CVE List - 2018 / April
Showing 701 - 800 of 1667 CVEs for April 2018 (Page 8 of 17)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2014-8888 | 2018-04-12 | The remote administration interface in D-Link DIR-815 devices with firmware before 2.03.B02 allows remote attackers to execute arbitrary commands via vectors related to an "HTTP command injection issue." |
| CVE-2014-9563 | 2018-04-12 | CRLF injection vulnerability in the web-based management (WBM) interface in Unify (former Siemens) OpenStage SIP and OpenScape Desk Phone IP V3 devices before R3.32.0 allows remote authenticated users to modify... |
| CVE-2015-0150 | 2018-04-12 | The remote administration UI in D-Link DIR-815 devices with firmware before 2.07.B01 allows remote attackers to bypass intended access restrictions via unspecified vectors. |
| CVE-2015-0151 | 2018-04-12 | Cross-site request forgery (CSRF) vulnerability in D-Link DIR-815 devices with firmware before 2.07.B01 allows remote attackers to hijack the authentication of arbitrary users for requests that insert XSS sequences. |
| CVE-2015-0152 | 2018-04-12 | D-Link DIR-815 devices with firmware before 2.07.B01 allow remote attackers to obtain sensitive information by leveraging cleartext storage of the administrative password. |
| CVE-2015-0153 | 2018-04-12 | D-Link DIR-815 devices with firmware before 2.07.B01 allow remote attackers to obtain sensitive information by leveraging cleartext storage of the wireless key. |
| CVE-2018-5254 | 2018-04-12 | Arista EOS before 4.20.2F allows remote BGP peers to cause a denial of service (Rib agent restart) via a malformed path attribute in an UPDATE message. |
| CVE-2018-6870 | 2018-04-12 | Reflected XSS exists in PHP Scripts Mall Website Seller Script 2.0.3 via the Listings Search feature. |
| CVE-2018-6879 | 2018-04-12 | PHP Scripts Mall Website Seller Script 2.0.3 uses the client side to enforce validation of an e-mail address, which allows remote attackers to modify a registered e-mail address by removing... |
| CVE-2018-6900 | 2018-04-12 | PHP Scripts Mall Website Broker Script 3.0.6 has XSS via the Last Name field on the My Profile page. |
| CVE-2018-6902 | 2018-04-12 | PHP Scripts Mall Image Sharing Script 1.3.3 has XSS via the Full Name field in an Edit Profile action. |
| CVE-2018-6903 | 2018-04-12 | PHP Scripts Mall Hot Scripts Clone Script Classified v3.1 uses the client side to enforce validation of an e-mail address, which allows remote attackers to modify a registered e-mail address... |
| CVE-2018-6904 | 2018-04-12 | PHP Scripts Mall Car Rental Script 2.0.8 has XSS via the User Name field in an Edit Profile action. |
| CVE-2018-6934 | 2018-04-12 | CSRF exists in student/personal-info in PHP Scripts Mall Online Tutoring Script 2.0.3. |
| CVE-2018-6935 | 2018-04-12 | PHP Scripts Mall Student Profile Management System Script v2.0.6 has XSS via the Name field to list_student.php. |
| CVE-2018-10080 | 2018-04-13 | Secutech RiS-11, RiS-22, and RiS-33 devices with firmware V5.07.52_es_FRI01 allow DNS settings changes via a goform/AdvSetDns?GO=wan_dns.asp request in conjunction with a crafted admin cookie. |
| CVE-2018-10081 | 2018-04-13 | CMS Made Simple (CMSMS) through 2.2.6 contains an admin password reset vulnerability because data values are improperly compared, as demonstrated by a hash beginning with the "0e" substring. |
| CVE-2018-10082 | 2018-04-13 | CMS Made Simple (CMSMS) through 2.2.7 allows physical path leakage via an invalid /index.php?page= value, a crafted URI starting with /index.php?mact=Search, or a direct request to /admin/header.php, /admin/footer.php, /lib/tasks/class.ClearCache.task.php, or... |
| CVE-2018-10083 | 2018-04-13 | CMS Made Simple (CMSMS) through 2.2.7 contains an arbitrary file deletion vulnerability in the admin dashboard via directory traversal sequences in the val parameter within a cmd=del request, because code... |
| CVE-2018-10084 | 2018-04-13 | CMS Made Simple (CMSMS) through 2.2.6 contains a privilege escalation vulnerability from ordinary user to admin user by arranging for the eff_uid value within $_COOKIE[$this->_loginkey] to equal 1, because an... |
| CVE-2018-10085 | 2018-04-13 | CMS Made Simple (CMSMS) through 2.2.6 allows PHP object injection because of an unserialize call in the _get_data function of \lib\classes\internal\class.LoginOperations.php. By sending a crafted cookie, a remote attacker can... |
| CVE-2018-10086 | 2018-04-13 | CMS Made Simple (CMSMS) through 2.2.7 contains an arbitrary code execution vulnerability in the admin dashboard because the implementation uses "eval('function testfunction'.rand()" and it is possible to bypass certain restrictions... |
| CVE-2018-10066 | 2018-04-13 | An issue was discovered in MikroTik RouterOS 6.41.4. Missing OpenVPN server certificate verification allows a remote unauthenticated attacker capable of intercepting client traffic to act as a malicious OpenVPN server.... |
| CVE-2018-10087 | 2018-04-13 | The kernel_wait4 function in kernel/exit.c in the Linux kernel before 4.13, when an unspecified architecture and compiler is used, might allow local users to cause a denial of service by... |
| CVE-2017-6143 | 2018-04-13 | X509 certificate verification was not correctly implemented in the IP Intelligence Subscription and IP Intelligence feed-list features, and thus the remote server's identity is not properly validated in F5 BIG-IP... |
| CVE-2017-6148 | 2018-04-13 | Responses to SOCKS proxy requests made through F5 BIG-IP version 13.0.0, 12.0.0-12.1.3.1, 11.6.1-11.6.2, or 11.5.1-11.5.5 may cause a disruption of services provided by TMM. The data plane is impacted and... |
| CVE-2017-6155 | 2018-04-13 | On F5 BIG-IP 13.0.0, 12.0.0-12.1.3.1, 11.6.0-11.6.2, 11.4.1-11.5.5, or 11.2.1, malformed SPDY or HTTP/2 requests may result in a disruption of service to TMM. Data plane is only exposed when a... |
| CVE-2017-6156 | 2018-04-13 | When the F5 BIG-IP 12.1.0-12.1.1, 11.6.0-11.6.1, 11.5.1-11.5.5, or 11.2.1 system is configured with a wildcard IPSec tunnel endpoint, it may allow a remote attacker to disrupt or impersonate the tunnels... |
| CVE-2017-6158 | 2018-04-13 | In F5 BIG-IP 12.0.0-12.1.2, 11.6.0-11.6.1, 11.5.1-11.5.5, or 11.2.1 there is a vulnerability in TMM related to handling of invalid IP addresses. |
| CVE-2018-5506 | 2018-04-13 | In F5 BIG-IP 13.0.0, 12.1.0-12.1.2, 11.6.1, 11.5.1-11.5.5, or 11.2.1 the Apache modules apache_auth_token_mod and mod_auth_f5_auth_token.cpp allow possible unauthenticated bruteforce on the em_server_ip authorization parameter to obtain which SSL client certificates... |
| CVE-2018-5507 | 2018-04-13 | On F5 BIG-IP versions 13.0.0, 12.1.0-12.1.3.1, 11.6.1-11.6.2, or 11.5.1-11.5.5, vCMP guests running on VIPRION 2100, 4200 and 4300 series blades cannot correctly decrypt ciphertext from established SSL sessions with small... |
| CVE-2018-5508 | 2018-04-13 | On F5 BIG-IP PEM versions 13.0.0, 12.0.0-12.1.3.1, 11.6.0-11.6.2, 11.5.1-11.5.5, or 11.2.1, under certain conditions, TMM may crash when processing compressed data though a Virtual Server with an associated PEM profile... |
| CVE-2018-5510 | 2018-04-13 | On F5 BIG-IP 11.5.4 HF4-11.5.5, the Traffic Management Microkernel (TMM) may restart when processing a specific sequence of packets on IPv6 virtual servers. |
| CVE-2018-5511 | 2018-04-13 | On F5 BIG-IP 13.1.0-13.1.0.3 or 13.0.0, when authenticated administrative users execute commands in the Traffic Management User Interface (TMUI), also referred to as the BIG-IP Configuration utility, restrictions on allowed... |
| CVE-2018-6958 | 2018-04-13 | VMware vRealize Automation (vRA) prior to 7.3.1 contains a vulnerability that may allow for a DOM-based cross-site scripting (XSS) attack. Exploitation of this issue may lead to the compromise of... |
| CVE-2018-6959 | 2018-04-13 | VMware vRealize Automation (vRA) prior to 7.4.0 contains a vulnerability in the handling of session IDs. Exploitation of this issue may lead to the hijacking of a valid vRA user's... |
| CVE-2016-9646 | 2018-04-13 | Commit metadata forgery via CGI::FormBuilder context-dependent APIs |
| CVE-2017-0356 | 2018-04-13 | Authentication bypass via repeated parameters |
| CVE-2017-0357 | 2018-04-13 | iucode-tool: heap buffer overflow on -tr loader |
| CVE-2017-0358 | 2018-04-13 | ntfs-3g: Modprobe influence vulnerability via environment variables |
| CVE-2018-6546 | 2018-04-13 | plays_service.exe in the plays.tv service before 1.27.7.0, as distributed in AMD driver-installation packages and Gaming Evolved products, executes code at a user-defined (local or SMB) path as SYSTEM when the... |
| CVE-2018-6547 | 2018-04-13 | plays_service.exe in the plays.tv service before 1.27.7.0, as distributed in AMD driver-installation packages and Gaming Evolved products, contains an HTTP message parsing function that takes a user-defined path and writes... |
| CVE-2017-0359 | 2018-04-13 | diffoscope writes to arbitrary locations on disk based on the contents of an untrusted archive |
| CVE-2017-0361 | 2018-04-13 | api.log contains passwords in plaintext |
| CVE-2017-0362 | 2018-04-13 | "Mark all pages visited" on the watchlist does not require a CSRF token |
| CVE-2017-0363 | 2018-04-13 | Special:UserLogin?returnto=interwiki:foo will redirect to external sites |
| CVE-2017-0364 | 2018-04-13 | Special:Search allows redirects to any interwiki link |
| CVE-2017-0365 | 2018-04-13 | XSS in SearchHighlighter::highlightText() [requires non-default config] |
| CVE-2017-0366 | 2018-04-13 | SVG filter evasion using default attribute values in DTD declaration |
| CVE-2017-0367 | 2018-04-13 | Having LocalisationCache directory default to system tmp directory is insecure |
| CVE-2017-0368 | 2018-04-13 | Make rawHTML mode not apply to system messages |
| CVE-2017-0369 | 2018-04-13 | Sysops can undelete pages, although the page is protected against it |
| CVE-2017-0370 | 2018-04-13 | Spam blacklist ineffective on encoded URLs inside file inclusion syntax's link parameter |
| CVE-2017-0372 | 2018-04-13 | Parameters injection in SyntaxHighlight results in multiple vulnerabilities |
| CVE-2018-10096 | 2018-04-13 | joyplus-cms 1.6.0 has XSS via the device_name parameter in a manager/admin_ajax.php?action=save flag=add request. |
| CVE-2018-4173 | 2018-04-13 | An issue was discovered in certain Apple products. iOS before 11.3 is affected. macOS before 10.13.4 is affected. The issue involves the "Status Bar" component. It allows invisible microphone access... |
| CVE-2014-1686 | 2018-04-13 | MediaWiki 1.18.0 allows remote attackers to obtain the installation path via vectors related to thumbnail creation. |
| CVE-2014-2069 | 2018-04-13 | Absolute path traversal vulnerability in Eshtery CMS allows remote attackers to read arbitrary files via a full pathname in the file parameter to FileManager.aspx. |
| CVE-2018-1000169 | 2018-04-13 | An exposure of sensitive information vulnerability exists in Jenkins 2.115 and older, LTS 2.107.1 and older, in CLICommand.java and ViewOptionHandler.java that allows unauthorized attackers to confirm the existence of agents... |
| CVE-2018-1000170 | 2018-04-13 | A cross-site scripting vulnerability exists in Jenkins 2.115 and older, LTS 2.107.1 and older, in confirmationList.jelly and stopButton.jelly that allows attackers with Job/Configure and/or Job/Create permission to create an item... |
| CVE-2018-10097 | 2018-04-13 | XSS exists in Domain Trader 2.5.3 via the recoverlogin.php email_address parameter. |
| CVE-2018-10100 | 2018-04-14 | Before WordPress 4.9.5, the redirection URL for the login page was not validated or sanitized if forced to use HTTPS. |
| CVE-2018-10101 | 2018-04-14 | Before WordPress 4.9.5, the URL validator assumed URLs with the hostname localhost were on the same host as the WordPress server. |
| CVE-2018-10102 | 2018-04-14 | Before WordPress 4.9.5, the version string was not escaped in the get_the_generator function, and could lead to XSS in a generator tag. |
| CVE-2018-10109 | 2018-04-14 | Monstra CMS 3.0.4 has a stored XSS vulnerability when an attacker has access to the editor role, and enters the payload in the content section of a new page in... |
| CVE-2018-10111 | 2018-04-14 | An issue was discovered in GEGL through 0.3.32. The render_rectangle function in process/gegl-processor.c has unbounded memory allocation, leading to a denial of service (application crash) upon allocation failure. |
| CVE-2018-10112 | 2018-04-14 | An issue was discovered in GEGL through 0.3.32. The gegl_tile_backend_swap_constructed function in buffer/gegl-tile-backend-swap.c allows remote attackers to cause a denial of service (write access violation) or possibly have unspecified other... |
| CVE-2018-10113 | 2018-04-14 | An issue was discovered in GEGL through 0.3.32. The process function in operations/external/ppm-load.c has unbounded memory allocation, leading to a denial of service (application crash) upon allocation failure. |
| CVE-2018-10114 | 2018-04-14 | An issue was discovered in GEGL through 0.3.32. The gegl_buffer_iterate_read_simple function in buffer/gegl-buffer-access.c allows remote attackers to cause a denial of service (write access violation) or possibly have unspecified other... |
| CVE-2018-10117 | 2018-04-15 | An issue was discovered in idreamsoft iCMS V7.0.7. There is a CSRF vulnerability that can add an admin account via admincp.php?app=members&do=save&frame=iPHP. |
| CVE-2018-10118 | 2018-04-15 | Monstra CMS 3.0.4 has Stored XSS via the Name field on the Create New Page screen under the admin/index.php?id=pages URI, related to plugins/box/pages/pages.admin.php. |
| CVE-2018-9153 | 2018-04-15 | The plugin upload component in Z-BlogPHP 1.5.1 allows remote attackers to execute arbitrary PHP code via the app_id parameter to zb_users/plugin/AppCentre/plugin_edit.php because of an unanchored regular expression, a different vulnerability... |
| CVE-2018-9169 | 2018-04-15 | Z-BlogPHP 1.5.1 has XSS via the zb_users/plugin/AppCentre/plugin_edit.php app_id parameter. The component must be accessed directly by an administrator, or through CSRF. |
| CVE-2018-10119 | 2018-04-15 | sot/source/sdstor/stgstrms.cxx in LibreOffice before 5.4.5.1 and 6.x before 6.0.1.1 uses an incorrect integer data type in the StgSmallStrm class, which allows remote attackers to cause a denial of service (use-after-free... |
| CVE-2018-10120 | 2018-04-15 | The SwCTBWrapper::Read function in sw/source/filter/ww8/ww8toolbar.cxx in LibreOffice before 5.4.6.1 and 6.x before 6.0.2.1 does not validate a customizations index, which allows remote attackers to cause a denial of service (heap-based... |
| CVE-2018-10121 | 2018-04-15 | plugins/box/pages/pages.admin.php in Monstra CMS 3.0.4 has a stored XSS vulnerability when an attacker has access to the editor role, and enters the payload in the title section of an admin/index.php?id=pages&action=edit_page&name=error404... |
| CVE-2018-10122 | 2018-04-16 | QingDao Nature Easy Soft Chanzhi Enterprise Portal System (aka chanzhieps) pro1.6 allows remote attackers to read arbitrary files via directory traversal sequences in the pathname parameter to www/file.php. |
| CVE-2018-10106 | 2018-04-16 | D-Link DIR-815 REV. B (with firmware through DIR-815_REVB_FIRMWARE_PATCH_2.07.B01) devices have permission bypass and information disclosure in /htdocs/web/getcfg.php, as demonstrated by a /getcfg.php?a=%0a_POST_SERVICES%3DDEVICE.ACCOUNT%0aAUTHORIZED_GROUP%3D1 request. |
| CVE-2018-10107 | 2018-04-16 | D-Link DIR-815 REV. B (with firmware through DIR-815_REVB_FIRMWARE_PATCH_2.07.B01) devices have XSS in the RESULT parameter to /htdocs/webinc/js/info.php. |
| CVE-2018-10108 | 2018-04-16 | D-Link DIR-815 REV. B (with firmware through DIR-815_REVB_FIRMWARE_PATCH_2.07.B01) devices have XSS in the Treturn parameter to /htdocs/webinc/js/bsc_sms_inbox.php. |
| CVE-2018-0530 | 2018-04-16 | SQL injection vulnerability in the Cybozu Garoon 3.5.0 to 4.2.6 allows remote authenticated attackers to execute arbitrary SQL commands via unspecified vectors. |
| CVE-2018-0531 | 2018-04-16 | Cybozu Garoon 3.0.0 to 4.2.6 allows remote authenticated attackers to bypass access restriction to view or alter an access privilege of a folder and/or notification settings via unspecified vectors. |
| CVE-2018-0532 | 2018-04-16 | Cybozu Garoon 3.0.0 to 4.2.6 allows remote authenticated attackers to bypass access restriction to alter setting data of the Standard database via unspecified vectors. |
| CVE-2018-0533 | 2018-04-16 | Cybozu Garoon 3.0.0 to 4.2.6 allows remote authenticated attackers to bypass access restriction to alter setting data of session authentication via unspecified vectors. |
| CVE-2018-0548 | 2018-04-16 | Cybozu Garoon 4.0.0 to 4.6.0 allows remote authenticated attackers to bypass access restriction to view the closed title of "Space" via unspecified vectors. |
| CVE-2018-0549 | 2018-04-16 | Cross-site scripting vulnerability in Cybozu Garoon 3.0.0 to 4.6.0 allows remote authenticated attackers to inject arbitrary web script or HTML via unspecified vectors. |
| CVE-2018-0550 | 2018-04-16 | Cybozu Garoon 3.5.0 to 4.6.1 allows remote authenticated attackers to bypass access restriction to view the closed title of "Cabinet" via unspecified vectors. |
| CVE-2018-0551 | 2018-04-16 | Cross-site scripting vulnerability in Cybozu Garoon 3.0.0 to 4.6.1 allows remote authenticated attackers to inject arbitrary web script or HTML via unspecified vectors. |
| CVE-2018-0560 | 2018-04-16 | Hatena Bookmark App for iOS Version 3.0 to 3.70 allows remote attackers to spoof the address bar via vectors related to URL display. |
| CVE-2018-0561 | 2018-04-16 | Untrusted search path vulnerability in The installer of PhishWall Client Internet Explorer edition Ver. 3.7.15 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an... |
| CVE-2018-0562 | 2018-04-16 | Untrusted search path vulnerability in Installer of SoundEngine Free ver.5.21 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. |
| CVE-2018-10124 | 2018-04-16 | The kill_something_info function in kernel/signal.c in the Linux kernel before 4.13, when an unspecified architecture and compiler is used, might allow local users to cause a denial of service via... |
| CVE-2018-5382 | 2018-04-16 | Bouncy Castle BKS-V1 keystore files vulnerable to trivial hash collisions |
| CVE-2016-9592 | 2018-04-16 | openshift before versions 3.3.1.11, 3.2.1.23, 3.4 is vulnerable to a flaw when a volume fails to detach, which causes the delete operation to fail with 'VolumeInUse' error. Since the delete... |
| CVE-2016-9593 | 2018-04-16 | foreman-debug before version 1.15.0 is vulnerable to a flaw in foreman-debug's logging. An attacker with access to the foreman log file would be able to view passwords, allowing them to... |
| CVE-2018-10127 | 2018-04-16 | An issue was discovered in XYHCMS 3.5. It has CSRF via an index.php?g=Manage&m=Rbac&a=addUser request, resulting in addition of an account with the administrator role. |
| CVE-2018-10128 | 2018-04-16 | An issue was discovered in XYHCMS 3.5. It has XSS via the test parameter to index.php. |
| CVE-2018-10132 | 2018-04-16 | PbootCMS v0.9.8 has CSRF via an admin.php/Message/mod/id/19.html?backurl=/index.php request, resulting in PHP code injection in the recontent parameter. |
| CVE-2018-10133 | 2018-04-16 | PbootCMS v0.9.8 allows PHP code injection via an IF label in index.php/About/6.html or admin.php/Site/index.html, related to the parserIfLabel function in \apps\home\controller\ParserController.php. |
| CVE-2018-3846 | 2018-04-16 | In the ffgphd and ffgtkn functions in NASA CFITSIO 3.42, specially crafted images parsed via the library can cause a stack-based buffer overflow overwriting arbitrary data. An attacker can deliver... |