Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (865 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2018-14634 4 Canonical, Linux, Netapp and 1 more 16 Ubuntu Linux, Linux Kernel, Active Iq Performance Analytics Services and 13 more 2024-11-21 N/A
An integer overflow flaw was found in the Linux kernel's create_elf_tables() function. An unprivileged local user with access to SUID (or otherwise privileged) binary could use this flaw to escalate their privileges on the system. Kernel versions 2.6.x, 3.10.x and 4.14.x are believed to be vulnerable.
CVE-2018-14550 3 Libpng, Netapp, Oracle 5 Libpng, Active Iq Unified Manager, Oncommand Api Services and 2 more 2024-11-21 8.8 High
An issue has been found in third-party PNM decoding associated with libpng 1.6.35. It is a stack-based buffer overflow in the function get_token in pnm2png.c in pnm2png.
CVE-2018-12099 3 Grafana, Netapp, Redhat 4 Grafana, Active Iq Performance Analytics Services, Storagegrid Webscale Nas Bridge and 1 more 2024-11-21 N/A
Grafana before 5.2.0-beta1 has XSS vulnerabilities in dashboard links.
CVE-2018-1000873 4 Fasterxml, Netapp, Oracle and 1 more 7 Jackson-modules-java8, Active Iq Unified Manager, Clusterware and 4 more 2024-11-21 6.5 Medium
Fasterxml Jackson version Before 2.9.8 contains a CWE-20: Improper Input Validation vulnerability in Jackson-Modules-Java8 that can result in Causes a denial-of-service (DoS). This attack appear to be exploitable via The victim deserializes malicious input, specifically very large values in the nanoseconds field of a time value. This vulnerability appears to have been fixed in 2.9.8.
CVE-2018-1000656 3 Netapp, Palletsprojects, Redhat 5 Active Iq, Hyper Converged Infrastructure, Ontap Select Deploy Utility and 2 more 2024-11-21 7.5 High
The Pallets Project flask version Before 0.12.3 contains a CWE-20: Improper Input Validation vulnerability in flask that can result in Large amount of memory usage possibly leading to denial of service. This attack appear to be exploitable via Attacker provides JSON data in incorrect encoding. This vulnerability appears to have been fixed in 0.12.3. NOTE: this may overlap CVE-2019-1010083.