Export limit exceeded: 347264 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 347264 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (347264 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2018-14005 | 1 Malaysiancoin Project | 1 Malaysiancoin | 2024-11-21 | 7.5 High |
| An integer overflow vulnerability exists in the function transferAny of Malaysia coins (Xmc), an Ethereum token smart contract. An attacker could use it to set any user's balance. | ||||
| CVE-2018-14004 | 1 Globecoin Project | 1 Globecoin | 2024-11-21 | N/A |
| An integer overflow vulnerability exists in the function transfer_tokens_after_ICO of GlobeCoin (GLB), an Ethereum token smart contract. An attacker could use it to set any user's balance. | ||||
| CVE-2018-14003 | 1 Wmctoken Project | 1 Wmctoken | 2024-11-21 | 7.5 High |
| An integer overflow vulnerability exists in the function batchTransfer of WeMediaChain (WMC), an Ethereum token smart contract. An attacker could use it to set any user's balance. | ||||
| CVE-2018-14002 | 1 Mp3 Coin Project | 1 Mp3 Coin | 2024-11-21 | N/A |
| An integer overflow vulnerability exists in the function distribute of MP3 Coin (MP3), an Ethereum token smart contract. An attacker could use it to set any user's balance. | ||||
| CVE-2018-14001 | 1 Sharktech Project | 1 Sharktech | 2024-11-21 | N/A |
| An integer overflow vulnerability exists in the function batchTransfer of SHARKTECH (SKT), an Ethereum token smart contract. An attacker could use it to set any user's balance. | ||||
| CVE-2018-13999 | 1 Catfish-cms | 1 Catfish Cms | 2024-11-21 | N/A |
| Catfish CMS v4.7.9 allows XSS via the admin/Index/write.html editorValue parameter (aka an article posted by an administrator). | ||||
| CVE-2018-13998 | 1 Clippercms | 1 Clippercms | 2024-11-21 | N/A |
| ClipperCMS 1.3.3 has stored XSS via the Full Name field of (1) Security -> Manager Users or (2) Security -> Web Users. | ||||
| CVE-2018-13997 | 1 Codeplea | 1 Genann | 2024-11-21 | N/A |
| Genann through 2018-07-08 has a SEGV in genann_run in genann.c. | ||||
| CVE-2018-13996 | 1 Codeplea | 1 Genann | 2024-11-21 | N/A |
| Genann through 2018-07-08 has a stack-based buffer over-read in genann_train in genann.c. | ||||
| CVE-2018-13994 | 1 Phoenixcontact | 58 Fl Switch 3004t-fx, Fl Switch 3004t-fx Firmware, Fl Switch 3004t-fx St and 55 more | 2024-11-21 | N/A |
| The WebUI of PHOENIX CONTACT FL SWITCH 3xxx, 4xxx, 48xx versions 1.0 to 1.34 is vulnerable to a denial-of-service attack by making more than 120 connections. | ||||
| CVE-2018-13993 | 1 Phoenixcontact | 58 Fl Switch 3004t-fx, Fl Switch 3004t-fx Firmware, Fl Switch 3004t-fx St and 55 more | 2024-11-21 | N/A |
| The WebUI of PHOENIX CONTACT FL SWITCH 3xxx, 4xxx, 48xx versions 1.0 to 1.34 is prone to CSRF. | ||||
| CVE-2018-13992 | 1 Phoenixcontact | 58 Fl Switch 3004t-fx, Fl Switch 3004t-fx Firmware, Fl Switch 3004t-fx St and 55 more | 2024-11-21 | N/A |
| The WebUI of PHOENIX CONTACT FL SWITCH 3xxx, 4xxx, 48xx versions 1.0 to 1.34 allows for plaintext transmission (HTTP) of user credentials by default. | ||||
| CVE-2018-13991 | 1 Phoenixcontact | 58 Fl Switch 3004t-fx, Fl Switch 3004t-fx Firmware, Fl Switch 3004t-fx St and 55 more | 2024-11-21 | N/A |
| The WebUI of PHOENIX CONTACT FL SWITCH 3xxx, 4xxx, 48xx versions 1.0 to 1.34 leaks private information in firmware images. | ||||
| CVE-2018-13990 | 1 Phoenixcontact | 58 Fl Switch 3004t-fx, Fl Switch 3004t-fx Firmware, Fl Switch 3004t-fx St and 55 more | 2024-11-21 | N/A |
| The WebUI of PHOENIX CONTACT FL SWITCH 3xxx, 4xxx, 48xx versions prior to 1.35 is vulnerable to brute-force attacks, because of Improper Restriction of Excessive Authentication Attempts. | ||||
| CVE-2018-13989 | 1 Arcelikas | 2 Grundig Smart Inter\@ctive, Grundig Smart Inter\@ctive Firmware | 2024-11-21 | N/A |
| Grundig Smart Inter@ctive TV 3.0 devices allow CSRF attacks via a POST request to TCP port 8085 containing a predictable ID value, as demonstrated by a /sendrcpackage?keyid=-2544&keysymbol=-4081 request to shut off the device. | ||||
| CVE-2018-13988 | 4 Canonical, Debian, Freedesktop and 1 more | 9 Ubuntu Linux, Debian Linux, Poppler and 6 more | 2024-11-21 | N/A |
| Poppler through 0.62 contains an out of bounds read vulnerability due to an incorrect memory access that is not mapped in its memory space, as demonstrated by pdfunite. This can result in memory corruption and denial of service. This may be exploitable when a victim opens a specially crafted PDF file. | ||||
| CVE-2018-13983 | 1 Impresscms | 1 Impresscms | 2024-11-21 | N/A |
| ImpressCMS 1.3.10 has XSS via the PATH_INFO to htdocs/install/index.php, htdocs/install/page_langselect.php, or htdocs/install/page_modcheck.php. | ||||
| CVE-2018-13982 | 2 Debian, Smarty | 2 Debian Linux, Smarty | 2024-11-21 | 7.5 High |
| Smarty_Security::isTrustedResourceDir() in Smarty before 3.1.33 is prone to a path traversal vulnerability due to insufficient template code sanitization. This allows attackers controlling the executed template code to bypass the trusted directory security restriction and read arbitrary files. | ||||
| CVE-2018-13981 | 1 Zeta-producer | 1 Zeta Producer Desktop Cms | 2024-11-21 | N/A |
| The websites that were built from Zeta Producer Desktop CMS before 14.2.1 are vulnerable to unauthenticated remote code execution due to a default component that permits arbitrary upload of PHP files, because the formmailer widget blocks .php files but not .php5 or .phtml files. This is related to /assets/php/formmailer/SendEmail.php and /assets/php/formmailer/functions.php. | ||||
| CVE-2018-13980 | 1 Zeta-producer | 1 Zeta Producer | 2024-11-21 | 5.5 Medium |
| The websites that were built from Zeta Producer Desktop CMS before 14.2.1 are vulnerable to unauthenticated file disclosure if the plugin "filebrowser" is installed, because of assets/php/filebrowser/filebrowser.main.php?file=../ directory traversal. | ||||