Lista CVE - 2018 / Gennaio
Visualizzazione 1 - 100 di 1273 CVE per Gennaio 2018 (Pagina 1 di 13)
| ID CVE | Data | Titolo |
|---|---|---|
| CVE-2018-3810 | 2018-01-01 | Authentication Bypass vulnerability in the Oturia Smart Google Code Inserter plugin before 3.5 for WordPress allows unauthenticated attackers to insert arbitrary JavaScript or HTML code (via the sgcgoogleanalytic parameter) that... |
| CVE-2018-3811 | 2018-01-01 | SQL Injection vulnerability in the Oturia Smart Google Code Inserter plugin before 3.5 for WordPress allows unauthenticated attackers to execute SQL queries in the context of the web server. The... |
| CVE-2017-18008 | 2018-01-01 | In ImageMagick 7.0.7-17 Q16, there is a Memory Leak in ReadPWPImage in coders/pwp.c. |
| CVE-2017-18009 | 2018-01-01 | In OpenCV 3.3.1, a heap-based buffer over-read exists in the function cv::HdrDecoder::checkSignature in modules/imgcodecs/src/grfmt_hdr.cpp. |
| CVE-2017-18010 | 2018-01-01 | The E-goi Smart Marketing SMS and Newsletters Forms plugin before 2.0.0 for WordPress has XSS via the admin/partials/custom/egoi-for-wp-form_egoi.php url parameter. |
| CVE-2017-18011 | 2018-01-01 | The MyCBGenie Affiliate Ads for Clickbank Products plugin through 1.6 for WordPress has XSS via the text_ads_ajax.php border_color parameter. |
| CVE-2017-18012 | 2018-01-01 | The Z-URL Preview plugin 1.6.1 for WordPress has XSS via the class.zlinkpreview.php url parameter. |
| CVE-2017-18013 | 2018-01-01 | In LibTIFF 4.0.9, there is a Null-Pointer Dereference in the tif_print.c TIFFPrintDirectory function, as demonstrated by a tiffinfo crash. |
| CVE-2018-3813 | 2018-01-01 | getConfigExportFile.cgi on FLIR Brickstream 2300 devices 2.0 4.1.53.166 has Incorrect Access Control, as demonstrated by reading the AVI_USER_ID and AVI_USER_PASSWORD fields via a direct request. |
| CVE-2018-3814 | 2018-01-01 | Craft CMS 2.6.3000 allows remote attackers to execute arbitrary PHP code by using the "Assets->Upload files" screen and then the "Replace it" option, because this allows a .jpg file to... |
| CVE-2017-18015 | 2018-01-02 | The ILLID Share This Image plugin before 1.04 for WordPress has XSS via the sharer.php url parameter. |
| CVE-2017-9964 | 2018-01-02 | A Path Traversal issue was discovered in Schneider Electric Pelco VideoXpert Enterprise all versions prior to 2.1. By sniffing communications, an unauthorized person can execute a directory traversal attack resulting... |
| CVE-2017-9965 | 2018-01-02 | An exposure of sensitive information vulnerability exists in Schneider Electric's Pelco VideoXpert Enterprise versions 2.0 and prior. Using a directory traversal attack, an unauthorized person can view web server files. |
| CVE-2017-9966 | 2018-01-02 | A privilege escalation vulnerability exists in Schneider Electric's Pelco VideoXpert Enterprise versions 2.0 and prior. By replacing certain files, an unauthorized user can obtain system privileges and the inserted code... |
| CVE-2017-1000442 | 2018-01-02 | Passbolt API version 1.6.4 and older are vulnerable to a XSS in the url field on the password workspace |
| CVE-2017-1000443 | 2018-01-02 | Eleix Openhacker version 0.1.47 is vulnerable to a XSS vulnerability in the bank transactions component resulting in arbitrary code execution in the browser. |
| CVE-2017-1000445 | 2018-01-02 | ImageMagick 7.0.7-1 and older version are vulnerable to null pointer dereference in the MagickCore component and might lead to denial of service |
| CVE-2017-17097 | 2018-01-02 | gps-server.net GPS Tracking Software (self hosted) 2.x has a password reset procedure that immediately resets passwords upon an unauthenticated request, and then sends e-mail with a predictable (date-based) password to... |
| CVE-2017-17098 | 2018-01-02 | The writeLog function in fn_common.php in gps-server.net GPS Tracking Software (self hosted) through 3.0 allows remote attackers to inject arbitrary PHP code via a crafted request that is mishandled during... |
| CVE-2017-1000444 | 2018-01-02 | Eleix Openhacker version 0.1.47 is vulnerable to an SQL injection in the account registration and login component resulting in information disclosure and remote code execution |
| CVE-2017-1000450 | 2018-01-02 | In opencv/modules/imgcodecs/src/utils.cpp, functions FillUniColor and FillUniGray do not check the input length, which can lead to integer overflow. If the image is from remote, may lead to remote code execution... |
| CVE-2017-1000451 | 2018-01-02 | fs-git is a file system like api for git repository. The fs-git version 1.0.1 module relies on child_process.exec, however, the buildCommand method used to construct exec strings does not properly... |
| CVE-2017-1000412 | 2018-01-02 | Linaro's open source TEE solution called OP-TEE, version 2.4.0 (and older) is vulnerable to the bellcore attack in the LibTomCrypt code resulting in compromised private RSA key. |
| CVE-2017-1000413 | 2018-01-02 | Linaro's open source TEE solution called OP-TEE, version 2.4.0 (and older) is vulnerable a timing attack in the Montgomery parts of libMPA in OP-TEE resulting in a compromised private RSA... |
| CVE-2017-1000448 | 2018-01-02 | Structured Data Linter versions 2.4.1 and older are vulnerable to a directory traversal attack in the URL input field resulting in the possibility of disclosing information about the remote host. |
| CVE-2017-1000452 | 2018-01-02 | An XML Signature Wrapping vulnerability exists in Samlify 2.2.0 and earlier, and in predecessor Express-saml2 which could allow attackers to impersonate arbitrary users. |
| CVE-2017-1000453 | 2018-01-02 | CMS Made Simple version 2.1.6 and 2.2 are vulnerable to Smarty templating injection in some core modules, resulting in unauthenticated PHP code execution. |
| CVE-2017-1000454 | 2018-01-02 | CMS Made Simple 2.1.6, 2.2, 2.2.1 are vulnerable to Smarty Template Injection in some core components, resulting in local file read before 2.2, and local file inclusion since 2.2.1 |
| CVE-2017-1000455 | 2018-01-02 | GuixSD prior to Git commit 5e66574a128937e7f2fcf146d146225703ccfd5d used POSIX hard links incorrectly, leading the creation of setuid executables in "the store", violating a fundamental security assumption of GNU Guix. |
| CVE-2017-1557 | 2018-01-02 | IBM WebSphere MQ 8.0 and 9.0 could allow an authenticated user with authority to send a specially crafted request that could cause a channel process to cease processing further requests.... |
| CVE-2017-1000456 | 2018-01-02 | freedesktop.org libpoppler 0.60.1 fails to validate boundaries in TextPool::addWord, leading to overflow in subsequent calculations. |
| CVE-2017-1000418 | 2018-01-02 | The WildMidi_Open function in WildMIDI since commit d8a466829c67cacbb1700beded25c448d99514e5 allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via... |
| CVE-2017-1000457 | 2018-01-02 | Cross-site scripting (XSS) vulnerability in Help.aspx in mojoPortal version 2.5.0.0 allows remote attackers to inject arbitrary web script or HTML via the helpkey parameter. Exploitation requires authenticated reflected cross-site scripting... |
| CVE-2017-1000458 | 2018-01-02 | Bro before Bro v2.5.2 is vulnerable to an out of bounds write in the ContentLine analyzer allowing remote attackers to cause a denial of service (crash) and possibly other exploitation. |
| CVE-2017-1000421 | 2018-01-02 | Gifsicle gifview 1.89 and older is vulnerable to a use-after-free in the read_gif function resulting potential code execution |
| CVE-2017-1000419 | 2018-01-02 | phpBB version 3.2.0 is vulnerable to SSRF in the Remote Avatar function resulting allowing an attacker to perform port scanning, requesting internal content and potentially attacking such internal services via... |
| CVE-2017-1000420 | 2018-01-02 | Syncthing version 0.14.33 and older is vulnerable to symlink traversal resulting in arbitrary file overwrite |
| CVE-2017-1000422 | 2018-01-02 | Gnome gdk-pixbuf 2.36.8 and older is vulnerable to several integer overflow in the gif_get_lzw function resulting in memory corruption and potential code execution |
| CVE-2017-1000423 | 2018-01-02 | b2evolution version 6.6.0 - 6.8.10 is vulnerable to input validation (backslash and single quote escape) in basic install functionality resulting in unauthenticated attacker gaining PHP code execution on the victim's... |
| CVE-2017-1000424 | 2018-01-02 | Github Electron version 1.6.4 - 1.6.11 and 1.7.0 - 1.7.5 is vulnerable to a URL Spoofing problem when opening PDFs in PDFium resulting loading arbitrary PDFs that a hacker can... |
| CVE-2017-1000430 | 2018-01-02 | rust-base64 version <= 0.5.1 is vulnerable to a buffer overflow when calculating the size of a buffer to use when encoding base64 using the 'encode_config_buf' and 'encode_config' functions |
| CVE-2017-1000431 | 2018-01-02 | eZ Systems eZ Publish version 5.4.0 to 5.4.9, and 5.3.12 and older, is vulnerable to an XSS issue in the search module, resulting in a risk of attackers injecting scripts... |
| CVE-2017-1000426 | 2018-01-02 | MapProxy version 1.10.3 and older is vulnerable to a Cross Site Scripting attack in the demo service resulting in possible information disclosure. |
| CVE-2017-1000425 | 2018-01-02 | Cross-site scripting (XSS) vulnerability in the /html/portal/flash.jsp page in Liferay Portal CE 7.0 GA4 and older allows remote attackers to inject arbitrary web script or HTML via a javascript: URI... |
| CVE-2017-1000427 | 2018-01-02 | marked version 0.3.6 and earlier is vulnerable to an XSS attack in the data: URI parser. |
| CVE-2017-1000432 | 2018-01-02 | Vanilla Forums below 2.1.5 are affected by CSRF leading to Deleting topics and comments from forums Admin access |
| CVE-2017-1000433 | 2018-01-02 | pysaml2 version 4.4.0 and older accept any password when run with python optimizations enabled. This allows attackers to log in as any user without knowing their password. |
| CVE-2017-1000434 | 2018-01-02 | Wordpress plugin Furikake version 0.1.0 is vulnerable to an Open Redirect The furikake-redirect parameter on a page allows for a redirect to an attacker controlled page classes/Furigana.php: header('location:'.urldecode($_GET['furikake-redirect'])); |
| CVE-2017-1000437 | 2018-01-02 | Creolabs Gravity 1.0 contains a stack based buffer overflow in the operator_string_add function, resulting in remote code execution. |
| CVE-2017-1000438 | 2018-01-02 | In OMERO 5.3.3 or earlier a user could create an OriginalFile and adjust its path such that it now points to another user's file on the underlying filesystem, then manipulate... |
| CVE-2017-1000459 | 2018-01-03 | Leanote version <= 2.5 is vulnerable to XSS due to not sanitized input in markdown notes |
| CVE-2017-1000463 | 2018-01-03 | Leafpub version 1.2.0-beta6 is vulnerable to stored cross-site scripting vulnerability, within the edit blog post page, which can result in disruption of service and execution of javascript code. |
| CVE-2017-1000493 | 2018-01-03 | Rocket.Chat Server version 0.59 and prior is vulnerable to a NoSQL injection leading to administrator account takeover |
| CVE-2017-1000466 | 2018-01-03 | Invoice Ninja version 3.8.1 is vulnerable to stored cross-site scripting vulnerability, within the invoice creation page, which can result in disruption of service and execution of javascript code. |
| CVE-2017-1000491 | 2018-01-03 | Shiba markdown live preview app version 1.1.0 is vulnerable to XSS which leads to code execution due to enabled node integration. |
| CVE-2017-1000492 | 2018-01-03 | Leanote-desktop version v2.5 is vulnerable to a XSS which leads to code execution due to enabled node integration |
| CVE-2017-18017 | 2018-01-03 | The tcpmss_mangle_packet function in net/netfilter/xt_TCPMSS.c in the Linux kernel before 4.11, and 4.9.x before 4.9.36, allows remote attackers to cause a denial of service (use-after-free and memory corruption) or possibly... |
| CVE-2018-4862 | 2018-01-03 | In Octopus Deploy versions 3.2.11 - 4.1.5 (fixed in 4.1.6), an authenticated user with ProcessEdit permission could reference an Azure account in such a way as to bypass the scoping... |
| CVE-2018-4868 | 2018-01-03 | The Exiv2::Jp2Image::readMetadata function in jp2image.cpp in Exiv2 0.26 allows remote attackers to cause a denial of service (excessive memory allocation) via a crafted file. |
| CVE-2017-1000494 | 2018-01-03 | Uninitialized stack variable vulnerability in NameValueParserEndElt (upnpreplyparse.c) in miniupnpd < 2.0 allows an attacker to cause Denial of Service (Segmentation fault and Memory Corruption) or possibly have unspecified other impact |
| CVE-2017-1000499 | 2018-01-03 | phpMyAdmin versions 4.7.x (prior to 4.7.6.1/4.7.7) are vulnerable to a CSRF weakness. By deceiving a user to click on a crafted URL, it is possible to perform harmful database operations... |
| CVE-2017-1000495 | 2018-01-03 | QuickApps CMS version 2.0.0 is vulnerable to Stored Cross-site Scripting in the user's real name field resulting in denial of service and performing unauthorised actions with an administrator user's account |
| CVE-2017-1000496 | 2018-01-03 | Commsy version 9.0.0 is vulnerable to XXE attacks in the configuration import functionality resulting in denial of service and possibly remote execution of code. |
| CVE-2017-1000497 | 2018-01-03 | Pepperminty-Wiki version 0.15 is vulnerable to XXE attacks in the getsvgsize function resulting in denial of service and possibly remote code execution |
| CVE-2017-1000498 | 2018-01-03 | AndroidSVG version 1.2.2 is vulnerable to XXE attacks in the SVG parsing component resulting in denial of service and possibly remote code execution |
| CVE-2017-1000501 | 2018-01-03 | Awstats version 7.6 and earlier is vulnerable to a path traversal flaw in the handling of the "config" and "migrate" parameters resulting in unauthenticated remote code execution. |
| CVE-2017-1000467 | 2018-01-03 | LavaLite version 5.2.4 is vulnerable to stored cross-site scripting vulnerability, within the blog creation page, which can result in disruption of service and execution of javascript code. |
| CVE-2017-1000488 | 2018-01-03 | Mautic version 2.1.0 - 2.11.0 is vulnerable to an inline JS XSS attack when using Mautic forms on a Mautic landing page using GET parameters to pre-populate the form. |
| CVE-2017-1000489 | 2018-01-03 | Mautic versions 2.0.0 - 2.11.0 with a SSO plugin installed could allow a disabled user to still login using email address |
| CVE-2017-1000490 | 2018-01-03 | Mautic versions 1.0.0 - 2.11.0 are vulnerable to allowing any authorized Mautic user session (must be logged into Mautic) to use the Filemanager to download any file from the server... |
| CVE-2017-1000476 | 2018-01-03 | ImageMagick 7.0.7-12 Q16, a CPU exhaustion vulnerability was found in the function ReadDDSInfo in coders/dds.c, which allows attackers to cause a denial of service. |
| CVE-2017-1000479 | 2018-01-03 | pfSense versions 2.4.1 and lower are vulnerable to clickjacking attacks in the CSRF error page resulting in privileged execution of arbitrary code, because the error detection occurs before an X-Frame-Options... |
| CVE-2017-1000480 | 2018-01-03 | Smarty 3 before 3.1.32 is vulnerable to a PHP code injection when calling fetch() or display() functions on custom resources that does not sanitize template name. |
| CVE-2017-1000477 | 2018-01-03 | XMLBundle version 0.1.7 is vulnerable to XXE attacks which can result in denial of service attacks. |
| CVE-2017-1000478 | 2018-01-03 | ELabftw version 1.7.8 is vulnerable to stored cross-site scripting in the experiment infos component resulting in arbitrary execution of JavaScript and denial of service. |
| CVE-2017-1000481 | 2018-01-03 | When you visit a page where you need to login, Plone 2.5-5.1rc1 sends you to the login form with a 'came_from' parameter set to the previous url. After you login,... |
| CVE-2017-1000482 | 2018-01-03 | A member of the Plone 2.5-5.1rc1 site could set javascript in the home_page property of his profile, and have this executed when a visitor click the home page link on... |
| CVE-2017-1000483 | 2018-01-03 | Accessing private content via str.format in through-the-web templates and scripts in Plone 2.5-5.1rc1. This improves an earlier hotfix. Since the format method was introduced in Python 2.6, this part of... |
| CVE-2017-1000460 | 2018-01-03 | In line libavcodec/h264dec.c:500 in libav(v13_dev0), ffmpeg(n3.4), chromium(56 prior Feb 13, 2017), the return value of init_get_bits is ignored and get_ue_golomb(&gb) is called on an uninitialized get_bits context, which causes a... |
| CVE-2017-1000472 | 2018-01-03 | The ZipCommon::isValidPath() function in Zip/src/ZipCommon.cpp in POCO C++ Libraries before 1.8 does not properly restrict the filename value in the ZIP header, which allows attackers to conduct absolute path traversal... |
| CVE-2017-1000487 | 2018-01-03 | Plexus-utils before 3.0.16 is vulnerable to command injection because it does not correctly process the contents of double quoted strings. |
| CVE-2017-1000486 | 2018-01-03 | Primetek Primefaces 5.x is vulnerable to a weak encryption flaw resulting in remote code execution |
| CVE-2017-1000461 | 2018-01-03 | Brave Software's Brave Browser, version 0.19.73 (and earlier) is vulnerable to an incorrect access control issue in the "JS fingerprinting blocking" component, resulting in a malicious website being able to... |
| CVE-2017-1000462 | 2018-01-03 | BookStack version 0.18.4 is vulnerable to stored cross-site scripting, within the page creation page, which can result in disruption of service and execution of javascript code. |
| CVE-2017-1000469 | 2018-01-03 | Cobbler version up to 2.8.2 is vulnerable to a command injection vulnerability in the "add repo" component resulting in arbitrary code execution as root user. |
| CVE-2017-1000470 | 2018-01-03 | EmbedThis GoAhead Webserver versions 4.0.0 and earlier is vulnerable to an integer overflow in the HTTP listener resulting in denial of service. |
| CVE-2017-1000471 | 2018-01-03 | EmbedThis GoAhead Webserver version 4.0.0 is vulnerable to a NULL pointer dereference in the CGI handler resulting in memory corruption or denial of service. |
| CVE-2017-1000473 | 2018-01-03 | Linux Dash up to version v2 is vulnerable to multiple command injection vulnerabilities in the way module names are parsed and then executed resulting in code execution on the server,... |
| CVE-2017-1000484 | 2018-01-03 | By linking to a specific url in Plone 2.5-5.1rc1 with a parameter, an attacker could send you to his own website. On its own this is not so bad: the... |
| CVE-2017-1000485 | 2018-01-03 | Nylas Mail Lives 2.2.2 uses 0755 permissions for $HOME/.nylas-mail, which allows local users to obtain sensitive authentication information via standard filesystem operations. |
| CVE-2018-5072 | 2018-01-03 | Online Ticket Booking has XSS via the admin/sitesettings.php keyword parameter. |
| CVE-2018-5073 | 2018-01-03 | Online Ticket Booking has CSRF via admin/movieedit.php. |
| CVE-2018-5074 | 2018-01-03 | Online Ticket Booking has XSS via the admin/manageownerlist.php contact parameter. |
| CVE-2018-5075 | 2018-01-03 | Online Ticket Booking has XSS via the admin/snacks_edit.php snacks_name parameter. |
| CVE-2018-5076 | 2018-01-03 | Online Ticket Booking has XSS via the admin/newsedit.php newstitle parameter. |
| CVE-2018-5077 | 2018-01-03 | Online Ticket Booking has XSS via the admin/movieedit.php moviename parameter. |
| CVE-2018-5078 | 2018-01-03 | Online Ticket Booking has XSS via the admin/eventlist.php cast parameter. |
| CVE-2018-5079 | 2018-01-03 | In K7 AntiVirus 15.1.0306, the driver file (K7FWHlpr.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values... |
| CVE-2018-5080 | 2018-01-03 | In K7 AntiVirus 15.1.0306, the driver file (K7FWHlpr.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values... |
| CVE-2018-5081 | 2018-01-03 | In K7 AntiVirus 15.1.0306, the driver file (K7FWHlpr.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values... |