The Common Vulnerabilities and Exposures (CVE) project, maintained by the MITRE Corporation, is a list of all standardized names for vulnerabilities and security exposures.
ID | Description | Priority | Modified date |
---|---|---|---|
CVE-2018-12631 | Redatam7 (formerly Redatam WebServer) allows remote attackers to read arbitrary files via /redbin/rpwebutilities.exe/text?LFN=../ directory traversal. | MEDIUM | Jun 21, 2018 |
CVE-2018-12630 | NEWMARK (aka New Mark) NMCMS 2.1 allows SQL Injection via the sect_id parameter to the /catalog URI. | HIGH | Jun 21, 2018 |
CVE-2018-12628 | An issue was discovered in Eventum 3.5.0. CSRF in htdocs/manage/users.php allows creating another user with admin privileges. | MEDIUM | Jul 11, 2019 |
CVE-2018-12627 | An issue was discovered in Eventum 3.5.0. /htdocs/list.php has XSS via the show_notification_list_issues or show_authorized_issues parameter. | MEDIUM | Jul 10, 2019 |
CVE-2018-12626 | An issue was discovered in Eventum 3.5.0. /htdocs/popup.php has XSS via the cat parameter. | MEDIUM | Jul 10, 2019 |
CVE-2018-12625 | An issue was discovered in Eventum 3.5.0. /htdocs/validate.php has XSS via the values parameter. | MEDIUM | Jul 10, 2019 |
CVE-2018-12624 | An issue was discovered in Eventum 3.5.0. /htdocs/post_note.php has XSS via the garlic_prefix parameter. | MEDIUM | May 28, 2019 |
CVE-2018-12623 | An issue was discovered in Eventum 3.5.0. htdocs/switch.php has XSS via the current_page parameter. | MEDIUM | Jul 10, 2019 |
CVE-2018-12622 | An issue was discovered in Eventum 3.5.0. htdocs/ajax/update.php has XSS via the field_name parameter. | MEDIUM | Jul 10, 2019 |
CVE-2018-12621 | An issue was discovered in Eventum 3.5.0. /htdocs/switch.php has an Open Redirect via the current_page parameter. | MEDIUM | Jul 8, 2019 |
CVE-2018-12617 | qmp_guest_file_read in qga/commands-posix.c and qga/commands-win32.c in qemu-ga (aka QEMU Guest Agent) in QEMU 2.12.50 has an integer overflow causing a g_malloc0() call to trigger a segmentation fault when trying to allocate a large memory chunk. The vulnerability can be exploited by sending a crafted QMP command (including guest-file-read with a large count value) to the agent via the listening socket. | MEDIUM | Jun 21, 2018 |
CVE-2018-12615 | An issue was discovered in switchGroup() in agent/ExecHelper/ExecHelperMain.cpp in Phusion Passenger before 5.3.2. The set of groups (gidset) is not set correctly, leaving it up to randomness (i.e., uninitialized memory) which supplementary groups are actually being set while lowering privileges. | MEDIUM | Jun 21, 2018 |
CVE-2018-12613 | An issue was discovered in phpMyAdmin 4.8.x before 4.8.2, in which an attacker can include (view and potentially execute) files on the server. The vulnerability comes from a portion of code where pages are redirected and loaded within phpMyAdmin, and an improper test for whitelisted pages. An attacker must be authenticated, except in the $cfg[\'AllowArbitraryServer\'] = true case (where an attacker can specify any host he/she is already in control of, and execute arbitrary code on phpMyAdmin) and the $cfg[\'ServerDefault\'] = 0 case (which bypasses the login requirement and runs the vulnerable code without any authentication). | MEDIUM | Jun 21, 2018 |
CVE-2018-12611 | OX App Suite 7.8.4 and earlier allows Directory Traversal. | Medium | Jan 31, 2019 |
CVE-2018-12610 | OX App Suite 7.8.4 and earlier allows Information Exposure. | Medium | Jan 31, 2019 |
CVE-2018-12609 | OX App Suite 7.8.4 and earlier allows Server-Side Request Forgery. | Medium | Jan 31, 2019 |
CVE-2018-12608 | An issue was discovered in Docker Moby before 17.06.0. The Docker engine validated a client TLS certificate using both the configured client CA root certificate and all system roots on non-Windows systems. This allowed a client with any domain validated certificate signed by a system-trusted root CA (as opposed to one signed by the configured CA root certificate) to authenticate. | MEDIUM | Sep 10, 2018 |
CVE-2018-12607 | An issue was discovered in GitLab Community Edition and Enterprise Edition before 10.7.6, 10.8.x before 10.8.5, and 11.x before 11.0.1. The charts feature contained a persistent XSS issue due to a lack of output encoding. | LOW | Aug 3, 2018 |
CVE-2018-12606 | An issue was discovered in GitLab Community Edition and Enterprise Edition before 10.7.6, 10.8.x before 10.8.5, and 11.x before 11.0.1. The wiki contains a persistent XSS issue due to a lack of output encoding affecting a specific markdown feature. | LOW | Aug 3, 2018 |
CVE-2018-12605 | An issue was discovered in GitLab Community Edition and Enterprise Edition 10.7.x before 10.7.6. The usage of 'url_for' contained a XSS issue due to it allowing arbitrary protocols as a parameter. | LOW | Aug 3, 2018 |
CVE-2018-12604 | GreenCMS 2.3.0603 allows remote attackers to obtain sensitive information via a direct request for Data/Log/year_month_day.log. | MEDIUM | Jun 20, 2018 |
CVE-2018-12603 | Cross-site request forgery (CSRF) vulnerability in admin.php in LFCMS 3.7.0 allows remote attackers to hijack the authentication of unspecified users for requests that add administrator users via the s parameter, a related issue to CVE-2018-12114. | MEDIUM | Jun 25, 2018 |
CVE-2018-12602 | A CSRF vulnerability exists in LFCMS 3.7.0: users can be added arbitrarily. | MEDIUM | Jun 25, 2018 |
CVE-2018-12601 | There is a heap-based buffer overflow in ReadImage in input-tga.ci in sam2p 0.49.4 that leads to a denial of service or possibly unspecified other impact. | HIGH | Jun 20, 2018 |
CVE-2018-12600 | In ImageMagick 7.0.8-3 Q16, ReadDIBImage and WriteDIBImage in coders/dib.c allow attackers to cause an out of bounds write via a crafted file. | MEDIUM | Jun 20, 2018 |
CVE-2018-12599 | In ImageMagick 7.0.8-3 Q16, ReadBMPImage and WriteBMPImage in coders/bmp.c allow attackers to cause an out of bounds write via a crafted file. | MEDIUM | Jun 20, 2018 |
CVE-2018-12596 | Episerver Ektron CMS before 9.0 SP3 Site CU 31, 9.1 before SP3 Site CU 45, or 9.2 before SP2 Site CU 22 allows remote attackers to call aspx pages via the activateuser.aspx page, even if a page is located under the /WorkArea/ path, which is forbidden (normally available exclusively for local admins). | HIGH | Oct 10, 2018 |
CVE-2018-12594 | Reliable Controls MACH-ProWebCom 7.80 devices allow remote attackers to obtain sensitive information via a direct request for the data/fileinfo.xml or job/job.json file, as demonstrated the Master Password field. | MEDIUM | Jun 20, 2018 |
CVE-2018-12592 | Polycom RealPresence Web Suite before 2.2.0 does not block a user's video for a few seconds upon joining a meeting (when the user has explicitly chosen to turn off the video using a specific option). During those seconds, a meeting invitee may unknowingly be on camera with other participants able to view. | MEDIUM | Jun 20, 2018 |
CVE-2018-12591 | Ubiquiti Networks EdgeSwitch version 1.7.3 and prior suffer from an improperly neutralized element in an OS command due to lack of protection on the admin CLI, leading to code execution and privilege escalation greater than administrators themselves are allowed. An attacker with access to an admin account could escape the restricted CLI and execute arbitrary shell instructions. | HIGH | Jun 20, 2018 |
CVE-2018-12590 | Ubiquiti Networks EdgeSwitch version 1.7.3 and prior suffer from an externally controlled format-string vulnerability due to lack of protection on the admin CLI, leading to code execution and privilege escalation greater than administrators themselves are allowed. An attacker with access to an admin account could escape the restricted CLI and execute arbitrary code. | HIGH | Jun 20, 2018 |
CVE-2018-12589 | Polaris Office 2017 8.1 allows attackers to execute arbitrary code via a Trojan horse puiframeworkproresenu.dll file in the current working directory. | MEDIUM | Jun 28, 2018 |
CVE-2018-12588 | Cross-site scripting (XSS) vulnerability in templates/frontend/pages/searchResults.tpl in Public Knowledge Project (PKP) Open Monograph Press (OMP) v1.2.0 through 3.1.1-2 before 3.1.1-3 allows remote attackers to inject arbitrary web script or HTML via the catalog.noTitlesSearch parameter (aka the Search field). | MEDIUM | Jun 19, 2018 |
CVE-2018-12587 | A cross-site scripting (XSS) vulnerability was found in valeuraddons German Spelling Dictionary v1.3 (an Opera Browser add-on). Instead of providing text for a spelling check, remote attackers may inject arbitrary web script or HTML via the ajax query parameter in the URL Address Bar. | MEDIUM | Aug 13, 2018 |
CVE-2018-12585 | An XXE vulnerability in the OPC UA Java and .NET Legacy Stack can allow remote attackers to trigger a denial of service. | MEDIUM | Sep 14, 2018 |
CVE-2018-12584 | The ConnectionBase::preparseNewBytes function in resip/stack/ConnectionBase.cxx in reSIProcate through 1.10.2 allows remote attackers to cause a denial of service (buffer overflow) or possibly execute arbitrary code when TLS communication is enabled. | HIGH | Jul 25, 2018 |
CVE-2018-12583 | An issue was discovered in AKCMS 6.1. CSRF can delete an article via an admincp deleteitem action to index.php. | MEDIUM | Jun 19, 2018 |
CVE-2018-12582 | An issue was discovered in AKCMS 6.1. CSRF can add an admin account via a /index.php?file=account&action=manageaccounts&job=newaccount URI. | MEDIUM | Jun 19, 2018 |
CVE-2018-12581 | An issue was discovered in js/designer/move.js in phpMyAdmin before 4.8.2. A Cross-Site Scripting vulnerability has been found where an attacker can use a crafted database name to trigger an XSS attack when that database is referenced from the Designer feature. | MEDIUM | Jun 21, 2018 |
CVE-2018-12580 | library/DBTech/Security/Action/Sessions.php in DragonByte vBSecurity 3.x through 3.3.0 for vBulletin 3 and vBulletin 4 allows self-XSS via $session['user_agent'] in the Login Sessions feature. | MEDIUM | Jun 19, 2018 |
CVE-2018-12579 | An issue was discovered in OXID eShop Enterprise Edition before 5.3.8, 6.0.x before 6.0.3, and 6.1.x before 6.1.0; Professional Edition before 4.10.8, 5.x and 6.0.x before 6.0.3, and 6.1.x before 6.1.0; and Community Edition before 4.10.8, 5.x and 6.0.x before 6.0.3, and 6.1.x before 6.1.0. An attacker could gain access to the admin panel or a customer account when using the password reset function. To do so, it is required to own a domain name similar to the one the victim uses for their e-mail accounts. | MEDIUM | Aug 20, 2018 |
CVE-2018-12578 | There is a heap-based buffer overflow in bmp_compress1_row in appliers.cpp in sam2p 0.49.4 that leads to a denial of service or possibly unspecified other impact. | HIGH | Jun 19, 2018 |
CVE-2018-12577 | The Ping and Traceroute features on TP-Link TL-WR841N v13 00000001 0.9.1 4.16 v0001.0 Build 180119 Rel.65243n devices allow authenticated blind Command Injection. | MEDIUM | Jul 2, 2018 |
CVE-2018-12576 | TP-Link TL-WR841N v13 00000001 0.9.1 4.16 v0001.0 Build 180119 Rel.65243n devices allow clickjacking. | MEDIUM | Jul 2, 2018 |
CVE-2018-12575 | On TP-Link TL-WR841N v13 00000001 0.9.1 4.16 v0001.0 Build 171019 Rel.55346n devices, all actions in the web interface are affected by bypass of authentication via an HTTP request. | HIGH | Jul 2, 2018 |
CVE-2018-12574 | CSRF exists for all actions in the web interface on TP-Link TL-WR841N v13 00000001 0.9.1 4.16 v0001.0 Build 180119 Rel.65243n devices. | MEDIUM | Jul 2, 2018 |
CVE-2018-12572 | Avast Free Antivirus prior to 19.1.2360 stores user credentials in memory upon login, which allows local users to obtain sensitive information by dumping AvastUI.exe application memory and parsing the data. | LOW | Mar 27, 2019 |
CVE-2018-12571 | uniquesig0/InternalSite/InitParams.aspx in Microsoft Forefront Unified Access Gateway 2010 allows remote attackers to trigger outbound DNS queries for arbitrary hosts via a comma-separated list of URLs in the orig_url parameter, possibly causing a traffic amplification and/or SSRF outcome. | HIGH | Jul 6, 2018 |
CVE-2018-12565 | An issue was discovered in Linaro LAVA before 2018.5.post1. Because of use of yaml.load() instead of yaml.safe_load() when parsing user data, remote code execution can occur. | MEDIUM | Sep 18, 2019 |
CVE-2018-12564 | An issue was discovered in Linaro LAVA before 2018.5.post1. Because of support for URLs in the submit page, a user can forge an HTTP request that will force lava-server-gunicorn to return any file on the server that is readable by lavaserver and valid yaml. | MEDIUM | Jun 19, 2018 |