Export limit exceeded: 348694 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (348694 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2018-19225 | 1 Laobancms | 1 Laobancms | 2024-11-21 | N/A |
| An issue was discovered in LAOBANCMS 2.0. admin/mima.php has CSRF. | ||||
| CVE-2018-19224 | 1 Laobancms | 1 Laobancms | 2024-11-21 | N/A |
| An issue was discovered in LAOBANCMS 2.0. /admin/login.php allows spoofing of the id and guanliyuan cookies. | ||||
| CVE-2018-19223 | 1 Laobancms | 1 Laobancms | 2024-11-21 | N/A |
| An issue was discovered in LAOBANCMS 2.0. It allows XSS via the first input field to the admin/type.php?id=1 URI. | ||||
| CVE-2018-19222 | 1 Laobancms | 1 Laobancms | 2024-11-21 | N/A |
| An issue was discovered in LAOBANCMS 2.0. It allows a /install/mysql_hy.php?riqi=0&i=0 attack to reset the admin password, even if install.txt exists. | ||||
| CVE-2018-19221 | 1 Laobancms | 1 Laobancms | 2024-11-21 | N/A |
| An issue was discovered in LAOBANCMS 2.0. It allows SQL Injection via the admin/login.php guanliyuan parameter. | ||||
| CVE-2018-19220 | 1 Laobancms | 1 Laobancms | 2024-11-21 | N/A |
| An issue was discovered in LAOBANCMS 2.0. It allows remote attackers to execute arbitrary PHP code via the host parameter to the install/ URI. | ||||
| CVE-2018-19219 | 1 Sass-lang | 1 Libsass | 2024-11-21 | N/A |
| In LibSass 3.5-stable, there is an illegal address access at Sass::Eval::operator that will lead to a DoS attack. | ||||
| CVE-2018-19218 | 1 Sass-lang | 1 Libsass | 2024-11-21 | N/A |
| In LibSass 3.5-stable, there is an illegal address access at Sass::Parser::parse_css_variable_value_token that will lead to a DoS attack. | ||||
| CVE-2018-19217 | 1 Gnu | 1 Ncurses | 2024-11-21 | N/A |
| In ncurses, possibly a 6.x version, there is a NULL pointer dereference at the function _nc_name_match that will lead to a denial of service attack. NOTE: the original report stated version 6.1, but the issue did not reproduce for that version according to the maintainer or a reliable third-party | ||||
| CVE-2018-19216 | 2 Debian, Nasm | 2 Debian Linux, Netwide Assembler | 2024-11-21 | N/A |
| Netwide Assembler (NASM) before 2.13.02 has a use-after-free in detoken at asm/preproc.c. | ||||
| CVE-2018-19215 | 2 Nasm, Redhat | 2 Netwide Assembler, Enterprise Linux | 2024-11-21 | N/A |
| Netwide Assembler (NASM) 2.14rc16 has a heap-based buffer over-read in expand_mmac_params in asm/preproc.c for the special cases of the % and $ and ! characters. | ||||
| CVE-2018-19214 | 2 Nasm, Redhat | 2 Netwide Assembler, Enterprise Linux | 2024-11-21 | N/A |
| Netwide Assembler (NASM) 2.14rc15 has a heap-based buffer over-read in expand_mmac_params in asm/preproc.c for insufficient input. | ||||
| CVE-2018-19213 | 1 Nasm | 1 Netwide Assembler | 2024-11-21 | N/A |
| Netwide Assembler (NASM) through 2.14rc16 has memory leaks that may lead to DoS, related to nasm_malloc in nasmlib/malloc.c. | ||||
| CVE-2018-19212 | 1 Webmproject | 1 Libwebm | 2024-11-21 | N/A |
| In libwebm through 2018-10-03, there is an abort caused by libwebm::Webm2Pes::InitWebmParser() that will lead to a DoS attack. | ||||
| CVE-2018-19211 | 1 Gnu | 1 Ncurses | 2024-11-21 | N/A |
| In ncurses 6.1, there is a NULL pointer dereference at function _nc_parse_entry in parse_entry.c that will lead to a denial of service attack. The product proceeds to the dereference code path even after a "dubious character `*' in name or alias field" detection. | ||||
| CVE-2018-19210 | 3 Canonical, Debian, Libtiff | 3 Ubuntu Linux, Debian Linux, Libtiff | 2024-11-21 | N/A |
| In LibTIFF 4.0.9, there is a NULL pointer dereference in the TIFFWriteDirectorySec function in tif_dirwrite.c that will lead to a denial of service attack, as demonstrated by tiffset. | ||||
| CVE-2018-19209 | 1 Nasm | 1 Netwide Assembler | 2024-11-21 | N/A |
| Netwide Assembler (NASM) 2.14rc15 has a NULL pointer dereference in the function find_label in asm/labels.c that will lead to a DoS attack. | ||||
| CVE-2018-19208 | 3 Libwpd Project, Redhat, Suse | 3 Libwpd, Enterprise Linux, Suse Linux Enterprise Server | 2024-11-21 | 6.5 Medium |
| In libwpd 0.10.2, there is a NULL pointer dereference in the function WP6ContentListener::defineTable in WP6ContentListener.cpp that will lead to a denial of service attack. This is related to WPXTable.h. | ||||
| CVE-2018-19207 | 1 Van-ons | 1 Wp-gdpr-compliance | 2024-11-21 | N/A |
| The Van Ons WP GDPR Compliance (aka wp-gdpr-compliance) plugin before 1.4.3 for WordPress allows remote attackers to execute arbitrary code because $wpdb->prepare() input is mishandled, as exploited in the wild in November 2018. | ||||
| CVE-2018-19206 | 2 Debian, Roundcube | 2 Debian Linux, Webmail | 2024-11-21 | N/A |
| steps/mail/func.inc in Roundcube before 1.3.8 has XSS via crafted use of <svg><style>, as demonstrated by an onload attribute in a BODY element, within an HTML attachment. | ||||