CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities (CVSS score between 6 and 6.99)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
4251 CVE-2018-3930 787 Exec Code 2018-07-11 2018-09-06
6.8
None Remote Medium Not required Partial Partial Partial
In Antenna House Office Server Document Converter version V6.1 Pro MR2 for Linux64 (6,1,2018,0312), a crafted Microsoft Word (DOC) document can lead to an out-of-bounds write, resulting in remote code execution. This vulnerability occurs in the `vbgetfp` method.
4252 CVE-2018-3929 119 Exec Code Overflow 2018-07-11 2018-09-06
6.8
None Remote Medium Not required Partial Partial Partial
An exploitable heap corruption exists in the PowerPoint document conversion functionality of the Antenna House Office Server Document Converter version V6.1 Pro MR2 for Linux64 (6,1,2018,0312). A crafted PowerPoint (PPT) document can lead to heap corruption, resulting in remote code execution.
4253 CVE-2018-3924 416 Exec Code 2018-08-01 2018-10-05
6.8
None Remote Medium Not required Partial Partial Partial
An exploitable use-after-free vulnerability exists in the JavaScript engine of Foxit Software's Foxit PDF Reader version 9.1.5096. A specially crafted PDF document can trigger a previously freed object in memory to be reused, resulting in arbitrary code execution. An attacker needs to trick the user into opening the malicious file to trigger this vulnerability. If the browser plugin extension is enabled, visiting a malicious site can also trigger the vulnerability.
4254 CVE-2018-3923 787 Exec Code Mem. Corr. 2018-08-01 2018-10-02
6.8
None Remote Medium Not required Partial Partial Partial
A memory corruption vulnerability exists in the PCX-parsing functionality of Computerinsel Photoline 20.54. A specially crafted PCX image processed via the application can lead to an out-of-bounds write, overwriting arbitrary data. An attacker can deliver a PCX image to trigger this vulnerability and gain code execution.
4255 CVE-2018-3922 119 Exec Code Overflow Mem. Corr. 2018-08-01 2018-09-28
6.8
None Remote Medium Not required Partial Partial Partial
A memory corruption vulnerability exists in the ANI-parsing functionality of Computerinsel Photoline 20.54. A specially crafted ANI image processed via the application can lead to a stack overflow, overwriting arbitrary data. An attacker can deliver an ANI image to trigger this vulnerability and gain code execution.
4256 CVE-2018-3921 119 Exec Code Overflow Mem. Corr. 2018-08-01 2018-09-28
6.8
None Remote Medium Not required Partial Partial Partial
A memory corruption vulnerability exists in the PSD-parsing functionality of Computerinsel Photoline 20.54. A specially crafted PSD image processed via the application can lead to a stack overflow, overwriting arbitrary data. An attacker can deliver a PSD image to trigger this vulnerability and gain code execution.
4257 CVE-2018-3918 707 2018-08-27 2018-11-09
6.4
None Remote Low Not required None Partial Partial
An exploitable vulnerability exists in the remote servers of Samsung SmartThings Hub STH-ETH-250 - Firmware version 0.20.17. The hubCore process listens on port 39500 and relays any unauthenticated messages to SmartThings' remote servers, which incorrectly handle camera IDs for the 'sync' operation, leading to arbitrary deletion of cameras. An attacker can send an HTTP request to trigger this vulnerability.
4258 CVE-2018-3912 119 Overflow 2018-08-23 2018-10-19
6.9
None Local Medium Not required Complete Complete Complete
On Samsung SmartThings Hub STH-ETH-250 devices with firmware version 0.20.17, the video-core process insecurely extracts the fields from the "shard" table of its SQLite database, leading to a buffer overflow on the stack. The strcpy call overflows the destination buffer, which has a size of 128 bytes. An attacker can send an arbitrarily long "secretKey" value in order to exploit this vulnerability.
4259 CVE-2018-3909 444 2018-08-23 2018-10-22
6.4
None Remote Low Not required None Partial Partial
An exploitable vulnerability exists in the REST parser of video-core's HTTP server of the Samsung SmartThings Hub STH-ETH-250 - Firmware version 0.20.17. The video-core process incorrectly handles pipelined HTTP requests, which allows successive requests to overwrite the previously parsed HTTP method, 'onmessagecomplete' callback. An attacker can send an HTTP request to trigger this vulnerability.
4260 CVE-2018-3908 444 2018-08-28 2018-11-09
6.4
None Remote Low Not required None Partial Partial
An exploitable vulnerability exists in the REST parser of video-core's HTTP server of the Samsung SmartThings Hub STH-ETH-250-Firmware version 0.20.17. The video-core process incorrectly handles pipelined HTTP requests, which allows successive requests to overwrite the previously parsed HTTP method, URL and body. With the implementation of the on_body callback, defined by sub_41734, an attacker can send an HTTP request to trigger this vulnerability.
4261 CVE-2018-3907 444 2018-08-23 2018-10-22
6.4
None Remote Low Not required None Partial Partial
An exploitable vulnerability exists in the REST parser of video-core's HTTP server of the Samsung SmartThings Hub STH-ETH-250 - Firmware version 0.20.17. The video-core process incorrectly handles pipelined HTTP requests, which allows successive requests to overwrite the previously parsed HTTP method, 'on_url' callback. An attacker can send an HTTP request to trigger this vulnerability.
4262 CVE-2018-3900 119 Exec Code Overflow 2018-11-01 2018-12-11
6.8
None Remote Medium Not required Partial Partial Partial
An exploitable code execution vulnerability exists in the QR code scanning functionality of Yi Home Camera 27US 1.8.7.0D. A specially crafted QR Code can cause a buffer overflow, resulting in code execution. An attacker can make the camera scan a QR code to trigger this vulnerability. Alternatively, a user could be convinced to display a QR code from the internet to their camera, which could exploit this vulnerability.
4263 CVE-2018-3889 787 Exec Code 2018-04-12 2018-05-18
6.8
None Remote Medium Not required Partial Partial Partial
A specially crafted PCX image processed via the application can lead to an out-of-bounds write, overwriting arbitrary data. An attacker can deliver a PCX image to trigger this vulnerability and gain code execution.
4264 CVE-2018-3888 787 Exec Code Mem. Corr. 2018-04-11 2018-05-11
6.8
None Remote Medium Not required Partial Partial Partial
A memory corruption vulnerability exists in the PCX-parsing functionality of Computerinsel Photoline 20.53. A specially crafted PCX image processed via the application can lead to an out-of-bounds write, overwriting arbitrary data. An attacker can deliver a PCX image to trigger this vulnerability and gain code execution.
4265 CVE-2018-3887 787 Exec Code Mem. Corr. 2018-04-11 2018-05-11
6.8
None Remote Medium Not required Partial Partial Partial
A memory corruption vulnerability exists in the PCX-parsing functionality of Computerinsel Photoline 20.53. A specially crafted PCX image processed via the application can lead to an out-of-bounds write, overwriting arbitrary data. An attacker can deliver a PCX image to trigger this vulnerability and gain code execution.
4266 CVE-2018-3886 787 Exec Code Mem. Corr. 2018-04-11 2018-05-11
6.8
None Remote Medium Not required Partial Partial Partial
A memory corruption vulnerability exists in the PCX-parsing functionality of Computerinsel Photoline 20.53. A specially crafted PCX image processed via the application can lead to an out-of-bounds write, overwriting arbitrary data. An attacker can deliver a PCX image to trigger this vulnerability and gain code execution.
4267 CVE-2018-3885 89 Sql 2018-09-12 2018-10-29
6.5
None Remote Low Single system Partial Partial Partial
An exploitable SQL injection vulnerability exists in the authenticated part of ERPNext v10.1.6. Specially crafted web requests can cause SQL injections resulting in data compromise. The order_by parameter can be used to perform an SQL injection attack. An attacker can use a browser to trigger these vulnerabilities, and no special tools are required.
4268 CVE-2018-3884 89 Sql 2018-09-12 2018-10-30
6.5
None Remote Low Single system Partial Partial Partial
An exploitable SQL injection vulnerability exists in the authenticated part of ERPNext v10.1.6. Specially crafted web requests can cause SQL injections resulting in data compromise. The sort_by and start parameter can be used to perform an SQL injection attack. An attacker can use a browser to trigger these vulnerabilities, and no special tools are required.
4269 CVE-2018-3883 89 Sql 2018-09-12 2018-10-29
6.5
None Remote Low Single system Partial Partial Partial
An exploitable SQL injection vulnerability exists in the authenticated part of ERPNext v10.1.6. Specially crafted web requests can cause SQL injections resulting in data compromise. The employee and sort_order parameter can be used to perform an SQL injection attack. An attacker can use a browser to trigger these vulnerabilities, and no special tools are required.
4270 CVE-2018-3882 89 Sql 2018-09-12 2018-10-29
6.5
None Remote Low Single system Partial Partial Partial
An exploitable SQL injection vulnerability exists in the authenticated part of ERPNext v10.1.6. Specially crafted web requests can cause SQL injections resulting in data compromise. The searchfield parameter can be used to perform an SQL injection attack. An attacker can use a browser to trigger these vulnerabilities, and no special tools are required.
4271 CVE-2018-3879 89 Sql 2018-08-23 2018-10-26
6.5
None Remote Low Single system Partial Partial Partial
An exploitable JSON injection vulnerability exists in the credentials handler of video-core's HTTP server of Samsung SmartThings Hub STH-ETH-250 devices with firmware version 0.20.17. The video-core process incorrectly parses the user-controlled JSON payload, leading to a JSON injection which in turn leads to a SQL injection in the video-core database. An attacker can send a series of HTTP requests to trigger this vulnerability.
4272 CVE-2018-3871 787 Exec Code 2018-07-19 2019-10-09
6.8
None Remote Medium Not required Partial Partial Partial
An exploitable out-of-bounds write exists in the PCX parsing functionality of Canvas Draw version 4.0.0. A specially crafted PCX image processed via the application can lead to an out-of-bounds write, overwriting arbitrary data. An attacker can deliver a PCX image to trigger this vulnerability and gain code execution. A different vulnerability than CVE-2018-3870.
4273 CVE-2018-3870 787 Exec Code 2018-07-19 2019-10-09
6.8
None Remote Medium Not required Partial Partial Partial
An exploitable out-of-bounds write exists in the PCX parsing functionality of Canvas Draw version 4.0.0. A specially crafted PCX image processed via the application can lead to an out-of-bounds write, overwriting arbitrary data. An attacker can deliver a PCX image to trigger this vulnerability and gain code execution. A different vulnerability than CVE-2018-3871.
4274 CVE-2018-3868 787 Exec Code 2018-04-12 2018-05-16
6.8
None Remote Medium Not required Partial Partial Partial
A specially crafted TIFF image processed via the application can lead to an out-of-bounds write, overwriting arbitrary data. An attacker can deliver a TIFF image to trigger this vulnerability and gain code execution.
4275 CVE-2018-3862 787 2018-04-12 2018-05-16
6.8
None Remote Medium Not required Partial Partial Partial
A specially crafted TIFF image processed via the application can lead to an out-of-bounds write, overwriting
4276 CVE-2018-3861 787 Exec Code 2018-04-12 2018-05-16
6.8
None Remote Medium Not required Partial Partial Partial
A specially crafted TIFF image processed via the application can lead to an out-of-bounds write, overwriting arbitrary data. An attacker can deliver a TIFF image to trigger this vulnerability and gain code execution.
4277 CVE-2018-3860 787 Exec Code 2018-07-19 2019-10-09
6.8
None Remote Medium Not required Partial Partial Partial
An exploitable out-of-bounds write exists in the TIFF parsing functionality of Canvas Draw version 4.0.0. A specially crafted TIFF image processed via the application can lead to an out-of-bounds write, overwriting arbitrary data. An attacker can deliver a TIFF image to trigger this vulnerability and gain the ability to execute code. A different vulnerability than CVE-2018-3859.
4278 CVE-2018-3859 787 Exec Code 2018-07-19 2019-10-09
6.8
None Remote Medium Not required Partial Partial Partial
An exploitable out-of-bounds write exists in the TIFF parsing functionality of Canvas Draw version 4.0.0. A specially crafted TIFF image processed via the application can lead to an out-of-bounds write, overwriting arbitrary data. An attacker can deliver a TIFF image to trigger this vulnerability and gain code execution. A different vulnerability than CVE-2018-3860.
4279 CVE-2018-3858 119 Exec Code Overflow 2018-07-19 2019-10-09
6.8
None Remote Medium Not required Partial Partial Partial
An exploitable heap overflow exists in the TIFF parsing functionality of Canvas Draw version 4.0.0. A specially crafted TIFF image processed via the application can lead to an out-of-bounds write, overwriting arbitrary data. An attacker can deliver a TIFF image to trigger this vulnerability and gain the ability to execute code. A different vulnerability than CVE-2018-3857.
4280 CVE-2018-3857 119 Exec Code Overflow 2018-07-19 2019-10-09
6.8
None Remote Medium Not required Partial Partial Partial
An exploitable heap overflow exists in the TIFF parsing functionality of Canvas Draw version 4.0.0. A specially crafted TIFF image processed via the application can lead to an out-of-bounds write, overwriting arbitrary data. An attacker can deliver a TIFF image to trigger this vulnerability and gain code execution. A different vulnerability than CVE-2018-3858.
4281 CVE-2018-3855 415 Exec Code 2018-04-26 2018-06-04
6.8
None Remote Medium Not required Partial Partial Partial
In Hyland Perceptive Document Filters 11.4.0.2647 - x86/x64 Windows/Linux, a crafted OpenDocument document can lead to a SkCanvas object double free resulting in direct code execution.
4282 CVE-2018-3853 416 Exec Code 2018-06-04 2018-07-31
6.8
None Remote Medium Not required Partial Partial Partial
An exploitable use-after-free vulnerability exists in the JavaScript engine of Foxit Software Foxit PDF Reader version 9.0.1.1049. A specially crafted PDF document can trigger a previously freed object in memory to be reused resulting in arbitrary code execution. An attacker needs to trick the user to open the malicious file to trigger this vulnerability. If the browser plugin extension is enabled, visiting a malicious site can also trigger the vulnerability.
4283 CVE-2018-3851 119 Exec Code Overflow 2018-04-26 2018-06-04
6.8
None Remote Medium Not required Partial Partial Partial
In Hyland Perceptive Document Filters 11.4.0.2647 - x86/x64 Windows/Linux, an exploitable stack-based buffer overflow exists in the DOC-to-HTML conversion functionality of the Hyland Perceptive Document Filters version 11.4.0.2647. A crafted .doc document can lead to a stack-based buffer, resulting in direct code execution.
4284 CVE-2018-3850 416 Exec Code 2018-04-23 2018-05-25
6.8
None Remote Medium Not required Partial Partial Partial
An exploitable use-after-free vulnerability exists in the JavaScript engine Foxit Software Foxit PDF Reader version 9.0.1.1049. A specially crafted PDF document can trigger a previously freed object in memory to be reused, resulting in arbitrary code execution. An attacker needs to trick the user to open the malicious file to trigger this vulnerability. If a browser plugin extension is enabled, visiting a malicious site can also trigger the vulnerability.
4285 CVE-2018-3849 119 Exec Code Overflow 2018-04-16 2018-05-21
6.8
None Remote Medium Not required Partial Partial Partial
In the ffghtb function in NASA CFITSIO 3.42, specially crafted images parsed via the library can cause a stack-based buffer overflow overwriting arbitrary data. An attacker can deliver an FIT image to trigger this vulnerability and potentially gain code execution.
4286 CVE-2018-3848 119 Exec Code Overflow 2018-04-16 2018-05-21
6.8
None Remote Medium Not required Partial Partial Partial
In the ffghbn function in NASA CFITSIO 3.42, specially crafted images parsed via the library can cause a stack-based buffer overflow overwriting arbitrary data. An attacker can deliver an FIT image to trigger this vulnerability and potentially gain code execution.
4287 CVE-2018-3847 119 Exec Code Overflow 2018-08-01 2018-10-05
6.8
None Remote Medium Not required Partial Partial Partial
Multiple exploitable buffer overflow vulnerabilities exist in image parsing functionality of the CFITSIO library version 3.42. Specially crafted images parsed via the library, can cause a stack-based buffer overflow overwriting arbitrary data. An attacker can deliver an FIT image to trigger this vulnerability and potentially gain code execution.
4288 CVE-2018-3846 119 Exec Code Overflow 2018-04-16 2018-05-22
6.8
None Remote Medium Not required Partial Partial Partial
In the ffgphd and ffgtkn functions in NASA CFITSIO 3.42, specially crafted images parsed via the library can cause a stack-based buffer overflow overwriting arbitrary data. An attacker can deliver an FIT image to trigger this vulnerability and potentially gain code execution.
4289 CVE-2018-3845 415 Exec Code 2018-04-26 2018-06-04
6.8
None Remote Medium Not required Partial Partial Partial
In Hyland Perceptive Document Filters 11.4.0.2647 - x86/x64 Windows/Linux, a crafted OpenDocument document can lead to a SkCanvas object double free resulting in direct code execution.
4290 CVE-2018-3844 416 Exec Code 2018-04-26 2018-06-04
6.8
None Remote Medium Not required Partial Partial Partial
In Hyland Perceptive Document Filters 11.4.0.2647 - x86/x64 Windows/Linux, a crafted DOCX document can lead to a use-after-free resulting in direct code execution.
4291 CVE-2018-3843 704 Exec Code 2018-04-19 2018-05-22
6.8
None Remote Medium Not required Partial Partial Partial
An exploitable type confusion vulnerability exists in the way Foxit PDF Reader version 9.0.1.1049 parses files with associated file annotations. A specially crafted PDF document can lead to an object of invalid type to be dereferenced, which can potentially lead to sensitive memory disclosure, and possibly to arbitrary code execution. An attacker needs to trick the user into opening the malicious file to trigger this vulnerability. If the browser plugin extension is enabled, visiting a malicious site can also trigger the vulnerability.
4292 CVE-2018-3842 824 Exec Code 2018-04-19 2018-05-22
6.8
None Remote Medium Not required Partial Partial Partial
An exploitable use of an uninitialized pointer vulnerability exists in the JavaScript engine in Foxit PDF Reader version 9.0.1.1049. A specially crafted PDF document can lead to a dereference of an uninitialized pointer which, if under attacker control, can result in arbitrary code execution. An attacker needs to trick the user to open a malicious file to trigger this vulnerability. If the browser plugin extension is enabled, visiting a malicious site can also trigger the vulnerability.
4293 CVE-2018-3839 787 Exec Code 2018-04-10 2019-03-28
6.8
None Remote Medium Not required Partial Partial Partial
An exploitable code execution vulnerability exists in the XCF image rendering functionality of Simple DirectMedia Layer SDL2_image-2.0.2. A specially crafted XCF image can cause an out-of-bounds write on the heap, resulting in code execution. An attacker can display a specially crafted image to trigger this vulnerability.
4294 CVE-2018-3835 787 Exec Code Overflow 2018-01-29 2018-02-16
6.8
None Remote Medium Not required Partial Partial Partial
An exploitable out of bounds write vulnerability exists in version 2.2 of the Per Face Texture mapping application known as PTEX. The vulnerability is present in the reading of a file without proper parameter checking. The value read in, is not verified to be valid and its use can lead to a buffer overflow, potentially resulting in code execution.
4295 CVE-2018-3814 74 Exec Code 2018-01-01 2018-01-17
6.5
None Remote Low Single system Partial Partial Partial
Craft CMS 2.6.3000 allows remote attackers to execute arbitrary PHP code by using the "Assets->Upload files" screen and then the "Replace it" option, because this allows a .jpg file to have embedded PHP code, and then be renamed to a .php extension.
4296 CVE-2018-3767 2018-07-05 2019-10-09
6.4
None Remote Low Not required Partial None Partial
`memjs` versions <= 1.1.0 allocates and stores buffers on typed input, resulting in DoS and uninitialized memory usage.
4297 CVE-2018-3754 89 Sql 2018-07-03 2018-09-04
6.5
None Remote Low Single system Partial Partial Partial
Node.js third-party module query-mysql versions 0.0.0, 0.0.1, and 0.0.2 are vulnerable to an SQL injection vulnerability due to lack of user input sanitization. This may allow an attacker to run arbitrary SQL queries when fetching data from database.
4298 CVE-2018-3745 125 2018-05-29 2019-10-09
6.4
None Remote Low Not required Partial None Partial
atob 2.0.3 and earlier allocates uninitialized Buffers when number is passed in input on Node.js 4.x and below.
4299 CVE-2018-3739 125 2018-06-06 2019-10-09
6.4
None Remote Low Not required Partial None Partial
https-proxy-agent before 2.1.1 passes auth option to the Buffer constructor without proper sanitization, resulting in DoS and uninitialized memory leak in setups where an attacker could submit typed input to the 'auth' parameter (e.g. JSON).
4300 CVE-2018-3736 399 2018-06-06 2018-07-20
6.4
None Remote Low Not required Partial None Partial
https-proxy-agent passes unsanitized options to Buffer(arg) resulting in DoS and uninitialized memory leak.
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.