• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors

NVD-CWE-noinfo

CVE-2018-1389

February 26, 2023 by

IBM API Connect 5.0.0.0 through 5.0.8.2 is impacted by generated LoopBack APIs for a Model using the BelongsTo/HasMany relationship allowing unauthorized modification of information. IBM X-Force ID: 138213.

CVE-2018-13901

February 26, 2023 by

Due to missing permissions in Android Manifest file, Sensitive information disclosure issue can happen in PCI RCS app in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables in MDM9206, MDM9607, MDM9650, MSM8909W, MSM8996AU, QCA6574AU, QCS605, SD 210/SD 212/SD 205, SD 615/16/SD 415, SD 636, SD 650/52, SD 675, SD 712 / SD 710 / SD 670, SD 730, SD 820, SD 820A, SD 835, SD 845 / SD 850, SD 855, SDA660, SDM630, SDM660

CVE-2018-1391

February 26, 2023 by

IBM Financial Transaction Manager 3.0.4 and 3.1.0 for ACH Services for Multi-Platform could allow an authenticated user to execute a specially crafted command that could cause a denial of service. IBM X-Force ID: 138376.

CVE-2018-13858

February 26, 2023 by

MusicCenter / Trivum Multiroom Setup Tool V8.76 – SNR 8604.26 – C4 Professional allows unauthorized remote attackers to reboot or execute other functions via the “/xml/system/control.xml” URL, using the GET request “?action=reboot” for example.

CVE-2018-13859

February 26, 2023 by

MusicCenter / Trivum Multiroom Setup Tool V8.76 – SNR 8604.26 – C4 Professional before V9.34 build 13381 – 12.07.18, allow unauthorized remote attackers to reset the authentication via the “/xml/system/setAttribute.xml” URL, using the GET request “?id=0&attr=protectAccess&newValue=0” (a successful attack will allow attackers to login without authorization).

CVE-2018-13861

February 26, 2023 by

Touchpad / Trivum WebTouch Setup V9 V2.53 build 13163 of Apr 6 2018 09:10:14 (FW 303) allows unauthorized remote attackers to reboot or execute other functions via the “/xml/system/control.xml” URL, using the GET request “?action=reboot” for example.

  • « Go to Previous Page
  • Go to page 1
  • Interim pages omitted …
  • Go to page 408
  • Go to page 409
  • Go to page 410
  • Go to page 411
  • Go to page 412
  • Interim pages omitted …
  • Go to page 2387
  • Go to Next Page »

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE