Total
323709 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2018-11021 | 1 Amazon | 2 Fire Os, Kindle Fire Hd | 2024-11-21 | N/A |
| kernel/omap/drivers/video/omap2/dsscomp/device.c in the kernel component in Amazon Kindle Fire HD(3rd) Fire OS 4.5.5.3 allows attackers to inject a crafted argument via the argument of an ioctl on device /dev/dsscomp with the command 1118064517 and cause a kernel crash. | ||||
| CVE-2018-11020 | 1 Amazon | 2 Fire Os, Kindle Fire Hd | 2024-11-21 | N/A |
| kernel/omap/drivers/rpmsg/rpmsg_omx.c in the kernel component in Amazon Kindle Fire HD(3rd) Fire OS 4.5.5.3 allows attackers to inject a crafted argument via the argument of an ioctl on device file /dev/rpmsg-omx1 with the command 3221772291, and cause a kernel crash. | ||||
| CVE-2018-11019 | 1 Amazon | 2 Fire Os, Kindle Fire Hd | 2024-11-21 | N/A |
| kernel/omap/drivers/misc/gcx/gcioctl/gcif.c in the kernel component in Amazon Kindle Fire HD(3rd) Fire OS 4.5.5.3 allows attackers to inject a crafted argument via the argument of an ioctl on device /dev/gcioctl with the command 3221773726 and cause a kernel crash. | ||||
| CVE-2018-11018 | 1 Pbootcms | 1 Pbootcms | 2024-11-21 | N/A |
| An issue was discovered in PbootCMS v1.0.7. Cross-site request forgery (CSRF) vulnerability in apps/admin/controller/system/RoleController.php allows remote attackers to add administrator accounts via admin.php/role/add.html. | ||||
| CVE-2018-11017 | 1 Libming | 1 Libming | 2024-11-21 | N/A |
| The newVar_N function in decompile.c in libming through 0.4.8 mishandles cases where the header indicates a file size greater than the actual size, which allows remote attackers to cause a denial of service (Segmentation fault and application crash) or possibly have unspecified other impact. | ||||
| CVE-2018-11013 | 2 D-link, Dlink | 2 Dir-816 A2 Firmware, Dir-816 A2 | 2024-11-21 | N/A |
| Stack-based buffer overflow in the websRedirect function in GoAhead on D-Link DIR-816 A2 (CN) routers with firmware version 1.10B05 allows unauthenticated remote attackers to execute arbitrary code via a request with a long HTTP Host header. | ||||
| CVE-2018-11012 | 1 Halo | 1 Halo | 2024-11-21 | N/A |
| ruibaby Halo 0.0.2 has stored XSS via the loginName and loginPwd parameters in a failed login attempt to AdminController.java. | ||||
| CVE-2018-11011 | 1 Halo | 1 Halo | 2024-11-21 | N/A |
| ruibaby Halo 0.0.2 has stored XSS via the commentAuthor field to FrontCommentController.java. | ||||
| CVE-2018-11010 | 1 K7computing | 4 Antivrius, Enterprise Security, Total Security and 1 more | 2024-11-21 | 7.8 High |
| A Buffer Overflow issue was discovered in K7Computing K7AntiVirus Premium 15.01.00.53. | ||||
| CVE-2018-11009 | 1 K7computing | 4 Antivrius, Enterprise Security, Total Security and 1 more | 2024-11-21 | 7.8 High |
| A Buffer Overflow issue was discovered in K7Computing K7AntiVirus Premium 15.01.00.53. | ||||
| CVE-2018-11008 | 1 K7computing | 4 Antivrius, Enterprise Security, Total Security and 1 more | 2024-11-21 | 5.5 Medium |
| An Incorrect Access Control issue was discovered in K7Computing K7AntiVirus Premium 15.01.00.53. | ||||
| CVE-2018-11007 | 1 K7computing | 4 Antivrius, Enterprise Security, Total Security and 1 more | 2024-11-21 | 5.5 Medium |
| A Memory Leak issue was discovered in K7Computing K7AntiVirus Premium 15.01.00.53. | ||||
| CVE-2018-11006 | 1 K7computing | 4 Antivrius, Enterprise Security, Total Security and 1 more | 2024-11-21 | 5.5 Medium |
| An Incorrect Access Control issue was discovered in K7Computing K7AntiVirus Premium 15.01.00.53. | ||||
| CVE-2018-11005 | 1 K7computing | 4 Antivrius, Enterprise Security, Total Security and 1 more | 2024-11-21 | 5.5 Medium |
| A Memory Leak issue was discovered in K7Computing K7AntiVirus Premium 15.01.00.53. | ||||
| CVE-2018-11004 | 1 Sdcms | 1 Sdcms | 2024-11-21 | N/A |
| An issue was discovered in SDcms v1.5. Cross-site request forgery (CSRF) vulnerability in /WWW//app/admin/controller/admincontroller.php allows remote attackers to add administrator accounts via m=admin&c=admin&a=add. | ||||
| CVE-2018-11003 | 1 Yxcms | 1 Yxcms | 2024-11-21 | N/A |
| An issue was discovered in YXcms 1.4.7. Cross-site request forgery (CSRF) vulnerability in protected/apps/admin/controller/adminController.php allows remote attackers to delete administrator accounts via index.php?r=admin/admin/admindel. | ||||
| CVE-2018-11002 | 1 Pulsesecure | 1 Pulse Secure Desktop Client | 2024-11-21 | N/A |
| Pulse Secure Desktop Client 5.3 up to and including R6.0 build 1769 on Windows has Insecure Permissions. | ||||
| CVE-2018-10999 | 4 Canonical, Debian, Exiv2 and 1 more | 4 Ubuntu Linux, Debian Linux, Exiv2 and 1 more | 2024-11-21 | N/A |
| An issue was discovered in Exiv2 0.26. The Exiv2::Internal::PngChunk::parseTXTChunk function has a heap-based buffer over-read. | ||||
| CVE-2018-10998 | 4 Canonical, Debian, Exiv2 and 1 more | 7 Ubuntu Linux, Debian Linux, Exiv2 and 4 more | 2024-11-21 | 6.5 Medium |
| An issue was discovered in Exiv2 0.26. readMetadata in jp2image.cpp allows remote attackers to cause a denial of service (SIGABRT) by triggering an incorrect Safe::add call. | ||||
| CVE-2018-10997 | 1 Etere | 1 Etereweb | 2024-11-21 | N/A |
| Etere EtereWeb before 28.1.20 has a pre-authentication blind SQL injection in the POST parameters txUserName and txPassword. | ||||