CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
  Take a third party risk management course for FREE
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1301 CVE-2018-7775 2018-07-03 2018-07-03
0.0
None ??? ??? ??? ??? ??? ???
The vulnerability exists within error.php in Schneider Electric U.motion Builder software versions prior to v1.3.4. System information is returned to the attacker that contains sensitive data.
1302 CVE-2018-8086 DoS 2018-03-12 2018-03-12
0.0
None ??? ??? ??? ??? ??? ???
The basename implementation in string/basename.c in the GNU C Library (aka glibc or libc6) 2.26 allows attackers to cause a denial of service (segmentation fault), within the assembly code for strrchr, via a crafted argument.
1303 CVE-2018-9329 2018-04-05 2018-04-09
0.0
None ??? ??? ??? ??? ??? ???
** DISPUTED ** The Bitdefender Antivirus 6.2.19.890 component, as configured for AV Defender in SolarWinds N-Central and possibly other products, attempts to access hosts in the bitdefeder.net Potentially Unwanted Domain (a domain similar to "bitdefender.net" but with a missing 'n' character) in unspecified circumstances. The observed hostnames are of the form upgr-midgress-##.htz.bitdefeder.net; however, all hostnames ending in .bitdefeder.net apparently resolve to the same IP address. This product behavior may allow remote attackers to block antivirus updates or potentially provide crafted updates, either by controlling that IP address or by purchasing the bitdefeder.net domain name. NOTE: the vendor reportedly disputes the details of this finding, indicating that a user's tools may have displayed upgr-midgress-##.htz.bitdefeder.net names because of incorrect DNS PTR records, not actual outbound traffic to an unintended IP address.
1304 CVE-2018-10886 2018-07-16 2018-07-19
0.0
None ??? ??? ??? ??? ??? ???
ant before version 1.9.12 unzip and untar targets allows the extraction of files outside the target directory. A crafted zip or tar file submitted to an Ant build could create or overwrite arbitrary files with the privileges of the user running Ant.
1305 CVE-2018-11125 2018-05-15 2018-05-15
0.0
None ??? ??? ??? ??? ??? ???
Tencent RapidJSON 1.1.0 has a heap-based buffer over-read in the Peek function in stream.h.
1306 CVE-2018-12938 DoS Exec Code 2018-06-28 2018-07-05
0.0
None ??? ??? ??? ??? ??? ???
slpd_process.c in OpenSLP 2.0.0 has a double free resulting in denial of service (daemon crash) or possibly unauthenticated remote code execution.
1307 CVE-2018-14032 2018-07-12 2018-07-12
0.0
None ??? ??? ??? ??? ??? ???
An issue was discovered in the HDF HDF5 1.8.20 library. There is a heap-based buffer over-read in the function H5O_fill_new_decode in H5Ofill.c, related to HDmemcpy.
1308 CVE-2018-14373 Overflow 2018-07-17 2018-07-31
0.0
None ??? ??? ??? ??? ??? ???
An issue was discovered in LibTIFF 4.0.9. In TIFFFindField in tif_dirinfo.c, the structure tif is being dereferenced without first checking that the structure is not empty and has the requested fields (tif_foundfield). In the call sequences following from the affected library functions (TIFFVGetField, TIFFVGetFieldDefaulted, TIFFVStripSize, TIFFScanlineSize, TIFFTileSize, TIFFGetFieldDefaulted, and TIFFGetField), this sanitization of the tif structure is never being done and, hence, using them with an invalid or empty tif structure will trigger a buffer overflow, leading to a crash.
1309 CVE-2018-14374 Overflow 2018-07-17 2018-07-31
0.0
None ??? ??? ??? ??? ??? ???
An issue was discovered in LibTIFF 4.0.9. A buffer overflow can occur via an empty fmt argument to unixErrorHandler in tif_unix.c, and it can be exploited (at a minimum) via the following high-level library API functions: TIFFClientOpen, TIFFFdOpen, TIFFRawStripSize, TIFFCheckTile, TIFFComputeStrip, TIFFReadRawTile, TIFFUnRegisterCODEC, and TIFFWriteEncodedTile.
1310 CVE-2018-14375 Overflow 2018-07-17 2018-07-31
0.0
None ??? ??? ??? ??? ??? ???
An issue was discovered in LibTIFF 4.0.9. A buffer overflow vulnerability can occur via an invalid or empty tif argument to TIFFRGBAImageOK in tif_getimage.c, and it can be exploited (at a minimum) via the following high-level library API functions: TIFFReadRGBAImage, TIFFRGBAImageOK, and TIFFRGBAImageBegin.
1311 CVE-2018-14378 Overflow 2018-07-17 2018-07-31
0.0
None ??? ??? ??? ??? ??? ???
An issue was discovered in LibTIFF 4.0.9. A buffer overflow can occur via an invalid or empty tif argument to TIFFWriteBufferSetup in tif_write.c, and it can be exploited (at a minimum) via the following high-level library API function: TIFFWriteTile.
1312 CVE-2018-14400 Exec Code 2018-08-28 2018-08-30
0.0
None ??? ??? ??? ??? ??? ???
In PLY (aka Python Lex-Yacc) 3.11, as used in pycparser and other products, a pickle.load call (within the read_pickle function of the LRTable class in yacc.py) on imported data allows remote attackers to execute arbitrary code via a crafted .pickle file, as demonstrated by Python code that contains an os.system call.
1313 CVE-2018-15672 2018-08-21 2018-08-21
0.0
None ??? ??? ??? ??? ??? ???
An issue was discovered in the HDF HDF5 1.10.2 library. A SIGFPE is raised in the function H5D__chunk_init() of H5Dchunk.c during an attempted parse of a crafted HDF file, because of incorrect protection against division by zero.
1314 CVE-2018-17850 DoS 2018-10-01 2018-10-01
0.0
None ??? ??? ??? ??? ??? ???
An issue was discovered in JsonCpp 1.8.4. An unhandled exception vulnerability exists in Json::Value::clear() in json_value.cpp after throwing an instance of "Json::LogicError what(): requires complex value." Specially crafted JSON requests can cause an unhandled exception resulting in denial of service. An attacker can send malicious JSON to trigger this vulnerability.
1315 CVE-2018-17851 DoS 2018-10-01 2018-10-01
0.0
None ??? ??? ??? ??? ??? ???
An issue was discovered in JsonCpp 1.8.4. An unhandled exception vulnerability exists in Json::OurReader::readValue() in json_reader.cpp after throwing an instance of "Json::RuntimeError what(): Exceeded stackLimit." Specially crafted JSON requests can cause an unhandled exception resulting in denial of service. An attacker can send malicious JSON to trigger this vulnerability.
1316 CVE-2018-19387 DoS 2018-11-20 2018-11-20
0.0
None ??? ??? ??? ??? ??? ???
format_cb_pane_tabs in format.c in tmux 2.7 through 2.8 might allow attackers to cause a denial of service (NULL Pointer Dereference and application crash) by arranging for a malloc failure.
1317 CVE-2018-25007 2021-04-23 2021-04-23
0.0
None ??? ??? ??? ??? ??? ???
Missing check in UIDL request handler in com.vaadin:flow-server versions 1.0.0 through 1.0.5 (Vaadin 10.0.0 through 10.0.7, and 11.0.0 through 11.0.2) allows attacker to update element property values via crafted synchronization message.
1318 CVE-2018-1000016 XSS 2018-01-23 2018-01-23
0.0
None ??? ??? ??? ??? ??? ???
Jenkins Ant Plugin 1.7 and earlier failed to escape tool names it shows on job configuration screens, resulting in a cross-site scripting vulnerability that is exploitable only by Jenkins administrators.
1319 CVE-2018-1000128 Exec Code Overflow 2018-03-13 2018-03-13
0.0
None ??? ??? ??? ??? ??? ???
GPAC MP4Box version prior to commit 90dc7f853d31b0a4e9441cba97feccf36d8b69a4 contains a Buffer Overflow vulnerability in src/media_tools/av_parsers.c, lines 2387-2388: https://github.com/gpac/gpac/blob/84c4e606a1f906cd4b07ad94d19cea2b668f64ad/src/media_tools/av_parsers.c#L2387-L2388 that can result in may allow an attacker to achieve remote code execution. This attack appear to be exploitable via The victim must open a specially crafted MP4 file. This vulnerability appears to have been fixed in after commit 90dc7f853d31b0a4e9441cba97feccf36d8b69a4.
1320 CVE-2018-1000845 2018-12-20 2018-12-20
0.0
None ??? ??? ??? ??? ??? ???
Avahi version 0.7 contains a Incorrect Access Control vulnerability in avahi-daemon that can result in Traffic reflection and amplification for DDoS attacks.. This attack appear to be exploitable via unicast IP network packet with spoofed source address.
1321 CVE-2019-5428 2019-04-22 2019-04-22
0.0
None ??? ??? ??? ??? ??? ???
A prototype pollution vulnerability exists in jQuery versions < 3.4.0 that allows an attacker to inject properties on Object.prototype.
1322 CVE-2019-12396 2019-05-28 2019-05-28
0.0
None ??? ??? ??? ??? ??? ???
An issue was discovered in Revive Adserver before 4.2.1. In lib/OA/Dal/PasswordRecovery.php, the function generateRecoveryId() uses an insecure way to generate a password reset token. The token relies on the PHP uniqid function and consequently depends only on the current server time, which is often visible in an HTTP Date header.
1323 CVE-2019-12983 DoS +Info 2019-06-26 2019-06-26
0.0
None ??? ??? ??? ??? ??? ???
In the Linux kernel before 5.0.15, the function do_hidp_sock_ioctl in net/bluetooth/hidp/sock.c does not ensure that a certain device field ends with a '\0' character, which allows local users to obtain potentially sensitive information from kernel stack memory, or cause a denial of service, which is similar to CVE-2011-1079. The user would use an HIDPCONNADD command.
1324 CVE-2019-15231 Exec Code 2019-08-19 2019-08-21
0.0
None ??? ??? ??? ??? ??? ???
Webmin 1.890, in a default installation, contains a backdoor that allows an unauthenticated attacker to remotely execute commands. This CVE only refers to the backdoor that was enabled by default, and therefore is a separate CVE from CVE-2019-15107. NOTE: although the vendor's build infrastructure was compromised in 2018, the compromise is not known to affect any GitHub repository. Thus, the relatively uncommon case of an end user building their own copy of Webmin (from the 1.890 tag on GitHub) is thought to be safe.
1325 CVE-2019-25027 2021-04-23 2021-04-23
0.0
None ??? ??? ??? ??? ??? ???
Missing output sanitization in default RouteNotFoundError view in com.vaadin:flow-server versions 1.0.0 through 1.0.10 (Vaadin 10.0.0 through 10.0.13), and 1.1.0 through 1.4.2 (Vaadin 11.0.0 through 13.0.5) allows attacker to execute malicious JavaScript via crafted URL
1326 CVE-2019-25028 2021-04-23 2021-04-23
0.0
None ??? ??? ??? ??? ??? ???
Missing variable sanitization in Grid component in com.vaadin:vaadin-server versions 7.4.0 through 7.7.19 (Vaadin 7.4.0 through 7.7.19), and 8.0.0 through 8.8.4 (Vaadin 8.0.0 through 8.8.4) allows attacker to inject malicious JavaScript via unspecified vector
1327 CVE-2019-25071 Exec Code 2022-06-25 2022-06-27
0.0
None ??? ??? ??? ??? ??? ???
A vulnerability was found in Apple iPhone up to 12.4.1. It has been declared as critical. Affected by this vulnerability is Siri. Playing an audio or video file might be able to initiate Siri on the same device which makes it possible to execute commands remotely. Exploit details have been disclosed to the public. The existence and implications of this vulnerability are doubted by Apple even though multiple public videos demonstrating the attack exist. Upgrading to version 13.0 migt be able to address this issue. It is recommended to upgrade affected devices. NOTE: Apple claims, that after examining the report they do not see any actual security implications.
1328 CVE-2019-1010011 DoS Overflow 2019-07-14 2019-07-15
0.0
None ??? ??? ??? ??? ??? ???
moinejf abcm2ps 8.13.16 and after is affected by: CWE-121: Stack-based Buffer Overflow. The impact is: This vulnerability allows remote attackers to cause a denial of service via a crafted file. The component is: parse.c / function: get_key and music.c/ function: delayed_output.
1329 CVE-2019-1010042 2019-07-15 2019-07-15
0.0
None ??? ??? ??? ??? ??? ???
couchcms 2 is affected by: Web Site physical path leakage. The impact is: disclosure the full path. The component is: includes/mysql2i/mysql2i.func.php and addons/phpmailer/phpmailer.php. The attack vector is: network connectivity.
1330 CVE-2019-1010048 DoS Overflow 2019-07-16 2019-07-16
0.0
None ??? ??? ??? ??? ??? ???
UPX 3.95 is affected by: Integer Overflow. The impact is: attacker can cause a denial of service. The component is: src/p_lx_elf.cpp PackLinuxElf32::PackLinuxElf32help1() Line 262. The attack vector is: the victim must open a specially crafted ELF file.
1331 CVE-2019-1010309 Exec Code Dir. Trav. 2019-07-12 2019-07-12
0.0
None ??? ??? ??? ??? ??? ???
pacman prior to version 5.1.3 is affected by: Directory Traversal. The impact is: arbitrary file placement potentially leading to arbitrary root code execution. The component is: installing a remote package via a specified URL "pacman -U <url>". The problem was located in function curl_download_internal in lib/libalpm/dload.c line 535. The attack vector is: the victim must install a remote package via a specified URL from a malicious server (or a network MitM if downloading over HTTP). The fixed version is: 5.1.3 via commit 9702703633bec2c007730006de2aeec8587dfc84.
1332 CVE-2019-1010311 XSS 2019-07-12 2019-07-12
0.0
None ??? ??? ??? ??? ??? ???
Tildeslash Monit Version 5.25.2 and earlier is affected by: Cross Site Scripting (XSS). The impact is: Execute javascript in a victim s browser; disable all monitoring for a particular host or service. The component is: In function do_viewlog() on line 910 in Monit/src/http/cervlet.c, an attacker controlled log file is copied into an HTTP response without any HTML escaping. The attack vector is: An authenticated remote attacker can exploit the vulnerability over a network. The fixed version is: Version 5.25.3 and later.
1333 CVE-2019-1010312 DoS 2019-07-12 2019-07-12
0.0
None ??? ??? ??? ??? ??? ???
Tildeslash Monit Version 5.25.2 and earlier is affected by: Buffer Over-read. The impact is: Disclosure of memory contents in an HTTP response, and Denial of Service. The component is: In function Util_urlDecode() on lines 1553 -1563 in Monit/src/util.c, a crafted POST parameter can cause the buffer index to increment to a value greater than the length of the buffer. The attack vector is: An authenticated remote attacker can exploit the vulnerability by sending a HTTP POST request that contains a maliciously crafted body parameter. The fixed version is: Version 5.25.3 and later.
1334 CVE-2019-1010318 2019-07-11 2019-07-11
0.0
None ??? ??? ??? ??? ??? ???
WavPack 5.1.0 and earlier is affected by: CWE-457: Use of Uninitialized Variable. The impact is: Unexpected control flow, crashes, and segfaults. The component is: WavpackSetConfiguration64 (pack_utils.c:198). The attack vector is: Maliciously crafted .wav file. The fixed version is: After commit https://github.com/dbry/WavPack/commit/bc6cba3f552c44565f7f1e66dc1580189addb2b4.
1335 CVE-2020-7037 DoS 2021-04-28 2021-04-28
0.0
None ??? ??? ??? ??? ??? ???
An XML External Entities (XXE) vulnerability in Media Server component of Avaya Equinox Conferencing could allow an authenticated, remote attacker to gain read access to information that is stored on an affected system or even potentially lead to a denial of service. The affected versions of Avaya Equinox Conferencing includes all 9.x versions before 9.1.11. Equinox Conferencing is now offered as Avaya Meetings Server.
1336 CVE-2020-7038 2021-04-28 2021-04-28
0.0
None ??? ??? ??? ??? ??? ???
A vulnerability was discovered in Management component of Avaya Equinox Conferencing that could potentially allow an unauthenticated, remote attacker to gain access to screen sharing and whiteboard sessions. The affected versions of Management component of Avaya Equinox Conferencing include all 3.x versions before 3.17. Avaya Equinox Conferencing is now offered as Avaya Meetings Server.
1337 CVE-2020-7123 2021-04-28 2021-04-28
0.0
None ??? ??? ??? ??? ??? ???
A local escalation of privilege vulnerability was discovered in Aruba ClearPass Policy Manager version(s) prior to 6.9.5, 6.8.9, 6.7.14-HF1. Aruba has released patches for Aruba ClearPass Policy Manager that address this security vulnerability.
1338 CVE-2020-7731 2021-04-30 2021-04-30
0.0
None ??? ??? ??? ??? ??? ???
This affects all versions of package github.com/russellhaering/gosaml2. There is a crash on nil-pointer dereference caused by sending malformed XML signatures.
1339 CVE-2020-9754 Bypass 2022-06-27 2022-06-27
0.0
None ??? ??? ??? ??? ??? ???
NAVER Whale browser mobile app before 1.10.6.2 allows the attacker to bypass its browser unlock function via incognito mode.
1340 CVE-2020-15153 89 Sql 2021-04-30 2021-04-30
0.0
None ??? ??? ??? ??? ??? ???
Ampache before version 4.2.2 allows unauthenticated users to perform SQL injection. Refer to the referenced GitHub Security Advisory for details and a workaround. This is fixed in version 4.2.2 and the development branch.
1341 CVE-2020-17517 2021-04-27 2021-04-27
0.0
None ??? ??? ??? ??? ??? ???
The S3 buckets and keys in a secure Apache Ozone Cluster must be inaccessible to anonymous access by default. The current security vulnerability allows access to keys and buckets through a curl command or an unauthenticated HTTP request. This enables unauthorized access to buckets and keys thereby exposing data to anonymous clients or users. This affected Apache Ozone prior to the 1.1.0 release. Improper Authorization vulnerability in __COMPONENT__ of Apache Ozone allows an attacker to __IMPACT__. This issue affects Apache Ozone Apache Ozone version 1.0.0 and prior versions.
1342 CVE-2020-17999 Exec Code XSS 2021-04-28 2021-04-28
0.0
None ??? ??? ??? ??? ??? ???
Cross Site Scripting (XSS) in MiniCMS v1.10 allows remote attackers to execute arbitrary code by injecting commands via a crafted HTTP request to the component "/mc-admin/post-edit.php".
1343 CVE-2020-18019 Sql +Info 2021-04-28 2021-04-28
0.0
None ??? ??? ??? ??? ??? ???
SQL Injection in Xinhu OA System v1.8.3 allows remote attackers to obtain sensitive information by injecting arbitrary commands into the "typeid" variable of the "createfolderAjax" function in the "mode_worcAction.php" component.
1344 CVE-2020-18020 Exec Code Sql 2021-04-28 2021-04-28
0.0
None ??? ??? ??? ??? ??? ???
SQL Injection in PHPSHE Mall System v1.7 allows remote attackers to execute arbitrary code by injecting SQL commands into the "user_phone" parameter of a crafted HTTP request to the "admin.php" component.
1345 CVE-2020-18084 Exec Code XSS 2021-04-30 2021-04-30
0.0
None ??? ??? ??? ??? ??? ???
Cross Site Scripting (XSS) in yzmCMS v5.2 allows remote attackers to execute arbitrary code by injecting commands into the "referer" field of a POST request to the component "/member/index/login.html" when logging in.
1346 CVE-2020-19896 Exec Code File Inclusion 2022-06-28 2022-06-29
0.0
None ??? ??? ??? ??? ??? ???
File inclusion vulnerability in Minicms v1.9 allows remote attackers to execute arbitary PHP code via post-edit.php.
1347 CVE-2020-19897 XSS 2022-06-28 2022-06-29
0.0
None ??? ??? ??? ??? ??? ???
A reflected Cross Site Scripting (XSS) in wuzhicms v4.1.0 allows remote attackers to execute arbitrary web script or HTML via the imgurl parameter.
1348 CVE-2020-21161 XSS 2022-06-27 2022-06-27
0.0
None ??? ??? ??? ??? ??? ???
Cross Site Scripting (XSS) vulnerability in Ruckus Wireless ZoneDirector 9.8.3.0.
1349 CVE-2020-21690 DoS 2021-08-10 2021-08-10
0.0
None ??? ??? ??? ??? ??? ???
A memory leak in the grow_array function in cmdutils.c og Ffmpeg 4.2 allows attackers to cause a denial of service (DOS) via a crafted ogg file.
1350 CVE-2020-21989 CSRF 2021-04-27 2021-04-27
0.0
None ??? ??? ??? ??? ??? ???
HomeAutomation 3.3.2 is affected by Cross Site Request Forgery (CSRF). The application interface allows users to perform certain actions via HTTP requests without performing any validity checks to verify the requests. This can be exploited to perform certain actions with administrative privileges if a logged-in user visits a malicious web site.
Total number of vulnerabilities : 2011   Page : 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 (This Page)28 29 30 31 32 33 34 35 36 37 38 39 40 41
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.