CVE List - 2018 / November
Showing 101 - 200 of 983 CVEs for November 2018 (Page 2 of 10)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2018-9357 | 2018-11-06 | In BNEP_Write of bnep_api.cc, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with User execution privileges... |
| CVE-2018-9358 | 2018-11-06 | In gatts_process_attribute_req of gatt_sc.cc, there is a possible read of uninitialized data due to a missing bounds check. This could lead to remote information disclosure in the Bluetooth process with... |
| CVE-2018-9359 | 2018-11-06 | In process_l2cap_cmd of l2c_main.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges... |
| CVE-2018-9361 | 2018-11-06 | In process_l2cap_cmd of l2c_main.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges... |
| CVE-2018-9362 | 2018-11-06 | In processMessagePart of InboundSmsHandler.java, there is a possible remote denial of service due to improper input validation. This could lead to remote denial of service with no additional execution privileges... |
| CVE-2018-9363 | 2018-11-06 | In the hidp_process_report in bluetooth, there is an integer overflow. This could lead to an out of bounds write with no additional execution privileges needed. User interaction is not needed... |
| CVE-2018-9385 | 2018-11-06 | In driver_override_store of bus.c, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges... |
| CVE-2018-9415 | 2018-11-06 | In driver_override_store and driver_override_show of bus.c, there is a possible double free due to improper locking. This could lead to local escalation of privilege with System execution privileges needed. User... |
| CVE-2018-9422 | 2018-11-06 | In get_futex_key of futex.c, there is a use-after-free due to improper locking. This could lead to local escalation of privilege with no additional privileges needed. User interaction is not needed... |
| CVE-2018-9427 | 2018-11-06 | In CopyToOMX of OMXNodeInstance.cpp there is a possible out-of-bounds write due to an incorrect bounds check. This could lead to remote arbitrary code execution with no additional execution privileges needed.... |
| CVE-2018-9436 | 2018-11-06 | In bnep_data_ind of bnep_main.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges... |
| CVE-2018-9437 | 2018-11-06 | In getstring of ID3.cpp there is a possible out-of-bounds read due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed.... |
| CVE-2018-9438 | 2018-11-06 | When a device connects only over WiFi VPN, the device may not receive security updates due to some incorrect checks. This could lead to a local denial of service of... |
| CVE-2018-9444 | 2018-11-06 | In ih264d_video_decode of ih264d_api.c there is a possible resource exhaustion due to an infinite loop. This could lead to remote temporary device denial of service (remote hang or reboot) with... |
| CVE-2018-9445 | 2018-11-06 | In readMetadata of Utils.cpp, there is a possible path traversal bug due to a confused deputy. This could lead to local escalation of privilege when mounting a USB device with... |
| CVE-2018-9446 | 2018-11-06 | In smp_br_state_machine_event of smp_br_main.cc, there is a possible out of bounds write due to memory corruption. This could lead to remote code execution with no additional execution privileges needed. User... |
| CVE-2018-9448 | 2018-11-06 | In avct_bcb_msg_ind of avct_bcb_act.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges... |
| CVE-2018-9450 | 2018-11-06 | In avrc_proc_vendor_command of avrc_api.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges... |
| CVE-2018-9451 | 2018-11-06 | In DynamicRefTable::load of ResourceTypes.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges... |
| CVE-2018-9453 | 2018-11-06 | In avdt_msg_prs_cfg of avdt_msg.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges... |
| CVE-2018-9454 | 2018-11-06 | In bnep_data_ind of bnep_main.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with no additional execution privileges... |
| CVE-2018-9455 | 2018-11-06 | In sdpu_extract_attr_seq of sdp_utils.cc, there is a possible out of bounds read due to an incorrect bounds check. This could lead to remote denial of service with no additional execution... |
| CVE-2018-9458 | 2018-11-06 | In computeFocusedWindow of RootWindowContainer.java, and related functions, there is possible interception of keypresses due to focus being on the wrong window. This could lead to local escalation of privilege revealing... |
| CVE-2018-9459 | 2018-11-06 | In Attachment of Attachment.java and getFilePath of EmlAttachmentProvider.java, there is a possible Elevation of Privilege due to a path traversal error. This could lead to a remote escalation of privilege... |
| CVE-2018-9465 | 2018-11-06 | In task_get_unused_fd_flags of binder.c, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed.... |
| CVE-2018-9488 | 2018-11-06 | In the SELinux permissions of crash_dump.te, there is a permissions bypass due to a missing restriction. This could lead to a local escalation of privilege, with System privileges needed. User... |
| CVE-2018-9489 | 2018-11-06 | When wifi is switched, function sendNetworkStateChangeBroadcast of WifiStateMachine.java broadcasts an intent including detailed wifi network information. This could lead to information disclosure with no execution privileges needed. User interaction is... |
| CVE-2018-9516 | 2018-11-06 | In hid_debug_events_read of drivers/hid/hid-debug.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges... |
| CVE-2018-16473 | 2018-11-06 | A path traversal in takeapeek module versions <=0.2.2 allows an attacker to list directory and files. |
| CVE-2018-16474 | 2018-11-06 | A stored xss in tianma-static module versions <=1.0.4 allows an attacker to execute arbitrary javascript. |
| CVE-2018-16475 | 2018-11-06 | A Path Traversal in Knightjs versions <= 0.0.1 allows an attacker to read content of arbitrary files on a remote server. |
| CVE-2018-17184 | 2018-11-06 | A malicious user with enough administration entitlements can inject html-like elements containing JavaScript statements into Connector names, Report names, AnyTypeClass keys and Policy descriptions. When another user with enough administration... |
| CVE-2018-17186 | 2018-11-06 | An administrator with workflow definition entitlements can use DTD to perform malicious operations, including but not limited to file read, file write, and code execution. |
| CVE-2018-14667 | 2018-11-06 | The RichFaces Framework 3.X through 3.3.4 is vulnerable to Expression Language (EL) injection via the UserResource resource. A remote, unauthenticated attacker could exploit this to execute arbitrary code using a... |
| CVE-2018-12411 | 2018-11-07 | TIBCO ActiveSpaces Administrative Daemon Vulnerable to CSRF Attacks |
| CVE-2018-12412 | 2018-11-07 | TIBCO FTL Realm Server Vulnerable to CSRF Attacks |
| CVE-2018-12413 | 2018-11-07 | TIBCO Messaging - Apache Kafka Distribution - Schema Repository Vulnerable to CSRF Attacks |
| CVE-2018-12414 | 2018-11-07 | TIBCO Rendezvous Vulnerable to CSRF Attacks |
| CVE-2018-12415 | 2018-11-07 | TIBCO Enterprise Message Service Vulnerable to CSRF Attacks |
| CVE-2018-19050 | 2018-11-07 | MetInfo 6.1.3 has XSS via the admin/index.php?a=dogetpassword langset parameter. |
| CVE-2018-19051 | 2018-11-07 | MetInfo 6.1.3 has XSS via the admin/index.php?a=dogetpassword abt_type parameter. |
| CVE-2018-19047 | 2018-11-07 | mPDF through 7.1.6, if deployed as a web application that accepts arbitrary HTML, allows SSRF, as demonstrated by a '<img src="http://192.168' substring that triggers a call to getImage in Image/ImageProcessor.php.... |
| CVE-2018-19052 | 2018-11-07 | An issue was discovered in mod_alias_physical_handler in mod_alias.c in lighttpd before 1.4.50. There is potential ../ path traversal of a single directory above an alias target, with a specific mod_alias... |
| CVE-2018-19053 | 2018-11-07 | PbootCMS 1.2.2 allows remote attackers to execute arbitrary PHP code by specifying a .php filename in a "SET GLOBAL general_log_file" statement, followed by a SELECT statement containing this PHP code. |
| CVE-2018-16843 | 2018-11-07 | nginx before versions 1.15.6 and 1.14.1 has a vulnerability in the implementation of HTTP/2 that can allow for excessive memory consumption. This issue affects nginx compiled with the ngx_http_v2_module (not... |
| CVE-2018-16844 | 2018-11-07 | nginx before versions 1.15.6 and 1.14.1 has a vulnerability in the implementation of HTTP/2 that can allow for excessive CPU usage. This issue affects nginx compiled with the ngx_http_v2_module (not... |
| CVE-2018-16845 | 2018-11-07 | nginx before versions 1.15.6, 1.14.1 has a vulnerability in the ngx_http_mp4_module, which might allow an attacker to cause infinite loop in a worker process, cause a worker process crash, or... |
| CVE-2018-8021 | 2018-11-07 | Versions of Superset prior to 0.23 used an unsafe load method from the pickle library to deserialize data leading to possible remote code execution. Note Superset 0.23 was released prior... |
| CVE-2018-19056 | 2018-11-07 | pandao Editor.md 1.5.0 has DOM XSS via input starting with a "<<" substring, which is mishandled during construction of an A element. |
| CVE-2018-19057 | 2018-11-07 | SimpleMDE 1.11.2 has XSS via an onerror attribute of a crafted IMG element, or via certain input with [ and ( characters, which is mishandled during construction of an A... |
| CVE-2018-19058 | 2018-11-07 | An issue was discovered in Poppler 0.71.0. There is a reachable abort in Object.h, will lead to denial of service because EmbFile::save2 in FileSpec.cc lacks a stream check before saving... |
| CVE-2018-19059 | 2018-11-07 | An issue was discovered in Poppler 0.71.0. There is a out-of-bounds read in EmbFile::save2 in FileSpec.cc, will lead to denial of service, as demonstrated by utils/pdfdetach.cc not validating embedded files... |
| CVE-2018-19060 | 2018-11-07 | An issue was discovered in Poppler 0.71.0. There is a NULL pointer dereference in goo/GooString.h, will lead to denial of service, as demonstrated by utils/pdfdetach.cc not validating a filename of... |
| CVE-2018-18590 | 2018-11-07 | MFSBGN03829 rev.1 - Micro Focus Operation Bridge Containerized Suite, Remote Code Execution |
| CVE-2018-19061 | 2018-11-07 | DedeCMS 5.7 SP2 has SQL Injection via the dede\co_do.php ids parameter. |
| CVE-2018-19063 | 2018-11-07 | An issue was discovered on Foscam C2 devices with System Firmware 1.11.1.8 and Application Firmware 2.72.1.32, and Opticam i5 devices with System Firmware 1.5.2.11 and Application Firmware 2.21.1.128. The admin... |
| CVE-2018-19064 | 2018-11-07 | An issue was discovered on Foscam C2 devices with System Firmware 1.11.1.8 and Application Firmware 2.72.1.32, and Opticam i5 devices with System Firmware 1.5.2.11 and Application Firmware 2.21.1.128. The ftpuser1... |
| CVE-2018-19065 | 2018-11-07 | An issue was discovered on Foscam C2 devices with System Firmware 1.11.1.8 and Application Firmware 2.72.1.32, and Opticam i5 devices with System Firmware 1.5.2.11 and Application Firmware 2.21.1.128. The exported... |
| CVE-2018-19066 | 2018-11-07 | An issue was discovered on Foscam C2 devices with System Firmware 1.11.1.8 and Application Firmware 2.72.1.32, and Opticam i5 devices with System Firmware 1.5.2.11 and Application Firmware 2.21.1.128. The exported... |
| CVE-2018-19067 | 2018-11-07 | An issue was discovered on Foscam C2 devices with System Firmware 1.11.1.8 and Application Firmware 2.72.1.32, and Opticam i5 devices with System Firmware 1.5.2.11 and Application Firmware 2.21.1.128. There is... |
| CVE-2018-19068 | 2018-11-07 | An issue was discovered on Foscam Opticam i5 devices with System Firmware 1.5.2.11 and Application Firmware 2.21.1.128. The CGIProxy.fcgi?cmd=setTelnetSwitch feature is authorized for hidden factory credentials. |
| CVE-2018-19069 | 2018-11-07 | An issue was discovered on Foscam C2 devices with System Firmware 1.11.1.8 and Application Firmware 2.72.1.32, and Opticam i5 devices with System Firmware 1.5.2.11 and Application Firmware 2.21.1.128. The CGIProxy.fcgi?cmd=setTelnetSwitch... |
| CVE-2018-19070 | 2018-11-07 | An issue was discovered on Foscam C2 devices with System Firmware 1.11.1.8 and Application Firmware 2.72.1.32, and Opticam i5 devices with System Firmware 1.5.2.11 and Application Firmware 2.21.1.128. They allow... |
| CVE-2018-19071 | 2018-11-07 | An issue was discovered on Foscam C2 devices with System Firmware 1.11.1.8 and Application Firmware 2.72.1.32, and Opticam i5 devices with System Firmware 1.5.2.11 and Application Firmware 2.21.1.128. /mnt/mtd/boot.sh has... |
| CVE-2018-19072 | 2018-11-07 | An issue was discovered on Foscam C2 devices with System Firmware 1.11.1.8 and Application Firmware 2.72.1.32, and Opticam i5 devices with System Firmware 1.5.2.11 and Application Firmware 2.21.1.128. /mnt/mtd/app has... |
| CVE-2018-19073 | 2018-11-07 | An issue was discovered on Foscam C2 devices with System Firmware 1.11.1.8 and Application Firmware 2.72.1.32, and Opticam i5 devices with System Firmware 1.5.2.11 and Application Firmware 2.21.1.128. They allow... |
| CVE-2018-19074 | 2018-11-07 | An issue was discovered on Foscam C2 devices with System Firmware 1.11.1.8 and Application Firmware 2.72.1.32, and Opticam i5 devices with System Firmware 1.5.2.11 and Application Firmware 2.21.1.128. The firewall... |
| CVE-2018-19075 | 2018-11-07 | An issue was discovered on Foscam C2 devices with System Firmware 1.11.1.8 and Application Firmware 2.72.1.32, and Opticam i5 devices with System Firmware 1.5.2.11 and Application Firmware 2.21.1.128. The firewall... |
| CVE-2018-19076 | 2018-11-07 | An issue was discovered on Foscam C2 devices with System Firmware 1.11.1.8 and Application Firmware 2.72.1.32, and Opticam i5 devices with System Firmware 1.5.2.11 and Application Firmware 2.21.1.128. The FTP... |
| CVE-2018-19077 | 2018-11-07 | An issue was discovered on Foscam Opticam i5 devices with System Firmware 1.5.2.11 and Application Firmware 2.21.1.128. RtspServer allows remote attackers to cause a denial of service (daemon hang or... |
| CVE-2018-19078 | 2018-11-07 | An issue was discovered on Foscam Opticam i5 devices with System Firmware 1.5.2.11 and Application Firmware 2.21.1.128. The response to an ONVIF media GetStreamUri request contains the administrator username and... |
| CVE-2018-19079 | 2018-11-07 | An issue was discovered on Foscam Opticam i5 devices with System Firmware 1.5.2.11 and Application Firmware 2.21.1.128. The ONVIF devicemgmt SystemReboot method allows unauthenticated reboot. |
| CVE-2018-19080 | 2018-11-07 | An issue was discovered on Foscam Opticam i5 devices with System Firmware 1.5.2.11 and Application Firmware 2.21.1.128. The ONVIF devicemgmt SetHostname method allows unauthenticated persistent XSS. |
| CVE-2018-19081 | 2018-11-07 | An issue was discovered on Foscam Opticam i5 devices with System Firmware 1.5.2.11 and Application Firmware 2.21.1.128. The ONVIF devicemgmt SetDNS method allows remote attackers to execute arbitrary OS commands... |
| CVE-2018-19082 | 2018-11-07 | An issue was discovered on Foscam Opticam i5 devices with System Firmware 1.5.2.11 and Application Firmware 2.21.1.128. The ONVIF devicemgmt SetDNS method allows remote attackers to conduct stack-based buffer overflow... |
| CVE-2018-19083 | 2018-11-07 | WeCenter 3.2.0 through 3.2.2 has XSS in the views/default/question/index.tpl.html htmlspecialchars_decode function via the /?/publish/ajax/publish_question/ question_content parameter. |
| CVE-2018-19089 | 2018-11-07 | tianti 2.3 has stored XSS in the userlist module via the tianti-module-admin/user/ajax/save_role name parameter, which is mishandled in tianti-module-admin\src\main\webapp\WEB-INF\views\user\user_list.jsp. |
| CVE-2018-19090 | 2018-11-07 | tianti 2.3 has stored XSS in the article management module via an article title. |
| CVE-2018-19091 | 2018-11-07 | tianti 2.3 has reflected XSS in the user management module via the tianti-module-admin/user/list userName parameter. |
| CVE-2018-19092 | 2018-11-07 | An issue was discovered in YzmCMS v5.2. It has XSS via a search/index/archives/pubtime/ query string, as demonstrated by the search/index/archives/pubtime/1526387722/page/1.html URI. NOTE: this does not obtain a user's cookie. |
| CVE-2018-19093 | 2018-11-07 | An issue has been found in libIEC61850 v1.3. It is a SEGV in ControlObjectClient_setCommandTerminationHandler in client/client_control.c. NOTE: the software maintainer disputes this because it requires incorrect usage of the client_example_control... |
| CVE-2018-16149 | 2018-11-07 | In sig_verify() in x509.c in axTLS version 2.1.3 and before, the PKCS#1 v1.5 signature verification blindly trusts the declared lengths in the ASN.1 structure. Consequently, when small public exponents are... |
| CVE-2018-16150 | 2018-11-07 | In sig_verify() in x509.c in axTLS version 2.1.3 and before, the PKCS#1 v1.5 signature verification does not reject excess data after the hash value. Consequently, a remote attacker can forge... |
| CVE-2018-16253 | 2018-11-07 | In sig_verify() in x509.c in axTLS version 2.1.3 and before, the PKCS#1 v1.5 signature verification does not properly verify the ASN.1 metadata. Consequently, a remote attacker can forge signatures when... |
| CVE-2018-19107 | 2018-11-08 | In Exiv2 0.26, Exiv2::IptcParser::decode in iptc.cpp (called from psdimage.cpp in the PSD image reader) may suffer from a denial of service (heap-based buffer over-read) caused by an integer overflow via... |
| CVE-2018-19108 | 2018-11-08 | In Exiv2 0.26, Exiv2::PsdImage::readMetadata in psdimage.cpp in the PSD image reader may suffer from a denial of service (infinite loop) caused by an integer overflow via a crafted PSD image... |
| CVE-2018-19104 | 2018-11-08 | In BageCMS 3.1.3, upload/index.php has a CSRF vulnerability that can be used to upload arbitrary files and get server privileges. |
| CVE-2018-19105 | 2018-11-08 | LibreCAD 2.1.3 allows remote attackers to cause a denial of service (0x89C04589 write access violation and application crash) or possibly have unspecified other impact via a crafted file. |
| CVE-2018-19109 | 2018-11-08 | tianti 2.3 allows remote authenticated users to bypass intended permission restrictions by visiting tianti-module-admin/cms/column/list directly to read the column list page or edit a column. |
| CVE-2018-19110 | 2018-11-08 | The skin-management feature in tianti 2.3 allows remote authenticated users to bypass intended permission restrictions by visiting tianti-module-admin/user/skin/list directly because controller\usercontroller.java maps a /skin/list request to the function skinList, and... |
| CVE-2018-19111 | 2018-11-08 | The Google Cardboard application 1.8 for Android and 1.2 for iOS sends potentially private cleartext information to the Unity 3D Stats web site, as demonstrated by device make, model, and... |
| CVE-2018-11777 | 2018-11-08 | In Apache Hive 2.3.3, 3.1.0 and earlier, local resources on HiveServer2 machines are not properly protected against malicious user if ranger, sentry or sql standard authorizer is not in use. |
| CVE-2018-1314 | 2018-11-08 | In Apache Hive 2.3.3, 3.1.0 and earlier, Hive "EXPLAIN" operation does not check for necessary authorization of involved entities in a query. An unauthorized user can do "EXPLAIN" on arbitrary... |
| CVE-2018-6433 | 2018-11-08 | A vulnerability in the secryptocfg export command of Brocade Fabric OS versions before 8.2.1, 8.1.2f, 8.0.2f, 7.4.2d could allow a local attacker to bypass the export file access restrictions and... |
| CVE-2018-6434 | 2018-11-08 | A vulnerability in the web management interface of Brocade Fabric OS versions before 8.2.1, 8.1.2f, 8.0.2f, 7.4.2d could allow attackers to intercept or manipulate a user's session ID. |
| CVE-2018-6435 | 2018-11-08 | A Vulnerability in the secryptocfg command of Brocade Fabric OS command line interface (CLI) versions before 8.2.1, 8.1.2f, 8.0.2f, 7.4.2d could allow a local attacker to escape the restricted shell... |
| CVE-2018-6441 | 2018-11-08 | A vulnerability in Secure Shell implementation of Brocade Fabric OS versions before 8.2.1, 8.1.2f, 8.0.2f, 7.4.2d could allow a local attacker to provide arbitrary environment variables, and bypass the restricted... |
| CVE-2018-6442 | 2018-11-08 | A vulnerability in the Brocade Webtools firmware update section of Brocade Fabric OS before 8.2.1, 8.1.2f, 8.0.2f, 7.4.2d could allow remote authenticated attackers to execute arbitrary commands. |
| CVE-2018-0284 | 2018-11-08 | Cisco Meraki Local Status Page Privilege Escalation Vulnerability |
| CVE-2018-15381 | 2018-11-08 | Cisco Unity Express Arbitrary Command Execution Vulnerability |