| # |
CVE ID
|
CWE ID
|
# of Exploits
|
Vulnerability Type(s)
|
Publish Date
|
Update Date
|
Score
|
Gained Access Level
|
Access
|
Complexity
|
Authentication
|
Conf.
|
Integ.
|
Avail.
|
|
401 |
CVE-2018-16548 |
772 |
|
DoS |
2018-09-05 |
2020-06-28 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
An issue was discovered in ZZIPlib through 0.13.69. There is a memory leak triggered in the function __zzip_parse_root_directory in zip.c, which will lead to a denial of service attack. |
|
402 |
CVE-2018-16546 |
798 |
|
|
2018-09-05 |
2019-10-03 |
4.3 |
None |
Remote |
Medium |
Not required |
Partial |
None |
None |
|
Amcrest networked devices use the same hardcoded SSL private key across different customers' installations, which allows remote attackers to defeat cryptographic protection mechanisms by leveraging knowledge of this key from another installation, as demonstrated by Amcrest_IPC-HX1X3X-LEXUS_Eng_N_AMCREST_V2.420.AC01.3.R.20180206. |
|
403 |
CVE-2018-16545 |
732 |
|
Exec Code |
2018-09-05 |
2019-10-03 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
Kaizen Asset Manager (Enterprise Edition) and Training Manager (Enterprise Edition) allow a remote attacker to achieve arbitrary code execution via file impersonation. For example, a malicious dynamic-link library (dll) assumed the identity of a temporary (tmp) file (isxdl.dll) and an executable file assumed the identity of a temporary file (996E.temp). |
|
404 |
CVE-2018-16543 |
|
|
|
2018-09-05 |
2019-03-07 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
In Artifex Ghostscript before 9.24, gssetresolution and gsgetresolution allow attackers to have an unspecified impact. |
|
405 |
CVE-2018-16542 |
787 |
|
|
2018-09-05 |
2020-08-24 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
In Artifex Ghostscript before 9.24, attackers able to supply crafted PostScript files could use insufficient interpreter stack-size checking during error handling to crash the interpreter. |
|
406 |
CVE-2018-16541 |
416 |
|
|
2018-09-05 |
2019-03-07 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
In Artifex Ghostscript before 9.24, attackers able to supply crafted PostScript files could use incorrect free logic in pagedevice replacement to crash the interpreter. |
|
407 |
CVE-2018-16540 |
416 |
|
|
2018-09-05 |
2019-04-25 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
In Artifex Ghostscript before 9.24, attackers able to supply crafted PostScript files to the builtin PDF14 converter could use a use-after-free in copydevice handling to crash the interpreter or possibly have unspecified other impact. |
|
408 |
CVE-2018-16539 |
200 |
|
+Info |
2018-09-05 |
2019-03-07 |
4.3 |
None |
Remote |
Medium |
Not required |
Partial |
None |
None |
|
In Artifex Ghostscript before 9.24, attackers able to supply crafted PostScript files could use incorrect access checking in temp file handling to disclose contents of files on the system otherwise not readable. |
|
409 |
CVE-2018-16521 |
611 |
|
|
2018-09-05 |
2018-12-07 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
An XML External Entity (XXE) vulnerability exists in HTML Form Entry 3.7.0, as distributed in OpenMRS Reference Application 2.8.0. |
|
410 |
CVE-2018-16518 |
22 |
|
Exec Code Dir. Trav. |
2018-09-05 |
2018-10-26 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
A directory traversal vulnerability with remote code execution in Prim'X Zed! FREE through 1.0 build 186 and Zed! Limited Edition through 6.1 build 2208 allows creation of arbitrary files on a user's workstation using crafted ZED! containers because the watermark loading function can place an executable file into a Startup folder. |
|
411 |
CVE-2018-16517 |
476 |
|
DoS |
2018-09-06 |
2020-11-10 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
asm/labels.c in Netwide Assembler (NASM) is prone to NULL Pointer Dereference, which allows the attacker to cause a denial of service via a crafted file. |
|
412 |
CVE-2018-16516 |
79 |
|
XSS |
2018-09-05 |
2020-07-08 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
helpers.py in Flask-Admin 1.5.2 has Reflected XSS via a crafted URL. |
|
413 |
CVE-2018-16515 |
347 |
|
|
2018-09-18 |
2019-10-03 |
6.5 |
None |
Remote |
Low |
??? |
Partial |
Partial |
Partial |
|
Matrix Synapse before 0.33.3.1 allows remote attackers to spoof events and possibly have unspecified other impacts by leveraging improper transaction and event signature validation. |
|
414 |
CVE-2018-16513 |
704 |
|
|
2018-09-05 |
2019-11-05 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
In Artifex Ghostscript before 9.24, attackers able to supply crafted PostScript files could use a type confusion in the setcolor function to crash the interpreter or possibly have unspecified other impact. |
|
415 |
CVE-2018-16511 |
704 |
|
|
2018-09-05 |
2019-03-11 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
An issue was discovered in Artifex Ghostscript before 9.24. A type confusion in "ztype" could be used by remote attackers able to supply crafted PostScript to crash the interpreter or possibly have unspecified other impact. |
|
416 |
CVE-2018-16510 |
119 |
|
Overflow |
2018-09-05 |
2019-03-11 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
An issue was discovered in Artifex Ghostscript before 9.24. Incorrect exec stack handling in the "CS" and "SC" PDF primitives could be used by remote attackers able to supply crafted PDFs to crash the interpreter or possibly have unspecified other impact. |
|
417 |
CVE-2018-16509 |
|
|
Exec Code |
2018-09-05 |
2019-10-03 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
|
An issue was discovered in Artifex Ghostscript before 9.24. Incorrect "restoration of privilege" checking during handling of /invalidaccess exceptions could be used by attackers able to supply crafted PostScript to execute code using the "pipe" instruction. |
|
418 |
CVE-2018-16460 |
78 |
|
Exec Code |
2018-09-07 |
2019-10-09 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
A command Injection in ps package versions <1.0.0 for Node.js allowed arbitrary commands to be executed when attacker controls the PID. |
|
419 |
CVE-2018-16459 |
79 |
|
XSS |
2018-09-06 |
2019-10-09 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
An unescaped payload in exceljs <v1.6 allows a possible XSS via cell value when worksheet is displayed in browser. |
|
420 |
CVE-2018-16458 |
352 |
|
CSRF |
2018-09-04 |
2018-10-25 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
An issue was discovered in baigo CMS v2.1.1. There is an index.php?m=article&c=request CSRF that can cause publication of any article. |
|
421 |
CVE-2018-16454 |
20 |
|
DoS |
2018-09-07 |
2018-10-09 |
5.0 |
None |
Remote |
Low |
Not required |
None |
Partial |
None |
|
PHP Scripts Mall Currency Converter Script 2.0.5 allows remote attackers to cause a denial of service (web-interface change) via an inverted comma. |
|
422 |
CVE-2018-16450 |
79 |
|
XSS |
2018-09-04 |
2018-10-25 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
CraftedWeb through 2013-09-24 has reflected XSS via the p parameter. |
|
423 |
CVE-2018-16449 |
352 |
|
CSRF |
2018-09-04 |
2018-10-04 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
OneThink 1.1.141212 allows CSRF for adding a page via admin.php?s=/Channel/add.html, adding a blog via admin.php?s=/Article/update.html, and setting the audit state via admin.php?s=/Article/setStatus/status/1.html. |
|
424 |
CVE-2018-16448 |
352 |
|
CSRF |
2018-09-04 |
2018-10-25 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
Cscms 4 allows CSRF for creating a member via upload/admin.php/user/save, authenticating vip members via upload/admin.php/user/init/tid and upload/admin.php/user/init/rzid, and creating a super administrator and web editor via upload/admin.php/sys/save. |
|
425 |
CVE-2018-16447 |
352 |
|
CSRF |
2018-09-04 |
2019-02-25 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
Frog CMS 0.9.5 has admin/?/user/edit/1 CSRF. |
|
426 |
CVE-2018-16446 |
22 |
|
Dir. Trav. |
2018-09-04 |
2018-10-25 |
6.4 |
None |
Remote |
Low |
Not required |
None |
Partial |
Partial |
|
An issue was discovered in SeaCMS through 6.61. adm1n/admin_database.php allows remote attackers to delete arbitrary files via directory traversal sequences in the bakfiles parameter. This can allow the product to be reinstalled by deleting install_lock.txt. |
|
427 |
CVE-2018-16445 |
89 |
|
Sql |
2018-09-04 |
2018-10-25 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
An issue was discovered in SeaCMS through 6.61. SQL injection exists via the tid parameter in an adm1n/admin_topic_vod.php request. |
|
428 |
CVE-2018-16444 |
918 |
|
|
2018-09-04 |
2018-10-25 |
6.4 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
None |
|
An issue was discovered in SeaCMS 6.61. adm1n/admin_reslib.php has SSRF via the url parameter. |
|
429 |
CVE-2018-16438 |
125 |
|
|
2018-09-04 |
2018-10-26 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
An issue was discovered in the HDF HDF5 1.8.20 library. There is an out of bounds read in H5L_extern_query at H5Lexternal.c. |
|
430 |
CVE-2018-16437 |
22 |
|
Dir. Trav. |
2018-09-05 |
2018-11-05 |
4.0 |
None |
Remote |
Low |
??? |
Partial |
None |
None |
|
Gxlcms 2.0 before bug fix 20180915 has Directory Traversal exploitable by an administrator. |
|
431 |
CVE-2018-16436 |
89 |
|
Sql |
2018-09-05 |
2018-11-05 |
6.5 |
None |
Remote |
Low |
??? |
Partial |
Partial |
Partial |
|
Gxlcms 2.0 before bug fix 20180915 has SQL Injection exploitable by an administrator. |
|
432 |
CVE-2018-16435 |
787 |
|
Overflow |
2018-09-04 |
2021-05-26 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
Little CMS (aka Little Color Management System) 2.9 has an integer overflow in the AllocateDataSet function in cmscgats.c, leading to a heap-based buffer overflow in the SetData function via a crafted file in the second argument to cmsIT8LoadFromFile. |
|
433 |
CVE-2018-16432 |
89 |
|
Sql |
2018-09-04 |
2018-10-25 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
BlueCMS 1.6 allows SQL Injection via the user_name parameter to uploads/user.php?act=index_login. |
|
434 |
CVE-2018-16431 |
352 |
|
CSRF |
2018-09-04 |
2018-11-02 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
admin/admin/adminsave.html in YFCMF v3.0 allows CSRF to add an administrator account. |
|
435 |
CVE-2018-16430 |
125 |
|
|
2018-09-04 |
2018-10-25 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
GNU Libextractor through 1.7 has an out-of-bounds read vulnerability in EXTRACTOR_zip_extract_method() in zip_extractor.c. |
|
436 |
CVE-2018-16429 |
125 |
|
|
2018-09-04 |
2021-06-29 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
GNOME GLib 2.56.1 has an out-of-bounds read vulnerability in g_markup_parse_context_parse() in gmarkup.c, related to utf8_str(). |
|
437 |
CVE-2018-16428 |
476 |
|
|
2018-09-04 |
2019-07-31 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
In GNOME GLib 2.56.1, g_markup_parse_context_end_parse() in gmarkup.c has a NULL pointer dereference. |
|
438 |
CVE-2018-16427 |
125 |
|
|
2018-09-04 |
2019-08-06 |
2.1 |
None |
Local |
Low |
Not required |
None |
None |
Partial |
|
Various out of bounds reads when handling responses in OpenSC before 0.19.0-rc1 could be used by attackers able to supply crafted smartcards to potentially crash the opensc library using programs. |
|
439 |
CVE-2018-16426 |
674 |
|
|
2018-09-04 |
2019-10-03 |
2.1 |
None |
Local |
Low |
Not required |
None |
None |
Partial |
|
Endless recursion when handling responses from an IAS-ECC card in iasecc_select_file in libopensc/card-iasecc.c in OpenSC before 0.19.0-rc1 could be used by attackers able to supply crafted smartcards to hang or crash the opensc library using programs. |
|
440 |
CVE-2018-16425 |
415 |
|
DoS |
2018-09-04 |
2019-09-11 |
4.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
|
A double free when handling responses from an HSM Card in sc_pkcs15emu_sc_hsm_init in libopensc/pkcs15-sc-hsm.c in OpenSC before 0.19.0-rc1 could be used by attackers able to supply crafted smartcards to cause a denial of service (application crash) or possibly have unspecified other impact. |
|
441 |
CVE-2018-16424 |
415 |
|
DoS |
2018-09-04 |
2019-09-11 |
4.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
|
A double free when handling responses in read_file in tools/egk-tool.c (aka the eGK card tool) in OpenSC before 0.19.0-rc1 could be used by attackers able to supply crafted smartcards to cause a denial of service (application crash) or possibly have unspecified other impact. |
|
442 |
CVE-2018-16423 |
415 |
|
DoS |
2018-09-04 |
2019-08-06 |
4.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
|
A double free when handling responses from a smartcard in sc_file_set_sec_attr in libopensc/sc.c in OpenSC before 0.19.0-rc1 could be used by attackers able to supply crafted smartcards to cause a denial of service (application crash) or possibly have unspecified other impact. |
|
443 |
CVE-2018-16422 |
119 |
|
DoS Overflow |
2018-09-04 |
2019-08-06 |
4.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
|
A single byte buffer overflow when handling responses from an esteid Card in sc_pkcs15emu_esteid_init in libopensc/pkcs15-esteid.c in OpenSC before 0.19.0-rc1 could be used by attackers able to supply crafted smartcards to cause a denial of service (application crash) or possibly have unspecified other impact. |
|
444 |
CVE-2018-16421 |
119 |
|
DoS Overflow |
2018-09-04 |
2019-08-06 |
4.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
|
Several buffer overflows when handling responses from a CAC Card in cac_get_serial_nr_from_CUID in libopensc/card-cac.c in OpenSC before 0.19.0-rc1 could be used by attackers able to supply crafted smartcards to cause a denial of service (application crash) or possibly have unspecified other impact. |
|
445 |
CVE-2018-16420 |
119 |
|
DoS Overflow |
2018-09-04 |
2019-08-06 |
4.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
|
Several buffer overflows when handling responses from an ePass 2003 Card in decrypt_response in libopensc/card-epass2003.c in OpenSC before 0.19.0-rc1 could be used by attackers able to supply crafted smartcards to cause a denial of service (application crash) or possibly have unspecified other impact. |
|
446 |
CVE-2018-16419 |
119 |
|
DoS Overflow |
2018-09-04 |
2019-08-06 |
4.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
|
Several buffer overflows when handling responses from a Cryptoflex card in read_public_key in tools/cryptoflex-tool.c in OpenSC before 0.19.0-rc1 could be used by attackers able to supply crafted smartcards to cause a denial of service (application crash) or possibly have unspecified other impact. |
|
447 |
CVE-2018-16418 |
119 |
|
DoS Overflow |
2018-09-04 |
2019-08-06 |
4.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
|
A buffer overflow when handling string concatenation in util_acl_to_str in tools/util.c in OpenSC before 0.19.0-rc1 could be used by attackers able to supply crafted smartcards to cause a denial of service (application crash) or possibly have unspecified other impact. |
|
448 |
CVE-2018-16416 |
352 |
|
CSRF |
2018-09-03 |
2018-10-25 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
Cross-site request forgery (CSRF) vulnerability in my_profile/edit?inline= in FUEL CMS 1.4 allows remote attackers to change the administrator's password. |
|
449 |
CVE-2018-16413 |
125 |
|
|
2018-09-03 |
2019-10-03 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
ImageMagick 7.0.8-11 Q16 has a heap-based buffer over-read in the MagickCore/quantum-private.h PushShortPixel function when called from the coders/psd.c ParseImageResourceBlocks function. |
|
450 |
CVE-2018-16412 |
125 |
|
|
2018-09-03 |
2019-10-03 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
ImageMagick 7.0.8-11 Q16 has a heap-based buffer over-read in the coders/psd.c ParseImageResourceBlocks function. |
