CVE List - 2018 / November
Showing 1 - 100 of 983 CVEs for November 2018 (Page 1 of 10)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2018-18887 | 2018-11-01 | S-CMS PHP 1.0 has SQL injection in member/member_news.php via the type parameter (aka the $N_type field). |
| CVE-2018-18888 | 2018-11-01 | An issue was discovered in laravelCMS through 2018-04-02. \app\Http\Controllers\Backend\ProfileController.php allows upload of arbitrary PHP files because the file extension is not properly checked and uploaded files are not properly renamed. |
| CVE-2018-18890 | 2018-11-01 | MiniCMS 1.10 allows full path disclosure via /mc-admin/post.php?state=delete&delete= with an invalid filename. |
| CVE-2018-18891 | 2018-11-01 | MiniCMS 1.10 allows file deletion via /mc-admin/post.php?state=delete&delete= because the authentication check occurs too late. |
| CVE-2018-18892 | 2018-11-01 | MiniCMS 1.10 allows execution of arbitrary PHP code via the install.php sitename parameter, which affects the site_name field in mc_conf.php. |
| CVE-2016-2120 | 2018-11-01 | An issue has been found in PowerDNS Authoritative Server versions up to and including 3.4.10, 4.0.1 allowing an authorized user to crash the server by inserting a specially crafted record... |
| CVE-2016-2123 | 2018-11-01 | A flaw was found in samba versions 4.0.0 to 4.5.2. The Samba routine ndr_pull_dnsp_name contains an integer wrap problem, leading to an attacker-controlled memory overwrite. ndr_pull_dnsp_name parses data from the... |
| CVE-2018-15454 | 2018-11-01 | Cisco Adaptive Security Appliance Software and Cisco Firepower Threat Defense Software Denial of Service Vulnerability |
| CVE-2018-14660 | 2018-11-01 | A flaw was found in glusterfs server through versions 4.1.4 and 3.1.2 which allowed repeated usage of GF_META_LOCK_KEY xattr. A remote, authenticated attacker could use this flaw to create multiple... |
| CVE-2018-7356 | 2018-11-01 | All versions up to V3.03.10.B23P2 of ZTE ZXR10 8905E product are impacted by TCP Initial Sequence Number (ISN) reuse vulnerability, which can generate easily predictable ISN, and allows remote attackers... |
| CVE-2018-3900 | 2018-11-01 | An exploitable code execution vulnerability exists in the QR code scanning functionality of Yi Home Camera 27US 1.8.7.0D. A specially crafted QR Code can cause a buffer overflow, resulting in... |
| CVE-2018-3910 | 2018-11-01 | An exploitable code execution vulnerability exists in the cloud OTA setup functionality of Yi Home Camera 27US 1.8.7.0D. A specially crafted SSID can cause a command injection, resulting in code... |
| CVE-2018-3928 | 2018-11-01 | An exploitable code execution vulnerability exists in the firmware update functionality of Yi Home Camera 27US 1.8.7.0D. A specially crafted set of UDP packets can cause a settings change, resulting... |
| CVE-2018-3947 | 2018-11-01 | An exploitable information disclosure vulnerability exists in the phone-to-camera communications of Yi Home Camera 27US 1.8.7.0D. An attacker can sniff network traffic to exploit this vulnerability. |
| CVE-2018-3977 | 2018-11-01 | An exploitable code execution vulnerability exists in the XCF image rendering functionality of SDL2_image-2.0.3. A specially crafted XCF image can cause a heap overflow, resulting in code execution. An attacker... |
| CVE-2018-10586 | 2018-11-01 | NetGain Enterprise Manager (EM) is affected by multiple Stored Cross-Site Scripting (XSS) vulnerabilities in versions before 10.1.12. |
| CVE-2018-10587 | 2018-11-01 | NetGain Enterprise Manager (EM) is affected by OS Command Injection vulnerabilities in versions before 10.0.57. These vulnerabilities could allow remote authenticated attackers to inject arbitrary code, resulting in remote code... |
| CVE-2018-18695 | 2018-11-01 | M2SOFT Report Designer Viewer 5.0 allows a Buffer Overflow with Extended Instruction Pointer (EIP) control via a crafted MRD file. |
| CVE-2018-18714 | 2018-11-01 | RegFilter.sys in IOBit Malware Fighter 6.2 and earlier is susceptible to a stack-based buffer overflow when an attacker uses IOCTL 0x8006E010. This can lead to denial of service (DoS) or... |
| CVE-2018-18775 | 2018-11-01 | Microstrategy Web, version 7, does not sufficiently encode user-controlled inputs, resulting in a Cross-Site Scripting (XSS) vulnerability via the Login.asp Msg parameter. NOTE: this is a deprecated product. |
| CVE-2018-18776 | 2018-11-01 | Microstrategy Web, version 7, does not sufficiently encode user-controlled inputs, resulting in a Cross-Site Scripting (XSS) vulnerability via the admin/admin.asp ShowAll parameter. NOTE: this is a deprecated product. |
| CVE-2018-18777 | 2018-11-01 | Directory traversal vulnerability in Microstrategy Web, version 7, in "/WebMstr7/servlet/mstrWeb" (in the parameter subpage) allows remote authenticated users to bypass intended SecurityManager restrictions and list a parent directory via a... |
| CVE-2018-6011 | 2018-11-01 | The time-based one-time-password (TOTP) function in the application logic of the Green Electronics RainMachine Mini-8 (2nd generation) uses the administrator's password hash to generate a 6-digit temporary passcode that can... |
| CVE-2018-6012 | 2018-11-01 | The 'Weather Service' feature of the Green Electronics RainMachine Mini-8 (2nd generation) allows an attacker to inject arbitrary Python code via the 'Add new weather data source' upload function. |
| CVE-2018-6906 | 2018-11-01 | A persistent Cross Site Scripting (XSS) vulnerability in the Green Electronics RainMachine Mini-8 (2nd Generation) and Touch HD 12 web application allows an attacker to inject arbitrary JavaScript via the... |
| CVE-2018-6907 | 2018-11-01 | A Cross Site Request Forgery (CSRF) vulnerability in the Green Electronics RainMachine Mini-8 (2nd Generation) and Touch HD 12 web application allows an attacker to control the RainMachine device via... |
| CVE-2018-6908 | 2018-11-01 | An authentication bypass vulnerability exists in the Green Electronics RainMachine Mini-8 (2nd Generation) and Touch HD 12 web application allowing an unauthenticated attacker to perform authenticated actions on the device... |
| CVE-2018-6909 | 2018-11-01 | A missing X-Frame-Options header in the Green Electronics RainMachine Mini-8 (2nd Generation) and Touch HD 12 web application could be used by a remote attacker for clickjacking, as demonstrated by... |
| CVE-2018-18897 | 2018-11-02 | An issue was discovered in Poppler 0.71.0. There is a memory leak in GfxColorSpace::setDisplayProfile in GfxState.cc, as demonstrated by pdftocairo. |
| CVE-2018-17914 | 2018-11-02 | InduSoft Web Studio versions prior to 8.1 SP2, and InTouch Edge HMI (formerly InTouch Machine Edition) versions prior to 2017 SP2. This vulnerability could allow an unauthenticated user to remotely... |
| CVE-2018-17916 | 2018-11-02 | InduSoft Web Studio versions prior to 8.1 SP2, and InTouch Edge HMI (formerly InTouch Machine Edition) versions prior to 2017 SP2. A remote attacker could send a carefully crafted packet... |
| CVE-2018-17912 | 2018-11-02 | An XXE vulnerability exists in CASE Suite Versions 3.10 and prior when processing parameter entities, which may allow remote file disclosure. |
| CVE-2018-17918 | 2018-11-02 | Circontrol CirCarLife all versions prior to 4.3.1, authentication to the device can be bypassed by entering the URL of a specific page. |
| CVE-2018-17922 | 2018-11-02 | Circontrol CirCarLife all versions prior to 4.3.1, the PAP credentials of the device are stored in clear text in a log file that is accessible without authentication. |
| CVE-2017-1609 | 2018-11-02 | IBM Quality Manager (RQM) 5.0 through 5.0.2 and 6.0 through 6.0.6 are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus... |
| CVE-2018-1552 | 2018-11-02 | IBM Robotic Process Automation with Automation Anywhere 10.0 and 11.0 allows a remote attacker to execute arbitrary code on the system, caused by a missing restriction in which file types... |
| CVE-2018-1788 | 2018-11-02 | IBM Spectrum Protect Server 7.1 and 8.1 could disclose highly sensitive information via trace logs to a local privileged user. IBM X-Force ID: 148873. |
| CVE-2018-1835 | 2018-11-02 | IBM Daeja ViewONE Professional, Standard & Virtual 5 is vulnerable to a XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to... |
| CVE-2018-1846 | 2018-11-02 | IBM Rational Engineering Lifecycle Manager 5.0 through 5.0.2 and 6.0 through 6.0.6 are vulnerable to a XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could... |
| CVE-2018-1876 | 2018-11-02 | IBM Robotic Process Automation with Automation Anywhere 11 could under certain cases, display the password in a Control Room log file after installation. IBM X-Force ID: 151707. |
| CVE-2018-1877 | 2018-11-02 | IBM Robotic Process Automation with Automation Anywhere 11 could store highly sensitive information in the form of unencrypted passwords that would be available to a local user. IBM X-Force ID:... |
| CVE-2018-1878 | 2018-11-02 | IBM Robotic Process Automation with Automation Anywhere 11 could disclose sensitive information in a web request that could aid in future attacks against the system. IBM X-Force ID: 151714. |
| CVE-2018-3890 | 2018-11-02 | An exploitable code execution vulnerability exists in the firmware update functionality of Yi Home Camera 27US 1.8.7.0D. A specially crafted file can cause a logic flaw and command injection, resulting... |
| CVE-2018-3891 | 2018-11-02 | An exploitable firmware downgrade vulnerability exists in the firmware update functionality of Yi Home Camera 27US 1.8.7.0D. A specially crafted file can cause a logic flaw, resulting in a firmware... |
| CVE-2018-3892 | 2018-11-02 | An exploitable firmware downgrade vulnerability exists in the time syncing functionality of Yi Home Camera 27US 1.8.7.0D. A specially crafted packet can cause a buffer overflow, resulting in code execution.... |
| CVE-2018-3898 | 2018-11-02 | An exploitable code execution vulnerability exists in the QR code scanning functionality of Yi Home Camera 27US 1.8.7.0D. A specially crafted QR Code can cause a buffer overflow, resulting in... |
| CVE-2018-3899 | 2018-11-02 | An exploitable code execution vulnerability exists in the QR code scanning functionality of Yi Home Camera 27US 1.8.7.0D. A specially crafted QR Code can cause a buffer overflow, resulting in... |
| CVE-2018-3920 | 2018-11-02 | An exploitable code execution vulnerability exists in the firmware update functionality of the Yi Home Camera 27US 1.8.7.0D. A specially crafted 7-Zip file can cause a CRC collision, resulting in... |
| CVE-2018-3934 | 2018-11-02 | An exploitable code execution vulnerability exists in the firmware update functionality of Yi Home Camera 27US 1.8.7.0D. A specially crafted set of UDP packets can cause a logic flaw, resulting... |
| CVE-2018-3935 | 2018-11-02 | An exploitable code execution vulnerability exists in the UDP network functionality of Yi Home Camera 27US 1.8.7.0D. A specially crafted set of UDP packets can allocate unlimited memory, resulting in... |
| CVE-2018-7798 | 2018-11-02 | A Insufficient Verification of Data Authenticity (CWE-345) vulnerability exists in the Modicon M221, all versions, which could cause a change of IPv4 configuration (IP address, mask and gateway) when remotely... |
| CVE-2018-7799 | 2018-11-02 | A DLL hijacking vulnerability exists in Schneider Electric Software Update (SESU), all versions prior to V2.2.0, which could allow an attacker to execute arbitrary code on the targeted system when... |
| CVE-2018-16849 | 2018-11-02 | A flaw was found in openstack-mistral. By manipulating the SSH private key filename, the std.ssh action can be used to disclose the presence of arbitrary files within the filesystem of... |
| CVE-2018-16847 | 2018-11-02 | An OOB heap buffer r/w access issue was found in the NVM Express Controller emulation in QEMU. It could occur in nvme_cmb_ops routines in nvme device. A guest user/process could... |
| CVE-2018-11062 | 2018-11-02 | Dell EMC Integrated Data Protection Appliance Undocumented Accounts Vulnerability |
| CVE-2018-15762 | 2018-11-02 | Pivotal Operations Manager gives all users heightened privileges |
| CVE-2018-18915 | 2018-11-03 | There is an infinite loop in the Exiv2::Image::printIFDStructure function of image.cpp in Exiv2 0.27-RC1. A crafted input will lead to a remote denial of service attack. |
| CVE-2018-18903 | 2018-11-03 | Vanilla 2.6.x before 2.6.4 allows remote code execution. |
| CVE-2018-18909 | 2018-11-03 | xhEditor 1.2.2 allows XSS via JavaScript code in the SRC attribute of an IFRAME element within the editor's source-code view. |
| CVE-2018-18919 | 2018-11-04 | The WP Editor.md plugin 10.0.1 for WordPress allows XSS via the comment area. |
| CVE-2018-18924 | 2018-11-04 | The image-upload feature in ProjeQtOr 7.2.5 allows remote attackers to execute arbitrary code by uploading a .shtml file with "#exec cmd" because rejected files remain on the server, with predictable... |
| CVE-2018-18925 | 2018-11-04 | Gogs 0.11.66 allows remote code execution because it does not properly validate session IDs, as demonstrated by a ".." session-file forgery in the file session provider in file.go. This is... |
| CVE-2018-18926 | 2018-11-04 | Gitea before 1.5.4 allows remote code execution because it does not properly validate session IDs. This is related to session ID handling in the go-macaron/session code for Macaron. |
| CVE-2018-18927 | 2018-11-04 | An issue was discovered in PublicCMS V4.0. It allows XSS by modifying the page_list "attached" attribute (which typically has 'class="icon-globe icon-large"' in its value), as demonstrated by an 'UPDATE sys_module... |
| CVE-2018-18928 | 2018-11-04 | International Components for Unicode (ICU) for C/C++ 63.1 has an integer overflow in number::impl::DecimalQuantity::toScientificString() in i18n/number_decimalquantity.cpp. |
| CVE-2018-18933 | 2018-11-05 | The u3d plugin 9.3.0.10809 (aka plugins\U3DBrowser.fpi) in FoxitReader.exe in Foxit Reader 9.3.0.10826 allows remote attackers to cause a denial of service (out-of-bounds read) or obtain sensitive information via a U3D... |
| CVE-2018-18934 | 2018-11-05 | An issue was discovered in PopojiCMS v2.0.1. admin_component.php is exploitable via the po-admin/route.php?mod=component&act=addnew URI by using the fupload parameter to upload a ZIP file containing arbitrary PHP code (that is... |
| CVE-2018-18935 | 2018-11-05 | An issue was discovered in PopojiCMS v2.0.1. It has CSRF via the po-admin/route.php?mod=component&act=addnew URI, as demonstrated by adding a level=1 account. |
| CVE-2018-18936 | 2018-11-05 | An issue was discovered in PopojiCMS v2.0.1. admin_library.php allows remote attackers to delete arbitrary files via directory traversal in the po-admin/route.php?mod=library&act=delete id parameter. |
| CVE-2018-18937 | 2018-11-05 | An issue has been found in libIEC61850 v1.3. It is a NULL pointer dereference in ClientDataSet_getValues in client/ied_connection.c. |
| CVE-2018-18938 | 2018-11-05 | An issue was discovered in WUZHI CMS 4.1.0. There is stored XSS in index.php?m=core&f=index via an ontoggle attribute to details/open/ within a second input field. |
| CVE-2018-18939 | 2018-11-05 | An issue was discovered in WUZHI CMS 4.1.0. There is stored XSS in index.php?m=core&f=index via a seventh input field. |
| CVE-2018-18942 | 2018-11-05 | In baserCMS before 4.1.4, lib\Baser\Model\ThemeConfig.php allows remote attackers to execute arbitrary PHP code via the admin/theme_configs/form data[ThemeConfig][logo] parameter. |
| CVE-2018-18943 | 2018-11-05 | An issue was discovered in baserCMS before 4.1.4. In the Register New Category feature of the Upload menu, the category name can be used for XSS via the data[UploaderCategory][name] parameter... |
| CVE-2018-18949 | 2018-11-05 | Zoho ManageEngine OpManager 12.3 before 123222 has SQL Injection via Mail Server settings. |
| CVE-2018-18950 | 2018-11-05 | KindEditor through 4.1.11 has a path traversal vulnerability in php/upload_json.php. Anyone can browse a file or directory in the kindeditor/attached/ folder via the path parameter without authentication. |
| CVE-2018-18952 | 2018-11-05 | JEECMS 9.3 has XSS via an index.do#/content/update?type=update URI. |
| CVE-2018-9208 | 2018-11-05 | Unauthenticated arbitrary file upload vulnerability in jQuery Picture Cut <= v1.1Beta |
| CVE-2018-18820 | 2018-11-05 | A buffer overflow was discovered in the URL-authentication backend of the Icecast before 2.4.4. If the backend is enabled, then any malicious HTTP client can send a request for that... |
| CVE-2018-18956 | 2018-11-05 | The ProcessMimeEntity function in util-decode-mime.c in Suricata 4.x before 4.0.6 allows remote attackers to cause a denial of service (segfault and daemon crash) via crafted input to the SMTP parser,... |
| CVE-2018-18957 | 2018-11-05 | An issue has been found in libIEC61850 v1.3. It is a stack-based buffer overflow in prepareGooseBuffer in goose/goose_publisher.c. |
| CVE-2018-13396 | 2018-11-05 | There was an argument injection vulnerability in Sourcetree for macOS from version 1.0b2 before version 3.0.0 via Git subrepositories in Mercurial repositories. An attacker with permission to commit to a... |
| CVE-2018-13397 | 2018-11-05 | There was an argument injection vulnerability in Sourcetree for Windows from version 0.5.1.0 before version 3.0.0 via Git subrepositories in Mercurial repositories. An attacker with permission to commit to a... |
| CVE-2018-17905 | 2018-11-05 | When processing project files in Omron CX-Supervisor Versions 3.4.1.0 and prior and tampering with a specific byte, memory corruption may occur within a specific object. |
| CVE-2018-17907 | 2018-11-05 | When processing project files in Omron CX-Supervisor Versions 3.4.1.0 and prior and tampering with the value of an offset, an attacker can force the application to read a value outside... |
| CVE-2018-17909 | 2018-11-05 | When processing project files in Omron CX-Supervisor Versions 3.4.1.0 and prior, the application fails to check if it is referencing freed memory, which may allow an attacker to execute code... |
| CVE-2018-17913 | 2018-11-05 | A type confusion vulnerability exists when processing project files in Omron CX-Supervisor Versions 3.4.1.0 and prior, which may allow an attacker to execute code in the context of the application. |
| CVE-2018-16472 | 2018-11-06 | A prototype pollution attack in cached-path-relative versions <=1.0.1 allows an attacker to inject properties on Object.prototype which are then inherited by all the JS objects through the prototype chain causing... |
| CVE-2018-18964 | 2018-11-06 | osCommerce 2.3.4.1 has an incomplete '.htaccess' for blacklist filtering in the "product" page. The .htaccess file in catalog/images/ bans the html extension, but there are several extensions in which contained... |
| CVE-2018-18965 | 2018-11-06 | osCommerce 2.3.4.1 has an incomplete '.htaccess' for blacklist filtering in the "product" page. The .htaccess file in catalog/images/ bans the html extension, but there are several alternative cases in which... |
| CVE-2018-18966 | 2018-11-06 | osCommerce 2.3.4.1 has an incomplete '.htaccess' for blacklist filtering in the "product" page. The .htaccess file in catalog/images/ bans the html extension, but Internet Explorer render HTML elements in a... |
| CVE-2018-18980 | 2018-11-06 | An XML External Entity injection (XXE) vulnerability exists in Zoho ManageEngine Network Configuration Manager and OpManager before 12.3.214 via the RequestXML parameter in a /devices/ProcessRequest.do GET request. For example, the... |
| CVE-2018-18963 | 2018-11-06 | Busca.aspx.cs in Degrau Publicidade e Internet Plataforma de E-commerce allows SQL Injection via the busca/ URI. |
| CVE-2014-10077 | 2018-11-06 | Hash#slice in lib/i18n/core_ext/hash.rb in the i18n gem before 0.8.0 for Ruby allows remote attackers to cause a denial of service (application crash) via a call in a situation where :some_key... |
| CVE-2018-16986 | 2018-11-06 | Texas Instruments BLE-STACK v2.2.1 for SimpleLink CC2640 and CC2650 devices allows remote attackers to execute arbitrary code via a malformed packet that triggers a buffer overflow. |
| CVE-2018-1606 | 2018-11-06 | IBM Jazz based applications (IBM Rational Collaborative Lifecycle Management 5.0 through 5.02 and 6.0 through 6.0.6, IBM Rational DOORS Next Generation 5.0 through 5.02 and 6.0 through 6.0.6, IBM Rational... |
| CVE-2018-1694 | 2018-11-06 | IBM Jazz applications (IBM Rational Collaborative Lifecycle Management 5.0 through 5.02 and 6.0 through 6.0.6, IBM Rational DOORS Next Generation 5.0 through 5.02 and 6.0 through 6.0.6, IBM Rational Engineering... |
| CVE-2018-9360 | 2018-11-06 | In process_l2cap_cmd of l2c_main.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges... |
| CVE-2018-9355 | 2018-11-06 | In bta_dm_sdp_result of bta_dm_act.cc, there is a possible out of bounds stack write due to a missing bounds check. This could lead to remote code execution with no additional execution... |
| CVE-2018-9356 | 2018-11-06 | In bnep_data_ind of bnep_main.c, there is a possible remote code execution due to a double free. This could lead to remote code execution with no additional execution privileges needed. User... |