Total
34640 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2018-17914 | 1 Aveva | 3 Edge, Indusoft Web Studio, Intouch Machine Edition 2014 | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
|
InduSoft Web Studio versions prior to 8.1 SP2, and InTouch Edge HMI (formerly InTouch Machine Edition) versions prior to 2017 SP2. This vulnerability could allow an unauthenticated user to remotely execute code with the same privileges as that of the InduSoft Web Studio or InTouch Edge HMI (formerly InTouch Machine Edition) runtime.
|
|||||
| CVE-2018-17892 | 1 Nuuo | 1 Nuuo Cms | 2024-11-21 | 6.5 MEDIUM | 8.8 HIGH |
|
NUUO CMS all versions 3.1 and prior, The application implements a method of user account control that causes standard account security features to not be utilized as intended, which could allow user account compromise and may allow for remote code execution.
|
|||||
| CVE-2018-17875 | 1 Poly | 2 Trio 8800, Trio 8800 Firmware | 2024-11-21 | 6.5 MEDIUM | 8.8 HIGH |
|
A remote code execution issue in the ping command on Poly Trio 8800 5.7.1.4145 devices allows remote authenticated users to execute commands via unspecified vectors.
|
|||||
| CVE-2018-17859 | 1 Joomla | 1 Joomla\! | 2024-11-21 | 4.0 MEDIUM | 4.3 MEDIUM |
|
An issue was discovered in Joomla! before 3.8.13. Inadequate checks in com_contact could allow mail submission in disabled forms.
|
|||||
| CVE-2018-17856 | 1 Joomla | 1 Joomla\! | 2024-11-21 | 6.5 MEDIUM | 7.2 HIGH |
|
An issue was discovered in Joomla! before 3.8.13. com_joomlaupdate allows the execution of arbitrary code. The default ACL config enabled the ability of Administrator-level users to access com_joomlaupdate and trigger code execution.
|
|||||
| CVE-2018-17774 | 1 Ingenico | 2 Telium 2, Telium 2 Firmware | 2024-11-21 | 7.2 HIGH | 6.8 MEDIUM |
|
Ingenico Telium 2 POS terminals have an insecure NTPT3 protocol. This is fixed in Telium 2 SDK v9.32.03 patch N.
|
|||||
| CVE-2018-17772 | 1 Ingenico | 2 Telium 2, Telium 2 Firmware | 2024-11-21 | 7.2 HIGH | 6.8 MEDIUM |
|
Ingenico Telium 2 POS terminals allow arbitrary code execution via the TRACE protocol. This is fixed in Telium 2 SDK v9.32.03 patch N.
|
|||||
| CVE-2018-17768 | 1 Ingenico | 2 Telium 2, Telium 2 Firmware | 2024-11-21 | 7.2 HIGH | 6.8 MEDIUM |
|
Ingenico Telium 2 POS terminals have an insecure TRACE protocol. This is fixed in Telium 2 SDK v9.32.03 patch N.
|
|||||
| CVE-2018-17765 | 1 Ingenico | 2 Telium 2, Telium 2 Firmware | 2024-11-21 | 7.2 HIGH | 6.8 MEDIUM |
|
Ingenico Telium 2 POS terminals have undeclared TRACE protocol commands. This is fixed in Telium 2 SDK v9.32.03 patch N.
|
|||||
| CVE-2018-17564 | 1 Grandstream | 12 Gxp1610, Gxp1610 Firmware, Gxp1615 and 9 more | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
|
A Malformed Input String to /cgi-bin/delete_CA on Grandstream GXP16xx VoIP 1.0.4.128 phones allows attackers to delete configuration parameters and gain admin access to the device.
|
|||||
| CVE-2018-17539 | 2 F5, Ipinfusion | 3 Big-ip Local Traffic Manager, Ocnos, Zebos | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
The BGP daemon (bgpd) in all IP Infusion ZebOS versions to 7.10.6 and all OcNOS versions to 1.3.3.145 allow remote attackers to cause a denial of service attack via an autonomous system (AS) path containing 8 or more autonomous system number (ASN) elements.
|
|||||
| CVE-2018-17538 | 1 Axon | 1 Evidence Sync | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
|
Axon (formerly TASER International) Evidence Sync 3.15.89 is vulnerable to process injection. NOTE: the vendor's position is that this CVE is not associated with information that supports any finding of any type of vulnerability
|
|||||
| CVE-2018-17496 | 1 Thresholdsecurity | 1 Evisitorpass | 2024-11-21 | 7.2 HIGH | 8.4 HIGH |
|
eVisitorPass could allow a local attacker to gain elevated privileges on the system, caused by an error while in kiosk mode. By visiting the kiosk and typing ctrl+shift+esc, an attacker could exploit this vulnerability to open the task manager to kill the process or launch new processes on the system.
|
|||||
| CVE-2018-17495 | 1 Thresholdsecurity | 1 Evisitorpass | 2024-11-21 | 7.2 HIGH | 8.4 HIGH |
|
eVisitorPass could allow a local attacker to gain elevated privileges on the system, caused by an error with the Virtual Keyboard Help Dialog. By visiting the kiosk and removing the program from fullscreen, an attacker could exploit this vulnerability using the terminal to launch the command prompt.
|
|||||
| CVE-2018-17494 | 1 Thresholdsecurity | 1 Evisitorpass | 2024-11-21 | 7.2 HIGH | 8.4 HIGH |
|
eVisitorPass could allow a local attacker to gain elevated privileges on the system, caused by an error with the Virtual Keyboard Start Menu. By visiting the kiosk and pressing windows key twice, an attacker could exploit this vulnerability to close the program and launch other processes on the system.
|
|||||
| CVE-2018-17493 | 1 Thresholdsecurity | 1 Evisitorpass | 2024-11-21 | 7.2 HIGH | 8.4 HIGH |
|
eVisitorPass could allow a local attacker to gain elevated privileges on the system, caused by an error with the Fullscreen button. By visiting the kiosk and clicking the full screen button in the bottom right, an attacker could exploit this vulnerability to close the program and launch other processes on the system.
|
|||||
| CVE-2018-17488 | 1 Jollytech | 1 Lobby Track | 2024-11-21 | 4.6 MEDIUM | 8.4 HIGH |
|
Lobby Track Desktop could allow a local attacker to gain elevated privileges on the system, caused by an error in the printer dialog. By visiting the kiosk and accessing the print badge screen, an attacker could exploit this vulnerability using the command line to break out of kiosk mode.
|
|||||
| CVE-2018-17487 | 1 Jollytech | 1 Lobby Track | 2024-11-21 | 4.6 MEDIUM | 8.4 HIGH |
|
Lobby Track Desktop could allow a local attacker to gain elevated privileges on the system, caused by an error in the printer dialog. By visiting the kiosk and signing in as a visitor, an attacker could exploit this vulnerability using the command line to break out of kiosk mode.
|
|||||
| CVE-2018-17486 | 1 Jollytech | 1 Lobby Track | 2024-11-21 | 3.6 LOW | 2.9 LOW |
|
Lobby Track Desktop could allow a local attacker to bypass security restrictions, caused by an error in the find visitor function while in kiosk mode. By visiting the kiosk and selecting find visitor, an attacker could exploit this vulnerability to delete visitor records or remove a host.
|
|||||
| CVE-2018-17477 | 3 Debian, Google, Redhat | 5 Debian Linux, Chrome, Enterprise Linux Desktop and 2 more | 2024-11-21 | 4.3 MEDIUM | 4.3 MEDIUM |
|
Incorrect dialog placement in Extensions in Google Chrome prior to 70.0.3538.67 allowed a remote attacker to spoof the contents of extension popups via a crafted HTML page.
|
|||||
| CVE-2018-17476 | 3 Debian, Google, Redhat | 5 Debian Linux, Chrome, Enterprise Linux Desktop and 2 more | 2024-11-21 | 4.3 MEDIUM | 4.3 MEDIUM |
|
Incorrect dialog placement in Cast UI in Google Chrome prior to 70.0.3538.67 allowed a remote attacker to obscure the full screen warning via a crafted HTML page.
|
|||||
| CVE-2018-17475 | 3 Debian, Google, Redhat | 5 Debian Linux, Chrome, Enterprise Linux Desktop and 2 more | 2024-11-21 | 4.3 MEDIUM | 4.3 MEDIUM |
|
Incorrect handling of history on iOS in Navigation in Google Chrome prior to 70.0.3538.67 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.
|
|||||
| CVE-2018-17473 | 3 Debian, Google, Redhat | 5 Debian Linux, Chrome, Linux Desktop and 2 more | 2024-11-21 | 4.3 MEDIUM | 4.3 MEDIUM |
|
Incorrect handling of confusable characters in Omnibox in Google Chrome prior to 70.0.3538.67 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted domain name.
|
|||||
| CVE-2018-17471 | 3 Debian, Google, Redhat | 5 Debian Linux, Chrome, Enterprise Linux Desktop and 2 more | 2024-11-21 | 4.3 MEDIUM | 4.3 MEDIUM |
|
Incorrect dialog placement in WebContents in Google Chrome prior to 70.0.3538.67 allowed a remote attacker to obscure the full screen warning via a crafted HTML page.
|
|||||
| CVE-2018-17464 | 3 Debian, Google, Redhat | 5 Debian Linux, Chrome, Linux Desktop and 2 more | 2024-11-21 | 4.3 MEDIUM | 4.3 MEDIUM |
|
Incorrect handling of history on iOS in Navigation in Google Chrome prior to 70.0.3538.67 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.
|
|||||
| CVE-2018-17459 | 2 Google, Redhat | 4 Chrome, Enterprise Linux Desktop, Enterprise Linux Server and 1 more | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
|
Incorrect handling of clicks in the omnibox in Navigation in Google Chrome prior to 69.0.3497.92 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.
|
|||||
| CVE-2018-17448 | 1 Citrix | 2 Netscaler Sd-wan, Sd-wan | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
|
An Incorrect Access Control issue was discovered in Citrix SD-WAN 10.1.0 and NetScaler SD-WAN 9.3.x before 9.3.6 and 10.0.x before 10.0.4.
|
|||||
| CVE-2018-17403 | 1 Phonepe | 1 Phonepe | 2024-11-21 | 4.3 MEDIUM | 8.8 HIGH |
|
The PhonePe wallet (aka com.PhonePe.app) application 3.0.6 through 3.3.26 for Android might allow attackers to impersonate a user and set up their account without their knowledge. NOTE: the vendor says that, to exploit this, the user has to explicitly install a malicious app and provide accessibility permission to the malicious app, that the Android platform provides fair warnings to the users before turning on accessibility for any application, and that it believes it is similar to installing ...
Show More |
|||||
| CVE-2018-17400 | 1 Phonepe | 1 Phonepe | 2024-11-21 | 1.2 LOW | 7.0 HIGH |
|
The PhonePe wallet (aka com.PhonePe.app) application 3.0.6 through 3.3.26 for Android might allow attackers to perform Account Takeover attacks by intercepting the user name and PIN during the initial configuration of the application. NOTE: the vendor says that, to exploit this, the user has to explicitly install a malicious app and provide accessibility permission to the malicious app, that the Android platform provides fair warnings to the users before turning on accessibility for any applica ...
Show More |
|||||
| CVE-2018-17368 | 1 Publiccms | 1 Publiccms | 2024-11-21 | 5.0 MEDIUM | 5.3 MEDIUM |
|
An issue was discovered in PublicCMS V4.0.180825. For an invalid login attempt, the response length is different depending on whether the username is valid, which makes it easier to conduct brute-force attacks.
|
|||||
| CVE-2018-17201 | 1 Apache | 1 Commons Imaging | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
Certain input files could make the code hang when Apache Sanselan 0.97-incubator was used to parse them, which could be used in a DoS attack. Note that Apache Sanselan (incubating) was renamed to Apache Commons Imaging.
|
|||||
| CVE-2018-17200 | 1 Apache | 1 Ofbiz | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
|
The Apache OFBiz HTTP engine (org.apache.ofbiz.service.engine.HttpEngine.java) handles requests for HTTP services via the /webtools/control/httpService endpoint. This service takes the `serviceContent` parameter in the request and deserializes it using XStream. This `XStream` instance is slightly guarded by disabling the creation of `ProcessBuilder`. However, this can be easily bypassed (and in multiple ways). Mitigation: Upgrade to 16.11.06 or manually apply the following commits on branch 16 r ...
Show More |
|||||
| CVE-2018-17196 | 1 Apache | 1 Kafka | 2024-11-21 | 6.5 MEDIUM | 8.8 HIGH |
|
In Apache Kafka versions between 0.11.0.0 and 2.1.0, it is possible to manually craft a Produce request which bypasses transaction/idempotent ACL validation. Only authenticated clients with Write permission on the respective topics are able to exploit this vulnerability. Users should upgrade to 2.1.1 or later where this vulnerability has been fixed.
|
|||||
| CVE-2018-17191 | 1 Apache | 1 Netbeans | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
|
Apache NetBeans (incubating) 9.0 NetBeans Proxy Auto-Configuration (PAC) interpretation is vulnerable for remote command execution (RCE). Using the nashorn script engine the environment of the javascript execution for the Proxy Auto-Configuration leaks privileged objects, that can be used to circumvent the execution limits. If a different script engine was used, no execution limits were in place. Both vectors allow remote code execution.
|
|||||
| CVE-2018-17190 | 1 Apache | 1 Spark | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
|
In all versions of Apache Spark, its standalone resource manager accepts code to execute on a 'master' host, that then runs that code on 'worker' hosts. The master itself does not, by design, execute user code. A specially-crafted request to the master can, however, cause the master to execute code too. Note that this does not affect standalone clusters with authentication enabled. While the master host typically has less outbound access to other resources than a worker, the execution of code on ...
Show More |
|||||
| CVE-2018-17188 | 1 Apache | 1 Couchdb | 2024-11-21 | 6.5 MEDIUM | 7.2 HIGH |
|
Prior to CouchDB version 2.3.0, CouchDB allowed for runtime-configuration of key components of the database. In some cases, this lead to vulnerabilities where CouchDB admin users could access the underlying operating system as the CouchDB user. Together with other vulnerabilities, it allowed full system entry for unauthenticated users. Rather than waiting for new vulnerabilities to be discovered, and fixing them as they come up, the CouchDB development team decided to make changes to avoid this ...
Show More |
|||||
| CVE-2018-17183 | 4 Artifex, Canonical, Debian and 1 more | 9 Ghostscript, Ubuntu Linux, Debian Linux and 6 more | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
|
Artifex Ghostscript before 9.25 allowed a user-writable error exception table, which could be used by remote attackers able to supply crafted PostScript to potentially overwrite or replace error handlers to inject code.
|
|||||
| CVE-2018-17178 | 1 Neatorobotics | 10 Botvac D3 Connected, Botvac D3 Connected Firmware, Botvac D4 Connected and 7 more | 2024-11-21 | 2.9 LOW | 5.3 MEDIUM |
|
An issue was discovered on Neato Botvac Connected 2.2.0 devices. They execute unauthenticated manual drive commands (sent to /bin/webserver on port 8081) if they already have an active session. Commands like forward, back, arc-left, arc-right, pivot-left, and pivot-right are executed even though the web socket replies with { "message" : "invalid authorization header" }. Without an active session, commands are still interpreted, but (except for eco-on and eco-off) have no effect, since without ac ...
Show More |
|||||
| CVE-2018-17175 | 1 Marshmallow Project | 1 Marshmallow | 2024-11-21 | 5.0 MEDIUM | 5.3 MEDIUM |
|
In the marshmallow library before 2.15.1 and 3.x before 3.0.0b9 for Python, the schema "only" option treats an empty list as implying no "only" option, which allows a request that was intended to expose no fields to instead expose all fields (if the schema is being filtered dynamically using the "only" option, and there is a user role that produces an empty value for "only").
|
|||||
| CVE-2018-17144 | 2 Bitcoin, Bitcoinknots | 2 Bitcoin Core, Bitcoin Knots | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
|
Bitcoin Core 0.14.x before 0.14.3, 0.15.x before 0.15.2, and 0.16.x before 0.16.3 and Bitcoin Knots 0.14.x through 0.16.x before 0.16.3 allow a remote denial of service (application crash) exploitable by miners via duplicate input. An attacker can make bitcoind or Bitcoin-Qt crash.
|
|||||