Total
23890 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2018-1999019 | 1 Chamilo | 1 Chamilo Lms | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
Chamilo LMS version 11.x contains an Unserialization vulnerability in the "hash" GET parameter for the api endpoint located at /webservices/api/v2.php that can result in Unauthenticated remote code execution. This attack appear to be exploitable via a simple GET request to the api endpoint. This vulnerability appears to have been fixed in After commit 0de84700648f098c1fbf6b807dee28ec640efe62. | |||||
CVE-2018-18488 | 1 Gxlcms | 1 Gxlcms | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
In \lib\admin\action\dataaction.class.php in Gxlcms v2.0, SQL Injection exists via the ids[] parameter. | |||||
CVE-2018-16659 | 1 Rausoft | 1 Id.prove | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
An issue was discovered in Rausoft ID.prove 2.95. The login page allows SQL injection via Microsoft SQL Server stacked queries in the Username POST parameter. Hypothetically, an attacker can utilize master..xp_cmdshell for the further privilege elevation. | |||||
CVE-2015-9264 | 1 Lansweeper | 1 Lansweeper | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
Lansweeper 4.x through 6.x before 6.0.0.48 allows attackers to execute arbitrary code on the administrator's workstation via a crafted Windows service. | |||||
CVE-2018-20445 | 1 Dlink | 4 Dcm-604, Dcm-604 Firmware, Dcm-704 and 1 more | 2023-12-10 | 5.0 MEDIUM | 9.8 CRITICAL |
D-Link DCM-604 DCM604_C1_ViaCabo_1.04_20130606 and DCM-704 EU_DCM-704_1.10 devices allow remote attackers to discover Wi-Fi credentials via iso.3.6.1.4.1.4413.2.2.2.1.5.4.1.14.1.3.32 and iso.3.6.1.4.1.4413.2.2.2.1.5.4.2.4.1.2.32 SNMP requests. | |||||
CVE-2018-20027 | 1 Lisa-lab | 1 Pylearn2 | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
The yaml_parse.load method in Pylearn2 allows code injection. | |||||
CVE-2019-0002 | 1 Juniper | 3 Ex2300, Ex3400, Junos | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
On EX2300 and EX3400 series, stateless firewall filter configuration that uses the action 'policer' in combination with other actions might not take effect. When this issue occurs, the output of the command: show pfe filter hw summary will not show the entry for: RACL group Affected releases are Junos OS on EX2300 and EX3400 series: 15.1X53 versions prior to 15.1X53-D590; 18.1 versions prior to 18.1R3; 18.2 versions prior to 18.2R2. This issue affect both IPv4 and IPv6 firewall filter. | |||||
CVE-2018-8540 | 1 Microsoft | 9 .net Framework, Windows 10, Windows 7 and 6 more | 2023-12-10 | 10.0 HIGH | 9.8 CRITICAL |
A remote code execution vulnerability exists when the Microsoft .NET Framework fails to validate input properly, aka ".NET Framework Remote Code Injection Vulnerability." This affects Microsoft .NET Framework 4.6, Microsoft .NET Framework 3.5, Microsoft .NET Framework 4.7/4.7.1/4.7.2, Microsoft .NET Framework 4.6/4.6.1/4.6.2/4.7/4.7.1/4.7.1/4.7.2, Microsoft .NET Framework 3.5.1, Microsoft .NET Framework 4.6.2/4.7/4.7.1/4.7.2, Microsoft .NET Framework 4.5.2, Microsoft .NET Framework 4.7.1/4.7.2, Microsoft .NET Framework 4.7.2, Microsoft .NET Framework 4.6.2. | |||||
CVE-2018-14360 | 2 Debian, Neomutt | 2 Debian Linux, Neomutt | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
An issue was discovered in NeoMutt before 2018-07-16. nntp_add_group in newsrc.c has a stack-based buffer overflow because of incorrect sscanf usage. | |||||
CVE-2018-17153 | 1 Western Digital | 21 My Cloud Dl2100, My Cloud Dl4100, My Cloud Dl4100 Firmware and 18 more | 2023-12-10 | 10.0 HIGH | 9.8 CRITICAL |
It was discovered that the Western Digital My Cloud device before 2.30.196 is affected by an authentication bypass vulnerability. An unauthenticated attacker can exploit this vulnerability to authenticate as an admin user without needing to provide a password, thereby gaining full control of the device. (Whenever an admin logs into My Cloud, a server-side session is created that is bound to the user's IP address. After the session is created, it is possible to call authenticated CGI modules by sending the cookie username=admin in the HTTP request. The invoked CGI will check if a valid session is present and bound to the user's IP address.) It was found that it is possible for an unauthenticated attacker to create a valid session without a login. The network_mgr.cgi CGI module contains a command called "cgi_get_ipv6" that starts an admin session -- tied to the IP address of the user making the request -- if the additional parameter "flag" with the value "1" is provided. Subsequent invocation of commands that would normally require admin privileges now succeed if an attacker sets the username=admin cookie. | |||||
CVE-2018-12390 | 4 Canonical, Debian, Mozilla and 1 more | 11 Ubuntu Linux, Debian Linux, Firefox and 8 more | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
Mozilla developers and community members reported memory safety bugs present in Firefox 62 and Firefox ESR 60.2. Some of these bugs showed evidence of memory corruption and we presume that with enough effort that some of these could be exploited to run arbitrary code. This vulnerability affects Firefox < 63, Firefox ESR < 60.3, and Thunderbird < 60.3. | |||||
CVE-2018-18200 | 1 Redaxo | 1 Redaxo | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
There is a SQL injection in Benutzerverwaltung in REDAXO before 5.6.4. | |||||
CVE-2018-5064 | 3 Adobe, Apple, Microsoft | 4 Acrobat Dc, Acrobat Reader Dc, Mac Os X and 1 more | 2023-12-10 | 10.0 HIGH | 9.8 CRITICAL |
Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have an Out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user. | |||||
CVE-2018-16283 | 1 Wechat Brodcast Project | 1 Wechat Brodcast | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
The Wechat Broadcast plugin 1.2.0 and earlier for WordPress allows Directory Traversal via the Image.php url parameter. | |||||
CVE-2018-18258 | 1 Bagesoft | 1 Bagecms | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
An issue was discovered in BageCMS 3.1.3. The attacker can execute arbitrary PHP code on the web server and can read any file on the web server via an index.php?r=admini/template/updateTpl&filename= URI. | |||||
CVE-2018-18427 | 1 S-cms | 1 S-cms | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
s-cms 3.0 allows SQL Injection via the member/post.php 0_id parameter or the POST data to member/member_login.php. | |||||
CVE-2018-12787 | 3 Adobe, Apple, Microsoft | 4 Acrobat Dc, Acrobat Reader Dc, Mac Os X and 1 more | 2023-12-10 | 10.0 HIGH | 9.8 CRITICAL |
Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have an Out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user. | |||||
CVE-2019-7249 | 1 Keybase | 1 Keybase | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
In Keybase before 2.12.6 on macOS, the move RPC to the Helper was susceptible to time-to-check-time-to-use bugs and would also allow one user of the system (who didn't have root access) to tamper with another's installs. | |||||
CVE-2019-5893 | 1 Nelson-it | 1 Open Source Erp | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
Nelson Open Source ERP v6.3.1 allows SQL Injection via the db/utils/query/data.xml query parameter. | |||||
CVE-2018-17568 | 1 Viabtc | 1 Viabtc Exchange Server | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
utils/ut_rpc.c in ViaBTC Exchange Server before 2018-08-21 has an integer overflow leading to memory corruption. |