The Common Vulnerabilities and Exposures (CVE) project, maintained by the MITRE Corporation, is a list of all standardized names for vulnerabilities and security exposures.
ID | Description | Priority | Modified date | Fixed Release |
---|---|---|---|---|
CVE-2018-18443 | OpenEXR 2.3.0 has a memory leak in ThreadPool in IlmBase/IlmThread/IlmThreadPool.cpp, as demonstrated by exrmultiview. | MEDIUM | Oct 17, 2018 | n/a |
CVE-2018-18444 | makeMultiView.cpp in exrmultiview in OpenEXR 2.3.0 has an out-of-bounds write, leading to an assertion failure or possibly unspecified other impact. | MEDIUM | Oct 17, 2018 | n/a |
CVE-2018-18454 | CCITTFaxStream::readRow() in Stream.cc in Xpdf 4.00 allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted pdf file, as demonstrated by pdftoppm. | MEDIUM | Oct 18, 2018 | n/a |
CVE-2018-18455 | The GfxImageColorMap class in GfxState.cc in Xpdf 4.00 allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted pdf file, as demonstrated by pdftoppm. | MEDIUM | Oct 18, 2018 | n/a |
CVE-2018-18456 | The function Object::isName() in Object.h (called from Gfx::opSetFillColorN) in Xpdf 4.00 allows remote attackers to cause a denial of service (stack-based buffer over-read) via a crafted pdf file, as demonstrated by pdftoppm. | MEDIUM | Oct 18, 2018 | n/a |
CVE-2018-18457 | The function DCTStream::readScan in Stream.cc in Xpdf 4.00 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted pdf file, as demonstrated by pdftoppm. | MEDIUM | Oct 18, 2018 | n/a |
CVE-2018-18458 | The function DCTStream::decodeImage in Stream.cc in Xpdf 4.00 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted pdf file, as demonstrated by pdftoppm. | MEDIUM | Oct 18, 2018 | n/a |
CVE-2018-18459 | The function DCTStream::getBlock in Stream.cc in Xpdf 4.00 allows remote attackers to cause a denial of service (NULL pointer dereference) via a crafted pdf file, as demonstrated by pdftoppm. | MEDIUM | Oct 18, 2018 | n/a |
CVE-2018-18460 | XSS exists in the wp-live-chat-support v8.0.15 plugin for WordPress via the modules/gdpr.php term parameter in a wp-admin/admin.php wplivechat-menu-gdpr-page request. | MEDIUM | Oct 18, 2018 | n/a |
CVE-2018-18467 | An issue was discovered in Daniel Gultsch Conversations 2.3.4. It is possible to spoof a custom message to an existing opened conversation by sending an intent. | MEDIUM | Oct 23, 2018 | n/a |
CVE-2018-18478 | Persistent Cross-Site Scripting (XSS) issues in LibreNMS before 1.44 allow remote attackers to inject arbitrary web script or HTML via the dashboard_name parameter in the /ajax_form.php resource, related to html/includes/forms/add-dashboard.inc.php, html/includes/forms/delete-dashboard.inc.php, and html/includes/forms/edit-dashboard.inc.php. | MEDIUM | Oct 18, 2018 | n/a |
CVE-2018-18480 | A heap-based buffer over-read exists in libopencad 0.2.0 in the ReadMCHAR function in lib/dwg/io.cpp, resulting in an application crash. | MEDIUM | Oct 18, 2018 | n/a |
CVE-2018-18481 | A heap-based buffer over-read exists in libopencad 0.2.0 in the ReadCHAR function in lib/dwg/io.cpp, resulting in an application crash. | MEDIUM | Oct 18, 2018 | n/a |
CVE-2018-18482 | An issue was discovered in libpg_query 10-1.0.2. There is a memory leak in pg_query_raw_parse in pg_query_parse.c, which might lead to a denial of service. | MEDIUM | Oct 18, 2018 | n/a |
CVE-2018-18483 | The get_count function in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.31, allows remote attackers to cause a denial of service (malloc called with the result of an integer-overflowing calculation) or possibly have unspecified other impact via a crafted string, as demonstrated by c++filt. | MEDIUM | Oct 18, 2018 | n/a |
CVE-2018-18484 | An issue was discovered in cp-demangle.c in GNU libiberty, as distributed in GNU Binutils 2.31. Stack Exhaustion occurs in the C++ demangling functions provided by libiberty, and there is a stack consumption problem caused by recursive stack frames: cplus_demangle_type, d_bare_function_type, d_function_type. | MEDIUM | Oct 18, 2018 | n/a |
CVE-2018-18485 | An issue was discovered in PHPSHE 1.7. admin.php?mod=db&act=del allows remote attackers to delete arbitrary files via directory traversal sequences in the dbname parameter. This can be leveraged to reload the product by deleting install.lock. | MEDIUM | Oct 18, 2018 | n/a |
CVE-2018-18487 | In \\lib\\admin\\action\\dataaction.class.php in Gxlcms v2.0, the database backup filename generation uses mt_rand() unsafely, resulting in predictable database backup file locations. | MEDIUM | Oct 18, 2018 | n/a |
CVE-2018-18520 | An Invalid Memory Address Dereference exists in the function elf_end in libelf in elfutils through v0.174. Although eu-size is intended to support ar files inside ar files, handle_ar in size.c closes the outer ar file before handling all inner entries. The vulnerability allows attackers to cause a denial of service (application crash) with a crafted ELF file. | MEDIUM | Oct 19, 2018 | n/a |
CVE-2018-18521 | Divide-by-zero vulnerabilities in the function arlib_add_symbols() in arlib.c in elfutils 0.174 allow remote attackers to cause a denial of service (application crash) with a crafted ELF file, as demonstrated by eu-ranlib, because a zero sh_entsize is mishandled. | MEDIUM | Oct 19, 2018 | n/a |
CVE-2018-18531 | text/impl/DefaultTextCreator.java, text/impl/ChineseTextProducer.java, and text/impl/FiveLetterFirstNameTextCreator.java in kaptcha 2.3.2 use the Random (rather than SecureRandom) function for generating CAPTCHA values, which makes it easier for remote attackers to bypass intended access restrictions via a brute-force approach. | MEDIUM | Oct 19, 2018 | n/a |
CVE-2018-18540 | TeaKKi 2.7 allows XSS via a crafted onerror attribute for a picture\'s URL. | MEDIUM | Oct 20, 2018 | n/a |
CVE-2018-18541 | In Teeworlds before 0.6.5, connection packets could be forged. There was no challenge-response involved in the connection build up. A remote attacker could send connection packets from a spoofed IP address and occupy all server slots, or even use them for a reflection attack using map download packets. | MEDIUM | Oct 20, 2018 | n/a |
CVE-2018-18544 | There is a memory leak in the function WriteMSLImage of coders/msl.c in ImageMagick 7.0.8-13 Q16, and the function ProcessMSLScript of coders/msl.c in GraphicsMagick before 1.3.31. | MEDIUM | Oct 20, 2018 | n/a |
CVE-2018-18545 | Fiyo CMS 2.0.7 has XSS via the dapur\\apps\\app_user\\edit_user.php name parameter. | MEDIUM | Oct 20, 2018 | n/a |
CVE-2018-18547 | Vesta Control Panel through 0.9.8-22 has XSS via the edit/web/ domain parameter, the list/backup/ backup parameter, the list/rrd/ period parameter, the list/directory/ dir_a parameter, or the filename to the list/directory/ URI. | MEDIUM | Oct 24, 2018 | n/a |
CVE-2018-18548 | ajenticp (aka Ajenti Docker control panel) for Ajenti through v1.2.23.13 has XSS via a filename that is mishandled in File Manager. | MEDIUM | Oct 24, 2018 | n/a |
CVE-2018-18550 | ServersCheck Monitoring Software before 14.3.4 allows SQL Injection by an authenticated user. | MEDIUM | Oct 21, 2018 | n/a |
CVE-2018-18551 | ServersCheck Monitoring Software through 14.3.3 has Persistent and Reflected XSS via the sensors.html status parameter, sensors.html type parameter, sensors.html device parameter, report.html location parameter, group_delete.html group parameter, report_save.html query parameter, sensors.html location parameter, or group_delete.html group parameter. | MEDIUM | Oct 24, 2018 | n/a |
CVE-2018-18552 | ServersCheck Monitoring Software through 14.3.3 allows local users to cause a denial of service (menu functionality loss) by creating an LNK file that points to a second LNK file, if this second LNK file is associated with a Start menu. Ultimately, this behavior comes from a Directory Traversal bug (via the sensor_details.html id parameter) that allows creating empty files in arbitrary directories. | MEDIUM | Oct 24, 2018 | n/a |
CVE-2018-18553 | Leanote 2.6.1 has XSS via the Blog Basic Setting title field, which is mishandled during rendering of the likes page. | MEDIUM | Oct 21, 2018 | n/a |
CVE-2018-18557 | LibTIFF 3.9.3, 3.9.4, 3.9.5, 3.9.6, 3.9.7, 4.0.0alpha4, 4.0.0alpha5, 4.0.0alpha6, 4.0.0beta7, 4.0.0, 4.0.1, 4.0.2, 4.0.3, 4.0.4, 4.0.4beta, 4.0.5, 4.0.6, 4.0.7, 4.0.8 and 4.0.9 (with JBIG enabled) decodes arbitrarily-sized JBIG into a buffer, ignoring the buffer size, which leads to a tif_jbig.c JBIGDecode out-of-bounds write. | MEDIUM | Oct 22, 2018 | n/a |
CVE-2018-18559 | In the Linux kernel through 4.19, a use-after-free can occur due to a race condition between fanout_add from setsockopt and bind on an AF_PACKET socket. This issue exists because of the 15fe076edea787807a7cdc168df832544b58eba6 incomplete fix for a race condition. The code mishandles a certain multithreaded case involving a packet_do_bind unregister action followed by a packet_notifier register action. Later, packet_release operates on only one of the two applicable linked lists. The attacker can achieve Program Counter control. | MEDIUM | Oct 22, 2018 | n/a |
CVE-2018-18566 | The SIP service in Polycom VVX 500 and 601 devices 5.8.0.12848 and earlier allow remote attackers to obtain sensitive phone configuration information by leveraging use with an on-premise installation with Skype for Business. | MEDIUM | Oct 24, 2018 | n/a |
CVE-2018-18567 | AudioCodes 440HD and 450HD devices 3.1.2.89 and earlier allows man-in-the-middle attackers to obtain sensitive credential information by leveraging failure to validate X.509 certificates when used with an on-premise installation with Skype for Business. | MEDIUM | Oct 26, 2018 | n/a |
CVE-2018-18568 | Polycom VVX 500 and 601 devices 5.8.0.12848 and earlier allows man-in-the-middle attackers to obtain sensitive credential information by leveraging failure to validate X.509 certificates when used with an on-premise installation with Skype for Business. | MEDIUM | Oct 24, 2018 | n/a |
CVE-2018-18578 | DedeCMS 5.7 SP2 allows XSS via the plus/qrcode.php type parameter. | MEDIUM | Oct 22, 2018 | n/a |
CVE-2018-18579 | Reflected XSS exists in DedeCMS 5.7 SP2 via the /member/pm.php folder parameter. | MEDIUM | Oct 22, 2018 | n/a |
CVE-2018-18581 | An issue has been found in LuPng through 2017-03-10. It is a heap-based buffer over-read in internalPrintf in miniz/lupng.c. | MEDIUM | Oct 22, 2018 | n/a |
CVE-2018-18582 | An issue has been found in LuPng through 2017-03-10. It is a heap-based buffer overflow in insertByte in miniz/lupng.c during a write operation for data obtained from a palette. | MEDIUM | Oct 22, 2018 | n/a |
CVE-2018-18583 | An issue has been found in LuPng through 2017-03-10. It is a heap-based buffer overflow in insertByte in miniz/lupng.c during a write operation for data obtained from a swap. | MEDIUM | Oct 22, 2018 | n/a |
CVE-2018-18584 | In mspack/cab.h in libmspack before 0.8alpha and cabextract before 1.8, the CAB block input buffer is one byte too small for the maximal Quantum block, leading to an out-of-bounds write. | MEDIUM | Oct 22, 2018 | n/a |
CVE-2018-18585 | chmd_read_headers in mspack/chmd.c in libmspack before 0.8alpha accepts a filename that has \'\\0\' as its first or second character (such as the /\\0 name). | MEDIUM | Oct 22, 2018 | n/a |
CVE-2018-18587 | BigProf AppGini 5.70 stores the passwords in the database using the MD5 hash. | MEDIUM | Oct 23, 2018 | n/a |
CVE-2018-18589 | A potential Remote Arbitrary Code Execution vulnerability has been identified in Micro Focus\' Real User Monitoring software, versions 9.26IP, 9.30, 9.40 and 9.50. The vulnerability could be exploited to execute arbitrary code. | MEDIUM | Oct 23, 2018 | n/a |
CVE-2018-18599 | Stegdetect through 2018-05-26 has an out-of-bounds write in f5_compress in the f5.c file. | MEDIUM | Oct 23, 2018 | n/a |
CVE-2018-18603 | ** DISPUTED ** 360 Total Security 3.5.0.1033 allows a Sandbox Escape via an import os statement, followed by os.system(CMD) or os.system(PowerShell), within a .py file. NOTE: the vendor\'s position is that this cannot be categorized as a vulnerability, although it is a security-related issue. | MEDIUM | Oct 23, 2018 | n/a |
CVE-2018-18605 | A heap-based buffer over-read issue was discovered in the function sec_merge_hash_lookup in merge.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31, because _bfd_add_merge_section mishandles section merges when size is not a multiple of entsize. A specially crafted ELF allows remote attackers to cause a denial of service, as demonstrated by ld. | MEDIUM | Oct 23, 2018 | n/a |
CVE-2018-18606 | An issue was discovered in the merge_strings function in merge.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31. There is a NULL pointer dereference in _bfd_add_merge_section when attempting to merge sections with large alignments. A specially crafted ELF allows remote attackers to cause a denial of service, as demonstrated by ld. | MEDIUM | Oct 23, 2018 | n/a |
CVE-2018-18607 | An issue was discovered in elf_link_input_bfd in elflink.c in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31. There is a NULL pointer dereference in elf_link_input_bfd when used for finding STT_TLS symbols without any TLS section. A specially crafted ELF allows remote attackers to cause a denial of service, as demonstrated by ld. | MEDIUM | Oct 23, 2018 | n/a |