Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

cve-2018-13379 vulnerabilities and exploits

(subscribe to this query)

5
CVSSv2
CVE-2020-24659
An issue was discovered in GnuTLS before 3.6.15. A server can trigger a NULL pointer dereference in a TLS 1.3 client if a no_renegotiation alert is sent with unexpected timing, and then an invalid second handshake occurs. The crash happens in the application's error...
Gnu GnutlsFedoraproject Fedora 32
4.3
CVSSv2
CVE-2020-1971
The X.509 GeneralName type is a generic type for representing different types of names. One of those name types is known as EDIPartyName. OpenSSL provides a function GENERAL_NAME_cmp which compares different instances of a GENERAL_NAME to see if they are equal or not. This...
Openssl OpensslDebian Debian Linux 9.0Debian Debian Linux 10.0Fedoraproject Fedora 32Fedoraproject Fedora 33Oracle Enterprise Manager Base Platform 13.3.0.0Oracle Enterprise Manager Base Platform 13.4.0.0Oracle Graalvm 19.3.4Oracle Graalvm 20.3.0Oracle MysqlNetapp Clustered Data Ontap Antivirus Connector -Netapp Data Ontap -Netapp E-series Santricity Os ControllerNetapp Hci Management Node -Netapp Manageability Software Development Kit -Netapp Plug-in For Symantec Netbackup -Netapp Santricity Smi-s Provider -Netapp Solidfire -Netapp Hci Compute Node -Netapp Hci Storage Node -Netapp Ef600a Firmware -Netapp Aff A250 Firmware -
3.5
CVSSv2
CVE-2019-1076
A Cross-site Scripting (XSS) vulnerability exists when Team Foundation Server does not properly sanitize user provided input, aka 'Team Foundation Server Cross-site Scripting Vulnerability'....
Microsoft Team Foundation Server 2018Microsoft Azure Devops Server 2019.0.1
6.8
CVSSv2
CVE-2018-4946
Adobe Photoshop CC versions 19.1.3 and earlier, 18.1.3 and earlier, and 18.1.2 and earlier have an Out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution in the context of the current user....
Adobe Photoshop Cc
7.2
CVSSv2
CVE-2018-18327
A KERedirect Untrusted Pointer Dereference Privilege Escalation vulnerability in Trend Micro Antivirus for Mac (Consumer) 7.0 (2017) and above could allow a local attacker to escalate privileges on vulnerable installations. The issue results from the lack of proper validation...
Trendmicro Antivirus For Mac 2017Trendmicro Antivirus For Mac 2018Trendmicro Antivirus For Mac 2019
7.2
CVSSv2
CVE-2018-18328
A KERedirect Untrusted Pointer Dereference Privilege Escalation vulnerability in Trend Micro Antivirus for Mac (Consumer) 7.0 (2017) and above could allow a local attacker to escalate privileges on vulnerable installations. The issue results from the lack of proper validation...
Trendmicro Antivirus For Mac 2017Trendmicro Antivirus For Mac 2018Trendmicro Antivirus For Mac 2019
7.2
CVSSv2
CVE-2018-18329
A KERedirect Untrusted Pointer Dereference Privilege Escalation vulnerability in Trend Micro Antivirus for Mac (Consumer) 7.0 (2017) and above could allow a local attacker to escalate privileges on vulnerable installations. The issue results from the lack of proper validation...
Trendmicro Antivirus For Mac 2017Trendmicro Antivirus For Mac 2018Trendmicro Antivirus For Mac 2019
7.2
CVSSv2
CVE-2018-15366
A UrlfWTPPagePtr KERedirect Use-After-Free Privilege Escalation vulnerability in Trend Micro Antivirus for Mac (Consumer) 7.0 (2017) and above could allow a local attacker to escalate privileges on vulnerable installations. An attacker must first obtain the ability to execute...
Trendmicro Antivirus For Mac 2017Trendmicro Antivirus For Mac 2018Trendmicro Antivirus For Mac 2019
7.2
CVSSv2
CVE-2018-15367
A ctl_set KERedirect Untrusted Pointer Dereference Privilege Escalation vulnerability in Trend Micro Antivirus for Mac (Consumer) 7.0 (2017) and above could allow a local attacker to escalate privileges on vulnerable installations. An attacker must first obtain the ability to...
Trendmicro Antivirus For Mac 2017Trendmicro Antivirus For Mac 2018Trendmicro Antivirus For Mac 2019
9
CVSSv2
CVE-2019-0971
An information disclosure vulnerability exists when Azure DevOps Server and Microsoft Team Foundation Server do not properly sanitize a specially crafted authentication request to an affected server, aka 'Azure DevOps Server and Team Foundation Server Information Disclosure...
Microsoft Team Foundation Server 2018Microsoft Azure Devops Server 2019
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-24686CVE-2021-21298CVE-2021-69420server-side request forgeryCVE-2021-23957microsoftSSTI.netSQLCVE-2021-21273CVE-2021-25281