Export limit exceeded: 347694 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 347694 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 347694 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (347694 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2018-11385 | 3 Debian, Fedoraproject, Sensiolabs | 3 Debian Linux, Fedora, Symfony | 2024-11-21 | N/A |
| An issue was discovered in the Security component in Symfony 2.7.x before 2.7.48, 2.8.x before 2.8.41, 3.3.x before 3.3.17, 3.4.x before 3.4.11, and 4.0.x before 4.0.11. A session fixation vulnerability within the "Guard" login feature may allow an attacker to impersonate a victim towards the web application if the session id value was previously known to the attacker. | ||||
| CVE-2018-11384 | 1 Radare | 1 Radare2 | 2024-11-21 | N/A |
| The sh_op() function in radare2 2.5.0 allows remote attackers to cause a denial of service (heap-based out-of-bounds read and application crash) via a crafted ELF file. | ||||
| CVE-2018-11383 | 1 Radare | 1 Radare2 | 2024-11-21 | N/A |
| The r_strbuf_fini() function in radare2 2.5.0 allows remote attackers to cause a denial of service (invalid free and application crash) via a crafted ELF file because of an uninitialized variable in the CPSE handler in libr/anal/p/anal_avr.c. | ||||
| CVE-2018-11382 | 1 Radare | 1 Radare2 | 2024-11-21 | N/A |
| The _inst__sts() function in radare2 2.5.0 allows remote attackers to cause a denial of service (heap-based out-of-bounds read and application crash) via a crafted binary file. | ||||
| CVE-2018-11381 | 1 Radare | 1 Radare2 | 2024-11-21 | N/A |
| The string_scan_range() function in radare2 2.5.0 allows remote attackers to cause a denial of service (heap-based out-of-bounds read and application crash) via a crafted binary file. | ||||
| CVE-2018-11380 | 1 Radare | 1 Radare2 | 2024-11-21 | N/A |
| The parse_import_ptr() function in radare2 2.5.0 allows remote attackers to cause a denial of service (heap-based out-of-bounds read and application crash) via a crafted Mach-O file. | ||||
| CVE-2018-11379 | 1 Radare | 1 Radare2 | 2024-11-21 | N/A |
| The get_debug_info() function in radare2 2.5.0 allows remote attackers to cause a denial of service (heap-based out-of-bounds read and application crash) via a crafted PE file. | ||||
| CVE-2018-11378 | 1 Radare | 1 Radare2 | 2024-11-21 | N/A |
| The wasm_dis() function in libr/asm/arch/wasm/wasm.c in or possibly have unspecified other impact via a crafted WASM file. | ||||
| CVE-2018-11377 | 1 Radare | 1 Radare2 | 2024-11-21 | N/A |
| The avr_op_analyze() function in radare2 2.5.0 allows remote attackers to cause a denial of service (heap-based out-of-bounds read and application crash) via a crafted binary file. | ||||
| CVE-2018-11376 | 1 Radare | 1 Radare2 | 2024-11-21 | N/A |
| The r_read_le32() function in radare2 2.5.0 allows remote attackers to cause a denial of service (heap-based out-of-bounds read and application crash) via a crafted ELF file. | ||||
| CVE-2018-11375 | 1 Radare | 1 Radare2 | 2024-11-21 | N/A |
| The _inst__lds() function in radare2 2.5.0 allows remote attackers to cause a denial of service (heap-based out-of-bounds read and application crash) via a crafted binary file. | ||||
| CVE-2018-11373 | 1 Iscripts | 1 Eswap | 2024-11-21 | N/A |
| iScripts eSwap v2.4 has SQL injection via the "salelistdetailed.php" User Panel ToId parameter. | ||||
| CVE-2018-11372 | 1 Iscripts | 1 Eswap | 2024-11-21 | N/A |
| iScripts eSwap v2.4 has SQL injection via the wishlistdetailed.php User Panel ToId parameter. | ||||
| CVE-2018-11371 | 1 Skycaiji | 1 Skycaiji | 2024-11-21 | N/A |
| SkyCaiji 1.2 allows CSRF to add an Administrator user. | ||||
| CVE-2018-11369 | 1 Pbootcms | 1 Pbootcms | 2024-11-21 | N/A |
| An issue was discovered in PbootCMS v1.0.9. There is a SQL Injection that can get important information from the database via the \apps\home\controller\ParserController.php scode parameter. | ||||
| CVE-2018-11367 | 1 Cppcms | 1 Cppcms | 2024-11-21 | N/A |
| An issue was discovered in CppCMS before 1.2.1. There is a denial of service in the JSON parser module. | ||||
| CVE-2018-11366 | 1 Loginizer | 1 Loginizer | 2024-11-21 | N/A |
| init.php in the Loginizer plugin 1.3.8 through 1.3.9 for WordPress has Unauthenticated Stored Cross-Site Scripting (XSS) because logging is mishandled. This is fixed in 1.4.0. | ||||
| CVE-2018-11365 | 1 Wizardmac | 1 Readstat | 2024-11-21 | N/A |
| sas/readstat_sas7bcat_read.c in libreadstat.a in ReadStat 0.1.1 has an infinite loop. | ||||
| CVE-2018-11364 | 1 Wizardmac | 1 Readstat | 2024-11-21 | N/A |
| sav_parse_machine_integer_info_record in spss/readstat_sav_read.c in libreadstat.a in ReadStat 0.1.1 has a memory leak related to an iconv_open call. | ||||
| CVE-2018-11363 | 1 Pdfgen | 1 Pdfgen | 2024-11-21 | N/A |
| jpeg_size in pdfgen.c in PDFGen before 2018-04-09 has a heap-based buffer over-read. | ||||