Export limit exceeded: 347893 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 347893 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (347893 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2018-14599 | 5 Canonical, Debian, Fedoraproject and 2 more | 8 Ubuntu Linux, Debian Linux, Fedora and 5 more | 2024-11-21 | 9.8 Critical |
| An issue was discovered in libX11 through 1.6.5. The function XListExtensions in ListExt.c is vulnerable to an off-by-one error caused by malicious server responses, leading to DoS or possibly unspecified other impact. | ||||
| CVE-2018-14598 | 5 Canonical, Debian, Fedoraproject and 2 more | 5 Ubuntu Linux, Debian Linux, Fedora and 2 more | 2024-11-21 | N/A |
| An issue was discovered in XListExtensions in ListExt.c in libX11 through 1.6.5. A malicious server can send a reply in which the first string overflows, causing a variable to be set to NULL that will be freed later on, leading to DoS (segmentation fault). | ||||
| CVE-2018-14597 | 1 Broadcom | 2 Ca Identity Governance, Ca Identity Suite Virtual Appliance | 2024-11-21 | N/A |
| CA Technologies Identity Governance 12.6, 14.0, 14.1, and 14.2 and CA Identity Suite Virtual Appliance 14.0, 14.1, and 14.2 provide telling error messages that may allow remote attackers to enumerate account names. | ||||
| CVE-2018-14596 | 1 Wancms | 1 Wancms | 2024-11-21 | N/A |
| wancms 1.0 through 5.0 allows remote attackers to cause a denial of service (resource consumption) via a checkcode (aka verification code) URI in which the values of font_size, width, and height are large numbers. | ||||
| CVE-2018-14593 | 2 Debian, Otrs | 2 Debian Linux, Open Ticket Request System | 2024-11-21 | N/A |
| An issue was discovered in Open Ticket Request System (OTRS) 6.0.x through 6.0.9, 5.0.x through 5.0.28, and 4.0.x through 4.0.30. An attacker who is logged into OTRS as an agent may escalate their privileges by accessing a specially crafted URL. | ||||
| CVE-2018-14592 | 1 Cwjoomla | 2 Cw Article Attachments Free, Cw Article Attachments Pro | 2024-11-21 | N/A |
| The CWJoomla CW Article Attachments PRO extension before 2.0.7 and CW Article Attachments FREE extension before 1.0.6 for Joomla! allow SQL Injection within download.php. | ||||
| CVE-2018-14590 | 1 Axiosys | 1 Bento4 | 2024-11-21 | N/A |
| An issue has been discovered in Bento4 1.5.1-624. A SEGV can occur in AP4_Processor::ProcessFragments in Core/Ap4Processor.cpp. | ||||
| CVE-2018-14589 | 1 Axiosys | 1 Bento4 | 2024-11-21 | N/A |
| An issue has been discovered in Bento4 1.5.1-624. AP4_Mp4AudioDsiParser::ReadBits in Codecs/Ap4Mp4AudioInfo.cpp has a heap-based buffer over-read. | ||||
| CVE-2018-14588 | 1 Axiosys | 1 Bento4 | 2024-11-21 | N/A |
| An issue has been discovered in Bento4 1.5.1-624. A NULL pointer dereference can occur in AP4_DataBuffer::SetData in Core/Ap4DataBuffer.cpp. | ||||
| CVE-2018-14587 | 1 Axiosys | 1 Bento4 | 2024-11-21 | N/A |
| An issue has been discovered in Bento4 1.5.1-624. AP4_MemoryByteStream::WritePartial in Core/Ap4ByteStream.cpp has a buffer over-read. | ||||
| CVE-2018-14586 | 1 Axiosys | 1 Bento4 | 2024-11-21 | N/A |
| An issue has been discovered in Bento4 1.5.1-624. A SEGV can occur in AP4_Mpeg2TsAudioSampleStream::WriteSample in Core/Ap4Mpeg2Ts.cpp, a different vulnerability than CVE-2018-14532. | ||||
| CVE-2018-14585 | 1 Axiosys | 1 Bento4 | 2024-11-21 | N/A |
| An issue has been discovered in Bento4 1.5.1-624. AP4_BytesToUInt16BE in Core/Ap4Utils.h has a heap-based buffer over-read after a call from the AP4_Stz2Atom class. | ||||
| CVE-2018-14584 | 1 Axiosys | 1 Bento4 | 2024-11-21 | N/A |
| An issue has been discovered in Bento4 1.5.1-624. AP4_AvccAtom::Create in Core/Ap4AvccAtom.cpp has a heap-based buffer over-read. | ||||
| CVE-2018-14583 | 1 Xyhcms | 1 Xyhcms | 2024-11-21 | N/A |
| xyhai.php?s=/Auth/addUser in XYHCMS 3.5 allows CSRF to add a background administrator account. | ||||
| CVE-2018-14582 | 1 Bagesoft | 1 Bagecms | 2024-11-21 | N/A |
| index.php?r=admini/admin/create in BageCMS V3.1.3 allows CSRF to add a background administrator account. | ||||
| CVE-2018-14581 | 1 Red-gate | 2 .net Reflector, Smartassembly | 2024-11-21 | N/A |
| Redgate .NET Reflector before 10.0.7.774 and SmartAssembly before 6.12.5 allow attackers to execute code by decompiling a compiled .NET object (such as a DLL or EXE file) with a specific embedded resource file. | ||||
| CVE-2018-14579 | 1 Golemcms Project | 1 Golemcms | 2024-11-21 | N/A |
| GolemCMS through 2008-12-24, if the install/ directory remains active after an installation, allows remote attackers to execute arbitrary PHP code by inserting this code into the "Database Information" "Table prefix" form field, or obtain sensitive information via a direct request for install/install.sql. | ||||
| CVE-2018-14576 | 1 Suncontract | 1 Suncontract | 2024-11-21 | 7.5 High |
| The mintTokens function of a smart contract implementation for SunContract, an Ethereum token, has an integer overflow via the _amount variable. | ||||
| CVE-2018-14575 | 1 Mybb | 1 Trash Bin | 2024-11-21 | N/A |
| Trash Bin plugin 1.1.3 for MyBB has cross-site scripting (XSS) via a thread subject and a cross-site request forgery (CSRF) via a post subject. | ||||
| CVE-2018-14574 | 4 Canonical, Debian, Djangoproject and 1 more | 4 Ubuntu Linux, Debian Linux, Django and 1 more | 2024-11-21 | N/A |
| django.middleware.common.CommonMiddleware in Django 1.11.x before 1.11.15 and 2.0.x before 2.0.8 has an Open Redirect. | ||||