Search Results (83043 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2018-6056 3 Debian, Google, Redhat 6 Debian Linux, Chrome, Enterprise Linux Desktop and 3 more 2024-11-21 N/A
Type confusion could lead to a heap out-of-bounds write in V8 in Google Chrome prior to 64.0.3282.168 allowing a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page.
CVE-2018-6051 3 Debian, Google, Redhat 6 Debian Linux, Chrome, Enterprise Linux Desktop and 3 more 2024-11-21 N/A
XSS Auditor in Google Chrome prior to 64.0.3282.119, did not ensure the reporting URL was in the same origin as the page it was on, which allowed a remote attacker to obtain referrer details via a crafted HTML page.
CVE-2018-6040 3 Debian, Google, Redhat 6 Debian Linux, Chrome, Enterprise Linux Desktop and 3 more 2024-11-21 N/A
Insufficient policy enforcement in Blink in Google Chrome prior to 64.0.3282.119 allowed a remote attacker to potentially bypass content security policy via a crafted HTML page.
CVE-2018-6021 1 Silextechnology 4 Geh-sd-320an, Geh-sd-320an Firmware, Sd-320an and 1 more 2024-11-21 N/A
Silex SD-320AN version 2.01 and prior and GE MobileLink(GEH-SD-320AN) version GEH-1.1 and prior have a system call parameter that is not properly sanitized, which may allow remote code execution.
CVE-2018-6013 1 Bigtreecms 1 Bigtree Cms 2024-11-21 N/A
Cross-site scripting (XSS) in BigTree 4.2.19 allows any remote users to inject arbitrary web script or HTML via the directory parameter. This issue exists in core/admin/ajax/developer/extensions/file-browser.php.
CVE-2018-6010 1 Yiiframework 1 Yiiframework 2024-11-21 N/A
In Yii Framework 2.x before 2.0.14, remote attackers could obtain potentially sensitive information from exception messages, or exploit reflected XSS on the error handler page in non-debug mode. Related to base/ErrorHandler.php, log/Dispatcher.php, and views/errorHandler/exception.php.
CVE-2018-6002 1 Webartisan 1 Soundy Background Music 2024-11-21 N/A
The Soundy Background Music plugin 3.9 and below for WordPress has Cross-Site Scripting via soundy-background-music\templates\front-end.php (war_soundy_preview parameter).
CVE-2018-6001 1 Webartisan 1 Soundy Audio Playlist 2024-11-21 N/A
The Soundy Audio Playlist plugin 4.6 and below for WordPress has Cross-Site Scripting via soundy-audio-playlist\templates\front-end.php (war_sdy_pl_preview parameter).
CVE-2018-5967 1 Netis-systems 2 Wf2419, Wf2419 Firmware 2024-11-21 N/A
Netis WF2419 V2.2.36123 devices allow XSS via the Description parameter on the Bandwidth Control Rule Settings page.
CVE-2018-5965 1 Cmsmadesimple 1 Cms Made Simple 2024-11-21 N/A
CMS Made Simple (CMSMS) 2.2.5 has XSS in admin/moduleinterface.php via the m1_errors parameter.
CVE-2018-5964 1 Cmsmadesimple 1 Cms Made Simple 2024-11-21 N/A
CMS Made Simple (CMSMS) 2.2.5 has XSS in admin/moduleinterface.php via the m1_messages parameter.
CVE-2018-5963 1 Cmsmadesimple 1 Cms Made Simple 2024-11-21 N/A
CMS Made Simple (CMSMS) 2.2.5 has XSS in admin/addbookmark.php via the title parameter.
CVE-2018-5962 1 Control-webpanel 1 Webpanel 2024-11-21 N/A
index.php in CentOS-WebPanel.com (aka CWP) CentOS Web Panel through v0.9.8.12 has XSS via the id parameter to the phpini_editor module or the email_address parameter to the mail_add-new module.
CVE-2018-5961 1 Control-webpanel 1 Webpanel 2024-11-21 N/A
CentOS-WebPanel.com (aka CWP) CentOS Web Panel through v0.9.8.12 has XSS via the `module` value of the `index.php` file.
CVE-2018-5950 4 Canonical, Debian, Gnu and 1 more 10 Ubuntu Linux, Debian Linux, Mailman and 7 more 2024-11-21 6.1 Medium
Cross-site scripting (XSS) vulnerability in the web UI in Mailman before 2.1.26 allows remote attackers to inject arbitrary web script or HTML via a user-options URL.
CVE-2018-5924 1 Hp 540 1dt61a, 1dt61a Firmware, 1jl02a and 537 more 2024-11-21 N/A
A security vulnerability has been identified with certain HP Inkjet printers. A maliciously crafted file sent to an affected device can cause a stack buffer overflow, which could allow remote code execution.
CVE-2018-5879 1 Qualcomm 32 Mdm9206, Mdm9206 Firmware, Mdm9607 and 29 more 2024-11-21 N/A
Improper length check while processing an MQTT message can lead to heap overflow in snapdragon mobile and snapdragon wear in versions MDM9206, MDM9607, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 450, SD 625, SD 636, SD 835, SDA660, SDM630, SDM660
CVE-2018-5874 1 Qualcomm 48 Mdm9206, Mdm9206 Firmware, Mdm9607 and 45 more 2024-11-21 N/A
While parsing an mp4 file, a stack-based buffer overflow can occur in Snapdragon Automobile, Snapdragon Mobile and Snapdragon Wear.
CVE-2018-5861 1 Google 1 Android 2024-11-21 N/A
In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, existing checks in place on partition size are incomplete and can lead to heap overwrite vulnerabilities while loading a secure application from the boot loader.
CVE-2018-5854 1 Google 1 Android 2024-11-21 N/A
A stack-based buffer overflow can occur in fastboot from all Android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the Linux kernel.