The Common Vulnerabilities and Exposures (CVE) project, maintained by the MITRE Corporation, is a list of all standardized names for vulnerabilities and security exposures.
ID | Description | Priority | Modified date |
---|---|---|---|
CVE-2018-16635 | Blackcat CMS 1.3.2 allows XSS via the willkommen.php?lang=DE page title at backend/pages/modify.php. | LOW | Dec 10, 2018 |
CVE-2018-16634 | Pluck v4.7.7 allows CSRF via admin.php?action=settings. | MEDIUM | Dec 4, 2018 |
CVE-2018-16633 | Pluck v4.7.7 allows XSS via the admin.php?action=editpage&page= page title. | LOW | Dec 4, 2018 |
CVE-2018-16632 | Mezzanine CMS v4.3.1 allows XSS via the /admin/blog/blogcategory/add/?_to_field=id&_popup=1 title parameter at admin/blog/blogpost/add/. | LOW | Dec 28, 2018 |
CVE-2018-16631 | Subrion CMS v4.2.1 allows XSS via the panel/configuration/general/ SITE TITLE parameter. | LOW | Dec 4, 2018 |
CVE-2018-16630 | Kirby v2.5.12 allows XSS by using the site files Add option to upload an SVG file. | LOW | Dec 28, 2018 |
CVE-2018-16629 | panel/uploads/#elf_l1_XA in Subrion CMS v4.2.1 allows XSS via an SVG file with JavaScript in a SCRIPT element. | MEDIUM | Dec 4, 2018 |
CVE-2018-16628 | panel/login in Kirby v2.5.12 allows XSS via a blog name. | LOW | Dec 4, 2018 |
CVE-2018-16627 | panel/login in Kirby v2.5.12 allows Host header injection via the forget password feature. | MEDIUM | Dec 20, 2018 |
CVE-2018-16626 | index.php/Admin/Classes in Typesetter 5.1 allows XSS via the description of a new class name. | LOW | May 13, 2019 |
CVE-2018-16625 | index.php/Admin/Uploaded in Typesetter 5.1 allows XSS via an SVG file with JavaScript in a SCRIPT element. | LOW | May 13, 2019 |
CVE-2018-16624 | panel/pages/home/edit in Kirby v2.5.12 allows XSS via the title of a new page. | LOW | May 13, 2019 |
CVE-2018-16623 | Kirby V2.5.12 is prone to a Persistent XSS attack via the Title of the \"Site options\" in the admin panel dashboard dropdown. | LOW | May 13, 2019 |
CVE-2018-16622 | Multiple cross-site scripting (XSS) vulnerabilities in /api/content/addOne in DoraCMS v2.0.3 allow remote attackers to inject arbitrary web script or HTML via the (1) discription or (2) comments field, related to users/userAddContent. | LOW | Sep 6, 2018 |
CVE-2018-16621 | Sonatype Nexus Repository Manager before 3.14 allows Java Expression Language Injection. | MEDIUM | Nov 15, 2018 |
CVE-2018-16620 | Sonatype Nexus Repository Manager before 3.14 has Incorrect Access Control. | MEDIUM | Nov 15, 2018 |
CVE-2018-16619 | Sonatype Nexus Repository Manager before 3.14 allows XSS. | MEDIUM | Nov 15, 2018 |
CVE-2018-16618 | VTech Storio Max before 56.D3JM6 allows remote command execution via shell metacharacters in an Android activity name. It exposes the storeintenttranslate.x service on port 1668 listening for requests on localhost. Requests submitted to this service are checked for a string of random characters followed by the name of an Android activity to start. Activities are started by inserting their name into a string that is executed in a shell command. By inserting metacharacters this can be exploited to run arbitrary commands as root. The requests also match those of the HTTP protocol and can be triggered on any web page rendered on the device by requesting resources stored at an http://127.0.0.1:1668/ URI, as demonstrated by the http://127.0.0.1:1668/dacdb70556479813fab2d92896596eef?\';{ping,example.org}\' URL. | HIGH | Jun 21, 2019 |
CVE-2018-16613 | An issue was discovered in the update function in the wpForo Forum plugin before 1.5.2 for WordPress. A registered forum is able to escalate privilege to the forum administrator without any form of user interaction. | HIGH | Jun 20, 2019 |
CVE-2018-16608 | In Monstra CMS 3.0.4, an attacker with 'Editor' privileges can change the password of the administrator via an admin/index.php?id=users&action=edit&user_id=1, Insecure Direct Object Reference (IDOR). | MEDIUM | Sep 10, 2018 |
CVE-2018-16607 | Cross-site scripting (XSS) vulnerability in the Orgs Page in Open-AudIT Professional edition in 2.2.7 allows remote attackers to inject arbitrary web script via the Orgs name field. | LOW | Sep 19, 2018 |
CVE-2018-16606 | In ProConf before 6.1, an Insecure Direct Object Reference (IDOR) allows any author to view and grab all submitted papers (Title and Abstract) and their authors' personal information (Name, Email, Organization, and Position) by changing the value of Paper ID (the pid parameter). | MEDIUM | Sep 6, 2018 |
CVE-2018-16605 | D-Link DIR-600M devices allow XSS via the Hostname and Username fields in the Dynamic DNS Configuration page. | LOW | Sep 12, 2018 |
CVE-2018-16604 | An issue was discovered in Nibbleblog v4.0.5. With an admin's username and password, an attacker can execute arbitrary PHP code by changing the username because the username is surrounded by double quotes (e.g., ${phpinfo()}). | MEDIUM | Sep 6, 2018 |
CVE-2018-16603 | An issue was discovered in Amazon Web Services (AWS) FreeRTOS through 1.3.1, FreeRTOS up to V10.0.1 (with FreeRTOS+TCP), and WITTENSTEIN WHIS Connect middleware TCP/IP component. Out of bounds access to TCP source and destination port fields in xProcessReceivedTCPPacket can leak data back to an attacker. | MEDIUM | Dec 6, 2018 |
CVE-2018-16602 | An issue was discovered in Amazon Web Services (AWS) FreeRTOS through 1.3.1, FreeRTOS up to V10.0.1 (with FreeRTOS+TCP), and WITTENSTEIN WHIS Connect middleware TCP/IP component. Out of bounds memory access during parsing of DHCP responses in prvProcessDHCPReplies can be used for information disclosure. | MEDIUM | Dec 6, 2018 |
CVE-2018-16601 | An issue was discovered in Amazon Web Services (AWS) FreeRTOS through 1.3.1, FreeRTOS up to V10.0.1 (with FreeRTOS+TCP), and WITTENSTEIN WHIS Connect middleware TCP/IP component. A crafted IP header triggers a full memory space copy in prvProcessIPPacket, leading to denial of service and possibly remote code execution. | MEDIUM | Dec 6, 2018 |
CVE-2018-16600 | An issue was discovered in Amazon Web Services (AWS) FreeRTOS through 1.3.1, FreeRTOS up to V10.0.1 (with FreeRTOS+TCP), and WITTENSTEIN WHIS Connect middleware TCP/IP component. Out of bounds memory access during parsing of ARP packets in eARPProcessPacket can be used for information disclosure. | MEDIUM | Dec 6, 2018 |
CVE-2018-16599 | An issue was discovered in Amazon Web Services (AWS) FreeRTOS through 1.3.1, FreeRTOS up to V10.0.1 (with FreeRTOS+TCP), and WITTENSTEIN WHIS Connect middleware TCP/IP component. Out of bounds memory access during parsing of NBNS packets in prvTreatNBNS can be used for information disclosure. | MEDIUM | Dec 6, 2018 |
CVE-2018-16598 | An issue was discovered in Amazon Web Services (AWS) FreeRTOS through 1.3.1, FreeRTOS up to V10.0.1 (with FreeRTOS+TCP), and WITTENSTEIN WHIS Connect middleware TCP/IP component. In xProcessReceivedUDPPacket and prvParseDNSReply, any received DNS response is accepted, without confirming it matches a sent DNS request. | MEDIUM | Dec 6, 2018 |
CVE-2018-16597 | An issue was discovered in the Linux kernel before 4.8. Incorrect access checking in overlayfs mounts could be used by local attackers to modify or truncate files in the underlying filesystem. | MEDIUM | Sep 27, 2018 |
CVE-2018-16596 | A stack-based buffer overflow in the LAN UPnP service running on UDP port 1900 of Swisscom Internet-Box (2, Standard, and Plus) prior to v09.04.00 and Internet-Box light prior to v08.05.02 allows remote code execution. No authentication is required to exploit this vulnerability. Sending a simple UDP packet to port 1900 allows an attacker to execute code on a remote device. However, this is only possible if the attacker is inside the LAN. Because of ASLR, the success rate is not 100% and leads instead to a DoS of the UPnP service. The remaining functionality of the Internet Box is not affected. A reboot of the Internet Box is necessary to attempt the exploit again. | MEDIUM | Dec 17, 2018 |
CVE-2018-16595 | The Photo Sharing Plus component on Sony Bravia TV through 8.587 devices has a Buffer Overflow. | LOW | Jun 24, 2019 |
CVE-2018-16594 | The Photo Sharing Plus component on Sony Bravia TV through 8.587 devices allows Directory Traversal. | MEDIUM | Jun 24, 2019 |
CVE-2018-16593 | The Photo Sharing Plus component on Sony Bravia TV through 8.587 devices allows Shell Metacharacter Injection. | HIGH | Jun 24, 2019 |
CVE-2018-16591 | FURUNO FELCOM 250 and 500 devices allow unauthenticated users to change the password for the Admin, Log and Service accounts, as well as the password for the protected SMS panel via /cgi-bin/sm_changepassword.cgi and /cgi-bin/sm_sms_changepasswd.cgi. | HIGH | Sep 10, 2018 |
CVE-2018-16590 | FURUNO FELCOM 250 and 500 devices use only client-side JavaScript in login.js for authentication. | HIGH | Sep 6, 2018 |
CVE-2018-16588 | Privilege escalation can occur in the SUSE useradd.c code in useradd, as distributed in the SUSE shadow package through 4.2.1-27.9.1 for SUSE Linux Enterprise 12 (SLE-12) and through 4.5-5.39 for SUSE Linux Enterprise 15 (SLE-15). Non-existing intermediate directories are created with mode 0777 during user creation. Given that they are world-writable, local attackers might use this for privilege escalation and other unspecified attacks. NOTE: this would affect non-SUSE users who took useradd.c code from a 2014-04-02 upstream pull request; however, no non-SUSE distribution is known to be affected. | MEDIUM | Sep 26, 2018 |
CVE-2018-16587 | In Open Ticket Request System (OTRS) 4.0.x before 4.0.32, 5.0.x before 5.0.30, and 6.0.x before 6.0.11, an attacker could send a malicious email to an OTRS system. If a user with admin permissions opens it, it causes deletions of arbitrary files that the OTRS web server user has write access to. | MEDIUM | Sep 27, 2018 |
CVE-2018-16586 | In Open Ticket Request System (OTRS) 4.0.x before 4.0.32, 5.0.x before 5.0.30, and 6.0.x before 6.0.11, an attacker could send a malicious email to an OTRS system. If a logged in user opens it, the email could cause the browser to load external image or CSS resources. | MEDIUM | Sep 27, 2018 |
CVE-2018-16585 | ** DISPUTED ** An issue was discovered in Artifex Ghostscript before 9.24. The .setdistillerkeys PostScript command is accepted even though it is not intended for use during document processing (e.g., after the startup phase). This leads to memory corruption, allowing remote attackers able to supply crafted PostScript to crash the interpreter or possibly have unspecified other impact. Note: A reputable source believes that the CVE is potentially a duplicate of CVE-2018-15910 as explained in Red Hat bugzilla (https://bugzilla.redhat.com/show_bug.cgi?id=1626193). | MEDIUM | Sep 9, 2018 |
CVE-2018-16584 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none | -- | Nov 7, 2023 |
CVE-2018-16583 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none | -- | Nov 7, 2023 |
CVE-2018-16582 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none | -- | Nov 7, 2023 |
CVE-2018-16581 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none | -- | Nov 7, 2023 |
CVE-2018-16580 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none | -- | Nov 7, 2023 |
CVE-2018-16579 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none | -- | Nov 7, 2023 |
CVE-2018-16578 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none | -- | Nov 7, 2023 |
CVE-2018-16577 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none | -- | Nov 7, 2023 |
CVE-2018-16576 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none | -- | Nov 7, 2023 |