CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities (CVSS score between 9 and 10)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1151 CVE-2018-7121 287 Exec Code 2019-06-05 2019-06-06
10.0
None Remote Low Not required Complete Complete Complete
A remote code execution vulnerability was identified in HPE Intelligent Management Center (IMC) PLAT earlier than version 7.3 E0506P09.
1152 CVE-2018-7114 119 Exec Code Overflow 2018-12-03 2018-12-29
10.0
None Remote Low Not required Complete Complete Complete
HPE Intelligent Management Center (IMC) prior to IMC PLAT 7.3 (E0605P06) is vulnerable to remote buffer overflow in dbman leading to code execution. This problem is resolved in IMC PLAT 7.3 (E0605P06) or subsequent versions.
1153 CVE-2018-7105 254 Exec Code 2018-09-27 2018-12-19
9.0
None Remote Low Single system Complete Complete Complete
A security vulnerability in HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers prior to v1.35, HPE Integrated Lights-Out 4 (iLO 4) prior to v2.61, HPE Integrated Lights-Out 3 (iLO 3) prior to v1.90 could be remotely exploited to execute arbitrary code leading to disclosure of information.
1154 CVE-2018-7104 20 Exec Code 2018-09-27 2018-11-16
10.0
None Remote Low Not required Complete Complete Complete
A Remote Code Execution vulnerability was identified in HPE Intelligent Management Center (iMC) Wireless Services Manager Software earlier than version IMC WSM 7.3 E0506P02.
1155 CVE-2018-7103 20 Exec Code 2018-09-27 2018-11-16
10.0
None Remote Low Not required Complete Complete Complete
A Remote Code Execution vulnerability was identified in HPE Intelligent Management Center (iMC) Wireless Services Manager Software earlier than version IMC WSM 7.3 E0506P02.
1156 CVE-2018-7084 77 Exec Code 2019-05-10 2019-05-20
10.0
None Remote Low Not required Complete Complete Complete
A command injection vulnerability is present that permits an unauthenticated user with access to the Aruba Instant web interface to execute arbitrary system commands within the underlying operating system. An attacker could use this ability to copy files, read configuration, write files, delete files, or reboot the device. Workaround: Block access to the Aruba Instant web interface from all untrusted users. Resolution: Fixed in Aruba Instant 4.2.4.12, 6.5.4.11, 8.3.0.6, and 8.4.0.1
1157 CVE-2018-7082 77 Exec Code 2019-05-10 2019-05-20
9.0
None Remote Low Single system Complete Complete Complete
A command injection vulnerability is present in Aruba Instant that permits an authenticated administrative user to execute arbitrary commands on the underlying operating system. A malicious administrator could use this ability to install backdoors or change system configuration in a way that would not be logged. Workaround: None. Resolution: Fixed in Aruba Instant 4.2.4.12, 6.5.4.11, 8.3.0.6, and 8.4.0.0
1158 CVE-2018-7078 Exec Code 2018-08-06 2018-10-05
9.0
None Remote Low Single system Complete Complete Complete
A remote code execution was identified in HPE Integrated Lights-Out 4 (iLO 4) earlier than version v2.60 and HPE Integrated Lights-Out 5 (iLO 5) earlier than version v1.30.
1159 CVE-2018-7076 287 Exec Code 2018-10-17 2018-12-03
10.0
None Remote Low Not required Complete Complete Complete
A remote code execution vulnerability was identified in HPE Intelligent Management Center (iMC) prior to iMC PLAT 7.3 E0605P04.
1160 CVE-2018-7066 77 Exec Code 2018-12-07 2019-01-18
9.3
None Remote Medium Not required Complete Complete Complete
An unauthenticated remote command execution exists in Aruba ClearPass Policy Manager on linked devices. The ClearPass OnConnect feature permits administrators to link other network devices into ClearPass for the purpose of collecting enhanced information about connected endpoints. A defect in the API could allow a remote attacker to execute arbitrary commands on one of the linked devices. This vulnerability is only applicable if credentials for devices have been supplied to ClearPass under Configuration -> Network -> Devices -> CLI Settings. Resolution: Fixed in 6.7.5 and 6.6.10-hotfix.
1161 CVE-2018-7058 287 +Priv Bypass 2018-08-06 2018-10-18
10.0
None Remote Low Not required Complete Complete Complete
Aruba ClearPass, all versions of 6.6.x prior to 6.6.9 are affected by an authentication bypass vulnerability, an attacker can leverage this vulnerability to gain administrator privileges on the system. The vulnerability is exposed only on ClearPass web interfaces, including administrative, guest captive portal, and API. Customers who do not expose ClearPass web interfaces to untrusted users are impacted to a lesser extent.
1162 CVE-2018-7046 78 Exec Code 2018-02-20 2018-10-09
9.0
None Remote Low Single system Complete Complete Complete
** DISPUTED ** Arbitrary code execution vulnerability in Kentico 9 through 11 allows remote authenticated users to execute arbitrary operating system commands in a dynamic .NET code evaluation context via C# code in a "Pages -> Edit -> Template -> Edit template properties -> Layout" box. NOTE: the vendor has responded that there is intended functionality for authorized users to edit and update ascx code layout.
1163 CVE-2018-6926 78 2018-02-12 2018-03-16
9.0
None Remote Low Single system Complete Complete Complete
In app/Controller/ServersController.php in MISP 2.4.87, a server setting permitted the override of a path variable on certain Red Hed Enterprise Linux and CentOS systems (where rh_shell_fix was enabled), and consequently allowed site admins to inject arbitrary OS commands. The impact is limited by the setting being only accessible to the site administrator.
1164 CVE-2018-6916 416 2018-03-09 2018-03-29
9.0
None Remote Low Not required Partial Partial Complete
In FreeBSD before 11.1-STABLE, 11.1-RELEASE-p7, 10.4-STABLE, 10.4-RELEASE-p7, and 10.3-RELEASE-p28, the kernel does not properly validate IPsec packets coming from a trusted host. Additionally, a use-after-free vulnerability exists in the IPsec AH handling code. This issue could cause a system crash or other unpredictable results.
1165 CVE-2018-6911 78 Exec Code 2018-02-13 2018-03-13
10.0
None Remote Low Not required Complete Complete Complete
The VBWinExec function in Node\AspVBObj.dll in Advantech WebAccess 8.3.0 allows remote attackers to execute arbitrary OS commands via a single argument (aka the command parameter).
1166 CVE-2018-6831 77 Exec Code 2018-07-09 2018-09-11
9.0
None Remote Low Single system Complete Complete Complete
The setSystemTime function in Foscam Cameras C1 Lite V3, and C1 V3 with firmware 2.82.2.33 and earlier, FI9800P V3, FI9803P V4, FI9851P V3, and FI9853EP V2 2.84.2.33 and earlier, FI9816P V3, FI9821EP V2, FI9821P V3, FI9826P V3, and FI9831P V3 2.81.2.33 and earlier, C1, C1 V2, C1 Lite, and C1 Lite V2 2.52.2.47 and earlier, FI9800P, FI9800P V2, FI9803P V2, FI9803P V3, and FI9851P V2 2.54.2.47 and earlier, FI9815P, FI9815P V2, FI9816P, and FI9816P V2, 2.51.2.47 and earlier, R2 and R4 2.71.1.59 and earlier, C2 and FI9961EP 2.72.1.59 and earlier, FI9900EP, FI9900P, and FI9901EP 2.74.1.59 and earlier, FI9928P 2.74.1.58 and earlier, FI9803EP and FI9853EP 2.22.2.31 and earlier, FI9803P and FI9851P 2.24.2.31 and earlier, FI9821P V2, FI9826P V2, FI9831P V2, and FI9821EP 2.21.2.31 and earlier, FI9821W V2, FI9831W, FI9826W, FI9821P, FI9831P, and FI9826P 2.11.1.120 and earlier, FI9818W V2 2.13.2.120 and earlier, FI9805W, FI9804W, FI9804P, FI9805E, and FI9805P 2.14.1.120 and earlier, FI9828P, and FI9828W 2.13.1.120 and earlier, and FI9828P V2 2.11.1.133 and earlier allows remote authenticated users to execute arbitrary commands via a ';' in the ntpServer argument. NOTE: this issue exists because of an incomplete fix for CVE-2017-2849.
1167 CVE-2018-6825 798 2018-02-09 2018-03-08
10.0
None Remote Low Not required Complete Complete Complete
An issue was discovered on VOBOT CLOCK before 0.99.30 devices. An SSH server exists with a hardcoded vobot account that has root access.
1168 CVE-2018-6823 264 2018-02-07 2018-03-13
10.0
Admin Remote Low Not required Complete Complete Complete
In the VPN client in Mailbutler Shimo before 4.1.5.1 on macOS, the com.feingeist.shimo.helper tool LaunchDaemon implements an unprotected XPC service that can be abused to execute scripts as root.
1169 CVE-2018-6822 264 Exec Code 2018-02-07 2018-03-13
10.0
Admin Remote Low Not required Complete Complete Complete
In PureVPN 6.0.1 on macOS, HelperTool LaunchDaemon implements an unprotected XPC service that can be abused to execute system commands as root.
1170 CVE-2018-6809 264 +Priv 2018-03-06 2018-03-26
10.0
None Remote Low Not required Complete Complete Complete
NetScaler ADC 10.5, 11.0, 11.1, and 12.0, and NetScaler Gateway 10.5, 11.0, 11.1, and 12.0 allow remote attackers to gain privilege on a target system.
1171 CVE-2018-6692 119 Overflow Bypass 2018-08-21 2018-10-23
10.0
None Remote Low Not required Complete Complete Complete
Stack-based Buffer Overflow vulnerability in libUPnPHndlr.so in Belkin Wemo Insight Smart Plug allows remote attackers to bypass local security protection via a crafted HTTP post packet.
1172 CVE-2018-6677 22 +Priv Dir. Trav. 2018-07-23 2018-09-20
9.0
None Remote Low Single system Complete Complete Complete
Directory Traversal vulnerability in the administrative user interface in McAfee Web Gateway (MWG) MWG 7.8.1.x allows authenticated administrator users to gain elevated privileges via unspecified vectors.
1173 CVE-2018-6651 352 Bypass 2018-02-05 2018-03-24
9.3
None Remote Medium Not required Complete Complete Complete
In the uncurl_ws_accept function in uncurl.c in uncurl before 0.07, as used in Parsec before 140-3, insufficient Origin header validation (accepting an arbitrary substring match) for WebSocket API requests allows remote attackers to bypass intended access restrictions. In Parsec, this means full control over the victim's computer.
1174 CVE-2018-6569 287 2018-02-05 2018-03-13
10.0
None Remote Low Not required Complete Complete Complete
West Wind Web Server 6.x does not require authentication for /ADMIN.ASP.
1175 CVE-2018-6547 287 2018-04-13 2018-05-21
9.4
None Remote Low Not required None Complete Complete
plays_service.exe in the plays.tv service before 1.27.7.0, as distributed in AMD driver-installation packages and Gaming Evolved products, contains an HTTP message parsing function that takes a user-defined path and writes non-user controlled data as SYSTEM to the file when the extract_files parameter is used. This occurs without properly authenticating the user.
1176 CVE-2018-6546 287 Exec Code 2018-04-13 2018-05-21
10.0
None Remote Low Not required Complete Complete Complete
plays_service.exe in the plays.tv service before 1.27.7.0, as distributed in AMD driver-installation packages and Gaming Evolved products, executes code at a user-defined (local or SMB) path as SYSTEM when the execute_installer parameter is used in an HTTP message. This occurs without properly authenticating the user.
1177 CVE-2018-6530 78 Exec Code 2018-03-06 2018-03-27
10.0
None Remote Low Not required Complete Complete Complete
OS command injection vulnerability in soap.cgi (soapcgi_main in cgibin) in D-Link DIR-880L DIR-880L_REVA_FIRMWARE_PATCH_1.08B04 and previous versions, DIR-868L DIR868LA1_FW112b04 and previous versions, DIR-65L DIR-865L_REVA_FIRMWARE_PATCH_1.08.B01 and previous versions, and DIR-860L DIR860LA1_FW110b04 and previous versions allows remote attackers to execute arbitrary OS commands via the service parameter.
1178 CVE-2018-6476 20 2018-01-31 2018-02-13
10.0
None Remote Low Not required Complete Complete Complete
In SUPERAntiSpyware Professional Trial 6.0.1254, the SASKUTIL.SYS driver allows privilege escalation to NT AUTHORITY\SYSTEM because of not validating input values from IOCtl 0x9C402114 or 0x9C402124 or 0x9C40207c.
1179 CVE-2018-6475 426 2018-01-31 2018-02-13
9.3
None Remote Medium Not required Complete Complete Complete
In SUPERAntiSpyware Professional Trial 6.0.1254, SUPERAntiSpyware.exe allows DLL hijacking, leading to Escalation of Privileges.
1180 CVE-2018-6461 426 +Priv 2018-02-05 2018-03-13
9.3
None Remote Medium Not required Complete Complete Complete
March Hare WINCVS before 2.8.01 build 6610, and CVS Suite before 2009R2 build 6610, contains an Insecure Library Loading vulnerability in the wincvs2.exe or wincvs.exe file, which may allow local users to gain privileges via a Trojan horse Python or TCL DLL file in the current working directory.
1181 CVE-2018-6444 78 Exec Code 2019-01-22 2019-06-19
10.0
None Remote Low Not required Complete Complete Complete
A Vulnerability in Brocade Network Advisor versions before 14.1.0 could allow a remote unauthenticated attacker to execute arbitray code. The vulnerability could also be exploited to execute arbitrary OS Commands.
1182 CVE-2018-6388 78 Exec Code 2018-01-29 2018-02-15
9.0
None Remote Low Single system Complete Complete Complete
iBall iB-WRA150N 1.2.6 build 110401 Rel.47776n devices allow remote authenticated users to execute arbitrary OS commands via shell metacharacters in the ping test arguments on the Diagnostics page.
1183 CVE-2018-6387 798 2018-01-29 2018-02-15
10.0
None Remote Low Not required Complete Complete Complete
iBall iB-WRA150N 1.2.6 build 110401 Rel.47776n devices have a hardcoded password of admin for the admin account, a hardcoded password of support for the support account, and a hardcoded password of user for the user account.
1184 CVE-2018-6318 426 2018-02-02 2018-02-15
9.3
None Remote Medium Not required Complete Complete Complete
In Sophos Tester Tool 3.2.0.7 Beta, the driver loads (in the context of the application used to test an exploit or ransomware) the DLL using a payload that runs from NTDLL.DLL (so, it's run in userland), but the driver doesn't perform any validation of this DLL (not its signature, not its hash, etc.). A person can change this DLL in a local way, or with a remote connection, to a malicious DLL with the same name -- and when the product is used, this malicious DLL will be loaded, aka a DLL Hijacking attack.
1185 CVE-2018-6312 310 2018-03-10 2018-04-09
9.0
None Remote Low Single system Complete Complete Complete
A privileged account with a weak default password on the Foxconn femtocell FEMTO AP-FC4064-T version AP_GT_B38_5.8.3lb15-W47 LTE Build 15 can be used to turn on the TELNET service via the web interface, which allows root login without any password. This vulnerability will lead to full system compromise and disclosure of user communications. The foxconn account with an 8-character lowercase alphabetic password can be used.
1186 CVE-2018-6298 20 Exec Code 2018-03-13 2018-04-09
10.0
None Remote Low Not required Complete Complete Complete
Remote code execution in Hanwha Techwin Smartcams
1187 CVE-2018-6292 264 Exec Code 2018-02-13 2018-03-06
10.0
Admin Remote Low Not required Complete Complete Complete
Remote Code Execution in Saperion Web Client version 7.5.2 83166.
1188 CVE-2018-6289 74 Exec Code 2018-02-06 2018-02-23
10.0
None Remote Low Not required Complete Complete Complete
Configuration file injection leading to Code Execution as Root in Kaspersky Secure Mail Gateway version 1.1.
1189 CVE-2018-6271 264 DoS 2019-02-13 2019-04-02
9.3
None Remote Medium Not required Complete Complete Complete
NVIDIA Tegra OpenMax driver (libnvomx) contains a vulnerability in which the software delivers extra data with the buffer and does not properly validated the extra data, which may lead to denial of service or escalation of privileges. Android ID: A-80198474.
1190 CVE-2018-6268 416 DoS 2019-02-13 2019-04-02
9.3
None Remote Medium Not required Complete Complete Complete
NVIDIA Tegra library contains a vulnerability in libnvmmlite_video.so, where referencing memory after it has been freed may lead to denial of service or possible escalation of privileges. Android ID: A-80433161.
1191 CVE-2018-6267 264 DoS 2019-02-13 2019-04-02
9.3
None Remote Medium Not required Complete Complete Complete
NVIDIA Tegra OpenMax driver (libnvomx) contains a vulnerability in which the software does not validate or incorrectly validates input that can affect the control flow or data flow of a program, which may lead to denial of service or escalation of privileges. Android ID: A-70857947.
1192 CVE-2018-6229 89 Exec Code Sql 2018-03-15 2018-04-04
10.0
None Remote Low Not required Complete Complete Complete
A SQL injection vulnerability in an Trend Micro Email Encryption Gateway 5.5 edit policy script could allow an attacker to execute SQL commands to upload and execute arbitrary code that may harm the target system.
1193 CVE-2018-6228 89 Exec Code Sql 2018-03-15 2018-04-04
10.0
None Remote Low Not required Complete Complete Complete
A SQL injection vulnerability in a Trend Micro Email Encryption Gateway 5.5 policy script could allow an attacker to execute SQL commands to upload and execute arbitrary code that may harm the target system.
1194 CVE-2018-6221 295 2018-03-15 2018-04-04
9.3
None Remote Medium Not required Complete Complete Complete
An unvalidated software update vulnerability in Trend Micro Email Encryption Gateway 5.5 could allow a man-in-the-middle attacker to tamper with an update file and inject their own.
1195 CVE-2018-6213 798 2018-06-20 2018-08-11
10.0
None Remote Low Not required Complete Complete Complete
In the web server on D-Link DIR-620 devices with a certain customized (by ISP) variant of firmware 1.0.3, 1.0.37, 1.3.1, 1.3.3, 1.3.7, 1.4.0, and 2.0.22, there is a hardcoded password of anonymous for the admin account.
1196 CVE-2018-6211 78 2018-06-20 2018-08-11
9.0
None Remote Low Single system Complete Complete Complete
On D-Link DIR-620 devices with a certain customized (by ISP) variant of firmware 1.0.3, 1.0.37, 1.3.1, 1.3.3, 1.3.7, 1.4.0, and 2.0.22, OS command injection is possible as a result of incorrect processing of the res_buf parameter to index.cgi.
1197 CVE-2018-6210 798 2018-06-19 2018-08-13
10.0
None Remote Low Not required Complete Complete Complete
D-Link DIR-620 devices, with a certain Rostelekom variant of firmware 1.0.37, have a hardcoded rostel account, which makes it easier for remote attackers to obtain access via a TELNET session.
1198 CVE-2018-6186 918 Exec Code +Priv 2018-02-01 2018-03-02
9.0
None Remote Low Single system Complete Complete Complete
Citrix NetScaler VPX through NS12.0 53.13.nc allows an SSRF attack via the /rapi/read_url URI by an authenticated attacker who has a webapp account. The attacker can gain access to the nsroot account, and execute remote commands with root privileges.
1199 CVE-2018-6140 20 Exec Code 2019-01-09 2019-01-16
9.3
None Remote Medium Not required Complete Complete Complete
Allowing the chrome.debugger API to attach to Web UI pages in DevTools in Google Chrome prior to 67.0.3396.62 allowed an attacker who convinced a user to install a malicious extension to execute arbitrary code via a crafted Chrome Extension.
1200 CVE-2018-6000 16 2018-01-22 2018-03-01
10.0
None Remote Low Not required Complete Complete Complete
An issue was discovered in AsusWRT before 3.0.0.4.384_10007. The do_vpnupload_post function in router/httpd/web.c in vpnupload.cgi provides functionality for setting NVRAM configuration values, which allows attackers to set the admin password and launch an SSH daemon (or enable infosvr command mode), and consequently obtain remote administrative access, via a crafted request. This is available to unauthenticated attackers in conjunction with CVE-2018-5999.
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.