Filtered by CWE-20
Total 12468 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2018-20519 1 74cms 1 74cms 2024-11-21 N/A
An issue was discovered in 74cms v4.2.111. It allows remote authenticated users to read or modify arbitrary resumes by changing a job-search intention, as demonstrated by the index.php?c=Personal&a=ajax_save_basic pid parameter.
CVE-2018-20487 1 Inteno 1 Iopsys 2024-11-21 N/A
An issue was discovered in the firewall3 component in Inteno IOPSYS 1.0 through 3.16. The attacker must make a JSON-RPC method call to add a firewall rule as an "include" and point the "path" argument to a malicious script or binary. This gets executed as root when the firewall changes are committed.
CVE-2018-20424 1 Comsenz 1 Discuzx 2024-11-21 N/A
Discuz! DiscuzX 3.4, when WeChat login is enabled, allows remote attackers to delete the common_member_wechatmp data structure via an ac=unbindmp request to plugin.php.
CVE-2018-20404 1 Viatech 2 Epia-e900, Epia-e900 Firmware 2024-11-21 N/A
ETK_E900.sys, a SmartETK driver for VIA Technologies EPIA-E900 system board, is vulnerable to denial of service attack via IOCTL 0x9C402048, which calls memmove and constantly fails on an arbitrary (uncontrollable) address, resulting in an eternal hang or a BSoD.
CVE-2018-20378 1 Opensynergy 1 Blue Sdk 2024-11-21 N/A
The L2CAP signaling channel implementation and SDP server implementation in OpenSynergy Blue SDK 3.2 through 6.0 allow remote, unauthenticated attackers to execute arbitrary code or cause a denial of service via malicious L2CAP configuration requests, in conjunction with crafted SDP communication over maliciously configured L2CAP channels. The attacker must have connectivity over the Bluetooth physical layer, and must be able to send raw L2CAP frames. This is related to L2Cap_HandleConfigReq in core/stack/l2cap/l2cap_sm.c and SdpServHandleServiceSearchAttribReq in core/stack/sdp/sdpserv.c.
CVE-2018-20335 1 Asus 47 Asuswrt, Gt-ac2900, Gt-ac5300 and 44 more 2024-11-21 7.5 High
An issue was discovered in ASUSWRT 3.0.0.4.384.20308. An unauthenticated user can trigger a DoS of the httpd service via the /APP_Installation.asp?= URI.
CVE-2018-20301 1 Coherence Project 1 Coherence 2024-11-21 N/A
An issue was discovered in Steve Pallen Coherence before 0.5.2 that is similar to a Mass Assignment vulnerability. In particular, "registration" endpoints (e.g., creating, editing, updating) allow users to update any coherence_fields data. For example, users can automatically confirm their accounts by sending the confirmed_at parameter with their registration request.
CVE-2018-20225 1 Pypa 1 Pip 2024-11-21 7.8 High
An issue was discovered in pip (all versions) because it installs the version with the highest version number, even if the user had intended to obtain a private package from a private index. This only affects use of the --extra-index-url option, and exploitation requires that the package does not already exist in the public index (and thus the attacker can put the package there with an arbitrary version number). NOTE: it has been reported that this is intended functionality and the user is responsible for using --extra-index-url securely
CVE-2018-20189 2 Debian, Graphicsmagick 2 Debian Linux, Graphicsmagick 2024-11-21 N/A
In GraphicsMagick 1.3.31, the ReadDIBImage function of coders/dib.c has a vulnerability allowing a crash and denial of service via a dib file that is crafted to appear with direct pixel values and also colormapping (which is not available beyond 8-bits/sample), and therefore lacks indexes initialization.
CVE-2018-20168 1 Google 1 Gvisor 2024-11-21 N/A
Google gVisor before 2018-08-22 reuses a pagetable in a different level with the paging-structure cache intact, which allows attackers to cause a denial of service ("physical address not valid" panic) via a crafted application.
CVE-2018-20162 1 Digi 2 Transport Lr54, Transport Lr54 Firmware 2024-11-21 N/A
Digi TransPort LR54 4.4.0.26 and possible earlier devices have Improper Input Validation that allows users with 'super' CLI access privileges to bypass a restricted shell and execute arbitrary commands as root.
CVE-2018-20159 1 I-doit 1 I-doit 2024-11-21 N/A
i-doit open 1.11.2 allows Remote Code Execution because ZIP archives are mishandled. It has an upload feature that allows an authenticated user with the administrator role to upload arbitrary files to the main website directory. Exploitation involves uploading a ".php" file within a ".zip" file because a ZIP archive is accepted by /admin/?req=modules&action=add as a plugin, and extracted to the main directory. In order for the ".zip" file to be accepted, it must also contain a package.json file.
CVE-2018-20156 1 Designmodo 1 Wp Maintenance Mode 2024-11-21 N/A
The WP Maintenance Mode plugin before 2.0.7 for WordPress allows remote authenticated "site administrator" users to execute arbitrary PHP code throughout a multisite network.
CVE-2018-20152 2 Debian, Wordpress 2 Debian Linux, Wordpress 2024-11-21 N/A
In WordPress before 4.9.9 and 5.x before 5.0.1, authors could bypass intended restrictions on post types via crafted input.
CVE-2018-20127 1 Zzzcms 1 Zzzphp 2024-11-21 7.5 High
An issue was discovered in zzzphp cms 1.5.8. del_file in /admin/save.php allows remote attackers to delete arbitrary files via a mixed-case extension and an extra '.' character, because (for example) "php" is blocked but path=F:/1.phP. succeeds.
CVE-2018-20106 1 Opensuse 1 Yast2-printer 2024-11-21 N/A
In yast2-printer up to and including version 4.0.2 the SMB printer settings don't escape characters in passwords properly. If a password with backticks or simliar characters is supplied this allows for executing code as root. This requires tricking root to enter such a password in yast.
CVE-2018-20070 1 Google 1 Chrome 2024-11-21 N/A
Incorrect handling of confusable characters in URL Formatter in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted domain name.
CVE-2018-20068 1 Google 1 Chrome 2024-11-21 N/A
Incorrect handling of 304 status codes in Navigation in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to confuse the user about the origin of the current page via a crafted HTML page.
CVE-2018-20065 1 Google 1 Chrome 2024-11-21 N/A
Handling of URI action in PDFium in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to initiate potentially unsafe navigations without a user gesture via a crafted PDF file.
CVE-2018-20051 1 Qacctv 2 Jooan Ja-q1h Wi-fi Camera, Jooan Ja-q1h Wi-fi Camera Firmware 2024-11-21 N/A
Mishandling of '>' on the Jooan JA-Q1H Wi-Fi camera with firmware 21.0.0.91 allows remote attackers to cause a denial of service (crash and reboot) via certain ONVIF methods such as CreateUsers, SetImagingSettings, GetStreamUri, and so on.