Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (327240 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2018-20962 1 Backpackforlaravel 1 Backpack\\crud 2024-11-21 N/A
The Backpack\CRUD Backpack component before 3.4.9 for Laravel allows XSS via the select field type.
CVE-2018-20961 1 Linux 1 Linux Kernel 2024-11-21 9.8 Critical
In the Linux kernel before 4.16.4, a double free vulnerability in the f_midi_set_alt function of drivers/usb/gadget/function/f_midi.c in the f_midi driver may allow attackers to cause a denial of service or possibly have unspecified other impact.
CVE-2018-20960 1 Nespresso 2 Prodigo, Prodigo Firmware 2024-11-21 N/A
Nespresso Prodigio devices lack Bluetooth connection security.
CVE-2018-20959 1 Jura 2 E8, E8 Firmware 2024-11-21 N/A
Jura E8 devices lack Bluetooth connection security.
CVE-2018-20958 1 Tapplock 2 Tapplock, Tapplock Firmware 2024-11-21 N/A
The Bluetooth Low Energy (BLE) subsystem on Tapplock devices before 2018-06-12 relies on Key1 and SerialNo for unlock operations; however, these are derived from the MAC address, which is broadcasted by the device.
CVE-2018-20957 1 Tapplock 2 One\+, One\+ Firmware 2024-11-21 N/A
The Bluetooth Low Energy (BLE) subsystem on Tapplock devices before 2018-06-12 allows replay attacks.
CVE-2018-20956 1 Swann 2 Swwhd-intcam-hd, Swwhd-intcam-hd Firmware 2024-11-21 N/A
Swann SWWHD-INTCAM-HD devices leave the PSK in logs after a factory reset. NOTE: all affected customers were migrated by 2020-08-31.
CVE-2018-20955 1 Swann 2 Swwhd-intcam-hd, Swwhd-intcam-hd Firmware 2024-11-21 N/A
Swann SWWHD-INTCAM-HD devices have the twipc root password, leading to FTP access as root. NOTE: all affected customers were migrated by 2020-08-31.
CVE-2018-20954 1 Mailpile 1 Mailpile 2024-11-21 N/A
The "Security and Privacy" Encryption feature in Mailpile before 1.0.0rc4 does not exclude disabled, revoked, and expired keys.
CVE-2018-20953 1 Cpanel 1 Cpanel 2024-11-21 N/A
cPanel before 68.0.27 allows self XSS in the WHM listips interface (SEC-389).
CVE-2018-20952 1 Cpanel 1 Cpanel 2024-11-21 N/A
cPanel before 68.0.27 creates world-readable files during use of WHM Apache Includes Editor (SEC-388).
CVE-2018-20951 1 Cpanel 1 Cpanel 2024-11-21 N/A
cPanel before 68.0.27 allows self XSS in WHM Spamd Startup Config (SEC-387).
CVE-2018-20950 1 Cpanel 1 Cpanel 2024-11-21 N/A
cPanel before 68.0.27 allows self stored XSS in WHM Account Transfer (SEC-386).
CVE-2018-20949 1 Cpanel 1 Cpanel 2024-11-21 N/A
cPanel before 68.0.27 allows self XSS in WHM Apache Configuration Include Editor (SEC-385).
CVE-2018-20948 1 Cpanel 1 Cpanel 2024-11-21 N/A
cPanel before 68.0.27 allows self XSS in cPanel Backup Restoration (SEC-383).
CVE-2018-20947 1 Cpanel 1 Cpanel 2024-11-21 N/A
cPanel before 68.0.27 allows certain file-write operations via the telnetcrt script (SEC-356).
CVE-2018-20946 1 Cpanel 1 Cpanel 2024-11-21 N/A
cPanel before 68.0.27 allows attackers to read zone information because a world-readable archive is created by the archive_sync_zones script (SEC-355).
CVE-2018-20945 1 Cpanel 1 Cpanel 2024-11-21 N/A
bin/csvprocess in cPanel before 68.0.27 allows insecure file operations (SEC-354).
CVE-2018-20944 1 Cpanel 1 Cpanel 2024-11-21 N/A
cPanel before 68.0.27 allows attackers to read a copy of httpd.conf that is created during a syntax test (SEC-353).
CVE-2018-20943 1 Cpanel 1 Cpanel 2024-11-21 N/A
cPanel before 68.0.27 allows attackers to read root's crontab file during a short time interval upon a post-update task (SEC-352).