Search Results (26990 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2018-11307 3 Fasterxml, Oracle, Redhat 18 Jackson-databind, Clusterware, Communications Instant Messaging Server and 15 more 2024-11-21 9.8 Critical
An issue was discovered in FasterXML jackson-databind 2.0.0 through 2.9.5. Use of Jackson default typing along with a gadget class from iBatis allows exfiltration of content. Fixed in 2.7.9.4, 2.8.11.2, and 2.9.6.
CVE-2018-11106 1 Netgear 10 Wc7500, Wc7500 Firmware, Wc7520 and 7 more 2024-11-21 9.8 Critical
NETGEAR has released fixes for a pre-authentication command injection in request_handler.php security vulnerability on the following product models: WC7500, running firmware versions prior to 6.5.3.5; WC7520, running firmware versions prior to 2.5.0.46; WC7600v1, running firmware versions prior to 6.5.3.5; WC7600v2, running firmware versions prior to 6.5.3.5; and WC9500, running firmware versions prior to 6.5.3.5.
CVE-2018-11058 2 Dell, Oracle 13 Bsafe, Bsafe Crypto-c, Application Testing Suite and 10 more 2024-11-21 9.8 Critical
RSA BSAFE Micro Edition Suite, versions prior to 4.0.11 (in 4.0.x) and prior to 4.1.6 (in 4.1.x), and RSA BSAFE Crypto-C Micro Edition, version prior to 4.0.5.3 (in 4.0.x) contain a Buffer Over-Read vulnerability when parsing ASN.1 data. A remote attacker could use maliciously constructed ASN.1 data that would result in such issue.
CVE-2018-10867 1 Redhat 1 Certification 2024-11-21 9.1 Critical
Files are accessible without restrictions from the /update/results page of redhat-certification 7 package, allowing an attacker to remove any file accessible by the apached user.
CVE-2018-10866 1 Redhat 1 Certification 2024-11-21 9.1 Critical
It was discovered that the /configuration view of redhat-certification 7 does not perform an authorization check and it allows an unauthenticated user to remove a "system" file, that is an xml file with host related information, not belonging to him.
CVE-2018-10824 1 Dlink 15 Dir-140l, Dir-140l Firmware, Dir-640l and 12 more 2024-11-21 9.8 Critical
An issue was discovered on D-Link DWR-116 through 1.06, DIR-140L through 1.02, DIR-640L through 1.02, DWR-512 through 2.02, DWR-712 through 2.02, DWR-912 through 2.02, DWR-921 through 2.02, and DWR-111 through 1.01 devices. The administrative password is stored in plaintext in the /tmp/csman/0 file. An attacker having a directory traversal (or LFI) can easily get full router access.
CVE-2018-10771 3 Debian, Fedoraproject, Moinejf 3 Debian Linux, Fedora, Abcm2ps 2024-11-21 9.8 Critical
Stack-based buffer overflow in the get_key function in parse.c in abcm2ps through 8.13.20 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact.
CVE-2018-10759 1 Projectpier 1 Projectpier 2024-11-21 9.8 Critical
PHP remote file inclusion vulnerability in public/patch/patch.php in Project Pier 0.8.8 and earlier allows remote attackers to execute arbitrary commands or SQL statements via the id parameter.
CVE-2018-10753 3 Debian, Fedoraproject, Moinejf 3 Debian Linux, Fedora, Abcm2ps 2024-11-21 9.8 Critical
Stack-based buffer overflow in the delayed_output function in music.c in abcm2ps through 8.13.20 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact.
CVE-2018-10698 1 Moxa 2 Awk-3121, Awk-3121 Firmware 2024-11-21 9.8 Critical
An issue was discovered on Moxa AWK-3121 1.14 devices. The device enables an unencrypted TELNET service by default. This allows an attacker who has been able to gain an MITM position to easily sniff the traffic between the device and the user. Also an attacker can easily connect to the TELNET daemon using the default credentials if they have not been changed by the user.
CVE-2018-10683 1 Redhat 1 Wildfly 2024-11-21 9.8 Critical
An issue was discovered in WildFly 10.1.2.Final. In the case of a default installation without a security realm reference, an attacker can successfully access the server without authentication. NOTE: the Security Realms documentation in the product's Admin Guide indicates that "without a security realm reference" implies "effectively unsecured." The vendor explicitly supports these unsecured configurations because they have valid use cases during development
CVE-2018-10682 1 Wildfly 1 Wildfly 2024-11-21 9.8 Critical
An issue was discovered in WildFly 10.1.2.Final. It is possible for an attacker to access the administration panel on TCP port 9990 without any authentication using "anonymous" access that is automatically created. Once logged in, a misconfiguration present by default (auto-deployment) permits an anonymous user to deploy a malicious .war file, leading to remote code execution. NOTE: the vendor indicates that anonymous access is not available in the default installation; however, it remains optional because there are several use cases for it, including development environments and network architectures that have a proxy server for access control to the WildFly server
CVE-2018-10620 1 Aveva 2 Indusoft Web Studio, Intouch Machine 2017 2024-11-21 9.8 Critical
AVEVA InduSoft Web Studio v8.1 and v8.1SP1, and InTouch Machine Edition v2017 8.1 and v2017 8.1 SP1 a remote user could send a carefully crafted packet to exploit a stack-based buffer overflow vulnerability during tag, alarm, or event related actions such as read and write, with potential for code to be executed.
CVE-2018-10511 1 Trendmicro 1 Control Manager 2024-11-21 10.0 Critical
A vulnerability in Trend Micro Control Manager (versions 6.0 and 7.0) could allow an attacker to conduct a server-side request forgery (SSRF) attack on vulnerable installations.
CVE-2018-10389 1 Open Tftp Server Project 1 Open Tftp Server 2024-11-21 9.8 Critical
Format string vulnerability in the logMess function in TFTP Server MT 1.65 and earlier allows remote attackers to perform a denial of service or execute arbitrary code via format string sequences in a TFTP error packet.
CVE-2018-10388 1 Open Tftp Server Project 1 Open Tftp Server 2024-11-21 9.8 Critical
Format string vulnerability in the logMess function in TFTP Server SP 1.66 and earlier allows remote attackers to perform a denial of service or execute arbitrary code via format string sequences in a TFTP error packet.
CVE-2018-10387 1 Open Tftp Server Project 1 Open Tftp Server 2024-11-21 9.8 Critical
Heap-based overflow vulnerability in TFTP Server SP 1.66 and earlier allows remote attackers to perform a denial of service or possibly execute arbitrary code via a long TFTP error packet, a different vulnerability than CVE-2008-2161.
CVE-2018-10191 2 Debian, Mruby 2 Debian Linux, Mruby 2024-11-21 9.8 Critical
In versions of mruby up to and including 1.4.0, an integer overflow exists in src/vm.c::mrb_vm_exec() when handling OP_GETUPVAR in the presence of deep scope nesting, resulting in a use-after-free. An attacker that can cause Ruby code to be run can use this to possibly execute arbitrary code.
CVE-2018-10105 2 Redhat, Tcpdump 3 Enterprise Linux, Rhel Eus, Tcpdump 2024-11-21 9.8 Critical
tcpdump before 4.9.3 mishandles the printing of SMB data (issue 2 of 2).
CVE-2018-10103 2 Redhat, Tcpdump 3 Enterprise Linux, Rhel Eus, Tcpdump 2024-11-21 9.8 Critical
tcpdump before 4.9.3 mishandles the printing of SMB data (issue 1 of 2).