Export limit exceeded: 348656 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (348656 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2018-19110 | 1 Tianti Project | 1 Tianti | 2024-11-21 | N/A |
| The skin-management feature in tianti 2.3 allows remote authenticated users to bypass intended permission restrictions by visiting tianti-module-admin/user/skin/list directly because controller\usercontroller.java maps a /skin/list request to the function skinList, and lacks an authorization check. | ||||
| CVE-2018-19109 | 1 Tianti Project | 1 Tianti | 2024-11-21 | N/A |
| tianti 2.3 allows remote authenticated users to bypass intended permission restrictions by visiting tianti-module-admin/cms/column/list directly to read the column list page or edit a column. | ||||
| CVE-2018-19108 | 4 Canonical, Debian, Exiv2 and 1 more | 7 Ubuntu Linux, Debian Linux, Exiv2 and 4 more | 2024-11-21 | 6.5 Medium |
| In Exiv2 0.26, Exiv2::PsdImage::readMetadata in psdimage.cpp in the PSD image reader may suffer from a denial of service (infinite loop) caused by an integer overflow via a crafted PSD image file. | ||||
| CVE-2018-19107 | 4 Canonical, Debian, Exiv2 and 1 more | 7 Ubuntu Linux, Debian Linux, Exiv2 and 4 more | 2024-11-21 | 6.5 Medium |
| In Exiv2 0.26, Exiv2::IptcParser::decode in iptc.cpp (called from psdimage.cpp in the PSD image reader) may suffer from a denial of service (heap-based buffer over-read) caused by an integer overflow via a crafted PSD image file. | ||||
| CVE-2018-19106 | 1 Avinetworks | 1 Avi Vantage | 2024-11-21 | N/A |
| Avi Vantage before 17.2.13 uses an invalid URL encoding during a redirect operation, aka AV-33959. | ||||
| CVE-2018-19105 | 1 Librecad | 1 Librecad | 2024-11-21 | N/A |
| LibreCAD 2.1.3 allows remote attackers to cause a denial of service (0x89C04589 write access violation and application crash) or possibly have unspecified other impact via a crafted file. | ||||
| CVE-2018-19104 | 1 Bagesoft | 1 Bagecms | 2024-11-21 | N/A |
| In BageCMS 3.1.3, upload/index.php has a CSRF vulnerability that can be used to upload arbitrary files and get server privileges. | ||||
| CVE-2018-19093 | 1 Mz-automation | 1 Libiec61850 | 2024-11-21 | 7.5 High |
| An issue has been found in libIEC61850 v1.3. It is a SEGV in ControlObjectClient_setCommandTerminationHandler in client/client_control.c. NOTE: the software maintainer disputes this because it requires incorrect usage of the client_example_control program | ||||
| CVE-2018-19092 | 1 Yzmcms | 1 Yzmcms | 2024-11-21 | N/A |
| An issue was discovered in YzmCMS v5.2. It has XSS via a search/index/archives/pubtime/ query string, as demonstrated by the search/index/archives/pubtime/1526387722/page/1.html URI. NOTE: this does not obtain a user's cookie. | ||||
| CVE-2018-19091 | 1 Tianti Project | 1 Tianti | 2024-11-21 | N/A |
| tianti 2.3 has reflected XSS in the user management module via the tianti-module-admin/user/list userName parameter. | ||||
| CVE-2018-19090 | 1 Tianti Project | 1 Tianti | 2024-11-21 | N/A |
| tianti 2.3 has stored XSS in the article management module via an article title. | ||||
| CVE-2018-19089 | 1 Tianti Project | 1 Tianti | 2024-11-21 | N/A |
| tianti 2.3 has stored XSS in the userlist module via the tianti-module-admin/user/ajax/save_role name parameter, which is mishandled in tianti-module-admin\src\main\webapp\WEB-INF\views\user\user_list.jsp. | ||||
| CVE-2018-19087 | 1 Iobit | 1 Malware Fighter | 2024-11-21 | N/A |
| RegFilter.sys in IOBit Malware Fighter 6.2 is susceptible to a stack-based buffer overflow when an attacker uses IOCTL 0x8006E044 with a size larger than 8 bytes. This can lead to denial of service or code execution with root privileges. | ||||
| CVE-2018-19086 | 1 Iobit | 1 Malware Fighter | 2024-11-21 | N/A |
| RegFilter.sys in IOBit Malware Fighter 6.2 is susceptible to a stack-based buffer overflow when an attacker uses IOCTL 0x8006E040 with a size larger than 8 bytes. This can lead to denial of service or code execution with root privileges. | ||||
| CVE-2018-19085 | 1 Iobit | 1 Malware Fighter | 2024-11-21 | N/A |
| RegFilter.sys in IOBit Malware Fighter 6.2 is susceptible to a stack-based buffer overflow when an attacker uses IOCTL 0x8006E048 with a size larger than 8 bytes. This can lead to denial of service or code execution with root privileges. | ||||
| CVE-2018-19084 | 1 Iobit | 1 Malware Fighter | 2024-11-21 | N/A |
| RegFilter.sys in IOBit Malware Fighter 6.2 is susceptible to a stack-based buffer overflow when an attacker uses IOCTL 0x8006E05C with a size larger than 8 bytes. This can lead to denial of service or code execution with root privileges. | ||||
| CVE-2018-19083 | 1 Wecenter | 1 Wecenter | 2024-11-21 | N/A |
| WeCenter 3.2.0 through 3.2.2 has XSS in the views/default/question/index.tpl.html htmlspecialchars_decode function via the /?/publish/ajax/publish_question/ question_content parameter. | ||||
| CVE-2018-19082 | 2 Foscam, Opticam | 6 C2, C2 Application Firmware, C2 System Firmware and 3 more | 2024-11-21 | N/A |
| An issue was discovered on Foscam Opticam i5 devices with System Firmware 1.5.2.11 and Application Firmware 2.21.1.128. The ONVIF devicemgmt SetDNS method allows remote attackers to conduct stack-based buffer overflow attacks via the IPv4Address field. | ||||
| CVE-2018-19081 | 2 Foscam, Opticam | 6 C2, C2 Application Firmware, C2 System Firmware and 3 more | 2024-11-21 | N/A |
| An issue was discovered on Foscam Opticam i5 devices with System Firmware 1.5.2.11 and Application Firmware 2.21.1.128. The ONVIF devicemgmt SetDNS method allows remote attackers to execute arbitrary OS commands via the IPv4Address field. | ||||
| CVE-2018-19080 | 2 Foscam, Opticam | 6 C2, C2 Application Firmware, C2 System Firmware and 3 more | 2024-11-21 | N/A |
| An issue was discovered on Foscam Opticam i5 devices with System Firmware 1.5.2.11 and Application Firmware 2.21.1.128. The ONVIF devicemgmt SetHostname method allows unauthenticated persistent XSS. | ||||