Total
291583 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2018-14749 | 1 Qnap | 1 Qts | 2024-11-21 | N/A |
| Buffer Overflow vulnerability in QTS 4.3.5 build 20181013, QTS 4.3.4 build 20181008, QTS 4.3.3 build 20180829, QTS 4.2.6 build 20180829 and earlier versions could have unspecified impact on the NAS. | ||||
| CVE-2018-14748 | 1 Qnap | 1 Qts | 2024-11-21 | N/A |
| Improper Authorization vulnerability in QTS 4.3.5 build 20181013, QTS 4.3.4 build 20181008, QTS 4.3.3 build 20180829, QTS 4.2.6 build 20180829 and earlier versions could allow remote attackers to power off the NAS. | ||||
| CVE-2018-14747 | 1 Qnap | 1 Qts | 2024-11-21 | N/A |
| NULL Pointer Dereference vulnerability in QTS 4.3.5 build 20181013, QTS 4.3.4 build 20181008, QTS 4.3.3 build 20180829, QTS 4.2.6 build 20180829 and earlier versions could allow remote attackers to crash the NAS media server. | ||||
| CVE-2018-14746 | 1 Qnap | 1 Qts | 2024-11-21 | N/A |
| Command Injection vulnerability in QTS 4.3.5 build 20181013, QTS 4.3.4 build 20181008, QTS 4.3.3 build 20180829, QTS 4.2.6 build 20180829 and earlier versions could allow remote attackers to run arbitrary commands on the NAS. | ||||
| CVE-2018-14745 | 1 Samsung | 2 Galaxy S6, Galaxy S6 Firmware | 2024-11-21 | N/A |
| Buffer overflow in prot_get_ring_space in the bcmdhd4358 Wi-Fi driver on the Samsung Galaxy S6 SM-G920F G920FXXU5EQH7 allows an attacker (who has obtained code execution on the Wi-Fi chip) to overwrite kernel memory due to improper validation of the ring buffer read pointer. The Samsung ID is SVE-2018-12029. | ||||
| CVE-2018-14744 | 1 Pbc Project | 1 Pbc | 2024-11-21 | N/A |
| An issue was discovered in libpbc.a in cloudwu PBC through 2017-03-02. A use-after-free can occur in _pbcM_sp_query in map.c. | ||||
| CVE-2018-14743 | 1 Pbc Project | 1 Pbc | 2024-11-21 | N/A |
| An issue was discovered in libpbc.a in cloudwu PBC through 2017-03-02. A SEGV can occur in wiretype_decode in context.c. | ||||
| CVE-2018-14742 | 1 Pbc Project | 1 Pbc | 2024-11-21 | N/A |
| An issue was discovered in libpbc.a in cloudwu PBC through 2017-03-02. A SEGV can occur in set_field_one in bootstrap.c during a memcpy. | ||||
| CVE-2018-14741 | 1 Pbc Project | 1 Pbc | 2024-11-21 | N/A |
| An issue was discovered in libpbc.a in cloudwu PBC through 2017-03-02. A SEGV can occur in pbc_pattern_pack in pattern.c. | ||||
| CVE-2018-14740 | 1 Pbc Project | 1 Pbc | 2024-11-21 | N/A |
| An issue was discovered in libpbc.a in cloudwu PBC through 2017-03-02. A SEGV can occur in set_field_one in bootstrap.c while making a query. | ||||
| CVE-2018-14739 | 1 Pbc Project | 1 Pbc | 2024-11-21 | N/A |
| An issue was discovered in libpbc.a in cloudwu PBC through 2017-03-02. A SEGV can occur in pbc_pattern_set_default in pattern.c. | ||||
| CVE-2018-14738 | 1 Pbc Project | 1 Pbc | 2024-11-21 | N/A |
| An issue was discovered in libpbc.a in cloudwu PBC through 2017-03-02. A SEGV can occur in pbc_rmessage_message in rmessage.c. | ||||
| CVE-2018-14737 | 1 Pbc Project | 1 Pbc | 2024-11-21 | N/A |
| An issue was discovered in libpbc.a in cloudwu PBC through 2017-03-02. A NULL pointer dereference can occur in pbc_wmessage_string in wmessage.c. | ||||
| CVE-2018-14736 | 1 Pbc Project | 1 Pbc | 2024-11-21 | N/A |
| An issue was discovered in libpbc.a in cloudwu PBC through 2017-03-02. A buffer over-read can occur in pbc_wmessage_string in wmessage.c for PTYPE_ENUM. | ||||
| CVE-2018-14735 | 3 Hitachi, Linux, Microsoft | 8 Command Suite, Compute Systems Manager, Device Manager and 5 more | 2024-11-21 | N/A |
| An Information Exposure issue was discovered in Hitachi Command Suite 8.5.3. A remote attacker may be able to exploit a flaw in the permission of messaging that may allow for information exposure via a crafted message. | ||||
| CVE-2018-14734 | 4 Canonical, Debian, Linux and 1 more | 5 Ubuntu Linux, Debian Linux, Linux Kernel and 2 more | 2024-11-21 | N/A |
| drivers/infiniband/core/ucma.c in the Linux kernel through 4.17.11 allows ucma_leave_multicast to access a certain data structure after a cleanup step in ucma_process_join, which allows attackers to cause a denial of service (use-after-free). | ||||
| CVE-2018-14733 | 1 Odoo | 1 Odoo | 2024-11-21 | N/A |
| The Odoo Community Association (OCA) dbfilter_from_header module makes Odoo 8.x, 9.x, 10.x, and 11.x vulnerable to ReDoS (regular expression denial of service) under certain circumstances. | ||||
| CVE-2018-14732 | 1 Webpack.js | 1 Webpack-dev-server | 2024-11-21 | N/A |
| An issue was discovered in lib/Server.js in webpack-dev-server before 3.1.6. Attackers are able to steal developer's code because the origin of requests is not checked by the WebSocket server, which is used for HMR (Hot Module Replacement). Anyone can receive the HMR message sent by the WebSocket server via a ws://127.0.0.1:8080/ connection from any origin. | ||||
| CVE-2018-14731 | 1 Parceljs | 1 Parcel | 2024-11-21 | N/A |
| An issue was discovered in HMRServer.js in Parcel parcel-bundler. Attackers are able to steal developer's code because the origin of requests is not checked by the WebSocket server, which is used for HMR (Hot Module Replacement). Anyone can receive the HMR message sent by the WebSocket server via a ws://127.0.0.1 connection (with a random TCP port number) from any origin. The random port number can be found by connecting to http://127.0.0.1 and reading the "new WebSocket" line in the source code. | ||||
| CVE-2018-14730 | 1 Browserify-hot Module Replacement Project | 1 Browserify-hot Module Replacement | 2024-11-21 | 7.5 High |
| An issue was discovered in Browserify-HMR. Attackers are able to steal developer's code because the origin of requests is not checked by the WebSocket server, which is used for HMR (Hot Module Replacement). Anyone can receive the HMR message sent by the WebSocket server via a ws://127.0.0.1:3123/ connection from any origin. | ||||