Total
31907 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2018-14985 | 1 Leagoo | 2 Z5c, Z5c Firmware | 2024-11-21 | 5.6 MEDIUM | 7.1 HIGH |
| The Leagoo Z5C Android device with a build fingerprint of sp7731c_1h10_32v4_bird:6.0/MRA58K/android.20170629.214736:user/release-keys contains a pre-installed platform app with a package name of com.android.settings (versionCode=23, versionName=6.0-android.20170630.092853) that contains an exported broadcast receiver that allows any app co-located on the device to programmatically initiate a factory reset. In addition, the app initiating the factory reset does not require any permissions. A factory reset will remove all user data and apps from the device. This will result in the loss of any data that have not been backed up or synced externally. The capability to perform a factory reset is not directly available to third-party apps (those that the user installs themselves with the exception of enabled Mobile Device Management (MDM) apps), although this capability can be obtained by leveraging an unprotected app component of a pre-installed platform app. | |||||
| CVE-2018-14891 | 1 Vectra | 1 Cognito | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
| Management Console in Vectra Networks Cognito Brain and Sensor before 4.3 contains a local privilege escalation vulnerability. | |||||
| CVE-2018-14876 | 1 Flif | 1 Flif | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
| An issue was discovered in image_save_png in image/image-png.cpp in Free Lossless Image Format (FLIF) 0.3. Attackers can trigger a longjmp that leads to an uninitialized stack frame after a libpng error concerning the IHDR image width. | |||||
| CVE-2018-14773 | 3 Debian, Drupal, Sensiolabs | 3 Debian Linux, Drupal, Symfony | 2024-11-21 | 4.0 MEDIUM | 6.5 MEDIUM |
| An issue was discovered in Http Foundation in Symfony 2.7.0 through 2.7.48, 2.8.0 through 2.8.43, 3.3.0 through 3.3.17, 3.4.0 through 3.4.13, 4.0.0 through 4.0.13, and 4.1.0 through 4.1.2. It arises from support for a (legacy) IIS header that lets users override the path in the request URL via the X-Original-URL or X-Rewrite-URL HTTP request header. These headers are designed for IIS support, but it's not verified that the server is in fact running IIS, which means anybody who can send these requests to an application can trigger this. This affects \Symfony\Component\HttpFoundation\Request::prepareRequestUri() where X-Original-URL and X_REWRITE_URL are both used. The fix drops support for these methods so that they cannot be used as attack vectors such as web cache poisoning. | |||||
| CVE-2018-14771 | 1 Vivotek | 1 Camera | 2024-11-21 | 9.0 HIGH | 8.8 HIGH |
| VIVOTEK FD8177 devices before XXXXXX-VVTK-xx06a allow remote attackers to execute arbitrary code (issue 2 of 2) via eventscript.cgi. | |||||
| CVE-2018-14770 | 1 Vivotek | 1 Camera | 2024-11-21 | 9.0 HIGH | 8.8 HIGH |
| VIVOTEK FD8177 devices before XXXXXX-VVTK-xx06a allow remote attackers to execute arbitrary code (issue 1 of 2) via the ONVIF interface, (/onvif/device_service). | |||||
| CVE-2018-14768 | 1 Vivotek | 1 Camera | 2024-11-21 | 9.0 HIGH | 8.8 HIGH |
| Various VIVOTEK FD8*, FD9*, FE9*, IB8*, IB9*, IP9*, IZ9*, MS9*, SD9*, and other devices before XXXXXX-VVTK-xx06a allow remote attackers to execute arbitrary code. | |||||
| CVE-2018-14722 | 1 Btrfsmaintenance Project | 1 Btrfsmaintenance | 2024-11-21 | 9.3 HIGH | 8.1 HIGH |
| An issue was discovered in evaluate_auto_mountpoint in btrfsmaintenance-functions in btrfsmaintenance through 0.4.1. Code execution as root can occur via a specially crafted filesystem label if btrfs-{scrub,balance,trim} are set to auto in /etc/sysconfig/btrfsmaintenance (this is not the default, though). | |||||
| CVE-2018-14714 | 1 Asus | 2 Rt-ac3200, Rt-ac3200 Firmware | 2024-11-21 | 10.0 HIGH | 9.8 CRITICAL |
| System command injection in appGet.cgi on ASUS RT-AC3200 version 3.0.0.4.382.50010 allows attackers to execute system commands via the "load_script" URL parameter. | |||||
| CVE-2018-14636 | 1 Openstack | 1 Neutron | 2024-11-21 | 3.5 LOW | 5.3 MEDIUM |
| Live-migrated instances are briefly able to inspect traffic for other instances on the same hypervisor. This brief window could be extended indefinitely if the instance's port is set administratively down prior to live-migration and kept down after the migration is complete. This is possible due to the Open vSwitch integration bridge being connected to the instance during migration. When connected to the integration bridge, all traffic for instances using the same Open vSwitch instance would potentially be visible to the migrated guest, as the required Open vSwitch VLAN filters are only applied post-migration. Versions of openstack-neutron before 13.0.0.0b2, 12.0.3, 11.0.5 are vulnerable. | |||||
| CVE-2018-14626 | 1 Powerdns | 2 Authoritative, Recursor | 2024-11-21 | 5.0 MEDIUM | 5.3 MEDIUM |
| PowerDNS Authoritative Server 4.1.0 up to 4.1.4 inclusive and PowerDNS Recursor 4.0.0 up to 4.1.4 inclusive are vulnerable to a packet cache pollution via crafted query that can lead to denial of service. | |||||
| CVE-2018-14601 | 1 Gitlab | 1 Gitlab | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered in GitLab Community and Enterprise Edition 11.1.x before 11.1.2. A Denial of Service can occur because Markdown rendering times are slow. | |||||
| CVE-2018-14593 | 2 Debian, Otrs | 2 Debian Linux, Open Ticket Request System | 2024-11-21 | 6.5 MEDIUM | 8.8 HIGH |
| An issue was discovered in Open Ticket Request System (OTRS) 6.0.x through 6.0.9, 5.0.x through 5.0.28, and 4.0.x through 4.0.30. An attacker who is logged into OTRS as an agent may escalate their privileges by accessing a specially crafted URL. | |||||
| CVE-2018-14568 | 1 Suricata-ids | 1 Suricata | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| Suricata before 4.0.5 stops TCP stream inspection upon a TCP RST from a server. This allows detection bypass because Windows TCP clients proceed with normal processing of TCP data that arrives shortly after an RST (i.e., they act as if the RST had not yet been received). | |||||
| CVE-2018-14549 | 1 Libwav Project | 1 Libwav | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
| An issue has been found in libwav through 2017-04-20. It is a SEGV in the function wav_write in libwav.c. | |||||
| CVE-2018-14533 | 1 Intenogroup | 2 Iopsys, Iopsys Firmware | 2024-11-21 | 7.2 HIGH | 7.8 HIGH |
| read_tmp and write_tmp in Inteno IOPSYS allow attackers to gain privileges after writing to /tmp/etc/smb.conf because /var is a symlink to /tmp. | |||||
| CVE-2018-14077 | 1 Wi2be | 1 Smart Hp Wmt | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| Wi2be SMART HP WMT R1.2.20_201400922 allows unauthorized remote attackers to backup the device configuration via a direct request to /Maintenance/configfile.cfg. | |||||
| CVE-2018-14052 | 1 Libwav Project | 1 Libwav | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
| An issue has been found in libwav through 2017-04-20. It is a SEGV in the function apply_gain in wav_gain/wav_gain.c. | |||||
| CVE-2018-14050 | 1 Libwav Project | 1 Libwav | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
| An issue has been found in libwav through 2017-04-20. It is a SEGV in the function wav_free in libwav.c. | |||||
| CVE-2018-14049 | 1 Libwav Project | 1 Libwav | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
| An issue has been found in libwav through 2017-04-20. It is a SEGV in the function print_info in wav_info/wav_info.c. | |||||