CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities Related To CWE-74

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2018-1000854 74 Exec Code 2018-12-20 2019-01-07
7.5
None Remote Low Not required Partial Partial Partial
esigate.org esigate version 5.2 and earlier contains a CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') vulnerability in ESI directive with user specified XSLT that can result in Remote Code Execution. This attack appear to be exploitable via Use of another weakness in backend application to reflect ESI directives. This vulnerability appears to have been fixed in 5.3.
2 CVE-2018-1000615 74 DoS 2018-07-09 2018-09-04
5.0
None Remote Low Not required None None Partial
ONOS ONOS Controller version 1.13.1 and earlier contains a Denial of Service (Service crash) vulnerability in OVSDB component in ONOS that can result in An adversary can remotely crash OVSDB service ONOS controller via a normal switch.. This attack appear to be exploitable via the attacker should be able to control or forge a switch in the network..
3 CVE-2018-1000130 74 2018-03-14 2018-09-12
6.8
None Remote Medium Not required Partial Partial Partial
A JNDI Injection vulnerability exists in Jolokia agent version 1.3.7 in the proxy mode that allows a remote attacker to run arbitrary Java code on the server.
4 CVE-2018-1000059 74 Exec Code 2018-02-09 2018-03-08
7.5
None Remote Low Not required Partial Partial Partial
ValidFormBuilder version 4.5.4 contains a PHP Object Injection vulnerability in Valid Form unserialize method that can result in Possible to execute unauthorised system commands remotely and disclose file contents in file system.
5 CVE-2018-19289 74 2018-11-15 2018-12-28
4.3
None Remote Medium Not required None Partial None
An issue was discovered in Valine v1.3.3. It allows HTML injection, which can be exploited for JavaScript execution via an EMBED element in conjunction with a .pdf file.
6 CVE-2018-18207 74 2018-10-10 2018-11-27
4.3
None Remote Medium Not required None Partial None
Virtualmin 6.03 allows Frame Injection via the settings-editor_read.cgi file parameter.
7 CVE-2018-17538 74 2018-09-26 2018-12-20
7.5
None Remote Low Not required Partial Partial Partial
** DISPUTED ** Axon (formerly TASER International) Evidence Sync 3.15.89 is vulnerable to process injection. NOTE: the vendor's position is that this CVE is not associated with information that supports any finding of any type of vulnerability.
8 CVE-2018-16651 74 2018-09-07 2018-11-14
9.0
None Remote Low Single system Complete Complete Complete
The admin backend in phpMyFAQ before 2.9.11 allows CSV injection in reports.
9 CVE-2018-16627 74 2018-12-20 2019-01-09
5.8
None Remote Medium Not required Partial Partial None
panel/login in Kirby v2.5.12 allows Host header injection via the "forget password" feature.
10 CVE-2018-16308 74 2018-09-01 2018-11-06
6.8
None Remote Medium Not required Partial Partial Partial
The Ninja Forms plugin before 3.3.14.1 for WordPress allows CSV injection.
11 CVE-2018-16275 74 2018-08-31 2018-11-13
6.8
None Remote Medium Not required Partial Partial Partial
OPSWAT MetaDefender before v4.11.2 allows CSV injection.
12 CVE-2018-16157 74 2018-08-30 2018-11-02
5.0
None Remote Low Not required None Partial None
waimai Super Cms 20150505 has a logic flaw allowing attackers to modify a price, before form submission, by observing data in a packet capture. By setting the index.php?m=cart&a=save item_totals parameter to zero, the entire cart is sold for free.
13 CVE-2018-16058 74 2018-08-29 2019-01-16
5.0
None Remote Low Not required None None Partial
In Wireshark 2.6.0 to 2.6.2, 2.4.0 to 2.4.8, and 2.2.0 to 2.2.16, the Bluetooth AVDTP dissector could crash. This was addressed in epan/dissectors/packet-btavdtp.c by properly initializing a data structure.
14 CVE-2018-16057 74 2018-08-29 2019-01-16
5.0
None Remote Low Not required None None Partial
In Wireshark 2.6.0 to 2.6.2, 2.4.0 to 2.4.8, and 2.2.0 to 2.2.16, the Radiotap dissector could crash. This was addressed in epan/dissectors/packet-ieee80211-radiotap-iter.c by validating iterator operations.
15 CVE-2018-16056 74 2018-08-29 2018-10-30
5.0
None Remote Low Not required None None Partial
In Wireshark 2.6.0 to 2.6.2, 2.4.0 to 2.4.8, and 2.2.0 to 2.2.16, the Bluetooth Attribute Protocol dissector could crash. This was addressed in epan/dissectors/packet-btatt.c by verifying that a dissector for a specific UUID exists.
16 CVE-2018-15608 74 2018-08-28 2018-11-02
4.3
None Remote Medium Not required None Partial None
Zoho ManageEngine ADManager Plus 6.5.7 allows HTML Injection on the "AD Delegation" "Help Desk Technicians" screen.
17 CVE-2018-15571 74 2018-08-28 2018-11-07
6.8
None Remote Medium Not required Partial Partial Partial
The Export Users to CSV plugin through 1.1.1 for WordPress allows CSV injection.
18 CVE-2018-15494 74 2018-08-17 2018-10-12
7.5
None Remote Low Not required Partial Partial Partial
In Dojo Toolkit before 1.14, there is unescaped string injection in dojox/Grid/DataGrid.
19 CVE-2018-14716 74 Exec Code 2018-08-06 2018-10-18
5.0
None Remote Low Not required Partial None None
A Server Side Template Injection (SSTI) was discovered in the SEOmatic plugin before 3.1.4 for Craft CMS, because requests that don't match any elements incorrectly generate the canonicalUrl, and can lead to execution of Twig code.
20 CVE-2018-14077 74 2018-08-20 2018-10-23
5.0
None Remote Low Not required Partial None None
Wi2be SMART HP WMT R1.2.20_201400922 allows unauthorized remote attackers to backup the device configuration via a direct request to /Maintenance/configfile.cfg.
21 CVE-2018-13386 74 Exec Code 2018-07-24 2018-09-20
6.8
None Remote Medium Not required Partial Partial Partial
There was an argument injection vulnerability in Sourcetree for Windows via filenames in Mercurial repositories. An attacker with permission to commit to a Mercurial repository linked in Sourcetree for Windows is able to exploit this issue to gain code execution on the system. Versions of Sourcetree for Windows before version 2.6.9 are affected by this vulnerability.
22 CVE-2018-12160 74 Exec Code 2018-09-12 2018-11-26
4.6
None Local Low Not required Partial Partial Partial
DLL injection vulnerability in software installer for Intel Data Center Migration Center Software v3.1 and before may allow an authenticated user to potentially execute code using default directory permissions via local access.
23 CVE-2018-11526 74 2018-06-19 2018-08-14
6.8
None Remote Medium Not required Partial Partial Partial
The plugin "WordPress Comments Import & Export" for WordPress (v2.0.4 and before) is vulnerable to CSV Injection.
24 CVE-2018-11525 74 2018-06-19 2018-08-14
6.8
None Remote Medium Not required Partial Partial Partial
The plugin "Advanced Order Export For WooCommerce" for WordPress (v1.5.4 and before) is vulnerable to CSV Injection.
25 CVE-2018-11396 74 DoS 2018-05-23 2018-06-22
5.0
None Remote Low Not required None None Partial
ephy-session.c in libephymain.so in GNOME Web (aka Epiphany) through 3.28.2.1 allows remote attackers to cause a denial of service (application crash) via JavaScript code that triggers access to a NULL URL, as demonstrated by a crafted window.open call.
26 CVE-2018-11072 74 2018-10-02 2018-12-28
7.2
None Local Low Not required Complete Complete Complete
Dell Digital Delivery versions prior to 3.5.1 contain a DLL Injection Vulnerability. A local authenticated malicious user with advance knowledge of the application workflow could potentially load and execute a malicious DLL with administrator privileges.
27 CVE-2018-10992 74 2018-05-11 2018-06-13
7.5
None Remote Low Not required Partial Partial Partial
lilypond-invoke-editor in LilyPond 2.19.80 does not validate strings before launching the program specified by the BROWSER environment variable, which allows remote attackers to conduct argument-injection attacks via a crafted URL, as demonstrated by a --proxy-pac-file argument, because the GNU Guile code uses the system Scheme procedure instead of the system* Scheme procedure. NOTE: this vulnerability exists because of an incomplete fix for CVE-2017-17523.
28 CVE-2018-10891 74 2018-07-10 2018-09-05
7.5
None Remote Low Not required Partial Partial Partial
A flaw was found in moodle before versions 3.5.1, 3.4.4, 3.3.7, 3.1.13. When a quiz question bank is imported, it was possible for the question preview that is displayed to execute JavaScript that is written into the question bank.
29 CVE-2018-10504 74 2018-04-27 2018-06-06
6.8
None Remote Medium Not required Partial Partial Partial
The WebDorado "Form Maker by WD" plugin before 1.12.24 for WordPress allows CSV injection.
30 CVE-2018-9137 74 2018-04-19 2018-05-22
3.5
None Remote Medium Single system None Partial None
Open-AudIT before 2.2 has CSV Injection.
31 CVE-2018-8092 74 2018-04-18 2018-05-17
7.5
None Remote Low Not required Partial Partial Partial
Mautic before 2.13.0 allows CSV injection.
32 CVE-2018-7951 74 2018-06-01 2018-07-02
9.0
None Remote Low Single system Complete Complete Complete
The iBMC (Intelligent Baseboard Management Controller) of some Huawei servers have a JSON injection vulnerability due to insufficient input validation. An authenticated, remote attacker can launch a JSON injection to modify the password of administrator. Successful exploit may allow attackers to obtain the management privilege of the system.
33 CVE-2018-7950 74 2018-06-01 2018-07-02
9.0
None Remote Low Single system Complete Complete Complete
The iBMC (Intelligent Baseboard Management Controller) of some Huawei servers have a JSON injection vulnerability due to insufficient input validation. An authenticated, remote attacker can launch a JSON injection to modify the password of administrator. Successful exploit may allow attackers to obtain the management privilege of the system.
34 CVE-2018-7420 74 2018-02-23 2019-01-16
5.0
None Remote Low Not required None None Partial
In Wireshark 2.2.0 to 2.2.12 and 2.4.0 to 2.4.4, the pcapng file parser could crash. This was addressed in wiretap/pcapng.c by adding a block-size check for sysdig event blocks.
35 CVE-2018-7419 74 2018-02-23 2018-06-05
5.0
None Remote Low Not required None None Partial
In Wireshark 2.2.0 to 2.2.12 and 2.4.0 to 2.4.4, the NBAP dissector could crash. This was addressed in epan/dissectors/asn1/nbap/nbap.cnf by ensuring DCH ID initialization.
36 CVE-2018-7418 74 2018-02-23 2019-01-16
5.0
None Remote Low Not required None None Partial
In Wireshark 2.2.0 to 2.2.12 and 2.4.0 to 2.4.4, the SIGCOMP dissector could crash. This was addressed in epan/dissectors/packet-sigcomp.c by correcting the extraction of the length value.
37 CVE-2018-7417 74 2018-02-23 2019-01-16
5.0
None Remote Low Not required None None Partial
In Wireshark 2.2.0 to 2.2.12 and 2.4.0 to 2.4.4, the IPMI dissector could crash. This was addressed in epan/dissectors/packet-ipmi-picmg.c by adding support for crafted packets that lack an IPMI header.
38 CVE-2018-7337 74 2018-02-23 2018-04-19
5.0
None Remote Low Not required None None Partial
In Wireshark 2.4.0 to 2.4.4, the DOCSIS protocol dissector could crash. This was addressed in plugins/docsis/packet-docsis.c by removing the recursive algorithm that had been used for concatenated PDUs.
39 CVE-2018-7336 74 2018-02-23 2019-01-16
5.0
None Remote Low Not required None None Partial
In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, the FCP protocol dissector could crash. This was addressed in epan/dissectors/packet-fcp.c by checking for a NULL pointer.
40 CVE-2018-7335 74 2018-02-23 2018-06-05
5.0
None Remote Low Not required None None Partial
In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, the IEEE 802.11 dissector could crash. This was addressed in epan/crypt/airpdcap.c by rejecting lengths that are too small.
41 CVE-2018-7334 74 2018-02-23 2018-06-05
5.0
None Remote Low Not required None None Partial
In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, the UMTS MAC dissector could crash. This was addressed in epan/dissectors/packet-umts_mac.c by rejecting a certain reserved value.
42 CVE-2018-7320 74 2018-02-23 2018-06-05
5.0
None Remote Low Not required None None Partial
In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, the SIGCOMP protocol dissector could crash. This was addressed in epan/dissectors/packet-sigcomp.c by validating operand offsets.
43 CVE-2018-7304 74 2018-02-21 2018-03-12
6.5
None Remote Low Single system Partial Partial Partial
Tiki 17.1 does not validate user input for special characters; consequently, a CSV Injection attack can open a CMD.EXE or Calculator window on the victim machine to perform malicious activity, as demonstrated by an "=cmd|' /C calc'!A0" payload during User Creation.
44 CVE-2018-6519 74 DoS 2018-02-01 2018-10-03
5.0
None Remote Low Not required None None Partial
The SAML2 library before 1.10.4, 2.x before 2.3.5, and 3.x before 3.1.1 in SimpleSAMLphp has a Regular Expression Denial of Service vulnerability for fraction-of-seconds data in a timestamp.
45 CVE-2018-6289 74 Exec Code 2018-02-06 2018-02-23
10.0
None Remote Low Not required Complete Complete Complete
Configuration file injection leading to Code Execution as Root in Kaspersky Secure Mail Gateway version 1.1.
46 CVE-2018-6220 74 Exec Code 2018-03-15 2018-04-04
7.5
None Remote Low Not required Partial Partial Partial
An arbitrary file write vulnerability in Trend Micro Email Encryption Gateway 5.5 could allow an attacker to inject arbitrary data, which may lead to gaining code execution on vulnerable systems.
47 CVE-2018-5172 74 2018-06-11 2018-08-03
4.3
None Remote Medium Not required None Partial None
The Live Bookmarks page and the PDF viewer can run injected script content if a user pastes script from the clipboard into them while viewing RSS feeds or PDF files. This could allow a malicious site to socially engineer a user to copy and paste malicious script content that could then run with the context of either page but does not allow for privilege escalation. This vulnerability affects Firefox < 60.
48 CVE-2018-4235 74 2018-06-08 2018-07-17
2.1
None Local Low Not required None Partial None
An issue was discovered in certain Apple products. iOS before 11.4 is affected. macOS before 10.13.5 is affected. tvOS before 11.4 is affected. watchOS before 4.3.1 is affected. The issue involves the "Messages" component. It allows local users to perform impersonation attacks via an unspecified injection.
49 CVE-2018-3814 74 Exec Code 2018-01-01 2018-01-17
6.5
None Remote Low Single system Partial Partial Partial
Craft CMS 2.6.3000 allows remote attackers to execute arbitrary PHP code by using the "Assets->Upload files" screen and then the "Replace it" option, because this allows a .jpg file to have embedded PHP code, and then be renamed to a .php extension.
50 CVE-2018-3649 74 Exec Code 2018-05-10 2018-06-18
4.6
None Local Low Not required Partial Partial Partial
DLL injection vulnerability in the installation executables (Autorun.exe and Setup.exe) for Intel's wireless drivers and related software in Intel Dual Band Wireless-AC, Tri-Band Wireless-AC and Wireless-AC family of products allows a local attacker to cause escalation of privilege via remote code execution.
Total number of vulnerabilities : 162   Page : 1 (This Page)2 3 4
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.