The Common Vulnerabilities and Exposures (CVE) project, maintained by the MITRE Corporation, is a list of all standardized names for vulnerabilities and security exposures.
ID | Description | Priority | Modified date |
---|---|---|---|
CVE-2018-4166 | An issue was discovered in certain Apple products. iOS before 11.3 is affected. macOS before 10.13.4 is affected. tvOS before 11.3 is affected. watchOS before 4.3 is affected. The issue involves the NSURLSession component. A race condition allows attackers to execute arbitrary code in a privileged context via a crafted app. | HIGH | Apr 3, 2018 |
CVE-2018-4167 | An issue was discovered in certain Apple products. iOS before 11.3 is affected. macOS before 10.13.4 is affected. tvOS before 11.3 is affected. watchOS before 4.3 is affected. The issue involves the File System Events component. A race condition allows attackers to execute arbitrary code in a privileged context via a crafted app. | HIGH | Apr 3, 2018 |
CVE-2018-5820 | In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with all Android releases from CAF using the Linux kernel before security patch level 2018-04-05, in the function wma_tbttoffset_update_event_handler(), a parameter received from firmware is used to allocate memory for a local buffer and is not properly validated. This can potentially result in an integer overflow subsequently leading to a heap overwrite. | HIGH | Apr 3, 2018 |
CVE-2018-5821 | In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with all Android releases from CAF using the Linux kernel before security patch level 2018-04-05, in function wma_wow_wakeup_host_event(), wake_info->vdev_id is received from FW and is used directly as array index to access wma->interfaces whose max index should be (max_bssid-1). If wake_info->vdev_id is greater than or equal to max_bssid, an out-of-bounds read occurs. | HIGH | Apr 3, 2018 |
CVE-2018-5822 | In Qualcomm Android for MSM, Firefox OS for MSM, and QRD Android with all Android releases from CAF using the Linux kernel before security patch level 2018-04-05, compromised WLAN FW can potentially cause a buffer overwrite. | HIGH | Apr 3, 2018 |
CVE-2018-6247 | NVIDIA Windows GPU Display Driver contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape where a NULL pointer dereference may lead to denial of service or possible escalation of privileges. | HIGH | Apr 2, 2018 |
CVE-2018-6248 | NVIDIA Windows GPU Display Driver contains a vulnerability in the kernel mode layer handler for DxgkDdiEscape where the software uses a sequential operation to read or write a buffer, but it uses an incorrect length value that causes it to access memory that is outside of the bounds of the buffer which may lead to denial of service or possible escalation of privileges. | HIGH | Apr 2, 2018 |
CVE-2018-6249 | NVIDIA GPU Display Driver contains a vulnerability in kernel mode layer handler where a NULL pointer dereference may lead to denial of service or potential escalation of privileges. | HIGH | Apr 2, 2018 |
CVE-2018-6250 | NVIDIA Windows GPU Display Driver contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape where a NULL pointer dereference occurs which may lead to denial of service or possible escalation of privileges. | HIGH | Apr 2, 2018 |
CVE-2018-6251 | NVIDIA Windows GPU Display Driver contains a vulnerability in the DirectX 10 Usermode driver, where a specially crafted pixel shader can cause writing to unallocated memory, leading to denial of service or potential code execution. | HIGH | Apr 3, 2018 |
CVE-2018-6873 | The Auth0 authentication service before 2017-10-15 allows privilege escalation because the JWT audience is not validated. | HIGH | Apr 10, 2018 |
CVE-2018-6918 | In FreeBSD before 11.1-STABLE, 11.1-RELEASE-p9, 10.4-STABLE, 10.4-RELEASE-p8 and 10.3-RELEASE-p28, the length field of the ipsec option header does not count the size of the option header itself, causing an infinite loop when the length is zero. This issue can allow a remote attacker who is able to send an arbitrary packet to cause the machine to crash. | HIGH | Apr 6, 2018 |
CVE-2018-8117 | A security feature bypass vulnerability exists in the Microsoft Wireless Keyboard 850 which could allow an attacker to reuse an AES encryption key to send keystrokes to other keyboard devices or to read keystrokes sent by other keyboards for the affected devices, aka Microsoft Wireless Keyboard 850 Security Feature Bypass Vulnerability. This affects Microsoft Wireless Keyboard 850. | HIGH | Apr 12, 2018 |
CVE-2018-8780 | In Ruby before 2.2.10, 2.3.x before 2.3.7, 2.4.x before 2.4.4, 2.5.x before 2.5.1, and 2.6.0-preview1, the Dir.open, Dir.new, Dir.entries and Dir.empty? methods do not check NULL characters. When using the corresponding method, unintentional directory traversal may be performed. | HIGH | Apr 3, 2018 |
CVE-2018-8941 | Diagnostics functionality on D-Link DSL-3782 devices with firmware EU v. 1.01 has a buffer overflow, allowing authenticated remote attackers to execute arbitrary code via a long Addr value to the 'set Diagnostics_Entry' function in an HTTP request, related to /userfs/bin/tcapi. | HIGH | Apr 3, 2018 |
CVE-2018-8954 | CA Workload Control Center before r11.4 SP6 allows remote attackers to execute arbitrary code via a crafted HTTP request. | HIGH | Apr 12, 2018 |
CVE-2018-9127 | Botan 2.2.0 - 2.4.0 (fixed in 2.5.0) improperly handled wildcard certificates and could accept certain certificates as valid for hostnames when, under RFC 6125 rules, they should not match. This only affects certificates issued to the same domain as the host, so to impersonate a host one must already have a wildcard certificate matching other hosts in the same domain. For example, b*.example.com would match some hostnames that do not begin with a 'b' character. | HIGH | Apr 2, 2018 |
CVE-2018-9230 | ** DISPUTED ** In OpenResty through 1.13.6.1, URI parameters are obtained using the ngx.req.get_uri_args and ngx.req.get_post_args functions that ignore parameters beyond the hundredth one, which might allow remote attackers to bypass intended access restrictions or interfere with certain Web Application Firewall (ngx_lua_waf or X-WAF) products. NOTE: the vendor has reported that 100 parameters is an intentional default setting, but is adjustable within the API. The vendor\'s position is that a security-relevant misuse of the API by a WAF product is a vulnerability in the WAF product, not a vulnerability in OpenResty. | HIGH | Apr 2, 2018 |
CVE-2018-9247 | The upsql function in LibLibActionAdminDataAction.class.php in Gxlcms QY v1.0.0713 allows remote attackers to execute arbitrary SQL statements via the sql parameter. Consequently, an attacker can execute arbitrary PHP code by placing it after a <?php substring, and then using INTO OUTFILE with a .php filename. | HIGH | Apr 3, 2018 |
CVE-2018-9248 | FiberHome VDSL2 Modem HG 150-UB devices allow authentication bypass via a Cookie: Name=0admin header. | HIGH | Apr 8, 2018 |
CVE-2018-9249 | FiberHome VDSL2 Modem HG 150-UB devices allow authentication bypass by ignoring the parent.location='login.html' JavaScript code in the response to an unauthenticated request. | HIGH | Apr 4, 2018 |
CVE-2018-9284 | authentication.cgi on D-Link DIR-868L devices with Singapore StarHub firmware before v1.21SHCb03 allows remote attackers to execute arbitrary code. | HIGH | Apr 4, 2018 |
CVE-2018-9285 | Main_Analysis_Content.asp in /apply.cgi on ASUS RT-AC66U, RT-AC68U, RT-AC86U, RT-AC88U, RT-AC1900, RT-AC2900, and RT-AC3100 devices before 3.0.0.4.384_10007; RT-N18U devices before 3.0.0.4.382.39935; RT-AC87U and RT-AC3200 devices before 3.0.0.4.382.50010; and RT-AC5300 devices before 3.0.0.4.384.20287 allows OS command injection via the pingCNT and destIP fields of the SystemCmd variable. | HIGH | Apr 4, 2018 |
CVE-2018-9326 | Etherpad 1.6.3 before 1.6.4 allows an attacker to execute arbitrary code. | HIGH | Apr 7, 2018 |
CVE-2018-9838 | The caml_ba_deserialize function in byterun/bigarray.c in the standard library in OCaml 4.06.0 has an integer overflow which, in situations where marshalled data is accepted from an untrusted source, allows remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via a crafted object. | HIGH | Apr 6, 2018 |
CVE-2018-9843 | The REST API in CyberArk Password Vault Web Access before 9.9.5 and 10.x before 10.1 allows remote attackers to execute arbitrary code via a serialized .NET object in an Authorization HTTP header. | HIGH | Apr 12, 2018 |
CVE-2018-9847 | In Gxlcms QY v1.0.0713, the update function in LibLibActionAdminTplAction.class.php allows remote attackers to execute arbitrary PHP code by placing this code into a template. | HIGH | Apr 7, 2018 |
CVE-2018-9848 | In Gxlcms QY v1.0.0713, the upload function in LibLibActionAdminUploadAction.class.php allows remote attackers to execute arbitrary PHP code by first using an Admin-Admin-Configsave request to change the config[upload_class] value from jpg,gif,png,jpeg to jpg,gif,png,jpeg,php and then making an Admin-Upload-Upload request. | HIGH | Apr 7, 2018 |
CVE-2018-9862 | util.c in runV 1.0.0 for Docker mishandles a numeric username, which allows attackers to obtain root access by leveraging the presence of an initial numeric value on an /etc/passwd line, and then issuing a docker exec command with that value in the -u argument, a similar issue to CVE-2016-3697. | HIGH | Apr 9, 2018 |
CVE-2018-9924 | An issue was discovered in idreamsoft iCMS through 7.0.7. SQL injection exists via the pid array parameter in an admincp.php?app=tag&do=save&frame=iPHP request. | HIGH | Apr 10, 2018 |
CVE-2014-2048 | The user_openid app in ownCloud Server before 5.0.15 allows remote attackers to obtain access by leveraging an insecure OpenID implementation. | HIGH | Mar 26, 2018 |
CVE-2014-2293 | Zikula Application Framework before 1.3.7 build 11 allows remote attackers to conduct PHP object injection attacks and delete arbitrary files or execute arbitrary PHP code via crafted serialized data in the (1) authentication_method_ser or (2) authentication_info_ser parameter to index.php, or (3) zikulaMobileTheme parameter to index.php. | HIGH | Mar 26, 2018 |
CVE-2014-2652 | SQL injection vulnerability in OpenScape Deployment Service (DLS) before 6.x and 7.x before R1.11.3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | HIGH | Mar 19, 2018 |
CVE-2014-3990 | The Cart::getProducts method in system/library/cart.php in OpenCart 1.5.6.4 and earlier allows remote attackers to conduct server-side request forgery (SSRF) attacks or possibly conduct XML External Entity (XXE) attacks and execute arbitrary code via a crafted serialized PHP object, related to the quantity parameter in an update request. | HIGH | Mar 20, 2018 |
CVE-2014-4912 | An Arbitrary File Upload issue was discovered in Frog CMS 0.9.5 due to lack of extension validation. | HIGH | Mar 22, 2018 |
CVE-2014-5170 | The Storage API module 7.x before 7.x-1.6 for Drupal might allow remote attackers to execute arbitrary code by leveraging failure to update .htaccess file contents after SA-CORE-2013-003. | HIGH | Mar 29, 2018 |
CVE-2015-2000 | The Jumio SDK before 1.5.0 for Android might allow attackers to execute arbitrary code by leveraging a finalize method in a Serializable class that improperly passes an attacker-controlled pointer to a native function. | HIGH | Mar 29, 2018 |
CVE-2015-2001 | The MetaIO SDK before 6.0.2.1 for Android might allow attackers to execute arbitrary code by leveraging a finalize method in a Serializable class that improperly passes an attacker-controlled pointer to a native function. | HIGH | Mar 29, 2018 |
CVE-2015-2002 | The ESRI ArcGis Runtime SDK before 10.2.6-2 for Android might allow attackers to execute arbitrary code by leveraging a finalize method in a Serializable class that improperly passes an attacker-controlled pointer to a native function. | HIGH | Mar 29, 2018 |
CVE-2015-2003 | The PJSIP PJSUA2 SDK before SVN Changeset 51322 for Android might allow attackers to execute arbitrary code by leveraging a finalize method in a Serializable class that improperly passes an attacker-controlled pointer to a native function. | HIGH | Mar 29, 2018 |
CVE-2015-2004 | The GraceNote GNSDK SDK before SVN Changeset 1.1.7 for Android might allow attackers to execute arbitrary code by leveraging a finalize method in a Serializable class that improperly passes an attacker-controlled pointer to a native function. | HIGH | Mar 29, 2018 |
CVE-2015-2020 | The MyScript SDK before 1.3 for Android might allow attackers to execute arbitrary code by leveraging a finalize method in a Serializable class that improperly passes an attacker-controlled pointer to a native function. | HIGH | Mar 29, 2018 |
CVE-2015-9259 | In Docker Notary before 0.1, the checkRoot function in gotuf/client/client.go does not check expiry of root.json files, despite a comment stating that it does. Even if a user creates a new root.json file after a key compromise, an attacker can produce update files referring to an old root.json file. | HIGH | Mar 31, 2018 |
CVE-2016-10393 | In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, when processing a clip with large size values, integer arithmetic overflows, and allocated buffer size will be less than intended buffer size. The following buffer operations will overflow the allocated buffer. | HIGH | Mar 16, 2018 |
CVE-2016-9880 | The GemFire broker for Cloud Foundry 1.6.x before 1.6.5 and 1.7.x before 1.7.1 has multiple API endpoints which do not require authentication and could be used to gain access to the cluster managed by the broker. | HIGH | Mar 17, 2018 |
CVE-2017-0915 | Gitlab Community Edition version 10.2.4 is vulnerable to a lack of input validation in the GitlabProjectsImportService resulting in remote code execution. | HIGH | Mar 22, 2018 |
CVE-2017-0916 | Gitlab Community Edition version 10.3 is vulnerable to a lack of input validation in the system_hook_push queue through web hook component resulting in remote code execution. | HIGH | Mar 22, 2018 |
CVE-2017-0932 | Ubiquiti Networks EdgeOS version 1.9.1.1 and prior suffer from an Improper Privilege Management vulnerability due to the lack of validation on the input of the Feature functionality. An attacker with access to an operator (read-only) account and ssh connection to the devices could escalate privileges to admin (root) access in the system. | HIGH | Mar 22, 2018 |
CVE-2017-0933 | Ubiquiti Networks EdgeOS version 1.9.1 and prior suffer from a Cross-Site Request Forgery (CSRF) vulnerability. An attacker with access to an operator (read-only) account could lure an admin (root) user to access the attacker-controlled page, allowing the attacker to gain admin privileges in the system. | HIGH | Mar 22, 2018 |
CVE-2017-0934 | Ubiquiti Networks EdgeOS version 1.9.1 and prior suffer from an Improper Privilege Management vulnerability due to the lack of protection of the file system leading to sensitive information being exposed. An attacker with access to an operator (read-only) account could escalate privileges to admin (root) access in the system. | HIGH | Mar 22, 2018 |