Export limit exceeded: 348033 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 348033 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (348033 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2018-18313 | 6 Apple, Canonical, Debian and 3 more | 10 Mac Os X, Ubuntu Linux, Debian Linux and 7 more | 2024-11-21 | N/A |
| Perl before 5.26.3 has a buffer over-read via a crafted regular expression that triggers disclosure of sensitive information from process memory. | ||||
| CVE-2018-18312 | 5 Canonical, Debian, Netapp and 2 more | 9 Ubuntu Linux, Debian Linux, E-series Santricity Os Controller and 6 more | 2024-11-21 | N/A |
| Perl before 5.26.3 and 5.28.0 before 5.28.1 has a buffer overflow via a crafted regular expression that triggers invalid write operations. | ||||
| CVE-2018-18311 | 8 Apple, Canonical, Debian and 5 more | 23 Mac Os X, Ubuntu Linux, Debian Linux and 20 more | 2024-11-21 | N/A |
| Perl before 5.26.3 and 5.28.x before 5.28.1 has a buffer overflow via a crafted regular expression that triggers invalid write operations. | ||||
| CVE-2018-18310 | 5 Canonical, Debian, Elfutils Project and 2 more | 9 Ubuntu Linux, Debian Linux, Elfutils and 6 more | 2024-11-21 | 5.5 Medium |
| An invalid memory address dereference was discovered in dwfl_segment_report_module.c in libdwfl in elfutils through v0.174. The vulnerability allows attackers to cause a denial of service (application crash) with a crafted ELF file, as demonstrated by consider_notes. | ||||
| CVE-2018-18309 | 1 Gnu | 1 Binutils | 2024-11-21 | N/A |
| An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31. An invalid memory address dereference was discovered in read_reloc in reloc.c. The vulnerability causes a segmentation fault and application crash, which leads to denial of service, as demonstrated by objdump, because of missing _bfd_clear_contents bounds checking. | ||||
| CVE-2018-18308 | 1 Bigtreecms | 1 Bigtree Cms | 2024-11-21 | N/A |
| In the 4.2.23 version of BigTree, a Stored XSS vulnerability has been discovered in /admin/ajax/file-browser/upload/ (aka the image upload area). | ||||
| CVE-2018-18296 | 1 Metinfo | 1 Metinfo | 2024-11-21 | N/A |
| MetInfo 6.1.2 has XSS via the /admin/index.php bigclass parameter in an n=column&a=doadd action. | ||||
| CVE-2018-18291 | 1 Asus | 2 Rt-ac58u, Rt-ac58u Firmware | 2024-11-21 | N/A |
| A cross site scripting (XSS) vulnerability on ASUS RT-AC58U 3.0.0.4.380_6516 devices allows remote attackers to inject arbitrary web script or HTML via Advanced_ASUSDDNS_Content.asp, Advanced_WSecurity_Content.asp, Advanced_Wireless_Content.asp, Logout.asp, Main_Login.asp, MobileQIS_Login.asp, QIS_wizard.htma, YandexDNS.asp, ajax_status.xml, apply.cgi, clients.asp, disk.asp, disk_utility.asp, or internet.asp. | ||||
| CVE-2018-18290 | 1 Nconsulting | 1 Nc-cms | 2024-11-21 | N/A |
| An issue was discovered in nc-cms through 2017-03-10. index.php?action=edit_html&name=home_content allows XSS via the HTML Source Editor. NOTE: the vendor disputes this because the form requires administrator privileges, and entering JavaScript is supported functionality | ||||
| CVE-2018-18289 | 1 Mesilat | 1 Zabbix | 2024-11-21 | N/A |
| The MESILAT Zabbix plugin before 1.1.15 for Atlassian Confluence allows attackers to read arbitrary files. | ||||
| CVE-2018-18288 | 1 Crushftp | 1 Crushftp | 2024-11-21 | 6.1 Medium |
| CrushFTP through 8.3.0 is vulnerable to credentials theft via URL redirection. | ||||
| CVE-2018-18287 | 1 Asus | 2 Rt-ac58u, Rt-ac58u Firmware | 2024-11-21 | N/A |
| On ASUS RT-AC58U 3.0.0.4.380_6516 devices, remote attackers can discover hostnames and IP addresses by reading dhcpLeaseInfo data in the HTML source code of the Main_Login.asp page. | ||||
| CVE-2018-18286 | 1 Mitel | 1 Cmg Suite | 2024-11-21 | N/A |
| SQL injection vulnerabilities in CMG Suite 8.4 SP2 and earlier, could allow an unauthenticated attacker to conduct an SQL injection attack due to insufficient input validation for the changepwd interface. A successful exploit could allow an attacker to extract sensitive information from the database and execute arbitrary scripts. | ||||
| CVE-2018-18285 | 1 Mitel | 1 Cmg Suite | 2024-11-21 | N/A |
| SQL injection vulnerabilities in CMG Suite 8.4 SP2 and earlier, could allow an unauthenticated attacker to conduct an SQL injection attack due to insufficient input validation for the login interface. A successful exploit could allow an attacker to extract sensitive information from the database and execute arbitrary scripts. | ||||
| CVE-2018-18284 | 5 Artifex, Canonical, Debian and 2 more | 12 Ghostscript, Gpl Ghostscript, Ubuntu Linux and 9 more | 2024-11-21 | N/A |
| Artifex Ghostscript 9.25 and earlier allows attackers to bypass a sandbox protection mechanism via vectors involving the 1Policy operator. | ||||
| CVE-2018-18282 | 1 Zeit | 1 Next.js | 2024-11-21 | N/A |
| Next.js 7.0.0 and 7.0.1 has XSS via the 404 or 500 /_error page. | ||||
| CVE-2018-18281 | 4 Canonical, Debian, Linux and 1 more | 10 Ubuntu Linux, Debian Linux, Linux Kernel and 7 more | 2024-11-21 | N/A |
| Since Linux kernel version 3.2, the mremap() syscall performs TLB flushes after dropping pagetable locks. If a syscall such as ftruncate() removes entries from the pagetables of a task that is in the middle of mremap(), a stale TLB entry can remain for a short time that permits access to a physical page after it has been released back to the page allocator and reused. This is fixed in the following kernel versions: 4.9.135, 4.14.78, 4.18.16, 4.19. | ||||
| CVE-2018-18276 | 1 Profiles Project | 1 Profiles | 2024-11-21 | N/A |
| XSS exists in the ProFiles 1.5 component for Joomla! via the name or path parameter when creating a new folder in the administrative panel. | ||||
| CVE-2018-18274 | 1 Pdfalto Project | 1 Pdfalto | 2024-11-21 | N/A |
| A issue was found in pdfalto 0.2. There is a heap-based buffer overflow in the TextPage::addAttributsNode function in XmlAltoOutputDev.cc. | ||||
| CVE-2018-18271 | 1 Cmsmadesimple | 1 Cms Made Simple | 2024-11-21 | N/A |
| XSS exists in CMS Made Simple version 2.2.7 via the m1_extra parameter in an admin/moduleinterface.php "Content-->News-->Add Article" action. | ||||