Search Results (82975 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2018-21098 1 Netgear 2 R7800, R7800 Firmware 2024-11-21 6.8 Medium
NETGEAR R7800 devices before 1.0.2.60 are affected by command injection by an authenticated user.
CVE-2018-21097 1 Netgear 22 Wac120, Wac120 Firmware, Wac505 and 19 more 2024-11-21 9.8 Critical
Certain NETGEAR devices are affected by a stack-based buffer overflow by an unauthenticated attacker. This affects WAC505 before 5.0.5.4, WAC510 before 5.0.5.4, WAC120 before 2.1.7, WN604 before 3.3.10, WNAP320 before 3.7.11.4, WNAP210v2 before 3.7.11.4, WNDAP350 before 3.7.11.4, WNDAP360 before 3.7.11.4, WNDAP660 before 3.7.11.4, WNDAP620 before 2.1.7, and WND930 before 2.1.5.
CVE-2018-21095 1 Netgear 4 Srr60, Srr60 Firmware, Srs60 and 1 more 2024-11-21 4.3 Medium
Certain NETGEAR devices are affected by stored XSS. This affects SRR60 before 2.2.1.210 and SRS60 before 2.2.1.210.
CVE-2018-21093 1 Netgear 60 D8500, D8500 Firmware, Ex3700 and 57 more 2024-11-21 8.8 High
Certain NETGEAR devices are affected by a stack-based buffer overflow by an unauthenticated attacker. This affects D8500 before 1.0.3.42, EX3700 before 1.0.0.70, EX3800 before 1.0.0.70, EX6000 before 1.0.0.30, EX6100 before 1.0.2.24, EX6120 before 1.0.0.40, EX6130 before 1.0.0.22, EX6150 before 1.0.0.42, EX6200 before 1.0.3.88, EX7000 before 1.0.0.66, R6250 before 1.0.4.26, R6300-2CXNAS before 1.0.3.60, R6300v2 before 1.0.4.28, R6400 before 1.0.1.36, R6400v2 before 1.0.2.52, R6700 before 1.0.1.46, R6900 before 1.0.1.46, R7000 before 1.0.9.28, R7000P before 1.3.1.44, R6900P before 1.3.1.44, R7100LG before 1.0.0.46, R7300 before 1.0.0.68, R7900 before 1.0.2.10, R8000 before 1.0.4.18, R8000P before 1.3.0.10, R7900P before 1.3.0.10, R8500 before 1.0.2.122, R8300 before 1.0.2.122, RBW30 before 2.1.2.6, WN2500RPv2 before 1.0.0.54, and WNR3500Lv2 before 1.2.0.56.
CVE-2018-21091 1 Google 1 Android 2024-11-21 7.5 High
An issue was discovered on Samsung mobile devices with M(6.x) and N(7.x) software. Telecom has a System Crash via abnormal exception handling. The Samsung ID is SVE-2017-10906 (January 2018).
CVE-2018-21088 1 Google 1 Android 2024-11-21 7.5 High
An issue was discovered on Samsung mobile devices with N(7.x) software. An attacker can cause a reboot because InputMethodManagerService has an unprotected system service. The Samsung ID is SVE-2017-9995 (January 2018).
CVE-2018-21087 1 Google 1 Android 2024-11-21 9.8 Critical
An issue was discovered on Samsung mobile devices with L(5.x), M(6.x), and N(7.x) software. There is a vnswap heap-based buffer overflow via the store function, with resultant privilege escalation. The Samsung ID is SVE-2017-10599 (January 2018).
CVE-2018-21081 1 Google 1 Android 2024-11-21 9.1 Critical
An issue was discovered on Samsung mobile devices with N(7.x) software. In Dual Messenger, the second app can use the runtime permissions of the first app without a user's consent. The Samsung ID is SVE-2017-11018 (March 2018).
CVE-2018-21072 1 Google 1 Android 2024-11-21 9.8 Critical
An issue was discovered on Samsung mobile devices with M(6.0), N(7.x), and O(8.0) (Exynos chipsets) software. A kernel driver allows out-of-bounds Read/Write operations and possibly arbitrary code execution. The Samsung ID is SVE-2018-11358 (May 2018).
CVE-2018-21057 1 Google 1 Android 2024-11-21 9.8 Critical
An issue was discovered on Samsung mobile devices with N(7.x) O(8.x, and P(9.0) (Exynos chipsets) software. There is a stack-based buffer overflow in the Shannon Baseband. The Samsung ID is SVE-2018-12757 (September 2018).
CVE-2018-21051 1 Google 1 Android 2024-11-21 9.8 Critical
An issue was discovered on Samsung mobile devices with N(7.x) and O(8.x) (Exynos chipsets) software. There is an invalid free in the fingerprint Trustlet, leading to arbitrary code execution. The Samsung ID is SVE-2018-12853 (October 2018).
CVE-2018-21049 1 Google 1 Android 2024-11-21 9.8 Critical
An issue was discovered on Samsung mobile devices with N(7.x) and O(8.X) (Exynos chipsets) software. There is an arbitrary memory write in a Trustlet because a secure driver allows access to sensitive APIs. The Samsung ID is SVE-2018-12881 (November 2018).
CVE-2018-21035 2 Qt, Redhat 2 Qt, Enterprise Linux 2024-11-21 7.5 High
In Qt through 5.14.1, the WebSocket implementation accepts up to 2GB for frames and 2GB for messages. Smaller limits cannot be configured. This makes it easier for attackers to cause a denial of service (memory consumption).
CVE-2018-21030 1 Jupyter 1 Notebook 2024-11-21 5.3 Medium
Jupyter Notebook before 5.5.0 does not use a CSP header to treat served files as belonging to a separate origin. Thus, for example, an XSS payload can be placed in an SVG document.
CVE-2018-21028 1 Boa 1 Boa 2024-11-21 7.5 High
Boa through 0.94.14rc21 allows remote attackers to trigger a memory leak because of missing calls to the free function.
CVE-2018-21014 1 Buddyboss 1 Buddymoss Media 2024-11-21 5.4 Medium
The buddyboss-media plugin through 3.2.3 for WordPress has stored XSS.
CVE-2018-21012 1 Vsourz 1 Cf7 Invisible Recaptcha 2024-11-21 6.1 Medium
The cf7-invisible-recaptcha plugin before 1.3.2 for WordPress has XSS.
CVE-2018-21010 2 Debian, Uclouvain 2 Debian Linux, Openjpeg 2024-11-21 8.8 High
OpenJPEG before 2.3.1 has a heap buffer overflow in color_apply_icc_profile in bin/common/color.c.
CVE-2018-21001 1 Bologer 1 Anycomment 2024-11-21 N/A
The anycomment plugin before 0.0.33 for WordPress has XSS.
CVE-2018-20986 1 Advancedcustomfields 1 Advanced Custom Fields 2024-11-21 N/A
The advanced-custom-fields (aka Elliot Condon Advanced Custom Fields) plugin before 5.7.8 for WordPress has XSS by authors.