CVE List - 2018 / July
Showing 1801 - 1900 of 2167 CVEs for July 2018 (Page 19 of 22)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2018-10912 | 2018-07-23 | keycloak before version 4.0.0.final is vulnerable to a infinite loop in session replacement. A Keycloak cluster with multiple nodes could mishandle an expired session replacement and lead to an infinite... |
| CVE-2018-8031 | 2018-07-23 | The Apache TomEE console (tomee-webapp) has a XSS vulnerability which could allow javascript to be executed if the user is given a malicious URL. This web application is typically used... |
| CVE-2018-14573 | 2018-07-23 | A Local File Inclusion (LFI) vulnerability exists in the Web Interface API of TightRope Media Carousel Digital Signage before 7.3.5. The RenderingFetch API allows for the downloading of arbitrary files... |
| CVE-2018-10905 | 2018-07-24 | CloudForms Management Engine (cfme) is vulnerable to an improper security setting in the dRuby component of CloudForms. An attacker with access to an unprivileged local shell could use this flaw... |
| CVE-2018-14335 | 2018-07-24 | An issue was discovered in H2 1.4.197. Insecure handling of permissions in the backup function allows attackers to read sensitive files (outside of their permissions) via a symlink to a... |
| CVE-2017-18104 | 2018-07-24 | The Webhooks component of Atlassian Jira before version 7.6.7 and from version 7.7.0 before version 7.11.0 allows remote attackers who are able to observe or otherwise intercept webhook events to... |
| CVE-2018-10600 | 2018-07-24 | SEL AcSELerator Architect version 2.2.24.0 and prior allows unsanitized input to be passed to the XML parser, which may allow disclosure and retrieval of arbitrary data, arbitrary code execution (in... |
| CVE-2018-10604 | 2018-07-24 | SEL Compass version 3.0.5.1 and prior allows all users full access to the SEL Compass directory, which may allow modification or overwriting of files within the Compass installation folder, resulting... |
| CVE-2018-10608 | 2018-07-24 | SEL AcSELerator Architect version 2.2.24.0 and prior can be exploited when the AcSELerator Architect FTP client connects to a malicious FTP server, which may cause denial of service via 100%... |
| CVE-2018-13385 | 2018-07-24 | There was an argument injection vulnerability in Sourcetree for macOS via filenames in Mercurial repositories. An attacker with permission to commit to a Mercurial repository linked in Sourcetree for macOS... |
| CVE-2018-13386 | 2018-07-24 | There was an argument injection vulnerability in Sourcetree for Windows via filenames in Mercurial repositories. An attacker with permission to commit to a Mercurial repository linked in Sourcetree for Windows... |
| CVE-2018-14579 | 2018-07-24 | GolemCMS through 2008-12-24, if the install/ directory remains active after an installation, allows remote attackers to execute arbitrary PHP code by inserting this code into the "Database Information" "Table prefix"... |
| CVE-2016-5638 | 2018-07-24 | Netgear WNDR4500 running firmware version V1.0.1.40_1.0.6877 reveals some sensitive information such as 2.4GHz & 5GHz Wireless Network Name (SSID) and Network Key (Password) in clear text |
| CVE-2016-5649 | 2018-07-24 | Netgear DGN2200 and DGND3700 disclose the administrator password |
| CVE-2017-3180 | 2018-07-24 | Multiple TIBCO Spotfire components fail to sanitize user-supplied inout and are vulnerable to cross-site scripting |
| CVE-2017-3181 | 2018-07-24 | Multiple TIBCO Spotfire components are vulnerable to multiple unspecified SQL-injection vulnerabilities because it fails to properly sanitize user-supplied input before using it in an SQL query |
| CVE-2017-3182 | 2018-07-24 | On the iOS platform, the ThreatMetrix SDK versions prior to 3.2 fail to validate SSL certificates provided by HTTPS connections, which may allow an attacker to perform a man-in-the-middle (MITM) attack |
| CVE-2017-3183 | 2018-07-24 | Sage XRT Treasury, version 3, fails to properly restrict database access to authorized users, which may enable any authenticated user to gain full access to privileged database functions |
| CVE-2017-3187 | 2018-07-24 | The dotCMS administration panel, versions 3.7.1 and earlier, are vulnerable to cross-site request forgery |
| CVE-2017-3188 | 2018-07-24 | The dotCMS administration panel, versions 3.7.1 and earlier, "Push Publishing" feature in Enterprise Pro is vulnerable to path traversal |
| CVE-2017-3189 | 2018-07-24 | The dotCMS administration panel, versions 3.7.1 and earlier, "Push Publishing" feature in Enterprise Pro is vulnerable to arbitrary file upload |
| CVE-2017-3209 | 2018-07-24 | The DBPOWER U818A WIFI quadcopter drone provides FTP access over its own local access point, and allows full file permissions to the anonymous user |
| CVE-2017-3210 | 2018-07-24 | Applications developed using the Portrait Display SDK, versions 2.30 through 2.34, default to insecure configurations which allow arbitrary code execution |
| CVE-2017-3217 | 2018-07-24 | CalAmp LMU 3030 series OBD-II CDMA and GSM devices has an SMS (text message) interface that can be deployed where no password is configured for this interface by the integrator / reseller |
| CVE-2017-3223 | 2018-07-24 | Dahua IP camera products using firmware versions prior to V2.400.0000.14.R.20170713 include a version of the Sonia web interface that may be vulnerable to a stack buffer overflow |
| CVE-2017-3224 | 2018-07-24 | Open Shortest Path First (OSPF) protocol implementations may improperly determine LSA recency in affected Quagga and downstream implementations (SUSE, openSUSE, and Red Hat packages) |
| CVE-2017-3225 | 2018-07-24 | Das U-Boot's AES-CBC encryption feature uses a zero (0) initialization vector that may allow attacks against the underlying cryptographic implementation and allow an attacker to decrypt the data |
| CVE-2017-3226 | 2018-07-24 | Das U-Boot's AES-CBC encryption feature improperly handles an error condition and may allow attacks against the underlying cryptographic implementation and allow an attacker to decrypt the data |
| CVE-2018-5384 | 2018-07-24 | Navarino Infinity web interface up to version 2.2 exposes an unauthenticated script that is prone to blind sql injection |
| CVE-2018-5385 | 2018-07-24 | Navarino Infinity web interface up to version 2.2 is prone to session fixation attacks |
| CVE-2018-5386 | 2018-07-24 | Some Navarino Infinity functions placed in the URL can bypass any authentication mechanism leading to an information leak |
| CVE-2018-5387 | 2018-07-24 | Wizkunde SAMLBase may incorrectly utilize the results of XML DOM traversal and canonicalization APIs in such a way that an attacker may be able to manipulate the SAML data without... |
| CVE-2018-14584 | 2018-07-24 | An issue has been discovered in Bento4 1.5.1-624. AP4_AvccAtom::Create in Core/Ap4AvccAtom.cpp has a heap-based buffer over-read. |
| CVE-2018-14585 | 2018-07-24 | An issue has been discovered in Bento4 1.5.1-624. AP4_BytesToUInt16BE in Core/Ap4Utils.h has a heap-based buffer over-read after a call from the AP4_Stz2Atom class. |
| CVE-2018-14586 | 2018-07-24 | An issue has been discovered in Bento4 1.5.1-624. A SEGV can occur in AP4_Mpeg2TsAudioSampleStream::WriteSample in Core/Ap4Mpeg2Ts.cpp, a different vulnerability than CVE-2018-14532. |
| CVE-2018-14587 | 2018-07-24 | An issue has been discovered in Bento4 1.5.1-624. AP4_MemoryByteStream::WritePartial in Core/Ap4ByteStream.cpp has a buffer over-read. |
| CVE-2018-14588 | 2018-07-24 | An issue has been discovered in Bento4 1.5.1-624. A NULL pointer dereference can occur in AP4_DataBuffer::SetData in Core/Ap4DataBuffer.cpp. |
| CVE-2018-14589 | 2018-07-24 | An issue has been discovered in Bento4 1.5.1-624. AP4_Mp4AudioDsiParser::ReadBits in Codecs/Ap4Mp4AudioInfo.cpp has a heap-based buffer over-read. |
| CVE-2018-14590 | 2018-07-24 | An issue has been discovered in Bento4 1.5.1-624. A SEGV can occur in AP4_Processor::ProcessFragments in Core/Ap4Processor.cpp. |
| CVE-2018-14582 | 2018-07-24 | index.php?r=admini/admin/create in BageCMS V3.1.3 allows CSRF to add a background administrator account. |
| CVE-2018-14583 | 2018-07-24 | xyhai.php?s=/Auth/addUser in XYHCMS 3.5 allows CSRF to add a background administrator account. |
| CVE-2018-10627 | 2018-07-24 | Echelon SmartServer 1 all versions, SmartServer 2 all versions prior to release 4.11.007, i.LON 100 all versions, and i.LON 600 all versions. An attacker can use the SOAP API to... |
| CVE-2018-10632 | 2018-07-24 | In Moxa NPort 5210, 5230, and 5232 versions 2.9 build 17030709 and prior, the amount of resources requested by a malicious actor are not restricted, allowing for a denial-of-service condition. |
| CVE-2018-8851 | 2018-07-24 | Echelon SmartServer 1 all versions, SmartServer 2 all versions prior to release 4.11.007, i.LON 100 all versions, and i.LON 600 all versions. The devices store passwords in plaintext, which may... |
| CVE-2018-8855 | 2018-07-24 | Echelon SmartServer 1 all versions, SmartServer 2 all versions prior to release 4.11.007, i.LON 100 all versions, and i.LON 600 all versions. The devices allow unencrypted Web connections by default,... |
| CVE-2018-8859 | 2018-07-24 | Echelon SmartServer 1 all versions, SmartServer 2 all versions prior to release 4.11.007, i.LON 100 all versions, and i.LON 600 all versions. An attacker can bypass the required authentication specified... |
| CVE-2018-10628 | 2018-07-24 | AVEVA InTouch 2014 R2 SP1 and prior, InTouch 2017, InTouch 2017 Update 1, and InTouch 2017 Update 2 allow an unauthenticated user to send a specially crafted packet that could... |
| CVE-2018-11044 | 2018-07-24 | Pivotal Apps Manager included in Pivotal Application Service, versions 2.2.x prior to 2.2.1 and 2.1.x prior to 2.1.8 and 2.0.x prior to 2.0.17 and 1.12.x prior to 1.12.26, does not... |
| CVE-2018-11047 | 2018-07-24 | Cloud Foundry UAA, versions 4.19 prior to 4.19.2 and 4.12 prior to 4.12.4 and 4.10 prior to 4.10.2 and 4.7 prior to 4.7.6 and 4.5 prior to 4.5.7, incorrectly authorizes... |
| CVE-2018-11059 | 2018-07-24 | RSA Archer, versions prior to 6.4.0.1, contain a stored cross-site scripting vulnerability. A remote authenticated malicious Archer user could potentially exploit this vulnerability to store malicious HTML or JavaScript code... |
| CVE-2018-11060 | 2018-07-24 | RSA Archer, versions prior to 6.4.0.1, contain an authorization bypass vulnerability in the REST API. A remote authenticated malicious Archer user could potentially exploit this vulnerability to elevate their privileges. |
| CVE-2018-10906 | 2018-07-24 | In fuse before versions 2.9.8 and 3.x before 3.2.5, fusermount is vulnerable to a restriction bypass when SELinux is active. This allows non-root users to mount a FUSE file system... |
| CVE-2018-14596 | 2018-07-25 | wancms 1.0 through 5.0 allows remote attackers to cause a denial of service (resource consumption) via a checkcode (aka verification code) URI in which the values of font_size, width, and... |
| CVE-2018-10880 | 2018-07-25 | Linux kernel is vulnerable to a stack-out-of-bounds write in the ext4 filesystem code when mounting and writing to a crafted ext4 image in ext4_update_inline_data(). An attacker could use this to... |
| CVE-2018-11491 | 2018-07-25 | ASUS HG100 devices with firmware before 1.05.12 allow unauthenticated access, leading to remote command execution. |
| CVE-2018-6971 | 2018-07-25 | VMware Horizon View Agents (7.x.x before 7.5.1) contain a local information disclosure vulnerability due to insecure logging of credentials in the vmmsi.log file when an account other than the currently... |
| CVE-2018-6972 | 2018-07-25 | VMware ESXi (6.7 before ESXi670-201806401-BG, 6.5 before ESXi650-201806401-BG, 6.0 before ESXi600-201806401-BG and 5.5 before ESXi550-201806401-BG), Workstation (14.x before 14.1.2), and Fusion (10.x before 10.1.2) contain a denial-of-service vulnerability due to... |
| CVE-2018-5530 | 2018-07-25 | F5 BIG-IP 13.0.0-13.1.0.5, 12.1.0-12.1.3.5, or 11.6.0-11.6.3.1 virtual servers with HTTP/2 profiles enabled are vulnerable to "HPACK Bomb". |
| CVE-2018-5531 | 2018-07-25 | Through undisclosed methods, on F5 BIG-IP 13.0.0-13.1.0.7, 12.1.0-12.1.3.5, 11.6.0-11.6.3.1, or 11.2.1-11.5.6, adjacent network attackers can cause a denial of service for VCMP guest and host systems. Attack must be sourced... |
| CVE-2018-5536 | 2018-07-25 | A remote attacker via undisclosed measures, may be able to exploit an F5 BIG-IP APM 13.0.0-13.1.0.7 or 12.1.0-12.1.3.5 virtual server configured with an APM per-request policy object and cause a... |
| CVE-2018-5537 | 2018-07-25 | A remote attacker may be able to disrupt services on F5 BIG-IP 13.0.0-13.1.0.5, 12.1.0-12.1.3.5, 11.6.0-11.6.3.1, or 11.2.1-11.5.6 if the TMM virtual server is configured with a HTML or a Rewrite... |
| CVE-2018-5538 | 2018-07-25 | On F5 BIG-IP DNS 13.1.0-13.1.0.7, 12.1.3-12.1.3.5, DNS Express / DNS Zones accept NOTIFY messages on the management interface from source IP addresses not listed in the 'Allow NOTIFY From' configuration... |
| CVE-2018-5539 | 2018-07-25 | Under certain conditions, on F5 BIG-IP ASM 13.0.0-13.1.0.7, 12.1.0-12.1.3.5, 11.6.0-11.6.3.1, 11.5.1-11.5.6, or 11.2.1, when processing CSRF protections, the BIG-IP ASM bd process may restart and produce a core file. |
| CVE-2018-5541 | 2018-07-25 | When F5 BIG-IP ASM 13.0.0-13.1.0.1, 12.1.0-12.1.3.5, 11.6.0-11.6.3.1, or 11.5.1-11.5.6 is processing HTTP requests, an unusually large number of parameters can cause excessive CPU usage in the BIG-IP ASM bd process. |
| CVE-2018-5542 | 2018-07-25 | F5 BIG-IP 13.0.0-13.0.1, 12.1.0-12.1.3.6, or 11.2.1-11.6.3.2 HTTPS health monitors do not validate the identity of the monitored server. |
| CVE-2017-10934 | 2018-07-25 | All versions prior to V5.09.02.02T4 of the ZTE ZXIPTV-EPG product use the Java RMI service in which the servers use the Apache Commons Collections (ACC) library that may result in... |
| CVE-2017-10935 | 2018-07-25 | All versions prior to ZSRV2 V3.00.40 of the ZTE ZXR10 1800-2S products allow remote authenticated users to bypass the original password authentication protection to change other user's password. |
| CVE-2017-10936 | 2018-07-25 | SQL injection vulnerability in all versions prior to V4.01.01 of the ZTE ZXCDN-SNS product allows remote attackers to execute arbitrary SQL commands via the aoData parameter, resulting in the disclosure... |
| CVE-2017-10937 | 2018-07-25 | SQL injection vulnerability in all versions prior to V2.01.05.09 of the ZTE ZXIPTV-UCM product allows remote attackers to execute arbitrary SQL commands via the opertype parameter, resulting in the disclosure... |
| CVE-2018-5240 | 2018-07-25 | The Inventory Plugin for Symantec Management Agent prior to 7.6 POST HF7, 8.0 POST HF6, or 8.1 RU7 may be susceptible to a privilege escalation vulnerability, which is a type... |
| CVE-2018-1002200 | 2018-07-25 | plexus-archiver before 3.6.0 is vulnerable to directory traversal, allowing attackers to write to arbitrary files via a ../ (dot dot slash) in an archive entry that is mishandled during extraction.... |
| CVE-2018-1002202 | 2018-07-25 | zip4j before 1.3.3 is vulnerable to directory traversal, allowing attackers to write to arbitrary files via a ../ (dot dot slash) in a Zip archive entry that is mishandled during... |
| CVE-2018-1002204 | 2018-07-25 | adm-zip npm library before 0.4.9 is vulnerable to directory traversal, allowing attackers to write to arbitrary files via a ../ (dot dot slash) in a Zip archive entry that is... |
| CVE-2018-1002208 | 2018-07-25 | SharpZipLib before 1.0 RC1 is vulnerable to directory traversal, allowing attackers to write to arbitrary files via a ../ (dot dot slash) in a Zip archive entry that is mishandled... |
| CVE-2018-1002205 | 2018-07-25 | DotNetZip.Semvered before 1.11.0 is vulnerable to directory traversal, allowing attackers to write to arbitrary files via a ../ (dot dot slash) in a Zip archive entry that is mishandled during... |
| CVE-2018-1002201 | 2018-07-25 | zt-zip before 1.13 is vulnerable to directory traversal, allowing attackers to write to arbitrary files via a ../ (dot dot slash) in a Zip archive entry that is mishandled during... |
| CVE-2018-1002203 | 2018-07-25 | unzipper npm library before 0.8.13 is vulnerable to directory traversal, allowing attackers to write to arbitrary files via a ../ (dot dot slash) in a Zip archive entry that is... |
| CVE-2018-1002206 | 2018-07-25 | SharpCompress before 0.21.0 is vulnerable to directory traversal, allowing attackers to write to arbitrary files via a ../ (dot dot slash) in a Zip archive entry that is mishandled during... |
| CVE-2018-1002207 | 2018-07-25 | mholt/archiver golang package before e4ef56d48eb029648b0e895bb0b6a393ef0829c3 is vulnerable to directory traversal, allowing attackers to write to arbitrary files via a ../ (dot dot slash) in an archive entry that is mishandled... |
| CVE-2018-1002209 | 2018-07-25 | QuaZIP before 0.7.6 is vulnerable to directory traversal, allowing attackers to write to arbitrary files via a ../ (dot dot slash) in a Zip archive entry that is mishandled during... |
| CVE-2018-13988 | 2018-07-25 | Poppler through 0.62 contains an out of bounds read vulnerability due to an incorrect memory access that is not mapped in its memory space, as demonstrated by pdfunite. This can... |
| CVE-2018-14083 | 2018-07-25 | LICA miniCMTS E8K(u/i/...) devices allow remote attackers to obtain sensitive information via a direct POST request for the inc/user.ini file, leading to discovery of a password hash. |
| CVE-2018-14430 | 2018-07-25 | The Mondula Multi Step Form plugin through 1.2.5 for WordPress allows XSS via the fw_data [id][1], fw_data [id][2], fw_data [id][3], fw_data [id][4], or email field of the contact form, exploitable... |
| CVE-2018-14493 | 2018-07-25 | Cross-site scripting (XSS) vulnerability in the Groups Page in Open-Audit Community 2.2.6 allows remote attackers to inject arbitrary web script or HTML via the group name. |
| CVE-2018-8090 | 2018-07-25 | Quick Heal Total Security 64 bit 17.00 (QHTS64.exe), (QHTSFT64.exe) - Version 10.0.1.38; Quick Heal Total Security 32 bit 17.00 (QHTS32.exe), (QHTSFT32.exe) - Version 10.0.1.38; Quick Heal Internet Security 64 bit... |
| CVE-2017-2637 | 2018-07-26 | A design flaw issue was found in the Red Hat OpenStack Platform director use of TripleO to enable libvirtd based live-migration. Libvirtd is deployed by default (by director) listening on... |
| CVE-2017-7526 | 2018-07-26 | libgcrypt before version 1.7.8 is vulnerable to a cache side-channel attack resulting into a complete break of RSA-1024 while using the left-to-right method for computing the sliding-window expansion. The same... |
| CVE-2017-7530 | 2018-07-26 | In CloudForms Management Engine (cfme) before 5.7.3 and 5.8.x before 5.8.1, it was found that privilege check is missing when invoking arbitrary methods via filtering on VMs that MiqExpression will... |
| CVE-2017-7535 | 2018-07-26 | foreman before version 1.16.0 is vulnerable to a stored XSS in organizations/locations assignment to hosts. Exploiting this requires a user to actively assign hosts to an organization that contains html... |
| CVE-2017-7537 | 2018-07-26 | It was found that a mock CMC authentication plugin with a hardcoded secret was accidentally enabled by default in the pki-core package before 10.6.4. An attacker could potentially use this... |
| CVE-2016-8647 | 2018-07-26 | An input validation vulnerability was found in Ansible's mysql_user module before 2.2.1.0, which may fail to correctly change a password in certain circumstances. Thus the previous password would still be... |
| CVE-2017-2664 | 2018-07-26 | CloudForms Management Engine (cfme) before 5.7.3 and 5.8.x before 5.8.1 lacks RBAC controls on certain methods in the rails application portion of CloudForms. An attacker with access could use a... |
| CVE-2017-7539 | 2018-07-26 | An assertion-failure flaw was found in Qemu before 2.10.1, in the Network Block Device (NBD) server's initial connection negotiation, where the I/O coroutine was undefined. This could crash the qemu-nbd... |
| CVE-2017-7543 | 2018-07-26 | A race-condition flaw was discovered in openstack-neutron before 7.2.0-12.1, 8.x before 8.3.0-11.1, 9.x before 9.3.1-2.1, and 10.x before 10.0.2-1.1, where, following a minor overcloud update, neutron security groups were disabled.... |
| CVE-2017-12610 | 2018-07-26 | In Apache Kafka 0.10.0.0 to 0.10.2.1 and 0.11.0.0 to 0.11.0.1, authenticated Kafka clients may use impersonation via a manually crafted protocol message with SASL/PLAIN or SASL/SCRAM authentication when using the... |
| CVE-2018-1288 | 2018-07-26 | In Apache Kafka 0.9.0.0 to 0.9.0.1, 0.10.0.0 to 0.10.2.1, 0.11.0.0 to 0.11.0.2, and 1.0.0, authenticated Kafka users may perform action reserved for the Broker via a manually created fetch request... |
| CVE-2017-2589 | 2018-07-26 | It was discovered that the hawtio servlet 1.4 uses a single HttpClient instance to proxy requests with a persistent cookie store (cookies are stored locally and are not passed between... |
| CVE-2017-7538 | 2018-07-26 | A cross-site scripting (XSS) flaw was found in how an organization name is displayed in Satellite 5, before 5.8. A user able to change an organization's name could exploit this... |
| CVE-2017-7545 | 2018-07-26 | It was discovered that the XmlUtils class in jbpmmigration 6.5 performed expansion of external parameter entities while parsing XML files. A remote attacker could use this flaw to read files... |
| CVE-2017-7558 | 2018-07-26 | A kernel data leak due to an out-of-bound read was found in the Linux kernel in inet_diag_msg_sctp{,l}addr_fill() and sctp_get_sctp_info() functions present since version 4.7-rc1 through version 4.13. A data leak... |