Export limit exceeded: 347473 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (347473 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2018-14016 | 1 Radare | 1 Radare2 | 2024-11-21 | 5.5 Medium |
| The r_bin_mdmp_init_directory_entry function in mdmp.c in radare2 2.7.0 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted Mini Crash Dump file. | ||||
| CVE-2018-14014 | 1 Super Cms Project | 1 Super Cms | 2024-11-21 | N/A |
| In waimai Super Cms 20150505, there is a CSRF vulnerability that can add an admin account via admin.php?m=Member&a=adminadd. | ||||
| CVE-2018-14013 | 1 Synacor | 1 Zimbra Collaboration Suite | 2024-11-21 | N/A |
| Synacor Zimbra Collaboration Suite Collaboration before 8.8.11 has XSS in the AJAX and html web clients. | ||||
| CVE-2018-14012 | 1 Wolfsight | 1 Wolfsight Cms | 2024-11-21 | N/A |
| WolfSight CMS 3.2 allows SQL injection via the PATH_INFO to the default URI. | ||||
| CVE-2018-14010 | 1 Mi | 7 Xiaomi R3, Xiaomi R3c, Xiaomi R3c Firmware and 4 more | 2024-11-21 | N/A |
| OS command injection in the guest Wi-Fi settings feature in /cgi-bin/luci on Xiaomi R3P before 2.14.5, R3C before 2.12.15, R3 before 2.22.15, and R3D before 2.26.4 devices allows an attacker to execute any command via crafted JSON data. | ||||
| CVE-2018-14009 | 1 Codiad | 1 Codiad | 2024-11-21 | 9.8 Critical |
| Codiad through 2.8.4 allows Remote Code Execution, a different vulnerability than CVE-2017-11366 and CVE-2017-15689. | ||||
| CVE-2018-14008 | 1 Arista | 1 Eos | 2024-11-21 | N/A |
| Arista EOS through 4.21.0F allows a crash because 802.1x authentication is mishandled. | ||||
| CVE-2018-14007 | 1 Citrix | 1 Xenserver | 2024-11-21 | N/A |
| Citrix XenServer 7.1 and newer allows Directory Traversal. | ||||
| CVE-2018-14006 | 1 Ngtoken Project | 1 Ngtoken | 2024-11-21 | 7.5 High |
| An integer overflow vulnerability exists in the function multipleTransfer of Neo Genesis Token (NGT), an Ethereum token smart contract. An attacker could use it to set any user's balance. | ||||
| CVE-2018-14005 | 1 Malaysiancoin Project | 1 Malaysiancoin | 2024-11-21 | 7.5 High |
| An integer overflow vulnerability exists in the function transferAny of Malaysia coins (Xmc), an Ethereum token smart contract. An attacker could use it to set any user's balance. | ||||
| CVE-2018-14004 | 1 Globecoin Project | 1 Globecoin | 2024-11-21 | N/A |
| An integer overflow vulnerability exists in the function transfer_tokens_after_ICO of GlobeCoin (GLB), an Ethereum token smart contract. An attacker could use it to set any user's balance. | ||||
| CVE-2018-14003 | 1 Wmctoken Project | 1 Wmctoken | 2024-11-21 | 7.5 High |
| An integer overflow vulnerability exists in the function batchTransfer of WeMediaChain (WMC), an Ethereum token smart contract. An attacker could use it to set any user's balance. | ||||
| CVE-2018-14002 | 1 Mp3 Coin Project | 1 Mp3 Coin | 2024-11-21 | N/A |
| An integer overflow vulnerability exists in the function distribute of MP3 Coin (MP3), an Ethereum token smart contract. An attacker could use it to set any user's balance. | ||||
| CVE-2018-14001 | 1 Sharktech Project | 1 Sharktech | 2024-11-21 | N/A |
| An integer overflow vulnerability exists in the function batchTransfer of SHARKTECH (SKT), an Ethereum token smart contract. An attacker could use it to set any user's balance. | ||||
| CVE-2018-13999 | 1 Catfish-cms | 1 Catfish Cms | 2024-11-21 | N/A |
| Catfish CMS v4.7.9 allows XSS via the admin/Index/write.html editorValue parameter (aka an article posted by an administrator). | ||||
| CVE-2018-13998 | 1 Clippercms | 1 Clippercms | 2024-11-21 | N/A |
| ClipperCMS 1.3.3 has stored XSS via the Full Name field of (1) Security -> Manager Users or (2) Security -> Web Users. | ||||
| CVE-2018-13997 | 1 Codeplea | 1 Genann | 2024-11-21 | N/A |
| Genann through 2018-07-08 has a SEGV in genann_run in genann.c. | ||||
| CVE-2018-13996 | 1 Codeplea | 1 Genann | 2024-11-21 | N/A |
| Genann through 2018-07-08 has a stack-based buffer over-read in genann_train in genann.c. | ||||
| CVE-2018-13994 | 1 Phoenixcontact | 58 Fl Switch 3004t-fx, Fl Switch 3004t-fx Firmware, Fl Switch 3004t-fx St and 55 more | 2024-11-21 | N/A |
| The WebUI of PHOENIX CONTACT FL SWITCH 3xxx, 4xxx, 48xx versions 1.0 to 1.34 is vulnerable to a denial-of-service attack by making more than 120 connections. | ||||
| CVE-2018-13993 | 1 Phoenixcontact | 58 Fl Switch 3004t-fx, Fl Switch 3004t-fx Firmware, Fl Switch 3004t-fx St and 55 more | 2024-11-21 | N/A |
| The WebUI of PHOENIX CONTACT FL SWITCH 3xxx, 4xxx, 48xx versions 1.0 to 1.34 is prone to CSRF. | ||||