CVE List - 2018 / July
Showing 1101 - 1200 of 2167 CVEs for July 2018 (Page 12 of 22)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2018-14031 | 2018-07-13 | An issue was discovered in the HDF HDF5 1.8.20 library. There is a heap-based buffer over-read in the function H5T_copy in H5T.c. |
| CVE-2018-14033 | 2018-07-13 | An issue was discovered in the HDF HDF5 1.8.20 library. There is a heap-based buffer over-read in the function H5O_layout_decode in H5Olayout.c, related to HDmemcpy. |
| CVE-2018-14034 | 2018-07-13 | An issue was discovered in the HDF HDF5 1.8.20 library. There is an out of bounds read in the function H5O_pline_reset in H5Opline.c. |
| CVE-2018-14035 | 2018-07-13 | An issue was discovered in the HDF HDF5 1.8.20 library. There is a heap-based buffer over-read in the function H5VM_memcpyvv in H5VM.c. |
| CVE-2018-14036 | 2018-07-13 | Directory Traversal with ../ sequences occurs in AccountsService before 0.6.50 because of an insufficient path check in user_change_icon_file_authorized_cb() in user.c. |
| CVE-2018-6969 | 2018-07-13 | VMware Tools (10.x and prior before 10.3.0) contains an out-of-bounds read vulnerability in HGFS. Successful exploitation of this issue may lead to information disclosure or may allow attackers to escalate... |
| CVE-2018-14040 | 2018-07-13 | In Bootstrap before 4.1.2, XSS is possible in the collapse data-parent attribute. |
| CVE-2018-14041 | 2018-07-13 | In Bootstrap before 4.1.2, XSS is possible in the data-target property of scrollspy. |
| CVE-2018-14042 | 2018-07-13 | In Bootstrap before 4.1.2, XSS is possible in the data-container property of tooltip. |
| CVE-2018-14043 | 2018-07-13 | mstdlib (aka the M Standard Library for C) 1.2.0 has incorrect file access control in situations where M_fs_perms_can_access attempts to delete an existing file (that lacks public read/write access) during... |
| CVE-2018-14046 | 2018-07-13 | Exiv2 0.26 has a heap-based buffer over-read in WebPImage::decodeChunks in webpimage.cpp. |
| CVE-2018-14044 | 2018-07-13 | The RateTransposer::setChannels function in RateTransposer.cpp in libSoundTouch.a in Olli Parviainen SoundTouch 2.0 allows remote attackers to cause a denial of service (assertion failure and application exit), as demonstrated by SoundStretch. |
| CVE-2018-14045 | 2018-07-13 | The FIRFilter::evaluateFilterMulti function in FIRFilter.cpp in libSoundTouch.a in Olli Parviainen SoundTouch 2.0 allows remote attackers to cause a denial of service (assertion failure and application exit), as demonstrated by SoundStretch. |
| CVE-2018-14048 | 2018-07-13 | An issue has been found in libpng 1.6.34. It is a SEGV in the function png_free_data in png.c, related to the recommended error handling for png_read_image. |
| CVE-2017-1367 | 2018-07-13 | IBM Security Identity Governance and Intelligence Virtual Appliance 5.2 through 5.2.3.2 stores sensitive information in URL parameters. This may lead to information disclosure if unauthorized parties have access to the... |
| CVE-2017-1395 | 2018-07-13 | IBM Security Identity Governance and Intelligence Virtual Appliance 5.2 through 5.2.3.2 could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport... |
| CVE-2018-14047 | 2018-07-13 | An issue has been found in PNGwriter 0.7.0. It is a SEGV in pngwriter::readfromfile in pngwriter.cc. NOTE: there is a "Warning: PNGwriter was never designed for reading untrusted files with... |
| CVE-2018-14049 | 2018-07-13 | An issue has been found in libwav through 2017-04-20. It is a SEGV in the function print_info in wav_info/wav_info.c. |
| CVE-2018-14050 | 2018-07-13 | An issue has been found in libwav through 2017-04-20. It is a SEGV in the function wav_free in libwav.c. |
| CVE-2018-14051 | 2018-07-13 | The function wav_read in libwav.c in libwav through 2017-04-20 has an infinite loop. |
| CVE-2018-14052 | 2018-07-13 | An issue has been found in libwav through 2017-04-20. It is a SEGV in the function apply_gain in wav_gain/wav_gain.c. |
| CVE-2018-9067 | 2018-07-13 | The Lenovo Help Android app versions earlier than 6.1.2.0327 had insufficient access control for some functions which, if exploited, could have led to exposure of approximately 400 email addresses and... |
| CVE-2018-9070 | 2018-07-13 | For the Lenovo Smart Assistant Android app versions earlier than 12.1.82, an attacker with physical access to the smart speaker can, by pressing a specific button sequence, enter factory test... |
| CVE-2018-10018 | 2018-07-13 | The GDASPAMLib.AntiSpam ActiveX control ASK\GDASpam.dll in G DATA Total Security 25.4.0.3 has a buffer overflow via a long IsBlackListed argument. |
| CVE-2018-10098 | 2018-07-13 | In MicroWorld eScan Internet Security Suite (ISS) for Business 14.0.1400.2029, the driver econceal.sys allows a non-privileged user to send a 0x830020E0 IOCTL request to \\.\econceal to cause a denial of... |
| CVE-2018-7535 | 2018-07-13 | An issue was discovered in TotalAV v4.1.7. An unprivileged user could modify or overwrite all of the product's files because of weak permissions (Everyone:F) under %PROGRAMFILES%, which allows local users... |
| CVE-2018-1245 | 2018-07-13 | Authorization ByPass Vulnerability |
| CVE-2018-1255 | 2018-07-13 | Reflected Cross-Site Scripting Vulnerability |
| CVE-2018-1000207 | 2018-07-13 | MODX Revolution version <=2.6.4 contains a Incorrect Access Control vulnerability in Filtering user parameters before passing them into phpthumb class that can result in Creating file with custom a filename... |
| CVE-2018-1000206 | 2018-07-13 | JFrog Artifactory version since 5.11 contains a Cross ite Request Forgery (CSRF) vulnerability in UI rest endpoints that can result in Classic CSRF attack allowing an attacker to perform actions... |
| CVE-2018-1000208 | 2018-07-13 | MODX Revolution version <=2.6.4 contains a Directory Traversal vulnerability in /core/model/modx/modmanagerrequest.class.php that can result in remove files. This attack appear to be exploitable via web request via security/login processor. This... |
| CVE-2018-1000209 | 2018-07-13 | Sensu, Inc. Sensu Core version Before version 1.4.2-3 contains a Insecure Permissions vulnerability in Sensu Core on Windows platforms that can result in Unprivileged users may execute code in context... |
| CVE-2018-1000210 | 2018-07-13 | YamlDotNet version 4.3.2 and earlier contains a Insecure Direct Object Reference vulnerability in The default behavior of Deserializer.Deserialize() will deserialize user-controlled types in the line "currentType = Type.GetType(nodeEvent.Tag.Substring(1), throwOnError: false);"... |
| CVE-2018-1000211 | 2018-07-13 | Doorkeeper version 4.2.0 and later contains a Incorrect Access Control vulnerability in Token revocation API's authorized method that can result in Access tokens are not revoked for public OAuth apps,... |
| CVE-2018-10631 | 2018-07-13 | Medtronic N'Vision Clinician Programmer Protection Mechanism Failure |
| CVE-2018-8847 | 2018-07-13 | Eaton 9000X DriveA versions 2.0.29 and prior has a stack-based buffer overflow vulnerability, which may allow remote code execution. |
| CVE-2016-6542 | 2018-07-13 | The MAC address/device tracking ID of an iTrack Easy can be obtained within range of the device |
| CVE-2016-6543 | 2018-07-13 | A captured MAC/device ID of an iTrack Easy can be registered under multiple user accounts allowing access to getgps GPS data |
| CVE-2016-6544 | 2018-07-13 | iTrack Easy's getgps data can be modified without authentication |
| CVE-2016-6545 | 2018-07-13 | iTrack Easy does not use session cookies to maintain sessions and POSTs the users password over HTTPS for each request |
| CVE-2016-6546 | 2018-07-13 | iTrack Easy mobile application stores the user password in base-64 encoding/cleartext |
| CVE-2016-6547 | 2018-07-13 | Zizai Tech Nut stores the account password in cleartext |
| CVE-2016-6548 | 2018-07-13 | Zizai Tech Nut mobile application makes requests using HTTP, which includes the users session token |
| CVE-2016-6549 | 2018-07-13 | Zizai Tech Nut allows for unauthenticated Bluetooth pairing |
| CVE-2016-6551 | 2018-07-13 | Intellian Satellite TV antennas t-Series and v-Series, firmware version 1.07, uses default credentials |
| CVE-2016-6552 | 2018-07-13 | Green Packet DX-350 uses default credentials |
| CVE-2016-6553 | 2018-07-13 | Nuuo NT-4040 Titan, firmware NT-4040_01.07.0000.0015_1120, uses default credentials |
| CVE-2016-6554 | 2018-07-13 | Synology NAS servers DS107, DS116, and DS213, use default credentials |
| CVE-2016-6557 | 2018-07-13 | The ASUS RP-AC52 access point, firmware version 1.0.1.1s and possibly earlier, is vulnerable to cross-site request forgery |
| CVE-2016-6558 | 2018-07-13 | The ASUS RP-AC52 access point, firmware version 1.0.1.1s and possibly earlier, is vulnerable to command injection |
| CVE-2016-6559 | 2018-07-13 | The BSD libc library's link_ntoa() function may be vulnerable to a classic buffer overflow |
| CVE-2016-6562 | 2018-07-13 | ShoreTel Mobility Client for iOS and Android, version 9.1.3.109 and earlier, fails to properly validate SSL certificates provided by HTTPS connections |
| CVE-2016-6563 | 2018-07-13 | D-Link DIR routers contain a stack-based buffer overflow in the HNAP Login action |
| CVE-2016-6564 | 2018-07-13 | Ragentek Android software contains an over-the-air update mechanism that communicates over an unencrypted channel, which can allow a remote attacker to execute arbitrary code with root privileges |
| CVE-2016-6565 | 2018-07-13 | The Imagely NextGen Gallery plugin for Wordpress prior to version 2.1.57 may execute code from an uploaded malicious file |
| CVE-2016-6566 | 2018-07-13 | The Sungard eTRAKiT3 software version 3.2.1.17 may be vulnerable to SQL injection which may allow a remote unauthenticated attacker to run a subset of SQL commands against the back-end database |
| CVE-2016-6567 | 2018-07-13 | SHDesigns' Resident Download Manager (as well as the Ethernet Download Manager) does not authenticate firmware downloads before executing code and deploying them to devices |
| CVE-2016-6578 | 2018-07-13 | CodeLathe FileCloud, version 13.0.0.32841 and earlier, is vulnerable to cross-site request forgery (CSRF) |
| CVE-2016-9482 | 2018-07-13 | PHP FormMail Generator generates PHP code for standard web forms, and the code generated is vulnerable to authentication bypass |
| CVE-2016-9483 | 2018-07-13 | PHP FormMail Generator generates PHP code for standard web forms, and the code generated is vulnerable to unsafe deserialization of untrusted data |
| CVE-2016-9484 | 2018-07-13 | PHP FormMail Generator generates PHP code for standard web forms, and the code generated does not properly validate user input folder directories and is vulnerable to path traversal |
| CVE-2016-9485 | 2018-07-13 | On Windows endpoints, the SecureConnector agent is vulnerable to privilege escalation whereby an authenticated unprivileged user can obtain administrator privileges on the endpoint because it fails to set any permissions on downloaded file objects |
| CVE-2016-9486 | 2018-07-13 | On Windows endpoints, the SecureConnector agent is vulnerable to privilege escalation whereby an authenticated unprivileged user can obtain administrator privileges on the endpoint because files are created in a folder with incorrect privileges |
| CVE-2016-9487 | 2018-07-13 | EpubCheck 4.0.1 is vulnerable to external XML entity processing attacks |
| CVE-2016-9489 | 2018-07-13 | ManageEngine Applications Manager 12 and 13 is vulnerable to privilege escalation and authentication bypass |
| CVE-2016-9491 | 2018-07-13 | ManageEngine Applications Manager 12 and 13 is vulnerable to privilege escalation due to improper restriction of an XML external entity |
| CVE-2016-9492 | 2018-07-13 | PHP forms generated using the PHP FormMail Generator are vulnerable to unrestricted upload of dangerous file types |
| CVE-2016-9493 | 2018-07-13 | PHP forms generated using the PHP FormMail Generator are vulnerable to stored cross-site scripting |
| CVE-2016-9494 | 2018-07-13 | Hughes high-performance broadband satellite modems, models HN7740S DW7000 HN7000S/SM, are potentially vulnerable to improper input validation, potentially leading to denial of service |
| CVE-2016-9495 | 2018-07-13 | Hughes high-performance broadband satellite modems, models HN7740S DW7000 HN7000S/SM, uses hard coded credentials |
| CVE-2016-9496 | 2018-07-13 | Hughes high-performance broadband satellite modems, models HN7740S DW7000 HN7000S/SM, lacks authentication to access certain pages |
| CVE-2016-9497 | 2018-07-13 | Hughes high-performance broadband satellite modems, models HN7740S DW7000 HN7000S/SM, is vulnerable to an authentication bypass using an alternate path or channel |
| CVE-2016-9498 | 2018-07-13 | ManageEngine Applications Manager 12 and 13, allows unserialization of unsafe Java objects |
| CVE-2016-9499 | 2018-07-13 | The Accellion FTP server prior to version FTA_9_12_220 is vulnerable to cross-site scripting. |
| CVE-2016-9500 | 2018-07-13 | The Accellion FTP server prior to version FTA_9_12_220 is vulnerable to informaiton exposure |
| CVE-2017-13091 | 2018-07-13 | The P1735 IEEE standard describes flawed methods for encrypting electronic-design intellectual property (IP), including improperly specified padding in CBC mode allows use of an EDA tool as a decryption oracle |
| CVE-2017-13092 | 2018-07-13 | The P1735 IEEE standard describes flawed methods for encrypting electronic-design intellectual property (IP), including improperly specified HDL syntax allows use of an EDA tool as a decryption oracle |
| CVE-2017-13093 | 2018-07-13 | The P1735 IEEE standard describes flawed methods for encrypting electronic-design intellectual property (IP), including modification of encrypted IP cyphertext to insert hardware trojans |
| CVE-2017-13094 | 2018-07-13 | The P1735 IEEE standard describes flawed methods for encrypting electronic-design intellectual property (IP), including modification of the encryption key and insertion of hardware trojans in any IP |
| CVE-2017-13095 | 2018-07-13 | The P1735 IEEE standard describes flawed methods for encrypting electronic-design intellectual property (IP), including modification of a license-deny response to a license grant |
| CVE-2017-13096 | 2018-07-13 | The P1735 IEEE standard describes flawed methods for encrypting electronic-design intellectual property (IP), including modification of Rights Block to remove or relax access control |
| CVE-2017-13097 | 2018-07-13 | The P1735 IEEE standard describes flawed methods for encrypting electronic-design intellectual property (IP), including modification of Rights Block to remove or relax license requirement |
| CVE-2013-0570 | 2018-07-13 | The Fibre Channel over Ethernet (FCoE) feature in IBM System Networking and Blade Network Technology (BNT) switches running IBM Networking Operating System (aka NOS, formerly BLADE Operating System) floods data... |
| CVE-2018-10875 | 2018-07-13 | A flaw was found in ansible. ansible.cfg is read from the current working directory which can be altered to make it point to a plugin or a module path under... |
| CVE-2018-14055 | 2018-07-15 | ZNC before 1.7.1-rc1 does not properly validate untrusted lines coming from the network, allowing a non-admin user to escalate his privilege and inject rogue values into znc.conf. |
| CVE-2018-14056 | 2018-07-15 | ZNC before 1.7.1-rc1 is prone to a path traversal flaw via ../ in a web skin name to access files outside of the intended skins directories. |
| CVE-2018-14010 | 2018-07-15 | OS command injection in the guest Wi-Fi settings feature in /cgi-bin/luci on Xiaomi R3P before 2.14.5, R3C before 2.12.15, R3 before 2.22.15, and R3D before 2.26.4 devices allows an attacker... |
| CVE-2018-14060 | 2018-07-15 | OS command injection in the AP mode settings feature in /cgi-bin/luci /api/misystem/set_router_wifiap on Xiaomi R3D before 2.26.4 devices allows an attacker to execute any command via crafted JSON data. |
| CVE-2018-14063 | 2018-07-15 | The increaseApproval function of a smart contract implementation for Tracto (TRCT), an Ethereum ERC20 token, has an integer overflow. |
| CVE-2018-14064 | 2018-07-15 | The uc-http service 1.0.0 on VelotiSmart WiFi B-380 camera devices allows Directory Traversal, as demonstrated by /../../etc/passwd on TCP port 80. |
| CVE-2018-14065 | 2018-07-15 | XMLReader.php in PHPOffice Common before 0.2.9 allows XXE. |
| CVE-2018-14066 | 2018-07-15 | The content://wappush content provider in com.android.provider.telephony, as found in some custom ROMs for Android phones, allows SQL injection. One consequence is that an application without the READ_SMS permission can read... |
| CVE-2018-14068 | 2018-07-15 | An issue was discovered in SRCMS V2.3.1. There is a CSRF vulnerability that can add an admin account via admin.php?m=Admin&c=manager&a=add. |
| CVE-2018-14069 | 2018-07-15 | An issue was discovered in SRCMS V2.3.1. There is a CSRF vulnerability that can add a user account via admin.php?m=Admin&c=member&a=add. |
| CVE-2018-14072 | 2018-07-15 | libsixel 1.8.1 has a memory leak in sixel_decoder_decode in decoder.c, image_buffer_resize in fromsixel.c, and sixel_decode_raw in fromsixel.c. |
| CVE-2018-14073 | 2018-07-15 | libsixel 1.8.1 has a memory leak in sixel_allocator_new in allocator.c. |
| CVE-2018-14325 | 2018-07-16 | In MP4v2 2.0.0, there is an integer underflow (with resultant memory corruption) when parsing MP4Atom in mp4atom.cpp. |
| CVE-2018-14326 | 2018-07-16 | In MP4v2 2.0.0, there is an integer overflow (with resultant memory corruption) when resizing MP4Array for the ftyp atom in mp4array.h. |
| CVE-2018-14084 | 2018-07-16 | An issue was discovered in a smart contract implementation for MKCB, an Ethereum token. If the owner sets the value of sellPrice to a large number in setPrices() then the... |
| CVE-2018-14085 | 2018-07-16 | An issue was discovered in a smart contract implementation for UserWallet 0x0a7bca9FB7AfF26c6ED8029BB6f0F5D291587c42, an Ethereum token. First, suppose that the owner adds the evil contract address to his sweepers. The evil... |