CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities Published In May 2018

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2018-1000400 2018-05-18 2018-05-25
0.0
None ??? ??? ??? ??? ??? ???
Kubernetes CRI-O version prior to 1.9 contains a Privilege Context Switching Error (CWE-270) vulnerability in the handling of ambient capabilities that can result in containers running with elevated privileges, allowing users abilities they should not have. This attack appears to be exploitable via container execution. This vulnerability appears to have been fixed in 1.9.
2 CVE-2018-1000301 DoS 2018-05-24 2018-05-25
0.0
None ??? ??? ??? ??? ??? ???
curl version curl 7.20.0 to and including curl 7.59.0 contains a CWE-126: Buffer Over-read vulnerability in denial of service that can result in curl can be tricked into reading data beyond the end of a heap based buffer used to store downloaded RTSP content.. This vulnerability appears to have been fixed in curl < 7.20.0 and curl >= 7.60.0.
3 CVE-2018-1000300 DoS Overflow 2018-05-24 2018-05-25
0.0
None ??? ??? ??? ??? ??? ???
curl version curl 7.54.1 to and including curl 7.59.0 contains a CWE-122: Heap-based Buffer Overflow vulnerability in denial of service and more that can result in curl might overflow a heap based memory buffer when closing down an FTP connection with very long server command replies.. This vulnerability appears to have been fixed in curl < 7.54.1 and curl >= 7.60.0.
4 CVE-2018-1000199 Exec Code Mem. Corr. 2018-05-24 2018-05-29
0.0
None ??? ??? ??? ??? ??? ???
The Linux Kernel version 3.18 contains a dangerous feature vulnerability in modify_user_hw_breakpoint() that can result in crash and possibly memory corruption. This attack appear to be exploitable via local code execution and the ability to use ptrace. This vulnerability appears to have been fixed in git commit f67b15037a7a50c57f72e69a6d59941ad90a0f0f.
5 CVE-2018-1000179 476 DoS 2018-05-08 2018-06-13
5.0
None Remote Low Not required None None Partial
A NULL Pointer Dereference of CWE-476 exists in quassel version 0.12.4 in the quasselcore void CoreAuthHandler::handle(const Login &msg) coreauthhandler.cpp line 235 that allows an attacker to cause a denial of service.
6 CVE-2018-1000178 119 Exec Code Overflow 2018-05-08 2018-06-12
7.5
None Remote Low Not required Partial Partial Partial
A heap corruption of type CWE-120 exists in quassel version 0.12.4 in quasselcore in void DataStreamPeer::processMessage(const QByteArray &msg) datastreampeer.cpp line 62 that allows an attacker to execute code remotely.
7 CVE-2018-1000177 79 XSS 2018-05-08 2018-06-13
3.5
None Remote Medium Single system None Partial None
A cross-site scripting vulnerability exists in Jenkins S3 Plugin 0.10.12 and older in src/main/resources/hudson/plugins/s3/S3ArtifactsProjectAction/jobMain.jelly that allows attackers able to control file names of uploaded files to define file names containing JavaScript that would be executed in another user's browser when that user performs some UI actions.
8 CVE-2018-1000176 200 +Info 2018-05-08 2018-06-13
4.0
None Remote Low Single system Partial None None
An exposure of sensitive information vulnerability exists in Jenkins Email Extension Plugin 2.61 and older in src/main/resources/hudson/plugins/emailext/ExtendedEmailPublisher/global.groovy and ExtendedEmailPublisherDescriptor.java that allows attackers with control of a Jenkins administrator's web browser (e.g. malicious extension) to retrieve the configured SMTP password.
9 CVE-2018-1000175 22 Dir. Trav. 2018-05-08 2018-06-13
4.0
None Remote Low Single system None Partial None
A path traversal vulnerability exists in Jenkins HTML Publisher Plugin 1.15 and older in HtmlPublisherTarget.java that allows attackers able to configure the HTML Publisher build step to override arbitrary files on the Jenkins master.
10 CVE-2018-1000174 601 2018-05-08 2018-06-13
5.8
None Remote Medium Not required Partial Partial None
An open redirect vulnerability exists in Jenkins Google Login Plugin 1.3 and older in GoogleOAuth2SecurityRealm.java that allows attackers to redirect users to an arbitrary URL after successful login.
11 CVE-2018-1000173 384 2018-05-08 2018-06-13
4.3
None Remote Medium Not required Partial None None
A session fixaction vulnerability exists in Jenkins Google Login Plugin 1.3 and older in GoogleOAuth2SecurityRealm.java that allows unauthorized attackers to impersonate another user if they can control the pre-authentication session.
12 CVE-2018-1000168 20 DoS 2018-05-08 2018-06-14
5.0
None Remote Low Not required None None Partial
nghttp2 version >= 1.10.0 and nghttp2 <= v1.31.0 contains an Improper Input Validation CWE-20 vulnerability in ALTSVC frame handling that can result in segmentation fault leading to denial of service. This attack appears to be exploitable via network client. This vulnerability appears to have been fixed in >= 1.31.1.
13 CVE-2018-1000155 DoS 2018-05-24 2018-05-24
0.0
None ??? ??? ??? ??? ??? ???
OpenFlow version 1.0 onwards contains a Denial of Service and Improper authorization vulnerability in OpenFlow handshake: The DPID (DataPath IDentifier) in the features_reply message are inherently trusted by the controller. that can result in Denial of Service, Unauthorized Access, Network Instability. This attack appear to be exploitable via Network connectivity: the attacker must first establish a transport connection with the OpenFlow controller and then initiate the OpenFlow handshake.
14 CVE-2018-1000040 DoS 2018-05-24 2018-05-24
0.0
None ??? ??? ??? ??? ??? ???
In MuPDF 1.12.0 and earlier, multiple use of uninitialized value bugs in the PDF parser could allow an attacker to cause a denial of service (crash) or influence program flow via a crafted file.
15 CVE-2018-1000039 DoS Exec Code 2018-05-24 2018-05-24
0.0
None ??? ??? ??? ??? ??? ???
In MuPDF 1.12.0 and earlier, multiple heap use after free bugs in the PDF parser could allow an attacker to execute arbitrary code, read memory, or cause a denial of service via a crafted file.
16 CVE-2018-1000038 Exec Code Overflow 2018-05-24 2018-05-24
0.0
None ??? ??? ??? ??? ??? ???
In MuPDF 1.12.0 and earlier, a stack buffer overflow in function pdf_lookup_cmap_full in pdf/pdf-cmap.c could allow an attacker to execute arbitrary code via a crafted file.
17 CVE-2018-1000037 DoS 2018-05-24 2018-05-24
0.0
None ??? ??? ??? ??? ??? ???
In MuPDF 1.12.0 and earlier, multiple reachable assertions in the PDF parser allow an attacker to cause a denial of service (assert crash) via a crafted file.
18 CVE-2018-1000036 DoS 2018-05-24 2018-05-24
0.0
None ??? ??? ??? ??? ??? ???
In MuPDF 1.12.0 and earlier, multiple memory leaks in the PDF parser allow an attacker to cause a denial of service (memory leak) via a crafted file.
19 CVE-2018-11633 CSRF 2018-05-31 2018-05-31
0.0
None ??? ??? ??? ??? ??? ???
An issue was discovered in the MULTIDOTS Woo Checkout for Digital Goods plugin 2.1 for WordPress. If an admin user can be tricked into visiting a crafted URL created by an attacker (via spear phishing/social engineering), the attacker can change the plugin settings. The function woo_checkout_settings_page in the file class-woo-checkout-for-digital-goods-admin.php doesn't do any check against wp-admin/admin-post.php Cross-site request forgery (CSRF) and user capabilities.
20 CVE-2018-11632 CSRF 2018-05-31 2018-05-31
0.0
None ??? ??? ??? ??? ??? ???
An issue was discovered in the MULTIDOTS Add Social Share Messenger Buttons Whatsapp and Viber plugin 1.0.8 for WordPress. If an admin user can be tricked into visiting a crafted URL created by an attacker (via spear phishing/social engineering), the attacker can change the plugin settings via wp-admin/admin-post.php CSRF. There's no nonce or capability check in the whatsapp_share_setting_add_update() function.
21 CVE-2018-11631 2018-05-31 2018-05-31
0.0
None ??? ??? ??? ??? ??? ???
Rondaful M1 Wristband Smart Band 1 devices allow remote attackers to send an arbitrary number of call or SMS notifications via crafted Bluetooth Low Energy (BLE) traffic.
22 CVE-2018-11627 XSS 2018-05-31 2018-05-31
0.0
None ??? ??? ??? ??? ??? ???
Sinatra before 2.0.2 has XSS via the 400 Bad Request page that occurs upon a params parser exception.
23 CVE-2018-11626 Overflow 2018-05-31 2018-05-31
0.0
None ??? ??? ??? ??? ??? ???
SELA (aka SimplE Lossless Audio) v0.1.2-alpha has a stack-based buffer overflow in the core/apev2.c init_apev2_keys function.
24 CVE-2018-11625 119 Overflow 2018-05-31 2018-06-13
6.8
None Remote Medium Not required Partial Partial Partial
In ImageMagick 7.0.7-37 Q16, SetGrayscaleImage in the quantize.c file allows attackers to cause a heap-based buffer over-read via a crafted file.
25 CVE-2018-11624 416 2018-05-31 2018-06-06
6.8
None Remote Medium Not required Partial Partial Partial
In ImageMagick 7.0.7-36 Q16, the ReadMATImage function in coders/mat.c allows attackers to cause a use after free via a crafted file.
26 CVE-2018-11598 125 DoS Overflow 2018-05-31 2018-06-08
5.8
None Remote Medium Not required Partial None Partial
Espruino before 1.99 allows attackers to cause a denial of service (application crash) and a potential Information Disclosure with user crafted input files via a Buffer Overflow or Out-of-bounds Read during syntax parsing of certain for loops in jsparse.c.
27 CVE-2018-11597 119 DoS Overflow 2018-05-31 2018-06-08
4.3
None Remote Medium Not required None None Partial
Espruino before 1.99 allows attackers to cause a denial of service (application crash) with a user crafted input file via a Buffer Overflow during syntax parsing because of a missing check for stack exhaustion with many '{' characters in jsparse.c.
28 CVE-2018-11596 119 DoS Overflow 2018-05-31 2018-06-08
4.3
None Remote Medium Not required None None Partial
Espruino before 1.99 allows attackers to cause a denial of service (application crash) with a user crafted input file via a Buffer Overflow during syntax parsing because a check for '\0' is made for the wrong array element in jsvar.c.
29 CVE-2018-11595 119 DoS Overflow 2018-05-31 2018-06-08
6.8
None Remote Medium Not required Partial Partial Partial
Espruino before 1.99 allows attackers to cause a denial of service (application crash) and a potential Escalation of Privileges with a user crafted input file via a Buffer Overflow during syntax parsing, because strncat is misused.
30 CVE-2018-11594 119 DoS Overflow 2018-05-31 2018-06-08
4.3
None Remote Medium Not required None None Partial
Espruino before 1.99 allows attackers to cause a denial of service (application crash) with a user crafted input file via a Buffer Overflow during syntax parsing of "VOID" tokens in jsparse.c.
31 CVE-2018-11593 119 DoS Overflow 2018-05-31 2018-06-08
5.8
None Remote Medium Not required Partial None Partial
Espruino before 1.99 allows attackers to cause a denial of service (application crash) and potential Information Disclosure with a user crafted input file via a Buffer Overflow during syntax parsing because strncpy is misused in jslex.c.
32 CVE-2018-11592 125 DoS 2018-05-31 2018-06-08
4.3
None Remote Medium Not required None None Partial
Espruino before 1.98 allows attackers to cause a denial of service (application crash) with a user crafted input file via an Out-of-bounds Read during syntax parsing in which certain height validation is missing in libs/graphics/jswrap_graphics.c.
33 CVE-2018-11591 476 DoS 2018-05-31 2018-06-08
4.3
None Remote Medium Not required None None Partial
Espruino before 1.98 allows attackers to cause a denial of service (application crash) with a user crafted input file via a NULL pointer dereference during syntax parsing. This was addressed by adding validation for a debug trace print statement in jsvar.c.
34 CVE-2018-11590 190 DoS Overflow 2018-05-31 2018-06-08
4.3
None Remote Medium Not required None None Partial
Espruino before 1.99 allows attackers to cause a denial of service (application crash) with a user crafted input file via an integer overflow during syntax parsing. This was addressed by fixing stack size detection on Linux in jsutils.c.
35 CVE-2018-11583 XSS 2018-05-30 2018-05-30
0.0
None ??? ??? ??? ??? ??? ???
SeaCMS 6.61 has stored XSS in admin_collect.php via the siteurl parameter.
36 CVE-2018-11580 2018-05-30 2018-05-30
0.0
None ??? ??? ??? ??? ??? ???
An issue was discovered in mass-pages-posts-creator.php in the MULTIDOTS Mass Pages/Posts Creator plugin 1.2.2 for WordPress. Any logged in user can launch Mass Pages/Posts creation with custom content. There is no nonce or user capability check, so anyone can launch a DoS attack against a site and create hundreds of thousands of posts with custom content.
37 CVE-2018-11579 2018-05-30 2018-05-30
0.0
None ??? ??? ??? ??? ??? ???
class-woo-banner-management.php in the MULTIDOTS WooCommerce Category Banner Management plugin 1.1.0 for WordPress has an Unauthenticated Settings Change Vulnerability, related to certain wp_ajax_nopriv_ usage. Anyone can change the plugin's setting by simply sending a request with a wbm_save_shop_page_banner_data action.
38 CVE-2018-11578 2018-05-30 2018-05-30
0.0
None ??? ??? ??? ??? ??? ???
GifIndexToTrueColor in ngiflib.c in MiniUPnP ngiflib 0.4 has a Segmentation fault.
39 CVE-2018-11577 2018-05-30 2018-06-05
0.0
None ??? ??? ??? ??? ??? ???
Liblouis 3.5.0 has a Segmentation fault in lou_logPrint in logging.c.
40 CVE-2018-11576 2018-05-30 2018-05-30
0.0
None ??? ??? ??? ??? ??? ???
ngiflib.c in MiniUPnP ngiflib 0.4 has a heap-based buffer over-read in GifIndexToTrueColor.
41 CVE-2018-11575 Overflow 2018-05-30 2018-05-30
0.0
None ??? ??? ??? ??? ??? ???
ngiflib.c in MiniUPnP ngiflib 0.4 has a stack-based buffer overflow in DecodeGifImg.
42 CVE-2018-11572 XSS 2018-05-30 2018-05-30
0.0
None ??? ??? ??? ??? ??? ???
ClipperCMS 1.3.3 has XSS in the "Module name" field in a "Modules -> Manage modules -> edit" action to the manager/ URI.
43 CVE-2018-11571 2018-05-30 2018-05-30
0.0
None ??? ??? ??? ??? ??? ???
ClipperCMS 1.3.3 allows Session Fixation.
44 CVE-2018-11568 XSS 2018-05-30 2018-05-30
0.0
None ??? ??? ??? ??? ??? ???
Reflected XSS is possible in the GamePlan theme through 1.5.13.2 for WordPress because of insufficient input sanitization, as demonstrated by the s parameter. In some (but not all) cases, the '<' and '>' characters have &lt; and &gt; representations.
45 CVE-2018-11567 2018-05-30 2018-05-31
0.0
None ??? ??? ??? ??? ??? ???
** DISPUTED ** Prior to 2018-04-27, the reprompt feature in Amazon Echo devices could be misused by a custom Alexa skill. The reprompt feature is designed so that if Alexa does not receive an input within 8 seconds, the device can speak a reprompt, then wait an additional 8 seconds for input; if the user still does not respond, the microphone is then turned off. The vulnerability involves empty output-speech reprompts, custom wildcard ("gibberish") input slots, and logging of detected speech. If a maliciously designed skill is installed, an attacker could obtain transcripts of speech not intended for Alexa to process, but simply spoken within the device's hearing range. NOTE: The vendor states "Customer trust is important to us and we take security and privacy seriously. We have put mitigations in place for detecting this type of skill behavior and reject or suppress those skills when we do. Customers do not need to take any action for these mitigations to work."
46 CVE-2018-11565 2018-05-30 2018-05-31
0.0
None ??? ??? ??? ??? ??? ???
Mahara 17.04 before 17.04.8 and 17.10 before 17.10.5 and 18.04 before 18.04.1 are vulnerable to mentioning the usernames that are already taken by people registered in the system rather than masking that information.
47 CVE-2018-11562 XSS 2018-05-30 2018-05-30
0.0
None ??? ??? ??? ??? ??? ???
An issue was discovered in MISP 2.4.91. A vulnerability in app/View/Elements/eventattribute.ctp allows reflected XSS if a user clicks on a malicious link for an event view and then clicks on the deleted attributes quick filter.
48 CVE-2018-11559 XSS 2018-05-30 2018-05-30
0.0
None ??? ??? ??? ??? ??? ???
DomainMod 4.10.0 has Stored XSS in the "/settings/profile/index.php" new_last_name parameter.
49 CVE-2018-11558 XSS 2018-05-30 2018-05-30
0.0
None ??? ??? ??? ??? ??? ???
DomainMod 4.10.0 has Stored XSS in the "/settings/profile/index.php" new_first_name parameter.
50 CVE-2018-11557 XSS 2018-05-30 2018-05-30
0.0
None ??? ??? ??? ??? ??? ???
YIBAN Easy class education platform 2.0 has XSS via the articlelist.php k parameter.
Total number of vulnerabilities : 1165   Page : 1 (This Page)2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.