CVE-2018-20698

The floragunn Search Guard plugin before 6.x-16 for Kibana allows URL injection for login redirects on the login page when basePath is set.

Publication date: Tue, 09 Apr 2019 23:29:00 +0000

Cyber News related to CVE-2018-20698

CVE-2018-1000672 - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2018-16391, CVE-2018-16392, CVE-2018-16393, CVE-2018-16418, CVE-2018-16419, CVE-2018-16420, CVE-2018-16421, CVE-2018-16422, CVE-2018-16423, CVE-2018-16424, CVE-2018-16425, ...
54 years ago Tenable.com

CVE-2018-20698 - The floragunn Search Guard plugin before 6.x-16 for Kibana allows URL injection for login redirects on the login page when basePath is set. ...
3 years ago

Patch Now: Critical Windows Kerberos Bug Bypasses Microsoft Security - Microsoft eased enterprise security teams into 2024 with a relatively light January security update consisting of patches for 48 unique CVEs, just two of which the company identified as being of critical severity. For the second straight month, ...
5 months ago Darkreading.com

Microsoft starts off new year with relatively light Patch Tuesday, no zero-days - Microsoft followed up one of the lightest recent Patch Tuesdays in December with another month of no zero-day vulnerabilities and only two critical issues. Many of the company's monthly security updates in 2023 included vulnerabilities that were ...
5 months ago Blog.talosintelligence.com

CVE-2022-20698 - A vulnerability in the OOXML parsing module in Clam AntiVirus (ClamAV) Software version 0.104.1 and LTS version 0.103.4 and prior versions could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. ...
9 months ago

CVE-2019-20698 - Certain NETGEAR devices are affected by disclosure of sensitive information. This affects WAC505 before 8.0.5.5 and WAC510 before 8.0.5.5. ...
2 years ago

CVE-2020-20698 - A remote code execution (RCE) vulnerability in /1.com.php of S-CMS PHP v3.0 allows attackers to getshell via modification of a PHP file. ...
2 years ago

CVE-2023-20698 - In keyinstall, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07589144; ...
1 year ago

CVE-2024-20698 - Windows Kernel Elevation of Privilege Vulnerability ...
5 months ago Tenable.com

CVE-2021-20698 - Sharp NEC Displays (UN462A R1.300 and prior to it, UN462VA R1.300 and prior to it, UN492S R1.300 and prior to it, UN492VS R1.300 and prior to it, UN552A R1.300 and prior to it, UN552S R1.300 and prior to it, UN552VS R1.300 and prior to it, UN552 ...
1 year ago

CVE-2018-0912 - Microsoft Project Server 2013 SP1 and Microsoft SharePoint Enterprise Server 2016 allow an elevation of privilege vulnerability to due how specially crafted web requests are sanitized, aka "Microsoft SharePoint Elevation of Privilege ...
4 years ago

CVE-2018-0923 - Microsoft SharePoint Enterprise Server 2016 allows an elevation of privilege vulnerability to due how specially crafted web requests are sanitized, aka "Microsoft SharePoint Elevation of Privilege Vulnerability". This CVE is unique from ...
4 years ago

CVE-2018-0916 - Microsoft Project Server 2013 SP1 and Microsoft SharePoint Enterprise Server 2016 allow an elevation of privilege vulnerability to due how specially crafted web requests are sanitized, aka "Microsoft SharePoint Elevation of Privilege ...
4 years ago

CVE-2018-0914 - Microsoft Project Server 2013 SP1 and Microsoft SharePoint Enterprise Server 2016 allow an elevation of privilege vulnerability to due how specially crafted web requests are sanitized, aka "Microsoft SharePoint Elevation of Privilege ...
4 years ago

CVE-2018-0921 - Microsoft SharePoint Enterprise Server 2016 allows an elevation of privilege vulnerability to due how specially crafted web requests are sanitized, aka "Microsoft SharePoint Elevation of Privilege Vulnerability". This CVE is unique from ...
4 years ago

CVE-2018-0909 - Microsoft Project Server 2013 SP1 and Microsoft SharePoint Enterprise Server 2016 allow an elevation of privilege vulnerability to due how specially crafted web requests are sanitized, aka "Microsoft SharePoint Elevation of Privilege ...
4 years ago

CVE-2018-0911 - Microsoft Project Server 2013 SP1 and Microsoft SharePoint Enterprise Server 2016 allow an elevation of privilege vulnerability to due how specially crafted web requests are sanitized, aka "Microsoft SharePoint Elevation of Privilege ...
4 years ago

CVE-2018-0947 - Microsoft SharePoint Foundation 2013 SP1 and Microsoft SharePoint Enterprise Server 2016 allow an elevation of privilege vulnerability to due how specially crafted web requests are sanitized, aka "Microsoft SharePoint Elevation of Privilege ...
4 years ago

CVE-2018-0917 - Microsoft SharePoint Enterprise Server 2016 allows an elevation of privilege vulnerability to due how specially crafted web requests are sanitized, aka "Microsoft SharePoint Elevation of Privilege Vulnerability". This CVE is unique from ...
4 years ago

CVE-2018-0910 - Microsoft Project Server 2013 SP1 and Microsoft SharePoint Enterprise Server 2016 allow an elevation of privilege vulnerability to due how specially crafted web requests are sanitized, aka "Microsoft SharePoint Elevation of Privilege ...
4 years ago

CVE-2018-0944 - Microsoft Project Server 2013 SP1 and Microsoft SharePoint Enterprise Server 2016 allows an elevation of privilege vulnerability to due how specially crafted web requests are sanitized, aka "Microsoft SharePoint Elevation of Privilege ...
4 years ago

CVE-2018-0913 - Microsoft Project Server 2013 SP1 and Microsoft SharePoint Enterprise Server 2016 allow an elevation of privilege vulnerability to due how specially crafted web requests are sanitized, aka "Microsoft SharePoint Elevation of Privilege ...
4 years ago

CVE-2018-0769 - Microsoft Edge in Windows 10 Gold, 1511, 1607, 1703, 1709, and Windows Server 2016 allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine ...
3 years ago

CVE-2018-0778 - Microsoft Edge in Windows 10 1709 allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID ...
3 years ago

CVE-2018-0773 - Microsoft Edge in Windows 10 1709 allows an attacker to execute arbitrary code in the context of the current user, due to how the scripting engine handles objects in memory, aka "Scripting Engine Memory Corruption Vulnerability". This CVE ID ...
3 years ago

Latest Cyber News

CVE-2024-39475 - 44 seconds ago
CVE-2024-4467 - 44 seconds ago
CVE-2020-19909 - 44 seconds ago
CVE-2024-5971 - 2 hours ago
CVE-2024-38372 - 2 hours ago
CVE-2024-21778 - 2 hours ago
CVE-2024-6580 - 4 hours ago
CVE-2024-6227 - 4 hours ago
CVE-2024-6409 - 5 hours ago
CVE-2024-4882 - 5 hours ago
CVE-2024-39896 - 5 hours ago
CVE-2024-1305 - 5 hours ago
CVE-2024-6387 - 5 hours ago
CVE-2024-1394 - 5 hours ago
CVE-2023-6356 - 5 hours ago
CVE-2023-6536 - 5 hours ago
CVE-2023-6535 - 5 hours ago
CVE-2023-5981 - 5 hours ago
CVE-2024-0646 - 5 hours ago
CVE-2024-0567 - 5 hours ago

Cyber Trends (last 7 days)

Okta - 7 months ago
23andMe - 7 months ago
Kimsuky - 7 months ago
LogoFAIL - 7 months ago
Gh0st rat - 7 months ago

Trending Cyber News (last 7 days)

CVE-2024-5971 - 2 hours ago
CVE-2024-38372 - 2 hours ago
CVE-2024-6409 - 5 hours ago
CVE-2024-4882 - 5 hours ago
CVE-2024-39896 - 5 hours ago
CVE-2024-1305 - 5 hours ago
CVE-2024-6580 - 4 hours ago
CVE-2024-6227 - 4 hours ago
CVE-2023-49593 - 7 hours ago
CVE-2023-49073 - 7 hours ago
CVE-2023-47856 - 7 hours ago
CVE-2023-47677 - 7 hours ago
CVE-2023-45742 - 7 hours ago
CVE-2023-45215 - 7 hours ago
CVE-2023-41251 - 7 hours ago
CVE-2023-34435 - 7 hours ago
CVE-2024-6564 - 7 hours ago
CVE-2024-6563 - 7 hours ago
CVE-2024-39699 - 7 hours ago
CVE-2024-39695 - 7 hours ago