The Common Vulnerabilities and Exposures (CVE) project, maintained by the MITRE Corporation, is a list of all standardized names for vulnerabilities and security exposures.
| ID | Description | Priority | Modified date |
|---|---|---|---|
| CVE-2018-10712 | The AsrDrv101.sys and AsrDrv102.sys low-level drivers in ASRock RGBLED before v1.0.35.1, A-Tuning before v3.0.210, F-Stream before v3.0.210, and RestartToUEFI before v1.0.6.2 expose functionality to read/write data from/to IO ports. This could be leveraged in a number of ways to ultimately run code with elevated privileges. | HIGH | Oct 30, 2018 |
| CVE-2018-10711 | The AsrDrv101.sys and AsrDrv102.sys low-level drivers in ASRock RGBLED before v1.0.35.1, A-Tuning before v3.0.210, F-Stream before v3.0.210, and RestartToUEFI before v1.0.6.2 expose functionality to read and write Machine Specific Registers (MSRs). This could be leveraged to execute arbitrary ring-0 code. | HIGH | Oct 30, 2018 |
| CVE-2018-10710 | The AsrDrv101.sys and AsrDrv102.sys low-level drivers in ASRock RGBLED before v1.0.35.1, A-Tuning before v3.0.210, F-Stream before v3.0.210, and RestartToUEFI before v1.0.6.2 expose functionality to read and write arbitrary physical memory. This could be leveraged by a local attacker to elevate privileges. | HIGH | Oct 30, 2018 |
| CVE-2018-10709 | The AsrDrv101.sys and AsrDrv102.sys low-level drivers in ASRock RGBLED before v1.0.35.1, A-Tuning before v3.0.210, F-Stream before v3.0.210, and RestartToUEFI before v1.0.6.2 expose functionality to read and write CR register values. This could be leveraged in a number of ways to ultimately run code with elevated privileges. | MEDIUM | Oct 30, 2018 |
| CVE-2018-10706 | An integer overflow in the transferMulti function of a smart contract implementation for Social Chain (SCA), an Ethereum ERC20 token, allows attackers to accomplish an unauthorized increase of digital assets, aka the multiOverflow issue. | MEDIUM | May 10, 2018 |
| CVE-2018-10705 | The Owned smart contract implementation for Aurora DAO (AURA), an Ethereum ERC20 token, allows attackers to acquire contract ownership because the setOwner function is declared as public. An attacker can then conduct a lockBalances() denial of service attack. | MEDIUM | May 8, 2018 |
| CVE-2018-10704 | yidashi yii2cmf 2.0 has XSS via the /search q parameter. | MEDIUM | Mar 12, 2020 |
| CVE-2018-10703 | An issue was discovered on Moxa AWK-3121 1.14 devices. It provides functionality so that an administrator can run scripts on the device to troubleshoot any issues. However, the same functionality allows an attacker to execute commands on the device. The POST parameter \"iw_serverip\" is susceptible to buffer overflow. By crafting a packet that contains a string of 480 characters, it is possible for an attacker to execute the attack. | -- | Jun 10, 2019 |
| CVE-2018-10702 | An issue was discovered on Moxa AWK-3121 1.14 devices. It provides functionality so that an administrator can run scripts on the device to troubleshoot any issues. However, the same functionality allows an attacker to execute commands on the device. The POST parameter \"iw_filename\" is susceptible to command injection via shell metacharacters. | -- | Jun 10, 2019 |
| CVE-2018-10701 | An issue was discovered on Moxa AWK-3121 1.14 devices. It provides functionality so that an administrator can run scripts on the device to troubleshoot any issues. However, the same functionality allows an attacker to execute commands on the device. The POST parameter \"iw_filename\" is susceptible to buffer overflow. By crafting a packet that contains a string of 162 characters, it is possible for an attacker to execute the attack. | MEDIUM | Jun 11, 2019 |
| CVE-2018-10700 | An issue was discovered on Moxa AWK-3121 1.19 devices. It provides functionality so that an administrator can change the name of the device. However, the same functionality allows an attacker to execute XSS by injecting an XSS payload. The POST parameter \"iw_board_deviceName\" is susceptible to this injection. | -- | Jun 10, 2019 |
| CVE-2018-10699 | An issue was discovered on Moxa AWK-3121 1.14 devices. The Moxa AWK 3121 provides certfile upload functionality so that an administrator can upload a certificate file used for connecting to the wireless network. However, the same functionality allows an attacker to execute commands on the device. The POST parameter \"iw_privatePass\" is susceptible to this injection. By crafting a packet that contains shell metacharacters, it is possible for an attacker to execute the attack. | MEDIUM | Jun 11, 2019 |
| CVE-2018-10698 | An issue was discovered on Moxa AWK-3121 1.14 devices. The device enables an unencrypted TELNET service by default. This allows an attacker who has been able to gain an MITM position to easily sniff the traffic between the device and the user. Also an attacker can easily connect to the TELNET daemon using the default credentials if they have not been changed by the user. | -- | Jun 10, 2019 |
| CVE-2018-10697 | An issue was discovered on Moxa AWK-3121 1.14 devices. The Moxa AWK 3121 provides ping functionality so that an administrator can execute ICMP calls to check if the network is working correctly. However, the same functionality allows an attacker to execute commands on the device. The POST parameter \"srvName\" is susceptible to this injection. By crafting a packet that contains shell metacharacters, it is possible for an attacker to execute the attack. | -- | Jun 10, 2019 |
| CVE-2018-10696 | An issue was discovered on Moxa AWK-3121 1.14 devices. The device provides a web interface to allow an administrator to manage the device. However, this interface is not protected against CSRF attacks, which allows an attacker to trick an administrator into executing actions without his/her knowledge, as demonstrated by the forms/iw_webSetParameters and forms/webSetMainRestart URIs. | MEDIUM | Jun 11, 2019 |
| CVE-2018-10695 | An issue was discovered on Moxa AWK-3121 1.14 devices. It provides alert functionality so that an administrator can send emails to his/her account when there are changes to the device\'s network. However, the same functionality allows an attacker to execute commands on the device. The POST parameters \"to1,to2,to3,to4\" are all susceptible to buffer overflow. By crafting a packet that contains a string of 678 characters, it is possible for an attacker to execute the attack. | MEDIUM | Jun 11, 2019 |
| CVE-2018-10694 | An issue was discovered on Moxa AWK-3121 1.14 devices. The device provides a Wi-Fi connection that is open and does not use any encryption mechanism by default. An administrator who uses the open wireless connection to set up the device can allow an attacker to sniff the traffic passing between the user\'s computer and the device. This can allow an attacker to steal the credentials passing over the HTTP connection as well as TELNET traffic. Also an attacker can MITM the response and infect a user\'s computer very easily as well. | -- | Jun 10, 2019 |
| CVE-2018-10693 | An issue was discovered on Moxa AWK-3121 1.14 devices. It provides ping functionality so that an administrator can execute ICMP calls to check if the network is working correctly. However, the same functionality allows an attacker to execute commands on the device. The POST parameter \"srvName\" is susceptible to a buffer overflow. By crafting a packet that contains a string of 516 characters, it is possible for an attacker to execute the attack. | -- | Jun 10, 2019 |
| CVE-2018-10692 | An issue was discovered on Moxa AWK-3121 1.14 devices. The session cookie \"Password508\" does not have an HttpOnly flag. This allows an attacker who is able to execute a cross-site scripting attack to steal the cookie very easily. | -- | Jun 10, 2019 |
| CVE-2018-10691 | An issue was discovered on Moxa AWK-3121 1.14 devices. It is intended that an administrator can download /systemlog.log (the system log). However, the same functionality allows an attacker to download the file without any authentication or authorization. | -- | Jun 10, 2019 |
| CVE-2018-10690 | An issue was discovered on Moxa AWK-3121 1.14 devices. The device by default allows HTTP traffic thus providing an insecure communication mechanism for a user connecting to the web server. This allows an attacker to sniff the traffic easily and allows an attacker to compromise sensitive data such as credentials. | -- | Jun 10, 2019 |
| CVE-2018-10689 | blktrace (aka Block IO Tracing) 1.2.0, as used with the Linux kernel and Android, has a buffer overflow in the dev_map_read function in btt/devmap.c because the device and devno arrays are too small, as demonstrated by an invalid free when using the btt program with a crafted file. | MEDIUM | May 3, 2018 |
| CVE-2018-10686 | An issue was discovered in Vesta Control Panel 0.9.8-20. There is Reflected XSS via $_REQUEST['path'] to the view/file/index.php URI, which can lead to remote PHP code execution via vectors involving a file_put_contents call in web/upload/UploadHandler.php. | MEDIUM | May 6, 2018 |
| CVE-2018-10685 | In Long Range Zip (aka lrzip) 0.631, there is a use-after-free in the lzma_decompress_buf function of stream.c, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact. | HIGH | May 2, 2018 |
| CVE-2018-10682 | ** DISPUTED ** An issue was discovered in WildFly 10.1.2.Final. It is possible for an attacker to access the administration panel on TCP port 9990 without any authentication using anonymous access that is automatically created. Once logged in, a misconfiguration present by default (auto-deployment) permits an anonymous user to deploy a malicious .war file, leading to remote code execution. NOTE: the vendor indicates that anonymous access is not available in the default installation; however, it remains optional because there are several use cases for it, including development environments and network architectures that have a proxy server for access control to the WildFly server. | HIGH | May 9, 2018 |
| CVE-2018-10680 | ** DISPUTED ** Z-BlogPHP 1.5.2 has a stored Cross Site Scripting Vulnerability exploitable by an administrator who navigates to Web site settings --> Basic setting --> Website title and enters an XSS payload via the zb_system/cmd.php ZC_BLOG_NAME parameter. NOTE: the vendor disputes the security relevance, noting it is just a functional bug. | MEDIUM | Apr 17, 2019 |
| CVE-2018-10678 | MyBB 1.8.15, when accessed with Microsoft Edge, mishandles 'target=_blank rel=noopener' in A elements, which makes it easier for remote attackers to conduct redirection attacks. | MEDIUM | May 13, 2018 |
| CVE-2018-10677 | The DecodeGifImg function in ngiflib.c in MiniUPnP ngiflib 0.4 lacks certain checks against width and height, which allows remote attackers to cause a denial of service (WritePixels heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted GIF file. | MEDIUM | May 2, 2018 |
| CVE-2018-10676 | CeNova, Night OWL, Novo, Pulnix, QSee, Securus, and TBK Vision DVR devices allow remote attackers to download a file and obtain sensitive credential information via a direct request for the download.rsp URI. | MEDIUM | May 2, 2018 |
| CVE-2018-10675 | The do_get_mempolicy function in mm/mempolicy.c in the Linux kernel before 4.12.9 allows local users to cause a denial of service (use-after-free) or possibly have unspecified other impact via crafted system calls. | HIGH | May 8, 2018 |
| CVE-2018-10666 | The Owned smart contract implementation for Aurora IDEX Membership (IDXM), an Ethereum ERC20 token, allows attackers to acquire contract ownership because the setOwner function is declared as public. A new owner can subsequently modify variables. | MEDIUM | May 3, 2018 |
| CVE-2018-10665 | ILIAS 5.3.4 has XSS through unsanitized output of PHP_SELF, related to shib_logout.php and third-party demo files. | MEDIUM | May 2, 2018 |
| CVE-2018-10664 | An issue was discovered in the httpd process in multiple models of Axis IP Cameras. There is Memory Corruption. | MEDIUM | Jun 26, 2018 |
| CVE-2018-10663 | An issue was discovered in multiple models of Axis IP Cameras. There is an Incorrect Size Calculation. | MEDIUM | Jun 26, 2018 |
| CVE-2018-10662 | An issue was discovered in multiple models of Axis IP Cameras. There is an Exposed Insecure Interface. | HIGH | Jun 26, 2018 |
| CVE-2018-10661 | An issue was discovered in multiple models of Axis IP Cameras. There is a bypass of access control. | HIGH | Jun 26, 2018 |
| CVE-2018-10660 | An issue was discovered in multiple models of Axis IP Cameras. There is Shell Command Injection. | HIGH | Jun 26, 2018 |
| CVE-2018-10659 | There was a Memory Corruption issue discovered in multiple models of Axis IP Cameras which allows remote attackers to cause a denial of service (crash) by sending a crafted command which will result in a code path that calls the UND undefined ARM instruction. | MEDIUM | Jun 26, 2018 |
| CVE-2018-10658 | There was a Memory Corruption issue discovered in multiple models of Axis IP Cameras which causes a denial of service (crash). The crash arises from code inside libdbus-send.so shared object or similar. | MEDIUM | Jun 26, 2018 |
| CVE-2018-10657 | Matrix Synapse before 0.28.1 is prone to a denial of service flaw where malicious events injected with depth = 2^63 - 1 render rooms unusable, related to federation/federation_base.py and handlers/message.py, as exploited in the wild in April 2018. | MEDIUM | May 2, 2018 |
| CVE-2018-10655 | DLPnpAuditor.exe in DeviceLock Plug and Play Auditor (freeware) 5.72 has a Unicode Buffer Overflow (SEH). | MEDIUM | May 10, 2018 |
| CVE-2018-10654 | There is a Hazelcast Library Java Deserialization Vulnerability in Citrix XenMobile Server 10.8 before RP2 and 10.7 before RP3. | MEDIUM | May 23, 2018 |
| CVE-2018-10653 | There is an XML External Entity (XXE) Processing Vulnerability in Citrix XenMobile Server 10.8 before RP2 and 10.7 before RP3. | HIGH | May 23, 2018 |
| CVE-2018-10652 | There is a Sensitive Data Leakage issue in Citrix XenMobile Server 10.7 before RP3. | MEDIUM | May 23, 2018 |
| CVE-2018-10651 | There are Open Redirect Vulnerabilities in Citrix XenMobile Server 10.8 before RP2 and 10.7 before RP3. | MEDIUM | May 23, 2018 |
| CVE-2018-10650 | There is an Insufficient Path Validation Vulnerability in Citrix XenMobile Server 10.8 before RP2 and 10.7 before RP3. | MEDIUM | May 23, 2018 |
| CVE-2018-10649 | There is a Cross-Site Scripting Vulnerability in Citrix XenMobile Server 10.7 before RP3. | MEDIUM | May 23, 2018 |
| CVE-2018-10648 | There are Unauthenticated File Upload Vulnerabilities in Citrix XenMobile Server 10.8 before RP2 and 10.7 before RP3. | HIGH | May 23, 2018 |
| CVE-2018-10647 | SaferVPN 4.2.5 for Windows suffers from a SYSTEM privilege escalation vulnerability in its SaferVPN.Service service. The SaferVPN.Service service executes openvpn.exe using OpenVPN config files located within the current user's %LOCALAPPDATA%SaferVPNOvpnConfig directory. An authenticated attacker may modify these configuration files to specify a dynamic library plugin that should run for every new VPN connection attempt. This plugin will execute code in the context of the SYSTEM user. | HIGH | May 2, 2018 |
| CVE-2018-10646 | CyberGhost 6.5.0.3180 for Windows suffers from a SYSTEM privilege escalation vulnerability through the CG6Service service. This service establishes a NetNamedPipe endpoint that allows arbitrary installed applications to connect and call publicly exposed methods. The ConnectToVpnServer method accepts a connectionParams argument that provides attacker control of the OpenVPN command line. An attacker can specify a dynamic library plugin that should run for every new VPN connection attempt. This plugin will execute code in the context of the SYSTEM user. | HIGH | May 2, 2018 |
