Lista CVE - 2018 / Settembre
Visualizzazione 101 - 200 di 1169 CVE per Settembre 2018 (Pagina 2 di 12)
| ID CVE | Data | Titolo |
|---|---|---|
| CVE-2018-16449 | 2018-09-04 | OneThink 1.1.141212 allows CSRF for adding a page via admin.php?s=/Channel/add.html, adding a blog via admin.php?s=/Article/update.html, and setting the audit state via admin.php?s=/Article/setStatus/status/1.html. |
| CVE-2018-16450 | 2018-09-04 | CraftedWeb through 2013-09-24 has reflected XSS via the p parameter. |
| CVE-2018-16458 | 2018-09-04 | An issue was discovered in baigo CMS v2.1.1. There is an index.php?m=article&c=request CSRF that can cause publication of any article. |
| CVE-2018-14627 | 2018-09-04 | The IIOP OpenJDK Subsystem in WildFly before version 14.0.0 does not honour configuration when SSL transport is required. Servers before this version that are configured with the following setting allow... |
| CVE-2018-0646 | 2018-09-04 | Directory traversal vulnerability in Explzh v.7.58 and earlier allows an attacker to read arbitrary files via unspecified vectors. |
| CVE-2018-0656 | 2018-09-04 | Untrusted search path vulnerability in The installer of Digital Paper App version 1.4.0.16050 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. |
| CVE-2018-0664 | 2018-09-04 | A vulnerability in NoMachine App for Android 5.0.63 and earlier allows attackers to alter environment variables via unspecified vectors. |
| CVE-2018-0672 | 2018-09-04 | Cross-site scripting vulnerability in Movable Type versions prior to Ver. 6.3.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. |
| CVE-2018-0674 | 2018-09-04 | AttacheCase ver.2.8.4.0 and earlier allows an arbitrary script execution via unspecified vectors. |
| CVE-2018-0675 | 2018-09-04 | AttacheCase ver.3.3.0.0 and earlier allows an arbitrary script execution via unspecified vectors. |
| CVE-2018-10904 | 2018-09-04 | It was found that glusterfs server does not properly sanitize file paths in the "trusted.io-stats-dump" extended attribute which is used by the "debug/io-stats" translator. Attacker can use this flaw to... |
| CVE-2018-10907 | 2018-09-04 | It was found that glusterfs server is vulnerable to multiple stack based buffer overflows due to functions in server-rpc-fopc.c allocating fixed size buffers using 'alloca(3)'. An authenticated attacker could exploit... |
| CVE-2018-10911 | 2018-09-04 | A flaw was found in the way dic_unserialize function of glusterfs does not handle negative key length values. An attacker could use this flaw to read memory from other locations... |
| CVE-2018-10913 | 2018-09-04 | An information disclosure vulnerability was discovered in glusterfs server. An attacker could issue a xattr request via glusterfs FUSE to determine the existence of any file. |
| CVE-2018-10914 | 2018-09-04 | It was found that an attacker could issue a xattr request via glusterfs FUSE to cause gluster brick process to crash which will result in a remote denial of service.... |
| CVE-2018-10923 | 2018-09-04 | It was found that the "mknod" call derived from mknod(2) can create files pointing to devices on a glusterfs server node. An authenticated attacker could use this to create an... |
| CVE-2018-10924 | 2018-09-04 | It was discovered that fsync(2) system call in glusterfs client code leaks memory. An authenticated attacker could use this flaw to launch a denial of service attack by making gluster... |
| CVE-2018-10926 | 2018-09-04 | A flaw was found in RPC request using gfs3_mknod_req supported by glusterfs server. An authenticated attacker could use this flaw to write files to an arbitrary location via path traversal... |
| CVE-2018-10927 | 2018-09-04 | A flaw was found in RPC request using gfs3_lookup_req in glusterfs server. An authenticated attacker could use this flaw to leak information and execute remote denial of service by crashing... |
| CVE-2018-10928 | 2018-09-04 | A flaw was found in RPC request using gfs3_symlink_req in glusterfs server which allows symlink destinations to point to file paths outside of the gluster volume. An authenticated attacker could... |
| CVE-2018-10929 | 2018-09-04 | A flaw was found in RPC request using gfs2_create_req in glusterfs server. An authenticated attacker could use this flaw to create arbitrary files and execute arbitrary code on glusterfs server... |
| CVE-2018-10930 | 2018-09-04 | A flaw was found in RPC request using gfs3_rename_req in glusterfs server. An authenticated attacker could use this flaw to write to a destination outside the gluster volume. |
| CVE-2018-11262 | 2018-09-04 | In Android for MSM, Firefox OS for MSM, and QRD Android with all Android releases from CAF using the Linux kernel while trying to find out total number of partition... |
| CVE-2018-7936 | 2018-09-04 | Mate 10 Pro Huawei smart phones with the versions before BLA-L29 8.0.0.148(C432) have a Factory Reset Protection (FRP) bypass security vulnerability. When re-configuring the mobile phone using the factory reset... |
| CVE-2018-7937 | 2018-09-04 | In Huawei HiRouter-CD20-10 with the versions before 1.9.6 and WS5200-10 with the versions before 1.9.6, there is a plug-in signature bypass vulnerability due to insufficient plug-in verification. An attacker may... |
| CVE-2018-7938 | 2018-09-04 | P10 Huawei smartphones with the versions before Victoria-AL00AC00B217 have an information leak vulnerability due to the lack of permission validation. An attacker tricks a user into installing a malicious application... |
| CVE-2018-7990 | 2018-09-04 | Mate10 Pro Huawei smart phones with the versions before 8.1.0.326(C00) have a FRP bypass vulnerability. During the mobile phone reseting process, an attacker could bypass "Find My Phone" protect after... |
| CVE-2018-6554 | 2018-09-04 | Memory leak in the irda_bind function in net/irda/af_irda.c and later in drivers/staging/irda/net/af_irda.c in the Linux kernel before 4.17 allows local users to cause a denial of service (memory consumption) by... |
| CVE-2018-6555 | 2018-09-04 | The irda_setsockopt function in net/irda/af_irda.c and later in drivers/staging/irda/net/af_irda.c in the Linux kernel before 4.17 allows local users to cause a denial of service (ias_object use-after-free and system crash) or... |
| CVE-2018-6923 | 2018-09-04 | In FreeBSD before 11.1-STABLE, 11.2-RELEASE-p2, 11.1-RELEASE-p13, ip fragment reassembly code is vulnerable to a denial of service due to excessive system resource consumption. This issue can allow a remote attacker... |
| CVE-2018-16509 | 2018-09-05 | An issue was discovered in Artifex Ghostscript before 9.24. Incorrect "restoration of privilege" checking during handling of /invalidaccess exceptions could be used by attackers able to supply crafted PostScript to... |
| CVE-2018-16510 | 2018-09-05 | An issue was discovered in Artifex Ghostscript before 9.24. Incorrect exec stack handling in the "CS" and "SC" PDF primitives could be used by remote attackers able to supply crafted... |
| CVE-2018-16511 | 2018-09-05 | An issue was discovered in Artifex Ghostscript before 9.24. A type confusion in "ztype" could be used by remote attackers able to supply crafted PostScript to crash the interpreter or... |
| CVE-2018-0502 | 2018-09-05 | An issue was discovered in zsh before 5.6. The beginning of a #! script file was mishandled, potentially leading to an execve call to a program named on the second... |
| CVE-2018-13259 | 2018-09-05 | An issue was discovered in zsh before 5.6. Shebang lines exceeding 64 characters were truncated, potentially leading to an execve call to a program name that is a substring of... |
| CVE-2018-16513 | 2018-09-05 | In Artifex Ghostscript before 9.24, attackers able to supply crafted PostScript files could use a type confusion in the setcolor function to crash the interpreter or possibly have unspecified other... |
| CVE-2018-1353 | 2018-09-05 | An information disclosure vulnerability in Fortinet FortiManager 6.0.1 and below versions allows a standard user with adom assignment read the interface settings of vdoms unrelated to the assigned adom. |
| CVE-2018-9192 | 2018-09-05 | A plaintext recovery of encrypted messages or a Man-in-the-middle (MiTM) attack on RSA PKCS #1 v1.5 encryption may be possible without knowledge of the server's private key. Fortinet FortiOS 5.4.6... |
| CVE-2018-9194 | 2018-09-05 | A plaintext recovery of encrypted messages or a Man-in-the-middle (MiTM) attack on RSA PKCS #1 v1.5 encryption may be possible without knowledge of the server's private key. Fortinet FortiOS 5.4.6... |
| CVE-2018-16516 | 2018-09-05 | helpers.py in Flask-Admin 1.5.2 has Reflected XSS via a crafted URL. |
| CVE-2018-16518 | 2018-09-05 | A directory traversal vulnerability with remote code execution in Prim'X Zed! FREE through 1.0 build 186 and Zed! Limited Edition through 6.1 build 2208 allows creation of arbitrary files on... |
| CVE-2018-16521 | 2018-09-05 | An XML External Entity (XXE) vulnerability exists in HTML Form Entry 3.7.0, as distributed in OpenMRS Reference Application 2.8.0. |
| CVE-2016-1000030 | 2018-09-05 | Pidgin version <2.11.0 contains a vulnerability in X.509 Certificates imports specifically due to improper check of return values from gnutls_x509_crt_init() and gnutls_x509_crt_import() that can result in code execution. This attack... |
| CVE-2016-1000232 | 2018-09-05 | NodeJS Tough-Cookie version 2.2.2 contains a Regular Expression Parsing vulnerability in HTTP request Cookie Header parsing that can result in Denial of Service. This attack appear to be exploitable via... |
| CVE-2018-16539 | 2018-09-05 | In Artifex Ghostscript before 9.24, attackers able to supply crafted PostScript files could use incorrect access checking in temp file handling to disclose contents of files on the system otherwise... |
| CVE-2018-16540 | 2018-09-05 | In Artifex Ghostscript before 9.24, attackers able to supply crafted PostScript files to the builtin PDF14 converter could use a use-after-free in copydevice handling to crash the interpreter or possibly... |
| CVE-2018-16541 | 2018-09-05 | In Artifex Ghostscript before 9.24, attackers able to supply crafted PostScript files could use incorrect free logic in pagedevice replacement to crash the interpreter. |
| CVE-2018-16542 | 2018-09-05 | In Artifex Ghostscript before 9.24, attackers able to supply crafted PostScript files could use insufficient interpreter stack-size checking during error handling to crash the interpreter. |
| CVE-2018-16543 | 2018-09-05 | In Artifex Ghostscript before 9.24, gssetresolution and gsgetresolution allow attackers to have an unspecified impact. |
| CVE-2018-14618 | 2018-09-05 | curl before version 7.61.1 is vulnerable to a buffer overrun in the NTLM authentication code. The internal function Curl_ntlm_core_mk_nt_hash multiplies the length of the password by two (SUM) to figure... |
| CVE-2018-16545 | 2018-09-05 | Kaizen Asset Manager (Enterprise Edition) and Training Manager (Enterprise Edition) allow a remote attacker to achieve arbitrary code execution via file impersonation. For example, a malicious dynamic-link library (dll) assumed... |
| CVE-2018-16436 | 2018-09-05 | Gxlcms 2.0 before bug fix 20180915 has SQL Injection exploitable by an administrator. |
| CVE-2018-16437 | 2018-09-05 | Gxlcms 2.0 before bug fix 20180915 has Directory Traversal exploitable by an administrator. |
| CVE-2018-16546 | 2018-09-05 | Amcrest networked devices use the same hardcoded SSL private key across different customers' installations, which allows remote attackers to defeat cryptographic protection mechanisms by leveraging knowledge of this key from... |
| CVE-2015-9266 | 2018-09-05 | Ubiquiti airOS HTTP(S) unauthenticated arbitrary file upload |
| CVE-2018-14769 | 2018-09-05 | VIVOTEK FD8177 devices before XXXXXX-VVTK-xx06a allow CSRF. |
| CVE-2018-14770 | 2018-09-05 | VIVOTEK FD8177 devices before XXXXXX-VVTK-xx06a allow remote attackers to execute arbitrary code (issue 1 of 2) via the ONVIF interface, (/onvif/device_service). |
| CVE-2018-14771 | 2018-09-05 | VIVOTEK FD8177 devices before XXXXXX-VVTK-xx06a allow remote attackers to execute arbitrary code (issue 2 of 2) via eventscript.cgi. |
| CVE-2018-15676 | 2018-09-05 | An issue was discovered in BTITeam XBTIT. By using String.replace and eval, it is possible to bypass the includes/crk_protection.php anti-XSS mechanism that looks for a number of dangerous fingerprints. |
| CVE-2018-15677 | 2018-09-05 | The newsfeed (aka /index.php?page=viewnews) in BTITeam XBTIT 2.5.4 has stored XSS via the title of a news item. This is also exploitable via CSRF. |
| CVE-2018-15678 | 2018-09-05 | An issue was discovered in BTITeam XBTIT 2.5.4. The "act" parameter in the sign-up page available at /index.php?page=signup is vulnerable to reflected cross-site scripting. |
| CVE-2018-15679 | 2018-09-05 | An issue was discovered in BTITeam XBTIT 2.5.4. The "keywords" parameter in the search function available at /index.php?page=forums&action=search is vulnerable to reflected cross-site scripting. |
| CVE-2018-15680 | 2018-09-05 | An issue was discovered in BTITeam XBTIT 2.5.4. The hashed passwords stored in the xbtit_users table are stored as unsalted MD5 hashes, which makes it easier for context-dependent attackers to... |
| CVE-2018-15681 | 2018-09-05 | An issue was discovered in BTITeam XBTIT 2.5.4. When a user logs in, their password hash is rehashed using a predictable salt and stored in the "pass" cookie, which is... |
| CVE-2018-15682 | 2018-09-05 | An issue was discovered in BTITeam XBTIT. Due to a lack of cross-site request forgery protection, it is possible to automate the action of sending private messages to users by... |
| CVE-2018-15683 | 2018-09-05 | An issue was discovered in BTITeam XBTIT. The "returnto" parameter of the login page is vulnerable to an open redirect due to a lack of validation. If a user is... |
| CVE-2018-15684 | 2018-09-05 | An issue was discovered in BTITeam XBTIT. PHP error logs are stored in an open directory (/include/logs) using predictable file names, which can lead to full path disclosure and leakage... |
| CVE-2018-15917 | 2018-09-05 | Persistent cross-site scripting (XSS) issues in Jorani 0.6.5 allow remote attackers to inject arbitrary web script or HTML via the language parameter to session/language. |
| CVE-2018-15918 | 2018-09-05 | An issue was discovered in Jorani 0.6.5. SQL Injection (error-based) allows a user of the application without permissions to read and modify sensitive information from the database used by the... |
| CVE-2018-16144 | 2018-09-05 | The test connection functionality in the NetAudit section of Opsview Monitor before 5.3.1 and 5.4.x before 5.4.2 is vulnerable to command injection due to improper sanitization of the rancid_password parameter. |
| CVE-2018-16145 | 2018-09-05 | The /etc/init.d/opsview-reporting-module script that runs at boot time in Opsview Monitor before 5.3.1 and 5.4.x before 5.4.2 invokes a file that can be edited by the nagios user, and would... |
| CVE-2018-16146 | 2018-09-05 | The web management console of Opsview Monitor 5.4.x before 5.4.2 provides functionality accessible by an authenticated administrator to test notifications that are triggered under certain configurable events. The value parameter... |
| CVE-2018-16147 | 2018-09-05 | The data parameter of the /settings/api/router endpoint in Opsview Monitor before 5.3.1 and 5.4.x before 5.4.2 is vulnerable to Cross-Site Scripting. |
| CVE-2018-16148 | 2018-09-05 | The diagnosticsb2ksy parameter of the /rest endpoint in Opsview Monitor before 5.3.1 and 5.4.x before 5.4.2 is vulnerable to Cross-Site Scripting. |
| CVE-2018-16252 | 2018-09-05 | FsPro Labs Event Log Explorer 4.6.1.2115 has ".elx" FileType XML External Entity Injection. |
| CVE-2018-16307 | 2018-09-05 | An "Out-of-band resource load" issue was discovered on Xiaomi MIWiFi Xiaomi_55DD Version 2.8.50 devices. It is possible to induce the application to retrieve the contents of an arbitrary external URL... |
| CVE-2018-16361 | 2018-09-05 | An issue was discovered in BTITeam XBTIT 2.5.4. news.php allows XSS via the id parameter. |
| CVE-2018-16381 | 2018-09-05 | e107 2.1.8 has XSS via the e107_admin/users.php?mode=main&action=list user_loginname parameter. |
| CVE-2018-16548 | 2018-09-05 | An issue was discovered in ZZIPlib through 0.13.69. There is a memory leak triggered in the function __zzip_parse_root_directory in zip.c, which will lead to a denial of service attack. |
| CVE-2018-16549 | 2018-09-05 | HScripts PHP File Browser Script v1.0 allows Directory Traversal via the index.php path parameter. |
| CVE-2018-16550 | 2018-09-05 | TeamViewer 10.x through 13.x allows remote attackers to bypass the brute-force authentication protection mechanism by skipping the "Cancel" step, which makes it easier to determine the correct value of the... |
| CVE-2018-16551 | 2018-09-05 | LavaLite 5.5 has XSS via a /edit URI, as demonstrated by client/job/job/Zy8PWBekrJ/edit. |
| CVE-2018-16552 | 2018-09-05 | MicroPyramid Django-CRM 0.2 allows CSRF for /users/create/, /users/##/edit/, and /accounts/##/delete/ URIs. |
| CVE-2017-1000600 | 2018-09-06 | WordPress version <4.9 contains a CWE-20 Input Validation vulnerability in thumbnail processing that can result in remote code execution. This attack appears to be exploitable via thumbnail upload by an... |
| CVE-2018-14624 | 2018-09-06 | A vulnerability was discovered in 389-ds-base through versions 1.3.7.10, 1.3.8.8 and 1.4.0.16. The lock controlling the error log was not correctly used when re-opening the log file in log__error_emergency(). An... |
| CVE-2018-14632 | 2018-09-06 | An out of bound write can occur when patching an Openshift object using the 'oc patch' functionality in OpenShift Container Platform before 3.7. An attacker can use this flaw to... |
| CVE-2018-16585 | 2018-09-06 | An issue was discovered in Artifex Ghostscript before 9.24. The .setdistillerkeys PostScript command is accepted even though it is not intended for use during document processing (e.g., after the startup... |
| CVE-2018-16459 | 2018-09-06 | An unescaped payload in exceljs <v1.6 allows a possible XSS via cell value when worksheet is displayed in browser. |
| CVE-2018-11263 | 2018-09-06 | In all Android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the Linux kernel, radio_id is received from the FW and is used to access... |
| CVE-2018-1695 | 2018-09-06 | IBM WebSphere Application Server 7.0, 8.0, and 8.5.5 installations using Form Login could allow a remote attacker to conduct spoofing attacks. IBM X-Force ID: 145769. |
| CVE-2018-1000773 | 2018-09-06 | WordPress version 4.9.8 and earlier contains a CWE-20 Input Validation vulnerability in thumbnail processing that can result in remote code execution due to an incomplete fix for CVE-2017-1000600. This attack... |
| CVE-2018-16606 | 2018-09-06 | In ProConf before 6.1, an Insecure Direct Object Reference (IDOR) allows any author to view and grab all submitted papers (Title and Abstract) and their authors' personal information (Name, Email,... |
| CVE-2018-16604 | 2018-09-06 | An issue was discovered in Nibbleblog v4.0.5. With an admin's username and password, an attacker can execute arbitrary PHP code by changing the username because the username is surrounded by... |
| CVE-2018-1000666 | 2018-09-06 | GIG Technology NV JumpScale Portal 7 version before commit 15443122ed2b1cbfd7bdefc048bf106f075becdb contains a CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in method: notifySpaceModification;... |
| CVE-2018-1000667 | 2018-09-06 | NASM nasm-2.13.03 nasm- 2.14rc15 version 2.14rc15 and earlier contains a memory corruption (crashed) of nasm when handling a crafted file due to function assemble_file(inname, depend_ptr) at asm/nasm.c:482. vulnerability in function... |
| CVE-2018-1000658 | 2018-09-06 | LimeSurvey version prior to 3.14.4 contains a file upload vulnerability in upload functionality that can result in an attacker gaining code execution via webshell. This attack appear to be exploitable... |
| CVE-2018-1000659 | 2018-09-06 | LimeSurvey version 3.14.4 and earlier contains a directory traversal in file upload that allows upload of webshell vulnerability in file upload functionality that can result in remote code execution as... |
| CVE-2018-1000660 | 2018-09-06 | TOCK version prior to commit 42f7f36e74088036068d62253e1d8fb26605feed. For example dfde28196cd12071fcf6669f7654be7df482b85d contains a Insecure Permissions vulnerability in Function get_package_name in the file kernel/src/tbfheader.rs, variable "pub package_name: &'static str," in the file process.rs... |
| CVE-2018-1000661 | 2018-09-06 | jsish version 2.4.67 contains a CWE-476: NULL Pointer Dereference vulnerability in Jsi_LogMsg (jsiUtils.c:196) that can result in Crash due to segmentation fault. This attack appear to be exploitable via the... |
| CVE-2018-1000663 | 2018-09-06 | jsish version 2.4.70 2.047 contains a Buffer Overflow vulnerability in function _jsi_evalcode from jsiEval.c that can result in Crash due to segmentation fault. This attack appear to be exploitable via... |