• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors

CWE-732

CVE-2018-18435

February 26, 2023 by

KioWare Server version 4.9.6 and older installs by default to “C:kioware_com” with weak folder permissions granting any user full permission “Everyone: (F)” to the contents of the directory and it’s sub-folders. In addition, the program installs a service called “KWSService” which runs as “Localsystem”, this will allow any user to escalate privileges to “NT AUTHORITYSYSTEM” by substituting the service’s binary with a malicious one.

CVE-2018-18349

February 26, 2023 by

Remote frame navigations was incorrectly permitted to local resources in Blink in Google Chrome prior to 71.0.3578.80 allowed an attacker who convinced a user to install a malicious extension to access files on the local file system via a crafted Chrome Extension.

CVE-2018-18352

February 26, 2023 by

Service works could inappropriately gain access to cross origin audio in Media in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to bypass same origin policy for audio content via a crafted HTML page.

CVE-2018-18331

February 26, 2023 by

A Trend Micro OfficeScan XG weak file permissions vulnerability on a particular folder for a particular group may allow an attacker to alter the files, which could lead to other exploits on vulnerable installations.

CVE-2018-18332

February 26, 2023 by

A Trend Micro OfficeScan XG weak file permissions vulnerability may allow an attacker to potentially manipulate permissions on some key files to modify other files and folders on vulnerable installations.

CVE-2018-18254

February 26, 2023 by

An issue was discovered in CapMon Access Manager 5.4.1.1005. An unprivileged user can read the cal_whitelist table in the Custom App Launcher (CAL) database, and potentially gain privileges by placing a Trojan horse program at an app pathname.

  • « Go to Previous Page
  • Go to page 1
  • Interim pages omitted …
  • Go to page 15
  • Go to page 16
  • Go to page 17
  • Go to page 18
  • Go to page 19
  • Interim pages omitted …
  • Go to page 144
  • Go to Next Page »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE