Export limit exceeded: 348303 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 348303 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (348303 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2018-16448 | 1 Chshcms | 1 Cscms | 2024-11-21 | N/A |
| Cscms 4 allows CSRF for creating a member via upload/admin.php/user/save, authenticating vip members via upload/admin.php/user/init/tid and upload/admin.php/user/init/rzid, and creating a super administrator and web editor via upload/admin.php/sys/save. | ||||
| CVE-2018-16447 | 1 Frogcms Project | 1 Frogcms | 2024-11-21 | N/A |
| Frog CMS 0.9.5 has admin/?/user/edit/1 CSRF. | ||||
| CVE-2018-16446 | 1 Seamcms | 1 Seacms | 2024-11-21 | N/A |
| An issue was discovered in SeaCMS through 6.61. adm1n/admin_database.php allows remote attackers to delete arbitrary files via directory traversal sequences in the bakfiles parameter. This can allow the product to be reinstalled by deleting install_lock.txt. | ||||
| CVE-2018-16445 | 1 Seacms | 1 Seacms | 2024-11-21 | N/A |
| An issue was discovered in SeaCMS through 6.61. SQL injection exists via the tid parameter in an adm1n/admin_topic_vod.php request. | ||||
| CVE-2018-16444 | 1 Seacms | 1 Seacms | 2024-11-21 | N/A |
| An issue was discovered in SeaCMS 6.61. adm1n/admin_reslib.php has SSRF via the url parameter. | ||||
| CVE-2018-16438 | 1 Hdfgroup | 1 Hdf5 | 2024-11-21 | N/A |
| An issue was discovered in the HDF HDF5 1.8.20 library. There is an out of bounds read in H5L_extern_query at H5Lexternal.c. | ||||
| CVE-2018-16437 | 1 Gxlcms | 1 Gxlcms | 2024-11-21 | N/A |
| Gxlcms 2.0 before bug fix 20180915 has Directory Traversal exploitable by an administrator. | ||||
| CVE-2018-16436 | 1 Gxlcms | 1 Gxlcms | 2024-11-21 | N/A |
| Gxlcms 2.0 before bug fix 20180915 has SQL Injection exploitable by an administrator. | ||||
| CVE-2018-16435 | 4 Canonical, Debian, Littlecms and 1 more | 7 Ubuntu Linux, Debian Linux, Little Cms Color Engine and 4 more | 2024-11-21 | N/A |
| Little CMS (aka Little Color Management System) 2.9 has an integer overflow in the AllocateDataSet function in cmscgats.c, leading to a heap-based buffer overflow in the SetData function via a crafted file in the second argument to cmsIT8LoadFromFile. | ||||
| CVE-2018-16432 | 1 Bluecms Project | 1 Bluecms | 2024-11-21 | N/A |
| BlueCMS 1.6 allows SQL Injection via the user_name parameter to uploads/user.php?act=index_login. | ||||
| CVE-2018-16431 | 1 Yfcmf | 1 Yfcmf | 2024-11-21 | N/A |
| admin/admin/adminsave.html in YFCMF v3.0 allows CSRF to add an administrator account. | ||||
| CVE-2018-16430 | 2 Debian, Gnu | 2 Debian Linux, Libextractor | 2024-11-21 | N/A |
| GNU Libextractor through 1.7 has an out-of-bounds read vulnerability in EXTRACTOR_zip_extract_method() in zip_extractor.c. | ||||
| CVE-2018-16429 | 2 Canonical, Gnome | 2 Ubuntu Linux, Glib | 2024-11-21 | N/A |
| GNOME GLib 2.56.1 has an out-of-bounds read vulnerability in g_markup_parse_context_parse() in gmarkup.c, related to utf8_str(). | ||||
| CVE-2018-16428 | 2 Canonical, Gnome | 2 Ubuntu Linux, Glib | 2024-11-21 | N/A |
| In GNOME GLib 2.56.1, g_markup_parse_context_end_parse() in gmarkup.c has a NULL pointer dereference. | ||||
| CVE-2018-16427 | 2 Opensc Project, Redhat | 2 Opensc, Enterprise Linux | 2024-11-21 | N/A |
| Various out of bounds reads when handling responses in OpenSC before 0.19.0-rc1 could be used by attackers able to supply crafted smartcards to potentially crash the opensc library using programs. | ||||
| CVE-2018-16426 | 2 Opensc Project, Redhat | 2 Opensc, Enterprise Linux | 2024-11-21 | N/A |
| Endless recursion when handling responses from an IAS-ECC card in iasecc_select_file in libopensc/card-iasecc.c in OpenSC before 0.19.0-rc1 could be used by attackers able to supply crafted smartcards to hang or crash the opensc library using programs. | ||||
| CVE-2018-16425 | 1 Opensc Project | 1 Opensc | 2024-11-21 | N/A |
| A double free when handling responses from an HSM Card in sc_pkcs15emu_sc_hsm_init in libopensc/pkcs15-sc-hsm.c in OpenSC before 0.19.0-rc1 could be used by attackers able to supply crafted smartcards to cause a denial of service (application crash) or possibly have unspecified other impact. | ||||
| CVE-2018-16424 | 1 Opensc Project | 1 Opensc | 2024-11-21 | N/A |
| A double free when handling responses in read_file in tools/egk-tool.c (aka the eGK card tool) in OpenSC before 0.19.0-rc1 could be used by attackers able to supply crafted smartcards to cause a denial of service (application crash) or possibly have unspecified other impact. | ||||
| CVE-2018-16423 | 2 Opensc Project, Redhat | 2 Opensc, Enterprise Linux | 2024-11-21 | N/A |
| A double free when handling responses from a smartcard in sc_file_set_sec_attr in libopensc/sc.c in OpenSC before 0.19.0-rc1 could be used by attackers able to supply crafted smartcards to cause a denial of service (application crash) or possibly have unspecified other impact. | ||||
| CVE-2018-16422 | 2 Opensc Project, Redhat | 2 Opensc, Enterprise Linux | 2024-11-21 | N/A |
| A single byte buffer overflow when handling responses from an esteid Card in sc_pkcs15emu_esteid_init in libopensc/pkcs15-esteid.c in OpenSC before 0.19.0-rc1 could be used by attackers able to supply crafted smartcards to cause a denial of service (application crash) or possibly have unspecified other impact. | ||||