Total
1368 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2018-2436 | 1 Sap | 1 R\/3 Enterprise Retail | 2019-10-02 | 6.5 MEDIUM | 8.8 HIGH |
Executing transaction WRCK in SAP R/3 Enterprise Retail (EHP6) does not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges. | |||||
CVE-2018-2461 | 1 Sap | 1 People Profile | 2019-10-02 | 6.5 MEDIUM | 8.8 HIGH |
Missing authorization check in SAP HCM Fiori "People Profile" (GBX01 HR version 6.0) for an authenticated user which may result in an escalation of privileges. | |||||
CVE-2018-5113 | 2 Canonical, Mozilla | 2 Ubuntu Linux, Firefox | 2019-10-02 | 5.0 MEDIUM | 7.5 HIGH |
The "browser.identity.launchWebAuthFlow" function of WebExtensions is only allowed to load content over "https:" but this requirement was not properly enforced. This can potentially allow privileged pages to be loaded by the extension. This vulnerability affects Firefox < 58. | |||||
CVE-2018-5135 | 1 Mozilla | 1 Firefox | 2019-10-02 | 5.0 MEDIUM | 7.5 HIGH |
WebExtensions can bypass normal restrictions in some circumstances and use "browser.tabs.executeScript" to inject scripts into contexts where this should not be allowed, such as pages from other WebExtensions or unprivileged "about:" pages. This vulnerability affects Firefox < 59. | |||||
CVE-2018-5377 | 1 Discuz | 1 Discuzx | 2019-10-02 | 7.5 HIGH | 9.8 CRITICAL |
Discuz! DiscuzX X3.4 allows remote attackers to bypass intended access restrictions via the archiver\index.php action parameter. | |||||
CVE-2018-6000 | 1 Asus | 1 Asuswrt | 2019-10-02 | 10.0 HIGH | 9.8 CRITICAL |
An issue was discovered in AsusWRT before 3.0.0.4.384_10007. The do_vpnupload_post function in router/httpd/web.c in vpnupload.cgi provides functionality for setting NVRAM configuration values, which allows attackers to set the admin password and launch an SSH daemon (or enable infosvr command mode), and consequently obtain remote administrative access, via a crafted request. This is available to unauthenticated attackers in conjunction with CVE-2018-5999. | |||||
CVE-2018-7702 | 1 Securenvoy | 1 Securmail | 2019-10-02 | 6.4 MEDIUM | 9.1 CRITICAL |
SecurEnvoy SecurMail before 9.2.501 allows remote attackers to spoof transmission of arbitrary e-mail messages, resend e-mail messages to arbitrary recipients, or modify arbitrary message bodies and attachments by leveraging missing authentication and authorization. | |||||
CVE-2018-8028 | 1 Apache | 1 Sentry | 2019-10-02 | 6.5 MEDIUM | 8.8 HIGH |
An authenticated user can execute ALTER TABLE EXCHANGE PARTITIONS without being authorized by Apache Sentry before 2.0.1. This can allow an attacker unauthorized access to the partitioned data of a Sentry protected table and can allow an attacker to remove data from a Sentry protected table. | |||||
CVE-2018-8755 | 1 Nucom | 2 Wr644gacv, Wr644gacv Firmware | 2019-10-02 | 5.0 MEDIUM | 9.8 CRITICAL |
NuCom WR644GACV devices before STA006 allow an attacker to download the configuration file without credentials. By downloading this file, an attacker can access the admin password, WPA key, and any config information of the device. | |||||
CVE-2017-10846 | 1 Nttdocomo | 2 Wi-fi Station L-02f, Wi-fi Station L-02f Firmware | 2019-10-02 | 5.0 MEDIUM | 7.5 HIGH |
Wi-Fi STATION L-02F Software version V10b and earlier allows remote attackers to bypass access restrictions to obtain information on device settings via unspecified vectors. | |||||
CVE-2018-10251 | 1 Sierrawireless | 11 Aleos, Es440, Es450 and 8 more | 2019-10-02 | 10.0 HIGH | 9.8 CRITICAL |
A vulnerability in Sierra Wireless AirLink GX400, GX440, ES440, and LS300 routers with firmware before 4.4.7 and GX450, ES450, RV50, RV50X, MP70, and MP70E routers with firmware before 4.9.3 could allow an unauthenticated remote attacker to execute arbitrary code and gain full control of an affected system, including issuing commands with root privileges. | |||||
CVE-2017-11135 | 1 Stashcat | 1 Heinekingmedia | 2019-10-02 | 5.0 MEDIUM | 7.5 HIGH |
An issue was discovered in heinekingmedia StashCat through 1.7.5 for Android, through 0.0.80w for Web, and through 0.0.86 for Desktop. The logout mechanism does not check for authorization. Therefore, an attacker only needs to know the device ID. This causes a denial of service. This might be interpreted as a vulnerability in customer-controlled software, in the sense that the StashCat client side has no secure way to signal that it is ending a session and that data should be deleted. | |||||
CVE-2017-12582 | 1 Qnap | 2 Ts-212p, Ts-212p Firmware | 2019-10-02 | 7.5 HIGH | 9.8 CRITICAL |
Unprivileged user can access all functions in the Surveillance Station component in QNAP TS212P devices with firmware 4.2.1 build 20160601. Unprivileged user cannot login at front end but with that unprivileged user SID, all function can access at Surveillance Station. | |||||
CVE-2017-13247 | 1 Google | 1 Android | 2019-10-02 | 4.6 MEDIUM | 7.8 HIGH |
In the Pixel 2 bootloader, there is a missing permission check which bypasses carrier bootloader lock. This could lead to local elevation of privileges with user execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: Android kernel. Android ID: A-71486645. | |||||
CVE-2017-17433 | 2 Debian, Samba | 2 Debian Linux, Rsync | 2019-10-02 | 4.3 MEDIUM | 3.7 LOW |
The recv_files function in receiver.c in the daemon in rsync 3.1.2, and 3.1.3-development before 2017-12-03, proceeds with certain file metadata updates before checking for a filename in the daemon_filter_list data structure, which allows remote attackers to bypass intended access restrictions. | |||||
CVE-2017-11042 | 1 Google | 1 Android | 2019-10-02 | 4.6 MEDIUM | 7.8 HIGH |
In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, ImsService and the IQtiImsExt AIDL APIs are not subject to access control. | |||||
CVE-2018-10207 | 1 Vaultize | 1 Enterprise File Sharing | 2019-10-02 | 5.0 MEDIUM | 5.3 MEDIUM |
An issue was discovered in Vaultize Enterprise File Sharing 17.05.31. An attacker can exploit Missing Authorization on the FlexPaperViewer SWF reader, and export files that should have been restricted, via vectors involving page-by-page access to a document in SWF format. | |||||
CVE-2017-3813 | 1 Cisco | 1 Anyconnect Secure Mobility Client | 2019-10-02 | 7.2 HIGH | 7.8 HIGH |
A vulnerability in the Start Before Logon (SBL) module of Cisco AnyConnect Secure Mobility Client Software for Windows could allow an unauthenticated, local attacker to open Internet Explorer with the privileges of the SYSTEM user. The vulnerability is due to insufficient implementation of the access controls. An attacker could exploit this vulnerability by opening the Internet Explorer browser. An exploit could allow the attacker to use Internet Explorer with the privileges of the SYSTEM user. This may allow the attacker to execute privileged commands on the targeted system. This vulnerability affects versions prior to released versions 4.4.00243 and later and 4.3.05017 and later. Cisco Bug IDs: CSCvc43976. | |||||
CVE-2017-17807 | 1 Linux | 1 Linux Kernel | 2019-10-02 | 2.1 LOW | 3.3 LOW |
The KEYS subsystem in the Linux kernel before 4.14.6 omitted an access-control check when adding a key to the current task's "default request-key keyring" via the request_key() system call, allowing a local user to use a sequence of crafted system calls to add keys to a keyring with only Search permission (not Write permission) to that keyring, related to construct_get_dest_keyring() in security/keys/request_key.c. | |||||
CVE-2017-18312 | 1 Qualcomm | 18 Msm8996au, Msm8996au Firmware, Sd 410 and 15 more | 2019-10-02 | 7.2 HIGH | 7.8 HIGH |
While accessing SafeSwitch services, third party can manipulate a given device and perform unauthorized operation due to lack of checking of same state transitions in Snapdragon Automobile, Snapdragon Mobile in version MSM8996AU, SD 410/12, SD 617, SD 650/52, SD 810, SD 820, SD 820A |