Export limit exceeded: 350749 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (350749 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2018-7643 | 2 Gnu, Redhat | 5 Binutils, Enterprise Linux, Enterprise Linux Desktop and 2 more | 2024-11-21 | N/A |
| The display_debug_ranges function in dwarf.c in GNU Binutils 2.30 allows remote attackers to cause a denial of service (integer overflow and application crash) or possibly have unspecified other impact via a crafted ELF file, as demonstrated by objdump. | ||||
| CVE-2018-7642 | 2 Gnu, Redhat | 5 Binutils, Enterprise Linux, Enterprise Linux Desktop and 2 more | 2024-11-21 | N/A |
| The swap_std_reloc_in function in aoutx.h in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.30, allows remote attackers to cause a denial of service (aout_32_swap_std_reloc_out NULL pointer dereference and application crash) via a crafted ELF file, as demonstrated by objcopy. | ||||
| CVE-2018-7641 | 1 Cimg | 1 Cimg | 2024-11-21 | N/A |
| An issue was discovered in CImg v.220. A heap-based buffer over-read in load_bmp in CImg.h occurs when loading a crafted bmp image, a different vulnerability than CVE-2018-7588. This is in a "32 bits colors" case, aka case 32. | ||||
| CVE-2018-7640 | 1 Cimg | 1 Cimg | 2024-11-21 | N/A |
| An issue was discovered in CImg v.220. A heap-based buffer over-read in load_bmp in CImg.h occurs when loading a crafted bmp image, a different vulnerability than CVE-2018-7588. This is in a Monochrome case, aka case 1. | ||||
| CVE-2018-7639 | 1 Cimg | 1 Cimg | 2024-11-21 | N/A |
| An issue was discovered in CImg v.220. A heap-based buffer over-read in load_bmp in CImg.h occurs when loading a crafted bmp image, a different vulnerability than CVE-2018-7588. This is in a "16 bits colors" case, aka case 16. | ||||
| CVE-2018-7638 | 1 Cimg | 1 Cimg | 2024-11-21 | N/A |
| An issue was discovered in CImg v.220. A heap-based buffer over-read in load_bmp in CImg.h occurs when loading a crafted bmp image, a different vulnerability than CVE-2018-7588. This is in a "256 colors" case, aka case 8. | ||||
| CVE-2018-7637 | 1 Cimg | 1 Cimg | 2024-11-21 | N/A |
| An issue was discovered in CImg v.220. A heap-based buffer over-read in load_bmp in CImg.h occurs when loading a crafted bmp image, a different vulnerability than CVE-2018-7588. This is in a "16 colors" case, aka case 4. | ||||
| CVE-2018-7636 | 1 Paloaltonetworks | 1 Pan-os | 2024-11-21 | N/A |
| The URL filtering "continue page" hosted by PAN-OS 8.0.10 and earlier may allow an attacker to inject arbitrary JavaScript or HTML via specially crafted URLs. | ||||
| CVE-2018-7635 | 1 Navercorp | 1 Whale | 2024-11-21 | N/A |
| Whale Browser before 1.0.41.8 displays no URL information but only a title of a web page on the browser's address bar when visiting a blank page, which allows an attacker to display a malicious web page with a fake domain name. | ||||
| CVE-2018-7634 | 1 Enalean | 1 Tuleap | 2024-11-21 | N/A |
| An issue was discovered in Enalean Tuleap 9.17. Lack of CSRF attack mitigation while changing an e-mail address makes it possible to abuse the functionality by attackers. By making a CSRF attack, an attacker could make a victim change his registered e-mail address on the application, leading to account takeover. | ||||
| CVE-2018-7633 | 1 Adbglobal | 1 Epicentro | 2024-11-21 | N/A |
| Code injection in the /ui/login form Language parameter in Epicentro E_7.3.2+ allows attackers to execute JavaScript code by making a user issue a manipulated POST request. | ||||
| CVE-2018-7632 | 1 Adbglobal | 1 Epicentro | 2024-11-21 | N/A |
| Buffer Overflow in httpd in EpiCentro E_7.3.2+ allows attackers to cause a denial of service attack remotely via a specially crafted GET request with a leading "/" in the URL. | ||||
| CVE-2018-7631 | 1 Adbglobal | 1 Epicentro | 2024-11-21 | N/A |
| Buffer Overflow in httpd in EpiCentro E_7.3.2+ allows attackers to execute code remotely via a specially crafted GET request without a leading "/" and without authentication. | ||||
| CVE-2018-7603 | 1 Search Autocomplete Project | 1 Search Autocomplete | 2024-11-21 | N/A |
| In Drupal's 3rd party module search auto complete prior to versions 7.x-4.8 there is a Cross Site Scripting vulnerability. This Search Autocomplete module enables you to autocomplete textfield using data from your website (nodes, comments, etc.). The module doesn't sufficiently filter user-entered text among the autocompletion items leading to a Cross Site Scripting (XSS) vulnerability. This vulnerability can be exploited by any user allowed to create one of the autocompletion item, for instance, nodes, users, comments. | ||||
| CVE-2018-7590 | 1 Hoosk | 1 Hoosk | 2024-11-21 | N/A |
| CSRF exists in Hoosk 1.7.0 via /admin/users/new/add, resulting in account creation. | ||||
| CVE-2018-7589 | 1 Cimg | 1 Cimg | 2024-11-21 | N/A |
| An issue was discovered in CImg v.220. A double free in load_bmp in CImg.h occurs when loading a crafted bmp image. | ||||
| CVE-2018-7588 | 1 Cimg | 1 Cimg | 2024-11-21 | N/A |
| An issue was discovered in CImg v.220. A heap-based buffer over-read in load_bmp in CImg.h occurs when loading a crafted bmp image. | ||||
| CVE-2018-7587 | 1 Cimg | 1 Cimg | 2024-11-21 | N/A |
| An issue was discovered in CImg v.220. DoS occurs when loading a crafted bmp image that triggers an allocation failure in load_bmp in CImg.h. | ||||
| CVE-2018-7586 | 1 Imagely | 1 Nextgen Gallery | 2024-11-21 | N/A |
| In the nextgen-gallery plugin before 2.2.50 for WordPress, gallery paths are not secured. | ||||
| CVE-2018-7584 | 4 Canonical, Debian, Php and 1 more | 5 Ubuntu Linux, Debian Linux, Php and 2 more | 2024-11-21 | N/A |
| In PHP through 5.6.33, 7.0.x before 7.0.28, 7.1.x through 7.1.14, and 7.2.x through 7.2.2, there is a stack-based buffer under-read while parsing an HTTP response in the php_stream_url_wrap_http_ex function in ext/standard/http_fopen_wrapper.c. This subsequently results in copying a large string. | ||||