Search Results (83082 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2018-8763 2 Debian, Ldap-account-manager 2 Debian Linux, Ldap Account Manager 2024-11-21 N/A
Roland Gruber Softwareentwicklung LDAP Account Manager before 6.3 has XSS via the dn parameter to the templates/3rdParty/pla/htdocs/cmd.php URI or the template parameter to the templates/3rdParty/pla/htdocs/cmd.php?cmd=rename_form URI.
CVE-2018-8738 1 Airties 4 5444, 5444 Firmware, 5444tt and 1 more 2024-11-21 N/A
Airties 5444 1.0.0.18 and 5444TT 1.0.0.18 devices allow XSS.
CVE-2018-8737 1 Bylancer 1 Bookme 2024-11-21 N/A
Bookme Control Panel 2.0 Application is vulnerable to stored XSS within the Customers "Book Me" function. Within the Name and Note (aka custName and custNote) sections of the Customers screen, the application does not sanitize user-supplied input and renders injected JavaScript code to the user's browser.
CVE-2018-8735 1 Nagios 1 Nagios Xi 2024-11-21 N/A
Remote command execution (RCE) vulnerability in Nagios XI 5.2.x through 5.4.x before 5.4.13 allows an attacker to execute arbitrary commands on the target system, aka OS command injection.
CVE-2018-8732 1 Wampserver 1 Wampserver 2024-11-21 N/A
Cross-site scripting (XSS) vulnerability in WampServer 3.1.1 allows remote attackers to inject arbitrary web script or HTML via the virtual_del parameter.
CVE-2018-8729 1 Pojo 1 Activity Log 2024-11-21 N/A
Multiple cross-site scripting (XSS) vulnerabilities in the Activity Log plugin before 2.4.1 for WordPress allow remote attackers to inject arbitrary JavaScript or HTML via a title that is not escaped.
CVE-2018-8728 1 Kontena 1 Kontena 2024-11-21 N/A
server/app/views/static/code.html in Kontena before 1.5.0 allows XSS in "kontena master login --remote" code display, as demonstrated by /code#code= in a URI.
CVE-2018-8722 1 Zohocorp 1 Manageengine Desktop Central 2024-11-21 N/A
Zoho ManageEngine Desktop Central version 9.1.0 build 91099 has multiple XSS issues that were fixed in build 92026.
CVE-2018-8721 1 Zohocorp 1 Manageengine Eventlog Analyzer 2024-11-21 N/A
Zoho ManageEngine EventLog Analyzer version 11.0 build 11000 has Stored XSS related to the index2.do?url=editAlertForm&tab=alert&alert=profile URI and the Edit Alert Profile screen
CVE-2018-8720 1 Servicenow 1 It Service Management 2024-11-21 N/A
ServiceNow ITSM 2016-06-02 has XSS via the First Name or Last Name field of My Profile (aka navpage.do), or the Search bar of My Portal (aka search_results.do).
CVE-2018-8716 1 Wso2 1 Identity Server 2024-11-21 N/A
WSO2 Identity Server before 5.5.0 has XSS via the dashboard, allowing attacks by low-privileged attackers.
CVE-2018-8652 1 Microsoft 1 Windows Azure Pack Rollup 2024-11-21 N/A
A Cross-site Scripting (XSS) vulnerability exists when Windows Azure Pack does not properly sanitize user-provided input, aka "Windows Azure Pack Cross Site Scripting Vulnerability." This affects Windows Azure Pack Rollup 13.1.
CVE-2018-8651 1 Microsoft 1 Dynamics Nav 2024-11-21 N/A
A cross site scripting vulnerability exists when Microsoft Dynamics NAV does not properly sanitize a specially crafted web request to an affected Dynamics NAV server, aka "Microsoft Dynamics NAV Cross Site Scripting Vulnerability." This affects Microsoft Dynamics NAV.
CVE-2018-8643 1 Microsoft 9 Internet Explorer, Windows 10, Windows 7 and 6 more 2024-11-21 N/A
A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer, aka "Scripting Engine Memory Corruption Vulnerability." This affects Internet Explorer 9, Internet Explorer 11, Internet Explorer 10.
CVE-2018-8631 1 Microsoft 9 Internet Explorer, Windows 10, Windows 7 and 6 more 2024-11-21 N/A
A remote code execution vulnerability exists when Internet Explorer improperly accesses objects in memory, aka "Internet Explorer Memory Corruption Vulnerability." This affects Internet Explorer 9, Internet Explorer 11, Internet Explorer 10.
CVE-2018-8629 1 Microsoft 5 Chakracore, Edge, Windows 10 and 2 more 2024-11-21 N/A
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-8583, CVE-2018-8617, CVE-2018-8618, CVE-2018-8624.
CVE-2018-8626 1 Microsoft 4 Windows 10, Windows Server 2012, Windows Server 2016 and 1 more 2024-11-21 N/A
A remote code execution vulnerability exists in Windows Domain Name System (DNS) servers when they fail to properly handle requests, aka "Windows DNS Server Heap Overflow Vulnerability." This affects Windows Server 2012 R2, Windows Server 2019, Windows Server 2016, Windows 10, Windows 10 Servers.
CVE-2018-8624 1 Microsoft 5 Chakracore, Edge, Windows 10 and 2 more 2024-11-21 N/A
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-8583, CVE-2018-8617, CVE-2018-8618, CVE-2018-8629.
CVE-2018-8618 1 Microsoft 5 Chakracore, Edge, Windows 10 and 2 more 2024-11-21 N/A
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-8583, CVE-2018-8617, CVE-2018-8624, CVE-2018-8629.
CVE-2018-8617 1 Microsoft 5 Chakracore, Edge, Windows 10 and 2 more 2024-11-21 N/A
A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-8583, CVE-2018-8618, CVE-2018-8624, CVE-2018-8629.