Export limit exceeded: 361570 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 14719 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 45732 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (45732 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2018-9305 | 2 Exiv2, Redhat | 2 Exiv2, Enterprise Linux | 2024-11-21 | N/A |
| In Exiv2 0.26, an out-of-bounds read in IptcData::printStructure in iptc.c could result in a crash or information leak, related to the "== 0x1c" case. | ||||
| CVE-2018-9284 | 1 Dlink | 2 Dir-868l, Singapore Starhub Firmware | 2024-11-21 | 9.8 Critical |
| authentication.cgi on D-Link DIR-868L devices with Singapore StarHub firmware before v1.21SHCb03 allows remote attackers to execute arbitrary code. | ||||
| CVE-2018-9262 | 2 Debian, Wireshark | 2 Debian Linux, Wireshark | 2024-11-21 | N/A |
| In Wireshark 2.4.0 to 2.4.5 and 2.2.0 to 2.2.13, the VLAN dissector could crash. This was addressed in epan/dissectors/packet-vlan.c by limiting VLAN tag nesting to restrict the recursion depth. | ||||
| CVE-2018-9256 | 2 Debian, Wireshark | 2 Debian Linux, Wireshark | 2024-11-21 | N/A |
| In Wireshark 2.4.0 to 2.4.5 and 2.2.0 to 2.2.13, the LWAPP dissector could crash. This was addressed in epan/dissectors/packet-lwapp.c by limiting the encapsulation levels to restrict the recursion depth. | ||||
| CVE-2018-9246 | 2 Ledgersmb, Pgobject-util-dbadmin Project | 2 Ledgersmb, Pgobject-util-dbadmin | 2024-11-21 | N/A |
| The PGObject::Util::DBAdmin module before 0.120.0 for Perl, as used in LedgerSMB through 1.5.x, insufficiently sanitizes or escapes variable values used as part of shell command execution, resulting in shell code injection via the create(), run_file(), backup(), or restore() function. The vulnerability allows unauthorized users to execute code with the same privileges as the running application. | ||||
| CVE-2018-9144 | 1 Exiv2 | 1 Exiv2 | 2024-11-21 | N/A |
| In Exiv2 0.26, there is an out-of-bounds read in Exiv2::Internal::binaryToString in image.cpp. It could result in denial of service or information disclosure. | ||||
| CVE-2018-9139 | 1 Samsung | 1 Samsung Mobile | 2024-11-21 | N/A |
| On Samsung mobile devices with N(7.x) software, a buffer overflow in the vision service allows code execution in a privileged process via a large frame size, aka SVE-2017-11165. | ||||
| CVE-2018-9137 | 1 Open-audit | 1 Open-audit | 2024-11-21 | N/A |
| Open-AudIT before 2.2 has CSV Injection. | ||||
| CVE-2018-9135 | 1 Imagemagick | 1 Imagemagick | 2024-11-21 | N/A |
| In ImageMagick 7.0.7-24 Q16, there is a heap-based buffer over-read in IsWEBPImageLossless in coders/webp.c. | ||||
| CVE-2018-9128 | 1 Dvd-x-player | 1 Dvd X Player | 2024-11-21 | N/A |
| DVD X Player Standard 5.5.3.9 has a Buffer Overflow via a crafted .plf file, a related issue to CVE-2007-3068. | ||||
| CVE-2018-9107 | 1 Acyba | 1 Acymailing | 2024-11-21 | N/A |
| CSV Injection (aka Excel Macro Injection or Formula Injection) exists in the export feature in the Acyba AcyMailing extension before 5.9.6 for Joomla! via a value that is mishandled in a CSV export. | ||||
| CVE-2018-9106 | 1 Acyba | 1 Acysms | 2024-11-21 | N/A |
| CSV Injection (aka Excel Macro Injection or Formula Injection) exists in the export feature in the Acyba AcySMS extension before 3.5.1 for Joomla! via a value that is mishandled in a CSV export. | ||||
| CVE-2018-9063 | 1 Lenovo | 1 System Update | 2024-11-21 | N/A |
| MapDrv (C:\Program Files\Lenovo\System Update\mapdrv.exe) In Lenovo System Update versions earlier than 5.07.0072 contains a local vulnerability where an attacker entering very large user ID or password can overrun the program's buffer, causing undefined behaviors, such as execution of arbitrary code. No additional privilege is granted to the attacker beyond what is already possessed to run MapDrv. | ||||
| CVE-2018-9059 | 1 Sharing-file | 1 Easy File Sharing Web Server | 2024-11-21 | N/A |
| Stack-based buffer overflow in Easy File Sharing (EFS) Web Server 7.2 allows remote attackers to execute arbitrary code via a malicious login request to forum.ghp. NOTE: this may overlap CVE-2014-3791. | ||||
| CVE-2018-9035 | 1 Contact-form-7-to-database-extension Project | 1 Contact-form-7-to-database-extension | 2024-11-21 | N/A |
| CSV Injection vulnerability in ExportToCsvUtf8.php of the Contact Form 7 to Database Extension plugin 2.10.32 for WordPress allows remote attackers to inject spreadsheet formulas into CSV files via the contact form. | ||||
| CVE-2018-8977 | 2 Exiv2, Redhat | 2 Exiv2, Enterprise Linux | 2024-11-21 | N/A |
| In Exiv2 0.26, the Exiv2::Internal::printCsLensFFFF function in canonmn_int.cpp allows remote attackers to cause a denial of service (invalid memory access) via a crafted file. | ||||
| CVE-2018-8976 | 3 Debian, Exiv2, Redhat | 6 Debian Linux, Exiv2, Enterprise Linux and 3 more | 2024-11-21 | 6.5 Medium |
| In Exiv2 0.26, jpgimage.cpp allows remote attackers to cause a denial of service (image.cpp Exiv2::Internal::stringFormat out-of-bounds read) via a crafted file. | ||||
| CVE-2018-8975 | 1 Netpbm Project | 1 Netpbm | 2024-11-21 | N/A |
| The pm_mallocarray2 function in lib/util/mallocvar.c in Netpbm through 10.81.03 allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted image file, as demonstrated by pbmmask. | ||||
| CVE-2018-8960 | 2 Canonical, Imagemagick | 2 Ubuntu Linux, Imagemagick | 2024-11-21 | N/A |
| The ReadTIFFImage function in coders/tiff.c in ImageMagick 7.0.7-26 Q16 does not properly restrict memory allocation, leading to a heap-based buffer over-read. | ||||
| CVE-2018-8941 | 2 D-link, Dlink | 2 Dsl-3782 Firmware, Dsl-3782 | 2024-11-21 | N/A |
| Diagnostics functionality on D-Link DSL-3782 devices with firmware EU v. 1.01 has a buffer overflow, allowing authenticated remote attackers to execute arbitrary code via a long Addr value to the 'set Diagnostics_Entry' function in an HTTP request, related to /userfs/bin/tcapi. | ||||