Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (323414 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2018-16644 4 Canonical, Debian, Imagemagick and 1 more 4 Ubuntu Linux, Debian Linux, Imagemagick and 1 more 2024-11-21 N/A
There is a missing check for length in the functions ReadDCMImage of coders/dcm.c and ReadPICTImage of coders/pict.c in ImageMagick 7.0.8-11, which allows remote attackers to cause a denial of service via a crafted image.
CVE-2018-16643 4 Canonical, Debian, Imagemagick and 1 more 4 Ubuntu Linux, Debian Linux, Imagemagick and 1 more 2024-11-21 N/A
The functions ReadDCMImage in coders/dcm.c, ReadPWPImage in coders/pwp.c, ReadCALSImage in coders/cals.c, and ReadPICTImage in coders/pict.c in ImageMagick 7.0.8-4 do not check the return value of the fputc function, which allows remote attackers to cause a denial of service via a crafted image file.
CVE-2018-16642 4 Canonical, Debian, Imagemagick and 1 more 4 Ubuntu Linux, Debian Linux, Imagemagick and 1 more 2024-11-21 N/A
The function InsertRow in coders/cut.c in ImageMagick 7.0.7-37 allows remote attackers to cause a denial of service via a crafted image file due to an out-of-bounds write.
CVE-2018-16641 1 Imagemagick 1 Imagemagick 2024-11-21 N/A
ImageMagick 7.0.8-6 has a memory leak vulnerability in the TIFFWritePhotoshopLayers function in coders/tiff.c.
CVE-2018-16640 3 Canonical, Imagemagick, Redhat 3 Ubuntu Linux, Imagemagick, Enterprise Linux 2024-11-21 N/A
ImageMagick 7.0.8-5 has a memory leak vulnerability in the function ReadOneJNGImage in coders/png.c.
CVE-2018-16639 1 Typesettercms 1 Typesetter 2024-11-21 N/A
Typesetter 5.1 allows XSS via the index.php/Admin LABEL parameter during new page creation.
CVE-2018-16638 1 Modx 1 Evolution Cms 2024-11-21 N/A
Evolution CMS 1.4.x allows XSS via the manager/ search parameter.
CVE-2018-16637 1 Modx 1 Evolution Cms 2024-11-21 N/A
Evolution CMS 1.4.x allows XSS via the page weblink title parameter to the manager/ URI.
CVE-2018-16636 1 Nucleuscms 1 Nucleus Cms 2024-11-21 N/A
Nucleus CMS 3.70 allows HTML Injection via the index.php body parameter.
CVE-2018-16635 1 Blackcat-cms 1 Blackcat Cms 2024-11-21 N/A
Blackcat CMS 1.3.2 allows XSS via the willkommen.php?lang=DE page title at backend/pages/modify.php.
CVE-2018-16634 1 Pluck-cms 1 Pluck 2024-11-21 N/A
Pluck v4.7.7 allows CSRF via admin.php?action=settings.
CVE-2018-16633 1 Pluck-cms 1 Pluck 2024-11-21 N/A
Pluck v4.7.7 allows XSS via the admin.php?action=editpage&page= page title.
CVE-2018-16632 1 Jupo 1 Mezzanine 2024-11-21 N/A
Mezzanine CMS v4.3.1 allows XSS via the /admin/blog/blogcategory/add/?_to_field=id&_popup=1 title parameter at admin/blog/blogpost/add/.
CVE-2018-16631 1 Intelliants 1 Subrion Cms 2024-11-21 N/A
Subrion CMS v4.2.1 allows XSS via the panel/configuration/general/ SITE TITLE parameter.
CVE-2018-16630 1 Getkirby 1 Kirby 2024-11-21 N/A
Kirby v2.5.12 allows XSS by using the "site files" Add option to upload an SVG file.
CVE-2018-16629 1 Intelliants 1 Subrion Cms 2024-11-21 N/A
panel/uploads/#elf_l1_XA in Subrion CMS v4.2.1 allows XSS via an SVG file with JavaScript in a SCRIPT element.
CVE-2018-16628 1 Getkirby 1 Kirby 2024-11-21 N/A
panel/login in Kirby v2.5.12 allows XSS via a blog name.
CVE-2018-16627 1 Getkirby 1 Kirby 2024-11-21 N/A
panel/login in Kirby v2.5.12 allows Host header injection via the "forget password" feature.
CVE-2018-16626 1 Typesettercms 1 Typesetter 2024-11-21 N/A
index.php/Admin/Classes in Typesetter 5.1 allows XSS via the description of a new class name.
CVE-2018-16625 1 Typesettercms 1 Typesetter 2024-11-21 N/A
index.php/Admin/Uploaded in Typesetter 5.1 allows XSS via an SVG file with JavaScript in a SCRIPT element.