CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
  What's the CVSS score of your company?
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities Published In July 2018

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
401 CVE-2018-13843 772 2018-07-10 2019-10-03
5.0
None Remote Low Not required None None Partial
** DISPUTED ** An issue has been found in HTSlib 1.8. It is a memory leak in bgzf_getline in bgzf.c. NOTE: the software maintainer's position is that the "failure to free memory" can be fixed in applications that use the HTSlib library (such as test/test_bgzf.c in the original report) and is not a library issue.
402 CVE-2018-13836 190 Overflow 2018-07-12 2018-08-13
5.0
None Remote Low Not required None Partial None
An integer overflow vulnerability exists in the function multiTransfer of Rocket Coin (XRC), an Ethereum token smart contract. An attacker could use it to set any user's balance.
403 CVE-2018-13833 787 DoS Overflow 2018-07-10 2020-08-24
6.8
None Remote Medium Not required Partial Partial Partial
An issue was discovered in cmft through 2017-09-24. The cmft::rwReadFile function in image.cpp allows remote attackers to cause a denial of service (stack-based buffer overflow and application crash) or possibly have unspecified other impact.
404 CVE-2018-13832 79 XSS 2018-07-16 2018-09-13
3.5
None Remote Medium ??? None Partial None
Multiple Persistent cross-site scripting (XSS) issues in the Techotronic all-in-one-favicon (aka All In One Favicon) plugin 4.6 for WordPress allow remote attackers to inject arbitrary web script or HTML via Apple-Text, GIF-Text, ICO-Text, PNG-Text, or JPG-Text.
405 CVE-2018-13818 94 2018-07-10 2019-03-08
7.5
None Remote Low Not required Partial Partial Partial
** DISPUTED ** Twig before 2.4.4 allows Server-Side Template Injection (SSTI) via the search search_key parameter. NOTE: the vendor points out that Twig itself is not a web application and states that it is the responsibility of web applications using Twig to properly wrap input to it.
406 CVE-2018-13797 78 2018-07-10 2019-10-03
7.5
None Remote Low Not required Partial Partial Partial
The macaddress module before 0.2.9 for Node.js is prone to an arbitrary command injection flaw, due to allowing unsanitized input to an exec (rather than execFile) call.
407 CVE-2018-13796 20 2018-07-12 2020-05-06
4.3
None Remote Medium Not required None Partial None
An issue was discovered in GNU Mailman before 2.1.28. A crafted URL can cause arbitrary text to be displayed on a web page from a trusted site.
408 CVE-2018-13795 20 2018-07-09 2018-09-05
5.0
None Remote Low Not required None None Partial
Gravity before 0.5.1 does not support a maximum recursion depth.
409 CVE-2018-13794 787 Overflow 2018-07-09 2020-09-14
7.5
None Remote Low Not required Partial Partial Partial
A heap-based buffer overflow exists in stbi__bmp_load_cont in stb_image.h in catimg 2.4.0.
410 CVE-2018-13793 352 CSRF 2018-07-09 2018-09-07
6.8
None Remote Medium Not required Partial Partial Partial
Multiple Cross Site Request Forgery (CSRF) vulnerabilities in the HTTP API in ABBYY FlexiCapture before 12 Release 1 Update 7 exist in Web Verification, Web Scanning, Web Capture, Monitoring and Administration, and Login.
411 CVE-2018-13791 732 2018-07-09 2019-10-03
7.5
None Remote Low Not required Partial Partial Partial
The HTTP API in ABBYY FlexiCapture before 12 Release 1 Update 7 allows an attacker to conduct Access Control attacks via the /FlexiCapture12/Login/Server/SevaUserProfile FlexiCaptureTmsSts2 parameter.
412 CVE-2018-13790 918 2018-07-09 2021-07-15
6.5
None Remote Low ??? Partial Partial Partial
A Server Side Request Forgery (SSRF) vulnerability in tools/files/importers/remote.php in concrete5 8.2.0 can lead to attacks on the local network and mapping of the internal network, because of URL functionality on the File Manager page.
413 CVE-2018-13787 2018-07-09 2019-10-03
7.2
None Local Low Not required Complete Complete Complete
Certain Supermicro X11S, X10, X9, X8SI, K1SP, C9X299, C7, B1, A2, and A1 products have a misconfigured Descriptor Region, allowing OS programs to modify firmware.
414 CVE-2018-13785 369 DoS Overflow 2018-07-09 2020-09-08
4.3
None Remote Medium Not required None None Partial
In libpng 1.6.34, a wrong calculation of row_factor in the png_check_chunk_length function (pngrutil.c) may trigger an integer overflow and resultant divide-by-zero while processing a crafted PNG file, leading to a denial of service.
415 CVE-2018-13784 2018-07-09 2019-10-03
6.4
None Remote Low Not required Partial Partial None
PrestaShop before 1.6.1.20 and 1.7.x before 1.7.3.4 mishandles cookie encryption in Cookie.php, Rinjdael.php, and Blowfish.php.
416 CVE-2018-13783 190 Overflow 2018-07-09 2018-07-17
5.0
None Remote Low Not required None Partial None
The mintToken function of a smart contract implementation for JiucaiToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.
417 CVE-2018-13782 190 Overflow 2018-07-09 2018-07-17
5.0
None Remote Low Not required None Partial None
The mintToken function of a smart contract implementation for ENTER (ENTR) (Contract Name: EnterCoin), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.
418 CVE-2018-13781 190 Overflow 2018-07-09 2019-11-25
5.0
None Remote Low Not required None Partial None
The mintToken function of a smart contract implementation for MyYLC, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.
419 CVE-2018-13780 190 Overflow 2018-07-09 2018-07-17
5.0
None Remote Low Not required None Partial None
The mintToken function of a smart contract implementation for ESH, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.
420 CVE-2018-13779 190 Overflow 2018-07-09 2018-07-17
5.0
None Remote Low Not required None Partial None
The mintToken function of a smart contract implementation for YLCToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.
421 CVE-2018-13778 190 Overflow 2018-07-09 2018-07-17
5.0
None Remote Low Not required None Partial None
The mintToken function of a smart contract implementation for CGCToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.
422 CVE-2018-13777 190 Overflow 2018-07-09 2018-07-17
5.0
None Remote Low Not required None Partial None
The mintToken function of a smart contract implementation for RRToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.
423 CVE-2018-13776 190 Overflow 2018-07-09 2018-07-17
5.0
None Remote Low Not required None Partial None
The mintToken function of a smart contract implementation for AppleToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.
424 CVE-2018-13775 190 Overflow 2018-07-09 2018-07-17
5.0
None Remote Low Not required None Partial None
The mintToken function of a smart contract implementation for RCKT_Coin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.
425 CVE-2018-13774 190 Overflow 2018-07-09 2018-07-17
5.0
None Remote Low Not required None Partial None
The mintToken function of a smart contract implementation for Bitstarti, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.
426 CVE-2018-13773 190 Overflow 2018-07-09 2018-07-17
5.0
None Remote Low Not required None Partial None
The mintToken function of a smart contract implementation for Enterprise Token Ecosystem (ETE) (Contract Name: NetkillerToken), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.
427 CVE-2018-13772 190 Overflow 2018-07-09 2018-07-17
5.0
None Remote Low Not required None Partial None
The mintToken function of a smart contract implementation for TheFlashToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.
428 CVE-2018-13771 190 Overflow 2018-07-09 2018-07-17
5.0
None Remote Low Not required None Partial None
The mintToken function of a smart contract implementation for ExacoreContract, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.
429 CVE-2018-13770 190 Overflow 2018-07-09 2018-07-17
5.0
None Remote Low Not required None Partial None
The mintToken function of a smart contract implementation for UltimateCoin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.
430 CVE-2018-13769 190 Overflow 2018-07-09 2018-07-17
5.0
None Remote Low Not required None Partial None
The mintToken function of a smart contract implementation for JeansToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.
431 CVE-2018-13768 190 Overflow 2018-07-09 2018-07-17
5.0
None Remote Low Not required None Partial None
The mintToken function of a smart contract implementation for ZToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.
432 CVE-2018-13767 190 Overflow 2018-07-09 2018-07-17
5.0
None Remote Low Not required None Partial None
The mintToken function of a smart contract implementation for Cornerstone, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.
433 CVE-2018-13766 190 Overflow 2018-07-09 2018-07-17
5.0
None Remote Low Not required None Partial None
The mintToken function of a smart contract implementation for Easticoin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.
434 CVE-2018-13765 190 Overflow 2018-07-09 2018-07-17
5.0
None Remote Low Not required None Partial None
The mintToken function of a smart contract implementation for LandCoin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.
435 CVE-2018-13764 190 Overflow 2018-07-09 2018-07-17
5.0
None Remote Low Not required None Partial None
The mintToken function of a smart contract implementation for BiquToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.
436 CVE-2018-13763 190 Overflow 2018-07-09 2018-07-17
5.0
None Remote Low Not required None Partial None
The mintToken function of a smart contract implementation for Ublasti, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.
437 CVE-2018-13762 190 Overflow 2018-07-09 2018-07-17
5.0
None Remote Low Not required None Partial None
The mintToken function of a smart contract implementation for Yumerium, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.
438 CVE-2018-13761 190 Overflow 2018-07-09 2018-07-17
5.0
None Remote Low Not required None Partial None
The mintToken function of a smart contract implementation for NetkillerAdvancedTokenAirDrop, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.
439 CVE-2018-13760 190 Overflow 2018-07-09 2019-11-26
5.0
None Remote Low Not required None Partial None
The mintToken function of a smart contract implementation for MoneyChainNet (MCN), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.
440 CVE-2018-13759 190 Overflow 2018-07-09 2018-07-17
5.0
None Remote Low Not required None Partial None
The mintToken function of a smart contract implementation for BIGCAdvancedToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.
441 CVE-2018-13758 190 Overflow 2018-07-09 2018-07-17
5.0
None Remote Low Not required None Partial None
The mintToken function of a smart contract implementation for LoliCoin, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.
442 CVE-2018-13757 190 Overflow 2018-07-09 2018-07-17
5.0
None Remote Low Not required None Partial None
The mintToken function of a smart contract implementation for Coinquer, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.
443 CVE-2018-13756 190 Overflow 2018-07-09 2018-07-17
5.0
None Remote Low Not required None Partial None
The mintToken function of a smart contract implementation for CherryCoinFoundation, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.
444 CVE-2018-13755 190 Overflow 2018-07-09 2018-07-17
5.0
None Remote Low Not required None Partial None
The mintToken function of a smart contract implementation for OTAKUToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.
445 CVE-2018-13754 190 Overflow 2018-07-09 2018-07-17
5.0
None Remote Low Not required None Partial None
The mintToken function of a smart contract implementation for CryptosisToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.
446 CVE-2018-13753 190 Overflow 2018-07-09 2018-07-17
5.0
None Remote Low Not required None Partial None
The mintToken function of a smart contract implementation for DeWeiSecurityServiceToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.
447 CVE-2018-13752 190 Overflow 2018-07-09 2018-07-17
5.0
None Remote Low Not required None Partial None
The mintToken function of a smart contract implementation for Thread, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.
448 CVE-2018-13751 190 Overflow 2018-07-09 2018-07-17
5.0
None Remote Low Not required None Partial None
The mintToken function of a smart contract implementation for JustWallet, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.
449 CVE-2018-13750 190 Overflow 2018-07-09 2018-07-17
5.0
None Remote Low Not required None Partial None
The mintToken function of a smart contract implementation for RichiumToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.
450 CVE-2018-13749 190 Overflow 2018-07-09 2018-07-17
5.0
None Remote Low Not required None Partial None
The mintToken function of a smart contract implementation for FinalToken, an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value.
Total number of vulnerabilities : 2175   Page : 1 2 3 4 5 6 7 8 9 (This Page)10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.