Total
323597 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2018-11222 | 1 Artica | 1 Pandora Fms | 2024-11-21 | N/A |
| Local File Inclusion (LFI) in Artica Pandora FMS through version 7.23 allows an attacker to call any php file via the /pandora_console/ajax.php ajax endpoint. | ||||
| CVE-2018-11221 | 1 Artica | 1 Pandora Fms | 2024-11-21 | N/A |
| Unauthenticated untrusted file upload in Artica Pandora FMS through version 7.23 allows an attacker to upload an arbitrary plugin via include/ajax/update_manager.ajax in the update system. | ||||
| CVE-2018-11220 | 1 Bitmain | 6 Antminer D3, Antminer D3 Firmware, Antminer L3\+ and 3 more | 2024-11-21 | N/A |
| Bitmain Antminer D3, L3+, and S9 devices allow Remote Command Execution via the system restore function. | ||||
| CVE-2018-11219 | 4 Debian, Oracle, Redhat and 1 more | 5 Debian Linux, Communications Operations Monitor, Openstack and 2 more | 2024-11-21 | N/A |
| An Integer Overflow issue was discovered in the struct library in the Lua subsystem in Redis before 3.2.12, 4.x before 4.0.10, and 5.x before 5.0 RC2, leading to a failure of bounds checking. | ||||
| CVE-2018-11218 | 4 Debian, Oracle, Redhat and 1 more | 5 Debian Linux, Communications Operations Monitor, Openstack and 2 more | 2024-11-21 | N/A |
| Memory Corruption was discovered in the cmsgpack library in the Lua subsystem in Redis before 3.2.12, 4.x before 4.0.10, and 5.x before 5.0 RC2 because of stack-based buffer overflows. | ||||
| CVE-2018-11215 | 1 Cloudera | 1 Data Science Workbench | 2024-11-21 | N/A |
| Remote code execution is possible in Cloudera Data Science Workbench version 1.3.0 and prior releases via unspecified attack vectors. | ||||
| CVE-2018-11214 | 4 Canonical, Debian, Ijg and 1 more | 4 Ubuntu Linux, Debian Linux, Libjpeg and 1 more | 2024-11-21 | N/A |
| An issue was discovered in libjpeg 9a. The get_text_rgb_row function in rdppm.c allows remote attackers to cause a denial of service (Segmentation fault) via a crafted file. | ||||
| CVE-2018-11213 | 4 Canonical, Debian, Ijg and 1 more | 4 Ubuntu Linux, Debian Linux, Libjpeg and 1 more | 2024-11-21 | N/A |
| An issue was discovered in libjpeg 9a. The get_text_gray_row function in rdppm.c allows remote attackers to cause a denial of service (Segmentation fault) via a crafted file. | ||||
| CVE-2018-11212 | 7 Canonical, Debian, Ijg and 4 more | 16 Ubuntu Linux, Debian Linux, Libjpeg and 13 more | 2024-11-21 | N/A |
| An issue was discovered in libjpeg 9a and 9d. The alloc_sarray function in jmemmgr.c allows remote attackers to cause a denial of service (divide-by-zero error) via a crafted file. | ||||
| CVE-2018-11210 | 1 Tinyxml2 Project | 1 Tinyxml2 | 2024-11-21 | N/A |
| TinyXML2 6.2.0 has a heap-based buffer over-read in the XMLDocument::Parse function in libtinyxml2.so. NOTE: The tinyxml2 developers have determined that the reported overflow is due to improper use of the library and not a vulnerability in tinyxml2 | ||||
| CVE-2018-11209 | 1 Zblogcn | 1 Z-blogphp | 2024-11-21 | N/A |
| An issue was discovered in Z-BlogPHP 2.0.0. zb_system/cmd.php?act=verify relies on MD5 for the password parameter, which might make it easier for attackers to bypass intended access restrictions via a dictionary or rainbow-table attack. NOTE: the vendor declined to accept this as a valid issue | ||||
| CVE-2018-11208 | 1 Zblogcn | 1 Z-blogphp | 2024-11-21 | N/A |
| An issue was discovered in Z-BlogPHP 2.0.0. There is a persistent XSS that allows remote attackers to inject arbitrary web script or HTML into background web site settings via the "copyright information office" field. NOTE: the vendor indicates that the product was not intended to block this type of XSS by a user with the admin privilege | ||||
| CVE-2018-11207 | 1 Hdfgroup | 1 Hdf5 | 2024-11-21 | N/A |
| A division by zero was discovered in H5D__chunk_init in H5Dchunk.c in the HDF HDF5 1.10.2 library. It could allow a remote denial of service attack. | ||||
| CVE-2018-11206 | 1 Hdfgroup | 1 Hdf5 | 2024-11-21 | N/A |
| An out of bounds read was discovered in H5O_fill_new_decode and H5O_fill_old_decode in H5Ofill.c in the HDF HDF5 1.10.2 library. It could allow a remote denial of service or information disclosure attack. | ||||
| CVE-2018-11205 | 1 Hdfgroup | 1 Hdf5 | 2024-11-21 | N/A |
| A out of bounds read was discovered in H5VM_memcpyvv in H5VM.c in the HDF HDF5 1.10.2 library. It could allow a remote denial of service or information disclosure attack. | ||||
| CVE-2018-11204 | 1 Hdfgroup | 1 Hdf5 | 2024-11-21 | N/A |
| A NULL pointer dereference was discovered in H5O__chunk_deserialize in H5Ocache.c in the HDF HDF5 1.10.2 library. It could allow a remote denial of service attack. | ||||
| CVE-2018-11203 | 1 Hdfgroup | 1 Hdf5 | 2024-11-21 | N/A |
| A division by zero was discovered in H5D__btree_decode_key in H5Dbtree.c in the HDF HDF5 1.10.2 library. It could allow a remote denial of service attack. | ||||
| CVE-2018-11202 | 1 Hdfgroup | 1 Hdf5 | 2024-11-21 | N/A |
| A NULL pointer dereference was discovered in H5S_hyper_make_spans in H5Shyper.c in the HDF HDF5 1.10.2 library. It could allow a remote denial of service attack. | ||||
| CVE-2018-11200 | 1 Acquia | 1 Mautic | 2024-11-21 | 6.1 Medium |
| An issue was discovered in Mautic 2.13.1. It has Stored XSS via the company name field. | ||||
| CVE-2018-11198 | 1 Acquia | 1 Mautic | 2024-11-21 | N/A |
| An issue was discovered in Mautic 2.13.1. There is Stored XSS via the authorUrl field in config.json. | ||||