Lista CVE - 2018 / Settembre
Visualizzazione 1101 - 1169 di 1169 CVE per Settembre 2018 (Pagina 12 di 12)
| ID CVE | Data | Titolo |
|---|---|---|
| CVE-2018-14957 | 2018-09-28 | CMS ISWEB 3.5.3 is vulnerable to directory traversal and local file download, as demonstrated by moduli/downloadFile.php?file=oggetto_documenti/../.././inc/config.php (one can take the control of the application because credentials are present in that... |
| CVE-2018-16277 | 2018-09-28 | The Image Import function in XWiki through 10.7 has XSS. |
| CVE-2018-16586 | 2018-09-28 | In Open Ticket Request System (OTRS) 4.0.x before 4.0.32, 5.0.x before 5.0.30, and 6.0.x before 6.0.11, an attacker could send a malicious email to an OTRS system. If a logged... |
| CVE-2018-16587 | 2018-09-28 | In Open Ticket Request System (OTRS) 4.0.x before 4.0.32, 5.0.x before 5.0.30, and 6.0.x before 6.0.11, an attacker could send a malicious email to an OTRS system. If a user... |
| CVE-2018-16659 | 2018-09-28 | An issue was discovered in Rausoft ID.prove 2.95. The login page allows SQL injection via Microsoft SQL Server stacked queries in the Username POST parameter. Hypothetically, an attacker can utilize... |
| CVE-2018-17055 | 2018-09-28 | An arbitrary file upload vulnerability in Progress Sitefinity CMS versions 4.0 through 11.0 related to image uploads. |
| CVE-2018-17056 | 2018-09-28 | Cross-site scripting (XSS) vulnerability in ServiceStack in Progress Sitefinity CMS versions 10.2 through 11.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. |
| CVE-2018-17375 | 2018-09-28 | SQL Injection exists in the Music Collection 3.0.3 component for Joomla! via the id parameter. |
| CVE-2018-17376 | 2018-09-28 | SQL Injection exists in the Reverse Auction Factory 4.3.8 component for Joomla! via the filter_order_Dir, cat, or filter_letter parameter. |
| CVE-2018-17377 | 2018-09-28 | SQL Injection exists in the Questions 1.4.3 component for Joomla! via the term, userid, users, or groups parameter. |
| CVE-2018-17378 | 2018-09-28 | SQL Injection exists in the Penny Auction Factory 2.0.4 component for Joomla! via the filter_order_Dir or filter_order parameter. |
| CVE-2018-17379 | 2018-09-28 | SQL Injection exists in the Raffle Factory 3.5.2 component for Joomla! via the filter_order_Dir or filter_order parameter. |
| CVE-2018-17380 | 2018-09-28 | SQL Injection exists in the Article Factory Manager 4.3.9 component for Joomla! via the start_date, m_start_date, or m_end_date parameter. |
| CVE-2018-17382 | 2018-09-28 | SQL Injection exists in the Jobs Factory 2.0.4 component for Joomla! via the filter_letter parameter. |
| CVE-2018-17383 | 2018-09-28 | SQL Injection exists in the Collection Factory 4.1.9 component for Joomla! via the filter_order or filter_order_Dir parameter. |
| CVE-2018-17384 | 2018-09-28 | SQL Injection exists in the Swap Factory 2.2.1 component for Joomla! via the filter_order_Dir or filter_order parameter. |
| CVE-2018-17385 | 2018-09-28 | SQL Injection exists in the Social Factory 3.8.3 component for Joomla! via the radius[lat], radius[lng], or radius[radius] parameter. |
| CVE-2018-17391 | 2018-09-28 | SQL Injection exists in authors_post.php in Super Cms Blog Pro 1.0 via the author parameter. |
| CVE-2018-17394 | 2018-09-28 | SQL Injection exists in the Timetable Schedule 3.6.8 component for Joomla! via the eid parameter. |
| CVE-2018-17397 | 2018-09-28 | SQL Injection exists in the AlphaIndex Dictionaries 1.0 component for Joomla! via the letter parameter. |
| CVE-2018-17567 | 2018-09-28 | Jekyll through 3.6.2, 3.7.x through 3.7.3, and 3.8.x through 3.8.3 allows attackers to access arbitrary files by specifying a symlink in the "include" key in the "_config.yml" file. |
| CVE-2018-17581 | 2018-09-28 | CiffDirectory::readDirectory() at crwimage_int.cpp in Exiv2 0.26 has excessive stack consumption due to a recursive function, leading to Denial of service. |
| CVE-2018-17571 | 2018-09-28 | Vanilla before 2.6.1 allows XSS via the email field of a profile. |
| CVE-2018-17573 | 2018-09-28 | The Wp-Insert plugin through 2.4.2 for WordPress allows upload of arbitrary PHP code because of the exposure and configuration of FCKeditor under fckeditor/editor/filemanager/browser/default/browser.html, fckeditor/editor/filemanager/connectors/test.html, and fckeditor/editor/filemanager/connectors/uploadtest.html. |
| CVE-2018-17574 | 2018-09-28 | An issue was discovered in YMFE YApi 1.3.23. There is stored XSS in the name field of a project. |
| CVE-2018-17575 | 2018-09-28 | SWA SWA.JACAD 3.1.37 Build 024 has SQL Injection via the /academico/aluno/esqueci-minha-senha/ studentId parameter. |
| CVE-2018-17580 | 2018-09-28 | A heap-based buffer over-read exists in the function fast_edit_packet() in the file send_packets.c of Tcpreplay v4.3.0 beta1. This can lead to Denial of Service (DoS) and potentially Information Exposure when... |
| CVE-2018-17582 | 2018-09-28 | Tcpreplay v4.3.0 beta1 contains a heap-based buffer over-read. The get_next_packet() function in the send_packets.c file uses the memcpy() function unsafely to copy sequences from the source buffer pktdata to the... |
| CVE-2018-17605 | 2018-09-28 | An issue was discovered in the Asset Pipeline plugin before 3.0.4 for Grails. An attacker can perform directory traversal via a crafted request when a servlet-based application is executed in... |
| CVE-2018-17607 | 2018-09-28 | Foxit PhantomPDF and Reader before 9.3 allow remote attackers to execute arbitrary code or cause a denial of service (use-after-free) because properties of Annotation objects are mishandled. This relates to... |
| CVE-2018-17608 | 2018-09-28 | Foxit PhantomPDF and Reader before 9.3 allow remote attackers to execute arbitrary code or cause a denial of service (use-after-free) because properties of Annotation objects are mishandled. This relates to... |
| CVE-2018-17609 | 2018-09-28 | Foxit PhantomPDF and Reader before 9.3 allow remote attackers to execute arbitrary code or cause a denial of service (use-after-free) because properties of Annotation objects are mishandled. This relates to... |
| CVE-2018-17610 | 2018-09-28 | Foxit PhantomPDF and Reader before 9.3 allow remote attackers to execute arbitrary code or cause a denial of service (use-after-free) because properties of Annotation objects are mishandled. This relates to... |
| CVE-2018-17611 | 2018-09-28 | Foxit PhantomPDF and Reader before 9.3 allow remote attackers to execute arbitrary code or cause a denial of service (use-after-free) because properties of Annotation objects are mishandled. This relates to... |
| CVE-2018-17613 | 2018-09-28 | Telegram Desktop (aka tdesktop) 1.3.16 alpha, when "Use proxy" is enabled, sends credentials and application data in cleartext over the SOCKS5 protocol. |
| CVE-2018-14648 | 2018-09-28 | A flaw was found in 389 Directory Server. A specially crafted search query could lead to excessive CPU consumption in the do_search() function. An unauthenticated attacker could use this flaw... |
| CVE-2018-1702 | 2018-09-28 | IBM Platform Symphony 7.1 Fix Pack 1 and 7.1.1 and IBM Spectrum Symphony 7.1.2 and 7.2.0.2 are vulnerable to a XML External Entity Injection (XXE) attack when processing XML data.... |
| CVE-2018-1704 | 2018-09-28 | IBM Platform Symphony 7.1 Fix Pack 1 and 7.1.1 and IBM Spectrum Symphony 7.1.2 and 7.2.0.2 could allow a remote attacker to conduct phishing attacks, using an open redirect attack.... |
| CVE-2018-17154 | 2018-09-28 | In FreeBSD before 11.2-STABLE(r338987), 11.2-RELEASE-p4, and 11.1-RELEASE-p15, due to insufficient memory checking in the freebsd4_getfsstat system call, a NULL pointer dereference can occur. Unprivileged authenticated local users may be able... |
| CVE-2018-17155 | 2018-09-28 | In FreeBSD before 11.2-STABLE(r338983), 11.2-RELEASE-p4, 11.1-RELEASE-p15, 10.4-STABLE(r338984), and 10.4-RELEASE-p13, due to insufficient initialization of memory copied to userland in the getcontext and swapcontext system calls, small amounts of kernel memory... |
| CVE-2018-6925 | 2018-09-28 | In FreeBSD before 11.2-STABLE(r338986), 11.2-RELEASE-p4, 11.1-RELEASE-p15, 10.4-STABLE(r338985), and 10.4-RELEASE-p13, due to improper maintenance of IPv6 protocol control block flags through various failure paths, an unprivileged authenticated local user may be... |
| CVE-2018-15365 | 2018-09-28 | A Reflected Cross-Site Scripting (XSS) vulnerability in Trend Micro Deep Discovery Inspector 3.85 and below could allow an attacker to bypass CSRF protection and conduct an attack on vulnerable installations.... |
| CVE-2018-5393 | 2018-09-28 | TP-Link EAP Controller versions 2.5.3 and earlier lack RMI authentication |
| CVE-2018-11073 | 2018-09-28 | DSA-2018-152: RSA® Authentication Manager Multiple Vulnerabilities |
| CVE-2018-11074 | 2018-09-28 | DSA-2018-152: RSA® Authentication Manager Multiple Vulnerabilities |
| CVE-2018-11075 | 2018-09-28 | DSA-2018-152: RSA® Authentication Manager Multiple Vulnerabilities |
| CVE-2018-1246 | 2018-09-28 | Dell EMC Unity and UnityVSA contains reflected cross-site scripting vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability by tricking a victim application user to supply malicious HTML or... |
| CVE-2018-1250 | 2018-09-28 | Dell EMC Unity and UnityVSA versions prior to 4.3.1.1525703027 contains an Authorization Bypass vulnerability. A remote authenticated user could potentially exploit this vulnerability to read files in NAS server by... |
| CVE-2018-1251 | 2018-09-28 | Dell EMC Unity and UnityVSA versions prior to 4.3.1.1525703027 contains a URL Redirection vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability to redirect Unity users to arbitrary web... |
| CVE-2018-15764 | 2018-09-28 | Dell EMC ESRS Policy Manager versions 6.8 and prior contain a remote code execution vulnerability due to improper configurations of triggered JMX services. A remote unauthenticated attacker may potentially exploit... |
| CVE-2018-9074 | 2018-09-28 | Iomega and LenovoEMC NAS Web UI Vulnerabilities |
| CVE-2018-9075 | 2018-09-28 | Iomega and LenovoEMC NAS Web UI Vulnerabilities |
| CVE-2018-9076 | 2018-09-28 | Iomega and LenovoEMC NAS Web UI Vulnerabilities |
| CVE-2018-9077 | 2018-09-28 | Iomega and LenovoEMC NAS Web UI Vulnerabilities |
| CVE-2018-9078 | 2018-09-28 | Iomega and LenovoEMC NAS Web UI Vulnerabilities |
| CVE-2018-9079 | 2018-09-28 | Iomega and LenovoEMC NAS Web UI Vulnerabilities |
| CVE-2018-9080 | 2018-09-28 | Iomega and LenovoEMC NAS Web UI Vulnerabilities |
| CVE-2018-9081 | 2018-09-28 | Iomega and LenovoEMC NAS Web UI Vulnerabilities |
| CVE-2018-9082 | 2018-09-28 | Iomega and LenovoEMC NAS Web UI Vulnerabilities |
| CVE-2018-17776 | 2018-09-28 | PCProtect Anti-Virus v4.8.35 has "Everyone: (F)" permission for %PROGRAMFILES(X86)%\PCProtect, which allows local users to gain privileges by replacing an executable file with a Trojan horse. |
| CVE-2018-17781 | 2018-09-29 | Foxit PhantomPDF and Reader before 9.3 allow remote attackers to trigger Uninitialized Object Information Disclosure because creation of ArrayBuffer and DataView objects is mishandled. |
| CVE-2018-17780 | 2018-09-29 | Telegram Desktop (aka tdesktop) 1.3.14, and Telegram 3.3.0.0 WP8.1 on Windows, leaks end-user public and private IP addresses during a call because of an unsafe default behavior in which P2P... |
| CVE-2018-17785 | 2018-09-30 | In blynk-server in Blynk before 0.39.7, Directory Traversal exists via a ../ in a URI that has /static or /static/js at the beginning, as demonstrated by reading the /etc/passwd file. |
| CVE-2018-17794 | 2018-09-30 | An issue was discovered in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.31. There is a NULL pointer dereference in work_stuff_copy_to_from when called from iterate_demangle_function. |
| CVE-2018-17795 | 2018-09-30 | The function t2p_write_pdf in tiff2pdf.c in LibTIFF 4.0.9 and earlier allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other... |
| CVE-2018-17796 | 2018-09-30 | An issue was discovered in MRCMS (aka mushroom) through 3.1.2. The WebParam.java file directly accepts the FIELD_T parameter in a request and uses it as a hash of SQL statements... |
| CVE-2018-17797 | 2018-09-30 | An issue was discovered in zzcms 8.3. user/zssave.php allows remote attackers to delete arbitrary files via directory traversal sequences in the oldimg parameter in an action=modify request. This can be... |
| CVE-2018-17798 | 2018-09-30 | An issue was discovered in zzcms 8.3. user/ztconfig.php allows remote attackers to delete arbitrary files via an absolute pathname in the oldimg parameter in an action=modify request. This can be... |
| CVE-2018-17216 | 2018-10-01 | An issue was discovered in PTC ThingWorx Platform 6.5 through 8.2. There is password hash exposure to privileged users. |
| CVE-2018-17217 | 2018-10-01 | An issue was discovered in PTC ThingWorx Platform 6.5 through 8.2. There is a hardcoded encryption key. |
| CVE-2018-17218 | 2018-10-01 | An issue was discovered in PTC ThingWorx Platform 6.5 through 8.2. There is reflected XSS in the SQUEAL search function. |
| CVE-2015-9267 | 2018-10-01 | Nullsoft Scriptable Install System (NSIS) before 2.49 uses temporary folder locations that allow unprivileged local users to overwrite files. This allows a local attack in which either a plugin or... |
| CVE-2015-9268 | 2018-10-01 | Nullsoft Scriptable Install System (NSIS) before 2.49 has unsafe implicit linking against Version.dll. In other words, there is no protection mechanism in which a wrapper function resolves the dependency at... |
| CVE-2018-17427 | 2018-10-01 | SIMDComp before 0.1.0 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) because it can read (and then discard) extra bytes. |
| CVE-2018-17825 | 2018-10-01 | An issue was discovered in AdPlug 2.3.1. There are several double-free vulnerabilities in the CEmuopl class in emuopl.cpp because of a destructor's two OPLDestroy calls, each of which frees TL_TABLE,... |
| CVE-2018-17826 | 2018-10-01 | HisiPHP 1.0.8 allows CSRF via admin.php/admin/user/adduser.html to add an administrator account. The attacker can then use that account to execute arbitrary PHP code by leveraging app/common/model/AdminAnnex.php to add .php to... |
| CVE-2018-17827 | 2018-10-01 | HisiPHP 1.0.8 allows remote attackers to execute arbitrary PHP code by editing a plugin's name to contain that code. This name is then injected into app/admin/model/AdminPlugins.php. |
| CVE-2018-17828 | 2018-10-01 | Directory traversal vulnerability in ZZIPlib 0.13.69 allows attackers to overwrite arbitrary files via a .. (dot dot) in a zip file, because of the function unzzip_cat in the bins/unzzipcat-mem.c file. |
| CVE-2018-17830 | 2018-10-01 | The $args variable in addons/mediapool/pages/index.php in REDAXO 5.6.2 is not effectively filtered, because names are not restricted (only values are restricted). The attacker can insert XSS payloads via an index.php?page=mediapool/media&opener_input_field=&args[... |
| CVE-2018-17831 | 2018-10-01 | In REDAXO before 5.6.3, a critical SQL injection vulnerability has been discovered in the rex_list class because of the prepareQuery function in core/lib/list.php, via the index.php?page=users/users sort parameter. Endangered was... |
| CVE-2018-17832 | 2018-10-01 | XSS exists in WUZHI CMS 2.0 via the index.php v or f parameter. |
| CVE-2018-17835 | 2018-10-01 | An issue was discovered in GetSimple CMS 3.3.15. An administrator can insert stored XSS via the admin/settings.php Custom Permalink Structure parameter, which injects the XSS payload into any page created... |
| CVE-2018-17836 | 2018-10-01 | An issue was discovered in JTBC(PHP) 3.0.1.6. It allows remote attackers to execute arbitrary PHP code by using a /console/file/manage.php?type=action&action=addfile&path=..%2F substring to upload, in conjunction with a multipart/form-data PHP payload. |
| CVE-2018-17837 | 2018-10-01 | An issue was discovered in JTBC(PHP) 3.0.1.6. Arbitrary file deletion is possible via a /console/file/manage.php?type=action&action=delete&path=c%3A%2F substring. |
| CVE-2018-17838 | 2018-10-01 | An issue was discovered in JTBC(PHP) 3.0.1.6. Arbitrary file read operations are possible via a /console/#/console/file/manage.php?type=list&path=c:/ substring. |
| CVE-2018-17846 | 2018-10-01 | The html package (aka x/net/html) through 2018-09-25 in Go mishandles <table><math><select><mi><select></table>, leading to an infinite loop during an html.Parse call because inSelectIM and inSelectInTableIM do not comply with a specification. |
| CVE-2018-17847 | 2018-10-01 | The html package (aka x/net/html) through 2018-09-25 in Go mishandles <svg><template><desc><t><svg></template>, leading to a "panic: runtime error" (index out of range) in (*nodeStack).pop in node.go, called from (*parser).clearActiveFormattingElements, during an... |
| CVE-2018-17848 | 2018-10-01 | The html package (aka x/net/html) through 2018-09-25 in Go mishandles <math><template><mn><b></template>, leading to a "panic: runtime error" (index out of range) in (*insertionModeStack).pop in node.go, called from inHeadIM, during an... |
| CVE-2018-17852 | 2018-10-01 | A SQL injection was discovered in WUZHI CMS 4.1.0 in coreframe/app/coupon/admin/card.php via the groupname parameter to the /index.php?m=coupon&f=card&v=detail_listing URI. |
| CVE-2018-17854 | 2018-10-01 | SIMDComp before 0.1.1 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) because it can read (and then discard) extra bytes. NOTE: this issue... |
| CVE-2018-14788 | 2018-10-01 | Fuji Electric Alpha5 Smart Loader Versions 3.7 and prior. A buffer overflow information disclosure vulnerability occurs when parsing certain file types. |
| CVE-2018-14790 | 2018-10-01 | Fuji Electric FRENIC LOADER v3.3 v7.3.4.1a of FRENIC-Mini (C1), FRENIC-Mini (C2), FRENIC-Eco, FRENIC-Multi, FRENIC-MEGA, FRENIC-Ace. A buffer over-read vulnerability may allow remote code execution on the device. |
| CVE-2018-14794 | 2018-10-01 | Fuji Electric Alpha5 Smart Loader Versions 3.7 and prior. The device does not perform a check on the length/size of a project file before copying the entire contents of the... |
| CVE-2018-14798 | 2018-10-01 | Fuji Electric FRENIC LOADER v3.3 v7.3.4.1a of FRENIC-Mini (C1), FRENIC-Mini (C2), FRENIC-Eco, FRENIC-Multi, FRENIC-MEGA, FRENIC-Ace. The program does not properly parse FNC files that may allow for information disclosure. |
| CVE-2018-14802 | 2018-10-01 | Fuji Electric FRENIC LOADER v3.3 v7.3.4.1a of FRENIC-Mini (C1), FRENIC-Mini (C2), FRENIC-Eco, FRENIC-Multi, FRENIC-MEGA, FRENIC-Ace. The program does not properly check user-supplied comments which may allow for arbitrary remote code... |
| CVE-2018-1420 | 2018-10-01 | IBM WebSphere Portal 7.0, 8.0, 8.5, and 9.0 resets access control settings to the out of the box configuration during Combined Cumulative Fix (CF) installation. This can lead to security... |
| CVE-2018-1672 | 2018-10-01 | IBM WebSphere Portal 7.0, 8.0, 8.5, and 9.0 may fail to set the correct user context in certain impersonation scenarios, which can allow a user to act with the identity... |
| CVE-2018-10605 | 2018-10-01 | Martem TELEM GW6/GWM versions prior to 2.0.87-4018403-k4 may allow unprivileged users to modify/upload a new system configuration or take the full control over the RTU using default credentials to connect... |
| CVE-2018-14804 | 2018-10-01 | Emerson AMS Device Manager v12.0 to v13.5. A specially crafted script may be run that allows arbitrary remote code execution. |
| CVE-2018-14808 | 2018-10-01 | Emerson AMS Device Manager v12.0 to v13.5. Non-administrative users are able to change executable and library files on the affected products. |