CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities (CVSS score between 9 and 10)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
3501 CVE-2018-10748 119 Exec Code Overflow Mem. Corr. 2018-05-04 2018-06-12
9.0
None Remote Low ??? Complete Complete Complete
An issue was discovered on D-Link DSL-3782 EU 1.01 devices. An authenticated user can pass a long buffer as a 'show' parameter to the '/userfs/bin/tcapi' binary (in the Diagnostics component) using the 'show <node_name>' function and cause memory corruption. Furthermore, it is possible to redirect the flow of the program and execute arbitrary code.
3502 CVE-2018-10747 119 Exec Code Overflow Mem. Corr. 2018-05-04 2018-06-12
9.0
None Remote Low ??? Complete Complete Complete
An issue was discovered on D-Link DSL-3782 EU 1.01 devices. An authenticated user can pass a long buffer as an 'unset' parameter to the '/userfs/bin/tcapi' binary (in the Diagnostics component) using the 'unset <node_name>' function and cause memory corruption. Furthermore, it is possible to redirect the flow of the program and execute arbitrary code.
3503 CVE-2018-10746 119 Exec Code Overflow Mem. Corr. 2018-05-04 2018-06-12
9.0
None Remote Low ??? Complete Complete Complete
An issue was discovered on D-Link DSL-3782 EU 1.01 devices. An authenticated user can pass a long buffer as a 'get' parameter to the '/userfs/bin/tcapi' binary (in the Diagnostics component) using the 'get <node_name attr>' function and cause memory corruption. Furthermore, it is possible to redirect the flow of the program and execute arbitrary code.
3504 CVE-2018-10731 119 Overflow 2018-05-17 2018-06-20
9.3
None Remote Medium Not required Complete Complete Complete
All Phoenix Contact managed FL SWITCH 3xxx, 4xxx, 48xx products running firmware version 1.0 to 1.33 are prone to buffer overflows when handling very large cookies (a different vulnerability than CVE-2018-10728).
3505 CVE-2018-10730 78 2018-05-17 2018-06-19
9.0
None Remote Low ??? Complete Complete Complete
All Phoenix Contact managed FL SWITCH 3xxx, 4xxx, 48xx products running firmware version 1.0 to 1.33 are prone to OS command injection.
3506 CVE-2018-10718 787 Exec Code Overflow 2018-05-03 2020-08-24
10.0
None Remote Low Not required Complete Complete Complete
Stack-based buffer overflow in Activision Infinity Ward Call of Duty Modern Warfare 2 before 2018-04-26 allows remote attackers to execute arbitrary code via crafted packets.
3507 CVE-2018-10698 311 2019-06-07 2020-08-24
10.0
None Remote Low Not required Complete Complete Complete
An issue was discovered on Moxa AWK-3121 1.14 devices. The device enables an unencrypted TELNET service by default. This allows an attacker who has been able to gain an MITM position to easily sniff the traffic between the device and the user. Also an attacker can easily connect to the TELNET daemon using the default credentials if they have not been changed by the user.
3508 CVE-2018-10697 78 Exec Code 2019-06-07 2020-08-24
9.3
None Remote Medium Not required Complete Complete Complete
An issue was discovered on Moxa AWK-3121 1.14 devices. The Moxa AWK 3121 provides ping functionality so that an administrator can execute ICMP calls to check if the network is working correctly. However, the same functionality allows an attacker to execute commands on the device. The POST parameter "srvName" is susceptible to this injection. By crafting a packet that contains shell metacharacters, it is possible for an attacker to execute the attack.
3509 CVE-2018-10682 287 Exec Code 2018-05-09 2018-06-18
10.0
None Remote Low Not required Complete Complete Complete
** DISPUTED ** An issue was discovered in WildFly 10.1.2.Final. It is possible for an attacker to access the administration panel on TCP port 9990 without any authentication using "anonymous" access that is automatically created. Once logged in, a misconfiguration present by default (auto-deployment) permits an anonymous user to deploy a malicious .war file, leading to remote code execution. NOTE: the vendor indicates that anonymous access is not available in the default installation; however, it remains optional because there are several use cases for it, including development environments and network architectures that have a proxy server for access control to the WildFly server.
3510 CVE-2018-10662 2018-06-26 2019-10-03
10.0
None Remote Low Not required Complete Complete Complete
An issue was discovered in multiple models of Axis IP Cameras. There is an Exposed Insecure Interface.
3511 CVE-2018-10661 Bypass 2018-06-26 2019-10-03
10.0
None Remote Low Not required Complete Complete Complete
An issue was discovered in multiple models of Axis IP Cameras. There is a bypass of access control.
3512 CVE-2018-10660 78 2018-06-26 2019-10-03
10.0
None Remote Low Not required Complete Complete Complete
An issue was discovered in multiple models of Axis IP Cameras. There is Shell Command Injection.
3513 CVE-2018-10636 787 Exec Code Overflow +Priv 2018-08-13 2020-08-31
9.3
None Remote Medium Not required Complete Complete Complete
CNCSoft Version 1.00.83 and prior with ScreenEditor Version 1.00.54 has multiple stack-based buffer overflow vulnerabilities that could cause the software to crash due to lacking user input validation before copying data from project files onto the stack. Which may allow an attacker to gain remote code execution with administrator privileges if exploited.
3514 CVE-2018-10635 306 Exec Code 2018-07-11 2019-10-09
10.0
None Remote Low Not required Complete Complete Complete
In Universal Robots Robot Controllers Version CB 3.1, SW Version 3.4.5-100, ports 30001/TCP to 30003/TCP listen for arbitrary URScript code and execute the code. This enables a remote attacker who has access to the ports to remotely execute code that may allow root access to be obtained.
3515 CVE-2018-10630 287 2018-08-10 2019-10-09
10.0
None Remote Low Not required Complete Complete Complete
For Crestron TSW-X60 version prior to 2.001.0037.001 and MC3 version prior to 1.502.0047.001, The devices are shipped with authentication disabled, and there is no indication to users that they need to take steps to enable it. When compromised, the access to the CTP console is left open.
3516 CVE-2018-10616 20 2018-07-18 2019-10-09
9.3
None Remote Medium Not required Complete Complete Complete
ABB Panel Builder 800 all versions has an improper input validation vulnerability which may allow an attacker to insert and run arbitrary code on a computer where the affected product is used.
3517 CVE-2018-10612 311 2019-01-29 2019-10-09
10.0
None Remote Low Not required Complete Complete Complete
In 3S-Smart Software Solutions GmbH CODESYS Control V3 products prior to version 3.5.14.0, user access management and communication encryption is not enabled by default, which could allow an attacker access to the device and sensitive information, including user credentials.
3518 CVE-2018-10606 787 Overflow 2018-09-26 2020-08-28
9.3
None Remote Medium Not required Complete Complete Complete
WECON LeviStudio Versions 1.8.29 and 1.8.44 have multiple heap-based buffer overflow vulnerabilities that can be exploited when the application processes specially crafted project files.
3519 CVE-2018-10605 1188 2018-10-01 2019-10-09
9.0
None Remote Low ??? Complete Complete Complete
Martem TELEM GW6/GWM versions prior to 2.0.87-4018403-k4 may allow unprivileged users to modify/upload a new system configuration or take the full control over the RTU using default credentials to connect to the RTU.
3520 CVE-2018-10602 787 Overflow 2018-09-26 2020-08-28
9.3
None Remote Medium Not required Complete Complete Complete
WECON LeviStudio Versions 1.8.29 and 1.8.44 have multiple stack-based buffer overflow vulnerabilities that can be exploited when the application processes specially crafted project files.
3521 CVE-2018-10592 798 Exec Code 2018-07-31 2019-10-09
10.0
None Remote Low Not required Complete Complete Complete
Yokogawa STARDOM FCJ controllers R4.02 and prior, FCN-100 controllers R4.02 and prior, FCN-RTU controllers R4.02 and prior, and FCN-500 controllers R4.02 and prior utilize hard-coded credentials that could allow an attacker to gain unauthorized administrative access to the device, which could result in remote code execution.
3522 CVE-2018-10587 78 Exec Code 2018-11-01 2018-12-12
9.0
None Remote Low ??? Complete Complete Complete
NetGain Enterprise Manager (EM) is affected by OS Command Injection vulnerabilities in versions before 10.0.57. These vulnerabilities could allow remote authenticated attackers to inject arbitrary code, resulting in remote code execution.
3523 CVE-2018-10577 434 Exec Code 2018-05-02 2018-09-16
9.0
None Remote Low ??? Complete Complete Complete
An issue was discovered on WatchGuard AP100, AP102, and AP200 devices with firmware before 1.2.9.15, and AP300 devices with firmware before 2.0.0.10. File upload functionality allows any users authenticated on the web interface to upload files containing code to the web root, allowing these files to be executed as root.
3524 CVE-2018-10381 732 Exec Code 2018-04-26 2019-10-03
10.0
None Remote Low Not required Complete Complete Complete
TunnelBear 3.2.0.6 for Windows suffers from a SYSTEM privilege escalation vulnerability through the "TunnelBearMaintenance" service. This service establishes a NetNamedPipe endpoint that allows arbitrary installed applications to connect and call publicly exposed methods. The "OpenVPNConnect" method accepts a server list argument that provides attacker control of the OpenVPN command line. An attacker can specify a dynamic library plugin that should run for every new VPN connection attempt. This plugin will execute code in the context of the SYSTEM user.
3525 CVE-2018-10369 79 XSS 2018-08-15 2019-10-03
10.0
None Remote Low Not required Complete Complete Complete
A Cross-site scripting (XSS) vulnerability was discovered on Intelbras Win 240 V1.1.0 devices. An attacker can change the Admin Password without a Login.
3526 CVE-2018-10357 22 Exec Code Dir. Trav. 2018-05-23 2018-06-26
9.0
None Remote Low ??? Complete Complete Complete
A directory traversal vulnerability in Trend Micro Endpoint Application Control 2.0 could allow a remote attacker to execute arbitrary code on vulnerable installations due to a flaw in the FileDrop servlet. Authentication is required to exploit this vulnerability.
3527 CVE-2018-10356 89 Exec Code Sql 2018-05-23 2018-06-22
9.0
None Remote Low ??? Complete Complete Complete
A SQL injection remote code execution vulnerability in Trend Micro Email Encryption Gateway 5.5 could allow an attacker to execute arbitrary SQL statements on vulnerable installations due to a flaw in the formRequestDomains class. Authentication is required to exploit this vulnerability.
3528 CVE-2018-10354 78 Exec Code 2018-05-23 2019-10-03
9.0
None Remote Low ??? Complete Complete Complete
A command injection remote command execution vulnerability in Trend Micro Email Encryption Gateway 5.5 could allow a remote attacker to execute arbitrary code on vulnerable installations due to a flaw in the LauncherServer. Authentication is required to exploit this vulnerability.
3529 CVE-2018-10351 89 Sql 2018-05-23 2018-06-22
9.0
None Remote Low ??? Complete Complete Complete
A vulnerability in Trend Micro Email Encryption Gateway 5.5 could allow a remote attacker to execute arbitrary SQL statements on vulnerable installations due to a flaw in the formRegistration2 class. Authentication is required to exploit this vulnerability.
3530 CVE-2018-10350 89 Exec Code Sql 2018-05-25 2018-06-25
9.0
None Remote Low ??? Complete Complete Complete
A SQL injection remote code execution vulnerability in Trend Micro Smart Protection Server (Standalone) 3.x could allow a remote attacker to execute arbitrary code on vulnerable installations due to a flaw within the handling of parameters provided to wcs\_bwlists\_handler.php. Authentication is required in order to exploit this vulnerability.
3531 CVE-2018-10251 1188 Exec Code +Priv 2018-05-04 2019-10-03
10.0
None Remote Low Not required Complete Complete Complete
A vulnerability in Sierra Wireless AirLink GX400, GX440, ES440, and LS300 routers with firmware before 4.4.7 and GX450, ES450, RV50, RV50X, MP70, and MP70E routers with firmware before 4.9.3 could allow an unauthenticated remote attacker to execute arbitrary code and gain full control of an affected system, including issuing commands with root privileges.
3532 CVE-2018-10204 732 Exec Code 2018-04-18 2019-10-03
9.0
None Remote Low ??? Complete Complete Complete
PureVPN 6.0.1 for Windows suffers from a SYSTEM privilege escalation vulnerability in its "sevpnclient" service. When configured to use the OpenVPN protocol, the "sevpnclient" service executes "openvpn.exe" using the OpenVPN config file located at %PROGRAMDATA%\purevpn\config\config.ovpn. This file allows "Write" permissions to users in the "Everyone" group. An authenticated attacker may modify this file to specify a dynamic library plugin that should run for every new VPN connection attempt. This plugin will execute code in the context of the SYSTEM account.
3533 CVE-2018-10192 Exec Code 2018-04-17 2019-10-03
10.0
None Remote Low Not required Complete Complete Complete
IPVanish 3.0.11 for macOS suffers from a root privilege escalation vulnerability. The `com.ipvanish.osx.vpnhelper` LaunchDaemon implements an insecure XPC service that could allow an attacker to execute arbitrary code as the root user. IPVanish uses a third-party library for converting `xpc_object_t` types in to `NSObject` types for sending XPC messages. When IPVanish establishes a new connection, the following XPC message is sent to the `com.ipvanish.osx.vpnhelper` LaunchDaemon. Because the XPC service itself does not validate an incoming connection, any application installed on the operating system can send it XPC messages. In the case of the "connect" message, an attacker could manipulate the `OpenVPNPath` to point at a malicious binary on the system. The `com.ipvanish.osx.vpnhelper` would receive the VPNHelperConnect command, and then execute the malicious binary as the root user.
3534 CVE-2018-10173 434 Exec Code 2018-04-20 2018-05-22
9.0
None Remote Low ??? Complete Complete Complete
Digital Guardian Management Console 7.1.2.0015 allows authenticated remote code execution because of Arbitrary File Upload functionality.
3535 CVE-2018-10171 732 2019-06-05 2020-08-24
10.0
None Remote Low Not required Complete Complete Complete
Kromtech MacKeeper 3.20.4 suffers from a root privilege escalation vulnerability through its `com.mackeeper.AdwareAnalyzer.AdwareAnalyzerPrivilegedHelper` component. The AdwareAnalzyerPrivilegedHelper tool implements an XPC service that allows an unprivileged application to connect and execute shell scripts as the root user.
3536 CVE-2018-10170 732 Exec Code 2018-04-16 2019-10-03
10.0
None Remote Low Not required Complete Complete Complete
NordVPN 6.12.7.0 for Windows suffers from a SYSTEM privilege escalation vulnerability through the "nordvpn-service" service. This service establishes an NetNamedPipe endpoint that allows arbitrary installed applications to connect and call publicly exposed methods. The "Connect" method accepts a class instance argument that provides attacker control of the OpenVPN command line. An attacker can specify a dynamic library plugin that should run for every new VPN connection attempt. This plugin will execute code in the context of the SYSTEM user.
3537 CVE-2018-10169 732 Exec Code 2018-04-16 2019-10-03
10.0
None Remote Low Not required Complete Complete Complete
ProtonVPN 1.3.3 for Windows suffers from a SYSTEM privilege escalation vulnerability through the "ProtonVPN Service" service. This service establishes an NetNamedPipe endpoint that allows arbitrary installed applications to connect and call publicly exposed methods. The "Connect" method accepts a class instance argument that provides attacker control of the OpenVPN command line. An attacker can specify a dynamic library plugin that should run for every new VPN connection. This plugin will execute code in the context of the SYSTEM user.
3538 CVE-2018-10143 269 2018-12-12 2020-02-17
10.0
None Remote Low Not required Complete Complete Complete
The Palo Alto Networks Expedition Migration tool 1.0.107 and earlier may allow an unauthenticated attacker with remote access to run system level commands on the device hosting this service/application.
3539 CVE-2018-10123 2018-05-16 2019-10-03
9.0
None Remote Low ??? Complete Complete Complete
p910nd on Inteno IOPSYS 2.0 through 4.2.0 allows remote attackers to read, or append data to, arbitrary files via requests on TCP port 9100.
3540 CVE-2018-10093 862 Exec Code 2019-03-21 2020-08-24
9.0
None Remote Low ??? Complete Complete Complete
AudioCodes IP phone 420HD devices using firmware version 2.2.12.126 allow Remote Code Execution.
3541 CVE-2018-10088 119 Overflow 2018-06-08 2018-07-31
10.0
None Remote Low Not required Complete Complete Complete
Buffer overflow in XiongMai uc-httpd 1.0.0 has unspecified impact and attack vectors, a different vulnerability than CVE-2017-16725.
3542 CVE-2018-9583 787 Exec Code 2019-02-11 2019-02-14
10.0
None Remote Low Not required Complete Complete Complete
In bta_ag_parse_cmer of bta_ag_cmd.cc in Android-7.0, Android-7.1.1, Android-7.1.2, Android-8.0, Android-8.1 and Android-9, there is a possible out-of-bounds write due to a missing bounds check. This could lead to remote code execution in the bluetooth server with no additional execution privileges needed. User interaction is not needed for exploitation. Android ID: A-112860487.
3543 CVE-2018-9577 787 Exec Code +Priv 2018-12-07 2019-11-13
9.3
None Remote Medium Not required Complete Complete Complete
In impd_parametric_drc_parse_gain_set_params of impd_drc_static_payload.c there is a possible out of bounds write due to missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android. Versions: Android-9. Android ID: A-116715937.
3544 CVE-2018-9576 787 Exec Code 2018-12-07 2019-11-13
9.3
None Remote Medium Not required Complete Complete Complete
In impd_parse_parametric_drc_instructions of impd_drc_static_payload.c there is a possible out of bounds write due to missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android. Versions: Android-9. Android ID: A-116715245.
3545 CVE-2018-9575 787 Exec Code 2018-12-07 2019-11-13
9.3
None Remote Medium Not required Complete Complete Complete
In impd_parse_dwnmix_instructions of impd_drc_static_payload.c there is a possible out of bounds write due to missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android. Versions: Android-9. Android ID: A-116619387.
3546 CVE-2018-9574 787 Exec Code 2018-12-07 2019-11-13
9.3
None Remote Medium Not required Complete Complete Complete
In impd_parse_split_drc_characteristic of impd_drc_static_payload.c there is a possible out of bounds write due to missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android. Versions: Android-9. Android ID: A-116619337.
3547 CVE-2018-9573 787 Exec Code 2018-12-07 2019-11-13
9.3
None Remote Medium Not required Complete Complete Complete
In impd_parse_filt_block of impd_drc_dynamic_payload.c there is a possible out of bounds write due to missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android. Versions: Android-9. Android ID: A-116467350.
3548 CVE-2018-9572 787 Exec Code 2018-12-07 2019-11-13
9.3
None Remote Medium Not required Complete Complete Complete
In impd_drc_parse_coeff of impd_drc_static_payload.c there is a possible out of bounds write due to missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android. Versions: Android-9. Android ID: A-116224432.
3549 CVE-2018-9571 787 Exec Code 2018-12-07 2019-11-13
9.3
None Remote Medium Not required Complete Complete Complete
In impd_parse_loud_eq_instructions of impd_drc_dynamic_payload.c there is a possible out-of-bound write due to missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android. Versions: Android-9. Android ID: A-116020594.
3550 CVE-2018-9570 787 Exec Code 2018-12-07 2019-11-13
9.3
None Remote Medium Not required Complete Complete Complete
In impd_parse_drc_ext_v1 of impd_drc_dynamic_payload.c there is a possible out-of-bound write due to missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: Android. Versions: Android-9. Android ID: A-115375616.
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.