Total
320826 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2018-0608 | 1 Dena | 1 H2o | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| Buffer overflow in H2O version 2.2.4 and earlier allows remote attackers to execute arbitrary code or cause a denial of service (DoS) via unspecified vectors. | |||||
| CVE-2018-0607 | 1 Cybozu | 1 Garoon | 2024-11-21 | 6.5 MEDIUM | 8.8 HIGH |
| SQL injection vulnerability in the Notifications application in the Cybozu Garoon 3.5.0 to 4.6.2 allows remote authenticated attackers to execute arbitrary SQL commands via unspecified vectors. | |||||
| CVE-2018-0606 | 1 Pixelpost | 1 Pixelpost | 2024-11-21 | 6.5 MEDIUM | 7.2 HIGH |
| SQL injection vulnerability in the Pixelpost v1.7.3 and earlier allows remote authenticated attackers to execute arbitrary SQL commands via unspecified vectors. | |||||
| CVE-2018-0605 | 1 Pixelpost | 1 Pixelpost | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| Cross-site scripting vulnerability in Pixelpost v1.7.3 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | |||||
| CVE-2018-0604 | 1 Pixelpost | 1 Pixelpost | 2024-11-21 | 6.5 MEDIUM | 7.2 HIGH |
| Pixelpost v1.7.3 and earlier allows remote code execution via unspecified vectors. | |||||
| CVE-2018-0603 | 1 Geminilabs | 1 Site Reviews | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| Cross-site scripting vulnerability in Site Reviews versions prior to 2.15.3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | |||||
| CVE-2018-0602 | 1 Email Subscribers \& Newsletters Project | 1 Email Subscribers \& Newsletters | 2024-11-21 | 4.3 MEDIUM | 6.1 MEDIUM |
| Cross-site scripting vulnerability in Email Subscribers & Newsletters versions prior to 3.5.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | |||||
| CVE-2018-0601 | 1 Axpdfium Project | 1 Axpdfium | 2024-11-21 | 9.3 HIGH | 7.8 HIGH |
| Untrusted search path vulnerability in axpdfium v0.01 allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. | |||||
| CVE-2018-0600 | 2 Microsoft, Sony | 2 Windows, Playmemories Home | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| Untrusted search path vulnerability in the installer of PlayMemories Home for Windows ver.5.5.01 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. | |||||
| CVE-2018-0599 | 1 Microsoft | 1 Windows | 2024-11-21 | 9.3 HIGH | 7.8 HIGH |
| Untrusted search path vulnerability in the installer of Visual C++ Redistributable allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. | |||||
| CVE-2018-0598 | 1 Microsoft | 1 Windows | 2024-11-21 | 9.3 HIGH | 7.8 HIGH |
| Untrusted search path vulnerability in Self-extracting archive files created by IExpress bundled with Microsoft Windows allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. | |||||
| CVE-2018-0597 | 1 Microsoft | 1 Visual Studio Code | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| Untrusted search path vulnerability in the installer of Visual Studio Code allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. | |||||
| CVE-2018-0596 | 1 Microsoft | 1 Visual Studio Community | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| Untrusted search path vulnerability in the installer of Visual Studio Community allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. | |||||
| CVE-2018-0595 | 1 Microsoft | 2 Skype, Windows | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| Untrusted search path vulnerability in the installer of Skype for Windows allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. | |||||
| CVE-2018-0594 | 1 Microsoft | 2 Skype, Windows | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| Untrusted search path vulnerability in Skype for Windows allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. | |||||
| CVE-2018-0593 | 1 Microsoft | 1 Onedrive | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| Untrusted search path vulnerability in the installer of Microsoft OneDrive allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. | |||||
| CVE-2018-0592 | 1 Microsoft | 1 Onedrive | 2024-11-21 | 6.8 MEDIUM | 7.8 HIGH |
| Untrusted search path vulnerability in Microsoft OneDrive allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. | |||||
| CVE-2018-0591 | 1 T-joy | 1 Kinepass | 2024-11-21 | 4.3 MEDIUM | 5.9 MEDIUM |
| The KINEPASS App for Android Ver 3.1.1 and earlier, and for iOS Ver 3.1.2 and earlier do not verify X.509 certificates from SSL servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate. | |||||
| CVE-2018-0590 | 1 Ultimatemember | 1 User Profile \& Membership | 2024-11-21 | 4.0 MEDIUM | 4.3 MEDIUM |
| Ultimate Member plugin prior to version 2.0.4 for WordPress allows remote authenticated attackers to bypass access restriction to modify the other users profiles via unspecified vectors. | |||||
| CVE-2018-0589 | 1 Ultimatemember | 1 User Profile \& Membership | 2024-11-21 | 4.0 MEDIUM | 4.3 MEDIUM |
| Ultimate Member plugin prior to version 2.0.4 for WordPress allows remote authenticated attackers to bypass access restriction to add a new form in the 'Forms' page via unspecified vectors. | |||||