# |
CVE ID
|
CWE ID
|
# of Exploits
|
Vulnerability Type(s)
|
Publish Date
|
Update Date
|
Score
|
Gained Access Level
|
Access
|
Complexity
|
Authentication
|
Conf.
|
Integ.
|
Avail.
|
2101 |
CVE-2018-16469 |
20 |
|
DoS |
2018-10-30 |
2019-10-09 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
The merge.recursive function in the merge package <1.2.1 can be tricked into adding or modifying properties of the Object prototype. These properties will be present on all objects allowing for a denial of service attack. |
2102 |
CVE-2018-16467 |
287 |
|
|
2018-10-30 |
2019-10-09 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
A missing check in Nextcloud Server prior to 14.0.0 could give unauthorized access to the previews of single file password protected shares. |
2103 |
CVE-2018-16466 |
273 |
|
|
2018-10-30 |
2019-10-09 |
5.5 |
None |
Remote |
Low |
Single system |
Partial |
Partial |
None |
Improper revalidation of permissions in Nextcloud Server prior to 14.0.0, 13.0.6 and 12.0.11 lead to not accepting access restrictions by acess tokens. |
2104 |
CVE-2018-16457 |
22 |
|
Dir. Trav. |
2018-10-04 |
2018-11-29 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
PHP Scripts Mall Open Source Real-estate Script 3.6.2 allows remote attackers to list the wp-content/themes/template_dp_dec2015/img directory. |
2105 |
CVE-2018-16454 |
20 |
|
DoS |
2018-09-07 |
2018-10-09 |
5.0 |
None |
Remote |
Low |
Not required |
None |
Partial |
None |
PHP Scripts Mall Currency Converter Script 2.0.5 allows remote attackers to cause a denial of service (web-interface change) via an inverted comma. |
2106 |
CVE-2018-16452 |
674 |
|
|
2019-10-03 |
2019-10-11 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
The SMB parser in tcpdump before 4.9.3 has stack exhaustion in smbutil.c:smb_fdata() via recursion. |
2107 |
CVE-2018-16429 |
125 |
|
|
2018-09-03 |
2019-07-31 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
GNOME GLib 2.56.1 has an out-of-bounds read vulnerability in g_markup_parse_context_parse() in gmarkup.c, related to utf8_str(). |
2108 |
CVE-2018-16409 |
918 |
|
|
2018-09-03 |
2018-11-06 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
In Gogs 0.11.53, an attacker can use migrate to send arbitrary HTTP GET requests, leading to SSRF. |
2109 |
CVE-2018-16398 |
|
|
Bypass |
2018-09-03 |
2019-10-02 |
5.0 |
None |
Remote |
Low |
Not required |
None |
Partial |
None |
In Twistlock AuthZ Broker 0.1, regular expressions are mishandled, as demonstrated by containers/aa/pause?aaa=\/start to bypass a policy in which "docker start" is allowed but "docker pause" is not allowed. |
2110 |
CVE-2018-16389 |
89 |
|
Sql |
2018-09-12 |
2018-11-02 |
5.5 |
None |
Remote |
Low |
Single system |
Partial |
Partial |
None |
e107_admin/banlist.php in e107 2.1.8 allows SQL injection via the old_ip parameter. |
2111 |
CVE-2018-16386 |
74 |
|
|
2019-07-05 |
2019-07-15 |
5.0 |
None |
Remote |
Low |
Not required |
None |
Partial |
None |
An issue was discovered in SWIFT Alliance Web Platform 7.1.23. A log injection (and an arbitrary log filename) can be achieved via the PATH_INFO to swp/login/EJBRemoteService/, related to com.swift.ejbgwt.j2ee.client.EjBlnvocationException error log information containing [email protected]:comp/env/ error messages. |
2112 |
CVE-2018-16384 |
89 |
|
Sql Bypass |
2018-09-02 |
2018-10-25 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
A SQL injection bypass (aka PL1 bypass) exists in OWASP ModSecurity Core Rule Set (owasp-modsecurity-crs) through v3.1.0-rc3 via {`a`b} where a is a special function name (such as "if") and b is the SQL statement to be executed. |
2113 |
CVE-2018-16307 |
200 |
|
+Info |
2018-09-05 |
2018-11-14 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
An "Out-of-band resource load" issue was discovered on Xiaomi MIWiFi Xiaomi_55DD Version 2.8.50 devices. It is possible to induce the application to retrieve the contents of an arbitrary external URL and return those contents in its own response. If a domain name (containing a random string) is used in the HTTP Host header, the application performs an HTTP request to the specified domain. The response from that request is then included in the application's own response. |
2114 |
CVE-2018-16303 |
611 |
|
DoS |
2018-09-01 |
2018-10-31 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
PDF-XChange Editor through 7.0.326.1 allows remote attackers to cause a denial of service (resource consumption) via a crafted x:xmpmeta structure, a related issue to CVE-2003-1564. |
2115 |
CVE-2018-16300 |
674 |
|
|
2019-10-03 |
2019-10-11 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
The BGP parser in tcpdump before 4.9.3 allows stack consumption in print-bgp.c:bgp_attr_print() because of unlimited recursion. |
2116 |
CVE-2018-16299 |
22 |
|
Dir. Trav. |
2018-09-24 |
2018-11-23 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
The Localize My Post plugin 1.0 for WordPress allows Directory Traversal via the ajax/include.php file parameter. |
2117 |
CVE-2018-16286 |
287 |
|
Bypass |
2018-09-14 |
2018-11-07 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
LG SuperSign CMS allows authentication bypass because the CAPTCHA requirement is skipped if a captcha:pass cookie is sent, and because the PIN is limited to four digits. |
2118 |
CVE-2018-16239 |
330 |
|
|
2018-08-30 |
2019-10-02 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
An issue was discovered in damiCMS V6.0.1. It relies on the PHP time() function for cookies, which makes it possible to determine the cookie for an existing admin session via 10800 guesses. |
2119 |
CVE-2018-16231 |
20 |
|
DoS |
2018-08-30 |
2018-12-11 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
Michael Roth Software Personal FTP Server (PFTP) through 8.4f allows remote attackers to cause a denial of service (daemon crash) via an unspecified sequence of FTP commands. |
2120 |
CVE-2018-16224 |
200 |
|
+Info |
2018-11-20 |
2018-12-20 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
Incorrect access control for the diagnostic files of the iSmartAlarm Cube One through 2.2.4.10 allows an attacker to retrieve them via a specifically crafted TCP request to port 12345 and 22306, and access sensitive information from the device. |
2121 |
CVE-2018-16223 |
522 |
|
|
2018-11-20 |
2019-10-02 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
Insecure Cryptographic Storage of credentials in com.vestiacom.qbeecamera_preferences.xml in the QBee Cam application through 1.0.5 for Android allows an attacker to retrieve the username and password. |
2122 |
CVE-2018-16202 |
22 |
|
Dir. Trav. |
2019-01-09 |
2019-10-15 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
Directory traversal vulnerability in cordova-plugin-ionic-webview versions prior to 2.2.0 (not including 2.0.0-beta.0, 2.0.0-beta.1, 2.0.0-beta.2, and 2.1.0-0) allows remote attackers to access arbitrary files via unspecified vectors. |
2123 |
CVE-2018-16200 |
78 |
|
Exec Code |
2019-01-09 |
2019-01-24 |
5.8 |
None |
Local Network |
Low |
Not required |
Partial |
Partial |
Partial |
Toshiba Home gateway HEM-GW16A 1.2.9 and earlier, Toshiba Home gateway HEM-GW26A 1.2.9 and earlier allows an attacker on the same network segment to execute arbitrary OS commands. |
2124 |
CVE-2018-16198 |
|
|
|
2019-01-09 |
2019-10-02 |
5.8 |
None |
Local Network |
Low |
Not required |
Partial |
Partial |
Partial |
Toshiba Home gateway HEM-GW16A 1.2.9 and earlier, Toshiba Home gateway HEM-GW26A 1.2.9 and earlier may allow an attacker on the same network segment to access a non-documented developer screen to perform operations on the affected device. |
2125 |
CVE-2018-16178 |
284 |
|
Bypass |
2019-01-09 |
2019-10-02 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
Cybozu Garoon 3.0.0 to 4.10.0 allows remote attackers to bypass access restriction to view information available only for a sign-on user via Single sign-on function. |
2126 |
CVE-2018-16174 |
601 |
|
|
2019-01-09 |
2019-01-11 |
5.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
None |
Open redirect vulnerability in LearnPress prior to version 3.1.0 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors. |
2127 |
CVE-2018-16172 |
20 |
|
|
2019-01-09 |
2019-01-14 |
5.8 |
None |
Remote |
Medium |
Not required |
None |
Partial |
Partial |
Improper countermeasure against clickjacking attack in client certificates management screen was discovered in Cybozu Remote Service 3.0.0 to 3.1.8, that allows remote attackers to trick a user to delete the registered client certificate. |
2128 |
CVE-2018-16163 |
284 |
|
Bypass |
2018-11-15 |
2019-10-02 |
5.5 |
None |
Remote |
Low |
Single system |
None |
Partial |
Partial |
OpenDolphin 2.7.0 and earlier allows authenticated attackers to bypass authentication to create and/or delete other users accounts via unspecified vectors. |
2129 |
CVE-2018-16157 |
74 |
|
|
2018-08-30 |
2018-11-02 |
5.0 |
None |
Remote |
Low |
Not required |
None |
Partial |
None |
waimai Super Cms 20150505 has a logic flaw allowing attackers to modify a price, before form submission, by observing data in a packet capture. By setting the index.php?m=cart&a=save item_totals parameter to zero, the entire cart is sold for free. |
2130 |
CVE-2018-16152 |
347 |
|
|
2018-09-26 |
2018-12-19 |
5.0 |
None |
Remote |
Low |
Not required |
None |
Partial |
None |
In verify_emsa_pkcs1_signature() in gmp_rsa_public_key.c in the gmp plugin in strongSwan 4.x and 5.x before 5.7.0, the RSA implementation based on GMP does not reject excess data in the digestAlgorithm.parameters field during PKCS#1 v1.5 signature verification. Consequently, a remote attacker can forge signatures when small public exponents are being used, which could lead to impersonation when only an RSA signature is used for IKEv2 authentication. This is a variant of CVE-2006-4790 and CVE-2014-1568. |
2131 |
CVE-2018-16151 |
347 |
|
|
2018-09-26 |
2018-12-19 |
5.0 |
None |
Remote |
Low |
Not required |
None |
Partial |
None |
In verify_emsa_pkcs1_signature() in gmp_rsa_public_key.c in the gmp plugin in strongSwan 4.x and 5.x before 5.7.0, the RSA implementation based on GMP does not reject excess data after the encoded algorithm OID during PKCS#1 v1.5 signature verification. Similar to the flaw in the same version of strongSwan regarding digestAlgorithm.parameters, a remote attacker can forge signatures when small public exponents are being used, which could lead to impersonation when only an RSA signature is used for IKEv2 authentication. |
2132 |
CVE-2018-16141 |
22 |
|
Dir. Trav. |
2018-08-30 |
2018-11-06 |
5.5 |
None |
Remote |
Low |
Single system |
None |
Partial |
Partial |
ThinkCMF X2.2.3 has an arbitrary file deletion vulnerability in do_avatar in \application\User\Controller\ProfileController.class.php via an imgurl parameter with a ..\ sequence. A member user can delete any file on a Windows server. |
2133 |
CVE-2018-16133 |
22 |
|
Dir. Trav. |
2018-08-29 |
2018-10-19 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
Cybrotech CyBroHttpServer 1.0.3 allows Directory Traversal via a ../ in the URI. |
2134 |
CVE-2018-16086 |
285 |
|
Bypass |
2019-06-27 |
2019-07-01 |
5.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
None |
Insufficient policy enforcement in extensions API in Google Chrome prior to 69.0.3497.81 allowed an attacker who convinced a user to install a malicious extension to bypass navigation restrictions via a crafted Chrome Extension. |
2135 |
CVE-2018-16059 |
22 |
|
Dir. Trav. |
2018-09-07 |
2018-11-06 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
Endress+Hauser WirelessHART Fieldgate SWG70 3.x devices allow Directory Traversal via the fcgi-bin/wgsetcgi filename parameter. |
2136 |
CVE-2018-16058 |
74 |
|
|
2018-08-29 |
2019-01-16 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
In Wireshark 2.6.0 to 2.6.2, 2.4.0 to 2.4.8, and 2.2.0 to 2.2.16, the Bluetooth AVDTP dissector could crash. This was addressed in epan/dissectors/packet-btavdtp.c by properly initializing a data structure. |
2137 |
CVE-2018-16057 |
74 |
|
|
2018-08-29 |
2019-01-16 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
In Wireshark 2.6.0 to 2.6.2, 2.4.0 to 2.4.8, and 2.2.0 to 2.2.16, the Radiotap dissector could crash. This was addressed in epan/dissectors/packet-ieee80211-radiotap-iter.c by validating iterator operations. |
2138 |
CVE-2018-16056 |
74 |
|
|
2018-08-29 |
2018-10-30 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
In Wireshark 2.6.0 to 2.6.2, 2.4.0 to 2.4.8, and 2.2.0 to 2.2.16, the Bluetooth Attribute Protocol dissector could crash. This was addressed in epan/dissectors/packet-btatt.c by verifying that a dissector for a specific UUID exists. |
2139 |
CVE-2018-16049 |
532 |
|
|
2018-10-03 |
2018-12-04 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
An issue was discovered in GitLab Community and Enterprise Edition before 11.0.6, 11.1.x before 11.1.5, and 11.2.x before 11.2.2. There is Sensitive Data Disclosure in Sidekiq Logs through an Error Message. |
2140 |
CVE-2018-16047 |
125 |
|
|
2019-01-18 |
2019-08-21 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
Adobe Acrobat and Reader versions 2019.008.20081 and earlier, 2019.008.20080 and earlier, 2019.008.20081 and earlier, 2017.011.30106 and earlier version, 2017.011.30105 and earlier version, 2015.006.30457 and earlier, and 2015.006.30456 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. |
2141 |
CVE-2018-16042 |
200 |
|
Bypass +Info |
2019-01-18 |
2019-08-21 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
Adobe Acrobat and Reader versions 2019.008.20081 and earlier, 2019.008.20080 and earlier, 2019.008.20081 and earlier, 2017.011.30106 and earlier version, 2017.011.30105 and earlier version, 2015.006.30457 and earlier, and 2015.006.30456 and earlier have a security bypass vulnerability. Successful exploitation could lead to information disclosure. |
2142 |
CVE-2018-16041 |
125 |
|
|
2019-01-18 |
2019-08-21 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
Adobe Acrobat and Reader versions 2019.008.20081 and earlier, 2019.008.20080 and earlier, 2019.008.20081 and earlier, 2017.011.30106 and earlier version, 2017.011.30105 and earlier version, 2015.006.30457 and earlier, and 2015.006.30456 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. |
2143 |
CVE-2018-16038 |
125 |
|
|
2019-01-18 |
2019-08-21 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
Adobe Acrobat and Reader versions 2019.008.20081 and earlier, 2019.008.20080 and earlier, 2019.008.20081 and earlier, 2017.011.30106 and earlier version, 2017.011.30105 and earlier version, 2015.006.30457 and earlier, and 2015.006.30456 and earlier have a out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. |
2144 |
CVE-2018-16035 |
125 |
|
|
2019-01-18 |
2019-08-21 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
Adobe Acrobat and Reader versions 2019.008.20081 and earlier, 2019.008.20080 and earlier, 2019.008.20081 and earlier, 2017.011.30106 and earlier version, 2017.011.30105 and earlier version, 2015.006.30457 and earlier, and 2015.006.30456 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. |
2145 |
CVE-2018-16031 |
125 |
|
|
2019-01-18 |
2019-08-21 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
Adobe Acrobat and Reader versions 2019.008.20081 and earlier, 2019.008.20080 and earlier, 2019.008.20081 and earlier, 2017.011.30106 and earlier version, 2017.011.30105 and earlier version, 2015.006.30457 and earlier, and 2015.006.30456 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. |
2146 |
CVE-2018-15980 |
125 |
|
|
2018-11-29 |
2018-12-04 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
Adobe Photoshop CC versions 19.1.6 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. |
2147 |
CVE-2018-15979 |
200 |
|
+Info |
2018-11-29 |
2019-08-21 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
Adobe Acrobat and Reader versions 2019.008.20080 and earlier, 2017.011.30105 and earlier, and 2015.006.30456 and earlier have a ntlm sso hash theft vulnerability. Successful exploitation could lead to information disclosure. |
2148 |
CVE-2018-15978 |
125 |
|
|
2018-11-29 |
2018-12-28 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
Flash Player versions 31.0.0.122 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. |
2149 |
CVE-2018-15967 |
200 |
|
+Info |
2018-09-25 |
2019-10-02 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
Adobe Flash Player versions 30.0.0.154 and earlier have a privilege escalation vulnerability. Successful exploitation could lead to information disclosure. |
2150 |
CVE-2018-15964 |
200 |
|
+Info |
2018-09-25 |
2018-11-16 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
Adobe ColdFusion versions July 12 release (2018.0.0.310739), Update 6 and earlier, and Update 14 and earlier have a use of a component with a known vulnerability vulnerability. Successful exploitation could lead to information disclosure. |