CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
  What's the CVSS score of your company?
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities Published In August 2018

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
401 CVE-2018-14735 200 +Info 2018-08-09 2018-10-11
5.0
None Remote Low Not required Partial None None
An Information Exposure issue was discovered in Hitachi Command Suite 8.5.3. A remote attacker may be able to exploit a flaw in the permission of messaging that may allow for information exposure via a crafted message.
402 CVE-2018-14728 918 2018-08-03 2019-06-17
7.5
None Remote Low Not required Partial Partial Partial
upload.php in Responsive FileManager 9.13.1 allows SSRF via the url parameter.
403 CVE-2018-14722 Exec Code 2018-08-15 2019-10-03
9.3
None Remote Medium Not required Complete Complete Complete
An issue was discovered in evaluate_auto_mountpoint in btrfsmaintenance-functions in btrfsmaintenance through 0.4.1. Code execution as root can occur via a specially crafted filesystem label if btrfs-{scrub,balance,trim} are set to auto in /etc/sysconfig/btrfsmaintenance (this is not the default, though).
404 CVE-2018-14716 94 Exec Code 2018-08-06 2020-08-24
5.0
None Remote Low Not required Partial None None
A Server Side Template Injection (SSTI) was discovered in the SEOmatic plugin before 3.1.4 for Craft CMS, because requests that don't match any elements incorrectly generate the canonicalUrl, and can lead to execution of Twig code.
405 CVE-2018-14715 338 2018-08-03 2018-10-02
5.0
None Remote Low Not required Partial None None
The endCoinFlip function and throwSlammer function of the smart contract implementations for Cryptogs, an Ethereum game, generate random numbers with an old block's hash. Therefore, attackers can predict the random number and always win the game.
406 CVE-2018-14622 252 2018-08-30 2020-12-04
5.0
None Remote Low Not required None None Partial
A null-pointer dereference vulnerability was found in libtirpc before version 0.3.3-rc3. The return value of makefd_xprt() was not checked in all instances, which could lead to a crash when the server exhausted the maximum number of available file descriptors. A remote attacker could cause an rpc-based application to crash by flooding it with new connections.
407 CVE-2018-14621 835 2018-08-30 2019-10-09
7.8
None Remote Low Not required None None Complete
An infinite loop vulnerability was found in libtirpc before version 1.0.2-rc2. With the port to using poll rather than select, exhaustion of file descriptors would cause the server to enter an infinite loop, consuming a large amount of CPU time and denying service to other clients until restarted.
408 CVE-2018-14619 20 2018-08-30 2019-10-09
7.2
None Local Low Not required Complete Complete Complete
A flaw was found in the crypto subsystem of the Linux kernel before version kernel-4.15-rc4. The "null skcipher" was being dropped when each af_alg_ctx was freed instead of when the aead_tfm was freed. This can cause the null skcipher to be freed while it is still in use leading to a local user being able to crash the system or possibly escalate privileges.
409 CVE-2018-14600 787 Exec Code 2018-08-24 2019-08-06
7.5
None Remote Low Not required Partial Partial Partial
An issue was discovered in libX11 through 1.6.5. The function XListExtensions in ListExt.c interprets a variable as signed instead of unsigned, resulting in an out-of-bounds write (of up to 128 bytes), leading to DoS or remote code execution.
410 CVE-2018-14599 193 2018-08-24 2020-08-24
7.5
None Remote Low Not required Partial Partial Partial
An issue was discovered in libX11 through 1.6.5. The function XListExtensions in ListExt.c is vulnerable to an off-by-one error caused by malicious server responses, leading to DoS or possibly unspecified other impact.
411 CVE-2018-14598 20 Overflow 2018-08-24 2019-08-06
5.0
None Remote Low Not required None None Partial
An issue was discovered in XListExtensions in ListExt.c in libX11 through 1.6.5. A malicious server can send a reply in which the first string overflows, causing a variable to be set to NULL that will be freed later on, leading to DoS (segmentation fault).
412 CVE-2018-14593 2018-08-04 2019-10-03
6.5
None Remote Low ??? Partial Partial Partial
An issue was discovered in Open Ticket Request System (OTRS) 6.0.x through 6.0.9, 5.0.x through 5.0.28, and 4.0.x through 4.0.30. An attacker who is logged into OTRS as an agent may escalate their privileges by accessing a specially crafted URL.
413 CVE-2018-14576 190 Overflow 2018-08-03 2021-09-07
5.0
None Remote Low Not required None Partial None
The mintTokens function of a smart contract implementation for SunContract, an Ethereum token, has an integer overflow via the _amount variable.
414 CVE-2018-14574 601 2018-08-03 2019-03-01
5.8
None Remote Medium Not required Partial Partial None
django.middleware.common.CommonMiddleware in Django 1.11.x before 1.11.15 and 2.0.x before 2.0.8 has an Open Redirect.
415 CVE-2018-14572 78 Exec Code 2018-08-28 2020-08-24
6.8
None Remote Medium Not required Partial Partial Partial
In conference-scheduler-cli, a pickle.load call on imported data allows remote attackers to execute arbitrary code via a crafted .pickle file, as demonstrated by Python code that contains an os.system call.
416 CVE-2018-14567 835 DoS 2018-08-16 2020-09-10
4.3
None Remote Medium Not required None None Partial
libxml2 2.9.8, if --with-lzma is used, allows remote attackers to cause a denial of service (infinite loop) via a crafted XML file that triggers LZMA_MEMLIMIT_ERROR, as demonstrated by xmllint, a different vulnerability than CVE-2015-8035 and CVE-2018-9251.
417 CVE-2018-14541 79 XSS 2018-08-04 2018-09-27
3.5
None Remote Medium ??? None Partial None
PHP Scripts Mall Basic B2B Script 2.0.0 has Reflected and Stored XSS via the First name, Last name, Address 1, City, State, and Company name fields.
418 CVE-2018-14526 924 2018-08-08 2019-10-03
3.3
None Local Network Low Not required Partial None None
An issue was discovered in rsn_supp/wpa.c in wpa_supplicant 2.0 through 2.6. Under certain conditions, the integrity of EAPOL-Key messages is not checked, leading to a decryption oracle. An attacker within range of the Access Point and client can abuse the vulnerability to recover sensitive information.
419 CVE-2018-14504 79 Exec Code XSS 2018-08-03 2018-10-02
4.3
None Remote Medium Not required None Partial None
An issue was discovered in manage_filter_edit_page.php in MantisBT 2.x through 2.15.0. A cross-site scripting (XSS) vulnerability in the Edit Filter page allows execution of arbitrary code (if CSP settings permit it) when displaying a filter with a crafted name (e.g., 'foobar" onclick="alert(1)').
420 CVE-2018-14503 79 XSS 2018-08-10 2018-10-05
4.3
None Remote Medium Not required None Partial None
Cross-site scripting (XSS) vulnerability in intervalCheck.jsp in Coremail XT 3.0 allows remote attackers to inject arbitrary web script or HTML via the sid parameter.
421 CVE-2018-14497 79 XSS 2018-08-04 2018-09-28
3.5
None Remote Medium ??? None Partial None
Tenda D152 ADSL routers allow XSS via a crafted SSID.
422 CVE-2018-14473 611 DoS 2018-08-04 2018-10-01
6.4
None Remote Low Not required Partial None Partial
OCS Inventory 2.4.1 lacks a proper XML parsing configuration, allowing the use of external entities. This issue can be exploited by an attacker sending a crafted HTTP request in order to exfiltrate information or cause a Denial of Service.
423 CVE-2018-14429 22 Dir. Trav. File Inclusion 2018-08-14 2018-10-12
5.0
None Remote Low Not required Partial None None
man-cgi before 1.16 allows Local File Inclusion via absolute path traversal, as demonstrated by a cgi-bin/man-cgi?/etc/passwd URI.
424 CVE-2018-14424 416 DoS Exec Code 2018-08-14 2018-10-18
4.6
None Local Low Not required Partial Partial Partial
The daemon in GDM through 3.29.1 does not properly unexport display objects from its D-Bus interface when they are destroyed, which allows a local attacker to trigger a use-after-free via a specially crafted sequence of D-Bus method calls, resulting in a denial of service or potential code execution.
425 CVE-2018-14417 78 Exec Code 2018-08-04 2018-10-02
10.0
None Remote Low Not required Complete Complete Complete
A command injection vulnerability was found in the web administration console in SoftNAS Cloud before 4.0.3. In particular, the snserv script did not sanitize the 'recentVersion' parameter from the snserv endpoint, allowing an unauthenticated attacker to execute arbitrary commands with root permissions.
426 CVE-2018-14400 Exec Code 2018-08-28 2018-08-30
0.0
None ??? ??? ??? ??? ??? ???
In PLY (aka Python Lex-Yacc) 3.11, as used in pycparser and other products, a pickle.load call (within the read_pickle function of the LRTable class in yacc.py) on imported data allows remote attackers to execute arbitrary code via a crafted .pickle file, as demonstrated by Python code that contains an os.system call.
427 CVE-2018-14348 200 +Info 2018-08-14 2019-08-06
5.5
None Remote Low ??? Partial Partial None
libcgroup up to and including 0.41 creates /var/log/cgred with mode 0666 regardless of the configured umask, leading to disclosure of information.
428 CVE-2018-14317 704 Exec Code 2018-08-30 2019-10-09
6.8
None Remote Medium Not required Partial Partial Partial
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.1.0.5096. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing of PDF files. The issue results from the lack of proper validation of user-supplied data, which can result in a type confusion condition. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-6683.
429 CVE-2018-14079 200 +Info 2018-08-20 2018-10-23
5.0
None Remote Low Not required Partial None None
Wi2be SMART HP WMT R1.2.20_201400922 allows unauthorized remote attackers to obtain sensitive information via /Status/SystemStatusRpm.esp.
430 CVE-2018-14078 287 2018-08-20 2019-10-03
10.0
None Remote Low Not required Complete Complete Complete
Wi2be SMART HP WMT R1.2.20_201400922 allows unauthorized remote attackers to reset the admin password via the /ConfigWizard/ChangePwd.esp?2admin URL (Attackers can login using the "admin" username with password "admin" after a successful attack).
431 CVE-2018-14077 2018-08-20 2020-08-24
5.0
None Remote Low Not required Partial None None
Wi2be SMART HP WMT R1.2.20_201400922 allows unauthorized remote attackers to backup the device configuration via a direct request to /Maintenance/configfile.cfg.
432 CVE-2018-14059 79 XSS 2018-08-24 2018-11-01
3.5
None Remote Medium ??? None Partial None
Pimcore allows XSS via Users, Assets, Data Objects, Video Thumbnails, Image Thumbnails, Field-Collections, Objectbrick, Classification Store, Document Types, Predefined Properties, Predefined Asset Metadata, Quantity Value, and Static Routes functions.
433 CVE-2018-14058 89 Sql 2018-08-17 2018-10-12
4.0
None Remote Low ??? Partial None None
Pimcore before 5.3.0 allows SQL Injection via the REST web service API.
434 CVE-2018-14057 352 CSRF 2018-08-17 2018-10-12
6.8
None Remote Medium Not required Partial Partial Partial
Pimcore before 5.3.0 allows remote attackers to conduct cross-site request forgery (CSRF) attacks by leveraging validation of the X-pimcore-csrf-token anti-CSRF token only in the "Settings > Users / Roles" function.
435 CVE-2018-14028 434 Exec Code 2018-08-10 2018-10-10
6.5
None Remote Low ??? Partial Partial Partial
In WordPress 4.9.7, plugins uploaded via the admin area are not verified as being ZIP files. This allows for PHP files to be uploaded. Once a PHP file is uploaded, the plugin extraction fails, but the PHP file remains in a predictable wp-content/uploads location, allowing for an attacker to then execute the file. This represents a security risk in limited scenarios where an attacker (who does have the required capabilities for plugin uploads) cannot simply place arbitrary PHP code into a valid plugin ZIP file and upload that plugin, because a machine's wp-content/plugins directory permissions were set up to block all new plugins.
436 CVE-2018-14023 200 +Info 2018-08-20 2018-10-15
2.1
None Local Low Not required Partial None None
Open Whisper Signal (aka Signal-Desktop) before 1.15.0-beta.10 allows information leakage.
437 CVE-2018-14020 Bypass 2018-08-20 2019-10-03
5.0
None Remote Low Not required None Partial None
An issue was discovered in the Paymorrow module 1.0.0 before 1.0.2 and 2.0.0 before 2.0.1 for OXID eShop. An attacker can bypass delivery-address change detection if the payment module doesn't use eShop's checkout procedure properly. To do so, the attacker must change the delivery address to one that is not verified by the Paymorrow module.
438 CVE-2018-14007 22 Dir. Trav. 2018-08-15 2018-10-23
10.0
None Remote Low Not required Complete Complete Complete
Citrix XenServer 7.1 and newer allows Directory Traversal.
439 CVE-2018-13877 20 DoS 2018-08-06 2018-10-16
5.0
None Remote Low Not required None None Partial
The doPayouts() function of the smart contract implementation for MegaCryptoPolis, an Ethereum game, has a Denial of Service vulnerability. If a smart contract that has a fallback function always causing exceptions buys a land, users cannot buy lands near that contract's land, because those purchase attempts will not be completed unless the doPayouts() function successfully sends Ether to certain neighbors.
440 CVE-2018-13826 611 2018-08-30 2021-04-12
6.4
None Remote Low Not required Partial Partial None
An XML external entity vulnerability in the XOG functionality, in CA PPM 14.3 and below, 14.4, 15.1, 15.2 CP5 and below, and 15.3 CP2 and below, allows remote attackers to conduct server side request forgery attacks.
441 CVE-2018-13825 79 XSS 2018-08-30 2021-04-12
4.3
None Remote Medium Not required None Partial None
Insufficient input validation in the gridExcelExport functionality, in CA PPM 14.3 and below, 14.4, 15.1, 15.2 CP5 and below, and 15.3 CP2 and below, allows remote attackers to execute reflected cross-site scripting attacks.
442 CVE-2018-13824 89 Sql 2018-08-30 2021-04-12
7.5
None Remote Low Not required Partial Partial Partial
Insufficient input sanitization of two parameters in CA PPM 14.3 and below, 14.4, 15.1, 15.2 CP5 and below, and 15.3 CP2 and below, allows remote attackers to execute SQL injection attacks.
443 CVE-2018-13823 611 2018-08-30 2021-04-12
5.0
None Remote Low Not required Partial None None
An XML external entity vulnerability in the XOG functionality, in CA PPM 14.3 and below, 14.4, 15.1, 15.2 CP5 and below, and 15.3 CP2 and below, allows remote attackers to access sensitive information.
444 CVE-2018-13822 522 2018-08-30 2020-05-06
5.0
None Remote Low Not required Partial None None
Unprotected storage of credentials in CA PPM 14.3 and below, 14.4, 15.1, 15.2 CP5 and below, and 15.3 CP2 and below, allows attackers to access sensitive information.
445 CVE-2018-13821 287 2018-08-30 2018-11-05
7.5
None Remote Low Not required Partial Partial Partial
A lack of authentication, in CA Unified Infrastructure Management 8.5.1, 8.5, and 8.4.7, allows remote attackers to conduct a variety of attacks, including file reading/writing.
446 CVE-2018-13820 798 2018-08-30 2018-10-19
5.0
None Remote Low Not required Partial None None
A hardcoded passphrase, in CA Unified Infrastructure Management 8.5.1, 8.5, and 8.4.7, allows attackers to access sensitive information.
447 CVE-2018-13819 798 2018-08-30 2018-10-19
5.0
None Remote Low Not required Partial None None
A hardcoded secret key, in CA Unified Infrastructure Management 8.5.1, 8.5, and 8.4.7, allows attackers to access sensitive information.
448 CVE-2018-13446 287 Bypass 2018-08-16 2018-11-08
4.4
None Local Medium Not required Partial Partial Partial
** DISPUTED ** An issue was discovered in the LINE jp.naver.line application 8.8.1 for Android. The Passcode feature allows authentication bypass via runtime manipulation that forces a certain method's return value to true. In other words, an attacker could authenticate with an arbitrary passcode. NOTE: the vendor indicates that this is not an attack of interest within the context of their threat model, which excludes Android devices on which rooting has occurred.
449 CVE-2018-13435 287 Bypass 2018-08-16 2018-11-08
4.4
None Local Medium Not required Partial Partial Partial
** DISPUTED ** An issue was discovered in the LINE jp.naver.line application 8.8.0 for iOS. The Passcode feature allows authentication bypass via runtime manipulation that forces a certain method to disable passcode authentication. NOTE: the vendor indicates that this is not an attack of interest within the context of their threat model, which excludes iOS devices on which a jailbreak has occurred.
450 CVE-2018-13434 287 Bypass 2018-08-16 2018-11-08
4.4
None Local Medium Not required Partial Partial Partial
** DISPUTED ** An issue was discovered in the LINE jp.naver.line application 8.8.0 for iOS. The LAContext class for Biometric (TouchID) validation allows authentication bypass by overriding the LAContext return Boolean value to be "true" because the kSecAccessControlUserPresence protection mechanism is not used. In other words, an attacker could authenticate with an arbitrary fingerprint. NOTE: the vendor indicates that this is not an attack of interest within the context of their threat model, which excludes iOS devices on which a jailbreak has occurred.
Total number of vulnerabilities : 1019   Page : 1 2 3 4 5 6 7 8 9 (This Page)10 11 12 13 14 15 16 17 18 19 20 21
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.