Waaxe.com - Security Site waaxe.com - In memory of Ponca Chief Standing Bear waaxe.com - Chief Standing Bear In memory of Ponca Chief Standing Bear  

RSS CVE - US National Vulnerability Database

Absolute Computrace Agent V80.845 and V80.866 does not have a digital signature for the configuration block, which allows attackers to set up communication with a web site other than the intended search.namequery.com site by modifying data within a disk's inter-partition space. This allows a privileged local user to execute arbitrary code even after that user loses access and all disk partitions are reformatted.

CVE-2009-5150 (computrace_agent) https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-5150

The stub component of Absolute Computrace Agent V70.785 executes code from a disk's inter-partition space without requiring a digital signature for that code, which allows attackers to execute code on the BIOS. This allows a privileged local user to achieve persistent control of BIOS behavior, independent of later disk changes.

CVE-2009-5151 (computrace_agent) https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-5151

Absolute Computrace Agent, as distributed on certain Dell Inspiron systems through 2009, has a race condition with the Dell Client Configuration Utility (DCCU), which allows privileged local users to change Computrace Agent's activation/deactivation status to the factory default via a crafted TaskResult.xml file.

CVE-2009-5152 (computrace_agent) https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-5152

An improper input validation vulnerability in CA Privileged Access Manager 2.4.4.4 and earlier allows remote attackers to execute arbitrary commands.

CVE-2015-4664 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-4664

admin-cli before versions 3.0.0.alpha25, 2.2.1.cr2 is vulnerable to an EAP feature to download server log files that allows logs to be available via GET requests making them vulnerable to cross-origin attacks. An attacker could trigger the user's browser to request the log files consuming enough resources that normal server functioning could be impaired.

CVE-2016-8627 (jboss_enterprise_application_platform, keycloak) https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-8627

A hard-coded cryptographic key vulnerability was identified in Red Lion Controls Sixnet-Managed Industrial Switches running firmware Version 5.0.196 and Stride-Managed Ethernet Switches running firmware Version 5.0.190. Vulnerable versions of Stride-Managed Ethernet switches and Sixnet-Managed Industrial switches use hard-coded HTTP SSL/SSH keys for secure communication. Because these keys cannot be regenerated by users, all products use the same key. The attacker could disrupt communication or compromise the system. CVSS v3 base score: 10, CVSS vector string: (AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H). Red Lion Controls recommends updating to SLX firmware Version 5.3.174.

CVE-2016-9335 (sixnet-managed_industrial_switches_firmware, stride-managed_ethernet_switches_firmware) https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9335

Unsigned versions of the DLLs distributed by the OPC Foundation may be replaced with malicious code.

CVE-2017-12070 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-12070

An exploitable command injection vulnerability exists in the web server functionality of Moxa EDR-810 V4.1 build 17030317. A specially crafted HTTP POST can cause a privilege escalation, resulting in a root shell. An attacker can inject OS commands into the ip= parm in the "/goform/net_WebPingGetValue" URI to trigger this vulnerability.

CVE-2017-12120 (edr-810_firmware) https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-12120

An exploitable command injection vulnerability exists in the web server functionality of Moxa EDR-810 V4.1 build 17030317. A specially crafted HTTP POST can cause a privilege escalation resulting in root shell. An attacker can inject OS commands into the rsakey\_name= parm in the "/goform/WebRSAKEYGen" uri to trigger this vulnerability.

CVE-2017-12121 (edr-810_firmware) https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-12121

An exploitable denial of service vulnerability exists in the web server functionality of Moxa EDR-810 V4.1 build 17030317. A specially crafted HTTP URI can cause a null pointer dereference resulting in the web server crashing. An attacker can send a crafted URI to trigger this vulnerability.

CVE-2017-12124 (edr-810_firmware) https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-12124

An exploitable command injection vulnerability exists in the web server functionality of Moxa EDR-810 V4.1 build 17030317. A specially crafted HTTP POST can cause a privilege escalation resulting in root shell. An attacker can inject OS commands into the CN= parm in the "/goform/net_WebCSRGen" uri to trigger this vulnerability.

CVE-2017-12125 (edr-810_firmware) https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-12125

An exploitable information disclosure vulnerability exists in the Server Agent functionality of Moxa EDR-810 V4.1 build 17030317. A specially crafted TCP packet can cause information disclosure. An attacker can send a crafted TCP packet to trigger this vulnerability.

CVE-2017-12128 (edr-810_firmware) https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-12128

An exploitable Weak Cryptography for Passwords vulnerability exists in the web server functionality of Moxa EDR-810 V4.1 build 17030317. An attacker could intercept weakly encrypted passwords and could brute force them.

CVE-2017-12129 (edr-810_firmware) https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-12129

An exploitable command injection vulnerability exists in the web server functionality of Moxa EDR-810 V4.1 build 17030317. A specially crafted HTTP POST can cause a privilege escalation resulting in root shell. An attacker can inject OS commands into the openvpnServer0_tmp= parameter in the "/goform/net\_Web\_get_value" uri to trigger this vulnerability.

CVE-2017-14432 (edr-810_firmware) https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-14432

An exploitable command injection vulnerability exists in the web server functionality of Moxa EDR-810 V4.1 build 17030317. A specially crafted HTTP POST can cause a privilege escalation resulting in root shell. An attacker can inject OS commands into the remoteNetwork0= parameter in the "/goform/net\_Web\_get_value" uri to trigger this vulnerability.

CVE-2017-14433 (edr-810_firmware) https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-14433

An exploitable command injection vulnerability exists in the web server functionality of Moxa EDR-810 V4.1 build 17030317. A specially crafted HTTP POST can cause a privilege escalation resulting in root shell. An attacker can inject OS commands into the remoteNetmask0= parameter in the "/goform/net\_Web\_get_value" uri to trigger this vulnerability.

CVE-2017-14434 (edr-810_firmware) https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-14434

An exploitable denial of service vulnerability exists in the web server functionality of Moxa EDR-810 V4.1 build 17030317. A specially crafted HTTP URI can cause a null pointer dereference resulting in denial of service. An attacker can send a GET request to "/MOXA\_CFG.ini" without a cookie header to trigger this vulnerability.

CVE-2017-14435 (edr-810_firmware) https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-14435

An exploitable denial of service vulnerability exists in the web server functionality of Moxa EDR-810 V4.1 build 17030317. A specially crafted HTTP URI can cause a null pointer dereference resulting in denial of service. An attacker can send a GET request to "/MOXA\_CFG2.ini" without a cookie header to trigger this vulnerability.

CVE-2017-14436 (edr-810_firmware) https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-14436

An exploitable denial of service vulnerability exists in the web server functionality of Moxa EDR-810 V4.1 build 17030317. A specially crafted HTTP URI can cause a null pointer dereference resulting in denial of service. An attacker can send a GET request to "/MOXA\_LOG.ini" without a cookie header to trigger this vulnerability.

CVE-2017-14437 (edr-810_firmware) https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-14437

Exploitable denial of service vulnerabilities exists in the Service Agent functionality of Moxa EDR-810 V4.1 build 17030317. A specially crafted packet can cause a denial of service. An attacker can send a large packet to 4000/tcp to trigger this vulnerability.

CVE-2017-14438 (edr-810_firmware) https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-14438

Exploitable denial of service vulnerabilities exists in the Service Agent functionality of Moxa EDR-810 V4.1 build 17030317. A specially crafted packet can cause a denial of service. An attacker can send a large packet to 4001/tcp to trigger this vulnerability.

CVE-2017-14439 (edr-810_firmware) https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-14439

The backend component in Open-Xchange OX App Suite before 7.6.3-rev35, 7.8.x before 7.8.2-rev38, 7.8.3 before 7.8.3-rev41, and 7.8.4 before 7.8.4-rev19 allows remote authenticated users to save arbitrary user attributes by leveraging improper privilege management.

CVE-2017-17062 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-17062

Huawei smart phones LYO-L21 with software LYO-L21C479B107, LYO-L21C479B107 have a privilege escalation vulnerability. An authenticated, local attacker can crafts malformed packets after tricking a user to install a malicious application and exploit this vulnerability when in the exception handling process. Successful exploitation may cause the attacker to obtain a higher privilege of the smart phones.

CVE-2017-17172 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-17172

Due to insufficient parameters verification GPU driver of Mate 9 Pro Huawei smart phones with the versions before LON-AL00B 8.0.0.356(C00) has an arbitrary memory free vulnerability. An attacker can tricks a user into installing a malicious application on the smart phone, and send given parameter to driver to release special kernel memory resource. Successful exploit may result in phone crash or arbitrary code execution.

CVE-2017-17173 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-17173

Huawei HG255s-10 V100R001C163B025SP02 has a path traversal vulnerability due to insufficient validation of the received HTTP requests, a remote attacker may access the local files on the device without authentication.

CVE-2017-17309 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-17309

User process can perform the kernel DOS in ashmem when doing cache maintenance operation in all Android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the Linux kernel.

CVE-2017-18169 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-18169

Prosody before 0.10.0 allows remote attackers to cause a denial of service (application crash), related to an incompatibility with certain versions of the LuaSocket library, such as the lua-socket package from Debian stretch. The attacker needs to trigger a stream error. A crash can be observed in, for example, the c2s module.

CVE-2017-18265 (debian_linux, prosody) https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-18265

The open_envvar function in xdg-open in xdg-utils before 1.1.3 does not validate strings before launching the program specified by the BROWSER environment variable, which might allow remote attackers to conduct argument-injection attacks via a crafted URL, as demonstrated by %s in this environment variable.

CVE-2017-18266 (debian_linux, ubuntu_linux, xdg-utils) https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-18266

The FoFiType1C::cvtGlyph function in fofi/FoFiType1C.cc in Poppler through 0.64.0 allows remote attackers to cause a denial of service (infinite recursion) via a crafted PDF file, as demonstrated by pdftops.

CVE-2017-18267 (poppler, ubuntu_linux) https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-18267

In ImageMagick 7.0.7-16 Q16 x86_64 2017-12-22, an infinite loop vulnerability was found in the function ReadMIFFImage in coders/miff.c, which allows attackers to cause a denial of service (CPU exhaustion) via a crafted MIFF image file.

CVE-2017-18271 (debian_linux, imagemagick, ubuntu_linux) https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-18271

In ImageMagick 7.0.7-16 Q16 x86_64 2017-12-25, there is a use-after-free in ReadOneMNGImage in coders/png.c, which allows attackers to cause a denial of service via a crafted MNG image file that is mishandled in an MngInfoDiscardObject call.

CVE-2017-18272 (imagemagick) https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-18272

In ImageMagick 7.0.7-16 Q16 x86_64 2017-12-22, an infinite loop vulnerability was found in the function ReadTXTImage in coders/txt.c, which allows attackers to cause a denial of service (CPU exhaustion) via a crafted image file that is mishandled in a GetImageIndexInList call.

CVE-2017-18273 (debian_linux, imagemagick, ubuntu_linux) https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-18273

Advantech WebAccess 8.1 and earlier contains a DLL hijacking vulnerability which may allow an attacker to run a malicious DLL file within the search path resulting in execution of arbitrary code.

CVE-2017-5175 (webaccess) https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-5175

Without quotation marks, any whitespace in the file path for Rockwell Automation FactoryTalk Activation version 4.00.02 remains ambiguous, which may allow an attacker to link to or run a malicious executable. This may allow an authorized, but not privileged local user to execute arbitrary code with elevated privileges on the system. CVSS v3 base score: 8.8, CVSS vector string: (AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H). Rockwell Automation has released a new version of FactoryTalk Activation, Version 4.01, which addresses the identified vulnerability. Rockwell Automation recommends upgrading to the latest version of FactoryTalk Activation, Version 4.01 or later.

CVE-2017-6015 (factorytalk_activation) https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-6015

In Android before the 2018-05-05 security patch level, NVIDIA Trusted Execution Environment (TEE) contains a memory corruption (due to unusual root cause) vulnerability, which if run within the speculative execution of the TEE, may lead to local escalation of privileges. This issue is rated as critical. Android: A-72830049. Reference: N-CVE-2017-6289.

CVE-2017-6289 (android) https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-6289

In Android before the 2018-05-05 security patch level, NVIDIA Tegra X1 TZ contains a vulnerability in Widevine TA where the software writes data past the end, or before the beginning, of the intended buffer, which may lead to escalation of Privileges. This issue is rated as high. Android: A-69377364. Reference: N-CVE-2017-6293.

CVE-2017-6293 (android) https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-6293

Cross-site scripting vulnerability in ASUS RT-AC87U Firmware version prior to 3.0.0.4.378.9383 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

CVE-2018-0581 (rt-ac87u_firmware) https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-0581

Cross-site scripting vulnerability in ASUS RT-AC68U Firmware version prior to 3.0.0.4.380.1031 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

CVE-2018-0582 (rt-ac68u_firmware) https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-0582

Cross-site scripting vulnerability in ASUS RT-AC1200HP Firmware version prior to 3.0.0.4.380.4180 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

CVE-2018-0583 (rt-ac1200hp_firmware) https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-0583

Directory traversal vulnerability in the shortcodes function of Ultimate Member plugin prior to version 2.0.4 for WordPress allows remote authenticated attackers to read arbitrary files via unspecified vectors.

CVE-2018-0586 (user_profile_&_membership) https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-0586

Unrestricted file upload vulnerability in Ultimate Member plugin prior to version 2.0.4 for WordPress allows remote authenticated users to upload arbitrary image files via unspecified vectors.

CVE-2018-0587 (user_profile_&_membership) https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-0587

Directory traversal vulnerability in the AJAX function of Ultimate Member plugin prior to version 2.0.4 for WordPress allows remote attackers to read arbitrary files via unspecified vectors.

CVE-2018-0588 (user_profile_&_membership) https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-0588

Ultimate Member plugin prior to version 2.0.4 for WordPress allows remote authenticated attackers to bypass access restriction to add a new form in the 'Forms' page via unspecified vectors.

CVE-2018-0589 (user_profile_&_membership) https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-0589

Ultimate Member plugin prior to version 2.0.4 for WordPress allows remote authenticated attackers to bypass access restriction to modify the other users profiles via unspecified vectors.

CVE-2018-0590 (user_profile_&_membership) https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-0590

A denial of service vulnerability exists when .NET and .NET Core improperly process XML documents, aka ".NET and .NET Core Denial of Service Vulnerability." This affects Microsoft .NET Framework 2.0, Microsoft .NET Framework 3.0, Microsoft .NET Framework 4.7.1, Microsoft .NET Framework 4.6/4.6.1/4.6.2/4.7/4.7.1, Microsoft .NET Framework 4.5.2, Microsoft .NET Framework 4.7/4.7.1, Microsoft .NET Framework 4.6, Microsoft .NET Framework 3.5, Microsoft .NET Framework 3.5.1, Microsoft .NET Framework 4.6/4.6.1/4.6.2, Microsoft .NET Framework 4.6.2/4.7/4.7.1, .NET Core 2.0, Microsoft .NET Framework 4.7.2.

CVE-2018-0765 (.net_core, .net_framework) https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-0765

A remote code execution vulnerability exists in "Microsoft COM for Windows" when it fails to properly handle serialized objects, aka "Microsoft COM for Windows Remote Code Execution Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers.

CVE-2018-0824 (windows_10, windows_7, windows_8.1, windows_rt_8.1, windows_server_2008, windows_server_2012, windows_server_2016) https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-0824

A security feature bypass vulnerability exists in Windows Scripting Host which could allow an attacker to bypass Device Guard, aka "Windows Security Feature Bypass Vulnerability." This affects Windows Server 2016, Windows 10, Windows 10 Servers. This CVE ID is unique from CVE-2018-0958, CVE-2018-8129, CVE-2018-8132.

CVE-2018-0854 (windows_10, windows_server_2016) https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-0854

An information disclosure vulnerability exists when Edge improperly marks files, aka "Microsoft Edge Information Disclosure Vulnerability." This affects Microsoft Edge. This CVE ID is unique from CVE-2018-8234.

CVE-2018-0871 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-0871

A security feature bypass vulnerability exists in Windows which could allow an attacker to bypass Device Guard, aka "Windows Security Feature Bypass Vulnerability." This affects Windows Server 2016, Windows 10, Windows 10 Servers. This CVE ID is unique from CVE-2018-0854, CVE-2018-8129, CVE-2018-8132.

CVE-2018-0958 (windows_10, windows_server_2016) https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-0958

A remote code execution vulnerability exists when Windows Hyper-V on a host server fails to properly validate input from an authenticated user on a guest operating system, aka "Hyper-V Remote Code Execution Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers.

CVE-2018-0959 (windows_10, windows_7, windows_8.1, windows_rt_8.1, windows_server_2008, windows_server_2012, windows_server_2016) https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-0959

A remote code execution vulnerability exists when Windows Hyper-V on a host server fails to properly validate vSMB packet data, aka "Hyper-V vSMB Remote Code Execution Vulnerability." This affects Windows Server 2016, Windows 10, Windows 10 Servers.

CVE-2018-0961 (windows_10, windows_server_2016) https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-0961

A remote code execution vulnerability exists when Internet Explorer improperly accesses objects in memory, aka "Internet Explorer Memory Corruption Vulnerability." This affects Internet Explorer 9, Internet Explorer 11, Internet Explorer 10. This CVE ID is unique from CVE-2018-8249.

CVE-2018-0978 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-0978

An elevation of privilege vulnerability exists in the way that the Windows Kernel API enforces permissions, aka "Windows Elevation of Privilege Vulnerability." This affects Windows Server 2016, Windows 10, Windows 10 Servers.

CVE-2018-0982 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-0982

An issue was discovered in HAProxy before 1.8.8. The incoming H2 frame length was checked against the max_frame_size setting instead of being checked against the bufsize. The max_frame_size only applies to outgoing traffic and not to incoming, so if a large enough frame size is advertised in the SETTINGS frame, a wrapped frame will be defragmented into a temporary allocated buffer where the second fragment may overflow the heap by up to 16 kB. It is very unlikely that this can be exploited for code execution given that buffers are very short lived and their addresses not realistically predictable in production, but the likelihood of an immediate crash is absolutely certain.

CVE-2018-10184 (enterprise_linux, haproxy) https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-10184

error.php in ILIAS 5.2.x through 5.3.x before 5.3.4 allows XSS via the text of a PDO exception.

CVE-2018-10307 (ilias) https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-10307

An elevation of privilege vulnerability exists when NTFS improperly checks access, aka "NTFS Elevation of Privilege Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers.

CVE-2018-1036 (windows_10, windows_7, windows_8.1, windows_rt_8.1, windows_server_2008, windows_server_2012, windows_server_2016) https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-1036

PortSwigger Burp Suite before 1.7.34 has Improper Certificate Validation of the Collaborator server certificate, which might allow man-in-the-middle attackers to obtain interaction data.

CVE-2018-10377 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-10377

A security feature bypass vulnerability exists in .Net Framework which could allow an attacker to bypass Device Guard, aka ".NET Framework Device Guard Security Feature Bypass Vulnerability." This affects Microsoft .NET Framework 4.7.1, Microsoft .NET Framework 4.6, Microsoft .NET Framework 3.5, Microsoft .NET Framework 4.7/4.7.1, Microsoft .NET Framework 3.0, Microsoft .NET Framework 3.5.1, Microsoft .NET Framework 4.5.2, Microsoft .NET Framework 4.6.2/4.7/4.7.1, Microsoft .NET Framework 4.6/4.6.1/4.6.2/4.7/4.7.1, Microsoft .NET Framework 2.0, Microsoft .NET Framework 4.6/4.6.1/4.6.2.

CVE-2018-1039 (.net_framework) https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-1039

A denial of service vulnerability exists in the way that the Windows Code Integrity Module performs hashing, aka "Windows Code Integrity Module Denial of Service Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers.

CVE-2018-1040 (windows_10, windows_7, windows_8.1, windows_server_2008, windows_server_2012, windows_server_2016) https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-1040

The "Latest Posts on Profile" plugin 1.1 for MyBB has XSS because there is an added section in a user profile that displays that user's most recent posts without sanitizing the tsubject (aka thread subject) field.

CVE-2018-10580 (latest_posts_on_profile) https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-10580

In Advantech WebAccess versions V8.2_20170817 and prior, WebAccess versions V8.3.0 and prior, WebAccess Dashboard versions V.2.0.15 and prior, WebAccess Scada Node versions prior to 8.3.1, and WebAccess/NMS 2.0.3 and prior, a path transversal vulnerability has been identified, which may allow an attacker to execute arbitrary code.

CVE-2018-10589 (webaccess, webaccess/nms, webaccess_dashboard, webaccess_scada) https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-10589

In Advantech WebAccess versions V8.2_20170817 and prior, WebAccess versions V8.3.0 and prior, WebAccess Dashboard versions V.2.0.15 and prior, WebAccess Scada Node versions prior to 8.3.1, and WebAccess/NMS 2.0.3 and prior, an information exposure vulnerability through directory listing has been identified, which may allow an attacker to find important files that are not normally visible.

CVE-2018-10590 (webaccess, webaccess/nms, webaccess_dashboard, webaccess_scada) https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-10590

In Advantech WebAccess versions V8.2_20170817 and prior, WebAccess versions V8.3.0 and prior, WebAccess Dashboard versions V.2.0.15 and prior, WebAccess Scada Node versions prior to 8.3.1, and WebAccess/NMS 2.0.3 and prior, an origin validation error vulnerability has been identified, which may allow an attacker can create a malicious web site, steal session cookies, and access data of authenticated users.

CVE-2018-10591 (webaccess, webaccess/nms, webaccess_dashboard, webaccess_scada) https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-10591

python before versions 2.7.15, 3.4.9, 3.5.6 and 3.7.0 is vulnerable to catastrophic backtracking in pop3lib's apop() method. An attacker could use this flaw to cause denial of service.

CVE-2018-1060 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-1060

Delta Electronics Delta Industrial Automation DOPSoft version 4.00.04 and prior utilizes a fixed-length heap buffer where a value larger than the buffer can be read from a .dpa file into the buffer, causing the buffer to be overwritten. This may allow remote code execution or cause the application to crash.

CVE-2018-10617 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-10617

Delta Electronics Delta Industrial Automation DOPSoft version 4.00.04 and prior utilizes a fixed-length stack buffer where a value larger than the buffer can be read from a .dpa file into the buffer, causing the buffer to be overwritten. This may allow remote code execution or cause the application to crash.

CVE-2018-10621 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-10621

Delta Electronics Delta Industrial Automation DOPSoft version 4.00.04 and prior performs read operations on a memory buffer where the position can be determined by a value read from a .dpa file. This may cause improper restriction of operations within the bounds of the memory buffer, allow remote code execution, alter the intended control flow, allow reading of sensitive information, or cause the application to crash.

CVE-2018-10623 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-10623

DLPnpAuditor.exe in DeviceLock Plug and Play Auditor (freeware) 5.72 has a Unicode Buffer Overflow (SEH).

CVE-2018-10655 (plug_and_play_auditor) https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-10655

** DISPUTED ** An issue was discovered in WildFly 10.1.2.Final. It is possible for an attacker to access the administration panel on TCP port 9990 without any authentication using "anonymous" access that is automatically created. Once logged in, a misconfiguration present by default (auto-deployment) permits an anonymous user to deploy a malicious .war file, leading to remote code execution. NOTE: the vendor indicates that anonymous access is not available in the default installation; however, it remains optional because there are several use cases for it, including development environments and network architectures that have a proxy server for access control to the WildFly server.

CVE-2018-10682 (wildfly) https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-10682

** DISPUTED ** An issue was discovered in WildFly 10.1.2.Final. In the case of a default installation without a security realm reference, an attacker can successfully access the server without authentication. NOTE: the Security Realms documentation in the product's Admin Guide indicates that "without a security realm reference" implies "effectively unsecured." The vendor explicitly supports these unsecured configurations because they have valid use cases during development.

CVE-2018-10683 (wildfly) https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-10683

The Owned smart contract implementation for Aurora DAO (AURA), an Ethereum ERC20 token, allows attackers to acquire contract ownership because the setOwner function is declared as public. An attacker can then conduct a lockBalances() denial of service attack.

CVE-2018-10705 (aura) https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-10705

An integer overflow in the transferMulti function of a smart contract implementation for Social Chain (SCA), an Ethereum ERC20 token, allows attackers to accomplish an unauthorized increase of digital assets, aka the "multiOverflow" issue.

CVE-2018-10706 (social_chain) https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-10706

A SQL injection issue was discovered in Nagios XI before 5.4.13 via the admin/commandline.php cname parameter.

CVE-2018-10735 (nagios_xi) https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-10735

A SQL injection issue was discovered in Nagios XI before 5.4.13 via the admin/info.php key1 parameter.

CVE-2018-10736 (nagios_xi) https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-10736

A SQL injection issue was discovered in Nagios XI before 5.4.13 via the admin/logbook.php txtSearch parameter.

CVE-2018-10737 (nagios_xi) https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-10737

A SQL injection issue was discovered in Nagios XI before 5.4.13 via the admin/menuaccess.php chbKey1 parameter.

CVE-2018-10738 (nagios_xi) https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-10738

download.rsp on ShenZhen Anni "5 in 1 XVR" devices allows remote attackers to download the configuration (without a login) to discover the password.

CVE-2018-10770 (5_in_1_xvr_firmware) https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-10770

Cross-site scripting (XSS) vulnerability in backend/pages/modify.php in BlackCatCMS 1.3 allows remote authenticated users with the Admin role to inject arbitrary web script or HTML via the search panel.

CVE-2018-10821 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-10821

An issue was discovered in Alps Pointing-device Driver 10.1.101.207. ApMsgFwd.exe allows the current user to map and write to the "ApMsgFwd File Mapping Object" section. ApMsgFwd.exe uses the data written to this section as arguments to functions. This causes a denial of service condition when invalid pointers are written to the mapped section. This driver has been used with Dell, ThinkPad, and VAIO devices.

CVE-2018-10828 (pointing-device_driver) https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-10828

Z-NOMP before 2018-04-05 has an incorrect Equihash solution verifier that allows attackers to spoof mining shares, as demonstrated by providing a solution with {x1=1,x2=1,x3=1,...,x512=1} to bypass this verifier for any blockheader. This originally affected (for example) the Bitcoin Gold and Zcash cryptocurrencies, and continued to be exploited in the wild in May 2018 against smaller cryptocurrencies.

CVE-2018-10831 (z-nomp) https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-10831

openshift-ansible before versions 3.9.23, 3.7.46 deploys a misconfigured etcd file that causes the SSL client certificate authentication to be disabled. Quotations around the values of ETCD_CLIENT_CERT_AUTH and ETCD_PEER_CLIENT_CERT_AUTH in etcd.conf result in etcd being configured to allow remote users to connect without any authentication if they can access the etcd server bound to the network on the master nodes. An attacker could use this flaw to read and modify all the data about the Openshift cluster in the etcd datastore, potentially adding another compute node, or bringing down the entire cluster.

CVE-2018-1085 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-1085

In Pulp before version 2.16.2, secrets are passed into override_config when triggering a task and then become readable to all users with read access on the distributor/importer. An attacker with API access can then view these secrets.

CVE-2018-1090 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-1090

SQL injection vulnerability in the Pie Register plugin before 3.0.10 for WordPress allows remote attackers to execute arbitrary SQL commands via the invitation codes grid.

CVE-2018-10969 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-10969

An integer overflow in the transferMulti function of a smart contract implementation for KoreaShow, an Ethereum ERC20 token, allows attackers to accomplish an unauthorized increase of digital assets via crafted _value parameters.

CVE-2018-10973 (koreashow) https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-10973

An issue was discovered in Xen through 4.10.x allowing x86 HVM guest OS users to cause a denial of service (host OS infinite loop) in situations where a QEMU device model attempts to make invalid transitions between states of a request.

CVE-2018-10981 (debian_linux, xen) https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-10981

An issue was discovered in Xen through 4.10.x allowing x86 HVM guest OS users to cause a denial of service (unexpectedly high interrupt number, array overrun, and hypervisor crash) or possibly gain hypervisor privileges by setting up an HPET timer to deliver interrupts in IO-APIC mode, aka vHPET interrupt injection.

CVE-2018-10982 (debian_linux, xen) https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-10982

js/views/message_view.js in Open Whisper Signal (aka Signal-Desktop) before 1.10.1 allows XSS via a URL.

CVE-2018-10994 (signal-desktop) https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-10994

The weblogin_log function in /htdocs/cgibin on D-Link DIR-629-B1 devices allows attackers to execute arbitrary code or cause a denial of service (buffer overflow) via a session.cgi?ACTION=logout request involving a long REMOTE_ADDR environment variable.

CVE-2018-10996 (dir-629-b_firmware) https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-10996

Etere EtereWeb before 28.1.20 has a pre-authentication blind SQL injection in the POST parameters txUserName and txPassword.

CVE-2018-10997 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-10997

An issue was discovered in Exiv2 0.26. readMetadata in jp2image.cpp allows remote attackers to cause a denial of service (SIGABRT) by triggering an incorrect Safe::add call.

CVE-2018-10998 (exiv2) https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-10998

An issue was discovered in Exiv2 0.26. The Exiv2::Internal::PngChunk::parseTXTChunk function has a heap-based buffer over-read.

CVE-2018-10999 (exiv2) https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-10999

An issue was discovered in YXcms 1.4.7. Cross-site request forgery (CSRF) vulnerability in protected/apps/admin/controller/adminController.php allows remote attackers to delete administrator accounts via index.php?r=admin/admin/admindel.

CVE-2018-11003 (yxcms) https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-11003

An issue was discovered in SDcms v1.5. Cross-site request forgery (CSRF) vulnerability in /WWW//app/admin/controller/admincontroller.php allows remote attackers to add administrator accounts via m=admin&c=admin&a=add.

CVE-2018-11004 (sdcms) https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-11004

An issue was discovered in PbootCMS v1.0.7. Cross-site request forgery (CSRF) vulnerability in apps/admin/controller/system/RoleController.php allows remote attackers to add administrator accounts via admin.php/role/add.html.

CVE-2018-11018 (pbootcms) https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-11018

In 2345 Security Guard 3.7, the driver file (2345NsProtect.sys, X64 version) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCTL 0x8000200D.

CVE-2018-11034 (security_guard) https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-11034

In 2345 Security Guard 3.7, the driver file (2345NsProtect.sys, X64 version) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCTL 0x80002019.

CVE-2018-11035 (security_guard) https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-11035

In Exiv2 0.26, the Exiv2::PngImage::printStructure function in pngimage.cpp allows remote attackers to cause an information leak via a crafted file.

CVE-2018-11037 (exiv2) https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-11037

An XSS issue was discovered in MyBiz MyProcureNet 5.0.0. This vulnerability within "ProxyPage.aspx" allows an attacker to inject malicious client side scripting which will be executed in the browser of users if they visit the manipulated site.

CVE-2018-11090 (myprocurenet) https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-11090

Services/Feeds/classes/class.ilExternalFeedItem.php in ILIAS 5.1.x, 5.2.x, and 5.3.x before 5.3.5 has XSS via a link attribute.

CVE-2018-11117 (ilias) https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-11117

The RSS subsystem in ILIAS 5.1.x, 5.2.x, and 5.3.x before 5.3.5 has XSS via a URI to Services/Feeds/classes/class.ilExternalFeedItem.php.

CVE-2018-11118 (ilias) https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-11118

ILIAS 5.1.x, 5.2.x, and 5.3.x before 5.3.5 redirects a logged-in user to a third-party site via the return_to_url parameter.

CVE-2018-11119 (ilias) https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-11119

Services/COPage/classes/class.ilPCSourceCode.php in ILIAS 5.1.x, 5.2.x, and 5.3.x before 5.3.5 has XSS.

CVE-2018-11120 (ilias) https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-11120

postgresql before versions 10.4, 9.6.9 is vulnerable in the adminpack extension, the pg_catalog.pg_logfile_rotate() function doesn't follow the same ACLs than pg_rorate_logfile. If the adminpack is added to a database, an attacker able to connect to it could exploit this to force log rotation.

CVE-2018-1115 (postgresql) https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-1115

A NULL pointer dereference was discovered in H5S_hyper_make_spans in H5Shyper.c in the HDF HDF5 1.10.2 library. It could allow a remote denial of service attack.

CVE-2018-11202 (hdf5) https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-11202

A division by zero was discovered in H5D__btree_decode_key in H5Dbtree.c in the HDF HDF5 1.10.2 library. It could allow a remote denial of service attack.

CVE-2018-11203 (hdf5) https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-11203

A NULL pointer dereference was discovered in H5O__chunk_deserialize in H5Ocache.c in the HDF HDF5 1.10.2 library. It could allow a remote denial of service attack.

CVE-2018-11204 (hdf5) https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-11204

A out of bounds read was discovered in H5VM_memcpyvv in H5VM.c in the HDF HDF5 1.10.2 library. It could allow a remote denial of service or information disclosure attack.

CVE-2018-11205 (hdf5) https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-11205

A out of bounds read was discovered in H5O_fill_new_decode and H5O_fill_old_decode in H5Ofill.c in the HDF HDF5 1.10.2 library. It could allow a remote denial of service or information disclosure attack.

CVE-2018-11206 (hdf5) https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-11206

A division by zero was discovered in H5D__chunk_init in H5Dchunk.c in the HDF HDF5 1.10.2 library. It could allow a remote denial of service attack.

CVE-2018-11207 (hdf5) https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-11207

** DISPUTED ** An issue was discovered in Z-BlogPHP 2.0.0. There is a persistent XSS that allows remote attackers to inject arbitrary web script or HTML into background web site settings via the "copyright information office" field. NOTE: the vendor indicates that the product was not intended to block this type of XSS by a user with the admin privilege.

CVE-2018-11208 (z-blogphp) https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-11208

** DISPUTED ** An issue was discovered in Z-BlogPHP 2.0.0. zb_system/cmd.php?act=verify relies on MD5 for the password parameter, which might make it easier for attackers to bypass intended access restrictions via a dictionary or rainbow-table attack. NOTE: the vendor declined to accept this as a valid issue.

CVE-2018-11209 (z-blogphp) https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-11209

An issue was discovered in libjpeg 9a. The alloc_sarray function in jmemmgr.c allows remote attackers to cause a denial of service (divide-by-zero error) via a crafted file.

CVE-2018-11212 (libjpeg) https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-11212

An issue was discovered in libjpeg 9a. The get_text_gray_row function in rdppm.c allows remote attackers to cause a denial of service (Segmentation fault) via a crafted file.

CVE-2018-11213 (libjpeg) https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-11213

An issue was discovered in libjpeg 9a. The get_text_rgb_row function in rdppm.c allows remote attackers to cause a denial of service (Segmentation fault) via a crafted file.

CVE-2018-11214 (libjpeg) https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-11214

Memory Corruption was discovered in the cmsgpack library in the Lua subsystem in Redis before 3.2.12, 4.x before 4.0.10, and 5.x before 5.0 RC2 because of stack-based buffer overflows.

CVE-2018-11218 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-11218

An Integer Overflow issue was discovered in the struct library in the Lua subsystem in Redis before 3.2.12, 4.x before 4.0.10, and 5.x before 5.0 RC2, leading to a failure of bounds checking.

CVE-2018-11219 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-11219

Unauthenticated untrusted file upload in Artica Pandora FMS through version 7.23 allows an attacker to upload an arbitrary plugin via include/ajax/update_manager.ajax in the update system.

CVE-2018-11221 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-11221

Local File Inclusion (LFI) in Artica Pandora FMS through version 7.23 allows an attacker to call any php file via the /pandora_console/ajax.php ajax endpoint.

CVE-2018-11222 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-11222

XSS in Artica Pandora FMS before 7.0 NG 723 allows an attacker to execute arbitrary code via a crafted "refr" parameter in a "/pandora_console/index.php?sec=estado&sec2=operation/agentes/estado_agente&refr=" call.

CVE-2018-11223 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-11223

The BBE theme before 1.53 for WordPress allows a direct launch of an HTML editor.

CVE-2018-11244 (bbe_theme) https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-11244

In ImageMagick 7.0.7-23 Q16 x86_64 2018-01-24, there is a heap-based buffer over-read in ReadSUNImage in coders/sun.c, which allows attackers to cause a denial of service (application crash in SetGrayscaleImage in MagickCore/quantize.c) via a crafted SUN image file.

CVE-2018-11251 (imagemagick) https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-11251

An issue was discovered in PoDoFo 0.9.5. There is an Excessive Recursion in the PdfPagesTree::GetPageNode() function of PdfPagesTree.cpp. Remote attackers could leverage this vulnerability to cause a denial of service through a crafted pdf file, a related issue to CVE-2017-8054.

CVE-2018-11254 (podofo) https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-11254

An issue was discovered in PoDoFo 0.9.5. The function PdfPage::GetPageNumber() in PdfPage.cpp in PoDoFo 0.9.5 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted PDF document.

CVE-2018-11255 (podofo) https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-11255

An issue was discovered in PoDoFo 0.9.5. The function PdfDocument::Append() in PdfDocument.cpp in PoDoFo 0.9.5 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted PDF document.

CVE-2018-11256 (podofo) https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-11256

libjpeg-turbo 1.5.90 is vulnerable to a denial of service vulnerability caused by a divide by zero when processing a crafted BMP image.

CVE-2018-1152 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-1152

Burp Suite Community Edition 1.7.32 and 1.7.33 fail to validate the server certificate in a couple of HTTPS requests which allows a man in the middle to modify or view traffic.

CVE-2018-1153 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-1153

Improper input validation together with an integer overflow in the EAP-TLS protocol implementation in PPPD may cause a crash, information disclosure, or authentication bypass. This implementation is distributed as a patch for PPPD 0.91, and includes the affected eap.c and eap-tls.c files. Configurations that use the `refuse-app` option are unaffected.

CVE-2018-11574 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-11574

index.js in oauth2orize-fprm before 0.2.1 has XSS via a crafted URL.

CVE-2018-11647 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-11647

Smart Viewer in Samsung Web Viewer for Samsung DVR is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A remote attacker could exploit this vulnerability via a crafted URL to execute script in a victim's Web browser within the security context of the hosting Web site, once the URL is clicked. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials.

CVE-2018-11689 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-11689

The Balbooa Gridbox extension version 2.4.0 and previous versions for Joomla! is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A remote attacker could exploit this vulnerability via a crafted URL to execute script in a victim's Web browser within the security context of the hosting Web site, once the URL is clicked. An attacker could use this vulnerability to steal the victim's cookie-based authentication credentials.

CVE-2018-11690 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-11690

During the spawning of a malicious Passenger-managed application, SpawningKit in Phusion Passenger 5.3.x before 5.3.2 allows such applications to replace key files or directories in the spawning communication directory with symlinks. This then could result in arbitrary reads and writes, which in turn can result in information disclosure and privilege escalation.

CVE-2018-12026 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-12026

An Insecure Permissions vulnerability in SpawningKit in Phusion Passenger 5.3.x before 5.3.2 causes information disclosure in the following situation: given a Passenger-spawned application process that reports that it listens on a certain Unix domain socket, if any of the parent directories of said socket are writable by a normal user that is not the application's user, then that non-application user can swap that directory with something else, resulting in traffic being redirected to a non-application user's process through an alternative Unix domain socket.

CVE-2018-12027 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-12027

An Incorrect Access Control vulnerability in SpawningKit in Phusion Passenger 5.3.x before 5.3.2 allows a Passenger-managed malicious application, upon spawning a child process, to report an arbitrary different PID back to Passenger's process manager. If the malicious application then generates an error, it would cause Passenger's process manager to kill said reported arbitrary PID.

CVE-2018-12028 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-12028

A race condition in the nginx module in Phusion Passenger 3.x through 5.x before 5.3.2 allows local escalation of privileges when a non-standard passenger_instance_registry_dir with insufficiently strict permissions is configured. Replacing a file with a symlink after the file was created, but before it was chowned, leads to the target of the link being chowned via the path. Targeting sensitive files such as root's crontab file allows privilege escalation.

CVE-2018-12029 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-12029

Chevereto Free before 1.0.13 has XSS.

CVE-2018-12030 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-12030

In YARA 3.7.1 and prior, parsing a specially crafted compiled rule file can cause an out of bounds read vulnerability in yr_execute_code in libyara/exec.c.

CVE-2018-12034 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-12034

In YARA 3.7.1 and prior, parsing a specially crafted compiled rule file can cause an out of bounds write vulnerability in yr_execute_code in libyara/exec.c.

CVE-2018-12035 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-12035

A Session Fixation issue exists in CodeIgniter before 3.1.9 because session.use_strict_mode in the Session Library was mishandled.

CVE-2018-12071 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-12071

An issue was discovered in Cloud Media Popcorn A-200 03-05-130708-21-POP-411-000 firmware. It is configured to provide TELNET remote access (without a password) that pops a shell as root. If an attacker can connect to port 23 on the device, he can completely compromise it.

CVE-2018-12072 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-12072

An issue was discovered on Eminent EM4544 9.10 devices. The device does not require the user's current password to set a new one within the web interface. Therefore, it is possible to exploit this issue (e.g., in combination with a successful XSS, or at an unattended workstation) to change the admin password to an attacker-chosen value without knowing the current password.

CVE-2018-12073 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-12073

Cross-site scripting (XSS) vulnerability in Airbnb Knowledge Repo 0.7.4 allows remote attackers to inject arbitrary web scripts or HTML via the post comments functionality, as demonstrated by the post/posts/new_report.kp URI.

CVE-2018-12104 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-12104

Maccms 10 allows CSRF via admin.php/admin/admin/info.html to add user accounts.

CVE-2018-12114 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-12114

Buffer overflow in redis-cli of Redis before 4.0.10 and 5.x before 5.0 RC3 allows an attacker to achieve code execution and escalate to higher privileges via a crafted command line. NOTE: It is unclear whether there are any common situations in which redis-cli is used with, for example, a -h (aka hostname) argument from an untrusted source.

CVE-2018-12326 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-12326

Protection Mechanism Failure in ECOS Secure Boot Stick (aka SBS) 5.6.5 allows a local attacker to duplicate an authentication factor via cloning.

CVE-2018-12329 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-12329

Protection Mechanism Failure in ECOS Secure Boot Stick (aka SBS) 5.6.5 allows an attacker to compromise authentication and encryption keys via compromised firmware.

CVE-2018-12330 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-12330

Authentication Bypass by Spoofing vulnerability in ECOS System Management Appliance (aka SMA) 5.2.68 allows a man-in-the-middle attacker to compromise authentication keys and configurations via IP spoofing during "Easy Enrollment."

CVE-2018-12331 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-12331

Incomplete Cleanup vulnerability in ECOS Secure Boot Stick (aka SBS) 5.6.5 allows an attacker to compromise authentication and encryption keys via a compromised host PC after a reset.

CVE-2018-12332 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-12332

Insufficient Verification of Data Authenticity vulnerability in ECOS Secure Boot Stick (aka SBS) 5.6.5 allows an attacker to manipulate security relevant configurations and execute malicious code.

CVE-2018-12333 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-12333

Protection Mechanism Failure in ECOS Secure Boot Stick (aka SBS) 5.6.5 allows an attacker to compromise authentication and encryption keys via a virtualization attack.

CVE-2018-12334 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-12334

Incorrect access control in ECOS System Management Appliance (aka SMA) 5.2.68 allows a user to compromise authentication keys, and access and manipulate security relevant configurations, via unrestricted database access during Easy Enrollment.

CVE-2018-12335 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-12335

Undocumented Factory Backdoor in ECOS Secure Boot Stick (aka SBS) 5.6.5 allows the vendor to extract confidential information via remote root SSH access.

CVE-2018-12336 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-12336

Reliance on Security Through Obscurity vulnerability in ECOS Secure Boot Stick (aka SBS) 5.6.5 allows an attacker to partially extract confidential configurations via user-space emulation.

CVE-2018-12337 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-12337

Undocumented Factory Backdoor in ECOS System Management Appliance (aka SMA) 5.2.68 allows the vendor to extract confidential information and manipulate security relevant configurations via remote root SSH access.

CVE-2018-12338 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-12338

An issue was discovered in password-store.sh in pass in Simple Password Store 1.7.x before 1.7.2. The signature verification routine parses the output of GnuPG with an incomplete regular expression, which allows remote attackers to spoof file signatures on configuration files and extension scripts. Modifying the configuration file allows the attacker to inject additional encryption keys under their control, thereby disclosing passwords to the attacker. Modifying the extension scripts allows the attacker arbitrary code execution.

CVE-2018-12356 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-12356

Archive.java in Junrar before 1.0.1, as used in Apache Tika and other products, is affected by a denial of service vulnerability due to an infinite loop when handling corrupt RAR files.

CVE-2018-12418 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-12418

IceHrm before 23.0.1.OS has a risky usage of a hashed password in a request.

CVE-2018-12420 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-12420

LTB (aka LDAP Tool Box) Self Service Password before 1.3 allows a change to a user password (without knowing the old password) via a crafted POST request, because the ldap_bind return value is mishandled and the PHP data type is not constrained to be a string.

CVE-2018-12421 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-12421

addressbook/backends/ldap/e-book-backend-ldap.c in Evolution-Data-Server in GNOME Evolution through 3.29.2 might allow attackers to trigger a Buffer Overflow via a long query that is processed by the strcat function.

CVE-2018-12422 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-12422

In Synapse before 0.31.2, unauthorised users can hijack rooms when there is no m.room.power_levels event in force.

CVE-2018-12423 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-12423

SeaCMS V6.61 has XSS via the site name parameter on an adm1n/admin_config.php page (aka a system management page).

CVE-2018-12431 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-12431

JavaMelody through 1.60.0 has XSS via the counter parameter in a clear_counter action to the /monitoring URI.

CVE-2018-12432 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-12432

** DISPUTED ** cryptlib through 3.4.4 allows a memory-cache side-channel attack on DSA and ECDSA signatures, aka the Return Of the Hidden Number Problem or ROHNP. To discover a key, the attacker needs access to either the local machine or a different virtual machine on the same physical host. NOTE: the vendor does not include side-channel attacks within its threat model.

CVE-2018-12433 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-12433

LibreSSL before 2.6.5 and 2.7.x before 2.7.4 allows a memory-cache side-channel attack on DSA and ECDSA signatures, aka the Return Of the Hidden Number Problem or ROHNP. To discover a key, the attacker needs access to either the local machine or a different virtual machine on the same physical host.

CVE-2018-12434 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-12434

Botan 2.5.0 through 2.6.0 allows a memory-cache side-channel attack on ECDSA signatures, aka the Return Of the Hidden Number Problem or ROHNP, related to dsa/dsa.cpp, ec_group/ec_group.cpp, and ecdsa/ecdsa.cpp. To discover an ECDSA key, the attacker needs access to either the local machine or a different virtual machine on the same physical host.

CVE-2018-12435 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-12435

wolfcrypt/src/ecc.c in wolfSSL before 3.15.1.patch allows a memory-cache side-channel attack on ECDSA signatures, aka the Return Of the Hidden Number Problem or ROHNP. To discover an ECDSA key, the attacker needs access to either the local machine or a different virtual machine on the same physical host.

CVE-2018-12436 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-12436

LibTomCrypt through 1.18.1 allows a memory-cache side-channel attack on ECDSA signatures, aka the Return Of the Hidden Number Problem or ROHNP. To discover an ECDSA key, the attacker needs access to either the local machine or a different virtual machine on the same physical host.

CVE-2018-12437 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-12437

The Elliptic Curve Cryptography library (aka sunec or libsunec) allows a memory-cache side-channel attack on ECDSA signatures, aka the Return Of the Hidden Number Problem or ROHNP. To discover an ECDSA key, the attacker needs access to either the local machine or a different virtual machine on the same physical host.

CVE-2018-12438 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-12438

MatrixSSL through 3.9.5 Open allows a memory-cache side-channel attack on ECDSA signatures, aka the Return Of the Hidden Number Problem or ROHNP. To discover an ECDSA key, the attacker needs access to either the local machine or a different virtual machine on the same physical host.

CVE-2018-12439 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-12439

BoringSSL through 2018-06-14 allows a memory-cache side-channel attack on DSA signatures, aka the Return Of the Hidden Number Problem or ROHNP. To discover a DSA key, the attacker needs access to either the local machine or a different virtual machine on the same physical host.

CVE-2018-12440 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-12440

The restore_tqb_pixels function in hevc_filter.c in libavcodec, as used in libbpg 0.9.8 and other products, has an integer overflow that leads to a heap-based buffer overflow and remote code execution.

CVE-2018-12447 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-12447

Type confusion in the xgroupCommand function in t_stream.c in redis-server in Redis before 5.0 allows remote attackers to cause denial-of-service via an XGROUP command in which the key is not a stream.

CVE-2018-12453 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-12453

The _addguess function of a simplelottery smart contract implementation for 1000 Guess, an Ethereum gambling game, generates a random value with publicly readable variables such as the current block information and a private variable (which can be read with a getStorageAt call). Therefore, it allows attackers to always win and get rewards.

CVE-2018-12454 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-12454

expressCart before 1.1.6 allows remote attackers to create an admin user via a /admin/setup Referer header.

CVE-2018-12457 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-12457

An improper integer type in the mpeg4_encode_gop_header function in libavcodec/mpeg4videoenc.c in FFmpeg 4.0 may trigger an assertion violation while converting a crafted AVI file to MPEG4, leading to a denial of service.

CVE-2018-12458 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-12458

An inconsistent bits-per-sample value in the ff_mpeg4_decode_picture_header function in libavcodec/mpeg4videodec.c in FFmpeg 4.0 may trigger an assertion violation while converting a crafted AVI file to MPEG4, leading to a denial of service.

CVE-2018-12459 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-12459

libavcodec in FFmpeg 4.0 may trigger a NULL pointer dereference if the studio profile is incorrectly detected while converting a crafted AVI file to MPEG4, leading to a denial of service, related to idctdsp.c and mpegvideo.c.

CVE-2018-12460 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-12460

The Olive Tree Ftp Server application 1.32 for Android has a "Sensitive Data on the Clipboard" vulnerability, as demonstrated by reading the "User password" field with the Drozer post.capture.clipboard module.

CVE-2018-12481 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-12481

PHPOK 4.9.032 has an arbitrary file upload vulnerability in the import_f function in framework/admin/modulec_control.php, as demonstrated by uploading a .php file within a .php.zip archive, a similar issue to CVE-2018-8944.

CVE-2018-12491 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-12491

PHPOK 4.9.032 has an arbitrary file deletion vulnerability in the delfile_f function in framework/admin/tpl_control.php.

CVE-2018-12492 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-12492

An issue discovered in PublicCMS V4.0.20180210. There is a "Directory Traversal" and "Arbitrary file read" vulnerability via an admin/cmsWebFile/list.html?path=../ URI.

CVE-2018-12493 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-12493

An issue discovered in PublicCMS V4.0.20180210. There is a "Directory Traversal" and "Arbitrary file read" vulnerability via an admin/cmsTemplate/content.html?path=../ URI.

CVE-2018-12494 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-12494

The quoteblock function in markdown.c in libmarkdown.a in DISCOUNT 2.2.3a allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted file.

CVE-2018-12495 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-12495

spider.admincp.php in iCMS v7.0.8 has SQL Injection via the id parameter in an app=spider&do=batch request to admincp.php.

CVE-2018-12498 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-12498

Nagios Fusion before 4.1.4 has XSS, aka TPS#13332-13335.

CVE-2018-12501 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-12501

tinyexr 0.9.5 has a heap-based buffer over-read in LoadEXRImageFromMemory in tinyexr.h.

CVE-2018-12503 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-12503

tinyexr 0.9.5 has an assertion failure in ComputeChannelLayout in tinyexr.h.

CVE-2018-12504 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-12504

An issue was discovered in perfSONAR Monitoring and Debugging Dashboard (MaDDash) 2.0.2. A direct request to /style/ provides a directory listing.

CVE-2018-12522 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-12522

An issue was discovered in perfSONAR Monitoring and Debugging Dashboard (MaDDash) 2.0.2. A direct request to /etc/ provides a directory listing.

CVE-2018-12523 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-12523

An issue was discovered in perfSONAR Monitoring and Debugging Dashboard (MaDDash) 2.0.2. A direct request to /lib/ provides a directory listing.

CVE-2018-12524 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-12524

An issue was discovered in perfSONAR Monitoring and Debugging Dashboard (MaDDash) 2.0.2. A direct request to /images/ provides a directory listing.

CVE-2018-12525 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-12525

An issue was discovered in MetInfo 6.0.0. admin/app/batch/csvup.php allows remote attackers to delete arbitrary files via a flienamecsv=../ directory traversal. This can be exploited via CSRF.

CVE-2018-12530 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-12530

An issue was discovered in MetInfo 6.0.0. install\index.php allows remote attackers to write arbitrary PHP code into config_db.php, a different vulnerability than CVE-2018-7271.

CVE-2018-12531 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-12531

JBoss RichFaces 4.5.3 through 4.5.17 allows unauthenticated remote attackers to inject an arbitrary expression language (EL) variable mapper and execute arbitrary Java code via a MediaOutputResource's resource request, aka RF-14309.

CVE-2018-12532 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-12532

JBoss RichFaces 3.1.0 through 3.3.4 allows unauthenticated remote attackers to inject expression language (EL) expressions and execute arbitrary Java code via a /DATA/ substring in a path with an org.richfaces.renderkit.html.Paint2DResource$ImageData object, aka RF-14310.

CVE-2018-12533 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-12533

A SQL injection issue was discovered in the Quick Chat plugin before 4.00 for WordPress.

CVE-2018-12534 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-12534

Spring Framework, versions 5.0.x prior to 5.0.6, versions 4.3.x prior to 4.3.17, and older unsupported versions allows applications to expose STOMP over WebSocket endpoints with a simple, in-memory STOMP broker through the spring-messaging module. A malicious user (or attacker) can craft a message to the broker that can lead to a regular expression, denial of service attack.

CVE-2018-1257 (openshift, spring_framework) https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-1257

Spring Security in combination with Spring Framework versions prior to 5.0.6 contains an authorization bypass when using method security. An unauthorized malicious user can gain unauthorized access to methods that should be restricted.

CVE-2018-1258 (spring_framework) https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-1258

Spring Data Commons, versions 1.13 prior to 1.13.12 and 2.0 prior to 2.0.7, used in combination with XMLBeam 1.4.14 or earlier versions, contains a property binder vulnerability caused by improper restriction of XML external entity references as underlying library XMLBeam does not restrict external reference expansion. An unauthenticated remote malicious user can supply specially crafted request parameters against Spring Data's projection-based request payload binding to access arbitrary files on the system.

CVE-2018-1259 (spring_data_commons, spring_data_rest, xmlbeam) https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-1259

Spring Security OAuth, versions 2.3 prior to 2.3.3, 2.2 prior to 2.2.2, 2.1 prior to 2.1.2, 2.0 prior to 2.0.15 and older unsupported versions contains a remote code execution vulnerability. A malicious user or attacker can craft an authorization request to the authorization endpoint that can lead to remote code execution when the resource owner is forwarded to the approval endpoint.

CVE-2018-1260 (spring_security_oauth) https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-1260

Spring-integration-zip versions prior to 1.0.1 exposes an arbitrary file write vulnerability, which can be achieved using a specially crafted zip archive (affects other archives as well, bzip2, tar, xz, war, cpio, 7z) that holds path traversal filenames. So when the filename gets concatenated to the target extraction directory, the final path ends up outside of the target folder.

CVE-2018-1261 (spring_integration_zip) https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-1261

Apps Manager included in Pivotal Application Service, versions 1.12.x prior to 1.12.22, 2.0.x prior to 2.0.13, and 2.1.x prior to 2.1.4 contains an authorization enforcement vulnerability. A member of any org is able to create invitations to any org for which the org GUID can be discovered. Accepting this invitation gives unauthorized access to view the member list, domains, quotas and other information about the org.

CVE-2018-1278 (pivotal_application_service) https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-1278

Pivotal Greenplum Command Center versions 2.x prior to 2.5.1 contains a blind SQL injection vulnerability. An unauthenticated user can perform a SQL injection in the command center which results in disclosure of database contents.

CVE-2018-1280 (greenplum_command_center) https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-1280

IBM WebSphere MQ 8.0 and 9.0, when configured to use a PAM module for authentication, could allow a user to cause a deadlock in the IBM MQ PAM code which could result in a denial of service. IBM X-Force ID: 138949.

CVE-2018-1419 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-1419

IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize and IBM FlashSystem products ( 6.1, 6.2, 6.3, 6.4, 7.1, 7.2, 7.3, 7.4, 7.5, 7.6, 7.6.1, 7.7, 7.7.1, 7.8, 7.8.1, 8.1, and 8.1.1) web handler /DownloadFile does not require authentication to read arbitrary files from the system. IBM X-Force ID: 139473.

CVE-2018-1433 (spectrum_virtualize_for_public_cloud_software, spectrum_virtualize_software, storwize_v3500_software, storwize_v3700_software, storwize_v5000_software, storwize_v7000_software, storwize_v9000_software) https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-1433

IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize and IBM FlashSystem products ( 6.1, 6.2, 6.3, 6.4, 7.1, 7.2, 7.3, 7.4, 7.5, 7.6, 7.6.1, 7.7, 7.7.1, 7.8, 7.8.1, 8.1, and 8.1.1) are vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 139474.

CVE-2018-1434 (spectrum_virtualize_for_public_cloud_software, spectrum_virtualize_software, storwize_v3500_software, storwize_v3700_software, storwize_v5000_software, storwize_v7000_software, storwize_v9000_software) https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-1434

IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize and IBM FlashSystem products ( 6.1, 6.2, 6.3, 6.4, 7.1, 7.2, 7.3, 7.4, 7.5, 7.6, 7.6.1, 7.7, 7.7.1, 7.8, 7.8.1, 8.1, and 8.1.1) web handler /DLSnap could allow an unauthenticated attacker to read arbitrary files on the system. IBM X-Force ID: 139566.

CVE-2018-1438 (spectrum_virtualize_for_public_cloud_software, spectrum_virtualize_software, storwize_v3500_software, storwize_v3700_software, storwize_v5000_software, storwize_v7000_software, storwize_v9000_software) https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-1438

IBM Netezza Platform Software (IBM PureData System for Analytics 1.0.0) could allow a local user to modify a world writable file, which could be used to execute commands as root. IBM X-Force ID: 140211.

CVE-2018-1460 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-1460

IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize and IBM FlashSystem products ( 6.1, 6.2, 6.3, 6.4, 7.1, 7.2, 7.3, 7.4, 7.5, 7.6, 7.6.1, 7.7, 7.7.1, 7.8, 7.8.1, 8.1, and 8.1.1) are vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 140362.

CVE-2018-1461 (spectrum_virtualize_for_public_cloud_software, spectrum_virtualize_software, storwize_v3500_software, storwize_v3700_software, storwize_v5000_software, storwize_v7000_software, storwize_v9000_software) https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-1461

IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize and IBM FlashSystem products ( 6.1, 6.2, 6.3, 6.4, 7.1, 7.2, 7.3, 7.4, 7.5, 7.6, 7.6.1, 7.7, 7.7.1, 7.8, 7.8.1, 8.1, and 8.1.1) could allow an authenticated user to access system files they should not have access to including deleting files or causing a denial of service. IBM X-Force ID: 140363.

CVE-2018-1462 (spectrum_virtualize_for_public_cloud_software, spectrum_virtualize_software, storwize_v3500_software, storwize_v3700_software, storwize_v5000_software, storwize_v7000_software, storwize_v9000_software) https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-1462

IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize and IBM FlashSystem products ( 6.1, 6.2, 6.3, 6.4, 7.1, 7.2, 7.3, 7.4, 7.5, 7.6, 7.6.1, 7.7, 7.7.1, 7.8, 7.8.1, 8.1, and 8.1.1) could allow an authenticated user to access system files they should not have access to some of which could contain account credentials. IBM X-Force ID: 140368.

CVE-2018-1463 (spectrum_virtualize_for_public_cloud_software, spectrum_virtualize_software, storwize_v3500_software, storwize_v3700_software, storwize_v5000_software, storwize_v7000_software, storwize_v9000_software) https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-1463

IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize and IBM FlashSystem products ( 6.1, 6.2, 6.3, 6.4, 7.1, 7.2, 7.3, 7.4, 7.5, 7.6, 7.6.1, 7.7, 7.7.1, 7.8, 7.8.1, 8.1, and 8.1.1) could allow an authenticated user to obtain sensitive information that they should not have authorization to read. IBM X-Force ID: 140395.

CVE-2018-1464 (spectrum_virtualize_for_public_cloud_software, spectrum_virtualize_software, storwize_v3500_software, storwize_v3700_software, storwize_v5000_software, storwize_v7000_software, storwize_v9000_software) https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-1464

IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize and IBM FlashSystem products ( 6.1, 6.2, 6.3, 6.4, 7.1, 7.2, 7.3, 7.4, 7.5, 7.6, 7.6.1, 7.7, 7.7.1, 7.8, 7.8.1, 8.1, and 8.1.1) could allow an authenticated user to obtain the private key which could make intercepting GUI communications possible. IBM X-Force ID: 140396.

CVE-2018-1465 (spectrum_virtualize_for_public_cloud_software, spectrum_virtualize_software, storwize_v3500_software, storwize_v3700_software, storwize_v5000_software, storwize_v7000_software, storwize_v9000_software) https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-1465

IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize and IBM FlashSystem products (6.1, 6.2, 6.3, 6.4, 7.1, 7.2, 7.3, 7.4, 7.5, 7.6, 7.6.1, 7.7, 7.7.1, 7.8, 7.8.1, 8.1, and 8.1.1) use weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 140397.

CVE-2018-1466 (spectrum_virtualize_for_public_cloud_software, spectrum_virtualize_software, storwize_v3500_software, storwize_v3700_software, storwize_v5000_software, storwize_v7000_software, storwize_v9000_software) https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-1466

SAP NetWeaver Application Server Java Web Container and HTTP Service (Engine API, from 7.10 to 7.11, 7.30, 7.31, 7.40, 7.50; J2EE Engine Server Core 7.11, 7.30, 7.31, 7.40, 7.50) do not sufficiently encode user controlled inputs, resulting in a content spoofing vulnerability when error pages are displayed.

CVE-2018-2415 (j2ee_engine_server_core, netweaver_java_web_container_and_http_service_engine) https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-2415

SAP Enterprise Financial Services (SAPSCORE 1.11, 1.12; S4CORE 1.01, 1.02; EA-FINSERV 6.04, 6.05, 6.06, 6.16, 6.17, 6.18, 8.0) does not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges.

CVE-2018-2419 (ea-finserv, s4core, sapscore) https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-2419

Intel NUC kits with insufficient input validation in system firmware, potentially allows a local attacker to elevate privileges to System Management Mode (SMM).

CVE-2018-3612 (ayaplcel.86a, bios, bnkbl357.86a, ccsklm30.86a, ccsklm5v.86a, dnkbli30.86a, dnkbli5v.86a, dnkbli7v.86a, fybyt10h.86a, gkaplcpx.86a, kyskli70.86a, mkkbli5v.86a, mkkbly35.86a, mybdwi30.86a, mybdwi5v.86a, rybdwi35.86a, syskli35.86a, tybyt10h.86a) https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-3612

DLL injection vulnerability in the installation executables (Autorun.exe and Setup.exe) for Intel's wireless drivers and related software in Intel Dual Band Wireless-AC, Tri-Band Wireless-AC and Wireless-AC family of products allows a local attacker to cause escalation of privilege via remote code execution.

CVE-2018-3649 (dual_band_wireless-ac_3160, dual_band_wireless-ac_3165, dual_band_wireless-ac_3168, dual_band_wireless-ac_7260, dual_band_wireless-ac_7265, dual_band_wireless-ac_8260, dual_band_wireless-ac_8265, dual_band_wireless-n_7260, dual_band_wireless-n_7265, tri-band_wireless-ac_17265, tri-band_wireless-ac_18260, tri-band_wireless-ac_18265, wireless-ac_9260, wireless-ac_9461, wireless-ac_9462, wireless-ac_9560, wireless-n_7260, wireless-n_7265) https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-3649

A vulnerability has been identified in RFID 181-EIP (All versions), RUGGEDCOM WiMAX (V4.4 and V4.5), SCALANCE X-200 (All versions < V5.2.3), SCALANCE X-200 IRT (All versions < V5.4.1), SCALANCE X-204RNA (All versions), SCALANCE X-300 (All versions), SCALANCE X408 (All versions), SCALANCE X414 (All versions), SIMATIC RF182C (All versions). Unprivileged remote attackers located in the same local network segment (OSI Layer 2) could gain remote code execution on the affected products by sending a specially crafted DHCP response to a client's DHCP request.

CVE-2018-4833 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-4833

A vulnerability has been identified in SCALANCE X-200 IRT (All versions < V5.4.1), SCALANCE X300 (All versions). A remote, authenticated attacker with access to the configuration web server could be able to store script code on the web site, if the HRP redundancy option is set. This code could be executed in the web browser of victims visiting this web site (XSS), affecting its confidentiality, integrity and availability. User interaction is required for successful exploitation, as the user needs to visit the manipulated web site.

CVE-2018-4842 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-4842

A vulnerability has been identified in SCALANCE X-200 IRT (All versions < V5.4.1), SCALANCE X300 (All versions). The integrated configuration web server of the affected Scalance X Switches could allow Cross-Site Scripting (XSS) attacks if unsuspecting users are tricked into accessing a malicious link. User interaction is required for a successful exploitation. The user must be logged into the web interface in order for the exploitation to succeed.

CVE-2018-4848 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-4848

The backend component in Open-Xchange OX App Suite before 7.6.3-rev36, 7.8.x before 7.8.2-rev39, 7.8.3 before 7.8.3-rev44, and 7.8.4 before 7.8.4-rev22 allows remote authenticated users to obtain sensitive information about external guest users via vectors related to the "groups" and "users" APIs.

CVE-2018-5751 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-5751

The backend component in Open-Xchange OX App Suite before 7.6.3-rev36, 7.8.x before 7.8.2-rev39, 7.8.3 before 7.8.3-rev44, and 7.8.4 before 7.8.4-rev22 allows remote attackers to conduct server-side request forgery (SSRF) attacks via vectors involving non-decimal representations of IP addresses and special IPv6 related addresses.

CVE-2018-5752 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-5752

The frontend component in Open-Xchange OX App Suite before 7.6.3-rev31, 7.8.x before 7.8.2-rev31, 7.8.3 before 7.8.3-rev41, and 7.8.4 before 7.8.4-rev20 allows remote attackers to spoof the origin of e-mails via unicode characters in the "personal part" of a (1) From or (2) Sender address.

CVE-2018-5753 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-5753

Cross-site scripting (XSS) vulnerability in the office-web component in Open-Xchange OX App Suite before 7.8.3-rev12 and 7.8.4 before 7.8.4-rev9 allows remote attackers to inject arbitrary web script or HTML via a crafted presentation file, related to copying content to the clipboard.

CVE-2018-5754 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-5754

Absolute path traversal vulnerability in the readerengine component in Open-Xchange OX App Suite before 7.6.3-rev3, 7.8.x before 7.8.2-rev4, 7.8.3 before 7.8.3-rev5, and 7.8.4 before 7.8.4-rev4 allows remote attackers to read arbitrary files via a full pathname in a formula in a spreadsheet.

CVE-2018-5755 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-5755

The backend component in Open-Xchange OX App Suite before 7.6.3-rev36, 7.8.x before 7.8.2-rev39, 7.8.3 before 7.8.3-rev44, and 7.8.4 before 7.8.4-rev22 does not properly check for folder-to-object association, which allows remote authenticated users to delete arbitrary tasks via the task id in a delete action to api/tasks.

CVE-2018-5756 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-5756

A stack-based buffer overflow can occur in fastboot from all Android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the Linux kernel.

CVE-2018-5854 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-5854

In the WCD CPE codec, a Use After Free condition can occur in all Android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the Linux kernel.

CVE-2018-5857 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-5857

In the MDSS driver in all Android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the Linux kernel, a data structure may be used without being initialized correctly.

CVE-2018-5860 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-5860

If userspace provides a too-large WPA RSN IE length in wlan_hdd_cfg80211_set_ie(), a buffer overflow occurs in all Android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the Linux kernel.

CVE-2018-5863 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-5863

Fastweb FASTgate 0.00.47 devices are vulnerable to CSRF, with impacts including Wi-Fi password changing, Guest Wi-Fi activating, etc.

CVE-2018-6023 (fastgate_firmware) https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-6023

In Android before the 2018-05-05 security patch level, NVIDIA Widevine Trustlet contains a vulnerability in Widevine TA where the software reads data past the end, or before the beginning, of the intended buffer, which may lead to Information Disclosure. This issue is rated as moderate. Android: A-69383916. Reference: N-CVE-2018-6246.

CVE-2018-6246 (android) https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-6246

In Android before the 2018-05-05 security patch level, NVIDIA Media Server contains an out-of-bounds read (due to improper input validation) vulnerability which could lead to local information disclosure. This issue is rated as moderate. Android: A-64340684. Reference: N-CVE-2018-6254.

CVE-2018-6254 (android) https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-6254

Remote Cross-site Request forgery (CSRF) potential has been identified in UCMBD Browser version 4.10, 4.11, 4.12, 4.13, 4.14, 4.15, 4.15.1 which could allow for remote unsafe deserialization and cross-site request forgery (CSRF).

CVE-2018-6496 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-6496

Remote Cross-site Request forgery (CSRF) potential has been identified in UCMBD Server version DDM Content Pack V 10.20, 10.21, 10.22, 10.22 CUP7, 10.30, 10.31, 10.32, 10.33, 10.33 CUP2, 11.0 and CMS Server version 2018.05 BACKGROUND which could allow for remote unsafe deserialization and cross-site request forgery (CSRF).

CVE-2018-6497 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-6497

On Windows only, with a specifically crafted configuration file an attacker could get Puppet PE client tools (aka pe-client-tools) 16.4.x prior to 16.4.6, 17.3.x prior to 17.3.6, and 18.1.x prior to 18.1.2 to load arbitrary code with privilege escalation.

CVE-2018-6516 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-6516

Application Protection Bypass vulnerability in McAfee ePolicy Orchestrator (ePO) 5.3.0 through 5.3.3 and 5.9.0 through 5.9.1 allows remote authenticated users to bypass localhost only access security protection for some ePO features via a specially crafted HTTP request.

CVE-2018-6671 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-6671

Information disclosure vulnerability in McAfee ePolicy Orchestrator (ePO) 5.3.0 through 5.3.3 and 5.9.0 through 5.9.1 allows authenticated users to view sensitive information in plain text format via unspecified vectors.

CVE-2018-6672 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-6672

An issue was discovered in Zoho ManageEngine ServiceDesk Plus 9.3 Build 9317. Unauthenticated users are able to validate domain user accounts by sending a request containing the username to an API endpoint. The endpoint will return the user's logon domain if the accounts exists, or 'null' if it does not.

CVE-2018-7248 (manageengine_servicedesk_plus) https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-7248

In Advantech WebAccess versions V8.2_20170817 and prior, WebAccess versions V8.3.0 and prior, WebAccess Dashboard versions V.2.0.15 and prior, WebAccess Scada Node versions prior to 8.3.1, and WebAccess/NMS 2.0.3 and prior, an external control of file name or path vulnerability has been identified, which may allow an attacker to delete files.

CVE-2018-7495 (webaccess, webaccess/nms, webaccess_dashboard, webaccess_scada) https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-7495

In Advantech WebAccess versions V8.2_20170817 and prior, WebAccess versions V8.3.0 and prior, WebAccess Dashboard versions V.2.0.15 and prior, WebAccess Scada Node versions prior to 8.3.1, and WebAccess/NMS 2.0.3 and prior, several untrusted pointer dereference vulnerabilities have been identified, which may allow an attacker to execute arbitrary code.

CVE-2018-7497 (webaccess, webaccess/nms, webaccess_dashboard, webaccess_scada) https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-7497

In Advantech WebAccess versions V8.2_20170817 and prior, WebAccess versions V8.3.0 and prior, WebAccess Dashboard versions V.2.0.15 and prior, WebAccess Scada Node versions prior to 8.3.1, and WebAccess/NMS 2.0.3 and prior, several stack-based buffer overflow vulnerabilities have been identified, which may allow an attacker to execute arbitrary code.

CVE-2018-7499 (webaccess, webaccess/nms, webaccess_dashboard, webaccess_scada) https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-7499

In Advantech WebAccess versions V8.2_20170817 and prior, WebAccess versions V8.3.0 and prior, WebAccess Dashboard versions V.2.0.15 and prior, WebAccess Scada Node versions prior to 8.3.1, and WebAccess/NMS 2.0.3 and prior, several SQL injection vulnerabilities have been identified, which may allow an attacker to disclose sensitive information from the host.

CVE-2018-7501 (webaccess, webaccess/nms, webaccess_dashboard, webaccess_scada) https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-7501

In Advantech WebAccess versions V8.2_20170817 and prior, WebAccess versions V8.3.0 and prior, WebAccess Dashboard versions V.2.0.15 and prior, WebAccess Scada Node versions prior to 8.3.1, and WebAccess/NMS 2.0.3 and prior, a path transversal vulnerability has been identified, which may allow an attacker to disclose sensitive information on the target.

CVE-2018-7503 (webaccess, webaccess/nms, webaccess_dashboard, webaccess_scada) https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-7503

In Advantech WebAccess versions V8.2_20170817 and prior, WebAccess versions V8.3.0 and prior, WebAccess Dashboard versions V.2.0.15 and prior, WebAccess Scada Node versions prior to 8.3.1, and WebAccess/NMS 2.0.3 and prior, a TFTP application has unrestricted file uploads to the web application without authorization, which may allow an attacker to execute arbitrary code.

CVE-2018-7505 (webaccess, webaccess/nms, webaccess_dashboard, webaccess_scada) https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-7505

Huawei iBMC V200R002C60 have an authentication bypass vulnerability. A remote attacker with low privilege may craft specific messages to upload authentication certificate to the affected products. Due to improper validation of the upload authority, successful exploit may cause privilege elevation.

CVE-2018-7941 (1288h_v5_firmware, 2288h_v5_firmware, 2488_v5_firmware, ch121_v3_firmware, ch121_v5_firmware, ch121l_v3_firmware, ch121l_v5_firmware, ch140_v3_firmware, ch140l_v3_firmware, ch220_v3_firmware, ch222_v3_firmware, ch242_v3_firmware, ch242_v5_firmware, rh1288_v3_firmware, rh2288_v3_firmware, rh2288h_v3_firmware, xh310_v3_firmware, xh321_v3_firmware, xh321_v5_firmware, xh620_v3_firmware) https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-7941

A remote code execution vulnerability exists when Microsoft Edge improperly accesses objects in memory, aka "Microsoft Edge Memory Corruption Vulnerability." This affects Microsoft Edge. This CVE ID is unique from CVE-2018-8111, CVE-2018-8236.

CVE-2018-8110 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-8110

A remote code execution vulnerability exists when Microsoft Edge improperly accesses objects in memory, aka "Microsoft Edge Memory Corruption Vulnerability." This affects Microsoft Edge. This CVE ID is unique from CVE-2018-8110, CVE-2018-8236.

CVE-2018-8111 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-8111

A security feature bypass vulnerability exists in Internet Explorer that allows for bypassing Mark of the Web Tagging (MOTW), aka "Internet Explorer Security Feature Bypass Vulnerability." This affects Internet Explorer 11.

CVE-2018-8113 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-8113

A spoofing vulnerability exists when the Azure IoT Device Provisioning AMQP Transport library improperly validates certificates over the AMQP protocol, aka "Azure IoT SDK Spoofing Vulnerability." This affects C# SDK, C SDK, Java SDK.

CVE-2018-8119 (c_software_development_kit, csharp_software_development_kit, java_software_development_kit) https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-8119

An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka "Win32k Elevation of Privilege Vulnerability." This affects Windows Server 2008, Windows 7, Windows Server 2008 R2. This CVE ID is unique from CVE-2018-8124, CVE-2018-8164, CVE-2018-8166.

CVE-2018-8120 (windows_7, windows_server_2008) https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-8120

An information disclosure vulnerability exists when the Windows kernel improperly initializes objects in memory, aka "Windows Kernel Information Disclosure Vulnerability." This affects Windows 10 Servers, Windows 10. This CVE ID is unique from CVE-2018-8207.

CVE-2018-8121 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-8121

An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka "Win32k Elevation of Privilege Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers. This CVE ID is unique from CVE-2018-8120, CVE-2018-8164, CVE-2018-8166.

CVE-2018-8124 (windows_10, windows_7, windows_8.1, windows_server_2008, windows_server_2012, windows_server_2016) https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-8124

An Elevation of Privilege vulnerability exists when Cortana retrieves data from user input services without consideration for status, aka "Cortana Elevation of Privilege Vulnerability." This affects Windows 10 Servers, Windows 10.

CVE-2018-8140 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-8140

An elevation of privilege vulnerability exists when the (Human Interface Device) HID Parser Library driver improperly handles objects in memory, aka "HIDParser Elevation of Privilege Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers.

CVE-2018-8169 (windows_10, windows_7, windows_8.1, windows_rt_8.1, windows_server_2008, windows_server_2012, windows_server_2016) https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-8169

An denial of service vulnerability exists when Windows NT WEBDAV Minirdr attempts to query a WEBDAV directory, aka "WEBDAV Denial of Service Vulnerability." This affects Windows 10 Servers, Windows 10.

CVE-2018-8175 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-8175

A security feature bypass vulnerability exists in Device Guard that could allow an attacker to inject malicious code into a Windows PowerShell session, aka "Device Guard Code Integrity Policy Security Feature Bypass Vulnerability." This affects Windows Server 2016, Windows 10, Windows 10 Servers. This CVE ID is unique from CVE-2018-8211, CVE-2018-8212, CVE-2018-8215, CVE-2018-8216, CVE-2018-8217, CVE-2018-8221.

CVE-2018-8201 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-8201

A denial of service vulnerability exists when Windows improperly handles objects in memory, aka "Windows Denial of Service Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers.

CVE-2018-8205 (windows_10, windows_7, windows_8.1, windows_rt_8.1, windows_server_2008, windows_server_2012, windows_server_2016) https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-8205

An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory, aka "Windows Kernel Information Disclosure Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers. This CVE ID is unique from CVE-2018-8121.

CVE-2018-8207 (windows_10, windows_7, windows_8.1, windows_rt_8.1, windows_server_2008, windows_server_2012, windows_server_2016) https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-8207

An elevation of privilege vulnerability exists in Windows when Desktop Bridge does not properly manage the virtual registry, aka "Windows Desktop Bridge Elevation of Privilege Vulnerability." This affects Windows Server 2016, Windows 10, Windows 10 Servers. This CVE ID is unique from CVE-2018-8214.

CVE-2018-8208 (windows_10, windows_server_2016) https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-8208

An information disclosure vulnerability exists when Windows allows a normal user to access the Wireless LAN profile of an administrative user, aka "Windows Wireless Network Profile Information Disclosure Vulnerability." This affects Windows Server 2016, Windows 10, Windows 10 Servers.

CVE-2018-8209 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-8209

A remote code execution vulnerability exists when Windows improperly handles objects in memory, aka "Windows Remote Code Execution Vulnerability." This affects Windows Server 2012 R2, Windows RT 8.1, Windows Server 2012, Windows Server 2016, Windows 8.1, Windows 10, Windows 10 Servers. This CVE ID is unique from CVE-2018-8213.

CVE-2018-8210 (windows_10, windows_8.1, windows_rt_8.1, windows_server_2012, windows_server_2016) https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-8210

A security feature bypass vulnerability exists in Device Guard that could allow an attacker to inject malicious code into a Windows PowerShell session, aka "Device Guard Code Integrity Policy Security Feature Bypass Vulnerability." This affects Windows 10 Servers, Windows 10. This CVE ID is unique from CVE-2018-8201, CVE-2018-8212, CVE-2018-8215, CVE-2018-8216, CVE-2018-8217, CVE-2018-8221.

CVE-2018-8211 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-8211

A security feature bypass vulnerability exists in Device Guard that could allow an attacker to inject malicious code into a Windows PowerShell session, aka "Device Guard Code Integrity Policy Security Feature Bypass Vulnerability." This affects Windows Server 2016, Windows 10, Windows 10 Servers. This CVE ID is unique from CVE-2018-8201, CVE-2018-8211, CVE-2018-8215, CVE-2018-8216, CVE-2018-8217, CVE-2018-8221.

CVE-2018-8212 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-8212

A remote code execution vulnerability exists when Windows improperly handles objects in memory, aka "Windows Remote Code Execution Vulnerability." This affects Windows Server 2016, Windows 10, Windows 10 Servers. This CVE ID is unique from CVE-2018-8210.

CVE-2018-8213 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-8213

An elevation of privilege vulnerability exists in Windows when Desktop Bridge does not properly manage the virtual registry, aka "Windows Desktop Bridge Elevation of Privilege Vulnerability." This affects Windows Server 2016, Windows 10, Windows 10 Servers. This CVE ID is unique from CVE-2018-8208.

CVE-2018-8214 (windows_10, windows_server_2016) https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-8214

A security feature bypass vulnerability exists in Device Guard that could allow an attacker to inject malicious code into a Windows PowerShell session, aka "Device Guard Code Integrity Policy Security Feature Bypass Vulnerability." This affects Windows Server 2016, Windows 10, Windows 10 Servers. This CVE ID is unique from CVE-2018-8201, CVE-2018-8211, CVE-2018-8212, CVE-2018-8216, CVE-2018-8217, CVE-2018-8221.

CVE-2018-8215 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-8215

A security feature bypass vulnerability exists in Device Guard that could allow an attacker to inject malicious code into a Windows PowerShell session, aka "Device Guard Code Integrity Policy Security Feature Bypass Vulnerability." This affects Windows Server 2016, Windows 10. This CVE ID is unique from CVE-2018-8201, CVE-2018-8211, CVE-2018-8212, CVE-2018-8215, CVE-2018-8217, CVE-2018-8221.

CVE-2018-8216 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-8216

A security feature bypass vulnerability exists in Device Guard that could allow an attacker to inject malicious code into a Windows PowerShell session, aka "Device Guard Code Integrity Policy Security Feature Bypass Vulnerability." This affects Windows Server 2016, Windows 10. This CVE ID is unique from CVE-2018-8201, CVE-2018-8211, CVE-2018-8212, CVE-2018-8215, CVE-2018-8216, CVE-2018-8221.

CVE-2018-8217 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-8217

A denial of service vulnerability exists when Microsoft Hyper-V Network Switch on a host server fails to properly validate input from a privileged user on a guest operating system, aka "Windows Hyper-V Denial of Service Vulnerability." This affects Windows 10, Windows 10 Servers.

CVE-2018-8218 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-8218

An elevation of privilege vulnerability exists when Windows Hyper-V instruction emulation fails to properly enforce privilege levels, aka "Hypervisor Code Integrity Elevation of Privilege Vulnerability." This affects Windows Server 2016, Windows 10, Windows 10 Servers.

CVE-2018-8219 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-8219

A security feature bypass vulnerability exists in Device Guard that could allow an attacker to inject malicious code into a Windows PowerShell session, aka "Device Guard Code Integrity Policy Security Feature Bypass Vulnerability." This affects Windows Server 2016, Windows 10, Windows 10 Servers. This CVE ID is unique from CVE-2018-8201, CVE-2018-8211, CVE-2018-8212, CVE-2018-8215, CVE-2018-8216, CVE-2018-8217.

CVE-2018-8221 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-8221

An elevation of privilege vulnerability exists when the Windows kernel fails to properly handle objects in memory, aka "Windows Kernel Elevation of Privilege Vulnerability." This affects Windows Server 2008, Windows 7, Windows Server 2008 R2.

CVE-2018-8224 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-8224

A remote code execution vulnerability exists in Windows Domain Name System (DNS) DNSAPI.dll when it fails to properly handle DNS responses, aka "Windows DNSAPI Remote Code Execution Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers.

CVE-2018-8225 (windows_10, windows_7, windows_8.1, windows_server_2008, windows_server_2012, windows_server_2016) https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-8225

A denial of service vulnerability exists in the HTTP 2.0 protocol stack (HTTP.sys) when HTTP.sys improperly parses specially crafted HTTP 2.0 requests, aka "HTTP.sys Denial of Service Vulnerability." This affects Windows Server 2016, Windows 10, Windows 10 Servers.

CVE-2018-8226 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-8226

A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-8229.

CVE-2018-8227 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-8227

A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-8227.

CVE-2018-8229 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-8229

A remote code execution vulnerability exists when HTTP Protocol Stack (Http.sys) improperly handles objects in memory, aka "HTTP Protocol Stack Remote Code Execution Vulnerability." This affects Windows Server 2016, Windows 10, Windows 10 Servers.

CVE-2018-8231 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-8231

An elevation of privilege vulnerability exists in Windows when the Win32k component fails to properly handle objects in memory, aka "Win32k Elevation of Privilege Vulnerability." This affects Windows 10, Windows 10 Servers.

CVE-2018-8233 (windows_10, windows_server_2016) https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-8233

An information disclosure vulnerability exists when Microsoft Edge improperly handles objects in memory, aka "Microsoft Edge Information Disclosure Vulnerability." This affects Microsoft Edge. This CVE ID is unique from CVE-2018-0871.

CVE-2018-8234 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-8234

A security feature bypass vulnerability exists when Microsoft Edge improperly handles requests of different origins, aka "Microsoft Edge Security Feature Bypass Vulnerability." This affects Microsoft Edge.

CVE-2018-8235 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-8235

A remote code execution vulnerability exists when Microsoft Edge improperly accesses objects in memory, aka "Microsoft Edge Memory Corruption Vulnerability." This affects Microsoft Edge. This CVE ID is unique from CVE-2018-8110, CVE-2018-8111.

CVE-2018-8236 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-8236

An information disclosure vulnerability exists when the Windows GDI component improperly discloses the contents of its memory, aka "Windows GDI Information Disclosure Vulnerability." This affects Windows Server 2016, Windows 10, Windows 10 Servers.

CVE-2018-8239 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-8239

A remote code execution vulnerability exists in the way that the ChakraCore scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability." This affects ChakraCore. This CVE ID is unique from CVE-2018-8267.

CVE-2018-8243 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-8243

An elevation of privilege vulnerability exists when Microsoft Outlook does not validate attachment headers properly, aka "Microsoft Outlook Elevation of Privilege Vulnerability." This affects Microsoft Office, Microsoft Outlook.

CVE-2018-8244 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-8244

An elevation of privilege vulnerability exists when Microsoft Publisher fails to utilize features that lock down the Local Machine zone when instantiating OLE objects, aka "Microsoft Office Elevation of Privilege Vulnerability." This affects Microsoft Publisher. This CVE ID is unique from CVE-2018-8247.

CVE-2018-8245 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-8245

An information disclosure vulnerability exists when Microsoft Excel improperly discloses the contents of its memory, aka "Microsoft Excel Information Disclosure Vulnerability." This affects Microsoft Excel Viewer, Microsoft Office, Microsoft Excel.

CVE-2018-8246 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-8246

An elevation of privilege vulnerability exists when Office Web Apps Server 2013 and Office Online Server fail to properly handle web requests, aka "Microsoft Office Elevation of Privilege Vulnerability." This affects Microsoft Office, Microsoft Office Online Server. This CVE ID is unique from CVE-2018-8245.

CVE-2018-8247 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-8247

A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory, aka "Microsoft Excel Remote Code Execution Vulnerability." This affects Microsoft Office.

CVE-2018-8248 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-8248

A remote code execution vulnerability exists when Internet Explorer improperly accesses objects in memory, aka "Internet Explorer Memory Corruption Vulnerability." This affects Internet Explorer 11. This CVE ID is unique from CVE-2018-0978.

CVE-2018-8249 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-8249

A memory corruption vulnerability exists when Windows Media Foundation improperly handles objects in memory, aka "Media Foundation Memory Corruption Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers.

CVE-2018-8251 (windows_10, windows_7, windows_8.1, windows_rt_8.1, windows_server_2008, windows_server_2012, windows_server_2016) https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-8251

An elevation of privilege vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka "Microsoft SharePoint Elevation of Privilege Vulnerability." This affects Microsoft SharePoint. This CVE ID is unique from CVE-2018-8254.

CVE-2018-8252 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-8252

An elevation of privilege vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka "Microsoft SharePoint Elevation of Privilege Vulnerability." This affects Microsoft Project Server, Microsoft SharePoint. This CVE ID is unique from CVE-2018-8252.

CVE-2018-8254 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-8254

A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer, aka "Scripting Engine Memory Corruption Vulnerability." This affects Internet Explorer 9, Internet Explorer 11, Internet Explorer 10. This CVE ID is unique from CVE-2018-8243.

CVE-2018-8267 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-8267

An XXE issue was discovered in Automated Logic Corporation (ALC) WebCTRL Versions 6.0, 6.1 and 6.5. An unauthenticated attacker could enter malicious input to WebCTRL and a weakly configured XML parser will allow the application to disclose full file contents from the underlying web server OS via the "X-Wap-Profile" HTTP header.

CVE-2018-8819 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-8819

In Advantech WebAccess versions V8.2_20170817 and prior, WebAccess versions V8.3.0 and prior, WebAccess Dashboard versions V.2.0.15 and prior, WebAccess Scada Node versions prior to 8.3.1, and WebAccess/NMS 2.0.3 and prior, an improper privilege management vulnerability may allow an authenticated user to modify files when read access should only be given to the user.

CVE-2018-8841 (webaccess, webaccess/nms, webaccess_dashboard, webaccess_scada) https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-8841

In Advantech WebAccess versions V8.2_20170817 and prior, WebAccess versions V8.3.0 and prior, WebAccess Dashboard versions V.2.0.15 and prior, WebAccess Scada Node versions prior to 8.3.1, and WebAccess/NMS 2.0.3 and prior, a heap-based buffer overflow vulnerability has been identified, which may allow an attacker to execute arbitrary code.

CVE-2018-8845 (webaccess, webaccess/nms, webaccess_dashboard, webaccess_scada) https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-8845

Improper authorization vulnerability in SYNO.Cal.Event in Calendar before 2.1.2-0511 allows remote authenticated users to create arbitrary events via the (1) cal_id or (2) original_cal_id parameter.

CVE-2018-8927 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-8927

An authentication bypass vulnerability in CA Privileged Access Manager 2.8.2 and earlier allows remote attackers to execute arbitrary commands with specially crafted requests.

CVE-2018-9021 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-9021

An authentication bypass vulnerability in CA Privileged Access Manager 2.8.2 and earlier allows remote attackers to execute arbitrary code or commands by poisoning a configuration file.

CVE-2018-9022 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-9022

An input validation vulnerability in CA Privileged Access Manager 2.x allows unprivileged users to execute arbitrary commands by passing specially crafted arguments to the update_crld script.

CVE-2018-9023 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-9023

An improper authentication vulnerability in CA Privileged Access Manager 2.x allows attackers to spoof IP addresses in a log file.

CVE-2018-9024 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-9024

An input validation vulnerability in CA Privileged Access Manager 2.x allows remote attackers to poison log files with specially crafted input.

CVE-2018-9025 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-9025

A session fixation vulnerability in CA Privileged Access Manager 2.x allows remote attackers to hijack user sessions with a specially crafted request.

CVE-2018-9026 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-9026

A reflected cross-site scripting vulnerability in CA Privileged Access Manager 2.x allows remote attackers to execute malicious script with a specially crafted link.

CVE-2018-9027 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-9027

Weak cryptography used for passwords in CA Privileged Access Manager 2.x reduces the complexity for password cracking.

CVE-2018-9028 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-9028

An improper input validation vulnerability in CA Privileged Access Manager 2.x allows remote attackers to conduct SQL injection attacks.

CVE-2018-9029 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-9029

A low privileged admin account with a weak default password of admin exists on the Foxconn FEMTO AP-FC4064-T AP_GT_B38_5.8.3lb15-W47 LTE Build 15. In addition, its web management page relies on the existence or values of cookies when performing security-critical operations. One can gain privileges by modifying cookies.

CVE-2018-9112 (ap-fc4064-t_firmware) https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-9112

Pulse Secure Pulse Connect Secure 8.1.x before 8.1R14, 8.2.x before 8.2R11, and 8.3.x before 8.3R5 do not properly process nested XML entities, which allows remote attackers to cause a denial of service (memory consumption and memory errors) via a crafted XML document.

CVE-2018-9849 (pulse_connect_secure) https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-9849

The path of Whale update service was unquoted in NAVER Whale before 1.0.40.7. This vulnerability can be used for persistent privilege escalation if it's available to create an executable file with System privilege by other vulnerable applications.

CVE-2018-9859 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-9859

(© 2017 - 2017) by OSI ® ORDENADORES Y SOLUCIONES INFORMÁTICAS , OSIWARE ® - SON MARCAS REGISTRADAS DE ANGEL FRUCTUOSO LASHERAS
OSI Num.: 1.766.464 OEPM - OSIWARE ® US ® (tm)- s/n: 4.903.668 |  ES ® OEPM - Num.: 3.568.893