Total
10428 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2018-5956 | 1 Zillya | 1 Zillya\! Antivirus | 2024-11-21 | 6.1 MEDIUM | 7.8 HIGH |
| In Zillya! Antivirus 3.0.2230.0, the driver file (zef.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x9C402414. | |||||
| CVE-2018-5955 | 1 Smartmobilesoftware | 1 Gitstack | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered in GitStack through 2.3.10. User controlled input is not sufficiently filtered, allowing an unauthenticated attacker to add a user to the server via the username and password fields to the rest/user/ URI. | |||||
| CVE-2018-5869 | 1 Qualcomm | 26 Mdm9206, Mdm9206 Firmware, Mdm9607 and 23 more | 2024-11-21 | 7.2 HIGH | 7.8 HIGH |
| Improper input validation in the QTEE keymaster app can lead to invalid memory access in snapdragon mobile and snapdragon wear in versions MDM9206, MDM9607, MSM8909W, SD 210/SD 212/SD 205, SD 410/12, SD 615/16/SD 415, SD 800, SD 810 | |||||
| CVE-2018-5803 | 3 Debian, Linux, Redhat | 6 Debian Linux, Linux Kernel, Enterprise Linux Desktop and 3 more | 2024-11-21 | 4.9 MEDIUM | 5.5 MEDIUM |
| In the Linux Kernel before version 4.15.8, 4.14.25, 4.9.87, 4.4.121, 4.1.51, and 3.2.102, an error in the "_sctp_make_chunk()" function (net/sctp/sm_make_chunk.c) when handling SCTP packets length can be exploited to cause a kernel crash. | |||||
| CVE-2018-5767 | 1 Tendacn | 2 Ac15, Ac15 Firmware | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered on Tenda AC15 V15.03.1.16_multi devices. A remote, unauthenticated attacker can gain remote code execution on the device with a crafted password parameter for the COOKIE header. | |||||
| CVE-2018-5763 | 1 Oxid-esales | 1 Eshop | 2024-11-21 | 4.3 MEDIUM | 5.9 MEDIUM |
| An issue was discovered in OXID eShop Enterprise Edition before 5.3.7 and 6.x before 6.0.1. By entering specially crafted URLs, an attacker is able to bring the shop server to a standstill and hence, it stops working. This is only valid if OXID High Performance Option is activated and Varnish is used. | |||||
| CVE-2018-5753 | 1 Open-xchange | 1 Open-xchange Appsuite | 2024-11-21 | 4.0 MEDIUM | 6.5 MEDIUM |
| The frontend component in Open-Xchange OX App Suite before 7.6.3-rev31, 7.8.x before 7.8.2-rev31, 7.8.3 before 7.8.3-rev41, and 7.8.4 before 7.8.4-rev20 allows remote attackers to spoof the origin of e-mails via unicode characters in the "personal part" of a (1) From or (2) Sender address. | |||||
| CVE-2018-5731 | 1 Heimdalsecurity | 1 Heimdal | 2024-11-21 | 4.4 MEDIUM | 7.0 HIGH |
| An issue was discovered in Heimdal PRO 2.2.190. As part of the scanning feature, a process called md.hs writes an executable called CS1.tmp to C:\windows\TEMP. Afterwards the executable is run. It is possible for an attacker to create the file first, let md.hs overwrite it, and then rewrite the file in the window between md.hs closing the file and executing it. This can be exploited via opportunistic locks and a high priority thread. The vulnerability is triggered when a scan starts. NOTE: any affected Heimdal products are completely unrelated to the Heimdal vendor of a Kerberos 5 product on the h5l.org web site. | |||||
| CVE-2018-5714 | 1 Malwarefox | 1 Anti-malware | 2024-11-21 | 6.1 MEDIUM | 7.8 HIGH |
| In Malwarefox Anti-Malware 2.72.169, the driver file (zam64.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x80002054. | |||||
| CVE-2018-5713 | 1 Malwarefox | 1 Anti-malware | 2024-11-21 | 6.1 MEDIUM | 7.8 HIGH |
| In Malwarefox Anti-Malware 2.72.169, the driver file (zam64.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x80002010. | |||||
| CVE-2018-5549 | 1 F5 | 1 Big-ip Access Policy Manager | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| On BIG-IP APM 11.6.0-11.6.3.1, 12.1.0-12.1.3.3, 13.0.0, and 13.1.0-13.1.0.3, APMD may core when processing SAML Assertion or response containing certain elements. | |||||
| CVE-2018-5545 | 1 F5 | 1 Websafe Alert Server | 2024-11-21 | 6.5 MEDIUM | 8.8 HIGH |
| On F5 WebSafe Alert Server 1.0.0-4.2.6, a malicious, authenticated user can execute code on the alert server by using a maliciously crafted payload. | |||||
| CVE-2018-5542 | 1 F5 | 13 Big-ip Access Policy Manager, Big-ip Advanced Firewall Manager, Big-ip Analytics and 10 more | 2024-11-21 | 6.8 MEDIUM | 8.1 HIGH |
| F5 BIG-IP 13.0.0-13.0.1, 12.1.0-12.1.3.6, or 11.2.1-11.6.3.2 HTTPS health monitors do not validate the identity of the monitored server. | |||||
| CVE-2018-5537 | 1 F5 | 10 Big-ip Access Policy Manager, Big-ip Advanced Firewall Manager, Big-ip Application Acceleration Manager and 7 more | 2024-11-21 | 2.6 LOW | 5.3 MEDIUM |
| A remote attacker may be able to disrupt services on F5 BIG-IP 13.0.0-13.1.0.5, 12.1.0-12.1.3.5, 11.6.0-11.6.3.1, or 11.2.1-11.5.6 if the TMM virtual server is configured with a HTML or a Rewrite profile. TMM may restart while processing some specially prepared HTML content from the back end. | |||||
| CVE-2018-5535 | 1 F5 | 13 Big-ip Access Policy Manager, Big-ip Advanced Firewall Manager, Big-ip Analytics and 10 more | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| On F5 BIG-IP 14.0.0, 13.0.0-13.1.0, 12.1.0-12.1.3, or 11.5.1-11.6.3 specifically crafted HTTP responses, when processed by a Virtual Server with an associated QoE profile that has Video enabled, may cause TMM to incorrectly buffer response data causing the TMM to restart resulting in a Denial of Service. | |||||
| CVE-2018-5534 | 1 F5 | 13 Big-ip Access Policy Manager, Big-ip Advanced Firewall Manager, Big-ip Analytics and 10 more | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| Under certain conditions on F5 BIG-IP 13.1.0-13.1.0.5, 13.0.0, 12.1.0-12.1.3.1, 11.6.0-11.6.3.1, or 11.5.0-11.5.6, TMM may core while processing SSL forward proxy traffic. | |||||
| CVE-2018-5533 | 1 F5 | 13 Big-ip Access Policy Manager, Big-ip Advanced Firewall Manager, Big-ip Analytics and 10 more | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| Under certain conditions on F5 BIG-IP 13.0.0, 12.1.0-12.1.2, 11.6.0-11.6.3.1, or 11.5.0-11.5.6, TMM may core while processing SSL forward proxy traffic. | |||||
| CVE-2018-5531 | 1 F5 | 13 Big-ip Access Policy Manager, Big-ip Advanced Firewall Manager, Big-ip Analytics and 10 more | 2024-11-21 | 6.1 MEDIUM | 7.4 HIGH |
| Through undisclosed methods, on F5 BIG-IP 13.0.0-13.1.0.7, 12.1.0-12.1.3.5, 11.6.0-11.6.3.1, or 11.2.1-11.5.6, adjacent network attackers can cause a denial of service for VCMP guest and host systems. Attack must be sourced from adjacent network (layer 2). | |||||
| CVE-2018-5528 | 1 F5 | 1 Big-ip Access Policy Manager | 2024-11-21 | 3.5 LOW | 5.3 MEDIUM |
| Under certain conditions, TMM may restart and produce a core file while processing APM data on BIG-IP 13.0.1 or 13.1.0.4-13.1.0.7. | |||||
| CVE-2018-5522 | 1 F5 | 13 Big-ip Access Policy Manager, Big-ip Advanced Firewall Manager, Big-ip Analytics and 10 more | 2024-11-21 | 4.3 MEDIUM | 5.9 MEDIUM |
| On F5 BIG-IP 13.0.0, 12.0.0-12.1.2, 11.6.1-11.6.3.1, 11.5.1-11.5.5, or 11.2.1, when processing DIAMETER transactions with carefully crafted attribute-value pairs, TMM may crash. | |||||