Lista CVE - 2018 / Dicembre
Visualizzazione 1101 - 1163 di 1163 CVE per Dicembre 2018 (Pagina 12 di 12)
| ID CVE | Data | Titolo |
|---|---|---|
| CVE-2018-20583 | 2018-12-30 | Cross-site scripting (XSS) vulnerability in the PHP League CommonMark library versions 0.15.6 through 0.18.x before 0.18.1 allows remote attackers to insert unsafe URLs into HTML (even if allow_unsafe_links is false)... |
| CVE-2018-20588 | 2018-12-30 | lib/support/unicodeconv/unicodeconv.c in libotfcc.a in otfcc v0.10.3-alpha has a buffer over-read. |
| CVE-2018-20589 | 2018-12-30 | Ivan Cordoba Generic Content Management System (CMS) through 2018-04-28 has XSS via the Administrator/add_pictures.php article ID. |
| CVE-2018-20590 | 2018-12-30 | Ivan Cordoba Generic Content Management System (CMS) through 2018-04-28 has XSS via the Administrator/users.php user ID. |
| CVE-2018-20591 | 2018-12-30 | A heap-based buffer over-read was discovered in decompileJUMP function in util/decompile.c of libming v0.4.8. A crafted input can cause segmentation faults, leading to denial-of-service, as demonstrated by swftocxx. |
| CVE-2018-20592 | 2018-12-30 | In Mini-XML (aka mxml) v2.12, there is a use-after-free in the mxmlAdd function of the mxml-node.c file. Remote attackers could leverage this vulnerability to cause a denial-of-service via a crafted... |
| CVE-2018-20593 | 2018-12-30 | In Mini-XML (aka mxml) v2.12, there is stack-based buffer overflow in the scan_file function in mxmldoc.c. |
| CVE-2018-20594 | 2018-12-30 | An issue was discovered in hsweb 3.0.4. It is a reflected XSS vulnerability due to the absence of type parameter checking in FlowableModelManagerController.java. |
| CVE-2018-20595 | 2018-12-30 | A CSRF issue was discovered in web/authorization/oauth2/controller/OAuth2ClientController.java in hsweb 3.0.4 because the state parameter in the request is not compared with the state parameter in the session after user authentication... |
| CVE-2018-20596 | 2018-12-30 | Jspxcms v9.0.0 allows SSRF. |
| CVE-2018-20597 | 2018-12-30 | UCMS 1.4.7 has XSS via the dir parameter in an index.php sadmin_fileedit action. |
| CVE-2018-20598 | 2018-12-30 | UCMS 1.4.7 has ?do=user_addpost CSRF. |
| CVE-2018-20599 | 2018-12-30 | UCMS 1.4.7 allows remote attackers to execute arbitrary PHP code by entering this code during an index.php sadmin_fileedit action. |
| CVE-2018-20600 | 2018-12-30 | sadmin\cedit.php in UCMS 1.4.7 has XSS via an index.php sadmin_cedit action. |
| CVE-2018-20601 | 2018-12-30 | UCMS 1.4.7 has XSS via the description parameter in an index.php list_editpost action. |
| CVE-2018-20602 | 2018-12-30 | Lei Feng TV CMS (aka LFCMS) 3.8.6 allows full path disclosure via the /install.php?s=/1 URI. |
| CVE-2018-20603 | 2018-12-30 | Lei Feng TV CMS (aka LFCMS) 3.8.6 allows admin.php?s=/Member/add.html CSRF. |
| CVE-2018-20604 | 2018-12-30 | Lei Feng TV CMS (aka LFCMS) 3.8.6 allows Directory Traversal via crafted use of ..* in Template/edit/path URIs, as demonstrated by the admin.php?s=/Template/edit/path/*web*..*..*..*..*1.txt.html URI to read the 1.txt file. |
| CVE-2018-20605 | 2018-12-30 | imcat 4.4 allows remote attackers to execute arbitrary PHP code by using root/run/adm.php to modify the boot/bootskip.php file. |
| CVE-2018-20606 | 2018-12-30 | imcat 4.4 allows full path disclosure via a dev.php?tools-ipaddr&api=Pcoln&uip= URI. |
| CVE-2018-20607 | 2018-12-30 | imcat 4.4 allows remote attackers to obtain potentially sensitive debugging information via the root/tools/adbug/binfo.php URI. |
| CVE-2018-20608 | 2018-12-30 | imcat 4.4 allows remote attackers to read phpinfo output via the root/tools/adbug/binfo.php?phpinfo1 URI. |
| CVE-2018-20609 | 2018-12-30 | imcat 4.4 allows remote attackers to obtain potentially sensitive configuration information via the root/tools/adbug/check.php URI. |
| CVE-2018-20610 | 2018-12-30 | imcat 4.4 allows directory traversal via the root/run/adm.php efile parameter. |
| CVE-2018-20611 | 2018-12-30 | imcat 4.4 allow XSS via a crafted cookie to the root/tools/adbug/binfo.php?cookie URI. |
| CVE-2018-20612 | 2018-12-30 | UWA 2.3.11 allows index.php?g=admin&c=admin&a=add_admin_do CSRF. |
| CVE-2018-20613 | 2018-12-30 | TEMMOKU T1.09 Beta allows admin/user/add CSRF. |
| CVE-2018-20614 | 2018-12-30 | public\install\install.php in CIM 0.9.3 allows remote attackers to reload the product via the public/install/#/step3 URI. |
| CVE-2018-20616 | 2018-12-31 | ok-file-formats through 2018-10-16 has a heap-based buffer overflow in the ok_wav_decode_ms_adpcm_data function in ok_wav.c. |
| CVE-2018-17191 | 2018-12-31 | Apache NetBeans (incubating) 9.0 NetBeans Proxy Auto-Configuration (PAC) interpretation is vulnerable for remote command execution (RCE). Using the nashorn script engine the environment of the javascript execution for the Proxy... |
| CVE-2018-20617 | 2018-12-31 | ok-file-formats through 2018-10-16 has a heap-based buffer overflow in the ok_csv_decode2 function in ok_csv.c. |
| CVE-2018-19844 | 2018-12-31 | FROG CMS 0.9.5 has XSS via the admin/?/snippet/add name parameter, which is mishandled during an edit action, a related issue to CVE-2018-10319. |
| CVE-2018-19845 | 2018-12-31 | There is Stored XSS in GetSimple CMS 3.3.12 via the admin/edit.php "post-menu" parameter, a related issue to CVE-2018-16325. |
| CVE-2018-19901 | 2018-12-31 | No-CMS 1.1.3 is prone to Persistent XSS via the blog/manage_article/index/ "article_title" parameter. |
| CVE-2018-19902 | 2018-12-31 | No-CMS 1.1.3 is prone to Persistent XSS via the blog/manage_article "keyword" parameter. |
| CVE-2018-19903 | 2018-12-31 | Persistent XSS exists in XSLT CMS via the create/?action=items.edit&type=Page title field. |
| CVE-2018-19904 | 2018-12-31 | Persistent XSS exists in XSLT CMS via the create/?action=items.edit&type=Page "body" field. |
| CVE-2018-19905 | 2018-12-31 | HTML injection exists in razorCMS 3.4.8 via the /#/page keywords parameter. |
| CVE-2018-19906 | 2018-12-31 | Stored XSS exists in razorCMS 3.4.8 via the /#/page description parameter. |
| CVE-2018-19918 | 2018-12-31 | CuppaCMS has XSS via an SVG document uploaded to the administrator/#/component/table_manager/view/cu_views URI. |
| CVE-2018-20618 | 2018-12-31 | ok-file-formats through 2018-10-16 has a heap-based buffer over-read in the ok_mo_decode2 function in ok_mo.c. |
| CVE-2018-18593 | 2018-12-31 | MFSBGN03838 rev.1 - UCMDB Configuration Management Service, Multiple Vulnerabilities |
| CVE-2018-18600 | 2018-12-31 | The remote upgrade feature in Guardzilla GZ180 devices allow command injection via a crafted new firmware version parameter. |
| CVE-2018-18601 | 2018-12-31 | The TK_set_deviceModel_req_handle function in the cloud communication component in Guardzilla GZ621W devices with firmware 0.5.1.4 has a Buffer Overflow. |
| CVE-2018-18602 | 2018-12-31 | The Cloud API on Guardzilla smart cameras allows user enumeration, with resultant arbitrary camera access and monitoring. |
| CVE-2018-19937 | 2018-12-31 | A local, authenticated attacker can bypass the passcode in the VideoLAN VLC media player app before 3.1.5 for iOS by opening a URL and turning the phone. |
| CVE-2018-6668 | 2018-12-31 | Bypass Application Control with simple DLL |
| CVE-2018-20622 | 2018-12-31 | JasPer 2.0.14 has a memory leak in base/jas_malloc.c in libjasper.a when "--output-format jp2" is used. |
| CVE-2018-20623 | 2018-12-31 | In GNU Binutils 2.31.1, there is a use-after-free in the error function in elfcomm.c when called from the process_archive function in readelf.c via a crafted ELF file. |
| CVE-2018-6334 | 2018-12-31 | Multipart-file uploads call variables to be improperly registered in the global scope. In cases where variables are not declared explicitly before being used this can lead to unexpected behavior. This... |
| CVE-2018-6335 | 2018-12-31 | A Malformed h2 frame can cause 'std::out_of_range' exception when parsing priority meta data. This behavior can lead to denial-of-service. This affects all supported versions of HHVM (3.25.2, 3.24.6, and 3.21.10... |
| CVE-2018-6336 | 2018-12-31 | An issue was discovered in osquery. A maliciously crafted Universal/fat binary can evade third-party code signing checks. By not completing full inspection of the Universal/fat binary, the user of the... |
| CVE-2018-6337 | 2018-12-31 | folly::secureRandom will re-use a buffer between parent and child processes when fork() is called. That will result in multiple forked children producing repeat (or similar) results. This affects HHVM 3.26... |
| CVE-2018-6340 | 2018-12-31 | The Memcache::getextendedstats function can be used to trigger an out-of-bounds read. Exploiting this issue requires control over memcached server hostnames and/or ports. This affects all supported versions of HHVM (3.30... |
| CVE-2018-6341 | 2018-12-31 | React applications which rendered to HTML using the ReactDOMServer API were not escaping user-supplied attribute names at render-time. That lack of escaping could lead to a cross-site scripting vulnerability. This... |
| CVE-2018-6342 | 2018-12-31 | react-dev-utils on Windows allows developers to run a local webserver for accepting various commands, including a command to launch an editor. The input to that command was not properly sanitized,... |
| CVE-2018-6343 | 2018-12-31 | Proxygen fails to validate that a secondary auth manager is set before dereferencing it. That can cause a denial of service issue when parsing a Certificate/CertificateRequest HTTP2 Frame over a... |
| CVE-2018-6344 | 2018-12-31 | A heap corruption in WhatsApp can be caused by a malformed RTP packet being sent after a call is established. The vulnerability can be used to cause denial of service.... |
| CVE-2018-6346 | 2018-12-31 | A potential denial-of-service issue in the Proxygen handling of invalid HTTP2 priority settings (specifically a circular dependency). This affects Proxygen prior to v2018.12.31.00. |
| CVE-2018-6347 | 2018-12-31 | An issue in the Proxygen handling of HTTP2 parsing of headers/trailers can lead to a denial-of-service attack. This affects Proxygen prior to v2018.12.31.00. |
| CVE-2018-6331 | 2018-12-31 | Buck parser-cache command loads/saves state using Java serialized object. If the state information is maliciously crafted, deserializing it could lead to code execution. This issue affects Buck versions prior to... |
| CVE-2018-6333 | 2018-12-31 | The hhvm-attach deep link handler in Nuclide did not properly sanitize the provided hostname parameter when rendering. As a result, a malicious URL could be used to render HTML and... |
| CVE-2019-3494 | 2019-01-01 | Simply-Blog through 2019-01-01 has SQL Injection via the admin/deleteCategories.php delete parameter. |
| CVE-2018-20650 | 2019-01-01 | A reachable Object::dictLookup assertion in Poppler 0.72.0 allows attackers to cause a denial of service due to the lack of a check for the dict data type, as demonstrated by... |
| CVE-2018-20651 | 2019-01-01 | A NULL pointer dereference was discovered in elf_link_add_object_symbols in elflink.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31.1. This occurs for a crafted... |
| CVE-2018-20652 | 2019-01-01 | An attempted excessive memory allocation was discovered in the function tinyexr::AllocateImage in tinyexr.h in tinyexr v0.9.5. Remote attackers could leverage this vulnerability to cause a denial-of-service via crafted input, which... |
| CVE-2019-3500 | 2019-01-02 | aria2c in aria2 1.33.1, when --log is used, can store an HTTP Basic Authentication username and password in a file, which might allow local users to obtain sensitive information by... |
| CVE-2019-3501 | 2019-01-02 | The OUGC Awards plugin before 1.8.19 for MyBB allows XSS via a crafted award reason that is mishandled on the awards page or in a user profile. |
| CVE-2018-17188 | 2019-01-02 | Prior to CouchDB version 2.3.0, CouchDB allowed for runtime-configuration of key components of the database. In some cases, this lead to vulnerabilities where CouchDB admin users could access the underlying... |
| CVE-2018-20657 | 2019-01-02 | The demangle_template function in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.31.1, has a memory leak via a crafted string, leading to a denial of service (memory consumption),... |
| CVE-2018-5197 | 2019-01-02 | A vulnerability in the ExtCommon.dll user extension module version 9.2, 9.2.1, 9.2.2 of Xplatform ActiveX could allow attacker to perform a command injection attack. The vulnerability is due to insufficient... |
| CVE-2018-20658 | 2019-01-02 | The server in Core FTP 2.0 build 653 on 32-bit platforms allows remote attackers to cause a denial of service (daemon crash) via a crafted XRMD command. |
| CVE-2019-3572 | 2019-01-02 | An issue was discovered in libming 0.4.8. There is a heap-based buffer over-read in the function writePNG in the file util/dbl2png.c of the dbl2png command-line program. Because this is associated... |
| CVE-2019-3573 | 2019-01-02 | In libsixel v1.8.2, there is an infinite loop in the function sixel_decode_raw_impl() in the file fromsixel.c, as demonstrated by sixel2png. |
| CVE-2019-3574 | 2019-01-02 | In libsixel v1.8.2, there is a heap-based buffer over-read in the function load_jpeg() in the file loader.c, as demonstrated by img2sixel. |
| CVE-2018-7900 | 2019-01-02 | There is an information leak vulnerability in some Huawei HG products. An attacker may obtain information about the HG device by exploiting this vulnerability. |
| CVE-2018-20659 | 2019-01-02 | An issue was discovered in Bento4 1.5.1-627. The AP4_StcoAtom class in Core/Ap4StcoAtom.cpp has an attempted excessive memory allocation when called from AP4_AtomFactory::CreateAtomFromStream in Core/Ap4AtomFactory.cpp, as demonstrated by mp42hls. |
| CVE-2019-3576 | 2019-01-02 | inxedu through 2018-12-24 has a SQL Injection vulnerability that can lead to information disclosure via the deleteFaveorite/ PATH_INFO. The vulnerable code location is com.inxedu.os.edu.controller.user.UserController#deleteFavorite (aka deleteFavorite in com/inxedu/os/edu/controller/user/UserController.java), where courseFavoritesService.deleteCourseFavoritesById... |
| CVE-2019-3577 | 2019-01-02 | An issue was discovered in Waimai Super Cms 20150505. web/Lib/Action/ProductAction.class.php allows blind SQL Injection via the id[0] parameter to the /product URI. |
| CVE-2018-13045 | 2019-01-02 | SQL injection vulnerability in the "Bazar" page in Yeswiki Cercopitheque 2018-06-19-1 and earlier allows attackers to execute arbitrary SQL commands via the "id" parameter. |
| CVE-2018-14718 | 2019-01-02 | FasterXML jackson-databind 2.x before 2.9.7 might allow remote attackers to execute arbitrary code by leveraging failure to block the slf4j-ext class from polymorphic deserialization. |
| CVE-2018-14719 | 2019-01-02 | FasterXML jackson-databind 2.x before 2.9.7 might allow remote attackers to execute arbitrary code by leveraging failure to block the blaze-ds-opt and blaze-ds-core classes from polymorphic deserialization. |
| CVE-2018-14720 | 2019-01-02 | FasterXML jackson-databind 2.x before 2.9.7 might allow attackers to conduct external XML entity (XXE) attacks by leveraging failure to block unspecified JDK classes from polymorphic deserialization. |
| CVE-2018-14721 | 2019-01-02 | FasterXML jackson-databind 2.x before 2.9.7 might allow remote attackers to conduct server-side request forgery (SSRF) attacks by leveraging failure to block the axis2-jaxws class from polymorphic deserialization. |
| CVE-2018-15490 | 2019-01-02 | An issue was discovered in ExpressVPN on Windows. The Xvpnd.exe process (which runs as a service with SYSTEM privileges) listens on TCP port 2015, which is used as an RPC... |
| CVE-2018-19360 | 2019-01-02 | FasterXML jackson-databind 2.x before 2.9.8 might allow attackers to have unspecified impact by leveraging failure to block the axis2-transport-jms class from polymorphic deserialization. |
| CVE-2018-19361 | 2019-01-02 | FasterXML jackson-databind 2.x before 2.9.8 might allow attackers to have unspecified impact by leveraging failure to block the openjpa class from polymorphic deserialization. |
| CVE-2018-19362 | 2019-01-02 | FasterXML jackson-databind 2.x before 2.9.8 might allow attackers to have unspecified impact by leveraging failure to block the jboss-common-core class from polymorphic deserialization. |
| CVE-2018-19371 | 2019-01-02 | The SaveUserSettings service in Content Manager in SDL Web 8.5.0 has an XXE Vulnerability that allows reading sensitive files from the system. |
| CVE-2018-19478 | 2019-01-02 | In Artifex Ghostscript before 9.26, a carefully crafted PDF file can trigger an extremely long running computation when parsing the file. |
| CVE-2018-20100 | 2019-01-02 | An issue was discovered on August Connect devices. Insecure data transfer between the August app and August Connect during configuration allows attackers to discover home Wi-Fi credentials. This data transfer... |
| CVE-2018-20114 | 2019-01-02 | On D-Link DIR-818LW Rev.A 2.05.B03 and DIR-860L Rev.B 2.03.B03 devices, unauthenticated remote OS command execution can occur in the soap.cgi service of the cgibin binary via an "&&" substring in... |
| CVE-2018-20166 | 2019-01-02 | A file-upload vulnerability exists in Rukovoditel 2.3.1. index.php?module=configuration/save allows the user to upload a background image, and mishandles extension checking. It accepts uploads of PHP content if the first few... |
| CVE-2018-20211 | 2019-01-02 | ExifTool 8.32 allows local users to gain privileges by creating a %TEMP%\par-%username%\cache-exiftool-8.32 folder with a victim's username, and then copying a Trojan horse ws32_32.dll file into this new folder, aka... |
| CVE-2018-20326 | 2019-01-02 | ChinaMobile PLC Wireless Router GPN2.4P21-C-CN devices with firmware W2001EN-00 have XSS via the cgi-bin/webproc?getpage=html/index.html var:subpage parameter. |
| CVE-2018-18264 | 2019-01-03 | Kubernetes Dashboard before 1.10.1 allows attackers to bypass authentication and use Dashboard's Service Account for reading secrets within the cluster. |
| CVE-2018-18893 | 2019-01-03 | Jinjava before 2.4.6 does not block the getClass method, related to com/hubspot/jinjava/el/ext/JinjavaBeanELResolver.java. |
| CVE-2018-20131 | 2019-01-03 | The Code42 app before 6.8.4, as used in Code42 for Enterprise, on Linux installs with overly permissive permissions on the /usr/local/crashplan/log directory. This allows a user to manipulate symbolic links... |
| CVE-2019-3580 | 2019-01-03 | OpenRefine through 3.1 allows arbitrary file write because Directory Traversal can occur during the import of a crafted project file. |
| CVE-2018-17172 | 2019-01-03 | The web application on Xerox AltaLink B80xx before 100.008.028.05200, C8030/C8035 before 100.001.028.05200, C8045/C8055 before 100.002.028.05200, and C8070 before 100.003.028.05200 allows unauthenticated command injection. |