The Common Vulnerabilities and Exposures (CVE) project, maintained by the MITRE Corporation, is a list of all standardized names for vulnerabilities and security exposures.
| ID | Description | Priority | Modified date |
|---|---|---|---|
| CVE-2018-10967 | On D-Link DIR-550A and DIR-604M devices through v2.10KR, a malicious user can forge an HTTP request to inject operating system commands that can be executed on the device with higher privileges, aka remote code execution. | HIGH | May 18, 2018 |
| CVE-2018-10968 | On D-Link DIR-550A and DIR-604M devices through v2.10KR, a malicious user can use a default TELNET account to get unauthorized access to vulnerable devices, aka a backdoor access vulnerability. | HIGH | May 18, 2018 |
| CVE-2018-11094 | An issue was discovered on Intelbras NCLOUD 300 1.0 devices. /cgi-bin/ExportSettings.sh, /goform/updateWPS, /goform/RebootSystem, and /goform/vpnBasicSettings do not require authentication. For example, when an HTTP POST request is made to /cgi-bin/ExportSettings.sh, the username, password, and other details are retrieved. | HIGH | May 19, 2018 |
| CVE-2018-1111 | DHCP packages in Red Hat Enterprise Linux 6 and 7, Fedora 28, and earlier are vulnerable to a command injection flaw in the NetworkManager integration script included in the DHCP client. A malicious DHCP server, or an attacker on the local network able to spoof DHCP responses, could use this flaw to execute arbitrary commands with root privileges on systems using NetworkManager and configured to obtain network configuration using the DHCP protocol. | HIGH | May 20, 2018 |
| CVE-2018-11210 | ** DISPUTED ** TinyXML2 6.2.0 has a heap-based buffer over-read in the XMLDocument::Parse function in libtinyxml2.so. NOTE: The tinyxml2 developers have determined that the reported overflow is due to improper use of the library and not a vulnerability in tinyxml2. | HIGH | May 16, 2018 |
| CVE-2018-11248 | util/FileDownloadUtils.java in FileDownloader 1.7.3 does not check an attachment's name. If an attacker places ../ in the file name, the file can be stored in an unintended directory because of Directory Traversal. | HIGH | May 18, 2018 |
| CVE-2018-1126 | procps-ng before version 3.3.15 is vulnerable to an incorrect integer size in proc/alloc.* leading to truncation/integer overflow issues. This flaw is related to CVE-2018-1124. | HIGH | May 24, 2018 |
| CVE-2018-11309 | Blind SQL injection in coupon_code in the MemberMouse plugin 2.2.8 and prior for WordPress allows an unauthenticated attacker to dump the WordPress MySQL database via an applyCoupon action in an admin-ajax.php request. | HIGH | May 28, 2018 |
| CVE-2018-11319 | Syntastic (aka vim-syntastic) through 3.9.0 does not properly handle searches for configuration files (it searches the current directory up to potentially the root). This improper handling might be exploited for arbitrary code execution via a malicious gcc plugin, if an attacker has write access to a directory that is a parent of the base directory of the project being checked. NOTE: exploitation is more difficult after 3.8.0 because filename prediction may be needed. | HIGH | May 20, 2018 |
| CVE-2018-11331 | An issue was discovered in Pluck before 4.7.6. Remote PHP code execution is possible because the set of disallowed filetypes for uploads in missing some applicable ones such as .phtml and .htaccess. | HIGH | May 21, 2018 |
| CVE-2018-11340 | An unrestricted file upload vulnerability in importuser.cgi in ASUSTOR AS6202T ADM 3.1.0.RFQ3 allows attackers to upload supplied data to a specified filename. This can be used to place attacker controlled code on the file system that is then executed. | HIGH | May 21, 2018 |
| CVE-2018-11369 | An issue was discovered in PbootCMS v1.0.9. There is a SQL Injection that can get important information from the database via the appshomecontrollerParserController.php scode parameter. | HIGH | May 22, 2018 |
| CVE-2018-11372 | iScripts eSwap v2.4 has SQL injection via the wishlistdetailed.php User Panel ToId parameter. | HIGH | May 22, 2018 |
| CVE-2018-11373 | iScripts eSwap v2.4 has SQL injection via the salelistdetailed.php User Panel ToId parameter. | HIGH | May 22, 2018 |
| CVE-2018-11410 | An issue was discovered in Liblouis 3.5.0. A invalid free in the compileRule function in compileTranslationTable.c allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact. | HIGH | May 24, 2018 |
| CVE-2018-11418 | An issue was discovered in JerryScript 1.0. There is a heap-based buffer over-read in the lit_read_code_unit_from_utf8 function via a RegExp([\u0020) payload, related to re_parse_char_class in parser/regexp/re-parser.c. | HIGH | May 24, 2018 |
| CVE-2018-11419 | An issue was discovered in JerryScript 1.0. There is a heap-based buffer over-read in the lit_read_code_unit_from_hex function via a RegExp([\u0) payload, related to re_parse_char_class in parser/regexp/re-parser.c. | HIGH | May 24, 2018 |
| CVE-2018-11444 | A SQL Injection issue was observed in the parameter q in jobcard-ongoing.php in EasyService Billing 1.0. | HIGH | May 25, 2018 |
| CVE-2018-11479 | The VPN component in Windscribe 1.81 uses the OpenVPN client for connections. Also, it creates a WindScribeService.exe system process that establishes a \.pipeWindscribeService named pipe endpoint that allows the Windscribe VPN process to connect and execute an OpenVPN process or other processes (like taskkill, etc.). There is no validation of the program name before constructing the lpCommandLine argument for a CreateProcess call. An attacker can run any malicious process with SYSTEM privileges through this named pipe. | HIGH | May 25, 2018 |
| CVE-2018-11482 | /usr/lib/lua/luci/websys.lua on TP-LINK IPC TL-IPC223(P)-6, TL-IPC323K-D, TL-IPC325(KP)-*, and TL-IPC40A-4 devices has a hardcoded zMiVw8Kw0oxKXL0 password. | HIGH | May 30, 2018 |
| CVE-2018-11499 | A use-after-free vulnerability exists in handle_error() in sass_context.cpp in LibSass 3.4.x and 3.5.x through 3.5.4 that could be leveraged to cause a denial of service (application crash) or possibly unspecified other impact. | HIGH | May 26, 2018 |
| CVE-2018-11506 | The sr_do_ioctl function in drivers/scsi/sr_ioctl.c in the Linux kernel through 4.16.12 allows local users to cause a denial of service (stack-based buffer overflow) or possibly have unspecified other impact because sense buffers have different sizes at the CDROM layer and the SCSI layer, as demonstrated by a CDROMREADMODE2 ioctl call. | HIGH | May 28, 2018 |
| CVE-2018-11523 | upload.php on NUUO NVRmini 2 devices allows Arbitrary File Upload, such as upload of .php files. | HIGH | May 29, 2018 |
| CVE-2018-11528 | WUZHI CMS 4.1.0 has SQL Injection via an api/sms_check.php?param= URI. | HIGH | May 29, 2018 |
| CVE-2018-11531 | Exiv2 0.26 has a heap-based buffer overflow in getData in preview.cpp. | HIGH | May 29, 2018 |
| CVE-2018-11535 | An issue was discovered in SITEMAKIN SLAC (Site Login and Access Control) v1.0. The parameter my_item_search in users.php is exploitable using SQL injection. | HIGH | May 29, 2018 |
| CVE-2018-11536 | md4c before 0.2.5 has a heap-based buffer overflow because md_split_simple_pairing_mark mishandles splits. | HIGH | May 29, 2018 |
| CVE-2018-11545 | md4c 0.2.5 has a heap-based buffer overflow in md_merge_lines because md_is_link_label mishandles the case of a link label composed solely of backslash escapes. | HIGH | May 29, 2018 |
| CVE-2018-11546 | md4c 0.2.5 has a heap-based buffer over-read because md_is_named_entity_contents has an off-by-one error. | HIGH | May 29, 2018 |
| CVE-2018-11547 | md_is_link_reference_definition_helper in md4c 0.2.5 has a heap-based buffer over-read because md_is_link_label mishandles loop termination. | HIGH | May 29, 2018 |
| CVE-2018-11575 | ngiflib.c in MiniUPnP ngiflib 0.4 has a stack-based buffer overflow in DecodeGifImg. | HIGH | May 30, 2018 |
| CVE-2018-11576 | ngiflib.c in MiniUPnP ngiflib 0.4 has a heap-based buffer over-read in GifIndexToTrueColor. | HIGH | May 30, 2018 |
| CVE-2018-1235 | Dell EMC RecoverPoint versions prior to 5.1.2 and RecoverPoint for VMs versions prior to 5.1.1.3, contain a command injection vulnerability. An unauthenticated remote attacker may potentially exploit this vulnerability to execute arbitrary commands on the affected system with root privilege. | HIGH | May 29, 2018 |
| CVE-2018-1309 | Apache NiFi External XML Entity issue in SplitXML processor. Malicious XML content could cause information disclosure or remote code execution. The fix to disable external general entity parsing and disallow doctype declarations was applied on the Apache NiFi 1.6.0 release. Users running a prior 1.x release should upgrade to the appropriate release. | HIGH | May 23, 2018 |
| CVE-2018-1488 | IBM DB2 for Linux, UNIX and Windows (includes DB2 Connect Server) 10.5 and 11.1 is vulnerable to a buffer overflow, which could allow an authenticated local attacker to execute arbitrary code on the system as root. IBM X-Force ID: 140973. | HIGH | May 26, 2018 |
| CVE-2018-4917 | Adobe Acrobat and Reader versions 2018.009.20050 and earlier, 2017.011.30070 and earlier, 2015.006.30394 and earlier have an exploitable heap overflow vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user. | HIGH | May 20, 2018 |
| CVE-2018-4918 | Adobe Acrobat and Reader versions 2018.009.20050 and earlier, 2017.011.30070 and earlier, 2015.006.30394 and earlier have an exploitable out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user. | HIGH | May 20, 2018 |
| CVE-2018-4919 | Adobe Flash Player versions 28.0.0.161 and earlier have an exploitable use after free vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user. | HIGH | May 20, 2018 |
| CVE-2018-4920 | Adobe Flash Player versions 28.0.0.161 and earlier have an exploitable type confusion vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user. | HIGH | May 20, 2018 |
| CVE-2018-4924 | Adobe Dreamweaver CC versions 18.0 and earlier have an OS Command Injection vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user. | HIGH | May 20, 2018 |
| CVE-2018-4928 | Adobe InDesign versions 13.0 and below have an exploitable Memory corruption vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user. | HIGH | May 20, 2018 |
| CVE-2018-4932 | Adobe Flash Player versions 29.0.0.113 and earlier have an exploitable Use-After-Free vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user. | HIGH | May 20, 2018 |
| CVE-2018-4935 | Adobe Flash Player versions 29.0.0.113 and earlier have an exploitable out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user. | HIGH | May 20, 2018 |
| CVE-2018-4937 | Adobe Flash Player versions 29.0.0.113 and earlier have an exploitable out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user. | HIGH | May 20, 2018 |
| CVE-2018-4939 | Adobe ColdFusion Update 5 and earlier versions, ColdFusion 11 Update 13 and earlier versions have an exploitable Deserialization of Untrusted Data vulnerability. Successful exploitation could lead to arbitrary code execution. | HIGH | May 20, 2018 |
| CVE-2018-4944 | Adobe Flash Player versions 29.0.0.140 and earlier have an exploitable type confusion vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user. | HIGH | May 20, 2018 |
| CVE-2018-4991 | Adobe Creative Cloud Desktop Application versions 4.4.1.298 and earlier have an exploitable Improper certificate validation vulnerability. Successful exploitation could lead to a security bypass. | HIGH | May 20, 2018 |
| CVE-2018-5241 | Symantec Advanced Secure Gateway (ASG) 6.6 and 6.7, and ProxySG 6.5, 6.6, and 6.7 are susceptible to a SAML authentication bypass vulnerability. The products can be configured with a SAML authentication realm to authenticate network users in intercepted proxy traffic. When parsing SAML responses, ASG and ProxySG incorrectly handle XML nodes with comments. A remote attacker can modify a valid SAML response without invalidating its cryptographic signature. This may allow the attacker to bypass user authentication security controls in ASG and ProxySG. This vulnerability only affects authentication of network users in intercepted traffic. It does not affect administrator user authentication for the ASG and ProxySG management consoles. | HIGH | May 29, 2018 |
| CVE-2018-5487 | NetApp OnCommand Unified Manager for Linux versions 7.2 through 7.3 ship with the Java Management Extension Remote Method Invocation (JMX RMI) service bound to the network, and are susceptible to unauthenticated remote code execution. | HIGH | May 24, 2018 |
| CVE-2018-6232 | A buffer overflow privilege escalation vulnerability in Trend Micro Maximum Security (Consumer) 2018 could allow a local attacker to escalate privileges on vulnerable installations due to a flaw within processing of IOCTL 0x22205C by the tmnciesc.sys driver. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. | HIGH | May 25, 2018 |
