Total
1004 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2018-11910 | 1 Google | 1 Android | 2019-10-02 | 7.2 HIGH | 7.8 HIGH |
In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, improper access control can lead to device node and executable to be run from /persist/ which presents a potential issue. | |||||
CVE-2018-11642 | 1 Dialogic | 1 Powermedia Xms | 2019-10-02 | 7.2 HIGH | 7.8 HIGH |
Incorrect Permission Assignment on the /var/www/xms/cleanzip.sh shell script run periodically in Dialogic PowerMedia XMS through 3.5 allows local users to execute code as the root user. | |||||
CVE-2018-1141 | 1 Tenable | 1 Nessus | 2019-10-02 | 4.4 MEDIUM | 7.0 HIGH |
When installing Nessus to a directory outside of the default location, Nessus versions prior to 7.0.3 did not enforce secure permissions for sub-directories. This could allow for local privilege escalation if users had not secured the directories in the installation location. | |||||
CVE-2018-11909 | 1 Google | 1 Android | 2019-10-02 | 7.2 HIGH | 7.8 HIGH |
In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, improper access control can lead to device node and executable to be run from /cache/ which presents a potential issue. | |||||
CVE-2018-11908 | 1 Google | 1 Android | 2019-10-02 | 7.2 HIGH | 7.8 HIGH |
In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, improper access control can lead to device node and executable to be run from /data/ which presents a potential issue. | |||||
CVE-2018-11907 | 1 Google | 1 Android | 2019-10-02 | 7.2 HIGH | 7.8 HIGH |
In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, improper access control can lead to device node and executable to be run from /firmware/ which presents a potential issue. | |||||
CVE-2018-11277 | 1 Qualcomm | 40 Msm8909w, Msm8909w Firmware, Msm8996au and 37 more | 2019-10-02 | 4.6 MEDIUM | 7.8 HIGH |
In Snapdragon (Automobile, Mobile, Wear) in version MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 810, SD 820, SD 820A, SD 835, SD 845, SDA660, the com.qualcomm.embms is a vendor package deployed in the system image which has an inadequate permission level and allows any application installed from Play Store to request this permission at install-time. The system application interfaces with the Radio Interface Layer leading to potential access control issue. | |||||
CVE-2018-11259 | 1 Qualcomm | 76 Mdm9206, Mdm9206 Firmware, Mdm9607 and 73 more | 2019-10-02 | 3.6 LOW | 7.7 HIGH |
Due to Improper Access Control of NAND-based EFS in Snapdragon Automobile, Snapdragon Mobile and Snapdragon Wear, From fastboot on a NAND-based device, the EFS partition can be erased. Apps processor then has non-secure world full read/write access to the partition until the modem boots and configures the EFS partition addresses in its MPU partition. | |||||
CVE-2018-11194 | 1 Quest | 1 Disk Backup | 2019-10-02 | 9.0 HIGH | 8.8 HIGH |
Quest DR Series Disk Backup software version before 4.0.3.1 allows privilege escalation (issue 6 of 6). | |||||
CVE-2018-11193 | 1 Quest | 1 Disk Backup | 2019-10-02 | 9.0 HIGH | 8.8 HIGH |
Quest DR Series Disk Backup software version before 4.0.3.1 allows privilege escalation (issue 5 of 6). | |||||
CVE-2018-11192 | 1 Quest | 1 Disk Backup | 2019-10-02 | 9.0 HIGH | 8.8 HIGH |
Quest DR Series Disk Backup software version before 4.0.3.1 allows privilege escalation (issue 4 of 6). | |||||
CVE-2018-11191 | 1 Quest | 1 Disk Backup | 2019-10-02 | 9.0 HIGH | 8.8 HIGH |
Quest DR Series Disk Backup software version before 4.0.3.1 allows privilege escalation (issue 3 of 6). | |||||
CVE-2018-10712 | 1 Asrock | 4 A-tuning, F-stream, Restart To Uefi and 1 more | 2019-10-02 | 7.2 HIGH | 7.8 HIGH |
The AsrDrv101.sys and AsrDrv102.sys low-level drivers in ASRock RGBLED before v1.0.35.1, A-Tuning before v3.0.210, F-Stream before v3.0.210, and RestartToUEFI before v1.0.6.2 expose functionality to read/write data from/to IO ports. This could be leveraged in a number of ways to ultimately run code with elevated privileges. | |||||
CVE-2018-10710 | 1 Asrock | 4 A-tuning, F-stream, Restart To Uefi and 1 more | 2019-10-02 | 7.2 HIGH | 7.1 HIGH |
The AsrDrv101.sys and AsrDrv102.sys low-level drivers in ASRock RGBLED before v1.0.35.1, A-Tuning before v3.0.210, F-Stream before v3.0.210, and RestartToUEFI before v1.0.6.2 expose functionality to read and write arbitrary physical memory. This could be leveraged by a local attacker to elevate privileges. | |||||
CVE-2018-10709 | 1 Asrock | 4 A-tuning, F-stream, Restart To Uefi and 1 more | 2019-10-02 | 4.6 MEDIUM | 7.8 HIGH |
The AsrDrv101.sys and AsrDrv102.sys low-level drivers in ASRock RGBLED before v1.0.35.1, A-Tuning before v3.0.210, F-Stream before v3.0.210, and RestartToUEFI before v1.0.6.2 expose functionality to read and write CR register values. This could be leveraged in a number of ways to ultimately run code with elevated privileges. | |||||
CVE-2018-10647 | 1 Safervpn | 1 Safervpn | 2019-10-02 | 7.2 HIGH | 7.8 HIGH |
SaferVPN 4.2.5 for Windows suffers from a SYSTEM privilege escalation vulnerability in its "SaferVPN.Service" service. The "SaferVPN.Service" service executes "openvpn.exe" using OpenVPN config files located within the current user's %LOCALAPPDATA%\SaferVPN\OvpnConfig directory. An authenticated attacker may modify these configuration files to specify a dynamic library plugin that should run for every new VPN connection attempt. This plugin will execute code in the context of the SYSTEM user. | |||||
CVE-2018-10646 | 1 Cyberghostvpn | 1 Cyberghost | 2019-10-02 | 7.2 HIGH | 7.8 HIGH |
CyberGhost 6.5.0.3180 for Windows suffers from a SYSTEM privilege escalation vulnerability through the "CG6Service" service. This service establishes a NetNamedPipe endpoint that allows arbitrary installed applications to connect and call publicly exposed methods. The "ConnectToVpnServer" method accepts a "connectionParams" argument that provides attacker control of the OpenVPN command line. An attacker can specify a dynamic library plugin that should run for every new VPN connection attempt. This plugin will execute code in the context of the SYSTEM user. | |||||
CVE-2018-10645 | 1 Goldenfrog | 1 Vyprvpn | 2019-10-02 | 7.2 HIGH | 7.8 HIGH |
Golden Frog VyprVPN 2.12.1.8015 for Windows suffers from a SYSTEM privilege escalation vulnerability through the "VyprVPN" service. This service establishes a NetNamedPipe endpoint that allows applications to connect and call publicly exposed methods. The "SetProperty" method allows an attacker to configure the "AdditionalOpenVpnParameters" property and control the OpenVPN command line. Using the OpenVPN "plugin" parameter, an attacker may specify a dynamic library plugin that should run for every new VPN connection attempt. This plugin will execute code in the context of the SYSTEM user. This attack may be conducted using "VyprVPN Free" account credentials and the VyprVPN Desktop Client. | |||||
CVE-2018-10520 | 1 Cmsmadesimple | 1 Cms Made Simple | 2019-10-02 | 8.5 HIGH | 6.5 MEDIUM |
In CMS Made Simple (CMSMS) through 2.2.7, the "module remove" operation in the admin dashboard contains an arbitrary file deletion vulnerability that can cause DoS, exploitable by an admin user, because the attacker can remove all lib/ files in all directories. | |||||
CVE-2018-10519 | 1 Cmsmadesimple | 1 Cms Made Simple | 2019-10-02 | 6.5 MEDIUM | 8.8 HIGH |
CMS Made Simple (CMSMS) 2.2.7 contains a privilege escalation vulnerability from ordinary user to admin user by arranging for the eff_uid value within $_COOKIE[$this->_loginkey] to equal 1, because files in the tmp/ directory are accessible through HTTP requests. NOTE: this vulnerability exists because of an incorrect fix for CVE-2018-10084. |