Export limit exceeded: 357827 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (357827 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2018-5661 | 1 Responsive Coming Soon Page Project | 1 Responsive Coming Soon Page | 2024-11-21 | N/A |
| An issue was discovered in the responsive-coming-soon-page plugin 1.1.18 for WordPress. XSS exists via the wp-admin/admin.php logo_width parameter. | ||||
| CVE-2018-5660 | 1 Responsive Coming Soon Page Project | 1 Responsive Coming Soon Page | 2024-11-21 | N/A |
| An issue was discovered in the responsive-coming-soon-page plugin 1.1.18 for WordPress. XSS exists via the wp-admin/admin.php coming-soon_sub_title parameter. | ||||
| CVE-2018-5659 | 1 Responsive Coming Soon Page Project | 1 Responsive Coming Soon Page | 2024-11-21 | N/A |
| An issue was discovered in the responsive-coming-soon-page plugin 1.1.18 for WordPress. XSS exists via the wp-admin/admin.php coming-soon_title parameter. | ||||
| CVE-2018-5658 | 1 Responsive Coming Soon Page Project | 1 Responsive Coming Soon Page | 2024-11-21 | N/A |
| An issue was discovered in the responsive-coming-soon-page plugin 1.1.18 for WordPress. CSRF exists via wp-admin/admin.php. | ||||
| CVE-2018-5657 | 1 Responsive Coming Soon Page Project | 1 Responsive Coming Soon Page | 2024-11-21 | N/A |
| An issue was discovered in the responsive-coming-soon-page plugin 1.1.18 for WordPress. XSS exists via the wp-admin/admin.php counter_title_icon parameter. | ||||
| CVE-2018-5656 | 1 Weblizar | 1 Pinterest-feeds | 2024-11-21 | N/A |
| An issue was discovered in the weblizar-pinterest-feeds plugin 1.1.1 for WordPress. CSRF exists via wp-admin/admin-ajax.php. | ||||
| CVE-2018-5655 | 1 Weblizar | 1 Pinterest-feeds | 2024-11-21 | N/A |
| An issue was discovered in the weblizar-pinterest-feeds plugin 1.1.1 for WordPress. XSS exists via the wp-admin/admin-ajax.php security parameter. | ||||
| CVE-2018-5654 | 1 Weblizar | 1 Pinterest-feeds | 2024-11-21 | N/A |
| An issue was discovered in the weblizar-pinterest-feeds plugin 1.1.1 for WordPress. XSS exists via the wp-admin/admin-ajax.php PFFREE_Access_Token parameter. | ||||
| CVE-2018-5653 | 1 Weblizar | 1 Pinterest-feeds | 2024-11-21 | N/A |
| An issue was discovered in the weblizar-pinterest-feeds plugin 1.1.1 for WordPress. XSS exists via the wp-admin/admin-ajax.php weblizar_pffree_settings_save_get-users parameter. | ||||
| CVE-2018-5652 | 1 Dark Mode Project | 1 Dark Mode | 2024-11-21 | N/A |
| An issue was discovered in the dark-mode plugin 1.6 for WordPress. XSS exists via the wp-admin/profile.php dark_mode_end parameter. | ||||
| CVE-2018-5651 | 1 Dark Mode Project | 1 Dark Mode | 2024-11-21 | N/A |
| An issue was discovered in the dark-mode plugin 1.6 for WordPress. XSS exists via the wp-admin/profile.php dark_mode_start parameter. | ||||
| CVE-2018-5650 | 1 Long Range Zip Project | 1 Long Range Zip | 2024-11-21 | N/A |
| In Long Range Zip (aka lrzip) 0.631, there is an infinite loop and application hang in the unzip_match function in runzip.c. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted lrz file. | ||||
| CVE-2018-5560 | 1 Guardzilla | 2 Gz521w, Gz521w Firmware | 2024-11-21 | N/A |
| A reliance on a static, hard-coded credential in the design of the cloud-based storage system of Practecol's Guardzilla All-In-One Video Security System allows an attacker to view the private data of all users of the Guardzilla device. | ||||
| CVE-2018-5559 | 1 Rapid7 | 1 Komand | 2024-11-21 | N/A |
| In Rapid7 Komand version 0.41.0 and prior, certain endpoints that are able to list the always encrypted-at-rest connection data could return some configurations of connection data without obscuring sensitive data from the API response sent over an encrypted channel. This issue does not affect Rapid7 Komand version 0.42.0 and later versions. | ||||
| CVE-2018-5553 | 1 Crestron | 6 Dge-100, Dge-100 Firmware, Dm-dge-200-c and 3 more | 2024-11-21 | N/A |
| The Crestron Console service running on DGE-100, DM-DGE-200-C, and TS-1542-C devices with default configuration and running firmware versions 1.3384.00049.001 and lower are vulnerable to command injection that can be used to gain root-level access. | ||||
| CVE-2018-5552 | 1 Docutracinc | 1 Dtisqlinstaller | 2024-11-21 | N/A |
| Versions of DocuTrac QuicDoc and Office Therapy that ship with DTISQLInstaller.exe version 1.6.4.0 and prior contains a hard-coded cryptographic salt, "S@l+&pepper". | ||||
| CVE-2018-5551 | 1 Docutracinc | 1 Dtisqlinstaller | 2024-11-21 | N/A |
| Versions of DocuTrac QuicDoc and Office Therapy that ship with DTISQLInstaller.exe version 1.6.4.0 and prior contain three credentials with known passwords: QDMaster, OTMaster, and sa. | ||||
| CVE-2018-5550 | 1 Epson | 1 Airprint | 2024-11-21 | N/A |
| Versions of Epson AirPrint released prior to January 19, 2018 contain a reflective cross-site scripting (XSS) vulnerability, which can allow untrusted users on the network to hijack a session cookie or perform other reflected XSS attacks on a currently logged-on user. | ||||
| CVE-2018-5549 | 1 F5 | 1 Big-ip Access Policy Manager | 2024-11-21 | N/A |
| On BIG-IP APM 11.6.0-11.6.3.1, 12.1.0-12.1.3.3, 13.0.0, and 13.1.0-13.1.0.3, APMD may core when processing SAML Assertion or response containing certain elements. | ||||
| CVE-2018-5548 | 1 F5 | 1 Big-ip Access Policy Manager | 2024-11-21 | N/A |
| On BIG-IP APM 11.6.0-11.6.3, an insecure AES ECB mode is used for orig_uri parameter in an undisclosed /vdesk link of APM virtual server configured with an access profile, allowing a malicious user to build a redirect URI value using different blocks of cipher texts. | ||||