Vulnerabilities (CVE)

Total 23421 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2018-11241 1 Softcase 2 T-router, T-router Firmware 2023-12-10 10.0 HIGH 9.8 CRITICAL
An issue was discovered on SoftCase T-Router build 20112017 devices. A remote attacker can read and write to arbitrary files on the system as root, as demonstrated by code execution after writing to a crontab file. This is fixed in production builds as of Spring 2018.
CVE-2018-3874 1 Samsung 2 Sth-eth-250, Sth-eth-250 Firmware 2023-12-10 9.0 HIGH 9.9 CRITICAL
An exploitable buffer overflow vulnerability exists in the credentials handler of video-core's HTTP server of Samsung SmartThings Hub STH-ETH-250-Firmware version 0.20.17. The strncpy overflows the destination buffer, which has a size of 32 bytes. An attacker can send an arbitrarily long "accessKey" value in order to exploit this vulnerability.
CVE-2017-6925 1 Drupal 1 Drupal 2023-12-10 7.5 HIGH 9.8 CRITICAL
In versions of Drupal 8 core prior to 8.3.7; There is a vulnerability in the entity access system that could allow unwanted access to view, create, update, or delete entities. This only affects entities that do not use or do not have UUIDs, and entities that have different access restrictions on different revisions of the same entity.
CVE-2019-6798 1 Phpmyadmin 1 Phpmyadmin 2023-12-10 7.5 HIGH 9.8 CRITICAL
An issue was discovered in phpMyAdmin before 4.8.5. A vulnerability was reported where a specially crafted username can be used to trigger a SQL injection attack through the designer feature.
CVE-2017-2637 1 Redhat 1 Openstack 2023-12-10 10.0 HIGH 10.0 CRITICAL
A design flaw issue was found in the Red Hat OpenStack Platform director use of TripleO to enable libvirtd based live-migration. Libvirtd is deployed by default (by director) listening on 0.0.0.0 (all interfaces) with no-authentication or encryption. Anyone able to make a TCP connection to any compute host IP address, including 127.0.0.1, other loopback interface addresses, or in some cases possibly addresses that have been exposed beyond the management interface, could use this to open a virsh session to the libvirtd instance and gain control of virtual machine instances or possibly take over the host.
CVE-2018-20596 1 Jspxcms 1 Jspxcms 2023-12-10 7.5 HIGH 9.8 CRITICAL
Jspxcms v9.0.0 allows SSRF.
CVE-2019-9047 1 Fizzday 1 Gorose 2023-12-10 7.5 HIGH 9.8 CRITICAL
GoRose v1.0.4 has SQL Injection when the order_by or group_by parameter can be controlled.
CVE-2018-16840 2 Canonical, Haxx 2 Ubuntu Linux, Curl 2023-12-10 7.5 HIGH 9.8 CRITICAL
A heap use-after-free flaw was found in curl versions from 7.59.0 through 7.61.1 in the code related to closing an easy handle. When closing and cleaning up an 'easy' handle in the `Curl_close()` function, the library code first frees a struct (without nulling the pointer) and might then subsequently erroneously write to a struct field within that already freed struct.
CVE-2019-9028 1 Matio Project 1 Matio 2023-12-10 6.4 MEDIUM 9.1 CRITICAL
An issue was discovered in libmatio.a in matio (aka MAT File I/O Library) 1.5.13. There is a stack-based buffer over-read in the function InflateDimensions() in inflate.c when called from ReadNextCell in mat5.c.
CVE-2019-9037 1 Matio Project 1 Matio 2023-12-10 6.4 MEDIUM 9.1 CRITICAL
An issue was discovered in libmatio.a in matio (aka MAT File I/O Library) 1.5.13. There is a buffer over-read in the function Mat_VarPrint() in mat.c.
CVE-2018-12798 3 Adobe, Apple, Microsoft 4 Acrobat Dc, Acrobat Reader Dc, Mac Os X and 1 more 2023-12-10 10.0 HIGH 9.8 CRITICAL
Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have a Heap Overflow vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user.
CVE-2018-12760 3 Adobe, Apple, Microsoft 4 Acrobat Dc, Acrobat Reader Dc, Mac Os X and 1 more 2023-12-10 10.0 HIGH 9.8 CRITICAL
Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have an Out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user.
CVE-2018-20441 1 Technicolor 2 Tc7200.th2v2, Tc7200.th2v2 Firmware 2023-12-10 5.0 MEDIUM 9.8 CRITICAL
Technicolor TC7200.TH2v2 SC05.00.22 devices allow remote attackers to discover Wi-Fi credentials via iso.3.6.1.4.1.2863.205.10.1.30.4.1.14.1.3.32 and iso.3.6.1.4.1.2863.205.10.1.30.4.2.4.1.2.32 SNMP requests.
CVE-2018-17298 1 Enalean 1 Tuleap 2023-12-10 5.0 MEDIUM 9.8 CRITICAL
An issue was discovered in Enalean Tuleap before 10.5. Reset password links are not invalidated after a user changes its password.
CVE-2017-7470 1 Redhat 2 Satellite, Spacewalk 2023-12-10 7.5 HIGH 9.8 CRITICAL
It was found that spacewalk-channel can be used by a non-admin user or disabled users to perform administrative tasks due to an incorrect authorization check in backend/server/rhnChannel.py.
CVE-2017-9821 1 Npci 1 Bharat Interface For Money \(bhim\) 2023-12-10 7.5 HIGH 9.8 CRITICAL
The National Payments Corporation of India BHIM application 1.3 for Android relies on three hardcoded strings (AK-NPCIMB, IM-NPCIBM, and VK-NPCIBM) for SMS validation, which makes it easier for attackers to bypass authentication.
CVE-2018-13792 1 Abbyy 1 Flexicapture 2023-12-10 7.5 HIGH 9.8 CRITICAL
Multiple SQL injection vulnerabilities in the monitoring feature in the HTTP API in ABBYY FlexiCapture before 12 Release 2 allow an attacker to execute arbitrary SQL commands via the mask, sortOrder, filter, or Order parameter.
CVE-2018-17107 1 Tgstation13 1 Tgstation-server 2023-12-10 7.5 HIGH 9.8 CRITICAL
In Tgstation tgstation-server 3.2.4.0 through 3.2.1.0 (fixed in 3.2.5.0), active logins would be cached, allowing subsequent logins to succeed with any username or password.
CVE-2018-16850 3 Canonical, Postgresql, Redhat 3 Ubuntu Linux, Postgresql, Enterprise Linux 2023-12-10 7.5 HIGH 9.8 CRITICAL
postgresql before versions 11.1, 10.6 is vulnerable to a to SQL injection in pg_upgrade and pg_dump via CREATE TRIGGER ... REFERENCING. Using a purpose-crafted trigger definition, an attacker can cause arbitrary SQL statements to run, with superuser privileges.
CVE-2018-1000628 1 Battelle 1 V2i Hub 2023-12-10 7.5 HIGH 9.8 CRITICAL
Battelle V2I Hub 2.5.1 could allow a remote attacker to bypass security restrictions, caused by the direct checking of the API key against a user-supplied value in PHP's GET global variable array using PHP's strcmp() function. By adding "[]" to the end of "key" in the URL when accessing API functions, an attacker could exploit this vulnerability to execute API functions.