The Common Vulnerabilities and Exposures (CVE) project, maintained by the MITRE Corporation, is a list of all standardized names for vulnerabilities and security exposures.
| ID | Description | Priority | Modified date | Fixed Release |
|---|---|---|---|---|
| CVE-2018-20780 | Traq 3.7.1 allows admin/users/new CSRF to create an admin account (aka group_id=1). | Medium | Feb 11, 2019 | n/a |
| CVE-2018-20779 | Traq 3.7.1 allows SQL Injection via a tickets?search= URI. | High | Feb 11, 2019 | n/a |
| CVE-2018-20778 | admin/?/plugin/file_manager in Frog CMS 0.9.5 allows XSS by creating a new file containing a crafted attribute of an IMG element. | Medium | Feb 11, 2019 | n/a |
| CVE-2018-20777 | Frog CMS 0.9.5 has XSS via the admin/?/snippet/edit/1 Body field. | Low | Feb 11, 2019 | n/a |
| CVE-2018-20776 | Frog CMS 0.9.5 provides a directory listing for a /public request. | Medium | Feb 11, 2019 | n/a |
| CVE-2018-20775 | admin/?/plugin/file_manager in Frog CMS 0.9.5 allows PHP code execution by creating a new .php file containing PHP code, and then visiting this file under the public/ URI. | Medium | Feb 11, 2019 | n/a |
| CVE-2018-20774 | Frog CMS 0.9.5 has XSS via the admin/?/layout/edit/1 Body field. | Low | Feb 11, 2019 | n/a |
| CVE-2018-20773 | Frog CMS 0.9.5 allows PHP code execution by visiting admin/?/page/edit/1 and inserting additional <?php lines. | Medium | Feb 11, 2019 | n/a |
| CVE-2018-20772 | Frog CMS 0.9.5 allows PHP code execution via <?php to the admin/?/layout/edit/1 URI. | Medium | Feb 11, 2019 | n/a |
| CVE-2018-20771 | An issue was discovered on Xerox WorkCentre 3655, 3655i, 58XX, 58XXi, 59XX, 59XXi, 6655, 6655i, 72XX, 72XXi, 78XX, 78XXi, 7970, 7970i, EC7836, and EC7856 devices before R18-05 073.xxx.0487.15000. There is unauthenticated Remote Command Execution. | High | Feb 13, 2019 | n/a |
| CVE-2018-20770 | An issue was discovered on Xerox WorkCentre 3655, 3655i, 58XX, 58XXi, 59XX, 59XXi, 6655, 6655i, 72XX, 72XXi, 78XX, 78XXi, 7970, 7970i, EC7836, and EC7856 devices before R18-05 073.xxx.0487.15000. There is Blind SQL Injection. | High | Feb 13, 2019 | n/a |
| CVE-2018-20769 | An issue was discovered on Xerox WorkCentre 3655, 3655i, 58XX, 58XXi, 59XX, 59XXi, 6655, 6655i, 72XX, 72XXi, 78XX, 78XXi, 7970, 7970i, EC7836, and EC7856 devices before R18-05 073.xxx.0487.15000. There is a Local File Inclusion vulnerability. | Medium | Feb 13, 2019 | n/a |
| CVE-2018-20768 | An issue was discovered on Xerox WorkCentre 3655, 3655i, 58XX, 58XXi, 59XX, 59XXi, 6655, 6655i, 72XX, 72XXi, 78XX, 78XXi, 7970, 7970i, EC7836, and EC7856 devices before R18-05 073.xxx.0487.15000. An attacker can execute PHP code by leveraging a writable file. | High | Feb 13, 2019 | n/a |
| CVE-2018-20767 | An issue was discovered on Xerox WorkCentre 3655, 3655i, 58XX, 58XXi, 59XX, 59XXi, 6655, 6655i, 72XX, 72XXi, 78XX, 78XXi, 7970, 7970i, EC7836, and EC7856 devices before R18-05 073.xxx.0487.15000. There is authenticated remote command execution. | Medium | Feb 13, 2019 | n/a |
| CVE-2018-20764 | A buffer overflow exists in HelpSystems tcpcrypt on Linux, used for BoKS encrypted telnet through BoKS version 6.7.1. Since tcpcrypt is setuid, exploitation leads to privilege escalation. | High | Feb 11, 2019 | n/a |
| CVE-2018-20763 | In GPAC 0.7.1 and earlier, gf_text_get_utf8_line in media_tools/text_import.c in libgpac_static.a allows an out-of-bounds write because of missing szLineConv bounds checking. | Medium | Feb 7, 2019 | n/a |
| CVE-2018-20762 | GPAC version 0.7.1 and earlier has a buffer overflow vulnerability in the cat_multiple_files function in applications/mp4box/fileimport.c when MP4Box is used for a local directory containing crafted filenames. | Medium | Feb 7, 2019 | n/a |
| CVE-2018-20761 | GPAC version 0.7.1 and earlier has a Buffer Overflow vulnerability in the gf_sm_load_init function in scene_manager.c in libgpac_static.a. | Medium | Feb 7, 2019 | n/a |
| CVE-2018-20760 | In GPAC 0.7.1 and earlier, gf_text_get_utf8_line in media_tools/text_import.c in libgpac_static.a allows an out-of-bounds write because a certain -1 return value is mishandled. | Medium | Feb 7, 2019 | n/a |
| CVE-2018-20758 | MODX Revolution through v2.7.0-pl allows XSS via User Settings such as Description. | LOW | Oct 23, 2019 | n/a |
| CVE-2018-20757 | MODX Revolution through v2.7.0-pl allows XSS via an extended user field such as Container name or Attribute name. | Medium | Feb 6, 2019 | n/a |
| CVE-2018-20756 | MODX Revolution through v2.7.0-pl allows XSS via a document resource (such as pagetitle), which is mishandled during an Update action, a Quick Edit action, or the viewing of manager logs. | Medium | Feb 6, 2019 | n/a |
| CVE-2018-20755 | MODX Revolution through v2.7.0-pl allows XSS via the User Photo field. | Medium | Feb 6, 2019 | n/a |
| CVE-2018-20753 | Kaseya VSA RMM before R9.3 9.3.0.35, R9.4 before 9.4.0.36, and R9.5 before 9.5.0.5 allows unprivileged remote attackers to execute PowerShell payloads on all managed devices. In January 2018, attackers actively exploited this vulnerability in the wild. | HIGH | Feb 5, 2019 | n/a |
| CVE-2018-20752 | An issue was discovered in Recon-ng before 4.9.5. Lack of validation in the modules/reporting/csv.py file allows CSV injection. More specifically, when a Twitter user possesses an Excel macro for a username, it will not be properly sanitized when exported to a CSV file. This can result in remote code execution for the attacker. | HIGH | Feb 4, 2019 | n/a |
| CVE-2018-20751 | An issue was discovered in crop_page in PoDoFo 0.9.6. For a crafted PDF document, pPage->GetObject()->GetDictionary().AddKey(PdfName(MediaBox),var) can be problematic due to the function GetObject() being called for the pPage NULL pointer object. The value of pPage at this point is 0x0, which causes a NULL pointer dereference. | Medium | Feb 8, 2019 | n/a |
| CVE-2018-20750 | LibVNC through 0.9.12 contains a heap out-of-bounds write vulnerability in libvncserver/rfbserver.c. The fix for CVE-2018-15127 was incomplete. | High | Feb 5, 2019 | n/a |
| CVE-2018-20749 | LibVNC before 0.9.12 contains a heap out-of-bounds write vulnerability in libvncserver/rfbserver.c. The fix for CVE-2018-15127 was incomplete. | High | Feb 5, 2019 | n/a |
| CVE-2018-20748 | LibVNC before 0.9.12 contains multiple heap out-of-bounds write vulnerabilities in libvncclient/rfbproto.c. The fix for CVE-2018-20019 was incomplete. | High | Feb 1, 2019 | n/a |
| CVE-2018-20745 | Yii 2.x through 2.0.15.1 actively converts a wildcard CORS policy into reflecting an arbitrary Origin header value, which is incompatible with the CORS security design, and could lead to CORS misconfiguration security problems. | MEDIUM | Jan 28, 2019 | n/a |
| CVE-2018-20744 | The Olivier Poitrey Go CORS handler through 1.3.0 actively converts a wildcard CORS policy into reflecting an arbitrary Origin header value, which is incompatible with the CORS security design, and could lead to CORS misconfiguration security problems. | MEDIUM | Feb 6, 2019 | n/a |
| CVE-2018-20743 | murmur in Mumble through 1.2.19 before 2018-08-31 mishandles multiple concurrent requests that are persisted in the database, which allows remote attackers to cause a denial of service (daemon hang or crash) via a message flood. | Medium | Feb 7, 2019 | n/a |
| CVE-2018-20742 | An issue was discovered in UC Berkeley RISE Opaque before 2018-12-01. There is no boundary check on ocall_malloc. The return value could be a pointer to enclave memory. It could cause an arbitrary enclave memory write. | Medium | Feb 13, 2019 | n/a |
| CVE-2018-20737 | An issue was discovered in WSO2 API Manager 2.1.0 and 2.6.0. Reflected XSS exists in the carbon part of the product. | LOW | Mar 27, 2019 | n/a |
| CVE-2018-20736 | An issue was discovered in WSO2 API Manager 2.1.0 and 2.6.0. A DOM-based XSS exists in the store part of the product. | LOW | Mar 27, 2019 | n/a |
| CVE-2018-20735 | An issue was discovered in BMC PATROL Agent through 11.3.01. It was found that the PatrolCli application can allow for lateral movement and escalation of privilege inside a Windows Active Directory environment. It was found that by default the PatrolCli / PATROL Agent application only verifies if the password provided for the given username is correct; it does not verify the permissions of the user on the network. This means if you have PATROL Agent installed on a high value target (domain controller), you can use a low privileged domain user to authenticate with PatrolCli and then connect to the domain controller and run commands as SYSTEM. This means any user on a domain can escalate to domain admin through PATROL Agent. NOTE: the vendor disputes this because they believe it is adequate to prevent this escalation by means of a custom, non-default configuration | HIGH | Oct 3, 2019 | n/a |
| CVE-2018-20733 | BI Web Services in SAS Web Infrastructure Platform before 9.4M6 allows XXE. | Medium | Feb 1, 2019 | n/a |
| CVE-2018-20732 | SAS Web Infrastructure Platform before 9.4M6 allows remote attackers to execute arbitrary code via a Java deserialization variant. | High | Feb 7, 2019 | n/a |
| CVE-2018-20731 | A stored cross site scripting (XSS) vulnerability in NeDi before 1.7Cp3 allows remote attackers to inject arbitrary web script or HTML via User-Chat.php. | Medium | Jan 22, 2019 | n/a |
| CVE-2018-20730 | A SQL injection vulnerability in NeDi before 1.7Cp3 allows any user to execute arbitrary SQL read commands via the query.php component. | Medium | Jan 22, 2019 | n/a |
| CVE-2018-20729 | A reflected cross site scripting (XSS) vulnerability in NeDi before 1.7Cp3 allows remote attackers to inject arbitrary web script or HTML via the reg parameter in mh.php. | Medium | Jan 22, 2019 | n/a |
| CVE-2018-20728 | A cross site request forgery (CSRF) vulnerability in NeDi before 1.7Cp3 allows remote attackers to escalate privileges via User-Management.php. | Medium | Jan 22, 2019 | n/a |
| CVE-2018-20727 | Multiple command injection vulnerabilities in NeDi before 1.7Cp3 allow authenticated users to execute code on the server side via the flt parameter to Nodes-Traffic.php, the dv parameter to Devices-Graph.php, or the tit parameter to drawmap.php. | Medium | Feb 1, 2019 | n/a |
| CVE-2018-20726 | A cross-site scripting (XSS) vulnerability exists in host.php (via tree.php) in Cacti before 1.2.0 due to lack of escaping of unintended characters in the Website Hostname field for Devices. | Low | Jan 17, 2019 | n/a |
| CVE-2018-20725 | A cross-site scripting (XSS) vulnerability exists in graph_templates.php in Cacti before 1.2.0 due to lack of escaping of unintended characters in the Graph Vertical Label. | Low | Jan 17, 2019 | n/a |
| CVE-2018-20724 | A cross-site scripting (XSS) vulnerability exists in pollers.php in Cacti before 1.2.0 due to lack of escaping of unintended characters in the Website Hostname for Data Collectors. | Low | Jan 17, 2019 | n/a |
| CVE-2018-20723 | A cross-site scripting (XSS) vulnerability exists in color_templates.php in Cacti before 1.2.0 due to lack of escaping of unintended characters in the Name field for a Color. | Low | Jan 17, 2019 | n/a |
| CVE-2018-20721 | URI_FUNC() in UriParse.c in uriparser before 0.9.1 has an out-of-bounds read (in uriParse*Ex* functions) for an incomplete URI with an IPv6 address containing an embedded IPv4 address, such as a //[::44.1 address. | High | Jan 22, 2019 | n/a |
| CVE-2018-20720 | ABB Relion 630 devices 1.1 before 1.1.0.C0, 1.2 before 1.2.0.B3, and 1.3 before 1.3.0.A6 allow remote attackers to cause a denial of service (reboot) via a reboot command in an SPA message. | High | Feb 1, 2019 | n/a |
| CVE-2018-20719 | In Tiki before 17.2, the user task component is vulnerable to a SQL Injection via the tiki-user_tasks.php show_history parameter. | Medium | Jan 18, 2019 | n/a |
