CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
  Take a third party risk management course for FREE
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities Published In November 2018 (CVSS score >= 5)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
101 CVE-2018-19271 89 Sql 2018-11-14 2019-07-30
6.5
None Remote Low ??? Partial Partial Partial
Centreon 3.4.x (fixed in Centreon 18.10.0 and Centreon web 2.8.28) allows SQL Injection via the main.php searchH parameter.
102 CVE-2018-19246 200 +Info File Inclusion 2018-11-13 2018-12-13
5.0
None Remote Low Not required Partial None None
PHP-Proxy 5.1.0 allows remote attackers to read local files if the default "pre-installed version" (intended for users who lack shell access to their web server) is used. This occurs because the aeb067ca0aa9a3193dce3a7264c90187 app_key value from the default config.php is in place, and this value can be easily used to calculate the authorization data needed for local file inclusion.
103 CVE-2018-19244 611 +Info 2018-11-13 2019-02-01
5.0
None Remote Low Not required Partial None None
An XML External Entity (XXE) vulnerability exists in the Charles 4.2.7 import/export setup option. If a user imports a "Charles Settings.xml" file from an attacker, an intranet network may be accessed and information may be leaked.
104 CVE-2018-19228 22 Dir. Trav. 2018-11-12 2018-12-11
6.4
None Remote Low Not required None Partial Partial
An issue was discovered in LAOBANCMS 2.0. It allows arbitrary file deletion via ../ directory traversal in the admin/pic.php del parameter, as demonstrated by deleting install/install.txt to permit a reinstallation.
105 CVE-2018-19226 200 +Info 2018-11-12 2018-12-11
5.0
None Remote Low Not required Partial None None
An issue was discovered in LAOBANCMS 2.0. It allows remote attackers to list .txt files via a direct request for the /data/0/admin.txt URI.
106 CVE-2018-19225 352 CSRF 2018-11-12 2018-12-11
6.8
None Remote Medium Not required Partial Partial Partial
An issue was discovered in LAOBANCMS 2.0. admin/mima.php has CSRF.
107 CVE-2018-19224 565 2018-11-12 2020-08-24
5.0
None Remote Low Not required None Partial None
An issue was discovered in LAOBANCMS 2.0. /admin/login.php allows spoofing of the id and guanliyuan cookies.
108 CVE-2018-19222 79 XSS 2018-11-12 2019-10-03
7.5
None Remote Low Not required Partial Partial Partial
An issue was discovered in LAOBANCMS 2.0. It allows a /install/mysql_hy.php?riqi=0&i=0 attack to reset the admin password, even if install.txt exists.
109 CVE-2018-19221 89 Sql 2018-11-12 2018-12-11
7.5
None Remote Low Not required Partial Partial Partial
An issue was discovered in LAOBANCMS 2.0. It allows SQL Injection via the admin/login.php guanliyuan parameter.
110 CVE-2018-19220 94 Exec Code 2018-11-12 2018-12-11
7.5
None Remote Low Not required Partial Partial Partial
An issue was discovered in LAOBANCMS 2.0. It allows remote attackers to execute arbitrary PHP code via the host parameter to the install/ URI.
111 CVE-2018-19216 416 2018-11-12 2020-07-13
6.8
None Remote Medium Not required Partial Partial Partial
Netwide Assembler (NASM) before 2.13.02 has a use-after-free in detoken at asm/preproc.c.
112 CVE-2018-19215 125 2018-11-12 2020-07-13
6.8
None Remote Medium Not required Partial Partial Partial
Netwide Assembler (NASM) 2.14rc16 has a heap-based buffer over-read in expand_mmac_params in asm/preproc.c for the special cases of the % and $ and ! characters.
113 CVE-2018-19214 125 2018-11-12 2020-07-13
6.8
None Remote Medium Not required Partial Partial Partial
Netwide Assembler (NASM) 2.14rc15 has a heap-based buffer over-read in expand_mmac_params in asm/preproc.c for insufficient input.
114 CVE-2018-19207 425 Exec Code 2018-11-12 2019-10-03
7.5
None Remote Low Not required Partial Partial Partial
The Van Ons WP GDPR Compliance (aka wp-gdpr-compliance) plugin before 1.4.3 for WordPress allows remote attackers to execute arbitrary code because $wpdb->prepare() input is mishandled, as exploited in the wild in November 2018.
115 CVE-2018-19205 200 +Info 2018-11-12 2022-03-10
5.0
None Remote Low Not required Partial None None
Roundcube before 1.3.7 mishandles GnuPG MDC integrity-protection warnings, which makes it easier for attackers to obtain sensitive information, a related issue to CVE-2017-17688. This is associated with plugins/enigma/lib/enigma_driver_gnupg.php.
116 CVE-2018-19204 20 Exec Code 2018-11-12 2021-06-29
9.0
None Remote Low ??? Complete Complete Complete
PRTG Network Monitor before 18.3.44.2054 allows a remote authenticated attacker (with read-write privileges) to execute arbitrary code and OS commands with system privileges. When creating an HTTP Advanced Sensor, the user's input in the POST parameter 'proxyport_' is mishandled. The attacker can craft an HTTP request and override the 'writeresult' command-line parameter for HttpAdvancedSensor.exe to store arbitrary data in an arbitrary place on the file system. For example, the attacker can create an executable file in the \Custom Sensors\EXE directory and execute it by creating EXE/Script Sensor.
117 CVE-2018-19203 2018-11-12 2021-06-29
5.0
None Remote Low Not required None None Partial
PRTG Network Monitor before 18.2.41.1652 allows remote unauthenticated attackers to terminate the PRTG Core Server Service via a special HTTP request.
118 CVE-2018-19200 476 2018-11-12 2018-12-12
5.0
None Remote Low Not required None None Partial
An issue was discovered in uriparser before 0.9.0. UriCommon.c allows attempted operations on NULL input via a uriResetUri* function.
119 CVE-2018-19199 190 Overflow 2018-11-12 2019-08-06
7.5
None Remote Low Not required Partial Partial Partial
An issue was discovered in uriparser before 0.9.0. UriQuery.c allows an integer overflow via a uriComposeQuery* or uriComposeQueryEx* function because of an unchecked multiplication.
120 CVE-2018-19198 787 2018-11-12 2019-08-06
7.5
None Remote Low Not required Partial Partial Partial
An issue was discovered in uriparser before 0.9.0. UriQuery.c allows an out-of-bounds write via a uriComposeQuery* or uriComposeQueryEx* function because the '&' character is mishandled in certain contexts.
121 CVE-2018-19197 22 Dir. Trav. 2018-11-12 2019-01-23
5.5
None Remote Low ??? None Partial Partial
An issue was discovered in XiaoCms 20141229. admin\controller\database.php allows arbitrary directory deletion via admin/index.php?c=database&a=import&paths[]=../ directory traversal.
122 CVE-2018-19196 94 Exec Code Bypass 2018-11-12 2018-12-13
7.5
None Remote Low Not required Partial Partial Partial
An issue was discovered in XiaoCms 20141229. It allows remote attackers to execute arbitrary code by using the type parameter to bypass the standard admin\controller\uploadfile.php restrictions on uploaded file types (jpg, jpeg, bmp, png, gif), as demonstrated by an admin/index.php?c=uploadfile&a=uploadify_upload&type=php URI.
123 CVE-2018-19194 200 +Info 2018-11-12 2018-12-13
5.0
None Remote Low Not required Partial None None
An issue was discovered in XiaoCms 20141229. /admin/index.php?c=database allows full path disclosure in a "failed to open stream" error message.
124 CVE-2018-19192 352 CSRF 2018-11-12 2018-12-13
6.8
None Remote Medium Not required Partial Partial Partial
An issue was discovered in XiaoCms 20141229. admin/index.php?c=content&a=add&catid=3 has CSRF, as demonstrated by entering news via the data[content] parameter.
125 CVE-2018-19185 787 Overflow 2018-11-12 2020-08-24
7.5
None Remote Low Not required Partial Partial Partial
An issue has been found in libIEC61850 v1.3. It is a heap-based buffer overflow in BerEncoder_encodeOctetString in mms/asn1/ber_encoder.c. This is exploitable even after CVE-2018-18834 has been patched, with a different dataSetValue sequence than the CVE-2018-18834 attack vector.
126 CVE-2018-19184 476 DoS 2018-11-12 2018-12-13
5.0
None Remote Low Not required None None Partial
cmd/evm/runner.go in Go Ethereum (aka geth) 1.8.17 allows attackers to cause a denial of service (SEGV) via crafted bytecode.
127 CVE-2018-19183 119 DoS Overflow 2018-11-12 2020-07-14
5.0
None Remote Low Not required None None Partial
ethereumjs-vm 2.4.0 allows attackers to cause a denial of service (vm.runCode failure and REVERT) via a "code: Buffer.from(my_code, 'hex')" attribute.
128 CVE-2018-19181 22 Dir. Trav. 2018-11-11 2018-12-12
6.4
None Remote Low Not required None Partial Partial
statics/ueditor/php/vendor/Local.class.php in YUNUCMS 1.1.5 allows arbitrary file deletion via the statics/ueditor/php/controller.php?action=remove key parameter, as demonstrated by using directory traversal to delete the install.lock file.
129 CVE-2018-19180 94 Exec Code 2018-11-11 2018-12-12
7.5
None Remote Low Not required Partial Partial Partial
statics/app/index/controller/Install.php in YUNUCMS 1.1.5 (if install.lock is not present) allows remote attackers to execute arbitrary PHP code by placing this code in the index.php?s=index/install/setup2 DB_PREFIX field, which is written to database.php.
130 CVE-2018-19168 78 Exec Code 2018-11-11 2019-10-03
10.0
None Remote Low Not required Complete Complete Complete
Shell Metacharacter Injection in www/modules/save.php in FruityWifi (aka PatatasFritas/PatataWifi) through 2.4 allows remote attackers to execute arbitrary code with root privileges via a crafted mod_name parameter in a POST request. NOTE: unlike in CVE-2018-17317, the attacker does not need a valid session.
131 CVE-2018-19150 119 DoS Overflow Mem. Corr. 2018-11-10 2019-01-16
6.8
None Remote Medium Not required Partial Partial Partial
Memory corruption in PDMODELProvidePDModelHFT in pdmodel.dll in pdfforge PDF Architect 6 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact because of a "Data from Faulting Address controls Code Flow" issue.
132 CVE-2018-19143 425 2018-11-11 2019-10-03
5.5
None Remote Low ??? None Partial Partial
Open Ticket Request System (OTRS) 4.0.x before 4.0.33, 5.0.x before 5.0.31, and 6.0.x before 6.0.13 allows an authenticated user to delete files via a modified submission form because upload caching is mishandled.
133 CVE-2018-19138 352 CSRF 2018-11-09 2019-03-04
6.8
None Remote Medium Not required Partial Partial Partial
WSTMart 2.0.7 has CSRF via the index.php/admin/staffs/add.html URI.
134 CVE-2018-19135 352 CSRF 2018-11-11 2019-01-30
6.8
None Remote Medium Not required Partial Partial Partial
ClipperCMS 1.3.3 does not have CSRF protection on its kcfinder file upload (enabled by default). This can be used by an attacker to perform actions for an admin (or any user with the file upload capability). With this vulnerability, one can automatically upload files (by default, it allows html, pdf, xml, zip, and many other file types). A file can be accessed publicly under the "/assets/files" directory.
135 CVE-2018-19133 200 +Info 2018-11-09 2018-12-31
5.0
None Remote Low Not required Partial None None
In Flarum Core 0.1.0-beta.7.1, a serious leak can get everyone's email address.
136 CVE-2018-19127 94 Exec Code 2018-11-09 2019-02-04
7.5
None Remote Low Not required Partial Partial Partial
A code injection vulnerability in /type.php in PHPCMS 2008 allows attackers to write arbitrary content to a website cache file with a controllable filename, leading to arbitrary code execution. The PHP code is sent via the template parameter, and is written to a data/cache_template/*.tpl.php file along with a "<?php function " substring.
137 CVE-2018-19126 434 Exec Code 2018-11-09 2018-12-12
7.5
None Remote Low Not required Partial Partial Partial
PrestaShop 1.6.x before 1.6.1.23 and 1.7.x before 1.7.4.4 allows remote attackers to execute arbitrary code via a file upload.
138 CVE-2018-19125 2018-11-09 2019-10-03
6.4
None Remote Low Not required None Partial Partial
PrestaShop 1.6.x before 1.6.1.23 and 1.7.x before 1.7.4.4 allows remote attackers to delete an image directory.
139 CVE-2018-19124 22 Dir. Trav. 2018-11-09 2020-08-24
5.0
None Remote Low Not required None Partial None
PrestaShop 1.6.x before 1.6.1.23 and 1.7.x before 1.7.4.4 on Windows allows remote attackers to write to arbitrary image files.
140 CVE-2018-19120 200 +Info 2018-11-29 2019-01-31
5.0
None Remote Low Not required Partial None None
The HTML thumbnailer plugin in KDE Applications before 18.12.0 allows attackers to trigger outbound TCP connections to arbitrary IP addresses, leading to disclosure of the source IP address.
141 CVE-2018-19115 787 Overflow 2018-11-08 2020-08-24
7.5
None Remote Low Not required Partial Partial Partial
keepalived before 2.0.7 has a heap-based buffer overflow when parsing HTTP status codes resulting in DoS or possibly unspecified other impact, because extract_status_code in lib/html.c has no validation of the status code and instead writes an unlimited amount of data to the heap.
142 CVE-2018-19114 20 +Priv 2018-11-08 2019-10-03
6.5
None Remote Low ??? Partial Partial Partial
An issue was discovered in MinDoc through v1.0.2. It allows attackers to gain privileges by uploading an image file with contents that represent an admin session, and then sending a Cookie: header with a mindoc_id value containing the relative pathname of this uploaded file. For example, the mindoc_id (aka session ID) could be of the form aa/../../uploads/blog/201811/attach_#.jpg where '#' is a hex value displayed in the upload field of a manage/blogs/edit/ screen.
143 CVE-2018-19111 319 2018-11-08 2019-10-03
5.0
None Remote Low Not required Partial None None
The Google Cardboard application 1.8 for Android and 1.2 for iOS sends potentially private cleartext information to the Unity 3D Stats web site, as demonstrated by device make, model, and OS.
144 CVE-2018-19109 425 Bypass 2018-11-08 2019-10-03
6.5
None Remote Low ??? Partial Partial Partial
tianti 2.3 allows remote authenticated users to bypass intended permission restrictions by visiting tianti-module-admin/cms/column/list directly to read the column list page or edit a column.
145 CVE-2018-19105 787 DoS 2018-11-08 2019-05-06
6.8
None Remote Medium Not required Partial Partial Partial
LibreCAD 2.1.3 allows remote attackers to cause a denial of service (0x89C04589 write access violation and application crash) or possibly have unspecified other impact via a crafted file.
146 CVE-2018-19104 352 CSRF 2018-11-08 2018-12-11
6.8
None Remote Medium Not required Partial Partial Partial
In BageCMS 3.1.3, upload/index.php has a CSRF vulnerability that can be used to upload arbitrary files and get server privileges.
147 CVE-2018-19093 2018-11-07 2019-10-03
5.0
None Remote Low Not required None None Partial
** DISPUTED ** An issue has been found in libIEC61850 v1.3. It is a SEGV in ControlObjectClient_setCommandTerminationHandler in client/client_control.c. NOTE: the software maintainer disputes this because it requires incorrect usage of the client_example_control program.
148 CVE-2018-19087 787 DoS Exec Code Overflow 2018-11-10 2020-08-24
7.2
None Local Low Not required Complete Complete Complete
RegFilter.sys in IOBit Malware Fighter 6.2 is susceptible to a stack-based buffer overflow when an attacker uses IOCTL 0x8006E044 with a size larger than 8 bytes. This can lead to denial of service or code execution with root privileges.
149 CVE-2018-19086 787 DoS Exec Code Overflow 2018-11-10 2020-08-24
7.2
None Local Low Not required Complete Complete Complete
RegFilter.sys in IOBit Malware Fighter 6.2 is susceptible to a stack-based buffer overflow when an attacker uses IOCTL 0x8006E040 with a size larger than 8 bytes. This can lead to denial of service or code execution with root privileges.
150 CVE-2018-19085 787 DoS Exec Code Overflow 2018-11-10 2020-08-24
7.2
None Local Low Not required Complete Complete Complete
RegFilter.sys in IOBit Malware Fighter 6.2 is susceptible to a stack-based buffer overflow when an attacker uses IOCTL 0x8006E048 with a size larger than 8 bytes. This can lead to denial of service or code execution with root privileges.
Total number of vulnerabilities : 595   Page : 1 2 3 (This Page)4 5 6 7 8 9 10 11 12
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.