Total
11829 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2018-10799 | 1 Brave | 1 Brave | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
|
A hang issue was discovered in Brave before 0.14.0 (on, for example, Linux). This vulnerability is caused by the mishandling of a long URL formed by window.location+='?\u202a\uFEFF\u202b'; concatenation in a SCRIPT element.
|
|||||
| CVE-2018-10798 | 1 Brave | 1 Brave | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
|
A hang issue was discovered in Brave before 0.14.0 (on, for example, Linux). The vulnerability is caused by mishandling of JavaScript code that triggers the reload of a page continuously with an interval of 1 second.
|
|||||
| CVE-2018-10796 | 1 2345 Security Guard Project | 1 2345 Security Guard | 2024-11-21 | 6.1 MEDIUM | 7.8 HIGH |
|
In 2345 Security Guard 3.7, the driver file (2345NetFirewall.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x00222014.
|
|||||
| CVE-2018-10776 | 1 Mp3gain | 1 Mp3gain | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
|
The getbits function in mpglibDBL/common.c in mp3gain through 1.5.2-r2 allows remote attackers to cause a denial of service (segmentation fault and application crash) or possibly have unspecified other impact.
|
|||||
| CVE-2018-10711 | 1 Asrock | 4 A-tuning, F-stream, Restart To Uefi and 1 more | 2024-11-21 | 7.2 HIGH | 7.8 HIGH |
|
The AsrDrv101.sys and AsrDrv102.sys low-level drivers in ASRock RGBLED before v1.0.35.1, A-Tuning before v3.0.210, F-Stream before v3.0.210, and RestartToUEFI before v1.0.6.2 expose functionality to read and write Machine Specific Registers (MSRs). This could be leveraged to execute arbitrary ring-0 code.
|
|||||
| CVE-2018-10657 | 1 Matrix | 1 Synapse | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
Matrix Synapse before 0.28.1 is prone to a denial of service flaw where malicious events injected with depth = 2^63 - 1 render rooms unusable, related to federation/federation_base.py and handlers/message.py, as exploited in the wild in April 2018.
|
|||||
| CVE-2018-10616 | 1 Abb | 1 Panel Builder 800 | 2024-11-21 | 9.3 HIGH | 7.8 HIGH |
|
ABB Panel Builder 800 all versions has an improper input validation vulnerability which may allow an attacker to insert and run arbitrary code on a computer where the affected product is used.
|
|||||
| CVE-2018-10578 | 1 Watchguard | 8 Ap100, Ap100 Firmware, Ap102 and 5 more | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
|
An issue was discovered on WatchGuard AP100, AP102, and AP200 devices with firmware before 1.2.9.15, and AP300 devices with firmware before 2.0.0.10. Incorrect validation of the "old password" field in the change password form allows an attacker to bypass validation of this field.
|
|||||
| CVE-2018-10531 | 1 Americasarmy | 1 Proving Grounds | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
An issue was discovered in the America's Army Proving Grounds platform for the Unreal Engine. With a false packet sent via UDP, the application server responds with several bytes, giving the possibility of DoS amplification, even being able to be used in DDoS attacks.
|
|||||
| CVE-2018-10502 | 1 Samsung | 1 Galaxy Apps | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
|
This vulnerability allows local attackers to escalate privileges on vulnerable installations of Samsung Galaxy Apps Fixed in version 4.2.18.2. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handling of a staging mode. The issue lies in the ability to change the configuration based on the presence of a file in an user-controlled location. An attacker can leverage this vulnera ...
Show More |
|||||
| CVE-2018-10499 | 1 Samsung | 1 Galaxy Apps | 2024-11-21 | 4.4 MEDIUM | 7.0 HIGH |
|
This vulnerability allows local attackers to execute arbitrary code on vulnerable installations of Samsung Galaxy Apps Fixed in version 6.4.0.15. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handling of URLs. The issue lies in the lack of proper validation of user-supplied data, which can allow arbitrary JavaScript to execute. An attacker can leverage this vulnerability to ...
Show More |
|||||
| CVE-2018-10497 | 1 Samsung | 1 Samsung Email | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
|
This vulnerability allows local attackers to escalate privileges on vulnerable installations of Samsung Email Fixed in version 5.0.02.16. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handling of EML files. The issue results from the lack of proper validation of user-supplied data, which can allow arbitrary JavaScript to execute. An attacker can leverage this vulnerability ...
Show More |
|||||
| CVE-2018-10496 | 1 Samsung | 1 Samsung Internet Browser | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
|
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Samsung Internet Browser Fixed in version 6.4.0.15. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of TypedArray objects. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this ...
Show More |
|||||
| CVE-2018-10468 | 1 Uetoken | 1 Useless Ethereum Token | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
The transferFrom function of a smart contract implementation for Useless Ethereum Token (UET), an Ethereum ERC20 token, allows attackers to steal assets (e.g., transfer all victims' balances into their account) because certain computations involving _value are incorrect, as exploited in the wild starting in December 2017, aka the "transferFlaw" issue.
|
|||||
| CVE-2018-10363 | 1 Wpdevart | 1 Booking Calendar | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
An issue was discovered in the WpDevArt "Booking calendar, Appointment Booking System" plugin 2.2.2 for WordPress. Multiple parameters allow remote attackers to manipulate the values to change data such as prices.
|
|||||
| CVE-2018-10260 | 1 Hrsale Project | 1 Hrsale | 2024-11-21 | 6.5 MEDIUM | 8.8 HIGH |
|
A Local File Inclusion vulnerability was found in HRSALE The Ultimate HRM v1.0.2, exploitable by a low privileged user.
|
|||||
| CVE-2018-10140 | 1 Paloaltonetworks | 1 Pan-os | 2024-11-21 | 4.0 MEDIUM | 4.3 MEDIUM |
|
The PAN-OS Management Web Interface in Palo Alto Networks PAN-OS 8.1.2 and earlier may allow an authenticated user to shut down all management sessions, resulting in all logged in users to be redirected to the login page. PAN-OS 6.1, PAN-OS 7.1 and PAN-OS 8.0 are NOT affected.
|
|||||
| CVE-2018-10105 | 1 Tcpdump | 1 Tcpdump | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
|
tcpdump before 4.9.3 mishandles the printing of SMB data (issue 2 of 2).
|
|||||
| CVE-2018-10103 | 1 Tcpdump | 1 Tcpdump | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
|
tcpdump before 4.9.3 mishandles the printing of SMB data (issue 1 of 2).
|
|||||
| CVE-2018-10087 | 3 Canonical, Debian, Linux | 3 Ubuntu Linux, Debian Linux, Linux Kernel | 2024-11-21 | 2.1 LOW | 5.5 MEDIUM |
|
The kernel_wait4 function in kernel/exit.c in the Linux kernel before 4.13, when an unspecified architecture and compiler is used, might allow local users to cause a denial of service by triggering an attempted use of the -INT_MIN value.
|
|||||
| CVE-2018-10072 | 1 Jungo | 1 Windriver | 2024-11-21 | 4.9 MEDIUM | 5.5 MEDIUM |
|
windrvr1260.sys in Jungo DriverWizard WinDriver 12.6.0 allows attackers to cause a denial of service (BSOD) via a 0x953827bf DeviceIoControl call.
|
|||||
| CVE-2018-10071 | 1 Jungo | 1 Windriver | 2024-11-21 | 4.9 MEDIUM | 5.5 MEDIUM |
|
windrvr1260.sys in Jungo DriverWizard WinDriver 12.6.0 allows attackers to cause a denial of service (BSOD) via a 0x953826DB DeviceIoControl call.
|
|||||
| CVE-2018-10054 | 2 Cognitect, H2database | 2 Datomic, H2 | 2024-11-21 | 6.5 MEDIUM | 8.8 HIGH |
|
H2 1.4.197, as used in Datomic before 0.9.5697 and other products, allows remote code execution because CREATE ALIAS can execute arbitrary Java code. NOTE: the vendor's position is "h2 is not designed to be run outside of a secure environment."
|
|||||
| CVE-2018-1002104 | 1 Kubernetes | 1 Nginx Ingress Controller | 2024-11-21 | 5.0 MEDIUM | 5.3 MEDIUM |
|
Versions < 1.5 of the Kubernetes ingress default backend, which handles invalid ingress traffic, exposed prometheus metrics publicly.
|
|||||
| CVE-2018-1002100 | 1 Kubernetes | 1 Kubernetes | 2024-11-21 | 3.6 LOW | 4.2 MEDIUM |
|
In Kubernetes versions 1.5.x, 1.6.x, 1.7.x, 1.8.x, and prior to version 1.9.6, the kubectl cp command insecurely handles tar data returned from the container, and can be caused to overwrite arbitrary local files.
|
|||||
| CVE-2018-1000883 | 1 Plug Project | 1 Plug | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
|
Elixir Plug Plug version All contains a Header Injection vulnerability in Connection that can result in Given a cookie value, Headers can be added. This attack appear to be exploitable via Crafting a value to be sent as a cookie. This vulnerability appears to have been fixed in >= 1.3.5 or ~> 1.2.5 or ~> 1.1.9 or ~> 1.0.6.
|
|||||
| CVE-2018-1000873 | 3 Fasterxml, Netapp, Oracle | 6 Jackson-modules-java8, Active Iq Unified Manager, Clusterware and 3 more | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
|
Fasterxml Jackson version Before 2.9.8 contains a CWE-20: Improper Input Validation vulnerability in Jackson-Modules-Java8 that can result in Causes a denial-of-service (DoS). This attack appear to be exploitable via The victim deserializes malicious input, specifically very large values in the nanoseconds field of a time value. This vulnerability appears to have been fixed in 2.9.8.
|
|||||
| CVE-2018-1000849 | 1 Alpinelinux | 1 Alpine Linux | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
|
Alpine Linux version Versions prior to 2.6.10, 2.7.6, and 2.10.1 contains a Other/Unknown vulnerability in apk-tools (Alpine Linux' package manager) that can result in Remote Code Execution. This attack appear to be exploitable via A specially crafted APK-file can cause apk to write arbitrary data to an attacker-specified file, due to bugs in handling long link target name and the way a regular file is extracted.. This vulnerability appears to have been fixed in 2.6.10, 2.7.6, and 2.10.1.
|
|||||
| CVE-2018-1000815 | 1 Brave | 1 Brave | 2024-11-21 | 4.3 MEDIUM | 4.3 MEDIUM |
|
Brave Software Inc. Brave version version 0.22.810 to 0.24.0 contains a Other/Unknown vulnerability in function ContentSettingsObserver::AllowScript() in content_settings_observer.cc that can result in Websites can run inline JavaScript even if script is blocked, making attackers easier to track users. This attack appear to be exploitable via the victim must visit a specially crafted website. This vulnerability appears to have been fixed in 0.25.2.
|
|||||
| CVE-2018-1000809 | 1 Privacyidea | 1 Privacyidea | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
privacyIDEA version 2.23.1 and earlier contains a Improper Input Validation vulnerability in token validation api that can result in Denial-of-Service. This attack appear to be exploitable via http request with user=<space>&pass= to /validate/check url. This vulnerability appears to have been fixed in 2.23.2.
|
|||||
| CVE-2018-1000773 | 1 Wordpress | 1 Wordpress | 2024-11-21 | 6.5 MEDIUM | 8.8 HIGH |
|
WordPress version 4.9.8 and earlier contains a CWE-20 Input Validation vulnerability in thumbnail processing that can result in remote code execution due to an incomplete fix for CVE-2017-1000600. This attack appears to be exploitable via thumbnail upload by an authenticated user and may require additional plugins in order to be exploited however this has not been confirmed at this time.
|
|||||
| CVE-2018-1000656 | 2 Netapp, Palletsprojects | 4 Active Iq, Hyper Converged Infrastructure, Ontap Select Deploy Utility and 1 more | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
The Pallets Project flask version Before 0.12.3 contains a CWE-20: Improper Input Validation vulnerability in flask that can result in Large amount of memory usage possibly leading to denial of service. This attack appear to be exploitable via Attacker provides JSON data in incorrect encoding. This vulnerability appears to have been fixed in 0.12.3. NOTE: this may overlap CVE-2019-1010083.
|
|||||
| CVE-2018-1000647 | 1 Librehealth | 1 Librehealth Ehr | 2024-11-21 | 5.5 MEDIUM | 7.1 HIGH |
|
LibreHealthIO lh-ehr version REL-2.0.0 contains a Authenticated Unrestricted File Deletion vulnerability in Import template that can result in Denial of service. This attack appear to be exploitable via User controlled parameter.
|
|||||
| CVE-2018-1000617 | 1 Atlassian | 1 Floodlight Controller | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
Atlassian Floodlight Atlassian Floodlight Controller version 1.2 and earlier versions contains a Denial of Service vulnerability in Forwarding module that can result in Improper type cast in Forwarding module allows remote attackers to cause a DoS(thread crash).. This attack appear to be exploitable via network connectivity (Remote attack).
|
|||||
| CVE-2018-1000607 | 1 Jenkins | 1 Fortify Cloudscan | 2024-11-21 | 4.0 MEDIUM | 6.5 MEDIUM |
|
A arbitrary file write vulnerability exists in Jenkins Fortify CloudScan Plugin 1.5.1 and earlier in ArchiveUtil.java that allows attackers able to control rulepack zip file contents to overwrite any file on the Jenkins master file system, only limited by the permissions of the user the Jenkins master process is running as.
|
|||||
| CVE-2018-1000533 | 1 Gitlist | 1 Gitlist | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
|
klaussilveira GitList version <= 0.6 contains a Passing incorrectly sanitized input to system function vulnerability in `searchTree` function that can result in Execute any code as PHP user. This attack appear to be exploitable via Send POST request using search form. This vulnerability appears to have been fixed in 0.7 after commit 87b8c26b023c3fc37f0796b14bb13710f397b322.
|
|||||
| CVE-2018-1000531 | 1 Inversoft | 1 Prime-jwt | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
inversoft prime-jwt version prior to commit abb0d479389a2509f939452a6767dc424bb5e6ba contains a CWE-20 vulnerability in JWTDecoder.decode that can result in an incorrect signature validation of a JWT token. This attack can be exploitable when an attacker crafts a JWT token with a valid header using 'none' as algorithm and a body to requests it be validated. This vulnerability was fixed after commit abb0d479389a2509f939452a6767dc424bb5e6ba.
|
|||||
| CVE-2018-1000523 | 1 Topydo | 1 Topydo | 2024-11-21 | 5.8 MEDIUM | 8.1 HIGH |
|
topydo contains a CWE-20: Improper Input Validation vulnerability in ListFormatParser::parse, file topydo/lib/ListFormat.py line 292 as of d4f843dac71308b2f29a7c2cdc76f055c3841523 that can result in Injection of arbitrary bytes to the terminal, including terminal escape code sequences. This attack appear to be exploitable via The victim must open a todo.txt with at least one specially crafted line..
|
|||||
| CVE-2018-1000205 | 1 Denx | 1 U-boot | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
|
U-Boot contains a CWE-20: Improper Input Validation vulnerability in Verified boot signature validation that can result in Bypass verified boot. This attack appear to be exploitable via Specially crafted FIT image and special device memory functionality.
|
|||||
| CVE-2018-1000136 | 1 Electronjs | 1 Electron | 2024-11-21 | 6.8 MEDIUM | 8.1 HIGH |
|
Electron version 1.7 up to 1.7.12; 1.8 up to 1.8.3 and 2.0.0 up to 2.0.0-beta.3 contains an improper handling of values vulnerability in Webviews that can result in remote code execution. This attack appear to be exploitable via an app which allows execution of 3rd party code AND disallows node integration AND has not specified if webview is enabled/disabled. This vulnerability appears to have been fixed in 1.7.13, 1.8.4, 2.0.0-beta.4.
|
|||||