CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities (CVSS score between 5 and 5.99)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
3151 CVE-2018-10887 125 DoS Overflow 2018-07-10 2019-10-09
5.8
None Remote Medium Not required Partial None Partial
A flaw was found in libgit2 before version 0.27.3. It has been discovered that an unexpected sign extension in git_delta_apply function in delta.c file may lead to an integer overflow which in turn leads to an out of bound read, allowing to read before the base object. An attacker may use this flaw to leak memory addresses or cause a Denial of Service.
3152 CVE-2018-10885 20 DoS 2018-07-05 2019-10-09
5.0
None Remote Low Not required None None Partial
In atomic-openshift before version 3.10.9 a malicious network-policy configuration can cause Openshift Routing to crash when using ovs-networkpolicy plugin. An attacker can use this flaw to cause a Denial of Service (DoS) attack on an Openshift 3.9, or 3.7 Cluster.
3153 CVE-2018-10869 732 2018-07-19 2019-10-09
5.0
None Remote Low Not required Partial None None
redhat-certification does not properly restrict files that can be download through the /download page. A remote attacker may download any file accessible by the user running httpd.
3154 CVE-2018-10864 400 DoS 2018-08-13 2019-10-09
5.0
None Remote Low Not required None None Partial
An uncontrolled resource consumption flaw has been discovered in redhat-certification in the way documents are loaded. A remote attacker may provide an existing but invalid XML file which would be opened and never closed, possibly producing a Denial of Service.
3155 CVE-2018-10861 287 2018-07-10 2019-10-09
5.5
None Remote Low Single system None Partial Partial
A flaw was found in the way ceph mon handles user requests. Any authenticated ceph user having read access to ceph can delete, create ceph storage pools and corrupt snapshot images. Ceph branches master, mimic, luminous and jewel are believed to be affected.
3156 CVE-2018-10859 200 +Info 2018-07-16 2019-10-09
5.0
None Remote Low Not required Partial None None
git-annex is vulnerable to an Information Exposure when decrypting files. A malicious server for a special remote could trick git-annex into decrypting a file that was encrypted to the user's gpg key. This attack could be used to expose encrypted data that was never stored in git-annex
3157 CVE-2018-10857 200 +Info 2018-07-16 2019-10-09
5.0
None Remote Low Not required Partial None None
git-annex is vulnerable to a private data exposure and exfiltration attack. It could expose the content of files located outside the git-annex repository, or content from a private web server on localhost or the LAN.
3158 CVE-2018-10855 532 2018-07-02 2019-07-24
5.0
None Remote Low Not required Partial None None
Ansible 2.5 prior to 2.5.5, and 2.4 prior to 2.4.5, do not honor the no_log task flag for failed tasks. When the no_log flag has been used to protect sensitive data passed to a task from being logged, and that task does not run successfully, Ansible will expose sensitive data in log files and on the terminal of the user running Ansible.
3159 CVE-2018-10852 200 +Info 2018-06-26 2019-10-09
5.0
None Remote Low Not required Partial None None
The UNIX pipe which sudo uses to contact SSSD and read the available sudo rules from SSSD has too wide permissions, which means that anyone who can send a message using the same raw protocol that sudo and SSSD use can read the sudo rules available for any user. This affects versions of SSSD before 1.16.3.
3160 CVE-2018-10851 772 DoS 2018-11-29 2019-10-09
5.0
None Remote Low Not required None None Partial
PowerDNS Authoritative Server 3.3.0 up to 4.1.4 excluding 4.1.5 and 4.0.6, and PowerDNS Recursor 3.2 up to 4.1.4 excluding 4.1.5 and 4.0.9, are vulnerable to a memory leak while parsing malformed records that can lead to remote denial of service.
3161 CVE-2018-10831 327 Bypass 2018-05-09 2018-06-18
5.0
None Remote Low Not required None Partial None
Z-NOMP before 2018-04-05 has an incorrect Equihash solution verifier that allows attackers to spoof mining shares, as demonstrated by providing a solution with {x1=1,x2=1,x3=1,...,x512=1} to bypass this verifier for any blockheader. This originally affected (for example) the Bitcoin Gold and Zcash cryptocurrencies, and continued to be exploited in the wild in May 2018 against smaller cryptocurrencies.
3162 CVE-2018-10827 400 DoS 2018-05-09 2018-06-12
5.0
None Remote Low Not required None None Partial
LiteCart before 2.1.2 allows remote attackers to cause a denial of service (memory consumption) via URIs that do not exist, because public_html/logs/not_found.log grows without bound, and is loaded into memory for each request.
3163 CVE-2018-10824 22 Dir. Trav. 2018-10-17 2019-10-02
5.0
None Remote Low Not required Partial None None
An issue was discovered on D-Link DWR-116 through 1.06, DIR-140L through 1.02, DIR-640L through 1.02, DWR-512 through 2.02, DWR-712 through 2.02, DWR-912 through 2.02, DWR-921 through 2.02, and DWR-111 through 1.01 devices. The administrative password is stored in plaintext in the /tmp/csman/0 file. An attacker having a directory traversal (or LFI) can easily get full router access.
3164 CVE-2018-10822 22 Dir. Trav. 2018-10-17 2019-01-23
5.0
None Remote Low Not required Partial None None
Directory traversal vulnerability in the web interface on D-Link DWR-116 through 1.06, DIR-140L through 1.02, DIR-640L through 1.02, DWR-512 through 2.02, DWR-712 through 2.02, DWR-912 through 2.02, DWR-921 through 2.02, and DWR-111 through 1.01 devices allows remote attackers to read arbitrary files via a /.. or // after "GET /uir" in an HTTP request. NOTE: this vulnerability exists because of an incorrect fix for CVE-2017-6190.
3165 CVE-2018-10811 665 DoS 2018-06-19 2018-11-27
5.0
None Remote Low Not required None None Partial
strongSwan 5.6.0 and older allows Remote Denial of Service because of Missing Initialization of a Variable.
3166 CVE-2018-10770 200 +Info 2018-05-09 2018-06-14
5.0
None Remote Low Not required Partial None None
download.rsp on ShenZhen Anni "5 in 1 XVR" devices allows remote attackers to download the configuration (without a login) to discover the password.
3167 CVE-2018-10769 2018-08-10 2019-10-02
5.0
None Remote Low Not required None Partial None
The transferProxy and approveProxy functions of a smart contract implementation for SmartMesh (SMT), an Ethereum ERC20 token, allow attackers to accomplish an unauthorized transfer of digital assets because replay attacks can occur with the same-named functions (with the same signatures) in other tokens: First (FST), GG Token (GG), M2C Mesh Network (MTC), M2C Mesh Network (mesh), and UG Token (UGT).
3168 CVE-2018-10758 352 CSRF 2018-05-05 2018-06-12
5.8
None Remote Medium Not required None Partial Partial
The edit/ URI in Datenstrom Yellow 0.7.3 has CSRF via a delete action that can delete articles.
3169 CVE-2018-10754 476 DoS 2018-05-04 2019-04-23
5.0
None Remote Low Not required None None Partial
In ncurses before 6.1.20180414, there is a NULL Pointer Dereference in the _nc_parse_entry function of tinfo/parse_entry.c. It could lead to a remote denial of service if the terminfo library code is used to process untrusted terminfo data in which a use-name is invalid syntax. The product proceeds to the dereference code path even after a "dubious character `[' in name or alias field" detection.
3170 CVE-2018-10751 190 Overflow Mem. Corr. 2018-05-29 2018-07-20
5.4
None Remote High Not required None None Complete
A malformed OMACP WAP push message can cause memory corruption on a Samsung S7 Edge device when processing the String Extension portion of the WbXml payload. This is due to an integer overflow in memory allocation for this string. The Samsung ID is SVE-2018-11463.
3171 CVE-2018-10734 200 +Info 2018-05-08 2018-06-13
5.0
None Remote Low Not required Partial None None
KONGTOP DVR devices A303, A403, D303, D305, and D403 contain a backdoor that prints the login password via a Print_Password function call in certain circumstances.
3172 CVE-2018-10732 200 +Info 2018-05-28 2018-07-02
5.0
None Remote Low Not required Partial None None
The REST API in Dataiku DSS before 4.2.3 allows remote attackers to obtain sensitive information (i.e., determine if a username is valid) because of profile pictures visibility.
3173 CVE-2018-10729 200 +Info 2018-05-17 2018-06-20
5.0
None Remote Low Not required Partial None None
All Phoenix Contact managed FL SWITCH 3xxx, 4xxx, 48xx products running firmware version 1.0 to 1.33 allow reading the configuration file by an unauthenticated user.
3174 CVE-2018-10706 190 Overflow 2018-05-10 2018-06-14
5.0
None Remote Low Not required None Partial None
An integer overflow in the transferMulti function of a smart contract implementation for Social Chain (SCA), an Ethereum ERC20 token, allows attackers to accomplish an unauthorized increase of digital assets, aka the "multiOverflow" issue.
3175 CVE-2018-10705 DoS 2018-05-08 2019-10-02
5.0
None Remote Low Not required None None Partial
The Owned smart contract implementation for Aurora DAO (AURA), an Ethereum ERC20 token, allows attackers to acquire contract ownership because the setOwner function is declared as public. An attacker can then conduct a lockBalances() denial of service attack.
3176 CVE-2018-10691 284 2019-06-07 2019-06-10
5.0
None Remote Low Not required Partial None None
An issue was discovered on Moxa AWK-3121 1.14 devices. It is intended that an administrator can download /systemlog.log (the system log). However, the same functionality allows an attacker to download the file without any authentication or authorization.
3177 CVE-2018-10678 601 2018-05-13 2018-06-05
5.8
None Remote Medium Not required Partial Partial None
MyBB 1.8.15, when accessed with Microsoft Edge, mishandles 'target="_blank" rel="noopener"' in A elements, which makes it easier for remote attackers to conduct redirection attacks.
3178 CVE-2018-10676 +Info 2018-05-02 2019-10-02
5.0
None Remote Low Not required Partial None None
CeNova, Night OWL, Novo, Pulnix, QSee, Securus, and TBK Vision DVR devices allow remote attackers to download a file and obtain sensitive credential information via a direct request for the download.rsp URI.
3179 CVE-2018-10666 2018-05-03 2019-10-02
5.0
None Remote Low Not required None Partial None
The Owned smart contract implementation for Aurora IDEX Membership (IDXM), an Ethereum ERC20 token, allows attackers to acquire contract ownership because the setOwner function is declared as public. A new owner can subsequently modify variables.
3180 CVE-2018-10664 119 Overflow Mem. Corr. 2018-06-26 2018-08-20
5.0
None Remote Low Not required None None Partial
An issue was discovered in the httpd process in multiple models of Axis IP Cameras. There is Memory Corruption.
3181 CVE-2018-10663 200 +Info 2018-06-26 2018-08-20
5.0
None Remote Low Not required Partial None None
An issue was discovered in multiple models of Axis IP Cameras. There is an Incorrect Size Calculation.
3182 CVE-2018-10659 119 DoS Overflow Mem. Corr. 2018-06-26 2018-08-20
5.0
None Remote Low Not required None None Partial
There was a Memory Corruption issue discovered in multiple models of Axis IP Cameras which allows remote attackers to cause a denial of service (crash) by sending a crafted command which will result in a code path that calls the UND undefined ARM instruction.
3183 CVE-2018-10658 119 DoS Overflow Mem. Corr. 2018-06-26 2018-08-20
5.0
None Remote Low Not required None None Partial
There was a Memory Corruption issue discovered in multiple models of Axis IP Cameras which causes a denial of service (crash). The crash arises from code inside libdbus-send.so shared object or similar.
3184 CVE-2018-10657 20 DoS 2018-05-02 2018-06-07
5.0
None Remote Low Not required None None Partial
Matrix Synapse before 0.28.1 is prone to a denial of service flaw where malicious events injected with depth = 2^63 - 1 render rooms unusable, related to federation/federation_base.py and handlers/message.py, as exploited in the wild in April 2018.
3185 CVE-2018-10652 200 +Info 2018-05-23 2018-06-25
5.0
None Remote Low Not required Partial None None
There is a Sensitive Data Leakage issue in Citrix XenMobile Server 10.7 before RP3.
3186 CVE-2018-10651 601 2018-05-23 2018-06-25
5.8
None Remote Medium Not required Partial Partial None
There are Open Redirect Vulnerabilities in Citrix XenMobile Server 10.8 before RP2 and 10.7 before RP3.
3187 CVE-2018-10632 400 2018-07-24 2019-10-09
5.0
None Remote Low Not required None None Partial
In Moxa NPort 5210, 5230, and 5232 versions 2.9 build 17030709 and prior, the amount of resources requested by a malicious actor are not restricted, allowing for a denial-of-service condition.
3188 CVE-2018-10618 916 2018-08-01 2019-10-09
5.0
None Remote Low Not required Partial None None
Davolink DVW-3200N all version prior to Version 1.00.06. The device generates a weak password hash that is easily cracked, allowing a remote attacker to obtain the password for the device.
3189 CVE-2018-10613 611 2018-06-04 2019-10-09
5.0
None Remote Low Not required Partial None None
Multiple variants of XML External Entity (XXE) attacks may be used to exfiltrate data from the host Windows platform in GE MDS PulseNET and MDS PulseNET Enterprise version 3.2.1 and prior.
3190 CVE-2018-10607 400 DoS 2018-07-31 2019-10-09
5.0
None Remote Low Not required None None Partial
Martem TELEM GW6 and GWM devices with firmware 2018.04.18-linux_4-01-601cb47 and prior allow the creation of new connections to one or more IOAs, without closing them properly, which may cause a denial of service within the industrial process control channel.
3191 CVE-2018-10601 119 Overflow 2018-06-05 2019-10-09
5.4
None Local Network Medium Not required Partial Partial Partial
IntelliVue Patient Monitors MP Series (including MP2/X2/MP30/MP50/MP70/NP90/MX700/800) Rev B-M, IntelliVue Patient Monitors MX (MX400-550) Rev J-M and (X3/MX100 for Rev M only), and Avalon Fetal/Maternal Monitors FM20/FM30/FM40/FM50 with software Revisions F.0, G.0 and J.3 have a vulnerability that exposes an "echo" service, in which an attacker-sent buffer to an attacker-chosen device address within the same subnet is copied to the stack with no boundary checks, hence resulting in stack overflow.
3192 CVE-2018-10598 125 Exec Code +Priv 2018-08-13 2019-10-09
5.8
None Remote Medium Not required Partial None Partial
CNCSoft Version 1.00.83 and prior with ScreenEditor Version 1.00.54 has two out-of-bounds read vulnerabilities could cause the software to crash due to lacking user input validation for processing project files. Which may allow an attacker to gain remote code execution with administrator privileges if exploited.
3193 CVE-2018-10597 287 2018-06-05 2019-10-09
5.4
None Local Network Medium Not required Partial Partial Partial
IntelliVue Patient Monitors MP Series (including MP2/X2/MP30/MP50/MP70/NP90/MX700/800) Rev B-M, IntelliVue Patient Monitors MX (MX400-550) Rev J-M and (X3/MX100 for Rev M only), and Avalon Fetal/Maternal Monitors FM20/FM30/FM40/FM50 with software Revisions F.0, G.0 and J.3 have a vulnerability that allows an unauthenticated attacker to access memory ("write-what-where") from an attacker-chosen device address within the same subnet.
3194 CVE-2018-10596 200 +Info 2018-07-02 2019-10-09
5.2
None Local Network Low Single system Partial Partial Partial
Medtronic 2090 CareLink Programmer all versions The affected product uses a virtual private network connection to securely download updates. The product does not verify it is still connected to this virtual private network before downloading updates. An attacker with local network access to the programmer could influence these communications.
3195 CVE-2018-10590 538 2018-05-15 2019-10-09
5.0
None Remote Low Not required Partial None None
In Advantech WebAccess versions V8.2_20170817 and prior, WebAccess versions V8.3.0 and prior, WebAccess Dashboard versions V.2.0.15 and prior, WebAccess Scada Node versions prior to 8.3.1, and WebAccess/NMS 2.0.3 and prior, an information exposure vulnerability through directory listing has been identified, which may allow an attacker to find important files that are not normally visible.
3196 CVE-2018-10583 200 +Info 2018-05-01 2019-09-28
5.0
None Remote Low Not required Partial None None
An information disclosure vulnerability occurs when LibreOffice 6.0.3 and Apache OpenOffice Writer 4.1.5 automatically process and initiate an SMB connection embedded in a malicious file, as demonstrated by xlink:href=file://192.168.0.2/test.jpg within an office:document-content element in a .odt XML document.
3197 CVE-2018-10581 200 +Info 2018-05-01 2018-06-13
5.5
None Remote Low Single system Partial Partial None
In Octopus Deploy 3.4.x before 2018.4.7, an authenticated user is able to view/update/save variable values within the Tenant Variables area for Environments that do not exist within their associated Team scoping. This occurs in situations where this authenticated user also belongs to multiple teams, where one of the Teams has the VariableEdit permission or VariableView permissions for the Environment.
3198 CVE-2018-10572 Bypass 2018-04-30 2019-10-02
5.5
None Remote Low Single system None Partial Partial
interface/patient_file/letter.php in OpenEMR before 5.0.1 allows remote authenticated users to bypass intended access restrictions via the newtemplatename and form_body parameters.
3199 CVE-2018-10550 269 2018-04-30 2019-10-02
5.0
None Remote Low Not required Partial None None
In Octopus Deploy before 2018.4.7, target and tenant tag variable scopes were not checked against the list of tenants the user has access to.
3200 CVE-2018-10548 476 DoS 2018-04-29 2019-08-19
5.0
None Remote Low Not required None None Partial
An issue was discovered in PHP before 5.6.36, 7.0.x before 7.0.30, 7.1.x before 7.1.17, and 7.2.x before 7.2.5. ext/ldap/ldap.c allows remote LDAP servers to cause a denial of service (NULL pointer dereference and application crash) because of mishandling of the ldap_get_dn return value.
Total number of vulnerabilities : 23746   Page : 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 (This Page)65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 185 186 187 188 189 190 191 192 193 194 195 196 197 198 199 200 201 202 203 204 205 206 207 208 209 210 211 212 213 214 215 216 217 218 219 220 221 222 223 224 225 226 227 228 229 230 231 232 233 234 235 236 237 238 239 240 241 242 243 244 245 246 247 248 249 250 251 252 253 254 255 256 257 258 259 260 261 262 263 264 265 266 267 268 269 270 271 272 273 274 275 276 277 278 279 280 281 282 283 284 285 286 287 288 289 290 291 292 293 294 295 296 297 298 299 300 301 302 303 304 305 306 307 308 309 310 311 312 313 314 315 316 317 318 319 320 321 322 323 324 325 326 327 328 329 330 331 332 333 334 335 336 337 338 339 340 341 342 343 344 345 346 347 348 349 350 351 352 353 354 355 356 357 358 359 360 361 362 363 364 365 366 367 368 369 370 371 372 373 374 375 376 377 378 379 380 381 382 383 384 385 386 387 388 389 390 391 392 393 394 395 396 397 398 399 400 401 402 403 404 405 406 407 408 409 410 411 412 413 414 415 416 417 418 419 420 421 422 423 424 425 426 427 428 429 430 431 432 433 434 435 436 437 438 439 440 441 442 443 444 445 446 447 448 449 450 451 452 453 454 455 456 457 458 459 460 461 462 463 464 465 466 467 468 469 470 471 472 473 474 475
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.