Export limit exceeded: 349443 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 349443 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (349443 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2018-19788 | 4 Canonical, Debian, Polkit Project and 1 more | 5 Ubuntu Linux, Debian Linux, Polkit and 2 more | 2024-11-21 | N/A |
| A flaw was found in PolicyKit (aka polkit) 0.115 that allows a user with a uid greater than INT_MAX to successfully execute any systemctl command. | ||||
| CVE-2018-19786 | 1 Hashicorp | 1 Vault | 2024-11-21 | 7.3 High |
| HashiCorp Vault before 1.0.0 writes the master key to the server log in certain unusual or misconfigured scenarios in which incorrect data comes from the autoseal mechanism without an error being reported. | ||||
| CVE-2018-19785 | 1 Php-proxy | 1 Php-proxy | 2024-11-21 | N/A |
| PHP-Proxy through 5.1.0 has Cross-Site Scripting (XSS) via the URL field in index.php. | ||||
| CVE-2018-19784 | 1 Php-proxy | 1 Php-proxy | 2024-11-21 | N/A |
| The str_rot_pass function in vendor/atholn1600/php-proxy/src/helpers.php in PHP-Proxy 5.1.0 uses weak cryptography, which makes it easier for attackers to calculate the authorization data needed for local file inclusion. | ||||
| CVE-2018-19783 | 1 Kentix | 2 Multisensor-lan, Multisensor-lan Firmware | 2024-11-21 | N/A |
| Kentix MultiSensor-LAN 5.63.00 devices and previous allow Authentication Bypass via an Alternate Path or Channel. | ||||
| CVE-2018-19782 | 1 Freshrss | 1 Freshrss | 2024-11-21 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in GET requests in FreshRSS 1.11.1 allow remote attackers to inject arbitrary web script or HTML via the (1) c parameter or (2) a parameter. | ||||
| CVE-2018-19777 | 2 Artifex, Debian | 2 Mupdf, Debian Linux | 2024-11-21 | N/A |
| In Artifex MuPDF 1.14.0, there is an infinite loop in the function svg_dev_end_tile in fitz/svg-device.c, as demonstrated by mutool. | ||||
| CVE-2018-19775 | 1 Infovista | 1 Vistaportal | 2024-11-21 | N/A |
| Cross Site Scripting exists in InfoVista VistaPortal SE Version 5.1 (build 51029). The page "Variables.jsp" has reflected XSS via the ConnPoolName and GroupId parameters. | ||||
| CVE-2018-19774 | 1 Infovista | 1 Vistaportal | 2024-11-21 | N/A |
| Cross Site Scripting exists in InfoVista VistaPortal SE Version 5.1 (build 51029). The page "PresentSpace.jsp" has reflected XSS via the GroupId and ConnPoolName parameters. | ||||
| CVE-2018-19773 | 1 Infovista | 1 Vistaportal | 2024-11-21 | N/A |
| Cross Site Scripting exists in InfoVista VistaPortal SE Version 5.1 (build 51029). The page "EditCurrentUser.jsp" has reflected XSS via the GroupId and ConnPoolName parameters. | ||||
| CVE-2018-19772 | 1 Infovista | 1 Vistaportal | 2024-11-21 | N/A |
| Cross Site Scripting exists in InfoVista VistaPortal SE Version 5.1 (build 51029). The page "EditCurrentPresentSpace.jsp" has reflected XSS via the ConnPoolName, GroupId, and ParentId parameters. | ||||
| CVE-2018-19771 | 1 Infovista | 1 Vistaportal | 2024-11-21 | N/A |
| Cross Site Scripting exists in InfoVista VistaPortal SE Version 5.1 (build 51029). The page "EditCurrentPool.jsp" has reflected XSS via the PropName parameter. | ||||
| CVE-2018-19770 | 1 Infovista | 1 Vistaportal | 2024-11-21 | N/A |
| Cross Site Scripting exists in InfoVista VistaPortal SE Version 5.1 (build 51029). The page "Users.jsp" has reflected XSS via the ConnPoolName parameter. | ||||
| CVE-2018-19769 | 1 Infovista | 1 Vistaportal | 2024-11-21 | N/A |
| Cross Site Scripting exists in InfoVista VistaPortal SE Version 5.1 (build 51029). The page "UserProperties.jsp" has reflected XSS via the ConnPoolName parameter. | ||||
| CVE-2018-19768 | 1 Infovista | 1 Vistaportal | 2024-11-21 | N/A |
| Cross Site Scripting exists in InfoVista VistaPortal SE Version 5.1 (build 51029). The page "SubPagePackages.jsp" has reflected XSS via the ConnPoolName and GroupId parameters. | ||||
| CVE-2018-19767 | 1 Infovista | 1 Vistaportal | 2024-11-21 | N/A |
| Cross Site Scripting exists in InfoVista VistaPortal SE Version 5.1 (build 51029). The page "PresentSpace.jsp" has reflected XSS via the ConnPoolName and GroupId parameters. | ||||
| CVE-2018-19766 | 1 Infovista | 1 Vistaportal | 2024-11-21 | N/A |
| Cross Site Scripting exists in InfoVista VistaPortal SE Version 5.1 (build 51029). The page "GroupRessourceAdmin.jsp" has reflected XSS via the ConnPoolName parameter. | ||||
| CVE-2018-19765 | 1 Infovista | 1 Vistaportal | 2024-11-21 | N/A |
| Cross Site Scripting exists in InfoVista VistaPortal SE Version 5.1 (build 51029). The page "EditCurrentPresentSpace.jsp" has reflected XSS via the ConnPoolName, GroupId, and ParentId parameters. | ||||
| CVE-2018-19760 | 1 Libconfuse Project | 1 Libconfuse | 2024-11-21 | N/A |
| cfg_init in confuse.c in libConfuse 3.2.2 has a memory leak. | ||||
| CVE-2018-19758 | 2 Debian, Libsndfile Project | 2 Debian Linux, Libsndfile | 2024-11-21 | N/A |
| There is a heap-based buffer over-read at wav.c in wav_write_header in libsndfile 1.0.28 that will cause a denial of service. | ||||