National Vulnerability Database

National Vulnerability Database

National Vulnerability
Database

Search Results (Refine Search)

Search Parameters:
  • Search Type: Search Last 3 Months
  • Contains Software Flaws (CVE)
There are 4,248 matching records.
Displaying matches 1 through 20.
Vuln ID Summary CVSS Severity
CVE-2018-20188

FUEL CMS 1.4.3 has CSRF via users/create/ to add an administrator account.

Published: December 17, 2018; 02:29:04 PM -05:00
(not available)
CVE-2018-20186

An issue was discovered in Bento4 1.5.1-627. AP4_Sample::ReadData in Core/Ap4Sample.cpp allows attackers to trigger an attempted excessive memory allocation, related to AP4_DataBuffer::SetDataSize and AP4_DataBuffer::ReallocateBuffer in Core/Ap4DataBuffer.cpp.

Published: December 17, 2018; 02:29:04 PM -05:00
(not available)
CVE-2018-20185

In GraphicsMagick 1.4 snapshot-20181209 Q8 on 32-bit platforms, there is a heap-based buffer over-read in the ReadBMPImage function of bmp.c, which allows attackers to cause a denial of service via a crafted bmp image file. This only affects GraphicsMagick installations with customized BMP limits.

Published: December 17, 2018; 02:29:03 PM -05:00
(not available)
CVE-2018-20184

In GraphicsMagick 1.4 snapshot-20181209 Q8, there is a heap-based buffer overflow in the WriteTGAImage function of tga.c, which allows attackers to cause a denial of service via a crafted image file, because the number of rows or columns can exceed the pixel-dimension restrictions of the TGA specification.

Published: December 17, 2018; 02:29:03 PM -05:00
(not available)
CVE-2018-20133

ymlref allows code injection.

Published: December 17, 2018; 02:29:03 PM -05:00
(not available)
CVE-2018-20123

pvrdma_realize in hw/rdma/vmw/pvrdma_main.c in QEMU has a Memory leak after an initialisation error.

Published: December 17, 2018; 02:29:02 PM -05:00
(not available)
CVE-2018-20092

PTC ThingWorx Platform through 8.3.0 is vulnerable to a directory traversal attack on ZIP files via a POST request.

Published: December 17, 2018; 02:29:02 PM -05:00
(not available)
CVE-2018-19976

In YARA 3.8.1, bytecode in a specially crafted compiled rule is exposed to information about its environment, in libyara/exec.c. This is a consequence of the design of the YARA virtual machine.

Published: December 17, 2018; 02:29:02 PM -05:00
(not available)
CVE-2018-19975

In YARA 3.8.1, bytecode in a specially crafted compiled rule can read data from any arbitrary address in memory, in libyara/exec.c. Specifically, OP_COUNT can read a DWORD.

Published: December 17, 2018; 02:29:01 PM -05:00
(not available)
CVE-2018-19974

In YARA 3.8.1, bytecode in a specially crafted compiled rule can read uninitialized data from VM scratch memory in libyara/exec.c. This can allow attackers to discover addresses in the real stack (not the YARA virtual stack).

Published: December 17, 2018; 02:29:01 PM -05:00
(not available)
CVE-2018-19936

PrinterOn Enterprise 4.1.4 allows Arbitrary File Deletion.

Published: December 17, 2018; 02:29:00 PM -05:00
(not available)
CVE-2018-19933

Bolt CMS <3.6.2 allows XSS via text input click preview button as demonstrated by the Title field of a Configured and New Entry.

Published: December 17, 2018; 02:29:00 PM -05:00
(not available)
CVE-2018-19828

Artica Integria IMS 5.0.83 has XSS via the search_string parameter.

Published: December 17, 2018; 02:29:00 PM -05:00
(not available)
CVE-2018-19036

An issue was discovered in several Bosch IP cameras for firmware versions 6.32 and higher. A malicious client could potentially succeed in the unauthorized execution of code on the device via the network interface.

Published: December 17, 2018; 02:29:00 PM -05:00
(not available)
CVE-2018-18556

A privilege escalation issue was discovered in VyOS 1.1.8. The default configuration also allows operator users to execute the pppd binary with elevated (sudo) permissions. Certain input parameters are not properly validated. A malicious operator user can run the binary with elevated permissions and leverage its improper input validation condition to spawn an attacker-controlled shell with root privileges.

Published: December 17, 2018; 02:29:00 PM -05:00
(not available)
CVE-2018-18555

A sandbox escape issue was discovered in VyOS 1.1.8. It provides a restricted management shell for operator users to administer the device. By issuing various shell special characters with certain commands, an authenticated operator user can break out of the management shell and gain access to the underlying Linux shell. The user can then run arbitrary operating system commands with the privileges afforded by their account.

Published: December 17, 2018; 02:29:00 PM -05:00
(not available)
CVE-2018-16596

A stack-based buffer overflow in the LAN UPnP service running on UDP port 1900 of Swisscom Internet-Box (2, Standard, and Plus) prior to v09.04.00 and Internet-Box light prior to v08.05.02 allows remote code execution. No authentication is required to exploit this vulnerability. Sending a simple UDP packet to port 1900 allows an attacker to execute code on a remote device. However, this is only possible if the attacker is inside the LAN. Because of ASLR, the success rate is not 100% and leads instead to a DoS of the UPnP service. The remaining functionality of the Internet Box is not affected. A reboot of the Internet Box is necessary to attempt the exploit again.

Published: December 17, 2018; 02:29:00 PM -05:00
(not available)
CVE-2018-14856

Buffer overflow in dhd_bus_flow_ring_create_response in drivers/net/wireless/bcmdhd4358/dhd_pcie.c in the bcmdhd4358 Wi-Fi driver on the Samsung Galaxy S6 SM-G920F G920FXXU5EQH7 allow an attacker (who has obtained code execution on the Wi-Fi) chip to cause the device driver to perform invalid memory accesses. The Samsung ID is SVE-2018-11785.

Published: December 17, 2018; 02:29:00 PM -05:00
(not available)
CVE-2018-14855

Buffer overflow in dhd_bus_flow_ring_flush_response in drivers/net/wireless/bcmdhd4358/dhd_pcie.c in the bcmdhd4358 Wi-Fi driver on the Samsung Galaxy S6 allow an attacker (who has obtained code execution on the Wi-Fi chip) to cause the device driver to perform invalid memory accesses. The Samsung ID is SVE-2018-11785.

Published: December 17, 2018; 02:29:00 PM -05:00
(not available)
CVE-2018-14854

Buffer overflow in dhd_bus_flow_ring_delete_response in drivers/net/wireless/bcmdhd4358/dhd_pcie.c in the bcmdhd4358 Wi-Fi driver on the Samsung Galaxy S6 SM-G920F G920FXXU5EQH7 allow an attacker (who has obtained code execution on the Wi-Fi chip) to cause the device driver to perform invalid memory accesses. The Samsung ID is SVE-2018-11785.

Published: December 17, 2018; 02:29:00 PM -05:00
(not available)