Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (323598 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2018-21003 1 Themekraft 1 Buddyforms 2024-11-21 N/A
The buddyforms plugin before 2.2.8 for WordPress has SQL injection.
CVE-2018-21002 1 Joomsky 1 Js Help Desk 2024-11-21 N/A
The js-support-ticket plugin before 2.0.6 for WordPress has CSRF.
CVE-2018-21001 1 Bologer 1 Anycomment 2024-11-21 N/A
The anycomment plugin before 0.0.33 for WordPress has XSS.
CVE-2018-21000 1 Safe-transmute Project 1 Safe-transmute 2024-11-21 N/A
An issue was discovered in the safe-transmute crate before 0.10.1 for Rust. A constructor's arguments are in the wrong order, causing heap memory corruption.
CVE-2018-20999 1 Orion Project 1 Orion 2024-11-21 N/A
An issue was discovered in the orion crate before 0.11.2 for Rust. reset() calls cause incorrect results.
CVE-2018-20998 1 Arrayfire 1 Arrayfire 2024-11-21 N/A
An issue was discovered in the arrayfire crate before 3.6.0 for Rust. Addition of the repr() attribute to an enum is mishandled, leading to memory corruption.
CVE-2018-20997 1 Rust-openssl Project 1 Rust-openssl 2024-11-21 N/A
An issue was discovered in the openssl crate before 0.10.9 for Rust. A use-after-free occurs in CMS Signing.
CVE-2018-20996 1 Crossbeam Project 1 Crossbeam 2024-11-21 N/A
An issue was discovered in the crossbeam crate before 0.4.1 for Rust. There is a double free because of destructor mishandling.
CVE-2018-20995 1 Slice-deque Project 1 Slice-deque 2024-11-21 N/A
An issue was discovered in the slice-deque crate before 0.1.16 for Rust. move_head_unchecked allows memory corruption because deque updates are mishandled.
CVE-2018-20994 1 Trust-dns-proto Project 1 Trust-dns-proto 2024-11-21 N/A
An issue was discovered in the trust-dns-proto crate before 0.5.0-alpha.3 for Rust. There is infinite recursion because DNS message compression is mishandled.
CVE-2018-20993 1 Yaml-rust Project 1 Yaml-rust 2024-11-21 N/A
An issue was discovered in the yaml-rust crate before 0.4.1 for Rust. There is uncontrolled recursion during deserialization.
CVE-2018-20992 1 Claxon Project 1 Claxon 2024-11-21 N/A
An issue was discovered in the claxon crate before 0.4.1 for Rust. Uninitialized memory can be exposed because certain decode buffer sizes are mishandled.
CVE-2018-20991 1 Servo 1 Smallvec 2024-11-21 N/A
An issue was discovered in the smallvec crate before 0.6.3 for Rust. The Iterator implementation mishandles destructors, leading to a double free.
CVE-2018-20990 1 Tar Project 1 Tar 2024-11-21 N/A
An issue was discovered in the tar crate before 0.4.16 for Rust. Arbitrary file overwrite can occur via a symlink or hardlink in a TAR archive.
CVE-2018-20989 1 Untrusted Project 1 Untrusted 2024-11-21 N/A
An issue was discovered in the untrusted crate before 0.6.2 for Rust. Error handling can trigger an integer underflow and panic.
CVE-2018-20988 1 Google Forms Project 1 Google Forms 2024-11-21 N/A
The wpgform plugin before 0.94 for WordPress has eval injection in the CAPTCHA calculation.
CVE-2018-20987 1 Tribulant 1 Newsletters 2024-11-21 N/A
The newsletters-lite plugin before 4.6.8.6 for WordPress has PHP object injection.
CVE-2018-20986 1 Advancedcustomfields 1 Advanced Custom Fields 2024-11-21 N/A
The advanced-custom-fields (aka Elliot Condon Advanced Custom Fields) plugin before 5.7.8 for WordPress has XSS by authors.
CVE-2018-20985 1 Payeezy 1 Wp Payeezy Pay 2024-11-21 N/A
The wp-payeezy-pay plugin before 2.98 for WordPress has local file inclusion in pay.php, donate.php, donate-rec, and pay-rec.
CVE-2018-20984 1 Patreon 1 Patreon Wordpress 2024-11-21 N/A
The patreon-connect plugin before 1.2.2 for WordPress has Object Injection.