Export limit exceeded: 346993 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (346993 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2018-13037 | 1 Jpeg-compressor Project | 1 Jpeg Compressor | 2024-11-21 | N/A |
| An issue was discovered in jpeg-compressor 0.1. The bmp_load function in stb_image.c allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact. | ||||
| CVE-2018-13034 | 1 Jester Project | 1 Jester | 2024-11-21 | N/A |
| Directory traversal in Jester web framework 0.2.0 allows remote attackers to fetch files in arbitrary locations via "..%f" sequences. | ||||
| CVE-2018-13033 | 2 Gnu, Redhat | 6 Binutils, Enterprise Linux, Enterprise Linux Desktop and 3 more | 2024-11-21 | N/A |
| The Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.30, allows remote attackers to cause a denial of service (excessive memory allocation and application crash) via a crafted ELF file, as demonstrated by _bfd_elf_parse_attributes in elf-attrs.c and bfd_malloc in libbfd.c. This can occur during execution of nm. | ||||
| CVE-2018-13032 | 1 Ecessa | 2 Shieldlink Sl175ehq, Shieldlink Sl175ehq Firmware | 2024-11-21 | N/A |
| ECESSA ShieldLink SL175EHQ 10.7.4 devices have CSRF to add superuser accounts via the cgi-bin/pl_web.cgi/util_configlogin_act URI. | ||||
| CVE-2018-13031 | 1 Damicms | 1 Damicms | 2024-11-21 | N/A |
| DamiCMS v6.0.0 aand 6.1.0 allows CSRF via admin.php?s=/Admin/doadd to add an administrator account. | ||||
| CVE-2018-13030 | 1 Jpeg-compressor Project | 1 Jpeg Compressor | 2024-11-21 | N/A |
| An issue was discovered in jpeg-compressor 0.1. The build_huffman function in stb_image.c allows remote attackers to cause a denial of service (stack-based buffer overflow and application crash) or possibly have unspecified other impact. | ||||
| CVE-2018-13026 | 1 Gopro | 1 Gpmf-parser | 2024-11-21 | N/A |
| An issue was discovered in gpmf-parser 1.1.2. There is a heap-based buffer over-read in GPMF_parser.c in the function GPMF_Type. | ||||
| CVE-2018-13025 | 1 Yxcms | 1 Yxcms | 2024-11-21 | N/A |
| protected/apps/admin/controller/photoController.php in YXcms 1.4.7 allows remote attackers to delete arbitrary files via the index.php?r=admin/photo/delpic picname parameter. | ||||
| CVE-2018-13024 | 1 Metinfo | 1 Metinfo | 2024-11-21 | N/A |
| Metinfo v6.0.0 allows remote attackers to write code into a .php file, and execute that code, via the module parameter to admin/column/save.php in an editor upload action. | ||||
| CVE-2018-13023 | 1 Mi | 2 Mi Router 3, Miwifi Os | 2024-11-21 | N/A |
| System command injection vulnerability in wifi_access in Xiaomi Mi Router 3 version 2.22.15 allows attackers to execute system commands via the "timeout" URL parameter. | ||||
| CVE-2018-13022 | 1 Mi | 2 Mi Router 3, Miwifi Os | 2024-11-21 | N/A |
| Cross-site scripting vulnerability in the API 404 page on Xiaomi Mi Router 3 version 2.22.15 allows attackers to execute arbitrary JavaScript via a modified URL path. | ||||
| CVE-2018-13021 | 1 Hongcms Project | 1 Hongcms | 2024-11-21 | N/A |
| An issue was discovered in HongCMS 3.0.0. There is an Arbitrary Script File Upload issue that can result in PHP code execution via the admin/index.php/template/upload URI. | ||||
| CVE-2018-13014 | 1 Safensoft | 3 Enterprise Suite, Syswatch, Tpsecure | 2024-11-21 | N/A |
| Storing password in recoverable format in safensec.com (SysWatch service) in SAFE'N'SEC SoftControl/SafenSoft SysWatch, SoftControl/SafenSoft TPSecure, and SoftControl/SafenSoft Enterprise Suite before 4.4.2 allows the local attacker to restore the SysWatch password from the settings database and modify program settings. | ||||
| CVE-2018-13013 | 1 Safensoft | 3 Enterprise Suite, Syswatch, Tpsecure | 2024-11-21 | N/A |
| Improper check of unusual conditions when launching msiexec.exe in safensec.com (SysWatch service) in SAFE'N'SEC SoftControl/SafenSoft SysWatch, SoftControl/SafenSoft TPSecure, and SoftControl/SafenSoft Enterprise Suite before 4.4.9 allows the local attacker to bypass a code-signing protection mechanism and install/execute an unauthorized program by modifying the system configuration and installing a forged MSI file. (The intended behavior is that the component SysWatch does not allow installation of MSI files unless they are signed by a limited list of certificates.) | ||||
| CVE-2018-13012 | 1 Safensoft | 3 Softcontrol Enterprise Suite, Softcontrol Syswatch, Softcontrol Tpsecure | 2024-11-21 | N/A |
| Download of code with improper integrity check in snsupd.exe and upd.exe in SAFE'N'SEC SoftControl/SafenSoft SysWatch, SoftControl/SafenSoft TPSecure, and SoftControl/SafenSoft Enterprise Suite before 4.4.12 allows the remote attacker to execute unauthorized code by substituting a forged update server. | ||||
| CVE-2018-13011 | 1 Gopro | 1 Gpmf-parser | 2024-11-21 | N/A |
| An issue was discovered in gpmf-parser 1.1.2. There is a heap-based buffer over-read in GPMF_parser.c in the function GPMF_Validate. | ||||
| CVE-2018-13010 | 1 Wstmall | 1 Wstmall | 2024-11-21 | N/A |
| WSTMall v1.9.1_170316 has CSRF via the index.php?m=Admin&c=Users&a=edit URI to add a user account. | ||||
| CVE-2018-13009 | 1 Gopro | 1 Gpmf-parser | 2024-11-21 | N/A |
| An issue was discovered in gpmf-parser 1.1.2. There is a heap-based buffer over-read in GPMF_parser.c in the function GPMF_Next, related to certain checks for GPMF_KEY_END and nest_level (conditional on a buffer_size_longs check). | ||||
| CVE-2018-13008 | 1 Gopro | 1 Gpmf-parser | 2024-11-21 | N/A |
| An issue was discovered in gpmf-parser 1.1.2. There is a heap-based buffer over-read in GPMF_parser.c in the function GPMF_Next, related to certain checks for a positive nest_level. | ||||
| CVE-2018-13007 | 1 Gopro | 1 Gpmf-parser | 2024-11-21 | N/A |
| An issue was discovered in gpmf-parser 1.1.2. There is a heap-based buffer over-read in GPMF_parser.c in the function GPMF_Next, related to certain checks for GPMF_KEY_END and nest_level (not conditional on a buffer_size_longs check). | ||||