CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
  Take a third party risk management course for FREE
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities Published In June 2018 (CVSS score >= 6)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2018-1000553 918 2018-06-26 2018-08-17
6.5
None Remote Low ??? Partial Partial Partial
Trovebox version <= 4.0.0-rc6 contains a Server-Side request forgery vulnerability in webhook component that can result in read or update internal resources. This attack appear to be exploitable via HTTP request. This vulnerability appears to have been fixed in after commit 742b8ed.
2 CVE-2018-1000552 89 Sql 2018-06-26 2018-08-17
6.5
None Remote Low ??? Partial Partial Partial
Trovebox version <= 4.0.0-rc6 contains a SQL Injection vulnerability in album component that can result in SQL code injection. This attack appear to be exploitable via HTTP request. This vulnerability appears to have been fixed in after commit 742b8ed.
3 CVE-2018-1000551 Bypass 2018-06-26 2019-10-03
6.5
None Remote Low ??? Partial Partial Partial
Trovebox version <= 4.0.0-rc6 contains a PHP Type juggling vulnerability in album view component that can result in Authentication bypass. This attack appear to be exploitable via HTTP Request. This vulnerability appears to have been fixed in after commit 742b8edbe.
4 CVE-2018-1000550 22 Dir. Trav. 2018-06-26 2020-08-04
7.5
None Remote Low Not required Partial Partial Partial
The Sympa Community Sympa version prior to version 6.2.32 contains a Directory Traversal vulnerability in wwsympa.fcgi template editing function that can result in Possibility to create or modify files on the server filesystem. This attack appear to be exploitable via HTTP GET/POST request. This vulnerability appears to have been fixed in 6.2.32.
5 CVE-2018-1000548 611 DoS 2018-06-26 2018-08-20
6.8
None Remote Medium Not required Partial Partial Partial
Umlet version < 14.3 contains a XML External Entity (XXE) vulnerability in File parsing that can result in disclosure of confidential data, denial of service, server side request forgery. This attack appear to be exploitable via Specially crafted UXF file. This vulnerability appears to have been fixed in 14.3.
6 CVE-2018-1000546 611 Exec Code 2018-06-26 2018-08-20
6.8
None Remote Medium Not required Partial Partial Partial
Triplea version <= 1.9.0.0.10291 contains a XML External Entity (XXE) vulnerability in Importing game data that can result in Possible information disclosure, server-side request forgery, or remote code execution. This attack appear to be exploitable via Specially crafted game data file (XML).
7 CVE-2018-1000544 59 Dir. Trav. 2018-06-26 2020-08-24
7.5
None Remote Low Not required Partial Partial Partial
rubyzip gem rubyzip version 1.2.1 and earlier contains a Directory Traversal vulnerability in Zip::File component that can result in write arbitrary files to the filesystem. This attack appear to be exploitable via If a site allows uploading of .zip files , an attacker can upload a malicious file that contains symlinks or files with absolute pathnames "../" to write arbitrary files to the filesystem..
8 CVE-2018-1000542 611 Exec Code 2018-06-26 2018-08-20
6.8
None Remote Medium Not required Partial Partial Partial
netbeans-mmd-plugin version <= 1.4.3 contains a XML External Entity (XXE) vulnerability in MMD file import that can result in Possible information disclosure, server-side request forgery, or remote code execution. This attack appear to be exploitable via Specially crafted MMD file.
9 CVE-2018-1000540 611 DoS 2018-06-26 2018-08-20
6.8
None Remote Medium Not required Partial Partial Partial
LoboEvolution version < 9b75694cedfa4825d4a2330abf2719d470c654cd contains a XML External Entity (XXE) vulnerability in XML Parsing when viewing the XML file in the browser that can result in disclosure of confidential data, denial of service, server side request forgery. This attack appear to be exploitable via Specially crafted XML file.
10 CVE-2018-1000537 119 Exec Code Overflow 2018-06-26 2018-08-31
7.5
None Remote Low Not required Partial Partial Partial
Marlin Firmware Marlin version 1.1.x and earlier contains a Buffer Overflow vulnerability in cardreader.cpp (Depending on branch/version) that can result in Arbitrary code execution. This attack appear to be exploitable via Crafted G-Code instruction/file is sent to the printer.
11 CVE-2018-1000533 20 Exec Code 2018-06-26 2021-09-09
7.5
None Remote Low Not required Partial Partial Partial
klaussilveira GitList version <= 0.6 contains a Passing incorrectly sanitized input to system function vulnerability in `searchTree` function that can result in Execute any code as PHP user. This attack appear to be exploitable via Send POST request using search form. This vulnerability appears to have been fixed in 0.7 after commit 87b8c26b023c3fc37f0796b14bb13710f397b322.
12 CVE-2018-1000527 502 Exec Code 2018-06-26 2020-08-24
6.5
None Remote Low ??? Partial Partial Partial
Froxlor version <= 0.9.39.5 contains a PHP Object Injection vulnerability in Domain name form that can result in Possible information disclosure and remote code execution. This attack appear to be exploitable via Passing malicious PHP objection in $_POST['ssl_ipandport']. This vulnerability appears to have been fixed in after commit c1e62e6.
13 CVE-2018-1000525 502 Exec Code 2018-06-26 2020-08-24
7.5
None Remote Low Not required Partial Partial Partial
openpsa contains a PHP Object Injection vulnerability in Form data passed as GET request variables that can result in Possible information disclosure and remote code execution. This attack appear to be exploitable via Specially crafted GET request variable containing serialised PHP object. This vulnerability appears to have been fixed in after commit 097eae0.
14 CVE-2018-1000517 120 Overflow 2018-06-26 2021-02-18
7.5
None Remote Low Not required Partial Partial Partial
BusyBox project BusyBox wget version prior to commit 8e2174e9bd836e53c8b9c6e00d1bc6e2a718686e contains a Buffer Overflow vulnerability in Busybox wget that can result in heap buffer overflow. This attack appear to be exploitable via network connectivity. This vulnerability appears to have been fixed in after commit 8e2174e9bd836e53c8b9c6e00d1bc6e2a718686e.
15 CVE-2018-1000509 502 Exec Code 2018-06-26 2019-10-03
6.5
None Remote Low ??? Partial Partial Partial
Redirection version 2.7.1 contains a Serialisation vulnerability possibly allowing ACE vulnerability in Settings page AJAX that can result in could allow admin to execute arbitrary code in some circumstances. This attack appear to be exploitable via Attacker must have access to admin account. This vulnerability appears to have been fixed in 2.8.
16 CVE-2018-1000506 352 CSRF 2018-06-26 2018-08-30
6.8
None Remote Medium Not required Partial Partial Partial
Metronet Tag Manager version 1.2.7 contains a Cross ite Request Forgery (CSRF) vulnerability in Settings page /wp-admin/options-general.php?page=metronet-tag-manager that can result in allows anybody to do almost anything an admin can. This attack appear to be exploitable via Logged in user must follow a link. This vulnerability appears to have been fixed in 1.2.9.
17 CVE-2018-1000504 601 File Inclusion 2018-06-26 2018-09-04
9.0
None Remote Low ??? Complete Complete Complete
Redirection version 2.7.3 contains a ACE via file inclusion vulnerability in Pass-through mode that can result in allows admins to execute any PHP file in the filesystem. This attack appear to be exploitable via Attacker must be have access to an admin account on the target site. This vulnerability appears to have been fixed in 2.8.
18 CVE-2018-1000502 829 File Inclusion 2018-06-26 2019-10-03
6.5
None Remote Low ??? Partial Partial Partial
MyBB Group MyBB contains a File Inclusion vulnerability in Admin panel (Tools and Maintenance -> Task Manager -> Add New Task) that can result in Allows Local File Inclusion on modern PHP versions and Remote File Inclusion on ancient PHP versions. This attack appear to be exploitable via Must have access to admin panel. This vulnerability appears to have been fixed in 1.8.15.
19 CVE-2018-1000501 640 2018-06-26 2018-08-30
7.5
None Remote Low Not required Partial Partial Partial
Instant Update CMS contains a Password Reset Vulnerability vulnerability in /iu-application/controllers/administration/auth.php that can result in Account Tackover. This attack appear to be exploitable via network connectivity. This vulnerability appears to have been fixed in v0.3.3.
20 CVE-2018-1000500 295 Exec Code 2018-06-26 2020-09-24
6.8
None Remote Medium Not required Partial Partial Partial
Busybox contains a Missing SSL certificate validation vulnerability in The "busybox wget" applet that can result in arbitrary code execution. This attack appear to be exploitable via Simply download any file over HTTPS using "busybox wget https://compromised-domain.com/important-file".
21 CVE-2018-1000204 2018-06-26 2019-10-03
6.3
None Remote Medium ??? Complete None None
** DISPUTED ** Linux Kernel version 3.18 to 4.16 incorrectly handles an SG_IO ioctl on /dev/sg0 with dxfer_direction=SG_DXFER_FROM_DEV and an empty 6-byte cmdp. This may lead to copying up to 1000 kernel heap pages to the userspace. This has been fixed upstream in https://github.com/torvalds/linux/commit/a45b599ad808c3c982fdcdc12b0b8611c2f92824 already. The problem has limited scope, as users don't usually have permissions to access SCSI devices. On the other hand, e.g. the Nero user manual suggests doing `chmod o+r+w /dev/sg*` to make the devices accessible. NOTE: third parties dispute the relevance of this report, noting that the requirement for an attacker to have both the CAP_SYS_ADMIN and CAP_SYS_RAWIO capabilities makes it "virtually impossible to exploit."
22 CVE-2018-1000201 426 2018-06-22 2018-08-13
6.8
None Remote Medium Not required Partial Partial Partial
ruby-ffi version 1.9.23 and earlier has a DLL loading issue which can be hijacked on Windows OS, when a Symbol is used as DLL name instead of a String This vulnerability appears to have been fixed in v1.9.24 and later.
23 CVE-2018-1000189 Exec Code 2018-06-05 2019-10-03
6.5
None Remote Low ??? Partial Partial Partial
A command execution vulnerability exists in Jenkins Absint Astree Plugin 1.0.5 and older in AstreeBuilder.java that allows attackers with Overall/Read access to execute a command on the Jenkins master.
24 CVE-2018-13030 787 DoS Overflow 2018-06-30 2020-08-24
6.8
None Remote Medium Not required Partial Partial Partial
An issue was discovered in jpeg-compressor 0.1. The build_huffman function in stb_image.c allows remote attackers to cause a denial of service (stack-based buffer overflow and application crash) or possibly have unspecified other impact.
25 CVE-2018-13026 125 2018-06-30 2019-10-03
7.5
None Remote Low Not required Partial Partial Partial
An issue was discovered in gpmf-parser 1.1.2. There is a heap-based buffer over-read in GPMF_parser.c in the function GPMF_Type.
26 CVE-2018-13024 434 Exec Code 2018-06-29 2018-08-24
6.5
None Remote Low ??? Partial Partial Partial
Metinfo v6.0.0 allows remote attackers to write code into a .php file, and execute that code, via the module parameter to admin/column/save.php in an editor upload action.
27 CVE-2018-13021 434 Exec Code 2018-06-29 2018-08-21
9.0
None Remote Low ??? Complete Complete Complete
An issue was discovered in HongCMS 3.0.0. There is an Arbitrary Script File Upload issue that can result in PHP code execution via the admin/index.php/template/upload URI.
28 CVE-2018-13012 494 Exec Code 2018-06-29 2019-10-03
6.8
None Remote Medium Not required Partial Partial Partial
Download of code with improper integrity check in snsupd.exe and upd.exe in SAFE'N'SEC SoftControl/SafenSoft SysWatch, SoftControl/SafenSoft TPSecure, and SoftControl/SafenSoft Enterprise Suite before 4.4.12 allows the remote attacker to execute unauthorized code by substituting a forged update server.
29 CVE-2018-13011 125 2018-06-29 2018-08-21
7.5
None Remote Low Not required Partial Partial Partial
An issue was discovered in gpmf-parser 1.1.2. There is a heap-based buffer over-read in GPMF_parser.c in the function GPMF_Validate.
30 CVE-2018-13010 352 CSRF 2018-06-29 2018-08-24
6.8
None Remote Medium Not required Partial Partial Partial
WSTMall v1.9.1_170316 has CSRF via the index.php?m=Admin&c=Users&a=edit URI to add a user account.
31 CVE-2018-13009 125 2018-06-29 2018-08-21
7.5
None Remote Low Not required Partial Partial Partial
An issue was discovered in gpmf-parser 1.1.2. There is a heap-based buffer over-read in GPMF_parser.c in the function GPMF_Next, related to certain checks for GPMF_KEY_END and nest_level (conditional on a buffer_size_longs check).
32 CVE-2018-13008 125 2018-06-29 2018-08-21
7.5
None Remote Low Not required Partial Partial Partial
An issue was discovered in gpmf-parser 1.1.2. There is a heap-based buffer over-read in GPMF_parser.c in the function GPMF_Next, related to certain checks for a positive nest_level.
33 CVE-2018-13007 125 2018-06-29 2018-08-21
7.5
None Remote Low Not required Partial Partial Partial
An issue was discovered in gpmf-parser 1.1.2. There is a heap-based buffer over-read in GPMF_parser.c in the function GPMF_Next, related to certain checks for GPMF_KEY_END and nest_level (not conditional on a buffer_size_longs check).
34 CVE-2018-13006 125 2018-06-29 2019-03-29
7.5
None Remote Low Not required Partial Partial Partial
An issue was discovered in MP4Box in GPAC 0.7.1. There is a heap-based buffer over-read in the isomedia/box_dump.c function hdlr_dump.
35 CVE-2018-13005 125 2018-06-29 2019-03-29
7.5
None Remote Low Not required Partial Partial Partial
An issue was discovered in MP4Box in GPAC 0.7.1. The function urn_Read in isomedia/box_code_base.c has a heap-based buffer over-read.
36 CVE-2018-12999 20 2018-06-29 2018-08-20
6.4
None Remote Low Not required None Partial Partial
Incorrect Access Control in AgentTrayIconServlet in Zoho ManageEngine Desktop Central 10.0.255 allows attackers to delete certain files on the web server without login by sending a specially crafted request to the server with a computerName=../ substring to the /agenttrayicon URI.
37 CVE-2018-12995 94 Exec Code 2018-06-29 2018-08-20
6.5
None Remote Low ??? Partial Partial Partial
onefilecms.php in OneFileCMS through 2012-04-14 might allow attackers to execute arbitrary PHP code via a .php filename on the Upload screen.
38 CVE-2018-12994 94 Exec Code 2018-06-29 2018-08-20
6.5
None Remote Low ??? Partial Partial Partial
onefilecms.php in OneFileCMS through 2012-04-14 might allow attackers to execute arbitrary PHP code via a .php filename on the New File screen.
39 CVE-2018-12984 287 Bypass 2018-06-29 2018-08-20
7.5
None Remote Low Not required Partial Partial Partial
Hycus CMS 1.0.4 allows Authentication Bypass via "'=' 'OR'" credentials.
40 CVE-2018-12983 125 2018-06-29 2020-07-11
6.8
None Remote Medium Not required Partial Partial Partial
A stack-based buffer over-read in the PdfEncryptMD5Base::ComputeEncryptionKey() function in PdfEncrypt.cpp in PoDoFo 0.9.6-rc1 could be leveraged by remote attackers to cause a denial-of-service via a crafted pdf file.
41 CVE-2018-12972 78 Exec Code 2018-06-29 2019-10-03
7.5
None Remote Low Not required Partial Partial Partial
An issue was discovered in OpenTSDB 2.3.0. Many parameters to the /q URI can execute commands, including o, key, style, and yrange and y2range and their JSON input.
42 CVE-2018-12933 787 DoS 2018-06-28 2018-08-17
7.5
None Remote Low Not required Partial Partial Partial
PlayEnhMetaFileRecord in enhmetafile.c in Wine 3.7 allows attackers to cause a denial of service (out-of-bounds write) or possibly have unspecified other impact because the attacker controls the pCreatePen->ihPen array index.
43 CVE-2018-12932 787 DoS Overflow 2018-06-28 2020-08-24
7.5
None Remote Low Not required Partial Partial Partial
PlayEnhMetaFileRecord in enhmetafile.c in Wine 3.7 allows attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact by triggering a large pAlphaBlend->cbBitsSrc value.
44 CVE-2018-12931 787 DoS 2018-06-28 2019-03-26
7.2
None Local Low Not required Complete Complete Complete
ntfs_attr_find in the ntfs.ko filesystem driver in the Linux kernel 4.15.0 allows attackers to trigger a stack-based out-of-bounds write and cause a denial of service (kernel oops or panic) or possibly have unspecified other impact via a crafted ntfs filesystem.
45 CVE-2018-12930 787 DoS 2018-06-28 2019-03-26
7.2
None Local Low Not required Complete Complete Complete
ntfs_end_buffer_async_read in the ntfs.ko filesystem driver in the Linux kernel 4.15.0 allows attackers to trigger a stack-based out-of-bounds write and cause a denial of service (kernel oops or panic) or possibly have unspecified other impact via a crafted ntfs filesystem.
46 CVE-2018-12925 521 2018-06-28 2019-10-03
10.0
None Remote Low Not required Complete Complete Complete
Baseon Lantronix MSS devices do not require a password for TELNET access.
47 CVE-2018-12924 798 2018-06-28 2018-08-24
10.0
None Remote Low Not required Complete Complete Complete
Sollae Serial-Ethernet-Module and Remote-I/O-Device-Server devices have a default password of sollae for the TELNET service.
48 CVE-2018-12918 119 Overflow 2018-06-27 2020-03-16
7.5
None Remote Low Not required Partial Partial Partial
In libpbc.a in PBC through 2017-03-02, there is a Segmentation fault in _pbcB_register_fields in bootstrap.c.
49 CVE-2018-12917 125 2018-06-27 2019-10-03
7.5
None Remote Low Not required Partial Partial Partial
In libpbc.a in PBC through 2017-03-02, there is a heap-based buffer over-read in _pbcM_ip_new in map.c.
50 CVE-2018-12916 119 Overflow 2018-06-27 2018-08-17
7.5
None Remote Low Not required Partial Partial Partial
In libpbc.a in PBC through 2017-03-02, there is a Segmentation fault in _pbcP_message_default in proto.c.
Total number of vulnerabilities : 774   Page : 1 (This Page)2 3 4 5 6 7 8 9 10 11 12 13 14 15 16
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.