Total
299239 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2018-20992 | 1 Claxon Project | 1 Claxon | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
| An issue was discovered in the claxon crate before 0.4.1 for Rust. Uninitialized memory can be exposed because certain decode buffer sizes are mishandled. | |||||
| CVE-2018-20991 | 1 Servo | 1 Smallvec | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| An issue was discovered in the smallvec crate before 0.6.3 for Rust. The Iterator implementation mishandles destructors, leading to a double free. | |||||
| CVE-2018-20990 | 1 Tar Project | 1 Tar | 2024-11-21 | 6.4 MEDIUM | 7.5 HIGH |
| An issue was discovered in the tar crate before 0.4.16 for Rust. Arbitrary file overwrite can occur via a symlink or hardlink in a TAR archive. | |||||
| CVE-2018-20989 | 1 Untrusted Project | 1 Untrusted | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| An issue was discovered in the untrusted crate before 0.6.2 for Rust. Error handling can trigger an integer underflow and panic. | |||||
| CVE-2018-20988 | 1 Google Forms Project | 1 Google Forms | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| The wpgform plugin before 0.94 for WordPress has eval injection in the CAPTCHA calculation. | |||||
| CVE-2018-20987 | 1 Tribulant | 1 Newsletters | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| The newsletters-lite plugin before 4.6.8.6 for WordPress has PHP object injection. | |||||
| CVE-2018-20986 | 1 Advancedcustomfields | 1 Advanced Custom Fields | 2024-11-21 | 3.5 LOW | 5.4 MEDIUM |
| The advanced-custom-fields (aka Elliot Condon Advanced Custom Fields) plugin before 5.7.8 for WordPress has XSS by authors. | |||||
| CVE-2018-20985 | 1 Payeezy | 1 Wp Payeezy Pay | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| The wp-payeezy-pay plugin before 2.98 for WordPress has local file inclusion in pay.php, donate.php, donate-rec, and pay-rec. | |||||
| CVE-2018-20984 | 1 Patreon | 1 Patreon Wordpress | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| The patreon-connect plugin before 1.2.2 for WordPress has Object Injection. | |||||
| CVE-2018-20983 | 1 Meowapps | 1 Wp Retina 2x | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| The wp-retina-2x plugin before 5.2.3 for WordPress has XSS. | |||||
| CVE-2018-20982 | 1 Davidlingren | 1 Media Library Assistant | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| The media-library-assistant plugin before 2.74 for WordPress has XSS via the Media/Assistant or Settings/Media Library assistant admin submenu screens. | |||||
| CVE-2018-20981 | 1 Ninjaforms | 1 Ninja Forms | 2024-11-21 | 6.4 MEDIUM | 9.1 CRITICAL |
| The ninja-forms plugin before 3.3.9 for WordPress has insufficient restrictions on submission-data retrieval during Export Personal Data requests. | |||||
| CVE-2018-20980 | 1 Ninjaforms | 1 Ninja Forms | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| The ninja-forms plugin before 3.2.15 for WordPress has parameter tampering. | |||||
| CVE-2018-20979 | 1 Rocklobster | 1 Contact Form 7 | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| The contact-form-7 plugin before 5.0.4 for WordPress has privilege escalation because of capability_type mishandling in register_post_type. | |||||
| CVE-2018-20978 | 1 Soflyy | 1 Wp All Import | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| The wp-all-import plugin before 3.4.7 for WordPress has XSS. | |||||
| CVE-2018-20976 | 1 Linux | 1 Linux Kernel | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
| An issue was discovered in fs/xfs/xfs_super.c in the Linux kernel before 4.18. A use after free exists, related to xfs_fs_fill_super failure. | |||||
| CVE-2018-20975 | 1 Fatfreecrm | 1 Fat Free Crm | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| Fat Free CRM before 0.18.1 has XSS in the tags_helper in app/helpers/tags_helper.rb. | |||||
| CVE-2018-20974 | 1 Joomsky | 1 Js Job Manager | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| The js-jobs plugin before 1.0.7 for WordPress has CSRF. | |||||
| CVE-2018-20973 | 1 Codeermeneer | 1 Companion Auto Update | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| The companion-auto-update plugin before 3.2.1 for WordPress has local file inclusion. | |||||
| CVE-2018-20972 | 1 Codeermeneer | 1 Companion Auto Update | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| The companion-auto-update plugin before 3.2.1 for WordPress has CSRF. | |||||