CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
  What's the CVSS score of your company?
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities Published In June 2018

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
351 CVE-2018-12088 20 2018-06-10 2019-03-08
5.0
None Remote Low Not required None Partial None
S3QL before 2.27 mishandles checksumming, and consequently allows replay attacks in which an attacker who controls the backend can present old versions of the filesystem metadata database as up-to-date, temporarily inject zero-valued bytes into files, or temporarily hide parts of files. This is related to the checksum_basic_mapping function.
352 CVE-2018-12085 787 Overflow 2018-06-09 2020-08-24
6.8
None Remote Medium Not required Partial Partial Partial
Liblouis 3.6.0 has a stack-based Buffer Overflow in the function parseChars in compileTranslationTable.c, a different vulnerability than CVE-2018-11440.
353 CVE-2018-12084 2018-06-25 2019-10-03
5.0
None Remote Low Not required None Partial None
The mintToken function of a smart contract implementation for BitAsean (BAS), a tradable Ethereum ERC20 token, has no period constraint, which allows the owner to increase the total supply of the digital assets arbitrarily so as to make profits, aka the "tradeTrap" issue.
354 CVE-2018-12083 2018-06-25 2019-10-03
5.0
None Remote Low Not required None Partial None
The mintToken function of a smart contract implementation for GOAL Bonanza (GOAL), a tradable Ethereum ERC20 token, has no period constraint, which allows the owner to increase the total supply of the digital assets arbitrarily so as to make profits, aka the "tradeTrap" issue.
355 CVE-2018-12082 2018-06-25 2019-10-03
5.0
None Remote Low Not required None Partial None
The mintToken function of a smart contract implementation for Fujinto (NTO), a tradable Ethereum ERC20 token, has no period constraint, which allows the owner to increase the total supply of the digital assets arbitrarily so as to make profits, aka the "tradeTrap" issue.
356 CVE-2018-12081 2018-06-25 2019-10-03
5.0
None Remote Low Not required None Partial None
The mintToken function of a smart contract implementation for Target Coin (TGT), a tradable Ethereum ERC20 token, has no period constraint, which allows the owner to increase the total supply of the digital assets arbitrarily so as to make profits, aka the "tradeTrap" issue.
357 CVE-2018-12080 2018-06-25 2019-10-03
5.0
None Remote Low Not required None Partial None
The mintToken function of a smart contract implementation for Internet Node Token (INT), a tradable Ethereum ERC20 token, has no period constraint, which allows the owner to increase the total supply of the digital assets arbitrarily so as to make profits, aka the "tradeTrap" issue.
358 CVE-2018-12079 2018-06-25 2019-10-03
5.0
None Remote Low Not required None Partial None
The mintToken function of a smart contract implementation for Substratum (SUB), a tradable Ethereum ERC20 token, has no period constraint, which allows the owner to increase the total supply of the digital assets arbitrarily so as to make profits, aka the "tradeTrap" issue.
359 CVE-2018-12078 2018-06-25 2019-10-03
5.0
None Remote Low Not required None Partial None
The mintToken function of a smart contract implementation for PolyAI (AI), a tradable Ethereum ERC20 token, has no period constraint, which allows the owner to increase the total supply of the digital assets arbitrarily so as to make profits, aka the "tradeTrap" issue.
360 CVE-2018-12073 79 XSS 2018-06-17 2018-08-11
2.9
None Local Network Medium Not required None Partial None
An issue was discovered on Eminent EM4544 9.10 devices. The device does not require the user's current password to set a new one within the web interface. Therefore, it is possible to exploit this issue (e.g., in combination with a successful XSS, or at an unattended workstation) to change the admin password to an attacker-chosen value without knowing the current password.
361 CVE-2018-12072 2018-06-17 2019-10-03
10.0
None Remote Low Not required Complete Complete Complete
An issue was discovered in Cloud Media Popcorn A-200 03-05-130708-21-POP-411-000 firmware. It is configured to provide TELNET remote access (without a password) that pops a shell as root. If an attacker can connect to port 23 on the device, he can completely compromise it.
362 CVE-2018-12071 384 2018-06-17 2018-08-10
7.5
None Remote Low Not required Partial Partial Partial
A Session Fixation issue exists in CodeIgniter before 3.1.9 because session.use_strict_mode in the Session Library was mishandled.
363 CVE-2018-12070 190 Overflow 2018-06-25 2019-10-03
5.0
None Remote Low Not required None Partial None
The sell function of a smart contract implementation for SEC, a tradable Ethereum ERC20 token, allows a potential trap that could be used to cause financial damage to the seller, because of overflow of the multiplication of its argument amount and a manipulable variable sellPrice, aka the "tradeTrap" issue.
364 CVE-2018-12068 190 Overflow 2018-06-25 2019-10-03
5.0
None Remote Low Not required None Partial None
The sell function of a smart contract implementation for Target Coin (TGT), a tradable Ethereum ERC20 token, allows a potential trap that could be used to cause financial damage to the seller, because of overflow of the multiplication of its argument amount and a manipulable variable sellPrice, aka the "tradeTrap" issue.
365 CVE-2018-12067 190 Overflow 2018-06-25 2019-10-03
5.0
None Remote Low Not required None Partial None
The sell function of a smart contract implementation for Substratum (SUB), a tradable Ethereum ERC20 token, allows a potential trap that could be used to cause financial damage to the seller, because of overflow of the multiplication of its argument amount and a manipulable variable sellPrice, aka the "tradeTrap" issue.
366 CVE-2018-12066 400 DoS 2018-06-08 2018-07-20
2.1
None Local Low Not required None None Partial
BIRD Internet Routing Daemon before 1.6.4 allows local users to cause a denial of service (stack consumption and daemon crash) via BGP mask expressions in birdc.
367 CVE-2018-12065 20 Exec Code File Inclusion 2018-06-08 2018-07-23
7.5
None Remote Low Not required Partial Partial Partial
A Local File Inclusion vulnerability in /system/WCore/WHelper.php in Creatiwity wityCMS 0.6.2 allows remote attackers to include local PHP files (execute PHP code) or read non-PHP files by replacing a helper.json file.
368 CVE-2018-12064 125 2018-06-08 2019-10-03
7.5
None Remote Low Not required Partial Partial Partial
tinyexr 0.9.5 has a heap-based buffer over-read via tinyexr::ReadChannelInfo in tinyexr.h.
369 CVE-2018-12063 190 Overflow 2018-06-25 2019-10-03
5.0
None Remote Low Not required None Partial None
The sell function of a smart contract implementation for Internet Node Token (INT), a tradable Ethereum ERC20 token, allows a potential trap that could be used to cause financial damage to the seller, because of overflow of the multiplication of its argument amount and a manipulable variable sellPrice, aka the "tradeTrap" issue.
370 CVE-2018-12062 190 Overflow 2018-06-25 2019-10-03
5.0
None Remote Low Not required None Partial None
The sell function of a smart contract implementation for SwftCoin (SWFTC), a tradable Ethereum ERC20 token, allows a potential trap that could be used to cause financial damage to the seller, because of overflow of the multiplication of its argument amount and a manipulable variable sellPrice, aka the "tradeTrap" issue.
371 CVE-2018-12055 89 Sql 2018-06-08 2018-07-17
7.5
None Remote Low Not required Partial Partial Partial
Multiple SQL Injections exist in PHP Scripts Mall Schools Alert Management Script via crafted POST data in contact_us.php, faq.php, about.php, photo_gallery.php, privacy.php, and so on.
372 CVE-2018-12054 22 Dir. Trav. 2018-06-08 2018-07-17
5.0
None Remote Low Not required Partial None None
Arbitrary File Read exists in PHP Scripts Mall Schools Alert Management Script via the f parameter in img.php, aka absolute path traversal.
373 CVE-2018-12053 22 Dir. Trav. 2018-06-08 2018-07-17
6.4
None Remote Low Not required None Partial Partial
Arbitrary File Deletion exists in PHP Scripts Mall Schools Alert Management Script via the img parameter in delete_img.php by using directory traversal.
374 CVE-2018-12052 89 Sql 2018-06-08 2018-07-17
7.5
None Remote Low Not required Partial Partial Partial
SQL Injection exists in PHP Scripts Mall Schools Alert Management Script via the q Parameter in get_sec.php.
375 CVE-2018-12051 434 Exec Code 2018-06-08 2018-07-17
7.5
None Remote Low Not required Partial Partial Partial
Arbitrary File Upload and Remote Code Execution exist in PHP Scripts Mall Schools Alert Management Script via $_FILE in /webmasterst/general.php, as demonstrated by a .php file with the image/jpeg content type.
376 CVE-2018-12049 287 Bypass 2018-06-08 2018-08-01
10.0
None Remote Low Not required Complete Complete Complete
** DISPUTED ** A remote attacker can bypass the System Manager Mode on the Canon LBP6030w web interface without a PIN for /checkLogin.cgi via vectors involving /portal_top.html to get full access to the device. NOTE: the vendor reportedly responded that this issue occurs when a customer keeps the default settings without using the countermeasures and best practices shown in the documentation.
377 CVE-2018-12048 287 Bypass 2018-06-08 2018-08-03
10.0
None Remote Low Not required Complete Complete Complete
** DISPUTED ** A remote attacker can bypass the Management Mode on the Canon LBP7110Cw web interface without a PIN for /checkLogin.cgi via vectors involving /portal_top.html to get full access to the device. NOTE: the vendor reportedly responded that this issue occurs when a customer keeps the default settings without using the countermeasures and best practices shown in the documentation.
378 CVE-2018-12047 79 XSS 2018-06-08 2018-07-12
4.3
None Remote Medium Not required None Partial None
xfind/search in Ximdex 4.0 has XSS via the filter[n][value] parameters for non-negative values of n, as demonstrated by n equal to 0 through 12.
379 CVE-2018-12046 20 2018-06-08 2018-07-27
5.0
None Remote Low Not required None Partial None
DedeCMS through 5.7SP2 allows arbitrary file write in dede/file_manage_control.php via a dede/file_manage_view.php?fmdo=newfile request with name and str parameters, as demonstrated by writing to a new .php file.
380 CVE-2018-12045 434 2018-06-08 2018-07-27
7.5
None Remote Low Not required Partial Partial Partial
DedeCMS through V5.7SP2 allows arbitrary file upload in dede/file_manage_control.php via a dede/file_manage_view.php?fmdo=upload request with an upfile1 parameter, as demonstrated by uploading a .php file.
381 CVE-2018-12043 79 XSS 2018-06-07 2018-07-12
4.3
None Remote Medium Not required None Partial None
content/content.blueprintspages.php in Symphony 2.7.6 has XSS via the pages content page.
382 CVE-2018-12042 22 Dir. Trav. 2018-06-07 2018-07-17
5.0
None Remote Low Not required Partial None None
Roxy Fileman through v1.4.5 has Directory traversal via the php/download.php f parameter.
383 CVE-2018-12041 20 2018-06-08 2018-07-23
5.0
None Remote Low Not required None None Partial
An issue was discovered on the MediaTek AWUS036NH wireless USB adapter through 5.1.25.0. Attackers can remotely deny service by sending specially constructed 802.11 frames.
384 CVE-2018-12040 79 XSS 2018-06-13 2019-03-08
4.3
None Remote Medium Not required None Partial None
** DISPUTED ** Reflected Cross-site scripting (XSS) vulnerability in the web profiler in SensioLabs Symfony 3.3.6 allows remote attackers to inject arbitrary web script or HTML via the "file" parameter, aka an _profiler/open?file= URI. NOTE: The vendor states "The XSS ... is in the web profiler, a tool that should never be deployed in production (so, we don't handle those issues as security issues)."
385 CVE-2018-12039 89 Exec Code Sql 2018-06-07 2018-07-27
7.5
None Remote Low Not required Partial Partial Partial
joyplus-cms 1.6.0 allows Remote Code Execution because of an Arbitrary SQL command execution issue in manager/index.php involving use of a "/!select/" substring in place of a select substring.
386 CVE-2018-12036 22 Dir. Trav. 2018-06-07 2018-07-27
6.8
None Remote Medium Not required Partial Partial Partial
OWASP Dependency-Check before 3.2.0 allows attackers to write to arbitrary files via a crafted archive that holds directory traversal filenames.
387 CVE-2018-12035 787 Exec Code 2018-06-15 2018-08-01
6.8
None Remote Medium Not required Partial Partial Partial
In YARA 3.7.1 and prior, parsing a specially crafted compiled rule file can cause an out of bounds write vulnerability in yr_execute_code in libyara/exec.c.
388 CVE-2018-12034 125 Exec Code 2018-06-15 2018-08-01
6.8
None Remote Medium Not required Partial Partial Partial
In YARA 3.7.1 and prior, parsing a specially crafted compiled rule file can cause an out of bounds read vulnerability in yr_execute_code in libyara/exec.c.
389 CVE-2018-12031 22 Dir. Trav. File Inclusion 2018-06-07 2018-07-27
7.5
None Remote Low Not required Partial Partial Partial
Local file inclusion in Eaton Intelligent Power Manager v1.6 allows an attacker to include a file via server/node_upgrade_srv.js directory traversal with the firmware parameter in a downloadFirmware action.
390 CVE-2018-12030 79 XSS 2018-06-15 2018-08-01
3.5
None Remote Medium ??? None Partial None
Chevereto Free before 1.0.13 has XSS.
391 CVE-2018-12029 362 2018-06-17 2019-03-08
4.4
None Local Medium Not required Partial Partial Partial
A race condition in the nginx module in Phusion Passenger 3.x through 5.x before 5.3.2 allows local escalation of privileges when a non-standard passenger_instance_registry_dir with insufficiently strict permissions is configured. Replacing a file with a symlink after the file was created, but before it was chowned, leads to the target of the link being chowned via the path. Targeting sensitive files such as root's crontab file allows privilege escalation.
392 CVE-2018-12028 732 2018-06-17 2019-10-03
6.8
None Remote Medium Not required Partial Partial Partial
An Incorrect Access Control vulnerability in SpawningKit in Phusion Passenger 5.3.x before 5.3.2 allows a Passenger-managed malicious application, upon spawning a child process, to report an arbitrary different PID back to Passenger's process manager. If the malicious application then generates an error, it would cause Passenger's process manager to kill said reported arbitrary PID.
393 CVE-2018-12027 200 +Info 2018-06-17 2019-10-03
6.5
None Remote Low ??? Partial Partial Partial
An Insecure Permissions vulnerability in SpawningKit in Phusion Passenger 5.3.x before 5.3.2 causes information disclosure in the following situation: given a Passenger-spawned application process that reports that it listens on a certain Unix domain socket, if any of the parent directories of said socket are writable by a normal user that is not the application's user, then that non-application user can swap that directory with something else, resulting in traffic being redirected to a non-application user's process through an alternative Unix domain socket.
394 CVE-2018-12026 59 2018-06-17 2019-03-08
7.5
None Remote Low Not required Partial Partial Partial
During the spawning of a malicious Passenger-managed application, SpawningKit in Phusion Passenger 5.3.x before 5.3.2 allows such applications to replace key files or directories in the spawning communication directory with symlinks. This then could result in arbitrary reads and writes, which in turn can result in information disclosure and privilege escalation.
395 CVE-2018-12025 20 Bypass 2018-06-11 2018-08-06
5.0
None Remote Low Not required None Partial None
The transferFrom function of a smart contract implementation for FuturXE (FXE), an Ethereum ERC20 token, allows attackers to accomplish an unauthorized transfer of digital assets because of a logic error. The developer messed up with the boolean judgment - if the input value is smaller than or equal to allowed value, the transfer session would stop execution by returning false. This makes no sense, because the transferFrom() function should require the transferring value to not exceed the allowed value in the first place. Suppose this function asks for the allowed value to be smaller than the input. Then, the attacker could easily ignore the allowance: after this condition, the `allowed[from][msg.sender] -= value;` would cause an underflow because the allowed part is smaller than the value. The attacker could transfer any amount of FuturXe tokens of any accounts to an appointed account (the `_to` address) because the allowed value is initialized to 0, and the attacker could bypass this restriction even without the victim's private key.
396 CVE-2018-12020 706 2018-06-08 2021-12-28
5.0
None Remote Low Not required None Partial None
mainproc.c in GnuPG before 2.2.8 mishandles the original filename during decryption and verification actions, which allows remote attackers to spoof the output that GnuPG sends on file descriptor 2 to other programs that use the "--status-fd 2" option. For example, the OpenPGP data might represent an original filename that contains line feed characters in conjunction with GOODSIG or VALIDSIG status codes.
397 CVE-2018-12019 347 2018-06-13 2019-05-16
5.0
None Remote Low Not required None Partial None
The signature verification routine in Enigmail before 2.0.7 interprets user ids as status/control messages and does not correctly keep track of the status of multiple signatures, which allows remote attackers to spoof arbitrary email signatures via public keys containing crafted primary user ids.
398 CVE-2018-12016 DoS 2018-06-07 2019-10-03
5.0
None Remote Low Not required None None Partial
libephymain.so in GNOME Web (aka Epiphany) through 3.28.2.1 allows remote attackers to cause a denial of service (application crash) via certain window.open and document.write calls.
399 CVE-2018-12015 59 Dir. Trav. Bypass 2018-06-07 2020-08-24
6.4
None Remote Low Not required None Partial Partial
In Perl through 5.26.2, the Archive::Tar module allows remote attackers to bypass a directory-traversal protection mechanism, and overwrite arbitrary files, via an archive file containing a symlink and a regular file with the same name.
400 CVE-2018-11813 834 2018-06-06 2020-06-25
5.0
None Remote Low Not required None None Partial
libjpeg 9c has a large loop because read_pixel in rdtarga.c mishandles EOF.
Total number of vulnerabilities : 1788   Page : 1 2 3 4 5 6 7 8 (This Page)9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.