LiveActive security incident?Get immediate response
CVE archive

November 2018

Browse CVE records published in November 2018, with severity, affected products, CWE, KEV, and source-backed vulnerability context.

Showing 50 of 1090 matching CVEs · Page 2 of 22.

High · CVSS 7.8

CVE-2018-9371: In the Mediatek Preloader, there are out of bounds reads and writes due to an exposed interface that allows...

In the Mediatek Preloader, there are out of bounds reads and writes due to an exposed interface that allows arbitrary peripheral memory mapping with insufficient blacklisting/whitelisting. This could lead to local elevation of privilege, given physical access to the device with no additional execution privileges needed. User interaction is needed for exploitation.

Published Nov 19, 2024 · Updated Nov 20, 2024

High · CVSS 7.5

CVE-2018-9475: In HeadsetInterface::ClccResponse of btif_hf.cc, there is a possible out of bounds stack write due to a mis...

In HeadsetInterface::ClccResponse of btif_hf.cc, there is a possible out of bounds stack write due to a missing bounds check. This could lead to remote escalation of privilege via Bluetooth, if the recipient has enabled SIP calls with no additional execution privileges needed. User interaction is not needed for exploitation.

Published Nov 20, 2024 · Updated Nov 20, 2024

High · CVSS 7.8

CVE-2018-9432: In createPhonebookDialogView and createMapDialogView of BluetoothPermissionActivity.java, there is a possib...

In createPhonebookDialogView and createMapDialogView of BluetoothPermissionActivity.java, there is a possible permissions bypass. This could lead to local escalation of privilege due to hiding and bypassing the user's ability to disable access to contacts, with no additional execution privileges needed. User interaction is needed for exploitation.

Published Nov 19, 2024 · Updated Nov 20, 2024

Unknown · CVSS Not scored

CVE-2018-9195: Use of a hardcoded cryptographic key in the FortiGuard services communication protocol may allow a Man in t...

Use of a hardcoded cryptographic key in the FortiGuard services communication protocol may allow a Man in the middle with knowledge of the key to eavesdrop on and modify information (URL/SPAM services in FortiOS 5.6, and URL/SPAM/AV services in FortiOS 6.0.; URL rating in FortiClient) sent and received from Fortiguard severs by decrypting these messages. Affected products include FortiClient for Windows 6.0.6 and below, FortiOS 6.0.7 and below, FortiClient for Mac OS 6.2.1 and below.

Published Nov 21, 2019 · Updated Oct 25, 2024

Unknown · CVSS Not scored

CVE-2018-9445: In readMetadata of Utils.cpp, there is a possible path traversal bug due to a confused deputy.

In readMetadata of Utils.cpp, there is a possible path traversal bug due to a confused deputy. This could lead to local escalation of privilege when mounting a USB device with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-6.0 Android-6.0.1 Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android ID: A-80436257.

Published Nov 6, 2018 · Updated Sep 17, 2024

Unknown · CVSS Not scored

CVE-2018-9385: In driver_override_store of bus.c, there is a possible out of bounds write due to an incorrect bounds check.

In driver_override_store of bus.c, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android kernel Android ID: A-74128061 References: Upstream kernel.

Published Nov 6, 2018 · Updated Sep 17, 2024

High · CVSS 7.5

CVE-2018-3948: An exploitable denial-of-service vulnerability exists in the URI-parsing functionality of the TP-Link TL-R6...

An exploitable denial-of-service vulnerability exists in the URI-parsing functionality of the TP-Link TL-R600VPN HTTP server. A specially crafted URL can cause the server to stop responding to requests, resulting in downtime for the management portal. An attacker can send either an unauthenticated or authenticated web request to trigger this vulnerability.

Published Nov 30, 2018 · Updated Sep 17, 2024