Export limit exceeded: 348220 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (348220 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2018-19039 | 3 Grafana, Netapp, Redhat | 7 Grafana, Active Iq Performance Analytics Services, Storagegrid Webscale Nas Bridge and 4 more | 2024-11-21 | N/A |
| Grafana before 4.6.5 and 5.x before 5.3.3 allows remote authenticated users to read arbitrary files by leveraging Editor or Admin permissions. | ||||
| CVE-2018-19037 | 1 Virginmedia | 2 Hub 3.0, Hub 3.0 Firmware | 2024-11-21 | N/A |
| On Virgin Media wireless router 3.0 hub devices, the web interface is vulnerable to denial of service. When POST requests are sent and keep the connection open, the router lags and becomes unusable to anyone currently using the web interface. | ||||
| CVE-2018-19036 | 1 Bosch | 74 Autodome Ip 4000 Hd, Autodome Ip 4000i, Autodome Ip 5000 Hd and 71 more | 2024-11-21 | N/A |
| An issue was discovered in several Bosch IP cameras for firmware versions 6.32 and higher. A malicious client could potentially succeed in the unauthorized execution of code on the device via the network interface. | ||||
| CVE-2018-19031 | 1 360 | 10 Safe Router P0, Safe Router P0 Firmware, Safe Router P1 and 7 more | 2024-11-21 | 8.8 High |
| A command injection vulnerability exists when the authorized user passes crafted parameter to background process in the router. This affects 360 router series products (360 Safe Router P0,P1,P2,P3,P4), the affected version is V2.0.61.58897. | ||||
| CVE-2018-19029 | 1 Lcds | 1 Laquis Scada | 2024-11-21 | N/A |
| LCDS Laquis SCADA prior to version 4.1.0.4150 allows an attacker using a specially crafted project file to supply a pointer for a controlled memory address, which may allow remote code execution, data exfiltration, or cause a system crash. | ||||
| CVE-2018-19027 | 1 Omron | 2 Cx-one, Cx-protocol | 2024-11-21 | N/A |
| Three type confusion vulnerabilities exist in CX-One Versions 4.50 and prior and CX-Protocol Versions 2.0 and prior when processing project files. An attacker could use a specially crafted project file to exploit and execute code under the privileges of the application. | ||||
| CVE-2018-19025 | 1 Juuko | 2 K-808, K-808 Firmware | 2024-11-21 | 9.8 Critical |
| In JUUKO K-808, an attacker could specially craft a packet that encodes an arbitrary command, which could be executed on the K-808 (Firmware versions prior to numbers ending ...9A, ...9B, ...9C, etc.). | ||||
| CVE-2018-19023 | 1 Hetronic | 10 Bms-hl, Bms-hl Firmware, Dc Mobile and 7 more | 2024-11-21 | N/A |
| Hetronic Nova-M prior to verson r161 uses fixed codes that are reproducible by sniffing and re-transmission. This can lead to unauthorized replay of a command, spoofing of an arbitrary message, or keeping the controlled load in a permanent "stop" state. | ||||
| CVE-2018-19021 | 1 Emerson | 1 Deltav | 2024-11-21 | 6.5 Medium |
| A specially crafted script could bypass the authentication of a maintenance port of Emerson DeltaV DCS Versions 11.3.1, 11.3.2, 12.3.1, 13.3.1, 14.3, R5.1, R6 and prior, which may allow an attacker to cause a denial of service. | ||||
| CVE-2018-19020 | 1 Omron | 1 Cx-supervisor | 2024-11-21 | N/A |
| When CX-Supervisor (Versions 3.42 and prior) processes project files and tampers with the value of an offset, an attacker can force the application to read a value outside of an array. | ||||
| CVE-2018-19019 | 1 Omron | 1 Cx-supervisor | 2024-11-21 | N/A |
| A type confusion vulnerability exists when processing project files in CX-Supervisor (Versions 3.42 and prior). An attacker could use a specially crafted project file to exploit and execute code under the privileges of the application. | ||||
| CVE-2018-19018 | 1 Omron | 1 Cx-supervisor | 2024-11-21 | N/A |
| An access of uninitialized pointer vulnerability in CX-Supervisor (Versions 3.42 and prior) could lead to type confusion when processing project files. An attacker could use a specially crafted project file to exploit and execute code under the privileges of the application. | ||||
| CVE-2018-19017 | 1 Omron | 1 Cx-supervisor | 2024-11-21 | N/A |
| Several use after free vulnerabilities have been identified in CX-Supervisor (Versions 3.42 and prior). When processing project files, the application fails to check if it is referencing freed memory. An attacker could use a specially crafted project file to exploit and execute code under the privileges of the application. | ||||
| CVE-2018-19016 | 1 Rockwellautomation | 2 Ethernet\/ip Web Server Module 1756-eweb, Ethernet\/ip Web Server Module 1768-eweb | 2024-11-21 | N/A |
| Rockwell Automation EtherNet/IP Web Server Modules 1756-EWEB (includes 1756-EWEBK) Version 5.001 and earlier, and CompactLogix 1768-EWEB Version 2.005 and earlier. A remote attacker could send a crafted UDP packet to the SNMP service causing a denial-of-service condition to occur until the affected product is restarted. | ||||
| CVE-2018-19015 | 1 Omron | 1 Cx-supervisor | 2024-11-21 | 7.3 High |
| An attacker could inject commands to launch programs and create, write, and read files on CX-Supervisor (Versions 3.42 and prior) through a specially crafted project file. An attacker could exploit this to execute code under the privileges of the application. | ||||
| CVE-2018-19014 | 1 Draeger | 8 Delta Xl, Delta Xl Firmware, Infinity Delta and 5 more | 2024-11-21 | N/A |
| Drager Infinity Delta, Infinity Delta, all versions, Delta XL, all versions, Kappa, all version, and Infinity Explorer C700, all versions. Log files are accessible over an unauthenticated network connection. By accessing the log files, an attacker is able to gain insights about internals of the patient monitor, the location of the monitor, and wired network configuration. | ||||
| CVE-2018-19013 | 1 Omron | 1 Cx-supervisor | 2024-11-21 | N/A |
| An attacker could inject commands to delete files and/or delete the contents of a file on CX-Supervisor (Versions 3.42 and prior) through a specially crafted project file. | ||||
| CVE-2018-19012 | 1 Draeger | 8 Delta Xl, Delta Xl Firmware, Infinity Delta and 5 more | 2024-11-21 | N/A |
| Drager Infinity Delta, Infinity Delta, all versions, Delta XL, all versions, Kappa, all version, and Infinity Explorer C700, all versions. Via a specific dialog it is possible to break out of the kiosk mode and reach the underlying operating system. By breaking out of the kiosk mode, an attacker is able to take control of the operating system. | ||||
| CVE-2018-19011 | 1 Omron | 1 Cx-supervisor | 2024-11-21 | N/A |
| CX-Supervisor (Versions 3.42 and prior) can execute code that has been injected into a project file. An attacker could exploit this to execute code under the privileges of the application. | ||||
| CVE-2018-19010 | 1 Draeger | 8 Delta Xl, Delta Xl Firmware, Infinity Delta and 5 more | 2024-11-21 | N/A |
| Drager Infinity Delta, Infinity Delta, all versions, Delta XL, all versions, Kappa, all version, and Infinity Explorer C700, all versions. A malformed network packet may cause the monitor to reboot. By repeatedly sending the malformed network packet, an attacker may be able to disrupt patient monitoring by causing the monitor to repeatedly reboot until it falls back to default configuration and loses network connectivity. | ||||