Export limit exceeded: 347870 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (347870 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2018-17443 | 1 Dlink | 1 Central Wifimanager | 2024-11-21 | N/A |
| An issue was discovered on D-Link Central WiFi Manager before v 1.03r0100-Beta1. The 'sitename' parameter of the UpdateSite endpoint is vulnerable to stored XSS. | ||||
| CVE-2018-17442 | 1 Dlink | 1 Central Wifimanager | 2024-11-21 | N/A |
| An issue was discovered on D-Link Central WiFi Manager before v 1.03r0100-Beta1. An unrestricted file upload vulnerability in the onUploadLogPic endpoint allows remote authenticated users to execute arbitrary PHP code. | ||||
| CVE-2018-17441 | 1 Dlink | 1 Central Wifimanager | 2024-11-21 | N/A |
| An issue was discovered on D-Link Central WiFi Manager before v 1.03r0100-Beta1. The 'username' parameter of the addUser endpoint is vulnerable to stored XSS. | ||||
| CVE-2018-17440 | 1 Dlink | 1 Central Wifimanager | 2024-11-21 | N/A |
| An issue was discovered on D-Link Central WiFi Manager before v 1.03r0100-Beta1. They expose an FTP server that serves by default on port 9000 and has hardcoded credentials (admin, admin). Taking advantage of this, a remote unauthenticated attacker could execute arbitrary PHP code by uploading any file in the web root directory and then accessing it via a request. | ||||
| CVE-2018-17439 | 1 Hdfgroup | 1 Hdf5 | 2024-11-21 | N/A |
| An issue was discovered in the HDF HDF5 1.10.3 library. There is a stack-based buffer overflow in the function H5S_extent_get_dims() in H5S.c. Specifically, this issue occurs while converting an HDF5 file to a GIF file. | ||||
| CVE-2018-17438 | 1 Hdfgroup | 1 Hdf5 | 2024-11-21 | N/A |
| A SIGFPE signal is raised in the function H5D__select_io() of H5Dselect.c in the HDF HDF5 through 1.10.3 library during an attempted parse of a crafted HDF file, because of incorrect protection against division by zero. It could allow a remote denial of service attack. | ||||
| CVE-2018-17437 | 1 Hdfgroup | 1 Hdf5 | 2024-11-21 | N/A |
| Memory leak in the H5O_dtype_decode_helper() function in H5Odtype.c in the HDF HDF5 through 1.10.3 library allows attackers to cause a denial of service (memory consumption) via a crafted HDF5 file. | ||||
| CVE-2018-17436 | 1 Hdfgroup | 1 Hdf5 | 2024-11-21 | N/A |
| ReadCode() in decompress.c in the HDF HDF5 through 1.10.3 library allows attackers to cause a denial of service (invalid write access) via a crafted HDF5 file. This issue was triggered while converting a GIF file to an HDF file. | ||||
| CVE-2018-17435 | 1 Hdfgroup | 1 Hdf5 | 2024-11-21 | N/A |
| A heap-based buffer over-read in H5O_attr_decode() in H5Oattr.c in the HDF HDF5 through 1.10.3 library allows attackers to cause a denial of service via a crafted HDF5 file. This issue was triggered while converting an HDF file to GIF file. | ||||
| CVE-2018-17434 | 1 Hdfgroup | 1 Hdf5 | 2024-11-21 | N/A |
| A SIGFPE signal is raised in the function apply_filters() of h5repack_filters.c in the HDF HDF5 through 1.10.3 library during an attempted parse of a crafted HDF file, because of incorrect protection against division by zero. It could allow a remote denial of service attack. | ||||
| CVE-2018-17433 | 1 Hdfgroup | 1 Hdf5 | 2024-11-21 | N/A |
| A heap-based buffer overflow in ReadGifImageDesc() in gifread.c in the HDF HDF5 through 1.10.3 library allows attackers to cause a denial of service via a crafted HDF5 file. This issue was triggered while converting a GIF file to an HDF file. | ||||
| CVE-2018-17432 | 1 Hdfgroup | 1 Hdf5 | 2024-11-21 | N/A |
| A NULL pointer dereference in H5O_sdspace_encode() in H5Osdspace.c in the HDF HDF5 through 1.10.3 library allows attackers to cause a denial of service via a crafted HDF5 file. | ||||
| CVE-2018-17431 | 1 Comodo | 1 Unified Threat Management Firewall | 2024-11-21 | 9.8 Critical |
| Web Console in Comodo UTM Firewall before 2.7.0 allows remote attackers to execute arbitrary code without authentication via a crafted URL. | ||||
| CVE-2018-17429 | 1 Jtbc | 1 Jtbc | 2024-11-21 | N/A |
| /console/account/manage.php?type=action&action=add in JTBC v3.0(C) has CSRF for adding an administrator account. | ||||
| CVE-2018-17428 | 1 Nexusfi | 1 Opac Easyweb Five | 2024-11-21 | N/A |
| An issue was discovered in OPAC EasyWeb Five 5.7. There is SQL injection via the w2001/index.php?scelta=campi biblio parameter. | ||||
| CVE-2018-17427 | 1 Simdcomp Project | 1 Simdcomp | 2024-11-21 | N/A |
| SIMDComp before 0.1.0 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) because it can read (and then discard) extra bytes. | ||||
| CVE-2018-17423 | 1 E107 | 1 E107 | 2024-11-21 | N/A |
| An issue was discovered in e107 v2.1.9. There is a XSS attack on e107_admin/comment.php. | ||||
| CVE-2018-17422 | 1 Dotcms | 1 Dotcms | 2024-11-21 | N/A |
| dotCMS before 5.0.2 has open redirects via the html/common/forward_js.jsp FORWARD_URL parameter or the html/portlet/ext/common/page_preview_popup.jsp hostname parameter. | ||||
| CVE-2018-17421 | 1 Zrlog | 1 Zrlog | 2024-11-21 | N/A |
| An issue was discovered in ZrLog 2.0.3. There is stored XSS in the file upload area via a crafted attached/file/ pathname. | ||||
| CVE-2018-17420 | 1 Zrlog | 1 Zrlog | 2024-11-21 | N/A |
| An issue was discovered in ZrLog 2.0.3. There is a SQL injection vulnerability in the article management search box via the keywords parameter. | ||||