Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (331487 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2018-20873 1 Cpanel 1 Cpanel 2024-11-21 N/A
cPanel before 74.0.8 allows local users to disable the ClamAV daemon (SEC-409).
CVE-2018-20872 1 I-lan 1 Draytekl Firmware 2024-11-21 N/A
DrayTek routers before 2018-05-23 allow CSRF attacks to change DNS or DHCP settings, a related issue to CVE-2017-11649.
CVE-2018-20871 1 Univa 1 Grid Engine 2024-11-21 N/A
In Univa Grid Engine before 8.6.3, when configured for Docker jobs and execd spooling on root_squash, weak file permissions ("other" write access) occur in certain cases (GE-6890).
CVE-2018-20870 1 Cpanel 1 Cpanel 2024-11-21 N/A
The WebDAV transport feature in cPanel before 76.0.8 enables debug logging (SEC-467).
CVE-2018-20869 1 Cpanel 1 Cpanel 2024-11-21 N/A
cPanel before 76.0.8 allows arbitrary code execution in the context of the root account via dnssec adminbin (SEC-465).
CVE-2018-20868 1 Cpanel 1 Cpanel 2024-11-21 N/A
cPanel before 76.0.8 has Stored XSS in the WHM MultiPHP Manager interface (SEC-464).
CVE-2018-20867 1 Cpanel 1 Cpanel 2024-11-21 N/A
cPanel before 76.0.8 has an open redirect when resetting connections (SEC-462).
CVE-2018-20866 1 Cpanel 1 Cpanel 2024-11-21 N/A
cPanel before 76.0.8 has Stored XSS in the WHM "Reset a DNS Zone" feature (SEC-461).
CVE-2018-20865 1 Cpanel 1 Cpanel 2024-11-21 N/A
cPanel before 76.0.8 has Self XSS in the WHM Additional Backup Destination field (SEC-459).
CVE-2018-20864 1 Cpanel 1 Cpanel 2024-11-21 N/A
cPanel before 76.0.8 allows a persistent Virtual FTP accounts after removal of its associated domain (SEC-454).
CVE-2018-20863 1 Cpanel 1 Cpanel 2024-11-21 N/A
cPanel before 76.0.8 allows remote attackers to execute arbitrary code via mailing-list attachments (SEC-452).
CVE-2018-20862 1 Cpanel 1 Cpanel 2024-11-21 N/A
cPanel before 76.0.8 unsafely performs PostgreSQL password changes (SEC-366).
CVE-2018-20861 1 Openmpt 1 Libopenmpt 2024-11-21 N/A
libopenmpt before 0.3.11 allows a crash with certain malformed custom tunings in MPTM files.
CVE-2018-20860 2 Openmpt, Opensuse 2 Libopenmpt, Leap 2024-11-21 6.5 Medium
libopenmpt before 0.3.13 allows a crash with malformed MED files.
CVE-2018-20859 1 Edx 1 Edx-platform 2024-11-21 6.1 Medium
edx-platform before 2018-07-18 allows XSS via a response to a Chemical Equation advanced problem.
CVE-2018-20858 1 Edx 1 Recommender 2024-11-21 N/A
Recommender before 2018-07-18 allows XSS.
CVE-2018-20857 1 Zendesk 1 Samlr 2024-11-21 N/A
Zendesk Samlr before 2.6.2 allows an XML nodes comment attack such as a name_id node with user@example.com followed by <!---->. and then the attacker's domain name.
CVE-2018-20856 2 Linux, Redhat 8 Linux Kernel, Enterprise Linux, Enterprise Mrg and 5 more 2024-11-21 N/A
An issue was discovered in the Linux kernel before 4.18.7. In block/blk-core.c, there is an __blk_drain_queue() use-after-free because a certain error case is mishandled.
CVE-2018-20855 3 Linux, Netapp, Opensuse 6 Linux Kernel, Active Iq Performance Analytics Services, Active Iq Unified Manager and 3 more 2024-11-21 3.3 Low
An issue was discovered in the Linux kernel before 4.18.7. In create_qp_common in drivers/infiniband/hw/mlx5/qp.c, mlx5_ib_create_qp_resp was never initialized, resulting in a leak of stack memory to userspace.
CVE-2018-20854 1 Linux 1 Linux Kernel 2024-11-21 N/A
An issue was discovered in the Linux kernel before 4.20. drivers/phy/mscc/phy-ocelot-serdes.c has an off-by-one error with a resultant ctrl->phys out-of-bounds read.