| # |
CVE ID
|
CWE ID
|
# of Exploits
|
Vulnerability Type(s)
|
Publish Date
|
Update Date
|
Score
|
Gained Access Level
|
Access
|
Complexity
|
Authentication
|
Conf.
|
Integ.
|
Avail.
|
|
18151 |
CVE-2018-3814 |
74 |
|
Exec Code |
2018-01-01 |
2018-01-17 |
6.5 |
None |
Remote |
Low |
Single system |
Partial |
Partial |
Partial |
|
Craft CMS 2.6.3000 allows remote attackers to execute arbitrary PHP code by using the "Assets->Upload files" screen and then the "Replace it" option, because this allows a .jpg file to have embedded PHP code, and then be renamed to a .php extension. |
|
18152 |
CVE-2018-3813 |
200 |
|
+Info |
2018-01-01 |
2018-01-17 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
getConfigExportFile.cgi on FLIR Brickstream 2300 devices 2.0 4.1.53.166 has Incorrect Access Control, as demonstrated by reading the AVI_USER_ID and AVI_USER_PASSWORD fields via a direct request. |
|
18153 |
CVE-2018-3811 |
89 |
|
Exec Code Sql |
2018-01-01 |
2018-01-16 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
SQL Injection vulnerability in the Oturia Smart Google Code Inserter plugin before 3.5 for WordPress allows unauthenticated attackers to execute SQL queries in the context of the web server. The saveGoogleAdWords() function in smartgooglecode.php did not use prepared statements and did not sanitize the $_POST["oId"] variable before passing it as input into the SQL query. |
|
18154 |
CVE-2018-3810 |
287 |
|
Bypass |
2018-01-01 |
2018-01-16 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Authentication Bypass vulnerability in the Oturia Smart Google Code Inserter plugin before 3.5 for WordPress allows unauthenticated attackers to insert arbitrary JavaScript or HTML code (via the sgcgoogleanalytic parameter) that runs on all pages served by WordPress. The saveGoogleCode() function in smartgooglecode.php does not check if the current request is made by an authorized user, thus allowing any unauthenticated user to successfully update the inserted code. |
|
18155 |
CVE-2018-3809 |
200 |
|
+Info |
2018-06-01 |
2018-07-17 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
Information exposure through directory listings in serve 6.5.3 allows directory listing and file access even when they have been set to be ignored. |
|
18156 |
CVE-2018-3787 |
22 |
|
Dir. Trav. |
2018-08-31 |
2019-10-09 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
Path traversal in simplehttpserver <v0.2.1 allows listing any file on the server. |
|
18157 |
CVE-2018-3786 |
78 |
|
Exec Code |
2018-08-24 |
2019-10-09 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
|
A command injection vulnerability in egg-scripts <v2.8.1 allows arbitrary shell command execution through a maliciously crafted command line argument. |
|
18158 |
CVE-2018-3785 |
78 |
|
Exec Code |
2018-08-17 |
2019-10-09 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
|
A command injection in git-dummy-commit v1.3.0 allows os level commands to be executed due to an unescaped parameter. |
|
18159 |
CVE-2018-3784 |
502 |
|
Exec Code |
2018-08-17 |
2019-10-09 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
A code injection in cryo 0.0.6 allows an attacker to arbitrarily execute code due to insecure implementation of deserialization. |
|
18160 |
CVE-2018-3783 |
89 |
|
Sql |
2018-08-17 |
2019-10-02 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
A privilege escalation detected in flintcms versions <= 1.1.9 allows account takeover due to blind MongoDB injection in password reset. |
|
18161 |
CVE-2018-3779 |
|
|
Exec Code |
2018-08-10 |
2019-10-09 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
|
active-support ruby gem 5.2.0 could allow a remote attacker to execute arbitrary code on the system, caused by containing a malicious backdoor. An attacker could exploit this vulnerability to execute arbitrary code on the system. |
|
18162 |
CVE-2018-3778 |
863 |
|
|
2018-08-08 |
2019-10-09 |
5.0 |
None |
Remote |
Low |
Not required |
None |
Partial |
None |
|
Improper authorization in aedes version <0.35.0 will publish a LWT in a channel when a client is not authorized. |
|
18163 |
CVE-2018-3777 |
172 |
|
|
2018-08-03 |
2019-10-09 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Insufficient URI encoding in restforce before 3.0.0 allows attacker to inject arbitrary parameters into Salesforce API requests. |
|
18164 |
CVE-2018-3776 |
532 |
|
|
2018-08-12 |
2019-10-09 |
5.0 |
None |
Remote |
Low |
Not required |
None |
Partial |
None |
|
Improper input validator in Nextcloud Server prior to 12.0.3 and 11.0.5 could lead to an attacker's actions not being logged in the audit log. |
|
18165 |
CVE-2018-3775 |
287 |
|
Bypass |
2018-08-12 |
2019-10-09 |
4.0 |
None |
Remote |
Low |
Single system |
None |
Partial |
None |
|
Improper Authentication in Nextcloud Server prior to version 12.0.3 would allow an attacker that obtained user credentials to bypass the 2 Factor Authentication. |
|
18166 |
CVE-2018-3774 |
601 |
|
Bypass |
2018-08-12 |
2019-10-09 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Incorrect parsing in url-parse <1.4.3 returns wrong hostname which leads to multiple vulnerabilities such as SSRF, Open Redirect, Bypass Authentication Protocol. |
|
18167 |
CVE-2018-3773 |
79 |
|
XSS |
2018-07-30 |
2019-10-09 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
There is a stored Cross-Site Scripting vulnerability in Open Graph meta properties read by the `metascrape` npm module <= 3.9.2. |
|
18168 |
CVE-2018-3772 |
20 |
|
Exec Code |
2018-07-30 |
2019-10-09 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Concatenating unsanitized user input in the `whereis` npm module < 0.4.1 allowed an attacker to execute arbitrary commands. The `whereis` module is deprecated and it is recommended to use the `which` npm module instead. |
|
18169 |
CVE-2018-3771 |
79 |
|
XSS |
2018-07-20 |
2019-10-09 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
An XSS in statics-server <= 0.0.9 can be used via injected iframe in the filename when statics-server displays directory index in the browser. |
|
18170 |
CVE-2018-3769 |
79 |
|
XSS |
2018-07-05 |
2019-10-09 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
ruby-grape ruby gem suffers from a cross-site scripting (XSS) vulnerability via "format" parameter. |
|
18171 |
CVE-2018-3767 |
|
|
|
2018-07-05 |
2019-10-09 |
6.4 |
None |
Remote |
Low |
Not required |
Partial |
None |
Partial |
|
`memjs` versions <= 1.1.0 allocates and stores buffers on typed input, resulting in DoS and uninitialized memory usage. |
|
18172 |
CVE-2018-3766 |
22 |
|
Dir. Trav. |
2018-07-05 |
2019-10-09 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
Path traversal in buttle module versions <= 0.2.0 allows to read any file in the server. |
|
18173 |
CVE-2018-3762 |
281 |
|
|
2018-07-05 |
2019-10-09 |
4.0 |
None |
Remote |
Low |
Single system |
Partial |
None |
None |
|
Nextcloud Server before 12.0.8 and 13.0.3 suffers from improper checks of dropped permissions for incoming shares allowing a user to still request previews for files it should not have access to. |
|
18174 |
CVE-2018-3761 |
287 |
|
|
2018-07-05 |
2019-10-09 |
5.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
None |
|
Nextcloud Server before 12.0.8 and 13.0.3 suffer from improper authentication on the OAuth2 token endpoint. Missing checks potentially allowed handing out new tokens in case the OAuth2 client was partly compromised. |
|
18175 |
CVE-2018-3760 |
200 |
|
+Info |
2018-06-26 |
2019-10-09 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
There is an information leak vulnerability in Sprockets. Versions Affected: 4.0.0.beta7 and lower, 3.7.1 and lower, 2.12.4 and lower. Specially crafted requests can be used to access files that exists on the filesystem that is outside an application's root directory, when the Sprockets server is used in production. All users running an affected release should either upgrade or use one of the work arounds immediately. |
|
18176 |
CVE-2018-3759 |
362 |
|
|
2018-06-13 |
2019-10-09 |
4.3 |
None |
Remote |
Medium |
Not required |
Partial |
None |
None |
|
private_address_check ruby gem before 0.5.0 is vulnerable to a time-of-check time-of-use (TOCTOU) race condition due to the address the socket uses not being checked. DNS entries with a TTL of 0 can trigger this case where the initial resolution is a public address but the subsequent resolution is a private address. |
|
18177 |
CVE-2018-3758 |
434 |
|
+Priv |
2018-06-07 |
2019-10-09 |
9.0 |
None |
Remote |
Low |
Single system |
Complete |
Complete |
Complete |
|
Unrestricted file upload (RCE) in express-cart module before 1.1.7 allows a privileged user to gain access in the hosting machine. |
|
18178 |
CVE-2018-3757 |
78 |
|
|
2018-06-01 |
2019-10-02 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
|
Command injection exists in pdf-image v2.0.0 due to an unescaped string parameter. |
|
18179 |
CVE-2018-3756 |
347 |
|
Bypass |
2018-06-01 |
2018-07-18 |
5.0 |
None |
Remote |
Low |
Not required |
None |
Partial |
None |
|
Hyperledger Iroha versions v1.0_beta and v1.0.0_beta-1 are vulnerable to transaction and block signature verification bypass in the transaction and block validator allowing a single node to sign a transaction and/or block multiple times, each with a random nonce, and have other validating nodes accept them as separate valid signatures. |
|
18180 |
CVE-2018-3755 |
79 |
|
XSS |
2018-06-01 |
2019-10-09 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
XSS in sexstatic <=0.6.2 causes HTML injection in directory name(s) leads to Stored XSS when malicious file is embed with <iframe> element used in directory name. |
|
18181 |
CVE-2018-3754 |
89 |
|
Sql |
2018-07-03 |
2018-09-04 |
6.5 |
None |
Remote |
Low |
Single system |
Partial |
Partial |
Partial |
|
Node.js third-party module query-mysql versions 0.0.0, 0.0.1, and 0.0.2 are vulnerable to an SQL injection vulnerability due to lack of user input sanitization. This may allow an attacker to run arbitrary SQL queries when fetching data from database. |
|
18182 |
CVE-2018-3753 |
20 |
|
|
2018-07-03 |
2018-08-23 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
The utilities function in all versions <= 1.0.0 of the merge-objects node module can be tricked into modifying the prototype of Object when the attacker can control part of the structure passed to this function. This can let an attacker add or modify existing properties that will exist on all objects. |
|
18183 |
CVE-2018-3752 |
20 |
|
|
2018-07-03 |
2018-08-23 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
The utilities function in all versions <= 1.0.0 of the merge-options node module can be tricked into modifying the prototype of Object when the attacker can control part of the structure passed to this function. This can let an attacker add or modify existing properties that will exist on all objects. |
|
18184 |
CVE-2018-3751 |
20 |
|
|
2018-07-03 |
2018-09-04 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
The utilities function in all versions <= 0.3.0 of the merge-recursive node module can be tricked into modifying the prototype of Object when the attacker can control part of the structure passed to this function. This can let an attacker add or modify existing properties that will exist on all objects. |
|
18185 |
CVE-2018-3750 |
20 |
|
|
2018-07-03 |
2018-08-23 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
The utilities function in all versions <= 0.5.0 of the deep-extend node module can be tricked into modifying the prototype of Object when the attacker can control part of the structure passed to this function. This can let an attacker add or modify existing properties that will exist on all objects. |
|
18186 |
CVE-2018-3749 |
20 |
|
|
2018-07-03 |
2018-08-23 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
The utilities function in all versions < 1.0.1 of the deap node module can be tricked into modifying the prototype of Object when the attacker can control part of the structure passed to this function. This can let an attacker add or modify existing properties that will exist on all objects. |
|
18187 |
CVE-2018-3748 |
79 |
|
Exec Code XSS |
2018-07-03 |
2018-08-28 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
There is a Stored XSS vulnerability in the glance node module versions <= 3.0.5. File name, which contains malicious HTML (eg. embedded iframe element or javascript: pseudo-protocol handler in <a> element) allows to execute JavaScript code against any user who opens a directory listing containing such crafted file name. |
|
18188 |
CVE-2018-3747 |
79 |
|
XSS |
2018-07-03 |
2018-09-06 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
The public node module versions <= 1.0.3 allows to embed HTML in file names, which (in certain conditions) might lead to execute malicious JavaScript. |
|
18189 |
CVE-2018-3746 |
78 |
|
Exec Code |
2018-06-01 |
2019-10-09 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
|
The pdfinfojs NPM module versions <= 0.3.6 has a command injection vulnerability that allows an attacker to execute arbitrary commands on the victim's machine. |
|
18190 |
CVE-2018-3745 |
125 |
|
|
2018-05-29 |
2019-10-09 |
6.4 |
None |
Remote |
Low |
Not required |
Partial |
None |
Partial |
|
atob 2.0.3 and earlier allocates uninitialized Buffers when number is passed in input on Node.js 4.x and below. |
|
18191 |
CVE-2018-3744 |
22 |
|
Dir. Trav. |
2018-05-29 |
2019-10-09 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
The html-pages node module contains a path traversal vulnerabilities that allows an attacker to read any file from the server with cURL. |
|
18192 |
CVE-2018-3743 |
601 |
|
|
2018-06-01 |
2019-10-09 |
5.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
None |
|
Open redirect in hekto <=0.2.3 when target domain name is used as html filename on server. |
|
18193 |
CVE-2018-3741 |
79 |
|
XSS |
2018-03-30 |
2019-10-09 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
There is a possible XSS vulnerability in all rails-html-sanitizer gem versions below 1.0.4 for Ruby. The gem allows non-whitelisted attributes to be present in sanitized output when input with specially-crafted HTML fragments, and these attributes can lead to an XSS attack on target applications. This issue is similar to CVE-2018-8048 in Loofah. All users running an affected release should either upgrade or use one of the workarounds immediately. |
|
18194 |
CVE-2018-3740 |
20 |
|
|
2018-03-30 |
2018-12-28 |
5.0 |
None |
Remote |
Low |
Not required |
None |
Partial |
None |
|
A specially crafted HTML fragment can cause Sanitize gem for Ruby to allow non-whitelisted attributes to be used on a whitelisted HTML element. |
|
18195 |
CVE-2018-3739 |
125 |
|
|
2018-06-06 |
2019-10-09 |
6.4 |
None |
Remote |
Low |
Not required |
Partial |
None |
Partial |
|
https-proxy-agent before 2.1.1 passes auth option to the Buffer constructor without proper sanitization, resulting in DoS and uninitialized memory leak in setups where an attacker could submit typed input to the 'auth' parameter (e.g. JSON). |
|
18196 |
CVE-2018-3738 |
185 |
|
|
2018-06-06 |
2019-10-09 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
protobufjs is vulnerable to ReDoS when parsing crafted invalid .proto files. |
|
18197 |
CVE-2018-3737 |
185 |
|
|
2018-06-06 |
2019-10-09 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
sshpk is vulnerable to ReDoS when parsing crafted invalid public keys. |
|
18198 |
CVE-2018-3736 |
399 |
|
|
2018-06-06 |
2018-07-20 |
6.4 |
None |
Remote |
Low |
Not required |
Partial |
None |
Partial |
|
https-proxy-agent passes unsanitized options to Buffer(arg) resulting in DoS and uninitialized memory leak. |
|
18199 |
CVE-2018-3735 |
79 |
|
XSS |
2018-06-06 |
2019-10-09 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
bracket-template suffers from reflected XSS possible when variable passed via GET parameter is used in template |
|
18200 |
CVE-2018-3734 |
22 |
|
Dir. Trav. |
2018-05-29 |
2019-10-09 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
stattic node module suffers from a Path Traversal vulnerability due to lack of validation of path, which allows a malicious user to read content of any file with known path. |
