Export limit exceeded: 359583 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 359583 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (359583 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2018-8753 | 1 Clavister | 1 Cos Core | 2024-11-21 | N/A |
| The IKEv1 implementation in Clavister cOS Core before 11.00.11, 11.20.xx before 11.20.06, and 12.00.xx before 12.00.09 allows remote attackers to decrypt RSA-encrypted nonces by leveraging a Bleichenbacher attack. | ||||
| CVE-2018-8741 | 2 Debian, Squirrelmail | 2 Debian Linux, Squirrelmail | 2024-11-21 | N/A |
| A directory traversal flaw in SquirrelMail 1.4.22 allows an authenticated attacker to exfiltrate (or potentially delete) files from the hosting server, related to ../ in the att_local_name field in Deliver.class.php. | ||||
| CVE-2018-8740 | 2 Debian, Sqlite | 2 Debian Linux, Sqlite | 2024-11-21 | N/A |
| In SQLite through 3.22.0, databases whose schema is corrupted using a CREATE TABLE AS statement could cause a NULL pointer dereference, related to build.c and prepare.c. | ||||
| CVE-2018-8739 | 1 Keepsolid | 1 Vpn Unlimited | 2024-11-21 | N/A |
| VPN Unlimited 4.2.0 for macOS suffers from a root privilege escalation vulnerability in its privileged helper tool. The privileged helper tool implements an XPC interface, which allows arbitrary applications to execute system commands as root. | ||||
| CVE-2018-8738 | 1 Airties | 4 5444, 5444 Firmware, 5444tt and 1 more | 2024-11-21 | N/A |
| Airties 5444 1.0.0.18 and 5444TT 1.0.0.18 devices allow XSS. | ||||
| CVE-2018-8737 | 1 Bylancer | 1 Bookme | 2024-11-21 | N/A |
| Bookme Control Panel 2.0 Application is vulnerable to stored XSS within the Customers "Book Me" function. Within the Name and Note (aka custName and custNote) sections of the Customers screen, the application does not sanitize user-supplied input and renders injected JavaScript code to the user's browser. | ||||
| CVE-2018-8736 | 1 Nagios | 1 Nagios Xi | 2024-11-21 | N/A |
| A privilege escalation vulnerability in Nagios XI 5.2.x through 5.4.x before 5.4.13 allows an attacker to leverage an RCE vulnerability escalating to root. | ||||
| CVE-2018-8735 | 1 Nagios | 1 Nagios Xi | 2024-11-21 | N/A |
| Remote command execution (RCE) vulnerability in Nagios XI 5.2.x through 5.4.x before 5.4.13 allows an attacker to execute arbitrary commands on the target system, aka OS command injection. | ||||
| CVE-2018-8734 | 1 Nagios | 1 Nagios Xi | 2024-11-21 | N/A |
| SQL injection vulnerability in the core config manager in Nagios XI 5.2.x through 5.4.x before 5.4.13 allows an attacker to execute arbitrary SQL commands via the selInfoKey1 parameter. | ||||
| CVE-2018-8733 | 1 Nagios | 1 Nagios Xi | 2024-11-21 | N/A |
| Authentication bypass vulnerability in the core config manager in Nagios XI 5.2.x through 5.4.x before 5.4.13 allows an unauthenticated attacker to make configuration changes and leverage an authenticated SQL injection vulnerability. | ||||
| CVE-2018-8732 | 1 Wampserver | 1 Wampserver | 2024-11-21 | N/A |
| Cross-site scripting (XSS) vulnerability in WampServer 3.1.1 allows remote attackers to inject arbitrary web script or HTML via the virtual_del parameter. | ||||
| CVE-2018-8729 | 1 Pojo | 1 Activity Log | 2024-11-21 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in the Activity Log plugin before 2.4.1 for WordPress allow remote attackers to inject arbitrary JavaScript or HTML via a title that is not escaped. | ||||
| CVE-2018-8728 | 1 Kontena | 1 Kontena | 2024-11-21 | N/A |
| server/app/views/static/code.html in Kontena before 1.5.0 allows XSS in "kontena master login --remote" code display, as demonstrated by /code#code= in a URI. | ||||
| CVE-2018-8727 | 1 Mirasys | 1 Dvms Workstation | 2024-11-21 | N/A |
| Path Traversal in Gateway in Mirasys DVMS Workstation 5.12.6 and earlier allows an attacker to traverse the file system to access files or directories via the Web Client webserver. | ||||
| CVE-2018-8726 | 1 K7computing | 4 Antivrius, Enterprise Security, Total Security and 1 more | 2024-11-21 | 7.8 High |
| K7Computing Pvt Ltd K7Antivirus Premium 15.1.0.53 is affected by: Buffer Overflow. The impact is: execute arbitrary code (local). The component is: K7TSMngr.exe. | ||||
| CVE-2018-8725 | 1 K7computing | 4 Antivrius, Enterprise Security, Total Security and 1 more | 2024-11-21 | 7.8 High |
| K7Computing Pvt Ltd K7AntiVirus Premium 15.01.00.53 is affected by: Buffer Overflow. The impact is: execute arbitrary code (local). The component is: K7TSMngr.exe. | ||||
| CVE-2018-8724 | 1 K7computing | 4 Antivrius, Enterprise Security, Total Security and 1 more | 2024-11-21 | 7.8 High |
| K7Computing Pvt Ltd K7AntiVirus Premium 15.1.0.53 is affected by: Incorrect Access Control. The impact is: gain privileges (local). The component is: K7TSMngr.exe. | ||||
| CVE-2018-8722 | 1 Zohocorp | 1 Manageengine Desktop Central | 2024-11-21 | N/A |
| Zoho ManageEngine Desktop Central version 9.1.0 build 91099 has multiple XSS issues that were fixed in build 92026. | ||||
| CVE-2018-8721 | 1 Zohocorp | 1 Manageengine Eventlog Analyzer | 2024-11-21 | N/A |
| Zoho ManageEngine EventLog Analyzer version 11.0 build 11000 has Stored XSS related to the index2.do?url=editAlertForm&tab=alert&alert=profile URI and the Edit Alert Profile screen | ||||
| CVE-2018-8720 | 1 Servicenow | 1 It Service Management | 2024-11-21 | N/A |
| ServiceNow ITSM 2016-06-02 has XSS via the First Name or Last Name field of My Profile (aka navpage.do), or the Search bar of My Portal (aka search_results.do). | ||||