CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities Published In November 2018

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
201 CVE-2018-19205 200 +Info 2018-11-12 2018-12-13
5.0
None Remote Low Not required Partial None None
Roundcube before 1.3.7 mishandles GnuPG MDC integrity-protection warnings, which makes it easier for attackers to obtain sensitive information, a related issue to CVE-2017-17688. This is associated with plugins/enigma/lib/enigma_driver_gnupg.php.
202 CVE-2018-19204 20 Exec Code 2018-11-12 2019-10-02
9.0
None Remote Low Single system Complete Complete Complete
PRTG Network Monitor before 18.3.44.2054 allows a remote authenticated attacker (with read-write privileges) to execute arbitrary code and OS commands with system privileges. When creating an HTTP Advanced Sensor, the user's input in the POST parameter 'proxyport_' is mishandled. The attacker can craft an HTTP request and override the 'writeresult' command-line parameter for HttpAdvancedSensor.exe to store arbitrary data in an arbitrary place on the file system. For example, the attacker can create an executable file in the \Custom Sensors\EXE directory and execute it by creating EXE/Script Sensor.
203 CVE-2018-19203 2018-11-12 2018-11-12
0.0
None ??? ??? ??? ??? ??? ???
PRTG Network Monitor before 18.2.41.1652 allows remote unauthenticated attackers to terminate the PRTG Core Server Service via a special HTTP request.
204 CVE-2018-19200 476 2018-11-12 2018-12-12
5.0
None Remote Low Not required None None Partial
An issue was discovered in uriparser before 0.9.0. UriCommon.c allows attempted operations on NULL input via a uriResetUri* function.
205 CVE-2018-19199 190 Overflow 2018-11-12 2019-08-06
7.5
None Remote Low Not required Partial Partial Partial
An issue was discovered in uriparser before 0.9.0. UriQuery.c allows an integer overflow via a uriComposeQuery* or uriComposeQueryEx* function because of an unchecked multiplication.
206 CVE-2018-19198 787 2018-11-12 2019-08-06
7.5
None Remote Low Not required Partial Partial Partial
An issue was discovered in uriparser before 0.9.0. UriQuery.c allows an out-of-bounds write via a uriComposeQuery* or uriComposeQueryEx* function because the '&' character is mishandled in certain contexts.
207 CVE-2018-19197 22 Dir. Trav. 2018-11-12 2019-01-23
5.5
None Remote Low Single system None Partial Partial
An issue was discovered in XiaoCms 20141229. admin\controller\database.php allows arbitrary directory deletion via admin/index.php?c=database&a=import&paths[]=../ directory traversal.
208 CVE-2018-19196 94 Exec Code Bypass 2018-11-12 2018-12-13
7.5
None Remote Low Not required Partial Partial Partial
An issue was discovered in XiaoCms 20141229. It allows remote attackers to execute arbitrary code by using the type parameter to bypass the standard admin\controller\uploadfile.php restrictions on uploaded file types (jpg, jpeg, bmp, png, gif), as demonstrated by an admin/index.php?c=uploadfile&a=uploadify_upload&type=php URI.
209 CVE-2018-19195 79 XSS 2018-11-12 2018-12-13
4.3
None Remote Medium Not required None Partial None
An issue was discovered in XiaoCms 20141229. There is XSS related to the template\default\show_product.html file.
210 CVE-2018-19194 200 +Info 2018-11-12 2018-12-13
5.0
None Remote Low Not required Partial None None
An issue was discovered in XiaoCms 20141229. /admin/index.php?c=database allows full path disclosure in a "failed to open stream" error message.
211 CVE-2018-19193 79 XSS 2018-11-12 2018-12-13
4.3
None Remote Medium Not required None Partial None
An issue was discovered in XiaoCms 20141229. There is XSS via the largest input box on the "New news" screen.
212 CVE-2018-19192 352 CSRF 2018-11-12 2018-12-13
6.8
None Remote Medium Not required Partial Partial Partial
An issue was discovered in XiaoCms 20141229. admin/index.php?c=content&a=add&catid=3 has CSRF, as demonstrated by entering news via the data[content] parameter.
213 CVE-2018-19190 79 XSS 2018-11-14 2018-12-17
4.3
None Remote Medium Not required None Partial None
The Amazon PAYFORT payfort-php-SDK payment gateway SDK through 2018-04-26 has XSS via the error.php error_msg parameter.
214 CVE-2018-19189 79 XSS 2018-11-14 2018-12-17
4.3
None Remote Medium Not required None Partial None
The Amazon PAYFORT payfort-php-SDK payment gateway SDK through 2018-04-26 has XSS via an arbitrary parameter name or value that is mishandled in an error.php echo statement.
215 CVE-2018-19188 79 XSS 2018-11-14 2018-12-17
4.3
None Remote Medium Not required None Partial None
The Amazon PAYFORT payfort-php-SDK payment gateway SDK through 2018-04-26 has XSS via the success.php fort_id parameter.
216 CVE-2018-19187 79 XSS 2018-11-14 2018-12-17
4.3
None Remote Medium Not required None Partial None
The Amazon PAYFORT payfort-php-SDK payment gateway SDK through 2018-04-26 has XSS via an arbitrary parameter name or value that is mishandled in a success.php echo statement.
217 CVE-2018-19186 79 XSS 2018-11-14 2018-12-17
4.3
None Remote Medium Not required None Partial None
The Amazon PAYFORT payfort-php-SDK payment gateway SDK through 2018-04-26 has XSS via the route.php paymentMethod parameter.
218 CVE-2018-19185 119 Overflow 2018-11-12 2018-12-14
7.5
None Remote Low Not required Partial Partial Partial
An issue has been found in libIEC61850 v1.3. It is a heap-based buffer overflow in BerEncoder_encodeOctetString in mms/asn1/ber_encoder.c. This is exploitable even after CVE-2018-18834 has been patched, with a different dataSetValue sequence than the CVE-2018-18834 attack vector.
219 CVE-2018-19184 476 DoS 2018-11-11 2018-12-13
5.0
None Remote Low Not required None None Partial
cmd/evm/runner.go in Go Ethereum (aka geth) 1.8.17 allows attackers to cause a denial of service (SEGV) via crafted bytecode.
220 CVE-2018-19183 119 DoS Overflow 2018-11-11 2018-12-13
5.0
None Remote Low Not required None None Partial
ethereumjs-vm 2.4.0 allows attackers to cause a denial of service (vm.runCode failure and REVERT) via a "code: Buffer.from(my_code, 'hex')" attribute.
221 CVE-2018-19181 22 Dir. Trav. 2018-11-11 2018-12-12
6.4
None Remote Low Not required None Partial Partial
statics/ueditor/php/vendor/Local.class.php in YUNUCMS 1.1.5 allows arbitrary file deletion via the statics/ueditor/php/controller.php?action=remove key parameter, as demonstrated by using directory traversal to delete the install.lock file.
222 CVE-2018-19180 94 Exec Code 2018-11-11 2018-12-12
7.5
None Remote Low Not required Partial Partial Partial
statics/app/index/controller/Install.php in YUNUCMS 1.1.5 (if install.lock is not present) allows remote attackers to execute arbitrary PHP code by placing this code in the index.php?s=index/install/setup2 DB_PREFIX field, which is written to database.php.
223 CVE-2018-19178 79 XSS 2018-11-11 2018-12-13
3.5
None Remote Medium Single system None Partial None
In JEESNS 1.3, com/lxinet/jeesns/core/utils/XssHttpServletRequestWrapper.java allows stored XSS via an HTML EMBED element, a different vulnerability than CVE-2018-17886.
224 CVE-2018-19170 79 XSS 2018-11-11 2018-12-13
3.5
None Remote Medium Single system None Partial None
In JPress v1.0-rc.5, there is stored XSS via each of the first three input fields to the starter-tomcat-1.0/admin/setting URI, as demonstrated by the web_name parameter.
225 CVE-2018-19168 78 Exec Code 2018-11-10 2019-10-02
10.0
None Remote Low Not required Complete Complete Complete
Shell Metacharacter Injection in www/modules/save.php in FruityWifi (aka PatatasFritas/PatataWifi) through 2.4 allows remote attackers to execute arbitrary code with root privileges via a crafted mod_name parameter in a POST request. NOTE: unlike in CVE-2018-17317, the attacker does not need a valid session.
226 CVE-2018-19150 119 DoS Overflow Mem. Corr. 2018-11-10 2019-01-16
6.8
None Remote Medium Not required Partial Partial Partial
Memory corruption in PDMODELProvidePDModelHFT in pdmodel.dll in pdfforge PDF Architect 6 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact because of a "Data from Faulting Address controls Code Flow" issue.
227 CVE-2018-19149 476 2018-11-10 2019-08-06
4.3
None Remote Medium Not required None None Partial
Poppler before 0.70.0 has a NULL pointer dereference in _poppler_attachment_new when called from poppler_annot_file_attachment_get_attachment.
228 CVE-2018-19148 2018-11-10 2018-11-10
0.0
None ??? ??? ??? ??? ??? ???
Caddy through 0.11.0 sends incorrect certificates for certain invalid requests, making it easier for attackers to enumerate hostnames. Specifically, when unable to match a Host header with a vhost in its configuration, it serves the X.509 certificate for a randomly selected vhost in its configuration. Repeated requests (with a nonexistent hostname in the Host header) permit full enumeration of all certificates on the server. This generally permits an attacker to easily and accurately discover the existence of and relationships among hostnames that weren't meant to be public, though this information could likely have been discovered via other methods with additional effort.
229 CVE-2018-19145 79 XSS 2018-11-09 2018-12-11
4.3
None Remote Medium Not required None Partial None
An issue was discovered in S-CMS v1.5. There is an XSS vulnerability in search.php via the keyword parameter.
230 CVE-2018-19143 425 2018-11-11 2019-10-02
5.5
None Remote Low Single system None Partial Partial
Open Ticket Request System (OTRS) 4.0.x before 4.0.33, 5.0.x before 5.0.31, and 6.0.x before 6.0.13 allows an authenticated user to delete files via a modified submission form because upload caching is mishandled.
231 CVE-2018-19142 79 XSS 2018-11-11 2018-12-12
3.5
None Remote Medium Single system None Partial None
Open Ticket Request System (OTRS) 6.0.x before 6.0.13 allows an admin to conduct an XSS attack via a modified URL.
232 CVE-2018-19141 79 XSS 2018-11-11 2018-12-12
3.5
None Remote Medium Single system None Partial None
Open Ticket Request System (OTRS) 4.0.x before 4.0.33 and 5.0.x before 5.0.31 allows an admin to conduct an XSS attack via a modified URL because user and customer preferences are mishandled.
233 CVE-2018-19139 772 2018-11-09 2019-10-02
4.3
None Remote Medium Not required None None Partial
An issue has been found in JasPer 2.0.14. There is a memory leak in jas_malloc.c when called from jpc_unk_getparms in jpc_cs.c.
234 CVE-2018-19138 352 CSRF 2018-11-09 2019-01-04
6.8
None Remote Medium Not required Partial Partial Partial
WSTMart 2.0.7 has CSRF via the index.php/admin/staffs/add.html URI.
235 CVE-2018-19137 79 XSS 2018-11-09 2018-12-11
4.3
None Remote Medium Not required None Partial None
DomainMOD through 4.11.01 has XSS via the assets/edit/ip-address.php ipid parameter.
236 CVE-2018-19136 79 XSS 2018-11-09 2018-12-11
4.3
None Remote Medium Not required None Partial None
DomainMOD through 4.11.01 has XSS via the assets/edit/registrar-account.php raid parameter.
237 CVE-2018-19135 CSRF 2018-11-10 2018-11-15
0.0
None ??? ??? ??? ??? ??? ???
ClipperCMS 1.3.3 does not have CSRF protection on its kcfinder file upload (enabled by default). This can be used by an attacker to perform actions for an admin (or any user with the file upload capability). With this vulnerability, one can automatically upload files (by default, it allows html, pdf, xml, zip, and many other file types). A file can be accessed publicly under the "/assets/files" directory.
238 CVE-2018-19133 200 +Info 2018-11-09 2018-12-31
5.0
None Remote Low Not required Partial None None
In Flarum Core 0.1.0-beta.7.1, a serious leak can get everyone's email address.
239 CVE-2018-19132 772 DoS 2018-11-09 2019-10-02
4.3
None Remote Medium Not required None None Partial
Squid before 4.4, when SNMP is enabled, allows a denial of service (Memory Leak) via an SNMP packet.
240 CVE-2018-19131 79 XSS 2018-11-09 2018-12-11
4.3
None Remote Medium Not required None Partial None
Squid before 4.4 has XSS via a crafted X.509 certificate during HTTP(S) error page generation for certificate errors.
241 CVE-2018-19130 119 Overflow 2018-11-09 2018-12-12
4.3
None Remote Medium Not required None None Partial
In Libav 12.3, there is an invalid memory access in vc1_decode_frame in libavcodec/vc1dec.c that allows attackers to cause a denial-of-service via a crafted aac file.
242 CVE-2018-19129 476 2018-11-09 2018-12-12
4.3
None Remote Medium Not required None None Partial
In Libav 12.3, a NULL pointer dereference (RIP points to zero) issue in ff_mpa_synth_filter_float in libavcodec/mpegaudiodsp_template.c can cause a segmentation fault (application crash) via a crafted mov file.
243 CVE-2018-19128 125 2018-11-09 2019-10-02
4.3
None Remote Medium Not required None None Partial
In Libav 12.3, there is a heap-based buffer over-read in decode_frame in libavcodec/lcldec.c that allows an attacker to cause denial-of-service via a crafted avi file.
244 CVE-2018-19127 Exec Code 2018-11-09 2018-11-09
0.0
None ??? ??? ??? ??? ??? ???
A code injection vulnerability in /type.php in PHPCMS 2008 allows attackers to write arbitrary content to a website cache file with a controllable filename, leading to arbitrary code execution. The PHP code is sent via the template parameter, and is written to a data/cache_template/*.tpl.php file along with a "<?php function " substring.
245 CVE-2018-19126 434 Exec Code 2018-11-09 2018-12-12
7.5
None Remote Low Not required Partial Partial Partial
PrestaShop 1.6.x before 1.6.1.23 and 1.7.x before 1.7.4.4 allows remote attackers to execute arbitrary code via a file upload.
246 CVE-2018-19125 2018-11-09 2019-10-02
6.4
None Remote Low Not required None Partial Partial
PrestaShop 1.6.x before 1.6.1.23 and 1.7.x before 1.7.4.4 allows remote attackers to delete an image directory.
247 CVE-2018-19124 20 2018-11-09 2018-12-12
5.0
None Remote Low Not required None Partial None
PrestaShop 1.6.x before 1.6.1.23 and 1.7.x before 1.7.4.4 on Windows allows remote attackers to write to arbitrary image files.
248 CVE-2018-19122 476 2018-11-09 2018-12-07
4.3
None Remote Medium Not required None None Partial
An issue has been found in libIEC61850 v1.3. It is a NULL pointer dereference in Ethernet_sendPacket in ethernet_bsd.c.
249 CVE-2018-19121 476 2018-11-09 2018-12-07
4.3
None Remote Medium Not required None None Partial
An issue has been found in libIEC61850 v1.3. It is a SEGV in Ethernet_receivePacket in ethernet_bsd.c.
250 CVE-2018-19120 2018-11-29 2018-11-29
0.0
None ??? ??? ??? ??? ??? ???
The HTML thumbnailer plugin in KDE Applications before 18.12.0 allows attackers to trigger outbound TCP connections to arbitrary IP addresses, leading to disclosure of the source IP address.
Total number of vulnerabilities : 982   Page : 1 2 3 4 5 (This Page)6 7 8 9 10 11 12 13 14 15 16 17 18 19 20
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.