Export limit exceeded: 349375 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (349375 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2018-19774 | 1 Infovista | 1 Vistaportal | 2024-11-21 | N/A |
| Cross Site Scripting exists in InfoVista VistaPortal SE Version 5.1 (build 51029). The page "PresentSpace.jsp" has reflected XSS via the GroupId and ConnPoolName parameters. | ||||
| CVE-2018-19773 | 1 Infovista | 1 Vistaportal | 2024-11-21 | N/A |
| Cross Site Scripting exists in InfoVista VistaPortal SE Version 5.1 (build 51029). The page "EditCurrentUser.jsp" has reflected XSS via the GroupId and ConnPoolName parameters. | ||||
| CVE-2018-19772 | 1 Infovista | 1 Vistaportal | 2024-11-21 | N/A |
| Cross Site Scripting exists in InfoVista VistaPortal SE Version 5.1 (build 51029). The page "EditCurrentPresentSpace.jsp" has reflected XSS via the ConnPoolName, GroupId, and ParentId parameters. | ||||
| CVE-2018-19771 | 1 Infovista | 1 Vistaportal | 2024-11-21 | N/A |
| Cross Site Scripting exists in InfoVista VistaPortal SE Version 5.1 (build 51029). The page "EditCurrentPool.jsp" has reflected XSS via the PropName parameter. | ||||
| CVE-2018-19770 | 1 Infovista | 1 Vistaportal | 2024-11-21 | N/A |
| Cross Site Scripting exists in InfoVista VistaPortal SE Version 5.1 (build 51029). The page "Users.jsp" has reflected XSS via the ConnPoolName parameter. | ||||
| CVE-2018-19769 | 1 Infovista | 1 Vistaportal | 2024-11-21 | N/A |
| Cross Site Scripting exists in InfoVista VistaPortal SE Version 5.1 (build 51029). The page "UserProperties.jsp" has reflected XSS via the ConnPoolName parameter. | ||||
| CVE-2018-19768 | 1 Infovista | 1 Vistaportal | 2024-11-21 | N/A |
| Cross Site Scripting exists in InfoVista VistaPortal SE Version 5.1 (build 51029). The page "SubPagePackages.jsp" has reflected XSS via the ConnPoolName and GroupId parameters. | ||||
| CVE-2018-19767 | 1 Infovista | 1 Vistaportal | 2024-11-21 | N/A |
| Cross Site Scripting exists in InfoVista VistaPortal SE Version 5.1 (build 51029). The page "PresentSpace.jsp" has reflected XSS via the ConnPoolName and GroupId parameters. | ||||
| CVE-2018-19766 | 1 Infovista | 1 Vistaportal | 2024-11-21 | N/A |
| Cross Site Scripting exists in InfoVista VistaPortal SE Version 5.1 (build 51029). The page "GroupRessourceAdmin.jsp" has reflected XSS via the ConnPoolName parameter. | ||||
| CVE-2018-19765 | 1 Infovista | 1 Vistaportal | 2024-11-21 | N/A |
| Cross Site Scripting exists in InfoVista VistaPortal SE Version 5.1 (build 51029). The page "EditCurrentPresentSpace.jsp" has reflected XSS via the ConnPoolName, GroupId, and ParentId parameters. | ||||
| CVE-2018-19760 | 1 Libconfuse Project | 1 Libconfuse | 2024-11-21 | N/A |
| cfg_init in confuse.c in libConfuse 3.2.2 has a memory leak. | ||||
| CVE-2018-19758 | 2 Debian, Libsndfile Project | 2 Debian Linux, Libsndfile | 2024-11-21 | N/A |
| There is a heap-based buffer over-read at wav.c in wav_write_header in libsndfile 1.0.28 that will cause a denial of service. | ||||
| CVE-2018-19755 | 1 Nasm | 1 Netwide Assembler | 2024-11-21 | N/A |
| There is an illegal address access at asm/preproc.c (function: is_mmacro) in Netwide Assembler (NASM) 2.14rc16 that will cause a denial of service (out-of-bounds array access) because a certain conversion can result in a negative integer. | ||||
| CVE-2018-19754 | 1 Oracle | 1 Tarantella Enterprise | 2024-11-21 | N/A |
| Tarantella Enterprise before 3.11 allows bypassing Access Control. | ||||
| CVE-2018-19753 | 1 Oracle | 1 Tarantella Enterprise | 2024-11-21 | N/A |
| Tarantella Enterprise before 3.11 allows Directory Traversal. | ||||
| CVE-2018-19752 | 1 Domainmod | 1 Domainmod | 2024-11-21 | N/A |
| DomainMOD through 4.11.01 has XSS via the assets/add/registrar.php notes field for the Registrar. | ||||
| CVE-2018-19751 | 1 Domainmod | 1 Domainmod | 2024-11-21 | N/A |
| DomainMOD through 4.11.01 has XSS via the admin/ssl-fields/add.php notes field for Custom SSL Fields. | ||||
| CVE-2018-19750 | 1 Domainmod | 1 Domainmod | 2024-11-21 | N/A |
| DomainMOD through 4.11.01 has XSS via the admin/domain-fields/ notes field in an Add Custom Field action for Custom Domain Fields. | ||||
| CVE-2018-19749 | 1 Domainmod | 1 Domainmod | 2024-11-21 | N/A |
| DomainMOD through 4.11.01 has XSS via the assets/add/account-owner.php Owner name field. | ||||
| CVE-2018-19748 | 1 Sdcms | 1 Sdcms | 2024-11-21 | N/A |
| app/plug/attachment/controller/admincontroller.php in SDCMS 1.6 allows reading arbitrary files via a /?m=plug&c=admin&a=index&p=attachment&root= directory traversal. The value of the root parameter must be base64 encoded (note that base64 encoding, instead of URL encoding, is very rare in a directory traversal attack vector). | ||||