CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2018-1002150 2018-04-04 2018-04-04
0.0
None ??? ??? ??? ??? ??? ???
Koji version 1.12, 1.13, 1.14 and 1.15 contain an incorrect access control vulnerability resulting in arbitrary filesystem read/write access. This vulnerability has been fixed in versions 1.12.1, 1.13.1, 1.14.1 and 1.15.1.
2 CVE-2018-1000170 XSS 2018-04-16 2018-04-16
0.0
None ??? ??? ??? ??? ??? ???
A cross-site scripting vulnerability exists in Jenkins 2.115 and older, LTS 2.107.1 and older, in confirmationList.jelly and stopButton.jelly that allows attackers with Job/Configure and/or Job/Create permission to create an item name containing JavaScript that would be executed in another user's browser when that other user performs some UI actions.
3 CVE-2018-1000169 2018-04-16 2018-04-16
0.0
None ??? ??? ??? ??? ??? ???
An exposure of sensitive information vulnerability exists in Jenkins 2.115 and older, LTS 2.107.1 and older, in CLICommand.java and ViewOptionHandler.java that allows unauthorized attackers to confirm the existence of agents or views with an attacker-specified name by sending a CLI command to Jenkins.
4 CVE-2018-1000167 Exec Code 2018-04-18 2018-04-18
0.0
None ??? ??? ??? ??? ??? ???
OISF suricata-update version 1.0.0a1 contains an Insecure Deserialization vulnerability in the insecure yaml.load-Function as used in the following files: config.py:136, config.py:142, sources.py:99 and sources.py:131. The "list-sources"-command is affected by this bug. that can result in Remote Code Execution(even as root if suricata-update is called by root). This attack appears to be exploitable via a specially crafted yaml-file at https://www.openinfosecfoundation.org/rules/index.yaml. This vulnerability appears to have been fixed in 1.0.0b1.
5 CVE-2018-1000165 2018-04-18 2018-04-18
0.0
None ??? ??? ??? ??? ??? ???
LightSAML version prior to 1.3.5 contains a Incorrect Access Control vulnerability in signature validation in readers in src/LightSaml/Model/XmlDSig/ that can result in impersonation of any user from Identity Provider. This vulnerability appears to have been fixed in 1.3.5 and later.
6 CVE-2018-1000164 2018-04-18 2018-04-18
0.0
None ??? ??? ??? ??? ??? ???
gunicorn version 19.4.5 contains a CWE-113: Improper Neutralization of CRLF Sequences in HTTP Headers vulnerability in "process_headers" function in "gunicorn/http/wsgi.py" that can result in an attacker causing the server to return arbitrary HTTP headers. This vulnerability appears to have been fixed in 19.5.0.
7 CVE-2018-1000163 XSS 2018-04-18 2018-04-18
0.0
None ??? ??? ??? ??? ??? ???
Floodlight version 1.2 and earlier contains a Cross Site Scripting (XSS) vulnerability in the web console that can result in javascript injections into the web page. This attack appears to be exploitable via the victim browsing the web console.
8 CVE-2018-1000162 Exec Code XSS 2018-04-18 2018-04-18
0.0
None ??? ??? ??? ??? ??? ???
Parsedown version prior to 1.7.0 contains a Cross Site Scripting (XSS) vulnerability in `setMarkupEscaped` for escaping HTML that can result in JavaScript code execution. This attack appears to be exploitable via specially crafted markdown that allows it to side step HTML escaping by breaking AST boundaries. This vulnerability appears to have been fixed in 1.7.0 and later.
9 CVE-2018-1000161 Dir. Trav. 2018-04-18 2018-04-18
0.0
None ??? ??? ??? ??? ??? ???
nmap version 6.49BETA6 through 7.60, up to and including SVN revision 37147 contains a Directory Traversal vulnerability in NSE script http-fetch that can result in file overwrite as the user is running it. This attack appears to be exploitable via a victim that runs NSE script http-fetch against a malicious web site. This vulnerability appears to have been fixed in 7.7.
10 CVE-2018-1000160 XSS 2018-04-18 2018-04-18
0.0
None ??? ??? ??? ??? ??? ???
RisingStack protect version 1.2.0 and earlier contains a Cross Site Scripting (XSS) vulnerability in isXss() function in lib/rules/xss.js that can result in dangerous XSS strings being validated as safe. This attack appears to be exploitable via A number of XSS strings(26) detailed in the GitHub issue #16.
11 CVE-2018-1000159 2018-04-18 2018-04-18
0.0
None ??? ??? ??? ??? ??? ???
tlslite-ng version 0.7.3 and earlier, since commit d7b288316bca7bcdd082e6ccff5491e241305233 contains a CWE-354: Improper Validation of Integrity Check Value vulnerability in TLS implementation, tlslite/utils/constanttime.py: ct_check_cbc_mac_and_pad(); line "end_pos = data_len - 1 - mac.digest_size" that can result in an attacker manipulating the TLS ciphertext which will not be detected by receiving tlslite-ng. This attack appears to be exploitable via man in the middle on a network connection. This vulnerability appears to have been fixed after commit 3674815d1b0f7484454995e2737a352e0a6a93d8.
12 CVE-2018-1000158 2018-04-18 2018-04-18
0.0
None ??? ??? ??? ??? ??? ???
cmsmadesimple version 2.2.7 contains a Incorrect Access Control vulnerability in the function of send_recovery_email in the line "$url = $config['admin_url'] . '/login.php?recoverme=' . $code;" that can result in Administrator Password Reset Poisoning, specifically a reset URL pointing at an attacker controlled server can be created by using a host header attack.
13 CVE-2018-1000156 Exec Code 2018-04-06 2018-04-17
0.0
None ??? ??? ??? ??? ??? ???
GNU Patch version 2.7.6 contains an input validation vulnerability when processing patch files, specifically the EDITOR_PROGRAM invocation (using ed) can result in code execution. This attack appear to be exploitable via a patch file processed via the patch utility. This is similar to FreeBSD's CVE-2015-1418 however although they share a common ancestry the code bases have diverged over time.
14 CVE-2018-1000154 Exec Code 2018-04-05 2018-04-05
0.0
None ??? ??? ??? ??? ??? ???
Zammad GmbH Zammad version 2.3.0 and earlier contains a Improper Neutralization of Script-Related HTML Tags in a Web Page (CWE-80) vulnerability in the subject of emails which are not html quoted in certain cases. This can result in the embedding and execution of java script code on users browser. This attack appear to be exploitable via the victim openning a ticket. This vulnerability appears to have been fixed in 2.3.1, 2.2.2 and 2.1.3.
15 CVE-2018-1000153 DoS CSRF 2018-04-05 2018-04-05
0.0
None ??? ??? ??? ??? ??? ???
A cross-site request forgery vulnerability exists in Jenkins vSphere Plugin 2.16 and older in Clone.java, CloudSelectorParameter.java, ConvertToTemplate.java, ConvertToVm.java, Delete.java, DeleteSnapshot.java, Deploy.java, ExposeGuestInfo.java, FolderVSphereCloudProperty.java, PowerOff.java, PowerOn.java, Reconfigure.java, Rename.java, RenameSnapshot.java, RevertToSnapshot.java, SuspendVm.java, TakeSnapshot.java, VSphereBuildStepContainer.java, vSphereCloudProvisionedSlave.java, vSphereCloudSlave.java, vSphereCloudSlaveTemplate.java, VSphereConnectionConfig.java, vSphereStep.java that allows attackers to perform form validation related actions, including sending numerous requests to the configured vSphere server, potentially resulting in denial of service, or send credentials stored in Jenkins with known ID to an attacker-specified server ("test connection").
16 CVE-2018-1000152 DoS 2018-04-05 2018-04-05
0.0
None ??? ??? ??? ??? ??? ???
An improper authorization vulnerability exists in Jenkins vSphere Plugin 2.16 and older in Clone.java, CloudSelectorParameter.java, ConvertToTemplate.java, ConvertToVm.java, Delete.java, DeleteSnapshot.java, Deploy.java, ExposeGuestInfo.java, FolderVSphereCloudProperty.java, PowerOff.java, PowerOn.java, Reconfigure.java, Rename.java, RenameSnapshot.java, RevertToSnapshot.java, SuspendVm.java, TakeSnapshot.java, VSphereBuildStepContainer.java, vSphereCloudProvisionedSlave.java, vSphereCloudSlave.java, vSphereCloudSlaveTemplate.java, VSphereConnectionConfig.java, vSphereStep.java that allows attackers to perform form validation related actions, including sending numerous requests to the configured vSphere server, potentially resulting in denial of service, or send credentials stored in Jenkins with known ID to an attacker-specified server ("test connection").
17 CVE-2018-1000151 2018-04-05 2018-04-05
0.0
None ??? ??? ??? ??? ??? ???
A man in the middle vulnerability exists in Jenkins vSphere Plugin 2.16 and older in VSphere.java that disables SSL/TLS certificate validation by default.
18 CVE-2018-1000150 +Info 2018-04-05 2018-04-05
0.0
None ??? ??? ??? ??? ??? ???
An exposure of sensitive information vulnerability exists in Jenkins Reverse Proxy Auth Plugin 1.5 and older in ReverseProxySecurityRealm#authContext that allows attackers with local file system access to obtain a list of authorities for logged in users.
19 CVE-2018-1000149 2018-04-05 2018-04-05
0.0
None ??? ??? ??? ??? ??? ???
A man in the middle vulnerability exists in Jenkins Ansible Plugin 0.8 and older in AbstractAnsibleInvocation.java, AnsibleAdHocCommandBuilder.java, AnsibleAdHocCommandInvocationTest.java, AnsibleContext.java, AnsibleJobDslExtension.java, AnsiblePlaybookBuilder.java, AnsiblePlaybookStep.java that disables host key verification by default.
20 CVE-2018-1000148 2018-04-05 2018-04-05
0.0
None ??? ??? ??? ??? ??? ???
An exposure of sensitive information vulnerability exists in Jenkins Copy To Slave Plugin version 1.4.4 and older in CopyToSlaveBuildWrapper.java that allows attackers with permission to configure jobs to read arbitrary files from the Jenkins master file system.
21 CVE-2018-1000147 +Info 2018-04-05 2018-04-05
0.0
None ??? ??? ??? ??? ??? ???
An exposure of sensitive information vulnerability exists in Jenkins Perforce Plugin version 1.3.36 and older in PerforcePasswordEncryptor.java that allows attackers with insufficient permission to obtain Perforce passwords configured in jobs to obtain them
22 CVE-2018-1000146 Exec Code 2018-04-05 2018-04-05
0.0
None ??? ??? ??? ??? ??? ???
An arbitrary code execution vulnerability exists in Liquibase Runner Plugin version 1.3.0 and older that allows an attacker with permission to configure jobs to load and execute arbitrary code on the Jenkins master JVM.
23 CVE-2018-1000145 +Info 2018-04-05 2018-04-05
0.0
None ??? ??? ??? ??? ??? ???
An exposure of sensitive information vulnerability exists in Jenkins Perforce Plugin version 1.3.36 and older in PerforcePasswordEncryptor.java that allows attackers with local file system access to obtain encrypted Perforce passwords and decrypt them.
24 CVE-2018-1000144 XSS 2018-04-05 2018-04-05
0.0
None ??? ??? ??? ??? ??? ???
A cross site scripting vulnerability exists in Jenkins Cucumber Living Documentation Plugin 1.0.12 and older in CukedoctorBaseAction#doDynamic that disables the Content-Security-Policy protection for archived artifacts and workspace files, allowing attackers able to control the content of these files to attack Jenkins users.
25 CVE-2018-1000143 +Info 2018-04-05 2018-04-05
0.0
None ??? ??? ??? ??? ??? ???
An exposure of sensitive information vulnerability exists in Jenkins GitHub Pull Request Builder Plugin version 1.39.0 and older in GhprbCause.java that allows an attacker with local file system access to obtain GitHub credentials.
26 CVE-2018-1000142 +Info 2018-04-05 2018-04-05
0.0
None ??? ??? ??? ??? ??? ???
An exposure of sensitive information vulnerability exists in Jenkins GitHub Pull Request Builder Plugin version 1.39.0 and older in GhprbCause.java that allows an attacker with local file system access to obtain GitHub credentials.
27 CVE-2018-1000128 Exec Code Overflow 2018-03-13 2018-03-13
0.0
None ??? ??? ??? ??? ??? ???
GPAC MP4Box version prior to commit 90dc7f853d31b0a4e9441cba97feccf36d8b69a4 contains a Buffer Overflow vulnerability in src/media_tools/av_parsers.c, lines 2387-2388: https://github.com/gpac/gpac/blob/84c4e606a1f906cd4b07ad94d19cea2b668f64ad/src/media_tools/av_parsers.c#L2387-L2388 that can result in may allow an attacker to achieve remote code execution. This attack appear to be exploitable via The victim must open a specially crafted MP4 file. This vulnerability appears to have been fixed in after commit 90dc7f853d31b0a4e9441cba97feccf36d8b69a4.
28 CVE-2018-1000016 XSS 2018-01-23 2018-01-23
0.0
None ??? ??? ??? ??? ??? ???
Jenkins Ant Plugin 1.7 and earlier failed to escape tool names it shows on job configuration screens, resulting in a cross-site scripting vulnerability that is exploitable only by Jenkins administrators.
29 CVE-2018-10298 XSS 2018-04-22 2018-04-22
0.0
None ??? ??? ??? ??? ??? ???
Discuz! DiscuzX through X3.4 has reflected XSS via forum.php?mod=post&action=newthread because data/template/1_diy_portal_view.tpl.php does not restrict the content.
30 CVE-2018-10297 XSS 2018-04-22 2018-04-22
0.0
None ??? ??? ??? ??? ??? ???
Discuz! DiscuzX through X3.4 has stored XSS via the portal.php?mod=portalcp&ac=article URI, related to mishandling of IMG elements associated with remote images.
31 CVE-2018-10296 XSS 2018-04-22 2018-04-22
0.0
None ??? ??? ??? ??? ??? ???
MiniCMS V1.10 has XSS via the mc-admin/post-edit.php title parameter.
32 CVE-2018-10295 CSRF 2018-04-22 2018-04-22
0.0
None ??? ??? ??? ??? ??? ???
ChemCMS v1.0.6 has CSRF by using public/admin/user/addpost.html to add an administrator account.
33 CVE-2018-10289 DoS 2018-04-22 2018-04-22
0.0
None ??? ??? ??? ??? ??? ???
In MuPDF 1.13.0, there is an infinite loop in the fz_skip_space function of the pdf/pdf-xref.c file. A remote adversary could leverage this vulnerability to cause a denial of service via a crafted pdf file.
34 CVE-2018-10286 2018-04-22 2018-04-22
0.0
None ??? ??? ??? ??? ??? ???
The Ericsson-LG iPECS NMS A.1Ac web application discloses sensitive information such as the NMS admin credentials and the PostgreSQL database credentials to logged-in users via the responses to certain HTTP POST requests. In order to be able to see the credentials in cleartext, an attacker needs to be authenticated.
35 CVE-2018-10285 Bypass 2018-04-22 2018-04-22
0.0
None ??? ??? ??? ??? ??? ???
The Ericsson-LG iPECS NMS A.1Ac web application uses incorrect access control mechanisms. Since the app does not use any sort of session ID, an attacker might bypass authentication.
36 CVE-2018-10284 Sql 2018-04-21 2018-04-21
0.0
None ??? ??? ??? ??? ??? ???
Adaltech G-Ticket v70 EME104 has SQL Injection via the mobile-loja/mensagem.asp eve_cod parameter.
37 CVE-2018-10283 Sql 2018-04-21 2018-04-21
0.0
None ??? ??? ??? ??? ??? ???
CliqueMania loja virtual 14 has SQL Injection via the patch/remote.php id parameter in a recomendar action.
38 CVE-2018-10268 XSS 2018-04-21 2018-04-21
0.0
None ??? ??? ??? ??? ??? ???
An issue was discovered in FastAdmin V1.0.0.20180417_beta. There is XSS via the application\api\controller\User.php avatar parameter.
39 CVE-2018-10267 CSRF 2018-04-21 2018-04-21
0.0
None ??? ??? ??? ??? ??? ???
WTCMS 1.0 has a CSRF vulnerability to add an administrator account via the index.php?admin&m=user&a=add_post URI.
40 CVE-2018-10266 CSRF 2018-04-21 2018-04-21
0.0
None ??? ??? ??? ??? ??? ???
BEESCMS 4.0 has a CSRF vulnerability to add an administrator account via the admin/admin_admin.php?nav=list_admin_user&admin_p_nav=user URI.
41 CVE-2018-10265 CSRF 2018-04-21 2018-04-21
0.0
None ??? ??? ??? ??? ??? ???
An issue was discovered in HongCMS v3.0.0. There is a CSRF vulnerability that can add an administrator account via the admin/index.php/users/save URI.
42 CVE-2018-10254 DoS 2018-04-21 2018-04-21
0.0
None ??? ??? ??? ??? ??? ???
Netwide Assembler (NASM) 2.13 has a stack-based buffer over-read in the disasm function of the disasm/disasm.c file. Remote attackers could leverage this vulnerability to cause a denial of service or possibly have unspecified other impact via a crafted ELF file.
43 CVE-2018-10253 2018-04-20 2018-04-20
0.0
None ??? ??? ??? ??? ??? ???
Paessler PRTG Network Monitor before 18.1.39.1648 mishandles stack memory during unspecified API calls.
44 CVE-2018-10250 XSS 2018-04-20 2018-04-20
0.0
None ??? ??? ??? ??? ??? ???
iCMS V7.0.8 has XSS via the admincp.php keywords parameter in a weixin_category action, aka a WeChat Classified Management keyword search.
45 CVE-2018-10249 CSRF 2018-04-20 2018-04-20
0.0
None ??? ??? ??? ??? ??? ???
baijiacms V3 has CSRF via index.php?mod=site&op=edituser&name=manager&do=user to add an administrator account.
46 CVE-2018-10248 CSRF 2018-04-20 2018-04-20
0.0
None ??? ??? ??? ??? ??? ???
An issue was discovered in WUZHI CMS 4.1.0. There is a CSRF vulnerability that can delete any article via index.php?m=content&f=content&v=recycle_delete.
47 CVE-2018-10245 2018-04-20 2018-04-20
0.0
None ??? ??? ??? ??? ??? ???
A Full Path Disclosure vulnerability in AWStats through 7.6 allows remote attackers to know where the config file is allocated, obtaining the full path of the server, a similar issue to CVE-2006-3682. The attack can, for example, use the awstats.pl framename and update parameters.
48 CVE-2018-10238 Overflow 2018-04-20 2018-04-20
0.0
None ??? ??? ??? ??? ??? ???
bvlc.c in skarg BACnet Protocol Stack 0.8.5 has a buffer overflow in BACnet/IP BVLC packet processing because of a lack of packet-size validation.
49 CVE-2018-10236 Exec Code 2018-04-19 2018-04-19
0.0
None ??? ??? ??? ??? ??? ???
POSCMS 3.2.18 allows remote attackers to execute arbitrary PHP code via the diy\dayrui\controllers\admin\Syscontroller.php 'add' function because an attacker can control the value of $data['name'] with no restrictions, and this value is written to the FCPATH.$file file.
50 CVE-2018-10235 Exec Code 2018-04-19 2018-04-19
0.0
None ??? ??? ??? ??? ??? ???
POSCMS 3.2.10 allows remote attackers to execute arbitrary PHP code via the diy\module\member\controllers\admin\Setting.php 'index' function because an attacker can control the value of $cache['setting']['ucssocfg'] in diy\module\member\models\Member_model.php and write this code into the api/ucsso/config.php file.
Total number of vulnerabilities : 1573   Page : 1 (This Page)2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.