CVE List - 2018 / May
Showing 1001 - 1100 of 1162 CVEs for May 2018 (Page 11 of 12)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2016-10611 | 2018-05-29 | strider-sauce is Sauce Labs / Selenium support for Strider. strider-sauce downloads zipped resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code... |
| CVE-2016-10627 | 2018-05-29 | scala-bin is a binary wrapper for Scala. scala-bin downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution (RCE)... |
| CVE-2016-10635 | 2018-05-29 | broccoli-closure is a Closure compiler plugin for Broccoli. broccoli-closure before 1.3.1 downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote... |
| CVE-2016-10650 | 2018-05-29 | ntfserver is a Network Testing Framework Server. ntfserver downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution (RCE)... |
| CVE-2016-10658 | 2018-05-29 | native-opencv is the OpenCV library installed via npm native-opencv downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution... |
| CVE-2016-10659 | 2018-05-29 | poco - The POCO libraries, downloads source file resources used for compilation over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution... |
| CVE-2016-10666 | 2018-05-29 | tomita-parser is a Node wrapper for Yandex Tomita Parser tomita-parser downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code... |
| CVE-2016-10674 | 2018-05-29 | limbus-buildgen is a "build anywhere" build system. limbus-buildgen versions below 0.1.1 download binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote... |
| CVE-2016-10679 | 2018-05-29 | selenium-standalone-painful installs a start-selenium command line to start a standalone selenium server with chrome-driver. selenium-standalone-painful downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be... |
| CVE-2016-10680 | 2018-05-29 | adamvr-geoip-lite is a light weight native JavaScript implementation of GeoIP API from MaxMind adamvr-geoip-lite downloads geoip resources over HTTP, which leaves it vulnerable to MITM attacks. This impacts the integrity... |
| CVE-2016-10681 | 2018-05-29 | roslib-socketio - The standard ROS Javascript Library fork for add support to socket.io roslib-socketio downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible... |
| CVE-2016-10682 | 2018-05-29 | massif is a Phantomjs fork massif downloads resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution (RCE) by swapping out... |
| CVE-2016-10698 | 2018-05-29 | mystem-fix is a node.js wrapper for MyStem morphology text analyzer by Yandex.ru mystem-fix downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to... |
| CVE-2017-16003 | 2018-05-29 | windows-build-tools is a module for installing C++ Build Tools for Windows using npm. windows-build-tools versions below 1.0.0 download resources over HTTP, which leaves it vulnerable to MITM attacks. It may... |
| CVE-2017-16010 | 2018-05-29 | i18next is a language translation framework. When using the .init method, passing interpolation options without passing an escapeValue will default to undefined rather than the assumed true. This can result... |
| CVE-2017-16047 | 2018-05-29 | mysqljs was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm. |
| CVE-2017-16061 | 2018-05-29 | tkinter was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm. |
| CVE-2017-16062 | 2018-05-29 | node-tkinter was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm. |
| CVE-2017-16153 | 2018-05-29 | gaoxuyan is vulnerable to a directory traversal issue, giving an attacker access to the filesystem by placing "../" in the url. |
| CVE-2018-3733 | 2018-05-29 | crud-file-server node module before 0.9.0 suffers from a Path Traversal vulnerability due to incorrect validation of url, which allows a malicious user to read content of any file with known... |
| CVE-2018-3734 | 2018-05-29 | stattic node module suffers from a Path Traversal vulnerability due to lack of validation of path, which allows a malicious user to read content of any file with known path. |
| CVE-2018-3744 | 2018-05-29 | The html-pages node module contains a path traversal vulnerabilities that allows an attacker to read any file from the server with cURL. |
| CVE-2018-3745 | 2018-05-29 | atob 2.0.3 and earlier allocates uninitialized Buffers when number is passed in input on Node.js 4.x and below. |
| CVE-2018-6964 | 2018-05-29 | VMware Horizon Client for Linux (4.x before 4.8.0 and prior) contains a local privilege escalation vulnerability due to insecure usage of SUID binary. Successful exploitation of this issue may allow... |
| CVE-2018-11544 | 2018-05-29 | The Olive Tree Ftp Server application 1.32 for Android has Insecure Data Storage because a username and password are stored in the /data/data/com.theolivetree.ftpserver/shared_prefs/com.theolivetree.ftpserver_preferences.xml file as the prefUsername and prefUserpass strings. |
| CVE-2018-11545 | 2018-05-29 | md4c 0.2.5 has a heap-based buffer overflow in md_merge_lines because md_is_link_label mishandles the case of a link label composed solely of backslash escapes. |
| CVE-2018-11546 | 2018-05-29 | md4c 0.2.5 has a heap-based buffer over-read because md_is_named_entity_contents has an off-by-one error. |
| CVE-2018-11547 | 2018-05-29 | md_is_link_reference_definition_helper in md4c 0.2.5 has a heap-based buffer over-read because md_is_link_label mishandles loop termination. |
| CVE-2018-11548 | 2018-05-29 | An issue was discovered in EOS.IO DAWN 4.2. plugins/net_plugin/net_plugin.cpp does not limit the number of P2P connections from the same source IP address. |
| CVE-2018-11549 | 2018-05-29 | An issue was discovered in WUZHI CMS 4.1.0 There is a Stored XSS Vulnerability in "Account Settings -> Member Centre -> Chinese information -> Ordinary member" via a QQ number,... |
| CVE-2018-11233 | 2018-05-30 | In Git before 2.13.7, 2.14.x before 2.14.4, 2.15.x before 2.15.2, 2.16.x before 2.16.4, and 2.17.x before 2.17.1, code to sanity-check pathnames on NTFS can result in reading out-of-bounds memory. |
| CVE-2018-11235 | 2018-05-30 | In Git before 2.13.7, 2.14.x before 2.14.4, 2.15.x before 2.15.2, 2.16.x before 2.16.4, and 2.17.x before 2.17.1, remote code execution can occur. With a crafted .gitmodules file, a malicious project... |
| CVE-2018-11555 | 2018-05-30 | tificc in Little CMS 2.9 has an out-of-bounds write in the PrecalculatedXFORM function in cmsxform.c in liblcms2.a via a crafted TIFF file. NOTE: Little CMS developers do consider this a... |
| CVE-2018-11556 | 2018-05-30 | tificc in Little CMS 2.9 has an out-of-bounds write in the cmsPipelineCheckAndRetreiveStages function in cmslut.c in liblcms2.a via a crafted TIFF file. NOTE: Little CMS developers do consider this a... |
| CVE-2018-11557 | 2018-05-30 | YIBAN Easy class education platform 2.0 has XSS via the articlelist.php k parameter. |
| CVE-2018-11558 | 2018-05-30 | DomainMod 4.10.0 has Stored XSS in the "/settings/profile/index.php" new_first_name parameter. |
| CVE-2018-11559 | 2018-05-30 | DomainMod 4.10.0 has Stored XSS in the "/settings/profile/index.php" new_last_name parameter. |
| CVE-2018-11432 | 2018-05-30 | The mobi_parse_mobiheader function in read.c in Libmobi 0.3 allows remote attackers to cause information disclosure (heap-based buffer over-read) via a crafted mobi file. |
| CVE-2018-11433 | 2018-05-30 | The mobi_get_kf8boundary_seqnumber function in util.c in Libmobi 0.3 allows remote attackers to cause information disclosure (heap-based buffer over-read) via a crafted mobi file. |
| CVE-2018-11434 | 2018-05-30 | The buffer_fill64 function in compression.c in Libmobi 0.3 allows remote attackers to cause information disclosure (heap-based buffer over-read) via a crafted mobi file. |
| CVE-2018-11435 | 2018-05-30 | The mobi_decompress_huffman_internal function in compression.c in Libmobi 0.3 allows remote attackers to cause information disclosure (read access violation) via a crafted mobi file. |
| CVE-2018-11436 | 2018-05-30 | The buffer_addraw function in buffer.c in Libmobi 0.3 allows remote attackers to cause information disclosure (heap-based buffer over-read) via a crafted mobi file. |
| CVE-2018-11437 | 2018-05-30 | The mobi_reconstruct_parts function in parse_rawml.c in Libmobi 0.3 allows remote attackers to cause information disclosure (read access violation) via a crafted mobi file. |
| CVE-2018-11438 | 2018-05-30 | The mobi_decompress_lz77 function in compression.c in Libmobi 0.3 allows remote attackers to cause remote code execution (heap-based buffer overflow) via a crafted mobi file. |
| CVE-2018-11439 | 2018-05-30 | The TagLib::Ogg::FLAC::File::scan function in oggflacfile.cpp in TagLib 1.11.1 allows remote attackers to cause information disclosure (heap-based buffer over-read) via a crafted audio file. |
| CVE-2018-10995 | 2018-05-30 | SchedMD Slurm before 17.02.11 and 17.1x.x before 17.11.7 mishandles user names (aka user_name fields) and group ids (aka gid fields). |
| CVE-2018-11518 | 2018-05-30 | A vulnerability allows a phreaking attack on HCL legacy IVR systems that do not use VoIP. These IVR systems rely on various frequencies of audio signals; based on the frequency,... |
| CVE-2018-11562 | 2018-05-30 | An issue was discovered in MISP 2.4.91. A vulnerability in app/View/Elements/eventattribute.ctp allows reflected XSS if a user clicks on a malicious link for an event view and then clicks on... |
| CVE-2015-7610 | 2018-05-30 | Cross-site request forgery (CSRF) vulnerability in the login form in Zimbra Collaboration Suite (aka ZCS) before 8.6.0 Patch 10, 8.7.x before 8.7.11 Patch 2, and 8.8.x before 8.8.8 Patch 1... |
| CVE-2018-10196 | 2018-05-30 | NULL pointer dereference vulnerability in the rebuild_vlists function in lib/dotgen/conc.c in the dotgen library in Graphviz 2.40.1 allows remote attackers to cause a denial of service (application crash) via a... |
| CVE-2018-10939 | 2018-05-30 | Zimbra Web Client (ZWC) in Zimbra Collaboration Suite 8.8 before 8.8.8.Patch4 and 8.7 before 8.7.11.Patch4 has Persistent XSS via a contact group. |
| CVE-2018-11476 | 2018-05-30 | An issue was discovered on Vgate iCar 2 Wi-Fi OBD2 Dongle devices. The dongle opens an unprotected wireless LAN that cannot be configured with encryption or a password. This enables... |
| CVE-2018-11477 | 2018-05-30 | An issue was discovered on Vgate iCar 2 Wi-Fi OBD2 Dongle devices. The data packets that are sent between the iOS or Android application and the OBD dongle are not... |
| CVE-2018-11478 | 2018-05-30 | An issue was discovered on Vgate iCar 2 Wi-Fi OBD2 Dongle devices. The OBD port is used to receive measurement data and debug information from the car. This on-board diagnostics... |
| CVE-2018-11481 | 2018-05-30 | TP-LINK IPC TL-IPC223(P)-6, TL-IPC323K-D, TL-IPC325(KP)-*, and TL-IPC40A-4 devices allow authenticated remote code execution via crafted JSON data because /usr/lib/lua/luci/torchlight/validator.lua does not block various punctuation characters. |
| CVE-2018-11482 | 2018-05-30 | /usr/lib/lua/luci/websys.lua on TP-LINK IPC TL-IPC223(P)-6, TL-IPC323K-D, TL-IPC325(KP)-*, and TL-IPC40A-4 devices has a hardcoded zMiVw8Kw0oxKXL0 password. |
| CVE-2018-11565 | 2018-05-30 | Mahara 17.04 before 17.04.8 and 17.10 before 17.10.5 and 18.04 before 18.04.1 are vulnerable to mentioning the usernames that are already taken by people registered in the system rather than... |
| CVE-2018-7534 | 2018-05-30 | In Stealth Authorization Server before 3.3.017.0 in Unisys Stealth Solution, an encryption key may be left in memory. |
| CVE-2018-11567 | 2018-05-30 | Prior to 2018-04-27, the reprompt feature in Amazon Echo devices could be misused by a custom Alexa skill. The reprompt feature is designed so that if Alexa does not receive... |
| CVE-2018-11568 | 2018-05-30 | Reflected XSS is possible in the GamePlan theme through 1.5.13.2 for WordPress because of insufficient input sanitization, as demonstrated by the s parameter. In some (but not all) cases, the... |
| CVE-2018-11571 | 2018-05-31 | ClipperCMS 1.3.3 allows Session Fixation. |
| CVE-2018-11572 | 2018-05-31 | ClipperCMS 1.3.3 has XSS in the "Module name" field in a "Modules -> Manage modules -> edit" action to the manager/ URI. |
| CVE-2018-11575 | 2018-05-31 | ngiflib.c in MiniUPnP ngiflib 0.4 has a stack-based buffer overflow in DecodeGifImg. |
| CVE-2018-11576 | 2018-05-31 | ngiflib.c in MiniUPnP ngiflib 0.4 has a heap-based buffer over-read in GifIndexToTrueColor. |
| CVE-2018-11577 | 2018-05-31 | Liblouis 3.5.0 has a Segmentation fault in lou_logPrint in logging.c. |
| CVE-2018-11578 | 2018-05-31 | GifIndexToTrueColor in ngiflib.c in MiniUPnP ngiflib 0.4 has a Segmentation fault. |
| CVE-2018-5388 | 2018-05-31 | In stroke_socket.c in strongSwan before 5.6.3, a missing packet length check could allow a buffer underflow, which may lead to resource exhaustion and denial of service while reading from the... |
| CVE-2018-11579 | 2018-05-31 | class-woo-banner-management.php in the MULTIDOTS WooCommerce Category Banner Management plugin 1.1.0 for WordPress has an Unauthenticated Settings Change Vulnerability, related to certain wp_ajax_nopriv_ usage. Anyone can change the plugin's setting by... |
| CVE-2018-11580 | 2018-05-31 | An issue was discovered in mass-pages-posts-creator.php in the MULTIDOTS Mass Pages/Posts Creator plugin 1.2.2 for WordPress. Any logged in user can launch Mass Pages/Posts creation with custom content. There is... |
| CVE-2018-11583 | 2018-05-31 | SeaCMS 6.61 has stored XSS in admin_collect.php via the siteurl parameter. |
| CVE-2018-11036 | 2018-05-31 | Ruckus SmartZone (formerly Virtual SmartCell Gateway or vSCG) 3.5.0, 3.5.1, 3.6.0, and 3.6.1 (Essentials and High Scale) on vSZ, SZ-100, SZ-300, and SCG-200 devices allows remote attackers to obtain sensitive... |
| CVE-2018-9311 | 2018-05-31 | The Telematics Control Unit (aka Telematic Communication Box or TCB), when present on BMW vehicles produced in 2012 through 2018, allows a remote attack via a cellular network. |
| CVE-2018-9312 | 2018-05-31 | The Head Unit HU_NBT (aka Infotainment) component on BMW i Series, BMW X Series, BMW 3 Series, BMW 5 Series, and BMW 7 Series vehicles produced in 2012 through 2018... |
| CVE-2018-9313 | 2018-05-31 | The Head Unit HU_NBT (aka Infotainment) component on BMW i Series, BMW X Series, BMW 3 Series, BMW 5 Series, and BMW 7 Series vehicles produced in 2012 through 2018... |
| CVE-2018-9314 | 2018-05-31 | The Head Unit HU_NBT (aka Infotainment) component on BMW i Series, BMW X Series, BMW 3 Series, BMW 5 Series, and BMW 7 Series vehicles produced in 2012 through 2018... |
| CVE-2018-9318 | 2018-05-31 | The Telematics Control Unit (aka Telematic Communication Box or TCB), when present on BMW vehicles produced in 2012 through 2018, allows a remote attack via a cellular network. |
| CVE-2018-9320 | 2018-05-31 | The Head Unit HU_NBT (aka Infotainment) component on BMW i Series, BMW X Series, BMW 3 Series, BMW 5 Series, and BMW 7 Series vehicles produced in 2012 through 2018... |
| CVE-2018-9322 | 2018-05-31 | The Head Unit HU_NBT (aka Infotainment) component on BMW i Series, BMW X Series, BMW 3 Series, BMW 5 Series, and BMW 7 Series vehicles produced in 2012 through 2018... |
| CVE-2018-11220 | 2018-05-31 | Bitmain Antminer D3, L3+, and S9 devices allow Remote Command Execution via the system restore function. |
| CVE-2018-11625 | 2018-05-31 | In ImageMagick 7.0.7-37 Q16, SetGrayscaleImage in the quantize.c file allows attackers to cause a heap-based buffer over-read via a crafted file. |
| CVE-2018-11590 | 2018-05-31 | Espruino before 1.99 allows attackers to cause a denial of service (application crash) with a user crafted input file via an integer overflow during syntax parsing. This was addressed by... |
| CVE-2018-11591 | 2018-05-31 | Espruino before 1.98 allows attackers to cause a denial of service (application crash) with a user crafted input file via a NULL pointer dereference during syntax parsing. This was addressed... |
| CVE-2018-11592 | 2018-05-31 | Espruino before 1.98 allows attackers to cause a denial of service (application crash) with a user crafted input file via an Out-of-bounds Read during syntax parsing in which certain height... |
| CVE-2018-11593 | 2018-05-31 | Espruino before 1.99 allows attackers to cause a denial of service (application crash) and potential Information Disclosure with a user crafted input file via a Buffer Overflow during syntax parsing... |
| CVE-2018-11594 | 2018-05-31 | Espruino before 1.99 allows attackers to cause a denial of service (application crash) with a user crafted input file via a Buffer Overflow during syntax parsing of "VOID" tokens in... |
| CVE-2018-11595 | 2018-05-31 | Espruino before 1.99 allows attackers to cause a denial of service (application crash) and a potential Escalation of Privileges with a user crafted input file via a Buffer Overflow during... |
| CVE-2018-11596 | 2018-05-31 | Espruino before 1.99 allows attackers to cause a denial of service (application crash) with a user crafted input file via a Buffer Overflow during syntax parsing because a check for... |
| CVE-2018-11597 | 2018-05-31 | Espruino before 1.99 allows attackers to cause a denial of service (application crash) with a user crafted input file via a Buffer Overflow during syntax parsing because of a missing... |
| CVE-2018-11598 | 2018-05-31 | Espruino before 1.99 allows attackers to cause a denial of service (application crash) and a potential Information Disclosure with user crafted input files via a Buffer Overflow or Out-of-bounds Read... |
| CVE-2018-11624 | 2018-05-31 | In ImageMagick 7.0.7-36 Q16, the ReadMATImage function in coders/mat.c allows attackers to cause a use after free via a crafted file. |
| CVE-2018-11132 | 2018-05-31 | In order to perform actions that require higher privileges, the Quest KACE System Management Appliance 8.0.318 relies on a message queue that runs daemonized with root privileges and only allows... |
| CVE-2018-11133 | 2018-05-31 | The 'fmt' parameter of the '/common/run_cross_report.php' script in the the Quest KACE System Management Appliance 8.0.318 is vulnerable to cross-site scripting. |
| CVE-2018-11134 | 2018-05-31 | In order to perform actions that requires higher privileges, the Quest KACE System Management Appliance 8.0.318 relies on a message queue managed that runs with root privileges and only allows... |
| CVE-2018-11135 | 2018-05-31 | The script '/adminui/error_details.php' in the Quest KACE System Management Appliance 8.0.318 allows authenticated users to conduct PHP object injection attacks. |
| CVE-2018-11136 | 2018-05-31 | The 'orgID' parameter received by the '/common/download_agent_installer.php' script in the Quest KACE System Management Appliance 8.0.318 is not sanitized, leading to SQL injection (in particular, a blind time-based type). |
| CVE-2018-11137 | 2018-05-31 | The 'checksum' parameter of the '/common/download_attachment.php' script in the Quest KACE System Management Appliance 8.0.318 can be abused to read arbitrary files with 'www' privileges via Directory Traversal. No administrator... |
| CVE-2018-11139 | 2018-05-31 | The '/common/ajax_email_connection_test.php' script in the Quest KACE System Management Appliance 8.0.318 is accessible by any authenticated user and can be abused to execute arbitrary commands on the system. This script... |
| CVE-2018-11140 | 2018-05-31 | The 'reportID' parameter received by the '/common/run_report.php' script in the Quest KACE System Management Appliance 8.0.318 is not sanitized, leading to SQL injection (in particular, an error-based type). |
| CVE-2018-11141 | 2018-05-31 | The 'IMAGES_JSON' and 'attachments_to_remove[]' parameters of the '/adminui/advisory.php' script in the Quest KACE System Management Virtual Appliance 8.0.318 can be abused to write and delete files respectively via Directory Traversal.... |
| CVE-2018-11142 | 2018-05-31 | The 'systemui/settings_network.php' and 'systemui/settings_patching.php' scripts in the Quest KACE System Management Appliance 8.0.318 are accessible only from localhost. This restriction can be bypassed by modifying the 'Host' and 'X_Forwarded_For' HTTP... |