| # |
CVE ID
|
CWE ID
|
# of Exploits
|
Vulnerability Type(s)
|
Publish Date
|
Update Date
|
Score
|
Gained Access Level
|
Access
|
Complexity
|
Authentication
|
Conf.
|
Integ.
|
Avail.
|
|
11751 |
CVE-2018-10856 |
732 |
|
|
2018-07-02 |
2019-10-09 |
6.5 |
None |
Remote |
Low |
Single system |
Partial |
Partial |
Partial |
|
It has been discovered that podman before version 0.6.1 does not drop capabilities when executing a container as a non-root user. This results in unnecessary privileges being granted to the container. |
|
11752 |
CVE-2018-10855 |
532 |
|
|
2018-07-02 |
2019-07-24 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
Ansible 2.5 prior to 2.5.5, and 2.4 prior to 2.4.5, do not honor the no_log task flag for failed tasks. When the no_log flag has been used to protect sensitive data passed to a task from being logged, and that task does not run successfully, Ansible will expose sensitive data in log files and on the terminal of the user running Ansible. |
|
11753 |
CVE-2018-10853 |
269 |
|
|
2018-09-11 |
2019-10-02 |
4.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
|
A flaw was found in the way Linux kernel KVM hypervisor before 4.18 emulated instructions such as sgdt/sidt/fxsave/fxrstor. It did not check current privilege(CPL) level while emulating unprivileged instructions. An unprivileged guest user/process could use this flaw to potentially escalate privileges inside guest. |
|
11754 |
CVE-2018-10852 |
200 |
|
+Info |
2018-06-26 |
2019-10-09 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
The UNIX pipe which sudo uses to contact SSSD and read the available sudo rules from SSSD has too wide permissions, which means that anyone who can send a message using the same raw protocol that sudo and SSSD use can read the sudo rules available for any user. This affects versions of SSSD before 1.16.3. |
|
11755 |
CVE-2018-10851 |
772 |
|
DoS |
2018-11-29 |
2019-10-09 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
PowerDNS Authoritative Server 3.3.0 up to 4.1.4 excluding 4.1.5 and 4.0.6, and PowerDNS Recursor 3.2 up to 4.1.4 excluding 4.1.5 and 4.0.9, are vulnerable to a memory leak while parsing malformed records that can lead to remote denial of service. |
|
11756 |
CVE-2018-10847 |
287 |
|
Bypass |
2018-07-30 |
2019-10-09 |
6.5 |
None |
Remote |
Low |
Single system |
Partial |
Partial |
Partial |
|
prosody before versions 0.10.2, 0.9.14 is vulnerable to an Authentication Bypass. Prosody did not verify that the virtual host associated with a user session remained the same across stream restarts. A user may authenticate to XMPP host A and migrate their authenticated session to XMPP host B of the same Prosody instance. |
|
11757 |
CVE-2018-10846 |
327 |
|
|
2018-08-22 |
2019-10-02 |
1.9 |
None |
Local |
Medium |
Not required |
Partial |
None |
None |
|
A cache-based side channel in GnuTLS implementation that leads to plain text recovery in cross-VM attack setting was found. An attacker could use a combination of "Just in Time" Prime+probe attack in combination with Lucky-13 attack to recover plain text using crafted packets. |
|
11758 |
CVE-2018-10845 |
327 |
|
|
2018-08-22 |
2019-10-02 |
4.3 |
None |
Remote |
Medium |
Not required |
Partial |
None |
None |
|
It was found that the GnuTLS implementation of HMAC-SHA-384 was vulnerable to a Lucky thirteen style attack. Remote attackers could use this flaw to conduct distinguishing attacks and plain text recovery attacks via statistical analysis of timing data using crafted packets. |
|
11759 |
CVE-2018-10844 |
327 |
|
|
2018-08-22 |
2019-10-02 |
4.3 |
None |
Remote |
Medium |
Not required |
Partial |
None |
None |
|
It was found that the GnuTLS implementation of HMAC-SHA-256 was vulnerable to a Lucky thirteen style attack. Remote attackers could use this flaw to conduct distinguishing attacks and plaintext-recovery attacks via statistical analysis of timing data using crafted packets. |
|
11760 |
CVE-2018-10842 |
835 |
|
DoS |
2018-08-13 |
2019-10-09 |
4.0 |
None |
Remote |
Low |
Single system |
None |
None |
Partial |
|
It was found that an authenticated user could manipulate user session information to trigger an infinite loop in keycloak. A malicious user could use this flaw to conduct a denial of service attack against the server. |
|
11761 |
CVE-2018-10841 |
|
|
|
2018-06-20 |
2019-10-02 |
6.5 |
None |
Remote |
Low |
Single system |
Partial |
Partial |
Partial |
|
glusterfs is vulnerable to privilege escalation on gluster server nodes. An authenticated gluster client via TLS could use gluster cli with --remote-host command to add it self to trusted storage pool and perform privileged gluster operations like adding other machines to trusted storage pool, start, stop, and delete volumes. |
|
11762 |
CVE-2018-10839 |
190 |
|
Overflow |
2018-10-16 |
2019-09-24 |
4.0 |
None |
Remote |
Low |
Single system |
None |
None |
Partial |
|
Qemu emulator <= 3.0.0 built with the NE2000 NIC emulation support is vulnerable to an integer overflow, which could lead to buffer overflow issue. It could occur when receiving packets over the network. A user inside guest could use this flaw to crash the Qemu process resulting in DoS. |
|
11763 |
CVE-2018-10832 |
611 |
|
|
2018-05-11 |
2018-06-13 |
4.3 |
None |
Remote |
Medium |
Not required |
Partial |
None |
None |
|
ModbusPal 1.6b is vulnerable to an XML External Entity (XXE) attack. Projects are saved as .xmpp files and automations can be exported as .xmpa files, both XML-based, which are vulnerable to XXE injection. Sending a crafted .xmpp or .xmpa file to a user, when opened/imported in ModbusPal, will return the contents of any local files to a remote attacker. |
|
11764 |
CVE-2018-10831 |
327 |
|
Bypass |
2018-05-09 |
2018-06-18 |
5.0 |
None |
Remote |
Low |
Not required |
None |
Partial |
None |
|
Z-NOMP before 2018-04-05 has an incorrect Equihash solution verifier that allows attackers to spoof mining shares, as demonstrated by providing a solution with {x1=1,x2=1,x3=1,...,x512=1} to bypass this verifier for any blockheader. This originally affected (for example) the Bitcoin Gold and Zcash cryptocurrencies, and continued to be exploited in the wild in May 2018 against smaller cryptocurrencies. |
|
11765 |
CVE-2018-10830 |
20 |
|
DoS |
2018-05-09 |
2018-06-13 |
6.1 |
None |
Local |
Low |
Not required |
Partial |
Partial |
Complete |
|
In 2345 Security Guard 3.7, the driver file (2345BdPcSafe.sys, X64 version) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x002220e0. |
|
11766 |
CVE-2018-10828 |
20 |
|
DoS |
2018-05-09 |
2019-06-25 |
2.1 |
None |
Local |
Low |
Not required |
None |
None |
Partial |
|
An issue was discovered in Alps Pointing-device Driver 10.1.101.207. ApMsgFwd.exe allows the current user to map and write to the "ApMsgFwd File Mapping Object" section. ApMsgFwd.exe uses the data written to this section as arguments to functions. This causes a denial of service condition when invalid pointers are written to the mapped section. This driver has been used with Dell, ThinkPad, and VAIO devices. |
|
11767 |
CVE-2018-10827 |
400 |
|
DoS |
2018-05-09 |
2018-06-12 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
LiteCart before 2.1.2 allows remote attackers to cause a denial of service (memory consumption) via URIs that do not exist, because public_html/logs/not_found.log grows without bound, and is loaded into memory for each request. |
|
11768 |
CVE-2018-10825 |
287 |
|
|
2018-05-15 |
2019-10-02 |
2.9 |
None |
Local Network |
Medium |
Not required |
None |
Partial |
None |
|
Mimo Baby 2 devices do not use authentication or encryption for the Bluetooth Low Energy (BLE) communication from a Turtle to a Lilypad, which allows attackers to inject fake information about the position and temperature of a baby via a replay or spoofing attack. |
|
11769 |
CVE-2018-10824 |
22 |
|
Dir. Trav. |
2018-10-17 |
2019-10-02 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
An issue was discovered on D-Link DWR-116 through 1.06, DIR-140L through 1.02, DIR-640L through 1.02, DWR-512 through 2.02, DWR-712 through 2.02, DWR-912 through 2.02, DWR-921 through 2.02, and DWR-111 through 1.01 devices. The administrative password is stored in plaintext in the /tmp/csman/0 file. An attacker having a directory traversal (or LFI) can easily get full router access. |
|
11770 |
CVE-2018-10822 |
22 |
|
Dir. Trav. |
2018-10-17 |
2019-01-23 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
Directory traversal vulnerability in the web interface on D-Link DWR-116 through 1.06, DIR-140L through 1.02, DIR-640L through 1.02, DWR-512 through 2.02, DWR-712 through 2.02, DWR-912 through 2.02, DWR-921 through 2.02, and DWR-111 through 1.01 devices allows remote attackers to read arbitrary files via a /.. or // after "GET /uir" in an HTTP request. NOTE: this vulnerability exists because of an incorrect fix for CVE-2017-6190. |
|
11771 |
CVE-2018-10821 |
79 |
|
XSS |
2018-06-14 |
2018-08-09 |
3.5 |
None |
Remote |
Medium |
Single system |
None |
Partial |
None |
|
Cross-site scripting (XSS) vulnerability in backend/pages/modify.php in BlackCatCMS 1.3 allows remote authenticated users with the Admin role to inject arbitrary web script or HTML via the search panel. |
|
11772 |
CVE-2018-10817 |
79 |
|
XSS |
2018-05-08 |
2018-06-13 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
Severalnines ClusterControl before 1.6.0-4699 allows XSS. |
|
11773 |
CVE-2018-10815 |
200 |
|
+Info |
2019-05-24 |
2019-05-28 |
4.0 |
None |
Remote |
Low |
Single system |
Partial |
None |
None |
|
An issue was discovered in Cloudera Manager before 5.13.4, 5.14.x before 5.14.4, and 5.15.x before 5.15.1. A read-only user can access sensitive cluster information. |
|
11774 |
CVE-2018-10814 |
522 |
|
|
2018-09-14 |
2019-10-02 |
2.1 |
None |
Local |
Low |
Not required |
Partial |
None |
None |
|
Synametrics SynaMan 4.0 build 1488 uses cleartext password storage for SMTP credentials. |
|
11775 |
CVE-2018-10812 |
312 |
|
|
2018-05-08 |
2019-10-02 |
1.9 |
None |
Local |
Medium |
Not required |
Partial |
None |
None |
|
The Bitpie application through 3.2.4 for Android and iOS uses cleartext storage for digital currency initial keys, which allows local users to steal currency by leveraging root access to read /com.biepie/shared_prefs/com.bitpie_preferences.xml (on Android) or a plist file in the app data folder (on iOS). |
|
11776 |
CVE-2018-10811 |
665 |
|
DoS |
2018-06-19 |
2018-11-27 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
strongSwan 5.6.0 and older allows Remote Denial of Service because of Missing Initialization of a Variable. |
|
11777 |
CVE-2018-10810 |
79 |
|
XSS |
2018-05-16 |
2018-06-19 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
chat/mobile/index.php in LiveZilla Live Chat 7.0.9.5 and prior is affected by Cross-Site Scripting via the Accept-Language HTTP header. |
|
11778 |
CVE-2018-10809 |
20 |
|
DoS |
2018-05-08 |
2018-06-13 |
6.1 |
None |
Local |
Low |
Not required |
Partial |
Partial |
Complete |
|
In 2345 Security Guard 3.7, the driver file (2345NetFirewall.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x00222040. NOTE: this vulnerability exists because of an incomplete fix for CVE-2018-8873. |
|
11779 |
CVE-2018-10806 |
79 |
|
XSS CSRF |
2018-05-08 |
2018-06-13 |
3.5 |
None |
Remote |
Medium |
Single system |
None |
Partial |
None |
|
An issue was discovered in Frog CMS 0.9.5. There is a reflected Cross Site Scripting Vulnerability via the file[current_name] parameter to the admin/?/plugin/file_manager/rename URI. This can be used in conjunction with CSRF. |
|
11780 |
CVE-2018-10805 |
772 |
|
|
2018-05-08 |
2019-10-02 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
ImageMagick version 7.0.7-28 contains a memory leak in ReadYCBCRImage in coders/ycbcr.c. |
|
11781 |
CVE-2018-10804 |
772 |
|
|
2018-05-08 |
2019-10-02 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
ImageMagick version 7.0.7-28 contains a memory leak in WriteTIFFImage in coders/tiff.c. |
|
11782 |
CVE-2018-10803 |
79 |
|
XSS CSRF |
2018-05-10 |
2018-06-13 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
Cross-site scripting (XSS) vulnerability in the add credentials functionality in Zoho ManageEngine NetFlow Analyzer v12.3 before 12.3.125 (build 123125) allows remote attackers to inject arbitrary web script or HTML via a crafted description value. This can be exploited through CSRF. |
|
11783 |
CVE-2018-10801 |
772 |
|
|
2018-05-08 |
2019-10-02 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
TIFFClientOpen in tif_unix.c in LibTIFF 3.8.2 has memory leaks, as demonstrated by bmp2tiff. |
|
11784 |
CVE-2018-10799 |
20 |
|
|
2018-05-08 |
2018-06-13 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
A hang issue was discovered in Brave before 0.14.0 (on, for example, Linux). This vulnerability is caused by the mishandling of a long URL formed by window.location+='?\u202a\uFEFF\u202b'; concatenation in a SCRIPT element. |
|
11785 |
CVE-2018-10798 |
20 |
|
|
2018-05-08 |
2018-06-13 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
A hang issue was discovered in Brave before 0.14.0 (on, for example, Linux). The vulnerability is caused by mishandling of JavaScript code that triggers the reload of a page continuously with an interval of 1 second. |
|
11786 |
CVE-2018-10796 |
20 |
|
DoS |
2018-05-08 |
2018-06-13 |
6.1 |
None |
Local |
Low |
Not required |
Partial |
Partial |
Complete |
|
In 2345 Security Guard 3.7, the driver file (2345NetFirewall.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x00222014. |
|
11787 |
CVE-2018-10795 |
434 |
|
|
2018-05-07 |
2018-06-13 |
6.5 |
None |
Remote |
Low |
Single system |
Partial |
Partial |
Partial |
|
** DISPUTED ** Liferay 6.2.x and before has an FCKeditor configuration that allows an attacker to upload or transfer files of dangerous types that can be automatically processed within the product's environment via a browser/liferay/browser.html?Type= or html/js/editor/fckeditor/editor/filemanager/browser/liferay/browser.html URI. NOTE: the vendor disputes this issue because file upload is an expected feature, subject to Role Based Access Control checks where only authenticated users with proper permissions can upload files. |
|
11788 |
CVE-2018-10780 |
125 |
|
|
2018-05-07 |
2019-10-02 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
Exiv2::Image::byteSwap2 in image.cpp in Exiv2 0.26 has a heap-based buffer over-read. |
|
11789 |
CVE-2018-10779 |
125 |
|
|
2018-05-07 |
2019-10-02 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
TIFFWriteScanline in tif_write.c in LibTIFF 3.8.2 has a heap-based buffer over-read, as demonstrated by bmp2tiff. |
|
11790 |
CVE-2018-10778 |
125 |
|
DoS |
2018-05-07 |
2018-06-12 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
Read access violation in the III_dequantize_sample function in mpglibDBL/layer3.c in mp3gain through 1.5.2-r2 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact, a different vulnerability than CVE-2017-9872 and CVE-2017-14409. |
|
11791 |
CVE-2018-10777 |
119 |
|
DoS Overflow |
2018-05-07 |
2018-06-12 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
Buffer overflow in the WriteMP3GainAPETag function in apetag.c in mp3gain through 1.5.2-r2 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact. |
|
11792 |
CVE-2018-10776 |
20 |
|
DoS |
2018-05-07 |
2018-06-12 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
The getbits function in mpglibDBL/common.c in mp3gain through 1.5.2-r2 allows remote attackers to cause a denial of service (segmentation fault and application crash) or possibly have unspecified other impact. |
|
11793 |
CVE-2018-10775 |
476 |
|
DoS |
2018-05-07 |
2018-06-13 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
NULL pointer dereference in the _fields_add function in fields.c in libbibcore.a in bibutils through 6.2 allows remote attackers to cause a denial of service (application crash), as demonstrated by end2xml. |
|
11794 |
CVE-2018-10774 |
119 |
|
DoS Overflow |
2018-05-07 |
2018-06-13 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
Read access violation in the isiin_keyword function in isiin.c in libbibutils.a in bibutils through 6.2 allows remote attackers to cause a denial of service (application crash), as demonstrated by isi2xml. |
|
11795 |
CVE-2018-10773 |
476 |
|
DoS |
2018-05-07 |
2018-06-13 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
NULL pointer deference in the addsn function in serialno.c in libbibcore.a in bibutils through 6.2 allows remote attackers to cause a denial of service (application crash), as demonstrated by copac2xml. |
|
11796 |
CVE-2018-10772 |
119 |
|
DoS Overflow |
2018-05-06 |
2019-08-06 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
The tEXtToDataBuf function in pngimage.cpp in Exiv2 through 0.26 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted file. |
|
11797 |
CVE-2018-10770 |
200 |
|
+Info |
2018-05-09 |
2018-06-14 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
download.rsp on ShenZhen Anni "5 in 1 XVR" devices allows remote attackers to download the configuration (without a login) to discover the password. |
|
11798 |
CVE-2018-10769 |
|
|
|
2018-08-10 |
2019-10-02 |
5.0 |
None |
Remote |
Low |
Not required |
None |
Partial |
None |
|
The transferProxy and approveProxy functions of a smart contract implementation for SmartMesh (SMT), an Ethereum ERC20 token, allow attackers to accomplish an unauthorized transfer of digital assets because replay attacks can occur with the same-named functions (with the same signatures) in other tokens: First (FST), GG Token (GG), M2C Mesh Network (MTC), M2C Mesh Network (mesh), and UG Token (UGT). |
|
11799 |
CVE-2018-10768 |
476 |
|
DoS |
2018-05-06 |
2019-04-25 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
There is a NULL pointer dereference in the AnnotPath::getCoordsLength function in Annot.h in an Ubuntu package for Poppler 0.24.5. A crafted input will lead to a remote denial of service attack. Later Ubuntu packages such as for Poppler 0.41.0 are not affected. |
|
11800 |
CVE-2018-10767 |
125 |
|
DoS |
2018-05-06 |
2019-10-02 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
There is a stack-based buffer over-read in calling GLib in the function gxps_images_guess_content_type of gxps-images.c in libgxps through 0.3.0 because it does not reject negative return values from a g_input_stream_read call. A crafted input will lead to a remote denial of service attack. |
