CWE-78 CVEs and Security Vulnerabilities

Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (18384 CVEs found)

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2018-0637	1 Nec	2 Aterm Hc100rc, Aterm Hc100rc Firmware	2024-11-21	N/A
Aterm HC100RC Ver1.0.1 and earlier allows attacker with administrator rights to execute arbitrary OS commands via export.cgi encKey parameter.
CVE-2018-0636	1 Nec	2 Aterm Hc100rc, Aterm Hc100rc Firmware	2024-11-21	N/A
Aterm HC100RC Ver1.0.1 and earlier allows attacker with administrator rights to execute arbitrary OS commands via FactoryPassword parameter of a certain URL, different URL from CVE-2018-0634.
CVE-2018-0635	1 Nec	2 Aterm Hc100rc, Aterm Hc100rc Firmware	2024-11-21	N/A
Aterm HC100RC Ver1.0.1 and earlier allows attacker with administrator rights to execute arbitrary OS commands via filename parameter.
CVE-2018-0634	1 Nec	2 Aterm Hc100rc, Aterm Hc100rc Firmware	2024-11-21	N/A
Aterm HC100RC Ver1.0.1 and earlier allows attacker with administrator rights to execute arbitrary OS commands via FactoryPassword parameter or bootmode parameter of a certain URL.
CVE-2018-0631	1 Nec	2 Aterm W300p, Aterm W300p Firmware	2024-11-21	N/A
Aterm W300P Ver1.0.13 and earlier allows attacker with administrator rights to execute arbitrary OS commands via targetAPSsid parameter.
CVE-2018-0630	1 Nec	2 Aterm W300p, Aterm W300p Firmware	2024-11-21	N/A
Aterm W300P Ver1.0.13 and earlier allows attacker with administrator rights to execute arbitrary OS commands via sysCmd parameter.
CVE-2018-0629	1 Nec	2 Aterm W300p, Aterm W300p Firmware	2024-11-21	N/A
Aterm W300P Ver1.0.13 and earlier allows attacker with administrator rights to execute arbitrary OS commands via HTTP request and response.
CVE-2018-0628	1 Nec	2 Aterm Wg1200hp, Aterm Wg1200hp Firmware	2024-11-21	N/A
Aterm WG1200HP firmware Ver1.0.31 and earlier allows attacker with administrator rights to execute arbitrary OS commands via HTTP request and response.
CVE-2018-0627	1 Nec	2 Aterm Wg1200hp, Aterm Wg1200hp Firmware	2024-11-21	N/A
Aterm WG1200HP firmware Ver1.0.31 and earlier allows attacker with administrator rights to execute arbitrary OS commands via targetAPSsid parameter.
CVE-2018-0626	1 Nec	2 Aterm Wg1200hp, Aterm Wg1200hp Firmware	2024-11-21	N/A
Aterm WG1200HP firmware Ver1.0.31 and earlier allows attacker with administrator rights to execute arbitrary OS commands via sysCmd in formWsc parameter.
CVE-2018-0625	1 Nec	2 Aterm Wg1200hp, Aterm Wg1200hp Firmware	2024-11-21	N/A
Aterm WG1200HP firmware Ver1.0.31 and earlier allows attacker with administrator rights to execute arbitrary OS commands via formSysCmd parameter.
CVE-2018-0569	1 Basercms	1 Basercms	2024-11-21	N/A
baserCMS (baserCMS 4.1.0.1 and earlier versions, baserCMS 3.0.15 and earlier versions) allows remote authenticated attackers to execute arbitrary OS commands via unspecified vectors.
CVE-2018-0556	1 Buffalo	2 Wzr-1750dhp2, Wzr-1750dhp2 Firmware	2024-11-21	N/A
Buffalo WZR-1750DHP2 Ver.2.30 and earlier allows an attacker to execute arbitrary OS commands via unspecified vectors.
CVE-2018-0545	1 Lxr Project	1 Lxr	2024-11-21	N/A
LXR version 1.0.0 to 2.3.0 allows remote attackers to execute arbitrary OS commands via unspecified vectors.
CVE-2018-0539	1 Qqq Systems Project	1 Qqq Systems	2024-11-21	N/A
QQQ SYSTEMS version 2.24 allows an attacker to execute arbitrary commands via unspecified vectors.
CVE-2018-0523	1 Buffalo	2 Wxr-1900dhp2, Wxr-1900dhp2 Firmware	2024-11-21	N/A
Buffalo WXR-1900DHP2 firmware Ver.2.48 and earlier allows an attacker to execute arbitrary OS commands via unspecified vectors.
CVE-2018-0514	1 Futomi	1 Mp Form Mail Cgi	2024-11-21	N/A
MP Form Mail CGI eCommerce Edition Ver 2.0.13 and earlier allows remote attackers to execute arbitrary OS commands via unspecified vectors.
CVE-2018-0512	1 Iodata	90 Bx-vp1, Bx-vp1 Firmware, Gv-ntx1 and 87 more	2024-11-21	N/A
Devices with IP address setting tool "MagicalFinder" provided by I-O DATA DEVICE, INC. allow authenticated attackers to execute arbitrary OS commands via unspecified vectors.
CVE-2018-0506	1 Nootka Project	1 Nootka	2024-11-21	N/A
Nootka 1.4.4 and earlier allows remote attackers to execute arbitrary OS commands via unspecified vectors.
CVE-2018-0500	3 Canonical, Haxx, Redhat	3 Ubuntu Linux, Curl, Jboss Core Services	2024-11-21	N/A
Curl_smtp_escape_eob in lib/smtp.c in curl 7.54.1 to and including curl 7.60.0 has a heap-based buffer overflow that might be exploitable by an attacker who can control the data that curl transmits over SMTP with certain settings (i.e., use of a nonstandard --limit-rate argument or CURLOPT_BUFFERSIZE value).

« first previous Page 883 of 920. next last »