Total
654 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2018-7073 | 2 Canonical, Hp | 2 Ubuntu Linux, Moonshot Provisioning Manager | 2024-11-21 | N/A |
| A local arbitrary file modification vulnerability was identified in HPE Moonshot Provisioning Manager prior to v1.24. | ||||
| CVE-2018-7072 | 1 Hp | 1 Moonshot Provisioning Manager | 2024-11-21 | N/A |
| A remote bypass of security restrictions vulnerability was identified in HPE Moonshot Provisioning Manager prior to v1.24. | ||||
| CVE-2018-6910 | 1 Dedecms | 1 Dedecms | 2024-11-21 | 7.5 High |
| DedeCMS 5.7 allows remote attackers to discover the full path via a direct request for include/downmix.inc.php or inc/inc_archives_functions.php. | ||||
| CVE-2018-6880 | 1 Phome | 1 Empirecms | 2024-11-21 | 5.3 Medium |
| EmpireCMS 6.6 through 7.2 allows remote attackers to discover the full path via an array value for a parameter to class/connect.php. | ||||
| CVE-2018-4048 | 1 Gog | 1 Galaxy | 2024-11-21 | 7.8 High |
| An exploitable local privilege elevation vulnerability exists in the file system permissions of the `Temp` directory in GOG Galaxy 1.2.48.36 (Windows 64-bit Installer). An attacker can overwrite executables of the Desktop Galaxy Updater to exploit this vulnerability and execute arbitrary code with SYSTEM privileges. | ||||
| CVE-2018-20947 | 1 Cpanel | 1 Cpanel | 2024-11-21 | N/A |
| cPanel before 68.0.27 allows certain file-write operations via the telnetcrt script (SEC-356). | ||||
| CVE-2018-20321 | 1 Suse | 1 Rancher | 2024-11-21 | N/A |
| An issue was discovered in Rancher 2 through 2.1.5. Any project member with access to the default namespace can mount the netes-default service account in a pod, and then use that pod to execute administrative privileged commands against the k8s cluster. This could be mitigated by isolating the default namespace in a separate project, where only cluster admins can be given permissions to access. As of 2018-12-20, this bug affected ALL clusters created or imported by Rancher. | ||||
| CVE-2018-20237 | 1 Atlassian | 2 Confluence Data Center, Confluence Server | 2024-11-21 | 6.5 Medium |
| Atlassian Confluence Server and Data Center before version 6.13.1 allows an authenticated user to download a deleted page via the word export feature. | ||||
| CVE-2018-1840 | 1 Ibm | 1 Websphere Application Server | 2024-11-21 | N/A |
| IBM WebSphere Application Server 8.5 and 9.0 could allow a remote attacker to gain elevated privileges on the system, caused when a security domain is configured to use a federated repository other than global federated repository and then migrated to a newer release of WebSphere Application Server. IBM X-Force ID: 150813. | ||||
| CVE-2018-18068 | 1 Raspberrypi | 2 Raspberry Pi 3 Model B\+, Raspberry Pi 3 Model B\+ Firmware | 2024-11-21 | N/A |
| The ARM-based hardware debugging feature on Raspberry Pi 3 module B+ and possibly other devices allows non-secure EL1 code to read/write any EL3 (the highest privilege level in ARMv8) memory/register via inter-processor debugging. With a debug host processor A running in non-secure EL1 and a debug target processor B running in any privilege level, the debugging feature allows A to halt B and promote B to any privilege level. As a debug host, A has full control of B even if B owns a higher privilege level than A. Accordingly, A can read/write any EL3 memory/register via B. Also, with this memory access, A can execute arbitrary code in EL3. | ||||
| CVE-2018-16494 | 1 Versa-networks | 1 Versa Operating System | 2024-11-21 | 8.8 High |
| In VOS and overly permissive "umask" may allow for authorized users of the server to gain unauthorized access through insecure file permissions that can result in an arbitrary read, write, or execution of newly created files and directories. Insecure umask setting was present throughout the Versa servers. | ||||
| CVE-2018-15591 | 1 Ivanti | 1 Workspace Control | 2024-11-21 | N/A |
| An issue was discovered in Ivanti Workspace Control before 10.3.10.0 and RES One Workspace. A local authenticated user can bypass Application Whitelisting restrictions to execute arbitrary code by leveraging multiple unspecified attack vectors. | ||||
| CVE-2018-10361 | 1 Kde | 1 Ktexteditor | 2024-11-21 | N/A |
| An issue was discovered in KTextEditor 5.34.0 through 5.45.0. Insecure handling of temporary files in the KTextEditor's kauth_ktexteditor_helper service (as utilized in the Kate text editor) can allow other unprivileged users on the local system to gain root privileges. The attack occurs when one user (who has an unprivileged account but is also able to authenticate as root) writes a text file using Kate into a directory owned by a another unprivileged user. The latter unprivileged user conducts a symlink attack to achieve privilege escalation. | ||||
| CVE-2017-18129 | 1 Qualcomm | 10 Mdm9206, Mdm9206 Firmware, Mdm9607 and 7 more | 2024-11-21 | N/A |
| In Android before security patch level 2018-04-05 on Qualcomm Snapdragon Automobile and Snapdragon Mobile MDM9206, MDM9607, SD 845, MSM8996, MSM8998, it is possible for IPA (internet protocol accelerator) channels owned by one security domain to be controlled from other domains. | ||||
| CVE-2017-18073 | 1 Qualcomm | 18 Mdm9206, Mdm9206 Firmware, Mdm9607 and 15 more | 2024-11-21 | N/A |
| In Android before security patch level 2018-04-05 on Qualcomm Snapdragon Automobile, Snapdragon Mobile, and Snapdragon Wear MDM9206, MDM9607, MDM9650, SD 210/SD 212/SD 205, SD 820, SD 820A, SD 835, the HLOS can gain access to unauthorized memory. | ||||
| CVE-2017-16610 | 1 Netgain-systems | 1 Enterprise Manager | 2024-11-21 | N/A |
| This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Netgain Enterprise Manager. Authentication is not required to exploit this vulnerability. The specific flaw exists within upload_save_do.jsp. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to execute code under the context of the current user. Was ZDI-CAN-4751. | ||||
| CVE-2017-16606 | 1 Netgain-systems | 1 Enterprise Manager | 2024-11-21 | N/A |
| This vulnerability allows remote attackers to execute code by creating arbitrary files on vulnerable installations of NetGain Systems Enterprise Manager 7.2.730 build 1034. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the org.apache.jsp.u.jsp._3d.add_005f3d_005fview_005fdo_jsp servlet, which listens on TCP port 8081 by default. When parsing the filename parameter, the process does not properly validate a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to execute code under the context of Administrator. Was ZDI-CAN-5197. | ||||
| CVE-2017-16605 | 1 Netgain-systems | 1 Enterprise Manager | 2024-11-21 | N/A |
| This vulnerability allows remote attackers to overwrite arbitrary files on vulnerable installations of NetGain Systems Enterprise Manager 7.2.730 build 1034. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the org.apache.jsp.u.jsp.db.save_005fattrs_jsp servlet, which listens on TCP port 8081 by default. When parsing the id parameter, the process does not properly validate a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to overwrite any files accessible to the Administrator. Was ZDI-CAN-5196. | ||||
| CVE-2017-16604 | 1 Netgain-systems | 1 Enterprise Manager | 2024-11-21 | N/A |
| This vulnerability allows remote attackers to overwrite arbitrary files on vulnerable installations of NetGain Systems Enterprise Manager 7.2.730 build 1034. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the org.apache.jsp.u.jsp.cnnic.asset.deviceReport.deviceReport_005fexport_005fdo_jsp servlet, which listens on TCP port 8081 by default. When parsing the filename parameter, the process does not properly validate a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to overwrite any files accessible to the Administrator. Was ZDI-CAN-5195. | ||||
| CVE-2017-16603 | 1 Netgain-systems | 1 Enterprise Manager | 2024-11-21 | N/A |
| This vulnerability allows remote attackers to execute code by creating arbitrary files on vulnerable installations of NetGain Systems Enterprise Manager 7.2.730 build 1034. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the org.apache.jsp.u.jsp.settings.upload_005ffile_005fdo_jsp servlet, which listens on TCP port 8081 by default. When parsing the filename parameter, the process does not properly validate user-supplied data, which can allow for the upload of files. An attacker can leverage this vulnerability to execute code under the context of Administrator. Was ZDI-CAN-5194. | ||||