Lista CVE - 2018 / Giugno
Visualizzazione 101 - 200 di 1783 CVE per Giugno 2018 (Pagina 2 di 18)
| ID CVE | Data | Titolo |
|---|---|---|
| CVE-2018-11148 | 2018-06-01 | Quest DR Series Disk Backup software version before 4.0.3.1 allows command injection (issue 6 of 46). |
| CVE-2018-11149 | 2018-06-01 | Quest DR Series Disk Backup software version before 4.0.3.1 allows command injection (issue 7 of 46). |
| CVE-2018-11150 | 2018-06-01 | Quest DR Series Disk Backup software version before 4.0.3.1 allows command injection (issue 8 of 46). |
| CVE-2018-11151 | 2018-06-01 | Quest DR Series Disk Backup software version before 4.0.3.1 allows command injection (issue 9 of 46). |
| CVE-2018-11152 | 2018-06-01 | Quest DR Series Disk Backup software version before 4.0.3.1 allows command injection (issue 10 of 46). |
| CVE-2018-11153 | 2018-06-01 | Quest DR Series Disk Backup software version before 4.0.3.1 allows command injection (issue 11 of 46). |
| CVE-2018-11154 | 2018-06-01 | Quest DR Series Disk Backup software version before 4.0.3.1 allows command injection (issue 12 of 46). |
| CVE-2018-11155 | 2018-06-01 | Quest DR Series Disk Backup software version before 4.0.3.1 allows command injection (issue 13 of 46). |
| CVE-2018-11156 | 2018-06-01 | Quest DR Series Disk Backup software version before 4.0.3.1 allows command injection (issue 14 of 46). |
| CVE-2018-11157 | 2018-06-01 | Quest DR Series Disk Backup software version before 4.0.3.1 allows command injection (issue 15 of 46). |
| CVE-2018-11158 | 2018-06-01 | Quest DR Series Disk Backup software version before 4.0.3.1 allows command injection (issue 16 of 46). |
| CVE-2018-11159 | 2018-06-01 | Quest DR Series Disk Backup software version before 4.0.3.1 allows command injection (issue 17 of 46). |
| CVE-2018-11160 | 2018-06-01 | Quest DR Series Disk Backup software version before 4.0.3.1 allows command injection (issue 18 of 46). |
| CVE-2018-11161 | 2018-06-01 | Quest DR Series Disk Backup software version before 4.0.3.1 allows command injection (issue 19 of 46). |
| CVE-2018-11162 | 2018-06-01 | Quest DR Series Disk Backup software version before 4.0.3.1 allows command injection (issue 20 of 46). |
| CVE-2018-11163 | 2018-06-01 | Quest DR Series Disk Backup software version before 4.0.3.1 allows command injection (issue 21 of 46). |
| CVE-2018-11164 | 2018-06-01 | Quest DR Series Disk Backup software version before 4.0.3.1 allows command injection (issue 22 of 46). |
| CVE-2018-11165 | 2018-06-01 | Quest DR Series Disk Backup software version before 4.0.3.1 allows command injection (issue 23 of 46). |
| CVE-2018-11166 | 2018-06-01 | Quest DR Series Disk Backup software version before 4.0.3.1 allows command injection (issue 24 of 46). |
| CVE-2018-11167 | 2018-06-01 | Quest DR Series Disk Backup software version before 4.0.3.1 allows command injection (issue 25 of 46). |
| CVE-2018-11168 | 2018-06-01 | Quest DR Series Disk Backup software version before 4.0.3.1 allows command injection (issue 26 of 46). |
| CVE-2018-11169 | 2018-06-01 | Quest DR Series Disk Backup software version before 4.0.3.1 allows command injection (issue 27 of 46). |
| CVE-2018-11170 | 2018-06-01 | Quest DR Series Disk Backup software version before 4.0.3.1 allows command injection (issue 28 of 46). |
| CVE-2018-11171 | 2018-06-01 | Quest DR Series Disk Backup software version before 4.0.3.1 allows command injection (issue 29 of 46). |
| CVE-2018-11172 | 2018-06-01 | Quest DR Series Disk Backup software version before 4.0.3.1 allows command injection (issue 30 of 46). |
| CVE-2018-11173 | 2018-06-01 | Quest DR Series Disk Backup software version before 4.0.3.1 allows command injection (issue 31 of 46). |
| CVE-2018-11174 | 2018-06-01 | Quest DR Series Disk Backup software version before 4.0.3.1 allows command injection (issue 32 of 46). |
| CVE-2018-11175 | 2018-06-01 | Quest DR Series Disk Backup software version before 4.0.3.1 allows command injection (issue 33 of 46). |
| CVE-2018-11176 | 2018-06-01 | Quest DR Series Disk Backup software version before 4.0.3.1 allows command injection (issue 34 of 46). |
| CVE-2018-11177 | 2018-06-01 | Quest DR Series Disk Backup software version before 4.0.3.1 allows command injection (issue 35 of 46). |
| CVE-2018-11178 | 2018-06-01 | Quest DR Series Disk Backup software version before 4.0.3.1 allows command injection (issue 36 of 46). |
| CVE-2018-11179 | 2018-06-01 | Quest DR Series Disk Backup software version before 4.0.3.1 allows command injection (issue 37 of 46). |
| CVE-2018-11180 | 2018-06-01 | Quest DR Series Disk Backup software version before 4.0.3.1 allows command injection (issue 38 of 46). |
| CVE-2018-11181 | 2018-06-01 | Quest DR Series Disk Backup software version before 4.0.3.1 allows command injection (issue 39 of 46). |
| CVE-2018-11182 | 2018-06-01 | Quest DR Series Disk Backup software version before 4.0.3.1 allows command injection (issue 40 of 46). |
| CVE-2018-11183 | 2018-06-01 | Quest DR Series Disk Backup software version before 4.0.3.1 allows command injection (issue 41 of 46). |
| CVE-2018-11184 | 2018-06-01 | Quest DR Series Disk Backup software version before 4.0.3.1 allows command injection (issue 42 of 46). |
| CVE-2018-11185 | 2018-06-01 | Quest DR Series Disk Backup software version before 4.0.3.1 allows command injection (issue 43 of 46). |
| CVE-2018-11186 | 2018-06-01 | Quest DR Series Disk Backup software version before 4.0.3.1 allows command injection (issue 44 of 46). |
| CVE-2018-11187 | 2018-06-01 | Quest DR Series Disk Backup software version before 4.0.3.1 allows command injection (issue 45 of 46). |
| CVE-2018-11188 | 2018-06-01 | Quest DR Series Disk Backup software version before 4.0.3.1 allows command injection (issue 46 of 46). |
| CVE-2018-11189 | 2018-06-01 | Quest DR Series Disk Backup software version before 4.0.3.1 allows privilege escalation (issue 1 of 6). |
| CVE-2018-11190 | 2018-06-01 | Quest DR Series Disk Backup software version before 4.0.3.1 allows privilege escalation (issue 2 of 6). |
| CVE-2018-11191 | 2018-06-01 | Quest DR Series Disk Backup software version before 4.0.3.1 allows privilege escalation (issue 3 of 6). |
| CVE-2018-11192 | 2018-06-01 | Quest DR Series Disk Backup software version before 4.0.3.1 allows privilege escalation (issue 4 of 6). |
| CVE-2018-11193 | 2018-06-01 | Quest DR Series Disk Backup software version before 4.0.3.1 allows privilege escalation (issue 5 of 6). |
| CVE-2018-11194 | 2018-06-01 | Quest DR Series Disk Backup software version before 4.0.3.1 allows privilege escalation (issue 6 of 6). |
| CVE-2018-11522 | 2018-06-01 | Yosoro 1.0.4 has stored XSS. |
| CVE-2018-11564 | 2018-06-01 | Stored XSS in YOOtheme Pagekit 1.0.13 and earlier allows a user to upload malicious code via the picture upload feature. A user with elevated privileges could upload a photo to... |
| CVE-2018-1002100 | 2018-06-01 | In Kubernetes versions 1.5.x, 1.6.x, 1.7.x, 1.8.x, and prior to version 1.9.6, the kubectl cp command insecurely handles tar data returned from the container, and can be caused to overwrite... |
| CVE-2018-11679 | 2018-06-02 | An issue was discovered in CmsEasy 6.1_20180508. There is a CSRF vulnerability that can add an article via /index.php?case=table&act=add&table=archive&admin_dir=admin. |
| CVE-2018-11680 | 2018-06-02 | An issue was discovered in CmsEasy 6.1_20180508. There is a CSRF vulnerability in the rich text editor that can add an IFRAME element. This might be used in a DoS... |
| CVE-2018-11629 | 2018-06-02 | Default and unremovable support credentials (user:lutron password:integration) allow attackers to gain total super user control of an IoT device through a TELNET session to products using the HomeWorks QS Lutron... |
| CVE-2018-11681 | 2018-06-02 | Default and unremovable support credentials (user:nwk password:nwk2) allow attackers to gain total super user control of an IoT device through a TELNET session to products using the RadioRA 2 Lutron... |
| CVE-2018-11682 | 2018-06-02 | Default and unremovable support credentials allow attackers to gain total super user control of an IoT device through a TELNET session to products using the Stanza Lutron integration protocol Revision... |
| CVE-2017-18284 | 2018-06-04 | The Gentoo app-backup/burp package before 2.1.32 sets the ownership of the PID file directory to the burp account, which might allow local users to kill arbitrary processes by leveraging access... |
| CVE-2017-18285 | 2018-06-04 | The Gentoo app-backup/burp package before 2.1.32 has incorrect group ownership of the /etc/burp directory, which might allow local users to obtain read and write access to arbitrary files by leveraging... |
| CVE-2018-11683 | 2018-06-04 | Liblouis 3.5.0 has a stack-based Buffer Overflow in the function parseChars in compileTranslationTable.c, a different vulnerability than CVE-2018-11440. |
| CVE-2018-11684 | 2018-06-04 | Liblouis 3.5.0 has a stack-based Buffer Overflow in the function includeFile in compileTranslationTable.c. |
| CVE-2018-11685 | 2018-06-04 | Liblouis 3.5.0 has a stack-based Buffer Overflow in the function compileHyphenation in compileTranslationTable.c. |
| CVE-2018-11692 | 2018-06-04 | An issue was discovered on Canon LBP6650, LBP3370, LBP3460, and LBP7750C devices. It is possible to bypass the Administrator Mode authentication for /tlogin.cgi via vectors involving frame.cgi?page=DevStatus. NOTE: the vendor... |
| CVE-2018-11693 | 2018-06-04 | An issue was discovered in LibSass through 3.5.4. An out-of-bounds read of a memory region was found in the function Sass::Prelexer::skip_over_scopes which could be leveraged by an attacker to disclose... |
| CVE-2018-11694 | 2018-06-04 | An issue was discovered in LibSass through 3.5.4. A NULL pointer dereference was found in the function Sass::Functions::selector_append which could be leveraged by an attacker to cause a denial of... |
| CVE-2018-11695 | 2018-06-04 | An issue was discovered in LibSass <3.5.3. A NULL pointer dereference was found in the function Sass::Expand::operator which could be leveraged by an attacker to cause a denial of service... |
| CVE-2018-11696 | 2018-06-04 | An issue was discovered in LibSass through 3.5.4. A NULL pointer dereference was found in the function Sass::Inspect::operator which could be leveraged by an attacker to cause a denial of... |
| CVE-2018-11697 | 2018-06-04 | An issue was discovered in LibSass through 3.5.4. An out-of-bounds read of a memory region was found in the function Sass::Prelexer::exactly() which could be leveraged by an attacker to disclose... |
| CVE-2018-11698 | 2018-06-04 | An issue was discovered in LibSass through 3.5.4. An out-of-bounds read of a memory region was found in the function Sass::handle_error which could be leveraged by an attacker to disclose... |
| CVE-2016-1000339 | 2018-06-04 | In the Bouncy Castle JCE Provider version 1.55 and earlier the primary engine class used for AES was AESFastEngine. Due to the highly table driven approach used in the algorithm... |
| CVE-2016-1000340 | 2018-06-04 | In the Bouncy Castle JCE Provider versions 1.51 to 1.55, a carry propagation bug was introduced in the implementation of squaring for several raw math classes have been fixed (org.bouncycastle.math.raw.Nat???).... |
| CVE-2016-1000341 | 2018-06-04 | In the Bouncy Castle JCE Provider version 1.55 and earlier DSA signature generation is vulnerable to timing attack. Where timings can be closely observed for the generation of signatures, the... |
| CVE-2016-1000342 | 2018-06-04 | In the Bouncy Castle JCE Provider version 1.55 and earlier ECDSA does not fully validate ASN.1 encoding of signature on verification. It is possible to inject extra elements in the... |
| CVE-2016-1000343 | 2018-06-04 | In the Bouncy Castle JCE Provider version 1.55 and earlier the DSA key pair generator generates a weak private key if used with default values. If the JCA key pair... |
| CVE-2018-11711 | 2018-06-04 | A remote attacker can bypass the System Manager Mode on the Canon MF210 and MF220 web interface without knowing the PIN for /login.html via vectors involving /portal_top.html to get full... |
| CVE-2018-11709 | 2018-06-04 | wpforo_get_request_uri in wpf-includes/functions.php in the wpForo Forum plugin before 1.4.12 for WordPress allows Unauthenticated Reflected Cross-Site Scripting (XSS) via the URI. |
| CVE-2018-11710 | 2018-06-04 | soundlib/pattern.h in libopenmpt before 0.3.9 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted AMS file because of an... |
| CVE-2018-11712 | 2018-06-04 | WebCore/platform/network/soup/SocketStreamHandleImplSoup.cpp in the libsoup network backend of WebKit, as used in WebKitGTK+ versions 2.20.0 and 2.20.1, failed to perform TLS certificate verification for WebSocket connections. |
| CVE-2018-11713 | 2018-06-04 | WebCore/platform/network/soup/SocketStreamHandleImplSoup.cpp in the libsoup network backend of WebKit, as used in WebKitGTK+ prior to version 2.20.0 or without libsoup 2.62.0, unexpectedly failed to use system proxy settings for WebSocket connections.... |
| CVE-2018-10611 | 2018-06-04 | Java remote method invocation (RMI) input port in GE MDS PulseNET and MDS PulseNET Enterprise version 3.2.1 and prior may be exploited to allow unauthenticated users to launch applications and... |
| CVE-2018-10613 | 2018-06-04 | Multiple variants of XML External Entity (XXE) attacks may be used to exfiltrate data from the host Windows platform in GE MDS PulseNET and MDS PulseNET Enterprise version 3.2.1 and... |
| CVE-2018-10615 | 2018-06-04 | Directory traversal may lead to files being exfiltrated or deleted on the GE MDS PulseNET and MDS PulseNET Enterprise version 3.2.1 and prior host platform. |
| CVE-2018-11714 | 2018-06-04 | An issue was discovered on TP-Link TL-WR840N v5 00000005 0.9.1 3.16 v0001.0 Build 170608 Rel.58696n and TL-WR841N v13 00000013 0.9.1 4.16 v0001.0 Build 170622 Rel.64334n devices. This issue is caused... |
| CVE-2016-10692 | 2018-06-04 | haxeshim haxe shim to deal with coexisting versions. haxeshim downloads resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution (RCE)... |
| CVE-2016-10636 | 2018-06-04 | grunt-ccompiler is a Closure Compiler Grunt Plugin. grunt-ccompiler downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution (RCE)... |
| CVE-2016-10637 | 2018-06-04 | haxe-dev is a cross-platform toolkit. haxe-dev downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution (RCE) by swapping... |
| CVE-2016-10638 | 2018-06-04 | js-given is a JavaScript frontend to jgiven. js-given downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution (RCE)... |
| CVE-2016-10639 | 2018-06-04 | redis-srvr is a npm wrapper for redis-server. redis-srvr downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution (RCE)... |
| CVE-2016-10640 | 2018-06-04 | node-thulac is a node binding for thulac. node-thulac downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution (RCE)... |
| CVE-2016-10641 | 2018-06-04 | node-bsdiff-android downloads resources over HTTP, which leaves it vulnerable to MITM attacks. |
| CVE-2016-10642 | 2018-06-04 | cmake installs the cmake x86 linux binaries. cmake downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution (RCE)... |
| CVE-2016-10643 | 2018-06-04 | jstestdriver is a wrapper for Google's jstestdriver. jstestdriver downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution (RCE)... |
| CVE-2016-10644 | 2018-06-04 | slimerjs-edge is a npm wrapper for installing the bleeding edge version of slimerjs. slimerjs-edge downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible... |
| CVE-2016-10645 | 2018-06-04 | grunt-images is a grunt plugin for processing images. grunt-images downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution... |
| CVE-2016-10646 | 2018-06-04 | resourcehacker is a Node wrapper of Resource Hacker (windows executable resource editor). resourcehacker downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to... |
| CVE-2016-10647 | 2018-06-04 | node-air-sdk is an AIR SDK for nodejs. node-air-sdk downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution (RCE)... |
| CVE-2016-10648 | 2018-06-04 | marionette-socket-host is a marionette-js-runner host for sending actions over a socket. marionette-socket-host downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause... |
| CVE-2016-10649 | 2018-06-04 | frames-compiler downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution (RCE) by swapping out the requested binary with... |
| CVE-2016-10651 | 2018-06-04 | webdriver-launcher is a Node.js Selenium Webdriver Launcher. webdriver-launcher downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote code execution (RCE)... |
| CVE-2016-10652 | 2018-06-04 | prebuild-lwip is a module for comprehensive, fast, and simple image processing and manipulation. prebuild-lwip downloads resources over HTTP, which leaves it vulnerable to MITM attacks. |
| CVE-2016-10653 | 2018-06-04 | xd-testing is a testing library for cross-device (XD) web applications. xd-testing downloads binary resources over HTTP, which leaves it vulnerable to MITM attacks. It may be possible to cause remote... |
| CVE-2016-10654 | 2018-06-04 | sfml downloads resources over HTTP, which leaves it vulnerable to MITM attacks. |