Export limit exceeded: 350006 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (350006 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2018-5377 | 1 Discuz | 1 Discuzx | 2024-11-21 | N/A |
| Discuz! DiscuzX X3.4 allows remote attackers to bypass intended access restrictions via the archiver\index.php action parameter. | ||||
| CVE-2018-5376 | 1 Discuz | 1 Discuzx | 2024-11-21 | 6.1 Medium |
| Discuz! DiscuzX X3.4 has XSS via the include\spacecp\spacecp_upload.php op parameter. | ||||
| CVE-2018-5375 | 1 Discuz | 1 Discuzx | 2024-11-21 | N/A |
| Discuz! DiscuzX X3.4 has XSS via the include\spacecp\spacecp_space.php appid parameter in a delete action. | ||||
| CVE-2018-5374 | 1 Slidervilla | 1 Dbox Slider | 2024-11-21 | N/A |
| The Dbox 3D Slider Lite plugin through 1.2.2 for WordPress has SQL Injection via settings\sliders.php (current_slider_id parameter). | ||||
| CVE-2018-5373 | 1 Slidervilla | 1 Smooth Slider | 2024-11-21 | N/A |
| The Smooth Slider plugin through 2.8.6 for WordPress has SQL Injection via smooth-slider.php (trid parameter). | ||||
| CVE-2018-5372 | 1 Slidervilla | 1 Testimonial Slider | 2024-11-21 | N/A |
| The Testimonial Slider plugin through 1.2.4 for WordPress has SQL Injection via settings\sliders.php (current_slider_id parameter). | ||||
| CVE-2018-5371 | 2 D-link, Dlink | 4 Dsl-2540u Firmware, Dsl-2640u Firmware, Dsl-2540u and 1 more | 2024-11-21 | N/A |
| diag_ping.cmd on D-Link DSL-2640U devices with firmware IM_1.00 and ME_1.00, and DSL-2540U devices with firmware ME_1.00, allows authenticated remote attackers to execute arbitrary OS commands via shell metacharacters in the ipaddr field of an HTTP GET request. | ||||
| CVE-2018-5370 | 1 Bizlogicdev | 1 Xnami | 2024-11-21 | N/A |
| BizLogic xnami 1.0 has XSS via the comment parameter in an addComment action to the /media/ajax URI. | ||||
| CVE-2018-5369 | 1 Srbtranslatin Project | 1 Srbtranslatin | 2024-11-21 | N/A |
| The SrbTransLatin plugin 1.46 for WordPress has XSS via an srbtranslatoptions action to wp-admin/options-general.php with a lang_identificator parameter. | ||||
| CVE-2018-5368 | 1 Srbtranslatin Project | 1 Srbtranslatin | 2024-11-21 | N/A |
| The SrbTransLatin plugin 1.46 for WordPress has CSRF via an srbtranslatoptions action to wp-admin/options-general.php. | ||||
| CVE-2018-5367 | 1 Wpglobus | 1 Wpglobus | 2024-11-21 | N/A |
| The WPGlobus plugin 1.9.6 for WordPress has XSS via the wpglobus_option[post_type][post] parameter to wp-admin/options.php. | ||||
| CVE-2018-5366 | 1 Wpglobus | 1 Wpglobus | 2024-11-21 | N/A |
| The WPGlobus plugin 1.9.6 for WordPress has XSS via the wpglobus_option[more_languages] parameter to wp-admin/options.php. | ||||
| CVE-2018-5365 | 1 Wpglobus | 1 Wpglobus | 2024-11-21 | N/A |
| The WPGlobus plugin 1.9.6 for WordPress has XSS via the wpglobus_option[selector_wp_list_pages][show_selector] parameter to wp-admin/options.php. | ||||
| CVE-2018-5364 | 1 Wpglobus | 1 Wpglobus | 2024-11-21 | N/A |
| The WPGlobus plugin 1.9.6 for WordPress has XSS via the wpglobus_option[browser_redirect][redirect_by_language] parameter to wp-admin/options.php. | ||||
| CVE-2018-5363 | 1 Wpglobus | 1 Wpglobus | 2024-11-21 | N/A |
| The WPGlobus plugin 1.9.6 for WordPress has XSS via the wpglobus_option[enabled_languages][en] or wpglobus_option[enabled_languages][fr] (or any other language) parameter to wp-admin/options.php. | ||||
| CVE-2018-5362 | 1 Wpglobus | 1 Wpglobus | 2024-11-21 | N/A |
| The WPGlobus plugin 1.9.6 for WordPress has XSS via the wpglobus_option[post_type][page] parameter to wp-admin/options.php. | ||||
| CVE-2018-5361 | 1 Wpglobus | 1 Wpglobus | 2024-11-21 | N/A |
| The WPGlobus plugin 1.9.6 for WordPress has CSRF via wp-admin/options.php. | ||||
| CVE-2018-5360 | 2 Graphicsmagick, Libtiff | 2 Graphicsmagick, Libtiff | 2024-11-21 | N/A |
| LibTIFF before 4.0.6 mishandles the reading of TIFF files, as demonstrated by a heap-based buffer over-read in the ReadTIFFImage function in coders/tiff.c in GraphicsMagick 1.3.27. | ||||
| CVE-2018-5359 | 1 Flexense | 1 Sysgauge | 2024-11-21 | N/A |
| The server in Flexense SysGauge 3.6.18 operating on port 9221 can be exploited remotely with the attacker gaining system-level access because of a Buffer Overflow. | ||||
| CVE-2018-5358 | 2 Canonical, Imagemagick | 2 Ubuntu Linux, Imagemagick | 2024-11-21 | N/A |
| ImageMagick 7.0.7-22 Q16 has memory leaks in the EncodeImageAttributes function in coders/json.c, as demonstrated by the ReadPSDLayersInternal function in coders/psd.c. | ||||