CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities (CVSS score between 6 and 6.99)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
101 CVE-2018-1000093 352 Exec Code 2018-03-13 2018-04-05
6.8
None Remote Medium Not required Partial Partial Partial
CryptoNote version version 0.8.9 and possibly later contain a local RPC server which does not require authentication, as a result the walletd and the simplewallet RPC daemons will process any commands sent to them, resulting in remote command execution and a takeover of the cryptocurrency wallet if an attacker can trick an application such as a web browser into connecting and sending a command for example. This attack appears to be exploitable via a victim visiting a webpage hosting malicious content that trigger such behavior.
102 CVE-2018-1000092 352 CSRF 2018-03-13 2018-04-10
6.8
None Remote Medium Not required Partial Partial Partial
CMS Made Simple version versions 2.2.5 contains a Cross ite Request Forgery (CSRF) vulnerability in Admin profile page that can result in Details can be found here http://dev.cmsmadesimple.org/bug/view/11715. This attack appear to be exploitable via A specially crafted web page. This vulnerability appears to have been fixed in 2.2.6.
103 CVE-2018-1000091 119 Exec Code Overflow 2018-03-13 2018-04-10
6.5
None Remote Low Single system Partial Partial Partial
KadNode version version 2.2.0 contains a Buffer Overflow vulnerability in Arguments when starting up the binary that can result in Control of program execution flow, leading to remote code execution.
104 CVE-2018-1000086 352 Exec Code CSRF 2018-03-13 2018-04-11
6.8
None Remote Medium Not required Partial Partial Partial
NPR Visuals Team Pym.js version versions 0.4.2 up to 1.3.1 contains a Cross ite Request Forgery (CSRF) vulnerability in Pym.js _onNavigateToMessage function. https://github.com/nprapps/pym.js/blob/master/src/pym.js#L573 that can result in Arbitrary javascript code execution. This attack appear to be exploitable via Attacker gains full javascript access to pages with Pym.js embeds when user visits an attacker crafted page.. This vulnerability appears to have been fixed in versions 1.3.2 and later.
105 CVE-2018-1000082 352 Exec Code CSRF 2018-03-13 2018-04-06
6.8
None Remote Medium Not required Partial Partial Partial
Ajenti version version 2 contains a Cross ite Request Forgery (CSRF) vulnerability in the command execution panel of the tool used to manage the server. that can result in Code execution on the server . This attack appear to be exploitable via Being a CSRF, victim interaction is needed, when the victim access the infected trigger of the CSRF any code that match the victim privledges on the server can be executed..
106 CVE-2018-1000074 502 Exec Code 2018-03-13 2018-11-30
6.8
None Remote Medium Not required Partial Partial Partial
RubyGems version Ruby 2.2 series: 2.2.9 and earlier, Ruby 2.3 series: 2.3.6 and earlier, Ruby 2.4 series: 2.4.3 and earlier, Ruby 2.5 series: 2.5.0 and earlier, prior to trunk revision 62422 contains a Deserialization of Untrusted Data vulnerability in owner command that can result in code execution. This attack appear to be exploitable via victim must run the `gem owner` command on a gem with a specially crafted YAML file. This vulnerability appears to have been fixed in 2.7.6.
107 CVE-2018-1000070 20 Exec Code 2018-03-13 2018-04-11
6.8
None Remote Medium Not required Partial Partial Partial
Bitmessage PyBitmessage version v0.6.2 (and introduced in or after commit 8ce72d8d2d25973b7064b1cf76a6b0b3d62f0ba0) contains a Eval injection vulnerability in main program, file src/messagetypes/__init__.py function constructObject that can result in Code Execution. This attack appears to be exploitable via remote attacker using a malformed message which must be processed by the victim - e.g. arrive from any sender on bitmessage network. This vulnerability appears to have been fixed in v0.6.3.
108 CVE-2018-1000058 502 Exec Code 2018-02-09 2018-03-06
6.5
None Remote Low Single system Partial Partial Partial
Jenkins Pipeline: Supporting APIs Plugin 2.17 and earlier have an arbitrary code execution due to incomplete sandbox protection: Methods related to Java deserialization like readResolve implemented in Pipeline scripts were not subject to sandbox protection, and could therefore execute arbitrary code. This could be exploited e.g. by regular Jenkins users with the permission to configure Pipelines in Jenkins, or by trusted committers to repositories containing Jenkinsfiles.
109 CVE-2018-1000056 611 2018-02-09 2018-03-06
6.5
None Remote Low Single system Partial Partial Partial
Jenkins JUnit Plugin 1.23 and earlier processes XML external entities in files it parses as part of the build process, allowing attackers with user permissions in Jenkins to extract secrets from the Jenkins master, perform server-side request forgery, or denial-of-service attacks.
110 CVE-2018-1000055 611 2018-02-09 2018-03-06
6.5
None Remote Low Single system Partial Partial Partial
Jenkins Android Lint Plugin 2.5 and earlier processes XML external entities in files it parses as part of the build process, allowing attackers with user permissions in Jenkins to extract secrets from the Jenkins master, perform server-side request forgery, or denial-of-service attacks.
111 CVE-2018-1000054 611 2018-02-09 2018-03-13
6.5
None Remote Low Single system Partial Partial Partial
Jenkins CCM Plugin 3.1 and earlier processes XML external entities in files it parses as part of the build process, allowing attackers with user permissions in Jenkins to extract secrets from the Jenkins master, perform server-side request forgery, or denial-of-service attacks.
112 CVE-2018-1000053 352 CSRF 2018-02-09 2018-03-08
6.8
None Remote Medium Not required Partial Partial Partial
LimeSurvey version 3.0.0-beta.3+17110 contains a Cross ite Request Forgery (CSRF) vulnerability in Theme Uninstallation that can result in CSRF causing LimeSurvey admins to delete all their themes, rendering the website unusable. This attack appear to be exploitable via Simple HTML markup can be used to send a GET request to the affected endpoint.
113 CVE-2018-1000051 416 Exec Code 2018-02-09 2018-11-27
6.8
None Remote Medium Not required Partial Partial Partial
Artifex Mupdf version 1.12.0 contains a Use After Free vulnerability in fz_keep_key_storable that can result in DOS / Possible code execution. This attack appear to be exploitable via Victim opens a specially crafted PDF.
114 CVE-2018-1000050 119 DoS Overflow Mem. Corr. 2018-02-09 2018-03-08
6.8
None Remote Medium Not required Partial Partial Partial
Sean Barrett stb_vorbis version 1.12 and earlier contains a Buffer Overflow vulnerability in All vorbis decoding paths. that can result in memory corruption, denial of service, comprised execution of host program. This attack appear to be exploitable via Victim must open a specially crafted Ogg Vorbis file. This vulnerability appears to have been fixed in 1.13.
115 CVE-2018-1000049 20 Exec Code 2018-02-09 2018-07-27
6.0
None Remote Medium Single system Partial Partial Partial
Nanopool Claymore Dual Miner version 7.3 and earlier contains a remote code execution vulnerability by abusing the miner API. The flaw can be exploited only if the software is executed with read/write mode enabled.
116 CVE-2018-1000048 502 Exec Code 2018-02-09 2018-03-01
6.8
None Remote Medium Not required Partial Partial Partial
NASA RtRetrievalFramework version v1.0 contains a CWE-502 vulnerability in Data retrieval functionality of RtRetrieval framework that can result in remote code execution. This attack appear to be exploitable via Victim tries to retrieve and process a weather data file.
117 CVE-2018-1000047 502 Exec Code 2018-02-09 2018-03-01
6.8
None Remote Medium Not required Partial Partial Partial
NASA Kodiak version v1.0 contains a CWE-502 vulnerability in Kodiak library's data processing function that can result in remote code execution. This attack appear to be exploitable via Victim opens an untrusted file for optimization using Kodiak library.
118 CVE-2018-1000046 502 Exec Code 2018-02-09 2018-03-01
6.8
None Remote Medium Not required Partial Partial Partial
NASA Pyblock version v1.0 - v1.3 contains a CWE-502 vulnerability in Radar data parsing library that can result in remote code execution. This attack appear to be exploitable via Victim opening a specially crafted radar data file. This vulnerability appears to have been fixed in v1.4.
119 CVE-2018-1000045 502 Exec Code 2018-02-09 2018-03-01
6.8
None Remote Medium Not required Partial Partial Partial
NASA Singledop version v1.0 contains a CWE-502 vulnerability in NASA Singledop library (Weather data) that can result in remote code execution. This attack appear to be exploitable via Victim opening a specially crafted radar data file. This vulnerability appears to have been fixed in v1.1.
120 CVE-2018-1000039 416 DoS Exec Code 2018-05-24 2018-11-27
6.8
None Remote Medium Not required Partial Partial Partial
In MuPDF 1.12.0 and earlier, multiple heap use after free bugs in the PDF parser could allow an attacker to execute arbitrary code, read memory, or cause a denial of service via a crafted file.
121 CVE-2018-1000038 119 Exec Code Overflow 2018-05-24 2018-11-27
6.8
None Remote Medium Not required Partial Partial Partial
In MuPDF 1.12.0 and earlier, a stack buffer overflow in function pdf_lookup_cmap_full in pdf/pdf-cmap.c could allow an attacker to execute arbitrary code via a crafted file.
122 CVE-2018-1000035 119 DoS Exec Code Overflow 2018-02-09 2018-02-26
6.8
None Remote Medium Not required Partial Partial Partial
A heap-based buffer overflow exists in Info-Zip UnZip version <= 6.00 in the processing of password-protected archives that allows an attacker to perform a denial of service or to possibly achieve code execution.
123 CVE-2018-1000034 125 DoS 2018-02-09 2018-02-26
6.4
None Remote Low Not required Partial None Partial
An out-of-bounds read exists in Info-Zip UnZip version 6.10c22 that allows an attacker to perform a denial of service and read sensitive memory.
124 CVE-2018-1000033 125 DoS 2018-02-09 2018-02-26
6.4
None Remote Low Not required Partial None Partial
An out-of-bounds read exists in Info-Zip UnZip version 6.10c22 that allows an attacker to perform a denial of service and read sensitive memory.
125 CVE-2018-1000032 119 DoS Exec Code Overflow 2018-02-09 2018-02-26
6.8
None Remote Medium Not required Partial Partial Partial
A heap-based buffer overflow exists in Info-Zip UnZip version 6.10c22 that allows an attacker to perform a denial of service or to possibly achieve code execution.
126 CVE-2018-1000031 119 DoS Exec Code Overflow 2018-02-09 2018-02-26
6.8
None Remote Medium Not required Partial Partial Partial
A heap-based buffer overflow exists in Info-Zip UnZip version 6.10c22 that allows an attacker to perform a denial of service or to possibly achieve code execution.
127 CVE-2018-1000030 119 Overflow Mem. Corr. 2018-02-08 2018-11-16
6.8
None Remote Medium Not required Partial Partial Partial
Python 2.7.14 is vulnerable to a Heap-Buffer-Overflow as well as a Heap-Use-After-Free. Python versions prior to 2.7.14 may also be vulnerable and it appears that Python 2.7.17 and prior may also be vulnerable however this has not been confirmed. The vulnerability lies when multiply threads are handling large amounts of data. In both cases there is essentially a race condition that occurs. For the Heap-Buffer-Overflow, Thread 2 is creating the size for a buffer, but Thread1 is already writing to the buffer without knowing how much to write. So when a large amount of data is being processed, it is very easy to cause memory corruption using a Heap-Buffer-Overflow. As for the Use-After-Free, Thread3->Malloc->Thread1->Free's->Thread2-Re-uses-Free'd Memory. The PSRT has stated that this is not a security vulnerability due to the fact that the attacker must be able to run code, however in some situations, such as function as a service, this vulnerability can potentially be used by an attacker to violate a trust boundary, as such the DWF feels this issue deserves a CVE.
128 CVE-2018-1000026 20 2018-02-09 2018-10-31
6.8
None Remote Low Single system None None Complete
Linux Linux kernel version at least v4.8 onwards, probably well before contains a Insufficient input validation vulnerability in bnx2x network card driver that can result in DoS: Network card firmware assertion takes card off-line. This attack appear to be exploitable via An attacker on a must pass a very large, specially crafted packet to the bnx2x card. This can be done from an untrusted guest VM..
129 CVE-2018-1000025 284 2018-02-09 2018-03-08
6.8
None Remote Medium Not required Partial Partial Partial
Jerome Gamez Firebase Admin SDK for PHP version from 3.2.0 to 3.8.0 contains a Incorrect Access Control vulnerability in src/Firebase/Auth/IdTokenVerifier.php does not verify for token signature that can result in JWT with any email address and user ID could be forged from an actual token, or from thin air. This attack appear to be exploitable via Attacker would only need to know email address of the victim on most cases.. This vulnerability appears to have been fixed in 3.8.1.
130 CVE-2018-1000021 20 2018-02-09 2018-03-06
6.8
None Remote Medium Not required Partial Partial Partial
GIT version 2.15.1 and earlier contains a Input Validation Error vulnerability in Client that can result in problems including messing up terminal configuration to RCE. This attack appear to be exploitable via The user must interact with a malicious git server, (or have their traffic modified in a MITM attack).
131 CVE-2018-1000014 352 CSRF 2018-01-23 2018-02-07
6.8
None Remote Medium Not required Partial Partial Partial
Jenkins Translation Assistance Plugin 1.15 and earlier did not require form submissions to be submitted via POST, resulting in a CSRF vulnerability allowing attackers to override localized strings displayed to all users on the current Jenkins instance if the victim is a Jenkins administrator.
132 CVE-2018-1000013 352 CSRF 2018-01-23 2018-02-07
6.8
None Remote Medium Not required Partial Partial Partial
Jenkins Release Plugin 2.9 and earlier did not require form submissions to be submitted via POST, resulting in a CSRF vulnerability allowing attackers to trigger release builds.
133 CVE-2018-1000012 611 2018-01-23 2018-02-07
6.5
None Remote Low Single system Partial Partial Partial
Jenkins Warnings Plugin 4.64 and earlier processes XML external entities in files it parses as part of the build process, allowing attackers with user permissions in Jenkins to extract secrets from the Jenkins master, perform server-side request forgery, or denial-of-service attacks.
134 CVE-2018-1000011 611 2018-01-23 2018-02-07
6.5
None Remote Low Single system Partial Partial Partial
Jenkins FindBugs Plugin 4.71 and earlier processes XML external entities in files it parses as part of the build process, allowing attackers with user permissions in Jenkins to extract secrets from the Jenkins master, perform server-side request forgery, or denial-of-service attacks.
135 CVE-2018-1000010 611 2018-01-23 2018-02-07
6.5
None Remote Low Single system Partial Partial Partial
Jenkins DRY Plugin 2.49 and earlier processes XML external entities in files it parses as part of the build process, allowing attackers with user permissions in Jenkins to extract secrets from the Jenkins master, perform server-side request forgery, or denial-of-service attacks.
136 CVE-2018-1000009 611 2018-01-23 2018-02-07
6.5
None Remote Low Single system Partial Partial Partial
Jenkins Checkstyle Plugin 3.49 and earlier processes XML external entities in files it parses as part of the build process, allowing attackers with user permissions in Jenkins to extract secrets from the Jenkins master, perform server-side request forgery, or denial-of-service attacks.
137 CVE-2018-1000008 611 2018-01-23 2018-02-07
6.5
None Remote Low Single system Partial Partial Partial
Jenkins PMD Plugin 3.49 and earlier processes XML external entities in files it parses as part of the build process, allowing attackers with user permissions in Jenkins to extract secrets from the Jenkins master, perform server-side request forgery, or denial-of-service attacks.
138 CVE-2018-1000005 125 2018-01-24 2018-03-20
6.4
None Remote Low Not required Partial None Partial
libcurl 7.49.0 to and including 7.57.0 contains an out bounds read in code handling HTTP/2 trailers. It was reported (https://github.com/curl/curl/pull/2231) that reading an HTTP/2 trailer could mess up future trailers since the stored size was one byte less than required. The problem is that the code that creates HTTP/1-like headers from the HTTP/2 trailer data once appended a string like `:` to the target buffer, while this was recently changed to `: ` (a space was added after the colon) but the following math wasn't updated correspondingly. When accessed, the data is read out of bounds and causes either a crash or that the (too large) data gets passed to client write. This could lead to a denial-of-service situation or an information disclosure if someone has a service that echoes back or uses the trailers for something.
139 CVE-2018-20719 89 Sql 2019-01-15 2019-01-18
6.5
None Remote Low Single system Partial Partial Partial
In Tiki before 17.2, the user task component is vulnerable to a SQL Injection via the tiki-user_tasks.php show_history parameter.
140 CVE-2018-20713 89 Sql 2019-01-15 2019-01-18
6.5
None Remote Low Single system Partial Partial Partial
Shopware before 5.4.3 allows SQL Injection by remote authenticated users, aka SW-21404.
141 CVE-2018-20618 119 Overflow 2018-12-31 2019-01-10
6.8
None Remote Medium Not required Partial Partial Partial
ok-file-formats through 2018-10-16 has a heap-based buffer over-read in the ok_mo_decode2 function in ok_mo.c.
142 CVE-2018-20617 119 Overflow 2018-12-31 2019-01-10
6.8
None Remote Medium Not required Partial Partial Partial
ok-file-formats through 2018-10-16 has a heap-based buffer overflow in the ok_csv_decode2 function in ok_csv.c.
143 CVE-2018-20616 119 Overflow 2018-12-31 2019-01-10
6.8
None Remote Medium Not required Partial Partial Partial
ok-file-formats through 2018-10-16 has a heap-based buffer overflow in the ok_wav_decode_ms_adpcm_data function in ok_wav.c.
144 CVE-2018-20613 352 CSRF 2018-12-30 2019-01-10
6.8
None Remote Medium Not required Partial Partial Partial
TEMMOKU T1.09 Beta allows admin/user/add CSRF.
145 CVE-2018-20612 352 CSRF 2018-12-30 2019-01-16
6.8
None Remote Medium Not required Partial Partial Partial
UWA 2.3.11 allows index.php?g=admin&c=admin&a=add_admin_do CSRF.
146 CVE-2018-20603 352 CSRF 2018-12-30 2019-01-10
6.8
None Remote Medium Not required Partial Partial Partial
Lei Feng TV CMS (aka LFCMS) 3.8.6 allows admin.php?s=/Member/add.html CSRF.
147 CVE-2018-20599 94 Exec Code 2018-12-30 2019-01-04
6.5
None Remote Low Single system Partial Partial Partial
UCMS 1.4.7 allows remote attackers to execute arbitrary PHP code by entering this code during an index.php sadmin_fileedit action.
148 CVE-2018-20598 352 CSRF 2018-12-30 2019-01-04
6.8
None Remote Medium Not required Partial Partial Partial
UCMS 1.4.7 has ?do=user_addpost CSRF.
149 CVE-2018-20595 352 CSRF 2018-12-30 2019-01-14
6.8
None Remote Medium Not required Partial Partial Partial
A CSRF issue was discovered in web/authorization/oauth2/controller/OAuth2ClientController.java in hsweb 3.0.4 because the state parameter in the request is not compared with the state parameter in the session after user authentication is successful.
150 CVE-2018-20553 125 2018-12-28 2019-01-06
6.8
None Remote Medium Not required Partial Partial Partial
Tcpreplay before 4.3.1 has a heap-based buffer over-read in get_l2len in common/get.c.
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.