The Common Vulnerabilities and Exposures (CVE) project, maintained by the MITRE Corporation, is a list of all standardized names for vulnerabilities and security exposures.
ID | Description | Priority | Modified date | Fixed Release |
---|---|---|---|---|
CVE-2018-16264 | The BlueZ system service in Tizen allows an unprivileged process to partially control Bluetooth or acquire sensitive information, due to improper D-Bus security policy configurations. This affects Tizen before 5.0 M1, and Tizen-based firmwares including Samsung Galaxy Gear series before build RE2. | LOW | Feb 3, 2020 | n/a |
CVE-2018-16265 | The bt/bt_core system service in Tizen allows an unprivileged process to create a system user interface and control the Bluetooth pairing process, due to improper D-Bus security policy configurations. This affects Tizen before 5.0 M1, and Tizen-based firmwares including Samsung Galaxy Gear series before build RE2. | LOW | Feb 3, 2020 | n/a |
CVE-2018-16266 | The Enlightenment system service in Tizen allows an unprivileged process to fully control or capture windows, due to improper D-Bus security policy configurations. This affects Tizen before 5.0 M1, and Tizen-based firmwares including Samsung Galaxy Gear series before build RE2. | MEDIUM | Feb 3, 2020 | n/a |
CVE-2018-16267 | The system-popup system service in Tizen allows an unprivileged process to perform popup-related system actions, due to improper D-Bus security policy configurations. Such actions include the triggering system poweroff menu, and prompting a popup with arbitrary strings. This affects Tizen before 5.0 M1, and Tizen-based firmwares including Samsung Galaxy Gear series before build RE2. | MEDIUM | Feb 3, 2020 | n/a |
CVE-2018-16268 | The SoundServer/FocusServer system services in Tizen allow an unprivileged process to perform media-related system actions, due to improper D-Bus security policy configurations. Such actions include playing an arbitrary sound file or DTMF tones. This affects Tizen before 5.0 M1, and Tizen-based firmwares including Samsung Galaxy Gear series before build RE2. | LOW | Feb 3, 2020 | n/a |
CVE-2018-16269 | The wnoti system service in Samsung Galaxy Gear series allows an unprivileged process to take over the internal notification message data, due to improper D-Bus security policy configurations. This affects Tizen-based firmwares including Samsung Galaxy Gear series before build RE2. | MEDIUM | Jan 30, 2020 | n/a |
CVE-2018-16270 | Samsung Galaxy Gear series before build RE2 includes the hcidump utility with no privilege or permission restriction. This allows an unprivileged process to dump Bluetooth HCI packets to an arbitrary file path. | MEDIUM | Jan 30, 2020 | n/a |
CVE-2018-16271 | The wemail_consumer_service (from the built-in application wemail) in Samsung Galaxy Gear series allows an unprivileged process to manipulate a user\'s mailbox, due to improper D-Bus security policy configurations. An arbitrary email can also be sent from the mailbox via the paired smartphone. This affects Tizen-based firmwares including Samsung Galaxy Gear series before build RE2. | LOW | Jan 30, 2020 | n/a |
CVE-2018-16272 | The wpa_supplicant system service in Samsung Galaxy Gear series allows an unprivileged process to fully control the Wi-Fi interface, due to the lack of its D-Bus security policy configurations. This affects Tizen-based firmwares including Samsung Galaxy Gear series before build RE2. | HIGH | Jan 30, 2020 | n/a |
CVE-2018-16275 | OPSWAT MetaDefender before v4.11.2 allows CSV injection. | MEDIUM | Aug 31, 2018 | n/a |
CVE-2018-16276 | An issue was discovered in yurex_read in drivers/usb/misc/yurex.c in the Linux kernel before 4.17.7. Local attackers could use user access read/writes with incorrect bounds checking in the yurex USB driver to crash the kernel or potentially escalate privileges. | HIGH | Aug 31, 2018 | n/a |
CVE-2018-16277 | The Image Import function in XWiki through 10.7 has XSS. | LOW | Sep 27, 2018 | n/a |
CVE-2018-16278 | phpkaiyuancms PhpOpenSourceCMS (POSCMS) V3.2.0 allows an unauthenticated user to execute arbitrary SQL commands via the diy/module/member/controllers/Api.php ajax_save_draft function with the dir parameter. | HIGH | Aug 31, 2018 | n/a |
CVE-2018-16281 | The DEISER Profields - Project Custom Fields app before 6.0.2 for Jira has Incorrect Access Control. | HIGH | Sep 21, 2018 | n/a |
CVE-2018-16282 | A command injection vulnerability in the web server functionality of Moxa EDR-810 V4.2 build 18041013 allows remote attackers to execute arbitrary OS commands with root privilege via the caname parameter to the /xml/net_WebCADELETEGetValue URI. | HIGH | Sep 20, 2018 | n/a |
CVE-2018-16283 | The Wechat Broadcast plugin 1.2.0 and earlier for WordPress allows Directory Traversal via the Image.php url parameter. | HIGH | Sep 25, 2018 | n/a |
CVE-2018-16285 | The UserPro plugin through 4.9.23 for WordPress allows XSS via the shortcode parameter in a userpro_shortcode_template action to wp-admin/admin-ajax.php. | MEDIUM | Sep 8, 2018 | n/a |
CVE-2018-16286 | LG SuperSign CMS allows authentication bypass because the CAPTCHA requirement is skipped if a captcha:pass cookie is sent, and because the PIN is limited to four digits. | MEDIUM | Sep 14, 2018 | n/a |
CVE-2018-16287 | LG SuperSign CMS allows file upload via signEzUI/playlist/edit/upload/..%2f URIs. | HIGH | Sep 14, 2018 | n/a |
CVE-2018-16288 | LG SuperSign CMS allows reading of arbitrary files via signEzUI/playlist/edit/upload/..%2f URIs. | HIGH | Sep 14, 2018 | n/a |
CVE-2018-16291 | An exploitable use-after-free vulnerability exists in the JavaScript engine of Foxit Reader before 9.3 and PhantomPDF before 9.3, a different vulnerability than CVE-2018-16292, CVE-2018-16293, CVE-2018-16294, CVE-2018-16295, CVE-2018-16296, and CVE-2018-16297. A specially crafted PDF document can trigger a previously freed object in memory to be reused, resulting in arbitrary code execution. An attacker needs to trick the user to open the malicious file to trigger this vulnerability. If the browser plugin extension is enabled, visiting a malicious site can also trigger the vulnerability. | MEDIUM | Oct 8, 2018 | n/a |
CVE-2018-16292 | An exploitable use-after-free vulnerability exists in the JavaScript engine of Foxit Reader before 9.3 and PhantomPDF before 9.3, a different vulnerability than CVE-2018-16291, CVE-2018-16293, CVE-2018-16294, CVE-2018-16295, CVE-2018-16296, and CVE-2018-16297. A specially crafted PDF document can trigger a previously freed object in memory to be reused, resulting in arbitrary code execution. An attacker needs to trick the user to open the malicious file to trigger this vulnerability. If the browser plugin extension is enabled, visiting a malicious site can also trigger the vulnerability. | MEDIUM | Oct 8, 2018 | n/a |
CVE-2018-16293 | An exploitable use-after-free vulnerability exists in the JavaScript engine of Foxit Reader before 9.3 and PhantomPDF before 9.3, a different vulnerability than CVE-2018-16291, CVE-2018-16292, CVE-2018-16294, CVE-2018-16295, CVE-2018-16296, and CVE-2018-16297. A specially crafted PDF document can trigger a previously freed object in memory to be reused, resulting in arbitrary code execution. An attacker needs to trick the user to open the malicious file to trigger this vulnerability. If the browser plugin extension is enabled, visiting a malicious site can also trigger the vulnerability. | MEDIUM | Oct 8, 2018 | n/a |
CVE-2018-16294 | An exploitable use-after-free vulnerability exists in the JavaScript engine of Foxit Reader before 9.3 and PhantomPDF before 9.3, a different vulnerability than CVE-2018-16291, CVE-2018-16292, CVE-2018-16293, CVE-2018-16295, CVE-2018-16296, and CVE-2018-16297. A specially crafted PDF document can trigger a previously freed object in memory to be reused, resulting in arbitrary code execution. An attacker needs to trick the user to open the malicious file to trigger this vulnerability. If the browser plugin extension is enabled, visiting a malicious site can also trigger the vulnerability. | MEDIUM | Oct 8, 2018 | n/a |
CVE-2018-16295 | An exploitable use-after-free vulnerability exists in the JavaScript engine of Foxit Reader before 9.3 and PhantomPDF before 9.3, a different vulnerability than CVE-2018-16291, CVE-2018-16292, CVE-2018-16293, CVE-2018-16294, CVE-2018-16296, and CVE-2018-16297. A specially crafted PDF document can trigger a previously freed object in memory to be reused, resulting in arbitrary code execution. An attacker needs to trick the user to open the malicious file to trigger this vulnerability. If the browser plugin extension is enabled, visiting a malicious site can also trigger the vulnerability. | MEDIUM | Oct 8, 2018 | n/a |
CVE-2018-16296 | An exploitable use-after-free vulnerability exists in the JavaScript engine of Foxit Reader before 9.3 and PhantomPDF before 9.3, a different vulnerability than CVE-2018-16291, CVE-2018-16292, CVE-2018-16293, CVE-2018-16294, CVE-2018-16295, and CVE-2018-16297. A specially crafted PDF document can trigger a previously freed object in memory to be reused, resulting in arbitrary code execution. An attacker needs to trick the user to open the malicious file to trigger this vulnerability. If the browser plugin extension is enabled, visiting a malicious site can also trigger the vulnerability. | MEDIUM | Oct 8, 2018 | n/a |
CVE-2018-16297 | An exploitable use-after-free vulnerability exists in the JavaScript engine of Foxit Reader before 9.3 and PhantomPDF before 9.3, a different vulnerability than CVE-2018-16291, CVE-2018-16292, CVE-2018-16293, CVE-2018-16294, CVE-2018-16295, and CVE-2018-16296. A specially crafted PDF document can trigger a previously freed object in memory to be reused, resulting in arbitrary code execution. An attacker needs to trick the user to open the malicious file to trigger this vulnerability. If the browser plugin extension is enabled, visiting a malicious site can also trigger the vulnerability. | MEDIUM | Oct 8, 2018 | n/a |
CVE-2018-16298 | An issue was discovered in MiniCMS 1.10. There is an mc-admin/post.php?tag= XSS vulnerability for a state=delete, state=draft, or state=publish request. | MEDIUM | Aug 31, 2018 | n/a |
CVE-2018-16299 | The Localize My Post plugin 1.0 for WordPress allows Directory Traversal via the ajax/include.php file parameter. | MEDIUM | Sep 24, 2018 | n/a |
CVE-2018-16300 | The BGP parser in tcpdump before 4.9.3 allows stack consumption in print-bgp.c:bgp_attr_print() because of unlimited recursion. | Medium | Oct 11, 2019 | n/a |
CVE-2018-16301 | The command-line argument parser in tcpdump before 4.99.0 has a buffer overflow in tcpdump.c:read_infile(). To trigger this vulnerability the attacker needs to create a 4GB file on the local filesystem and to specify the file name as the value of the -F command-line argument of tcpdump. | High | Oct 7, 2019 | n/a |
CVE-2018-16302 | MediaComm Zip-n-Go before 4.95 has a Buffer Overflow via a crafted file. | HIGH | Sep 1, 2018 | n/a |
CVE-2018-16303 | PDF-XChange Editor through 7.0.326.1 allows remote attackers to cause a denial of service (resource consumption) via a crafted x:xmpmeta structure, a related issue to CVE-2003-1564. | MEDIUM | Sep 1, 2018 | n/a |
CVE-2018-16307 | An Out-of-band resource load issue was discovered on Xiaomi MIWiFi Xiaomi_55DD Version 2.8.50 devices. It is possible to induce the application to retrieve the contents of an arbitrary external URL and return those contents in its own response. If a domain name (containing a random string) is used in the HTTP Host header, the application performs an HTTP request to the specified domain. The response from that request is then included in the application's own response. | MEDIUM | Sep 5, 2018 | n/a |
CVE-2018-16308 | The Ninja Forms plugin before 3.3.14.1 for WordPress allows CSV injection. | MEDIUM | Sep 1, 2018 | n/a |
CVE-2018-16309 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none | -- | Nov 7, 2023 | n/a |
CVE-2018-16310 | ** DISPUTED ** Technicolor TG588V V2 devices allow remote attackers to cause a denial of service (networking outage) via a flood of random MAC addresses, as demonstrated by macof. NOTE: this might overlap CVE-2018-15852 and CVE-2018-15907. NOTE: Technicolor denies that the described behavior is a vulnerability and states that Wi-Fi traffic is slowed or stopped only while the devices are exposed to a MAC flooding attack. This has been confirmed through testing against official up-to-date versions. | MEDIUM | Sep 6, 2018 | n/a |
CVE-2018-16313 | Bludit 2.3.4 allows XSS via a user name. | MEDIUM | Sep 1, 2018 | n/a |
CVE-2018-16314 | An issue was discovered in admincp.php in idreamsoft iCMS 7.0.11. When verifying CSRF_TOKEN, if CSRF_TOKEN does not exist, only the Referer header is validated, which can be bypassed via an admincp.php substring in this header. | MEDIUM | Sep 1, 2018 | n/a |
CVE-2018-16315 | In waimai Super Cms 20150505, there is a CSRF vulnerability that can change the configuration via admin.php?m=Config&a=add. | MEDIUM | Sep 1, 2018 | n/a |
CVE-2018-16316 | A stored Cross-site scripting (XSS) vulnerability in Portainer through 1.19.1 allows remote authenticated users to inject arbitrary JavaScript and/or HTML via the Team Name field. | LOW | Sep 1, 2018 | n/a |
CVE-2018-16320 | idreamsoft iCMS 7.0.11 allows admincp.php?app=config Directory Traversal, resulting in execution of arbitrary PHP code from a ZIP file. | MEDIUM | Sep 1, 2018 | n/a |
CVE-2018-16323 | ReadXBMImage in coders/xbm.c in ImageMagick before 7.0.8-9 leaves data uninitialized when processing an XBM file that has a negative pixel value. If the affected code is used as a library loaded into a process that includes sensitive information, that information sometimes can be leaked via the image data. | MEDIUM | Sep 1, 2018 | n/a |
CVE-2018-16324 | In IceWarp Server 12.0.3.1 and before, there is XSS in the /webmail/ username field. | MEDIUM | Sep 1, 2018 | n/a |
CVE-2018-16325 | There is XSS in GetSimple CMS 3.4.0.9 via the admin/edit.php title field. | MEDIUM | Sep 1, 2018 | n/a |
CVE-2018-16326 | PHP Scripts Mall Olx Clone 3.4.2 has XSS. | MEDIUM | Oct 4, 2018 | n/a |
CVE-2018-16327 | There is Stored XSS in Subrion 4.2.1 via the admin panel URL configuration. | LOW | Sep 1, 2018 | n/a |
CVE-2018-16328 | In ImageMagick before 7.0.8-8, a NULL pointer dereference exists in the CheckEventLogging function in MagickCore/log.c. | HIGH | Sep 1, 2018 | n/a |
CVE-2018-16329 | In ImageMagick before 7.0.8-8, a NULL pointer dereference exists in the GetMagickProperty function in MagickCore/property.c. | HIGH | Sep 1, 2018 | n/a |
CVE-2018-16330 | Pandao Editor.md 1.5.0 allows XSS via crafted attributes of an invalid IMG element. | MEDIUM | Sep 1, 2018 | n/a |