CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities (CVSS score between 6 and 6.99)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
2301 CVE-2018-5708 255 2018-03-30 2019-04-11
6.1
None Local Network Low Not required Complete None None
An issue was discovered on D-Link DIR-601 B1 2.02NA devices. Being on the same local network as, but being unauthenticated to, the administrator's panel, a user can obtain the admin username and cleartext password in the response (specifically, the configuration file restore_default), which is displayed in XML.
2302 CVE-2018-5706 264 2018-01-16 2018-02-02
6.5
None Remote Low Single system Partial Partial Partial
An issue was discovered in Octopus Deploy before 4.1.9. Any user with user editing permissions can modify teams to give themselves Administer System permissions even if they didn't have them, as demonstrated by use of the RoleEdit or TeamEdit permission.
2303 CVE-2018-5702 264 Exec Code 2018-01-15 2018-10-21
6.8
None Remote Medium Not required Partial Partial Partial
Transmission through 2.92 relies on X-Transmission-Session-Id (which is not a forbidden header for Fetch) for access control, which allows remote attackers to execute arbitrary RPC commands, and consequently write to arbitrary files, via POST requests to /transmission/rpc in conjunction with a DNS rebinding attack.
2304 CVE-2018-5700 22 Exec Code Dir. Trav. 2018-01-14 2018-02-05
6.5
None Remote Low Single system Partial Partial Partial
Winmail Server through 6.2 allows remote code execution by authenticated users who leverage directory traversal in a netdisk.php copy_folder_file call (in inc/class.ftpfolder.php) to move a .php file from the FTP folder into a web folder.
2305 CVE-2018-5698 119 Overflow 2018-01-13 2018-02-02
6.8
None Remote Medium Not required Partial Partial Partial
libreadstat.a in WizardMac ReadStat 0.1.1 has a heap-based buffer over-read via an unterminated string.
2306 CVE-2018-5697 89 Sql 2018-01-13 2018-02-01
6.5
None Remote Low Single system Partial Partial Partial
Icy Phoenix 2.2.0.105 allows SQL injection via an unapprove request to admin_kb_art.php or the order parameter to admin_jr_admin.php, related to functions_kb.php.
2307 CVE-2018-5695 89 Sql 2018-01-13 2018-02-01
6.5
None Remote Low Single system Partial Partial Partial
The WpJobBoard plugin 4.4.4 for WordPress allows SQL injection via the order or sort parameter to the wpjb-job or wpjb-alerts module, with a request to wp-admin/admin.php.
2308 CVE-2018-5694 77 Exec Code 2018-01-13 2018-02-05
6.5
None Remote Low Single system Partial Partial Partial
The callforward module in User Control Panel (UCP) in Nicolas Gudino (aka Asternic) Flash Operator Panel (FOP) 2.31.03 allows remote authenticated users to execute arbitrary commands via the command parameter.
2309 CVE-2018-5684 119 DoS Overflow 2018-01-13 2018-02-02
6.8
None Remote Medium Not required Partial Partial Partial
In Libav through 12.2, there is an invalid memcpy call in the ff_mov_read_stsd_entries function of libavformat/mov.c. Remote attackers could leverage this vulnerability to cause a denial of service (segmentation fault) and program failure with a crafted avi file.
2310 CVE-2018-5680 125 Exec Code 2018-05-24 2018-06-08
6.8
None Remote Medium Not required Partial Partial Partial
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader before 9.1 and PhantomPDF before 9.1. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing of specially crafted pdf files with embedded u3d images. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated object. An attacker can leverage this in conjunction with other vulnerabilities to execute code in the context of the current process, a different vulnerability than CVE-2018-5677 and CVE-2018-5679.
2311 CVE-2018-5679 125 Exec Code 2018-05-24 2018-06-08
6.8
None Remote Medium Not required Partial Partial Partial
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader before 9.1 and PhantomPDF before 9.1. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing of specially crafted pdf files with embedded u3d images. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated object. An attacker can leverage this in conjunction with other vulnerabilities to execute code in the context of the current process, a different vulnerability than CVE-2018-5677 and CVE-2018-5680.
2312 CVE-2018-5678 119 Exec Code Overflow 2018-05-24 2018-06-08
6.8
None Remote Medium Not required Partial Partial Partial
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader before 9.1 and PhantomPDF before 9.1. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing of specially crafted pdf files with embedded u3d images. Crafted data in the PDF file can trigger an overflow of a heap-based buffer. An attacker can leverage this vulnerability to execute code under the context of the current process, a different vulnerability than CVE-2018-5674 and CVE-2018-5676.
2313 CVE-2018-5677 125 Exec Code 2018-05-24 2018-06-08
6.8
None Remote Medium Not required Partial Partial Partial
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader before 9.1 and PhantomPDF before 9.1. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing of specially crafted pdf files with embedded u3d images. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated object. An attacker can leverage this in conjunction with other vulnerabilities to execute code in the context of the current process, a different vulnerability than CVE-2018-5679 and CVE-2018-5680.
2314 CVE-2018-5676 119 Exec Code Overflow 2018-05-24 2018-06-08
6.8
None Remote Medium Not required Partial Partial Partial
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader before 9.1 and PhantomPDF before 9.1. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing of specially crafted pdf files with embedded u3d images. Crafted data in the PDF file can trigger an overflow of a heap-based buffer. An attacker can leverage this vulnerability to execute code under the context of the current process, a different vulnerability than CVE-2018-5674 and CVE-2018-5678.
2315 CVE-2018-5675 787 Exec Code 2018-05-24 2018-06-08
6.8
None Remote Medium Not required Partial Partial Partial
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader before 9.1 and PhantomPDF before 9.1. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing of specially crafted pdf files with embedded u3d images. Crafted data in the PDF file can trigger an out-of-bounds write on a buffer. An attacker can leverage this vulnerability to execute code under the context of the current process.
2316 CVE-2018-5674 119 Exec Code Overflow 2018-05-24 2018-06-08
6.8
None Remote Medium Not required Partial Partial Partial
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader before 9.1 and PhantomPDF before 9.1. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing of specially crafted pdf files with embedded u3d images. Crafted data in the PDF file can trigger an overflow of a heap-based buffer. An attacker can leverage this vulnerability to execute code under the context of the current process, a different vulnerability than CVE-2018-5676 and CVE-2018-5678.
2317 CVE-2018-5673 352 CSRF 2018-01-12 2018-01-23
6.8
None Remote Medium Not required Partial Partial Partial
An issue was discovered in the booking-calendar plugin 2.1.7 for WordPress. CSRF exists via wp-admin/admin.php.
2318 CVE-2018-5669 352 CSRF 2018-01-12 2018-01-23
6.8
None Remote Medium Not required Partial Partial Partial
An issue was discovered in the read-and-understood plugin 2.1 for WordPress. CSRF exists via wp-admin/options-general.php.
2319 CVE-2018-5658 352 CSRF 2018-01-12 2018-01-25
6.8
None Remote Medium Not required Partial Partial Partial
An issue was discovered in the responsive-coming-soon-page plugin 1.1.18 for WordPress. CSRF exists via wp-admin/admin.php.
2320 CVE-2018-5656 352 CSRF 2018-01-12 2018-01-24
6.8
None Remote Medium Not required Partial Partial Partial
An issue was discovered in the weblizar-pinterest-feeds plugin 1.1.1 for WordPress. CSRF exists via wp-admin/admin-ajax.php.
2321 CVE-2018-5545 20 Exec Code 2018-09-13 2018-11-28
6.5
None Remote Low Single system Partial Partial Partial
On F5 WebSafe Alert Server 1.0.0-4.2.6, a malicious, authenticated user can execute code on the alert server by using a maliciously crafted payload.
2322 CVE-2018-5542 20 2018-07-25 2018-09-17
6.8
None Remote Medium Not required Partial Partial Partial
F5 BIG-IP 13.0.0-13.0.1, 12.1.0-12.1.3.6, or 11.2.1-11.6.3.2 HTTPS health monitors do not validate the identity of the monitored server.
2323 CVE-2018-5531 20 DoS 2018-07-25 2018-09-18
6.1
None Local Network Low Not required None None Complete
Through undisclosed methods, on F5 BIG-IP 13.0.0-13.1.0.7, 12.1.0-12.1.3.5, 11.6.0-11.6.3.1, or 11.2.1-11.5.6, adjacent network attackers can cause a denial of service for VCMP guest and host systems. Attack must be sourced from adjacent network (layer 2).
2324 CVE-2018-5523 264 2018-06-01 2018-08-01
6.5
None Remote Low Single system Partial Partial Partial
On F5 BIG-IP 13.1.0-13.1.0.3, 13.0.0, 12.1.0-12.1.3.1, 11.6.1-11.6.3.1, 11.5.1-11.5.5, or 11.2.1 and Enterprise Manager 3.1.1, when authenticated administrative users run commands in the Traffic Management User Interface (TMUI), also referred to as the BIG-IP Configuration utility, restrictions on allowed commands may not be enforced.
2325 CVE-2018-5515 20 2018-05-02 2018-06-13
6.3
None Remote Medium Single system None None Complete
On F5 BIG-IP 13.0.0-13.1.0.5, using RADIUS authentication responses from a RADIUS server with IPv6 addresses may cause TMM to crash, leading to a failover event.
2326 CVE-2018-5511 284 Exec Code 2018-04-13 2019-03-28
6.5
None Remote Low Single system Partial Partial Partial
On F5 BIG-IP 13.1.0-13.1.0.3 or 13.0.0, when authenticated administrative users execute commands in the Traffic Management User Interface (TMUI), also referred to as the BIG-IP Configuration utility, restrictions on allowed commands may not be enforced.
2327 CVE-2018-5490 264 2018-08-03 2018-10-17
6.5
None Remote Low Single system Partial Partial Partial
Read-Only export policy rules are not correctly enforced in Clustered Data ONTAP 8.3 Release Candidate versions and therefore may allow more than "read-only" access from authenticated SMBv2 and SMBv3 clients. This behavior has been resolved in the GA release. Customers running prior release candidates (RCs) are requested to update their systems to the NetApp Data ONTAP 8.3 GA release.
2328 CVE-2018-5476 119 Exec Code Overflow 2018-03-15 2018-04-12
6.8
None Remote Medium Not required Partial Partial Partial
A Stack-based Buffer Overflow issue was discovered in Delta Electronics Delta Industrial Automation DOPSoft, Version 4.00.01 or prior. Stack-based buffer overflow vulnerabilities caused by processing specially crafted .dop or .dpb files may allow an attacker to remotely execute arbitrary code.
2329 CVE-2018-5467 284 2018-03-06 2018-03-29
6.4
None Remote Low Not required Partial Partial None
An Information Exposure Through Query Strings in GET Request issue was discovered in Belden Hirschmann RS, RSR, RSB, MACH100, MACH1000, MACH4000, MS, and OCTOPUS Classic Platform Switches. An information exposure through query strings vulnerability in the web interface has been identified, which may allow an attacker to impersonate a legitimate user.
2330 CVE-2018-5465 384 2018-03-06 2018-03-29
6.8
None Remote Medium Not required Partial Partial Partial
A Session Fixation issue was discovered in Belden Hirschmann RS, RSR, RSB, MACH100, MACH1000, MACH4000, MS, and OCTOPUS Classic Platform Switches. A session fixation vulnerability in the web interface has been identified, which may allow an attacker to hijack web sessions.
2331 CVE-2018-5457 427 2018-02-06 2018-03-13
6.9
None Local Medium Not required Complete Complete Complete
A uncontrolled search path element issue was discovered in Vyaire Medical CareFusion Upgrade Utility used with Windows XP systems, Versions 2.0.2.2 and prior versions. A successful exploit of this vulnerability requires the local user to install a crafted DLL on the target machine. The application loads the DLL and gives the attacker access at the same privilege level as the application.
2332 CVE-2018-5454 264 Exec Code 2018-03-26 2018-04-17
6.8
None Remote Medium Not required Partial Partial Partial
Philips IntelliSpace Portal all versions of 8.0.x, and 7.0.x have a vulnerability where code debugging methods are enabled, which could allow an attacker to remotely execute arbitrary code during runtime.
2333 CVE-2018-5434 611 2018-06-13 2018-08-11
6.8
None Remote Low Single system Complete None None
The TIBCO Designer component of TIBCO Software Inc.'s TIBCO Runtime Agent, and TIBCO Runtime Agent for z/Linux contains vulnerabilities wherein a malicious user could perform XML external entity expansion (XXE) attacks to disclose host machine information. Affected releases are TIBCO Software Inc.'s TIBCO Runtime Agent: versions up to and including 5.10.0, and TIBCO Runtime Agent for z/Linux: versions up to and including 5.9.1.
2334 CVE-2018-5433 611 2018-06-13 2018-08-11
6.8
None Remote Low Single system Complete None None
The TIBCO Administrator server component of TIBCO Software Inc.'s TIBCO Administrator - Enterprise Edition, and TIBCO Administrator - Enterprise Edition for z/Linux contains vulnerabilities wherein a malicious user could perform XML external entity expansion (XXE) attacks to disclose host machine information. Affected releases are TIBCO Software Inc.'s TIBCO Administrator - Enterprise Edition: versions up to and including 5.10.0, and TIBCO Administrator - Enterprise Edition for z/Linux: versions up to and including 5.9.1.
2335 CVE-2018-5429 264 Exec Code 2018-04-17 2018-05-23
6.5
None Remote Low Single system Partial Partial Partial
A vulnerability in the report scripting component of TIBCO Software Inc.'s TIBCO JasperReports Server, TIBCO JasperReports Server Community Edition, TIBCO JasperReports Server for ActiveMatrix BPM, TIBCO JasperReports Library, TIBCO JasperReports Library Community Edition, TIBCO JasperReports Library for ActiveMatrix BPM, TIBCO Jaspersoft for AWS with Multi-Tenancy, TIBCO Jaspersoft Reporting and Analytics for AWS, TIBCO Jaspersoft Studio, TIBCO Jaspersoft Studio Community Edition, and TIBCO Jaspersoft Studio for ActiveMatrix BPM may allow analytic reports that contain scripting to perform arbitrary code execution. Affected releases include TIBCO Software Inc.'s TIBCO JasperReports Server: versions up to and including 6.2.4; 6.3.0; 6.3.2;6.3.3; 6.4.0; 6.4.2, TIBCO JasperReports Server Community Edition: versions up to and including 6.4.2, TIBCO JasperReports Server for ActiveMatrix BPM: versions up to and including 6.4.2, TIBCO JasperReports Library: versions up to and including 6.2.4; 6.3.0; 6.3.2; 6.3.3; 6.4.0; 6.4.1; 6.4.2, TIBCO JasperReports Library Community Edition: versions up to and including 6.4.3, TIBCO JasperReports Library for ActiveMatrix BPM: versions up to and including 6.4.2, TIBCO Jaspersoft for AWS with Multi-Tenancy: versions up to and including 6.4.2, TIBCO Jaspersoft Reporting and Analytics for AWS: versions up to and including 6.4.2, TIBCO Jaspersoft Studio: versions up to and including 6.2.4; 6.3.0; 6.3.2; 6.3.3; 6.4.0; 6.4.2, TIBCO Jaspersoft Studio Community Edition: versions up to and including 6.4.3, TIBCO Jaspersoft Studio for ActiveMatrix BPM: versions up to and including 6.4.2.
2336 CVE-2018-5402 310 2018-10-08 2019-01-17
6.5
None Remote Low Single system Partial Partial Partial
The Auto-Maskin DCU 210E, RP-210E, and Marine Pro Observer Android App use an embedded webserver that uses unencrypted plaintext for the transmission of the administrator PIN Impact: An attacker once authenticated can change configurations, upload new configuration files, and upload executable code via file upload for firmware updates. Requires access to the network. Affected releases are Auto-Maskin DCU-210E, RP-210E, and the Marine Pro Observer Android App. Versions prior to 3.7 on ARMv7.
2337 CVE-2018-5400 346 2018-10-08 2019-01-24
6.4
None Remote Low Not required Partial Partial None
The Auto-Maskin products utilize an undocumented custom protocol to set up Modbus communications with other devices without validating those devices. The originating device sends a message in plaintext, 48:65:6c:6c:6f:20:57:6f:72:6c:64, "Hello World" over UDP ports 44444-44446 to the broadcast address for the LAN. Without verification devices respond to any of these broadcast messages on the LAN with a plaintext reply over UDP containing the device model and firmware version. Following this exchange the devices allow Modbus transmissions between the two devices on the standard Modbus port 502 TCP. Impact: An attacker can exploit this vulnerability to send arbitrary messages to any DCU or RP device through spoofing or replay attacks as long as they have access to the network. Affected releases are Auto-Maskin DCU-210E RP-210E: Versions prior to 3.7 on ARMv7.
2338 CVE-2018-5385 384 Bypass 2018-07-24 2018-09-21
6.8
None Remote Medium Not required Partial Partial Partial
Navarino Infinity is prone to session fixation attacks. The server accepts the session ID as a GET parameter which can lead to bypassing the two factor authentication in some installations. This could lead to phishing attacks that can bypass the two factor authentication that is present in some installations.
2339 CVE-2018-5374 89 Sql 2018-01-12 2018-01-24
6.5
None Remote Low Single system Partial Partial Partial
The Dbox 3D Slider Lite plugin through 1.2.2 for WordPress has SQL Injection via settings\sliders.php (current_slider_id parameter).
2340 CVE-2018-5373 89 Sql 2018-01-12 2018-01-24
6.5
None Remote Low Single system Partial Partial Partial
The Smooth Slider plugin through 2.8.6 for WordPress has SQL Injection via smooth-slider.php (trid parameter).
2341 CVE-2018-5372 89 Sql 2018-01-12 2018-01-24
6.5
None Remote Low Single system Partial Partial Partial
The Testimonial Slider plugin through 1.2.4 for WordPress has SQL Injection via settings\sliders.php (current_slider_id parameter).
2342 CVE-2018-5368 352 CSRF 2018-01-12 2018-01-29
6.8
None Remote Medium Not required Partial Partial Partial
The SrbTransLatin plugin 1.46 for WordPress has CSRF via an srbtranslatoptions action to wp-admin/options-general.php.
2343 CVE-2018-5361 79 XSS CSRF 2018-01-12 2018-01-23
6.8
None Remote Medium Not required Partial Partial Partial
The WPGlobus plugin 1.9.6 for WordPress has CSRF via wp-admin/options.php.
2344 CVE-2018-5360 125 2018-01-13 2019-04-22
6.8
None Remote Medium Not required Partial Partial Partial
LibTIFF before 4.0.6 mishandles the reading of TIFF files, as demonstrated by a heap-based buffer over-read in the ReadTIFFImage function in coders/tiff.c in GraphicsMagick 1.3.27.
2345 CVE-2018-5345 119 Exec Code Overflow 2018-01-11 2018-03-18
6.8
None Remote Medium Not required Partial Partial Partial
A stack-based buffer overflow within GNOME gcab through 0.7.4 can be exploited by malicious attackers to cause a crash or, potentially, execute arbitrary code via a crafted .cab file.
2346 CVE-2018-5342 264 2018-04-18 2018-04-24
6.5
None Remote Low Single system Partial Partial Partial
An issue was discovered in Zoho ManageEngine Desktop Central 10.0.124 and 10.0.184: network services (Desktop Central and PostgreSQL) running with a superuser account.
2347 CVE-2018-5340 284 2018-04-18 2018-04-27
6.5
None Remote Low Single system Partial Partial Partial
An issue was discovered in Zoho ManageEngine Desktop Central 10.0.124 and 10.0.184: database access using a superuser account (specifically, an account with permission to write to the filesystem via SQL queries).
2348 CVE-2018-5337 22 Dir. Trav. 2018-04-18 2018-04-27
6.4
None Remote Low Not required Partial Partial None
An issue was discovered in Zoho ManageEngine Desktop Central 10.0.124 and 10.0.184: directory traversal in the SCRIPT_NAME field when modifying existing scripts.
2349 CVE-2018-5329 352 CSRF 2018-01-15 2018-02-05
6.8
None Remote Medium Not required Partial Partial Partial
ZUUSE BEIMS ContractorWeb .NET 5.18.0.0 is vulnerable to Cross-Site Request Forgery (CSRF) on /CWEBNET/* authenticated pages. A successful CSRF attack can force the user to modify state: creating users, changing an email address, and so forth. If the victim is an administrative account, CSRF can compromise the entire web application.
2350 CVE-2018-5308 476 2018-01-09 2018-01-29
6.8
None Remote Medium Not required Partial Partial Partial
PoDoFo 0.9.5 does not properly validate memcpy arguments in the PdfMemoryOutputStream::Write function (base/PdfOutputStream.cpp). Remote attackers could leverage this vulnerability to cause a denial-of-service or possibly unspecified other impact via a crafted pdf file.
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.