| # |
CVE ID
|
CWE ID
|
# of Exploits
|
Vulnerability Type(s)
|
Publish Date
|
Update Date
|
Score
|
Gained Access Level
|
Access
|
Complexity
|
Authentication
|
Conf.
|
Integ.
|
Avail.
|
|
3551 |
CVE-2018-6979 |
287 |
|
Bypass |
2018-10-05 |
2019-01-09 |
5.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
None |
|
The VMware Workspace ONE Unified Endpoint Management Console (A/W Console) 9.7.x prior to 9.7.0.3, 9.6.x prior to 9.6.0.7, 9.5.x prior to 9.5.0.16, 9.4.x prior to 9.4.0.22, 9.3.x prior to 9.3.0.25, 9.2.x prior to 9.2.3.27, and 9.1.x prior to 9.1.5.6 contains a SAML authentication bypass vulnerability which can be leveraged during device enrollment. This vulnerability may allow for a malicious actor to impersonate an authorized SAML session if certificate-based authentication is enabled. This vulnerability is also relevant if certificate-based authentication is not enabled, but the outcome of exploitation is limited to an information disclosure (Important Severity) in those cases. |
|
3552 |
CVE-2018-6976 |
311 |
|
|
2018-09-11 |
2019-10-02 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
The VMware Content Locker for iOS prior to 4.14 contains a data protection vulnerability in the SQLite database. This vulnerability relates to unencrypted filenames and associated metadata in SQLite database for the Content Locker. |
|
3553 |
CVE-2018-6967 |
125 |
|
|
2018-07-09 |
2018-09-06 |
5.5 |
None |
Remote |
Low |
Single system |
Partial |
None |
Partial |
|
VMware ESXi (6.7 before ESXi670-201806401-BG), Workstation (14.x before 14.1.2), and Fusion (10.x before 10.1.2) contain an out-of-bounds read vulnerability in the shader translator. Successful exploitation of this issue may lead to information disclosure or may allow attackers with normal user privileges to crash their VMs, a different vulnerability than CVE-2018-6965 and CVE-2018-6966. |
|
3554 |
CVE-2018-6966 |
125 |
|
|
2018-07-09 |
2018-09-05 |
5.5 |
None |
Remote |
Low |
Single system |
Partial |
None |
Partial |
|
VMware ESXi (6.7 before ESXi670-201806401-BG), Workstation (14.x before 14.1.2), and Fusion (10.x before 10.1.2) contain an out-of-bounds read vulnerability in the shader translator. Successful exploitation of this issue may lead to information disclosure or may allow attackers with normal user privileges to crash their VMs, a different vulnerability than CVE-2018-6965 and CVE-2018-6967. |
|
3555 |
CVE-2018-6965 |
125 |
|
|
2018-07-09 |
2018-09-05 |
5.5 |
None |
Remote |
Low |
Single system |
Partial |
None |
Partial |
|
VMware ESXi (6.7 before ESXi670-201806401-BG), Workstation (14.x before 14.1.2), and Fusion (10.x before 10.1.2) contain an out-of-bounds read vulnerability in the shader translator. Successful exploitation of this issue may lead to information disclosure or may allow attackers with normal user privileges to crash their VMs, a different vulnerability than CVE-2018-6966 and CVE-2018-6967. |
|
3556 |
CVE-2018-6952 |
415 |
|
|
2018-02-13 |
2019-04-17 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
A double free exists in the another_hunk function in pch.c in GNU patch through 2.7.6. |
|
3557 |
CVE-2018-6951 |
476 |
|
DoS |
2018-02-13 |
2019-04-17 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
An issue was discovered in GNU patch through 2.7.6. There is a segmentation fault, associated with a NULL pointer dereference, leading to a denial of service in the intuit_diff_type function in pch.c, aka a "mangled rename" issue. |
|
3558 |
CVE-2018-6924 |
20 |
|
|
2018-09-12 |
2018-11-26 |
5.6 |
None |
Local |
Low |
Not required |
Partial |
None |
Complete |
|
In FreeBSD before 11.1-STABLE, 11.2-RELEASE-p3, 11.1-RELEASE-p14, 10.4-STABLE, and 10.4-RELEASE-p12, insufficient validation in the ELF header parser could allow a malicious ELF binary to cause a kernel crash or disclose kernel memory. |
|
3559 |
CVE-2018-6922 |
400 |
|
|
2018-08-09 |
2019-10-09 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
One of the data structures that holds TCP segments in all versions of FreeBSD prior to 11.2-RELEASE-p1, 11.1-RELEASE-p12, and 10.4-RELEASE-p10 uses an inefficient algorithm to reassemble the data. This causes the CPU time spent on segment processing to grow linearly with the number of segments in the reassembly queue. An attacker who has the ability to send TCP traffic to a victim system can degrade the victim system's network performance and/or consume excessive CPU by exploiting the inefficiency of TCP reassembly handling, with relatively small bandwidth cost. |
|
3560 |
CVE-2018-6919 |
200 |
|
+Info |
2018-04-04 |
2018-05-24 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
In FreeBSD before 11.1-STABLE, 11.1-RELEASE-p9, 10.4-STABLE, 10.4-RELEASE-p8 and 10.3-RELEASE-p28, due to insufficient initialization of memory copied to userland, small amounts of kernel memory may be disclosed to userland processes. Unprivileged users may be able to access small amounts privileged kernel data. |
|
3561 |
CVE-2018-6917 |
190 |
|
Overflow |
2018-04-04 |
2018-05-24 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
In FreeBSD before 11.1-STABLE, 11.1-RELEASE-p9, 10.4-STABLE, 10.4-RELEASE-p8 and 10.3-RELEASE-p28, insufficient validation of user-provided font parameters can result in an integer overflow, leading to the use of arbitrary kernel memory as glyph data. Unprivileged users may be able to access privileged kernel data. |
|
3562 |
CVE-2018-6914 |
22 |
|
Dir. Trav. |
2018-04-03 |
2019-07-21 |
5.0 |
None |
Remote |
Low |
Not required |
None |
Partial |
None |
|
Directory traversal vulnerability in the Dir.mktmpdir method in the tmpdir library in Ruby before 2.2.10, 2.3.x before 2.3.7, 2.4.x before 2.4.4, 2.5.x before 2.5.1, and 2.6.0-preview1 might allow attackers to create arbitrary directories or files via a .. (dot dot) in the prefix argument. |
|
3563 |
CVE-2018-6910 |
200 |
|
+Info |
2018-02-13 |
2018-03-12 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
DedeCMS 5.7 allows remote attackers to discover the full path via a direct request for include/downmix.inc.php or inc/inc_archives_functions.php. |
|
3564 |
CVE-2018-6885 |
22 |
|
Dir. Trav. |
2019-05-14 |
2019-05-17 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
An issue was discovered in MicroStrategy Web Services (the Microsoft Office plugin) before 10.4 Hotfix 7, and before 10.11. The vulnerability is unauthenticated and leads to access to the asset files with the MicroStrategy user privileges. (This includes the credentials to access the admin dashboard which may lead to RCE.) The path traversal is located in a SOAP request in the web service component. |
|
3565 |
CVE-2018-6881 |
200 |
|
+Info |
2018-02-11 |
2018-03-12 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
EmpireCMS 6.6 allows remote attackers to discover the full path via an array value for a parameter to admin/tool/ShowPic.php. |
|
3566 |
CVE-2018-6880 |
200 |
|
+Info |
2018-02-11 |
2018-03-12 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
EmpireCMS 6.6 through 7.2 allows remote attackers to discover the full path via an array value for a parameter to class/connect.php. |
|
3567 |
CVE-2018-6875 |
134 |
|
|
2018-03-14 |
2019-10-02 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
Format String vulnerability in KeepKey version 4.0.0 allows attackers to trigger information display (of information that should not be accessible), related to text containing characters that the device's font lacks. |
|
3568 |
CVE-2018-6871 |
|
|
|
2018-02-09 |
2019-10-02 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
LibreOffice before 5.4.5 and 6.x before 6.0.1 allows remote attackers to read arbitrary files via =WEBSERVICE calls in a document, which use the COM.MICROSOFT.WEBSERVICE function. |
|
3569 |
CVE-2018-6846 |
200 |
|
+Info |
2018-02-08 |
2018-03-08 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
Z-BlogPHP 1.5.1 allows remote attackers to discover the full path via a direct request to zb_system/function/lib/upload.php. |
|
3570 |
CVE-2018-6829 |
327 |
|
+Info |
2018-02-07 |
2019-10-02 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
cipher/elgamal.c in Libgcrypt through 1.8.2, when used to encrypt messages directly, improperly encodes plaintexts, which allows attackers to obtain sensitive information by reading ciphertext data (i.e., it does not have semantic security in face of a ciphertext-only attack). The Decisional Diffie-Hellman (DDH) assumption does not hold for Libgcrypt's ElGamal implementation. |
|
3571 |
CVE-2018-6810 |
22 |
|
Dir. Trav. |
2018-03-06 |
2018-03-26 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
Directory traversal vulnerability in NetScaler ADC 10.5, 11.0, 11.1, and 12.0, and NetScaler Gateway 10.5, 11.0, 11.1, and 12.0 allows remote attackers to traverse the directory on the target system via a crafted request. |
|
3572 |
CVE-2018-6808 |
200 |
|
+Info |
2018-03-06 |
2018-03-26 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
NetScaler ADC 10.5, 11.0, 11.1, and 12.0, and NetScaler Gateway 10.5, 11.0, 11.1, and 12.0 allow remote attackers to download arbitrary files on the target system. |
|
3573 |
CVE-2018-6798 |
125 |
|
|
2018-04-17 |
2019-10-02 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
An issue was discovered in Perl 5.22 through 5.26. Matching a crafted locale dependent regular expression can cause a heap-based buffer over-read and potentially information disclosure. |
|
3574 |
CVE-2018-6794 |
693 |
|
Bypass |
2018-02-07 |
2018-12-05 |
5.0 |
None |
Remote |
Low |
Not required |
None |
Partial |
None |
|
Suricata before 4.0.4 is prone to an HTTP detection bypass vulnerability in detect.c and stream-tcp.c. If a malicious server breaks a normal TCP flow and sends data before the 3-way handshake is complete, then the data sent by the malicious server will be accepted by web clients such as a web browser or Linux CLI utilities, but ignored by Suricata IDS signatures. This mostly affects IDS signatures for the HTTP protocol and TCP stream content; signatures for TCP packets will inspect such network traffic as usual. |
|
3575 |
CVE-2018-6790 |
200 |
|
+Info |
2018-02-06 |
2019-08-06 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
An issue was discovered in KDE Plasma Workspace before 5.12.0. dataengines/notifications/notificationsengine.cpp allows remote attackers to discover client IP addresses via a URL in a notification, as demonstrated by the src attribute of an IMG element. |
|
3576 |
CVE-2018-6706 |
|
|
|
2018-12-12 |
2019-10-09 |
5.0 |
None |
Remote |
Low |
Not required |
None |
Partial |
None |
|
Insecure handling of temporary files in non-Windows McAfee Agent 5.0.0 through 5.0.6, 5.5.0, and 5.5.1 allows an Unprivileged User to introduce custom paths during agent installation in Linux via unspecified vectors. |
|
3577 |
CVE-2018-6669 |
425 |
|
Bypass |
2018-12-20 |
2019-10-09 |
5.2 |
None |
Local Network |
Low |
Single system |
Partial |
Partial |
Partial |
|
A whitelist bypass vulnerability in McAfee Application Control / Change Control 7.0.1 and before allows a remote or local user to execute blacklisted files through an ASP.NET form. |
|
3578 |
CVE-2018-6656 |
352 |
|
CSRF |
2018-02-06 |
2018-03-13 |
5.8 |
None |
Remote |
Medium |
Not required |
None |
Partial |
Partial |
|
Z-BlogPHP 1.5.1 has CSRF via zb_users/plugin/AppCentre/app_del.php, as demonstrated by deleting files and directories. |
|
3579 |
CVE-2018-6653 |
326 |
|
|
2018-02-28 |
2019-10-02 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
comforte SWAP 1049 through 1069 and 20.0.0 through 21.5.3 (as used in SSLOBJ on HPE NonStop SSL T0910, and in the comforte SecurCS, SecurFTP, SecurLib/SSL-AT, and SecurTN products), after executing the RELOAD CERTIFICATES command, does not ensure that clients use a strong TLS cipher suite, which makes it easier for remote attackers to defeat intended cryptographic protection mechanisms by sniffing the network. This is fixed in 21.6.0. |
|
3580 |
CVE-2018-6644 |
476 |
|
|
2018-02-08 |
2018-02-27 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
SBLIM Small Footprint CIM Broker (SFCB) 1.4.9 has a null pointer (DoS) vulnerability via a crafted POST request to the /cimom URI. |
|
3581 |
CVE-2018-6620 |
284 |
|
|
2018-02-04 |
2018-02-27 |
5.0 |
None |
Remote |
Low |
Not required |
None |
Partial |
None |
|
Odoo does not require authentication to be configured for a Backup Database action. |
|
3582 |
CVE-2018-6610 |
200 |
|
+Info |
2018-02-05 |
2018-03-01 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
Information Leakage exists in the jLike 1.0 component for Joomla! via a task=getUserByCommentId request. |
|
3583 |
CVE-2018-6598 |
732 |
|
|
2018-08-29 |
2019-10-02 |
5.6 |
None |
Local |
Low |
Not required |
None |
Partial |
Complete |
|
An issue was discovered on Orbic Wonder Orbic/RC555L/RC555L:7.1.2/N2G47H/329100b:user/release-keys devices. Any app co-located on the device can send an intent to factory reset the device programmatically because of com.android.server.MasterClearReceiver. This does not require any user interaction and does not require any permission to perform. A factory reset will remove all user data from the device. This will result in the loss of any data that the user has not backed up or synced externally. This capability to perform a factory reset is not directly available to third-party apps (those that the user installs themselves), although this capability is present in an unprotected component of the Android OS. This vulnerability is not present in Google's Android Open Source Project (AOSP) code. Therefore, it was introduced by Orbic or another entity in the supply chain. |
|
3584 |
CVE-2018-6594 |
326 |
|
+Info |
2018-02-03 |
2019-10-02 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
lib/Crypto/PublicKey/ElGamal.py in PyCrypto through 2.6.1 generates weak ElGamal key parameters, which allows attackers to obtain sensitive information by reading ciphertext data (i.e., it does not have semantic security in face of a ciphertext-only attack). The Decisional Diffie-Hellman (DDH) assumption does not hold for PyCrypto's ElGamal implementation. |
|
3585 |
CVE-2018-6591 |
200 |
|
+Info |
2018-02-19 |
2018-07-20 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
Converse.js and Inverse.js through 3.3 allow remote attackers to obtain sensitive information because it is too difficult to determine whether safe publication of private data was configured or even intended. For example, users might have an expectation that chatroom bookmarks are private, but the various interacting software components do not necessarily make that happen. |
|
3586 |
CVE-2018-6589 |
|
|
DoS |
2018-05-01 |
2019-10-09 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
CA Spectrum 10.1 prior to 10.01.02.PTF_10.1.239 and 10.2.x prior to 10.2.3 allows remote attackers to cause a denial of service via unspecified vectors. |
|
3587 |
CVE-2018-6562 |
345 |
|
+Info |
2018-05-18 |
2019-10-02 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
totemomail Encryption Gateway before 6.0_b567 allows remote attackers to obtain sensitive information about user sessions and encryption key material via a JSONP hijacking attack. |
|
3588 |
CVE-2018-6532 |
400 |
|
|
2018-02-27 |
2018-03-23 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
An issue was discovered in Icinga 2.x through 2.8.1. By sending specially crafted (authenticated and unauthenticated) requests, an attacker can exhaust a lot of memory on the server side, triggering the OOM killer. |
|
3589 |
CVE-2018-6526 |
200 |
|
+Info |
2018-02-02 |
2018-04-07 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
view_all_bug_page.php in MantisBT 2.10.0-development before 2018-02-02 allows remote attackers to discover the full path via an invalid filter parameter, related to a filter_ensure_valid_filter call in current_user_api.php. |
|
3590 |
CVE-2018-6520 |
601 |
|
Bypass |
2018-02-01 |
2018-02-15 |
5.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
None |
|
SimpleSAMLphp before 1.15.2 allows remote attackers to bypass an open redirect protection mechanism via crafted authority data in a URL. |
|
3591 |
CVE-2018-6519 |
74 |
|
DoS |
2018-02-01 |
2018-10-03 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
The SAML2 library before 1.10.4, 2.x before 2.3.5, and 3.x before 3.1.1 in SimpleSAMLphp has a Regular Expression Denial of Service vulnerability for fraction-of-seconds data in a timestamp. |
|
3592 |
CVE-2018-6517 |
295 |
|
|
2019-03-21 |
2019-10-02 |
5.0 |
None |
Remote |
Low |
Not required |
None |
Partial |
None |
|
Prior to version 0.3.0, chloride's use of net-ssh resulted in host fingerprints for previously unknown hosts getting added to the user's known_hosts file without confirmation. In version 0.3.0 this is updated so that the user's known_hosts file is not updated by chloride. |
|
3593 |
CVE-2018-6505 |
|
|
|
2018-09-20 |
2019-10-09 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
A potential Unauthenticated File Download vulnerability has been identified in ArcSight Management Center (ArcMC) in all versions prior to 2.81. This vulnerability could be exploited to allow for Unauthenticated File Downloads. |
|
3594 |
CVE-2018-6500 |
22 |
|
Dir. Trav. |
2018-09-20 |
2019-10-09 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
A potential Directory Traversal Security vulnerability has been identified in ArcSight Management Center (ArcMC) in all versions prior to 2.81. This vulnerability could be remotely exploited to allow Directory Traversal. |
|
3595 |
CVE-2018-6494 |
89 |
|
Sql |
2018-05-22 |
2019-10-09 |
5.5 |
None |
Remote |
Low |
Single system |
Partial |
Partial |
None |
|
Remote SQL Injection against the HP Service Manager Software Web Tier, version 9.30, 9.31, 9.32, 9.33, 9.34, 9.35, 9.40, 9.41, 9.50, 9.51, may lead to unauthorized disclosure of data. |
|
3596 |
CVE-2018-6487 |
200 |
|
+Info |
2018-02-20 |
2019-10-09 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
Remote Disclosure of Information in Micro Focus Universal CMDB Foundation Software, version numbers 10.10, 10.11, 10.20, 10.21, 10.22, 10.30, 10.31, 4.10, 4.11. This vulnerability could be remotely exploited to allow disclosure of information. |
|
3597 |
CVE-2018-6470 |
200 |
|
+Info |
2018-02-01 |
2018-02-15 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
Nibbleblog 4.0.5 on macOS defaults to having .DS_Store in each directory, causing DS_Store information to leak. |
|
3598 |
CVE-2018-6460 |
200 |
|
+Info |
2018-01-31 |
2018-02-28 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
Hotspot Shield runs a webserver with a static IP address 127.0.0.1 and port 895. The web server uses JSONP and hosts sensitive information including configuration. User controlled input is not sufficiently filtered: an unauthenticated attacker can send a POST request to /status.js with the parameter func=$_APPLOG.Rfunc and extract sensitive information about the machine, including whether the user is connected to a VPN, to which VPN he/she is connected, and what is their real IP address. |
|
3599 |
CVE-2018-6459 |
347 |
|
DoS |
2018-02-20 |
2018-11-27 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
The rsa_pss_params_parse function in libstrongswan/credentials/keys/signature_params.c in strongSwan 5.6.1 allows remote attackers to cause a denial of service via a crafted RSASSA-PSS signature that lacks a mask generation function parameter. |
|
3600 |
CVE-2018-6445 |
255 |
|
|
2019-01-22 |
2019-06-19 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
A Vulnerability in Brocade Network Advisor versions before 14.0.3 could allow a remote unauthenticated attacker to export the current user database which includes the encrypted (not hashed) password of the systems. The attacker could gain access to the Brocade Network Advisor System after extracting/decrypting the passwords. |
