The Common Vulnerabilities and Exposures (CVE) project, maintained by the MITRE Corporation, is a list of all standardized names for vulnerabilities and security exposures.
| ID | Description | Priority | Modified date | Fixed Release |
|---|---|---|---|---|
| CVE-2018-12755 | Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have an Out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user. | HIGH | Jul 21, 2018 | n/a |
| CVE-2018-12754 | Adobe Acrobat and Reader 2018.011.20040 and earlier, 2017.011.30080 and earlier, and 2015.006.30418 and earlier versions have an Out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user. | HIGH | Jul 21, 2018 | n/a |
| CVE-2018-12739 | In BEESCMS 4.0, CSRF allows administrators to be added arbitrarily, a related issue to CVE-2018-10266. | MEDIUM | Jul 5, 2018 | n/a |
| CVE-2018-12735 | SAJ Solar Inverter allows remote attackers to obtain potentially sensitive information via a direct request for the inverter_info.htm or english_main.htm URI. | MEDIUM | Jun 25, 2018 | n/a |
| CVE-2018-12716 | The API service on Google Home and Chromecast devices before mid-July 2018 does not prevent DNS rebinding attacks from reading the scan_results JSON data, which allows remote attackers to determine the physical location of most web browsers by leveraging the presence of one of these devices on its local network, extracting the scan_results bssid fields, and sending these fields in a geolocation/v1/geolocate Google Maps Geolocation API request. | LOW | Jun 24, 2018 | n/a |
| CVE-2018-12715 | DIGISOL DG-HR3400 devices have XSS via a modified SSID when the apssid value is unchanged. | MEDIUM | Jul 8, 2019 | n/a |
| CVE-2018-12714 | An issue was discovered in the Linux kernel through 4.17.2. The filter parsing in kernel/trace/trace_events_filter.c could be called with no filter, which is an N=0 case when it expected at least one line to have been read, thus making the N-1 index invalid. This allows attackers to cause a denial of service (slab out-of-bounds write) or possibly have unspecified other impact via crafted perf_event_open and mmap system calls. | HIGH | Jun 24, 2018 | n/a |
| CVE-2018-12713 | GIMP through 2.10.2 makes g_get_tmp_dir calls to establish temporary filenames, which may result in a filename that already exists, as demonstrated by the gimp_write_and_read_file function in app/tests/test-xcf.c. This might be leveraged by attackers to overwrite files or read file content that was intended to be private. | MEDIUM | Jun 24, 2018 | n/a |
| CVE-2018-12712 | An issue was discovered in Joomla! 2.5.0 through 3.8.8 before 3.8.9. The autoload code checks classnames to be valid, using the class_exists function in PHP. In PHP 5.3, this function validates invalid names as valid, which can result in a Local File Inclusion. | MEDIUM | Jun 26, 2018 | n/a |
| CVE-2018-12711 | An XSS issue was discovered in the language switcher module in Joomla! 1.6.0 through 3.8.8 before 3.8.9. In some cases, the link of the current language might contain unescaped HTML special characters. This may lead to reflective XSS via injection of arbitrary parameters and/or values on the current page URL. | MEDIUM | Jun 26, 2018 | n/a |
| CVE-2018-12710 | An issue was discovered on D-Link DIR-601 2.02NA devices. Being local to the network and having only User account (which is a low privilege account) access, an attacker can intercept the response from a POST request to obtain Admin rights due to the admin password being displayed in XML. | LOW | Aug 29, 2018 | n/a |
| CVE-2018-12706 | DIGISOL DG-BR4000NG devices have a Buffer Overflow via a long Authorization HTTP header. | HIGH | Jun 24, 2018 | n/a |
| CVE-2018-12705 | DIGISOL DG-BR4000NG devices have XSS via the SSID (it is validated only on the client side). | MEDIUM | Jun 24, 2018 | n/a |
| CVE-2018-12703 | The approveAndCallcode function of a smart contract implementation for Block 18 (18T), an tradable Ethereum ERC20 token, allows attackers to steal assets (e.g., transfer the contract's balances into their account) because the callcode (i.e., _spender.call(_extraData)) is not verified, aka the evilReflex issue. NOTE: a PeckShield disclosure states some researchers have independently discussed the mechanism of such vulnerability. | MEDIUM | Jun 25, 2018 | n/a |
| CVE-2018-12702 | The approveAndCallcode function of a smart contract implementation for Globalvillage ecosystem (GVE), an Ethereum ERC20 token, allows attackers to steal assets (e.g., transfer the contract's balances into their account) because the callcode (i.e., _spender.call(_extraData)) is not verified, aka the evilReflex issue. NOTE: a PeckShield disclosure states some researchers have independently discussed the mechanism of such vulnerability. | MEDIUM | Jun 25, 2018 | n/a |
| CVE-2018-12700 | ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none. | MEDIUM | Jun 23, 2018 | n/a |
| CVE-2018-12699 | finish_stab in stabs.c in GNU Binutils 2.30 allows attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact, as demonstrated by an out-of-bounds write of 8 bytes. This can occur during execution of objdump. | HIGH | Jun 23, 2018 | n/a |
| CVE-2018-12698 | demangle_template in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.30, allows attackers to trigger excessive memory consumption (aka OOM) during the Create an array for saving the template argument values XNEWVEC call. This can occur during execution of objdump. | MEDIUM | Jun 23, 2018 | n/a |
| CVE-2018-12697 | A NULL pointer dereference (aka SEGV on unknown address 0x000000000000) was discovered in work_stuff_copy_to_from in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.30. This can occur during execution of objdump. | MEDIUM | Jun 23, 2018 | n/a |
| CVE-2018-12696 | mao10cms 6 allows XSS via the article page. | MEDIUM | Jun 23, 2018 | n/a |
| CVE-2018-12695 | mao10cms 6 allows XSS via the m=bbs&a=index page. | MEDIUM | Jun 23, 2018 | n/a |
| CVE-2018-12694 | TP-Link TL-WA850RE Wi-Fi Range Extender with hardware version 5 allows remote attackers to cause a denial of service (reboot) via data/reboot.json. | HIGH | Jun 23, 2018 | n/a |
| CVE-2018-12693 | Stack-based buffer overflow in TP-Link TL-WA850RE Wi-Fi Range Extender with hardware version 5 allows remote authenticated users to cause a denial of service (outage) via a long type parameter to /data/syslog.filter.json. | MEDIUM | Jun 23, 2018 | n/a |
| CVE-2018-12692 | TP-Link TL-WA850RE Wi-Fi Range Extender with hardware version 5 allows remote authenticated users to execute arbitrary commands via shell metacharacters in the wps_setup_pin parameter to /data/wps.setup.json. | MEDIUM | Jun 23, 2018 | n/a |
| CVE-2018-12691 | Time-of-check to time-of-use (TOCTOU) race condition in org.onosproject.acl (aka the access control application) in ONOS v1.13 and earlier allows attackers to bypass network access control via data plane packet injection. | MEDIUM | Jul 5, 2018 | n/a |
| CVE-2018-12689 | phpLDAPadmin 1.2.2 allows LDAP injection via a crafted server_id parameter in a cmd.php?cmd=login_form request, or a crafted username and password in the login panel. | HIGH | Jun 22, 2018 | n/a |
| CVE-2018-12688 | tinyexr 0.9.5 has a segmentation fault in the wav2Decode function. | HIGH | Jun 22, 2018 | n/a |
| CVE-2018-12687 | tinyexr 0.9.5 has an assertion failure in DecodePixelData in tinyexr.h. | MEDIUM | Jun 22, 2018 | n/a |
| CVE-2018-12684 | Out-of-bounds Read in the send_ssi_file function in civetweb.c in CivetWeb through 1.10 allows attackers to cause a Denial of Service or Information Disclosure via a crafted SSI file. | MEDIUM | Jun 22, 2018 | n/a |
| CVE-2018-12680 | The Serialize.deserialize() method in CoAPthon 3.1, 4.0.0, 4.0.1, and 4.0.2 mishandles certain exceptions, leading to a denial of service in applications that use this library (e.g., the standard CoAP server, CoAP client, CoAP reverse proxy, example collect CoAP server and client) when they receive crafted CoAP messages. | MEDIUM | Apr 4, 2019 | n/a |
| CVE-2018-12679 | The Serialize.deserialize() method in CoAPthon3 1.0 and 1.0.1 mishandles certain exceptions, leading to a denial of service in applications that use this library (e.g., the standard CoAP server, CoAP client, example collect CoAP server and client) when they receive crafted CoAP messages. | MEDIUM | Apr 4, 2019 | n/a |
| CVE-2018-12678 | Portainer before 1.18.0 supports unauthenticated requests to the websocket endpoint with an unvalidated id query parameter for the /websocket/exec endpoint, which allows remote attackers to bypass intended access restrictions or conduct SSRF attacks. | HIGH | Jun 22, 2018 | n/a |
| CVE-2018-12675 | The SV3C HD Camera (L-SERIES V2.3.4.2103-S50-NTD-B20170508B and V2.3.4.2103-S50-NTD-B20170823B) does not perform origin checks on URLs that the camera\'s web interface redirects a user to. This can be leveraged to send a user to an unexpected endpoint. | MEDIUM | Oct 19, 2018 | n/a |
| CVE-2018-12674 | The SV3C HD Camera (L-SERIES V2.3.4.2103-S50-NTD-B20170508B and V2.3.4.2103-S50-NTD-B20170823B) stores the username and password within the cookies of a session. If an attacker gained access to these session cookies, it would be possible to gain access to the username and password of the logged-in account. | LOW | Oct 19, 2018 | n/a |
| CVE-2018-12673 | An attacker with remote access to the SV3C HD Camera (L-SERIES V2.3.4.2103-S50-NTD-B20170508B and V2.3.4.2103-S50-NTD-B20170823B) web interface can disclose information about the camera including camera hardware, wireless network, and local area network information. | MEDIUM | Oct 19, 2018 | n/a |
| CVE-2018-12672 | The SV3C HD Camera (L-SERIES V2.3.4.2103-S50-NTD-B20170508B) does not perform proper validation on user-supplied input and is vulnerable to cross-site scripting attacks. If proper authorization was implemented, this vulnerability could be leveraged to perform actions on behalf of another user or the administrator. | LOW | Oct 19, 2018 | n/a |
| CVE-2018-12671 | An attacker with remote access to the SV3C HD Camera (L-SERIES V2.3.4.2103-S50-NTD-B20170508B and V2.3.4.2103-S50-NTD-B20170823B) web interface can disclose information about the camera including all password sets set within the camera. This information can then be used to gain access to the web interface. | MEDIUM | Oct 19, 2018 | n/a |
| CVE-2018-12670 | SV3C L-SERIES HD CAMERA V2.3.4.2103-S50-NTD-B20170508B and V2.3.4.2103-S50-NTD-B20170823B devices allow OS Command Injection. | HIGH | Oct 19, 2018 | n/a |
| CVE-2018-12669 | SV3C L-SERIES HD CAMERA V2.3.4.2103-S50-NTD-B20170508B and V2.3.4.2103-S50-NTD-B20170823B devices allow remote authenticated users to reset arbitrary accounts via a request to web/cgi-bin/hi3510/param.cgi. | MEDIUM | Oct 19, 2018 | n/a |
| CVE-2018-12668 | SV3C L-SERIES HD CAMERA V2.3.4.2103-S50-NTD-B20170508B and V2.3.4.2103-S50-NTD-B20170823B devices have a Hard-coded Password. | HIGH | Oct 19, 2018 | n/a |
| CVE-2018-12667 | The SV3C HD Camera (L-SERIES V2.3.4.2103-S50-NTD-B20170508B and V2.3.4.2103-S50-NTD-B20170823B) is affected by an improper authentication vulnerability that allows requests to be made to back-end CGI scripts without a valid session. This vulnerability could be used to read and modify the configuration. The vulnerability affects all versions. | HIGH | Oct 19, 2018 | n/a |
| CVE-2018-12666 | SV3C L-SERIES HD CAMERA V2.3.4.2103-S50-NTD-B20170508B devices improperly identifies users only by the authentication level sent in the cookies, which allow remote attackers to bypass authentication and gain administrator access by setting the authLevel cookie to 255. | HIGH | Oct 19, 2018 | n/a |
| CVE-2018-12659 | SLiMS 8 Akasia 8.3.1 allows remote attackers to bypass the CSRF protection mechanism and obtain admin access by omitting the csrf_token parameter. | MEDIUM | Jun 22, 2018 | n/a |
| CVE-2018-12658 | Reflected Cross-Site Scripting (XSS) exists in the Stock Take module in SLiMS 8 Akasia 8.3.1 via an admin/modules/stock_take/index.php?keywords= URI. | MEDIUM | Jun 22, 2018 | n/a |
| CVE-2018-12657 | Reflected Cross-Site Scripting (XSS) exists in the Master File module in SLiMS 8 Akasia 8.3.1 via an admin/modules/master_file/rda_cmc.php?keywords= URI. | MEDIUM | Jun 22, 2018 | n/a |
| CVE-2018-12656 | Reflected Cross-Site Scripting (XSS) exists in the Membership module in SLiMS 8 Akasia 8.3.1 via an admin/modules/membership/index.php?keywords= URI. | MEDIUM | Jun 22, 2018 | n/a |
| CVE-2018-12655 | Reflected Cross-Site Scripting (XSS) exists in the Circulation module in SLiMS 8 Akasia 8.3.1 via an admin/modules/circulation/loan_rules.php?keywords= URI, a related issue to CVE-2017-7242. | MEDIUM | Jun 22, 2018 | n/a |
| CVE-2018-12654 | Reflected Cross-Site Scripting (XSS) exists in the Bibliography module in SLiMS 8 Akasia 8.3.1 via an admin/modules/bibliography/index.php?keywords= URI. | MEDIUM | Jun 22, 2018 | n/a |
| CVE-2018-12653 | A Reflected Cross Site Scripting (XSS) vulnerability exists in Adrenalin HRMS 5.4.0. An attacker can input malicious JavaScript code in /RPT/SSRSDynamicEditReports.aspx via \'ReportId\' parameter. | Medium | Mar 26, 2019 | n/a |
| CVE-2018-12652 | A Reflected Cross Site Scripting (XSS) Vulnerability was discovered in Adrenalin 5.4 HRMS Software. The user supplied input containing JavaScript is echoed back in JavaScript code in an HTML response via the LeaveEmployeeSearch.aspx prntFrmName or prntDDLCntrlName parameter. | MEDIUM | Mar 27, 2019 | n/a |
