CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities (CVSS score between 6 and 6.99)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
3401 CVE-2018-5403 287 2019-01-10 2019-10-09
6.8
None Remote Medium Not required Partial Partial Partial
Imperva SecureSphere gateway (GW) running v13, for both pre-First Time Login or post-First Time Login (FTL), if the attacker knows the basic authentication passwords, the GW may be vulnerable to RCE through specially crafted requests, from the web access management interface.
3402 CVE-2018-5402 310 2018-10-08 2019-10-09
6.5
None Remote Low Single system Partial Partial Partial
The Auto-Maskin DCU 210E, RP-210E, and Marine Pro Observer Android App use an embedded webserver that uses unencrypted plaintext for the transmission of the administrator PIN Impact: An attacker once authenticated can change configurations, upload new configuration files, and upload executable code via file upload for firmware updates. Requires access to the network. Affected releases are Auto-Maskin DCU-210E, RP-210E, and the Marine Pro Observer Android App. Versions prior to 3.7 on ARMv7.
3403 CVE-2018-5400 346 2018-10-08 2019-10-09
6.4
None Remote Low Not required Partial Partial None
The Auto-Maskin products utilize an undocumented custom protocol to set up Modbus communications with other devices without validating those devices. The originating device sends a message in plaintext, 48:65:6c:6c:6f:20:57:6f:72:6c:64, "Hello World" over UDP ports 44444-44446 to the broadcast address for the LAN. Without verification devices respond to any of these broadcast messages on the LAN with a plaintext reply over UDP containing the device model and firmware version. Following this exchange the devices allow Modbus transmissions between the two devices on the standard Modbus port 502 TCP. Impact: An attacker can exploit this vulnerability to send arbitrary messages to any DCU or RP device through spoofing or replay attacks as long as they have access to the network. Affected releases are Auto-Maskin DCU-210E RP-210E: Versions prior to 3.7 on ARMv7.
3404 CVE-2018-5385 384 Bypass 2018-07-24 2019-10-09
6.8
None Remote Medium Not required Partial Partial Partial
Navarino Infinity is prone to session fixation attacks. The server accepts the session ID as a GET parameter which can lead to bypassing the two factor authentication in some installations. This could lead to phishing attacks that can bypass the two factor authentication that is present in some installations.
3405 CVE-2018-5374 89 Sql 2018-01-12 2018-01-24
6.5
None Remote Low Single system Partial Partial Partial
The Dbox 3D Slider Lite plugin through 1.2.2 for WordPress has SQL Injection via settings\sliders.php (current_slider_id parameter).
3406 CVE-2018-5373 89 Sql 2018-01-12 2018-01-24
6.5
None Remote Low Single system Partial Partial Partial
The Smooth Slider plugin through 2.8.6 for WordPress has SQL Injection via smooth-slider.php (trid parameter).
3407 CVE-2018-5372 89 Sql 2018-01-12 2018-01-24
6.5
None Remote Low Single system Partial Partial Partial
The Testimonial Slider plugin through 1.2.4 for WordPress has SQL Injection via settings\sliders.php (current_slider_id parameter).
3408 CVE-2018-5368 352 CSRF 2018-01-12 2018-01-29
6.8
None Remote Medium Not required Partial Partial Partial
The SrbTransLatin plugin 1.46 for WordPress has CSRF via an srbtranslatoptions action to wp-admin/options-general.php.
3409 CVE-2018-5361 79 XSS CSRF 2018-01-12 2018-01-23
6.8
None Remote Medium Not required Partial Partial Partial
The WPGlobus plugin 1.9.6 for WordPress has CSRF via wp-admin/options.php.
3410 CVE-2018-5360 125 2018-01-13 2019-04-22
6.8
None Remote Medium Not required Partial Partial Partial
LibTIFF before 4.0.6 mishandles the reading of TIFF files, as demonstrated by a heap-based buffer over-read in the ReadTIFFImage function in coders/tiff.c in GraphicsMagick 1.3.27.
3411 CVE-2018-5345 119 Exec Code Overflow 2018-01-11 2018-03-18
6.8
None Remote Medium Not required Partial Partial Partial
A stack-based buffer overflow within GNOME gcab through 0.7.4 can be exploited by malicious attackers to cause a crash or, potentially, execute arbitrary code via a crafted .cab file.
3412 CVE-2018-5342 732 2018-04-18 2019-10-02
6.5
None Remote Low Single system Partial Partial Partial
An issue was discovered in Zoho ManageEngine Desktop Central 10.0.124 and 10.0.184: network services (Desktop Central and PostgreSQL) running with a superuser account.
3413 CVE-2018-5340 2018-04-18 2019-10-02
6.5
None Remote Low Single system Partial Partial Partial
An issue was discovered in Zoho ManageEngine Desktop Central 10.0.124 and 10.0.184: database access using a superuser account (specifically, an account with permission to write to the filesystem via SQL queries).
3414 CVE-2018-5337 22 Dir. Trav. 2018-04-18 2018-04-27
6.4
None Remote Low Not required Partial Partial None
An issue was discovered in Zoho ManageEngine Desktop Central 10.0.124 and 10.0.184: directory traversal in the SCRIPT_NAME field when modifying existing scripts.
3415 CVE-2018-5329 352 CSRF 2018-01-15 2018-02-05
6.8
None Remote Medium Not required Partial Partial Partial
ZUUSE BEIMS ContractorWeb .NET 5.18.0.0 is vulnerable to Cross-Site Request Forgery (CSRF) on /CWEBNET/* authenticated pages. A successful CSRF attack can force the user to modify state: creating users, changing an email address, and so forth. If the victim is an administrative account, CSRF can compromise the entire web application.
3416 CVE-2018-5308 476 2018-01-09 2018-01-29
6.8
None Remote Medium Not required Partial Partial Partial
PoDoFo 0.9.5 does not properly validate memcpy arguments in the PdfMemoryOutputStream::Write function (base/PdfOutputStream.cpp). Remote attackers could leverage this vulnerability to cause a denial-of-service or possibly unspecified other impact via a crafted pdf file.
3417 CVE-2018-5285 352 CSRF 2018-01-08 2018-01-29
6.8
None Remote Medium Not required Partial Partial Partial
The ImageInject plugin 1.15 for WordPress has CSRF via wp-admin/options-general.php.
3418 CVE-2018-5279 20 DoS 2018-01-08 2018-01-27
6.1
None Local Low Not required Partial Partial Complete
** DISPUTED ** In Malwarebytes Premium 3.3.1.2183, the driver file (FARFLT.SYS) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x9c40e02c. NOTE: the vendor reported that they "have not been able to reproduce the issue on any Windows operating system version (32-bit or 64-bit)."
3419 CVE-2018-5278 20 DoS 2018-01-08 2018-01-27
6.1
None Local Low Not required Partial Partial Complete
** DISPUTED ** In Malwarebytes Premium 3.3.1.2183, the driver file (FARFLT.SYS) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x9c40e00c. NOTE: the vendor reported that they "have not been able to reproduce the issue on any Windows operating system version (32-bit or 64-bit)."
3420 CVE-2018-5277 20 DoS 2018-01-08 2018-01-27
6.1
None Local Low Not required Partial Partial Complete
** DISPUTED ** In Malwarebytes Premium 3.3.1.2183, the driver file (FARFLT.SYS) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x9c40e000. NOTE: the vendor reported that they "have not been able to reproduce the issue on any Windows operating system version (32-bit or 64-bit)."
3421 CVE-2018-5276 20 DoS 2018-01-08 2018-01-27
6.1
None Local Low Not required Partial Partial Complete
** DISPUTED ** In Malwarebytes Premium 3.3.1.2183, the driver file (FARFLT.SYS) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x9c40e018. NOTE: the vendor reported that they "have not been able to reproduce the issue on any Windows operating system version (32-bit or 64-bit)."
3422 CVE-2018-5275 20 DoS 2018-01-08 2018-01-27
6.1
None Local Low Not required Partial Partial Complete
** DISPUTED ** In Malwarebytes Premium 3.3.1.2183, the driver file (FARFLT.SYS) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x9C40E020. NOTE: the vendor reported that they "have not been able to reproduce the issue on any Windows operating system version (32-bit or 64-bit)."
3423 CVE-2018-5274 20 DoS 2018-01-08 2018-01-27
6.1
None Local Low Not required Partial Partial Complete
** DISPUTED ** In Malwarebytes Premium 3.3.1.2183, the driver file (FARFLT.SYS) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x9C40E024. NOTE: the vendor reported that they "have not been able to reproduce the issue on any Windows operating system version (32-bit or 64-bit)."
3424 CVE-2018-5273 20 DoS 2018-01-08 2018-01-27
6.1
None Local Low Not required Partial Partial Complete
** DISPUTED ** In Malwarebytes Premium 3.3.1.2183, the driver file (FARFLT.SYS) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x9c40e014. NOTE: the vendor reported that they "have not been able to reproduce the issue on any Windows operating system version (32-bit or 64-bit)."
3425 CVE-2018-5272 20 DoS 2018-01-08 2018-01-27
6.1
None Local Low Not required Partial Partial Complete
** DISPUTED ** In Malwarebytes Premium 3.3.1.2183, the driver file (FARFLT.SYS) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x9c40e004. NOTE: the vendor reported that they "have not been able to reproduce the issue on any Windows operating system version (32-bit or 64-bit)."
3426 CVE-2018-5271 20 DoS 2018-01-08 2018-01-27
6.1
None Local Low Not required Partial Partial Complete
** DISPUTED ** In Malwarebytes Premium 3.3.1.2183, the driver file (FARFLT.SYS) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x9c40e008. NOTE: the vendor reported that they "have not been able to reproduce the issue on any Windows operating system version (32-bit or 64-bit)."
3427 CVE-2018-5270 20 DoS 2018-01-08 2018-01-27
6.1
None Local Low Not required Partial Partial Complete
** DISPUTED ** In Malwarebytes Premium 3.3.1.2183, the driver file (FARFLT.SYS) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x9c40e010. NOTE: the vendor reported that they "have not been able to reproduce the issue on any Windows operating system version (32-bit or 64-bit)."
3428 CVE-2018-5265 20 Exec Code 2019-06-07 2019-06-10
6.5
None Remote Low Single system Partial Partial Partial
Ubiquiti EdgeOS 1.9.1 on EdgeRouter Lite devices allows remote attackers to execute arbitrary code with admin credentials, because /opt/vyatta/share/vyatta-cfg/templates/system/static-host-mapping/host-name/node.def does not sanitize the 'alias' or 'ips' parameter for shell metacharacters.
3429 CVE-2018-5259 Bypass 2018-01-08 2019-10-02
6.5
None Remote Low Single system Partial Partial Partial
Discuz! DiscuzX X3.4 allows remote authenticated users to bypass intended attachment-deletion restrictions via a modified aid parameter.
3430 CVE-2018-5253 835 2018-01-05 2019-10-02
6.8
None Remote Medium Not required Partial Partial Partial
The AP4_FtypAtom class in Core/Ap4FtypAtom.cpp in Bento4 1.5.1.0 has an Infinite loop via a crafted MP4 file that triggers size mishandling.
3431 CVE-2018-5248 119 Overflow 2018-01-05 2018-07-27
6.8
None Remote Medium Not required Partial Partial Partial
In ImageMagick 7.0.7-17 Q16, there is a heap-based buffer over-read in coders/sixel.c in the ReadSIXELImage function, related to the sixel_decode function.
3432 CVE-2018-5238 427 2018-08-22 2018-11-14
6.8
None Remote Medium Not required Partial Partial Partial
Norton Power Eraser (prior to 5.3.0.24) and SymDiag (prior to 2.1.242) may be susceptible to a DLL Preloading vulnerability, which is a type of issue that can occur when an application looks to call a DLL for execution and an attacker provides a malicious DLL to use instead. Depending on how the application is configured, it will generally follow a specific search path to locate the DLL. The vulnerability can be exploited by a simple file write (or potentially an over-write) which results in a foreign DLL running under the context of the application.
3433 CVE-2018-5237 +Priv 2018-06-20 2019-10-02
6.5
None Remote Low Single system Partial Partial Partial
Symantec Endpoint Protection prior to 14 RU1 MP1 or 12.1 RU6 MP10 could be susceptible to a privilege escalation vulnerability, which is a type of issue that allows a user to gain elevated access to resources that are normally protected at lower access levels.
3434 CVE-2018-5226 Exec Code 2018-04-25 2019-10-02
6.5
None Remote Low Single system Partial Partial Partial
There was an argument injection vulnerability in Sourcetree for Windows via Mercurial repository tag name that is going to be deleted. An attacker with permission to create a tag on a Mercurial repository linked in Sourcetree for Windows is able to exploit this issue to gain code execution on the system. All versions of Sourcetree for Windows before 2.5.5.0 are affected by this vulnerability.
3435 CVE-2018-5225 59 Exec Code 2018-03-22 2018-04-20
6.5
None Remote Low Single system Partial Partial Partial
In browser editing in Atlassian Bitbucket Server from version 4.13.0 before 5.4.8 (the fixed version for 4.13.0 through 5.4.7), 5.5.0 before 5.5.8 (the fixed version for 5.5.x), 5.6.0 before 5.6.5 (the fixed version for 5.6.x), 5.7.0 before 5.7.3 (the fixed version for 5.7.x), and 5.8.0 before 5.8.2 (the fixed version for 5.8.x), allows authenticated users to gain remote code execution using the in browser editing feature via editing a symbolic link within a repository.
3436 CVE-2018-5223 20 Exec Code 2018-03-29 2018-04-24
6.5
None Remote Low Single system Partial Partial Partial
Fisheye and Crucible did not correctly check if a configured Mercurial repository URI contained values that the Windows operating system may consider argument parameters. An attacker who has permission to add a repository in Fisheye or Crucible can execute code of their choice on systems that run a vulnerable version of Fisheye or Crucible on the Windows operating system. All versions of Fisheye and Crucible before 4.4.6 (the fixed version for 4.4.x) and from 4.5.0 before 4.5.3 (the fixed version for 4.5.x) are affected by this vulnerability.
3437 CVE-2018-5221 119 Exec Code Overflow 2018-01-09 2018-01-30
6.8
None Remote Medium Not required Partial Partial Partial
Multiple buffer overflows in BarCodeWiz BarCode before 6.7 ActiveX control (BarcodeWiz.DLL) allow remote attackers to execute arbitrary code via a long argument to the (1) BottomText or (2) TopText property.
3438 CVE-2018-5220 20 DoS 2018-01-04 2018-01-11
6.1
None Local Low Not required Partial Partial Complete
In K7 Antivirus 15.1.0306, the driver file (K7Sentry.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x95002610.
3439 CVE-2018-5219 20 DoS 2018-01-04 2018-01-11
6.1
None Local Low Not required Partial Partial Complete
In K7 Antivirus 15.1.0306, the driver file (K7FWHlpr.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x83002168.
3440 CVE-2018-5218 20 DoS 2018-01-04 2018-01-11
6.1
None Local Low Not required Partial Partial Complete
In K7 Antivirus 15.1.0306, the driver file (K7Sentry.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x950025b0.
3441 CVE-2018-5217 20 DoS 2018-01-04 2018-01-11
6.1
None Local Low Not required Partial Partial Complete
In K7 Antivirus 15.1.0306, the driver file (K7Sentry.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x95002578.
3442 CVE-2018-5202 Exec Code 2018-12-21 2019-10-02
6.8
None Remote Medium Not required Partial Partial Partial
SKCertService 2.5.5 and earlier contains a vulnerability that could allow remote attacker to execute arbitrary code. This vulnerability exists due to the way .dll files are loaded by SKCertService. It allows an attacker to load a .dll of the attacker's choosing that could execute arbitrary code without the user's knowledge.
3443 CVE-2018-5200 119 Exec Code Overflow Mem. Corr. 2018-12-20 2019-10-09
6.8
None Remote Medium Not required Partial Partial Partial
KMPlayer 4.2.2.15 and earlier have a Heap Based Buffer Overflow Vulnerability. It could be exploited with a crafted FLV format file. The problem is that more frame data is copied to heap memory than the size specified in the frame header. This results in a memory corruption and remote code execution.
3444 CVE-2018-5199 20 2018-12-20 2019-10-09
6.8
None Remote Medium Not required Partial Partial Partial
In Veraport G3 ALL on MacOS, due to insufficient domain validation, It is possible to overwrite installation file to malicious file. A remote unauthenticated attacker may use this vulnerability to execute arbitrary file.
3445 CVE-2018-5198 362 Exec Code 2018-12-20 2019-10-09
6.8
None Remote Medium Not required Partial Partial Partial
In Veraport G3 ALL on MacOS, a race condition when calling the Veraport API allow remote attacker to cause arbitrary file download and execution. This results in remote code execution.
3446 CVE-2018-5196 119 Exec Code Overflow 2018-12-21 2019-10-09
6.8
None Remote Medium Not required Partial Partial Partial
Alzip 10.76.0.0 and earlier is vulnerable to a stack overflow caused by improper bounds checking. By persuading a victim to open a specially-crafted LZH archive file, a attacker could execute arbitrary code execution.
3447 CVE-2018-5178 119 Overflow 2018-06-11 2018-11-25
6.8
None Remote Medium Not required Partial Partial Partial
A buffer overflow was found during UTF8 to Unicode string conversion within JavaScript with extremely large amounts of data. This vulnerability requires the use of a malicious or vulnerable legacy extension in order to occur. This vulnerability affects Thunderbird ESR < 52.8, Thunderbird < 52.8, and Firefox ESR < 52.8.
3448 CVE-2018-5158 94 2018-06-11 2018-10-20
6.8
None Remote Medium Not required Partial Partial Partial
The PDF viewer does not sufficiently sanitize PostScript calculator functions, allowing malicious JavaScript to be injected through a crafted PDF file. This JavaScript can then be run with the permissions of the PDF viewer by its worker. This vulnerability affects Firefox ESR < 52.8 and Firefox < 60.
3449 CVE-2018-5146 787 2018-06-11 2018-11-25
6.8
None Remote Medium Not required Partial Partial Partial
An out of bounds memory write while processing Vorbis audio data was reported through the Pwn2Own contest. This vulnerability affects Firefox < 59.0.1, Firefox ESR < 52.7.2, and Thunderbird < 52.7.
3450 CVE-2018-5141 20 DoS 2018-06-11 2018-08-02
6.4
None Remote Low Not required Partial None Partial
A vulnerability in the notifications Push API where notifications can be sent through service workers by web content without direct user interaction. This could be used to open new tabs in a denial of service (DOS) attack or to display unwanted content from arbitrary URLs to users. This vulnerability affects Firefox < 59.
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.