The Common Vulnerabilities and Exposures (CVE) project, maintained by the MITRE Corporation, is a list of all standardized names for vulnerabilities and security exposures.
| ID | Description | Priority | Modified date | Fixed Release |
|---|---|---|---|---|
| CVE-2018-12651 | A Reflected Cross Site Scripting (XSS) Vulnerability was discovered in Adrenalin 5.4 HRMS Software. The user supplied input containing JavaScript is echoed back in JavaScript code in an HTML response via the ShiftEmployeeSearch.aspx prntFrmName or prntDDLCntrlName parameter. | MEDIUM | Dec 20, 2018 | n/a |
| CVE-2018-12650 | Adrenalin HRMS version 5.4.0 contains a Reflected Cross Site Scripting (XSS) vulnerability in the ApplicationtEmployeeSearch page via \'prntDDLCntrlName\' and \'prntFrmName\'. | MEDIUM | Oct 24, 2018 | n/a |
| CVE-2018-12649 | An issue was discovered in app/Controller/UsersController.php in MISP 2.4.92. An adversary can bypass the brute-force protection by using a PUT HTTP method instead of a POST HTTP method in the login part, because this protection was only covering POST requests. | MEDIUM | Jun 22, 2018 | n/a |
| CVE-2018-12648 | The WEBP::GetLE32 function in XMPFiles/source/FormatSupport/WEBP_Support.hpp in Exempi 2.4.5 has a NULL pointer dereference. | MEDIUM | Jun 22, 2018 | n/a |
| CVE-2018-12642 | Froxlor through 0.9.39.5 has Incorrect Access Control for tickets not owned by the current user. | MEDIUM | Jun 22, 2018 | n/a |
| CVE-2018-12641 | An issue was discovered in arm_pt in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.30. Stack Exhaustion occurs in the C++ demangling functions provided by libiberty, and there are recursive stack frames: demangle_arm_hp_template, demangle_class_name, demangle_fund_type, do_type, do_arg, demangle_args, and demangle_nested_args. This can occur during execution of nm-new. | MEDIUM | Jun 22, 2018 | n/a |
| CVE-2018-12640 | The webService binary on Insteon HD IP Camera White 2864-222 devices has a Buffer Overflow via a crafted pid, pwd, or usr key in a GET request on port 34100. | HIGH | Jun 23, 2018 | n/a |
| CVE-2018-12638 | An issue was discovered in the Bose Soundtouch app 18.1.4 for iOS. There is no frontend input validation of the device name. A malicious device name can execute JavaScript on the registered Bose User Account if a speaker has been connected to the app. | MEDIUM | Mar 27, 2019 | n/a |
| CVE-2018-12636 | The iThemes Security (better-wp-security) plugin before 7.0.3 for WordPress allows SQL Injection (by attackers with Admin privileges) via the logs page. | MEDIUM | Jun 22, 2018 | n/a |
| CVE-2018-12635 | CirCarLife Scada v4.2.4 allows unauthorized upgrades via requests to the html/upgrade.html and services/system/firmware.upgrade URIs. | MEDIUM | Jun 21, 2018 | n/a |
| CVE-2018-12634 | CirCarLife Scada before 4.3 allows remote attackers to obtain sensitive information via a direct request for the html/log or services/system/info.html URI. | MEDIUM | Jun 21, 2018 | n/a |
| CVE-2018-12633 | An issue was discovered in the Linux kernel through 4.17.2. vbg_misc_device_ioctl() in drivers/virt/vboxguest/vboxguest_linux.c reads the same user data twice with copy_from_user. The header part of the user data is double-fetched, and a malicious user thread can tamper with the critical variables (hdr.size_in and hdr.size_out) in the header between the two fetches because of a race condition, leading to severe kernel errors, such as buffer over-accesses. This bug can cause a local denial of service and information leakage. | MEDIUM | Jun 21, 2018 | n/a |
| CVE-2018-12632 | Redatam7 (formerly Redatam WebServer) allows remote attackers to discover the installation path via an invalid LFN parameter to the /redbin/rpwebutilities.exe/text URI. | MEDIUM | Jun 21, 2018 | n/a |
| CVE-2018-12631 | Redatam7 (formerly Redatam WebServer) allows remote attackers to read arbitrary files via /redbin/rpwebutilities.exe/text?LFN=../ directory traversal. | MEDIUM | Jun 21, 2018 | n/a |
| CVE-2018-12630 | NEWMARK (aka New Mark) NMCMS 2.1 allows SQL Injection via the sect_id parameter to the /catalog URI. | HIGH | Jun 21, 2018 | n/a |
| CVE-2018-12628 | An issue was discovered in Eventum 3.5.0. CSRF in htdocs/manage/users.php allows creating another user with admin privileges. | MEDIUM | Jul 11, 2019 | n/a |
| CVE-2018-12627 | An issue was discovered in Eventum 3.5.0. /htdocs/list.php has XSS via the show_notification_list_issues or show_authorized_issues parameter. | MEDIUM | Jul 10, 2019 | n/a |
| CVE-2018-12626 | An issue was discovered in Eventum 3.5.0. /htdocs/popup.php has XSS via the cat parameter. | MEDIUM | Jul 10, 2019 | n/a |
| CVE-2018-12625 | An issue was discovered in Eventum 3.5.0. /htdocs/validate.php has XSS via the values parameter. | MEDIUM | Jul 10, 2019 | n/a |
| CVE-2018-12624 | An issue was discovered in Eventum 3.5.0. /htdocs/post_note.php has XSS via the garlic_prefix parameter. | MEDIUM | May 28, 2019 | n/a |
| CVE-2018-12623 | An issue was discovered in Eventum 3.5.0. htdocs/switch.php has XSS via the current_page parameter. | MEDIUM | Jul 10, 2019 | n/a |
| CVE-2018-12622 | An issue was discovered in Eventum 3.5.0. htdocs/ajax/update.php has XSS via the field_name parameter. | MEDIUM | Jul 10, 2019 | n/a |
| CVE-2018-12621 | An issue was discovered in Eventum 3.5.0. /htdocs/switch.php has an Open Redirect via the current_page parameter. | MEDIUM | Jul 8, 2019 | n/a |
| CVE-2018-12617 | qmp_guest_file_read in qga/commands-posix.c and qga/commands-win32.c in qemu-ga (aka QEMU Guest Agent) in QEMU 2.12.50 has an integer overflow causing a g_malloc0() call to trigger a segmentation fault when trying to allocate a large memory chunk. The vulnerability can be exploited by sending a crafted QMP command (including guest-file-read with a large count value) to the agent via the listening socket. | MEDIUM | Jun 21, 2018 | n/a |
| CVE-2018-12615 | An issue was discovered in switchGroup() in agent/ExecHelper/ExecHelperMain.cpp in Phusion Passenger before 5.3.2. The set of groups (gidset) is not set correctly, leaving it up to randomness (i.e., uninitialized memory) which supplementary groups are actually being set while lowering privileges. | MEDIUM | Jun 21, 2018 | n/a |
| CVE-2018-12613 | An issue was discovered in phpMyAdmin 4.8.x before 4.8.2, in which an attacker can include (view and potentially execute) files on the server. The vulnerability comes from a portion of code where pages are redirected and loaded within phpMyAdmin, and an improper test for whitelisted pages. An attacker must be authenticated, except in the $cfg[\'AllowArbitraryServer\'] = true case (where an attacker can specify any host he/she is already in control of, and execute arbitrary code on phpMyAdmin) and the $cfg[\'ServerDefault\'] = 0 case (which bypasses the login requirement and runs the vulnerable code without any authentication). | MEDIUM | Jun 21, 2018 | n/a |
| CVE-2018-12611 | OX App Suite 7.8.4 and earlier allows Directory Traversal. | Medium | Jan 31, 2019 | n/a |
| CVE-2018-12610 | OX App Suite 7.8.4 and earlier allows Information Exposure. | Medium | Jan 31, 2019 | n/a |
| CVE-2018-12609 | OX App Suite 7.8.4 and earlier allows Server-Side Request Forgery. | Medium | Jan 31, 2019 | n/a |
| CVE-2018-12608 | An issue was discovered in Docker Moby before 17.06.0. The Docker engine validated a client TLS certificate using both the configured client CA root certificate and all system roots on non-Windows systems. This allowed a client with any domain validated certificate signed by a system-trusted root CA (as opposed to one signed by the configured CA root certificate) to authenticate. | MEDIUM | Sep 10, 2018 | n/a |
| CVE-2018-12607 | An issue was discovered in GitLab Community Edition and Enterprise Edition before 10.7.6, 10.8.x before 10.8.5, and 11.x before 11.0.1. The charts feature contained a persistent XSS issue due to a lack of output encoding. | LOW | Aug 3, 2018 | n/a |
| CVE-2018-12606 | An issue was discovered in GitLab Community Edition and Enterprise Edition before 10.7.6, 10.8.x before 10.8.5, and 11.x before 11.0.1. The wiki contains a persistent XSS issue due to a lack of output encoding affecting a specific markdown feature. | LOW | Aug 3, 2018 | n/a |
| CVE-2018-12605 | An issue was discovered in GitLab Community Edition and Enterprise Edition 10.7.x before 10.7.6. The usage of 'url_for' contained a XSS issue due to it allowing arbitrary protocols as a parameter. | LOW | Aug 3, 2018 | n/a |
| CVE-2018-12604 | GreenCMS 2.3.0603 allows remote attackers to obtain sensitive information via a direct request for Data/Log/year_month_day.log. | MEDIUM | Jun 20, 2018 | n/a |
| CVE-2018-12603 | Cross-site request forgery (CSRF) vulnerability in admin.php in LFCMS 3.7.0 allows remote attackers to hijack the authentication of unspecified users for requests that add administrator users via the s parameter, a related issue to CVE-2018-12114. | MEDIUM | Jun 25, 2018 | n/a |
| CVE-2018-12602 | A CSRF vulnerability exists in LFCMS 3.7.0: users can be added arbitrarily. | MEDIUM | Jun 25, 2018 | n/a |
| CVE-2018-12601 | There is a heap-based buffer overflow in ReadImage in input-tga.ci in sam2p 0.49.4 that leads to a denial of service or possibly unspecified other impact. | HIGH | Jun 20, 2018 | n/a |
| CVE-2018-12600 | In ImageMagick 7.0.8-3 Q16, ReadDIBImage and WriteDIBImage in coders/dib.c allow attackers to cause an out of bounds write via a crafted file. | MEDIUM | Jun 20, 2018 | n/a |
| CVE-2018-12599 | In ImageMagick 7.0.8-3 Q16, ReadBMPImage and WriteBMPImage in coders/bmp.c allow attackers to cause an out of bounds write via a crafted file. | MEDIUM | Jun 20, 2018 | n/a |
| CVE-2018-12596 | Episerver Ektron CMS before 9.0 SP3 Site CU 31, 9.1 before SP3 Site CU 45, or 9.2 before SP2 Site CU 22 allows remote attackers to call aspx pages via the activateuser.aspx page, even if a page is located under the /WorkArea/ path, which is forbidden (normally available exclusively for local admins). | HIGH | Oct 10, 2018 | n/a |
| CVE-2018-12594 | Reliable Controls MACH-ProWebCom 7.80 devices allow remote attackers to obtain sensitive information via a direct request for the data/fileinfo.xml or job/job.json file, as demonstrated the Master Password field. | MEDIUM | Jun 20, 2018 | n/a |
| CVE-2018-12592 | Polycom RealPresence Web Suite before 2.2.0 does not block a user's video for a few seconds upon joining a meeting (when the user has explicitly chosen to turn off the video using a specific option). During those seconds, a meeting invitee may unknowingly be on camera with other participants able to view. | MEDIUM | Jun 20, 2018 | n/a |
| CVE-2018-12591 | Ubiquiti Networks EdgeSwitch version 1.7.3 and prior suffer from an improperly neutralized element in an OS command due to lack of protection on the admin CLI, leading to code execution and privilege escalation greater than administrators themselves are allowed. An attacker with access to an admin account could escape the restricted CLI and execute arbitrary shell instructions. | HIGH | Jun 20, 2018 | n/a |
| CVE-2018-12590 | Ubiquiti Networks EdgeSwitch version 1.7.3 and prior suffer from an externally controlled format-string vulnerability due to lack of protection on the admin CLI, leading to code execution and privilege escalation greater than administrators themselves are allowed. An attacker with access to an admin account could escape the restricted CLI and execute arbitrary code. | HIGH | Jun 20, 2018 | n/a |
| CVE-2018-12589 | Polaris Office 2017 8.1 allows attackers to execute arbitrary code via a Trojan horse puiframeworkproresenu.dll file in the current working directory. | MEDIUM | Jun 28, 2018 | n/a |
| CVE-2018-12588 | Cross-site scripting (XSS) vulnerability in templates/frontend/pages/searchResults.tpl in Public Knowledge Project (PKP) Open Monograph Press (OMP) v1.2.0 through 3.1.1-2 before 3.1.1-3 allows remote attackers to inject arbitrary web script or HTML via the catalog.noTitlesSearch parameter (aka the Search field). | MEDIUM | Jun 19, 2018 | n/a |
| CVE-2018-12587 | A cross-site scripting (XSS) vulnerability was found in valeuraddons German Spelling Dictionary v1.3 (an Opera Browser add-on). Instead of providing text for a spelling check, remote attackers may inject arbitrary web script or HTML via the ajax query parameter in the URL Address Bar. | MEDIUM | Aug 13, 2018 | n/a |
| CVE-2018-12585 | An XXE vulnerability in the OPC UA Java and .NET Legacy Stack can allow remote attackers to trigger a denial of service. | MEDIUM | Sep 14, 2018 | n/a |
| CVE-2018-12584 | The ConnectionBase::preparseNewBytes function in resip/stack/ConnectionBase.cxx in reSIProcate through 1.10.2 allows remote attackers to cause a denial of service (buffer overflow) or possibly execute arbitrary code when TLS communication is enabled. | HIGH | Jul 25, 2018 | n/a |
| CVE-2018-12583 | An issue was discovered in AKCMS 6.1. CSRF can delete an article via an admincp deleteitem action to index.php. | MEDIUM | Jun 19, 2018 | n/a |
