Search Results (322822 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2018-20505 3 Apple, Microsoft, Sqlite 7 Icloud, Iphone Os, Itunes and 4 more 2024-11-21 N/A
SQLite 3.25.2, when queries are run on a table with a malformed PRIMARY KEY, allows remote attackers to cause a denial of service (application crash) by leveraging the ability to run arbitrary SQL statements (such as in certain WebSQL use cases).
CVE-2018-20503 1 Alliedtelesis 2 8100l\/8, 8100l\/8 Firmware 2024-11-21 N/A
Allied Telesis 8100L/8 devices allow XSS via the edit-ipv4_interface.php vlanid or subnet_mask parameter.
CVE-2018-20502 1 Axiosys 1 Bento4 2024-11-21 N/A
An issue was discovered in Bento4 1.5.1-627. There is an attempt at excessive memory allocation in the AP4_DataBuffer class when called from AP4_HvccAtom::Create in Core/Ap4HvccAtom.cpp.
CVE-2018-20501 1 Gitlab 1 Gitlab 2024-11-21 6.3 Medium
An issue was discovered in GitLab Community and Enterprise Edition before 11.4.13, 11.5.x before 11.5.6, and 11.6.x before 11.6.1. It has Incorrect Access Control.
CVE-2018-20500 1 Gitlab 1 Gitlab 2024-11-21 N/A
An insecure permissions issue was discovered in GitLab Community and Enterprise Edition 9.4 and later but before 11.4.13, 11.5.x before 11.5.6, and 11.6.x before 11.6.1. The runner registration token in the CI/CD settings could not be reset. This was a security risk if one of the maintainers leaves the group and they know the token.
CVE-2018-20499 1 Gitlab 1 Gitlab 2024-11-21 7.2 High
An issue was discovered in GitLab Community and Enterprise Edition before 11.x before 11.4.13, 11.5.x before 11.5.6, and 11.6.x before 11.6.1. It allows SSRF.
CVE-2018-20498 1 Gitlab 1 Gitlab 2024-11-21 4.3 Medium
An issue was discovered in GitLab Community and Enterprise Edition before 11.4.13, 11.5.x before 11.5.6, and 11.6.x before 11.6.1. It has Incorrect Access Control.
CVE-2018-20497 1 Gitlab 1 Gitlab 2024-11-21 5.0 Medium
An issue was discovered in GitLab Community and Enterprise Edition before 11.4.13, 11.5.x before 11.5.6, and 11.6.x before 11.6.1. It allows SSRF.
CVE-2018-20496 1 Gitlab 1 Gitlab 2024-11-21 5.4 Medium
An issue was discovered in GitLab Community and Enterprise Edition 11.2.x through 11.4.x before 11.4.13, 11.5.x before 11.5.6, and 11.6.x before 11.6.1. It allows XSS.
CVE-2018-20495 1 Gitlab 1 Gitlab 2024-11-21 5.3 Medium
An issue was discovered in GitLab Community and Enterprise Edition 11.3.x and 11.4.x before 11.4.13, 11.5.x before 11.5.6, and 11.6.x before 11.6.1. It allows Information Exposure.
CVE-2018-20494 1 Gitlab 1 Gitlab 2024-11-21 7.5 High
An issue was discovered in GitLab Community and Enterprise Edition before 11.4.13, 11.5.x before 11.5.6, and 11.6.x before 11.6.1. It has Incorrect Access Control.
CVE-2018-20493 1 Gitlab 1 Gitlab 2024-11-21 4.3 Medium
An issue was discovered in GitLab Community and Enterprise Edition before 11.4.13, 11.5.x before 11.5.6, and 11.6.x before 11.6.1. It has Incorrect Access Control.
CVE-2018-20492 1 Gitlab 1 Gitlab 2024-11-21 5.3 Medium
An issue was discovered in GitLab Community and Enterprise Edition before 11.4.13, 11.5.x before 11.5.6, and 11.6.x before 11.6.1. It has Incorrect Access Control (issue 2 of 6).
CVE-2018-20491 1 Gitlab 1 Gitlab 2024-11-21 5.4 Medium
An issue was discovered in GitLab Enterprise Edition 11.3.x and 11.4.x before 11.4.13, 11.5.x before 11.5.6, and 11.6.x before 11.6.1. It allows XSS.
CVE-2018-20490 1 Gitlab 1 Gitlab 2024-11-21 5.4 Medium
An issue was discovered in GitLab Community and Enterprise Edition 11.2.x through 11.4.x before 11.4.13, 11.5.x before 11.5.6, and 11.6.x before 11.6.1. It allows XSS.
CVE-2018-20489 1 Gitlab 1 Gitlab 2024-11-21 5.3 Medium
An issue was discovered in GitLab Community and Enterprise Edition before 11.4.13, 11.5.x before 11.5.6, and 11.6.x before 11.6.1. It has Incorrect Access Control.
CVE-2018-20488 1 Gitlab 1 Gitlab 2024-11-21 4.3 Medium
An issue was discovered in GitLab Community and Enterprise Edition before 11.4.13, 11.5.x before 11.5.6, and 11.6.x before 11.6.1. It allows Information Exposure.
CVE-2018-20487 1 Inteno 1 Iopsys 2024-11-21 N/A
An issue was discovered in the firewall3 component in Inteno IOPSYS 1.0 through 3.16. The attacker must make a JSON-RPC method call to add a firewall rule as an "include" and point the "path" argument to a malicious script or binary. This gets executed as root when the firewall changes are committed.
CVE-2018-20486 1 Metinfo 1 Metinfo 2024-11-21 N/A
MetInfo 6.x through 6.1.3 has XSS via the /admin/login/login_check.php url_array[] parameter.
CVE-2018-20485 1 Zohocorp 1 Manageengine Adselfservice Plus 2024-11-21 N/A
Zoho ManageEngine ADSelfService Plus 5.7 before build 5702 has XSS in the employee search feature.