The Common Vulnerabilities and Exposures (CVE) project, maintained by the MITRE Corporation, is a list of all standardized names for vulnerabilities and security exposures.
ID | Description | Priority | Modified date | Fixed Release |
---|---|---|---|---|
CVE-2018-16149 | In sig_verify() in x509.c in axTLS version 2.1.3 and before, the PKCS#1 v1.5 signature verification blindly trusts the declared lengths in the ASN.1 structure. Consequently, when small public exponents are being used, a remote attacker can generate purposefully crafted signatures (and put them on X.509 certificates) to induce illegal memory access and crash the verifier. | MEDIUM | Nov 7, 2018 | n/a |
CVE-2018-16150 | In sig_verify() in x509.c in axTLS version 2.1.3 and before, the PKCS#1 v1.5 signature verification does not reject excess data after the hash value. Consequently, a remote attacker can forge signatures when small public exponents are being used, which could lead to impersonation through fake X.509 certificates. This is a variant of CVE-2006-4340. | MEDIUM | Nov 7, 2018 | n/a |
CVE-2018-16151 | In verify_emsa_pkcs1_signature() in gmp_rsa_public_key.c in the gmp plugin in strongSwan 4.x and 5.x before 5.7.0, the RSA implementation based on GMP does not reject excess data after the encoded algorithm OID during PKCS#1 v1.5 signature verification. Similar to the flaw in the same version of strongSwan regarding digestAlgorithm.parameters, a remote attacker can forge signatures when small public exponents are being used, which could lead to impersonation when only an RSA signature is used for IKEv2 authentication. | MEDIUM | Sep 27, 2018 | n/a |
CVE-2018-16152 | In verify_emsa_pkcs1_signature() in gmp_rsa_public_key.c in the gmp plugin in strongSwan 4.x and 5.x before 5.7.0, the RSA implementation based on GMP does not reject excess data in the digestAlgorithm.parameters field during PKCS#1 v1.5 signature verification. Consequently, a remote attacker can forge signatures when small public exponents are being used, which could lead to impersonation when only an RSA signature is used for IKEv2 authentication. This is a variant of CVE-2006-4790 and CVE-2014-1568. | MEDIUM | Sep 27, 2018 | n/a |
CVE-2018-16153 | An issue was discovered in Apereo Opencast 4.x through 10.x before 10.6. It sends system digest credentials during authentication attempts to arbitrary external services in some situations. | -- | Dec 12, 2023 | n/a |
CVE-2018-16156 | In PaperStream IP (TWAIN) 1.42.0.5685 (Service Update 7), the FJTWSVIC service running with SYSTEM privilege processes unauthenticated messages received over the FjtwMkic_Fjicube_32 named pipe. One of these message processing functions attempts to dynamically load the UninOldIS.dll library and executes an exported function named ChangeUninstallString. The default install does not contain this library and therefore if any DLL with that name exists in any directory listed in the PATH variable, it can be used to escalate to SYSTEM level privilege. | HIGH | May 21, 2019 | n/a |
CVE-2018-16157 | waimai Super Cms 20150505 has a logic flaw allowing attackers to modify a price, before form submission, by observing data in a packet capture. By setting the index.php?m=cart&a=save item_totals parameter to zero, the entire cart is sold for free. | MEDIUM | Aug 30, 2018 | n/a |
CVE-2018-16158 | Eaton Power Xpert Meter 4000, 6000, and 8000 devices before 13.4.0.10 have a single SSH private key across different customers' installations and do not properly restrict access to this key, which makes it easier for remote attackers to perform SSH logins (to uid 0) via the PubkeyAuthentication option. | HIGH | Aug 30, 2018 | n/a |
CVE-2018-16159 | The Gift Vouchers plugin through 2.0.1 for WordPress allows SQL Injection via the template_id parameter in a wp-admin/admin-ajax.php wpgv_doajax_front_template request. | HIGH | Aug 30, 2018 | n/a |
CVE-2018-16160 | SecureCore Standard Edition Version 2.x allows an attacker to bypass the product \'s authentication to log in to a Windows PC. | MEDIUM | Nov 15, 2018 | n/a |
CVE-2018-16161 | OpenDolphin 2.7.0 and earlier allows authenticated users to gain administrative privileges and perform unintended operations. | HIGH | Nov 15, 2018 | n/a |
CVE-2018-16162 | OpenDolphin 2.7.0 and earlier allows authenticated attackers to obtain other users credentials such as a user ID and/or its password via unspecified vectors. | MEDIUM | Nov 15, 2018 | n/a |
CVE-2018-16163 | OpenDolphin 2.7.0 and earlier allows authenticated attackers to bypass authentication to create and/or delete other users accounts via unspecified vectors. | MEDIUM | Nov 15, 2018 | n/a |
CVE-2018-16164 | Cross-site scripting vulnerability in Event Calendar WD version 1.1.21 and earlier allows remote authenticated attackers to inject arbitrary web script or HTML via unspecified vectors. | LOW | Jan 10, 2019 | n/a |
CVE-2018-16165 | Cross-site scripting vulnerability in LogonTracer 1.2.0 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | Medium | Jan 14, 2019 | n/a |
CVE-2018-16166 | LogonTracer 1.2.0 and earlier allows remote attackers to conduct XML External Entity (XXE) attacks via unspecified vectors. | MEDIUM | Jan 9, 2019 | n/a |
CVE-2018-16167 | LogonTracer 1.2.0 and earlier allows remote attackers to execute arbitrary OS commands via unspecified vectors. | HIGH | Jan 9, 2019 | n/a |
CVE-2018-16168 | LogonTracer 1.2.0 and earlier allows remote attackers to conduct Python code injection attacks via unspecified vectors. | HIGH | Jan 9, 2019 | n/a |
CVE-2018-16169 | Cybozu Remote Service 3.0.0 to 3.1.0 allows remote authenticated attackers to upload and execute Java code file on the server via unspecified vectors. | Medium | Jan 14, 2019 | n/a |
CVE-2018-16170 | Directory traversal vulnerability in Cybozu Remote Service 3.0.0 to 3.1.8 for Windows allows remote authenticated attackers to read arbitrary files via unspecified vectors. | Medium | Jan 14, 2019 | n/a |
CVE-2018-16171 | Directory traversal vulnerability in Cybozu Remote Service 3.0.0 to 3.1.8 allows remote attackers to execute Java code file on the server via unspecified vectors. | Medium | Jan 14, 2019 | n/a |
CVE-2018-16172 | Improper countermeasure against clickjacking attack in client certificates management screen was discovered in Cybozu Remote Service 3.0.0 to 3.1.8, that allows remote attackers to trick a user to delete the registered client certificate. | Medium | Jan 14, 2019 | n/a |
CVE-2018-16173 | Cross-site scripting vulnerability in LearnPress prior to version 3.1.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | Medium | Jan 11, 2019 | n/a |
CVE-2018-16174 | Open redirect vulnerability in LearnPress prior to version 3.1.0 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors. | Medium | Jan 11, 2019 | n/a |
CVE-2018-16175 | SQL injection vulnerability in the LearnPress prior to version 3.1.0 allows attacker with administrator rights to execute arbitrary SQL commands via unspecified vectors. | Medium | Jan 11, 2019 | n/a |
CVE-2018-16176 | Untrusted search path vulnerability in Installer of Mapping Tool 2.0.1.6 and 2.0.1.7 allows remote attackers to gain privileges via a Trojan horse DLL in an unspecified directory. | MEDIUM | Jan 9, 2019 | n/a |
CVE-2018-16177 | Untrusted search path vulnerability in The installer of Windows 10 Fall Creators Update Modify module for Security Measures tool allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. | MEDIUM | Jan 9, 2019 | n/a |
CVE-2018-16178 | Cybozu Garoon 3.0.0 to 4.10.0 allows remote attackers to bypass access restriction to view information available only for a sign-on user via Single sign-on function. | MEDIUM | Jan 9, 2019 | n/a |
CVE-2018-16179 | The Mizuho Direct App for Android version 3.13.0 and earlier does not verify server certificates, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | MEDIUM | Jan 9, 2019 | n/a |
CVE-2018-16180 | Cross-site scripting vulnerability in i-FILTER Ver.9.50R05 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | MEDIUM | Jan 9, 2019 | n/a |
CVE-2018-16181 | HTTP header injection vulnerability in i-FILTER Ver.9.50R05 and earlier may allow remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks that may result in an arbitrary script injection or setting an arbitrary cookie values via unspecified vectors. | MEDIUM | Jan 9, 2019 | n/a |
CVE-2018-16182 | Untrusted search path vulnerability in the installer of MARKET SPEED Ver.16.4 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. | MEDIUM | Jan 9, 2019 | n/a |
CVE-2018-16183 | An unquoted search path vulnerability in some pre-installed applications on Panasonic PC run on Windows 7 (32bit), Windows 7 (64bit), Windows 8 (64bit), Windows 8.1 (64bit), Windows 10 (64bit) delivered in or later than October 2009 allow local users to gain privileges via a Trojan horse executable file and execute arbitrary code with eleveted privileges. | MEDIUM | Jan 9, 2019 | n/a |
CVE-2018-16184 | RICOH Interactive Whiteboard D2200 V1.6 to V2.2, D5500 V1.6 to V2.2, D5510 V1.6 to V2.2, and the display versions with RICOH Interactive Whiteboard Controller Type1 V1.6 to V2.2 attached (D5520, D6500, D6510, D7500, D8400) allows remote attackers to execute arbitrary commands via unspecified vectors. | HIGH | Jan 9, 2019 | n/a |
CVE-2018-16185 | RICOH Interactive Whiteboard D2200 V1.1 to V2.2, D5500 V1.1 to V2.2, D5510 V1.1 to V2.2, the display versions with RICOH Interactive Whiteboard Controller Type1 V1.1 to V2.2 attached (D5520, D6500, D6510, D7500, D8400), and the display versions with RICOH Interactive Whiteboard Controller Type2 V3.0 to V3.1.10137.0 attached (D5520, D6510, D7500, D8400) allows remote attackers to execute a malicious program. | MEDIUM | Jan 9, 2019 | n/a |
CVE-2018-16186 | RICOH Interactive Whiteboard D2200 V1.1 to V2.2, D5500 V1.1 to V2.2, D5510 V1.1 to V2.2, the display versions with RICOH Interactive Whiteboard Controller Type1 V1.1 to V2.2 attached (D5520, D6500, D6510, D7500, D8400), and the display versions with RICOH Interactive Whiteboard Controller Type2 V3.0 to V3.1.10137.0 attached (D5520, D6510, D7500, D8400) uses hard-coded credentials, which may allow an attacker on the same network segments to login to the administrators settings screen and change the configuration. | HIGH | Jan 9, 2019 | n/a |
CVE-2018-16187 | The RICOH Interactive Whiteboard D2200 V1.3 to V2.2, D5500 V1.3 to V2.2, D5510 V1.3 to V2.2, the display versions with RICOH Interactive Whiteboard Controller Type1 V1.3 to V2.2 attached (D5520, D6500, D6510, D7500, D8400), and the display versions with RICOH Interactive Whiteboard Controller Type2 V3.0 to V3.1.10137.0 attached (D5520, D6510, D7500, D8400) does not verify its server certificates, which allows man-in-the-middle attackers to eversdrop on encrypted communication. | MEDIUM | Jan 9, 2019 | n/a |
CVE-2018-16188 | SQL injection vulnerability in the RICOH Interactive Whiteboard D2200 V1.3 to V2.2, D5500 V1.3 to V2.2, D5510 V1.3 to V2.2, the display versions with RICOH Interactive Whiteboard Controller Type1 V1.3 to V2.2 attached (D5520, D6500, D6510, D7500, D8400), and the display versions with RICOH Interactive Whiteboard Controller Type2 V3.0 to V3.1.10137.0 attached (D5520, D6510, D7500, D8400) allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | HIGH | Jan 9, 2019 | n/a |
CVE-2018-16189 | Untrusted search path vulnerability in Self-Extracting Archives created by UNLHA32.DLL prior to Ver 3.00 allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. | MEDIUM | Feb 13, 2019 | n/a |
CVE-2018-16190 | Untrusted search path vulnerability in UNARJ32.DLL for Win32, LHMelting for Win32, and LMLzh32.DLL (UNARJ32.DLL for Win32 Ver 1.10.1.25 and earlier, LHMelting for Win32 Ver 1.65.3.6 and earlier, LMLzh32.DLL Ver 2.67.1.2 and earlier) allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. | MEDIUM | Feb 13, 2019 | n/a |
CVE-2018-16191 | Open redirect vulnerability in EC-CUBE (EC-CUBE 3.0.0, EC-CUBE 3.0.1, EC-CUBE 3.0.2, EC-CUBE 3.0.3, EC-CUBE 3.0.4, EC-CUBE 3.0.5, EC-CUBE 3.0.6, EC-CUBE 3.0.7, EC-CUBE 3.0.8, EC-CUBE 3.0.9, EC-CUBE 3.0.10, EC-CUBE 3.0.11, EC-CUBE 3.0.12, EC-CUBE 3.0.12-p1, EC-CUBE 3.0.13, EC-CUBE 3.0.14, EC-CUBE 3.0.15, EC-CUBE 3.0.16) allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors. | MEDIUM | Jan 9, 2019 | n/a |
CVE-2018-16192 | Aterm WF1200CR and Aterm WG1200CR (Aterm WF1200CR firmware Ver1.1.1 and earlier, Aterm WG1200CR firmware Ver1.0.1 and earlier) allow an attacker on the same network segment to obtain information registered on the device via unspecified vectors. | LOW | Jan 9, 2019 | n/a |
CVE-2018-16193 | Cross-site scripting vulnerability in Aterm WF1200CR and Aterm WG1200CR (Aterm WF1200CR firmware Ver1.1.1 and earlier, Aterm WG1200CR firmware Ver1.0.1 and earlier) allows authenticated attackers to inject arbitrary web script or HTML via unspecified vectors. | LOW | Jan 9, 2019 | n/a |
CVE-2018-16194 | Aterm WF1200CR and Aterm WG1200CR (Aterm WF1200CR firmware Ver1.1.1 and earlier, Aterm WG1200CR firmware Ver1.0.1 and earlier) allows authenticated attackers to execute arbitrary OS commands via unspecified vectors. | HIGH | Jan 9, 2019 | n/a |
CVE-2018-16195 | Aterm WF1200CR and Aterm WG1200CR (Aterm WF1200CR firmware Ver1.1.1 and earlier, Aterm WG1200CR firmware Ver1.0.1 and earlier) allows an attacker on the same network segment to execute arbitrary OS commands via SOAP interface of UPnP. | HIGH | Jan 9, 2019 | n/a |
CVE-2018-16196 | Multiple Yokogawa products that contain Vnet/IP Open Communication Driver (CENTUM CS 3000(R3.05.00 - R3.09.50), CENTUM CS 3000 Entry Class(R3.05.00 - R3.09.50), CENTUM VP(R4.01.00 - R6.03.10), CENTUM VP Entry Class(R4.01.00 - R6.03.10), Exaopc(R3.10.00 - R3.75.00), PRM(R2.06.00 - R3.31.00), ProSafe-RS(R1.02.00 - R4.02.00), FAST/TOOLS(R9.02.00 - R10.02.00), B/M9000 VP(R6.03.01 - R8.01.90)) allows remote attackers to cause a denial of service attack that may result in stopping Vnet/IP Open Communication Driver\'s communication via unspecified vectors. | MEDIUM | Jan 10, 2019 | n/a |
CVE-2018-16197 | Toshiba Home gateway HEM-GW16A 1.2.9 and earlier, Toshiba Home gateway HEM-GW26A 1.2.9 and earlier allows an attacker on the same network segment to bypass access restriction to access the information and files stored on the affected device. | LOW | Jan 9, 2019 | n/a |
CVE-2018-16198 | Toshiba Home gateway HEM-GW16A 1.2.9 and earlier, Toshiba Home gateway HEM-GW26A 1.2.9 and earlier may allow an attacker on the same network segment to access a non-documented developer screen to perform operations on the affected device. | MEDIUM | Jan 9, 2019 | n/a |
CVE-2018-16199 | Cross-site scripting vulnerability in Toshiba Home gateway HEM-GW16A 1.2.9 and earlier, Toshiba Home gateway HEM-GW26A 1.2.9 and earlier allows an remote attacker to inject arbitrary web script or HTML via unspecified vectors. | MEDIUM | Jan 9, 2019 | n/a |
CVE-2018-16200 | Toshiba Home gateway HEM-GW16A 1.2.9 and earlier, Toshiba Home gateway HEM-GW26A 1.2.9 and earlier allows an attacker on the same network segment to execute arbitrary OS commands. | MEDIUM | Jan 9, 2019 | n/a |