Export limit exceeded: 349370 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (349370 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2018-20374 | 1 Tinycc | 1 Tinycc | 2024-11-21 | N/A |
| An issue was discovered in Tiny C Compiler (aka TinyCC or TCC) 0.9.27. Compiling a crafted source file leads to an 8 byte out of bounds write in the use_section1 function in tccasm.c. | ||||
| CVE-2018-20373 | 1 Tendacn | 2 Adsl, Adsl Firmware | 2024-11-21 | N/A |
| Tenda ADSL modem routers 1.0.1 allow XSS via the hostname of a DHCP client. | ||||
| CVE-2018-20372 | 1 Tp-link | 2 Td-w8961nd, Td-w8961nd Firmware | 2024-11-21 | N/A |
| TP-Link TD-W8961ND devices allow XSS via the hostname of a DHCP client. | ||||
| CVE-2018-20371 | 1 Photorange Photo Vault Project | 1 Photorange Photo Vault | 2024-11-21 | N/A |
| PhotoRange Photo Vault 1.2 appends the password to the URI for authorization, which makes it easier for remote attackers to bypass intended GET restrictions via a brute-force approach, as demonstrated by "GET /login.html__passwd1" and "GET /login.html__passwd2" and so on. | ||||
| CVE-2018-20370 | 1 The-sz | 1 Netchat | 2024-11-21 | N/A |
| SZ NetChat before 7.9 has XSS in the MyName input field of the Options module. Attackers are able to inject commands to compromise the enabled HTTP server web frontend. | ||||
| CVE-2018-20369 | 1 Barracuda | 1 Message Archiver | 2024-11-21 | N/A |
| Barracuda Message Archiver 2018 has XSS in the error_msg exception-handling value for the ldap_user parameter to the cgi-mod/ldap_load_entry.cgi module. The injection point of the issue is the Add_Update module. | ||||
| CVE-2018-20368 | 1 Averta | 1 Master Slider | 2024-11-21 | N/A |
| The Master Slider plugin 3.2.7 and 3.5.1 for WordPress has XSS via the wp-admin/admin-ajax.php Name input field of the MSPanel.Settings value on Callback. | ||||
| CVE-2018-20367 | 1 Wstmart | 1 Wstmart | 2024-11-21 | N/A |
| The "mall some commodity details: commodity consultation" component in WSTMart 2.0.8_181212 has stored XSS via the consultContent parameter, as demonstrated by the index.php/home/goodsconsult/add.html URI. | ||||
| CVE-2018-20365 | 1 Libraw | 1 Libraw | 2024-11-21 | N/A |
| LibRaw::raw2image() in libraw_cxx.cpp has a heap-based buffer overflow. | ||||
| CVE-2018-20364 | 1 Libraw | 1 Libraw | 2024-11-21 | N/A |
| LibRaw::copy_bayer in libraw_cxx.cpp in LibRaw 0.19.1 has a NULL pointer dereference. | ||||
| CVE-2018-20363 | 1 Libraw | 1 Libraw | 2024-11-21 | N/A |
| LibRaw::raw2image in libraw_cxx.cpp in LibRaw 0.19.1 has a NULL pointer dereference. | ||||
| CVE-2018-20362 | 1 Audiocoding | 1 Freeware Advanced Audio Decoder 2 | 2024-11-21 | N/A |
| A NULL pointer dereference was discovered in ifilter_bank of libfaad/filtbank.c in Freeware Advanced Audio Decoder 2 (FAAD2) 2.8.8. The vulnerability causes a segmentation fault and application crash because adding to windowed output is mishandled in the EIGHT_SHORT_SEQUENCE case. | ||||
| CVE-2018-20361 | 1 Audiocoding | 1 Freeware Advanced Audio Decoder 2 | 2024-11-21 | N/A |
| An invalid memory address dereference was discovered in the hf_assembly function of libfaad/sbr_hfadj.c in Freeware Advanced Audio Decoder 2 (FAAD2) 2.8.8. The vulnerability causes a segmentation fault and application crash, which leads to denial of service. | ||||
| CVE-2018-20360 | 2 Audiocoding, Debian | 2 Freeware Advanced Audio Decoder 2, Debian Linux | 2024-11-21 | 5.5 Medium |
| An invalid memory address dereference was discovered in the sbr_process_channel function of libfaad/sbr_dec.c in Freeware Advanced Audio Decoder 2 (FAAD2) 2.8.8. The vulnerability causes a segmentation fault and application crash, which leads to denial of service. | ||||
| CVE-2018-20359 | 1 Audiocoding | 1 Freeware Advanced Audio Decoder 2 | 2024-11-21 | N/A |
| An invalid memory address dereference was discovered in the sbrDecodeSingleFramePS function of libfaad/sbr_dec.c in Freeware Advanced Audio Decoder 2 (FAAD2) 2.8.8. The vulnerability causes a segmentation fault and application crash, which leads to denial of service. | ||||
| CVE-2018-20358 | 1 Audiocoding | 1 Freeware Advanced Audio Decoder 2 | 2024-11-21 | N/A |
| An invalid memory address dereference was discovered in the lt_prediction function of libfaad/lt_predict.c in Freeware Advanced Audio Decoder 2 (FAAD2) 2.8.8. The vulnerability causes a segmentation fault and application crash, which leads to denial of service. | ||||
| CVE-2018-20357 | 1 Audiocoding | 1 Freeware Advanced Audio Decoder 2 | 2024-11-21 | N/A |
| A NULL pointer dereference was discovered in sbr_process_channel of libfaad/sbr_dec.c in Freeware Advanced Audio Decoder 2 (FAAD2) 2.8.8. The vulnerability causes a segmentation fault and application crash. | ||||
| CVE-2018-20356 | 1 Cesanta | 1 Mongoose | 2024-11-21 | N/A |
| An invalid read of 8 bytes due to a use-after-free vulnerability in the mg_http_free_proto_data_cgi function call in mongoose.c in Cesanta Mongoose Embedded Web Server Library 6.13 and earlier allows a denial of service (application crash) or remote code execution. | ||||
| CVE-2018-20355 | 1 Cesanta | 1 Mongoose | 2024-11-21 | N/A |
| An invalid write of 8 bytes due to a use-after-free vulnerability in the mg_http_free_proto_data_cgi function call in mongoose.c in Cesanta Mongoose Embedded Web Server Library 6.13 and earlier allows a denial of service (application crash) or remote code execution. | ||||
| CVE-2018-20354 | 1 Cesanta | 1 Mongoose | 2024-11-21 | N/A |
| An invalid read of 8 bytes due to a use-after-free vulnerability during a "return" in the mg_http_get_proto_data function in mongoose.c in Cesanta Mongoose Embedded Web Server Library 6.13 and earlier allows a denial of service (application crash) or remote code execution. | ||||