Total
324478 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2018-0630 | 1 Nec | 2 Aterm W300p, Aterm W300p Firmware | 2024-11-21 | N/A |
| Aterm W300P Ver1.0.13 and earlier allows attacker with administrator rights to execute arbitrary OS commands via sysCmd parameter. | ||||
| CVE-2018-0629 | 1 Nec | 2 Aterm W300p, Aterm W300p Firmware | 2024-11-21 | N/A |
| Aterm W300P Ver1.0.13 and earlier allows attacker with administrator rights to execute arbitrary OS commands via HTTP request and response. | ||||
| CVE-2018-0628 | 1 Nec | 2 Aterm Wg1200hp, Aterm Wg1200hp Firmware | 2024-11-21 | N/A |
| Aterm WG1200HP firmware Ver1.0.31 and earlier allows attacker with administrator rights to execute arbitrary OS commands via HTTP request and response. | ||||
| CVE-2018-0627 | 1 Nec | 2 Aterm Wg1200hp, Aterm Wg1200hp Firmware | 2024-11-21 | N/A |
| Aterm WG1200HP firmware Ver1.0.31 and earlier allows attacker with administrator rights to execute arbitrary OS commands via targetAPSsid parameter. | ||||
| CVE-2018-0626 | 1 Nec | 2 Aterm Wg1200hp, Aterm Wg1200hp Firmware | 2024-11-21 | N/A |
| Aterm WG1200HP firmware Ver1.0.31 and earlier allows attacker with administrator rights to execute arbitrary OS commands via sysCmd in formWsc parameter. | ||||
| CVE-2018-0625 | 1 Nec | 2 Aterm Wg1200hp, Aterm Wg1200hp Firmware | 2024-11-21 | N/A |
| Aterm WG1200HP firmware Ver1.0.31 and earlier allows attacker with administrator rights to execute arbitrary OS commands via formSysCmd parameter. | ||||
| CVE-2018-0624 | 1 Yayoi-kk | 6 Aoiro Shinkoku, Hanbai, Kaikei and 3 more | 2024-11-21 | N/A |
| Untrusted search path vulnerability in Multiple Yayoi 17 Series products (Yayoi Kaikei 17 Series Ver.23.1.1 and earlier, Yayoi Aoiro Shinkoku 17 Ver.23.1.1 and earlier, Yayoi Kyuuyo 17 Ver.20.1.4 and earlier, Yayoi Kyuuyo Keisan 17 Ver.20.1.4 and earlier, Yayoi Hanbai 17 Series Ver.20.0.2 and earlier, and Yayoi Kokyaku Kanri 17 Ver.11.0.2 and earlier) allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. This flaw exists within the handling of ykkapi.dll loaded by the vulnerable products. | ||||
| CVE-2018-0623 | 1 Yayoi-kk | 6 Aoiro Shinkoku, Hanbai, Kaikei and 3 more | 2024-11-21 | N/A |
| Untrusted search path vulnerability in Multiple Yayoi 17 Series products (Yayoi Kaikei 17 Series Ver.23.1.1 and earlier, Yayoi Aoiro Shinkoku 17 Ver.23.1.1 and earlier, Yayoi Kyuuyo 17 Ver.20.1.4 and earlier, Yayoi Kyuuyo Keisan 17 Ver.20.1.4 and earlier, Yayoi Hanbai 17 Series Ver. 20.0.2 and earlier, and Yayoi Kokyaku Kanri 17 Ver.11.0.2 and earlier) allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. This flaw exists within the handling of msjet49.dll loaded by the vulnerable products. | ||||
| CVE-2018-0622 | 1 Dhc | 1 Dhc Online Shop | 2024-11-21 | N/A |
| The DHC Online Shop App for Android version 3.2.0 and earlier does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | ||||
| CVE-2018-0621 | 1 Logitech | 1 Connection Utility Software | 2024-11-21 | N/A |
| Untrusted search path vulnerability in LOGICOOL CONNECTION UTILITY SOFTWARE versions before 2.30.9 allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. | ||||
| CVE-2018-0620 | 1 Logitech | 1 Game Software | 2024-11-21 | N/A |
| Untrusted search path vulnerability in LOGICOOL Game Software versions before 8.87.116 allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. | ||||
| CVE-2018-0619 | 1 Glarysoft | 1 Glary Utilities | 2024-11-21 | N/A |
| Untrusted search path vulnerability in the installer of Glarysoft Glary Utilities (Glary Utilities 5.99 and earlier and Glary Utilities Pro 5.99 and earlier) allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. | ||||
| CVE-2018-0618 | 3 Debian, Gnu, Redhat | 3 Debian Linux, Mailman, Enterprise Linux | 2024-11-21 | N/A |
| Cross-site scripting vulnerability in Mailman 2.1.26 and earlier allows remote authenticated attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2018-0617 | 1 Chama | 1 Memocgi | 2024-11-21 | N/A |
| Directory traversal vulnerability in ChamaNet MemoCGI v2.1800 to v2.2200 allows remote attackers to read arbitrary files via unspecified vectors. | ||||
| CVE-2018-0614 | 1 Necplatforms | 16 Calsos Csdj-a, Calsos Csdj-a Firmware, Calsos Csdj-b and 13 more | 2024-11-21 | N/A |
| Cross-site scripting vulnerability in NEC Platforms Calsos CSDX and CSDJ series products (CSDX 1.37210411 and earlier, CSDX(P) 4.37210411 and earlier, CSDX(D) 3.37210411 and earlier, CSDX(S) 2.37210411 and earlier, CSDJ-B 01.03.00 and earlier, CSDJ-H 01.03.00 and earlier, CSDJ-D 01.03.00 and earlier, CSDJ-A 03.00.00) allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2018-0613 | 1 Necplatforms | 16 Calsos Csdj-a, Calsos Csdj-a Firmware, Calsos Csdj-b and 13 more | 2024-11-21 | N/A |
| NEC Platforms Calsos CSDX and CSDJ series products (CSDX 1.37210411 and earlier, CSDX(P) 4.37210411 and earlier, CSDX(D) 3.37210411 and earlier, CSDX(S) 2.37210411 and earlier, CSDJ-B 01.03.00 and earlier, CSDJ-H 01.03.00 and earlier, CSDJ-D 01.03.00 and earlier, CSDJ-A 03.00.00) allows remote authenticated attackers to bypass access restriction to conduct arbitrary operations with administrative privilege via unspecified vectors. | ||||
| CVE-2018-0612 | 1 5000 Trillion Yen Converter Project | 1 5000 Trillion Yen Converter | 2024-11-21 | 6.1 Medium |
| Cross-site scripting vulnerability in 5000 trillion yen converter v1.0.6 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2018-0611 | 1 Ana | 1 Ana | 2024-11-21 | N/A |
| The ANA App for iOS version 4.0.22 and earlier does not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | ||||
| CVE-2018-0610 | 1 Zenphoto | 1 Zenphoto | 2024-11-21 | N/A |
| Local file inclusion vulnerability in Zenphoto 1.4.14 and earlier allows a remote attacker with an administrative privilege to execute arbitrary code or obtain sensitive information. | ||||
| CVE-2018-0609 | 1 Linecorp | 1 Line | 2024-11-21 | N/A |
| Untrusted search path vulnerability in LINE for Windows versions before 5.8.0 allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. | ||||