# |
CVE ID
|
CWE ID
|
# of Exploits
|
Vulnerability Type(s)
|
Publish Date
|
Update Date
|
Score
|
Gained Access Level
|
Access
|
Complexity
|
Authentication
|
Conf.
|
Integ.
|
Avail.
|
1 |
CVE-2018-19477 |
704 |
|
Bypass |
2018-11-23 |
2019-04-25 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
psi/zfjbig2.c in Artifex Ghostscript before 9.26 allows remote attackers to bypass intended access restrictions because of a JBIG2Decode type confusion. |
2 |
CVE-2018-19476 |
704 |
|
Bypass |
2018-11-23 |
2019-04-25 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
psi/zicc.c in Artifex Ghostscript before 9.26 allows remote attackers to bypass intended access restrictions because of a setcolorspace type confusion. |
3 |
CVE-2018-19475 |
|
|
Bypass |
2018-11-23 |
2019-10-03 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
psi/zdevice2.c in Artifex Ghostscript before 9.26 allows remote attackers to bypass intended access restrictions because available stack space is not checked when the device remains the same. |
4 |
CVE-2018-18352 |
732 |
|
Bypass |
2018-12-11 |
2019-10-03 |
4.3 |
None |
Remote |
Medium |
Not required |
Partial |
None |
None |
Service works could inappropriately gain access to cross origin audio in Media in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to bypass same origin policy for audio content via a crafted HTML page. |
5 |
CVE-2018-18351 |
20 |
|
Bypass |
2018-12-11 |
2019-08-17 |
4.3 |
None |
Remote |
Medium |
Not required |
Partial |
None |
None |
Lack of proper validation of ancestor frames site when sending lax cookies in Navigation in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to bypass SameSite cookie policy via a crafted HTML page. |
6 |
CVE-2018-18350 |
|
|
Bypass |
2018-12-11 |
2019-10-03 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
Incorrect handling of CSP enforcement during navigations in Blink in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to bypass content security policy via a crafted HTML page. |
7 |
CVE-2018-18345 |
|
|
Bypass |
2018-12-11 |
2019-10-03 |
4.3 |
None |
Remote |
Medium |
Not required |
Partial |
None |
None |
Incorrect handling of blob URLS in Site Isolation in Google Chrome prior to 71.0.3578.80 allowed a remote attacker who had compromised the renderer process to bypass site isolation protections via a crafted HTML page. |
8 |
CVE-2018-18284 |
|
|
Bypass |
2018-10-19 |
2019-11-05 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
Artifex Ghostscript 9.25 and earlier allows attackers to bypass a sandbox protection mechanism via vectors involving the 1Policy operator. |
9 |
CVE-2018-18073 |
200 |
|
Bypass +Info |
2018-10-15 |
2020-10-22 |
4.3 |
None |
Remote |
Medium |
Not required |
Partial |
None |
None |
Artifex Ghostscript allows attackers to bypass a sandbox protection mechanism by leveraging exposure of system operators in the saved execution stack in an error object. |
10 |
CVE-2018-17961 |
209 |
|
Bypass |
2018-10-15 |
2019-10-03 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
Artifex Ghostscript 9.25 and earlier allows attackers to bypass a sandbox protection mechanism via vectors involving errorhandler setup. NOTE: this issue exists because of an incomplete fix for CVE-2018-17183. |
11 |
CVE-2018-16863 |
78 |
|
Exec Code Bypass |
2018-12-03 |
2019-10-09 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
It was found that RHSA-2018:2918 did not fully fix CVE-2018-16509. An attacker could possibly exploit another variant of the flaw and bypass the -dSAFER protection to, for example, execute arbitrary shell commands via a specially crafted PostScript document. This only affects ghostscript 9.07 as shipped with Red Hat Enterprise Linux 7. |
12 |
CVE-2018-15908 |
|
|
Bypass |
2018-08-27 |
2019-10-03 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
In Artifex Ghostscript 9.23 before 2018-08-23, attackers are able to supply malicious PostScript files to bypass .tempfile restrictions and write files. |
13 |
CVE-2018-12825 |
|
|
Bypass |
2018-08-29 |
2019-10-03 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
Adobe Flash Player 30.0.0.134 and earlier have a security bypass vulnerability. Successful exploitation could lead to security mitigation bypass. |
14 |
CVE-2018-12364 |
352 |
|
Bypass CSRF |
2018-10-18 |
2018-12-03 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
NPAPI plugins, such as Adobe Flash, can send non-simple cross-origin requests, bypassing CORS by making a same-origin POST that does a 307 redirect to the target site. This allows for a malicious site to engage in cross-site request forgery (CSRF) attacks. This vulnerability affects Thunderbird < 60, Thunderbird < 52.9, Firefox ESR < 60.1, Firefox ESR < 52.9, and Firefox < 61. |
15 |
CVE-2018-11235 |
22 |
|
Exec Code Dir. Trav. Bypass |
2018-05-30 |
2020-05-02 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
In Git before 2.13.7, 2.14.x before 2.14.4, 2.15.x before 2.15.2, 2.16.x before 2.16.4, and 2.17.x before 2.17.1, remote code execution can occur. With a crafted .gitmodules file, a malicious project can execute an arbitrary script on a machine that runs "git clone --recurse-submodules" because submodule "names" are obtained from this file, and then appended to $GIT_DIR/modules, leading to directory traversal with "../" in a name. Finally, post-checkout hooks from a submodule are executed, bypassing the intended design in which hooks are not obtained from a remote server. |
16 |
CVE-2018-10915 |
89 |
|
Sql Bypass |
2018-08-09 |
2021-08-04 |
6.0 |
None |
Remote |
Medium |
??? |
Partial |
Partial |
Partial |
A vulnerability was found in libpq, the default PostgreSQL client library where libpq failed to properly reset its internal state between connections. If an affected version of libpq was used with "host" or "hostaddr" connection parameters from untrusted input, attackers could bypass client-side connection security features, obtain access to higher privileged connections or potentially cause other impact through SQL injection, by causing the PQescape() functions to malfunction. Postgresql versions before 10.5, 9.6.10, 9.5.14, 9.4.19, and 9.3.24 are affected. |
17 |
CVE-2018-10906 |
269 |
|
DoS Bypass |
2018-07-24 |
2019-10-03 |
4.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
In fuse before versions 2.9.8 and 3.x before 3.2.5, fusermount is vulnerable to a restriction bypass when SELinux is active. This allows non-root users to mount a FUSE file system with the 'allow_other' mount option regardless of whether 'user_allow_other' is set in the fuse configuration. An attacker may use this flaw to mount a FUSE file system, accessible by other users, and trick them into accessing files on that file system, possibly causing Denial of Service or other unspecified effects. |
18 |
CVE-2018-8088 |
|
|
Bypass |
2018-03-20 |
2022-01-31 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
org.slf4j.ext.EventData in the slf4j-ext module in QOS.CH SLF4J before 1.8.0-beta2 allows remote attackers to bypass intended access restrictions via crafted data. EventData in the slf4j-ext module in QOS.CH SLF4J, has been fixed in SLF4J versions 1.7.26 later and in the 2.0.x series. |
19 |
CVE-2018-6764 |
346 |
|
Exec Code Bypass |
2018-02-23 |
2019-10-03 |
4.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
util/virlog.c in libvirt does not properly determine the hostname on LXC container startup, which allows local guest OS users to bypass an intended container protection mechanism and execute arbitrary commands via a crafted NSS module. |
20 |
CVE-2018-6070 |
79 |
|
XSS Bypass |
2018-11-14 |
2019-10-03 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
Lack of CSP enforcement on WebUI pages in Bink in Google Chrome prior to 65.0.3325.146 allowed an attacker who convinced a user to install a malicious extension to bypass content security policy via a crafted Chrome Extension. |
21 |
CVE-2018-6057 |
732 |
|
Bypass |
2018-11-14 |
2019-10-03 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
Lack of special casing of Android ashmem in Google Chrome prior to 65.0.3325.146 allowed a remote attacker who had compromised the renderer process to bypass inter-process read only guarantees via a crafted HTML page. |
22 |
CVE-2018-6040 |
732 |
|
Bypass |
2018-09-25 |
2019-10-03 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
Insufficient policy enforcement in Blink in Google Chrome prior to 64.0.3282.119 allowed a remote attacker to potentially bypass content security policy via a crafted HTML page. |
23 |
CVE-2018-5729 |
476 |
|
DoS Bypass |
2018-03-06 |
2021-10-18 |
6.5 |
None |
Remote |
Low |
??? |
Partial |
Partial |
Partial |
MIT krb5 1.6 or later allows an authenticated kadmin with permission to add principals to an LDAP Kerberos database to cause a denial of service (NULL pointer dereference) or bypass a DN container check by supplying tagged data that is internal to the database module. |
24 |
CVE-2018-5168 |
|
|
Bypass |
2018-06-11 |
2020-08-24 |
5.0 |
None |
Remote |
Low |
Not required |
None |
Partial |
None |
Sites can bypass security checks on permissions to install lightweight themes by manipulating the "baseURI" property of the theme element. This could allow a malicious site to install a theme without user interaction which could contain offensive or embarrassing images. This vulnerability affects Thunderbird < 52.8, Thunderbird ESR < 52.8, Firefox < 60, and Firefox ESR < 52.8. |
25 |
CVE-2018-5157 |
200 |
|
Bypass +Info |
2018-06-11 |
2019-03-13 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
Same-origin protections for the PDF viewer can be bypassed, allowing a malicious site to intercept messages meant for the viewer. This could allow the site to retrieve PDF files restricted to viewing by an authenticated user on a third-party website. This vulnerability affects Firefox ESR < 52.8 and Firefox < 60. |
26 |
CVE-2018-4117 |
200 |
|
Bypass +Info |
2018-04-03 |
2018-11-09 |
4.3 |
None |
Remote |
Medium |
Not required |
Partial |
None |
None |
An issue was discovered in certain Apple products. iOS before 11.3 is affected. Safari before 11.1 is affected. iCloud before 7.4 on Windows is affected. iTunes before 12.7.4 on Windows is affected. watchOS before 4.3 is affected. The issue involves the fetch API in the "WebKit" component. It allows remote attackers to bypass the Same Origin Policy and obtain sensitive information via a crafted web site. |
27 |
CVE-2018-3639 |
203 |
|
Bypass |
2018-05-22 |
2021-08-13 |
2.1 |
None |
Local |
Low |
Not required |
Partial |
None |
None |
Systems with microprocessors utilizing speculative execution and speculative execution of memory reads before the addresses of all prior memory writes are known may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis, aka Speculative Store Bypass (SSB), Variant 4. |
28 |
CVE-2018-1129 |
287 |
|
Bypass |
2018-07-10 |
2019-08-29 |
3.3 |
None |
Local Network |
Low |
Not required |
None |
Partial |
None |
A flaw was found in the way signature calculation was handled by cephx authentication protocol. An attacker having access to ceph cluster network who is able to alter the message payload was able to bypass signature checks done by cephx protocol. Ceph branches master, mimic, luminous and jewel are believed to be vulnerable. |
29 |
CVE-2018-1106 |
287 |
|
Bypass |
2018-04-23 |
2019-10-09 |
2.1 |
None |
Local |
Low |
Not required |
None |
Partial |
None |
An authentication bypass flaw has been found in PackageKit before 1.1.10 that allows users without administrator privileges to install signed packages. A local attacker can use this vulnerability to install vulnerable packages to further compromise a system. |
30 |
CVE-2017-7814 |
20 |
|
Bypass |
2018-06-11 |
2018-08-06 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
File downloads encoded with "blob:" and "data:" URL elements bypassed normal file download checks though the Phishing and Malware Protection feature and its block lists of suspicious sites and files. This would allow malicious sites to lure users into downloading executables that would otherwise be detected as suspicious. This vulnerability affects Firefox < 56, Firefox ESR < 52.4, and Thunderbird < 52.4. |
31 |
CVE-2017-7787 |
200 |
|
Bypass +Info |
2018-06-11 |
2018-08-03 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
Same-origin policy protections can be bypassed on pages with embedded iframes during page reloads, allowing the iframes to access content on the top level page, leading to information disclosure. This vulnerability affects Thunderbird < 52.3, Firefox ESR < 52.3, and Firefox < 55. |
32 |
CVE-2017-7562 |
287 |
|
Bypass |
2018-07-26 |
2020-01-21 |
4.0 |
None |
Remote |
Low |
??? |
None |
Partial |
None |
An authentication bypass flaw was found in the way krb5's certauth interface before 1.16.1 handled the validation of client certificates. A remote attacker able to communicate with the KDC could potentially use this flaw to impersonate arbitrary principals under rare and erroneous circumstances. |
33 |
CVE-2017-7537 |
798 |
|
Bypass |
2018-07-26 |
2019-10-09 |
5.0 |
None |
Remote |
Low |
Not required |
None |
Partial |
None |
It was found that a mock CMC authentication plugin with a hardcoded secret was accidentally enabled by default in the pki-core package before 10.6.4. An attacker could potentially use this flaw to bypass the regular authentication process and trick the CA server into issuing certificates. |
34 |
CVE-2017-5456 |
732 |
|
Bypass |
2018-06-11 |
2019-10-03 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
A mechanism to bypass file system access protections in the sandbox using the file system request constructor through an IPC message. This allows for read and write access to the local file system. This vulnerability affects Firefox ESR < 52.1 and Firefox < 53. |
35 |
CVE-2017-5454 |
200 |
|
Bypass +Info |
2018-06-11 |
2018-08-09 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
A mechanism to bypass file system access protections in the sandbox to use the file picker to access different files than those selected in the file picker through the use of relative paths. This allows for read only access to the local file system. This vulnerability affects Thunderbird < 52.1, Firefox ESR < 52.1, and Firefox < 53. |
36 |
CVE-2017-5400 |
119 |
|
Overflow Mem. Corr. Bypass |
2018-06-11 |
2018-08-07 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
JIT-spray targeting asm.js combined with a heap spray allows for a bypass of ASLR and DEP protections leading to potential memory corruption attacks. This vulnerability affects Firefox < 52, Firefox ESR < 45.8, Thunderbird < 52, and Thunderbird < 45.8. |
37 |
CVE-2017-5375 |
119 |
|
Overflow Mem. Corr. Bypass |
2018-06-11 |
2018-08-02 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
JIT code allocation can allow for a bypass of ASLR and DEP protections leading to potential memory corruption attacks. This vulnerability affects Thunderbird < 45.7, Firefox ESR < 45.7, and Firefox < 51. |
38 |
CVE-2016-9900 |
254 |
|
Bypass |
2018-06-11 |
2018-08-03 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
External resources that should be blocked when loaded by SVG images can bypass security restrictions through the use of "data:" URLs. This could allow for cross-domain data leakage. This vulnerability affects Firefox < 50.1, Firefox ESR < 45.6, and Thunderbird < 45.6. |