Export limit exceeded: 348842 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (348842 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2018-20127 | 1 Zzzcms | 1 Zzzphp | 2024-11-21 | 7.5 High |
| An issue was discovered in zzzphp cms 1.5.8. del_file in /admin/save.php allows remote attackers to delete arbitrary files via a mixed-case extension and an extra '.' character, because (for example) "php" is blocked but path=F:/1.phP. succeeds. | ||||
| CVE-2018-20126 | 3 Canonical, Opensuse, Qemu | 3 Ubuntu Linux, Leap, Qemu | 2024-11-21 | 5.5 Medium |
| hw/rdma/vmw/pvrdma_cmd.c in QEMU allows create_cq and create_qp memory leaks because errors are mishandled. | ||||
| CVE-2018-20125 | 2 Canonical, Qemu | 2 Ubuntu Linux, Qemu | 2024-11-21 | 7.5 High |
| hw/rdma/vmw/pvrdma_cmd.c in QEMU allows attackers to cause a denial of service (NULL pointer dereference or excessive memory allocation) in create_cq_ring or create_qp_rings. | ||||
| CVE-2018-20124 | 2 Canonical, Qemu | 2 Ubuntu Linux, Qemu | 2024-11-21 | 5.5 Medium |
| hw/rdma/rdma_backend.c in QEMU allows guest OS users to trigger out-of-bounds access via a PvrdmaSqWqe ring element with a large num_sge value. | ||||
| CVE-2018-20123 | 3 Canonical, Fedoraproject, Qemu | 3 Ubuntu Linux, Fedora, Qemu | 2024-11-21 | 5.5 Medium |
| pvrdma_realize in hw/rdma/vmw/pvrdma_main.c in QEMU has a Memory leak after an initialisation error. | ||||
| CVE-2018-20122 | 1 Fastweb | 2 Fastgate, Fastgate Firmware | 2024-11-21 | N/A |
| The web interface on FASTGate Fastweb devices with firmware through 0.00.47_FW_200_Askey 2017-05-17 (software through 1.0.1b) exposed a CGI binary that is vulnerable to a command injection vulnerability that can be exploited to achieve remote code execution with root privileges. No authentication is required in order to trigger the vulnerability. | ||||
| CVE-2018-20121 | 1 Podcastgenerator | 1 Podcast Generator | 2024-11-21 | N/A |
| Podcast Generator 2.7 has stored cross-site scripting (XSS) via the URL addcategory parameter. | ||||
| CVE-2018-20114 | 1 Dlink | 4 Dir-818lw, Dir-818lw Firmware, Dir-860l and 1 more | 2024-11-21 | 9.8 Critical |
| On D-Link DIR-818LW Rev.A 2.05.B03 and DIR-860L Rev.B 2.03.B03 devices, unauthenticated remote OS command execution can occur in the soap.cgi service of the cgibin binary via an "&&" substring in the service parameter. NOTE: this issue exists because of an incomplete fix for CVE-2018-6530. | ||||
| CVE-2018-20106 | 1 Opensuse | 1 Yast2-printer | 2024-11-21 | N/A |
| In yast2-printer up to and including version 4.0.2 the SMB printer settings don't escape characters in passwords properly. If a password with backticks or simliar characters is supplied this allows for executing code as root. This requires tricking root to enter such a password in yast. | ||||
| CVE-2018-20105 | 3 Opensuse, Suse, Yast2-rmt Project | 3 Leap, Suse Linux Enterprise Server, Yast2-rmt | 2024-11-21 | 4 Medium |
| A Inclusion of Sensitive Information in Log Files vulnerability in yast2-rmt of SUSE Linux Enterprise Server 15; openSUSE Leap allows local attackers to learn the password if they can access the log file. This issue affects: SUSE Linux Enterprise Server 15 yast2-rmt versions prior to 1.2.2. openSUSE Leap yast2-rmt versions prior to 1.2.2. | ||||
| CVE-2018-20103 | 3 Canonical, Haproxy, Redhat | 5 Ubuntu Linux, Haproxy, Openshift and 2 more | 2024-11-21 | N/A |
| An issue was discovered in dns.c in HAProxy through 1.8.14. In the case of a compressed pointer, a crafted packet can trigger infinite recursion by making the pointer point to itself, or create a long chain of valid pointers resulting in stack exhaustion. | ||||
| CVE-2018-20102 | 3 Canonical, Haproxy, Redhat | 5 Ubuntu Linux, Haproxy, Openshift and 2 more | 2024-11-21 | N/A |
| An out-of-bounds read in dns_validate_dns_response in dns.c was discovered in HAProxy through 1.8.14. Due to a missing check when validating DNS responses, remote attackers might be able read the 16 bytes corresponding to an AAAA record from the non-initialized part of the buffer, possibly accessing anything that was left on the stack, or even past the end of the 8193-byte buffer, depending on the value of accepted_payload_size. | ||||
| CVE-2018-20101 | 1 Codection | 1 Import Users From Csv With Meta | 2024-11-21 | N/A |
| The codection "Import users from CSV with meta" plugin before 1.12.1 for WordPress allows XSS via the value of a cell. | ||||
| CVE-2018-20100 | 1 August | 2 August Connect, August Connect Firmware | 2024-11-21 | N/A |
| An issue was discovered on August Connect devices. Insecure data transfer between the August app and August Connect during configuration allows attackers to discover home Wi-Fi credentials. This data transfer uses an unencrypted access point for these credentials, and passes them in an HTTP POST, using the AugustWifiDevice class, with data encrypted with a fixed key found obfuscated in the app. | ||||
| CVE-2018-20099 | 2 Exiv2, Redhat | 2 Exiv2, Enterprise Linux | 2024-11-21 | N/A |
| There is an infinite loop in Exiv2::Jp2Image::encodeJp2Header of jp2image.cpp in Exiv2 0.27-RC3. A crafted input will lead to a remote denial of service attack. | ||||
| CVE-2018-20098 | 2 Exiv2, Redhat | 2 Exiv2, Enterprise Linux | 2024-11-21 | N/A |
| There is a heap-based buffer over-read in Exiv2::Jp2Image::encodeJp2Header of jp2image.cpp in Exiv2 0.27-RC3. A crafted input will lead to a remote denial of service attack. | ||||
| CVE-2018-20097 | 4 Debian, Exiv2, Fedoraproject and 1 more | 7 Debian Linux, Exiv2, Fedora and 4 more | 2024-11-21 | 6.5 Medium |
| There is a SEGV in Exiv2::Internal::TiffParserWorker::findPrimaryGroups of tiffimage_int.cpp in Exiv2 0.27-RC3. A crafted input will lead to a remote denial of service attack. | ||||
| CVE-2018-20096 | 2 Exiv2, Redhat | 2 Exiv2, Enterprise Linux | 2024-11-21 | N/A |
| There is a heap-based buffer over-read in the Exiv2::tEXtToDataBuf function of pngimage.cpp in Exiv2 0.27-RC3. A crafted input will lead to a remote denial of service attack. | ||||
| CVE-2018-20095 | 1 Axiosys | 1 Bento4 | 2024-11-21 | N/A |
| An issue was discovered in EnsureCapacity in Core/Ap4Array.h in Bento4 1.5.1-627. Crafted MP4 input triggers an attempt at excessive memory allocation, as demonstrated by mp42hls. | ||||
| CVE-2018-20094 | 1 Xuxueli | 1 Xxl-conf | 2024-11-21 | N/A |
| An issue was discovered in XXL-CONF 1.6.0. There is a path traversal vulnerability via ../ in the keys parameter that can download any configuration file, related to ConfController.java and PropUtil.java. | ||||