CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities (CVSS score between 9 and 10)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1351 CVE-2018-7066 77 Exec Code 2018-12-07 2019-01-18
9.3
None Remote Medium Not required Complete Complete Complete
An unauthenticated remote command execution exists in Aruba ClearPass Policy Manager on linked devices. The ClearPass OnConnect feature permits administrators to link other network devices into ClearPass for the purpose of collecting enhanced information about connected endpoints. A defect in the API could allow a remote attacker to execute arbitrary commands on one of the linked devices. This vulnerability is only applicable if credentials for devices have been supplied to ClearPass under Configuration -> Network -> Devices -> CLI Settings. Resolution: Fixed in 6.7.5 and 6.6.10-hotfix.
1352 CVE-2018-7058 287 +Priv Bypass 2018-08-06 2018-10-18
10.0
None Remote Low Not required Complete Complete Complete
Aruba ClearPass, all versions of 6.6.x prior to 6.6.9 are affected by an authentication bypass vulnerability, an attacker can leverage this vulnerability to gain administrator privileges on the system. The vulnerability is exposed only on ClearPass web interfaces, including administrative, guest captive portal, and API. Customers who do not expose ClearPass web interfaces to untrusted users are impacted to a lesser extent.
1353 CVE-2018-7046 78 Exec Code 2018-02-20 2018-10-09
9.0
None Remote Low Single system Complete Complete Complete
** DISPUTED ** Arbitrary code execution vulnerability in Kentico 9 through 11 allows remote authenticated users to execute arbitrary operating system commands in a dynamic .NET code evaluation context via C# code in a "Pages -> Edit -> Template -> Edit template properties -> Layout" box. NOTE: the vendor has responded that there is intended functionality for authorized users to edit and update ascx code layout.
1354 CVE-2018-6926 78 2018-02-12 2018-03-16
9.0
None Remote Low Single system Complete Complete Complete
In app/Controller/ServersController.php in MISP 2.4.87, a server setting permitted the override of a path variable on certain Red Hed Enterprise Linux and CentOS systems (where rh_shell_fix was enabled), and consequently allowed site admins to inject arbitrary OS commands. The impact is limited by the setting being only accessible to the site administrator.
1355 CVE-2018-6916 416 2018-03-09 2018-03-29
9.0
None Remote Low Not required Partial Partial Complete
In FreeBSD before 11.1-STABLE, 11.1-RELEASE-p7, 10.4-STABLE, 10.4-RELEASE-p7, and 10.3-RELEASE-p28, the kernel does not properly validate IPsec packets coming from a trusted host. Additionally, a use-after-free vulnerability exists in the IPsec AH handling code. This issue could cause a system crash or other unpredictable results.
1356 CVE-2018-6911 78 Exec Code 2018-02-13 2019-08-02
10.0
None Remote Low Not required Complete Complete Complete
The VBWinExec function in Node\AspVBObj.dll in Advantech WebAccess 8.3.0 allows remote attackers to execute arbitrary OS commands via a single argument (aka the command parameter).
1357 CVE-2018-6831 77 Exec Code 2018-07-09 2018-09-11
9.0
None Remote Low Single system Complete Complete Complete
The setSystemTime function in Foscam Cameras C1 Lite V3, and C1 V3 with firmware 2.82.2.33 and earlier, FI9800P V3, FI9803P V4, FI9851P V3, and FI9853EP V2 2.84.2.33 and earlier, FI9816P V3, FI9821EP V2, FI9821P V3, FI9826P V3, and FI9831P V3 2.81.2.33 and earlier, C1, C1 V2, C1 Lite, and C1 Lite V2 2.52.2.47 and earlier, FI9800P, FI9800P V2, FI9803P V2, FI9803P V3, and FI9851P V2 2.54.2.47 and earlier, FI9815P, FI9815P V2, FI9816P, and FI9816P V2, 2.51.2.47 and earlier, R2 and R4 2.71.1.59 and earlier, C2 and FI9961EP 2.72.1.59 and earlier, FI9900EP, FI9900P, and FI9901EP 2.74.1.59 and earlier, FI9928P 2.74.1.58 and earlier, FI9803EP and FI9853EP 2.22.2.31 and earlier, FI9803P and FI9851P 2.24.2.31 and earlier, FI9821P V2, FI9826P V2, FI9831P V2, and FI9821EP 2.21.2.31 and earlier, FI9821W V2, FI9831W, FI9826W, FI9821P, FI9831P, and FI9826P 2.11.1.120 and earlier, FI9818W V2 2.13.2.120 and earlier, FI9805W, FI9804W, FI9804P, FI9805E, and FI9805P 2.14.1.120 and earlier, FI9828P, and FI9828W 2.13.1.120 and earlier, and FI9828P V2 2.11.1.133 and earlier allows remote authenticated users to execute arbitrary commands via a ';' in the ntpServer argument. NOTE: this issue exists because of an incomplete fix for CVE-2017-2849.
1358 CVE-2018-6825 798 2018-02-09 2018-03-08
10.0
None Remote Low Not required Complete Complete Complete
An issue was discovered on VOBOT CLOCK before 0.99.30 devices. An SSH server exists with a hardcoded vobot account that has root access.
1359 CVE-2018-6823 264 2018-02-07 2018-03-13
10.0
Admin Remote Low Not required Complete Complete Complete
In the VPN client in Mailbutler Shimo before 4.1.5.1 on macOS, the com.feingeist.shimo.helper tool LaunchDaemon implements an unprotected XPC service that can be abused to execute scripts as root.
1360 CVE-2018-6822 264 Exec Code 2018-02-07 2018-03-13
10.0
Admin Remote Low Not required Complete Complete Complete
In PureVPN 6.0.1 on macOS, HelperTool LaunchDaemon implements an unprotected XPC service that can be abused to execute system commands as root.
1361 CVE-2018-6809 264 +Priv 2018-03-06 2018-03-26
10.0
None Remote Low Not required Complete Complete Complete
NetScaler ADC 10.5, 11.0, 11.1, and 12.0, and NetScaler Gateway 10.5, 11.0, 11.1, and 12.0 allow remote attackers to gain privilege on a target system.
1362 CVE-2018-6692 119 Overflow Bypass 2018-08-21 2018-10-23
10.0
None Remote Low Not required Complete Complete Complete
Stack-based Buffer Overflow vulnerability in libUPnPHndlr.so in Belkin Wemo Insight Smart Plug allows remote attackers to bypass local security protection via a crafted HTTP post packet.
1363 CVE-2018-6677 22 +Priv Dir. Trav. 2018-07-23 2018-09-20
9.0
None Remote Low Single system Complete Complete Complete
Directory Traversal vulnerability in the administrative user interface in McAfee Web Gateway (MWG) MWG 7.8.1.x allows authenticated administrator users to gain elevated privileges via unspecified vectors.
1364 CVE-2018-6651 352 Bypass 2018-02-05 2018-03-24
9.3
None Remote Medium Not required Complete Complete Complete
In the uncurl_ws_accept function in uncurl.c in uncurl before 0.07, as used in Parsec before 140-3, insufficient Origin header validation (accepting an arbitrary substring match) for WebSocket API requests allows remote attackers to bypass intended access restrictions. In Parsec, this means full control over the victim's computer.
1365 CVE-2018-6569 287 2018-02-05 2018-03-13
10.0
None Remote Low Not required Complete Complete Complete
West Wind Web Server 6.x does not require authentication for /ADMIN.ASP.
1366 CVE-2018-6547 287 2018-04-13 2018-05-21
9.4
None Remote Low Not required None Complete Complete
plays_service.exe in the plays.tv service before 1.27.7.0, as distributed in AMD driver-installation packages and Gaming Evolved products, contains an HTTP message parsing function that takes a user-defined path and writes non-user controlled data as SYSTEM to the file when the extract_files parameter is used. This occurs without properly authenticating the user.
1367 CVE-2018-6546 287 Exec Code 2018-04-13 2018-05-21
10.0
None Remote Low Not required Complete Complete Complete
plays_service.exe in the plays.tv service before 1.27.7.0, as distributed in AMD driver-installation packages and Gaming Evolved products, executes code at a user-defined (local or SMB) path as SYSTEM when the execute_installer parameter is used in an HTTP message. This occurs without properly authenticating the user.
1368 CVE-2018-6530 78 Exec Code 2018-03-06 2018-03-27
10.0
None Remote Low Not required Complete Complete Complete
OS command injection vulnerability in soap.cgi (soapcgi_main in cgibin) in D-Link DIR-880L DIR-880L_REVA_FIRMWARE_PATCH_1.08B04 and previous versions, DIR-868L DIR868LA1_FW112b04 and previous versions, DIR-65L DIR-865L_REVA_FIRMWARE_PATCH_1.08.B01 and previous versions, and DIR-860L DIR860LA1_FW110b04 and previous versions allows remote attackers to execute arbitrary OS commands via the service parameter.
1369 CVE-2018-6476 20 2018-01-31 2018-02-13
10.0
None Remote Low Not required Complete Complete Complete
In SUPERAntiSpyware Professional Trial 6.0.1254, the SASKUTIL.SYS driver allows privilege escalation to NT AUTHORITY\SYSTEM because of not validating input values from IOCtl 0x9C402114 or 0x9C402124 or 0x9C40207c.
1370 CVE-2018-6475 426 2018-01-31 2018-02-13
9.3
None Remote Medium Not required Complete Complete Complete
In SUPERAntiSpyware Professional Trial 6.0.1254, SUPERAntiSpyware.exe allows DLL hijacking, leading to Escalation of Privileges.
1371 CVE-2018-6461 426 +Priv 2018-02-05 2018-03-13
9.3
None Remote Medium Not required Complete Complete Complete
March Hare WINCVS before 2.8.01 build 6610, and CVS Suite before 2009R2 build 6610, contains an Insecure Library Loading vulnerability in the wincvs2.exe or wincvs.exe file, which may allow local users to gain privileges via a Trojan horse Python or TCL DLL file in the current working directory.
1372 CVE-2018-6444 78 Exec Code 2019-01-22 2019-06-19
10.0
None Remote Low Not required Complete Complete Complete
A Vulnerability in Brocade Network Advisor versions before 14.1.0 could allow a remote unauthenticated attacker to execute arbitray code. The vulnerability could also be exploited to execute arbitrary OS Commands.
1373 CVE-2018-6388 78 Exec Code 2018-01-29 2018-02-15
9.0
None Remote Low Single system Complete Complete Complete
iBall iB-WRA150N 1.2.6 build 110401 Rel.47776n devices allow remote authenticated users to execute arbitrary OS commands via shell metacharacters in the ping test arguments on the Diagnostics page.
1374 CVE-2018-6387 798 2018-01-29 2018-02-15
10.0
None Remote Low Not required Complete Complete Complete
iBall iB-WRA150N 1.2.6 build 110401 Rel.47776n devices have a hardcoded password of admin for the admin account, a hardcoded password of support for the support account, and a hardcoded password of user for the user account.
1375 CVE-2018-6318 426 2018-02-02 2018-02-15
9.3
None Remote Medium Not required Complete Complete Complete
In Sophos Tester Tool 3.2.0.7 Beta, the driver loads (in the context of the application used to test an exploit or ransomware) the DLL using a payload that runs from NTDLL.DLL (so, it's run in userland), but the driver doesn't perform any validation of this DLL (not its signature, not its hash, etc.). A person can change this DLL in a local way, or with a remote connection, to a malicious DLL with the same name -- and when the product is used, this malicious DLL will be loaded, aka a DLL Hijacking attack.
1376 CVE-2018-6312 310 2018-03-10 2018-04-09
9.0
None Remote Low Single system Complete Complete Complete
A privileged account with a weak default password on the Foxconn femtocell FEMTO AP-FC4064-T version AP_GT_B38_5.8.3lb15-W47 LTE Build 15 can be used to turn on the TELNET service via the web interface, which allows root login without any password. This vulnerability will lead to full system compromise and disclosure of user communications. The foxconn account with an 8-character lowercase alphabetic password can be used.
1377 CVE-2018-6298 20 Exec Code 2018-03-13 2018-04-09
10.0
None Remote Low Not required Complete Complete Complete
Remote code execution in Hanwha Techwin Smartcams
1378 CVE-2018-6292 264 Exec Code 2018-02-13 2018-03-06
10.0
Admin Remote Low Not required Complete Complete Complete
Remote Code Execution in Saperion Web Client version 7.5.2 83166.
1379 CVE-2018-6289 74 Exec Code 2018-02-06 2018-02-23
10.0
None Remote Low Not required Complete Complete Complete
Configuration file injection leading to Code Execution as Root in Kaspersky Secure Mail Gateway version 1.1.
1380 CVE-2018-6271 264 DoS 2019-02-13 2019-04-02
9.3
None Remote Medium Not required Complete Complete Complete
NVIDIA Tegra OpenMax driver (libnvomx) contains a vulnerability in which the software delivers extra data with the buffer and does not properly validated the extra data, which may lead to denial of service or escalation of privileges. Android ID: A-80198474.
1381 CVE-2018-6268 416 DoS 2019-02-13 2019-04-02
9.3
None Remote Medium Not required Complete Complete Complete
NVIDIA Tegra library contains a vulnerability in libnvmmlite_video.so, where referencing memory after it has been freed may lead to denial of service or possible escalation of privileges. Android ID: A-80433161.
1382 CVE-2018-6267 264 DoS 2019-02-13 2019-04-02
9.3
None Remote Medium Not required Complete Complete Complete
NVIDIA Tegra OpenMax driver (libnvomx) contains a vulnerability in which the software does not validate or incorrectly validates input that can affect the control flow or data flow of a program, which may lead to denial of service or escalation of privileges. Android ID: A-70857947.
1383 CVE-2018-6229 89 Exec Code Sql 2018-03-15 2018-04-04
10.0
None Remote Low Not required Complete Complete Complete
A SQL injection vulnerability in an Trend Micro Email Encryption Gateway 5.5 edit policy script could allow an attacker to execute SQL commands to upload and execute arbitrary code that may harm the target system.
1384 CVE-2018-6228 89 Exec Code Sql 2018-03-15 2018-04-04
10.0
None Remote Low Not required Complete Complete Complete
A SQL injection vulnerability in a Trend Micro Email Encryption Gateway 5.5 policy script could allow an attacker to execute SQL commands to upload and execute arbitrary code that may harm the target system.
1385 CVE-2018-6221 295 2018-03-15 2018-04-04
9.3
None Remote Medium Not required Complete Complete Complete
An unvalidated software update vulnerability in Trend Micro Email Encryption Gateway 5.5 could allow a man-in-the-middle attacker to tamper with an update file and inject their own.
1386 CVE-2018-6213 798 2018-06-20 2018-08-11
10.0
None Remote Low Not required Complete Complete Complete
In the web server on D-Link DIR-620 devices with a certain customized (by ISP) variant of firmware 1.0.3, 1.0.37, 1.3.1, 1.3.3, 1.3.7, 1.4.0, and 2.0.22, there is a hardcoded password of anonymous for the admin account.
1387 CVE-2018-6211 78 2018-06-20 2018-08-11
9.0
None Remote Low Single system Complete Complete Complete
On D-Link DIR-620 devices with a certain customized (by ISP) variant of firmware 1.0.3, 1.0.37, 1.3.1, 1.3.3, 1.3.7, 1.4.0, and 2.0.22, OS command injection is possible as a result of incorrect processing of the res_buf parameter to index.cgi.
1388 CVE-2018-6210 798 2018-06-19 2018-08-13
10.0
None Remote Low Not required Complete Complete Complete
D-Link DIR-620 devices, with a certain Rostelekom variant of firmware 1.0.37, have a hardcoded rostel account, which makes it easier for remote attackers to obtain access via a TELNET session.
1389 CVE-2018-6186 918 Exec Code +Priv 2018-02-01 2018-03-02
9.0
None Remote Low Single system Complete Complete Complete
Citrix NetScaler VPX through NS12.0 53.13.nc allows an SSRF attack via the /rapi/read_url URI by an authenticated attacker who has a webapp account. The attacker can gain access to the nsroot account, and execute remote commands with root privileges.
1390 CVE-2018-6140 20 Exec Code 2019-01-09 2019-01-16
9.3
None Remote Medium Not required Complete Complete Complete
Allowing the chrome.debugger API to attach to Web UI pages in DevTools in Google Chrome prior to 67.0.3396.62 allowed an attacker who convinced a user to install a malicious extension to execute arbitrary code via a crafted Chrome Extension.
1391 CVE-2018-6000 16 2018-01-22 2018-03-01
10.0
None Remote Low Not required Complete Complete Complete
An issue was discovered in AsusWRT before 3.0.0.4.384_10007. The do_vpnupload_post function in router/httpd/web.c in vpnupload.cgi provides functionality for setting NVRAM configuration values, which allows attackers to set the admin password and launch an SSH daemon (or enable infosvr command mode), and consequently obtain remote administrative access, via a crafted request. This is available to unauthenticated attackers in conjunction with CVE-2018-5999.
1392 CVE-2018-5999 255 2018-01-22 2018-03-01
10.0
None Remote Low Not required Complete Complete Complete
An issue was discovered in AsusWRT before 3.0.0.4.384_10007. In the handle_request function in router/httpd/httpd.c, processing of POST requests continues even if authentication fails.
1393 CVE-2018-5997 434 Exec Code 2018-01-25 2018-02-12
10.0
Admin Remote Low Not required Complete Complete Complete
An issue was discovered in the HTTP Server in RAVPower Filehub 2.000.056. Due to an unrestricted upload feature and a path traversal vulnerability, it is possible to upload a file on a filesystem with root privileges: this will lead to remote code execution as root.
1394 CVE-2018-5925 119 Exec Code Overflow 2018-08-13 2018-10-15
9.3
None Remote Medium Not required Complete Complete Complete
A security vulnerability has been identified with certain HP Inkjet printers. A maliciously crafted file sent to an affected device can cause a static buffer overflow, which could allow remote code execution.
1395 CVE-2018-5915 19 2019-01-18 2019-01-24
10.0
None Remote Low Not required Complete Complete Complete
Exception in Modem IP stack while processing IPv6 packet in snapdragon automobile, snapdragon mobile and snapdragon wear in versions MDM9607, MDM9640, MDM9650, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 425, SD 430, SD 712 / SD 710 / SD 670, SD 820, SD 820A, SD 835, SD 845 / SD 850, SDA660, SDX20, SXR1130
1396 CVE-2018-5855 119 Overflow 2018-07-06 2019-04-05
10.0
None Remote Low Not required Complete Complete Complete
While padding or shrinking a nested wmi packet in all Android releases from CAF using the Linux kernel (Android for MSM, Firefox OS for MSM, QRD Android) before security patch level 2018-07-05, a buffer over-read can potentially occur.
1397 CVE-2018-5850 191 Overflow 2018-06-06 2018-07-17
9.3
None Remote Medium Not required Complete Complete Complete
In the function csr_update_fils_params_rso(), insufficient validation on a key length can result in an integer underflow leading to a buffer overflow in all Android releases from CAF (Android for MSM, Firefox OS for MSM, QRD Android) using the Linux Kernel.
1398 CVE-2018-5846 416 2018-06-06 2018-07-17
9.3
None Remote Medium Not required Complete Complete Complete
A Use After Free condition can occur in the IPA driver whenever the IPA IOCTLs IPA_IOC_NOTIFY_WAN_UPSTREAM_ROUTE_ADD/IPA_IOC_NOTIFY_WAN_UPSTREAM_ROUTE_DEL/IPA_IOC_NOTIFY_WAN_EMBMS_CONNECTED are called in all Android releases from CAF (Android for MSM, Firefox OS for MSM, QRD Android) using the Linux Kernel.
1399 CVE-2018-5841 19 2018-06-06 2018-07-17
9.3
None Remote Medium Not required Complete Complete Complete
dcc_curr_list is initialized with a default invalid value that is expected to be programmed by the user through a sysfs node which could lead to an invalid access in all Android releases from CAF (Android for MSM, Firefox OS for MSM, QRD Android) using the Linux Kernel.
1400 CVE-2018-5840 264 2018-06-06 2018-07-17
9.3
None Remote Medium Not required Complete Complete Complete
Buffer Copy without Checking Size of Input can occur during the DRM SDE driver initialization sequence in all Android releases from CAF (Android for MSM, Firefox OS for MSM, QRD Android) using the Linux Kernel.
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.