CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities Published In November 2018

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
251 CVE-2018-19115 119 Overflow 2018-11-08 2019-05-28
7.5
None Remote Low Not required Partial Partial Partial
keepalived before 2.0.7 has a heap-based buffer overflow when parsing HTTP status codes resulting in DoS or possibly unspecified other impact, because extract_status_code in lib/html.c has no validation of the status code and instead writes an unlimited amount of data to the heap.
252 CVE-2018-19114 20 +Priv 2018-11-08 2019-10-02
6.5
None Remote Low Single system Partial Partial Partial
An issue was discovered in MinDoc through v1.0.2. It allows attackers to gain privileges by uploading an image file with contents that represent an admin session, and then sending a Cookie: header with a mindoc_id value containing the relative pathname of this uploaded file. For example, the mindoc_id (aka session ID) could be of the form aa/../../uploads/blog/201811/attach_#.jpg where '#' is a hex value displayed in the upload field of a manage/blogs/edit/ screen.
253 CVE-2018-19111 319 2018-11-08 2019-10-02
5.0
None Remote Low Not required Partial None None
The Google Cardboard application 1.8 for Android and 1.2 for iOS sends potentially private cleartext information to the Unity 3D Stats web site, as demonstrated by device make, model, and OS.
254 CVE-2018-19110 425 Bypass 2018-11-08 2019-10-02
4.0
None Remote Low Single system None Partial None
The skin-management feature in tianti 2.3 allows remote authenticated users to bypass intended permission restrictions by visiting tianti-module-admin/user/skin/list directly because controller\usercontroller.java maps a /skin/list request to the function skinList, and lacks an authorization check.
255 CVE-2018-19109 425 Bypass 2018-11-08 2019-10-02
6.5
None Remote Low Single system Partial Partial Partial
tianti 2.3 allows remote authenticated users to bypass intended permission restrictions by visiting tianti-module-admin/cms/column/list directly to read the column list page or edit a column.
256 CVE-2018-19108 835 DoS Overflow 2018-11-08 2019-10-02
4.3
None Remote Medium Not required None None Partial
In Exiv2 0.26, Exiv2::PsdImage::readMetadata in psdimage.cpp in the PSD image reader may suffer from a denial of service (infinite loop) caused by an integer overflow via a crafted PSD image file.
257 CVE-2018-19107 190 DoS Overflow 2018-11-08 2019-07-15
4.3
None Remote Medium Not required None None Partial
In Exiv2 0.26, Exiv2::IptcParser::decode in iptc.cpp (called from psdimage.cpp in the PSD image reader) may suffer from a denial of service (heap-based buffer over-read) caused by an integer overflow via a crafted PSD image file.
258 CVE-2018-19105 787 DoS 2018-11-08 2019-05-05
6.8
None Remote Medium Not required Partial Partial Partial
LibreCAD 2.1.3 allows remote attackers to cause a denial of service (0x89C04589 write access violation and application crash) or possibly have unspecified other impact via a crafted file.
259 CVE-2018-19104 352 CSRF 2018-11-08 2018-12-11
6.8
None Remote Medium Not required Partial Partial Partial
In BageCMS 3.1.3, upload/index.php has a CSRF vulnerability that can be used to upload arbitrary files and get server privileges.
260 CVE-2018-19093 2018-11-07 2019-10-02
5.0
None Remote Low Not required None None Partial
** DISPUTED ** An issue has been found in libIEC61850 v1.3. It is a SEGV in ControlObjectClient_setCommandTerminationHandler in client/client_control.c. NOTE: the software maintainer disputes this because it requires incorrect usage of the client_example_control program.
261 CVE-2018-19092 79 XSS 2018-11-07 2018-12-13
4.3
None Remote Medium Not required None Partial None
An issue was discovered in YzmCMS v5.2. It has XSS via a search/index/archives/pubtime/ query string, as demonstrated by the search/index/archives/pubtime/1526387722/page/1.html URI. NOTE: this does not obtain a user's cookie.
262 CVE-2018-19091 79 XSS 2018-11-07 2018-12-11
3.5
None Remote Medium Single system None Partial None
tianti 2.3 has reflected XSS in the user management module via the tianti-module-admin/user/list userName parameter.
263 CVE-2018-19090 79 XSS 2018-11-07 2018-12-11
3.5
None Remote Medium Single system None Partial None
tianti 2.3 has stored XSS in the article management module via an article title.
264 CVE-2018-19089 79 XSS 2018-11-07 2018-12-11
3.5
None Remote Medium Single system None Partial None
tianti 2.3 has stored XSS in the userlist module via the tianti-module-admin/user/ajax/save_role name parameter, which is mishandled in tianti-module-admin\src\main\webapp\WEB-INF\views\user\user_list.jsp.
265 CVE-2018-19087 119 DoS Exec Code Overflow 2018-11-09 2018-12-12
7.2
None Local Low Not required Complete Complete Complete
RegFilter.sys in IOBit Malware Fighter 6.2 is susceptible to a stack-based buffer overflow when an attacker uses IOCTL 0x8006E044 with a size larger than 8 bytes. This can lead to denial of service or code execution with root privileges.
266 CVE-2018-19086 119 DoS Exec Code Overflow 2018-11-09 2018-12-12
7.2
None Local Low Not required Complete Complete Complete
RegFilter.sys in IOBit Malware Fighter 6.2 is susceptible to a stack-based buffer overflow when an attacker uses IOCTL 0x8006E040 with a size larger than 8 bytes. This can lead to denial of service or code execution with root privileges.
267 CVE-2018-19085 119 DoS Exec Code Overflow 2018-11-09 2018-12-10
7.2
None Local Low Not required Complete Complete Complete
RegFilter.sys in IOBit Malware Fighter 6.2 is susceptible to a stack-based buffer overflow when an attacker uses IOCTL 0x8006E048 with a size larger than 8 bytes. This can lead to denial of service or code execution with root privileges.
268 CVE-2018-19084 119 DoS Exec Code Overflow 2018-11-09 2018-12-12
7.2
None Local Low Not required Complete Complete Complete
RegFilter.sys in IOBit Malware Fighter 6.2 is susceptible to a stack-based buffer overflow when an attacker uses IOCTL 0x8006E05C with a size larger than 8 bytes. This can lead to denial of service or code execution with root privileges.
269 CVE-2018-19083 79 XSS 2018-11-07 2018-12-11
4.3
None Remote Medium Not required None Partial None
WeCenter 3.2.0 through 3.2.2 has XSS in the views/default/question/index.tpl.html htmlspecialchars_decode function via the /?/publish/ajax/publish_question/ question_content parameter.
270 CVE-2018-19082 119 Overflow 2018-11-07 2018-12-13
7.5
None Remote Low Not required Partial Partial Partial
An issue was discovered on Foscam Opticam i5 devices with System Firmware 1.5.2.11 and Application Firmware 2.21.1.128. The ONVIF devicemgmt SetDNS method allows remote attackers to conduct stack-based buffer overflow attacks via the IPv4Address field.
271 CVE-2018-19081 78 Exec Code 2018-11-07 2018-12-13
10.0
None Remote Low Not required Complete Complete Complete
An issue was discovered on Foscam Opticam i5 devices with System Firmware 1.5.2.11 and Application Firmware 2.21.1.128. The ONVIF devicemgmt SetDNS method allows remote attackers to execute arbitrary OS commands via the IPv4Address field.
272 CVE-2018-19080 79 XSS 2018-11-07 2018-12-13
4.3
None Remote Medium Not required None Partial None
An issue was discovered on Foscam Opticam i5 devices with System Firmware 1.5.2.11 and Application Firmware 2.21.1.128. The ONVIF devicemgmt SetHostname method allows unauthenticated persistent XSS.
273 CVE-2018-19079 20 2018-11-07 2018-12-13
7.8
None Remote Low Not required None None Complete
An issue was discovered on Foscam Opticam i5 devices with System Firmware 1.5.2.11 and Application Firmware 2.21.1.128. The ONVIF devicemgmt SystemReboot method allows unauthenticated reboot.
274 CVE-2018-19078 522 2018-11-07 2019-10-02
5.0
None Remote Low Not required Partial None None
An issue was discovered on Foscam Opticam i5 devices with System Firmware 1.5.2.11 and Application Firmware 2.21.1.128. The response to an ONVIF media GetStreamUri request contains the administrator username and password.
275 CVE-2018-19077 125 DoS 2018-11-07 2018-12-13
7.8
None Remote Low Not required None None Complete
An issue was discovered on Foscam Opticam i5 devices with System Firmware 1.5.2.11 and Application Firmware 2.21.1.128. RtspServer allows remote attackers to cause a denial of service (daemon hang or restart) via a negative integer in the RTSP Content-Length header.
276 CVE-2018-19076 287 2018-11-07 2018-12-11
5.0
None Remote Low Not required Partial None None
An issue was discovered on Foscam C2 devices with System Firmware 1.11.1.8 and Application Firmware 2.72.1.32, and Opticam i5 devices with System Firmware 1.5.2.11 and Application Firmware 2.21.1.128. The FTP and RTSP services make it easier for attackers to conduct brute-force authentication attacks, because failed-authentication limits apply only to HTTP (not FTP or RTSP).
277 CVE-2018-19075 200 +Info 2018-11-07 2018-12-11
5.0
None Remote Low Not required Partial None None
An issue was discovered on Foscam C2 devices with System Firmware 1.11.1.8 and Application Firmware 2.72.1.32, and Opticam i5 devices with System Firmware 1.5.2.11 and Application Firmware 2.21.1.128. The firewall feature makes it easier for remote attackers to ascertain credentials and firewall rules because invalid credentials lead to error -2, whereas rule-based blocking leads to error -8.
278 CVE-2018-19074 2018-11-07 2019-10-02
5.0
None Remote Low Not required None Partial None
An issue was discovered on Foscam C2 devices with System Firmware 1.11.1.8 and Application Firmware 2.72.1.32, and Opticam i5 devices with System Firmware 1.5.2.11 and Application Firmware 2.21.1.128. The firewall has no effect except for blocking port 443 and partially blocking port 88.
279 CVE-2018-19073 78 Exec Code 2018-11-07 2018-12-11
9.0
None Remote Low Single system Complete Complete Complete
An issue was discovered on Foscam C2 devices with System Firmware 1.11.1.8 and Application Firmware 2.72.1.32, and Opticam i5 devices with System Firmware 1.5.2.11 and Application Firmware 2.21.1.128. They allow attackers to execute arbitrary OS commands via shell metacharacters in the modelName, by leveraging /mnt/mtd/app/config/ProductConfig.xml write access.
280 CVE-2018-19072 732 2018-11-07 2019-10-02
3.6
None Local Low Not required None Partial Partial
An issue was discovered on Foscam C2 devices with System Firmware 1.11.1.8 and Application Firmware 2.72.1.32, and Opticam i5 devices with System Firmware 1.5.2.11 and Application Firmware 2.21.1.128. /mnt/mtd/app has 0777 permissions, allowing local users to replace an archive file (within that directory) to control what is extracted to RAM at boot time.
281 CVE-2018-19071 732 Exec Code 2018-11-07 2019-10-02
4.6
None Local Low Not required Partial Partial Partial
An issue was discovered on Foscam C2 devices with System Firmware 1.11.1.8 and Application Firmware 2.72.1.32, and Opticam i5 devices with System Firmware 1.5.2.11 and Application Firmware 2.21.1.128. /mnt/mtd/boot.sh has 0777 permissions, allowing local users to control the commands executed at system start-up.
282 CVE-2018-19070 78 Exec Code 2018-11-07 2018-12-11
9.0
None Remote Low Single system Complete Complete Complete
An issue was discovered on Foscam C2 devices with System Firmware 1.11.1.8 and Application Firmware 2.72.1.32, and Opticam i5 devices with System Firmware 1.5.2.11 and Application Firmware 2.21.1.128. They allow remote attackers to execute arbitrary OS commands via shell metacharacters in the usrName parameter of a CGIProxy.fcgi addAccount action.
283 CVE-2018-19069 798 2018-11-07 2018-12-11
10.0
None Remote Low Not required Complete Complete Complete
An issue was discovered on Foscam C2 devices with System Firmware 1.11.1.8 and Application Firmware 2.72.1.32, and Opticam i5 devices with System Firmware 1.5.2.11 and Application Firmware 2.21.1.128. The CGIProxy.fcgi?cmd=setTelnetSwitch feature is authorized for the root user with a password of toor.
284 CVE-2018-19068 2018-11-07 2019-10-02
4.0
None Remote Low Single system None Partial None
An issue was discovered on Foscam Opticam i5 devices with System Firmware 1.5.2.11 and Application Firmware 2.21.1.128. The CGIProxy.fcgi?cmd=setTelnetSwitch feature is authorized for hidden factory credentials.
285 CVE-2018-19067 798 2018-11-07 2018-12-11
10.0
None Remote Low Not required Complete Complete Complete
An issue was discovered on Foscam C2 devices with System Firmware 1.11.1.8 and Application Firmware 2.72.1.32, and Opticam i5 devices with System Firmware 1.5.2.11 and Application Firmware 2.21.1.128. There is a hardcoded [email protected] password for the factory~ account.
286 CVE-2018-19066 798 2018-11-07 2018-12-11
5.0
None Remote Low Not required Partial None None
An issue was discovered on Foscam C2 devices with System Firmware 1.11.1.8 and Application Firmware 2.72.1.32, and Opticam i5 devices with System Firmware 1.5.2.11 and Application Firmware 2.21.1.128. The exported device configuration is encrypted with the hardcoded Pxift* password in some cases.
287 CVE-2018-19065 798 2018-11-07 2018-12-11
5.0
None Remote Low Not required Partial None None
An issue was discovered on Foscam C2 devices with System Firmware 1.11.1.8 and Application Firmware 2.72.1.32, and Opticam i5 devices with System Firmware 1.5.2.11 and Application Firmware 2.21.1.128. The exported device configuration is encrypted with the hardcoded BpP+2R9*Q password in some cases.
288 CVE-2018-19064 521 2018-11-07 2019-10-02
10.0
None Remote Low Not required Complete Complete Complete
An issue was discovered on Foscam C2 devices with System Firmware 1.11.1.8 and Application Firmware 2.72.1.32, and Opticam i5 devices with System Firmware 1.5.2.11 and Application Firmware 2.21.1.128. The ftpuser1 account has a blank password, which cannot be changed.
289 CVE-2018-19063 798 2018-11-07 2018-12-11
10.0
None Remote Low Not required Complete Complete Complete
An issue was discovered on Foscam C2 devices with System Firmware 1.11.1.8 and Application Firmware 2.72.1.32, and Opticam i5 devices with System Firmware 1.5.2.11 and Application Firmware 2.21.1.128. The admin account has a blank password.
290 CVE-2018-19061 89 Sql 2018-11-07 2018-12-10
7.5
None Remote Low Not required Partial Partial Partial
DedeCMS 5.7 SP2 has SQL Injection via the dede\co_do.php ids parameter.
291 CVE-2018-19060 476 DoS 2018-11-07 2019-08-06
4.3
None Remote Medium Not required None None Partial
An issue was discovered in Poppler 0.71.0. There is a NULL pointer dereference in goo/GooString.h, will lead to denial of service, as demonstrated by utils/pdfdetach.cc not validating a filename of an embedded file before constructing a save path.
292 CVE-2018-19059 125 DoS 2018-11-07 2019-08-06
4.3
None Remote Medium Not required None None Partial
An issue was discovered in Poppler 0.71.0. There is a out-of-bounds read in EmbFile::save2 in FileSpec.cc, will lead to denial of service, as demonstrated by utils/pdfdetach.cc not validating embedded files before save attempts.
293 CVE-2018-19058 20 DoS 2018-11-07 2019-08-06
4.3
None Remote Medium Not required None None Partial
An issue was discovered in Poppler 0.71.0. There is a reachable abort in Object.h, will lead to denial of service because EmbFile::save2 in FileSpec.cc lacks a stream check before saving an embedded file.
294 CVE-2018-19057 79 XSS 2018-11-07 2018-12-12
4.3
None Remote Medium Not required None Partial None
SimpleMDE 1.11.2 has XSS via an onerror attribute of a crafted IMG element, or via certain input with [ and ( characters, which is mishandled during construction of an A element.
295 CVE-2018-19056 79 XSS 2018-11-07 2018-12-12
4.3
None Remote Medium Not required None Partial None
pandao Editor.md 1.5.0 has DOM XSS via input starting with a "<<" substring, which is mishandled during construction of an A element.
296 CVE-2018-19053 94 Exec Code 2018-11-07 2018-12-12
6.5
None Remote Low Single system Partial Partial Partial
PbootCMS 1.2.2 allows remote attackers to execute arbitrary PHP code by specifying a .php filename in a "SET GLOBAL general_log_file" statement, followed by a SELECT statement containing this PHP code.
297 CVE-2018-19052 Dir. Trav. 2018-11-07 2018-11-07
0.0
None ??? ??? ??? ??? ??? ???
An issue was discovered in mod_alias_physical_handler in mod_alias.c in lighttpd before 1.4.50. There is potential ../ path traversal of a single directory above an alias target, with a specific mod_alias configuration where the matched alias lacks a trailing '/' character, but the alias target filesystem path does have a trailing '/' character.
298 CVE-2018-19051 79 XSS 2018-11-06 2018-12-07
4.3
None Remote Medium Not required None Partial None
MetInfo 6.1.3 has XSS via the admin/index.php?a=dogetpassword abt_type parameter.
299 CVE-2018-19050 79 XSS 2018-11-06 2018-12-07
4.3
None Remote Medium Not required None Partial None
MetInfo 6.1.3 has XSS via the admin/index.php?a=dogetpassword langset parameter.
300 CVE-2018-19047 2018-11-07 2018-11-07
0.0
None ??? ??? ??? ??? ??? ???
** DISPUTED ** mPDF through 7.1.6, if deployed as a web application that accepts arbitrary HTML, allows SSRF, as demonstrated by a '<img src="http://192.168' substring that triggers a call to getImage in Image/ImageProcessor.php. NOTE: the software maintainer disputes this, stating "If you allow users to pass HTML without sanitising it, you're asking for trouble."
Total number of vulnerabilities : 982   Page : 1 2 3 4 5 6 (This Page)7 8 9 10 11 12 13 14 15 16 17 18 19 20
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.