CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
  What's the CVSS score of your company?
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities Published In February 2018 (CVSS score >= 5)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2018-1000068 200 +Info 2018-02-16 2018-03-15
5.0
None Remote Low Not required Partial None None
An improper input validation vulnerability exists in Jenkins versions 2.106 and earlier, and LTS 2.89.3 and earlier, that allows an attacker to access plugin resource files in the META-INF and WEB-INF directories that should not be accessible, if the Jenkins home directory is on a case-insensitive file system.
2 CVE-2018-1000067 918 2018-02-16 2020-08-24
5.0
None Remote Low Not required Partial None None
An improper authorization vulnerability exists in Jenkins versions 2.106 and earlier, and LTS 2.89.3 and earlier, that allows an attacker to have Jenkins submit HTTP GET requests and get limited information about the response.
3 CVE-2018-1000061 20 Bypass 2018-02-09 2018-03-08
7.5
None Remote Low Not required Partial Partial Partial
ARM mbedTLS version development branch, 2.7.0 and earlier contains a CWE-670, Incorrect condition control flow leading to incorrect return, leading to data loss vulnerability in ssl_write_real(), library/ssl_tls.c:7142 that can result in Leads to data loss, can be escalated to DoS and authorization bypass in application protocols. This attack appear to be exploitable via network connectivity.
4 CVE-2018-1000060 532 2018-02-09 2019-10-03
5.0
None Remote Low Not required Partial None None
Sensu, Inc. Sensu Core version Before 1.2.0 & before commit 46ff10023e8cbf1b6978838f47c51b20b98fe30b contains a CWE-522 vulnerability in Sensu::Utilities.redact_sensitive() that can result in sensitive configuration data (e.g. passwords) may be logged in clear-text. This attack appear to be exploitable via victims with configuration matching a specific pattern will observe sensitive data outputted in their service log files. This vulnerability appears to have been fixed in 1.2.1 and later, after commit 46ff10023e8cbf1b6978838f47c51b20b98fe30b.
5 CVE-2018-1000059 502 Exec Code 2018-02-09 2020-08-24
7.5
None Remote Low Not required Partial Partial Partial
ValidFormBuilder version 4.5.4 contains a PHP Object Injection vulnerability in Valid Form unserialize method that can result in Possible to execute unauthorised system commands remotely and disclose file contents in file system.
6 CVE-2018-1000058 502 Exec Code 2018-02-09 2018-03-06
6.5
None Remote Low ??? Partial Partial Partial
Jenkins Pipeline: Supporting APIs Plugin 2.17 and earlier have an arbitrary code execution due to incomplete sandbox protection: Methods related to Java deserialization like readResolve implemented in Pipeline scripts were not subject to sandbox protection, and could therefore execute arbitrary code. This could be exploited e.g. by regular Jenkins users with the permission to configure Pipelines in Jenkins, or by trusted committers to repositories containing Jenkinsfiles.
7 CVE-2018-1000056 611 2018-02-09 2018-03-06
6.5
None Remote Low ??? Partial Partial Partial
Jenkins JUnit Plugin 1.23 and earlier processes XML external entities in files it parses as part of the build process, allowing attackers with user permissions in Jenkins to extract secrets from the Jenkins master, perform server-side request forgery, or denial-of-service attacks.
8 CVE-2018-1000055 611 2018-02-09 2018-03-06
6.5
None Remote Low ??? Partial Partial Partial
Jenkins Android Lint Plugin 2.5 and earlier processes XML external entities in files it parses as part of the build process, allowing attackers with user permissions in Jenkins to extract secrets from the Jenkins master, perform server-side request forgery, or denial-of-service attacks.
9 CVE-2018-1000054 611 2018-02-09 2018-03-13
6.5
None Remote Low ??? Partial Partial Partial
Jenkins CCM Plugin 3.1 and earlier processes XML external entities in files it parses as part of the build process, allowing attackers with user permissions in Jenkins to extract secrets from the Jenkins master, perform server-side request forgery, or denial-of-service attacks.
10 CVE-2018-1000053 352 CSRF 2018-02-09 2018-03-08
6.8
None Remote Medium Not required Partial Partial Partial
LimeSurvey version 3.0.0-beta.3+17110 contains a Cross ite Request Forgery (CSRF) vulnerability in Theme Uninstallation that can result in CSRF causing LimeSurvey admins to delete all their themes, rendering the website unusable. This attack appear to be exploitable via Simple HTML markup can be used to send a GET request to the affected endpoint.
11 CVE-2018-1000052 134 DoS Mem. Corr. 2018-02-09 2020-08-24
5.0
None Remote Low Not required None None Partial
fmtlib version prior to version 4.1.0 (before commit 0555cea5fc0bf890afe0071a558e44625a34ba85) contains a Memory corruption (SIGSEGV), CWE-134 vulnerability in fmt::print() library function that can result in Denial of Service. This attack appear to be exploitable via Specifying an invalid format specifier in the fmt::print() function results in a SIGSEGV (memory corruption, invalid write). This vulnerability appears to have been fixed in after commit 8cf30aa2be256eba07bb1cefb998c52326e846e7.
12 CVE-2018-1000051 416 Exec Code 2018-02-09 2019-03-14
6.8
None Remote Medium Not required Partial Partial Partial
Artifex Mupdf version 1.12.0 contains a Use After Free vulnerability in fz_keep_key_storable that can result in DOS / Possible code execution. This attack appear to be exploitable via Victim opens a specially crafted PDF.
13 CVE-2018-1000050 119 DoS Overflow Mem. Corr. 2018-02-09 2018-03-08
6.8
None Remote Medium Not required Partial Partial Partial
Sean Barrett stb_vorbis version 1.12 and earlier contains a Buffer Overflow vulnerability in All vorbis decoding paths. that can result in memory corruption, denial of service, comprised execution of host program. This attack appear to be exploitable via Victim must open a specially crafted Ogg Vorbis file. This vulnerability appears to have been fixed in 1.13.
14 CVE-2018-1000049 20 Exec Code 2018-02-09 2020-07-30
6.0
None Remote Medium ??? Partial Partial Partial
Nanopool Claymore Dual Miner version 7.3 and earlier contains a remote code execution vulnerability by abusing the miner API. The flaw can be exploited only if the software is executed with read/write mode enabled.
15 CVE-2018-1000048 502 Exec Code 2018-02-09 2018-03-01
6.8
None Remote Medium Not required Partial Partial Partial
NASA RtRetrievalFramework version v1.0 contains a CWE-502 vulnerability in Data retrieval functionality of RtRetrieval framework that can result in remote code execution. This attack appear to be exploitable via Victim tries to retrieve and process a weather data file.
16 CVE-2018-1000047 502 Exec Code 2018-02-09 2018-03-01
6.8
None Remote Medium Not required Partial Partial Partial
NASA Kodiak version v1.0 contains a CWE-502 vulnerability in Kodiak library's data processing function that can result in remote code execution. This attack appear to be exploitable via Victim opens an untrusted file for optimization using Kodiak library.
17 CVE-2018-1000046 502 Exec Code 2018-02-09 2018-03-01
6.8
None Remote Medium Not required Partial Partial Partial
NASA Pyblock version v1.0 - v1.3 contains a CWE-502 vulnerability in Radar data parsing library that can result in remote code execution. This attack appear to be exploitable via Victim opening a specially crafted radar data file. This vulnerability appears to have been fixed in v1.4.
18 CVE-2018-1000045 502 Exec Code 2018-02-09 2018-03-01
6.8
None Remote Medium Not required Partial Partial Partial
NASA Singledop version v1.0 contains a CWE-502 vulnerability in NASA Singledop library (Weather data) that can result in remote code execution. This attack appear to be exploitable via Victim opening a specially crafted radar data file. This vulnerability appears to have been fixed in v1.1.
19 CVE-2018-1000044 89 Exec Code Sql 2018-02-09 2018-02-28
7.5
None Remote Low Not required Partial Partial Partial
Security Onion Solutions Squert version 1.1.1 through 1.6.7 contains a SQL Injection vulnerability in .inc/callback.php that can result in execution of SQL commands. This attack appear to be exploitable via Web request to .inc/callback.php with the payload in the sensors parameter, used in ec(). This vulnerability appears to have been fixed in 1.7.0.
20 CVE-2018-1000043 78 Exec Code 2018-02-09 2018-03-01
10.0
None Remote Low Not required Complete Complete Complete
Security Onion Solutions Squert version 1.0.1 through 1.6.7 contains a CWE-78: Improper Neutralization of Special Elements used in an OS Command (OS Command Injection) vulnerability in .inc/callback.php that can result in execution of OS Commands. This attack appear to be exploitable via Web request to .inc/callback.php with the payload in the txdata parameter, used in tx()/transcript(), or the catdata parameter, used in cat(). This vulnerability appears to have been fixed in 1.7.0.
21 CVE-2018-1000042 78 Exec Code 2018-02-09 2018-03-01
10.0
None Remote Low Not required Complete Complete Complete
Security Onion Solutions Squert version 1.3.0 through 1.6.7 contains a CWE-78: Improper Neutralization of Special Elements used in an OS Command (OS Command Injection) vulnerability in .inc/callback.php that can result in execution of OS Commands. This attack appear to be exploitable via Web request to .inc/callback.php with the payload in the data or obj parameters, used in autocat(). This vulnerability appears to have been fixed in 1.7.0.
22 CVE-2018-1000035 787 DoS Exec Code Overflow 2018-02-09 2020-08-24
6.8
None Remote Medium Not required Partial Partial Partial
A heap-based buffer overflow exists in Info-Zip UnZip version <= 6.00 in the processing of password-protected archives that allows an attacker to perform a denial of service or to possibly achieve code execution.
23 CVE-2018-1000034 125 DoS 2018-02-09 2018-02-26
6.4
None Remote Low Not required Partial None Partial
An out-of-bounds read exists in Info-Zip UnZip version 6.10c22 that allows an attacker to perform a denial of service and read sensitive memory.
24 CVE-2018-1000033 125 DoS 2018-02-09 2018-02-26
6.4
None Remote Low Not required Partial None Partial
An out-of-bounds read exists in Info-Zip UnZip version 6.10c22 that allows an attacker to perform a denial of service and read sensitive memory.
25 CVE-2018-1000032 787 DoS Exec Code Overflow 2018-02-09 2020-08-24
6.8
None Remote Medium Not required Partial Partial Partial
A heap-based buffer overflow exists in Info-Zip UnZip version 6.10c22 that allows an attacker to perform a denial of service or to possibly achieve code execution.
26 CVE-2018-1000031 787 DoS Exec Code Overflow 2018-02-09 2020-08-24
6.8
None Remote Medium Not required Partial Partial Partial
A heap-based buffer overflow exists in Info-Zip UnZip version 6.10c22 that allows an attacker to perform a denial of service or to possibly achieve code execution.
27 CVE-2018-1000028 269 2018-02-09 2019-10-03
5.8
None Remote Medium Not required Partial Partial None
Linux kernel version after commit bdcf0a423ea1 - 4.15-rc4+, 4.14.8+, 4.9.76+, 4.4.111+ contains a Incorrect Access Control vulnerability in NFS server (nfsd) that can result in remote users reading or writing files they should not be able to via NFS. This attack appear to be exploitable via NFS server must export a filesystem with the "rootsquash" options enabled. This vulnerability appears to have been fixed in after commit 1995266727fa.
28 CVE-2018-1000027 476 DoS 2018-02-09 2019-07-17
5.0
None Remote Low Not required None None Partial
The Squid Software Foundation Squid HTTP Caching Proxy version prior to version 4.0.23 contains a NULL Pointer Dereference vulnerability in HTTP Response X-Forwarded-For header processing that can result in Denial of Service to all clients of the proxy. This attack appear to be exploitable via Remote HTTP server responding with an X-Forwarded-For header to certain types of HTTP request. This vulnerability appears to have been fixed in 4.0.23 and later.
29 CVE-2018-1000026 20 2018-02-09 2020-10-15
6.8
None Remote Low ??? None None Complete
Linux Linux kernel version at least v4.8 onwards, probably well before contains a Insufficient input validation vulnerability in bnx2x network card driver that can result in DoS: Network card firmware assertion takes card off-line. This attack appear to be exploitable via An attacker on a must pass a very large, specially crafted packet to the bnx2x card. This can be done from an untrusted guest VM..
30 CVE-2018-1000025 732 2018-02-09 2019-10-03
6.8
None Remote Medium Not required Partial Partial Partial
Jerome Gamez Firebase Admin SDK for PHP version from 3.2.0 to 3.8.0 contains a Incorrect Access Control vulnerability in src/Firebase/Auth/IdTokenVerifier.php does not verify for token signature that can result in JWT with any email address and user ID could be forged from an actual token, or from thin air. This attack appear to be exploitable via Attacker would only need to know email address of the victim on most cases.. This vulnerability appears to have been fixed in 3.8.1.
31 CVE-2018-1000024 DoS 2018-02-09 2019-10-03
5.0
None Remote Low Not required None None Partial
The Squid Software Foundation Squid HTTP Caching Proxy version 3.0 to 3.5.27, 4.0 to 4.0.22 contains a Incorrect Pointer Handling vulnerability in ESI Response Processing that can result in Denial of Service for all clients using the proxy.. This attack appear to be exploitable via Remote server delivers an HTTP response payload containing valid but unusual ESI syntax.. This vulnerability appears to have been fixed in 4.0.23 and later.
32 CVE-2018-1000023 20 2018-02-09 2018-03-06
5.0
None Remote Low Not required Partial None None
Bitpay/insight-api Insight-api version 5.0.0 and earlier contains a CWE-20: input validation vulnerability in transaction broadcast endpoint that can result in Full Path Disclosure. This attack appear to be exploitable via Web request.
33 CVE-2018-1000021 20 2018-02-09 2018-03-06
6.8
None Remote Medium Not required Partial Partial Partial
GIT version 2.15.1 and earlier contains a Input Validation Error vulnerability in Client that can result in problems including messing up terminal configuration to RCE. This attack appear to be exploitable via The user must interact with a malicious git server, (or have their traffic modified in a MITM attack).
34 CVE-2018-1000019 78 2018-02-09 2018-03-01
9.0
None Remote Low ??? Complete Complete Complete
OpenEMR version 5.0.0 contains a OS Command Injection vulnerability in fax_dispatch.php that can result in OS command injection by an authenticated attacker with any role. This vulnerability appears to have been fixed in 5.0.0 Patch 2 or higher.
35 CVE-2018-7556 200 +Info 2018-02-28 2018-03-23
6.4
None Remote Low Not required Partial Partial None
LimeSurvey 2.6.x before 2.6.7, 2.7x.x before 2.73.1, and 3.x before 3.4.2 mishandles application/controller/InstallerController.php after installation, which allows remote attackers to access the configuration file.
36 CVE-2018-7554 416 DoS 2018-02-28 2019-03-01
7.5
None Remote Low Not required Partial Partial Partial
There is an invalid free in ReadImage in input-bmp.ci that leads to a Segmentation fault in sam2p 0.49.4. A crafted input will lead to a denial of service or possibly unspecified other impact.
37 CVE-2018-7553 787 DoS Overflow 2018-02-28 2020-08-24
7.5
None Remote Low Not required Partial Partial Partial
There is a heap-based buffer overflow in the pcxLoadRaster function of in_pcx.cpp in sam2p 0.49.4. A crafted input will lead to a denial of service or possibly unspecified other impact.
38 CVE-2018-7552 119 DoS Overflow 2018-02-28 2019-03-13
7.5
None Remote Low Not required Partial Partial Partial
There is an invalid free in Mapping::DoubleHash::clear in mapping.cpp that leads to a Segmentation fault in sam2p 0.49.4. A crafted input will lead to a denial of service or possibly unspecified other impact.
39 CVE-2018-7551 416 DoS 2018-02-28 2019-03-13
7.5
None Remote Low Not required Partial Partial Partial
There is an invalid free in MiniPS::delete0 in minips.cpp that leads to a Segmentation fault in sam2p 0.49.4. A crafted input will lead to a denial of service or possibly unspecified other impact.
40 CVE-2018-7549 20 2018-02-27 2019-03-04
5.0
None Remote Low Not required None None Partial
In params.c in zsh through 5.4.2, there is a crash during a copy of an empty hash table, as demonstrated by typeset -p.
41 CVE-2018-7548 476 2018-02-27 2019-03-05
7.5
None Remote Low Not required Partial Partial Partial
In subst.c in zsh through 5.4.2, there is a NULL pointer dereference when using ${(PA)...} on an empty array result.
42 CVE-2018-7541 DoS +Priv 2018-02-27 2019-10-03
6.1
None Local Low Not required Partial Partial Complete
An issue was discovered in Xen through 4.10.x allowing guest OS users to cause a denial of service (hypervisor crash) or gain privileges by triggering a grant-table transition from v2 to v1.
43 CVE-2018-7491 1021 2018-02-26 2020-08-24
5.0
None Remote Low Not required None Partial None
In PrestaShop through 1.7.2.5, a UI-Redressing/Clickjacking vulnerability was found that might lead to state-changing impact in the context of a user or an admin, because the generateHtaccess function in classes/Tools.php sets neither X-Frame-Options nor 'Content-Security-Policy "frame-ancestors' values.
44 CVE-2018-7490 22 Dir. Trav. 2018-02-26 2018-03-23
5.0
None Remote Low Not required Partial None None
uWSGI before 2.0.17 mishandles a DOCUMENT_ROOT check during use of the --php-docroot option, allowing directory traversal.
45 CVE-2018-7489 184 Exec Code Bypass 2018-02-26 2021-03-25
7.5
None Remote Low Not required Partial Partial Partial
FasterXML jackson-databind before 2.7.9.3, 2.8.x before 2.8.11.1 and 2.9.x before 2.9.5 allows unauthenticated remote code execution because of an incomplete fix for the CVE-2017-7525 deserialization flaw. This is exploitable by sending maliciously crafted JSON input to the readValue method of the ObjectMapper, bypassing a blacklist that is ineffective if the c3p0 libraries are available in the classpath.
46 CVE-2018-7487 787 DoS Overflow 2018-02-26 2020-08-24
6.8
None Remote Medium Not required Partial Partial Partial
There is a heap-based buffer overflow in the LoadPCX function of in_pcx.cpp in sam2p 0.49.4. A Crafted input will lead to a denial of service or possibly unspecified other impact.
47 CVE-2018-7486 22 Exec Code Dir. Trav. 2018-02-26 2019-10-03
6.5
None Remote Low ??? Partial Partial Partial
Blue River Mura CMS before v7.0.7029 supports inline function calls with an [m] tag and [/m] end tag, without proper restrictions on file types or pathnames, which allows remote attackers to execute arbitrary code via an [m]$.dspinclude("../pathname/executable.jpeg")[/m] approach, where executable.jpeg contains ColdFusion Markup Language code. This can be exploited in conjunction with a CKFinder feature that allows file upload.
48 CVE-2018-7485 119 DoS Overflow 2018-02-26 2019-08-06
7.5
None Remote Low Not required Partial Partial Partial
The SQLWriteFileDSN function in odbcinst/SQLWriteFileDSN.c in unixODBC 2.3.5 has strncpy arguments in the wrong order, which allows attackers to cause a denial of service or possibly have unspecified other impact.
49 CVE-2018-7484 426 2018-02-26 2018-03-17
9.3
None Remote Medium Not required Complete Complete Complete
An issue was discovered in PureVPN through 5.19.4.0 on Windows. The client installation grants the Everyone group Full Control permission to the installation directory. In addition, the PureVPNService.exe service, which runs under NT Authority\SYSTEM privileges, tries to load several dynamic-link libraries using relative paths instead of the absolute path. When not using a fully qualified path, the application will first try to load the library from the directory from which the application is started. As the residing directory of PureVPNService.exe is writable to all users, this makes the application susceptible to privilege escalation through DLL hijacking.
50 CVE-2018-7482 22 Dir. Trav. 2018-02-28 2018-03-23
5.0
None Remote Low Not required Partial None None
** DISPUTED ** The K2 component 2.8.0 for Joomla! has Incorrect Access Control with directory traversal, allowing an attacker to download arbitrary files, as demonstrated by a view=media&task=connector&cmd=file&target=l1_../configuration.php&download=1 request. The specific pathname ../configuration.php should be base64 encoded for a valid attack. NOTE: the vendor disputes this issue because only files under the media-manager path can be downloaded, and the documentation indicates that sensitive information does not belong there. Nonetheless, 2.8.1 has additional blocking of .php downloads.
Total number of vulnerabilities : 886   Page : 1 (This Page)2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.