Export limit exceeded: 346810 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (346810 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2018-11018 | 1 Pbootcms | 1 Pbootcms | 2024-11-21 | N/A |
| An issue was discovered in PbootCMS v1.0.7. Cross-site request forgery (CSRF) vulnerability in apps/admin/controller/system/RoleController.php allows remote attackers to add administrator accounts via admin.php/role/add.html. | ||||
| CVE-2018-11017 | 1 Libming | 1 Libming | 2024-11-21 | N/A |
| The newVar_N function in decompile.c in libming through 0.4.8 mishandles cases where the header indicates a file size greater than the actual size, which allows remote attackers to cause a denial of service (Segmentation fault and application crash) or possibly have unspecified other impact. | ||||
| CVE-2018-11013 | 2 D-link, Dlink | 2 Dir-816 A2 Firmware, Dir-816 A2 | 2024-11-21 | N/A |
| Stack-based buffer overflow in the websRedirect function in GoAhead on D-Link DIR-816 A2 (CN) routers with firmware version 1.10B05 allows unauthenticated remote attackers to execute arbitrary code via a request with a long HTTP Host header. | ||||
| CVE-2018-11012 | 1 Halo | 1 Halo | 2024-11-21 | N/A |
| ruibaby Halo 0.0.2 has stored XSS via the loginName and loginPwd parameters in a failed login attempt to AdminController.java. | ||||
| CVE-2018-11011 | 1 Halo | 1 Halo | 2024-11-21 | N/A |
| ruibaby Halo 0.0.2 has stored XSS via the commentAuthor field to FrontCommentController.java. | ||||
| CVE-2018-11010 | 1 K7computing | 4 Antivrius, Enterprise Security, Total Security and 1 more | 2024-11-21 | 7.8 High |
| A Buffer Overflow issue was discovered in K7Computing K7AntiVirus Premium 15.01.00.53. | ||||
| CVE-2018-11009 | 1 K7computing | 4 Antivrius, Enterprise Security, Total Security and 1 more | 2024-11-21 | 7.8 High |
| A Buffer Overflow issue was discovered in K7Computing K7AntiVirus Premium 15.01.00.53. | ||||
| CVE-2018-11008 | 1 K7computing | 4 Antivrius, Enterprise Security, Total Security and 1 more | 2024-11-21 | 5.5 Medium |
| An Incorrect Access Control issue was discovered in K7Computing K7AntiVirus Premium 15.01.00.53. | ||||
| CVE-2018-11007 | 1 K7computing | 4 Antivrius, Enterprise Security, Total Security and 1 more | 2024-11-21 | 5.5 Medium |
| A Memory Leak issue was discovered in K7Computing K7AntiVirus Premium 15.01.00.53. | ||||
| CVE-2018-11006 | 1 K7computing | 4 Antivrius, Enterprise Security, Total Security and 1 more | 2024-11-21 | 5.5 Medium |
| An Incorrect Access Control issue was discovered in K7Computing K7AntiVirus Premium 15.01.00.53. | ||||
| CVE-2018-11005 | 1 K7computing | 4 Antivrius, Enterprise Security, Total Security and 1 more | 2024-11-21 | 5.5 Medium |
| A Memory Leak issue was discovered in K7Computing K7AntiVirus Premium 15.01.00.53. | ||||
| CVE-2018-11004 | 1 Sdcms | 1 Sdcms | 2024-11-21 | N/A |
| An issue was discovered in SDcms v1.5. Cross-site request forgery (CSRF) vulnerability in /WWW//app/admin/controller/admincontroller.php allows remote attackers to add administrator accounts via m=admin&c=admin&a=add. | ||||
| CVE-2018-11003 | 1 Yxcms | 1 Yxcms | 2024-11-21 | N/A |
| An issue was discovered in YXcms 1.4.7. Cross-site request forgery (CSRF) vulnerability in protected/apps/admin/controller/adminController.php allows remote attackers to delete administrator accounts via index.php?r=admin/admin/admindel. | ||||
| CVE-2018-11002 | 1 Pulsesecure | 1 Pulse Secure Desktop Client | 2024-11-21 | N/A |
| Pulse Secure Desktop Client 5.3 up to and including R6.0 build 1769 on Windows has Insecure Permissions. | ||||
| CVE-2018-10999 | 4 Canonical, Debian, Exiv2 and 1 more | 4 Ubuntu Linux, Debian Linux, Exiv2 and 1 more | 2024-11-21 | N/A |
| An issue was discovered in Exiv2 0.26. The Exiv2::Internal::PngChunk::parseTXTChunk function has a heap-based buffer over-read. | ||||
| CVE-2018-10998 | 4 Canonical, Debian, Exiv2 and 1 more | 7 Ubuntu Linux, Debian Linux, Exiv2 and 4 more | 2024-11-21 | 6.5 Medium |
| An issue was discovered in Exiv2 0.26. readMetadata in jp2image.cpp allows remote attackers to cause a denial of service (SIGABRT) by triggering an incorrect Safe::add call. | ||||
| CVE-2018-10997 | 1 Etere | 1 Etereweb | 2024-11-21 | N/A |
| Etere EtereWeb before 28.1.20 has a pre-authentication blind SQL injection in the POST parameters txUserName and txPassword. | ||||
| CVE-2018-10996 | 1 D-link | 2 Dir-629-b, Dir-629-b Firmware | 2024-11-21 | N/A |
| The weblogin_log function in /htdocs/cgibin on D-Link DIR-629-B1 devices allows attackers to execute arbitrary code or cause a denial of service (buffer overflow) via a session.cgi?ACTION=logout request involving a long REMOTE_ADDR environment variable. | ||||
| CVE-2018-10995 | 2 Debian, Schedmd | 2 Debian Linux, Slurm | 2024-11-21 | N/A |
| SchedMD Slurm before 17.02.11 and 17.1x.x before 17.11.7 mishandles user names (aka user_name fields) and group ids (aka gid fields). | ||||
| CVE-2018-10994 | 1 Signal | 1 Signal-desktop | 2024-11-21 | N/A |
| js/views/message_view.js in Open Whisper Signal (aka Signal-Desktop) before 1.10.1 allows XSS via a URL. | ||||