CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
  What's the CVSS score of your company?
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities Published In June 2018 (CVSS score >= 7)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2018-1000550 22 Dir. Trav. 2018-06-26 2020-08-04
7.5
None Remote Low Not required Partial Partial Partial
The Sympa Community Sympa version prior to version 6.2.32 contains a Directory Traversal vulnerability in wwsympa.fcgi template editing function that can result in Possibility to create or modify files on the server filesystem. This attack appear to be exploitable via HTTP GET/POST request. This vulnerability appears to have been fixed in 6.2.32.
2 CVE-2018-1000544 59 Dir. Trav. 2018-06-26 2020-08-24
7.5
None Remote Low Not required Partial Partial Partial
rubyzip gem rubyzip version 1.2.1 and earlier contains a Directory Traversal vulnerability in Zip::File component that can result in write arbitrary files to the filesystem. This attack appear to be exploitable via If a site allows uploading of .zip files , an attacker can upload a malicious file that contains symlinks or files with absolute pathnames "../" to write arbitrary files to the filesystem..
3 CVE-2018-1000537 119 Exec Code Overflow 2018-06-26 2018-08-31
7.5
None Remote Low Not required Partial Partial Partial
Marlin Firmware Marlin version 1.1.x and earlier contains a Buffer Overflow vulnerability in cardreader.cpp (Depending on branch/version) that can result in Arbitrary code execution. This attack appear to be exploitable via Crafted G-Code instruction/file is sent to the printer.
4 CVE-2018-1000533 20 Exec Code 2018-06-26 2021-09-09
7.5
None Remote Low Not required Partial Partial Partial
klaussilveira GitList version <= 0.6 contains a Passing incorrectly sanitized input to system function vulnerability in `searchTree` function that can result in Execute any code as PHP user. This attack appear to be exploitable via Send POST request using search form. This vulnerability appears to have been fixed in 0.7 after commit 87b8c26b023c3fc37f0796b14bb13710f397b322.
5 CVE-2018-1000525 502 Exec Code 2018-06-26 2020-08-24
7.5
None Remote Low Not required Partial Partial Partial
openpsa contains a PHP Object Injection vulnerability in Form data passed as GET request variables that can result in Possible information disclosure and remote code execution. This attack appear to be exploitable via Specially crafted GET request variable containing serialised PHP object. This vulnerability appears to have been fixed in after commit 097eae0.
6 CVE-2018-1000517 120 Overflow 2018-06-26 2021-02-18
7.5
None Remote Low Not required Partial Partial Partial
BusyBox project BusyBox wget version prior to commit 8e2174e9bd836e53c8b9c6e00d1bc6e2a718686e contains a Buffer Overflow vulnerability in Busybox wget that can result in heap buffer overflow. This attack appear to be exploitable via network connectivity. This vulnerability appears to have been fixed in after commit 8e2174e9bd836e53c8b9c6e00d1bc6e2a718686e.
7 CVE-2018-1000504 601 File Inclusion 2018-06-26 2018-09-04
9.0
None Remote Low ??? Complete Complete Complete
Redirection version 2.7.3 contains a ACE via file inclusion vulnerability in Pass-through mode that can result in allows admins to execute any PHP file in the filesystem. This attack appear to be exploitable via Attacker must be have access to an admin account on the target site. This vulnerability appears to have been fixed in 2.8.
8 CVE-2018-1000501 640 2018-06-26 2018-08-30
7.5
None Remote Low Not required Partial Partial Partial
Instant Update CMS contains a Password Reset Vulnerability vulnerability in /iu-application/controllers/administration/auth.php that can result in Account Tackover. This attack appear to be exploitable via network connectivity. This vulnerability appears to have been fixed in v0.3.3.
9 CVE-2018-13026 125 2018-06-30 2019-10-03
7.5
None Remote Low Not required Partial Partial Partial
An issue was discovered in gpmf-parser 1.1.2. There is a heap-based buffer over-read in GPMF_parser.c in the function GPMF_Type.
10 CVE-2018-13021 434 Exec Code 2018-06-29 2018-08-21
9.0
None Remote Low ??? Complete Complete Complete
An issue was discovered in HongCMS 3.0.0. There is an Arbitrary Script File Upload issue that can result in PHP code execution via the admin/index.php/template/upload URI.
11 CVE-2018-13011 125 2018-06-29 2018-08-21
7.5
None Remote Low Not required Partial Partial Partial
An issue was discovered in gpmf-parser 1.1.2. There is a heap-based buffer over-read in GPMF_parser.c in the function GPMF_Validate.
12 CVE-2018-13009 125 2018-06-29 2018-08-21
7.5
None Remote Low Not required Partial Partial Partial
An issue was discovered in gpmf-parser 1.1.2. There is a heap-based buffer over-read in GPMF_parser.c in the function GPMF_Next, related to certain checks for GPMF_KEY_END and nest_level (conditional on a buffer_size_longs check).
13 CVE-2018-13008 125 2018-06-29 2018-08-21
7.5
None Remote Low Not required Partial Partial Partial
An issue was discovered in gpmf-parser 1.1.2. There is a heap-based buffer over-read in GPMF_parser.c in the function GPMF_Next, related to certain checks for a positive nest_level.
14 CVE-2018-13007 125 2018-06-29 2018-08-21
7.5
None Remote Low Not required Partial Partial Partial
An issue was discovered in gpmf-parser 1.1.2. There is a heap-based buffer over-read in GPMF_parser.c in the function GPMF_Next, related to certain checks for GPMF_KEY_END and nest_level (not conditional on a buffer_size_longs check).
15 CVE-2018-13006 125 2018-06-29 2019-03-29
7.5
None Remote Low Not required Partial Partial Partial
An issue was discovered in MP4Box in GPAC 0.7.1. There is a heap-based buffer over-read in the isomedia/box_dump.c function hdlr_dump.
16 CVE-2018-13005 125 2018-06-29 2019-03-29
7.5
None Remote Low Not required Partial Partial Partial
An issue was discovered in MP4Box in GPAC 0.7.1. The function urn_Read in isomedia/box_code_base.c has a heap-based buffer over-read.
17 CVE-2018-12984 287 Bypass 2018-06-29 2018-08-20
7.5
None Remote Low Not required Partial Partial Partial
Hycus CMS 1.0.4 allows Authentication Bypass via "'=' 'OR'" credentials.
18 CVE-2018-12972 78 Exec Code 2018-06-29 2019-10-03
7.5
None Remote Low Not required Partial Partial Partial
An issue was discovered in OpenTSDB 2.3.0. Many parameters to the /q URI can execute commands, including o, key, style, and yrange and y2range and their JSON input.
19 CVE-2018-12933 787 DoS 2018-06-28 2018-08-17
7.5
None Remote Low Not required Partial Partial Partial
PlayEnhMetaFileRecord in enhmetafile.c in Wine 3.7 allows attackers to cause a denial of service (out-of-bounds write) or possibly have unspecified other impact because the attacker controls the pCreatePen->ihPen array index.
20 CVE-2018-12932 787 DoS Overflow 2018-06-28 2020-08-24
7.5
None Remote Low Not required Partial Partial Partial
PlayEnhMetaFileRecord in enhmetafile.c in Wine 3.7 allows attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact by triggering a large pAlphaBlend->cbBitsSrc value.
21 CVE-2018-12931 787 DoS 2018-06-28 2019-03-26
7.2
None Local Low Not required Complete Complete Complete
ntfs_attr_find in the ntfs.ko filesystem driver in the Linux kernel 4.15.0 allows attackers to trigger a stack-based out-of-bounds write and cause a denial of service (kernel oops or panic) or possibly have unspecified other impact via a crafted ntfs filesystem.
22 CVE-2018-12930 787 DoS 2018-06-28 2019-03-26
7.2
None Local Low Not required Complete Complete Complete
ntfs_end_buffer_async_read in the ntfs.ko filesystem driver in the Linux kernel 4.15.0 allows attackers to trigger a stack-based out-of-bounds write and cause a denial of service (kernel oops or panic) or possibly have unspecified other impact via a crafted ntfs filesystem.
23 CVE-2018-12925 521 2018-06-28 2019-10-03
10.0
None Remote Low Not required Complete Complete Complete
Baseon Lantronix MSS devices do not require a password for TELNET access.
24 CVE-2018-12924 798 2018-06-28 2018-08-24
10.0
None Remote Low Not required Complete Complete Complete
Sollae Serial-Ethernet-Module and Remote-I/O-Device-Server devices have a default password of sollae for the TELNET service.
25 CVE-2018-12918 119 Overflow 2018-06-27 2020-03-16
7.5
None Remote Low Not required Partial Partial Partial
In libpbc.a in PBC through 2017-03-02, there is a Segmentation fault in _pbcB_register_fields in bootstrap.c.
26 CVE-2018-12917 125 2018-06-27 2019-10-03
7.5
None Remote Low Not required Partial Partial Partial
In libpbc.a in PBC through 2017-03-02, there is a heap-based buffer over-read in _pbcM_ip_new in map.c.
27 CVE-2018-12916 119 Overflow 2018-06-27 2018-08-17
7.5
None Remote Low Not required Partial Partial Partial
In libpbc.a in PBC through 2017-03-02, there is a Segmentation fault in _pbcP_message_default in proto.c.
28 CVE-2018-12915 125 2018-06-27 2019-10-03
7.5
None Remote Low Not required Partial Partial Partial
In libpbc.a in PBC through 2017-03-02, there is a buffer over-read in calc_hash in map.c.
29 CVE-2018-12914 434 Exec Code Dir. Trav. 2018-06-27 2018-08-20
7.5
None Remote Low Not required Partial Partial Partial
A remote code execution issue was discovered in PublicCMS V4.0.20180210. An attacker can upload a ZIP archive that contains a .jsp file with a directory traversal pathname. After an unzip operation, the attacker can execute arbitrary code by visiting a .jsp URI.
30 CVE-2018-12909 22 Dir. Trav. 2018-06-27 2018-08-24
7.8
None Remote Low Not required Complete None None
** DISPUTED ** Webgrind 1.5 relies on user input to display a file, which lets anyone view files from the local filesystem (that the webserver user has access to) via an index.php?op=fileviewer&file= URI. NOTE: the vendor indicates that the product is not intended for a "publicly accessible environment."
31 CVE-2018-12889 787 Overflow Mem. Corr. 2018-06-26 2020-08-24
7.5
None Remote Low Not required Partial Partial Partial
An issue was discovered in CCN-lite 2.0.1. There is a heap-based buffer overflow in mkAddToRelayCacheRequest and in ccnl_populate_cache for an array lacking '\0' termination when reading a binary CCNx or NDN file. This can result in Heap Corruption. This was addressed by fixing the memory management in mkAddToRelayCacheRequest in ccn-lite-ctrl.c.
32 CVE-2018-12882 416 2018-06-26 2019-03-12
7.5
None Remote Low Not required Partial Partial Partial
exif_read_from_impl in ext/exif/exif.c in PHP 7.2.x through 7.2.7 allows attackers to trigger a use-after-free (in exif_read_from_file) because it closes a stream that it is not responsible for closing. The vulnerable code is reachable through the PHP exif_read_data function.
33 CVE-2018-12714 787 DoS 2018-06-24 2018-08-21
10.0
None Remote Low Not required Complete Complete Complete
An issue was discovered in the Linux kernel through 4.17.2. The filter parsing in kernel/trace/trace_events_filter.c could be called with no filter, which is an N=0 case when it expected at least one line to have been read, thus making the N-1 index invalid. This allows attackers to cause a denial of service (slab out-of-bounds write) or possibly have unspecified other impact via crafted perf_event_open and mmap system calls.
34 CVE-2018-12706 119 Overflow 2018-06-24 2018-08-30
7.5
None Remote Low Not required Partial Partial Partial
DIGISOL DG-BR4000NG devices have a Buffer Overflow via a long Authorization HTTP header.
35 CVE-2018-12699 787 DoS Overflow 2018-06-23 2019-08-03
7.5
None Remote Low Not required Partial Partial Partial
finish_stab in stabs.c in GNU Binutils 2.30 allows attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact, as demonstrated by an out-of-bounds write of 8 bytes. This can occur during execution of objdump.
36 CVE-2018-12694 20 DoS 2018-06-23 2018-08-24
7.8
None Remote Low Not required None None Complete
TP-Link TL-WA850RE Wi-Fi Range Extender with hardware version 5 allows remote attackers to cause a denial of service (reboot) via data/reboot.json.
37 CVE-2018-12689 2018-06-22 2020-11-16
7.5
None Remote Low Not required Partial Partial Partial
phpLDAPadmin 1.2.2 allows LDAP injection via a crafted server_id parameter in a cmd.php?cmd=login_form request, or a crafted username and password in the login panel.
38 CVE-2018-12688 20 2018-06-22 2018-08-10
7.5
None Remote Low Not required Partial Partial Partial
tinyexr 0.9.5 has a segmentation fault in the wav2Decode function.
39 CVE-2018-12678 918 Bypass 2018-06-22 2018-08-13
7.5
None Remote Low Not required Partial Partial Partial
Portainer before 1.18.0 supports unauthenticated requests to the websocket endpoint with an unvalidated id query parameter for the /websocket/exec endpoint, which allows remote attackers to bypass intended access restrictions or conduct SSRF attacks.
40 CVE-2018-12640 119 Overflow 2018-06-23 2021-06-22
7.5
None Remote Low Not required Partial Partial Partial
The webService binary on Insteon HD IP Camera White 2864-222 devices has a Buffer Overflow via a crafted pid, pwd, or usr key in a GET request on port 34100.
41 CVE-2018-12630 89 Sql 2018-06-21 2018-08-10
7.5
None Remote Low Not required Partial Partial Partial
NEWMARK (aka New Mark) NMCMS 2.1 allows SQL Injection via the sect_id parameter to the /catalog URI.
42 CVE-2018-12601 787 DoS Overflow 2018-06-20 2020-08-24
7.5
None Remote Low Not required Partial Partial Partial
There is a heap-based buffer overflow in ReadImage in input-tga.ci in sam2p 0.49.4 that leads to a denial of service or possibly unspecified other impact.
43 CVE-2018-12591 78 Exec Code 2018-06-20 2018-08-13
9.0
None Remote Low ??? Complete Complete Complete
Ubiquiti Networks EdgeSwitch version 1.7.3 and prior suffer from an improperly neutralized element in an OS command due to lack of protection on the admin CLI, leading to code execution and privilege escalation greater than administrators themselves are allowed. An attacker with access to an admin account could escape the restricted CLI and execute arbitrary shell instructions.
44 CVE-2018-12590 134 Exec Code 2018-06-20 2020-02-13
9.0
None Remote Low ??? Complete Complete Complete
Ubiquiti Networks EdgeSwitch version 1.7.3 and prior suffer from an externally controlled format-string vulnerability due to lack of protection on the admin CLI, leading to code execution and privilege escalation greater than administrators themselves are allowed. An attacker with access to an admin account could escape the restricted CLI and execute arbitrary code.
45 CVE-2018-12578 787 DoS Overflow 2018-06-19 2020-08-24
7.5
None Remote Low Not required Partial Partial Partial
There is a heap-based buffer overflow in bmp_compress1_row in appliers.cpp in sam2p 0.49.4 that leads to a denial of service or possibly unspecified other impact.
46 CVE-2018-12562 20 2018-06-19 2018-08-10
7.5
None Remote Low Not required Partial Partial Partial
An issue was discovered in the cantata-mounter D-Bus service in Cantata through 2.3.1. The wrapper script 'mount.cifs.wrapper' uses the shell to forward the arguments to the actual mount.cifs binary. The shell evaluates wildcards (such as in an injected string:/home/../tmp/* string).
47 CVE-2018-12534 89 Sql 2018-06-18 2018-08-08
7.5
None Remote Low Not required Partial Partial Partial
A SQL injection issue was discovered in the Quick Chat plugin before 4.00 for WordPress.
48 CVE-2018-12533 917 Exec Code 2018-06-18 2020-08-24
7.5
None Remote Low Not required Partial Partial Partial
JBoss RichFaces 3.1.0 through 3.3.4 allows unauthenticated remote attackers to inject expression language (EL) expressions and execute arbitrary Java code via a /DATA/ substring in a path with an org.richfaces.renderkit.html.Paint2DResource$ImageData object, aka RF-14310.
49 CVE-2018-12532 917 Exec Code 2018-06-18 2020-08-24
7.5
None Remote Low Not required Partial Partial Partial
JBoss RichFaces 4.5.3 through 4.5.17 allows unauthenticated remote attackers to inject an arbitrary expression language (EL) variable mapper and execute arbitrary Java code via a MediaOutputResource's resource request, aka RF-14309.
50 CVE-2018-12531 94 2018-06-18 2018-08-13
7.5
None Remote Low Not required Partial Partial Partial
An issue was discovered in MetInfo 6.0.0. install\index.php allows remote attackers to write arbitrary PHP code into config_db.php, a different vulnerability than CVE-2018-7271.
Total number of vulnerabilities : 486   Page : 1 (This Page)2 3 4 5 6 7 8 9 10
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.