Export limit exceeded: 348925 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (348925 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2018-20369 | 1 Barracuda | 1 Message Archiver | 2024-11-21 | N/A |
| Barracuda Message Archiver 2018 has XSS in the error_msg exception-handling value for the ldap_user parameter to the cgi-mod/ldap_load_entry.cgi module. The injection point of the issue is the Add_Update module. | ||||
| CVE-2018-20368 | 1 Averta | 1 Master Slider | 2024-11-21 | N/A |
| The Master Slider plugin 3.2.7 and 3.5.1 for WordPress has XSS via the wp-admin/admin-ajax.php Name input field of the MSPanel.Settings value on Callback. | ||||
| CVE-2018-20367 | 1 Wstmart | 1 Wstmart | 2024-11-21 | N/A |
| The "mall some commodity details: commodity consultation" component in WSTMart 2.0.8_181212 has stored XSS via the consultContent parameter, as demonstrated by the index.php/home/goodsconsult/add.html URI. | ||||
| CVE-2018-20365 | 1 Libraw | 1 Libraw | 2024-11-21 | N/A |
| LibRaw::raw2image() in libraw_cxx.cpp has a heap-based buffer overflow. | ||||
| CVE-2018-20364 | 1 Libraw | 1 Libraw | 2024-11-21 | N/A |
| LibRaw::copy_bayer in libraw_cxx.cpp in LibRaw 0.19.1 has a NULL pointer dereference. | ||||
| CVE-2018-20363 | 1 Libraw | 1 Libraw | 2024-11-21 | N/A |
| LibRaw::raw2image in libraw_cxx.cpp in LibRaw 0.19.1 has a NULL pointer dereference. | ||||
| CVE-2018-20362 | 1 Audiocoding | 1 Freeware Advanced Audio Decoder 2 | 2024-11-21 | N/A |
| A NULL pointer dereference was discovered in ifilter_bank of libfaad/filtbank.c in Freeware Advanced Audio Decoder 2 (FAAD2) 2.8.8. The vulnerability causes a segmentation fault and application crash because adding to windowed output is mishandled in the EIGHT_SHORT_SEQUENCE case. | ||||
| CVE-2018-20361 | 1 Audiocoding | 1 Freeware Advanced Audio Decoder 2 | 2024-11-21 | N/A |
| An invalid memory address dereference was discovered in the hf_assembly function of libfaad/sbr_hfadj.c in Freeware Advanced Audio Decoder 2 (FAAD2) 2.8.8. The vulnerability causes a segmentation fault and application crash, which leads to denial of service. | ||||
| CVE-2018-20360 | 2 Audiocoding, Debian | 2 Freeware Advanced Audio Decoder 2, Debian Linux | 2024-11-21 | 5.5 Medium |
| An invalid memory address dereference was discovered in the sbr_process_channel function of libfaad/sbr_dec.c in Freeware Advanced Audio Decoder 2 (FAAD2) 2.8.8. The vulnerability causes a segmentation fault and application crash, which leads to denial of service. | ||||
| CVE-2018-20359 | 1 Audiocoding | 1 Freeware Advanced Audio Decoder 2 | 2024-11-21 | N/A |
| An invalid memory address dereference was discovered in the sbrDecodeSingleFramePS function of libfaad/sbr_dec.c in Freeware Advanced Audio Decoder 2 (FAAD2) 2.8.8. The vulnerability causes a segmentation fault and application crash, which leads to denial of service. | ||||
| CVE-2018-20358 | 1 Audiocoding | 1 Freeware Advanced Audio Decoder 2 | 2024-11-21 | N/A |
| An invalid memory address dereference was discovered in the lt_prediction function of libfaad/lt_predict.c in Freeware Advanced Audio Decoder 2 (FAAD2) 2.8.8. The vulnerability causes a segmentation fault and application crash, which leads to denial of service. | ||||
| CVE-2018-20357 | 1 Audiocoding | 1 Freeware Advanced Audio Decoder 2 | 2024-11-21 | N/A |
| A NULL pointer dereference was discovered in sbr_process_channel of libfaad/sbr_dec.c in Freeware Advanced Audio Decoder 2 (FAAD2) 2.8.8. The vulnerability causes a segmentation fault and application crash. | ||||
| CVE-2018-20356 | 1 Cesanta | 1 Mongoose | 2024-11-21 | N/A |
| An invalid read of 8 bytes due to a use-after-free vulnerability in the mg_http_free_proto_data_cgi function call in mongoose.c in Cesanta Mongoose Embedded Web Server Library 6.13 and earlier allows a denial of service (application crash) or remote code execution. | ||||
| CVE-2018-20355 | 1 Cesanta | 1 Mongoose | 2024-11-21 | N/A |
| An invalid write of 8 bytes due to a use-after-free vulnerability in the mg_http_free_proto_data_cgi function call in mongoose.c in Cesanta Mongoose Embedded Web Server Library 6.13 and earlier allows a denial of service (application crash) or remote code execution. | ||||
| CVE-2018-20354 | 1 Cesanta | 1 Mongoose | 2024-11-21 | N/A |
| An invalid read of 8 bytes due to a use-after-free vulnerability during a "return" in the mg_http_get_proto_data function in mongoose.c in Cesanta Mongoose Embedded Web Server Library 6.13 and earlier allows a denial of service (application crash) or remote code execution. | ||||
| CVE-2018-20353 | 1 Cesanta | 1 Mongoose | 2024-11-21 | N/A |
| An invalid read of 8 bytes due to a use-after-free vulnerability during a "NULL test" in the mg_http_get_proto_data function in mongoose.c in Cesanta Mongoose Embedded Web Server Library 6.13 and earlier allows a denial of service (application crash) or remote code execution. | ||||
| CVE-2018-20352 | 1 Cesanta | 1 Mongoose Embedded Web Server Library | 2024-11-21 | N/A |
| Use-after-free vulnerability in the mg_cgi_ev_handler function in mongoose.c in Cesanta Mongoose Embedded Web Server Library 6.13 and earlier allows a denial of service (application crash) or remote code execution. | ||||
| CVE-2018-20351 | 1 Evernote | 1 Evernote | 2024-11-21 | N/A |
| The Markdown component in Evernote (Chinese) before 8.3.2 on macOS allows stored XSS, aka MAC-832. | ||||
| CVE-2018-20349 | 1 Igraph | 1 Igraph | 2024-11-21 | N/A |
| The igraph_i_strdiff function in igraph_trie.c in igraph through 0.7.1 has an NULL pointer dereference that allows attackers to cause a denial of service (application crash) via a crafted object. | ||||
| CVE-2018-20348 | 1 Libpff Project | 1 Libpff | 2024-11-21 | N/A |
| libpff_item_tree_create_node in libpff_item_tree.c in libpff before experimental-20180714 allows attackers to cause a denial of service (infinite recursion) via a crafted file, related to libfdata_tree_get_node_value in libfdata_tree.c. | ||||