Vulnerabilities (CVE)

CWE filter

CWE-284

Filter

2960 total CVE
CVE Vendors Products Updated CVSS
CVE-2018-14636 1 Openstack 1 Neutron 2018-12-08 3.5
Live-migrated instances are briefly able to inspect traffic for other instances on the same hypervisor. This brief window could be extended indefinitely if the instance's port is set administratively down prior to live-migration and kept down...
CVE-2017-18305 1 Qualcomm 7 Mdm9206 Firmware, Mdm9607 Firmware, Mdm9650 Firmware and 4 more 2018-12-07 6.9
XBL sec mem dump system call allows complete control of EL3 by unlocking all XPUs if enable fuse is not blown in Snapdragon Mobile, Snapdragon Wear in version MDM9206, MDM9607, MDM9650, SD 210/SD 212/SD 205, SD 835.
CVE-2018-11951 1 Qualcomm 2 Sd 845 Firmware, Sd 850 Firmware 2018-12-07 4.9
Improper access control in core module lead XBL_LOADER performs the ZI region clear for QTEE instead of XBL_SEC in Snapdragon Mobile in version SD 845, SD 850.
CVE-2018-19539 2 Jasper Project, Suse 3 Jasper, Linux Enterprise Desktop, Linux Enterprise Server 2018-12-07 4.3
An issue was discovered in JasPer 2.0.14. There is an access violation in the function jas_image_readcmpt in libjasper/base/jas_image.c, leading to a denial of service.
CVE-2018-17908 1 Advantech 1 Webaccess 2018-12-06 7.2
WebAccess Versions 8.3.2 and prior. During installation, the application installer disables user access control and does not re-enable it after the installation is complete. This could allow an attacker to run elevated arbitrary code.
CVE-2017-18299 1 Qualcomm 19 Mdm9206 Firmware, Mdm9607 Firmware, Mdm9650 Firmware and 16 more 2018-12-06 4.9
Improper translation table consolidation logic leads to resource exhaustion and QSEE error in Snapdragon Automobile, Snapdragon Mobile and Snapdragon Wear in version MDM9206, MDM9607, MDM9650, MSM8996AU, SD 210/SD 212/SD 205, SD 425, SD 430, SD...
CVE-2017-18282 1 Qualcomm 14 Mdm9206 Firmware, Mdm9607 Firmware, Mdm9650 Firmware and 11 more 2018-12-06 7.2
Non-secure SW can cause SDCC to generate secure bus accesses, which may expose RPM access in Snapdragon Mobile, Snapdragon Wear in version MDM9206, MDM9607, MDM9650, SD 210/SD 212/SD 205, SD 425, SD 430, SD 450, SD 625, SD 650/52, SD 835, SDA660.
CVE-2017-18293 1 Qualcomm 14 Mdm9206 Firmware, Mdm9607 Firmware, Mdm9650 Firmware and 11 more 2018-12-06 7.2
When a particular GPIO is protected by blocking access to the corresponding GPIO resource registers, the protection can be bypassed using the corresponding banked GPIO registers instead in Snapdragon Mobile, Snapdragon Wear in version MDM9206,...
CVE-2017-18296 1 Qualcomm 24 Mdm9206 Firmware, Mdm9607 Firmware, Mdm9650 Firmware and 21 more 2018-12-06 7.2
Access control on applications is not applied while accessing SafeSwitch services can lead to improper access in Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear in version MDM9206, MDM9607, MDM9650, MSM8909W, MSM8996AU, SD 210/SD 212/SD...
CVE-2018-17871 2018-12-06 4.0
Verba Collaboration Compliance and Quality Management Platform before 9.2.1.5545 has Incorrect Access Control.
CVE-2018-11786 2018-12-06 9.0
In Apache Karaf prior to 4.2.0 release, if the sshd service in Karaf is left on so an administrator can manage the running instance, any user with rights to the Karaf console can pivot and read/write any file on the file system to which the Karaf...
CVE-2018-17972 2 Canonical, Linux 2 Ubuntu Linux, Linux Kernel 2018-12-06 4.9
An issue was discovered in the proc_pid_stack function in fs/proc/base.c in the Linux kernel through 4.18.11. It does not ensure that only root may inspect the kernel stack of an arbitrary task, allowing a local attacker to exploit racy stack...
CVE-2018-1850 1 Ibm 1 Security Access Manager 2018-12-06 8.5
IBM Security Access Manager Appliance 9.0.3.1, 9.0.4.0 and 9.0.5.0 could allow unauthorized administration operations when Advanced Access Control services are running. IBM X-Force ID: 150998.
CVE-2018-3214 2 Oracle, Redhat 7 Jdk, Jre, Jrockit and 4 more 2018-12-06 5.0
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Sound). Supported versions that are affected are Java SE: 6u201, 7u191 and 8u182; Java SE Embedded: 8u181; JRockit: R28.3.19. Easily exploitable...
CVE-2018-3180 2 Oracle, Redhat 7 Jdk, Jre, Jrockit and 4 more 2018-12-06 6.8
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JSSE). Supported versions that are affected are Java SE: 6u201, 7u191, 8u182 and 11; Java SE Embedded: 8u181; JRockit: R28.3.19. Difficult to...
CVE-2018-3169 2 Oracle, Redhat 6 Jdk, Jre, Enterprise Linux Desktop and 3 more 2018-12-06 5.1
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Hotspot). Supported versions that are affected are Java SE: 7u191, 8u182 and 11; Java SE Embedded: 8u181. Difficult to exploit vulnerability allows...
CVE-2018-3149 2 Oracle, Redhat 7 Jdk, Jre, Jrockit and 4 more 2018-12-06 5.1
Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JNDI). Supported versions that are affected are Java SE: 6u201, 7u191, 8u182 and 11; Java SE Embedded: 8u181; JRockit: R28.3.19. Difficult to...
CVE-2018-3139 2 Oracle, Redhat 6 Jdk, Jre, Enterprise Linux Desktop and 3 more 2018-12-06 2.6
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Networking). Supported versions that are affected are Java SE: 6u201, 7u191, 8u182 and 11; Java SE Embedded: 8u181. Difficult to exploit vulnerability...
CVE-2018-3136 2 Oracle, Redhat 6 Jdk, Jre, Enterprise Linux Desktop and 3 more 2018-12-06 2.6
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Security). Supported versions that are affected are Java SE: 6u201, 7u191, 8u182 and 11; Java SE Embedded: 8u181. Difficult to exploit vulnerability allows...
CVE-2018-17448 1 Citrix 1 Sd-wan 2018-12-04 7.5
An Incorrect Access Control issue was discovered in Citrix SD-WAN 10.1.0 and NetScaler SD-WAN 9.3.x before 9.3.6 and 10.0.x before 10.0.4.