Export limit exceeded: 336746 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 41760 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (41760 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2018-16333 | 1 Tendacn | 10 Ac10, Ac10 Firmware, Ac15 and 7 more | 2024-11-21 | N/A |
| An issue was discovered on Tenda AC7 V15.03.06.44_CN, AC9 V15.03.05.19(6318)_CN, AC10 V15.03.06.23_CN, AC15 V15.03.05.19_CN, and AC18 V15.03.05.19(6318)_CN devices. There is a buffer overflow vulnerability in the router's web server. While processing the ssid parameter for a POST request, the value is directly used in a sprintf call to a local variable placed on the stack, which overrides the return address of the function, causing a buffer overflow. | ||||
| CVE-2018-16308 | 1 Ninjaforms | 1 Ninja Forms | 2024-11-21 | N/A |
| The Ninja Forms plugin before 3.3.14.1 for WordPress allows CSV injection. | ||||
| CVE-2018-16302 | 1 Mc1soft | 1 Zip-n-go | 2024-11-21 | N/A |
| MediaComm Zip-n-Go before 4.95 has a Buffer Overflow via a crafted file. | ||||
| CVE-2018-16301 | 1 Tcpdump | 1 Tcpdump | 2024-11-21 | 7.8 High |
| The command-line argument parser in tcpdump before 4.99.0 has a buffer overflow in tcpdump.c:read_infile(). To trigger this vulnerability the attacker needs to create a 4GB file on the local filesystem and to specify the file name as the value of the -F command-line argument of tcpdump. | ||||
| CVE-2018-16276 | 3 Canonical, Debian, Linux | 3 Ubuntu Linux, Debian Linux, Linux Kernel | 2024-11-21 | 7.8 High |
| An issue was discovered in yurex_read in drivers/usb/misc/yurex.c in the Linux kernel before 4.17.7. Local attackers could use user access read/writes with incorrect bounds checking in the yurex USB driver to crash the kernel or potentially escalate privileges. | ||||
| CVE-2018-16275 | 1 Opswat | 1 Metadefender | 2024-11-21 | N/A |
| OPSWAT MetaDefender before v4.11.2 allows CSV injection. | ||||
| CVE-2018-16229 | 7 Apple, Debian, F5 and 4 more | 7 Mac Os X, Debian Linux, Traffix Signaling Delivery Controller and 4 more | 2024-11-21 | 7.5 High |
| The DCCP parser in tcpdump before 4.9.3 has a buffer over-read in print-dccp.c:dccp_print_option(). | ||||
| CVE-2018-16227 | 6 Apple, Debian, Fedoraproject and 3 more | 6 Mac Os X, Debian Linux, Fedora and 3 more | 2024-11-21 | 7.5 High |
| The IEEE 802.11 parser in tcpdump before 4.9.3 has a buffer over-read in print-802_11.c for the Mesh Flags subfield. | ||||
| CVE-2018-16181 | 1 Daj | 1 I-filter | 2024-11-21 | N/A |
| HTTP header injection vulnerability in i-FILTER Ver.9.50R05 and earlier may allow remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks that may result in an arbitrary script injection or setting an arbitrary cookie values via unspecified vectors. | ||||
| CVE-2018-16172 | 1 Cybozu | 1 Remote Service Manager | 2024-11-21 | N/A |
| Improper countermeasure against clickjacking attack in client certificates management screen was discovered in Cybozu Remote Service 3.0.0 to 3.1.8, that allows remote attackers to trick a user to delete the registered client certificate. | ||||
| CVE-2018-16140 | 2 Canonical, Fig2dev Project | 2 Ubuntu Linux, Fig2dev | 2024-11-21 | N/A |
| A buffer underwrite vulnerability in get_line() (read.c) in fig2dev 3.2.7a allows an attacker to write prior to the beginning of the buffer via a crafted .fig file. | ||||
| CVE-2018-16094 | 1 Lenovo | 8 System Management Module Firmware, Thinkagile Hx Enclosure 7x81, Thinkagile Hx Enclosure 7y87 and 5 more | 2024-11-21 | N/A |
| In System Management Module (SMM) versions prior to 1.06, an internal SMM function that retrieves configuration settings is prone to a buffer overflow. | ||||
| CVE-2018-16091 | 1 Lenovo | 8 System Management Module Firmware, Thinkagile Hx Enclosure 7x81, Thinkagile Hx Enclosure 7y87 and 5 more | 2024-11-21 | N/A |
| In System Management Module (SMM) versions prior to 1.06, the SMM certificate creation and parsing logic is vulnerable to several buffer overflows. | ||||
| CVE-2018-16083 | 2 Google, Redhat | 5 Chrome, Enterprise Linux Desktop, Enterprise Linux Server and 2 more | 2024-11-21 | N/A |
| An out of bounds read in forward error correction code in WebRTC in Google Chrome prior to 69.0.3497.81 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. | ||||
| CVE-2018-16082 | 2 Google, Redhat | 5 Chrome, Enterprise Linux Desktop, Enterprise Linux Server and 2 more | 2024-11-21 | N/A |
| An out of bounds read in Swiftshader in Google Chrome prior to 69.0.3497.81 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page. | ||||
| CVE-2018-16076 | 2 Google, Redhat | 5 Chrome, Enterprise Linux Desktop, Enterprise Linux Server and 2 more | 2024-11-21 | N/A |
| Missing bounds check in PDFium in Google Chrome prior to 69.0.3497.81 allowed a remote attacker to perform an out of bounds memory read via a crafted PDF file. | ||||
| CVE-2018-16070 | 2 Google, Redhat | 2 Chrome, Rhel Extras | 2024-11-21 | N/A |
| Integer overflows in Skia in Google Chrome prior to 69.0.3497.81 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | ||||
| CVE-2018-16069 | 2 Google, Redhat | 2 Chrome, Rhel Extras | 2024-11-21 | N/A |
| Unintended floating-point error accumulation in SwiftShader in Google Chrome prior to 69.0.3497.81 allowed a remote attacker to leak cross-origin data via a crafted HTML page. | ||||
| CVE-2018-16062 | 5 Canonical, Debian, Elfutils Project and 2 more | 9 Ubuntu Linux, Debian Linux, Elfutils and 6 more | 2024-11-21 | 5.5 Medium |
| dwarf_getaranges in dwarf_getaranges.c in libdw in elfutils before 2018-08-18 allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted file. | ||||
| CVE-2018-16047 | 3 Adobe, Apple, Microsoft | 4 Acrobat Dc, Acrobat Reader Dc, Mac Os X and 1 more | 2024-11-21 | N/A |
| Adobe Acrobat and Reader versions 2019.008.20081 and earlier, 2019.008.20080 and earlier, 2019.008.20081 and earlier, 2017.011.30106 and earlier version, 2017.011.30105 and earlier version, 2015.006.30457 and earlier, and 2015.006.30456 and earlier have an out-of-bounds read vulnerability. Successful exploitation could lead to information disclosure. | ||||