CVE-2018-10086 CVSS:6.5
CMS Made Simple (CMSMS) through 2.2.7 contains an arbitrary code execution vulnerability in the admin dashboard because the implementation uses "eval('function testfunction'.rand()" and it is possible to bypass certain restrictions on these "testfunction" functions. (Last Update:2018-04-13) (Publish Update:2018-04-13)
CVE-2018-10085 CVSS:7.5
CMS Made Simple (CMSMS) through 2.2.6 allows PHP object injection because of an unserialize call in the _get_data function of \lib\classes\internal\class.LoginOperations.php. By sending a crafted cookie, a remote attacker can upload and execute code, or delete files. (Last Update:2018-04-13) (Publish Update:2018-04-13)
CVE-2018-10084 CVSS:6.5
CMS Made Simple (CMSMS) through 2.2.6 contains a privilege escalation vulnerability from ordinary user to admin user by arranging for the eff_uid value within $_COOKIE[$this->_loginkey] to equal 1, because an SHA-1 cryptographic protection mechanism can be bypassed. (Last Update:2018-04-13) (Publish Update:2018-04-13)
CVE-2018-10083 CVSS:6.4
CMS Made Simple (CMSMS) through 2.2.7 contains an arbitrary file deletion vulnerability in the admin dashboard via directory traversal sequences in the val parameter within a cmd=del request, because code under modules\FilePicker does not restrict the val parameter. (Last Update:2018-04-13) (Publish Update:2018-04-13)
CVE-2018-10031 CVSS:6.8
CMS Made Simple (aka CMSMS) 2.2.7 has CSRF in admin/moduleinterface.php. (Last Update:2018-04-13) (Publish Update:2018-04-11)
CVE-2018-10030 CVSS:6.8
CMS Made Simple (aka CMSMS) 2.2.7 has CSRF in admin/siteprefs.php. (Last Update:2018-04-13) (Publish Update:2018-04-11)
CVE-2018-9924 CVSS:7.5
An issue was discovered in idreamsoft iCMS through 7.0.7. SQL injection exists via the pid array parameter in an admincp.php?app=tag&do=save&frame=iPHP request. (Last Update:2018-04-17) (Publish Update:2018-04-10)
CVE-2018-9923 CVSS:6.8
An issue was discovered in idreamsoft iCMS through 7.0.7. CSRF exists in admincp.php, as demonstrated by adding an article via an app=article&do=save&frame=iPHP request. (Last Update:2018-04-17) (Publish Update:2018-04-10)
CVE-2017-0431 CVSS:7.2
An elevation of privilege vulnerability in Qualcomm closed source components. Product: Android. Versions: Android kernel. Android ID: A-32573899. (Last Update:2018-04-17) (Publish Update:2018-04-05)
CVE-2016-8482 CVSS:7.2
An elevation of privilege vulnerability in the NVIDIA GPU driver. Product: Android. Versions: Android kernel. Android ID: A-31799863. References: N-CVE-2016-8482. (Last Update:2018-04-17) (Publish Update:2018-04-05)
CVE-2015-9016 CVSS:6.9
In blk_mq_tag_to_rq in blk-mq.c in the upstream kernel, there is a possible use after free due to a race condition when a request has been previously freed by blk_mq_complete_request. This could lead to local escalation of privilege. Product: Android. Versions: Android kernel. Android ID: A-63083046. (Last Update:2018-04-17) (Publish Update:2018-04-05)
CVE-2018-0194 CVSS:7.2
Multiple vulnerabilities in the CLI parser of Cisco IOS XE Software could allow an authenticated, local attacker to inject arbitrary commands into the CLI of the affected software, which could allow the attacker to gain access to the underlying Linux shell of an affected device and execute commands with root privileges on the device. The vulnerabilities exist because the affected software does not sufficiently sanitize command arguments before passing commands to the Linux shell for execution. An attacker could exploit these vulnerabilities by submitting a malicious CLI command to the affected software. A successful exploit could allow the attacker to break from the CLI of the affected software, which could allow the attacker to gain access to the underlying Linux shell on an affected device and execute arbitrary commands with root privileges on the device. Cisco Bug IDs: CSCuz03145, CSCuz56419, CSCva31971, CSCvb09542. (Last Update:2018-04-20) (Publish Update:2018-04-02)
CVE-2018-9136 CVSS:7.1
windrvr1260.sys in Jungo DriverWizard WinDriver 12.6.0 allows attackers to cause a denial of service (BSOD) via a crafted .exe file, a different vulnerability than CVE-2018-8821. (Last Update:2018-04-20) (Publish Update:2018-03-30)
CVE-2018-9135 CVSS:6.8
In ImageMagick 7.0.7-24 Q16, there is a heap-based buffer over-read in IsWEBPImageLossless in coders/webp.c. (Last Update:2018-04-18) (Publish Update:2018-03-30)
CVE-2018-9143 CVSS:10.0
On Samsung mobile devices with M(6.0) and N(7.x) software, a heap overflow in the sensorhub binder service leads to code execution in a privileged process, aka SVE-2017-10991. (Last Update:2018-04-19) (Publish Update:2018-03-30)
CVE-2018-9142 CVSS:7.6
On Samsung mobile devices with N(7.x) software, attackers can install an arbitrary APK in the Secure Folder SD Card area because of faulty validation of a package signature and package name, aka SVE-2017-10932. (Last Update:2018-04-19) (Publish Update:2018-03-30)
CVE-2018-9141 CVSS:9.3
On Samsung mobile devices with L(5.x), M(6.0), and N(7.x) software, Gallery allows remote attackers to execute arbitrary code via a BMP file with a crafted resolution, aka SVE-2017-11105. (Last Update:2018-04-19) (Publish Update:2018-03-30)
CVE-2018-9139 CVSS:10.0
On Samsung mobile devices with N(7.x) software, a buffer overflow in the vision service allows code execution in a privileged process via a large frame size, aka SVE-2017-11165. (Last Update:2018-04-19) (Publish Update:2018-03-30)
CVE-2017-16873 CVSS:7.2
It is possible to exploit an unsanitized PATH in the suid binary that ships with vagrant-vmware-fusion 4.0.25 through 5.0.4 in order to escalate to root privileges. (Last Update:2018-04-20) (Publish Update:2018-03-29)
CVE-2017-16839 CVSS:6.9
Hashicorp vagrant-vmware-fusion 5.0.4 allows local users to steal root privileges if VMware Fusion is not installed. (Last Update:2018-04-20) (Publish Update:2018-03-29)
CVE-2017-16512 CVSS:7.2
The vagrant update process in Hashicorp vagrant-vmware-fusion 5.0.2 through 5.0.4 allows local users to steal root privileges via a crafted update request when no updates are available. (Last Update:2018-04-20) (Publish Update:2018-03-29)
CVE-2018-9109 CVSS:6.4
Studio 42 elFinder before 2.1.36 has Directory Traversal via the zipdl() function in elFinder.class.php, resulting in file deletion. (Last Update:2018-04-20) (Publish Update:2018-03-28)
CVE-2018-9108 CVSS:6.8
CSRF in /admin/user/manage/add in QuickAppsCMS 2.0.0-beta2 allows an unauthorized remote attacker to create an account with admin privileges. (Last Update:2018-04-20) (Publish Update:2018-03-28)
CVE-2018-0195 CVSS:6.5
A vulnerability in the Cisco IOS XE Software REST API could allow an authenticated, remote attacker to bypass API authorization checks and use the API to perform privileged actions on an affected device. The vulnerability is due to insufficient authorization checks for requests that are sent to the REST API of the affected software. An attacker could exploit this vulnerability by sending a malicious request to an affected device via the REST API. A successful exploit could allow the attacker to selectively bypass authorization checks for the REST API of the affected software and use the API to perform privileged actions on an affected device. Cisco Bug IDs: CSCuz56428. (Last Update:2018-04-20) (Publish Update:2018-03-28)
CVE-2018-0189 CVSS:7.1
A vulnerability in the Forwarding Information Base (FIB) code of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, network attacker to cause a denial of service (DoS) condition. The vulnerability is due to a limitation in the way the FIB is internally representing recursive routes. An attacker could exploit this vulnerability by injecting routes into the routing protocol that have a specific recursive pattern. The attacker must be in a position on the network that provides the ability to inject a number of recursive routes with a specific pattern. An exploit could allow the attacker to cause an affected device to reload, creating a DoS condition. Cisco Bug IDs: CSCva91655. (Last Update:2018-04-20) (Publish Update:2018-03-28)
CVE-2018-0185 CVSS:7.2
Multiple vulnerabilities in the CLI parser of Cisco IOS XE Software could allow an authenticated, local attacker to inject arbitrary commands into the CLI of the affected software, which could allow the attacker to gain access to the underlying Linux shell of an affected device and execute commands with root privileges on the device. The vulnerabilities exist because the affected software does not sufficiently sanitize command arguments before passing commands to the Linux shell for execution. An attacker could exploit these vulnerabilities by submitting a malicious CLI command to the affected software. A successful exploit could allow the attacker to break from the CLI of the affected software, which could allow the attacker to gain access to the underlying Linux shell on an affected device and execute arbitrary commands with root privileges on the device. Cisco Bug IDs: CSCuz03145, CSCuz56419, CSCva31971, CSCvb09542. (Last Update:2018-04-20) (Publish Update:2018-03-28)
CVE-2018-0184 CVSS:7.2
A vulnerability in the CLI parser of Cisco IOS XE Software could allow an authenticated, local attacker to gain access to the underlying Linux shell of an affected device and execute arbitrary commands with root privileges on the device. The vulnerability is due to the affected software improperly sanitizing command arguments to prevent access to internal data structures on a device. An attacker who has privileged EXEC mode (privilege level 15) access to an affected device could exploit this vulnerability on the device by executing CLI commands that contain crafted arguments. A successful exploit could allow the attacker to gain access to the underlying Linux shell of the affected device and execute arbitrary commands with root privileges on the device. Cisco Bug IDs: CSCve74432. (Last Update:2018-04-20) (Publish Update:2018-03-28)
CVE-2018-0183 CVSS:7.2
A vulnerability in the CLI parser of Cisco IOS XE Software could allow an authenticated, local attacker to gain access to the underlying Linux shell of an affected device and execute arbitrary commands with root privileges on the device. The vulnerability is due to the affected software improperly sanitizing command arguments to prevent access to internal data structures on a device. An attacker who has privileged EXEC mode (privilege level 15) access to an affected device could exploit this vulnerability on the device by executing CLI commands that contain crafted arguments. A successful exploit could allow the attacker to gain access to the underlying Linux shell of the affected device and execute arbitrary commands with root privileges on the device. Cisco Bug IDs: CSCuv91356. (Last Update:2018-04-20) (Publish Update:2018-03-28)
CVE-2018-0182 CVSS:7.2
Multiple vulnerabilities in the CLI parser of Cisco IOS XE Software could allow an authenticated, local attacker to inject arbitrary commands into the CLI of the affected software, which could allow the attacker to gain access to the underlying Linux shell of an affected device and execute commands with root privileges on the device. The vulnerabilities exist because the affected software does not sufficiently sanitize command arguments before passing commands to the Linux shell for execution. An attacker could exploit these vulnerabilities by submitting a malicious CLI command to the affected software. A successful exploit could allow the attacker to break from the CLI of the affected software, which could allow the attacker to gain access to the underlying Linux shell on an affected device and execute arbitrary commands with root privileges on the device. Cisco Bug IDs: CSCuz03145, CSCuz56419, CSCva31971, CSCvb09542. (Last Update:2018-04-20) (Publish Update:2018-03-28)
CVE-2018-0159 CVSS:7.8
A vulnerability in the implementation of Internet Key Exchange Version 1 (IKEv1) functionality in Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service (DoS) condition. The vulnerability is due to improper validation of specific IKEv1 packets. An attacker could exploit this vulnerability by sending crafted IKEv1 packets to an affected device during an IKE negotiation. A successful exploit could allow the attacker to cause an affected device to reload, resulting in a DoS condition. Cisco Bug IDs: CSCuj73916. (Last Update:2018-04-20) (Publish Update:2018-03-28)
Click here for a complete list of security vulnerabilities. This vulnerability list widget is provided by www.cvedetails.com