CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
  What's the CVSS score of your company?
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities Published In July 2018 (CVSS score >= 7)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2018-1999022 94 Exec Code 2018-07-23 2018-10-03
7.5
None Remote Low Not required Partial Partial Partial
PEAR HTML_QuickForm version 3.2.14 contains an eval injection (CWE-95) vulnerability in HTML_QuickForm's getSubmitValue method, HTML_QuickForm's validate method, HTML_QuickForm_hierselect's _setOptions method, HTML_QuickForm_element's _findValue method, HTML_QuickForm_element's _prepareValue method. that can result in Possible information disclosure, possible impact on data integrity and execution of arbitrary code. This attack appear to be exploitable via A specially crafted query string could be utilised, e.g. http://www.example.com/admin/add_practice_type_id[1]=fubar%27])%20OR%20die(%27OOK!%27);%20//&mode=live. This vulnerability appears to have been fixed in 3.2.15.
2 CVE-2018-1999019 94 Exec Code 2018-07-23 2019-09-17
7.5
None Remote Low Not required Partial Partial Partial
Chamilo LMS version 11.x contains an Unserialization vulnerability in the "hash" GET parameter for the api endpoint located at /webservices/api/v2.php that can result in Unauthenticated remote code execution. This attack appear to be exploitable via a simple GET request to the api endpoint. This vulnerability appears to have been fixed in After commit 0de84700648f098c1fbf6b807dee28ec640efe62.
3 CVE-2018-1999018 20 Exec Code 2018-07-23 2018-09-20
8.5
None Remote Medium ??? Complete Complete Complete
Pydio version 8.2.1 and prior contains an Unvalidated user input leading to Remote Code Execution (RCE) vulnerability in plugins/action.antivirus/AntivirusScanner.php: Line 124, scanNow($nodeObject) that can result in An attacker gaining admin access and can then execute arbitrary commands on the underlying OS. This attack appear to be exploitable via The attacker edits the Antivirus Command in the antivirus plugin, and executes the payload by uploading any file within Pydio.
4 CVE-2018-1999012 835 2018-07-23 2019-10-03
7.1
None Remote Medium Not required None None Complete
FFmpeg before commit 9807d3976be0e92e4ece3b4b1701be894cd7c2e1 contains a CWE-835: Infinite loop vulnerability in pva format demuxer that can result in a Vulnerability that allows attackers to consume excessive amount of resources like CPU and RAM. This attack appear to be exploitable via specially crafted PVA file has to be provided as input. This vulnerability appears to have been fixed in 9807d3976be0e92e4ece3b4b1701be894cd7c2e1 and later.
5 CVE-2018-1999010 125 2018-07-23 2019-03-27
7.5
None Remote Low Not required Partial Partial Partial
FFmpeg before commit cced03dd667a5df6df8fd40d8de0bff477ee02e8 contains multiple out of array access vulnerabilities in the mms protocol that can result in attackers accessing out of bound data. This attack appear to be exploitable via network connectivity. This vulnerability appears to have been fixed in cced03dd667a5df6df8fd40d8de0bff477ee02e8 and later.
6 CVE-2018-1000618 674 Overflow 2018-07-09 2020-08-24
7.5
None Remote Low Not required Partial Partial Partial
EOSIO/eos eos version after commit f1545dd0ae2b77580c2236fdb70ae7138d2c7168 contains a stack overflow vulnerability in abi_serializer that can result in attack eos network node. This attack appear to be exploitable via network request. This vulnerability appears to have been fixed in after commit cf7209e703e6d3f7a5413e0cb1fe88a4d8e4b38d .
7 CVE-2018-1000616 611 2018-07-09 2018-09-04
7.5
None Remote Low Not required Partial Partial Partial
ONOS ONOS controller version 1.13.1 and earlier contains a XML External Entity (XXE) vulnerability in onos\drivers\utilities\src\main\java\org\onosproject\drivers\utilities\XmlConfigParser.java loadxml() that can result in An adversary can remotely launch XXE attacks on ONOS controller via an OpenConfig Terminal Device.. This attack appear to be exploitable via network connectivity.
8 CVE-2018-1000614 611 2018-07-09 2018-09-04
7.5
None Remote Low Not required Partial Partial Partial
ONOS ONOS Controller version 1.13.1 and earlier contains a XML External Entity (XXE) vulnerability in providers/netconf/alarm/src/main/java/org/onosproject/provider/netconf/alarm/NetconfAlarmTranslator.java that can result in An adversary can remotely launch advanced XXE attacks on ONOS controller without authentication.. This attack appear to be exploitable via crafted protocol message.
9 CVE-2018-1000613 502 Exec Code 2018-07-09 2022-01-14
7.5
None Remote Low Not required Partial Partial Partial
Legion of the Bouncy Castle Legion of the Bouncy Castle Java Cryptography APIs 1.58 up to but not including 1.60 contains a CWE-470: Use of Externally-Controlled Input to Select Classes or Code ('Unsafe Reflection') vulnerability in XMSS/XMSS^MT private key deserialization that can result in Deserializing an XMSS/XMSS^MT private key can result in the execution of unexpected code. This attack appear to be exploitable via A handcrafted private key can include references to unexpected classes which will be picked up from the class path for the executing application. This vulnerability appears to have been fixed in 1.60 and later.
10 CVE-2018-14767 20 DoS Exec Code 2018-07-31 2018-10-04
7.5
None Remote Low Not required Partial Partial Partial
In Kamailio before 5.0.7 and 5.1.x before 5.1.4, a crafted SIP message with a double "To" header and an empty "To" tag causes a segmentation fault and crash. The reason is missing input validation in the "build_res_buf_from_sip_req" core function. This could result in denial of service and potentially the execution of arbitrary code.
11 CVE-2018-14744 416 2018-07-30 2018-09-26
7.5
None Remote Low Not required Partial Partial Partial
An issue was discovered in libpbc.a in cloudwu PBC through 2017-03-02. A use-after-free can occur in _pbcM_sp_query in map.c.
12 CVE-2018-14678 665 DoS +Priv 2018-07-28 2019-10-03
7.2
None Local Low Not required Complete Complete Complete
An issue was discovered in the Linux kernel through 4.17.11, as used in Xen through 4.11.x. The xen_failsafe_callback entry point in arch/x86/entry/entry_64.S does not properly maintain RBX, which allows local users to cause a denial of service (uninitialized memory usage and system crash). Within Xen, 64-bit x86 PV Linux guest OS users can trigger a guest OS crash or possibly gain privileges.
13 CVE-2018-14617 476 2018-07-27 2019-08-13
7.1
None Remote Medium Not required None None Complete
An issue was discovered in the Linux kernel through 4.17.10. There is a NULL pointer dereference and panic in hfsplus_lookup() in fs/hfsplus/dir.c when opening a file (that is purportedly a hard link) in an hfs+ filesystem that has malformed catalog data, and is mounted read-only without a metadata directory.
14 CVE-2018-14616 476 2018-07-27 2019-04-03
7.1
None Remote Medium Not required None None Complete
An issue was discovered in the Linux kernel through 4.17.10. There is a NULL pointer dereference in fscrypt_do_page_crypto() in fs/crypto/crypto.c when operating on a file in a corrupted f2fs image.
15 CVE-2018-14615 119 Overflow 2018-07-27 2019-08-13
7.1
None Remote Medium Not required None None Complete
An issue was discovered in the Linux kernel through 4.17.10. There is a buffer overflow in truncate_inline_inode() in fs/f2fs/inline.c when umounting an f2fs image, because a length value may be negative.
16 CVE-2018-14614 476 2018-07-27 2019-04-03
7.1
None Remote Medium Not required None None Complete
An issue was discovered in the Linux kernel through 4.17.10. There is an out-of-bounds access in __remove_dirty_segment() in fs/f2fs/segment.c when mounting an f2fs image.
17 CVE-2018-14613 476 2018-07-27 2021-06-14
7.1
None Remote Medium Not required None None Complete
An issue was discovered in the Linux kernel through 4.17.10. There is an invalid pointer dereference in io_ctl_map_page() when mounting and operating a crafted btrfs image, because of a lack of block group item validation in check_leaf_item in fs/btrfs/tree-checker.c.
18 CVE-2018-14612 476 2018-07-27 2020-06-10
7.1
None Remote Medium Not required None None Complete
An issue was discovered in the Linux kernel through 4.17.10. There is an invalid pointer dereference in btrfs_root_node() when mounting a crafted btrfs image, because of a lack of chunk block group mapping validation in btrfs_read_block_groups in fs/btrfs/extent-tree.c, and a lack of empty-tree checks in check_leaf in fs/btrfs/tree-checker.c.
19 CVE-2018-14611 416 2018-07-27 2020-06-10
7.1
None Remote Medium Not required None None Complete
An issue was discovered in the Linux kernel through 4.17.10. There is a use-after-free in try_merge_free_space() when mounting a crafted btrfs image, because of a lack of chunk type flag checks in btrfs_check_chunk_valid in fs/btrfs/volumes.c.
20 CVE-2018-14610 125 2018-07-27 2020-06-10
7.1
None Remote Medium Not required None None Complete
An issue was discovered in the Linux kernel through 4.17.10. There is out-of-bounds access in write_extent_buffer() when mounting and operating a crafted btrfs image, because of a lack of verification that each block group has a corresponding chunk at mount time, within btrfs_read_block_groups in fs/btrfs/extent-tree.c.
21 CVE-2018-14609 476 2018-07-27 2019-08-13
7.1
None Remote Medium Not required None None Complete
An issue was discovered in the Linux kernel through 4.17.10. There is an invalid pointer dereference in __del_reloc_root() in fs/btrfs/relocation.c when mounting a crafted btrfs image, related to removing reloc rb_trees when reloc control has not been initialized.
22 CVE-2018-14579 94 Exec Code +Info 2018-07-24 2018-09-20
7.5
None Remote Low Not required Partial Partial Partial
GolemCMS through 2008-12-24, if the install/ directory remains active after an installation, allows remote attackers to execute arbitrary PHP code by inserting this code into the "Database Information" "Table prefix" form field, or obtain sensitive information via a direct request for install/install.sql.
23 CVE-2018-14565 125 2018-07-23 2019-10-03
7.5
None Remote Low Not required Partial Partial Partial
An issue was discovered in libthulac.so in THULAC through 2018-02-25. A heap-based buffer over-read can occur in NGramFeature::find_bases in include/cb_ngram_feature.h.
24 CVE-2018-14564 119 Overflow 2018-07-23 2018-09-20
7.5
None Remote Low Not required Partial Partial Partial
An issue was discovered in libthulac.so in THULAC through 2018-02-25. A SEGV can occur in NGramFeature::find_bases in include/cb_ngram_feature.h.
25 CVE-2018-14563 119 Overflow Mem. Corr. 2018-07-23 2018-09-20
7.5
None Remote Low Not required Partial Partial Partial
An issue was discovered in libthulac.so in THULAC through 2018-02-25. "operator delete" is used with "operator new[]" in the TaggingLearner class in include/cb_tagging_learner.h, possibly leading to memory corruption.
26 CVE-2018-14562 476 2018-07-23 2018-09-20
7.5
None Remote Low Not required Partial Partial Partial
An issue was discovered in libthulac.so in THULAC through 2018-02-25. A NULL pointer dereference can occur in the BasicModel class in include/cb_model.h.
27 CVE-2018-14551 787 Mem. Corr. 2018-07-23 2020-08-24
7.5
None Remote Low Not required Partial Partial Partial
The ReadMATImageV4 function in coders/mat.c in ImageMagick 7.0.8-7 uses an uninitialized variable, leading to memory corruption.
28 CVE-2018-14533 +Priv 2018-07-31 2019-10-03
7.2
None Local Low Not required Complete Complete Complete
read_tmp and write_tmp in Inteno IOPSYS allow attackers to gain privileges after writing to /tmp/etc/smb.conf because /var is a symlink to /tmp.
29 CVE-2018-14532 125 2018-07-23 2019-10-03
7.5
None Remote Low Not required Partial Partial Partial
An issue was discovered in Bento4 1.5.1-624. There is a heap-based buffer over-read in AP4_Mpeg2TsVideoSampleStream::WriteSample in Core/Ap4Mpeg2Ts.cpp after a call from Mp42Hls.cpp, a related issue to CVE-2018-13846.
30 CVE-2018-14531 119 Overflow 2018-07-23 2018-09-19
7.5
None Remote Low Not required Partial Partial Partial
An issue was discovered in Bento4 1.5.1-624. There is an unspecified "heap-buffer-overflow" crash in the AP4_HvccAtom class in Core/Ap4HvccAtom.cpp.
31 CVE-2018-14515 89 Sql 2018-07-23 2018-09-14
7.5
None Remote Low Not required Partial Partial Partial
A SQL injection was discovered in WUZHI CMS 4.1.0 that allows remote attackers to inject a malicious SQL statement via the index.php?m=promote&f=index&v=search keywords parameter.
32 CVE-2018-14514 918 2018-07-23 2018-09-17
7.5
None Remote Low Not required Partial Partial Partial
An SSRF vulnerability was discovered in idreamsoft iCMS V7.0.9 that allows attackers to read sensitive files, access an intranet, or possibly have unspecified other impact.
33 CVE-2018-14501 89 Sql 2018-07-22 2018-09-17
7.5
None Remote Low Not required Partial Partial Partial
manager/admin_ajax.php in joyplus-cms 1.6.0 has SQL Injection, as demonstrated by crafted POST data beginning with an "m_id=1 AND SLEEP(5)" substring.
34 CVE-2018-14442 416 Exec Code 2018-07-20 2018-09-17
7.5
None Remote Low Not required Partial Partial Partial
Foxit Reader before 9.2 and PhantomPDF before 9.2 have a Use-After-Free that leads to Remote Code Execution, aka V-88f4smlocs.
35 CVE-2018-14441 434 2018-07-20 2018-09-14
7.5
None Remote Low Not required Partial Partial Partial
An issue was discovered in cckevincyh SSH CompanyWebsite through 2018-05-03. admin/admin/fileUploadAction_fileUpload.action allows arbitrary file upload, as demonstrated by a .jsp file with the image/jpeg content type.
36 CVE-2018-14440 89 Sql 2018-07-20 2018-09-14
7.5
None Remote Low Not required Partial Partial Partial
An issue was discovered in cckevincyh SSH CompanyWebsite through 2018-05-03. SQL injection exists via the admin/noticeManageAction_queryNotice.action noticeInfo parameter.
37 CVE-2018-14418 89 Sql 2018-07-20 2018-09-17
7.5
None Remote Low Not required Partial Partial Partial
In Msvod Cms v10, SQL Injection exists via an images/lists?cid= URI.
38 CVE-2018-14403 704 2018-07-19 2019-11-17
7.5
None Remote Low Not required Partial Partial Partial
MP4NameFirstMatches in mp4util.cpp in MP4v2 2.0.0 mishandles substrings of atom names, leading to use of an inappropriate data type for associated atoms. The resulting type confusion can cause out-of-bounds memory access.
39 CVE-2018-14399 94 Exec Code 2018-07-19 2018-09-17
7.5
None Remote Low Not required Partial Partial Partial
libs\classes\attachment.class.php in PHPCMS 9.6.0 allows remote attackers to upload and execute arbitrary PHP code via a .txt?.php#.jpg URI in the SRC attribute of an IMG element within info[content] JSON data to the index.php?m=member&c=index&a=register URI.
40 CVE-2018-14389 89 Sql 2018-07-18 2018-09-12
7.5
None Remote Low Not required Partial Partial Partial
joyplus-cms 1.6.0 has SQL Injection via the manager/admin_ajax.php val parameter.
41 CVE-2018-14368 835 2018-07-19 2020-03-20
7.8
None Remote Low Not required None None Complete
In Wireshark 2.6.0 to 2.6.1, 2.4.0 to 2.4.7, and 2.2.0 to 2.2.15, the Bazaar protocol dissector could go into an infinite loop. This was addressed in epan/dissectors/packet-bzr.c by properly handling items that are too long.
42 CVE-2018-14364 22 Exec Code Dir. Trav. 2018-07-18 2018-09-15
7.5
None Remote Low Not required Partial Partial Partial
GitLab Community and Enterprise Edition before 10.7.7, 10.8.x before 10.8.6, and 11.x before 11.0.4 allows Directory Traversal with write access and resultant remote code execution via the GitLab projects import component.
43 CVE-2018-14362 119 Overflow 2018-07-17 2020-05-19
7.5
None Remote Low Not required Partial Partial Partial
An issue was discovered in Mutt before 1.10.1 and NeoMutt before 2018-07-16. pop.c does not forbid characters that may have unsafe interaction with message-cache pathnames, as demonstrated by a '/' character.
44 CVE-2018-14361 20 2018-07-17 2020-05-19
7.5
None Remote Low Not required Partial Partial Partial
An issue was discovered in NeoMutt before 2018-07-16. nntp.c proceeds even if memory allocation fails for messages data.
45 CVE-2018-14360 787 Overflow 2018-07-17 2020-05-19
7.5
None Remote Low Not required Partial Partial Partial
An issue was discovered in NeoMutt before 2018-07-16. nntp_add_group in newsrc.c has a stack-based buffer overflow because of incorrect sscanf usage.
46 CVE-2018-14359 120 Overflow 2018-07-17 2020-05-19
7.5
None Remote Low Not required Partial Partial Partial
An issue was discovered in Mutt before 1.10.1 and NeoMutt before 2018-07-16. They have a buffer overflow via base64 data.
47 CVE-2018-14358 787 Overflow 2018-07-17 2020-05-20
7.5
None Remote Low Not required Partial Partial Partial
An issue was discovered in Mutt before 1.10.1 and NeoMutt before 2018-07-16. imap/message.c has a stack-based buffer overflow for a FETCH response with a long RFC822.SIZE field.
48 CVE-2018-14357 78 Exec Code 2018-07-17 2020-08-24
7.5
None Remote Low Not required Partial Partial Partial
An issue was discovered in Mutt before 1.10.1 and NeoMutt before 2018-07-16. They allow remote IMAP servers to execute arbitrary commands via backquote characters, related to the mailboxes command associated with an automatic subscription.
49 CVE-2018-14356 824 2018-07-17 2020-05-20
7.5
None Remote Low Not required Partial Partial Partial
An issue was discovered in Mutt before 1.10.1 and NeoMutt before 2018-07-16. pop.c mishandles a zero-length UID.
50 CVE-2018-14354 78 Exec Code 2018-07-17 2020-08-24
7.5
None Remote Low Not required Partial Partial Partial
An issue was discovered in Mutt before 1.10.1 and NeoMutt before 2018-07-16. They allow remote IMAP servers to execute arbitrary commands via backquote characters, related to the mailboxes command associated with a manual subscription or unsubscription.
Total number of vulnerabilities : 386   Page : 1 (This Page)2 3 4 5 6 7 8
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.