CVE List - 2018 / October
Showing 1301 - 1400 of 1468 CVEs for October 2018 (Page 14 of 15)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2018-18725 | 2018-10-28 | An XSS issue was discovered in admin/banner/editbanner?id=20 in YUNUCMS 1.1.5. |
| CVE-2018-18726 | 2018-10-28 | An XSS issue was discovered in admin/sitelink/editsitelink?id=16 in YUNUCMS 1.1.5. |
| CVE-2018-18727 | 2018-10-28 | An issue was discovered on Tenda AC7 V15.03.06.44_CN, AC9 V15.03.05.19(6318)_CN, AC10 V15.03.06.23_CN, AC15 V15.03.05.19_CN, and AC18 V15.03.05.19(6318)_CN devices. There is a buffer overflow vulnerability in the router's web server --... |
| CVE-2018-18728 | 2018-10-28 | An issue was discovered on Tenda AC9 V15.03.05.19(6318)_CN, AC15 V15.03.05.19_CN, and AC18 V15.03.05.19(6318)_CN devices. They allow remote code execution via shell metacharacters in the usbName field to the __fastcall function... |
| CVE-2018-18729 | 2018-10-28 | An issue was discovered on Tenda AC7 V15.03.06.44_CN, AC9 V15.03.05.19(6318)_CN, AC10 V15.03.06.23_CN, AC15 V15.03.05.19_CN, and AC18 V15.03.05.19(6318)_CN devices. There is a heap-based buffer overflow vulnerability in the router's web server... |
| CVE-2018-18730 | 2018-10-28 | An issue was discovered on Tenda AC7 V15.03.06.44_CN, AC9 V15.03.05.19(6318)_CN, AC10 V15.03.06.23_CN, AC15 V15.03.05.19_CN, and AC18 V15.03.05.19(6318)_CN devices. There is a buffer overflow vulnerability in the router's web server --... |
| CVE-2018-18731 | 2018-10-28 | An issue was discovered on Tenda AC7 V15.03.06.44_CN, AC9 V15.03.05.19(6318)_CN, AC10 V15.03.06.23_CN, AC15 V15.03.05.19_CN, and AC18 V15.03.05.19(6318)_CN devices. There is a buffer overflow vulnerability in the router's web server --... |
| CVE-2018-18732 | 2018-10-28 | An issue was discovered on Tenda AC7 V15.03.06.44_CN, AC9 V15.03.05.19(6318)_CN, AC10 V15.03.06.23_CN, AC15 V15.03.05.19_CN, and AC18 V15.03.05.19(6318)_CN devices. There is a buffer overflow vulnerability in the router's web server --... |
| CVE-2016-10731 | 2018-10-28 | ProjectSend (formerly cFTP) r582 allows SQL injection via manage-files.php with the request parameter status, manage-files.php with the request parameter files, clients.php with the request parameter selected_clients, clients.php with the request... |
| CVE-2016-10732 | 2018-10-28 | ProjectSend (formerly cFTP) r582 allows authentication bypass via a direct request for users.php, home.php, edit-file.php?file_id=1, or process-zip-download.php, or add_user_form_* parameters to users-add.php. |
| CVE-2016-10733 | 2018-10-28 | ProjectSend (formerly cFTP) r582 allows directory traversal via file=../ in the process-zip-download.php query string. |
| CVE-2016-10734 | 2018-10-28 | ProjectSend (formerly cFTP) r582 allows Insecure Direct Object Reference via includes/actions.log.export.php. |
| CVE-2018-18733 | 2018-10-28 | An XSS issue was discovered in Catfish CMS 4.8.30, related to "write source code," a similar issue to CVE-2018-13999. |
| CVE-2018-18734 | 2018-10-28 | A CSRF issue was discovered in admin/Index/addmanageuser.html in Catfish CMS 4.8.30. |
| CVE-2018-18735 | 2018-10-28 | A CSRF issue was discovered in admin/Index/tiquan in catfish blog 2.0.33. |
| CVE-2018-18736 | 2018-10-28 | An XSS issue was discovered in catfish blog 2.0.33, related to "write source code." |
| CVE-2018-18737 | 2018-10-28 | An XXE issue was discovered in Douchat 4.0.4 because Data\notify.php calls simplexml_load_string. This can also be used for SSRF. |
| CVE-2018-18738 | 2018-10-28 | An XSS issue was discovered in SEMCMS 3.4 via the admin/SEMCMS_Categories.php?pid=1&lgid=1 category_key parameter. |
| CVE-2018-18739 | 2018-10-28 | An XSS issue was discovered in SEMCMS 3.4 via the admin/SEMCMS_Products.php?lgid=1 Keywords field. |
| CVE-2018-18740 | 2018-10-28 | An XSS issue was discovered in SEMCMS 3.4 via the first input field to the admin/SEMCMS_Link.php?lgid=1 URI. |
| CVE-2018-18741 | 2018-10-28 | An XSS issue was discovered in SEMCMS 3.4 via admin/SEMCMS_Download.php?lgid=1 during editing. |
| CVE-2018-18742 | 2018-10-28 | A CSRF issue was discovered in SEMCMS 3.4 via the admin/SEMCMS_User.php?Class=add&CF=user URI. |
| CVE-2018-18743 | 2018-10-28 | An XSS issue was discovered in SEMCMS 3.4 via the second text field to the admin/SEMCMS_Categories.php?pid=1&lgid=1 URI. |
| CVE-2018-18744 | 2018-10-28 | An XSS issue was discovered in SEMCMS 3.4 via the fifth text box to the admin/SEMCMS_Main.php URI. |
| CVE-2018-18745 | 2018-10-28 | An XSS issue was discovered in SEMCMS 3.4 via admin/SEMCMS_Menu.php?lgid=1 during editing. |
| CVE-2018-18748 | 2018-10-28 | Sandboxie 5.26 allows a Sandbox Escape via an "import os" statement, followed by os.system("cmd") or os.system("powershell"), within a .py file. NOTE: the vendor disputes this issue because the observed behavior... |
| CVE-2018-18749 | 2018-10-28 | data-tools through 2017-07-26 has an Integer Overflow leading to an incorrect end value for the write_wchars function. |
| CVE-2018-18751 | 2018-10-28 | An issue was discovered in GNU gettext 0.19.8. There is a double free in default_add_message in read-catalog.c, related to an invalid free in po_gram_parse in po-gram-gen.y, as demonstrated by lt-msgfmt. |
| CVE-2018-18752 | 2018-10-28 | Webiness Inventory 2.3 suffers from an Arbitrary File upload vulnerability via PHP code in the protected/library/ajax/WsSaveToModel.php logo parameter. |
| CVE-2018-18753 | 2018-10-28 | Typecho V1.1 allows remote attackers to send shell commands via base64-encoded serialized data, as demonstrated by SSRF. |
| CVE-2018-18754 | 2018-10-28 | ZyXEL VMG3312-B10B 1.00(AAPP.7) devices have a backdoor root account with the tTn3+Z@!Sr0O+ password hash in the etc/default.cfg file. |
| CVE-2018-18765 | 2018-10-28 | An exploitable arbitrary memory read vulnerability exists in the MQTT packet-parsing functionality of Cesanta Mongoose 6.13. It is a heap-based buffer over-read in mg_mqtt_next_subscribe_topic. A specially crafted MQTT SUBSCRIBE packet... |
| CVE-2018-18764 | 2018-10-28 | An exploitable arbitrary memory read vulnerability exists in the MQTT packet-parsing functionality of Cesanta Mongoose 6.13. It is a heap-based buffer over-read in a parse_mqtt getu16 call. A specially crafted... |
| CVE-2018-18771 | 2018-10-29 | An issue was discovered in LuLu CMS through 2015-05-14. backend\modules\filemanager\controllers\DefaultController.php allows arbitrary file upload by entering a filename, directory name, and PHP code into the three text input fields. |
| CVE-2018-18778 | 2018-10-29 | ACME mini_httpd before 1.30 lets remote users read arbitrary files. |
| CVE-2018-18781 | 2018-10-29 | DedeCMS 5.7 SP2 allows XSS via the /member/uploads_select.php f or keyword parameter. |
| CVE-2018-18782 | 2018-10-29 | Reflected XSS exists in DedeCMS 5.7 SP2 via the /member/myfriend.php ftype parameter. |
| CVE-2018-18783 | 2018-10-29 | XSS was discovered in SEMCMS V3.4 via the semcms_remail.php?type=ok umail parameter. |
| CVE-2018-18784 | 2018-10-29 | An issue was discovered in zzcms 8.3. SQL Injection exists in admin/tagmanage.php via the tabletag parameter. (This needs an admin user login.) |
| CVE-2018-18785 | 2018-10-29 | An issue was discovered in zzcms 8.3. SQL Injection exists in zs/subzs.php with a zzcmscpid cookie to zs/search.php. |
| CVE-2018-18786 | 2018-10-29 | An issue was discovered in zzcms 8.3. SQL Injection exists in ajax/zs.php via a pxzs cookie. |
| CVE-2018-18787 | 2018-10-29 | An issue was discovered in zzcms 8.3. SQL Injection exists in zs/zs.php via a pxzs cookie. |
| CVE-2018-18788 | 2018-10-29 | An issue was discovered in zzcms 8.3. SQL Injection exists in admin/classmanage.php via the tablename parameter. (This needs an admin user login.) |
| CVE-2018-18789 | 2018-10-29 | An issue was discovered in zzcms 8.3. SQL Injection exists in zt/top.php via a Host HTTP header to zt/news.php. |
| CVE-2018-18790 | 2018-10-29 | An issue was discovered in zzcms 8.3. SQL Injection exists in admin/special_add.php via a zxbigclassid cookie. (This needs an admin user login.) |
| CVE-2018-18791 | 2018-10-29 | An issue was discovered in zzcms 8.3. SQL Injection exists in zs/search.php via a pxzs cookie. |
| CVE-2018-18792 | 2018-10-29 | An issue was discovered in zzcms 8.3. SQL Injection exists in zs/zs_list.php via a pxzs cookie. |
| CVE-2018-0735 | 2018-10-29 | Timing attack against ECDSA signature generation |
| CVE-2018-1380 | 2018-10-29 | IBM InfoSphere Master Data Management Collaboration Server 11.4, 11.5, and 11.6 could allow an authenticated user with CA level access to change change their ca-id to another users and read... |
| CVE-2018-1766 | 2018-10-29 | IBM Team Concert (RTC) 5.0 through 5.0.2 and 6.0 through 6.0.5 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus... |
| CVE-2018-1767 | 2018-10-29 | IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 Cachemonitor is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering... |
| CVE-2017-18281 | 2018-10-29 | A bool variable in Video function, which gets typecasted to int before being read could result in an out of bound read access in all Android releases from CAF using... |
| CVE-2018-11856 | 2018-10-29 | Improper input validation leads to buffer overwrite in the WLAN function that handles WMI commands in Snapdragon Mobile in version SD 835, SD 845, SD 850. |
| CVE-2018-11857 | 2018-10-29 | Improper input validation in WLAN encrypt/decrypt module can lead to a buffer copy in Snapdragon Mobile in version SD 835, SD 845, SD 850 |
| CVE-2018-11858 | 2018-10-29 | When processing IE set command, buffer overwrite may occur due to lack of input validation of the IE length in Snapdragon Mobile in version SD 835, SD 845, SD 850. |
| CVE-2018-11859 | 2018-10-29 | Buffer overwrite can happen in WLAN due to lack of validation of the input length in Snapdragon Mobile in version SD 845, SD 850. |
| CVE-2018-11861 | 2018-10-29 | Buffer overflow can happen in WLAN function due to lack of validation of the input length in Snapdragon Mobile in version SD 845, SD 850, SDA660. |
| CVE-2018-11862 | 2018-10-29 | Buffer overflow can happen in WLAN module due to lack of validation of the input length in Snapdragon Mobile in version SD 845, SD 850, SDA660. |
| CVE-2018-11865 | 2018-10-29 | Integer overflow may happen when calculating an internal structure size due to lack of validation of the input length in Snapdragon Mobile, Snapdragon Wear in version MDM9206, MDM9607, MDM9650, SD... |
| CVE-2018-11866 | 2018-10-29 | Integer overflow may happen in WLAN when calculating an internal structure size due to lack of validation of the input length in Snapdragon Mobile, Snapdragon Wear in version IPQ8074, MDM9206,... |
| CVE-2018-11867 | 2018-10-29 | Lack of buffer length check before copying in WLAN function while processing FIPS event, can lead to a buffer overflow in Snapdragon Mobile in version SD 845. |
| CVE-2018-11870 | 2018-10-29 | Buffer overwrite can occur when the legacy rates count received from the host is not checked against the maximum number of legacy rates in Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear... |
| CVE-2018-11871 | 2018-10-29 | Buffer overwrite can happen in WLAN function while processing set pdev parameter command due to lack of input validation in Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear in version IPQ4019, IPQ8064,... |
| CVE-2018-11872 | 2018-10-29 | Improper input validation leads to buffer overwrite in the WLAN function that handles WMI commands in Snapdragon Mobile in version SD 845, SD 850, SDA660 |
| CVE-2018-11873 | 2018-10-29 | Improper input validation leads to buffer overwrite in the WLAN function that handles WLAN roam buffer in Snapdragon Mobile in version SD 845. |
| CVE-2018-11874 | 2018-10-29 | Buffer overflow if the length of passphrase is more than 32 when setting up secure NDP connection in Snapdragon Mobile in version SD 835, SD 845, SD 850, SDA660. |
| CVE-2018-11875 | 2018-10-29 | Lack of check of buffer size before copying in a WLAN function can lead to a buffer overflow in Snapdragon Mobile in version SD 845, SD 850. |
| CVE-2018-11876 | 2018-10-29 | Lack of input validation while copying to buffer in WLAN will lead to a buffer overflow in Snapdragon Mobile in version SD 835, SD 845, SD 850, SDA660. |
| CVE-2018-11877 | 2018-10-29 | When the buffer length passed is very large in WLAN, bounds check could be bypassed leading to potential buffer overwrite in Snapdragon Mobile in version SD 835, SD 845, SD... |
| CVE-2018-11879 | 2018-10-29 | When the buffer length passed is very large, bounds check could be bypassed leading to potential buffer overwrite in Snapdragon Mobile in version SD 845 |
| CVE-2018-11880 | 2018-10-29 | Incorrect bound check can lead to potential buffer overwrite in WLAN function in Snapdragon Mobile in version SD 835, SD 845, SD 850, SDA660. |
| CVE-2018-11882 | 2018-10-29 | Incorrect bound check can lead to potential buffer overwrite in WLAN controller in Snapdragon Mobile in version SD 835, SD 845, SD 850, SDA660. |
| CVE-2018-11884 | 2018-10-29 | Improper input validation leads to buffer overflow while processing network list offload command in WLAN function in Snapdragon Mobile in version SD 835, SD 845, SD 850, SDA660 |
| CVE-2018-17908 | 2018-10-29 | WebAccess Versions 8.3.2 and prior. During installation, the application installer disables user access control and does not re-enable it after the installation is complete. This could allow an attacker to... |
| CVE-2018-17910 | 2018-10-29 | WebAccess Versions 8.3.2 and prior. The application fails to properly validate the length of user-supplied data, causing a buffer overflow condition that allows for arbitrary remote code execution. |
| CVE-2018-18387 | 2018-10-29 | playSMS through 1.4.2 allows Privilege Escalation through Daemon abuse. |
| CVE-2018-17615 | 2018-10-29 | This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.1.5096. User interaction is required to exploit this vulnerability in that the target must visit... |
| CVE-2018-17616 | 2018-10-29 | This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.1.5096. User interaction is required to exploit this vulnerability in that the target must visit... |
| CVE-2018-17617 | 2018-10-29 | This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.1.5096. User interaction is required to exploit this vulnerability in that the target must visit... |
| CVE-2018-17618 | 2018-10-29 | This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.1.5096. User interaction is required to exploit this vulnerability in that the target must visit... |
| CVE-2018-17619 | 2018-10-29 | This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.1.5096. User interaction is required to exploit this vulnerability in that the target must visit... |
| CVE-2018-17620 | 2018-10-29 | This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.1.5096. User interaction is required to exploit this vulnerability in that the target must visit... |
| CVE-2018-17621 | 2018-10-29 | This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.1.5096. User interaction is required to exploit this vulnerability in that the target must visit... |
| CVE-2018-17622 | 2018-10-29 | This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Foxit Reader 9.1.0.5096. User interaction is required to exploit this vulnerability in that the target must visit... |
| CVE-2018-17623 | 2018-10-29 | This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.1.5096. User interaction is required to exploit this vulnerability in that the target must visit... |
| CVE-2018-17624 | 2018-10-29 | This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.1.0.5096. User interaction is required to exploit this vulnerability in that the target must visit... |
| CVE-2018-17706 | 2018-10-29 | This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit PhantomPDF Phantom PDF 9.1.5096. User interaction is required to exploit this vulnerability in that the target... |
| CVE-2018-18817 | 2018-10-30 | The Leostream Agent before Build 7.0.1.0 when used with Leostream Connection Broker 8.2.72 or earlier allows remote attackers to modify registry keys via the Leostream Agent API. |
| CVE-2018-18822 | 2018-10-30 | Grapixel New Media v2.0 allows SQL Injection via the pages.aspx pageref parameter. |
| CVE-2018-18825 | 2018-10-30 | Pagoda Linux panel V6.0 has XSS via the verification code associated with an invalid account login. A crafted code is mishandled during rendering of the login log. |
| CVE-2018-18826 | 2018-10-30 | There exists a heap-based buffer overflow in vc1_decode_p_mb_intfi in vc1_block.c in Libav 12.3, which allows attackers to cause a denial-of-service via a crafted aac file. |
| CVE-2018-18827 | 2018-10-30 | There exists a heap-based buffer over-read in ff_vc1_pred_dc in vc1_block.c in Libav 12.3, which allows attackers to cause a denial-of-service via a crafted aac file. |
| CVE-2018-18828 | 2018-10-30 | There exists a heap-based buffer overflow in vc1_decode_i_block_adv in vc1_block.c in Libav 12.3, which allows attackers to cause a denial-of-service via a crafted aac file. |
| CVE-2018-18829 | 2018-10-30 | There exists a NULL pointer dereference in ff_vc1_parse_frame_header_adv in vc1.c in Libav 12.3, which allows attackers to cause a denial-of-service through a crafted aac file. |
| CVE-2018-18830 | 2018-10-30 | An issue was discovered in com\mingsoft\basic\action\web\FileAction.java in MCMS 4.6.5. Since the upload interface does not verify the user login status, you can use this interface to upload files without setting... |
| CVE-2018-18831 | 2018-10-30 | An issue was discovered in com\mingsoft\cms\action\GeneraterAction.java in MCMS 4.6.5. An attacker can write a .jsp file (in the position parameter) to an arbitrary directory via a ../ Directory Traversal in... |
| CVE-2018-18832 | 2018-10-30 | admin/check.asp in DKCMS 9.4 allows SQL Injection via an ASPSESSIONID cookie to admin/admin.asp. |
| CVE-2018-18834 | 2018-10-30 | An issue has been found in libIEC61850 v1.3. It is a heap-based buffer overflow in BerEncoder_encodeOctetString in mms/asn1/ber_encoder.c. |
| CVE-2018-18835 | 2018-10-30 | upload_template() in system/changeskin.php in DocCms 2016.5.12 allows remote attackers to execute arbitrary PHP code via a template file. |
| CVE-2018-18840 | 2018-10-30 | XSS was discovered in SEMCMS PHP V3.4 via the SEMCMS_SeoAndTag.php?Class=edit&CF=SeoAndTag tag_indexmetatit parameter. |