Vulnerabilities (CVE)

Filtered by NVD-CWE-noinfo
Total 30373 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2018-1061 5 Canonical, Debian, Fedoraproject and 2 more 8 Ubuntu Linux, Debian Linux, Fedora and 5 more 2024-11-21 5.0 MEDIUM 6.5 MEDIUM
python before versions 2.7.15, 3.4.9, 3.5.6rc1, 3.6.5rc1 and 3.7.0 is vulnerable to catastrophic backtracking in the difflib.IS_LINE_JUNK method. An attacker could use this flaw to cause denial of service.
CVE-2018-1060 5 Canonical, Debian, Fedoraproject and 2 more 8 Ubuntu Linux, Debian Linux, Fedora and 5 more 2024-11-21 5.0 MEDIUM 7.5 HIGH
python before versions 2.7.15, 3.4.9, 3.5.6rc1, 3.6.5rc1 and 3.7.0 is vulnerable to catastrophic backtracking in pop3lib's apop() method. An attacker could use this flaw to cause denial of service.
CVE-2018-1058 3 Canonical, Postgresql, Redhat 3 Ubuntu Linux, Postgresql, Cloudforms 2024-11-21 6.5 MEDIUM 8.8 HIGH
A flaw was found in the way Postgresql allowed a user to modify the behavior of a query for other users. An attacker with a user account could use this flaw to execute code with the permissions of superuser in the database. Versions 9.3 through 10 are affected.
CVE-2018-1043 1 Moodle 1 Moodle 2024-11-21 4.0 MEDIUM 6.5 MEDIUM
In Moodle 3.x, the setting for blocked hosts list can be bypassed with multiple A record hostnames.
CVE-2018-1040 1 Microsoft 6 Windows 10, Windows 7, Windows 8.1 and 3 more 2024-11-21 5.4 MEDIUM 5.3 MEDIUM
A denial of service vulnerability exists in the way that the Windows Code Integrity Module performs hashing, aka "Windows Code Integrity Module Denial of Service Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers.
CVE-2018-1039 1 Microsoft 8 .net Framework, Windows 10, Windows 7 and 5 more 2024-11-21 4.6 MEDIUM 7.8 HIGH
A security feature bypass vulnerability exists in .Net Framework which could allow an attacker to bypass Device Guard, aka ".NET Framework Device Guard Security Feature Bypass Vulnerability." This affects Microsoft .NET Framework 4.7.1, Microsoft .NET Framework 4.6, Microsoft .NET Framework 3.5, Microsoft .NET Framework 4.7/4.7.1, Microsoft .NET Framework 3.0, Microsoft .NET Framework 3.5.1, Microsoft .NET Framework 4.5.2, Microsoft .NET Framework 4.6.2/4.7/4.7.1, Microsoft .NET Framework 4.6/4.6.1/4.6.2/4.7/4.7.1, Microsoft .NET Framework 2.0, Microsoft .NET Framework 4.6/4.6.1/4.6.2.
CVE-2018-1038 1 Microsoft 2 Windows 7, Windows Server 2008 2024-11-21 7.2 HIGH 7.8 HIGH
The Windows kernel in Windows 7 SP1 and Windows Server 2008 R2 SP1 allows an elevation of privilege vulnerability due to the way it handles objects in memory, aka "Windows Kernel Elevation of Privilege Vulnerability."
CVE-2018-1035 1 Microsoft 2 Windows 10, Windows Server 2016 2024-11-21 4.6 MEDIUM 5.3 MEDIUM
A security feature bypass vulnerability exists in Windows which could allow an attacker to bypass Device Guard, aka "Windows Security Feature Bypass Vulnerability." This affects Windows 10, Windows 10 Servers.
CVE-2018-1030 1 Microsoft 1 Office 2024-11-21 9.3 HIGH 8.8 HIGH
A remote code execution vulnerability exists in Microsoft Office software when the software fails to properly handle objects in memory, aka "Microsoft Office Remote Code Execution Vulnerability." This affects Microsoft Office. This CVE ID is unique from CVE-2018-1026.
CVE-2018-1029 1 Microsoft 6 Excel, Excel 2007, Excel 2010 and 3 more 2024-11-21 9.3 HIGH 7.8 HIGH
A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory, aka "Microsoft Excel Remote Code Execution Vulnerability." This affects Microsoft Excel Viewer, Microsoft Office, Microsoft Excel. This CVE ID is unique from CVE-2018-0920, CVE-2018-1011, CVE-2018-1027.
CVE-2018-1027 1 Microsoft 5 Excel, Excel 2007, Excel 2010 and 2 more 2024-11-21 9.3 HIGH 7.8 HIGH
A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory, aka "Microsoft Excel Remote Code Execution Vulnerability." This affects Microsoft Excel, Microsoft Office. This CVE ID is unique from CVE-2018-0920, CVE-2018-1011, CVE-2018-1029.
CVE-2018-1026 1 Microsoft 1 Office 2024-11-21 9.3 HIGH 8.8 HIGH
A remote code execution vulnerability exists in Microsoft Office software when the software fails to properly handle objects in memory, aka "Microsoft Office Remote Code Execution Vulnerability." This affects Microsoft Office. This CVE ID is unique from CVE-2018-1030.
CVE-2018-1025 1 Microsoft 2 Edge, Internet Explorer 2024-11-21 4.3 MEDIUM 4.3 MEDIUM
An information disclosure vulnerability exists when affected Microsoft browsers improperly handle objects in memory, aka "Microsoft Browser Information Disclosure Vulnerability." This affects Internet Explorer 11, Microsoft Edge.
CVE-2018-1021 1 Microsoft 1 Edge 2024-11-21 4.3 MEDIUM 4.3 MEDIUM
An information disclosure vulnerability exists when Microsoft Edge improperly handles objects in memory, aka "Microsoft Edge Information Disclosure Vulnerability." This affects Microsoft Edge. This CVE ID is unique from CVE-2018-8123.
CVE-2018-1011 1 Microsoft 2 Excel, Excel Rt 2024-11-21 9.3 HIGH 7.8 HIGH
A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory, aka "Microsoft Excel Remote Code Execution Vulnerability." This affects Microsoft Excel. This CVE ID is unique from CVE-2018-0920, CVE-2018-1027, CVE-2018-1029.
CVE-2018-1009 1 Microsoft 5 Windows 10, Windows 8.1, Windows Rt 8.1 and 2 more 2024-11-21 7.2 HIGH 7.8 HIGH
An elevation of privilege vulnerability exists when Windows improperly handles objects in memory and incorrectly maps kernel memory, aka "Microsoft DirectX Graphics Kernel Subsystem Elevation of Privilege Vulnerability." This affects Windows Server 2012 R2, Windows RT 8.1, Windows Server 2012, Windows Server 2016, Windows 8.1, Windows 10, Windows 10 Servers.
CVE-2018-1008 1 Microsoft 7 Windows 10, Windows 7, Windows 8.1 and 4 more 2024-11-21 6.9 MEDIUM 7.0 HIGH
An elevation of privilege vulnerability exists in Windows Adobe Type Manager Font Driver (ATMFD.dll) when it fails to properly handle objects in memory, aka "OpenType Font Driver Elevation of Privilege Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2012, Windows 8.1, Windows Server 2016, Windows Server 2008 R2, Windows 10, Windows 10 Servers.
CVE-2018-1007 1 Microsoft 1 Office 2024-11-21 2.6 LOW 5.3 MEDIUM
An information disclosure vulnerability exists when Microsoft Office improperly discloses the contents of its memory, aka "Microsoft Office Information Disclosure Vulnerability." This affects Microsoft Office. This CVE ID is unique from CVE-2018-0950.
CVE-2018-19965 3 Citrix, Debian, Xen 3 Xenserver, Debian Linux, Xen 2024-11-21 4.7 MEDIUM 5.6 MEDIUM
An issue was discovered in Xen through 4.11.x allowing 64-bit PV guest OS users to cause a denial of service (host OS crash) because #GP[0] can occur after a non-canonical address is passed to the TLB flushing code. NOTE: this issue exists because of an incorrect CVE-2017-5754 (aka Meltdown) mitigation.
CVE-2018-19964 1 Xen 1 Xen 2024-11-21 4.9 MEDIUM 6.5 MEDIUM
An issue was discovered in Xen 4.11.x allowing x86 guest OS users to cause a denial of service (host OS hang) because the p2m lock remains unavailable indefinitely in certain error conditions.