Export limit exceeded: 359386 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (359386 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2018-9026 | 1 Broadcom | 1 Privileged Access Manager | 2024-11-21 | N/A |
| A session fixation vulnerability in CA Privileged Access Manager 2.x allows remote attackers to hijack user sessions with a specially crafted request. | ||||
| CVE-2018-9025 | 1 Broadcom | 1 Privileged Access Manager | 2024-11-21 | N/A |
| An input validation vulnerability in CA Privileged Access Manager 2.x allows remote attackers to poison log files with specially crafted input. | ||||
| CVE-2018-9024 | 1 Broadcom | 1 Privileged Access Manager | 2024-11-21 | N/A |
| An improper authentication vulnerability in CA Privileged Access Manager 2.x allows attackers to spoof IP addresses in a log file. | ||||
| CVE-2018-9023 | 1 Broadcom | 1 Privileged Access Manager | 2024-11-21 | N/A |
| An input validation vulnerability in CA Privileged Access Manager 2.x allows unprivileged users to execute arbitrary commands by passing specially crafted arguments to the update_crld script. | ||||
| CVE-2018-9022 | 1 Broadcom | 1 Privileged Access Manager | 2024-11-21 | 9.8 Critical |
| An authentication bypass vulnerability in CA Privileged Access Manager 2.8.2 and earlier allows remote attackers to execute arbitrary code or commands by poisoning a configuration file. | ||||
| CVE-2018-9021 | 1 Broadcom | 1 Privileged Access Manager | 2024-11-21 | 9.8 Critical |
| An authentication bypass vulnerability in CA Privileged Access Manager 2.8.2 and earlier allows remote attackers to execute arbitrary commands with specially crafted requests. | ||||
| CVE-2018-9020 | 1 Pixelite | 1 Events Manager | 2024-11-21 | N/A |
| The Events Manager plugin before 5.8.1.2 for WordPress allows XSS via the events-manager.js mapTitle parameter in the Google Maps miniature. | ||||
| CVE-2018-9019 | 2 Dolibarr, Oracle | 2 Dolibarr, Data Integrator | 2024-11-21 | 9.8 Critical |
| SQL Injection vulnerability in Dolibarr before version 7.0.2 allows remote attackers to execute arbitrary SQL commands via the sortfield parameter to /accountancy/admin/accountmodel.php, /accountancy/admin/categories_list.php, /accountancy/admin/journals_list.php, /admin/dict.php, /admin/mails_templates.php, or /admin/website.php. | ||||
| CVE-2018-9018 | 2 Debian, Graphicsmagick | 2 Debian Linux, Graphicsmagick | 2024-11-21 | N/A |
| In GraphicsMagick 1.3.28, there is a divide-by-zero in the ReadMNGImage function of coders/png.c. Remote attackers could leverage this vulnerability to cause a crash and denial of service via a crafted mng file. | ||||
| CVE-2018-9017 | 1 Dsmall Project | 1 Dsmall | 2024-11-21 | N/A |
| dsmall v20180320 allows XSS via the member search box at the public/index.php/home/membersnsfriend/findlist.html URI. | ||||
| CVE-2018-9016 | 1 Dsmall Project | 1 Dsmall | 2024-11-21 | N/A |
| dsmall v20180320 allows XSS via the main page search box at the public/index.php/home URI. | ||||
| CVE-2018-9015 | 1 Dsmall Project | 1 Dsmall | 2024-11-21 | N/A |
| dsmall v20180320 allows XSS via the public/index.php/home/predeposit/index.html pdr_sn parameter (aka the CMS search box). | ||||
| CVE-2018-9014 | 1 Dsmall Project | 1 Dsmall | 2024-11-21 | N/A |
| dsmall v20180320 allows physical path leakage via a public/index.php/home/predeposit/index.html?pdr_sn= request. | ||||
| CVE-2018-9010 | 1 Intelbras | 4 Tip200, Tip200 Firmware, Tip200lite and 1 more | 2024-11-21 | 7.2 High |
| Intelbras TELEFONE IP TIP200/200 LITE 60.0.75.29 devices allow remote authenticated admins to read arbitrary files via the /cgi-bin/cgiServer.exx page parameter, aka absolute path traversal. In some cases, authentication can be achieved via the admin account with its default admin password. | ||||
| CVE-2018-9009 | 2 Debian, Libming | 2 Debian Linux, Libming | 2024-11-21 | N/A |
| In libming 0.4.8, there is a use-after-free in the decompileJUMP function of the decompile.c file. | ||||
| CVE-2018-9007 | 1 Iobit | 1 Advanced Systemcare Ultimate | 2024-11-21 | N/A |
| In Advanced SystemCare Ultimate 11.0.1.58, the driver file (Monitor_x86.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x9c4060c4. | ||||
| CVE-2018-9006 | 1 Iobit | 1 Advanced Systemcare Ultimate | 2024-11-21 | N/A |
| In Advanced SystemCare Ultimate 11.0.1.58, the driver file (Monitor_win7_x64.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x9c402004. | ||||
| CVE-2018-9005 | 1 Iobit | 1 Advanced Systemcare Ultimate | 2024-11-21 | N/A |
| In Advanced SystemCare Ultimate 11.0.1.58, the driver file (Monitor_win7_x64.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x9c4060d0. | ||||
| CVE-2018-9004 | 1 Iobit | 1 Advanced Systemcare Ultimate | 2024-11-21 | N/A |
| In Advanced SystemCare Ultimate 11.0.1.58, the driver file (Monitor_x86.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x9c4060d0. | ||||
| CVE-2018-9003 | 1 Iobit | 1 Advanced Systemcare Ultimate | 2024-11-21 | N/A |
| In Advanced SystemCare Ultimate 11.0.1.58, the driver file (Monitor_x86.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x9c402000. | ||||