Export limit exceeded: 346367 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (346367 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2018-10569 | 1 Edimax | 2 Edimax Ew-7438rpn V2 Firmware, Ew-7438rpn Mini V2 | 2024-11-21 | N/A |
| An issue was discovered in Edimax EW-7438RPn Mini v2 before version 1.26. There is XSS in an SSID field. | ||||
| CVE-2018-10568 | 1 Flexense | 1 Disksorter | 2024-11-21 | N/A |
| XSS exists in Flexense DiskSorter Enterprise from v9.5.12 to v10.7. | ||||
| CVE-2018-10567 | 1 Flexense | 1 Vx Search | 2024-11-21 | N/A |
| XSS exists in Flexense VX Search Enterprise from v10.1.12 to v10.7. | ||||
| CVE-2018-10566 | 1 Flexense | 1 Dupscout | 2024-11-21 | N/A |
| XSS exists in Flexense DupScout Enterprise from v10.0.18 to v10.7. | ||||
| CVE-2018-10565 | 1 Flexense | 1 Disksavvy | 2024-11-21 | N/A |
| XSS exists in Flexense DiskSavvy Enterprise from v10.4 to v10.7. | ||||
| CVE-2018-10564 | 1 Flexense | 1 Diskpulse | 2024-11-21 | N/A |
| XSS exists in Flexense DiskPulse Enterprise from v10.4 to v10.7. | ||||
| CVE-2018-10563 | 1 Flexense | 1 Syncbreeze | 2024-11-21 | N/A |
| An XSS in Flexense SyncBreeze affects all versions (tested from SyncBreeze Enterprise from v10.1 to v10.7). | ||||
| CVE-2018-10554 | 1 Nagios | 1 Nagios Xi | 2024-11-21 | N/A |
| An issue was discovered in Nagios XI 5.4.13. There is XSS exploitable via CSRF in (1) the Schedule New Report screen via the hour, minute, or ampm parameter, related to components/scheduledreporting; (2) includes/components/xicore/downtime.php, related to the update_pages function; (3) the ajaxhelper.php opts or background parameter; (4) the i[] array parameter to ajax_handler.php; or (5) the deploynotification.php title parameter. | ||||
| CVE-2018-10553 | 1 Nagios | 1 Nagios Xi | 2024-11-21 | N/A |
| An issue was discovered in Nagios XI 5.4.13. A registered user is able to use directory traversal to read local files, as demonstrated by URIs beginning with index.php?xiwindow=./ and config/?xiwindow=../ substrings. | ||||
| CVE-2018-10550 | 1 Octopus | 1 Octopus Deploy | 2024-11-21 | N/A |
| In Octopus Deploy before 2018.4.7, target and tenant tag variable scopes were not checked against the list of tenants the user has access to. | ||||
| CVE-2018-10549 | 5 Canonical, Debian, Netapp and 2 more | 5 Ubuntu Linux, Debian Linux, Storage Automation Store and 2 more | 2024-11-21 | N/A |
| An issue was discovered in PHP before 5.6.36, 7.0.x before 7.0.30, 7.1.x before 7.1.17, and 7.2.x before 7.2.5. exif_read_data in ext/exif/exif.c has an out-of-bounds read for crafted JPEG data because exif_iif_add_value mishandles the case of a MakerNote that lacks a final '\0' character. | ||||
| CVE-2018-10548 | 5 Canonical, Debian, Netapp and 2 more | 5 Ubuntu Linux, Debian Linux, Storage Automation Store and 2 more | 2024-11-21 | N/A |
| An issue was discovered in PHP before 5.6.36, 7.0.x before 7.0.30, 7.1.x before 7.1.17, and 7.2.x before 7.2.5. ext/ldap/ldap.c allows remote LDAP servers to cause a denial of service (NULL pointer dereference and application crash) because of mishandling of the ldap_get_dn return value. | ||||
| CVE-2018-10547 | 5 Canonical, Debian, Netapp and 2 more | 6 Ubuntu Linux, Debian Linux, Storage Automation Store and 3 more | 2024-11-21 | N/A |
| An issue was discovered in ext/phar/phar_object.c in PHP before 5.6.36, 7.0.x before 7.0.30, 7.1.x before 7.1.17, and 7.2.x before 7.2.5. There is Reflected XSS on the PHAR 403 and 404 error pages via request data of a request for a .phar file. NOTE: this vulnerability exists because of an incomplete fix for CVE-2018-5712. | ||||
| CVE-2018-10546 | 5 Canonical, Debian, Netapp and 2 more | 5 Ubuntu Linux, Debian Linux, Storage Automation Store and 2 more | 2024-11-21 | N/A |
| An issue was discovered in PHP before 5.6.36, 7.0.x before 7.0.30, 7.1.x before 7.1.17, and 7.2.x before 7.2.5. An infinite loop exists in ext/iconv/iconv.c because the iconv stream filter does not reject invalid multibyte sequences. | ||||
| CVE-2018-10545 | 5 Canonical, Debian, Netapp and 2 more | 5 Ubuntu Linux, Debian Linux, Storage Automation Store and 2 more | 2024-11-21 | N/A |
| An issue was discovered in PHP before 5.6.35, 7.0.x before 7.0.29, 7.1.x before 7.1.16, and 7.2.x before 7.2.4. Dumpable FPM child processes allow bypassing opcache access controls because fpm_unix.c makes a PR_SET_DUMPABLE prctl call, allowing one user (in a multiuser environment) to obtain sensitive information from the process memory of a second user's PHP applications by running gcore on the PID of the PHP-FPM worker process. | ||||
| CVE-2018-10544 | 1 Meross | 2 Mss110, Mss110 Firmware | 2024-11-21 | N/A |
| Meross MSS110 devices through 1.1.24 contain an unauthenticated admin.htm administrative interface. | ||||
| CVE-2018-10540 | 2 Debian, Wavpack | 2 Debian Linux, Wavpack | 2024-11-21 | N/A |
| An issue was discovered in WavPack 5.1.0 and earlier for W64 input. Out-of-bounds writes can occur because ParseWave64HeaderConfig in wave64.c does not validate the sizes of unknown chunks before attempting memory allocation, related to a lack of integer-overflow protection within a bytes_to_copy calculation and subsequent malloc call, leading to insufficient memory allocation. | ||||
| CVE-2018-10539 | 2 Debian, Wavpack | 2 Debian Linux, Wavpack | 2024-11-21 | N/A |
| An issue was discovered in WavPack 5.1.0 and earlier for DSDiff input. Out-of-bounds writes can occur because ParseDsdiffHeaderConfig in dsdiff.c does not validate the sizes of unknown chunks before attempting memory allocation, related to a lack of integer-overflow protection within a bytes_to_copy calculation and subsequent malloc call, leading to insufficient memory allocation. | ||||
| CVE-2018-10538 | 2 Debian, Wavpack | 2 Debian Linux, Wavpack | 2024-11-21 | N/A |
| An issue was discovered in WavPack 5.1.0 and earlier for WAV input. Out-of-bounds writes can occur because ParseRiffHeaderConfig in riff.c does not validate the sizes of unknown chunks before attempting memory allocation, related to a lack of integer-overflow protection within a bytes_to_copy calculation and subsequent malloc call, leading to insufficient memory allocation. | ||||
| CVE-2018-10537 | 2 Debian, Wavpack | 2 Debian Linux, Wavpack | 2024-11-21 | N/A |
| An issue was discovered in WavPack 5.1.0 and earlier. The W64 parser component contains a vulnerability that allows writing to memory because ParseWave64HeaderConfig in wave64.c does not reject multiple format chunks. | ||||