Total
6931 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2018-9039 | 1 Octopus | 1 Octopus Deploy | 2024-11-21 | 4.0 MEDIUM | 6.5 MEDIUM |
|
In Octopus Deploy 2.0 and later before 2018.3.7, an authenticated user, with variable edit permissions, can scope some variables to targets greater than their permissions should allow. In other words, they can see machines beyond their team's scoped environments.
|
|||||
| CVE-2018-8755 | 1 Nucom | 2 Wr644gacv, Wr644gacv Firmware | 2024-11-21 | 5.0 MEDIUM | 9.8 CRITICAL |
|
NuCom WR644GACV devices before STA006 allow an attacker to download the configuration file without credentials. By downloading this file, an attacker can access the admin password, WPA key, and any config information of the device.
|
|||||
| CVE-2018-8028 | 1 Apache | 1 Sentry | 2024-11-21 | 6.5 MEDIUM | 8.8 HIGH |
|
An authenticated user can execute ALTER TABLE EXCHANGE PARTITIONS without being authorized by Apache Sentry before 2.0.1. This can allow an attacker unauthorized access to the partitioned data of a Sentry protected table and can allow an attacker to remove data from a Sentry protected table.
|
|||||
| CVE-2018-8012 | 3 Apache, Debian, Oracle | 3 Zookeeper, Debian Linux, Goldengate Stream Analytics | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
No authentication/authorization is enforced when a server attempts to join a quorum in Apache ZooKeeper before 3.4.10, and 3.5.0-alpha through 3.5.3-beta. As a result an arbitrary end point could join the cluster and begin propagating counterfeit changes to the leader.
|
|||||
| CVE-2018-7792 | 1 Schneider-electric | 2 Modicon M221, Modicon M221 Firmware | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
A Permissions, Privileges, and Access Control vulnerability exists in Schneider Electric's Modicon M221 product (all references, all versions prior to firmware V1.6.2.0). The vulnerability allows unauthorized users to decode the password using rainbow table.
|
|||||
| CVE-2018-7702 | 1 Securenvoy | 1 Securmail | 2024-11-21 | 6.4 MEDIUM | 9.1 CRITICAL |
|
SecurEnvoy SecurMail before 9.2.501 allows remote attackers to spoof transmission of arbitrary e-mail messages, resend e-mail messages to arbitrary recipients, or modify arbitrary message bodies and attachments by leveraging missing authentication and authorization.
|
|||||
| CVE-2018-7689 | 1 Opensuse | 1 Open Build Service | 2024-11-21 | 4.0 MEDIUM | 7.1 HIGH |
|
Lack of permission checks in the InitializeDevelPackage function in openSUSE Open Build Service before 2.9.3 allowed authenticated users to modify packages where they do not have write permissions.
|
|||||
| CVE-2018-7688 | 1 Opensuse | 1 Open Build Service | 2024-11-21 | 4.0 MEDIUM | 7.1 HIGH |
|
A missing permission check in the review handling of openSUSE Open Build Service before 2.9.3 allowed all authenticated users to modify sources in projects where they do not have write permissions.
|
|||||
| CVE-2018-6000 | 1 Asus | 1 Asuswrt | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
|
An issue was discovered in AsusWRT before 3.0.0.4.384_10007. The do_vpnupload_post function in router/httpd/web.c in vpnupload.cgi provides functionality for setting NVRAM configuration values, which allows attackers to set the admin password and launch an SSH daemon (or enable infosvr command mode), and consequently obtain remote administrative access, via a crafted request. This is available to unauthenticated attackers in conjunction with CVE-2018-5999.
|
|||||
| CVE-2018-5547 | 1 F5 | 1 Big-ip Access Policy Manager Client | 2024-11-21 | 7.2 HIGH | 7.8 HIGH |
|
Windows Logon Integration feature of F5 BIG-IP APM client prior to version 7.1.7.1 for Windows by default uses Legacy logon mode which uses a SYSTEM account to establish network access. This feature displays a certificate user interface dialog box which contains the link to the certificate policy. By clicking on the link, unprivileged users can open additional dialog boxes and get access to the local machine windows explorer which can be used to get administrator privilege. Windows Logon Integra ...
Show More |
|||||
| CVE-2018-5377 | 1 Discuz | 1 Discuzx | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
|
Discuz! DiscuzX X3.4 allows remote attackers to bypass intended access restrictions via the archiver\index.php action parameter.
|
|||||
| CVE-2018-5135 | 1 Mozilla | 1 Firefox | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
WebExtensions can bypass normal restrictions in some circumstances and use "browser.tabs.executeScript" to inject scripts into contexts where this should not be allowed, such as pages from other WebExtensions or unprivileged "about:" pages. This vulnerability affects Firefox < 59.
|
|||||
| CVE-2018-5113 | 2 Canonical, Mozilla | 2 Ubuntu Linux, Firefox | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
The "browser.identity.launchWebAuthFlow" function of WebExtensions is only allowed to load content over "https:" but this requirement was not properly enforced. This can potentially allow privileged pages to be loaded by the extension. This vulnerability affects Firefox < 58.
|
|||||
| CVE-2018-4059 | 1 Coturn Project | 1 Coturn | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
|
An exploitable unsafe default configuration vulnerability exists in the TURN server function of coTURN prior to version 4.5.0.9. By default, the TURN server runs an unauthenticated telnet admin portal on the loopback interface. This can provide administrator access to the TURN server configuration, which can lead to additional attacks. An attacker who can get access to the telnet port can gain administrator access to the TURN server.
|
|||||
| CVE-2018-2503 | 1 Sap | 1 Netweaver Application Server Java | 2024-11-21 | 3.3 LOW | 7.4 HIGH |
|
By default, the SAP NetWeaver AS Java keystore service does not sufficiently restrict the access to resources that should be protected. This has been fixed in SAP NetWeaver AS Java (ServerCore versions 7.11, 7.20, 7.30, 7.31, 7.40, 7.50).
|
|||||
| CVE-2018-2484 | 1 Sap | 4 Bank\/cfm, Ea-finserv, S4core and 1 more | 2024-11-21 | 6.5 MEDIUM | 8.8 HIGH |
|
SAP Enterprise Financial Services (fixed in SAPSCORE 1.13, 1.14, 1.15; S4CORE 1.01, 1.02, 1.03; EA-FINSERV 1.10, 2.0, 5.0, 6.0, 6.03, 6.04, 6.05, 6.06, 6.16, 6.17, 6.18, 8.0; Bank/CFM 4.63_20) does not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges.
|
|||||
| CVE-2018-2461 | 1 Sap | 1 People Profile | 2024-11-21 | 6.5 MEDIUM | 8.8 HIGH |
|
Missing authorization check in SAP HCM Fiori "People Profile" (GBX01 HR version 6.0) for an authenticated user which may result in an escalation of privileges.
|
|||||
| CVE-2018-2455 | 1 Sap | 1 Enterprise Financial Services | 2024-11-21 | 6.5 MEDIUM | 8.8 HIGH |
|
SAP Enterprise Financial Services, versions 6.05, 6.06, 6.16, 6.17, 6.18, 8.0 (in business function EAFS_BCA_BUSOPR_SEPA) does not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges.
|
|||||
| CVE-2018-2454 | 1 Sap | 1 Enterprise Financial Services | 2024-11-21 | 6.5 MEDIUM | 8.8 HIGH |
|
SAP Enterprise Financial Services, versions 6.05, 6.06, 6.16, 6.17, 6.18, 8.0 (in business function EAFS_BCA_BUSOPR_2) does not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges.
|
|||||
| CVE-2018-2436 | 1 Sap | 1 R\/3 Enterprise Retail | 2024-11-21 | 6.5 MEDIUM | 8.8 HIGH |
|
Executing transaction WRCK in SAP R/3 Enterprise Retail (EHP6) does not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges.
|
|||||
| CVE-2018-2419 | 1 Sap | 3 Ea-finserv, S4core, Sapscore | 2024-11-21 | 5.5 MEDIUM | 3.7 LOW |
|
SAP Enterprise Financial Services (SAPSCORE 1.11, 1.12; S4CORE 1.01, 1.02; EA-FINSERV 6.04, 6.05, 6.06, 6.16, 6.17, 6.18, 8.0) does not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges.
|
|||||
| CVE-2018-2413 | 1 Sap | 1 Disclosure Management | 2024-11-21 | 6.5 MEDIUM | 5.4 MEDIUM |
|
SAP Disclosure Management 10.1 does not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges.
|
|||||
| CVE-2018-2412 | 1 Sap | 1 Disclosure Management | 2024-11-21 | 6.5 MEDIUM | 3.8 LOW |
|
SAP Disclosure Management 10.1 does not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges.
|
|||||
| CVE-2018-2381 | 1 Sap | 1 Erp Financials Information System | 2024-11-21 | 6.5 MEDIUM | 8.8 HIGH |
|
SAP ERP Financials Information System (SAP_APPL 6.00, 6.02, 6.03, 6.04, 6.05, 6.06, 6.16; SAP_FIN 6.17, 6.18, 7.00, 7.20, 7.30 S4CORE 1.00, 1.01, 1.02) does not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges.
|
|||||
| CVE-2018-25019 | 1 Learndash | 1 Learndash | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
The LearnDash LMS WordPress plugin before 2.5.4 does not have any authorisation and validation of the file to be uploaded in the learndash_assignment_process_init() function, which could allow unauthenticated users to upload arbitrary files to the web server
|
|||||
| CVE-2018-21257 | 1 Mattermost | 1 Mattermost Server | 2024-11-21 | 5.0 MEDIUM | 5.3 MEDIUM |
|
An issue was discovered in Mattermost Server before 5.1. It allows attackers to bypass intended access restrictions (for setting a channel header) via the Channel header slash command API.
|
|||||
| CVE-2018-21251 | 1 Mattermost | 1 Mattermost Server | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
|
An issue was discovered in Mattermost Server before 5.2 and 5.1.1. Authorization could be bypassed if the channel name were not the same in the params and the body.
|
|||||
| CVE-2018-21047 | 1 Google | 1 Android | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
An issue was discovered on Samsung mobile devices with O(8.x) software. There is a Factory Reset Protection (FRP) bypass via the voice assistant because Internet access begins before the Setup Wizard finishes. The Samsung ID is SVE-2018-12894 (November 2018).
|
|||||
| CVE-2018-21046 | 1 Google | 1 Android | 2024-11-21 | 2.1 LOW | 2.4 LOW |
|
An issue was discovered on Samsung mobile devices with O(8.x) software. There is clipboard Data Exposure via the Emergency Dialer upon connecting a USB device. The Samsung ID is SVE-2018-12911 (November 2018).
|
|||||
| CVE-2018-21042 | 1 Google | 1 Android | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
|
An issue was discovered on Samsung mobile devices with N(7.x), O(8.x), and P(9.0) software. Dual Messenger allows installation of an arbitrary APK with resultant privileged code execution. The Samsung ID is SVE-2018-13299 (December 2018).
|
|||||
| CVE-2018-20501 | 1 Gitlab | 1 Gitlab | 2024-11-21 | 6.5 MEDIUM | 6.3 MEDIUM |
|
An issue was discovered in GitLab Community and Enterprise Edition before 11.4.13, 11.5.x before 11.5.6, and 11.6.x before 11.6.1. It has Incorrect Access Control.
|
|||||
| CVE-2018-20155 | 1 Designmodo | 1 Wp Maintenance Mode | 2024-11-21 | 4.0 MEDIUM | 4.3 MEDIUM |
|
The WP Maintenance Mode plugin before 2.0.7 for WordPress allows remote authenticated subscriber users to bypass intended access restrictions on changes to plugin settings.
|
|||||
| CVE-2018-1314 | 1 Apache | 1 Hive | 2024-11-21 | 4.0 MEDIUM | 4.3 MEDIUM |
|
In Apache Hive 2.3.3, 3.1.0 and earlier, Hive "EXPLAIN" operation does not check for necessary authorization of involved entities in a query. An unauthorized user can do "EXPLAIN" on arbitrary table or view and expose table metadata and statistics.
|
|||||
| CVE-2018-1217 | 1 Dell | 2 Emc Avamar, Emc Integrated Data Protection Appliance | 2024-11-21 | 5.0 MEDIUM | 9.8 CRITICAL |
|
Avamar Installation Manager in Dell EMC Avamar Server 7.3.1, 7.4.1, and 7.5.0, and Dell EMC Integrated Data Protection Appliance 2.0 and 2.1, is affected by a missing access control check vulnerability which could potentially allow a remote unauthenticated attacker to read or change the Local Download Service (LDLS) credentials. The LDLS credentials are used to connect to Dell EMC Online Support. If the LDLS configuration was changed to an invalid configuration, then Avamar Installation Manager ...
Show More |
|||||
| CVE-2018-1116 | 3 Canonical, Debian, Polkit Project | 3 Ubuntu Linux, Debian Linux, Polkit | 2024-11-21 | 3.6 LOW | 4.4 MEDIUM |
|
A flaw was found in polkit before version 0.116. The implementation of the polkit_backend_interactive_authority_check_authorization function in polkitd allows to test for authentication and trigger authentication of unrelated processes owned by other users. This may result in a local DoS and information disclosure.
|
|||||
| CVE-2018-19830 | 1 Business Alliance Financial Circle Project | 1 Business Alliance Financial Circle | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
The UBSexToken() function of a smart contract implementation for Business Alliance Financial Circle (BAFC), an tradable Ethereum ERC20 token, allows attackers to change the owner of the contract, because the function is public (by default) and does not check the caller's identity.
|
|||||
| CVE-2018-19754 | 1 Oracle | 1 Tarantella Enterprise | 2024-11-21 | 6.5 MEDIUM | 8.8 HIGH |
|
Tarantella Enterprise before 3.11 allows bypassing Access Control.
|
|||||
| CVE-2018-19110 | 1 Tianti Project | 1 Tianti | 2024-11-21 | 4.0 MEDIUM | 6.5 MEDIUM |
|
The skin-management feature in tianti 2.3 allows remote authenticated users to bypass intended permission restrictions by visiting tianti-module-admin/user/skin/list directly because controller\usercontroller.java maps a /skin/list request to the function skinList, and lacks an authorization check.
|
|||||
| CVE-2018-19079 | 2 Foscam, Opticam | 6 C2, C2 Application Firmware, C2 System Firmware and 3 more | 2024-11-21 | 7.8 HIGH | 7.5 HIGH |
|
An issue was discovered on Foscam Opticam i5 devices with System Firmware 1.5.2.11 and Application Firmware 2.21.1.128. The ONVIF devicemgmt SystemReboot method allows unauthenticated reboot.
|
|||||
| CVE-2018-18996 | 1 Lcds | 1 Laquis Scada | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
|
LCDS Laquis SCADA prior to version 4.1.0.4150 allows taking in user input without proper authorization or sanitation, which may allow an attacker to execute remote code on the server.
|
|||||