CVE List - 2018 / October
Showing 1001 - 1100 of 1468 CVEs for October 2018 (Page 11 of 15)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2018-0420 | 2018-10-17 | Cisco Wireless LAN Controller Software Directory Traversal Vulnerability |
| CVE-2018-0441 | 2018-10-17 | Cisco IOS Access Points Software 802.11r Fast Transition Denial of Service Vulnerability |
| CVE-2018-0442 | 2018-10-17 | Cisco Wireless LAN Controller Software Control and Provisioning of Wireless Access Points Protocol Information Disclosure Vulnerability |
| CVE-2018-0443 | 2018-10-17 | Cisco Wireless LAN Controller Software Control and Provisioning of Wireless Access Points Protocol Denial of Service Vulnerability |
| CVE-2018-15435 | 2018-10-17 | Cisco SocialMiner Cross-Site Scripting Vulnerability |
| CVE-2018-15438 | 2018-10-17 | Cisco Prime Collaboration Assurance Cross-Site Request Forgery Vulnerability |
| CVE-2018-18454 | 2018-10-18 | CCITTFaxStream::readRow() in Stream.cc in Xpdf 4.00 allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted pdf file, as demonstrated by pdftoppm. |
| CVE-2018-18455 | 2018-10-18 | The GfxImageColorMap class in GfxState.cc in Xpdf 4.00 allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted pdf file, as demonstrated by pdftoppm. |
| CVE-2018-18456 | 2018-10-18 | The function Object::isName() in Object.h (called from Gfx::opSetFillColorN) in Xpdf 4.00 allows remote attackers to cause a denial of service (stack-based buffer over-read) via a crafted pdf file, as demonstrated... |
| CVE-2018-18457 | 2018-10-18 | The function DCTStream::readScan in Stream.cc in Xpdf 4.00 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted pdf file, as demonstrated by pdftoppm. |
| CVE-2018-18458 | 2018-10-18 | The function DCTStream::decodeImage in Stream.cc in Xpdf 4.00 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted pdf file, as demonstrated by pdftoppm. |
| CVE-2018-18459 | 2018-10-18 | The function DCTStream::getBlock in Stream.cc in Xpdf 4.00 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted pdf file, as demonstrated by pdftoppm. |
| CVE-2018-18460 | 2018-10-18 | XSS exists in the wp-live-chat-support v8.0.15 plugin for WordPress via the modules/gdpr.php term parameter in a wp-admin/admin.php wplivechat-menu-gdpr-page request. |
| CVE-2018-18461 | 2018-10-18 | The Arigato Autoresponder and Newsletter (aka bft-autoresponder) v2.5.1.7 plugin for WordPress allows remote attackers to execute arbitrary code via PHP code in attachments[] data to models/attachment.php. |
| CVE-2016-9069 | 2018-10-18 | A use-after-free in nsINode::ReplaceOrInsertBefore during DOM operations resulting in potentially exploitable crashes. This vulnerability affects Firefox < 50. |
| CVE-2018-12358 | 2018-10-18 | Service workers can use redirection to avoid the tainting of cross-origin resources in some instances, allowing a malicious site to read responses which are supposed to be opaque. This vulnerability... |
| CVE-2018-12359 | 2018-10-18 | A buffer overflow can occur when rendering canvas content while adjusting the height and width of the canvas element dynamically, causing data to be written outside of the currently computed... |
| CVE-2018-12360 | 2018-10-18 | A use-after-free vulnerability can occur when deleting an input element during a mutation event handler triggered by focusing that element. This results in a potentially exploitable crash. This vulnerability affects... |
| CVE-2018-12361 | 2018-10-18 | An integer overflow can occur in the SwizzleData code while calculating buffer sizes. The overflowed value is used for subsequent graphics computations when their inputs are not sanitized which results... |
| CVE-2018-12362 | 2018-10-18 | An integer overflow can occur during graphics operations done by the Supplemental Streaming SIMD Extensions 3 (SSSE3) scaler, resulting in a potentially exploitable crash. This vulnerability affects Thunderbird < 60,... |
| CVE-2018-12363 | 2018-10-18 | A use-after-free vulnerability can occur when script uses mutation events to move DOM nodes between documents, resulting in the old document that held the node being freed but the node... |
| CVE-2018-12364 | 2018-10-18 | NPAPI plugins, such as Adobe Flash, can send non-simple cross-origin requests, bypassing CORS by making a same-origin POST that does a 307 redirect to the target site. This allows for... |
| CVE-2018-12365 | 2018-10-18 | A compromised IPC child process can escape the content sandbox and list the names of arbitrary files on the file system without user consent or interaction. This could result in... |
| CVE-2018-12366 | 2018-10-18 | An invalid grid size during QCMS (color profile) transformations can result in the out-of-bounds read interpreted as a float value. This could leak private data into the output. This vulnerability... |
| CVE-2018-12367 | 2018-10-18 | In the previous mitigations for Spectre, the resolution or precision of various methods was reduced to counteract the ability to measure precise time intervals. In that work PerformanceNavigationTiming was not... |
| CVE-2018-12368 | 2018-10-18 | Windows 10 does not warn users before opening executable files with the SettingContent-ms extension even when they have been downloaded from the internet and have the "Mark of the Web."... |
| CVE-2018-12369 | 2018-10-18 | WebExtensions bundled with embedded experiments were not correctly checked for proper authorization. This allowed a malicious WebExtension to gain full browser permissions. This vulnerability affects Firefox ESR < 60.1 and... |
| CVE-2018-12370 | 2018-10-18 | In Reader View SameSite cookie protections are not checked on exiting. This allows for a payload to be triggered when Reader View is exited if loaded by a malicious site... |
| CVE-2018-12372 | 2018-10-18 | Decrypted S/MIME parts, when included in HTML crafted for an attack, can leak plaintext when included in a a HTML reply/forward. This vulnerability affects Thunderbird < 52.9. |
| CVE-2018-12373 | 2018-10-18 | dDecrypted S/MIME parts hidden with CSS or the plaintext HTML tag can leak plaintext when included in a HTML reply/forward. This vulnerability affects Thunderbird < 52.9. |
| CVE-2018-12374 | 2018-10-18 | Plaintext of decrypted emails can leak through by user submitting an embedded form by pressing enter key within a text input field. This vulnerability affects Thunderbird < 52.9. |
| CVE-2018-12375 | 2018-10-18 | Memory safety bugs present in Firefox 61. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited... |
| CVE-2018-12376 | 2018-10-18 | Memory safety bugs present in Firefox 61 and Firefox ESR 60.1. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of... |
| CVE-2018-12377 | 2018-10-18 | A use-after-free vulnerability can occur when refresh driver timers are refreshed in some circumstances during shutdown when the timer is deleted while still in use. This results in a potentially... |
| CVE-2018-12378 | 2018-10-18 | A use-after-free vulnerability can occur when an IndexedDB index is deleted while still in use by JavaScript code that is providing payload values to be stored. This results in a... |
| CVE-2018-12379 | 2018-10-18 | When the Mozilla Updater opens a MAR format file which contains a very long item filename, an out-of-bounds write can be triggered, leading to a potentially exploitable crash. This requires... |
| CVE-2018-12381 | 2018-10-18 | Manually dragging and dropping an Outlook email message into the browser will trigger a page navigation when the message's mail columns are incorrectly interpreted as a URL. *Note: this issue... |
| CVE-2018-12382 | 2018-10-18 | The displayed addressbar URL can be spoofed on Firefox for Android using a javascript: URI in concert with JavaScript to insert text before the loaded domain name, scrolling the loaded... |
| CVE-2018-12383 | 2018-10-18 | If a user saved passwords before Firefox 58 and then later set a master password, an unencrypted copy of these passwords is still accessible. This is because the older stored... |
| CVE-2018-12385 | 2018-10-18 | A potentially exploitable crash in TransportSecurityInfo used for SSL can be triggered by data stored in the local cache in the user profile directory. This issue is only exploitable in... |
| CVE-2018-12386 | 2018-10-18 | A vulnerability in register allocation in JavaScript can lead to type confusion, allowing for an arbitrary read and write. This leads to remote code execution inside the sandboxed content process... |
| CVE-2018-12387 | 2018-10-18 | A vulnerability where the JavaScript JIT compiler inlines Array.prototype.push with multiple arguments that results in the stack pointer being off by 8 bytes after a bailout. This leaks a memory... |
| CVE-2018-5156 | 2018-10-18 | A vulnerability can occur when capturing a media stream when the media source type is changed as the capture is occurring. This can result in stream data being cast to... |
| CVE-2018-5186 | 2018-10-18 | Memory safety bugs present in Firefox 60. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited... |
| CVE-2018-5187 | 2018-10-18 | Memory safety bugs present in Firefox 60 and Firefox ESR 60. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of... |
| CVE-2018-5188 | 2018-10-18 | Memory safety bugs present in Firefox 60, Firefox ESR 60, and Firefox ESR 52.8. Some of these bugs showed evidence of memory corruption and we presume that with enough effort... |
| CVE-2018-1822 | 2018-10-18 | IBM FlashSystem 900 product GUI allows a specially crafted attack to bypass the authentication requirements of the system, resulting in the ability to remotely change the superuser password. This can... |
| CVE-2018-1518 | 2018-10-18 | IBM InfoSphere Information Server 11.7 is affected by a weak password encryption vulnerability that could allow a local user to obtain highly sensitive information. IBM X-Force ID: 141682. |
| CVE-2018-18478 | 2018-10-18 | Persistent Cross-Site Scripting (XSS) issues in LibreNMS before 1.44 allow remote attackers to inject arbitrary web script or HTML via the dashboard_name parameter in the /ajax_form.php resource, related to html/includes/forms/add-dashboard.inc.php,... |
| CVE-2018-18481 | 2018-10-18 | A heap-based buffer over-read exists in libopencad 0.2.0 in the ReadCHAR function in lib/dwg/io.cpp, resulting in an application crash. |
| CVE-2018-18480 | 2018-10-18 | A heap-based buffer over-read exists in libopencad 0.2.0 in the ReadMCHAR function in lib/dwg/io.cpp, resulting in an application crash. |
| CVE-2018-18482 | 2018-10-18 | An issue was discovered in libpg_query 10-1.0.2. There is a memory leak in pg_query_raw_parse in pg_query_parse.c, which might lead to a denial of service. |
| CVE-2015-4630 | 2018-10-18 | Multiple cross-site request forgery (CSRF) vulnerabilities in Koha 3.14.x before 3.14.16, 3.16.x before 3.16.12, 3.18.x before 3.18.08, and 3.20.x before 3.20.1 allow remote attackers to (1) hijack the authentication of... |
| CVE-2015-4631 | 2018-10-18 | Multiple cross-site scripting (XSS) vulnerabilities in Koha 3.14.x before 3.14.16, 3.16.x before 3.16.12, 3.18.x before 3.18.08, and 3.20.x before 3.20.1 allow remote attackers to inject arbitrary web script or HTML... |
| CVE-2015-4632 | 2018-10-18 | Multiple directory traversal vulnerabilities in Koha 3.14.x before 3.14.16, 3.16.x before 3.16.12, 3.18.x before 3.18.08, and 3.20.x before 3.20.1 allow remote attackers to read arbitrary files via a ..%2f (dot... |
| CVE-2015-4633 | 2018-10-18 | Multiple SQL injection vulnerabilities in Koha 3.14.x before 3.14.16, 3.16.x before 3.16.12, 3.18.x before 3.18.08, and 3.20.x before 3.20.1 allow (1) remote attackers to execute arbitrary SQL commands via the... |
| CVE-2018-18483 | 2018-10-18 | The get_count function in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.31, allows remote attackers to cause a denial of service (malloc called with the result of an... |
| CVE-2018-18484 | 2018-10-18 | An issue was discovered in cp-demangle.c in GNU libiberty, as distributed in GNU Binutils 2.31. Stack Exhaustion occurs in the C++ demangling functions provided by libiberty, and there is a... |
| CVE-2018-18486 | 2018-10-18 | An issue was discovered in PHPSHE 1.7. SQL injection exists via the admin.php?mod=user&act=del user_id[] parameter. |
| CVE-2018-14807 | 2018-10-18 | A stack-based buffer overflow vulnerability in Opto 22 PAC Control Basic and PAC Control Professional versions R10.0a and prior may allow remote code execution. |
| CVE-2018-18485 | 2018-10-18 | An issue was discovered in PHPSHE 1.7. admin.php?mod=db&act=del allows remote attackers to delete arbitrary files via directory traversal sequences in the dbname parameter. This can be leveraged to reload the... |
| CVE-2018-18487 | 2018-10-18 | In \lib\admin\action\dataaction.class.php in Gxlcms v2.0, the database backup filename generation uses mt_rand() unsafely, resulting in predictable database backup file locations. |
| CVE-2018-18488 | 2018-10-18 | In \lib\admin\action\dataaction.class.php in Gxlcms v2.0, SQL Injection exists via the ids[] parameter. |
| CVE-2018-11079 | 2018-10-18 | Dell EMC Secure Remote Services, versions prior to 3.32.00.08, contains a Plaintext Password Storage vulnerability. Database credentials are stored in plaintext in a configuration file. An authenticated malicious user with... |
| CVE-2018-11080 | 2018-10-18 | Dell EMC Secure Remote Services, versions prior to 3.32.00.08, contains Improper File Permission Vulnerabilities. The application contains multiple configuration files with world-readable permissions that could allow an authenticated malicious user... |
| CVE-2018-15756 | 2018-10-18 | DoS Attack via Range Requests |
| CVE-2018-15758 | 2018-10-18 | Privilege Escalation in spring-security-oauth2 |
| CVE-2018-15765 | 2018-10-18 | Dell EMC Secure Remote Services, versions prior to 3.32.00.08, contains an Information Exposure vulnerability. The log file contents store sensitive data including executed commands to generate authentication tokens which may... |
| CVE-2017-18348 | 2018-10-19 | Splunk Enterprise 6.6.x, when configured to run as root but drop privileges to a specific non-root account, allows local users to gain privileges by leveraging access to that non-root account... |
| CVE-2018-15312 | 2018-10-19 | On F5 BIG-IP 13.0.0-13.1.1.1 and 12.1.0-12.1.3.6, a reflected Cross-Site Scripting (XSS) vulnerability exists in an undisclosed page of the BIG-IP Configuration utility that allows an authenticated user to execute JavaScript... |
| CVE-2018-15313 | 2018-10-19 | On F5 BIG-IP AFM 13.0.0-13.1.1.1 and 12.1.0-12.1.3.6, there is a Reflected Cross Site Scripting vulnerability in undisclosed TMUI page. |
| CVE-2018-15314 | 2018-10-19 | On F5 BIG-IP AFM 13.0.0-13.1.1.1 and 12.1.0-12.1.3.6, there is a Reflected Cross Site Scripting vulnerability in undisclosed TMUI page. |
| CVE-2018-15315 | 2018-10-19 | On F5 BIG-IP 13.0.0-13.1.1.1 and 12.1.0-12.1.3.6, there is a reflected Cross Site Scripting (XSS) vulnerability in an undisclosed Configuration Utility page. |
| CVE-2018-15316 | 2018-10-19 | In F5 BIG-IP APM 13.0.0-13.1.1.1, APM Client 7.1.5-7.1.6, and/or Edge Client 7101-7160, the BIG-IP APM Edge Client component loads the policy library with user permission and bypassing the endpoint checks. |
| CVE-2018-4013 | 2018-10-19 | An exploitable code execution vulnerability exists in the HTTP packet-parsing functionality of the LIVE555 RTSP server library version 0.92. A specially crafted packet can cause a stack-based buffer overflow, resulting... |
| CVE-2018-18390 | 2018-10-19 | User Enumeration in Moxa ThingsPro IIoT Gateway and Device Management Software Solutions version 2.1. |
| CVE-2018-18391 | 2018-10-19 | User Privilege Escalation in Moxa ThingsPro IIoT Gateway and Device Management Software Solutions version 2.1. |
| CVE-2018-18392 | 2018-10-19 | Privilege Escalation via Broken Access Control in Moxa ThingsPro IIoT Gateway and Device Management Software Solutions version 2.1. |
| CVE-2018-18393 | 2018-10-19 | Password Management Issue in Moxa ThingsPro IIoT Gateway and Device Management Software Solutions version 2.1. |
| CVE-2018-18394 | 2018-10-19 | Sensitive Information Stored in Clear Text in Moxa ThingsPro IIoT Gateway and Device Management Software Solutions version 2.1. |
| CVE-2018-18395 | 2018-10-19 | Hidden Token Access in Moxa ThingsPro IIoT Gateway and Device Management Software Solutions version 2.1. |
| CVE-2018-18396 | 2018-10-19 | Remote Code Execution in Moxa ThingsPro IIoT Gateway and Device Management Software Solutions version 2.1. |
| CVE-2018-18520 | 2018-10-19 | An Invalid Memory Address Dereference exists in the function elf_end in libelf in elfutils through v0.174. Although eu-size is intended to support ar files inside ar files, handle_ar in size.c... |
| CVE-2018-18521 | 2018-10-19 | Divide-by-zero vulnerabilities in the function arlib_add_symbols() in arlib.c in elfutils 0.174 allow remote attackers to cause a denial of service (application crash) with a crafted ELF file, as demonstrated by... |
| CVE-2018-18527 | 2018-10-19 | OwnTicket 2018-05-23 allows SQL Injection via the showTicketId or editTicketStatusId parameter. |
| CVE-2018-18380 | 2018-10-19 | A Session Fixation issue was discovered in Bigtree before 4.2.24. admin.php accepts a user-provided PHP session ID instead of regenerating a new one after a user has logged in to... |
| CVE-2018-18529 | 2018-10-19 | ThinkPHP 3.2.4 has SQL Injection via the count parameter because the Library/Think/Db/Driver/Mysql.class.php parseKey function mishandles the key variable. NOTE: a backquote character is not required in the attack URI. |
| CVE-2018-18530 | 2018-10-19 | ThinkPHP 5.1.25 has SQL Injection via the count parameter because the library/think/db/Query.php aggregate function mishandles the aggregate variable. NOTE: a backquote character is required in the attack URI. |
| CVE-2018-18531 | 2018-10-19 | text/impl/DefaultTextCreator.java, text/impl/ChineseTextProducer.java, and text/impl/FiveLetterFirstNameTextCreator.java in kaptcha 2.3.2 use the Random (rather than SecureRandom) function for generating CAPTCHA values, which makes it easier for remote attackers to bypass intended access restrictions... |
| CVE-2018-12666 | 2018-10-19 | SV3C L-SERIES HD CAMERA V2.3.4.2103-S50-NTD-B20170508B devices improperly identifies users only by the authentication level sent in the cookies, which allow remote attackers to bypass authentication and gain administrator access by... |
| CVE-2018-12667 | 2018-10-19 | The SV3C HD Camera (L-SERIES V2.3.4.2103-S50-NTD-B20170508B and V2.3.4.2103-S50-NTD-B20170823B) is affected by an improper authentication vulnerability that allows requests to be made to back-end CGI scripts without a valid session. This... |
| CVE-2018-12668 | 2018-10-19 | SV3C L-SERIES HD CAMERA V2.3.4.2103-S50-NTD-B20170508B and V2.3.4.2103-S50-NTD-B20170823B devices have a Hard-coded Password. |
| CVE-2018-12669 | 2018-10-19 | SV3C L-SERIES HD CAMERA V2.3.4.2103-S50-NTD-B20170508B and V2.3.4.2103-S50-NTD-B20170823B devices allow remote authenticated users to reset arbitrary accounts via a request to web/cgi-bin/hi3510/param.cgi. |
| CVE-2018-12670 | 2018-10-19 | SV3C L-SERIES HD CAMERA V2.3.4.2103-S50-NTD-B20170508B and V2.3.4.2103-S50-NTD-B20170823B devices allow OS Command Injection. |
| CVE-2018-12671 | 2018-10-19 | An attacker with remote access to the SV3C HD Camera (L-SERIES V2.3.4.2103-S50-NTD-B20170508B and V2.3.4.2103-S50-NTD-B20170823B) web interface can disclose information about the camera including all password sets set within the camera.... |
| CVE-2018-12672 | 2018-10-19 | The SV3C HD Camera (L-SERIES V2.3.4.2103-S50-NTD-B20170508B) does not perform proper validation on user-supplied input and is vulnerable to cross-site scripting attacks. If proper authorization was implemented, this vulnerability could be... |
| CVE-2018-12673 | 2018-10-19 | An attacker with remote access to the SV3C HD Camera (L-SERIES V2.3.4.2103-S50-NTD-B20170508B and V2.3.4.2103-S50-NTD-B20170823B) web interface can disclose information about the camera including camera hardware, wireless network, and local area... |
| CVE-2018-12674 | 2018-10-19 | The SV3C HD Camera (L-SERIES V2.3.4.2103-S50-NTD-B20170508B and V2.3.4.2103-S50-NTD-B20170823B) stores the username and password within the cookies of a session. If an attacker gained access to these session cookies, it would... |
| CVE-2018-12675 | 2018-10-19 | The SV3C HD Camera (L-SERIES V2.3.4.2103-S50-NTD-B20170508B and V2.3.4.2103-S50-NTD-B20170823B) does not perform origin checks on URLs that the camera's web interface redirects a user to. This can be leveraged to send... |
| CVE-2018-18026 | 2018-10-19 | IMFCameraProtect.sys in IObit Malware Fighter 6.2 (and possibly lower versions) is vulnerable to a stack-based buffer overflow. The attacker can use DeviceIoControl to pass a user specified size which can... |