Export limit exceeded: 346758 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (346758 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2018-12041 | 1 Mediatek | 2 Awus036nh, Awus036nh Firmware | 2024-11-21 | N/A |
| An issue was discovered on the MediaTek AWUS036NH wireless USB adapter through 5.1.25.0. Attackers can remotely deny service by sending specially constructed 802.11 frames. | ||||
| CVE-2018-12040 | 1 Sensiolabs | 1 Symfony | 2024-11-21 | N/A |
| Reflected Cross-site scripting (XSS) vulnerability in the web profiler in SensioLabs Symfony 3.3.6 allows remote attackers to inject arbitrary web script or HTML via the "file" parameter, aka an _profiler/open?file= URI. NOTE: The vendor states "The XSS ... is in the web profiler, a tool that should never be deployed in production (so, we don't handle those issues as security issues). | ||||
| CVE-2018-12039 | 1 Joyplus-cms Project | 1 Joyplus-cms | 2024-11-21 | N/A |
| joyplus-cms 1.6.0 allows Remote Code Execution because of an Arbitrary SQL command execution issue in manager/index.php involving use of a "/!select/" substring in place of a select substring. | ||||
| CVE-2018-12038 | 1 Samsung | 2 840 Evo, 840 Evo Firmware | 2024-11-21 | N/A |
| An issue was discovered on Samsung 840 EVO devices. Vendor-specific commands may allow access to the disk-encryption key. | ||||
| CVE-2018-12037 | 2 Micron, Samsung | 14 Crucial Mx100, Crucial Mx100 Firmware, Crucial Mx200 and 11 more | 2024-11-21 | N/A |
| An issue was discovered on Samsung 840 EVO and 850 EVO devices (only in "ATA high" mode, not vulnerable in "TCG" or "ATA max" mode), Samsung T3 and T5 portable drives, and Crucial MX100, MX200 and MX300 devices. Absence of a cryptographic link between the password and the Disk Encryption Key allows attackers with privileged access to SSD firmware full access to encrypted data. | ||||
| CVE-2018-12036 | 1 Owasp | 1 Dependency-check | 2024-11-21 | N/A |
| OWASP Dependency-Check before 3.2.0 allows attackers to write to arbitrary files via a crafted archive that holds directory traversal filenames. | ||||
| CVE-2018-12035 | 1 Virustotal | 1 Yara | 2024-11-21 | N/A |
| In YARA 3.7.1 and prior, parsing a specially crafted compiled rule file can cause an out of bounds write vulnerability in yr_execute_code in libyara/exec.c. | ||||
| CVE-2018-12034 | 1 Virustotal | 1 Yara | 2024-11-21 | N/A |
| In YARA 3.7.1 and prior, parsing a specially crafted compiled rule file can cause an out of bounds read vulnerability in yr_execute_code in libyara/exec.c. | ||||
| CVE-2018-12031 | 1 Eaton | 1 Intelligent Power Manager | 2024-11-21 | N/A |
| Local file inclusion in Eaton Intelligent Power Manager v1.6 allows an attacker to include a file via server/node_upgrade_srv.js directory traversal with the firmware parameter in a downloadFirmware action. | ||||
| CVE-2018-12030 | 1 Chevereto | 1 Chevereto | 2024-11-21 | N/A |
| Chevereto Free before 1.0.13 has XSS. | ||||
| CVE-2018-12029 | 2 Debian, Phusion | 2 Debian Linux, Passenger | 2024-11-21 | N/A |
| A race condition in the nginx module in Phusion Passenger 3.x through 5.x before 5.3.2 allows local escalation of privileges when a non-standard passenger_instance_registry_dir with insufficiently strict permissions is configured. Replacing a file with a symlink after the file was created, but before it was chowned, leads to the target of the link being chowned via the path. Targeting sensitive files such as root's crontab file allows privilege escalation. | ||||
| CVE-2018-12028 | 1 Phusion | 1 Passenger | 2024-11-21 | N/A |
| An Incorrect Access Control vulnerability in SpawningKit in Phusion Passenger 5.3.x before 5.3.2 allows a Passenger-managed malicious application, upon spawning a child process, to report an arbitrary different PID back to Passenger's process manager. If the malicious application then generates an error, it would cause Passenger's process manager to kill said reported arbitrary PID. | ||||
| CVE-2018-12027 | 1 Phusion | 1 Passenger | 2024-11-21 | N/A |
| An Insecure Permissions vulnerability in SpawningKit in Phusion Passenger 5.3.x before 5.3.2 causes information disclosure in the following situation: given a Passenger-spawned application process that reports that it listens on a certain Unix domain socket, if any of the parent directories of said socket are writable by a normal user that is not the application's user, then that non-application user can swap that directory with something else, resulting in traffic being redirected to a non-application user's process through an alternative Unix domain socket. | ||||
| CVE-2018-12026 | 1 Phusion | 1 Passenger | 2024-11-21 | N/A |
| During the spawning of a malicious Passenger-managed application, SpawningKit in Phusion Passenger 5.3.x before 5.3.2 allows such applications to replace key files or directories in the spawning communication directory with symlinks. This then could result in arbitrary reads and writes, which in turn can result in information disclosure and privilege escalation. | ||||
| CVE-2018-12025 | 1 Futurxe | 1 Futurxe | 2024-11-21 | N/A |
| The transferFrom function of a smart contract implementation for FuturXE (FXE), an Ethereum ERC20 token, allows attackers to accomplish an unauthorized transfer of digital assets because of a logic error. The developer messed up with the boolean judgment - if the input value is smaller than or equal to allowed value, the transfer session would stop execution by returning false. This makes no sense, because the transferFrom() function should require the transferring value to not exceed the allowed value in the first place. Suppose this function asks for the allowed value to be smaller than the input. Then, the attacker could easily ignore the allowance: after this condition, the `allowed[from][msg.sender] -= value;` would cause an underflow because the allowed part is smaller than the value. The attacker could transfer any amount of FuturXe tokens of any accounts to an appointed account (the `_to` address) because the allowed value is initialized to 0, and the attacker could bypass this restriction even without the victim's private key. | ||||
| CVE-2018-12023 | 5 Debian, Fasterxml, Fedoraproject and 2 more | 20 Debian Linux, Jackson-databind, Fedora and 17 more | 2024-11-21 | N/A |
| An issue was discovered in FasterXML jackson-databind prior to 2.7.9.4, 2.8.11.2, and 2.9.6. When Default Typing is enabled (either globally or for a specific property), the service has the Oracle JDBC jar in the classpath, and an attacker can provide an LDAP service to access, it is possible to make the service execute a malicious payload. | ||||
| CVE-2018-12022 | 5 Debian, Fasterxml, Fedoraproject and 2 more | 20 Debian Linux, Jackson-databind, Fedora and 17 more | 2024-11-21 | 7.5 High |
| An issue was discovered in FasterXML jackson-databind prior to 2.7.9.4, 2.8.11.2, and 2.9.6. When Default Typing is enabled (either globally or for a specific property), the service has the Jodd-db jar (for database access for the Jodd framework) in the classpath, and an attacker can provide an LDAP service to access, it is possible to make the service execute a malicious payload. | ||||
| CVE-2018-12021 | 1 Sylabs | 1 Singularity | 2024-11-21 | N/A |
| Singularity 2.3.0 through 2.5.1 is affected by an incorrect access control on systems supporting overlay file system. When using the overlay option, a malicious user may access sensitive information by exploiting a few specific Singularity features. | ||||
| CVE-2018-12020 | 4 Canonical, Debian, Gnupg and 1 more | 10 Ubuntu Linux, Debian Linux, Gnupg and 7 more | 2024-11-21 | 7.5 High |
| mainproc.c in GnuPG before 2.2.8 mishandles the original filename during decryption and verification actions, which allows remote attackers to spoof the output that GnuPG sends on file descriptor 2 to other programs that use the "--status-fd 2" option. For example, the OpenPGP data might represent an original filename that contains line feed characters in conjunction with GOODSIG or VALIDSIG status codes. | ||||
| CVE-2018-12019 | 1 Enigmail | 1 Enigmail | 2024-11-21 | N/A |
| The signature verification routine in Enigmail before 2.0.7 interprets user ids as status/control messages and does not correctly keep track of the status of multiple signatures, which allows remote attackers to spoof arbitrary email signatures via public keys containing crafted primary user ids. | ||||