Total
7184 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2018-19148 | 1 Caddyserver | 1 Caddy | 2024-11-21 | 4.3 MEDIUM | 3.7 LOW |
| Caddy through 0.11.0 sends incorrect certificates for certain invalid requests, making it easier for attackers to enumerate hostnames. Specifically, when unable to match a Host header with a vhost in its configuration, it serves the X.509 certificate for a randomly selected vhost in its configuration. Repeated requests (with a nonexistent hostname in the Host header) permit full enumeration of all certificates on the server. This generally permits an attacker to easily and accurately discover the existence of and relationships among hostnames that weren't meant to be public, though this information could likely have been discovered via other methods with additional effort. | |||||
| CVE-2018-19004 | 1 Lcds | 1 Laquis Scada | 2024-11-21 | 4.3 MEDIUM | 3.3 LOW |
| LCDS Laquis SCADA prior to version 4.1.0.4150 allows out of bounds read when opening a specially crafted project file, which may allow data exfiltration. | |||||
| CVE-2018-18386 | 2 Canonical, Linux | 2 Ubuntu Linux, Linux Kernel | 2024-11-21 | 2.1 LOW | 3.3 LOW |
| drivers/tty/n_tty.c in the Linux kernel before 4.14.11 allows local attackers (who are able to access pseudo terminals) to hang/block further usage of any pseudo terminal devices due to an EXTPROC versus ICANON confusion in TIOCINQ. | |||||
| CVE-2018-18020 | 1 Qpdf Project | 1 Qpdf | 2024-11-21 | 4.3 MEDIUM | 3.3 LOW |
| In QPDF 8.2.1, in libqpdf/QPDFWriter.cc, QPDFWriter::unparseObject and QPDFWriter::unparseChild have recursive calls for a long time, which allows remote attackers to cause a denial of service via a crafted PDF file. | |||||
| CVE-2018-17957 | 1 Suse | 1 Repository Mirroring Tool | 2024-11-21 | 2.1 LOW | 3.4 LOW |
| The YaST2 RMT module for configuring the SUSE Repository Mirroring Tool (RMT) before 1.1.2 exposed MySQL database passwords on process commandline, allowing local attackers to access or corrupt the RMT database. | |||||
| CVE-2018-17955 | 1 Opensuse | 1 Yast2-multipath | 2024-11-21 | 3.6 LOW | 2.2 LOW |
| In yast2-multipath before version 4.1.1 a static temporary filename allows local attackers to overwrite files on systems without symlink protection | |||||
| CVE-2018-17907 | 1 Omron | 1 Cx-supervisor | 2024-11-21 | 4.3 MEDIUM | 3.3 LOW |
| When processing project files in Omron CX-Supervisor Versions 3.4.1.0 and prior and tampering with the value of an offset, an attacker can force the application to read a value outside of an array. | |||||
| CVE-2018-17891 | 2 Carestream, Microsoft | 2 Carestream Vue Ris, Windows 8.1 | 2024-11-21 | 4.3 MEDIUM | 3.7 LOW |
| Carestream Vue RIS, RIS Client Builds: Version 11.2 and prior running on a Windows 8.1 machine with IIS/7.5. When contacting a Carestream server where there is no Oracle TNS listener available, users will trigger an HTTP 500 error, leaking technical information an attacker could use to initiate a more elaborate attack. | |||||
| CVE-2018-17500 | 1 Envoy | 1 Passport | 2024-11-21 | 2.1 LOW | 2.9 LOW |
| Envoy Passport for Android and Envoy Passport for iPhone could allow a local attacker to obtain sensitive information, caused by the storing of hardcoded OAuth Creds in plaintext. An attacker could exploit this vulnerability to obtain sensitive information. | |||||
| CVE-2018-17499 | 1 Envoy | 1 Passport | 2024-11-21 | 2.1 LOW | 2.9 LOW |
| Envoy Passport for Android and Envoy Passport for iPhone could allow a local attacker to obtain sensitive information, caused by the storing of unencrypted data in logs. An attacker could exploit this vulnerability to obtain two API keys, a token and other sensitive information. | |||||
| CVE-2018-17489 | 1 Hidglobal | 1 Easylobby Solo | 2024-11-21 | 2.1 LOW | 2.9 LOW |
| EasyLobby Solo could allow a local attacker to obtain sensitive information, caused by the storing of the social security number in plaintext. By visiting the kiosk and viewing the Visitor table of the database, an attacker could exploit this vulnerability to view stored social security numbers. | |||||
| CVE-2018-17486 | 1 Jollytech | 1 Lobby Track | 2024-11-21 | 3.6 LOW | 2.9 LOW |
| Lobby Track Desktop could allow a local attacker to bypass security restrictions, caused by an error in the find visitor function while in kiosk mode. By visiting the kiosk and selecting find visitor, an attacker could exploit this vulnerability to delete visitor records or remove a host. | |||||
| CVE-2018-17483 | 1 Jollytech | 1 Lobby Track | 2024-11-21 | 2.1 LOW | 2.9 LOW |
| Lobby Track Desktop could allow a local attacker to obtain sensitive information, caused by an error in Reports while in kiosk mode. By visiting the kiosk and viewing the driver's license column, an attacker could exploit this vulnerability to view the driver's license number and other personal information. | |||||
| CVE-2018-17177 | 1 Neatorobotics | 12 Botvac 85 Connected, Botvac 85 Firmware, Botvac D3 Connected and 9 more | 2024-11-21 | 2.1 LOW | 2.4 LOW |
| An issue was discovered on Neato Botvac Connected 2.2.0 and Botvac 85 1.2.1 devices. Static encryption is used for the copying of so-called "black box" logs (event logs and core dumps) to a USB stick. These logs are RC4-encrypted with a 9-character password of *^JEd4W!I that is obfuscated by hiding it within a custom /bin/rc4_crypt binary. | |||||
| CVE-2018-16968 | 1 Citrix | 1 Sharefile Storagezones Controller | 2024-11-21 | 3.5 LOW | 3.1 LOW |
| Citrix ShareFile StorageZones Controller before 5.4.2 allows Directory Traversal. | |||||
| CVE-2018-16883 | 1 Fedoraproject | 1 Sssd | 2024-11-21 | 2.1 LOW | 2.5 LOW |
| sssd versions from 1.13.0 to before 2.0.0 did not properly restrict access to the infopipe according to the "allowed_uids" configuration parameter. If sensitive information were stored in the user directory, this could be inadvertently disclosed to local attackers. | |||||
| CVE-2018-16866 | 5 Canonical, Debian, Netapp and 2 more | 21 Ubuntu Linux, Debian Linux, Active Iq Performance Analytics Services and 18 more | 2024-11-21 | 2.1 LOW | 3.3 LOW |
| An out of bounds read was discovered in systemd-journald in the way it parses log messages that terminate with a colon ':'. A local attacker can use this flaw to disclose process memory data. Versions from v221 to v239 are vulnerable. | |||||
| CVE-2018-16849 | 1 Redhat | 1 Openstack-mistral | 2024-11-21 | 5.0 MEDIUM | 3.1 LOW |
| A flaw was found in openstack-mistral. By manipulating the SSH private key filename, the std.ssh action can be used to disclose the presence of arbitrary files within the filesystem of the executor running the action. Since std.ssh private_key_filename can take an absolute path, it can be used to assess whether or not a file exists on the executor's filesystem. | |||||
| CVE-2018-16738 | 3 Debian, Starwindsoftware, Tinc-vpn | 3 Debian Linux, Starwind Virtual San, Tinc | 2024-11-21 | 4.3 MEDIUM | 3.7 LOW |
| tinc 1.0.30 through 1.0.34 has a broken authentication protocol, although there is a partial mitigation. This is fixed in 1.1. | |||||
| CVE-2018-16463 | 1 Nextcloud | 1 Nextcloud Server | 2024-11-21 | 3.6 LOW | 3.1 LOW |
| A bug causing session fixation in Nextcloud Server prior to 14.0.0, 13.0.3 and 12.0.8 could potentially allow an attacker to obtain access to password protected shares. | |||||