CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities Published In December 2018

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2018-1002105 388 2018-12-05 2018-12-11
7.5
None Remote Low Not required Partial Partial Partial
In all Kubernetes versions prior to v1.10.11, v1.11.5, and v1.12.3, incorrect handling of error responses to proxied upgrade requests in the kube-apiserver allowed specially crafted requests to establish a connection through the Kubernetes API server to backend servers, then send arbitrary requests over the same connection directly to the backend, authenticated with the Kubernetes API server's TLS credentials used to establish the backend connection.
2 CVE-2018-1002103 2018-12-05 2018-12-05
0.0
None ??? ??? ??? ??? ??? ???
In Minikube versions 0.3.0-0.29.0, minikube exposes the Kubernetes Dashboard listening on the VM IP at port 30000. In VM environments where the IP is easy to predict, the attacker can use DNS rebinding to indirectly make requests to the Kubernetes Dashboard, create a new Kubernetes Deployment running arbitrary code. If minikube mount is in use, the attacker could also directly access the host filesystem.
3 CVE-2018-1002101 2018-12-05 2018-12-05
0.0
None ??? ??? ??? ??? ??? ???
In Kubernetes versions 1.9.0-1.9.9, 1.10.0-1.10.5, and 1.11.0-1.11.1, user input was handled insecurely while setting up volume mounts on Windows nodes, which could lead to command line argument injection.
4 CVE-2018-1002009 XSS 2018-12-03 2018-12-04
0.0
None ??? ??? ??? ??? ??? ???
There is a reflected XSS vulnerability in WordPress Arigato Autoresponder and News letter v2.5.1.8 This vulnerability requires administrative privileges to exploit. There is an XSS vulnerability in unsubscribe.html.php:3: via GET reuqest to the email variable.
5 CVE-2018-1002008 XSS 2018-12-03 2018-12-04
0.0
None ??? ??? ??? ??? ??? ???
There is a reflected XSS vulnerability in WordPress Arigato Autoresponder and News letter v2.5.1.8 This vulnerability requires administrative privileges to exploit. There is an XSS vulnerability in list-user.html.php:4: via GET request offset variable.
6 CVE-2018-1002007 XSS 2018-12-03 2018-12-04
0.0
None ??? ??? ??? ??? ??? ???
There is a reflected XSS vulnerability in WordPress Arigato Autoresponder and News letter v2.5.1.8 This vulnerability requires administrative privileges to exploit. There is an XSS vulnerability in integration-contact-form.html.php:15: via POST request variable html_id.
7 CVE-2018-1002006 XSS 2018-12-03 2018-12-04
0.0
None ??? ??? ??? ??? ??? ???
These vulnerabilities require administrative privileges to exploit. There is an XSS vulnerability in integration-contact-form.html.php:14: via POST request variable classes
8 CVE-2018-1002005 XSS 2018-12-03 2018-12-04
0.0
None ??? ??? ??? ??? ??? ???
These vulnerabilities require administrative privileges to exploit. There is an XSS vulnerability in bft_list.html.php:43: via the filter_signup_date parameter.
9 CVE-2018-1002004 XSS 2018-12-03 2018-12-04
0.0
None ??? ??? ??? ??? ??? ???
There is a reflected XSS vulnerability in WordPress Arigato Autoresponder and News letter v2.5.1.8 This vulnerability requires administrative privileges to exploit.
10 CVE-2018-1002003 XSS 2018-12-03 2018-12-04
0.0
None ??? ??? ??? ??? ??? ???
There is a reflected XSS vulnerability in WordPress Arigato Autoresponder and News letter v2.5.1.8 This vulnerability requires administrative privileges to exploit.
11 CVE-2018-1002002 XSS 2018-12-03 2018-12-04
0.0
None ??? ??? ??? ??? ??? ???
There is a reflected XSS vulnerability in WordPress Arigato Autoresponder and News letter v2.5.1.8 This vulnerability requires administrative privileges to exploit.
12 CVE-2018-1002001 XSS 2018-12-03 2018-12-04
0.0
None ??? ??? ??? ??? ??? ???
There is a reflected XSS vulnerability in WordPress Arigato Autoresponder and News letter v2.5.1.8 This vulnerability requires administrative privileges to exploit.
13 CVE-2018-1002000 Sql 2018-12-03 2018-12-04
0.0
None ??? ??? ??? ??? ??? ???
There is blind SQL injection in WordPress Arigato Autoresponder and Newsletter v2.5.1.8 These vulnerabilities require administrative privileges to exploit. There is an exploitable blind SQL injection vulnerability via the del_ids variable by POST request.
14 CVE-2018-1000866 Exec Code Bypass 2018-12-10 2018-12-10
0.0
None ??? ??? ??? ??? ??? ???
A sandbox bypass vulnerability exists in Pipeline: Groovy Plugin 2.59 and earlier in groovy-sandbox/src/main/java/org/kohsuke/groovy/sandbox/SandboxTransformer.java, groovy-cps/lib/src/main/java/com/cloudbees/groovy/cps/SandboxCpsTransformer.java that allows attackers with Job/Configure permission, or unauthorized attackers with SCM commit privileges and corresponding pipelines based on Jenkinsfiles set up in Jenkins, to execute arbitrary code on the Jenkins master JVM
15 CVE-2018-1000865 Exec Code Bypass 2018-12-10 2018-12-10
0.0
None ??? ??? ??? ??? ??? ???
A sandbox bypass vulnerability exists in Script Security Plugin 1.47 and earlier in groovy-sandbox/src/main/java/org/kohsuke/groovy/sandbox/SandboxTransformer.java that allows attackers with Job/Configure permission to execute arbitrary code on the Jenkins master JVM, if plugins using the Groovy sandbox are installed.
16 CVE-2018-1000864 DoS 2018-12-10 2018-12-13
0.0
None ??? ??? ??? ??? ??? ???
A denial of service vulnerability exists in Jenkins 2.153 and earlier, LTS 2.138.3 and earlier in CronTab.java that allows attackers with Overall/Read permission to have a request handling thread enter an infinite loop.
17 CVE-2018-1000863 2018-12-10 2018-12-13
0.0
None ??? ??? ??? ??? ??? ???
A data modification vulnerability exists in Jenkins 2.153 and earlier, LTS 2.138.3 and earlier in User.java, IdStrategy.java that allows attackers to submit crafted user names that can cause an improper migration of user record storage formats, potentially preventing the victim from logging into Jenkins.
18 CVE-2018-1000862 2018-12-10 2018-12-13
0.0
None ??? ??? ??? ??? ??? ???
An information exposure vulnerability exists in Jenkins 2.153 and earlier, LTS 2.138.3 and earlier in DirectoryBrowserSupport.java that allows attackers with the ability to control build output to browse the file system on agents running builds beyond the duration of the build using the workspace browser.
19 CVE-2018-1000861 Exec Code 2018-12-10 2018-12-13
0.0
None ??? ??? ??? ??? ??? ???
A code execution vulnerability exists in the Stapler web framework used by Jenkins 2.153 and earlier, LTS 2.138.3 and earlier in stapler/core/src/main/java/org/kohsuke/stapler/MetaClass.java that allows attackers to invoke some methods on Java objects by accessing crafted URLs that were not intended to be invoked this way.
20 CVE-2018-20190 DoS 2018-12-17 2018-12-17
0.0
None ??? ??? ??? ??? ??? ???
In LibSass 3.5.5, a NULL Pointer Dereference in the function Sass::Eval::operator()(Sass::Supports_Operator*) in eval.cpp may cause a Denial of Service (application crash) via a crafted sass input file.
21 CVE-2018-20189 DoS 2018-12-17 2018-12-17
0.0
None ??? ??? ??? ??? ??? ???
In GraphicsMagick 1.3.31, the ReadDIBImage function of coders/dib.c has a vulnerability allowing a crash and denial of service via a dib file that is crafted to appear with direct pixel values and also colormapping (which is not available beyond 8-bits/sample), and therefore lacks indexes initialization.
22 CVE-2018-20188 CSRF 2018-12-17 2018-12-17
0.0
None ??? ??? ??? ??? ??? ???
FUEL CMS 1.4.3 has CSRF via users/create/ to add an administrator account.
23 CVE-2018-20186 2018-12-17 2018-12-17
0.0
None ??? ??? ??? ??? ??? ???
An issue was discovered in Bento4 1.5.1-627. AP4_Sample::ReadData in Core/Ap4Sample.cpp allows attackers to trigger an attempted excessive memory allocation, related to AP4_DataBuffer::SetDataSize and AP4_DataBuffer::ReallocateBuffer in Core/Ap4DataBuffer.cpp.
24 CVE-2018-20185 DoS 2018-12-17 2018-12-17
0.0
None ??? ??? ??? ??? ??? ???
In GraphicsMagick 1.4 snapshot-20181209 Q8 on 32-bit platforms, there is a heap-based buffer over-read in the ReadBMPImage function of bmp.c, which allows attackers to cause a denial of service via a crafted bmp image file. This only affects GraphicsMagick installations with customized BMP limits.
25 CVE-2018-20184 DoS Overflow 2018-12-17 2018-12-17
0.0
None ??? ??? ??? ??? ??? ???
In GraphicsMagick 1.4 snapshot-20181209 Q8, there is a heap-based buffer overflow in the WriteTGAImage function of tga.c, which allows attackers to cause a denial of service via a crafted image file, because the number of rows or columns can exceed the pixel-dimension restrictions of the TGA specification.
26 CVE-2018-20173 Sql 2018-12-17 2018-12-17
0.0
None ??? ??? ??? ??? ??? ???
Zoho ManageEngine OpManager 12.3 before 123238 allows SQL injection via the getGraphData API.
27 CVE-2018-20172 XSS 2018-12-17 2018-12-17
0.0
None ??? ??? ??? ??? ??? ???
An issue was discovered in Nagios XI before 5.5.8. The rss_url parameter of rss_dashlet/magpierss/scripts/magpie_slashbox.php is not filtered, resulting in an XSS vulnerability.
28 CVE-2018-20171 XSS 2018-12-17 2018-12-17
0.0
None ??? ??? ??? ??? ??? ???
An issue was discovered in Nagios XI before 5.5.8. The url parameter of rss_dashlet/magpierss/scripts/magpie_simple.php is not filtered, resulting in an XSS vulnerability.
29 CVE-2018-20170 2018-12-17 2018-12-17
0.0
None ??? ??? ??? ??? ??? ???
** DISPUTED ** OpenStack Keystone through 14.0.1 has a user enumeration vulnerability because invalid usernames have much faster responses than valid ones for a POST /v3/auth/tokens request. NOTE: the vendor feels that the benefit to changing this might be too small relative to the performance degradation.
30 CVE-2018-20169 2018-12-17 2018-12-17
0.0
None ??? ??? ??? ??? ??? ???
An issue was discovered in the Linux kernel before 4.19.9. The USB subsystem mishandles size checks during the reading of an extra descriptor, related to __usb_get_extra_descriptor in drivers/usb/core/usb.c.
31 CVE-2018-20168 DoS 2018-12-17 2018-12-17
0.0
None ??? ??? ??? ??? ??? ???
Google gVisor before 2018-08-22 reuses a pagetable in a different level with the paging-structure cache intact, which allows attackers to cause a denial of service ("physical address not valid" panic) via a crafted application.
32 CVE-2018-20167 Exec Code 2018-12-17 2018-12-17
0.0
None ??? ??? ??? ??? ??? ???
Terminology before 1.3.1 allows Remote Code Execution because popmedia is mishandled, as demonstrated by an unsafe "cat README.md" command when \e}pn is used. A popmedia control sequence can allow the malicious execution of executable file formats registered in the X desktop share MIME types (/usr/share/applications). The control sequence defers unknown file types to the handle_unknown_media() function, which executes xdg-open against the filename specified in the sequence. The use of xdg-open for all unknown file types allows executable file formats with a registered shared MIME type to be executed. An attacker can achieve remote code execution by introducing an executable file and a plain text file containing the control sequence through a fake software project (e.g., in Git or a tarball). When the control sequence is rendered (such as with cat), the executable file will be run.
33 CVE-2018-20161 2018-12-15 2018-12-15
0.0
None ??? ??? ??? ??? ??? ???
A design flaw in the BlinkForHome (aka Blink For Home) Sync Module 2.10.4 and earlier allows attackers to disable cameras via Wi-Fi, because incident clips (triggered by the motion sensor) are not saved if the attacker's traffic (such as Dot11Deauth) successfully disconnects the Sync Module from the Wi-Fi network. (Access to live video from the app also becomes unavailable.)
34 CVE-2018-20159 Exec Code 2018-12-15 2018-12-15
0.0
None ??? ??? ??? ??? ??? ???
i-doit open 1.11.2 allows Remote Code Execution because ZIP archives are mishandled. It has an upload feature that allows an authenticated user with the administrator role to upload arbitrary files to the main website directory. Exploitation involves uploading a ".php" file within a ".zip" file because a ZIP archive is accepted by /admin/?req=modules&action=add as a plugin, and extracted to the main directory. In order for the ".zip" file to be accepted, it must also contain a package.json file.
35 CVE-2018-20157 2018-12-14 2018-12-14
0.0
None ??? ??? ??? ??? ??? ???
The data import functionality in OpenRefine through 3.1 allows an XML External Entity (XXE) attack through a crafted (zip) file, allowing attackers to read arbitrary files.
36 CVE-2018-20156 Exec Code 2018-12-14 2018-12-14
0.0
None ??? ??? ??? ??? ??? ???
The WP Maintenance Mode plugin before 2.0.7 for WordPress allows remote authenticated "site administrator" users to execute arbitrary PHP code throughout a multisite network.
37 CVE-2018-20155 Bypass 2018-12-14 2018-12-14
0.0
None ??? ??? ??? ??? ??? ???
The WP Maintenance Mode plugin before 2.0.7 for WordPress allows remote authenticated subscriber users to bypass intended access restrictions on changes to plugin settings.
38 CVE-2018-20154 2018-12-14 2018-12-14
0.0
None ??? ??? ??? ??? ??? ???
The WP Maintenance Mode plugin before 2.0.7 for WordPress allows remote authenticated users to discover all subscriber e-mail addresses.
39 CVE-2018-20153 XSS 2018-12-14 2018-12-17
0.0
None ??? ??? ??? ??? ??? ???
In WordPress before 4.9.9 and 5.x before 5.0.1, contributors could modify new comments made by users with greater privileges, possibly causing XSS.
40 CVE-2018-20152 Bypass 2018-12-14 2018-12-17
0.0
None ??? ??? ??? ??? ??? ???
In WordPress before 4.9.9 and 5.x before 5.0.1, authors could bypass intended restrictions on post types via crafted input.
41 CVE-2018-20151 2018-12-14 2018-12-17
0.0
None ??? ??? ??? ??? ??? ???
In WordPress before 4.9.9 and 5.x before 5.0.1, the user-activation page could be read by a search engine's web crawler if an unusual configuration were chosen. The search engine could then index and display a user's e-mail address and (rarely) the password that was generated by default.
42 CVE-2018-20150 XSS 2018-12-14 2018-12-17
0.0
None ??? ??? ??? ??? ??? ???
In WordPress before 4.9.9 and 5.x before 5.0.1, crafted URLs could trigger XSS for certain use cases involving plugins.
43 CVE-2018-20149 XSS Bypass 2018-12-14 2018-12-17
0.0
None ??? ??? ??? ??? ??? ???
In WordPress before 4.9.9 and 5.x before 5.0.1, when the Apache HTTP Server is used, authors could upload crafted files that bypass intended MIME type restrictions, leading to XSS, as demonstrated by a .jpg file without JPEG data.
44 CVE-2018-20148 2018-12-14 2018-12-17
0.0
None ??? ??? ??? ??? ??? ???
In WordPress before 4.9.9 and 5.x before 5.0.1, contributors could conduct PHP object injection attacks via crafted metadata in a wp.getMediaItem XMLRPC call. This is caused by mishandling of serialized data at phar:// URLs in the wp_get_attachment_thumb_file function in wp-includes/post.php.
45 CVE-2018-20147 Bypass 2018-12-14 2018-12-17
0.0
None ??? ??? ??? ??? ??? ???
In WordPress before 4.9.9 and 5.x before 5.0.1, authors could modify metadata to bypass intended restrictions on deleting files.
46 CVE-2018-20145 Bypass 2018-12-13 2018-12-13
0.0
None ??? ??? ??? ??? ??? ???
Eclipse Mosquitto 1.5.x before 1.5.5 allows ACL bypass: if the option per_listener_settings was set to true, and the default listener was in use, and the default listener specified an acl_file, then the acl file was being ignored.
47 CVE-2018-20138 XSS 2018-12-13 2018-12-13
0.0
None ??? ??? ??? ??? ??? ???
PHP Scripts Mall Entrepreneur B2B Script 3.0.6 allows Stored XSS via Account Settings fields such as FirstName and LastName, a similar issue to CVE-2018-14541.
48 CVE-2018-20137 XSS 2018-12-13 2018-12-13
0.0
None ??? ??? ??? ??? ??? ???
XSS exists in FUEL CMS 1.4.3 via the Page title, Meta description, or Meta keywords during page data management, as demonstrated by the pages/edit/1?lang=english URI.
49 CVE-2018-20136 XSS 2018-12-13 2018-12-13
0.0
None ??? ??? ??? ??? ??? ???
XSS exists in FUEL CMS 1.4.3 via the Header or Body in the Layout Variables during new-page creation, as demonstrated by the pages/edit/1?lang=english URI.
50 CVE-2018-20133 2018-12-17 2018-12-17
0.0
None ??? ??? ??? ??? ??? ???
ymlref allows code injection.
Total number of vulnerabilities : 634   Page : 1 (This Page)2 3 4 5 6 7 8 9 10 11 12 13
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.