Total
24574 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2018-14708 | 1 Drobo | 2 5n2, 5n2 Firmware | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
An insecure transport protocol used by Drobo Dashboard API on Drobo 5N2 NAS version 4.0.5-13.28.96115 allows attackers to intercept network traffic. | |||||
CVE-2018-18399 | 1 Jco | 1 Karma | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
SQL injection vulnerability in the "ContentPlaceHolder1_uxTitle" component in ArchiveNews.aspx in jco.ir KARMA 6.0.0 allows a remote attacker to execute arbitrary SQL commands via the "id" parameter. | |||||
CVE-2019-9227 | 1 Baigo | 1 Baigo Cms | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
An issue was discovered in baigo CMS 2.1.1. There is a vulnerability that allows remote attackers to execute arbitrary code. A BG_SITE_NAME parameter with malicious code can be written into the opt_base.inc.php file. | |||||
CVE-2018-17963 | 4 Canonical, Debian, Qemu and 1 more | 6 Ubuntu Linux, Debian Linux, Qemu and 3 more | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
qemu_deliver_packet_iov in net/net.c in Qemu accepts packet sizes greater than INT_MAX, which allows attackers to cause a denial of service or possibly have unspecified other impact. | |||||
CVE-2018-14086 | 1 Mytoken Project | 1 Mytoken | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
An issue was discovered in a smart contract implementation for SingaporeCoinOrigin (SCO), an Ethereum token. The contract has an integer overflow. If the owner sets the value of sellPrice to a large number in setPrices() then the "amount * sellPrice" will cause an integer overflow in sell(). | |||||
CVE-2017-15101 | 2 Liblouis, Redhat | 6 Liblouis, Enterprise Linux Desktop, Enterprise Linux Server and 3 more | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
A missing patch for a stack-based buffer overflow in findTable() was found in Red Hat version of liblouis before 2.5.4. An attacker could cause a denial of service condition or potentially even arbitrary code execution. | |||||
CVE-2018-12755 | 3 Adobe, Apple, Microsoft | 4 Acrobat Dc, Acrobat Reader Dc, Mac Os X and 1 more | 2023-12-10 | 10.0 HIGH | 9.8 CRITICAL |
Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have an Out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user. | |||||
CVE-2018-18728 | 1 Tenda | 6 Ac15, Ac15 Firmware, Ac18 and 3 more | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
An issue was discovered on Tenda AC9 V15.03.05.19(6318)_CN, AC15 V15.03.05.19_CN, and AC18 V15.03.05.19(6318)_CN devices. They allow remote code execution via shell metacharacters in the usbName field to the __fastcall function with a POST request. | |||||
CVE-2018-18793 | 1 School Event Management System Project | 1 School Event Management System | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
School Event Management System 1.0 allows Arbitrary File Upload via event/controller.php?action=photos. | |||||
CVE-2018-10197 | 1 Elo | 1 Access Manager | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
There is a time-based blind SQL injection vulnerability in the Access Manager component before 9.18.040 and 10.x before 10.18.040 in ELO ELOenterprise 9 and 10 and ELOprofessional 9 and 10 that makes it possible to read all database content. The vulnerability exists in the ticket HTTP GET parameter. For example, one can succeed in reading the password hash of the administrator user in the "userdata" table from the "eloam" database. | |||||
CVE-2018-18555 | 1 Vyos | 1 Vyos | 2023-12-10 | 9.0 HIGH | 9.9 CRITICAL |
A sandbox escape issue was discovered in VyOS 1.1.8. It provides a restricted management shell for operator users to administer the device. By issuing various shell special characters with certain commands, an authenticated operator user can break out of the management shell and gain access to the underlying Linux shell. The user can then run arbitrary operating system commands with the privileges afforded by their account. | |||||
CVE-2018-20401 | 1 Zoomtel | 2 5352, 5352 Firmware | 2023-12-10 | 5.0 MEDIUM | 9.8 CRITICAL |
Zoom 5352 v5.5.8.6Y devices allow remote attackers to discover credentials via iso.3.6.1.4.1.4491.2.4.1.1.6.1.1.0 and iso.3.6.1.4.1.4491.2.4.1.1.6.1.2.0 SNMP requests. | |||||
CVE-2018-20299 | 1 Bosch | 4 360-indoor Camera, 360-indoor Camera Firmware, Eyes Outdoor Camera and 1 more | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
An issue was discovered in several Bosch Smart Home cameras (360 degree indoor camera and Eyes outdoor camera) with firmware before 6.52.4. A malicious client could potentially succeed in the unauthorized execution of code on the device via the network interface, because there is a buffer overflow in the RCP+ parser of the web server. | |||||
CVE-2018-19290 | 1 Budabot | 1 Budabot | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
In modules/HELPBOT_MODULE in Budabot 0.6 through 4.0, lax syntax validation allows remote attackers to perform a command injection attack against the PHP daemon with a crafted command, resulting in a denial of service or possibly unspecified other impact, as demonstrated by the "!calc 5 x 5" command. In versions before 3.0, modules/HELPBOT_MODULE/calc.php has the vulnerable code; in 3.0 and above, modules/HELPBOT_MODULE/HelpbotController.class.php has the vulnerable code. | |||||
CVE-2018-12911 | 2 Canonical, Webkitgtk | 2 Ubuntu Linux, Webkitgtk\+ | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
WebKitGTK+ 2.20.3 has an off-by-one error, with a resultant out-of-bounds write, in the get_simple_globs functions in ThirdParty/xdgmime/src/xdgmimecache.c and ThirdParty/xdgmime/src/xdgmimeglob.c. | |||||
CVE-2018-14473 | 1 Ocsinventory-ng | 1 Ocsinventory Ng | 2023-12-10 | 6.4 MEDIUM | 9.1 CRITICAL |
OCS Inventory 2.4.1 lacks a proper XML parsing configuration, allowing the use of external entities. This issue can be exploited by an attacker sending a crafted HTTP request in order to exfiltrate information or cause a Denial of Service. | |||||
CVE-2019-4059 | 1 Ibm | 1 Rational Clearcase | 2023-12-10 | 5.0 MEDIUM | 9.8 CRITICAL |
IBM Rational ClearCase 1.0.0.0 GIT connector does not sufficiently protect the document database password. An attacker could obtain the password and gain unauthorized access to the document database. IBM X-Force ID: 156583. | |||||
CVE-2018-19355 | 2 Mypresta, Prestashop | 2 Customer Files Upload, Prestashop | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
modules/orderfiles/ajax/upload.php in the Customer Files Upload addon 2018-08-01 for PrestaShop (1.5 through 1.7) allows remote attackers to execute arbitrary code by uploading a php file via modules/orderfiles/upload.php with auptype equal to product (for upload destinations under modules/productfiles), order (for upload destinations under modules/files), or cart (for upload destinations under modules/cartfiles). | |||||
CVE-2018-11792 | 1 Apache | 1 Impala | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
In Apache Impala before 3.0.1, ALTER TABLE/VIEW RENAME required ALTER on the old table. This may pose a potential security risk, such as having ALTER on a table and ALL on a particular database allows a user to move the table to a database with ALL, which will automatically grant that user with ALL privilege on that table due to the privilege inherited from the database. | |||||
CVE-2018-0694 | 1 Soliton | 1 Filezen | 2023-12-10 | 10.0 HIGH | 9.8 CRITICAL |
FileZen V3.0.0 to V4.2.1 allows remote attackers to execute arbitrary OS commands via unspecified vectors. |