The Common Vulnerabilities and Exposures (CVE) project, maintained by the MITRE Corporation, is a list of all standardized names for vulnerabilities and security exposures.
| ID | Description | Priority | Modified date |
|---|---|---|---|
| CVE-2018-19654 | An issue was discovered in Sales & Company Management System (SCMS) through 2018-06-06. There is a discrepancy in username checking between a component that does string validation, and a component that is supposed to query a MySQL database. Thus, it is possible to register a new account with a duplicate username, as demonstrated by use of the test%c2 string when a test account already exists. | MEDIUM | Nov 29, 2018 |
| CVE-2018-19653 | HashiCorp Consul 0.5.1 through 1.4.0 can use cleartext agent-to-agent RPC communication because the verify_outgoing setting is improperly documented. NOTE: the vendor has provided reconfiguration steps that do not require a software upgrade. | MEDIUM | Dec 9, 2018 |
| CVE-2018-19651 | admin/functions/remote.php in Interspire Email Marketer through 6.1.6 has Server Side Request Forgery (SSRF) via a what=importurl&url= request with an http or https URL. This also allows reading local files with a file: URL. | MEDIUM | Nov 28, 2018 |
| CVE-2018-19650 | Local attackers can trigger a stack-based buffer overflow on vulnerable installations of Antiy-AVL ATool security management v1.0.0.22. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the processing of IOCTL 0x80002000 by the IRPFile.sys Antiy-AVL ATool kernel driver. The bug is caused by failure to properly validate the length of the user-supplied data, which results in a kernel stack buffer overflow. An attacker can leverage this vulnerability to execute arbitrary code in the context of the kernel, which could lead to privilege escalation and a failed exploit could lead to denial of service. | HIGH | Dec 5, 2018 |
| CVE-2018-19649 | XSS exists in InfoVista VistaPortal SE Version 5.1 (build 51029). VPortal/mgtconsole/RolePermissions.jsp has reflected XSS via the ConnPoolName parameter. | MEDIUM | Dec 17, 2018 |
| CVE-2018-19648 | An issue was discovered in ADTRAN PMAA 1.6.2-1, 1.6.3, and 1.6.4. NETCONF Access Management (NACM) allows unprivileged users to create privileged users and execute arbitrary commands via the use of the diagnostic-profile over RESTCONF. | HIGH | Mar 29, 2019 |
| CVE-2018-19646 | The Python CGI scripts in PWS in Imperva SecureSphere 13.0.10, 13.1.10, and 13.2.10 allow remote attackers to execute arbitrary OS commands because command-line arguments are mishandled. | HIGH | Nov 28, 2018 |
| CVE-2018-19645 | An Authentication Bypass issue exists in Solutions Business Manager (SBM) (formerly Serena Business Manager (SBM)) versions prior to 11.5. | High | Feb 13, 2019 |
| CVE-2018-19644 | Reflected cross site script issue in Micro Focus Solutions Business Manager (SBM) (formerly Serena Business Manager (SBM)) versions prior to 11.5. | -- | Mar 29, 2019 |
| CVE-2018-19643 | Information leakage issue in Micro Focus Solutions Business Manager (SBM) (formerly Serena Business Manager (SBM)) versions prior to 11.5. | -- | Mar 29, 2019 |
| CVE-2018-19642 | Denial of service issue in Micro Focus Solutions Business Manager (SBM) (formerly Serena Business Manager (SBM)) versions prior to 11.5. | -- | Mar 29, 2019 |
| CVE-2018-19641 | Unauthenticated remote code execution issue in Micro Focus Solutions Business Manager (SBM) (formerly Serena Business Manager (SBM)) versions prior to 11.5. | -- | Mar 29, 2019 |
| CVE-2018-19640 | If the attacker manages to create files in the directory used to collect log files in supportutils before version 3.1-5.7.1 (e.g. with CVE-2018-19638) he can kill arbitrary processes on the local machine. | LOW | Mar 22, 2019 |
| CVE-2018-19639 | If supportutils before version 3.1-5.7.1 is run with -v to perform rpm verification and the attacker manages to manipulate the rpm listing (e.g. with CVE-2018-19638) he can execute arbitrary commands as root. | HIGH | Mar 22, 2019 |
| CVE-2018-19638 | In supportutils, before version 3.1-5.7.1 and if pacemaker is installed on the system, an unprivileged user could have overwritten arbitrary files in the directory that is used by supportutils to collect the log files. | LOW | Mar 22, 2019 |
| CVE-2018-19637 | Supportutils, before version 3.1-5.7.1, wrote data to static file /tmp/supp_log, allowing local attackers to overwrite files on systems without symlink protection | LOW | Mar 22, 2019 |
| CVE-2018-19636 | Supportutils, before version 3.1-5.7.1, when run with command line argument -A searched the file system for a ndspath binary. If an attacker provides one at an arbitrary location it is executed with root privileges | HIGH | Mar 22, 2019 |
| CVE-2018-19635 | CA Service Desk Manager 14.1 and 17 contain a vulnerability that can allow a malicious actor to escalate privileges in the user interface. | High | Jan 25, 2019 |
| CVE-2018-19634 | CA Service Desk Manager 14.1 and 17 contain a vulnerability that can allow a malicious actor to access survey information. | Medium | Jan 25, 2019 |
| CVE-2018-19630 | cgi_handle_request in uhttpd in OpenWrt through 18.06.1 and LEDE through 17.01 has unauthenticated reflected XSS via the URI, as demonstrated by a cgi-bin/?[XSS] URI. | MEDIUM | Nov 28, 2018 |
| CVE-2018-19629 | A Denial of Service vulnerability in the ImageNow Server service in Hyland Perceptive Content Server before 7.1.5 allows an attacker to crash the service via a TCP connection. | MEDIUM | Jul 19, 2019 |
| CVE-2018-19628 | In Wireshark 2.6.0 to 2.6.4, the ZigBee ZCL dissector could crash. This was addressed in epan/dissectors/packet-zbee-zcl-lighting.c by preventing a divide-by-zero error. | MEDIUM | Dec 1, 2018 |
| CVE-2018-19627 | In Wireshark 2.6.0 to 2.6.4 and 2.4.0 to 2.4.10, the IxVeriWave file parser could crash. This was addressed in wiretap/vwr.c by adjusting a buffer boundary. | MEDIUM | Dec 5, 2018 |
| CVE-2018-19626 | In Wireshark 2.6.0 to 2.6.4 and 2.4.0 to 2.4.10, the DCOM dissector could crash. This was addressed in epan/dissectors/packet-dcom.c by adding \'\\0\' termination. | MEDIUM | Dec 1, 2018 |
| CVE-2018-19625 | In Wireshark 2.6.0 to 2.6.4 and 2.4.0 to 2.4.10, the dissection engine could crash. This was addressed in epan/tvbuff_composite.c by preventing a heap-based buffer over-read. | MEDIUM | Dec 1, 2018 |
| CVE-2018-19624 | In Wireshark 2.6.0 to 2.6.4 and 2.4.0 to 2.4.10, the PVFS dissector could crash. This was addressed in epan/dissectors/packet-pvfs2.c by preventing a NULL pointer dereference. | MEDIUM | Dec 1, 2018 |
| CVE-2018-19623 | In Wireshark 2.6.0 to 2.6.4 and 2.4.0 to 2.4.10, the LBMPDM dissector could crash. In addition, a remote attacker could write arbitrary data to any memory locations before the packet-scoped memory. This was addressed in epan/dissectors/packet-lbmpdm.c by disallowing certain negative values. | MEDIUM | Dec 1, 2018 |
| CVE-2018-19622 | In Wireshark 2.6.0 to 2.6.4 and 2.4.0 to 2.4.10, the MMSE dissector could go into an infinite loop. This was addressed in epan/dissectors/packet-mmse.c by preventing length overflows. | MEDIUM | Dec 1, 2018 |
| CVE-2018-19621 | server/index.php?s=/api/teamMember/save in ShowDoc 2.4.2 has a CSRF that can add members to a team. | MEDIUM | Nov 28, 2018 |
| CVE-2018-19620 | ShowDoc 2.4.1 allows remote attackers to edit other users\' notes by navigating with a modified page_id. | MEDIUM | Nov 28, 2018 |
| CVE-2018-19616 | An issue was discovered in Rockwell Automation Allen-Bradley PowerMonitor 1000. An unauthenticated user can add/edit/remove administrators because access control is implemented on the client side via a disabled attribute for a BUTTON element. | MEDIUM | Dec 26, 2018 |
| CVE-2018-19615 | Rockwell Automation Allen-Bradley PowerMonitor 1000 all versions. A remote attacker could inject arbitrary code into a targeted userâ??s web browser to gain access to the affected device. | LOW | Dec 26, 2018 |
| CVE-2018-19614 | XSS exists in the /cmdexec/cmdexe?cmd= function in Westermo DR-250 Pre-5162 and DR-260 Pre-5162 routers. | MEDIUM | May 24, 2019 |
| CVE-2018-19613 | Westermo DR-250 Pre-5162 and DR-260 Pre-5162 routers allow CSRF. | MEDIUM | May 28, 2019 |
| CVE-2018-19612 | The /uploadfile? functionality in Westermo DR-250 Pre-5162 and DR-260 Pre-5162 routers allows remote users to upload malicious file types and execute ASP code. | MEDIUM | May 28, 2019 |
| CVE-2018-19609 | ShowDoc 2.4.1 allows remote attackers to obtain sensitive information by navigating with a modified page_id, as demonstrated by reading note content, or discovering a username in the JSON data at a diff URL. | MEDIUM | Nov 27, 2018 |
| CVE-2018-19608 | Arm Mbed TLS before 2.14.1, before 2.7.8, and before 2.1.17 allows a local unprivileged attacker to recover the plaintext of RSA decryption, which is used in RSA-without-(EC)DH(E) cipher suites. | LOW | Dec 5, 2018 |
| CVE-2018-19607 | Exiv2::isoSpeed in easyaccess.cpp in Exiv2 v0.27-RC2 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted file. | MEDIUM | Nov 27, 2018 |
| CVE-2018-19601 | Rhymix CMS 1.9.8.1 allows SSRF via an index.php?module=admin&act=dispModuleAdminFileBox SVG upload. | Medium | Jan 10, 2019 |
| CVE-2018-19600 | Rhymix CMS 1.9.8.1 allows XSS via an index.php?module=admin&act=dispModuleAdminFileBox SVG upload. | Low | Jan 10, 2019 |
| CVE-2018-19599 | Monstra CMS 1.6 allows XSS via an uploaded SVG document to the admin/index.php?id=filesmanager&path=uploads/ URI. NOTE: this is a discontinued product. | LOW | Mar 3, 2020 |
| CVE-2018-19598 | Statamic 2.10.3 allows XSS via First Name or Last Name to the /users URI in an \'Add new user\' request. | LOW | Dec 19, 2018 |
| CVE-2018-19597 | CMS Made Simple 2.2.8 allows XSS via an uploaded SVG document, a related issue to CVE-2017-16798. | LOW | Dec 19, 2018 |
| CVE-2018-19596 | Zurmo 3.2.4 allows HTML Injection via an admin\'s use of HTML in the report section, a related issue to CVE-2018-19506. | LOW | Dec 19, 2018 |
| CVE-2018-19595 | PbootCMS V1.3.1 build 2018-11-14 allows remote attackers to execute arbitrary code via use of eval with mixed case, as demonstrated by an index.php/list/5/?current={pboot:if(evAl($_GET[a]))}1{/pboot:if}&a=phpinfo(); URI, because of an incorrect apps\\home\\controller\\ParserController.php parserIfLabel protection mechanism. | HIGH | Nov 27, 2018 |
| CVE-2018-19592 | The \"CLink4Service\" service is installed with Corsair Link 4.9.7.35 with insecure permissions by default. This allows unprivileged users to take control of the service and execute commands in the context of NT AUTHORITY\\SYSTEM, leading to total system takeover, a similar issue to CVE-2018-12441. | HIGH | Oct 1, 2019 |
| CVE-2018-19591 | In the GNU C Library (aka glibc or libc6) through 2.28, attempting to resolve a crafted hostname via getaddrinfo() leads to the allocation of a socket descriptor that is not closed. This is related to the if_nametoindex() function. | MEDIUM | Dec 5, 2018 |
| CVE-2018-19589 | Incorrect Access Controls of Security Officer (SO) in PKCS11 R2 provider that ships with the Utimaco CryptoServer HSM product package allows an SO authenticated to a slot to retrieve attributes of keys marked as private keys in external key storage, and also delete keys marked as private keys in external key storage. This compromises the availability of all keys configured with external key storage and may result in an economic attack in which the attacker denies legitimate users access to keys while maintaining possession of an encrypted copy (blob) of the external key store for ransom. This attack has been dubbed reverse ransomware attack and may be executed via a physical connection to the CryptoServer or remote connection if SSH or remote access to LAN CryptoServer has been compromised. The Confidentiality and Integrity of the affected keys, however, remain untarnished. | MEDIUM | Apr 11, 2019 |
| CVE-2018-19588 | Alarm.com ADC-V522IR 0100b9 devices have Incorrect Access Control. | HIGH | Jul 18, 2019 |
| CVE-2018-19587 | In Cesanta Mongoose 6.13, a SIGSEGV exists in the mongoose.c mg_mqtt_add_session() function. | MEDIUM | Nov 27, 2018 |
