CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities Published In December 2018

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
201 CVE-2018-20460 119 Overflow 2018-12-25 2018-12-31
4.3
None Remote Medium Not required None None Partial
In radare2 prior to 3.1.2, the parseOperands function in libr/asm/arch/arm/armass64.c allows attackers to cause a denial-of-service (application crash caused by stack-based buffer overflow) by crafting an input file.
202 CVE-2018-20459 125 2018-12-25 2019-01-09
4.3
None Remote Medium Not required None None Partial
In radare2 through 3.1.3, the armass_assemble function in libr/asm/arch/arm/armass.c allows attackers to cause a denial-of-service (application crash by out-of-bounds read) by crafting an arm assembly input because a loop uses an incorrect index in armass.c and certain length validation is missing in armass64.c, a related issue to CVE-2018-20457.
203 CVE-2018-20458 125 2018-12-25 2018-12-31
4.3
None Remote Medium Not required None None Partial
In radare2 prior to 3.1.1, r_bin_dyldcache_extract in libr/bin/format/mach0/dyldcache.c may allow attackers to cause a denial-of-service (application crash caused by out-of-bounds read) by crafting an input file.
204 CVE-2018-20457 125 2018-12-25 2019-01-09
4.3
None Remote Medium Not required None None Partial
In radare2 through 3.1.3, the assemble function inside libr/asm/p/asm_arm_cs.c allows attackers to cause a denial-of-service (application crash via an r_num_calc out-of-bounds read) by crafting an arm assembly input because a loop uses an incorrect index in armass.c and certain length validation is missing in armass64.c, a related issue to CVE-2018-20459.
205 CVE-2018-20456 125 DoS 2018-12-25 2018-12-31
4.3
None Remote Medium Not required None None Partial
In radare2 prior to 3.1.1, the parseOperand function inside libr/asm/p/asm_x86_nz.c may allow attackers to cause a denial of service (application crash in libr/util/strbuf.c via a stack-based buffer over-read) by crafting an input file, a related issue to CVE-2018-20455.
206 CVE-2018-20455 119 DoS Overflow 2018-12-25 2018-12-31
4.3
None Remote Medium Not required None None Partial
In radare2 prior to 3.1.1, the parseOperand function inside libr/asm/p/asm_x86_nz.c may allow attackers to cause a denial of service (application crash via a stack-based buffer overflow) by crafting an input file, a related issue to CVE-2018-20456.
207 CVE-2018-20454 79 XSS 2018-12-25 2019-01-10
4.3
None Remote Medium Not required None Partial None
An issue was discovered in 74cms v4.2.111. upload/index.php?c=resume&a=resume_list has XSS via the key parameter.
208 CVE-2018-20453 125 DoS 2018-12-25 2019-01-11
4.3
None Remote Medium Not required None None Partial
The getlong function in numutils.c in libdoc through 2017-10-23 has a heap-based buffer over-read that allows attackers to cause a denial of service (application crash) via a crafted file.
209 CVE-2018-20452 119 DoS Overflow 2018-12-25 2019-01-11
6.8
None Remote Medium Not required Partial Partial Partial
The read_MSAT_body function in ole.c in libxls 1.4.0 has an invalid free that allows attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted file, because of inconsistent memory management (new versus free) in ole2_read_header in ole.c.
210 CVE-2018-20451 125 DoS 2018-12-25 2019-10-02
4.3
None Remote Medium Not required None None Partial
The process_file function in reader.c in libdoc through 2017-10-23 has a heap-based buffer over-read that allows attackers to cause a denial of service (application crash) via a crafted file.
211 CVE-2018-20450 415 DoS 2018-12-25 2019-01-11
4.3
None Remote Medium Not required None None Partial
The read_MSAT function in ole.c in libxls 1.4.0 has a double free that allows attackers to cause a denial of service (application crash) via a crafted file, a different vulnerability than CVE-2017-2897.
212 CVE-2018-20448 79 XSS 2018-12-25 2019-01-03
3.5
None Remote Medium Single system None Partial None
Frog CMS 0.9.5 has XSS via the Database name field to the /install/index.php URI.
213 CVE-2018-20445 522 2018-12-25 2019-10-02
5.0
None Remote Low Not required Partial None None
D-Link DCM-604 DCM604_C1_ViaCabo_1.04_20130606 and DCM-704 EU_DCM-704_1.10 devices allow remote attackers to discover Wi-Fi credentials via iso.3.6.1.4.1.4413.2.2.2.1.5.4.1.14.1.3.32 and iso.3.6.1.4.1.4413.2.2.2.1.5.4.2.4.1.2.32 SNMP requests.
214 CVE-2018-20444 522 2018-12-25 2019-10-02
5.0
None Remote Low Not required Partial None None
Technicolor CGA0111 CGA0111E-ES-13-E23E-c8000r5712-170217-0829-TRU devices allow remote attackers to discover Wi-Fi credentials via iso.3.6.1.4.1.4413.2.2.2.1.5.4.1.14.1.3.10001 and 1.3.6.1.4.1.4413.2.2.2.1.18.1.2.3.4.1.2.10001 SNMP requests.
215 CVE-2018-20443 522 2018-12-25 2019-10-02
5.0
None Remote Low Not required Partial None None
Technicolor TC7200.d1I TC7200.d1IE-N23E-c7000r5712-170406-HAT devices allow remote attackers to discover Wi-Fi credentials via iso.3.6.1.4.1.4413.2.2.2.1.5.4.1.14.1.3.10001 and 1.3.6.1.4.1.4413.2.2.2.1.18.1.2.3.4.1.2.10001 SNMP requests.
216 CVE-2018-20442 522 2018-12-25 2019-10-02
5.0
None Remote Low Not required Partial None None
Technicolor TC7110.B STC8.62.02 devices allow remote attackers to discover Wi-Fi credentials via iso.3.6.1.4.1.2863.205.10.1.30.4.1.14.1.3.32 and iso.3.6.1.4.1.2863.205.10.1.30.4.2.4.1.2.32 SNMP requests.
217 CVE-2018-20441 522 2018-12-25 2019-10-02
5.0
None Remote Low Not required Partial None None
Technicolor TC7200.TH2v2 SC05.00.22 devices allow remote attackers to discover Wi-Fi credentials via iso.3.6.1.4.1.2863.205.10.1.30.4.1.14.1.3.32 and iso.3.6.1.4.1.2863.205.10.1.30.4.2.4.1.2.32 SNMP requests.
218 CVE-2018-20440 522 2018-12-25 2019-10-02
5.0
None Remote Low Not required Partial None None
Technicolor CWA0101 CWA0101E-A23E-c7000r5712-170315-SKC devices allow remote attackers to discover Wi-Fi credentials via iso.3.6.1.4.1.4413.2.2.2.1.5.4.1.14.1.3.10001 and 1.3.6.1.4.1.4413.2.2.2.1.18.1.2.3.4.1.2.10001 SNMP requests.
219 CVE-2018-20439 522 2018-12-25 2019-10-02
5.0
None Remote Low Not required Partial None None
Technicolor DPC3928SL D3928SL-PSIP-13-A010-c3420r55105-170214a devices allow remote attackers to discover Wi-Fi credentials via iso.3.6.1.4.1.4413.2.2.2.1.5.4.1.14.1.3.10001 and 1.3.6.1.4.1.4413.2.2.2.1.18.1.2.3.4.1.2.10001 SNMP requests.
220 CVE-2018-20438 522 2018-12-25 2019-10-02
5.0
None Remote Low Not required Partial None None
Technicolor TC7110.AR STD3.38.03 devices allow remote attackers to discover Wi-Fi credentials via iso.3.6.1.4.1.2863.205.10.1.30.4.1.14.1.3.32 and iso.3.6.1.4.1.2863.205.10.1.30.4.2.4.1.2.32 SNMP requests.
221 CVE-2018-20437 2018-12-25 2018-12-25
0.0
None ??? ??? ??? ??? ??? ???
** DISPUTED ** An issue was discovered in the fileDownload function in the CommonController class in FEBS-Shiro before 2018-11-05. An attacker can download a file via a request of the form /common/download?filename=1.jsp&delete=false. NOTE: the software maintainer disputes the significance of this report because the product uses a JAR archive for deployment, and this contains application.yml with configuration data.
222 CVE-2018-20436 2018-12-24 2018-12-31
0.0
None ??? ??? ??? ??? ??? ???
** DISPUTED ** The "secret chat" feature in Telegram 4.9.1 for Android has a "side channel" in which Telegram servers send GET requests for URLs typed while composing a chat message, before that chat message is sent. There are also GET requests to other URLs on the same web server. This also affects one or more other Telegram products, such as Telegram Web-version 0.7.0. In addition, it can be interpreted as an SSRF issue. NOTE: a third party has reported that potentially unwanted behavior is caused by misconfiguration of the "Secret chats > Preview links" setting.
223 CVE-2018-20433 611 2018-12-24 2019-05-29
7.5
None Remote Low Not required Partial Partial Partial
c3p0 0.9.5.2 allows XXE in extractXmlConfigFromInputStream in com/mchange/v2/c3p0/cfg/C3P0ConfigXmlUtils.java during initialization.
224 CVE-2018-20431 476 2018-12-24 2019-01-10
4.3
None Remote Medium Not required None None Partial
GNU Libextractor through 1.8 has a NULL Pointer Dereference vulnerability in the function process_metadata() in plugins/ole2_extractor.c.
225 CVE-2018-20430 125 2018-12-24 2019-01-11
4.3
None Remote Medium Not required None None Partial
GNU Libextractor through 1.8 has an out-of-bounds read vulnerability in the function history_extract() in plugins/ole2_extractor.c, related to EXTRACTOR_common_convert_to_utf8 in common/convert.c.
226 CVE-2018-20429 476 2018-12-24 2019-01-04
6.8
None Remote Medium Not required Partial Partial Partial
libming 0.4.8 has a NULL pointer dereference in the getName function of the decompile.c file, a different vulnerability than CVE-2018-7872 and CVE-2018-9165.
227 CVE-2018-20428 476 2018-12-24 2019-01-04
6.8
None Remote Medium Not required Partial Partial Partial
libming 0.4.8 has a NULL pointer dereference in the strlenext function of the decompile.c file, a different vulnerability than CVE-2018-7874.
228 CVE-2018-20427 476 2018-12-24 2019-01-04
6.8
None Remote Medium Not required Partial Partial Partial
libming 0.4.8 has a NULL pointer dereference in the getInt function of the decompile.c file, a different vulnerability than CVE-2018-9132.
229 CVE-2018-20426 476 2018-12-24 2019-01-04
6.8
None Remote Medium Not required Partial Partial Partial
libming 0.4.8 has a NULL pointer dereference in the newVar3 function of the decompile.c file, a different vulnerability than CVE-2018-7866.
230 CVE-2018-20425 476 2018-12-24 2019-01-04
6.8
None Remote Medium Not required Partial Partial Partial
libming 0.4.8 has a NULL pointer dereference in the pushdup function of the decompile.c file.
231 CVE-2018-20424 20 2018-12-23 2019-01-10
5.8
None Remote Medium Not required None Partial Partial
Discuz! DiscuzX 3.4, when WeChat login is enabled, allows remote attackers to delete the common_member_wechatmp data structure via an ac=unbindmp request to plugin.php.
232 CVE-2018-20423 Bypass 2018-12-23 2019-10-02
6.8
None Remote Medium Not required Partial Partial Partial
Discuz! DiscuzX 3.4, when WeChat login is enabled, allows remote attackers to bypass a "disabled registration" setting by adding a non-existing wxopenid value to the plugin.php ac=wxregister query string.
233 CVE-2018-20422 287 Bypass 2018-12-23 2019-10-02
6.8
None Remote Medium Not required Partial Partial Partial
Discuz! DiscuzX 3.4, when WeChat login is enabled, allows remote attackers to bypass authentication by leveraging a non-empty #wechat#common_member_wechatmp to gain login access to an account via a plugin.php ac=wxregister request (the attacker does not have control over which account will be accessed).
234 CVE-2018-20421 770 DoS 2018-12-23 2019-10-02
5.0
None Remote Low Not required None None Partial
Go Ethereum (aka geth) 1.8.19 allows attackers to cause a denial of service (memory consumption) by rewriting the length of a dynamic array in memory, and then writing data to a single memory location with a large index number, as demonstrated by use of "assembly { mstore }" followed by a "c[0xC800000] = 0xFF" assignment.
235 CVE-2018-20420 732 Dir. Trav. 2018-12-23 2019-10-02
5.5
None Remote Low Single system None Partial Partial
In webERP 4.15, Z_CreateCompanyTemplateFile.php has Incorrect Access Control, leading to the overwrite of an existing .sql file on the target web site by creating a template and then using ../ directory traversal in the TemplateName parameter.
236 CVE-2018-20419 352 CSRF 2018-12-23 2019-01-11
6.8
None Remote Medium Not required Partial Partial Partial
DouCo DouPHP 1.5 has upload/admin/manager.php?rec=insert CSRF to add an administrator account.
237 CVE-2018-20418 79 XSS 2018-12-23 2019-01-07
3.5
None Remote Medium Single system None Partial None
index.php?p=admin/actions/entries/save-entry in Craft CMS 3.0.25 allows XSS by saving a new title from the console tab.
238 CVE-2018-20410 Overflow 2018-12-23 2018-12-23
0.0
None ??? ??? ??? ??? ??? ???
WellinTech KingSCADA before 3.7.0.0.1 contains a stack-based buffer overflow. The vulnerability is triggered when sending a specially crafted packet to the AlarmServer (AEserver.exe) service listening on TCP port 12401.
239 CVE-2018-20409 125 2018-12-23 2019-10-02
4.3
None Remote Medium Not required None None Partial
An issue was discovered in Bento4 1.5.1-627. There is a heap-based buffer over-read in AP4_AvccAtom::Create in Core/Ap4AvccAtom.cpp, as demonstrated by mp42hls.
240 CVE-2018-20408 772 2018-12-23 2019-10-02
4.3
None Remote Medium Not required None None Partial
An issue was discovered in Bento4 1.5.1-627. There is a memory leak in AP4_StdcFileByteStream::Create in System/StdC/Ap4StdCFileByteStream.cpp, as demonstrated by mp42hls.
241 CVE-2018-20407 772 2018-12-23 2019-10-02
4.3
None Remote Medium Not required None None Partial
An issue was discovered in Bento4 1.5.1-627. There is a memory leak in AP4_DescriptorFactory::CreateDescriptorFromStream in Core/Ap4DescriptorFactory.cpp, as demonstrated by mp42hls.
242 CVE-2018-20406 190 Overflow 2018-12-23 2019-04-16
5.0
None Remote Low Not required None None Partial
Modules/_pickle.c in Python before 3.7.1 has an integer overflow via a large LONG_BINPUT value that is mishandled during a "resize to twice the size" attempt. This issue might cause memory exhaustion, but is only relevant if the pickle format is used for serializing tens or hundreds of gigabytes of data.
243 CVE-2018-20405 200 +Info 2018-12-23 2019-01-07
4.0
None Remote Low Single system Partial None None
BigTree 4.3 allows full path disclosure via authenticated admin/news/ input that triggers a syntax error.
244 CVE-2018-20404 DoS 2018-12-26 2018-12-26
0.0
None ??? ??? ??? ??? ??? ???
ETK_E900.sys, a SmartETK driver for VIA Technologies EPIA-E900 system board, is vulnerable to denial of service attack via IOCTL 0x9C402048, which calls memmove and constantly fails on an arbitrary (uncontrollable) address, resulting in an eternal hang or a BSoD.
245 CVE-2018-20402 1188 2018-12-23 2019-10-02
6.5
None Remote Low Single system Partial Partial Partial
Safe Software FME Server through 2018.1 creates and enables three additional accounts in addition to the initial administrator account. The passwords to the three accounts are the same as the usernames, which are guest, user, and author. Logging in with these accounts will grant any user the default privilege roles that were also created for each of the accounts.
246 CVE-2018-20401 522 2018-12-23 2019-10-02
5.0
None Remote Low Not required Partial None None
Zoom 5352 v5.5.8.6Y devices allow remote attackers to discover credentials via iso.3.6.1.4.1.4491.2.4.1.1.6.1.1.0 and iso.3.6.1.4.1.4491.2.4.1.1.6.1.2.0 SNMP requests.
247 CVE-2018-20400 522 2018-12-23 2019-10-02
5.0
None Remote Low Not required Partial None None
Ubee DVW2108 6.28.1017 and DVW2110 6.28.2012 devices allow remote attackers to discover credentials via iso.3.6.1.4.1.4491.2.4.1.1.6.1.1.0 and iso.3.6.1.4.1.4491.2.4.1.1.6.1.2.0 SNMP requests.
248 CVE-2018-20399 522 2018-12-23 2019-10-02
5.0
None Remote Low Not required Partial None None
Motorola SBG901 SBG901-2.10.1.1-GA-00-581-NOSH, SBG941 SBG941-2.11.0.0-GA-07-624-NOSH, and SVG1202 SVG1202-2.1.0.0-GA-14-LTSH devices allow remote attackers to discover credentials via iso.3.6.1.4.1.4491.2.4.1.1.6.1.1.0 and iso.3.6.1.4.1.4491.2.4.1.1.6.1.2.0 SNMP requests.
249 CVE-2018-20398 522 2018-12-23 2019-10-02
5.0
None Remote Low Not required Partial None None
Skyworth CM5100 V1.1.0, CM5100-440 V1.2.1, CM5100-511 4.1.0.14, CM5100-GHD00 V1.2.2, and CM5100.g2 4.1.0.17 devices allow remote attackers to discover credentials via iso.3.6.1.4.1.4491.2.4.1.1.6.1.1.0 and iso.3.6.1.4.1.4491.2.4.1.1.6.1.2.0 SNMP requests.
250 CVE-2018-20397 522 2018-12-23 2019-10-02
5.0
None Remote Low Not required Partial None None
mplus CBC383Z CBC383Z_mplus_MDr026 devices allow remote attackers to discover credentials via iso.3.6.1.4.1.4491.2.4.1.1.6.1.1.0 and iso.3.6.1.4.1.4491.2.4.1.1.6.1.2.0 SNMP requests.
Total number of vulnerabilities : 1160   Page : 1 2 3 4 5 (This Page)6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.