Total
295707 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2018-18582 | 1 Lupng Project | 1 Lupng | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| An issue has been found in LuPng through 2017-03-10. It is a heap-based buffer overflow in insertByte in miniz/lupng.c during a write operation for data obtained from a palette. | |||||
| CVE-2018-18581 | 1 Lupng Project | 1 Lupng | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| An issue has been found in LuPng through 2017-03-10. It is a heap-based buffer over-read in internalPrintf in miniz/lupng.c. | |||||
| CVE-2018-18579 | 1 Dedecms | 1 Dedecms | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| Reflected XSS exists in DedeCMS 5.7 SP2 via the /member/pm.php folder parameter. | |||||
| CVE-2018-18578 | 1 Dedecms | 1 Dedecms | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| DedeCMS 5.7 SP2 allows XSS via the plus/qrcode.php type parameter. | |||||
| CVE-2018-18576 | 1 Incsub | 1 Hustle | 2024-11-21 | 5.0 MEDIUM | 5.3 MEDIUM |
| The Hustle (aka wordpress-popup) plugin through 6.0.5 for WordPress allows Directory Traversal to obtain a directory listing via the views/admin/dashboard/ URI. | |||||
| CVE-2018-18573 | 1 Oscommerce | 1 Oscommerce | 2024-11-21 | 6.5 MEDIUM | 7.2 HIGH |
| osCommerce 2.3.4.1 has an incomplete '.htaccess' for blacklist filtering in the "product" page. Remote authenticated administrators can upload new '.htaccess' files (e.g., omitting .php) and subsequently achieve arbitrary PHP code execution via a /catalog/admin/categories.php?cPath=&action=new_product URI. | |||||
| CVE-2018-18572 | 1 Oscommerce | 1 Oscommerce | 2024-11-21 | 6.5 MEDIUM | 7.2 HIGH |
| osCommerce 2.3.4.1 has an incomplete '.htaccess' for blacklist filtering in the "product" page. Because of this filter, script files with certain PHP-related extensions (such as .phtml and .php5) didn't execute in the application. But this filter didn't prevent the '.pht' extension. Thus, remote authenticated administrators can upload '.pht' files for arbitrary PHP code execution via a /catalog/admin/categories.php?cPath=&action=new_product URI. | |||||
| CVE-2018-18571 | 1 Citrix | 1 Xenmobile Server | 2024-11-21 | 6.4 MEDIUM | 9.1 CRITICAL |
| An Incorrect Access Control vulnerability has been identified in Citrix XenMobile Server 10.8.0 before Rolling Patch 6 and 10.9.0 before Rolling Patch 3. An attacker can impersonate and take actions on behalf of any Mobile Application Management (MAM) enrolled device. | |||||
| CVE-2018-18570 | 1 Planonsoftware | 1 Planon | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| Planon before Live Build 41 has XSS. | |||||
| CVE-2018-18569 | 1 Dundas | 1 Dundas Bi | 2024-11-21 | 5.0 MEDIUM | 8.6 HIGH |
| The Dundas BI server before 5.0.1.1010 is vulnerable to a Server-Side Request Forgery attack, allowing an attacker to forge arbitrary requests (with certain restrictions) that will be executed on behalf of the attacker, via the viewUrl parameter of the "export the dashboard as an image" feature. This could be leveraged to provide a proxy to attack other servers (internal or external) or to perform network scans of external or internal networks. | |||||
| CVE-2018-18568 | 1 Polycom | 5 Unified Communications Software, Vvx 500, Vvx 500 Firmware and 2 more | 2024-11-21 | 4.3 MEDIUM | 5.9 MEDIUM |
| Polycom VVX 500 and 601 devices 5.8.0.12848 and earlier allows man-in-the-middle attackers to obtain sensitive credential information by leveraging failure to validate X.509 certificates when used with an on-premise installation with Skype for Business. | |||||
| CVE-2018-18567 | 1 Audiocodes | 4 440hd, 440hd Firmware, 450hd and 1 more | 2024-11-21 | 4.3 MEDIUM | 5.9 MEDIUM |
| AudioCodes 440HD and 450HD devices 3.1.2.89 and earlier allows man-in-the-middle attackers to obtain sensitive credential information by leveraging failure to validate X.509 certificates when used with an on-premise installation with Skype for Business. | |||||
| CVE-2018-18566 | 1 Polycom | 5 Unified Communications Software, Vvx 500, Vvx 500 Firmware and 2 more | 2024-11-21 | 5.0 MEDIUM | 5.3 MEDIUM |
| The SIP service in Polycom VVX 500 and 601 devices 5.8.0.12848 and earlier allow remote attackers to obtain sensitive phone configuration information by leveraging use with an on-premise installation with Skype for Business. | |||||
| CVE-2018-18565 | 1 Roche | 10 Accu-chek Inform Ii, Accu-chek Inform Ii Firmware, Coaguchek Pro Ii and 7 more | 2024-11-21 | 4.1 MEDIUM | 6.8 MEDIUM |
| An issue was discovered in Roche Accu-Chek Inform II Instrument before 03.06.00 (Serial number below 14000) and 04.x before 04.03.00 (Serial Number above 14000), CoaguChek Pro II before 04.03.00, CoaguChek XS Plus before 03.01.06, CoaguChek XS Pro before 03.01.06, cobas h 232 before 03.01.03 (Serial number below KQ0400000 or KS0400000), and cobas h 232 before 04.00.04 (Serial number above KQ0400000 or KS0400000). A vulnerability in the software update mechanism allows authenticated attackers in the adjacent network to overwrite arbitrary files on the system through a crafted update package. | |||||
| CVE-2018-18564 | 1 Roche | 6 Accu-chek Inform Ii, Accu-chek Inform Ii Firmware, Coaguchek Pro Ii and 3 more | 2024-11-21 | 3.3 LOW | 7.4 HIGH |
| An issue was discovered in Roche Accu-Chek Inform II Instrument before 03.06.00 (Serial number below 14000) and 04.x before 04.03.00 (Serial Number above 14000), CoaguChek Pro II before 04.03.00, and cobas h 232 before 04.00.04 (Serial number above KQ0400000 or KS0400000). Improper access control allows attackers in the adjacent network to change the instrument configuration. | |||||
| CVE-2018-18563 | 1 Roche | 10 Accu-chek Inform Ii, Accu-chek Inform Ii Firmware, Coaguchek Pro Ii and 7 more | 2024-11-21 | 8.3 HIGH | 9.6 CRITICAL |
| An issue was discovered in Roche Accu-Chek Inform II Instrument before 03.06.00 (Serial number below 14000) and 04.x before 04.03.00 (Serial Number above 14000), CoaguChek Pro II before 04.03.00, CoaguChek XS Plus before 03.01.06, CoaguChek XS Pro before 03.01.06, cobas h 232 before 03.01.03 (Serial Number below KQ0400000 or KS0400000) and cobas h 232 before 04.00.04 (Serial Number above KQ0400000 or KS0400000). Improper access control to a service command allows attackers in the adjacent network to execute arbitrary code on the system through a crafted Poct1-A message. | |||||
| CVE-2018-18562 | 1 Roche | 8 Accu-chek Inform Ii, Accu-chek Inform Ii Firmware, Base Unit Hub and 5 more | 2024-11-21 | 3.3 LOW | 8.8 HIGH |
| An issue was discovered in Roche Accu-Chek Inform II Base Unit / Base Unit Hub before 03.01.04 and CoaguChek / cobas h232 Handheld Base Unit before 03.01.04. Weak access credentials may enable attackers in the adjacent network to gain unauthorized service access via a service interface. | |||||
| CVE-2018-18561 | 1 Roche | 8 Accu-chek Inform Ii, Accu-chek Inform Ii Firmware, Base Unit Hub and 5 more | 2024-11-21 | 7.7 HIGH | 8.0 HIGH |
| An issue was discovered in Roche Accu-Chek Inform II Base Unit / Base Unit Hub before 03.01.04 and CoaguChek / cobas h232 Handheld Base Unit before 03.01.04. Insecure permissions in a service interface may allow authenticated attackers in the adjacent network to execute arbitrary commands on the operating system. | |||||
| CVE-2018-18559 | 2 Linux, Redhat | 9 Linux Kernel, Enterprise Linux Desktop, Enterprise Linux Server and 6 more | 2024-11-21 | 6.8 MEDIUM | 8.1 HIGH |
| In the Linux kernel through 4.19, a use-after-free can occur due to a race condition between fanout_add from setsockopt and bind on an AF_PACKET socket. This issue exists because of the 15fe076edea787807a7cdc168df832544b58eba6 incomplete fix for a race condition. The code mishandles a certain multithreaded case involving a packet_do_bind unregister action followed by a packet_notifier register action. Later, packet_release operates on only one of the two applicable linked lists. The attacker can achieve Program Counter control. | |||||
| CVE-2018-18558 | 1 Espressif | 1 Esp-idf | 2024-11-21 | 6.9 MEDIUM | 6.4 MEDIUM |
| An issue was discovered in Espressif ESP-IDF 2.x and 3.x before 3.0.6 and 3.1.x before 3.1.1. Insufficient validation of input data in the 2nd stage bootloader allows a physically proximate attacker to bypass secure boot checks and execute arbitrary code, by crafting an application binary that overwrites a bootloader code segment in process_segment in components/bootloader_support/src/esp_image_format.c. The attack is effective when the flash encryption feature is not enabled, or if the attacker finds a different vulnerability that allows them to write this binary to flash memory. | |||||