CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities (CVSS score between 6 and 6.99)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
2701 CVE-2018-11128 119 DoS Exec Code Overflow 2018-05-17 2018-06-20
6.8
None Remote Medium Not required Partial Partial Partial
The ObjReader::ReadObj() function in ObjReader.cpp in vincent0629 PDFParser allows remote attackers to cause a denial of service (stack-based buffer overflow) or possibly execute arbitrary code via a crafted pdf file.
2702 CVE-2018-11126 352 CSRF 2018-05-15 2018-06-19
6.8
None Remote Medium Not required Partial Partial Partial
dg-user/?controller=users&action=add in doorGets 7.0 has CSRF that results in adding an administrator account.
2703 CVE-2018-11116 732 Exec Code 2018-06-19 2019-10-02
6.5
None Remote Low Single system Partial Partial Partial
OpenWrt mishandles access control in /etc/config/rpcd and the /usr/share/rpcd/acl.d files, which allows remote authenticated users to call arbitrary methods (i.e., achieve ubus access over HTTP) that were only supposed to be accessible to a specific user, as demonstrated by the file, log, and service namespaces, potentially leading to remote Information Disclosure or Code Execution.
2704 CVE-2018-11100 119 DoS Overflow 2018-05-14 2019-10-02
6.8
None Remote Medium Not required Partial Partial Partial
The decompileSETTARGET function in decompile.c in libming through 0.4.8 mishandles cases where the header indicates a file size greater than the actual size, which allows remote attackers to cause a denial of service (Segmentation fault and application crash) or possibly have unspecified other impact.
2705 CVE-2018-11098 434 2018-05-14 2018-06-19
6.5
None Remote Low Single system Partial Partial Partial
An issue was discovered in Frog CMS 0.9.5. There is a file upload vulnerability via the admin/?/plugin/file_manager/upload URI, a similar issue to CVE-2014-4912.
2706 CVE-2018-11095 119 DoS Overflow 2018-05-14 2019-10-02
6.8
None Remote Medium Not required Partial Partial Partial
The decompileJUMP function in decompile.c in libming through 0.4.8 mishandles cases where the header indicates a file size greater than the actual size, which allows remote attackers to cause a denial of service (Segmentation fault and application crash) or possibly have unspecified other impact.
2707 CVE-2018-11083 2018-10-05 2019-10-09
6.8
None Remote Medium Not required Partial Partial Partial
Cloud Foundry BOSH, versions v264 prior to v264.14.0 and v265 prior to v265.7.0 and v266 prior to v266.8.0 and v267 prior to v267.2.0, allows refresh tokens to be as access tokens when using UAA for authentication. A remote attacker with an admin refresh token given by UAA can be used to access BOSH resources without obtaining an access token, even if their user no longer has access to those resources.
2708 CVE-2018-11078 732 2018-09-11 2019-10-09
6.0
None Remote Medium Single system Partial Partial Partial
Dell EMC VPlex GeoSynchrony, versions prior to 6.1, contains an Insecure File Permissions vulnerability. A remote authenticated malicious user could read from VPN configuration files on and potentially author a MITM attack on the VPN traffic.
2709 CVE-2018-11060 Bypass 2018-07-24 2019-10-09
6.5
None Remote Low Single system Partial Partial Partial
RSA Archer, versions prior to 6.4.0.1, contain an authorization bypass vulnerability in the REST API. A remote authenticated malicious Archer user could potentially exploit this vulnerability to elevate their privileges.
2710 CVE-2018-11049 427 2018-07-11 2018-09-10
6.9
None Local Medium Not required Complete Complete Complete
RSA Identity Governance and Lifecycle, RSA Via Lifecycle and Governance, and RSA IMG releases have an uncontrolled search vulnerability. The installation scripts set an environment variable in an unintended manner. A local authenticated malicious user could trick the root user to run malicious code on the targeted system.
2711 CVE-2018-11036 200 +Info 2018-05-31 2018-08-01
6.4
None Remote Low Not required Partial Partial None
Ruckus SmartZone (formerly Virtual SmartCell Gateway or vSCG) 3.5.0, 3.5.1, 3.6.0, and 3.6.1 (Essentials and High Scale) on vSZ, SZ-100, SZ-300, and SCG-200 devices allows remote attackers to obtain sensitive information or modify data.
2712 CVE-2018-11035 20 DoS 2018-05-13 2018-06-15
6.1
None Local Low Not required Partial Partial Complete
In 2345 Security Guard 3.7, the driver file (2345NsProtect.sys, X64 version) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCTL 0x80002019.
2713 CVE-2018-11034 20 DoS 2018-05-13 2018-06-15
6.1
None Local Low Not required Partial Partial Complete
In 2345 Security Guard 3.7, the driver file (2345NsProtect.sys, X64 version) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCTL 0x8000200D.
2714 CVE-2018-11033 119 DoS Overflow 2018-05-13 2018-06-19
6.8
None Remote Medium Not required Partial Partial Partial
The DCTStream::readHuffSym function in Stream.cc in the DCT decoder in xpdf before 4.00 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via crafted JPEG data.
2715 CVE-2018-11018 352 CSRF 2018-05-13 2018-06-18
6.8
None Remote Medium Not required Partial Partial Partial
An issue was discovered in PbootCMS v1.0.7. Cross-site request forgery (CSRF) vulnerability in apps/admin/controller/system/RoleController.php allows remote attackers to add administrator accounts via admin.php/role/add.html.
2716 CVE-2018-11017 119 DoS Overflow 2018-05-13 2018-06-13
6.8
None Remote Medium Not required Partial Partial Partial
The newVar_N function in decompile.c in libming through 0.4.8 mishandles cases where the header indicates a file size greater than the actual size, which allows remote attackers to cause a denial of service (Segmentation fault and application crash) or possibly have unspecified other impact.
2717 CVE-2018-11004 352 CSRF 2018-05-12 2018-06-18
6.8
None Remote Medium Not required Partial Partial Partial
An issue was discovered in SDcms v1.5. Cross-site request forgery (CSRF) vulnerability in /WWW//app/admin/controller/admincontroller.php allows remote attackers to add administrator accounts via m=admin&c=admin&a=add.
2718 CVE-2018-10986 352 CSRF 2019-07-03 2019-07-05
6.8
None Remote Medium Not required Partial Partial Partial
OX Guard 2.8.0 has CSRF.
2719 CVE-2018-10977 20 DoS 2018-05-10 2018-06-13
6.1
None Local Low Not required Partial Partial Complete
In 2345 Security Guard 3.7, the driver file (2345BdPcSafe.sys, X64 version) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCTL 0x002220E4.
2720 CVE-2018-10976 20 DoS 2018-05-10 2018-06-13
6.1
None Local Low Not required Partial Partial Complete
In 2345 Security Guard 3.7, the driver file (2345BdPcSafe.sys, X64 version) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCTL 0x00222050.
2721 CVE-2018-10975 20 DoS 2018-05-10 2018-06-13
6.1
None Local Low Not required Partial Partial Complete
In 2345 Security Guard 3.7, the driver file (2345BdPcSafe.sys, X64 version) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCTL 0x00222104.
2722 CVE-2018-10974 20 DoS 2018-05-10 2018-06-13
6.1
None Local Low Not required Partial Partial Complete
In 2345 Security Guard 3.7, the driver file (2345BdPcSafe.sys, X64 version) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCTL 0x00222100.
2723 CVE-2018-10972 119 DoS Overflow 2018-05-10 2018-06-13
6.8
None Remote Medium Not required Partial Partial Partial
An issue was discovered in Free Lossless Image Format (FLIF) 0.3. The TransformPaletteC::process function in transform/palette_C.hpp allows remote attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact via a crafted file.
2724 CVE-2018-10957 352 CSRF 2018-05-09 2018-06-13
6.8
None Remote Medium Not required Partial Partial Partial
CSRF exists on D-Link DIR-868L devices, leading to (for example) a change to the Admin password. hedwig.cgi and pigwidgeon.cgi are two of the affected components.
2725 CVE-2018-10955 20 DoS 2018-05-09 2018-06-12
6.1
None Local Low Not required Partial Partial Complete
In 2345 Security Guard 3.7, the driver file (2345BdPcSafe.sys, X64 version) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCTL 0x00222548.
2726 CVE-2018-10954 20 DoS 2018-05-09 2018-06-12
6.1
None Local Low Not required Partial Partial Complete
In 2345 Security Guard 3.7, the driver file (2345BdPcSafe.sys, X64 version) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCTL 0x00222550.
2727 CVE-2018-10953 20 DoS 2018-05-09 2018-06-12
6.1
None Local Low Not required Partial Partial Complete
In 2345 Security Guard 3.7, the driver file (2345BdPcSafe.sys, X64 version) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCTL 0x0022204C.
2728 CVE-2018-10952 20 DoS 2018-05-09 2018-06-12
6.1
None Local Low Not required Partial Partial Complete
In 2345 Security Guard 3.7, the driver file (2345BdPcSafe.sys, X64 version) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCTL 0x00222088.
2729 CVE-2018-10936 297 2018-08-30 2019-10-09
6.8
None Remote Medium Not required Partial Partial Partial
A weakness was found in postgresql-jdbc before version 42.2.5. It was possible to provide an SSL Factory and not check the host name if a host name verifier was not provided to the driver. This could lead to a condition where a man-in-the-middle attacker could masquerade as a trusted server by providing a certificate for the wrong host, as long as it was signed by a trusted CA.
2730 CVE-2018-10933 287 2018-10-17 2019-10-09
6.4
None Remote Low Not required Partial Partial None
A vulnerability was found in libssh's server-side state machine before versions 0.7.6 and 0.8.4. A malicious client could create channels without first performing authentication, resulting in unauthorized access.
2731 CVE-2018-10929 20 Exec Code 2018-09-04 2019-04-02
6.5
None Remote Low Single system Partial Partial Partial
A flaw was found in RPC request using gfs2_create_req in glusterfs server. An authenticated attacker could use this flaw to create arbitrary files and execute arbitrary code on glusterfs server nodes.
2732 CVE-2018-10928 59 Exec Code 2018-09-04 2019-04-02
6.5
None Remote Low Single system Partial Partial Partial
A flaw was found in RPC request using gfs3_symlink_req in glusterfs server which allows symlink destinations to point to file paths outside of the gluster volume. An authenticated attacker could use this flaw to create arbitrary symlinks pointing anywhere on the server and execute arbitrary code on glusterfs server nodes.
2733 CVE-2018-10926 22 Exec Code Dir. Trav. 2018-09-04 2019-04-02
6.5
None Remote Low Single system Partial Partial Partial
A flaw was found in RPC request using gfs3_mknod_req supported by glusterfs server. An authenticated attacker could use this flaw to write files to an arbitrary location via path traversal and execute arbitrary code on a glusterfs server node.
2734 CVE-2018-10924 772 DoS 2018-09-04 2019-10-02
6.8
None Remote Low Single system None None Complete
It was discovered that fsync(2) system call in glusterfs client code leaks memory. An authenticated attacker could use this flaw to launch a denial of service attack by making gluster clients consume memory of the host machine.
2735 CVE-2018-10915 89 Sql Bypass 2018-08-09 2019-10-02
6.0
None Remote Medium Single system Partial Partial Partial
A vulnerability was found in libpq, the default PostgreSQL client library where libpq failed to properly reset its internal state between connections. If an affected version of libpq was used with "host" or "hostaddr" connection parameters from untrusted input, attackers could bypass client-side connection security features, obtain access to higher privileged connections or potentially cause other impact through SQL injection, by causing the PQescape() functions to malfunction. Postgresql versions before 10.5, 9.6.10, 9.5.14, 9.4.19, and 9.3.24 are affected.
2736 CVE-2018-10907 119 Exec Code Overflow 2018-09-04 2019-04-02
6.5
None Remote Low Single system Partial Partial Partial
It was found that glusterfs server is vulnerable to multiple stack based buffer overflows due to functions in server-rpc-fopc.c allocating fixed size buffers using 'alloca(3)'. An authenticated attacker could exploit this by mounting a gluster volume and sending a string longer that the fixed buffer size to cause crash or potential code execution.
2737 CVE-2018-10904 426 Exec Code 2018-09-04 2019-04-02
6.5
None Remote Low Single system Partial Partial Partial
It was found that glusterfs server does not properly sanitize file paths in the "trusted.io-stats-dump" extended attribute which is used by the "debug/io-stats" translator. Attacker can use this flaw to create files and execute arbitrary code. To exploit this attacker would require sufficient access to modify the extended attributes of files on a gluster volume.
2738 CVE-2018-10899 352 Exec Code CSRF 2019-08-01 2019-09-17
6.8
None Remote Medium Not required Partial Partial Partial
A flaw was found in Jolokia versions from 1.2 to before 1.6.1. Affected versions are vulnerable to a system-wide CSRF. This holds true for properly configured instances with strict checking for origin and referrer headers. This could result in a Remote Code Execution attack.
2739 CVE-2018-10895 352 Exec Code CSRF 2018-07-12 2019-10-09
6.8
None Remote Medium Not required Partial Partial Partial
qutebrowser before version 1.4.1 is vulnerable to a cross-site request forgery flaw that allows websites to access 'qute://*' URLs. A malicious website could exploit this to load a 'qute://settings/set' URL, which then sets 'editor.command' to a bash script, resulting in arbitrary code execution.
2740 CVE-2018-10893 190 Exec Code Overflow 2018-09-11 2019-08-06
6.5
None Remote Low Single system Partial Partial Partial
Multiple integer overflow and buffer overflow issues were discovered in spice-client's handling of LZ compressed frames. A malicious server could cause the client to crash or, potentially, execute arbitrary code.
2741 CVE-2018-10884 352 CSRF 2018-08-22 2019-10-09
6.8
None Remote Medium Not required Partial Partial Partial
Ansible Tower before versions 3.1.8 and 3.2.6 is vulnerable to cross-site request forgery (CSRF) in awx/api/authentication.py. An attacker could exploit this by tricking already authenticated users into visiting a malicious site and hijacking the authtoken cookie.
2742 CVE-2018-10879 416 DoS 2018-07-26 2019-10-09
6.1
None Local Low Not required Partial Partial Complete
A flaw was found in the Linux kernel's ext4 filesystem. A local user can cause a use-after-free in ext4_xattr_set_entry function and a denial of service or unspecified other impact may occur by renaming a file in a crafted ext4 filesystem image.
2743 CVE-2018-10878 787 DoS 2018-07-26 2019-10-09
6.1
None Local Low Not required Partial Partial Complete
A flaw was found in the Linux kernel's ext4 filesystem. A local user can cause an out-of-bounds write and a denial of service or unspecified other impact is possible by mounting and operating a crafted ext4 filesystem image.
2744 CVE-2018-10877 125 2018-07-18 2019-04-01
6.8
None Remote Medium Not required Partial Partial Partial
Linux kernel ext4 filesystem is vulnerable to an out-of-bound access in the ext4_ext_drop_refs() function when operating on a crafted ext4 filesystem image.
2745 CVE-2018-10873 20 2018-08-17 2019-10-09
6.5
None Remote Low Single system Partial Partial Partial
A vulnerability was discovered in SPICE before version 0.14.1 where the generated code used for demarshalling messages lacked sufficient bounds checks. A malicious client or server, after authentication, could send specially crafted messages to its peer which would result in a crash or, potentially, other impacts.
2746 CVE-2018-10860 22 Dir. Trav. 2018-06-29 2018-09-23
6.4
None Remote Low Not required None Partial Partial
perl-archive-zip is vulnerable to a directory traversal in Archive::Zip. It was found that the Archive::Zip module did not properly sanitize paths while extracting zip files. An attacker able to provide a specially crafted archive for processing could use this flaw to write or overwrite arbitrary files in the context of the perl interpreter.
2747 CVE-2018-10858 119 Exec Code Overflow 2018-08-22 2019-06-26
6.5
None Remote Low Single system Partial Partial Partial
A heap-buffer overflow was found in the way samba clients processed extra long filename in a directory listing. A malicious samba server could use this flaw to cause arbitrary code execution on a samba client. Samba versions before 4.6.16, 4.7.9 and 4.8.4 are vulnerable.
2748 CVE-2018-10856 732 2018-07-02 2019-10-09
6.5
None Remote Low Single system Partial Partial Partial
It has been discovered that podman before version 0.6.1 does not drop capabilities when executing a container as a non-root user. This results in unnecessary privileges being granted to the container.
2749 CVE-2018-10847 287 Bypass 2018-07-30 2019-10-09
6.5
None Remote Low Single system Partial Partial Partial
prosody before versions 0.10.2, 0.9.14 is vulnerable to an Authentication Bypass. Prosody did not verify that the virtual host associated with a user session remained the same across stream restarts. A user may authenticate to XMPP host A and migrate their authenticated session to XMPP host B of the same Prosody instance.
2750 CVE-2018-10841 2018-06-20 2019-10-02
6.5
None Remote Low Single system Partial Partial Partial
glusterfs is vulnerable to privilege escalation on gluster server nodes. An authenticated gluster client via TLS could use gluster cli with --remote-host command to add it self to trusted storage pool and perform privileged gluster operations like adding other machines to trusted storage pool, start, stop, and delete volumes.
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.