The Common Vulnerabilities and Exposures (CVE) project, maintained by the MITRE Corporation, is a list of all standardized names for vulnerabilities and security exposures.
| ID | Description | Priority | Modified date | Fixed Release |
|---|---|---|---|---|
| CVE-2018-25035 | A vulnerability, which was classified as problematic, was found in Thomson TCW710 ST5D.10.05. Affected is an unknown function of the file /goform/RGFirewallEL. The manipulation of the argument EmailAddress/SmtpServerName with the input ><script>alert(1)</script> as part of POST Request leads to cross site scripting (Persistent). It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. | LOW | Jun 12, 2022 | n/a |
| CVE-2018-25034 | A vulnerability, which was classified as problematic, has been found in Thomson TCW710 ST5D.10.05. This issue affects some unknown processing of the file /goform/wlanPrimaryNetwork. The manipulation of the argument ServiceSetIdentifier with the input ><script>alert(1)</script> as part of POST Request leads to basic cross site scripting (Persistent). The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-126695. | LOW | Jun 12, 2022 | n/a |
| CVE-2018-25033 | ADMesh through 0.98.4 has a heap-based buffer over-read in stl_update_connects_remove_1 (called from stl_remove_degenerate) in connect.c in libadmesh.a. | MEDIUM | May 8, 2022 | n/a |
| CVE-2018-25032 | zlib before 1.2.12 allows memory corruption when deflating (i.e., when compressing) if the input has many distant matches. | MEDIUM | Mar 26, 2022 | 23.09 (VxWorks 7) |
| CVE-2018-25031 | Swagger UI before 4.1.3 could allow a remote attacker to conduct spoofing attacks. By persuading a victim to open a crafted URL, an attacker could exploit this vulnerability to display remote OpenAPI definitions. | MEDIUM | Mar 11, 2022 | n/a |
| CVE-2018-25030 | A vulnerability classified as problematic has been found in Mirmay Secure Private Browser and File Manager up to 2.5. Affected is the Auto Lock. A race condition leads to a local authentication bypass. The exploit has been disclosed to the public and may be used. | LOW | Apr 4, 2022 | n/a |
| CVE-2018-25029 | The Z-Wave specification requires that S2 security can be downgraded to S0 or other less secure protocols, allowing an attacker within radio range during pairing to downgrade and then exploit a different vulnerability (CVE-2013-20003) to intercept and spoof traffic. | MEDIUM | Feb 9, 2022 | n/a |
| CVE-2018-25028 | An issue was discovered in the libpulse-binding crate before 1.2.1 for Rust. get_context can cause a use-after-free. | MEDIUM | Dec 27, 2021 | 22.03 (VxWorks 7) |
| CVE-2018-25027 | An issue was discovered in the libpulse-binding crate before 1.2.1 for Rust. get_format_info can cause a use-after-free. | MEDIUM | Dec 27, 2021 | 22.03 (VxWorks 7) |
| CVE-2018-25026 | An issue was discovered in the actix-web crate before 0.7.15 for Rust. It can add the Send marker trait to an object that cannot be sent between threads safely, leading to memory corruption. | HIGH | Dec 27, 2021 | 22.03 (VxWorks 7) |
| CVE-2018-25025 | An issue was discovered in the actix-web crate before 0.7.15 for Rust. It can unsoundly extend the lifetime of a string, leading to memory corruption. | HIGH | Dec 27, 2021 | 22.03 (VxWorks 7) |
| CVE-2018-25024 | An issue was discovered in the actix-web crate before 0.7.15 for Rust. It can unsoundly coerce an immutable reference into a mutable reference, leading to memory corruption. | HIGH | Dec 27, 2021 | 22.03 (VxWorks 7) |
| CVE-2018-25023 | An issue was discovered in the smallvec crate before 0.6.13 for Rust. It can create an uninitialized value of any type, including a reference type. | MEDIUM | Dec 27, 2021 | 22.03 (VxWorks 7) |
| CVE-2018-25022 | The Onion module in toxcore before 0.2.2 doesn\'t restrict which packets can be onion-routed, which allows a remote attacker to discover a target user\'s IP address (when knowing only their Tox Id) by positioning themselves close to target\'s Tox Id in the DHT for the target to establish an onion connection with the attacker, guessing the target\'s DHT public key and creating a DHT node with public key close to it, and finally onion-routing a NAT Ping Request to the target, requesting it to ping the just created DHT node. | MEDIUM | Dec 16, 2021 | n/a |
| CVE-2018-25021 | The TCP Server module in toxcore before 0.2.8 doesn\'t free the TCP priority queue under certain conditions, which allows a remote attacker to exhaust the system\'s memory, causing a denial of service (DoS). | MEDIUM | Dec 16, 2021 | n/a |
| CVE-2018-25020 | The BPF subsystem in the Linux kernel before 4.17 mishandles situations with a long jump over an instruction sequence where inner instructions require substantial expansions into multiple BPF instructions, leading to an overflow. This affects kernel/bpf/core.c and net/core/filter.c. | MEDIUM | Dec 8, 2021 | n/a |
| CVE-2018-25019 | The LearnDash LMS WordPress plugin before 2.5.4 does not have any authorisation and validation of the file to be uploaded in the learndash_assignment_process_init() function, which could allow unauthenticated users to upload arbitrary files to the web server | MEDIUM | Nov 3, 2021 | n/a |
| CVE-2018-25018 | UnRAR 5.6.1.7 through 5.7.4 and 6.0.3 has an out-of-bounds write during a memcpy in QuickOpen::ReadRaw when called from QuickOpen::ReadNext. | MEDIUM | Jul 1, 2021 | n/a |
| CVE-2018-25017 | RawSpeed (aka librawspeed) 3.1 has a heap-based buffer overflow in TableLookUp::setTable. | HIGH | Jul 1, 2021 | n/a |
| CVE-2018-25016 | Greenbone Security Assistant (GSA) before 7.0.3 and Greenbone OS (GOS) before 5.0.0 allow Host Header Injection. | HIGH | Jun 25, 2021 | n/a |
| CVE-2018-25015 | An issue was discovered in the Linux kernel before 4.14.16. There is a use-after-free in net/sctp/socket.c for a held lock after a peel off, aka CID-a0ff660058b8. | MEDIUM | Jun 7, 2021 | n/a |
| CVE-2018-25014 | A use of uninitialized value was found in libwebp in versions before 1.0.1 in ReadSymbol(). | HIGH | May 21, 2021 | n/a |
| CVE-2018-25013 | A heap-based buffer overflow was found in libwebp in versions before 1.0.1 in ShiftBytes(). | MEDIUM | May 21, 2021 | n/a |
| CVE-2018-25012 | A heap-based buffer overflow was found in libwebp in versions before 1.0.1 in GetLE24(). | MEDIUM | May 21, 2021 | n/a |
| CVE-2018-25011 | A heap-based buffer overflow was found in libwebp in versions before 1.0.1 in PutLE16(). | HIGH | May 21, 2021 | n/a |
| CVE-2018-25010 | A heap-based buffer overflow was found in libwebp in versions before 1.0.1 in ApplyFilter(). | MEDIUM | May 21, 2021 | n/a |
| CVE-2018-25009 | A heap-based buffer overflow was found in libwebp in versions before 1.0.1 in GetLE16(). | MEDIUM | May 21, 2021 | n/a |
| CVE-2018-25008 | In the standard library in Rust before 1.29.0, there is weak synchronization in the Arc::get_mut method. This synchronization issue can be lead to memory safety issues through race conditions. | MEDIUM | Apr 14, 2021 | n/a |
| CVE-2018-25007 | Missing check in UIDL request handler in com.vaadin:flow-server versions 1.0.0 through 1.0.5 (Vaadin 10.0.0 through 10.0.7, and 11.0.0 through 11.0.2) allows attacker to update element property values via crafted synchronization message. | MEDIUM | Apr 23, 2021 | n/a |
| CVE-2018-25004 | A user authorized to performing a specific type of query may trigger a denial of service by issuing a generic explain command on a find query. This issue affects MongoDB Server v4.0 versions prior to 4.0.6 and MongoDB Server v3.6 versions prior to 3.6.11. | MEDIUM | Mar 1, 2021 | n/a |
| CVE-2018-25002 | uploader.php in the KCFinder integration project through 2018-06-01 for Drupal mishandles validation, aka SA-CONTRIB-2018-024. NOTE: This project is not covered by Drupal\'s security advisory policy. | MEDIUM | Jan 3, 2021 | n/a |
| CVE-2018-25001 | An issue was discovered in the libpulse-binding crate before 2.5.0 for Rust. proplist::Iterator can cause a use-after-free. | MEDIUM | Dec 31, 2020 | n/a |
| CVE-2018-21270 | Versions less than 0.0.6 of the Node.js stringstream module are vulnerable to an out-of-bounds read because of allocation of uninitialized buffers when a number is passed in the input stream (when using Node.js 4.x). | MEDIUM | Dec 4, 2020 | n/a |
| CVE-2018-21269 | checkpath in OpenRC through 0.42.1 might allow local users to take ownership of arbitrary files because a non-terminal path component can be a symlink. | LOW | Oct 27, 2020 | n/a |
| CVE-2018-21268 | The traceroute (aka node-traceroute) package through 1.0.0 for Node.js allows remote command injection via the host parameter. This occurs because the Child.exec() method, which is considered to be not entirely safe, is used. In particular, an OS command can be placed after a newline character. | HIGH | Jun 25, 2020 | n/a |
| CVE-2018-21267 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Notes: none | -- | Nov 7, 2023 | n/a |
| CVE-2018-21266 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Notes: none | -- | Nov 7, 2023 | n/a |
| CVE-2018-21265 | An issue was discovered in Mattermost Desktop App before 4.0.0. It mishandled the Same Origin Policy for setPermissionRequestHandler (e.g., video, audio, and notifications). | MEDIUM | Jun 19, 2020 | n/a |
| CVE-2018-21264 | An issue was discovered in Mattermost Server before 4.7.0, 4.6.2, and 4.5.2. It did not enforce the expiration date of a SAML response. | MEDIUM | Jun 19, 2020 | n/a |
| CVE-2018-21263 | An issue was discovered in Mattermost Server before 4.7.0, 4.6.2, and 4.5.2. An attacker could authenticate to a different user\'s account via a crafted SAML response. | MEDIUM | Jun 19, 2020 | n/a |
| CVE-2018-21262 | An issue was discovered in Mattermost Server before 4.7.3. It allows attackers to cause a denial of service (application crash) via invalid LaTeX text. | MEDIUM | Jun 20, 2020 | n/a |
| CVE-2018-21261 | An issue was discovered in Mattermost Server before 4.8.1, 4.7.4, and 4.6.3. An e-mail invite accidentally included the team invite_id, which leads to unintended excessive invitation privileges. | MEDIUM | Jun 19, 2020 | n/a |
| CVE-2018-21260 | An issue was discovered in Mattermost Server before 4.8.1, 4.7.4, and 4.6.3. WebSocket events were accidentally sent during certain user-management operations, violating user privacy. | MEDIUM | Jun 19, 2020 | n/a |
| CVE-2018-21259 | An issue was discovered in Mattermost Server before 4.10.1, 4.9.4, and 4.8.2. It allows attackers to cause a denial of service (application hang) via a malformed link in a channel. | MEDIUM | Jun 19, 2020 | n/a |
| CVE-2018-21258 | An issue was discovered in Mattermost Server before 5.1. It allows attackers to cause a denial of service via the invite_people slash command. | MEDIUM | Jun 19, 2020 | n/a |
| CVE-2018-21257 | An issue was discovered in Mattermost Server before 5.1. It allows attackers to bypass intended access restrictions (for setting a channel header) via the Channel header slash command API. | MEDIUM | Jun 19, 2020 | n/a |
| CVE-2018-21256 | An issue was discovered in Mattermost Server before 5.1. It allows attackers to bypass intended access restrictions (for group-message channel creation) via the Group message slash command. | MEDIUM | Jun 19, 2020 | n/a |
| CVE-2018-21255 | An issue was discovered in Mattermost Server before 5.1. Non-members of a channel could use the Channel PATCH API to modify that channel. | MEDIUM | Jun 19, 2020 | n/a |
| CVE-2018-21254 | An issue was discovered in Mattermost Server before 5.1. An attacker can bypass intended access control (for direct-message channel creation) via the Message slash command. | MEDIUM | Jun 19, 2020 | n/a |
| CVE-2018-21253 | An issue was discovered in Mattermost Server before 5.1, 5.0.2, and 4.10.2. An attacker could use the invite_people slash command to invite a non-permitted user. | MEDIUM | Jun 19, 2020 | n/a |
