CVE-2018-14335

EPSS 8.45% · P92 Updated Feb 21, 2026

Public Exploits 1

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2018-14335

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Description

An issue was discovered in H2 1.4.197. Insecure handling of permissions in the backup function allows attackers to read sensitive files (outside of their permissions) via a symlink to a fake database file.

Source: NVD (National Vulnerability Database)

CVSS Information

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Type

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Title

H2 后置链接漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

H2是一套开源的数据库管理软件。 H2 1.4.197版本中存在安全漏洞，该漏洞源于程序没有安全的处理权限。攻击者可借助连接到伪造的数据库文件的符号链接利用该漏洞读取敏感文件（攻击者权限之外的文件）。

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
-	n/a	n/a	-

II. Public POCs for CVE-2018-14335

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2018-14335

请登录查看更多情报信息。

https://gist.github.com/owodelta/9714faf9a86435cef5a99d4930eaee20x_refsource_MISC
https://www.exploit-db.com/exploits/45105/exploitx_refsource_EXPLOIT-DB
https://access.redhat.com/errata/RHSA-2020:0727vendor-advisoryx_refsource_REDHAT
Re: H2 version security concern-Apache Mail Archivesmailing-listx_refsource_MLIST
https://nvd.nist.gov/vuln/detail/CVE-2018-14335

Same Patch Batch · n/a · 2018-07-24 · 11 CVEs total

CVE-2018-14582		BageCMS 跨站请求伪造漏洞
CVE-2018-14583		XYHCMS 跨站请求伪造漏洞
CVE-2018-14584		Bento4 缓冲区错误漏洞
CVE-2018-14585		Bento4 缓冲区错误漏洞
CVE-2018-14586		Bento4 缓冲区错误漏洞
CVE-2018-14587		Bento4 缓冲区错误漏洞
CVE-2018-14588		Bento4 安全漏洞
CVE-2018-14589		Bento4 缓冲区错误漏洞
CVE-2018-14590		Bento4 缓冲区错误漏洞
CVE-2018-14579		GolemCMS 安全漏洞

IV. Related Vulnerabilities

Same product: n/a

Same vendor: n/a

V. Comments for CVE-2018-14335

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

CVE-2018-14335

Public Exploits 1

I. Basic Information for CVE-2018-14335

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2018-14335

III. Intelligence Information for CVE-2018-14335

Same Patch Batch · n/a · 2018-07-24 · 11 CVEs total

IV. Related Vulnerabilities

V. Comments for CVE-2018-14335

Leave a comment