CVE List - 2018 / October
Showing 1201 - 1300 of 1468 CVEs for October 2018 (Page 13 of 15)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2018-1541 | 2018-10-24 | IBM WebSphere Commerce Enterprise V7, V8, and V9 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended... |
| CVE-2018-17935 | 2018-10-24 | All versions of Telecrane F25 Series Radio Controls before 00.0A use fixed codes that are reproducible by sniffing and re-transmission. This can lead to unauthorized replay of a command, spoofing... |
| CVE-2018-15442 | 2018-10-24 | Cisco Webex Meetings Desktop App Update Service Command Injection Vulnerability |
| CVE-2018-11785 | 2018-10-24 | Missing authorization check in Apache Impala before 3.0.1 allows a Kerberos-authenticated but unauthorized user to inject random data into a running query, leading to wrong results for a query. |
| CVE-2018-11792 | 2018-10-24 | In Apache Impala before 3.0.1, ALTER TABLE/VIEW RENAME required ALTER on the old table. This may pose a potential security risk, such as having ALTER on a table and ALL... |
| CVE-2016-10729 | 2018-10-24 | An issue was discovered in Amanda 3.3.1. A user with backup privileges can trivially compromise a client installation. The "runtar" setuid root binary does not check for additional arguments supplied... |
| CVE-2016-10730 | 2018-10-24 | An issue was discovered in Amanda 3.3.1. A user with backup privileges can trivially compromise a client installation. Amstar is an Amanda Application API script. It should not be run... |
| CVE-2018-12650 | 2018-10-24 | Adrenalin HRMS version 5.4.0 contains a Reflected Cross Site Scripting (XSS) vulnerability in the ApplicationtEmployeeSearch page via 'prntDDLCntrlName' and 'prntFrmName'. |
| CVE-2018-18013 | 2018-10-24 | * Xen Mobile through 10.8.0 includes a service listening on port 5001 within its firewall that accepts unauthenticated input. If this service is supplied with raw serialised Java objects, it... |
| CVE-2018-18014 | 2018-10-24 | * Lack of authentication in Citrix Xen Mobile through 10.8 allows low-privileged local users to execute system commands as root by making requests to private services listening on ports 8000,... |
| CVE-2018-18476 | 2018-10-24 | mysql-binuuid-rails 1.1.0 and earlier allows SQL Injection because it removes default string escaping for affected database columns. |
| CVE-2018-18517 | 2018-10-24 | Citrix NetScaler Gateway 10.5.x before 10.5.69.003, 11.1.x before 11.1.59.004, 12.0.x before 12.0.58.7, and 12.1.x before 12.1.49.1 has XSS. |
| CVE-2018-18547 | 2018-10-24 | Vesta Control Panel through 0.9.8-22 has XSS via the edit/web/ domain parameter, the list/backup/ backup parameter, the list/rrd/ period parameter, the list/directory/ dir_a parameter, or the filename to the list/directory/... |
| CVE-2018-18548 | 2018-10-24 | ajenticp (aka Ajenti Docker control panel) for Ajenti through v1.2.23.13 has XSS via a filename that is mishandled in File Manager. |
| CVE-2018-18635 | 2018-10-24 | www/guis/admin/application/controllers/UserController.php in the administration login interface in MailCleaner CE 2018.08 and 2018.09 allows XSS via the admin/login/user/message/ PATH_INFO. |
| CVE-2018-18636 | 2018-10-24 | XSS exists in cgi-bin/webcm on D-link DSL-2640T routers via the var:RelaodHref or var:conid parameter. |
| CVE-2018-9279 | 2018-10-24 | An issue was discovered on Eaton UPS 9PX 8000 SP devices. The appliance discloses the user's password. The web page displayed by the appliance contains the password in cleartext. Passwords... |
| CVE-2018-9280 | 2018-10-24 | An issue was discovered on Eaton UPS 9PX 8000 SP devices. The appliance discloses the SNMP version 3 user's password. The web page displayed by the appliance contains the password... |
| CVE-2018-9281 | 2018-10-24 | An issue was discovered on Eaton UPS 9PX 8000 SP devices. The administration panel is vulnerable to a CSRF attack on the change-password functionality. This vulnerability could be used to... |
| CVE-2018-14812 | 2018-10-24 | An uncontrolled search path element (DLL Hijacking) vulnerability has been identified in Fuji Electric Energy Savings Estimator versions V.1.0.2.0 and prior. Exploitation of this vulnerability could give an attacker access... |
| CVE-2018-13342 | 2018-10-24 | The server API in the Anda app relies on hardcoded credentials. |
| CVE-2018-15750 | 2018-10-24 | Directory Traversal vulnerability in salt-api in SaltStack Salt before 2017.7.8 and 2018.3.x before 2018.3.3 allows remote attackers to determine which files exist on the server. |
| CVE-2018-15751 | 2018-10-24 | SaltStack Salt before 2017.7.8 and 2018.3.x before 2018.3.3 allow remote attackers to bypass authentication and execute arbitrary commands via salt-api(netapi). |
| CVE-2018-18551 | 2018-10-24 | ServersCheck Monitoring Software through 14.3.3 has Persistent and Reflected XSS via the sensors.html status parameter, sensors.html type parameter, sensors.html device parameter, report.html location parameter, group_delete.html group parameter, report_save.html query parameter,... |
| CVE-2018-18552 | 2018-10-24 | ServersCheck Monitoring Software through 14.3.3 allows local users to cause a denial of service (menu functionality loss) by creating an LNK file that points to a second LNK file, if... |
| CVE-2018-18566 | 2018-10-24 | The SIP service in Polycom VVX 500 and 601 devices 5.8.0.12848 and earlier allow remote attackers to obtain sensitive phone configuration information by leveraging use with an on-premise installation with... |
| CVE-2018-18567 | 2018-10-24 | AudioCodes 440HD and 450HD devices 3.1.2.89 and earlier allows man-in-the-middle attackers to obtain sensitive credential information by leveraging failure to validate X.509 certificates when used with an on-premise installation with... |
| CVE-2018-18568 | 2018-10-24 | Polycom VVX 500 and 601 devices 5.8.0.12848 and earlier allows man-in-the-middle attackers to obtain sensitive credential information by leveraging failure to validate X.509 certificates when used with an on-premise installation... |
| CVE-2018-18621 | 2018-10-24 | CommuniGate Pro 6.2 allows stored XSS via a message body in Pronto! Mail Composer, which is mishandled in /MIME/INBOX-MM-1/ if the raw email link (in .txt format) is modified and... |
| CVE-2018-18638 | 2018-10-24 | A command injection vulnerability in the setup API in the Neato Botvac Connected 2.2.0 allows network attackers to execute arbitrary commands via shell metacharacters in the ntp field within JSON... |
| CVE-2018-8955 | 2018-10-24 | The installer for BitDefender GravityZone relies on an encoded string in a filename to determine the URL for installation metadata, which allows remote attackers to execute arbitrary code by changing... |
| CVE-2018-17903 | 2018-10-24 | SAGA1-L8B with any firmware versions prior to A0.10 are vulnerable to a replay attack and command forgery. |
| CVE-2018-17921 | 2018-10-24 | SAGA1-L8B with any firmware versions prior to A0.10 are vulnerable to an attack that may allow an attacker to force-pair the device without human interaction. |
| CVE-2018-17923 | 2018-10-24 | SAGA1-L8B with any firmware versions prior to A0.10 are vulnerable to an attack that an attacker with physical access to the product may able to reprogram it. |
| CVE-2018-18650 | 2018-10-25 | An issue was discovered in Xpdf 4.00. XRef::readXRefStream in XRef.cc allows attackers to launch a denial of service (Integer Overflow) via a crafted /Size value in a pdf file, as... |
| CVE-2018-18651 | 2018-10-25 | An issue was discovered in Xpdf 4.00. catalog->getNumPages() in AcroForm.cc allows attackers to launch a denial of service (hang caused by large loop) via a specific pdf file, as demonstrated... |
| CVE-2018-3970 | 2018-10-25 | An exploitable memory disclosure vulnerability exists in the 0x222000 IOCTL handler functionality of Sophos HitmanPro.Alert 3.7.6.744. A specially crafted IRP request can cause the driver to return uninitialized memory, resulting... |
| CVE-2018-3971 | 2018-10-25 | An exploitable arbitrary write vulnerability exists in the 0x2222CC IOCTL handler functionality of Sophos HitmanPro.Alert 3.7.6.744. A specially crafted IRP request can cause the driver to write data under controlled... |
| CVE-2018-14665 | 2018-10-25 | A flaw was found in xorg-x11-server before 1.20.3. An incorrect permission check for -modulepath and -logfile options when starting Xorg. X server allows unprivileged users with the ability to log... |
| CVE-2018-17904 | 2018-10-25 | Reliance 4 SCADA/HMI, Version 4.7.3 Update 3 and prior. This vulnerability could allow an unauthorized attacker to inject arbitrary code. |
| CVE-2018-18652 | 2018-10-25 | A remote command execution vulnerability in Veritas NetBackup Appliance before 3.1.2 allows authenticated administrators to execute arbitrary commands as root. This issue was caused by insufficient filtering of user provided... |
| CVE-2018-18653 | 2018-10-26 | The Linux kernel, as used in Ubuntu 18.10 and when booted with UEFI Secure Boot enabled, allows privileged local users to bypass intended Secure Boot restrictions and execute untrusted code... |
| CVE-2018-18654 | 2018-10-26 | Crossroads 2.81 does not properly handle the /tmp directory during a build of xr. A local attacker can first create a world-writable subdirectory in a certain location under the /tmp... |
| CVE-2018-18655 | 2018-10-26 | Prayer through 1.3.5 sends a Referer header, containing a user's username, when a user clicks on a link in their email because header.t lacks a no-referrer setting. |
| CVE-2018-18656 | 2018-10-26 | The PureVPN client before 6.1.0 for Windows stores Login Credentials (username and password) in cleartext. The location of such files is %PROGRAMDATA%\purevpn\config\login.conf. Additionally, all local users can read this file. |
| CVE-2017-18124 | 2018-10-26 | During secure boot, addition is performed on uint8 ptrs which led to overflow issue in Small Cell SoC, Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear in version FSM9055, IPQ4019, MDM9206, MDM9607,... |
| CVE-2017-18308 | 2018-10-26 | Modem segments are unlocked after authentication, leaving modem segments open to all in Snapdragon Mobile, Snapdragon Wear in version MDM9607, MSM8909W, SD 210/SD 212/SD 205, SD 425, SD 430 |
| CVE-2017-18309 | 2018-10-26 | A micro-core of QMP transportation may cause a macro-core to read from or write to arbitrary memory in Snapdragon Mobile in version SD 845, SD 850. |
| CVE-2017-18310 | 2018-10-26 | ClientEnv exposes services 0-32 to HLOS in Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear in version MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD... |
| CVE-2017-18311 | 2018-10-26 | XPU Master privilege escalation is possible due to improper access control of unused configuration xPU ports where unused configuration ports are open in Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear in... |
| CVE-2018-11305 | 2018-10-26 | When a series of FDAL messages are sent to the modem, a Use After Free condition can occur in Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear in version MDM9206, MDM9607, MDM9640,... |
| CVE-2018-11821 | 2018-10-26 | Possible integer overflow may happen in WLAN during memory allocation in Snapdragon Mobile, Snapdragon Wear in version IPQ8074, MDM9206, MDM9607, MDM9650, SD 425, SD 427, SD 430, SD 435, SD... |
| CVE-2018-11822 | 2018-10-26 | A possible integer overflow may happen in WLAN during memory allocation in Snapdragon Mobile in version SD 835, SD 845, SD 850, SDA660 |
| CVE-2018-11824 | 2018-10-26 | A stack-based buffer overflow can occur in a firmware routine in Snapdragon Mobile, Snapdragon Wear in version MDM9206, MDM9607, MDM9650, SD 210/SD 212/SD 205, SD 835, SD 845, SD 850,... |
| CVE-2018-11828 | 2018-10-26 | When FW tries to get random mac address generated from new SW RNG and ADC values read are constant then DUT get struck in loop while trying to get random... |
| CVE-2018-11846 | 2018-10-26 | The use of a non-time-constant memory comparison operation can lead to timing/side channel attacks in Snapdragon Mobile in version SD 210/SD 212/SD 205, SD 845, SD 850 |
| CVE-2018-11849 | 2018-10-26 | Lack of check on out of range of bssid parameter When processing scan start command will lead to buffer flow in Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear in version IPQ8074,... |
| CVE-2018-11850 | 2018-10-26 | Lack of check on remaining length parameter When processing scan start command will lead to buffer flow in Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear in version MDM9206, MDM9607, MDM9640, MDM9650,... |
| CVE-2018-11853 | 2018-10-26 | Lack of check on out of range for channels When processing channel list set command will lead to buffer flow in Snapdragon Mobile, Snapdragon Wear in version IPQ8074, MDM9206, MDM9607,... |
| CVE-2018-11854 | 2018-10-26 | Lack of check of valid length of input parameter may cause buffer overwrite in WLAN in Snapdragon Mobile in version SD 835, SD 845, SD 850, SDA660 |
| CVE-2018-11950 | 2018-10-26 | Unapproved TrustZone applications can be loaded and executed in Snapdragon Mobile in version SD 845, SD 850 |
| CVE-2018-11951 | 2018-10-26 | Improper access control in core module lead XBL_LOADER performs the ZI region clear for QTEE instead of XBL_SEC in Snapdragon Mobile in version SD 845, SD 850. |
| CVE-2018-18661 | 2018-10-26 | An issue was discovered in LibTIFF 4.0.9. There is a NULL pointer dereference in the function LZWDecode in the file tif_lzw.c. |
| CVE-2018-18662 | 2018-10-26 | There is an out-of-bounds read in fz_run_t3_glyph in fitz/font.c in Artifex MuPDF 1.14.0, as demonstrated by mutool. |
| CVE-2018-3588 | 2018-10-26 | There is improper access control of the SSC and GPU mapped regions which lead to inject code from HLOS in Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear in version MDM9206, MDM9607,... |
| CVE-2018-5866 | 2018-10-26 | While processing logs, data is copied into a buffer pointed to by an untrusted pointer in Snapdragon Mobile, Snapdragon Wear in version MDM9206, MDM9607, MDM9650, SD 210/SD 212/SD 205, SD... |
| CVE-2018-5914 | 2018-10-26 | Improper input validation in TZ led to array out of bound in TZ function while accessing the peripheral details using the incoming data in Snapdragon Mobile, Snapdragon Wear version MDM9206,... |
| CVE-2018-18657 | 2018-10-26 | An issue was discovered in Arcserve Unified Data Protection (UDP) through 6.5 Update 4. There is a DDI-VRT-2018-18 Unauthenticated Sensitive Information Disclosure via /gateway/services/EdgeServiceImpl issue. |
| CVE-2018-18658 | 2018-10-26 | An issue was discovered in Arcserve Unified Data Protection (UDP) through 6.5 Update 4. There is a DDI-VRT-2018-20 Unauthenticated Sensitive Information Disclosure via /UDPUpdates/Config/FullUpdateSettings.xml issue. |
| CVE-2018-18659 | 2018-10-26 | An issue was discovered in Arcserve Unified Data Protection (UDP) through 6.5 Update 4. There is a DDI-VRT-2018-19 Unauthenticated XXE in /management/UdpHttpService issue. |
| CVE-2018-18660 | 2018-10-26 | An issue was discovered in Arcserve Unified Data Protection (UDP) through 6.5 Update 4. There is a DDI-VRT-2018-21 Reflected Cross-site Scripting via /authenticationendpoint/domain.jsp issue. |
| CVE-2018-15686 | 2018-10-26 | systemd: reexec state injection: fgets() on overlong lines leads to line splitting |
| CVE-2018-15687 | 2018-10-26 | systemd: chown_one() can dereference symlinks |
| CVE-2018-15688 | 2018-10-26 | Out-of-Bounds write in systemd-networkd dhcpv6 option handling |
| CVE-2018-4022 | 2018-10-26 | A use-after-free vulnerability exists in the way MKVToolNix MKVINFO v25.0.0 handles the MKV (matroska) file format. A specially crafted MKV file can cause arbitrary code execution in the context of... |
| CVE-2018-6559 | 2018-10-26 | The Linux kernel, as used in Ubuntu 18.04 LTS and Ubuntu 18.10, allows local users to obtain names of files in which they would not normally be able to access... |
| CVE-2018-18690 | 2018-10-26 | In the Linux kernel before 4.17, a local attacker able to set attributes on an xfs filesystem could make this filesystem non-operational until the next mount by triggering an unchecked... |
| CVE-2018-18694 | 2018-10-26 | admin/index.php?id=filesmanager in Monstra CMS 3.0.4 allows remote authenticated administrators to trigger stored XSS via JavaScript content in a file whose name lacks an extension. Such a file is interpreted as... |
| CVE-2018-18700 | 2018-10-27 | An issue was discovered in cp-demangle.c in GNU libiberty, as distributed in GNU Binutils 2.31. There is a stack consumption vulnerability resulting from infinite recursion in the functions d_name(), d_encoding(),... |
| CVE-2018-18701 | 2018-10-27 | An issue was discovered in cp-demangle.c in GNU libiberty, as distributed in GNU Binutils 2.31. There is a stack consumption vulnerability resulting from infinite recursion in the functions next_is_type_qual() and... |
| CVE-2018-18699 | 2018-10-27 | An issue was discovered in GoPro gpmf-parser 1.2.1. There is an out-of-bounds write in OpenMP4Source in GPMF_mp4reader.c. |
| CVE-2018-18702 | 2018-10-27 | spider.admincp.php in iCMS v7.0.11 allows SQL injection via admincp.php?app=spider&do=import_rule because the upfile content is base64 decoded, deserialized, and used for database insertion. |
| CVE-2018-18703 | 2018-10-27 | PhpTpoint Mailing Server Using File Handling 1.0 suffers from multiple Arbitrary File Read vulnerabilities in different sections that allow an attacker to read sensitive files on the system via directory... |
| CVE-2018-18704 | 2018-10-27 | PhpTpoint Pharmacy Management System suffers from a SQL injection vulnerability in the index.php username parameter. |
| CVE-2018-18705 | 2018-10-27 | PhpTpoint hospital management system suffers from multiple SQL injection vulnerabilities via the index.php user parameter associated with LOGIN.php, or the rno parameter to ALIST.php, DUNDEL.php, PDEL.php, or PUNDEL.php. |
| CVE-2018-18706 | 2018-10-27 | An issue was discovered on Tenda AC7 V15.03.06.44_CN, AC9 V15.03.05.19(6318)_CN, AC10 V15.03.06.23_CN, AC15 V15.03.05.19_CN, and AC18 V15.03.05.19(6318)_CN devices. It is a buffer overflow vulnerability in the router's web server --... |
| CVE-2018-18707 | 2018-10-27 | An issue was discovered on Tenda AC7 V15.03.06.44_CN, AC9 V15.03.05.19(6318)_CN, AC10 V15.03.06.23_CN, AC15 V15.03.05.19_CN, and AC18 V15.03.05.19(6318)_CN devices. It is a buffer overflow vulnerability in the router's web server --... |
| CVE-2018-18708 | 2018-10-27 | An issue was discovered on Tenda AC7 V15.03.06.44_CN, AC9 V15.03.05.19(6318)_CN, AC10 V15.03.06.23_CN, AC15 V15.03.05.19_CN, and AC18 V15.03.05.19(6318)_CN devices. It is a buffer overflow vulnerability in the router's web server --... |
| CVE-2018-18709 | 2018-10-27 | An issue was discovered on Tenda AC7 V15.03.06.44_CN, AC9 V15.03.05.19(6318)_CN, AC10 V15.03.06.23_CN, AC15 V15.03.05.19_CN, and AC18 V15.03.05.19(6318)_CN devices. It is a buffer overflow vulnerability in the router's web server --... |
| CVE-2018-18710 | 2018-10-27 | An issue was discovered in the Linux kernel through 4.19. An information leak in cdrom_ioctl_select_disc in drivers/cdrom/cdrom.c could be used by local attackers to read kernel memory because a cast... |
| CVE-2018-18711 | 2018-10-27 | An issue was discovered in WUZHI CMS 4.1.0. There is a CSRF vulnerability that can change the super administrator's password via index.php?m=core&f=panel&v=edit_info. |
| CVE-2018-18712 | 2018-10-27 | An issue was discovered in WUZHI CMS 4.1.0. There is a CSRF vulnerability that can change the super administrator's username via index.php?m=member&f=index&v=edit&uid=1. |
| CVE-2018-18713 | 2018-10-27 | The function down_sql_action() in /admin/model/database.class.php in PHPYun 4.6 allows remote attackers to read arbitrary files via directory traversal in an m=database&c=down_sql&name=../ URI. |
| CVE-2018-18717 | 2018-10-28 | An issue was discovered in Eleanor CMS through 2015-03-19. XSS exists via the ajax.php?direct=admin&file=autocomplete&query=[XSS] URI. |
| CVE-2018-18718 | 2018-10-28 | An issue was discovered in gThumb through 3.6.2. There is a double-free vulnerability in the add_themes_from_dir method in dlg-contact-sheet.c because of two successive calls of g_free, each of which frees... |
| CVE-2018-18720 | 2018-10-28 | An XSS issue was discovered in index.php/admin/system/basic in YUNUCMS 1.1.5. |
| CVE-2018-18721 | 2018-10-28 | An XSS issue was discovered in admin/link/editlink?id=5 in YUNUCMS 1.1.5. |
| CVE-2018-18722 | 2018-10-28 | An XSS issue was discovered in admin/content/editcontent?id=29&gopage=1 in YUNUCMS 1.1.5. |
| CVE-2018-18723 | 2018-10-28 | An XSS issue was discovered in index.php/admin/area/editarea/id/110000 in YUNUCMS 1.1.5. |
| CVE-2018-18724 | 2018-10-28 | An XSS issue was discovered in index.php/admin/category/editcategory?id=73 in YUNUCMS 1.1.5. |