CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities (CVSS score between 6 and 6.99)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
2051 CVE-2018-16713 119 Overflow 2018-09-26 2018-12-27
6.8
None Remote Low Single system Complete None None
IObit Advanced SystemCare, which includes Monitor_win10_x64.sys or Monitor_win7_x64.sys, 1.2.0.5 (and possibly earlier versions) allows a user to send an IOCTL (0x9C402084) with a buffer containing user defined content. The driver's subroutine will execute a rdmsr instruction with the user's buffer for input, and provide output from the instruction.
2052 CVE-2018-16712 200 +Info 2018-09-26 2018-12-27
6.8
None Remote Low Single system Complete None None
IObit Advanced SystemCare, which includes Monitor_win10_x64.sys or Monitor_win7_x64.sys, 1.2.0.5 (and possibly earlier versions) allows a user to send a specially crafted IOCTL 0x9C406104 to read physical memory.
2053 CVE-2018-16711 119 Overflow 2018-09-26 2018-12-11
6.5
None Remote Low Single system Partial Partial Partial
IObit Advanced SystemCare, which includes Monitor_win10_x64.sys or Monitor_win7_x64.sys, 1.2.0.5 (and possibly earlier versions) allows a user to send an IOCTL (0x9C402088) with a buffer containing user defined content. The driver's subroutine will execute a wrmsr instruction with the user's buffer for input.
2054 CVE-2018-16710 200 DoS +Info 2018-09-07 2018-11-14
6.4
None Remote Low Not required Partial None Partial
** DISPUTED ** OctoPrint through 1.3.9 allows remote attackers to obtain sensitive information or cause a denial of service via HTTP requests on port 8081. NOTE: the vendor disputes the significance of this report because their documentation states that with "blind port forwarding ... Putting OctoPrint onto the public internet is a terrible idea, and I really can't emphasize that enough."
2055 CVE-2018-16650 352 CSRF 2018-09-07 2018-11-02
6.8
None Remote Medium Not required Partial Partial Partial
phpMyFAQ before 2.9.11 allows CSRF.
2056 CVE-2018-16634 352 CSRF 2018-12-04 2018-12-27
6.8
None Remote Medium Not required Partial Partial Partial
Pluck v4.7.7 allows CSRF via admin.php?action=settings.
2057 CVE-2018-16621 94 2018-11-15 2019-01-24
6.5
None Remote Low Single system Partial Partial Partial
Sonatype Nexus Repository Manager before 3.14 allows Java Expression Language Injection.
2058 CVE-2018-16604 94 Exec Code 2018-09-06 2018-11-14
6.5
None Remote Low Single system Partial Partial Partial
An issue was discovered in Nibbleblog v4.0.5. With an admin's username and password, an attacker can execute arbitrary PHP code by changing the username because the username is surrounded by double quotes (e.g., "${phpinfo()}").
2059 CVE-2018-16601 191 DoS Exec Code 2018-12-06 2019-01-03
6.8
None Remote Medium Not required Partial Partial Partial
An issue was discovered in Amazon Web Services (AWS) FreeRTOS through 1.3.1, FreeRTOS up to V10.0.1 (with FreeRTOS+TCP), and WITTENSTEIN WHIS Connect middleware TCP/IP component. A crafted IP header triggers a full memory space copy in prvProcessIPPacket, leading to denial of service and possibly remote code execution.
2060 CVE-2018-16585 119 Overflow Mem. Corr. 2018-09-06 2019-10-09
6.8
None Remote Medium Not required Partial Partial Partial
** DISPUTED ** An issue was discovered in Artifex Ghostscript before 9.24. The .setdistillerkeys PostScript command is accepted even though it is not intended for use during document processing (e.g., after the startup phase). This leads to memory corruption, allowing remote attackers able to supply crafted PostScript to crash the interpreter or possibly have unspecified other impact. Note: A reputable source believes that the CVE is potentially a duplicate of CVE-2018-15910 as explained in Red Hat bugzilla (https://bugzilla.redhat.com/show_bug.cgi?id=1626193).
2061 CVE-2018-16554 134 2018-09-15 2019-10-02
6.8
None Remote Medium Not required Partial Partial Partial
The ProcessGpsInfo function of the gpsinfo.c file of jhead 3.00 may allow a remote attacker to cause a denial-of-service attack or unspecified other impact via a malicious JPEG file, because of inconsistency between float and double in a sprintf format string during TAG_GPS_ALT handling.
2062 CVE-2018-16553 284 Exec Code 2019-06-20 2019-06-21
6.5
None Remote Low Single system Partial Partial Partial
In Jspxcms 9.0.0, a vulnerable URL routing implementation allows remote code execution after logging in as web admin.
2063 CVE-2018-16552 352 CSRF 2018-09-05 2018-10-25
6.8
None Remote Medium Not required Partial Partial Partial
MicroPyramid Django-CRM 0.2 allows CSRF for /users/create/, /users/##/edit/, and /accounts/##/delete/ URIs.
2064 CVE-2018-16545 732 Exec Code 2018-09-05 2019-10-02
6.8
None Remote Medium Not required Partial Partial Partial
Kaizen Asset Manager (Enterprise Edition) and Training Manager (Enterprise Edition) allow a remote attacker to achieve arbitrary code execution via file impersonation. For example, a malicious dynamic-link library (dll) assumed the identity of a temporary (tmp) file (isxdl.dll) and an executable file assumed the identity of a temporary file (996E.temp).
2065 CVE-2018-16543 2018-09-05 2018-11-25
6.8
None Remote Medium Not required Partial Partial Partial
In Artifex Ghostscript before 9.24, gssetresolution and gsgetresolution allow attackers to have an unspecified impact.
2066 CVE-2018-16540 416 2018-09-05 2019-04-25
6.8
None Remote Medium Not required Partial Partial Partial
In Artifex Ghostscript before 9.24, attackers able to supply crafted PostScript files to the builtin PDF14 converter could use a use-after-free in copydevice handling to crash the interpreter or possibly have unspecified other impact.
2067 CVE-2018-16526 Exec Code Overflow +Info 2018-12-06 2019-10-02
6.8
None Remote Medium Not required Partial Partial Partial
Amazon Web Services (AWS) FreeRTOS through 1.3.1, FreeRTOS up to V10.0.1 (with FreeRTOS+TCP), and WITTENSTEIN WHIS Connect middleware TCP/IP component allow remote attackers to leak information or execute arbitrary code because of a Buffer Overflow during generation of a protocol checksum in usGenerateProtocolChecksum and prvProcessIPPacket.
2068 CVE-2018-16525 Exec Code Overflow +Info 2018-12-06 2019-10-02
6.8
None Remote Medium Not required Partial Partial Partial
Amazon Web Services (AWS) FreeRTOS through 1.3.1, FreeRTOS up to V10.0.1 (with FreeRTOS+TCP), and WITTENSTEIN WHIS Connect middleware TCP/IP component allow remote attackers to execute arbitrary code or leak information because of a Buffer Overflow during parsing of DNS\LLMNR packets in prvParseDNSReply.
2069 CVE-2018-16522 416 2018-12-06 2019-01-03
6.8
None Remote Medium Not required Partial Partial Partial
Amazon Web Services (AWS) FreeRTOS through 1.3.1 has an uninitialized pointer free in SOCKETS_SetSockOpt.
2070 CVE-2018-16515 347 2018-09-18 2019-10-02
6.5
None Remote Low Single system Partial Partial Partial
Matrix Synapse before 0.33.3.1 allows remote attackers to spoof events and possibly have unspecified other impacts by leveraging improper transaction and event signature validation.
2071 CVE-2018-16513 704 2018-09-05 2019-04-25
6.8
None Remote Medium Not required Partial Partial Partial
In Artifex Ghostscript before 9.24, attackers able to supply crafted PostScript files could use a type confusion in the setcolor function to crash the interpreter or possibly have unspecified other impact.
2072 CVE-2018-16511 704 2018-09-05 2018-11-27
6.8
None Remote Medium Not required Partial Partial Partial
An issue was discovered in Artifex Ghostscript before 9.24. A type confusion in "ztype" could be used by remote attackers able to supply crafted PostScript to crash the interpreter or possibly have unspecified other impact.
2073 CVE-2018-16510 119 Overflow 2018-09-05 2018-11-25
6.8
None Remote Medium Not required Partial Partial Partial
An issue was discovered in Artifex Ghostscript before 9.24. Incorrect exec stack handling in the "CS" and "SC" PDF primitives could be used by remote attackers able to supply crafted PDFs to crash the interpreter or possibly have unspecified other impact.
2074 CVE-2018-16483 269 2019-02-01 2019-10-02
6.5
None Remote Low Single system Partial Partial Partial
A deficiency in the access control in module express-cart <=1.1.5 allows unprivileged users to add new users to the application as administrators.
2075 CVE-2018-16448 352 CSRF 2018-09-04 2018-10-24
6.8
None Remote Medium Not required Partial Partial Partial
Cscms 4 allows CSRF for creating a member via upload/admin.php/user/save, authenticating vip members via upload/admin.php/user/init/tid and upload/admin.php/user/init/rzid, and creating a super administrator and web editor via upload/admin.php/sys/save.
2076 CVE-2018-16447 352 CSRF 2018-09-04 2018-12-31
6.8
None Remote Medium Not required Partial Partial Partial
Frog CMS 0.9.5 has admin/?/user/edit/1 CSRF.
2077 CVE-2018-16446 22 Dir. Trav. 2018-09-04 2018-10-24
6.4
None Remote Low Not required None Partial Partial
An issue was discovered in SeaCMS through 6.61. adm1n/admin_database.php allows remote attackers to delete arbitrary files via directory traversal sequences in the bakfiles parameter. This can allow the product to be reinstalled by deleting install_lock.txt.
2078 CVE-2018-16444 918 2018-09-04 2018-10-24
6.4
None Remote Low Not required Partial Partial None
An issue was discovered in SeaCMS 6.61. adm1n/admin_reslib.php has SSRF via the url parameter.
2079 CVE-2018-16438 125 2018-09-03 2018-10-26
6.8
None Remote Medium Not required Partial Partial Partial
An issue was discovered in the HDF HDF5 1.8.20 library. There is an out of bounds read in H5L_extern_query at H5Lexternal.c.
2080 CVE-2018-16436 89 Sql 2018-09-05 2018-11-05
6.5
None Remote Low Single system Partial Partial Partial
Gxlcms 2.0 before bug fix 20180915 has SQL Injection exploitable by an administrator.
2081 CVE-2018-16431 352 CSRF 2018-09-03 2018-11-02
6.8
None Remote Medium Not required Partial Partial Partial
admin/admin/adminsave.html in YFCMF v3.0 allows CSRF to add an administrator account.
2082 CVE-2018-16430 125 2018-09-03 2018-10-25
6.8
None Remote Medium Not required Partial Partial Partial
GNU Libextractor through 1.7 has an out-of-bounds read vulnerability in EXTRACTOR_zip_extract_method() in zip_extractor.c.
2083 CVE-2018-16416 352 CSRF 2018-09-03 2018-10-25
6.8
None Remote Medium Not required Partial Partial Partial
Cross-site request forgery (CSRF) vulnerability in my_profile/edit?inline= in FUEL CMS 1.4 allows remote attackers to change the administrator's password.
2084 CVE-2018-16413 125 2018-09-03 2019-10-02
6.8
None Remote Medium Not required Partial Partial Partial
ImageMagick 7.0.8-11 Q16 has a heap-based buffer over-read in the MagickCore/quantum-private.h PushShortPixel function when called from the coders/psd.c ParseImageResourceBlocks function.
2085 CVE-2018-16412 125 2018-09-03 2019-10-02
6.8
None Remote Medium Not required Partial Partial Partial
ImageMagick 7.0.8-11 Q16 has a heap-based buffer over-read in the coders/psd.c ParseImageResourceBlocks function.
2086 CVE-2018-16396 2018-11-16 2019-10-02
6.8
None Remote Medium Not required Partial Partial Partial
An issue was discovered in Ruby before 2.3.8, 2.4.x before 2.4.5, 2.5.x before 2.5.2, and 2.6.x before 2.6.0-preview3. It does not taint strings that result from unpacking tainted strings with some formats.
2087 CVE-2018-16388 434 Exec Code 2018-09-12 2018-11-02
6.5
None Remote Low Single system Partial Partial Partial
e107_web/js/plupload/upload.php in e107 2.1.8 allows remote attackers to execute arbitrary PHP code by uploading a .php filename with the image/jpeg content type.
2088 CVE-2018-16387 352 CSRF 2018-09-02 2018-10-24
6.8
None Remote Medium Not required Partial Partial Partial
An issue was discovered in Elefant CMS before 2.0.5. There is a CSRF vulnerability that can add an account via user/add.
2089 CVE-2018-16380 352 CSRF 2018-09-02 2019-09-23
6.8
None Remote Medium Not required Partial Partial Partial
An issue was discovered in Ogma CMS 0.4 Beta. There is a CSRF vulnerability in users.php?action=createnew that can add an admin account.
2090 CVE-2018-16376 787 DoS Overflow 2018-09-02 2018-10-31
6.8
None Remote Medium Not required Partial Partial Partial
An issue was discovered in OpenJPEG 2.3.0. A heap-based buffer overflow was discovered in the function t2_encode_packet in lib/openmj2/t2.c. The vulnerability causes an out-of-bounds write, which may lead to remote denial of service or possibly unspecified other impact.
2091 CVE-2018-16375 119 Overflow 2018-09-02 2018-11-13
6.8
None Remote Medium Not required Partial Partial Partial
An issue was discovered in OpenJPEG 2.3.0. Missing checks for header_info.height and header_info.width in the function pnmtoimage in bin/jpwl/convert.c can lead to a heap-based buffer overflow.
2092 CVE-2018-16366 352 CSRF 2018-09-02 2019-04-16
6.8
None Remote Medium Not required Partial Partial Partial
An issue was discovered in idreamsoft iCMS V7.0.10. admincp.php?app=user&do=save allows CSRF.
2093 CVE-2018-16365 352 CSRF 2018-09-02 2019-04-16
6.8
None Remote Medium Not required Partial Partial Partial
An issue was discovered in idreamsoft iCMS V7.0.10. admincp.php?app=group&do=save allows CSRF.
2094 CVE-2018-16345 352 CSRF 2018-09-02 2018-11-13
6.8
None Remote Medium Not required Partial Partial Partial
An issue was discovered in EasyCMS 1.5. There is a CSRF vulnerability that can update the admin password via index.php?s=/admin/rbacuser/update/navTabId/listusers/callbackType/closeCurrent.
2095 CVE-2018-16344 22 Dir. Trav. 2018-09-02 2018-11-13
6.4
None Remote Low Not required None Partial Partial
An issue was discovered in zzcms 8.3. It allows remote attackers to delete arbitrary files via directory traversal sequences in the flv parameter. This can be leveraged for database access by deleting install.lock.
2096 CVE-2018-16343 94 Exec Code 2018-09-02 2018-11-13
6.5
None Remote Low Single system Partial Partial Partial
SeaCMS 6.61 allows remote attackers to execute arbitrary code because parseIf() in include/main.class.php does not block use of $GLOBALS.
2097 CVE-2018-16339 352 CSRF 2018-09-02 2018-10-25
6.8
None Remote Medium Not required Partial Partial Partial
An issue was discovered in EmpireCMS 7.0. There is a CSRF vulnerability that can add administrators via upload/e/admin/user/AddUser.php?enews=AddUser.
2098 CVE-2018-16338 352 CSRF 2018-09-02 2018-10-25
6.8
None Remote Medium Not required Partial Partial Partial
An issue was discovered in AuraCMS 2.3. There is a CSRF vulnerability that can change the administrator's password via admin.php?mod=users and subsequently add a page or menu, or submit a topic.
2099 CVE-2018-16335 119 DoS Overflow 2018-09-01 2018-12-01
6.8
None Remote Medium Not required Partial Partial Partial
newoffsets handling in ChopUpSingleUncompressedStrip in tif_dirread.c in LibTIFF 4.0.9 allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted TIFF file, as demonstrated by tiff2pdf. This is a different vulnerability than CVE-2018-15209.
2100 CVE-2018-16332 352 CSRF 2018-09-01 2018-10-24
6.8
None Remote Medium Not required Partial Partial Partial
An issue was discovered in iCMS 7.0.9. There is an admincp.php?app=article&do=update CSRF vulnerability.
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.