Export limit exceeded: 347908 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (347908 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2018-16653 | 1 Rejucms Project | 1 Rejucms | 2024-11-21 | N/A |
| rejucms 2.1 has XSS via the ucenter/cms_user_add.php u_name parameter. | ||||
| CVE-2018-16651 | 1 Phpmyfaq | 1 Phpmyfaq | 2024-11-21 | N/A |
| The admin backend in phpMyFAQ before 2.9.11 allows CSV injection in reports. | ||||
| CVE-2018-16650 | 1 Phpmyfaq | 1 Phpmyfaq | 2024-11-21 | N/A |
| phpMyFAQ before 2.9.11 allows CSRF. | ||||
| CVE-2018-16648 | 1 Artifex | 1 Mupdf | 2024-11-21 | N/A |
| In Artifex MuPDF 1.13.0, the fz_append_byte function in fitz/buffer.c allows remote attackers to cause a denial of service (segmentation fault) via a crafted pdf file. This is caused by a pdf/pdf-device.c pdf_dev_alpha array-index underflow. | ||||
| CVE-2018-16647 | 1 Artifex | 1 Mupdf | 2024-11-21 | N/A |
| In Artifex MuPDF 1.13.0, the pdf_get_xref_entry function in pdf/pdf-xref.c allows remote attackers to cause a denial of service (segmentation fault in fz_write_data in fitz/output.c) via a crafted pdf file. | ||||
| CVE-2018-16646 | 4 Canonical, Debian, Freedesktop and 1 more | 4 Ubuntu Linux, Debian Linux, Poppler and 1 more | 2024-11-21 | N/A |
| In Poppler 0.68.0, the Parser::getObj() function in Parser.cc may cause infinite recursion via a crafted file. A remote attacker can leverage this for a DoS attack. | ||||
| CVE-2018-16645 | 4 Canonical, Debian, Imagemagick and 1 more | 4 Ubuntu Linux, Debian Linux, Imagemagick and 1 more | 2024-11-21 | N/A |
| There is an excessive memory allocation issue in the functions ReadBMPImage of coders/bmp.c and ReadDIBImage of coders/dib.c in ImageMagick 7.0.8-11, which allows remote attackers to cause a denial of service via a crafted image file. | ||||
| CVE-2018-16644 | 4 Canonical, Debian, Imagemagick and 1 more | 4 Ubuntu Linux, Debian Linux, Imagemagick and 1 more | 2024-11-21 | N/A |
| There is a missing check for length in the functions ReadDCMImage of coders/dcm.c and ReadPICTImage of coders/pict.c in ImageMagick 7.0.8-11, which allows remote attackers to cause a denial of service via a crafted image. | ||||
| CVE-2018-16643 | 4 Canonical, Debian, Imagemagick and 1 more | 4 Ubuntu Linux, Debian Linux, Imagemagick and 1 more | 2024-11-21 | N/A |
| The functions ReadDCMImage in coders/dcm.c, ReadPWPImage in coders/pwp.c, ReadCALSImage in coders/cals.c, and ReadPICTImage in coders/pict.c in ImageMagick 7.0.8-4 do not check the return value of the fputc function, which allows remote attackers to cause a denial of service via a crafted image file. | ||||
| CVE-2018-16642 | 4 Canonical, Debian, Imagemagick and 1 more | 4 Ubuntu Linux, Debian Linux, Imagemagick and 1 more | 2024-11-21 | N/A |
| The function InsertRow in coders/cut.c in ImageMagick 7.0.7-37 allows remote attackers to cause a denial of service via a crafted image file due to an out-of-bounds write. | ||||
| CVE-2018-16641 | 1 Imagemagick | 1 Imagemagick | 2024-11-21 | N/A |
| ImageMagick 7.0.8-6 has a memory leak vulnerability in the TIFFWritePhotoshopLayers function in coders/tiff.c. | ||||
| CVE-2018-16640 | 3 Canonical, Imagemagick, Redhat | 3 Ubuntu Linux, Imagemagick, Enterprise Linux | 2024-11-21 | N/A |
| ImageMagick 7.0.8-5 has a memory leak vulnerability in the function ReadOneJNGImage in coders/png.c. | ||||
| CVE-2018-16639 | 1 Typesettercms | 1 Typesetter | 2024-11-21 | N/A |
| Typesetter 5.1 allows XSS via the index.php/Admin LABEL parameter during new page creation. | ||||
| CVE-2018-16638 | 1 Modx | 1 Evolution Cms | 2024-11-21 | N/A |
| Evolution CMS 1.4.x allows XSS via the manager/ search parameter. | ||||
| CVE-2018-16637 | 1 Modx | 1 Evolution Cms | 2024-11-21 | N/A |
| Evolution CMS 1.4.x allows XSS via the page weblink title parameter to the manager/ URI. | ||||
| CVE-2018-16636 | 1 Nucleuscms | 1 Nucleus Cms | 2024-11-21 | N/A |
| Nucleus CMS 3.70 allows HTML Injection via the index.php body parameter. | ||||
| CVE-2018-16635 | 1 Blackcat-cms | 1 Blackcat Cms | 2024-11-21 | N/A |
| Blackcat CMS 1.3.2 allows XSS via the willkommen.php?lang=DE page title at backend/pages/modify.php. | ||||
| CVE-2018-16634 | 1 Pluck-cms | 1 Pluck | 2024-11-21 | N/A |
| Pluck v4.7.7 allows CSRF via admin.php?action=settings. | ||||
| CVE-2018-16633 | 1 Pluck-cms | 1 Pluck | 2024-11-21 | N/A |
| Pluck v4.7.7 allows XSS via the admin.php?action=editpage&page= page title. | ||||
| CVE-2018-16632 | 1 Jupo | 1 Mezzanine | 2024-11-21 | N/A |
| Mezzanine CMS v4.3.1 allows XSS via the /admin/blog/blogcategory/add/?_to_field=id&_popup=1 title parameter at admin/blog/blogpost/add/. | ||||