Total
314616 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2018-13155 | 1 Gemchain Project | 1 Gemchain | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| The mintToken function of a smart contract implementation for GEMCHAIN (GEM), an Ethereum token, has an integer overflow that allows the owner of the contract to set the balance of an arbitrary user to any value. | |||||
| CVE-2018-13153 | 2 Canonical, Imagemagick | 2 Ubuntu Linux, Imagemagick | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
| In ImageMagick 7.0.8-4, there is a memory leak in the XMagickCommand function in MagickCore/animate.c. | |||||
| CVE-2018-13146 | 1 Lef Project | 1 Lef | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| The mintToken, buy, and sell functions of a smart contract implementation for LEF, an Ethereum token, have an integer overflow. | |||||
| CVE-2018-13145 | 1 Javaswaptest Project | 1 Javaswaptest | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| The mintToken function of a smart contract implementation for JavaSwapTest (JST), an Ethereum token, has an integer overflow. | |||||
| CVE-2018-13144 | 1 Pandora Project | 1 Pandora | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| ** DISPUTED ** The transfer and transferFrom functions of a smart contract implementation for Pandora (PDX), an Ethereum token, have an integer overflow. NOTE: this has been disputed by a third party. | |||||
| CVE-2018-13140 | 3 Druide, Linux, Microsoft | 3 Antidote 9, Linux Kernel, Windows | 2024-11-21 | 9.3 HIGH | 8.1 HIGH |
| Druide Antidote through 9.5.1 on Windows and Linux allows remote code execution through the update mechanism by leveraging use of HTTP to download installation packages. | |||||
| CVE-2018-13139 | 2 Debian, Libsndfile Project | 2 Debian Linux, Libsndfile | 2024-11-21 | 6.8 MEDIUM | 8.8 HIGH |
| A stack-based buffer overflow in psf_memset in common.c in libsndfile 1.0.28 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted audio file. The vulnerability can be triggered by the executable sndfile-deinterleave. | |||||
| CVE-2018-13137 | 1 Pixelite | 1 Events Manager | 2024-11-21 | 3.5 LOW | 4.8 MEDIUM |
| The Events Manager plugin 5.9.4 for WordPress has XSS via the dbem_event_reapproved_email_body parameter to the wp-admin/edit.php?post_type=event&page=events-manager-options URI. | |||||
| CVE-2018-13136 | 1 Ultimatemember | 1 Ultimate Member | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| The Ultimate Member (aka ultimatemember) plugin before 2.0.18 for WordPress has XSS via the wp-admin settings screen. | |||||
| CVE-2018-13134 | 1 Tp-link | 2 Archer C1200, Archer C1200 Firmware | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| TP-Link Archer C1200 1.13 Build 2018/01/24 rel.52299 EU devices have XSS via the PATH_INFO to the /webpages/data URI. | |||||
| CVE-2018-13133 | 1 Goldenfrog | 1 Vyprvpn | 2024-11-21 | 4.6 MEDIUM | 7.8 HIGH |
| Golden Frog VyprVPN before 2018-06-21 has a vulnerability associated with the installation process on Windows. | |||||
| CVE-2018-13132 | 1 Spadeico Project | 1 Spadeico | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| Spadeico is a smart contract running on Ethereum. The mint function has an integer overflow that allows minted tokens to be arbitrarily retrieved by the contract owner. | |||||
| CVE-2018-13131 | 1 Spadepresale Project | 1 Spadepresale | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| SpadePreSale is a smart contract running on Ethereum. The mint function has an integer overflow that allows minted tokens to be arbitrarily retrieved by the contract owner. | |||||
| CVE-2018-13130 | 1 Bitotal | 1 Bitotal | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| Bitotal (TFUND) is a smart contract running on Ethereum. The mintTokens function has an integer overflow that allows minted tokens to be arbitrarily retrieved by the contract owner. | |||||
| CVE-2018-13129 | 1 Sp8de | 1 Sp8de | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| SP8DE Token (SPX) is a smart contract running on Ethereum. The mint function has an integer overflow that allows minted tokens to be arbitrarily retrieved by the contract owner. | |||||
| CVE-2018-13128 | 1 Etherty | 1 Etherty Token | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| Etherty Token (ETY) is a smart contract running on Ethereum. The mint function has an integer overflow that allows minted tokens to be arbitrarily retrieved by the contract owner. | |||||
| CVE-2018-13127 | 1 Sp8de | 1 Sp8de Presale Token | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| SP8DE PreSale Token (DSPX) is a smart contract running on Ethereum. The mint function has an integer overflow that allows minted tokens to be arbitrarily retrieved by the contract owner. | |||||
| CVE-2018-13126 | 1 Moxy | 1 Moxyonepresale | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| MoxyOnePresale is a smart contract running on Ethereum. The mint function has an integer overflow that allows minted tokens to be arbitrarily retrieved by the contract owner. | |||||
| CVE-2018-13123 | 1 Onefilecms | 1 Onefilecms | 2024-11-21 | 5.0 MEDIUM | 9.8 CRITICAL |
| onefilecms.php in OneFileCMS through 2017-10-08 might allow attackers to read arbitrary files via the i and f parameters, as demonstrated by ?i=etc/&f=passwd&p=raw_view for the /etc/passwd file. | |||||
| CVE-2018-13122 | 1 Onefilecms | 1 Onefilecms | 2024-11-21 | 5.5 MEDIUM | 6.5 MEDIUM |
| onefilecms.php in OneFileCMS through 2017-10-08 might allow attackers to delete arbitrary files via the Delete File(s) screen, as demonstrated by a ?i=var/www/html/&f=123.php&p=edit&p=deletefile URI. | |||||