{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-24T11:30:00.490","vulnerabilities":[{"cve":{"id":"CVE-2018-3988","sourceIdentifier":"talos-cna@cisco.com","published":"2018-12-10T17:29:00.270","lastModified":"2024-11-21T04:06:26.643","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Signal Messenger for Android 4.24.8 may expose private information when using \"disappearing messages.\" If a user uses the photo feature available in the \"attach file\" menu, then Signal will leave the picture in its own cache directory, which is available to any application on the system."},{"lang":"es","value":"Existe una vulnerabilidad de inyección de comandos explotable en la funcionalidad del servidor web de los productos Moxa NPort W2x50A con firmware en versiones anteriores a la 2.2 Build_18082311. Una petición HTTP POST especialmente manipulada en /goform/net_WebPingGetValue puede resultar en la ejecución de comandos del sistema operativo como usuario root. Esto es similar a CVE-2017-12120."}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N","baseScore":4.7,"baseSeverity":"MEDIUM","attackVector":"LOCAL","attackComplexity":"HIGH","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":1.0,"impactScore":3.6}],"cvssMetricV30":[{"source":"talos-cna@cisco.com","type":"Secondary","cvssData":{"version":"3.0","vectorString":"CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N","baseScore":3.3,"baseSeverity":"LOW","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"LOW","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":1.8,"impactScore":1.4}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:L/AC:M/Au:N/C:P/I:N/A:N","baseScore":1.9,"accessVector":"LOCAL","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"NONE","availabilityImpact":"NONE"},"baseSeverity":"LOW","exploitabilityScore":3.4,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-200"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:signal:private_messenger:4.24.8:*:*:*:*:android:*:*","matchCriteriaId":"407833ED-FFBA-4F3A-95A7-25377A0E0832"}]}]}],"references":[{"url":"http://www.securityfocus.com/bid/106207","source":"talos-cna@cisco.com","tags":["Broken Link","Third Party Advisory","VDB Entry"]},{"url":"https://www.talosintelligence.com/vulnerability_reports/TALOS-2018-0656","source":"talos-cna@cisco.com","tags":["Exploit","Third Party Advisory"]},{"url":"http://www.securityfocus.com/bid/106207","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Broken Link","Third Party Advisory","VDB Entry"]},{"url":"https://www.talosintelligence.com/vulnerability_reports/TALOS-2018-0656","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory"]}]}}]}