Total
30113 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2018-13804 | 1 Siemens | 3 Simatic It Line Monitoring System, Simatic It Production Suite, Simatic It Ua Discrete Manufacturing | 2024-11-21 | 9.3 HIGH | 8.1 HIGH |
| A vulnerability has been identified in SIMATIC IT LMS (All versions), SIMATIC IT Production Suite (Versions V7.1 < V7.1 Upd3), SIMATIC IT UA Discrete Manufacturing (Versions < V1.2), SIMATIC IT UA Discrete Manufacturing (Versions V1.2), SIMATIC IT UA Discrete Manufacturing (Versions V1.3), SIMATIC IT UA Discrete Manufacturing (Versions V2.3), SIMATIC IT UA Discrete Manufacturing (Versions V2.4). An attacker with network access to the installation could bypass the application-level authentication. In order to exploit the vulnerability, an attacker must obtain network access to an affected installation and must obtain a valid username to the system. Successful exploitation requires no user privileges and no user interaction. The vulnerability could allow an attacker to compromise confidentiality, integrity and availability of the system. At the time of advisory publication no public exploitation of this vulnerability was known. | |||||
| CVE-2018-13799 | 1 Siemens | 1 Simatic Wincc Open Architecture | 2024-11-21 | 6.4 MEDIUM | 9.1 CRITICAL |
| A vulnerability has been identified in SIMATIC WinCC OA V3.14 and prior (All versions < V3.14-P021). Improper access control to a data point of the affected product could allow an unauthenticated remote user to escalate its privileges in the context of SIMATIC WinCC OA V3.14. This vulnerability could be exploited by an attacker with network access to port 5678/TCP of the SIMATIC WinCC OA V3.14 server. Successful exploitation requires no user privileges and no user interaction. This vulnerability could allow an attacker to compromise integrity and availability of the SIMATIC WinCC OA system. At the time of advisory publication no public exploitation of this vulnerability was known. | |||||
| CVE-2018-13787 | 1 Supermicro | 220 A1sa, A1sa Firmware, A1sai and 217 more | 2024-11-21 | 7.2 HIGH | 6.7 MEDIUM |
| Certain Supermicro X11S, X10, X9, X8SI, K1SP, C9X299, C7, B1, A2, and A1 products have a misconfigured Descriptor Region, allowing OS programs to modify firmware. | |||||
| CVE-2018-13784 | 1 Prestashop | 1 Prestashop | 2024-11-21 | 6.4 MEDIUM | 9.1 CRITICAL |
| PrestaShop before 1.6.1.20 and 1.7.x before 1.7.3.4 mishandles cookie encryption in Cookie.php, Rinjdael.php, and Blowfish.php. | |||||
| CVE-2018-13397 | 1 Atlassian | 1 Sourcetree | 2024-11-21 | 9.0 HIGH | 8.8 HIGH |
| There was an argument injection vulnerability in Sourcetree for Windows from version 0.5.1.0 before version 3.0.0 via Git subrepositories in Mercurial repositories. An attacker with permission to commit to a Mercurial repository linked in Sourcetree for Windows is able to exploit this issue to gain code execution on the system. | |||||
| CVE-2018-13396 | 1 Atlassian | 1 Sourcetree | 2024-11-21 | 9.0 HIGH | 8.8 HIGH |
| There was an argument injection vulnerability in Sourcetree for macOS from version 1.0b2 before version 3.0.0 via Git subrepositories in Mercurial repositories. An attacker with permission to commit to a Mercurial repository linked in Sourcetree for macOS is able to exploit this issue to gain code execution on the system. | |||||
| CVE-2018-13390 | 1 Atlassian | 1 Cloudtoken | 2024-11-21 | 4.8 MEDIUM | 6.1 MEDIUM |
| Unauthenticated access to cloudtoken daemon on Linux via network from version 0.1.1 before version 0.1.24 allows attackers on the same subnet to gain temporary AWS credentials for the users' roles. | |||||
| CVE-2018-13376 | 1 Fortinet | 1 Fortios | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| An uninitialized memory buffer leak exists in Fortinet FortiOS 5.6.1 to 5.6.3, 5.4.6 to 5.4.7, 5.2 all versions under web proxy's disclaimer response web pages, potentially causing sensitive data to be displayed in the HTTP response. | |||||
| CVE-2018-13368 | 1 Fortinet | 1 Forticlient | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
| A local privilege escalation in Fortinet FortiClient for Windows 6.0.4 and earlier allows attacker to execute unauthorized code or commands via the command injection. | |||||
| CVE-2018-13341 | 1 Crestron | 15 Mc3, Mc3 Firmware, Tsw-1060-b-s and 12 more | 2024-11-21 | 4.0 MEDIUM | 8.8 HIGH |
| Crestron TSW-X60 all versions prior to 2.001.0037.001 and MC3 all versions prior to 1.502.0047.00, The passwords for special sudo accounts may be calculated using information accessible to those with regular user privileges. Attackers could decipher these passwords, which may allow them to execute hidden API calls and escape the CTP console sandbox environment with elevated privileges. | |||||
| CVE-2018-13298 | 1 Synology | 1 Moments | 2024-11-21 | 6.8 MEDIUM | 4.2 MEDIUM |
| Channel accessible by non-endpoint vulnerability in privacy page in Synology Android Moments before 1.2.3-199 allows man-in-the-middle attackers to execute arbitrary code via unspecified vectors. | |||||
| CVE-2018-13283 | 1 Synology | 1 Ssl Vpn Client | 2024-11-21 | 5.8 MEDIUM | 8.8 HIGH |
| Lack of administrator control over security vulnerability in client.cgi in Synology SSL VPN Client before 1.2.5-0226 allows remote attackers to conduct man-in-the-middle attacks via the (1) command, (2) hostname, or (3) port parameter. | |||||
| CVE-2018-13108 | 1 Adbglobal | 8 Dv2210, Dv2210 Firmware, Prg Av4202n and 5 more | 2024-11-21 | 7.2 HIGH | 7.8 HIGH |
| All ADB broadband gateways / routers based on the Epicentro platform are affected by a local root jailbreak vulnerability where attackers are able to gain root access on the device, and extract further information such as sensitive configuration data of the ISP (e.g., VoIP credentials) or attack the internal network of the ISP. | |||||
| CVE-2018-13101 | 1 Redswimmer | 1 Kiosksimple | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
| KioskSimpleService.exe in RedSwimmer KioskSimple 1.4.7.0 suffers from a privilege escalation vulnerability in the WCF endpoint. The exposed methods allow read and write access to the Windows registry and control of services. These methods may be abused to achieve privilege escalation via execution of attacker controlled binaries. | |||||
| CVE-2018-13052 | 1 Cyberark | 1 Endpoint Privilege Manager | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| In CyberArk Endpoint Privilege Manager (formerly Viewfinity), Privilege Escalation is possible if the attacker has one process that executes as Admin. | |||||
| CVE-2018-12904 | 2 Canonical, Linux | 2 Ubuntu Linux, Linux Kernel | 2024-11-21 | 4.4 MEDIUM | 4.9 MEDIUM |
| In arch/x86/kvm/vmx.c in the Linux kernel before 4.17.2, when nested virtualization is used, local attackers could cause L1 KVM guests to VMEXIT, potentially allowing privilege escalations and denial of service attacks due to lack of checking of CPL. | |||||
| CVE-2018-12893 | 2 Debian, Xen | 2 Debian Linux, Xen | 2024-11-21 | 2.1 LOW | 6.5 MEDIUM |
| An issue was discovered in Xen through 4.10.x. One of the fixes in XSA-260 added some safety checks to help prevent Xen livelocking with debug exceptions. Unfortunately, due to an oversight, at least one of these safety checks can be triggered by a guest. A malicious PV guest can crash Xen, leading to a Denial of Service. All Xen systems which have applied the XSA-260 fix are vulnerable. Only x86 systems are vulnerable. ARM systems are not vulnerable. Only x86 PV guests can exploit the vulnerability. x86 HVM and PVH guests cannot exploit the vulnerability. An attacker needs to be able to control hardware debugging facilities to exploit the vulnerability, but such permissions are typically available to unprivileged users. | |||||
| CVE-2018-12891 | 2 Debian, Xen | 2 Debian Linux, Xen | 2024-11-21 | 4.9 MEDIUM | 6.5 MEDIUM |
| An issue was discovered in Xen through 4.10.x. Certain PV MMU operations may take a long time to process. For that reason Xen explicitly checks for the need to preempt the current vCPU at certain points. A few rarely taken code paths did bypass such checks. By suitably enforcing the conditions through its own page table contents, a malicious guest may cause such bypasses to be used for an unbounded number of iterations. A malicious or buggy PV guest may cause a Denial of Service (DoS) affecting the entire host. Specifically, it may prevent use of a physical CPU for an indeterminate period of time. All Xen versions from 3.4 onwards are vulnerable. Xen versions 3.3 and earlier are vulnerable to an even wider class of attacks, due to them lacking preemption checks altogether in the affected code paths. Only x86 systems are affected. ARM systems are not affected. Only multi-vCPU x86 PV guests can leverage the vulnerability. x86 HVM or PVH guests as well as x86 single-vCPU PV ones cannot leverage the vulnerability. | |||||
| CVE-2018-12828 | 6 Adobe, Apple, Google and 3 more | 10 Flash Player, Mac Os X, Chrome Os and 7 more | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| Adobe Flash Player 30.0.0.134 and earlier have a "use of a component with a known vulnerability" vulnerability. Successful exploitation could lead to privilege escalation. | |||||
| CVE-2018-12825 | 6 Adobe, Apple, Google and 3 more | 10 Flash Player, Mac Os X, Chrome Os and 7 more | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| Adobe Flash Player 30.0.0.134 and earlier have a security bypass vulnerability. Successful exploitation could lead to security mitigation bypass. | |||||