• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors

NVD-CWE-noinfo

CVE-2018-3920

February 26, 2023 by

An exploitable code execution vulnerability exists in the firmware update functionality of the Yi Home Camera 27US 1.8.7.0D. A specially crafted 7-Zip file can cause a CRC collision, resulting in a firmware update and code execution. An attacker can insert an SDcard to trigger this vulnerability.

CVE-2018-3934

February 26, 2023 by

An exploitable code execution vulnerability exists in the firmware update functionality of Yi Home Camera 27US 1.8.7.0D. A specially crafted set of UDP packets can cause a logic flaw, resulting in an authentication bypass. An attacker can sniff network traffic and send a set of packets to trigger this vulnerability.

CVE-2018-3833

February 26, 2023 by

An exploitable firmware downgrade vulnerability exists in Insteon Hub running firmware version 1013. The firmware upgrade functionality, triggered via PubNub, retrieves signed firmware binaries using plain HTTP requests. The device doesn’t check the firmware version that is going to be installed and thus allows for flashing older firmware images. To trigger this vulnerability, an attacker needs to impersonate the remote server ‘cache.insteon.com’ and serve any signed firmware image.

CVE-2018-3779

February 26, 2023 by

active-support ruby gem 5.2.0 could allow a remote attacker to execute arbitrary code on the system, caused by containing a malicious backdoor. An attacker could exploit this vulnerability to execute arbitrary code on the system.

CVE-2018-3767

February 26, 2023 by

`memjs` versions <= 1.1.0 allocates and stores buffers on typed input, resulting in DoS and uninitialized memory usage.

CVE-2018-3718

February 26, 2023 by

serve node module suffers from Improper Handling of URL Encoding by permitting access to ignored files if a filename is URL encoded.

  • « Go to Previous Page
  • Go to page 1
  • Interim pages omitted …
  • Go to page 217
  • Go to page 218
  • Go to page 219
  • Go to page 220
  • Go to page 221
  • Interim pages omitted …
  • Go to page 2387
  • Go to Next Page »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE