CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
301 CVE-2018-18713 Dir. Trav. 2018-10-29 2018-10-29
0.0
None ??? ??? ??? ??? ??? ???
The function down_sql_action() in /admin/model/database.class.php in PHPYun 4.6 allows remote attackers to read arbitrary files via directory traversal in an m=database&c=down_sql&name=../ URI.
302 CVE-2018-18698 2018-12-24 2018-12-24
0.0
None ??? ??? ??? ??? ??? ???
An issue was discovered on Xiaomi Mi A1 tissot_sprout:8.1.0/OPM1.171019.026/V9.6.4.0.ODHMIFE devices. They store cleartext Wi-Fi passwords in logcat during the process of setting up the phone as a hotspot.
303 CVE-2018-18656 2018-10-26 2018-10-26
0.0
None ??? ??? ??? ??? ??? ???
The PureVPN client before 6.1.0 for Windows stores Login Credentials (username and password) in cleartext. The location of such files is %PROGRAMDATA%\purevpn\config\login.conf. Additionally, all local users can read this file.
304 CVE-2018-18654 2018-10-25 2018-10-25
0.0
None ??? ??? ??? ??? ??? ???
Crossroads 2.81 does not properly handle the /tmp directory during a build of xr. A local attacker can first create a world-writable subdirectory in a certain location under the /tmp directory, wait until a user process copies xr there, and then replace the entire contents of this subdirectory to include a Trojan horse xr.
305 CVE-2018-18653 Exec Code Bypass 2018-10-25 2018-12-04
0.0
None ??? ??? ??? ??? ??? ???
The Linux kernel, as used in Ubuntu 18.10 and when booted with UEFI Secure Boot enabled, allows privileged local users to bypass intended Secure Boot restrictions and execute untrusted code by loading arbitrary kernel modules. This occurs because a modified kernel/module.c, in conjunction with certain configuration options, leads to mishandling of the result of signature verification.
306 CVE-2018-18652 Exec Code 2018-10-25 2018-10-26
0.0
None ??? ??? ??? ??? ??? ???
A remote command execution vulnerability in Veritas NetBackup Appliance before 3.1.2 allows authenticated administrators to execute arbitrary commands as root. This issue was caused by insufficient filtering of user provided input.
307 CVE-2018-18638 Exec Code 2018-10-24 2018-10-24
0.0
None ??? ??? ??? ??? ??? ???
A command injection vulnerability in the setup API in the Neato Botvac Connected 2.2.0 allows network attackers to execute arbitrary commands via shell metacharacters in the ntp field within JSON data to the /robot/initialize endpoint.
308 CVE-2018-18629 +Priv 2018-12-20 2018-12-21
0.0
None ??? ??? ??? ??? ??? ???
An issue was discovered in the Keybase command-line client before 2.8.0-20181023124437 for Linux. An untrusted search path vulnerability in the keybase-redirector application allows a local, unprivileged user on Linux to gain root privileges via a Trojan horse binary.
309 CVE-2018-18628 Exec Code 2018-10-23 2018-10-23
0.0
None ??? ??? ??? ??? ??? ???
An issue was discovered in Pippo 1.11.0. The function SerializationSessionDataTranscoder.decode() calls ObjectInputStream.readObject() to deserialize a SessionData object without checking the object types. An attacker can create a malicious object, base64 encode it, and place it in the PIPPO_SESSION field of a cookie. Sending this cookie may lead to remote code execution.
310 CVE-2018-18602 2018-12-31 2018-12-31
0.0
None ??? ??? ??? ??? ??? ???
The Cloud API on Guardzilla smart cameras allows user enumeration, with resultant arbitrary camera access and monitoring.
311 CVE-2018-18601 Overflow 2018-12-31 2018-12-31
0.0
None ??? ??? ??? ??? ??? ???
The TK_set_deviceModel_req_handle function in the cloud communication component in Guardzilla GZ621W devices with firmware 0.5.1.4 has a Buffer Overflow.
312 CVE-2018-18593 Dir. Trav. 2018-12-31 2019-01-02
0.0
None ??? ??? ??? ??? ??? ???
Remote Directory Traversal and Remote Disclosure of Privileged Information in UCMDB Configuration Management Service, version 10.22, 10.22 CUP1, 10.22 CUP2, 10.22 CUP3, 10.22 CUP4, 10.22 CUP5, 10.22 CUP6, 10.22 CUP7, 10.33, 10.33 CUP1, 10.33 CUP2, 10.33 CUP3, 2018.02, 2018.05, 2018.08, 2018.11. The vulnerabilities could allow Remote Directory Traversal and Remote Disclosure of Privileged Information
313 CVE-2018-18590 Exec Code 2018-11-07 2018-11-07
0.0
None ??? ??? ??? ??? ??? ???
A potential remote code execution and information disclosure vulnerability exists in Micro Focus Operations Bridge containerized suite versions 2017.11, 2018.02, 2018.05, 2018.08. This vulnerability could allow for information disclosure.
314 CVE-2018-18589 Exec Code 2018-10-23 2018-10-23
0.0
None ??? ??? ??? ??? ??? ???
A potential Remote Arbitrary Code Execution vulnerability has been identified in Micro Focus' Real User Monitoring software, versions 9.26IP, 9.30, 9.40 and 9.50. The vulnerability could be exploited to execute arbitrary code.
315 CVE-2018-18556 2018-12-17 2018-12-17
0.0
None ??? ??? ??? ??? ??? ???
A privilege escalation issue was discovered in VyOS 1.1.8. The default configuration also allows operator users to execute the pppd binary with elevated (sudo) permissions. Certain input parameters are not properly validated. A malicious operator user can run the binary with elevated permissions and leverage its improper input validation condition to spawn an attacker-controlled shell with root privileges.
316 CVE-2018-18555 +Priv 2018-12-17 2018-12-17
0.0
None ??? ??? ??? ??? ??? ???
A sandbox escape issue was discovered in VyOS 1.1.8. It provides a restricted management shell for operator users to administer the device. By issuing various shell special characters with certain commands, an authenticated operator user can break out of the management shell and gain access to the underlying Linux shell. The user can then run arbitrary operating system commands with the privileges afforded by their account.
317 CVE-2018-18541 2018-10-20 2018-10-30
0.0
None ??? ??? ??? ??? ??? ???
In Teeworlds before 0.6.5, connection packets could be forged. There was no challenge-response involved in the connection build up. A remote attacker could send connection packets from a spoofed IP address and occupy all server slots, or even use them for a reflection attack using map download packets.
318 CVE-2018-18537 2018-12-26 2018-12-26
0.0
None ??? ??? ??? ??? ??? ???
The GLCKIo low-level driver in ASUS Aura Sync v1.07.22 and earlier exposes a path to write an arbitrary DWORD to an arbitrary address.
319 CVE-2018-18536 2018-12-26 2018-12-26
0.0
None ??? ??? ??? ??? ??? ???
The GLCKIo and Asusgio low-level drivers in ASUS Aura Sync v1.07.22 and earlier expose functionality to read/write data from/to IO ports. This could be leveraged in a number of ways to ultimately run code with elevated privileges.
320 CVE-2018-18535 Exec Code 2018-12-26 2018-12-26
0.0
None ??? ??? ??? ??? ??? ???
The Asusgio low-level driver in ASUS Aura Sync v1.07.22 and earlier exposes functionality to read and write Machine Specific Registers (MSRs). This could be leveraged to execute arbitrary ring-0 code.
321 CVE-2018-18531 Bypass 2018-10-19 2018-10-19
0.0
None ??? ??? ??? ??? ??? ???
text/impl/DefaultTextCreator.java, text/impl/ChineseTextProducer.java, and text/impl/FiveLetterFirstNameTextCreator.java in kaptcha 2.3.2 use the Random (rather than SecureRandom) function for generating CAPTCHA values, which makes it easier for remote attackers to bypass intended access restrictions via a brute-force approach.
322 CVE-2018-18520 DoS 2018-10-19 2018-10-19
0.0
None ??? ??? ??? ??? ??? ???
An Invalid Memory Address Dereference exists in the function elf_end in libelf in elfutils through v0.174. Although eu-size is intended to support ar files inside ar files, handle_ar in size.c closes the outer ar file before handling all inner entries. The vulnerability allows attackers to cause a denial of service (application crash) with a crafted ELF file.
323 CVE-2018-18442 2018-12-20 2018-12-20
0.0
None ??? ??? ??? ??? ??? ???
D-Link DCS-825L devices with firmware 1.08 do not employ a suitable mechanism to prevent denial-of-service (DoS) attacks. An attacker can harm the device availability (i.e., live-online video/audio streaming) by using the hping3 tool to perform an IPv4 flood attack. Verified attacks includes SYN flooding, UDP flooding, ICMP flooding, and SYN-ACK flooding.
324 CVE-2018-18441 2018-12-20 2018-12-20
0.0
None ??? ??? ??? ??? ??? ???
D-Link DCS series Wi-Fi cameras expose sensitive information regarding the device configuration. The affected devices include many of DCS series, such as: DCS-936L, DCS-942L, DCS-8000LH, DCS-942LB1, DCS-5222L, DCS-825L, DCS-2630L, DCS-820L, DCS-855L, DCS-2121, DCS-5222LB1, DCS-5020L, and many more. There are many affected firmware versions starting from 1.00 and above. The configuration file can be accessed remotely through: <Camera-IP>/common/info.cgi, with no authentication. The configuration file include the following fields: model, product, brand, version, build, hw_version, nipca version, device name, location, MAC address, IP address, gateway IP address, wireless status, input/output settings, speaker, and sensor settings.
325 CVE-2018-18380 2018-10-19 2018-10-30
0.0
None ??? ??? ??? ??? ??? ???
A Session Fixation issue was discovered in Bigtree before 4.2.24. admin.php accepts a user-provided PHP session ID instead of regenerating a new one after a user has logged in to the application. The Session Fixation could allow an attacker to hijack an admin session.
326 CVE-2018-18363 Bypass 2019-01-24 2019-01-24
0.0
None ??? ??? ??? ??? ??? ???
Norton App Lock prior to 1.4.0.445 can be susceptible to a bypass exploit. In this type of circumstance, the exploit can allow the user to circumvent the app to prevent it from locking the device, thereby allowing the individual to gain device access.
327 CVE-2018-18332 2018-12-21 2018-12-21
0.0
None ??? ??? ??? ??? ??? ???
A Trend Micro OfficeScan XG weak file permissions vulnerability may allow an attacker to potentially manipulate permissions on some key files to modify other files and folders on vulnerable installations.
328 CVE-2018-18331 2018-12-21 2018-12-21
0.0
None ??? ??? ??? ??? ??? ???
A Trend Micro OfficeScan XG weak file permissions vulnerability on a particular folder for a particular group may allow an attacker to alter the files, which could lead to other exploits on vulnerable installations.
329 CVE-2018-18264 Bypass 2019-01-02 2019-01-11
0.0
None ??? ??? ??? ??? ??? ???
Kubernetes Dashboard before 1.10.1 allows attackers to bypass authentication and use Dashboard's Service Account for reading secrets within the cluster.
330 CVE-2018-18224 +Info 2018-10-19 2018-12-21
0.0
None ??? ??? ??? ??? ??? ???
A vulnerability exists in the file reading procedure in Open Design Alliance Drawings SDK 2019Update1 on non-Windows platforms in which attackers could perform read operations past the end, or before the beginning, of the intended buffer. This can allow attackers to obtain sensitive information from process memory or cause a crash.
331 CVE-2018-18223 +Info 2018-10-19 2018-12-21
0.0
None ??? ??? ??? ??? ??? ???
Open Design Alliance Drawings SDK 2019Update1 has a vulnerability during the reading of malformed files, allowing attackers to obtain sensitive information from process memory or cause a crash.
332 CVE-2018-18203 Exec Code 2018-11-28 2018-11-28
0.0
None ??? ??? ??? ??? ??? ???
A vulnerability in the update mechanism of Subaru StarLink Harman head units 2017, 2018, and 2019 may give an attacker (with physical access to the vehicle's USB ports) the ability to rewrite the firmware of the head unit. This occurs because the device accepts modified QNX6 filesystem images (as long as the attacker obtains access to certain Harman decryption/encryption code) as a consequence of a bug where unsigned images pass a validity check. An attacker could potentially install persistent malicious head unit firmware and execute arbitrary code as the root user.
333 CVE-2018-18093 +Priv 2018-12-13 2018-12-13
0.0
None ??? ??? ??? ??? ??? ???
Improper file permissions in the installer for Intel VTune Amplifier 2018 Update 3 and before may allow unprivileged user to potentially gain privileged access via local access.
334 CVE-2018-18014 Exec Code 2018-10-24 2018-10-24
0.0
None ??? ??? ??? ??? ??? ???
** DISPUTED *** Lack of authentication in Citrix Xen Mobile through 10.8 allows low-privileged local users to execute system commands as root by making requests to private services listening on ports 8000, 30000 and 30001. NOTE: the vendor disputes that this is a vulnerability, stating it is "already mitigated by the internal firewall that limits access to configuration services to localhost."
335 CVE-2018-18013 Exec Code 2018-10-24 2018-10-24
0.0
None ??? ??? ??? ??? ??? ???
** DISPUTED *** Xen Mobile through 10.8.0 includes a service listening on port 5001 within its firewall that accepts unauthenticated input. If this service is supplied with raw serialised Java objects, it deserialises them back into Java objects in memory, giving rise to a remote code execution vulnerability. NOTE: the vendor disputes that this is a vulnerability, stating it is "already mitigated by the internal firewall that limits access to configuration services to localhost."
336 CVE-2018-18009 2018-12-21 2018-12-28
0.0
None ??? ??? ??? ??? ??? ???
dirary0.js on D-Link DIR-140L, DIR-640L devices allows remote unauthenticated attackers to discover admin credentials.
337 CVE-2018-18007 2018-12-21 2018-12-28
0.0
None ??? ??? ??? ??? ??? ???
atbox.htm on D-Link DSL-2770L devices allows remote unauthenticated attackers to discover admin credentials.
338 CVE-2018-17987 2018-12-26 2018-12-26
0.0
None ??? ??? ??? ??? ??? ???
The determineWinner function of a smart contract implementation for HashHeroes Tiles, an Ethereum game, uses a certain blockhash value in an attempt to generate a random number for the case where NUM_TILES equals the number of people who purchased a tile, which allows an attacker to control the awarding of the prize by being the last person to purchase a tile.
339 CVE-2018-17975 2018-12-04 2018-12-04
0.0
None ??? ??? ??? ??? ??? ???
An issue was discovered in GitLab Community Edition 11.x before 11.1.8, 11.2.x before 11.2.5, and 11.3.x before 11.3.2. There is Information Exposure via the GFM markdown API.
340 CVE-2018-17957 2018-12-26 2018-12-26
0.0
None ??? ??? ??? ??? ??? ???
The YaST2 RMT module for configuring the SUSE Repository Mirroring Tool (RMT) before 1.1.2 exposed MySQL database passwords on process commandline, allowing local attackers to access or corrupt the RMT database.
341 CVE-2018-17950 2018-12-12 2018-12-12
0.0
None ??? ??? ??? ??? ??? ???
Incorrect enforcement of authorization checks in eDirectory prior to 9.1 SP2
342 CVE-2018-17939 2018-12-04 2018-12-04
0.0
None ??? ??? ??? ??? ??? ???
An issue was discovered in GitLab Community and Enterprise Edition 11.1.x before 11.1.8, 11.2.x before 11.2.5, and 11.3.x before 11.3.2. There is Information Exposure via the merge request JSON endpoint.
343 CVE-2018-17935 2018-10-24 2018-10-26
0.0
None ??? ??? ??? ??? ??? ???
All versions of Telecrane F25 Series Radio Controls before 00.0A use fixed codes that are reproducible by sniffing and re-transmission. This can lead to unauthorized replay of a command, spoofing of an arbitrary message, or keeping the controlled load in a permanent "stop" state.
344 CVE-2018-17921 2018-10-24 2018-10-26
0.0
None ??? ??? ??? ??? ??? ???
SAGA1-L8B with any firmware versions prior to A0.10 are vulnerable to an attack that may allow an attacker to force-pair the device without human interaction.
345 CVE-2018-17912 2018-11-02 2018-11-05
0.0
None ??? ??? ??? ??? ??? ???
An XXE vulnerability exists in CASE Suite Versions 3.10 and prior when processing parameter entities, which may allow remote file disclosure.
346 CVE-2018-17906 2018-11-19 2018-11-20
0.0
None ??? ??? ??? ??? ??? ???
Philips iSite and IntelliSpace PACS, iSite PACS, all versions, and IntelliSpace PACS, all versions. Default credentials and no authentication within third party software may allow an attacker to compromise a component of the system.
347 CVE-2018-17904 2018-10-25 2018-10-26
0.0
None ??? ??? ??? ??? ??? ???
Reliance 4 SCADA/HMI, Version 4.7.3 Update 3 and prior. This vulnerability could allow an unauthorized attacker to inject arbitrary code.
348 CVE-2018-17873 2018-10-23 2018-10-23
0.0
None ??? ??? ??? ??? ??? ???
An incorrect access control vulnerability in the FTP configuration of WiFiRanger devices with firmware version 7.0.8rc3 and earlier allows an attacker with adjacent network access to read the SSH Private Key and log in to the root account.
349 CVE-2018-17854 DoS 2018-10-01 2018-10-01
0.0
None ??? ??? ??? ??? ??? ???
SIMDComp before 0.1.1 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) because it can read (and then discard) extra bytes. NOTE: this issue exists because of an incomplete fix for CVE-2018-17427.
350 CVE-2018-17851 DoS 2018-10-01 2018-10-01
0.0
None ??? ??? ??? ??? ??? ???
An issue was discovered in JsonCpp 1.8.4. An unhandled exception vulnerability exists in Json::OurReader::readValue() in json_reader.cpp after throwing an instance of "Json::RuntimeError what(): Exceeded stackLimit." Specially crafted JSON requests can cause an unhandled exception resulting in denial of service. An attacker can send malicious JSON to trigger this vulnerability.
Total number of vulnerabilities : 986   Page : 1 2 3 4 5 6 7 (This Page)8 9 10 11 12 13 14 15 16 17 18 19 20
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.