CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities (CVSS score between 9 and 10)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1301 CVE-2018-9491 190 Exec Code Overflow 2018-10-02 2018-12-28
9.3
None Remote Medium Not required Complete Complete Complete
In AMediaCodecCryptoInfo_new of NdkMediaCodec.cpp, there is a possible out-of-bounds write due to an integer overflow. This could lead to remote code execution in external apps with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android Versions: Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android-9.0 Android ID: A-111603051
1302 CVE-2018-9490 704 Exec Code 2018-10-02 2018-12-28
9.3
None Remote Medium Not required Complete Complete Complete
In CollectValuesOrEntriesImpl of elements.cc, there is possible remote code execution due to type confusion. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android. Versions: Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android-9.0 Android ID: A-111274046
1303 CVE-2018-9476 416 2018-10-02 2018-12-28
10.0
None Remote Low Not required Complete Complete Complete
In avrc_pars_browsing_cmd of avrc_pars_tg.cc, there is a possible use-after-free due to improper locking. This could lead to remote escalation of privilege in the Bluetooth service with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-8.0 Android-8.1 Android ID: A-109699112
1304 CVE-2018-9473 190 Exec Code Overflow 2018-10-02 2018-12-28
9.3
None Remote Medium Not required Complete Complete Complete
In ihevcd_parse_sei_payload of ihevcd_parse_headers.c, there is a possible out-of-bounds write due to an integer overflow. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android Versions: Android-8.0 Android ID: A-65484460
1305 CVE-2018-9450 787 Exec Code 2018-11-06 2018-12-12
9.0
None Remote Low Single system Complete Complete Complete
In avrc_proc_vendor_command of avrc_api.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-6.0 Android-6.0.1 Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android ID: A-79541338.
1306 CVE-2018-9446 787 Exec Code Mem. Corr. 2018-11-06 2018-12-12
10.0
None Remote Low Not required Complete Complete Complete
In smp_br_state_machine_event of smp_br_main.cc, there is a possible out of bounds write due to memory corruption. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-6.0 Android-6.0.1 Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android ID: A-80145946.
1307 CVE-2018-9427 787 Exec Code 2018-11-06 2018-12-18
9.3
None Remote Medium Not required Complete Complete Complete
In CopyToOMX of OMXNodeInstance.cpp there is a possible out-of-bounds write due to an incorrect bounds check. This could lead to remote arbitrary code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android Versions: Android-8.0 Android-8.1 Android ID: A-77486542.
1308 CVE-2018-9356 415 Exec Code 2018-11-06 2018-12-14
10.0
None Remote Low Not required Complete Complete Complete
In bnep_data_ind of bnep_main.c, there is a possible remote code execution due to a double free. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-6.0 Android-6.0.1 Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android ID: A-74950468.
1309 CVE-2018-9355 787 Exec Code 2018-11-06 2018-12-14
10.0
None Remote Low Not required Complete Complete Complete
In bta_dm_sdp_result of bta_dm_act.cc, there is a possible out of bounds stack write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-6.0 Android-6.0.1 Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android ID: A-74016921.
1310 CVE-2018-9318 693 2018-05-31 2018-06-29
10.0
None Remote Low Not required Complete Complete Complete
The Telematics Control Unit (aka Telematic Communication Box or TCB), when present on BMW vehicles produced in 2012 through 2018, allows a remote attack via a cellular network.
1311 CVE-2018-9311 693 2018-05-31 2018-06-29
10.0
None Remote Low Not required Complete Complete Complete
The Telematics Control Unit (aka Telematic Communication Box or TCB), when present on BMW vehicles produced in 2012 through 2018, allows a remote attack via a cellular network.
1312 CVE-2018-9285 78 2018-04-04 2018-05-22
10.0
None Remote Low Not required Complete Complete Complete
Main_Analysis_Content.asp in /apply.cgi on ASUS RT-AC66U, RT-AC68U, RT-AC86U, RT-AC88U, RT-AC1900, RT-AC2900, and RT-AC3100 devices before 3.0.0.4.384_10007; RT-N18U devices before 3.0.0.4.382.39935; RT-AC87U and RT-AC3200 devices before 3.0.0.4.382.50010; and RT-AC5300 devices before 3.0.0.4.384.20287 allows OS command injection via the pingCNT and destIP fields of the SystemCmd variable.
1313 CVE-2018-9284 119 Exec Code Overflow 2018-04-04 2018-05-22
10.0
None Remote Low Not required Complete Complete Complete
authentication.cgi on D-Link DIR-868L devices with Singapore StarHub firmware before v1.21SHCb03 allows remote attackers to execute arbitrary code.
1314 CVE-2018-9276 78 2018-07-02 2018-10-09
9.0
None Remote Low Single system Complete Complete Complete
An issue was discovered in PRTG Network Monitor before 18.2.39. An attacker who has access to the PRTG System Administrator web console with administrative privileges can exploit an OS command injection vulnerability (both on the server and on devices) by sending malformed parameters in sensor or notification management scenarios.
1315 CVE-2018-9245 89 Exec Code Sql Bypass 2018-04-22 2018-05-25
10.0
None Remote Low Not required Complete Complete Complete
The Ericsson-LG iPECS NMS A.1Ac login portal has a SQL injection vulnerability in the User ID and password fields that allows users to bypass the login page and execute remote code on the operating system.
1316 CVE-2018-9232 287 2018-05-01 2018-06-13
9.3
None Remote Medium Not required Complete Complete Complete
Due to the lack of firmware authentication in the upgrade process of T&W WIFI Repeater BE126 devices, an attacker can craft a malicious firmware and use it as an update.
1317 CVE-2018-9149 798 2018-04-01 2018-05-15
10.0
None Remote Low Not required Complete Complete Complete
The Zyxel Multy X (AC3000 Tri-Band WiFi System) device doesn't use a suitable mechanism to protect the UART. After an attacker dismantles the device and uses a USB-to-UART cable to connect the device, he can use the 1234 password for the root account to login to the system. Furthermore, an attacker can start the device's TELNET service as a backdoor.
1318 CVE-2018-9143 119 Exec Code Overflow 2018-03-30 2018-04-19
10.0
None Remote Low Not required Complete Complete Complete
On Samsung mobile devices with M(6.0) and N(7.x) software, a heap overflow in the sensorhub binder service leads to code execution in a privileged process, aka SVE-2017-10991.
1319 CVE-2018-9141 20 Exec Code 2018-03-30 2018-04-19
9.3
None Remote Medium Not required Complete Complete Complete
On Samsung mobile devices with L(5.x), M(6.0), and N(7.x) software, Gallery allows remote attackers to execute arbitrary code via a BMP file with a crafted resolution, aka SVE-2017-11105.
1320 CVE-2018-9139 119 Exec Code Overflow 2018-03-30 2018-04-19
10.0
None Remote Low Not required Complete Complete Complete
On Samsung mobile devices with N(7.x) software, a buffer overflow in the vision service allows code execution in a privileged process via a large frame size, aka SVE-2017-11165.
1321 CVE-2018-9113 94 Exec Code 2018-04-26 2018-06-04
9.3
None Remote Medium Not required Complete Complete Complete
Centers for Disease Control and Prevention MicrobeTRACE 0.1.12 allows remote attackers to execute arbitrary code, related to code injection via a crafted CSV file with an initial '><script type="text/javascript" src=' line.
1322 CVE-2018-9105 287 Exec Code 2018-03-27 2019-10-02
9.0
Admin Remote Low Single system Complete Complete Complete
NordVPN 3.3.10 for macOS suffers from a root privilege escalation vulnerability. The vulnerability stems from its privileged helper tool's implemented XPC service. This XPC service is responsible for receiving and processing new OpenVPN connection requests from the main application. Unfortunately this XPC service is not protected, which allows arbitrary applications to connect and send it XPC messages. An attacker can send a crafted XPC message to the privileged helper tool requesting it make a new OpenVPN connection. Because he or she controls the contents of the XPC message, the attacker can specify the location of the openvpn executable, which could point to something malicious they control located on disk. Without validation of the openvpn executable, this will give the attacker code execution in the context of the privileged helper tool.
1323 CVE-2018-9091 Exec Code +Priv Bypass 2018-05-25 2019-10-02
10.0
None Remote Low Not required Complete Complete Complete
A critical vulnerability in the KEMP LoadMaster Operating System (LMOS) 6.0.44 through 7.2.41.2 and Long Term Support (LTS) LMOS before 7.1.35.5 related to Session Management could allow an unauthenticated, remote attacker to bypass security protections, gain system privileges, and execute elevated commands such as ls, ps, cat, etc., thereby compromising the system. Through this remote execution, in certain cases, exposure of sensitive system data such as certificates, private keys, and other information may be possible.
1324 CVE-2018-9083 798 2018-11-27 2019-10-02
9.3
None Remote Medium Not required Complete Complete Complete
In System Management Module (SMM) versions prior to 1.06, the SMM contains weak default root credentials which could be used to log in to the device OS -- if the attacker manages to enable SSH or Telnet connections via some other vulnerability.
1325 CVE-2018-9077 78 Exec Code 2018-09-28 2019-10-02
9.3
None Remote Medium Not required Complete Complete Complete
For some Iomega, Lenovo, LenovoEMC NAS devices versions 4.1.402.34662 and earlier, when changing the name of a share, an attacker can craft a command injection payload using backtick "``" characters in the share : name parameter. As a result, arbitrary commands may be executed as the root user. The attack requires a value __c and iomega parameter.
1326 CVE-2018-9076 78 Exec Code 2018-09-28 2019-10-02
9.3
None Remote Medium Not required Complete Complete Complete
For some Iomega, Lenovo, LenovoEMC NAS devices versions 4.1.402.34662 and earlier, when changing the name of a share, an attacker can craft a command injection payload using backtick "``" characters in the name parameter. As a result, arbitrary commands may be executed as the root user. The attack requires a value __c and iomega parameter.
1327 CVE-2018-9075 78 Exec Code 2018-09-28 2019-10-02
9.3
None Remote Medium Not required Complete Complete Complete
For some Iomega, Lenovo, LenovoEMC NAS devices versions 4.1.402.34662 and earlier, when joining a PersonalCloud setup, an attacker can craft a command injection payload using backtick "``" characters in the client:password parameter. As a result, arbitrary commands may be executed as the root user. The attack requires a value __c and iomega parameter.
1328 CVE-2018-9066 20 Exec Code 2018-07-30 2019-10-02
9.0
None Remote Low Single system Complete Complete Complete
In Lenovo xClarity Administrator versions earlier than 2.1.0, an authenticated LXCA user can, under specific circumstances, inject additional parameters into a specific web API call which can result in privileged command execution within LXCA's underlying operating system.
1329 CVE-2018-9023 20 Exec Code Bypass 2018-06-18 2018-08-09
9.0
None Remote Low Single system Complete Complete Complete
An input validation vulnerability in CA Privileged Access Manager 2.x allows unprivileged users to execute arbitrary commands by passing specially crafted arguments to the update_crld script.
1330 CVE-2018-8974 94 Exec Code 2018-04-26 2018-06-04
9.3
None Remote Medium Not required Complete Complete Complete
Centers for Disease Control and Prevention MicrobeTRACE 0.1.11 allows remote attackers to execute arbitrary code, related to code injection via a crafted CSV file with an initial 'Source<script type="text/javascript" src=' line.
1331 CVE-2018-8941 119 Exec Code Overflow 2018-04-03 2018-05-21
9.0
None Remote Low Single system Complete Complete Complete
Diagnostics functionality on D-Link DSL-3782 devices with firmware EU v. 1.01 has a buffer overflow, allowing authenticated remote attackers to execute arbitrary code via a long Addr value to the 'set Diagnostics_Entry' function in an HTTP request, related to /userfs/bin/tcapi.
1332 CVE-2018-8936 2018-03-22 2019-10-02
9.3
None Remote Medium Not required Complete Complete Complete
The AMD EPYC Server, Ryzen, Ryzen Pro, and Ryzen Mobile processor chips allow Platform Security Processor (PSP) privilege escalation.
1333 CVE-2018-8935 2018-03-22 2019-10-02
9.3
None Remote Medium Not required Complete Complete Complete
The Promontory chipset, as used in AMD Ryzen and Ryzen Pro platforms, has a backdoor in the ASIC, aka CHIMERA-HW.
1334 CVE-2018-8934 2018-03-22 2019-10-02
9.3
None Remote Medium Not required Complete Complete Complete
The Promontory chipset, as used in AMD Ryzen and Ryzen Pro platforms, has a backdoor in firmware, aka CHIMERA-FW.
1335 CVE-2018-8933 732 2018-03-22 2019-10-02
9.3
None Remote Medium Not required Complete Complete Complete
The AMD EPYC Server processor chips have insufficient access control for protected memory regions, aka FALLOUT-1, FALLOUT-2, and FALLOUT-3.
1336 CVE-2018-8932 732 2018-03-22 2019-10-02
9.3
None Remote Medium Not required Complete Complete Complete
The AMD Ryzen and Ryzen Pro processor chips have insufficient access control for the Secure Processor, aka RYZENFALL-2, RYZENFALL-3, and RYZENFALL-4.
1337 CVE-2018-8931 732 2018-03-22 2019-10-02
9.3
None Remote Medium Not required Complete Complete Complete
The AMD Ryzen, Ryzen Pro, and Ryzen Mobile processor chips have insufficient access control for the Secure Processor, aka RYZENFALL-1.
1338 CVE-2018-8930 20 2018-03-22 2018-05-09
9.3
None Remote Medium Not required Complete Complete Complete
The AMD EPYC Server, Ryzen, Ryzen Pro, and Ryzen Mobile processor chips have insufficient enforcement of Hardware Validated Boot, aka MASTERKEY-1, MASTERKEY-2, and MASTERKEY-3.
1339 CVE-2018-8872 119 Overflow 2018-05-04 2019-10-09
9.3
None Remote Medium Not required Complete Complete Complete
In Schneider Electric Triconex Tricon MP model 3008 firmware versions 10.0-10.4, system calls read directly from memory addresses within the control program area without any verification. Manipulating this data could allow attacker data to be copied anywhere within memory.
1340 CVE-2018-8869 20 2018-05-04 2019-10-09
10.0
None Remote Low Not required Complete Complete Complete
In Lantech IDS 2102 2.0 and prior, nearly all input fields allow for arbitrary input on the device. A CVSS v3 base score of 9.8 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).
1341 CVE-2018-8865 119 Exec Code Overflow 2018-05-04 2019-10-09
10.0
None Remote Low Not required Complete Complete Complete
In Lantech IDS 2102 2.0 and prior, a stack-based buffer overflow vulnerability has been identified which may allow remote code execution. A CVSS v3 base score of 9.8 has been calculated; the CVSS vector string is (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).
1342 CVE-2018-8840 119 Exec Code Overflow 2018-04-18 2019-10-09
10.0
None Remote Low Not required Complete Complete Complete
A remote attacker could send a carefully crafted packet in InduSoft Web Studio v8.1 and prior versions, and/or InTouch Machine Edition 2017 v8.1 and prior versions during a tag, alarm, or event related action such as read and write, which may allow remote code execution.
1343 CVE-2018-8739 Exec Code 2018-03-16 2019-10-02
10.0
None Remote Low Not required Complete Complete Complete
VPN Unlimited 4.2.0 for macOS suffers from a root privilege escalation vulnerability in its privileged helper tool. The privileged helper tool implements an XPC interface, which allows arbitrary applications to execute system commands as root.
1344 CVE-2018-8736 2018-04-17 2019-10-02
9.0
None Remote Low Single system Complete Complete Complete
A privilege escalation vulnerability in Nagios XI 5.2.x through 5.4.x before 5.4.13 allows an attacker to leverage an RCE vulnerability escalating to root.
1345 CVE-2018-8735 78 Exec Code 2018-04-17 2018-07-04
9.0
None Remote Low Single system Complete Complete Complete
Remote command execution (RCE) vulnerability in Nagios XI 5.2.x through 5.4.x before 5.4.13 allows an attacker to execute arbitrary commands on the target system, aka OS command injection.
1346 CVE-2018-8636 119 Exec Code Overflow 2018-12-11 2019-01-03
9.3
None Remote Medium Not required Complete Complete Complete
A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory, aka "Microsoft Excel Remote Code Execution Vulnerability." This affects Office 365 ProPlus, Microsoft Office, Microsoft Excel. This CVE ID is unique from CVE-2018-8597.
1347 CVE-2018-8634 119 Exec Code Overflow 2018-12-11 2019-01-03
9.3
None Remote Medium Not required Complete Complete Complete
A remote code execution vulnerability exists in Windows where Microsoft text-to-speech fails to properly handle objects in the memory, aka "Microsoft Text-To-Speech Remote Code Execution Vulnerability." This affects Windows Server 2016, Windows 10, Windows Server 2019, Windows 10 Servers.
1348 CVE-2018-8628 119 Exec Code Overflow 2018-12-11 2019-01-03
9.3
None Remote Medium Not required Complete Complete Complete
A remote code execution vulnerability exists in Microsoft PowerPoint software when the software fails to properly handle objects in memory, aka "Microsoft PowerPoint Remote Code Execution Vulnerability." This affects Microsoft Office, Office 365 ProPlus, Microsoft PowerPoint, Microsoft SharePoint, Microsoft PowerPoint Viewer, Office Online Server, Microsoft SharePoint Server.
1349 CVE-2018-8626 119 Exec Code Overflow 2018-12-11 2019-05-08
10.0
None Remote Low Not required Complete Complete Complete
A remote code execution vulnerability exists in Windows Domain Name System (DNS) servers when they fail to properly handle requests, aka "Windows DNS Server Heap Overflow Vulnerability." This affects Windows Server 2012 R2, Windows Server 2019, Windows Server 2016, Windows 10, Windows 10 Servers.
1350 CVE-2018-8597 119 Exec Code Overflow 2018-12-11 2019-01-03
9.3
None Remote Medium Not required Complete Complete Complete
A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory, aka "Microsoft Excel Remote Code Execution Vulnerability." This affects Office 365 ProPlus, Microsoft Office, Microsoft Excel. This CVE ID is unique from CVE-2018-8636.
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.