Export limit exceeded: 349367 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (349367 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2018-20539 | 1 Liblas | 1 Liblas | 2024-11-21 | N/A |
| There is a Segmentation fault triggered by illegal address access at liblas::SpatialReference::GetGTIF() (spatialreference.cpp) in libLAS 1.8.1 that will cause a denial of service. | ||||
| CVE-2018-20538 | 1 Nasm | 1 Netwide Assembler | 2024-11-21 | N/A |
| There is a use-after-free at asm/preproc.c (function pp_getline) in Netwide Assembler (NASM) 2.14rc16 that will cause a denial of service during certain finishes tests. | ||||
| CVE-2018-20537 | 1 Liblas | 1 Liblas | 2024-11-21 | N/A |
| There is a NULL pointer dereference at liblas::SpatialReference::GetGTIF() (spatialreference.cpp) in libLAS 1.8.1 that will cause a denial of service. | ||||
| CVE-2018-20536 | 1 Liblas | 1 Liblas | 2024-11-21 | N/A |
| There is a heap-based buffer over-read at liblas::SpatialReference::GetGTIF() (spatialreference.cpp) in libLAS 1.8.1 that will cause a denial of service. | ||||
| CVE-2018-20535 | 1 Nasm | 1 Netwide Assembler | 2024-11-21 | N/A |
| There is a use-after-free at asm/preproc.c (function pp_getline) in Netwide Assembler (NASM) 2.14rc16 that will cause a denial of service during a line-number increment attempt. | ||||
| CVE-2018-20534 | 3 Canonical, Opensuse, Redhat | 3 Ubuntu Linux, Libsolv, Enterprise Linux | 2024-11-21 | N/A |
| There is an illegal address access at ext/testcase.c in libsolv.a in libsolv through 0.7.2 that will cause a denial of service. NOTE: third parties dispute this issue stating that the issue affects the test suite and not the underlying library. It cannot be exploited in any real-world application | ||||
| CVE-2018-20533 | 3 Canonical, Opensuse, Redhat | 3 Ubuntu Linux, Libsolv, Enterprise Linux | 2024-11-21 | N/A |
| There is a NULL pointer dereference at ext/testcase.c (function testcase_str2dep_complex) in libsolvext.a in libsolv through 0.7.2 that will cause a denial of service. | ||||
| CVE-2018-20532 | 3 Canonical, Opensuse, Redhat | 3 Ubuntu Linux, Libsolv, Enterprise Linux | 2024-11-21 | N/A |
| There is a NULL pointer dereference at ext/testcase.c (function testcase_read) in libsolvext.a in libsolv through 0.7.2 that will cause a denial of service. | ||||
| CVE-2018-20530 | 1 Website Seller Script Project | 1 Website Seller Script | 2024-11-21 | N/A |
| PHP Scripts Mall Website Seller Script 2.0.5 has XSS via a Profile field such as Company Address, a related issue to CVE-2018-15896. | ||||
| CVE-2018-20528 | 1 Jeecms | 1 Jeecms | 2024-11-21 | N/A |
| JEECMS 9 has SSRF via the ueditor/getRemoteImage.jspx upfile parameter. | ||||
| CVE-2018-20526 | 1 Roxyfileman | 1 Roxy Fileman | 2024-11-21 | N/A |
| Roxy Fileman 1.4.5 allows unrestricted file upload in upload.php. | ||||
| CVE-2018-20525 | 1 Roxyfileman | 1 Roxy Fileman | 2024-11-21 | 9.1 Critical |
| Roxy Fileman 1.4.5 allows Directory Traversal in copydir.php, copyfile.php, and fileslist.php. | ||||
| CVE-2018-20524 | 1 Urlchatbox | 1 Chat Anywhere | 2024-11-21 | N/A |
| The Chat Anywhere extension 2.4.0 for Chrome allows XSS via crafted use of <<a> in a message, because a danmuWrapper DIV element in chatbox-only\danmu.js is outside the scope of a Content Security Policy (CSP). | ||||
| CVE-2018-20523 | 1 Mi | 37 Redmi 4a, Redmi 4a Firmware, Redmi 5 Plus and 34 more | 2024-11-21 | 5.3 Medium |
| Xiaomi Stock Browser 10.2.4.g on Xiaomi Redmi Note 5 Pro devices and other Redmi Android phones allows content provider injection. In other words, a third-party application can read the user's cleartext browser history via an app.provider.query content://com.android.browser.searchhistory/searchhistory request. | ||||
| CVE-2018-20520 | 1 1234n | 1 Minicms | 2024-11-21 | N/A |
| MiniCMS V1.10 has XSS via the mc-admin/post-edit.php query string, a related issue to CVE-2018-10296 and CVE-2018-16233. | ||||
| CVE-2018-20519 | 1 74cms | 1 74cms | 2024-11-21 | N/A |
| An issue was discovered in 74cms v4.2.111. It allows remote authenticated users to read or modify arbitrary resumes by changing a job-search intention, as demonstrated by the index.php?c=Personal&a=ajax_save_basic pid parameter. | ||||
| CVE-2018-20512 | 1 Cdatatec | 22 Epon Cpe-wifi Devices Firmware, Fd108bn, Fd111hz and 19 more | 2024-11-21 | N/A |
| EPON CPE-WiFi devices 2.0.4-X000 are vulnerable to escalation of privileges by sending cooLogin=1, cooUser=admin, and timestamp=-1 cookies. | ||||
| CVE-2018-20511 | 2 Debian, Linux | 2 Debian Linux, Linux Kernel | 2024-11-21 | N/A |
| An issue was discovered in the Linux kernel before 4.18.11. The ipddp_ioctl function in drivers/net/appletalk/ipddp.c allows local users to obtain sensitive kernel address information by leveraging CAP_NET_ADMIN to read the ipddp_route dev and next fields via an SIOCFINDIPDDPRT ioctl call. | ||||
| CVE-2018-20510 | 1 Linux | 1 Linux Kernel | 2024-11-21 | N/A |
| The print_binder_transaction_ilocked function in drivers/android/binder.c in the Linux kernel 4.14.90 allows local users to obtain sensitive address information by reading "*from *code *flags" lines in a debugfs file. | ||||
| CVE-2018-20509 | 1 Linux | 1 Linux Kernel | 2024-11-21 | N/A |
| The print_binder_ref_olocked function in drivers/android/binder.c in the Linux kernel 4.14.90 allows local users to obtain sensitive address information by reading " ref *desc *node" lines in a debugfs file. | ||||