CVE List - 2018 / February
Showing 401 - 500 of 1325 CVEs for February 2018 (Page 5 of 14)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2018-1000034 | 2018-02-09 | An out-of-bounds read exists in Info-Zip UnZip version 6.10c22 that allows an attacker to perform a denial of service and read sensitive memory. |
| CVE-2018-1000035 | 2018-02-09 | A heap-based buffer overflow exists in Info-Zip UnZip version <= 6.00 in the processing of password-protected archives that allows an attacker to perform a denial of service or to possibly... |
| CVE-2018-1000041 | 2018-02-09 | GNOME librsvg version before commit c6ddf2ed4d768fd88adbea2b63f575cd523022ea contains a Improper input validation vulnerability in rsvg-io.c that can result in the victim's Windows username and NTLM password hash being leaked to remote... |
| CVE-2018-1000042 | 2018-02-09 | Security Onion Solutions Squert version 1.3.0 through 1.6.7 contains a CWE-78: Improper Neutralization of Special Elements used in an OS Command (OS Command Injection) vulnerability in .inc/callback.php that can result... |
| CVE-2018-1000043 | 2018-02-09 | Security Onion Solutions Squert version 1.0.1 through 1.6.7 contains a CWE-78: Improper Neutralization of Special Elements used in an OS Command (OS Command Injection) vulnerability in .inc/callback.php that can result... |
| CVE-2018-1000044 | 2018-02-09 | Security Onion Solutions Squert version 1.1.1 through 1.6.7 contains a SQL Injection vulnerability in .inc/callback.php that can result in execution of SQL commands. This attack appear to be exploitable via... |
| CVE-2018-1000045 | 2018-02-09 | NASA Singledop version v1.0 contains a CWE-502 vulnerability in NASA Singledop library (Weather data) that can result in remote code execution. This attack appear to be exploitable via Victim opening... |
| CVE-2018-1000046 | 2018-02-09 | NASA Pyblock version v1.0 - v1.3 contains a CWE-502 vulnerability in Radar data parsing library that can result in remote code execution. This attack appear to be exploitable via Victim... |
| CVE-2018-1000047 | 2018-02-09 | NASA Kodiak version v1.0 contains a CWE-502 vulnerability in Kodiak library's data processing function that can result in remote code execution. This attack appear to be exploitable via Victim opens... |
| CVE-2018-1000048 | 2018-02-09 | NASA RtRetrievalFramework version v1.0 contains a CWE-502 vulnerability in Data retrieval functionality of RtRetrieval framework that can result in remote code execution. This attack appear to be exploitable via Victim... |
| CVE-2018-1000049 | 2018-02-09 | Nanopool Claymore Dual Miner version 7.3 and earlier contains a remote code execution vulnerability by abusing the miner API. The flaw can be exploited only if the software is executed... |
| CVE-2018-1000050 | 2018-02-09 | Sean Barrett stb_vorbis version 1.12 and earlier contains a Buffer Overflow vulnerability in All vorbis decoding paths. that can result in memory corruption, denial of service, comprised execution of host... |
| CVE-2018-1000051 | 2018-02-09 | Artifex Mupdf version 1.12.0 contains a Use After Free vulnerability in fz_keep_key_storable that can result in DOS / Possible code execution. This attack appear to be exploitable via Victim opens... |
| CVE-2018-1000052 | 2018-02-09 | fmtlib version prior to version 4.1.0 (before commit 0555cea5fc0bf890afe0071a558e44625a34ba85) contains a Memory corruption (SIGSEGV), CWE-134 vulnerability in fmt::print() library function that can result in Denial of Service. This attack appear... |
| CVE-2018-1000053 | 2018-02-09 | LimeSurvey version 3.0.0-beta.3+17110 contains a Cross ite Request Forgery (CSRF) vulnerability in Theme Uninstallation that can result in CSRF causing LimeSurvey admins to delete all their themes, rendering the website... |
| CVE-2018-1000054 | 2018-02-09 | Jenkins CCM Plugin 3.1 and earlier processes XML external entities in files it parses as part of the build process, allowing attackers with user permissions in Jenkins to extract secrets... |
| CVE-2018-1000055 | 2018-02-09 | Jenkins Android Lint Plugin 2.5 and earlier processes XML external entities in files it parses as part of the build process, allowing attackers with user permissions in Jenkins to extract... |
| CVE-2018-1000056 | 2018-02-09 | Jenkins JUnit Plugin 1.23 and earlier processes XML external entities in files it parses as part of the build process, allowing attackers with user permissions in Jenkins to extract secrets... |
| CVE-2018-1000057 | 2018-02-09 | Jenkins Credentials Binding Plugin 1.14 and earlier masks passwords it provides to build processes in their build logs. Jenkins however transforms provided password values, e.g. replacing environment variable references, which... |
| CVE-2018-1000058 | 2018-02-09 | Jenkins Pipeline: Supporting APIs Plugin 2.17 and earlier have an arbitrary code execution due to incomplete sandbox protection: Methods related to Java deserialization like readResolve implemented in Pipeline scripts were... |
| CVE-2018-1000060 | 2018-02-09 | Sensu, Inc. Sensu Core version Before 1.2.0 & before commit 46ff10023e8cbf1b6978838f47c51b20b98fe30b contains a CWE-522 vulnerability in Sensu::Utilities.redact_sensitive() that can result in sensitive configuration data (e.g. passwords) may be logged in... |
| CVE-2018-1000059 | 2018-02-09 | ValidFormBuilder version 4.5.4 contains a PHP Object Injection vulnerability in Valid Form unserialize method that can result in Possible to execute unauthorised system commands remotely and disclose file contents in... |
| CVE-2018-1000062 | 2018-02-09 | WonderCMS version 2.4.0 contains a Stored Cross-Site Scripting on File Upload through SVG vulnerability in uploadFileAction(), 'svg' => 'image/svg+xml' that can result in An attacker can execute arbitrary script on... |
| CVE-2018-6891 | 2018-02-11 | Bookly #1 WordPress Booking Plugin Lite before 14.5 has XSS via a jQuery.ajax request to ng-payment_details_dialog.js. |
| CVE-2017-18174 | 2018-02-11 | In the Linux kernel before 4.7, the amd_gpio_remove function in drivers/pinctrl/pinctrl-amd.c calls the pinctrl_unregister function, leading to a double free. |
| CVE-2018-6892 | 2018-02-11 | An issue was discovered in CloudMe before 1.11.0. An unauthenticated remote attacker that can connect to the "CloudMe Sync" client application listening on port 8888 can send a malicious payload... |
| CVE-2018-6912 | 2018-02-12 | The decode_plane function in libavcodec/utvideodec.c in FFmpeg through 3.4.2 allows remote attackers to cause a denial of service (out of array read) via a crafted AVI file. |
| CVE-2018-6845 | 2018-02-12 | PHP Scripts Mall Multi Language Olx Clone Script 2.0.6 has XSS via the Leave Comment field. |
| CVE-2018-6858 | 2018-02-12 | Cross Site Scripting (XSS) exists in PHP Scripts Mall Facebook Clone Script. |
| CVE-2018-6860 | 2018-02-12 | Arbitrary File Upload and Remote Code Execution exist in PHP Scripts Mall Schools Alert Management Script 2.0.2 via a profile picture. |
| CVE-2018-6861 | 2018-02-12 | Cross Site Scripting (XSS) exists in PHP Scripts Mall Lawyer Search Script 1.0.2 via a profile update parameter. |
| CVE-2018-6862 | 2018-02-12 | Cross Site Scripting (XSS) exists in PHP Scripts Mall Bitcoin MLM Software 1.0.2 via a profile field. |
| CVE-2018-6863 | 2018-02-12 | SQL Injection exists in PHP Scripts Mall Select Your College Script 2.0.2 via a Login Parameter. |
| CVE-2018-6864 | 2018-02-12 | Cross Site Scripting (XSS) exists in PHP Scripts Mall Multi religion Responsive Matrimonial 4.7.2 via a user profile update parameter. |
| CVE-2018-6880 | 2018-02-12 | EmpireCMS 6.6 through 7.2 allows remote attackers to discover the full path via an array value for a parameter to class/connect.php. |
| CVE-2018-6881 | 2018-02-12 | EmpireCMS 6.6 allows remote attackers to discover the full path via an array value for a parameter to admin/tool/ShowPic.php. |
| CVE-2018-6888 | 2018-02-12 | An issue was discovered in Typesetter 5.1. The User Permissions page (aka Admin/Users) suffers from critical flaw of Cross Site Request forgery: using a forged HTTP request, a malicious user... |
| CVE-2018-6889 | 2018-02-12 | An issue was discovered in Typesetter 5.1. It suffers from a Host header injection vulnerability, Using this attack, a malicious user can poison the web cache or perform advanced password... |
| CVE-2018-6506 | 2018-02-12 | Cross-Site Scripting (XSS) exists in the Add Forum feature in the Administrative Panel in miniBB 3.2.2 via crafted use of an onload attribute of an SVG element in the supertitle... |
| CVE-2018-6893 | 2018-02-12 | controllers/member/Api.php in dayrui FineCms 5.2.0 has SQL Injection: a request with s=member,c=api,m=checktitle, and the parameter 'module' with a SQL statement, lacks effective filtering. |
| CVE-2017-18175 | 2018-02-12 | Progress Sitefinity 9.1 has XSS via the Content Management Template Configuration (aka Templateconfiguration), as demonstrated by the src attribute of an IMG element. This is fixed in 10.1. |
| CVE-2017-18176 | 2018-02-12 | Progress Sitefinity 9.1 has XSS via file upload, because JavaScript code in an HTML file has the same origin as the application's own code. This is fixed in 10.1. |
| CVE-2017-18177 | 2018-02-12 | Progress Sitefinity 9.1 has XSS via the Last name, First name, and About fields on the New User Creation Page. This is fixed in 10.1. |
| CVE-2017-18178 | 2018-02-12 | Authenticate/SWT in Progress Sitefinity 9.1 has an open redirect issue in which an authentication token is sent to the redirection target, if the target is specified using a certain %40... |
| CVE-2017-18179 | 2018-02-12 | Progress Sitefinity 9.1 uses wrap_access_token as a non-expiring authentication token that remains valid after a password change or a session termination. Also, it is transmitted as a GET parameter. This... |
| CVE-2016-5397 | 2018-02-12 | The Apache Thrift Go client library exposed the potential during code generation for command injection due to using an external formatting tool. Affected Apache Thrift 0.9.3 and older, Fixed in... |
| CVE-2016-8742 | 2018-02-12 | The Windows installer that the Apache CouchDB team provides was vulnerable to local privilege escalation. All files in the install inherit the file permissions of the parent directory and therefore... |
| CVE-2018-6926 | 2018-02-12 | In app/Controller/ServersController.php in MISP 2.4.87, a server setting permitted the override of a path variable on certain Red Hed Enterprise Linux and CentOS systems (where rh_shell_fix was enabled), and consequently... |
| CVE-2016-9569 | 2018-02-12 | The cbstream.sys driver in Carbon Black 5.1.1.60603 allows local users with admin privileges to cause a denial of service (out-of-bounds read and system crash) via a large counter value in... |
| CVE-2016-9570 | 2018-02-12 | cb.exe in Carbon Black 5.1.1.60603 allows attackers to cause a denial of service (out-of-bounds read, invalid pointer dereference, and application crash) by leveraging access to the NetMon named pipe. |
| CVE-2018-6927 | 2018-02-12 | The futex_requeue function in kernel/futex.c in the Linux kernel before 4.14.15 might allow attackers to cause a denial of service (integer overflow) or possibly have unspecified other impact by triggering... |
| CVE-2017-13228 | 2018-02-12 | In function ih264d_ref_idx_reordering of libavc, there is an out-of-bounds write due to modCount being defined as an unsigned character. This could lead to remote code execution with no additional execution... |
| CVE-2017-13229 | 2018-02-12 | A remote code execution vulnerability in the Android media framework (n/a). Product: Android. Versions: 7.0, 7.1.1, 7.1.2, 8.0, 8.1. ID: A-68160703. |
| CVE-2017-13230 | 2018-02-12 | In hevc codec, there is an out-of-bounds write due to an incorrect bounds check with the i2_pic_width_in_luma_samples value. This could lead to remote escalation of privilege with no additional execution... |
| CVE-2017-13231 | 2018-02-12 | In libmediadrm, there is an out-of-bounds write due to improper input validation. This could lead to local elevation of privileges with no additional execution privileges needed. User interaction is not... |
| CVE-2017-13232 | 2018-02-12 | In audioserver, there is an out-of-bounds write due to a log statement using %s with an array that may not be NULL terminated. This could lead to local information disclosure... |
| CVE-2017-13233 | 2018-02-12 | In ihevcd_ctb_boundary_strength_pbslice of libhevc, there is possible resource exhaustion. This could lead to a remote temporary denial of service with no additional execution privileges needed. User interaction is needed for... |
| CVE-2017-13234 | 2018-02-12 | In DLSParser of the sonivox library, there is possible resource exhaustion due to a memory leak. This could lead to remote temporary denial of service with no additional execution privileges... |
| CVE-2017-13235 | 2018-02-12 | A other vulnerability in the Android media framework (n/a). Product: Android. Versions: 7.0, 7.1.1, 7.1.2, 8.0, 8.1. ID: A-68342866. |
| CVE-2017-13236 | 2018-02-12 | In the KeyStore service, there is a permissions bypass that allows access to protected resources. This could lead to local escalation of privilege with system execution privileges needed. User interaction... |
| CVE-2017-13238 | 2018-02-12 | In XBLRamDump mode, there is a debug feature that can be used to dump memory contents, if an attacker has physical access to the device. This could lead to local... |
| CVE-2017-13239 | 2018-02-12 | A information disclosure vulnerability in the Android framework (ui framework). Product: Android. Versions: 8.0. ID: A-66244132. |
| CVE-2017-13240 | 2018-02-12 | A information disclosure vulnerability in the Android framework (crypto framework). Product: Android. Versions: 8.0, 8.1. ID: A-68694819. |
| CVE-2017-13241 | 2018-02-12 | A information disclosure vulnerability in the Android media framework (libstagefright_soft_avcenc). Product: Android. Versions: 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0, 8.1. ID: A-69065651. |
| CVE-2017-13242 | 2018-02-12 | A information disclosure vulnerability in the Android system (bluetooth). Product: Android. Versions: 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0, 8.1. ID: A-62672248. |
| CVE-2017-13243 | 2018-02-12 | A information disclosure vulnerability in the Android system (ui). Product: Android. Versions: 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2, 8.0. ID: A-38258991. |
| CVE-2017-13244 | 2018-02-12 | A elevation of privilege vulnerability in the Upstream kernel easel. Product: Android. Versions: Android kernel. ID: A-62678986. |
| CVE-2017-13245 | 2018-02-12 | A elevation of privilege vulnerability in the Upstream kernel audio driver. Product: Android. Versions: Android kernel. ID: A-64315347. |
| CVE-2017-13246 | 2018-02-12 | A information disclosure vulnerability in the Upstream kernel network driver. Product: Android. Versions: Android kernel. ID: A-36279469. |
| CVE-2017-13247 | 2018-02-12 | In the Pixel 2 bootloader, there is a missing permission check which bypasses carrier bootloader lock. This could lead to local elevation of privileges with user execution privileges needed. User... |
| CVE-2018-1214 | 2018-02-12 | Dell EMC SupportAssist Enterprise version 1.1 creates a local Windows user account named "OMEAdapterUser" with a default password as part of the installation process. This unnecessary user account also remains... |
| CVE-2017-17722 | 2018-02-12 | In Exiv2 0.26, there is a reachable assertion in the readHeader function in bigtiffimage.cpp, which will lead to a remote denial of service attack via a crafted TIFF file. |
| CVE-2017-17723 | 2018-02-12 | In Exiv2 0.26, there is a heap-based buffer over-read in the Exiv2::Image::byteSwap4 function in image.cpp. Remote attackers can exploit this vulnerability to disclose memory data or cause a denial of... |
| CVE-2017-17724 | 2018-02-12 | In Exiv2 0.26, there is a heap-based buffer over-read in the Exiv2::IptcData::printStructure function in iptc.cpp, related to the "!= 0x1c" case. Remote attackers can exploit this vulnerability to cause a... |
| CVE-2017-17725 | 2018-02-12 | In Exiv2 0.26, there is an integer overflow leading to a heap-based buffer over-read in the Exiv2::getULong function in types.cpp. Remote attackers can exploit the vulnerability to cause a denial... |
| CVE-2017-9963 | 2018-02-12 | A cross-site request forgery vulnerability exists on the Secure Gateway component of Schneider Electric's PowerSCADA Anywhere v1.0 redistributed with PowerSCADA Expert v8.1 and PowerSCADA Expert v8.2 and Citect Anywhere version... |
| CVE-2017-9967 | 2018-02-12 | A security misconfiguration vulnerability exists in Schneider Electric's IGSS SCADA Software versions 12 and prior. Security configuration settings such as Address Space Layout Randomization (ASLR) and Data Execution prevention (DEP)... |
| CVE-2017-9968 | 2018-02-12 | A security misconfiguration vulnerability exists in Schneider Electric's IGSS Mobile application versions 3.01 and prior in which a lack of certificate pinning during the TLS/SSL connection establishing process can result... |
| CVE-2017-9969 | 2018-02-12 | An information disclosure vulnerability exists in Schneider Electric's IGSS Mobile application version 3.01 and prior. Passwords are stored in clear text in the configuration which can result in exposure of... |
| CVE-2017-9970 | 2018-02-12 | A remote code execution vulnerability exists in Schneider Electric's StruxureOn Gateway versions 1.1.3 and prior. Uploading a zip which contains carefully crafted metadata allows for the file to be uploaded... |
| CVE-2018-6930 | 2018-02-13 | A stack-based buffer over-read in the ComputeResizeImage function in the MagickCore/accelerate.c file of ImageMagick 7.0.7-22 allows a remote attacker to cause a denial of service (application crash) via a maliciously... |
| CVE-2018-6942 | 2018-02-13 | An issue was discovered in FreeType 2 through 2.9. A NULL pointer dereference in the Ins_GETVARIATION() function within ttinterp.c could lead to DoS via a crafted font file. |
| CVE-2018-1297 | 2018-02-13 | When using Distributed Test only (RMI based), Apache JMeter 2.x and 3.x uses an unsecured RMI connection. This could allow an attacker to get Access to JMeterEngine and send unauthorized... |
| CVE-2018-6292 | 2018-02-13 | Remote Code Execution in Saperion Web Client version 7.5.2 83166. |
| CVE-2018-6293 | 2018-02-13 | Arbitrary File Read in Saperion Web Client version 7.5.2 83166. |
| CVE-2018-6911 | 2018-02-13 | The VBWinExec function in Node\AspVBObj.dll in Advantech WebAccess 8.3.0 allows remote attackers to execute arbitrary OS commands via a single argument (aka the command parameter). |
| CVE-2018-0487 | 2018-02-13 | ARM mbed TLS before 1.3.22, before 2.1.10, and before 2.7.0 allows remote attackers to execute arbitrary code or cause a denial of service (buffer overflow) via a crafted certificate chain... |
| CVE-2018-0488 | 2018-02-13 | ARM mbed TLS before 1.3.22, before 2.1.10, and before 2.7.0, when the truncated HMAC extension and CBC are used, allows remote attackers to execute arbitrary code or cause a denial... |
| CVE-2018-6928 | 2018-02-13 | PHP Scripts Mall News Website Script 2.0.4 has SQL Injection via a search term. |
| CVE-2018-6948 | 2018-02-13 | In CCN-lite 2, the function ccnl_prefix_to_str_detailed can cause a buffer overflow, when writing a prefix to the buffer buf. The maximal size of the prefix is CCNL_MAX_PREFIX_SIZE; the buffer has... |
| CVE-2015-9252 | 2018-02-13 | An issue was discovered in QPDF before 7.0.0. Endless recursion causes stack exhaustion in QPDFTokenizer::resolveLiteral() in QPDFTokenizer.cc, related to the QPDF::resolve function in QPDF.cc. |
| CVE-2016-10713 | 2018-02-13 | An issue was discovered in GNU patch before 2.7.6. Out-of-bounds access within pch_write_line() in pch.c can possibly lead to DoS via a crafted input file. |
| CVE-2017-18183 | 2018-02-13 | An issue was discovered in QPDF before 7.0.0. There is an infinite loop in the QPDFWriter::enqueueObject() function in libqpdf/QPDFWriter.cc. |
| CVE-2017-18184 | 2018-02-13 | An issue was discovered in QPDF before 7.0.0. There is a stack-based out-of-bounds read in the function iterate_rc4 in QPDF_encryption.cc. |
| CVE-2017-18185 | 2018-02-13 | An issue was discovered in QPDF before 7.0.0. There is a large heap-based out-of-bounds read in the Pl_Buffer::write function in Pl_Buffer.cc. It is caused by an integer overflow in the... |
| CVE-2017-18186 | 2018-02-13 | An issue was discovered in QPDF before 7.0.0. There is an infinite loop due to looping xref tables in QPDF.cc. |
| CVE-2018-6951 | 2018-02-13 | An issue was discovered in GNU patch through 2.7.6. There is a segmentation fault, associated with a NULL pointer dereference, leading to a denial of service in the intuit_diff_type function... |
| CVE-2018-6952 | 2018-02-13 | A double free exists in the another_hunk function in pch.c in GNU patch through 2.7.6. |
| CVE-2018-6954 | 2018-02-13 | systemd-tmpfiles in systemd through 237 mishandles symlinks present in non-terminal path components, which allows local users to obtain ownership of arbitrary files via vectors involving creation of a directory and... |
| CVE-2017-15709 | 2018-02-13 | When using the OpenWire protocol in ActiveMQ versions 5.14.0 to 5.15.2 it was found that certain system details (such as the OS and kernel version) are exposed as plain text. |