CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities (CVSS score between 6 and 6.99)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1801 CVE-2018-16068 20 2019-01-09 2019-01-15
6.8
None Remote Medium Not required Partial Partial Partial
Missing validation in Mojo in Google Chrome prior to 69.0.3497.81 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page.
1802 CVE-2018-16065 416 Exec Code 2019-01-09 2019-01-16
6.8
None Remote Medium Not required Partial Partial Partial
A Javascript reentrancy issues that caused a use-after-free in V8 in Google Chrome prior to 69.0.3497.81 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page.
1803 CVE-2018-16029 416 Exec Code 2019-01-18 2019-08-21
6.8
None Remote Medium Not required Partial Partial Partial
Adobe Acrobat and Reader versions 2019.008.20081 and earlier, 2019.008.20080 and earlier, 2019.008.20081 and earlier, 2017.011.30106 and earlier version, 2017.011.30105 and earlier version, 2015.006.30457 and earlier, and 2015.006.30456 and earlier have a use after free vulnerability. Successful exploitation could lead to arbitrary code execution.
1804 CVE-2018-16027 416 Exec Code 2019-01-18 2019-08-21
6.8
None Remote Medium Not required Partial Partial Partial
Adobe Acrobat and Reader versions 2019.008.20081 and earlier, 2019.008.20080 and earlier, 2019.008.20081 and earlier, 2017.011.30106 and earlier version, 2017.011.30105 and earlier version, 2015.006.30457 and earlier, and 2015.006.30456 and earlier have a use after free vulnerability. Successful exploitation could lead to arbitrary code execution.
1805 CVE-2018-15976 427 2018-10-17 2018-12-17
6.8
None Remote Medium Not required Partial Partial Partial
Adobe Technical Communications Suite versions 1.0.5.1 and below have an insecure library loading (dll hijacking) vulnerability. Successful exploitation could lead to privilege escalation.
1806 CVE-2018-15974 426 2018-10-17 2018-12-17
6.8
None Remote Medium Not required Partial Partial Partial
Adobe Framemaker versions 1.0.5.1 and below have an insecure library loading (dll hijacking) vulnerability. Successful exploitation could lead to privilege escalation.
1807 CVE-2018-15960 20 2018-09-25 2018-11-16
6.4
None Remote Low Not required None Partial Partial
Adobe ColdFusion versions July 12 release (2018.0.0.310739), Update 6 and earlier, and Update 14 and earlier have a use of a component with a known vulnerability vulnerability. Successful exploitation could lead to arbitrary file overwrite.
1808 CVE-2018-15911 119 Exec Code Overflow 2018-08-28 2019-04-25
6.8
None Remote Medium Not required Partial Partial Partial
In Artifex Ghostscript 9.23 before 2018-08-24, attackers able to supply crafted PostScript could use uninitialized memory access in the aesdecode operator to crash the interpreter or potentially execute code.
1809 CVE-2018-15910 704 Exec Code 2018-08-27 2019-04-25
6.8
None Remote Medium Not required Partial Partial Partial
In Artifex Ghostscript before 9.24, attackers able to supply crafted PostScript files could use a type confusion in the LockDistillerParams parameter to crash the interpreter or execute code.
1810 CVE-2018-15909 704 Exec Code 2018-08-27 2019-04-25
6.8
None Remote Medium Not required Partial Partial Partial
In Artifex Ghostscript 9.23 before 2018-08-24, a type confusion using the .shfill operator could be used by attackers able to supply crafted PostScript files to crash the interpreter or potentially execute code.
1811 CVE-2018-15908 254 Bypass 2018-08-27 2018-11-29
6.8
None Remote Medium Not required Partial Partial Partial
In Artifex Ghostscript 9.23 before 2018-08-23, attackers are able to supply malicious PostScript files to bypass .tempfile restrictions and write files.
1812 CVE-2018-15907 254 DoS 2018-08-29 2018-10-29
6.1
None Local Network Low Not required None None Complete
** DISPUTED ** Technicolor (formerly RCA) TC8305C devices allow remote attackers to cause a denial of service (networking outage) via a flood of random MAC addresses, as demonstrated by macof. NOTE: this might overlap CVE-2018-15852 and CVE-2018-16310. NOTE: Technicolor denies that the described behavior is a vulnerability and states that Wi-Fi traffic is slowed or stopped only while the devices are exposed to a MAC flooding attack. This has been confirmed through testing against official up-to-date versions.
1813 CVE-2018-15901 352 CSRF 2018-08-28 2018-11-02
6.8
None Remote Medium Not required Partial Partial Partial
e107 2.1.8 has CSRF in 'usersettings.php' with an impact of changing details such as passwords of users including administrators.
1814 CVE-2018-15892 89 Sql 2019-06-20 2019-06-24
6.0
None Remote Medium Single system Partial Partial Partial
FreePBX 13 and 14 has SQL Injection in the DISA module via the hangup variable on the /admin/config.php?display=disa&view=form page.
1815 CVE-2018-15887 78 Exec Code 2018-08-27 2018-11-05
6.5
None Remote Low Single system Partial Partial Partial
Main_Analysis_Content.asp in ASUS DSL-N12E_C1 1.1.2.3_345 is prone to Authenticated Remote Command Execution, which allows a remote attacker to execute arbitrary OS commands via service parameters, such as shell metacharacters in the destIP parameter of a cmdMethod=ping request.
1816 CVE-2018-15886 94 Exec Code 2018-09-10 2018-11-14
6.5
None Remote Low Single system Partial Partial Partial
Monstra CMS 3.0.4 does not properly restrict modified Snippet content, as demonstrated by the admin/index.php?id=snippets&action=edit_snippet&filename=google-analytics URI, which allows attackers to execute arbitrary PHP code by placing this code after a <?php substring.
1817 CVE-2018-15884 352 2018-08-28 2018-11-08
6.8
None Remote Medium Not required Partial Partial Partial
RICOH MP C4504ex devices allow HTML Injection via the /web/entry/en/address/adrsSetUserWizard.cgi entryNameIn parameter.
1818 CVE-2018-15852 254 DoS 2018-08-25 2018-10-23
6.1
None Local Network Low Not required None None Complete
** DISPUTED ** Technicolor TC7200.20 devices allow remote attackers to cause a denial of service (networking outage) via a flood of random MAC addresses, as demonstrated by macof. NOTE: Technicolor denies that the described behavior is a vulnerability and states that Wi-Fi traffic is slowed or stopped only while the devices are exposed to a MAC flooding attack. This has been confirmed through testing against official up-to-date versions.
1819 CVE-2018-15851 352 CSRF 2018-08-25 2018-10-17
6.8
None Remote Medium Not required Partial Partial Partial
An issue was discovered in Flexo CMS v0.1.6. There is a CSRF vulnerability that can add an administrator via /admin/user/add.
1820 CVE-2018-15850 352 CSRF 2018-08-25 2018-10-17
6.8
None Remote Medium Not required Partial Partial Partial
An issue was discovered in REDAXO CMS 4.7.2. There is a CSRF vulnerability that can add an administrator account via index.php?page=user.
1821 CVE-2018-15848 352 CSRF 2018-08-25 2018-10-17
6.8
None Remote Medium Not required Partial Partial Partial
An issue was discovered in portfolioCMS 1.0.5. There is CSRF to create new pages via admin/portfolio.php?newpage=true.
1822 CVE-2018-15846 352 CSRF 2018-08-25 2018-10-17
6.8
None Remote Medium Not required Partial Partial Partial
An issue was discovered in fledrCMS through 2014-02-03. There is a CSRF vulnerability that can change the administrator's password via index.php?p=done&savedata=1.
1823 CVE-2018-15845 352 CSRF 2018-08-25 2018-10-17
6.8
None Remote Medium Not required Partial Partial Partial
There is a CSRF vulnerability that can add an administrator account in Gleez CMS 1.2.0 via admin/users/add.
1824 CVE-2018-15844 352 CSRF 2018-08-25 2018-10-17
6.8
None Remote Medium Not required Partial Partial Partial
An issue was discovered in DamiCMS 6.0.0. There is an CSRF vulnerability that can revise the administrator account's password via /admin.php?s=/Admin/doedit.
1825 CVE-2018-15832 20 Exec Code 2018-09-20 2018-12-13
6.8
None Remote Medium Not required Partial Partial Partial
upc.exe in Ubisoft Uplay Desktop Client versions 63.0.5699.0 allows remote attackers to execute arbitrary code. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing of URI handlers. The issue results from the lack of proper validation of a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code under the context of the current process.
1826 CVE-2018-15805 611 DoS 2018-12-10 2019-01-03
6.4
None Remote Low Not required Partial None Partial
Accusoft PrizmDoc HTML5 Document Viewer before 13.5 contains an XML external entity (XXE) vulnerability, allowing an attacker to read arbitrary files or cause a denial of service (resource consumption).
1827 CVE-2018-15762 264 2018-11-02 2019-01-08
6.5
None Remote Low Single system Partial Partial Partial
Pivotal Operations Manager, versions 2.0.x prior to 2.0.24, versions 2.1.x prior to 2.1.15, versions 2.2.x prior to 2.2.7, and versions 2.3.x prior to 2.3.1, grants all users a scope which allows for privilege escalation. A remote malicious user who has been authenticated may create a new client with administrator privileges for Opsman.
1828 CVE-2018-15761 264 +Priv 2018-11-19 2018-12-17
6.5
None Remote Low Single system Partial Partial Partial
Cloud Foundry UAA release, versions prior to v64.0, and UAA, versions prior to 4.23.0, contains a validation error which allows for privilege escalation. A remote authenticated user may modify the url and content of a consent page to gain a token with arbitrary scopes that escalates their privileges.
1829 CVE-2018-15758 264 2018-10-18 2019-08-08
6.8
None Remote Medium Not required Partial Partial Partial
Spring Security OAuth, versions 2.3 prior to 2.3.4, and 2.2 prior to 2.2.3, and 2.1 prior to 2.1.3, and 2.0 prior to 2.0.16, and older unsupported versions could be susceptible to a privilege escalation under certain conditions. A malicious user or attacker can craft a request to the approval endpoint that can modify the previously saved authorization request and lead to a privilege escalation on the subsequent approval. This scenario can happen if the application is configured to use a custom approval endpoint that declares AuthorizationRequest as a controller method argument. This vulnerability exposes applications that meet all of the following requirements: Act in the role of an Authorization Server (e.g. @EnableAuthorizationServer) and use a custom Approval Endpoint that declares AuthorizationRequest as a controller method argument. This vulnerability does not expose applications that: Act in the role of an Authorization Server and use the default Approval Endpoint, act in the role of a Resource Server only (e.g. @EnableResourceServer), act in the role of a Client only (e.g. @EnableOAuthClient).
1830 CVE-2018-15755 89 Sql 2018-10-12 2018-12-04
6.5
None Remote Low Single system Partial Partial Partial
Cloud Foundry CF Networking Release, versions 2.11.0 prior to 2.16.0, contain an internal api endpoint vulnerable to SQL injection between Diego cells and the policy server. A remote authenticated malicious user with mTLS certs can issue arbitrary SQL queries and gain access to the policy server.
1831 CVE-2018-15711 264 2018-11-14 2018-12-07
6.5
None Remote Low Single system Partial Partial Partial
Nagios XI 5.5.6 allows remote authenticated attackers to reset and regenerate the API key of more privileged users. The attacker can then use the new API key to execute API calls at elevated privileges.
1832 CVE-2018-15709 77 Exec Code 2018-11-14 2018-12-06
6.5
None Remote Low Single system Partial Partial Partial
Nagios XI 5.5.6 allows remote authenticated attackers to execute arbitrary commands via a crafted HTTP request.
1833 CVE-2018-15702 352 CSRF 2018-10-01 2018-11-27
6.8
None Remote Medium Not required Partial Partial Partial
The web interface in TP-Link TL-WRN841N 0.9.1 4.16 v0348.0 is vulnerable to CSRF due to insufficient validation of the referer field.
1834 CVE-2018-15700 20 DoS 2018-10-01 2018-11-27
6.1
None Local Network Low Not required None None Complete
The web interface in TP-Link TL-WRN841N 0.9.1 4.16 v0348.0 is vulnerable to a denial of service when an unauthenticated LAN user sends a crafted HTTP header containing an unexpected Referer field.
1835 CVE-2018-15698 200 +Info 2018-08-27 2018-10-30
6.8
None Remote Low Single system Complete None None
ASUSTOR Data Master 3.1.5 and below allows authenticated remote non-administrative users to read any file on the file system when providing the full path to loginimage.cgi.
1836 CVE-2018-15694 22 Exec Code Dir. Trav. 2018-08-27 2018-10-30
6.0
None Remote Medium Single system Partial Partial Partial
ASUSTOR Data Master 3.1.5 and below allows authenticated remote non-administrative users to upload files to arbitrary locations due to a path traversal vulnerability. This could lead to code execution if the "Web Server" feature is enabled.
1837 CVE-2018-15685 254 Exec Code 2018-08-23 2018-10-16
6.8
None Remote Medium Not required Partial Partial Partial
GitHub Electron 1.7.15, 1.8.7, 2.0.7, and 3.0.0-beta.6, in certain scenarios involving IFRAME elements and "nativeWindowOpen: true" or "sandbox: true" options, is affected by a WebPreferences vulnerability that can be leveraged to perform remote code execution.
1838 CVE-2018-15682 352 CSRF 2018-09-05 2018-11-06
6.8
None Remote Medium Not required Partial Partial Partial
An issue was discovered in BTITeam XBTIT. Due to a lack of cross-site request forgery protection, it is possible to automate the action of sending private messages to users by luring an authenticated user to a web page that automatically submits a form on their behalf.
1839 CVE-2018-15664 362 Dir. Trav. 2019-05-23 2019-06-25
6.2
None Local High Not required Complete Complete Complete
In Docker through 18.06.1-ce-rc2, the API endpoints behind the 'docker cp' command are vulnerable to a symlink-exchange attack with Directory Traversal, giving attackers arbitrary read-write access to the host filesystem with root privileges, because daemon/archive.go does not do archive operations on a frozen filesystem (or from within a chroot).
1840 CVE-2018-15612 352 CSRF 2018-09-21 2018-11-14
6.8
None Remote Medium Not required Partial Partial Partial
A CSRF vulnerability in the Runtime Config component of Avaya Aura Orchestration Designer could allow an attacker to add, change, or remove administrative settings. Affected versions of Avaya Aura Orchestration Designer include all versions up to 7.2.1.
1841 CVE-2018-15576 94 Exec Code 2018-08-24 2018-11-01
6.8
None Remote Medium Not required Partial Partial Partial
An issue was discovered in EasyLogin Pro through 1.3.0. Encryptor.php contains an unserialize call that can be exploited for remote code execution in the decrypt function, if the attacker knows the key.
1842 CVE-2018-15571 74 2018-08-28 2018-11-07
6.8
None Remote Medium Not required Partial Partial Partial
The Export Users to CSV plugin through 1.1.1 for WordPress allows CSV injection.
1843 CVE-2018-15568 352 CSRF 2018-08-19 2018-11-01
6.8
None Remote Medium Not required Partial Partial Partial
tp5cms through 2017-05-25 has CSRF via admin.php/category/delete.html.
1844 CVE-2018-15565 352 CSRF 2018-08-19 2018-10-12
6.8
None Remote Medium Not required Partial Partial Partial
An issue was discovered in daveismyname simple-cms through 2014-03-11. admin/addpage.php does not require authentication for adding a page. This can also be exploited via CSRF.
1845 CVE-2018-15564 352 CSRF 2018-08-19 2018-10-12
6.8
None Remote Medium Not required Partial Partial Partial
An issue was discovered in daveismyname simple-cms through 2014-03-11. There is a CSRF vulnerability that can delete any page via admin/?delpage=8.
1846 CVE-2018-15539 352 CSRF 2018-10-15 2018-11-30
6.8
None Remote Medium Not required Partial Partial Partial
Agentejo Cockpit lacks an anti-CSRF protection mechanism. Thus, an attacker is able to change API tokens, passwords, etc.
1847 CVE-2018-15529 77 2018-08-28 2019-04-05
6.5
None Remote Low Single system Partial Partial Partial
A command injection vulnerability in maintenance.cgi in Mutiny "Monitoring Appliance" before 6.1.0-5263 allows authenticated users, with access to the admin interface, to inject arbitrary commands within the filename of a system upgrade upload.
1848 CVE-2018-15518 415 2018-12-26 2019-06-03
6.8
None Remote Medium Not required Partial Partial Partial
QXmlStream in Qt 5.x before 5.11.3 has a double-free or corruption during parsing of a specially crafted illegal XML document.
1849 CVE-2018-15514 502 2018-08-31 2018-11-09
6.5
None Remote Low Single system Partial Partial Partial
HandleRequestAsync in Docker for Windows before 18.06.0-ce-rc3-win68 (edge) and before 18.06.0-ce-win72 (stable) deserialized requests over the \\.\pipe\dockerBackend named pipe without verifying the validity of the deserialized .NET objects. This would allow a malicious user in the "docker-users" group (who may not otherwise have administrator access) to escalate to administrator privileges.
1850 CVE-2018-15498 284 2019-03-21 2019-03-28
6.8
None Remote Medium Not required Partial Partial Partial
YSoft SafeQ Server 6 allows a replay attack.
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.