CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities (CVSS score between 6 and 6.99)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
2651 CVE-2018-8993 20 DoS 2018-03-24 2018-03-30
6.1
None Local Low Not required Partial Partial Complete
In Windows Master (aka Windows Optimization Master) 7.99.13.604, the driver file (WoptiHWDetect.SYS) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0xf1002001.
2652 CVE-2018-8992 20 DoS 2018-03-24 2018-03-30
6.1
None Local Low Not required Partial Partial Complete
In Windows Master (aka Windows Optimization Master) 7.99.13.604, the driver file (WoptiHWDetect.SYS) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0xf1002005.
2653 CVE-2018-8991 20 DoS 2018-03-24 2018-03-30
6.1
None Local Low Not required Partial Partial Complete
In Windows Master (aka Windows Optimization Master) 7.99.13.604, the driver file (WoptiHWDetect.SYS) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0xf1002009.
2654 CVE-2018-8990 20 DoS 2018-03-24 2018-03-30
6.1
None Local Low Not required Partial Partial Complete
In Windows Master (aka Windows Optimization Master) 7.99.13.604, the driver file (WoptiHWDetect.SYS) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0xf1002010.
2655 CVE-2018-8989 20 DoS 2018-03-24 2018-03-30
6.1
None Local Low Not required Partial Partial Complete
In Windows Master (aka Windows Optimization Master) 7.99.13.604, the driver file (WoptiHWDetect.SYS) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0xf1002006.
2656 CVE-2018-8988 20 DoS 2018-03-24 2018-03-30
6.1
None Local Low Not required Partial Partial Complete
In Windows Master (aka Windows Optimization Master) 7.99.13.604, the driver file (WoptiHWDetect.SYS) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0xf1002008.
2657 CVE-2018-8979 352 XSS CSRF 2018-03-25 2018-04-18
6.8
None Remote Medium Not required Partial Partial Partial
Open-AudIT Professional 2.1 has CSRF, as demonstrated by modifying a user account or inserting XSS sequences via the credentials URI.
2658 CVE-2018-8972 352 CSRF 2018-03-24 2018-04-24
6.8
None Remote Medium Not required Partial Partial Partial
Creditwest Bank CMS Project (aka CWCMS) through 2017-07-28 has CSRF in the functionality for updating the site configuration, which allows remote attackers to inject arbitrary PHP code, as demonstrated by a PHP shell that calls eval on request parameters.
2659 CVE-2018-8969 22 Dir. Trav. 2018-03-24 2018-04-17
6.4
None Remote Low Not required None Partial Partial
An issue was discovered in zzcms 8.2. user/licence_save.php allows remote attackers to delete arbitrary files via directory traversal sequences in the oldimg parameter in an action=modify request. This can be leveraged for database access by deleting install.lock.
2660 CVE-2018-8968 22 Dir. Trav. 2018-03-24 2018-04-17
6.4
None Remote Low Not required None Partial Partial
An issue was discovered in zzcms 8.2. user/manage.php allows remote attackers to delete arbitrary files via directory traversal sequences in the oldimg or oldflv parameter in an action=modify request. This can be leveraged for database access by deleting install.lock.
2661 CVE-2018-8965 22 Dir. Trav. 2018-03-24 2018-04-17
6.4
None Remote Low Not required None Partial Partial
An issue was discovered in zzcms 8.2. user/ppsave.php allows remote attackers to delete arbitrary files via directory traversal sequences in the oldimg parameter in an action=modify request. This can be leveraged for database access by deleting install.lock.
2662 CVE-2018-8960 119 Overflow 2018-03-23 2018-08-09
6.8
None Remote Medium Not required Partial Partial Partial
The ReadTIFFImage function in coders/tiff.c in ImageMagick 7.0.7-26 Q16 does not properly restrict memory allocation, leading to a heap-based buffer over-read.
2663 CVE-2018-8953 89 Sql 2018-04-11 2018-05-17
6.5
None Remote Low Single system Partial Partial Partial
CA Workload Automation AE before r11.3.6 SP7 allows remote attackers to a perform SQL injection via a crafted HTTP request.
2664 CVE-2018-8929 417 2018-07-06 2019-06-11
6.8
None Remote Medium Not required Partial Partial Partial
Improper restriction of communication channel to intended endpoints vulnerability in HTTP daemon in Synology SSL VPN Client before 1.2.4-0224 allows remote attackers to conduct man-in-the-middle attacks via a crafted payload.
2665 CVE-2018-8926 264 2018-06-08 2018-07-27
6.5
None Remote Low Single system Partial Partial Partial
Permissive regular expression vulnerability in synophoto_dsm_user in Synology Photo Station before 6.8.5-3471 and before 6.3-2975 allows remote authenticated users to conduct privilege escalation attacks via the fullname parameter.
2666 CVE-2018-8925 352 CSRF 2018-06-08 2018-07-27
6.8
None Remote Medium Not required Partial Partial Partial
Cross-site request forgery (CSRF) vulnerability in admin/user.php in Synology Photo Station before 6.8.5-3471 and before 6.3-2975 allows remote attackers to hijack the authentication of administrators via the (1) username, (2) password, (3) admin, (4) action, (5) uid, or (6) modify_admin parameter.
2667 CVE-2018-8908 352 CSRF 2018-03-31 2018-05-09
6.8
None Remote Medium Not required Partial Partial Partial
An issue was discovered in /admin/?/user/add in Frog CMS 0.9.5. The application's add user functionality suffers from CSRF. A malicious user can craft an HTML page and use it to trick a victim into clicking on it; once executed, a malicious user will be created with admin privileges. This happens due to lack of an anti-CSRF token in state modification requests.
2668 CVE-2018-8905 119 Overflow 2018-03-22 2019-08-06
6.8
None Remote Medium Not required Partial Partial Partial
In LibTIFF 4.0.9, a heap-based buffer overflow occurs in the function LZWDecodeCompat in tif_lzw.c via a crafted TIFF file, as demonstrated by tiff2ps.
2669 CVE-2018-8904 20 DoS 2018-03-22 2018-04-12
6.1
None Local Low Not required Partial Partial Complete
In Windows Master (aka Windows Optimization Master) 7.99.13.604, the driver file (WoptiHWDetect.SYS) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0xf1002000.
2670 CVE-2018-8896 20 DoS 2018-03-22 2018-04-12
6.1
None Local Low Not required Partial Partial Complete
In 2345 Security Guard 3.6, the driver file (2345DumpBlock.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x00222044.
2671 CVE-2018-8895 20 DoS 2018-03-22 2018-04-12
6.1
None Local Low Not required Partial Partial Complete
In 2345 Security Guard 3.6, the driver file (2345DumpBlock.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x00222040.
2672 CVE-2018-8894 20 DoS 2018-03-22 2018-04-12
6.1
None Local Low Not required Partial Partial Complete
In 2345 Security Guard 3.6, the driver file (2345BdPcSafe.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x00222108.
2673 CVE-2018-8893 352 Exec Code CSRF 2018-03-31 2018-05-01
6.8
None Remote Medium Not required Partial Partial Partial
Z-BlogPHP 1.5.1 Zero has CSRF in plugin_edit.php, resulting in the ability to execute arbitrary PHP code.
2674 CVE-2018-8876 20 DoS 2018-03-20 2018-04-12
6.1
None Local Low Not required Partial Partial Complete
In 2345 Security Guard 3.6, the driver file (2345Wrath.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x00222098.
2675 CVE-2018-8875 20 DoS 2018-03-20 2018-04-12
6.1
None Local Low Not required Partial Partial Complete
In 2345 Security Guard 3.6, the driver file (2345Wrath.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x0022209c.
2676 CVE-2018-8874 20 DoS 2018-03-20 2018-04-12
6.1
None Local Low Not required Partial Partial Complete
In 2345 Security Guard 3.6, the driver file (2345Wrath.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x00222054.
2677 CVE-2018-8873 20 DoS 2018-03-20 2018-04-12
6.1
None Local Low Not required Partial Partial Complete
In 2345 Security Guard 3.6, the driver file (2345NetFirewall.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x00222040.
2678 CVE-2018-8868 284 2018-07-02 2018-08-28
6.9
None Local Medium Not required Complete Complete Complete
Medtronic MyCareLink Patient Monitor, 24950 MyCareLink Monitor, all versions, and 24952 MyCareLink Monitor, all versions, contains debug code meant to test the functionality of the monitor's communication interfaces, including the interface between the monitor and implantable cardiac device. An attacker with physical access to the device can apply the other vulnerabilities within this advisory to access this debug functionality. This debug functionality provides the ability to read and write arbitrary memory values to implantable cardiac devices via inductive or short range wireless protocols. An attacker with close physical proximity to a target implantable cardiac device can use this debug functionality.
2679 CVE-2018-8861 284 2018-05-04 2018-06-13
6.8
None Local Low Not required Complete Complete Partial
Vulnerabilities within the Philips Brilliance CT kiosk environment (Brilliance 64 version 2.6.2 and prior, Brilliance iCT versions 4.1.6 and prior, Brillance iCT SP versions 3.2.4 and prior, and Brilliance CT Big Bore 2.3.5 and prior) could enable a limited-access kiosk user or an unauthorized attacker to break-out from the containment of the kiosk environment, attain elevated privileges from the underlying Windows OS, and access unauthorized resources from the operating system.
2680 CVE-2018-8852 384 2018-09-26 2018-11-21
6.8
None Remote Medium Not required Partial Partial Partial
Philips e-Alert Unit (non-medical device), Version R2.1 and prior. When authenticating a user or otherwise establishing a new user session, the software gives an attacker the opportunity to steal authenticated sessions without invalidating any existing session identifier.
2681 CVE-2018-8844 352 2018-09-26 2018-11-21
6.8
None Remote Medium Not required Partial Partial Partial
Philips e-Alert Unit (non-medical device), Version R2.1 and prior. The web application does not, or cannot, sufficiently verify whether a well-formed, valid, consistent request was intentionally provided by the user who submitted the request.
2682 CVE-2018-8837 787 Exec Code 2018-04-25 2018-05-25
6.8
None Remote Medium Not required Partial Partial Partial
Processing specially crafted .pm3 files in Advantech WebAccess HMI Designer 2.1.7.32 and prior may cause the system to write outside the intended buffer area and may allow remote code execution.
2683 CVE-2018-8835 415 Exec Code 2018-04-25 2018-05-25
6.8
None Remote Medium Not required Partial Partial Partial
Double free vulnerabilities in Advantech WebAccess HMI Designer 2.1.7.32 and prior caused by processing specially crafted .pm3 files may allow remote code execution.
2684 CVE-2018-8833 119 Exec Code Overflow 2018-04-25 2018-05-25
6.8
None Remote Medium Not required Partial Partial Partial
Heap-based buffer overflow vulnerabilities in Advantech WebAccess HMI Designer 2.1.7.32 and prior caused by processing specially crafted .pm3 files may allow remote code execution.
2685 CVE-2018-8825 119 Exec Code Overflow 2019-04-23 2019-04-25
6.8
None Remote Medium Not required Partial Partial Partial
Google TensorFlow 1.7 and below is affected by: Buffer Overflow. The impact is: execute arbitrary code (local).
2686 CVE-2018-8820 89 Exec Code Sql 2018-03-28 2018-04-23
6.0
None Remote Medium Single system Partial Partial Partial
An issue was discovered in Square 9 GlobalForms 6.2.x. A Time Based SQL injection vulnerability in the "match" parameter allows remote authenticated attackers to execute arbitrary SQL commands. It is possible to upgrade access to full server compromise via xp_cmdshell. In some cases, the authentication requirement for the attack can be met by sending the default admin credentials.
2687 CVE-2018-8817 352 CSRF 2018-03-25 2019-06-10
6.8
None Remote Medium Not required Partial Partial Partial
Wampserver before 3.1.3 has CSRF in add_vhost.php.
2688 CVE-2018-8812 20 2019-05-10 2019-05-14
6.4
None Remote Low Not required None Partial Partial
An issue was discovered in Avaya one-X Portal for IP Office 9.1.2.0 and prior. The DownloadToLocalDriveServlet function from the AFA portal is only intended to download backup ZIP files from the server to the operator desktop; however, a malicious user capable of intercepting the HTTP request would be able to modify folder and filename parameters in order to get access to any file on the underlying operating system, as demonstrated by a folder=/etc/&filename=passwd query string. Additionally it could cause a DoS, as this functions also implements file deletion after downloading.
2689 CVE-2018-8811 352 CSRF 2018-03-20 2018-04-13
6.8
None Remote Medium Not required Partial Partial Partial
Cross-site request forgery (CSRF) vulnerability in system/workplace/admin/accounts/user_role.jsp in OpenCMS 10.5.3 allows remote attackers to hijack the authentication of administrative users for requests that perform privilege escalation.
2690 CVE-2018-8804 415 DoS 2018-03-20 2018-06-13
6.8
None Remote Medium Not required Partial Partial Partial
WriteEPTImage in coders/ept.c in ImageMagick 7.0.7-25 Q16 allows remote attackers to cause a denial of service (MagickCore/memory.c double free and application crash) or possibly have unspecified other impact via a crafted file.
2691 CVE-2018-8802 89 Exec Code Sql 2018-03-26 2018-08-21
6.5
None Remote Low Single system Partial Partial Partial
SQL injection vulnerability in the management interface in ePortal Manager allows remote attackers to execute arbitrary SQL commands via unspecified parameters.
2692 CVE-2018-8769 119 Overflow 2018-03-18 2018-04-20
6.8
None Remote Medium Not required Partial Partial Partial
elfutils 0.170 has a buffer over-read in the ebl_dynamic_tag_name function of libebl/ebldynamictagname.c because SYMTAB_SHNDX is unsupported.
2693 CVE-2018-8768 264 Bypass 2018-03-18 2018-04-20
6.8
None Remote Medium Not required Partial Partial Partial
In Jupyter Notebook before 5.4.1, a maliciously forged notebook file can bypass sanitization to execute JavaScript in the notebook context. Specifically, invalid HTML is 'fixed' by jQuery after sanitization, making it dangerous.
2694 CVE-2018-8765 20 DoS 2018-03-18 2018-04-12
6.1
None Local Low Not required Partial Partial Complete
In 2345 Security Guard 3.6, the driver file (2345NetFirewall.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x00222018.
2695 CVE-2018-8764 352 CSRF 2018-03-27 2018-04-20
6.8
None Remote Medium Not required Partial Partial Partial
Roland Gruber Softwareentwicklung LDAP Account Manager before 6.3 places a CSRF token in the sec_token parameter of a URI, which makes it easier for remote attackers to defeat a CSRF protection mechanism by leveraging logging.
2696 CVE-2018-8756 77 Exec Code 2018-03-18 2018-04-18
6.5
None Remote Low Single system Partial Partial Partial
Eval injection in yzmphp/core/function/global.func.php in YzmCMS v3.7.1 allows remote attackers to achieve arbitrary code execution via PHP code in the POST data of an index.php?m=member&c=member_content&a=init request.
2697 CVE-2018-8741 22 Dir. Trav. 2018-03-17 2019-08-15
6.5
None Remote Low Single system Partial Partial Partial
A directory traversal flaw in SquirrelMail 1.4.22 allows an authenticated attacker to exfiltrate (or potentially delete) files from the hosting server, related to ../ in the att_local_name field in Deliver.class.php.
2698 CVE-2018-8733 287 Sql Bypass 2018-04-17 2018-07-04
6.4
None Remote Low Not required None Partial Partial
Authentication bypass vulnerability in the core config manager in Nagios XI 5.2.x through 5.4.x before 5.4.13 allows an unauthenticated attacker to make configuration changes and leverage an authenticated SQL injection vulnerability.
2699 CVE-2018-8718 352 CSRF 2018-03-27 2018-06-07
6.0
None Remote Medium Single system Partial Partial Partial
Cross-site request forgery (CSRF) vulnerability in the Mailer Plugin 1.20 for Jenkins 2.111 allows remote authenticated users to send unauthorized mail as an arbitrary user via a /descriptorByName/hudson.tasks.Mailer/sendTestMail request.
2700 CVE-2018-8717 352 CSRF 2018-03-14 2018-04-09
6.8
None Remote Medium Not required Partial Partial Partial
joyplus-cms 1.6.0 has CSRF, as demonstrated by adding an administrator account via a manager/admin_ajax.php?action=save&tab={pre}manager request.
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.