Total
298657 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2018-20796 | 2 Gnu, Netapp | 4 Glibc, Cloud Backup, Ontap Select Deploy Administration Utility and 1 more | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| In the GNU C Library (aka glibc or libc6) through 2.29, check_dst_limits_calc_pos_1 in posix/regexec.c has Uncontrolled Recursion, as demonstrated by '(\227|)(\\1\\1|t1|\\\2537)+' in grep. | |||||
| CVE-2018-20795 | 1 Tecrail | 1 Responsive Filemanager | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| tecrail Responsive FileManager 9.13.4 allows remote attackers to read arbitrary files via path traversal with the path parameter, through the copy_cut action in ajax_calls.php and the paste_clipboard action in execute.php. | |||||
| CVE-2018-20794 | 1 Tecrail | 1 Responsive Filemanager | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| tecrail Responsive FileManager 9.13.4 allows remote attackers to write to an arbitrary image file (jpg/jpeg/png) via path traversal with the path parameter, through the save_img action in ajax_calls.php. | |||||
| CVE-2018-20793 | 1 Tecrail | 1 Responsive Filemanager | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| tecrail Responsive FileManager 9.13.4 allows remote attackers to write to an arbitrary file as a consequence of a paths[0] path traversal mitigation bypass, through the create_file action in execute.php. | |||||
| CVE-2018-20792 | 1 Tecrail | 1 Responsive Filemanager | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| tecrail Responsive FileManager 9.13.4 allows remote attackers to read arbitrary file via path traversal with the path parameter, through the get_file action in ajax_calls.php. | |||||
| CVE-2018-20791 | 1 Tecrail | 1 Responsive Filemanager | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| tecrail Responsive FileManager 9.13.4 allows XSS via a media file upload with an XSS payload in the name, because of mishandling of the media_preview action. | |||||
| CVE-2018-20790 | 1 Tecrail | 1 Responsive Filemanager | 2024-11-21 | 6.4 MEDIUM | 7.5 HIGH |
| tecrail Responsive FileManager 9.13.4 allows remote attackers to delete an arbitrary file as a consequence of a paths[0] path traversal mitigation bypass through the delete_file action in execute.php. | |||||
| CVE-2018-20789 | 1 Tecrail | 1 Responsive Filemanager | 2024-11-21 | 6.4 MEDIUM | 7.5 HIGH |
| tecrail Responsive FileManager 9.13.4 allows remote attackers to delete an arbitrary directory as a consequence of a paths[0] path traversal mitigation bypass through the delete_folder action in execute.php. | |||||
| CVE-2018-20788 | 1 Micode | 1 Xiaomi Perseus-p-oss | 2024-11-21 | 4.3 MEDIUM | 5.5 MEDIUM |
| drivers/leds/leds-aw2023.c in the led driver for custom Linux kernels on the Xiaomi Redmi 6pro daisy-o-oss phone has several integer overflows because of a left-shifting operation when the right-hand operand can be equal to or greater than the integer length. This can be exploited by a crafted application for denial of service. | |||||
| CVE-2018-20787 | 1 Micode | 1 Xiaomi Perseus-p-oss | 2024-11-21 | 7.1 HIGH | 5.5 MEDIUM |
| The ft5x46 touchscreen driver for custom Linux kernels on the Xiaomi perseus-p-oss MIX 3 device through 2018-11-26 has an integer overflow and OOPS because of missing checks of the size argument in tpdbg_write in drivers/input/touchscreen/ft5x46/ft5x46_ts.c. This is exploitable for a device crash via a syscall by a crafted application on a rooted device. | |||||
| CVE-2018-20786 | 1 Leonerd | 1 Libvterm | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| libvterm through 0+bzr726, as used in Vim and other products, mishandles certain out-of-memory conditions, leading to a denial of service (application crash), related to screen.c, state.c, and vterm.c. | |||||
| CVE-2018-20785 | 1 Neatorobotics | 14 Botvac Connected, Botvac Connected Firmware, Botvac D3 Connected and 11 more | 2024-11-21 | 4.4 MEDIUM | 7.4 HIGH |
| Secure boot bypass and memory extraction can be achieved on Neato Botvac Connected 2.2.0 devices. During startup, the AM335x secure boot feature decrypts and executes firmware. Secure boot can be bypassed by starting with certain commands to the USB serial port. Although a power cycle occurs, this does not completely reset the chip: memory contents are still in place. Also, it restarts into a boot menu that enables XMODEM upload and execution of an unsigned QNX IFS system image, thereby completing the bypass of secure boot. Moreover, the attacker can craft custom IFS data and write it to unused memory to extract all memory contents that had previously been present. This includes the original firmware and sensitive information such as Wi-Fi credentials. | |||||
| CVE-2018-20784 | 3 Canonical, Linux, Redhat | 4 Ubuntu Linux, Linux Kernel, Enterprise Linux and 1 more | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| In the Linux kernel before 4.20.2, kernel/sched/fair.c mishandles leaf cfs_rq's, which allows attackers to cause a denial of service (infinite loop in update_blocked_averages) or possibly have unspecified other impact by inducing a high load. | |||||
| CVE-2018-20783 | 2 Opensuse, Php | 2 Leap, Php | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| In PHP before 5.6.39, 7.x before 7.0.33, 7.1.x before 7.1.25, and 7.2.x before 7.2.13, a buffer over-read in PHAR reading functions may allow an attacker to read allocated or unallocated memory past the actual data when trying to parse a .phar file. This is related to phar_parse_pharfile in ext/phar/phar.c. | |||||
| CVE-2018-20782 | 1 Globee | 1 Woocommerce | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| The GloBee plugin before 1.1.2 for WooCommerce mishandles IPN messages. | |||||
| CVE-2018-20781 | 3 Canonical, Gnome, Oracle | 3 Ubuntu Linux, Gnome Keyring, Zfs Storage Appliance Kit | 2024-11-21 | 2.1 LOW | 7.8 HIGH |
| In pam/gkr-pam-module.c in GNOME Keyring before 3.27.2, the user's password is kept in a session-child process spawned from the LightDM daemon. This can expose the credential in cleartext. | |||||
| CVE-2018-20780 | 1 Traq | 1 Traq | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| Traq 3.7.1 allows admin/users/new CSRF to create an admin account (aka group_id=1). | |||||
| CVE-2018-20779 | 1 Traq | 1 Traq | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| Traq 3.7.1 allows SQL Injection via a tickets?search= URI. | |||||
| CVE-2018-20778 | 1 Frog Cms Project | 1 Frog Cms | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| admin/?/plugin/file_manager in Frog CMS 0.9.5 allows XSS by creating a new file containing a crafted attribute of an IMG element. | |||||
| CVE-2018-20777 | 1 Frog Cms Project | 1 Frog Cms | 2024-11-21 | 3.5 LOW | 5.4 MEDIUM |
| Frog CMS 0.9.5 has XSS via the admin/?/snippet/edit/1 Body field. | |||||