Total
1587 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2018-1036 | 1 Microsoft | 7 Windows 10, Windows 7, Windows 8.1 and 4 more | 2024-11-21 | 6.9 MEDIUM | 7.0 HIGH |
|
An elevation of privilege vulnerability exists when NTFS improperly checks access, aka "NTFS Elevation of Privilege Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers.
|
|||||
| CVE-2018-19860 | 2 Broadcom, Cypress | 126 Bcm4335c0, Bcm4335c0 Firmware, Bcm43438a1 and 123 more | 2024-11-21 | 5.8 MEDIUM | 8.8 HIGH |
|
Broadcom firmware before summer 2014 on Nexus 5 BCM4335C0 2012-12-11, Raspberry Pi 3 BCM43438A1 2014-06-02, and unspecifed other devices does not properly restrict LMP commnds and executes certain memory contents upon receiving an LMP command, as demonstrated by executing an HCI command.
|
|||||
| CVE-2018-19836 | 1 Metinfo | 1 Metinfo | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
|
In Metinfo 6.1.3, include/interface/applogin.php allows setting arbitrary HTTP headers (including the Cookie header), and common.inc.php allows registering variables from the $_COOKIE value. This issue can, for example, be exploited in conjunction with CVE-2018-19835 to bypass many XSS filters such as the Chrome XSS filter.
|
|||||
| CVE-2018-19589 | 1 Utimaco | 2 Securityserver Cse, Securityserver Cse Firmware | 2024-11-21 | 5.5 MEDIUM | 6.5 MEDIUM |
|
Incorrect Access Controls of Security Officer (SO) in PKCS11 R2 provider that ships with the Utimaco CryptoServer HSM product package allows an SO authenticated to a slot to retrieve attributes of keys marked as private keys in external key storage, and also delete keys marked as private keys in external key storage. This compromises the availability of all keys configured with external key storage and may result in an economic attack in which the attacker denies legitimate users access to keys ...
Show More |
|||||
| CVE-2018-19446 | 2 Foxitsoftware, Microsoft | 2 Foxit Pdf Sdk Activex, Windows | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
|
A File Write can occur for specially crafted PDF files in Foxit Reader SDK (ActiveX) Professional 5.4.0.1031 when the JavaScript API Doc.createDataObject is used. An attacker can leverage this to gain remote code execution.
|
|||||
| CVE-2018-19393 | 1 Cobham | 4 Satcom Sailor 800, Satcom Sailor 800 Firmware, Satcom Sailor 900 and 1 more | 2024-11-21 | 7.8 HIGH | 7.5 HIGH |
|
Cobham Satcom Sailor 800 and 900 devices contained a vulnerability that allowed for arbitrary writing of content to the system's configuration file. This was exploitable via multiple attack vectors depending on the device's configuration. Further analysis also indicated this vulnerability could be leveraged to achieve a Denial of Service (DoS) condition, where the device would require a factory reset to return to normal operation.
|
|||||
| CVE-2018-19374 | 1 Zohocorp | 1 Manageengine Admanager Plus | 2024-11-21 | 6.9 MEDIUM | 7.0 HIGH |
|
Zoho ManageEngine ADManager Plus 6.6 Build 6657 allows local users to gain privileges (after a reboot) by placing a Trojan horse file into the permissive bin directory.
|
|||||
| CVE-2018-19113 | 1 Pronestor | 1 Pronestor Health Monitoring | 2024-11-21 | 4.4 MEDIUM | 7.3 HIGH |
|
The Pronestor PNHM (aka Health Monitoring or HealthMonitor) add-in before 8.1.13.0 for Outlook has "BUILTIN\Users:(I)(F)" permissions for the "%PROGRAMFILES(X86)%\proNestor\Outlook add-in for Pronestor\PronestorHealthMonitor.exe" file, which allows local users to gain privileges via a Trojan horse PronestorHealthMonitor.exe file.
|
|||||
| CVE-2018-19072 | 2 Foscam, Opticam | 6 C2, C2 Application Firmware, C2 System Firmware and 3 more | 2024-11-21 | 3.6 LOW | 5.5 MEDIUM |
|
An issue was discovered on Foscam C2 devices with System Firmware 1.11.1.8 and Application Firmware 2.72.1.32, and Opticam i5 devices with System Firmware 1.5.2.11 and Application Firmware 2.21.1.128. /mnt/mtd/app has 0777 permissions, allowing local users to replace an archive file (within that directory) to control what is extracted to RAM at boot time.
|
|||||
| CVE-2018-19071 | 2 Foscam, Opticam | 6 C2, C2 Application Firmware, C2 System Firmware and 3 more | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
|
An issue was discovered on Foscam C2 devices with System Firmware 1.11.1.8 and Application Firmware 2.72.1.32, and Opticam i5 devices with System Firmware 1.5.2.11 and Application Firmware 2.21.1.128. /mnt/mtd/boot.sh has 0777 permissions, allowing local users to control the commands executed at system start-up.
|
|||||
| CVE-2018-18812 | 1 Tibco | 2 Spotfire Analytics Platform For Aws, Spotfire Server | 2024-11-21 | 3.5 LOW | 6.5 MEDIUM |
|
The Spotfire Library component of TIBCO Software Inc.'s TIBCO Spotfire Analytics Platform for AWS Marketplace, and TIBCO Spotfire Server contains a vulnerability that might theoretically fail to restrict users with read-only access from modifying files stored in the Spotfire Library, only when the Spotfire Library is configured to use external storage. Affected releases are TIBCO Software Inc.'s TIBCO Spotfire Analytics Platform for AWS Marketplace versions up to and including 10.0.0, and TIBCO ...
Show More |
|||||
| CVE-2018-18654 | 1 Debian | 1 Crossroads | 2024-11-21 | 7.2 HIGH | 7.8 HIGH |
|
Crossroads 2.81 does not properly handle the /tmp directory during a build of xr. A local attacker can first create a world-writable subdirectory in a certain location under the /tmp directory, wait until a user process copies xr there, and then replace the entire contents of this subdirectory to include a Trojan horse xr.
|
|||||
| CVE-2018-18630 | 2 Changehealthcare, Mckesson | 6 Cardiology, Cardiology Firmware, Cardiology and 3 more | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
|
A vulnerability was found in McKesson Cardiology product 13.x and 14.x. Insecure file permissions in the default installation may allow an attacker with local system access to execute unauthorized arbitrary code.
|
|||||
| CVE-2018-18561 | 1 Roche | 8 Accu-chek Inform Ii, Accu-chek Inform Ii Firmware, Base Unit Hub and 5 more | 2024-11-21 | 7.7 HIGH | 8.0 HIGH |
|
An issue was discovered in Roche Accu-Chek Inform II Base Unit / Base Unit Hub before 03.01.04 and CoaguChek / cobas h232 Handheld Base Unit before 03.01.04. Insecure permissions in a service interface may allow authenticated attackers in the adjacent network to execute arbitrary commands on the operating system.
|
|||||
| CVE-2018-18495 | 2 Canonical, Mozilla | 2 Ubuntu Linux, Firefox | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
|
WebExtension content scripts can be loaded into about: pages in some circumstances, in violation of the permissions granted to extensions. This could allow an extension to interfere with the loading and usage of these pages and use capabilities that were intended to be restricted from extensions. This vulnerability affects Firefox < 64.
|
|||||
| CVE-2018-18435 | 1 Kioware | 1 Kioware Server | 2024-11-21 | 7.2 HIGH | 7.8 HIGH |
|
KioWare Server version 4.9.6 and older installs by default to "C:\kioware_com" with weak folder permissions granting any user full permission "Everyone: (F)" to the contents of the directory and it's sub-folders. In addition, the program installs a service called "KWSService" which runs as "Localsystem", this will allow any user to escalate privileges to "NT AUTHORITY\SYSTEM" by substituting the service's binary with a malicious one.
|
|||||
| CVE-2018-18352 | 3 Debian, Google, Redhat | 5 Debian Linux, Chrome, Enterprise Linux Desktop and 2 more | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
|
Service works could inappropriately gain access to cross origin audio in Media in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to bypass same origin policy for audio content via a crafted HTML page.
|
|||||
| CVE-2018-18349 | 3 Debian, Google, Redhat | 5 Debian Linux, Chrome, Enterprise Linux Desktop and 2 more | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
|
Remote frame navigations was incorrectly permitted to local resources in Blink in Google Chrome prior to 71.0.3578.80 allowed an attacker who convinced a user to install a malicious extension to access files on the local file system via a crafted Chrome Extension.
|
|||||
| CVE-2018-18332 | 2 Microsoft, Trendmicro | 2 Windows, Officescan | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
A Trend Micro OfficeScan XG weak file permissions vulnerability may allow an attacker to potentially manipulate permissions on some key files to modify other files and folders on vulnerable installations.
|
|||||
| CVE-2018-18331 | 2 Microsoft, Trendmicro | 2 Windows, Officescan | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
A Trend Micro OfficeScan XG weak file permissions vulnerability on a particular folder for a particular group may allow an attacker to alter the files, which could lead to other exploits on vulnerable installations.
|
|||||
| CVE-2018-18254 | 1 Capmon | 1 Access Manager | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
|
An issue was discovered in CapMon Access Manager 5.4.1.1005. An unprivileged user can read the cal_whitelist table in the Custom App Launcher (CAL) database, and potentially gain privileges by placing a Trojan horse program at an app pathname.
|
|||||
| CVE-2018-18098 | 2 Intel, Microsoft | 3 Sgx Platform Software, Sgx Sdk, Windows | 2024-11-21 | 4.4 MEDIUM | 7.3 HIGH |
|
Improper file verification in install routine for Intel(R) SGX SDK and Platform Software for Windows before 2.2.100 may allow an escalation of privilege via local access.
|
|||||
| CVE-2018-18097 | 1 Intel | 1 Solid State Drive Toolbox | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
|
Improper directory permissions in Intel Solid State Drive Toolbox before 3.5.7 may allow an authenticated user to potentially enable escalation of privilege via local access.
|
|||||
| CVE-2018-18094 | 1 Intel | 1 Media Sdk | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
|
Improper directory permissions in installer for Intel(R) Media SDK before 2018 R2.1 may allow an authenticated user to potentially enable escalation of privilege via local access.
|
|||||
| CVE-2018-18093 | 1 Intel | 1 Vtune Amplifier | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
|
Improper file permissions in the installer for Intel VTune Amplifier 2018 Update 3 and before may allow unprivileged user to potentially gain privileged access via local access.
|
|||||
| CVE-2018-17892 | 1 Nuuo | 1 Nuuo Cms | 2024-11-21 | 6.5 MEDIUM | 8.8 HIGH |
|
NUUO CMS all versions 3.1 and prior, The application implements a method of user account control that causes standard account security features to not be utilized as intended, which could allow user account compromise and may allow for remote code execution.
|
|||||
| CVE-2018-17873 | 1 Wifiranger | 2 Wifiranger, Wifiranger Firmware | 2024-11-21 | 3.3 LOW | 8.8 HIGH |
|
An incorrect access control vulnerability in the FTP configuration of WiFiRanger devices with firmware version 7.0.8rc3 and earlier allows an attacker with adjacent network access to read the SSH Private Key and log in to the root account.
|
|||||
| CVE-2018-17872 | 1 Verint | 2 Collaboration Compliance, Quality Management Platform | 2024-11-21 | 6.5 MEDIUM | 8.8 HIGH |
|
Verba Collaboration Compliance and Quality Management Platform before 9.2.1.5545 has Insecure Permissions.
|
|||||
| CVE-2018-17776 | 1 Pcprotect | 1 Antivirus | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
|
PCProtect Anti-Virus v4.8.35 has "Everyone: (F)" permission for %PROGRAMFILES(X86)%\PCProtect, which allows local users to gain privileges by replacing an executable file with a Trojan horse.
|
|||||
| CVE-2018-17775 | 1 Seqrite | 1 End Point Security | 2024-11-21 | 7.2 HIGH | 7.8 HIGH |
|
Seqrite End Point Security v7.4 has "Everyone: (F)" permission for %PROGRAMFILES%\Seqrite\Seqrite, which allows local users to gain privileges by replacing an executable file with a Trojan horse.
|
|||||
| CVE-2018-17766 | 1 Ingenico | 2 Telium 2, Telium 2 Firmware | 2024-11-21 | 2.1 LOW | 4.6 MEDIUM |
|
Ingenico Telium 2 POS Telium2 OS allow bypass of file-reading restrictions via the NTPT3 protocol. This is fixed in Telium 2 SDK v9.32.03 patch N.
|
|||||
| CVE-2018-17305 | 1 Uipath | 1 Orchestrator | 2024-11-21 | 6.5 MEDIUM | 8.8 HIGH |
|
UiPath Orchestrator through 2018.2.4 allows any authenticated user to change the information of arbitrary users (even administrators) leading to privilege escalation and remote code execution.
|
|||||
| CVE-2018-17037 | 1 Ucms Project | 1 Ucms | 2024-11-21 | 6.5 MEDIUM | 8.8 HIGH |
|
user/editpost.php in UCMS 1.4.6 mishandles levels, which allows escalation from the normal user level of 1 to the superuser level of 3.
|
|||||
| CVE-2018-16958 | 1 Oracle | 1 Webcenter Interaction | 2024-11-21 | 5.8 MEDIUM | 5.4 MEDIUM |
|
An issue was discovered in Oracle WebCenter Interaction Portal 10.3.3. The ASP.NET_SessionID primary session cookie, when Internet Information Services (IIS) with ASP.NET is used, is not protected with the HttpOnly attribute. The attribute cannot be enabled by customers. Consequently, this cookie is exposed to session hijacking attacks should an adversary be able to execute JavaScript in the origin of the portal installation. NOTE: this CVE is assigned by MITRE and isn't validated by Oracle beca ...
Show More |
|||||
| CVE-2018-16715 | 1 Absolute | 1 Ctes Windows Agent | 2024-11-21 | 6.5 MEDIUM | 8.8 HIGH |
|
An issue was discovered in Absolute Software CTES Windows Agent through 1.0.0.1479. The security permissions on the %ProgramData%\CTES folder and sub-folders may allow write access to low-privileged user accounts. This allows unauthorized replacement of service program executable (EXE) or dynamically loadable library (DLL) files, causing elevated (SYSTEM) user access. Configuration control files or data files under this folder could also be similarly modified to affect service process behavior.
|
|||||
| CVE-2018-16703 | 1 Gleeztech | 1 Gleez Cms | 2024-11-21 | 5.0 MEDIUM | 5.3 MEDIUM |
|
A vulnerability in the Gleez CMS 1.2.0 login page could allow an unauthenticated, remote attacker to perform multiple user enumerations, which can further help an attacker to perform login attempts in excess of the configured login attempt limit. The vulnerability is due to insufficient server-side access control and login attempt limit enforcement. An attacker could exploit this vulnerability by sending modified login attempts to the Portal login page. An exploit could allow the attacker to ide ...
Show More |
|||||
| CVE-2018-16588 | 1 Suse | 2 Linux Enterprise, Shadow | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
|
Privilege escalation can occur in the SUSE useradd.c code in useradd, as distributed in the SUSE shadow package through 4.2.1-27.9.1 for SUSE Linux Enterprise 12 (SLE-12) and through 4.5-5.39 for SUSE Linux Enterprise 15 (SLE-15). Non-existing intermediate directories are created with mode 0777 during user creation. Given that they are world-writable, local attackers might use this for privilege escalation and other unspecified attacks. NOTE: this would affect non-SUSE users who took useradd.c ...
Show More |
|||||
| CVE-2018-16545 | 1 Kzsoftware | 2 Asset Manager, Training Manager | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
|
Kaizen Asset Manager (Enterprise Edition) and Training Manager (Enterprise Edition) allow a remote attacker to achieve arbitrary code execution via file impersonation. For example, a malicious dynamic-link library (dll) assumed the identity of a temporary (tmp) file (isxdl.dll) and an executable file assumed the identity of a temporary file (996E.temp).
|
|||||
| CVE-2018-16145 | 1 Opsview | 1 Opsview | 2024-11-21 | 9.3 HIGH | 8.1 HIGH |
|
The /etc/init.d/opsview-reporting-module script that runs at boot time in Opsview Monitor before 5.3.1 and 5.4.x before 5.4.2 invokes a file that can be edited by the nagios user, and would allow attackers to elevate their privileges to root after a system restart, hence obtaining full control of the appliance.
|
|||||
| CVE-2018-16087 | 1 Google | 1 Chrome | 2024-11-21 | 4.3 MEDIUM | 4.3 MEDIUM |
|
Lack of proper state tracking in Permissions in Google Chrome prior to 69.0.3497.81 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page.
|
|||||