Export limit exceeded: 347269 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (347269 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2018-14010 | 1 Mi | 7 Xiaomi R3, Xiaomi R3c, Xiaomi R3c Firmware and 4 more | 2024-11-21 | N/A |
| OS command injection in the guest Wi-Fi settings feature in /cgi-bin/luci on Xiaomi R3P before 2.14.5, R3C before 2.12.15, R3 before 2.22.15, and R3D before 2.26.4 devices allows an attacker to execute any command via crafted JSON data. | ||||
| CVE-2018-14009 | 1 Codiad | 1 Codiad | 2024-11-21 | 9.8 Critical |
| Codiad through 2.8.4 allows Remote Code Execution, a different vulnerability than CVE-2017-11366 and CVE-2017-15689. | ||||
| CVE-2018-14008 | 1 Arista | 1 Eos | 2024-11-21 | N/A |
| Arista EOS through 4.21.0F allows a crash because 802.1x authentication is mishandled. | ||||
| CVE-2018-14007 | 1 Citrix | 1 Xenserver | 2024-11-21 | N/A |
| Citrix XenServer 7.1 and newer allows Directory Traversal. | ||||
| CVE-2018-14006 | 1 Ngtoken Project | 1 Ngtoken | 2024-11-21 | 7.5 High |
| An integer overflow vulnerability exists in the function multipleTransfer of Neo Genesis Token (NGT), an Ethereum token smart contract. An attacker could use it to set any user's balance. | ||||
| CVE-2018-14005 | 1 Malaysiancoin Project | 1 Malaysiancoin | 2024-11-21 | 7.5 High |
| An integer overflow vulnerability exists in the function transferAny of Malaysia coins (Xmc), an Ethereum token smart contract. An attacker could use it to set any user's balance. | ||||
| CVE-2018-14004 | 1 Globecoin Project | 1 Globecoin | 2024-11-21 | N/A |
| An integer overflow vulnerability exists in the function transfer_tokens_after_ICO of GlobeCoin (GLB), an Ethereum token smart contract. An attacker could use it to set any user's balance. | ||||
| CVE-2018-14003 | 1 Wmctoken Project | 1 Wmctoken | 2024-11-21 | 7.5 High |
| An integer overflow vulnerability exists in the function batchTransfer of WeMediaChain (WMC), an Ethereum token smart contract. An attacker could use it to set any user's balance. | ||||
| CVE-2018-14002 | 1 Mp3 Coin Project | 1 Mp3 Coin | 2024-11-21 | N/A |
| An integer overflow vulnerability exists in the function distribute of MP3 Coin (MP3), an Ethereum token smart contract. An attacker could use it to set any user's balance. | ||||
| CVE-2018-14001 | 1 Sharktech Project | 1 Sharktech | 2024-11-21 | N/A |
| An integer overflow vulnerability exists in the function batchTransfer of SHARKTECH (SKT), an Ethereum token smart contract. An attacker could use it to set any user's balance. | ||||
| CVE-2018-13999 | 1 Catfish-cms | 1 Catfish Cms | 2024-11-21 | N/A |
| Catfish CMS v4.7.9 allows XSS via the admin/Index/write.html editorValue parameter (aka an article posted by an administrator). | ||||
| CVE-2018-13998 | 1 Clippercms | 1 Clippercms | 2024-11-21 | N/A |
| ClipperCMS 1.3.3 has stored XSS via the Full Name field of (1) Security -> Manager Users or (2) Security -> Web Users. | ||||
| CVE-2018-13997 | 1 Codeplea | 1 Genann | 2024-11-21 | N/A |
| Genann through 2018-07-08 has a SEGV in genann_run in genann.c. | ||||
| CVE-2018-13996 | 1 Codeplea | 1 Genann | 2024-11-21 | N/A |
| Genann through 2018-07-08 has a stack-based buffer over-read in genann_train in genann.c. | ||||
| CVE-2018-13994 | 1 Phoenixcontact | 58 Fl Switch 3004t-fx, Fl Switch 3004t-fx Firmware, Fl Switch 3004t-fx St and 55 more | 2024-11-21 | N/A |
| The WebUI of PHOENIX CONTACT FL SWITCH 3xxx, 4xxx, 48xx versions 1.0 to 1.34 is vulnerable to a denial-of-service attack by making more than 120 connections. | ||||
| CVE-2018-13993 | 1 Phoenixcontact | 58 Fl Switch 3004t-fx, Fl Switch 3004t-fx Firmware, Fl Switch 3004t-fx St and 55 more | 2024-11-21 | N/A |
| The WebUI of PHOENIX CONTACT FL SWITCH 3xxx, 4xxx, 48xx versions 1.0 to 1.34 is prone to CSRF. | ||||
| CVE-2018-13992 | 1 Phoenixcontact | 58 Fl Switch 3004t-fx, Fl Switch 3004t-fx Firmware, Fl Switch 3004t-fx St and 55 more | 2024-11-21 | N/A |
| The WebUI of PHOENIX CONTACT FL SWITCH 3xxx, 4xxx, 48xx versions 1.0 to 1.34 allows for plaintext transmission (HTTP) of user credentials by default. | ||||
| CVE-2018-13991 | 1 Phoenixcontact | 58 Fl Switch 3004t-fx, Fl Switch 3004t-fx Firmware, Fl Switch 3004t-fx St and 55 more | 2024-11-21 | N/A |
| The WebUI of PHOENIX CONTACT FL SWITCH 3xxx, 4xxx, 48xx versions 1.0 to 1.34 leaks private information in firmware images. | ||||
| CVE-2018-13990 | 1 Phoenixcontact | 58 Fl Switch 3004t-fx, Fl Switch 3004t-fx Firmware, Fl Switch 3004t-fx St and 55 more | 2024-11-21 | N/A |
| The WebUI of PHOENIX CONTACT FL SWITCH 3xxx, 4xxx, 48xx versions prior to 1.35 is vulnerable to brute-force attacks, because of Improper Restriction of Excessive Authentication Attempts. | ||||
| CVE-2018-13989 | 1 Arcelikas | 2 Grundig Smart Inter\@ctive, Grundig Smart Inter\@ctive Firmware | 2024-11-21 | N/A |
| Grundig Smart Inter@ctive TV 3.0 devices allow CSRF attacks via a POST request to TCP port 8085 containing a predictable ID value, as demonstrated by a /sendrcpackage?keyid=-2544&keysymbol=-4081 request to shut off the device. | ||||