CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
  Take a third party risk management course for FREE
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities Published In September 2018

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
551 CVE-2018-15967 200 +Info 2018-09-25 2019-10-03
5.0
None Remote Low Not required Partial None None
Adobe Flash Player versions 30.0.0.154 and earlier have a privilege escalation vulnerability. Successful exploitation could lead to information disclosure.
552 CVE-2018-15965 502 Exec Code 2018-09-25 2020-09-04
10.0
None Remote Low Not required Complete Complete Complete
Adobe ColdFusion versions July 12 release (2018.0.0.310739), Update 6 and earlier, and Update 14 and earlier have a deserialization of untrusted data vulnerability. Successful exploitation could lead to arbitrary code execution.
553 CVE-2018-15964 200 +Info 2018-09-25 2020-09-04
5.0
None Remote Low Not required Partial None None
Adobe ColdFusion versions July 12 release (2018.0.0.310739), Update 6 and earlier, and Update 14 and earlier have a use of a component with a known vulnerability vulnerability. Successful exploitation could lead to information disclosure.
554 CVE-2018-15963 Bypass 2018-09-25 2020-09-04
5.0
None Remote Low Not required None Partial None
Adobe ColdFusion versions July 12 release (2018.0.0.310739), Update 6 and earlier, and Update 14 and earlier have a security bypass vulnerability. Successful exploitation could lead to arbitrary folder creation.
555 CVE-2018-15962 200 +Info 2018-09-25 2020-09-04
5.0
None Remote Low Not required Partial None None
Adobe ColdFusion versions July 12 release (2018.0.0.310739), Update 6 and earlier, and Update 14 and earlier have a directory listing vulnerability. Successful exploitation could lead to information disclosure.
556 CVE-2018-15961 434 Exec Code 2018-09-25 2020-09-04
10.0
None Remote Low Not required Complete Complete Complete
Adobe ColdFusion versions July 12 release (2018.0.0.310739), Update 6 and earlier, and Update 14 and earlier have an unrestricted file upload vulnerability. Successful exploitation could lead to arbitrary code execution.
557 CVE-2018-15960 20 2018-09-25 2020-09-04
6.4
None Remote Low Not required None Partial Partial
Adobe ColdFusion versions July 12 release (2018.0.0.310739), Update 6 and earlier, and Update 14 and earlier have a use of a component with a known vulnerability vulnerability. Successful exploitation could lead to arbitrary file overwrite.
558 CVE-2018-15959 502 Exec Code 2018-09-25 2020-09-04
10.0
None Remote Low Not required Complete Complete Complete
Adobe ColdFusion versions July 12 release (2018.0.0.310739), Update 6 and earlier, and Update 14 and earlier have a deserialization of untrusted data vulnerability. Successful exploitation could lead to arbitrary code execution.
559 CVE-2018-15958 502 Exec Code 2018-09-25 2020-09-04
10.0
None Remote Low Not required Complete Complete Complete
Adobe ColdFusion versions July 12 release (2018.0.0.310739), Update 6 and earlier, and Update 14 and earlier have a deserialization of untrusted data vulnerability. Successful exploitation could lead to arbitrary code execution.
560 CVE-2018-15957 502 Exec Code 2018-09-25 2020-09-04
10.0
None Remote Low Not required Complete Complete Complete
Adobe ColdFusion versions July 12 release (2018.0.0.310739), Update 6 and earlier, and Update 14 and earlier have a deserialization of untrusted data vulnerability. Successful exploitation could lead to arbitrary code execution.
561 CVE-2018-15918 89 Sql 2018-09-05 2018-11-05
5.5
None Remote Low ??? Partial Partial None
An issue was discovered in Jorani 0.6.5. SQL Injection (error-based) allows a user of the application without permissions to read and modify sensitive information from the database used by the application via the startdate or enddate parameter to leaves/validate.
562 CVE-2018-15917 79 XSS 2018-09-05 2018-10-25
3.5
None Remote Medium ??? None Partial None
Persistent cross-site scripting (XSS) issues in Jorani 0.6.5 allow remote attackers to inject arbitrary web script or HTML via the language parameter to session/language.
563 CVE-2018-15898 295 2018-09-11 2018-11-30
4.3
None Remote Medium Not required Partial None None
The Subsonic Music Streamer application 4.4 for Android has Improper Certificate Validation of the Subsonic server certificate, which might allow man-in-the-middle attackers to obtain interaction data.
564 CVE-2018-15886 94 Exec Code 2018-09-10 2018-11-14
6.5
None Remote Low ??? Partial Partial Partial
Monstra CMS 3.0.4 does not properly restrict modified Snippet content, as demonstrated by the admin/index.php?id=snippets&action=edit_snippet&filename=google-analytics URI, which allows attackers to execute arbitrary PHP code by placing this code after a <?php substring.
565 CVE-2018-15865 2018-09-06 2020-05-11
4.6
None Local Low Not required Partial Partial Partial
The Pulse Secure Desktop (macOS) has a Privilege Escalation Vulnerability.
566 CVE-2018-15836 347 2018-09-26 2019-01-10
5.0
None Remote Low Not required None Partial None
In verify_signed_hash() in lib/liboswkeys/signatures.c in Openswan before 2.6.50.1, the RSA implementation does not verify the value of padding string during PKCS#1 v1.5 signature verification. Consequently, a remote attacker can forge signatures when small public exponents are being used. IKEv2 signature verification is affected when RAW RSA keys are used.
567 CVE-2018-15834 787 Overflow 2018-09-12 2020-08-24
4.3
None Remote Medium Not required None None Partial
In radare2 before 2.9.0, a heap overflow vulnerability exists in the read_module_referenced_functions function in libr/anal/flirt.c via a crafted flirt signature file.
568 CVE-2018-15832 20 Exec Code 2018-09-20 2018-12-13
6.8
None Remote Medium Not required Partial Partial Partial
upc.exe in Ubisoft Uplay Desktop Client versions 63.0.5699.0 allows remote attackers to execute arbitrary code. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing of URI handlers. The issue results from the lack of proper validation of a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code under the context of the current process.
569 CVE-2018-15764 Exec Code 2018-09-28 2019-10-09
7.5
None Remote Low Not required Partial Partial Partial
Dell EMC ESRS Policy Manager versions 6.8 and prior contain a remote code execution vulnerability due to improper configurations of triggered JMX services. A remote unauthenticated attacker may potentially exploit this vulnerability to execute arbitrary code in the server's JVM.
570 CVE-2018-15749 134 2018-09-06 2020-05-11
2.1
None Local Low Not required Partial None None
The Pulse Secure Desktop (macOS) 5.3RX before 5.3R5 and 9.0R1 has a Format String Vulnerability.
571 CVE-2018-15726 78 2018-09-06 2020-05-11
4.6
None Local Low Not required Partial Partial Partial
The Pulse Secure Desktop (macOS) 5.3RX before 5.3R5 and 9.0R1 has a Privilege Escalation Vulnerability.
572 CVE-2018-15684 200 +Info 2018-09-05 2018-11-05
5.0
None Remote Low Not required Partial None None
An issue was discovered in BTITeam XBTIT. PHP error logs are stored in an open directory (/include/logs) using predictable file names, which can lead to full path disclosure and leakage of sensitive data.
573 CVE-2018-15683 601 2018-09-05 2018-11-06
5.8
None Remote Medium Not required Partial Partial None
An issue was discovered in BTITeam XBTIT. The "returnto" parameter of the login page is vulnerable to an open redirect due to a lack of validation. If a user is already logged in when accessing the page, they will be instantly redirected.
574 CVE-2018-15682 352 CSRF 2018-09-05 2018-11-06
6.8
None Remote Medium Not required Partial Partial Partial
An issue was discovered in BTITeam XBTIT. Due to a lack of cross-site request forgery protection, it is possible to automate the action of sending private messages to users by luring an authenticated user to a web page that automatically submits a form on their behalf.
575 CVE-2018-15681 732 2018-09-05 2019-10-03
5.0
None Remote Low Not required Partial None None
An issue was discovered in BTITeam XBTIT 2.5.4. When a user logs in, their password hash is rehashed using a predictable salt and stored in the "pass" cookie, which is not flagged as HTTPOnly. Due to the weak and predictable salt that is in place, an attacker who successfully steals this cookie can efficiently brute-force it to retrieve the user's cleartext password.
576 CVE-2018-15680 916 2018-09-05 2019-10-03
5.0
None Remote Low Not required Partial None None
An issue was discovered in BTITeam XBTIT 2.5.4. The hashed passwords stored in the xbtit_users table are stored as unsalted MD5 hashes, which makes it easier for context-dependent attackers to obtain cleartext values via a brute-force attack.
577 CVE-2018-15679 79 XSS 2018-09-05 2018-11-05
4.3
None Remote Medium Not required None Partial None
An issue was discovered in BTITeam XBTIT 2.5.4. The "keywords" parameter in the search function available at /index.php?page=forums&action=search is vulnerable to reflected cross-site scripting.
578 CVE-2018-15678 79 XSS 2018-09-05 2018-11-05
4.3
None Remote Medium Not required None Partial None
An issue was discovered in BTITeam XBTIT 2.5.4. The "act" parameter in the sign-up page available at /index.php?page=signup is vulnerable to reflected cross-site scripting.
579 CVE-2018-15677 352 XSS CSRF 2018-09-05 2020-08-24
4.3
None Remote Medium Not required None Partial None
The newsfeed (aka /index.php?page=viewnews) in BTITeam XBTIT 2.5.4 has stored XSS via the title of a news item. This is also exploitable via CSRF.
580 CVE-2018-15676 79 XSS Bypass 2018-09-05 2019-10-03
5.0
None Remote Low Not required None Partial None
An issue was discovered in BTITeam XBTIT. By using String.replace and eval, it is possible to bypass the includes/crk_protection.php anti-XSS mechanism that looks for a number of dangerous fingerprints.
581 CVE-2018-15615 200 +Info 2018-09-24 2019-10-09
2.1
None Local Low Not required Partial None None
A vulnerability in the Supervisor component of Avaya Call Management System allows local administrative user to extract sensitive information from users connecting to a remote CMS host. Affected versions of CMS Supervisor include R17.0.x and R18.0.x.
582 CVE-2018-15613 79 XSS 2018-09-21 2019-10-09
4.3
None Remote Medium Not required None Partial None
A cross-site scripting (XSS) vulnerability in the Runtime Config component of Avaya Aura Orchestration Designer could result in malicious content being returned to the user. Affected versions of Avaya Aura Orchestration Designer include all versions up to 7.2.1.
583 CVE-2018-15612 352 CSRF 2018-09-21 2019-10-09
6.8
None Remote Medium Not required Partial Partial Partial
A CSRF vulnerability in the Runtime Config component of Avaya Aura Orchestration Designer could allow an attacker to add, change, or remove administrative settings. Affected versions of Avaya Aura Orchestration Designer include all versions up to 7.2.1.
584 CVE-2018-15611 +Priv 2018-09-27 2019-10-09
7.2
None Local Low Not required Complete Complete Complete
A vulnerability in the local system administration component of Avaya Aura Communication Manager can allow an authenticated, privileged user on the local system to gain root privileges. Affected versions include 6.3.x and all 7.x version prior to 7.1.3.1.
585 CVE-2018-15610 22 Dir. Trav. 2018-09-12 2019-10-03
9.0
None Remote Low ??? Complete Complete Complete
A vulnerability in the one-X Portal component of Avaya IP Office allows an authenticated attacker to read and delete arbitrary files on the system. Affected versions of Avaya IP Office include 9.1 through 9.1 SP12, 10.0 through 10.0 SP7, and 10.1 through 10.1 SP2.
586 CVE-2018-15606 79 XSS 2018-09-26 2018-11-15
4.3
None Remote Medium Not required None Partial None
An XSS issue was discovered in SalesAgility SuiteCRM 7.x before 7.8.21 and 7.10.x before 7.10.8, related to phishing an error message.
587 CVE-2018-15552 338 2018-09-07 2019-09-16
5.0
None Remote Low Not required Partial None None
The "PayWinner" function of a simplelottery smart contract implementation for The Ethereum Lottery, an Ethereum gambling game, generates a random value with publicly readable variable "maxTickets" (which is private, yet predictable and readable by the eth.getStorageAt function). Therefore, it allows attackers to always win and get rewards.
588 CVE-2018-15546 79 XSS 2018-09-18 2018-11-02
4.3
None Remote Medium Not required None Partial None
Accusoft PrizmDoc version 13.3 and earlier contains a Stored Cross-Site Scripting issue through a crafted PDF file.
589 CVE-2018-15531 611 2018-09-26 2018-11-29
7.5
None Remote Low Not required Partial Partial Partial
JavaMelody before 1.74.0 has XXE via parseSoapMethodName in bull/javamelody/PayloadNameRequestWrapper.java.
590 CVE-2018-15514 502 2018-09-01 2018-11-09
6.5
None Remote Low ??? Partial Partial Partial
HandleRequestAsync in Docker for Windows before 18.06.0-ce-rc3-win68 (edge) and before 18.06.0-ce-win72 (stable) deserialized requests over the \\.\pipe\dockerBackend named pipe without verifying the validity of the deserialized .NET objects. This would allow a malicious user in the "docker-users" group (who may not otherwise have administrator access) to escalate to administrator privileges.
591 CVE-2018-15502 732 2018-09-12 2019-10-03
5.0
None Remote Low Not required Partial None None
Insecure permissions in Lone Wolf Technologies loadingDOCS 2018-08-13 allow remote attackers to download any confidential files via https requests for predictable URLs.
592 CVE-2018-15486 829 File Inclusion 2018-09-07 2019-10-03
6.4
None Remote Low Not required Partial Partial None
An issue was discovered on KONE Group Controller (KGC) devices before 4.6.5. Unauthenticated Local File Inclusion and File modification is possible through the open HTTP interface by modifying the name parameter of the file endpoint, aka KONE-02.
593 CVE-2018-15485 287 2018-09-07 2018-11-13
6.4
None Remote Low Not required Partial Partial None
An issue was discovered on KONE Group Controller (KGC) devices before 4.6.5. FTP does not require authentication or authorization, aka KONE-03.
594 CVE-2018-15484 78 Exec Code 2018-09-07 2018-11-13
10.0
None Remote Low Not required Complete Complete Complete
An issue was discovered on KONE Group Controller (KGC) devices before 4.6.5. Unauthenticated Remote Code Execution is possible through the open HTTP interface by modifying autoexec.bat, aka KONE-01.
595 CVE-2018-15483 20 DoS 2018-09-07 2018-11-14
7.8
None Remote Low Not required None None Complete
An issue was discovered on KONE Group Controller (KGC) devices before 4.6.5. Denial of Service can occur through the open HTTP interface, aka KONE-04.
596 CVE-2018-15474 1236 Exec Code 2018-09-07 2020-08-24
6.8
None Remote Medium Not required Partial Partial Partial
** DISPUTED ** CSV Injection (aka Excel Macro Injection or Formula Injection) in /lib/plugins/usermanager/admin.php in DokuWiki 2018-04-22a and earlier allows remote attackers to exfiltrate sensitive data and to execute arbitrary code via a value that is mishandled in a CSV export. NOTE: the vendor has stated "this is not a security problem in DokuWiki."
597 CVE-2018-15365 79 XSS Bypass CSRF 2018-09-28 2018-11-16
3.5
None Remote Medium ??? None Partial None
A Reflected Cross-Site Scripting (XSS) vulnerability in Trend Micro Deep Discovery Inspector 3.85 and below could allow an attacker to bypass CSRF protection and conduct an attack on vulnerable installations. An attacker must be an authenticated user in order to exploit the vulnerability.
598 CVE-2018-15310 200 +Info 2018-09-13 2018-11-27
4.0
None Remote Low ??? Partial None None
A vulnerability in BIG-IP APM portal access 11.5.1-11.5.7, 11.6.0-11.6.3, and 12.1.0-12.1.3 discloses the BIG-IP software version in rewritten pages.
599 CVE-2018-15161 125 2018-09-01 2018-10-24
4.3
None Remote Medium Not required None None Partial
** DISPUTED ** The libesedb_key_append_data function in libesedb_key.c in libesedb through 2018-04-01 allows remote attackers to cause a heap-based buffer over-read via a crafted esedb file. NOTE: the vendor has disputed this as described in the GitHub issue comments.
600 CVE-2018-15160 125 2018-09-01 2018-10-30
4.3
None Remote Medium Not required None None Partial
** DISPUTED ** The libesedb_catalog_definition_read function in libesedb_catalog_definition.c in libesedb through 2018-04-01 allows remote attackers to cause a heap-based buffer over-read via a crafted esedb file. NOTE: the vendor has disputed this as described in the GitHub issue comments.
Total number of vulnerabilities : 1174   Page : 1 2 3 4 5 6 7 8 9 10 11 12 (This Page)13 14 15 16 17 18 19 20 21 22 23 24
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.