Export limit exceeded: 347839 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 347839 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 347839 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (347839 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2018-17380 | 1 Thephpfactory | 1 Article Factory Manager | 2024-11-21 | N/A |
| SQL Injection exists in the Article Factory Manager 4.3.9 component for Joomla! via the start_date, m_start_date, or m_end_date parameter. | ||||
| CVE-2018-17379 | 1 Thephpfactory | 1 Raffle Factory | 2024-11-21 | N/A |
| SQL Injection exists in the Raffle Factory 3.5.2 component for Joomla! via the filter_order_Dir or filter_order parameter. | ||||
| CVE-2018-17378 | 1 Thephpfactory | 1 Penny Auction Factory | 2024-11-21 | N/A |
| SQL Injection exists in the Penny Auction Factory 2.0.4 component for Joomla! via the filter_order_Dir or filter_order parameter. | ||||
| CVE-2018-17377 | 1 Extensiondeveloper | 1 Questions | 2024-11-21 | N/A |
| SQL Injection exists in the Questions 1.4.3 component for Joomla! via the term, userid, users, or groups parameter. | ||||
| CVE-2018-17376 | 1 Thephpfactory | 1 Reverse Auction Factory | 2024-11-21 | N/A |
| SQL Injection exists in the Reverse Auction Factory 4.3.8 component for Joomla! via the filter_order_Dir, cat, or filter_letter parameter. | ||||
| CVE-2018-17375 | 1 Joomlathat | 1 Music Collection | 2024-11-21 | N/A |
| SQL Injection exists in the Music Collection 3.0.3 component for Joomla! via the id parameter. | ||||
| CVE-2018-17374 | 1 Thephpfactory | 1 Auction Factory | 2024-11-21 | N/A |
| SQL Injection exists in the Auction Factory 4.5.5 component for Joomla! via the filter_order_Dir or filter_order parameter. | ||||
| CVE-2018-17369 | 1 Springboot Authority Project | 1 Springboot Authority | 2024-11-21 | N/A |
| An issue was discovered in springboot_authority through 2017-03-06. There is stored XSS via the admin/role/edit roleKey, name, or description parameter. | ||||
| CVE-2018-17368 | 1 Publiccms | 1 Publiccms | 2024-11-21 | N/A |
| An issue was discovered in PublicCMS V4.0.180825. For an invalid login attempt, the response length is different depending on whether the username is valid, which makes it easier to conduct brute-force attacks. | ||||
| CVE-2018-17365 | 1 Seacms | 1 Seacms | 2024-11-21 | 7.5 High |
| SeaCMS 6.64 and 7.2 allows remote attackers to delete arbitrary files via the filedir parameter. | ||||
| CVE-2018-17364 | 1 Otcms | 1 Otcms | 2024-11-21 | N/A |
| OTCMS 3.61 allows remote attackers to execute arbitrary PHP code via the accBackupDir parameter. | ||||
| CVE-2018-17361 | 1 Weaselcms Project | 1 Weaselcms | 2024-11-21 | N/A |
| Multiple XSS vulnerabilities in WeaselCMS v0.3.6 allow remote attackers to inject arbitrary web script or HTML via the PATH_INFO to index.php because $_SERVER['PHP_SELF'] is mishandled. | ||||
| CVE-2018-17360 | 1 Gnu | 1 Binutils | 2024-11-21 | N/A |
| An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31. a heap-based buffer over-read in bfd_getl32 in libbfd.c allows an attacker to cause a denial of service through a crafted PE file. This vulnerability can be triggered by the executable objdump. | ||||
| CVE-2018-17359 | 1 Gnu | 1 Binutils | 2024-11-21 | N/A |
| An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31. An invalid memory access exists in bfd_zalloc in opncls.c. Attackers could leverage this vulnerability to cause a denial of service (application crash) via a crafted ELF file. | ||||
| CVE-2018-17358 | 1 Gnu | 1 Binutils | 2024-11-21 | N/A |
| An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31. An invalid memory access exists in _bfd_stab_section_find_nearest_line in syms.c. Attackers could leverage this vulnerability to cause a denial of service (application crash) via a crafted ELF file. | ||||
| CVE-2018-17341 | 2 Bigtreecms, Microsoft | 2 Bigtree Cms, Windows | 2024-11-21 | N/A |
| BigTree 4.2.23 on Windows, when Advanced or Simple Rewrite routing is enabled, allows remote attackers to bypass authentication via a ..\ substring, as demonstrated by a launch.php?bigtree_htaccess_url=admin/images/..\ URI. | ||||
| CVE-2018-17338 | 1 Pdfalto Project | 1 Pdfalto | 2024-11-21 | N/A |
| An issue has been found in pdfalto through 0.2. It is a heap-based buffer overflow in the function TextPage::dump in XmlAltoOutputDev.cc. | ||||
| CVE-2018-17337 | 1 Intelbras | 2 Nplug, Nplug Firmware | 2024-11-21 | N/A |
| Intelbras NPLUG 1.0.0.14 devices have XSS via a crafted SSID that is received via a network broadcast. | ||||
| CVE-2018-17336 | 3 Canonical, Freedesktop, Redhat | 3 Ubuntu Linux, Udisks, Enterprise Linux | 2024-11-21 | N/A |
| UDisks 2.8.0 has a format string vulnerability in udisks_log in udiskslogging.c, allowing attackers to obtain sensitive information (stack contents), cause a denial of service (memory corruption), or possibly have unspecified other impact via a malformed filesystem label, as demonstrated by %d or %n substrings. | ||||
| CVE-2018-17334 | 1 Libsvg2 Project | 1 Libsvg2 | 2024-11-21 | N/A |
| An issue was discovered in libsvg2 through 2012-10-19. A stack-based buffer overflow in the svgGetNextPathField function in svg_string.c allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact because a strncpy copy limit is miscalculated. | ||||