CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities (CVSS score between 6 and 6.99)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
3351 CVE-2018-3885 89 Sql 2018-09-12 2018-10-29
6.5
None Remote Low Single system Partial Partial Partial
An exploitable SQL injection vulnerability exists in the authenticated part of ERPNext v10.1.6. Specially crafted web requests can cause SQL injections resulting in data compromise. The order_by parameter can be used to perform an SQL injection attack. An attacker can use a browser to trigger these vulnerabilities, and no special tools are required.
3352 CVE-2018-3884 89 Sql 2018-09-12 2018-10-30
6.5
None Remote Low Single system Partial Partial Partial
An exploitable SQL injection vulnerability exists in the authenticated part of ERPNext v10.1.6. Specially crafted web requests can cause SQL injections resulting in data compromise. The sort_by and start parameter can be used to perform an SQL injection attack. An attacker can use a browser to trigger these vulnerabilities, and no special tools are required.
3353 CVE-2018-3883 89 Sql 2018-09-12 2018-10-29
6.5
None Remote Low Single system Partial Partial Partial
An exploitable SQL injection vulnerability exists in the authenticated part of ERPNext v10.1.6. Specially crafted web requests can cause SQL injections resulting in data compromise. The employee and sort_order parameter can be used to perform an SQL injection attack. An attacker can use a browser to trigger these vulnerabilities, and no special tools are required.
3354 CVE-2018-3882 89 Sql 2018-09-12 2018-10-29
6.5
None Remote Low Single system Partial Partial Partial
An exploitable SQL injection vulnerability exists in the authenticated part of ERPNext v10.1.6. Specially crafted web requests can cause SQL injections resulting in data compromise. The searchfield parameter can be used to perform an SQL injection attack. An attacker can use a browser to trigger these vulnerabilities, and no special tools are required.
3355 CVE-2018-3879 89 Sql 2018-08-23 2018-10-26
6.5
None Remote Low Single system Partial Partial Partial
An exploitable JSON injection vulnerability exists in the credentials handler of video-core's HTTP server of Samsung SmartThings Hub STH-ETH-250 devices with firmware version 0.20.17. The video-core process incorrectly parses the user-controlled JSON payload, leading to a JSON injection which in turn leads to a SQL injection in the video-core database. An attacker can send a series of HTTP requests to trigger this vulnerability.
3356 CVE-2018-3871 787 Exec Code 2018-07-19 2018-09-13
6.8
None Remote Medium Not required Partial Partial Partial
An exploitable out-of-bounds write exists in the PCX parsing functionality of Canvas Draw version 4.0.0. A specially crafted PCX image processed via the application can lead to an out-of-bounds write, overwriting arbitrary data. An attacker can deliver a PCX image to trigger this vulnerability and gain code execution. A different vulnerability than CVE-2018-3870.
3357 CVE-2018-3870 787 Exec Code 2018-07-19 2018-09-13
6.8
None Remote Medium Not required Partial Partial Partial
An exploitable out-of-bounds write exists in the PCX parsing functionality of Canvas Draw version 4.0.0. A specially crafted PCX image processed via the application can lead to an out-of-bounds write, overwriting arbitrary data. An attacker can deliver a PCX image to trigger this vulnerability and gain code execution. A different vulnerability than CVE-2018-3871.
3358 CVE-2018-3868 787 Exec Code 2018-04-12 2018-05-16
6.8
None Remote Medium Not required Partial Partial Partial
A specially crafted TIFF image processed via the application can lead to an out-of-bounds write, overwriting arbitrary data. An attacker can deliver a TIFF image to trigger this vulnerability and gain code execution.
3359 CVE-2018-3862 787 2018-04-12 2018-05-16
6.8
None Remote Medium Not required Partial Partial Partial
A specially crafted TIFF image processed via the application can lead to an out-of-bounds write, overwriting
3360 CVE-2018-3861 787 Exec Code 2018-04-12 2018-05-16
6.8
None Remote Medium Not required Partial Partial Partial
A specially crafted TIFF image processed via the application can lead to an out-of-bounds write, overwriting arbitrary data. An attacker can deliver a TIFF image to trigger this vulnerability and gain code execution.
3361 CVE-2018-3860 787 Exec Code 2018-07-19 2018-09-13
6.8
None Remote Medium Not required Partial Partial Partial
An exploitable out-of-bounds write exists in the TIFF parsing functionality of Canvas Draw version 4.0.0. A specially crafted TIFF image processed via the application can lead to an out-of-bounds write, overwriting arbitrary data. An attacker can deliver a TIFF image to trigger this vulnerability and gain the ability to execute code. A different vulnerability than CVE-2018-3859.
3362 CVE-2018-3859 787 Exec Code 2018-07-19 2018-09-13
6.8
None Remote Medium Not required Partial Partial Partial
An exploitable out-of-bounds write exists in the TIFF parsing functionality of Canvas Draw version 4.0.0. A specially crafted TIFF image processed via the application can lead to an out-of-bounds write, overwriting arbitrary data. An attacker can deliver a TIFF image to trigger this vulnerability and gain code execution. A different vulnerability than CVE-2018-3860.
3363 CVE-2018-3858 787 Exec Code Overflow 2018-07-19 2018-09-13
6.8
None Remote Medium Not required Partial Partial Partial
An exploitable heap overflow exists in the TIFF parsing functionality of Canvas Draw version 4.0.0. A specially crafted TIFF image processed via the application can lead to an out-of-bounds write, overwriting arbitrary data. An attacker can deliver a TIFF image to trigger this vulnerability and gain the ability to execute code. A different vulnerability than CVE-2018-3857.
3364 CVE-2018-3857 787 Exec Code Overflow 2018-07-19 2018-09-14
6.8
None Remote Medium Not required Partial Partial Partial
An exploitable heap overflow exists in the TIFF parsing functionality of Canvas Draw version 4.0.0. A specially crafted TIFF image processed via the application can lead to an out-of-bounds write, overwriting arbitrary data. An attacker can deliver a TIFF image to trigger this vulnerability and gain code execution. A different vulnerability than CVE-2018-3858.
3365 CVE-2018-3855 415 Exec Code 2018-04-26 2018-06-04
6.8
None Remote Medium Not required Partial Partial Partial
In Hyland Perceptive Document Filters 11.4.0.2647 - x86/x64 Windows/Linux, a crafted OpenDocument document can lead to a SkCanvas object double free resulting in direct code execution.
3366 CVE-2018-3853 416 Exec Code 2018-06-04 2018-07-31
6.8
None Remote Medium Not required Partial Partial Partial
An exploitable use-after-free vulnerability exists in the JavaScript engine of Foxit Software Foxit PDF Reader version 9.0.1.1049. A specially crafted PDF document can trigger a previously freed object in memory to be reused resulting in arbitrary code execution. An attacker needs to trick the user to open the malicious file to trigger this vulnerability. If the browser plugin extension is enabled, visiting a malicious site can also trigger the vulnerability.
3367 CVE-2018-3851 119 Exec Code Overflow 2018-04-26 2018-06-04
6.8
None Remote Medium Not required Partial Partial Partial
In Hyland Perceptive Document Filters 11.4.0.2647 - x86/x64 Windows/Linux, an exploitable stack-based buffer overflow exists in the DOC-to-HTML conversion functionality of the Hyland Perceptive Document Filters version 11.4.0.2647. A crafted .doc document can lead to a stack-based buffer, resulting in direct code execution.
3368 CVE-2018-3850 416 Exec Code 2018-04-23 2018-05-25
6.8
None Remote Medium Not required Partial Partial Partial
An exploitable use-after-free vulnerability exists in the JavaScript engine Foxit Software Foxit PDF Reader version 9.0.1.1049. A specially crafted PDF document can trigger a previously freed object in memory to be reused, resulting in arbitrary code execution. An attacker needs to trick the user to open the malicious file to trigger this vulnerability. If a browser plugin extension is enabled, visiting a malicious site can also trigger the vulnerability.
3369 CVE-2018-3849 119 Exec Code Overflow 2018-04-16 2018-05-21
6.8
None Remote Medium Not required Partial Partial Partial
In the ffghtb function in NASA CFITSIO 3.42, specially crafted images parsed via the library can cause a stack-based buffer overflow overwriting arbitrary data. An attacker can deliver an FIT image to trigger this vulnerability and potentially gain code execution.
3370 CVE-2018-3848 119 Exec Code Overflow 2018-04-16 2018-05-21
6.8
None Remote Medium Not required Partial Partial Partial
In the ffghbn function in NASA CFITSIO 3.42, specially crafted images parsed via the library can cause a stack-based buffer overflow overwriting arbitrary data. An attacker can deliver an FIT image to trigger this vulnerability and potentially gain code execution.
3371 CVE-2018-3847 119 Exec Code Overflow 2018-08-01 2018-10-05
6.8
None Remote Medium Not required Partial Partial Partial
Multiple exploitable buffer overflow vulnerabilities exist in image parsing functionality of the CFITSIO library version 3.42. Specially crafted images parsed via the library, can cause a stack-based buffer overflow overwriting arbitrary data. An attacker can deliver an FIT image to trigger this vulnerability and potentially gain code execution.
3372 CVE-2018-3846 119 Exec Code Overflow 2018-04-16 2018-05-22
6.8
None Remote Medium Not required Partial Partial Partial
In the ffgphd and ffgtkn functions in NASA CFITSIO 3.42, specially crafted images parsed via the library can cause a stack-based buffer overflow overwriting arbitrary data. An attacker can deliver an FIT image to trigger this vulnerability and potentially gain code execution.
3373 CVE-2018-3845 415 Exec Code 2018-04-26 2018-06-04
6.8
None Remote Medium Not required Partial Partial Partial
In Hyland Perceptive Document Filters 11.4.0.2647 - x86/x64 Windows/Linux, a crafted OpenDocument document can lead to a SkCanvas object double free resulting in direct code execution.
3374 CVE-2018-3844 416 Exec Code 2018-04-26 2018-06-04
6.8
None Remote Medium Not required Partial Partial Partial
In Hyland Perceptive Document Filters 11.4.0.2647 - x86/x64 Windows/Linux, a crafted DOCX document can lead to a use-after-free resulting in direct code execution.
3375 CVE-2018-3843 704 Exec Code 2018-04-19 2018-05-22
6.8
None Remote Medium Not required Partial Partial Partial
An exploitable type confusion vulnerability exists in the way Foxit PDF Reader version 9.0.1.1049 parses files with associated file annotations. A specially crafted PDF document can lead to an object of invalid type to be dereferenced, which can potentially lead to sensitive memory disclosure, and possibly to arbitrary code execution. An attacker needs to trick the user into opening the malicious file to trigger this vulnerability. If the browser plugin extension is enabled, visiting a malicious site can also trigger the vulnerability.
3376 CVE-2018-3842 824 Exec Code 2018-04-19 2018-05-22
6.8
None Remote Medium Not required Partial Partial Partial
An exploitable use of an uninitialized pointer vulnerability exists in the JavaScript engine in Foxit PDF Reader version 9.0.1.1049. A specially crafted PDF document can lead to a dereference of an uninitialized pointer which, if under attacker control, can result in arbitrary code execution. An attacker needs to trick the user to open a malicious file to trigger this vulnerability. If the browser plugin extension is enabled, visiting a malicious site can also trigger the vulnerability.
3377 CVE-2018-3839 787 Exec Code 2018-04-10 2019-03-28
6.8
None Remote Medium Not required Partial Partial Partial
An exploitable code execution vulnerability exists in the XCF image rendering functionality of Simple DirectMedia Layer SDL2_image-2.0.2. A specially crafted XCF image can cause an out-of-bounds write on the heap, resulting in code execution. An attacker can display a specially crafted image to trigger this vulnerability.
3378 CVE-2018-3835 787 Exec Code Overflow 2018-01-29 2018-02-16
6.8
None Remote Medium Not required Partial Partial Partial
An exploitable out of bounds write vulnerability exists in version 2.2 of the Per Face Texture mapping application known as PTEX. The vulnerability is present in the reading of a file without proper parameter checking. The value read in, is not verified to be valid and its use can lead to a buffer overflow, potentially resulting in code execution.
3379 CVE-2018-3814 74 Exec Code 2018-01-01 2018-01-17
6.5
None Remote Low Single system Partial Partial Partial
Craft CMS 2.6.3000 allows remote attackers to execute arbitrary PHP code by using the "Assets->Upload files" screen and then the "Replace it" option, because this allows a .jpg file to have embedded PHP code, and then be renamed to a .php extension.
3380 CVE-2018-3767 399 2018-07-05 2018-08-27
6.4
None Remote Low Not required Partial None Partial
`memjs` versions <= 1.1.0 allocates and stores buffers on typed input, resulting in DoS and uninitialized memory usage.
3381 CVE-2018-3754 89 Sql 2018-07-03 2018-09-04
6.5
None Remote Low Single system Partial Partial Partial
Node.js third-party module query-mysql versions 0.0.0, 0.0.1, and 0.0.2 are vulnerable to an SQL injection vulnerability due to lack of user input sanitization. This may allow an attacker to run arbitrary SQL queries when fetching data from database.
3382 CVE-2018-3745 125 2018-05-29 2018-07-13
6.4
None Remote Low Not required Partial None Partial
atob 2.0.3 and earlier allocates uninitialized Buffers when number is passed in input on Node.js 4.x and below.
3383 CVE-2018-3739 119 Overflow 2018-06-06 2019-01-09
6.4
None Remote Low Not required Partial None Partial
https-proxy-agent before 2.1.1 passes auth option to the Buffer constructor without proper sanitization, resulting in DoS and uninitialized memory leak in setups where an attacker could submit typed input to the 'auth' parameter (e.g. JSON).
3384 CVE-2018-3736 399 2018-06-06 2018-07-20
6.4
None Remote Low Not required Partial None Partial
https-proxy-agent passes unsanitized options to Buffer(arg) resulting in DoS and uninitialized memory leak.
3385 CVE-2018-3723 20 2018-06-06 2018-07-23
6.5
None Remote Low Single system Partial Partial Partial
defaults-deep node module before 0.2.4 suffers from a Modification of Assumed-Immutable Data (MAID) vulnerability, which allows a malicious user to modify the prototype of "Object" via __proto__, causing the addition or modification of an existing property that will exist on all objects.
3386 CVE-2018-3722 284 2018-06-06 2018-07-23
6.5
None Remote Low Single system Partial Partial Partial
merge-deep node module before 3.0.1 suffers from a Modification of Assumed-Immutable Data (MAID) vulnerability, which allows a malicious user to modify the prototype of "Object" via __proto__, causing the addition or modification of an existing property that will exist on all objects.
3387 CVE-2018-3720 284 2018-06-06 2018-07-23
6.5
None Remote Low Single system Partial Partial Partial
assign-deep node module before 0.4.7 suffers from a Modification of Assumed-Immutable Data (MAID) vulnerability, which allows a malicious user to modify the prototype of "Object" via __proto__, causing the addition or modification of an existing property that will exist on all objects.
3388 CVE-2018-3719 20 2018-06-06 2018-07-23
6.5
None Remote Low Single system Partial Partial Partial
mixin-deep node module before 1.3.1 suffers from a Modification of Assumed-Immutable Data (MAID) vulnerability, which allows a malicious user to modify the prototype of "Object" via __proto__, causing the addition or modification of an existing property that will exist on all objects.
3389 CVE-2018-3710 22 Exec Code Dir. Trav. 2018-03-21 2018-04-20
6.8
None Remote Medium Not required Partial Partial Partial
Gitlab Community and Enterprise Editions version 10.3.3 is vulnerable to an Insecure Temporary File in the project import component resulting remote code execution.
3390 CVE-2018-3607 89 Exec Code Sql 2018-02-09 2018-02-27
6.5
None Remote Low Single system Partial Partial Partial
XXXTreeNode method SQL injection remote code execution (RCE) vulnerabilities in Trend Micro Control Manager 6.0 could allow a remote attacker to execute arbitrary code on vulnerable installations.
3391 CVE-2018-3606 89 Exec Code Sql 2018-02-09 2018-02-27
6.5
None Remote Low Single system Partial Partial Partial
XXXStatusXXX, XXXSummary, TemplateXXX and XXXCompliance method SQL injection remote code execution (RCE) vulnerabilities in Trend Micro Control Manager 6.0 could allow a remote attacker to execute arbitrary code on vulnerable installations.
3392 CVE-2018-3605 89 Exec Code Sql 2018-02-09 2018-03-01
6.5
None Remote Low Single system Partial Partial Partial
TopXXX, ViolationXXX, and IncidentXXX method SQL injection remote code execution (RCE) vulnerabilities in Trend Micro Control Manager 6.0 could allow a remote attacker to execute arbitrary code on vulnerable installations.
3393 CVE-2018-3604 89 Exec Code Sql 2018-02-09 2018-02-27
6.5
None Remote Low Single system Partial Partial Partial
GetXXX method SQL injection remote code execution (RCE) vulnerabilities in Trend Micro Control Manager 6.0 could allow a remote attacker to execute arbitrary code on vulnerable installations.
3394 CVE-2018-3603 89 Exec Code Sql 2018-02-09 2018-02-27
6.5
None Remote Low Single system Partial Partial Partial
A CGGIServlet SQL injection remote code execution (RCE) vulnerability in Trend Micro Control Manager 6.0 could allow a remote attacker to execute arbitrary code on vulnerable installations.
3395 CVE-2018-3602 89 Exec Code Sql 2018-02-09 2018-02-27
6.5
None Remote Low Single system Partial Partial Partial
An AdHocQuery_Processor SQL injection remote code execution (RCE) vulnerability in Trend Micro Control Manager 6.0 could allow a remote attacker to execute arbitrary code on vulnerable installations.
3396 CVE-2018-3566 119 Overflow 2018-04-03 2018-04-25
6.8
None Remote Medium Not required Partial Partial Partial
In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with all Android releases from CAF using the Linux kernel before security patch level 2018-04-05, a buffer overwrite may occur in ProcSetReqInternal() due to missing length check.
3397 CVE-2018-3563 476 Exec Code 2018-04-03 2018-04-25
6.8
None Remote Medium Not required Partial Partial Partial
In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with all Android releases from CAF using the Linux kernel before security patch level 2018-04-05, untrusted pointer dereference in apr_cb_func can lead to an arbitrary code execution.
3398 CVE-2018-3316 284 DoS 2019-07-23 2019-07-25
6.5
None Remote Low Single system Partial Partial Partial
Vulnerability in the Oracle Retail Customer Management and Segmentation Foundation component of Oracle Retail Applications (subcomponent: Segment). Supported versions that are affected are 16.0 and 17.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Retail Customer Management and Segmentation Foundation. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Retail Customer Management and Segmentation Foundation accessible data as well as unauthorized update, insert or delete access to some of Oracle Retail Customer Management and Segmentation Foundation accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Retail Customer Management and Segmentation Foundation. CVSS 3.0 Base Score 7.6 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L).
3399 CVE-2018-3312 284 DoS 2019-04-23 2019-04-24
6.0
None Remote Medium Single system Partial Partial Partial
Vulnerability in the Oracle Retail Customer Engagement component of Oracle Retail Applications (subcomponent: Segment). Supported versions that are affected are 16.0 and 17.0. Difficult to exploit vulnerability allows high privileged attacker with network access via HTTP to compromise Oracle Retail Customer Engagement. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle Retail Customer Engagement accessible data as well as unauthorized read access to a subset of Oracle Retail Customer Engagement accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Retail Customer Engagement. CVSS 3.0 Base Score 5.5 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:L/I:H/A:L).
3400 CVE-2018-3305 284 DoS 2019-01-16 2019-01-18
6.5
None Remote Low Single system Partial Partial Partial
Vulnerability in the Oracle Application Testing Suite component of Oracle Enterprise Manager Products Suite (subcomponent: Load Testing for Web Apps). Supported versions that are affected are 12.5.0.3, 13.1.0.1, 13.2.0.1 and 13.3.0.1. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Application Testing Suite. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Application Testing Suite accessible data as well as unauthorized read access to a subset of Oracle Application Testing Suite accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Application Testing Suite. CVSS 3.0 Base Score 6.3 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L).
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.