Vulnerabilidades CVE
Base de datos de vulnerabilidades CVE enriquecida con datos de CISA KEV y NVD
| CVE ID | CVSS | Severidad | KEV | Avistamientos |
|---|---|---|---|---|
| CVE-2018-12166 Insufficient write protection in firmware for Intel(R) Optane(TM) SSD DC P4800X before version E2010435 may allow a privileged user to potentially enable a denial of service via local access. | N/A | NONE | β | 0 |
| CVE-2018-12167 Firmware update routine in bootloader for Intel(R) Optane(TM) SSD DC P4800X before version E2010435 may allow a privileged user to potentially enable a denial of service via local access. | N/A | NONE | β | 0 |
| CVE-2018-12177 Improper directory permissions in the ZeroConfig service in Intel(R) PROSet/Wireless WiFi Software before version 20.90.0.7 may allow an authorized user to potentially enable escalation of privilege v... | N/A | NONE | β | 0 |
| CVE-2018-18098 Improper file verification in install routine for Intel(R) SGX SDK and Platform Software for Windows before 2.2.100 may allow an escalation of privilege via local access. | N/A | NONE | β | 0 |
| CVE-2018-3703 Improper directory permissions in the installer for the Intel(R) SSD Data Center Tool for Windows before v3.0.17 may allow authenticated users to potentially enable an escalation of privilege via loca... | N/A | NONE | β | 0 |
| CVE-2019-0088 Insufficient path checking in Intel(R) System Support Utility for Windows before 2.5.0.15 may allow an authenticated user to potentially enable an escalation of privilege via local access. | N/A | NONE | β | 0 |
| CVE-2017-1002152 Bodhi 2.9.0 and lower is vulnerable to cross-site scripting resulting in code injection caused by incorrect validation of bug titles. | 6.1 | MEDIUM | β | 0 |
| CVE-2018-20684 In WinSCP before 5.14 beta, due to missing validation, the scp implementation would accept arbitrary files sent by the server, potentially overwriting unrelated files. This affects TSCPFileSystem::SCP... | N/A | NONE | β | 0 |
| CVE-2018-15460 A vulnerability in the email message filtering feature of Cisco AsyncOS Software for Cisco Email Security Appliances (ESA) could allow an unauthenticated, remote attacker to cause the CPU utilization ... | 8.6 | HIGH | β | 0 |
| CVE-2018-5403 Imperva SecureSphere gateway (GW) running v13, for both pre-First Time Login or post-First Time Login (FTL), if the attacker knows the basic authentication passwords, the GW may be vulnerable to RCE t... | N/A | NONE | β | 0 |
| CVE-2018-5412 Imperva SecureSphere running v12.0.0.50 is vulnerable to local arbitrary code execution, escaping sealed-mode. | N/A | NONE | β | 0 |
| CVE-2018-5413 Imperva SecureSphere running v13.0, v12.0, or v11.5 allows low privileged users to add SSH login keys to the admin user, resulting in privilege escalation. | N/A | NONE | β | 0 |
| CVE-2018-15461 A vulnerability in the MyWebex component of Cisco Webex Business Suite could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack. The vulnerability is due to insuf... | N/A | NONE | β | 0 |
| CVE-2019-6126 The Admin Panel of PHP Scripts Mall Advance Peer to Peer MLM Script v1.7.0 allows remote attackers to bypass intended access restrictions by directly navigating to admin/dashboard.php or admin/user.ph... | N/A | NONE | β | 0 |
| CVE-2019-6127 An issue was discovered in XiaoCms 20141229. It allows admin/index.php?c=database table[] SQL injection. This can be used for PHP code execution via "INTO OUTFILE" with a .php filename. | N/A | NONE | β | 0 |
| CVE-2019-6128 The TIFFFdOpen function in tif_unix.c in LibTIFF 4.0.10 has a memory leak, as demonstrated by pal2rgb. | 8.8 | HIGH | β | 0 |
| CVE-2019-6129 png_create_info_struct in png.c in libpng 1.6.36 has a memory leak, as demonstrated by pngcp. NOTE: a third party has stated "I don't think it is libpng's job to free this buffer. | N/A | NONE | β | 0 |
| CVE-2019-6130 Artifex MuPDF 1.14.0 has a SEGV in the function fz_load_page of the fitz/document.c file, as demonstrated by mutool. This is related to page-number mishandling in cbz/mucbz.c, cbz/muimg.c, and svg/svg... | N/A | NONE | β | 0 |
| CVE-2019-6131 svg-run.c in Artifex MuPDF 1.14.0 has infinite recursion with stack consumption in svg_run_use_symbol, svg_run_element, and svg_run_use, as demonstrated by mutool. | N/A | NONE | β | 0 |
| CVE-2019-5417 A path traversal vulnerability in serve npm package version 7.0.1 allows the attackers to read content of arbitrary files on the remote server. | N/A | NONE | β | 0 |
| CVE-2019-6133 In PolicyKit (aka polkit) 0.115, the "start time" protection mechanism can be bypassed because fork() is not atomic, and therefore authorization decisions are improperly cached. This is related to lac... | N/A | NONE | β | 0 |
| CVE-2018-15464 A vulnerability in Cisco 900 Series Aggregation Services Router (ASR) software could allow an unauthenticated, remote attacker to cause a partial denial of service (DoS) condition on an affected devic... | N/A | NONE | β | 0 |
| CVE-2018-15466 A vulnerability in the Graphite web interface of the Policy and Charging Rules Function (PCRF) of Cisco Policy Suite (CPS) could allow an unauthenticated, remote attacker to access the Graphite web in... | N/A | NONE | β | 0 |
| CVE-2018-15467 A vulnerability in the web-based management interface of Cisco TelePresence Management Suite (TMS) could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack agains... | N/A | NONE | β | 0 |
| CVE-2019-6135 An issue has been found in libIEC61850 v1.3.1. Memory_malloc in hal/memory/lib_memory.c has a memory leak when called from Asn1PrimitiveValue_create in mms/asn1/asn1_ber_primitive_value.c, as demonstr... | N/A | NONE | β | 0 |
| CVE-2019-6136 An issue has been found in libIEC61850 v1.3.1. Ethernet_setProtocolFilter in hal/ethernet/linux/ethernet_linux.c has a SEGV, as demonstrated by sv_subscriber_example.c and sv_subscriber.c. | N/A | NONE | β | 0 |
| CVE-2019-6138 An issue has been found in libIEC61850 v1.3.1. Memory_malloc and Memory_calloc in hal/memory/lib_memory.c have memory leaks when called from mms/iso_mms/common/mms_value.c, server/mms_mapping/mms_mapp... | N/A | NONE | β | 0 |
| CVE-2016-4642 In iOS before 9.3.3, tvOS before 9.2.2, and OS X El Capitan before v10.11.6 and Security Update 2016-004, proxy authentication incorrectly reported HTTP proxies received credentials securely. This iss... | N/A | NONE | β | 0 |
| CVE-2016-4643 In iOS before 9.3.3, tvOS before 9.2.2, and OS X El Capitan before v10.11.6 and Security Update 2016-004, a validation issue existed in the parsing of 407 responses. This issue was addressed through i... | N/A | NONE | β | 0 |
| CVE-2016-4644 In iOS before 9.3.3, tvOS before 9.2.2, and OS X El Capitan before v10.11.6 and Security Update 2016-004, a downgrade issue existed with HTTP authentication credentials saved in Keychain. This issue w... | N/A | NONE | β | 0 |
| CVE-2016-7576 In iOS before 9.3.3, a memory corruption issue existed in the kernel. This issue was addressed through improved memory handling. | N/A | NONE | β | 0 |
| CVE-2017-13886 In macOS High Sierra before 10.13.2, an access issue existed with privileged WiFi system configuration. This issue was addressed with additional restrictions. | N/A | NONE | β | 0 |
| CVE-2017-13887 In macOS High Sierra before 10.13.2, a logic issue existed in APFS when deleting keys during hibernation. This was addressed with improved state management. | N/A | NONE | β | 0 |
| CVE-2018-4147 In iCloud for Windows before 7.3, Safari before 11.0.3, iTunes before 12.7.3 for Windows, and iOS before 11.2.5, multiple memory corruption issues exist and were addressed with improved memory handlin... | N/A | NONE | β | 0 |
| CVE-2018-4169 In macOS High Sierra before 10.13.3, Security Update 2018-001 Sierra, and Security Update 2018-001 El Capitan, an out-of-bounds read was addressed with improved input validation. | N/A | NONE | β | 0 |
| CVE-2018-4179 In macOS High Sierra before 10.13.4, there was an issue with the handling of smartcard PINs. This issue was addressed with additional logic. | N/A | NONE | β | 0 |
| CVE-2018-4180 In macOS High Sierra before 10.13.5, an issue existed in CUPS. This issue was addressed with improved access restrictions. | N/A | NONE | β | 0 |
| CVE-2018-4181 In macOS High Sierra before 10.13.5, an issue existed in CUPS. This issue was addressed with improved access restrictions. | N/A | NONE | β | 0 |
| CVE-2018-4182 In macOS High Sierra before 10.13.5, an access issue was addressed with additional sandbox restrictions on CUPS. | N/A | NONE | β | 0 |
| CVE-2018-4183 In macOS High Sierra before 10.13.5, an access issue was addressed with additional sandbox restrictions. | N/A | NONE | β | 0 |
| CVE-2018-4185 In iOS before 11.3, tvOS before 11.3, watchOS before 4.3, and macOS before High Sierra 10.13.4, an information disclosure issue existed in the transition of program state. This issue was addressed wit... | N/A | NONE | β | 0 |
| CVE-2018-4186 In Safari before 11.1, an information leakage issue existed in the handling of downloads in Safari Private Browsing. This issue was addressed with additional validation. | N/A | NONE | β | 0 |
| CVE-2018-4189 In iOS before 11.2.5, macOS High Sierra before 10.13.3, Security Update 2018-001 Sierra, and Security Update 2018-001 El Capitan, watchOS before 4.2.2, and tvOS before 11.2.5, a memory corruption issu... | N/A | NONE | β | 0 |
| CVE-2018-4194 In iOS before 11.4, iCloud for Windows before 7.5, watchOS before 4.3.1, iTunes before 12.7.5 for Windows, and macOS High Sierra before 10.13.5, an out-of-bounds read was addressed with improved input... | N/A | NONE | β | 0 |
| CVE-2018-4207 In iOS before 11.3, Safari before 11.1, iCloud for Windows before 7.4, tvOS before 11.3, watchOS before 4.3, iTunes before 12.7.4 for Windows, unexpected interaction causes an ASSERT failure. This iss... | N/A | NONE | β | 0 |
| CVE-2018-4208 In iOS before 11.3, Safari before 11.1, iCloud for Windows before 7.4, tvOS before 11.3, watchOS before 4.3, iTunes before 12.7.4 for Windows, unexpected interaction causes an ASSERT failure. This iss... | N/A | NONE | β | 0 |
| CVE-2018-4209 In iOS before 11.3, Safari before 11.1, iCloud for Windows before 7.4, tvOS before 11.3, watchOS before 4.3, iTunes before 12.7.4 for Windows, unexpected interaction causes an ASSERT failure. This iss... | N/A | NONE | β | 0 |
| CVE-2018-4210 In iOS before 11.3, Safari before 11.1, tvOS before 11.3, watchOS before 4.3, iTunes before 12.7.4 for Windows, an array indexing issue existed in the handling of a function in javascript core. This i... | N/A | NONE | β | 0 |
| CVE-2018-4330 In iOS before 11.4, a memory corruption issue exists and was addressed with improved memory handling. | N/A | NONE | β | 0 |
| CVE-2018-4212 In iOS before 11.3, Safari before 11.1, iCloud for Windows before 7.4, tvOS before 11.3, watchOS before 4.3, iTunes before 12.7.4 for Windows, unexpected interaction causes an ASSERT failure. This iss... | N/A | NONE | β | 0 |
This product uses data from the NVD API but is not endorsed or certified by the NVD.