CVE List - 2018 / November
Showing 201 - 300 of 983 CVEs for November 2018 (Page 3 of 10)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2018-15393 | 2018-11-08 | Cisco Content Security Management Appliance (SMA) Cross-Site Scripting Vulnerability |
| CVE-2018-15394 | 2018-11-08 | Cisco Stealthwatch Management Console Authentication Bypass Vulnerability |
| CVE-2018-15437 | 2018-11-08 | Cisco Immunet and Cisco AMP for Endpoints System Scan Denial of Service Vulnerability |
| CVE-2018-15439 | 2018-11-08 | Cisco Small Business Switches Privileged Access Vulnerability |
| CVE-2018-15443 | 2018-11-08 | Cisco Firepower Detection Engine TCP Intrusion Prevention System Rule Bypass Vulnerability |
| CVE-2018-15444 | 2018-11-08 | Cisco Energy Management Suite XML External Entity Vulnerability |
| CVE-2018-15445 | 2018-11-08 | Cisco Energy Management Suite Cross-Site Request Forgery Vulnerability |
| CVE-2018-15446 | 2018-11-08 | Cisco Meeting Server Information Disclosure Vulnerability |
| CVE-2018-19114 | 2018-11-08 | An issue was discovered in MinDoc through v1.0.2. It allows attackers to gain privileges by uploading an image file with contents that represent an admin session, and then sending a... |
| CVE-2018-6436 | 2018-11-08 | A Vulnerability in the firmwaredownload command of Brocade Fabric OS command line interface (CLI) versions before 8.2.1, 8.1.2f, 8.0.2f, 7.4.2d could allow a local attacker to escape the restricted shell... |
| CVE-2018-6437 | 2018-11-08 | A Vulnerability in the help command of Brocade Fabric OS command line interface (CLI) versions before 8.2.1, 8.1.2f, 8.0.2f, 7.4.2d could allow a local attacker to escape the restricted shell... |
| CVE-2018-6438 | 2018-11-08 | A Vulnerability in the supportsave command of Brocade Fabric OS command line interface (CLI) versions before 8.2.1, 8.1.2f, 8.0.2f, 7.4.2d could allow a local attacker to escape the restricted shell... |
| CVE-2018-15447 | 2018-11-08 | Cisco Integrated Management Controller Supervisor SQL Injection Vulnerability |
| CVE-2018-15448 | 2018-11-08 | Cisco Registered Envelope Service Information Disclosure Vulnerability |
| CVE-2018-15449 | 2018-11-08 | Cisco Video Surveillance Media Server Denial of Service Vulnerability |
| CVE-2018-19044 | 2018-11-08 | keepalived 2.0.8 didn't check for pathnames with symlinks when writing data to a temporary file upon a call to PrintData or PrintStats. This allowed local users to overwrite arbitrary files... |
| CVE-2018-19045 | 2018-11-08 | keepalived 2.0.8 used mode 0666 when creating new temporary files upon a call to PrintData or PrintStats, potentially leaking sensitive information. |
| CVE-2018-19046 | 2018-11-08 | keepalived 2.0.8 didn't check for existing plain files when writing data to a temporary file upon a call to PrintData or PrintStats. If a local attacker had previously created a... |
| CVE-2018-19115 | 2018-11-08 | keepalived before 2.0.7 has a heap-based buffer overflow when parsing HTTP status codes resulting in DoS or possibly unspecified other impact, because extract_status_code in lib/html.c has no validation of the... |
| CVE-2018-15450 | 2018-11-08 | Cisco Prime Collaboration Assurance File Overwrite Vulnerability |
| CVE-2018-15451 | 2018-11-08 | Cisco Prime Service Catalog Cross-Site Scripting Vulnerability |
| CVE-2018-7718 | 2018-11-08 | An issue was discovered in Telexy QPath 5.4.462. A low privileged authenticated user supplying a specially crafted serialized request to AdanitDataService.svc may modify user information, including but not limited to... |
| CVE-2016-9749 | 2018-11-09 | IBM Campaign 9.1.0, 9.1.2, 10.0, and 10.1 could allow an authenticated user with access to the local network to bypass security due to lack of input validation. IBM X-Force ID:... |
| CVE-2017-1119 | 2018-11-09 | IBM Marketing Operations 9.1.0, 9.1.2, and 10.1 could allow a remote attacker to obtain sensitive information. An attacker could send a specially-crafted request to cause an error message to be... |
| CVE-2018-1684 | 2018-11-09 | IBM WebSphere MQ 8.0 through 9.1 is vulnerable to a error with MQTT topic string publishing that can cause a denial of service attack. IBM X-Force ID: 145456. |
| CVE-2018-1774 | 2018-11-09 | IBM API Connect 5.0.0.0, 5.0.8.4, 2018.1 and 2018.3.6 is vulnerable to CSV injection via the developer portal and analytics that could contain malicious commands that would be executed once opened... |
| CVE-2018-1780 | 2018-11-09 | IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, and 11.1 could allow a local db2 instance owner to obtain root access by exploiting a... |
| CVE-2018-1781 | 2018-11-09 | IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, and 11.1 could allow a local user to obtain root access by exploiting a symbolic link... |
| CVE-2018-1799 | 2018-11-09 | IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, and 11.1 could allow a local unprivileged user to overwrite files on the system which could... |
| CVE-2018-1802 | 2018-11-09 | IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, and 11.1 binaries load shared libraries from an untrusted path potentially giving low privilege user full... |
| CVE-2018-1834 | 2018-11-09 | IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 9.7, 10.1, 10.5, and 11.1 contains a vulnerability that could allow a local user to escalate their privileges to... |
| CVE-2018-1842 | 2018-11-09 | IBM Cognos Analytics 11 Configuration tool, under certain circumstances, will bypass OIDC namespace signature verification on its id_token. IBM X-Force ID: 150902. |
| CVE-2018-1857 | 2018-11-09 | IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 11.1 could allow a user to bypass FGAC control and gain access to data they shouldn't be able to... |
| CVE-2018-19121 | 2018-11-09 | An issue has been found in libIEC61850 v1.3. It is a SEGV in Ethernet_receivePacket in ethernet_bsd.c. |
| CVE-2018-19122 | 2018-11-09 | An issue has been found in libIEC61850 v1.3. It is a NULL pointer dereference in Ethernet_sendPacket in ethernet_bsd.c. |
| CVE-2018-19124 | 2018-11-09 | PrestaShop 1.6.x before 1.6.1.23 and 1.7.x before 1.7.4.4 on Windows allows remote attackers to write to arbitrary image files. |
| CVE-2018-19125 | 2018-11-09 | PrestaShop 1.6.x before 1.6.1.23 and 1.7.x before 1.7.4.4 allows remote attackers to delete an image directory. |
| CVE-2018-19126 | 2018-11-09 | PrestaShop 1.6.x before 1.6.1.23 and 1.7.x before 1.7.4.4 allows remote attackers to execute arbitrary code via a file upload. |
| CVE-2018-19128 | 2018-11-09 | In Libav 12.3, there is a heap-based buffer over-read in decode_frame in libavcodec/lcldec.c that allows an attacker to cause denial-of-service via a crafted avi file. |
| CVE-2018-19129 | 2018-11-09 | In Libav 12.3, a NULL pointer dereference (RIP points to zero) issue in ff_mpa_synth_filter_float in libavcodec/mpegaudiodsp_template.c can cause a segmentation fault (application crash) via a crafted mov file. |
| CVE-2018-19130 | 2018-11-09 | In Libav 12.3, there is an invalid memory access in vc1_decode_frame in libavcodec/vc1dec.c that allows attackers to cause a denial-of-service via a crafted aac file. NOTE: This may be a... |
| CVE-2018-19132 | 2018-11-09 | Squid before 4.4, when SNMP is enabled, allows a denial of service (Memory Leak) via an SNMP packet. |
| CVE-2018-19131 | 2018-11-09 | Squid before 4.4 has XSS via a crafted X.509 certificate during HTTP(S) error page generation for certificate errors. |
| CVE-2018-19133 | 2018-11-09 | In Flarum Core 0.1.0-beta.7.1, a serious leak can get everyone's email address. |
| CVE-2018-19127 | 2018-11-09 | A code injection vulnerability in /type.php in PHPCMS 2008 allows attackers to write arbitrary content to a website cache file with a controllable filename, leading to arbitrary code execution. The... |
| CVE-2018-1872 | 2018-11-09 | IBM Maximo Asset Management 7.6 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading... |
| CVE-2018-14644 | 2018-11-09 | An issue has been found in PowerDNS Recursor from 4.0.0 up to and including 4.1.4. A remote attacker sending a DNS query for a meta-type like OPT can lead to... |
| CVE-2018-19136 | 2018-11-09 | DomainMOD through 4.11.01 has XSS via the assets/edit/registrar-account.php raid parameter. |
| CVE-2018-19137 | 2018-11-09 | DomainMOD through 4.11.01 has XSS via the assets/edit/ip-address.php ipid parameter. |
| CVE-2018-17612 | 2018-11-09 | Sennheiser HeadSetup 7.3.4903 places Certification Authority (CA) certificates into the Trusted Root CA store of the local system, and publishes the private key in the SennComCCKey.pem file within the public... |
| CVE-2018-19138 | 2018-11-09 | WSTMart 2.0.7 has CSRF via the index.php/admin/staffs/add.html URI. |
| CVE-2018-19139 | 2018-11-09 | An issue has been found in JasPer 2.0.14. There is a memory leak in jas_malloc.c when called from jpc_unk_getparms in jpc_cs.c. |
| CVE-2018-15796 | 2018-11-09 | Signing Key Extraction in Bits Service Release |
| CVE-2018-19145 | 2018-11-09 | An issue was discovered in S-CMS v1.5. There is an XSS vulnerability in search.php via the keyword parameter. |
| CVE-2018-19084 | 2018-11-10 | RegFilter.sys in IOBit Malware Fighter 6.2 is susceptible to a stack-based buffer overflow when an attacker uses IOCTL 0x8006E05C with a size larger than 8 bytes. This can lead to... |
| CVE-2018-19085 | 2018-11-10 | RegFilter.sys in IOBit Malware Fighter 6.2 is susceptible to a stack-based buffer overflow when an attacker uses IOCTL 0x8006E048 with a size larger than 8 bytes. This can lead to... |
| CVE-2018-19086 | 2018-11-10 | RegFilter.sys in IOBit Malware Fighter 6.2 is susceptible to a stack-based buffer overflow when an attacker uses IOCTL 0x8006E040 with a size larger than 8 bytes. This can lead to... |
| CVE-2018-19087 | 2018-11-10 | RegFilter.sys in IOBit Malware Fighter 6.2 is susceptible to a stack-based buffer overflow when an attacker uses IOCTL 0x8006E044 with a size larger than 8 bytes. This can lead to... |
| CVE-2018-19148 | 2018-11-10 | Caddy through 0.11.0 sends incorrect certificates for certain invalid requests, making it easier for attackers to enumerate hostnames. Specifically, when unable to match a Host header with a vhost in... |
| CVE-2018-19149 | 2018-11-10 | Poppler before 0.70.0 has a NULL pointer dereference in _poppler_attachment_new when called from poppler_annot_file_attachment_get_attachment. |
| CVE-2018-19150 | 2018-11-10 | Memory corruption in PDMODELProvidePDModelHFT in pdmodel.dll in pdfforge PDF Architect 6 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact because of... |
| CVE-2017-17550 | 2018-11-10 | ZyXEL ZyWALL USG 2.12 AQQ.2 and 3.30 AQQ.7 devices are affected by a CSRF vulnerability via a cgi-bin/zysh-cgi cmd action to add a user account. This account's access could, for... |
| CVE-2018-19168 | 2018-11-11 | Shell Metacharacter Injection in www/modules/save.php in FruityWifi (aka PatatasFritas/PatataWifi) through 2.4 allows remote attackers to execute arbitrary code with root privileges via a crafted mod_name parameter in a POST request.... |
| CVE-2018-19135 | 2018-11-11 | ClipperCMS 1.3.3 does not have CSRF protection on its kcfinder file upload (enabled by default). This can be used by an attacker to perform actions for an admin (or any... |
| CVE-2018-19141 | 2018-11-11 | Open Ticket Request System (OTRS) 4.0.x before 4.0.33 and 5.0.x before 5.0.31 allows an admin to conduct an XSS attack via a modified URL because user and customer preferences are... |
| CVE-2018-19142 | 2018-11-11 | Open Ticket Request System (OTRS) 6.0.x before 6.0.13 allows an admin to conduct an XSS attack via a modified URL. |
| CVE-2018-19143 | 2018-11-11 | Open Ticket Request System (OTRS) 4.0.x before 4.0.33, 5.0.x before 5.0.31, and 6.0.x before 6.0.13 allows an authenticated user to delete files via a modified submission form because upload caching... |
| CVE-2018-19170 | 2018-11-11 | In JPress v1.0-rc.5, there is stored XSS via each of the first three input fields to the starter-tomcat-1.0/admin/setting URI, as demonstrated by the web_name parameter. |
| CVE-2018-19178 | 2018-11-11 | In JEESNS 1.3, com/lxinet/jeesns/core/utils/XssHttpServletRequestWrapper.java allows stored XSS via an HTML EMBED element, a different vulnerability than CVE-2018-17886. |
| CVE-2018-19180 | 2018-11-11 | statics/app/index/controller/Install.php in YUNUCMS 1.1.5 (if install.lock is not present) allows remote attackers to execute arbitrary PHP code by placing this code in the index.php?s=index/install/setup2 DB_PREFIX field, which is written to... |
| CVE-2018-19181 | 2018-11-11 | statics/ueditor/php/vendor/Local.class.php in YUNUCMS 1.1.5 allows arbitrary file deletion via the statics/ueditor/php/controller.php?action=remove key parameter, as demonstrated by using directory traversal to delete the install.lock file. |
| CVE-2018-19183 | 2018-11-12 | ethereumjs-vm 2.4.0 allows attackers to cause a denial of service (vm.runCode failure and REVERT) via a "code: Buffer.from(my_code, 'hex')" attribute. NOTE: the vendor disputes this because REVERT is a normal... |
| CVE-2018-18920 | 2018-11-12 | Py-EVM v0.2.0-alpha.33 allows attackers to make a vm.execute_bytecode call that triggers computation._stack.values with '"stack": [100, 100, 0]' where b'\x' was expected, resulting in an execution failure because of an invalid... |
| CVE-2018-19184 | 2018-11-12 | cmd/evm/runner.go in Go Ethereum (aka geth) 1.8.17 allows attackers to cause a denial of service (SEGV) via crafted bytecode. |
| CVE-2018-19185 | 2018-11-12 | An issue has been found in libIEC61850 v1.3. It is a heap-based buffer overflow in BerEncoder_encodeOctetString in mms/asn1/ber_encoder.c. This is exploitable even after CVE-2018-18834 has been patched, with a different... |
| CVE-2018-19192 | 2018-11-12 | An issue was discovered in XiaoCms 20141229. admin/index.php?c=content&a=add&catid=3 has CSRF, as demonstrated by entering news via the data[content] parameter. |
| CVE-2018-19193 | 2018-11-12 | An issue was discovered in XiaoCms 20141229. There is XSS via the largest input box on the "New news" screen. |
| CVE-2018-19194 | 2018-11-12 | An issue was discovered in XiaoCms 20141229. /admin/index.php?c=database allows full path disclosure in a "failed to open stream" error message. |
| CVE-2018-19195 | 2018-11-12 | An issue was discovered in XiaoCms 20141229. There is XSS related to the template\default\show_product.html file. |
| CVE-2018-19196 | 2018-11-12 | An issue was discovered in XiaoCms 20141229. It allows remote attackers to execute arbitrary code by using the type parameter to bypass the standard admin\controller\uploadfile.php restrictions on uploaded file types... |
| CVE-2018-19197 | 2018-11-12 | An issue was discovered in XiaoCms 20141229. admin\controller\database.php allows arbitrary directory deletion via admin/index.php?c=database&a=import&paths[]=../ directory traversal. |
| CVE-2018-19198 | 2018-11-12 | An issue was discovered in uriparser before 0.9.0. UriQuery.c allows an out-of-bounds write via a uriComposeQuery* or uriComposeQueryEx* function because the '&' character is mishandled in certain contexts. |
| CVE-2018-19199 | 2018-11-12 | An issue was discovered in uriparser before 0.9.0. UriQuery.c allows an integer overflow via a uriComposeQuery* or uriComposeQueryEx* function because of an unchecked multiplication. |
| CVE-2018-19200 | 2018-11-12 | An issue was discovered in uriparser before 0.9.0. UriCommon.c allows attempted operations on NULL input via a uriResetUri* function. |
| CVE-2018-1786 | 2018-11-12 | IBM Spectrum Protect 7.1 and 8.1 dsmc and dsmcad processes incorrectly accumulate TCP/IP sockets in a CLOSE_WAIT state. This can cause TCP/IP resource leakage and may result in a denial... |
| CVE-2018-1798 | 2018-11-12 | IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the... |
| CVE-2018-1884 | 2018-11-12 | IBM Case Manager 5.2.0.0, 5.2.0.4, 5.2.1.0, 5.2.1.7, 5.3.0.0, and 5.3.3.0 is vulnerable to a "zip slip" vulnerability which could allow a remote attacker to execute code using directory traversal techniques.... |
| CVE-2018-19203 | 2018-11-12 | PRTG Network Monitor before 18.2.41.1652 allows remote unauthenticated attackers to terminate the PRTG Core Server Service via a special HTTP request. |
| CVE-2018-19204 | 2018-11-12 | PRTG Network Monitor before 18.3.44.2054 allows a remote authenticated attacker (with read-write privileges) to execute arbitrary code and OS commands with system privileges. When creating an HTTP Advanced Sensor, the... |
| CVE-2018-19206 | 2018-11-12 | steps/mail/func.inc in Roundcube before 1.3.8 has XSS via crafted use of <svg><style>, as demonstrated by an onload attribute in a BODY element, within an HTML attachment. |
| CVE-2018-19207 | 2018-11-12 | The Van Ons WP GDPR Compliance (aka wp-gdpr-compliance) plugin before 1.4.3 for WordPress allows remote attackers to execute arbitrary code because $wpdb->prepare() input is mishandled, as exploited in the wild... |
| CVE-2018-19205 | 2018-11-12 | Roundcube before 1.3.7 mishandles GnuPG MDC integrity-protection warnings, which makes it easier for attackers to obtain sensitive information, a related issue to CVE-2017-17688. This is associated with plugins/enigma/lib/enigma_driver_gnupg.php. |
| CVE-2018-19208 | 2018-11-12 | In libwpd 0.10.2, there is a NULL pointer dereference in the function WP6ContentListener::defineTable in WP6ContentListener.cpp that will lead to a denial of service attack. This is related to WPXTable.h. |
| CVE-2018-19209 | 2018-11-12 | Netwide Assembler (NASM) 2.14rc15 has a NULL pointer dereference in the function find_label in asm/labels.c that will lead to a DoS attack. |
| CVE-2018-19210 | 2018-11-12 | In LibTIFF 4.0.9, there is a NULL pointer dereference in the TIFFWriteDirectorySec function in tif_dirwrite.c that will lead to a denial of service attack, as demonstrated by tiffset. |
| CVE-2018-19211 | 2018-11-12 | In ncurses 6.1, there is a NULL pointer dereference at function _nc_parse_entry in parse_entry.c that will lead to a denial of service attack. The product proceeds to the dereference code... |
| CVE-2018-19214 | 2018-11-12 | Netwide Assembler (NASM) 2.14rc15 has a heap-based buffer over-read in expand_mmac_params in asm/preproc.c for insufficient input. |
| CVE-2018-19215 | 2018-11-12 | Netwide Assembler (NASM) 2.14rc16 has a heap-based buffer over-read in expand_mmac_params in asm/preproc.c for the special cases of the % and $ and ! characters. |
| CVE-2018-19216 | 2018-11-12 | Netwide Assembler (NASM) before 2.13.02 has a use-after-free in detoken at asm/preproc.c. |
| CVE-2018-19217 | 2018-11-12 | In ncurses, possibly a 6.x version, there is a NULL pointer dereference at the function _nc_name_match that will lead to a denial of service attack. NOTE: the original report stated... |