Total
210374 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2017-2875 | 1 Foscam | 2 C1, C1 Firmware | 2022-06-07 | 6.4 MEDIUM | 9.1 CRITICAL |
| An exploitable buffer overflow vulnerability exists in the Multi-Camera interface used by the Foscam C1 Indoor HD Camera running application firmware 2.52.2.43. A specially crafted request on port 10000 can cause a buffer overflow resulting in overwriting arbitrary data. | |||||
| CVE-2018-4052 | 1 Gog | 1 Galaxy | 2022-06-07 | 2.1 LOW | 5.5 MEDIUM |
| An exploitable local information leak vulnerability exists in the privileged helper tool of GOG Galaxy's Games, version 1.2.47 for macOS. An attacker can pass a PID and receive information running on it that would usually only be accessible to the root user. | |||||
| CVE-2018-4051 | 1 Gog | 1 Galaxy | 2022-06-07 | 4.9 MEDIUM | 5.5 MEDIUM |
| An exploitable local privilege escalation vulnerability exists in the privileged helper tool of GOG Galaxy's Games, version 1.2.47 for macOS. An attacker can globally create directories and subdirectories on the root file system, as well as change the permissions of existing directories. | |||||
| CVE-2018-4049 | 1 Gog | 1 Galaxy | 2022-06-07 | 7.2 HIGH | 7.8 HIGH |
| An exploitable local privilege elevation vulnerability exists in the file system permissions of GOG Galaxy's “Games” directory, version 1.2.48.36 (Windows 64-bit Installer). An attacker can overwrite executables of installed games to exploit this vulnerability and execute arbitrary code with elevated privileges. | |||||
| CVE-2018-4050 | 1 Gog | 1 Galaxy | 2022-06-07 | 7.2 HIGH | 7.8 HIGH |
| An exploitable local privilege escalation vulnerability exists in the privileged helper tool of GOG Galaxy's Games, version 1.2.47 for macOS. An attacker can globally adjust folder permissions leading to execution of arbitrary code with elevated privileges. | |||||
| CVE-2018-4030 | 1 Getcujo | 1 Smart Firewall | 2022-06-07 | 5.0 MEDIUM | 7.5 HIGH |
| An exploitable vulnerability exists the safe browsing function of the CUJO Smart Firewall, version 7003. The bug lies in the way the safe browsing function parses HTTP requests. The "Host" header is incorrectly extracted from captured HTTP requests, which would allow an attacker to visit any malicious websites and bypass the firewall. An attacker could send an HTTP request to exploit this vulnerability. | |||||
| CVE-2018-4059 | 1 Coturn Project | 1 Coturn | 2022-06-07 | 10.0 HIGH | 9.8 CRITICAL |
| An exploitable unsafe default configuration vulnerability exists in the TURN server function of coTURN prior to version 4.5.0.9. By default, the TURN server runs an unauthenticated telnet admin portal on the loopback interface. This can provide administrator access to the TURN server configuration, which can lead to additional attacks. An attacker who can get access to the telnet port can gain administrator access to the TURN server. | |||||
| CVE-2018-4058 | 1 Coturn Project | 1 Coturn | 2022-06-07 | 4.0 MEDIUM | 7.7 HIGH |
| An exploitable unsafe default configuration vulnerability exists in the TURN server functionality of coTURN prior to 4.5.0.9. By default, the TURN server allows relaying external traffic to the loopback interface of its own host. This can provide access to other private services running on that host, which can lead to further attacks. An attacker can set up a relay with a loopback address as the peer on an affected TURN server to trigger this vulnerability. | |||||
| CVE-2018-4055 | 1 Pixar | 1 Renderman | 2022-06-07 | 2.1 LOW | 5.5 MEDIUM |
| A local privilege escalation vulnerability exists in the install helper tool of the Mac OS X version of Pixar Renderman, version 22.2.0. A user with local access can use this vulnerability to read any root file from the file system. An attacker would need local access to the machine to successfully exploit this flaw. | |||||
| CVE-2018-4054 | 1 Pixar | 1 Renderman | 2022-06-07 | 7.2 HIGH | 7.8 HIGH |
| A local privilege escalation vulnerability exists in the install helper tool of the Mac OS X version of Pixar Renderman, version 22.2.0. A user with local access can use this vulnerability to escalate their privileges to root. An attacker would need local access to the machine to successfully exploit this flaw. | |||||
| CVE-2018-4056 | 2 Coturn Project, Debian | 2 Coturn, Debian Linux | 2022-06-07 | 7.5 HIGH | 9.8 CRITICAL |
| An exploitable SQL injection vulnerability exists in the administrator web portal function of coTURN prior to version 4.5.0.9. A login message with a specially crafted username can cause an SQL injection, resulting in authentication bypass, which could give access to the TURN server administrator web portal. An attacker can log in via the external interface of the TURN server to trigger this vulnerability. | |||||
| CVE-2018-4047 | 1 Macpaw | 1 Cleanmymac X | 2022-06-07 | 4.9 MEDIUM | 5.5 MEDIUM |
| An exploitable privilege escalation vulnerability exists in the helper service of Clean My Mac X, version 4.04, due to improper input validation. An attacker with local access could exploit this vulnerability to modify the file system as root. | |||||
| CVE-2018-4046 | 1 Macpaw | 1 Cleanmymac X | 2022-06-07 | 2.1 LOW | 5.5 MEDIUM |
| An exploitable denial-of-service vulnerability exists in the helper service of Clean My Mac X, version 4.04, due to improper input validation. A user with local access can use this vulnerability to terminate a privileged helper application. An attacker would need local access to the machine for a successful exploit. | |||||
| CVE-2018-4045 | 1 Macpaw | 1 Cleanmymac X | 2022-06-07 | 4.9 MEDIUM | 5.5 MEDIUM |
| An exploitable privilege escalation vulnerability exists in the helper service of Clean My Mac X, version 4.04, due to improper input validation. An attacker with local access could exploit this vulnerability to modify the file system as root. | |||||
| CVE-2018-4044 | 1 Macpaw | 1 Cleanmymac X | 2022-06-07 | 4.9 MEDIUM | 5.5 MEDIUM |
| An exploitable privilege escalation vulnerability exists in the helper service of Clean My Mac X, version 4.04, due to improper input validation. An attacker with local access could exploit this vulnerability to modify the file system as root. | |||||
| CVE-2018-4043 | 1 Macpaw | 1 Cleanmymac X | 2022-06-07 | 4.9 MEDIUM | 5.5 MEDIUM |
| An exploitable privilege escalation vulnerability exists in the Clean My Mac X, version 4.04, helper service due to improper input validation. A user with local access can use this vulnerability to modify the file system as root. An attacker would need local access to the machine for a successful exploit. | |||||
| CVE-2018-4014 | 1 Anker-in | 2 Roav Dashcam A1, Roav Dashcam A1 Firmware | 2022-06-07 | 7.5 HIGH | 9.8 CRITICAL |
| An exploitable code execution vulnerability exists in Wi-Fi Command 9999 of the Roav A1 Dashcam running version RoavA1SWV1.9. A specially crafted packet can cause a stack-based buffer overflow, resulting in code execution. An attacker can send a packet to trigger this vulnerability. | |||||
| CVE-2018-4042 | 1 Macpaw | 1 Cleanmymac X | 2022-06-07 | 4.9 MEDIUM | 5.5 MEDIUM |
| An exploitable privilege escalation vulnerability exists in the helper service of Clean My Mac X, version 4.04, due to improper input validation. An attacker with local access could exploit this vulnerability to modify the file system as root. | |||||
| CVE-2018-4041 | 1 Macpaw | 1 Cleanmymac X | 2022-06-07 | 4.9 MEDIUM | 5.5 MEDIUM |
| An exploitable privilege escalation vulnerability exists in the helper service of Clean My Mac X, version 4.04, due to improper input validation. An attacker with local access could exploit this vulnerability to modify the file system as root. | |||||
| CVE-2018-4037 | 1 Macpaw | 1 Cleanmymac X | 2022-06-07 | 2.1 LOW | 5.5 MEDIUM |
| The CleanMyMac X software contains an exploitable privilege escalation vulnerability due to improper input validation. An attacker with local access can use this vulnerability to modify the file system as root. | |||||