| # |
CVE ID
|
CWE ID
|
# of Exploits
|
Vulnerability Type(s)
|
Publish Date
|
Update Date
|
Score
|
Gained Access Level
|
Access
|
Complexity
|
Authentication
|
Conf.
|
Integ.
|
Avail.
|
|
651 |
CVE-2018-14624 |
20 |
|
|
2018-09-06 |
2019-05-15 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
A vulnerability was discovered in 389-ds-base through versions 1.3.7.10, 1.3.8.8 and 1.4.0.16. The lock controlling the error log was not correctly used when re-opening the log file in log__error_emergency(). An attacker could send a flood of modifications to a very large DN, which would cause slapd to crash. |
|
652 |
CVE-2018-14620 |
20 |
|
|
2018-09-10 |
2021-08-04 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
The OpenStack RabbitMQ container image insecurely retrieves the rabbitmq_clusterer component over HTTP during the build stage. This could potentially allow an attacker to serve malicious code to the image builder and install in the resultant container image. Version of openstack-rabbitmq-container and openstack-containers as shipped with Red Hat Openstack 12, 13, 14 are believed to be vulnerable. |
|
653 |
CVE-2018-14618 |
190 |
|
Overflow |
2018-09-05 |
2019-04-22 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
|
curl before version 7.61.1 is vulnerable to a buffer overrun in the NTLM authentication code. The internal function Curl_ntlm_core_mk_nt_hash multiplies the length of the password by two (SUM) to figure out how large temporary storage area to allocate from the heap. The length value is then subsequently used to iterate over the password and generate output into the allocated storage buffer. On systems with a 32 bit size_t, the math to calculate SUM triggers an integer overflow when the password length exceeds 2GB (2^31 bytes). This integer overflow usually causes a very small buffer to actually get allocated instead of the intended very huge one, making the use of that buffer end up in a heap buffer overflow. (This bug is almost identical to CVE-2017-8816.) |
|
654 |
CVE-2018-14592 |
89 |
|
Sql |
2018-09-20 |
2018-11-09 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
The CWJoomla CW Article Attachments PRO extension before 2.0.7 and CW Article Attachments FREE extension before 1.0.6 for Joomla! allow SQL Injection within download.php. |
|
655 |
CVE-2018-14398 |
601 |
|
|
2018-09-07 |
2018-11-14 |
5.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
None |
|
An issue was discovered in Creme CRM 1.6.12. The value of the cancel button uses the content of the HTTP Referer header, and could be used to trick a user into visiting a fake login page in order to steal credentials. |
|
656 |
CVE-2018-14397 |
79 |
|
XSS |
2018-09-07 |
2018-10-31 |
3.5 |
None |
Remote |
Medium |
??? |
None |
Partial |
None |
|
An issue was discovered in Creme CRM 1.6.12. The organization creation page is affected by 9 stored cross-site scripting vulnerabilities involving the name, billing_address-address, billing_address-zipcode, billing_address-city, billing_address-department, shipping_address-address, shipping_address-zipcode, shipping_address-city, and shipping_address-department parameters. |
|
657 |
CVE-2018-14396 |
79 |
|
XSS |
2018-09-07 |
2018-10-31 |
3.5 |
None |
Remote |
Medium |
??? |
None |
Partial |
None |
|
An issue was discovered in Creme CRM 1.6.12. The salesman creation page is affected by 10 stored cross-site scripting vulnerabilities involving the firstname, lastname, billing_address-address, billing_address-zipcode, billing_address-city, billing_address-department, shipping_address-address, shipping_address-zipcode, shipping_address-city, and shipping_address-department parameters. |
|
658 |
CVE-2018-14366 |
601 |
|
|
2018-09-06 |
2020-04-29 |
5.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
None |
|
download.cgi in Pulse Secure Pulse Connect Secure 8.1RX before 8.1R13 and 8.3RX before 8.3R4 and Pulse Policy Secure through 5.2RX before 5.2R10 and 5.4RX before 5.4R4 have an Open Redirect Vulnerability. |
|
659 |
CVE-2018-14327 |
732 |
|
+Priv |
2018-09-26 |
2019-10-03 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
|
The installer for the Alcatel OSPREY3_MINI Modem component on EE EE40VB 4G mobile broadband modems with firmware before EE40_00_02.00_45 sets weak permissions (Everyone:Full Control) for the "Web Connecton\EE40" and "Web Connecton\EE40\BackgroundService" directories, which allows local users to gain privileges, as demonstrated by inserting a Trojan horse ServiceManager.exe file into the "Web Connecton\EE40\BackgroundService" directory. |
|
660 |
CVE-2018-14320 |
119 |
|
Exec Code Overflow Mem. Corr. |
2018-09-17 |
2019-10-09 |
4.3 |
None |
Remote |
Medium |
Not required |
Partial |
None |
None |
|
This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of PoDoFo. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within PdfEncoding::ParseToUnicode. The issue results from the lack of proper validation of user-supplied data, which can result in a memory corruption condition. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-5673. |
|
661 |
CVE-2018-14318 |
20 |
|
Exec Code |
2018-09-24 |
2019-10-09 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Samsung Galaxy S8 G950FXXU1AQL5. User interaction is required to exploit this vulnerability in that the target must have their cellular radios enabled. The specific flaw exists within the handling of IPCP headers. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length, stack-based buffer. An attacker can leverage this vulnerability to execute code under the context of the baseband processor. Was ZDI-CAN-5368. |
|
662 |
CVE-2018-14037 |
79 |
|
XSS |
2018-09-28 |
2019-08-01 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
Cross-site scripting (XSS) vulnerability in Progress Kendo UI Editor v2018.1.221 allows remote attackers to inject arbitrary JavaScript into the DOM of the WYSIWYG editor because of the editorNS.Serializer toEditableHtml function in kendo.all.min.js. If the victim accesses the editor, the payload gets executed. Furthermore, if the payload is reflected at any other resource that does rely on the sanitisation of the editor itself, the JavaScript payload will be executed in the context of the application. This allows attackers (in the worst case) to take over user sessions. |
|
663 |
CVE-2018-13982 |
22 |
|
Exec Code Dir. Trav. Bypass |
2018-09-18 |
2021-11-02 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
Smarty_Security::isTrustedResourceDir() in Smarty before 3.1.33 is prone to a path traversal vulnerability due to insufficient template code sanitization. This allows attackers controlling the executed template code to bypass the trusted directory security restriction and read arbitrary files. |
|
664 |
CVE-2018-13807 |
20 |
|
|
2018-09-12 |
2019-10-09 |
7.8 |
None |
Remote |
Low |
Not required |
None |
None |
Complete |
|
A vulnerability has been identified in SCALANCE X300 (All versions < V4.0.0), SCALANCE X408 (All versions < V4.0.0), SCALANCE X414 (All versions). The web interface on port 443/tcp could allow an attacker to cause a Denial-of-Service condition by sending specially crafted packets to the web server. The device will automatically reboot, impacting network availability for other devices. An attacker must have network access to port 443/tcp to exploit the vulnerability. Neither valid credentials nor interaction by a legitimate user is required to exploit the vulnerability. There is no confidentiality or integrity impact, only availability is temporarily impacted. This vulnerability could be triggered by publicly available tools. |
|
665 |
CVE-2018-13806 |
427 |
|
Exec Code |
2018-09-12 |
2019-10-09 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
|
A vulnerability has been identified in SIEMENS TD Keypad Designer (All versions). A DLL hijacking vulnerability exists in all versions of SIEMENS TD Keypad Designer which could allow an attacker to execute code with the permission of the user running TD Designer. The attacker must have write access to the directory containing the TD project file in order to exploit the vulnerability. A legitimate user with higher privileges than the attacker must open the TD project in order for this vulnerability to be exploited. At the time of advisory publication no public exploitation of this security vulnerability was known. |
|
666 |
CVE-2018-13799 |
|
|
|
2018-09-12 |
2019-10-09 |
6.4 |
None |
Remote |
Low |
Not required |
None |
Partial |
Partial |
|
A vulnerability has been identified in SIMATIC WinCC OA V3.14 and prior (All versions < V3.14-P021). Improper access control to a data point of the affected product could allow an unauthenticated remote user to escalate its privileges in the context of SIMATIC WinCC OA V3.14. This vulnerability could be exploited by an attacker with network access to port 5678/TCP of the SIMATIC WinCC OA V3.14 server. Successful exploitation requires no user privileges and no user interaction. This vulnerability could allow an attacker to compromise integrity and availability of the SIMATIC WinCC OA system. At the time of advisory publication no public exploitation of this vulnerability was known. |
|
667 |
CVE-2018-13412 |
732 |
|
|
2018-09-12 |
2021-04-21 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
An issue was discovered in the Self Service Portal in Zoho ManageEngine Desktop Central before 10.0.282. A clickable company logo in a window running as SYSTEM can be abused to escalate privileges. In cloud, the issue is fixed in 10.0.470 agent version. |
|
668 |
CVE-2018-13411 |
732 |
|
|
2018-09-12 |
2021-04-21 |
9.0 |
None |
Remote |
Low |
??? |
Complete |
Complete |
Complete |
|
An issue was discovered in Zoho ManageEngine Desktop Central before 10.0.282. A clickable company logo in a window running as SYSTEM can be abused to escalate privileges. In cloud, the issue is fixed in 10.0.470 agent version. |
|
669 |
CVE-2018-13398 |
352 |
|
CSRF |
2018-09-18 |
2018-12-13 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
The administrative smart-commits resource in Atlassian Fisheye and Crucible before version 4.5.4 allows remote attackers to modify smart-commit settings via a Cross-site request forgery (CSRF) vulnerability. |
|
670 |
CVE-2018-13259 |
20 |
|
|
2018-09-05 |
2020-12-01 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
An issue was discovered in zsh before 5.6. Shebang lines exceeding 64 characters were truncated, potentially leading to an execve call to a program name that is a substring of the intended one. |
|
671 |
CVE-2018-13140 |
319 |
|
Exec Code |
2018-09-24 |
2019-10-03 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
|
Druide Antidote through 9.5.1 on Windows and Linux allows remote code execution through the update mechanism by leveraging use of HTTP to download installation packages. |
|
672 |
CVE-2018-13111 |
20 |
|
DoS |
2018-09-21 |
2018-11-09 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
There exists a partial Denial of Service vulnerability in Wanscam HW0021 IP Cameras. An attacker could craft a malicious POST request to crash the ONVIF service on such a device. |
|
673 |
CVE-2018-12975 |
338 |
|
|
2018-09-24 |
2018-12-20 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
The random() function of the smart contract implementation for CryptoSaga, an Ethereum game, generates a random value with publicly readable variables such as timestamp, the current block's blockhash, and a private variable (which can be read with a getStorageAt call). Therefore, attackers can precompute the random number and manipulate the game (e.g., get powerful characters or get critical damages). |
|
674 |
CVE-2018-12897 |
119 |
|
Overflow |
2018-09-07 |
2019-07-16 |
4.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
|
SolarWinds DameWare Mini Remote Control before 12.1 has a Buffer Overflow. |
|
675 |
CVE-2018-12850 |
125 |
|
|
2018-09-25 |
2020-02-24 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
Adobe Acrobat and Reader versions 2018.011.20058 and earlier, 2017.011.30099 and earlier, and 2015.006.30448 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. |
|
676 |
CVE-2018-12849 |
125 |
|
|
2018-09-25 |
2020-02-24 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
Adobe Acrobat and Reader versions 2018.011.20058 and earlier, 2017.011.30099 and earlier, and 2015.006.30448 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. |
|
677 |
CVE-2018-12848 |
787 |
|
Exec Code |
2018-09-25 |
2020-02-24 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Adobe Acrobat and Reader versions 2018.011.20058 and earlier, 2017.011.30099 and earlier, and 2015.006.30448 and earlier have an out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution. |
|
678 |
CVE-2018-12840 |
125 |
|
|
2018-09-25 |
2020-02-24 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
Adobe Acrobat and Reader versions 2018.011.20058 and earlier, 2017.011.30099 and earlier, and 2015.006.30448 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. |
|
679 |
CVE-2018-12801 |
125 |
|
|
2018-09-25 |
2019-08-21 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
Adobe Acrobat and Reader versions 2018.011.20058 and earlier, 2017.011.30099 and earlier, and 2015.006.30448 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. |
|
680 |
CVE-2018-12778 |
125 |
|
|
2018-09-25 |
2019-08-21 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
Adobe Acrobat and Reader versions 2018.011.20058 and earlier, 2017.011.30099 and earlier, and 2015.006.30448 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. |
|
681 |
CVE-2018-12775 |
125 |
|
|
2018-09-25 |
2019-08-21 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
Adobe Acrobat and Reader versions 2018.011.20058 and earlier, 2017.011.30099 and earlier, and 2015.006.30448 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. |
|
682 |
CVE-2018-12608 |
295 |
|
|
2018-09-10 |
2018-11-19 |
5.0 |
None |
Remote |
Low |
Not required |
None |
Partial |
None |
|
An issue was discovered in Docker Moby before 17.06.0. The Docker engine validated a client TLS certificate using both the configured client CA root certificate and all system roots on non-Windows systems. This allowed a client with any domain validated certificate signed by a system-trusted root CA (as opposed to one signed by the configured CA root certificate) to authenticate. |
|
683 |
CVE-2018-12585 |
611 |
|
DoS |
2018-09-14 |
2018-11-27 |
6.4 |
None |
Remote |
Low |
Not required |
Partial |
None |
Partial |
|
An XXE vulnerability in the OPC UA Java and .NET Legacy Stack can allow remote attackers to trigger a denial of service. |
|
684 |
CVE-2018-12511 |
190 |
|
Overflow |
2018-09-21 |
2018-11-09 |
5.0 |
None |
Remote |
Low |
Not required |
None |
Partial |
None |
|
In the mintToken function of a smart contract implementation for Substratum (SUB), an Ethereum ERC20 token, the administrator can control mintedAmount, leverage an integer overflow, and modify a user account's balance arbitrarily. |
|
685 |
CVE-2018-12243 |
611 |
|
|
2018-09-19 |
2018-12-08 |
5.8 |
None |
Local Network |
Low |
Not required |
Partial |
Partial |
Partial |
|
The Symantec Messaging Gateway product prior to 10.6.6 may be susceptible to a XML external entity (XXE) exploit, which is a type of issue where XML input containing a reference to an external entity is processed by a weakly configured XML parser. The attack uses file URI schemes or relative paths in the system identifier to access files that should not normally be accessible. |
|
686 |
CVE-2018-12242 |
287 |
|
Bypass |
2018-09-19 |
2018-12-08 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
The Symantec Messaging Gateway product prior to 10.6.6 may be susceptible to an authentication bypass exploit, which is a type of issue that can allow attackers to potentially circumvent security mechanisms currently in place and gain access to the system or network. |
|
687 |
CVE-2018-12234 |
79 |
|
XSS |
2018-09-06 |
2019-11-12 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
A Reflected Cross Site Scripting (XSS) Vulnerability was discovered in Adrenalin 5.4.0 HRMS Software. The user supplied input containing JavaScript is echoed back in JavaScript code in an HTML response via the flexiportal/GeneralInfo.aspx strAction parameter. |
|
688 |
CVE-2018-12176 |
20 |
|
DoS Exec Code |
2018-09-12 |
2019-10-03 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
Improper input validation in firmware for Intel NUC Kits may allow a privileged user to potentially execute arbitrary code resulting in information disclosure, escalation of privilege and/or denial of service via local access. |
|
689 |
CVE-2018-12175 |
276 |
|
|
2018-09-12 |
2019-10-03 |
4.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
|
Default install directory permissions in Intel Distribution for Python (IDP) version 2018 may allow an unprivileged user to escalate privileges via local access. |
|
690 |
CVE-2018-12171 |
|
|
DoS Exec Code |
2018-09-12 |
2019-10-03 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Privilege escalation in Intel Baseboard Management Controller (BMC) firmware before version 1.43.91f76955 may allow an unprivileged user to potentially execute arbitrary code or perform denial of service over the network. |
|
691 |
CVE-2018-12169 |
287 |
|
Bypass |
2018-09-21 |
2018-12-20 |
4.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
|
Platform sample code firmware in 4th Generation Intel Core Processor, 5th Generation Intel Core Processor, 6th Generation Intel Core Processor, 7th Generation Intel Core Processor and 8th Generation Intel Core Processor contains a logic error which may allow physical attacker to potentially bypass firmware authentication. |
|
692 |
CVE-2018-12168 |
732 |
|
Exec Code |
2018-09-12 |
2019-10-03 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
Privilege escalation in file permissions in Intel Computing Improvement Program before version 2.2.0.03942 may allow an authenticated user to potentially execute code as administrator via local access. |
|
693 |
CVE-2018-12163 |
427 |
|
|
2018-09-12 |
2019-10-03 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
A DLL injection vulnerability in the Intel IoT Developers Kit 4.0 installer may allow an authenticated user to potentially escalate privileges using file modification via local access. |
|
694 |
CVE-2018-12162 |
732 |
|
Exec Code |
2018-09-12 |
2019-10-03 |
4.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
|
Directory permissions in the Intel OpenVINO Toolkit for Windows before version 2018.1.265 may allow an authenticated user to potentially execute code using default directory permissions via local access. |
|
695 |
CVE-2018-12160 |
427 |
|
Exec Code |
2018-09-12 |
2020-08-24 |
4.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
|
DLL injection vulnerability in software installer for Intel Data Center Migration Center Software v3.1 and before may allow an authenticated user to potentially execute code using default directory permissions via local access. |
|
696 |
CVE-2018-12151 |
119 |
|
DoS Overflow |
2018-09-12 |
2018-10-30 |
2.1 |
None |
Local |
Low |
Not required |
None |
None |
Partial |
|
Buffer overflow in installer for Intel Extreme Tuning Utility before 6.4.1.21 may allow an authenticated user to potentially cause a buffer overflow potentially leading to a denial of service via local access. |
|
697 |
CVE-2018-12150 |
119 |
|
Exec Code Overflow |
2018-09-12 |
2018-11-07 |
4.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
|
Escalation of privilege in Installer for Intel Extreme Tuning Utility before 6.4.1.21 may allow an authenticated user to potentially execute code or disclose information as administrator via local access. |
|
698 |
CVE-2018-12149 |
119 |
|
Overflow |
2018-09-12 |
2018-11-07 |
2.1 |
None |
Local |
Low |
Not required |
None |
None |
Partial |
|
Buffer overflow in input handling in Intel Extreme Tuning Utility before 6.4.1.21 may allow an authenticated user to potentially deny service to the application via local access. |
|
699 |
CVE-2018-12148 |
732 |
|
Exec Code |
2018-09-12 |
2019-10-03 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
Privilege escalation in file permissions in Intel Driver and Support Assistant before 3.5.0.1 may allow an authenticated user to potentially execute code as administrator via local access. |
|
700 |
CVE-2018-12086 |
787 |
|
Overflow |
2018-09-14 |
2020-08-24 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
Buffer overflow in OPC UA applications allows remote attackers to trigger a stack overflow with carefully structured requests. |
