Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (324543 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2018-20974 1 Joomsky 1 Js Job Manager 2024-11-21 N/A
The js-jobs plugin before 1.0.7 for WordPress has CSRF.
CVE-2018-20973 1 Codeermeneer 1 Companion Auto Update 2024-11-21 N/A
The companion-auto-update plugin before 3.2.1 for WordPress has local file inclusion.
CVE-2018-20972 1 Codeermeneer 1 Companion Auto Update 2024-11-21 N/A
The companion-auto-update plugin before 3.2.1 for WordPress has CSRF.
CVE-2018-20971 1 Churchadminplugin 1 Church Admin 2024-11-21 N/A
The church-admin plugin before 1.2550 for WordPress has CSRF affecting the upload of a bible reading plan.
CVE-2018-20970 1 Bestwebsoft 1 Pdf \& Print 2024-11-21 N/A
The pdf-print plugin before 2.0.3 for WordPress has multiple XSS issues.
CVE-2018-20969 2 Gnu, Redhat 6 Patch, Enterprise Linux, Rhel Aus and 3 more 2024-11-21 N/A
do_ed_script in pch.c in GNU patch through 2.7.6 does not block strings beginning with a ! character. NOTE: this is the same commit as for CVE-2019-13638, but the ! syntax is specific to ed, and is unrelated to a shell metacharacter.
CVE-2018-20968 1 Smackcoders 1 Ultimate Exporter 2024-11-21 N/A
The wp-ultimate-exporter plugin before 1.4.2 for WordPress has CSRF.
CVE-2018-20967 1 Smackcoders 1 Import All Pages\, Post Types\, Products\, Orders\, And Users As Xml \& Csv 2024-11-21 N/A
The wp-ultimate-csv-importer plugin before 5.6.1 for WordPress has CSRF.
CVE-2018-20966 1 Booster 1 Booster For Woocommerce 2024-11-21 N/A
The woocommerce-jetpack plugin before 3.8.0 for WordPress has XSS in the Products Per Page feature.
CVE-2018-20965 1 Ultimatemember 1 Ultimate Member 2024-11-21 6.1 Medium
The ultimate-member plugin before 2.0.4 for WordPress has XSS.
CVE-2018-20964 1 Codepeople 1 Contact Form Email 2024-11-21 N/A
The contact-form-to-email plugin before 1.2.66 for WordPress has CSRF.
CVE-2018-20963 1 Codepeople 1 Contact Form Email 2024-11-21 N/A
The contact-form-to-email plugin before 1.2.66 for WordPress has XSS.
CVE-2018-20962 1 Backpackforlaravel 1 Backpack\\crud 2024-11-21 N/A
The Backpack\CRUD Backpack component before 3.4.9 for Laravel allows XSS via the select field type.
CVE-2018-20961 1 Linux 1 Linux Kernel 2024-11-21 9.8 Critical
In the Linux kernel before 4.16.4, a double free vulnerability in the f_midi_set_alt function of drivers/usb/gadget/function/f_midi.c in the f_midi driver may allow attackers to cause a denial of service or possibly have unspecified other impact.
CVE-2018-20960 1 Nespresso 2 Prodigo, Prodigo Firmware 2024-11-21 N/A
Nespresso Prodigio devices lack Bluetooth connection security.
CVE-2018-20959 1 Jura 2 E8, E8 Firmware 2024-11-21 N/A
Jura E8 devices lack Bluetooth connection security.
CVE-2018-20958 1 Tapplock 2 Tapplock, Tapplock Firmware 2024-11-21 N/A
The Bluetooth Low Energy (BLE) subsystem on Tapplock devices before 2018-06-12 relies on Key1 and SerialNo for unlock operations; however, these are derived from the MAC address, which is broadcasted by the device.
CVE-2018-20957 1 Tapplock 2 One\+, One\+ Firmware 2024-11-21 N/A
The Bluetooth Low Energy (BLE) subsystem on Tapplock devices before 2018-06-12 allows replay attacks.
CVE-2018-20956 1 Swann 2 Swwhd-intcam-hd, Swwhd-intcam-hd Firmware 2024-11-21 N/A
Swann SWWHD-INTCAM-HD devices leave the PSK in logs after a factory reset. NOTE: all affected customers were migrated by 2020-08-31.
CVE-2018-20955 1 Swann 2 Swwhd-intcam-hd, Swwhd-intcam-hd Firmware 2024-11-21 N/A
Swann SWWHD-INTCAM-HD devices have the twipc root password, leading to FTP access as root. NOTE: all affected customers were migrated by 2020-08-31.