CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
  What's the CVSS score of your company?
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities Published In June 2018

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
251 CVE-2018-12498 89 Sql 2018-06-15 2018-07-27
7.5
None Remote Low Not required Partial Partial Partial
spider.admincp.php in iCMS v7.0.8 has SQL Injection via the id parameter in an app=spider&do=batch request to admincp.php.
252 CVE-2018-12495 125 DoS 2018-06-15 2019-05-02
4.3
None Remote Medium Not required None None Partial
The quoteblock function in markdown.c in libmarkdown.a in DISCOUNT 2.2.3a allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted file.
253 CVE-2018-12494 22 Dir. Trav. 2018-06-15 2019-03-18
4.0
None Remote Low ??? Partial None None
An issue was discovered in PublicCMS V4.0.20180210. There is a "Directory Traversal" and "Arbitrary file read" vulnerability via an admin/cmsTemplate/content.html?path=../ URI.
254 CVE-2018-12493 22 Dir. Trav. 2018-06-15 2019-05-02
4.0
None Remote Low ??? Partial None None
An issue was discovered in PublicCMS V4.0.20180210. There is a "Directory Traversal" and "Arbitrary file read" vulnerability via an admin/cmsWebFile/list.html?path=../ URI.
255 CVE-2018-12492 20 2018-06-15 2018-07-27
6.4
None Remote Low Not required None Partial Partial
PHPOK 4.9.032 has an arbitrary file deletion vulnerability in the delfile_f function in framework/admin/tpl_control.php.
256 CVE-2018-12491 434 2018-06-15 2018-07-27
7.5
None Remote Low Not required Partial Partial Partial
PHPOK 4.9.032 has an arbitrary file upload vulnerability in the import_f function in framework/admin/modulec_control.php, as demonstrated by uploading a .php file within a .php.zip archive, a similar issue to CVE-2018-8944.
257 CVE-2018-12481 200 +Info 2018-06-15 2019-10-03
5.0
None Remote Low Not required Partial None None
The Olive Tree Ftp Server application 1.32 for Android has a "Sensitive Data on the Clipboard" vulnerability, as demonstrated by reading the "User password" field with the Drozer post.capture.clipboard module.
258 CVE-2018-12465 78 Exec Code 2018-06-29 2019-10-09
9.0
None Remote Low ??? Complete Complete Complete
An OS command injection vulnerability in the web administration component of Micro Focus Secure Messaging Gateway (SMG) allows a remote attacker authenticated as a privileged user to execute arbitrary OS commands on the SMG server. This can be exploited in conjunction with CVE-2018-12464 to achieve unauthenticated remote code execution. Affects Micro Focus Secure Messaging Gateway versions prior to 471. It does not affect previous versions of the product that used GWAVA product name (i.e. GWAVA 6.5).
259 CVE-2018-12464 89 Exec Code Sql 2018-06-29 2019-10-09
7.5
None Remote Low Not required Partial Partial Partial
A SQL injection vulnerability in the web administration and quarantine components of Micro Focus Secure Messaging Gateway allows an unauthenticated remote attacker to execute arbitrary SQL statements against the database. This can be exploited to create an administrative account and used in conjunction with CVE-2018-12465 to achieve unauthenticated remote code execution. Affects Micro Focus Secure Messaging Gateway versions prior to 471. It does not affect previous versions of the product that use the GWAVA product name (i.e. GWAVA 6.5).
260 CVE-2018-12460 476 DoS 2018-06-15 2018-08-02
4.3
None Remote Medium Not required None None Partial
libavcodec in FFmpeg 4.0 may trigger a NULL pointer dereference if the studio profile is incorrectly detected while converting a crafted AVI file to MPEG4, leading to a denial of service, related to idctdsp.c and mpegvideo.c.
261 CVE-2018-12459 20 DoS 2018-06-15 2018-08-02
4.3
None Remote Medium Not required None None Partial
An inconsistent bits-per-sample value in the ff_mpeg4_decode_picture_header function in libavcodec/mpeg4videodec.c in FFmpeg 4.0 may trigger an assertion violation while converting a crafted AVI file to MPEG4, leading to a denial of service.
262 CVE-2018-12458 20 DoS 2018-06-15 2021-02-05
4.3
None Remote Medium Not required None None Partial
An improper integer type in the mpeg4_encode_gop_header function in libavcodec/mpeg4videoenc.c in FFmpeg 2.8 and 4.0 may trigger an assertion violation while converting a crafted AVI file to MPEG4, leading to a denial of service.
263 CVE-2018-12457 732 2018-06-15 2019-10-03
6.5
None Remote Low ??? Partial Partial Partial
expressCart before 1.1.6 allows remote attackers to create an admin user via a /admin/setup Referer header.
264 CVE-2018-12454 338 2018-06-17 2018-08-14
5.0
None Remote Low Not required Partial None None
The _addguess function of a simplelottery smart contract implementation for 1000 Guess, an Ethereum gambling game, generates a random value with publicly readable variables such as the current block information and a private variable (which can be read with a getStorageAt call). Therefore, it allows attackers to always win and get rewards.
265 CVE-2018-12453 704 2018-06-16 2018-08-14
5.0
None Remote Low Not required None None Partial
Type confusion in the xgroupCommand function in t_stream.c in redis-server in Redis before 5.0 allows remote attackers to cause denial-of-service via an XGROUP command in which the key is not a stream.
266 CVE-2018-12447 787 Exec Code Overflow 2018-06-15 2020-08-24
6.8
None Remote Medium Not required Partial Partial Partial
The restore_tqb_pixels function in hevc_filter.c in libavcodec, as used in libbpg 0.9.8 and other products, has an integer overflow that leads to a heap-based buffer overflow and remote code execution.
267 CVE-2018-12446 287 Bypass 2018-06-20 2018-08-23
3.3
None Local Medium Not required Partial Partial None
** DISPUTED ** An issue was discovered in the com.dropbox.android application 98.2.2 for Android. The Passcode feature allows authentication bypass via runtime manipulation that forces a certain method's return value to true. In other words, an attacker could authenticate with an arbitrary passcode. NOTE: the vendor indicates that this is not an attack of interest within the context of their threat model, which excludes Android devices on which rooting has occurred.
268 CVE-2018-12445 287 Bypass 2018-06-20 2018-08-23
3.3
None Local Medium Not required Partial Partial None
** DISPUTED ** An issue was discovered in the com.dropbox.android application 98.2.2 for Android. The FingerprintManager class for Biometric validation allows authentication bypass through the callback method from onAuthenticationFailed to onAuthenticationSucceeded with null, because the fingerprint API in conjunction with the Android keyGenerator class is not implemented. In other words, an attacker could authenticate with an arbitrary fingerprint. NOTE: the vendor indicates that this is not an attack of interest within the context of their threat model, which excludes Android devices on which rooting has occurred.
269 CVE-2018-12440 200 +Info 2018-06-15 2018-08-06
1.9
None Local Medium Not required Partial None None
BoringSSL through 2018-06-14 allows a memory-cache side-channel attack on DSA signatures, aka the Return Of the Hidden Number Problem or ROHNP. To discover a DSA key, the attacker needs access to either the local machine or a different virtual machine on the same physical host.
270 CVE-2018-12439 200 XSS +Info 2018-06-15 2018-08-06
1.9
None Local Medium Not required Partial None None
MatrixSSL through 3.9.5 Open allows a memory-cache side-channel attack on ECDSA signatures, aka the Return Of the Hidden Number Problem or ROHNP. To discover an ECDSA key, the attacker needs access to either the local machine or a different virtual machine on the same physical host.
271 CVE-2018-12438 200 +Info 2018-06-15 2021-03-09
1.9
None Local Medium Not required Partial None None
The Elliptic Curve Cryptography library (aka sunec or libsunec) allows a memory-cache side-channel attack on ECDSA signatures, aka the Return Of the Hidden Number Problem or ROHNP. To discover an ECDSA key, the attacker needs access to either the local machine or a different virtual machine on the same physical host.
272 CVE-2018-12437 200 +Info 2018-06-15 2021-06-29
1.9
None Local Medium Not required Partial None None
LibTomCrypt through 1.18.1 allows a memory-cache side-channel attack on ECDSA signatures, aka the Return Of the Hidden Number Problem or ROHNP. To discover an ECDSA key, the attacker needs access to either the local machine or a different virtual machine on the same physical host.
273 CVE-2018-12436 200 +Info 2018-06-15 2018-08-06
1.9
None Local Medium Not required Partial None None
wolfcrypt/src/ecc.c in wolfSSL before 3.15.1.patch allows a memory-cache side-channel attack on ECDSA signatures, aka the Return Of the Hidden Number Problem or ROHNP. To discover an ECDSA key, the attacker needs access to either the local machine or a different virtual machine on the same physical host.
274 CVE-2018-12435 200 +Info 2018-06-15 2018-08-22
1.9
None Local Medium Not required Partial None None
Botan 2.5.0 through 2.6.0 before 2.7.0 allows a memory-cache side-channel attack on ECDSA signatures, aka the Return Of the Hidden Number Problem or ROHNP, related to dsa/dsa.cpp, ec_group/ec_group.cpp, and ecdsa/ecdsa.cpp. To discover an ECDSA key, the attacker needs access to either the local machine or a different virtual machine on the same physical host.
275 CVE-2018-12434 200 +Info 2018-06-15 2018-08-06
1.9
None Local Medium Not required Partial None None
LibreSSL before 2.6.5 and 2.7.x before 2.7.4 allows a memory-cache side-channel attack on DSA and ECDSA signatures, aka the Return Of the Hidden Number Problem or ROHNP. To discover a key, the attacker needs access to either the local machine or a different virtual machine on the same physical host.
276 CVE-2018-12433 200 +Info 2018-06-15 2021-03-09
1.9
None Local Medium Not required Partial None None
** DISPUTED ** cryptlib through 3.4.4 allows a memory-cache side-channel attack on DSA and ECDSA signatures, aka the Return Of the Hidden Number Problem or ROHNP. To discover a key, the attacker needs access to either the local machine or a different virtual machine on the same physical host. NOTE: the vendor does not include side-channel attacks within its threat model.
277 CVE-2018-12432 79 XSS 2018-06-14 2018-08-02
4.3
None Remote Medium Not required None Partial None
JavaMelody through 1.60.0 has XSS via the counter parameter in a clear_counter action to the /monitoring URI.
278 CVE-2018-12431 79 XSS 2018-06-14 2018-08-02
3.5
None Remote Medium ??? None Partial None
SeaCMS V6.61 has XSS via the site name parameter on an adm1n/admin_config.php page (aka a system management page).
279 CVE-2018-12423 2018-06-14 2019-10-03
5.0
None Remote Low Not required None Partial None
In Synapse before 0.31.2, unauthorised users can hijack rooms when there is no m.room.power_levels event in force.
280 CVE-2018-12422 119 Overflow 2018-06-15 2018-08-09
7.5
None Remote Low Not required Partial Partial Partial
** DISPUTED ** addressbook/backends/ldap/e-book-backend-ldap.c in Evolution-Data-Server in GNOME Evolution through 3.29.2 might allow attackers to trigger a Buffer Overflow via a long query that is processed by the strcat function. NOTE: the software maintainer disputes this because "the code had computed the required string length first, and then allocated a large-enough buffer on the heap."
281 CVE-2018-12421 640 2018-06-14 2018-08-10
5.0
None Remote Low Not required Partial None None
LTB (aka LDAP Tool Box) Self Service Password before 1.3 allows a change to a user password (without knowing the old password) via a crafted POST request, because the ldap_bind return value is mishandled and the PHP data type is not constrained to be a string.
282 CVE-2018-12420 327 2018-06-14 2018-08-09
5.0
None Remote Low Not required Partial None None
IceHrm before 23.0.1.OS has a risky usage of a hashed password in a request.
283 CVE-2018-12418 835 DoS 2018-06-14 2019-10-03
4.3
None Remote Medium Not required None None Partial
Archive.java in Junrar before 1.0.1, as used in Apache Tika and other products, is affected by a denial of service vulnerability due to an infinite loop when handling corrupt RAR files.
284 CVE-2018-12356 347 Exec Code 2018-06-15 2019-05-16
7.5
None Remote Low Not required Partial Partial Partial
An issue was discovered in password-store.sh in pass in Simple Password Store 1.7.x before 1.7.2. The signature verification routine parses the output of GnuPG with an incomplete regular expression, which allows remote attackers to spoof file signatures on configuration files and extension scripts. Modifying the configuration file allows the attacker to inject additional encryption keys under their control, thereby disclosing passwords to the attacker. Modifying the extension scripts allows the attacker arbitrary code execution.
285 CVE-2018-12355 79 XSS 2018-06-13 2020-06-04
4.3
None Remote Medium Not required None Partial None
Knowage (formerly SpagoBI) 6.1.1 allows XSS via the name or description field to the "Olap Schemas' Catalogue" catalogue.
286 CVE-2018-12354 352 CSRF 2018-06-13 2018-07-27
6.8
None Remote Medium Not required Partial Partial Partial
Knowage (formerly SpagoBI) 6.1.1 allows CSRF via every form, as demonstrated by a /knowage/restful-services/2.0/analyticalDrivers/ POST request.
287 CVE-2018-12353 79 XSS 2018-06-13 2018-07-24
4.3
None Remote Medium Not required None Partial None
Knowage (formerly SpagoBI) 6.1.1 allows XSS via the name field to the "Business Model's Catalogue" catalogue.
288 CVE-2018-12339 79 XSS 2018-06-13 2018-08-02
3.5
None Remote Medium ??? None Partial None
ArticleCMS through 2017-02-19 has XSS via an "add an article" action.
289 CVE-2018-12338 2018-06-17 2019-10-03
10.0
None Remote Low Not required Complete Complete Complete
Undocumented Factory Backdoor in ECOS System Management Appliance (aka SMA) 5.2.68 allows the vendor to extract confidential information and manipulate security relevant configurations via remote root SSH access.
290 CVE-2018-12337 200 +Info 2018-06-17 2018-08-10
2.1
None Local Low Not required Partial None None
Reliance on Security Through Obscurity vulnerability in ECOS Secure Boot Stick (aka SBS) 5.6.5 allows an attacker to partially extract confidential configurations via user-space emulation.
291 CVE-2018-12336 200 +Info 2018-06-17 2018-08-10
10.0
None Remote Low Not required Complete Complete Complete
Undocumented Factory Backdoor in ECOS Secure Boot Stick (aka SBS) 5.6.5 allows the vendor to extract confidential information via remote root SSH access.
292 CVE-2018-12335 732 2018-06-17 2019-10-03
4.1
None Local Network Low ??? Partial Partial None
Incorrect access control in ECOS System Management Appliance (aka SMA) 5.2.68 allows a user to compromise authentication keys, and access and manipulate security relevant configurations, via unrestricted database access during Easy Enrollment.
293 CVE-2018-12334 2018-06-17 2019-10-03
6.5
None Remote Low ??? Partial Partial Partial
Protection Mechanism Failure in ECOS Secure Boot Stick (aka SBS) 5.6.5 allows an attacker to compromise authentication and encryption keys via a virtualization attack.
294 CVE-2018-12333 345 Exec Code 2018-06-17 2019-10-03
6.8
None Remote Medium Not required Partial Partial Partial
Insufficient Verification of Data Authenticity vulnerability in ECOS Secure Boot Stick (aka SBS) 5.6.5 allows an attacker to manipulate security relevant configurations and execute malicious code.
295 CVE-2018-12332 459 2018-06-17 2019-10-03
1.9
None Local Medium Not required Partial None None
Incomplete Cleanup vulnerability in ECOS Secure Boot Stick (aka SBS) 5.6.5 allows an attacker to compromise authentication and encryption keys via a compromised host PC after a reset.
296 CVE-2018-12331 290 Bypass 2018-06-17 2020-08-24
5.8
None Remote Medium Not required Partial Partial None
Authentication Bypass by Spoofing vulnerability in ECOS System Management Appliance (aka SMA) 5.2.68 allows a man-in-the-middle attacker to compromise authentication keys and configurations via IP spoofing during "Easy Enrollment."
297 CVE-2018-12330 2018-06-17 2019-10-03
8.5
None Remote Low ??? Complete Complete None
Protection Mechanism Failure in ECOS Secure Boot Stick (aka SBS) 5.6.5 allows an attacker to compromise authentication and encryption keys via compromised firmware.
298 CVE-2018-12329 200 +Info 2018-06-17 2018-08-09
4.3
None Remote Medium Not required Partial None None
Protection Mechanism Failure in ECOS Secure Boot Stick (aka SBS) 5.6.5 allows a local attacker to duplicate an authentication factor via cloning.
299 CVE-2018-12327 787 Exec Code Overflow 2018-06-20 2020-08-24
7.5
None Remote Low Not required Partial Partial Partial
Stack-based buffer overflow in ntpq and ntpdc of NTP version 4.2.8p11 allows an attacker to achieve code execution or escalate to higher privileges via a long string as the argument for an IPv4 or IPv6 command-line parameter. NOTE: It is unclear whether there are any common situations in which ntpq or ntpdc is used with a command line from an untrusted source.
300 CVE-2018-12326 119 Exec Code Overflow 2018-06-17 2019-01-17
4.6
None Local Low Not required Partial Partial Partial
Buffer overflow in redis-cli of Redis before 4.0.10 and 5.x before 5.0 RC3 allows an attacker to achieve code execution and escalate to higher privileges via a crafted command line. NOTE: It is unclear whether there are any common situations in which redis-cli is used with, for example, a -h (aka hostname) argument from an untrusted source.
Total number of vulnerabilities : 1788   Page : 1 2 3 4 5 6 (This Page)7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.