Export limit exceeded: 366485 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (366485 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2019-25251 | 1 Teradek | 6 Vidiu, Vidiu Firmware, Vidiu Mini and 3 more | 2026-07-15 | 6.5 Medium |
| Teradek VidiU Pro 3.0.3 contains a server-side request forgery vulnerability in the management interface that allows attackers to manipulate GET parameters 'url' and 'xml_url'. Attackers can exploit this flaw to bypass firewalls, initiate network enumeration, and potentially trigger external HTTP requests to arbitrary destinations. | ||||
| CVE-2019-25243 | 1 Iwt | 2 Facesentry Access Control System, Facesentry Access Control System Firmware | 2026-07-15 | 8.8 High |
| FaceSentry 6.4.8 contains an authenticated remote command injection vulnerability in pingTest.php and tcpPortTest.php scripts. Attackers can exploit unsanitized input parameters to inject and execute arbitrary shell commands with root privileges by manipulating the 'strInIP' and 'strInPort' parameters. | ||||
| CVE-2019-25241 | 1 Iwt | 2 Facesentry Access Control System, Facesentry Access Control System Firmware | 2026-07-15 | 7.5 High |
| FaceSentry Access Control System 6.4.8 contains a critical authentication vulnerability with hard-coded SSH credentials for the wwwuser account. Attackers can leverage the insecure sudoers configuration to escalate privileges and gain root access by executing sudo commands without authentication. | ||||
| CVE-2018-25421 | 2 Devcode, Openstamanager | 2 Openstamanager, Open Sta Manager | 2026-07-15 | 6.5 Medium |
| Open STA Manager 2.3 contains a path traversal vulnerability that allows authenticated users to download arbitrary files by manipulating the file parameter. Attackers can send GET requests to modules/backup/actions.php with op=getfile and traverse directories using ../ sequences to access sensitive system files. | ||||
| CVE-2018-25407 | 1 Endonesia | 1 Endonesia | 2026-07-15 | 8.2 High |
| eNdonesia Portal 8.7 contains multiple SQL injection vulnerabilities that allow unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through parameters in mod.php. Attackers can inject SQL through the artid, cid, did, contid, and aboutid parameters across publisher, diskusi, galeri, content, and about modules to extract database information including usernames, database names, and version details. | ||||
| CVE-2018-25406 | 1 Endonesia | 1 Endonesia | 2026-07-15 | 8.2 High |
| eNdonesia Portal 8.7 contains multiple SQL injection vulnerabilities that allow unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through parameters in mod.php. Attackers can inject SQL through the artid, cid, did, contid, and aboutid parameters across publisher, diskusi, galeri, content, and about modules to extract database credentials, usernames, and version information. | ||||
| CVE-2018-25405 | 1 Endonesia | 1 Endonesia | 2026-07-15 | 8.2 High |
| eNdonesia Portal 8.7 contains multiple SQL injection vulnerabilities that allow unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through parameters in mod.php. Attackers can inject SQL through the artid, cid, did, contid, and aboutid parameters to extract sensitive database information including usernames, database names, and version details. | ||||
| CVE-2018-25393 | 2 Navigate, Naviwebs | 2 Navigate Cms, Navigate Cms | 2026-07-15 | 6.5 Medium |
| Navigate CMS 2.8.5 contains a path traversal vulnerability that allows authenticated users to download arbitrary files by injecting directory traversal sequences in the id parameter. Attackers can send GET requests to navigate_download.php with path traversal payloads ../../../cfg/globals.php to access sensitive configuration files and system files outside the intended directory. | ||||
| CVE-2018-25370 | 1 Admidio | 1 Admidio | 2026-07-15 | 5.3 Medium |
| Admidio 3.3.5 contains a cross-site request forgery vulnerability that allows low-privilege users to increase their permissions by exploiting improper origin checking. Attackers can craft malicious HTML forms targeting roles_function.php with parameters like rol_assign_roles, rol_approve_users, and rol_edit_user set to 1 to escalate privileges without authentication. | ||||
| CVE-2018-25358 | 2 D-link, Dlink | 2 Dir601na, Dir-601 | 2026-07-15 | 7.5 High |
| D-Link DIR601 2.02NA contains a credential disclosure vulnerability that allows unauthenticated attackers to retrieve sensitive configuration data by manipulating the table_name parameter in POST requests. Attackers can send requests to /my_cgi.cgi with table_name values like admin_user, wireless_settings, and wireless_security to extract administrative credentials and wireless network keys in clear text. | ||||
| CVE-2018-25355 | 1 Audiograbber | 1 Audiograbber | 2026-07-15 | 8.4 High |
| Audiograbber 1.83 contains a local buffer overflow vulnerability that allows attackers to execute arbitrary code by exploiting structured exception handling mechanisms. Attackers can craft malicious input in the Interpret or Album fields that triggers a buffer overflow, overwriting SEH pointers and executing injected shellcode with application privileges. | ||||
| CVE-2018-25327 | 1 Joomsky | 1 Js Jobs | 2026-07-15 | 5.3 Medium |
| Joomla! Component Js Jobs 1.2.0 contains a cross-site request forgery vulnerability that allows attackers to perform state-changing actions without token validation. Attackers can craft malicious HTML forms targeting administrative endpoints like job.jobenforcedelete to delete job entries or modify component settings when administrators visit attacker-controlled pages. | ||||
| CVE-2018-25324 | 2 Simple Fields Project, Wordpress | 2 Simple Fields, Wordpress | 2026-07-15 | 6.2 Medium |
| Simple Fields 0.2 through 0.3.5 WordPress Plugin contains a local file inclusion vulnerability that allows unauthenticated attackers to read arbitrary files by injecting null bytes into the wp_abspath parameter on PHP versions before 5.3.4. Attackers can supply malicious wp_abspath values to simple_fields.php to include files like /etc/passwd or inject PHP code into Apache logs for remote code execution when allow_url_include is enabled. | ||||
| CVE-2018-25317 | 1 Tenda | 6 A302, A302 Firmware, W3002r and 3 more | 2026-07-15 | 9.8 Critical |
| Tenda W3002R/A302/W309R wireless routers version V5.07.64_en contain a cookie session weakness vulnerability that allows unauthenticated attackers to modify DNS settings by exploiting insufficient session validation. Attackers can send GET requests to the /goform/AdvSetDns endpoint with a crafted admin language cookie to change primary and secondary DNS servers, redirecting user traffic to malicious DNS servers. | ||||
| CVE-2018-25316 | 1 Tenda | 2 W308r, W308r Firmware | 2026-07-15 | 9.8 Critical |
| Tenda W308R v2 V5.07.48 contains a cookie session weakness vulnerability that allows unauthenticated attackers to modify DNS settings by exploiting insufficient session validation. Attackers can send GET requests to the goform/AdvSetDns endpoint with a crafted admin language cookie to change DNS servers and redirect user traffic to malicious sites. | ||||
| CVE-2018-25307 | 2 Flexense, Sysgauge | 2 Sysgauge, Sysgauge Pro | 2026-07-15 | 8.4 High |
| SysGauge Pro 4.6.12 contains a local buffer overflow vulnerability in the Register function that allows local attackers to overwrite the structured exception handler by supplying a crafted unlock key. Attackers can inject shellcode through the Unlock Key field during registration to execute arbitrary code with application privileges. | ||||
| CVE-2018-25296 | 2 Fireeye, P10 | 2 Central Management, Central Management Software | 2026-07-15 | 5.5 Medium |
| P10 Central Management Software 1.4.13 contains a buffer overflow vulnerability in the login password field that allows local attackers to crash the application by submitting an oversized input string. Attackers can paste a 2000-byte payload into the password field and click login to trigger an application crash and denial of service. | ||||
| CVE-2018-25264 | 1 Acutesystems | 1 Transmac | 2026-07-15 | 6.2 Medium |
| TransMac 12.2 contains a buffer overflow vulnerability in the license key input field that allows local attackers to crash the application by submitting an oversized string. Attackers can generate a payload file containing 4000 bytes of data, paste it into the License Key field, and trigger a denial of service condition. | ||||
| CVE-2018-25243 | 2 Caspie, Fasttube | 2 Fast Tube, Fasttube | 2026-07-15 | 6.2 Medium |
| FastTube 1.0.1.0 contains a denial of service vulnerability that allows local attackers to crash the application by submitting an excessively long string to the search functionality. Attackers can paste a buffer of 1900 characters into the search bar and trigger a crash when the search operation is executed. | ||||
| CVE-2018-25236 | 1 Belden | 2 Hirschmann Hios, Hirschmann Hisecos | 2026-07-15 | 9.8 Critical |
| Hirschmann HiOS and HiSecOS products RSP, RSPE, RSPS, RSPL, MSP, EES, EESX, GRS, OS, RED, EAGLE contain an authentication bypass vulnerability in the HTTP(S) management module that allows unauthenticated remote attackers to gain administrative access by crafting specially formed HTTP requests. Attackers can exploit improper authentication handling to obtain the authentication status and privileges of a previously authenticated user without providing valid credentials. | ||||