Total
316125 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2018-6317 | 1 Claymore Dual Miner Project | 1 Claymore Dual Miner | 2024-11-21 | 6.4 MEDIUM | 9.1 CRITICAL |
| The remote management interface in Claymore Dual Miner 10.5 and earlier is vulnerable to an unauthenticated format string vulnerability, allowing remote attackers to read memory or cause a denial of service. | |||||
| CVE-2018-6316 | 1 Ivanti | 1 Endpoint Security | 2024-11-21 | 6.0 MEDIUM | 7.5 HIGH |
| Ivanti Endpoint Security (formerly HEAT Endpoint Management and Security Suite) 8.5 Update 1 and earlier allows an authenticated user with low privileges and access to the local network to bypass application whitelisting when using the Application Control module on Ivanti Endpoint Security in lockdown mode. | |||||
| CVE-2018-6315 | 2 Debian, Libming | 2 Debian Linux, Libming | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| The outputSWF_TEXT_RECORD function (util/outputscript.c) in libming through 0.4.8 is vulnerable to an integer overflow and resultant out-of-bounds read, which may allow attackers to cause a denial of service or unspecified other impact via a crafted SWF file. | |||||
| CVE-2018-6313 | 1 Wbce | 1 Wbce Cms | 2024-11-21 | 3.5 LOW | 4.8 MEDIUM |
| Cross-site scripting (XSS) in WBCE CMS 1.3.1 allows remote authenticated administrators to inject arbitrary web script or HTML via the Modify Page screen, a different issue than CVE-2017-2118. | |||||
| CVE-2018-6312 | 1 Foxconn | 2 Ap-fc4064-t, Ap-fc4064-t Firmware | 2024-11-21 | 9.0 HIGH | 7.2 HIGH |
| A privileged account with a weak default password on the Foxconn femtocell FEMTO AP-FC4064-T version AP_GT_B38_5.8.3lb15-W47 LTE Build 15 can be used to turn on the TELNET service via the web interface, which allows root login without any password. This vulnerability will lead to full system compromise and disclosure of user communications. The foxconn account with an 8-character lowercase alphabetic password can be used. | |||||
| CVE-2018-6311 | 1 Foxconn | 2 Ap-fc4064-t, Ap-fc4064-t Firmware | 2024-11-21 | 7.2 HIGH | 6.8 MEDIUM |
| One can gain root access on the Foxconn femtocell FEMTO AP-FC4064-T version AP_GT_B38_5.8.3lb15-W47 LTE Build 15 via UART pins without any restrictions, which leads to full system compromise and disclosure of user communications. | |||||
| CVE-2018-6308 | 1 Sugarcrm | 1 Sugarcrm | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| Multiple SQL injections exist in SugarCRM Community Edition 6.5.26 and below via the track parameter to modules\Campaigns\Tracker.php and modules\Campaigns\utils.php, the default_currency_name parameter to modules\Configurator\controller.php and modules\Currencies\Currency.php, the duplicate parameter to modules\Contacts\ShowDuplicates.php, the mergecur parameter to modules\Currencies\index.php and modules\Opportunities\Opportunity.php, and the load_signed_id parameter to modules\Documents\Document.php. | |||||
| CVE-2018-6307 | 3 Canonical, Debian, Libvnc Project | 3 Ubuntu Linux, Debian Linux, Libvncserver | 2024-11-21 | 6.8 MEDIUM | 8.1 HIGH |
| LibVNC before commit ca2a5ac02fbbadd0a21fabba779c1ea69173d10b contains heap use-after-free vulnerability in server code of file transfer extension that can result remote code execution. | |||||
| CVE-2018-6306 | 1 Kaspersky | 1 Password Manager | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| Unauthorized code execution from specific DLL and is known as DLL Hijacking attack in Kaspersky Password Manager versions before 8.0.6.538. | |||||
| CVE-2018-6305 | 1 Gemalto | 1 Sentinel Ldk Rte | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| Denial of service in Gemalto's Sentinel LDK RTE version before 7.65 | |||||
| CVE-2018-6304 | 1 Gemalto | 1 Sentinel Ldk Rte | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| Stack overflow in custom XML-parser in Gemalto's Sentinel LDK RTE version before 7.65 leads to remote denial of service | |||||
| CVE-2018-6303 | 1 Hanwha-security | 4 Snh-v6410pn, Snh-v6410pn Firmware, Snh-v6410pnw and 1 more | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| Denial of service by uploading malformed firmware in Hanwha Techwin Smartcams | |||||
| CVE-2018-6302 | 1 Hanwha-security | 4 Snh-v6410pn, Snh-v6410pn Firmware, Snh-v6410pnw and 1 more | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| Denial of service by blocking of new camera registration on the cloud server in Hanwha Techwin Smartcams | |||||
| CVE-2018-6301 | 1 Hanwha-security | 4 Snh-v6410pn, Snh-v6410pn Firmware, Snh-v6410pnw and 1 more | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| Arbitrary camera access and monitoring via cloud in Hanwha Techwin Smartcams | |||||
| CVE-2018-6300 | 1 Hanwha-security | 4 Snh-v6410pn, Snh-v6410pn Firmware, Snh-v6410pnw and 1 more | 2024-11-21 | 5.0 MEDIUM | 9.8 CRITICAL |
| Remote password change in Hanwha Techwin Smartcams | |||||
| CVE-2018-6299 | 1 Hanwha-security | 4 Snh-v6410pn, Snh-v6410pn Firmware, Snh-v6410pnw and 1 more | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| Authentication bypass in Hanwha Techwin Smartcams | |||||
| CVE-2018-6298 | 1 Hanwha-security | 4 Snh-v6410pn, Snh-v6410pn Firmware, Snh-v6410pnw and 1 more | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
| Remote code execution in Hanwha Techwin Smartcams | |||||
| CVE-2018-6297 | 1 Hanwha-security | 4 Snh-v6410pn, Snh-v6410pn Firmware, Snh-v6410pnw and 1 more | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| Buffer overflow in Hanwha Techwin Smartcams | |||||
| CVE-2018-6296 | 1 Hanwha-security | 4 Snh-v6410pn, Snh-v6410pn Firmware, Snh-v6410pnw and 1 more | 2024-11-21 | 5.0 MEDIUM | 5.3 MEDIUM |
| An undocumented (hidden) capability for switching the web interface in Hanwha Techwin Smartcams | |||||
| CVE-2018-6295 | 1 Hanwha-security | 4 Snh-v6410pn, Snh-v6410pn Firmware, Snh-v6410pnw and 1 more | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| Unencrypted way of remote control and communications in Hanwha Techwin Smartcams | |||||