Export limit exceeded: 34583 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 24509 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (24509 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2018-10830 | 1 2345 Security Guard Project | 1 2345 Security Guard | 2024-11-21 | N/A |
| In 2345 Security Guard 3.7, the driver file (2345BdPcSafe.sys, X64 version) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x002220e0. | ||||
| CVE-2018-10828 | 1 Alps | 1 Pointing-device Driver | 2024-11-21 | N/A |
| An issue was discovered in Alps Pointing-device Driver 10.1.101.207. ApMsgFwd.exe allows the current user to map and write to the "ApMsgFwd File Mapping Object" section. ApMsgFwd.exe uses the data written to this section as arguments to functions. This causes a denial of service condition when invalid pointers are written to the mapped section. This driver has been used with Dell, ThinkPad, and VAIO devices. | ||||
| CVE-2018-10815 | 1 Cloudera | 1 Cloudera Manager | 2024-11-21 | N/A |
| An issue was discovered in Cloudera Manager before 5.13.4, 5.14.x before 5.14.4, and 5.15.x before 5.15.1. A read-only user can access sensitive cluster information. | ||||
| CVE-2018-10809 | 1 2345 Security Guard Project | 1 2345 Security Guard | 2024-11-21 | N/A |
| In 2345 Security Guard 3.7, the driver file (2345NetFirewall.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x00222040. NOTE: this vulnerability exists because of an incomplete fix for CVE-2018-8873. | ||||
| CVE-2018-10799 | 1 Brave | 1 Brave | 2024-11-21 | N/A |
| A hang issue was discovered in Brave before 0.14.0 (on, for example, Linux). This vulnerability is caused by the mishandling of a long URL formed by window.location+='?\u202a\uFEFF\u202b'; concatenation in a SCRIPT element. | ||||
| CVE-2018-10798 | 1 Brave | 1 Brave | 2024-11-21 | N/A |
| A hang issue was discovered in Brave before 0.14.0 (on, for example, Linux). The vulnerability is caused by mishandling of JavaScript code that triggers the reload of a page continuously with an interval of 1 second. | ||||
| CVE-2018-10796 | 1 2345 Security Guard Project | 1 2345 Security Guard | 2024-11-21 | N/A |
| In 2345 Security Guard 3.7, the driver file (2345NetFirewall.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x00222014. | ||||
| CVE-2018-10776 | 1 Mp3gain | 1 Mp3gain | 2024-11-21 | N/A |
| The getbits function in mpglibDBL/common.c in mp3gain through 1.5.2-r2 allows remote attackers to cause a denial of service (segmentation fault and application crash) or possibly have unspecified other impact. | ||||
| CVE-2018-10770 | 1 Annigroup | 2 5 In 1 Xvr, 5 In 1 Xvr Firmware | 2024-11-21 | N/A |
| download.rsp on ShenZhen Anni "5 in 1 XVR" devices allows remote attackers to download the configuration (without a login) to discover the password. | ||||
| CVE-2018-10734 | 1 Kongtop | 10 A303, A303 Firmware, A403 and 7 more | 2024-11-21 | N/A |
| KONGTOP DVR devices A303, A403, D303, D305, and D403 contain a backdoor that prints the login password via a Print_Password function call in certain circumstances. | ||||
| CVE-2018-10732 | 1 Dataiku | 1 Data Science Studio | 2024-11-21 | N/A |
| The REST API in Dataiku DSS before 4.2.3 allows remote attackers to obtain sensitive information (i.e., determine if a username is valid) because of profile pictures visibility. | ||||
| CVE-2018-10729 | 1 Phoenixcontact | 58 Fl Switch 3004t-fx, Fl Switch 3004t-fx Firmware, Fl Switch 3004t-fx St and 55 more | 2024-11-21 | N/A |
| All Phoenix Contact managed FL SWITCH 3xxx, 4xxx, 48xx products running firmware version 1.0 to 1.33 allow reading the configuration file by an unauthenticated user. | ||||
| CVE-2018-10711 | 1 Asrock | 4 A-tuning, F-stream, Restart To Uefi and 1 more | 2024-11-21 | N/A |
| The AsrDrv101.sys and AsrDrv102.sys low-level drivers in ASRock RGBLED before v1.0.35.1, A-Tuning before v3.0.210, F-Stream before v3.0.210, and RestartToUEFI before v1.0.6.2 expose functionality to read and write Machine Specific Registers (MSRs). This could be leveraged to execute arbitrary ring-0 code. | ||||
| CVE-2018-10663 | 1 Axis | 780 A1001, A1001 Firmware, A8004-v and 777 more | 2024-11-21 | N/A |
| An issue was discovered in multiple models of Axis IP Cameras. There is an Incorrect Size Calculation. | ||||
| CVE-2018-10657 | 1 Matrix | 1 Synapse | 2024-11-21 | N/A |
| Matrix Synapse before 0.28.1 is prone to a denial of service flaw where malicious events injected with depth = 2^63 - 1 render rooms unusable, related to federation/federation_base.py and handlers/message.py, as exploited in the wild in April 2018. | ||||
| CVE-2018-10652 | 1 Citrix | 1 Xenmobile Server | 2024-11-21 | N/A |
| There is a Sensitive Data Leakage issue in Citrix XenMobile Server 10.7 before RP3. | ||||
| CVE-2018-10627 | 1 Echelon | 6 I.lon 100, I.lon 100 Firmware, Smartserver 1 and 3 more | 2024-11-21 | N/A |
| Echelon SmartServer 1 all versions, SmartServer 2 all versions prior to release 4.11.007, i.LON 100 all versions, and i.LON 600 all versions. An attacker can use the SOAP API to retrieve and change sensitive configuration items such as the usernames and passwords for the Web and FTP servers. This vulnerability does not affect the i.LON 600 product. | ||||
| CVE-2018-10624 | 1 Johnsoncontrols | 2 Bcpro, Metasys System | 2024-11-21 | N/A |
| In Johnson Controls Metasys System Versions 8.0 and prior and BCPro (BCM) all versions prior to 3.0.2, this vulnerability results from improper error handling in HTTP-based communications with the server, which could allow an attacker to obtain technical information. | ||||
| CVE-2018-10616 | 1 Abb | 1 Panel Builder 800 | 2024-11-21 | N/A |
| ABB Panel Builder 800 all versions has an improper input validation vulnerability which may allow an attacker to insert and run arbitrary code on a computer where the affected product is used. | ||||
| CVE-2018-10599 | 1 Philips | 36 Avalon Fetal\/maternal Monitors Fm20, Avalon Fetal\/maternal Monitors Fm20 Firmware, Avalon Fetal\/maternal Monitors Fm30 and 33 more | 2024-11-21 | N/A |
| IntelliVue Patient Monitors MP Series (including MP2/X2/MP30/MP50/MP70/NP90/MX700/800) Rev B-M, IntelliVue Patient Monitors MX (MX400-550) Rev J-M and (X3/MX100 for Rev M only), and Avalon Fetal/Maternal Monitors FM20/FM30/FM40/FM50 with software Revisions F.0, G.0 and J.3 have a vulnerability that allows an unauthenticated attacker to read memory from an attacker-chosen device address within the same subnet. | ||||