CVE List - 2018 / October
Showing 301 - 400 of 1468 CVEs for October 2018 (Page 4 of 15)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2018-15417 | 2018-10-05 | Cisco Webex Network Recording Player and Cisco Webex Player Remote Code Execution Vulnerabilities |
| CVE-2018-15418 | 2018-10-05 | Cisco Webex Network Recording Player and Cisco Webex Player Remote Code Execution Vulnerabilities |
| CVE-2018-15419 | 2018-10-05 | Cisco Webex Network Recording Player and Cisco Webex Player Remote Code Execution Vulnerabilities |
| CVE-2018-15420 | 2018-10-05 | Cisco Webex Network Recording Player and Cisco Webex Player Remote Code Execution Vulnerabilities |
| CVE-2018-15421 | 2018-10-05 | Cisco Webex Network Recording Player Remote Code Execution Vulnerabilities |
| CVE-2018-15422 | 2018-10-05 | Cisco Webex Network Recording Player Remote Code Execution Vulnerabilities |
| CVE-2018-15423 | 2018-10-05 | Cisco HyperFlex UI Clickjacking Vulnerability |
| CVE-2018-15424 | 2018-10-05 | Multiple Vulnerabilities in Cisco Identity Services Engine |
| CVE-2018-15425 | 2018-10-05 | Multiple Vulnerabilities in Cisco Identity Services Engine |
| CVE-2018-15426 | 2018-10-05 | Cisco Unity Connection Stored Cross-Site Scripting Vulnerability |
| CVE-2018-15427 | 2018-10-05 | Cisco Video Surveillance Manager Appliance Default Password Vulnerability |
| CVE-2018-15428 | 2018-10-05 | Cisco IOS XR Software Border Gateway Protocol Denial of Service Vulnerability |
| CVE-2018-15429 | 2018-10-05 | Cisco HyperFlex HX Data Platform Software Unauthorized Directory Access Vulnerability |
| CVE-2018-15430 | 2018-10-05 | Cisco Expressway Series and Cisco TelePresence Video Communication Server Remote Code Execution Vulnerability |
| CVE-2018-15431 | 2018-10-05 | Cisco Webex Network Recording Player and Cisco Webex Player Remote Code Execution Vulnerabilities |
| CVE-2018-15432 | 2018-10-05 | Cisco Prime Infrastructure Information Disclosure Vulnerability |
| CVE-2018-15433 | 2018-10-05 | Cisco Prime Infrastructure Information Disclosure Vulnerability |
| CVE-2018-15434 | 2018-10-05 | Cisco Unified IP Phone 7900 Series Cross-Site Scripting Vulnerability |
| CVE-2018-15436 | 2018-10-05 | Cisco Webex Centers Cross-Site Scripting Vulnerability |
| CVE-2018-0404 | 2018-10-05 | Cisco RV180W Wireless-N Multifunction VPN Router SQL Injection Vulnerability |
| CVE-2018-0464 | 2018-10-05 | Cisco Data Center Network Manager Path Traversal Vulnerability |
| CVE-2018-18016 | 2018-10-05 | ImageMagick 7.0.7-28 has a memory leak vulnerability in WritePCXImage in... |
| CVE-2018-0405 | 2018-10-05 | Cisco RV180W Wireless-N Multifunction VPN Router Directory Path Traversal Vulnerability |
| CVE-2018-11778 | 2018-10-05 | UnixAuthenticationService in Apache Ranger 1.2.0 was updated to correctly handle... |
| CVE-2018-11797 | 2018-10-05 | In Apache PDFBox 1.8.0 to 1.8.15 and 2.0.0RC1 to 2.0.11,... |
| CVE-2018-11083 | 2018-10-05 | Bosh accepts refresh tokens in place of an access token |
| CVE-2018-13042 | 2018-10-05 | The 1Password application 6.8 for Android is affected by a... |
| CVE-2018-11064 | 2018-10-05 | Dell EMC Unity OE versions 4.3.0.x and 4.3.1.x and UnityVSA... |
| CVE-2018-11081 | 2018-10-05 | Pivotal Operations Manager UAA config - temp Ram Disk |
| CVE-2018-11082 | 2018-10-05 | Cloud Foundry UAA MFA does not prevent brute force of MFA code |
| CVE-2018-1264 | 2018-10-05 | Log Cache logs UAA client secret on startup |
| CVE-2018-15763 | 2018-10-05 | PKS leaks IaaS Credentials to Application Logs |
| CVE-2018-18020 | 2018-10-06 | In QPDF 8.2.1, in libqpdf/QPDFWriter.cc, QPDFWriter::unparseObject and QPDFWriter::unparseChild have recursive... |
| CVE-2018-17456 | 2018-10-06 | Git before 2.14.5, 2.15.x before 2.15.3, 2.16.x before 2.16.5, 2.17.x... |
| CVE-2018-18021 | 2018-10-07 | arch/arm64/kvm/guest.c in KVM in the Linux kernel before 4.18.12 on... |
| CVE-2015-9273 | 2018-10-07 | The wp-slimstat (aka Slimstat Analytics) plugin before 4.1.6.1 for WordPress... |
| CVE-2012-6710 | 2018-10-07 | ext_find_user in eXtplorer through 2.1.2 allows remote attackers to bypass... |
| CVE-2018-18023 | 2018-10-07 | In ImageMagick 7.0.8-13 Q16, there is a heap-based buffer over-read... |
| CVE-2018-18024 | 2018-10-07 | In ImageMagick 7.0.8-13 Q16, there is an infinite loop in... |
| CVE-2018-18025 | 2018-10-07 | In ImageMagick 7.0.8-13 Q16, there is a heap-based buffer over-read... |
| CVE-2018-1000807 | 2018-10-08 | Python Cryptographic Authority pyopenssl version prior to version 17.5.0 contains... |
| CVE-2018-14810 | 2018-10-08 | WECON Technology Co., Ltd. PI Studio HMI versions 4.1.9 and... |
| CVE-2018-14818 | 2018-10-08 | WECON Technology Co., Ltd. PI Studio HMI versions 4.1.9 and... |
| CVE-2018-17889 | 2018-10-08 | In WECON Technology Co., Ltd. PI Studio HMI versions 4.1.9... |
| CVE-2018-1000805 | 2018-10-08 | Paramiko version 2.4.1, 2.3.2, 2.2.3, 2.1.5, 2.0.8, 1.18.5, 1.17.6 contains... |
| CVE-2018-1000808 | 2018-10-08 | Python Cryptographic Authority pyopenssl version Before 17.5.0 contains a CWE... |
| CVE-2018-1000810 | 2018-10-08 | The Rust Programming Language Standard Library version 1.29.0, 1.28.0, 1.27.2,... |
| CVE-2018-1000803 | 2018-10-08 | Gitea version prior to version 1.5.1 contains a CWE-200 vulnerability... |
| CVE-2018-1000804 | 2018-10-08 | contiki-ng version 4 contains a Buffer Overflow vulnerability in AQL... |
| CVE-2018-1000809 | 2018-10-08 | privacyIDEA version 2.23.1 and earlier contains a Improper Input Validation... |
| CVE-2018-1741 | 2018-10-08 | IBM Tivoli Key Lifecycle Manager 2.6, 2.7, and 3.0 does... |
| CVE-2018-1742 | 2018-10-08 | IBM Tivoli Key Lifecycle Manager 2.6, 2.7, and 3.0 contains... |
| CVE-2018-1743 | 2018-10-08 | IBM Tivoli Key Lifecycle Manager 2.6, 2.7, and 3.0 discloses... |
| CVE-2018-1749 | 2018-10-08 | IBM Tivoli Key Lifecycle Manager 2.6, 2.7, and 3.0 uses... |
| CVE-2018-1750 | 2018-10-08 | IBM Security Key Lifecycle Manager 3.0 specifies permissions for a... |
| CVE-2018-1753 | 2018-10-08 | IBM Tivoli Key Lifecycle Manager 2.6, 2.7, and 3.0 generates... |
| CVE-2018-5399 | 2018-10-08 | The Auto-Maskin DCU 210E firmware contains an undocumented Dropbear SSH server, v2015.55, configured to listen on Port 22 while the DCU is running and is configured with a hard-coded credentials |
| CVE-2018-5400 | 2018-10-08 | The Auto-Maskin DCU 210E, RP-210E, and Marine Pro Observer Android App utilize an undocumented custom protocol to set up Modbus communications with other devices without validating those devices, resulting in an origin validation error |
| CVE-2018-5401 | 2018-10-08 | The Auto-Maskin DCU 210E, RP-210E, and Marine Pro Observer Android App transmit sensitive or security-critical data in cleartext in a communication channel that can be sniffed by unauthorized actors |
| CVE-2018-5402 | 2018-10-08 | The Auto-Maskin DCU 210E, RP-210E, and Marine Pro Observer Android App use an embedded webserver that uses unencrypted plaintext for the transmission of the administrator PIN |
| CVE-2018-16291 | 2018-10-08 | An exploitable use-after-free vulnerability exists in the JavaScript engine of... |
| CVE-2018-16292 | 2018-10-08 | An exploitable use-after-free vulnerability exists in the JavaScript engine of... |
| CVE-2018-16293 | 2018-10-08 | An exploitable use-after-free vulnerability exists in the JavaScript engine of... |
| CVE-2018-16294 | 2018-10-08 | An exploitable use-after-free vulnerability exists in the JavaScript engine of... |
| CVE-2018-16295 | 2018-10-08 | An exploitable use-after-free vulnerability exists in the JavaScript engine of... |
| CVE-2018-16296 | 2018-10-08 | An exploitable use-after-free vulnerability exists in the JavaScript engine of... |
| CVE-2018-16297 | 2018-10-08 | An exploitable use-after-free vulnerability exists in the JavaScript engine of... |
| CVE-2018-17060 | 2018-10-08 | Telerik Extensions for ASP.NET MVC (all versions) does not whitelist... |
| CVE-2018-17440 | 2018-10-08 | An issue was discovered on D-Link Central WiFi Manager before... |
| CVE-2018-17441 | 2018-10-08 | An issue was discovered on D-Link Central WiFi Manager before... |
| CVE-2018-17442 | 2018-10-08 | An issue was discovered on D-Link Central WiFi Manager before... |
| CVE-2018-17443 | 2018-10-08 | An issue was discovered on D-Link Central WiFi Manager before... |
| CVE-2018-3940 | 2018-10-08 | An exploitable use-after-free vulnerability exists in the JavaScript engine of... |
| CVE-2018-3941 | 2018-10-08 | An exploitable use-after-free vulnerability exists in the JavaScript engine of... |
| CVE-2018-3942 | 2018-10-08 | An exploitable use-after-free vulnerability exists in the JavaScript engine of... |
| CVE-2018-3945 | 2018-10-08 | An exploitable use-after-free vulnerability exists in the JavaScript engine of... |
| CVE-2018-3992 | 2018-10-08 | An exploitable use-after-free vulnerability exists in the JavaScript engine of... |
| CVE-2018-3996 | 2018-10-08 | An exploitable use-after-free vulnerability exists in the JavaScript engine of... |
| CVE-2018-3997 | 2018-10-08 | An exploitable use-after-free vulnerability exists in the JavaScript engine of... |
| CVE-2018-15903 | 2018-10-08 | The Discuss v1.2.1 module in Claromentis 8.2.2 is vulnerable to... |
| CVE-2018-17775 | 2018-10-08 | Seqrite End Point Security v7.4 has "Everyone: (F)" permission for... |
| CVE-2018-17977 | 2018-10-08 | The Linux kernel 4.14.67 mishandles certain interaction among XFRM Netlink... |
| CVE-2018-18064 | 2018-10-08 | cairo through 1.15.14 has an out-of-bounds stack-memory write during processing... |
| CVE-2018-18065 | 2018-10-08 | _set_key in agent/helpers/table_container.c in Net-SNMP before 5.8 has a NULL... |
| CVE-2018-18066 | 2018-10-08 | snmp_oid_compare in snmplib/snmp_api.c in Net-SNMP before 5.8 has a NULL... |
| CVE-2016-7475 | 2018-10-08 | Under some circumstances on BIG-IP 12.0.0-12.1.0, 11.6.0-11.6.1, or 11.4.0-11.5.4 HF1,... |
| CVE-2018-14656 | 2018-10-08 | A missing address check in the callers of the show_opcodes()... |
| CVE-2018-18069 | 2018-10-08 | process_forms in the WPML (aka sitepress-multilingual-cms) plugin through 3.6.3 for... |
| CVE-2018-18070 | 2018-10-09 | An issue was discovered in Daimler Mercedes-Benz COMAND 17/13.0 50.12... |
| CVE-2018-18071 | 2018-10-09 | An issue was discovered in the Daimler Mercedes-Benz Me app... |
| CVE-2018-2466 | 2018-10-09 | In Impact and Lineage Analysis in SAP Data Services, version... |
| CVE-2018-2467 | 2018-10-09 | In the Software Development Kit in SAP BusinessObjects BI Platform... |
| CVE-2018-2468 | 2018-10-09 | Under certain conditions the backup server in SAP Adaptive Server... |
| CVE-2018-2469 | 2018-10-09 | Under certain conditions SAP Adaptive Server Enterprise (ASE), versions 15.7... |
| CVE-2018-2470 | 2018-10-09 | In SAP NetWeaver Application Server for ABAP, from 7.0 to... |
| CVE-2018-2471 | 2018-10-09 | Under certain conditions SAP BusinessObjects Business Intelligence Platform 4.10 and... |
| CVE-2018-2472 | 2018-10-09 | SAP BusinessObjects Business Intelligence Platform 4.10 and 4.20 (Web Intelligence... |
| CVE-2018-2474 | 2018-10-09 | SAP Fiori 1.0 for SAP ERP HCM (Approve Leave Request,... |
| CVE-2018-2475 | 2018-10-09 | Following the Gardener architecture, the Kubernetes apiserver of a Gardener... |
| CVE-2018-12474 | 2018-10-09 | Crafted service parameters allows to induce unexpected behaviour in obs-service-tar_scm |