CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities Published In 2018(Execute Code)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1401 CVE-2018-7407 704 Exec Code 2018-05-24 2018-06-08
6.8
None Remote Medium Not required Partial Partial Partial
An issue was discovered in Foxit Reader before 9.1 and PhantomPDF before 9.1. This vulnerability allows remote attackers to execute arbitrary code. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists when rendering U3D images inside of pdf files. The issue results from the lack of proper validation of user-supplied data, which can result in a type confusion condition. An attacker can leverage this to execute code in the context of the current process.
1402 CVE-2018-7406 129 Exec Code 2018-05-24 2018-06-08
6.8
None Remote Medium Not required Partial Partial Partial
An issue was discovered in Foxit Reader before 9.1 and PhantomPDF before 9.1. This vulnerability allows remote attackers to execute arbitrary code. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the u3d images inside of a pdf. The issue results from the lack of proper validation of user-supplied data, which can result in an array indexing issue. An attacker can leverage this to execute code in the context of the current process.
1403 CVE-2018-7364 284 Exec Code 2018-12-07 2019-10-09
10.0
None Remote Low Not required Complete Complete Complete
All versions up to ZXINOS-RESV1.01.43 of the ZTE ZXIN10 product European region are impacted by improper access control vulnerability. Due to improper access control to devcomm process, an unauthorized remote attacker can exploit this vulnerability to execute arbitrary code with root privileges.
1404 CVE-2018-7359 119 Exec Code Overflow 2018-11-16 2019-10-09
7.5
None Remote Low Not required Partial Partial Partial
All versions up to V1.1.10P3T18 of ZTE ZXHN F670 product are impacted by heap-based buffer overflow vulnerability, which may allow an attacker to execute arbitrary code.
1405 CVE-2018-7311 732 Exec Code 2018-02-21 2019-10-02
9.0
None Remote Low Single system Complete Complete Complete
** DISPUTED ** PrivateVPN 2.0.31 for macOS suffers from a root privilege escalation vulnerability. The software installs a privileged helper tool that runs as the root user. This privileged helper tool is installed as a LaunchDaemon and implements an XPC service. The XPC service is responsible for handling new VPN connection operations via the main PrivateVPN application. The privileged helper tool creates new VPN connections by executing the openvpn binary located in the /Applications/PrivateVPN.app/Contents/Resources directory. The openvpn binary can be overwritten by the default user, which allows an attacker that has already installed malicious software as the default user to replace the binary. When a new VPN connection is established, the privileged helper tool will launch this malicious binary, thus allowing an attacker to execute code as the root user. NOTE: the vendor has reportedly indicated that this behavior is "an acceptable part of their software."
1406 CVE-2018-7300 22 Exec Code Dir. Trav. 2018-02-22 2019-10-02
10.0
None Remote Low Not required Complete Complete Complete
Directory Traversal / Arbitrary File Write / Remote Code Execution in the User.setLanguage method in eQ-3 AG Homematic CCU2 2.29.2 and earlier allows remote attackers to write arbitrary files to the device's filesystem. This vulnerability can be exploited by unauthenticated attackers with access to the web interface.
1407 CVE-2018-7299 Exec Code 2018-02-22 2019-10-02
5.2
None Local Network Low Single system Partial Partial Partial
Remote Code Execution in the addon installation process in eQ-3 AG Homematic CCU2 2.29.2 and earlier allows authenticated attackers to create or overwrite arbitrary files or install malicious software on the device.
1408 CVE-2018-7297 Exec Code 2018-02-22 2019-10-02
10.0
None Remote Low Not required Complete Complete Complete
Remote Code Execution in the TCL script interpreter in eQ-3 AG Homematic CCU2 2.29.2 and earlier allows remote attackers to obtain read/write access and execute system commands on the device. This vulnerability can be exploited by unauthenticated attackers with access to the web interface.
1409 CVE-2018-7281 Exec Code 2018-02-21 2019-10-02
9.0
None Remote Low Single system Complete Complete Complete
CactusVPN 5.3.6 for macOS contains a root privilege escalation vulnerability through a setuid root binary called runme. The binary takes a single command line argument and passes this argument to a system() call, thus allowing low privileged users to execute commands as root.
1410 CVE-2018-7279 Exec Code 2018-03-14 2018-04-10
7.5
None Remote Low Not required Partial Partial Partial
A remote code execution issue was discovered in AlienVault USM and OSSIM before 5.5.1.
1411 CVE-2018-7271 94 Exec Code 2018-02-20 2018-03-21
9.3
None Remote Medium Not required Complete Complete Complete
An issue was discovered in MetInfo 6.0.0. In install/install.php in the installation process, the config/config_db.php configuration file filtering is not rigorous: one can insert malicious code in the installation process to execute arbitrary commands or obtain a web shell.
1412 CVE-2018-7264 787 Exec Code 2018-02-28 2018-03-23
7.5
None Remote Low Not required Partial Partial Partial
The Pictview image processing library embedded in the ActivePDF toolkit through 2018.1.0.18321 is prone to multiple out of bounds write and sign errors, allowing a remote attacker to execute arbitrary code on vulnerable applications using the ActivePDF Toolkit to process untrusted images.
1413 CVE-2018-7247 119 Exec Code Overflow 2018-02-19 2018-03-14
7.5
None Remote Low Not required Partial Partial Partial
An issue was discovered in pixHtmlViewer in prog/htmlviewer.c in Leptonica before 1.75.3. Unsanitized input (rootname) can overflow a buffer, leading potentially to arbitrary code execution or possibly unspecified other impact.
1414 CVE-2018-7240 787 DoS Exec Code 2018-04-18 2019-10-02
6.5
None Remote Low Single system Partial Partial Partial
A vulnerability exists in Schneider Electric's Modicon Quantum in all versions of the communication modules which could allow arbitrary code execution. An FTP command used to upgrade the firmware of the module can be misused to cause a denial of service, or in extreme cases, to load a malicious firmware.
1415 CVE-2018-7239 426 Exec Code 2018-03-09 2018-03-26
6.8
None Remote Medium Not required Partial Partial Partial
A DLL hijacking vulnerability exists in Schneider Electric's SoMove Software and associated DTM software components in all versions prior to 2.6.2 which could allow an attacker to execute arbitrary code.
1416 CVE-2018-7238 119 Exec Code Overflow 2018-03-09 2018-03-27
7.5
None Remote Low Not required Partial Partial Partial
A buffer overflow vulnerability exist in the web-based GUI of Schneider Electric's Pelco Sarix Professional in all firmware versions prior to 3.29.67 which could allow an unauthenticated, remote attacker to execute arbitrary code.
1417 CVE-2018-7233 20 Exec Code 2018-03-09 2018-03-27
7.5
None Remote Low Not required Partial Partial Partial
A vulnerability exists in Schneider Electric's Pelco Sarix Professional in all firmware versions prior to 3.29.67 which could allow execution of commands due to lack of validation of the shell meta characters with the value of 'model_name' or 'mac_address'.
1418 CVE-2018-7232 20 Exec Code 2018-03-09 2018-03-27
7.5
None Remote Low Not required Partial Partial Partial
A vulnerability exists in Schneider Electric's Pelco Sarix Professional in all firmware versions prior to 3.29.67 which could allow execution of commands due to lack of validation of the shell meta characters with the value of 'network.ieee8021x.delete_certs'.
1419 CVE-2018-7231 20 Exec Code 2018-03-09 2018-03-27
7.5
None Remote Low Not required Partial Partial Partial
A vulnerability exists in Schneider Electric's Pelco Sarix Professional in all firmware versions prior to 3.29.67 which could allow execution of commands due to lack of validation of the shell meta characters with the value of 'system.opkg.remove'.
1420 CVE-2018-7218 Exec Code 2018-05-17 2018-06-27
10.0
None Remote Low Not required Complete Complete Complete
The AppFirewall functionality in Citrix NetScaler Application Delivery Controller and NetScaler Gateway 10.5 before Build 68.7, 11.0 before Build 71.24, 11.1 before Build 58.13, and 12.0 before Build 57.24 allows remote attackers to execute arbitrary code via unspecified vectors.
1421 CVE-2018-7205 79 Exec Code XSS 2018-02-20 2018-10-09
3.5
None Remote Medium Single system None Partial None
** DISPUTED ** Reflected Cross-Site Scripting vulnerability in "Design" on "Edit device layout" in Kentico 9 through 11 allows remote attackers to execute malicious JavaScript via a malicious devicename parameter in a link that is entered via the "Pages -> Edit template properties -> Device Layouts -> Create device layout (and edit created device layout) -> Design" screens. NOTE: the vendor has responded that there is intended functionality for authorized users to edit and update ascx code layout.
1422 CVE-2018-7187 20 Exec Code 2018-02-16 2018-10-21
9.3
User Remote Medium Not required Complete Complete Complete
The "go get" implementation in Go 1.9.4, when the -insecure command-line option is used, does not validate the import path (get/vcs.go only checks for "://" anywhere in the string), which allows remote attackers to execute arbitrary OS commands via a crafted web site.
1423 CVE-2018-7183 119 Exec Code Overflow 2018-03-08 2019-01-24
7.5
None Remote Low Not required Partial Partial Partial
Buffer overflow in the decodearr function in ntpq in ntp 4.2.8p6 through 4.2.8p10 allows remote attackers to execute arbitrary code by leveraging an ntpq query and sending a response with a crafted array.
1424 CVE-2018-7160 290 Exec Code Bypass 2018-05-17 2019-10-09
6.8
None Remote Medium Not required Partial Partial Partial
The Node.js inspector, in 6.x and later is vulnerable to a DNS rebinding attack which could be exploited to perform remote code execution. An attack is possible from malicious websites open in a web browser on the same computer, or another computer with network access to the computer running the Node.js process. A malicious website could use a DNS rebinding attack to trick the web browser to bypass same-origin-policy checks and to allow HTTP connections to localhost or to hosts on the local network. If a Node.js process with the debug port active is running on localhost or on a host on the local network, the malicious website could connect to it as a debugger, and get full code execution access.
1425 CVE-2018-7114 119 Exec Code Overflow 2018-12-03 2018-12-29
10.0
None Remote Low Not required Complete Complete Complete
HPE Intelligent Management Center (IMC) prior to IMC PLAT 7.3 (E0605P06) is vulnerable to remote buffer overflow in dbman leading to code execution. This problem is resolved in IMC PLAT 7.3 (E0605P06) or subsequent versions.
1426 CVE-2018-7105 Exec Code 2018-09-27 2019-10-02
9.0
None Remote Low Single system Complete Complete Complete
A security vulnerability in HPE Integrated Lights-Out 5 (iLO 5) for HPE Gen10 Servers prior to v1.35, HPE Integrated Lights-Out 4 (iLO 4) prior to v2.61, HPE Integrated Lights-Out 3 (iLO 3) prior to v1.90 could be remotely exploited to execute arbitrary code leading to disclosure of information.
1427 CVE-2018-7104 20 Exec Code 2018-09-27 2018-11-16
10.0
None Remote Low Not required Complete Complete Complete
A Remote Code Execution vulnerability was identified in HPE Intelligent Management Center (iMC) Wireless Services Manager Software earlier than version IMC WSM 7.3 E0506P02.
1428 CVE-2018-7103 20 Exec Code 2018-09-27 2018-11-16
10.0
None Remote Low Not required Complete Complete Complete
A Remote Code Execution vulnerability was identified in HPE Intelligent Management Center (iMC) Wireless Services Manager Software earlier than version IMC WSM 7.3 E0506P02.
1429 CVE-2018-7096 Exec Code 2018-08-14 2019-10-02
7.5
None Remote Low Not required Partial Partial Partial
A security vulnerability was identified in 3PAR Service Processor (SP) prior to SP-4.4.0.GA-110(MU7). The vulnerability may be exploited remotely to allow code execution.
1430 CVE-2018-7078 Exec Code 2018-08-06 2018-10-05
9.0
None Remote Low Single system Complete Complete Complete
A remote code execution was identified in HPE Integrated Lights-Out 4 (iLO 4) earlier than version v2.60 and HPE Integrated Lights-Out 5 (iLO 5) earlier than version v1.30.
1431 CVE-2018-7076 287 Exec Code 2018-10-17 2018-12-03
10.0
None Remote Low Not required Complete Complete Complete
A remote code execution vulnerability was identified in HPE Intelligent Management Center (iMC) prior to iMC PLAT 7.3 E0605P04.
1432 CVE-2018-7074 Exec Code 2018-08-06 2018-10-18
7.5
None Remote Low Not required Partial Partial Partial
A remote code execution vulnerability was identified in HPE Intelligent Management Center (iMC) PLAT 7.3 E0506P07. The vulnerability was resolved in iMC PLAT 7.3 E0605P04 or subsequent version.
1433 CVE-2018-7066 Exec Code 2018-12-07 2019-10-02
9.3
None Remote Medium Not required Complete Complete Complete
An unauthenticated remote command execution exists in Aruba ClearPass Policy Manager on linked devices. The ClearPass OnConnect feature permits administrators to link other network devices into ClearPass for the purpose of collecting enhanced information about connected endpoints. A defect in the API could allow a remote attacker to execute arbitrary commands on one of the linked devices. This vulnerability is only applicable if credentials for devices have been supplied to ClearPass under Configuration -> Network -> Devices -> CLI Settings. Resolution: Fixed in 6.7.5 and 6.6.10-hotfix.
1434 CVE-2018-7047 798 Exec Code 2018-03-01 2019-10-02
7.5
None Remote Low Not required Partial Partial Partial
An issue was discovered in the MBeans Server in Wowza Streaming Engine before 4.7.1. The file system may be read and written to via JMX using the default JMX credentials (remote code execution may be possible as well).
1435 CVE-2018-7046 78 Exec Code 2018-02-20 2018-10-09
9.0
None Remote Low Single system Complete Complete Complete
** DISPUTED ** Arbitrary code execution vulnerability in Kentico 9 through 11 allows remote authenticated users to execute arbitrary operating system commands in a dynamic .NET code evaluation context via C# code in a "Pages -> Edit -> Template -> Edit template properties -> Layout" box. NOTE: the vendor has responded that there is intended functionality for authorized users to edit and update ascx code layout.
1436 CVE-2018-7032 20 Exec Code 2018-02-14 2018-03-15
5.1
None Remote High Not required Partial Partial Partial
webcheckout in myrepos through 1.20171231 does not sanitize URLs that are passed to git clone, allowing a malicious website operator or a MitM attacker to take advantage of it for arbitrary code execution, as demonstrated by an "ext::sh -c" attack or an option injection attack.
1437 CVE-2018-6983 190 Exec Code Overflow 2018-11-27 2018-12-19
7.2
None Local Low Not required Complete Complete Complete
VMware Workstation (15.x before 15.0.2 and 14.x before 14.1.5) and Fusion (11.x before 11.0.2 and 10.x before 10.1.5) contain an integer overflow vulnerability in the virtual network devices. This issue may allow a guest to execute code on the host.
1438 CVE-2018-6981 Exec Code 2018-12-04 2018-12-05
0.0
None ??? ??? ??? ??? ??? ???
VMware ESXi 6.7 without ESXi670-201811401-BG and VMware ESXi 6.5 without ESXi650-201811301-BG, VMware ESXi 6.0 without ESXi600-201811401-BG, VMware Workstation 15, VMware Workstation 14.1.3 or below, VMware Fusion 11, VMware Fusion 10.1.3 or below contain uninitialized stack memory usage in the vmxnet3 virtual network adapter which may allow a guest to execute code on the host.
1439 CVE-2018-6974 Exec Code 2018-10-16 2018-10-18
0.0
None ??? ??? ??? ??? ??? ???
VMware ESXi (6.7 before ESXi670-201810101-SG, 6.5 before ESXi650-201808401-BG, and 6.0 before ESXi600-201808401-BG), Workstation (14.x before 14.1.3) and Fusion (10.x before 10.1.3) contain an out-of-bounds read vulnerability in SVGA device. This issue may allow a guest to execute code on the host.
1440 CVE-2018-6973 787 Exec Code 2018-08-15 2018-10-15
7.2
None Local Low Not required Complete Complete Complete
VMware Workstation (14.x before 14.1.3) and Fusion (10.x before 10.1.3) contain an out-of-bounds write vulnerability in the e1000 device. This issue may allow a guest to execute code on the host.
1441 CVE-2018-6968 Exec Code 2018-06-11 2019-10-02
7.5
None Remote Low Not required Partial Partial Partial
The VMware AirWatch Agent for Android prior to 8.2 and AirWatch Agent for Windows Mobile prior to 6.5.2 contain a remote code execution vulnerability in real time File Manager capabilities. This vulnerability may allow for unauthorized creation and execution of files in the Agent sandbox and other publicly accessible directories such as those on the SD card by a malicious administrator.
1442 CVE-2018-6961 78 Exec Code 2018-06-11 2019-10-02
6.8
None Remote Medium Not required Partial Partial Partial
VMware NSX SD-WAN Edge by VeloCloud prior to version 3.1.0 contains a command injection vulnerability in the local web UI component. This component is disabled by default and should not be enabled on untrusted networks. VeloCloud by VMware will be removing this service from the product in future releases. Successful exploitation of this issue could result in remote code execution.
1443 CVE-2018-6941 352 Exec Code XSS CSRF 2018-02-20 2018-03-13
6.8
None Remote Medium Not required Partial Partial Partial
A /shell?cmd= CSRF issue exists in the HTTPD component of NAT32 v2.2 Build 22284 devices that can be exploited for Remote Code Execution in conjunction with XSS.
1444 CVE-2018-6940 79 Exec Code XSS CSRF 2018-02-20 2018-10-09
4.3
None Remote Medium Not required None Partial None
A /shell?cmd= XSS issue exists in the HTTPD component of NAT32 v2.2 Build 22284 devices that can be exploited for Remote Code Execution in conjunction with CSRF.
1445 CVE-2018-6913 119 Exec Code Overflow 2018-04-17 2019-09-06
7.5
None Remote Low Not required Partial Partial Partial
Heap-based buffer overflow in the pack function in Perl before 5.26.2 allows context-dependent attackers to execute arbitrary code via a large item count.
1446 CVE-2018-6911 78 Exec Code 2018-02-13 2019-08-02
10.0
None Remote Low Not required Complete Complete Complete
The VBWinExec function in Node\AspVBObj.dll in Advantech WebAccess 8.3.0 allows remote attackers to execute arbitrary OS commands via a single argument (aka the command parameter).
1447 CVE-2018-6892 119 Exec Code Overflow 2018-02-11 2018-08-16
7.5
None Remote Low Not required Partial Partial Partial
An issue was discovered in CloudMe before 1.11.0. An unauthenticated remote attacker that can connect to the "CloudMe Sync" client application listening on port 8888 can send a malicious payload causing a buffer overflow condition. This will result in an attacker controlling the program's execution flow and allowing arbitrary code execution.
1448 CVE-2018-6860 434 Exec Code 2018-02-11 2018-02-26
6.5
None Remote Low Single system Partial Partial Partial
Arbitrary File Upload and Remote Code Execution exist in PHP Scripts Mall Schools Alert Management Script 2.0.2 via a profile picture.
1449 CVE-2018-6857 119 Exec Code Overflow 2018-07-09 2019-10-02
7.2
None Local Low Not required Complete Complete Complete
Sophos SafeGuard Enterprise before 8.00.5, SafeGuard Easy before 7.00.3, and SafeGuard LAN Crypt before 3.95.2 are vulnerable to Local Privilege Escalation via IOCTL 0x802022E0. By crafting an input buffer we can control the execution path to the point where the constant 0x12 will be written to a user-controlled address. We can take advantage of this condition to modify the SEP_TOKEN_PRIVILEGES structure of the Token object belonging to the exploit process and grant SE_DEBUG_NAME privilege. This allows the exploit process to interact with higher privileged processes running as SYSTEM and execute code in their security context.
1450 CVE-2018-6856 119 Exec Code Overflow 2018-07-09 2019-10-02
7.2
None Local Low Not required Complete Complete Complete
Sophos SafeGuard Enterprise before 8.00.5, SafeGuard Easy before 7.00.3, and SafeGuard LAN Crypt before 3.95.2 are vulnerable to Local Privilege Escalation via IOCTL 0x8020601C. By crafting an input buffer we can control the execution path to the point where a global variable will be written to a user controlled address. We can take advantage of this condition to zero-out the pointer to the security descriptor in the object header of a privileged process or modify the security descriptor itself and run code in the context of a process running as SYSTEM.
Total number of vulnerabilities : 3041   Page : 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 (This Page)30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.