NVD

CVE-2018-18386

NVD Vulnerabilities - Wed, 10/17/2018 - 16:29
drivers/tty/n_tty.c in the Linux kernel before 4.14.11 allows local attackers (who are able to access pseudo terminals) to hang/block further usage of any pseudo terminal devices due to an EXTPROC versus ICANON confusion in TIOCINQ.
Categories: NVD

CVE-2018-0388

NVD Vulnerabilities - Wed, 10/17/2018 - 15:29
A vulnerability in the web-based interface of Cisco Wireless LAN Controller (WLC) Software could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against the user of the web-based interface of an affected system. The vulnerability is due to insufficient validation of user-supplied input by the web-based interface. An attacker could exploit this vulnerability by persuading a user to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the interface or allow the attacker to access sensitive browser-based information.
Categories: NVD

CVE-2018-0395

NVD Vulnerabilities - Wed, 10/17/2018 - 15:29
A vulnerability in the Link Layer Discovery Protocol (LLDP) implementation for Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition when the device unexpectedly reloads. The vulnerability is due to improper input validation of certain type, length, value (TLV) fields of the LLDP frame header. An attacker could exploit this vulnerability by sending a crafted LLDP packet to an interface on the targeted device. A successful exploit could allow the attacker to cause the switch to reload unexpectedly.
Categories: NVD

CVE-2018-0416

NVD Vulnerabilities - Wed, 10/17/2018 - 15:29
A vulnerability in the web-based interface of Cisco Wireless LAN Controller (WLC) Software could allow an unauthenticated, remote attacker to view system information that under normal circumstances should be prohibited. The vulnerability is due to incomplete input and validation checking mechanisms in the web-based interface URL request. An attacker could exploit this vulnerability by requesting specific URLs via the web-based interface. A successful exploit could allow the attacker to view sensitive system information.
Categories: NVD

CVE-2018-18443

NVD Vulnerabilities - Wed, 10/17/2018 - 15:29
OpenEXR 2.3.0 has a memory leak in ThreadPool in IlmBase/IlmThread/IlmThreadPool.cpp, as demonstrated by exrmultiview.
Categories: NVD

CVE-2018-18444

NVD Vulnerabilities - Wed, 10/17/2018 - 15:29
makeMultiView.cpp in exrmultiview in OpenEXR 2.3.0 has an out-of-bounds write, leading to an assertion failure or possibly unspecified other impact.
Categories: NVD

CVE-2018-18445

NVD Vulnerabilities - Wed, 10/17/2018 - 15:29
In the Linux kernel 4.14.x, 4.15.x, 4.16.x, 4.17.x, and 4.18.x before 4.18.13, faulty computation of numeric bounds in the BPF verifier permits out-of-bounds memory accesses because adjust_scalar_min_max_vals in kernel/bpf/verifier.c mishandles 32-bit right shifts.
Categories: NVD

CVE-2018-15616

NVD Vulnerabilities - Wed, 10/17/2018 - 14:29
A vulnerability in the Web UI component of Avaya Aura System Platform could allow a remote, unauthenticated user to perform a targeted deserialization attack that could result in remote code execution. Affected versions of System Platform includes 6.3.0 through 6.3.9 and 6.4.0 through 6.4.2.
Categories: NVD

CVE-2018-15969

NVD Vulnerabilities - Wed, 10/17/2018 - 14:29
Adobe Experience Manager versions 6.4, 6.3, 6.2, 6.1, and 6.0 have a stored cross-site scripting vulnerability. Successful exploitation could lead to sensitive information disclosure.
Categories: NVD

CVE-2018-15970

NVD Vulnerabilities - Wed, 10/17/2018 - 14:29
Adobe Experience Manager versions 6.4, 6.3, 6.2, 6.1, and 6.0 have a reflected cross-site scripting vulnerability. Successful exploitation could lead to sensitive information disclosure.
Categories: NVD

CVE-2018-15971

NVD Vulnerabilities - Wed, 10/17/2018 - 14:29
Adobe Experience Manager versions 6.4, 6.3, 6.2, 6.1, and 6.0 have a reflected cross-site scripting vulnerability. Successful exploitation could lead to sensitive information disclosure.
Categories: NVD

CVE-2018-15972

NVD Vulnerabilities - Wed, 10/17/2018 - 14:29
Adobe Experience Manager versions 6.4, 6.3, 6.2, 6.1, and 6.0 have a stored cross-site scripting vulnerability. Successful exploitation could lead to sensitive information disclosure.
Categories: NVD

CVE-2018-15973

NVD Vulnerabilities - Wed, 10/17/2018 - 14:29
Adobe Experience Manager versions 6.4, 6.3, 6.2, 6.1, and 6.0 have a stored cross-site scripting vulnerability. Successful exploitation could lead to sensitive information disclosure.
Categories: NVD

CVE-2018-15974

NVD Vulnerabilities - Wed, 10/17/2018 - 14:29
Adobe Framemaker versions 1.0.5.1 and below have an insecure library loading (dll hijacking) vulnerability. Successful exploitation could lead to privilege escalation.
Categories: NVD

CVE-2018-15976

NVD Vulnerabilities - Wed, 10/17/2018 - 14:29
Adobe Technical Communications Suite versions 1.0.5.1 and below have an insecure library loading (dll hijacking) vulnerability. Successful exploitation could lead to privilege escalation.
Categories: NVD

CVE-2018-12813

NVD Vulnerabilities - Wed, 10/17/2018 - 14:29
Adobe Digital Editions versions 4.5.8 and below have a heap overflow vulnerability. Successful exploitation could lead to arbitrary code execution.
Categories: NVD

CVE-2018-12814

NVD Vulnerabilities - Wed, 10/17/2018 - 14:29
Adobe Digital Editions versions 4.5.8 and below have a heap overflow vulnerability. Successful exploitation could lead to arbitrary code execution.
Categories: NVD

CVE-2018-12816

NVD Vulnerabilities - Wed, 10/17/2018 - 14:29
Adobe Digital Editions versions 4.5.8 and below have an out of bounds read vulnerability. Successful exploitation could lead to information disclosure.
Categories: NVD

CVE-2018-12818

NVD Vulnerabilities - Wed, 10/17/2018 - 14:29
Adobe Digital Editions versions 4.5.8 and below have an out of bounds read vulnerability. Successful exploitation could lead to information disclosure.
Categories: NVD

CVE-2018-12819

NVD Vulnerabilities - Wed, 10/17/2018 - 14:29
Adobe Digital Editions versions 4.5.8 and below have an out of bounds read vulnerability. Successful exploitation could lead to information disclosure.
Categories: NVD