CVE-2018-14451 |
119 |
|
Overflow |
2018-07-20 |
2018-09-13 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
An issue was discovered in libgig 4.1.0. There is a heap-based buffer overflow in the function RIFF::Chunk::Read in RIFF.cpp. |
11679 |
CVE-2018-14450 |
125 |
|
|
2018-07-20 |
2018-09-11 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
An issue was discovered in libgig 4.1.0. There is an out-of-bounds read in the "update dimension region's chunks" feature of the function gig::Region::UpdateChunks in gig.cpp. |
11680 |
CVE-2018-14449 |
125 |
|
|
2018-07-20 |
2018-09-11 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
An issue was discovered in libgig 4.1.0. There is an out of bounds read in gig::File::UpdateChunks in gig.cpp. |
11681 |
CVE-2018-14448 |
476 |
|
|
2018-07-20 |
2018-09-14 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
Codec::parse in track.cpp in Untrunc through 2018-06-07 has a NULL pointer dereference via a crafted MP4 file because of improper interaction with libav. |
11682 |
CVE-2018-14447 |
125 |
|
|
2018-07-20 |
2018-09-14 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
trim_whitespace in lexer.l in libConfuse v3.2.1 has an out-of-bounds read. |
11683 |
CVE-2018-14446 |
119 |
|
DoS Overflow |
2018-07-20 |
2018-09-17 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
MP4Integer32Property::Read in atom_avcC.cpp in MP4v2 2.1.0 allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted MP4 file. |
11684 |
CVE-2018-14445 |
835 |
|
DoS |
2018-07-20 |
2019-10-02 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
In Bento4 v1.5.1-624, AP4_File::ParseStream in Ap4File.cpp allows remote attackers to cause a denial of service (infinite loop) via a crafted MP4 file. |
11685 |
CVE-2018-14444 |
125 |
|
Overflow |
2018-07-20 |
2018-09-17 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
libdxfrw 0.6.3 has an Integer Overflow in dwgCompressor::decompress18 in dwgutil.cpp, leading to an out-of-bounds read and application crash. |
11686 |
CVE-2018-14443 |
119 |
|
DoS Overflow |
2018-07-20 |
2018-08-23 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
get_first_owned_object in dwg.c in GNU LibreDWG 0.5.1036 allows remote attackers to cause a denial of service (SEGV). |
11687 |
CVE-2018-14442 |
416 |
|
Exec Code |
2018-07-20 |
2018-09-17 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
Foxit Reader before 9.2 and PhantomPDF before 9.2 have a Use-After-Free that leads to Remote Code Execution, aka V-88f4smlocs. |
11688 |
CVE-2018-14441 |
434 |
|
|
2018-07-19 |
2018-09-14 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
An issue was discovered in cckevincyh SSH CompanyWebsite through 2018-05-03. admin/admin/fileUploadAction_fileUpload.action allows arbitrary file upload, as demonstrated by a .jsp file with the image/jpeg content type. |
11689 |
CVE-2018-14440 |
89 |
|
Sql |
2018-07-19 |
2018-09-14 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
An issue was discovered in cckevincyh SSH CompanyWebsite through 2018-05-03. SQL injection exists via the admin/noticeManageAction_queryNotice.action noticeInfo parameter. |
11690 |
CVE-2018-14439 |
682 |
|
|
2018-07-19 |
2018-09-17 |
5.0 |
None |
Remote |
Low |
Not required |
None |
Partial |
None |
espritblock eos4j, an unofficial SDK for EOS, through 2018-07-12 mishandles floating-point numbers with more than four digits after the decimal point, which might allow attackers to trigger currency transfers of unintended amounts. |
11691 |
CVE-2018-14438 |
20 |
|
|
2018-07-19 |
2018-09-17 |
5.0 |
None |
Remote |
Low |
Not required |
None |
Partial |
None |
In Wireshark through 2.6.2, the create_app_running_mutex function in wsutil/file_util.c calls SetSecurityDescriptorDacl to set a NULL DACL, which allows attackers to modify the access control arbitrarily. |
11692 |
CVE-2018-14437 |
772 |
|
|
2018-07-19 |
2019-10-02 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
ImageMagick 7.0.8-4 has a memory leak in parse8BIM in coders/meta.c. |
11693 |
CVE-2018-14436 |
772 |
|
|
2018-07-19 |
2019-10-02 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
ImageMagick 7.0.8-4 has a memory leak in ReadMIFFImage in coders/miff.c. |
11694 |
CVE-2018-14435 |
772 |
|
|
2018-07-19 |
2019-10-02 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
ImageMagick 7.0.8-4 has a memory leak in DecodeImage in coders/pcd.c. |
11695 |
CVE-2018-14434 |
772 |
|
|
2018-07-19 |
2019-10-02 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
ImageMagick 7.0.8-4 has a memory leak for a colormap in WriteMPCImage in coders/mpc.c. |
11696 |
CVE-2018-14430 |
79 |
|
XSS |
2018-07-25 |
2018-09-20 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
The Mondula Multi Step Form plugin through 1.2.5 for WordPress allows XSS via the fw_data [id][1], fw_data [id][2], fw_data [id][3], fw_data [id][4], or email field of the contact form, exploitable with an fw_send_email action to wp-admin/admin-ajax.php. |
11697 |
CVE-2018-14429 |
22 |
|
Dir. Trav. File Inclusion |
2018-08-14 |
2018-10-12 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
man-cgi before 1.16 allows Local File Inclusion via absolute path traversal, as demonstrated by a cgi-bin/man-cgi?/etc/passwd URI. |
11698 |
CVE-2018-14425 |
79 |
|
XSS |
2019-05-30 |
2019-05-31 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
There is a Persistent XSS vulnerability in the briefcase component of Synacor Zimbra Collaboration Suite (ZCS) Zimbra Web Client (ZWC) 8.8.8 before 8.8.8 Patch 7 and 8.8.9 before 8.8.9 Patch 1. |
11699 |
CVE-2018-14424 |
416 |
|
DoS Exec Code |
2018-08-14 |
2018-10-18 |
4.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
The daemon in GDM through 3.29.1 does not properly unexport display objects from its D-Bus interface when they are destroyed, which allows a local attacker to trigger a use-after-free via a specially crafted sequence of D-Bus method calls, resulting in a denial of service or potential code execution. |
11700 |
CVE-2018-14423 |
369 |
|
DoS |
2018-07-19 |
2019-08-21 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
Division-by-zero vulnerabilities in the functions pi_next_pcrl, pi_next_cprl, and pi_next_rpcl in lib/openjp3d/pi.c in OpenJPEG through 2.3.0 allow remote attackers to cause a denial of service (application crash). |